More RequestFlags getters/setters

diff --git a/src/RequestFlags.h b/src/RequestFlags.h
index b9675ba2a760cd28639908ec607b254db817e3af..027274c62b9ebefc8427dd8ba1ebe6221f0e21a9 100644 (file)
--- a/src/RequestFlags.h
+++ b/src/RequestFlags.h
@@ -41,7 +41,7 @@ public:
         fail_on_validation_err(0), stale_if_hit(0), accelerated(0),
         ignore_cc(0), intercepted(0), hostVerified(0), spoof_client_ip(0),
         internal(0), internalclient(0), must_keepalive(0), pinned(0),
-        canRePin(0), chunked_reply(0), stream_error(0), sslPeek(0),
+        canRePin(0), chunked_reply(0), stream_error(0), sslPeek_(false),
         done_follow_x_forwarded_for(!FOLLOW_X_FORWARDED_FOR),
         sslBumped_(false), destinationIPLookedUp_(false), resetTCP_(false),
         isRanged_(false) {
@@ -85,7 +85,6 @@ public:
     unsigned int no_direct :1; /* Deny direct forwarding unless overriden by always_direct. Used in accelerator mode */
     unsigned int chunked_reply :1; /**< Reply with chunked transfer encoding */
     unsigned int stream_error :1; /**< Whether stream error has occured */
-    unsigned int sslPeek :1; ///< internal ssl-bump request to get server cert
 
 #if FOLLOW_X_FORWARDED_FOR
     /* TODO: move from conditional definition to conditional setting */
@@ -117,11 +116,16 @@ public:
         /* do not allow clearing if FOLLOW_X_FORWARDED_FOR is unset */
         done_follow_x_forwarded_for = false || !FOLLOW_X_FORWARDED_FOR;
     }
+
+    bool sslPeek() const { return sslPeek_; }
+    void setSslPeek() { sslPeek_=true; }
+    void clearSslPeek() { sslPeek_=false; }
 private:
 
-    /* done_follow_x_forwarded_for set by default to the opposite of
+    bool sslPeek_ :1; ///< internal ssl-bump request to get server cert
+    /* done_follow_x_forwarded_for is set by default to the opposite of
      * compilation option FOLLOW_X_FORWARDED_FOR (so that it returns
-     * always "done" if the build option is disabled.
+     * always "done" if the build option is disabled).
      */
     bool done_follow_x_forwarded_for :1;
     bool sslBumped_ :1; /**< ssl-bumped request*/

diff --git a/src/client_side.cc b/src/client_side.cc
index f6514f14674ea96230c5774bbdd628515193741a..009c43d6ac3ba96a20711424c062e559271f8960 100644 (file)
--- a/src/client_side.cc
+++ b/src/client_side.cc
@@ -3913,7 +3913,7 @@ ConnStateData::switchToHttps(HttpRequest *request, Ssl::BumpMode bumpServerMode)
     // and now want to switch to SSL to send the error to the client
     // without even peeking at the origin server certificate.
     if (bumpServerMode == Ssl::bumpServerFirst && !sslServerBump) {
-        request->flags.sslPeek = 1;
+        request->flags.setSslPeek();
         sslServerBump = new Ssl::ServerBump(request);
 
         // will call httpsPeeked() with certificate and connection, eventually

diff --git a/src/forward.cc b/src/forward.cc
index 10f11b81e155b52af20d6af2f64120dc8b20735b..5934d6b751c717a25767abb7398bc6c49b986357 100644 (file)
--- a/src/forward.cc
+++ b/src/forward.cc
@@ -373,7 +373,7 @@ FwdState::startConnectionOrFail()
             fail(anErr);
         } // else use actual error from last connection attempt
 #if USE_SSL
-        if (request->flags.sslPeek && request->clientConnectionManager.valid()) {
+        if (request->flags.sslPeek() && request->clientConnectionManager.valid()) {
             errorAppendEntry(entry, err); // will free err
             err = NULL;
             CallJobHere1(17, 4, request->clientConnectionManager, ConnStateData,
@@ -715,7 +715,7 @@ FwdState::negotiateSSL(int fd)
             // a user-entered address (a host name or a user-entered IP).
             const bool isConnectRequest = !request->clientConnectionManager->port->spoof_client_ip &&
                                           !request->clientConnectionManager->port->intercepted;
-            if (request->flags.sslPeek && !isConnectRequest) {
+            if (request->flags.sslPeek() && !isConnectRequest) {
                 if (X509 *srvX509 = errDetails->peerCert()) {
                     if (const char *name = Ssl::CommonHostName(srvX509)) {
                         request->SetHost(name);
@@ -812,7 +812,7 @@ FwdState::initiateSSL()
         const bool hostnameIsIp = request->GetHostIsNumeric();
         const bool isConnectRequest = !request->clientConnectionManager->port->spoof_client_ip &&
                                       !request->clientConnectionManager->port->intercepted;
-        if (!request->flags.sslPeek || isConnectRequest)
+        if (!request->flags.sslPeek() || isConnectRequest)
             SSL_set_ex_data(ssl, ssl_ex_index_server, (void*)hostname);
 
         // Use SNI TLS extension only when we connect directly
@@ -889,7 +889,7 @@ FwdState::connectDone(const Comm::ConnectionPointer &conn, comm_err_t status, in
     if (!request->flags.pinned || rePin) {
         if ((serverConnection()->getPeer() && serverConnection()->getPeer()->use_ssl) ||
                 (!serverConnection()->getPeer() && request->protocol == AnyP::PROTO_HTTPS) ||
-                request->flags.sslPeek) {
+                request->flags.sslPeek()) {
             initiateSSL();
             return;
         }
@@ -1122,7 +1122,7 @@ FwdState::dispatch()
 #endif
 
 #if USE_SSL
-    if (request->flags.sslPeek) {
+    if (request->flags.sslPeek()) {
         CallJobHere1(17, 4, request->clientConnectionManager, ConnStateData,
                      ConnStateData::httpsPeeked, serverConnection());
         unregister(serverConn); // async call owns it now
@@ -1137,7 +1137,7 @@ FwdState::dispatch()
         request->peer_domain = serverConnection()->getPeer()->domain;
         httpStart(this);
     } else {
-        assert(!request->flags.sslPeek);
+        assert(!request->flags.sslPeek());
         request->peer_login = NULL;
         request->peer_domain = NULL;