From be753325ab460e945d00846dc6f34869b36c4f13 Mon Sep 17 00:00:00 2001 From: hno <> Date: Sat, 15 Feb 2003 07:15:51 +0000 Subject: [PATCH] First batch of rproxy merges New cache_peer options for reverse proxy setups originserver name=XXX forceddomain=XXX Cleanup of authentication forwarding, and added gatewaying proxy->reverseproxy when the same Squid is acting as both proxy and reverseproxy with authentication --- src/cache_cf.cc | 17 +++- src/cf.data.pre | 28 ++++++- src/forward.cc | 4 +- src/http.cc | 212 ++++++++++++++++++++++++++++------------------- src/neighbors.cc | 51 +++++++----- src/structs.h | 9 +- 6 files changed, 209 insertions(+), 112 deletions(-) diff --git a/src/cache_cf.cc b/src/cache_cf.cc index b2dc8f9622..4cae3f88ac 100644 --- a/src/cache_cf.cc +++ b/src/cache_cf.cc @@ -1,6 +1,6 @@ /* - * $Id: cache_cf.cc,v 1.429 2003/02/12 06:11:00 robertc Exp $ + * $Id: cache_cf.cc,v 1.430 2003/02/15 00:15:51 hno Exp $ * * DEBUG: section 3 Configuration File Parsing * AUTHOR: Harvest Derived @@ -1332,7 +1332,7 @@ dump_peer(StoreEntry * entry, const char *name, peer * p) d->domain); } if (p->access) { - snprintf(xname, 128, "cache_peer_access %s", p->host); + snprintf(xname, 128, "cache_peer_access %s", p->name); dump_acl_access(entry, xname, p->access); } for (t = p->typelist; t; t = t->next) { @@ -1360,6 +1360,7 @@ parse_peer(peer ** head) if ((token = strtok(NULL, w_space)) == NULL) self_destruct(); p->host = xstrdup(token); + p->name = xstrdup(token); if ((token = strtok(NULL, w_space)) == NULL) self_destruct(); p->type = parseNeighborType(token); @@ -1425,6 +1426,16 @@ parse_peer(peer ** head) p->options.allow_miss = 1; } else if (!strncasecmp(token, "max-conn=", 9)) { p->max_conn = xatoi(token + 9); + } else if (!strcasecmp(token, "originserver")) { + p->options.originserver = 1; + } else if (!strncasecmp(token, "name=", 5)) { + safe_free(p->name); + if (token[5]) + p->name = xstrdup(token + 5); + } else if (!strncasecmp(token, "forceddomain=", 13)) { + safe_free(p->domain); + if (token[13]) + p->domain = xstrdup(token + 13); #if USE_SSL } else if (strcmp(token, "ssl") == 0) { p->use_ssl = 1; @@ -1466,6 +1477,8 @@ parse_peer(peer ** head) self_destruct(); } } + if (peerFindByName(p->name)) + fatalf("ERROR: cache_peer %s specified twice\n", p->name); if (p->weight < 1) p->weight = 1; p->icp.version = ICP_VERSION_CURRENT; diff --git a/src/cf.data.pre b/src/cf.data.pre index 122a7ddc21..6b9fa38f40 100644 --- a/src/cf.data.pre +++ b/src/cf.data.pre @@ -1,6 +1,6 @@ # -# $Id: cf.data.pre,v 1.299 2003/02/13 08:07:47 robertc Exp $ +# $Id: cf.data.pre,v 1.300 2003/02/15 00:15:51 hno Exp $ # # # SQUID Web Proxy Cache http://www.squid-cache.org/ @@ -378,6 +378,9 @@ DOC_START digest-url=url allow-miss max-conn + originserver + name=xxx + forceddomain=name ssl sslcert=/path/to/ssl/certificate sslkey=/path/to/ssl/key @@ -385,9 +388,9 @@ DOC_START sslcipher=... ssloptions=... front-end-https[=on|auto] - - use 'proxy-only' to specify that objects fetched - from this cache should not be saved locally. + + use 'proxy-only' to specify that objects fetched + from this cache should not be saved locally. use 'weight=n' to specify a weighted parent. The weight must be an integer. The default weight @@ -490,6 +493,20 @@ DOC_START use 'max-conn' to limit the amount of connections Squid may open to this peer. + + 'originserver' causes this parent peer to be contacted as + a origin server. Meant to be used in accelerator setups. + + use 'name=xxx' if you have multiple peers on the same + host but different ports. This name can then be used to + differentiate the peers in cache_peer_access and similar + directives. + + use 'forceddomain=name' to forcibly set the Host header + of requests forwarded to this peer. Useful in accelerator + setups where the server (peer) expects a certain domain + name and using redirectors to feed this domainname + is not feasible. use 'ssl' to indicate that connections to this peer should bs SSL/TLS encrypted. @@ -1433,6 +1450,9 @@ DOC_START By default Squid rewrites any Host: header in redirected requests. If you are running an accelerator then this may not be a wanted effect of a redirector. + + WARNING: Entries are cached on the result of the URL rewriting + process, so be careful if you have domain-virtual hosts. DOC_END NAME: redirector_access diff --git a/src/forward.cc b/src/forward.cc index 4b713268aa..fbbb948511 100644 --- a/src/forward.cc +++ b/src/forward.cc @@ -1,6 +1,6 @@ /* - * $Id: forward.cc,v 1.94 2003/02/12 06:11:03 robertc Exp $ + * $Id: forward.cc,v 1.95 2003/02/15 00:15:51 hno Exp $ * * DEBUG: section 17 Request Forwarding * AUTHOR: Duane Wessels @@ -557,9 +557,11 @@ fwdDispatch(FwdState * fwdState) if (fwdState->servers && (p = fwdState->servers->_peer)) { p->stats.fetches++; fwdState->request->peer_login = p->login; + fwdState->request->peer_domain = p->domain; httpStart(fwdState); } else { fwdState->request->peer_login = NULL; + fwdState->request->peer_domain = NULL; switch (request->protocol) { #if USE_SSL case PROTO_HTTPS: diff --git a/src/http.cc b/src/http.cc index 2bb19831e5..dafdf833b2 100644 --- a/src/http.cc +++ b/src/http.cc @@ -1,6 +1,6 @@ /* - * $Id: http.cc,v 1.408 2003/02/13 22:20:37 robertc Exp $ + * $Id: http.cc,v 1.409 2003/02/15 00:15:51 hno Exp $ * * DEBUG: section 11 Hypertext Transfer Protocol (HTTP) * AUTHOR: Harvest Derived @@ -68,7 +68,7 @@ static void httpMakePublic(StoreEntry *); static int httpCachableReply(HttpStateData *); static void httpMaybeRemovePublic(StoreEntry *, http_status); static void copyOneHeaderFromClientsideRequestToUpstreamRequest(const HttpHeaderEntry *e, String strConnection, request_t * request, request_t * orig_request, -HttpHeader * hdr_out, int we_do_ranges, bool); +HttpHeader * hdr_out, int we_do_ranges, http_state_flags); static int decideIfWeDoRanges (request_t * orig_request); @@ -910,7 +910,7 @@ httpBuildRequestHeader(request_t * request, strConnection = httpHeaderGetList(hdr_in, HDR_CONNECTION); while ((e = httpHeaderGetEntry(hdr_in, &pos))) - copyOneHeaderFromClientsideRequestToUpstreamRequest(e, strConnection, request, orig_request, hdr_out, we_do_ranges, flags.front_end_https); + copyOneHeaderFromClientsideRequestToUpstreamRequest(e, strConnection, request, orig_request, hdr_out, we_do_ranges, flags); /* Abstraction break: We should interpret myultipart/byterange responses * into offset-length data, and this works around our inability to do so. @@ -947,8 +947,10 @@ httpBuildRequestHeader(request_t * request, /* append Host if not there already */ if (!httpHeaderHas(hdr_out, HDR_HOST)) { - /* use port# only if not default */ - if (orig_request->port == urlDefaultPort(orig_request->protocol)) { + if (orig_request->peer_domain) { + httpHeaderPutStr(hdr_out, HDR_HOST, orig_request->peer_domain); + } else if (orig_request->port == urlDefaultPort(orig_request->protocol)) { + /* use port# only if not default */ httpHeaderPutStr(hdr_out, HDR_HOST, orig_request->host); } else { httpHeaderPutStrf(hdr_out, HDR_HOST, "%s:%d", @@ -964,8 +966,7 @@ httpBuildRequestHeader(request_t * request, } /* append Proxy-Authorization if configured for peer, and proxying */ if (request->flags.proxying && orig_request->peer_login && - !httpHeaderHas(hdr_out, HDR_PROXY_AUTHORIZATION) && - strcmp(orig_request->peer_login, "PASS") != 0) { + !httpHeaderHas(hdr_out, HDR_PROXY_AUTHORIZATION)) { if (*orig_request->peer_login == '*') { /* Special mode, to pass the username to the upstream cache */ char loginbuf[256]; @@ -975,11 +976,42 @@ httpBuildRequestHeader(request_t * request, snprintf(loginbuf, sizeof(loginbuf), "%s%s", username, orig_request->peer_login + 1); httpHeaderPutStrf(hdr_out, HDR_PROXY_AUTHORIZATION, "Basic %s", base64_encode(loginbuf)); + } else if (strcmp(orig_request->peer_login, "PASS") == 0) { + /* Nothing to do */ + } else if (strcmp(orig_request->peer_login, "PROXYPASS") == 0) { + /* Nothing to do */ } else { httpHeaderPutStrf(hdr_out, HDR_PROXY_AUTHORIZATION, "Basic %s", base64_encode(orig_request->peer_login)); } } + /* append WWW-Authorization if configured for peer */ + if (flags.originpeer && orig_request->peer_login && + !httpHeaderHas(hdr_out, HDR_AUTHORIZATION)) { + if (strcmp(orig_request->peer_login, "PASS") == 0) { + /* No credentials to forward.. (should have been done above if available) */ + } else if (strcmp(orig_request->peer_login, "PROXYPASS") == 0) { + /* Special mode, convert proxy authentication to WWW authentication + */ + const char *auth = httpHeaderGetStr(hdr_in, HDR_PROXY_AUTHORIZATION); + if (auth && strncasecmp(auth, "basic ", 6) == 0) { + httpHeaderPutStr(hdr_out, HDR_AUTHORIZATION, auth); + } + } else if (*orig_request->peer_login == '*') { + /* Special mode, to pass the username to the upstream cache */ + char loginbuf[256]; + const char *username = "-"; + if (orig_request->auth_user_request) + username = authenticateUserRequestUsername(orig_request->auth_user_request); + snprintf(loginbuf, sizeof(loginbuf), "%s%s", username, orig_request->peer_login + 1); + httpHeaderPutStrf(hdr_out, HDR_AUTHORIZATION, "Basic %s", + base64_encode(loginbuf)); + } else { + /* Fixed login string */ + httpHeaderPutStrf(hdr_out, HDR_AUTHORIZATION, "Basic %s", + base64_encode(orig_request->peer_login)); + } + } /* append Cache-Control, add max-age if not there already */ { HttpHdrCc *cc = httpHeaderGetCc(hdr_in); @@ -1017,7 +1049,7 @@ httpBuildRequestHeader(request_t * request, void -copyOneHeaderFromClientsideRequestToUpstreamRequest(const HttpHeaderEntry *e, String strConnection, request_t * request, request_t * orig_request, HttpHeader * hdr_out, int we_do_ranges, bool front_end_https) +copyOneHeaderFromClientsideRequestToUpstreamRequest(const HttpHeaderEntry *e, String strConnection, request_t * request, request_t * orig_request, HttpHeader * hdr_out, int we_do_ranges, http_state_flags flags) { debug(11, 5) ("httpBuildRequestHeader: %s: %s\n", e->name.buf(), e->value.buf()); @@ -1026,78 +1058,77 @@ copyOneHeaderFromClientsideRequestToUpstreamRequest(const HttpHeaderEntry *e, St return; } switch (e->id) { - case HDR_PROXY_AUTHORIZATION: - /* Only pass on proxy authentication to peers for which - * authentication forwarding is explicitly enabled - */ - if (request->flags.proxying && orig_request->peer_login && - strcmp(orig_request->peer_login, "PASS") == 0) { - httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); - } - break; - case HDR_AUTHORIZATION: - /* Pass on WWW authentication even if used locally. If this is - * not wanted in an accelerator then the header can be removed - * using the anonymization functions - */ - httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); - /* XXX Some accelerators might want to strip the header - * and regard the reply as cacheable, but authentication - * is not normally enabled for accelerators without reading - * the code, so there is not much use in adding logics here - * without first defining the concept of having authentication - * in the accelerator... - */ - break; - case HDR_HOST: - /* - * Normally Squid does not copy the Host: header from - * a client request into the forwarded request headers. - * However, there is one case when we do: If the URL - * went through our redirector and the admin configured - * 'redir_rewrites_host' to be off. - */ - if (request->flags.redirected) - if (!Config.onoff.redir_rewrites_host) - httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); - break; - case HDR_IF_MODIFIED_SINCE: - /* append unless we added our own; - * note: at most one client's ims header can pass through */ - if (!httpHeaderHas(hdr_out, HDR_IF_MODIFIED_SINCE)) - httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); - break; - case HDR_MAX_FORWARDS: - if (orig_request->method == METHOD_TRACE) { - const int hops = httpHeaderEntryGetInt(e); - if (hops > 0) - httpHeaderPutInt(hdr_out, HDR_MAX_FORWARDS, hops - 1); - } - break; - case HDR_VIA: - /* If Via is disabled then forward any received header as-is */ - if (!Config.onoff.via) - httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); - break; - case HDR_RANGE: - case HDR_IF_RANGE: - case HDR_REQUEST_RANGE: - if (!we_do_ranges) - httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); - break; - case HDR_PROXY_CONNECTION: - case HDR_CONNECTION: - case HDR_X_FORWARDED_FOR: - case HDR_CACHE_CONTROL: - /* append these after the loop if needed */ - break; - case HDR_FRONT_END_HTTPS: - if (!front_end_https) - httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); - break; - default: - /* pass on all other header fields */ - httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); + case HDR_PROXY_AUTHORIZATION: + /* Only pass on proxy authentication to peers for which + * authentication forwarding is explicitly enabled + */ + if (flags.proxying && orig_request->peer_login && + strcmp(orig_request->peer_login, "PASS") == 0) { + httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); + } + break; + case HDR_AUTHORIZATION: + /* Pass on WWW authentication */ + if (!flags.originpeer) { + httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); + } else { + /* In accelerators, only forward authentication if enabled + * (see also below for proxy->server authentication) + */ + if (orig_request->peer_login && (strcmp(orig_request->peer_login, "PASS") == 0 || strcmp(orig_request->peer_login, "PROXYPASS") == 0)) { + httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); + } + } + break; + case HDR_HOST: + /* + * Normally Squid does not copy the Host: header from + * a client request into the forwarded request headers. + * However, there is one case when we do: If the URL + * went through our redirector and the admin configured + * 'redir_rewrites_host' to be off. + */ + if (request->flags.redirected) + if (!Config.onoff.redir_rewrites_host) + httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); + break; + case HDR_IF_MODIFIED_SINCE: + /* append unless we added our own; + * note: at most one client's ims header can pass through */ + if (!httpHeaderHas(hdr_out, HDR_IF_MODIFIED_SINCE)) + httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); + break; + case HDR_MAX_FORWARDS: + if (orig_request->method == METHOD_TRACE) { + const int hops = httpHeaderEntryGetInt(e); + if (hops > 0) + httpHeaderPutInt(hdr_out, HDR_MAX_FORWARDS, hops - 1); + } + break; + case HDR_VIA: + /* If Via is disabled then forward any received header as-is */ + if (!Config.onoff.via) + httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); + break; + case HDR_RANGE: + case HDR_IF_RANGE: + case HDR_REQUEST_RANGE: + if (!we_do_ranges) + httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); + break; + case HDR_PROXY_CONNECTION: + case HDR_CONNECTION: + case HDR_X_FORWARDED_FOR: + case HDR_CACHE_CONTROL: + /* append these after the loop if needed */ + break; + case HDR_FRONT_END_HTTPS: + if (!flags.front_end_https) + httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); + break; + default: + /* pass on all other header fields */ + httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); } } @@ -1171,10 +1202,18 @@ httpSendRequest(HttpStateData * httpState) else sendHeaderDone = HttpStateData::SendComplete; - if (p != NULL) - httpState->flags.proxying = 1; - else + if (p != NULL) { + if (p->options.originserver) { + httpState->flags.proxying = 0; + httpState->flags.originpeer = 1; + } else { + httpState->flags.proxying = 1; + httpState->flags.originpeer = 0; + } + } else { httpState->flags.proxying = 0; + httpState->flags.originpeer = 0; + } /* * Is keep-alive okay for all request methods? */ @@ -1221,8 +1260,13 @@ httpStart(FwdState * fwd) if (fwd->servers) httpState->_peer = fwd->servers->_peer; /* might be NULL */ if (httpState->_peer) { + const char *url; + if (httpState->_peer->options.originserver) + url = orig_req->urlpath.buf(); + else + url = storeUrl(httpState->entry); proxy_req = requestCreate(orig_req->method, - orig_req->protocol, storeUrl(httpState->entry)); + orig_req->protocol, url); xstrncpy(proxy_req->host, httpState->_peer->host, SQUIDHOSTNAMELEN); proxy_req->port = httpState->_peer->http_port; proxy_req->flags = orig_req->flags; diff --git a/src/neighbors.cc b/src/neighbors.cc index 3b001c85bd..c13318a397 100644 --- a/src/neighbors.cc +++ b/src/neighbors.cc @@ -1,6 +1,6 @@ /* - * $Id: neighbors.cc,v 1.312 2003/02/13 20:52:42 wessels Exp $ + * $Id: neighbors.cc,v 1.313 2003/02/15 00:15:51 hno Exp $ * * DEBUG: section 15 Neighbor Routines * AUTHOR: Harvest Derived @@ -548,9 +548,8 @@ neighborsUdpPing(request_t * request, /* Neighbor is dead; ping it anyway, but don't expect a reply */ /* log it once at the threshold */ if (p->stats.logged_state == PEER_ALIVE) { - debug(15, 1) ("Detected DEAD %s: %s/%d/%d\n", - neighborTypeStr(p), - p->host, p->http_port, p->icp.port); + debug(15, 1) ("Detected DEAD %s: %s\n", + neighborTypeStr(p), p->name); p->stats.logged_state = PEER_DEAD; } } @@ -727,9 +726,8 @@ static void neighborAlive(peer * p, const MemObject * mem, const icp_common_t * header) { if (p->stats.logged_state == PEER_DEAD && p->tcp_up) { - debug(15, 1) ("Detected REVIVED %s: %s/%d/%d\n", - neighborTypeStr(p), - p->host, p->http_port, p->icp.port); + debug(15, 1) ("Detected REVIVED %s: %s\n", + neighborTypeStr(p), p->name); p->stats.logged_state = PEER_ALIVE; } p->stats.last_reply = squid_curtime; @@ -763,9 +761,8 @@ static void neighborAliveHtcp(peer * p, const MemObject * mem, const htcpReplyData * htcp) { if (p->stats.logged_state == PEER_DEAD && p->tcp_up) { - debug(15, 1) ("Detected REVIVED %s: %s/%d/%d\n", - neighborTypeStr(p), - p->host, p->http_port, p->icp.port); + debug(15, 1) ("Detected REVIVED %s: %s\n", + neighborTypeStr(p), p->name); p->stats.logged_state = PEER_ALIVE; } p->stats.last_reply = squid_curtime; @@ -956,7 +953,7 @@ peerFindByName(const char *name) { peer *p = NULL; for (p = Config.peers; p; p = p->next) { - if (!strcasecmp(name, p->host)) + if (!strcasecmp(name, p->name)) break; } return p; @@ -967,7 +964,7 @@ peerFindByNameAndPort(const char *name, unsigned short port) { peer *p = NULL; for (p = Config.peers; p; p = p->next) { - if (strcasecmp(name, p->host)) + if (strcasecmp(name, p->name)) continue; if (port != p->http_port) continue; @@ -1011,6 +1008,8 @@ peerDestroy(void *data) safe_free(l); } safe_free(p->host); + safe_free(p->name); + safe_free(p->domain); #if USE_CACHE_DIGESTS cbdataReferenceDone(p->digest); #endif @@ -1090,9 +1089,8 @@ peerConnectFailed(peer * p) debug(15, 1) ("TCP connection to %s/%d failed\n", p->host, p->http_port); p->tcp_up--; if (!p->tcp_up) { - debug(15, 1) ("Detected DEAD %s: %s/%d/%d\n", - neighborTypeStr(p), - p->host, p->http_port, p->icp.port); + debug(15, 1) ("Detected DEAD %s: %s\n", + neighborTypeStr(p), p->name); p->stats.logged_state = PEER_DEAD; } } @@ -1102,9 +1100,8 @@ peerConnectSucceded(peer * p) { if (!p->tcp_up) { debug(15, 2) ("TCP connection to %s/%d succeded\n", p->host, p->http_port); - debug(15, 1) ("Detected REVIVED %s: %s/%d/%d\n", - neighborTypeStr(p), - p->host, p->http_port, p->icp.port); + debug(15, 1) ("Detected REVIVED %s: %s\n", + neighborTypeStr(p), p->name); p->stats.logged_state = PEER_ALIVE; } p->tcp_up = PEER_TCP_MAGIC_COUNT; @@ -1302,6 +1299,20 @@ dump_peer_options(StoreEntry * sentry, peer * p) storeAppendPrintf(sentry, " login=%s", p->login); if (p->mcast.ttl > 0) storeAppendPrintf(sentry, " ttl=%d", p->mcast.ttl); + if (p->connect_timeout > 0) + storeAppendPrintf(sentry, " connect-timeout=%d", (int) p->connect_timeout); +#if USE_CACHE_DIGESTS + if (p->digest_url) + storeAppendPrintf(sentry, " digest-url=%s", p->digest_url); +#endif + if (p->options.allow_miss) + storeAppendPrintf(sentry, " allow-miss"); + if (p->max_conn > 0) + storeAppendPrintf(sentry, " max-conn=%d", p->max_conn); + if (p->options.originserver) + storeAppendPrintf(sentry, " originserver"); + if (p->domain) + storeAppendPrintf(sentry, " forceddomain=%s", p->domain); storeAppendPrintf(sentry, "\n"); } @@ -1316,8 +1327,10 @@ dump_peers(StoreEntry * sentry, peer * peers) storeAppendPrintf(sentry, "There are no neighbors installed.\n"); for (e = peers; e; e = e->next) { assert(e->host != NULL); - storeAppendPrintf(sentry, "\n%-11.11s: %s/%d/%d\n", + storeAppendPrintf(sentry, "\n%-11.11s: %s\n", neighborTypeStr(e), + e->name); + storeAppendPrintf(sentry, "Host : %s/%d/%d\n", e->host, e->http_port, e->icp.port); diff --git a/src/structs.h b/src/structs.h index 51c3242c0a..f3b0ac5ffe 100644 --- a/src/structs.h +++ b/src/structs.h @@ -1,6 +1,6 @@ /* - * $Id: structs.h,v 1.448 2003/02/12 06:11:04 robertc Exp $ + * $Id: structs.h,v 1.449 2003/02/15 00:15:51 hno Exp $ * * * SQUID Web Proxy Cache http://www.squid-cache.org/ @@ -722,6 +722,7 @@ struct _http_state_flags { unsigned int only_if_cached:1; unsigned int headers_pushed:1; unsigned int front_end_https:2; + unsigned int originpeer:1; }; struct _ping_data { @@ -920,6 +921,7 @@ struct _PeerDigest { #endif struct _peer { + char *name; char *host; peer_t type; struct sockaddr_in in_addr; @@ -976,6 +978,7 @@ struct _peer { #if USE_CARP unsigned int carp:1; #endif + unsigned int originserver:1; } options; int weight; int basetime; @@ -1011,6 +1014,7 @@ struct _peer { char *login; /* Proxy authorization */ time_t connect_timeout; int max_conn; + char *domain; /* Forced domain */ #if USE_SSL int use_ssl; char *sslcert; @@ -1169,7 +1173,7 @@ struct request_flags { unsigned int hierarchical:1; unsigned int loopdetect:1; unsigned int proxy_keepalive:1; - unsigned int proxying:1; + unsigned int proxying:1; /* this should be killed, also in httpstateflags */ unsigned int refresh:1; unsigned int redirected:1; unsigned int need_validation:1; @@ -1228,6 +1232,7 @@ public: char *peer_login; /* Configured peer login:password */ time_t lastmod; /* Used on refreshes */ const char *vary_headers; /* Used when varying entities are detected. Changes how the store key is calculated */ + char *peer_domain; /* Configured peer forceddomain */ }; #endif struct _cachemgr_passwd { -- 2.39.5