Backwards compatibility for 3.5 external_acl_type formats (#52)

* Fix missing Squid-3 external_acl_type format codes compatibility

The %<{...} and %>{...} may produce header, or header-element type codes.

* Fix incomplete compatibility for %EXT_TAG code

* Add config test for old external_acl_type format codes

diff --git a/src/external_acl.cc b/src/external_acl.cc
index a7c791b98e87e598cf01ad7a67b7cbf1aea70f50..25a4314b602342a883f50674576d6a1dc52e106d 100644 (file)
--- a/src/external_acl.cc
+++ b/src/external_acl.cc
@@ -301,7 +301,25 @@ parse_externalAclHelper(external_acl ** list)
             (*fmt)->data.header.header = (*fmt)->data.string;
         } else
 #endif
-        {
+        if (strncmp(token,"%<{", 3) == 0) {
+            SBuf tmp("%<h");
+            tmp.append(token+2);
+            debugs(82, DBG_PARSE_NOTE(DBG_IMPORTANT), "WARNING: external_acl_type format %<{...} is deprecated. Use " << tmp);
+            const size_t parsedLen = (*fmt)->parse(tmp.c_str(), &quote);
+            assert(parsedLen == tmp.length());
+            assert((*fmt)->type == Format::LFT_REPLY_HEADER ||
+                   (*fmt)->type == Format::LFT_REPLY_HEADER_ELEM);
+
+        } else if (strncmp(token,"%>{", 3) == 0) {
+            SBuf tmp("%>ha");
+            tmp.append(token+2);
+            debugs(82, DBG_PARSE_NOTE(DBG_IMPORTANT), "WARNING: external_acl_type format %>{...} is deprecated. Use " << tmp);
+            const size_t parsedLen = (*fmt)->parse(tmp.c_str(), &quote);
+            assert(parsedLen == tmp.length());
+            assert((*fmt)->type == Format::LFT_ADAPTED_REQUEST_HEADER ||
+                   (*fmt)->type == Format::LFT_ADAPTED_REQUEST_HEADER_ELEM);
+
+        } else {
             // we can use the Format::Token::parse() method since it
             // only pulls off one token. Since we already checked
             // for '%' prefix above this is guaranteed to be a token.

diff --git a/src/format/Token.cc b/src/format/Token.cc
index 656e8268af834b369a1c8a51af6f5fd96c052709..3ec474b5bd7845b984d6e122f8e8afee07824881 100644 (file)
--- a/src/format/Token.cc
+++ b/src/format/Token.cc
@@ -152,6 +152,7 @@ static TokenTableEntry TokenTableMisc[] = {
     TokenTableEntry("DATA", LFT_EXT_ACL_DATA),
     TokenTableEntry("DST", LFT_CLIENT_REQ_URLDOMAIN),
     TokenTableEntry("EXT_LOG", LFT_EXT_LOG),
+    TokenTableEntry("EXT_TAG", LFT_TAG),
     TokenTableEntry("EXT_USER", LFT_USER_EXTERNAL),
     TokenTableEntry("IDENT", LFT_USER_IDENT),
     TokenTableEntry("LOGIN", LFT_USER_LOGIN),

diff --git a/test-suite/squidconf/external_acl_type b/test-suite/squidconf/external_acl_type
new file mode 100644 (file)
index 0000000..b35b5c5
--- /dev/null
+++ b/test-suite/squidconf/external_acl_type
@@ -0,0 +1,46 @@
+## Copyright (C) 1996-2017 The Squid Software Foundation and contributors
+##
+## Squid software is distributed under GPLv2+ license and includes
+## contributions from numerous individuals and organizations.
+## Please see the COPYING and CONTRIBUTORS files for details.
+##
+
+# Check Backward Compatibility with Squid-3 formats
+external_acl_type foo \
+       %LOGIN \
+       %un \
+       %EXT_USER \
+       %EXT_LOG \
+       %EXT_TAG \
+       %IDENT \
+       %SRC \
+       %SRCPORT \
+       %URI \
+       %DST \
+       %PROTO \
+       %PORT \
+       %PATH \
+       %METHOD \
+       %MYADDR \
+       %MYPORT \
+       %PATH \
+       %>{Header} \
+       %>{Hdr:member} \
+       %>{Hdr:;member} \
+       %>{Hdr:Xmember} \
+       %<{Header} \
+       %<{Hdr:member} \
+       %<{Hdr:;member} \
+       %<{Hdr:Xmember} \
+       %ACL \
+       %DATA \
+       %%  /bin/true
+
+# TODO: enable when these are no longer requiring OpenSSL
+#      %USER_CERT
+#      %USER_CERTCHAIN
+#      %USER_CERT_xx
+#      %USER_CA_CERT_xx
+#      %ssl::>sni
+#      %ssl::<cert_subject
+#      %ssl::<cert_issuer