FilledChecklist.cc
Go to the documentation of this file.
1 /*
2  * Copyright (C) 1996-2019 The Squid Software Foundation and contributors
3  *
4  * Squid software is distributed under GPLv2+ license and includes
5  * contributions from numerous individuals and organizations.
6  * Please see the COPYING and CONTRIBUTORS files for details.
7  */
8 
9 #include "squid.h"
10 #include "acl/FilledChecklist.h"
11 #include "client_side.h"
12 #include "comm/Connection.h"
13 #include "comm/forward.h"
14 #include "ExternalACLEntry.h"
15 #include "http/Stream.h"
16 #include "HttpReply.h"
17 #include "HttpRequest.h"
18 #include "SquidConfig.h"
19 #if USE_AUTH
20 #include "auth/AclProxyAuth.h"
21 #include "auth/UserRequest.h"
22 #endif
23 
25 
27  dst_rdns(NULL),
28  request (NULL),
29  reply (NULL),
30 #if USE_AUTH
31  auth_user_request (NULL),
32 #endif
33 #if SQUID_SNMP
34  snmp_community(NULL),
35 #endif
36 #if USE_OPENSSL
37  sslErrors(NULL),
38 #endif
39  requestErrorType(ERR_MAX),
40  conn_(NULL),
41  fd_(-1),
42  destinationDomainChecked_(false),
43  sourceDomainChecked_(false)
44 {
45  my_addr.setEmpty();
48  rfc931[0] = '\0';
49 }
50 
52 {
54 
55  safe_free(dst_rdns); // created by xstrdup().
56 
58 
60 
62 
63 #if USE_OPENSSL
65 #endif
66 
67  debugs(28, 4, HERE << "ACLFilledChecklist destroyed " << this);
68 }
69 
70 static void
71 showDebugWarning(const char *msg)
72 {
73  static uint16_t count = 0;
74  if (count > 10)
75  return;
76 
77  ++count;
78  debugs(28, DBG_IMPORTANT, "ALE missing " << msg);
79 }
80 
81 void
83 {
84  // make sure the ALE fields used by Format::assemble to
85  // fill the old external_acl_type codes are set if any
86  // data on them exists in the Checklist
87 
88  if (!al->cache.port && conn()) {
89  showDebugWarning("listening port");
90  al->cache.port = conn()->port;
91  }
92 
93  if (request) {
94  if (!al->request) {
95  showDebugWarning("HttpRequest object");
96  // XXX: al->request should be original,
97  // but the request may be already adapted
98  al->request = request;
100  }
101 
102  if (!al->adapted_request) {
103  showDebugWarning("adapted HttpRequest object");
106  }
107 
108  if (al->url.isEmpty()) {
109  showDebugWarning("URL");
110  // XXX: al->url should be the request URL from client,
111  // but request->url may be different (e.g.,redirected)
113  }
114  }
115 
116  if (reply && !al->reply) {
117  showDebugWarning("HttpReply object");
118  al->reply = reply;
119  }
120 
121 #if USE_IDENT
122  if (*rfc931 && !al->cache.rfc931) {
123  showDebugWarning("IDENT");
125  }
126 #endif
127 }
128 
129 void
130 ACLFilledChecklist::syncAle(HttpRequest *adaptedRequest, const char *logUri) const
131 {
132  if (!al)
133  return;
134  if (adaptedRequest && !al->adapted_request) {
135  al->adapted_request = adaptedRequest;
137  }
138  if (logUri && al->url.isEmpty())
139  al->url = logUri;
140 }
141 
144 {
145  return cbdataReferenceValid(conn_) ? conn_ : nullptr;
146 }
147 
148 void
150 {
151  if (conn() == aConn)
152  return;
153  assert (conn() == NULL);
154  conn_ = cbdataReference(aConn);
155 }
156 
157 int
159 {
160  const auto c = conn();
161  return (c && c->clientConnection) ? c->clientConnection->fd : fd_;
162 }
163 
164 void
165 ACLFilledChecklist::fd(int aDescriptor)
166 {
167  const auto c = conn();
168  assert(!c || !c->clientConnection || c->clientConnection->fd == aDescriptor);
169  fd_ = aDescriptor;
170 }
171 
172 bool
174 {
176 }
177 
178 void
180 {
183 }
184 
185 bool
187 {
188  return sourceDomainChecked_;
189 }
190 
191 void
193 {
195  sourceDomainChecked_ = true;
196 }
197 
198 /*
199  * There are two common ACLFilledChecklist lifecycles paths:
200  *
201  * A) Using aclCheckFast(): The caller creates an ACLFilledChecklist object
202  * on stack and calls aclCheckFast().
203  *
204  * B) Using aclNBCheck() and callbacks: The caller allocates an
205  * ACLFilledChecklist object (via operator new) and passes it to
206  * aclNBCheck(). Control eventually passes to ACLChecklist::checkCallback(),
207  * which will invoke the callback function as requested by the
208  * original caller of aclNBCheck(). This callback function must
209  * *not* delete the list. After the callback function returns,
210  * checkCallback() will delete the list (i.e., self).
211  */
212 ACLFilledChecklist::ACLFilledChecklist(const acl_access *A, HttpRequest *http_request, const char *ident):
213  dst_rdns(NULL),
214  request(NULL),
215  reply(NULL),
216 #if USE_AUTH
218 #endif
219 #if SQUID_SNMP
221 #endif
222 #if USE_OPENSSL
223  sslErrors(NULL),
224 #endif
226  conn_(NULL),
227  fd_(-1),
230 {
231  my_addr.setEmpty();
232  src_addr.setEmpty();
233  dst_addr.setEmpty();
234  rfc931[0] = '\0';
235 
236  changeAcl(A);
237  setRequest(http_request);
238  setIdent(ident);
239 }
240 
242 {
243  assert(!request);
244  if (httpRequest) {
245  request = httpRequest;
247 #if FOLLOW_X_FORWARDED_FOR
250  else
251 #endif /* FOLLOW_X_FORWARDED_FOR */
254 
257  }
258 }
259 
260 void
262 {
263 #if USE_IDENT
264  assert(!rfc931[0]);
265  if (ident)
266  xstrncpy(rfc931, ident, USER_IDENT_SZ);
267 #endif
268 }
269 
#define assert(EX)
Definition: assert.h:17
Ip::Address my_addr
Definition: HttpRequest.h:155
#define cbdataReferenceDone(var)
Definition: cbdata.h:350
Ip::Address dst_addr
Ip::Address src_addr
struct _request * request(char *urlin)
Definition: tcp-banger2.c:291
#define xstrdup
#define safe_free(x)
Definition: xalloc.h:73
AccessLogEntry::Pointer al
info for the future access.log, and external ACL
void HTTPMSGLOCK(Http::Message *a)
Definition: Message.h:160
bool isEmpty() const
Definition: SBuf.h:420
bool destinationDomainChecked() const
bool finished() const
whether markFinished() was called
Definition: Checklist.h:149
CBDATA_CLASS_INIT(ACLFilledChecklist)
HttpRequest * adapted_request
bool asyncInProgress() const
async call has been started and has not finished (or failed) yet
Definition: Checklist.h:151
const SBuf & effectiveRequestUri() const
RFC 7230 section 5.5 - Effective Request URI.
Definition: HttpRequest.cc:705
#define debugs(SECTION, LEVEL, CONTENT)
Definition: Debug.h:128
#define cbdataReference(var)
Definition: cbdata.h:341
void setIdent(const char *userIdentity)
configure rfc931 user identity for the first time
#define DBG_IMPORTANT
Definition: Debug.h:46
Cbc * valid() const
was set and is valid
Definition: CbcPointer.h:41
ConnStateData * conn() const
The client connection manager.
#define USER_IDENT_SZ
Definition: defines.h:60
Ip::Address client_addr
Definition: HttpRequest.h:149
int fd() const
The client side fd. It uses conn() if available.
char * xstrncpy(char *dst, const char *src, size_t n)
Definition: xstring.cc:37
CbcPointer< ConnStateData > clientConnectionManager
Definition: HttpRequest.h:233
HttpRequest * request
void setEmpty()
Fast reset of the stored content to what would be after default constructor.
Definition: Address.cc:184
char rfc931[USER_IDENT_SZ]
static void showDebugWarning(const char *msg)
std::ostream & HERE(std::ostream &s)
Definition: Debug.h:157
class AccessLogEntry::CacheDetails cache
struct SquidConfig::@112 onoff
static uint32 A
Definition: md4.c:43
virtual void syncAle(HttpRequest *adaptedRequest, const char *logUri) const
assigns uninitialized adapted_request and url ALE components
HttpRequest * request
HttpReplyPointer reply
ConnStateData * conn_
Cbc * get() const
a temporary valid raw Cbc pointer or NULL
Definition: CbcPointer.h:162
int acl_uses_indirect_client
Definition: SquidConfig.h:329
const Acl::Tree * changeAcl(const Acl::Tree *t)
Definition: Checklist.h:176
void HTTPMSGUNLOCK(M *&a)
Definition: Message.h:149
AnyP::PortCfgPointer port
const Security::CertErrors * sslErrors
SSL [certificate validation] errors, in undefined order.
int cbdataReferenceValid(const void *p)
Definition: cbdata.cc:412
void setRequest(HttpRequest *)
configure client request-related fields for the first time
void markDestinationDomainChecked()
#define acl_access
Definition: forward.h:44
bool sourceDomainChecked() const
Ip::Address indirect_client_addr
Definition: HttpRequest.h:152
class SquidConfig Config
Definition: SquidConfig.cc:12
virtual void verifyAle() const
warns if there are uninitialized ALE components and fills them
#define NULL
Definition: types.h:166
Auth::UserRequest::Pointer auth_user_request
#define false
Definition: GnuRegex.c:233

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors