On Tue, Mar 13, 2007, Steven wrote:
> /* Parse the request line */
> ret = httpMsgParseRequestLine(hmsg);
> - if (ret == -1)
> - return parseHttpRequestAbort(conn, "error:invalid-request");
> + if (ret == -1) {
> + /* If this is a transparent request that has been natted, try converting
> + it to a CONNECT request */
> + if(conn->port->transparent && clientNatLookup(conn) == 0) {
> + conn->transparent = 1;
> +
> + /* Create a dummy URL for the connect request */
> + snprintf(url,MAX_URL-1,"%s:80",inet_ntoa(conn->me.sin_addr));
> +
> + http = cbdataAlloc(clientHttpRequest);
> + http->conn = conn;
> + http->start = current_time;
> + http->req_sz = conn->in.offset;
> + http->uri = xstrdup(url);
> + http->range_iter.boundary = StringNull;
> + httpBuildVersion(&http->http_ver, 1, 0);
> + dlinkAdd(http, &http->active, &ClientActiveRequests);
> +
> + *method_p = METHOD_CONNECT;
> + *status = 0;
> +
> + return http;
> + } else {
> + return parseHttpRequestAbort(conn, "error:invalid-request");
> + }
> + }
> if (ret == 0) {
> debug(33, 5) ("Incomplete request, waiting for end of request line\n");
> *status = 0;
This bit is clever! Don't use a CONNECT to port 80 though; try to find out which port
it was connecting to in the first place and append that. It won't always be port 80.
(Imagine if someone wanted to feed more than just port 80 through Squid transparently;
the current code handles that.)
Make this configurable though. You don't want to allow people to tunnel non-resolvable
stuff through without the administrator explicitly deciding to.
> void
> commConnectStart(int fd, const char *host, u_short port, CNCB * callback, void *data)
> {
> - ConnectStateData *cs;
> debug(5, 3) ("commConnectStart: FD %d, %s:%d\n", fd, host, (int) port);
> + commConnectStart2(fd, host, port, callback, data, NULL);
> +}
Nah, just extend commConnectStart() and don't bother with the commConnectStart2() stuff.
I admit I'm guilty of this kind of thing but it should only be temporary; never
permanent.
Nice work though!
Adrian
Received on Tue Mar 13 2007 - 00:04:25 MDT
This archive was generated by hypermail pre-2.1.9 : Sun Apr 01 2007 - 12:00:01 MDT