Repository: trafficserver Updated Branches: refs/heads/master 05af23fb9 -> 0a58767f7
[TS-3911] New log tag for proxy connection being over SSL, pqssl. This closes #293. Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/0a58767f Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/0a58767f Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/0a58767f Branch: refs/heads/master Commit: 0a58767f73778f26a4b418791bb27752da8b534e Parents: 05af23f Author: ericcarlschwartz <[email protected]> Authored: Mon Sep 14 11:04:10 2015 -0700 Committer: shinrich <[email protected]> Committed: Mon Sep 21 12:44:10 2015 -0500 ---------------------------------------------------------------------- doc/admin/event-logging-formats.en.rst | 6 ++++++ proxy/http/HttpSM.cc | 13 ++++++++++--- proxy/http/HttpSM.h | 1 + proxy/logging/Log.cc | 8 ++++++-- proxy/logging/LogAccess.cc | 8 ++++++++ proxy/logging/LogAccess.h | 1 + proxy/logging/LogAccessHttp.cc | 14 ++++++++++++++ proxy/logging/LogAccessHttp.h | 1 + 8 files changed, 47 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0a58767f/doc/admin/event-logging-formats.en.rst ---------------------------------------------------------------------- diff --git a/doc/admin/event-logging-formats.en.rst b/doc/admin/event-logging-formats.en.rst index b488b2a..9302b2b 100644 --- a/doc/admin/event-logging-formats.en.rst +++ b/doc/admin/event-logging-formats.en.rst @@ -445,6 +445,12 @@ The following list describes Traffic Server custom logging fields. ``pssc`` The HTTP response status code from Traffic Server to the client. +.. _pqssl: + +``pqssl`` + Indicates whether the connection from Traffic Server to the origin + was over SSL or not. + .. _shi: ``shi`` http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0a58767f/proxy/http/HttpSM.cc ---------------------------------------------------------------------- diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc index 08dfb13..2889ef3 100644 --- a/proxy/http/HttpSM.cc +++ b/proxy/http/HttpSM.cc @@ -278,9 +278,9 @@ HttpSM::HttpSM() server_response_hdr_bytes(0), server_response_body_bytes(0), client_response_hdr_bytes(0), client_response_body_bytes(0), cache_response_hdr_bytes(0), cache_response_body_bytes(0), pushed_response_hdr_bytes(0), pushed_response_body_bytes(0), client_tcp_reused(false), client_ssl_reused(false), client_connection_is_ssl(false), client_sec_protocol("-"), - client_cipher_suite("-"), server_transact_count(0), plugin_tag(0), plugin_id(0), hooks_set(false), - cur_hook_id(TS_HTTP_LAST_HOOK), cur_hook(NULL), cur_hooks(0), callout_state(HTTP_API_NO_CALLOUT), terminate_sm(false), - kill_this_async_done(false), parse_range_done(false) + client_cipher_suite("-"), server_transact_count(0), server_connection_is_ssl(false), plugin_tag(0), plugin_id(0), + hooks_set(false), cur_hook_id(TS_HTTP_LAST_HOOK), cur_hook(NULL), cur_hooks(0), callout_state(HTTP_API_NO_CALLOUT), + terminate_sm(false), kill_this_async_done(false), parse_range_done(false) { memset(&history, 0, sizeof(history)); memset(&vc_table, 0, sizeof(vc_table)); @@ -5627,6 +5627,7 @@ HttpSM::attach_server_session(HttpServerSession *s) server_entry->vc_type = HTTP_SERVER_VC; server_entry->vc_handler = &HttpSM::state_send_server_request_header; + // es - is this a concern here in HttpSM? Does it belong somewhere else? // Get server and client connections UnixNetVConnection *server_vc = (UnixNetVConnection *)(server_session->get_netvc()); @@ -5652,6 +5653,12 @@ HttpSM::attach_server_session(HttpServerSession *s) server_vc->setOriginTracePort(0); } + // set flag for server session is SSL + SSLNetVConnection *server_ssl_vc = dynamic_cast<SSLNetVConnection *>(server_vc); + if (server_ssl_vc) { + server_connection_is_ssl = true; + } + // Initiate a read on the session so that the SM and not // session manager will get called back if the timeout occurs // or the server closes on us. The IO Core now requires us to http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0a58767f/proxy/http/HttpSM.h ---------------------------------------------------------------------- diff --git a/proxy/http/HttpSM.h b/proxy/http/HttpSM.h index c374905..9764899 100644 --- a/proxy/http/HttpSM.h +++ b/proxy/http/HttpSM.h @@ -500,6 +500,7 @@ public: const char *client_sec_protocol; const char *client_cipher_suite; int server_transact_count; + bool server_connection_is_ssl; TransactionMilestones milestones; ink_hrtime api_timer; http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0a58767f/proxy/logging/Log.cc ---------------------------------------------------------------------- diff --git a/proxy/logging/Log.cc b/proxy/logging/Log.cc index d2c7694..2d635ab 100644 --- a/proxy/logging/Log.cc +++ b/proxy/logging/Log.cc @@ -478,7 +478,7 @@ Log::init_fields() global_field_list.add(field, false); ink_hash_table_insert(field_symbol_hash, "cqtr", field); - field = new LogField("client_req_ssl_reused", "cqssl", LogField::dINT, &LogAccess::marshal_client_req_is_ssl, + field = new LogField("client_req_is_ssl", "cqssl", LogField::dINT, &LogAccess::marshal_client_req_is_ssl, &LogAccess::unmarshal_int_to_str); global_field_list.add(field, false); ink_hash_table_insert(field_symbol_hash, "cqssl", field); @@ -653,8 +653,12 @@ Log::init_fields() global_field_list.add(field, false); ink_hash_table_insert(field_symbol_hash, "php", field); - // server -> proxy fields + field = new LogField("proxy_req_is_ssl", "pqssl", LogField::sINT, &LogAccess::marshal_proxy_req_is_ssl, + &LogAccess::unmarshal_int_to_str); + global_field_list.add(field, false); + ink_hash_table_insert(field_symbol_hash, "pqssl", field); + // server -> proxy fields field = new LogField("server_host_ip", "shi", LogField::IP, &LogAccess::marshal_server_host_ip, &LogAccess::unmarshal_ip_to_str); global_field_list.add(field, false); http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0a58767f/proxy/logging/LogAccess.cc ---------------------------------------------------------------------- diff --git a/proxy/logging/LogAccess.cc b/proxy/logging/LogAccess.cc index a671a59..69e454a 100644 --- a/proxy/logging/LogAccess.cc +++ b/proxy/logging/LogAccess.cc @@ -465,6 +465,14 @@ LogAccess::marshal_proxy_host_ip(char *buf) return marshal_ip(buf, &Machine::instance()->ip.sa); } +/*------------------------------------------------------------------------- + -------------------------------------------------------------------------*/ + +int +LogAccess::marshal_proxy_req_is_ssl(char *buf) +{ + DEFAULT_INT_FIELD; +} /*------------------------------------------------------------------------- -------------------------------------------------------------------------*/ http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0a58767f/proxy/logging/LogAccess.h ---------------------------------------------------------------------- diff --git a/proxy/logging/LogAccess.h b/proxy/logging/LogAccess.h index 8eabc73..27442ae 100644 --- a/proxy/logging/LogAccess.h +++ b/proxy/logging/LogAccess.h @@ -220,6 +220,7 @@ public: inkcoreapi virtual int marshal_proxy_hierarchy_route(char *); // INT inkcoreapi virtual int marshal_proxy_host_name(char *); // STR inkcoreapi virtual int marshal_proxy_host_ip(char *); // STR + inkcoreapi virtual int marshal_proxy_req_is_ssl(char *); // INT // // server -> proxy fields http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0a58767f/proxy/logging/LogAccessHttp.cc ---------------------------------------------------------------------- diff --git a/proxy/logging/LogAccessHttp.cc b/proxy/logging/LogAccessHttp.cc index fa14463..68e3bff 100644 --- a/proxy/logging/LogAccessHttp.cc +++ b/proxy/logging/LogAccessHttp.cc @@ -954,6 +954,20 @@ LogAccessHttp::marshal_proxy_req_server_port(char *buf) -------------------------------------------------------------------------*/ int +LogAccessHttp::marshal_proxy_req_is_ssl(char *buf) +{ + if (buf) { + int64_t is_ssl; + is_ssl = m_http_sm->server_connection_is_ssl; + marshal_int(buf, is_ssl); + } + return INK_MIN_ALIGN; +} + +/*------------------------------------------------------------------------- + -------------------------------------------------------------------------*/ + +int LogAccessHttp::marshal_proxy_hierarchy_route(char *buf) { if (buf) { http://git-wip-us.apache.org/repos/asf/trafficserver/blob/0a58767f/proxy/logging/LogAccessHttp.h ---------------------------------------------------------------------- diff --git a/proxy/logging/LogAccessHttp.h b/proxy/logging/LogAccessHttp.h index 9ce0e71e..47677de 100644 --- a/proxy/logging/LogAccessHttp.h +++ b/proxy/logging/LogAccessHttp.h @@ -101,6 +101,7 @@ public: virtual int marshal_proxy_req_server_port(char *); // INT virtual int marshal_proxy_hierarchy_route(char *); // INT virtual int marshal_proxy_host_port(char *); // INT + virtual int marshal_proxy_req_is_ssl(char *); // INT // // server -> proxy fields
