as the dist-all and distcheck targets for developers which respectively
build a tar.gz and a tar.bz2 distribution, and check that what will be
distributed builds.
+ - Added TOS and source address selection based on ACLs,
+ written by Roger Venning. This allows administrators to set
+ the TOS precedence bits and/or the source IP from a set of
+ available IPs based upon some ACLs, generally to map different
+ users to different outgoing links and traffic profiles.
Changes to Squid-2.4.DEVEL4 ():
/*
- * $Id: acl.cc,v 1.259 2001/09/03 10:33:02 robertc Exp $
+ * $Id: acl.cc,v 1.260 2001/10/10 15:17:38 adrian Exp $
*
* DEBUG: section 28 Access Control
* AUTHOR: Duane Wessels
static void aclParseTimeSpec(void *curlist);
static void aclParseIntRange(void *curlist);
static char *strtokFile(void);
-static void aclDestroyAclList(acl_list * list);
static void aclDestroyTimeList(acl_time_data * data);
static void aclDestroyIntRange(intrange *);
static void aclLookupProxyAuthStart(aclCheck_t * checklist);
acl_access *A = NULL;
acl_access *B = NULL;
acl_access **T = NULL;
- acl_list *L = NULL;
- acl_list **Tail = NULL;
- acl *a = NULL;
/* first expect either 'allow' or 'deny' */
if ((t = strtok(NULL, w_space)) == NULL) {
cbdataFree(A);
return;
}
+ aclParseAclList(&A->acl_list);
+ if (A->acl_list == NULL) {
+ debug(28, 0) ("%s line %d: %s\n",
+ cfg_filename, config_lineno, config_input_line);
+ debug(28, 0) ("aclParseAccessLine: Access line contains no ACL's, skipping\n");
+ cbdataFree(A);
+ return;
+ }
+ A->cfgline = xstrdup(config_input_line);
+ /* Append to the end of this list */
+ for (B = *head, T = head; B; T = &B->next, B = B->next);
+ *T = A;
+ /* We lock _acl_access structures in aclCheck() */
+}
+
+void
+aclParseAclList(acl_list ** head)
+{
+ acl_list *L = NULL;
+ acl_list **Tail = head; /* sane name in the use below */
+ acl *a = NULL;
+ char *t;
/* next expect a list of ACL names, possibly preceeded
* by '!' for negation */
- Tail = &A->acl_list;
while ((t = strtok(NULL, w_space))) {
L = memAllocate(MEM_ACL_LIST);
L->op = 1; /* defaults to non-negated */
*Tail = L;
Tail = &L->next;
}
- if (A->acl_list == NULL) {
- debug(28, 0) ("%s line %d: %s\n",
- cfg_filename, config_lineno, config_input_line);
- debug(28, 0) ("aclParseAccessLine: Access line contains no ACL's, skipping\n");
- cbdataFree(A);
- return;
- }
- A->cfgline = xstrdup(config_input_line);
- /* Append to the end of this list */
- for (B = *head, T = head; B; T = &B->next, B = B->next);
- *T = A;
- /* We lock _acl_access structures in aclCheck() */
}
/**************/
*head = NULL;
}
-static void
-aclDestroyAclList(acl_list * list)
+void
+aclDestroyAclList(acl_list ** head)
{
- acl_list *next = NULL;
- for (; list; list = next) {
- next = list->next;
- memFree(list, MEM_ACL_LIST);
+ acl_list *l;
+ for (l = *head; l; l = *head) {
+ *head = l->next;
+ memFree(l, MEM_ACL_LIST);
}
}
for (l = *list; l; l = next) {
debug(28, 3) ("aclDestroyAccessList: '%s'\n", l->cfgline);
next = l->next;
- aclDestroyAclList(l->acl_list);
- l->acl_list = NULL;
+ aclDestroyAclList(&l->acl_list);
safe_free(l->cfgline);
cbdataFree(l);
}
/* compare two network specs
*
- * NOTE: this is very similar to aclIpNetworkCompare and it's not yet
- * clear whether this OK. The problem could be with when a network
- * is a subset of the other networks:
- *
- * 128.1.2.0/255.255.255.128 == 128.1.2.0/255.255.255.0 ?
- *
- * Currently only the first address of the first network is used.
+ * * NOTE: this is very similar to aclIpNetworkCompare and it's not yet
+ * * clear whether this OK. The problem could be with when a network
+ * * is a subset of the other networks:
+ * *
+ * * 128.1.2.0/255.255.255.128 == 128.1.2.0/255.255.255.0 ?
+ * *
+ * * Currently only the first address of the first network is used.
*/
/* compare an address and a network spec */
/*
- * $Id: cache_cf.cc,v 1.390 2001/08/23 13:20:46 robertc Exp $
+ * $Id: cache_cf.cc,v 1.391 2001/10/10 15:17:39 adrian Exp $
*
* DEBUG: section 3 Configuration File Parsing
* AUTHOR: Harvest Derived
}
static void
-dump_acl_access(StoreEntry * entry, const char *name, acl_access * head)
+dump_acl_list(StoreEntry * entry, acl_list * head)
{
acl_list *l;
- while (head != NULL) {
+ for (l = head; l; l = l->next) {
+ storeAppendPrintf(entry, " %s%s",
+ l->op ? null_string : "!",
+ l->acl->name);
+ }
+}
+
+static void
+dump_acl_access(StoreEntry * entry, const char *name, acl_access * head)
+{
+ acl_access *l;
+ for (l = head; l; l = l->next) {
storeAppendPrintf(entry, "%s %s",
name,
- head->allow ? "Allow" : "Deny");
- for (l = head->acl_list; l != NULL; l = l->next) {
- storeAppendPrintf(entry, " %s%s",
- l->op ? null_string : "!",
- l->acl->name);
- }
+ l->allow ? "Allow" : "Deny");
+ dump_acl_list(entry, l->acl_list);
storeAppendPrintf(entry, "\n");
- head = head->next;
}
}
memset(addr, '\0', sizeof(struct in_addr));
}
+CBDATA_TYPE(acl_address);
+
+static void
+dump_acl_address(StoreEntry * entry, const char *name, acl_address * head)
+{
+ acl_address *l;
+ for (l = head; l; l = l->next) {
+ if (l->addr.s_addr != INADDR_ANY)
+ storeAppendPrintf(entry, "%s %s", name, inet_ntoa(l->addr));
+ else
+ storeAppendPrintf(entry, "%s autoselect", name);
+ dump_acl_list(entry, l->acl_list);
+ storeAppendPrintf(entry, "\n");
+ }
+}
+
+static void
+freed_acl_address(void *data)
+{
+ acl_address *l = data;
+ aclDestroyAclList(&l->acl_list);
+}
+
+static void
+parse_acl_address(acl_address ** head)
+{
+ acl_address *l;
+ acl_address **tail = head; /* sane name below */
+ CBDATA_INIT_TYPE_FREECB(acl_address, freed_acl_address);
+ l = cbdataAlloc(acl_address);
+ parse_address(&l->addr);
+ aclParseAclList(&l->acl_list);
+ while (*tail)
+ tail = &(*tail)->next;
+ *tail = l;
+}
+
+static void
+free_acl_address(acl_address ** head)
+{
+ while (*head) {
+ acl_address *l = *head;
+ *head = l->next;
+ cbdataFree(l);
+ }
+}
+
+CBDATA_TYPE(acl_tos);
+
+static void
+dump_acl_tos(StoreEntry * entry, const char *name, acl_tos * head)
+{
+ acl_tos *l;
+ for (l = head; l; l = l->next) {
+ if (l->tos > 0)
+ storeAppendPrintf(entry, "%s 0x%02X", name, l->tos);
+ else
+ storeAppendPrintf(entry, "%s none", name);
+ dump_acl_list(entry, l->acl_list);
+ storeAppendPrintf(entry, "\n");
+ }
+}
+
+static void
+freed_acl_tos(void *data)
+{
+ acl_tos *l = data;
+ aclDestroyAclList(&l->acl_list);
+}
+
+static void
+parse_acl_tos(acl_tos ** head)
+{
+ acl_tos *l;
+ acl_tos **tail = head; /* sane name below */
+ int tos;
+ char junk;
+ char *token = strtok(NULL, w_space);
+ if (!token)
+ self_destruct();
+ if (sscanf(token, "0x%x%c", &tos, &junk) != 1)
+ self_destruct();
+ if (tos < 0 || tos > 255)
+ self_destruct();
+ CBDATA_INIT_TYPE_FREECB(acl_tos, freed_acl_tos);
+ l = cbdataAlloc(acl_tos);
+ l->tos = tos;
+ aclParseAclList(&l->acl_list);
+ while (*tail)
+ tail = &(*tail)->next;
+ *tail = l;
+}
+
+static void
+free_acl_tos(acl_tos ** head)
+{
+ while (*head) {
+ acl_tos *l = *head;
+ *head = l->next;
+ l->next = NULL;
+ cbdataFree(l);
+ }
+}
+
#if DELAY_POOLS
/* do nothing - free_delay_pool_count is the magic free function.
#
-# $Id: cf.data.pre,v 1.231 2001/10/04 12:47:59 hno Exp $
+# $Id: cf.data.pre,v 1.232 2001/10/10 15:17:40 adrian Exp $
#
#
# SQUID Web Proxy Cache http://www.squid-cache.org/
The socket address where Squid will listen for HTTPS client
requests.
-
+
This is really only useful for situations where you are running
squid in accelerator mode and you want to do the SSL work at the
accelerator level.
DOC_END
-NAME: tcp_outgoing_address outbound_address
-TYPE: address
-LOC: Config.Addrs.tcp_outgoing
-DEFAULT: 255.255.255.255
-DOC_NONE
-
NAME: udp_incoming_address
TYPE: address
LOC:Config.Addrs.udp_incoming
Usage: tcp_incoming_address 10.20.30.40
udp_outgoing_address fully.qualified.domain.name
- tcp_outgoing_address is used for connections made to remote
- servers and other caches.
udp_incoming_address is used for the ICP socket receiving packets
from other caches.
udp_outgoing_address is used for ICP packets sent out to other
the configure script.
DOC_END
+NAME: tcp_outgoing_tos tcp_outgoing_ds tcp_outgoin_dscp
+TYPE: acl_tos
+DEFAULT: none
+LOC: Config.accessList.outgoing_tos
+DOC_START
+ Allows you to select a TOS/Diffserv value to mark outgoing
+ connections with, based on the username or source address
+ making the request.
+
+ tcp_outgoing_tos ds-field [!]aclname ...
+
+ Example where normal_service_net uses the TOS value 0x00
+ and normal_service_net uses 0x20
+
+ acl normal_service_net src 10.0.0.0/255.255.255.0
+ acl good_service_net src 10.0.1.0/255.255.255.0
+ tcp_outgoing_tos 0x00 normal_service_net 0x00
+ tcp_outgoing_tos 0x20 good_service_net
+
+ TOS/DSCP values really only have local significance - so you should
+ know what you're specifying. For more, see RFC 2474
+
+ The TOS/DSCP byte must be exactly that - a byte, value 0 - 255, or
+ "default" to use whatever default your host has.
+
+ Processing proceeds in the order specified, and stops at first fully
+ matching line.
+DOC_END
+
+NAME: tcp_outgoing_address
+TYPE: acl_address
+DEFAULT: none
+LOC: Config.accessList.outgoing_address
+DOC_START
+ Allows you to map requests to different outgoing IP addresses
+ based on the username or sourceaddress of the user making
+ the request.
+
+ tcp_outgoing_address ipaddr [[!]aclname] ...
+
+ Example where requests from 10.0.0.0/24 will be forwareded
+ with source address 10.1.0.1, 10.0.2.0/24 forwarded with
+ source address 10.1.0.2 and the rest will be forwarded with
+ source address 10.1.0.3.
+
+ acl normal_service_net src 10.0.0.0/255.255.255.0
+ acl good_service_net src 10.0.1.0/255.255.255.0
+ tcp_outgoing_address 10.0.0.1 normal_service_net
+ tcp_outgoing_address 10.0.0.2 good_service_net
+ tcp_outgoing_address 10.0.0.3
+
+ Processing proceeds in the order specified, and stops at first fully
+ matching line.
+DOC_END
NAME: reply_body_max_size
COMMENT: bytes allow|deny acl acl...
/*
- * $Id: comm.cc,v 1.320 2001/08/26 22:22:43 hno Exp $
+ * $Id: comm.cc,v 1.321 2001/10/10 15:17:40 adrian Exp $
*
* DEBUG: section 5 Socket Functions
* AUTHOR: Harvest Derived
}
/* Create a socket. Default is blocking, stream (TCP) socket. IO_TYPE
- * is OR of flags specified in comm.h. */
+ * is OR of flags specified in comm.h. Defaults TOS */
int
comm_open(int sock_type,
int proto,
u_short port,
int flags,
const char *note)
+{
+ return comm_openex(sock_type, proto, addr, port, flags, 0, note);
+}
+
+
+/* Create a socket. Default is blocking, stream (TCP) socket. IO_TYPE
+ * is OR of flags specified in defines.h:COMM_* */
+int
+comm_openex(int sock_type,
+ int proto,
+ struct in_addr addr,
+ u_short port,
+ int flags,
+ unsigned char TOS,
+ const char *note)
{
int new_socket;
+ int tos;
fde *F = NULL;
/* Create socket for accepting new connections. */
}
return -1;
}
+ /* set TOS if needed */
+ if (TOS) {
+#ifdef IP_TOS
+ tos = TOS;
+ if (setsockopt(new_socket, IPPROTO_IP, IP_TOS, (char *) &tos, sizeof(int)) < 0)
+ debug(50, 1) ("comm_open: setsockopt(IP_TOS) on FD %d: %s\n",
+ new_socket, xstrerror());
+#else
+ debug(50, 0) ("comm_open: setsockopt(IP_TOS) not supported on this platform\n");
+#endif
+ }
/* update fdstat */
debug(5, 5) ("comm_open: FD %d is a new socket\n", new_socket);
fd_open(new_socket, FD_SOCKET, note);
F = &fd_table[new_socket];
+ F->local_addr = addr;
+ F->tos = tos;
if (!(flags & COMM_NOCLOEXEC))
commSetCloseOnExec(new_socket);
if ((flags & COMM_REUSEADDR))
commResetFD(ConnectStateData * cs)
{
int fd2;
+ fde *F;
if (!cbdataValid(cs->data))
return 0;
statCounter.syscalls.sock.sockets++;
debug(5, 0) ("commResetFD: dup2: %s\n", xstrerror());
if (ENFILE == errno || EMFILE == errno)
fdAdjustReserved();
+ close(fd2);
return 0;
}
close(fd2);
+ F = &fd_table[cs->fd];
fd_table[cs->fd].flags.called_connect = 0;
/*
* yuck, this has assumptions about comm_open() arguments for
* the original socket
*/
- commSetCloseOnExec(cs->fd);
- if (Config.Addrs.tcp_outgoing.s_addr != no_addr.s_addr) {
- if (commBind(cs->fd, Config.Addrs.tcp_outgoing, 0) != COMM_OK) {
- return 0;
- }
+ if (commBind(cs->fd, F->local_addr, F->local_port) != COMM_OK) {
+ debug(5, 0) ("commResetFD: bind: %s\n", xstrerror());
+ return 0;
}
- commSetNonBlocking(cs->fd);
+#ifdef IP_TOS
+ if (F->tos) {
+ int tos = F->tos;
+ if (setsockopt(cs->fd, IPPROTO_IP, IP_TOS, (char *) &tos, sizeof(int)) < 0)
+ debug(50, 1) ("commResetFD: setsockopt(IP_TOS) on FD %d: %s\n", cs->fd, xstrerror());
+ }
+#endif
+ if (F->flags.close_on_exec)
+ commSetCloseOnExec(cs->fd);
+ if (F->flags.nonblocking)
+ commSetNonBlocking(cs->fd);
#ifdef TCP_NODELAY
- commSetTcpNoDelay(cs->fd);
+ if (F->flags.nodelay)
+ commSetTcpNoDelay(cs->fd);
#endif
if (Config.tcpRcvBufsz > 0)
commSetTcpRcvbuf(cs->fd, Config.tcpRcvBufsz);
}
if (fcntl(fd, F_SETFD, flags | FD_CLOEXEC) < 0)
debug(50, 0) ("FD %d: set close-on-exec failed: %s\n", fd, xstrerror());
+ fd_table[fd].flags.close_on_exec = 1;
#endif
}
int on = 1;
if (setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, (char *) &on, sizeof(on)) < 0)
debug(50, 1) ("commSetTcpNoDelay: FD %d: %s\n", fd, xstrerror());
+ fd_table[fd].flags.nodelay = 1;
}
#endif
/*
- * $Id: forward.cc,v 1.81 2001/03/03 10:39:31 hno Exp $
+ * $Id: forward.cc,v 1.82 2001/10/10 15:17:41 adrian Exp $
*
* DEBUG: section 17 Request Forwarding
* AUTHOR: Duane Wessels
comm_close(fd);
}
+static struct in_addr
+aclMapAddr(acl_address * head, aclCheck_t * ch)
+{
+ acl_address *l;
+ struct in_addr addr;
+ for (l = head; l; l = l->next) {
+ if (aclMatchAclList(l->acl_list, ch))
+ return l->addr;
+ }
+ addr.s_addr = INADDR_ANY;
+ return addr;
+}
+
+static int
+aclMapTOS(acl_tos * head, aclCheck_t * ch)
+{
+ acl_tos *l;
+ for (l = head; l; l = l->next) {
+ if (aclMatchAclList(l->acl_list, ch))
+ return l->tos;
+ }
+ return 0;
+}
+
+struct in_addr
+getOutgoingAddr(request_t * request)
+{
+ aclCheck_t ch;
+ memset(&ch, '\0', sizeof(aclCheck_t));
+ if (request) {
+ ch.src_addr = request->client_addr;
+ ch.my_addr = request->my_addr;
+ ch.my_port = request->my_port;
+ ch.request = request;
+ }
+ return aclMapAddr(Config.accessList.outgoing_address, &ch);
+}
+
+unsigned long
+getOutgoingTOS(request_t * request)
+{
+ aclCheck_t ch;
+ memset(&ch, '\0', sizeof(aclCheck_t));
+ if (request) {
+ ch.src_addr = request->client_addr;
+ ch.my_addr = request->my_addr;
+ ch.my_port = request->my_port;
+ ch.request = request;
+ }
+ return aclMapTOS(Config.accessList.outgoing_tos, &ch);
+}
+
static void
fwdConnectStart(void *data)
{
const char *host;
unsigned short port;
time_t ctimeout;
+ struct in_addr outgoing;
+ unsigned short tos;
assert(fs);
assert(fwdState->server_fd == -1);
debug(17, 3) ("fwdConnectStart: %s\n", url);
#if URL_CHECKSUM_DEBUG
assert(fwdState->entry->mem_obj->chksum == url_checksum(url));
#endif
- fd = comm_open(SOCK_STREAM,
+ outgoing = getOutgoingAddr(fwdState->request);
+ tos = getOutgoingTOS(fwdState->request);
+
+ debug(17, 3) ("fwdConnectStart: got addr %s, tos %d\n",
+ inet_ntoa(outgoing), tos);
+ fd = comm_openex(SOCK_STREAM,
0,
- Config.Addrs.tcp_outgoing,
+ outgoing,
0,
COMM_NONBLOCKING,
+ tos,
url);
if (fd < 0) {
debug(50, 4) ("fwdConnectStart: %s\n", xstrerror());
/*
- * $Id: ftp.cc,v 1.311 2001/09/18 13:55:00 hno Exp $
+ * $Id: ftp.cc,v 1.312 2001/10/10 15:17:41 adrian Exp $
*
* DEBUG: section 9 File Transfer Protocol (FTP)
* AUTHOR: Harvest Derived
if (getsockname(ftpState->ctrl.fd, (struct sockaddr *) &addr, &addr_len)) {
debug(9, 0) ("ftpSendPasv: getsockname(%d,..): %s\n",
ftpState->ctrl.fd, xstrerror());
- addr.sin_addr = Config.Addrs.tcp_outgoing;
+ ftpFail(ftpState);
+ return;
}
/* Open data channel with the same local address as control channel */
fd = comm_open(SOCK_STREAM,
/*
- * $Id: neighbors.cc,v 1.297 2001/06/26 21:02:05 wessels Exp $
+ * $Id: neighbors.cc,v 1.298 2001/10/10 15:17:41 adrian Exp $
*
* DEBUG: section 15 Neighbor Routines
* AUTHOR: Harvest Derived
/* ignoreMulticastReply
*
- * We want to ignore replies from multicast peers if the
- * cache_host_domain rules would normally prevent the peer
- * from being used
+ * * We want to ignore replies from multicast peers if the
+ * * cache_host_domain rules would normally prevent the peer
+ * * from being used
*/
static int
ignoreMulticastReply(peer * p, MemObject * mem)
return; /* probe already running */
if (squid_curtime - p->stats.last_connect_probe < Config.Timeout.connect)
return; /* don't probe to often */
- fd = comm_open(SOCK_STREAM, 0, Config.Addrs.tcp_outgoing,
+ fd = comm_open(SOCK_STREAM, 0, getOutgoingAddr(NULL),
0, COMM_NONBLOCKING, p->host);
if (fd < 0)
return;
/*
- * $Id: protos.h,v 1.413 2001/10/08 16:18:32 hno Exp $
+ * $Id: protos.h,v 1.414 2001/10/10 15:17:41 adrian Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
extern int aclMatchAclList(const acl_list * list, aclCheck_t * checklist);
extern void aclDestroyAccessList(struct _acl_access **list);
extern void aclDestroyAcls(acl **);
+extern void aclDestroyAclList(acl_list **);
extern void aclParseAccessLine(struct _acl_access **);
+extern void aclParseAclList(acl_list **);
extern void aclParseAclLine(acl **);
extern int aclIsProxyAuth(const char *name);
extern err_type aclGetDenyInfoPage(acl_deny_info_list ** head, const char *name);
extern void comm_init(void);
extern int comm_listen(int sock);
extern int comm_open(int, int, struct in_addr, u_short port, int, const char *note);
+extern int comm_openex(int, int, struct in_addr, u_short, int, unsigned char TOS, const char *);
extern u_short comm_local_port(int fd);
extern void commSetSelect(int, unsigned int, PF *, void *, time_t);
extern void fwdLogRotate(void);
extern void fwdStatus(FwdState *, http_status);
#endif
+struct in_addr getOutgoingAddr(request_t * request);
+unsigned long getOutgoingTOS(request_t * request);
extern void urnStart(request_t *, StoreEntry *);
/*
- * $Id: ssl.cc,v 1.114 2001/07/17 10:33:28 hno Exp $
+ * $Id: ssl.cc,v 1.115 2001/10/10 15:17:42 adrian Exp $
*
* DEBUG: section 26 Secure Sockets Layer Proxy
* AUTHOR: Duane Wessels
statCounter.server.all.requests++;
statCounter.server.other.requests++;
/* Create socket. */
- sock = comm_open(SOCK_STREAM,
+ sock = comm_openex(SOCK_STREAM,
0,
- Config.Addrs.tcp_outgoing,
+ getOutgoingAddr(request),
0,
COMM_NONBLOCKING,
+ getOutgoingTOS(request),
url);
if (sock == COMM_ERROR) {
debug(26, 4) ("sslStart: Failed because we're out of sockets.\n");
/*
- * $Id: structs.h,v 1.402 2001/10/08 16:18:33 hno Exp $
+ * $Id: structs.h,v 1.403 2001/10/10 15:17:42 adrian Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
acl_access *next;
};
+struct _acl_address {
+ acl_address *next;
+ acl_list *acl_list;
+ struct in_addr addr;
+};
+
+struct _acl_tos {
+ acl_tos *next;
+ acl_list *acl_list;
+ int tos;
+};
+
struct _aclCheck_t {
const acl_access *access_list;
struct in_addr src_addr;
u_short port;
} Announce;
struct {
- struct in_addr tcp_outgoing;
struct in_addr udp_incoming;
struct in_addr udp_outgoing;
#if SQUID_SNMP
#endif
acl_access *redirector;
acl_access *reply;
+ acl_address *outgoing_address;
+ acl_tos *outgoing_tos;
} accessList;
acl_deny_info_list *denyInfoList;
struct _authConfig {
unsigned int type;
u_short local_port;
u_short remote_port;
+ struct in_addr local_addr;
+ unsigned char tos;
char ipaddr[16]; /* dotted decimal address of peer */
char desc[FD_DESC_SZ];
struct {
unsigned int nonblocking:1;
unsigned int ipc:1;
unsigned int called_connect:1;
+ unsigned int nodelay:1;
+ unsigned int close_on_exec:1;
} flags;
int bytes_read;
int bytes_written;
/*
- * $Id: tunnel.cc,v 1.114 2001/07/17 10:33:28 hno Exp $
+ * $Id: tunnel.cc,v 1.115 2001/10/10 15:17:42 adrian Exp $
*
* DEBUG: section 26 Secure Sockets Layer Proxy
* AUTHOR: Duane Wessels
statCounter.server.all.requests++;
statCounter.server.other.requests++;
/* Create socket. */
- sock = comm_open(SOCK_STREAM,
+ sock = comm_openex(SOCK_STREAM,
0,
- Config.Addrs.tcp_outgoing,
+ getOutgoingAddr(request),
0,
COMM_NONBLOCKING,
+ getOutgoingTOS(request),
url);
if (sock == COMM_ERROR) {
debug(26, 4) ("sslStart: Failed because we're out of sockets.\n");
/*
- * $Id: typedefs.h,v 1.131 2001/10/08 16:18:33 hno Exp $
+ * $Id: typedefs.h,v 1.132 2001/10/10 15:17:42 adrian Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
typedef struct _acl_snmp_comm acl_snmp_comm;
typedef struct _acl_list acl_list;
typedef struct _acl_access acl_access;
+typedef struct _acl_address acl_address;
+typedef struct _acl_tos acl_tos;
typedef struct _aclCheck_t aclCheck_t;
typedef struct _wordlist wordlist;
typedef struct _intlist intlist;
projects / thirdparty / squid.git / commitdiff
