trafficserver-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From zw...@apache.org
Subject [trafficserver] branch master updated: Adds a new condition, %{IP:<part>}
Date Mon, 03 Apr 2017 14:50:01 GMT
This is an automated email from the ASF dual-hosted git repository.

zwoop pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git

The following commit(s) were added to refs/heads/master by this push:
       new  9746ceb   Adds a new condition, %{IP:<part>}
9746ceb is described below

commit 9746cebcbc7c5d8e7f52dfd03d04909f8c97e13c
Author: Leif Hedstrom <zwoop@apache.org>
AuthorDate: Wed Mar 29 17:23:15 2017 -0500

    Adds a new condition, %{IP:<part>}
    
    This replaces the old %{CLIENT-IP}, and generalizes the access to
    all four IP addresses. E.g.
    
    cond %{SEND_RESPONSE_HDR_HOOK}
         set-header X-Client-IP %{IP:CLIENT}
         set-header X-Inbound-IP %{IP:INBOUND}
         set-header X-Server-IP %{IP:SERVER}
         set-header X-Outbound-IP %{IP:OUTBOUND}
    
    In the case of a sockaddr not being populated, e.g. IP:SERVER on
    a cache hit, the string is "" (empty).
---
 doc/admin-guide/plugins/header_rewrite.en.rst | 31 ++++++++++++
 plugins/header_rewrite/conditions.cc          | 70 +++++++++++++++++++++++++++
 plugins/header_rewrite/conditions.h           | 18 +++++++
 plugins/header_rewrite/factory.cc             |  4 ++
 plugins/header_rewrite/lulu.cc                |  9 ++++
 plugins/header_rewrite/statement.h            |  9 ++++
 6 files changed, 141 insertions(+)

diff --git a/doc/admin-guide/plugins/header_rewrite.en.rst b/doc/admin-guide/plugins/header_rewrite.en.rst
index 7071fbe..ee08669 100644
--- a/doc/admin-guide/plugins/header_rewrite.en.rst
+++ b/doc/admin-guide/plugins/header_rewrite.en.rst
@@ -179,6 +179,8 @@ CLIENT-IP
 Remote IP address, as a string, of the client connection for the current
 transaction.
 
+This condition is *deprecated* as of ATS v7.2.x, please use %{IP:CLIENT} instead.
+
 CLIENT-URL
 ~~~~~~~~~~
 ::
@@ -291,6 +293,35 @@ INCOMING-PORT
 TCP port, as a decimal integer, on which the incoming client connection was
 made.
 
+IP
+~~
+::
+
+    cond %{IP:<part>} <operand>
+
+This is one of four possible IPs associated with the transaction, with the
+possible parts being
+::
+
+    %{IP:CLIENT}     Clients IP
+    %{IP:INBOUND}    ATS's server IP the client connected to
+    %{IP:SERVER}     Upstream (next-hop) server IP (typically origin, or parent)
+    %{IP:OUTBOUND}   ATS's outbound IP, that was used to connect upstream (next-hop)
+
+Note that both %{IP:SERVER} and %{IP:OUTBOUND} can be unset, in which case the
+empty string is returned. The common use for this condition is
+actually as a value to an operator, e.g.
+::
+
+   cond %{SEND_RESPONSE_HDR_HOOK}
+     set-header X-Client-IP %{IP:CLIENT}
+     set-header X-Inbound-IP %{IP:INBOUND}
+     set-header X-Server-IP %{IP:SERVER}
+     set-header X-Outbound-IP %{IP:OUTBOUND}
+
+Finally, this new condition replaces the old %{CLIENT-IP} condition, which is
+now properly deprecated. It will be removed as of ATS v8.0.0.
+
 INTERNAL-TRANSACTION
 ~~~~~~~~~~~~~~~~~~~~
 ::
diff --git a/plugins/header_rewrite/conditions.cc b/plugins/header_rewrite/conditions.cc
index d4425be..b1e0269 100644
--- a/plugins/header_rewrite/conditions.cc
+++ b/plugins/header_rewrite/conditions.cc
@@ -582,6 +582,76 @@ ConditionClientIp::append_value(std::string &s, const Resources &res)
 }
 
 void
+ConditionIp::initialize(Parser &p)
+{
+  Condition::initialize(p);
+
+  MatcherType *match = new MatcherType(_cond_op);
+
+  match->set(p.get_arg());
+  _matcher = match;
+}
+
+void
+ConditionIp::set_qualifier(const std::string &q)
+{
+  Condition::set_qualifier(q);
+
+  TSDebug(PLUGIN_NAME, "\tParsing %%{IP:%s} qualifier", q.c_str());
+
+  if (q == "CLIENT") {
+    _ip_qual = IP_QUAL_CLIENT;
+  } else if (q == "INBOUND") {
+    _ip_qual = IP_QUAL_INBOUND;
+  } else if (q == "SERVER") {
+    _ip_qual = IP_QUAL_SERVER;
+  } else if (q == "OUTBOUND") {
+    _ip_qual = IP_QUAL_OUTBOUND;
+  } else {
+    TSError("[%s] Unknown IP() qualifier: %s", PLUGIN_NAME, q.c_str());
+  }
+}
+
+bool
+ConditionIp::eval(const Resources &res)
+{
+  std::string s;
+
+  append_value(s, res);
+  bool rval = static_cast<const Matchers<std::string> *>(_matcher)->test(s);
+
+  TSDebug(PLUGIN_NAME, "Evaluating IP(): %s - rval: %d", s.c_str(), rval);
+
+  return rval;
+}
+
+void
+ConditionIp::append_value(std::string &s, const Resources &res)
+{
+  bool ip_set = false;
+  char ip[INET6_ADDRSTRLEN];
+
+  switch (_ip_qual) {
+  case IP_QUAL_CLIENT:
+    ip_set = (nullptr != getIP(TSHttpTxnClientAddrGet(res.txnp), ip));
+    break;
+  case IP_QUAL_INBOUND:
+    ip_set = (nullptr != getIP(TSHttpTxnIncomingAddrGet(res.txnp), ip));
+    break;
+  case IP_QUAL_SERVER:
+    ip_set = (nullptr != getIP(TSHttpTxnServerAddrGet(res.txnp), ip));
+    break;
+  case IP_QUAL_OUTBOUND:
+    ip_set = (nullptr != getIP(TSHttpTxnOutgoingAddrGet(res.txnp), ip));
+    break;
+  }
+
+  if (ip_set) {
+    s.append(ip);
+  }
+}
+
+void
 ConditionIncomingPort::initialize(Parser &p)
 {
   Condition::initialize(p);
diff --git a/plugins/header_rewrite/conditions.h b/plugins/header_rewrite/conditions.h
index 3f31126..640f1a5 100644
--- a/plugins/header_rewrite/conditions.h
+++ b/plugins/header_rewrite/conditions.h
@@ -359,6 +359,24 @@ protected:
   bool eval(const Resources &res);
 };
 
+class ConditionIp : public Condition
+{
+  typedef Matchers<std::string> MatcherType;
+
+public:
+  explicit ConditionIp() : _ip_qual(IP_QUAL_CLIENT) { TSDebug(PLUGIN_NAME_DBG, "Calling CTOR
for ConditionIp"); };
+  void initialize(Parser &p);
+  void set_qualifier(const std::string &q);
+  void append_value(std::string &s, const Resources &res);
+
+protected:
+  bool eval(const Resources &res);
+
+private:
+  DISALLOW_COPY_AND_ASSIGN(ConditionIp);
+  IpQualifiers _ip_qual;
+};
+
 class ConditionClientIp : public Condition
 {
   typedef Matchers<std::string> MatcherType;
diff --git a/plugins/header_rewrite/factory.cc b/plugins/header_rewrite/factory.cc
index 2acbdc8..3b70c7a 100644
--- a/plugins/header_rewrite/factory.cc
+++ b/plugins/header_rewrite/factory.cc
@@ -123,7 +123,11 @@ condition_factory(const std::string &cond)
     c = new ConditionInternalTxn();
   } else if (c_name == "INTERNAL-TXN") {
     c = new ConditionInternalTxn();
+  } else if (c_name == "IP") {
+    c = new ConditionIp();
   } else if (c_name == "CLIENT-IP") {
+    TSDebug(PLUGIN_NAME, "\tWARNING: configuration uses deprecated condition, CLIENT-IP()");
+    TSError("warning: CLIENT-IP() is deprecated, use %%{IP:CLIENT} instead");
     c = new ConditionClientIp();
   } else if (c_name == "INCOMING-PORT") {
     c = new ConditionIncomingPort();
diff --git a/plugins/header_rewrite/lulu.cc b/plugins/header_rewrite/lulu.cc
index 3c08030..78b70f0 100644
--- a/plugins/header_rewrite/lulu.cc
+++ b/plugins/header_rewrite/lulu.cc
@@ -17,6 +17,7 @@
 */
 
 #include <string>
+#include <netinet/in.h>
 
 #include "ts/ts.h"
 #include "lulu.h"
@@ -31,6 +32,14 @@ getIP(sockaddr const *s_sockaddr, char res[INET6_ADDRSTRLEN])
     return nullptr;
   }
 
+  // This is a little kludgy, but the TS APIs that returns sockadd's don't return
+  // nullptr's in general (it seems). Maybe that should be fixed, or maybe we should
+  // export lib/ts/ink_inet.h as C APIs... (according to amc). But without this check,
+  // we get ::1 even when the sockaddr isn't populated (e.g. server addr on a cache hit).
+  if (AF_UNSPEC == s_sockaddr->sa_family) {
+    return nullptr;
+  }
+
   switch (s_sockaddr->sa_family) {
   case AF_INET: {
     const struct sockaddr_in *s_sockaddr_in = reinterpret_cast<const struct sockaddr_in
*>(s_sockaddr);
diff --git a/plugins/header_rewrite/statement.h b/plugins/header_rewrite/statement.h
index 7aa627b..69e2df5 100644
--- a/plugins/header_rewrite/statement.h
+++ b/plugins/header_rewrite/statement.h
@@ -72,6 +72,15 @@ enum IdQualifiers {
   ID_QUAL_UNIQUE,
 };
 
+// IP
+enum IpQualifiers {
+  IP_QUAL_CLIENT,
+  IP_QUAL_INBOUND,
+  // These two might not necessarily get populated, e.g. on a cache hit.
+  IP_QUAL_SERVER,
+  IP_QUAL_OUTBOUND,
+};
+
 class Statement
 {
 public:

-- 
To stop receiving notification emails like this one, please contact
['"commits@trafficserver.apache.org" <commits@trafficserver.apache.org>'].

Mime
View raw message