]> git.ipfire.org Git - thirdparty/squid.git/blob - src/adaptation/icap/ModXact.cc
projects / thirdparty / squid.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Cleanup: refactor HttpRequest::urlpath member into class URL
[thirdparty/squid.git] / src / adaptation / icap / ModXact.cc
1 /*
2 * Copyright (C) 1996-2015 The Squid Software Foundation and contributors
3 *
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
7 */
8
9 /* DEBUG: section 93 ICAP (RFC 3507) Client */
10
11 #include "squid.h"
12 #include "AccessLogEntry.h"
13 #include "adaptation/Answer.h"
14 #include "adaptation/History.h"
15 #include "adaptation/icap/Client.h"
16 #include "adaptation/icap/Config.h"
17 #include "adaptation/icap/History.h"
18 #include "adaptation/icap/Launcher.h"
19 #include "adaptation/icap/ModXact.h"
20 #include "adaptation/icap/ServiceRep.h"
21 #include "adaptation/Initiator.h"
22 #include "auth/UserRequest.h"
23 #include "base/TextException.h"
24 #include "base64.h"
25 #include "comm.h"
26 #include "comm/Connection.h"
27 #include "err_detail_type.h"
28 #include "http/one/TeChunkedParser.h"
29 #include "HttpHeaderTools.h"
30 #include "HttpMsg.h"
31 #include "HttpReply.h"
32 #include "HttpRequest.h"
33 #include "SquidTime.h"
34 #include "URL.h"
35
36 // flow and terminology:
37 // HTTP| --> receive --> encode --> write --> |network
38 // end | <-- send <-- parse <-- read <-- |end
39
40 // TODO: replace gotEncapsulated() with something faster; we call it often
41
42 CBDATA_NAMESPACED_CLASS_INIT(Adaptation::Icap, ModXact);
43 CBDATA_NAMESPACED_CLASS_INIT(Adaptation::Icap, ModXactLauncher);
44
45 static const size_t TheBackupLimit = BodyPipe::MaxCapacity;
46
47 Adaptation::Icap::ModXact::State::State()
48 {
49 memset(this, 0, sizeof(*this));
50 }
51
52 Adaptation::Icap::ModXact::ModXact(HttpMsg *virginHeader,
53 HttpRequest *virginCause, AccessLogEntry::Pointer &alp, Adaptation::Icap::ServiceRep::Pointer &aService):
54 AsyncJob("Adaptation::Icap::ModXact"),
55 Adaptation::Icap::Xaction("Adaptation::Icap::ModXact", aService),
56 virginConsumed(0),
57 bodyParser(NULL),
58 canStartBypass(false), // too early
59 protectGroupBypass(true),
60 replyHttpHeaderSize(-1),
61 replyHttpBodySize(-1),
62 adaptHistoryId(-1),
63 alMaster(alp)
64 {
65 assert(virginHeader);
66
67 virgin.setHeader(virginHeader); // sets virgin.body_pipe if needed
68 virgin.setCause(virginCause); // may be NULL
69
70 // adapted header and body are initialized when we parse them
71
72 // writing and reading ends are handled by Adaptation::Icap::Xaction
73
74 // encoding
75 // nothing to do because we are using temporary buffers
76
77 // parsing; TODO: do not set until we parse, see ICAPOptXact
78 icapReply = new HttpReply;
79 icapReply->protoPrefix = "ICAP/"; // TODO: make an IcapReply class?
80
81 debugs(93,7, HERE << "initialized." << status());
82 }
83
84 // initiator wants us to start
85 void Adaptation::Icap::ModXact::start()
86 {
87 Adaptation::Icap::Xaction::start();
88
89 // reserve an adaptation history slot (attempts are known at this time)
90 Adaptation::History::Pointer ah = virginRequest().adaptLogHistory();
91 if (ah != NULL)
92 adaptHistoryId = ah->recordXactStart(service().cfg().key, icap_tr_start, attempts > 1);
93
94 estimateVirginBody(); // before virgin disappears!
95
96 canStartBypass = service().cfg().bypass;
97
98 // it is an ICAP violation to send request to a service w/o known OPTIONS
99 // and the service may is too busy for us: honor Max-Connections and such
100 if (service().up() && service().availableForNew())
101 startWriting();
102 else
103 waitForService();
104 }
105
106 void Adaptation::Icap::ModXact::waitForService()
107 {
108 const char *comment;
109 Must(!state.serviceWaiting);
110
111 if (!service().up()) {
112 AsyncCall::Pointer call = JobCallback(93,5,
113 ConnWaiterDialer, this, Adaptation::Icap::ModXact::noteServiceReady);
114
115 service().callWhenReady(call);
116 comment = "to be up";
117 } else {
118 //The service is unavailable because of max-connection or other reason
119
120 if (service().cfg().onOverload != srvWait) {
121 // The service is overloaded, but waiting to be available prohibited by
122 // user configuration (onOverload is set to "block" or "bypass")
123 if (service().cfg().onOverload == srvBlock)
124 disableBypass("not available", true);
125 else //if (service().cfg().onOverload == srvBypass)
126 canStartBypass = true;
127
128 disableRetries();
129 disableRepeats("ICAP service is not available");
130
131 debugs(93, 7, HERE << "will not wait for the service to be available" <<
132 status());
133
134 throw TexcHere("ICAP service is not available");
135 }
136
137 AsyncCall::Pointer call = JobCallback(93,5,
138 ConnWaiterDialer, this, Adaptation::Icap::ModXact::noteServiceAvailable);
139 service().callWhenAvailable(call, state.waitedForService);
140 comment = "to be available";
141 }
142
143 debugs(93, 7, HERE << "will wait for the service " << comment << status());
144 state.serviceWaiting = true; // after callWhenReady() which may throw
145 state.waitedForService = true;
146 }
147
148 void Adaptation::Icap::ModXact::noteServiceReady()
149 {
150 Must(state.serviceWaiting);
151 state.serviceWaiting = false;
152
153 if (!service().up()) {
154 disableRetries();
155 disableRepeats("ICAP service is unusable");
156 throw TexcHere("ICAP service is unusable");
157 }
158
159 if (service().availableForOld())
160 startWriting();
161 else
162 waitForService();
163 }
164
165 void Adaptation::Icap::ModXact::noteServiceAvailable()
166 {
167 Must(state.serviceWaiting);
168 state.serviceWaiting = false;
169
170 if (service().up() && service().availableForOld())
171 startWriting();
172 else
173 waitForService();
174 }
175
176 void Adaptation::Icap::ModXact::startWriting()
177 {
178 state.writing = State::writingConnect;
179
180 decideOnPreview(); // must be decided before we decideOnRetries
181 decideOnRetries();
182
183 openConnection();
184 }
185
186 // connection with the ICAP service established
187 void Adaptation::Icap::ModXact::handleCommConnected()
188 {
189 Must(state.writing == State::writingConnect);
190
191 startReading(); // wait for early errors from the ICAP server
192
193 MemBuf requestBuf;
194 requestBuf.init();
195
196 makeRequestHeaders(requestBuf);
197 debugs(93, 9, HERE << "will write" << status() << ":\n" <<
198 (requestBuf.terminate(), requestBuf.content()));
199
200 // write headers
201 state.writing = State::writingHeaders;
202 icap_tio_start = current_time;
203 scheduleWrite(requestBuf);
204 }
205
206 void Adaptation::Icap::ModXact::handleCommWrote(size_t sz)
207 {
208 debugs(93, 5, HERE << "Wrote " << sz << " bytes");
209
210 if (state.writing == State::writingHeaders)
211 handleCommWroteHeaders();
212 else
213 handleCommWroteBody();
214 }
215
216 void Adaptation::Icap::ModXact::handleCommWroteHeaders()
217 {
218 Must(state.writing == State::writingHeaders);
219
220 // determine next step
221 if (preview.enabled()) {
222 if (preview.done())
223 decideWritingAfterPreview("zero-size");
224 else
225 state.writing = State::writingPreview;
226 } else if (virginBody.expected()) {
227 state.writing = State::writingPrime;
228 } else {
229 stopWriting(true);
230 return;
231 }
232
233 writeMore();
234 }
235
236 void Adaptation::Icap::ModXact::writeMore()
237 {
238 debugs(93, 5, HERE << "checking whether to write more" << status());
239
240 if (writer != NULL) // already writing something
241 return;
242
243 switch (state.writing) {
244
245 case State::writingInit: // waiting for service OPTIONS
246 Must(state.serviceWaiting);
247
248 case State::writingConnect: // waiting for the connection to establish
249
250 case State::writingHeaders: // waiting for the headers to be written
251
252 case State::writingPaused: // waiting for the ICAP server response
253
254 case State::writingReallyDone: // nothing more to write
255 return;
256
257 case State::writingAlmostDone: // was waiting for the last write
258 stopWriting(false);
259 return;
260
261 case State::writingPreview:
262 writePreviewBody();
263 return;
264
265 case State::writingPrime:
266 writePrimeBody();
267 return;
268
269 default:
270 throw TexcHere("Adaptation::Icap::ModXact in bad writing state");
271 }
272 }
273
274 void Adaptation::Icap::ModXact::writePreviewBody()
275 {
276 debugs(93, 8, HERE << "will write Preview body from " <<
277 virgin.body_pipe << status());
278 Must(state.writing == State::writingPreview);
279 Must(virgin.body_pipe != NULL);
280
281 const size_t sizeMax = (size_t)virgin.body_pipe->buf().contentSize();
282 const size_t size = min(preview.debt(), sizeMax);
283 writeSomeBody("preview body", size);
284
285 // change state once preview is written
286
287 if (preview.done())
288 decideWritingAfterPreview("body");
289 }
290
291 /// determine state.writing after we wrote the entire preview
292 void Adaptation::Icap::ModXact::decideWritingAfterPreview(const char *kind)
293 {
294 if (preview.ieof()) // nothing more to write
295 stopWriting(true);
296 else if (state.parsing == State::psIcapHeader) // did not get a reply yet
297 state.writing = State::writingPaused; // wait for the ICAP server reply
298 else
299 stopWriting(true); // ICAP server reply implies no post-preview writing
300
301 debugs(93, 6, HERE << "decided on writing after " << kind << " preview" <<
302 status());
303 }
304
305 void Adaptation::Icap::ModXact::writePrimeBody()
306 {
307 Must(state.writing == State::writingPrime);
308 Must(virginBodyWriting.active());
309
310 const size_t size = (size_t)virgin.body_pipe->buf().contentSize();
311 writeSomeBody("prime virgin body", size);
312
313 if (virginBodyEndReached(virginBodyWriting)) {
314 debugs(93, 5, HERE << "wrote entire body");
315 stopWriting(true);
316 }
317 }
318
319 void Adaptation::Icap::ModXact::writeSomeBody(const char *label, size_t size)
320 {
321 Must(!writer && state.writing < state.writingAlmostDone);
322 Must(virgin.body_pipe != NULL);
323 debugs(93, 8, HERE << "will write up to " << size << " bytes of " <<
324 label);
325
326 MemBuf writeBuf; // TODO: suggest a min size based on size and lastChunk
327
328 writeBuf.init(); // note: we assume that last-chunk will fit
329
330 const size_t writableSize = virginContentSize(virginBodyWriting);
331 const size_t chunkSize = min(writableSize, size);
332
333 if (chunkSize) {
334 debugs(93, 7, HERE << "will write " << chunkSize <<
335 "-byte chunk of " << label);
336
337 openChunk(writeBuf, chunkSize, false);
338 writeBuf.append(virginContentData(virginBodyWriting), chunkSize);
339 closeChunk(writeBuf);
340
341 virginBodyWriting.progress(chunkSize);
342 virginConsume();
343 } else {
344 debugs(93, 7, HERE << "has no writable " << label << " content");
345 }
346
347 const bool wroteEof = virginBodyEndReached(virginBodyWriting);
348 bool lastChunk = wroteEof;
349 if (state.writing == State::writingPreview) {
350 preview.wrote(chunkSize, wroteEof); // even if wrote nothing
351 lastChunk = lastChunk || preview.done();
352 }
353
354 if (lastChunk) {
355 debugs(93, 8, HERE << "will write last-chunk of " << label);
356 addLastRequestChunk(writeBuf);
357 }
358
359 debugs(93, 7, HERE << "will write " << writeBuf.contentSize()
360 << " raw bytes of " << label);
361
362 if (writeBuf.hasContent()) {
363 scheduleWrite(writeBuf); // comm will free the chunk
364 } else {
365 writeBuf.clean();
366 }
367 }
368
369 void Adaptation::Icap::ModXact::addLastRequestChunk(MemBuf &buf)
370 {
371 const bool ieof = state.writing == State::writingPreview && preview.ieof();
372 openChunk(buf, 0, ieof);
373 closeChunk(buf);
374 }
375
376 void Adaptation::Icap::ModXact::openChunk(MemBuf &buf, size_t chunkSize, bool ieof)
377 {
378 buf.appendf((ieof ? "%x; ieof\r\n" : "%x\r\n"), (int) chunkSize);
379 }
380
381 void Adaptation::Icap::ModXact::closeChunk(MemBuf &buf)
382 {
383 buf.append(ICAP::crlf, 2); // chunk-terminating CRLF
384 }
385
386 const HttpRequest &Adaptation::Icap::ModXact::virginRequest() const
387 {
388 const HttpRequest *request = virgin.cause ?
389 virgin.cause : dynamic_cast<const HttpRequest*>(virgin.header);
390 Must(request);
391 return *request;
392 }
393
394 // did the activity reached the end of the virgin body?
395 bool Adaptation::Icap::ModXact::virginBodyEndReached(const Adaptation::Icap::VirginBodyAct &act) const
396 {
397 return
398 !act.active() || // did all (assuming it was originally planned)
399 !virgin.body_pipe->expectMoreAfter(act.offset()); // wont have more
400 }
401
402 // the size of buffered virgin body data available for the specified activity
403 // if this size is zero, we may be done or may be waiting for more data
404 size_t Adaptation::Icap::ModXact::virginContentSize(const Adaptation::Icap::VirginBodyAct &act) const
405 {
406 Must(act.active());
407 // asbolute start of unprocessed data
408 const uint64_t dataStart = act.offset();
409 // absolute end of buffered data
410 const uint64_t dataEnd = virginConsumed + virgin.body_pipe->buf().contentSize();
411 Must(virginConsumed <= dataStart && dataStart <= dataEnd);
412 return static_cast<size_t>(dataEnd - dataStart);
413 }
414
415 // pointer to buffered virgin body data available for the specified activity
416 const char *Adaptation::Icap::ModXact::virginContentData(const Adaptation::Icap::VirginBodyAct &act) const
417 {
418 Must(act.active());
419 const uint64_t dataStart = act.offset();
420 Must(virginConsumed <= dataStart);
421 return virgin.body_pipe->buf().content() + static_cast<size_t>(dataStart-virginConsumed);
422 }
423
424 void Adaptation::Icap::ModXact::virginConsume()
425 {
426 debugs(93, 9, HERE << "consumption guards: " << !virgin.body_pipe << isRetriable <<
427 isRepeatable << canStartBypass << protectGroupBypass);
428
429 if (!virgin.body_pipe)
430 return; // nothing to consume
431
432 if (isRetriable)
433 return; // do not consume if we may have to retry later
434
435 BodyPipe &bp = *virgin.body_pipe;
436 const bool wantToPostpone = isRepeatable || canStartBypass || protectGroupBypass;
437
438 // Why > 2? HttpState does not use the last bytes in the buffer
439 // because delayAwareRead() is arguably broken. See
440 // HttpStateData::maybeReadVirginBody for more details.
441 if (wantToPostpone && bp.buf().spaceSize() > 2) {
442 // Postponing may increase memory footprint and slow the HTTP side
443 // down. Not postponing may increase the number of ICAP errors
444 // if the ICAP service fails. We may also use "potential" space to
445 // postpone more aggressively. Should the trade-off be configurable?
446 debugs(93, 8, HERE << "postponing consumption from " << bp.status());
447 return;
448 }
449
450 const size_t have = static_cast<size_t>(bp.buf().contentSize());
451 const uint64_t end = virginConsumed + have;
452 uint64_t offset = end;
453
454 debugs(93, 9, HERE << "max virgin consumption offset=" << offset <<
455 " acts " << virginBodyWriting.active() << virginBodySending.active() <<
456 " consumed=" << virginConsumed <<
457 " from " << virgin.body_pipe->status());
458
459 if (virginBodyWriting.active())
460 offset = min(virginBodyWriting.offset(), offset);
461
462 if (virginBodySending.active())
463 offset = min(virginBodySending.offset(), offset);
464
465 Must(virginConsumed <= offset && offset <= end);
466
467 if (const size_t size = static_cast<size_t>(offset - virginConsumed)) {
468 debugs(93, 8, HERE << "consuming " << size << " out of " << have <<
469 " virgin body bytes");
470 bp.consume(size);
471 virginConsumed += size;
472 Must(!isRetriable); // or we should not be consuming
473 disableRepeats("consumed content");
474 disableBypass("consumed content", true);
475 }
476 }
477
478 void Adaptation::Icap::ModXact::handleCommWroteBody()
479 {
480 writeMore();
481 }
482
483 // Called when we do not expect to call comm_write anymore.
484 // We may have a pending write though.
485 // If stopping nicely, we will just wait for that pending write, if any.
486 void Adaptation::Icap::ModXact::stopWriting(bool nicely)
487 {
488 if (state.writing == State::writingReallyDone)
489 return;
490
491 if (writer != NULL) {
492 if (nicely) {
493 debugs(93, 7, HERE << "will wait for the last write" << status());
494 state.writing = State::writingAlmostDone; // may already be set
495 checkConsuming();
496 return;
497 }
498 debugs(93, 3, HERE << "will NOT wait for the last write" << status());
499
500 // Comm does not have an interface to clear the writer callback nicely,
501 // but without clearing the writer we cannot recycle the connection.
502 // We prevent connection reuse and hope that we can handle a callback
503 // call at any time, usually in the middle of the destruction sequence!
504 // Somebody should add comm_remove_write_handler() to comm API.
505 reuseConnection = false;
506 ignoreLastWrite = true;
507 }
508
509 debugs(93, 7, HERE << "will no longer write" << status());
510 if (virginBodyWriting.active()) {
511 virginBodyWriting.disable();
512 virginConsume();
513 }
514 state.writing = State::writingReallyDone;
515 checkConsuming();
516 }
517
518 void Adaptation::Icap::ModXact::stopBackup()
519 {
520 if (!virginBodySending.active())
521 return;
522
523 debugs(93, 7, HERE << "will no longer backup" << status());
524 virginBodySending.disable();
525 virginConsume();
526 }
527
528 bool Adaptation::Icap::ModXact::doneAll() const
529 {
530 return Adaptation::Icap::Xaction::doneAll() && !state.serviceWaiting &&
531 doneSending() &&
532 doneReading() && state.doneWriting();
533 }
534
535 void Adaptation::Icap::ModXact::startReading()
536 {
537 Must(haveConnection());
538 Must(!reader);
539 Must(!adapted.header);
540 Must(!adapted.body_pipe);
541
542 // we use the same buffer for headers and body and then consume headers
543 readMore();
544 }
545
546 void Adaptation::Icap::ModXact::readMore()
547 {
548 if (reader != NULL || doneReading()) {
549 debugs(93,3,HERE << "returning from readMore because reader or doneReading()");
550 return;
551 }
552
553 // do not fill readBuf if we have no space to store the result
554 if (adapted.body_pipe != NULL &&
555 !adapted.body_pipe->buf().hasPotentialSpace()) {
556 debugs(93,3,HERE << "not reading because ICAP reply pipe is full");
557 return;
558 }
559
560 if (readBuf.spaceSize())
561 scheduleRead();
562 else
563 debugs(93,3,HERE << "nothing to do because !readBuf.spaceSize()");
564 }
565
566 // comm module read a portion of the ICAP response for us
567 void Adaptation::Icap::ModXact::handleCommRead(size_t)
568 {
569 Must(!state.doneParsing());
570 icap_tio_finish = current_time;
571 parseMore();
572 readMore();
573 }
574
575 void Adaptation::Icap::ModXact::echoMore()
576 {
577 Must(state.sending == State::sendingVirgin);
578 Must(adapted.body_pipe != NULL);
579 Must(virginBodySending.active());
580
581 const size_t sizeMax = virginContentSize(virginBodySending);
582 debugs(93,5, HERE << "will echo up to " << sizeMax << " bytes from " <<
583 virgin.body_pipe->status());
584 debugs(93,5, HERE << "will echo up to " << sizeMax << " bytes to " <<
585 adapted.body_pipe->status());
586
587 if (sizeMax > 0) {
588 const size_t size = adapted.body_pipe->putMoreData(virginContentData(virginBodySending), sizeMax);
589 debugs(93,5, HERE << "echoed " << size << " out of " << sizeMax <<
590 " bytes");
591 virginBodySending.progress(size);
592 disableRepeats("echoed content");
593 disableBypass("echoed content", true);
594 virginConsume();
595 }
596
597 if (virginBodyEndReached(virginBodySending)) {
598 debugs(93, 5, HERE << "echoed all" << status());
599 stopSending(true);
600 } else {
601 debugs(93, 5, HERE << "has " <<
602 virgin.body_pipe->buf().contentSize() << " bytes " <<
603 "and expects more to echo" << status());
604 // TODO: timeout if virgin or adapted pipes are broken
605 }
606 }
607
608 bool Adaptation::Icap::ModXact::doneSending() const
609 {
610 return state.sending == State::sendingDone;
611 }
612
613 // stop (or do not start) sending adapted message body
614 void Adaptation::Icap::ModXact::stopSending(bool nicely)
615 {
616 debugs(93, 7, HERE << "Enter stop sending ");
617 if (doneSending())
618 return;
619 debugs(93, 7, HERE << "Proceed with stop sending ");
620
621 if (state.sending != State::sendingUndecided) {
622 debugs(93, 7, HERE << "will no longer send" << status());
623 if (adapted.body_pipe != NULL) {
624 virginBodySending.disable();
625 // we may leave debts if we were echoing and the virgin
626 // body_pipe got exhausted before we echoed all planned bytes
627 const bool leftDebts = adapted.body_pipe->needsMoreData();
628 stopProducingFor(adapted.body_pipe, nicely && !leftDebts);
629 }
630 } else {
631 debugs(93, 7, HERE << "will not start sending" << status());
632 Must(!adapted.body_pipe);
633 }
634
635 state.sending = State::sendingDone;
636 checkConsuming();
637 }
638
639 // should be called after certain state.writing or state.sending changes
640 void Adaptation::Icap::ModXact::checkConsuming()
641 {
642 // quit if we already stopped or are still using the pipe
643 if (!virgin.body_pipe || !state.doneConsumingVirgin())
644 return;
645
646 debugs(93, 7, HERE << "will stop consuming" << status());
647 stopConsumingFrom(virgin.body_pipe);
648 }
649
650 void Adaptation::Icap::ModXact::parseMore()
651 {
652 debugs(93, 5, "have " << readBuf.length() << " bytes to parse" << status());
653 debugs(93, 5, "\n" << readBuf);
654
655 if (state.parsingHeaders())
656 parseHeaders();
657
658 if (state.parsing == State::psBody)
659 parseBody();
660 }
661
662 void Adaptation::Icap::ModXact::callException(const std::exception &e)
663 {
664 if (!canStartBypass || isRetriable) {
665 if (!isRetriable) {
666 if (const TextException *te = dynamic_cast<const TextException *>(&e))
667 detailError(ERR_DETAIL_EXCEPTION_START + te->id());
668 else
669 detailError(ERR_DETAIL_EXCEPTION_OTHER);
670 }
671 Adaptation::Icap::Xaction::callException(e);
672 return;
673 }
674
675 try {
676 debugs(93, 3, HERE << "bypassing " << inCall << " exception: " <<
677 e.what() << ' ' << status());
678 bypassFailure();
679 } catch (const TextException &bypassTe) {
680 detailError(ERR_DETAIL_EXCEPTION_START + bypassTe.id());
681 Adaptation::Icap::Xaction::callException(bypassTe);
682 } catch (const std::exception &bypassE) {
683 detailError(ERR_DETAIL_EXCEPTION_OTHER);
684 Adaptation::Icap::Xaction::callException(bypassE);
685 }
686 }
687
688 void Adaptation::Icap::ModXact::bypassFailure()
689 {
690 disableBypass("already started to bypass", false);
691
692 Must(!isRetriable); // or we should not be bypassing
693 // TODO: should the same be enforced for isRepeatable? Check icap_repeat??
694
695 prepEchoing();
696
697 startSending();
698
699 // end all activities associated with the ICAP server
700
701 stopParsing();
702
703 stopWriting(true); // or should we force it?
704 if (haveConnection()) {
705 reuseConnection = false; // be conservative
706 cancelRead(); // may not work; and we cannot stop connecting either
707 if (!doneWithIo())
708 debugs(93, 7, HERE << "Warning: bypass failed to stop I/O" << status());
709 }
710
711 service().noteFailure(); // we are bypassing, but this is still a failure
712 }
713
714 void Adaptation::Icap::ModXact::disableBypass(const char *reason, bool includingGroupBypass)
715 {
716 if (canStartBypass) {
717 debugs(93,7, HERE << "will never start bypass because " << reason);
718 canStartBypass = false;
719 }
720 if (protectGroupBypass && includingGroupBypass) {
721 debugs(93,7, HERE << "not protecting group bypass because " << reason);
722 protectGroupBypass = false;
723 }
724 }
725
726 // note that allocation for echoing is done in handle204NoContent()
727 void Adaptation::Icap::ModXact::maybeAllocateHttpMsg()
728 {
729 if (adapted.header) // already allocated
730 return;
731
732 if (gotEncapsulated("res-hdr")) {
733 adapted.setHeader(new HttpReply);
734 setOutcome(service().cfg().method == ICAP::methodReqmod ?
735 xoSatisfied : xoModified);
736 } else if (gotEncapsulated("req-hdr")) {
737 adapted.setHeader(new HttpRequest);
738 setOutcome(xoModified);
739 } else
740 throw TexcHere("Neither res-hdr nor req-hdr in maybeAllocateHttpMsg()");
741 }
742
743 void Adaptation::Icap::ModXact::parseHeaders()
744 {
745 Must(state.parsingHeaders());
746
747 if (state.parsing == State::psIcapHeader) {
748 debugs(93, 5, HERE << "parse ICAP headers");
749 parseIcapHead();
750 }
751
752 if (state.parsing == State::psHttpHeader) {
753 debugs(93, 5, HERE << "parse HTTP headers");
754 parseHttpHead();
755 }
756
757 if (state.parsingHeaders()) { // need more data
758 Must(mayReadMore());
759 return;
760 }
761
762 startSending();
763 }
764
765 // called after parsing all headers or when bypassing an exception
766 void Adaptation::Icap::ModXact::startSending()
767 {
768 disableRepeats("sent headers");
769 disableBypass("sent headers", true);
770 sendAnswer(Answer::Forward(adapted.header));
771
772 if (state.sending == State::sendingVirgin)
773 echoMore();
774 }
775
776 void Adaptation::Icap::ModXact::parseIcapHead()
777 {
778 Must(state.sending == State::sendingUndecided);
779
780 if (!parseHead(icapReply.getRaw()))
781 return;
782
783 if (httpHeaderHasConnDir(&icapReply->header, "close")) {
784 debugs(93, 5, HERE << "found connection close");
785 reuseConnection = false;
786 }
787
788 switch (icapReply->sline.status()) {
789
790 case Http::scContinue:
791 handle100Continue();
792 break;
793
794 case Http::scOkay:
795 case Http::scCreated: // Symantec Scan Engine 5.0 and later when modifying HTTP msg
796
797 if (!validate200Ok()) {
798 throw TexcHere("Invalid ICAP Response");
799 } else {
800 handle200Ok();
801 }
802
803 break;
804
805 case Http::scNoContent:
806 handle204NoContent();
807 break;
808
809 case Http::scPartialContent:
810 handle206PartialContent();
811 break;
812
813 default:
814 debugs(93, 5, "ICAP status " << icapReply->sline.status());
815 handleUnknownScode();
816 break;
817 }
818
819 const HttpRequest *request = dynamic_cast<HttpRequest*>(adapted.header);
820 if (!request)
821 request = &virginRequest();
822
823 // update the cross-transactional database if needed (all status codes!)
824 if (const char *xxName = Adaptation::Config::masterx_shared_name) {
825 Adaptation::History::Pointer ah = request->adaptHistory(true);
826 if (ah != NULL) { // TODO: reorder checks to avoid creating history
827 const String val = icapReply->header.getByName(xxName);
828 if (val.size() > 0) // XXX: HttpHeader lacks empty value detection
829 ah->updateXxRecord(xxName, val);
830 }
831 }
832
833 // update the adaptation plan if needed (all status codes!)
834 if (service().cfg().routing) {
835 String services;
836 if (icapReply->header.getList(HDR_X_NEXT_SERVICES, &services)) {
837 Adaptation::History::Pointer ah = request->adaptHistory(true);
838 if (ah != NULL)
839 ah->updateNextServices(services);
840 }
841 } // TODO: else warn (occasionally!) if we got HDR_X_NEXT_SERVICES
842
843 // We need to store received ICAP headers for <icapLastHeader logformat option.
844 // If we already have stored headers from previous ICAP transaction related to this
845 // request, old headers will be replaced with the new one.
846
847 Adaptation::History::Pointer ah = request->adaptLogHistory();
848 if (ah != NULL)
849 ah->recordMeta(&icapReply->header);
850
851 // handle100Continue() manages state.writing on its own.
852 // Non-100 status means the server needs no postPreview data from us.
853 if (state.writing == State::writingPaused)
854 stopWriting(true);
855 }
856
857 bool Adaptation::Icap::ModXact::validate200Ok()
858 {
859 if (ICAP::methodRespmod == service().cfg().method) {
860 if (!gotEncapsulated("res-hdr"))
861 return false;
862
863 return true;
864 }
865
866 if (ICAP::methodReqmod == service().cfg().method) {
867 if (!gotEncapsulated("res-hdr") && !gotEncapsulated("req-hdr"))
868 return false;
869
870 return true;
871 }
872
873 return false;
874 }
875
876 void Adaptation::Icap::ModXact::handle100Continue()
877 {
878 Must(state.writing == State::writingPaused);
879 // server must not respond before the end of preview: we may send ieof
880 Must(preview.enabled() && preview.done() && !preview.ieof());
881
882 // 100 "Continue" cancels our Preview commitment,
883 // but not commitment to handle 204 or 206 outside Preview
884 if (!state.allowedPostview204 && !state.allowedPostview206)
885 stopBackup();
886
887 state.parsing = State::psIcapHeader; // eventually
888 icapReply->reset();
889
890 state.writing = State::writingPrime;
891
892 writeMore();
893 }
894
895 void Adaptation::Icap::ModXact::handle200Ok()
896 {
897 state.parsing = State::psHttpHeader;
898 state.sending = State::sendingAdapted;
899 stopBackup();
900 checkConsuming();
901 }
902
903 void Adaptation::Icap::ModXact::handle204NoContent()
904 {
905 stopParsing();
906 prepEchoing();
907 }
908
909 void Adaptation::Icap::ModXact::handle206PartialContent()
910 {
911 if (state.writing == State::writingPaused) {
912 Must(preview.enabled());
913 Must(state.allowedPreview206);
914 debugs(93, 7, HERE << "206 inside preview");
915 } else {
916 Must(state.writing > State::writingPaused);
917 Must(state.allowedPostview206);
918 debugs(93, 7, HERE << "206 outside preview");
919 }
920 state.parsing = State::psHttpHeader;
921 state.sending = State::sendingAdapted;
922 state.readyForUob = true;
923 checkConsuming();
924 }
925
926 // Called when we receive a 204 No Content response and
927 // when we are trying to bypass a service failure.
928 // We actually start sending (echoig or not) in startSending.
929 void Adaptation::Icap::ModXact::prepEchoing()
930 {
931 disableRepeats("preparing to echo content");
932 disableBypass("preparing to echo content", true);
933 setOutcome(xoEcho);
934
935 // We want to clone the HTTP message, but we do not want
936 // to copy some non-HTTP state parts that HttpMsg kids carry in them.
937 // Thus, we cannot use a smart pointer, copy constructor, or equivalent.
938 // Instead, we simply write the HTTP message and "clone" it by parsing.
939 // TODO: use HttpMsg::clone()!
940
941 HttpMsg *oldHead = virgin.header;
942 debugs(93, 7, HERE << "cloning virgin message " << oldHead);
943
944 MemBuf httpBuf;
945
946 // write the virgin message into a memory buffer
947 httpBuf.init();
948 packHead(httpBuf, oldHead);
949
950 // allocate the adapted message and copy metainfo
951 Must(!adapted.header);
952 {
953 HttpMsg::Pointer newHead;
954 if (dynamic_cast<const HttpRequest*>(oldHead)) {
955 newHead = new HttpRequest;
956 } else if (dynamic_cast<const HttpReply*>(oldHead)) {
957 newHead = new HttpReply;
958 }
959 Must(newHead != NULL);
960
961 newHead->inheritProperties(oldHead);
962
963 adapted.setHeader(newHead.getRaw());
964 }
965
966 // parse the buffer back
967 Http::StatusCode error = Http::scNone;
968
969 httpBuf.terminate(); // HttpMsg::parse requires nil-terminated buffer
970 Must(adapted.header->parse(httpBuf.content(), httpBuf.contentSize(), true, &error));
971
972 if (HttpRequest *r = dynamic_cast<HttpRequest*>(adapted.header))
973 urlCanonical(r); // parse does not set HttpRequest::canonical
974
975 Must(adapted.header->hdr_sz == httpBuf.contentSize()); // no leftovers
976
977 httpBuf.clean();
978
979 debugs(93, 7, HERE << "cloned virgin message " << oldHead << " to " <<
980 adapted.header);
981
982 // setup adapted body pipe if needed
983 if (oldHead->body_pipe != NULL) {
984 debugs(93, 7, HERE << "will echo virgin body from " <<
985 oldHead->body_pipe);
986 if (!virginBodySending.active())
987 virginBodySending.plan(); // will throw if not possible
988 state.sending = State::sendingVirgin;
989 checkConsuming();
990
991 // TODO: optimize: is it possible to just use the oldHead pipe and
992 // remove ICAP from the loop? This echoing is probably a common case!
993 makeAdaptedBodyPipe("echoed virgin response");
994 if (oldHead->body_pipe->bodySizeKnown())
995 adapted.body_pipe->setBodySize(oldHead->body_pipe->bodySize());
996 debugs(93, 7, HERE << "will echo virgin body to " <<
997 adapted.body_pipe);
998 } else {
999 debugs(93, 7, HERE << "no virgin body to echo");
1000 stopSending(true);
1001 }
1002 }
1003
1004 /// Called when we received use-original-body chunk extension in 206 response.
1005 /// We actually start sending (echoing or not) in startSending().
1006 void Adaptation::Icap::ModXact::prepPartialBodyEchoing(uint64_t pos)
1007 {
1008 Must(virginBodySending.active());
1009 Must(virgin.header->body_pipe != NULL);
1010
1011 setOutcome(xoPartEcho);
1012
1013 debugs(93, 7, HERE << "will echo virgin body suffix from " <<
1014 virgin.header->body_pipe << " offset " << pos );
1015
1016 // check that use-original-body=N does not point beyond buffered data
1017 const uint64_t virginDataEnd = virginConsumed +
1018 virgin.body_pipe->buf().contentSize();
1019 Must(pos <= virginDataEnd);
1020 virginBodySending.progress(static_cast<size_t>(pos));
1021
1022 state.sending = State::sendingVirgin;
1023 checkConsuming();
1024
1025 if (virgin.header->body_pipe->bodySizeKnown())
1026 adapted.body_pipe->expectProductionEndAfter(virgin.header->body_pipe->bodySize() - pos);
1027
1028 debugs(93, 7, HERE << "will echo virgin body suffix to " <<
1029 adapted.body_pipe);
1030
1031 // Start echoing data
1032 echoMore();
1033 }
1034
1035 void Adaptation::Icap::ModXact::handleUnknownScode()
1036 {
1037 stopParsing();
1038 stopBackup();
1039 // TODO: mark connection as "bad"
1040
1041 // Terminate the transaction; we do not know how to handle this response.
1042 throw TexcHere("Unsupported ICAP status code");
1043 }
1044
1045 void Adaptation::Icap::ModXact::parseHttpHead()
1046 {
1047 if (gotEncapsulated("res-hdr") || gotEncapsulated("req-hdr")) {
1048 replyHttpHeaderSize = 0;
1049 maybeAllocateHttpMsg();
1050
1051 if (!parseHead(adapted.header))
1052 return; // need more header data
1053
1054 if (adapted.header)
1055 replyHttpHeaderSize = adapted.header->hdr_sz;
1056
1057 if (dynamic_cast<HttpRequest*>(adapted.header)) {
1058 const HttpRequest *oldR = dynamic_cast<const HttpRequest*>(virgin.header);
1059 Must(oldR);
1060 // TODO: the adapted request did not really originate from the
1061 // client; give proxy admin an option to prevent copying of
1062 // sensitive client information here. See the following thread:
1063 // http://www.squid-cache.org/mail-archive/squid-dev/200703/0040.html
1064 }
1065
1066 // Maybe adapted.header==NULL if HttpReply and have Http 0.9 ....
1067 if (adapted.header)
1068 adapted.header->inheritProperties(virgin.header);
1069 }
1070
1071 decideOnParsingBody();
1072 }
1073
1074 // parses both HTTP and ICAP headers
1075 bool Adaptation::Icap::ModXact::parseHead(HttpMsg *head)
1076 {
1077 Must(head);
1078 debugs(93, 5, "have " << readBuf.length() << " head bytes to parse; state: " << state.parsing);
1079
1080 Http::StatusCode error = Http::scNone;
1081 // XXX: performance regression. c_str() data copies
1082 // XXX: HttpMsg::parse requires a terminated string buffer
1083 const char *tmpBuf = readBuf.c_str();
1084 const bool parsed = head->parse(tmpBuf, readBuf.length(), commEof, &error);
1085 Must(parsed || !error); // success or need more data
1086
1087 if (!parsed) { // need more data
1088 debugs(93, 5, HERE << "parse failed, need more data, return false");
1089 head->reset();
1090 return false;
1091 }
1092
1093 if (HttpRequest *r = dynamic_cast<HttpRequest*>(head))
1094 urlCanonical(r); // parse does not set HttpRequest::canonical
1095
1096 debugs(93, 5, HERE << "parse success, consume " << head->hdr_sz << " bytes, return true");
1097 readBuf.consume(head->hdr_sz);
1098 return true;
1099 }
1100
1101 void Adaptation::Icap::ModXact::decideOnParsingBody()
1102 {
1103 if (gotEncapsulated("res-body") || gotEncapsulated("req-body")) {
1104 debugs(93, 5, HERE << "expecting a body");
1105 state.parsing = State::psBody;
1106 replyHttpBodySize = 0;
1107 bodyParser = new Http1::TeChunkedParser;
1108 makeAdaptedBodyPipe("adapted response from the ICAP server");
1109 Must(state.sending == State::sendingAdapted);
1110 } else {
1111 debugs(93, 5, HERE << "not expecting a body");
1112 stopParsing();
1113 stopSending(true);
1114 }
1115 }
1116
1117 void Adaptation::Icap::ModXact::parseBody()
1118 {
1119 Must(state.parsing == State::psBody);
1120 Must(bodyParser);
1121
1122 debugs(93, 5, "have " << readBuf.length() << " body bytes to parse");
1123
1124 // the parser will throw on errors
1125 BodyPipeCheckout bpc(*adapted.body_pipe);
1126 bodyParser->setPayloadBuffer(&bpc.buf);
1127 const bool parsed = bodyParser->parse(readBuf);
1128 readBuf = bodyParser->remaining(); // sync buffers after parse
1129 bpc.checkIn();
1130
1131 debugs(93, 5, "have " << readBuf.length() << " body bytes after parsed all: " << parsed);
1132 replyHttpBodySize += adapted.body_pipe->buf().contentSize();
1133
1134 // TODO: expose BodyPipe::putSize() to make this check simpler and clearer
1135 // TODO: do we really need this if we disable when sending headers?
1136 if (adapted.body_pipe->buf().contentSize() > 0) { // parsed something sometime
1137 disableRepeats("sent adapted content");
1138 disableBypass("sent adapted content", true);
1139 }
1140
1141 if (parsed) {
1142 if (state.readyForUob && bodyParser->useOriginBody >= 0) {
1143 prepPartialBodyEchoing(
1144 static_cast<uint64_t>(bodyParser->useOriginBody));
1145 stopParsing();
1146 return;
1147 }
1148
1149 stopParsing();
1150 stopSending(true); // the parser succeeds only if all parsed data fits
1151 return;
1152 }
1153
1154 debugs(93,3,HERE << this << " needsMoreData = " << bodyParser->needsMoreData());
1155
1156 if (bodyParser->needsMoreData()) {
1157 debugs(93,3,HERE << this);
1158 Must(mayReadMore());
1159 readMore();
1160 }
1161
1162 if (bodyParser->needsMoreSpace()) {
1163 Must(!doneSending()); // can hope for more space
1164 Must(adapted.body_pipe->buf().contentSize() > 0); // paranoid
1165 // TODO: there should be a timeout in case the sink is broken
1166 // or cannot consume partial content (while we need more space)
1167 }
1168 }
1169
1170 void Adaptation::Icap::ModXact::stopParsing()
1171 {
1172 if (state.parsing == State::psDone)
1173 return;
1174
1175 debugs(93, 7, HERE << "will no longer parse" << status());
1176
1177 delete bodyParser;
1178
1179 bodyParser = NULL;
1180
1181 state.parsing = State::psDone;
1182 }
1183
1184 // HTTP side added virgin body data
1185 void Adaptation::Icap::ModXact::noteMoreBodyDataAvailable(BodyPipe::Pointer)
1186 {
1187 writeMore();
1188
1189 if (state.sending == State::sendingVirgin)
1190 echoMore();
1191 }
1192
1193 // HTTP side sent us all virgin info
1194 void Adaptation::Icap::ModXact::noteBodyProductionEnded(BodyPipe::Pointer)
1195 {
1196 Must(virgin.body_pipe->productionEnded());
1197
1198 // push writer and sender in case we were waiting for the last-chunk
1199 writeMore();
1200
1201 if (state.sending == State::sendingVirgin)
1202 echoMore();
1203 }
1204
1205 // body producer aborted, but the initiator may still want to know
1206 // the answer, even though the HTTP message has been truncated
1207 void Adaptation::Icap::ModXact::noteBodyProducerAborted(BodyPipe::Pointer)
1208 {
1209 Must(virgin.body_pipe->productionEnded());
1210
1211 // push writer and sender in case we were waiting for the last-chunk
1212 writeMore();
1213
1214 if (state.sending == State::sendingVirgin)
1215 echoMore();
1216 }
1217
1218 // adapted body consumer wants more adapted data and
1219 // possibly freed some buffer space
1220 void Adaptation::Icap::ModXact::noteMoreBodySpaceAvailable(BodyPipe::Pointer)
1221 {
1222 if (state.sending == State::sendingVirgin)
1223 echoMore();
1224 else if (state.sending == State::sendingAdapted)
1225 parseMore();
1226 else
1227 Must(state.sending == State::sendingUndecided);
1228 }
1229
1230 // adapted body consumer aborted
1231 void Adaptation::Icap::ModXact::noteBodyConsumerAborted(BodyPipe::Pointer)
1232 {
1233 detailError(ERR_DETAIL_ICAP_XACT_BODY_CONSUMER_ABORT);
1234 mustStop("adapted body consumer aborted");
1235 }
1236
1237 Adaptation::Icap::ModXact::~ModXact()
1238 {
1239 delete bodyParser;
1240 }
1241
1242 // internal cleanup
1243 void Adaptation::Icap::ModXact::swanSong()
1244 {
1245 debugs(93, 5, HERE << "swan sings" << status());
1246
1247 stopWriting(false);
1248 stopSending(false);
1249
1250 if (theInitiator.set()) // we have not sent the answer to the initiator
1251 detailError(ERR_DETAIL_ICAP_XACT_OTHER);
1252
1253 // update adaptation history if start was called and we reserved a slot
1254 Adaptation::History::Pointer ah = virginRequest().adaptLogHistory();
1255 if (ah != NULL && adaptHistoryId >= 0)
1256 ah->recordXactFinish(adaptHistoryId);
1257
1258 Adaptation::Icap::Xaction::swanSong();
1259 }
1260
1261 void prepareLogWithRequestDetails(HttpRequest *, AccessLogEntry::Pointer &);
1262
1263 void Adaptation::Icap::ModXact::finalizeLogInfo()
1264 {
1265 HttpRequest * request_ = NULL;
1266 HttpRequest * adapted_request_ = NULL;
1267 HttpReply * reply_ = NULL;
1268 request_ = (virgin.cause? virgin.cause: dynamic_cast<HttpRequest*>(virgin.header));
1269 if (!(adapted_request_ = dynamic_cast<HttpRequest*>(adapted.header))) {
1270 adapted_request_ = request_;
1271 reply_ = dynamic_cast<HttpReply*>(adapted.header);
1272 }
1273
1274 Adaptation::Icap::History::Pointer h = (request_ ? request_->icapHistory() : NULL);
1275 Must(h != NULL); // ICAPXaction::maybeLog calls only if there is a log
1276 al.icp.opcode = ICP_INVALID;
1277 al.url = h->log_uri.termedBuf();
1278 const Adaptation::Icap::ServiceRep &s = service();
1279 al.icap.reqMethod = s.cfg().method;
1280
1281 al.cache.caddr = request_->client_addr;
1282
1283 al.request = request_;
1284 HTTPMSGLOCK(al.request);
1285 al.adapted_request = adapted_request_;
1286 HTTPMSGLOCK(al.adapted_request);
1287
1288 if (reply_) {
1289 al.reply = reply_;
1290 HTTPMSGLOCK(al.reply);
1291 } else
1292 al.reply = NULL;
1293
1294 if (h->rfc931.size())
1295 al.cache.rfc931 = h->rfc931.termedBuf();
1296
1297 #if USE_OPENSSL
1298 if (h->ssluser.size())
1299 al.cache.ssluser = h->ssluser.termedBuf();
1300 #endif
1301 al.cache.code = h->logType;
1302 // XXX: should use icap-specific counters instead ?
1303 al.http.clientRequestSz.payloadData = h->req_sz;
1304
1305 // leave al.icap.bodyBytesRead negative if no body
1306 if (replyHttpHeaderSize >= 0 || replyHttpBodySize >= 0) {
1307 const int64_t zero = 0; // to make max() argument types the same
1308 al.icap.bodyBytesRead =
1309 max(zero, replyHttpHeaderSize) + max(zero, replyHttpBodySize);
1310 }
1311
1312 if (reply_) {
1313 al.http.code = reply_->sline.status();
1314 al.http.content_type = reply_->content_type.termedBuf();
1315 if (replyHttpBodySize >= 0) {
1316 // XXX: should use icap-specific counters instead ?
1317 al.http.clientReplySz.payloadData = replyHttpBodySize;
1318 al.http.clientReplySz.header = reply_->hdr_sz;
1319 al.cache.highOffset = replyHttpBodySize;
1320 }
1321 //don't set al.cache.objectSize because it hasn't exist yet
1322
1323 MemBuf mb;
1324 mb.init();
1325 reply_->header.packInto(&mb);
1326 al.headers.reply = xstrdup(mb.buf);
1327 mb.clean();
1328 }
1329 prepareLogWithRequestDetails(adapted_request_, alep);
1330 Xaction::finalizeLogInfo();
1331 }
1332
1333 void Adaptation::Icap::ModXact::makeRequestHeaders(MemBuf &buf)
1334 {
1335 char ntoabuf[MAX_IPSTRLEN];
1336 /*
1337 * XXX These should use HttpHdr interfaces instead of Printfs
1338 */
1339 const Adaptation::ServiceConfig &s = service().cfg();
1340 buf.appendf("%s " SQUIDSTRINGPH " ICAP/1.0\r\n", s.methodStr(), SQUIDSTRINGPRINT(s.uri));
1341 buf.appendf("Host: " SQUIDSTRINGPH ":%d\r\n", SQUIDSTRINGPRINT(s.host), s.port);
1342 buf.appendf("Date: %s\r\n", mkrfc1123(squid_curtime));
1343
1344 if (!TheConfig.reuse_connections)
1345 buf.appendf("Connection: close\r\n");
1346
1347 const HttpRequest *request = &virginRequest();
1348
1349 // we must forward "Proxy-Authenticate" and "Proxy-Authorization"
1350 // as ICAP headers.
1351 if (virgin.header->header.has(HDR_PROXY_AUTHENTICATE)) {
1352 String vh=virgin.header->header.getByName("Proxy-Authenticate");
1353 buf.appendf("Proxy-Authenticate: " SQUIDSTRINGPH "\r\n",SQUIDSTRINGPRINT(vh));
1354 }
1355
1356 if (virgin.header->header.has(HDR_PROXY_AUTHORIZATION)) {
1357 String vh=virgin.header->header.getByName("Proxy-Authorization");
1358 buf.appendf("Proxy-Authorization: " SQUIDSTRINGPH "\r\n", SQUIDSTRINGPRINT(vh));
1359 } else if (request->extacl_user.size() > 0 && request->extacl_passwd.size() > 0) {
1360 struct base64_encode_ctx ctx;
1361 base64_encode_init(&ctx);
1362 uint8_t base64buf[base64_encode_len(MAX_LOGIN_SZ)];
1363 size_t resultLen = base64_encode_update(&ctx, base64buf, request->extacl_user.size(), reinterpret_cast<const uint8_t*>(request->extacl_user.rawBuf()));
1364 resultLen += base64_encode_update(&ctx, base64buf+resultLen, 1, reinterpret_cast<const uint8_t*>(":"));
1365 resultLen += base64_encode_update(&ctx, base64buf+resultLen, request->extacl_passwd.size(), reinterpret_cast<const uint8_t*>(request->extacl_passwd.rawBuf()));
1366 resultLen += base64_encode_final(&ctx, base64buf+resultLen);
1367 buf.appendf("Proxy-Authorization: Basic %.*s\r\n", (int)resultLen, base64buf);
1368 }
1369
1370 // share the cross-transactional database records if needed
1371 if (Adaptation::Config::masterx_shared_name) {
1372 Adaptation::History::Pointer ah = request->adaptHistory(false);
1373 if (ah != NULL) {
1374 String name, value;
1375 if (ah->getXxRecord(name, value)) {
1376 buf.appendf(SQUIDSTRINGPH ": " SQUIDSTRINGPH "\r\n", SQUIDSTRINGPRINT(name), SQUIDSTRINGPRINT(value));
1377 }
1378 }
1379 }
1380
1381 buf.append("Encapsulated: ", 14);
1382
1383 MemBuf httpBuf;
1384
1385 httpBuf.init();
1386
1387 // build HTTP request header, if any
1388 ICAP::Method m = s.method;
1389
1390 // to simplify, we could assume that request is always available
1391
1392 if (request) {
1393 if (ICAP::methodRespmod == m)
1394 encapsulateHead(buf, "req-hdr", httpBuf, request);
1395 else if (ICAP::methodReqmod == m)
1396 encapsulateHead(buf, "req-hdr", httpBuf, virgin.header);
1397 }
1398
1399 if (ICAP::methodRespmod == m)
1400 if (const HttpMsg *prime = virgin.header)
1401 encapsulateHead(buf, "res-hdr", httpBuf, prime);
1402
1403 if (!virginBody.expected())
1404 buf.appendf("null-body=%d", (int) httpBuf.contentSize());
1405 else if (ICAP::methodReqmod == m)
1406 buf.appendf("req-body=%d", (int) httpBuf.contentSize());
1407 else
1408 buf.appendf("res-body=%d", (int) httpBuf.contentSize());
1409
1410 buf.append(ICAP::crlf, 2); // terminate Encapsulated line
1411
1412 if (preview.enabled()) {
1413 buf.appendf("Preview: %d\r\n", (int)preview.ad());
1414 if (!virginBody.expected()) // there is no body to preview
1415 finishNullOrEmptyBodyPreview(httpBuf);
1416 }
1417
1418 makeAllowHeader(buf);
1419
1420 if (TheConfig.send_client_ip && request) {
1421 Ip::Address client_addr;
1422 #if FOLLOW_X_FORWARDED_FOR
1423 if (TheConfig.use_indirect_client) {
1424 client_addr = request->indirect_client_addr;
1425 } else
1426 #endif
1427 client_addr = request->client_addr;
1428 if (!client_addr.isAnyAddr() && !client_addr.isNoAddr())
1429 buf.appendf("X-Client-IP: %s\r\n", client_addr.toStr(ntoabuf,MAX_IPSTRLEN));
1430 }
1431
1432 if (TheConfig.send_username && request)
1433 makeUsernameHeader(request, buf);
1434
1435 // Adaptation::Config::metaHeaders
1436 typedef Notes::iterator ACAMLI;
1437 for (ACAMLI i = Adaptation::Config::metaHeaders.begin(); i != Adaptation::Config::metaHeaders.end(); ++i) {
1438 HttpRequest *r = virgin.cause ?
1439 virgin.cause : dynamic_cast<HttpRequest*>(virgin.header);
1440 Must(r);
1441
1442 HttpReply *reply = dynamic_cast<HttpReply*>(virgin.header);
1443
1444 if (const char *value = (*i)->match(r, reply, alMaster)) {
1445 buf.appendf("%s: %s\r\n", (*i)->key.termedBuf(), value);
1446 Adaptation::History::Pointer ah = request->adaptHistory(false);
1447 if (ah != NULL) {
1448 if (ah->metaHeaders == NULL)
1449 ah->metaHeaders = new NotePairs;
1450 if (!ah->metaHeaders->hasPair((*i)->key.termedBuf(), value))
1451 ah->metaHeaders->add((*i)->key.termedBuf(), value);
1452 }
1453 }
1454 }
1455
1456 // fprintf(stderr, "%s\n", buf.content());
1457
1458 buf.append(ICAP::crlf, 2); // terminate ICAP header
1459
1460 // fill icapRequest for logging
1461 Must(icapRequest->parseCharBuf(buf.content(), buf.contentSize()));
1462
1463 // start ICAP request body with encapsulated HTTP headers
1464 buf.append(httpBuf.content(), httpBuf.contentSize());
1465
1466 httpBuf.clean();
1467 }
1468
1469 // decides which Allow values to write and updates the request buffer
1470 void Adaptation::Icap::ModXact::makeAllowHeader(MemBuf &buf)
1471 {
1472 const bool allow204in = preview.enabled(); // TODO: add shouldAllow204in()
1473 const bool allow204out = state.allowedPostview204 = shouldAllow204();
1474 const bool allow206in = state.allowedPreview206 = shouldAllow206in();
1475 const bool allow206out = state.allowedPostview206 = shouldAllow206out();
1476
1477 debugs(93,9, HERE << "Allows: " << allow204in << allow204out <<
1478 allow206in << allow206out);
1479
1480 const bool allow204 = allow204in || allow204out;
1481 const bool allow206 = allow206in || allow206out;
1482
1483 if (!allow204 && !allow206)
1484 return; // nothing to do
1485
1486 if (virginBody.expected()) // if there is a virgin body, plan to send it
1487 virginBodySending.plan();
1488
1489 // writing Preview:... means we will honor 204 inside preview
1490 // writing Allow/204 means we will honor 204 outside preview
1491 // writing Allow:206 means we will honor 206 inside preview
1492 // writing Allow:204,206 means we will honor 206 outside preview
1493 const char *allowHeader = NULL;
1494 if (allow204out && allow206)
1495 allowHeader = "Allow: 204, 206\r\n";
1496 else if (allow204out)
1497 allowHeader = "Allow: 204\r\n";
1498 else if (allow206)
1499 allowHeader = "Allow: 206\r\n";
1500
1501 if (allowHeader) { // may be nil if only allow204in is true
1502 buf.append(allowHeader, strlen(allowHeader));
1503 debugs(93,5, HERE << "Will write " << allowHeader);
1504 }
1505 }
1506
1507 void Adaptation::Icap::ModXact::makeUsernameHeader(const HttpRequest *request, MemBuf &buf)
1508 {
1509 #if USE_AUTH
1510 struct base64_encode_ctx ctx;
1511 base64_encode_init(&ctx);
1512
1513 const char *value = NULL;
1514 if (request->auth_user_request != NULL) {
1515 value = request->auth_user_request->username();
1516 } else if (request->extacl_user.size() > 0) {
1517 value = request->extacl_user.termedBuf();
1518 }
1519
1520 if (value) {
1521 if (TheConfig.client_username_encode) {
1522 uint8_t base64buf[base64_encode_len(MAX_LOGIN_SZ)];
1523 size_t resultLen = base64_encode_update(&ctx, base64buf, strlen(value), reinterpret_cast<const uint8_t*>(value));
1524 resultLen += base64_encode_final(&ctx, base64buf+resultLen);
1525 buf.appendf("%s: %.*s\r\n", TheConfig.client_username_header, (int)resultLen, base64buf);
1526 } else
1527 buf.appendf("%s: %s\r\n", TheConfig.client_username_header, value);
1528 }
1529 #endif
1530 }
1531
1532 void Adaptation::Icap::ModXact::encapsulateHead(MemBuf &icapBuf, const char *section, MemBuf &httpBuf, const HttpMsg *head)
1533 {
1534 // update ICAP header
1535 icapBuf.appendf("%s=%d, ", section, (int) httpBuf.contentSize());
1536
1537 // begin cloning
1538 HttpMsg::Pointer headClone;
1539
1540 if (const HttpRequest* old_request = dynamic_cast<const HttpRequest*>(head)) {
1541 HttpRequest::Pointer new_request(new HttpRequest);
1542 Must(old_request->canonical);
1543 urlParse(old_request->method, old_request->canonical, new_request.getRaw());
1544 new_request->http_ver = old_request->http_ver;
1545 headClone = new_request.getRaw();
1546 } else if (const HttpReply *old_reply = dynamic_cast<const HttpReply*>(head)) {
1547 HttpReply::Pointer new_reply(new HttpReply);
1548 new_reply->sline = old_reply->sline;
1549 headClone = new_reply.getRaw();
1550 }
1551 Must(headClone != NULL);
1552 headClone->inheritProperties(head);
1553
1554 HttpHeaderPos pos = HttpHeaderInitPos;
1555 HttpHeaderEntry* p_head_entry = NULL;
1556 while (NULL != (p_head_entry = head->header.getEntry(&pos)) )
1557 headClone->header.addEntry(p_head_entry->clone());
1558
1559 // end cloning
1560
1561 // remove all hop-by-hop headers from the clone
1562 headClone->header.delById(HDR_PROXY_AUTHENTICATE);
1563 headClone->header.removeHopByHopEntries();
1564
1565 // pack polished HTTP header
1566 packHead(httpBuf, headClone.getRaw());
1567
1568 // headClone unlocks and, hence, deletes the message we packed
1569 }
1570
1571 void Adaptation::Icap::ModXact::packHead(MemBuf &httpBuf, const HttpMsg *head)
1572 {
1573 head->packInto(&httpBuf, true);
1574 }
1575
1576 // decides whether to offer a preview and calculates its size
1577 void Adaptation::Icap::ModXact::decideOnPreview()
1578 {
1579 if (!TheConfig.preview_enable) {
1580 debugs(93, 5, HERE << "preview disabled by squid.conf");
1581 return;
1582 }
1583
1584 const SBuf urlPath(virginRequest().url.path());
1585 size_t wantedSize;
1586 if (!service().wantsPreview(urlPath, wantedSize)) {
1587 debugs(93, 5, "should not offer preview for " << urlPath);
1588 return;
1589 }
1590
1591 // we decided to do preview, now compute its size
1592
1593 // cannot preview more than we can backup
1594 size_t ad = min(wantedSize, TheBackupLimit);
1595
1596 if (!virginBody.expected())
1597 ad = 0;
1598 else if (virginBody.knownSize())
1599 ad = min(static_cast<uint64_t>(ad), virginBody.size()); // not more than we have
1600
1601 debugs(93, 5, HERE << "should offer " << ad << "-byte preview " <<
1602 "(service wanted " << wantedSize << ")");
1603
1604 preview.enable(ad);
1605 Must(preview.enabled());
1606 }
1607
1608 // decides whether to allow 204 responses
1609 bool Adaptation::Icap::ModXact::shouldAllow204()
1610 {
1611 if (!service().allows204())
1612 return false;
1613
1614 return canBackupEverything();
1615 }
1616
1617 // decides whether to allow 206 responses in some mode
1618 bool Adaptation::Icap::ModXact::shouldAllow206any()
1619 {
1620 return TheConfig.allow206_enable && service().allows206() &&
1621 virginBody.expected(); // no need for 206 without a body
1622 }
1623
1624 // decides whether to allow 206 responses in preview mode
1625 bool Adaptation::Icap::ModXact::shouldAllow206in()
1626 {
1627 return shouldAllow206any() && preview.enabled();
1628 }
1629
1630 // decides whether to allow 206 responses outside of preview
1631 bool Adaptation::Icap::ModXact::shouldAllow206out()
1632 {
1633 return shouldAllow206any() && canBackupEverything();
1634 }
1635
1636 // used by shouldAllow204 and decideOnRetries
1637 bool Adaptation::Icap::ModXact::canBackupEverything() const
1638 {
1639 if (!virginBody.expected())
1640 return true; // no body means no problems with backup
1641
1642 // if there is a body, check whether we can backup it all
1643
1644 if (!virginBody.knownSize())
1645 return false;
1646
1647 // or should we have a different backup limit?
1648 // note that '<' allows for 0-termination of the "full" backup buffer
1649 return virginBody.size() < TheBackupLimit;
1650 }
1651
1652 // Decide whether this transaction can be retried if pconn fails
1653 // Must be called after decideOnPreview and before openConnection()
1654 void Adaptation::Icap::ModXact::decideOnRetries()
1655 {
1656 if (!isRetriable)
1657 return; // no, already decided
1658
1659 if (preview.enabled())
1660 return; // yes, because preview provides enough guarantees
1661
1662 if (canBackupEverything())
1663 return; // yes, because we can back everything up
1664
1665 disableRetries(); // no, because we cannot back everything up
1666 }
1667
1668 // Normally, the body-writing code handles preview body. It can deal with
1669 // bodies of unexpected size, including those that turn out to be empty.
1670 // However, that code assumes that the body was expected and body control
1671 // structures were initialized. This is not the case when there is no body
1672 // or the body is known to be empty, because the virgin message will lack a
1673 // body_pipe. So we handle preview of null-body and zero-size bodies here.
1674 void Adaptation::Icap::ModXact::finishNullOrEmptyBodyPreview(MemBuf &)
1675 {
1676 Must(!virginBodyWriting.active()); // one reason we handle it here
1677 Must(!virgin.body_pipe); // another reason we handle it here
1678 Must(!preview.ad());
1679
1680 // do not add last-chunk because our Encapsulated header says null-body
1681 // addLastRequestChunk(buf);
1682 preview.wrote(0, true);
1683
1684 Must(preview.done());
1685 Must(preview.ieof());
1686 }
1687
1688 void Adaptation::Icap::ModXact::fillPendingStatus(MemBuf &buf) const
1689 {
1690 Adaptation::Icap::Xaction::fillPendingStatus(buf);
1691
1692 if (state.serviceWaiting)
1693 buf.append("U", 1);
1694
1695 if (virgin.body_pipe != NULL)
1696 buf.append("R", 1);
1697
1698 if (haveConnection() && !doneReading())
1699 buf.append("r", 1);
1700
1701 if (!state.doneWriting() && state.writing != State::writingInit)
1702 buf.appendf("w(%d)", state.writing);
1703
1704 if (preview.enabled()) {
1705 if (!preview.done())
1706 buf.appendf("P(%d)", (int) preview.debt());
1707 }
1708
1709 if (virginBodySending.active())
1710 buf.append("B", 1);
1711
1712 if (!state.doneParsing() && state.parsing != State::psIcapHeader)
1713 buf.appendf("p(%d)", state.parsing);
1714
1715 if (!doneSending() && state.sending != State::sendingUndecided)
1716 buf.appendf("S(%d)", state.sending);
1717
1718 if (state.readyForUob)
1719 buf.append("6", 1);
1720
1721 if (canStartBypass)
1722 buf.append("Y", 1);
1723
1724 if (protectGroupBypass)
1725 buf.append("G", 1);
1726 }
1727
1728 void Adaptation::Icap::ModXact::fillDoneStatus(MemBuf &buf) const
1729 {
1730 Adaptation::Icap::Xaction::fillDoneStatus(buf);
1731
1732 if (!virgin.body_pipe)
1733 buf.append("R", 1);
1734
1735 if (state.doneWriting())
1736 buf.append("w", 1);
1737
1738 if (preview.enabled()) {
1739 if (preview.done())
1740 buf.appendf("P%s", preview.ieof() ? "(ieof)" : "");
1741 }
1742
1743 if (doneReading())
1744 buf.append("r", 1);
1745
1746 if (state.doneParsing())
1747 buf.append("p", 1);
1748
1749 if (doneSending())
1750 buf.append("S", 1);
1751 }
1752
1753 bool Adaptation::Icap::ModXact::gotEncapsulated(const char *section) const
1754 {
1755 return icapReply->header.getByNameListMember("Encapsulated",
1756 section, ',').size() > 0;
1757 }
1758
1759 // calculate whether there is a virgin HTTP body and
1760 // whether its expected size is known
1761 // TODO: rename because we do not just estimate
1762 void Adaptation::Icap::ModXact::estimateVirginBody()
1763 {
1764 // note: lack of size info may disable previews and 204s
1765
1766 HttpMsg *msg = virgin.header;
1767 Must(msg);
1768
1769 HttpRequestMethod method;
1770
1771 if (virgin.cause)
1772 method = virgin.cause->method;
1773 else if (HttpRequest *req = dynamic_cast<HttpRequest*>(msg))
1774 method = req->method;
1775 else
1776 method = Http::METHOD_NONE;
1777
1778 int64_t size;
1779 // expectingBody returns true for zero-sized bodies, but we will not
1780 // get a pipe for that body, so we treat the message as bodyless
1781 if (method != Http::METHOD_NONE && msg->expectingBody(method, size) && size) {
1782 debugs(93, 6, HERE << "expects virgin body from " <<
1783 virgin.body_pipe << "; size: " << size);
1784
1785 virginBody.expect(size);
1786 virginBodyWriting.plan();
1787
1788 // sign up as a body consumer
1789 Must(msg->body_pipe != NULL);
1790 Must(msg->body_pipe == virgin.body_pipe);
1791 Must(virgin.body_pipe->setConsumerIfNotLate(this));
1792
1793 // make sure TheBackupLimit is in-sync with the buffer size
1794 Must(TheBackupLimit <= static_cast<size_t>(msg->body_pipe->buf().max_capacity));
1795 } else {
1796 debugs(93, 6, HERE << "does not expect virgin body");
1797 Must(msg->body_pipe == NULL);
1798 checkConsuming();
1799 }
1800 }
1801
1802 void Adaptation::Icap::ModXact::makeAdaptedBodyPipe(const char *what)
1803 {
1804 Must(!adapted.body_pipe);
1805 Must(!adapted.header->body_pipe);
1806 adapted.header->body_pipe = new BodyPipe(this);
1807 adapted.body_pipe = adapted.header->body_pipe;
1808 debugs(93, 7, HERE << "will supply " << what << " via " <<
1809 adapted.body_pipe << " pipe");
1810 }
1811
1812 // TODO: Move SizedEstimate and Preview elsewhere
1813
1814 Adaptation::Icap::SizedEstimate::SizedEstimate()
1815 : theData(dtUnexpected)
1816 {}
1817
1818 void Adaptation::Icap::SizedEstimate::expect(int64_t aSize)
1819 {
1820 theData = (aSize >= 0) ? aSize : (int64_t)dtUnknown;
1821 }
1822
1823 bool Adaptation::Icap::SizedEstimate::expected() const
1824 {
1825 return theData != dtUnexpected;
1826 }
1827
1828 bool Adaptation::Icap::SizedEstimate::knownSize() const
1829 {
1830 Must(expected());
1831 return theData != dtUnknown;
1832 }
1833
1834 uint64_t Adaptation::Icap::SizedEstimate::size() const
1835 {
1836 Must(knownSize());
1837 return static_cast<uint64_t>(theData);
1838 }
1839
1840 Adaptation::Icap::VirginBodyAct::VirginBodyAct(): theStart(0), theState(stUndecided)
1841 {}
1842
1843 void Adaptation::Icap::VirginBodyAct::plan()
1844 {
1845 Must(!disabled());
1846 Must(!theStart); // not started
1847 theState = stActive;
1848 }
1849
1850 void Adaptation::Icap::VirginBodyAct::disable()
1851 {
1852 theState = stDisabled;
1853 }
1854
1855 void Adaptation::Icap::VirginBodyAct::progress(size_t size)
1856 {
1857 Must(active());
1858 #if SIZEOF_SIZE_T > 4
1859 /* always true for smaller size_t's */
1860 Must(static_cast<int64_t>(size) >= 0);
1861 #endif
1862 theStart += static_cast<int64_t>(size);
1863 }
1864
1865 uint64_t Adaptation::Icap::VirginBodyAct::offset() const
1866 {
1867 Must(active());
1868 return static_cast<uint64_t>(theStart);
1869 }
1870
1871 Adaptation::Icap::Preview::Preview(): theWritten(0), theAd(0), theState(stDisabled)
1872 {}
1873
1874 void Adaptation::Icap::Preview::enable(size_t anAd)
1875 {
1876 // TODO: check for anAd not exceeding preview size limit
1877 Must(!enabled());
1878 theAd = anAd;
1879 theState = stWriting;
1880 }
1881
1882 bool Adaptation::Icap::Preview::enabled() const
1883 {
1884 return theState != stDisabled;
1885 }
1886
1887 size_t Adaptation::Icap::Preview::ad() const
1888 {
1889 Must(enabled());
1890 return theAd;
1891 }
1892
1893 bool Adaptation::Icap::Preview::done() const
1894 {
1895 Must(enabled());
1896 return theState >= stIeof;
1897 }
1898
1899 bool Adaptation::Icap::Preview::ieof() const
1900 {
1901 Must(enabled());
1902 return theState == stIeof;
1903 }
1904
1905 size_t Adaptation::Icap::Preview::debt() const
1906 {
1907 Must(enabled());
1908 return done() ? 0 : (theAd - theWritten);
1909 }
1910
1911 void Adaptation::Icap::Preview::wrote(size_t size, bool wroteEof)
1912 {
1913 Must(enabled());
1914
1915 theWritten += size;
1916
1917 Must(theWritten <= theAd);
1918
1919 if (wroteEof)
1920 theState = stIeof; // written size is irrelevant
1921 else if (theWritten >= theAd)
1922 theState = stDone;
1923 }
1924
1925 bool Adaptation::Icap::ModXact::fillVirginHttpHeader(MemBuf &mb) const
1926 {
1927 if (virgin.header == NULL)
1928 return false;
1929
1930 virgin.header->firstLineBuf(mb);
1931
1932 return true;
1933 }
1934
1935 void Adaptation::Icap::ModXact::detailError(int errDetail)
1936 {
1937 HttpRequest *request = dynamic_cast<HttpRequest*>(adapted.header);
1938 // if no adapted request, update virgin (and inherit its properties later)
1939 // TODO: make this and HttpRequest::detailError constant, like adaptHistory
1940 if (!request)
1941 request = const_cast<HttpRequest*>(&virginRequest());
1942
1943 if (request)
1944 request->detailError(ERR_ICAP_FAILURE, errDetail);
1945 }
1946
1947 void Adaptation::Icap::ModXact::clearError()
1948 {
1949 HttpRequest *request = dynamic_cast<HttpRequest*>(adapted.header);
1950 // if no adapted request, update virgin (and inherit its properties later)
1951 if (!request)
1952 request = const_cast<HttpRequest*>(&virginRequest());
1953
1954 if (request)
1955 request->clearError();
1956 }
1957
1958 /* Adaptation::Icap::ModXactLauncher */
1959
1960 Adaptation::Icap::ModXactLauncher::ModXactLauncher(HttpMsg *virginHeader, HttpRequest *virginCause, AccessLogEntry::Pointer &alp, Adaptation::ServicePointer aService):
1961 AsyncJob("Adaptation::Icap::ModXactLauncher"),
1962 Adaptation::Icap::Launcher("Adaptation::Icap::ModXactLauncher", aService),
1963 al(alp)
1964 {
1965 virgin.setHeader(virginHeader);
1966 virgin.setCause(virginCause);
1967 updateHistory(true);
1968 }
1969
1970 Adaptation::Icap::Xaction *Adaptation::Icap::ModXactLauncher::createXaction()
1971 {
1972 Adaptation::Icap::ServiceRep::Pointer s =
1973 dynamic_cast<Adaptation::Icap::ServiceRep*>(theService.getRaw());
1974 Must(s != NULL);
1975 return new Adaptation::Icap::ModXact(virgin.header, virgin.cause, al, s);
1976 }
1977
1978 void Adaptation::Icap::ModXactLauncher::swanSong()
1979 {
1980 debugs(93, 5, HERE << "swan sings");
1981 updateHistory(false);
1982 Adaptation::Icap::Launcher::swanSong();
1983 }
1984
1985 void Adaptation::Icap::ModXactLauncher::updateHistory(bool doStart)
1986 {
1987 HttpRequest *r = virgin.cause ?
1988 virgin.cause : dynamic_cast<HttpRequest*>(virgin.header);
1989
1990 // r should never be NULL but we play safe; TODO: add Should()
1991 if (r) {
1992 Adaptation::Icap::History::Pointer h = r->icapHistory();
1993 if (h != NULL) {
1994 if (doStart)
1995 h->start("ICAPModXactLauncher");
1996 else
1997 h->stop("ICAPModXactLauncher");
1998 }
1999 }
2000 }
2001
Mirror of https://github.com/squid-cache/squid.git