ext_session_acl.cc
Go to the documentation of this file.
1 /*
2  * Copyright (C) 1996-2022 The Squid Software Foundation and contributors
3  *
4  * Squid software is distributed under GPLv2+ license and includes
5  * contributions from numerous individuals and organizations.
6  * Please see the COPYING and CONTRIBUTORS files for details.
7  */
8 
9 /*
10  * ext_session_acl: Squid external acl helper for tracking sessions
11  *
12  * Copyright (C) 2006 Henrik Nordstrom <henrik@henriknordstrom.net>
13  *
14  * This program is free software; you can redistribute it and/or modify
15  * it under the terms of the GNU General Public License as published by
16  * the Free Software Foundation; either version 2 of the License, or
17  * (at your option) any later version.
18  *
19  * This program is distributed in the hope that it will be useful,
20  * but WITHOUT ANY WARRANTY; without even the implied warranty of
21  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22  * GNU General Public License for more details.
23  *
24  * You should have received a copy of the GNU General Public License
25  * along with this program; if not, write to the Free Software
26  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
27  */
28 
29 #if HAVE_CONFIG_H
30 #include "squid.h"
31 #endif
33 
34 #include <cstdlib>
35 #include <cstring>
36 #include <ctime>
37 #if HAVE_DB_H
38 #include <db.h>
39 #endif
40 #include <fcntl.h>
41 #if HAVE_GETOPT_H
42 #include <getopt.h>
43 #endif
44 #include <sys/types.h>
45 #include <sys/stat.h>
46 #if HAVE_TDB_H
47 #include <tdb.h>
48 #endif
49 #if HAVE_UNISTD_H
50 #include <unistd.h>
51 #endif
52 
53 /* At this point all Bit Types are already defined, so we must
54  protect from multiple type definition on platform where
55  __BIT_TYPES_DEFINED__ is not defined.
56  */
57 #ifndef __BIT_TYPES_DEFINED__
58 #define __BIT_TYPES_DEFINED__
59 #endif
60 
61 static int session_ttl = 3600;
62 static int fixed_timeout = 0;
63 char *db_path = NULL;
64 const char *program_name;
65 
66 #if USE_BERKLEYDB
67 DB *db = NULL;
68 DB_ENV *db_env = NULL;
69 typedef DBT DB_ENTRY;
70 
71 #elif USE_TRIVIALDB
72 TDB_CONTEXT *db = nullptr;
73 typedef TDB_DATA DB_ENTRY;
74 
75 #else
76 #error "Either Berkeley DB or Trivial DB must be available"
77 #endif
78 
79 static void
81 {
82  if (db) {
83 #if USE_BERKLEYDB
84  db->close(db, 0);
85  }
86  if (db_env) {
87  db_env->close(db_env, 0);
88 
89 #elif USE_TRIVIALDB
90  if (tdb_close(db) != 0) {
91  fprintf(stderr, "%s| WARNING: error closing session db '%s'\n", program_name, db_path);
92  exit(EXIT_FAILURE);
93  }
94 #endif
95  }
96  xfree(db_path);
97 }
98 
99 static void init_db(void)
100 {
101  struct stat st_buf;
102 
103  if (db_path) {
104  if (!stat(db_path, &st_buf)) {
105  if (S_ISDIR (st_buf.st_mode)) {
106 #if USE_BERKLEYDB
107  /* If directory then open database environment. This prevents sync problems
108  between different processes. Otherwise fallback to single file */
109  db_env_create(&db_env, 0);
110  if (db_env->open(db_env, db_path, DB_CREATE | DB_INIT_MPOOL | DB_INIT_LOCK, 0666)) {
111  fprintf(stderr, "FATAL: %s: Failed to open database environment in '%s'\n", program_name, db_path);
112  db_env->close(db_env, 0);
113  exit(EXIT_FAILURE);
114  }
115  db_create(&db, db_env, 0);
116 #elif USE_TRIVIALDB
117  std::string newPath(db_path);
118  newPath.append("session", 7);
119  db_path = xstrdup(newPath.c_str());
120 #endif
121  }
122  }
123  }
124 
125 #if USE_BERKLEYDB
126  if (db_env) {
127  if (db->open(db, NULL, "session", NULL, DB_BTREE, DB_CREATE, 0666)) {
128  fprintf(stderr, "FATAL: %s: Failed to open db file '%s' in dir '%s'\n",
129  program_name, "session", db_path);
130  db_env->close(db_env, 0);
131  exit(EXIT_FAILURE);
132  }
133  } else {
134  db_create(&db, NULL, 0);
135  if (db->open(db, NULL, db_path, NULL, DB_BTREE, DB_CREATE, 0666)) {
136  db = nullptr;
137  }
138  }
139 #elif USE_TRIVIALDB
140 #if _SQUID_FREEBSD_ && !defined(O_DSYNC)
141  // FreeBSD lacks O_DSYNC, O_SYNC is closest to correct behaviour
142 #define O_DSYNC O_SYNC
143 #endif
144  db = tdb_open(db_path, 0, TDB_CLEAR_IF_FIRST, O_CREAT|O_DSYNC, 0666);
145 #endif
146  if (!db) {
147  fprintf(stderr, "FATAL: %s: Failed to open session db '%s'\n", program_name, db_path);
148  shutdown_db();
149  exit(EXIT_FAILURE);
150  }
151 }
152 
154 
155 static size_t
156 dataSize(DB_ENTRY *data)
157 {
158 #if USE_BERKLEYDB
159  return data->size;
160 #elif USE_TRIVIALDB
161  return data->dsize;
162 #endif
163 }
164 
165 static bool
166 fetchKey(/*const*/ DB_ENTRY &key, DB_ENTRY *data)
167 {
168 #if USE_BERKLEYDB
169  return (db->get(db, nullptr, &key, data, 0) == 0);
170 #elif USE_TRIVIALDB
171  // NP: API says returns NULL on errors, but return is a struct type WTF??
172  *data = tdb_fetch(db, key);
173  return (data->dptr != nullptr);
174 #endif
175 }
176 
177 static void
178 deleteEntry(/*const*/ DB_ENTRY &key)
179 {
180 #if USE_BERKLEYDB
181  db->del(db, nullptr, &key, 0);
182 #elif USE_TRIVIALDB
183  tdb_delete(db, key);
184 #endif
185 }
186 
187 static void
188 copyValue(void *dst, const DB_ENTRY *src, size_t sz)
189 {
190 #if USE_BERKLEYDB
191  memcpy(dst, src->data, sz);
192 #elif USE_TRIVIALDB
193  memcpy(dst, src->dptr, sz);
194 #endif
195 }
196 
197 static int session_active(const char *details, size_t len)
198 {
199 #if USE_BERKLEYDB
200  DBT key = {};
201  DBT data = {};
202  key.data = (void *)details;
203  key.size = len;
204 #elif USE_TRIVIALDB
205  TDB_DATA key;
206  TDB_DATA data;
207  (void)len;
208 #else
209  (void)len;
210 #endif
211  if (fetchKey(key, &data)) {
212  time_t timestamp;
213  if (dataSize(&data) != sizeof(timestamp)) {
214  fprintf(stderr, "ERROR: %s: CORRUPTED DATABASE (%s)\n", program_name, details);
215  deleteEntry(key);
216  return 0;
217  }
218  copyValue(&timestamp, &data, sizeof(timestamp));
219  if (timestamp + session_ttl >= time(NULL))
220  return 1;
221  }
222  return 0;
223 }
224 
225 static void
226 session_login(/*const*/ char *details, size_t len)
227 {
228  DB_ENTRY key = {};
229  DB_ENTRY data = {};
230  time_t now = time(0);
231 #if USE_BERKLEYDB
232  key.data = static_cast<decltype(key.data)>(details);
233  key.size = len;
234  data.data = &now;
235  data.size = sizeof(now);
236  db->put(db, NULL, &key, &data, 0);
237 #elif USE_TRIVIALDB
238  key.dptr = reinterpret_cast<decltype(key.dptr)>(details);
239  key.dsize = len;
240  data.dptr = reinterpret_cast<decltype(data.dptr)>(&now);
241  data.dsize = sizeof(now);
242  tdb_store(db, key, data, 0);
243 #endif
244 }
245 
246 static void
247 session_logout(/*const*/ char *details, size_t len)
248 {
249  DB_ENTRY key = {};
250 #if USE_BERKLEYDB
251  key.data = static_cast<decltype(key.data)>(details);
252  key.size = len;
253 #elif USE_TRIVIALDB
254  key.dptr = reinterpret_cast<decltype(key.dptr)>(details);
255  key.dsize = len;
256 #endif
257  deleteEntry(key);
258 }
259 
260 static void usage(void)
261 {
262  fprintf(stderr, "Usage: %s [-t|-T session_timeout] [-b dbpath] [-a]\n", program_name);
263  fprintf(stderr, " -t sessiontimeout Idle timeout after which sessions will be forgotten (user activity will reset)\n");
264  fprintf(stderr, " -T sessiontimeout Fixed timeout after which sessions will be forgotten (regardless of user activity)\n");
265  fprintf(stderr, " -b dbpath Path where persistent session database will be kept\n");
266  fprintf(stderr, " -a Active mode requiring LOGIN argument to start a session\n");
267 }
268 int main(int argc, char **argv)
269 {
271  int opt;
272  int default_action = 1;
273 
274  program_name = argv[0];
275 
276  while ((opt = getopt(argc, argv, "t:T:b:a?")) != -1) {
277  switch (opt) {
278  case 'T':
279  fixed_timeout = 1;
280  /* [[fallthrough]] */
281  case 't':
282  session_ttl = strtol(optarg, NULL, 0);
283  break;
284  case 'b':
286  break;
287  case 'a':
288  default_action = 0;
289  break;
290  case '?':
291  usage();
292  exit(EXIT_SUCCESS);
293  break;
294  }
295  }
296 
297  setbuf(stdout, NULL);
298 
299  init_db();
300 
301  while (fgets(request, HELPER_INPUT_BUFFER, stdin)) {
302  int action = 0;
303  const char *channel_id = strtok(request, " ");
304  char *detail = strtok(NULL, "\n");
305  if (detail == NULL) {
306  // Only 1 parameter supplied. We are expecting at least 2 (including the channel ID)
307  fprintf(stderr, "FATAL: %s is concurrent and requires the concurrency option to be specified.\n", program_name);
308  shutdown_db();
309  exit(EXIT_FAILURE);
310  }
311  char *lastdetail = strrchr(detail, ' ');
312  size_t detail_len = strlen(detail);
313  if (lastdetail) {
314  if (strcmp(lastdetail, " LOGIN") == 0) {
315  action = 1;
316  detail_len = (size_t)(lastdetail-detail);
317  *lastdetail = '\0';
318  } else if (strcmp(lastdetail, " LOGOUT") == 0) {
319  action = -1;
320  detail_len = (size_t)(lastdetail-detail);
321  *lastdetail = '\0';
322  } else if (!default_action && strcmp(lastdetail, " -") == 0) {
323  // no action; LOGIN/LOGOUT not supplied
324  // but truncate the '-' %DATA value given by Squid-4 and later
325  detail_len = (size_t)(lastdetail-detail);
326  *lastdetail = '\0';
327  }
328  }
329  if (action == -1) {
330  session_logout(detail, detail_len);
331  printf("%s OK message=\"Bye\"\n", channel_id);
332  } else if (action == 1) {
333  session_login(detail, detail_len);
334  printf("%s OK message=\"Welcome\"\n", channel_id);
335  } else if (session_active(detail, detail_len)) {
336  if (fixed_timeout == 0) {
337  session_login(detail, detail_len);
338  }
339  printf("%s OK\n", channel_id);
340  } else if (default_action == 1) {
341  session_login(detail, detail_len);
342  printf("%s ERR message=\"Welcome\"\n", channel_id);
343  } else {
344  printf("%s ERR message=\"No session available\"\n", channel_id);
345  }
346  }
347  shutdown_db();
348  return EXIT_SUCCESS;
349 }
350 
static bool action(int fd, size_t metasize, const char *fn, const char *url, const SquidMetaList &meta)
Definition: purge.cc:311
int main(int argc, char **argv)
static void session_logout(char *details, size_t len)
static void deleteEntry(DB_ENTRY &key)
static int fixed_timeout
static void usage(void)
TDB_CONTEXT * db
static struct timeval now
Definition: tcp-banger2.c:97
#define xstrdup
static size_t dataSize(DB_ENTRY *data)
char * optarg
Definition: getopt.c:51
static int session_active(const char *details, size_t len)
char * db_path
int const char size_t
Definition: stub_liblog.cc:86
int getopt(int nargc, char *const *nargv, const char *ostr)
Definition: getopt.c:62
#define NULL
Definition: types.h:166
const char * program_name
static void init_db(void)
static void shutdown_db()
void const char int sz
Definition: stub_cbdata.cc:16
#define xfree
int session_is_active
#define HELPER_INPUT_BUFFER
Definition: UserRequest.cc:24
static int session_ttl
static bool fetchKey(DB_ENTRY &key, DB_ENTRY *data)
static void copyValue(void *dst, const DB_ENTRY *src, size_t sz)
static void session_login(char *details, size_t len)
struct _request * request(char *urlin)
Definition: tcp-banger2.c:291

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors