]>
Commit | Line | Data |
---|---|---|
bbc27441 | 1 | /* |
f6e9a3ee | 2 | * Copyright (C) 1996-2019 The Squid Software Foundation and contributors |
bbc27441 AJ |
3 | * |
4 | * Squid software is distributed under GPLv2+ license and includes | |
5 | * contributions from numerous individuals and organizations. | |
6 | * Please see the COPYING and CONTRIBUTORS files for details. | |
7 | */ | |
8 | ||
5d65362c | 9 | #include "squid.h" |
8693472e | 10 | |
8693472e CT |
11 | #include "acl/AtStep.h" |
12 | #include "acl/AtStepData.h" | |
4eac3407 | 13 | #include "acl/FilledChecklist.h" |
5d65362c | 14 | #include "client_side.h" |
d3dddfb5 | 15 | #include "http/Stream.h" |
090f1d3c | 16 | #if USE_OPENSSL |
5d65362c | 17 | #include "ssl/ServerBump.h" |
090f1d3c | 18 | #endif |
5d65362c CT |
19 | |
20 | int | |
090f1d3c | 21 | ACLAtStepStrategy::match(ACLData<XactionStep> * &data, ACLFilledChecklist *checklist) |
5d65362c | 22 | { |
090f1d3c CT |
23 | #if USE_OPENSSL |
24 | // We use step1 for all these very different cases: | |
25 | // - The transaction is not subject to ssl_bump rules (if any). | |
26 | // - No ssl_bump action has matched yet. | |
27 | // - The ssl_bump client-first action has already matched. | |
28 | // - Another ssl_bump action has already matched, but | |
29 | // ConnStateData::serverBump() has not been built yet. | |
30 | auto currentSslBumpStep = XactionStep::tlsBump1; | |
31 | ||
32 | if (const auto mgr = checklist->conn()) { | |
33 | if (const auto serverBump = mgr->serverBump()) | |
34 | currentSslBumpStep = serverBump->step; | |
35 | } | |
36 | ||
37 | if (data->match(currentSslBumpStep)) | |
38 | return 1; | |
39 | #endif // USE_OPENSSL | |
40 | ||
41 | if (data->match(XactionStep::generatingConnect)) { | |
42 | if (!checklist->request) | |
43 | return 0; // we have warned about the missing request earlier | |
44 | ||
45 | if (!checklist->request->masterXaction) { | |
46 | debugs(28, DBG_IMPORTANT, "BUG: at_step GeneratingCONNECT ACL is missing master transaction info. Assuming mismatch."); | |
47 | return 0; | |
48 | } | |
49 | ||
50 | return checklist->request->masterXaction->generatingConnect ? 1 : 0; | |
51 | } | |
52 | ||
5d65362c CT |
53 | return 0; |
54 | } | |
55 |