--------------------- PatchSet 11925 Date: 2008/01/23 11:00:46 Author: hno Branch: SQUID_2_7 Tag: (none) Log: Back out the tproxy hack for using the original destination if DNS lookup failed This isn't complete yet. Mainly missing dst acl integration to somehow mach the destination Squid is connecting to. Today dst relies on dns and will always be false if dns fails. Members: src/client_side.c:1.754.2.2->1.754.2.3 src/comm.c:1.366->1.366.2.1 src/dns_internal.c:1.63->1.63.2.1 src/forward.c:1.131->1.131.2.1 src/ftp.c:1.348->1.348.2.1 src/ident.c:1.64->1.64.2.1 src/neighbors.c:1.319->1.319.2.1 src/protos.h:1.547.2.2->1.547.2.3 src/ssl.c:1.141->1.141.2.1 src/structs.h:1.538.2.3->1.538.2.4 Index: squid/src/client_side.c =================================================================== RCS file: /cvsroot/squid/squid/src/client_side.c,v retrieving revision 1.754.2.2 retrieving revision 1.754.2.3 diff -u -r1.754.2.2 -r1.754.2.3 --- squid/src/client_side.c 5 Jan 2008 07:33:18 -0000 1.754.2.2 +++ squid/src/client_side.c 23 Jan 2008 11:00:46 -0000 1.754.2.3 @@ -1,6 +1,6 @@ /* - * $Id: client_side.c,v 1.754.2.2 2008/01/05 07:33:18 adrian Exp $ + * $Id: client_side.c,v 1.754.2.3 2008/01/23 11:00:46 hno Exp $ * * DEBUG: section 33 Client-side Routines * AUTHOR: Duane Wessels @@ -3737,7 +3737,7 @@ } #endif } - if (conn->port->transparent && clientNatLookup(conn) == 0) + if (!host && !conn->transparent && clientNatLookup(conn) == 0) conn->transparent = 1; if (!host && conn->transparent) { port = ntohs(conn->me.sin_port); Index: squid/src/comm.c =================================================================== RCS file: /cvsroot/squid/squid/src/comm.c,v retrieving revision 1.366 retrieving revision 1.366.2.1 diff -u -r1.366 -r1.366.2.1 --- squid/src/comm.c 13 Dec 2007 01:20:49 -0000 1.366 +++ squid/src/comm.c 23 Jan 2008 11:00:46 -0000 1.366.2.1 @@ -1,6 +1,6 @@ /* - * $Id: comm.c,v 1.366 2007/12/13 01:20:49 hno Exp $ + * $Id: comm.c,v 1.366.2.1 2008/01/23 11:00:46 hno Exp $ * * DEBUG: section 5 Socket Functions * AUTHOR: Harvest Derived @@ -313,7 +313,7 @@ } void -commConnectStart(int fd, const char *host, u_short port, CNCB * callback, void *data, struct in_addr *addr) +commConnectStart(int fd, const char *host, u_short port, CNCB * callback, void *data) { ConnectStateData *cs; debug(5, 3) ("commConnectStart: FD %d, %s:%d\n", fd, host, (int) port); @@ -323,12 +323,6 @@ cs->port = port; cs->callback = callback; cs->data = data; - if (addr != NULL) { - cs->in_addr = *addr; - cs->addrcount = 1; - } else { - cs->addrcount = 0; - } cbdataLock(cs->data); comm_add_close_handler(fd, commConnectFree, cs); ipcache_nbgethostbyname(host, commConnectDnsHandle, cs); @@ -339,20 +333,13 @@ { ConnectStateData *cs = data; if (ia == NULL) { - /* If we've been given a default IP, use it */ - if (cs->addrcount > 0) { - fd_table[cs->fd].flags.dnsfailed = 1; - cs->connstart = squid_curtime; - commConnectHandle(cs->fd, cs); - } else { - debug(5, 3) ("commConnectDnsHandle: Unknown host: %s\n", cs->host); - if (!dns_error_message) { - dns_error_message = "Unknown DNS error"; - debug(5, 1) ("commConnectDnsHandle: Bad dns_error_message\n"); - } - assert(dns_error_message != NULL); - commConnectCallback(cs, COMM_ERR_DNS); + debug(5, 3) ("commConnectDnsHandle: Unknown host: %s\n", cs->host); + if (!dns_error_message) { + dns_error_message = "Unknown DNS error"; + debug(5, 1) ("commConnectDnsHandle: Bad dns_error_message\n"); } + assert(dns_error_message != NULL); + commConnectCallback(cs, COMM_ERR_DNS); return; } assert(ia->cur < ia->count); Index: squid/src/dns_internal.c =================================================================== RCS file: /cvsroot/squid/squid/src/dns_internal.c,v retrieving revision 1.63 retrieving revision 1.63.2.1 diff -u -r1.63 -r1.63.2.1 --- squid/src/dns_internal.c 23 Jun 2007 21:06:58 -0000 1.63 +++ squid/src/dns_internal.c 23 Jan 2008 11:00:46 -0000 1.63.2.1 @@ -1,6 +1,6 @@ /* - * $Id: dns_internal.c,v 1.63 2007/06/23 21:06:58 hno Exp $ + * $Id: dns_internal.c,v 1.63.2.1 2008/01/23 11:00:46 hno Exp $ * * DEBUG: section 78 DNS lookups; interacts with lib/rfc1035.c * AUTHOR: Duane Wessels @@ -742,8 +742,7 @@ inet_ntoa(nameservers[ns].S.sin_addr), ntohs(nameservers[ns].S.sin_port), idnsSendTcpQuery, - q, - NULL + q ); } Index: squid/src/forward.c =================================================================== RCS file: /cvsroot/squid/squid/src/forward.c,v retrieving revision 1.131 retrieving revision 1.131.2.1 diff -u -r1.131 -r1.131.2.1 --- squid/src/forward.c 5 Sep 2007 20:03:08 -0000 1.131 +++ squid/src/forward.c 23 Jan 2008 11:00:46 -0000 1.131.2.1 @@ -1,6 +1,6 @@ /* - * $Id: forward.c,v 1.131 2007/09/05 20:03:08 hno Exp $ + * $Id: forward.c,v 1.131.2.1 2008/01/23 11:00:46 hno Exp $ * * DEBUG: section 17 Request Forwarding * AUTHOR: Duane Wessels @@ -339,11 +339,8 @@ * Only set the dont_retry flag if the DNS lookup fails on * a direct connection. If DNS lookup fails when trying * a neighbor cache, we may want to retry another option. - * - * If this is a transparent connection, we will retry using the client's - * DNS lookup */ - if ((NULL == fs->peer) && !fwdState->request->flags.transparent) + if (NULL == fs->peer) fwdState->flags.dont_retry = 1; debug(17, 4) ("fwdConnectDone: Unknown host: %s\n", request->host); @@ -592,9 +589,6 @@ fd = pconnPop(name, port, domain, NULL, 0, &idle); } if (fd != -1) { - /* Don't cache if the returned fd does not have valid DNS */ - if (fd_table[fd].flags.dnsfailed) - storeRelease(fwdState->entry); if (fwdCheckRetriable(fwdState)) { debug(17, 3) ("fwdConnectStart: reusing pconn FD %d\n", fd); fwdState->server_fd = fd; @@ -706,18 +700,7 @@ #endif hierarchyNote(&fwdState->request->hier, fs->code, fwdState->request->host); } - - /* - * If we are retrying a transparent connection that is not being sent to a - * peer, then don't cache, and use the IP that the client's DNS lookup - * returned - */ - if (fwdState->request->flags.transparent && fwdState->n_tries && (NULL == fs->peer)) { - storeRelease(fwdState->entry); - commConnectStart(fd, host, port, fwdConnectDone, fwdState, &fwdState->request->my_addr); - } else { - commConnectStart(fd, host, port, fwdConnectDone, fwdState, NULL); - } + commConnectStart(fd, host, port, fwdConnectDone, fwdState); } static void Index: squid/src/ftp.c =================================================================== RCS file: /cvsroot/squid/squid/src/ftp.c,v retrieving revision 1.348 retrieving revision 1.348.2.1 diff -u -r1.348 -r1.348.2.1 --- squid/src/ftp.c 13 Aug 2007 02:39:27 -0000 1.348 +++ squid/src/ftp.c 23 Jan 2008 11:00:46 -0000 1.348.2.1 @@ -1,6 +1,6 @@ /* - * $Id: ftp.c,v 1.348 2007/08/13 02:39:27 hno Exp $ + * $Id: ftp.c,v 1.348.2.1 2008/01/23 11:00:46 hno Exp $ * * DEBUG: section 9 File Transfer Protocol (FTP) * AUTHOR: Harvest Derived @@ -1849,7 +1849,7 @@ safe_free(ftpState->ctrl.last_reply); ftpState->ctrl.last_command = xstrdup("Connect to server data port"); debug(9, 5) ("ftpReadPasv: connecting to %s, port %d\n", ftpState->data.host, ftpState->data.port); - commConnectStart(fd, ipaddr, port, ftpPasvCallback, ftpState, NULL); + commConnectStart(fd, ipaddr, port, ftpPasvCallback, ftpState); } static void Index: squid/src/ident.c =================================================================== RCS file: /cvsroot/squid/squid/src/ident.c,v retrieving revision 1.64 retrieving revision 1.64.2.1 diff -u -r1.64 -r1.64.2.1 --- squid/src/ident.c 19 Mar 2007 01:21:18 -0000 1.64 +++ squid/src/ident.c 23 Jan 2008 11:00:46 -0000 1.64.2.1 @@ -1,6 +1,6 @@ /* - * $Id: ident.c,v 1.64 2007/03/19 01:21:18 swilton Exp $ + * $Id: ident.c,v 1.64.2.1 2008/01/23 11:00:46 hno Exp $ * * DEBUG: section 30 Ident (RFC 931) * AUTHOR: Duane Wessels @@ -232,8 +232,7 @@ inet_ntoa(state->my_peer.sin_addr), IDENT_PORT, identConnectDone, - state, - NULL); + state); } void Index: squid/src/neighbors.c =================================================================== RCS file: /cvsroot/squid/squid/src/neighbors.c,v retrieving revision 1.319 retrieving revision 1.319.2.1 diff -u -r1.319 -r1.319.2.1 --- squid/src/neighbors.c 28 Aug 2007 23:51:01 -0000 1.319 +++ squid/src/neighbors.c 23 Jan 2008 11:00:46 -0000 1.319.2.1 @@ -1,6 +1,6 @@ /* - * $Id: neighbors.c,v 1.319 2007/08/28 23:51:01 hno Exp $ + * $Id: neighbors.c,v 1.319.2.1 2008/01/23 11:00:46 hno Exp $ * * DEBUG: section 15 Neighbor Routines * AUTHOR: Harvest Derived @@ -1119,8 +1119,7 @@ p->host, p->http_port, peerProbeConnectDone, - p, - NULL); + p); return ret; } Index: squid/src/protos.h =================================================================== RCS file: /cvsroot/squid/squid/src/protos.h,v retrieving revision 1.547.2.2 retrieving revision 1.547.2.3 diff -u -r1.547.2.2 -r1.547.2.3 --- squid/src/protos.h 5 Jan 2008 07:33:18 -0000 1.547.2.2 +++ squid/src/protos.h 23 Jan 2008 11:00:47 -0000 1.547.2.3 @@ -1,6 +1,6 @@ /* - * $Id: protos.h,v 1.547.2.2 2008/01/05 07:33:18 adrian Exp $ + * $Id: protos.h,v 1.547.2.3 2008/01/23 11:00:47 hno Exp $ * * * SQUID Web Proxy Cache http://www.squid-cache.org/ @@ -157,7 +157,7 @@ #if LINGERING_CLOSE extern void comm_lingering_close(int fd); #endif -extern void commConnectStart(int fd, const char *, u_short, CNCB *, void *, struct in_addr *addr); +extern void commConnectStart(int fd, const char *, u_short, CNCB *, void *); extern int comm_connect_addr(int sock, const struct sockaddr_in *); extern void comm_init(void); extern int comm_listen(int sock); Index: squid/src/ssl.c =================================================================== RCS file: /cvsroot/squid/squid/src/ssl.c,v retrieving revision 1.141 retrieving revision 1.141.2.1 diff -u -r1.141 -r1.141.2.1 --- squid/src/ssl.c 13 Dec 2007 01:20:49 -0000 1.141 +++ squid/src/ssl.c 23 Jan 2008 11:00:47 -0000 1.141.2.1 @@ -1,6 +1,6 @@ /* - * $Id: ssl.c,v 1.141 2007/12/13 01:20:49 hno Exp $ + * $Id: ssl.c,v 1.141.2.1 2008/01/23 11:00:47 hno Exp $ * * DEBUG: section 26 Secure Sockets Layer Proxy * AUTHOR: Duane Wessels @@ -659,6 +659,5 @@ sslState->host, sslState->port, sslConnectDone, - sslState, - NULL); + sslState); } Index: squid/src/structs.h =================================================================== RCS file: /cvsroot/squid/squid/src/structs.h,v retrieving revision 1.538.2.3 retrieving revision 1.538.2.4 diff -u -r1.538.2.3 -r1.538.2.4 --- squid/src/structs.h 23 Jan 2008 10:36:46 -0000 1.538.2.3 +++ squid/src/structs.h 23 Jan 2008 11:00:47 -0000 1.538.2.4 @@ -1,6 +1,6 @@ /* - * $Id: structs.h,v 1.538.2.3 2008/01/23 10:36:46 hno Exp $ + * $Id: structs.h,v 1.538.2.4 2008/01/23 11:00:47 hno Exp $ * * * SQUID Web Proxy Cache http://www.squid-cache.org/ @@ -909,7 +909,6 @@ unsigned int nodelay:1; unsigned int close_on_exec:1; unsigned int backoff:1; /* keep track of whether the fd is backed off */ - unsigned int dnsfailed:1; /* did the dns lookup fail */ } flags; comm_pending read_pending; comm_pending write_pending;