#include "squid.h"#include "acl/FilledChecklist.h"#include "acl/Gadgets.h"#include "anyp/PortCfg.h"#include "base/AsyncJobCalls.h"#include "client_side.h"#include "client_side_reply.h"#include "client_side_request.h"#include "ClientRequestContext.h"#include "clientStream.h"#include "comm/Connection.h"#include "comm/Write.h"#include "debug/Messages.h"#include "error/Detail.h"#include "errorpage.h"#include "fd.h"#include "fde.h"#include "format/Token.h"#include "FwdState.h"#include "helper.h"#include "helper/Reply.h"#include "http.h"#include "http/Stream.h"#include "HttpHdrCc.h"#include "HttpReply.h"#include "HttpRequest.h"#include "internal.h"#include "ip/NfMarkConfig.h"#include "ip/QosConfig.h"#include "ipcache.h"#include "log/access_log.h"#include "MemObject.h"#include "Parsing.h"#include "proxyp/Header.h"#include "redirect.h"#include "rfc1738.h"#include "sbuf/StringConvert.h"#include "SquidConfig.h"#include "Store.h"#include "StrList.h"#include "tools.h"#include "wordlist.h"#include "auth/UserRequest.h"#include "adaptation/AccessCheck.h"#include "adaptation/Answer.h"#include "adaptation/Iterator.h"#include "adaptation/Service.h"#include "adaptation/icap/History.h"#include "ssl/ServerBump.h"#include "ssl/support.h"Go to the source code of this file.
Macros | |
| #define | SQUID_X_FORWARDED_FOR_HOP_MAX 64 |
| #define | FAILURE_MODE_TIME 300 |
Variables | |
| static HLPCB | clientRedirectDoneWrapper |
| static HLPCB | clientStoreIdDoneWrapper |
| CSR | clientGetMoreData |
| CSS | clientReplyStatus |
| CSD | clientReplyDetach |
Macro Definition Documentation
◆ FAILURE_MODE_TIME
| #define FAILURE_MODE_TIME 300 |
◆ SQUID_X_FORWARDED_FOR_HOP_MAX
| #define SQUID_X_FORWARDED_FOR_HOP_MAX 64 |
Definition at line 81 of file client_side_request.cc.
Function Documentation
◆ checkFailureRatio()
This function is designed to serve a fairly specific purpose. Occasionally our vBNS-connected caches can talk to each other, but not the rest of the world. Here we try to detect frequent failures which make the cache unusable (e.g. DNS lookup and connect() failures). If the failure:success ratio goes above 1.0 then we go into "hit only" mode where we only return UDP_HIT or UDP_MISS_NOFETCH. Neighbors will only fetch HITs from us if they are using the ICP protocol. We stay in this mode for 5 minutes.
Duane W., Sept 16, 1996
Definition at line 179 of file client_side_request.cc.
References Config, DBG_CRITICAL, debugs, ERR_CONNECT_FAIL, ERR_DNS_FAIL, ERR_READ_ERROR, ERR_SECURE_CONNECT_FAIL, FAILURE_MODE_TIME, HIER_NONE, hit_only_mode_until, SquidConfig::icp, SquidConfig::Port, request_failure_ratio, and squid_curtime.
Referenced by ClientHttpRequest::~ClientHttpRequest().
◆ checkNoCacheDoneWrapper()
|
static |
Definition at line 1225 of file client_side_request.cc.
References ClientRequestContext::checkNoCacheDone(), and ClientRequestContext::httpStateIsValid().
Referenced by ClientRequestContext::checkNoCache().
◆ clientAccessCheckDoneWrapper()
|
static |
Definition at line 607 of file client_side_request.cc.
References ClientRequestContext::clientAccessCheckDone(), and ClientRequestContext::httpStateIsValid().
Referenced by ClientRequestContext::clientAccessCheck(), and ClientRequestContext::clientAccessCheck2().
◆ clientBuildError()
| ErrorState* clientBuildError | ( | err_type | , |
| Http::StatusCode | , | ||
| char const * | url, | ||
| const ConnStateData * | , | ||
| HttpRequest * | , | ||
| const AccessLogEntry::Pointer & | |||
| ) |
Definition at line 2117 of file client_side_reply.cc.
References Server::clientConnection, Ip::Address::NoAddr(), Comm::Connection::remote, and xstrdup.
Referenced by ClientHttpRequest::calloutsError(), ClientRequestContext::clientAccessCheckDone(), clientReplyContext::processMiss(), clientReplyContext::processOnlyIfCachedMiss(), clientReplyContext::processReplyAccessResult(), clientReplyContext::purgeDoPurge(), clientReplyContext::purgeRequest(), clientReplyContext::sendBodyTooLargeError(), clientReplyContext::sendPreconditionFailedError(), and clientReplyContext::setReplyToError().
◆ clientCheckPinning()
|
static |
Definition at line 826 of file client_side_request.cc.
References assert, RequestFlags::auth, ConnStateData::auth, Http::AUTHORIZATION, HttpRequest::clientConnectionManager, RequestFlags::connectionAuth, RequestFlags::connectionAuthDisabled, RequestFlags::connectionProxyAuth, HttpRequest::flags, ClientHttpRequest::getConn(), HttpHeader::getEntry(), HttpHeader::has(), Http::Message::header, HttpHeaderInitPos, HttpHeaderEntry::id, Comm::IsConnOpen(), HttpRequest::pinnedConnection(), ConnStateData::pinning, ConnStateData::port, Http::PROXY_AUTHORIZATION, String::rawBuf(), ClientHttpRequest::request, ConnStateData::serverConnection, and HttpHeaderEntry::value.
Referenced by clientInterpretRequestHeaders().
◆ clientFollowXForwardedForCheck()
|
static |
clientFollowXForwardedForCheck() checks the content of X-Forwarded-For: against the followXFF ACL, or cleans up and passes control to clientAccessCheck().
The trust model here is a little ambiguous. So to clarify the logic:
- we may always use the direct client address as the client IP.
- these trust tests merey tell whether we trust given IP enough to believe the IP string which it appended to the X-Forwarded-For: header.
- if at any point we don't trust what an IP adds we stop looking.
- at that point the current contents of indirect_client_addr are the value set by the last previously trusted IP. ++ indirect_client_addr contains the remote direct client from the trusted peers viewpoint.
Definition at line 302 of file client_side_request.cc.
References SquidConfig::accessList, SquidConfig::acl_uses_indirect_client, ClientHttpRequest::al, Acl::Answer::allowed(), String::clean(), ClientRequestContext::clientAccessCheck(), clientAclChecklistCreate(), Config, Acl::Answer::conflicted(), ClientRequestContext::currentXffHopNumber, String::cut(), DBG_CRITICAL, debugs, RequestFlags::done_follow_x_forwarded_for, Debug::Extra(), HttpRequest::flags, SquidConfig::followXFF, ClientHttpRequest::getConn(), Http::HeaderLookupTable, ClientRequestContext::http, ClientRequestContext::httpStateIsValid(), HttpRequest::indirect_client_addr, SquidConfig::log_uses_indirect_client, Http::HeaderLookupTable_t::lookup(), Http::HeaderTableRecord::name, ACLFilledChecklist::NonBlockingCheck(), SquidConfig::onoff, ClientHttpRequest::request, String::size(), SQUID_X_FORWARDED_FOR_HOP_MAX, String::termedBuf(), Http::X_FORWARDED_FOR, HttpRequest::x_forwarded_for_iterator, and xisspace.
Referenced by ClientRequestContext::clientAccessCheck().
◆ clientHierarchical()
|
static |
Definition at line 786 of file client_side_request.cc.
References RequestFlags::auth, HttpRequest::flags, AnyP::Uri::getScheme(), RequestFlags::hostVerified, RequestFlags::ims, RequestFlags::intercepted, RequestFlags::interceptTproxy, RequestFlags::loopDetected, HttpRequest::method, Http::METHOD_GET, Http::METHOD_TRACE, neighbors_do_private_keys, AnyP::PROTO_HTTP, ClientHttpRequest::request, HttpRequestMethod::respMaybeCacheable(), and HttpRequest::url.
Referenced by clientInterpretRequestHeaders().
◆ clientInterpretRequestHeaders()
|
static |
Definition at line 887 of file client_side_request.cc.
References SquidConfig::Accel, RequestFlags::accelerated, RequestFlags::auth, Http::AUTHORIZATION, RequestFlags::cachable, Http::Message::cache_control, Http::CDN_LOOP, String::clean(), ClientHttpRequest::client_stream, clientCheckPinning(), clientHierarchical(), Config, dlink_node::data, DBG_IMPORTANT, debugObj(), debugs, HttpHeader::delById(), HttpRequest::flags, fvdbCountForwarded(), fvdbCountVia(), HttpHeader::getList(), HttpHeader::getRange(), HttpHeader::getTime(), HttpHeader::has(), HttpHeader::hasListMember(), HttpHdrCc::hasNoCache(), Http::Message::header, RequestFlags::hierarchical, httpRequestPack(), Http::IF_MODIFIED_SINCE, RequestFlags::ignoreCc, HttpRequest::ignoreRange(), RequestFlags::ims, HttpRequest::ims, HttpRequest::imslen, RequestFlags::isRanged, RequestFlags::loopDetected, HttpHdrRange::lowestOffset(), HttpRequest::maybeCacheable(), HttpRequest::method, Http::METHOD_GET, Http::METHOD_HEAD, Http::METHOD_OTHER, RequestFlags::noCache, RequestFlags::nocacheHack, SquidConfig::onoff, Http::PRAGMA, Http::RANGE, HttpRequest::range, refresh_nocache_hack, SquidConfig::reload_into_ims, ClientHttpRequest::request, Http::REQUEST_RANGE, StringToSBuf(), strListIsSubstr(), SupportOrVeto::support(), SquidConfig::surrogate_id, dlink_list::tail, ThisCache2, HttpRequest::url, AnyP::Uri::userInfo(), SupportOrVeto::veto(), Http::VIA, and Http::X_FORWARDED_FOR.
Referenced by ClientHttpRequest::doCallouts().
◆ clientRedirectAccessCheckDone()
|
static |
Definition at line 724 of file client_side_request.cc.
References Acl::Answer::allowed(), ClientRequestContext::clientRedirectDone(), clientRedirectDoneWrapper, Helper::Error, ClientRequestContext::http, and redirectStart().
Referenced by ClientRequestContext::clientRedirectStart().
◆ clientRedirectDoneWrapper()
| void clientRedirectDoneWrapper | ( | void * | data, |
| const Helper::Reply & | result | ||
| ) |
Definition at line 1024 of file client_side_request.cc.
References ClientRequestContext::clientRedirectDone(), and ClientRequestContext::httpStateIsValid().
◆ clientStoreIdAccessCheckDone()
|
static |
This methods handles Access checks result of StoreId access list. Will handle as "ERR" (no change) in a case Access is not allowed.
Definition at line 754 of file client_side_request.cc.
References Acl::Answer::allowed(), ClientRequestContext::clientStoreIdDone(), clientStoreIdDoneWrapper, debugs, Helper::Error, ClientRequestContext::http, and storeIdStart().
Referenced by ClientRequestContext::clientStoreIdStart().
◆ clientStoreIdDoneWrapper()
| void clientStoreIdDoneWrapper | ( | void * | data, |
| const Helper::Reply & | result | ||
| ) |
Definition at line 1035 of file client_side_request.cc.
References ClientRequestContext::clientStoreIdDone(), and ClientRequestContext::httpStateIsValid().
◆ hostHeaderIpVerifyWrapper()
|
static |
Definition at line 387 of file client_side_request.cc.
References ClientRequestContext::hostHeaderIpVerify().
Referenced by ClientRequestContext::hostHeaderVerify().
◆ sslBumpAccessCheckDoneWrapper()
|
static |
A wrapper function to use the ClientRequestContext::sslBumpAccessCheckDone method as ACLFilledChecklist callback
Definition at line 1321 of file client_side_request.cc.
References ClientRequestContext::httpStateIsValid(), and ClientRequestContext::sslBumpAccessCheckDone().
Referenced by ClientRequestContext::sslBumpAccessCheck().
◆ SslBumpEstablish()
|
static |
Definition at line 1408 of file client_side_request.cc.
References assert, cbdataReferenceValid(), debugs, and ClientHttpRequest::sslBumpEstablish().
Referenced by ClientHttpRequest::sslBumpStart().
Variable Documentation
◆ clientGetMoreData
| CSR clientGetMoreData |
Definition at line 102 of file client_side_request.cc.
Referenced by ClientHttpRequest::handleAdaptedHeader().
◆ clientRedirectDoneWrapper
|
static |
Definition at line 99 of file client_side_request.cc.
Referenced by clientRedirectAccessCheckDone(), and ClientRequestContext::clientRedirectStart().
◆ clientReplyDetach
| CSD clientReplyDetach |
Definition at line 104 of file client_side_request.cc.
◆ clientReplyStatus
| CSS clientReplyStatus |
Definition at line 103 of file client_side_request.cc.
◆ clientStoreIdDoneWrapper
|
static |
Definition at line 100 of file client_side_request.cc.
Referenced by clientStoreIdAccessCheckDone(), and ClientRequestContext::clientStoreIdStart().
Introduction
- About Squid
- Why Squid?
- Squid Developers
- How to Donate
- How to Help Out
- Getting Squid
- Squid Source Packages
- Squid Deployment Case-Studies
- Squid Software Foundation
Documentation
- Quick Setup
- Configuration:
- FAQ and Wiki
- Guide Books:
- Non-English
- More...
Support
- Security Advisories
- Bugzilla Database
- Mailing lists
- Contacting us
- Commercial services
- Project Sponsors
- Squid-based products