You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by sh...@apache.org on 2022/10/15 02:17:08 UTC
[trafficserver] 01/01: Fix transparent tr-pass
This is an automated email from the ASF dual-hosted git repository.
shinrich pushed a commit to branch skh/fix-transparent-pass-through
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
commit 6c00faf88646c0371ca62a7c99bcbe738583cdce
Author: Susan Hinrichs <sh...@ieee.org>
AuthorDate: Fri Oct 14 21:16:47 2022 -0500
Fix transparent tr-pass
---
proxy/http/HttpSM.cc | 25 +++++++++++++++----------
1 file changed, 15 insertions(+), 10 deletions(-)
diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc
index e349181bf..69ee672a6 100644
--- a/proxy/http/HttpSM.cc
+++ b/proxy/http/HttpSM.cc
@@ -651,17 +651,22 @@ HttpSM::setup_blind_tunnel_port()
NetVConnection *netvc = ua_txn->get_netvc();
ink_release_assert(netvc);
int host_len;
- if (auto *tts = dynamic_cast<TLSTunnelSupport *>(netvc)) {
- if (!t_state.hdr_info.client_request.url_get()->host_get(&host_len)) {
- // the URL object has not been created in the start of the transaction. Hence, we need to create the URL here
- URL u;
- t_state.hdr_info.client_request.create(HTTP_TYPE_REQUEST);
- t_state.hdr_info.client_request.method_set(HTTP_METHOD_CONNECT, HTTP_LEN_CONNECT);
- t_state.hdr_info.client_request.url_create(&u);
- u.scheme_set(URL_SCHEME_TUNNEL, URL_LEN_TUNNEL);
- t_state.hdr_info.client_request.url_set(&u);
+ // This applies to both the TLS and non TLS cases
+ if (!t_state.hdr_info.client_request.url_get()->host_get(&host_len)) {
+ // the URL object has not been created in the start of the transaction. Hence, we need to create the URL here
+ URL u;
+
+ t_state.hdr_info.client_request.create(HTTP_TYPE_REQUEST);
+ t_state.hdr_info.client_request.method_set(HTTP_METHOD_CONNECT, HTTP_LEN_CONNECT);
+ t_state.hdr_info.client_request.url_create(&u);
+ u.scheme_set(URL_SCHEME_TUNNEL, URL_LEN_TUNNEL);
+ t_state.hdr_info.client_request.url_set(&u);
+ }
+ TLSTunnelSupport *tts = nullptr;
+ if (!ua_txn->is_outbound_transparent() && (tts = dynamic_cast<TLSTunnelSupport *>(netvc))) {
+ if (!t_state.hdr_info.client_request.url_get()->host_get(&host_len)) {
if (tts->has_tunnel_destination()) {
const char *tunnel_host = tts->get_tunnel_host();
t_state.hdr_info.client_request.url_get()->host_set(tunnel_host, strlen(tunnel_host));
@@ -675,7 +680,7 @@ HttpSM::setup_blind_tunnel_port()
t_state.hdr_info.client_request.url_get()->port_set(netvc->get_local_port());
}
}
- } else {
+ } else { // If outbound transparent or not TLS, just use the local IP as the origin
char new_host[INET6_ADDRSTRLEN];
ats_ip_ntop(netvc->get_local_addr(), new_host, sizeof(new_host));