wessels [Wed, 14 Dec 2005 00:32:34 +0000 (00:32 +0000)]
Support for Method header in ICAP OPTIONS respose.
Currently the 'icap_service' directive in squid.conf specifies both the
URI and method. The ICAP server also returns the method in the OPTIONS
response. This could create a conflict if the user specifies the wrong
method for a service.
For now we trust the squid.conf value and issue a warning if the OPTIONS
response reports a different method.
wessels [Tue, 13 Dec 2005 07:01:02 +0000 (07:01 +0000)]
I get compile errors on many tests because Squid defines its own assert()
macro. I find that it works better (ie compiles on FreeBSD) when
squid.h is the first include. Then the compiler won't define its own
assert macro if Squid gets there first.
wessels [Fri, 9 Dec 2005 08:02:24 +0000 (08:02 +0000)]
Compile-time bug introduced in recent changes related to
ACLCheckList::fastCheck(). The declaration for checklist was moved
to an inner block, but it was still used outside.
wessels [Fri, 9 Dec 2005 03:08:46 +0000 (03:08 +0000)]
Fixed a bug and some confusion with ACLChecklist::fastCheck()
- Added cbdataReferenceDone(accessList) call to fastCheck() in the
"if finished()" block.
- peerAllowedToUse() was setting accessList = NULL after calling
fastCheck(). Since neither fastCheck() nor peerAllowedToUse()
were calling cbdataReferenceDone(), the cbdata lock_count would
never decrease and eventually hit an assertion.
- In general, the fastCheck() callers do not need to call
cbdataReferenceDone, nor set accessList to NULL. The
cbdataReferenceDone() call should always happen in fastCheck().
If not, it will happen in the ACLCheckList destructor.
- It might be even better if fastCheck() called cbdataReference()
as well, to avoid this situation where locking happens in one
place and unlocking in another. This is future work, however.
wessels [Wed, 7 Dec 2005 06:03:34 +0000 (06:03 +0000)]
Turned pconn.cc into C++ classes. There are now separate persistent
connection pools for client-side, server-side, and now ICAP.
Accounting for persistent connection use still sucks because HTTP
(http.c) and ICAP state structures don't have any way to keep track
of how many times a given TCP connection was used. So we'll keep
abusing fd_entry[] for this purpose.
wessels [Tue, 6 Dec 2005 07:01:23 +0000 (07:01 +0000)]
Bugzilla #1457
My changes to the way that the client-side performed http_access,
redirector, and no_cache checks introduced a serious bug. Using
any proxy authentication would crash Squid.
One problem was that clientAccessCheckDone() should have returned
after generating the error page. Instead it tried to keep going,
as though access were allowed.
The other problem was due to a recently added assertion, which was
incorrect. Instead of asserting, the ClientRequestContext destructor
now releases its lock on the parent ClientHttpRequest if necessary.
wessels [Tue, 22 Nov 2005 06:26:45 +0000 (06:26 +0000)]
Added ICAP REQMOD PRECACHE
These are fairly significant changes to client_side processing code to
support ICAP request modification.
One important change is in the way that various asynchronous procedures
are handled. Previously, the async events such as ACL checks, redirector,
and no_cache checks were chained together. e.g., aclCheckDone would call
redirectorStart, etc.
Now there is a doCallouts() function that keeps track of which operations
have been done and which have not. This is where we inserted the ICAP
callout.
wessels [Tue, 8 Nov 2005 05:00:38 +0000 (05:00 +0000)]
My recent HttpReply changes created an awkward situation. Both
HttpReply and its base class HttpMsg had methods named parse() but
had different number and type of arugments.
This patch moves HttpReply::parse() to HttpMsg::parseCharBuf()
both parse() and parseCharBuf() use httpMsgParseStep()
wessels [Sat, 5 Nov 2005 04:02:15 +0000 (04:02 +0000)]
parse_date() is one most frequent users of malloc (strdup() actually).
I think it makes sense to replace it with a static buffer and
just call xstrncpy().
wessels [Sat, 5 Nov 2005 03:23:18 +0000 (03:23 +0000)]
An optimization: If there are no request_header_access directives
configured, then don't loop through the headers for each request,
creating and destroying ACL-related objects that are never used.