From: Amos Jeffries Date: Fri, 9 Jan 2009 02:13:06 +0000 (+1300) Subject: SourceLayout: move IPInterception into libip.la X-Git-Tag: SQUID_3_1_0_4~19 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ce3f256d83857964135e897dcbd3722ea5e77bdc;p=thirdparty%2Fsquid.git SourceLayout: move IPInterception into libip.la --- diff --git a/src/Makefile.am b/src/Makefile.am index bc7d8b91a6..1bc4044d29 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -421,8 +421,6 @@ libsquid_la_SOURCES = \ CommCalls.h \ DescriptorSet.cc \ DescriptorSet.h \ - IPInterception.cc \ - IPInterception.h \ ICAP/AsyncJob.cc \ ICAP/AsyncJob.h \ SquidConfig.cc \ @@ -749,6 +747,8 @@ recv_announce_SOURCES = recv-announce.cc SquidNew.cc ## client_db wants SNMP_SOURCE ## snmp_core wants ACLStringData ## SwapDir wants ConfigOption +## tools.cc wants libip.la +## client_side.cc wants libip.la ufsdump_SOURCES = \ debug.cc \ int.cc \ @@ -870,7 +870,6 @@ ufsdump_SOURCES = \ peer_sourcehash.cc \ peer_userhash.cc \ protos.h \ - ip/stubQosConfig.cc \ redirect.cc \ referer.cc \ refresh.cc \ @@ -914,6 +913,7 @@ ufsdump_LDADD = \ libsquid.la \ libauth.la \ icmp/libicmp.la icmp/libicmp-core.la \ + ip/libip.la \ -L../lib \ @XTRA_OBJS@ \ @REPL_OBJS@ \ @@ -1431,7 +1431,6 @@ tests_testCacheManager_SOURCES = \ peer_select.cc \ peer_sourcehash.cc \ peer_userhash.cc \ - ip/stubQosConfig.cc \ redirect.cc \ referer.cc \ refresh.cc \ @@ -1483,6 +1482,7 @@ tests_testCacheManager_LDADD = \ libsquid.la \ libauth.la \ icmp/libicmp.la icmp/libicmp-core.la \ + ip/libip.la \ @REPL_OBJS@ \ ${ADAPTATION_LIBS} \ @REGEXLIB@ \ @@ -1608,7 +1608,6 @@ tests_testEvent_SOURCES = \ peer_select.cc \ peer_sourcehash.cc \ peer_userhash.cc \ - ip/stubQosConfig.cc \ redirect.cc \ referer.cc \ refresh.cc \ @@ -1659,6 +1658,7 @@ tests_testEvent_LDADD = \ libsquid.la \ libauth.la \ icmp/libicmp.la icmp/libicmp-core.la \ + ip/libip.la \ @REPL_OBJS@ \ ${ADAPTATION_LIBS} \ @REGEXLIB@ \ @@ -1765,7 +1765,6 @@ tests_testEventLoop_SOURCES = \ peer_select.cc \ peer_sourcehash.cc \ peer_userhash.cc \ - ip/stubQosConfig.cc \ redirect.cc \ referer.cc \ refresh.cc \ @@ -1816,6 +1815,7 @@ tests_testEventLoop_LDADD = \ libsquid.la \ libauth.la \ icmp/libicmp.la icmp/libicmp-core.la \ + ip/libip.la \ @REPL_OBJS@ \ ${ADAPTATION_LIBS} \ @REGEXLIB@ \ @@ -1912,7 +1912,6 @@ tests_test_http_range_SOURCES = \ peer_sourcehash.cc \ peer_userhash.cc \ pconn.cc \ - ip/stubQosConfig.cc \ redirect.cc \ referer.cc \ refresh.cc \ @@ -1968,6 +1967,7 @@ tests_test_http_range_LDADD = \ libsquid.la \ libauth.la \ icmp/libicmp.la icmp/libicmp-core.la \ + ip/libip.la \ @REPL_OBJS@ \ @STORE_OBJS@ \ ${ADAPTATION_LIBS} \ @@ -2074,7 +2074,6 @@ tests_testHttpRequest_SOURCES = \ peer_select.cc \ peer_sourcehash.cc \ peer_userhash.cc \ - ip/stubQosConfig.cc \ redirect.cc \ referer.cc \ refresh.cc \ @@ -2126,6 +2125,7 @@ tests_testHttpRequest_LDADD = \ libsquid.la \ libauth.la \ icmp/libicmp.la icmp/libicmp-core.la \ + ip/libip.la \ @REPL_OBJS@ \ ${ADAPTATION_LIBS} \ @REGEXLIB@ \ @@ -2440,7 +2440,6 @@ tests_testURL_SOURCES = \ peer_select.cc \ peer_sourcehash.cc \ peer_userhash.cc \ - ip/stubQosConfig.cc \ redirect.cc \ referer.cc \ refresh.cc \ @@ -2489,6 +2488,7 @@ tests_testURL_LDADD = \ libsquid.la \ libauth.la \ icmp/libicmp.la icmp/libicmp-core.la \ + ip/libip.la \ @REGEXLIB@ \ @REPL_OBJS@ \ ${ADAPTATION_LIBS} \ diff --git a/src/cache_cf.cc b/src/cache_cf.cc index 1034576d65..dac99b8f17 100644 --- a/src/cache_cf.cc +++ b/src/cache_cf.cc @@ -47,7 +47,7 @@ #include "Parsing.h" #include "MemBuf.h" #include "wordlist.h" -#include "IPInterception.h" +#include "ip/IpIntercept.h" #if HAVE_GLOB_H #include @@ -2966,7 +2966,7 @@ parse_http_port_option(http_port_list * s, char *token) } else if (strcmp(token, "transparent") == 0 || strcmp(token, "intercept") == 0) { s->intercepted = 1; - IPInterceptor.StartInterception(); + IpInterceptor.StartInterception(); /* Log information regarding the port modes under interception. */ debugs(3, DBG_IMPORTANT, "Starting Authentication on port " << s->s); debugs(3, DBG_IMPORTANT, "Disabling Authentication on port " << s->s << " (interception enabled)"); @@ -2985,7 +2985,7 @@ parse_http_port_option(http_port_list * s, char *token) self_destruct(); } s->spoof_client_ip = 1; - IPInterceptor.StartTransparency(); + IpInterceptor.StartTransparency(); /* Log information regarding the port modes under transparency. */ debugs(3, DBG_IMPORTANT, "Starting IP Spoofing on port " << s->s); debugs(3, DBG_IMPORTANT, "Disabling Authentication on port " << s->s << " (Ip spoofing enabled)"); diff --git a/src/client_side.cc b/src/client_side.cc index 40d9b77a83..6f5cc255f4 100644 --- a/src/client_side.cc +++ b/src/client_side.cc @@ -81,12 +81,10 @@ * data flow. */ -#include "config.h" #include "squid.h" #include "client_side.h" #include "clientStream.h" #include "ProtoPort.h" -#include "IPInterception.h" #include "AuthUserRequest.h" #include "Store.h" #include "comm.h" @@ -94,6 +92,7 @@ #include "HttpReply.h" #include "HttpRequest.h" #include "ident.h" +#include "ip/IpIntercept.h" #include "MemObject.h" #include "fde.h" #include "client_side_request.h" @@ -2260,10 +2259,10 @@ clientProcessRequest(ConnStateData *conn, HttpParser *hp, ClientSocketContext *c * If transparent or interception mode is working clone the transparent and interception flags * from the port settings to the request. */ - if (IPInterceptor.InterceptActive()) { + if (IpInterceptor.InterceptActive()) { request->flags.intercepted = http->flags.intercepted; } - if (IPInterceptor.TransparentActive()) { + if (IpInterceptor.TransparentActive()) { request->flags.spoof_client_ip = conn->port->spoof_client_ip; } @@ -2781,7 +2780,7 @@ connStateCreate(const IPAddress &peer, const IPAddress &me, int fd, http_port_li if (port->intercepted || port->spoof_client_ip) { IPAddress client, dst; - if (IPInterceptor.NatLookup(fd, me, peer, client, dst) == 0) { + if (IpInterceptor.NatLookup(fd, me, peer, client, dst) == 0) { result->me = client; result->peer = dst; result->transparent(true); diff --git a/src/comm.cc b/src/comm.cc index 95c03311fa..4b032cbff5 100644 --- a/src/comm.cc +++ b/src/comm.cc @@ -48,9 +48,9 @@ #include "SquidTime.h" #include "CommCalls.h" #include "IPAddress.h" -#include "IPInterception.h" #include "DescriptorSet.h" #include "icmp/net_db.h" +#include "ip/IpIntercept.h" #if defined(_SQUID_CYGWIN_) #include diff --git a/src/forward.cc b/src/forward.cc index a28dd9058e..1b0341812e 100644 --- a/src/forward.cc +++ b/src/forward.cc @@ -1,7 +1,4 @@ - /* - * $Id: forward.cc,v 1.175 2008/02/11 22:26:39 rousskov Exp $ - * * DEBUG: section 17 Request Forwarding * AUTHOR: Duane Wessels * @@ -49,7 +46,7 @@ #include "SquidTime.h" #include "Store.h" #include "icmp/net_db.h" -#include "IPInterception.h" +#include "ip/IpIntercept.h" static PSC fwdStartCompleteWrapper; static PF fwdServerClosedWrapper; @@ -269,7 +266,6 @@ FwdState::fwdStart(int client_fd, StoreEntry *entry, HttpRequest *request) * then we need the client source protocol, address and port */ if (request->flags.spoof_client_ip) { fwd->src = request->client_addr; - // AYJ: do we need to pass on the transparent flag also? } fwd->start(fwd); @@ -907,7 +903,7 @@ FwdState::connectStart() if (!fs->_peer && request->flags.spoof_client_ip) { // try to set the outgoing address using TPROXY v2 // if it fails we abort any further TPROXY actions on this connection - if (IPInterceptor.SetTproxy2OutgoingAddr(int fd, const IPAddress &src) == -1) { + if (IpInterceptor.SetTproxy2OutgoingAddr(int fd, const IPAddress &src) == -1) { request->flags.spoof_client_ip = 0; } } diff --git a/src/IPInterception.cc b/src/ip/IpIntercept.cc similarity index 94% rename from src/IPInterception.cc rename to src/ip/IpIntercept.cc index a307aa77a7..b8565f7948 100644 --- a/src/IPInterception.cc +++ b/src/ip/IpIntercept.cc @@ -1,6 +1,4 @@ /* - * $Id: IPInterception.cc,v 1.20 2008/02/05 22:38:24 amosjeffries Exp $ - * * DEBUG: section 89 NAT / IP Interception * AUTHOR: Robert Collins * AUTHOR: Amos Jeffries @@ -33,14 +31,9 @@ * */ #include "config.h" -#include "IPInterception.h" +#include "IpIntercept.h" #include "fde.h" -#if 0 -#include "squid.h" -#include "clientStream.h" -#endif - #if IPF_TRANSPARENT #if HAVE_SYS_IOCTL_H @@ -104,10 +97,10 @@ // single global instance for access by other components. -IPIntercept IPInterceptor; +IpIntercept IpInterceptor; void -IPIntercept::StopTransparency(const char *str) +IpIntercept::StopTransparency(const char *str) { if (transparent_active) { debugs(89, DBG_IMPORTANT, "Stopping full transparency: " << str); @@ -116,7 +109,7 @@ IPIntercept::StopTransparency(const char *str) } void -IPIntercept::StopInterception(const char *str) +IpIntercept::StopInterception(const char *str) { if (intercept_active) { debugs(89, DBG_IMPORTANT, "Stopping IP interception: " << str); @@ -125,7 +118,7 @@ IPIntercept::StopInterception(const char *str) } int -IPIntercept::NetfilterInterception(int fd, const IPAddress &me, IPAddress &dst, int silent) +IpIntercept::NetfilterInterception(int fd, const IPAddress &me, IPAddress &dst, int silent) { #if LINUX_NETFILTER struct addrinfo *lookup = NULL; @@ -156,7 +149,7 @@ IPIntercept::NetfilterInterception(int fd, const IPAddress &me, IPAddress &dst, } int -IPIntercept::NetfilterTransparent(int fd, const IPAddress &me, IPAddress &client, int silent) +IpIntercept::NetfilterTransparent(int fd, const IPAddress &me, IPAddress &client, int silent) { #if LINUX_NETFILTER @@ -172,7 +165,7 @@ IPIntercept::NetfilterTransparent(int fd, const IPAddress &me, IPAddress &client } int -IPIntercept::IPFWInterception(int fd, const IPAddress &me, IPAddress &dst, int silent) +IpIntercept::IpfwInterception(int fd, const IPAddress &me, IPAddress &dst, int silent) { #if IPFW_TRANSPARENT struct addrinfo *lookup = NULL; @@ -203,7 +196,7 @@ IPIntercept::IPFWInterception(int fd, const IPAddress &me, IPAddress &dst, int s } int -IPIntercept::NatLookup(int fd, const IPAddress &me, const IPAddress &peer, IPAddress &client, IPAddress &dst) +IpIntercept::NatLookup(int fd, const IPAddress &me, const IPAddress &peer, IPAddress &client, IPAddress &dst) { #if IPF_TRANSPARENT /* --enable-ipf-transparent */ client = me; @@ -329,7 +322,7 @@ IPIntercept::NatLookup(int fd, const IPAddress &me, const IPAddress &peer, IPAdd if (intercept_active) { if ( NetfilterInterception(fd, me, client, silent) == 0) return 0; - if ( IPFWInterception(fd, me, client, silent) == 0) return 0; + if ( IpfwInterception(fd, me, client, silent) == 0) return 0; } if (transparent_active) { if ( NetfilterTransparent(fd, me, dst, silent) == 0) return 0; @@ -405,7 +398,7 @@ IPIntercept::NatLookup(int fd, const IPAddress &me, const IPAddress &peer, IPAdd } #if LINUX_TPROXY2 -IPIntercept::SetTproxy2OutgoingAddr(int fd, const IPAddress &src) +IpIntercept::SetTproxy2OutgoingAddr(int fd, const IPAddress &src) { IPAddress addr; struct in_tproxy itp; diff --git a/src/IPInterception.h b/src/ip/IpIntercept.h similarity index 90% rename from src/IPInterception.h rename to src/ip/IpIntercept.h index b9aeafa786..5ce9400ec8 100644 --- a/src/IPInterception.h +++ b/src/ip/IpIntercept.h @@ -1,6 +1,4 @@ /* - * $Id: IPInterception.h,v 1.7 2007/12/14 23:11:45 amosjeffries Exp $ - * * DEBUG: section 89 NAT / IP Interception * AUTHOR: Robert Collins * AUTHOR: Amos Jeffries @@ -15,18 +13,18 @@ class IPAddress; #include "SquidTime.h" /** - \defgroup IPInterceptAPI IP Interception and Transparent Proxy API + \defgroup IpInterceptAPI IP Interception and Transparent Proxy API \ingroup SquidComponent \par * There is no formal state-machine for transparency and interception * instead there is this neutral API which other connection state machines * and the comm layer use to co-ordinate their own state for transparency. */ -class IPIntercept +class IpIntercept { public: - IPIntercept() : transparent_active(0), intercept_active(0), last_reported(0) {}; - ~IPIntercept() {}; + IpIntercept() : transparent_active(0), intercept_active(0), last_reported(0) {}; + ~IpIntercept() {}; /** Perform NAT lookups */ int NatLookup(int fd, const IPAddress &me, const IPAddress &peer, IPAddress &client, IPAddress &dst); @@ -107,7 +105,7 @@ private: \retval 0 Successfuly located the new address. \retval -1 An error occured during NAT lookups. */ - int IPFWInterception(int fd, const IPAddress &me, IPAddress &client, int silent); + int IpfwInterception(int fd, const IPAddress &me, IPAddress &client, int silent); int transparent_active; @@ -116,14 +114,14 @@ private: }; #if LINUX_NETFILTER && !defined(IP_TRANSPARENT) -/// \ingroup IPInterceptAPI +/// \ingroup IpInterceptAPI #define IP_TRANSPARENT 19 #endif /** - \ingroup IPInterceptAPI + \ingroup IpInterceptAPI * Globally available instance of the IP Interception manager. */ -extern IPIntercept IPInterceptor; +extern IpIntercept IpInterceptor; #endif /* SQUID_IPINTERCEPTION_H */ diff --git a/src/ip/Makefile.am b/src/ip/Makefile.am index 1ac244009b..46fae62f37 100644 --- a/src/ip/Makefile.am +++ b/src/ip/Makefile.am @@ -21,6 +21,8 @@ $(OBJS): $(top_srcdir)/include/version.h $(top_srcdir)/include/autoconf.h noinst_LTLIBRARIES = libip.la libip_la_SOURCES = \ + IpIntercept.h \ + IpIntercept.cc \ QosConfig.h \ QosConfig.cc @@ -30,8 +32,8 @@ TESTS= $(check_PROGRAMS) ## Special Universal .h dependency test script ## aborts if error encountered -testHeaders: $(top_srcdir)/src/icmp/*.h - $(SHELL) $(top_srcdir)/test-suite/testheaders.sh "$(CXXCOMPILE)" "$(top_srcdir)/src/icmp/" || exit 1 +testHeaders: $(top_srcdir)/src/ip/*.h + $(SHELL) $(top_srcdir)/test-suite/testheaders.sh "$(CXXCOMPILE)" "$(top_srcdir)/src/ip/" || exit 1 ## No such file... testHeaders.c: diff --git a/src/tools.cc b/src/tools.cc index b65c86b62c..293ab9a8bc 100644 --- a/src/tools.cc +++ b/src/tools.cc @@ -39,7 +39,7 @@ #include "MemBuf.h" #include "wordlist.h" #include "SquidTime.h" -#include "IPInterception.h" +#include "ip/IpIntercept.h" #ifdef _SQUID_LINUX_ #if HAVE_SYS_CAPABILITY_H @@ -1249,7 +1249,7 @@ keepCapabilities(void) #if HAVE_PRCTL && defined(PR_SET_KEEPCAPS) && HAVE_SYS_CAPABILITY_H if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0)) { - IPInterceptor.StopTransparency("capability setting has failed."); + IpInterceptor.StopTransparency("capability setting has failed."); } #endif } @@ -1280,7 +1280,7 @@ restoreCapabilities(int keep) cap->inheritable = 0; cap->effective = (1 << CAP_NET_BIND_SERVICE); - if (IPInterceptor.TransparentActive()) { + if (IpInterceptor.TransparentActive()) { cap->effective |= (1 << CAP_NET_ADMIN); #if LINUX_TPROXY2 cap->effective |= (1 << CAP_NET_BROADCAST); @@ -1291,7 +1291,7 @@ restoreCapabilities(int keep) cap->permitted &= cap->effective; if (capset(head, cap) != 0) { - IPInterceptor.StopTransparency("Error enabling needed capabilities."); + IpInterceptor.StopTransparency("Error enabling needed capabilities."); } } @@ -1299,7 +1299,7 @@ restoreCapabilities(int keep) xfree(cap); #else - IPInterceptor.StopTransparency("Missing needed capability support."); + IpInterceptor.StopTransparency("Missing needed capability support."); #endif /* HAVE_SYS_CAPABILITY_H */ #endif /* !defined(_SQUID_LINUX_) */ diff --git a/src/ufsdump.cc b/src/ufsdump.cc index 3bfd795502..c8e87d5515 100644 --- a/src/ufsdump.cc +++ b/src/ufsdump.cc @@ -33,7 +33,7 @@ * */ -#include "squid.h" +#include "config.h" #include "StoreMeta.h" #include "StoreMetaUnpacker.h" #include "Store.h"