Acl.h
Go to the documentation of this file.
1 /*
2  * Copyright (C) 1996-2017 The Squid Software Foundation and contributors
3  *
4  * Squid software is distributed under GPLv2+ license and includes
5  * contributions from numerous individuals and organizations.
6  * Please see the COPYING and CONTRIBUTORS files for details.
7  */
8 
9 #ifndef SQUID_ACL_H
10 #define SQUID_ACL_H
11 
12 #include "acl/forward.h"
13 #include "acl/Options.h"
14 #include "cbdata.h"
15 #include "defines.h"
16 #include "dlink.h"
17 #include "sbuf/forward.h"
18 
19 #include <algorithm>
20 #include <ostream>
21 
22 class ConfigParser;
23 
24 namespace Acl {
25 
27 typedef const char *TypeName;
29 typedef ACL *(*Maker)(TypeName typeName);
31 void RegisterMaker(TypeName typeName, Maker maker);
32 
33 } // namespace Acl
34 
39 class ACL
40 {
41 
42 public:
43  void *operator new(size_t);
44  void operator delete(void *);
45 
46  static void ParseAclLine(ConfigParser &parser, ACL ** head);
47  static void Initialize();
48  static ACL *FindByName(const char *name);
49 
50  ACL();
51  virtual ~ACL();
52 
54  void context(const char *name, const char *configuration);
55 
60  bool matches(ACLChecklist *checklist) const;
61 
63  virtual const Acl::Options &options() { return Acl::NoOptions(); }
64 
66  virtual void parseFlags();
67 
69  virtual void parse() = 0;
70  virtual char const *typeString() const = 0;
71  virtual bool isProxyAuth() const;
72  virtual SBufList dump() const = 0;
73  virtual bool empty() const = 0;
74  virtual bool valid() const;
75 
76  int cacheMatchAcl(dlink_list * cache, ACLChecklist *);
77  virtual int matchForCache(ACLChecklist *checklist);
78 
79  virtual void prepareForUse() {}
80 
82 
83  char name[ACL_NAME_SZ];
84  char *cfgline;
85  ACL *next; // XXX: remove or at least use refcounting
86  bool registered;
87 
88 private:
90  virtual int match(ACLChecklist *checklist) = 0; // XXX: missing const
91 
93  virtual bool requiresAle() const;
95  virtual bool requiresRequest() const;
97  virtual bool requiresReply() const;
98 };
99 
101 typedef enum {
102  // Authorization ACL result states
106 
107  // Authentication ACL result states
108  ACCESS_AUTH_REQUIRED, // Missing Credentials
109 } aclMatchCode;
110 
113 class allow_t
114 {
115 public:
116  // not explicit: allow "aclMatchCode to allow_t" conversions (for now)
117  allow_t(const aclMatchCode aCode, int aKind = 0): code(aCode), kind(aKind) {}
118 
120 
121  bool operator ==(const aclMatchCode aCode) const {
122  return code == aCode;
123  }
124 
125  bool operator !=(const aclMatchCode aCode) const {
126  return !(*this == aCode);
127  }
128 
129  bool operator ==(const allow_t allow) const {
130  return code == allow.code && kind == allow.kind;
131  }
132 
133  operator aclMatchCode() const {
134  return code;
135  }
136 
141  bool allowed() const { return code == ACCESS_ALLOWED; }
142 
147  bool denied() const { return code == ACCESS_DENIED; }
148 
150  bool conflicted() const { return !allowed() && !denied(); }
151 
153  int kind;
154 };
155 
156 inline std::ostream &
157 operator <<(std::ostream &o, const allow_t a)
158 {
159  switch (a) {
160  case ACCESS_DENIED:
161  o << "DENIED";
162  break;
163  case ACCESS_ALLOWED:
164  o << "ALLOWED";
165  break;
166  case ACCESS_DUNNO:
167  o << "DUNNO";
168  break;
170  o << "AUTH_REQUIRED";
171  break;
172  }
173  return o;
174 }
175 
178 {
180 
181 public:
182  acl_proxy_auth_match_cache(int matchRv, void * aclData) :
183  matchrv(matchRv),
184  acl_data(aclData)
185  {}
186 
188  int matchrv;
189  void *acl_data;
190 };
191 
194 extern const char *AclMatchedName; /* NULL */
195 
196 #endif /* SQUID_ACL_H */
197 
int cacheMatchAcl(dlink_list *cache, ACLChecklist *)
Definition: Acl.cc:333
std::ostream & operator<<(std::ostream &o, const allow_t a)
Definition: Acl.h:157
virtual const Acl::Options & options()
Definition: Acl.h:63
Definition: Acl.h:113
Definition: Acl.h:39
allow_t()
Definition: Acl.h:119
ACL *(* Maker)(TypeName typeName)
a "factory" function for making ACL objects (of some ACL child type)
Definition: Acl.h:29
virtual ~ACL()
Definition: Acl.cc:396
const char * TypeName
the ACL type name known to admins
Definition: Acl.h:27
virtual bool requiresAle() const
whether our (i.e. shallow) match() requires checklist to have a AccessLogEntry
Definition: Acl.cc:375
bool operator==(const aclMatchCode aCode) const
Definition: Acl.h:121
SBufList dumpOptions()
Definition: Acl.cc:296
ACL * next
Definition: Acl.h:85
bool matches(ACLChecklist *checklist) const
Definition: Acl.cc:121
#define ACL_NAME_SZ
Definition: forward.h:40
aclMatchCode code
ACCESS_* code.
Definition: Acl.h:152
MEMPROXY_CLASS(acl_proxy_auth_match_cache)
int kind
which custom access list verb matched
Definition: Acl.h:153
static ACL * FindByName(const char *name)
Definition: Acl.cc:93
acl_proxy_auth_match_cache(int matchRv, void *aclData)
Definition: Acl.h:182
bool allowed() const
Definition: Acl.h:141
allow_t(const aclMatchCode aCode, int aKind=0)
Definition: Acl.h:117
virtual int match(ACLChecklist *checklist)=0
Matches the actual data in checklist against this ACL.
bool conflicted() const
whether Squid is uncertain about the allowed() or denied() answer
Definition: Acl.h:150
const char * AclMatchedName
Definition: Acl.cc:30
bool operator!=(const aclMatchCode aCode) const
Definition: Acl.h:125
ACL()
Definition: Acl.cc:107
static void Initialize()
Definition: Acl.cc:404
std::list< SBuf > SBufList
Definition: forward.h:26
static void ParseAclLine(ConfigParser &parser, ACL **head)
Definition: Acl.cc:168
virtual bool valid() const
Definition: Acl.cc:115
char * cfgline
Definition: Acl.h:84
void RegisterMaker(TypeName typeName, Maker maker)
use the given ACL Maker for all ACLs of the named type
Definition: Acl.cc:72
bool denied() const
Definition: Acl.h:147
std::map< OptionName, const Option *, OptionNameCmp > Options
name:option map
Definition: Options.h:159
int const char size_t
Definition: stub_liblog.cc:84
aclMatchCode
Definition: Acl.h:101
virtual void parse()=0
parses node represenation in squid.conf; dies on failures
int a
Definition: membanger.c:50
char name[ACL_NAME_SZ]
Definition: Acl.h:83
virtual bool isProxyAuth() const
Definition: Acl.cc:283
virtual bool requiresRequest() const
whether our (i.e. shallow) match() requires checklist to have a request
Definition: Acl.cc:387
virtual int matchForCache(ACLChecklist *checklist)
Definition: Acl.cc:315
virtual void prepareForUse()
Definition: Acl.h:79
virtual char const * typeString() const =0
virtual bool empty() const =0
const Options & NoOptions()
Definition: Options.cc:247
void context(const char *name, const char *configuration)
sets user-specified ACL name and squid.conf context
Definition: Acl.cc:157
virtual bool requiresReply() const
whether our (i.e. shallow) match() requires checklist to have a reply
Definition: Acl.cc:381
squidaio_request_t * head
Definition: aiops.cc:127
virtual void parseFlags()
configures ACL options, throwing on configuration errors
Definition: Acl.cc:289
virtual SBufList dump() const =0
bool registered
added to the global list of ACLs via aclRegister()
Definition: Acl.h:86

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors