HttpUpgradeProtocolAccess.h
Go to the documentation of this file.
1 /*
2  * Copyright (C) 1996-2023 The Squid Software Foundation and contributors
3  *
4  * Squid software is distributed under GPLv2+ license and includes
5  * contributions from numerous individuals and organizations.
6  * Please see the COPYING and CONTRIBUTORS files for details.
7  */
8 
9 #ifndef SQUID_SRC_HTTPUPGRADEPROTOCOLACCESS_H
10 #define SQUID_SRC_HTTPUPGRADEPROTOCOLACCESS_H
11 
12 #include "acl/forward.h"
13 #include "sbuf/SBuf.h"
14 
15 #include <deque>
16 #include <map>
17 
19 class ProtocolView
20 {
21 public:
22  ProtocolView(const char * const start, const size_t len);
23  explicit ProtocolView(const SBuf &proto);
24 
25  SBuf name;
26  SBuf version;
27 };
28 
29 std::ostream &operator <<(std::ostream &, const ProtocolView &);
30 
31 // HTTP is not explicit about case sensitivity of Upgrade protocol strings, but
32 // there are bug reports showing different case variants used for WebSocket. We
33 // conservatively preserve the received case and compare case-sensitively.
34 
37 inline bool
38 vAinB(const ProtocolView &a, const ProtocolView &b)
39 {
40  // Optimization: Do not assert(a.name == b.name).
41  return b.version.isEmpty() || (a.version == b.version);
42 }
43 
44 class ConfigParser;
45 
47 class HttpUpgradeProtocolAccess
48 {
49 public:
50  HttpUpgradeProtocolAccess() = default;
51  ~HttpUpgradeProtocolAccess();
52  HttpUpgradeProtocolAccess(HttpUpgradeProtocolAccess &&) = delete; // no copying of any kind
53 
55  const acl_access *findGuard(const SBuf &proto) const;
56 
58  void configureGuard(ConfigParser&);
59 
61  template <typename Visitor> inline void forEach(const Visitor &) const;
62 
65  template <typename Visitor> inline void forApplicable(const ProtocolView &, const Visitor &) const;
66 
67 private:
69  class NamedGuard
70  {
71  public:
72  NamedGuard(const char *rawProtocol, acl_access*);
73  NamedGuard(const NamedGuard &&) = delete; // no copying of any kind
74  ~NamedGuard();
75 
76  const SBuf protocol;
77  const ProtocolView proto;
78  acl_access *guard = nullptr;
79  };
80 
82  typedef std::deque<NamedGuard> NamedGuards;
83 
85  inline static const SBuf &ProtoOther();
86 
88  NamedGuards namedGuards;
89 
91  acl_access *other = nullptr;
92 };
93 
94 template <typename Visitor>
95 inline void
96 HttpUpgradeProtocolAccess::forEach(const Visitor &visitor) const
97 {
98  for (const auto &namedGuard: namedGuards)
99  visitor(namedGuard.protocol, namedGuard.guard);
100  if (other)
101  visitor(ProtoOther(), other);
102 }
103 
104 template <typename Visitor>
105 inline void
106 HttpUpgradeProtocolAccess::forApplicable(const ProtocolView &offer, const Visitor &visitor) const
107 {
108  auto seenApplicable = false;
109  for (const auto &namedGuard: namedGuards) {
110  if (offer.name != namedGuard.proto.name)
111  continue;
112  if (vAinB(offer, namedGuard.proto) && visitor(namedGuard.protocol, namedGuard.guard))
113  return;
114  seenApplicable = true; // may already be true
115  }
116  if (!seenApplicable && other) // OTHER is applicable if named rules were not
117  (void)visitor(ProtoOther(), other);
118 }
119 
120 inline const SBuf &
121 HttpUpgradeProtocolAccess::ProtoOther()
122 {
123  static const auto proto = new SBuf("OTHER");
124  return *proto;
125 }
126 
127 #endif /* SQUID_SRC_HTTPUPGRADEPROTOCOLACCESS_H */
128 
HttpUpgradeProtocolAccess::findGuard
const acl_access * findGuard(const SBuf &proto) const
ProtocolView::name
SBuf name
everything up to (but excluding) the first slash('/')
Definition: HttpUpgradeProtocolAccess.h:25
HttpUpgradeProtocolAccess::NamedGuard::guard
acl_access * guard
configured access rule; never nil
Definition: HttpUpgradeProtocolAccess.h:78
HttpUpgradeProtocolAccess::NamedGuards
std::deque< NamedGuard > NamedGuards
maps HTTP Upgrade protocol name/version to the ACLs guarding its usage
Definition: HttpUpgradeProtocolAccess.h:82
SBuf::isEmpty
bool isEmpty() const
Definition: SBuf.h:435
ProtocolView
a reference to a protocol name[/version] string; no 0-termination is assumed
Definition: HttpUpgradeProtocolAccess.h:19
SBuf
Definition: SBuf.h:93
HttpUpgradeProtocolAccess::other
acl_access * other
OTHER rules governing unnamed protocols.
Definition: HttpUpgradeProtocolAccess.h:91
HttpUpgradeProtocolAccess::NamedGuard::proto
const ProtocolView proto
optimization: compiled this->protocol
Definition: HttpUpgradeProtocolAccess.h:77
vAinB
bool vAinB(const ProtocolView &a, const ProtocolView &b)
Definition: HttpUpgradeProtocolAccess.h:38
HttpUpgradeProtocolAccess::namedGuards
NamedGuards namedGuards
rules governing upgrades to explicitly named protocols
Definition: HttpUpgradeProtocolAccess.h:88
HttpUpgradeProtocolAccess::NamedGuard::NamedGuard
NamedGuard(const char *rawProtocol, acl_access *)
Definition: HttpUpgradeProtocolAccess.cc:69
HttpUpgradeProtocolAccess::configureGuard
void configureGuard(ConfigParser &)
parses a single allow/deny rule
Definition: HttpUpgradeProtocolAccess.cc:48
HttpUpgradeProtocolAccess::forApplicable
void forApplicable(const ProtocolView &, const Visitor &) const
Definition: HttpUpgradeProtocolAccess.h:106
HttpUpgradeProtocolAccess::NamedGuard::protocol
const SBuf protocol
configured protocol name (and version)
Definition: HttpUpgradeProtocolAccess.h:76
operator<<
std::ostream & operator<<(std::ostream &, const ProtocolView &)
Definition: HttpUpgradeProtocolAccess.cc:32
HttpUpgradeProtocolAccess::NamedGuard
a single configured access rule for an explicitly named protocol
Definition: HttpUpgradeProtocolAccess.h:69
ProtocolView::ProtocolView
ProtocolView(const char *const start, const size_t len)
Definition: HttpUpgradeProtocolAccess.cc:20
HttpUpgradeProtocolAccess::HttpUpgradeProtocolAccess
HttpUpgradeProtocolAccess()=default
HttpUpgradeProtocolAccess
Allows or blocks HTTP Upgrade protocols (see http_upgrade_request_protocols)
Definition: HttpUpgradeProtocolAccess.h:47
HttpUpgradeProtocolAccess::forEach
void forEach(const Visitor &) const
iterates over all configured rules, calling the given visitor
Definition: HttpUpgradeProtocolAccess.h:96
HttpUpgradeProtocolAccess::ProtoOther
static const SBuf & ProtoOther()
pseudonym to specify rules for "all other protocols"
Definition: HttpUpgradeProtocolAccess.h:121
ProtocolView::version
SBuf version
everything after the name, including the slash('/')
Definition: HttpUpgradeProtocolAccess.h:26

 

Introduction

Documentation

Support

Miscellaneous