### Eclipse Workspace Patch 1.0 #P squid2-HEAD Index: src/forward.c =================================================================== RCS file: /squid/squid/src/forward.c,v retrieving revision 1.138 diff -u -r1.138 forward.c --- src/forward.c 6 May 2009 05:25:45 -0000 1.138 +++ src/forward.c 6 Aug 2009 19:02:12 -0000 @@ -21,12 +21,12 @@ * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. - * + * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. - * + * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. @@ -55,6 +55,7 @@ static int fwdCheckRetry(FwdState * fwdState); static int fwdReforward(FwdState *); static void fwdRestart(void *); +static void fwdContinue(int answer, void *); static void fwdStartFail(FwdState *); static void fwdLogReplyStatus(int tries, http_status status); static OBJH fwdStats; @@ -383,7 +384,7 @@ err->xerrno = ETIMEDOUT; fwdFail(fwdState, err); /* - * This marks the peer DOWN ... + * This marks the peer DOWN ... */ if (fwdState->servers) if (fwdState->servers->peer) @@ -910,27 +911,44 @@ fwdStart(int fd, StoreEntry * e, request_t * r) { FwdState *fwdState; - int answer; - ErrorState *err; + fwdState = cbdataAlloc(FwdState); + aclCheck_t *ch; + fwdState->client_fd = fd; + fwdState->entry = e; + fwdState->request = requestLink(r); /* * client_addr == no_addr indicates this is an "internal" request * from peer_digest.c, asn.c, netdb.c, etc and should always * be allowed. yuck, I know. */ if (r->client_addr.s_addr != no_addr.s_addr && r->protocol != PROTO_INTERNAL && r->protocol != PROTO_CACHEOBJ) { - /* + /* * Check if this host is allowed to fetch MISSES from us (miss_access) */ - answer = aclCheckFastRequest(Config.accessList.miss, r); - if (answer == 0) { - err_type page_id; - page_id = aclGetDenyInfoPage(&Config.denyInfoList, AclMatchedName, 1); - if (page_id == ERR_NONE) - page_id = ERR_FORWARDING_DENIED; - err = errorCon(page_id, HTTP_FORBIDDEN, r); - errorAppendEntry(e, err); - return; - } + ch = aclChecklistCreate(Config.accessList.miss, r, NULL); + aclNBCheck(ch, fwdContinue, fwdState); + } else { + fwdContinue(1, fwdState); + } +} + +/* Continue forward processing, after ACL checks */ +void +fwdContinue(int answer, void *data) { + FwdState *fwdState = data; + int fd = fwdState->client_fd; + request_t *r = fwdState->request; + StoreEntry *e = fwdState->entry; + ErrorState *err; + if (answer == 0) { + cbdataFree(fwdState); + err_type page_id; + page_id = aclGetDenyInfoPage(&Config.denyInfoList, AclMatchedName, 1); + if (page_id == ERR_NONE) + page_id = ERR_FORWARDING_DENIED; + err = errorCon(page_id, HTTP_FORBIDDEN, r); + errorAppendEntry(e, err); + return; } debug(17, 3) ("fwdStart: '%s'\n", storeUrl(e)); if (!e->mem_obj->request) @@ -942,6 +960,7 @@ /* more yuck */ err = errorCon(ERR_SHUTTING_DOWN, HTTP_GATEWAY_TIMEOUT, r); errorAppendEntry(e, err); + cbdataFree(fwdState); return; } switch (r->protocol) { @@ -949,22 +968,21 @@ * Note, don't create fwdState for these requests */ case PROTO_INTERNAL: + cbdataFree(fwdState); internalStart(r, e); return; case PROTO_CACHEOBJ: + cbdataFree(fwdState); cachemgrStart(fd, r, e); return; case PROTO_URN: + cbdataFree(fwdState); urnStart(r, e); return; default: break; } - fwdState = cbdataAlloc(FwdState); - fwdState->entry = e; - fwdState->client_fd = fd; fwdState->server_fd = -1; - fwdState->request = requestLink(r); fwdState->start = squid_curtime; fwdState->orig_entry_flags = e->flags;