FilledChecklist.cc
Go to the documentation of this file.
1 /*
2  * Copyright (C) 1996-2018 The Squid Software Foundation and contributors
3  *
4  * Squid software is distributed under GPLv2+ license and includes
5  * contributions from numerous individuals and organizations.
6  * Please see the COPYING and CONTRIBUTORS files for details.
7  */
8 
9 #include "squid.h"
10 #include "acl/FilledChecklist.h"
11 #include "client_side.h"
12 #include "comm/Connection.h"
13 #include "comm/forward.h"
14 #include "ExternalACLEntry.h"
15 #include "http/Stream.h"
16 #include "HttpReply.h"
17 #include "HttpRequest.h"
18 #include "SquidConfig.h"
19 #if USE_AUTH
20 #include "auth/AclProxyAuth.h"
21 #include "auth/UserRequest.h"
22 #endif
23 
25 
27  dst_rdns(NULL),
28  request (NULL),
29  reply (NULL),
30 #if USE_AUTH
31  auth_user_request (NULL),
32 #endif
33 #if SQUID_SNMP
34  snmp_community(NULL),
35 #endif
36 #if USE_OPENSSL
37  sslErrors(NULL),
38 #endif
39  requestErrorType(ERR_MAX),
40  conn_(NULL),
41  fd_(-1),
42  destinationDomainChecked_(false),
43  sourceDomainChecked_(false)
44 {
45  my_addr.setEmpty();
48  rfc931[0] = '\0';
49 }
50 
52 {
54 
55  safe_free(dst_rdns); // created by xstrdup().
56 
58 
60 
62 
63 #if USE_OPENSSL
65 #endif
66 
67  debugs(28, 4, HERE << "ACLFilledChecklist destroyed " << this);
68 }
69 
70 static void
71 showDebugWarning(const char *msg)
72 {
73  static uint16_t count = 0;
74  if (count > 10)
75  return;
76 
77  ++count;
78  debugs(28, DBG_IMPORTANT, "ALE missing " << msg);
79 }
80 
81 void
83 {
84  // make sure the ALE fields used by Format::assemble to
85  // fill the old external_acl_type codes are set if any
86  // data on them exists in the Checklist
87 
88  if (!al->cache.port && conn()) {
89  showDebugWarning("listening port");
90  al->cache.port = conn()->port;
91  }
92 
93  if (request) {
94  if (!al->request) {
95  showDebugWarning("HttpRequest object");
96  // XXX: al->request should be original,
97  // but the request may be already adapted
98  al->request = request;
100  }
101 
102  if (!al->adapted_request) {
103  showDebugWarning("adapted HttpRequest object");
106  }
107 
108  if (al->url.isEmpty()) {
109  showDebugWarning("URL");
110  // XXX: al->url should be the request URL from client,
111  // but request->url may be different (e.g.,redirected)
112  al->url = request->url.absolute();
113  }
114  }
115 
116  if (reply && !al->reply) {
117  showDebugWarning("HttpReply object");
118  al->reply = reply;
119  HTTPMSGLOCK(al->reply);
120  }
121 
122 #if USE_IDENT
123  if (*rfc931 && !al->cache.rfc931) {
124  showDebugWarning("IDENT");
126  }
127 #endif
128 }
129 
130 void
131 ACLFilledChecklist::syncAle(HttpRequest *adaptedRequest, const char *logUri) const
132 {
133  if (!al)
134  return;
135  if (adaptedRequest && !al->adapted_request) {
136  al->adapted_request = adaptedRequest;
138  }
139  if (logUri && al->url.isEmpty())
140  al->url = logUri;
141 }
142 
145 {
146  return cbdataReferenceValid(conn_) ? conn_ : nullptr;
147 }
148 
149 void
151 {
152  if (conn() == aConn)
153  return;
154  assert (conn() == NULL);
155  conn_ = cbdataReference(aConn);
156 }
157 
158 int
160 {
161  const auto c = conn();
162  return (c && c->clientConnection) ? c->clientConnection->fd : fd_;
163 }
164 
165 void
166 ACLFilledChecklist::fd(int aDescriptor)
167 {
168  const auto c = conn();
169  assert(!c || !c->clientConnection || c->clientConnection->fd == aDescriptor);
170  fd_ = aDescriptor;
171 }
172 
173 bool
175 {
177 }
178 
179 void
181 {
184 }
185 
186 bool
188 {
189  return sourceDomainChecked_;
190 }
191 
192 void
194 {
196  sourceDomainChecked_ = true;
197 }
198 
199 /*
200  * There are two common ACLFilledChecklist lifecycles paths:
201  *
202  * A) Using aclCheckFast(): The caller creates an ACLFilledChecklist object
203  * on stack and calls aclCheckFast().
204  *
205  * B) Using aclNBCheck() and callbacks: The caller allocates an
206  * ACLFilledChecklist object (via operator new) and passes it to
207  * aclNBCheck(). Control eventually passes to ACLChecklist::checkCallback(),
208  * which will invoke the callback function as requested by the
209  * original caller of aclNBCheck(). This callback function must
210  * *not* delete the list. After the callback function returns,
211  * checkCallback() will delete the list (i.e., self).
212  */
213 ACLFilledChecklist::ACLFilledChecklist(const acl_access *A, HttpRequest *http_request, const char *ident):
214  dst_rdns(NULL),
215  request(NULL),
216  reply(NULL),
217 #if USE_AUTH
218  auth_user_request(NULL),
219 #endif
220 #if SQUID_SNMP
221  snmp_community(NULL),
222 #endif
223 #if USE_OPENSSL
224  sslErrors(NULL),
225 #endif
226  requestErrorType(ERR_MAX),
227  conn_(NULL),
228  fd_(-1),
229  destinationDomainChecked_(false),
230  sourceDomainChecked_(false)
231 {
232  my_addr.setEmpty();
233  src_addr.setEmpty();
234  dst_addr.setEmpty();
235  rfc931[0] = '\0';
236 
237  changeAcl(A);
238  setRequest(http_request);
239  setIdent(ident);
240 }
241 
243 {
244  assert(!request);
245  if (httpRequest) {
246  request = httpRequest;
248 #if FOLLOW_X_FORWARDED_FOR
251  else
252 #endif /* FOLLOW_X_FORWARDED_FOR */
255 
258  }
259 }
260 
261 void
263 {
264 #if USE_IDENT
265  assert(!rfc931[0]);
266  if (ident)
267  xstrncpy(rfc931, ident, USER_IDENT_SZ);
268 #endif
269 }
270 
bool asyncInProgress() const
async call has been started and has not finished (or failed) yet
Definition: Checklist.h:151
#define assert(EX)
Definition: assert.h:17
Ip::Address my_addr
Definition: HttpRequest.h:147
bool sourceDomainChecked() const
#define cbdataReferenceDone(var)
Definition: cbdata.h:350
Ip::Address dst_addr
Ip::Address src_addr
struct _request * request(char *urlin)
Definition: tcp-banger2.c:291
#define xstrdup
#define safe_free(x)
Definition: xalloc.h:73
AccessLogEntry::Pointer al
info for the future access.log, and external ACL
void HTTPMSGLOCK(Http::Message *a)
Definition: Message.h:157
bool isEmpty() const
Definition: SBuf.h:420
ConnStateData * conn() const
The client connection manager.
bool destinationDomainChecked() const
HttpRequest * adapted_request
#define debugs(SECTION, LEVEL, CONTENT)
Definition: Debug.h:124
#define cbdataReference(var)
Definition: cbdata.h:341
void setIdent(const char *userIdentity)
configure rfc931 user identity for the first time
HttpReply * reply
#define DBG_IMPORTANT
Definition: Debug.h:46
#define USER_IDENT_SZ
Definition: defines.h:60
Ip::Address client_addr
Definition: HttpRequest.h:141
Cbc * valid() const
was set and is valid
Definition: CbcPointer.h:41
int fd() const
The client side fd. It uses conn() if available.
AnyP::Uri url
the request URI
Definition: HttpRequest.h:107
char * xstrncpy(char *dst, const char *src, size_t n)
Definition: xstring.cc:37
CbcPointer< ConnStateData > clientConnectionManager
Definition: HttpRequest.h:222
HttpRequest * request
void setEmpty()
Fast reset of the stored content to what would be after default constructor.
Definition: Address.cc:177
SBuf & absolute() const
Definition: Uri.cc:488
char rfc931[USER_IDENT_SZ]
static void showDebugWarning(const char *msg)
std::ostream & HERE(std::ostream &s)
Definition: Debug.h:153
class AccessLogEntry::CacheDetails cache
struct SquidConfig::@112 onoff
static uint32 A
Definition: md4.c:43
HttpRequest * request
ConnStateData * conn_
int acl_uses_indirect_client
Definition: SquidConfig.h:329
const Acl::Tree * changeAcl(const Acl::Tree *t)
Definition: Checklist.h:176
virtual void verifyAle() const
warns if there are uninitialized ALE components and fills them
AnyP::PortCfgPointer port
#define CBDATA_CLASS_INIT(type)
Definition: cbdata.h:318
const Security::CertErrors * sslErrors
SSL [certificate validation] errors, in undefined order.
int cbdataReferenceValid(const void *p)
Definition: cbdata.cc:412
void setRequest(HttpRequest *)
configure client request-related fields for the first time
void markDestinationDomainChecked()
#define acl_access
Definition: forward.h:44
Ip::Address indirect_client_addr
Definition: HttpRequest.h:144
class SquidConfig Config
Definition: SquidConfig.cc:12
#define NULL
Definition: types.h:166
Cbc * get() const
a temporary valid raw Cbc pointer or NULL
Definition: CbcPointer.h:162
void HTTPMSGUNLOCK(Http::Message *a)
Definition: Message.h:147
#define false
Definition: GnuRegex.c:233
virtual void syncAle(HttpRequest *adaptedRequest, const char *logUri) const
assigns uninitialized adapted_request and url ALE components
bool finished() const
whether markFinished() was called
Definition: Checklist.h:149

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors