From: Francesco Chemolli Date: Wed, 12 Sep 2012 11:19:27 +0000 (+0200) Subject: RequestFlags: added missing default values, made all data fields unconditional, added... X-Git-Tag: sourceformat-review-1~6^2~6 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b6433ffc3c1b228de45cab23394eaa088fa062f5;p=thirdparty%2Fsquid.git RequestFlags: added missing default values, made all data fields unconditional, added more getters/setters --- diff --git a/src/RequestFlags.h b/src/RequestFlags.h index f9f21c4424..1ba2dc814f 100644 --- a/src/RequestFlags.h +++ b/src/RequestFlags.h @@ -38,19 +38,15 @@ public: nocache(0), ims(0), auth(0), cachable(0), hierarchical(0), loopdetect(0), proxy_keepalive(0), proxying(0), refresh(0), redirected(0), need_validation(0), - fail_on_validation_err(0), stale_if_hit(0), accelerated(0), + fail_on_validation_err(0), stale_if_hit(0), nocache_hack(0), accelerated(0), ignore_cc(0), intercepted(0), hostVerified(0), spoof_client_ip(0), - internal(0), internalclient(0), must_keepalive(0), pinned(false), + internal(0), internalclient(false), must_keepalive(false), connection_auth_wanted(false), connection_auth_disabled(false), connection_proxy_auth(false), pinned_(false), canRePin_(false), authSent_(false), noDirect_(false), chunkedReply_(false), streamError_(false), sslPeek_(false), doneFollowXForwardedFor(!FOLLOW_X_FORWARDED_FOR), sslBumped_(false), destinationIPLookedUp_(false), resetTCP_(false), isRanged_(false) - { -#if USE_HTTP_VIOLATIONS - nocache_hack = 0; -#endif - } + {} unsigned int nocache :1; ///< whether the response to this request may be READ from cache unsigned int ims :1; @@ -65,22 +61,14 @@ public: unsigned int need_validation :1; unsigned int fail_on_validation_err :1; ///< whether we should fail if validation fails unsigned int stale_if_hit :1; ///< reply is stale if it is a hit -#if USE_HTTP_VIOLATIONS - /* for changing/ignoring no-cache requests */ - /* TODO: remove the conditional definition, move ifdef to setter */ + /* for changing/ignoring no-cache requests. Unused unless USE_HTTP_VIOLATIONS */ unsigned int nocache_hack :1; -#endif unsigned int accelerated :1; unsigned int ignore_cc :1; unsigned int intercepted :1; ///< intercepted request unsigned int hostVerified :1; ///< whether the Host: header passed verification unsigned int spoof_client_ip :1; /**< spoof client ip if possible */ unsigned int internal :1; - unsigned int internalclient :1; - unsigned int must_keepalive :1; - unsigned int connection_auth :1; /** Request wants connection oriented auth */ - unsigned int connection_auth_disabled :1; /** Connection oriented auth can not be supported */ - unsigned int connection_proxy_auth :1; /** Request wants connection oriented auth */ // When adding new flags, please update cloneAdaptationImmune() as needed. bool resetTCP() const; @@ -129,11 +117,32 @@ public: bool canRePin() const { return canRePin_; } void allowRepinning() { canRePin_=true; } - void markPinned() { pinned = true; } - void clearPinned() { pinned = false; } - bool connPinned() const { return pinned; } + void markPinned() { pinned_ = true; } + void clearPinned() { pinned_ = false; } + bool pinned() const { return pinned_; } + + //XXX: oddly this is set in client_side_request.cc, but never checked. + bool wantConnectionProxyAuth() { return connection_proxy_auth; } + void requestConnectionProxyAuth() { connection_proxy_auth=true; } + + void disableConnectionAuth() { connection_auth_disabled=true; } + bool connectionAuthDisabled() { return connection_auth_disabled; } + + void wantConnectionAuth() { connection_auth_wanted=true; } + bool connectionAuthWanted() { return connection_auth_wanted; } + + void setMustKeepalive() { must_keepalive = true; } + bool mustKeepalive() { return must_keepalive; } + + //XXX: oddly this is set in client_side_request.cc but never checked. + void setInternalClient() { internalclient=true;} private: - bool pinned :1; ///< Request sent on a pinned connection + bool internalclient :1; + bool must_keepalive :1; + bool connection_auth_wanted :1; /** Request wants connection oriented auth */ + bool connection_auth_disabled :1; ///< Connection oriented auth can't be supported + bool connection_proxy_auth :1; ///< Request wants connection oriented auth + bool pinned_ :1; ///< Request sent on a pinned connection bool canRePin_ :1; ///< OK to reopen a failed pinned connection bool authSent_ :1; ///< Authentication was forwarded /** Deny direct forwarding unless overriden by always_direct. diff --git a/src/auth/negotiate/UserRequest.cc b/src/auth/negotiate/UserRequest.cc index ac4e71cc59..8ea4d1a7d6 100644 --- a/src/auth/negotiate/UserRequest.cc +++ b/src/auth/negotiate/UserRequest.cc @@ -286,7 +286,7 @@ Auth::Negotiate::UserRequest::HandleReply(void *data, void *lastserver, char *re ++arg; } safe_free(lm_request->server_blob); - lm_request->request->flags.must_keepalive = 1; + lm_request->request->flags.setMustKeepalive(); if (lm_request->request->flags.proxy_keepalive) { lm_request->server_blob = xstrdup(blob); auth_user_request->user()->credentials(Auth::Handshake); diff --git a/src/auth/negotiate/auth_negotiate.cc b/src/auth/negotiate/auth_negotiate.cc index 556f9c072c..c36e7dc553 100644 --- a/src/auth/negotiate/auth_negotiate.cc +++ b/src/auth/negotiate/auth_negotiate.cc @@ -218,7 +218,7 @@ Auth::Negotiate::Config::fixHeader(Auth::UserRequest::Pointer auth_user_request, return; /* Need keep-alive */ - if (!request->flags.proxy_keepalive && request->flags.must_keepalive) + if (!request->flags.proxy_keepalive && request->flags.mustKeepalive()) return; /* New request, no user details */ diff --git a/src/auth/ntlm/UserRequest.cc b/src/auth/ntlm/UserRequest.cc index bd2b4ffe13..1a99bade69 100644 --- a/src/auth/ntlm/UserRequest.cc +++ b/src/auth/ntlm/UserRequest.cc @@ -269,7 +269,7 @@ Auth::Ntlm::UserRequest::HandleReply(void *data, void *lastserver, char *reply) if (strncasecmp(reply, "TT ", 3) == 0) { /* we have been given a blob to send to the client */ safe_free(lm_request->server_blob); - lm_request->request->flags.must_keepalive = 1; + lm_request->request->flags.setMustKeepalive(); if (lm_request->request->flags.proxy_keepalive) { lm_request->server_blob = xstrdup(blob); auth_user_request->user()->credentials(Auth::Handshake); diff --git a/src/auth/ntlm/auth_ntlm.cc b/src/auth/ntlm/auth_ntlm.cc index 8282cc3c3d..7c4d8c0df2 100644 --- a/src/auth/ntlm/auth_ntlm.cc +++ b/src/auth/ntlm/auth_ntlm.cc @@ -205,7 +205,7 @@ Auth::Ntlm::Config::fixHeader(Auth::UserRequest::Pointer auth_user_request, Http return; /* Need keep-alive */ - if (!request->flags.proxy_keepalive && request->flags.must_keepalive) + if (!request->flags.proxy_keepalive && request->flags.mustKeepalive()) return; /* New request, no user details */ diff --git a/src/client_side_reply.cc b/src/client_side_reply.cc index 9bc6519e2b..62a9588198 100644 --- a/src/client_side_reply.cc +++ b/src/client_side_reply.cc @@ -1401,11 +1401,11 @@ clientReplyContext::buildReplyHeader() || (strncasecmp(value, "Kerberos", 8) == 0 && (value[8] == '\0' || value[8] == ' '))) { - if (request->flags.connection_auth_disabled) { + if (request->flags.connectionAuthDisabled()) { hdr->delAt(pos, connection_auth_blocked); continue; } - request->flags.must_keepalive = 1; + request->flags.setMustKeepalive(); if (!request->flags.accelerated && !request->flags.intercepted) { httpHeaderPutStrf(hdr, HDR_PROXY_SUPPORT, "Session-Based-Authentication"); /* @@ -1459,22 +1459,22 @@ clientReplyContext::buildReplyHeader() (request->http_ver >= HttpVersion(1, 1)); /* Check whether we should send keep-alive */ - if (!Config.onoff.error_pconns && reply->sline.status >= 400 && !request->flags.must_keepalive) { + if (!Config.onoff.error_pconns && reply->sline.status >= 400 && !request->flags.mustKeepalive()) { debugs(33, 3, "clientBuildReplyHeader: Error, don't keep-alive"); request->flags.proxy_keepalive = 0; - } else if (!Config.onoff.client_pconns && !request->flags.must_keepalive) { + } else if (!Config.onoff.client_pconns && !request->flags.mustKeepalive()) { debugs(33, 2, "clientBuildReplyHeader: Connection Keep-Alive not requested by admin or client"); request->flags.proxy_keepalive = 0; } else if (request->flags.proxy_keepalive && shutting_down) { debugs(88, 3, "clientBuildReplyHeader: Shutting down, don't keep-alive."); request->flags.proxy_keepalive = 0; - } else if (request->flags.connection_auth && !reply->keep_alive) { + } else if (request->flags.connectionAuthWanted() && !reply->keep_alive) { debugs(33, 2, "clientBuildReplyHeader: Connection oriented auth but server side non-persistent"); request->flags.proxy_keepalive = 0; } else if (reply->bodySize(request->method) < 0 && !maySendChunkedReply) { debugs(88, 3, "clientBuildReplyHeader: can't keep-alive, unknown body size" ); request->flags.proxy_keepalive = 0; - } else if (fdUsageHigh()&& !request->flags.must_keepalive) { + } else if (fdUsageHigh()&& !request->flags.mustKeepalive()) { debugs(88, 3, "clientBuildReplyHeader: Not many unused FDs, can't keep-alive"); request->flags.proxy_keepalive = 0; } else if (request->flags.sslBumped() && !reply->persistent()) { diff --git a/src/client_side_request.cc b/src/client_side_request.cc index a3ebc67cc1..b7d51f348b 100644 --- a/src/client_side_request.cc +++ b/src/client_side_request.cc @@ -389,7 +389,7 @@ clientBeginRequest(const HttpRequestMethod& method, char const *url, CSCB * stre */ request->flags.accelerated = http->flags.accel; - request->flags.internalclient = 1; + request->flags.setInternalClient(); /* this is an internally created * request, not subject to acceleration @@ -981,14 +981,15 @@ clientCheckPinning(ClientHttpRequest * http) if (!http_conn) return; - request->flags.connection_auth_disabled = http_conn->port->connection_auth_disabled; - if (!request->flags.connection_auth_disabled) { + if (http_conn->port->connection_auth_disabled) + request->flags.disableConnectionAuth(); + if (!request->flags.connectionAuthDisabled()) { if (Comm::IsConnOpen(http_conn->pinning.serverConnection)) { if (http_conn->pinning.auth) { - request->flags.connection_auth = 1; + request->flags.wantConnectionAuth(); request->flags.auth = 1; } else { - request->flags.connection_proxy_auth = 1; + request->flags.requestConnectionProxyAuth(); } // These should already be linked correctly. assert(request->clientConnectionManager == http_conn); @@ -996,11 +997,11 @@ clientCheckPinning(ClientHttpRequest * http) } /* check if connection auth is used, and flag as candidate for pinning - * in such case. + * in such case.; * Note: we may need to set flags.connection_auth even if the connection * is already pinned if it was pinned earlier due to proxy auth */ - if (!request->flags.connection_auth) { + if (!request->flags.connectionAuthWanted()) { if (req_hdr->has(HDR_AUTHORIZATION) || req_hdr->has(HDR_PROXY_AUTHORIZATION)) { HttpHeaderPos pos = HttpHeaderInitPos; HttpHeaderEntry *e; @@ -1014,10 +1015,10 @@ clientCheckPinning(ClientHttpRequest * http) || strncasecmp(value, "Kerberos ", 9) == 0) { if (e->id == HDR_AUTHORIZATION) { - request->flags.connection_auth = 1; + request->flags.wantConnectionAuth(); may_pin = 1; } else { - request->flags.connection_proxy_auth = 1; + request->flags.requestConnectionProxyAuth(); may_pin = 1; } } diff --git a/src/forward.cc b/src/forward.cc index 0442a4b2a8..526986ba37 100644 --- a/src/forward.cc +++ b/src/forward.cc @@ -886,7 +886,7 @@ FwdState::connectDone(const Comm::ConnectionPointer &conn, comm_err_t status, in } #if USE_SSL - if (!request->flags.connPinned() || rePin) { + if (!request->flags.pinned() || rePin) { if ((serverConnection()->getPeer() && serverConnection()->getPeer()->use_ssl) || (!serverConnection()->getPeer() && request->protocol == AnyP::PROTO_HTTPS) || request->flags.sslPeek()) { diff --git a/src/http.cc b/src/http.cc index f811b115c9..dd98063827 100644 --- a/src/http.cc +++ b/src/http.cc @@ -716,7 +716,7 @@ HttpStateData::processReplyHeader() } if (!peerSupportsConnectionPinning()) - request->flags.connection_auth_disabled = 1; + request->flags.disableConnectionAuth(); HttpReply *vrep = setVirginReply(newrep); flags.headers_parsed = 1; @@ -837,7 +837,7 @@ bool HttpStateData::peerSupportsConnectionPinning() const return true; /*if the connections it is already pinned it is OK*/ - if (request->flags.connPinned()) + if (request->flags.pinned()) return true; /*Allow pinned connections only if the Proxy-support header exists in @@ -1389,15 +1389,15 @@ HttpStateData::processReplyBody() if (request->flags.spoof_client_ip) client_addr = request->client_addr; - if (request->flags.connPinned()) { + if (request->flags.pinned()) { ispinned = true; - } else if (request->flags.connection_auth && request->flags.authSent()) { + } else if (request->flags.connectionAuthWanted() && request->flags.authSent()) { ispinned = true; } if (request->pinnedConnection() && ispinned) { request->pinnedConnection()->pinConnection(serverConnection, request, _peer, - (request->flags.connection_auth != 0)); + request->flags.connectionAuthWanted()); } else { fwd->pconnPush(serverConnection, request->peer_host ? request->peer_host : request->GetHost()); } @@ -1988,7 +1988,7 @@ HttpStateData::decideIfWeDoRanges (HttpRequest * request) int64_t roffLimit = request->getRangeOffsetLimit(); if (NULL == request->range || !request->flags.cachable - || request->range->offsetLimitExceeded(roffLimit) || request->flags.connection_auth) + || request->range->offsetLimitExceeded(roffLimit) || request->flags.connectionAuthWanted()) result = false; debugs(11, 8, "decideIfWeDoRanges: range specs: " << @@ -2021,7 +2021,7 @@ HttpStateData::buildRequestPrefix(MemBuf * mb) Packer p; httpBuildRequestHeader(request, entry, fwd->al, &hdr, flags); - if (request->flags.connPinned() && request->flags.connection_auth) + if (request->flags.pinned() && request->flags.connectionAuthWanted()) request->flags.markAuthSent(); else if (hdr.has(HDR_AUTHORIZATION)) request->flags.markAuthSent(); @@ -2091,7 +2091,7 @@ HttpStateData::sendRequest() /* * Is keep-alive okay for all request methods? */ - if (request->flags.must_keepalive) + if (request->flags.mustKeepalive()) flags.keepalive = 1; else if (!Config.onoff.server_pconns) flags.keepalive = 0;