forked from squid-cache/squid
-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Detail TLS and CONNECT cache_peer negotiation failures (squid-cache#518)
Before PeerConnector and Tunneler were introduced, FwdState and TunnelStateData naturally owned their to-server connection. When CONNECT and TLS negotiation were outsourced, we kept that ownership to minimize changes and simplify negotiation code. That was wrong because FwdState and TunnelStateData, as connection owners, had to monitor for connection closures but could not distinguish basic TCP peer closures from complex CONNECT/TLS negotiation failures that required further detailing. The user got generic error messages instead of details known to negotiators. Now, Ssl::PeerConnector and Http::Tunneler jobs own the connection they work with and, hence, are responsible for monitoring it and, upon successful negotiation, returning it to the initiators. In case of problems, these jobs send detailed errors to the initiators instead. Passing connection ownership to and from a helper job is difficult because the connection may be either closed or begin to close (e.g. by shutdown) while the callback is pending without working close handlers. Many changes focus on keeping Connection::fd in sync with Comm. Also improved tunnel.cc mimicking of (better) FwdState code: Partially open connections after Comm::ConnOpener failures are now closed, and Http::Tunneler failures are now retried. This is a Measurement Factory project.
- Loading branch information
1 parent
614bd51
commit 25b0ce4
Showing
12 changed files
with
473 additions
and
241 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.