From: Amos Jeffries <squid3@treenet.co.nz>
Date: Thu, 14 Jul 2011 08:59:10 +0000 (-0600)
Subject: Port 2.7: act-as-origin for reverse proxy ports
X-Git-Tag: take08~55^2~71
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=90fa581614a90143c6ba7966a412245ef7ab1956;p=thirdparty%2Fsquid.git

Port 2.7: act-as-origin for reverse proxy ports
---

diff --git a/doc/release-notes/release-3.2.sgml b/doc/release-notes/release-3.2.sgml
index 9ffdc7fef3..eb7afea2fb 100644
--- a/doc/release-notes/release-3.2.sgml
+++ b/doc/release-notes/release-3.2.sgml
@@ -492,6 +492,11 @@ This section gives a thorough account of those changes in three categories:
 	<p><em>children-idle=N</em> determines how many helper to retain as buffer against sudden traffic loads.
 	<p>Deprecated <em>children=N</em> in favor of <em>children-max=N</em>.
 
+	<tag>http_port act-as-origin</tag>
+	<p><em>act-as-origin</em> ported from 2.7.
+	   This option corrects several HTTP header issues when operating as a reverse proxy and cache.
+	   Notably the externally visible aging of objects stored in the server-side cache.
+
 	<tag>icap_send_client_ip</tag>
 	<p>Deprecated in favor of adaptation_send_client_ip
 	which applies to both ICAP and eCAP.</p>
@@ -875,7 +880,6 @@ This section gives an account of those changes in three categories:
 	<p>Not yet ported from 2.7
 
 	<tag>http_port</tag>
-	<p><em>act-as-origin</em> not yet ported from 2.7
 	<p><em>urlgroup=</em> not yet ported from 2.6
 
 	<tag>ignore_ims_on_miss</tag>
diff --git a/src/ProtoPort.h b/src/ProtoPort.h
index 42a4a4ea07..6b17579a84 100644
--- a/src/ProtoPort.h
+++ b/src/ProtoPort.h
@@ -29,6 +29,7 @@ struct http_port_list {
     unsigned int allow_direct:1;       /**< Allow direct forwarding in accelerator mode */
     unsigned int vhost:1;              /**< uses host header */
     unsigned int sslBump:1;            /**< intercepts CONNECT requests */
+    unsigned int actAsOrigin:1;        ///< update replies to conform with RFC 2616
     unsigned int ignore_cc:1;          /**< Ignore request Cache-Control directives */
 
     int vport;                 /* virtual port support, -1 for dynamic, >0 static*/
diff --git a/src/cache_cf.cc b/src/cache_cf.cc
index f67ea38da7..58019d78aa 100644
--- a/src/cache_cf.cc
+++ b/src/cache_cf.cc
@@ -3614,10 +3614,15 @@ parse_http_port_option(http_port_list * s, char *token)
         s->protocol = xstrdup(token + 9);
     } else if (strcmp(token, "allow-direct") == 0) {
         if (!s->accel) {
-            debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: vport option requires Acceleration mode flag.");
+            debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: allow-direct option requires Acceleration mode flag.");
             self_destruct();
         }
         s->allow_direct = 1;
+    } else if (strcmp(token, "act-as-origin") == 0) {
+        if (!s->accel) {
+            debugs(3, DBG_IMPORTANT, "ERROR: http(s)_port: act-as-origin option requires Acceleration mode flag.");
+        } else
+            s->actAsOrigin = 1;
     } else if (strcmp(token, "ignore-cc") == 0) {
 #if !USE_HTTP_VIOLATIONS
         if (!s->accel) {
diff --git a/src/cf.data.pre b/src/cf.data.pre
index bf9ee82048..a938475c69 100644
--- a/src/cf.data.pre
+++ b/src/cf.data.pre
@@ -1331,6 +1331,11 @@ DOC_START
 	   protocol=	Protocol to reconstruct accelerated requests with.
 			Defaults to http://.
 
+	   act-as-origin
+			Act as if this Squid is the origin server.
+			This currently means generate new Date: and Expires:
+			headers on HIT instead of adding Age:.
+
 	   ignore-cc	Ignore request Cache-Control headers.
 
 	   		Warning: This option violates HTTP specifications if
diff --git a/src/client_side_reply.cc b/src/client_side_reply.cc
index d542c94f69..908bf4c9cf 100644
--- a/src/client_side_reply.cc
+++ b/src/client_side_reply.cc
@@ -61,6 +61,7 @@
 #include "ipcache.h"
 #include "log/Tokens.h"
 #include "MemObject.h"
+#include "ProtoPort.h"
 #include "SquidTime.h"
 #include "StoreClient.h"
 #include "Store.h"
@@ -1294,6 +1295,25 @@ clientReplyContext::buildReplyHeader()
         if (EBIT_TEST(http->storeEntry()->flags, ENTRY_SPECIAL)) {
             hdr->delById(HDR_DATE);
             hdr->insertTime(HDR_DATE, squid_curtime);
+        } else if (http->getConn() && http->getConn()->port->actAsOrigin) {
+            // Swap the Date: header to current time if we are simulating an origin
+	    HttpHeaderEntry *h = hdr->findEntry(HDR_DATE);
+	    if (h)
+		hdr->putExt("X-Origin-Date", h->value.termedBuf());
+            hdr->delById(HDR_DATE);
+            hdr->insertTime(HDR_DATE, squid_curtime);
+	    h = hdr->findEntry(HDR_EXPIRES);
+	    if (h && http->storeEntry()->expires >= 0) {
+		hdr->putExt("X-Origin-Expires", h->value.termedBuf());
+		hdr->delById(HDR_EXPIRES);
+		hdr->insertTime(HDR_EXPIRES, squid_curtime + http->storeEntry()->expires - http->storeEntry()->timestamp);
+	    }
+            if (http->storeEntry()->timestamp <= squid_curtime) {
+                // put X-Cache-Age: instead of Age:
+		char age[64];
+		snprintf(age, sizeof(age), "%ld", (long int) squid_curtime - http->storeEntry()->timestamp);
+		hdr->putExt("X-Cache-Age", age);
+ 	    }
         } else if (http->storeEntry()->timestamp <= squid_curtime) {
             hdr->putInt(HDR_AGE,
                         squid_curtime - http->storeEntry()->timestamp);
@@ -1865,6 +1885,7 @@ clientReplyContext::sendNotModified()
     e = http->storeEntry();
     // Copy timestamp from the original entry so the 304
     // reply has a meaningful Age: header.
+    e->timestampsSet();
     e->timestamp = timestamp;
     e->replaceHttpReply(temprep);
     e->complete();