[squid-dev] [PATCH] Support tunneling of bumped non-HTTP traffic. Other SslBump fixes.

Alex Rousskov rousskov at measurement-factory.com
Fri Oct 28 15:07:05 UTC 2016


On 10/28/2016 07:54 AM, Christos Tsantilas wrote:
> On 10/28/2016 01:11 PM, Amos Jeffries wrote:
>> On 21/10/2016 3:55 a.m., Christos Tsantilas wrote:
>>> Support tunneling of bumped non-HTTP traffic. Other SslBump fixes.

>> Are any of these additional fixes able to be easily broken out into
>> separate patches? It would greatly help the auditing process to get
>> smaller patches.

> Personally I prefer to keep this patch as one patch, it is not easy to
> split it.

I second Christos' opinion on this particular aspect: Complex state and
reentrant doCallouts() code make some of the effects really hard to
track for a human. This patch is a lot more than a few localized
semi-independent fixes, even if it appears to look like that.

>>  - please take advantage of the surrounding code being re-written to
>> cleanup:
>>     if (peer_paths == NULL || peer_paths->size() < 1) {

>> as:
>>     if (!peer_paths || peer_paths->size() < 1) {

I am against mixing cleanup of otherwise untouched code with in-scope
changes, but if you do decide to polish this, then the right form is

       if (!peer_paths || peer_paths->empty()) ...

Alex.



More information about the squid-dev mailing list