[squid-dev] [PATCH] Compilation fix for v5 r14973
Amos Jeffries
squid3 at treenet.co.nz
Mon Dec 12 08:16:56 UTC 2016
On 11/12/2016 10:35 p.m., Eduard Bagdasaryan wrote:
> Attached a patch witch removes SquidConfig dependency
> on vector<SchemesConfigs> and uses vector<SchemesConfigs> *.
> instead. This fixes pinger linking error.
>
>
> Eduard.
>
Attached is an alternative that fits better (but not completely) with
the HotConf project goals.
Specifically the change is to move the auth specific config object into
Auth:: namespace scope insead of placing it within SquidConfig.
I have not in this patch refactored the existing Auth::Config to contain
both auth_params and auth_schemes data. Or moved the new accessList
raw-pointer. This is just a quick shuffle to fix the current link errors.
Alex: Care to make the call between one of these two patches or wait a
day or so more for the full refactor ?
Amos
> On 10.12.2016 23:55, Amos Jeffries wrote:
>> On 11/12/2016 6:12 a.m., Christos Tsantilas wrote:
>>> I applied the patch, however still exist problem. The icmp pinger does
>>> not build correctly.
>>> We should add libsbuf library to pinger libraries, but still there are
>>> references to HistStat.cc file (maybe add HistStat stub files for
>>> pinger?).
>> pinger does not use the Auth:: things, so it really should not pull them
>> + dependencies in.
>>
>> The correct fix I think is to refactor the Auth::Config so that the
>> various global auth* directives can all be stored there. I'm working on
>> that right now.
>>
>> Amos
>>
>> _______________________________________________
>> squid-dev mailing list
>> squid-dev at lists.squid-cache.org
>> http://lists.squid-cache.org/listinfo/squid-dev
>
>
>
> _______________________________________________
> squid-dev mailing list
> squid-dev at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-dev
>
-------------- next part --------------
=== modified file 'src/SquidConfig.h'
--- src/SquidConfig.h 2016-12-10 04:48:25 +0000
+++ src/SquidConfig.h 2016-12-11 07:26:50 +0000
@@ -1,35 +1,32 @@
/*
* Copyright (C) 1996-2016 The Squid Software Foundation and contributors
*
* Squid software is distributed under GPLv2+ license and includes
* contributions from numerous individuals and organizations.
* Please see the COPYING and CONTRIBUTORS files for details.
*/
#ifndef SQUID_SQUIDCONFIG_H_
#define SQUID_SQUIDCONFIG_H_
#include "acl/forward.h"
-#if USE_AUTH
-#include "auth/SchemesConfig.h"
-#endif
#include "base/RefCount.h"
#include "base/YesNoNone.h"
#include "ClientDelayConfig.h"
#include "DelayConfig.h"
#include "helper/ChildConfig.h"
#include "HttpHeaderTools.h"
#include "ip/Address.h"
#include "Notes.h"
#include "security/forward.h"
#include "SquidTime.h"
#if USE_OPENSSL
#include "ssl/support.h"
#endif
#include "store/forward.h"
#if USE_OPENSSL
class sslproxy_cert_sign;
class sslproxy_cert_adapt;
#endif
@@ -526,44 +523,40 @@
#if USE_LOADABLE_MODULES
wordlist *loadable_module_names;
#endif
int client_ip_max_connections;
char *redirector_extras;
struct UrlHelperTimeout {
int action;
char *response;
} onUrlRewriteTimeout;
char *storeId_extras;
struct {
int v4_first; ///< Place IPv4 first in the order of DNS results.
ssize_t packet_max; ///< maximum size EDNS advertised for DNS replies.
} dns;
-
-#if USE_AUTH
- Auth::SchemesConfigs authSchemesConfigs;
-#endif
};
extern SquidConfig Config;
class SquidConfig2
{
public:
void clear() {
*this = SquidConfig2();
}
struct {
int enable_purge = 0;
} onoff;
uid_t effectiveUserID = 0;
gid_t effectiveGroupID = 0;
};
extern SquidConfig2 Config2;
=== modified file 'src/auth/SchemesConfig.cc'
--- src/auth/SchemesConfig.cc 2016-12-10 04:48:25 +0000
+++ src/auth/SchemesConfig.cc 2016-12-11 10:19:34 +0000
@@ -1,34 +1,39 @@
/*
* Copyright (C) 1996-2016 The Squid Software Foundation and contributors
*
* Squid software is distributed under GPLv2+ license and includes
* contributions from numerous individuals and organizations.
* Please see the COPYING and CONTRIBUTORS files for details.
*/
#include "squid.h"
#include "auth/Config.h"
#include "auth/SchemesConfig.h"
#include "fatal.h"
#include "parser/Tokenizer.h"
+namespace Auth
+{
+std::vector<Auth::SchemesConfig> SchemeListConfig;
+}
+
static void
addUnique(const SBuf &scheme, std::vector<SBuf> &vec)
{
static const SBuf all("ALL");
if (scheme == all) {
for (const auto config: Auth::TheConfig)
addUnique(SBuf(config->type()), vec);
} else if (std::find(vec.begin(), vec.end(), scheme) == vec.end())
vec.push_back(scheme);
}
void
Auth::SchemesConfig::expand()
{
static const CharacterSet delimiters("delimiters", ",");
static const CharacterSet quotedDelimiters("quotedDelimiters", ", ");
const CharacterSet *resultDelimiters = quoted ? "edDelimiters : &delimiters;
std::vector<SBuf> expanded;
Parser::Tokenizer t(schemes);
SBuf scheme;
=== modified file 'src/auth/SchemesConfig.h'
--- src/auth/SchemesConfig.h 2016-12-10 04:48:25 +0000
+++ src/auth/SchemesConfig.h 2016-12-11 10:19:01 +0000
@@ -26,27 +26,27 @@
public:
SchemesConfig(const char *s, const bool q) : schemes(s), quoted(q), rawSchemes(schemes.c_str()) {}
/// Expands special "ALL" scheme name (if provided), removes
/// duplicates and fills authConfigs vector.
void expand();
public:
/// corresponding vector of Auth::Config objects
ConfigVector authConfigs;
private:
/// raw auth schemes list (may have duplicates)
SBuf schemes;
const bool quoted;
public:
/// optimization for storing schemes.c_str()
const char *rawSchemes;
};
-typedef std::vector<SchemesConfig> SchemesConfigs;
+extern std::vector<Auth::SchemesConfig> SchemeListConfig;
} // namespace Auth
#endif /* USE_AUTH */
#endif /* SQUID_SCHEMES_CONFIG_H */
=== modified file 'src/auth/UserRequest.cc'
--- src/auth/UserRequest.cc 2016-12-10 04:48:25 +0000
+++ src/auth/UserRequest.cc 2016-12-11 10:27:20 +0000
@@ -450,47 +450,47 @@
request->auth_user_request = t;
}
return t->lastReply;
}
// ok, call the actual authenticator routine.
AuthAclState result = authenticate(aUR, headertype, request, conn, src_addr, al);
// auth process may have changed the UserRequest we are dealing with
t = authTryGetUser(*aUR, conn, request);
if (t != NULL && result != AUTH_ACL_CANNOT_AUTHENTICATE && result != AUTH_ACL_HELPER)
t->lastReply = result;
return result;
}
static Auth::ConfigVector &
schemesConfig(HttpRequest *request, HttpReply *rep)
{
- if (::Config.accessList.authSchemes) {
+ if (!Auth::SchemeListConfig.empty()) {
ACLFilledChecklist ch(NULL, request, NULL);
ch.reply = rep;
HTTPMSGLOCK(ch.reply);
const allow_t answer = ch.fastCheck(::Config.accessList.authSchemes);
if (answer == ACCESS_ALLOWED)
- return ::Config.authSchemesConfigs.at(answer.kind).authConfigs;
+ return Auth::SchemeListConfig.at(answer.kind).authConfigs;
}
return Auth::TheConfig;
}
void
Auth::UserRequest::addReplyAuthHeader(HttpReply * rep, Auth::UserRequest::Pointer auth_user_request, HttpRequest * request, int accelerated, int internal)
/* send the auth types we are configured to support (and have compiled in!) */
{
Http::HdrType type;
switch (rep->sline.status()) {
case Http::scProxyAuthenticationRequired:
/* Proxy authorisation needed */
type = Http::HdrType::PROXY_AUTHENTICATE;
break;
case Http::scUnauthorized:
/* WWW Authorisation needed */
type = Http::HdrType::WWW_AUTHENTICATE;
=== modified file 'src/cache_cf.cc'
--- src/cache_cf.cc 2016-12-10 16:27:09 +0000
+++ src/cache_cf.cc 2016-12-11 14:34:53 +0000
@@ -1,40 +1,41 @@
/*
* Copyright (C) 1996-2016 The Squid Software Foundation and contributors
*
* Squid software is distributed under GPLv2+ license and includes
* contributions from numerous individuals and organizations.
* Please see the COPYING and CONTRIBUTORS files for details.
*/
/* DEBUG: section 03 Configuration File Parsing */
#include "squid.h"
#include "acl/Acl.h"
#include "acl/AclDenyInfoList.h"
#include "acl/AclSizeLimit.h"
#include "acl/Address.h"
#include "acl/Gadgets.h"
#include "acl/MethodData.h"
#include "acl/Tree.h"
#include "anyp/PortCfg.h"
#include "anyp/UriScheme.h"
+#include "auth/SchemesConfig.h"
#include "AuthReg.h"
#include "base/RunnersRegistry.h"
#include "cache_cf.h"
#include "CachePeer.h"
#include "ConfigParser.h"
#include "CpuAffinityMap.h"
#include "DiskIO/DiskIOModule.h"
#include "eui/Config.h"
#include "ExternalACL.h"
#include "format/Format.h"
#include "ftp/Elements.h"
#include "globals.h"
#include "HttpHeaderTools.h"
#include "icmp/IcmpConfig.h"
#include "ident/Config.h"
#include "ip/Intercept.h"
#include "ip/QosConfig.h"
#include "ip/tools.h"
#include "ipc/Kids.h"
#include "log/Config.h"
@@ -929,41 +930,41 @@
Config.pipeline_max_prefetch = 0;
}
#if USE_AUTH
/*
* disable client side request pipelining. There is a race with
* Negotiate and NTLM when the client sends a second request on an
* connection before the authenticate challenge is sent. With
* pipelining OFF, the client may fail to authenticate, but squid's
* state will be preserved.
*/
if (Config.pipeline_max_prefetch > 0) {
Auth::Config *nego = Auth::Config::Find("Negotiate");
Auth::Config *ntlm = Auth::Config::Find("NTLM");
if ((nego && nego->active()) || (ntlm && ntlm->active())) {
debugs(3, DBG_PARSE_NOTE(DBG_IMPORTANT), "WARNING: pipeline_prefetch breaks NTLM and Negotiate authentication. Forced pipeline_prefetch 0.");
Config.pipeline_max_prefetch = 0;
}
}
- for (auto &authSchemes: Config.authSchemesConfigs) {
+ for (auto &authSchemes : Auth::SchemeListConfig) {
authSchemes.expand();
if (authSchemes.authConfigs.empty()) {
debugs(3, DBG_CRITICAL, "auth_schemes: at least one scheme name is required; got: " << authSchemes.rawSchemes);
self_destruct();
}
}
#endif
}
/** Parse a line containing an obsolete directive.
* To upgrade it where possible instead of just "Bungled config" for
* directives which cannot be marked as simply aliases of the some name.
* For example if the parameter order and content has changed.
* Or if the directive has been completely removed.
*/
void
parse_obsolete(const char *name)
{
// Directives which have been radically changed rather than removed
if (!strcmp(name, "url_rewrite_concurrency")) {
@@ -1827,58 +1828,58 @@
Auth::Init();
}
}
static void
dump_authparam(StoreEntry * entry, const char *name, Auth::ConfigVector cfg)
{
for (Auth::ConfigVector::iterator i = cfg.begin(); i != cfg.end(); ++i)
(*i)->dump(entry, name, (*i));
}
static void
parse_AuthSchemes(acl_access **authSchemes)
{
const char *tok = ConfigParser::NextQuotedToken();
if (!tok) {
debugs(29, DBG_CRITICAL, "FATAL: auth_schemes missing the parameter");
self_destruct();
return;
}
- Config.authSchemesConfigs.push_back(Auth::SchemesConfig(tok, ConfigParser::LastTokenWasQuoted()));
- const allow_t action = allow_t(ACCESS_ALLOWED, Config.authSchemesConfigs.size() - 1);
+ Auth::SchemeListConfig.emplace_back(tok, ConfigParser::LastTokenWasQuoted());
+ const allow_t action = allow_t(ACCESS_ALLOWED, Auth::SchemeListConfig.size() - 1);
ParseAclWithAction(authSchemes, action, "auth_schemes");
}
static void
free_AuthSchemes(acl_access **authSchemes)
{
- Config.authSchemesConfigs.clear();
+ Auth::SchemeListConfig.clear();
free_acl_access(authSchemes);
}
static void
dump_AuthSchemes(StoreEntry *entry, const char *name, acl_access *authSchemes)
{
if (authSchemes)
dump_SBufList(entry, authSchemes->treeDump(name, [](const allow_t &action) {
- return Config.authSchemesConfigs.at(action.kind).rawSchemes;
+ return Auth::SchemeListConfig.at(action.kind).rawSchemes;
}));
}
#endif /* USE_AUTH */
static void
ParseAclWithAction(acl_access **access, const allow_t &action, const char *desc, ACL *acl)
{
assert(access);
SBuf name;
if (!*access) {
*access = new Acl::Tree;
name.Printf("(%s rules)", desc);
(*access)->context(name.c_str(), config_input_line);
}
Acl::AndNode *rule = new Acl::AndNode;
name.Printf("(%s rule)", desc);
rule->context(name.c_str(), config_input_line);
acl ? rule->add(acl) : rule->lineParse();
(*access)->add(rule, action);
=== modified file 'src/tests/stub_libauth.cc'
--- src/tests/stub_libauth.cc 2016-12-10 04:48:25 +0000
+++ src/tests/stub_libauth.cc 2016-12-11 17:54:05 +0000
@@ -58,24 +58,28 @@
void authenticateAuthUserRequestRemoveIp(Auth::UserRequest::Pointer, Ip::Address const &) STUB
void authenticateAuthUserRequestClearIp(Auth::UserRequest::Pointer) STUB
int authenticateAuthUserRequestIPCount(Auth::UserRequest::Pointer) STUB_RETVAL(0)
int authenticateUserAuthenticated(Auth::UserRequest::Pointer) STUB_RETVAL(0)
Auth::Direction Auth::UserRequest::direction() STUB_RETVAL(Auth::CRED_ERROR)
void Auth::UserRequest::addAuthenticationInfoHeader(HttpReply *, int) STUB
void Auth::UserRequest::addAuthenticationInfoTrailer(HttpReply *, int) STUB
void Auth::UserRequest::releaseAuthServer() STUB
const char * Auth::UserRequest::connLastHeader() STUB_RETVAL("stub")
AuthAclState Auth::UserRequest::authenticate(Auth::UserRequest::Pointer *, Http::HdrType, HttpRequest *, ConnStateData *, Ip::Address &, AccessLogEntry::Pointer &) STUB_RETVAL(AUTH_AUTHENTICATED)
AuthAclState Auth::UserRequest::tryToAuthenticateAndSetAuthUser(Auth::UserRequest::Pointer *, Http::HdrType, HttpRequest *, ConnStateData *, Ip::Address &, AccessLogEntry::Pointer &) STUB_RETVAL(AUTH_AUTHENTICATED)
void Auth::UserRequest::addReplyAuthHeader(HttpReply *, Auth::UserRequest::Pointer, HttpRequest *, int, int) STUB
void authenticateFixHeader(HttpReply *, Auth::UserRequest::Pointer, HttpRequest *, int, int) STUB
void authenticateAddTrailer(HttpReply *, Auth::UserRequest::Pointer, HttpRequest *, int) STUB
Auth::Scheme::Pointer Auth::UserRequest::scheme() const STUB_RETVAL(NULL)
#include "AuthReg.h"
void Auth::Init() STUB_NOP
#include "auth/SchemesConfig.h"
-void Auth::SchemesConfig::expand() STUB
+namespace Auth
+{
+std::vector<Auth::SchemesConfig> SchemeListConfig;
+void SchemesConfig::expand() STUB
+}
#endif /* USE_AUTH */
More information about the squid-dev
mailing list