Fake CONNECT exceeds concurrent requests limit.

Squid closes the SSL client connection with "Failed to start fake CONNECT
request for ssl spliced connection". This happens especially often when
the pipeline_prefetch configuration parameter is set to "0" (i.e., default).

When a transparent SSL connection is peeked and then spliced in step2, we are
generating a fake CONNECT request. The fake CONNECT request is counted as a
new pipelined request and may exceed the configured limit. This patch solves
this problem by raising the limit for that request.

Needs more work to better identify the requests that need a different limit.

This is a Measurement Factory project.

diff --git a/src/client_side.cc b/src/client_side.cc
index d6a010cb2760626ce594ace400c5648190ca0850..7f16b4e73b198b25613f22f114b65eb5e62b3640 100644 (file)
--- a/src/client_side.cc
+++ b/src/client_side.cc
@@ -2741,7 +2741,8 @@ ConnStateData::concurrentRequestQueueFilled() const
 
     // default to the configured pipeline size.
     // add 1 because the head of pipeline is counted in concurrent requests and not prefetch queue
-    const int concurrentRequestLimit = pipelinePrefetchMax() + 1;
+    const int internalRequest = (transparent() && sslBumpMode == Ssl::bumpSplice) ? 1 : 0;
+    const int concurrentRequestLimit = pipelinePrefetchMax() + 1 + internalRequest;
 
     // when queue filled already we cant add more.
     if (existingRequestCount >= concurrentRequestLimit) {