You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by sh...@apache.org on 2015/09/21 21:30:38 UTC

trafficserver git commit: [TS-3911] New log tag for proxy connection being over SSL, pqssl. This closes #293.

Repository: trafficserver
Updated Branches:
  refs/heads/master 05af23fb9 -> 0a58767f7


[TS-3911] New log tag for proxy connection being over SSL, pqssl. This closes #293.


Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/0a58767f
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/0a58767f
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/0a58767f

Branch: refs/heads/master
Commit: 0a58767f73778f26a4b418791bb27752da8b534e
Parents: 05af23f
Author: ericcarlschwartz <es...@gmail.com>
Authored: Mon Sep 14 11:04:10 2015 -0700
Committer: shinrich <sh...@yahoo-inc.com>
Committed: Mon Sep 21 12:44:10 2015 -0500

----------------------------------------------------------------------
 doc/admin/event-logging-formats.en.rst |  6 ++++++
 proxy/http/HttpSM.cc                   | 13 ++++++++++---
 proxy/http/HttpSM.h                    |  1 +
 proxy/logging/Log.cc                   |  8 ++++++--
 proxy/logging/LogAccess.cc             |  8 ++++++++
 proxy/logging/LogAccess.h              |  1 +
 proxy/logging/LogAccessHttp.cc         | 14 ++++++++++++++
 proxy/logging/LogAccessHttp.h          |  1 +
 8 files changed, 47 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0a58767f/doc/admin/event-logging-formats.en.rst
----------------------------------------------------------------------
diff --git a/doc/admin/event-logging-formats.en.rst b/doc/admin/event-logging-formats.en.rst
index b488b2a..9302b2b 100644
--- a/doc/admin/event-logging-formats.en.rst
+++ b/doc/admin/event-logging-formats.en.rst
@@ -445,6 +445,12 @@ The following list describes Traffic Server custom logging fields.
 ``pssc``
     The HTTP response status code from Traffic Server to the client.
 
+.. _pqssl:
+
+``pqssl``
+    Indicates whether the connection from Traffic Server to the origin
+    was over SSL or not.
+
 .. _shi:
 
 ``shi``

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0a58767f/proxy/http/HttpSM.cc
----------------------------------------------------------------------
diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc
index 08dfb13..2889ef3 100644
--- a/proxy/http/HttpSM.cc
+++ b/proxy/http/HttpSM.cc
@@ -278,9 +278,9 @@ HttpSM::HttpSM()
     server_response_hdr_bytes(0), server_response_body_bytes(0), client_response_hdr_bytes(0), client_response_body_bytes(0),
     cache_response_hdr_bytes(0), cache_response_body_bytes(0), pushed_response_hdr_bytes(0), pushed_response_body_bytes(0),
     client_tcp_reused(false), client_ssl_reused(false), client_connection_is_ssl(false), client_sec_protocol("-"),
-    client_cipher_suite("-"), server_transact_count(0), plugin_tag(0), plugin_id(0), hooks_set(false),
-    cur_hook_id(TS_HTTP_LAST_HOOK), cur_hook(NULL), cur_hooks(0), callout_state(HTTP_API_NO_CALLOUT), terminate_sm(false),
-    kill_this_async_done(false), parse_range_done(false)
+    client_cipher_suite("-"), server_transact_count(0), server_connection_is_ssl(false), plugin_tag(0), plugin_id(0),
+    hooks_set(false), cur_hook_id(TS_HTTP_LAST_HOOK), cur_hook(NULL), cur_hooks(0), callout_state(HTTP_API_NO_CALLOUT),
+    terminate_sm(false), kill_this_async_done(false), parse_range_done(false)
 {
   memset(&history, 0, sizeof(history));
   memset(&vc_table, 0, sizeof(vc_table));
@@ -5627,6 +5627,7 @@ HttpSM::attach_server_session(HttpServerSession *s)
   server_entry->vc_type = HTTP_SERVER_VC;
   server_entry->vc_handler = &HttpSM::state_send_server_request_header;
 
+
   // es - is this a concern here in HttpSM?  Does it belong somewhere else?
   // Get server and client connections
   UnixNetVConnection *server_vc = (UnixNetVConnection *)(server_session->get_netvc());
@@ -5652,6 +5653,12 @@ HttpSM::attach_server_session(HttpServerSession *s)
     server_vc->setOriginTracePort(0);
   }
 
+  // set flag for server session is SSL
+  SSLNetVConnection *server_ssl_vc = dynamic_cast<SSLNetVConnection *>(server_vc);
+  if (server_ssl_vc) {
+    server_connection_is_ssl = true;
+  }
+
   // Initiate a read on the session so that the SM and not
   //  session manager will get called back if the timeout occurs
   //  or the server closes on us.  The IO Core now requires us to

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0a58767f/proxy/http/HttpSM.h
----------------------------------------------------------------------
diff --git a/proxy/http/HttpSM.h b/proxy/http/HttpSM.h
index c374905..9764899 100644
--- a/proxy/http/HttpSM.h
+++ b/proxy/http/HttpSM.h
@@ -500,6 +500,7 @@ public:
   const char *client_sec_protocol;
   const char *client_cipher_suite;
   int server_transact_count;
+  bool server_connection_is_ssl;
 
   TransactionMilestones milestones;
   ink_hrtime api_timer;

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0a58767f/proxy/logging/Log.cc
----------------------------------------------------------------------
diff --git a/proxy/logging/Log.cc b/proxy/logging/Log.cc
index d2c7694..2d635ab 100644
--- a/proxy/logging/Log.cc
+++ b/proxy/logging/Log.cc
@@ -478,7 +478,7 @@ Log::init_fields()
   global_field_list.add(field, false);
   ink_hash_table_insert(field_symbol_hash, "cqtr", field);
 
-  field = new LogField("client_req_ssl_reused", "cqssl", LogField::dINT, &LogAccess::marshal_client_req_is_ssl,
+  field = new LogField("client_req_is_ssl", "cqssl", LogField::dINT, &LogAccess::marshal_client_req_is_ssl,
                        &LogAccess::unmarshal_int_to_str);
   global_field_list.add(field, false);
   ink_hash_table_insert(field_symbol_hash, "cqssl", field);
@@ -653,8 +653,12 @@ Log::init_fields()
   global_field_list.add(field, false);
   ink_hash_table_insert(field_symbol_hash, "php", field);
 
-  // server -> proxy fields
+  field = new LogField("proxy_req_is_ssl", "pqssl", LogField::sINT, &LogAccess::marshal_proxy_req_is_ssl,
+                       &LogAccess::unmarshal_int_to_str);
+  global_field_list.add(field, false);
+  ink_hash_table_insert(field_symbol_hash, "pqssl", field);
 
+  // server -> proxy fields
   field = new LogField("server_host_ip", "shi", LogField::IP, &LogAccess::marshal_server_host_ip, &LogAccess::unmarshal_ip_to_str);
 
   global_field_list.add(field, false);

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0a58767f/proxy/logging/LogAccess.cc
----------------------------------------------------------------------
diff --git a/proxy/logging/LogAccess.cc b/proxy/logging/LogAccess.cc
index a671a59..69e454a 100644
--- a/proxy/logging/LogAccess.cc
+++ b/proxy/logging/LogAccess.cc
@@ -465,6 +465,14 @@ LogAccess::marshal_proxy_host_ip(char *buf)
   return marshal_ip(buf, &Machine::instance()->ip.sa);
 }
 
+/*-------------------------------------------------------------------------
+  -------------------------------------------------------------------------*/
+
+int
+LogAccess::marshal_proxy_req_is_ssl(char *buf)
+{
+  DEFAULT_INT_FIELD;
+}
 
 /*-------------------------------------------------------------------------
   -------------------------------------------------------------------------*/

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0a58767f/proxy/logging/LogAccess.h
----------------------------------------------------------------------
diff --git a/proxy/logging/LogAccess.h b/proxy/logging/LogAccess.h
index 8eabc73..27442ae 100644
--- a/proxy/logging/LogAccess.h
+++ b/proxy/logging/LogAccess.h
@@ -220,6 +220,7 @@ public:
   inkcoreapi virtual int marshal_proxy_hierarchy_route(char *); // INT
   inkcoreapi virtual int marshal_proxy_host_name(char *);       // STR
   inkcoreapi virtual int marshal_proxy_host_ip(char *);         // STR
+  inkcoreapi virtual int marshal_proxy_req_is_ssl(char *);      // INT
 
   //
   // server -> proxy fields

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0a58767f/proxy/logging/LogAccessHttp.cc
----------------------------------------------------------------------
diff --git a/proxy/logging/LogAccessHttp.cc b/proxy/logging/LogAccessHttp.cc
index fa14463..68e3bff 100644
--- a/proxy/logging/LogAccessHttp.cc
+++ b/proxy/logging/LogAccessHttp.cc
@@ -954,6 +954,20 @@ LogAccessHttp::marshal_proxy_req_server_port(char *buf)
   -------------------------------------------------------------------------*/
 
 int
+LogAccessHttp::marshal_proxy_req_is_ssl(char *buf)
+{
+  if (buf) {
+    int64_t is_ssl;
+    is_ssl = m_http_sm->server_connection_is_ssl;
+    marshal_int(buf, is_ssl);
+  }
+  return INK_MIN_ALIGN;
+}
+
+/*-------------------------------------------------------------------------
+  -------------------------------------------------------------------------*/
+
+int
 LogAccessHttp::marshal_proxy_hierarchy_route(char *buf)
 {
   if (buf) {

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0a58767f/proxy/logging/LogAccessHttp.h
----------------------------------------------------------------------
diff --git a/proxy/logging/LogAccessHttp.h b/proxy/logging/LogAccessHttp.h
index 9ce0e71e..47677de 100644
--- a/proxy/logging/LogAccessHttp.h
+++ b/proxy/logging/LogAccessHttp.h
@@ -101,6 +101,7 @@ public:
   virtual int marshal_proxy_req_server_port(char *); // INT
   virtual int marshal_proxy_hierarchy_route(char *); // INT
   virtual int marshal_proxy_host_port(char *);       // INT
+  virtual int marshal_proxy_req_is_ssl(char *);      // INT
 
   //
   // server -> proxy fields