git.ipfire.org Git - thirdparty/squid.git/commit - src/ssl/PeekingPeerConnector.cc

Fixed step3 splicing.

The information about PeekingPeerConnector splicing the connections
was lost in some cases, resulting in two different bugs:

- With a certificate validator, the PeekingPeerConnector class calls
   back FwdState, which calls the ConnStateData class, which then tries
   secure the connection with the already tunneled SSL client and
   closes the connection on negotiating errors.

- Without a certificate validator, the PeekingPeerConnector class
   never calls FwdState class, and both PeekingPeerConnector and
   FwdState objects stall until finishing tunnelState closes server
   and client connections.

Now, PeerConnector always calls FwdState back, marking spliced
connections as such. This has the following positive side-effects:

- When FwdState learns about spliced connections, it does not call
   ConnStateData back. Instead, it terminates and gets destroyed.
   The tunnel continues uninterrupted.

- The PeekingPeerConnector job ends and is destroyed instead of
   waiting to call FwdState.

This is a Measurement Factory project.

author	Christos Tsantilas <chtsanti@users.sourceforge.net>
	Mon, 8 Feb 2016 17:44:43 +0000 (19:44 +0200)
committer	Christos Tsantilas <chtsanti@users.sourceforge.net>
	Mon, 8 Feb 2016 17:44:43 +0000 (19:44 +0200)
commit	56753478d497d40d27dc8817d029fcd3aea63f53
tree	041cee7b7913b252d1060a92a56cf66ec37ea5f7	tree \| snapshot
parent	f3fece9553af9f1290d273a9ba4ebf2afeadd3cf	commit \| diff

src/FwdState.cc		diff \| blob \| blame \| history
src/security/EncryptorAnswer.h		diff \| blob \| blame \| history
src/ssl/PeekingPeerConnector.cc		diff \| blob \| blame \| history
src/ssl/PeekingPeerConnector.h		diff \| blob \| blame \| history
src/ssl/PeerConnector.h		diff \| blob \| blame \| history