This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 8.0.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/8.0.x by this push:
new 2d30dac access_control: reduced some log errs to debug
2d30dac is described below
commit 2d30dac708fb2d441aa85593169023f4dfc254e4
Author: Gancho Tenev <[email protected]>
AuthorDate: Wed Nov 7 14:14:54 2018 -0800
access_control: reduced some log errs to debug
Reduced some errors to debug if they can happen during normal operation
and added some extra debugging info for the unexpected ones.
(cherry picked from commit b7b87850d9e39572741487dcdd3963c54bed45a9)
---
plugins/experimental/access_control/plugin.cc | 18 +++++++++++++-----
1 file changed, 13 insertions(+), 5 deletions(-)
diff --git a/plugins/experimental/access_control/plugin.cc
b/plugins/experimental/access_control/plugin.cc
index bcc68f9..5f003e3 100644
--- a/plugins/experimental/access_control/plugin.cc
+++ b/plugins/experimental/access_control/plugin.cc
@@ -32,6 +32,8 @@
#include "utils.h" /* cryptoBase64Decode.* functions */
#include "headers.h" /* getHeader, setHeader, removeHeader */
+static const std::string_view UNKNOWN{"unknown"};
+
static const char *
getEventName(TSEvent event)
{
@@ -415,12 +417,18 @@ contHandleAccessControl(const TSCont contp, TSEvent
event, void *edata)
TSHandleMLocRelease(serverRespBufp, TS_NULL_MLOC, serverRespHdrLoc);
} else {
- AccessControlError("failed to retrieve server response header");
+ int len;
+ char *url = TSHttpTxnEffectiveUrlStringGet(txnp, &len);
+ AccessControlError("failed to retrieve server response header for
request url:%.*s",
+ (len ? len : static_cast<int>(UNKNOWN.size())),
(url ? url : UNKNOWN.data()));
}
TSHandleMLocRelease(clientRespBufp, TS_NULL_MLOC, clientRespHdrLoc);
} else {
- AccessControlError("failed to retrieve client response header");
+ int len;
+ char *url = TSHttpTxnEffectiveUrlStringGet(txnp, &len);
+ AccessControlError("failed to retrieve client response header for
request url:%.*s",
+ (len ? len : static_cast<int>(UNKNOWN.size())),
(url ? url : UNKNOWN.data()));
}
}
} break;
@@ -583,7 +591,7 @@ TSRemapDoRemap(void *instance, TSHttpTxn txnp,
TSRemapRequestInfo *rri)
String pattern;
if (config->_uriPathScope.empty()) {
/* Scope match enforce access control */
- AccessControlError("no plugin scope specified, enforcing access
control");
+ AccessControlDebug("no plugin scope specified, enforcing access
control");
remapStatus = enforceAccessControl(txnp, rri, config);
} else {
if (true == config->_uriPathScope.matchAll(reqPath, filename,
pattern)) {
@@ -592,13 +600,13 @@ TSRemapDoRemap(void *instance, TSHttpTxn txnp,
TSRemapRequestInfo *rri)
/* Scope match enforce access control */
remapStatus = enforceAccessControl(txnp, rri, config);
} else {
- AccessControlError("not matching plugin scope (file: %s, pattern
%s), skipping access control for path '%s'",
+ AccessControlDebug("not matching plugin scope (file: %s, pattern
%s), skipping access control for path '%s'",
filename.c_str(), pattern.c_str(),
reqPath.c_str());
}
}
} else {
TSHttpTxnStatusSet(txnp, config->_invalidRequest);
- AccessControlError("https is the only allowed scheme (plugin should be
used only with TLS)");
+ AccessControlDebug("https is the only allowed scheme (plugin should be
used only with TLS)");
remapStatus = TSREMAP_DID_REMAP;
}
} else {
