From: Amos Jeffries Date: Thu, 27 May 2010 01:31:14 +0000 (+1200) Subject: Merge from trunk X-Git-Tag: take08~55^2~124^2~139 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=45906573f58ad08be9fff64a4128d8c30c931cd8;p=thirdparty%2Fsquid.git Merge from trunk --- 45906573f58ad08be9fff64a4128d8c30c931cd8 diff --cc src/comm/Connection.h index df1717c09a,0000000000..0d2a0d8ba0 mode 100644,000000..100644 --- a/src/comm/Connection.h +++ b/src/comm/Connection.h @@@ -1,125 -1,0 +1,125 @@@ +/* - * DEBUG: section 5 Socket Functions ++ * DEBUG: section 05 Socket Functions + * AUTHOR: Amos Jeffries + * AUTHOR: Robert Collins + * + * SQUID Web Proxy Cache http://www.squid-cache.org/ + * ---------------------------------------------------------- + * + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. + * + * + * Copyright (c) 2003, Robert Collins + * Copyright (c) 2010, Amos Jeffries + */ + +#ifndef _SQUIDCONNECTIONDETAIL_H_ +#define _SQUIDCONNECTIONDETAIL_H_ + +#include "hier_code.h" +#include "ip/Address.h" +#include "RefCount.h" + +struct peer; + +namespace Comm { + +/** COMM flags */ +/* TODO: make these a struct of boolean flags in connection instead of a bitmap. */ +#define COMM_UNSET 0x00 +#define COMM_NONBLOCKING 0x01 +#define COMM_NOCLOEXEC 0x02 +#define COMM_REUSEADDR 0x04 +#define COMM_TRANSPARENT 0x08 +#define COMM_DOBIND 0x10 + +/** + * Store data about the physical and logical attributes of a connection. + * + * Some link state can be infered from the data, however this is not an + * object for state data. But a semantic equivalent for FD with easily + * accessible cached properties not requiring repeated complex lookups. + * + * While the properties may be changed, they should be considered read-only + * outside of the Comm layer code. + * + * These objects must not be passed around directly, + * but a Comm::Connection::Pointer must be passed instead. + */ +class Connection : public RefCountable +{ +public: + typedef RefCount Pointer; + + /** standard empty connection creation */ + Connection(); + + /** Clear the conection properties and close any open socket. */ + ~Connection(); + + /** Clone an existing connections properties. + * This includes the FD, if one is open its a good idea to set it to -1 (unopen) + * on one after copying to prevent both clones calling comm_close() when destructed. + */ + Connection(const Connection &c); + /** see Comm::Connection::Connection */ + const Connection & operator =(const Connection &c); + + /** Address/Port for the Squid end of a TCP link. */ + Ip::Address local; + + /** Address for the Remote end of a TCP link. */ + Ip::Address remote; + + /** Hierarchy code for this connection link */ + hier_code peer_type; + + /** Socket used by this connection. -1 if no socket has been opened. */ + int fd; + + /** Quality of Service TOS values currently sent on this connection */ + int tos; + + /** COMM flags set on this connection */ + int flags; + + /** retrieve the peer pointer for use. + * The caller is responsible for all CBDATA operations regarding the + * used of the pointer returned. + */ + peer * const getPeer() const { return _peer; } + + /** alter the stored peer pointer. + * Perform appropriate CBDATA operations for locking the peer pointer + */ + void setPeer(peer * p); + +private: + /** cache_peer data object (if any) */ + peer *_peer; +}; + +}; // namespace Comm + +#endif diff --cc src/forward.cc index 6acc1caec0,8aff1aaa91..554da055c5 --- a/src/forward.cc +++ b/src/forward.cc @@@ -1187,20 -1334,17 +1187,25 @@@ aclMapTOS(acl_tos * head, ACLChecklist return 0; } -Ip::Address -getOutgoingAddr(HttpRequest * request, struct peer *dst_peer) +void +getOutgoingAddress(HttpRequest * request, Comm::Connection::Pointer conn) { + /* skip if an outgoing address is already set. */ + if (!conn->local.IsAnyAddr()) return; + + // maybe use TPROXY client address if (request && request->flags.spoof_client_ip) { - if (!dst_peer || !dst_peer->options.no_tproxy) { + if (!conn->getPeer() || !conn->getPeer()->options.no_tproxy) { - conn->local = request->client_addr; + #if FOLLOW_X_FORWARDED_FOR && LINUX_NETFILTER + if (Config.onoff.tproxy_uses_indirect_client) - return request->indirect_client_addr; ++ conn->local = request->indirect_client_addr; + else + #endif - return request->client_addr; ++ conn->local = request->client_addr; + // some flags need setting on the socket to use this address + conn->flags |= COMM_DOBIND; + conn->flags |= COMM_TRANSPARENT; + return; } // else no tproxy today ... }