src/FwdState.h

   1 #ifndef SQUID_FORWARD_H
   2 #define SQUID_FORWARD_H
   3
   4 #include "base/RefCount.h"
   5 #include "comm.h"
   6 #include "comm/Connection.h"
   7 #include "err_type.h"
   8 #include "fde.h"
   9 #include "http/StatusCode.h"
  10 #include "ip/Address.h"
  11 #if USE_OPENSSL
  12 #include "ssl/support.h"
  13 #endif
  14
  15 /* forward decls */
  16
  17 class AccessLogEntry;
  18 typedef RefCount<AccessLogEntry> AccessLogEntryPointer;
  19 class ErrorState;
  20 class HttpRequest;
  21
  22 #if USE_OPENSSL
  23 namespace Ssl
  24 {
  25 class ErrorDetail;
  26 class CertValidationResponse;
  27 };
  28 #endif
  29
  30 /**
  31  * Returns the TOS value that we should be setting on the connection
  32  * to the server, based on the ACL.
  33  */
  34 tos_t GetTosToServer(HttpRequest * request);
  35
  36 /**
  37  * Returns the Netfilter mark value that we should be setting on the
  38  * connection to the server, based on the ACL.
  39  */
  40 nfmark_t GetNfmarkToServer(HttpRequest * request);
  41
  42 class HelperReply;
  43
  44 class FwdState : public RefCountable
  45 {
  46 public:
  47     typedef RefCount<FwdState> Pointer;
  48     ~FwdState();
  49     static void initModule();
  50
  51     /// Initiates request forwarding to a peer or origin server.
  52     static void Start(const Comm::ConnectionPointer &client, StoreEntry *, HttpRequest *, const AccessLogEntryPointer &alp);
  53     /// Same as Start() but no master xaction info (AccessLogEntry) available.
  54     static void fwdStart(const Comm::ConnectionPointer &client, StoreEntry *, HttpRequest *);
  55
  56     /// This is the real beginning of server connection. Call it whenever
  57     /// the forwarding server destination has changed and a new one needs to be opened.
  58     /// Produces the cannot-forward error on fail if no better error exists.
  59     void startConnectionOrFail();
  60
  61     void fail(ErrorState *err);
  62     void unregister(Comm::ConnectionPointer &conn);
  63     void unregister(int fd);
  64     void complete();
  65     void handleUnregisteredServerEnd();
  66     int reforward();
  67     bool reforwardableStatus(const Http::StatusCode s) const;
  68     void serverClosed(int fd);
  69     void connectStart();
  70     void connectDone(const Comm::ConnectionPointer & conn, comm_err_t status, int xerrno);
  71     void connectTimeout(int fd);
  72     void initiateSSL();
  73     void negotiateSSL(int fd);
  74     bool checkRetry();
  75     bool checkRetriable();
  76     void dispatch();
  77     void pconnPush(Comm::ConnectionPointer & conn, const char *domain);
  78
  79     bool dontRetry() { return flags.dont_retry; }
  80
  81     void dontRetry(bool val) { flags.dont_retry = val; }
  82
  83     /** return a ConnectionPointer to the current server connection (may or may not be open) */
  84     Comm::ConnectionPointer const & serverConnection() const { return serverConn; };
  85
  86 #if USE_OPENSSL
  87     /// Callback function called when squid receive message from cert validator helper
  88     static void sslCrtvdHandleReplyWrapper(void *data, Ssl::CertValidationResponse const &);
  89     /// Process response from cert validator helper
  90     void sslCrtvdHandleReply(Ssl::CertValidationResponse const &);
  91     /// Check SSL errors returned from cert validator against sslproxy_cert_error access list
  92     Ssl::CertErrors *sslCrtvdCheckForErrors(Ssl::CertValidationResponse const &, Ssl::ErrorDetail *&);
  93 #endif
  94 private:
  95     // hidden for safer management of self; use static fwdStart
  96     FwdState(const Comm::ConnectionPointer &client, StoreEntry *, HttpRequest *, const AccessLogEntryPointer &alp);
  97     void start(Pointer aSelf);
  98
  99 #if STRICT_ORIGINAL_DST
 100     void selectPeerForIntercepted();
 101 #endif
 102     static void logReplyStatus(int tries, const Http::StatusCode status);
 103     void doneWithRetries();
 104     void completed();
 105     void retryOrBail();
 106     ErrorState *makeConnectingError(const err_type type) const;
 107     static void RegisterWithCacheManager(void);
 108
 109 public:
 110     StoreEntry *entry;
 111     HttpRequest *request;
 112     AccessLogEntryPointer al; ///< info for the future access.log entry
 113
 114     static void abort(void*);
 115
 116 private:
 117     Pointer self;
 118     ErrorState *err;
 119     Comm::ConnectionPointer clientConn;        ///< a possibly open connection to the client.
 120     time_t start_t;
 121     int n_tries;
 122
 123     // AsyncCalls which we set and may need cancelling.
 124     struct {
 125         AsyncCall::Pointer connector;  ///< a call linking us to the ConnOpener producing serverConn.
 126     } calls;
 127
 128     struct {
 129         bool connected_okay; ///< TCP link ever opened properly. This affects retry of POST,PUT,CONNECT,etc
 130         bool dont_retry;
 131         bool forward_completed;
 132     } flags;
 133
 134     /** connections to open, in order, until successful */
 135     Comm::ConnectionList serverDestinations;
 136
 137     Comm::ConnectionPointer serverConn; ///< a successfully opened connection to a server.
 138
 139     /// possible pconn race states
 140     typedef enum { raceImpossible, racePossible, raceHappened } PconnRace;
 141     PconnRace pconnRace; ///< current pconn race state
 142
 143     // NP: keep this last. It plays with private/public
 144     CBDATA_CLASS2(FwdState);
 145 };
 146
 147 void getOutgoingAddress(HttpRequest * request, Comm::ConnectionPointer conn);
 148
 149 #endif /* SQUID_FORWARD_H */