------------------------------------------------------------ revno: 13399 revision-id: squid3@treenet.co.nz-20140507100558-i18569k91c1f6u2d parent: squid3@treenet.co.nz-20140505115625-91f2i631n5tv31z7 committer: Amos Jeffries branch nick: trunk timestamp: Wed 2014-05-07 03:05:58 -0700 message: Cleanup: Refactor external_acl_type format codes representation Removes enum_external_acl_format::format_type from external_acl.cc by replacing it with enum Format::ByteCode_t. Several missing logformat codes related to URL display have been added to the logformat token set for general use. Several of the external ACL format codes have been added to Format::ByteCode_t without equivalent logformat TokenTableEntry's at this stage as both desirable token naming and access to the data to produce them generically is unclear. The external_acl_type parser is updated to accept logformat tokens wherever an equivalent exists and map directly to the ByteCode_t values. The mgr:config report dumper is also updated to output the logformat tokens. But as yet the official deprecation has not been done in squid.conf. ------------------------------------------------------------ # Bazaar merge directive format 2 (Bazaar 0.90) # revision_id: squid3@treenet.co.nz-20140507100558-i18569k91c1f6u2d # target_branch: http://bzr.squid-cache.org/bzr/squid3/trunk/ # testament_sha1: 2d3873d8970c7fa6f485755466668f3266df0d1c # timestamp: 2014-05-07 11:01:37 +0000 # source_branch: http://bzr.squid-cache.org/bzr/squid3/trunk/ # base_revision_id: squid3@treenet.co.nz-20140505115625-\ # 91f2i631n5tv31z7 # # Begin patch === modified file 'src/cf.data.pre' --- src/cf.data.pre 2014-05-04 15:34:46 +0000 +++ src/cf.data.pre 2014-05-07 10:05:58 +0000 @@ -3867,15 +3867,20 @@ [http::]ru Request URL from client (historic, filtered for logging) [http::]>ru Request URL from client [http::]rs Request URL scheme from client + [http::]rd Request URL domain from client - [http::]rp Request URL-Path excluding hostname - [http::]>rp Request URL-Path excluding hostname from client - [http::]rd Request URL domain sent to server or peer + [http::]>rP Request URL port from client + [http::]rp Request URL path excluding hostname from client + [http::]rv Request protocol version from client [http::]h Original received request header. + [http::]>h Original received request header. Usually differs from the request header sent by Squid, although most fields are often preserved. Accepts optional header field name/value filter === modified file 'src/external_acl.cc' --- src/external_acl.cc 2014-04-27 07:59:17 +0000 +++ src/external_acl.cc 2014-05-07 10:05:58 +0000 @@ -48,6 +48,7 @@ #include "ExternalACL.h" #include "ExternalACLEntry.h" #include "fde.h" +#include "format/ByteCode.h" #include "helper.h" #include "HttpHeaderTools.h" #include "HttpReply.h" @@ -150,55 +151,7 @@ }; struct _external_acl_format { - enum format_type { - EXT_ACL_UNKNOWN, -#if USE_AUTH - EXT_ACL_LOGIN, -#endif -#if USE_IDENT - EXT_ACL_IDENT, -#endif - EXT_ACL_SRC, - EXT_ACL_SRCPORT, -#if USE_SQUID_EUI - EXT_ACL_SRCEUI48, - EXT_ACL_SRCEUI64, -#endif - EXT_ACL_MYADDR, - EXT_ACL_MYPORT, - EXT_ACL_URI, - EXT_ACL_DST, - EXT_ACL_PROTO, - EXT_ACL_PORT, - EXT_ACL_PATH, - EXT_ACL_METHOD, - - EXT_ACL_HEADER_REQUEST, - EXT_ACL_HEADER_REQUEST_MEMBER, - EXT_ACL_HEADER_REQUEST_ID, - EXT_ACL_HEADER_REQUEST_ID_MEMBER, - - EXT_ACL_HEADER_REPLY, - EXT_ACL_HEADER_REPLY_MEMBER, - EXT_ACL_HEADER_REPLY_ID, - EXT_ACL_HEADER_REPLY_ID_MEMBER, - -#if USE_OPENSSL - EXT_ACL_USER_CERT, - EXT_ACL_USER_CA_CERT, - EXT_ACL_USER_CERT_RAW, - EXT_ACL_USER_CERTCHAIN_RAW, -#endif -#if USE_AUTH - EXT_ACL_EXT_USER, -#endif - EXT_ACL_EXT_LOG, - EXT_ACL_TAG, - EXT_ACL_ACLNAME, - EXT_ACL_ACLDATA, - EXT_ACL_PERCENT, - EXT_ACL_END - } type; + Format::ByteCode_t type; external_acl_format *next; char *header; char *member; @@ -254,7 +207,7 @@ \param format - structure to contain all the info about this format element. */ void -parse_header_token(external_acl_format *format, char *header, const _external_acl_format::format_type type) +parse_header_token(external_acl_format *format, char *header, const Format::ByteCode_t type) { /* header format */ char *member, *end; @@ -282,30 +235,17 @@ format->member = xstrdup(member); - if (type == _external_acl_format::EXT_ACL_HEADER_REQUEST) - format->type = _external_acl_format::EXT_ACL_HEADER_REQUEST_MEMBER; + if (type == Format::LFT_ADAPTED_REQUEST_HEADER) + format->type = Format::LFT_ADAPTED_REQUEST_HEADER_ELEM; else - format->type = _external_acl_format::EXT_ACL_HEADER_REQUEST_MEMBER; + format->type = Format::LFT_REPLY_HEADER_ELEM; + } else { format->type = type; } format->header = xstrdup(header); format->header_id = httpHeaderIdByNameDef(header, strlen(header)); - - if (format->header_id != -1) { - if (member) { - if (type == _external_acl_format::EXT_ACL_HEADER_REQUEST) - format->type = _external_acl_format::EXT_ACL_HEADER_REQUEST_ID_MEMBER; - else - format->type = _external_acl_format::EXT_ACL_HEADER_REPLY_ID_MEMBER; - } else { - if (type == _external_acl_format::EXT_ACL_HEADER_REQUEST) - format->type = _external_acl_format::EXT_ACL_HEADER_REQUEST_ID; - else - format->type = _external_acl_format::EXT_ACL_HEADER_REPLY_ID; - } - } } void @@ -421,84 +361,84 @@ if (strncmp(token, "%{", 2) == 0) { // deprecated. but assume the old configs all referred to request headers. debugs(82, DBG_PARSE_NOTE(DBG_IMPORTANT), "WARNING: external_acl_type format %{...} is being replaced by %>ha{...} for : " << token); - parse_header_token(format, (token+2), _external_acl_format::EXT_ACL_HEADER_REQUEST); + parse_header_token(format, (token+2), Format::LFT_ADAPTED_REQUEST_HEADER); } else if (strncmp(token, "%>{", 3) == 0) { debugs(82, DBG_PARSE_NOTE(DBG_IMPORTANT), "WARNING: external_acl_type format %>{...} is being replaced by %>ha{...} for : " << token); - parse_header_token(format, (token+3), _external_acl_format::EXT_ACL_HEADER_REQUEST); + parse_header_token(format, (token+3), Format::LFT_ADAPTED_REQUEST_HEADER); } else if (strncmp(token, "%>ha{", 5) == 0) { - parse_header_token(format, (token+3), _external_acl_format::EXT_ACL_HEADER_REQUEST); + parse_header_token(format, (token+3), Format::LFT_ADAPTED_REQUEST_HEADER); } else if (strncmp(token, "%<{", 3) == 0) { debugs(82, DBG_PARSE_NOTE(DBG_IMPORTANT), "WARNING: external_acl_type format %<{...} is being replaced by %type = _external_acl_format::EXT_ACL_LOGIN; + format->type = Format::LFT_USER_LOGIN; a->require_auth = true; #endif } #if USE_IDENT else if (strcmp(token, "%IDENT") == 0 || strcmp(token, "%ui") == 0) - format->type = _external_acl_format::EXT_ACL_IDENT; + format->type = Format::LFT_USER_IDENT; #endif else if (strcmp(token, "%SRC") == 0 || strcmp(token, "%>a") == 0) - format->type = _external_acl_format::EXT_ACL_SRC; + format->type = Format::LFT_CLIENT_IP_ADDRESS; else if (strcmp(token, "%SRCPORT") == 0 || strcmp(token, "%>p") == 0) - format->type = _external_acl_format::EXT_ACL_SRCPORT; + format->type = Format::LFT_CLIENT_PORT; #if USE_SQUID_EUI else if (strcmp(token, "%SRCEUI48") == 0) - format->type = _external_acl_format::EXT_ACL_SRCEUI48; + format->type = Format::LFT_EXT_ACL_CLIENT_EUI48; else if (strcmp(token, "%SRCEUI64") == 0) - format->type = _external_acl_format::EXT_ACL_SRCEUI64; + format->type = Format::LFT_EXT_ACL_CLIENT_EUI64; #endif else if (strcmp(token, "%MYADDR") == 0 || strcmp(token, "%la") == 0) - format->type = _external_acl_format::EXT_ACL_MYADDR; + format->type = Format::LFT_LOCAL_LISTENING_IP; else if (strcmp(token, "%MYPORT") == 0 || strcmp(token, "%lp") == 0) - format->type = _external_acl_format::EXT_ACL_MYPORT; + format->type = Format::LFT_LOCAL_LISTENING_PORT; else if (strcmp(token, "%URI") == 0 || strcmp(token, "%>ru") == 0) - format->type = _external_acl_format::EXT_ACL_URI; - else if (strcmp(token, "%DST") == 0) - format->type = _external_acl_format::EXT_ACL_DST; - else if (strcmp(token, "%PROTO") == 0) - format->type = _external_acl_format::EXT_ACL_PROTO; - else if (strcmp(token, "%PORT") == 0) - format->type = _external_acl_format::EXT_ACL_PORT; + format->type = Format::LFT_CLIENT_REQ_URI; + else if (strcmp(token, "%DST") == 0 || strcmp(token, "%>rd") == 0) + format->type = Format::LFT_CLIENT_REQ_URLDOMAIN; + else if (strcmp(token, "%PROTO") == 0 || strcmp(token, "%>rs") == 0) + format->type = Format::LFT_CLIENT_REQ_URLSCHEME; + else if (strcmp(token, "%PORT") == 0) // XXX: add a logformat token + format->type = Format::LFT_CLIENT_REQ_URLPORT; else if (strcmp(token, "%PATH") == 0 || strcmp(token, "%>rp") == 0) - format->type = _external_acl_format::EXT_ACL_PATH; + format->type = Format::LFT_CLIENT_REQ_URLPATH; else if (strcmp(token, "%METHOD") == 0 || strcmp(token, "%>rm") == 0) - format->type = _external_acl_format::EXT_ACL_METHOD; + format->type = Format::LFT_CLIENT_REQ_METHOD; #if USE_OPENSSL else if (strcmp(token, "%USER_CERT") == 0) - format->type = _external_acl_format::EXT_ACL_USER_CERT_RAW; + format->type = Format::LFT_EXT_ACL_USER_CERT_RAW; else if (strcmp(token, "%USER_CERTCHAIN") == 0) - format->type = _external_acl_format::EXT_ACL_USER_CERTCHAIN_RAW; + format->type = Format::LFT_EXT_ACL_USER_CERTCHAIN_RAW; else if (strncmp(token, "%USER_CERT_", 11) == 0) { - format->type = _external_acl_format::EXT_ACL_USER_CERT; + format->type = Format::LFT_EXT_ACL_USER_CERT; format->header = xstrdup(token + 11); } else if (strncmp(token, "%USER_CA_CERT_", 11) == 0) { - format->type = _external_acl_format::EXT_ACL_USER_CA_CERT; + format->type = Format::LFT_EXT_ACL_USER_CA_CERT; format->header = xstrdup(token + 11); } else if (strncmp(token, "%CA_CERT_", 11) == 0) { debugs(82, DBG_PARSE_NOTE(DBG_IMPORTANT), "WARNING: external_acl_type %CA_CERT_* code is obsolete. Use %USER_CA_CERT_* instead"); - format->type = _external_acl_format::EXT_ACL_USER_CA_CERT; + format->type = Format::LFT_EXT_ACL_USER_CA_CERT; format->header = xstrdup(token + 11); } #endif #if USE_AUTH - else if (strcmp(token, "%EXT_USER") == 0) - format->type = _external_acl_format::EXT_ACL_EXT_USER; + else if (strcmp(token, "%EXT_USER") == 0 || strcmp(token, "%ue") == 0) + format->type = Format::LFT_USER_EXTERNAL; #endif - else if (strcmp(token, "%EXT_LOG") == 0) - format->type = _external_acl_format::EXT_ACL_EXT_LOG; - else if (strcmp(token, "%TAG") == 0) - format->type = _external_acl_format::EXT_ACL_TAG; + else if (strcmp(token, "%EXT_LOG") == 0 || strcmp(token, "%ea") == 0) + format->type = Format::LFT_EXT_LOG; + else if (strcmp(token, "%TAG") == 0 || strcmp(token, "%et") == 0) + format->type = Format::LFT_TAG; else if (strcmp(token, "%ACL") == 0) - format->type = _external_acl_format::EXT_ACL_ACLNAME; + format->type = Format::LFT_EXT_ACL_NAME; else if (strcmp(token, "%DATA") == 0) - format->type = _external_acl_format::EXT_ACL_ACLDATA; + format->type = Format::LFT_EXT_ACL_DATA; else if (strcmp(token, "%%") == 0) - format->type = _external_acl_format::EXT_ACL_PERCENT; + format->type = Format::LFT_PERCENT; else { debugs(0, DBG_CRITICAL, "ERROR: Unknown Format token " << token); self_destruct(); @@ -573,67 +513,60 @@ for (format = node->format; format; format = format->next) { switch (format->type) { - case _external_acl_format::EXT_ACL_HEADER_REQUEST: - case _external_acl_format::EXT_ACL_HEADER_REQUEST_ID: - storeAppendPrintf(sentry, " %%>{%s}", format->header); - break; - - case _external_acl_format::EXT_ACL_HEADER_REQUEST_MEMBER: - case _external_acl_format::EXT_ACL_HEADER_REQUEST_ID_MEMBER: - storeAppendPrintf(sentry, " %%>{%s:%s}", format->header, format->member); - break; - - case _external_acl_format::EXT_ACL_HEADER_REPLY: - case _external_acl_format::EXT_ACL_HEADER_REPLY_ID: - storeAppendPrintf(sentry, " %%<{%s}", format->header); - break; - - case _external_acl_format::EXT_ACL_HEADER_REPLY_MEMBER: - case _external_acl_format::EXT_ACL_HEADER_REPLY_ID_MEMBER: - storeAppendPrintf(sentry, " %%<{%s:%s}", format->header, format->member); - break; -#define DUMP_EXT_ACL_TYPE(a) \ - case _external_acl_format::EXT_ACL_##a: \ - storeAppendPrintf(sentry, " %%%s", #a); \ - break + case Format::LFT_ADAPTED_REQUEST_HEADER: + storeAppendPrintf(sentry, " %%>ha{%s}", format->header); + break; + + case Format::LFT_ADAPTED_REQUEST_HEADER_ELEM: + storeAppendPrintf(sentry, " %%>ha{%s:%s}", format->header, format->member); + break; + + case Format::LFT_REPLY_HEADER: + storeAppendPrintf(sentry, " %%header); + break; + + case Format::LFT_REPLY_HEADER_ELEM: + storeAppendPrintf(sentry, " %%header, format->member); + break; + #define DUMP_EXT_ACL_TYPE_FMT(a, fmt, ...) \ - case _external_acl_format::EXT_ACL_##a: \ + case Format::LFT_##a: \ storeAppendPrintf(sentry, fmt, ##__VA_ARGS__); \ break #if USE_AUTH - DUMP_EXT_ACL_TYPE(LOGIN); + DUMP_EXT_ACL_TYPE_FMT(USER_LOGIN," %%ul"); #endif #if USE_IDENT - DUMP_EXT_ACL_TYPE(IDENT); + DUMP_EXT_ACL_TYPE_FMT(USER_IDENT," %%ui"); #endif - - DUMP_EXT_ACL_TYPE(SRC); - DUMP_EXT_ACL_TYPE(SRCPORT); + DUMP_EXT_ACL_TYPE_FMT(CLIENT_IP_ADDRESS," %%>a"); + DUMP_EXT_ACL_TYPE_FMT(CLIENT_PORT," %%>p"); #if USE_SQUID_EUI - DUMP_EXT_ACL_TYPE(SRCEUI48); - DUMP_EXT_ACL_TYPE(SRCEUI64); + DUMP_EXT_ACL_TYPE_FMT(EXT_ACL_CLIENT_EUI48," %%SRCEUI48"); + DUMP_EXT_ACL_TYPE_FMT(EXT_ACL_CLIENT_EUI64," %%SRCEUI64"); #endif - - DUMP_EXT_ACL_TYPE(MYADDR); - DUMP_EXT_ACL_TYPE(MYPORT); - DUMP_EXT_ACL_TYPE(URI); - DUMP_EXT_ACL_TYPE(DST); - DUMP_EXT_ACL_TYPE(PROTO); - DUMP_EXT_ACL_TYPE(PORT); - DUMP_EXT_ACL_TYPE(PATH); - DUMP_EXT_ACL_TYPE(METHOD); + DUMP_EXT_ACL_TYPE_FMT(LOCAL_LISTENING_IP," %%>la"); + DUMP_EXT_ACL_TYPE_FMT(LOCAL_LISTENING_PORT," %%>lp"); + DUMP_EXT_ACL_TYPE_FMT(CLIENT_REQ_URI," %%>ru"); + DUMP_EXT_ACL_TYPE_FMT(CLIENT_REQ_URLDOMAIN," %%>rd"); + DUMP_EXT_ACL_TYPE_FMT(CLIENT_REQ_URLSCHEME," %%>rs"); + DUMP_EXT_ACL_TYPE_FMT(CLIENT_REQ_URLPORT," %%>rP"); + DUMP_EXT_ACL_TYPE_FMT(CLIENT_REQ_URLPATH," %%>rp"); + DUMP_EXT_ACL_TYPE_FMT(CLIENT_REQ_METHOD," %%>rm"); #if USE_OPENSSL - DUMP_EXT_ACL_TYPE_FMT(USER_CERT_RAW, " %%USER_CERT_RAW"); - DUMP_EXT_ACL_TYPE_FMT(USER_CERTCHAIN_RAW, " %%USER_CERTCHAIN_RAW"); - DUMP_EXT_ACL_TYPE_FMT(USER_CERT, " %%USER_CERT_%s", format->header); - DUMP_EXT_ACL_TYPE_FMT(USER_CA_CERT, " %%USER_CA_CERT_%s", format->header); + DUMP_EXT_ACL_TYPE_FMT(EXT_ACL_USER_CERT_RAW, " %%USER_CERT_RAW"); + DUMP_EXT_ACL_TYPE_FMT(EXT_ACL_USER_CERTCHAIN_RAW, " %%USER_CERTCHAIN_RAW"); + DUMP_EXT_ACL_TYPE_FMT(EXT_ACL_USER_CERT, " %%USER_CERT_%s", format->header); + DUMP_EXT_ACL_TYPE_FMT(EXT_ACL_USER_CA_CERT, " %%USER_CA_CERT_%s", format->header); #endif #if USE_AUTH - DUMP_EXT_ACL_TYPE(EXT_USER); + DUMP_EXT_ACL_TYPE_FMT(USER_EXTERNAL," %%ue"); #endif - DUMP_EXT_ACL_TYPE(EXT_LOG); - DUMP_EXT_ACL_TYPE(TAG); + DUMP_EXT_ACL_TYPE_FMT(EXT_LOG," %%ea"); + DUMP_EXT_ACL_TYPE_FMT(TAG," %%et"); + DUMP_EXT_ACL_TYPE_FMT(EXT_ACL_NAME," %%ACL"); + DUMP_EXT_ACL_TYPE_FMT(EXT_ACL_DATA," %%DATA"); DUMP_EXT_ACL_TYPE_FMT(PERCENT, " %%%%"); default: fatal("unknown external_acl format error"); @@ -980,7 +913,7 @@ switch (format->type) { #if USE_AUTH - case _external_acl_format::EXT_ACL_LOGIN: + case Format::LFT_USER_LOGIN: // if this ACL line was the cause of credentials fetch // they may not already be in the checklist if (ch->auth_user_request == NULL && ch->request) @@ -991,7 +924,7 @@ break; #endif #if USE_IDENT - case _external_acl_format::EXT_ACL_IDENT: + case Format::LFT_USER_IDENT: str = ch->rfc931; if (!str || !*str) { @@ -1004,60 +937,60 @@ break; #endif - case _external_acl_format::EXT_ACL_SRC: + case Format::LFT_CLIENT_IP_ADDRESS: str = ch->src_addr.toStr(buf,sizeof(buf)); break; - case _external_acl_format::EXT_ACL_SRCPORT: + case Format::LFT_CLIENT_PORT: snprintf(buf, sizeof(buf), "%d", request->client_addr.port()); str = buf; break; #if USE_SQUID_EUI - case _external_acl_format::EXT_ACL_SRCEUI48: + case Format::LFT_EXT_ACL_CLIENT_EUI48: if (request->clientConnectionManager.valid() && request->clientConnectionManager->clientConnection != NULL && request->clientConnectionManager->clientConnection->remoteEui48.encode(buf, sizeof(buf))) str = buf; break; - case _external_acl_format::EXT_ACL_SRCEUI64: + case Format::LFT_EXT_ACL_CLIENT_EUI64: if (request->clientConnectionManager.valid() && request->clientConnectionManager->clientConnection != NULL && request->clientConnectionManager->clientConnection->remoteEui64.encode(buf, sizeof(buf))) str = buf; break; #endif - case _external_acl_format::EXT_ACL_MYADDR: + case Format::LFT_LOCAL_LISTENING_IP: str = request->my_addr.toStr(buf, sizeof(buf)); break; - case _external_acl_format::EXT_ACL_MYPORT: + case Format::LFT_LOCAL_LISTENING_PORT: snprintf(buf, sizeof(buf), "%d", request->my_addr.port()); str = buf; break; - case _external_acl_format::EXT_ACL_URI: + case Format::LFT_CLIENT_REQ_URI: str = urlCanonical(request); break; - case _external_acl_format::EXT_ACL_DST: + case Format::LFT_CLIENT_REQ_URLDOMAIN: str = request->GetHost(); break; - case _external_acl_format::EXT_ACL_PROTO: + case Format::LFT_CLIENT_REQ_URLSCHEME: str = request->url.getScheme().c_str(); break; - case _external_acl_format::EXT_ACL_PORT: + case Format::LFT_CLIENT_REQ_URLPORT: snprintf(buf, sizeof(buf), "%d", request->port); str = buf; break; - case _external_acl_format::EXT_ACL_PATH: + case Format::LFT_CLIENT_REQ_URLPATH: str = request->urlpath.termedBuf(); break; - case _external_acl_format::EXT_ACL_METHOD: + case Format::LFT_CLIENT_REQ_METHOD: { const SBuf &s = request->method.image(); sb.append(s.rawContent(), s.length()); @@ -1065,56 +998,45 @@ str = sb.termedBuf(); break; - case _external_acl_format::EXT_ACL_HEADER_REQUEST: - sb = request->header.getByName(format->header); - str = sb.termedBuf(); - break; - - case _external_acl_format::EXT_ACL_HEADER_REQUEST_ID: - sb = request->header.getStrOrList(format->header_id); - str = sb.termedBuf(); - break; - - case _external_acl_format::EXT_ACL_HEADER_REQUEST_MEMBER: - sb = request->header.getByNameListMember(format->header, format->member, format->separator); - str = sb.termedBuf(); - break; - - case _external_acl_format::EXT_ACL_HEADER_REQUEST_ID_MEMBER: - sb = request->header.getListMember(format->header_id, format->member, format->separator); - str = sb.termedBuf(); - break; - - case _external_acl_format::EXT_ACL_HEADER_REPLY: - if (reply) { - sb = reply->header.getByName(format->header); - str = sb.termedBuf(); - } - break; - - case _external_acl_format::EXT_ACL_HEADER_REPLY_ID: - if (reply) { - sb = reply->header.getStrOrList(format->header_id); - str = sb.termedBuf(); - } - break; - - case _external_acl_format::EXT_ACL_HEADER_REPLY_MEMBER: - if (reply) { - sb = reply->header.getByNameListMember(format->header, format->member, format->separator); - str = sb.termedBuf(); - } - break; - - case _external_acl_format::EXT_ACL_HEADER_REPLY_ID_MEMBER: - if (reply) { - sb = reply->header.getListMember(format->header_id, format->member, format->separator); - str = sb.termedBuf(); - } - break; + case Format::LFT_ADAPTED_REQUEST_HEADER: + if (format->header_id == -1) + sb = request->header.getByName(format->header); + else + sb = request->header.getStrOrList(format->header_id); + str = sb.termedBuf(); + break; + + case Format::LFT_ADAPTED_REQUEST_HEADER_ELEM: + if (format->header_id == -1) + sb = request->header.getByNameListMember(format->header, format->member, format->separator); + else + sb = request->header.getListMember(format->header_id, format->member, format->separator); + str = sb.termedBuf(); + break; + + case Format::LFT_REPLY_HEADER: + if (reply) { + if (format->header_id == -1) + sb = reply->header.getByName(format->header); + else + sb = reply->header.getStrOrList(format->header_id); + str = sb.termedBuf(); + } + break; + + case Format::LFT_REPLY_HEADER_ELEM: + if (reply) { + if (format->header_id == -1) + sb = reply->header.getByNameListMember(format->header, format->member, format->separator); + else + sb = reply->header.getListMember(format->header_id, format->member, format->separator); + str = sb.termedBuf(); + } + break; + #if USE_OPENSSL - case _external_acl_format::EXT_ACL_USER_CERT_RAW: + case Format::LFT_EXT_ACL_USER_CERT_RAW: if (ch->conn() != NULL && Comm::IsConnOpen(ch->conn()->clientConnection)) { SSL *ssl = fd_table[ch->conn()->clientConnection->fd].ssl; @@ -1125,7 +1047,7 @@ break; - case _external_acl_format::EXT_ACL_USER_CERTCHAIN_RAW: + case Format::LFT_EXT_ACL_USER_CERTCHAIN_RAW: if (ch->conn() != NULL && Comm::IsConnOpen(ch->conn()->clientConnection)) { SSL *ssl = fd_table[ch->conn()->clientConnection->fd].ssl; @@ -1136,7 +1058,7 @@ break; - case _external_acl_format::EXT_ACL_USER_CERT: + case Format::LFT_EXT_ACL_USER_CERT: if (ch->conn() != NULL && Comm::IsConnOpen(ch->conn()->clientConnection)) { SSL *ssl = fd_table[ch->conn()->clientConnection->fd].ssl; @@ -1147,7 +1069,7 @@ break; - case _external_acl_format::EXT_ACL_USER_CA_CERT: + case Format::LFT_EXT_ACL_USER_CA_CERT: if (ch->conn() != NULL && Comm::IsConnOpen(ch->conn()->clientConnection)) { SSL *ssl = fd_table[ch->conn()->clientConnection->fd].ssl; @@ -1159,20 +1081,20 @@ break; #endif #if USE_AUTH - case _external_acl_format::EXT_ACL_EXT_USER: + case Format::LFT_USER_EXTERNAL: str = request->extacl_user.termedBuf(); break; #endif - case _external_acl_format::EXT_ACL_EXT_LOG: + case Format::LFT_EXT_LOG: str = request->extacl_log.termedBuf(); break; - case _external_acl_format::EXT_ACL_TAG: + case Format::LFT_TAG: str = request->tag.termedBuf(); break; - case _external_acl_format::EXT_ACL_ACLNAME: + case Format::LFT_EXT_ACL_NAME: str = acl_data->name; break; - case _external_acl_format::EXT_ACL_ACLDATA: + case Format::LFT_EXT_ACL_DATA: data_used = true; for (arg = acl_data->arguments; arg; arg = arg->next) { if (!first) @@ -1192,13 +1114,14 @@ first = 0; } break; - case _external_acl_format::EXT_ACL_PERCENT: + case Format::LFT_PERCENT: str = "%"; break; - case _external_acl_format::EXT_ACL_UNKNOWN: - case _external_acl_format::EXT_ACL_END: - fatal("unknown external_acl format error"); + default: + // TODO: replace this function with Format::assemble() + // For now die on unsupported logformat codes. + fatalf("ERROR: unknown external_acl_type format %u", (uint8_t)format->type); break; } === modified file 'src/format/ByteCode.h' --- src/format/ByteCode.h 2014-03-30 12:00:34 +0000 +++ src/format/ByteCode.h 2014-05-07 10:05:58 +0000 @@ -58,7 +58,9 @@ /* original Request-Line details recieved from client */ LFT_CLIENT_REQ_METHOD, LFT_CLIENT_REQ_URI, + LFT_CLIENT_REQ_URLSCHEME, LFT_CLIENT_REQ_URLDOMAIN, + LFT_CLIENT_REQ_URLPORT, LFT_CLIENT_REQ_URLPATH, /* LFT_CLIENT_REQ_QUERY, */ LFT_CLIENT_REQ_VERSION, @@ -84,6 +86,9 @@ /* Request-Line details sent to the server/peer */ LFT_SERVER_REQ_METHOD, LFT_SERVER_REQ_URI, + LFT_SERVER_REQ_URLSCHEME, + LFT_SERVER_REQ_URLDOMAIN, + LFT_SERVER_REQ_URLPORT, LFT_SERVER_REQ_URLPATH, /*LFT_SERVER_REQ_QUERY, */ LFT_SERVER_REQ_VERSION, @@ -203,7 +208,18 @@ #endif LFT_NOTE, - LFT_PERCENT /* special string cases for escaped chars */ + LFT_PERCENT, /* special string cases for escaped chars */ + + // TODO assign better bytecode names and Token strings for these + LFT_EXT_ACL_USER_CERT_RAW, + LFT_EXT_ACL_USER_CERTCHAIN_RAW, + LFT_EXT_ACL_USER_CERT, + LFT_EXT_ACL_USER_CA_CERT, + LFT_EXT_ACL_CLIENT_EUI48, + LFT_EXT_ACL_CLIENT_EUI64, + LFT_EXT_ACL_NAME, + LFT_EXT_ACL_DATA + } ByteCode_t; /// Quoting style for a format output. === modified file 'src/format/Format.cc' --- src/format/Format.cc 2014-04-30 09:41:25 +0000 +++ src/format/Format.cc 2014-05-07 10:05:58 +0000 @@ -931,6 +931,13 @@ } break; + case LFT_CLIENT_REQ_URLSCHEME: + if (al->request) { + out = al->request->url.getScheme().c_str(); + quote = 1; + } + break; + case LFT_CLIENT_REQ_URLDOMAIN: if (al->request) { out = al->request->GetHost(); @@ -938,6 +945,13 @@ } break; + case LFT_CLIENT_REQ_URLPORT: + if (al->request) { + outint = al->request->port; + doint = 1; + } + break; + case LFT_REQUEST_URLPATH_OLD_31: case LFT_CLIENT_REQ_URLPATH: if (al->request) { @@ -991,6 +1005,27 @@ } break; + case LFT_SERVER_REQ_URLSCHEME: + if (al->adapted_request) { + out = al->adapted_request->url.getScheme().c_str(); + quote = 1; + } + break; + + case LFT_SERVER_REQ_URLDOMAIN: + if (al->adapted_request) { + out = al->adapted_request->GetHost(); + quote = 1; + } + break; + + case LFT_SERVER_REQ_URLPORT: + if (al->adapted_request) { + outint = al->adapted_request->port; + doint = 1; + } + break; + case LFT_SERVER_REQ_URLPATH: if (al->adapted_request) { out = al->adapted_request->urlpath.termedBuf(); @@ -1148,7 +1183,20 @@ case LFT_PERCENT: out = "%"; + break; + // XXX: external_acl_type format tokens which are not output by logformat. + // They are listed here because the switch requires + // every ByteCode_t to be explicitly enumerated. + // But do not output due to lack of access to the values. + case LFT_EXT_ACL_USER_CERT_RAW: + case LFT_EXT_ACL_USER_CERTCHAIN_RAW: + case LFT_EXT_ACL_USER_CERT: + case LFT_EXT_ACL_USER_CA_CERT: + case LFT_EXT_ACL_CLIENT_EUI48: + case LFT_EXT_ACL_CLIENT_EUI64: + case LFT_EXT_ACL_NAME: + case LFT_EXT_ACL_DATA: break; } === modified file 'src/format/Token.cc' --- src/format/Token.cc 2014-04-30 09:41:25 +0000 +++ src/format/Token.cc 2014-05-07 10:05:58 +0000 @@ -81,7 +81,9 @@ {">rm", LFT_CLIENT_REQ_METHOD}, {">ru", LFT_CLIENT_REQ_URI}, + {">rs", LFT_CLIENT_REQ_URLSCHEME}, {">rd", LFT_CLIENT_REQ_URLDOMAIN}, + {">rP", LFT_CLIENT_REQ_URLPORT}, {">rp", LFT_CLIENT_REQ_URLPATH}, /*{">rq", LFT_CLIENT_REQ_QUERY},*/ {">rv", LFT_CLIENT_REQ_VERSION}, @@ -94,6 +96,9 @@ {"