]>
Commit | Line | Data |
---|---|---|
a214cc23 AJ |
1 | Changes to squid-3.1.18 (03 Dec 2011): |
2 | ||
3 | - Regression: compile error in FTP | |
4 | ||
24c69e20 AJ |
5 | Changes to squid-3.1.17 (03 Dec 2011): |
6 | ||
7 | - Bug 3432: Crash logging FTP errors | |
8 | - Bug 3428: Active FTP data channel accepted twice | |
9 | - Bug 3423: access violation in URL parser | |
10 | - Bug 3422: Buffer overflow in recv-announce | |
11 | - Bug 3412: External ACL Uses Invalid Cache Entry | |
12 | - Bug 3408: Wrong header length leads to EFAULTs when creating UFS swap.log.new | |
13 | - Bug 3398: persistent server connection closed after PUT/DELETE | |
14 | - Bug 3299: dnsserver: various undefined references | |
15 | - Bug 3077: '\' in url query strings cause Digest authentication to fail | |
16 | - Bug 2910: MemBuf may grow beyond max_capacity | |
17 | - Bug 2619: Excessive RAM growth due to unlimited adapted body data consumption | |
18 | - Bug 1243: Build overrides configured AR setting | |
19 | - Avoid crashes when processing bad X509 common names (CN). | |
20 | - Support %% in external ACL format | |
21 | - ... and several other compile error fixes | |
22 | - ... and several documentation fixes | |
23 | ||
dbcfc49c AJ |
24 | Changes to squid-3.1.16 (14 Oct 2011): |
25 | ||
26 | - Bug 3373: invalid URL in ERR_CACHE_ACCESS_DENIED | |
27 | - Bug 3368: Unhandled exceptions are not logged (workaround) | |
28 | - Bug 3326: miss_access incorrect default | |
29 | - Bug 3320: miss_access description confusing | |
30 | - Bug 3241: squid_kerb_auth cross compilation fix | |
31 | - Bug 3237: seq fault in free() from rfc1035RRDestroy | |
32 | - Bug 3190: Large HTTP POST stuck after early ICAP 400 error response | |
33 | - db_auth: display available DSN drivers on connect error | |
34 | - Updated OpenSSL 1.0.0 version checks | |
35 | - ... and several documentation fixes | |
36 | ||
4d4381b1 AJ |
37 | Changes to squid-3.1.15 (28 Aug 2011): |
38 | ||
39 | - Regression fix: vhost and defaultsite causing vport to be ignored | |
64194e8b | 40 | - Regression Bug 3295: broken escaping in rfc1738_do_escape |
4d4381b1 AJ |
41 | - Bug #3232: fails to compile with OpenSSL v1.0.0 |
42 | - Bug #3222: cache_peer name is not logging on CONNECT | |
43 | - Bug #3131: fd_table[fd].closing() assert from ConnStateData::noteMoreBodySpaceAvailable() | |
44 | - Bug #3217: "!fd_table[fd].closing()" from ServerStateData::noteMoreBodySpaceAvailable | |
45 | - Bug #3213: https sites (CONNECT) not open when using NTLM | |
46 | - Bug #3114: Memory leak in SSL certificate verify code | |
47 | - Bug #3107: ncsa_auth DES silently truncates passwords to 8 bytes | |
48 | - Bug #2662: cf_gen failure when cross compiling | |
49 | - Bug #2655: passing wrong the username to the url_rewrite_program | |
50 | - Bug #2495: ignore whitespace prefix on config lines | |
51 | - Bug #2051: 'default' cache_peer option does not match documentation | |
52 | - Bug #1842: Optimize order of tests in peerWouldBePinged() and peerHTTPOkay() | |
53 | - Bug #1791: timestampsSet does not validate Date: if server sends very old date | |
54 | - Correct parsing of large Gopher indexes | |
55 | - Enable negative cacheing on unknown or -1 expiry timestamp | |
64194e8b | 56 | - Remove hierarchy_stoplist default value |
4d4381b1 AJ |
57 | - Migrate cf_gen tool from C-style to C++ |
58 | - ... and several documentation and compiler warning fixes | |
59 | ||
3c8b5c1e AJ |
60 | Changes to squid-3.1.14 (04 Jul 2011): |
61 | ||
62 | - Regression Bug 3261: Could not create a DNS socket and exit | |
63 | ||
24d2fbdc AJ |
64 | Changes to squid-3.1.13 (01 Jul 2011): |
65 | ||
66 | - Regression Bug 3239: problems with myip/myport upgrade | |
67 | - Bug 3153: hung ICAP RESPMOD transactions | |
68 | - Update ssl_crtd to use 'OK' status inline with other helpers | |
69 | ||
29ff6eec AJ |
70 | Changes to squid-3.1.12.3 (18 Jun 2011): |
71 | ||
72 | - Bug 3236: Port of %oa, %<lp and %<lp and %<la log format options | |
73 | - Bug 3214: unexpected read from ssl_crtd | |
74 | - Bug 3153: Prevent ICAP RESPMOD transactions getting stuck with the adapted body | |
75 | - Fix RADIUS helper resource leak | |
76 | - Fix segfault parsing digest auth realm | |
77 | - Fix segfault in parse_eol() | |
78 | - Fixed bypass of SSL certificate validation errors | |
79 | - Warn about myip/myport problems on interception proxies | |
80 | - Polish: display easily grepped config lines on -k parse | |
81 | - Fix squidclient -V option and allow non-HTTP protocols to be tested | |
82 | ||
245f66fc AJ |
83 | Changes to squid-3.1.12.2 (30 May 2011): |
84 | ||
85 | - Bug 3226: Tags from external ACLs do not correctly expire | |
86 | - Bug 3215: Malformed IPv6 DNS reverse lookup | |
87 | - Bug 3209: ssl-bumped requests forwarded unencrypted to the parent proxies/caches | |
88 | - Bug 3205: SSL-bump starts then hangs | |
89 | - Bug 3178: gcc-4.6 complains unused variables | |
90 | - Bug 3122: Unknown record type in WCCPv2 Packet (6) | |
91 | - Bug 2965 (partial): Compile errors on MinGW | |
92 | - Fix to only ssl-bump CONNECT requests if they are about to be tunneled | |
93 | - Fix cache manager display of -i/+i in regex ACL config display | |
94 | - Fix cache manager display of cache_peer options userhash and sourcehash | |
95 | - Fix URL re-writer loosing many transaction details | |
96 | - Fix always-true comparison in ICAP for some 32-bit platforms | |
97 | - Support for 'slow' group ACLs in ssl_bump access control | |
98 | - Support OpenSSL 1.0.0 built without SSLv2 | |
99 | - Support GCC 4.6 and binutils-gold | |
100 | - Add CSS id attribute to BODY tag of generated error pages. | |
101 | - Display WARNING and ERROR when max_filedescriptors has failed | |
102 | ||
4eb155de AJ |
103 | Changes to squid-3.1.12.1 (19 Apr 2011): |
104 | ||
105 | - Port from 3.2: Dynamic SSL Certificate generation | |
106 | - Bug 3194: selinux may prevent ntlm_smb_lm_auth from using /tmp | |
107 | - Bug 3185: 3.1.11 fails to compile on OpenBSD 4.8 and 4.9 | |
108 | - Bug 3183: Invalid URL accepted with url host part of only '@' | |
109 | - Display ERROR in cache.log for invalid configured paths | |
110 | - Cache Manager: send User-Agent header from cachemgr.cgi | |
111 | - ... and many portability compile fixes for non-GCC systems. | |
112 | ||
fba3f728 AJ |
113 | Changes to squid-3.1.12 (04 Apr 2011): |
114 | ||
115 | - Regression fix: Use bigger buffer for server reads. | |
116 | - Regression fix: Add reply_header_replace directive for ability lost since 2.7 | |
117 | - Bug 3181: /dev/poll fails to build on Solaris with GCC 4.5.0 | |
118 | - Bug 3177: assertion failed: comm.cc:1583: "fd >= 0" | |
119 | - Bug 3175: IPv6 PTR lookup crashes on raw-IP URLs when IPv6 disabled | |
120 | - Bug 3173: Assertion bodyPipe!=NULL on SslBump CONNECT response writing failure | |
121 | - Bug 3164: Total memory info display 32-bit overflows | |
122 | - Bug 3155: Werror is hard-coded in libTrie build | |
123 | - Bug 3151: squid_kerb_auth: use autoconf LIBS instead of FLAGS for library linkage | |
124 | - Bug 2976: invalid URL on intercepted requests during reconfigure | |
125 | - Bug 2720: comment in same line as cache/mem_replacement_policy causes error | |
126 | - Bug 2621: Provide request headers to RESPMOD when using cache_peer. | |
127 | - Bug 2330: AuthUser objects are never unlocked | |
128 | - Prevent CONNECT request relaying to origin servers | |
129 | - squidclient HTTP/1.1 compliance updates (Pragma and User-Agent headers) | |
130 | - squidclient: send Cache Manager password using -w | |
131 | - eCAP: give full Request-URI to adapters | |
132 | - ... and several debug and error display cleanups | |
133 | ||
fb6ff7ef AJ |
134 | Changes to squid-3.1.11 (08 Feb 2011): |
135 | ||
136 | - Bug 3149: not caching eCAP adapted body | |
137 | - Bug 3144: redirector program blocks while reading STDIN | |
138 | - Bug 3140: memory leak in error page generation | |
139 | - Bug 3137: RADIUS auth helper does not send identifier to RADIUS server | |
140 | - Bug 3115: logging segfaults if access_log is set to a directory | |
141 | - Bug 2968: Show the Vary: headers information in cachemgr objects report | |
142 | - Bug 2959: remove SAMBAPREFIX dependency | |
143 | - Bug 2868: icc doesn't like string literal in assert checks | |
144 | - HTTP/1.1: Send 307 status on deny_info redirection | |
145 | - HTTP/1.1: Support POST/PUT with no body | |
146 | - HTTP/1.1: Allow persistent connections for Mozilla/3.0 User-Agents | |
147 | - Support RFC 5861 Cache-Control: stale-if-error option | |
148 | - Add ftp_eprt directive to disable EPRT extensions in FTP | |
149 | - Fix external_acl_type grace=0 to obey TTL | |
150 | - Fix IP/FQDN cache accounting to avoid idle caches on busy servers | |
151 | - Prevent pipeline_prefetch misconfigurations breaking NTLM/Negotiate auth | |
152 | - ... and some documentation updates and corrections | |
153 | - ... and some portability and stability fixes | |
154 | ||
0dfb0fbc AJ |
155 | Changes to squid-3.1.10 (22 Dec 2010): |
156 | ||
157 | - Bug 3121: memory leak in DigestAuth: AuthUser object is locked twice | |
158 | - Bug 3113: Consuming too much memory when uploading files | |
159 | - Bug 3110: 'reply_body_max_size none' does not work with x-forwarded-for | |
160 | - Bug 3096: Consuming too much memory when delaying traffic | |
161 | - Bug 3091: Bypassed ICAP errors are not counted as service failures | |
162 | - Bug 3090: Polish FTP login error handing | |
163 | - Bug 3068: cache_dir capacity and usage overflows | |
164 | - Bug 3028: Permit wbinfo_group.pl to authenticate Kerberos users with NT domain | |
165 | - Bug 427: HTTP Compliance: Support If-Match and If-None-Match requests | |
166 | - Fix memory leak in adaptation_access | |
167 | - Fix /dev/poll and poll() selection priority | |
168 | - Fix PREFIX/var/run creation during install | |
169 | - Fix cachemgr http_port config report display | |
170 | - Add upgrade help process for obsolete options | |
171 | - Accept RFC 2965 Set-Cookie2 / Cookie2 headers as 'known' | |
172 | - HTTP/1.1: entry is stale if request has max-age=0 | |
173 | - HTTP/1.1: do not forward TRACE with Max-Forwards: 0 after REQMOD | |
174 | - Toolchain update to support newer auto-tools | |
175 | - ... and updated error page translations | |
176 | - ... and updated documentation | |
177 | - ... and some code optimization/simplification polish | |
178 | ||
05994e2b AJ |
179 | Changes to squid-3.1.9 (25 Oct 2010): |
180 | ||
181 | - Bug 3088: dnsserver is segfaulting | |
182 | - Bug 3084: IPv6 without Host: header in request causes connection to hang | |
183 | - Bug 3082: Typo in error message | |
184 | - Bug 3073: tunnelStateFree memory leak of host member | |
185 | - Bug 3058: errorSend and ICY leak MemBuf object | |
186 | - Bug 3057: 64-bit Solaris 9 Squid unable to determine peer IP and port | |
187 | - Bug 3056: comm.cc "!fd_table[fd].closing()" assertion crash when a helper dies | |
188 | - Bug 3053: cache version 1 LFS support detection broken | |
189 | - Bug 3051: integer display overflow | |
190 | - Bug 3040: Lower-case domain entries from hosts and resolv.conf files | |
191 | - Bug 3036: adaptation_access acls cannot see myportname | |
192 | - Bug 3023: url_rewrite_program silently fails to rewrite on broken URLs | |
193 | - Bug 2964: Prevent memory leaks when ICAP transactions fail | |
194 | - Bug 2808: getRoundRobinParent not handling weights correctly | |
195 | - Bug 2793: memory statistics sometimes display wrong | |
196 | - Bug 2356: Port from 2.7: Solaris /dev/poll event ports support | |
197 | - Bug 2311: crashes with ICAP RESPMOD for HTTP body size greater than 100kb | |
198 | - Ensure /var/cache or jail equivalent exists on install | |
199 | - HTTP/1.1: delete Warnings that have warning-date different from Date | |
200 | - HTTP/1.1: do not remove ETag header from partial responses | |
201 | - HTTP/1.1: make date parser stricter to better handle malformed Expires | |
202 | - HTTP/1.1: improve age calculation | |
203 | - HTTP/1.1: reply with a 504 error if required validation fails | |
204 | - HTTP/1.1: add appropriate Warnings if serving a stale hit | |
205 | - HTTP/1.1: support requests with Cache-Control: min-fresh | |
206 | - HTTP/1.1: do not cache replies to requests with Cache-Control: no-store | |
207 | - squidclient: Display IP(s) connected to in verbose (-v) display | |
208 | - Fixes several issues with ICAP persistent connections | |
209 | - Fixes small leaks in Netdb, DNS, ICAP, ICY, HTTPS | |
210 | - ... and some cosmetic polishing | |
211 | ||
38599302 AJ |
212 | Changes to squid-3.1.8 (04 Sep 2010): |
213 | ||
214 | - Bug 3033: incorrect information regarding TOS | |
215 | - Bug 3020: Segmentation fault: nameservers[vc->ns].vc = NULL | |
216 | - Bug 3005,2972: Locate LTDL headers correctly (again) | |
217 | - Bug 2872: leaking file descriptors | |
218 | - Bug 2583: pure virtual method called | |
219 | - Hardened DNS client against packet queue attacks | |
220 | - Hardened HTTP request-line parser | |
221 | - Several HTTP/1.1 support improvements | |
222 | - Improved cross-compile support | |
223 | - .. and several internal pointer safety fixes | |
224 | ||
4d06bba3 AJ |
225 | Changes to squid-3.1.7 (23 Aug 2010): |
226 | ||
227 | - Regression Bug 3021: Large DNS reply causes crash | |
228 | - Regression Bug 3011: ICAP, HTTPS, cache_peer probe IPv4-only port fixes | |
229 | - Regression Bug 2997: visible_hostname directive no longer matches docs | |
230 | - Bug 3012: deprecate sslBump and support ssl-bump spelling in http_port | |
231 | - Bug 3006: handle IPV6_V6ONLY definition missing | |
232 | - Bug 3004: Solaris 9 SunStudio 12 build failure | |
233 | - Bug 3003: inconsistent concepts in documentation of cache_dir | |
234 | - Bug 3001: dnsserver link issues | |
235 | - HTTP/1.1: default keep-alive for 1.1 clients (bug 3016) | |
236 | - HTTP/1.1: Improved Range header field validation | |
237 | - HTTP/1.1: Forward multiple unknown Cache-Control directives | |
238 | - HTTP/1.1: Stop sending Proxy-Connection header | |
239 | - Fix 32-bit wrap in refresh_pattern min/max values | |
240 | - ... and several documentation corrections. | |
241 | ||
2962ef7c AJ |
242 | Changes to squid-3.1.6 (02 Aug 2010): |
243 | ||
244 | - Bug 2994, 2995: IPv4-only regressions | |
245 | - Bug 2991: Wrong parameters to fcntl() in commSetCloseOnExec() | |
246 | - Bug 2975: chunked requests not supported after regular ones | |
247 | - Fix: 32-bit overflow in reported bytes received from next hop | |
248 | - Fix Libtool build regressions | |
249 | - Limited split-stack IPv6 support. | |
250 | - squid_db_auth support MD5 encrypted passwords | |
251 | ||
2c2964ae AJ |
252 | Changes to squid-3.1.5.1 (28 Jul 2010): |
253 | ||
254 | - Update Libtool to 2.2. | |
255 | - Bug 2985: search scope for digest_ldap_auth didn't work | |
256 | - Bug 2972: LTDL 2.2.6b compile errors | |
257 | - Bug 2963: Stop ignoring --with-valgrind-debug failures | |
258 | - Bug 2885: AIX support: several fixes | |
259 | - Bug 2651: crash handling NULL write callback | |
260 | - Fixed several memory leaks related to Range requests | |
261 | - Fixed Joomla DB auth handling | |
262 | - Fixed SASL helper build checks | |
263 | - Fixed several IPv6 portability problems | |
264 | - Updated error page translations | |
265 | ||
17b0dc7f AJ |
266 | Changes to squid-3.1.5 (02 Jul 2010): |
267 | ||
268 | - Bug 2967: raw-IPv6 address URL with append_domain broken | |
269 | - Bug 2950: HTTP responses with no Date, L-M or Expires can now be cached | |
270 | - Bug 2943: ICAP tokens not logged when using multiple access | |
271 | - Bug 2937: Fails to detect chunked encoding if not given in all lower case | |
272 | - Bug 2903: does not send indirect X-Client-Ip in ICAP respmod | |
273 | - Fix free memory corruption and off-by-one error when comparing SNMP OIDs | |
274 | - Port from 2.7: max_filedescriptor config option | |
275 | - Fix persistent_connection_after_error is meant to be on by default | |
276 | - ... and several build errors. | |
277 | ||
a7422fd4 AJ |
278 | Changes to squid-3.1.4 (30 May 2010): |
279 | ||
280 | - Bug 2933: Verification of the max. port number for WCCP2 dynamic service | |
281 | - Bug 2924: RADIUS helper compile issues | |
282 | - Bug 2922: Fix assertion failed: HttpHeader.cc: "Headers[id].stat.aliveCount" | |
283 | - Bug 2919: tcp_outgoing_address ACLs not obeying acl_uses_indirect_client | |
284 | - Bug 2896: Fix assertion failed: comm.cc:2063: "!fd_table[fd].closing()" | |
285 | - Bug 2879: pt2: 3.0 regression in headers end finding | |
286 | - Bug 2877: pt2: only output zero-size warning on reverse-proxy requests | |
287 | - Bug 2876: FD_SETSIZE override not working on all linux distributions | |
288 | - Bug 2810: common log format generates 2 lines of syslog | |
289 | - Bug 2789: Optimize unlimited memory pools, and correctly handle limits over 2GB | |
290 | - Bug 2753: Fall back on IPv4 if IPv6 is not present | |
291 | - Bug 2697: Adaptation leaks and extra requests after reconfiguration | |
292 | - Bug 2633: Fix Ecap::HeaderRep::value(name) fails when there is no named header field | |
293 | - Change LDAP helpers to default to LDAP version 3 if available | |
294 | - Add Joomla and Salted Hash support to squid_db_auth helper | |
295 | - Fixed IpAddress port printing for ports higher than 9999 | |
296 | - Disable chunked memory pooling by default. | |
297 | - ... and several build errors. | |
298 | ||
30633628 AJ |
299 | Changes to squid-3.1.3 (02 May 2010): |
300 | ||
17b0dc7f | 301 | - Remove: Advertise 1.1 on replies to clients (broken chunked handling) |
30633628 AJ |
302 | - Fix tag ACL type not working |
303 | ||
14391b40 AJ |
304 | Changes to squid-3.1.2 (01 May 2010): |
305 | ||
306 | - Bug 2913: Fix DB auth warning in new perl version | |
307 | - Bug 2904: Prevent automake creating incomplete files | |
308 | - Bug 2899: Regression: Restore lost rfc1738_unescape() data type | |
309 | - Bug 2895: Regression: TPROXY2 compile errors | |
310 | - Bug 2879: Regression: headers end-finding | |
311 | - Bug 2874: Accept literal IPv6 address in icap_service URL | |
312 | - Bug 2860: Regression: WCCPv1 handshake | |
313 | - Bug 2848: Pass TCP_RST to client on early disconnect | |
314 | - Debian Bug 578047: Correct behaviour of --enable-ipv6 | |
17b0dc7f AJ |
315 | - HTTP/1.1: Advertise 1.1 on requests to servers |
316 | - HTTP/1.1: Advertise 1.1 on replies to clients | |
14391b40 AJ |
317 | - AIX / UNIX build fixes |
318 | - Cygwin build fixes | |
319 | - squidclient: -k option to test connection keep-alive or close | |
320 | - Improved helper build for wider compatibility | |
321 | - Ensure the PID file directory exists on install | |
322 | ||
18f5446e AJ |
323 | Changes to squid-3.1.1 (29 Mar 2010): |
324 | ||
325 | - Bug 2873: undefined symbol | |
326 | - Bug 2827: assertion in authentication | |
327 | - Remove ufsdump binary from default builds | |
328 | - Remove pinger from default startups | |
329 | - ... and several documentation updates. | |
330 | ||
28531efe AJ |
331 | Changes to squid-3.1.0.18 (14 Mar 2010): |
332 | ||
333 | - Regression Fix: IPv4-mapped prefix, broken in 3.1.0.16 | |
334 | - Bug 2869: Remove unused external reference | |
335 | - Bug 2866: Support OpenSSL 1.0 | |
336 | - Bug 2813: Random unix_group crash at startup | |
337 | - Send HTTP1.1 compliant 417 responses | |
338 | - Associate external acl message with the request | |
339 | - Various Digest parser fixes | |
340 | - ... and all bug fixes from 3.0 up to 3.0.STABLE25 | |
341 | ||
65a0de4a AJ |
342 | Changes to squid-3.1.0.17 (24 Feb 2010): |
343 | ||
344 | - Regression Fix: Non-English error page UTF encoding | |
345 | - Bug 2616: reduce IdleConnList::removeFD messages | |
346 | - Bug 1843: multicast-siblings cache_peer option | |
347 | - Port from 2.7: X509 certificate alias-domain handling | |
348 | - Add adapted_http_access option | |
349 | - NTLMv2 support for fake NTLM helper | |
350 | ||
c4a0c2a9 AJ |
351 | Changes to squid-3.1.0.16 (01 Feb 2010): |
352 | ||
353 | - Regression Fix: Make Squid abort on all config parse failures. | |
354 | - Regression Bug 2811: SNMP client/peer table OID numbering | |
355 | - Bug 2851: Connection pinning fails when using a peer | |
356 | - Bug 2850: Mismatch in hier_code enum / hier_strings array | |
357 | - Bug 2731: Add follow_x_forwarded_for support to ICAP | |
358 | - Bug 2730: Regressions in follow_x_forwarded_for since Squid-2 | |
359 | - Bug 2706: Set timestamps during ICAP request satisfaction. | |
360 | - Bug 2553: X-Forwarded-For with IPv6 address not handled correctly | |
361 | - Fix: WCCPv1 not connecting to router correctly | |
362 | - Remove obsolete RunCache/RunAccel scripts. | |
363 | - Add client_ip_max_connections | |
364 | - Add the http::>ha format code and make http::>h log original request headers | |
365 | - ... and all bug fixes from 3.0 up to 3.0.STABLE22 | |
366 | - ... and many more minor build and display annoyances. | |
367 | ||
9b0cc7ab AJ |
368 | Changes to squid-3.1.0.15 (23 Nov 2009): |
369 | ||
370 | - Regression Fix: myip ACL not accepted in config | |
371 | - Bug 2795: acl arp lookups including port | |
372 | - Bug 2794: ESI parsing fails on FreeBSD | |
373 | - Bug 2778: fix linking issues using SunCC | |
374 | - Bug 2724: eCAP build failure unless ICAP enabled | |
375 | - Bug 2628: Correct default PID location to PREFIX/var/run/squid.pid | |
376 | - Bug 2617: Performance degradation during processing list of dstdomain ACL's | |
377 | - Bug 2374: Support ICY / ICEcast / SHOUTcast streaming protocol. | |
378 | - Fix: 64-bit filesize issue in squidclient POST of large files | |
379 | - Fix: send correct Connection: header on intercepted replies | |
380 | - Support libtool 2.x | |
381 | - ESI libraries libexpat and libxml2 now optional | |
382 | - ESI support default enabled | |
383 | - Bump libcap minimum requirement to libcap 2.09+ | |
384 | - ARP / MAC support fixes for IPv6-mode | |
385 | - Add outstanding IPv6 settings to squid.conf (localnet, localhost) | |
386 | - ... and many additions to the background testing structure | |
387 | - ... and very many minor build and code cleanups for non-GCC compilers. | |
388 | ||
47053128 AJ |
389 | Changes to squid-3.1.0.14 (27 Sep 2009): |
390 | ||
391 | - Bug 2777: Various build issues on OpenSolaris | |
392 | - Bug 2773: Segfault in RFC2069 Digest authentication | |
393 | - Bug 2747: Compile errors on Solaris 10 | |
394 | - Bug 2735: Incomplete -fhuge-objects detection | |
395 | - Bug 2722: Fix http_port accel combined with CONNECT | |
396 | - Bug 2718: FTP sends EPSV2 on IPv4 connection | |
397 | - Bug 2648: stateful helpers stuck in reserved | |
398 | - Bug 2570: wccp2 "Here I Am" announcements not sent in memory-ony mode | |
399 | - Bug 2510: digest_ldap_auth uses incorrect logic with TLS | |
400 | - Bug 2483: bind() called before connect() | |
401 | - Bug 2215: config file line length limit (extended to 2 KB) | |
402 | - Support Accept-Language: * wildcard | |
403 | - Support autoconf 2.64 | |
404 | - Support TPROXY for IPv6 traffic (requires kernel support) | |
405 | - Support TPROXY cache cluster behind WCCPv2 | |
406 | - Correct ESI support to work in multi-mode Squid | |
407 | - Add 0.0.0.0 as an to_localhost address | |
408 | - DiskIO detection fixes and use optimal IO in default build. | |
409 | - Correct peer connect-fail-limit default of 10 | |
410 | - Prevent squidclient sending two Accept: headers | |
411 | - ... all bug fixes from 3.0.STABLE19 | |
412 | - ... and many more documentation fixes | |
413 | ||
c43ae961 AJ |
414 | Changes to squid-3.1.0.13 (04 Aug 2009): |
415 | ||
416 | - Bug 2723 regression: enable PURGE requests if PURGE method ACL is present. | |
417 | - Fix one more internal profiler error | |
418 | - Language Updates: Italian, Russian | |
419 | - Language Updates: Add many more aliases | |
420 | - Add Copyright document for errors/ content | |
421 | - ... all bug fixes from 3.0.STABLE18 | |
422 | - ... and several code polishing cleanups | |
423 | ||
a83cbc60 AJ |
424 | Changes to squid-3.1.0.12 (27 Jul 2009): |
425 | ||
426 | - Bug 2716: Chunked request Signed/Unsigned build error | |
427 | - Bug 2674: Remove limit on HTTP headers read. | |
428 | - Bug 2620: Invalid HTTP response codes causes segfault | |
429 | - Fix FTP EPSV negotiation parser. | |
430 | - Fix Via string when leak checking is enabled (valgrind etc) | |
431 | - ... and several documentation and testing additions | |
432 | ||
b70fc14f AJ |
433 | Changes to squid-3.1.0.11 (19 Jul 2009): |
434 | ||
435 | - Bug 2087: Support adaptation sets and chains | |
436 | - Bug 2459: dns error message broken when error handling delayed | |
437 | - Support ICAP Retry | |
438 | - Support ICAP retries based on the ICAP responses status code | |
439 | - Support logging ICAP | |
440 | - Support logging total DNS wait time | |
441 | - Support logging response times of adaptation transactions | |
442 | - General logging enhancements | |
443 | - Dynamically form chains based on ICAP X-Next-Services header | |
444 | - Support cross-transactional ICAP header exchange | |
445 | - ... and much adaptation polish and improvements | |
446 | ||
9f1a6e8c AJ |
447 | Changes to squid-3.1.0.10 (18 Jul 2009): |
448 | ||
449 | - Bug 2680: Regression Crash after rotate with no helpers running | |
450 | - Bug 2695: Regression in WCCPv2 L2 mask assignment | |
451 | - Bug 2707: Regression in FTP anonymous auth | |
452 | - Bug 422, 2706: RFC 2616 Date header requirements | |
453 | - Bug 1087: ESI processor not quoting attributes correctly. | |
454 | - Bug 1338: File prefetches aborted despite range_offset | |
fa643a08 | 455 | - Bug 2080: wbinfo_group.pl - false positive under certain conditions |
9f1a6e8c | 456 | - Bug 2092: select loop 32-bit call counter overflows |
fa643a08 | 457 | - Bug 2127: delay pools class 4 crashes with ntlm auth |
9f1a6e8c AJ |
458 | - Bug 2611: document fast/slow acl types |
459 | - Bug 2614: Potential loss of adapted body data from eCAP adapters | |
460 | - Bug 2658: Missing TextException copy constructor | |
461 | - Bug 2659: String length overflows on append, leading to segfaults | |
462 | - Bug 2699: Build failure NTLM smb_lm helper | |
463 | - Bug 2709: TRANSLATIONS not installed | |
464 | - Bug 2710: squid_kerb_auth non-terminated string | |
465 | - Delay pools 64-bit buckets and IPv6-polish | |
466 | - Break forwarding loops for "transparent" or "intercept" http_ports. | |
467 | - Add --disable-translation option to detatch .po from error negotiation | |
468 | - Add squidclient man(1) page | |
469 | - Add localhost to default permitted networks | |
470 | - http_port allow-direct option to allow direct forwarding in accelerator mode | |
471 | - ... and many testing infrastructure updates | |
472 | ||
06202407 AJ |
473 | Changes to squid-3.1.0.9 (26 Jun 2009): |
474 | ||
475 | - Bug 2682: Add ftp_epsv control to disable EPSV support. | |
476 | - Bug 2665: Detach automake system from using -I. | |
477 | - Bug 2395: FTP auth errors not displayed | |
478 | - ... also several changes and bugs closed in 3.0.STABLE16 | |
479 | - Port from 2.7: Show local address on listening sockets | |
480 | - Add "tag" type acl matching tags set by external acl helpers. | |
481 | - Adds Language alias linker/installer/upgrade scripts | |
482 | - Support for GCC 4.4 | |
483 | - Fix false NAT lookup errors on Linux | |
484 | - Fix many Windows port issues | |
485 | - Fix squid_kerb_auth helepr install location | |
486 | - Better detection of IPv6 stack types | |
487 | - Updates Licensing information for Squid 3.1 | |
488 | - ... and many packaging portability build and install issues | |
489 | ||
ae7452a6 AJ |
490 | Changes to squid-3.1.0.8 (24 May 2009): |
491 | ||
492 | - Bug 2656: Pinger dies with general protection fault | |
493 | - Bug 2650: configure requires epoll_ctl in libepoll when --enable-epoll used | |
494 | - Bug 2648: Authentificator processes deferring and don't shutdown. | |
495 | - Bug 2645: allow squid to ignore must-revalidate | |
496 | - Bug 2644: auth scheme initialization is broken | |
497 | - Bug 2632: Make number of reforwarding tries configurable | |
498 | - Bug 2628: --with-pidfile=PATH option to override DEFAULT_PID_FILE | |
499 | - Bug 2627: HTCP Logging | |
500 | - Bug 2615: Call libecap::adapter::Service::start() when finalizing config. | |
501 | - Bug 2589: SNMP returning no data - wrong oid decoded | |
502 | - Bug 2571: Squid with IPv6 fails to start on kernel without IPv6 | |
503 | - Bug 2559: Problem parsing /0 and /0.0.0.0 | |
504 | - Bug 2404: WCCP in mask mode is broken | |
505 | - ... also all bugs closed by 3.0.STABLE14, 3.0.STABLE15, 3.0.STABLE16-RC1 | |
506 | - Complete Interception multiple NAT support | |
507 | - Add Content-Disposition to the known headers list. | |
508 | - Make PEER_TCP_MAGIC_COUNT configurable | |
509 | - Fix pinger install location | |
510 | - Enable TPROXY v4 spoofing of CONNECT requests | |
511 | - ... and much documentation and code polishing | |
512 | ||
3a1cc92b AJ |
513 | Changes to squid-3.1.0.7 (08 Apr 2009): |
514 | ||
515 | - Fix: several issues with ident | |
516 | - Add several language translations | |
517 | - Upgrade code testing infrastructure | |
518 | - Migrate much code to build as internal libraries | |
519 | - Support gcc 4.4 | |
520 | - Support doxygen 1.5.8 | |
521 | - ... and much code polish to make things read easier | |
522 | ||
499769c3 | 523 | Changes to squid-3.1.0.6 (02 Mar 2009): |
c1f5261e | 524 | |
3a1cc92b | 525 | - Regression Fix: Support HTTP/0.9 in accelerator mode |
499769c3 | 526 | - Regression bug 2608: Build broken by Linux basename() implementation. |
c1f5261e AJ |
527 | - Bug 2601: Hack. Convert IPv4 netmasks to CIDR in IPv6-enabled mode |
528 | - Bug 2593: Compile errors on Solaris 10 | |
529 | - Bug 2591: adaptation_access does not work | |
530 | - Bug 2588: coredump in rDNS lookup | |
531 | - Bug 2526: default ALLOW when no list specified. | |
532 | - Bug 2287: Send a 505 on requests with unsupported HTTP versions | |
533 | - Bug 419: Hop by Hop headers MUST NOT be forwarded | |
534 | - Fix external_acl_type handling of SSL certificate details | |
535 | - Obsolete: dependency on nss_common.h and nss.h | |
536 | - Support libtool2 | |
537 | - ... and various documentation and code polish | |
538 | ||
6489f6d7 AJ |
539 | Changes to squid-3.1.0.5 (03 Feb 2009): |
540 | ||
541 | - Bug 2583: Fixed issue in content adaptation | |
542 | - Bug 2576: Make translate target obey --disable-auto-locale | |
543 | - Bug 2571: Add DNS failover to use IPv4-only listen when IPv6 fails. | |
544 | - Bug 2563: 99+% CPU Usage on FTP URL | |
545 | - Bug 2505, 2524, 2558: fixed several issues on connection handling | |
546 | - Fix several issues in request parsing | |
547 | - Fix memory leak from logformat parsing | |
548 | - Fix various ESI build errors | |
549 | - Make configure tests use C++ instead of C | |
550 | - Drop special localhost conversion RFC violation. | |
551 | - Add Language: Arabic | |
552 | - ... and various documentation and code polish | |
553 | ||
554 | Changes to squid-3.1.0.4 (23 Jan 2009): | |
96e74329 AJ |
555 | |
556 | - Regression Fix: Bug 2558: rollback bug 2395 fix. | |
557 | - Bug 2555: Fixes to SNMP-MIB | |
558 | - Bug 2550: assertion comm.cc:350 !fd_table[fd].closing() | |
559 | - Bug 2547,2548: OSX compile errors (duplicate symbols and IPv6) | |
560 | - Bug 2508: comm.cc:2035 assertion fd_table[fd].closing() | |
561 | - Bug 2330: allow keep-alive+chunked; don't add max-age for no-cache | |
562 | - Polish ZPH configuration interface | |
563 | - Several Language Conversions to new auto-negotiate | |
564 | - Port from 2.7: squidclient -V and -j options for HTTP/1.1 and 0.9 testing | |
565 | - Fix: Pconn not being used when they should. | |
566 | - Fix: Fix pinger immediate shutdowns | |
567 | - Fix: Untangle CacheManager reports from log_fqdn | |
568 | - ... and all bugs fixed for 3.0.STABLE12 | |
569 | - ... and many code polish and optimization fixes. | |
570 | ||
5e805c7d AJ |
571 | Changes to squid-3.1.0.3 (5 Dec 2008): |
572 | ||
573 | - Regression Fix: StoreIOBuffer patch removed. | |
574 | - Regression Fix: build issues with 3.1.0.2 bundle | |
575 | - Security Bug 2526: default ALLOW when no list specified | |
576 | - Bug 2525: encoding error on error pages | |
577 | - Bug 2424: slow file descriptor leak | |
578 | - Bug 2527: ICAP compile error on g++ 4.3.2 | |
579 | - Bug 2523: bad assertion left in from debug | |
580 | - Bug 2395: FTP Auth errors and others not displayed | |
581 | - Update squid_kerb_auth to 1.0.5 | |
582 | with better Squid integration. | |
583 | - Fix cache_peer forcedomainname= option | |
584 | - ... and many other minor fixes | |
585 | ||
a9075385 AJ |
586 | Changes to squid-3.1.0.2 (9 Nov 2008): |
587 | ||
588 | - Bug 2516: error page templates not properly installed | |
589 | - Bug 2500: Solaris build issues | |
590 | - Fixes FreeBSD build issues | |
591 | - Release Notes completed | |
592 | - Languages: new Russian, Japanese, Chinese, and general updates | |
593 | - ... and other minor fixes | |
70c5dfb2 | 594 | |
dd534dc1 AJ |
595 | Changes to squid-3.1.0.1 (27 Oct 2008): |
596 | ||
597 | - Bundled ntlm_auth helper renamed (see Release Notes before changing anything) | |
5edd9ab6 AJ |
598 | - peername ACL added for matching against a named peer destination |
599 | - configure option --with-logdir= added to select log files location | |
600 | - squid_kerb_auth helper updated to 1.0.3 release | |
601 | - Bug #740: allow external acl's to use reply headers in format | |
602 | - Bug #2379: obsolete dns_testnames option | |
603 | - Code test infrastructure expanded to configuration testing | |
604 | - Policy changes to negative_ttl, cache deny QUERY, refresh_pattern | |
dd534dc1 | 605 | to bring their defaults up to RFC 2616 requirements. |
5edd9ab6 AJ |
606 | - Large increase in RFC 2616 standard compliance (ongoing) |
607 | - squid.conf cleanups for minimal config | |
608 | - Connection Pinning ported from 2.6 for NTLM passthru authentication | |
609 | - eCAP internal adaptation module support | |
dd534dc1 | 610 | - Localization and CSS display control of error pages |
5edd9ab6 AJ |
611 | - Added semi-automatic documentation of source code |
612 | - Added TE chunked encoding decoder to workaround broken HTTP/1.1 servers | |
613 | - HTCP improvements ported from 2.7 adding HTCP CLR requests | |
70c5dfb2 | 614 | - IPv6 (Internet Protocol version 6) support |
615 | - ICMPv6 (Internet Control Message Protocol version 6) support | |
f1233d8c | 616 | - FTP agent now supports EPSV/EPRT commands |
70c5dfb2 | 617 | - DNS internal resolver now supports AAAA and CNAME records |
618 | - SNMP peer and client tables now support IPv6 | |
619 | - SNMP peer table supports named peers with multiple entries per IP | |
4aa8e49c | 620 | - SslBump: Squid-in-the-middle decryption and encryption of straight |
621 | CONNECT and transparently redirected SSL traffic, using configurable | |
622 | client- and server-side certificates. While decrypted, the traffic | |
5edd9ab6 | 623 | can be inspected using ICAP. |
dd534dc1 | 624 | - TPROXY version 4.1 support |
a13b3732 | 625 | - IPFW and Netfilter interception methods may now both be built in one binary. |
f1233d8c AJ |
626 | - ZPH Quality of Service patch now integrated |
627 | - Null store now fully obsoleted and removed | |
628 | - Unknown request methods all supported | |
629 | - Follow_x_forwarder_for ported from 2.6 | |
5edd9ab6 | 630 | - Bug #2223: Follow XFF extensions added |
dd534dc1 | 631 | - ... and many code and documentation cleanups |
5edd9ab6 | 632 | |
4d4381b1 AJ |
633 | Changes to squid-3.0.STABLE26 (28 Aug 2011): |
634 | ||
635 | - Regression: header_replace for reply headers | |
636 | - Bug 3183: Invalid URL accepted with url host part of only '@'. | |
637 | - Bug 3107: ncsa_auth DES silently truncates passwords to 8 bytes | |
638 | - Bug 3056: comm.cc "!fd_table[fd].closing()" assertion from helperServerFree | |
639 | - Bug 2991: Wrong parameters to fcntl() in commSetCloseOnExec() | |
640 | - Bug 2933: Verification of the max. port number for WCCP2 dynamic service | |
641 | - Bug 2922: Fix assertion failed: HttpHeader.cc: "Headers[id].stat.aliveCount" | |
642 | - Regression Bug 2899: Restore lost rfc1738_unescape() data type | |
643 | - Regression Bug 2879: headers end finding | |
644 | - Bug 2876: FD_SETSIZE override not working on all linux distributions | |
645 | - Check for NULL and empty strings before calling str*cmp(). | |
646 | - Correct parsing of large Gopher indexes | |
647 | ||
76fd4813 AJ |
648 | Changes to squid-3.0.STABLE25 (14 Mar 2010): |
649 | ||
650 | - Bug 2845: Rework the http digest auth parser | |
651 | - Bug 2787: unknown/unexpected status code messages | |
652 | - Bug 2507: squid_ldap_group: Strip Domain name separated by + | |
653 | - Bug 2367: stale=true on digest requests with unknown nonce | |
654 | - ... and several other minor corrections | |
655 | ||
b6e72c95 AJ |
656 | Changes to squid-3.0.STABLE24 (13 Feb 2010): |
657 | ||
658 | - Bug 2858: Segment violation in HTCP | |
659 | - Updated refresh pattern for dynamic pages | |
660 | ||
bb3125ba AJ |
661 | Changes to squid-3.0.STABLE23 (02 Feb 2010): |
662 | ||
663 | - Bug 2856: removing assert() required for 3.0 patch for SQUID-2010:1 | |
664 | - Regression Fix: Build error in Kerberos helper after library removal. | |
665 | ||
0e2229c9 AJ |
666 | Changes to squid-3.0.STABLE22 (01 Feb 2010): |
667 | ||
668 | - Regression Fix: Make Squid abort on all config parse failures. | |
669 | - Bug 2787: Reduce unexpected http status to non-critical warnings. | |
670 | - Bug 2496: Downloading some variants in full before relaying | |
671 | - Bug 2452: Add upper limit to external_acl_type entries. | |
672 | - Removed optional kerberos/spnegohelp/ library due to licensing issues | |
673 | - Add client_ip_max_connections | |
674 | - Handle DNS header-only packets as invalid. | |
675 | ||
d23ac0da AJ |
676 | Changes to squid-3.0.STABLE21 (22 Dec 2009): |
677 | ||
678 | - Bug 2830: Clarify where NULL byte is in headers. | |
679 | - Bug 2778: Linking issues using SunCC | |
680 | - Bug 2395: FTP errors not displayed | |
681 | - Bug 2155: Assertion failures on malformed Content-Range response headers | |
682 | - Fix parsing and a few bugs in ACL time type | |
683 | - Fix RFC keep-alive compliance on intercepted replies | |
684 | - Improved security hardening on %nn parser | |
685 | - Replace several GCC-specific code snippets. | |
686 | ||
378f62c3 AJ |
687 | Changes to squid-3.0.STABLE20 (29 Oct 2009): |
688 | ||
689 | - Bug 2794: ESI parsing on FreeBSD | |
690 | - Bug 2791: assertion failed: MemBuf.cc:400: new_cap > (size_t) capacity | |
691 | - Bug 2779: Support GNU/kFreeBSD | |
692 | - Bug 2773: Segfault in RFC2069 Digest authantication | |
693 | - Bug 2768: squid_ldap_group argument parsing error | |
694 | - Bug 2761: Gopher and double HTTP response header | |
695 | - Bug 2735: Incomplete -fhuge-objects detection | |
696 | - Bug 2722: prevent CONNECT via http_port with accel | |
697 | - Bug 2624: Invalid response for IMS request | |
698 | - Bug 2510: digest_ldap_auth TLS support | |
699 | - Correct LINUX_CAPABILITY actions on non-Linux | |
700 | ||
20995e92 AJ |
701 | Changes to squid-3.0.STABLE19 (06 Sep 2009): |
702 | ||
703 | - Bug 2745: Invalid Response error on small reads | |
704 | - Bug 2739: DNS resolver option ndots can't be parsed from resolv.conf | |
705 | - Bug 2734: some compile errors on Solaris | |
706 | - Bug 2648: stateful helpers stuck in reserved if client disconnects while helper busy | |
707 | - Bug 2541: Hang in 100% CPU loop while extacting header details using a delimiter other than comma | |
708 | - Bug 2362: Remove support for deferred state in stateful helpers | |
709 | - Add 0.0.0.0 as a to_localhost address | |
710 | - Docs: Improve chroot directive documentation slightly | |
711 | - Fixup libxml2 include magics, was failing when a configure cache was used | |
712 | - ... and some minor testing improvements. | |
713 | ||
f8d5d5e1 AJ |
714 | Changes to squid-3.0.STABLE18 (04 Aug 2009): |
715 | ||
716 | - Bug 2728: regression: assertion failed: !eof | |
717 | - Bug 2732: reply_body_max_size smaller than error page loops | |
718 | infinitely until out of memory | |
719 | - Bug 2725: pconn failure if domain or client_address are unset | |
720 | - Bug 2648: reserved helpers not shut down after reconfigure/rotate | |
721 | - Bug 2462: make check should tell when cppunit is missing | |
722 | - Remove excess messages about headers < minimum size | |
723 | - Support Libtool 2.2.6 | |
724 | ||
a83cbc60 | 725 | Changes to squid-3.0.STABLE17 (27 Jul 2009): |
e6e4735c AJ |
726 | |
727 | - Bug 2680 regression: Crash after rotate with no helpers running | |
728 | - Bug 2710: squid_kerb_auth non-terminated string | |
729 | - Bug 2679: strsep and strtoll detection failure | |
730 | - Bug 2674: Remove limit on HTTP headers read. | |
731 | - Bug 2659: String length overflows on append, leading to segfaults | |
732 | - Bug 2620: Invalid HTTP response codes causes segfault | |
733 | - Bug 2080: wbinfo_group.pl - false positive under certain conditions | |
734 | - Bug 1087: ESI processor not quoting attributes correctly. | |
735 | - Fix: issue with AUFS/UFS/DiskD writing objects to disk cache | |
736 | - Several small build issues with previous release. | |
737 | ||
0ab3416c AJ |
738 | Changes to squid-3.0.STABLE16 (15 Jun 2009): |
739 | ||
740 | - Bug 2672: cacheMemMaxSize 32-bit overflow during snmpwalk | |
741 | - Bug 2481: Don't set expires: now in generated error responses | |
742 | - Bug 2387: The calculation of the number of hash buckets correctly | |
743 | - Fix infinite loop in MSNT auth helper | |
744 | - Fix FD_SETSIZE on FreeBSD | |
745 | - Fix stripping NT domain in squid_ldap_group | |
746 | - Fix RADIUS auth helper build | |
747 | - Add Translate: and Unless-Modified-Since: headers to known list | |
748 | - Make fakeauth handle NTLMv2 better | |
749 | - Better Kerberos support detection | |
750 | - Several Widows port fixes | |
751 | ||
3049488a AJ |
752 | Changes to squid-3.0.STABLE16-RC1 (16 May 2009): |
753 | ||
0ab3416c | 754 | - Bug 1148: Ported from 3.1: Chunked Transfer Encoding |
3049488a AJ |
755 | - Bug 2648: NTLM helpers not shutting down when deferred |
756 | ||
fca0d780 AJ |
757 | Changes to squid-3.0.STABLE15 (06 May 2009): |
758 | ||
759 | - Regression Bug 2635: Incorrect Max-Forwards header type | |
760 | - Bug 2652: 'Success' error on CONNECT requests | |
761 | - Bug 2625: IDENT receiving errors | |
762 | - Bug 2610: ipfilter support detection | |
763 | - Bug 2578: FTP download resume failure | |
764 | - Bug 2536: %H on HTTPS error pages | |
765 | - Bug 2491: assertion "age >= 0" | |
766 | - Bug 2276: too many NTLM helpers running | |
767 | - Endian system and compiler fixes provided by the NetBSD project | |
768 | - documentation fixes provided by the Debian project | |
769 | ||
98a9bbc7 AJ |
770 | Changes to squid-3.0.STABLE14 (11 Apr 2009): |
771 | ||
772 | - Regression Fix: HTTP/0.9 in accelerator mode | |
773 | - Bug 1232: cache_dir parameter limited to only 63 entries | |
774 | - Bug 1868: support HTTP 207 status | |
775 | - Bug 2518: assertion failure on restart/reconfigure | |
776 | - Bug 2588: coredump in rDNS lookup | |
777 | - Bug 2595: Out of bounds memory write in squid_kerb_auth | |
778 | - Bug 2599: Idempotent start | |
779 | - Bug 2605: Prevent setsid() on helpers in daemon mode | |
780 | - Fix external_acl_type option parsing | |
781 | - Fix delay pools counters on FTP | |
782 | - Fix several issues with ident (some remain) | |
783 | - Fix performance issues with persistent connections | |
784 | - Fix performance issues with delay pools | |
785 | - Fix forwarding of OPTIONS requests | |
786 | - Add support for HTTP 1.1 Content-Disposition header | |
787 | - Add support for Windows 7, Windows Server 2008 R2 and later | |
788 | - ... and many small documentation updates | |
789 | ||
201fd2c2 AJ |
790 | Changes to squid-3.0.STABLE13 (03 Feb 2009): |
791 | ||
792 | - Fix several issues in request parsing | |
793 | - Fix memory leak from logformat parsing | |
794 | - Fix various ESI build errors | |
795 | - ... and some documentation updates | |
796 | ||
797 | Changes to squid-3.0.STABLE12 (21 Jan 2009): | |
798 | ||
799 | - Bug 2533: Solaris (sparc) 64-bit build breaks with gcc/g++ | |
800 | - Bug 2542: ICAP filters break download resume | |
801 | - Bug 2556: HTCP fails without icp_port | |
802 | - Bug 2564: logformat '%tl' field not working as advertised | |
803 | - Port from 3.1: TestBed basic build consistency checks | |
804 | - Policy: Change half_closed_clients default to off | |
805 | - Policy: Removed -V command line option, deprecated by 2.6 | |
806 | - ... and several other minor code cleanups | |
807 | ||
808 | Changes to squid-3.0.STABLE11 (24 Dec 2008): | |
809 | ||
810 | - Bug 2424: filedescriptors being left unnecessary opened | |
811 | - Bug 2545: fault passing ICAP filtered traffic to peers | |
812 | - Bug 2227: Sefgaults in MemBuf::reset during idnsSendQuery | |
813 | - ... and some minor admin and debug cleanups. | |
814 | ||
815 | Changes to squid-3.0.STABLE11-RC1 (3 Dec 2008): | |
816 | ||
817 | - Removes patch causing cache of bad objects | |
818 | - Bug 2526: bad security default in ACLChecklist | |
819 | - Fixes regression: access.log request size tag | |
820 | - Fixes cache_peer forceddomainname=X option | |
821 | - ... and many minor documentation cleanups | |
822 | ||
5edd9ab6 AJ |
823 | Changes to squid-3.0.STABLE10 (14 Oct 2008): |
824 | ||
825 | - Bug 2391: Regression: bad assert in forwarding | |
826 | - Bug 2447: Segfault on failed TCP DNS query | |
827 | - Bug 2393: DNS requests getting stuck in idns queue | |
828 | - Bug 2433: FTP PUT gives bad gateway | |
829 | - Bug 2465: Limited DragonflyBSD support | |
830 | - ... and other minor bugs and documentation | |
831 | ||
832 | Changes to squid-3.0.STABLE9 (9 Sep 2008): | |
833 | ||
834 | - Policy Enforcement: COSS is unusable in 3.0 | |
835 | - Port from 3.1: Language Pack compatibility | |
836 | - Port from 2.6: Windows Support Notes | |
837 | - Fix several minor regressions: | |
838 | HTCP stats reporting | |
839 | cachemgr delay pool config | |
840 | CARP build error | |
841 | - Bug 2340: uudecode dependency for icons removed | |
842 | - Bug 2352: no_check.pl ntlm challenge fix | |
843 | - Bug 2426: buffer increase for kerberos auth fields | |
844 | - Bug 2427: squid_ldap_group codes fix | |
845 | - Bug 2437: peer name now shown in access.log | |
846 | - Add sane display of unsupported method errors | |
847 | - ... and various other code cleanups | |
848 | ||
849 | Changes to squid-3.0.STABLE8 (18 Jul 2008): | |
850 | ||
851 | - Port from 2.6: Support for cachemgr sub-actions | |
852 | - Port from 2.6: userhash peer selection method | |
853 | - Port from 2.6: sourcehash peer selection method | |
854 | - Bug 2376: round-robin balancing fixes | |
855 | - Bug 2388: acl documentation cleanup | |
856 | - Bug 2365: cachemgr.cgi HTML output encoding | |
857 | - Bug 2301: Regression: Log format size options | |
858 | - Bug 2396: Correct the opening of PF device file. | |
859 | - Bug 2400: ICAP accept mechanism | |
860 | - Bug 2411: Regression: fakeauth_auth crashes | |
861 | - Many fixes to the Windows support (not complete yet). | |
862 | - Boost error pages HTML standards. | |
863 | - Fixes several issues on 64-bit systems | |
864 | - Fixes several issues on older or stricter compilers | |
865 | - Linux-2.6.24/2.6.25 netfilter_ipv4.h __u32 workaround | |
866 | - Update Release Notes: 'all' ACL is built-in since 3.0.STABLE1 | |
867 | ||
868 | Changes to squid-3.0.STABLE7 (22 Jun 2008): | |
869 | ||
870 | - Fix several ASN issues | |
871 | - Fix SNMP reporting of counters | |
872 | - Fix round-robin algorithms | |
873 | - GCC 4.3 support | |
874 | - Netfilter v1.4.0 bug workaround | |
875 | - Bugs 2350 and 2323: memory issues | |
876 | - Bugs 2384, 951, 1566: ESI assertions | |
877 | - Various minor debug and documentation cleanups | |
f1233d8c AJ |
878 | |
879 | Changes to squid-3.0.STABLE6 (20 May 2008): | |
880 | ||
881 | - Bug 2254: umask Feature from 2.6 added | |
882 | - cachemgr.cgi default config file added | |
883 | - Several authentication bug fixes | |
884 | - Improved Windows Support | |
885 | - better DNS lookup methods for unqualified hostames | |
886 | - better support for 64-bit environments | |
887 | - Bug 2332: Crash when tunnelling | |
888 | - Removed the advertisement clause from BSD licenses | |
889 | according to the GPLv2+ changes in BSD | |
890 | - ... and other bugs and minor cleanups | |
891 | ||
892 | Changes to squid-3.0.STABLE5 (28 Apr 2008): | |
893 | ||
894 | - Support for resolv.conf 'domain' option | |
895 | - Improved URI support, including | |
896 | longer URI up to 8192 bytes accepted | |
897 | better handling of intercepted URI | |
898 | better port for non-FQDN URI lookups | |
899 | - Improved logging, including | |
900 | Bug 3210 fixed: incorrect timestamp format in earlier 3.0 releases. | |
901 | Fixed 'log_ip_on_direct' option behaviour | |
902 | - Support for profiling on x86 64-bit systems | |
903 | - .. and other bugs and minor code cleanups. | |
904 | ||
905 | Changes to squid-3.0.STABLE4 (2 Apr 2008): | |
906 | ||
907 | - Bug 2288: compile error slipped into STABLE3. | |
908 | ||
909 | Changes to squid-3.0.STABLE3 (31 Mar 2008): | |
910 | ||
911 | - Improved HTTP 1.1 support. | |
912 | - Improved MacOSX (Leopard) support | |
913 | - Bug 2206: Proxy-Authentication regression in STABLE2. | |
914 | - Strip Domain from NTLM usernames for use in class 4 Delay Pools | |
915 | - ... and other bugs and minor code cleanup | |
916 | ||
917 | Changes to squid-3.0.STABLE2 (1 Mar 2008): | |
918 | ||
919 | - Add myportname ACL for matching the accepting port name (see release notes) | |
920 | - Add include directive for squid.conf (see release notes) | |
921 | - Add ability to strip kerberos realm from usernames during Auth | |
922 | - License cleanup to comply with GPLv2 or later | |
923 | - Updated Error Pages and Translations | |
924 | - Updated configuration examples | |
925 | - Updated valgrind support for valgrind-3.3.0 | |
926 | - Improved support for Windows and MacOS X Leopard | |
927 | - Improved support for files larger than 2GB | |
928 | - Improved support for CARP arrays and WCCPv2 | |
929 | - Improved cachmgr, SNMP, and log reporting | |
930 | - ... and as usual Many bug fixes since STABLE 1 | |
70c5dfb2 | 931 | |
284237d4 | 932 | Changes to squid-3.0.STABLE1 (13 Dec 2007): |
3ff01c3e | 933 | |
934 | - Major rewrite translating the code to C++, originally based on | |
935 | Squid-2.5.STABLE1 | |
936 | - Internal client streams concept for content adaptation | |
937 | - ICAP (Internet Content Adaptation Protocol) client support | |
938 | - ESI (Edge Side Includes) support added | |
284237d4 | 939 | - Improved support for files larger than 2GB. |
3ff01c3e | 940 | - And a lot more. Most features from Squid-2.6 is supported, but not |
941 | all. See the release notes for details. | |
942 | ||
943 | Older ChangeLog follows. The sections relating to Squid-2.6 is not entirely | |
944 | authorative for this release and mirrored here for reference only. | |
f1233d8c | 945 | |
467c94d1 | 946 | - CARP now plays well with the other peering algorithms, |
947 | and support for CARP peerings is compiled by default. Can be | |
948 | disabled by --disable-carp | |
1741cbad | 949 | - Configuration file can be read from an external program |
950 | or preprocessor. See squid.8 man page. | |
52f772de | 951 | - http_port is now optional, allowing for SSL only operation |
4ca261f2 | 952 | - Satellite and other high latency peering relations enhancements |
953 | (Robert Cohren) | |
a9245686 | 954 | - Nuked num32 types, and made type detection more robust by the |
955 | use of typedefs rather than #defines. | |
b5fb34f1 | 956 | - the mailto links on Squid's ERR pages now contain data about the |
957 | occurred error by default, so that the email will contain this data in | |
958 | its body. This feature can be disabled via the email_err_data directive. | |
3c8b5c1e | 959 | (Clemens L?ser) |
c8f4eac4 | 960 | - COSS now uses a file called stripe and the path in squid.conf is the |
961 | directory this is placed in. Additionally squid -z will create the | |
962 | COSS swapfile. | |
14f5b6c3 | 963 | - WCCPv2 support, including mask assignment support |
5401aa8d | 964 | - HTCP support for access control and the CRL operation for |
965 | purgeing of cache content | |
14f5b6c3 | 966 | - ICAP related fixes |
967 | - Windows-related fixes, including Vista and Longhorn identification | |
968 | - Client-side parsing and some string use optimisations | |
969 | - Lots of off-by-one and memory leaks in corner cases have been fixed | |
970 | thanks to valgrind | |
971 | - Improved high-resolution profiling | |
972 | - Windows overlapped-IO and thread support added to the Async IO disk code | |
973 | - Improvements for handling large DNS replies | |
a7c8cce0 | 974 | |
3ff01c3e | 975 | Changes to squid-2.6.STABLE15 (31 Aug 2007) |
976 | ||
977 | - The select() I/O loop got broken by the /dev/poll addition | |
978 | (2.6.STABLE14) | |
979 | - Bug #2017: Fails to work around broken servers sending just the HTTP | |
980 | headers | |
981 | - Bug #2023: Compile error with old GCC 2.x or other ANSI-C compilers | |
982 | before C99 | |
983 | - squid.conf.default updated and reorganised in more sensible groups | |
984 | - correct and document the syslog access_log format | |
985 | - Armenian error pages translation | |
986 | - digest_ldap_helper usage help updated | |
987 | - Bug #1560: ftpSendPasv: getsockname(-1,..): (9) Bad file descriptor | |
988 | - Improve delay pools in low traffic environment by checking timeouts | |
989 | at a steady 1 second interval even when there is not much activity | |
990 | - Don't request authentication on transparently intercepted | |
991 | connections | |
992 | - Cleanup linux capabilities for tproxy | |
993 | - Bug #2003: 'via' config directive doesn't affect response headers | |
994 | - Bug #1902: Adds Numeric Hit and invalid request counters to IP Cache | |
995 | - Add missing $|=1 to squid_db_auth | |
996 | - Bug #2050: Persistent connection dropped if cache has no | |
997 | Content-Length | |
998 | - Verify the URL on memory cache hits | |
999 | - Bug #2057: NTLM stop work in messengers after upgrade to 2.6.STABLE14 | |
1000 | - Bug #1972: Squid sets peers to down state when they are in fact | |
1001 | working. | |
1002 | - potential segmentation fault in storeLocateVary() | |
1003 | - Bug #2066: chdir after chroot | |
1004 | - Windows port: Fix compiler warnings when building Squid as | |
1005 | application (not Windows service mode) | |
1006 | - Spelling correction of received | |
1007 | ||
1008 | Changes to squid-2.6.STABLE14 (15 Jul 2007) | |
1009 | ||
1010 | - squid.conf.default cleanup to have options in their proper sections. | |
1011 | - documentation correction in the refresh_pattern ignore-auth option | |
1012 | - URI-escaping not uses the recommended upper-case hex codes | |
1013 | - refresh_pattern min-age 0 correted to really mean 0, and not 1 second | |
1014 | - Always use xisxxxx() Squid defined macros instead of ctype | |
1015 | functions. | |
1016 | - Kerberos SPNEGO/Negotiate helper for the negotiate scheme | |
1017 | - Database basic auth helper using Perl DBI to connect to most SQL DBs | |
1018 | - Solaris /dev/poll network I/O support | |
1019 | - configure fixes to make cross compilation somewhat easier | |
1020 | - Removed incorrect -a reference from http_port documentation | |
1021 | - Bug #1900: Double "squid -k shutdown" makes Squid restart again | |
1022 | - Bug #1968: Squid hangs occasionally when using DNS search paths | |
1023 | - Novell eDirectory digest auth helper (digest_edir_auth) | |
1024 | - Bug #1130: min-size option for cache_dir | |
1025 | - POP3 basic auth helper querying a POP3 server | |
1026 | - Cosmetic squid_ldap_auth fixes from Squid-3 | |
1027 | - Bug #1085: Add no-wrap to cache manager HTML tables | |
1028 | - Automatically restart if number of available filedescriptors becomes | |
1029 | alarmingly low, preventing a situation where Squid would otherwise | |
1030 | permanently stop processing requests. | |
1031 | - Bug #2010: snmp_core.cc:828: warning: array subscript is above | |
1032 | array bounds | |
1033 | - Deal better with forwarding loops | |
1034 | ||
1035 | Changes to squid-2.6.STABLE13 (11 May 2007) | |
1036 | ||
1037 | - Make sure reply headers gets sent even if there is no body available | |
1038 | yet, fixing RealMedia streaming over HTTP issues. | |
1039 | - Undo an accidental name change of storeUnregisterAbort. | |
1040 | - Kill an ancient malplaced storeUnregisterAbort call from ftp.c | |
1041 | - Bug #1814: SSL memory leak on persistent SSL connections | |
1042 | - Don't log ECONNREFUSED/ECONNABORTED accept failures in cache.log | |
1043 | - Cosmetic fix: added missing newline in WCCPv2 configuration dump. | |
1044 | - Ukrainan error messages | |
1045 | - Convert various error pages from DOS to UNIX text format | |
1046 | - Bug #1820: COSS assertion failure t->length == MD5_DIGEST_CHARS | |
1047 | - Clarify the max-conn=n cache_peer option syntax slightly | |
1048 | - Bug #1892: COSS segfault on shutdown | |
1049 | - Windows port: fix undefined ECONNABORTED | |
1050 | - Make refreshIsCachable handle ETag as a cache validator, not | |
1051 | only last-modified | |
1052 | - in_port_t is not portable, use unsigned short instead | |
1053 | - Fix fs / auth / snmp dependencies | |
1054 | - Portability: statfs() may reqire #include <sys/statfs.h> | |
1055 | ||
1056 | Changes to squid-2.6.STABLE12 (20 Mar 2007) | |
1057 | ||
1058 | - Assertion error on TRACE | |
1059 | ||
1060 | Changes to squid-2.6.STABLE11 (17 Mar 2007) | |
1061 | ||
1062 | - Bug #1915: assertion failed: client_side.c:4055: "buf != NULL || | |
1063 | !conn->body.request" | |
1064 | - Handle garbage helper responses better in concurrent protocol format | |
1065 | - Fix kqueue when overflowing the changes queue | |
1066 | - Make sure the child worker process commits suicide if it could | |
1067 | not start up | |
1068 | - Don't log short responses at debug level 1 | |
1069 | - Fix bswap16 & bwsap32 error on NetBSD | |
1070 | - Fix collapsed_forwarding for non-GET requests | |
1071 | ||
1072 | Changes to squid-2.6.STABLE10 (4 Mar 2007) | |
1073 | ||
1074 | - Upgrade HTTP/0.9 responses to our HTTP version (HTTP/1.0) | |
1075 | - various diskd bugfixes | |
1076 | - In the access.log hierarchy field log the unique peer name | |
1077 | instead of the host name | |
1078 | - unlinkdClose() should be called after (not before) storeDirSync() | |
1079 | - CLEAN_BUF_SZ was defined, but never used anywhere | |
1080 | - logging HTTP-request size | |
1081 | - Fix icmp pinger communication on FreeBSD and other not supporing | |
1082 | large dgram AF_UNIX sockets | |
1083 | - Release objects on swapin failure | |
1084 | - Bug #1787: Objects stuck in cache if origin server clock in future | |
1085 | - Bug #1420: 302 responses with an Expires header is always cached | |
1086 | - Primitive support for HTTP/1.1 chunked encoding, working around | |
1087 | broken servers | |
1088 | - Clean up relations between TCP probing and DNS checks of peers with | |
1089 | no known addresses. | |
1090 | - Fix a minor HTML coding error in ftp directory listings with // in | |
1091 | the path | |
1092 | - Bug #1875, #1420. Cleanup of refresh logics when dealing with | |
1093 | non-refreshable content | |
1094 | - Gopher cleanups and bugfixes | |
1095 | - Negotiate authentication fixed again. Broken since STABLE7 by the | |
1096 | patch for Bug #1792. | |
1097 | - Bug #1892: COSS tries to shut down the same directory twice on exit | |
1098 | - Bug #1908: store*DirRebuildFromSwapLog() ignores some SWAP_LOG_DEL | |
1099 | entries | |
1100 | - Added support for Subversion HTTP request methods MKACTIVITY, | |
1101 | CHECKOUT and MERGE. | |
1102 | ||
1103 | Changes to squid-2.6.STABLE9 (24 Jan 2007) | |
1104 | ||
1105 | - Bug #1878: If-Modified-Since broken in 2.6.STABLE8 | |
1106 | - Bug #1877 diskd bug in storeDiskdIOCallback() | |
1107 | ||
1108 | Changes to squid-2.6.STABLE8 (21 Jan 2007) | |
1109 | ||
1110 | - Bug #1873: authenticateNTLMFixErrorHeader: state 4. | |
1111 | - Document the https_port vhost option, useful in combination with | |
1112 | a wildcard certificate | |
1113 | - Document the existence of connection pinning / forwarding of NTLM | |
1114 | auth and a few other features overlooked in the release notes. | |
1115 | - Spelling correction of the ssl cache_peer option | |
1116 | - Add back the optional "accel" http_port option. Makes accelerator | |
1117 | mode configurations easier to read. | |
1118 | - Bug #1872: Date parsing error causing objects to get unexpectedly | |
1119 | cached. | |
1120 | - Cleanup to have the access.log tags autogenerated from enums.h | |
1121 | - Bug #1783: STALE: Entry's timestamp greater than check time. Clock | |
1122 | going backwards? | |
1123 | - Don't update object timestamps on a failed revalidation. | |
1124 | - Fix how ftp://user@host URLs is rendered when Squid is built with | |
1125 | leak checking enabled | |
1126 | ||
1127 | Changes to squid-2.6.STABLE7 (13 Jan 2007) | |
1128 | ||
1129 | - Windows port: Fix intermittent build error using Visual Studio | |
1130 | - Add missing tproxy info from the dump of http port configuration | |
1131 | - Bug #1853: Support for ARP ACL on NetBSD | |
1132 | - clientNatLookup(): fix wrong function name in debug messages | |
1133 | - Convert ncsa_auth man page from DOS to Unix text format. | |
1134 | - Bug #1858: digest_ldap_auth had some remains of old hash format | |
1135 | - Correct the select_loops counter when using select(). Was counted twice | |
1136 | - Clarify the http_port vhost option a bit | |
1137 | - Fix cache-control: max-stale without value or bad value | |
1138 | - Bug #1857: Segmentation fault on certain types of ftp:// requests | |
1139 | - Bug #1848: external_acl crashes with an infinite loop under high load | |
1140 | - Bug #1792: max_user_ip not working with NTLM authentication | |
1141 | - Bug #1865: deny_info redirection with authentication related acls | |
1142 | - Small example on how to use the squid_session helper | |
1143 | - Bug #1863: cache_peer monitorurl, monitorsize and monitorinterval not working properly | |
1144 | - Clarify the transparent http_port option a bit more | |
1145 | - Bug #1828: squid.conf docutemtation error for proxy_auth digest | |
1146 | - Bug #1867: squid.pid isn't removed on shutdown | |
1147 | ||
1148 | Changes to squid-2.6.STABLE6 (12 Dec 2006) | |
1149 | ||
1150 | - Bug #1817: Assertion failure assert(buflen >= copy_sz) in htcp.c htcpBuildAuth() | |
1151 | - Add client source port logformat tag >p | |
1152 | - Cleanup of transparent & accelerator mode request parsing to untangle the firewall dependencies a bit | |
1153 | - Bug #1799: Harmless 1 byte buffer overflow on long host names in /etc/hosts | |
1154 | - automake no longer recommends mkinstalldirs. Removed. | |
1155 | - Only use crypt() if it's available, allowing ncsa_auth to be built | |
1156 | on platofms without crypt() support. | |
1157 | - Windows port documentation updates | |
1158 | - Bug #1818: Assertion failure assert(e->swap_dirn >= 0) in fs/coss/store_dir_coss.c storeCoss_DeleteStoreEntry | |
1159 | - Bug #1117: assertion failed: aufs/store_dir_aufs.c:642: "rb->flags.need_to_validate" | |
1160 | - Remove extra newline in redirect message sent by deny_info http://... aclname | |
1161 | - Bug #1805: assertion failed: StatHist.c:195: "D[i] >= 0" | |
1162 | - Clarify the external_acl_type helper format specification and some defaults | |
1163 | - Add support for the weight= parameter to round-robin peers | |
1164 | - Bug #1832: Error building squid-2.6.STABLE5 using --enable-truncate | |
1165 | - Convert snmpDebugOid to use a temporary String object instead of strcat | |
1166 | - Document that proxy_auth also accepts -i for case-insensitive operation | |
1167 | - Remove malloc/free of temporary buffer in time parsing routines. | |
1168 | - Reduce memory allocator pressure by not continually allocating client-side read buffers | |
1169 | - Accept large dates >2^31 on 64-bit platformst. Seen for example in the Google logo. | |
1170 | - Convert the connStateData->chr single link list to a normal dlink_list for clarity. | |
1171 | - Bug #1584: Unable to register with multiple WCCP2 routers | |
1172 | - Fix the WCCPv2 mask assignment code to not crash as the value assignments are built. | |
1173 | - Bug #439: Multicast ICP peering is unstable and considers most peers dead | |
1174 | - Bug #1801: NTLM authentication ends up in a loop if the server responds with a retriable error | |
1175 | - Bug #1839: Cosmetic debug message cleanup in peerHandleHtcpReply. | |
1176 | - Bug #1840: Disable digest and netdb queries to multicast peers | |
1177 | - Bug #1641: assertion failed: stmem.c:149: "size > 0" while processing certain Vary objects | |
1178 | - Fix build errors when using latest MinGW Windows environment | |
1179 | ||
1180 | Changes to squid-2.6.STABLE5 (3 Now 2006) | |
1181 | ||
1182 | - Bug #1776: 2.6.STABLE4 aufs fails to compile if coss isn't enabled | |
1183 | - COSS improvements and cleanups | |
1184 | - SNMP linking issue resolved, enabling SNMP support to be build in all platforms | |
1185 | - Bug #1784: access_log syslog results in blanks syslog lines between every entry | |
1186 | - Bug #1719: Incorrect error message on invalid cache_peer specifications | |
1187 | - Bug #1785: Memory leak in handling of negatively cached objects | |
1188 | - Bug #1780: Incorrect Vary processing in combination with collapsed_forwarding | |
1189 | - Bug #1782: Memory leak in ncsa_auth on password changes | |
1190 | - Suppress some annoying coss startup messages raising the debug level to 2. | |
1191 | - Clarify the external_acl_helper concurrency= change. | |
1192 | - aioDone() could be called twice from aufs and from coss (when using AIOPS) during shutdown. | |
1193 | - Bug #1794: Accept 00:00-24:00 as a valid time specification even if redundand and the same as 00:00-23:59 | |
1194 | - Bug #1795: Theoretical memory leak in storeSetPublicKey | |
1195 | - Removing port 563 from the default SSL_ports and Safe_ports ACLs | |
1196 | - Bug #1724: Automatically enable Linux Netfilter support with --enable-linux-tproxy. | |
1197 | - Bug #1800: squid -k reconfigure crash when using req/rep_header acls | |
1198 | - Clarify the select/poll/kqueue/epoll configure --enable/disable options | |
1199 | - Bug #1779: Delay pools fairness when multiple connections compete for bandwidth | |
1200 | - Bug #1802: Crash on exit in certain conditions where cache.log is not writeable | |
1201 | - Bug #1796: Assertion error HttpHeader.c:914: "str" | |
1202 | - Bug #1790: Crash on wccp2 + mask assignement + standard wccp service | |
1203 | - Silence harmless gcc compile warning. | |
1204 | - Clean up poll memory on shutdown | |
1205 | - Ported select, poll and win32 to new comm event framework | |
1206 | - Windows port: Correctly identify Windows Vista and Windows Server Longhorn | |
1207 | - Added a basic comm_select_simple comm loop only requiring minimal POSIX compliance. | |
1208 | - Safeguard from kb_t counter overflows on 32-bit platforms | |
1209 | ||
1210 | Changes to squid-2.6.STABLE4 (23 Sep 2006) | |
1211 | ||
1212 | - Bug #1736: Missing Italian translation of ERR_TOO_BIG error page | |
1213 | - Windows port enhancement: added native exception handler with signal emulation | |
1214 | - Fix the %un log_format tag again. Got broken in 2.6.STABLE2 | |
1215 | - Fix Squid crash when using %a in ERR_INVALID_REQ and ERR_INVALID_URL error messages. | |
1216 | - Bug #212: variable %i always 0.0.0.0 in many error pages | |
1217 | - Bug #1708: Ports in ACL accepts characters and out of range | |
1218 | - Bug #1706: Squid time acl accepts invalid time range. | |
1219 | - Fix another harmless fake_auth compiler warning on gcc 4.1.1 x86 | |
1220 | - Fix an harmless snmp_core.c compiler warning on gcc 4.1.1 x86 | |
1221 | - Bug #1744: squid-2.6.STABLE3 - fakeauth_auth crashing on certain requests | |
1222 | - Bug #1746: Harmless off by one overrun in ncsa_auth md5 password validation | |
1223 | - Bug #1598: start_announce cannot be disabled | |
1224 | - Periodically flush cache.log to disk when "buffered_logs on" is set | |
1225 | - Numerous COSS improvements and fixes | |
1226 | - Windows port: merge of MinGW support | |
1227 | - Windows port: Merged Windows threads support into aufs | |
1228 | - Bug #1759: Windows port cachemgr.cgi attempts to write to file system root directory | |
1229 | - Numerous portability fixes | |
1230 | - Various minor statistics cleanup on 64-bit hosts with more than 4GB of memory | |
1231 | - Bug #1758: HEAD on ftp:// URLs always returned 200 OK. | |
1232 | - Bug #1760: FTP related memory leak | |
1233 | - Bug #1770: WCCP2 weighted assignment | |
1234 | - Bug #1768: Redundant DNS PTR lookups | |
1235 | - Bug #1696: Add support for wccpv2 mask assignment | |
1236 | - Bug #1774: ncsa_auth support for cramfs timestamps | |
1237 | - Bug #1769: near-hit and filedescriptor usage missing in SNMP MIB | |
1238 | - Bug #1725: cache_peer login=PASS documentation somewhat confusing | |
1239 | - Bug #1590: Silence those ETag loop warnings | |
1240 | - Bug #1740: Squid crashes on certain malformed HTTP responses | |
1241 | - Bug #1699: assertion failed: authenticate.c:836: "auth_user_request != NULL" | |
1242 | - Improve error reporting on unexpected CONNECT requests in accelerator mode | |
1243 | - Cosmetic change to increase cache.log detail level on invalid requests | |
1244 | - Bug #1229: http_port and other directives accept invalid ports | |
1245 | - Reject http_port specifications using both transparent and accelerator options | |
1246 | - Cosmetic cleanup to not dump stacktraces on configuration errors | |
1247 | ||
1248 | ||
1249 | Changes to squid-2.6.STABLE3 (18 Aug 2006) | |
1250 | ||
1251 | - Bug #1577: assertion failed "fm->max_n_files <= (1 << 24)" on | |
1252 | very large cache_dir. Limit number of objects stored to slightly | |
1253 | less to avoid this. | |
1254 | - Bug #1705: Correct error message on invalid time weekday specification | |
1255 | - Don't attempt to guess netmask in src/dst acl specifications | |
1256 | if none was provided. Assume it's an IP even if it ends in 0 | |
1257 | - Bug #1665: log_format %ue, %us tags for external or ssl user id | |
1258 | - Bug #1707: delay pools often ignored the set limit | |
1259 | - Bug #1716: Support for recent OpenSSL 0.9.7 versions | |
1260 | (0.9.8 always worked) | |
1261 | - COSS fixes and performance improvements | |
1262 | - Memory leak when reading configuration files with overlapping | |
1263 | ACL data where squid -k parse complains. | |
1264 | - Memory leak related to pinned connections | |
1265 | - Show include acls unexpanded in cachemgr configuration dumps | |
1266 | - Fixed WARNING defer handler for HTTP Socket does not call commDeferFD | |
1267 | - Bug #1304: Downloads may hang when using the cache_dir max-size option | |
1268 | - Optimization of network I/O | |
1269 | - Bug #1730: make problem with --enable-follow-x-forwarded-for on Solaris | |
1270 | - Fixed a memory leak on certain invalid requests | |
1271 | - Bug #1733: ERR_CANNOT_FORWARD Portuguese translation update | |
1272 | - Bug #582: ntlm fake_auth not handles non-ascii login names | |
1273 | - New startup message indicating the type of event loop used | |
1274 | - Bug #1602: TCP fallback on truncated DNS responses | |
1275 | - Bug #1667: assertion failed: store.c:1081: "e->store_status == STORE_PENDING" | |
1276 | - Bug #1723: cachemgr now works in accelerator mode | |
1277 | ||
1278 | Changes to squid-2.6.STABLE2 (31 Jul 2006) | |
1279 | ||
1280 | - WCCP2 doesn't update statCounter.syscalls.sock.sendtos counter. | |
1281 | - Releasenotes Table of contents should use relative links without | |
1282 | filename. | |
1283 | - Reject HTTP/0.9 formatted CONNECT requests. | |
1284 | - Cosmetic cleanup to use safe_free instead of xfree + manual | |
1285 | assign to NULL | |
1286 | - Bug #1650: transparent interception "Unable to forward this | |
1287 | request at this time" | |
1288 | - Bug #1658: Memory corruption when using client-side SSL certificates | |
1289 | - Add storeRecycle; a storeIO method to delete a StoreEntry w/out | |
1290 | deleting the underlying object. | |
1291 | - Many COSS fixes and new coss data dumper utility for diagnostics | |
1292 | - Bug #1669: SEGV in storeAddVaryReadOld | |
1293 | - Many fixes in debug sections and spelling of debug messages | |
1294 | - Don't keep client connection persistent if there was a mismatch in | |
1295 | the response size. | |
1296 | - Move eventCleanup debug messages to debug level 2 (was 0) | |
1297 | - Add the missing concurrency parameters to basic and digest auth | |
1298 | schemes | |
1299 | - Bug #1670: assertion failure: i->prefix_size > 0 in client_side.c:2509 | |
1300 | - Log SSL user id in the custom log User name format (%un) | |
1301 | - Bug #1653: Username info not logged into Cachemgr active_requests | |
1302 | statistics | |
1303 | - Added to the redirectors interface the support for SSL client | |
1304 | certificate | |
1305 | - squid.conf.default cleanup to remove references to old options | |
1306 | - Fix many filedescriptors in combination with TPROXY | |
1307 | - Fix connection pinning in transparently intercepted connections | |
1308 | - Bug #1679: LDFLAGS not honored in some programs. | |
1309 | - Minor cleanup of port numbers in transparent interception or | |
1310 | vhost + vport | |
1311 | - Bug #1671: transparent interception fails with FreeBSD ipfw or | |
1312 | Linux-2.2 ipchains | |
1313 | - Bug #1660: Accept-Encoding related memory corruption | |
1314 | - Bug #1651: Odd results if url_rewriter defined multiple times | |
1315 | - Bug #1655: Squid does not produce coredumps under linux when | |
1316 | started as root | |
1317 | - Bug #1673: cache digests not served to other caches | |
1318 | - Cleanup of Linux capability code used by tproxy | |
1319 | - Bug #1684: xstrdup: tried to dup a NULL pointer! | |
1320 | - Bug #1668: unchecked vsnprintf() return code could lead to log | |
1321 | corruption | |
1322 | - Bug #1688: Assertion failure in HttpHeader.c in some header_access | |
1323 | configurations | |
1324 | - Cygwin support fir --disable-internal-dns | |
1325 | - Silence those annoying sslReadServer: Connection reset by peer | |
1326 | errors. | |
1327 | - Bug #1693: persistent connections broken in transparent | |
1328 | interception mode | |
1329 | - Bug #1691: multicast peering issues | |
1330 | - Bug #1696: Correct WCCP2 processing of router capability info | |
1331 | segments | |
1332 | - Bug #1694: Assertion failure in mgr:config if using | |
1333 | access_log_format %<h | |
1334 | - Bug #1677: Duplicate etags in the If-None-Match header | |
1335 | - Bug #1665: access_log_format codes for login names from external | |
1336 | acl or ssl | |
1337 | - Bug #1681: All ntlmauthenticator processes are busy | |
1338 | - Added ARP acl support for OpenBSD and ARP fixes for Windows | |
1339 | - Bug #1700: WCCP fails on FreeBSD (Unable to disconnect WCCP out | |
1340 | socket) | |
1341 | - WCCP2 correct dampening of assign buckets when there it lots of | |
1342 | changes | |
1343 | - minimum_expiry_time to tune the magic 60 seconds limit of what | |
1344 | is considered cachable when the object doesn't have any cache | |
1345 | validators. | |
1346 | - Bug #1703: wrong path to diskd helper corrected, and config | |
1347 | parser extended to trap incorrect paths early | |
1348 | - Bug #1703: COSS failed to initialize async-io threads | |
1349 | - Bug #1703: should abort if diskd helper exits unexpectedly | |
1350 | - Bug #1702: Warn if acl name is too long | |
1351 | - Bug #1685: Crashes or other odd results after storeSwapMetaUnpack: errors | |
1352 | - wccp2_rebuild_wait directive to delay registering with WCCP until the | |
1353 | - Bug #1662: Infinite loop in external acl with grace period if the | |
1354 | same http_access line had multiple external acls | |
1355 | ||
1356 | Changes to squid-2.6.STABLE1 (1 Jul 2006) | |
1357 | ||
1358 | - New --enable-default-hostsfile configure option | |
1359 | - Added username info to active_requests cachemgr stats | |
1360 | - Modified squid MIB to incorporate squid.conf visible_hostname | |
1361 | - Added multi-line capability in squid.conf | |
1362 | - Added new httpd_suppress_version_string configuration directive | |
1363 | - WCCPv2 support | |
1364 | - Negotiate authentication scheme support | |
1365 | - NTLM authentication scheme rewritten | |
1366 | - Customizable access log formats | |
1367 | - Selective access logging | |
1368 | - Access logging via syslog | |
1369 | - Reverse proxy enhancements, with new cache_peer based forwarding | |
1370 | model. | |
1371 | - LDAP based Digest helper (Note: not true LDAP integration, just using | |
1372 | LDAP for storage of the Digest hashes) | |
1373 | - Improved helper communication protocol | |
1374 | - External ACL improvements. %PATH, log=, grace=, and more.. | |
1375 | - Improved SSL support with hardware offload, client certificate | |
1376 | support (primitive), chained certificates and numerous bug fixes | |
1377 | - DNS lookups now use the search path from /etc/resolv.conf or | |
1378 | the Windows registry | |
1379 | - Linux epoll support | |
1380 | - collapsed forwarding to optimize reverse proxies or other | |
1381 | setups having very many clients going to the same URL | |
1382 | - New improved COSS implementation | |
1383 | - Optional support for blank passwords | |
1384 | - The old and obsolete Samba-2.2.X winbind helpers have been removed | |
1385 | - external acls now uses the simplified URL-escaped protol "3.0" by | |
1386 | default. | |
1387 | - Linux TPROXY support | |
1388 | - Support for proxying of Microsoft Integrated Login by adding | |
1389 | support for the deviations from the HTTP protocol required | |
1390 | to support these authentication mechanisms | |
1391 | - Added the capability to run as a Windows service under Cygwin | |
1392 | - CARP now plays well with the other peering algorithms | |
1393 | - read_ahead_gap option to read ahead more than 16KB of the reply | |
1394 | - check_hostnames and allow_underscore squid.conf options | |
1395 | - http_port is now optional, allowing for SSL only operation | |
1396 | - Full ETag/Vary support, caching responses which varies with | |
1397 | request details (browser, language etc). | |
1398 | - umask now defaults to 027 to protect the content of cache and | |
1399 | log files from local users | |
1400 | - HTCP support for access control and the CRL operation for | |
1401 | purgeing of cache content | |
1402 | - Optionally follow X-Forwarded-For headers to determine the original | |
1403 | client IP behind sedond level proxies | |
1404 | - FreeBSD kqueue support | |
1405 | ||
1406 | Changes to squid-2.5.STABLE14 (20 May 2006) | |
1407 | - [Minor] icons not displayed when visible_hostname is a | |
1408 | short hostname (without domain). (Bug #1532) | |
1409 | - [Medium] Memleak in HTCP client code (default disabled) | |
1410 | (Bug #1553) | |
1411 | - [Major] memory leak in ident processing (Bug #1557) | |
1412 | - [Medium] Memory leak in header processing related to external_acl | |
1413 | header detail format tag (Bug #1564) | |
1414 | ||
1415 | Changes to squid-2.5.STABLE13 (12 Mar 2006) | |
1416 | - [Minor] Fails to compile on Solaris and some other platforms | |
1417 | with undefined reference to setenv (Bug #1435) | |
1418 | - [Cosmetic] Added WebDAV REPORT method to know HTTP methods list | |
1419 | - [Minor] Squid ntlm_auth (not the Samba provided one) giving | |
1420 | odd results if --enable-ntlm-fail-open is used (Bug #1022) | |
1421 | - [Minor] wbinfo_group.pl doesn't work with Samba 3.0.21 and later | |
1422 | (Bug #1472) | |
1423 | - [Minor] Squid crash when asyncio function counters url accessed | |
1424 | from Cachemgr CGI (Bug #1464) | |
1425 | - [Cosmetic] Linux compile warning about prctl called with too few | |
1426 | arguments (Bug #1483) | |
1427 | - [Minor] Wrong timezone declaration for 64 bit Irix (Bug #1479) | |
1428 | - [Minor] Some 206 responses logged incorrectly (Bug #1511) | |
1429 | - [Minor] Issues in processing ranges on objects >2GB (Bug #437) | |
1430 | - [Cosmetic] Segmentation fault on empty proxy_auth ACLs (Bug #1414) | |
1431 | - [Minor] Ident access lists don't work in delay_access statements | |
1432 | (Bug #1428) | |
1433 | - [Minor] Some clients support NTLM even if not initially negotiating | |
1434 | persistent connections (Bug #1447) | |
1435 | - [Medium] 504 Gateway Time-out on FTP uploads (Bug #1459) | |
1436 | - [Medium] delay pools given too much bandwidht after "-k reconfigure" | |
1437 | (Bug #1481) | |
1438 | - [Cosmetic] New persistent_connection_after_error configuration | |
1439 | directive (Bug #1482) | |
1440 | - [Cosmetic] Hangs at 100% CPU if /dev/null is not accessible (Bug | |
1441 | #1484) | |
1442 | - [Minor] Fails to compile on Fedora Core 5 test 2 x86_64 (Bug #1492) | |
1443 | - [Cosmetic] Typo in ftp.c (Bug #1507) | |
1444 | - [Cosmetic] Error in FTP listings of files with -> in their name | |
1445 | (Bug #1508) | |
1446 | - [Cosmetic] With Squid-2.5 there is no more the DUPLICATE IP logging | |
1447 | in cache.log (Bug #779) | |
1448 | - [Minor] Fails to process long host names (Bug #1434) | |
1449 | - [Cosmetic] Azerbaijani errors translation (Bug #1454) | |
1450 | - [Cosmetic] misleading error message message for bad/unresolveable | |
1451 | cache_peer name (Bug #1504) | |
1452 | - [Cosmetic] confusing statistics on stateful helpers (NTLM auth) | |
1453 | (Bug #1506) | |
1454 | - [Major] connstate memory leak (Bug #1522) | |
1455 | ||
1456 | Changes to squid-2.5.STABLE12 (22 Oct 2005) | |
1457 | ||
1458 | - [Major] Error introduced in 2.5.STABLE11 causing truncated responses | |
1459 | when using delay pools (Bug #1405) | |
1460 | - [Cosmetic] Document that tcp_outgoing_* works badly in combination | |
1461 | with server_persistent_connections (Bug #454) | |
1462 | - [Cosmetic] Add additinal tracing to squid_ldap_auth making | |
1463 | diagnostics easier on squid_ldap_auth configuration errors | |
1464 | (Bug #1395) | |
1465 | - [Minor] $HOME not set when started as root (Bug #1401) | |
1466 | - [Minor] httpd_accel_single_host breaks in combination with | |
1467 | server_persistent_connections (Bug #1402) | |
1468 | - [Cosmetic] Setting CACHE_HTTP_PORT to configure was only partially | |
1469 | implemented, effectively ignored. (Bug #1403) | |
1470 | - [Minor] CNAME based DNS addresses could get cached for longer | |
1471 | than intended (Bug #1404) | |
1472 | - [Minor] Incorrect handling of squid-internal-dynamic/netdb exchanges | |
1473 | in transparently intercepting proxies (Bug #1410). | |
1474 | - [Minor] Cache revalidations on HEAD requests causing poor cache | |
1475 | hit ratio (Bug #1411). | |
1476 | - [Minor] Not possible to send 302 redirects via a redirector in | |
1477 | response to CONNECT requests (bug #1412) | |
1478 | - [Minor] Incorrect handling of Set-Cookie on cache refreshes (Bug | |
1479 | #1419) | |
1480 | - [Major] Segmentation fault crash in rfc1738_do_escape (Bug #1426) | |
1481 | - [Minor] Delay pools class 3 fails on clients in network 255 | |
1482 | (Bug #1431) | |
1483 | ||
1484 | Changes to squid-2.5.STABLE11 (22 Sep 2005) | |
1485 | ||
1486 | - [Minor] Workaround for servers sending double content-length headers | |
1487 | (Bug #1305) | |
1488 | - [Cosmetic] Updated Spanish error messages by Nicolas Ruiz | |
1489 | - [Cosmetic] Date header corrected on internal objects (icons etc) | |
1490 | (Bug #1275) | |
1491 | - [Minor] squid -k fails in combination with chroot after patch for | |
1492 | bug 1157 (Bug #1307) | |
1493 | - [Cosmetic] Segmentation fault if compiled with | |
1494 | --enable-ipf-transparent but denied access to the NAT device. | |
1495 | (Bug #1313) | |
1496 | - [Minor] httpd_accel_signle_host incompatible with redireection | |
1497 | (Bug #1314) | |
1498 | - [Minor] squid -k reconfigure internal corruption if the type of | |
1499 | a cache_dir is changed (Bug #1308) | |
1500 | - [Minor] SNMP GETNEXT fails if the given OID is outside the Squid MIB | |
1501 | (Bug #1317) | |
1502 | - [Minor] Title in FTP listings somewhat messed up after previous | |
1503 | patch for bug 1220 (Bug #1220) | |
1504 | - [Minor] FTP listings uses "BASE HREF" much more than it needs to, | |
1505 | confusing authentication. (Bug #1204) | |
1506 | - [Minor] winfo_group.pl only looked for the first group if multiple | |
1507 | groups were defined in the same acl. (Bug #1333) | |
1508 | - [Cosmetic] Compiler warnings on some 64-bit platforms (Bug #1316) | |
1509 | - [Cosmetic] Removed some debug output from wb_ntlm_atuh (Bug #518) | |
1510 | - [Cosmetic] The new --with-build-environment=... option doesn't work | |
1511 | - [Cosmetic] New 'mail_program' configuration option in squid.conf | |
1512 | - [Minor] Fails to compile with ip-filter and ARP support on Solaris | |
1513 | x86 (Bug #199) | |
1514 | - [Major] Segmentation fault in sslConnectTimeout (Bug #1355) | |
1515 | - [Medium] assertion failed in StatHist.c:93 (Bug #1325) | |
1516 | - [Minor] More chroot_dir and squid -k reconfigure issues (Bug #1331) | |
1517 | - [Cosmetic] Invalid URLs in error messages when failing to connect | |
1518 | to peer, and a few other inconsistent error messages (Bug #1342) | |
1519 | - [Cosmetic] Fails to compile with glibc -D_FORTIFY_SOURCE=2 | |
1520 | (Bug #1344) | |
1521 | - [Minor] Some odd FTP servers respond with 250 where 226 is expected | |
1522 | (Bug #1348) | |
1523 | - [Cosmetic] Greek translation of error messages (Bug #1351) | |
1524 | - [Major] Assertion failed store_status == STORE_PENDING (Bug #1368) | |
1525 | - [Minor] squid_ldap_auth -U does not work (Bug #1370) | |
1526 | - [Minor] SNMP cacheClientTable fails on "long" IP addresses | |
1527 | (Bug #1375) | |
1528 | - [Minor] Solaris Sparc + IP-Filter compile error (Bug #1374) | |
1529 | - [Minor] E-mail sent when cache dies is blocked from many antispam | |
1530 | rules (Bug #1380) | |
1531 | - [Minor] LDAP helpers does not work with TLS (-Z option) (Bug #1389) | |
1532 | - [Cosmetic] Incorrect store dir selection debug message on objects | |
1533 | larger than 2Gigabyte (Bug #1343) | |
1534 | - [Cosmetic] header_id enum misused as an signed integer (Bug #1343) | |
1535 | - [Cosmetic] Allow leaving core dumps when started as root (Bug #1335) | |
1536 | - [Medium] Clients could bypass delay_pool settings by faking a cache | |
1537 | hit request (Bug #500) | |
1538 | - [Minor] IP-Filter 4.X support (Bug #1378) | |
1539 | - [Medium] Odd results on pipelined CONNECT requests | |
1540 | - [Major] Squid crashing with "FATAL: Incorrect scheme in auth header" | |
1541 | when using NTLM authentication. | |
1542 | - [Cosmetic] Odd results when pipeline_prefetch is combined with NTLM | |
1543 | authentication (bug #1396) | |
1544 | - [Minor] invalid host was processed as IP 255.255.255.255 in dst acl | |
1545 | (Bug #1394) | |
1546 | - [Cosmetic] New --with-maxfd=N configure option to override build | |
1547 | time filedescriptor limit test | |
1548 | - [Minor] Added support for Windows code name "Longhorn" on Cygwin. | |
1549 | ||
1550 | Changes to squid-2.5.STABLE10 (17 May 2005) | |
1551 | ||
1552 | - [Minor Security] Fix race condition in relation to old Netscape | |
1553 | Set-Cookie specifications | |
1554 | - [Minor] Fails to parse D.J. Bernstein's FTP EPLF ftp listing | |
1555 | format and PASV resposes (Bug #1252) | |
1556 | - [Medium] BASE HREF missing on ftp directory URLs without / | |
1557 | (Bug #1253) | |
1558 | - [Minor security] confusing http_access results on configuration | |
1559 | error (Bug #1255) | |
1560 | - [Cosmetic] More robust Date parser (Bug #321) | |
1561 | - [Minor] reload_with_ims fails to refresh negatively cached objects | |
1562 | (Bug #1159) | |
1563 | - [Cosmetic] delay_access description clarification (Bug #1245) | |
1564 | - [Cosmetic] Check for integer overflow in size specifications in | |
1565 | squid.conf (Bug #1247) | |
1566 | - [Cosmetic] bzero is a non-standard function not available on all | |
1567 | platforms (Bug #1256) | |
1568 | - [Cosmetic] Compiler warnings if pid_t is not an int (Bug #1257) | |
1569 | - [Cosmetic] Incorrect use of ctype functions (Bug #1259) | |
1570 | - [Cosmetic] Defer digest fetch if the peer is not allowed to be used | |
1571 | (Bug #1261) | |
1572 | - [Minor] Duplicate content-length headers logged incorrectly or | |
1573 | not cleaned up properly (Bug #1262) | |
1574 | - [Cosmetic] Extend relaxed_header_parser to work around "excess | |
1575 | data from" errors from many major web servers. (Bug #1265) | |
1576 | - [Minor] Add HTTP headers to a netdb error messages | |
1577 | - [Minor] Multiple minor aufs issues (Bug #671) | |
1578 | - [Minor] Basic authentication fails with very long logins or | |
1579 | password (Bug #1171) | |
1580 | - [Minor] CONNECT requests truncated if client side disconnects first | |
1581 | (Bug #1269) | |
1582 | - [Minor] --disable-hostname-checks configure option did not work | |
1583 | - [Cosmetic] LDAP helpers adjusted to compile with SUN LDAP SDK | |
1584 | - [Cosmetic] aufs warning about open event filedescriptors on shutdown | |
1585 | - [Medium] Failed to process requests for files larger than 2GB in size | |
1586 | - [Cosmetic] rename() related cleanup | |
1587 | - [Cosmetic] New cachemgr pending_objects and client_objects actions | |
1588 | - [Cosmetic] external acls requiring authentication did not request | |
1589 | new credentials on access denials like proxy_auth does. | |
1590 | - [Cosmetic] Syslog facility now configurable via command line options. | |
1591 | - [Cosmetic] New %a error page template code expanding into the | |
1592 | authenticated user name. (Bug #798) | |
1593 | - [Minor] IP-Filter 4.0 support in --enable-ipf-transparent | |
1594 | - [Minor] Support interception of multiple ports | |
1595 | - [Cosmetic] Allow "squid -k ..." to run even if the local hostname | |
1596 | can not be determined (Bug #1196) | |
1597 | - [Cosmetic] Configuration file parser now handles DOS/Windows formatted | |
1598 | configuration files with CRLF lineendings proper. | |
1599 | - [Minor] Unrecognized Cache-Control directives now forwarded properly | |
1600 | (Bug #414) | |
1601 | - [Minor] Authentication helpers now returns useable information | |
1602 | in the %m error page macro on failed authentication (Bug #1223) | |
1603 | - [Minor] pid file management corrected in chroot use (Bug #1157) | |
1604 | - [Minor Security] Fix for CVE-1999-0710: cachemgr malicouse use. | |
1605 | cachemgr.cgi now reads a config file telling which proxy servers | |
1606 | it can administer. | |
1607 | - [Minor] aufs statistics improvements | |
1608 | - [Minor] SNMP bugfixes and support for SNMPv2(c) (Bug #1288, #1299) | |
1609 | - [Minor] ARP acl documentation and cachemgr config dump corrections | |
1610 | - [Minor] dstdomain/dstdom_regex acls now allow matching of numeric | |
1611 | hostnames in addition to the reverse lookup of the domain name. | |
1612 | - [Security] Internal DNS client hardened against spoofing | |
1613 | ||
1614 | Changes to squid-2.5.STABLE9 (24 Feb 2005) | |
1615 | ||
1616 | - [Medium] Don't retry requests on 403 errors (Bug #1210) | |
1617 | - [Minor] Ignore invalid FQDN DNS responses (Bug #1222) | |
1618 | - [Minor] cache_peer related memory leaks on reconfigure (Bug #1246) | |
1619 | - [Cosmetic] Adjusted to build cleanly with GCC-4 (Bug #1211) | |
1620 | - [Minor] relaxed_header_parser extended to work around even more | |
1621 | broken web servers (Bug #1242) | |
1622 | - [Minor] FTP gatewaying URLs cleaned up slightly, mainly to work | |
1623 | better with Mozilla but also to improve security slightly on | |
1624 | non-anonymous FTP. | |
1625 | - [Minor] High characters allowed un-encoded in FTP and Gopher | |
1626 | listings to allow the user-agent to display data in non-iso8859-1 | |
1627 | charsets. (Bug #1220) | |
1628 | - [Cosmetic] format fixes to silence compiler warnings on many | |
1629 | platforms. | |
1630 | - [Major] Assertion failures on certain odd DNS responses (Bug #1234) | |
1631 | ||
1632 | Changes to squid-2.5.STABLE8 (11 Feb 2005) | |
1633 | ||
1634 | - [Minor] 100% CPU usage on half-closed PUT/POST requests (Bug #354, | |
1635 | #1096) | |
1636 | - [Cosmetic] Document -v (protocol version) option to LDAP helpers | |
1637 | - [Minor] The new req_header and resp_header acls segfaults | |
1638 | immediately on parse of squid.conf (Bug #961) | |
1639 | - [Minor] Failure to shut down busy helpers on -k rotate/reconfigure | |
1640 | (Bug #1118) | |
1641 | - [Minor] Don't use O_NONBLOCK on disk files. (Bug #1102) | |
1642 | - [Minor] Squid fails to close TCP connection after blank HTTP | |
1643 | response (Bug #1116) | |
1644 | - [Minor security] Random error messages in response to malformed | |
1645 | host name (Bug #1143) | |
1646 | - [Minor] PURGE should not be able to delete internal objects | |
1647 | (Bug #1112) | |
1648 | - [Minor] httpd_accel_port 0 (virtual) not working correctly (Bug | |
1649 | #1121) | |
1650 | - [Minor] cachemgr vm_objects segfault (Bug #1149) | |
1651 | - [Minor security] Confusing results on empty acl declarations (Bug | |
1652 | #1166) | |
1653 | - [Minor] Don't close all "other" filedescriptors on startup (Bug | |
1654 | #1177) | |
1655 | - [Minor] fakeauth_auth memory leak and NULL pointer access (Bug | |
1656 | #1183) | |
1657 | - [Security] buffer overflow bug in gopherToHTML() (Bug #1189) | |
1658 | - [Medium security] Denial of service with forged WCCP messages | |
1659 | (Bug #1190) | |
1660 | - [Minor] DNS related memory leak on certain malformed DNS responses | |
1661 | (Bug #1197) | |
1662 | - [Minor] Internal DNS sometimes truncates host names in reverse | |
1663 | (PTR) lookups (Bug #1136) | |
1664 | - [Minor Security] Add sanity checks on LDAP user names (Bug #1187) | |
1665 | - [Security] Harden Squid against HTTP request smuggling attacks | |
1666 | - [Minor] Icon URLs fails in non-anonymous FTP directory listings is | |
1667 | short_icon_urls is on (Bug #1203) | |
1668 | - [Security] Harden Squid against HTTP response splitting attacks | |
1669 | (Bug #1200) | |
1670 | - [Medium security] Buffer overflow in WCCP recvfrom() call | |
1671 | (Bug #1217) | |
1672 | - [Security] Properly handle oversized reply headers (Bug #1216) | |
1673 | - [Minor] LDAP helpers search fixed to properly ask for no attributes | |
1674 | - [Minor] A sporadic segmentation fault when using ntlm authentication | |
1675 | fixed (Bug #1127) | |
1676 | - [Major] Segmentation fault on failed PUT/POST requests (Bug #1224) | |
1677 | - [Medium] Persistent connection mismatch on failed PUT/POST request | |
1678 | (Bug #1122) | |
1679 | - [Minor] WCCP easily disturbed by forged packets (Bug #1225) | |
1680 | - [Minor] Password management in ftp:// gatewaying improved (Bug #1226) | |
1681 | - [Major] HTTP reply data corruption in certain situations involving | |
1682 | reply headers split over multiple packets (Bug #1233) | |
1683 | ||
1684 | Changes to squid-2.5.STABLE7 (11 Oct 2004) | |
1685 | ||
1686 | - [Medium] No objects cached in ufs cache_dir type in some | |
1687 | configurations. Issue introduced in 2.5.STABLE6 by the patch for | |
1688 | Bug #676. (Bug #1011) | |
1689 | - [Minor] LDAP helpers update to correct LDAP connection management | |
1690 | and add support for literal password compare instead of binding | |
1691 | - [Minor] A large number of queued DNS lookups for the same domain | |
1692 | (Bug #852) | |
1693 | - [Cosmetic] request_header_max_size configuration partly ignored | |
1694 | (Bug #899) | |
1695 | - [Minor] Partial hit results in TCP_HIT, not TCP_MISS. (Bug #1001) | |
1696 | - [Cosmetic] HEAD requests may return stale information | |
1697 | (Bug #1012) | |
1698 | - [Cosmetic] Warn if cache_dir ufs can not create files. (Bug #918) | |
1699 | - [Minor] case insensitive authentication (Bug #431) | |
1700 | - [Cosmetic] Add delay pools information to active_requests. (Bug | |
1701 | #882) | |
1702 | - [Minor] Apparent memory leak in client_db (Bug #833) | |
1703 | - [Minor] NTLM authentication truncated causing failures. (Bug | |
1704 | #1016) | |
1705 | - [Cosmetic] Grammatical corrections in squid.conf.default | |
1706 | - [Cosmetic] Unknown %X errorpage codes incorrectly quoted. (Bug | |
1707 | #1030) | |
1708 | - [Medium] Segfaults and other strange crashes when using heap | |
1709 | policies. (Bug #1009) | |
1710 | - [Minor] Supplementary group memberships not set (Bug #1021) | |
1711 | - [Cosmetic] ERR_TOO_BIG Portuguese translation | |
1712 | - [Minor] external_acl does not handle newlines (Bug #1038) | |
1713 | - [Major] NTLM authentication denial of service when using msnt_auth | |
1714 | or fake_auth (Bug #1045) | |
1715 | - [Medium] Memory leaks when using NTLM authentication without | |
1716 | challenge reuse. (Bug #994) | |
1717 | - [Minor] Temporary NTLM memory leak with challenge reuse enabled | |
1718 | (Bug #910) | |
1719 | - [Minor] assertion failed: "n_ufs_dirs <= | |
1720 | Config.cacheSwap.n_configured". (Bug #1053) | |
1721 | - [Minor] Segfault in authenticateDigestHandleReply. (Bug #1031) | |
1722 | - [Minor] acl time fails to parse multiple time specifications | |
1723 | (Bug #1060) | |
1724 | - [Minor] cachemgr config dumps mixed up Range and Request-Range | |
1725 | headers in http_header_access & replace directives. (Bug #1056) | |
1726 | - [Minor] Content-Disposition added as a well known header (Bug #961) | |
1727 | - [Cosmetic] Don't warn about arp acls not being supported on FreeBSD | |
1728 | (Bug #1074) | |
1729 | - [Cosmetic] Limit internal send/receive buffer sizes (Bug #1075) | |
1730 | - [Medium] New acl types to match arbitrary HTTP headers. In addition | |
1731 | the http_header_access & replace directives now support arbitrary | |
1732 | headers and not only the well known ones. (Bug #961) | |
1733 | - [Cosmetic] ncsa_auth now accepts Window formatted password files | |
1734 | (Bug #1078) | |
1735 | - [Cosmetic] Support the --program-prefix/suffix options or other | |
1736 | configure program name transforms (Bug #1019) | |
1737 | - [Minor] Fix race condition in CONNECT and also handle aborts of | |
1738 | CONNECT requests in a more graceful manner. (Bug #859) | |
1739 | - [Minor] New balance_on_multiple_ip directive to work around certain | |
1740 | broken load balancers and optimized ipcache on reload requests | |
1741 | (Bug #1058) | |
1742 | - [Medium] New reply_header_max_size directive | |
1743 | (Bug #874) | |
1744 | - [Minor] Suspected instability on aborted PUT/POST requests | |
1745 | (Bug #1089) | |
1746 | - [Security] SNMP Denial of Service fix (CAN-2004-0918) | |
1747 | ||
1748 | Changes to squid-2.5.STABLE6 (9 Jul 2004) | |
1749 | ||
1750 | - Bug #937: NTLM assertion error "srv->flags.reserved" | |
1751 | - Bug #935: squid_ldap_auth can be confused by the use of reserved | |
1752 | characters | |
1753 | - Helper queue warnings imprecise on the number of helpers required | |
1754 | - squid_ldap_auth TLS mode works correctly again | |
1755 | - Bug #940, #305: pkg-config support for finding correct OpenSSL | |
1756 | compile flags | |
1757 | - Bug #426: "Vary: *" is ignored | |
1758 | - 100% CPU usage on Linux-2.2 | |
1759 | - Version number should not include -CVS if autoconf is run | |
1760 | - Bug #947: deny_info redirection with requested URL escaped wrongly | |
1761 | - Bug #495: CONNECT timeout should produce a 504 or 503 | |
1762 | - Bug #956: cache_swap_log documentation referred to swap.state by | |
1763 | it's old swap.log name | |
1764 | - ntlm/auth_ntlm.c(683): warning #187: use of "=" where "==" may | |
1765 | have been intended | |
1766 | - Bug #962: rfc1035NameUnpack: Assertion (*off) < sz failed | |
1767 | - Bug #954: Segment violation when using a blank user name in digest | |
1768 | authentication | |
1769 | - Bug #943: assertion failed: errorpage.c:292: "mem->inmem_hi == 0" | |
1770 | - Spelling corrections in configure and squid.conf.default | |
1771 | - The meaning of ERR in digest helper protocol clarified in the | |
1772 | squid.conf documentation | |
1773 | - Bug #950: Spelling error in Turkish ERR_DNS_FAIL | |
1774 | - Bug #616: Negative cached 404 replies with VARY header never matched | |
1775 | - Bug #968: range_offset_limit -1 KB rejected as invalid syntax | |
1776 | due to a shortcoming in the fix to bug #817 | |
1777 | - Bug #570: Very large cache_mem values reported wrongly in cache.log | |
1778 | - Bug #676: store_dir_select_algorithm least-load doesn't work for | |
1779 | ufs cache_dir type | |
1780 | - Bug #946: cacheCurrentUnlinkRequests should be a counter, not gauge | |
1781 | - Bug #948: Show client ip in cache.log debug output | |
1782 | - Bug #960: compilation issue on OpenBSD/m88k | |
1783 | - Bug #969: FTP directory listing HTML DOCTYPE misread by some tools | |
1784 | - Bug #991: dns_servers should default to localhost if no resolv.conf | |
1785 | - Bug #717: msnt_auth documentation update | |
1786 | - Bug #753: Segfault in memBufVPrintf on certain architectures | |
1787 | requiring va_copy | |
1788 | - Bug #941: Negative size in access.log on long running CONNECT | |
1789 | requests | |
1790 | - Bug #972: Segmentation fault after "Likely proxy abuse detected" | |
1791 | - Bug #981: sasl_auth updated to work with SALS2 | |
1792 | - Overflow bug in Squid's ntlm_auth helper used for transparent NTLM | |
1793 | authentication to a NT domain without using Samba. | |
1794 | ||
1795 | Changes to squid-2.5.STABLE5 (1 Mar 2004): | |
1796 | ||
1797 | - cache.log message on "squid -k reconfigure" was slightly confusing, | |
1798 | claiming Squid restarted when it just reread the configuration. | |
1799 | - Bug #787: digest auth never detects password changes | |
1800 | - Bug #789: login with space confuses redirector helpers | |
1801 | - Bug #791: FQDNcache discards negative responses when using | |
1802 | internal DNS | |
1803 | - pam_auth fails on Solaris when using pam_authtok_get. Persistent | |
1804 | PAM connections are unsafe and now disabled by default. | |
1805 | - auth_param documentation clarifications and added default realm | |
1806 | values making only the helper program a required attribute | |
1807 | - Bug #795: German ERR_DNS_FAIL correction | |
1808 | - Bug #803: Lithuanian error messages update | |
1809 | - Bug #806: Segfault if failing to load error page | |
1810 | - Bug #812: Mozilla/Netscape plugins mime type defined (.xpi) | |
1811 | - Bug #817: maximum_object_size too large causes squid not to cache | |
1812 | - Bug #824: 100% CPU loop if external_acl combined with separate | |
1813 | authentication acl in the same http_access line | |
1814 | - squid_ldap_group updated to version 2.12 with support for ldaps:// | |
1815 | (LDAPv2 over SSL) and a numer of other improvements. | |
1816 | - Bug #799: positive_dns_ttl ignored when using internal DNS. | |
1817 | - Bug #690: Incorrect html on empty Gopher responses | |
1818 | - Bug #729: --enable-arp-acl may give warning about net/route.h | |
1819 | - Bug #14: attempts to establish connection may look like syn flood | |
1820 | attack if the contacted server is refusing connections | |
1821 | - errorpage README files included in the distribution again showing | |
1822 | who contributed which translation | |
1823 | - Bug #848: connect_timeout connect_timeout ends up twice the length. | |
1824 | forward_timeout option added to address this. | |
1825 | - Bug #849: DNS log error messages should report the failed query | |
1826 | - Bug #851: DNS retransmits too often | |
1827 | - Bug #862: Very frequently repeated POST requests may cause a | |
1828 | filedescriptor shortage due to persitent connections building up | |
1829 | - Bug #853: Sporatic segmentation faults on aborted FTP PUT requests | |
1830 | - Bug #571: Need to limit use of persistent connections when | |
1831 | filedescriptor usage is high | |
1832 | - Bug #856: FTP/Gopher Icon URLs are unneededly complex and often | |
1833 | does not work properly | |
1834 | - Bug #860: redirector_access does not handle "slow" acls such as | |
1835 | "dst" or "external" requiring a external lookup. | |
1836 | - Bug #865: Persistent connection usage too high after sudden burst | |
1837 | of traffic. | |
1838 | - Bug #867: cache_peer max-conn=.. option does not work | |
1839 | - Bug #868: refuses to start if pid_filename none is specified | |
1840 | - Bug #887: LDAP helper -Z (TLS) option does not work | |
1841 | - Bug #877: Squid doesn't follow telnet protocol on FTP control | |
1842 | connections | |
1843 | - Bug #908: Random auth popups and account lockouts when using ntlm | |
1844 | - Support for NTLM_NEGOTIATE exchanges with ntlm helpers | |
1845 | - Bug #585: cache_peer_access fails with NTLM authentication | |
1846 | - Bug #592: always/never_direct fails with NTLM authentication | |
1847 | - wbinfo_group update for Samba-3 | |
1848 | - Bug #892: helpers/ntlm_auth/SMB/ fails to compile on FreeBSD 5.0 | |
1849 | - Bug #924: miss_access restricts internal and cachemgr requests | |
1850 | even if these are local | |
1851 | - Bug #925: auth headers send by squidclient are mildly malformed | |
1852 | - Bug #922: miss_access and delay_access and several other | |
1853 | authentication related bug fixes. | |
1854 | - Bug #909: Added ARP acl support for FreeBSD | |
1855 | - Bug #926: deny_info with http_reply_access or miss_access | |
1856 | - Bug #872: reply_body_max_size problems when using NTLM auth | |
1857 | - Bug #825: random segmentation faults when using digest auth | |
1858 | - Bug #910: Partial fix for temporary memory leaks when using NTLM | |
1859 | auth. There is still problems if challenge reuse is enabled. | |
1860 | - ftp://anonymous@host/ now accepted without requiring a password | |
1861 | - Bug #594: several mime type updates (ftp:// related) | |
1862 | - url_regex enhanced to allow matching of %00 | |
1863 | ||
1864 | Changes to squid-2.5.STABLE4 (15 Sep 2003): | |
1865 | ||
1866 | - Lithuanian error messages added to the distribution | |
1867 | - Bug #660: segfauld if more than one custom deny_info line | |
1868 | - cache_dir disd documentation cleanup | |
1869 | - check open of /dev/null to avoid 100% CPU loop in badly | |
1870 | configured chroot environments | |
1871 | - documentation update on uri_whitespace to refer to the correct RFC | |
1872 | - Bug #655: icmpRecv: recv: (11) Resource temporarily unavailable | |
1873 | - Bug #683: external_acl does not wait for ident lookups to complete | |
1874 | - aufs: Fix a minor use-after-free problem which could cause the | |
1875 | count of opening filedescriptors to grow larger than it should | |
1876 | - Syntax changes to make GCC-3.3 accept Squid without complaints | |
1877 | - Warning if CARP server defined in incorrect load factor order | |
1878 | - neighbor_type_domain documentation update | |
1879 | - http_header_access now works when using cache peers | |
1880 | - high_memory_warning now uses sbrk as fallback mechanism on | |
1881 | platforms where neither mallinfo or mstats are available. | |
1882 | - hosts_file now handles comments at the end of lines correcly | |
1883 | - storeCheckCachable() Stats corrected for release_request and | |
1884 | wrong_content_length. | |
1885 | - cachePeerPingsSent MIB type corrected | |
1886 | - unused minimum_retry_timeout directive removed | |
1887 | - Bug #702: ERR_TO_BIG spanish translation | |
1888 | - Bug #705: Memory leak on deny_info TCP_RESET | |
1889 | - Code cleanup to fix compile error in httpHeaderDelById | |
1890 | - Bug #699: Host header now forwarded exactly where it was in the | |
1891 | original request to work around certain broken firewalls or | |
1892 | load balancers which fail if this header is too far into the | |
1893 | request headers. | |
1894 | - Bug #704: Memory leak on reply_body_max_size | |
1895 | - Bug #686: requests denied due to http_reply_access are now | |
1896 | logged with TCP_DENIED (instead of TCP_MISS, etc). | |
1897 | - Bug #708: ie_refresh now sends no-cache to have the reload | |
1898 | request propagate properly in cache meshes | |
1899 | - Bug #700: Crashes related to ftpTimeout: timeout in SENT_PASV state | |
1900 | - Bug #709: cbdata.c:186: "c->valid" assertion due to peer | |
1901 | digest not found | |
1902 | - Bug #710: round-robin cache_dir selection incorrectly | |
1903 | compares max-size. | |
1904 | - Statistics corrections in HTTP header statitics | |
1905 | - QUICKSTART cleanups | |
1906 | - Bug #715: statCounter.syscalls.disk counters treated | |
1907 | inconsistently. Now increment the counters in AUFS | |
1908 | functions and for unlinkd. | |
1909 | - Improvements to the (experimental) COSS storage scheme. | |
1910 | - Bug #721: User name field in access.log sometimes blank | |
1911 | - Bug #94: assertion failed: http.c: "-1 == cfd || | |
1912 | FD_SOCKET == fd_table[cfd].type" | |
1913 | - Bug #716: assertion failed: client_side.c:1478: "size > 0" | |
1914 | - Bug #732: aufs calculates number of threads and limits wrongly | |
1915 | - Bug #663: Username not logged into access.log in case of /407 | |
1916 | - Bug #267: Form POSTing troubles with NTLM authentication | |
1917 | and occationally in differen other error conditions. | |
1918 | - Bug #736: ICP dynamic timeout algorithm ignores multicast. | |
1919 | - Bug #733: No explicit error message when ncsa_auth can't access | |
1920 | passwd file | |
1921 | - Bug #267, #757: POST with NTLM stops after persistent connection | |
1922 | timeout | |
1923 | - Bug #742: Wrong status code on access denials if delay_access | |
1924 | is used. Most notably 407 instead of 403 could be returned. | |
1925 | - Bug #763: segfault if using ntlm in http_reply_access | |
1926 | - Bug #638: assertion error if using proxy_auth in delay_access | |
1927 | - Bug #756: segmentation fault if using ntlm proxy_auth in delay_access | |
1928 | - The issue of reply_body_max_size limiting the size of error | |
1929 | messages no longer applies. | |
1930 | - external_acl_type concurrency= option renamed to children= to | |
1931 | prepare for Squid-3 upgrades. Old syntax still accepted for the | |
1932 | duration of the Squid-2.5 release. | |
1933 | - number of filedescriptors rounded down to an even multiple of 64 | |
1934 | to work around issues in certain libc implementations. | |
1935 | - winbind helpers less noisy in cache.log on restarts/shutdown. | |
1936 | - Squid now automatically restarts helpers if too many of them | |
1937 | have crashed. | |
1938 | ||
1939 | Changes to squid-2.5.STABLE3 (25 May 2003): | |
1940 | ||
1941 | - Bug #573: Occational false negatives in external acl lookups | |
1942 | - Bug #577: assertion failed: cbdata.c:224: "c->y == c" when | |
1943 | external_acl helpers crashes | |
1944 | - Bug #590: Squid may hang or behave oddly on shutdown while | |
1945 | requests is being processed. | |
1946 | - Bug #590: external acl lookups does not deal well with queue | |
1947 | overload | |
1948 | - cache_effective_user documentation update | |
1949 | - cache_peer documentation update for htcp and carp | |
1950 | - Bug #600: The example header_access paranoid setting is | |
1951 | missing WWW-Authenticate | |
1952 | - Bug #605: Segmentation fault in idnsGrokReply() on certain | |
1953 | platforms | |
1954 | - Fixes to build properly on AIX 5 | |
1955 | - Bug #574: wb_group updated to version 1.1 to make group names | |
1956 | case insensitive and correct a segfault issue in the helper | |
1957 | - SNMP mib updates to make cacheNumObjCount, | |
1958 | cacheCurrentUnlinkRequests, cacheCurrentSwapSize and cacheClients | |
1959 | correctly report as gauges (was reporting as counters). | |
1960 | - Woraround for --enable-ssl Kerberos issue on RedHat 9 | |
1961 | - Bug #579: Close and repopen log files on "squid -k reconfigure" | |
1962 | - Bug #598: squid_ldap_auth could segfault if LDAP server is | |
1963 | unavailable | |
1964 | - Bug #609,#612: msntauth helper fixes in dealing with large | |
1965 | or non-existing allow/deny user files. | |
1966 | - Bug #620: acl ident REQUIRED matches even if the ident lookup fails | |
1967 | - Bug #432: reply_body_max_size fails with ident or proxy_auth acls | |
1968 | and also fails to block large objects where the content-length | |
1969 | is not known | |
1970 | - Bug #606: Basic auth looping and gets stuck at high CPU usage when | |
1971 | multiple proxy_auth ACLs combined in one line and login fails. | |
1972 | - squid_ldap_auth updated with support for TLS and SSL | |
1973 | - Bug #623: segfault if using negated external acls in certain | |
1974 | configurations involving other acls later on the same http_access | |
1975 | line. | |
1976 | - Bug #622: wb_group helper update to version 1.2 to ass support for | |
1977 | Domain-Qualified groups refering to groups in a specific domain | |
1978 | - Bug #596: logic error in poll() error management | |
1979 | - Bug #597: logic errors in error management | |
1980 | - Bug #591: segmentation fault in authentication on "squid -k debug" | |
1981 | - Bug #587: smb_auth fails on complex logins involving domain names | |
1982 | or other odd characters | |
1983 | - Bug #558, #587: smb_auth.pl fails on complex logins involving | |
1984 | domain names or other odd characters | |
1985 | - Bug #643: external_acl fails with ttl=0 due to a change introduced | |
1986 | by the patch for Bug #553 in 2.5.STABLE2. | |
1987 | - Bug #630: minor issues in digest authantication causing random | |
1988 | authentication failures and incompability with many mainstream | |
1989 | browser digest implementations due to browser qop bugs. To deal | |
1990 | with those broken browser nonce_stricness now defaults to off, | |
1991 | and two new digest options have been added (check_nonce_count | |
1992 | and post_workaround) to allow workarounds to other quite bad | |
1993 | browser bugs if needed. | |
1994 | - Bug #644: digest authentication fails on requests with one | |
1995 | or more comma in the requested URL | |
1996 | - Bug #648: deny_info TCP_RESET not working. The fix for this also | |
1997 | adds the ability to send redirects. | |
1998 | ||
1999 | Changes to squid-2.5.STABLE2 (Mars 17, 2003): | |
2000 | ||
2001 | - Contrib files added back to the distribution | |
2002 | - Several compiler warnings fixed when using --disable-ident or | |
2003 | --disable-http-violations | |
2004 | - authentication can now be used in most access controls, but | |
2005 | must in most cases first be enforced in http_access to force | |
2006 | the user to authenticate. | |
2007 | - cleanups in the developer bootstrap.sh process when preparing | |
2008 | the sources. | |
2009 | - several squid.conf.default documentation updated to correctly | |
2010 | refer to the current names when refering to other directives | |
2011 | - authenticate_ip_ttl documentation updates | |
2012 | - several assertion faults and segmentation violations corrected | |
2013 | - the RunCache/RunAccel and squid.rc scripts updated to refer to | |
2014 | the squid binary in sbin rather than the old bin location. | |
2015 | - squid_ldap_auth command line processing fixes when specifying | |
2016 | the LDAP server last on the line instead of -h option | |
2017 | - aufs data corruption bugfix | |
2018 | - aufs performance improvement for low traffic systems | |
2019 | - aufs stability improvements | |
2020 | - external_acl corrected to properly deal with quoted strings | |
2021 | - WCCPv1 bugfix to make sure the router accepts the hash assignments | |
2022 | - "Total accounted memory" now correctly reported in cachemgr | |
2023 | - several small memory leaks (mostly reconfigure related) | |
2024 | - new squid.conf option to allow GET/HEAD requests with a request | |
2025 | entity | |
2026 | - "make uninstall" no longer removes squid.conf | |
2027 | - cachemgr.cgi now uses POST to avoid having the cachemgr password | |
2028 | logged in the web server logs | |
2029 | - authentication schemes which are known to not be proxyable are now | |
2030 | filtered out from forwarded server replies to avoid that the clients | |
2031 | tries to use such schemes when we know for a fact it won't work | |
2032 | - spelling corrections in various error messages | |
2033 | - now possible to define acl values with spaces in them | |
2034 | by using the "include file" feature | |
2035 | - squid_ldap_group updated to 2.10 to fix compilation issues with | |
2036 | recent (and older) OpenLDAP libraries and to make the helper deal | |
2037 | correctly with true LDAP groups by first looking up the user DN. | |
2038 | - Some internal code cleanups | |
2039 | - now verifies that programs etc exists iside the chroot directory | |
2040 | when using chroot_dir. No longer neccesary to set up a split view | |
2041 | environment where the same paths works both inside the chroot and | |
2042 | outside just to convince Squid that the files is actually there.. | |
2043 | - improved memory usage reporting | |
2044 | - --disable-hostname-checks configure option | |
2045 | - no longer ignores double dots in host names. Any hostname with | |
2046 | double dots is now rejected as invalid. | |
2047 | - log_mime_hdrs no longer logs garbage if very long headers | |
2048 | are seen. | |
2049 | - 'select_fds_hist' object added to cachemgr 'histogram' output | |
2050 | - pid file now unlinked when squid has really shut down, not | |
2051 | immediately when the shutdown request is received. This allows | |
2052 | the pid file to be monitored to determine when Squid has shut down | |
2053 | properly | |
2054 | - correct authentication scheme setups on some platforms or compilers | |
2055 | - several squid.conf.default documentation updates to remove references | |
2056 | to renamed or replaced directives by changing them to their current | |
2057 | names. | |
2058 | - the SSL reverse proxy support updated to allow building with | |
2059 | OpenSSL 0.9.7 and and later. | |
2060 | - Corrected a minor performance problem while processing HEAD replies | |
2061 | from various broken web servers not sending a correct HTTP reply | |
2062 | - time acls can now specify multiple times in the same acl name, like | |
2063 | most other acl types. | |
2064 | - winbind helpers updated to match Samba-2.2.7a and should | |
2065 | work with Samba-2.2.6 or later (required). For compability with | |
2066 | older Samba versions A new configure option --with-samba-sources=... | |
2067 | has been added to allow you to specify which Samba version the | |
2068 | helpers should be built for if different than the above versions. | |
2069 | - Squid MIB definition syntax correction to work better with newer | |
2070 | (and older) SNMP tools. | |
2071 | - Fixed access.log format when logging "error:invalid-HTTP-ident" on | |
2072 | requests where parsing the HTTP identifier (HTTP/1.0) failed. | |
2073 | - "make distclean" no longer removes the icons, this avoids the | |
2074 | dependency on "uudecode" to rebuild Squid after "make distclean" | |
2075 | - User name returned by external acl lookups (external_acl_type) | |
2076 | is now available as "ident" in later acl checks in addition to | |
2077 | the logging in access.log. | |
2078 | - Incorrect behaviour of Digest authentication partly corrected - it | |
2079 | will not handle sessions, but will always enforce password | |
2080 | correctness.. (patch submitted by Sean Burford). | |
2081 | - Issue with persistent connections and PUT/POST request corrected | |
2082 | ||
2083 | Changes to squid-2.5.STABLE1 (September 25, 2002): | |
ddf1c0c4 | 2084 | |
94439e4e | 2085 | - Major rewrite of proxy authentication to support other schemes |
2086 | than basic. First in the line is NTLM support but others can | |
a2794549 | 2087 | easily be added (minimal digest is present). See Programmers Guide. |
6437ac71 | 2088 | (Robert Collins & Francesco Chemolli) |
94439e4e | 2089 | - Reworked how request bodies are passed down to the protocols. |
2090 | Now all client side processing is inside client_side.c, and | |
2091 | the pass and pump modules is no longer used. | |
3ff01c3e | 2092 | used by Squid. |
722a4b40 | 2093 | - Optimized searching in proxy_auth and ident ACL types. Squid should |
2094 | now handle large access lists a lot more efficiently. | |
05fbbc17 | 2095 | (Francesco Chemolli) |
e396d395 | 2096 | - Fixed forwarding/peer loop detection code (Brian Degenhardt) - |
2097 | now a peer is ignored if it turns out to be us, rather than | |
2098 | committing suicide | |
1224d740 | 2099 | - Changed the internal URL code to obey appendDomain for internal |
2100 | objects if it needs appending. This fixes weirdnesses where | |
2101 | a machine can think it is "foo.bar.com", and "foo" is requested. | |
2102 | (Brian Degenhardt) | |
a2794549 | 2103 | - Added the use of Automake to create the Makefile.in's in the squid |
2104 | source tree. This will allow libtool in the future, and immediately | |
2105 | allows better dependency tracking - with or without gcc - as well | |
2106 | as the dist-all and distcheck targets for developers which respectively | |
2107 | build a tar.gz and a tar.bz2 distribution, and check that what will be | |
2108 | distributed builds. | |
d6827718 | 2109 | - Added TOS and source address selection based on ACLs, |
2110 | written by Roger Venning. This allows administrators to set | |
2111 | the TOS precedence bits and/or the source IP from a set of | |
2112 | available IPs based upon some ACLs, generally to map different | |
2113 | users to different outgoing links and traffic profiles. | |
50821507 | 2114 | - Added 'max-conn' option to 'cache_peer' |
2115 | - Added SSL gatewaying support, allowing Squid to act as a SSL server | |
2116 | in accelerator setups. | |
4e2c57a0 | 2117 | - SASL authentication helper by Ian Castle |
6474667e | 2118 | - msntauth updated to v2.0.3 |
3e4057db | 2119 | - no_cache now applies to cache hits as well as cache misses |
810118ab | 2120 | - the Gopher client in Squid has been significantly improved |
05463204 | 2121 | - Squid now sanity checks FTP data connections to ensure the |
6474667e | 2122 | connection is from the requested server. Can be disabled if |
05463204 | 2123 | needed by turning off the ftp_sanitycheck option. |
98858605 | 2124 | - external acl support. A mechanism where flexible ACL checks |
2125 | can be driven by external helpers. See the external_acl_type | |
2126 | and acl external directives. | |
3e4057db | 2127 | - Countless other small things and fixes |
2d8d56b0 | 2128 | - HTML pages generated by Squid or CacheMgr as well as the |
2129 | ERR documents now contain a doctype declaration so that | |
22567bb5 | 2130 | browsers know which HTML specification the document uses. |
2d8d56b0 | 2131 | In addition to that they have a new look (background-color, font) |
2132 | and are valid according to the HTML standards at www.w3.org. | |
3ff01c3e | 2133 | (Clemens L ser) |
9bbd1655 | 2134 | - Login and password send to Basic auth helpers is now URL escaped |
2135 | to allow for spaces and other "odd" characters in logins and | |
2136 | passwords | |
c90fbf46 | 2137 | - Proxy Authentication is no longer blindly forwarded to peer |
2138 | caches if not used locally. If forwarding of proxy authentication | |
2139 | is desired then it must now be configured with the login=PASS | |
2140 | cache_peer option. | |
6474667e | 2141 | - Responses with Vary: in the header are now cached by squid. |
1239cfea | 2142 | (Henrik Nordstrom). |
3ff01c3e | 2143 | - Removed unused 'siteselect_timeout' directive. |
c5bc64d3 | 2144 | |
dde94193 | 2145 | Changes to Squid-2.4.STABLE7 (July 2, 2002): |
2146 | ||
2147 | - Squid now drops any requests using transfer-encoding. | |
2148 | Squid is a HTTP/1.0 proxy and as such do not support | |
2149 | the use of transfer-encoding. | |
2150 | - The MSNT auth helper has been updated to v2.0.3+fixes for | |
2151 | buffer overflow security issues found in this helper. | |
2152 | - A security issue in how Squid forwards proxy authentication | |
2153 | credentials has been fixed | |
2154 | - Minor changes to support Apple MAC OS X and some other platforms | |
2155 | more easily. | |
2156 | - The client -T option has been implemented | |
2157 | - HTCP related bugfixes in "squid -k reconfigure" | |
2158 | - Several bugfixes and cleanup of the Gopher client, both | |
2159 | to correct some security issues and to make Squid properly | |
2160 | render certain Gopher menus. | |
2161 | - FTP data channels are now sanity checked to match the address of | |
2162 | the requested FTP server. This to prevent theft or injection of | |
2163 | data. See the new ftp_sanitycheck directive if this is not desired. | |
2164 | - Security fixes in how Squid parses FTP directory listings into HTML | |
2165 | ||
c5bc64d3 | 2166 | Changes to Squid-2.4.STABLE6 (March 19, 2002): |
2167 | ||
722a4b40 | 2168 | - The patch for 2.4.STABLE5 was insufficiently tested and |
c5bc64d3 | 2169 | introduced a bug that causes frequent assertions when |
2170 | handling DNS PTR answers. | |
2171 | ||
2172 | Changes to Squid-2.4.STABLE5 (March 15, 2002): | |
2173 | ||
2174 | - Fixed an array bounds bug in lib/rfc1035.c. This bug | |
2175 | could allow a malicious DNS server to send bogus replies | |
2176 | and corrupt the heap memory. | |
2177 | ||
572b218d | 2178 | Changes to Squid-2.4.STABLE4 (Feb 19, 2002) |
08e8e4d0 | 2179 | |
722a4b40 | 2180 | - htcp_port 0 now properly disables htcp |
6474667e | 2181 | - Fixed problem with certain non-anonymous ftp:// style URL's |
08e8e4d0 | 2182 | - SNMP bugfixes including several memory leaks |
2183 | ||
2184 | Changes to Squid-2.4.STABLE3 (Nov 28, 2001): | |
2185 | ||
2186 | - Fixed bug #255: core dump on SSL/CONNECT if access denied by | |
2187 | miss_access | |
2188 | - Fixed bug #246: corrupt on-disk meta information preventing | |
2189 | rebuilds of lost swap.state files | |
2190 | - Fixed bug #243: squid_ldap_auth now supports spaces in passwords | |
2191 | - Fixed a coredump when creating FTP directories | |
2192 | - Fixed a compile time problem with statHistDump prototype mistmatch, | |
2193 | reported by some compilers | |
2194 | - Fixed a potential coredump situation on snmpwalk in certain | |
2195 | configurations | |
2196 | - Fixed bug #229: filedescriptor leakage in the "aufs" cache_dir | |
2197 | store implementation | |
2198 | - Serbian error message translations | |
2199 | ||
50821507 | 2200 | Changes to Squid-2.4.STABLE2 (Aug 24, 2001): |
2201 | ||
722a4b40 | 2202 | - Expanded configure's GCC optimization disabling check to |
50821507 | 2203 | include GCC 2.95.3 |
2204 | - avoid negative served_date in storeTimestampsSet(). | |
2205 | - Made 'diskd' pathnames more configurable | |
2206 | - Make sure squid parent dies if child is killed with | |
2207 | KILL signal | |
2208 | - Changed diskd offset args to off_t instead of int | |
2209 | - Fixed bugs #102, #101, #205: various problems with useragent | |
2210 | log files | |
2211 | - Fixed bug #116: Large Age: values still cause problems | |
2212 | - Fixed bug #119: Floating point exception in | |
2213 | storeDirUpdateSwapSize() | |
2214 | - Fixed bug #114: usernames not logged with | |
2215 | authenticate_ip_ttl_is_strict | |
722a4b40 | 2216 | - Fixed bug #115: squid eating up resources (eventAdd args) |
50821507 | 2217 | - Fixed bug #125: garbage HTCP requests cause assertion |
2218 | - Fixed bug #134: 'virtual port' support ignores | |
2219 | httpd_accel_port, causes a loop in httpd_accel mode | |
2220 | - Fixed bug #135: assertion failed: logfile.c:135: "lf->offset | |
2221 | <= lf->bufsz" | |
2222 | - Fixed bug #137: Ranges on misses are over-done | |
2223 | - Fixed bug #160: referer_log doesn't seem to work | |
2224 | - Fixed bug #162: some memory leaks (SNMP, delay_pools, | |
2225 | comm_dns_incoming histogram) | |
2226 | - Fixed bug #165: "Store Mem Buffer" leaks badly | |
2227 | - Fixed bug #172: Ident Based ACLs fail when applied to | |
2228 | cache_peer_access | |
2229 | - Fixed bug #177: LinuxPPC 2000 segfault bug due to varargs abuse | |
2230 | - Fixed bug #182: 'config' cachemgr option dumps core with | |
2231 | null storage | |
2232 | - Fixed bug #185: storeDiskdDirParseQ[12]() use wrong number | |
2233 | of args in debug/printf | |
2234 | - Fixed bug #187: bugs in lib/base64.c | |
2235 | - Fixed bug #184: storeDiskdShmGet() assertion; changed | |
2236 | diskd to use bitmap instead of linked list | |
2237 | - Fixed bug #194: Compilation fails on index() on some | |
722a4b40 | 2238 | non-BSD platforms |
50821507 | 2239 | - Fixed bug #197: refreshIsCachable() incorrectly checks |
2240 | entry->mem_obj->reply | |
2241 | - Fixed bug #215: NULL pointer access for proxy requests | |
2242 | in accel-only mode | |
2243 | ||
2244 | Changes to Squid-2.4.STABLE1 (Mar 20, 2001): | |
2245 | ||
2246 | - Fixed a bug in and cleaned up class 2/3 delay pools | |
2247 | incrementing. | |
2248 | - Fixed a coredump bug when using external dnsservers that | |
2249 | become overloaded. | |
2250 | - Fixed some NULL pointer bugs for NULL storage system | |
2251 | when reconfiguring. | |
2252 | - Fixed a bug with useragent logging that caused Squid to | |
2253 | think the logfile never got opened. | |
2254 | - Fixed a compiling bug with --disable-unlinkd. | |
2255 | - Changed src/squid.h to always use O_NONBLOCK on Solaris | |
2256 | if it is defined. | |
2257 | - Fixed a bug with signed/unsigned bitfield flag variables | |
2258 | that caused problems on Solaris. | |
2259 | - Fixed a bug in clientBuildReplyHeader() that could add | |
2260 | an Age: header with a negative value, causing an assertion | |
2261 | later. | |
2262 | - Fixed an SNMP reporting bug. cacheCurrentResFileDescrCnt | |
2263 | was returning the number of FDs in use, rather than | |
2264 | the number of reserved FDs. | |
2265 | - Added the 'pipeline_prefetch' configuration option. | |
2266 | - cache_dir syntax changed to use options instead of many | |
2267 | arguments. This means that the max_objsize argument now | |
2268 | is an optional option, and that the syntax for how to | |
722a4b40 | 2269 | specify the diskd magics is slightly different. |
50821507 | 2270 | - Various fixes for CYGWIN |
2271 | - Upgraded MSNT auth module to version 2.0. | |
2272 | - Fixed potential problems with HTML by making sure all | |
2273 | HTML output is properly encoded. | |
2274 | - Fixed a memory initialization problem with resource records in | |
2275 | lib/rfc1035.c. | |
2276 | - Rewrote date parsing in lib/rfc1123.c and made it a little | |
2277 | more lenient. | |
2278 | - Added Cache-control: max-stale support. | |
2279 | - Fixed 'range_offset_limit' again. The problem this time | |
2280 | is that client_side.c wouldn't set the we_dont_do_ranges | |
2281 | flag for normal cache misses. It was only being set for | |
2282 | requests that might have been hits, but we decided to | |
2283 | change to a miss. | |
2284 | - Added the Authenticate-Info and Proxy-Authenticate-Info | |
2285 | headers from RFC 2617. | |
2286 | - HTTP header lines longer than 64K could cause an assertion. | |
2287 | Now they get ignored. | |
2288 | - Fixed an IP address scanning bug that caused "123.foo.com" | |
2289 | to be interpreted as an IP address. | |
2290 | - Converted many structure allocations to use mem pools. | |
2291 | - Changed proxy authentication to strip leading whitespace | |
2292 | from usernames after decoding. | |
2293 | - Prevented NULL pointer access in aclMatchAcl(). Some | |
2294 | ACL types require checklist->request_t, but it won't be | |
2295 | available in some cases (like snmp_access). Warn the | |
2296 | admin that the ACL can't be checked and that we're denying | |
2297 | it. | |
2298 | - Allow zero-size disk caches. | |
2299 | - The actual filesystem blocksize is now used to account | |
2300 | for space overheads when calculating on-disk cache size. | |
2301 | - Made the maximum memory cache object size configurable. | |
2302 | - Added 'minimum_direct_rtt' configuration option. | |
2303 | - Added 'ie_refresh' configuration option, which is a hack | |
2304 | to turn IMS requests into no-cache requests. | |
58d1265f | 2305 | - Added support for netfilter in linux-2.4. This allows transparent |
2306 | proxy connections to function correctly in the absence of a Host: | |
2307 | header. This requires --enable-linux-netfilter to be passed through | |
2308 | to configure. (Evan Jones) | |
50821507 | 2309 | - Fixed a bug with clientAccessCheck() that allowed proxy |
2310 | requests in accel mode. | |
2311 | - Fixed a bug with 301/302 replies from redirectors. Now | |
2312 | we force them to be cache misses. | |
2313 | - Accommodated changes to the IP-Filter ioctl() interface | |
2314 | for intercepted connections. | |
2315 | - Fixed handling of client lifetime timeouts. | |
2316 | - Fixed a buffer overflow bug with internal DNS replies | |
2317 | by truncating received packets to 512 bytes, as per | |
2318 | RFC 1035. | |
2319 | - Added "forward.log" support, but its work in progress. | |
2320 | - Rewrote much of the IP and FQDN cache implementation. | |
2321 | This change gets rid of pending hits. | |
2322 | - Changed peerWouldBePinged() to return false if our | |
2323 | ICP/HTCP port is zero (i.e. disabled). | |
2324 | - Changed src/net_db.c to use src/logfile.c routines, | |
2325 | rather than stdio, because of solaris stdio filedescriptor | |
2326 | limits. | |
2327 | - Made netdbReloadState() more robust in case of corrupted | |
2328 | data. | |
2329 | - Rewrote some freshness/staleness functions in src/refresh.c, | |
2330 | partially inspired to support cache-control max-stale. | |
2331 | - Fixed status code logging for SSL/CONNECT requests. | |
2332 | - Added a hack to subtract cache digest network traffic | |
2333 | from statistics so that byte hit ratio stays positive | |
2334 | and more closely reflects what people expect it to be. | |
2335 | - Fixed a bug with storeCheckTooSmall() that caused | |
2336 | internal icons and cache digests to always be released. | |
2337 | - Added statfs(2) support for displaying actual filesystem | |
2338 | usage in the cache manager 'storedir' output. | |
2339 | - Changed status reporting for storage rebuilding. Now it | |
2340 | prints percentage complete instead of number of entries | |
2341 | parsed. | |
2342 | - Use mkstemp() rather than problem-prone tempnam(). | |
2343 | - Changed urlParse() to condense multiple dots in hostnames. | |
2344 | - Major rewrite of async-io (src/fs/aufs) to make it behave | |
2345 | a bit more sane with substantially less overhead. Some | |
2346 | tuning work still remains to make it perform optimal. | |
2347 | See the start of store_asyncufs.h for all the knobs. | |
2348 | - Fixed storage FS modules to use individual swap space | |
2349 | high/low values rather than the global ones. | |
2350 | - Fixed storage FS bugs with calling file_map_bit_reset() | |
2351 | before checking the bit value. Calling with an invalid | |
2352 | value caused memory corruption in random places. | |
2353 | - Prevent NULL pointer access in store_repl_lru.c for | |
2354 | entries that exist in the hash but not the LRU list. | |
2355 | ||
cab24814 | 2356 | Changes to Squid-2.4.DEVEL4 (): |
ad445e36 | 2357 | |
ddf1c0c4 | 2358 | - Added --enable-auth-modules=... configure option |
83b381d5 | 2359 | - Improved ICP dead peer detection to also work when the workload |
2360 | is low | |
a8c926ff | 2361 | - Improved TCP dead peer detection and recovery |
2362 | - Squid is now a bit more persistent in trying to find a alive | |
2363 | parent when never_direct is used. | |
2364 | - nonhierarchical_direct squid.conf directive to make non-ICP | |
2365 | peer selection behave a bit more like ICP selection with respect | |
2366 | to hierarchy. | |
2367 | - Bugfix where netdb selection could override never_direct | |
2368 | - ICP timeout selection now prefers to use parents only when | |
2369 | calculating the dynamic timeout to compensate for common RTT | |
2370 | differences between parents and siblings. | |
c1fc651e | 2371 | - No longer starts to swap out objects which are known to be above |
2372 | the maximum allowed size. | |
987de783 | 2373 | - allow-miss cache_peer option disabling the use of "only-if-cached". |
2374 | Meant to be used in conjunction with icp_hit_stale. | |
c8b40803 | 2375 | - Delay pools tuned to allow large initial pool values |
0343b99c | 2376 | - cachemgr filesystem space information changed to show useable space |
2377 | rather than raw space, and platform support somewhat extended. | |
890b0fa8 | 2378 | - Logs destination IP in the hierarchy log tag when going direct. |
2379 | (can be disabled by turning log_ip_on_direct off) | |
ff21eb3e | 2380 | - Async-IO on linux now makes proper use of mutexes. This fixes some |
2381 | odd pthread segfaults on SMP Linux machines, at a slight performance | |
2382 | penalty. | |
722a4b40 | 2383 | - %s can now be used in cache_swap_log and will be substituted with |
a80e50c7 | 2384 | the last path component of cache_dir. |
4d55827a | 2385 | - no_cache is now a full ACL check without, allowing most ACL types |
2386 | to be used. | |
f1003989 | 2387 | - The CONNECT method now obeys miss_access requirements |
145cf928 | 2388 | - proxy_auth_regex and ident_regex ACL types |
3cdb7cd0 | 2389 | - Fixed a StoreEntry memory leak during "dirty" rebuild |
2390 | - Helper processes no longer hold unrelated filedescriptors open | |
e40aa8da | 2391 | - Helpers are now restarted when the logs are rotated |
afc1e43f | 2392 | - Negatively cached DNS entries are now purged on "reload". |
2393 | - PURGE now also purges the DNS cache | |
722a4b40 | 2394 | - HEAD on FTP objects no longer retrieves the whole object |
aca95add | 2395 | - More cleanups of the dstdomain ACL type |
288c06ce | 2396 | - Squid no longer tries to do Range internally if it is not supported |
2397 | by the origin server. Doing so could cause bandwidth spikes and/or | |
2398 | negative hit ratio. | |
13c7936a | 2399 | - httpd_accel_single_host squid.conf directive |
82056f1e | 2400 | - "round-robin" cache_peer counters are reset every 5 minutes to |
2401 | compensate previously dead peers | |
4fe0e1d0 | 2402 | - DNS retransmit parameters |
858783c9 | 2403 | - Show all FTP server messages |
6b53c392 | 2404 | - squid.conf.default now indicates if a directive isn't enabled in |
2405 | the installed binary, and what configure option to use for enabling it | |
418cbe9f | 2406 | - Fixed a temporary memory leak on persistent POSTs |
304d289e | 2407 | - Fixed a temporary memory leak when the server response headers |
2408 | includes NULL characters | |
ba2b31a8 | 2409 | - authenticate_ip_ttl_is_strict squid.conf option |
2410 | - req_mime_type ACL type | |
afb87666 | 2411 | - A reworked storage system that supports storage directories in |
2412 | a more modular fashion. The object replacement and IO is now | |
2413 | responsibility of the storage directory, and not of the storage | |
2414 | manager. | |
722a4b40 | 2415 | - Fixed a bogus MD5 mismatch warning sometimes seen when using |
e7407eb8 | 2416 | aufs or diskd stores |
ce3d30fb | 2417 | - Added --enable-stacktraces configure option to set PRINT_STACK_TRACE, |
2418 | and extended support for this to Linux/GNU libc. | |
af57a2e3 | 2419 | - Disabled the "request timeout" error message sent if the user agent |
2420 | did not provide a request in a timely manner after opening the | |
2421 | connection. Now the connection is silently closed. The error message | |
2422 | was confusing user agents utilizing persistent connections. | |
cab24814 | 2423 | - Fixed configure --enable descriptions to match the arg names. |
2424 | - Eliminated compile warnings from auth_modules/MSNT code. | |
2425 | - Require first character of hostnames to be alphanumeric. | |
2426 | - Made ARP ACL work for Solaris. | |
2427 | - Removed storeClientListSearch(). | |
2428 | - Added counters to track diskd operation success and | |
2429 | failures. | |
2430 | - Fixed range_offset_limit. | |
2431 | - Added code to retry ServFail replies for internal DNS | |
2432 | lookups. | |
2433 | - Added referer header logging (Jens-S. Voeckler). | |
2434 | - Added "multi-domain-NTLM" authentication module, a Perl | |
2435 | script from Thomas Jarosch. | |
2436 | - Added configurable warning messages for high memory usage, | |
2437 | high response time, and high page faults. | |
2438 | - Made store dir selection algorithm configurable. | |
2439 | - Added support for admin-definable extension methods, | |
2440 | up to 20. | |
16689110 | 2441 | - Added 'maximum_object_size_in_memory' as a configuration option - |
2442 | this defines the watermark where objects transit from being true | |
2443 | hot objects to being in-transit objects in memory. It currently | |
2444 | defaults to 8 KB. | |
5cd41d0d | 2445 | - Change to the fqdn code which changes how pending DNS requests |
2446 | are treated as private and only become public once they are | |
2447 | completed. This can add extra load on DNS servers but prevents | |
2448 | all the pending clients blocking if one of the queries got | |
2449 | stuck. (Duane Wessels) | |
7e543177 | 2450 | - Converted more code to use MemPools, from Andres Kroonmaa. |
2451 | - Added more CYGWIN patches from Robert Collins. | |
e7407eb8 | 2452 | |
2453 | Changes to Squid-2.4.DEVEL3 (): | |
2454 | ||
2455 | - Added Logfile module. | |
2456 | - Added DISKD stats via cachemgr. | |
2457 | - Added squid.conf options for DISKD magic constants. | |
ad445e36 | 2458 | |
e7407eb8 | 2459 | Changes to Squid-2.4.DEVEL2 (Feb 29, 2000): |
ad445e36 | 2460 | |
2461 | Changes to Squid-2.4.DEVEL1 (): | |
2462 | ||
42b51993 | 2463 | Changes to Squid-2.3.STABLE4 (July 18, 2000): |
2464 | ||
2465 | - Fixed --localstatedir configure option (IKEDA Shigeru). | |
2466 | - Fixed IPFilter headers on OpenBSD (Nic Bellamy, Brad | |
2467 | Smith). | |
2468 | - Added pthread_sigmask() check to configure (Daniel | |
2469 | Ehrlich). | |
2470 | - Added CYGWIN patches from Robert Collins. | |
2471 | - Changed internal DNS lookups to retry queries that are | |
2472 | returned with RCODE 2 (ServFail). | |
2473 | - Added 'virtual port' support (Gregg Kellogg). If | |
2474 | 'httpd_accel_uses_host_header' is enabled, then we use | |
2475 | the port number from the Host header. Otherwise, when | |
2476 | 'httpd_accel_port' is set to "0" we use the port number | |
2477 | of the local end of the client socket. | |
2478 | - Fixed a typo in carp.c (Nikolaj Yourgandjiev). | |
2479 | - Made Squid accept GET requests that have a "content-length: | |
2480 | 0" header. | |
2481 | - Added a sanity check on the NHttpSockets[] array index | |
2482 | (Gregg Kellogg). | |
2483 | - Added a friendlier message when Squid can't find any DNS | |
2484 | nameserver addresses to use (Daniel Kiracofe). | |
2485 | - Added nonstandard WEBDAV methods: BMOVE, BDELETE, BPROPFIND | |
2486 | (Craig Whitmore). | |
2487 | - Added missing '%c' token replacement in error page | |
2488 | generation. | |
2489 | - Fixed a bug with 'minimum_object_size' that prevented | |
2490 | internal icons from being loaded. | |
2491 | - Fixed "extra semicolon" bug in storeExpiredReferenceAge() | |
2492 | that could prevent any objects from being replaced. | |
2493 | - Make sure that storeDirDiskFull() doesn't actually | |
2494 | *increase* the cache size. | |
2495 | - Changed a storeSwapMetaUnpack() assertion to a recoverable | |
2496 | error condition. | |
2497 | - Removed "wccpHereIam" event check that could cause Squid | |
2498 | to stop sending HERE_I_AM messages. | |
2499 | ||
d20b1cd0 | 2500 | Changes to Squid-2.3.STABLE3 (May 15, 2000): |
2501 | ||
2502 | - Fixed malloc linking problems on Solaris. The configure | |
2503 | script incorrectly set options for dlmalloc. | |
2504 | - Added a configure check to remove compiler optimization | |
2505 | for GCC 2.95.x. | |
2506 | - Updated MSNT authenticator module. | |
2507 | - Updated Estonian error pages. | |
2508 | - Updated Japanese error pages. | |
2509 | - Fixed expires bug in httpReplyHdrCacheInit. It was | |
2510 | incorrectly setting expires based on max-age. It was using | |
2511 | the current time as a basis, instead of the response date. | |
2512 | - Fixed "USE_DNSSERVER" typos. | |
2513 | - Added a workaround for getpwnam() problems on Solaris. | |
2514 | getpwnam() could fail if there are fewer than 256 FDs | |
2515 | available. This causes root to own some disk files. | |
2516 | - Added an 'offline_toggle' option via the cache manager. | |
2517 | - Added a 'minimum_object_size' option. Files smaller than | |
2518 | this size are not stored. | |
2519 | - Added 'passive_ftp' option to disable passive FTP transfers. | |
2520 | - Added 'wccp_version' option because some Cisco IOS versions | |
2521 | require WCCP version 3. | |
2522 | - The 'client' program in ping mode (-g) now prints transfer | |
2523 | throughput. | |
2524 | - Fixed logging of proxy auth username for redirected | |
2525 | requests. | |
2526 | - Fixed bogus Age values for IMS requests. | |
2527 | - Fixed persistent connection timeout for client-side | |
2528 | connections. It was hard-coded to 15 seconds, now uses | |
2529 | the 'pconn_timeout' value. | |
2530 | - Fixed up httpAcceptDefer. It wasn't being used properly | |
2531 | and caused high CPU usage when Squid gets close to the FD | |
2532 | limit. | |
2533 | - Numerous delay_pools fixes and checks. | |
2534 | - Fixed SNMP coredumps from running snmpwalk. | |
2535 | - Added a check for errno == EPIPE in icmp.c when pinger uses | |
2536 | a Unix socket instead of a UDP socket. | |
2537 | - Fixed ACL checklist memory initialization bugs. | |
2538 | - Cleaned up the MIB file. Replaced contact information and | |
2539 | checked description fields. | |
2540 | - Removed LRU reference_age hard-coded upper limit. | |
2541 | - Fixed async I/O FD leak. | |
2542 | - Made getMyHostname() more robust. | |
2543 | - Fixed domain list matching bug. "x-foo.com" wasn't properly | |
2544 | compared to ".foo.com" and confused splay tree ordering. | |
2545 | - Added a check for whitespace in hostnames and optionally | |
2546 | strip whitespace if 'uri_whitespace' setting allows. | |
2547 | - Added status code and checking to ASN/whois queries. | |
2548 | ||
2549 | Changes to Squid-2.3.STABLE2 (Mar 2, 2000): | |
2550 | ||
2551 | - Changed Copyright text. | |
2552 | - Changed configure so that some IRIX-6.4 hacks apply to | |
2553 | all IRIX-6.* versions. | |
2554 | - Cleaned up HTML bugs in error pages. | |
2555 | - Told configure to check for netinet/if_ether.h, which | |
2556 | is used in ARP ACL code, but might not be required. | |
2557 | - Added "Cookie" to known HTTP headers so it can be | |
2558 | used in anonymizer configuration. | |
2559 | - Added optional TCP_REDIRECT log code for logging | |
2560 | of 301/302 responses returned by Squid. | |
2561 | - Added a check for a currently running Squid process. | |
2562 | If the pid file exists, and the pid is running, | |
2563 | Squid complains and refuses to start another instance. | |
2564 | - Changed async I/O scope to PTHREAD_SCOPE_PROCESS for | |
2565 | IRIX. | |
2566 | - Fixed a bug with the PURGE method. The purge enable | |
2567 | flag was not getting cleared during reconfigure. | |
2568 | Also required PURGE method to be used in http_access | |
2569 | list before enabling. | |
2570 | - Fixed async I/O assertions for file open errors. | |
2571 | - Fixed internal DNS assertion when unpacking truncated | |
2572 | messages. | |
2573 | - Fixed anonymize_headers bug that caused all headers | |
2574 | to be allowed after a reconfigure. | |
2575 | - Fixed an access denied bug for accelerator-only installations. | |
2576 | - Fixed internal DNS initialization so that it uses | |
2577 | 'dns_nameservers' settings in squid.conf if set. | |
2578 | - Fixed 'maxconn' ACL bug that caused it to work backwards | |
2579 | (Pedro Ribeiro). | |
2580 | - Fixed syslog bug for daemon mode on Linux. | |
2581 | - Fixed 'http_port' parsing bugs. | |
2582 | - Fixed internal DNS byte ordering bugs for PTR queries. | |
2583 | - Fixed internal DNS queue getting stuck during periods | |
2584 | of low activity (Henrik). | |
2585 | - Fixed byte ordering bugs for parsing EPLF FTP listings | |
2586 | on 64-bit systems. | |
2587 | - Fixed 'request_body_max_size' bug that caused all | |
2588 | POST, PUT requests to be denied if max size is set | |
2589 | to zero. | |
2590 | - Fixed 'redirector_access' bug when using 'myport' ACLs. | |
2591 | - Fixed CARP neighbor selection bugs for down peers. | |
2592 | - Added 'client_persistent_connections' and | |
2593 | 'server_persistent_connections' flags to disable persistent | |
2594 | connections for clients and servers. | |
2595 | - Fixed access logging bug that caused many requests to be | |
2596 | logged as TCP_MISS. | |
2597 | - Added some bounds checking to delay pools code. | |
2598 | ||
ad445e36 | 2599 | Changes to Squid-2.3.STABLE1 (Jan 9, 2000): |
2600 | ||
2601 | - Updated PAM authentication module from Henrik Nordstrom. | |
2602 | - Updated Bulgarian error messages from Svetlin Simeonov. | |
2603 | - Changed ACL routines so that User-Agent (browser) string | |
2604 | is always taken from compiled HTTP request headers | |
2605 | instead of passed as an argument to aclCreateChecklist. | |
2606 | - Added a 'strip' option to the 'uri_whitesace' configuration | |
2607 | directive and made it the default behavior. Whitespace | |
2608 | found in URI's is now stripped out by default. | |
2609 | - Added chroot feature. The 'chroot_dir' config option enables | |
2610 | it and specifies the directory. | |
2611 | - Changed clientBuildReplyHeader so that the Age header is | |
2612 | added only for cache hits, and only when we can calculate | |
2613 | a valid, positive age value. | |
2614 | - Changed clientWriteComplete and clientGotNotEnough so | |
2615 | that they keep persistent connections open for more types | |
2616 | of replies that don't have bodies. | |
2617 | - Changed filemap.c routines to dynamically grow filemap | |
2618 | space as needed. | |
2619 | - Added a hack to ftp.c to deal with ftp.netscape.com, which | |
2620 | sometimes doesn't acknowledge PASV commands. | |
2621 | - Fixed FTP bug with ftpScheduleReadControlReply; there | |
2622 | was not always a timeout handler on the control socket | |
2623 | after the transfer completed. | |
2624 | - Fixed FTP filedescriptor leak from invalid PASV replies. | |
2625 | - Changed httpBuildRequestHeader so that it doesn't | |
2626 | copy the Host header from the client request. Instead | |
2627 | we should generate our own Host header which is known | |
2628 | to be correct. | |
2629 | - Changed storeTimestampsSet to adjust entry->timestamp | |
2630 | if the response includes an Age header. | |
2631 | - Removed size limit from storeKeyHashBuckets. | |
2632 | - Changed fwdConnectStart from a "heavy" to a "light" event. | |
2633 | - Fixed an 'anonymize_headers' bug that affects unknown | |
2634 | HTTP headers. With the bug, if you list a header that | |
2635 | Squid doesn't know about (such as "Charset"), it would | |
2636 | add HDR_OTHER to the allow/deny mask. This caused all | |
2637 | unknown headers to be allowed or denied (depending on | |
2638 | the scheme you use). Now, with the bug fixed, an unknown | |
2639 | header in the 'anonymize_headers' list is simply ignored. | |
2640 | ||
7e3ce7b9 | 2641 | Changes to Squid-2.3.DEVEL3 (): |
2642 | ||
ad445e36 | 2643 | - Added MSNT auth module from Antonino Iannella. |
7e3ce7b9 | 2644 | - Added --enable-underscores configure option. This allows |
2645 | Squid to accept hostnames with underscores in them. Your | |
2646 | DNS resolver may still complain about them, however. | |
2647 | - Added --heap-replacement configure option. This enables | |
2648 | the alternative cache replacement policies, such as | |
2649 | GDSF, and LFUDA. | |
3ff01c3e | 2650 | - WCCP establishes and registers with the router faster. |
7e3ce7b9 | 2651 | - Added 'maxconn' acl type to limit the number of established |
2652 | connections from a single client IP address. Submitted | |
2653 | by Vadim Kolontsov. | |
2654 | - Close FTP data socket as soon as transfer completes | |
2655 | (Alexander V. Lukyanov). | |
2656 | - Fixed ftpReadPass() to not clobber ctrl.message when | |
2657 | the PASS command fails. | |
2658 | - Added a redirect.c patch so squidGuard is able to do | |
2659 | per-user access control (Antony T Curtis). | |
2660 | - discard the pumpMethod() function, and instead use the | |
2661 | fact that the request has a request entity (content-length | |
2662 | present) (Henrik). | |
2663 | - Reload the MIME icons at reconfigure time (Radu Greab). | |
2664 | - Updated Richard Huveneers' SMB authentication module to | |
2665 | his version 0.05 package. | |
2666 | - Fixed lib/heap.c::heap_delete() bug when deleting the | |
2667 | last node. | |
2668 | - Fixed an integer conversion bug in | |
2669 | lib/rfc1035.c::rfc1035AnswersUnpack(). | |
2670 | - Fixed lib/rfc1738 routines to encode reserved characters, | |
2671 | in addition to encoding the unsafe characters (Henrik). | |
2672 | - Changed the interface for splay compare and "walk" | |
2673 | functions to take a void pointer, instead of a splayNode | |
2674 | pointer (Henrik). | |
2675 | - Changed numerous HTTP parsing routines to use ssize_t | |
2676 | instead of size_t. This was done because size_t may be | |
2677 | signed or unsigned. When it is unsigned, gcc emits | |
2678 | numerous "comparison is always true" warnings. At least | |
2679 | we know ssize_t is always signed. | |
2680 | - Fixed src/HttpHeaderTools::httpHeaderHasConnDir() and | |
2681 | friends so that it properly handles multi-value lists. | |
2682 | - Added an "end" (ssize_t) parameter to | |
2683 | src/HttpReply::httpReplyParse() so that we know exactly | |
2684 | where to terminate the header buffer. | |
2685 | - Changed src/access_log.c::log_quote() so that it only | |
2686 | encodes whitespace characters, and not all URL-special | |
2687 | characters (Henrik). | |
2688 | - Added local port ACL type ("myport") (Henrik). | |
2689 | - Added maximum number of connections per client ("maxconn") | |
2690 | as an ACL type. | |
2691 | - Fixed proxy authentication username/password parsing to | |
2692 | be more robust (Henrik). | |
2693 | - Fixed ACL domain/host and domain/domain comparison | |
2694 | functions yet again. Eliminated duplicate code so that | |
2695 | only src/url.c::matchDomainName() contains this mysterious | |
2696 | code. | |
2697 | - Changed the 'http_port' option to accept an IP address | |
2698 | or hostname as well (Henrik). | |
2699 | - Removed 'tcp_incoming_addr' option. | |
2700 | - Added an access control list for the redirector | |
2701 | ('redirector_access'). Requests which match are sent to | |
2702 | the redirector. All requests. are redirected by default. | |
2703 | - Added the 'authenticate_ip_ttl' option. It specifies | |
2704 | how long a valid proxy authentication credential is | |
2705 | bound to a specific address. | |
2706 | - Added 280, 488, 591, and 777 to "Safe_ports" ACL. | |
2707 | - Removed the unused and highly questionable 'forward_snmpd_port' | |
2708 | option. | |
2709 | - Added an option to accept DNS messages from unknown nameservers. | |
2710 | This may be necessary if replies come from a different address | |
2711 | than queries are sent to. | |
2712 | - Added #includes for IP Filter files in netinet directory. | |
2713 | - Fixed a bug with retrying forwarded IMS requests (Henrik). | |
2714 | - Fixed a bug in src/client_side.c::clientInterpretRequestHeaders() | |
2715 | where we were checking a cache-control bit before getting the | |
2716 | mask from the HTTP headers (pallo@initio.no). | |
2717 | - Fixed a bug with "no_cache" access list. If not defined, | |
2718 | everything was uncachable by default. | |
2719 | - Fixed a bug with timed-out client-side HTTP connections. | |
2720 | We didn't cancel the read handler, which could lead to | |
2721 | "rwstate != NULL" warnings. | |
2722 | - Changed comm_open() to only call fdAdjustReserved() for | |
2723 | specific errors (ENFILE, EMFILE); | |
2724 | - Fixed NULL pointer bug in idnsParseResolvConf(). | |
2725 | - Split CACHE_DIGEST_HIT into CD_PARENT_HIT and CD_SIBLING_HIT. | |
2726 | - Added DELETE request method. | |
2727 | - Added RFC 2518 HTTP status codes. | |
2728 | - Fixed handling of URL passwords when we need to rewrite a | |
2729 | BASE HREF URL (Henrik). | |
2730 | - Fixed a bug with FTP requests where a request gets aborted, | |
2731 | but we try to complete it anyway. It would result in a | |
2732 | "store_status != STORE_PENDING" assertion. The solution | |
2733 | is to check for ENTRY_ABORTED before reading from | |
2734 | the control channel too. | |
2735 | - Changed FTP to retry a request if Squid fails to establish | |
2736 | a PASV data connection (Henrik). | |
2737 | - Fixed numerous HTCP memory leaks and an uninitialized memory | |
2738 | bug. | |
2739 | - Changed httpMaybeRemovePublic() with RFC 2518 and 2616 in | |
2740 | mind (Henrik). | |
2741 | - Minor fixes for Rhapsody systems. | |
2742 | - Define _XOPEN_SOURCE_EXTENDED in squid.h so that AIX systems | |
2743 | don't include varargs.h. | |
2744 | - Changed src/store_client.c::storeClientType() so that | |
2745 | an entry can have more than one STORE_MEM_CLIENT. | |
2746 | - Changed src/store_client.c::storeClientReadHeader() | |
2747 | to check swapfile metadata (Henrik). | |
2748 | - Changed src/url.c::urlCheckRequest() to return FALSE for | |
2749 | any "https://" URL. These should always be CONNECT | |
2750 | instead. If Squid gets an "https://" URL, it is a browser | |
2751 | bug. | |
2752 | - Added numerous squid.conf options for controlling cache | |
2753 | digests. Previously these were hard-coded in | |
2754 | src/store_digest.c. (Martin Hamilton) | |
2755 | - Added 'cache_peer' option called 'digest-url' that | |
2756 | lets you specify the URL for a peer's digest. | |
2757 | (Martin Hamilton) | |
2758 | - Added DELAY_POOLS hacks to scan "slow" connections in | |
2759 | a random order (David Luyer). | |
2760 | - ARP_ACL fixes from Damien Miller. Linux 2.2.x uses a | |
2761 | per-interface arp/neighbour cache, whereas 2.0.x uses a | |
2762 | unified cache. Under 2.2.x you are required to specify | |
2763 | a interface name when looking up ARP table entries with | |
2764 | SIOCGARP. | |
2765 | - If the process umask is not set (i.e. 0), then Squid | |
2766 | changes it to 007. | |
2767 | ||
9bc73deb | 2768 | Changes to Squid-2.3.DEVEL2 (): |
2769 | ||
2770 | - Added --enable-truncate configure option. | |
2771 | - Updated Czech error messages () | |
2772 | - Updated French error messages () | |
2773 | - Updated Spanish error messages () | |
2774 | - Added xrename() function for better debugging. | |
2775 | - Disallow empty ("") password in aclDecodeProxyAuth() | |
2776 | (BoB Miorelli). | |
2777 | - Fixed ACL SPLAY subdomain detection (again). | |
2778 | - Increased default 'request_body_max_size' from 100KB | |
2779 | to 1MB in cf.data.pre. | |
2780 | - Added 'content_length' member to request_t structure | |
2781 | so we don't have to use httpHdrGetInt() so often. | |
2782 | - Fixed repeatedly calling memDataInit() for every reconfigure. | |
2783 | - Cleaned up the case when fwdDispatch() cannot forward a | |
2784 | request. Error messages used to report "[no URL]". | |
2785 | - Added a check to return specific error messages for a | |
2786 | "store_digest" request when the digest entry doesn't exist | |
2787 | and we reach internalStart(). | |
2788 | - Changed the interface of storeSwapInStart() to avoid a bug | |
2789 | where we closed "sc->swapin_sio" but couldn't set the | |
2790 | pointer to NULL. | |
2791 | - Changed storeDirClean() so that the rate it gets called | |
2792 | depends on the number of objects deleted. | |
2793 | - Some WCCP fixes. | |
2794 | - Added 'hostname_aliases' option to detect internal requests | |
2795 | (cache digests) when a cache has more than one hostname | |
2796 | in use. | |
2797 | - Async I/O NUMTHREADS now configurable with --enable-async-io=N | |
2798 | (Henrik Nordstrom). | |
2799 | - Added queue length to async I/O cachemgr stats (Henrik Nordstrom). | |
2800 | - Added OPTIONS request method. | |
9bc73deb | 2801 | |
eb824054 | 2802 | Changes to Squid-2.3.DEVEL1 (): |
2803 | ||
2804 | - Added WCCP support. This adds the 'wccp_router' squid.conf | |
2805 | option. | |
2806 | - Added internal DNS queries; Most installations can run | |
2807 | without the external dnsserver processes. | |
2808 | - Rewrote much of the code that stores cache objects on | |
2809 | disk. Developed a programming interface that should | |
2810 | allow new storage systems to be added easily. This still | |
2811 | is pretty ugly and needs a lot of work, however. | |
2812 | - Replaced async_io.c "tags" with callback data locks. | |
2813 | This probably breaks async IO in a bad way. | |
2814 | - Tried to write an Async IO disk storage module. | |
2815 | - Added code to replace the StoreEntry linked list with a | |
2816 | heap structure. This allows for different replacement | |
2817 | algorithms, instead of being stuck with LRU. This adds | |
2818 | the 'replacement_policy' squid.conf option. (John Dilley | |
2819 | et al). | |
2820 | - Fixed HTCP queries by actually checking for freshness | |
2821 | based on the HTCP header fields. | |
2822 | - Fixed passing of redirector command line arguments. | |
2823 | - Added 'request_header_max_size' squid.conf option. | |
2824 | - Added 'request_body_max_size' squid.conf option. | |
2825 | - Added 'reply_body_max_size' squid.conf option. | |
2826 | - Added 'peer_connect_timeout' squid.conf option. | |
2827 | - Added 'redirector_bypass' squid.conf option. | |
2828 | - Added RFC 2518 (WEBDAV) request methods. | |
d20b1cd0 | 2829 | |
6b8e7481 | 2830 | Changes to Squid-2.2 (April 19, 1999): |
b93549f6 | 2831 | |
98b093e7 | 2832 | - Removed all SNMP specific ACL code |
2833 | SNMP now uses generic squid ACL's | |
2834 | - Removed view-based access crontrol | |
00b7a8b6 | 2835 | - Cleaned up and simplified SNMP section of squid.conf |
98b093e7 | 2836 | - Changed the SNMP code to use a tree stucture. |
3ff01c3e | 2837 | - Added objects to MIB: |
00b7a8b6 | 2838 | Request Hit Ratio's |
2839 | Byte Hit Ratio's | |
2840 | Number of Clients | |
61d53e64 | 2841 | - Changed SNMP Agent to return object instances correctly. |
b93549f6 | 2842 | - Added our own assert() macro so we can use debug() instead of |
2843 | printing to stderr. | |
2844 | - Added eventFreeMemory(). | |
2845 | - Fixed ipcCreate() bug when debug_log has FD <= 2. | |
2846 | - Changed watchChild() and related code in main.c so that | |
2847 | Squid can behave more like a proper daemon process. | |
2848 | - Added 'prefer_direct' option (enabled by default) so that | |
2849 | people can give parents higher preference than direct. | |
6703526b | 2850 | - Fixed ipc.c close() bug for async IO. On FreeBSD, |
2851 | comm_close() doesn't work for child processes when async IO is | |
2852 | used. | |
2853 | - Fixed setting the public key for large ``icons'' (Henrik | |
2854 | Nordstrom). | |
68f87dc5 | 2855 | - Rewrote peer digest module to fix memory leaks on reconfigure |
2856 | and clean the code. Increased "current" digest version to 5 | |
6474667e | 2857 | ("required" version is still 3). Revised "Peer Select" cache |
2858 | manager stats. | |
68f87dc5 | 2859 | - Added "-k parse" command line option: parses the config file |
2860 | but does not send a signal unlike other -k options. | |
1743c283 | 2861 | - Revamped storeAbort() calling. Only store_client.c has all |
2862 | the right information to determine if the request should | |
2863 | be aborted. Now client and server modules just storeUnregister | |
d81e3f33 | 2864 | without ever needing to call storeAbort. |
96aeb95d | 2865 | - Small change of Squid output for FTP (Andrew Filonov, |
2866 | Henrik Nordstrom). | |
2867 | - clientGetsOldEntry() sends old entry if new request status | |
2868 | is in the 500-range (Henrik Nordstrom). | |
2869 | - Changed configure so it works with IRIX6.4 C compiler (broken?) | |
2870 | option -OPT:fast_io=ON. | |
2871 | - Fixed comm_connect_addr() non-blocking connections for | |
2872 | SONY NEWSOS (Makoto MATSUSHITA). | |
2873 | - Changed "#ifdef __STDC__" to "#if STDC_HEADERS" as recommended | |
2874 | by autoconf documentation. | |
2875 | - Fixed client-side cache-control max-age (Henrik Nordstrom). | |
2876 | - Added a new error page: ERR_SHUTTING_DOWN. fwdStart() returns | |
2877 | this error if it is called while squid is in the process of | |
2878 | shutting down. | |
2879 | - Added support for linuxthreads package under FreeBSD (Tony Finch). | |
2880 | - Fixed HP-UX StatHist.c assertions by making the "hbase_f" | |
2881 | functions non-static (Michael Pelletier). | |
2882 | - Fixed logging of authenticated usernames even if the | |
2883 | authorization is not cached (Dancer). | |
2884 | - Fixed pconnPush() bug that prevented holding on to | |
2885 | persistent connections (Manfred Bathelt). | |
2328711e | 2886 | - Pid file now rewritten on SIGHUP. |
b4019ff7 | 2887 | - Numerous Ident changes: |
2888 | - Ident lookups will now be done on demand if you use the | |
2889 | 'ident' ACL type. | |
2890 | - The 'ident_lookup on|off' option has been replaced with | |
2891 | an access list, so you can do lookups only for some | |
2892 | client addresses. | |
2893 | - Added an 'ident_timeout' option to specifiy the amount | |
2894 | of time to wait for an ident lookup. | |
2895 | - Added a (local) hit rate to mempool metering. | |
2896 | - FTP Restarts (REST command) is now supported. | |
2897 | - Check for libintl.a on SCO3.2. | |
2898 | - Disable poll() on SCO3.2. | |
2899 | - Numerous Async IO enhancements from Henrik. | |
2900 | - Removed cache_mem_low and cache_mem_high options (Henrik | |
2901 | Nordstrom). | |
2902 | - Replaced 'persistent_client_posts' with 'broken_posts' access | |
2903 | list. | |
97474590 | 2904 | - Rewrote the anonymizer. |
2905 | - Removed the http_anonymizer option. | |
548b801c | 2906 | - Added the anonymize_headers option to allow individual |
2907 | referencing of headers for addition or removal. See | |
2908 | 'anonymize_headers' in squid.conf for additional | |
2909 | configuration. | |
b3abf16c | 2910 | - Fixed config file parser's handing of optional directives. |
2911 | Some people might get new warnings about unknown config | |
2912 | directives. | |
548b801c | 2913 | - Added 'myip' ACL type. This is the local IP address for |
2914 | connected sockets (Luyer). | |
2915 | - Fixed parsing of FTP DOS directory listings with spaces | |
2916 | (Nordstrom). | |
dd0b0295 | 2917 | - Numerous DELAY_POOL changes/fixes from David Luyer: |
2918 | - Makes no-delay neighbors for DELAY_POOLS work by | |
2919 | using a fd_set with the connections to no-delay | |
2920 | peers marked in it. | |
2921 | - Makes IP addresses ending in 0 and 255, and | |
2922 | network number 255, work with individual and | |
2923 | network delay pools (they were previously not | |
2924 | permitted, and documented as such). | |
2925 | - Massive overhaul of delay pools code - dynamically | |
2926 | allocated delay pools, as many as required. | |
2927 | - delayPoolsUpdate stops running if DELAY_POOLS is | |
2928 | configured but no delay pools are configured. | |
2929 | - Initial delay pool levels are now configurable | |
2930 | as a percentage of the maximum for the pool in | |
2931 | question (used to be all set to 1 second worth | |
2932 | of traffic). Pools are restored to this level | |
2933 | on reconfiguratoin. | |
242188c9 | 2934 | - Changed storeClientCopy to give a swap-in failure if |
2935 | the number of open disk FD's is above the 'max_open_disk_fds' | |
2936 | limit. Otherwise, a very loaded cache will end up with | |
2937 | all disk files open for reading, and none for writing. | |
b6a2f15e | 2938 | - Added lib/inet_ntoa.c from BSD Unix for systems that have |
2939 | broken inet_ntoa(). (Erik Hofman). | |
2940 | - Added more specific FTP error messages for "permission | |
2941 | denied, "file not found," and "service unavailable." | |
2942 | (Tony Finch) | |
2943 | - Added xisspace(), xisdigit(), etc, macros to cast function | |
2944 | args and eliminate compiler warnings. | |
2945 | - Fixed case-sensitive comparisons of domain names (Henrik | |
2946 | Nordstrom). | |
2947 | - Added proxy-authentication to cachemgr.cgi's requests | |
2948 | (Henrik Nordstrom). | |
2949 | - Changed Squid to *truncate* rather than *unlink* purged | |
2950 | swap files. Can be reversed by undefining | |
2951 | USE_TRUNCATE_NOT_UNLINK in src/defines.h. | |
2952 | - Changed internal icon headers to use Cache-control | |
2953 | Max-age instead of Expires. | |
2954 | - Changed storeMaintainSwapSpace behavior to be adjusted | |
2955 | smoothly, instead of discretely, between store_swap_low | |
2956 | and store_swap_high. This includes the number of | |
2957 | objects to scan, number to remove, and time until the | |
2958 | next storeMaintainSwapSpace event. | |
2959 | - Fixed a quick_abort bug that incorrectly calculated | |
2960 | content lengths. | |
2961 | - Added getpwnam() auth module from Erik Hofman. | |
2962 | - Added 'coredump_dir' option. | |
2963 | - Fixed a peerDestroy() assertion that required peer->digest | |
2964 | to be NULL at the end of peerDestroy(). | |
2965 | - configure script now automatically enables dlmalloc for | |
2966 | Solaris/x86. | |
2967 | - configure enables poll() on linux 2.2 and later (Henrik). | |
2968 | - Icon files are now distributed in binary format, install | |
2969 | will not need to run 'sh' and 'uudecode'. | |
2970 | - Fixed some bugs with large responses (>READ_AHEAD_GAP) and | |
2971 | re-forwarding requests and ENTRY_FWD_HDR_WAIT. | |
2972 | fwdCheckDeferRead() will NOT defer reading if the | |
2973 | ENTRY_FWD_HDR_WAIT bit is set. | |
2974 | - Fixed a "F->flags.open" assertion for aborted FTP PUT's. | |
2975 | - Fixed a (double) cast problem that caused statAvgTick() | |
2976 | events to be added as fast as possible. | |
6b8e7481 | 2977 | - Changed httpPacked304Reply() to not include the Content-Length |
2978 | header for 304 replies that Squid generates. We used to | |
2979 | include the length of the cached object, and this broke | |
2980 | persistent connections. | |
2981 | ||
2982 | 2.2.STABLE2: | |
2983 | ||
2984 | - Fixed configure bug for statvfs() checks. Configure reports | |
2985 | "test: =: unary operator expected" or similar because an | |
2986 | unquoted variable is not defined. | |
2987 | - Fixed aclDestroyAcls() assertion because some ACL types | |
2988 | are not listed in the switch statement. Occurs for | |
2989 | srcdom_regex and dstdom_regex ACL types during reconfigure. | |
2990 | - Typo "applicatoin" in src/mime.conf | |
2991 | - The unlinkd daemon never saw the USE_TRUNCATE_NOT_UNLINK | |
2992 | #define because it didn't include squid.h. | |
2993 | - Fixed commRetryFD() when bind() fails. commRetryFD was | |
2994 | closing the filedescriptor, but it is the upper layer's | |
2995 | job to close it. | |
2996 | - Changed configure's "maximum number of filedescriptors" | |
2997 | detection to only use getrlimit() for Linux. On AIX, | |
2998 | getrlimit returns RLIM_INFINITY. | |
2999 | - Fixed snmpInit() nesting bug. | |
3000 | - Fixed a bug with peerGetSomeParent(). It was adding | |
3001 | a parent to the FwdServers list, regardless of the | |
3002 | ps->direct value. This could cause every request to | |
3003 | go to a parent even when always_direct is used. | |
3004 | - Changed fwdServerClosed() to rotate the "forward servers" | |
3005 | list when a connection establishment fails. Otherwise | |
3006 | it always kept trying to connect to the first server | |
3007 | int the list. | |
b93549f6 | 3008 | |
2be4e260 | 3009 | 2.2.STABLE3: |
3010 | ||
3011 | - Fixed preprocessor problems for HP-UX in lib/safe_inet_addr.c. | |
3012 | - Avoid coredump in aclMatchAcl() if someone tries to use | |
3013 | proxy authentication with a non-HTTP request (e.g. icp_access). | |
3014 | - Moved 'ident_lookup_access' in squid.conf so it appears | |
3015 | after the ACL section. | |
3016 | - Fixed typo in squid.conf on "Config.Addrs.snmp_outgoing" | |
3017 | - Fixed a case in clientCacheHit() where we thought it | |
3018 | was a hit, but the reply status was not 200, so we | |
3019 | had to perform a cache miss. We forgot to change the | |
3020 | log_type and these were being recorded as TCP_HIT's. | |
3021 | - Fixed a void pointer subtraction bug in delayIdPtrHashCmp(). | |
3022 | - Fixed delay_pools coredump and memory leak bugs from | |
3023 | NULL delay_id values. | |
3024 | - Fixed a SEGV bug with delay_pools when requesting | |
3025 | 'objects' or 'vm_objects' from the cachemgr. | |
3026 | - Added a workaround for buggy FTP servers that return | |
3027 | a size of zero for non-zero-sized objects. | |
3028 | - Removed umask(0) call from main(). | |
3029 | - Fixed a peer selection bug that caused us to never select | |
3030 | a neighbor based on ICP replies if the ICP timeout occurs. | |
3031 | In conjunction with this, removed the PING_TIMEOUT state. | |
3032 | - Fixed a store_rebuild bug that caused us to get stuck trying | |
3033 | if a cache_dir subdirectory didn't exist. | |
3034 | - Fixed a buffer overrun bug in gb_to_str(). | |
3035 | ||
9bc73deb | 3036 | 2.2.STABLE4: |
3037 | ||
3038 | - Fixed a dread_ctrl leak caused in store_client.c | |
3039 | - Fixed a memory leak in eventRun(). | |
3040 | - Fixed a memory leak of ErrorState structures due to | |
3041 | a bug in forward.c. | |
3042 | - Fixed detection of subdomain collisions for SPLAY trees. | |
3043 | - Fixed logging of hierarchy codes for SSL requests (Henrik | |
3044 | Nordstrom). | |
3045 | - Added some descriptions to mib.txt. | |
3046 | - Fixed a bug with non-hierarchical requests (e.g. POST) | |
3047 | and cache digests. We used to look up non-hierarchical | |
3048 | requests in peer digests. A false hit may cause Squid | |
3049 | to forward a request to a sibling. In combination with | |
3050 | 'Cache-control: only-if-cached, this generates 504 Gateway | |
3051 | Timeout responses and the request may not be re-forwardable. | |
3052 | - Fixed a filedescriptor leak for some aborted requests. | |
3053 | ||
3054 | ||
4d62b0af | 3055 | Changes to Squid-2.1 (November 16, 1998): |
8f897f34 | 3056 | |
3057 | - Changed delayPoolsUpdate() to be called as an event. | |
3058 | - Replaced comm_select FD scanning loops with global fd_set | |
3059 | structures. Inspired by Jeff Mogul's patch for squid 1.1. | |
9e1559ea | 3060 | - Moved functions common to dns.c, redirect.c, authenticate.c, |
3061 | ipcache.c, and fqdncache.c into helper.c. | |
0753aa46 | 3062 | - Changed storeClientCopy2() so that it keeps sending the remainder |
3063 | of a STORE_ABORTED request, instead of cutting off the client as | |
3064 | soon as the object becomes aborted. | |
f0538986 | 3065 | - Fixed combined ipf-transparent proxy and a local http-accelerator |
3066 | operation (Quinton Dolan). | |
3067 | - Rewrote base64_decode.c because of potential buffer overrun | |
3068 | bugs. | |
912432d8 | 3069 | - Configurable handling of whitespace in request URI's. |
3070 | See 'uri_whitespace' in squid.conf. | |
e33ec474 | 3071 | - Added ability to generate HTTP redirect messages from |
3072 | the redirector output by prepending "301:" or "302:" to the | |
3073 | new url. See FAQ 4.16 for more details. | |
829a9357 | 3074 | - Eliminated refreshWhen() which was out-of-sync with refreshCheck() |
3075 | potentially causing under-utilized cache digests | |
3076 | - Maintain refreshCheck statistics on per-protocol basis so we | |
3077 | can tell why ICP or Digests return too many misses, etc. | |
c68e9c6b | 3078 | - Fixed delay_pools.c class2/class3 typo (Simon Woods). |
3079 | - Changed squid.conf's default access controls to deny all | |
3080 | HTTP requests. Admins must write ACL rules to specifically | |
3081 | allow their local clients. | |
3082 | - Patched French error messages (Mathias HERBERTS). | |
3083 | - NextStep porting fixes by Mike Laster: | |
3084 | - use xstrdup() in cf_gen.c | |
3085 | - check for putenv() in configure | |
3086 | - #define S_ISDIR macro | |
3087 | - Added --disable-poll configure option (Henrik Nordstrom). | |
3088 | - Fixed internal URL hostname case bugs (Henrik Nordstrom). | |
3089 | - Patched ftp.c so we never cache autenticated FTP requests | |
3090 | (Henrik Nordstrom). | |
3091 | - Fixed FTP authentication. We tried to unescape authentication | |
3092 | given by basic authentication which is not URL escaped | |
3093 | (Henrik Nordstrom). | |
3094 | - Fixed HTTP version for common logfile format (Henrik Nordstrom). | |
3095 | - Added 'redirect_rewrites_host_header' option to disable rewriting | |
3096 | of Host header for redirector responses (Henrik Nordstrom). | |
3097 | - Allow semi-customized error message signatures (Henrik Nordstrom). | |
3098 | - Fixed bug with errors for unsupported requests (Henrik Nordstrom). | |
3099 | - Fixed handling of blank lines in ACL input files (Henrik | |
3100 | Nordstrom). | |
3101 | - Changed proxy_auth ACL type to consist of a list of valid | |
3102 | users. REQUIRED == any (same as ident ACL). ACL type user | |
3103 | changed to ident since this is what it really is. | |
3104 | (Henrik Nordstrom). | |
3105 | - Fixed long URL bugs; make sure 'log_uri' never exceeds | |
3106 | MAX_URL bytes. | |
3107 | - Allow comments in external ACL files (Gerhard Wiesinger). | |
3108 | - Added 'range_offset_limit' configuration option. Requests | |
3109 | with ranges that start after this value will be passed | |
3110 | on unmodified, and Squid will not cache the response | |
3111 | (Henrik Nordstrom). | |
3112 | - Added Client HTTP Hit byte counters to 'counters' output | |
3113 | (Douglas Swarin). | |
3114 | - Got Squid to compile with --enable-async-io on FreeBSD. | |
3115 | - Fixed infinite loop bug for cachemgr 'config' option. | |
3116 | - Fixed cachability bugs for replies with Pragma: no-cache. | |
3117 | - Made content-type multipart/x-mixed-replace uncachable. | |
3118 | - Y2K fix for parsing dates in "Wed Jun 9 01:29:59 1993 GMT" | |
3119 | format (Richard Kettlewell). | |
3120 | - Fixed passing -s option to dnsserver processes (Alvaro Jose | |
3121 | Fernandez Lago). | |
3122 | - Changed proxy_auth to work on internal objects and when in | |
3123 | accelerator mode. (Henrik Nordstrom) | |
3124 | - Added login=user:password option to cache_peer directive to | |
3125 | be used from a dial-up cache where the parent requires proxy | |
3126 | authentication. (Henrik Nordstrom) | |
3127 | - If you want to "auto-login", then use a URL on the form | |
3128 | http://username:password@server/.... Squid now picks this up | |
3129 | when going direct, and turns it into basic WWW | |
3130 | authentication. It is also possible to do automatic login to | |
3131 | certain servers by using a redirector to add the needed | |
3132 | authentication information. (Henrik Nordstrom) | |
04f0ba5c | 3133 | - Changed refreshCheck() so that objects with negative age |
3134 | are always stale. | |
4d62b0af | 3135 | - Fixed "plain" FTP listings (Henrik Nordstrom). |
3136 | - Fixed showing banner/logon message for top-level FTP | |
3137 | directories (Henrik Nordstrom). | |
3138 | * Changes below have been made to SQUID_2_1_PATCH1 | |
3139 | - Fixed pinger packet size assertion. | |
3140 | - Fixed WAIS forwarding. | |
3141 | - Fixed dnsserver coredump bug caused by using both -D and | |
3142 | -s options. | |
e42d5181 | 3143 | * Changes below have been made to SQUID_2_1_PATCH2 |
3144 | - Fixed EBIT macro bugs when the bitmask is a 64-bit long. | |
3145 | - Fixed proxy auth NULL password bug. | |
3146 | - Fixed queueing of multiple peerRefreshDNS events. | |
3147 | - Added a stack of StoreEntry objects to be released after | |
3148 | store rebuild completes. | |
3149 | - Fixed NULL pointer bugs with too-large requests (found by | |
3150 | Martin Lathoud). | |
3151 | - Fixed reading replies from buggy ident servers. Replies | |
3152 | might not have terminating CR or LF (Henrik Nordstrom). | |
b4019ff7 | 3153 | - Changed internal StoreEntry key so that the request method |
3154 | is encoded as a single octet. Encoding an enumerated type | |
3155 | has size and byte-order incompatibilities, especially for | |
3156 | cache digests. | |
3157 | - Fixed storeEntryLocked so that SPECIAL, but PRIVATE entries | |
3158 | are not always locked. This fixes having multiple | |
3159 | store_digest's stuck in memory. | |
3160 | - Fixed clientProcessOnlyIfCachedMiss so it unlocks and | |
3161 | unregisters from "cache hit" entries. | |
3162 | * Changes below have been made to SQUID_2_1_PATCH3 | |
3163 | - Fixed memory leak in clientHandleIMSReply for | |
3164 | storeClientCopy failures. | |
8f897f34 | 3165 | |
41587298 | 3166 | Changes to Squid-2.0 (October 2, 1998): |
71d6dc56 | 3167 | |
4c154d99 | 3168 | - Added NAT/Transparent hijacking code from Quinton Dolan. |
3169 | - Added actual filesystem usage to cachemgr 'storedir' page. | |
41587298 | 3170 | Only works for operating systems which support statvfs(). |
a79d724b | 3171 | - Fixed HTCP compile-time bugs. |
3172 | - Fixed quick_abort bugs. Configured values are stored as | |
3173 | Kbytes, not bytes. | |
41587298 | 3174 | - Removed fwdAbortFetch(). It breaks quick_abort and seems |
3175 | mostly useless. | |
0da7d807 | 3176 | - Changed storeDirSelectSwapDir() to skip swap directories |
3177 | when their utilization is over the high water mark ratio. | |
9ca005ac | 3178 | - Fixed off-by-one bug for dead neighbor detection (Joe Ramey). |
18cc143b | 3179 | - fixed bugs in Content-Range header generation |
3180 | - changed the way Range requests are handled: | |
71d6dc56 | 3181 | - do not "advertise" our ability to process ranges at |
3182 | all | |
3183 | - on hits, handle simple ranges and forward complex | |
3184 | ones | |
3185 | - on misses, fetch the whole document for simple ranges | |
3186 | and forward range request for complex ranges | |
3187 | The change is supposed to decrease the number of cases when | |
3188 | clients such as Adobe acrobat reader get confused when we | |
3189 | send a "200" response instead of "206" (because we cannot | |
3190 | handle complex ranges, even for hits) Note: Support for | |
3191 | complex ranges requires storage of partial objects. | |
41587298 | 3192 | - Removed SNMP mib-2.system group from squid. |
6474667e | 3193 | - Removed SNMP ability to iterate through ipcache and friends. |
3194 | - Added SNMP ipcache/fqdncache basic statistics. | |
3195 | - Converted SQUID-MIB to SMIv2 (RFC 1902). | |
3196 | - Moved SQUID-MIB to enterprises section of the tree in preparation | |
3197 | of the split into PROXY-MIB & SQUID-MIB. | |
3198 | - Corrected minor errors in SQUID-MIB. | |
3199 | - Moved uptime into cacheSystem from cacheConfig. | |
3200 | - Corrected a number of get-next-request bugs, snmpwalk should now | |
3201 | return all objects and not skip some. | |
41587298 | 3202 | - Fixed netdbClosestParent() so it won't return sibling |
3203 | peers. | |
3204 | - Fixed a bug with secondary clients on entries with | |
3205 | ENTRY_BAD_LENGTH set. We should release the | |
3206 | bad entry to prevent secondary clients jumping on. | |
3207 | - Changed MIB to prevent parse warnings at startup. | |
f0538986 | 3208 | * Changes below have been made to SQUID_2_0_PATCH1 |
9689d97c | 3209 | - Fixed a forwarding loop bug. Even though we were detecting |
3210 | a loop, it was not being broken. | |
3211 | - Try to prevent sibling forwarding loops by NOT forwarding a | |
3212 | request to a sibling if we have a stale copy of the object. | |
3213 | Validation requests should only be sent to parents (or | |
3214 | direct). | |
3215 | - Fixed ncsa_auth hash bugs when re-reading password file. | |
3216 | - Changed clientHierarchical() so that by default SSL/CONNECT | |
3217 | requests do NOT go to neighbor caches. | |
d87ebd78 | 3218 | - Changed clientHandleIMSReply() to not call storeAbort() |
3219 | because there can be more than one client hanging on the | |
3220 | StoreEntry. This hopefully fixes "store_status != | |
3221 | STORE_ABORTED" assertions. | |
f0538986 | 3222 | - Added temporary fix to httpMakePublic() to prevent assertions |
3223 | (!EBIT_TEST(e->flags, RELEASE_REQUEST)) in storeSetPublicKey(). | |
3224 | * Changes below have been made to SQUID_2_0_PATCH2 | |
3225 | - PATCH1 introduced a seriously stupid bug which prevented ICP | |
3226 | queries for all requests. Fixed by checking | |
3227 | request->hierarchical in peerSelectFoo(). | |
18cc143b | 3228 | |
4c154d99 | 3229 | Changes to squid-1.2.beta25 (September 21, 1998): |
3230 | ||
4b66bfd3 | 3231 | - Fixed async IO bugs from adding filedescriptor arg to AIOCB |
3232 | callbacks (Henrik Nordstrom). | |
3233 | - Fixed store_swapout.c assertion. We were freeing object data | |
3234 | past the swapout_done offset. This probably happens (only?) | |
3235 | when an object changes from cachable to uncachable while | |
3236 | it is being swapped out. | |
a260d877 | 3237 | - Added MEM_CLIENT_SOCK_BUF type so we can change the size |
3238 | of the buffers used for writing data to the client sockets. | |
669d90e7 | 3239 | - Added configure check for libbind.a. If found, it will be |
3240 | used instead of libresolv.a. | |
3241 | - Changed fwdStart() to always allow internally generated | |
dddd5b55 | 3242 | requests, such as for peer digests. These requests are |
3243 | known to fwdStart() because the address arg is set to | |
3244 | 'no_addr'. | |
669d90e7 | 3245 | - Completed initial HTCP implementation. It works, but is not |
3246 | tested much. | |
2d5c8e74 | 3247 | - Added counters for I/O syscalls. |
3248 | - Fixed httpMaybeRemovePublic. With broken ICP neighbors | |
3249 | (netapp) Squid doesn't use private keys. This caused us | |
3250 | to remove almost every object from the cache. | |
3251 | - Added 'asndb' cachemgr stats to show AS Number tree. | |
dddd5b55 | 3252 | - Fixed AS Number byte-order bug for netmasks. |
2d5c8e74 | 3253 | - Fixed comm_incoming calling rate for high loads (Stewart |
3254 | Forster). | |
426012d2 | 3255 | - Give always_direct higher precedence than never_direct |
3256 | (Henrik Nordstrom). | |
dddd5b55 | 3257 | - Changed PORT ACL type to accept ranges. Now you can easily |
3258 | deny, for example, all priveleged ports except 80, 70, 21, | |
3259 | etc. | |
3260 | - ARP ACL fixes for Linux (David Luyer). | |
3261 | - Replaced various "EBIT" flags bitfileds with structures of | |
3262 | "int:1" members. | |
3263 | - Changed storeKeyPrivate and storeKeyPublic to be a bit more | |
3264 | efficient by removing snprintf(). This causes an | |
3265 | incompatibility with old cache keys, however. To transition, | |
3266 | we will look up both the new and old style keys for about the | |
3267 | next 30 days. After that, if you haven't run this (or a | |
3268 | future) version, your cache contents will be lost. | |
3269 | - Made the client-side write buffer size configurable with | |
3270 | a #define in defines.h. By default it is still 4096 bytes. | |
3271 | - Removed redirectUnregister(). It should be unnecessary | |
3272 | because of cbdata locks. | |
3273 | - Fixed multiple HEAD request brokennesses (Henrik Nordstrom). | |
3274 | - Changed non-blocking connect(2) code to call getsockopt() | |
3275 | instead of connect() again. This is the approach recommended | |
3276 | by Stevens, and fixes bugs on BSD-ish systems when subsequent | |
3277 | connect() calls loop with EAGAIN status. | |
3278 | - Added MD5 cache keys to memory pool accounting. | |
3279 | - Added code to track number of open DISK descriptors and stop | |
3280 | swapping out objects if the number of disk descriptors becomes | |
3281 | too large. For now the limit must be manually configured with | |
3282 | the 'max_open_disk_fds'. By default, there is no limit. | |
3283 | - Stopped encoding a request method in the high byte of the ICP | |
3284 | reqnum field. Instead queried cache keys are copied to a | |
3285 | static array, indexed by the reqnum, modulo the array size. | |
3286 | Now we just use the request number to lookup a cache key, | |
3287 | instead of rebuilding it from the ICP reply URL and method, | |
3288 | unless we have netapp neighbors--they don't do reqnum | |
3289 | properly. | |
3290 | - Fixed reconfigure memory access bugs in redirect.c. | |
0753aa46 | 3291 | - Ignore unreasonably large ICP RTT values which cause overflow |
3292 | bugs in calculating the average RTT (thanks Niall!) | |
4b66bfd3 | 3293 | |
8e6a43e8 | 3294 | Changes to squid-1.2.beta24 (August 21, 1998): |
3295 | ||
6c4067e5 | 3296 | - Added Bulgarian error pages by Evgeny Gechev. |
ceb79b2b | 3297 | - Changed StoreEntry->lock_count to a u_short. |
c7d6216e | 3298 | - Replaced urlcmp with strcmp |
3299 | - Fixed pragma no-cache ejecting ENTRY_SPECIAL objects | |
3300 | (Henrik Nordstrom). | |
3301 | - Eliminated unneeded BASE HREF on "root" directories (Henrik | |
3302 | Nordstrom). | |
3303 | - Fixed peerDigestFetchFinish() assertion caused by forwarding | |
3304 | failures (e.g. miss_access rules). | |
ada249f8 | 3305 | - Changed signal handlers with ASYNC_IO and Linux so that |
3306 | -k command line options work (Miquel van Smoorenburg). | |
4616f9ea | 3307 | - Rewrote shutdown code to use events instead of setting |
3308 | FD timeouts. | |
903e21a0 | 3309 | - Fixed cachemgr 'objects' (statObjects()) by adding a check |
b6a76fb2 | 3310 | for READ_AHEAD_GAP, and calling storeCheckSwapout() in |
3311 | storeBufferFlush(). Otherwise, the read-past pages would | |
3312 | never be freed. | |
681979a2 | 3313 | - Fixed DNSSERVER shutdown bugs. The re-opened dnsserver processes |
3314 | were being closed by the dnsServerShutdown event. | |
b6a76fb2 | 3315 | - Modified storeHashInsert() to insert PRIVATE objects at |
3316 | the tail of the LRU list, and PUBLIC objects at the head. | |
3317 | Thus, PRIVATE objects get kicked out quicker. | |
95e36d02 | 3318 | - Added David Luyer's DELAY_POOLS code. |
54b5b3e5 | 3319 | - Fixed a bug due to HEAD replies which lack the end-of-headers |
3320 | line. | |
3321 | - Made proxy-auth realm string configurable (Bob Franklin) | |
3322 | - Changed default mime time to a viewable one (Henrik Nordstrom). | |
3323 | - configure fixes for Sony's NEWS-OS 6.x (Makoto MATSUSHITA). | |
3324 | - Fixed 'you are running out of filedescriptors' bug which | |
3325 | could cause the HTTP incoming connection handler to not | |
3326 | be reset. | |
e23fbf04 | 3327 | - Changed syslog logging. Now squid debug levels 0 and 1 go |
d737baa0 | 3328 | to syslog. Level 0 gets LOG_WARNING and level 1 gets LOG_NOTICE |
e23fbf04 | 3329 | (this needs more work!) |
2cb51fe0 | 3330 | - Fixed memory access errors in statAvgTick(). |
abc1237e | 3331 | - Fixed duplicate requestUnlink() bug in forward.c |
6c4067e5 | 3332 | - Fixed possible memory access bugs from not setting e->mem_obj |
3333 | = NULL in destroy_MemObject(). | |
3334 | - Deleted TCP_IMS_MISS tag. Always use TCP_IMS_HIT instead. | |
3335 | - Modified headersEnd and httpMsgIsolateHeaders to account | |
3336 | for funky line terminations such as CRCRNL. | |
3337 | (``but Netscape and IE _tolerate_ this'') | |
3338 | - Fixed carp functions (Eric Stern). | |
3339 | - Replaced internal proxy_auth code with extern authentication | |
3340 | module (Arjan de Vet). | |
3341 | - moved hash.c to libmiscutil.a. | |
e931f99a | 3342 | - Fixed handling of ICP queries with whitespace in URLs. |
3343 | Now we return ICP error and escape the URL before logging. | |
3a15a393 | 3344 | - Added configure check for socklen_t (David Luyer). |
3345 | - Removed USE_SPLAY #defines; it is now standard. | |
3a76c002 | 3346 | - Added FD arg to async IO callbacks (AIOCB) so we can eliminate |
3347 | temporary disk_ctrl_t structures. | |
3348 | - Changed ENOSPC disk write errors to reduce specific cache_dir | |
3349 | sizes, and not just the size of the cache as a whole. | |
f9cece6e | 3350 | - Added httpMaybeRemovePublic() to purge public objects for |
3351 | certain responses even though they are uncachable. This is | |
3352 | needed, for example, when an initially cachable object | |
3353 | later becomes uncachable. | |
8e6a43e8 | 3354 | - Added refresh_pattern options to ignore client reloads |
3355 | (Henrik Nordstrom) | |
3356 | - Relocated disk.c code which combines blocks for writing | |
3357 | (Stewart Forster). | |
c7d6216e | 3358 | |
857703c6 | 3359 | Changes to squid-1.2.beta23 (June 22, 1998): |
3360 | ||
cf7f704c | 3361 | - Added Turkish error pages by Tural KAPTAN. |
66bbb757 | 3362 | - Added basic support for Range requests. For most cachable |
3363 | requests, Squid replies with an "Accept-Ranges" header. Upon | |
3364 | receiving a potentially cachable Range request for a not | |
3365 | cached object, Squid requests the whole object from origin | |
3366 | server and then replies with specified range(s) to the | |
3367 | client. Multi-range requests are supported. Adjacent | |
3368 | overlapping ranges are merged. If-Range requests are | |
3369 | supported. Limitations: Multi-range requests with out of | |
3370 | order ranges are not supported. | |
3371 | - Made md5.c use standard memcpy and memset if they are | |
3372 | avaliable. | |
3373 | - Memory pools will now shrink if Squid is run-time | |
3374 | reconfigured with smaller value of memory_pools_limit tag. | |
3375 | - Added counter for number of clients (Tomi Hakala). | |
3376 | - Changed neighbor UP/DOWN algorithm to require 10 failed TCP | |
3377 | connections for UP->DOWN transition. | |
3378 | - Added 'unique_hostname' configuration option when its | |
3379 | necessary to have multiple machines with the same visible | |
3380 | hostname. | |
222917b2 | 3381 | - Fixed pumpReadFromClient() to not read too many bytes on |
3382 | persistent connections. | |
53856ebd | 3383 | - We can now cache HTTP replies with Set-Cookie. These evil |
3384 | headers are now filtered out for cache hits on the client | |
3385 | side. | |
222917b2 | 3386 | - Fixed SNMP bugs caused by using snmpwalk. |
9089cc70 | 3387 | - Fixed snmp system Group; all objects are now returned. |
3388 | - Fixed snmp system Group sysDescr and sysContact. | |
78dfab2a | 3389 | - Fixed snmp system Group sysObjectID it now returns a OBJECT |
3390 | IDENTIFIER. | |
7fce9c3e | 3391 | - Allocate FwdState from mem pools. |
3392 | - Minor HTCP progress. | |
222917b2 | 3393 | - Moved 'miss_access' ACL check from client_side.c to forward.c |
ed169eab | 3394 | - Fixed logging of usernames for requests which require |
3395 | proxy-authentication. | |
cf7f704c | 3396 | - Fixed HTTP request parser to accept lowercase HTTP identifier |
3397 | (Oskar Pearson). | |
3398 | - Fixed FTP listings to always include links to the parent | |
3399 | directory (Henrik Nordstrom). | |
3400 | - Fixed FTP to show an "empty" listing instead of showing | |
3401 | a "document contains no data" error (Henrik Nordstrom). | |
3402 | - Fixed refreshCheck() bug. Often it was checking the | |
3403 | refresh patterns against the string "[null_mem_obj]" | |
3404 | because we moved URLs to MemObject. | |
3405 | - Added CARP support by Eric Stern. | |
48382032 | 3406 | - Fixed select-spin bug when an ICP reply actually gets queued |
3407 | and we failed to execute the write callback. | |
354b5fe1 | 3408 | - Fixed a storeCheckSwapOut bug. We were freeing up to |
3409 | the queued offset instead of the done offset. This | |
3410 | resulted in a small chunk of object data not being in | |
3411 | memory and not yet written to disk. A client could | |
3412 | recieve a partial object because file_read() unexpectedly | |
3413 | returns EOF. | |
0aa791f8 | 3414 | - Fixed proxy-authentication hangs (Henrik Nordstrom). |
c2354a6b | 3415 | - Fixed request_t->flags bug causing authenticated, proxied |
3416 | responses to be cached (Arjan de Vet). | |
e0e32f36 | 3417 | - Fixed MIME types for .tgz extension (Henrik Nordstrom). |
3418 | - Added view and download options to FTP listings (Henrik | |
3419 | Nordstrom). | |
3420 | - Modified configure to allow using pre-installed libdlmalloc.a | |
3421 | (Masashi Fujita). | |
e8d8856c | 3422 | - Fixed cachemgr 'objects' implementation. |
fecf98dc | 3423 | - Changed refreshCheck() algorithm. For cached objects, we |
3424 | now check, in the following order: | |
3425 | * request max-age | |
3426 | * response Expires (if present) | |
3427 | * refresh_pattern max-age | |
3428 | * response Last-Modified compared to refresh_pattern | |
3429 | LM-factor (only if Last-Modified is present) | |
3430 | * refresh_pattern min-age | |
3431 | - Changed Copyrights. | |
d192d11f | 3432 | |
ee3a78d4 | 3433 | Changes to squid-1.2.beta22 (June 1, 1998): |
3434 | ||
2246b732 | 3435 | - do not cut off "; parameter" from "digitized" Content-Type |
3436 | http fields | |
3437 | - Added X-Request-URI for persistent connection debugging | |
3438 | (Henrik Nordstrom) | |
f4d83f6d | 3439 | - Added Polish error pages from Maciej Kozinski. |
145f10f1 | 3440 | - Fixed hash_first/hash_next bugs with **Current pointer. |
3441 | Replaced with *next pointer. | |
f4d83f6d | 3442 | - Fixed PUT/POST bugs in client (Henrik Nordstrom). |
3443 | - Deny forwarding loops in httpd accel mode (Henrik Nordstrom). | |
3444 | - Fixed eventRun "spin" bug when event delta time == 0. | |
a9cc1935 | 3445 | - Fixed setting Last Modified time on cached entries when |
3446 | receiving a 304 reply. | |
06e87923 | 3447 | - Added while loop in httpAccept(). |
3448 | - Added while loop in icpHandleUdp(). | |
3449 | - Fixed some small memory leaks. | |
3450 | - Fixed single-bit-int flag checks (Henrik Nordstrom). | |
137ee196 | 3451 | - Replaced "complex" (offset accounting) calls to snprintf with MemBuf |
3452 | - Do not send only-if-cached cc directive with requests | |
6474667e | 3453 | for peer's digests. |
ee3a78d4 | 3454 | - Added "automatic tuning" for incoming request rate, i.e. |
3455 | how often to check HTTP and ICP sockets. See comm.c | |
3456 | comments for details. | |
145f10f1 | 3457 | |
6ee40ea2 | 3458 | Changes to squid-1.2.beta21 (May 22, 1998): |
3459 | ||
434b408f | 3460 | - Added Italian error pages by Alessio Bragadini. |
a3f9588e | 3461 | - Added Estonian error pages by Toomas Soome. |
06066bbc | 3462 | - Added Russian (koi-r) error pages by Andrew L. Davydov. |
7b381d33 | 3463 | - Added Czech error pages by Jakub Nantl. |
8e866bb4 | 3464 | - Fixed asnAclInitialize calling to prevent coredump. |
3465 | - Fixed FTP directory parsing again. | |
3466 | - Made FTP directory listing "Generated" tagline like | |
3467 | the one for error pages. | |
52f977aa | 3468 | - Fixed an assertion coredump in statHistCopy from |
6474667e | 3469 | reconfiguring with different #peers in squid.conf |
10202788 | 3470 | - Ignore leading whitespace on requests (and replies). RFC |
3471 | 2068 section 4.1, robustness (Henrik Nordstrom) | |
3472 | - Fixed keep_alive bug. We did not always honour reply | |
3473 | headers, but rather assumed connections could be persistent. | |
3474 | - Fixed reading whois output for AS numbers, especially when | |
3475 | they are longer than 4 KB. | |
3476 | - Removed 'cache_stoplist_pattern' configuration option. This | |
3477 | feature is now handled by 'no_cache'. | |
3478 | - If a URN resolves to only one URL, just return it immediately | |
3479 | instead of giving the user a "choice" (Andy Powell). | |
3480 | - Fixed year-2000 bug in lib/iso3307.c (Henrik Nordstrom). | |
3481 | - Changed squid-internal object names. | |
3482 | - Added netdb exchange protocol. | |
3483 | - Fixed wordlistDestroy() uninitialized pointer bug in | |
3484 | ftpParseControlReply. | |
06066bbc | 3485 | - Fixed redirector subprocess to show real program name. |
3486 | - Changed URN menu output to be sorted. | |
3487 | - Added fast select(2) timeouts when using ASYNC_IO. | |
3488 | - Added ARP ACL support for Linux (David Luyer). | |
6474667e | 3489 | - Added binary http headers to requests |
3490 | - request_t objects are now created and destroyed in a consistent way | |
3491 | - Fixed cache control printf bug | |
3492 | - Added a lot of new http header ids | |
3493 | - Improved Connection: header handling; now both Connection and | |
3494 | Proxy-Connection headers are checked for connection directives | |
3495 | - Connection request header is now handled correctly regardless | |
3496 | of its position and the number of entries | |
2246b732 | 3497 | - Only replies with valid Content-Length can be sent with keep-alive |
3498 | connection directive (Henrik Nordstrom) | |
6474667e | 3499 | - Better handling of persistent connection "clues" in HTTP headers; |
2246b732 | 3500 | the decision now depends on HTTP version (and User-Agent exceptions) |
6474667e | 3501 | - Removed handling of "length=" directive in IMS headers; |
3502 | the directive is not in the HTTP/1.1 standard; | |
3503 | standing by for objections | |
3504 | - allowed/denied headers are now checked using bit masks instead of | |
3505 | strcmp loops | |
3506 | - removed Uri: from allowed headers; Uri is deprecated in RFC 2068 | |
2246b732 | 3507 | - removed processing of Request-Range header (not in specs?) |
7b381d33 | 3508 | - Fixed byte-order bugs in cacheDigestHashKey. |
3509 | - Changed hash_remove_link() to return void. | |
3510 | - Changed ipcache_gethostbyname() to return NULL if | |
3511 | i->addrs.count == 0. | |
6de5fa88 | 3512 | - Added millisecond-timing to select/poll loops and event |
3513 | queue. | |
3514 | - Changed 'peerPingTimeout' value to be twice the average | |
3515 | of all the peer ICP RTT's. | |
3516 | - Added 'half_closed_clients' option to force closing of | |
3517 | client connections which might only be half-closed. | |
3518 | - Fixed matchDomainName coredump bug. | |
3519 | - Don't cache HTTP replies with Vary: headers until we | |
3520 | get content negotiation working. | |
3521 | - Fixed SSL proxying to forward full HTTP request headers. | |
c09459dd | 3522 | - Changed storeGetMemSpace(). Only purge down to the HIGH |
3523 | water mark; move locked entries to the head of the inmem | |
3524 | list. | |
3525 | - Changed clientReadRequest() to locally handle any | |
3526 | "squid-internal-static" URL for any host. | |
52f977aa | 3527 | - Disable persistent connections for client connections |
3528 | from broken Netscape User-Agent, version 3.* (Stewart Forster) | |
434b408f | 3529 | |
901b8eaf | 3530 | Changes to squid-1.2.beta20 (April 24, 1998): |
3531 | ||
fd1bc012 | 3532 | - Improved support for only-if-cached cache control directive. |
3533 | - Enabled 304 replies for ENTRY_SPECIAL objects (e.g., icons). | |
a1a62b14 | 3534 | - Fixed 'quick_abort' percent calculation bug. |
3535 | - Fixed quick_abort FPE bug. | |
3536 | - Changed more errno-checking functions to use ignoreErrno(). | |
3537 | - Added ERESTART to ignoreErrno() because of report from | |
3538 | a Solaris system. | |
3539 | - Fixed '#elsif' typo. | |
3540 | - Fixed MemPool assertion by moving memInit() to before | |
3541 | configuration parsing functions. | |
3542 | - Fixed default 'announce_period' value (was 1 day, should | |
3543 | be 0) (Joe Ramey). | |
3544 | - Added configure warning for low filedescriptors and pointer | |
3545 | to FAQ. | |
b0497a40 | 3546 | - Fixed httpBodySet() bug causing URN related coredumps. |
3547 | - Changed ipcacheCycleAddr() to always cycle through all all | |
3548 | available addresses, and not just advance when one of | |
3549 | them goes BAD. | |
3550 | - Fixed squid-internal bug for mixed-case hostnames (Henrik | |
3551 | Nordstrom). | |
4e41d49f | 3552 | - Fixed ICP counting probelm. icpUdpSend() arg should be |
3553 | LOG_ICP_QUERY instead of LOG_TAG_NONE. | |
e4b71f74 | 3554 | - Added some additional fault toleranse on FTP data channels |
3555 | (Henrik Nordstrom). | |
3556 | - Corrected error reporting on FTP "hacks" (Henrik Nordstrom). | |
3557 | - Added lock/unlock for StoreEntry during storeAbort(). | |
3558 | - Added filemap bit usage stats to cachemgr 'storedir' and | |
3559 | 'info'. | |
3560 | - Replaced 'cache_stoplist' with 'no_cache' Access list. | |
3561 | - Fixed (hopefully) remaining swapfile-open-at-exit bugs. | |
44745828 | 3562 | - Fixed default hierarchy_stoplist to be ``default if none.'' |
3563 | - Fixed 'fake a recent reply' hack for detecting DEAD | |
3564 | and ALIVE neighbors (Joe Ramey). | |
e376562a | 3565 | - Fixed FTP directory parsing bugs (Joe Ramey). |
3566 | - Fixed ftpTraverseDirectory coredump for NULL ftpState->filepath | |
3567 | (Joe Ramey). | |
dea17509 | 3568 | - Fixed daylight savings time bug (again). |
fd1bc012 | 3569 | - A lot of Cache Digests additions, fixes, and tuning. |
3570 | Cache Digests are still "very experimental". | |
e376562a | 3571 | - Fixed snprintf() bug. When len == 1, snprintf() would treat |
3572 | the buffer as unknown size, emulating sprintf() behaviour. | |
3573 | - Made Error page language configurable with configure script | |
3574 | (Henrik Nordstrom). | |
3575 | - Fixed squid-internal URLs when http_port == 80. | |
3576 | - Remember the client address on redirected requests (Henrik | |
3577 | Nordstrom). | |
3578 | - Don't rebuild the request if the redirector returned the same | |
3579 | URL (Henrik Nordstrom). | |
3580 | - Rewrite Host: header on redirected requests (Henrik | |
3581 | Nordstrom). | |
3582 | - Include port (if non-standard) in generated Host: headers | |
3583 | (Henrik Nordstrom). | |
3584 | - Fixed rfc1123 timezone hacks for Windows NT | |
3585 | (Henrik Nordstrom). | |
3586 | - Added Russian Error pages by Ilia Zadorozhko. | |
3587 | - Added totals for ICP and HTTP hits to cachemgr client_list | |
3588 | output. | |
6cfa8966 | 3589 | - Changed error message to 'Generated TIME by HOST (SQUID/VER)' |
3590 | because any string with an '@' must be an email address. | |
e376562a | 3591 | - Fixed POST for content-length == 0. |
901b8eaf | 3592 | - Fixed "huge 304 reply" loop bug. |
5e9ab945 | 3593 | - Fixed --enable-splaytree compile bugs. |
c93fbf13 | 3594 | - Removed ASN lookup code in peer_select.c. |
b6a2f15e | 3595 | - Added warnings if ACL code detects subdomains in SPLAY |
3596 | trees. | |
3597 | - Rewrote some bits of httpRequestFree() to eliminate | |
3598 | possible bugs that could cause an "e->lock_count" asseertion. | |
3599 | - Added value/bounds checking to _db_init() when setting | |
3600 | the debugLevels[] array. | |
fd1bc012 | 3601 | |
005e5260 | 3602 | Changes to squid-1.2.beta19 (Apr 8, 1998): |
3603 | ||
b0497a40 | 3604 | - Squid-1.2.beta19 compiles and runs on Windows/NT with |
3605 | Cygnus Gnu-WIN32 b19 (Henrik Nordstrom). | |
447203a7 | 3606 | - Added French Error pages by Frank DENIS. |
3607 | - Added Dutch Error pages by Mark Visser | |
901b8eaf | 3608 | - Added German Error pages by Bernd P. Ziller, Jens Frank, |
3609 | and Anke S. | |
f9f2be04 | 3610 | - Added support for only-if-cached cache-control directive. |
005e5260 | 3611 | - Added RELAXED_HTTP_PARSER #define to allow requests which are |
3612 | missing the HTTP identifier on the request line (e.g. buggy | |
3613 | SpyGame queries). RELAXED_HTTP_PARSER is undefined by default. | |
1f4d31f9 | 3614 | - Fixed disk.c FD leak for delayed closes in |
3615 | diskHandleWriteComplete(). | |
3616 | - Fixed cache announcement feature. | |
20fe7191 | 3617 | - Fixed httpReadReply() to retry failed HTTP requests on |
3618 | persistent connections when read() returns -1, not only | |
3619 | when it returns 0. | |
805e5f70 | 3620 | - Fixed cbdata memory counting leak. cbdataUnlock() always |
3621 | called free(), never memFree(). | |
ff396fe6 | 3622 | - Fixed storeDirWriteCleanLogs() malloc bug on Alphas. |
005e5260 | 3623 | - Fixed `++loopdetect < 10' assertion due to |
3624 | clientHandleIMSReply bug for invalid/partial HTTP | |
3625 | replies. | |
3626 | - Added preliminary code for HTCP. | |
3627 | - Renamed 'aux' dir to 'cfgaux' for legacy DOS machines. | |
3628 | - Added "snmp_community" as an ACL type. | |
3629 | - Cleaned up proxy-auth acl implementation and removed | |
3630 | memory leaks. | |
3631 | - Added generic 'hashFreeItems()' function for efficiently | |
3632 | freeing hash table pointers. | |
3633 | - Added whoisTimeout() for ASN code. | |
447203a7 | 3634 | - Removed BINARY TREE code. |
005e5260 | 3635 | - Fixed forgetting to reset Config.Swap.maxSize in |
3636 | configDoConfigure. | |
3637 | - Fixed httpReplyUpdateOnNotModified() arguments-in-wrong-order | |
3638 | bug which caused not modified replies to not get updated. | |
3639 | - Fixed client_side.c bugs which could cause data to be written | |
3640 | to the client in the wrong order for persistent connections. | |
3641 | clientPurgeRequest() and clientHandleIMSComplete() must not | |
3642 | call comm_write(). Instead they must create and write to | |
3643 | StoreEntry's. | |
3644 | - Fixed ICP query service time counting bug(s). | |
3645 | - replaced 'char *mime_headers_end()' with 'size_t headersEnd()' | |
3646 | to fix buffer overruns. This also requires adding 'buf_sz' | |
3647 | args to some functions like clientBuildReplyHeader(). | |
3648 | But we can eliminate the need to NULL-terminate the | |
3649 | buffer beforehand. | |
3650 | - Changed commConnectCallback() to reset the FD timeout to | |
3651 | zero before notifying about the connection. This requires | |
3652 | commSetTimeout() calls in numerous places to reinstall | |
3653 | timeouts. | |
3654 | - Changed comm_poll_incoming() to be called less frequently | |
3655 | (every 15 I/O's instead of every 7 FD's) (Michael O'Reilly). | |
3656 | - Removed HAVE_SYSLOG case for debug() macro. Almost all | |
3657 | systems do have syslog(), but more importatnly the | |
3658 | _db_level value is needed for debugging to stderr. | |
3659 | - Rewrote squid/dnsserver interface to use smaller, single-line | |
3660 | messages. | |
3661 | - Rewrote 'dns' cachemgr output to use a table format. | |
3662 | - Rewrote a lot of dnsserver.c. | |
3663 | - Added eventAddIsh() for semi-random event scheduling. | |
3664 | - Fixed an ftpTimeout bug for sessions which use PORT | |
3665 | commands. | |
3666 | - Fixed ftp.c to recognized invalid PASV replies (e.g. | |
3667 | port == 0). | |
3668 | - Removed hash_insert(). All hasing uses hash_join() now. | |
3669 | - Renamed hash_unlink() to hash_remove_link(). | |
3670 | - Added hashPrime() to find closes prime hash table size | |
3671 | to a given value. | |
3672 | - Fixed Keep-Alive ratio counting bug which prevented | |
3673 | persistent connections from being used between cache | |
3674 | peers. | |
3675 | - Changed icmp.c to NOT queue messages sent from squid to | |
3676 | the pinger program. | |
3677 | - Changed icp_v2.c to NOT queue ICP messages by default. | |
3678 | But they will be queued and resent once if the first | |
3679 | send fails. Counters.icp.queued_replies counts the | |
3680 | number of messaages queued. | |
3681 | - Cleaned up ICP logging. | |
3682 | - Added identTimeout(). | |
3683 | - Fixed ipcache reply counting bug. Overcounted dnsserver | |
3684 | replies for partial replies. | |
3685 | - Added urlInternal() for building internal Squid URLs. | |
3686 | - Changed peerAllowedToUse() to check both 'cache_peer_domain' | |
3687 | AND 'cache_peer_acl' configurations. This should be changed | |
3688 | in the fugure to use ONLY cache_peer_acl. | |
3689 | - Changed DEAD/REVIVED neighbor detection to avoid reporting | |
3690 | so many false deaths. (Joe Ramey). | |
3691 | - Added some preliminary code to support "cache digests." | |
3692 | - Fixed pumpClose() coredumps (?). | |
3693 | - Updated cachemgr 'info' output to show median service | |
3694 | times for various categories. | |
3695 | - Fixed ABW bug in storeDirWriteCleanLogs(). sizeof(off_t) | |
3696 | != sizeof(int) for Alphas. | |
3697 | - Fixed potential alignment problem in storeDirWriteCleanLogs(). | |
3698 | - Fixed store_rebuild.c to NOT replace current, but | |
3699 | not-swapped-out StoreEntry's with on-disk entries. | |
3700 | - Changed storeCleanup() to call storeRelease on invalid | |
3701 | entries which don't have a swapfile (i.e. no unlink() | |
3702 | penalty). | |
3703 | - Fixed storeSwapInStart() to fail for unvalidated | |
3704 | entries. | |
3705 | - SNMP changes: | |
3706 | . renovated mib and added descriptions and comments | |
3707 | . added hit and byte counters to client_db , for | |
3708 | cacheClientTable | |
3709 | . cacheClientTable, netdbTable, cachePeerTable, | |
3710 | cacheConnTable now indexed by ip address. hash_lookup was | |
3711 | enhanced to allow for subsequent hash_next's similar to | |
3712 | hash_first, to speed up getnext's in tables which refer to | |
3713 | hash-table structures. | |
3714 | . added generic (well, sorf of) table indexing functionality | |
3715 | . added makefile dependencies for snmplib and cache_snmp.h | |
3716 | . WaisHost, WaisPort, Timeouts removed | |
3717 | . FdTable split into FdTable and ConnTable. FdTable simplified | |
3718 | . PeerTable and PeerStat merged and put into new cacheMesh | |
3719 | group | |
3720 | . cacheClientTable added for client statistics and accounting | |
3721 | (cacheMesh 2) | |
3722 | . cacheSec and cacheAccounting groups removed | |
3723 | . fixed acl bug when communities not defined | |
3724 | . snmp_acl now survives bad configuration | |
81d0c856 | 3725 | |
9a713ffb | 3726 | Changes to squid-1.2.beta18 (Mar 23, 1998): |
3727 | ||
275d9f2e | 3728 | - Added v1.1 'test_reachability' option. |
3729 | - Fixed hash4() len == 0 bug. | |
2c26197b | 3730 | - Fixed Config.Swap.maxSize reconfigure bug. |
3731 | - Fixed ICP query bug determining request method. | |
3732 | - Moved ICP's storeGet() cache lookup into neighborsUdpAck() | |
3733 | so that we know neighbors are alive even when they send | |
3734 | us replies for unknown entries. | |
3735 | - Changed configure script to add '-std1' for Digital Unix cc. | |
3736 | - Fixed SNMP sizeof(int) / sizeof(long) bugs for 64-bit | |
3737 | systems. | |
3738 | - Added support for 'Cache-Control: Only-If-Cached' request header. | |
34ad1721 | 3739 | - Fixed CheckQuickAbort() bugs for multiple clients on one |
3740 | StoreEntry. Also changed storePendingNClients() to return | |
3741 | mem->nclients instead of counting the number of store_client | |
3742 | entries with pending callback functions. | |
275d9f2e | 3743 | |
041b157e | 3744 | Changes to squid-1.2.beta17 (Mar 17, 1998): |
3745 | ||
df43fc93 | 3746 | - SNMP MIB version check changed to non-rcs. |
02922e76 | 3747 | - Added memory pools for variable size objects (strings). |
3748 | There are three pools; for small, medium, and large objects. | |
3749 | - Extended String object to use memory pools. Most fixed size char | |
3750 | array fields will be replaced using string pools. Same for most | |
3751 | malloc()-ed buffers. | |
5e14bf6d | 3752 | - Changed icon handling to use the hostname and port of the squid |
9ed90c85 | 3753 | server, instead of the special hostname "internal.squid" |
3754 | (Henrik Nordstrom). | |
5e14bf6d | 3755 | - All icons are now configured in mime.conf. No hardcoded icons, |
f8360ee3 | 3756 | including gohper icons (Henrik Nordstrom). |
459f2559 | 3757 | - Fixed ICP bug when we send queries, but expect zero |
3758 | replies. | |
ed9c0b33 | 3759 | - Fixed alignment/casting bugs for ICP messages. |
2b5b6324 | 3760 | - A generic client-to-server "pump" was added to handle HTTP |
3761 | PUT as well as POST methods on the client-cache side. Based on | |
3762 | "pump" PUT requests can be made to either HTTP or FTP url's. | |
3763 | Code is still beta and interoperability with browsers etc has | |
3764 | not been tested. | |
3765 | - Put #ifdefs around 'source_ping' code. | |
5e14bf6d | 3766 | - Added missing typedef for _arp_ip_data (Wesha). |
3767 | - Added regular-expression-based ACLs for client and server | |
3768 | domain names (Henrik Nordstrom). | |
3769 | - Fixed ident-related coredumps from incorrect callback data. | |
3770 | - Fixed parse_rfc1123() "space" bug. | |
3771 | - Fixed xrealloc() XMALLOC_DEBUG bug (not calling check_free()).. | |
3772 | - Fixed some src/asn.c end-of-reply bugs and memory leaks. | |
3773 | - Fixed some peer->options flag-setting bugs. | |
3774 | - Fixed single-parent feature to work again | |
3775 | - Removed 'single_parent_bypass' configuration option; instead | |
3776 | just use 'no-query'. | |
3777 | - Surrounded 'source_ping' code with #ifdefs. | |
3778 | - Changed 'deny_info URL' to use a custom Error page. | |
3779 | - Modified src/client.c for testing POST requests. | |
041b157e | 3780 | - Fixed hash4() for SCO (Vlado Potisk). |
459f2559 | 3781 | |
7ba777f2 | 3782 | Changes to squid-1.2.beta16 (Mar 4, 1998): |
3783 | ||
447203a7 | 3784 | - Added Spanish error messages from Javier Puche. |
02922e76 | 3785 | - Added Portuguese error messages from Pedro Lineu Orso |
0965bd19 | 3786 | - Added a simple but very effective hack to cachemgr.cgi that tries to |
3787 | interpret lines with '\t' as table records and formats them | |
3788 | accordingly. With a few exceptions (see source code), first line | |
3789 | becomes a table heading ("<th>" html tag) and the rest is formated | |
3790 | with "<td>" tags. | |
7021844c | 3791 | - Added "mem_pools_limit" configuration option. Semantics of |
3792 | "mem_pools" option has also changed a bit to reflect new memory | |
3793 | management policy. | |
7ba777f2 | 3794 | - Reorganized memory pools. Squid now supports a global pool |
3795 | limit instead of individual pool limits. Per-pool limits can be | |
3a88d597 | 3796 | implemented on top of the current scheme if needed, but it is |
7ba777f2 | 3797 | probably hard to guess their values. Squid distributes pool |
3798 | memory among "frequently allocated" objects. There is a | |
3799 | configurable limit on the total amount of "idle" memory to be | |
3800 | kept in reserve. All requests that exceed that amount are | |
3801 | satisfied using malloc library. Support for variable size | |
3802 | objects (mostly strings) will be enabled soon. | |
3803 | - memAllocate() has now only one parameter. Objects are always | |
3804 | reset with 0s. (We actually never used that parameter before; | |
3805 | it was always set to "clear"). | |
3806 | - Added Squid "signature" to all ERR_ pages. The signature is | |
3807 | hardcoded and is added on-the-fly. The signature may use | |
3808 | %-escapes. Added interface to add more hard-coded responses if | |
3809 | needed (see errorpage.c::error_hard_text). | |
3810 | - Both default and configured directories are searched for ERR_ | |
3811 | pages now. Configured directory is, of course, searched first. | |
3812 | This allows you to customize a subset of ERR_ pages (in a | |
3813 | separate directory) without danger of getting other copies out | |
3814 | of sync. | |
3815 | - Security controls for the SNMP agent added. Besides | |
3816 | communities (like password) and views (part of tree | |
3817 | accessible), the snmp_acl config option can be used to do acl | |
3818 | based access checks per community. | |
3819 | - SNMP agent was heavily re-written, based on cmu-snmpV1.8. You | |
3820 | can now walk through the whole mib tree. Several new variables | |
3821 | added under cacheProtoAggregateStats | |
12cf1be2 | 3822 | - Added rudimental statistics for HTTP headers. |
7ba777f2 | 3823 | - Adjusted StatLogHist to a more generic/flexible StatHist. |
12cf1be2 | 3824 | Moved StatHist implementation into a separate file. |
178dbda2 | 3825 | - Added FTP support for PORT if PASV fails, also try the |
3826 | default FTP data port (Henrik Nordstrom). | |
3827 | - Fixed NULL pointer bug in clientGetHeadersForIMS when a | |
3828 | request is cancelled for fails on the client side. | |
3829 | - Filled in some squid.conf comments (never_direct, | |
3830 | always_direct). | |
3831 | - Added RES_DNSRCH to dnsserver's _res.options when the | |
3832 | -D command line option is given. | |
3833 | - Fixed repeated Detected DEAD/REVIVED Sibling messages when | |
3834 | peer->tcp_up == 0 (Michael O'Reilly). | |
3835 | - Fixed storeGetNextFile's incorrect "directory does not exist" | |
3836 | errors (Michael O'Reilly). | |
3837 | - Fixed aiops.c race condition (Michael O'Reilly, Stewart | |
3838 | Forster). | |
3839 | - Added 'dns_nameservers' config option to specify non-default | |
3840 | DNS nameserver addresses (Maxim Krasnyansky). | |
3841 | - Added lib/util.c code to show memory map as a tree | |
3842 | (Henrik Nordstrom). | |
3843 | - Added HTTP and ICP median service times to Counters and | |
3844 | cachemgr average stats. | |
3845 | - Changed "-d" command line option to take debugging level | |
3846 | as argument. Debugging equal-to or less-than the argument | |
3847 | will be written to stderr. | |
3ff01c3e | 3848 | - Removed unused urlClean() function from url.c. |
adba4a64 | 3849 | - Fixed a bug that allowed '?' parts of urls to be recorded in |
ef65d6ca | 3850 | store.log. Logged urls are now "clean". |
178dbda2 | 3851 | - Cache Manager got new Web interface (cachemgr.cgi). New .cgi |
3852 | script forwards basic authentication from browser to squid. | |
3853 | Authentication info is encoded within all dynamically generated | |
3854 | pages so you do not have to type your password often. | |
3855 | Authentication records expire after 3 hours (default) since | |
3856 | last use. Cachemgr.cgi now recognizes "action protection" types | |
3857 | described below. | |
3858 | - Added better recognition of available protection for actions | |
3859 | in Cache Manager. Actions are classified as "public" (no | |
3860 | password needed), "protected" (must specify a valid password), | |
3861 | "disabled" (those with a "disable" password in squid.conf), and | |
3862 | "hidden" (actions that require a password, but do not have | |
3863 | corresponding cachemgr_passwd entry). If you manage to request | |
3864 | a hidden, disabled, or unknown action, squid replies with | |
3865 | "Invalid URL" message. If a password is needed, and you failed | |
3866 | to provide one, squid replies with "Access Denied" message and | |
3867 | asks you to authenticate yourself. | |
3868 | - Added "basic" authentication scheme for the Cache Manager. | |
3869 | When a password protected function is accessed, Squid sends an | |
3870 | HTTP_UNAUTHORIZED reply allowing the client to authorize itself | |
3871 | by specifying "name" and "password" for the specified action. | |
3872 | The user name is currently used for logging purposes only. The | |
3873 | password must be an appropriate "cachemgr_passwd" entry from | |
3874 | squid.conf. The old interface (appending @password to the url) | |
3875 | is still supported but discouraged. Note: it is not possible | |
3876 | to pass authentication information between squid and browser | |
3877 | *via a web server*. The server will strip all authentication | |
3878 | headers coming from the browser. A similar problem exists for | |
3879 | Proxy-Authentication scheme. | |
3880 | - Added ERR_CACHE_MGR_ACCESS_DENIED page to notify of | |
3881 | authentication failures when accessing Cache Manager. | |
63259c34 | 3882 | - Added "-v" (Verbose) and "-H" (extra Headers) options to client.c. |
178dbda2 | 3883 | - Added simple context-based debugging to debug.c. Currently, |
3884 | the context is defined as a constant string. Context reporting | |
3885 | is triggered by debug() calls. Context debugging routines | |
3886 | print minimal amount of information sufficient to describe | |
3887 | current context. The interface will be enhanced in the future. | |
3888 | - Replaced _http_reply with HttpReply. HttpReply is a | |
3889 | stand-alone object that is responsible for parsing, swapping, | |
3890 | and comm_writing of HTTP replies. Moved these functions from | |
3891 | various modules into HttpReply module. | |
8bfcd557 | 3892 | - Added HttpStatusLine, HttpHeader, HttpBody. |
178dbda2 | 3893 | - All HTTP headers are now parsed and stored in a "compiled" |
3894 | form in the HttpHeader object. This allows for a great | |
3895 | flexibility in header processing and builds basis for support | |
3896 | of yet unsupported HTTP headers. | |
3897 | - Added Packer, a memory/store redirector with a printf | |
3898 | interface. Packer allows to comm_write() or swap() an object | |
3899 | using a single routine. | |
3900 | - Added MemBuf, a auto-growing memory buffer with printf | |
3901 | capabilities. MemBuf replaces most of old local buffers for | |
3902 | compiling text messages. | |
3903 | - Added MemPool that maintains a pre-allocated pool of opaque | |
3904 | objects. Used to eliminate memory thrashing when allocating | |
3905 | small objects (e.g. field-names and field-value in http | |
3906 | headers). | |
8bfcd557 | 3907 | |
3197e644 | 3908 | Changes to squid-1.2.beta15 (Feb 13, 1998): |
3909 | ||
55647891 | 3910 | NOTE: This version has changes which may cause all or part |
3911 | of your cache to be lost. However, you can problably | |
3912 | save most of it by doing a slow restart. Specifically: | |
3913 | ||
3914 | 1. Kill the running squid-1.2.beta14 process; wait for it to | |
3915 | fully exit. | |
3916 | 2. Remove all 'swap.state*' files, either in each cache_dir, or | |
3917 | as defined in your squid.conf | |
3918 | 3. Start squid-1.2.beta15. The store will be rebuilt from the | |
3919 | existing swap files, reading the directories and opening | |
3920 | the files. | |
3921 | ||
bcfbdc11 | 3922 | - Fixed some problems related to disk (and pipe) write error |
3923 | handling. file_close() doesn't always close the file | |
3924 | immediately; i.e. when there are pending buffers to write. | |
3925 | StoreEntry->lock_count could become zero while a write is | |
3926 | pending, then bad things happen during the callback. | |
3927 | - The file_write() callback data must now be in the callback | |
3928 | database (cbdata). We now use the swapout_ctrl_t structure | |
3929 | for the callback data; it stays around for as long as we are | |
3930 | swapping out. | |
3931 | - Changed the way write errors are handled by diskHandleWrite. | |
3932 | If there is no callback function, now we exit with a fatal | |
3933 | message under the assumption that the file in question is a | |
3934 | log file or IPC pipe. Otherwise, we flush all the pending | |
3935 | write buffers (so we don't see multiple repeated write errors | |
3936 | from the same descriptor) and let the upper layer decide how | |
3937 | to handle the failure. | |
3938 | - Fixed storeDirWriteCleanLogs. A write failure was leaving | |
3939 | some empty swap.state files, even though it tells us that its | |
3940 | "not replacing the file." Don't flush/rename logs which we | |
3941 | have prematurely closed due to write failures, indiciated by | |
3942 | fd[dirn] == -1. Close these files LAST, not before | |
3943 | renaming. | |
3944 | - Fixed storeDirClean to clean directories in a more sensible | |
3945 | order, instead of the new "MONOTONIC" order for swap files. | |
0465e406 | 3946 | - Merged fdstat.c functions into fd.c. |
3947 | - Cleaned up some debugging sections. Some unrelated source | |
3948 | files were using the same section. | |
3949 | - Removed curly brackets from all cachemgr output. | |
3950 | - Removed unused filemap->last_file_number_allocated member. | |
3951 | - Removed unused fde->lifetime_data member. | |
3952 | - Fixed incorrectly applying htonl() on icp_common_t->shostid. | |
3953 | - Call setsid() before exec() in ipc.c so that child processes | |
3954 | don't receive SIGINT (etc) when running squid on a tty. | |
2f2dd5ad | 3955 | - Changed StoreEntry->object_len to ->swap_file_sz so we |
3956 | can verify the disk file size at restart. Moved object_len | |
3957 | to MemObject->object_sz. Note object_sz is initialized | |
3958 | to -1. If object_sz < 0, then we need to open the swap | |
3959 | file and read the swap metadata. | |
3960 | - Changed store_client->mem to ->entry because we need | |
3961 | e->swap_file_sz to set mem->object_sz at swapin. | |
2f2dd5ad | 3962 | - Renamed storeSwapData structure to storeSwapLogData. |
3963 | - Fixed storeGetNextFile to not increment d->dirn. Added | |
3964 | check for opendir() failure. | |
3965 | - Fixed storeRebuildStart to properly link the directory | |
3966 | list for storeRebuildfromDirectory mode. | |
e157f97f | 3967 | - Added -S command line option to double-check store |
3968 | consistency with disk files in storeCleanup(). | |
3969 | - Fixed a problem with transactional logging. In many | |
3970 | cases we were adding the public cache key and then | |
3971 | logging a delete for the private key. This is worthless | |
3972 | because during rebuild we could not locate the previous | |
3973 | public-keyed entry. Now we assert that only public-keyed | |
3974 | entries can be logged to swap.state. storeSetPublicKey() | |
3975 | and storeSetPrivateKey() have been modified to log an | |
3976 | ADD or DEL when the key changes. | |
3977 | - Fixed storeDirClean bug. Needed to call | |
3978 | storeDirProperFileno() so the "dirn bits" get set. | |
3979 | - Fixed a storeRebuildFromDirectory bug. fullpath[] and | |
3980 | fullfilename[] were static to that function and did | |
3981 | not change when the "rebuild_dir" arg did. Moved these | |
3982 | buffers to the rebuild_dir structure. | |
3983 | - In storeRebuildFromSwapLog, we were calling storeRelease() | |
3984 | for cache key collisions. This only set the RELEASE_REQUEST | |
3985 | bit and did not clear the swap_file_number in the filemap or | |
3986 | in the StoreEntry, so the swap file could get unlinked later | |
3987 | when it was really released. | |
4e0f0471 | 3988 | - Fixed FTP so that ';type=X' specifically sets the HTTP reply |
3989 | content-type and content-encoding (Henrik Nordstrom). | |
3990 | - Removed 'icon_content_type' configuration option. Content | |
3991 | types now taken from mime.conf (Henrik Nordstrom). | |
2a9b2b73 | 3992 | - Added additional memory malloc tracing and memory leak |
3993 | detection. Use --enable-xmalloc-debug-trace configure | |
3994 | option and -m command line option (Henrik Nordstrom). | |
bcfbdc11 | 3995 | |
93169941 | 3996 | Changes to squid-1.2.beta14 (Feb 6, 1998): |
3997 | ||
5471db88 | 3998 | - Replaced snmplib free() calls with xfree(). |
3999 | - Changed the 'net_db_name' hash table structure to | |
4000 | make it easier to move names from one network to another | |
4001 | (copied from 1.1 code). | |
93169941 | 4002 | - Filled in some of the config dump routines (dump_acl, |
4003 | dump_acl_access). | |
4004 | - Full memory debugging option (--enable-xmalloc-debug-trace) | |
4005 | (Henrik Nordstrom). | |
4006 | - Filled-in and clarified many squid.conf comments (Oskar | |
4007 | Pearson). | |
4008 | - Fixed up handling of SWAP_LOG_DEL swap.state entries. | |
5471db88 | 4009 | |
f91834bf | 4010 | Changes to squid-1.2.beta13 (Feb 4, 1998): |
f577e074 | 4011 | |
b4512acd | 4012 | - NOTE: With this version the "swap.state" file format has |
4013 | changed. Running this version for the first time will | |
4014 | cause your current cache contents to be lost! | |
f91834bf | 4015 | - NOTE: this version still has the bug where we don't rewind |
4016 | a swapout file and rewrite the swap meta data. Objects | |
4017 | larger than 8KB will be lost when rebuilding from the swap | |
4018 | files. | |
d04dd4bf | 4019 | - Combined various interprocess communication setup functions |
4020 | into ipcCreate(). | |
4021 | - Removed some leftover ICP_HIT_OBJ things. | |
4022 | - Removed cacheinfo and proto_count() and friends; these are to | |
4023 | be replaced in functionality by StatCounters and 5/60 minute | |
4024 | average views via cachemgr. | |
4025 | - Fixed --enable-acltree configure message (Masashi Fujita). | |
4026 | - Fixed no reference to @LIB_MALLOC@ in src/Makefile.in | |
4027 | (Masashi Fujita). | |
4028 | - Fixed building outside of source tree (Masashi Fujita). | |
dbfed404 | 4029 | - FTP: Format NLST listings, and inform the user that the NLST |
4030 | (plain) format is available when we find a LIST listing that we | |
4031 | don't understand (Henrik Nordstrom) | |
4032 | - FTP: Use SIZE on Binary transfers, and not ASCII. The | |
4033 | condition was inversed, making squid use SIZE on ASCII | |
4034 | transfers (Henrik Nordstrom). | |
4035 | - Enable virtual and Host: based acceleration in order to be | |
4036 | able to use Squid as a transparent proxy without breaking | |
4037 | either virtual servers or clients not sending Host: header | |
4038 | the order of the virtual and Host: based acceleration needs | |
4039 | to be swapped, giving Host: a higher precendence than virtual | |
4040 | host (Henrik Nordstrom). | |
4041 | - Use memmove/bcopy as detected by configure Some systems does | |
4042 | not have memmove, but have the older bcopy implementation | |
4043 | (Henrik Nordstrom). | |
6cf028ab | 4044 | - Completely rewritten aiops.c that creates and manages a pool |
4045 | of threads so thread creation overhead is eliminated (SLF). | |
4046 | - Lots of mods to store.c to detect and cancel outstanding | |
4047 | ASYNC ops. Code is not proven exhaustive and there are | |
4048 | definately still cases to be found where outstanding disk ops | |
4049 | aren't cancelled properly (SLF). | |
4050 | - Changes to call interface to a few routines to support disk | |
4051 | op `tagging', so operations can be cleanly cancelled on | |
4052 | store_abort()s (SLF). | |
4053 | - Implementation of swap.state files as transaction logs. | |
4054 | Removed objects are now noted with a negative object size. | |
4055 | This allows reliatively clean rebuilds from non-clean | |
4056 | shutdowns (SLF). | |
4057 | - Now that the swap.state files are transaction logs, there's | |
4058 | now no need to validate by stat()ing. All the validation | |
4059 | procedure does is now just set the valid bit AFTER all the | |
4060 | swap.state files have been read, because by that time, only | |
4061 | valid objects can be left. Object still need to be marked | |
4062 | invalid when reading the swap.state file because there's no | |
4063 | guarantee the file has been retaken or deleted (SLF). | |
4064 | - An fstat() call is now added after every | |
4065 | storeSwapInFileOpened() so object sizes can be checked. Added | |
4066 | code to storeRelease() the object if the sizes don't match (SLF). | |
6474667e | 4067 | - #defining USE_ASYNC_IO now uses the async unlink() rather than |
4068 | unlinkd() (SLF). | |
6cf028ab | 4069 | - #defining MONOTONIC_STORE will support the creation of disk |
4070 | objects clustered into directories. This GREATLY improves disk | |
4071 | performance (factor of 3) over old `write-over-old-object' | |
4072 | method. If using the MONOTONIC_STORE, the | |
4073 | {get/put}_unusedFileno stack stuff is disabled. This is | |
4074 | actually a good thing and greatly reduces the risk of serving | |
4075 | up bad objects (SLF). | |
4076 | - Fixed unlink() in storeWriteCleanLogs to be real unlink() | |
4077 | rather than ASYNC/unlinkd unlinks. swap.state.new files were | |
4078 | being removed just after they were created due to delayed | |
4079 | unlinks (SLF). | |
4080 | - Disabled various assertions and made these into debug warning | |
4081 | messages to make the code more stable until the bugs can be | |
4082 | tracked down (SLF). | |
4083 | - Added most of Michael O'Reilly's patches which included many | |
4084 | bug fixes. Ask him for full details (SLF). | |
4085 | - Moved aio_check_callbacks in comm_{poll|select}(). It was | |
4086 | called after the fdset had been built which was wrong because | |
4087 | the callbacks were changing the state of the read/write | |
4088 | handlers prior to the poll/select() calls (SLF). | |
f09f5b26 | 4089 | - Fixed ARP ACL memory leaks (Dale). |
f577e074 | 4090 | - Eliminated URL and SHA cache keys. Cache keys will always |
4091 | be MD5's now. | |
4092 | - Fixed up store swap meta data. | |
4093 | - Changed swap.state logs to a binary format. | |
f91834bf | 4094 | - The swap.state logs are written transaction-style. |
d04dd4bf | 4095 | |
b5cfbd5b | 4096 | Changes to squid-1.2.beta12 (Jan 30, 1998): |
4097 | ||
b4512acd | 4098 | - Added metadata headers to cache swap files. This is an |
4099 | incompatible change with previous versions. Running this | |
4100 | version for the first time will cause your current cache | |
4101 | contents to be lost. | |
9fc0b4b8 | 4102 | - -D_REENTRANT when linking with -lpthreads (Henrik Nordstrom) |
4103 | - Show symlink destinations as a hyperlink in FTP listings | |
4104 | (Henrik Nordstrom) | |
3a4eaced | 4105 | - Fixed not allocating enough space for rewriting URLs with |
4106 | the Host: header (Eric Stern). | |
4107 | - Year-2000 fixes (Arjan de Vet). | |
4108 | - Fixed looping for cache hits on HEAD requests. | |
fc6dc767 | 4109 | - Fixed parseHttpRequest() coredump for |
6474667e | 4110 | "GET http://foo HTTP/1.0\r\n\r\n\r\n" |
9fc0b4b8 | 4111 | |
9f802cb1 | 4112 | Changes to squid-1.2.beta11 (Jan 6, 1998): |
4113 | ||
fd82d0b0 | 4114 | - Fixed fake 'struct rusage' definition which prevented compling |
4115 | on Solaris 2.4. | |
4116 | - Fixed copy-by-ref bug for request->headers in | |
4117 | clientRedirectDone() (Michael O'Reilly). | |
812db943 | 4118 | - Workaround for Solaris pthreads closing FD 0 upon fork() |
4119 | (Michael O'Reilly). | |
05fd71a7 | 4120 | - Fixed shutdown bug with outgoing UDP sockets; we need to |
4121 | disable their read handlers. | |
4122 | - For comm_poll(), use the fast 50 msec timeout only when | |
4123 | USE_ASYNC_IO is defined. | |
1fbc6de3 | 4124 | - Fixed pointer bug when freeing AS# ACL entries. |
4125 | - Fixed forgetting to reset Config.npeers to zero in free_peer(). | |
0f6bdbfa | 4126 | - Fixed ICP bug causing excessive TIMEOUTs with sibling |
4127 | neighbors. We must call the ICP reply callback even for | |
4128 | sibling misses. | |
4129 | - Fixed some dnsserver-related reconfigure bugs. Need to | |
4130 | use cbdataLock, etc in fqdncache.c. Also don't want to | |
4131 | use ipcacheQueueDrain() and fqdncacheQueueDrain(). | |
4132 | - Fixed persistent connection bug. We were incorrectly | |
4133 | deciding that non-200 replies without content-length | |
4134 | would not have a reply body. | |
4135 | - Fixed intAverage() precedence bug. | |
4136 | - Fixed memmove() 'len' arg bug. | |
4137 | - Changed algorithm for determining alive/dead state of peers. | |
4138 | Instead of using a fixed number of unacknowledged ICP | |
4139 | replies, it is now based on timeouts. If there are no ICP | |
4140 | replies received from a peer within 'dead_peer_timeout' | |
4141 | seconds, then we call it dead. | |
4142 | - Added calls to getCurrentTime() in | |
4143 | comm_{select,poll}_incoming() when ALARM_UPDATES_TIME is not | |
4144 | being used. | |
4145 | - Fixed shutdown bug when the incoming and outgoing ICP socket | |
4146 | is the same file descriptor. | |
e970f357 | 4147 | - Added buffered writes for storeWriteCleanLogs() (Stewart |
4148 | Forster). | |
4149 | - Patches for Qnx4 (Jean-Claude MICHOT). | |
4150 | - Fixed returning void functions which seems to be a GCC-ism. | |
e5f4e1b0 | 4151 | - New configure script options (Henrik Nordstrom): |
4152 | --enable-new-storekey=[sha|md5(|url)] (was --enable-hashkey) | |
4153 | --enable-acltree | |
4154 | --enable-icmp | |
4155 | --enable-delay-hack | |
4156 | --enable-useragent-log | |
4157 | --enable-kill-parent (this should be named -hack) | |
4158 | --enable-snmp | |
4159 | --enable-time-hack | |
4160 | --enable-cachemgr-hostname[=hostname] (new) | |
4161 | --enable-arp-acl (new) | |
4162 | - Added Doug Lea malloc-2.6.4 to the distribution, so that | |
4163 | people easily can try a decent malloc package if they syspect | |
4164 | their malloc is broken. --enable-dlmalloc (Henrik Nordstrom). | |
4165 | - Made XMALLOC_DEBUG_COUNT working again. Requires a small stub | |
4166 | function (Henrik Nordstrom). | |
4167 | - Removed top-level Makefile. People must now run 'configure' | |
4168 | before 'make'. | |
714ace98 | 4169 | - Fixed checkFailureRatio() implementation. |
82b3c7d9 | 4170 | - Made 'squid -z' behave like the 1.1 version. |
e5f4e1b0 | 4171 | |
fd82d0b0 | 4172 | |
ab9a3f7e | 4173 | Changes to squid-1.2.beta10 (Jan 1, 1998): |
4174 | ||
4175 | - Fixed content-length bugs for 204 replies, 304 replies, | |
4176 | and HEAD requests (Henrik Nordstrom). | |
4177 | - Fixed errorAppendEntry() bug in gopherReadReply(). | |
4178 | - Basic support for FTP URL typecodes (;type=X). | |
9c965c1b | 4179 | - Support for access controls based on ethernet MAC addresses |
ab9a3f7e | 4180 | (Dale). |
4181 | - Initial URN support; see | |
4182 | http://squid.nlanr.net/Squid/urn-support.html | |
4183 | - Fixed client-side persistent connections for objects with | |
4184 | bad content lengths (Henrik Nordstrom). | |
4185 | - Fixed bad call to storeDirUpdateSwapSize() for objects which | |
4186 | never reach SWAPOUT_DONE state. | |
68e3a9df | 4187 | - Fixed up poll() #defines in squid.h (Stewart Forster). |
4188 | - Changed poll() timeout from 1000 msec to 50 msec for | |
4189 | better performance under low load (Stewart Forster). | |
e7a1fde6 | 4190 | - Changed storeWriteCleanLogs() to write objects in the LRU |
4191 | list order instead of the random hash table order. | |
109ff6af | 4192 | - Fixed FTP bug when data socket connections fail or timeout. |
4193 | - Reuse FTP data connection when possible (Henrik Nordstrom). | |
4194 | - Added configure options (Henrik Nordstrom) | |
4195 | --enable-store-key=sha|md5 | |
4196 | --enable-xmalloc-statistics | |
4197 | --enable-xmalloc-debug | |
78743365 | 4198 | --enable-xmalloc-debug-count |
4199 | --async-io | |
109203bf | 4200 | - Fixed confusing with the use/meaning of ERR_CANNOT_FORWARD |
4201 | by creating ERR_FORWARDING_DENIED and changing the | |
4202 | content of the ERR_CANNOT_FORWARD text. | |
4e9c07c1 | 4203 | - Fixed pipeline request bug from using strdup() (Henrik |
4204 | Nordstrom). | |
4205 | - Call clientReadRequest() directly instead of commSetSelect() | |
4206 | for pipelined requests (Henrik Nordstrom). | |
1b02b5be | 4207 | - Fixed 4k page leak in icpHandleIMSReply(); |
4208 | - Renamed 'icp*' functions to 'client*' names in client_side.c. | |
e7a1fde6 | 4209 | |
b90a0f8d | 4210 | Changes to squid-1.2.beta8 (Dec 2, 1997): |
4211 | ||
eae03fc8 | 4212 | - Fixed accessLogLog() to log ident from Proxy-Authorization |
4213 | request header (BoB Miorelli). | |
226f9ba2 | 4214 | - Fixed #includes, prototypes, etc. in SNMP source files. |
4215 | - Moved 'POLLRDNORM' and 'POLLWRNORM' macro checks from | |
4216 | include/config.h.in to src/squid.h | |
4217 | - Moved 'num32' typedefs from src/typedefs.h to | |
4218 | include/config.h.in. | |
4219 | - Moved snmplib/md5.c to lib/md5.c. | |
4220 | - Added MD5 cache key support. | |
4221 | - Removed xmalloc() return check in uudeocde.c | |
4222 | - Added 'ifdef' support to cf_gen.c for optional code (e.g. SNMP) | |
4223 | - Changed 'client' program to provide easier cache manager access, | |
3ff01c3e | 4224 | e.g.: 'client mgr:info' |
226f9ba2 | 4225 | - Fixed 'client' to send 'Connection' instead of 'Proxy-Connection' |
4226 | for simulated keep-alive requests. | |
4227 | - Removed 'fd' arg from clientProcess* functions. | |
9e3468d5 | 4228 | - Fixed bugs from using errorSend() on persistent/pipelined |
226f9ba2 | 4229 | client connections. A latter request should not be allowed to |
4230 | write to the client fd until the current request completes. | |
4231 | Now use errorAppendEntry() for such situations. | |
4232 | - Fixed content-length bugs. We were using content-length == 0 | |
4233 | to also indicate a lack of content-length reply header. But | |
4234 | 'content-length: 0' might appear in a reply, so now use -1 to | |
4235 | indicate that no content length given. | |
4236 | - Split up clientProcessRequest() into smaller chunks so it | |
4237 | might be easier to follow. | |
4238 | - renamed various client_side.c functions to start with 'client' | |
4239 | instead of 'icp'. | |
4240 | - Fixed a 'cbdata leak' from the comm.c close handlers. | |
4241 | - Fixed a 'cbdata leak' from the comm.c connect routines. | |
4242 | - Fixed comm_select() and comm_poll() to stop looping on the | |
4243 | incoming HTTP/ICP sockets. If there are fewer than 7 FD's | |
4244 | ready for I/O, the incoming sockets might not get service, so | |
4245 | comm_select() would be called for up to 7 times until the | |
4246 | 'incoming_counter' was incremented enough to trigger a call | |
4247 | to comm_select_incoming(). Now we make sure | |
4248 | comm_select_incoming() gets called if select returns less | |
4249 | than 7 ready FD's. | |
9e3468d5 | 4250 | - Added errorpage '%B' token to generate FTP URLs with a '%2f' |
4251 | inserted at the start of the url-path. calls ftpUrlWith2f(). | |
4252 | (Henrik Nordstrom). | |
226f9ba2 | 4253 | - Changed fqdncache.c to use LRU double-linked list instead of qsort() |
4254 | for replacement and cachemgr output. | |
4255 | - Changed ipcache.c to use LRU double-linked list instead of qsort() | |
4256 | - Changed hash_insert() and hash_join() to return void. | |
4257 | for replacement and cachemgr output. | |
4258 | - Moved StoreEntry->method member to MemObject->method. | |
4259 | - Made StoreEntry->flags 16 bits. | |
4260 | - Made StoreEntry->refcount 16 bits. | |
4261 | - Changed URL-based public cache key to always include the request | |
4262 | method. | |
eae03fc8 | 4263 | |
95bc9f0b | 4264 | Changes to squid-1.2.beta7 (Nov 24, 1997): |
4265 | ||
6a11653c | 4266 | - Fixed poll() for Linux (David Luyer). |
4267 | - SHA optimizations (David Luyer). | |
4268 | - Fixed errno clashes with macro on Linux (David Luyer). | |
4269 | - Fixed storeDirCloseSwapLogs(); logs might not be open. | |
4270 | - Fixed storeClientCopy2() bug. Detect when there is | |
4271 | no more data to send for objects in STORE_OK state. | |
19ee64b1 | 4272 | - Fixed FTP truncation bug when ftpState->size == 0, e.g. |
4273 | especially directory listings. | |
95bc9f0b | 4274 | - Mega FTP fix from Henrik Nordstrom. A better job of |
4275 | implementing the '%2f' hack. | |
4276 | - Fixed some pipelined request bugs. storeClientCopy() was | |
4277 | being given the wrong StoreEntry, and we had a race condition | |
4278 | which is now handled by storeClientCopyPending(). | |
99077fe6 | 4279 | - Added initial SNMP support. |
6a11653c | 4280 | |
2c9b45c9 | 4281 | Changes to squid-1.2.beta6 (Nov 13, 1997): |
4282 | ||
1b5516d3 | 4283 | - Fixed Authorized responses getting swapped out when they |
4284 | don't have Proxy-Revalidate reply header. | |
4285 | - Fixed Proxy Authentication support. We never sent back | |
4286 | a 407 reply, and were incorrectly incrementing the passwd | |
4287 | before comparing it. | |
4288 | - Fixed stat()ing pathnames for default values before parsing | |
4289 | config file (Ron Gomes). | |
4290 | - Fixed logging request and response headers on separate lines | |
4291 | (Ron Gomes). | |
4292 | - Fixed FTP Authentication message (Henrik Nordstrom). | |
4293 | - Changed Proxy Authentication to trigger a reread of the passwd | |
4294 | file if a password check fails (Henrik Nordstrom). | |
4295 | - Changed FTP to retry the first CWD with a leading slash if it | |
4296 | fails without one. | |
4297 | ||
8c17a569 | 4298 | Changes to squid-1.2.beta5 (Nov 6, 1997): |
4299 | ||
90045285 | 4300 | - Track the 'keep-alive ratio' for a peer as the ratio of |
4301 | the number of replies including 'Proxy-Connection: Keep-Alive' | |
4302 | compared to the number of requests sent. If the peer does | |
4303 | not support Persistent connections then this ratio will tend | |
4304 | toward zero. If the ratio is less than 50% after 10 requests | |
4305 | then we'll stop sending Keep-Alive. | |
8c3994aa | 4306 | - Proper support for %nn escapes in FTP, and numerous |
4307 | other fixes (Henrik Nordstrom). | |
4308 | - Support for Secure Hash Algorithm and framework for other | |
4309 | hash functions as cache keys. | |
4310 | - Fixed SSL snprintf() bug which broke SSL proxying. | |
4311 | - Fixed store_dir swap log bug from reconfigure (SIGHUP). | |
8c17a569 | 4312 | - Fixed LRU Reference Age bug. The arg to pow() must be |
8031bd43 | 4313 | minutes, not seconds. |
90045285 | 4314 | |
9ddfb255 | 4315 | Changes to squid-1.2.beta4 (Oct 30, 1997): |
4316 | ||
a493f974 | 4317 | - Fixed DST bug in rfc1123.c |
4318 | - Changed default http_accel_port to 80. | |
4319 | - added errorCon() as a ErrorState constructor function | |
4320 | (Max Okumoto). | |
4321 | - Added ERR_FTP_FAILURE message for ftpFail(). | |
4322 | - For FTP, the timeout callback must be moved to the 'data' | |
4323 | descriptor when data transfer begins. Otherwise we are | |
4324 | likely to get a timeout on the control descriptor. | |
4325 | - Fixed double-free bug in httpRequestFree(). | |
4326 | - Fixed store_swap_size counting bug in storeSwapOutHandle(). | |
4327 | ||
409a6aad | 4328 | Changes to squid-1.2.beta3 (Oct 29, 1997): |
4329 | ||
4330 | - Initialize _res.options to RES_DEFAULT in dnsserver.c. | |
4331 | - Fix assertions which assumed 4-byte pointers. | |
4332 | - Fix missing % in fqdncache.c snprintf(). | |
4333 | ||
5a2d610b | 4334 | Changes to squid-1.2.beta2 (Oct 28, 1997): |
4335 | ||
8c3994aa | 4336 | - Fixed aiops.c and async_io.c so that they actually compile |
f5b8bbc4 | 4337 | with USE_ASYNC_IO (Arjan de Vet). |
4338 | - Fixed errState->errno causing problems with some macros | |
4339 | (Michael O'Reilly). | |
d287f51e | 4340 | - Fixed memory leaks in pconn.c (Max Okumoto). |
0866009b | 4341 | - Enhanced 'client' program with 'ping' behaviour (Ron Gomes). |
272547b5 | 4342 | - Fixed InvokeHandlers() from calling memCopy() for ALL |
4343 | store_client's with callbacks. A store_client might be reading | |
4344 | from disk. | |
5a2d610b | 4345 | - Rewrote storeMaintainSwapSpace(). No longer will we scan one |
272547b5 | 4346 | bucket at a time. Instead we'll maintain a single LRU |
4347 | list. When an object is 'touched' we move it to the | |
4348 | top of this list. When we need disk space, we delete | |
4349 | from the bottom. | |
5a2d610b | 4350 | - Removed storeGetSwapSpace(). |
f5b8bbc4 | 4351 | |
871f0b8a | 4352 | Changes to squid-1.2.beta1 (): |
4353 | ||
4354 | - Reworked storage manager to not keep objects in memory during | |
4355 | transit. In other words, no separate NOVM distribution. | |
4356 | - Lots of cleanup and debugging for beta release. | |
4357 | - Use snprintf() everywhere instead of sprintf(). | |
4358 | - The 'in_memory' hash table has been replaced with a | |
4359 | doubly-linked list. New objects are added to the head of | |
4360 | the list. When memory space is needed, old objects are | |
4361 | purged from the tail of the list. | |
4362 | ||
0edfe7a2 | 4363 | Changes to squid-1.2.alpha7 (): |
4364 | ||
c4958532 | 4365 | - fixes fixes fixes. |
4366 | - Made Arjan's PROXY_AUTH ACL patch standard. | |
0edfe7a2 | 4367 | |
8905b90c | 4368 | Changes to squid-1.2.alpha6 (): |
4369 | ||
6684fec0 | 4370 | - Simpler cacheobj implementation. |
6605655c | 4371 | - persistent connection histogram |
8872e1f8 | 4372 | - SERVER-SIDE PERSISTENT CONNECTIONS: |
6474667e | 4373 | - Added pconn.c |
4374 | - Addec Cofig.Timeout.pconn; default 120 seconds | |
4375 | - Added httpState->flags | |
4376 | - Added flags arg to httpBuildRequestHeader() | |
4377 | - Added HTTP_PROXYING and HTTP_KEEPALIVE flags | |
4378 | - Added 'Connection' to allowed HTTP headers (http-anon.c) | |
8872e1f8 | 4379 | - Added 'Proxy-Connection' to allowed HTTP headers |
4380 | (http-anon.c) | |
a7736231 | 4381 | - Merged proxyhttpStart() with httpStart() and created |
8872e1f8 | 4382 | new httpBuildState(). |
4383 | - New httpPconnTransferDone() detects end-of-data on | |
4384 | persistent connections. | |
6684fec0 | 4385 | |
88738790 | 4386 | Changes to squid-1.2.alpha5 (): |
4387 | ||
4388 | - New configuration system. Everything is generated from | |
4389 | 'cf.data.pre', including the main parser, setting defaults, | |
4390 | outputting current values, and freeing memory. | |
4391 | This also involved moving some of the local data structures | |
4392 | (e.g. struct _acl *AclList in acl.c) to the Config | |
4393 | structure. (Max Okumoto) | |
4394 | - No more '/i' for regular expressions. Now insert a '-i' | |
4395 | to switch to case-insensitive. Use '+i' for case-sensitive. | |
4396 | - When you have a variable named the same as its type, sizeof() | |
4397 | gets the wrong one (fde). | |
4398 | - Need to flush unbuffered logs before fork(). | |
4399 | - Added two fields swap log: refcount and e->flag. | |
4400 | - Removed all the .h files for each .c file. Now #include stuff | |
4401 | is in either: defines.h, enums.h, typedefs.h, structs.h, | |
4402 | or protos.h, globals.h. This greatly reduces dependencies | |
4403 | between the various source files. | |
4404 | - globals.c is generated from globals.h by a Perl script. | |
8ee3ca2c | 4405 | - Started customizable error texts. |
88738790 | 4406 | |
97f674c8 | 4407 | Changes to squid-1.2.alpha4 (): |
4408 | ||
ec973719 | 4409 | - New MIME configuration, regular expression based |
4410 | - Added request_timeout config option | |
4411 | - Multiple HTTP sockets (Lincoln Dale). | |
4412 | - Moved 'fds_are_n_free' check to httpAccept(). | |
4413 | - s/USE_POLL/HAVE_POLL/; make poll() default if available. | |
7e49f700 | 4414 | - Changed storeRegister to use offsets and make immediate |
4415 | callbacks if appropriate. | |
4416 | - Removed icpDetectClientClose(). Some of that functionality | |
4417 | goes into clientReadRequest() and the rest into | |
4418 | httpRequestFree(). | |
b1b387d1 | 4419 | - Moved IP lookups to commConnect stuff. |
4420 | - Added support for retrying connect(). | |
858164fc | 4421 | - New inline debug() macro (David Luyer). |
e174e0fe | 4422 | - Replace frequent gettimeofday() calls with alarm(3) based |
4423 | clock. Need to add more gettimeofday() calls to get back | |
a59968c7 | 4424 | high-resolution timestamp logging (Andres Kroonmaa). |
0153d498 | 4425 | - Added support for Cache-control: proxy-revalidate; |
4426 | based on squid-1.1 patch from Mike Mitchell. | |
ec973719 | 4427 | |
3b08d32d | 4428 | Changes to squid-1.2.alpha3 (): |
4429 | ||
4430 | - Implemented persistent connections between clients and squid. | |
4431 | - Moved various FD tables (comm.c, fdstat.c, disk.c) to a single | |
4432 | table in fd.c. | |
4433 | - Removed use of FD as an identifier in certain callback | |
4434 | operations (ipcache, fqdncache). | |
4435 | - General code cleanup. | |
4436 | - Fixed typedefs for callback functions. | |
4437 | - Removed FD lifetime/timeout dichotomy. Now we only have | |
4438 | timeouts, however the lifetime concept/keyword may still | |
4439 | linger in certain places. | |
4440 | - Change Makefile 'realclean' target to 'distclean' | |
4441 | - Changed config file parsing of time specifications to use | |
4442 | parseTimeLine(). | |
4443 | - Removed storetoString.c | |
4444 | ||
4445 | Changes to squid-1.2.alpha2 (): | |
74cebec0 | 4446 | |
4447 | - Merged squid-1.1.9, squid-1.1.10 changes | |
4448 | ||
7b41ec97 | 4449 | Changes to squid-1.2.alpha1 (): |
4450 | ||
4451 | - Unified peer selection algorithm. | |
75e88d56 | 4452 | - aiops.c and aiops.h are a threaded implementation of |
4453 | asynchronous file operations (Stewart Forster). | |
4454 | - async_io.c and async_io.h are complete rewrites of the old | |
4455 | versions (Stewart Forster). | |
6ad85e8a | 4456 | - Rewrote all disk file operations of squid to support |
75e88d56 | 4457 | the idea of callbacks except where not required (Stewart |
4458 | Forster). | |
75e88d56 | 4459 | - Background validation of 'tainted' swap log entries (Stewart |
4460 | Forster). | |
4461 | - Modified storeWriteCleanLog to create the log file using the | |
4462 | open/write rather than fopen/printf (Stewart Forster). | |
4463 | - Added the EINTR error response to handle badly interrupted | |
4464 | system calls (Stewart Forster). | |
6ad85e8a | 4465 | - UDP_HIT_OBJ not supported, removed. |
4466 | - Different sized 'cache_dirs' supported. | |
75e88d56 | 4467 | |
e924600d | 4468 | ============================================================================== |