--------------------- PatchSet 2079 Date: 2001/04/25 00:22:28 Author: rbcollins Branch: generic_modules Tag: (none) Log: dynamic time acls Members: src/acl.c:1.21.4.10->1.21.4.11 src/protos.h:1.18.4.19->1.18.4.20 Index: squid/src/acl.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/acl.c,v retrieving revision 1.21.4.10 retrieving revision 1.21.4.11 diff -u -r1.21.4.10 -r1.21.4.11 --- squid/src/acl.c 24 Apr 2001 13:34:16 -0000 1.21.4.10 +++ squid/src/acl.c 25 Apr 2001 00:22:28 -0000 1.21.4.11 @@ -1,6 +1,6 @@ /* - * $Id: acl.c,v 1.21.4.10 2001/04/24 13:34:16 rbcollins Exp $ + * $Id: acl.c,v 1.21.4.11 2001/04/25 00:22:28 rbcollins Exp $ * * DEBUG: section 28 Access Control * AUTHOR: Duane Wessels @@ -38,7 +38,7 @@ #include "squid_parser.h" #include "acl.h" -typedef int ACLMATCH(void *, aclCheck_t *); +typedef int ACLMATCH(void * * , aclCheck_t *); struct _aclName { dlink_node node; @@ -57,9 +57,10 @@ static FILE *aclFile; MemPool * acl_pool = NULL; -static void aclParseDomainList(void *curlist); +static PARSER_PARSE aclParseDomainList; static void aclParseUserList(void **current); static PARSER_PARSE aclParseIpList; +static PARSER_PARSE aclParseRegexList; #if UNUSED_CODE static void aclParseIntlist(void *curlist); #endif @@ -68,18 +69,18 @@ #endif static void aclParseProtoList(void *curlist); static void aclParseMethodList(void *curlist); -static void aclParseTimeSpec(void *curlist); +static PARSER_PARSE aclParseTimeSpec; static void aclParseIntRange(void *curlist); static char *strtokFile(void); static void aclDestroyAclList(acl_list * list); -static void aclDestroyTimeList(acl_time_data * data); +static PARSER_FREE aclDestroyTimeSpecList; static void aclDestroyIntRange(intrange *); static void aclLookupProxyAuthStart(aclCheck_t * checklist); static void aclLookupProxyAuthDone(void *data, char *result); static struct _acl *aclFindByName(const char *name); static int aclMatchAcl(struct _acl *, aclCheck_t *); static int aclMatchIntegerRange(intrange * data, int i); -static int aclMatchTime(acl_time_data * data, time_t when); +static int aclMatchTimeSpec(acl_time_data * data, time_t when); static int aclMatchUser(void *proxyauth_acl, char *user); static int aclMatchIp(void *, struct in_addr); static int aclMatchDomainList(void *dataptr, const char *); @@ -242,23 +243,23 @@ return ACL_DYNAMIC; // return ACL_MY_IP; // fatal ("bad acl code\n"); if (!strcmp(s, "domain")) - return ACL_DST_DOMAIN; + return ACL_DYNAMIC; // return ACL_DST_DOMAIN; if (!strcmp(s, "dstdomain")) - return ACL_DST_DOMAIN; + return ACL_DYNAMIC; // return ACL_DST_DOMAIN; if (!strcmp(s, "srcdomain")) - return ACL_SRC_DOMAIN; + return ACL_DYNAMIC; // return ACL_SRC_DOMAIN; if (!strcmp(s, "dstdom_regex")) - return ACL_DST_DOM_REGEX; + return ACL_DYNAMIC; // return ACL_DST_DOM_REGEX; if (!strcmp(s, "srcdom_regex")) - return ACL_SRC_DOM_REGEX; + return ACL_DYNAMIC; // return ACL_SRC_DOM_REGEX; if (!strcmp(s, "time")) - return ACL_TIME; + return ACL_DYNAMIC; // return ACL_TIME; if (!strcmp(s, "pattern")) - return ACL_URLPATH_REGEX; + return ACL_DYNAMIC; // return ACL_URLPATH_REGEX; if (!strcmp(s, "urlpath_regex")) - return ACL_URLPATH_REGEX; + return ACL_DYNAMIC; // return ACL_URLPATH_REGEX; if (!strcmp(s, "url_regex")) - return ACL_URL_REGEX; + return ACL_DYNAMIC; // return ACL_URL_REGEX; if (!strcmp(s, "port")) return ACL_URL_PORT; if (!strcmp(s, "myport")) @@ -276,7 +277,7 @@ if (!strcmp(s, "method")) return ACL_METHOD; if (!strcmp(s, "browser")) - return ACL_BROWSER; + return ACL_DYNAMIC; // return ACL_BROWSER; if (!strcmp(s, "proxy_auth")) return ACL_PROXY_AUTH; if (!strcmp(s, "proxy_auth_regex")) @@ -298,9 +299,9 @@ return ACL_SRC_ARP; #endif if (!strcmp(s, "req_mime_type")) - return ACL_REQ_MIME_TYPE; + return ACL_DYNAMIC; // return ACL_REQ_MIME_TYPE; if (!strcmp(s, "rep_mime_type")) - return ACL_REP_MIME_TYPE; + return ACL_DYNAMIC; // return ACL_REP_MIME_TYPE; return ACL_NONE; } @@ -316,19 +317,19 @@ if (type == ACL_MY_IP) return "myip???"; if (type == ACL_DST_DOMAIN) - return "dstdomain"; + return "dstdomain???"; if (type == ACL_SRC_DOMAIN) - return "srcdomain"; + return "srcdomain???"; if (type == ACL_DST_DOM_REGEX) - return "dstdom_regex"; + return "dstdom_regex???"; if (type == ACL_SRC_DOM_REGEX) - return "srcdom_regex"; + return "srcdom_regex???"; if (type == ACL_TIME) - return "time"; + return "time???"; if (type == ACL_URLPATH_REGEX) - return "urlpath_regex"; + return "urlpath_regex??"; if (type == ACL_URL_REGEX) - return "url_regex"; + return "url_regex??"; if (type == ACL_URL_PORT) return "port"; if (type == ACL_MY_PORT) @@ -346,7 +347,7 @@ if (type == ACL_METHOD) return "method"; if (type == ACL_BROWSER) - return "browser"; + return "browser??"; if (type == ACL_PROXY_AUTH) return "proxy_auth"; if (type == ACL_PROXY_AUTH_REGEX) @@ -368,9 +369,9 @@ return "arp"; #endif if (type == ACL_REQ_MIME_TYPE) - return "req_mime_type"; + return "req_mime_type???"; if (type == ACL_REP_MIME_TYPE) - return "rep_mime_type"; + return "rep_mime_type???"; return "ERROR"; } @@ -619,7 +620,7 @@ } static void -aclParseTimeSpec(void *curlist) +aclParseTimeSpec(parserNameNode *parserName, void *curlist) { acl_time_data *q = NULL; acl_time_data **Tail; @@ -695,7 +696,7 @@ } void -aclParseRegexList(void *curlist) +aclParseRegexList(parserNameNode *parserName, void *curlist) { relist **Tail; relist *q = NULL; @@ -788,7 +789,7 @@ /**********************/ static void -aclParseDomainList(void *curlist) +aclParseDomainList(parserNameNode *parserName, void *curlist) { char *t = NULL; splayNode **Top = curlist; @@ -821,6 +822,7 @@ } xstrncpy(aclname, t, ACL_NAME_SZ); #endif + /* snarf the ACL type */ if ((token = strtok(NULL, w_space)) == NULL) { debug(28, 0) ("%s line %d: %s\n", @@ -838,6 +840,16 @@ return; } + + /* We only get called once to assign the function: if data is already used, bomb */ + if (acltype == ACL_DYNAMIC && *head) { + debug(28, 0) ("aclParseAclLine: ACL '%s' already exists with different type, skipp +ing.\n", parserName->namestr); + /* flush the line */ + while (strtok(NULL, w_space)); + return; + } + #if NEVER if ((A = aclFindByName(aclname)) == NULL) { debug(28, 3) ("aclParseAclLine: Creating ACL '%s'\n", aclname); @@ -898,23 +910,17 @@ case ACL_SRC_IP: case ACL_DST_IP: case ACL_MY_IP: -// fatal("You hurt my feelings \n"); - break; case ACL_SRC_DOMAIN: case ACL_DST_DOMAIN: - aclParseDomainList(&A->data); - break; - case ACL_TIME: - aclParseTimeSpec(&A->data); - break; + case ACL_SRC_DOM_REGEX: + case ACL_DST_DOM_REGEX: case ACL_URL_REGEX: case ACL_URLPATH_REGEX: case ACL_BROWSER: - case ACL_SRC_DOM_REGEX: - case ACL_DST_DOM_REGEX: case ACL_REQ_MIME_TYPE: case ACL_REP_MIME_TYPE: - aclParseRegexList(&A->data); + case ACL_TIME: + fatal("You hurt my feelings \n"); break; case ACL_SRC_ASN: case ACL_MAXCONN: @@ -933,7 +939,7 @@ aclParseUserList(&A->data); break; case ACL_IDENT_REGEX: - aclParseRegexList(&A->data); + aclParseRegexList(parserName, &A->data); break; #endif case ACL_PROTO: @@ -961,7 +967,7 @@ debug(28, 0) ("aclParseAclLine: IGNORING: Proxy Auth ACL '%s' \ because no authentication schemes are fully configured.\n", A->cfgline); } else { - aclParseRegexList(&A->data); + aclParseRegexList(parserName, &A->data); } break; #if SQUID_SNMP @@ -1166,19 +1172,19 @@ } static int -aclMatchSrc(void *dataptr, aclCheck_t *checklist) +aclMatchSrc(void * *dataptr, aclCheck_t *checklist) { return aclMatchIp(dataptr, checklist->src_addr); } static int -aclMatchMyip(void *dataptr, aclCheck_t *checklist) +aclMatchMyip(void * *dataptr, aclCheck_t *checklist) { return aclMatchIp(dataptr, checklist->my_addr); } static int -aclMatchDst(void *dataptr, aclCheck_t *checklist) +aclMatchDst(void * *dataptr, aclCheck_t *checklist) { request_t *r = checklist->request; const ipcache_addrs *ia = NULL; @@ -1224,6 +1230,56 @@ return !splayLastResult; } +static int +aclMatchDstDomain(void * *dataptr, aclCheck_t * checklist) +{ + request_t *r = checklist->request; + const ipcache_addrs *ia = NULL; + const char *fqdn = NULL; + if (NULL == r) { +//FIXME + debug(28, 1) ("WARNING: 'dstdomain' ACL is used but there is no" + " HTTP request -- access denied.\n"); + return 0; + } +//FIXME debug(28, 3) ("aclMatchAcl: checking '%s'\n", ae->cfgline); + + if ((ia = ipcacheCheckNumeric(r->host)) == NULL) + return aclMatchDomainList(dataptr, r->host); + fqdn = fqdncache_gethostbyaddr(ia->in_addrs[0], FQDN_LOOKUP_IF_MISS); + if (fqdn) + return aclMatchDomainList(dataptr, fqdn); + if (checklist->state[ACL_DST_DOMAIN] == ACL_LOOKUP_NONE) { +//FIXME debug(28, 3) ("aclMatchAcl: Can't yet compare '%s' ACL for '%s'\n", +// ae->name, inet_ntoa(ia->in_addrs[0])); + checklist->state[ACL_DST_DOMAIN] = ACL_LOOKUP_NEEDED; + return 0; + } + return aclMatchDomainList(dataptr, "none"); +} + +static int +aclMatchSrcDomain(void * *dataptr, aclCheck_t * checklist) +{ + const char *fqdn = NULL; +//FIXME debug(28, 3) ("aclMatchAcl: checking '%s'\n", ae->cfgline); + + fqdn = fqdncache_gethostbyaddr(checklist->src_addr, FQDN_LOOKUP_IF_MISS); + if (fqdn) { + return aclMatchDomainList(dataptr, fqdn); + } else if (checklist->state[ACL_SRC_DOMAIN] == ACL_LOOKUP_NONE) { +//FIXME debug(28, 3) ("aclMatchAcl: Can't yet compare '%s' ACL for '%s'\n", +// ae->name, inet_ntoa(checklist->src_addr)); + checklist->state[ACL_SRC_DOMAIN] = ACL_LOOKUP_NEEDED; + return 0; + } + return aclMatchDomainList(dataptr, "none"); +} + +/***************** + * aclMatchRegex * + *****************/ + int aclMatchRegex(relist * data, const char *word) { @@ -1252,6 +1308,95 @@ } static int +aclMatchUrlPathRegex(void * *dataptr, aclCheck_t * checklist) +{ + request_t *r = checklist->request; + char *esc_buf; + int k; + if (NULL == r) { + debug(28, 1) ("WARNING: 'urlpathregex' ACL is used but there is no" + " HTTP request -- access denied.\n"); + return 0; + } +// FIXME debug(28, 3) ("aclMatchAcl: checking '%s'\n", ae->cfgline); + esc_buf = xstrdup(strBuf(r->urlpath)); + rfc1738_unescape(esc_buf); + k = aclMatchRegex(*dataptr, esc_buf); + safe_free(esc_buf); + return k; +} + +static int +aclMatchUrlRegex(void * *dataptr, aclCheck_t * checklist) +{ + request_t *r = checklist->request; + char *esc_buf; + int k; + if (NULL == r) { + debug(28, 1) ("WARNING: 'url_regex' ACL is used but there is no" + " HTTP request -- access denied.\n"); + return 0; + } +// debug(28, 3) ("aclMatchAcl: checking '%s'\n", ae->cfgline); + esc_buf = xstrdup(urlCanonical(r)); + rfc1738_unescape(esc_buf); + k = aclMatchRegex(*dataptr, esc_buf); + safe_free(esc_buf); + return k; +} + +static int +aclMatchBrowser(void * *dataptr, aclCheck_t * checklist) +{ + request_t *r = checklist->request; + const char *browser; + if (NULL == r) { + debug(28, 1) ("WARNING: 'browser' ACL is used but there is no" + " HTTP request -- access denied.\n"); + return 0; + } + browser = httpHeaderGetStr(&r->header, HDR_USER_AGENT); + if (NULL == browser) + return 0; + return aclMatchRegex(*dataptr, browser); +} + +static int +aclMatchReqMimeType(void * *dataptr, aclCheck_t * checklist) +{ + request_t *r = checklist->request; + const char *header; + if (NULL == r) { + debug(28, 1) ("WARNING: 'req_mime_type' ACL is used but there is no" + " HTTP request -- access denied.\n"); + return 0; + } + + header = httpHeaderGetStr(&r->header, + HDR_CONTENT_TYPE); + if (NULL == header) + header = ""; + return aclMatchRegex(*dataptr, header); +} + + +static int +aclMatchRepMimeType(void * *dataptr, aclCheck_t * checklist) +{ + const char *header; + if (!checklist->reply) { + debug(28, 1) ("WARNING: 'rep_mime_type' ACL is used but there is no" + " HTTP reply -- access denied.\n"); + return 0; + } + header = httpHeaderGetStr(&checklist->reply->header, HDR_CONTENT_TYPE); + if (NULL == header) + header = ""; + return aclMatchRegex(*dataptr, header); +} + + +static int aclMatchUser(void *proxyauth_acl, char *user) { acl_user_data *data = (acl_user_data *) proxyauth_acl; @@ -1572,7 +1717,7 @@ } static int -aclMatchTime(acl_time_data * data, time_t when) +aclMatchTimeSpec(acl_time_data * data, time_t when) { static time_t last_when = 0; static struct tm tm; @@ -1583,7 +1728,7 @@ xmemcpy(&tm, localtime(&when), sizeof(struct tm)); } t = (time_t) (tm.tm_hour * 60 + tm.tm_min); - debug(28, 3) ("aclMatchTime: checking %d in %d-%d, weekbits=%x\n", + debug(28, 3) ("aclMatchTimeSpec: checking %d in %d-%d, weekbits=%x\n", (int) t, (int) data->start, (int) data->stop, data->weekbits); if (t < data->start || t > data->stop) @@ -1591,6 +1736,12 @@ return data->weekbits & (1 << tm.tm_wday) ? 1 : 0; } +static int +aclMatchTime(void * *dataptr, aclCheck_t * checklist) +{ + return aclMatchTimeSpec(*dataptr, squid_curtime); +} + #if SQUID_SNMP static int aclMatchWordList(wordlist * w, const char *word) @@ -1611,19 +1762,21 @@ { request_t *r = checklist->request; const ipcache_addrs *ia = NULL; +#if 0 const char *fqdn = NULL; char *esc_buf; const char *header; const char *browser; +#endif int k; http_hdr_type headertype; if (!ae) return 0; switch (ae->type) { // case ACL_DST_IP: - case ACL_DST_DOMAIN: - case ACL_DST_DOM_REGEX: - case ACL_URLPATH_REGEX: +// case ACL_DST_DOMAIN: +// case ACL_DST_DOM_REGEX: +// case ACL_URLPATH_REGEX: case ACL_URL_PORT: case ACL_PROTO: case ACL_METHOD: @@ -1645,6 +1798,16 @@ case ACL_SRC_IP: case ACL_MY_IP: case ACL_DST_IP: + case ACL_DST_DOMAIN: + case ACL_SRC_DOMAIN: + case ACL_DST_DOM_REGEX: + case ACL_SRC_DOM_REGEX: + case ACL_URLPATH_REGEX: + case ACL_URL_REGEX: + case ACL_BROWSER: + case ACL_REQ_MIME_TYPE: + case ACL_REP_MIME_TYPE: + case ACL_TIME: fatal("old code\n"); #if 0 return aclMatchIp(&ae->data, checklist->src_addr); @@ -1667,7 +1830,6 @@ return aclMatchIp(&ae->data, no_addr); } /* NOTREACHED */ -#endif case ACL_DST_DOMAIN: if ((ia = ipcacheCheckNumeric(r->host)) == NULL) return aclMatchDomainList(&ae->data, r->host); @@ -1737,6 +1899,7 @@ safe_free(esc_buf); return k; /* NOTREACHED */ +#endif case ACL_MAXCONN: k = clientdbEstablished(checklist->src_addr, 0); return ((k > ((intlist *) ae->data)->i) ? 1 : 0); @@ -1771,12 +1934,14 @@ case ACL_METHOD: return aclMatchInteger(ae->data, r->method); /* NOTREACHED */ +#if 0 case ACL_BROWSER: browser = httpHeaderGetStr(&checklist->request->header, HDR_USER_AGENT); if (NULL == browser) return 0; return aclMatchRegex(ae->data, browser); /* NOTREACHED */ +#endif case ACL_PROXY_AUTH: case ACL_PROXY_AUTH_REGEX: if (NULL == r) { @@ -1849,6 +2014,7 @@ case ACL_SRC_ARP: return aclMatchArp(&ae->data, checklist->src_addr); #endif +#if 0 case ACL_REQ_MIME_TYPE: header = httpHeaderGetStr(&checklist->request->header, HDR_CONTENT_TYPE); @@ -1864,6 +2030,7 @@ header = ""; return aclMatchRegex(ae->data, header); /* NOTREACHED */ +#endif case ACL_NONE: case ACL_ENUM_MAX: break; @@ -2162,8 +2329,9 @@ /*********************/ static void -aclDestroyTimeList(acl_time_data * data) +aclDestroyTimeSpecList(parserNameNode *parserName, void * dataptr) { + acl_time_data * data = dataptr; acl_time_data *next = NULL; for (; data; data = next) { next = data->next; @@ -2172,8 +2340,9 @@ } void -aclDestroyRegexList(relist * data) +aclDestroyRegexList(parserNameNode *parserName, void * dataptr) { + relist * data = dataptr; relist *next = NULL; for (; data; data = next) { next = data->next; @@ -2199,6 +2368,15 @@ } static void +aclDestroyDomainList(parserNameNode *parserName, void * data) +{ + acl ** head=(acl **)data; + acl *a=*head; + if (a) + splay_destroy(a->data, xfree); +} + +static void aclFreeUserData(void *data) { acl_user_data *d = data; @@ -2221,6 +2399,14 @@ case ACL_SRC_IP: case ACL_DST_IP: case ACL_MY_IP: + case ACL_SRC_DOM_REGEX: + case ACL_DST_DOM_REGEX: + case ACL_URL_REGEX: + case ACL_URLPATH_REGEX: + case ACL_BROWSER: + case ACL_REP_MIME_TYPE: + case ACL_REQ_MIME_TYPE: + case ACL_TIME: fatal("old code somewhere!\n"); #if 0 splay_destroy(a->data, aclFreeIpData); @@ -2231,7 +2417,10 @@ #endif case ACL_DST_DOMAIN: case ACL_SRC_DOMAIN: + fatal("old code somewhere!\n"); +#if 0 splay_destroy(a->data, xfree); +#endif break; #if SQUID_SNMP case ACL_SNMP_COMMUNITY: @@ -2246,21 +2435,16 @@ case ACL_PROXY_AUTH: aclFreeUserData(a->data); break; +#if 0 case ACL_TIME: aclDestroyTimeList(a->data); break; +#endif #if USE_IDENT case ACL_IDENT_REGEX: #endif case ACL_PROXY_AUTH_REGEX: - case ACL_URL_REGEX: - case ACL_URLPATH_REGEX: - case ACL_BROWSER: - case ACL_SRC_DOM_REGEX: - case ACL_DST_DOM_REGEX: - case ACL_REP_MIME_TYPE: - case ACL_REQ_MIME_TYPE: - aclDestroyRegexList(a->data); + aclDestroyRegexList(NULL, a->data); break; case ACL_PROTO: case ACL_METHOD: @@ -2580,13 +2764,23 @@ case ACL_SRC_IP: case ACL_DST_IP: case ACL_MY_IP: - fatal("old code in Dump\n"); #if 0 return aclDumpIpList(a->data); #endif case ACL_SRC_DOMAIN: case ACL_DST_DOMAIN: + case ACL_SRC_DOM_REGEX: + case ACL_DST_DOM_REGEX: + case ACL_URL_REGEX: + case ACL_URLPATH_REGEX: + case ACL_BROWSER: + case ACL_REQ_MIME_TYPE: + case ACL_REP_MIME_TYPE: + case ACL_TIME: + fatal("old code in Dump\n"); +#if 0 return aclDumpDomainList(a->data); +#endif #if SQUID_SNMP case ACL_SNMP_COMMUNITY: return wordlistDup(a->data); @@ -2599,16 +2793,7 @@ #endif case ACL_PROXY_AUTH: return aclDumpUserList(a->data); - case ACL_TIME: - return aclDumpTimeSpecList(a->data); case ACL_PROXY_AUTH_REGEX: - case ACL_URL_REGEX: - case ACL_URLPATH_REGEX: - case ACL_BROWSER: - case ACL_SRC_DOM_REGEX: - case ACL_DST_DOM_REGEX: - case ACL_REQ_MIME_TYPE: - case ACL_REP_MIME_TYPE: return aclDumpRegexList(a->data); case ACL_SRC_ASN: case ACL_MAXCONN: @@ -2656,6 +2841,75 @@ } } +static void +dump_DomainList(StoreEntry * entry, const char *name, void const * const data) +{ + acl * ae=*(acl * *)data; + wordlist *w; + wordlist *v; + while (ae != NULL) { + debug(3, 3) ("dump_DomainList: %s %s\n", name, ae->name); + v = w = aclDumpDomainList(ae->data); + while (v != NULL) { + debug(3, 3) ("dump_DomainList: %s %s %s\n", name, ae->name, v->key); + storeAppendPrintf(entry, "%s %s %s %s\n", + name, + ae->name, + aclTypeToStr(ae->type), + v->key); + v = v->next; + } + wordlistDestroy(&w); + ae = ae->next; + } +} + +static void +dump_RegexList(StoreEntry * entry, const char *name, void const * const data) +{ + acl * ae=*(acl * *)data; + wordlist *w; + wordlist *v; + while (ae != NULL) { + debug(3, 3) ("dump_RegexList: %s %s\n", name, ae->name); + v = w = aclDumpRegexList(ae->data); + while (v != NULL) { + debug(3, 3) ("dump_RegexList: %s %s %s\n", name, ae->name, v->key); + storeAppendPrintf(entry, "%s %s %s %s\n", + name, + ae->name, + aclTypeToStr(ae->type), + v->key); + v = v->next; + } + wordlistDestroy(&w); + ae = ae->next; + } +} + +static void +dump_TimeSpec(StoreEntry * entry, const char *name, void const * const data) +{ + acl * ae=*(acl * *)data; + wordlist *w; + wordlist *v; + while (ae != NULL) { + debug(3, 3) ("dump_TimeSpec: %s %s\n", name, ae->name); + v = w = aclDumpTimeSpecList(ae->data); + while (v != NULL) { + debug(3, 3) ("dump_TimeSpec: %s %s %s\n", name, ae->name, v->key); + storeAppendPrintf(entry, "%s %s %s %s\n", + name, + ae->name, + aclTypeToStr(ae->type), + v->key); + v = v->next; + } + wordlistDestroy(&w); + ae = ae->next; + } +} + /* * This function traverses all ACL elements referenced * by an access list (presumably 'http_access'). If @@ -3234,13 +3488,34 @@ aclParserRegister(void) { // This should be in the acl module init code. - acl_pool = memPoolCreate("acl", sizeof(acl)); + if (!acl_pool) + acl_pool = memPoolCreate("acl", sizeof(acl)); /* register the ACL types */ parserRegisterType("iplist", aclParseIpList, aclDestroyIpList, dump_IpList ); + parserRegisterType("domainlist", aclParseDomainList, aclDestroyDomainList, dump_DomainList); + parserRegisterType("regexlist", aclParseRegexList, aclDestroyRegexList, dump_RegexList); + parserRegisterType("timespec", aclParseTimeSpec, aclDestroyTimeSpecList, dump_TimeSpec); + + /* register the acl instance names */ aclRegisterAclName("src", parserTypeByName("iplist"), aclMatchSrc); aclRegisterAclName("dst", parserTypeByName("iplist"), aclMatchDst); aclRegisterAclName("myip", parserTypeByName("iplist"), aclMatchMyip); + + aclRegisterAclName("srcdomain", parserTypeByName("domainlist"), aclMatchSrcDomain); + aclRegisterAclName("dstdomain", parserTypeByName("domainlist"), aclMatchDstDomain); + aclRegisterAclName("domain", parserTypeByName("domainlist"), aclMatchDstDomain); + + aclRegisterAclName("dstdom_regex", parserTypeByName("regexlist"), aclMatchSrcDomain); + aclRegisterAclName("srcdom_regex", parserTypeByName("regexlist"), aclMatchSrcDomain); + aclRegisterAclName("pattern", parserTypeByName("regexlist"), aclMatchUrlPathRegex); + aclRegisterAclName("urlpath_regex", parserTypeByName("regexlist"), aclMatchUrlPathRegex); + aclRegisterAclName("url_regex", parserTypeByName("regexlist"), aclMatchUrlRegex); + aclRegisterAclName("browser", parserTypeByName("regexlist"), aclMatchBrowser); + aclRegisterAclName("req_mime_type", parserTypeByName("regexlist"), aclMatchRepMimeType); + aclRegisterAclName("rep_mime_type", parserTypeByName("regexlist"), aclMatchReqMimeType); + + aclRegisterAclName("time", parserTypeByName("timespec"), aclMatchTime); // aclParseIpList(&A->data);aclParseDomainList(&A->data);aclParseTimeSpec(&A->data); if (aclinstances) Index: squid/src/protos.h =================================================================== RCS file: /cvsroot/squid-sf//squid/src/protos.h,v retrieving revision 1.18.4.19 retrieving revision 1.18.4.20 diff -u -r1.18.4.19 -r1.18.4.20 --- squid/src/protos.h 23 Apr 2001 22:28:33 -0000 1.18.4.19 +++ squid/src/protos.h 25 Apr 2001 00:22:28 -0000 1.18.4.20 @@ -1,6 +1,6 @@ /* - * $Id: protos.h,v 1.18.4.19 2001/04/23 22:28:33 rbcollins Exp $ + * $Id: protos.h,v 1.18.4.20 2001/04/25 00:22:28 rbcollins Exp $ * * * SQUID Web Proxy Cache http://www.squid-cache.org/ @@ -63,9 +63,9 @@ extern err_type aclGetDenyInfoPage(acl_deny_info_list ** head, const char *name); extern void aclParseDenyInfoLine(struct _acl_deny_info_list **); extern void aclDestroyDenyInfoList(struct _acl_deny_info_list **); -extern void aclDestroyRegexList(struct _relist *data); +extern PARSER_FREE aclDestroyRegexList; extern int aclMatchRegex(relist * data, const char *word); -extern void aclParseRegexList(void *curlist); +extern PARSER_PARSE aclParseRegexList; extern const char *aclTypeToStr(squid_acl); extern wordlist *aclDumpGeneric(const acl *); extern int aclPurgeMethodInUse(acl_access *);