You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by sh...@apache.org on 2015/09/21 21:30:38 UTC
trafficserver git commit: [TS-3911] New log tag for proxy connection
being over SSL, pqssl. This closes #293.
Repository: trafficserver
Updated Branches:
refs/heads/master 05af23fb9 -> 0a58767f7
[TS-3911] New log tag for proxy connection being over SSL, pqssl. This closes #293.
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/0a58767f
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/0a58767f
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/0a58767f
Branch: refs/heads/master
Commit: 0a58767f73778f26a4b418791bb27752da8b534e
Parents: 05af23f
Author: ericcarlschwartz <es...@gmail.com>
Authored: Mon Sep 14 11:04:10 2015 -0700
Committer: shinrich <sh...@yahoo-inc.com>
Committed: Mon Sep 21 12:44:10 2015 -0500
----------------------------------------------------------------------
doc/admin/event-logging-formats.en.rst | 6 ++++++
proxy/http/HttpSM.cc | 13 ++++++++++---
proxy/http/HttpSM.h | 1 +
proxy/logging/Log.cc | 8 ++++++--
proxy/logging/LogAccess.cc | 8 ++++++++
proxy/logging/LogAccess.h | 1 +
proxy/logging/LogAccessHttp.cc | 14 ++++++++++++++
proxy/logging/LogAccessHttp.h | 1 +
8 files changed, 47 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0a58767f/doc/admin/event-logging-formats.en.rst
----------------------------------------------------------------------
diff --git a/doc/admin/event-logging-formats.en.rst b/doc/admin/event-logging-formats.en.rst
index b488b2a..9302b2b 100644
--- a/doc/admin/event-logging-formats.en.rst
+++ b/doc/admin/event-logging-formats.en.rst
@@ -445,6 +445,12 @@ The following list describes Traffic Server custom logging fields.
``pssc``
The HTTP response status code from Traffic Server to the client.
+.. _pqssl:
+
+``pqssl``
+ Indicates whether the connection from Traffic Server to the origin
+ was over SSL or not.
+
.. _shi:
``shi``
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0a58767f/proxy/http/HttpSM.cc
----------------------------------------------------------------------
diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc
index 08dfb13..2889ef3 100644
--- a/proxy/http/HttpSM.cc
+++ b/proxy/http/HttpSM.cc
@@ -278,9 +278,9 @@ HttpSM::HttpSM()
server_response_hdr_bytes(0), server_response_body_bytes(0), client_response_hdr_bytes(0), client_response_body_bytes(0),
cache_response_hdr_bytes(0), cache_response_body_bytes(0), pushed_response_hdr_bytes(0), pushed_response_body_bytes(0),
client_tcp_reused(false), client_ssl_reused(false), client_connection_is_ssl(false), client_sec_protocol("-"),
- client_cipher_suite("-"), server_transact_count(0), plugin_tag(0), plugin_id(0), hooks_set(false),
- cur_hook_id(TS_HTTP_LAST_HOOK), cur_hook(NULL), cur_hooks(0), callout_state(HTTP_API_NO_CALLOUT), terminate_sm(false),
- kill_this_async_done(false), parse_range_done(false)
+ client_cipher_suite("-"), server_transact_count(0), server_connection_is_ssl(false), plugin_tag(0), plugin_id(0),
+ hooks_set(false), cur_hook_id(TS_HTTP_LAST_HOOK), cur_hook(NULL), cur_hooks(0), callout_state(HTTP_API_NO_CALLOUT),
+ terminate_sm(false), kill_this_async_done(false), parse_range_done(false)
{
memset(&history, 0, sizeof(history));
memset(&vc_table, 0, sizeof(vc_table));
@@ -5627,6 +5627,7 @@ HttpSM::attach_server_session(HttpServerSession *s)
server_entry->vc_type = HTTP_SERVER_VC;
server_entry->vc_handler = &HttpSM::state_send_server_request_header;
+
// es - is this a concern here in HttpSM? Does it belong somewhere else?
// Get server and client connections
UnixNetVConnection *server_vc = (UnixNetVConnection *)(server_session->get_netvc());
@@ -5652,6 +5653,12 @@ HttpSM::attach_server_session(HttpServerSession *s)
server_vc->setOriginTracePort(0);
}
+ // set flag for server session is SSL
+ SSLNetVConnection *server_ssl_vc = dynamic_cast<SSLNetVConnection *>(server_vc);
+ if (server_ssl_vc) {
+ server_connection_is_ssl = true;
+ }
+
// Initiate a read on the session so that the SM and not
// session manager will get called back if the timeout occurs
// or the server closes on us. The IO Core now requires us to
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0a58767f/proxy/http/HttpSM.h
----------------------------------------------------------------------
diff --git a/proxy/http/HttpSM.h b/proxy/http/HttpSM.h
index c374905..9764899 100644
--- a/proxy/http/HttpSM.h
+++ b/proxy/http/HttpSM.h
@@ -500,6 +500,7 @@ public:
const char *client_sec_protocol;
const char *client_cipher_suite;
int server_transact_count;
+ bool server_connection_is_ssl;
TransactionMilestones milestones;
ink_hrtime api_timer;
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0a58767f/proxy/logging/Log.cc
----------------------------------------------------------------------
diff --git a/proxy/logging/Log.cc b/proxy/logging/Log.cc
index d2c7694..2d635ab 100644
--- a/proxy/logging/Log.cc
+++ b/proxy/logging/Log.cc
@@ -478,7 +478,7 @@ Log::init_fields()
global_field_list.add(field, false);
ink_hash_table_insert(field_symbol_hash, "cqtr", field);
- field = new LogField("client_req_ssl_reused", "cqssl", LogField::dINT, &LogAccess::marshal_client_req_is_ssl,
+ field = new LogField("client_req_is_ssl", "cqssl", LogField::dINT, &LogAccess::marshal_client_req_is_ssl,
&LogAccess::unmarshal_int_to_str);
global_field_list.add(field, false);
ink_hash_table_insert(field_symbol_hash, "cqssl", field);
@@ -653,8 +653,12 @@ Log::init_fields()
global_field_list.add(field, false);
ink_hash_table_insert(field_symbol_hash, "php", field);
- // server -> proxy fields
+ field = new LogField("proxy_req_is_ssl", "pqssl", LogField::sINT, &LogAccess::marshal_proxy_req_is_ssl,
+ &LogAccess::unmarshal_int_to_str);
+ global_field_list.add(field, false);
+ ink_hash_table_insert(field_symbol_hash, "pqssl", field);
+ // server -> proxy fields
field = new LogField("server_host_ip", "shi", LogField::IP, &LogAccess::marshal_server_host_ip, &LogAccess::unmarshal_ip_to_str);
global_field_list.add(field, false);
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0a58767f/proxy/logging/LogAccess.cc
----------------------------------------------------------------------
diff --git a/proxy/logging/LogAccess.cc b/proxy/logging/LogAccess.cc
index a671a59..69e454a 100644
--- a/proxy/logging/LogAccess.cc
+++ b/proxy/logging/LogAccess.cc
@@ -465,6 +465,14 @@ LogAccess::marshal_proxy_host_ip(char *buf)
return marshal_ip(buf, &Machine::instance()->ip.sa);
}
+/*-------------------------------------------------------------------------
+ -------------------------------------------------------------------------*/
+
+int
+LogAccess::marshal_proxy_req_is_ssl(char *buf)
+{
+ DEFAULT_INT_FIELD;
+}
/*-------------------------------------------------------------------------
-------------------------------------------------------------------------*/
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0a58767f/proxy/logging/LogAccess.h
----------------------------------------------------------------------
diff --git a/proxy/logging/LogAccess.h b/proxy/logging/LogAccess.h
index 8eabc73..27442ae 100644
--- a/proxy/logging/LogAccess.h
+++ b/proxy/logging/LogAccess.h
@@ -220,6 +220,7 @@ public:
inkcoreapi virtual int marshal_proxy_hierarchy_route(char *); // INT
inkcoreapi virtual int marshal_proxy_host_name(char *); // STR
inkcoreapi virtual int marshal_proxy_host_ip(char *); // STR
+ inkcoreapi virtual int marshal_proxy_req_is_ssl(char *); // INT
//
// server -> proxy fields
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0a58767f/proxy/logging/LogAccessHttp.cc
----------------------------------------------------------------------
diff --git a/proxy/logging/LogAccessHttp.cc b/proxy/logging/LogAccessHttp.cc
index fa14463..68e3bff 100644
--- a/proxy/logging/LogAccessHttp.cc
+++ b/proxy/logging/LogAccessHttp.cc
@@ -954,6 +954,20 @@ LogAccessHttp::marshal_proxy_req_server_port(char *buf)
-------------------------------------------------------------------------*/
int
+LogAccessHttp::marshal_proxy_req_is_ssl(char *buf)
+{
+ if (buf) {
+ int64_t is_ssl;
+ is_ssl = m_http_sm->server_connection_is_ssl;
+ marshal_int(buf, is_ssl);
+ }
+ return INK_MIN_ALIGN;
+}
+
+/*-------------------------------------------------------------------------
+ -------------------------------------------------------------------------*/
+
+int
LogAccessHttp::marshal_proxy_hierarchy_route(char *buf)
{
if (buf) {
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0a58767f/proxy/logging/LogAccessHttp.h
----------------------------------------------------------------------
diff --git a/proxy/logging/LogAccessHttp.h b/proxy/logging/LogAccessHttp.h
index 9ce0e71e..47677de 100644
--- a/proxy/logging/LogAccessHttp.h
+++ b/proxy/logging/LogAccessHttp.h
@@ -101,6 +101,7 @@ public:
virtual int marshal_proxy_req_server_port(char *); // INT
virtual int marshal_proxy_hierarchy_route(char *); // INT
virtual int marshal_proxy_host_port(char *); // INT
+ virtual int marshal_proxy_req_is_ssl(char *); // INT
//
// server -> proxy fields