PeekingPeerConnector.h
Go to the documentation of this file.
1 /*
2  * Copyright (C) 1996-2020 The Squid Software Foundation and contributors
3  *
4  * Squid software is distributed under GPLv2+ license and includes
5  * contributions from numerous individuals and organizations.
6  * Please see the COPYING and CONTRIBUTORS files for details.
7  */
8 
9 #ifndef SQUID_SRC_SSL_PEEKINGPEERCONNECTOR_H
10 #define SQUID_SRC_SSL_PEEKINGPEERCONNECTOR_H
11 
12 #include "security/PeerConnector.h"
13 
14 #if USE_OPENSSL
15 
16 namespace Ssl
17 {
18 
22 public:
24  const Comm::ConnectionPointer &aServerConn,
25  const Comm::ConnectionPointer &aClientConn,
26  AsyncCall::Pointer &aCallback,
27  const AccessLogEntryPointer &alp,
28  const time_t timeout = 0) :
29  AsyncJob("Ssl::PeekingPeerConnector"),
30  Security::PeerConnector(aServerConn, aCallback, alp, timeout),
31  clientConn(aClientConn),
32  splice(false),
34  {
35  request = aRequest;
36  }
37 
38  /* Security::PeerConnector API */
39  virtual bool initialize(Security::SessionPointer &);
41  virtual void noteWantWrite();
42  virtual void noteNegotiationError(const int result, const int ssl_error, const int ssl_lib_error);
43  virtual void noteNegotiationDone(ErrorState *error);
44 
48 
51  void checkForPeekAndSplice();
52 
55 
57  void checkForPeekAndSpliceMatched(const Ssl::BumpMode finalMode);
58 
61 
65 
67  void startTunneling();
68 
70  static void cbCheckForPeekAndSpliceDone(Acl::Answer answer, void *data);
71 
72 private:
73 
76 
79  bool splice;
81 };
82 
83 } // namespace Ssl
84 
85 #endif /* USE_OPENSSL */
86 #endif /* SQUID_SRC_SSL_PEEKINGPEERCONNECTOR_H */
87 
virtual void noteNegotiationDone(ErrorState *error)
PeerConnector(const Comm::ConnectionPointer &aServerConn, AsyncCall::Pointer &aCallback, const AccessLogEntryPointer &alp, const time_t timeout=0)
void startTunneling()
Abruptly stops TLS negotiation and starts tunneling.
std::shared_ptr< SSL_CTX > ContextPointer
Definition: Context.h:29
HttpRequestPointer request
peer connection trigger or cause
void error(char *format,...)
BumpMode
Definition: support.h:136
Ssl::BumpMode checkForPeekAndSpliceGuess() const
Guesses the final bumping decision when no ssl_bump rules match.
virtual bool initialize(Security::SessionPointer &)
A PeerConnector for HTTP origin servers. Capable of SslBumping.
static void cbCheckForPeekAndSpliceDone(Acl::Answer answer, void *data)
A wrapper function for checkForPeekAndSpliceDone for use with acl.
void checkForPeekAndSpliceDone(Acl::Answer answer)
Callback function for ssl_bump acl check in step3 SSL bump step.
bool splice
whether we are going to splice or not
Definition: Xaction.cc:47
AsyncCall::Pointer closeHandler
we call this when the connection closed
virtual void noteNegotiationError(const int result, const int ssl_error, const int ssl_lib_error)
void const char HLPCB void * data
Definition: stub_helper.cc:16
Comm::ConnectionPointer clientConn
TCP connection to the client.
bool serverCertificateHandled
whether handleServerCertificate() succeeded
PeekingPeerConnector(HttpRequestPointer &aRequest, const Comm::ConnectionPointer &aServerConn, const Comm::ConnectionPointer &aClientConn, AsyncCall::Pointer &aCallback, const AccessLogEntryPointer &alp, const time_t timeout=0)
std::shared_ptr< SSL > SessionPointer
Definition: Session.h:44
virtual Security::ContextPointer getTlsContext()
CBDATA_CLASS(PeekingPeerConnector)
void checkForPeekAndSpliceMatched(const Ssl::BumpMode finalMode)
Handles the final bumping decision.
void tunnelInsteadOfNegotiating()
Inform caller class that the SSL negotiation aborted.
#define false
Definition: GnuRegex.c:233
Network/connection security abstraction layer.
Definition: Connection.h:33

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors