Fri Nov 12 00:59:36 CET 1999
Modified Files in squid/src
	acl.c 

Oops. The code for ident_regex broke reconfigure for snmp_community ACLs
(segfaulted)

-----------------------------------------------------------------

Sun Oct 17 01:14:07 CEST 1999
Modified Files in squid/src
	acl.c cf.data.pre enums.h 

Added proxy_auth_regex and ident_regex ACL types for regex pattern matching
user names.

-----------------------------------------------------------------

Index: squid/src/acl.c
diff -u squid/src/acl.c:1.1.1.38.2.5 squid/src/acl.c:1.1.1.38.2.10
--- squid/src/acl.c:1.1.1.38.2.5	Sun Oct 24 21:52:14 1999
+++ squid/src/acl.c	Fri Nov 12 00:59:34 1999
@@ -180,6 +180,8 @@
 #if USE_IDENT
     if (!strcmp(s, "ident"))
 	return ACL_IDENT;
+    if (!strcmp(s, "ident_regex"))
+	return ACL_IDENT_REGEX;
 #endif
     if (!strncmp(s, "proto", 5))
 	return ACL_PROTO;
@@ -189,6 +191,8 @@
 	return ACL_BROWSER;
     if (!strcmp(s, "proxy_auth"))
 	return ACL_PROXY_AUTH;
+    if (!strcmp(s, "proxy_auth_regex"))
+	return ACL_PROXY_AUTH_REGEX;
     if (!strcmp(s, "src_as"))
 	return ACL_SRC_ASN;
     if (!strcmp(s, "dst_as"))
@@ -236,6 +240,8 @@
 #if USE_IDENT
     if (type == ACL_IDENT)
 	return "ident";
+    if (type == ACL_IDENT_REGEX)
+	return "ident_regex";
 #endif
     if (type == ACL_PROTO)
 	return "proto";
@@ -245,6 +251,8 @@
 	return "browser";
     if (type == ACL_PROXY_AUTH)
 	return "proxy_auth";
+    if (type == ACL_PROXY_AUTH_REGEX)
+	return "proxy_auth_regex";
     if (type == ACL_SRC_ASN)
 	return "src_as";
     if (type == ACL_DST_ASN)
@@ -715,6 +723,9 @@
     case ACL_IDENT:
 	aclParseWordList(&A->data);
 	break;
+    case ACL_IDENT_REGEX:
+	aclParseRegexList(&A->data);
+	break;
 #endif
     case ACL_PROTO:
 	aclParseProtoList(&A->data);
@@ -730,6 +741,14 @@
 	    assert(proxy_auth_cache);
 	}
 	break;
+    case ACL_PROXY_AUTH_REGEX:
+	aclParseRegexList(&A->data);
+	if (!proxy_auth_cache) {
+	    /* First time around, 7921 should be big enough */
+	    proxy_auth_cache = hash_create((HASHCMP *) strcmp, 7921, hash_string);
+	    assert(proxy_auth_cache);
+	}
+	break;
 #if SQUID_SNMP
     case ACL_SNMP_COMMUNITY:
 	aclParseWordList(&A->data);
@@ -1037,7 +1061,7 @@
  */
 
 static int
-aclMatchProxyAuth(wordlist * data, const char *proxy_auth, acl_proxy_auth_user * auth_user, aclCheck_t * checklist)
+aclMatchProxyAuth(void * data, const char *proxy_auth, acl_proxy_auth_user * auth_user, aclCheck_t * checklist, squid_acl acltype)
 {
     /* checklist is used to register user name when identified, nothing else */
     LOCAL_ARRAY(char, login_buf, USER_IDENT_SZ);
@@ -1099,7 +1123,15 @@
 	    xstrncpy(checklist->request->user_ident, user, USER_IDENT_SZ);
 	    auth_user->ip_expiretime = current_time.tv_sec + Config.authenticateIpTTL;
 	    auth_user->ipaddr = checklist->src_addr;
-	    return aclMatchUser(data, user);
+	    switch(acltype) {
+	    case ACL_PROXY_AUTH:
+		return aclMatchUser(data, user);
+	    case ACL_PROXY_AUTH_REGEX:
+		return aclMatchRegex(data, user);
+	    default:
+		fatal("aclMatchProxyAuth: unknown ACL type"); 
+		return 0; /* NOTREACHED */
+	    }       
 	} else {
 	    /* user has switched to another IP addr */
 	    debug(28, 1) ("aclMatchProxyAuth: user '%s' has changed IP address\n", user);
@@ -1367,6 +1399,14 @@
 	    return 0;
 	}
 	/* NOTREACHED */
+    case ACL_IDENT_REGEX:
+	if (checklist->ident[0]) {
+	    return aclMatchRegex(ae->data, checklist->ident);
+	} else {
+	    checklist->state[ACL_IDENT] = ACL_LOOKUP_NEEDED;
+	    return 0;
+	}
+	/* NOTREACHED */
 #endif
     case ACL_PROTO:
 	return aclMatchInteger(ae->data, r->protocol);
@@ -1378,6 +1418,7 @@
 	return aclMatchRegex(ae->data, checklist->browser);
 	/* NOTREACHED */
     case ACL_PROXY_AUTH:
+    case ACL_PROXY_AUTH_REGEX:
 	if (NULL == r) {
 	    return -1;
 	} else if (!r->flags.accelerated) {
@@ -1407,7 +1448,8 @@
 	switch (aclMatchProxyAuth(ae->data,
 		header,
 		checklist->auth_user,
-		checklist)) {
+		checklist,
+		ae->type)) {
 	case 0:
 	    /* Correct password, but was not allowed in this ACL */
 	    return 0;
@@ -1818,6 +1860,10 @@
 	case ACL_TIME:
 	    aclDestroyTimeList(a->data);
 	    break;
+#if USE_IDENT
+	case ACL_IDENT_REGEX:
+#endif
+	case ACL_PROXY_AUTH_REGEX:
 	case ACL_URL_REGEX:
 	case ACL_URLPATH_REGEX:
 	case ACL_BROWSER:
Index: squid/src/cf.data.pre
diff -u squid/src/cf.data.pre:1.1.1.38 squid/src/cf.data.pre:1.1.1.38.8.1
--- squid/src/cf.data.pre:1.1.1.38	Tue Jul 13 00:09:23 1999
+++ squid/src/cf.data.pre	Sun Oct 17 01:14:06 1999
@@ -1428,6 +1428,7 @@
 	acl aclname browser  [-i] regexp
 	  # pattern match on User-Agent header
 	acl aclname ident    username ...
+	acl aclname ident_regex [-i] pattern ...
 	  # string match on ident output.
 	  # use REQUIRED to accept any non-null ident.
 	acl aclname src_as   number ... 
@@ -1441,6 +1442,7 @@
 	  # cache_peer_access mycache_mydomain.net deny all
 
 	acl aclname proxy_auth username ...
+	acl aclname proxy_auth_regex [-i] pattern ...
 	  # list of valid usernames
 	  # use REQUIRED to accept any valid username.
 	  #
Index: squid/src/enums.h
diff -u squid/src/enums.h:1.1.1.34 squid/src/enums.h:1.1.1.34.8.1
--- squid/src/enums.h:1.1.1.34	Tue Jul 13 00:09:26 1999
+++ squid/src/enums.h	Sun Oct 17 01:14:06 1999
@@ -103,11 +103,13 @@
     ACL_URL_PORT,
 #if USE_IDENT
     ACL_IDENT,
+    ACL_IDENT_REGEX,
 #endif
     ACL_PROTO,
     ACL_METHOD,
     ACL_BROWSER,
     ACL_PROXY_AUTH,
+    ACL_PROXY_AUTH_REGEX,
     ACL_SRC_ASN,
     ACL_DST_ASN,
     ACL_SRC_ARP,