Alex Rousskov [Thu, 7 Aug 2014 22:33:48 +0000 (16:33 -0600)]
Fixed HttpHdr::Private/NoCache(v) implementations and optimized their API.
These calls now avoid assertions and extra trailing commas when called with
empty names. The API now allows calling with a String() object, but still
needs more polishing work.
Moved common code from Ftp::Server::setReply and Ftp::Relay::createHttpReply()
into Ftp::HttpReplyWrapper().
Also removed the last non-job callbak from Ftp::Client, polished and synced
new FTP comments with the modern client/server/gateway/relay terminology, as
well as minimized changes compared to trunk.
Alex Rousskov [Thu, 7 Aug 2014 17:26:03 +0000 (11:26 -0600)]
Tokenizer fixes and API improvements.
Taught Tokenizer to keep track of the number of parsed bytes. Many callers
need to know that because they need to adjust/consume I/O offsets/buffers.
Adjusted unused Parser::Tokenizer::token() to not treat NUL delimiter
specially. Besides the fact that not all grammars can treat NUL that way, the
special NUL treatment resulted in some token() calls returning true for empty
tokens, which was confusing parsers. Callers that do not require trailing
delimiters, should use prefix() instead. This change is based on experience
writing Tokenizer-based FTP parser, although the final parser code uses
prefix() instead of token(), for unrelated reasons.
Split Parser::Tokenizer::skip(set) into skipOne() and skipAll(). All other
skip() methods skip exactly one thing (either a given character or a given
token) but the old skip(set) method was skipping multiple things. That
confused callers. We now force the caller to make a choice.
Fixed Parser::Tokenizer::skip(char) to avoid out of bound access.
Alex Rousskov [Thu, 7 Aug 2014 17:20:27 +0000 (11:20 -0600)]
Added CharacterSet::complement() to create "all except those in that set" sets
handy for parsing (e.g., "get all characters until the end of line").
Added CharacterSet::rename() to label sets. Handy in const declarations that
use expressions. For example: const CharacterSet AB = (A+B).renamed("AB").
Alex Rousskov [Thu, 7 Aug 2014 17:13:26 +0000 (11:13 -0600)]
Do not allow SBuf::toLower/toUpper() return a value.
Some callers think toLower() method changes the string and some think it
returns a changed value without changing the string. Without unportable hacks
like __attribute__((warn_unused_result)), some of the callers will guess wrong
and not know about it. It is easier/safer to change the object itself and
return nothing.
Provided ToUpper/ToLower() functions (not methods!) that preserve their
paramter and return a new object for callers that need the old functionality.
These functions are a good candidate for __attribute__ hacks.
Alex Rousskov [Tue, 5 Aug 2014 22:44:23 +0000 (16:44 -0600)]
Polished for the official review, addressing several TODOs.
Use 1.1 version for FTP ports because FTP commands are sent on a
"persistent by default" connection, just like HTTP/1.1.
Cleaned up Ftp::CtrlChannel, Ftp::DataChannel, and Ftp::Client object
construction and destruction.
Do not insist on USER command when intercepting FTP. Interception support
may still not work for other reasons, but USER does not seem to be required
since Squid gets request destination from the intercepted connection info.
Alex Rousskov [Tue, 5 Aug 2014 00:17:16 +0000 (18:17 -0600)]
Done moving FTP code around. Polished moved code to match new locations.
src/clients/FtpNative is now src/clients/FtpRelay. It was awkward to use a
non-noun "Native" as a class name, and the class was already described as
"relaying FTP".
Alex Rousskov [Mon, 4 Aug 2014 21:44:31 +0000 (15:44 -0600)]
Major source layout change: Moved FTP code into servers/, clients/, and ftp/.
src/servers/FtpServer.* # new FTP server, relaying FTP
src/servers/HttpServer.* # old ConnStateData parts conflicting w/ FtpServer
src/clients/FtpClient.* # code shared by old and new FTP clients
src/clients/FtpGateway.* # old FTP client, translating back to HTTP
src/clients/FtpNative.* # new FTP client, relaying FTP
src/ftp/* # FTP stuff shared by clients and servers
This change attempts to preserve code in moved files to the extent possible:
Only copied or added code was polished. Future changes will polish moved code.
Unfortunately, bzr does not track code changes across file splits, so the code
moved from ConnStateData (client_side.cc) into HttpServer and FtpServer
classes appears as removed and added in bzr diff. If you want to see the
branch log for the FtpServer or HttpServer code added in this revision, look
in the previous branch revision of client_side.cc.
Fix for the patch r13505, "Fix tcp outgoing tos bugs":
The Connection::fd member of a non openned connection used inside
Comm::ConnOpener::createFd member, causing crashes to squid
The tcp_outgoing_tos is buggy in trunk:
- The ToS is never set for packets of the first request of a TCP connection.
- The ToS is never set for HTTPS traffic no matter whether requests are bumped
or not.
- The ToS value is not set for ftp data connections
This patch solve the above problems:
- It moves the codes which sets the TOS value for a new connection from the
the comm_openex to a higher-level code, where the connection protocol
(IPv4 or IPv6) is known.
- Add code to set TOS value for ftp data connections.
- Add a check on parsing code to warn users if the configured ToS value has the
ECN bits set, and adjust the value to a correct one.
Notes
Currently squid support only passive ftp data connections. If squid in the
future supports active ftp connections, then some work required to TcpAcceptor
class to allow setting ToS values for connections established on squid listening
sockets.
This allows long-lived connections to retain access to their original
receiving port configuration even after squid has been reconfigured.
Reference counting prevents some leaking of these port configuration
details and associated state by removing locking uncertainties.
Also, fixes all parsing errors resulting from the change. Most of
the issues were due to use of raw-pointers and explicit
cbdataReference*() API.
Support client connection annotation by helpers via clt_conn_tag=TAG.
TCP client connections tagging is useful for faking various forms of
connection-based "authentication" when standard HTTP authentication cannot be
used. A URL rewriter or, external ACL helper may mark the "authenticated"
client connection to avoid going through "authentication" steps during
subsequent requests on the same connection and to share connection
"authentication" information with Squid ACLs, other helpers, and logs.
After this change, Squid accepts optional clt_conn_tag=TAG pair from a
helper and associates the received TAG with the client TCP connection.
Squid treats the received clt_conn_tag=TAG pair as a regular annotation, but
also keeps it across all requests on the same client connection. A helper may
update the client connection TAG value during subsequent requests.
Also after this patch the notes comming from helpers replaces any existing
note values.
FwdState::negotiateSSL() operates on a TCP connection without a timeout. If,
for example, the server never responds to Squid SSL Hello, the connection get
stuck forever. This happens in real world when, for example, a client is trying
to establish an SSL connection through bumping Squid to an HTTP server that
does not speak SSL and does not detect initial request garbage (from HTTP point
of view)
This patch adds support for timeout to SSL negotiation procedure and sets this
timeout so that it does not exceed peer_connect or forward_timeout.
author: Joe Crayne <oh.hellojoe@gmail.com>
Bug 3966:Add KeyEncipherment when ssl-bump substitues RSA for EC.
Libnss3, which is used by Firefox to verify the certificate chain, has
different requirements for RSA keys than it does for EC keys. In particular,
RSA keys with the keyUsage extension, must set the KeyEncipherment flag.
I've attached a patch that will enable KeyEncipherment whenever ssl-bump
attempts to substitute an RSA key for an EC key that had a keyUsage extension.
This fix was brought to you by the Samizdat project.
http://samizdat.childrenofmay.org
Alex Rousskov [Wed, 25 Jun 2014 00:09:35 +0000 (18:09 -0600)]
Support more collapsed forwarding hit cases:
Allow STORE_MEMORY_CLIENTs to open disk files if needed and possible.
STORE_*_CLIENT designation is rather buggy (several known XXXs). Some
collapsed clients are marked as STORE_MEMORY_CLIENTs (for the lack of info at
determination time) but their hit content may actually come from a disk cache.
Do not abandon writing a collapsed cache entry when we cannot cache the entry
in RAM if the entry can be cached on disk instead. Both shared memory cache
and the disk cache have to refuse to cache the entry for it to become
non-collapsible. This dual refusal is difficult to detect because each cache
may make the caching decision at different times. Added StoreEntry methods to
track those decisions and react to them.
Recognize disk cache as a potential source of the collapsed entry when the
memory cache is configured. While collapsed entries would normally be found in
the shared memory cache, caching policies and other factors may prohibit
memory caching but still allow disk caching. Memory cache is still preferred.
Alex Rousskov [Wed, 25 Jun 2014 00:07:41 +0000 (18:07 -0600)]
Do not use unknown entry size in StoreEntry::checkTooSmall() determination.
The size of collapsed entries is often unknown, even when they are STORE_OK
(because swap_hdr_sz is unknown when the other worker has created the cache
entry). The same code has been using this ignore-unknowns logic for the
Content-Length header value, so the rejection of unknown entry size (added as
a part of C++ conversion without a dedicated message in r5766) could have been
a typo.
Alex Rousskov [Tue, 24 Jun 2014 23:48:37 +0000 (17:48 -0600)]
Rock and shared memory caches fixes/improvements.
* Bug fixes:
Avoid "FATAL: Squid has attempted to read data from memory that is not
present" crashes. Improve related code.
Lifted 16777216 slot limit from rock cache_dirs and shared memory caches.
Caches larger than 256GB (assuming default 16KB cache_dir slot-size) require
this fix to use disk space beyond 256GB. Also fixed rock disk space waste
warning.
Restored Squid ability to cache (in memory) when no disk caches are configured
which was lost during r12662 "Bug 3686: cache_dir max-size default fails" but
other bugs hid this problem.
Allow HITs on entries backed by a shared memory cache only.
Make sure Squid dumps core and not just promises one when memory management
goes wrong.
* Significant RAM usage reduction:
Significantly reduced Large Rock (and slightly shared memory) RAM requirements
by not allocating 40 (and 12) bytes of unused RAM per cache slot.
Stop wasting 96 RAM bytes per slot for high-offset slots in large shared
caches with more than 16777216 slots. For example, a StoreMap for a 1TB shared
cache with default 16KB slot sizes (67108864 slots) occupied about 6.5GB of
RAM. After this change, the same information is stored in about 2.0GB because
unused anchors are not stored.
* Other improvements:
Document counter-intuitive round-robin cache_dir selection; decrease its bias.
Report IpcIo file name with errors and warnings to inform admin which
cache_dir needs troubleshooting or tuning.
Alex Rousskov [Tue, 24 Jun 2014 22:21:48 +0000 (16:21 -0600)]
Prep for merge from trunk: undo branch r13313, r13312, and r13311 that were
temporary undoing trunk r13266, r13269, and r13270 (std::vector migration).
Non https connectiona on SSL-bump enabled port may stuck
This is can be seen on skype when try to connect to server using an
SSL-bump enabled squid port. Squid try to bump the connection, waiting for ever
the ssl protocol header, and skype client waits for ever an answer from the
server.
This patch sets the timeout to Config.Timeout.request (request_timeout)
Alex Rousskov [Mon, 16 Jun 2014 22:50:08 +0000 (16:50 -0600)]
Do not leak implicit ACLs during reconfigure.
Many ACLs implicitly created by Squid when grouping multiple ACLs were not
destroyed because those implicit ACLs where not covered by the global ACL
registry used for ACL destruction.
See also: r13210 which did not go far enough because it incorrectly assumed
that all InnerNode() children are aclRegister()ed and, hence, will be
centrally freed.
Also, do not use cbdataFree() on non-POD Acl::Tree objects that have
destructors.
Alex Rousskov [Mon, 16 Jun 2014 22:45:23 +0000 (16:45 -0600)]
Fix build on some 32bit systems with strtoll()
broken by r13429 that duplicated unportable portability code.
GCC exits with errors: integer constant is too large for 'long' type
nnnL constants are "long" and cannot hold 64bit integers on 32bit platforms.
Use LL suffix for 64bit constants for now. It remains to be seen how portable
that LL C++ extension is: https://gcc.gnu.org/onlinedocs/gcc/Long-Long.html
Also fixed INT64_MIN #define (missing parenthesis).
Amos Jeffries [Sat, 14 Jun 2014 01:45:50 +0000 (18:45 -0700)]
POrtability: use 64-bit for X-Cache-Age header
While the value is expected to be well within 32-bit range some OS
(OpenBSD 5.5 at least) use 64-bit time_t. Use the larger type size for
calculations which also removes 32-bit wrap errors, and cast for older
systems.
Amos Jeffries [Mon, 9 Jun 2014 15:04:29 +0000 (08:04 -0700)]
Windows: fix various libip build issues
* Missing include ws2tcpip.h for IPv6 definitions
* Alternative IN6_ARE_ADDR_EQUAL definition required
* 'byte' is a reserved / system defined type on Windows,
resolve variable shadowing by renaming to ipbyte.
Amos Jeffries [Mon, 9 Jun 2014 13:18:48 +0000 (06:18 -0700)]
Revert rename of Comm::Flag ERROR
On MinGW at least ERROR is a #define'd macro resulting in build failure.
Revert to the old name COMM_ERROR until we can find a better one that
does not duplicate 'comm'.
Amos Jeffries [Fri, 6 Jun 2014 09:38:02 +0000 (02:38 -0700)]
Fix regression in client read buffer
SBuf acts like a floating 'window' of space in a MemBlob which acts a
essentially like a ring-buffer. However on requests with body payload
being drop-fed in very small amounts it is possible to exactly fill the
MemBlob and also to shuffle the SBuf window right to the end.
It is also possible if an earlier request (or the headers associated with
the drip-fed body is holding the beginning of the underlying MemBlob.
These events cause haveCapadity==0 so haveCapacity*2 == 0.
If this happens we need to allocate a new MemBlob to get any space for
future I/O. The old MemBlob will be released by whatever other SBuf was
holding it locked.
Amos Jeffries [Thu, 5 Jun 2014 15:57:23 +0000 (08:57 -0700)]
Fix error in rev.13417 "ssl_bump none" mode crashes squid
The fake CONNECT request generated to relay non-bumped traffic needs to
be pre-pended to any existing data in the ConnStateData::In buffer.
Otherwise our new bytes will corrupt any traffic bytes already in there
and our intended CONNECT request will never be recognised as we re-parse
the buffer.
Amos Jeffries [Thu, 5 Jun 2014 14:57:58 +0000 (07:57 -0700)]
SourceLayout: rename comm_err_t to Comm::Flag
Integration testing of rev.13443 revealed that there were two copies of
comm_err_t.h in the source code.
* Remove the unnecessary duplicate file.
* Shuffle the enum into Comm:: scope as 'Flag'.
* Reduce the enum value labels to drop the redundant prefix.
* Rename COMM_EOF to Comm::ENDFILE to avoid colliston with #define EOF
in system headers.
Amos Jeffries [Thu, 5 Jun 2014 08:28:20 +0000 (01:28 -0700)]
Update the Comm:: API for read(2)
... using an algorithm suggested by Alex Rousskov.
The code for Comm:: read operations is shuffled into comm/libcomm.la and
the files comm/Read.{h,cc} in symmetry with the current Comm::Write API.
The new API consists of:
* Comm::Read() which accepts the Comm::Connection pointer for the
socket to read on and an AsyncCall callback to be run when read is
ready. The Job is responsible for separately initiating read(2) or
alternative action when that callback is run.
* Comm::ReadNow() which accepts an SBuf buffer and a CommIoCbParams
initialized to contain the Comm::Connection pointer for the socket to
read on. TheCommIoCbParams will be filled out with result flag, xerrno,
and size.
This synchronously performs read(2) operations to append bytes to the
provided buffer. It returns a comm_err_t flag for use in determining how
to handle the results and signalling one of OK, INPROGRESS, ERROR, EOF
as having happened.
comm_read() API is retained for backward compatibility during the
transitional period. However it is now deprecated and scheduled for
removal ASAP. The SBuf overloaded variant is now removed.
* Comm::ReadCancel() - a renaming of the comm_read_cancel() AsyncCall
API. Other cancel API(s) are now deprecated and will be removed ASAP.
Code using comm_read_cancel() with AsyncCall may immediately switch to
this new API with no logic changes necessary even if they are not using
other new Comm API calls.
* Comm::MonitorsRead() - a renaming of comm_monitors_read() AsyncCall
API. comm_monitors_read() is now removed.
Other changes:
- the unused comm_has_pending_read_callback() API is erased.
- the IoCallback::buf2 mechanism previously used for SBuf read I/O is
erased.
- ConnStateData is converted to this new API for filling its SBuf I/O
buffer and for monitoring pinned connection closures.
- fde::readPending() converted to new Comm::MonitorsRead() API.
- Comm half-closed monitoring feature is also converted to this new API.
NP: one bug in ConnStateData handling of intercepted HTTPS traffic is
noted but not fixed in this patch.
Amos Jeffries [Wed, 4 Jun 2014 15:30:16 +0000 (08:30 -0700)]
Cross-compile: Add BUILDCXX and BUILDCXXFLAGS configure options
We have provided HOSTCXX for some time. However in the official cross
compilation terminology HOST is the output architecture. Renames to
BUILD to align with the official terminology of which machine the tools
it builds are run on.
Also, add a flags variable and document these as important variables in
./configure --help output
Fix assertion on bodyPipe != NULL inside ConnStateData::handleFtpRequestData()
ftp-native branch hits this assertion when ICAP server respond with error on
a ftp request.
This patch closes the data connection on these cases and also add a check in
ConnStateData::clientReadFtpData to avoid calling handleFtpRequestData when
the bodyPipe is gone for a reason.
Alex Rousskov [Mon, 2 Jun 2014 05:26:17 +0000 (22:26 -0700)]
Do not leak ex_data for SSL state that survived reconfigure.
SSL_get_ex_new_index() allocates a new index on every call, even if its
parameters remain unchanged. It should be called once per process
lifetime.
Besides leaking, this 12 year-old(!) bug could probably make some SSL
code misbehave during reconfigure because reconfigure would change the
supposedly constant ex_data indexes.
Alex Rousskov [Mon, 2 Jun 2014 05:16:35 +0000 (22:16 -0700)]
Do not register the same Cache Manager action more than once
... to avoid wrong mgr:menu output and the impression of a reconfigure
memory leak.
The old code was comparing action object pointers, which could not work,
and was adding the same action on every reconfigure call for modules that
register with Cache Manager during [re]configuration.
We already have a working method for finding registered actions. Use it.
projects / thirdparty / squid.git / log
