From: Amos Jeffries Date: Wed, 7 May 2014 10:05:58 +0000 (-0700) Subject: Cleanup: Refactor external_acl_type format codes representation X-Git-Tag: SQUID_3_5_0_1~246 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=5aca9cf2e5a7c901386831bca92d0339c6e5e60e;p=thirdparty%2Fsquid.git Cleanup: Refactor external_acl_type format codes representation Removes enum_external_acl_format::format_type from external_acl.cc by replacing it with enum Format::ByteCode_t. Several missing logformat codes related to URL display have been added to the logformat token set for general use. Several of the external ACL format codes have been added to Format::ByteCode_t without equivalent logformat TokenTableEntry's at this stage as both desirable token naming and access to the data to produce them generically is unclear. The external_acl_type parser is updated to accept logformat tokens wherever an equivalent exists and map directly to the ByteCode_t values. The mgr:config report dumper is also updated to output the logformat tokens. But as yet the official deprecation has not been done in squid.conf. --- diff --git a/src/cf.data.pre b/src/cf.data.pre index f6fedf3689..7bc779931c 100644 --- a/src/cf.data.pre +++ b/src/cf.data.pre @@ -3867,15 +3867,20 @@ DOC_START [http::]ru Request URL from client (historic, filtered for logging) [http::]>ru Request URL from client [http::]rs Request URL scheme from client + [http::]rd Request URL domain from client - [http::]rp Request URL-Path excluding hostname - [http::]>rp Request URL-Path excluding hostname from client - [http::]rd Request URL domain sent to server or peer + [http::]>rP Request URL port from client + [http::]rp Request URL path excluding hostname from client + [http::]rv Request protocol version from client [http::]h Original received request header. + [http::]>h Original received request header. Usually differs from the request header sent by Squid, although most fields are often preserved. Accepts optional header field name/value filter diff --git a/src/external_acl.cc b/src/external_acl.cc index 6f12473d21..2fa91d2eba 100644 --- a/src/external_acl.cc +++ b/src/external_acl.cc @@ -48,6 +48,7 @@ #include "ExternalACL.h" #include "ExternalACLEntry.h" #include "fde.h" +#include "format/ByteCode.h" #include "helper.h" #include "HttpHeaderTools.h" #include "HttpReply.h" @@ -150,55 +151,7 @@ public: }; struct _external_acl_format { - enum format_type { - EXT_ACL_UNKNOWN, -#if USE_AUTH - EXT_ACL_LOGIN, -#endif -#if USE_IDENT - EXT_ACL_IDENT, -#endif - EXT_ACL_SRC, - EXT_ACL_SRCPORT, -#if USE_SQUID_EUI - EXT_ACL_SRCEUI48, - EXT_ACL_SRCEUI64, -#endif - EXT_ACL_MYADDR, - EXT_ACL_MYPORT, - EXT_ACL_URI, - EXT_ACL_DST, - EXT_ACL_PROTO, - EXT_ACL_PORT, - EXT_ACL_PATH, - EXT_ACL_METHOD, - - EXT_ACL_HEADER_REQUEST, - EXT_ACL_HEADER_REQUEST_MEMBER, - EXT_ACL_HEADER_REQUEST_ID, - EXT_ACL_HEADER_REQUEST_ID_MEMBER, - - EXT_ACL_HEADER_REPLY, - EXT_ACL_HEADER_REPLY_MEMBER, - EXT_ACL_HEADER_REPLY_ID, - EXT_ACL_HEADER_REPLY_ID_MEMBER, - -#if USE_OPENSSL - EXT_ACL_USER_CERT, - EXT_ACL_USER_CA_CERT, - EXT_ACL_USER_CERT_RAW, - EXT_ACL_USER_CERTCHAIN_RAW, -#endif -#if USE_AUTH - EXT_ACL_EXT_USER, -#endif - EXT_ACL_EXT_LOG, - EXT_ACL_TAG, - EXT_ACL_ACLNAME, - EXT_ACL_ACLDATA, - EXT_ACL_PERCENT, - EXT_ACL_END - } type; + Format::ByteCode_t type; external_acl_format *next; char *header; char *member; @@ -254,7 +207,7 @@ free_external_acl(void *data) \param format - structure to contain all the info about this format element. */ void -parse_header_token(external_acl_format *format, char *header, const _external_acl_format::format_type type) +parse_header_token(external_acl_format *format, char *header, const Format::ByteCode_t type) { /* header format */ char *member, *end; @@ -282,30 +235,17 @@ parse_header_token(external_acl_format *format, char *header, const _external_ac format->member = xstrdup(member); - if (type == _external_acl_format::EXT_ACL_HEADER_REQUEST) - format->type = _external_acl_format::EXT_ACL_HEADER_REQUEST_MEMBER; + if (type == Format::LFT_ADAPTED_REQUEST_HEADER) + format->type = Format::LFT_ADAPTED_REQUEST_HEADER_ELEM; else - format->type = _external_acl_format::EXT_ACL_HEADER_REQUEST_MEMBER; + format->type = Format::LFT_REPLY_HEADER_ELEM; + } else { format->type = type; } format->header = xstrdup(header); format->header_id = httpHeaderIdByNameDef(header, strlen(header)); - - if (format->header_id != -1) { - if (member) { - if (type == _external_acl_format::EXT_ACL_HEADER_REQUEST) - format->type = _external_acl_format::EXT_ACL_HEADER_REQUEST_ID_MEMBER; - else - format->type = _external_acl_format::EXT_ACL_HEADER_REPLY_ID_MEMBER; - } else { - if (type == _external_acl_format::EXT_ACL_HEADER_REQUEST) - format->type = _external_acl_format::EXT_ACL_HEADER_REQUEST_ID; - else - format->type = _external_acl_format::EXT_ACL_HEADER_REPLY_ID; - } - } } void @@ -421,84 +361,84 @@ parse_externalAclHelper(external_acl ** list) if (strncmp(token, "%{", 2) == 0) { // deprecated. but assume the old configs all referred to request headers. debugs(82, DBG_PARSE_NOTE(DBG_IMPORTANT), "WARNING: external_acl_type format %{...} is being replaced by %>ha{...} for : " << token); - parse_header_token(format, (token+2), _external_acl_format::EXT_ACL_HEADER_REQUEST); + parse_header_token(format, (token+2), Format::LFT_ADAPTED_REQUEST_HEADER); } else if (strncmp(token, "%>{", 3) == 0) { debugs(82, DBG_PARSE_NOTE(DBG_IMPORTANT), "WARNING: external_acl_type format %>{...} is being replaced by %>ha{...} for : " << token); - parse_header_token(format, (token+3), _external_acl_format::EXT_ACL_HEADER_REQUEST); + parse_header_token(format, (token+3), Format::LFT_ADAPTED_REQUEST_HEADER); } else if (strncmp(token, "%>ha{", 5) == 0) { - parse_header_token(format, (token+3), _external_acl_format::EXT_ACL_HEADER_REQUEST); + parse_header_token(format, (token+3), Format::LFT_ADAPTED_REQUEST_HEADER); } else if (strncmp(token, "%<{", 3) == 0) { debugs(82, DBG_PARSE_NOTE(DBG_IMPORTANT), "WARNING: external_acl_type format %<{...} is being replaced by %type = _external_acl_format::EXT_ACL_LOGIN; + format->type = Format::LFT_USER_LOGIN; a->require_auth = true; #endif } #if USE_IDENT else if (strcmp(token, "%IDENT") == 0 || strcmp(token, "%ui") == 0) - format->type = _external_acl_format::EXT_ACL_IDENT; + format->type = Format::LFT_USER_IDENT; #endif else if (strcmp(token, "%SRC") == 0 || strcmp(token, "%>a") == 0) - format->type = _external_acl_format::EXT_ACL_SRC; + format->type = Format::LFT_CLIENT_IP_ADDRESS; else if (strcmp(token, "%SRCPORT") == 0 || strcmp(token, "%>p") == 0) - format->type = _external_acl_format::EXT_ACL_SRCPORT; + format->type = Format::LFT_CLIENT_PORT; #if USE_SQUID_EUI else if (strcmp(token, "%SRCEUI48") == 0) - format->type = _external_acl_format::EXT_ACL_SRCEUI48; + format->type = Format::LFT_EXT_ACL_CLIENT_EUI48; else if (strcmp(token, "%SRCEUI64") == 0) - format->type = _external_acl_format::EXT_ACL_SRCEUI64; + format->type = Format::LFT_EXT_ACL_CLIENT_EUI64; #endif else if (strcmp(token, "%MYADDR") == 0 || strcmp(token, "%la") == 0) - format->type = _external_acl_format::EXT_ACL_MYADDR; + format->type = Format::LFT_LOCAL_LISTENING_IP; else if (strcmp(token, "%MYPORT") == 0 || strcmp(token, "%lp") == 0) - format->type = _external_acl_format::EXT_ACL_MYPORT; + format->type = Format::LFT_LOCAL_LISTENING_PORT; else if (strcmp(token, "%URI") == 0 || strcmp(token, "%>ru") == 0) - format->type = _external_acl_format::EXT_ACL_URI; - else if (strcmp(token, "%DST") == 0) - format->type = _external_acl_format::EXT_ACL_DST; - else if (strcmp(token, "%PROTO") == 0) - format->type = _external_acl_format::EXT_ACL_PROTO; - else if (strcmp(token, "%PORT") == 0) - format->type = _external_acl_format::EXT_ACL_PORT; + format->type = Format::LFT_CLIENT_REQ_URI; + else if (strcmp(token, "%DST") == 0 || strcmp(token, "%>rd") == 0) + format->type = Format::LFT_CLIENT_REQ_URLDOMAIN; + else if (strcmp(token, "%PROTO") == 0 || strcmp(token, "%>rs") == 0) + format->type = Format::LFT_CLIENT_REQ_URLSCHEME; + else if (strcmp(token, "%PORT") == 0) // XXX: add a logformat token + format->type = Format::LFT_CLIENT_REQ_URLPORT; else if (strcmp(token, "%PATH") == 0 || strcmp(token, "%>rp") == 0) - format->type = _external_acl_format::EXT_ACL_PATH; + format->type = Format::LFT_CLIENT_REQ_URLPATH; else if (strcmp(token, "%METHOD") == 0 || strcmp(token, "%>rm") == 0) - format->type = _external_acl_format::EXT_ACL_METHOD; + format->type = Format::LFT_CLIENT_REQ_METHOD; #if USE_OPENSSL else if (strcmp(token, "%USER_CERT") == 0) - format->type = _external_acl_format::EXT_ACL_USER_CERT_RAW; + format->type = Format::LFT_EXT_ACL_USER_CERT_RAW; else if (strcmp(token, "%USER_CERTCHAIN") == 0) - format->type = _external_acl_format::EXT_ACL_USER_CERTCHAIN_RAW; + format->type = Format::LFT_EXT_ACL_USER_CERTCHAIN_RAW; else if (strncmp(token, "%USER_CERT_", 11) == 0) { - format->type = _external_acl_format::EXT_ACL_USER_CERT; + format->type = Format::LFT_EXT_ACL_USER_CERT; format->header = xstrdup(token + 11); } else if (strncmp(token, "%USER_CA_CERT_", 11) == 0) { - format->type = _external_acl_format::EXT_ACL_USER_CA_CERT; + format->type = Format::LFT_EXT_ACL_USER_CA_CERT; format->header = xstrdup(token + 11); } else if (strncmp(token, "%CA_CERT_", 11) == 0) { debugs(82, DBG_PARSE_NOTE(DBG_IMPORTANT), "WARNING: external_acl_type %CA_CERT_* code is obsolete. Use %USER_CA_CERT_* instead"); - format->type = _external_acl_format::EXT_ACL_USER_CA_CERT; + format->type = Format::LFT_EXT_ACL_USER_CA_CERT; format->header = xstrdup(token + 11); } #endif #if USE_AUTH - else if (strcmp(token, "%EXT_USER") == 0) - format->type = _external_acl_format::EXT_ACL_EXT_USER; + else if (strcmp(token, "%EXT_USER") == 0 || strcmp(token, "%ue") == 0) + format->type = Format::LFT_USER_EXTERNAL; #endif - else if (strcmp(token, "%EXT_LOG") == 0) - format->type = _external_acl_format::EXT_ACL_EXT_LOG; - else if (strcmp(token, "%TAG") == 0) - format->type = _external_acl_format::EXT_ACL_TAG; + else if (strcmp(token, "%EXT_LOG") == 0 || strcmp(token, "%ea") == 0) + format->type = Format::LFT_EXT_LOG; + else if (strcmp(token, "%TAG") == 0 || strcmp(token, "%et") == 0) + format->type = Format::LFT_TAG; else if (strcmp(token, "%ACL") == 0) - format->type = _external_acl_format::EXT_ACL_ACLNAME; + format->type = Format::LFT_EXT_ACL_NAME; else if (strcmp(token, "%DATA") == 0) - format->type = _external_acl_format::EXT_ACL_ACLDATA; + format->type = Format::LFT_EXT_ACL_DATA; else if (strcmp(token, "%%") == 0) - format->type = _external_acl_format::EXT_ACL_PERCENT; + format->type = Format::LFT_PERCENT; else { debugs(0, DBG_CRITICAL, "ERROR: Unknown Format token " << token); self_destruct(); @@ -573,67 +513,60 @@ dump_externalAclHelper(StoreEntry * sentry, const char *name, const external_acl for (format = node->format; format; format = format->next) { switch (format->type) { - case _external_acl_format::EXT_ACL_HEADER_REQUEST: - case _external_acl_format::EXT_ACL_HEADER_REQUEST_ID: - storeAppendPrintf(sentry, " %%>{%s}", format->header); + case Format::LFT_ADAPTED_REQUEST_HEADER: + storeAppendPrintf(sentry, " %%>ha{%s}", format->header); break; - case _external_acl_format::EXT_ACL_HEADER_REQUEST_MEMBER: - case _external_acl_format::EXT_ACL_HEADER_REQUEST_ID_MEMBER: - storeAppendPrintf(sentry, " %%>{%s:%s}", format->header, format->member); + case Format::LFT_ADAPTED_REQUEST_HEADER_ELEM: + storeAppendPrintf(sentry, " %%>ha{%s:%s}", format->header, format->member); break; - case _external_acl_format::EXT_ACL_HEADER_REPLY: - case _external_acl_format::EXT_ACL_HEADER_REPLY_ID: - storeAppendPrintf(sentry, " %%<{%s}", format->header); + case Format::LFT_REPLY_HEADER: + storeAppendPrintf(sentry, " %%header); break; - case _external_acl_format::EXT_ACL_HEADER_REPLY_MEMBER: - case _external_acl_format::EXT_ACL_HEADER_REPLY_ID_MEMBER: - storeAppendPrintf(sentry, " %%<{%s:%s}", format->header, format->member); + case Format::LFT_REPLY_HEADER_ELEM: + storeAppendPrintf(sentry, " %%header, format->member); break; -#define DUMP_EXT_ACL_TYPE(a) \ - case _external_acl_format::EXT_ACL_##a: \ - storeAppendPrintf(sentry, " %%%s", #a); \ - break + #define DUMP_EXT_ACL_TYPE_FMT(a, fmt, ...) \ - case _external_acl_format::EXT_ACL_##a: \ + case Format::LFT_##a: \ storeAppendPrintf(sentry, fmt, ##__VA_ARGS__); \ break #if USE_AUTH - DUMP_EXT_ACL_TYPE(LOGIN); + DUMP_EXT_ACL_TYPE_FMT(USER_LOGIN," %%ul"); #endif #if USE_IDENT - DUMP_EXT_ACL_TYPE(IDENT); + DUMP_EXT_ACL_TYPE_FMT(USER_IDENT," %%ui"); #endif - - DUMP_EXT_ACL_TYPE(SRC); - DUMP_EXT_ACL_TYPE(SRCPORT); + DUMP_EXT_ACL_TYPE_FMT(CLIENT_IP_ADDRESS," %%>a"); + DUMP_EXT_ACL_TYPE_FMT(CLIENT_PORT," %%>p"); #if USE_SQUID_EUI - DUMP_EXT_ACL_TYPE(SRCEUI48); - DUMP_EXT_ACL_TYPE(SRCEUI64); + DUMP_EXT_ACL_TYPE_FMT(EXT_ACL_CLIENT_EUI48," %%SRCEUI48"); + DUMP_EXT_ACL_TYPE_FMT(EXT_ACL_CLIENT_EUI64," %%SRCEUI64"); #endif - - DUMP_EXT_ACL_TYPE(MYADDR); - DUMP_EXT_ACL_TYPE(MYPORT); - DUMP_EXT_ACL_TYPE(URI); - DUMP_EXT_ACL_TYPE(DST); - DUMP_EXT_ACL_TYPE(PROTO); - DUMP_EXT_ACL_TYPE(PORT); - DUMP_EXT_ACL_TYPE(PATH); - DUMP_EXT_ACL_TYPE(METHOD); + DUMP_EXT_ACL_TYPE_FMT(LOCAL_LISTENING_IP," %%>la"); + DUMP_EXT_ACL_TYPE_FMT(LOCAL_LISTENING_PORT," %%>lp"); + DUMP_EXT_ACL_TYPE_FMT(CLIENT_REQ_URI," %%>ru"); + DUMP_EXT_ACL_TYPE_FMT(CLIENT_REQ_URLDOMAIN," %%>rd"); + DUMP_EXT_ACL_TYPE_FMT(CLIENT_REQ_URLSCHEME," %%>rs"); + DUMP_EXT_ACL_TYPE_FMT(CLIENT_REQ_URLPORT," %%>rP"); + DUMP_EXT_ACL_TYPE_FMT(CLIENT_REQ_URLPATH," %%>rp"); + DUMP_EXT_ACL_TYPE_FMT(CLIENT_REQ_METHOD," %%>rm"); #if USE_OPENSSL - DUMP_EXT_ACL_TYPE_FMT(USER_CERT_RAW, " %%USER_CERT_RAW"); - DUMP_EXT_ACL_TYPE_FMT(USER_CERTCHAIN_RAW, " %%USER_CERTCHAIN_RAW"); - DUMP_EXT_ACL_TYPE_FMT(USER_CERT, " %%USER_CERT_%s", format->header); - DUMP_EXT_ACL_TYPE_FMT(USER_CA_CERT, " %%USER_CA_CERT_%s", format->header); + DUMP_EXT_ACL_TYPE_FMT(EXT_ACL_USER_CERT_RAW, " %%USER_CERT_RAW"); + DUMP_EXT_ACL_TYPE_FMT(EXT_ACL_USER_CERTCHAIN_RAW, " %%USER_CERTCHAIN_RAW"); + DUMP_EXT_ACL_TYPE_FMT(EXT_ACL_USER_CERT, " %%USER_CERT_%s", format->header); + DUMP_EXT_ACL_TYPE_FMT(EXT_ACL_USER_CA_CERT, " %%USER_CA_CERT_%s", format->header); #endif #if USE_AUTH - DUMP_EXT_ACL_TYPE(EXT_USER); + DUMP_EXT_ACL_TYPE_FMT(USER_EXTERNAL," %%ue"); #endif - DUMP_EXT_ACL_TYPE(EXT_LOG); - DUMP_EXT_ACL_TYPE(TAG); + DUMP_EXT_ACL_TYPE_FMT(EXT_LOG," %%ea"); + DUMP_EXT_ACL_TYPE_FMT(TAG," %%et"); + DUMP_EXT_ACL_TYPE_FMT(EXT_ACL_NAME," %%ACL"); + DUMP_EXT_ACL_TYPE_FMT(EXT_ACL_DATA," %%DATA"); DUMP_EXT_ACL_TYPE_FMT(PERCENT, " %%%%"); default: fatal("unknown external_acl format error"); @@ -980,7 +913,7 @@ makeExternalAclKey(ACLFilledChecklist * ch, external_acl_data * acl_data) switch (format->type) { #if USE_AUTH - case _external_acl_format::EXT_ACL_LOGIN: + case Format::LFT_USER_LOGIN: // if this ACL line was the cause of credentials fetch // they may not already be in the checklist if (ch->auth_user_request == NULL && ch->request) @@ -991,7 +924,7 @@ makeExternalAclKey(ACLFilledChecklist * ch, external_acl_data * acl_data) break; #endif #if USE_IDENT - case _external_acl_format::EXT_ACL_IDENT: + case Format::LFT_USER_IDENT: str = ch->rfc931; if (!str || !*str) { @@ -1004,60 +937,60 @@ makeExternalAclKey(ACLFilledChecklist * ch, external_acl_data * acl_data) break; #endif - case _external_acl_format::EXT_ACL_SRC: + case Format::LFT_CLIENT_IP_ADDRESS: str = ch->src_addr.toStr(buf,sizeof(buf)); break; - case _external_acl_format::EXT_ACL_SRCPORT: + case Format::LFT_CLIENT_PORT: snprintf(buf, sizeof(buf), "%d", request->client_addr.port()); str = buf; break; #if USE_SQUID_EUI - case _external_acl_format::EXT_ACL_SRCEUI48: + case Format::LFT_EXT_ACL_CLIENT_EUI48: if (request->clientConnectionManager.valid() && request->clientConnectionManager->clientConnection != NULL && request->clientConnectionManager->clientConnection->remoteEui48.encode(buf, sizeof(buf))) str = buf; break; - case _external_acl_format::EXT_ACL_SRCEUI64: + case Format::LFT_EXT_ACL_CLIENT_EUI64: if (request->clientConnectionManager.valid() && request->clientConnectionManager->clientConnection != NULL && request->clientConnectionManager->clientConnection->remoteEui64.encode(buf, sizeof(buf))) str = buf; break; #endif - case _external_acl_format::EXT_ACL_MYADDR: + case Format::LFT_LOCAL_LISTENING_IP: str = request->my_addr.toStr(buf, sizeof(buf)); break; - case _external_acl_format::EXT_ACL_MYPORT: + case Format::LFT_LOCAL_LISTENING_PORT: snprintf(buf, sizeof(buf), "%d", request->my_addr.port()); str = buf; break; - case _external_acl_format::EXT_ACL_URI: + case Format::LFT_CLIENT_REQ_URI: str = urlCanonical(request); break; - case _external_acl_format::EXT_ACL_DST: + case Format::LFT_CLIENT_REQ_URLDOMAIN: str = request->GetHost(); break; - case _external_acl_format::EXT_ACL_PROTO: + case Format::LFT_CLIENT_REQ_URLSCHEME: str = request->url.getScheme().c_str(); break; - case _external_acl_format::EXT_ACL_PORT: + case Format::LFT_CLIENT_REQ_URLPORT: snprintf(buf, sizeof(buf), "%d", request->port); str = buf; break; - case _external_acl_format::EXT_ACL_PATH: + case Format::LFT_CLIENT_REQ_URLPATH: str = request->urlpath.termedBuf(); break; - case _external_acl_format::EXT_ACL_METHOD: + case Format::LFT_CLIENT_REQ_METHOD: { const SBuf &s = request->method.image(); sb.append(s.rawContent(), s.length()); @@ -1065,56 +998,45 @@ makeExternalAclKey(ACLFilledChecklist * ch, external_acl_data * acl_data) str = sb.termedBuf(); break; - case _external_acl_format::EXT_ACL_HEADER_REQUEST: - sb = request->header.getByName(format->header); - str = sb.termedBuf(); - break; - - case _external_acl_format::EXT_ACL_HEADER_REQUEST_ID: - sb = request->header.getStrOrList(format->header_id); - str = sb.termedBuf(); - break; - - case _external_acl_format::EXT_ACL_HEADER_REQUEST_MEMBER: - sb = request->header.getByNameListMember(format->header, format->member, format->separator); + case Format::LFT_ADAPTED_REQUEST_HEADER: + if (format->header_id == -1) + sb = request->header.getByName(format->header); + else + sb = request->header.getStrOrList(format->header_id); str = sb.termedBuf(); break; - case _external_acl_format::EXT_ACL_HEADER_REQUEST_ID_MEMBER: - sb = request->header.getListMember(format->header_id, format->member, format->separator); + case Format::LFT_ADAPTED_REQUEST_HEADER_ELEM: + if (format->header_id == -1) + sb = request->header.getByNameListMember(format->header, format->member, format->separator); + else + sb = request->header.getListMember(format->header_id, format->member, format->separator); str = sb.termedBuf(); break; - case _external_acl_format::EXT_ACL_HEADER_REPLY: + case Format::LFT_REPLY_HEADER: if (reply) { - sb = reply->header.getByName(format->header); + if (format->header_id == -1) + sb = reply->header.getByName(format->header); + else + sb = reply->header.getStrOrList(format->header_id); str = sb.termedBuf(); } break; - case _external_acl_format::EXT_ACL_HEADER_REPLY_ID: + case Format::LFT_REPLY_HEADER_ELEM: if (reply) { - sb = reply->header.getStrOrList(format->header_id); + if (format->header_id == -1) + sb = reply->header.getByNameListMember(format->header, format->member, format->separator); + else + sb = reply->header.getListMember(format->header_id, format->member, format->separator); str = sb.termedBuf(); } break; - case _external_acl_format::EXT_ACL_HEADER_REPLY_MEMBER: - if (reply) { - sb = reply->header.getByNameListMember(format->header, format->member, format->separator); - str = sb.termedBuf(); - } - break; - - case _external_acl_format::EXT_ACL_HEADER_REPLY_ID_MEMBER: - if (reply) { - sb = reply->header.getListMember(format->header_id, format->member, format->separator); - str = sb.termedBuf(); - } - break; #if USE_OPENSSL - case _external_acl_format::EXT_ACL_USER_CERT_RAW: + case Format::LFT_EXT_ACL_USER_CERT_RAW: if (ch->conn() != NULL && Comm::IsConnOpen(ch->conn()->clientConnection)) { SSL *ssl = fd_table[ch->conn()->clientConnection->fd].ssl; @@ -1125,7 +1047,7 @@ makeExternalAclKey(ACLFilledChecklist * ch, external_acl_data * acl_data) break; - case _external_acl_format::EXT_ACL_USER_CERTCHAIN_RAW: + case Format::LFT_EXT_ACL_USER_CERTCHAIN_RAW: if (ch->conn() != NULL && Comm::IsConnOpen(ch->conn()->clientConnection)) { SSL *ssl = fd_table[ch->conn()->clientConnection->fd].ssl; @@ -1136,7 +1058,7 @@ makeExternalAclKey(ACLFilledChecklist * ch, external_acl_data * acl_data) break; - case _external_acl_format::EXT_ACL_USER_CERT: + case Format::LFT_EXT_ACL_USER_CERT: if (ch->conn() != NULL && Comm::IsConnOpen(ch->conn()->clientConnection)) { SSL *ssl = fd_table[ch->conn()->clientConnection->fd].ssl; @@ -1147,7 +1069,7 @@ makeExternalAclKey(ACLFilledChecklist * ch, external_acl_data * acl_data) break; - case _external_acl_format::EXT_ACL_USER_CA_CERT: + case Format::LFT_EXT_ACL_USER_CA_CERT: if (ch->conn() != NULL && Comm::IsConnOpen(ch->conn()->clientConnection)) { SSL *ssl = fd_table[ch->conn()->clientConnection->fd].ssl; @@ -1159,20 +1081,20 @@ makeExternalAclKey(ACLFilledChecklist * ch, external_acl_data * acl_data) break; #endif #if USE_AUTH - case _external_acl_format::EXT_ACL_EXT_USER: + case Format::LFT_USER_EXTERNAL: str = request->extacl_user.termedBuf(); break; #endif - case _external_acl_format::EXT_ACL_EXT_LOG: + case Format::LFT_EXT_LOG: str = request->extacl_log.termedBuf(); break; - case _external_acl_format::EXT_ACL_TAG: + case Format::LFT_TAG: str = request->tag.termedBuf(); break; - case _external_acl_format::EXT_ACL_ACLNAME: + case Format::LFT_EXT_ACL_NAME: str = acl_data->name; break; - case _external_acl_format::EXT_ACL_ACLDATA: + case Format::LFT_EXT_ACL_DATA: data_used = true; for (arg = acl_data->arguments; arg; arg = arg->next) { if (!first) @@ -1192,13 +1114,14 @@ makeExternalAclKey(ACLFilledChecklist * ch, external_acl_data * acl_data) first = 0; } break; - case _external_acl_format::EXT_ACL_PERCENT: + case Format::LFT_PERCENT: str = "%"; break; - case _external_acl_format::EXT_ACL_UNKNOWN: - case _external_acl_format::EXT_ACL_END: - fatal("unknown external_acl format error"); + default: + // TODO: replace this function with Format::assemble() + // For now die on unsupported logformat codes. + fatalf("ERROR: unknown external_acl_type format %u", (uint8_t)format->type); break; } diff --git a/src/format/ByteCode.h b/src/format/ByteCode.h index 66f6645a65..1a407b64ae 100644 --- a/src/format/ByteCode.h +++ b/src/format/ByteCode.h @@ -58,7 +58,9 @@ typedef enum { /* original Request-Line details recieved from client */ LFT_CLIENT_REQ_METHOD, LFT_CLIENT_REQ_URI, + LFT_CLIENT_REQ_URLSCHEME, LFT_CLIENT_REQ_URLDOMAIN, + LFT_CLIENT_REQ_URLPORT, LFT_CLIENT_REQ_URLPATH, /* LFT_CLIENT_REQ_QUERY, */ LFT_CLIENT_REQ_VERSION, @@ -84,6 +86,9 @@ typedef enum { /* Request-Line details sent to the server/peer */ LFT_SERVER_REQ_METHOD, LFT_SERVER_REQ_URI, + LFT_SERVER_REQ_URLSCHEME, + LFT_SERVER_REQ_URLDOMAIN, + LFT_SERVER_REQ_URLPORT, LFT_SERVER_REQ_URLPATH, /*LFT_SERVER_REQ_QUERY, */ LFT_SERVER_REQ_VERSION, @@ -203,7 +208,18 @@ typedef enum { #endif LFT_NOTE, - LFT_PERCENT /* special string cases for escaped chars */ + LFT_PERCENT, /* special string cases for escaped chars */ + + // TODO assign better bytecode names and Token strings for these + LFT_EXT_ACL_USER_CERT_RAW, + LFT_EXT_ACL_USER_CERTCHAIN_RAW, + LFT_EXT_ACL_USER_CERT, + LFT_EXT_ACL_USER_CA_CERT, + LFT_EXT_ACL_CLIENT_EUI48, + LFT_EXT_ACL_CLIENT_EUI64, + LFT_EXT_ACL_NAME, + LFT_EXT_ACL_DATA + } ByteCode_t; /// Quoting style for a format output. diff --git a/src/format/Format.cc b/src/format/Format.cc index 3102da07e8..1cc556fe3b 100644 --- a/src/format/Format.cc +++ b/src/format/Format.cc @@ -931,6 +931,13 @@ Format::Format::assemble(MemBuf &mb, const AccessLogEntry::Pointer &al, int logS } break; + case LFT_CLIENT_REQ_URLSCHEME: + if (al->request) { + out = al->request->url.getScheme().c_str(); + quote = 1; + } + break; + case LFT_CLIENT_REQ_URLDOMAIN: if (al->request) { out = al->request->GetHost(); @@ -938,6 +945,13 @@ Format::Format::assemble(MemBuf &mb, const AccessLogEntry::Pointer &al, int logS } break; + case LFT_CLIENT_REQ_URLPORT: + if (al->request) { + outint = al->request->port; + doint = 1; + } + break; + case LFT_REQUEST_URLPATH_OLD_31: case LFT_CLIENT_REQ_URLPATH: if (al->request) { @@ -991,6 +1005,27 @@ Format::Format::assemble(MemBuf &mb, const AccessLogEntry::Pointer &al, int logS } break; + case LFT_SERVER_REQ_URLSCHEME: + if (al->adapted_request) { + out = al->adapted_request->url.getScheme().c_str(); + quote = 1; + } + break; + + case LFT_SERVER_REQ_URLDOMAIN: + if (al->adapted_request) { + out = al->adapted_request->GetHost(); + quote = 1; + } + break; + + case LFT_SERVER_REQ_URLPORT: + if (al->adapted_request) { + outint = al->adapted_request->port; + doint = 1; + } + break; + case LFT_SERVER_REQ_URLPATH: if (al->adapted_request) { out = al->adapted_request->urlpath.termedBuf(); @@ -1148,7 +1183,20 @@ Format::Format::assemble(MemBuf &mb, const AccessLogEntry::Pointer &al, int logS case LFT_PERCENT: out = "%"; + break; + // XXX: external_acl_type format tokens which are not output by logformat. + // They are listed here because the switch requires + // every ByteCode_t to be explicitly enumerated. + // But do not output due to lack of access to the values. + case LFT_EXT_ACL_USER_CERT_RAW: + case LFT_EXT_ACL_USER_CERTCHAIN_RAW: + case LFT_EXT_ACL_USER_CERT: + case LFT_EXT_ACL_USER_CA_CERT: + case LFT_EXT_ACL_CLIENT_EUI48: + case LFT_EXT_ACL_CLIENT_EUI64: + case LFT_EXT_ACL_NAME: + case LFT_EXT_ACL_DATA: break; } diff --git a/src/format/Token.cc b/src/format/Token.cc index cc831a9f53..dc70c23d48 100644 --- a/src/format/Token.cc +++ b/src/format/Token.cc @@ -81,7 +81,9 @@ static TokenTableEntry TokenTable2C[] = { {">rm", LFT_CLIENT_REQ_METHOD}, {">ru", LFT_CLIENT_REQ_URI}, + {">rs", LFT_CLIENT_REQ_URLSCHEME}, {">rd", LFT_CLIENT_REQ_URLDOMAIN}, + {">rP", LFT_CLIENT_REQ_URLPORT}, {">rp", LFT_CLIENT_REQ_URLPATH}, /*{">rq", LFT_CLIENT_REQ_QUERY},*/ {">rv", LFT_CLIENT_REQ_VERSION}, @@ -94,6 +96,9 @@ static TokenTableEntry TokenTable2C[] = { {"