[squid-dev] RFC: cacheMatchAcl

Amos Jeffries squid3 at treenet.co.nz
Sat Apr 4 06:41:16 UTC 2020


On 4/04/20 3:34 am, Alex Rousskov wrote:
> On 4/3/20 7:25 AM, Francesco Chemolli wrote:
> 
>>   I'm looking at places where to improve things a bit, and I stumbled
>> across cacheMatchAcl . It tries hard to be generic, but it is only ever
>> used in ACLProxyAuth::matchProxyAuth . Would it make sense to just have
>> a specialised cache for proxyauth?
> 
> I wonder whether proxy_auth is special in this context:
> 
> 1. Is proxy_auth cache radically different from other ACL caches such as
> external ACL cache? Or did we just not bother unifying the code
> supporting these two caches?
> 

Pretty much yes, we have not done the legwork. Almost every component in
Squid which deals with externally provided state has some form of ad-hoc
cache. If we are lucky the use a hash or dlink. One at least uses splay
(ouch).


One of my background projects in the effort to empty the PR queue this
year is to implement a proper CLP Map - specifically for PR 30 instead
of the LruMap disagreement blocking it. That would be a good container
to use for all these small state data caches all over Squid - keyed
access with a dual TTL and LFU (fading) removal mechanism.

If this ACL cache is not causing issues already we can wait until that
gets submitted for review.


> 2. Do some other ACLs cache nothing just because we did not have enough
> time to add the corresponding caching support? Or do proxy_auth and
> external ACL poses some unique properties that no other ACL already has
> or likely to have in the foreseeable future?

The only thing special is that cache they use is exclusively accessed by
them.

IDENT, ASN, DNS based ACLs also use caches. But those are a bit detached
from the ACL code itself (eg fqdncache) since other code sometimes
accesses the cache directly for other uses.


Amos


More information about the squid-dev mailing list