Hello,
When talking to a cache_peer (i.e., sending a CONNECT request before
tunneling the transaction), tunnel code is using a clever hack: Squid
does not parse the CONNECT response from peer but blindly forwards it to
the client. This works great and simplifies code a lot, except when the
client connection was intercepted and, hence, the client did not send a
CONNECT request and is not expecting a CONNECT response.
In those situations, the patch accumulates, parses, and strips the peer
CONNECT response (or closes connection on errors).
The existing tunnel I/O code is too simple to accommodate that task --
it cannot accumulate read data (its I/O buffers work in lockstep
fashion, writing everything it reads before reading again). Instead of
rewriting the entire tunnel code to use more complex buffers, I added a
temporary accumulation buffer for the CONNECT response. That buffer is
not allocated unless it is needed and does not grow beyond
SQUID_TCP_SO_RCVBUF size, just like the simple buffers.
Thank you,
Alex.
This archive was generated by hypermail 2.2.0 : Sat May 25 2013 - 12:00:26 MDT