From: hno <> Date: Wed, 9 Jul 2003 20:14:57 +0000 (+0000) Subject: Some missing external acl pieces X-Git-Tag: SQUID_3_0_PRE1~49 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=4a972fa29826c564c14fa2f622cf6fb190cfec00;p=thirdparty%2Fsquid.git Some missing external acl pieces - log= result tag, for a string usable in access.log - access log formats for ue User from external acl et Tag returned by external acl ea Log string returned by external acl %o error message tag for referring to the message returned by external acl helper. --- diff --git a/src/ExternalACLEntry.cc b/src/ExternalACLEntry.cc index aabece6620..51812dc685 100644 --- a/src/ExternalACLEntry.cc +++ b/src/ExternalACLEntry.cc @@ -1,6 +1,6 @@ /* - * $Id: ExternalACLEntry.cc,v 1.3 2003/06/27 22:32:31 hno Exp $ + * $Id: ExternalACLEntry.cc,v 1.4 2003/07/09 14:14:57 hno Exp $ * * DEBUG: section 82 External ACL * AUTHOR: Henrik Nordstrom, MARA Systems AB @@ -94,4 +94,5 @@ ExternalACLEntry::update(ExternalACLEntryData const &someData) password = someData.password; message = someData.message; tag = someData.tag; + log = someData.log; } diff --git a/src/ExternalACLEntry.h b/src/ExternalACLEntry.h index 64d7c13f6b..8d10eab294 100644 --- a/src/ExternalACLEntry.h +++ b/src/ExternalACLEntry.h @@ -1,6 +1,6 @@ /* - * $Id: ExternalACLEntry.h,v 1.3 2003/06/27 22:32:31 hno Exp $ + * $Id: ExternalACLEntry.h,v 1.4 2003/07/09 14:14:57 hno Exp $ * * DEBUG: section 82 External ACL * AUTHOR: Henrik Nordstrom, MARA Systems AB @@ -62,6 +62,7 @@ public: String password; String message; String tag; + String log; }; @@ -89,6 +90,7 @@ public: String password; String message; String tag; + String log; external_acl *def; private: diff --git a/src/HttpRequest.cc b/src/HttpRequest.cc index c1f47eaf6b..fd07b5de46 100644 --- a/src/HttpRequest.cc +++ b/src/HttpRequest.cc @@ -1,6 +1,6 @@ /* - * $Id: HttpRequest.cc,v 1.37 2003/06/27 22:32:31 hno Exp $ + * $Id: HttpRequest.cc,v 1.38 2003/07/09 14:14:57 hno Exp $ * * DEBUG: section 73 HTTP Request * AUTHOR: Duane Wessels @@ -96,6 +96,8 @@ requestDestroy(request_t * req) req->extacl_passwd.clean(); + req->extacl_log.clean(); + memFree(req, MEM_REQUEST_T); } diff --git a/src/access_log.cc b/src/access_log.cc index b5f82b7a8c..754149fb09 100644 --- a/src/access_log.cc +++ b/src/access_log.cc @@ -1,6 +1,6 @@ /* - * $Id: access_log.cc,v 1.85 2003/07/09 13:57:43 hno Exp $ + * $Id: access_log.cc,v 1.86 2003/07/09 14:14:58 hno Exp $ * * DEBUG: section 46 Access Log * AUTHOR: Duane Wessels @@ -342,6 +342,7 @@ typedef enum { LFT_USER_IDENT, /*LFT_USER_REALM, */ /*LFT_USER_SCHEME, */ + LFT_USER_EXTERNAL, LFT_HTTP_CODE, /*LFT_HTTP_STATUS, */ @@ -369,6 +370,9 @@ typedef enum { /*LFT_REPLY_SIZE_BODY, */ /*LFT_REPLY_SIZE_BODY_NO_TE, */ + LFT_TAG, + LFT_EXT_LOG, + LFT_PERCENT /* special string cases for escaped chars */ } logformat_bcode_t; @@ -478,6 +482,9 @@ struct logformat_token_table_entry logformat_token_table[] = /*{ "cache.authuser ? - al->cache.authuser : al->cache.rfc931); + out = accessLogFormatName(al->cache.authuser); + + if (!out) + out = accessLogFormatName(al->cache.extuser); + +#if USE_SSL + + if (!out) + out = accessLogFormatName(al->cache.ssluser); + +#endif + + if (!out) + out = accessLogFormatName(al->cache.rfc931); dofree = 1; @@ -668,6 +687,13 @@ accessLogCustom(AccessLogEntry * al, customlog * log) break; + case LFT_USER_EXTERNAL: + out = accessLogFormatName(al->cache.extuser); + + dofree = 1; + + break; + /* case LFT_USER_REALM: */ /* case LFT_USER_SCHEME: */ @@ -739,6 +765,22 @@ accessLogCustom(AccessLogEntry * al, customlog * log) /*case LFT_REPLY_SIZE_BODY: */ /*case LFT_REPLY_SIZE_BODY_NO_TE: */ + case LFT_TAG: + if (al->request) + out = al->request->tag.buf(); + + quote = 1; + + break; + + case LFT_EXT_LOG: + if (al->request) + out = al->request->extacl_log.buf(); + + quote = 1; + + break; + case LFT_PERCENT: out = "%"; diff --git a/src/cf.data.pre b/src/cf.data.pre index 249a5675f8..1f8a567db0 100644 --- a/src/cf.data.pre +++ b/src/cf.data.pre @@ -1,6 +1,6 @@ # -# $Id: cf.data.pre,v 1.330 2003/07/07 21:55:04 hno Exp $ +# $Id: cf.data.pre,v 1.331 2003/07/09 14:14:58 hno Exp $ # # # SQUID Web Proxy Cache http://www.squid-cache.org/ @@ -1118,6 +1118,7 @@ DOC_START un User name ul User login ui User ident + ue User from external acl Hs HTTP status code Ss Squid request status (TCP_MISS etc) Sh Squid hierarchy status (DEFAULT_PARENT etc) @@ -1125,6 +1126,8 @@ DOC_START rm Request method (GET/POST etc) ru Request URL rv Request protocol version + et Tag returned by external acl + ea Log string returned by external acl port); diff --git a/src/external_acl.cc b/src/external_acl.cc index f1cccfef7a..f5e4ca183f 100644 --- a/src/external_acl.cc +++ b/src/external_acl.cc @@ -1,6 +1,6 @@ /* - * $Id: external_acl.cc,v 1.47 2003/07/06 21:43:36 hno Exp $ + * $Id: external_acl.cc,v 1.48 2003/07/09 14:14:58 hno Exp $ * * DEBUG: section 82 External ACL * AUTHOR: Henrik Nordstrom, MARA Systems AB @@ -570,6 +570,8 @@ aclMatchExternal(external_acl_data *acl, ACLChecklist * ch) } } + external_acl_message = "MISSING REQUIRED INFORMATION"; + if (!entry) { if (acl->def->require_auth) { int ti; @@ -601,6 +603,7 @@ aclMatchExternal(external_acl_data *acl, ACLChecklist * ch) } else { if (!entry) { debug(82, 1) ("aclMatchExternal: '%s' queue overload. Request rejected '%s'.\n", acl->def->name, key); + external_acl_message = "SYSTEM TOO BUSY, TRY AGAIN LATER"; return -1; } else { debug(82, 1) ("aclMatchExternal: '%s' queue overload. Using stale result. '%s'.\n", acl->def->name, key); @@ -612,6 +615,8 @@ aclMatchExternal(external_acl_data *acl, ACLChecklist * ch) external_acl_cache_touch(acl->def, entry); result = entry->result; + external_acl_message = entry->message.buf(); + debug(82, 2) ("aclMatchExternal: %s = %d\n", acl->def->name, result); if (ch->request) { @@ -623,6 +628,9 @@ aclMatchExternal(external_acl_data *acl, ACLChecklist * ch) if (!ch->request->tag.size()) ch->request->tag = entry->tag; + + if (entry->log.size()) + ch->request->extacl_log = entry->log; } return result; @@ -912,11 +920,12 @@ free_externalAclState(void *data) * * Keywords: * - * user= The users name (login) - * message= Message describing the reason - * tag= A string tag to be applied to the request that triggered the acl match. - * applies to both OK and ERR responses. - * Won't override existing request tags. + * user= The users name (login) + * message= Message describing the reason + * tag= A string tag to be applied to the request that triggered the acl match. + * applies to both OK and ERR responses. + * Won't override existing request tags. + * log= A string to be used in access logging * * Other keywords may be added to the protocol later * @@ -960,6 +969,8 @@ externalAclHandleReply(void *data, char *reply) entryData.message = value; else if (strcmp(token, "tag") == 0) entryData.tag = value; + else if (strcmp(token, "log") == 0) + entryData.log = value; else if (strcmp(token, "password") == 0) entryData.password = value; else if (strcmp(token, "passwd") == 0) diff --git a/src/globals.h b/src/globals.h index e0366070c5..028b9485fb 100644 --- a/src/globals.h +++ b/src/globals.h @@ -1,6 +1,6 @@ /* - * $Id: globals.h,v 1.124 2003/04/24 06:35:09 hno Exp $ + * $Id: globals.h,v 1.125 2003/07/09 14:14:58 hno Exp $ * * * SQUID Web Proxy Cache http://www.squid-cache.org/ @@ -179,4 +179,5 @@ extern int ssl_ex_index_server; /* -1 */ extern int ssl_ctx_ex_index_dont_verify_domain; /* -1 */ extern int opt_no_daemon; /* 0 */ +extern const char *external_acl_message; /* NULL */ #endif /* SQUID_GLOBALS_H */ diff --git a/src/structs.h b/src/structs.h index b982f310c7..09aa962c8c 100644 --- a/src/structs.h +++ b/src/structs.h @@ -1,6 +1,6 @@ /* - * $Id: structs.h,v 1.469 2003/07/06 21:50:56 hno Exp $ + * $Id: structs.h,v 1.470 2003/07/09 14:14:58 hno Exp $ * * * SQUID Web Proxy Cache http://www.squid-cache.org/ @@ -1713,6 +1713,7 @@ public: String tag; /* Internal tag for this request */ String extacl_user; /* User name returned by extacl lookup */ String extacl_passwd; /* Password returned by extacl lookup */ + String extacl_log; /* String to be used for access.log purposes */ }; #endif