#include "squid.h"
#include "acl/FilledChecklist.h"
#include "acl/Gadgets.h"
#include "anyp/PortCfg.h"
#include "base/AsyncJobCalls.h"
#include "client_side.h"
#include "client_side_reply.h"
#include "client_side_request.h"
#include "ClientRequestContext.h"
#include "clientStream.h"
#include "comm/Connection.h"
#include "comm/Write.h"
#include "error/Detail.h"
#include "errorpage.h"
#include "fd.h"
#include "fde.h"
#include "format/Token.h"
#include "FwdState.h"
#include "helper.h"
#include "helper/Reply.h"
#include "http.h"
#include "http/Stream.h"
#include "HttpHdrCc.h"
#include "HttpReply.h"
#include "HttpRequest.h"
#include "internal.h"
#include "ip/NfMarkConfig.h"
#include "ip/QosConfig.h"
#include "ipcache.h"
#include "log/access_log.h"
#include "MemObject.h"
#include "Parsing.h"
#include "proxyp/Header.h"
#include "redirect.h"
#include "rfc1738.h"
#include "sbuf/StringConvert.h"
#include "SquidConfig.h"
#include "Store.h"
#include "StrList.h"
#include "tools.h"
#include "wordlist.h"
#include "auth/UserRequest.h"
#include "adaptation/AccessCheck.h"
#include "adaptation/Answer.h"
#include "adaptation/Iterator.h"
#include "adaptation/Service.h"
#include "adaptation/icap/History.h"
#include "ssl/ServerBump.h"
#include "ssl/support.h"

Include dependency graph for client_side_request.cc:

Macros
#define	FAILURE_MODE_TIME 300

Functions
static void	clientFollowXForwardedForCheck (Acl::Answer answer, void *data)

ErrorState *	clientBuildError (err_type, Http::StatusCode, char const url, const ConnStateData , HttpRequest *, const AccessLogEntry::Pointer &)

static void	clientAccessCheckDoneWrapper (Acl::Answer, void *)

static void	sslBumpAccessCheckDoneWrapper (Acl::Answer, void *)

static int	clientHierarchical (ClientHttpRequest *http)

static void	clientInterpretRequestHeaders (ClientHttpRequest *http)

static void	checkNoCacheDoneWrapper (Acl::Answer, void *)

static void	checkFailureRatio (err_type, hier_code)

int	clientBeginRequest (const HttpRequestMethod &method, char const url, CSCB streamcallback, CSD streamdetach, ClientStreamData streamdata, HttpHeader const header, char *tailbuf, size_t taillen, const MasterXaction::Pointer &mx)

static void	hostHeaderIpVerifyWrapper (const ipcache_addrs ia, const Dns::LookupDetails &dns, void data)

static void	clientRedirectAccessCheckDone (Acl::Answer answer, void *data)

static void	clientStoreIdAccessCheckDone (Acl::Answer answer, void *data)

static void	clientCheckPinning (ClientHttpRequest *http)

void	clientRedirectDoneWrapper (void *data, const Helper::Reply &result)

void	clientStoreIdDoneWrapper (void *data, const Helper::Reply &result)

static void	SslBumpEstablish (const Comm::ConnectionPointer &, char , size_t, Comm::Flag errflag, int, void data)

Variables
static HLPCB	clientRedirectDoneWrapper

static HLPCB	clientStoreIdDoneWrapper

SQUIDCEXTERN CSR	clientGetMoreData

SQUIDCEXTERN CSS	clientReplyStatus

SQUIDCEXTERN CSD	clientReplyDetach

Macro Definition Documentation

◆ FAILURE_MODE_TIME

#define FAILURE_MODE_TIME 300

Function Documentation

◆ checkFailureRatio()

static void checkFailureRatio	(	err_type	etype,
		hier_code	hcode
	)

static

This function is designed to serve a fairly specific purpose. Occasionally our vBNS-connected caches can talk to each other, but not the rest of the world. Here we try to detect frequent failures which make the cache unusable (e.g. DNS lookup and connect() failures). If the failure:success ratio goes above 1.0 then we go into "hit only" mode where we only return UDP_HIT or UDP_MISS_NOFETCH. Neighbors will only fetch HITs from us if they are using the ICP protocol. We stay in this mode for 5 minutes.

Duane W., Sept 16, 1996

Definition at line 174 of file client_side_request.cc.

References Config, DBG_CRITICAL, debugs, ERR_CONNECT_FAIL, ERR_DNS_FAIL, ERR_READ_ERROR, ERR_SECURE_CONNECT_FAIL, FAILURE_MODE_TIME, HIER_NONE, hit_only_mode_until, SquidConfig::icp, SquidConfig::Port, request_failure_ratio, and squid_curtime.

Referenced by ClientHttpRequest::~ClientHttpRequest().

◆ checkNoCacheDoneWrapper()

static void checkNoCacheDoneWrapper	(	Acl::Answer	answer,
		void *	data
	)

static

Definition at line 1322 of file client_side_request.cc.

References ClientRequestContext::checkNoCacheDone(), and ClientRequestContext::httpStateIsValid().

Referenced by ClientRequestContext::checkNoCache().

◆ clientAccessCheckDoneWrapper()

void clientAccessCheckDoneWrapper	(	Acl::Answer	answer,
		void *	data
	)

static

Definition at line 690 of file client_side_request.cc.

References ClientRequestContext::clientAccessCheckDone(), and ClientRequestContext::httpStateIsValid().

Referenced by ClientRequestContext::clientAccessCheck(), and ClientRequestContext::clientAccessCheck2().

◆ clientBeginRequest()

int clientBeginRequest	(	const HttpRequestMethod &	method,
		char const *	url,
		CSCB *	streamcallback,
		CSD *	streamdetach,
		ClientStreamData	streamdata,
		HttpHeader const *	header,
		char *	tailbuf,
		size_t	taillen,
		const MasterXaction::Pointer &	mx
	)

Create a request and kick it off

Return values

0	success
-1	failure

TODO: Pass in the buffers to be used in the initial Read request, as they are determined by the user

Definition at line 277 of file client_side_request.cc.

Referenced by ESIInclude::Start().

◆ clientBuildError()

ErrorState * clientBuildError	(	err_type	page_id,
		Http::StatusCode	status,
		char const *	url,
		const ConnStateData *	conn,
		HttpRequest *	request,
		const AccessLogEntry::Pointer &	al
	)

Definition at line 2134 of file client_side_reply.cc.

Referenced by ClientHttpRequest::calloutsError(), and ClientRequestContext::clientAccessCheckDone().

◆ clientCheckPinning()

static void clientCheckPinning ( ClientHttpRequest * http )

static

◆ clientFollowXForwardedForCheck()

static void clientFollowXForwardedForCheck	(	Acl::Answer	answer,
		void *	data
	)

static

clientFollowXForwardedForCheck() checks the content of X-Forwarded-For: against the followXFF ACL, or cleans up and passes control to clientAccessCheck().

The trust model here is a little ambiguous. So to clarify the logic:

we may always use the direct client address as the client IP.
these trust tests merey tell whether we trust given IP enough to believe the IP string which it appended to the X-Forwarded-For: header.
if at any point we don't trust what an IP adds we stop looking.
at that point the current contents of indirect_client_addr are the value set by the last previously trusted IP. ++ indirect_client_addr contains the remote direct client from the trusted peers viewpoint.

Definition at line 393 of file client_side_request.cc.

References SquidConfig::accessList, ClientRequestContext::acl_checklist, SquidConfig::acl_uses_indirect_client, ClientHttpRequest::al, Acl::Answer::allowed(), AccessLogEntry::cache, AccessLogEntry::CacheDetails::caddr, String::clean(), ClientRequestContext::clientAccessCheck(), clientAclChecklistCreate(), clientFollowXForwardedForCheck(), Config, Acl::Answer::conflicted(), conn, String::cut(), DBG_CRITICAL, debugs, RequestFlags::done_follow_x_forwarded_for, Filled(), HttpRequest::flags, SquidConfig::followXFF, ClientHttpRequest::getConn(), ClientRequestContext::http, ClientRequestContext::httpStateIsValid(), HttpRequest::indirect_client_addr, SquidConfig::log_uses_indirect_client, ACLChecklist::nonBlockingCheck(), SquidConfig::onoff, ClientHttpRequest::request, String::size(), ACLFilledChecklist::src_addr, String::termedBuf(), HttpRequest::x_forwarded_for_iterator, and xisspace.