src/AccessLogEntry.cc

   1 /*
   2  * Copyright (C) 1996-2018 The Squid Software Foundation and contributors
   3  *
   4  * Squid software is distributed under GPLv2+ license and includes
   5  * contributions from numerous individuals and organizations.
   6  * Please see the COPYING and CONTRIBUTORS files for details.
   7  */
   8
   9 #include "squid.h"
  10 #include "AccessLogEntry.h"
  11 #include "HttpReply.h"
  12 #include "HttpRequest.h"
  13 #include "SquidConfig.h"
  14 #include "ssl/support.h"
  15
  16 void
  17 AccessLogEntry::getLogClientIp(char *buf, size_t bufsz) const
  18 {
  19     Ip::Address log_ip;
  20
  21 #if FOLLOW_X_FORWARDED_FOR
  22     if (Config.onoff.log_uses_indirect_client && request)
  23         log_ip = request->indirect_client_addr;
  24     else
  25 #endif
  26         if (tcpClient)
  27             log_ip = tcpClient->remote;
  28         else
  29             log_ip = cache.caddr;
  30
  31     // internally generated requests (and some ICAP) lack client IP
  32     if (log_ip.isNoAddr()) {
  33         strncpy(buf, "-", bufsz);
  34         return;
  35     }
  36
  37     // Apply so-called 'privacy masking' to IPv4 clients
  38     // - localhost IP is always shown in full
  39     // - IPv4 clients masked with client_netmask
  40     // - IPv6 clients use 'privacy addressing' instead.
  41
  42     if (!log_ip.isLocalhost() && log_ip.isIPv4())
  43         log_ip.applyMask(Config.Addrs.client_netmask);
  44
  45     log_ip.toStr(buf, bufsz);
  46 }
  47
  48 SBuf
  49 AccessLogEntry::getLogMethod() const
  50 {
  51     SBuf method;
  52     if (icp.opcode)
  53         method.append(icp_opcode_str[icp.opcode]);
  54     else if (htcp.opcode)
  55         method.append(htcp.opcode);
  56     else
  57         method = http.method.image();
  58     return method;
  59 }
  60
  61 void
  62 AccessLogEntry::syncNotes(HttpRequest *req)
  63 {
  64     // XXX: auth code only has access to HttpRequest being authenticated
  65     // so we must handle the case where HttpRequest is set without ALE being set.
  66     assert(req);
  67     if (!notes)
  68         notes = req->notes();
  69     else
  70         assert(notes == req->notes());
  71 }
  72
  73 const char *
  74 AccessLogEntry::getClientIdent() const
  75 {
  76     if (tcpClient)
  77         return tcpClient->rfc931;
  78
  79     if (cache.rfc931 && *cache.rfc931)
  80         return cache.rfc931;
  81
  82     return nullptr;
  83 }
  84
  85 const char *
  86 AccessLogEntry::getExtUser() const
  87 {
  88     if (request && request->extacl_user.size())
  89         return request->extacl_user.termedBuf();
  90
  91     if (cache.extuser && *cache.extuser)
  92         return cache.extuser;
  93
  94     return nullptr;
  95 }
  96
  97 AccessLogEntry::~AccessLogEntry()
  98 {
  99     safe_free(headers.request);
 100
 101 #if USE_ADAPTATION
 102     safe_free(adapt.last_meta);
 103 #endif
 104
 105     safe_free(headers.reply);
 106
 107     safe_free(headers.adapted_request);
 108     HTTPMSGUNLOCK(adapted_request);
 109
 110     safe_free(lastAclName);
 111
 112     HTTPMSGUNLOCK(reply);
 113     HTTPMSGUNLOCK(request);
 114 #if ICAP_CLIENT
 115     HTTPMSGUNLOCK(icap.reply);
 116     HTTPMSGUNLOCK(icap.request);
 117 #endif
 118 }
 119
 120 const SBuf *
 121 AccessLogEntry::effectiveVirginUrl() const
 122 {
 123     const SBuf *effectiveUrl = request ? &request->effectiveRequestUri() : &virginUrlForMissingRequest_;
 124     if (effectiveUrl && !effectiveUrl->isEmpty())
 125         return effectiveUrl;
 126     // We can not use ALE::url here because it may contain a request URI after
 127     // adaptation/redirection. When the request is missing, a non-empty ALE::url
 128     // means that we missed a setVirginUrlForMissingRequest() call somewhere.
 129     return nullptr;
 130 }
 131