[squid-users] Which protocol uses when Stored-ID object returned by Squid?
Amos Jeffries
squid3 at treenet.co.nz
Wed Aug 12 12:51:08 UTC 2015
On 12/08/2015 11:13 p.m., Yuri Voinov wrote:
>
> Hi all.
>
> Stupid question:
>
> Which protocol uses when Stored-ID object returned by Squid?
>
> I.e., when I use ssl bump, and use next rules:
>
> squid.conf:
>
> acl store_rewrite_list_web url_regex
> ^https?:\/\/(khms|mt)[0-9]+\.google\.[a-z\.]+\/.*
> ^https?:\/\/(kh[0-9]?)+\.google\.[a-z\.]+\/(.*)
>
> store_id_program /usr/local/squid/libexec/storeid_file_rewrite
> /usr/local/squid/etc/storeid.conf
> store_id_access allow store_rewrite_list_web
> store_id_access allow store_rewrite_list_web_CDN
> store_id_access allow adobe_java_updates
> store_id_access deny all
>
> and
>
> ^https?:\/\/(khms[\d]|mt[\d])+\.google\.[a-z\.]+\/(.*)
> http://gmaps.SQUIDINTERNAL/$1/$2
> ^https?:\/\/(kh[\d]?)+\.google\.[a-z\.]+\/(.*)
> http://gearth.SQUIDINTERNAL/$1/$2
>
> in storeid.conf,
>
> and
>
> user goes to Google Maps via HTTPS (and map is already Stored-ID),
>
> how Squid will be output stored object to client?
Using the connection to the client. Whatever protocol that uses...
> Client shows green
> https connection with valid Squid CA. Access.log shows bumped https
> connection.
>
> HTTP or HTTPS?
Store-ID is not involved with any protocols. It is simply a way to
adjust the internal hash key used to store or lookup objects in the
cache index.
The HTTP/1.0 hash key is URI.
The HTTP/1.1 hash key is URI, or for responses with Vary: header the URI
plus list of all request headers named in the Vary.
With Store-ID the URI is swapped with whatever the StoreID helper outputs.
You could use a Store-ID helper to map like this and it would still work
perfectly fine:
^https?:\/\/(khms[\d]|mt[\d])+\.google\.[a-z\.]+\/(.*)
bwahahahahah at gmaps.SQUIDINTERNAL/$1/$2
^https?:\/\/(kh[\d]?)+\.google\.[a-z\.]+\/(.*)
ohnowhatyagonnado::://gearth.SQUIDINTERNAL/$1/$2
This is why we changed the name from Store-URL to Store-ID when
polishing the feature port from 2.7. Its not a URL, its a cache index ID
string.
Amos
More information about the squid-users
mailing list