Hi! I've found that Squid (as of 3.2.0.16) is still overwriting clients
requests to HTTP if they are intercepted:
src/client_side.cc:prepareTransparentURL():
snprintf(http->uri, url_sz, "http://%s%s";, /*conn->port->protocol,*/
host, url);
When I want to intercept https traffic this one really breaks the things
down. I have not deepened into the details, but it seems that everything
works fine (simultaneous http/https) when I use conn->port->protocol and
force protocol to http if it is NULL.
Patch is attached.
--
Best wishes,
Alexander Komyagin
--- a/src/client_side.cc 2012-03-07 06:42:55.000000000 +0400
+++ b/src/client_side.cc 2012-06-07 19:08:59.439591913 +0400
@@ -2087,19 +2087,27 @@
return; /* already in good shape */
/* BUG: Squid cannot deal with '*' URLs (RFC2616 5.1.2) */
- // BUG 2976: Squid only accepts intercepted HTTP.
+ // BUG 2976: Squid only accepts intercepted HTTP (o_O)
if ((host = mime_get_header(req_hdr, "Host")) != NULL) {
int url_sz = strlen(url) + 32 + Config.appendDomainLen +
strlen(host);
http->uri = (char *)xcalloc(url_sz, 1);
+ if (conn->port->protocol != NULL)
+ snprintf(http->uri, url_sz, "%s://%s%s", conn->port->protocol, host, url);
+ else /* Force http */
snprintf(http->uri, url_sz, "http://%s%s";, /*conn->port->protocol,*/ host, url);
debugs(33, 5, "TRANSPARENT HOST REWRITE: '" << http->uri <<"'");
} else {
/* Put the local socket IP address as the hostname. */
int url_sz = strlen(url) + 32 + Config.appendDomainLen;
http->uri = (char *)xcalloc(url_sz, 1);
- http->getConn()->clientConnection->local.ToHostname(ipbuf,MAX_IPSTRLEN),
+ http->getConn()->clientConnection->local.ToHostname(ipbuf,MAX_IPSTRLEN);
+ if (http->getConn()->port->protocol != NULL)
+ snprintf(http->uri, url_sz, "%s://%s:%d%s",
+ http->getConn()->port->protocol,
+ ipbuf, http->getConn()->clientConnection->local.GetPort(), url);
+ else
snprintf(http->uri, url_sz, "http://%s:%d%s";,
// http->getConn()->port->protocol,
ipbuf, http->getConn()->clientConnection->local.GetPort(), url);
