On 05/24/2013 05:58 PM, Alex Rousskov wrote:
> When talking to a cache_peer (i.e., sending a CONNECT request before
> tunneling the transaction), tunnel code is using a clever hack: Squid
> does not parse the CONNECT response from peer but blindly forwards it to
> the client. This works great and simplifies code a lot, except when the
> client connection was intercepted and, hence, the client did not send a
> CONNECT request and is not expecting a CONNECT response.
>
> In those situations, the patch accumulates, parses, and strips the peer
> CONNECT response (or closes connection on errors).
>
> The existing tunnel I/O code is too simple to accommodate that task --
> it cannot accumulate read data (its I/O buffers work in lockstep
> fashion, writing everything it reads before reading again). Instead of
> rewriting the entire tunnel code to use more complex buffers, I added a
> temporary accumulation buffer for the CONNECT response. That buffer is
> not allocated unless it is needed and does not grow beyond
> SQUID_TCP_SO_RCVBUF size, just like the simple buffers.
I will commit this fix shortly unless there are last-minute objections.
Thank you,
Alex.
Received on Fri Jun 07 2013 - 16:45:21 MDT
This archive was generated by hypermail 2.2.0 : Tue Jun 11 2013 - 12:00:37 MDT