Acl.h
Go to the documentation of this file.
1 /*
2  * Copyright (C) 1996-2019 The Squid Software Foundation and contributors
3  *
4  * Squid software is distributed under GPLv2+ license and includes
5  * contributions from numerous individuals and organizations.
6  * Please see the COPYING and CONTRIBUTORS files for details.
7  */
8 
9 #ifndef SQUID_ACL_H
10 #define SQUID_ACL_H
11 
12 #include "acl/forward.h"
13 #include "acl/Options.h"
14 #include "cbdata.h"
15 #include "defines.h"
16 #include "dlink.h"
17 #include "sbuf/forward.h"
18 
19 #include <algorithm>
20 #include <ostream>
21 
22 class ConfigParser;
23 
24 namespace Acl {
25 
27 typedef const char *TypeName;
29 typedef ACL *(*Maker)(TypeName typeName);
31 void RegisterMaker(TypeName typeName, Maker maker);
32 
33 } // namespace Acl
34 
39 class ACL
40 {
41 
42 public:
43  void *operator new(size_t);
44  void operator delete(void *);
45 
46  static void ParseAclLine(ConfigParser &parser, ACL ** head);
47  static void Initialize();
48  static ACL *FindByName(const char *name);
49 
50  ACL();
51  virtual ~ACL();
52 
54  void context(const char *name, const char *configuration);
55 
60  bool matches(ACLChecklist *checklist) const;
61 
63  virtual const Acl::Options &options() { return Acl::NoOptions(); }
64 
66  virtual void parseFlags();
67 
69  virtual void parse() = 0;
70  virtual char const *typeString() const = 0;
71  virtual bool isProxyAuth() const;
72  virtual SBufList dump() const = 0;
73  virtual bool empty() const = 0;
74  virtual bool valid() const;
75 
76  int cacheMatchAcl(dlink_list * cache, ACLChecklist *);
77  virtual int matchForCache(ACLChecklist *checklist);
78 
79  virtual void prepareForUse() {}
80 
81  SBufList dumpOptions();
82 
83  char name[ACL_NAME_SZ];
84  char *cfgline;
85  ACL *next; // XXX: remove or at least use refcounting
86  bool registered;
87 
88 private:
90  virtual int match(ACLChecklist *checklist) = 0; // XXX: missing const
91 
93  virtual bool requiresAle() const;
95  virtual bool requiresRequest() const;
97  virtual bool requiresReply() const;
98 };
99 
101 typedef enum {
102  // Authorization ACL result states
106 
107  // Authentication ACL result states
108  ACCESS_AUTH_REQUIRED, // Missing Credentials
109 } aclMatchCode;
110 
113 namespace Acl {
114 
115 class Answer
116 {
117 public:
118  // not explicit: allow "aclMatchCode to Acl::Answer" conversions (for now)
119  Answer(const aclMatchCode aCode, int aKind = 0): code(aCode), kind(aKind) {}
120 
121  Answer(): code(ACCESS_DUNNO), kind(0) {}
122 
123  bool operator ==(const aclMatchCode aCode) const {
124  return code == aCode;
125  }
126 
127  bool operator !=(const aclMatchCode aCode) const {
128  return !(*this == aCode);
129  }
130 
131  bool operator ==(const Answer allow) const {
132  return code == allow.code && kind == allow.kind;
133  }
134 
135  operator aclMatchCode() const {
136  return code;
137  }
138 
143  bool allowed() const { return code == ACCESS_ALLOWED; }
144 
149  bool denied() const { return code == ACCESS_DENIED; }
150 
152  bool conflicted() const { return !allowed() && !denied(); }
153 
155  int kind;
156 };
157 
158 } // namespace Acl
159 
160 inline std::ostream &
161 operator <<(std::ostream &o, const Acl::Answer a)
162 {
163  switch (a) {
164  case ACCESS_DENIED:
165  o << "DENIED";
166  break;
167  case ACCESS_ALLOWED:
168  o << "ALLOWED";
169  break;
170  case ACCESS_DUNNO:
171  o << "DUNNO";
172  break;
174  o << "AUTH_REQUIRED";
175  break;
176  }
177  return o;
178 }
179 
182 {
184 
185 public:
186  acl_proxy_auth_match_cache(int matchRv, void * aclData) :
187  matchrv(matchRv),
188  acl_data(aclData)
189  {}
190 
192  int matchrv;
193  void *acl_data;
194 };
195 
198 extern const char *AclMatchedName; /* NULL */
199 
200 #endif /* SQUID_ACL_H */
201 
virtual const Acl::Options & options()
Definition: Acl.h:63
#define MEMPROXY_CLASS(CLASS)
Definition: Acl.h:39
static struct node * parse(FILE *fp)
Definition: parse.c:995
const char * TypeName
the ACL type name known to admins
Definition: Acl.h:27
Answer()
Definition: Acl.h:121
ACL * next
Definition: Acl.h:85
Definition: Acl.cc:32
#define ACL_NAME_SZ
Definition: forward.h:40
bool allowed() const
Definition: Acl.h:143
acl_proxy_auth_match_cache(int matchRv, void *aclData)
Definition: Acl.h:186
std::ostream & operator<<(std::ostream &o, const Acl::Answer a)
Definition: Acl.h:161
aclMatchCode code
ACCESS_* code.
Definition: Acl.h:154
bool operator==(ESIElement const *lhs, ESIElement::Pointer const &rhs)
Definition: Esi.cc:76
const char * AclMatchedName
Definition: Acl.cc:30
bool operator!=(const PoolingAllocator< L > &l, const PoolingAllocator< R > &r) noexcept
std::list< SBuf > SBufList
Definition: forward.h:22
char * cfgline
Definition: Acl.h:84
unsigned char code
Definition: html_quote.c:20
int kind
which custom access list verb matched
Definition: Acl.h:155
void Initialize()
Definition: support.cc:479
void RegisterMaker(TypeName typeName, Maker maker)
use the given ACL Maker for all ACLs of the named type
Definition: Acl.cc:72
std::map< OptionName, const Option *, OptionNameCmp > Options
name:option map
Definition: Options.h:159
int const char size_t
Definition: stub_liblog.cc:86
aclMatchCode
Definition: Acl.h:101
int a
Definition: membanger.c:50
bool match(const char *fn, const REList *list)
Definition: purge.cc:398
bool denied() const
Definition: Acl.h:149
virtual void prepareForUse()
Definition: Acl.h:79
const Options & NoOptions()
Definition: Options.cc:247
ACL *(* Maker)(TypeName typeName)
a "factory" function for making ACL objects (of some ACL child type)
Definition: Acl.h:29
squidaio_request_t * head
Definition: aiops.cc:127
Answer(const aclMatchCode aCode, int aKind=0)
Definition: Acl.h:119
bool conflicted() const
whether Squid is uncertain about the allowed() or denied() answer
Definition: Acl.h:152
bool registered
added to the global list of ACLs via aclRegister()
Definition: Acl.h:86

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors