From: Amos Jeffries Date: Mon, 20 Jun 2011 08:51:32 +0000 (+1200) Subject: Bug 3239: Rename myip/myport as localip/localport X-Git-Tag: take08~55^2~115 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1e40905d2032422270e17d706d86d0eb1d26172f;p=thirdparty%2Fsquid.git Bug 3239: Rename myip/myport as localip/localport There is no actual logic change to this patch. * Document what the myip/myport actually match and use the clearer names of localip / localport. * Cleanly upgrade the ACL types when old versions are seen. * Rename all relevant code symbols to match the new names. --- diff --git a/doc/release-notes/release-3.2.sgml b/doc/release-notes/release-3.2.sgml index 8349149af9..0d67a12728 100644 --- a/doc/release-notes/release-3.2.sgml +++ b/doc/release-notes/release-3.2.sgml @@ -448,8 +448,13 @@ This section gives a thorough account of those changes in three categories:

New format referrer to log with the format prevously used by referer_log directive.

New format useragent to log with the format prevously used by useragent_log directive. - acl random + acl : random, localip, localport

New type random. Pseudo-randomly match requests based on a configured probability. +

Renamed myip to localip. It matches the IP which the client connected to. +

Renamed myport to localport. It matches the port which the client connected to. +

The localip/localport differ from earlier releases where they matched a mix of + of an invalid IP and port 0, the client destination IP/port or the Squid listening IP/port. + This definition is now consistent across all modes of traffic received by Squid. auth_param

New options for Basic, Digest, NTLM, Negotiate children settings. diff --git a/src/AclRegs.cc b/src/AclRegs.cc index 3f4a00789b..8301dfd56f 100644 --- a/src/AclRegs.cc +++ b/src/AclRegs.cc @@ -31,11 +31,11 @@ #include "acl/HttpStatus.h" #include "acl/IntRange.h" #include "acl/Ip.h" +#include "acl/LocalIp.h" +#include "acl/LocalPort.h" #include "acl/MaxConnection.h" #include "acl/MethodData.h" #include "acl/Method.h" -#include "acl/MyIp.h" -#include "acl/MyPort.h" #include "acl/MyPortName.h" #include "acl/PeerName.h" #include "acl/ProtocolData.h" @@ -101,10 +101,10 @@ ACL::Prototype ACLMaxConnection::RegistryProtoype(&ACLMaxConnection::RegistryEnt ACLMaxConnection ACLMaxConnection::RegistryEntry_("maxconn"); ACL::Prototype ACLMethod::RegistryProtoype(&ACLMethod::RegistryEntry_, "method"); ACLStrategised ACLMethod::RegistryEntry_(new ACLMethodData, ACLMethodStrategy::Instance(), "method"); -ACL::Prototype ACLMyIP::RegistryProtoype(&ACLMyIP::RegistryEntry_, "myip"); -ACLMyIP ACLMyIP::RegistryEntry_; -ACL::Prototype ACLMyPort::RegistryProtoype(&ACLMyPort::RegistryEntry_, "myport"); -ACLStrategised ACLMyPort::RegistryEntry_(new ACLIntRange, ACLMyPortStrategy::Instance(), "myport"); +ACL::Prototype ACLLocatIP::RegistryProtoype(&ACLLocalIP::RegistryEntry_, "localip"); +ACLLocalIP ACLLocalIP::RegistryEntry_; +ACL::Prototype ACLLocalPort::RegistryProtoype(&ACLLocalPort::RegistryEntry_, "localport"); +ACLStrategised ACLLocalPort::RegistryEntry_(new ACLIntRange, ACLLocalPortStrategy::Instance(), "localport"); ACL::Prototype ACLMyPortName::RegistryProtoype(&ACLMyPortName::RegistryEntry_, "myportname"); ACLStrategised ACLMyPortName::RegistryEntry_(new ACLStringData, ACLMyPortNameStrategy::Instance(), "myportname"); ACL::Prototype ACLPeerName::RegistryProtoype(&ACLPeerName::RegistryEntry_, "peername"); diff --git a/src/acl/Acl.cc b/src/acl/Acl.cc index 316fdbc6bc..799377668e 100644 --- a/src/acl/Acl.cc +++ b/src/acl/Acl.cc @@ -121,12 +121,6 @@ ACL::ParseAclLine(ConfigParser &parser, ACL ** head) return; } - if (!Prototype::Registered (theType)) { - debugs(28, 0, "aclParseAclLine: Invalid ACL type '" << theType << "'"); - parser.destruct(); - return; - } - // Is this ACL going to work? if (strcmp(theType, "myip") != 0) { http_port_list *p = Config.Sockaddr.http; @@ -136,6 +130,8 @@ ACL::ParseAclLine(ConfigParser &parser, ACL ** head) debugs(28, DBG_CRITICAL, "WARNING: 'myip' ACL is not reliable for interception proxies. Please use 'myportname' instead."); p = p->next; } + debugs(28, DBG_WARNING, "UPGRADE: ACL 'myip' type is has been renamed to 'localip' and matches the IP the client connected to."); + theType = "localip"; } else if (strcmp(theType, "myport") != 0) { http_port_list *p = Config.Sockaddr.http; while (p) { @@ -145,6 +141,15 @@ ACL::ParseAclLine(ConfigParser &parser, ACL ** head) debugs(28, DBG_CRITICAL, "WARNING: 'myport' ACL is not reliable for interception proxies. Please use 'myportname' instead."); p = p->next; } + theType = "localport"; + debugs(28, DBG_WARNING, "UPGRADE: ACL 'myport' type is has been renamed to 'localport' and matches the port the client connected to."); + } + + if (!Prototype::Registered(theType)) { + debugs(28, DBG_CRITICAL, "FATAL: Invalid ACL type '" << theType << "'"); + // XXX: make this an ERROR and skip the ACL creation. We *may* die later when its use is attempted. Or may not. + parser.destruct(); + return; } if ((A = FindByName(aclname)) == NULL) { diff --git a/src/acl/MyIp.cc b/src/acl/LocalIp.cc similarity index 90% rename from src/acl/MyIp.cc rename to src/acl/LocalIp.cc index a94c636265..bc5bcfd0e7 100644 --- a/src/acl/MyIp.cc +++ b/src/acl/LocalIp.cc @@ -34,17 +34,17 @@ */ #include "squid.h" -#include "acl/MyIp.h" +#include "acl/LocalIp.h" #include "acl/FilledChecklist.h" char const * -ACLMyIP::typeString() const +ACLLocalIP::typeString() const { - return "myip"; + return "localip"; } int -ACLMyIP::match(ACLChecklist *checklist) +ACLLocalIP::match(ACLChecklist *checklist) { return ACLIP::match (Filled(checklist)->my_addr); } @@ -53,7 +53,7 @@ ACLMyIP::match(ACLChecklist *checklist) ACL * -ACLMyIP::clone() const +ACLLocalIP::clone() const { - return new ACLMyIP(*this); + return new ACLocalIP(*this); } diff --git a/src/acl/MyIp.h b/src/acl/LocalIp.h similarity index 86% rename from src/acl/MyIp.h rename to src/acl/LocalIp.h index b704eebb97..158c81fdca 100644 --- a/src/acl/MyIp.h +++ b/src/acl/LocalIp.h @@ -32,18 +32,18 @@ * Copyright (c) 2003, Robert Collins */ -#ifndef SQUID_ACLMYIP_H -#define SQUID_ACLMYIP_H +#ifndef SQUID_ACLLOCALIP_H +#define SQUID_ACLLOCALIP_H #include "acl/Ip.h" /// \ingroup ACLAPI -class ACLMyIP : public ACLIP +class ACLLocalIP : public ACLIP { public: - MEMPROXY_CLASS(ACLMyIP); - static ACLMyIP const &RegistryEntry(); + MEMPROXY_CLASS(ACLLocalIP); + static ACLLocalIP const &RegistryEntry(); virtual char const *typeString() const; virtual int match(ACLChecklist *checklist); @@ -51,9 +51,9 @@ public: private: static Prototype RegistryProtoype; - static ACLMyIP RegistryEntry_; + static ACLLocalIP RegistryEntry_; }; -MEMPROXY_CLASS_INLINE(ACLMyIP); +MEMPROXY_CLASS_INLINE(ACLLocalIP); -#endif /* SQUID_ACLMYIP_H */ +#endif /* SQUID_ACLLOCALIP_H */ diff --git a/src/acl/MyPort.cc b/src/acl/LocalPort.cc similarity index 87% rename from src/acl/MyPort.cc rename to src/acl/LocalPort.cc index 10be8d0b4c..bf640cd9e0 100644 --- a/src/acl/MyPort.cc +++ b/src/acl/LocalPort.cc @@ -34,20 +34,20 @@ */ #include "squid.h" -#include "acl/MyPort.h" +#include "acl/LocalPort.h" #include "acl/IntRange.h" #include "acl/Checklist.h" int -ACLMyPortStrategy::match (ACLData * &data, ACLFilledChecklist *checklist) +ACLLocalPortStrategy::match (ACLData * &data, ACLFilledChecklist *checklist) { return data->match (checklist->my_addr.GetPort()); } -ACLMyPortStrategy * -ACLMyPortStrategy::Instance() +ACLLocalPortStrategy * +ACLLocalPortStrategy::Instance() { return &Instance_; } -ACLMyPortStrategy ACLMyPortStrategy::Instance_; +ACLLocalPortStrategy ACLLocalPortStrategy::Instance_; diff --git a/src/acl/MyPort.h b/src/acl/LocalPort.h similarity index 82% rename from src/acl/MyPort.h rename to src/acl/LocalPort.h index 2ebf30f645..3fdebba8d7 100644 --- a/src/acl/MyPort.h +++ b/src/acl/LocalPort.h @@ -32,36 +32,36 @@ * Copyright (c) 2003, Robert Collins */ -#ifndef SQUID_ACLMYPORT_H -#define SQUID_ACLMYPORT_H +#ifndef SQUID_ACLLOCALPORT_H +#define SQUID_ACLLOCALPORT_H #include "acl/Strategy.h" #include "acl/Strategised.h" /// \ingroup ACLAPI -class ACLMyPortStrategy : public ACLStrategy +class ACLLocalPortStrategy : public ACLStrategy { public: virtual int match (ACLData * &, ACLFilledChecklist *); - static ACLMyPortStrategy *Instance(); + static ACLLocalPortStrategy *Instance(); /** * Not implemented to prevent copies of the instance. \par * Not private to prevent brain dead g+++ warnings about * private constructors with no friends */ - ACLMyPortStrategy(ACLMyPortStrategy const &); + ACLLocalPortStrategy(ACLLocalPortStrategy const &); private: - static ACLMyPortStrategy Instance_; - ACLMyPortStrategy() {} + static ACLLocalPortStrategy Instance_; + ACLLocalPortStrategy() {} - ACLMyPortStrategy&operator=(ACLMyPortStrategy const &); + ACLLocalPortStrategy&operator=(ACLLocalPortStrategy const &); }; /// \ingroup ACLAPI -class ACLMyPort +class ACLLocalPort { private: @@ -69,4 +69,4 @@ private: static ACLStrategised RegistryEntry_; }; -#endif /* SQUID_ACLMYPORT_H */ +#endif /* SQUID_ACLLOCALPORT_H */ diff --git a/src/acl/Makefile.am b/src/acl/Makefile.am index 8b861e3d34..112230036b 100644 --- a/src/acl/Makefile.am +++ b/src/acl/Makefile.am @@ -61,16 +61,16 @@ libacls_la_SOURCES = \ HttpStatus.h \ Ip.cc \ Ip.h \ + LocalIp.cc \ + LocalIp.h \ + LocalPort.cc \ + LocalPort.h \ MaxConnection.cc \ MaxConnection.h \ Method.cc \ MethodData.cc \ MethodData.h \ Method.h \ - MyIp.cc \ - MyIp.h \ - MyPort.cc \ - MyPort.h \ MyPortName.cc \ MyPortName.h \ PeerName.cc \ diff --git a/src/acl/Strategised.cc b/src/acl/Strategised.cc index d930a33eec..278d8f2ec5 100644 --- a/src/acl/Strategised.cc +++ b/src/acl/Strategised.cc @@ -51,5 +51,5 @@ template class ACLStrategised; /* ACLMyPortName + ACLMyPeerName + ACLBrowser */ template class ACLStrategised; -/* ACLMyPort + ACLSslError */ +/* ACLLocalPort + ACLSslError */ template class ACLStrategised; diff --git a/src/cf.data.pre b/src/cf.data.pre index 1e744ef308..cb4f0acb3c 100644 --- a/src/cf.data.pre +++ b/src/cf.data.pre @@ -657,10 +657,10 @@ DOC_START ***** ACL TYPES AVAILABLE ***** - acl aclname src ip-address/netmask ... # clients IP address [fast] - acl aclname src addr1-addr2/netmask ... # range of addresses [fast] - acl aclname dst ip-address/netmask ... # URL host's IP address [slow] - acl aclname myip ip-address/netmask ... # local socket IP address [fast] + acl aclname src ip-address/mask ... # clients IP address [fast] + acl aclname src addr1-addr2/mask ... # range of addresses [fast] + acl aclname dst ip-address/mask ... # URL host's IP address [slow] + acl aclname localip ip-address/mask ... # IP address the client connected to [fast] acl aclname arp mac-address ... (xx:xx:xx:xx:xx:xx notation) # The arp ACL requires the special configure option --enable-arp-acl. @@ -721,7 +721,9 @@ DOC_START acl aclname port 80 70 21 0-1024... # destination TCP port [fast] # ranges are alloed - acl aclname myport 3128 ... # local socket TCP port [fast] + acl aclname localport 3128 ... # TCP port the client connected to [fast] + # NP: for interception mode this is usually '80' + acl aclname myportname 3128 ... # http(s)_port name [fast] acl aclname proto HTTP FTP ... # request protocol [fast]