[squid-users] Squid 3.3, delay_pool, acl type "rep_mime_type"
In Squid-2.HEAD can use the "acl rep_mime_type" in delay_pool_access, but not in 3.3. I suggest to the next patch. How much the
patch correct?
diff --git a/src/DelayId.cc b/src/DelayId.cc
index e348334..97aea98 100644
--- a/src/DelayId.cc
+++ b/src/DelayId.cc
@@ -90,7 +90,7 @@ DelayId::operator bool() const
/* create a delay Id for a given request */
DelayId
-DelayId::DelayClient(ClientHttpRequest * http)
+DelayId::DelayClient(ClientHttpRequest * http, HttpReply *reply)
{
HttpRequest *r;
unsigned short pool;
@@ -112,6 +112,9 @@ DelayId::DelayClient(ClientHttpRequest * http)
}
ACLFilledChecklist ch(DelayPools::delay_data[pool].access, r, NULL);
+if(reply) {
+ ch.reply = HTTPMSGLOCK(reply);
+}
#if FOLLOW_X_FORWARDED_FOR
if (Config.onoff.delay_pool_uses_indirect_client)
ch.src_addr = r->indirect_client_addr;
diff --git a/src/DelayId.h b/src/DelayId.h
index 2f0f9f2..baef7a8 100644
--- a/src/DelayId.h
+++ b/src/DelayId.h
@@ -36,6 +36,7 @@
#if USE_DELAY_POOLS
class ClientHttpRequest;
+class HttpReply;
#include "DelayIdComposite.h"
/// \ingroup DelayPoolsAPI
@@ -43,7 +44,7 @@ class DelayId
{
public:
-static DelayId DelayClient (ClientHttpRequest *);
+static DelayId DelayClient (ClientHttpRequest *, HttpReply *reply=NULL);
DelayId ();
DelayId (unsigned short);
~DelayId ();
diff --git a/src/client_side_reply.cc b/src/client_side_reply.cc
index 833c8f8..315d89a 100644
--- a/src/client_side_reply.cc
+++ b/src/client_side_reply.cc
@@ -2145,6 +2145,10 @@ clientReplyContext::sendMoreData (StoreIOBuffer result)
cloneReply();
+#if USE_DELAY_POOLS
+if(sc) sc->setDelayId(DelayId::DelayClient(http,reply));
+#endif
+
/* handle headers */
if (Config.onoff.log_mime_hdrs) {
[squid-users] Plain HTML site not opening through squid.
I am facing this weird problem while trying to open a site mkm.drdo.gov.in = using squid 3.1.10. While the site works fine bypassing squid. While using squid - I am getting "Zero Sized Reply" on the client browser w= hereas my access.log says http://mkm.drdo.gov.in/ - NONE/- text/html Any help is highly solicited.
Re: [squid-users] Need help on SSL bump and certificate chain
Hi, Can someone please help me out here? In a nutshell, I am using a proper signed certificate(not self signed) to generate certificates. The chain is my certificate -> intermediate CA -> root CA. I cannot make squid send the entire certificate chain to the clients and this is breaking many applications in our network. I am using squid 3.3.1. Please help. Regards, Prasanna On 4/11/13, Prasanna Venkateswaran wrote: > Hi Guy, > We want to be a man-in-the middle but we want to get the > approval from clients/end-users out of band by accepting the terms and > conditions. The self signed certificates is sort of ok with browsers. > But many other applications like dropbox sync, AV dat update, vpn , > etc fail because of the untrusted certificate. On top of it we have > some headless devices in our network as well. Since we anyway have > this information in our terms and conditions we would like to move to > a trusted chain so that all the applications work as expected.. > > Gentlemen, > I see some users have already asked help/reported bug about the > same thing like, > http://www.squid-cache.org/mail-archive/squid-users/201112/0197.html. > > I also see that changes have been done in squid to support this > behavior as well. > http://www.squid-cache.org/mail-archive/squid-dev/201110/0207.html > > I followed the steps from this thread for configuration and I > still dont see the chain information sent to the clients. > http://www.squid-cache.org/mail-archive/squid-users/201109/0037.html > > So has the behavior of squid changed in recent times? Or am I > missing something in my configuration. How to make squid send the > entire certificate chain to clients? Please help. > > Regards, > Prasanna >
