---------------------
PatchSet 329 
Date: 2002/12/12 09:15:11
Author: apbarrett
Branch: follow_xff
Tag: (none) 
Log:
Passing answer=-1 to clientFollowXForwardedForDone() was useful only
for debugging.  We no longer really need that level of debugging, so
simplify the code a little.

Members: 
	src/client_side_request.cc:1.4.6.5->1.4.6.6 

Index: squid3/src/client_side_request.cc
===================================================================
RCS file: /cvsroot/squid-sf//squid3/src/client_side_request.cc,v
retrieving revision 1.4.6.5
retrieving revision 1.4.6.6
diff -u -r1.4.6.5 -r1.4.6.6
--- squid3/src/client_side_request.cc	11 Dec 2002 11:07:35 -0000	1.4.6.5
+++ squid3/src/client_side_request.cc	12 Dec 2002 09:15:11 -0000	1.4.6.6
@@ -1,6 +1,6 @@
 
 /*
- * $Id: client_side_request.cc,v 1.4.6.5 2002/12/11 11:07:35 apbarrett Exp $
+ * $Id: client_side_request.cc,v 1.4.6.6 2002/12/12 09:15:11 apbarrett Exp $
  * 
  * DEBUG: section 85    Client-side Request Routines
  * AUTHOR: Robert Collins (Originally Duane Wessels in client_side.c)
@@ -245,7 +245,7 @@
     } else {
 	/* not configured to follow X-Forwarded-For, or nothing to follow */
 	debug(85, 5) ("clientFollowXForwardedForStart: nothing to do\n");
-	clientFollowXForwardedForDone(-1, context);
+	clientFollowXForwardedForDone(ACCESS_DENIED, context);
     }
 }
 
@@ -267,7 +267,7 @@
     } else {
 	/* nothing left to follow */
 	debug(85, 5) ("clientFollowXForwardedForNext: nothing more to do\n");
-	clientFollowXForwardedForDone(-1, context);
+	clientFollowXForwardedForDone(ACCESS_DENIED, context);
     }
 }
 
@@ -278,13 +278,7 @@
     clientHttpRequest *http = context->http;
     request_t *request = http->request;
     context->acl_checklist = NULL;
-    /*
-     * answer should be be ACCESS_ALLOWED or ACCESS_DENIED if we are
-     * called as a result of ACL checks, or -1 if we are called when
-     * there's nothing left to do.
-     *
-     * XXX: We should us a symbolic constant instead of -1.
-     */
+
     if (answer == ACCESS_ALLOWED) {
 	/*
 	 * The IP address currently in request->indirect_client_addr
@@ -342,14 +336,19 @@
 	}
 	clientFollowXForwardedForNext(context);
 	return;
-    } else if (answer == ACCESS_DENIED) {
-	debug(85, 5) ("clientFollowXForwardedForDone: "
-		      "indirect_client_addr=%s not trusted\n",
-		      inet_ntoa(request->indirect_client_addr));
     } else {
+	/*
+	 * (answer == ACCESS_DENIED) can happen when an ACL says
+	 * we have to stop examining the X-Forwarded-For header,
+	 * or when we have finished examining the header.
+	 */
 	debug(85, 5) ("clientFollowXForwardedForDone: "
-		      "indirect_client_addr=%s nothing more to do\n",
-		      inet_ntoa(request->indirect_client_addr));
+		      "indirect_client_addr=%s %s\n",
+		      inet_ntoa(request->indirect_client_addr),
+		      (strLen(context->xff_state) == 0
+			  ? "nothing more to do"
+			  : "not trusted")
+		      );
     }
 cleanup:
     /* clean up, and pass control to clientAccessCheck */