On 06/07/2013 10:45 AM, Alex Rousskov wrote: > On 05/24/2013 05:58 PM, Alex Rousskov wrote: >> When talking to a cache_peer (i.e., sending a CONNECT request before >> tunneling the transaction), tunnel code is using a clever hack: Squid >> does not parse the CONNECT response from peer but blindly forwards it to >> the client. This works great and simplifies code a lot, except when the >> client connection was intercepted and, hence, the client did not send a >> CONNECT request and is not expecting a CONNECT response. >> >> In those situations, the patch accumulates, parses, and strips the peer >> CONNECT response (or closes connection on errors). >> >> The existing tunnel I/O code is too simple to accommodate that task -- >> it cannot accumulate read data (its I/O buffers work in lockstep >> fashion, writing everything it reads before reading again). Instead of >> rewriting the entire tunnel code to use more complex buffers, I added a >> temporary accumulation buffer for the CONNECT response. That buffer is >> not allocated unless it is needed and does not grow beyond >> SQUID_TCP_SO_RCVBUF size, just like the simple buffers. > > I will commit this fix shortly unless there are last-minute objections.
Committed as trunk r12905. Alex.