squid-cache · yadij · Oct 6, 2023 · Oct 8, 2023
diff --git a/src/acl/FilledChecklist.cc b/src/acl/FilledChecklist.cc
@@ -26,7 +26,6 @@ CBDATA_CLASS_INIT(ACLFilledChecklist);
 
 ACLFilledChecklist::ACLFilledChecklist() :
     dst_rdns(nullptr),
-    request (nullptr),
     reply (nullptr),
 #if USE_AUTH
     auth_user_request (nullptr),
@@ -52,8 +51,6 @@ ACLFilledChecklist::~ACLFilledChecklist()
 
     safe_free(dst_rdns); // created by xstrdup().
 
-    HTTPMSGUNLOCK(request);
-
     HTTPMSGUNLOCK(reply);
 
     cbdataReferenceDone(conn_);
@@ -89,13 +86,13 @@ ACLFilledChecklist::verifyAle() const
             showDebugWarning("HttpRequest object");
             // XXX: al->request should be original,
             // but the request may be already adapted
-            al->request = request;
+            al->request = request.getRaw();
             HTTPMSGLOCK(al->request);
         }
 
         if (!al->adapted_request) {
             showDebugWarning("adapted HttpRequest object");
-            al->adapted_request = request;
+            al->adapted_request = request.getRaw();
             HTTPMSGLOCK(al->adapted_request);
         }
 
@@ -213,7 +210,6 @@ ACLFilledChecklist::markSourceDomainChecked()
  */
 ACLFilledChecklist::ACLFilledChecklist(const acl_access *A, HttpRequest *http_request, const char *ident):
     dst_rdns(nullptr),
-    request(nullptr),
     reply(nullptr),
 #if USE_AUTH
     auth_user_request(nullptr),
@@ -242,7 +238,6 @@ void ACLFilledChecklist::setRequest(HttpRequest *httpRequest)
     assert(!request);
     if (httpRequest) {
         request = httpRequest;
-        HTTPMSGLOCK(request);
 #if FOLLOW_X_FORWARDED_FOR
         if (Config.onoff.acl_uses_indirect_client)
             src_addr = request->indirect_client_addr;

diff --git a/src/acl/FilledChecklist.h b/src/acl/FilledChecklist.h
@@ -14,6 +14,7 @@
 #include "acl/forward.h"
 #include "base/CbcPointer.h"
 #include "error/forward.h"
+#include "HttpRequest.h"
 #include "ip/Address.h"
 #if USE_AUTH
 #include "auth/UserRequest.h"
@@ -22,8 +23,6 @@
 
 class CachePeer;
 class ConnStateData;
-class HttpRequest;
-class HttpReply;
 
 /** \ingroup ACLAPI
     ACLChecklist filled with specific data, representing Squid and transaction
@@ -76,7 +75,7 @@ class ACLFilledChecklist: public ACLChecklist
     SBuf dst_peer_name;
     char *dst_rdns;
 
-    HttpRequest *request;
+    HttpRequestPointer request;
     HttpReply *reply;
 
     char rfc931[USER_IDENT_SZ];

diff --git a/src/auth/Acl.cc b/src/auth/Acl.cc
@@ -28,10 +28,10 @@ Acl::Answer
 AuthenticateAcl(ACLChecklist *ch)
 {
     ACLFilledChecklist *checklist = Filled(ch);
-    HttpRequest *request = checklist->request;
+    const auto request = checklist->request;
     Http::HdrType headertype;
 
-    if (nullptr == request) {
+    if (!request) {
         fatal ("requiresRequest SHOULD have been true for this ACL!!");
         return ACCESS_DENIED;
     } else if (request->flags.sslBumped) {
@@ -55,7 +55,7 @@ AuthenticateAcl(ACLChecklist *ch)
     /* get authed here */
     /* Note: this fills in auth_user_request when applicable */
     const AuthAclState result = Auth::UserRequest::tryToAuthenticateAndSetAuthUser(
-                                    &checklist->auth_user_request, headertype, request,
+                                    &checklist->auth_user_request, headertype, checklist->request.getRaw(),
                                     checklist->conn(), checklist->src_addr, checklist->al);
     switch (result) {
 

diff --git a/src/auth/AclProxyAuth.cc b/src/auth/AclProxyAuth.cc
@@ -120,7 +120,7 @@ ProxyAuthLookup::checkForAsync(ACLChecklist *cl) const
     /* make sure someone created auth_user_request for us */
     assert(checklist->auth_user_request != nullptr);
     assert(checklist->auth_user_request->valid());
-    checklist->auth_user_request->start(checklist->request, checklist->al, LookupDone, checklist);
+    checklist->auth_user_request->start(checklist->request.getRaw(), checklist->al, LookupDone, checklist);
 }
 
 void

diff --git a/src/external_acl.cc b/src/external_acl.cc
@@ -569,7 +569,7 @@ ACLExternal::~ACLExternal()
 }
 
 static void
-copyResultsFromEntry(HttpRequest *req, const ExternalACLEntryPointer &entry)
+copyResultsFromEntry(HttpRequestPointer &req, const ExternalACLEntryPointer &entry)
 {
     if (req) {
 #if USE_AUTH