[squid-dev] [PATCH] Fixed step3 splicing

Christos Tsantilas christos at chtsanti.net
Mon Feb 8 17:46:09 UTC 2016


Patch applied to trunk as r14528


On 02/07/2016 03:52 AM, Amos Jeffries wrote:
> On 5/02/2016 5:14 a.m., Christos Tsantilas wrote:
>> The information about PeekingPeerConnector splicing the connections
>> was lost in some cases, resulting in two different bugs:
>>
>>   - With a certificate validator, the PeekingPeerConnector class calls
>> back FwdState, which calls the ConnStateData class, which then tries
>> secure the connection with the already tunneled SSL client and closes
>> the connection on negotiating errors.
>>
>>   - Without a certificate validator, the PeekingPeerConnector class never
>> calls FwdState class, and both PeekingPeerConnector and FwdState objects
>> stall until finishing tunnelState closes server and client connections.
>>
>> Now, PeerConnector always calls FwdState back, marking spliced
>> connections as such. This has the following positive side-effects:
>>
>>   - When FwdState learns about spliced connections, it does not call
>> ConnStateData back. Instead, it terminates and gets destroyed. The
>> tunnel continues uninterrupted.
>>
>>   - The PeekingPeerConnector job ends and is destroyed instead of waiting
>> to call FwdState.
>>
>
>
> +1. Looks reasonable. If it has been tested out already I'm okay with it
> going in.
>
> Amos
>


More information about the squid-dev mailing list