From: hno <> Date: Mon, 18 Oct 2004 18:05:37 +0000 (+0000) Subject: Bug #860: redirector_access does not handle "slow" acls X-Git-Tag: SQUID_3_0_PRE4~1017 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=14cc85594721725cd23d50b3b22fe159d529a610;p=thirdparty%2Fsquid.git Bug #860: redirector_access does not handle "slow" acls --- diff --git a/src/client_side_request.cc b/src/client_side_request.cc index 215aa4743f..4c9a6147df 100644 --- a/src/client_side_request.cc +++ b/src/client_side_request.cc @@ -1,6 +1,6 @@ /* - * $Id: client_side_request.cc,v 1.37 2004/08/30 03:28:58 robertc Exp $ + * $Id: client_side_request.cc,v 1.38 2004/10/18 12:05:37 hno Exp $ * * DEBUG: section 85 Client-side Request Routines * AUTHOR: Robert Collins (Originally Duane Wessels in client_side.c) @@ -112,6 +112,7 @@ static void clientAccessCheckDone(int, void *); static int clientCachable(clientHttpRequest * http); static int clientHierarchical(clientHttpRequest * http); static void clientInterpretRequestHeaders(clientHttpRequest * http); +static void clientRedirectStart(ClientRequestContext *context); static RH clientRedirectDone; extern "C" CSR clientGetMoreData; extern "C" CSS clientReplyStatus; @@ -395,7 +396,7 @@ clientAccessCheckDone(int answer, void *data) http->uri = xstrdup(urlCanonical(http->request)); assert(context->redirect_state == REDIRECT_NONE); context->redirect_state = REDIRECT_PENDING; - redirectStart(http, clientRedirectDone, context); + clientRedirectStart(context); } else { /* Send an error */ clientStreamNode *node = (clientStreamNode *)http->client_stream.tail->prev->data; @@ -445,6 +446,37 @@ clientAccessCheckDone(int answer, void *data) } } +static void +clientRedirectAccessCheckDone(int answer, void *data) +{ + ClientRequestContext *context = (ClientRequestContext *)data; + clientHttpRequest *http = context->http; + context->acl_checklist = NULL; + + if (answer == ACCESS_ALLOWED) + redirectStart(http, clientRedirectDone, context); + else + clientRedirectDone(context, NULL); +} + +static void +clientRedirectStart(ClientRequestContext *context) +{ + clientHttpRequest *http = context->http; + debug(33, 5) ("clientRedirectStart: '%s'\n", http->uri); + + if (Config.Program.redirect == NULL) { + clientRedirectDone(context, NULL); + return; + } + + if (Config.accessList.redirector) { + context->acl_checklist = clientAclChecklistCreate(Config.accessList.redirector, http); + context->acl_checklist->nonBlockingCheck(clientRedirectAccessCheckDone, context); + } else + redirectStart(http, clientRedirectDone, context); +} + static int clientCachable(clientHttpRequest * http) { diff --git a/src/redirect.cc b/src/redirect.cc index 63f197b332..0152d5c13d 100644 --- a/src/redirect.cc +++ b/src/redirect.cc @@ -1,6 +1,6 @@ /* - * $Id: redirect.cc,v 1.106 2004/08/30 03:28:59 robertc Exp $ + * $Id: redirect.cc,v 1.107 2004/10/18 12:05:37 hno Exp $ * * DEBUG: section 61 Redirector * AUTHOR: Duane Wessels @@ -114,33 +114,6 @@ redirectStart(clientHttpRequest * http, RH * handler, void *data) assert(handler); debug(61, 5) ("redirectStart: '%s'\n", http->uri); - if (Config.Program.redirect == NULL) { - handler(data, NULL); - return; - } - - if (Config.accessList.redirector) { - ACLChecklist ch; - - if (conn.getRaw() != NULL) { - ch.src_addr = conn->peer.sin_addr; - ch.my_addr = conn->me.sin_addr; - ch.my_port = ntohs(conn->me.sin_port); - } - - ch.request = requestLink(http->request); - ch.accessList = Config.accessList.redirector; - - if (!ch.fastCheck()) { - ch.accessList = NULL; - /* denied -- bypass redirector */ - handler(data, NULL); - return; - } - - ch.accessList = NULL; - } - if (Config.onoff.redirector_bypass && redirectors->stats.queue_size) { /* Skip redirector if there is one request queued */ n_bypassed++;