HttpUpgradeProtocolAccess.h
Go to the documentation of this file.
1/*
2 * Copyright (C) 1996-2022 The Squid Software Foundation and contributors
3 *
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
7 */
8
9#ifndef SQUID_HTTP_UPGRADE_H
10#define SQUID_HTTP_UPGRADE_H
11
12#include "acl/forward.h"
13#include "sbuf/SBuf.h"
14
15#include <map>
16
19{
20public:
21 ProtocolView(const char * const start, const size_t len);
22 explicit ProtocolView(const SBuf &proto);
23
26};
27
28std::ostream &operator <<(std::ostream &, const ProtocolView &);
29
30// HTTP is not explicit about case sensitivity of Upgrade protocol strings, but
31// there are bug reports showing different case variants used for WebSocket. We
32// conservatively preserve the received case and compare case-sensitively.
33
36inline bool
37vAinB(const ProtocolView &a, const ProtocolView &b)
38{
39 // Optimization: Do not assert(a.name == b.name).
40 return b.version.isEmpty() || (a.version == b.version);
41}
42
45{
46public:
49 HttpUpgradeProtocolAccess(HttpUpgradeProtocolAccess &&) = delete; // no copying of any kind
50
52 const acl_access *findGuard(const SBuf &proto) const;
53
56
58 template <typename Visitor> inline void forEach(const Visitor &) const;
59
62 template <typename Visitor> inline void forApplicable(const ProtocolView &, const Visitor &) const;
63
64private:
67 {
68 public:
69 NamedGuard(const char *rawProtocol, acl_access*);
70 NamedGuard(const NamedGuard &&) = delete; // no copying of any kind
72
73 const SBuf protocol;
75 acl_access *guard = nullptr;
76 };
77
79 typedef std::deque<NamedGuard> NamedGuards;
80
82 static const SBuf ProtoOther;
83
86
88 acl_access *other = nullptr;
89};
90
91template <typename Visitor>
92inline void
93HttpUpgradeProtocolAccess::forEach(const Visitor &visitor) const
94{
95 for (const auto &namedGuard: namedGuards)
96 visitor(namedGuard.protocol, namedGuard.guard);
97 if (other)
98 visitor(ProtoOther, other);
99}
100
101template <typename Visitor>
102inline void
103HttpUpgradeProtocolAccess::forApplicable(const ProtocolView &offer, const Visitor &visitor) const
104{
105 auto seenApplicable = false;
106 for (const auto &namedGuard: namedGuards) {
107 if (offer.name != namedGuard.proto.name)
108 continue;
109 if (vAinB(offer, namedGuard.proto) && visitor(namedGuard.protocol, namedGuard.guard))
110 return;
111 seenApplicable = true; // may already be true
112 }
113 if (!seenApplicable && other) // OTHER is applicable if named rules were not
114 (void)visitor(ProtoOther, other);
115}
116
117#endif /* SQUID_HTTP_UPGRADE_H */
118
bool vAinB(const ProtocolView &a, const ProtocolView &b)
std::ostream & operator<<(std::ostream &, const ProtocolView &)
#define acl_access
Definition: forward.h:45
a single configured access rule for an explicitly named protocol
NamedGuard(const NamedGuard &&)=delete
NamedGuard(const char *rawProtocol, acl_access *)
acl_access * guard
configured access rule; never nil
const SBuf protocol
configured protocol name (and version)
const ProtocolView proto
optimization: compiled this->protocol
Allows or blocks HTTP Upgrade protocols (see http_upgrade_request_protocols)
void configureGuard(ConfigParser &)
parses a single allow/deny rule
HttpUpgradeProtocolAccess(HttpUpgradeProtocolAccess &&)=delete
const acl_access * findGuard(const SBuf &proto) const
std::deque< NamedGuard > NamedGuards
maps HTTP Upgrade protocol name/version to the ACLs guarding its usage
acl_access * other
OTHER rules governing unnamed protocols.
void forEach(const Visitor &) const
iterates over all configured rules, calling the given visitor
void forApplicable(const ProtocolView &, const Visitor &) const
static const SBuf ProtoOther
pseudonym to specify rules for "all other protocols"
NamedGuards namedGuards
rules governing upgrades to explicitly named protocols
HttpUpgradeProtocolAccess()=default
a reference to a protocol name[/version] string; no 0-termination is assumed
ProtocolView(const char *const start, const size_t len)
SBuf version
everything after the name, including the slash('/')
SBuf name
everything up to (but excluding) the first slash('/')
Definition: SBuf.h:94
bool isEmpty() const
Definition: SBuf.h:431

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors