Backed out the patch for Bug #860: redirector_access does not handle slow

acls such as dst or external correctly.

This patch is apparently broken in Squid-3

diff --git a/src/client_side_request.cc b/src/client_side_request.cc
index 7aeb21902650c5975295d9ff4ad1c3d6ce1a903b..e3580bb80146624dd880bce03198bffde58c8e5f 100644 (file)
--- a/src/client_side_request.cc
+++ b/src/client_side_request.cc
@@ -1,6 +1,6 @@
 
 /*
- * $Id: client_side_request.cc,v 1.35 2004/04/03 15:00:12 hno Exp $
+ * $Id: client_side_request.cc,v 1.36 2004/04/07 08:51:31 hno Exp $
  * 
  * DEBUG: section 85    Client-side Request Routines
  * AUTHOR: Robert Collins (Originally Duane Wessels in client_side.c)
@@ -112,7 +112,6 @@ static void clientAccessCheckDone(int, void *);
 static int clientCachable(clientHttpRequest * http);
 static int clientHierarchical(clientHttpRequest * http);
 static void clientInterpretRequestHeaders(clientHttpRequest * http);
-static void clientRedirectStart(clientHttpRequest *http);
 static RH clientRedirectDone;
 extern "C" CSR clientGetMoreData;
 extern "C" CSS clientReplyStatus;
@@ -394,7 +393,7 @@ clientAccessCheckDone(int answer, void *data)
         http->uri = xstrdup(urlCanonical(http->request));
         assert(context->redirect_state == REDIRECT_NONE);
         context->redirect_state = REDIRECT_PENDING;
-        clientRedirectStart(http);
+        redirectStart(http, clientRedirectDone, context);
     } else {
         /* Send an error */
         clientStreamNode *node = (clientStreamNode *)http->client_stream.tail->prev->data;
@@ -444,39 +443,6 @@ clientAccessCheckDone(int answer, void *data)
     }
 }
 
-static void
-clientRedirectAccessCheckDone(int answer, void *data)
-{
-    clientHttpRequest *http = (clientHttpRequest *)data;
-    ClientRequestContext *context  = (ClientRequestContext *)http;
-
-    context->acl_checklist = NULL;
-
-    if (answer == ACCESS_ALLOWED)
-        redirectStart(http, clientRedirectDone, data);
-    else
-        clientRedirectDone(context, NULL);
-}
-
-static void
-clientRedirectStart(clientHttpRequest *http)
-{
-    ClientRequestContext *context  = (ClientRequestContext *)http;
-    debug(33, 5) ("clientRedirectStart: '%s'\n", http->uri);
-
-    if (Config.Program.redirect == NULL) {
-        clientRedirectDone(http, NULL);
-        return;
-    }
-
-    if (Config.accessList.redirector) {
-        context->acl_checklist = clientAclChecklistCreate(Config.accessList.redirector, http);
-        context->acl_checklist->nonBlockingCheck(clientRedirectAccessCheckDone, context);
-    } else {
-        redirectStart(http, clientRedirectDone, http);
-    }
-}
-
 static int
 clientCachable(clientHttpRequest * http)
 {

diff --git a/src/redirect.cc b/src/redirect.cc
index b1d094b023276f27abb17c0388dd1ccaaa9694cb..a52a859b9d106b349f97d74b3bb497374d5097dd 100644 (file)
--- a/src/redirect.cc
+++ b/src/redirect.cc
@@ -1,6 +1,6 @@
 
 /*
- * $Id: redirect.cc,v 1.104 2004/04/03 15:00:12 hno Exp $
+ * $Id: redirect.cc,v 1.105 2004/04/07 08:51:31 hno Exp $
  *
  * DEBUG: section 61    Redirector
  * AUTHOR: Duane Wessels
@@ -114,6 +114,33 @@ redirectStart(clientHttpRequest * http, RH * handler, void *data)
     assert(handler);
     debug(61, 5) ("redirectStart: '%s'\n", http->uri);
 
+    if (Config.Program.redirect == NULL) {
+        handler(data, NULL);
+        return;
+    }
+
+    if (Config.accessList.redirector) {
+        ACLChecklist ch;
+
+        if (conn.getRaw() != NULL) {
+            ch.src_addr = conn->peer.sin_addr;
+            ch.my_addr = conn->me.sin_addr;
+            ch.my_port = ntohs(conn->me.sin_port);
+        }
+
+        ch.request = requestLink(http->request);
+        ch.accessList = Config.accessList.redirector;
+
+        if (!ch.fastCheck()) {
+            ch.accessList = NULL;
+            /* denied -- bypass redirector */
+            handler(data, NULL);
+            return;
+        }
+
+        ch.accessList = NULL;
+    }
+
     if (Config.onoff.redirector_bypass && redirectors->stats.queue_size) {
         /* Skip redirector if there is one request queued */
         n_bypassed++;