(trafficserver) branch master updated: Pull out down origin check from HttpSM::apply_ip_allow_filter (#10831)

Mon, 08 Jan 2024 09:01:50 -0800 

This is an automated email from the ASF dual-hosted git repository.

bneradt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
     new 1894a4756a Pull out down origin check from 
HttpSM::apply_ip_allow_filter (#10831)
1894a4756a is described below

commit 1894a4756af0ca9a0e0a2da8496930bf3431f0a8
Author: Brian Neradt <[email protected]>
AuthorDate: Mon Jan 8 11:01:36 2024 -0600

    Pull out down origin check from HttpSM::apply_ip_allow_filter (#10831)
    
    In a refactor on master for the ip_allow implementation in HttpSM
    (see #9845) put into HttpSM::apply_ip_allow_filter. However, the down
    origin feature is orthogonal to ip_allow and it is confusing to
    implement its feature in a function that communicates that it implements
    ip_allow filtering. This separates the down origin check from that
    function like it was before the refactor.
---
 src/proxy/http/HttpSM.cc | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/src/proxy/http/HttpSM.cc b/src/proxy/http/HttpSM.cc
index 5cf84ca272..f4f2e46df6 100644
--- a/src/proxy/http/HttpSM.cc
+++ b/src/proxy/http/HttpSM.cc
@@ -5108,20 +5108,14 @@ HttpSM::get_outbound_sni() const
 bool
 HttpSM::apply_ip_allow_filter()
 {
-  bool result{true};
   // Method allowed on dest IP address check
   IpAllow::ACL acl = IpAllow::match(this->get_server_remote_addr(), 
IpAllow::DST_ADDR);
 
   if (ip_allow_is_request_forbidden(acl)) {
     ip_allow_deny_request(acl);
-    result = false;
-  } else if (HttpTransact::is_server_negative_cached(&t_state) == true &&
-             t_state.txn_conf->connect_attempts_max_retries_down_server <= 0) {
-    call_transact_and_set_next_state(HttpTransact::OriginDown);
-    result = false;
+    return false;
   }
-
-  return result;
+  return true;
 }
 
 bool
@@ -5277,6 +5271,12 @@ HttpSM::do_http_server_open(bool raw, bool only_direct)
       return;
     }
   }
+  if (HttpTransact::is_server_negative_cached(&t_state) == true &&
+      t_state.txn_conf->connect_attempts_max_retries_down_server <= 0) {
+    SMDebug("http_seq", "Not connecting to the server because it is marked 
down.");
+    call_transact_and_set_next_state(HttpTransact::OriginDown);
+    return;
+  }
 
   // Check for self loop.
   if (!_ua.get_txn()->is_outbound_transparent() && 
HttpTransact::will_this_request_self_loop(&t_state)) {

Reply via email to