#include "squid.h"
#include "acl/FilledChecklist.h"
#include "acl/Gadgets.h"
#include "anyp/PortCfg.h"
#include "base/AsyncJobCalls.h"
#include "client_side.h"
#include "client_side_reply.h"
#include "client_side_request.h"
#include "ClientRequestContext.h"
#include "clientStream.h"
#include "comm/Connection.h"
#include "comm/Write.h"
#include "err_detail_type.h"
#include "errorpage.h"
#include "fd.h"
#include "fde.h"
#include "format/Token.h"
#include "gopher.h"
#include "helper.h"
#include "helper/Reply.h"
#include "http.h"
#include "http/Stream.h"
#include "HttpHdrCc.h"
#include "HttpReply.h"
#include "HttpRequest.h"
#include "ip/NfMarkConfig.h"
#include "ip/QosConfig.h"
#include "ipcache.h"
#include "log/access_log.h"
#include "MemObject.h"
#include "Parsing.h"
#include "profiler/Profiler.h"
#include "proxyp/Header.h"
#include "redirect.h"
#include "rfc1738.h"
#include "SquidConfig.h"
#include "SquidTime.h"
#include "Store.h"
#include "StrList.h"
#include "tools.h"
#include "wordlist.h"
#include "auth/UserRequest.h"
#include "adaptation/AccessCheck.h"
#include "adaptation/Answer.h"
#include "adaptation/Iterator.h"
#include "adaptation/Service.h"
#include "adaptation/icap/History.h"
#include "ssl/ServerBump.h"
#include "ssl/support.h"

Include dependency graph for client_side_request.cc:

Macros
#define	FAILURE_MODE_TIME 300

Functions
static void	clientFollowXForwardedForCheck (Acl::Answer answer, void *data)

ErrorState *	clientBuildError (err_type, Http::StatusCode, char const url, Ip::Address &, HttpRequest , const AccessLogEntry::Pointer &)

static void	clientAccessCheckDoneWrapper (Acl::Answer, void *)

static void	sslBumpAccessCheckDoneWrapper (Acl::Answer, void *)

static int	clientHierarchical (ClientHttpRequest *http)

static void	clientInterpretRequestHeaders (ClientHttpRequest *http)

static void	checkNoCacheDoneWrapper (Acl::Answer, void *)

static void	checkFailureRatio (err_type, hier_code)

int	clientBeginRequest (const HttpRequestMethod &method, char const url, CSCB streamcallback, CSD streamdetach, ClientStreamData streamdata, HttpHeader const header, char *tailbuf, size_t taillen, const MasterXaction::Pointer &mx)

static void	hostHeaderIpVerifyWrapper (const ipcache_addrs ia, const Dns::LookupDetails &dns, void data)

static void	clientRedirectAccessCheckDone (Acl::Answer answer, void *data)

static void	clientStoreIdAccessCheckDone (Acl::Answer answer, void *data)

static void	clientCheckPinning (ClientHttpRequest *http)

void	clientRedirectDoneWrapper (void *data, const Helper::Reply &result)

void	clientStoreIdDoneWrapper (void *data, const Helper::Reply &result)

static void	SslBumpEstablish (const Comm::ConnectionPointer &, char , size_t, Comm::Flag errflag, int, void data)

tos_t	aclMapTOS (acl_tos head, ACLChecklist ch)
	Checks for a TOS value to apply depending on the ACL. More...

Ip::NfMarkConfig	aclFindNfMarkConfig (acl_nfmark head, ACLChecklist ch)
	Checks for a netfilter mark value to apply depending on the ACL. More...

Variables
static const char *const	crlf = "\r\n"

static HLPCB	clientRedirectDoneWrapper

static HLPCB	clientStoreIdDoneWrapper

SQUIDCEXTERN CSR	clientGetMoreData

SQUIDCEXTERN CSS	clientReplyStatus

SQUIDCEXTERN CSD	clientReplyDetach

Macro Definition Documentation

◆ FAILURE_MODE_TIME

#define FAILURE_MODE_TIME 300

Referenced by checkFailureRatio().

Function Documentation

◆ aclFindNfMarkConfig()

Ip::NfMarkConfig aclFindNfMarkConfig	(	acl_nfmark *	head,
		ACLChecklist *	ch
	)

Definition at line 1443 of file FwdState.cc.

References Acl::Answer::allowed(), ACLChecklist::fastCheck(), and acl_nfmark::next.

Referenced by ClientHttpRequest::clearRequest(), ClientHttpRequest::doCallouts(), and GetNfmarkToServer().

◆ aclMapTOS()

tos_t aclMapTOS	(	acl_tos *	head,
		ACLChecklist *	ch
	)

Definition at line 1431 of file FwdState.cc.

References Acl::Answer::allowed(), ACLChecklist::fastCheck(), and acl_tos::next.

Referenced by ClientHttpRequest::clearRequest(), ClientHttpRequest::doCallouts(), and GetTosToServer().

◆ checkFailureRatio()

static void checkFailureRatio	(	err_type	etype,
		hier_code	hcode
	)

static

This function is designed to serve a fairly specific purpose. Occasionally our vBNS-connected caches can talk to each other, but not the rest of the world. Here we try to detect frequent failures which make the cache unusable (e.g. DNS lookup and connect() failures). If the failure:success ratio goes above 1.0 then we go into "hit only" mode where we only return UDP_HIT or UDP_MISS_NOFETCH. Neighbors will only fetch HITs from us if they are using the ICP protocol. We stay in this mode for 5 minutes.

Duane W., Sept 16, 1996

Definition at line 213 of file client_side_request.cc.

References Config, DBG_CRITICAL, debugs, ERR_CONNECT_FAIL, ERR_DNS_FAIL, ERR_READ_ERROR, ERR_SECURE_CONNECT_FAIL, FAILURE_MODE_TIME, HIER_NONE, hit_only_mode_until, SquidConfig::icp, SquidConfig::Port, request_failure_ratio, and squid_curtime.

Referenced by ClientHttpRequest::~ClientHttpRequest().

◆ checkNoCacheDoneWrapper()

static void checkNoCacheDoneWrapper	(	Acl::Answer	answer,
		void *	data
	)

static

Definition at line 1378 of file client_side_request.cc.

References ClientHttpRequest::calloutContext, ClientRequestContext::checkNoCacheDone(), and ClientRequestContext::httpStateIsValid().

Referenced by ClientRequestContext::checkNoCache().

◆ clientAccessCheckDoneWrapper()

void clientAccessCheckDoneWrapper	(	Acl::Answer	answer,
		void *	data
	)

static

Definition at line 730 of file client_side_request.cc.

References ClientHttpRequest::calloutContext, ClientRequestContext::clientAccessCheckDone(), and ClientRequestContext::httpStateIsValid().

Referenced by ClientRequestContext::clientAccessCheck(), and ClientRequestContext::clientAccessCheck2().

◆ clientBeginRequest()

int clientBeginRequest	(	const HttpRequestMethod &	method,
		char const *	url,
		CSCB *	streamcallback,
		CSD *	streamdetach,
		ClientStreamData	streamdata,
		HttpHeader const *	header,
		char *	tailbuf,
		size_t	taillen,
		const MasterXaction::Pointer &	mx
	)

Create a request and kick it off

Return values

0	success
-1	failure

TODO: Pass in the buffers to be used in the inital Read request, as they are determined by the user

Definition at line 322 of file client_side_request.cc.

Referenced by ESIInclude::Start().

◆ clientBuildError()

ErrorState* clientBuildError	(	err_type	,
		Http::StatusCode	,
		char const *	url,
		Ip::Address &	,
		HttpRequest *	,
		const AccessLogEntry::Pointer &
	)

Definition at line 2339 of file client_side_reply.cc.

Referenced by ClientHttpRequest::calloutsError(), and ClientRequestContext::clientAccessCheckDone().

◆ clientCheckPinning()

static void clientCheckPinning ( ClientHttpRequest * http )

static

◆ clientFollowXForwardedForCheck()

static void clientFollowXForwardedForCheck	(	Acl::Answer	answer,
		void *	data
	)

static

clientFollowXForwardedForCheck() checks the content of X-Forwarded-For: against the followXFF ACL, or cleans up and passes control to clientAccessCheck().

The trust model here is a little ambiguous. So to clarify the logic:

we may always use the direct client address as the client IP.
these trust tests merey tell whether we trust given IP enough to believe the IP string which it appended to the X-Forwarded-For: header.
if at any point we don't trust what an IP adds we stop looking.
at that point the current contents of indirect_client_addr are the value set by the last previously trusted IP. ++ indirect_client_addr contains the remote direct client from the trusted peers viewpoint.

Definition at line 440 of file client_side_request.cc.

References SquidConfig::accessList, ClientRequestContext::acl_checklist, SquidConfig::acl_uses_indirect_client, addr, ClientHttpRequest::al, Acl::Answer::allowed(), AccessLogEntry::cache, AccessLogEntry::CacheDetails::caddr, ClientHttpRequest::calloutContext, String::clean(), ClientRequestContext::clientAccessCheck(), clientAclChecklistCreate(), Config, Acl::Answer::conflicted(), conn, String::cut(), DBG_CRITICAL, debugs, RequestFlags::done_follow_x_forwarded_for, Filled(), HttpRequest::flags, SquidConfig::followXFF, ClientHttpRequest::getConn(), ClientRequestContext::http, ClientRequestContext::httpStateIsValid(), HttpRequest::indirect_client_addr, SquidConfig::log_uses_indirect_client, ACLChecklist::nonBlockingCheck(), SquidConfig::onoff, p, ClientHttpRequest::request, String::size(), ACLFilledChecklist::src_addr, String::termedBuf(), HttpRequest::x_forwarded_for_iterator, and xisspace.