cache_manager.cc
Go to the documentation of this file.
1 /*
2  * Copyright (C) 1996-2019 The Squid Software Foundation and contributors
3  *
4  * Squid software is distributed under GPLv2+ license and includes
5  * contributions from numerous individuals and organizations.
6  * Please see the COPYING and CONTRIBUTORS files for details.
7  */
8 
9 /* DEBUG: section 16 Cache Manager Objects */
10 
11 #include "squid.h"
12 #include "AccessLogEntry.h"
13 #include "base/TextException.h"
14 #include "CacheManager.h"
15 #include "comm/Connection.h"
16 #include "Debug.h"
17 #include "errorpage.h"
18 #include "fde.h"
19 #include "HttpReply.h"
20 #include "HttpRequest.h"
21 #include "mgr/Action.h"
22 #include "mgr/ActionCreator.h"
23 #include "mgr/ActionPasswordList.h"
24 #include "mgr/ActionProfile.h"
25 #include "mgr/BasicActions.h"
26 #include "mgr/Command.h"
27 #include "mgr/Forwarder.h"
28 #include "mgr/FunAction.h"
29 #include "mgr/QueryParams.h"
30 #include "protos.h"
31 #include "SquidConfig.h"
32 #include "SquidTime.h"
33 #include "Store.h"
34 #include "tools.h"
35 #include "wordlist.h"
36 
37 #include <algorithm>
38 
40 #define MGR_PASSWD_SZ 128
41 
44 {
45 public:
47 
48 public:
49  ClassActionCreator(Handler *aHandler): handler(aHandler) {}
50 
52  return handler(cmd);
53  }
54 
55 private:
57 };
58 
60 void
62 {
63  Must(profile != NULL);
64  if (!CacheManager::findAction(profile->name)) {
65  menu_.push_back(profile);
66  debugs(16, 3, HERE << "registered profile: " << *profile);
67  } else {
68  debugs(16, 2, HERE << "skipped duplicate profile: " << *profile);
69  }
70 }
71 
78 void
79 CacheManager::registerProfile(char const * action, char const * desc, OBJH * handler, int pw_req_flag, int atomic)
80 {
81  debugs(16, 3, HERE << "registering legacy " << action);
82  const Mgr::ActionProfile::Pointer profile = new Mgr::ActionProfile(action,
83  desc, pw_req_flag, atomic, new Mgr::FunActionCreator(handler));
84  registerProfile(profile);
85 }
86 
93 void
94 CacheManager::registerProfile(char const * action, char const * desc,
96  int pw_req_flag, int atomic)
97 {
99  desc, pw_req_flag, atomic, new ClassActionCreator(handler));
100  registerProfile(profile);
101 }
102 
110 CacheManager::findAction(char const * action) const
111 {
112  Must(action != NULL);
113  Menu::const_iterator a;
114 
115  debugs(16, 5, "CacheManager::findAction: looking for action " << action);
116  for (a = menu_.begin(); a != menu_.end(); ++a) {
117  if (0 == strcmp((*a)->name, action)) {
118  debugs(16, 6, " found");
119  return *a;
120  }
121  }
122 
123  debugs(16, 6, "Action not found.");
124  return Mgr::ActionProfilePointer();
125 }
126 
128 CacheManager::createNamedAction(const char *actionName)
129 {
130  Must(actionName);
131 
133  cmd->profile = findAction(actionName);
134  cmd->params.actionName = actionName;
135 
136  Must(cmd->profile != NULL);
137  return cmd->profile->creator->create(cmd);
138 }
139 
142 {
144  cmd->params = params;
145  cmd->profile = findAction(params.actionName.termedBuf());
146  Must(cmd->profile != NULL);
147  return cmd->profile->creator->create(cmd);
148 }
149 
159 CacheManager::ParseUrl(const char *url)
160 {
161  int t;
162  LOCAL_ARRAY(char, host, MAX_URL);
163  LOCAL_ARRAY(char, request, MAX_URL);
164  LOCAL_ARRAY(char, password, MAX_URL);
165  LOCAL_ARRAY(char, params, MAX_URL);
166  host[0] = 0;
167  request[0] = 0;
168  password[0] = 0;
169  params[0] = 0;
170  int pos = -1;
171  int len = strlen(url);
172  Must(len > 0);
173  t = sscanf(url, "cache_object://%[^/]/%[^@?]%n@%[^?]?%s", host, request, &pos, password, params);
174  if (t < 3) {
175  t = sscanf(url, "cache_object://%[^/]/%[^?]%n?%s", host, request, &pos, params);
176  }
177  if (t < 1) {
178  t = sscanf(url, "http://%[^/]/squid-internal-mgr/%[^?]%n?%s", host, request, &pos, params);
179  }
180  if (t < 1) {
181  t = sscanf(url, "https://%[^/]/squid-internal-mgr/%[^?]%n?%s", host, request, &pos, params);
182  }
183  if (t < 2) {
184  if (strncmp("cache_object://",url,15)==0)
185  xstrncpy(request, "menu", MAX_URL);
186  else
187  xstrncpy(request, "index", MAX_URL);
188  }
189 
190 #if _SQUID_OS2_
191  if (t == 2 && request[0] == '\0') {
192  /*
193  * emx's sscanf insists of returning 2 because it sets request
194  * to null
195  */
196  if (strncmp("cache_object://",url,15)==0)
197  xstrncpy(request, "menu", MAX_URL);
198  else
199  xstrncpy(request, "index", MAX_URL);
200  }
201 #endif
202 
203  debugs(16, 3, HERE << "MGR request: t=" << t << ", host='" << host << "', request='" << request << "', pos=" << pos <<
204  ", password='" << password << "', params='" << params << "'");
205 
206  Mgr::ActionProfile::Pointer profile = findAction(request);
207  if (!profile) {
208  debugs(16, DBG_IMPORTANT, "CacheManager::ParseUrl: action '" << request << "' not found");
209  return NULL;
210  }
211 
212  const char *prot = ActionProtection(profile);
213  if (!strcmp(prot, "disabled") || !strcmp(prot, "hidden")) {
214  debugs(16, DBG_IMPORTANT, "CacheManager::ParseUrl: action '" << request << "' is " << prot);
215  return NULL;
216  }
217 
219  if (!Mgr::QueryParams::Parse(params, cmd->params.queryParams))
220  return NULL;
221  cmd->profile = profile;
222  cmd->params.httpUri = url;
223  cmd->params.userName = String();
224  cmd->params.password = password;
225  cmd->params.actionName = request;
226  return cmd;
227 }
228 
230 /*
231  \ingroup CacheManagerInternal
232  * Decodes the headers needed to perform user authentication and fills
233  * the details into the cachemgrStateData argument
234  */
235 void
237 {
238  assert(request);
239 
240  params.httpMethod = request->method.id();
241  params.httpFlags = request->flags;
242 
243 #if HAVE_AUTH_MODULE_BASIC
244  // TODO: use the authentication system decode to retrieve these details properly.
245 
246  /* base 64 _decoded_ user:passwd pair */
247  const char *basic_cookie = request->header.getAuth(Http::HdrType::AUTHORIZATION, "Basic");
248 
249  if (!basic_cookie)
250  return;
251 
252  const char *passwd_del;
253  if (!(passwd_del = strchr(basic_cookie, ':'))) {
254  debugs(16, DBG_IMPORTANT, "CacheManager::ParseHeaders: unknown basic_cookie format '" << basic_cookie << "'");
255  return;
256  }
257 
258  /* found user:password pair, reset old values */
259  params.userName.limitInit(basic_cookie, passwd_del - basic_cookie);
260  params.password = passwd_del + 1;
261 
262  /* warning: this prints decoded password which maybe not be what you want to do @?@ @?@ */
263  debugs(16, 9, "CacheManager::ParseHeaders: got user: '" <<
264  params.userName << "' passwd: '" << params.password << "'");
265 #endif
266 }
267 
275 int
277 {
278  assert(cmd.profile != NULL);
279  const char *action = cmd.profile->name;
280  char *pwd = PasswdGet(Config.passwd_list, action);
281 
282  debugs(16, 4, "CacheManager::CheckPassword for action " << action);
283 
284  if (pwd == NULL)
285  return cmd.profile->isPwReq;
286 
287  if (strcmp(pwd, "disable") == 0)
288  return 1;
289 
290  if (strcmp(pwd, "none") == 0)
291  return 0;
292 
293  if (!cmd.params.password.size())
294  return 1;
295 
296  return cmd.params.password != pwd;
297 }
298 
305 void
307 {
308  debugs(16, 3, "CacheManager::Start: '" << entry->url() << "'" );
309 
310  Mgr::Command::Pointer cmd = ParseUrl(entry->url());
311  if (!cmd) {
312  const auto err = new ErrorState(ERR_INVALID_URL, Http::scNotFound, request, ale);
313  err->url = xstrdup(entry->url());
314  errorAppendEntry(entry, err);
315  entry->expires = squid_curtime;
316  return;
317  }
318 
319  const char *actionName = cmd->profile->name;
320 
321  entry->expires = squid_curtime;
322 
323  debugs(16, 5, "CacheManager: " << client << " requesting '" << actionName << "'");
324 
325  /* get additional info from request headers */
326  ParseHeaders(request, cmd->params);
327 
328  const char *userName = cmd->params.userName.size() ?
329  cmd->params.userName.termedBuf() : "unknown";
330 
331  /* Check password */
332 
333  if (CheckPassword(*cmd) != 0) {
334  /* build error message */
336  /* warn if user specified incorrect password */
337 
338  if (cmd->params.password.size()) {
339  debugs(16, DBG_IMPORTANT, "CacheManager: " <<
340  userName << "@" <<
341  client << ": incorrect password for '" <<
342  actionName << "'" );
343  } else {
344  debugs(16, DBG_IMPORTANT, "CacheManager: " <<
345  userName << "@" <<
346  client << ": password needed for '" <<
347  actionName << "'" );
348  }
349 
350  HttpReply *rep = errState.BuildHttpReply();
351 
352 #if HAVE_AUTH_MODULE_BASIC
353  /*
354  * add Authenticate header using action name as a realm because
355  * password depends on the action
356  */
357  rep->header.putAuth("Basic", actionName);
358 #endif
359  // Allow cachemgr and other XHR scripts access to our version string
360  if (request->header.has(Http::HdrType::ORIGIN)) {
361  rep->header.putExt("Access-Control-Allow-Origin",request->header.getStr(Http::HdrType::ORIGIN));
362 #if HAVE_AUTH_MODULE_BASIC
363  rep->header.putExt("Access-Control-Allow-Credentials","true");
364 #endif
365  rep->header.putExt("Access-Control-Expose-Headers","Server");
366  }
367 
368  /* store the reply */
369  entry->replaceHttpReply(rep);
370 
371  entry->expires = squid_curtime;
372 
373  entry->complete();
374 
375  return;
376  }
377 
378  if (request->header.has(Http::HdrType::ORIGIN)) {
379  cmd->params.httpOrigin = request->header.getStr(Http::HdrType::ORIGIN);
380  }
381 
382  debugs(16, 2, "CacheManager: " <<
383  userName << "@" <<
384  client << " requesting '" <<
385  actionName << "'" );
386 
387  // special case: /squid-internal-mgr/ index page
388  if (!strcmp(cmd->profile->name, "index")) {
389  ErrorState err(MGR_INDEX, Http::scOkay, request, ale);
390  err.url = xstrdup(entry->url());
391  HttpReply *rep = err.BuildHttpReply();
392  if (strncmp(rep->body.content(),"Internal Error:", 15) == 0)
394  // Allow cachemgr and other XHR scripts access to our version string
395  if (request->header.has(Http::HdrType::ORIGIN)) {
396  rep->header.putExt("Access-Control-Allow-Origin",request->header.getStr(Http::HdrType::ORIGIN));
397 #if HAVE_AUTH_MODULE_BASIC
398  rep->header.putExt("Access-Control-Allow-Credentials","true");
399 #endif
400  rep->header.putExt("Access-Control-Expose-Headers","Server");
401  }
402  entry->replaceHttpReply(rep);
403  entry->complete();
404  return;
405  }
406 
407  if (UsingSmp() && IamWorkerProcess()) {
408  // is client the right connection to pass here?
409  AsyncJob::Start(new Mgr::Forwarder(client, cmd->params, request, entry, ale));
410  return;
411  }
412 
413  Mgr::Action::Pointer action = cmd->profile->creator->create(cmd);
414  Must(action != NULL);
415  action->run(entry, true);
416 }
417 
418 /*
419  \ingroup CacheManagerInternal
420  * Renders the protection level text for an action.
421  * Also doubles as a check for the protection level.
422  */
423 const char *
425 {
426  assert(profile != NULL);
427  const char *pwd = PasswdGet(Config.passwd_list, profile->name);
428 
429  if (!pwd)
430  return profile->isPwReq ? "hidden" : "public";
431 
432  if (!strcmp(pwd, "disable"))
433  return "disabled";
434 
435  if (strcmp(pwd, "none") == 0)
436  return "public";
437 
438  return "protected";
439 }
440 
441 /*
442  * \ingroup CacheManagerInternal
443  * gets from the global Config the password the user would need to supply
444  * for the action she queried
445  */
446 char *
448 {
449  while (a) {
450  for (auto &w : a->actions) {
451  if (w.cmp(action) == 0)
452  return a->passwd;
453 
454  static const SBuf allAction("all");
455  if (w == allAction)
456  return a->passwd;
457  }
458 
459  a = a->next;
460  }
461 
462  return NULL;
463 }
464 
467 {
468  static CacheManager *instance = nullptr;
469  if (!instance) {
470  debugs(16, 6, "starting cachemanager up");
471  instance = new CacheManager;
473  }
474  return instance;
475 }
476 
AnyP::ProtocolVersion ProtocolVersion(unsigned int aMajor, unsigned int aMinor)
HTTP version label information.
void limitInit(const char *str, int len)
Definition: String.cc:94
#define assert(EX)
Definition: assert.h:17
ClassActionCreator(Handler *aHandler)
const char * getAuth(Http::HdrType id, const char *auth_scheme) const
Definition: HttpHeader.cc:1293
String actionName
action name (and credentials realm)
Definition: ActionParams.h:39
void set(const AnyP::ProtocolVersion &newVersion, Http::StatusCode newStatus, const char *newReason=NULL)
Definition: StatusLine.cc:30
Definition: SBuf.h:86
HttpRequestMethod method
Definition: HttpRequest.h:106
struct _request * request(char *urlin)
Definition: tcp-banger2.c:291
#define xstrdup
void putExt(const char *name, const char *value)
Definition: HttpHeader.cc:1127
char * url
Definition: errorpage.h:171
creates FunAction using ActionCreator API
Definition: FunAction.h:44
#define Must(condition)
Like assert() but throws an exception instead of aborting the process.
Definition: TextException.h:69
String password
user password; used for acceptance check and cleared
Definition: ActionParams.h:41
void OBJH(StoreEntry *)
Definition: forward.h:44
Mgr::Action::Pointer Handler(const Mgr::Command::Pointer &cmd)
creates Action using supplied Action::Create method and command
Command
what kind of I/O the disker needs to do or have done
Definition: IpcIoFile.h:33
int CheckPassword(const Mgr::Command &cmd)
time_t expires
Definition: Store.h:204
static bool Parse(const String &aParamsStr, QueryParams &aParams)
parses the query string parameters
Definition: QueryParams.cc:102
bool IamWorkerProcess()
whether the current process handles HTTP transactions and such
Definition: stub_tools.cc:49
time_t squid_curtime
Definition: stub_time.cc:17
Cache Manager Action parameters extracted from the user request.
Definition: ActionParams.h:23
void replaceHttpReply(HttpReply *, bool andStartWriting=true)
Definition: store.cc:1788
static CacheManager * GetInstance()
void complete()
Definition: store.cc:1064
static Pointer Start(AsyncJob *job)
starts a freshly created job (i.e., makes the job asynchronous)
Definition: AsyncJob.cc:23
const char * ActionProtection(const Mgr::ActionProfilePointer &profile)
list of cachemgr password authorization definitions. Currently a POD.
hard-coded Cache Manager action configuration, including Action creator
Definition: ActionProfile.h:21
#define debugs(SECTION, LEVEL, CONTENT)
Definition: Debug.h:124
const char * url() const
Definition: store.cc:1606
#define DBG_IMPORTANT
Definition: Debug.h:46
HttpRequestMethod httpMethod
HTTP request method.
Definition: ActionParams.h:34
char * PasswdGet(Mgr::ActionPasswordList *, const char *)
virtual Mgr::Action::Pointer create(const Mgr::Command::Pointer &cmd) const
returns a pointer to the new Action object for cmd; never nil
char * xstrncpy(char *dst, const char *src, size_t n)
Definition: xstring.cc:37
void start(const Comm::ConnectionPointer &client, HttpRequest *request, StoreEntry *entry, const AccessLogEntryPointer &ale)
Mgr::Action::Pointer createRequestedAction(const Mgr::ActionParams &)
Http::StatusLine sline
Definition: HttpReply.h:60
Http::MethodType id() const
Definition: RequestMethod.h:73
Mgr::CommandPointer ParseUrl(const char *url)
#define LOCAL_ARRAY(type, name, size)
Definition: leakcheck.h:18
char const * termedBuf() const
Definition: SquidString.h:91
int unsigned int const char *desc STUB void int len
Definition: stub_fd.cc:20
const char * getStr(Http::HdrType id) const
Definition: HttpHeader.cc:1178
bool UsingSmp()
Whether there should be more than one worker process running.
Definition: tools.cc:658
std::ostream & HERE(std::ostream &s)
Definition: Debug.h:153
Mgr::Action::Pointer createNamedAction(const char *actionName)
void ParseHeaders(const HttpRequest *request, Mgr::ActionParams &params)
bool action(int fd, size_t metasize, const char *fn, const char *url, const SquidMetaList &meta)
Definition: purge.cc:311
RefCount< ActionProfile > ActionProfilePointer
Definition: forward.h:32
combined hard-coded action profile with user-supplied action parameters
Definition: Command.h:21
HttpHeader header
Definition: Message.h:75
RequestFlags flags
Definition: HttpRequest.h:133
int has(Http::HdrType id) const
Definition: HttpHeader.cc:977
ActionPasswordList * next
static CacheManager * instance
void registerProfile(char const *action, char const *desc, OBJH *handler, int pw_req_flag, int atomic)
void errorAppendEntry(StoreEntry *entry, ErrorState *err)
Definition: errorpage.cc:691
ActionParams params
user-supplied action arguments
Definition: Command.h:28
int a
Definition: membanger.c:50
RequestFlags httpFlags
HTTP request flags.
Definition: ActionParams.h:35
Mgr::ActionProfilePointer findAction(char const *action) const
HttpReply * BuildHttpReply(void)
Definition: errorpage.cc:1261
ActionProfilePointer profile
hard-coded action specification
Definition: Command.h:27
#define MAX_URL
Definition: defines.h:118
void RegisterBasics()
Registeres profiles for the actions above;.
String userName
user login name; currently only used for logging
Definition: ActionParams.h:40
size_type size() const
Definition: SquidString.h:72
void putAuth(const char *auth_scheme, const char *realm)
Definition: HttpHeader.cc:1047
class SquidConfig Config
Definition: SquidConfig.cc:12
Mgr::ActionPasswordList * passwd_list
Definition: SquidConfig.h:261
#define NULL
Definition: types.h:166

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors