]>
git.ipfire.org Git - thirdparty/squid.git/blob - src/AccessLogEntry.cc
2 #include "AccessLogEntry.h"
4 #include "HttpRequest.h"
5 #include "SquidConfig.h"
8 #include "ssl/support.h"
10 AccessLogEntry::SslDetails::SslDetails(): user(NULL
), bumpMode(::Ssl::bumpEnd
)
13 #endif /* USE_OPENSSL */
16 AccessLogEntry::getLogClientIp(char *buf
, size_t bufsz
) const
20 #if FOLLOW_X_FORWARDED_FOR
21 if (Config
.onoff
.log_uses_indirect_client
&& request
)
22 log_ip
= request
->indirect_client_addr
;
25 if (tcpClient
!= NULL
)
26 log_ip
= tcpClient
->remote
;
27 else if (cache
.caddr
.isNoAddr()) { // e.g., ICAP OPTIONS lack client
28 strncpy(buf
, "-", bufsz
);
33 // Apply so-called 'privacy masking' to IPv4 clients
34 // - localhost IP is always shown in full
35 // - IPv4 clients masked with client_netmask
36 // - IPv6 clients use 'privacy addressing' instead.
38 if (!log_ip
.isLocalhost() && log_ip
.isIPv4())
39 log_ip
.applyMask(Config
.Addrs
.client_netmask
);
41 log_ip
.toStr(buf
, bufsz
);
44 AccessLogEntry::~AccessLogEntry()
46 safe_free(headers
.request
);
49 safe_free(adapt
.last_meta
);
52 safe_free(headers
.reply
);
54 safe_free(headers
.adapted_request
);
55 HTTPMSGUNLOCK(adapted_request
);
58 HTTPMSGUNLOCK(request
);
60 HTTPMSGUNLOCK(icap
.reply
);
61 HTTPMSGUNLOCK(icap
.request
);
63 cbdataReferenceDone(cache
.port
);