Special thanks go to people who have volunteered their time, effort,
and ideas to make this software available.
- Adrian Chadd <adrian@creative.net.au>
+ Adam Ciarcinski
+ Adrian Chadd <adrian@squid-cache.org>
+ Alex Rousskov <rousskov@measurement-factory.com>
Alexander B. Demenshin <aldem@barnet.kharkov.ua>
Alexander Lukyanov <lav@yar.ru>
Alexey Veselovsky <alexey.veselovsky@eykontech.com>
- Alex Rousskov <rousskov@measurement-factory.com>
+ Alin Nastac <mrness@gentoo.org>
Alter <alter@alter.org.ua>
Amos Jeffries <squid3@treenet.co.nz>
Andreas Lamprecht <Andreas.Lamprecht@siemens.at>
Andres Kroonmaa <andre@ml.ee>
+ Andrew Hoying <andrew_hoying@blm.gov>
Andrey Shorin <tolsty@tushino.com>
Ansgar Hockmann <Ansgar.Hockmann@hrz.uni-dortmund.de>
Anthony Baxter <arb@connect.com.au>
Arjan de Vet <Arjan.deVet@adv.IAEhv.nl>
+ Arkin <arkin.yang@gmail.com>
Arthur Tumanyan <arthurtumanyan@yahoo.com>
Assar Westerlund <assar@pdc.kth.se>
+ Automatic source maintenance <squidadm@squid-cache.org>
Axel Westerhold <ml.awesterhold@dts.de>
Benno Rice <benno@squid-cache.org>
+ Bertrand Jacquin <beber@meleeweb.net>
Bojan Smojver <bojan@rexursive.com>
Brad Smith <brad@comstyle.com>
+ Brian <hiryuu@envisiongames.net>
Brian Degenhardt <bmd@mp3.com>
Brian Denehy <B-Denehy@adfa.oz.au>
- Brian <hiryuu@envisiongames.net>
Bruce Murphy <pack-squid@rattus.net>
Carson Gaspar (carson@lehman.com, carson@cs.columbia.edu)
+ Chris Hills <chaz@chaz6.com>
Christos Tsantilas <chtsanti@users.sourceforge.net>
+ Cloyce <cloyce.spradling@sun.com>
Constantin Rack
Cord Beermann <cord@cc.fh-lippe.de>
Daniel O'Callaghan <danny@miriworld.its.unimelb.EDU.AU>
David Luyer <luyer@ucs.uwa.edu.au>
+ Diego Woitasen <diegows@xtech.com.ar>
Dmitry Kurochkin
+ Don Hopkins <dhopkins@DonHopkins.com>
Doug Dixon <doug.dixon@gmail.com>
Doug Urner <dlu@bsdi.com>
Dragutin Cirkovic <painkiller@gromnet.net>
Duane Wessels <wessels@squid-cache.org>
+ Dustin J. Mitchell
Ed Knowles <ed@fatboy.geog.unsw.edu.au>
Edward Moy <moy@parc.xerox.com>
Emilio Casbas <ecasbas@unav.es>
Finn Thain <fthain@telegraphics.com.au>
Flavio Pescuma <flavio@marasystems.com>
Francesco Chemolli <kinkie@squid-cache.org>
- Francesco Salvestrini and Dustin J. Mitchell
+ Francesco Salvestrini
Francis Daly <francis@daoine.org>
Francois Cami <fcami@winsoft.fr>
Frank Balluffi
+ Frank Schmirler <squid@schmirler.de>
Geoff Keating <Geoff.Keating@anu.edu.au>
George Michaelson <ggm@connect.com.au>
Georgy Salnikov <sge@nmr.nioch.nsc.ru>
Glenn Chisholm <glenn@ircache.net>
Golub Mikhail
Gonzalo Arana <gonzalo.arana@gmail.com>
- Guido Serassio <guido.serassio@acmeconsulting.it>
+ Graham Keeling <graham@equiinet.com>
+ Guido Serassio <serassio@squid-cache.org>
Hasso Tepper <hasso@estpak.ee>
Henrik Nordstrom <henrik@henriknordstrom.net>
Hide Nagaoka <hide@cc.meisei-u.ac.jp>
Ian Castle <ian.castle@coldcomfortfarm.net>
Ian Turner <vectro@pipeline.com>
Igor Vinokurov <igor@cs.ibank.ru>
+ Isnard <isnardjaquet@gmail.com>
+ JPP <jpp1@frws.com>
+ Jakub Wilk <ubanus@users.sf.net>
+ James Brotchie <brotchie@gmail.com>
James R Grinter <jrg@demon.net>
Jan Niehusmann <jan@anduin.gondor.mcs.de>
Jean-Francois Micouleau <Jean-Francois.Micouleau@utc.fr>
+ Jean-Gabriel Dick <jean-gabriel.dick@curie.fr>
Jerry Murdock <jmurdock@itraktech.com>
Joachim Bauch <jojo@fistofbenztown.de>
+ Joao Alves Neto <alves_joao@hotmail.com>
+ Jochen Voss <voss@seehuhn.de>
Joe Ramey <ramey@jello.csc.ti.com>
John Dilley <jad@hpl.hp.com>
John Saunders <johns@rd.scitec.com.au>
- Jonathan Larmour <JLarmour@origin-at.co.uk>
+ Johnathan Conley <johnathan.conley@gmail.com>
Jon Thackray <jrmt@uk.gdscorp.com>
+ Jonathan Larmour <JLarmour@origin-at.co.uk>
Joshua Root <josh+squid@root.id.au>
- JPP <jpp1@frws.com>
+ Kieran Whitbread <k.j.whitbread@qmul.ac.uk>
Klaubert Herr <klaubert@gmail.com>
Klaus Singvogel <kssingvo@suse.de>
Kolics Bertold <bertold@tohotom.vein.hu>
Kostas Anagnostakis <kanag@csi.forth.gr>
+ Lab10 <lab10@bt-anlagenbau.at>
Laszlo Attilla Toth <panther@balabit.hu>
Leeann Bent <lbent@cs.ucsd.edu>
Luigi Gangitano <luigi@debian.org>
Mark Bergsma <mark@nedworks.org>
Mark Nottingham <mnot@pobox.com>
Mark Treacy <mark@aone.com.au>
+ Marko <mr_4u2@yahoo.com>
Markus Gyger <mgyger@itr.ch>
- Markus <huaraz@moeller.plus.com>
Markus Moeller <huaraz@moeller.plus.com>
- Markus Moeller <markus_moeller@compuserve.com>
Markus Stumpf <maex@Space.NET>
Martin Hamilton <martin@mrrl.lut.ac.uk>
+ Martin Huter <m.huter@phion.com>
Masashi Fujita <objectx@bandit.co.jp>
Massimo Zito <zmax.linkedin at gmail dot com>
Matthew Morgan <atcs.matthew@gmail.com>
+ Matthias Pitzl <silamael@coronamundi.de>
Max Okumoto <okumoto@ucsd.edu>
Michael Lupp <mike@nemesis.saar.de>
Michael Mansour <mic@shell.gnxs.com.au>
Michael O'Reilly <michael@metal.iinet.net.au>
Michael Pelletier <mikep@comshare.com>
+ Michael van Elst
Miguel A.L. Paraz <map@iphil.net>
Mike Groeneweg <mikeg@scorpion.murdoch.edu.au>
Mike Mitchell <Mike.Mitchell@sas.com>
Pedro Ribeiro <pribeiro@isel.pt>
Pete Bentley <pete@demon.net>
Peter Hidas <peter.hidas@safeland.hu>
+ Peter Pramberger <peter@pramberger.at>
+ Philip Allison <philip.allison@smoothwall.net>
+ Philippe Lantin <plantin@cobaltgroup.com>
Pierangelo Masarati <ando@sys-net.it>
Pierre-Louis BRENAC <brenacp@esiee.fr>
Przemek Czerkas <pczerkas@mgmnet.pl>
Rafael Martinez Torres <rmartine@fdi.ucm.es>
+ Rafal Ramocki <maniac@sistbg.net>
+ Ralf Wildenhues <Ralf.Wildenhues@gmx.de>
Ralph Loader <loader@maths.ox.ac.uk>
+ Regardt van de Vyver <squid@vdvyver.net>
+ Reinhard Sojka <reinhard.sojka@parlament.gv.at>
+ Rene Geile <rene.geile@t-online.de>
Reuben Farrelly <reuben@reub.net>
Richard Huveneers <Richard.Huveneers@hekkihek.hacom.nl>
Robert Collins <robertc@robertcollins.net>
- Robert Dessa
+ Robert Forster
Rodrigo Campos (rodrigo@geekbunker.org)
Ron Gomes <rrg@ny.ubs.com>
Russell Street <r.street@auckland.ac.nz>
Shigechika Aikawa <shige@luck.imasy.or.jp>
Stephen R. van den Berg <srb@cuci.nl>
Steve Bennett <S.Bennett@lancaster.ac.uk>
+ Steve Snyder <swsnyder@snydernet.net>
Steven Wilton <swilton@q-net.net.au>
Stewart Forster <slf@connect.com.au>
Svenx <svensven@gmail.com>
Taavi Talvik <taavi@uninet.ee>
Taketo Kabe <kabe@shiratori.riec.tohoku.ac.jp>
- Thomas-Martin Seck <tmseck@netcologne.de>
Thomas Ristic <thr@bootet.net>
+ Thomas-Martin Seck <tmseck@netcologne.de>
Tim Starling <tstarling@wikimedia.org>
Tony Lorimer <tlorimer@au.mdis.com>
+ Unknown - NetBSD Project
+ Vincent Regnard
Vitaliy Matytsyn (main) <vm@if.bank.gov.ua>
Wesha <wesha@iname.com>
Wojtek Sylwestrzak <W.Sylwestrzak@icm.edu.pl>
+ Wolfgang Nothdurft <wolfgang@linogate.de>
+ fancyrabbit <fancyrabbit@gmail.com>
+ vollkommen <vollkommen@gmx.net>
*/
==============================================================================
+
+compat/strsep.h, lib/strsep.c
+
+ * Copyright (C) 2004 Free Software Foundation, Inc.
+ * Written by Yoann Vandoorselaere <yoann@prelude-ids.org>
+ *
+ * The file is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This file is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this file; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+ * USA.
+
+==============================================================================
+
+Changes to squid-3.1.5 (02 Jul 2010):
+
+ - Bug 2967: raw-IPv6 address URL with append_domain broken
+ - Bug 2950: HTTP responses with no Date, L-M or Expires can now be cached
+ - Bug 2943: ICAP tokens not logged when using multiple access
+ - Bug 2937: Fails to detect chunked encoding if not given in all lower case
+ - Bug 2903: does not send indirect X-Client-Ip in ICAP respmod
+ - Fix free memory corruption and off-by-one error when comparing SNMP OIDs
+ - Port from 2.7: max_filedescriptor config option
+ - Fix persistent_connection_after_error is meant to be on by default
+ - ... and several build errors.
+
+Changes to squid-3.1.4 (30 May 2010):
+
+ - Bug 2933: Verification of the max. port number for WCCP2 dynamic service
+ - Bug 2924: RADIUS helper compile issues
+ - Bug 2922: Fix assertion failed: HttpHeader.cc: "Headers[id].stat.aliveCount"
+ - Bug 2919: tcp_outgoing_address ACLs not obeying acl_uses_indirect_client
+ - Bug 2896: Fix assertion failed: comm.cc:2063: "!fd_table[fd].closing()"
+ - Bug 2879: pt2: 3.0 regression in headers end finding
+ - Bug 2877: pt2: only output zero-size warning on reverse-proxy requests
+ - Bug 2876: FD_SETSIZE override not working on all linux distributions
+ - Bug 2810: common log format generates 2 lines of syslog
+ - Bug 2789: Optimize unlimited memory pools, and correctly handle limits over 2GB
+ - Bug 2753: Fall back on IPv4 if IPv6 is not present
+ - Bug 2697: Adaptation leaks and extra requests after reconfiguration
+ - Bug 2633: Fix Ecap::HeaderRep::value(name) fails when there is no named header field
+ - Change LDAP helpers to default to LDAP version 3 if available
+ - Add Joomla and Salted Hash support to squid_db_auth helper
+ - Fixed IpAddress port printing for ports higher than 9999
+ - Disable chunked memory pooling by default.
+ - ... and several build errors.
+
+Changes to squid-3.1.3 (02 May 2010):
+
+ - Remove: Advertise 1.1 on replies to clients (broken chunked handling)
+ - Fix tag ACL type not working
+
+Changes to squid-3.1.2 (01 May 2010):
+
+ - Bug 2913: Fix DB auth warning in new perl version
+ - Bug 2904: Prevent automake creating incomplete files
+ - Bug 2899: Regression: Restore lost rfc1738_unescape() data type
+ - Bug 2895: Regression: TPROXY2 compile errors
+ - Bug 2879: Regression: headers end-finding
+ - Bug 2874: Accept literal IPv6 address in icap_service URL
+ - Bug 2860: Regression: WCCPv1 handshake
+ - Bug 2848: Pass TCP_RST to client on early disconnect
+ - Debian Bug 578047: Correct behaviour of --enable-ipv6
+ - HTTP/1.1: Advertise 1.1 on requests to servers
+ - HTTP/1.1: Advertise 1.1 on replies to clients
+ - AIX / UNIX build fixes
+ - Cygwin build fixes
+ - squidclient: -k option to test connection keep-alive or close
+ - Improved helper build for wider compatibility
+ - Ensure the PID file directory exists on install
+
+Changes to squid-3.1.1 (29 Mar 2010):
+
+ - Bug 2873: undefined symbol
+ - Bug 2827: assertion in authentication
+ - Remove ufsdump binary from default builds
+ - Remove pinger from default startups
+ - ... and several documentation updates.
+
+Changes to squid-3.1.0.18 (14 Mar 2010):
+
+ - Regression Fix: IPv4-mapped prefix, broken in 3.1.0.16
+ - Bug 2869: Remove unused external reference
+ - Bug 2866: Support OpenSSL 1.0
+ - Bug 2813: Random unix_group crash at startup
+ - Send HTTP1.1 compliant 417 responses
+ - Associate external acl message with the request
+ - Various Digest parser fixes
+ - ... and all bug fixes from 3.0 up to 3.0.STABLE25
+
Changes to squid-3.1.0.17 (24 Feb 2010):
- Regression Fix: Non-English error page UTF encoding
- Bug #2223: Follow XFF extensions added
- ... and many code and documentation cleanups
+Changes to squid-3.0.STABLE25 (14 Mar 2010):
+
+ - Bug 2845: Rework the http digest auth parser
+ - Bug 2787: unknown/unexpected status code messages
+ - Bug 2507: squid_ldap_group: Strip Domain name separated by +
+ - Bug 2367: stale=true on digest requests with unknown nonce
+ - ... and several other minor corrections
+
Changes to squid-3.0.STABLE24 (13 Feb 2010):
- Bug 2858: Segment violation in HTCP
#
AUTOMAKE_OPTIONS = dist-bzip2 subdir-objects 1.5 foreign
-DIST_SUBDIRS = compat lib libltdl snmplib scripts src icons errors contrib doc helpers test-suite tools
-SUBDIRS = compat lib @makesnmplib@
+DIST_SUBDIRS = compat lib libltdl libntlmauth snmplib scripts src icons errors contrib doc helpers test-suite tools
+SUBDIRS = compat lib $(makesnmplib)
if USE_LOADABLE_MODULES
SUBDIRS += libltdl
endif
+if ENABLE_AUTH_NTLM
+SUBDIRS += libntlmauth
+endif
SUBDIRS += scripts src icons errors doc helpers test-suite tools
DISTCLEANFILES = include/stamp-h include/stamp-h[0-9]*
/* What a mess.. many systems have added the (now standard) bit types
* in their own ways, so we need to scan a wide variety of headers to
* find them..
- * IMPORTANT: Keep include/squid_types.h syncronised with this list
+ * IMPORTANT: Keep compat/types.h syncronised with this list
*/
#if HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
-#if STDC_HEADERS
+#if HAVE_LINUX_TYPES_H
+#include <linux/types.h>
+#endif
+#if HAVE_STDLIB_H
#include <stdlib.h>
+#endif
+#if HAVE_STDDEF_H
#include <stddef.h>
#endif
#if HAVE_INTTYPES_H
#endif
])
-dnl
-dnl thanks to autogen, for the template..
-dnl
-dnl @synopsis AC_TEST_CHECKFORHUGEOBJECTS
-dnl
-dnl Test whether -fhuge-objects is available with this c++ compiler. gcc-29.5 series compilers need this on some platform with large objects.
-dnl
-HUGE_OBJECT_FLAG=""
-AC_DEFUN([AC_TEST_CHECKFORHUGEOBJECTS],[
- if test "$GCC" = "yes"; then
- AC_MSG_CHECKING([whether compiler accepts -fhuge-objects])
- AC_CACHE_VAL([ac_cv_test_checkforhugeobjects],[
- ac_cv_test_checkforhugeobjects=`echo "int main(int argc, char **argv) { int foo; }" > conftest.cc
-${CXX} -Werror -fhuge-objects -o conftest.bin conftest.cc 2>/dev/null
-res=$?
-rm -f conftest.*
-echo yes
-exit $res`
- if [[ $? -ne 0 ]]
- then ac_cv_test_checkforhugeobjects=no
- else if [[ -z "$ac_cv_test_checkforhugeobjects" ]]
- then ac_cv_test_checkforhugeobjects=yes
- fi ; fi
- ]) # end of CACHE_VAL
- AC_MSG_RESULT([${ac_cv_test_checkforhugeobjects}])
-
- if test "X${ac_cv_test_checkforhugeobjects}" != Xno
- then
- HUGE_OBJECT_FLAG="-fhuge-objects"
- fi
- fi #gcc
-]) # end of AC_DEFUN of AC_TEST_CHECKFORHUGEOBJECTS
-
-
dnl ===========================================================================
dnl http://autoconf-archive.cryp.to/ax_with_prog.html
dnl ===========================================================================
--- /dev/null
+dnl
+dnl AUTHOR: Francesco Chemolli
+dnl
+dnl SQUID Web Proxy Cache http://www.squid-cache.org/
+dnl ----------------------------------------------------------
+dnl Squid is the result of efforts by numerous individuals from
+dnl the Internet community; see the CONTRIBUTORS file for full
+dnl details. Many organizations have provided support for Squid's
+dnl development; see the SPONSORS file for full details. Squid is
+dnl Copyrighted (C) 2001 by the Regents of the University of
+dnl California; see the COPYRIGHT file for full details. Squid
+dnl incorporates software developed and/or copyrighted by other
+dnl sources; see the CREDITS file for full details.
+dnl
+dnl This program is free software; you can redistribute it and/or modify
+dnl it under the terms of the GNU General Public License as published by
+dnl the Free Software Foundation; either version 2 of the License, or
+dnl (at your option) any later version.
+dnl
+dnl This program is distributed in the hope that it will be useful,
+dnl but WITHOUT ANY WARRANTY; without even the implied warranty of
+dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+dnl GNU General Public License for more details.
+dnl
+dnl You should have received a copy of the GNU General Public License
+dnl along with this program; if not, write to the Free Software
+dnl Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+
+
+# check if the compiler accepts a supplied flag
+# first argument is the variable containing the result
+# (will be set to "yes" or "no")
+# second argument is the flag to be tested, verbatim
+#
+AC_DEFUN([SQUID_CC_CHECK_ARGUMENT],[
+ AC_CACHE_CHECK([whether compiler accepts $2],[$1],
+ [{
+ AC_REQUIRE([AC_PROG_CC])
+ SAVED_FLAGS="$CFLAGS"
+ SAVED_CXXFLAGS="$CXXFLAGS"
+ CFLAGS="$CXXFLAGS $2"
+ CXXFLAGS="$CXXFLAGS $2"
+ AC_TRY_LINK([],[int foo; ],
+ [$1=yes],[$1=no])
+ CFLAGS="$SAVED_CFLAGS"
+ CXXFLAGS="$SAVED_CXXFLAGS"
+ }])
+])
+
+# check if the c++ compiler supports the -fhuge-objects flag
+# sets the variable squid_cv_cxx_arg_fhugeobjects to either "yes" or "no"
+#
+AC_DEFUN([SQUID_CXX_CHECK_ARG_FHUGEOBJECTS],[
+ AC_LANG_PUSH([C++])
+ if test "$GCC" = "yes"; then
+ SQUID_CC_CHECK_ARGUMENT([squid_cv_cxx_arg_fhugeobjects],[-Werror -fhuge-objects])
+ else
+ squid_cv_cxx_arg_fhugeobjects=no
+ fi
+ AC_LANG_POP([C++])
+])
+
+# detect what kind of compiler we're using, either by using hints from
+# autoconf itself, or by using predefined preprocessor macros
+# sets the variable squid_cv_compiler to one of
+# - gcc
+# - sunstudio
+# - none (undetected)
+#
+AC_DEFUN([SQUID_CC_GUESS_VARIANT], [
+ AC_CACHE_CHECK([what kind of compiler we're using],[squid_cv_compiler],
+ [
+ AC_REQUIRE([AC_PROG_CC])
+ if test "$GCC" = "yes" ; then
+ squid_cv_compiler="gcc"
+ fi
+ dnl repeat the next block for each compiler, changing the
+ dnl preprocessor definition type so that it depends on platform-specific
+ dnl predefined macros
+ dnl SunPro CC
+ if test -z "$squid_cv_compiler" ; then
+ AC_COMPILE_IFELSE([
+ AC_LANG_PROGRAM([[
+#if !defined(__SUNPRO_C) && !defined(__SUNPRO_CC)
+#error "not sunpro c"
+#endif
+ ]])],[squid_cv_compiler="sunstudio"],[])
+ fi
+ dnl end of block to be repeated
+ if test -z "$squid_cv_compiler" ; then
+ squid_cv_compiler="none"
+ fi
+ ])
+ ])
+
+# define the flag to use to have the compiler treat warnings as errors
+# requirs SQUID_CC_GUESS_VARIANT
+# Sets a few variables to contain some compiler-dependent command line
+# options, or to empty strings if the compiler doesn't support those
+# options
+# They are (with their GCC equivalent):
+# squid_cv_cc_option_werror (-Werror)
+# squid_cv_cc_option_wall (-Wall)
+# squid_cv_cc_option_optimize (-O3)
+#
+AC_DEFUN([SQUID_CC_GUESS_OPTIONS], [
+ AC_REQUIRE([SQUID_CC_GUESS_VARIANT])
+ AC_MSG_CHECKING([for compiler variant])
+ case "$squid_cv_compiler" in
+ gcc)
+ squid_cv_cc_option_werror="-Werror"
+ squid_cv_cc_option_wall="-Wall"
+ squid_cv_cc_option_optimize="-O3"
+ squid_cv_cc_arg_pipe="-pipe"
+ ;;
+ sunstudio)
+ squid_cv_cc_option_werror="-errwarn=%all"
+ squid_cv_cc_option_wall="+w"
+ squid_cv_cc_option_optimize="-fast"
+ squid_cv_cc_arg_pipe=""
+ ;;
+ *)
+ squid_cv_cc_option_werror=""
+ squid_cv_cc_option_wall=""
+ squid_cv_cc_option_optimize="-O"
+ squid_cv_cc_arg_pipe=""
+ ;;
+ esac
+ AC_MSG_RESULT([$squid_cv_compiler])
+])
--- /dev/null
+dnl
+dnl AUTHOR: Squid Web Cache team
+dnl
+dnl SQUID Web Proxy Cache http://www.squid-cache.org/
+dnl ----------------------------------------------------------
+dnl Squid is the result of efforts by numerous individuals from
+dnl the Internet community; see the CONTRIBUTORS file for full
+dnl details. Many organizations have provided support for Squid's
+dnl development; see the SPONSORS file for full details. Squid is
+dnl Copyrighted (C) 2001 by the Regents of the University of
+dnl California; see the COPYRIGHT file for full details. Squid
+dnl incorporates software developed and/or copyrighted by other
+dnl sources; see the CREDITS file for full details.
+dnl
+dnl This program is free software; you can redistribute it and/or modify
+dnl it under the terms of the GNU General Public License as published by
+dnl the Free Software Foundation; either version 2 of the License, or
+dnl (at your option) any later version.
+dnl
+dnl This program is distributed in the hope that it will be useful,
+dnl but WITHOUT ANY WARRANTY; without even the implied warranty of
+dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+dnl GNU General Public License for more details.
+dnl
+dnl You should have received a copy of the GNU General Public License
+dnl along with this program; if not, write to the Free Software
+dnl Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+
+dnl these checks must be performed in the same order as here defined,
+dnl and have mostly been lifted out of an inlined configure.in.
+
+dnl checks for a broken solaris header file, and sets squid_cv_broken_krb5_h
+dnl to yes if that's the case
+AC_DEFUN([SQUID_CHECK_KRB5_SOLARIS_BROKEN_KRB5_H], [
+ AC_CACHE_CHECK([for broken Solaris krb5.h],squid_cv_broken_krb5_h, [
+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
+#include <krb5.h>
+int i;
+]])], [ squid_cv_broken_krb5_h=no ], [
+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
+#if defined(__cplusplus)
+#define KRB5INT_BEGIN_DECLS extern "C" {
+#define KRB5INT_END_DECLS
+KRB5INT_BEGIN_DECLS
+#endif
+#include <krb5.h>
+int i;
+]])], [ squid_cv_broken_krb5_h=yes ], [ squid_cv_broken_krb5_h=no ])
+ ])
+ ])
+]) dnl SQUID_CHECK_KRB5_SOLARIS_BROKEN_KRB5_H
+
+
+dnl check the max skew in the krb5 context, and sets squid_cv_max_skew_context
+AC_DEFUN([SQUID_CHECK_MAX_SKEW_IN_KRB5_CONTEXT],[
+ AC_CACHE_CHECK([for max_skew in struct krb5_context],
+ squid_cv_max_skew_context, [
+ AC_COMPILE_IFELSE([
+ AC_LANG_PROGRAM([[
+#if HAVE_BROKEN_SOLARIS_KRB5_H
+#if defined(__cplusplus)
+#define KRB5INT_BEGIN_DECLS extern "C" {
+#define KRB5INT_END_DECLS
+KRB5INT_BEGIN_DECLS
+#endif
+#endif
+#include <krb5.h>
+krb5_context kc; kc->max_skew = 1;
+ ]])
+ ],[ squid_cv_max_skew_context=yes ],
+ [ squid_cv_max_skew_context=no ])
+ ])
+])
+
+dnl check whether the kerberos context has a memory cache. Sets
+dnl squid_cv_memory_cache if that's the case.
+AC_DEFUN([SQUID_CHECK_KRB5_CONTEXT_MEMORY_CACHE],[
+ AC_CACHE_CHECK([for memory cache], squid_cv_memory_cache, [
+ AC_RUN_IFELSE([
+ AC_LANG_SOURCE([[
+#if HAVE_BROKEN_SOLARIS_KRB5_H
+#if defined(__cplusplus)
+#define KRB5INT_BEGIN_DECLS extern "C" {
+#define KRB5INT_END_DECLS
+KRB5INT_BEGIN_DECLS
+#endif
+#endif
+#include <krb5.h>
+main()
+{
+ krb5_context context;
+ krb5_ccache cc;
+
+ krb5_init_context(&context);
+ return krb5_cc_resolve(context, "MEMORY:test_cache", &cc);
+}
+ ]])
+ ], [ squid_cv_memory_cache=yes ], [ squid_cv_memory_cache=no ])
+ ])
+])
+
+
+dnl checks that gssapi is ok, and sets squid_cv_working_gssapi accordingly
+AC_DEFUN([SQUID_CHECK_WORKING_GSSAPI], [
+ AC_CACHE_CHECK([for working gssapi], squid_cv_working_gssapi, [
+ AC_RUN_IFELSE([AC_LANG_SOURCE([[
+#ifdef HAVE_GSSAPI_GSSAPI_H
+#include <gssapi/gssapi.h>
+#elif HAVE_GSSAPI_H
+#include <gssapi.h>
+#endif
+
+#ifdef HAVE_GSSAPI_GSSAPI_EXT_H
+#include <gssapi/gssapi_ext.h>
+#endif
+
+#ifdef HAVE_GSSAPI_GSSAPI_KRB5_H
+#include <gssapi/gssapi_krb5.h>
+#endif
+
+#ifdef HAVE_GSSAPI_GSSAPI_GENERIC_H
+#include <gssapi/gssapi_generic.h>
+#endif
+int
+main(void)
+{
+ OM_uint32 val;
+ gss_OID_set set;
+
+ gss_create_empty_oid_set(&val, &set);
+
+ return 0;
+}
+ ]])], [ squid_cv_working_gssapi=yes ], [ squid_cv_working_gssapi=no ])])
+])
+
+
+dnl check for a working spnego, and set squid_cv_have_spnego
+AC_DEFUN([SQUID_CHECK_SPNEGO_SUPPORT], [
+ AC_CACHE_CHECK([for spnego support], squid_cv_have_spnego, [
+ AC_RUN_IFELSE([AC_LANG_SOURCE([[
+#ifdef HAVE_HEIMDAL_KERBEROS
+#ifdef HAVE_GSSAPI_GSSAPI_H
+#include <gssapi/gssapi.h>
+#elif defined(HAVE_GSSAPI_H)
+#include <gssapi.h>
+#endif
+#else
+#ifdef HAVE_GSSAPI_GSSAPI_H
+#include <gssapi/gssapi.h>
+#elif defined(HAVE_GSSAPI_H)
+#include <gssapi.h>
+#endif
+#ifdef HAVE_GSSAPI_GSSAPI_KRB5_H
+#include <gssapi/gssapi_krb5.h>
+#endif
+#ifdef HAVE_GSSAPI_GSSAPI_GENERIC_H
+#include <gssapi/gssapi_generic.h>
+#endif
+#endif
+#include <string.h>
+int main(int argc, char *argv[]) {
+ OM_uint32 major_status,minor_status;
+ gss_OID_set gss_mech_set;
+ int i;
+
+static gss_OID_desc _gss_mech_spnego = {6, (void *)"\x2b\x06\x01\x05\x05\x02"};
+gss_OID gss_mech_spnego = &_gss_mech_spnego;
+
+ major_status = gss_indicate_mechs( &minor_status, &gss_mech_set);
+
+ for (i=0;i<gss_mech_set->count;i++) {
+ if (!memcmp(gss_mech_set->elements[i].elements,gss_mech_spnego->elements,gss_mech_set->elements[i].length)) {
+ return 0;
+ }
+ }
+
+ return 1;
+}
+ ]])],
+ [ squid_cv_have_spnego=yes ], [ squid_cv_have_spnego=no ])])
+])
+
+dnl checks that krb5 is functional. Sets squid_cv_working_krb5
+AC_DEFUN([SQUID_CHECK_WORKING_KRB5],[
+ AC_CACHE_CHECK([for working krb5], squid_cv_working_krb5, [
+ AC_RUN_IFELSE([AC_LANG_SOURCE([[
+#ifdef HAVE_KRB5_H
+#if HAVE_BROKEN_SOLARIS_KRB5_H
+#if defined(__cplusplus)
+#define KRB5INT_BEGIN_DECLS extern "C" {
+#define KRB5INT_END_DECLS
+KRB5INT_BEGIN_DECLS
+#endif
+#endif
+#include <krb5.h>
+#endif
+
+int
+main(void)
+{
+ krb5_context context;
+
+ krb5_init_context(&context);
+
+ return 0;
+}
+ ]])], [ squid_cv_working_krb5=yes ], [ squid_cv_working_krb5=no ])])
+])
--- /dev/null
+dnl
+dnl AUTHOR: Squid Web Cache team
+dnl
+dnl SQUID Web Proxy Cache http://www.squid-cache.org/
+dnl ----------------------------------------------------------
+dnl Squid is the result of efforts by numerous individuals from
+dnl the Internet community; see the CONTRIBUTORS file for full
+dnl details. Many organizations have provided support for Squid's
+dnl development; see the SPONSORS file for full details. Squid is
+dnl Copyrighted (C) 2001 by the Regents of the University of
+dnl California; see the COPYRIGHT file for full details. Squid
+dnl incorporates software developed and/or copyrighted by other
+dnl sources; see the CREDITS file for full details.
+dnl
+dnl This program is free software; you can redistribute it and/or modify
+dnl it under the terms of the GNU General Public License as published by
+dnl the Free Software Foundation; either version 2 of the License, or
+dnl (at your option) any later version.
+dnl
+dnl This program is distributed in the hope that it will be useful,
+dnl but WITHOUT ANY WARRANTY; without even the implied warranty of
+dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+dnl GNU General Public License for more details.
+dnl
+dnl You should have received a copy of the GNU General Public License
+dnl along with this program; if not, write to the Free Software
+dnl Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+
+
+dnl check that strnstr() works fine. On Macos X it can cause a buffer overrun
+dnl sets squid_cv_func_strnstr to "yes" or "no", and defines HAVE_STRNSTR
+AC_DEFUN([SQUID_CHECK_FUNC_STRNSTR],[
+
+# Yay! This one is a MacOSX brokenness. Its not good enough
+# to know that strnstr() exists, because MacOSX 10.4 have a bad
+# copy that crashes with a buffer over-run!
+AH_TEMPLATE(HAVE_STRNSTR,[MacOS brokenness: strnstr() can overrun on that system])
+AC_CACHE_CHECK([if strnstr is well implemented], squid_cv_func_strnstr,
+ AC_RUN_IFELSE([AC_LANG_SOURCE([[
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+ // we expect this to succeed, or crash on over-run.
+ // if it passes otherwise we may need a better check.
+int main(int argc, char **argv)
+{
+ int size = 20;
+ char *str = malloc(size);
+ memset(str, 'x', size);
+ strnstr(str, "fubar", size);
+ return 0;
+}
+ ]])],[squid_cv_func_strnstr="yes"],[squid_cv_func_strnstr="no"],[])
+)
+if test "$squid_cv_func_strnstr" = "yes" ; then
+ AC_DEFINE(HAVE_STRNSTR,1)
+fi
+
+]) dnl SQUID_CHECK_FUNC_STRNSTR
+
+dnl check that va_copy is implemented and works
+dnl sets squid_cv_func_va_copy and defines HAVE_VA_COPY
+AC_DEFUN([SQUID_CHECK_FUNC_VACOPY],[
+
+# check that the system provides a functional va_copy call
+
+AH_TEMPLATE(HAVE_VA_COPY, [The system implements a functional va_copy() ])
+AC_CACHE_CHECK(if va_copy is implemented, squid_cv_func_va_copy,
+ AC_RUN_IFELSE([AC_LANG_SOURCE([[
+ #include <stdarg.h>
+ #include <stdlib.h>
+ int f (int i, ...) {
+ va_list args1, args2;
+ va_start (args1, i);
+ va_copy (args2, args1);
+ if (va_arg (args2, int) != 42 || va_arg (args1, int) != 42)
+ return 1;
+ va_end (args1); va_end (args2);
+ return 0;
+ }
+ int main(int argc, char **argv) { return f (0, 42); }
+ ]])],[squid_cv_func_va_copy="yes"],[squid_cv_func_va_copy="no"],[])
+)
+if test "$squid_cv_func_va_copy" = "yes" ; then
+ AC_DEFINE(HAVE_VA_COPY, 1)
+fi
+
+]) dnl SQUID_CHECK_FUNC_VACOPY
+
+dnl same sa SQUID_CHECK_FUNC_VACOPY, but checks __va_copy
+dnl sets squid_cv_func___va_copy, and defines HAVE___VA_COPY
+AC_DEFUN([SQUID_CHECK_FUNC___VACOPY],[
+
+AH_TEMPLATE(HAVE___VA_COPY,[Some systems have __va_copy instead of va_copy])
+AC_CACHE_CHECK(if __va_copy is implemented, squid_cv_func___va_copy,
+ AC_RUN_IFELSE([AC_LANG_SOURCE([[
+ #include <stdarg.h>
+ #include <stdlib.h>
+ int f (int i, ...) {
+ va_list args1, args2;
+ va_start (args1, i);
+ __va_copy (args2, args1);
+ if (va_arg (args2, int) != 42 || va_arg (args1, int) != 42)
+ return 1;
+ va_end (args1); va_end (args2);
+ return 0;
+ }
+ int main(int argc, char **argv) { return f (0, 42); }
+ ]])],[squid_cv_func___va_copy="yes"],[squid_cv_func___va_copy="no"],[])
+)
+if test "$squid_cv_func___va_copy" = "yes" ; then
+ AC_DEFINE(HAVE___VA_COPY, 1)
+fi
+]) dnl SQUID_CHECK_FUNC___VACOPY
+
+
+dnl check that epoll actually works
+dnl sets squid_cv_epoll_works to "yes" or "no"
+AC_DEFUN([SQUID_CHECK_EPOLL],[
+
+ AC_CACHE_CHECK(if epoll works, squid_cv_epoll_works,
+ AC_RUN_IFELSE([AC_LANG_SOURCE([[
+#include <sys/epoll.h>
+#include <stdlib.h>
+#include <stdio.h>
+int main(int argc, char **argv)
+{
+ int fd = epoll_create(256);
+ if (fd < 0) {
+ perror("epoll_create:");
+ return 1;
+ }
+ return 0;
+}
+ ]])],[squid_cv_epoll_works=yes],[squid_cv_epoll_works=no],[]))
+
+]) dnl SQUID_CHECK_EPOLL
--- /dev/null
+dnl
+dnl AUTHOR: Francesco Chemolli <kinkie@squid-cache.org>
+dnl
+dnl SQUID Web Proxy Cache http://www.squid-cache.org/
+dnl ----------------------------------------------------------
+dnl Squid is the result of efforts by numerous individuals from
+dnl the Internet community; see the CONTRIBUTORS file for full
+dnl details. Many organizations have provided support for Squid's
+dnl development; see the SPONSORS file for full details. Squid is
+dnl Copyrighted (C) 2001 by the Regents of the University of
+dnl California; see the COPYRIGHT file for full details. Squid
+dnl incorporates software developed and/or copyrighted by other
+dnl sources; see the CREDITS file for full details.
+dnl
+dnl This program is free software; you can redistribute it and/or modify
+dnl it under the terms of the GNU General Public License as published by
+dnl the Free Software Foundation; either version 2 of the License, or
+dnl (at your option) any later version.
+dnl
+dnl This program is distributed in the hope that it will be useful,
+dnl but WITHOUT ANY WARRANTY; without even the implied warranty of
+dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+dnl GNU General Public License for more details.
+dnl
+dnl You should have received a copy of the GNU General Public License
+dnl along with this program; if not, write to the Free Software
+dnl Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+
+
+
+
+dnl check whether PAM's struct pam_conv takes a const (linux-style) or
+dnl non-const (solaris-style) parametrs to the conv function.
+dnl
+dnl sets the shell variable squid_cv_pam_conv_signature to either
+dnl "linux", "solaris" or "unknown".
+dnl defines the C preprocessor macro PAM_CONV_FUNC_CONST_PARM to either
+dnl "static" (linux-style) or the empty string (solaris-style or default)
+
+AC_DEFUN([CHECK_STRUCT_PAM_CONV], [
+ AH_TEMPLATE([PAM_CONV_FUNC_CONST_PARM],
+ [Defined to const or empty depending on the style used by the OS to refer to the PAM message dialog func])
+ AC_CACHE_CHECK([for PAM conversation struct signature type],
+ squid_cv_pam_conv_signature, [
+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
+#include <security/pam_appl.h>
+static int
+password_conversation(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr) {}
+static struct pam_conv conv = { &password_conversation, 0 };
+]])], [
+ squid_cv_pam_conv_signature=linux
+], [
+ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
+#include <security/pam_appl.h>
+static int
+password_conversation(int num_msg, struct pam_message **msg, struct pam_response **resp, void *appdata_ptr) {}
+static struct pam_conv conv = { &password_conversation, 0 };
+]])], [
+ squid_cv_pam_conv_signature=solaris
+ ], [
+ squid_cv_pam_conv_signature=unknown
+ ])
+ ])
+ ])
+ case $squid_cv_pam_conv_signature in
+ linux) AC_DEFINE([PAM_CONV_FUNC_CONST_PARM],[const]) ;;
+ solaris) AC_DEFINE([PAM_CONV_FUNC_CONST_PARM],[]) ;;
+ *) AC_DEFINE([PAM_CONV_FUNC_CONST_PARM],[]) ;;
+ esac
+]) dnl CHECK_STRUCT_PAM_CONV
+
+
--- /dev/null
+dnl
+dnl AUTHOR: Francesco Chemolli
+dnl
+dnl SQUID Web Proxy Cache http://www.squid-cache.org/
+dnl ----------------------------------------------------------
+dnl Squid is the result of efforts by numerous individuals from
+dnl the Internet community; see the CONTRIBUTORS file for full
+dnl details. Many organizations have provided support for Squid's
+dnl development; see the SPONSORS file for full details. Squid is
+dnl Copyrighted (C) 2001 by the Regents of the University of
+dnl California; see the COPYRIGHT file for full details. Squid
+dnl incorporates software developed and/or copyrighted by other
+dnl sources; see the CREDITS file for full details.
+dnl
+dnl This program is free software; you can redistribute it and/or modify
+dnl it under the terms of the GNU General Public License as published by
+dnl the Free Software Foundation; either version 2 of the License, or
+dnl (at your option) any later version.
+dnl
+dnl This program is distributed in the hope that it will be useful,
+dnl but WITHOUT ANY WARRANTY; without even the implied warranty of
+dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+dnl GNU General Public License for more details.
+dnl
+dnl You should have received a copy of the GNU General Public License
+dnl along with this program; if not, write to the Free Software
+dnl Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+
+dnl save main environment variables to variables to the namespace defined by the
+dnl first argument (prefix)
+dnl e.g. SQUID_SAVEFLAGS([foo]) will save CFLAGS to foo_CFLAGS etc.
+dnl Saved variables are:
+dnl CFLAGS, CXXFLAGS, LDFLAGS, LIBS plus any variables specified as
+dnl second argument
+AC_DEFUN([SQUID_STATE_SAVE],[
+$1_CFLAGS="${CFLAGS}"
+$1_CXXFLAGS="${CXXFLAGS}"
+$1_LDFLAGS="${LDFLAGS}"
+$1_LIBS="${LIBS}"
+$1_CC="${CC}"
+$1_CXX="${CXX}"
+$1_squid_saved_vars="$2"
+for squid_util_var_tosave in $2
+do
+ squid_util_var_tosave2="$1_${squid_util_var_tosave}"
+ eval "${squid_util_var_tosave2}=\"${squid_util_var_tosave}\""
+done
+])
+
+dnl commit the state changes: deleting the temporary state defined in SQUID_STATE_SAVE
+dnl with the same prefix. It's not necessary to specify the extra variables passed
+dnl to SQUID_STATE_SAVE again, they will be automatically reclaimed.
+AC_DEFUN([SQUID_STATE_COMMIT],[
+unset $1_CFLAGS
+unset $1_CXXFLAGS
+unset $1_LDFLAGS
+unset $1_LIBS
+unset $1_CC
+unset $1_CXX
+for squid_util_var_tosave in $$1_squid_saved_vars
+do
+ unset ${squid_util_var_tosave2}
+done
+])
+
+dnl rollback state to the call of SQUID_STATE_SAVE with the same namespace argument.
+dnl all temporary state will be cleared, including the custom variables specified
+dnl at call time. It's not necessary to explicitly name them, they will be automatically
+dnl cleared.
+AC_DEFUN([SQUID_STATE_ROLLBACK],[
+CFLAGS="${$1_CFLAGS}"
+CXXFLAGS="${$1_CXXFLAGS}"
+LDFLAGS="${$1_LDFLAGS}"
+LIBS="${$1_LIBS}"
+CC="${$1_CC}"
+CXX="${$1_CXX}"
+for squid_util_var_tosave in $$1_squid_saved_vars
+do
+ squid_util_var_tosave2="$1_${squid_util_var_tosave}"
+ eval "${squid_util_var_tosave}=\$${squid_util_var_tosave2}"
+done
+SQUID_STATE_COMMIT($1)
+])
+
+
+dnl look for modules in the base-directory supplied as argument.
+dnl fill-in the variable pointed-to by the second argument with the
+dnl space-separated list of modules
+AC_DEFUN([SQUID_LOOK_FOR_MODULES],[
+$2=""
+for dir in $1/*; do
+ module="`basename $dir`"
+ if test -d "$dir" && test "$module" != CVS; then
+ $2="$$2 $module"
+ fi
+done
+])
+
+dnl remove duplicates out of a list.
+dnl dnl argument is the name of a variable to be checked and cleaned up
+AC_DEFUN([SQUID_CLEANUP_MODULES_LIST],[
+squid_cleanup_tmp_outlist=""
+for squid_cleanup_tmp in $$1
+do
+ squid_cleanup_tmp_dupe=0
+ for squid_cleanup_tmp2 in $squid_cleanup_tmp_outlist
+ do
+ if test "$squid_cleanup_tmp" = "$squid_cleanup_tmp2"; then
+ squid_cleanup_tmp_dupe=1
+ break
+ fi
+ done
+ if test $squid_cleanup_tmp_dupe -eq 0; then
+ squid_cleanup_tmp_outlist="${squid_cleanup_tmp_outlist} $squid_cleanup_tmp"
+ fi
+done
+$1=$squid_cleanup_tmp_outlist
+unset squid_cleanup_tmp_outlist
+unset squid_cleanup_tmp_dupe
+unset squid_cleanup_tmp2
+unset squid_cleanup_tmp
+])
+
+dnl check that all the modules supplied as a whitespace-separated list (second
+dnl argument) exist as members of the basedir passed as first argument
+dnl call AC_MESG_ERROR if any module does not exist. Also sets individual variables
+dnl named $2_modulename to value "yes"
+dnl e.g. SQUID_CHECK_EXISTING_MODULES([$srcdir/src/fs],[foo_module_candidates])
+dnl where $foo_module_candidates is "foo bar gazonk"
+dnl checks whether $srcdir/src/fs/{foo,bar,gazonk} exist and are all dirs
+dnl AND sets $foo_module_candidates_foo, $foo_module_candidates_bar
+dnl and $foo_module_candidates_gazonk to "yes"
+AC_DEFUN([SQUID_CHECK_EXISTING_MODULES],[
+ for squid_module_check_exist_tmp in $$2
+ do
+ if test -d $1/$squid_module_check_exist_tmp
+ then
+ eval "$2_$squid_module_check_exist_tmp='yes'"
+ #echo "defining $2_$squid_module_check_exist_tmp"
+ else
+ AC_MSG_ERROR([$squid_module_check_exist_tmp not found in $1])
+ fi
+ done
+])
+
+dnl lowercases the contents of the variable whose name is passed by argument
+AC_DEFUN([SQUID_TOLOWER_VAR_CONTENTS],[
+ $1=`echo $$1|tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz`
+])
+
+dnl uppercases the contents of the variable whose name is passed by argument
+AC_DEFUN([SQUID_TOUPPER_VAR_CONTENTS],[
+ $1=`echo $$1|tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`
+])
+
+dnl like AC_DEFINE, but it defines the value to 0 or 1 using well-known textual
+dnl conventions:
+dnl 1: "yes", "true", 1
+dnl 0: "no" , "false", 0, ""
+dnl aborts with an error for unknown values
+AC_DEFUN([SQUID_DEFINE_BOOL],[
+squid_tmp_define=""
+case "$2" in
+ yes|true|1) squid_tmp_define="1" ;;
+ no|false|0|"") squid_tmp_define="0" ;;
+ *) AC_MSG_ERROR([SQUID_DEFINE[]_BOOL: unrecognized value: '$2']) ;;
+esac
+ifelse([$#],3,
+ [AC_DEFINE_UNQUOTED([$1], [$squid_tmp_define],[$3])],
+ [AC_DEFINE_UNQUOTED([$1], [$squid_tmp_define])]
+)
+unset squid_tmp_define
+])
+
+dnl aborts with an error specified as the second argument if the first argument doesn't
+dnl contain either "yes" or "no"
+AC_DEFUN([SQUID_YESNO],[
+if test "$1" != "yes" -a "$1" != "no" ; then
+ AC_MSG_ERROR([$2])
+fi
+])
chmod u+w $makefile
mv $makefile.new $makefile
chmod u-w $makefile
+
+ # Libtool 2.2.6b we bundle is slightly broken with non-portable dependencies
+ sed 's/<libltdl\/lt_system.h>/\"libltdl\/lt_system.h\"/g' $src/ltdl.h |
+ sed 's/<libltdl\/lt_error.h>/\"libltdl\/lt_error.h\"/g' |
+ sed 's/<libltdl\/lt_dlloader.h>/\"libltdl\/lt_dlloader.h\"/g' > $src/ltdl.h.new;
+ chmod u+w $src/ltdl.h
+ mv $src/ltdl.h.new $src/ltdl.h
+ chmod u-w $src/ltdl.h
fi
}
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. */
/* AIX requires this to be the first thing in the file. */
-#if defined (_AIX) && !defined (REGEX_MALLOC)
+#if defined (_AIX) && !defined(REGEX_MALLOC)
#pragma alloca
#endif
#define _GNU_SOURCE 1
#endif
+#define SQUID_NO_ALLOC_PROTECT 1
#include "config.h"
#if USE_GNUREGEX /* only if squid needs it. Usually not */
#include <strings.h>
#endif
-#ifdef STDC_HEADERS
-#include <stdlib.h>
-#else
-char *malloc();
-char *realloc();
-#endif
-
/* Define the syntax stuff for \<, \>, etc. */
/* Compile a fastmap for the compiled pattern in BUFFER; used to
* accelerate searches. Return 0 if successful and -2 if was an
* internal error. */
-static int re_compile_fastmap _RE_ARGS((struct re_pattern_buffer * buffer));
+static int re_compile_fastmap(struct re_pattern_buffer * buffer);
/* Search in the string STRING (with length LENGTH) for the pattern
* characters. Return the starting position of the match, -1 for no
* match, or -2 for an internal error. Also return register
* information in REGS (if REGS and BUFFER->no_sub are nonzero). */
-static int re_search
-_RE_ARGS((struct re_pattern_buffer * buffer, const char *string,
- int length, int start, int range, struct re_registers * regs));
+static int re_search(struct re_pattern_buffer * buffer, const char *string,
+ int length, int start, int range, struct re_registers * regs);
/* Like `re_search', but search in the concatenation of STRING1 and
* STRING2. Also, stop searching at index START + STOP. */
-static int re_search_2
-_RE_ARGS((struct re_pattern_buffer * buffer, const char *string1,
- int length1, const char *string2, int length2,
- int start, int range, struct re_registers * regs, int stop));
+static int re_search_2(struct re_pattern_buffer * buffer, const char *string1,
+ int length1, const char *string2, int length2,
+ int start, int range, struct re_registers * regs, int stop);
/* Like `re_search_2', but return how many characters in STRING the regexp
* in BUFFER matched, starting at position START. */
-static int re_match_2
-_RE_ARGS((struct re_pattern_buffer * buffer, const char *string1,
- int length1, const char *string2, int length2,
- int start, struct re_registers * regs, int stop));
+static int re_match_2(struct re_pattern_buffer * buffer, const char *string1,
+ int length1, const char *string2, int length2,
+ int start, struct re_registers * regs, int stop);
/* isalpha etc. are used for the character classes. */
/* POSIX says that <sys/types.h> must be included (by the caller) before
* <regex.h>. */
-#ifdef VMS
- /* VMS doesn't have `size_t' in <sys/types.h>, even though POSIX says it
- * should be there. */
-#include <stddef.h>
-#endif
-
-
/* The following bits are used to determine the regexp syntax we
* recognize. The set/not-set meanings are chosen so that Emacs syntax
* remains the value 0. The bits are given in alphabetical order, and
* unfortunately clutters up the declarations a bit, but I think it's
* worth it. */
-#if STDC_HEADERS
-
-#define _RE_ARGS(args) args
-
-#else /* not __STDC__ */
-
-#define _RE_ARGS(args) ()
-
-#endif /* not __STDC__ */
-
/* POSIX compatibility. */
- extern int regcomp _RE_ARGS((regex_t * preg, const char *pattern, int cflags));
- extern int regexec _RE_ARGS((const regex_t * preg, const char *string, size_t nmatch, regmatch_t pmatch[], int eflags));
- extern size_t regerror _RE_ARGS((int errcode, const regex_t * preg, char *errbuf, size_t errbuf_size));
- extern void regfree _RE_ARGS((regex_t * preg));
+ extern int regcomp(regex_t * preg, const char *pattern, int cflags);
+ extern int regexec(const regex_t * preg, const char *string, size_t nmatch, regmatch_t pmatch[], int eflags);
+ extern size_t regerror(int errcode, const regex_t * preg, char *errbuf, size_t errbuf_size);
+ extern void regfree(regex_t * preg);
#ifdef __cplusplus
}
# Port Specific Configurations
noinst_LTLIBRARIES = libcompat.la
-
libcompat_la_SOURCES = \
assert.h \
compat.h \
compat_shared.h \
debug.h \
+ drand48.h \
+ eui64_aton.h \
fdsetsize.h \
+ getaddrinfo.h \
+ getnameinfo.h \
+ inet_ntop.h \
+ inet_pton.h \
+ initgroups.h \
osdetect.h \
stdvarargs.h \
+ strsep.h \
+ strtoll.h \
+ tempnam.h \
+ types.h \
+ unsafe.h \
valgrind.h \
\
os/aix.h \
os/hpux.h \
os/linux.h \
os/mswin.h \
+ os/netbsd.h \
os/next.h \
os/openbsd.h \
os/os2.h \
#if HAVE_STDIO_H
#include <stdio.h>
#endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
#if 0
#include "compat/assert.h"
/** On linux this must be defined to get PRId64 and friends */
#define __STDC_FORMAT_MACROS
-#include "squid_types.h"
+#include "compat/types.h"
/*****************************************************/
/* per-OS hacks. One file per OS. */
#include "compat/os/hpux.h"
#include "compat/os/linux.h"
#include "compat/os/mswin.h"
+#include "compat/os/netbsd.h"
#include "compat/os/next.h"
#include "compat/os/openbsd.h"
#include "compat/os/os2.h"
*/
#include "compat/GnuRegex.h"
+/* some functions are unsafe to be used in Squid. */
+#include "compat/unsafe.h"
#endif /* _SQUID_COMPAT_H */
#if HAVE_DIRENT_H
#include <dirent.h>
#define NAMLEN(dirent) strlen((dirent)->d_name)
-
#else /* if not HAVE_DIRENT_H */
#define dirent direct
#define NAMLEN(dirent) (dirent)->d_namlen
#endif /* __cplusplus */
#endif /* max */
-/**
- * tempnam() not provided by all systems
- * TODO: detect WHICH systems and move to their OS-specific compat files
- */
-#if !HAVE_TEMPNAM
-#include "tempnam.h"
-#endif
-
-/**
- * strsep() not provided by all systems
- * TODO: detect WHICH systems and move to their OS-specific compat files
- */
-#if !HAVE_STRSEP
-#include "strsep.h"
-#endif
-
-/**
- * strtoll() not provided by all systems
- * TODO: detect WHICH systems and move to their OS-specific compat files
- */
-#if !HAVE_STRTOLL
-#include "strtoll.h"
-#endif
-
/**
* Common shared definition of what whitespace consists of for string tests
*/
#define w_space " \t\n\r"
-/**
- * initgroups() not provided by all systems
- * TODO: detect WHICH systems and move to their OS-specific compat files
- */
-#if !HAVE_INITGROUPS
-#include "initgroups.h"
-#endif
-
+#ifndef SQUID_NONBLOCK
/* REQUIRED for the below logics. If they move this needs to as well */
#if HAVE_FCNTL_H
#include <fcntl.h>
/** O_NDELAY is our fallback. */
#define SQUID_NONBLOCK O_NDELAY
#endif
-
+#endif
/**
* Signalling flags are apparently not always provided.
/**
- * com_err.h is a C header and needs excplicit shielding, but not
- * all other system headers including this care to do this.
+ * com_err.h is a C header and needs explicit shielding, but not
+ * all other system headers including this care to do so.
*/
#ifdef __cplusplus
#if HAVE_ET_COM_ERR_H
#endif
#endif
+
#endif /* _SQUID_COMPAT_SHARED_H */
--- /dev/null
+#ifndef SQUID_CONFIG_H
+#include "config.h"
+#endif
+
+#ifndef _SQUID_DRAND48_H
+#define _SQUID_DRAND48_H
+
+#if !HAVE_DRAND48
+#define HAVE_DRAND48 1
+SQUIDCEXTERN double drand48(void);
+#endif
+
+#endif
+#ifndef SQUID_CONFIG_H
+#include "config.h"
+#endif
+
+/* If we have this system file use it. Otherwise use the below definitions. */
+#if HAVE_SYS_EUI64_H
+#include <sys/eui64.h>
+#else
+
/*
* Squid Change History:
*
#ifndef _SYS_EUI64_H
#define _SYS_EUI64_H
-#include <sys/types.h>
-
/**
* Size of the ASCII representation of an EUI-64.
*/
int eui64_aton(const char *a, struct eui64 *e);
#endif /* !_SYS_EUI64_H */
+#endif /* HAVE_SYS_EUI64_H */
* __FD_SETSIZE. Ofcourse a user program may NEVER include bits/whatever.h
* directly, so this is a dirty hack!
*/
-#if defined(_SQUID_LINUX_)
+#if _SQUID_LINUX_ || _SQUID_KFREEBSD_
#undef CHANGE_FD_SETSIZE
#define CHANGE_FD_SETSIZE 0
#include <features.h>
#if (__GLIBC__ > 2) || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 2)
#if SQUID_MAXFD > DEFAULT_FD_SETSIZE
#include <bits/types.h>
+#if HAVE_LINUX_POSIX_TYPES_H
+#include <linux/posix_types.h>
+#endif
#undef __FD_SETSIZE
#define __FD_SETSIZE SQUID_MAXFD
#endif
* --Marian Durkovic <marian@svf.stuba.sk>
* --Peter Wemm <peter@spinner.DIALix.COM>
*/
-#if defined(_SQUID_FREEBSD_)
+#if _SQUID_FREEBSD_
#include <osreldate.h>
#if __FreeBSD_version < 220000
#undef CHANGE_FD_SETSIZE
* Trying to redefine CHANGE_FD_SETSIZE causes a slew of warnings
* on Mac OS X Server.
*/
-#if defined(_SQUID_APPLE_)
+#if _SQUID_APPLE_
#undef CHANGE_FD_SETSIZE
#define CHANGE_FD_SETSIZE 0
#endif
+#ifndef SQUID_CONFIG_H
+#include "config.h"
+#endif
+
#ifndef _getaddrinfo_h
#define _getaddrinfo_h
* Original License and code follows.
*/
-#include "config.h"
-
/*
* This file is part of libESMTP, a library for submission of RFC 2822
* formatted electronic mail messages using the SMTP protocol described
/* Structure and prototypes taken from RFC 2553 */
-#ifdef HAVE_GETADDRINFO
-
/* These functions are provided by the OS */
-#define xgetaddrinfo getaddrinfo
-#define xfreeaddrinfo freeaddrinfo
-#define xgai_strerror gai_strerror
-
-#else /* !HAVE_GETADDRINFO */
+#if !HAVE_GETADDRINFO
/* SG 23/09/2007:
On Windows the following definitions are already available, may be that
/* RFC 2553 / Posix resolver */
SQUIDCEXTERN int xgetaddrinfo (const char *nodename, const char *servname,
const struct addrinfo *hints, struct addrinfo **res);
+#define getaddrinfo xgetaddrinfo
/* Free addrinfo structure and associated storage */
SQUIDCEXTERN void xfreeaddrinfo (struct addrinfo *ai);
+#define freeaddrinfo xfreeaddrinfo
/* Convert error return from getaddrinfo() to string */
SQUIDCEXTERN const char *xgai_strerror (int code);
+#define gai_strerror xgai_strerror
#endif /* HAVE_GETADDRINFO */
-
-#endif
+#endif /* _getaddrinfo_h */
+#ifndef SQUID_CONFIG_H
+#include "config.h"
+#endif
+
#ifndef _getnameinfo_h
#define _getnameinfo_h
/*
* Reconstructed from KAME getnameinfo.c (in lib/)
- *
- * $Id$
*/
-#include "config.h"
-
-#ifdef HAVE_GETNAMEINFO
-
-/* These functions are provided by the OS */
-#define xgetnameinfo getnameinfo
-
-#else /* !HAVE_GETNAMEINFO */
+#if !HAVE_GETNAMEINFO
/* RFC 2553 / Posix resolver */
SQUIDCEXTERN int xgetnameinfo(const struct sockaddr *sa,
char *serv,
size_t servlen,
int flags );
+#define getnameinfo xgetnameinfo
#endif /* HAVE_GETNAMEINFO */
-
-#endif
+#endif /* _getnameinfo_h */
-#ifndef _INC_INET_NTOP_H
-#define _INC_INET_NTOP_H
-
+#ifndef SQUID_CONFIG_H
#include "config.h"
+#endif
-#if HAVE_INET_NTOP
+#ifndef _INC_INET_NTOP_H
+#define _INC_INET_NTOP_H
/* Use the system provided version where possible */
-#define xinet_ntop inet_ntop
-
-#else
+#if !HAVE_INET_NTOP
/* char *
* inet_ntop(af, src, dst, size)
* Paul Vixie, 1996.
*/
SQUIDCEXTERN const char * xinet_ntop(int af, const void *src, char *dst, size_t size);
+#define inet_ntop xinet_ntop
#endif
-
#endif /* _INC_INET_NTOP_H */
-#ifndef _INC_INET_PTON_H
-#define _INC_INET_PTON_H
-
+#ifndef SQUID_CONFIG_H
#include "config.h"
+#endif
-#if HAVE_INET_PTON
+#ifndef _INC_INET_PTON_H
+#define _INC_INET_PTON_H
/* Use the system provided version where possible */
-#define xinet_pton inet_pton
-
-#else
+#if !HAVE_INET_PTON
/* int
* inet_pton(af, src, dst)
* Paul Vixie, 1996.
*/
SQUIDCEXTERN int xinet_pton(int af, const char *src, void *dst);
+#define inet_pton xinet_pton
#endif
-
#endif /* _INC_INET_NTOP_H */
-/*
- * $Id$
- */
-#ifndef SQUID_INITGROUPS_H
-#define SQUID_INITGROUPS_H
-
-#include "config.h"
-
-/* if you have configure you can use this */
-#if defined(HAVE_CONFIG_H)
+#ifndef SQUID_CONFIG_H
#include "config.h"
#endif
-#if HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
+#ifndef SQUID_INITGROUPS_H
+#define SQUID_INITGROUPS_H
+
+#if !HAVE_INITGROUPS
SQUIDCEXTERN int initgroups(const char *user, gid_t group);
+#endif
#endif /* SQUID_INITGROPS_H */
/*
* Syslog facility on AIX requires some portability wrappers
*/
-#ifdef HAVE_SYSLOG_H
+#if HAVE_SYSLOG_H
#define _XOPEN_EXTENDED_SOURCE
#define _XOPEN_SOURCE_EXTENDED 1
#endif
#undef HAVE_MALLOC_H
#endif
+/* Exclude CPPUnit tests from the allocator restrictions. */
+/* BSD implementation uses these still */
+#if defined(SQUID_UNIT_TEST)
+#define SQUID_NO_ALLOC_PROTECT 1
+#endif
#endif /* _SQUID_DRAGONFLY_ */
#endif /* SQUID_OS_DRAGONFLY_H */
#define _etext etext
+/* Exclude CPPUnit tests from the allocator restrictions. */
+/* BSD implementation uses these still */
+#if defined(SQUID_UNIT_TEST)
+#define SQUID_NO_ALLOC_PROTECT 1
+#endif
+
+
#endif /* _SQUID_FREEBSD_ */
#endif /* SQUID_OS_FREEBSD_H */
#define getrusage(a, b) syscall(SYS_GETRUSAGE, a, b)
#endif
+/*
+ * getpagesize(...) not available on HPUX
+ */
+#if !defined(HAVE_GETPAGESIZE)
+#define HAVE_GETPAGESIZE
+#define getpagesize( ) sysconf(_SC_PAGE_SIZE)
+#endif
#endif /* _SQUID_HPUX_ */
#endif /* SQUID_OS_HPUX_H */
#if defined(_MSC_VER) /* Microsoft C Compiler ONLY */
-typedef unsigned char uint8_t;
-typedef unsigned short uint16_t;
-typedef unsigned int uint32_t;
-typedef unsigned __int64 uint64_t;
-
-typedef long pid_t;
-
#if defined __USE_FILE_OFFSET64
-typedef int64_t off_t;
typedef uint64_t ino_t;
-
#else
-typedef long off_t;
typedef unsigned long ino_t;
-
#endif
#define INT64_MAX _I64_MAX
#define SIGUSR2 31 /* user defined signal 2 */
typedef unsigned short int ushort;
+#if !_SQUID_CYGWIN_
typedef int uid_t;
typedef int gid_t;
+#endif
struct passwd {
char *pw_name; /* user name */
long f_spare[6]; /* spare for later */
};
-#ifndef HAVE_GETTIMEOFDAY
+#if !HAVE_GETTIMEOFDAY
struct timezone {
int tz_minuteswest; /* minutes west of Greenwich */
int tz_dsttime; /* type of dst correction */
#define FD_SETSIZE SQUID_MAXFD
#endif
-#include <stddef.h>
#include <process.h>
#include <errno.h>
#if defined(_MSC_VER) /* Microsoft C Compiler ONLY */
#pragma warning (pop)
#endif
#include <io.h>
-#include <stdlib.h>
typedef char * caddr_t;
#undef FD_OPEN
#undef FD_READ
#undef FD_WRITE
+
+#ifndef EISCONN
#define EISCONN WSAEISCONN
+#endif
+#ifndef EINPROGRESS
#define EINPROGRESS WSAEINPROGRESS
+#endif
+#ifndef EWOULDBLOCK
#define EWOULDBLOCK WSAEWOULDBLOCK
+#endif
+#ifndef EALREADY
#define EALREADY WSAEALREADY
+#endif
+#ifndef ETIMEDOUT
#define ETIMEDOUT WSAETIMEDOUT
+#endif
+#ifndef ECONNREFUSED
#define ECONNREFUSED WSAECONNREFUSED
+#endif
+#ifndef ECONNRESET
#define ECONNRESET WSAECONNRESET
+#endif
+#ifndef ENOTCONN
#define ENOTCONN WSAENOTCONN
+#endif
+#ifndef ERESTART
#define ERESTART WSATRY_AGAIN
+#endif
+#ifndef EAFNOSUPPORT
#define EAFNOSUPPORT WSAEAFNOSUPPORT
+#endif
#undef h_errno
#define h_errno errno /* we'll set it ourselves */
SQUIDCEXTERN THREADLOCAL int ws32_result;
#define strerror(e) WIN32_strerror(e)
+#define HAVE_STRERROR 1
#ifdef __cplusplus
#define open _open /* Needed in win32lib.c */
#endif /* #ifdef __cplusplus */
+#if HAVE_SYS_RESOURCE_H
+#include <sys/resource.h>
+#else
#define RUSAGE_SELF 0 /* calling process */
#define RUSAGE_CHILDREN -1 /* terminated child processes */
long ru_nvcsw; /* voluntary context switches */
long ru_nivcsw; /* involuntary context switches */
};
+#endif /* HAVE_SYS_RESOURCE_H */
#undef ACL
+#if !defined(getpagesize)
+/* Windows may lack getpagesize() prototype */
+SQUIDCEXTERN size_t getpagesize(void);
+#endif
+
#endif /* _SQUID_WIN32_ */
#endif /* SQUID_OS_MSWIN_H */
--- /dev/null
+#ifndef SQUID_CONFIG_H
+#include "config.h"
+#endif
+
+#ifndef SQUID_OS_NETBSD_H
+#define SQUID_OS_NETBSD_H
+
+#ifdef _SQUID_NETBSD_
+
+/****************************************************************************
+ *--------------------------------------------------------------------------*
+ * DO *NOT* MAKE ANY CHANGES below here unless you know what you're doing...*
+ *--------------------------------------------------------------------------*
+ ****************************************************************************/
+
+/* Exclude CPPUnit tests from the allocator restrictions. */
+/* BSD implementation uses these still */
+#if defined(SQUID_UNIT_TEST)
+#define SQUID_NO_ALLOC_PROTECT 1
+#endif
+
+/* NetBSD does not provide sys_errlist global for strerror */
+#define NEED_SYS_ERRLIST 1
+
+#endif /* _SQUID_NETBSD_ */
+#endif /* SQUID_OS_NETBSD_H */
/*
* WAS: lots of special wrappers labeled only 'protect NEXTSTEP'
- * I'm assuming its an incomplete definition problem on that OS.
- * Or a missing safety wrapper by the looks of the _SQUID_NETDB_H_
+ * I'm assuming its an incomplete definition problem on that OS
+ * or a missing safety wrapper by the looks of the original hack.
*
* Anyway, this file is included before all general non-type headers.
* doing the include here for Next and undefining HAVE_NETDB_H will
* save us from including it again in general.
*/
-// All the hacks included this first without safety wrapping, then netdb.h.
-#include <netinet/in_systm.h>
#if HAVE_NETDB_H
#include <netdb.h>
#endif
#undef HAVE_NETDB_H
#define HAVE_NETDB_H 0
-
#endif /* _SQUID_NEXT_ */
#endif /* SQUID_OS_NEXT_H */
/*
* Don't allow inclusion of malloc.h
*/
-#ifdef HAVE_MALLOC_H
+#if HAVE_MALLOC_H
#undef HAVE_MALLOC_H
#endif
+/* Exclude CPPUnit tests from the allocator restrictions. */
+/* BSD implementation uses these still */
+#if defined(SQUID_UNIT_TEST)
+#define SQUID_NO_ALLOC_PROTECT 1
+#endif
#endif /* _SQUID_OPENBSD_ */
#endif /* SQUID_OS_OPENBSD_H */
* header files.
*/
#if defined(i386) || defined(__i386)
-#ifndef HAVE_PAD128_T
+#if !HAVE_PAD128_T
typedef union {
long double _q;
int32_t _l[4];
} pad128_t;
#endif
-#ifndef HAVE_UPAD128_T
+#if !HAVE_UPAD128_T
typedef union {
long double _q;
uint32_t _l[4];
/**
* prototypes for system function missing from system includes
+ * NP: sys/resource.h and sys/time.h are apparently order-dependant.
*/
+#include <sys/time.h>
#include <sys/resource.h>
SQUIDCEXTERN int getrusage(int, struct rusage *);
#define __FUNCTION__ ""
#endif
+/* Exclude CPPUnit tests from the allocator restrictions. */
+/* BSD implementation uses these still */
+#if defined(SQUID_UNIT_TEST)
+#define SQUID_NO_STRING_BUFFER_PROTECT 1
+#endif
+
+
#endif /* _SQUID_SOLARIS_ */
#endif /* SQUID_OS_SOALRIS_H */
****************************************************************************/
+/* O_NONBLOCK requires <fcntl.h> to be included first */
+#if HAVE_FCNTL_H
+#include <fcntl.h>
+#endif
+
/*
* We assume O_NONBLOCK is broken, or does not exist, on SunOS.
*/
#endif
/* Make sure syslog goes after stdarg/varargs */
-#ifdef HAVE_SYSLOG_H
+#if HAVE_SYSLOG_H
#include <syslog.h>
#endif
+#ifndef SQUID_CONFIG_H
+#include "config.h"
+#endif
+
/* Copyright (C) 2004 Free Software Foundation, Inc.
* Written by Yoann Vandoorselaere <yoann@prelude-ids.org>
*
#ifndef GNULIB_STRSEP_H_
#define GNULIB_STRSEP_H_
-#include "config.h"
-
#if HAVE_STRSEP
/*
#else
/**
-\par
-Searches the next delimiter (char listed in DELIM) starting at *STRINGP.
-If one is found, it is overwritten with a NULL, and *STRINGP is advanced
-to point to the next char after it. Otherwise, *STRINGP is set to NULL.
-If *STRINGP was already NULL, nothing happens.
-Returns the old value of *STRINGP.
-\par
-This is a variant of strtok() that is multithread-safe and supports
-empty fields.
-
-\note Caveat: It modifies the original string.
-\note Caveat: These functions cannot be used on constant strings.
-\note Caveat: The identity of the delimiting character is lost.
-\note Caveat: It doesn't work with multibyte strings unless all of the delimiter
-characters are ASCII characters < 0x30.
-
-See also strtok_r().
-*/
+ *\par
+ * Searches the next delimiter (char listed in DELIM) starting at *STRINGP.
+ * If one is found, it is overwritten with a NULL, and *STRINGP is advanced
+ * to point to the next char after it. Otherwise, *STRINGP is set to NULL.
+ * If *STRINGP was already NULL, nothing happens.
+ * Returns the old value of *STRINGP.
+ *
+ *\par
+ * This is a variant of strtok() that is multithread-safe and supports
+ * empty fields.
+ *
+ * \note Caveat: It modifies the original string.
+ * \note Caveat: These functions cannot be used on constant strings.
+ * \note Caveat: The identity of the delimiting character is lost.
+ * \note Caveat: It doesn't work with multibyte strings unless all of the delimiter
+ * characters are ASCII characters < 0x30.
+ *
+ * See also strtok_r().
+ */
SQUIDCEXTERN char *strsep(char **stringp, const char *delim);
#endif /* HAVE_STRSEP */
-
#endif /* GNULIB_STRSEP_H_ */
--- /dev/null
+#ifndef SQUID_CONFIG_H
+#include "config.h"
+#endif
+
+#ifndef _SQUID_COMPAT_STRTOLL_H
+#define _SQUID_COMPAT_STRTOLL_H
+
+#if !HAVE_STRTOLL
+
+/**
+ *\par
+ * Convert a string to a int64 integer.
+ *
+ *\par
+ * Ignores `locale' stuff. Assumes that the upper and lower case
+ * alphabets and digits are each contiguous.
+ */
+SQUIDCEXTERN int64_t strtoll(const char *nptr, char **endptr, int base);
+
+#endif /* !HAVE_STRTOLL */
+#endif /* _SQUID_COMPAT_STRTOLL_H */
/*
- * $Id$
- */
-
-
-/* Copyright (C) 1991, 1992, 1993 Free Software Foundation, Inc.
+ * Copyright (C) 1991, 1992, 1993 Free Software Foundation, Inc.
* This file is part of the GNU C Library.
* The GNU C Library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Library General Public License as
* You should have received a copy of the GNU Library General Public
* License along with the GNU C Library; see the file COPYING.LIB. If
* not, write to the Free Software Foundation, Inc., 675 Mass Ave,
- * Cambridge, MA 02139, USA. */
+ * Cambridge, MA 02139, USA.
+ */
+
+#ifndef SQUID_CONFIG_H
+#include "config.h"
+#endif
#ifndef SQUID_TEMPNAM_H
#define SQUID_TEMPNAM_H
+
extern char *tempnam(const char *, const char *);
+
#endif /* SQUID_TEMPNAM_H */
+#define SQUID_UNIT_TEST 1
#include "config.h"
#if HAVE_ASSERT_H
+#ifndef SQUID_CONFIG_H
+#include "config.h"
+#endif
+
/*
- * $Id$
- *
* * * * * * * * Legal stuff * * * * * * *
*
* (C) 2000 Francesco Chemolli <kinkie@kame.usr.dsi.unimi.it>
* from system locations or various attempts. This is just a convenience
* header to include which takes care of proper preprocessor stuff
*
- * This file is only intended to be included via config.h, do
+ * This file is only intended to be included via compat/compat.h, do
* not include directly.
*/
#if HAVE_LINUX_TYPES_H
#include <linux/types.h>
#endif
-#if STDC_HEADERS
+#if HAVE_STDLIB_H
#include <stdlib.h>
+#endif
+#if HAVE_STDDEF_H
#include <stddef.h>
#endif
#if HAVE_INTTYPES_H
#include <netinet/in_systm.h>
#endif
+
+/******************************************************/
+/* Typedefs for missing entries on a system */
+/******************************************************/
+
+
/*
* ISO C99 Standard printf() macros for 64 bit integers
* On some 64 bit platform, HP Tru64 is one, for printf must be used
#endif
#endif
+/* int64_t */
+#ifndef HAVE_INT64_T
+#if HAVE___INT64
+typedef __int64 int64_t;
+#elif HAVE_LONG && SIZEOF_LONG == 8
+typedef long int64_t;
+#elif HAVE_LONG_LONG && SIZEOF_LONG_LONG == 8
+typedef long long int64_t;
+#else
+#error NO 64 bit signed type available
+#endif
+#endif
+
+/* u_int64_t */
+#ifndef HAVE_U_INT64_T
+#if HAVE_UINT64_T
+typedef uint64_t u_int64_t;
+#else
+typedef unsigned int64_t u_int64_t;
+#endif
+#endif
+
+/* int32_t */
+#ifndef HAVE_INT32_T
+#if HAVE_INT && SIZEOF_INT == 4
+typedef int int32_t;
+#elif HAVE_LONG && SIZEOF_LONG == 4
+typedef long int32_t;
+#else
+#error NO 32 bit signed type available
+#endif
+#endif
+
+/* u_int32_t */
+#ifndef HAVE_U_INT32_T
+#if HAVE_UINT32_T
+typedef uint32_t u_int32_t;
+#else
+typedef unsigned int32_t u_int32_t;
+#endif
+#endif
+
+/* int16_t */
+#ifndef HAVE_INT16_T
+#if HAVE_SHORT && SIZEOF_SHORT == 2
+typedef short int16_t;
+#elif HAVE_INT && SIZEOF_INT == 2
+typedef int int16_t;
+#else
+#error NO 16 bit signed type available
+#endif
+#endif
+
+/* u_int16_t */
+#ifndef HAVE_U_INT16_T
+#if HAVE_UINT16_T
+typedef uint16_t u_int16_t;
+#else
+typedef unsigned int16_t u_int16_t;
+#endif
+#endif
+
+/* int8_t */
+#ifndef HAVE_INT8_T
+#if HAVE_CHAR && SIZEOF_CHAR == 1
+typedef char int8_t;
+#else
+#error NO 8 bit signed type available
+#endif
+#endif
+
+/* u_int8_t */
+#ifndef HAVE_U_INT8_T
+#if HAVE_UINT8_T
+typedef uint8_t u_int8_t;
+#else
+typedef unsigned char u_int8_t;
+#endif
+#endif
+
+#ifndef HAVE_PID_T
+#if defined(_MSC_VER) /* Microsoft C Compiler ONLY */
+typedef long pid_t;
+#else
+typedef int pid_t;
+#endif
+#endif
+
+#ifndef HAVE_SIZE_T
+typedef unsigned int size_t;
+#endif
+
+#ifndef HAVE_SSIZE_T
+typedef int ssize_t;
+#endif
+
+#ifndef HAVE_OFF_T
+#if defined(_MSC_VER) /* Microsoft C Compiler ONLY */
+#if defined(_FILE_OFFSET_BITS) && _FILE_OFFSET_BITS == 64
+typedef int64_t off_t;
+#else
+typedef long off_t;
+#endif
+#else
+typedef int off_t;
+#endif
+#endif
+
+#ifndef HAVE_MODE_T
+typedef unsigned short mode_t;
+#endif
+
+#ifndef HAVE_FD_MASK
+typedef unsigned long fd_mask;
+#endif
+
+#ifndef HAVE_SOCKLEN_T
+typedef int socklen_t;
+#endif
+
+#ifndef HAVE_MTYP_T
+typedef long mtyp_t;
+#endif
+
#endif /* SQUID_TYPES_H */
--- /dev/null
+#ifndef SQUID_CONFIG_H
+#include "config.h"
+#endif
+
+#ifndef _SQUID_COMPAT_UNSAFE_H
+#define _SQUID_COMPAT_UNSAFE_H
+
+/*
+ * Trap unintentional use of functions unsafe for use within squid.
+ */
+
+#if !SQUID_NO_ALLOC_PROTECT
+#ifndef free
+#define free(x) ERROR_free_UNSAFE_IN_SQUID(x)
+#endif
+#ifndef malloc
+#define malloc ERROR_malloc_UNSAFE_IN_SQUID
+#endif
+#ifndef calloc
+#define calloc ERROR_calloc_UNSAFE_IN_SQUID
+#endif
+#endif /* !SQUID_NO_ALLOC_PROTECT */
+
+#if !SQUID_NO_STRING_BUFFER_PROTECT
+#ifndef sprintf
+#define sprintf ERROR_sprintf_UNSAFE_IN_SQUID
+#endif
+#ifndef strdup
+#define strdup ERROR_strdup_UNSAFE_IN_SQUID
+#endif
+#endif /* SQUID_NO_STRING_BUFFER_PROTECT */
+
+#endif /* _SQUID_COMPAT_UNSAFE_H */
AC_PREFIX_DEFAULT(/usr/local/squid)
AM_MAINTAINER_MODE
+m4_include([acinclude/squid-util.m4])
+m4_include([acinclude/compiler-flags.m4])
+m4_include([acinclude/os-deps.m4])
+m4_include([acinclude/krb5.m4])
+m4_include([acinclude/pam.m4])
+
PRESET_CFLAGS="$CFLAGS"
PRESET_LDFLAGS="$LDFLAGS"
LDFLAGS="-g"
fi
-dnl Check for GNU cc
+# Check for GNU cc
AC_PROG_CC
AM_PROG_CC_C_O
AC_PROG_CXX
AC_LANG([C++])
AC_CANONICAL_HOST
-dnl Make the squid top srcdir available to sub-packages as --with-squid=PATH
-new_configure_args="$ac_configure_args --with-squid=$ac_abs_confdir"
-ac_configure_args="$new_configure_args"
+AC_MSG_CHECKING([simplified host os])
+squid_host_os=`echo $host_os|sed 's/[0-9].*//;s/-.*//g'`
+squid_host_os_version=`echo $host_os|tr -d "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ-"`
+AC_MSG_RESULT($squid_host_os (version $squid_host_os_version))
+# on windows squid_host_os is either mingw or cygwin, version is 32
+
+# test for programs
+AC_PROG_RANLIB
+AC_PROG_CPP
+AC_PROG_INSTALL
+AC_PROG_LN_S
+AC_PROG_EGREP
+
+AC_PATH_PROG(SH, sh, /bin/sh)
+AC_PATH_PROG(FALSE, false, /usr/bin/false)
+AC_PATH_PROG(TRUE, true, /usr/bin/true)
+AC_PATH_PROG(MV, mv, $FALSE)
+AC_PATH_PROG(MKDIR, mkdir, $FALSE)
+AC_PATH_PROG(LN, ln, cp)
+AC_PATH_PROG(CHMOD, chmod, $FALSE)
+AC_PATH_PROG(TR, tr, $FALSE)
+AC_PATH_PROG(RM, rm, $FALSE)
+AC_PATH_PROG(CPPUNITCONFIG, cppunit-config, false)
+dnl Libtool 2.2.6 requires: rm -f
+RM="$RM -f"
+
+AC_PATH_PROG(PERL, perl, none)
+if test "$ac_cv_path_PERL" = "none"; then
+ AC_MSG_FAILURE([Perl is required to compile Squid. Please install Perl and then re-run configure ])
+fi
+AC_PATH_PROG(POD2MAN, pod2man, $FALSE)
+
+dnl set $(AR)
+AC_PATH_PROG(AR, ar, $FALSE)
+AR_R="$AR r"
+AC_SUBST(AR_R)
-squid_disable_werror="no"
+squid_opt_enable_werror="yes" # default
AC_ARG_ENABLE(strict-error-checking,
AS_HELP_STRING([--disable-strict-error-checking],[By default squid is compiled
with all possible static compiler error-checks enbled.
[
if test "${enableval}" = "no"
then
- squid_disable_werror="yes"
+ squid_opt_enable_werror="no"
fi
])
use_loadable_modules=1
AC_MSG_CHECKING(whether to use loadable modules)
AC_ARG_ENABLE(loadable-modules,
- AS_HELP_STRING([--disable-loadable-modules],[do not support loadable modules]) ,
- [
+ AS_HELP_STRING([--disable-loadable-modules],[do not support loadable modules]) , [
case "${enableval}" in
yes) use_loadable_modules=yes ;;
no) use_loadable_modules=no ;;
*) AC_MSG_ERROR(bad value ${enableval} for --disable-loadable-modules) ;;
esac
AC_MSG_RESULT([$use_loadable_modules, explicitly])
- ],
- [
+ ], [
use_loadable_modules=yes;
AC_MSG_RESULT([$use_loadable_modules, implicitly])
- ]
-)
+ ])
AM_CONDITIONAL(USE_LOADABLE_MODULES, test $use_loadable_modules = yes)
AC_LIBLTDL_CONVENIENCE
fi
+dnl LibTool environment is now prepared for setup. Check that it is usable and initialize.
AC_PROG_LIBTOOL
AC_LTDL_DLLIB
if test $use_loadable_modules = yes;
then
- # Why is this needed? Should not libtool's AC_LIBTOOL_DLOPEN do that?
+ # Why is this needed? Should not AC_LIBTOOL_DLOPEN from libtool do that?
LIBADD_DL=${lt_cv_dlopen_libs}
AC_SUBST([LIBADD_DL])
fi
-AC_PROG_RANLIB
+
+SQUID_CC_GUESS_VARIANT
+SQUID_CC_GUESS_OPTIONS
REGEXLIB='' # -lregex
# LIBREGEX='' # libregex.a
-dnl find out the exe extension for this platform. If it's not empty, use it for CGI's as well.
+dnl find out the exe extension for this platform.
+dnl If it is not empty, use it for CGI as well.
AC_EXEEXT
AC_OBJEXT
fi
AC_SUBST(CGIEXT)
-dnl this should be expanded to a list of platform sensible support requirements.
-dnl (adding an option like --enable-cygwin-support doesn't make sense :]) - R Collins 2001
-case "$host_os" in
-mingw|mingw32|cygwin|cygwin32)
- AM_CONDITIONAL(ENABLE_WIN32SPECIFIC, true)
- ;;
-*)
- AM_CONDITIONAL(ENABLE_WIN32SPECIFIC, false)
- ;;
-esac
+AM_CONDITIONAL(ENABLE_WIN32SPECIFIC,
+ [test "$squid_host_os" = "mingw" -o "$squid_host_os" = "cygwin"])
+AM_CONDITIONAL(USE_IPC_WIN32,[test "$squid_host_os" = "mingw"])
-case "$host_os" in
-mingw|mingw32)
+if test $squid_host_os = "mingw"; then
AC_PATH_PROG(WIN32_PSAPI, psapi.dll, none)
CFLAGS="$CFLAGS -mthreads"
CXXFLAGS="$CXXFLAGS -mthreads"
LIBS="$LIBS -lpsapi"
fi
MINGW_LIBS="-lmingwex"
- AM_CONDITIONAL(USE_IPC_WIN32, true)
AC_SUBST(MINGW_LIBS)
- ;;
-*)
- AM_CONDITIONAL(USE_IPC_WIN32, false)
- ;;
-esac
+fi
if test -z "$CACHE_HTTP_PORT"; then
CACHE_HTTP_PORT="3128"
dnl Substitutions
AC_DEFINE_UNQUOTED(CACHE_HTTP_PORT, $CACHE_HTTP_PORT,
-[What default TCP port to use for HTTP listening?])
+ [What default TCP port to use for HTTP listening?])
AC_SUBST(CACHE_HTTP_PORT)
AC_DEFINE_UNQUOTED(CACHE_ICP_PORT, $CACHE_ICP_PORT,
-[What default UDP port to use for ICP listening?])
+ [What default UDP port to use for ICP listening?])
AC_SUBST(CACHE_ICP_PORT)
AC_DEFINE_UNQUOTED(CONFIG_HOST_TYPE, "$host",[Host type from configure])
-AC_DEFINE_UNQUOTED(SQUID_CONFIGURE_OPTIONS, "$ac_configure_args", [configure command line used to configure Squid])
+AC_DEFINE_UNQUOTED(SQUID_CONFIGURE_OPTIONS, "$ac_configure_args",
+ [configure command line used to configure Squid])
CACHE_EFFECTIVE_USER="nobody"
AC_ARG_WITH(default-user,
DEFAULT_PIDFILE="$localstatedir/run/squid.pid"
AC_ARG_WITH(pidfile,
- AS_HELP_STRING([--with-pidfile=PATH],[Default location for squid PID file. default: PREFIX/var/run/squid.pid]),
- [ case $withval in
+ AS_HELP_STRING([--with-pidfile=PATH],
+ [Default location for squid PID file. default: PREFIX/var/run/squid.pid]),
+[case $withval in
yes|no)
AC_MSG_ERROR( --with-pidfile requires a file PATH. --with-pidfile=PATH )
;;
DEFAULT_PIDFILE="$withval"
;;
esac
- ]
-)
+])
AC_SUBST(DEFAULT_PIDFILE)
-dnl Gerben Wierda <Gerben_Wierda@RnA.nl>
-case "$host" in
- mab-next-nextstep3)
- CC="$CC -arch m68k -arch i486 -arch hppa -arch sparc"
- ;;
-esac
-
if test "$GCC" = "yes"; then
GCCVER=`$CC -v 2>&1 | awk '$2 == "version" {print $3}'`
GCCVER2=`echo $GCCVER | awk '{print $1 * 100}'`
i386-*-freebsd*)
if test $GCCVER2 -lt 300 ; then
AC_MSG_FAILURE([GCC $GCCVER causes a coredump on $host. Try a more recent GCC version])
- sleep 5
fi
;;
esac
unset GCCVER
unset GCCVER2
-dnl try to use -pipe
- AC_MSG_CHECKING([if gcc -pipe works])
- SAVED_CFLAGS="$CFLAGS"
- SAVED_CXXFLAGS="$CXXFLAGS"
- CFLAGS="$CFLAGS -pipe"
- CXXFLAGS="$CXXFLAGS -pipe"
- AC_COMPILE_IFELSE(AC_LANG_PROGRAM([],[return 0;]),[AC_MSG_RESULT([yes])],[
- AC_MSG_RESULT([no])
- CFLAGS="$SAVED_CFLAGS"
- CXXFLAGS="$SAVED_CXXFLAGS"
- ])
- unset SAVED_CFLAGS
- unset SAVED_CXXFLAGS
fi
dnl Set Default CFLAGS
CFLAGS=`echo $CFLAGS | sed -e 's/-O[0-9]/-O/'`
;;
*)
- CFLAGS="-Wall $CFLAGS"
+ CFLAGS="$squid_cv_cc_option_wall $CFLAGS"
;;
esac
else
case "$host" in
*mips-sgi-irix6.*)
# suggested by Rafael Seidl <rafaels@cthulhu.engr.sgi.com>
- CFLAGS="-O3 -OPT:Olimit=0:space=OFF \
+ CFLAGS="$squid_cv_cc_option_optimize -OPT:Olimit=0:space=OFF \
-woff 1009,1014,1110,1116,1183,1185,1188,1204,1230,1233,1355 \
-Wl,-woff,85,-woff,84,-woff,134 \
-nostdinc -I/usr/include -D_BSD_SIGNALS $CFLAGS"
- CXXFLAGS="-O3 -OPT:Olimit=0:space=OFF \
+ CXXFLAGS="$squid_cv_cc_option_optimize -OPT:Olimit=0:space=OFF \
-woff 1009,1014,1110,1116,1183,1185,1188,1204,1230,1233,1355 \
-Wl,-woff,85,-woff,84,-woff,134 \
-nostdinc -I/usr/include -D_BSD_SIGNALS $CXXFLAGS"
alpha-dec-osf4.*)
# Mogul says DEC compilers take both -g and -O2
CFLAGS=`echo $CFLAGS | sed -e 's/-g/-g3/'`
- CFLAGS="-O2 $CFLAGS"
+ CFLAGS="$squid_cv_cc_option_optimize $CFLAGS"
;;
*)
;;
dnl TODO: check if the problem will be present in any other newer MinGW release.
case "$host_os" in
mingw|mingw32)
- SQUID_CFLAGS="-Wall -Wpointer-arith -Wwrite-strings -Wcomments"
+ SQUID_CFLAGS="$squid_cv_cc_option_wall -Wpointer-arith -Wwrite-strings -Wcomments"
;;
*)
- SQUID_CFLAGS="-Wall -Wpointer-arith -Wwrite-strings -Wmissing-prototypes -Wmissing-declarations -Wcomments"
+ SQUID_CFLAGS="$squid_cv_cc_option_wall -Wpointer-arith -Wwrite-strings -Wmissing-prototypes -Wmissing-declarations -Wcomments"
;;
esac
- SQUID_CXXFLAGS="-Wall -Wpointer-arith -Wwrite-strings -Wcomments"
- if test "$squid_disable_werror" = "no"
- then
- SQUID_CFLAGS="$SQUID_CFLAGS -Werror"
- SQUID_CXXFLAGS="$SQUID_CXXFLAGS -Werror"
- fi
+ SQUID_CXXFLAGS="$squid_cv_cc_option_wall -Wpointer-arith -Wwrite-strings -Wcomments"
else
SQUID_CFLAGS=
SQUID_CXXFLAGS=
fi
+
+if test "$squid_opt_enable_werror" = "no"
+then
+ SQUID_CFLAGS="$SQUID_CFLAGS $squid_cv_cc_option_werror"
+ SQUID_CXXFLAGS="$SQUID_CXXFLAGS $squid_cv_cc_option_werror"
+fi
+
AC_SUBST(SQUID_CFLAGS)
AC_SUBST(SQUID_CXXFLAGS)
-AC_TEST_CHECKFORHUGEOBJECTS
-SQUID_CXXFLAGS="$SQUID_CXXFLAGS $HUGE_OBJECT_FLAG"
-
-dnl Set LDFLAGS
-if test -z "$PRESET_LDFLAGS"; then
- if test "$GCC" = "yes"; then
- case "$host" in
- *mips-sgi-irix6.*)
- # Silence Linker warnings 84, 85 and 134
- LDFLAGS="-Wl,-woff,85 -Wl,-woff,84 -Wl,-woff,134 $LDFLAGS"
- ;;
- *)
- # nothing
- ;;
- esac
- else
- case "$host" in
- *)
- # nothing
- ;;
- esac
- fi
+SQUID_CXX_CHECK_ARG_FHUGEOBJECTS
+if test "$squid_cv_cxx_arg_fhugeobjects" = "yes"; then
+ SQUID_CXXFLAGS="$SQUID_CXXFLAGS -fhuge-objects"
fi
+# squid_cv_cc_arg_pipe is set by SQUID_CC_GUESS_OPTIONS
+SQUID_CXXFLAGS="$SQUID_CXXFLAGS $squid_cv_cc_arg_pipe"
+SQUID_CFLAGS="$SQUID_CFLAGS $squid_cv_cc_arg_pipe"
SquidInline="yes"
AC_ARG_ENABLE(optimizations,
- AS_HELP_STRING([--disable-optimizations],[Don't compile Squid with compiler optimizations enabled.
+ AS_HELP_STRING([--disable-optimizations],
+ [Do not compile Squid with compiler optimizations enabled.
Optimization is good for production builds, but not
good for debugging. During development, use
--disable-optimizations to reduce compilation times
fi
])
+AH_TEMPLATE(_USE_INLINE_,[Include inline methods into header file])
AC_ARG_ENABLE(inline,
- AS_HELP_STRING([--disable-inline],[Don't compile trivial methods as inline. Squid
+ AS_HELP_STRING([--disable-inline],
+ [Do not compile trivial methods as inline. Squid
is coded with much of the code able to be inlined.
Inlining is good for production builds, but not
good for development. During development, use
if test "$SquidInline" = "yes" ; then
AC_DEFINE(_SQUID_INLINE_, inline, [Keyword used by squid for inlining methods])
- AC_DEFINE(_USE_INLINE_,, [Include inline methods into header file])
+ AC_DEFINE(_USE_INLINE_, 1 , [Include inline methods into header file])
else
AC_MSG_NOTICE([Inlining optimization disabled])
- AC_DEFINE(_SQUID_INLINE_,, [Keyword used by squid for inlining methods])
+ AC_DEFINE(_SQUID_INLINE_,[], [Keyword used by squid for inlining methods])
fi
AC_ARG_ENABLE(debug-cbdata,
- AS_HELP_STRING([--enable-debug-cbdata],[Provide some debug information in cbdata]),
-[ if test "$enableval" = "yes" ; then
- AC_MSG_NOTICE([cbdata debugging enabled])
- AC_DEFINE(CBDATA_DEBUG,1,[Enable for cbdata debug information])
- fi
+ AS_HELP_STRING([--enable-debug-cbdata],
+ [Provide some debug information in cbdata]), [
+if test "$enableval" = "yes" ; then
+ AC_MSG_NOTICE([cbdata debugging enabled])
+ AC_DEFINE(CBDATA_DEBUG,1, [Enable support for cbdata debug information])
+fi
])
dnl Nasty hack to get autoconf 2.64 on Linux to run.
dnl fi
dnl ])
+AH_TEMPLATE(XMALLOC_STATISTICS,[Define to have malloc statistics])
AC_ARG_ENABLE(xmalloc-statistics,
- AS_HELP_STRING([--enable-xmalloc-statistics],[Show malloc statistics in status page]),
-[ if test "$enableval" = "yes" ; then
- AC_MSG_NOTICE([malloc statistics enabled])
- AC_DEFINE(XMALLOC_STATISTICS,1,[Define to have malloc statistics])
- fi
-])
-
-AC_ARG_ENABLE(async-io,
- AS_HELP_STRING([--enable-async-io[=N_THREADS]],[Shorthand for "--with-aufs-threads=N_THREADS --with-pthreads
- --enable-storeio=ufs,aufs"]),
-[ case $enableval in
- yes)
- with_pthreads="yes"
- STORE_MODULES="ufs aufs"
- ;;
- no)
- ;;
- *)
- aufs_io_threads=$enableval
- with_pthreads="yes"
- STORE_MODULES="ufs aufs"
- ;;
- esac
+ AS_HELP_STRING([--enable-xmalloc-statistics],
+ [Show malloc statistics in status page]), [
+if test "$enableval" = "yes" ; then
+ AC_MSG_NOTICE([malloc statistics enabled])
+ AC_DEFINE(XMALLOC_STATISTICS,1)
+fi
])
+squid_opt_aufs_threads=""
AC_ARG_WITH(aufs-threads,
- AS_HELP_STRING([--with-aufs-threads=N_THREADS],[Tune the number of worker threads for the aufs object store.]),
-[ case $withval in
+ AS_HELP_STRING([--with-aufs-threads=N_THREADS],
+ [Tune the number of worker threads for the aufs object store.]), [
+case $withval in
[[0-9]]*)
- aufs_io_threads=$withval
+ squid_opt_aufs_threads=$withval
;;
*)
AC_MSG_ERROR(--with-aufs-threads expects a numeric argument)
;;
esac
])
-if test "$aufs_io_threads"; then
- AC_MSG_NOTICE([With $aufs_io_threads aufs threads])
- AC_DEFINE_UNQUOTED(AUFS_IO_THREADS,$aufs_io_threads,
- [Defines how many threads aufs uses for I/O])
+if test -n "$squid_opt_aufs_threads"; then
+ AC_MSG_NOTICE([With $squid_opt_aufs_threads aufs threads])
+ AC_DEFINE_UNQUOTED(AUFS_IO_THREADS,$squid_opt_aufs_threads,
+ [Defines how many threads aufs uses for I/O])
fi
-AC_ARG_WITH(dl,
- AS_HELP_STRING([--with-dl],[Use dynamic linking]))
+AC_ARG_WITH(dl, AS_HELP_STRING([--with-dl],[Use dynamic linking]))
if test "$with_dl" = "yes"; then
AC_MSG_NOTICE([With dl])
fi
+AC_MSG_CHECKING([for DiskIO modules to be enabled])
+squid_disk_module_candidates=""
+squid_opt_enable_diskio="auto" #values: no, yes, "auto"(=yes+detect modules)
AC_ARG_ENABLE(disk-io,
- AS_HELP_STRING([--enable-disk-io="list of modules"],[Build support for the list of disk I/O modules.
- Set without a value or omitted, all available modules will be built.
- See src/DiskIO for a list of available modules, or
- Programmers Guide section on DiskIO
- for details on how to build your custom disk module]),
-[ case $enableval in
+ AS_HELP_STRING([--enable-disk-io="list of modules"],
+ [Build support for the list of disk I/O modules.
+ Set without a value or omitted, all available modules will be built.
+ See src/DiskIO for a list of available modules, or
+ Programmers Guide section on DiskIO
+ for details on how to build your custom disk module]), [
+case $enableval in
yes)
- for dir in $srcdir/src/DiskIO/*; do
- module="`basename $dir`"
- if test -d "$dir" && test "$module" != CVS; then
- AC_MSG_NOTICE([Autodetected $module DiskIO module])
- MAYBE_DISK_MODULES="$MAYBE_DISK_MODULES $module"
- fi
- done
- AC_DEFINE(USE_DISKIO,1,[DiskIO modules are expected to be available.])
+ ${TRUE}
+ #do nothing, "auto" is ok
;;
no)
- AC_DEFINE(USE_DISKIO,0,[DiskIO modules are expected to be available.])
+ squid_opt_enable_diskio="no"
;;
*)
- MAYBE_DISK_MODULES=" `echo $enableval| sed -e 's/,/ /g;s/ */ /g'` "
- AC_DEFINE(USE_DISKIO,1,[DiskIO modules are expected to be available.])
+ squid_opt_enable_diskio="yes"
+ squid_disk_module_candidates=" `echo $enableval| sed -e 's/,/ /g;s/ */ /g'` "
+ SQUID_CLEANUP_MODULES_LIST([squid_disk_module_candidates])
;;
esac
-],
-[ if test -z "$MAYBE_DISK_MODULES"; then
- AC_MSG_NOTICE([Enabling all available DiskIO modules (default)...])
- for dir in $srcdir/src/DiskIO/*; do
- module="`basename $dir`"
- if test -d "$dir" && test "$module" != CVS; then
- AC_MSG_NOTICE([Autodetected $module DiskIO module])
- MAYBE_DISK_MODULES="$MAYBE_DISK_MODULES $module"
- fi
- done
- AC_DEFINE(USE_DISKIO,1,[DiskIO modules are expected to be available.])
-fi ])
+])
+
+# if requested to autodetect, find out what we have
+if test $squid_opt_enable_diskio = "auto"; then
+ squid_opt_enable_diskio="yes"
+ SQUID_LOOK_FOR_MODULES([$srcdir/src/DiskIO],[squid_disk_module_candidates])
+fi
+
+AC_MSG_RESULT([${squid_disk_module_candidates:-none}])
+SQUID_CHECK_EXISTING_MODULES([$srcdir/src/DiskIO],[squid_disk_module_candidates])
+SQUID_DEFINE_BOOL([USE_DISKIO],$squid_opt_enable_diskio,
+ [DiskIO modules are expected to be available.])
+
+
dnl Some autoconf.h defines we might enable later...
+AC_ARG_WITH(pthreads,AS_HELP_STRING([--without-pthreads],[Disable POSIX Threads]))
+AC_ARG_WITH(aio, AS_HELP_STRING([--without-aio],[Do not use POSIX AIO. Default: auto-detect]))
+AH_TEMPLATE(USE_DISKIO_AIO, [Whether POSIX AIO support is needed. Automatic])
+AH_TEMPLATE(USE_DISKIO_DISKTHREADS, [Whether pthreads support is needed. Automatic])
USE_AIOPS_WIN32=0
-use_aio=
-use_diskthreads=
+squid_opt_use_aio=
+squid_opt_use_diskthreads=
AIOLIB=
dnl Setup the module paths etc.
-FOUND_DISKIO_AIO=
-FOUND_DISKIO_BLOCKING=
-FOUND_DISKIO_DISKDAEMON=
-FOUND_DISKIO_DISKTHREADS=
DISK_LIBS=
DISK_OS_LIBS=
DISK_MODULES=
DISK_LINKOBJS=
-for module in $MAYBE_DISK_MODULES none; do
+for module in $squid_disk_module_candidates none; do
+ # maybe not needed
if test "$module" = "none"; then
continue
fi
fi
case "$module" in
DiskDaemon)
- if test "$FOUND_DISKIO_DISKDAEMON" = "yes" ; then
- AC_MSG_ERROR([DiskIO DiskDaemon module listed twice.])
- fi
- FOUND_DISKIO_DISKDAEMON="yes"
AC_MSG_NOTICE([Enabling DiskDaemon DiskIO module])
DISK_LIBS="$DISK_LIBS libDiskDaemon.a"
DISK_MODULES="$DISK_MODULES DiskDaemon"
DISK_LINKOBJS="$DISK_LINKOBJS DiskIO/DiskDaemon/DiskDaemonDiskIOModule.o"
;;
DiskThreads)
- if test "$FOUND_DISKIO_DISKTHREADS" = "yes" ; then
- AC_MSG_ERROR([DiskIO DiskThreads module listed twice.])
- fi
- FOUND_DISKIO_DISKTHREADS="yes"
- use_diskthreads="yes"
+ squid_opt_use_diskthreads="yes"
LIBPTHREADS=
- SAVE_SQUID_CFLAGS="$SQUID_CFLAGS"
- SAVE_SQUID_CXXFLAGS="$SQUID_CXXFLAGS"
- AC_ARG_WITH(pthreads,AS_HELP_STRING([--without-pthreads],[Disable POSIX Threads]))
+ SQUID_STATE_SAVE([diskthreads_state],[SQUID_CFLAGS SQUID_CXXFLAGS])
if test "$with_pthreads" != "no"; then
dnl TODO: this needs to be extended to handle more systems and better
dnl REF: http://www.openldap.org/lists/openldap-bugs/200006/msg00070.html
dnl REF: http://autoconf-archive.cryp.to/acx_pthread.html
- case "$host" in
- mingw|mingw32)
+ case "$squid_host_os" in
+ mingw)
USE_AIOPS_WIN32=1
AC_MSG_NOTICE([Windows threads support automatically enabled])
;;
- i386-unknown-freebsd*)
+ freebsd)
SQUID_CFLAGS="$SQUID_CFLAGS -D_REENTRANT"
SQUID_CXXFLAGS="$SQUID_CXXFLAGS -D_REENTRANT"
- if test "$GCC" = "yes" ; then
- if test -z "$PRESET_LDFLAGS"; then
- LDFLAGS="$LDFLAGS -pthread"
- fi
+ if test "$GCC" = "yes" -a -z "$PRESET_LDFLAGS" ; then
+ LDFLAGS="$LDFLAGS -pthread"
fi
;;
- *-solaris2.*)
+ solaris)
if test "$GCC" = "yes" ; then
SQUID_CFLAGS="$SQUID_CFLAGS -D_REENTRANT -pthreads"
SQUID_CXXFLAGS="$SQUID_CXXFLAGS -D_REENTRANT -pthreads"
- AC_CHECK_LIB(pthread, main,[LIBPTHREADS="-lpthread"],
+ AC_CHECK_LIB(pthread, pthread_create ,[LIBPTHREADS="-lpthread"],
[ AC_MSG_NOTICE(pthread library required but cannot be found.)
- use_diskthreads="no"
+ squid_opt_use_diskthreads="no"
])
else
dnl test for -lpthread first. libc version is a stub apparently on Solaris.
SQUID_CFLAGS="$SQUID_CFLAGS -D_REENTRANT -lpthread"
SQUID_CXXFLAGS="$SQUID_CXXFLAGS -D_REENTRANT -lpthread"
- AC_CHECK_LIB(pthread, main,[LIBPTHREADS="-lpthread"],
- [ SQUID_CFLAGS="$SAVE_SQUID_CFLAGS -D_REENTRANT -lpthread -mt"
- SQUID_CXXFLAGS="$SAVE_SQUID_CXXFLAGS -D_REENTRANT -lpthread -mt"
- AC_CHECK_LIB(pthread, main,[LIBPTHREADS="-lpthread"],
- [ AC_MSG_NOTICE(pthread library required but cannot be found.)
- use_diskthreads="no"
- ])
- ])
+ AC_SEARCH_LIBS([pthread_create],[pthread thread],[
+ LIBPTHREADS="" #in LIBS
+ ],[
+ AC_MSG_NOTICE(pthread library required but cannot be found.)
+ squid_opt_use_diskthreads="no"
+ ])
fi
;;
*)
SQUID_CFLAGS="$SQUID_CFLAGS -D_REENTRANT"
SQUID_CXXFLAGS="$SQUID_CXXFLAGS -D_REENTRANT"
- AC_CHECK_LIB(pthread, main,[LIBPTHREADS="-lpthread"],
+ AC_CHECK_LIB(pthread, pthread_create ,[LIBPTHREADS="-lpthread"],
[ AC_MSG_NOTICE(pthread library required but cannot be found.)
- use_diskthreads="no"
+ squid_opt_use_diskthreads="no"
])
;;
esac
else
AC_MSG_NOTICE([Native pthreads support manually disabled.])
- use_diskthreads="no"
+ squid_opt_use_diskthreads="no"
fi
- if test "$use_diskthreads" = "yes" ; then
+ if test "$squid_opt_use_diskthreads" = "yes" ; then
AC_DEFINE(USE_DISKIO_DISKTHREADS, 1, [Whether pthreads support is needed. Automatic])
AC_MSG_NOTICE([Enabling DiskThreads DiskIO module])
DISK_LIBS="$DISK_LIBS libDiskThreads.a"
else
AC_DEFINE(USE_DISKIO_DISKTHREADS, 0, [Whether pthreads support is needed. Automatic])
AC_MSG_NOTICE([Native pthreads support disabled. DiskThreads module automaticaly disabled.])
- SQUID_CFLAGS="$SAVE_SQUID_CFLAGS"
- SQUID_CXXFLAGS="$SAVE_SQUID_CXXFLAGS"
+ SQUID_STATE_ROLLBACK([diskthreads_state])
fi
;;
AIO)
- if test "$FOUND_DISKIO_AIO" = "yes" ; then
- AC_MSG_ERROR([DiskIO AIO module listed twice.])
- fi
- FOUND_DISKIO_AIO="yes"
dnl Check for POSIX AIO availability
- use_aio="yes"
+ squid_opt_use_aio="yes"
AIOLIB=
- AC_ARG_WITH(aio, AS_HELP_STRING([--without-aio],[Do not use POSIX AIO. Default: auto-detect]))
if test "$with_aio" != "no"; then
have_aio_header=no
AC_CHECK_HEADERS(aio.h,[have_aio_header=yes])
dnl Enable AIO if the library and headers are found
if test "$AIOLIB" != "" && test "$have_aio_header" = "yes"; then
AC_MSG_NOTICE([Native POSIX AIO support detected.])
- use_aio="yes"
+ squid_opt_use_aio="yes"
else
dnl Windows does things differently. We provide wrappers.
dnl TODO: Windows really needs its own DiskIO module or its Overlaped IO
case "$host_os" in
mingw|mingw32)
- use_aio="yes"
+ squid_opt_use_aio="yes"
AC_MSG_NOTICE([Windows being built. Maybe-enable POSIX AIO.])
;;
*)
AC_MSG_NOTICE([Native POSIX AIO support not detected. AIO automatically disabled.])
- use_aio="no"
+ squid_opt_use_aio="no"
;;
esac
fi
else
AC_MSG_NOTICE([POSIX AIO support manually disabled.])
- use_aio="no"
+ squid_opt_use_aio="no"
fi
dnl Use the POSIX AIO pieces if we actually need them.
- if test "$use_aio" = "yes" ; then
+ if test "$squid_opt_use_aio" = "yes" ; then
AC_DEFINE(USE_DISKIO_AIO, 1, [Whether POSIX AIO support is needed. Automatic])
DISK_MODULES="$DISK_MODULES AIO"
DISK_LIBS="$DISK_LIBS libAIO.a"
;;
Blocking)
- if test "$FOUND_DISKIO_BLOCKING" = "yes" ; then
- AC_MSG_ERROR([DiskIO Blocking module listed twice.])
- fi
- FOUND_DISKIO_BLOCKING="yes"
AC_MSG_NOTICE([Enabling Blocking DiskIO module])
DISK_LIBS="$DISK_LIBS libBlocking.a"
DISK_MODULES="$DISK_MODULES Blocking"
dnl Check what Storage formats are wanted.
dnl This version will error out with a message saying why if a required DiskIO is missing.
-AC_ARG_ENABLE(storeio,
- AS_HELP_STRING([--enable-storeio="list of modules"],[Build support for the list of store I/O modules.
+squid_opt_enable_storeio=auto
+AC_ARG_ENABLE([storeio],
+ AS_HELP_STRING([--enable-storeio="list of modules"],
+ [Build support for the list of store I/O modules.
The default is only to build the "ufs" module.
See src/fs for a list of available modules, or
Programmers Guide section <not yet written>
for details on how to build your custom store module]),
[ case $enableval in
yes)
- for dir in $srcdir/src/fs/*; do
- module="`basename $dir`"
- if test -d "$dir" && test "$module" != CVS && test "$module" != coss; then
- STORE_MODULES="$STORE_MODULES $module"
- fi
- done
+ squid_opt_enable_storeio=auto
;;
no)
+ squid_opt_enable_storeio=no
;;
*)
- STORE_MODULES="`echo $enableval| sed -e 's/,/ /g;s/ */ /g'`"
+ squid_opt_enable_storeio=yes
+ squid_storeio_module_candidates="`echo $enableval| sed -e 's/,/ /g;s/ */ /g'`"
+ # ufs is really always needed as it has low-level routines
+ # if it is a dupe it will be cleaned-up later
+ squid_storeio_module_candidates="$squid_storeio_module_candidates ufs"
;;
esac
-],
-[ if test -z "$STORE_MODULES"; then
- STORE_MODULES="ufs"
- fi
])
-if test -n "$STORE_MODULES"; then
- dnl ensure that all modules a) exist and b) only include once.
- STORE_MODULES_FULL=$STORE_MODULES
- STORE_MODULES=
- for module in $STORE_MODULES_FULL; do
- have_mod=`echo "$STORE_MODULES" | grep "$module"`
- if test "$have_mod" != ""; then
- AC_MSG_NOTICE([Removing duplicate $module from storeio])
- elif test -d $srcdir/src/fs/$module; then
- STORE_MODULES="$STORE_MODULES $module"
- else
- AC_MSG_ERROR(storeio $module does not exist)
- fi
- done
- for module in $STORE_MODULES_FULL; do
- case "$module" in
- coss)
- echo "WARNING: COSS Support is not stable yet in Squid-3. Please do not use."
- sleep 10
- ;;
- esac
- done
- AC_MSG_NOTICE([Store modules built: $STORE_MODULES])
+if test "$squid_opt_enable_storeio" = "auto"; then
+ squid_opt_enable_storeio=yes
+ AC_MSG_CHECKING([for available StoreIO modules])
+ SQUID_LOOK_FOR_MODULES([$srcdir/src/fs],[squid_storeio_module_candidates])
+ # disable coss
+ squid_storeio_module_candidates=`echo $squid_storeio_module_candidates|sed 's/coss//'`
+ AC_MSG_RESULT([$squid_storeio_module_candidates])
fi
-for fs in $STORE_MODULES none; do
+
+SQUID_CLEANUP_MODULES_LIST([squid_storeio_module_candidates])
+SQUID_CHECK_EXISTING_MODULES([$srcdir/src/fs],[squid_storeio_module_candidates])
+AC_MSG_NOTICE([Store modules built: $squid_storeio_module_candidates])
+
+for fs in $squid_storeio_module_candidates none; do
case "$fs" in
diskd)
- if ! test "$FOUND_DISKIO_BLOCKING" = "yes" && ! test "$FOUND_DISKIO_DISKDAEMON" = "yes" ; then
- AC_MSG_ERROR([Storage diskd module requires DiskIO modules: Blocking or DiskDaemon])
+ if test "$squid_disk_module_candidates_Blocking" != "yes" -a \
+ "$squid_disk_module_candidates_DiskDaemon" != "yes" ; then
+ AC_MSG_ERROR([Storage diskd module requires DiskIO module: Blocking or DiskDaemon])
fi
- NEED_UFS="true"
;;
aufs)
- if ! test "$FOUND_DISKIO_BLOCKING" = "yes" && ! test "$FOUND_DISKIO_DISKTHREADS" = "yes" ; then
- AC_MSG_ERROR([Storage diskd module requires DiskIO modules: Blocking or DiskThreads])
+ if test "$squid_disk_module_candidates_Blocking" != "yes" -a \
+ "$squid_disk_module_candidates_DiskThreads" != "yes" ; then
+ AC_MSG_ERROR([Storage module aufs requires DiskIO module: Blocking or DiskThreads])
fi
- NEED_UFS="true"
;;
coss)
- if ! test "$FOUND_DISKIO_AIO" = "yes"; then
+ AC_MSG_WARN([COSS Support is not stable yet in Squid-3. Please do not use.\a])
+ if ! test "$squid_disk_module_candidates_AIO" = "yes"; then
AC_MSG_ERROR([COSS requires POSIX AIO which is not available.])
fi
dnl
STORE_TESTS="$STORE_TESTS tests/testCoss$EXEEXT"
;;
ufs)
- UFS_FOUND="true"
STORE_TESTS="$STORE_TESTS tests/testUfs$EXEEXT"
esac
done
-if test -z "$UFS_FOUND" && test -n "$NEED_UFS"; then
- AC_MSG_NOTICE([Adding UFS, as it contains core logic for diskd and aufs])
- STORE_MODULES="$STORE_MODULES ufs"
- dnl
- dnl Automake om MinGW needs explicit exe extension
- dnl for STORE_TESTS substition
- dnl
- STORE_TESTS="$STORE_TESTS tests/testUfs$EXEEXT"
-fi
-
+dnl hack: need to define those even if not used in the build system to
+dnl make sure that global FS objects are linked to the squid binary.
AH_TEMPLATE(HAVE_FS_UFS, "Define to 1 if ufs filesystem module is build")
AH_TEMPLATE(HAVE_FS_AUFS, "Define to 1 if aufs filesystem module is build")
AH_TEMPLATE(HAVE_FS_DISKD, "Define to 1 if diskd filesystem module is build")
AH_TEMPLATE(HAVE_FS_COSS, "Define to 1 if coss filesystem module is build")
-dnl got final STORE_MODULES, build library lists
+dnl got final squid_storeio_module_candidates, build library lists
dnl This list will not be needed when each fs library has its own Makefile
STORE_LIBS_TO_BUILD=
dnl File system libraries to link executables with.
dnl These are the same as STORE_LIBS_TO_BUILD, but with a path
STORE_LIBS_TO_ADD=
-for fs in $STORE_MODULES; do
+for fs in $squid_storeio_module_candidates; do
STORE_LIBS_TO_BUILD="$STORE_LIBS_TO_BUILD lib${fs}.la"
STORE_LIBS_TO_ADD="$STORE_LIBS_TO_ADD fs/lib${fs}.la"
- HAVE_FS_TYPE=HAVE_FS_`echo $fs | sed 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'`
- AC_DEFINE_UNQUOTED($HAVE_FS_TYPE, 1)
+ SQUID_TOUPPER_VAR_CONTENTS([fs])
+ AC_DEFINE_UNQUOTED(HAVE_FS_${fs}, 1)
done
AC_SUBST(STORE_LIBS_TO_BUILD)
dnl so we must set it as default.
REPL_POLICIES="lru"
AC_ARG_ENABLE(removal-policies,
- AS_HELP_STRING([--enable-removal-policies="list of policies"],[Build support for the list of removal policies.
+ AS_HELP_STRING([--enable-removal-policies="list of policies"],
+ [Build support for the list of removal policies.
The default is only to build the "lru" module.
See src/repl for a list of available modules, or
Programmers Guide section 9.9 for details on how
to build your custom policy]),
[ case $enableval in
yes)
- for dir in $srcdir/src/repl/*; do
- module="`basename $dir`"
- if test -d "$dir" && test "$module" != CVS && test "$module" != "lru"; then
- REPL_POLICIES="$REPL_POLICIES $module"
- fi
- done
+ SQUID_LOOK_FOR_MODULES([$srcdir/src/repl],[REPL_POLICIES])
;;
no)
;;
esac
])
if test -n "$REPL_POLICIES"; then
- for module in $REPL_POLICIES; do
- if test -d $srcdir/src/repl/$module; then
- :
- else
- AC_MSG_ERROR(Removal policy $module does not exist)
- fi
- done
- AC_MSG_NOTICE([Removal policies built: $REPL_POLICIES])
+ SQUID_CHECK_EXISTING_MODULES([$srcdir/src/repl],[REPL_POLICIES])
+ AC_MSG_NOTICE([Removal policies to build: $REPL_POLICIES])
REPL_OBJS="repl/lib`echo $REPL_POLICIES|sed -e 's% %.a repl/lib%g'`.a"
REPL_LIBS="`echo $REPL_OBJS|sed -e 's%repl/%%g'`"
fi
AS_HELP_STRING([--enable-icmp],[Enable ICMP pinging and Network Measurement]),
[ if test "$enableval" = "yes" ; then
AC_MSG_NOTICE([ICMP enabled])
- AC_DEFINE(USE_ICMP,1,[Define to use Squid's ICMP and Network Measurement features (highly recommended!)])
+ AC_DEFINE(USE_ICMP,1,[Define to use Squid ICMP and Network Measurement features (highly recommended!)])
AM_CONDITIONAL(ENABLE_PINGER, true)
fi
])
])
dnl disable generic/common adaptation support by default
-use_adaptation=no
+squid_opt_use_adaptation=no
-use_esi=yes
+squid_opt_use_esi=yes
+AH_TEMPLATE([USE_SQUID_ESI],
+ [Define to enable the ESI processor and Surrogate header support])
AC_ARG_ENABLE(esi,
- AS_HELP_STRING([--enable-esi],[Enable ESI for accelerators. Benefits from expat or libxml2.
- Enabling ESI will cause squid reverse proxies to be capable of the
- Edge Acceleration Specification (www.esi.org).]),
- use_esi=$enableval, use_esi=no)
+ AS_HELP_STRING([--enable-esi],
+ [Enable ESI for accelerators. Benefits from expat or libxml2.
+ Enabling ESI will cause squid reverse proxies to be capable
+ of the Edge Acceleration Specification (www.esi.org).]),
+ [squid_opt_use_esi=$enableval], [squid_opt_use_esi=no])
HAVE_LIBEXPAT=0
EXPATLIB=
HAVE_LIBXML2=0
XMLLIB=
-if test "$use_esi" = "yes" ; then
+if test "$squid_opt_use_esi" = "yes" ; then
AC_MSG_NOTICE([Enabling ESI processor and Surrogate header support.])
- AC_DEFINE(USE_SQUID_ESI,1,[Compile the ESI processor and Surrogate header support])
-
- AC_ARG_WITH(expat, AS_HELP_STRING([--without-expat],[Do not use expat for ESI. Default: auto-detect]))
- if test "$with_expat" != "no" ; then
- AC_CHECK_LIB([expat], [main], [EXPATLIB="-lexpat"; HAVE_LIBEXPAT=1])
- AC_CHECK_HEADERS([expat.h])
- AC_DEFINE_UNQUOTED(HAVE_LIBEXPAT, $HAVE_LIBEXPAT, [Define to 1 if you have the expat library])
- if test "$with_expat" = "yes" && test "$HAVE_LIBEXPAT" != "1" ; then
- AC_MSG_ERROR([Required library expat is not able to be found.])
- fi
- fi
+ AC_DEFINE(USE_SQUID_ESI,1,
+ [Compile the ESI processor and Surrogate header support])
+else
+ AC_MSG_NOTICE([Disabling ESI processor])
+fi
- AC_ARG_WITH(libxml2, AS_HELP_STRING([--without-libxml2],[Do not use libxml2 for ESI. Default: auto-detect]))
- if test "$with_libxml2" != "no" ; then
- AC_CHECK_LIB([xml2], [main], [XMLLIB="-lxml2"; HAVE_LIBXML2=1])
- dnl Find the main header and include path...
- AC_CHECK_HEADERS([libxml/parser.h], [], [
- SAVED_CPPFLAGS="$CPPFLAGS"
- CPPFLAGS="-I/usr/include/libxml2 $CPPFLAGS"
- unset ac_cv_header_libxml_parser_h
- AC_CHECK_HEADERS([libxml/parser.h], [ac_cv_libxml2_include=yes], [])
- CPPFLAGS="$SAVED_CPPFLAGS"
- ])
- if test "x$ac_cv_libxml2_include" = "xyes"; then
- SQUID_CXXFLAGS="-I/usr/include/libxml2 $SQUID_CXXFLAGS"
- CPPFLAGS="-I/usr/include/libxml2 $CPPFLAGS"
- fi
- dnl Now that we know where to look find the other headers...
- AC_CHECK_HEADERS(libxml/HTMLparser.h libxml/HTMLtree.h)
- AC_DEFINE_UNQUOTED(HAVE_LIBXML2, $HAVE_LIBXML2, [Define to 1 if you have the libxml2 library])
- if test "$with_libxml2" = "yes" && test "$HAVE_LIBXML2" != "1" ; then
- AC_MSG_ERROR([Required library libxml2 is not able to be found.])
- fi
+# ESI support libraries: expat
+AC_ARG_WITH(expat, AS_HELP_STRING([--without-expat],[Do not use expat for ESI. Default: auto-detect]))
+if test "$squid_opt_use_esi" = "yes" -a "$with_expat" != "no" ; then
+ AC_CHECK_LIB([expat], [main], [EXPATLIB="-lexpat"; HAVE_LIBEXPAT=1])
+ AC_CHECK_HEADERS([expat.h])
+ AC_DEFINE_UNQUOTED(HAVE_LIBEXPAT, $HAVE_LIBEXPAT, [Define to 1 if you have the expat library])
+ if test "$with_expat" = "yes" && test "$HAVE_LIBEXPAT" != "1" ; then
+ AC_MSG_ERROR([Required library expat is not able to be found.])
fi
+fi
-else
- AC_MSG_NOTICE([Disabling ESI processor and Surrogate header support.])
+AC_ARG_WITH(libxml2, AS_HELP_STRING([--without-libxml2],[Do not use libxml2 for ESI. Default: auto-detect]))
+if test "$squid_opt_use_esi" = "yes" -a "$with_libxml2" != "no" ; then
+ AC_CHECK_LIB([xml2], [main], [XMLLIB="-lxml2"; HAVE_LIBXML2=1])
+ dnl Find the main header and include path...
+ AC_CHECK_HEADERS([libxml/parser.h], [], [
+ SAVED_CPPFLAGS="$CPPFLAGS"
+ CPPFLAGS="-I/usr/include/libxml2 $CPPFLAGS"
+ unset ac_cv_header_libxml_parser_h
+ AC_CHECK_HEADERS([libxml/parser.h], [ac_cv_libxml2_include=yes], [])
+ CPPFLAGS="$SAVED_CPPFLAGS"
+ ])
+ if test "x$ac_cv_libxml2_include" = "xyes"; then
+ SQUID_CXXFLAGS="-I/usr/include/libxml2 $SQUID_CXXFLAGS"
+ CPPFLAGS="-I/usr/include/libxml2 $CPPFLAGS"
+ fi
+ dnl Now that we know where to look find the other headers...
+ AC_CHECK_HEADERS(libxml/HTMLparser.h libxml/HTMLtree.h)
+ AC_DEFINE_UNQUOTED(HAVE_LIBXML2, $HAVE_LIBXML2, [Define to 1 if you have the libxml2 library])
+ if test "$with_libxml2" = "yes" && test "$HAVE_LIBXML2" != "1" ; then
+ AC_MSG_ERROR([Required library libxml2 is not able to be found.])
+ fi
fi
-AM_CONDITIONAL(USE_ESI, test "$use_esi" = "yes")
+
+AM_CONDITIONAL(USE_ESI, test "$squid_opt_use_esi" = "yes")
AM_CONDITIONAL(HAVE_LIBEXPAT, test $HAVE_LIBEXPAT = 1)
AC_SUBST(EXPATLIB)
AM_CONDITIONAL(HAVE_LIBXML2, test $HAVE_LIBXML2 = 1)
AC_SUBST(XMLLIB)
-AM_CONDITIONAL(USE_ICAP_CLIENT, false)
+# icap argument handling
AC_ARG_ENABLE(icap-client,
AS_HELP_STRING([--enable-icap-client],[Enable the ICAP client.]),
- use_icap_client=$enableval, use_icap_client=no)
-if test "$use_icap_client" = "yes" ; then
- AC_DEFINE(ICAP_CLIENT,1,[Enable ICAP client features in Squid])
- AM_CONDITIONAL(USE_ICAP_CLIENT, true)
+ [squid_opt_use_icap_client=$enableval], [squid_opt_use_icap_client=no])
+SQUID_DEFINE_BOOL([ICAP_CLIENT],$squid_opt_use_icap_client,
+ [Enable ICAP client features in Squid])
+AM_CONDITIONAL(USE_ICAP_CLIENT, [test "$squid_opt_use_icap_client" = "yes" ])
+if test "$squid_opt_use_icap_client" = "yes" ; then
ICAP_LIBS="icap/libicap.la"
- use_adaptation=yes
+ squid_opt_use_adaptation=yes
else
- AC_DEFINE(ICAP_CLIENT,0,[Enable ICAP client features in Squid])
ICAP_LIBS=""
fi
AC_SUBST(ICAP_LIBS)
-use_ecap=1
+squid_opt_use_ecap=1
AC_MSG_CHECKING(whether to support eCAP)
AC_ARG_ENABLE(ecap,
- AS_HELP_STRING([--enable-ecap],[support loadable content adaptation modules]),
- [
- case "${enableval}" in
- yes) use_ecap=yes ;;
- no) use_ecap=no ;;
- *) AC_MSG_ERROR(bad value ${enableval} for --enable-ecap) ;;
- esac
- AC_MSG_RESULT([$use_ecap, explicitly])
- ],
- [
- use_ecap=no;
- AC_MSG_RESULT([$use_ecap, implicitly])
+ AS_HELP_STRING([--enable-ecap],[support loadable content adaptation modules]), [
+ case "${enableval}" in
+ yes|no) squid_opt_use_ecap=$enableval ;;
+ *) AC_MSG_ERROR(bad value ${enableval} for --enable-ecap) ;;
+ esac
+AC_MSG_RESULT([$squid_opt_use_ecap, explicitly])
+ ], [
+ squid_opt_use_ecap=no;
+ AC_MSG_RESULT([$squid_opt_use_ecap, implicitly])
]
)
dnl Perform configuration consistency checks for eCAP
ECAPLIB=""
-if test $use_ecap = yes;
+if test $squid_opt_use_ecap = yes;
then
dnl eCAP support requires loadable modules, which are enabled by default
if test "$use_loadable_modules" != "yes"
)
fi
-AM_CONDITIONAL(USE_ECAP, test $use_ecap = yes)
-if test $use_ecap = yes;
+AM_CONDITIONAL(USE_ECAP, test $squid_opt_use_ecap = yes)
+if test $squid_opt_use_ecap = yes;
then
AC_DEFINE(USE_ECAP,1,[Enable eCAP support])
ECAP_LIBS="ecap/libecap.la $ECAP_LIBS"
- use_adaptation=yes
+ squid_opt_use_adaptation=yes
else
AC_DEFINE(USE_ECAP,0,[Disable eCAP support])
ECAP_LIBS=""
dnl enable adaptation if requested by specific adaptation mechanisms
-AM_CONDITIONAL(USE_ADAPTATION, test $use_adaptation = yes)
-if test $use_adaptation = yes
+AM_CONDITIONAL(USE_ADAPTATION, test $squid_opt_use_adaptation = yes)
+if test $squid_opt_use_adaptation = yes
then
AC_DEFINE(USE_ADAPTATION,1,[common adaptation support])
ADAPTATION_LIBS="adaptation/libadaptation.la"
dnl [ if test "$enableval" = "yes" ; then
dnl AC_MSG_NOTICE([Memory trace (to file) enabled])
dnl AC_DEFINE(MEM_GEN_TRACE,1,[Define for log file trace of mem alloc/free])
-dnl fi
-dnl ])
+dnl fi
+dnl ])
+
AC_ARG_ENABLE(useragent-log,
- AS_HELP_STRING([--enable-useragent-log],[Enable logging of User-Agent header]),
-[ if test "$enableval" = "yes" ; then
- AC_MSG_NOTICE([User-Agent logging enabled])
- AC_DEFINE(USE_USERAGENT_LOG,1,[If you want to log User-Agent request header values, define this.
- By default, they are written to useragent.log in the Squid log
- directory.])
- fi
+ AS_HELP_STRING([--enable-useragent-log],
+ [Enable logging of User-Agent header]), [
+SQUID_YESNO([$enableval],
+ [unrecognized argument to --enable-useragent-log: $enableval])
+ enable_useragent_log=$enableval
])
+SQUID_DEFINE_BOOL(USE_USERAGENT_LOG,${enable_useragent_log:=no},
+ [If you want to log User-Agent request header values, define this.])
+AC_MSG_NOTICE([User-Agent logging enabled: $enable_useragent_log])
AC_ARG_ENABLE(referer-log,
- AS_HELP_STRING([--enable-referer-log],[Enable logging of Referer header]),
-[ if test "$enableval" = "yes" ; then
- AC_MSG_NOTICE([Referer logging enabled])
- AC_DEFINE(USE_REFERER_LOG,1,[If you want to log Referer request header values, define this.
- By default, they are written to referer.log in the Squid log
- directory.])
- fi
+ AS_HELP_STRING([--enable-referer-log],[Enable logging of Referer header]), [
+SQUID_YESNO([$enableval],
+ [unrecognized argument to --enable-referer-log: $enableval])
])
+SQUID_DEFINE_BOOL(USE_REFERER_LOG,${enable_referer_log:=no},
+ [If you want to log Referer request header values, define this.
+ By default, they are written to referer.log in the Squid logdir.
+ This feature is deprecated in favour of custom log formats])
+AC_MSG_NOTICE([Referer logging enabled: $enable_referer_log])
-USE_WCCP=1
-AC_ARG_ENABLE(wccp,
- AS_HELP_STRING([--disable-wccp],[Disable Web Cache Coordination Protocol]),
-[ if test "$enableval" = "no" ; then
- AC_MSG_NOTICE([Web Cache Coordination Protocol disabled])
- USE_WCCP=0
- fi
-])
-if test $USE_WCCP = 1; then
- AC_DEFINE(USE_WCCP, 1, [Define to enable WCCP])
-fi
+AC_ARG_ENABLE(wccp,
+ AS_HELP_STRING([--disable-wccp],[Disable Web Cache Coordination Protocol]), [
+SQUID_YESNO([$enableval],[unrecognized argument to --disable-wccp: $enableval])
+])
+SQUID_DEFINE_BOOL(USE_WCCP, ${enable_wccp:=yes}, [Define to enable WCCP])
+AC_MSG_NOTICE([Web Cache Coordination Protocol enabled: $enable_wccp])
-USE_WCCPv2=1
AC_ARG_ENABLE(wccpv2,
- AS_HELP_STRING([--disable-wccpv2],[Disable Web Cache Coordination V2 Protocol]),
-[ if test "$enableval" = "no" ; then
- AC_MSG_NOTICE(["Web Cache Coordination V2 Protocol disabled])
- USE_WCCPv2=0
- fi
+ AS_HELP_STRING([--disable-wccpv2],
+ [Disable Web Cache Coordination V2 Protocol]), [
+SQUID_YESNO([$enableval],
+ [unrecognized argument to --disable-wccpv2: $enableval])
])
-if test $USE_WCCPv2 = 1; then
- AC_DEFINE(USE_WCCPv2, 1, [Define to enable WCCP V2])
-fi
+SQUID_DEFINE_BOOL(USE_WCCPv2,${enable_wccpv2:=yes},
+ [Define to enable WCCP V2])
+AC_MSG_NOTICE([Web Cache Coordination V2 Protocol enabled: $enable_wccpv2])
AC_ARG_ENABLE(kill-parent-hack,
- AS_HELP_STRING([--enable-kill-parent-hack],[Kill parent on shutdown]),
-[ if test "$enableval" = "yes" ; then
- AC_MSG_NOTICE([Kill parent on shutdown])
- AC_DEFINE(KILL_PARENT_OPT,1,[A dangerous feature which causes Squid to kill its parent process upon receipt of SIGTERM or SIGINT. Use with caution.])
- fi
+ AS_HELP_STRING([--enable-kill-parent-hack],[Kill parent on shutdown]), [
+SQUID_YESNO([$enableval],
+ [unrecognized argument to --enable-kill-parent-hack: $enableval])
])
+SQUID_DEFINE_BOOL(KILL_PARENT_OPT,${enable_kill_parent_hack:=no},
+ [A dangerous feature which causes Squid to kill its parent
+ process (presumably the RunCache script) upon receipt
+ of SIGTERM or SIGINT. Deprecated, Use with caution.])
+AC_MSG_NOTICE([Kill parent on shutdown hack enabled: $enable_kill_parent_hack])
-USE_SNMP=true
AC_ARG_ENABLE(snmp,
- AS_HELP_STRING([--disable-snmp],[Disable SNMP monitoring support]),
-[ if test "$enableval" = "no" ; then
- AC_MSG_NOTICE([SNMP monitoring disabled])
- USE_SNMP=
- fi
-])
-if test x"$USE_SNMP" = xtrue; then
- AC_DEFINE(SQUID_SNMP,1,[Define to enable SNMP monitoring of Squid])
+ AS_HELP_STRING([--disable-snmp],[Disable SNMP monitoring support]), [
+ SQUID_YESNO([$enableval],
+ [unrecognized argument to --disable-snmp: $enableval])
+])
+SQUID_DEFINE_BOOL(SQUID_SNMP,${enable_snmp:=yes},
+ [Define to enable SNMP monitoring of Squid])
+AM_CONDITIONAL(USE_SNMP, [test "$enable_snmp" = "yes"])
+if test "$enable_snmp" = "yes"; then
SNMPLIB='../snmplib/libsnmp.a'
makesnmplib=snmplib
fi
-AM_CONDITIONAL(USE_SNMP, [test x$USE_SNMP = xtrue])
+AC_MSG_NOTICE([SNMP support enabled: $enable_snmp])
AC_SUBST(SNMPLIB)
AC_SUBST(makesnmplib)
AC_ARG_ENABLE(cachemgr-hostname,
- AS_HELP_STRING([--enable-cachemgr-hostname=hostname],[Make cachemgr.cgi default to this host.
- If unspecified, uses the name of the build-host]),
-[ case $enableval in
- yes)
- AC_DEFINE(CACHEMGR_HOSTNAME,[getfullhostname()],
- [If you are upset that the cachemgr.cgi form comes up with the hostname field blank, then define this to getfullhostname()])
- AC_MSG_NOTICE([Cachemgr default hostname == host where cachemgr runs])
- ;;
- no)
- : # Nothing to do..
- ;;
- *)
- AC_DEFINE_UNQUOTED(CACHEMGR_HOSTNAME,"${enableval}")
- AC_MSG_NOTICE([Cachemgr default hostname set to ${enableval}])
- ;;
- esac
+ AS_HELP_STRING([--enable-cachemgr-hostname=hostname],
+ [Make cachemgr.cgi default to this host.
+ If unspecified, uses the name of the build-host]), [
+ case $enableval in
+ yes)
+ AC_DEFINE(CACHEMGR_HOSTNAME,[getfullhostname()],
+ [If you are upset that the cachemgr.cgi form comes up with the hostname field blank, then define this to getfullhostname()])
+ AC_MSG_NOTICE([Cachemgr default hostname == host where cachemgr runs])
+ ;;
+ no)
+ : # Nothing to do..
+ ;;
+ *)
+ AC_DEFINE_UNQUOTED(CACHEMGR_HOSTNAME,"${enableval}")
+ AC_MSG_NOTICE([Cachemgr default hostname set to ${enableval}])
+ ;;
+ esac
])
-AM_CONDITIONAL(USE_SQUID_EUI, false)
-use_sq_eui="yes"
AC_ARG_ENABLE(eui,
- AS_HELP_STRING([--disable-eui],[Disable use of ARP / MAC/ EUI (ether address)]),
- [use_sq_eui="$enableval"])
-if test "$use_sq_eui" = "yes" ; then
- AC_MSG_NOTICE([EUI controls enabled (ether address)])
- case "$host" in
- *-linux-*)
- ;;
- *-solaris*)
- ;;
- *-freebsd*)
- ;;
- *-openbsd*)
- ;;
- *-netbsd*)
- ;;
- *-cygwin*)
- EUILIB="-liphlpapi"
+ AS_HELP_STRING([--disable-eui],
+ [Enable use of ARP / MAC/ EUI (ether address)]), [
+SQUID_YESNO([$enableval],[--disable-eui expects no arguments])
+])
+if test ${enable_eui:=yes} = "yes" ; then
+ case "$squid_host_os" in
+ linux|solaris|freebsd|openbsd|netbsd)
+ ${TRUE}
;;
- *-mingw*)
+ cygwin|mingw)
EUILIB="-liphlpapi"
;;
*)
- AC_MSG_WARN([EUI support probably won't work on $host.])
- sleep 10
+ AC_MSG_WARN([EUI support probably will not work on host $host.])
;;
esac
AC_CHECK_HEADERS( \
sys/sysctl.h \
sys/ioctl.h \
)
- AC_DEFINE(USE_SQUID_EUI,1,[Define this to include code which lets you use ethernet hardware addresses. This code uses functions found in 4.4 BSD derviations (e.g. FreeBSD, ?).])
- AM_CONDITIONAL(USE_SQUID_EUI, true)
-else
- AC_MSG_NOTICE([EUI controls disabled (ether address)])
fi
+AC_MSG_NOTICE([EUI (MAC address) controls enabled: $enable_eui])
+SQUID_DEFINE_BOOL(USE_SQUID_EUI,$enable_eui,
+ [Define this to include code which lets you use ethernet addresses. This code uses API initially defined in 4.4-BSD.])
+AM_CONDITIONAL(USE_SQUID_EUI, [test "$enable_eui" = "yes" ])
+
-USE_HTCP=true
-AM_CONDITIONAL(ENABLE_HTCP, false)
AC_ARG_ENABLE(htcp,
- AS_HELP_STRING([--disable-htcp],[Disable HTCP protocol support]),
-[ if test "$enableval" = "no" ; then
- AC_MSG_NOTICE([HTCP support disabled])
- fi
+ AS_HELP_STRING([--disable-htcp],[Disable HTCP protocol support]), [
+SQUID_YESNO([$enableval],
+ [unrecognized argument to --disable-htcp: $enableval])
])
-if test x$USE_HTCP = xtrue; then
- AC_DEFINE(USE_HTCP,1, [Define this to include code for the Hypertext Cache Protocol (HTCP)])
-fi
-AM_CONDITIONAL(ENABLE_HTCP, [test x$USE_HTCP = xtrue])
+SQUID_DEFINE_BOOL([USE_HTCP],${enable_htcp:=yes},
+ [Define this to include code for the Hypertext Cache Protocol (HTCP)])
+AM_CONDITIONAL(ENABLE_HTCP, [test "$enable_htcp" = "yes"])
+AC_MSG_NOTICE([HTCP support enabled: $enable_htcp])
-dnl SSL is not enabled by default.
-AM_CONDITIONAL(ENABLE_SSL, false)
-dnl Default is to use OpenSSL when available
+# SSL is not enabled by default.
+# Default is to use OpenSSL when available
AC_ARG_ENABLE(ssl,
- AS_HELP_STRING([--enable-ssl],[Enable ssl gatewaying support using OpenSSL]),
-[ if test "$enableval" != "no"; then
- AC_MSG_NOTICE([SSL gatewaying using OpenSSL enabled])
- AC_DEFINE(USE_SSL,1,[Define this to include code for SSL encryption.])
- AM_CONDITIONAL(ENABLE_SSL, true)
- case "$host_os" in
- mingw|mingw32)
- dnl Native Windows port of OpenSSL needs -lgdi32
+ AS_HELP_STRING([--enable-ssl],
+ [Enable ssl gatewaying support using OpenSSL]), [
+SQUID_YESNO([$enableval],
+ [unrecognized argument to --enable-ssl: $enableval])
+])
+# USE_OPENSSL is AC_DEFINED later
+# default for ssl is set here
+if test ${enable_ssl:=no} = "yes" ; then
+ if test "$squid_host_os" = "mingw" ; then
SSLLIB='-lssleay32 -leay32 -lgdi32'
- ;;
- *)
+ else
SSLLIB='-lssl -lcrypto'
- ;;
- esac
- USE_OPENSSL=1
- fi
-])
+ fi
+ if test -z "$with_openssl"; then
+ with_openssl=yes
+ fi
+ if test -z "$with_openssl"; then
+ with_openssl=yes
+ fi
+fi
+AM_CONDITIONAL(ENABLE_SSL,[ test $enable_ssl = "yes" ])
+AC_MSG_NOTICE([SSL gatewaying support enabled: $enable_ssl])
dnl User may specify OpenSSL is needed from a non-standard location
AC_ARG_WITH(openssl,
- AS_HELP_STRING([--with-openssl{=PATH}],[Compile with the OpenSSL libraries. The path to
+ AS_HELP_STRING([--with-openssl=PATH],
+ [Compile with the OpenSSL libraries. The path to
the OpenSSL development libraries and headers
installation can be specified if outside of the
- system standard directories]),
-[
- case "$with_openssl" in
- yes)
- USE_OPENSSL=1
- ;;
- no)
- USE_OPENSSL=
+ system standard directories]), [
+case "$with_openssl" in
+ yes|no)
+ : # Nothing special to do here
;;
*)
+ if test ! -d $withval ; then
+ AC_MSG_ERROR([--with-openssl path does not point to a directory])
+ fi
SSLLIBDIR="$with_openssl/lib"
CPPFLAGS="-I$with_openssl/include $CPPFLAGS"
- USE_OPENSSL=1
+ with_openssl=yes
esac
])
-if test -n "$USE_OPENSSL"; then
- AC_MSG_NOTICE([Using OpenSSL MD5 implementation])
- AC_DEFINE(USE_OPENSSL,1,[Define this to make use of the OpenSSL libraries for MD5 calculation rather than Squid's own MD5 implementation or if building with SSL encryption (USE_SSL)])
+SQUID_DEFINE_BOOL(USE_SSL,$enable_ssl,
+ [Define this to include code for SSL gatewaying support])
+AC_MSG_NOTICE([Using OpenSSL MD5 implementation: ${with_openssl:=no}])
+SQUID_DEFINE_BOOL(USE_OPENSSL,${with_openssl},
+ [Define this to make use of the OpenSSL libraries for MD5 calculation rather than Squid-supplied MD5 implementation or if building with SSL encryption])
+if test "$enable_ssl" = "yes"; then
if test -z "$SSLLIB"; then
SSLLIB="-lcrypto" # for MD5 routines
fi
- dnl This is a workaround for RedHat 9 brain damage..
+ # This is a workaround for RedHat 9 brain damage..
if test -d /usr/kerberos/include && test -z "$SSLLIBDIR" && test -f /usr/include/openssl/kssl.h; then
AC_MSG_NOTICE([OpenSSL depends on Kerberos])
SSLLIBDIR="/usr/kerberos/lib"
AC_ARG_ENABLE(forw-via-db,
- AS_HELP_STRING([--enable-forw-via-db],[Enable Forw/Via database]),
-[ if test "$enableval" = "yes" ; then
- AC_MSG_NOTICE([FORW-VIA enabled])
- AC_DEFINE(FORW_VIA_DB,1,[Enable Forw/Via database])
- fi
+ AS_HELP_STRING([--enable-forw-via-db],[Enable Forw/Via database]), [
+ SQUID_YESNO([$enableval],[unrecognized argument to --enable-forw-via-db: $enableval])
])
+SQUID_DEFINE_BOOL(USE_FORW_VIA_DB,${enable_forw_via_db:=no},
+ [Enable Forw/Via database])
+AC_MSG_NOTICE([Forw/Via database enabled: $enable_forw_via_db])
AC_ARG_ENABLE(cache-digests,
- AS_HELP_STRING([--enable-cache-digests],[Use Cache Digests.
- See http://wiki.squid-cache.org/SquidFaq/CacheDigests]),
-[ if test "$enableval" = "yes" ; then
- AC_MSG_NOTICE([Cache Disgests enabled])
- AC_DEFINE(USE_CACHE_DIGESTS,1,[Use Cache Digests for locating objects in neighbor caches. This code is still semi-experimental.])
- fi
+ AS_HELP_STRING([--enable-cache-digests],
+ [Use Cache Digests. See http://wiki.squid-cache.org/SquidFaq/CacheDigests]),
+[
+ SQUID_YESNO($enableval,
+ [unrecognized argument to --enable-cache-digests: $enableval])
])
+SQUID_DEFINE_BOOL(USE_CACHE_DIGESTS,${enable_cache_digests:=no},
+ [Use Cache Digests for locating objects in neighbor caches.])
+AC_MSG_NOTICE([Cache Digests enabled: $enable_cache_digests])
+
dnl Size of COSS memory buffer
+squid_opt_coss_membuf_size=1048576
AC_ARG_WITH(coss-membuf-size,
- AS_HELP_STRING([--with-coss-membuf-size=size],[COSS membuf size (default 1048576 bytes)]),
-[ if test -n "$withval" -a "x$withval" != "xno" ; then
- AC_MSG_NOTICE([Setting COSS membuf size to $with_coss_membuf_size bytes])
- AC_DEFINE_UNQUOTED(COSS_MEMBUF_SZ, $with_coss_membuf_size,[Define if you want to set the COSS membuf size])
- fi
+ AS_HELP_STRING([--with-coss-membuf-size=size],
+ [COSS membuf size (default $squid_opt_coss_membuf_size bytes)]), [
+case $withval in
+ [[0-9]]*) squid_opt_coss_membuf_size=$withval ;;
+ *) AC_MSG_ERROR([--with-coss-membuf-size expects a numeric argument]) ;;
+esac
])
+AC_MSG_NOTICE([Setting COSS membuf size to $squid_opt_coss_membuf_size bytes])
+AC_DEFINE_UNQUOTED(COSS_MEMBUF_SZ, $squid_opt_coss_membuf_size,
+ [Default COSS membuf size])
-dnl check for netio plugin stuff
-
-dnl Enable poll()
-disable_poll=
-AC_ARG_ENABLE(poll,
- AS_HELP_STRING([--disable-poll],[Disable poll(2) support.]),
+################################
+# check for netio plugin stuff #
+################################
+dnl order of these options handling is relevant in case the user
+dnl supplies more than one --enable option. Options handled later
+dnl override those handled earlier for io loop method manual override
+AC_ARG_ENABLE(select,
+ AS_HELP_STRING([--disable-select],[Disable select(2) support.]),
[
- case "$enableval" in
- yes)
- AC_MSG_WARN([Forcing poll() to be enabled])
- SELECT_TYPE="poll"
- ;;
- no)
- AC_MSG_WARN([Forcing poll() to be disabled])
- disable_poll=true
- ;;
- esac
+SQUID_YESNO($enableval,[--disable-select takes no extra argument])
+test $enableval = "yes" && squid_opt_io_loop_engine="select"
])
+AC_MSG_NOTICE([enabling select syscall for net I/O: ${enable_select:=auto}])
-dnl Enable select()
-disable_select=
-AC_ARG_ENABLE(select,
- AS_HELP_STRING([--disable-select],[Disable select(2) support.]),
+AC_ARG_ENABLE(poll,
+ AS_HELP_STRING([--disable-poll],[Disable poll(2) support.]),
[
- case "$enableval" in
- yes)
- AC_MSG_WARN([Forcing select() to be enabled])
- SELECT_TYPE="select"
- ;;
- no)
- AC_MSG_WARN([Forcing select() to be disabled])
- disable_select=true
- ;;
- esac
+SQUID_YESNO($enableval,[--disable-poll takes no extra argument])
+test $enableval = "yes" && squid_opt_io_loop_engine="poll"
])
+AC_MSG_NOTICE([enabling poll syscall for net I/O: ${enable_poll:=auto}])
-dnl Enable kqueue()
-dnl kqueue support is still experiemntal and unstable. Not enabled by default.
-disable_kqueue=true
+# kqueue support is still experiemntal and unstable. Not enabled by default.
AC_ARG_ENABLE(kqueue,
- AS_HELP_STRING([--enable-kqueue],[Enable kqueue(2) support (experimental).]),
-[
- case "$enableval" in
- yes)
- AC_MSG_WARN([Forcing kqueue() to be enabled])
- SELECT_TYPE="kqueue"
- AC_CHECK_HEADERS([sys/event.h],[],
- [ AC_MSG_ERROR([kqueue support requires sys/event.h header file.]) ])
- ;;
- no)
- AC_MSG_WARN([Forcing kqueue() to be disabled])
- disable_kqueue=true
- ;;
- *)
- AC_CHECK_HEADERS([sys/event.h])
- ;;
-esac
+ AS_HELP_STRING([--enable-kqueue],
+ [Enable kqueue(2) support (experimental).]), [
+SQUID_YESNO($enableval,[--enable-kqueue takes no extra argument])
])
+if test ${enable_kqueue:=no} = "yes" ; then
+ AC_CHECK_HEADERS([sys/event.h],[],
+ [ AC_MSG_ERROR([kqueue support requires sys/event.h header file.]) ])
+ squid_opt_io_loop_engine="kqueue"
+fi
+AC_MSG_NOTICE([enabling kqueue for net I/O: $enable_kqueue])
dnl Enable epoll()
-disable_epoll=
-force_epoll="no"
AC_ARG_ENABLE(epoll,
AS_HELP_STRING([--disable-epoll],[Disable Linux epoll(2) support.]),
[
- case "$enableval" in
- yes)
- AC_MSG_WARN([Forcing epoll() to be enabled])
- SELECT_TYPE="epoll"
- force_epoll="yes"
- ;;
- no)
- AC_MSG_WARN([Forcing epoll() to be disabled])
- disable_epoll=true
- ;;
-esac
-])
-dnl auto-detect and verify epoll header and library present and working
-if test -z "$disable_epoll"; then
-
- # Check for libepoll
- EPOLL_LIB=
- AC_CHECK_LIB(epoll, epoll_ctl, [EPOLL_LIBS="-lepoll"])
+SQUID_YESNO($enableval,[--disable-epoll takes no extra argument])
+test $enableval = "yes" && squid_opt_io_loop_engine="epoll"
+])
+AC_MSG_NOTICE([enabling epoll syscall for net I/O: ${enable_epoll:=auto}])
+
+# auto-detect and verify epoll header and library present and working
+# logic mapping and loop method selection are performed later
+if test "$enable_epoll" != "no" ; then
+
+ # check if libs are needed to support epoll
+ # note: this code block seems quite generic. Could it be extracted
+ # into a squid specific configure function?
+ SQUID_STATE_SAVE(squid_epoll_state)
+ AC_SEARCH_LIBS(epoll_ctl,[epoll])
+ if test "$ac_cv_search_epoll_ctl" = "no" ; then
+ enable_epoll=no #disable. Needed code not found
+ elif test "$ac_cv_search_epoll_ctl" = "none required" ; then
+ EPOLL_LIBS=""
+ else
+ EPOLL_LIBS=$ac_cv_search_epoll_ctl
+ fi
AC_SUBST(EPOLL_LIBS)
+ SQUID_STATE_ROLLBACK(squid_epoll_state) #de-pollute LIBS
- dnl on some systems it is provided by libc
- dnl not to worry, the working test below will catch them
- dnl and we don't want to force additional libraries
-
-
- # Check for epoll_ctl, may need -lepoll
- SAVED_LIBS="$LIBS"
- LIBS="$LIBS $EPOLL_LIBS"
- AC_CHECK_FUNCS(epoll_ctl)
- LIBS="$SAVED_LIBS"
-
- dnl epoll requires sys/epoll.h
+ # epoll requires sys/epoll.h
AC_CHECK_HEADERS([sys/epoll.h])
dnl Verify that epoll really works
- if test $ac_cv_func_epoll_ctl = yes; then
- AC_CACHE_CHECK(if epoll works, ac_cv_epoll_works,
- AC_RUN_IFELSE([AC_LANG_SOURCE([[
-#include <sys/epoll.h>
-#include <stdlib.h>
-#include <stdio.h>
-int main(int argc, char **argv)
-{
- int fd = epoll_create(256);
- if (fd < 0) {
- perror("epoll_create:");
- return 1;
- }
- return 0;
-}
- ]])],[ac_cv_epoll_works=yes],[ac_cv_epoll_works=no],[]))
+ if test "x$ac_cv_search_epoll_ctl" != 'xno' ; then
+ SQUID_CHECK_EPOLL
fi
- if test "$force_epoll" = "yes" && test "$ac_cv_epoll_works" = "no" ; then
+ if test "$enable_epoll" = "yes" -a "$squid_cv_epoll_works" = "no" ; then
AC_MSG_ERROR([Epoll does not work. Force-enabling it is not going to help.])
fi
fi
-dnl Disable HTTP violations
-http_violations=1
+
AC_ARG_ENABLE(http-violations,
- AS_HELP_STRING([--disable-http-violations],[This allows you to remove code which is known to
- violate the HTTP protocol specification.]),
-[ if test "$enableval" = "no" ; then
- AC_MSG_NOTICE([Disabling HTTP Violations])
- http_violations=0
- fi
+ AS_HELP_STRING([--disable-http-violations],
+ [This allows you to remove code which is known to
+ violate the HTTP protocol specification.]), [
+ SQUID_YESNO([$enableval],
+ [unrecognized argument to --disable-http-violations: $enableval])
])
-if test $http_violations = 1; then
- AC_DEFINE(HTTP_VIOLATIONS, 1,[By default (for now anyway) Squid includes options which allows the cache administrator to violate the HTTP protocol specification in terms of cache behaviour. Setting this to '0' will disable such code.])
-else
- AC_DEFINE(HTTP_VIOLATIONS, 0)
-fi
+SQUID_DEFINE_BOOL(HTTP_VIOLATIONS, ${enable_http_violations:=yes},
+ [Define to enable code which volates the HTTP standard specification])
+AC_MSG_NOTICE([HTTP violations support enabled: $enable_http_violations])
-dnl Enable IPFW Transparent Proxy
+# IPFW Transparent Proxy
AC_ARG_ENABLE(ipfw-transparent,
- AS_HELP_STRING([--enable-ipfw-transparent],[Enable Transparent Proxy support for systems
- using FreeBSD IPFW style redirection.]),
-[ if test "$enableval" = "yes" ; then
- AC_MSG_NOTICE([IPFW Transparent Proxy enabled])
- AC_DEFINE(IPFW_TRANSPARENT,1,[Enable support for Transparent Proxy on systems using FreeBSD IPFW address redirection.])
- IPFW_TRANSPARENT="yes"
- else
- AC_DEFINE(IPFW_TRANSPARENT,0,[Enable support for Transparent Proxy on systems using FreeBSD IPFW address redirection.])
- fi
+ AS_HELP_STRING([--enable-ipfw-transparent],
+ [Enable Transparent Proxy support for systems
+ using FreeBSD IPFW-style firewalling.]), [
+ SQUID_YESNO([$enableval],
+ [unrecognized argument to --enable-ipfw-transparent: $enableval])
])
+SQUID_DEFINE_BOOL(IPFW_TRANSPARENT,${enable_ipfw_transparent:=no},
+ [Enable support for Transparent Proxy on systems using FreeBSD IPFW-style firewalling.])
+AC_MSG_NOTICE([FreeBSD IPFW-based transparent proxying enabled: $enable_ipfw_transparent])
-dnl Enable IP-Filter Transparent Proxy
+# IP-Filter Transparent Proxy
AC_ARG_ENABLE(ipf-transparent,
- AS_HELP_STRING([--enable-ipf-transparent],[Enable Transparent Proxy support for systems
- using IP-Filter network address redirection.]),
-[ if test "$enableval" = "yes" ; then
- AC_MSG_NOTICE([IP-Filter Transparent Proxy enabled])
- AC_DEFINE(IPF_TRANSPARENT,1,[Enable support for Transparent Proxy on systems using IP-Filter address redirection. This provides "masquerading" support for non Linux system.])
- IPF_TRANSPARENT="yes"
- else
- AC_DEFINE(IPF_TRANSPARENT,0,[Enable support for Transparent Proxy on systems using IP-Filter address redirection. This provides "masquerading" support for non Linux system.])
- fi
+ AS_HELP_STRING([--enable-ipf-transparent],
+ [Enable Transparent Proxy support using IPFilter-style firewalling]), [
+ SQUID_YESNO([$enableval],
+ [unrecognized argument to --enable-ipf-transparent: $enableval])
])
+#will be AC_DEFINEd later, after checking for appropriate infrastructure
+#IPF currently broken. Default-disabled for now.
+AC_MSG_NOTICE([IPF-based transparent proxying requested: ${enable_ipf_transparent:=no}])
dnl Enable PF Transparent Proxy
AC_ARG_ENABLE(pf-transparent,
- AS_HELP_STRING([--enable-pf-transparent],[Enable Transparent Proxy support for systems
- using PF network address redirection.]),
-[ if test "$enableval" = "yes" ; then
- AC_MSG_NOTICE([PF Transparent Proxy enabled])
- AC_DEFINE(PF_TRANSPARENT,1,[Enable support for Transparent Proxy on systems using PF address redirection. This provides "masquerading" support for OpenBSD.])
- PF_TRANSPARENT="yes"
- else
- AC_DEFINE(PF_TRANSPARENT,0,[Enable support for Transparent Proxy on systems using PF address redirection. This provides "masquerading" support for OpenBSD.])
- fi
+ AS_HELP_STRING([--enable-pf-transparent],
+ [Enable Transparent Proxy support for systems using PF network address redirection.]), [
+ SQUID_YESNO([$enableval],
+ [unrecognized argument to --enable-pf-transparent: $enableval])
])
+#will be AC_DEFINEd later, after checking for appropriate infrastructure
+AC_MSG_NOTICE([PF-based transparent proxying requested: ${enable_pf_transparent:=auto}])
-dnl Enable Linux Netfilter Transparent Proxy
+# Linux Netfilter Transparent Proxy
AC_ARG_ENABLE(linux-netfilter,
- AS_HELP_STRING([--enable-linux-netfilter],[Enable Transparent Proxy support for Linux (Netfilter)]),
-[ if test "$enableval" = "yes" ; then
- AC_MSG_NOTICE([Linux (Netfilter) Transparent Proxy enabled])
- AC_DEFINE(LINUX_NETFILTER,1,[Enable support for Transparent Proxy on Linux (Netfilter) systems])
- LINUX_NETFILTER="yes"
- else
- AC_DEFINE(LINUX_NETFILTER,0,[Enable support for Transparent Proxy on Linux (Netfilter) systems])
- fi
+ AS_HELP_STRING([--enable-linux-netfilter],
+ [Enable Transparent Proxy support for Linux (Netfilter)]), [
+ SQUID_YESNO([$enableval],
+ [unrecognized argument to --enable-linux-netfilter: $enableval])
])
+AC_MSG_NOTICE([Linux Netfilter support requested: ${enable_linux_netfilter:=auto}])
+#will be AC_DEFINEd later, after checking for appropriate infrastructure
dnl Enable Large file support
buildmodel=""
-needlargefiles=
+squid_opt_enable_large_files=no
AC_ARG_WITH(large-files,
AS_HELP_STRING([--with-large-files],[Enable support for large files (logs etc).]),
[ if test "x$withval" = "xyes"; then
- needlargefiles=1
+ squid_opt_enable_large_files=yes
fi
])
dnl UNIX Build environment
-dnl AS_HELP_STRING is not suited here because it doesn't allow to specify newlines
+dnl AS_HELP_STRING is not suited here because it cannot to specify newlines
AC_ARG_WITH(build-environment,
[ --with-build-environment=model
The build environment to use. Normally one of
default The default for your OS],
[ case "$withval" in
yes|no)
- AC_MSG_FAILURE(["--with-build-environment expects a build environment string as used by getconf])
+ AC_MSG_FAILURE([--with-build-environment expects a build environment string as used by getconf])
;;
*)
buildmodel="$withval"
esac
])
-if test $needlargefiles && test -z "$buildmodel"; then
- for model in POSIX_V6_LPBIG_OFFBIG XBS5_LPBIG_OFFBIG POSIX_V6_LP64_OFF64 XBS5_LP64_OFF64 POSIX_V6_ILP32_OFFBIG XBS5_ILP32_OFFBIG; do
- if test "`getconf _$model 2>/dev/null || true`" = 1 || test "`getconf $model 2>/dev/null || true`" ; then
- buildmodel=$model
- break
- fi
- done
- if test -z "$buildmodel"; then
- AC_MSG_WARN(["No suitable build environment found for large files. Trying to use _FILE_OFFSET_BITS=64])
- sleep 1
- fi
+if test "$squid_opt_enable_large_files" = "yes" -a -z "$buildmodel"; then
+ for model in POSIX_V6_LPBIG_OFFBIG XBS5_LPBIG_OFFBIG POSIX_V6_LP64_OFF64 XBS5_LP64_OFF64 POSIX_V6_ILP32_OFFBIG XBS5_ILP32_OFFBIG; do
+ if test "`getconf _$model 2>/dev/null || true`" = 1 || test "`getconf $model 2>/dev/null || true`" ; then
+ buildmodel=$model
+ break
+ fi
+ done
+ if test -z "$buildmodel"; then
+ AC_MSG_WARN([No suitable build environment found for large files. Trying to use _FILE_OFFSET_BITS=64])
+ fi
fi
case "$buildmodel" in
default|"")
- if test "$needlargefiles"; then
+ if test "$squid_opt_enable_large_files" = "yes" ; then
AC_MSG_NOTICE([Enabling -D_FILE_OFFSET_BITS=64])
CFLAGS="-D_FILE_OFFSET_BITS=64 $CFLAGS"
CXXFLAGS="-D_FILE_OFFSET_BITS=64 $CXXFLAGS"
CXXFLAGS="`getconf ${buildmodel}_CFLAGS` $CXXFLAGS"
LIBS="`getconf ${buildmodel}_LIBS` $LIBS"
LDFLAGS="`getconf ${buildmodel}_LDFLAGS` $LDFLAGS"
- case "$host" in
-dnl
-dnl On Solaris getconf returns for CFLAGS -xarch=generic64, -Xa and -Usun options, and
-dnl for LDFLAGS -xarch=generic64, but:
-dnl "-Xa" is supported only by Sun cc, so we need to remove it when using gcc
-dnl For gcc "-xarch=generic64" must be replaced with "-m64"
-dnl The 'sun' define is needed by ipfilter includes, so we must remove "-Usun"
- *-solaris*)
- if test "$GCC" = "yes"; then
- AC_MSG_NOTICE([Removing -Xa for gcc/g++ on $host])
- CFLAGS="`echo $CFLAGS | sed -e 's/-Xa//'`"
- CXXFLAGS="`echo $CXXFLAGS | sed -e 's/-Xa//'`"
- AC_MSG_NOTICE([Replacing -xarch=generic64 with -m64 for gcc/g++ on $host])
- CFLAGS="`echo $CFLAGS | sed -e 's/-xarch=generic64/-m64/'`"
- CXXFLAGS="`echo $CXXFLAGS | sed -e 's/-xarch=generic64/-m64/'`"
- LDFLAGS="`echo $LDFLAGS | sed -e 's/-xarch=generic64//'`"
- fi
- AC_MSG_NOTICE([Removing -Usun on $host])
- CFLAGS="`echo $CFLAGS | sed -e 's/-Usun//'`"
- CXXFLAGS="`echo $CXXFLAGS | sed -e 's/-Usun//'`"
- ;;
-dnl
-dnl On Irix 6.x getconf returns options valid only for the SGI MipsPRO compiler,
-dnl so we must adjust something to avoid gcc errors.
-dnl On Irix 6.x 32/64 bit we must replace "-n32" with "-mabi=n32" in CFLAGS and
-dnl remove "-n32" from LDFLAGS
-dnl On Irix 6.x 64 bit we must replace "-64" with "-mabi=64" in CFLAGS and remove
-dnl "-64" from LDFLAGS
- *-sgi-irix6.*)
- if test "$GCC" = "yes"; then
- CFLAGS="`echo $CFLAGS | sed -e 's/-n32/-mabi=n32/'`"
- CXXFLAGS="`echo $CXXFLAGS | sed -e 's/-n32/-mabi=n32/'`"
- LDFLAGS="`echo $LDFLAGS | sed -e 's/-n32//'`"
- CFLAGS="`echo $CFLAGS | sed -e 's/-64/-mabi=64/'`"
- CXXFLAGS="`echo $CXXFLAGS | sed -e 's/-64/-mabi=64/'`"
- LDFLAGS="`echo $LDFLAGS | sed -e 's/-64//'`"
- fi
- ;;
- *)
- ;;
- esac
- ;;
-esac
+ if "$squid_host_os" = "solaris" ; then
-dnl Enable Linux transparent proxy support for obsolete TPROXY
-AC_ARG_ENABLE(linux-tproxy,
- AS_HELP_STRING([--enable-linux-tproxy],[Enable real Transparent Proxy support for Netfilter TPROXY
- (version 2).]),
-[ if test "$enableval" = "yes" ; then
- AC_MSG_NOTICE([Linux Netfilter/TPROXY v2 enabled])
- AC_DEFINE(LINUX_TPROXY2, 1, [Enable real Transparent Proxy support for Netfilter TPROXY v2.])
- LINUX_TPROXY2="yes"
- if test -z "$LINUX_NETFILTER"; then
- AC_MSG_NOTICE([Linux-Netfilter Transparent Proxy automatically enabled])
- LINUX_NETFILTER="yes"
- fi
- else
- AC_DEFINE(LINUX_TPROXY2, 0, [Enable real Transparent Proxy support for Netfilter TPROXY v2.])
+# On Solaris getconf returns for CFLAGS -xarch=generic64, -Xa and -Usun options, and
+# for LDFLAGS -xarch=generic64, but:
+# "-Xa" is supported only by Sun cc, so we need to remove it when using gcc
+# For gcc "-xarch=generic64" must be replaced with "-m64"
+# The 'sun' define is needed by ipfilter includes, so we must remove "-Usun"
+ if test "$GCC" = "yes"; then
+ AC_MSG_NOTICE([Removing -Xa for gcc/g++ on $host])
+ CFLAGS="`echo $CFLAGS | sed -e 's/-Xa//'`"
+ CXXFLAGS="`echo $CXXFLAGS | sed -e 's/-Xa//'`"
+ AC_MSG_NOTICE([Replacing -xarch=generic64 with -m64 for gcc/g++ on $host])
+ CFLAGS="`echo $CFLAGS | sed -e 's/-xarch=generic64/-m64/'`"
+ CXXFLAGS="`echo $CXXFLAGS | sed -e 's/-xarch=generic64/-m64/'`"
+ LDFLAGS="`echo $LDFLAGS | sed -e 's/-xarch=generic64//'`"
+ fi
+ AC_MSG_NOTICE([Removing -Usun on $host])
+ CFLAGS="`echo $CFLAGS | sed -e 's/-Usun//'`"
+ CXXFLAGS="`echo $CXXFLAGS | sed -e 's/-Usun//'`"
fi
-])
+esac
-AM_CONDITIONAL(MAKE_LEAKFINDER, false)
dnl Enable Leak Finding Functions
+squid_opt_enable_leakfinder=no
AC_ARG_ENABLE(leakfinder,
- AS_HELP_STRING([--enable-leakfinder],[Enable Leak Finding code. Enabling this alone
- does nothing; you also have to modify the source
- code to use the leak finding functions. Probably
- Useful for hackers only.]),
-[ if test "$enableval" = "yes" ; then
- AC_MSG_NOTICE([Leak-Finding enabled])
- AC_DEFINE(USE_LEAKFINDER,1,[Enable code for assisting in finding memory leaks. Hacker stuff only.])
- USE_LEAKFINDER="yes"
- AM_CONDITIONAL(MAKE_LEAKFINDER, true)
- fi
+ AS_HELP_STRING([--enable-leakfinder],
+ [Enable Leak Finding code. Enabling this alone does nothing;
+ you also have to modify the source code to use the leak
+ finding functions. Probably Useful for hackers only.]), [
+ SQUID_YESNO([$enableval],[unrecognized argument to --enable-leakfinder: $enableval])
+ squid_opt_enable_leakfinder=$enableval
])
+AC_MSG_NOTICE([Leak Finder enabled: $squid_opt_enable_leakfinder])
+SQUID_DEFINE_BOOL(USE_LEAKFINDER,$squid_opt_enable_leakfinder,
+ [Enable code for assisting in finding memory leaks. Not for the faint of heart])
+AM_CONDITIONAL(MAKE_LEAKFINDER, [test "$squid_opt_enable_leakfinder" = "yes"])
-follow_xff=1
+
+squid_opt_follow_xff="yes"
AC_ARG_ENABLE(follow-x-forwarded-for,
AS_HELP_STRING([--enable-follow-x-forwarded-for],[Enable support for following the X-Forwarded-For
HTTP header to try to find the IP address of the
original or indirect client when a request has
- been forwarded through other proxies.]),
-[ if test "$enableval" = "yes" ; then
- AC_MSG_NOTICE([follow X-Forwarded-For enabled])
- follow_xff=1
- fi
+ been forwarded through other proxies.]), [
+ SQUID_YESNO([$enableval],[unrecognized argument to --enable-follow-x-forwarded-for: $enableval])
+ squid_opt_follow_xff=$enableval
])
-if test $follow_xff = 1; then
- AC_DEFINE(FOLLOW_X_FORWARDED_FOR, 1, [Enable following X-Forwarded-For headers])
-else
- AC_DEFINE(FOLLOW_X_FORWARDED_FOR, 0)
-fi
+AC_MSG_NOTICE([Support for X-Forwarded-For enabled: $squid_opt_follow_xff])
+SQUID_DEFINE_BOOL([FOLLOW_X_FORWARDED_FOR],$squid_opt_follow_xff,
+ [Enable following X-Forwarded-For headers])
-use_ident=1
+squid_opt_use_ident="yes"
AC_ARG_ENABLE(ident-lookups,
- AS_HELP_STRING([--disable-ident-lookups],[This allows you to remove code that performs Ident (RFC 931) lookups.]),
-[ if test "$enableval" = "no" ; then
- AC_MSG_NOTICE([Disabling Ident Lookups])
- use_ident=0
- fi
+ AS_HELP_STRING([--disable-ident-lookups],
+ [Remove code that supports performing Ident (RFC 931) lookups.]), [
+ SQUID_YESNO([$enableval],[unrecognized argument to --disable-ident-lookups: $enableval])
+ squid_opt_use_ident=$enableval
])
-if test $use_ident = 1; then
- AC_DEFINE(USE_IDENT, 1,[Compile in support for Ident (RFC 931) lookups? Enabled by default.])
-else
- AC_DEFINE(USE_IDENT, 0)
-fi
+AC_MSG_NOTICE([Support for Ident lookups enabled: $squid_opt_use_ident])
+SQUID_DEFINE_BOOL(USE_IDENT,$squid_opt_use_ident,[Support for Ident (RFC 931) lookups])
-AM_CONDITIONAL(USE_DNSSERVER, false)
-use_dnsserver=
+squid_opt_use_dnsserver="no"
+AH_TEMPLATE(USE_DNSSERVERS,
+ [Use dnsserver processes instead of the internal DNS protocol support])
AC_ARG_ENABLE(internal-dns,
- AS_HELP_STRING([--disable-internal-dns],[Prevents Squid from directly sending and receiving DNS messages,
- and instead enables the old external 'dnsserver' processes.]),
-[ if test "$enableval" = "no" ; then
+ AS_HELP_STRING([--disable-internal-dns],
+ [Prevents Squid from directly sending and receiving DNS messages,
+ and instead enables the old external 'dnsserver' processes.]), [
+ if test "$enableval" = "no" ; then
AC_MSG_WARN([Disabling Internal DNS queries])
- use_dnsserver="yes"
+ squid_opt_use_dnsserver="yes"
+ AC_DEFINE(USE_DNSSERVERS,1)
+ else
+ AC_DEFINE(USE_DNSSERVERS,0)
fi
])
-if test "$use_dnsserver" = "yes"; then
- AC_DEFINE(USE_DNSSERVERS,1,[Use dnsserver processes instead of the internal DNS protocol support])
- AM_CONDITIONAL(USE_DNSSERVER, true)
-fi
+AM_CONDITIONAL([USE_DNSSERVER],[test "$squid_opt_use_dnsserver" = "yes" ])
+
dnl Select Default hosts file location
AC_ARG_ENABLE(default-hostsfile,
AS_HELP_STRING([--enable-default-hostsfile=path],[Select default location for hosts file.
See hosts_file directive in squid.conf for details]),
[
- if test "$enableval" != "none" ; then
- if test -f $enableval; then
- OPT_DEFAULT_HOSTS=$enableval
- else
- AC_MSG_WARN([Unable to find $enableval])
- sleep 5
- fi
+ if test "$enableval" != "none" -a "$enableval" != "no" ; then
+ if test -f $enableval; then
+ OPT_DEFAULT_HOSTS=$enableval
else
- OPT_DEFAULT_HOSTS="none"
+ AC_MSG_WARN([Unable to find $enableval])
fi
- AC_MSG_NOTICE([Default hosts file set to: $enableval])
+ else
+ OPT_DEFAULT_HOSTS="none"
+ fi
+ AC_MSG_NOTICE([Default hosts file set to: $enableval])
],[OPT_DEFAULT_HOSTS="/etc/hosts"])
AC_SUBST(OPT_DEFAULT_HOSTS)
-dnl Select auth schemes modules to build
+# Select auth schemes modules to build
AC_ARG_ENABLE(auth,
- AS_HELP_STRING([--enable-auth="list of auth scheme modules"],[Build support for the list of authentication schemes.
- The default is to build support for the Basic scheme.
- See src/auth for a list of available modules, or
- Programmers Guide section authentication schemes
- for details on how to build your custom auth scheme
- module]),
-[ case $enableval in
- yes)
- for dir in $srcdir/src/auth/*; do
- module="`basename $dir`"
- if test -d "$dir" && test "$module" != CVS; then
- AUTH_MODULES="$AUTH_MODULES $module"
- fi
- done
- ;;
- no)
- ;;
- *)
- AUTH_MODULES="`echo $enableval| sed -e 's/,/ /g;s/ */ /g'`"
- ;;
- esac
-],
-[ if test -z "$AUTH_MODULES"; then
- AUTH_MODULES="ntlm basic digest negotiate"
- fi
-])
-if test -n "$AUTH_MODULES"; then
- for module in $AUTH_MODULES; do
- if test -d $srcdir/src/auth/$module; then
- :
- else
- AC_MSG_ERROR(Auth scheme $module does not exist)
- fi
- eval AUTH_MODULE_${module}=yes
- done
- AC_MSG_NOTICE([Auth scheme modules built: $AUTH_MODULES])
-else
- AC_MSG_WARN([Auth scheme modules built: None])
-fi
-dnl Authentication libraries to build
-dnl This list will not be needed when each auth library has its own Makefile
-AUTH_LIBS_TO_BUILD=
-for module in $AUTH_MODULES; do
- AUTH_LIBS_TO_BUILD="$AUTH_LIBS_TO_BUILD lib${module}.la"
-done
-AC_SUBST(AUTH_MODULES)
-AC_SUBST(AUTH_LIBS_TO_BUILD)
-
-dnl bundled auth modules, in order to have handy defines for the cppunit testsuite
-test -n "$AUTH_MODULE_basic" && AC_DEFINE([HAVE_AUTH_MODULE_BASIC],1,[Basic auth module is built])
-test -n "$AUTH_MODULE_digest" && AC_DEFINE([HAVE_AUTH_MODULE_DIGEST],1,[Digest auth module is built])
-test -n "$AUTH_MODULE_ntlm" && AC_DEFINE([HAVE_AUTH_MODULE_NTLM],1,[NTLM auth module is built])
-test -n "$AUTH_MODULE_negotiate" && AC_DEFINE([HAVE_AUTH_MODULE_NEGOTIATE],1,[Negotiate auth module is built])
-
-dnl Select basic auth scheme helpers to build
-if test -n "$AUTH_MODULE_basic"; then
- BASIC_AUTH_HELPERS="all"
-fi
-AC_ARG_ENABLE(basic-auth-helpers,
- AS_HELP_STRING([--enable-basic-auth-helpers="list of helpers"],[This option selects which basic scheme proxy_auth
- helpers to build and install as part of the normal
- build process. For a list of available
- helpers see the helpers/basic_auth directory.]),
-[ case "$enableval" in
- yes)
- BASIC_AUTH_HELPERS="all"
- ;;
- no)
- BASIC_AUTH_HELPERS=""
- ;;
- *)
- if test -z "$AUTH_MODULE_basic"; then
- AC_MSG_WARN([Basic auth helpers selected without the basic scheme enabled])
- sleep 15
- fi
- BASIC_AUTH_HELPERS="`echo $enableval| sed -e 's/,/ /g;s/ */ /g'`"
- ;;
- esac
-])
-if test "$BASIC_AUTH_HELPERS" = "all" ; then
- BASIC_AUTH_HELPERS=""
- for dir in $srcdir/helpers/basic_auth/*; do
- helper="`basename $dir`"
- if test -f $dir/config.test && sh $dir/config.test "$@"; then
- BASIC_AUTH_HELPERS="$BASIC_AUTH_HELPERS $helper"
- elif test -d $srcdir/helpers/basic_auth/$helper ; then
- AC_MSG_NOTICE([Basic auth helper $helper ... found but cannot be built])
- fi
- done
-fi
-if test -n "$BASIC_AUTH_HELPERS"; then
- for helper in $BASIC_AUTH_HELPERS; do
- if test -d $srcdir/helpers/basic_auth/$helper; then
- case $helper in
- SASL)
- require_sasl=yes
- ;;
- esac
- else
- AC_MSG_ERROR(Basic auth helper $helper does not exist)
- fi
+ AS_HELP_STRING([--enable-auth],
+ [Build global support for authentication. The list of schemes
+ and helpers to be enabled is defined elsewhere]), [
+SQUID_YESNO([$enableval],
+ [unrecognized argument to --enable-auth: $enableval])
+])
+AC_MSG_NOTICE([Authentication support enabled: ${enable_auth:=yes}])
+SQUID_DEFINE_BOOL([USE_AUTH],$enable_auth,
+ [Enable support for authentication])
+AUTH_MODULES=""
+
+AC_ARG_ENABLE(auth-basic,
+ AS_HELP_STRING([--enable-auth-basic="list of helpers"],
+ [Enable the basic authentication scheme, and build the specified helpers.
+ Not providing an explicit list of helpers will attempt build of
+ all possible helpers. Default is to do so.
+ To disable the basic authentication scheme, use --disable-auth-basic.
+ To enable but build no helpers, specify "none".
+ To see available helpers, see the helpers/basic_auth directory. ]),[
+#nothing to do really
+])
+#not specified. Inherit global
+if test "x$enable_auth_basic" = "x"; then
+ enable_auth_basic=$enable_auth
+fi
+#conflicts with global
+if test "$enable_auth_basic" != "no" -a "$enable_auth" = "no" ; then
+ AC_MSG_ERROR([Basic auth requested but auth disabled])
+fi
+#define list of modules to build
+if test "$enable_auth_basic" = "yes" ; then
+ SQUID_LOOK_FOR_MODULES([$srcdir/helpers/basic_auth],[enable_auth_basic])
+fi
+#handle the "none" special case
+if test "x$enable_auth_basic" = "xnone" ; then
+ enable_auth_basic=""
+fi
+BASIC_AUTH_HELPERS=""
+#enable_auth_basic contains either "no" or the list of modules to be built
+enable_auth_basic="`echo $enable_auth_basic| sed -e 's/,/ /g;s/ */ /g'`"
+if test "$enable_auth_basic" != "no" ; then
+ AUTH_MODULES="$AUTH_MODULES basic"
+ AC_DEFINE([HAVE_AUTH_MODULE_BASIC],1,[Basic auth module is built])
+ for helper in $enable_auth_basic
+ do
+ dir="$srcdir/helpers/basic_auth/$helper"
+ if test -f $dir/config.test && sh $dir/config.test "$@"; then
+ BASIC_AUTH_HELPERS="$BASIC_AUTH_HELPERS $helper"
+ # special case
+ if test "$helper" = "SASL" ; then
+ squid_require_sasl=yes
+ fi
+ elif test -d $srcdir/helpers/basic_auth/$helper ; then
+ AC_MSG_NOTICE([Basic auth helper $helper ... found but cannot be built])
+ fi
done
- AC_MSG_NOTICE([Basic auth helpers built: $BASIC_AUTH_HELPERS])
fi
+AC_MSG_NOTICE([Basic auth helpers to be built: $BASIC_AUTH_HELPERS])
+AM_CONDITIONAL(ENABLE_AUTH_BASIC, test "$enable_auth_basic" != "no")
AC_SUBST(BASIC_AUTH_HELPERS)
-dnl Select ntlm auth helpers to build
-if test -n "$AUTH_MODULE_ntlm"; then
- NTLM_AUTH_HELPERS="all"
-fi
-AC_ARG_ENABLE(ntlm-auth-helpers,
- AS_HELP_STRING([--enable-ntlm-auth-helpers="list of helpers"],[This option selects which proxy_auth ntlm helpers
- to build and install as part of the normal build
- process. For a list of available helpers see
- the helpers/ntlm_auth directory.]),
-[ case "$enableval" in
- yes)
- NTLM_AUTH_HELPERS="all"
- ;;
- no)
- NTLM_AUTH_HELPERS=""
- ;;
- *)
- NTLM_AUTH_HELPERS="`echo $enableval| sed -e 's/,/ /g;s/ */ /g'`"
- ;;
- esac
-])
-if test "$NTLM_AUTH_HELPERS" = "all" ; then
- NTLM_AUTH_HELPERS=""
- for dir in $srcdir/helpers/ntlm_auth/*; do
- helper="`basename $dir`"
- if test -f $dir/config.test && sh $dir/config.test "$@"; then
- NTLM_AUTH_HELPERS="$NTLM_AUTH_HELPERS $helper"
- elif test -d $srcdir/helpers/ntlm_auth/$helper ; then
- AC_MSG_NOTICE([NTLM auth helper $helper ... found but cannot be built])
- fi
- done
-fi
-if test -n "$NTLM_AUTH_HELPERS"; then
- for helper in $NTLM_AUTH_HELPERS; do
- if test -d $srcdir/helpers/ntlm_auth/$helper; then
- :
- else
- AC_MSG_ERROR(NTLM Auth helper $helper does not exist)
- fi
- done
- AC_MSG_NOTICE([NTLM auth helpers built: $NTLM_AUTH_HELPERS])
-fi
-AC_SUBST(NTLM_AUTH_HELPERS)
-
-dnl Select negotiate auth helpers to build
-if test -n "$AUTH_MODULE_negotiate"; then
- NEGOTIATE_AUTH_HELPERS="all"
-fi
-AC_ARG_ENABLE(negotiate-auth-helpers,
- AS_HELP_STRING([--enable-negotiate-auth-helpers="list of helpers"],[This option selects which proxy_auth negotiate helpers
- to build and install as part of the normal build
- process. For a list of available helpers see
- the helpers/negotiate_auth directory.]),
-[ case "$enableval" in
- yes)
- NEGOTIATE_AUTH_HELPERS="all"
- ;;
- no)
- NEGOTIATE_AUTH_HELPERS=""
- ;;
- *)
- NEGOTIATE_AUTH_HELPERS="`echo $enableval| sed -e 's/,/ /g;s/ */ /g'`"
- ;;
- esac
-])
-if test "$NEGOTIATE_AUTH_HELPERS" = "all" ; then
- NEGOTIATE_AUTH_HELPERS=""
- for dir in $srcdir/helpers/negotiate_auth/*; do
- helper="`basename $dir`"
- if test -f $dir/config.test && sh $dir/config.test "$@"; then
- NEGOTIATE_AUTH_HELPERS="$NEGOTIATE_AUTH_HELPERS $helper"
- elif test -d $srcdir/helpers/negotiate_auth/$helper ; then
- AC_MSG_NOTICE([Negotiate auth helper $helper ... found but cannot be built])
- fi
- done
-fi
-if test -n "$NEGOTIATE_AUTH_HELPERS"; then
- for helper in $NEGOTIATE_AUTH_HELPERS; do
- if test -d $srcdir/helpers/negotiate_auth/$helper; then
- :
- else
- AC_MSG_ERROR(Negotiate Auth helper $helper does not exist)
- fi
- done
- AC_MSG_NOTICE([Negotiate auth helpers built: $NEGOTIATE_AUTH_HELPERS])
-fi
-AC_SUBST(NEGOTIATE_AUTH_HELPERS)
-
-dnl Select digest auth scheme helpers to build
-if test -n "$AUTH_MODULE_digest"; then
- DIGEST_AUTH_HELPERS=all
-fi
-AC_ARG_ENABLE(digest-auth-helpers,
- AS_HELP_STRING([--enable-digest-auth-helpers="list of helpers"],[This option selects which digest scheme authentication
- helpers to build and install as part of the normal build
- process. For a list of available helpers see the
- helpers/digest_auth directory.]),
-[ case "$enableval" in
- yes)
- DIGEST_AUTH_HELPERS="all"
- ;;
- no)
- DIGEST_AUTH_HELPERS=""
- ;;
- *)
- DIGEST_AUTH_HELPERS="`echo $enableval| sed -e 's/,/ /g;s/ */ /g'`"
- ;;
- esac
-])
-if test "$DIGEST_AUTH_HELPERS" = "all" ; then
- DIGEST_AUTH_HELPERS=""
- for dir in $srcdir/helpers/digest_auth/*; do
- helper="`basename $dir`"
- if test -f $dir/config.test && sh $dir/config.test "$@"; then
- DIGEST_AUTH_HELPERS="$DIGEST_AUTH_HELPERS $helper"
- elif test -d $srcdir/helpers/digest_auth/$helper ; then
- AC_MSG_NOTICE([Digest auth helper $helper ... found but cannot be built])
- fi
- done
+AC_ARG_ENABLE(auth-ntlm,
+ AS_HELP_STRING([--enable-auth-ntlm="list of helpers"],
+ [Enable the NTLM authentication scheme, and build the specified helpers.
+ Not providing an explicit list of helpers will attempt build of
+ all possible helpers. Default is to do so.
+ To disable the NTLM authentication scheme, use --disable-auth-ntlm.
+ To enable but build no helpers, specify "none".
+ To see available helpers, see the helpers/ntlm_auth directory. ]),[
+])
+if test "x$enable_auth_ntlm" = "x"; then
+ enable_auth_ntlm=$enable_auth
+fi
+#conflicts with global
+if test "x$enable_auth_ntlm" != "xno" -a "x$enable_auth" = "xno" ; then
+ AC_MSG_ERROR([NTLM auth requested but auth disabled])
+fi
+#define list of modules to build
+if test "x$enable_auth_ntlm" = "xyes" ; then
+ SQUID_LOOK_FOR_MODULES([$srcdir/helpers/ntlm_auth],[enable_auth_ntlm])
+fi
+#handle the "none" special case
+if test "x$enable_auth_ntlm" = "xnone" ; then
+ enable_auth_ntlm=""
+fi
+NTLM_AUTH_HELPERS=""
+enable_auth_ntlm="`echo $enable_auth_ntlm| sed -e 's/,/ /g;s/ */ /g'`"
+if test "$enable_auth_ntlm" != "no" ; then
+ AUTH_MODULES="$AUTH_MODULES ntlm"
+ AC_DEFINE([HAVE_AUTH_MODULE_NTLM],1,[NTLM auth module is built])
+ for helper in $enable_auth_ntlm ; do
+ dir="$srcdir/helpers/ntlm_auth/$helper"
+ if test -f $dir/config.test && sh $dir/config.test "$@"; then
+ NTLM_AUTH_HELPERS="$NTLM_AUTH_HELPERS $helper"
+ elif test -d $srcdir/helpers/ntlm_auth/$helper ; then
+ AC_MSG_NOTICE([NTLM auth helper $helper ... found but cannot be built])
+ fi
+ done
fi
-if test -n "$DIGEST_AUTH_HELPERS"; then
- for helper in $DIGEST_AUTH_HELPERS; do
- if test -f $srcdir/helpers/digest_auth/$helper/Makefile.in; then
- :
- else
- AC_MSG_ERROR(digest auth helper $helper does not exist)
- fi
+AC_MSG_NOTICE([NTLM auth helpers built: $NTLM_AUTH_HELPERS])
+AM_CONDITIONAL(ENABLE_AUTH_NTLM, test "$enable_auth_ntlm" != "no")
+AC_SUBST(NTLM_AUTH_HELPERS)
+
+AC_ARG_ENABLE(auth-negotiate,
+ AS_HELP_STRING([--enable-auth-negotiate="list of helpers"],
+ [Enable the Negotiate authentication scheme, and build the specified
+ helpers.
+ Not providing an explicit list of helpers will attempt build of
+ all possible helpers. Default is to do so.
+ To disable the Negotiate authentication scheme,
+ use --disable-auth-negotiate.
+ To enable but build no helpers, specify "none".
+ To see available helpers, see the helpers/negotiate_auth directory. ]),[
+#nothing to do, really
+])
+if test "x$enable_auth_negotiate" = "x"; then
+ enable_auth_negotiate=$enable_auth
+fi
+#conflicts with global
+if test "x$enable_auth_negotiate" != "xno" -a "x$enable_auth" = "xno" ; then
+ AC_MSG_ERROR([Negotiate auth requested but auth disabled])
+fi
+#define list of modules to build
+if test "x$enable_auth_negotiate" = "xyes" ; then
+ SQUID_LOOK_FOR_MODULES([$srcdir/helpers/negotiate_auth],[enable_auth_negotiate])
+fi
+#handle the "none" special case
+if test "x$enable_auth_negotiate" = "xnone" ; then
+ enable_auth_negotiate=""
+fi
+NEGOTIATE_AUTH_HELPERS=""
+enable_auth_negotiate="`echo $enable_auth_negotiate| sed -e 's/,/ /g;s/ */ /g'`"
+if test "$enable_auth_negotiate" != "no" ; then
+ AUTH_MODULES="$AUTH_MODULES negotiate"
+ AC_DEFINE([HAVE_AUTH_MODULE_NEGOTIATE],1,[Negotiate auth module is built])
+ for helper in $enable_auth_negotiate ; do
+ dir="$srcdir/helpers/negotiate_auth/$helper"
+ if test -f $dir/config.test && sh $dir/config.test "$@"; then
+ NEGOTIATE_AUTH_HELPERS="$NEGOTIATE_AUTH_HELPERS $helper"
+ elif test -d $srcdir/helpers/negotiate_auth/$helper ; then
+ AC_MSG_NOTICE([Negotiate auth helper $helper ... found but cannot be built])
+ fi
done
- AC_MSG_NOTICE([Digest auth helpers built: $DIGEST_AUTH_HELPERS])
fi
+AC_MSG_NOTICE([Negotiate auth helpers built: $NEGOTIATE_AUTH_HELPERS])
+AM_CONDITIONAL(ENABLE_AUTH_NEGOTIATE, test "$enable_auth_negotiate" != "no")
+AC_SUBST(NEGOTIATE_AUTH_HELPERS)
+
+AC_ARG_ENABLE(auth-digest,
+ AS_HELP_STRING([--enable-auth-digest="list of helpers"],
+ [Enable the Digest authentication scheme, and build the specified helpers.
+ Not providing an explicit list of helpers will attempt build of
+ all possible helpers. Default is to do so.
+ To disable the Digest authentication scheme, use --disable-auth-digest.
+ To enable but build no helpers, specify "none".
+ To see available helpers, see the helpers/digest_auth directory. ]),[
+#nothing to do, really
+])
+if test "x$enable_auth_digest" = "x"; then
+ enable_auth_digest=$enable_auth
+fi
+#conflicts with global
+if test "x$enable_auth_digest" != "xno" -a "x$enable_auth" = "xno" ; then
+ AC_MSG_ERROR([Digest auth requested but auth disabled])
+fi
+#define list of modules to build
+if test "x$enable_auth_digest" = "xyes" ; then
+ SQUID_LOOK_FOR_MODULES([$srcdir/helpers/digest_auth],[enable_auth_digest])
+fi
+#handle the "none" special case
+if test "x$enable_auth_digest" = "xnone" ; then
+ enable_auth_digest=""
+fi
+DIGEST_AUTH_HELPERS=""
+enable_auth_digest="`echo $enable_auth_digest| sed -e 's/,/ /g;s/ */ /g'`"
+if test "$enable_auth_digest" != "no" ; then
+ AUTH_MODULES="$AUTH_MODULES digest"
+ AC_DEFINE([HAVE_AUTH_MODULE_DIGEST],1,[Digest auth module is built])
+ for helper in $enable_auth_digest ; do
+ dir="$srcdir/helpers/digest_auth/$helper"
+ if test -f $dir/config.test && sh $dir/config.test "$@"; then
+ DIGEST_AUTH_HELPERS="$DIGEST_AUTH_HELPERS $helper"
+ elif test -d $srcdir/helpers/digest_auth/$helper ; then
+ AC_MSG_NOTICE([Digest auth helper $helper ... found but cannot be built])
+ fi
+ done
+fi
+AC_MSG_NOTICE([Digest auth helpers built: $DIGEST_AUTH_HELPERS])
+AM_CONDITIONAL(ENABLE_AUTH_DIGEST, test "$enable_auth_digest" != "no")
AC_SUBST(DIGEST_AUTH_HELPERS)
+dnl Authentication libraries to build
+dnl This list will not be needed when each auth library has its own Makefile
+dnl this is to be placed AFTER each auth module's handler
+AUTH_LIBS_TO_BUILD=
+for module in $AUTH_MODULES; do
+ AUTH_LIBS_TO_BUILD="$AUTH_LIBS_TO_BUILD lib${module}.la"
+done
+AC_SUBST(AUTH_MODULES)
+AC_SUBST(AUTH_LIBS_TO_BUILD)
+
dnl Select logging daemon helpers to build
-LOG_DAEMON_HELPERS="all"
+squid_opt_logdaemon_helpers="auto"
AC_ARG_ENABLE(log-daemon-helpers,
- AS_HELP_STRING([--enable-log-daemon-auth-helpers="list of helpers"],[This option selects which logging daemon
- helpers to build and install as part of the normal build process. For a list of available
- helpers see the helpers/log_daemon directory.]),
-[ case "$enableval" in
- yes)
- LOG_DAEMON_HELPERS="all"
- ;;
- no)
- LOG_DAEMON_HELPERS=""
- ;;
- *)
- LOG_DAEMON_HELPERS="`echo $enableval| sed -e 's/,/ /g;s/ */ /g'`"
- ;;
+ AS_HELP_STRING([--enable-log-daemon-helpers="list of helpers"],
+ [This option selects which logging daemon helpers to
+ build and install as part of the normal build process
+ For a list of available helpers see the helpers/log_daemon
+ directory.]),[
+case "$enableval" in
+ yes) : ;;
+ no) squid_opt_logdaemon_helpers="" ;;
+ *) squid_opt_logdaemon_helpers="`echo $enableval| sed -e 's/,/ /g;s/ */ /g'`" ;;
esac
])
-if test "$LOG_DAEMON_HELPERS" = "all" ; then
- LOG_DAEMON_HELPERS=""
- for dir in $srcdir/helpers/log_daemon/*; do
- helper="`basename $dir`"
- if test -f $dir/config.test && sh $dir/config.test "$@"; then
- LOG_DAEMON_HELPERS="$LOG_DAEMON_HELPERS $helper"
- elif test -d $srcdir/helpers/log_daemon/$helper ; then
- AC_MSG_NOTICE([Log daemon auth helper $helper ... found but cannot be built])
- fi
- done
-fi
-if test -n "$LOG_DAEMON_HELPERS"; then
- for helper in $LOG_DAEMON_HELPERS; do
- if test -d $srcdir/helpers/log_daemon/$helper; then
- :
- else
- AC_MSG_ERROR(Log daemon helper $helper does not exist)
- fi
- done
- AC_MSG_NOTICE([Log daemon helpers built: $LOG_DAEMON_HELPERS])
+if test "$squid_opt_logdaemon_helpers" = "auto" ; then
+ squid_opt_logdaemon_helpers=""
+ SQUID_LOOK_FOR_MODULES([$srcdir/helpers/log_daemon],[squid_opt_logdaemon_helpers])
fi
+for helper in $squid_opt_logdaemon_helpers ; do
+ dir="$srcdir/helpers/log_daemon/$helper"
+ if test -f $dir/config.test && sh $dir/config.test "$@"; then
+ LOG_DAEMON_HELPERS="$LOG_DAEMON_HELPERS $helper"
+ elif test -d $srcdir/helpers/log_daemon/$helper ; then
+ AC_MSG_NOTICE([Log daemon helper $helper ... found but cannot be built])
+ fi
+done
+AC_MSG_NOTICE([Log daemon helpers built: $LOG_DAEMON_HELPERS])
AC_SUBST(LOG_DAEMON_HELPERS)
dnl
dnl Check Kerberos/GSSAPI/SPNEGO
dnl
-SAVED_CPPFLAGS=$CPPFLAGS
-SAVED_LIBS=$LIBS
+SQUID_STATE_SAVE([krbsave])
+
AC_ARG_WITH(krb5-config,
[ --with-krb5-config=PATH specify path to krb5-config @<:@default=detect@:>@],
-[ if test "$withval" = "yes"; then
- unset krb5confpath
- elif test "$withval" != "no"; then
- krb5confpath=$withval
- else
- krb5confpath=no
- fi
+[
+ case "$withval" in
+ yes) unset krb5confpath ;;
+ no) krb5confpath=no ;;
+ *) krb5confpath=$withval ;;
+ esac
])
if test x"$krb5confpath" != xno; then
if test x"$krb5confpath" != x; then
AC_CHECK_HEADERS(profile.h)
fi
AC_CHECK_HEADERS(krb5.h com_err.h et/com_err.h)
- AC_CACHE_CHECK([for broken Solaris krb5.h],squid_cv_broken_krb5_h, [
- AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
-#include <krb5.h>
-int i;
-]])], [ squid_cv_broken_krb5_h=no ],
- [ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
-#if defined(__cplusplus)
-#define KRB5INT_BEGIN_DECLS extern "C" {
-#define KRB5INT_END_DECLS
-KRB5INT_BEGIN_DECLS
-#endif
-#include <krb5.h>
-int i;
-]])], [ squid_cv_broken_krb5_h=yes ], [ squid_cv_broken_krb5_h=no ])])])
+
+ SQUID_CHECK_KRB5_SOLARIS_BROKEN_KRB5_H
if test x"$squid_cv_broken_krb5_h" = x"yes"; then
AC_DEFINE(HAVE_BROKEN_SOLARIS_KRB5_H, 1, [Define to 1 if krb5.h is broken for C++])
fi
elif test "x$ac_cv_header_et_com_err_h" == "xyes" ; then
AC_EGREP_HEADER(error_message,et/com_err.h,ac_com_error_message=yes)
fi
- AC_CACHE_CHECK([for max_skew in struct krb5_context],squid_cv_max_skew_context, [
- AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
-#if HAVE_BROKEN_SOLARIS_KRB5_H
-#if defined(__cplusplus)
-#define KRB5INT_BEGIN_DECLS extern "C" {
-#define KRB5INT_END_DECLS
-KRB5INT_BEGIN_DECLS
-#endif
-#endif
-#include <krb5.h>
-krb5_context kc; kc->max_skew = 1;
-]])],[ squid_cv_max_skew_context=yes ], [ squid_cv_max_skew_context=no ])])
+
+ SQUID_CHECK_MAX_SKEW_IN_KRB5_CONTEXT
if test x"$squid_cv_max_skew_context" = x"yes"; then
AC_DEFINE(HAVE_MAX_SKEW_IN_KRB5_CONTEXT, 1, [Define to 1 if max_skew in struct krb5_context])
fi
if test `echo $KRB5LIBS | grep -c com_err` -ne 0 -a "x$ac_com_error_message" == "xyes" ; then
AC_CHECK_LIB(com_err,error_message,
- AC_DEFINE(HAVE_ERROR_MESSAGE,1,[Define to 1 if you have error_message]),)
+ AC_DEFINE(HAVE_ERROR_MESSAGE,1,
+ [Define to 1 if you have error_message]),)
elif test "x$ac_com_error_message" == "xyes" ; then
AC_CHECK_LIB(krb5,error_message,
- AC_DEFINE(HAVE_ERROR_MESSAGE,1,[Define to 1 if you have error_message]),)
+ AC_DEFINE(HAVE_ERROR_MESSAGE,1,
+ [Define to 1 if you have error_message]),)
fi
AC_CHECK_LIB(krb5,krb5_get_err_text,
- AC_DEFINE(HAVE_KRB5_GET_ERR_TEXT,1,[Define to 1 if you have krb5_get_err_text]),)
+ AC_DEFINE(HAVE_KRB5_GET_ERR_TEXT,1,
+ [Define to 1 if you have krb5_get_err_text]),)
AC_CHECK_LIB(krb5,krb5_get_error_message,
- AC_DEFINE(HAVE_KRB5_GET_ERROR_MESSAGE,1,[Define to 1 if you have krb5_get_error_message]),)
+ AC_DEFINE(HAVE_KRB5_GET_ERROR_MESSAGE,1,
+ [Define to 1 if you have krb5_get_error_message]),)
AC_CHECK_LIB(krb5,krb5_kt_free_entry,
- AC_DEFINE(HAVE_KRB5_KT_FREE_ENTRY,1,[Define to 1 if you have krb5_kt_free_entry]),)
+ AC_DEFINE(HAVE_KRB5_KT_FREE_ENTRY,1,
+ [Define to 1 if you have krb5_kt_free_entry]),)
AC_CHECK_LIB(krb5,krb5_get_init_creds_keytab,
- AC_DEFINE(HAVE_GET_INIT_CREDS_KEYTAB,1,[Define to 1 if you have krb5_get_init_creds_keytab]),)
+ AC_DEFINE(HAVE_GET_INIT_CREDS_KEYTAB,1,
+ [Define to 1 if you have krb5_get_init_creds_keytab]),)
AC_CHECK_LIB(krb5,krb5_get_max_time_skew,
- AC_DEFINE(HAVE_KRB5_GET_MAX_TIME_SKEW,1,[Define to 1 if you have krb5_get_max_time_skew]),)
+ AC_DEFINE(HAVE_KRB5_GET_MAX_TIME_SKEW,1,
+ [Define to 1 if you have krb5_get_max_time_skew]),)
AC_CHECK_LIB(krb5,krb5_get_profile,
- AC_DEFINE(HAVE_KRB5_GET_PROFILE,1,[Define to 1 if you have krb5_get_profile]),)
+ AC_DEFINE(HAVE_KRB5_GET_PROFILE,1,
+ [Define to 1 if you have krb5_get_profile]),)
AC_CHECK_LIB(krb5,profile_get_integer,
- AC_DEFINE(HAVE_PROFILE_GET_INTEGER,1,[Define to 1 if you have profile_get_integer]),)
+ AC_DEFINE(HAVE_PROFILE_GET_INTEGER,1,
+ [Define to 1 if you have profile_get_integer]),)
AC_CHECK_LIB(krb5,profile_release,
- AC_DEFINE(HAVE_PROFILE_RELEASE,1,[Define to 1 if you have profile_release]),)
- AC_CACHE_CHECK([for memory cache], squid_cv_memory_cache, [
- AC_RUN_IFELSE([AC_LANG_SOURCE([[
-#if HAVE_BROKEN_SOLARIS_KRB5_H
-#if defined(__cplusplus)
-#define KRB5INT_BEGIN_DECLS extern "C" {
-#define KRB5INT_END_DECLS
-KRB5INT_BEGIN_DECLS
-#endif
-#endif
-#include<krb5.h>
-main()
-{
- krb5_context context;
- krb5_ccache cc;
+ AC_DEFINE(HAVE_PROFILE_RELEASE,1,
+ [Define to 1 if you have profile_release]),)
- krb5_init_context(&context);
- return krb5_cc_resolve(context, "MEMORY:test_cache", &cc);
-}
-]])], [ squid_cv_memory_cache=yes ], [ squid_cv_memory_cache=no ])])
+ SQUID_CHECK_KRB5_CONTEXT_MEMORY_CACHE
if test "$squid_cv_memory_cache" = "yes" ; then
AC_DEFINE(HAVE_KRB5_MEMORY_CACHE,1, [Define to 1 if you have MEMORY: cache support])
fi
- AC_CACHE_CHECK([for working gssapi], squid_cv_working_gssapi, [
- AC_RUN_IFELSE([AC_LANG_SOURCE([[
-#ifdef HAVE_GSSAPI_GSSAPI_H
-#include <gssapi/gssapi.h>
-#elif HAVE_GSSAPI_H
-#include <gssapi.h>
-#endif
-
-#ifdef HAVE_GSSAPI_GSSAPI_EXT_H
-#include <gssapi/gssapi_ext.h>
-#endif
-
-#ifdef HAVE_GSSAPI_GSSAPI_KRB5_H
-#include <gssapi/gssapi_krb5.h>
-#endif
-
-#ifdef HAVE_GSSAPI_GSSAPI_GENERIC_H
-#include <gssapi/gssapi_generic.h>
-#endif
-int
-main(void)
-{
- OM_uint32 val;
- gss_OID_set set;
- gss_create_empty_oid_set(&val, &set);
-
- return 0;
-}
-]])], [ squid_cv_working_gssapi=yes ], [ squid_cv_working_gssapi=no ])])
+ SQUID_CHECK_WORKING_GSSAPI
if test "$squid_cv_working_gssapi" = "yes" ; then
AC_DEFINE(HAVE_GSSAPI, 1, [GSSAPI support])
fi
- AC_CACHE_CHECK([for working krb5], squid_cv_working_krb5, [
- AC_RUN_IFELSE([AC_LANG_SOURCE([[
-#ifdef HAVE_KRB5_H
-#if HAVE_BROKEN_SOLARIS_KRB5_H
-#if defined(__cplusplus)
-#define KRB5INT_BEGIN_DECLS extern "C" {
-#define KRB5INT_END_DECLS
-KRB5INT_BEGIN_DECLS
-#endif
-#endif
-#include <krb5.h>
-#endif
-
-int
-main(void)
-{
- krb5_context context;
-
- krb5_init_context(&context);
+ SQUID_CHECK_SPNEGO_SUPPORT
+ if test "$squid_cv_have_spnego" = "yes" ; then
+ AC_DEFINE(HAVE_SPNEGO,1, [Define to 1 if you have SPNEGO support])
+ fi
- return 0;
-}
-]])], [ squid_cv_working_krb5=yes ], [ squid_cv_working_krb5=no ])])
+ SQUID_CHECK_WORKING_KRB5
if test "$squid_cv_working_krb5" = "yes" ; then
AC_DEFINE(HAVE_KRB5, 1, [KRB5 support])
fi
- LIBS=$SAVED_LIBS
- CPPFLAGS=$SAVED_CPPFLAGS
AC_SUBST(KRB5INCS)
AC_SUBST(KRB5LIBS)
fi
+SQUID_STATE_ROLLBACK([krbsave])
+AM_CONDITIONAL(HAVE_SPNEGO, test x"$squid_cv_have_spnego" = x"yes" )
dnl Enable "NTLM fail open"
AC_ARG_ENABLE(ntlm-fail-open,
- AS_HELP_STRING([--enable-ntlm-fail-open],[Enable NTLM fail open, where a helper that fails one of the
+ AS_HELP_STRING([--enable-ntlm-fail-open],
+ [Enable NTLM fail open, where a helper that fails one of the
Authentication steps can allow squid to still authenticate
- the user.]),
-[ if test "$enableval" = "yes" ; then
- AC_DEFINE(NTLM_FAIL_OPEN,1,[Define if NTLM is allowed to fail gracefully when a helper has problems. WARNING: This has security implications. DO NOT enable unless you KNOW you need it.])
- fi
+ the user. This has security implications, and is deprecated]),
+[
+SQUID_YESNO([$enableval],[--enable-ntlm-fail-open takes no argument])
])
+SQUID_DEFINE_BOOL(NTLM_FAIL_OPEN,${enable_ntlm_fail_open:=no},
+ [Define if NTLM is allowed to fail gracefully when a helper has problems.])
+AC_MSG_NOTICE([ntlm-fail-open enabled: $enable_ntlm_fail_open])
-dnl Select external_acl helpers to build
-EXTERNAL_ACL_HELPERS=all
AC_ARG_ENABLE(external-acl-helpers,
- AS_HELP_STRING([--enable-external-acl-helpers="list of helpers"],[This option selects which external_acl helpers to
- build and install as part of the normal build
- process. For a list of available helpers see the
- helpers/external_acl directory.]),
-[ case "$enableval" in
- yes)
- EXTERNAL_ACL_HELPERS=all
- ;;
- no)
- EXTERNAL_ACL_HELPERS=""
- ;;
- *)
- EXTERNAL_ACL_HELPERS="`echo $enableval| sed -e 's/,/ /g;s/ */ /g'`"
- ;;
- esac
-])
-if test "$EXTERNAL_ACL_HELPERS" = "all" ; then
- EXTERNAL_ACL_HELPERS=""
- for dir in $srcdir/helpers/external_acl/*; do
- helper="`basename $dir`"
- if test -f $dir/config.test && sh $dir/config.test "$@"; then
- EXTERNAL_ACL_HELPERS="$EXTERNAL_ACL_HELPERS $helper"
- elif test -d $srcdir/helpers/external_acl/$helper ; then
- AC_MSG_NOTICE([External ACL helper $helper ... found but cannot be built])
- fi
+ AS_HELP_STRING([--enable-external-acl-helpers="list of helpers"],
+ [Enable external_acl helpers support and thelpers themselves.
+ Default is to build all buildable helpers and enable support.
+ To disable support, use --disable-external-acl-helpers.
+ To build no helpers, specify "none".
+ To see available helpers, see the helpers/external_acl
+ directory]), [
+#nothing to do, really
+])
+if test "x${enable_external_acl_helpers:=yes}" = "xyes" ;then
+ SQUID_LOOK_FOR_MODULES([$srcdir/helpers/external_acl],
+ [enable_external_acl_helpers])
+fi
+if test "x$enable_external_acl_helpers" = "xnone" ; then
+ enable_external_acl_helpers=""
+fi
+EXTERNAL_ACL_HELPERS=""
+enable_external_acl_helpers="`echo $enable_external_acl_helpers| sed -e 's/,/ /g;s/ */ /g'`"
+if test "x$enable_external_acl_helpers" != "xno" ; then
+ for helper in $enable_external_acl_helpers ; do
+ dir="$srcdir/helpers/external_acl/$helper"
+ if test -f $dir/config.test && sh $dir/config.test "$@"; then
+ EXTERNAL_ACL_HELPERS="$EXTERNAL_ACL_HELPERS $helper"
+ else
+ AC_MSG_NOTICE([external acl helper $helper ... found but cannot be built])
+ fi
done
fi
-if test -n "$EXTERNAL_ACL_HELPERS"; then
- for helper in $EXTERNAL_ACL_HELPERS; do
- if test -f $srcdir/helpers/external_acl/$helper/Makefile.in; then
- :
- else
- AC_MSG_ERROR(external acl helper $helper does not exist)
- fi
- done
- AC_MSG_NOTICE([External acl helpers built: $EXTERNAL_ACL_HELPERS])
-fi
+AC_MSG_NOTICE([External acl helpers built: $EXTERNAL_ACL_HELPERS])
AC_SUBST(EXTERNAL_ACL_HELPERS)
+
+
dnl Select url_rewrite helpers to build
URL_REWRITE_HELPERS=all
AC_ARG_ENABLE(url-rewrite-helpers,
AC_ARG_WITH(valgrind-debug,
- AS_HELP_STRING([--with-valgrind-debug],[Include debug instrumentation for use with valgrind]),
+ AS_HELP_STRING([--with-valgrind-debug],
+ [Include debug instrumentation for use with valgrind]),
[ case $withval in
yes)
valgrind=1
])
dnl Disable "memPools" code
-AC_ARG_ENABLE(mempools,
- AS_HELP_STRING([--disable-mempools],[Disable memPools. Note that this option now simply sets the
- default behaviour. Specific classes can override this at runtime, and
- only lib/MemPool.c needs to be altered to change the squid-wide
- default for all classes.]),
-[ if test "$enableval" = "no" ; then
- AC_MSG_NOTICE([memPools disabled])
- AC_DEFINE(DISABLE_POOLS, 1, [Define if you have problems with memPools and want to disable Pools])
- else
- AC_DEFINE(DISABLE_POOLS, 0, [Define if you have problems with memPools and want to disable Pools.])
- fi
-],
-[ AC_DEFINE(DISABLE_POOLS, 0, [Define if you have problems with memPools and want to disable Pools.])
-])
+#AC_ARG_ENABLE(chunkedmempools,
+# AS_HELP_STRING([--enable-chunkedmempools],
+# [Enable experimental chunked memPools. Note that this option
+# simply sets the default behaviour. Specific classes can override this
+# at runtime, and only lib/MemPool.c needs to be altered
+# to change the squid-wide default for all classes.]), [
+#SQUID_YESNO([$enableval],
+# [--enable-chunkedmempools option takes no arguments])
+#])
+SQUID_DEFINE_BOOL(USE_CHUNKEDMEMPOOLS,${enable_chunkedmempools:=no},
+ [Enable chunked Memory Pools support (experimental)])
+#AC_MSG_NOTICE([Chunked MemPools enabled: $enable_chunkedmempools])
dnl Enable WIN32 Service compile mode
AC_ARG_ENABLE(win32-service,
- AS_HELP_STRING([--enable-win32-service],[Compile Squid as a WIN32 Service.
- Works only on MS-Windows platforms (NT and up).]),
+ AS_HELP_STRING([--enable-win32-service],
+ [Compile Squid as a WIN32 Service.
+ Works only on MS-Windows platforms]),
[ if test "$enableval" = "yes" ; then
AC_MSG_NOTICE([Enabling WIN32 run service mode])
- AC_DEFINE(USE_WIN32_SERVICE,1,[Define Windows NT & Windows 2000 run service mode])
+ AC_DEFINE(USE_WIN32_SERVICE,1,
+ [Define Windows NT & Windows 2000 run service mode])
fi
])
-dnl Check for Cyrus SASL
-if test "$require_sasl" = "yes"; then
- AC_CHECK_HEADERS(sasl/sasl.h sasl.h)
- if test "$ac_cv_header_sasl_sasl_h" = "yes"; then
- AC_MSG_NOTICE([using SASL2])
- LIBSASL="-lsasl2"
- else
- if test "$ac_cv_header_sasl_h" = "yes"; then
- AC_MSG_NOTICE([using SASL])
- LIBSASL="-lsasl"
- else
- AC_MSG_ERROR(Neither SASL nor SASL2 found)
- fi
- fi
- AC_SUBST(LIBSASL)
+# Check for Cyrus SASL
+if test "$squid_require_sasl" = "yes"; then
+ AC_CHECK_HEADERS(sasl/sasl.h sasl.h)
+ AC_CHECK_LIB(sasl2,sasl_errstring,[LIBSASL="-lsasl2"],[
+ AC_CHECK_LIB(sasl,sasl_errstring,[LIBSASL="-lsasl"], [
+ AC_MSG_ERROR(Neither SASL nor SASL2 found)
+ ])
+ ])
+ AC_SUBST(LIBSASL)
fi
-dnl Disable "unlinkd" code
+# Disable "unlinkd" code
AC_ARG_ENABLE(unlinkd,
- AS_HELP_STRING([--disable-unlinkd],[Do not use unlinkd]),
-[ if test "$enableval" = "no" ; then
- use_unlinkd=no
- else
- use_unlinkd=yes
- fi
-],[
- # Here we should probably use some magic depending on the selected
- # storage models
- use_unlinkd=yes
+ AS_HELP_STRING([--disable-unlinkd],[Do not use unlinkd]), [
+SQUID_YESNO([$enableval],
+ [unrecognized argument to --disable-unlinkd: $enableval])
])
-if test "$use_unlinkd" = "yes"; then
- AC_MSG_NOTICE([unlinkd enabled])
- AC_DEFINE(USE_UNLINKD,1,[Define this if unlinkd is required (strongly recommended for ufs storage type)])
- AM_CONDITIONAL(ENABLE_UNLINKD, true)
-else
- AC_MSG_NOTICE([unlinkd disabled])
- AM_CONDITIONAL(ENABLE_UNLINKD, false)
-fi
+SQUID_DEFINE_BOOL([USE_UNLINKD],${enable_unlinkd:=yes},
+ [Enable useage of unlinkd])
+AM_CONDITIONAL(ENABLE_UNLINKD,test "$enable_unlinkd" = "yes")
+AC_MSG_NOTICE([unlinkd enabled: $enable_unlinkd])
-dnl Enable backtraces on fatal errors
+# Enable backtraces on fatal errors
AC_ARG_ENABLE(stacktraces,
- AS_HELP_STRING([--enable-stacktraces],[Enable automatic call backtrace on fatal errors]),
-[ if test "$enableval" = "yes" ; then
- AC_MSG_NOTICE([Enabling automatic stack backtraces on fatal errors])
- AC_DEFINE(PRINT_STACK_TRACE, 1,[Print stacktraces on fatal errors])
- fi
+ AS_HELP_STRING([--enable-stacktraces],
+ [Enable automatic call backtrace on fatal errors]), [
+SQUID_YESNO([$enableval],
+ [unrecognized argument to --enable-stacktraces: $enableval])
])
+SQUID_DEFINE_BOOL([PRINT_STACK_TRACE],${enable_stacktraces:=no},
+ [Print stack traces on fatal errors])
+AC_MSG_NOTICE([Automatically print stack trace on fatal errors: $enable_stacktraces])
-AM_CONDITIONAL(ENABLE_XPROF_STATS, false)
-dnl Enable USE_XPROF_STATS
-AC_ARG_ENABLE(cpu-profiling,
- AS_HELP_STRING([--enable-cpu-profiling],[Enable instrumentation to try and understand how CPU power
- is spent by squid, by enabling specific probes in selected
- functions. New probes can only be added by modifying the source code.
- It is meant to help developers in optimizing performance
- of Squid internal functions.
- If you are not developer you shouldn't enable this,
- as it slows squid down somewhat. See lib/Profiler.c for more details.]),
-[ if test "$enableval" = "yes" ; then
- AC_MSG_NOTICE([Enabling cpu-profiling])
- AC_DEFINE(USE_XPROF_STATS, 1,[Define to enable CPU profiling within Squid])
- AM_CONDITIONAL(ENABLE_XPROF_STATS, true)
- fi
-])
-dnl Enable X-Accelerator-Vary for Vary support within an accelerator setup
+# CPU Profiling options handling
+AC_ARG_ENABLE(cpu-profiling,
+ AS_HELP_STRING([--enable-cpu-profiling],
+ [Enable instrumentation to try and understand how CPU power
+ is spent by squid, by enabling specific probes in selected
+ functions.
+ New probes can only be added by modifying the source code.
+ It is meant to help developers in optimizing performance
+ of Squid internal functions.
+ If you are not developer you should not enable this,
+ as it slows squid down somewhat.
+ See lib/Profiler.c for more details.]), [
+SQUID_YESNO([$enableval],
+ [unrecognized argument to --enable-cpu-profiling: $enableval])
+])
+SQUID_DEFINE_BOOL([USE_XPROF_STATS],${enable_cpu_profiling:=no},
+ [Define to enable CPU profiling within Squid])
+AM_CONDITIONAL(ENABLE_XPROF_STATS,
+ test $enable_cpu_profiling = "yes")
+AC_MSG_NOTICE([CPU profiling enabled: $enable_cpu_profiling])
+
+# Enable X-Accelerator-Vary for Vary support within an accelerator setup
AC_ARG_ENABLE(x-accelerator-vary,
- AS_HELP_STRING([--enable-x-accelerator-vary],[Enable support for the X-Accelerator-Vary
+ AS_HELP_STRING([--enable-x-accelerator-vary],
+ [Enable support for the X-Accelerator-Vary
HTTP header. Can be used to indicate
variance within an accelerator setup.
Typically used together with other code
- that adds custom HTTP headers to the requests.]),
-[ if test "$enableval" = "yes" ; then
- AC_MSG_NOTICE([Enabling support for X-Accelerator-Vary])
- AC_DEFINE(X_ACCELERATOR_VARY, 1, [Enable support for the X-Accelerator-Vary HTTP header])
- fi
+ that adds custom HTTP headers to the requests.]), [
+SQUID_YESNO([$enableval],
+ [unrecognized argument to --enable-x-accelerator-vary: $enableval])
])
+SQUID_DEFINE_BOOL([X_ACCELERATOR_VARY],${enable_x_accelerator_vary:=no},
+ [Enable support for the X-Accelerator-Vary HTTP header])
+AC_MSG_NOTICE([X-Accelerator-Vary support enabled: $enable_x_accelerator_vary])
+
AC_ARG_ENABLE(zph-qos,
- AS_HELP_STRING([--enable-zph-qos],[Enable ZPH QOS support]),
-[ if test "$enableval" = "yes" ; then
- AC_MSG_NOTICE([ZPH QOS enabled])
- AC_DEFINE(USE_ZPH_QOS,1,
- [ Define this to use Squid's ZPH (Zero Penalty Hit) QOS features.
- When enabled, Squid will alter TOS field of HIT responses for better QOS on intermediate routing/shaping devices.])
- fi
+ AS_HELP_STRING([--enable-zph-qos],[Enable ZPH QOS support]), [
+SQUID_YESNO([$enableval],
+ [unrecognized argument to --enable-zph-qos: $enableval])
])
+SQUID_DEFINE_BOOL([USE_ZPH_QOS],${enable_zph_qos:=no},
+ [Enable Zero Penalty Hit QOS. When set, Squid will alter the
+ TOS field of HIT responses to help policing network traffic])
+AC_MSG_NOTICE([ZPH QOS enabled: $enable_zph_qos])
dnl --with-maxfd present for compatibility with Squid-2.
dnl undocumented in ./configure --help to encourage using the Squid-3 directive.
esac
])
-AC_PATH_PROG(CPPUNITCONFIG, cppunit-config, false)
if $CPPUNITCONFIG --help >/dev/null; then
- AC_MSG_NOTICE([using system installed cppunit])
+ squid_cv_cppunit_version="`$CPPUNITCONFIG --version`"
+ AC_MSG_NOTICE([using system installed cppunit version $squid_cv_cppunit_version])
+ unset squid_cv_cppunit_version
SQUID_CPPUNIT_LIBS="`$CPPUNITCONFIG --libs`"
SQUID_CPPUNIT_LA=''
SQUID_CPPUNIT_INC="`$CPPUNITCONFIG --cflags`"
;;
esac
-dnl Check for programs
-AC_PROG_CPP
-AC_PROG_INSTALL
-AC_PROG_LN_S
-AC_PATH_PROG(SH, sh, /bin/sh)
-AC_PATH_PROG(FALSE, false, /usr/bin/false)
-AC_PATH_PROG(TRUE, true, /usr/bin/true)
-AC_PATH_PROG(MV, mv, $FALSE)
-AC_PATH_PROG(MKDIR, mkdir, $FALSE)
-AC_PATH_PROG(LN, ln, cp)
-AC_PATH_PROG(CHMOD, chmod, $FALSE)
-
-AC_PATH_PROG(RM, rm, $FALSE)
-dnl Libtool 2.2.6 requires: rm -f
-RM="$RM -f"
dnl automake handles this AC_PATH_PROG(MAKEDEPEND, makedepend, $TRUE)
-AC_PROG_EGREP
-
-AC_PATH_PROG(PERL, perl, none)
-if test "$ac_cv_path_PERL" = "none"; then
- AC_MSG_FAILURE([Perl is required to compile Squid. Please install Perl and then re-run configure ])
-fi
case "$host" in
*-hp-hpux*)
- AC_MSG_NOTICE([Disabling 'ranlib' for HP-UX...])
+ AC_MSG_NOTICE([Disabling ranlib for HP-UX...])
RANLIB=":"
;;
esac
-dnl set $(AR)
-AC_PATH_PROG(AR, ar, $FALSE)
-AR_R="$AR r"
-case "$host" in
- *-next-nextstep3)
- AR="libtool -o"
- ;;
-esac
-AC_SUBST(AR_R)
-
dnl Check for headers
AC_HEADER_DIRENT
AC_HEADER_STDC
ipl.h \
libc.h \
limits.h \
+ linux/posix_types.h \
linux/types.h \
machine/byte_swap.h \
malloc.h \
db_185.h
)
+CHECK_STRUCT_PAM_CONV
+
AC_CHECK_HEADERS(
- linux/netfilter_ipv4.h \
- linux/netfilter_ipv4/ip_tproxy.h \
+ linux/netfilter_ipv4.h
,,,
SQUID_DEFAULT_INCLUDES
#if HAVE_LIMITS_H
AC_MSG_NOTICE([Use MSVCRT for math functions.])
;;
*)
- AC_CHECK_LIB(m, main)
+ dnl rint() is only used in old C code for now.
+ AC_LANG_PUSH([C])
+ AC_SEARCH_LIBS([rint],[m])
+ AC_LANG_POP([C])
;;
esac
dnl Enable IPv6 support
AC_MSG_CHECKING([whether to enable IPv6])
-use_ipng=yes
+use_ipng=auto
AC_ARG_ENABLE(ipv6,
AS_HELP_STRING([--disable-ipv6],[Disable IPv6 support]),
-[ if test "x$enableval" = "xyes" ; then
- AC_MSG_RESULT(yes)
- else
- AC_MSG_RESULT(no)
- use_ipng=no
- fi
-],[AC_MSG_RESULT(yes)])
+[ case $enableval in
+ yes|no)
+ use_ipng=$enableval
+ ;;
+ *)
+ ;;
+ esac
+])
+AC_MSG_RESULT($use_ipng)
-if test "$use_ipng" = "yes"; then
+if test "$use_ipng" != "no"; then
SAVED_LIBS="$LIBS"
dnl Solaris 10/11 requires -lsocket
case "$host" in
*)
;;
esac
- AC_CACHE_CHECK([if PF_INET6 is available], $use_ipng,
+ AC_CACHE_CHECK([if PF_INET6 is available], squid_cv_pf_inet6,
AC_RUN_IFELSE([AC_LANG_SOURCE([[ /* PF_INET6 available check */
# include <sys/types.h>
# include <sys/socket.h>
else
return 0;
}
- ]])],[ AC_MSG_RESULT(yes)
- use_ipng=yes
- SAVED_LIBS="$LIBS" ],[ AC_MSG_RESULT(no)
- use_ipng=no ],[])
+ ]])],[squid_cv_pf_inet6="yes" ; SAVED_LIBS="$LIBS"],[squid_cv_pf_inet6="no"],[])
)
LIBS="$SAVED_LIBS"
fi
-if test "$use_ipng" = "yes"; then
+# NP: semi-silent failure as IPv4-only mode is perfectly usable on this system.
+# unless --enable-ipv6 is explicitly used. in which case it's a hard fail.
+if test "x$use_ipng" = "xyes" && test "x$squid_cv_pf_inet6" = "xno"; then
+ AC_MSG_ERROR([IPv6 cannot be built on this system. Basic kernel definitions are missing.])
+elif test "x$use_ipng" = "xauto" && test "x$squid_cv_pf_inet6" = "xno"; then
+ AC_MSG_WARN([IPv6 cannot be built on this system. Basic kernel definitions are missing.])
+fi
+
+if test "$use_ipng" != "no" && test "$squid_cv_pf_inet6" = "yes" ; then
AC_DEFINE(USE_IPV6,1,[Enable support for IPv6 ])
SET_IPV6_SETTINGS=""
use_v4mapped=yes
],[])
fi
-dnl if we can't defer v4-mapping to the OS we are forced to split-stack the FD table.
+dnl if we can't defer v4-mapping to the OS we are forced to split-stack
+dnl the FD table.
AC_MSG_CHECKING([for IPv6 stack type/mode])
if test "$use_v4mapped" = "yes"; then
AC_DEFINE(IPV6_SPECIAL_V4MAPPED, 1, [Enable v4-mapping through v6 sockets. Requires IPv6 hybrid-stack.])
fi
else
- # NP: semi-silent failure as IPv4-only mode is perfectly usable on this system.
- AC_MSG_WARN([IPv6 is not available on this system.])
+ # IPv6 is not available, but is not explicitly required. Auto-Disable.
AC_DEFINE(USE_IPV6,0,[Enable support for IPv6])
AC_DEFINE(IPV6_SPECIAL_SPLITSTACK,0,[Enable support for IPv6 on split-stack implementations])
AC_DEFINE(IPV6_SPECIAL_V4MAPPED,0,[Enable v4-mapping through v6 sockets])
AC_SUBST(LBERLIB)
dnl Check for libdb
+dnl this is not fully functional if db.h is for a differend db version
DBLIB=
+
+dnl check that dbopen is actually defined in the header
+dnl FIXME: in case of failure undef db-related includes etc.
+AC_CHECK_DECL(dbopen,,,[
+#if HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#if HAVE_LIMITS_H
+#include <limits.h>
+#endif
+#if HAVE_DB_185_H
+#include <db_185.h>
+#elif HAVE_DB_H
+#include <db.h>
+#endif])
+
dnl 1.85
AC_CACHE_CHECK(if dbopen needs -ldb,ac_cv_dbopen_libdb, [
SAVED_LIBS="$LIBS"; LIBS="$LIBS -ldb"
tempnam \
)
-dnl Magic which checks whether we are forcing a type of comm loop we
-dnl are actually going to (ab)use
-
-dnl Actually do the define magic now
-dnl mostly ripped from squid-commloops, thanks to adrian and benno
-
-if test -n "$SELECT_TYPE"; then
- : # Already decided above. Nothing to do here
-elif test -z "$disable_epoll" && test "$ac_cv_epoll_works" = "yes" ; then
- SELECT_TYPE="epoll"
-elif test -z "$disable_kqueue" && test "$ac_cv_func_kqueue" = "yes" ; then
- SELECT_TYPE="kqueue"
-elif test -z "$disable_poll" && test "$ac_cv_func_poll" = "yes" ; then
- SELECT_TYPE="poll"
-elif test -z "$disable_select" && test "$ac_cv_func_select" = "yes" ; then
- case "$host_os" in
- mingw|mingw32)
- SELECT_TYPE="select_win32"
- ;;
- *)
- SELECT_TYPE="select"
- ;;
- esac
+# Magic which checks whether we are forcing a type of comm loop we
+# are actually going to (ab)use.
+# Mostly ripped from squid-commloops, thanks to adrian and benno
+
+if test -n "$squid_opt_io_loop_engine"; then
+ AC_MSG_NOTICE([choosing user-specified net I/O API $squid_opt_io_loop_engine])
+elif test "$enable_epoll" != "no" && test "$squid_cv_epoll_works" = "yes" ; then
+ squid_opt_io_loop_engine="epoll"
+elif test "$enable_kqueue" != "no" && test "$ac_cv_func_kqueue" = "yes" ; then
+ squid_opt_io_loop_engine="kqueue"
+elif test "$enable_poll" != "no" && test "$ac_cv_func_poll" = "yes" ; then
+ squid_opt_io_loop_engine="poll"
+elif test "$enable_select" != "no" && test "$ac_cv_func_select" = "yes" ; then
+ squid_opt_io_loop_engine="select"
+ if test "$squid_host_os" = "mingw" ; then
+ squid_opt_io_loop_engine="select_win32"
+ fi
else
- AC_MSG_WARN([Eep! Can't find poll, kqueue, epoll, or select!])
- AC_MSG_WARN([I'll try select and hope for the best.])
- SELECT_TYPE="select"
- AC_DEFINE(USE_SELECT,1)
-fi
-
-AC_MSG_NOTICE([Using ${SELECT_TYPE} for the IO loop.])
-
-AM_CONDITIONAL([USE_POLL], [test $SELECT_TYPE = poll])
-AM_CONDITIONAL([USE_EPOLL], [test $SELECT_TYPE = epoll])
-AM_CONDITIONAL([USE_SELECT], [test $SELECT_TYPE = select])
-AM_CONDITIONAL([USE_SELECT_SIMPLE], [test $SELECT_TYPE = select_simple])
-AM_CONDITIONAL([USE_SELECT_WIN32], [test $SELECT_TYPE = select_win32])
-AM_CONDITIONAL([USE_KQUEUE], [test $SELECT_TYPE = kqueue])
-AM_CONDITIONAL([USE_DEVPOLL], [test $SELECT_TYPE = devpoll])
-
-case $SELECT_TYPE in
-epoll)
- AC_DEFINE(USE_EPOLL,1,[Use epoll() for the IO loop])
- ;;
-poll)
- AC_DEFINE(USE_POLL,1,[Use poll() for the IO loop])
- ;;
-kqueue)
- AC_DEFINE(USE_KQUEUE,1,[Use kqueue() for the IO loop])
- ;;
-select_win32)
- AC_DEFINE(USE_SELECT_WIN32,1,[Use Winsock select() for the IO loop])
- ;;
-select)
- AC_DEFINE(USE_SELECT,1,[Use select() for the IO loop])
- ;;
+ AC_MSG_WARN([Eep! Cannot find poll, kqueue, epoll, or select!])
+ AC_MSG_WARN([Will try select and hope for the best.])
+ squid_opt_io_loop_engine="select"
+fi
+
+AC_MSG_NOTICE([Using ${squid_opt_io_loop_engine} for the IO loop.])
+
+AM_CONDITIONAL([USE_POLL], [test $squid_opt_io_loop_engine = poll])
+AM_CONDITIONAL([USE_EPOLL], [test $squid_opt_io_loop_engine = epoll])
+AM_CONDITIONAL([USE_SELECT], [test $squid_opt_io_loop_engine = select])
+AM_CONDITIONAL([USE_SELECT_SIMPLE], [test $squid_opt_io_loop_engine = select_simple])
+AM_CONDITIONAL([USE_SELECT_WIN32], [test $squid_opt_io_loop_engine = select_win32])
+AM_CONDITIONAL([USE_KQUEUE], [test $squid_opt_io_loop_engine = kqueue])
+AM_CONDITIONAL([USE_DEVPOLL], [test $squid_opt_io_loop_engine = devpoll])
+
+case $squid_opt_io_loop_engine in
+ epoll) AC_DEFINE(USE_EPOLL,1,[Use epoll() for the IO loop]) ;;
+ poll) AC_DEFINE(USE_POLL,1,[Use poll() for the IO loop]) ;;
+ kqueue) AC_DEFINE(USE_KQUEUE,1,[Use kqueue() for the IO loop]) ;;
+ select_win32) AC_DEFINE(USE_SELECT_WIN32,1,[Use Winsock select() for the IO loop]) ;;
+ select) AC_DEFINE(USE_SELECT,1,[Use select() for the IO loop]) ;;
esac
-
-
-dnl Yay! Another Linux brokenness. Its not good enough
-dnl to know that setresuid() exists, because RedHat 5.0 declares
-dnl setresuid() but doesn't implement it.
-dnl
-AC_CACHE_CHECK(if setresuid is implemented, ac_cv_func_setresuid,
+AC_CACHE_CHECK(if setresuid is actually implemented, ac_cv_func_setresuid,
AC_RUN_IFELSE([AC_LANG_SOURCE([[
#include <stdlib.h>
int main(int argc, char **argv) {
]])],[ac_cv_func_setresuid="yes"],[ac_cv_func_setresuid="no"],[])
)
if test "$ac_cv_func_setresuid" = "yes" ; then
- AC_DEFINE(HAVE_SETRESUID,1,[Yay! Another Linux brokenness. Its not good enough to know that setresuid() exists, because RedHat 5.0 declare setresuid() but doesn't implement it.])
-fi
-
-dnl Yay! This one is a MacOSX brokenness. Its not good enough
-dnl to know that strnstr() exists, because MacOSX 10.4 have a bad
-dnl copy that crashes with a buffer over-run!
-dnl
-AC_CACHE_CHECK(if strnstr is well implemented, ac_cv_func_strnstr,
- AC_RUN_IFELSE([AC_LANG_SOURCE([[
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
- // we expect this to succeed, or crash on over-run.
- // if it passes otherwise we may need a better check.
-int main(int argc, char **argv)
-{
- int size = 20;
- char *str = malloc(size);
- memset(str, 'x', size);
- strnstr(str, "fubar", size);
- return 0;
-}
- ]])],[ac_cv_func_strnstr="yes"],[ac_cv_func_strnstr="no"],[])
-)
-if test "$ac_cv_func_strnstr" = "yes" ; then
- AC_DEFINE(HAVE_STRNSTR,1,[Yay! We have a working strnstr!])
-else
- AC_DEFINE(HAVE_STRNSTR,0,[Yay! A MacOS X brokenness. Its not good enough to know that strnstr() exists, because MacOSX 10.4 and earlier may have a buffer overrun.])
+ AC_DEFINE(HAVE_SETRESUID,1,[Yay! Another Linux brokenness. Knowing that setresuid() exists is not enough, because RedHat 5.0 declares setresuid() but does not implement it.])
fi
-dnl
-dnl Test for va_copy
-dnl
-AC_CACHE_CHECK(if va_copy is implemented, ac_cv_func_va_copy,
- AC_RUN_IFELSE([AC_LANG_SOURCE([[
- #include <stdarg.h>
- #include <stdlib.h>
- int f (int i, ...) {
- va_list args1, args2;
- va_start (args1, i);
- va_copy (args2, args1);
- if (va_arg (args2, int) != 42 || va_arg (args1, int) != 42)
- return 1;
- va_end (args1); va_end (args2);
- return 0;
- }
- int main(int argc, char **argv) { return f (0, 42); }
- ]])],[ac_cv_func_va_copy="yes"],[ac_cv_func_va_copy="no"],[])
-)
-if test "$ac_cv_func_va_copy" = "yes" ; then
- AC_DEFINE(HAVE_VA_COPY, 1, [If your system have va_copy])
-fi
+SQUID_CHECK_FUNC_STRNSTR
+SQUID_CHECK_FUNC_VACOPY
+SQUID_CHECK_FUNC___VACOPY
-dnl
-dnl Some systems support __va_copy
-dnl
-AC_CACHE_CHECK(if __va_copy is implemented, ac_cv_func___va_copy,
- AC_RUN_IFELSE([AC_LANG_SOURCE([[
- #include <stdarg.h>
- #include <stdlib.h>
- int f (int i, ...) {
- va_list args1, args2;
- va_start (args1, i);
- __va_copy (args2, args1);
- if (va_arg (args2, int) != 42 || va_arg (args1, int) != 42)
- return 1;
- va_end (args1); va_end (args2);
- return 0;
- }
- int main(int argc, char **argv) { return f (0, 42); }
- ]])],[ac_cv_func___va_copy="yes"],[ac_cv_func___va_copy="no"],[])
-)
-if test "$ac_cv_func___va_copy" = "yes" ; then
- AC_DEFINE(HAVE___VA_COPY, 1, [Some systems have __va_copy instead of va_copy])
-fi
dnl IP-Filter support requires ipf header files. These aren't
dnl installed by default, so we need to check for them
-if test "$IPF_TRANSPARENT" ; then
- AC_MSG_CHECKING(if IP-Filter header files are installed)
+if test "$enable_ipf_transparent" != "no" ; then
+ AC_MSG_CHECKING(for availability of IP-Filter header files)
# hold on to your hats...
if test "$ac_cv_header_ip_compat_h" = "yes" ||
test "$ac_cv_header_ip_fil_compat_h" = "yes" ||
test "$ac_cv_header_netinet_ip_fil_compat_h" = "yes" ; then
have_ipfilter_compat_header="yes"
fi
- if test "x$have_ipfilter_compat_header" = "xyes" &&
+ if test "$have_ipfilter_compat_header" = "yes" &&
test "$ac_cv_header_ip_fil_h" = "yes" &&
test "$ac_cv_header_ip_nat_h" = "yes" ; then
- IPF_TRANSPARENT="yes"
- AC_DEFINE(IPF_TRANSPARENT, 1)
+ enable_ipf_transparent="yes"
elif test "$have_ipfilter_compat_header" = "yes" &&
test "$ac_cv_header_netinet_ip_fil_h" = "yes" &&
test "$ac_cv_header_netinet_ip_nat_h" = "yes" ; then
- IPF_TRANSPARENT="yes"
- AC_DEFINE(IPF_TRANSPARENT, 1)
+ enable_ipf_transparent="yes"
else
- IPF_TRANSPARENT="no"
- AC_DEFINE(IPF_TRANSPARENT, 0)
+ enable_ipf_transparent="no"
fi
AC_MSG_RESULT($IPF_TRANSPARENT)
-fi
-if test "$IPF_TRANSPARENT" = "no" ; then
- AC_MSG_WARN([Cannot find necessary IP-Filter header files])
- AC_MSG_WARN([Transparent Proxy support WILL NOT be enabled])
- sleep 10
-elif test "$IPF_TRANSPARENT" = "yes" ; then
+fi
+AC_MSG_NOTICE([IPF-based transparent proxying enabled: $enable_ipf_transparent])
+SQUID_DEFINE_BOOL([IPF_TRANSPARENT],$enable_ipf_transparent,
+ [Enable support for IPF-style transparent proxying])
+
+if test "$enable_ipf_transparent" = "yes" -a "$squid_host_os" = "solaris" ; then
dnl On Solaris Ipfilter includes expect that SOLARIS2 is defined with the
dnl Solaris minor version (8, 9, 10, ...)
- case "$host" in
- *-solaris*)
- solrev=`uname -r | sh -c 'IFS=. read j n x; echo $n'`
- CFLAGS="-DSOLARIS2=$solrev $CFLAGS"
- CXXFLAGS="-DSOLARIS2=$solrev $CXXFLAGS"
- ;;
- *)
- ;;
- esac
+ solrev=`uname -r | sh -c 'IFS=. read j n x; echo $n'`
+ CFLAGS="-DSOLARIS2=$solrev $CFLAGS"
+ CXXFLAGS="-DSOLARIS2=$solrev $CXXFLAGS"
fi
dnl PF support requires a header file.
-if test "$PF_TRANSPARENT" ; then
- AC_MSG_CHECKING(if PF header file is installed)
- # hold on to your hats...
- if test "$ac_cv_header_net_pfvar_h" = "yes" || test "$ac_cv_header_net_pf_pfvar_h" = "yes"; then
- PF_TRANSPARENT="yes"
- AC_DEFINE(PF_TRANSPARENT, 1)
- else
- PF_TRANSPARENT="no"
- AC_DEFINE(PF_TRANSPARENT, 0)
- fi
- AC_MSG_RESULT($PF_TRANSPARENT)
-fi
-if test "$PF_TRANSPARENT" = "no" ; then
- AC_MSG_WARN([Cannot find necessary PF header file])
- AC_MSG_WARN([Transparent Proxy support WILL NOT be enabled])
- sleep 10
+if test "$enable_pf_transparent" != "no" ; then
+ if test "$ac_cv_header_net_pfvar_h" = "yes" -o \
+ "$ac_cv_header_net_pf_pfvar_h" = "yes"; then
+ if test "$enable_pf_transparent" = "auto" ; then
+ enable_pf_transparent="yes"
+ fi
+ else
+ if test "$enable_pf_transparent" = "yes" ; then
+ AC_MSG_ERROR([PF-based transparent proxy requested but needed header not found])
+ fi
+ enable_pf_transparent="no"
+ fi
fi
+SQUID_DEFINE_BOOL([PF_TRANSPARENT],$enable_pf_transparent,
+ [Enable support for PF-style transparent proxying])
-dnl Linux-Netfilter support requires Linux 2.4 kernel header files.
-dnl Shamelessly copied from above
-if test "$LINUX_NETFILTER" ; then
- AC_MSG_CHECKING(if Linux (Netfilter) kernel header files are installed)
- # hold on to your hats...
- if test "$ac_cv_header_linux_netfilter_ipv4_h" = "yes"; then
- LINUX_NETFILTER="yes"
- AC_DEFINE(LINUX_NETFILTER, 1)
+if test "$enable_linux_netfilter" != "no" ; then
+ if test "$ac_cv_header_linux_netfilter_ipv4_h" = "yes"; then
+ if test "$enable_linux_netfilter" = "auto" ; then
+ enable_linux_netfilter=yes
+ fi
+ else
+ if test "$enable_linux_netfilter" = "auto" ; then
+ enable_linux_netfilter=no
else
- LINUX_NETFILTER="no"
- AC_DEFINE(LINUX_NETFILTER, 0)
+ AC_MSG_ERROR([Linux Netfilter support requested but needed headers not found])
fi
- AC_MSG_RESULT($LINUX_NETFILTER)
-fi
-if test "$LINUX_NETFILTER" = "no" ; then
- AC_MSG_WARN([Cannot find necessary Linux kernel (Netfilter) header files])
- AC_MSG_WARN([Linux Transparent and Intercepting Proxy support WILL NOT be enabled])
- LINUX_TPROXY2="no"
- AC_DEFINE(LINUX_TPROXY2, 0, [Enable real Transparent Proxy support for Netfilter TPROXY v2.])
- sleep 10
+ fi
fi
+SQUID_DEFINE_BOOL([LINUX_NETFILTER],$enable_linux_netfilter,
+ [Enable support for Transparent Proxy on Linux via Netfilter])
+
dnl Netfilter TPROXY depends on libcap but the NAT parts can still work.
-if test "$LINUX_NETFILTER" = "yes" && test "$use_libcap" != "yes" ; then
+AC_MSG_NOTICE([Support for Netfilter-based interception proxy requested: $enable_linux_netfilter])
+if test "$enable_linux_netfilter" = "yes" && test "$use_libcap" != "yes" ; then
AC_MSG_WARN([Missing needed capabilities (libcap or libcap2) for TPROXY])
AC_MSG_WARN([Linux Transparent Proxy support WILL NOT be enabled])
AC_MSG_WARN([Reduced support to Interception Proxy])
- LINUX_TPROXY2="no"
- AC_DEFINE(LINUX_TPROXY2, 0, [Enable real Transparent Proxy support for Netfilter TPROXY v2.])
- sleep 10
-fi
-
-dnl Linux Netfilter/TPROXYv2 support requires some specific header files
-dnl Shamelessly copied from above
-if test "$LINUX_TPROXY2"; then
- if test "$use_libcap" = "yes"; then
- AC_MSG_CHECKING(if TPROXYv2 header files are installed)
- # hold on to your hats...
- if test "$ac_cv_header_linux_netfilter_ipv4_ip_tproxy_h" = "yes" && test "$LINUX_NETFILTER" = "yes"; then
- LINUX_TPROXY2="yes"
- AC_DEFINE(LINUX_TPROXY2, 1, [Enable real Transparent Proxy support for Netfilter TPROXY v2.])
- else
- LINUX_TPROXY2="no"
- AC_DEFINE(LINUX_TPROXY2, 0, [Enable real Transparent Proxy support for Netfilter TPROXY v2.])
- fi
- AC_MSG_RESULT($LINUX_TPROXY2)
- if test "$LINUX_TPROXY2" = "no" && test "$LINUX_NETFILTER" = "yes"; then
- AC_MSG_WARN([Cannot find TPROXY v2 headers, you need to patch the kernel with ])
- AC_MSG_WARN([tproxy package from:])
- AC_MSG_WARN([ - lynx http://www.balabit.com/downloads/files/tproxy/])
- AC_MSG_WARN([Or select the '--enable-linux-netfilter' option instead for Netfilter support.])
- sleep 10
- fi
- else
- AC_MSG_WARN([Missing needed capabilities (libcap or libcap2) for TPROXY v2])
- AC_MSG_WARN([Linux Transparent Proxy support WILL NOT be enabled])
- LINUX_TPROXY2="no"
- AC_DEFINE(LINUX_TPROXY2, 0, [Enable real Transparent Proxy support for Netfilter TPROXY v2.])
- sleep 10
- fi
+ # AC_DEFINEd later
fi
AC_ARG_ENABLE(gnuregex,
- AS_HELP_STRING([--enable-gnuregex],[Compile GNUregex. Unless you have reason to use
+ AS_HELP_STRING([--enable-gnuregex],
+ [Compile GNUregex. Unless you have reason to use
this option, you should not enable it.
This library file is usually only required on Windows and
very old Unix boxes which do not have their own regex
dnl Not cached since people are likely to tune this
AC_MSG_CHECKING(Maximum number of filedescriptors we can open)
-dnl damn! FreeBSD's pthreads breaks dup2().
+dnl damn! FreeBSD pthreads break dup2().
TLDFLAGS="$LDFLAGS"
if test -n "$squid_filedescriptors_num" ; then
SQUID_MAXFD=$squid_filedescriptors_num
AC_MSG_WARN([cache will be very busy. Please see the FAQ page])
AC_MSG_WARN([http://wiki.squid-cache.org/SquidFaq/TroubleShooting])
AC_MSG_WARN([on how to increase your filedescriptor limit])
- sleep 10
fi
LDFLAGS="$TLDFLAGS"
if test `expr $SQUID_MAXFD % 64` != 0; then
AC_MSG_WARN([$SQUID_MAXFD is not an multiple of 64. This may cause issues on certain platforms.])
- sleep 10
fi
dnl Not cached since people are likely to tune this
AC_DEFINE(NEED_SYS_ERRLIST,1,[If we need to declare sys_errlist[] as external])
fi
+dnl Hurd does not supply MAXPATHLEN. we may need to define it outselves.
+dnl Other system define it in system headers
+AC_CHECK_HEADERS([sys/param.h])
+AC_MSG_CHECKING(for MAXPATHLEN)
+AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/param.h>]],[[int i = MAXPATHLEN;]])],[AC_MSG_RESULT(yes)],[AC_MSG_RESULT(no)
+ AC_DEFINE(MAXPATHLEN,256,[If MAXPATHLEN has not been defined])])
+
+
dnl Not cached since people are likely to change this
AC_MSG_CHECKING(for libresolv _dns_ttl_ hack)
AC_LINK_IFELSE([AC_LANG_PROGRAM([[extern int _dns_ttl_;]], [[return _dns_ttl_;]])],[AC_MSG_RESULT(yes)
Makefile \
compat/Makefile \
lib/Makefile \
+ libntlmauth/Makefile \
scripts/Makefile \
src/Makefile \
src/base/Makefile \
helpers/basic_auth/SMB/Makefile \
helpers/basic_auth/SSPI/Makefile \
helpers/digest_auth/Makefile \
- helpers/digest_auth/password/Makefile \
- helpers/digest_auth/ldap/Makefile \
helpers/digest_auth/eDirectory/Makefile \
+ helpers/digest_auth/file/Makefile \
+ helpers/digest_auth/ldap/Makefile \
helpers/ntlm_auth/Makefile \
- helpers/ntlm_auth/fakeauth/Makefile \
- helpers/ntlm_auth/no_check/Makefile \
+ helpers/ntlm_auth/fake/Makefile \
helpers/ntlm_auth/smb_lm/Makefile \
- helpers/ntlm_auth/smb_lm/smbval/Makefile \
- helpers/ntlm_auth/mswin_sspi/Makefile \
+ helpers/ntlm_auth/SSPI/Makefile \
helpers/negotiate_auth/Makefile \
helpers/negotiate_auth/kerberos/Makefile \
- helpers/negotiate_auth/mswin_sspi/Makefile \
+ helpers/negotiate_auth/SSPI/Makefile \
helpers/external_acl/Makefile \
helpers/external_acl/ip_user/Makefile \
helpers/external_acl/ldap_group/Makefile \
- * DEBUG:
-none
-none Common Removal Policy
-none ETag parsing support
-none FDE
-none Generate squid.conf.default and cf_parser.h
-none Linked list functions (deprecated)
-none LRU Removal Policy
-none Memory Allocation
-none Refcount allocator
-section 0 Announcement Server
-section 0 Client Database
-section 0 Debug Routines
-section 0 DNS Resolver
-section 0 Hash Tables
-section 0 UFS Store Dump
+section -- CGI Cache Manager
section -- External DISKD process implementation.
-section 1 Main Loop
-section 1 Startup and Main Loop
-section 2 Unlink Daemon
-section 3 Configuration File Parsing
-section 4 Error Generation
-section 5 Comms
-section 5 Socket Functions
-section 6 Disk I/O Routines
-section 7 Multicast
-section 8 Swap File Bitmap
-section 9 File Transfer Protocol (FTP)
+section -- Refcount allocator
+section -- Unlink Daemon
+section -- WWW Client
+section 00 Announcement Server
+section 00 Client Database
+section 00 DNS Resolver Daemon
+section 00 Debug Routines
+section 00 Hash Tables
+section 00 UFS Store Dump Tool
+section 01 Main Loop
+section 01 Startup and Main Loop
+section 02 Unlink Daemon
+section 03 Configuration File Parsing
+section 03 Configuration Settings
+section 04 Error Generation
+section 05 Comm
+section 05 Listener Socket Handler
+section 05 Socket Functions
+section 06 Disk I/O Routines
+section 07 Multicast
+section 08 Swap File Bitmap
+section 09 File Transfer Protocol (FTP)
section 10 Gopher
section 11 Hypertext Transfer Protocol (HTTP)
-section 12 Internet Cache Protocol
+section 12 Internet Cache Protocol (ICP)
section 13 High Level Memory Pool Management
section 14 IP Cache
+section 14 IP Storage and Handling
section 15 Neighbor Routines
section 16 Cache Manager Objects
section 17 Request Forwarding
section 22 Refresh Calculation
section 23 URL Parsing
section 23 URL Scheme parsing
-section 25 MIME Parsing
+section 25 MIME Parsing and Internal Icons
+section 25 MiME Header Parsing
section 26 Secure Sockets Layer Proxy
section 27 Cache Announcer
section 28 Access Control
section 29 Authenticator
-section 29 Negotiate Authenticator
section 29 NTLM Authenticator
+section 29 Negotiate Authenticator
section 30 Ident (RFC 931)
section 31 Hypertext Caching Protocol
section 32 Asynchronous Disk I/O
section 37 ICMP Routines
section 38 Network Measurement Database
section 39 Cache Array Routing Protocol
+section 39 Peer source hash based selection
+section 39 Peer user hash based selection
section 40 Referer Logging
section 40 User-Agent Logging
section 41 Event Processing
section 75 WHOIS protocol
section 76 Internal Squid Object handling
section 77 Delay Pools
+section 78 DNS lookups
section 78 DNS lookups; interacts with lib/rfc1035.c
section 79 Disk IO Routines
section 79 Squid-side DISKD I/O functions.
section 79 Storage Manager COSS Interface
section 79 Storage Manager UFS Interface
section 80 WCCP Support
-section 81 aio_xxx() POSIX emulation on Windows
section 81 CPU Profiling Routines
section 81 Store HEAP Removal Policies
+section 81 aio_xxx() POSIX emulation on Windows
section 82 External ACL
section 83 SSL accelerator support
section 84 Helper process maintenance
section 85 Client-side Request Routines
+section 86 ESI Expressions
section 86 ESI processing
section 87 Client-side Stream routines.
section 88 Client-side Reply Routines
-section 89 NAT / IP Interception
+section 89 EUI-48 Lookup
+section 89 EUI-64 Handling
+section 89 NAT / IP Interception
section 90 HTTP Cache Control Header
section 90 Storage Manager Client-Side Interface
section 92 Storage File System
+section 93 Adaptation
section 93 ICAP (RFC 3507) Client
+section 93 eCAP Interface
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: FULL NAME <EMAIL@ADDRESS>\n"
-"POT-Creation-Date: 2010-02-13 00:05+1400\n"
+"POT-Creation-Date: 2010-05-01 00:17+1200\n"
"PO-Revision-Date: 2009-07-22 09:45+0000\n"
"Last-Translator: Amos Jeffries <Unknown>\n"
"Language-Team: Arabic <ar@li.org>\n"
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:3
#: helpers/basic_auth/PAM/basic_pam_auth.8:3
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:3
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:3
+#: helpers/digest_auth/file/digest_file_auth.8:3
#: helpers/external_acl/ldap_group/squid_ldap_group.8:3
#: helpers/external_acl/session/squid_session.8:3
#: helpers/external_acl/unix_group/squid_unix_group.8:3 src/squid.8.in:3
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:8
#: helpers/basic_auth/PAM/basic_pam_auth.8:8
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:8
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:10
+#: helpers/digest_auth/file/digest_file_auth.8:10
#: helpers/external_acl/ldap_group/squid_ldap_group.8:10
#: helpers/external_acl/session/squid_session.8:10
#: helpers/external_acl/unix_group/squid_unix_group.8:8 src/squid.8.in:8
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:12
#: helpers/basic_auth/PAM/basic_pam_auth.8:15
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:26
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:13
+#: helpers/digest_auth/file/digest_file_auth.8:15
#: helpers/external_acl/ldap_group/squid_ldap_group.8:26
#: helpers/external_acl/session/squid_session.8:18
#: helpers/external_acl/unix_group/squid_unix_group.8:15 src/squid.8.in:25
#. type: TP
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:29
#, no-wrap
-msgid "Can handle LDAP request"
+msgid "Can handle LDAP requests"
msgstr ""
#. type: TP
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:31
#, no-wrap
-msgid "Can handle PAM request"
+msgid "Can handle PAM requests"
msgstr ""
#. type: SH
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:24
#: helpers/basic_auth/PAM/basic_pam_auth.8:41
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:61
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:19
+#: helpers/digest_auth/file/digest_file_auth.8:25
#: helpers/external_acl/ldap_group/squid_ldap_group.8:209
#: helpers/external_acl/session/squid_session.8:50
#: helpers/external_acl/unix_group/squid_unix_group.8:33
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:30
#: helpers/basic_auth/PAM/basic_pam_auth.8:80
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:85
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:75
+#: helpers/digest_auth/file/digest_file_auth.8:59
#: helpers/external_acl/ldap_group/squid_ldap_group.8:232
#: helpers/external_acl/session/squid_session.8:63
#: helpers/external_acl/unix_group/squid_unix_group.8:62 src/squid.8.in:216
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:63
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:77
+#: helpers/digest_auth/file/digest_file_auth.8:61
#: helpers/external_acl/ldap_group/squid_ldap_group.8:234
#: helpers/external_acl/unix_group/squid_unix_group.8:64
msgid "This program was written by"
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:71
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:32
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:93
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:80
+#: helpers/digest_auth/file/digest_file_auth.8:68
#: helpers/external_acl/ldap_group/squid_ldap_group.8:243
#: helpers/external_acl/unix_group/squid_unix_group.8:67
msgid "This manual was written by"
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:37
#: helpers/basic_auth/PAM/basic_pam_auth.8:84
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:95
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:83
+#: helpers/digest_auth/file/digest_file_auth.8:71
#: helpers/external_acl/ldap_group/squid_ldap_group.8:245
#: helpers/external_acl/session/squid_session.8:67
#: helpers/external_acl/unix_group/squid_unix_group.8:69 src/squid.8.in:226
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:75
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:298
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:97
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:85
+#: helpers/digest_auth/file/digest_file_auth.8:73
#: helpers/external_acl/ldap_group/squid_ldap_group.8:247
#: helpers/external_acl/session/squid_session.8:69
#: helpers/external_acl/unix_group/squid_unix_group.8:71
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:300
#: helpers/basic_auth/PAM/basic_pam_auth.8:91
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:99
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:87
+#: helpers/digest_auth/file/digest_file_auth.8:75
#: helpers/external_acl/ldap_group/squid_ldap_group.8:249
#: helpers/external_acl/session/squid_session.8:71
#: helpers/external_acl/unix_group/squid_unix_group.8:73
#: tools/cachemgr.cgi.8.in:59 tools/squidclient.1:171
msgid ""
"Distributed under the GNU General Public License (GNU GPL) version 2 or "
-"later (GPL2+)."
+"later (GPLv2+)."
msgstr ""
#. type: SH
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:50
#: helpers/basic_auth/PAM/basic_pam_auth.8:92
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:100
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:88
+#: helpers/digest_auth/file/digest_file_auth.8:76
#: helpers/external_acl/ldap_group/squid_ldap_group.8:250
#: helpers/external_acl/session/squid_session.8:72
#: helpers/external_acl/unix_group/squid_unix_group.8:74 src/squid.8.in:243
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:53
#: helpers/basic_auth/PAM/basic_pam_auth.8:95
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:103
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:91
+#: helpers/digest_auth/file/digest_file_auth.8:79
#: helpers/external_acl/ldap_group/squid_ldap_group.8:253
#: helpers/external_acl/session/squid_session.8:75
#: helpers/external_acl/unix_group/squid_unix_group.8:77 src/squid.8.in:246
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:55
#: helpers/basic_auth/PAM/basic_pam_auth.8:97
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:108
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:93
+#: helpers/digest_auth/file/digest_file_auth.8:81
#: helpers/external_acl/ldap_group/squid_ldap_group.8:258
#: helpers/external_acl/session/squid_session.8:77
#: helpers/external_acl/unix_group/squid_unix_group.8:79 src/squid.8.in:248
msgstr "تقرير عن ثغرة"
#. type: Plain text
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:85
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:311
-#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:57
-#: helpers/basic_auth/PAM/basic_pam_auth.8:99
-#: helpers/basic_auth/RADIUS/basic_radius_auth.8:110
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:260
-#: helpers/external_acl/session/squid_session.8:79
-#: helpers/external_acl/unix_group/squid_unix_group.8:81 src/squid.8.in:250
-#: tools/cachemgr.cgi.8.in:67 tools/squidclient.1:179
-msgid "Report bugs or bug fixes using http://bugs.squid-cache.org/"
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:86
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:312
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:58
+#: helpers/basic_auth/PAM/basic_pam_auth.8:100
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:111
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:96
+#: helpers/digest_auth/file/digest_file_auth.8:84
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:261
+#: helpers/external_acl/session/squid_session.8:80
+#: helpers/external_acl/unix_group/squid_unix_group.8:82 src/squid.8.in:251
+msgid ""
+"Bug reports need to be made in English. See http://wiki.squid-cache.org/"
+"SquidFaq/BugReporting for details of what you need to include with your bug "
+"report."
msgstr ""
#. type: Plain text
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:60
#: helpers/basic_auth/PAM/basic_pam_auth.8:102
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:113
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:98
+#: helpers/digest_auth/file/digest_file_auth.8:86
#: helpers/external_acl/ldap_group/squid_ldap_group.8:263
#: helpers/external_acl/session/squid_session.8:82
#: helpers/external_acl/unix_group/squid_unix_group.8:84 src/squid.8.in:253
-#: tools/cachemgr.cgi.8.in:70 tools/squidclient.1:182
-msgid ""
-"Report serious security bugs to I<Squid Bugs E<lt>squid-bugs@squid-cache."
-"orgE<gt>>"
+#: tools/cachemgr.cgi.8.in:69 tools/squidclient.1:181
+msgid "Report bugs or bug fixes using http://bugs.squid-cache.org/"
msgstr ""
#. type: Plain text
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:63
#: helpers/basic_auth/PAM/basic_pam_auth.8:105
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:116
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:101
+#: helpers/digest_auth/file/digest_file_auth.8:89
#: helpers/external_acl/ldap_group/squid_ldap_group.8:266
#: helpers/external_acl/session/squid_session.8:85
#: helpers/external_acl/unix_group/squid_unix_group.8:87 src/squid.8.in:256
-#: tools/cachemgr.cgi.8.in:73 tools/squidclient.1:185
+#: tools/cachemgr.cgi.8.in:72 tools/squidclient.1:184
+msgid ""
+"Report serious security bugs to I<Squid Bugs E<lt>squid-bugs@squid-cache."
+"orgE<gt>>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:94
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:320
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:66
+#: helpers/basic_auth/PAM/basic_pam_auth.8:108
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:119
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:104
+#: helpers/digest_auth/file/digest_file_auth.8:92
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:269
+#: helpers/external_acl/session/squid_session.8:88
+#: helpers/external_acl/unix_group/squid_unix_group.8:90 src/squid.8.in:259
+#: tools/cachemgr.cgi.8.in:75 tools/squidclient.1:187
msgid ""
"Report ideas for new improvements to the I<Squid Developers mailing list>"
msgstr ""
#. type: SH
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:93
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:319
-#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:65
-#: helpers/basic_auth/PAM/basic_pam_auth.8:107
-#: helpers/basic_auth/RADIUS/basic_radius_auth.8:118
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:268
-#: helpers/external_acl/session/squid_session.8:87
-#: helpers/external_acl/unix_group/squid_unix_group.8:92 src/squid.8.in:258
-#: tools/cachemgr.cgi.8.in:75 tools/squidclient.1:187
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:96
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:322
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:68
+#: helpers/basic_auth/PAM/basic_pam_auth.8:110
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:121
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:106
+#: helpers/digest_auth/file/digest_file_auth.8:94
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:271
+#: helpers/external_acl/session/squid_session.8:90
+#: helpers/external_acl/unix_group/squid_unix_group.8:95 src/squid.8.in:261
+#: tools/cachemgr.cgi.8.in:77 tools/squidclient.1:189
#, no-wrap
msgid "SEE ALSO"
msgstr "قرآءه الكُل"
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:20
#: helpers/basic_auth/PAM/basic_pam_auth.8:21
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:31
+#: helpers/digest_auth/file/digest_file_auth.8:20
#: helpers/external_acl/ldap_group/squid_ldap_group.8:49
#: helpers/external_acl/session/squid_session.8:26
#: helpers/external_acl/unix_group/squid_unix_group.8:19 src/squid.8.in:59
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:324
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:327
msgid "Your favorite LDAP documentation."
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:325
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:275
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:328
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:278
msgid "B<RFC2254> - The String Representation of LDAP Search Filters,"
msgstr ""
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/PAM/basic_pam_auth.8:114
+#: helpers/basic_auth/PAM/basic_pam_auth.8:117
msgid "PAM Systems Administrator Guide"
msgstr ""
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/RADIUS/basic_radius_auth.8:121
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:124
msgid "B<RFC2058> - Remote Authentication Dial In User Service (RADIUS)"
msgstr ""
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:7
+msgid ""
+"Basic Authentication using SASL (specifically the cyrus-sasl authentication "
+"method)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:9
+#: helpers/digest_auth/file/digest_file_auth.8:9
+#: helpers/external_acl/session/squid_session.8:9
+msgid "Version 1.0"
+msgstr "النسخة 1.0"
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:18
+msgid ""
+"B<basic_sasl_auth> is an installed binary helper for Squid. SASL is "
+"configurable (somewhat like PAM). Each service authenticating against SASL "
+"identifies itself with an application name. Each application can be "
+"configured independently by the SASL administrator."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:24
+msgid ""
+"To configure the authentication method used the file B<basic_sasl_auth.conf> "
+"can be placed in the appropriate location, usually B</usr/lib/sasl.>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:31
+msgid ""
+"The authentication database is defined by the B<pwcheck_method> parameter. "
+"Only the B<PLAIN> authentication mechanism is used."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:33
+msgid "Examples:"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:36
+msgid "use sasldb - the default if no conf file is installed."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:38
+#, no-wrap
+msgid " - use PAM authentication database\n"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:41
+#, no-wrap
+msgid ""
+" - use traditional \n"
+"B</etc/passwd>\n"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:43
+#, no-wrap
+msgid " - use slightly less traditional /etc/shadow\n"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:46
+msgid ""
+"Others methods may be supported by your cyrus-sasl implementation - consult "
+"your cyrus-sasl documentation for information."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:59
+msgid ""
+"Typically the authentication database ( B</etc/sasldb> , B</etc/shadow> , "
+"B<PAM> ) can not be accessed by a normal user. You should use setuid/setgid "
+"and an appropriate user/group on the executable to allow the authenticator "
+"to access the appropriate password database. If the access to the database "
+"is not permitted then the authenticator will typically fail with \"-1, "
+"generic error\"."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:74
+msgid ""
+"If the application name B<basic_sasl_auth> will also be used for the PAM "
+"service name if B<pwcheck_method:pam> is chosen. And example PAM "
+"configuration file B<basic_sasl_auth.pam> is also included."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:116
+#: helpers/digest_auth/file/digest_file_auth.8:98 src/squid.8.in:271
+msgid "The Squid FAQ wiki"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:119
+#: helpers/digest_auth/file/digest_file_auth.8:101 src/squid.8.in:274
+msgid "The Squid Configuration Manual"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:7
+msgid "File based digest authentication helper for Squid."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:14 tools/squidclient.1:30
+msgid "file"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:19
+msgid ""
+"B<digest_file_auth> is an installed binary authentication program for Squid. "
+"It handles digest authentication protocol and authenticates against a text "
+"file backend."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:24
+msgid ""
+"Accept digest hashed passwords rather than plaintext in the password file"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:28
+msgid "Username database file format:"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:28
+#, no-wrap
+msgid "- comment lines are possible and should start with a '#';"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:31
+#, no-wrap
+msgid "- empty or blank lines are possible;"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:34
+#, no-wrap
+msgid "- plaintext entry format is username:password"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:37
+#, no-wrap
+msgid "- HA1 entry format is username:realm:HA1"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:50
+msgid ""
+"To build a directory integrated backend, you need to be able to calculate "
+"the HA1 returned to squid. To avoid storing a plaintext password you can "
+"calculate B<MD5(username:realm:password)> when the user changes their "
+"password, and store the tuple B<username:realm:HA1.> then find the matching "
+"B<username:realm> when squid asks for the HA1."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:58
+msgid ""
+"This implementation could be improved by using such a triple for the file "
+"format. However storing such a triple does little to improve security: If "
+"compromised the B<username:realm:HA1> combination is \"plaintext equivalent"
+"\" - for the purposes of digest authentication they allow the user access. "
+"Password syncronisation is not tackled by digest - just preventing on the "
+"wire compromise."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:64
+msgid "Based on prior work by"
+msgstr ""
+
#. type: Plain text
#: helpers/external_acl/ldap_group/squid_ldap_group.8:7
msgid "Squid LDAP external acl group helper"
msgstr ""
#. type: Plain text
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:274
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:277
msgid "Your favorite LDAP documentation"
msgstr ""
msgid "Squid session tracking external acl group helper."
msgstr ""
-#. type: Plain text
-#: helpers/external_acl/session/squid_session.8:9
-msgid "Version 1.0"
-msgstr "النسخة 1.0"
-
#. type: Plain text
#: helpers/external_acl/session/squid_session.8:16
msgid "database"
msgstr ""
#. type: Plain text
-#: helpers/external_acl/unix_group/squid_unix_group.8:90
+#: helpers/external_acl/unix_group/squid_unix_group.8:93
msgid "Additionally bugs or bug-fixes can be reported to"
msgstr ""
"contributions."
msgstr ""
-#. type: Plain text
-#: src/squid.8.in:268
-msgid "The Squid FAQ wiki"
-msgstr ""
-
-#. type: Plain text
-#: src/squid.8.in:271
-msgid "The Squid Configuration Manual"
-msgstr ""
-
#. type: Plain text
#: tools/cachemgr.cgi.8.in:7
msgid "Squid HTTP proxy manager CGI web interface"
"Foundation."
msgstr ""
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:67 tools/squidclient.1:179
+msgid ""
+"See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what "
+"you need to include with your bug report."
+msgstr ""
+
#. type: Plain text
#: tools/squidclient.1:7
msgid "A simple HTTP web client tool"
msgid "method"
msgstr ""
-#. type: Plain text
-#: tools/squidclient.1:30
-msgid "file"
-msgstr ""
-
#. type: Plain text
#: tools/squidclient.1:36 tools/squidclient.1:38
msgid "user"
-# Czech translation for squid
-# Copyright (c) 2009 Rosetta Contributors and Canonical Ltd 2009
-# This file is distributed under the same license as the squid package.
-# FIRST AUTHOR <EMAIL@ADDRESS>, 2009.
-#
+# SOME DESCRIPTIVE TITLE
+# Copyright (C) YEAR Free Software Foundation, Inc.
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: squid\n"
"Report-Msgid-Bugs-To: FULL NAME <EMAIL@ADDRESS>\n"
-"POT-Creation-Date: 2010-02-13 00:05+1400\n"
+"POT-Creation-Date: 2010-05-01 00:17+1200\n"
"PO-Revision-Date: 2009-11-18 14:09+0000\n"
"Last-Translator: Kuvaly <kuvaly@seznam.cz>\n"
"Language-Team: Czech <cs@li.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
-"X-Launchpad-Export-Date: 2010-01-10 09:16+0000\n"
-"X-Generator: Launchpad (build Unknown)\n"
+"X-Generator: Translate Toolkit 1.5.3\n"
#. type: SH
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:3
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:3
#: helpers/basic_auth/PAM/basic_pam_auth.8:3
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:3
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:3
+#: helpers/digest_auth/file/digest_file_auth.8:3
#: helpers/external_acl/ldap_group/squid_ldap_group.8:3
#: helpers/external_acl/session/squid_session.8:3
#: helpers/external_acl/unix_group/squid_unix_group.8:3 src/squid.8.in:3
#: tools/cachemgr.cgi.8.in:3 tools/squidclient.1:3
#, no-wrap
msgid "NAME"
-msgstr "JMÉNO"
+msgstr ""
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:7
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:8
#: helpers/basic_auth/PAM/basic_pam_auth.8:8
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:8
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:10
+#: helpers/digest_auth/file/digest_file_auth.8:10
#: helpers/external_acl/ldap_group/squid_ldap_group.8:10
#: helpers/external_acl/session/squid_session.8:10
#: helpers/external_acl/unix_group/squid_unix_group.8:8 src/squid.8.in:8
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:12
#: helpers/basic_auth/PAM/basic_pam_auth.8:15
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:26
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:13
+#: helpers/digest_auth/file/digest_file_auth.8:15
#: helpers/external_acl/ldap_group/squid_ldap_group.8:26
#: helpers/external_acl/session/squid_session.8:18
#: helpers/external_acl/unix_group/squid_unix_group.8:15 src/squid.8.in:25
#: tools/cachemgr.cgi.8.in:11 tools/squidclient.1:47
#, no-wrap
msgid "DESCRIPTION"
-msgstr "POPIS"
+msgstr ""
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:15
#. type: TP
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:29
#, no-wrap
-msgid "Can handle LDAP request"
+msgid "Can handle LDAP requests"
msgstr ""
#. type: TP
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:31
#, no-wrap
-msgid "Can handle PAM request"
+msgid "Can handle PAM requests"
msgstr ""
#. type: SH
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:24
#: helpers/basic_auth/PAM/basic_pam_auth.8:41
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:61
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:19
+#: helpers/digest_auth/file/digest_file_auth.8:25
#: helpers/external_acl/ldap_group/squid_ldap_group.8:209
#: helpers/external_acl/session/squid_session.8:50
#: helpers/external_acl/unix_group/squid_unix_group.8:33
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:30
#: helpers/basic_auth/PAM/basic_pam_auth.8:80
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:85
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:75
+#: helpers/digest_auth/file/digest_file_auth.8:59
#: helpers/external_acl/ldap_group/squid_ldap_group.8:232
#: helpers/external_acl/session/squid_session.8:63
#: helpers/external_acl/unix_group/squid_unix_group.8:62 src/squid.8.in:216
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:63
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:77
+#: helpers/digest_auth/file/digest_file_auth.8:61
#: helpers/external_acl/ldap_group/squid_ldap_group.8:234
#: helpers/external_acl/unix_group/squid_unix_group.8:64
msgid "This program was written by"
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:71
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:32
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:93
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:80
+#: helpers/digest_auth/file/digest_file_auth.8:68
#: helpers/external_acl/ldap_group/squid_ldap_group.8:243
#: helpers/external_acl/unix_group/squid_unix_group.8:67
msgid "This manual was written by"
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:37
#: helpers/basic_auth/PAM/basic_pam_auth.8:84
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:95
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:83
+#: helpers/digest_auth/file/digest_file_auth.8:71
#: helpers/external_acl/ldap_group/squid_ldap_group.8:245
#: helpers/external_acl/session/squid_session.8:67
#: helpers/external_acl/unix_group/squid_unix_group.8:69 src/squid.8.in:226
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:75
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:298
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:97
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:85
+#: helpers/digest_auth/file/digest_file_auth.8:73
#: helpers/external_acl/ldap_group/squid_ldap_group.8:247
#: helpers/external_acl/session/squid_session.8:69
#: helpers/external_acl/unix_group/squid_unix_group.8:71
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:300
#: helpers/basic_auth/PAM/basic_pam_auth.8:91
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:99
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:87
+#: helpers/digest_auth/file/digest_file_auth.8:75
#: helpers/external_acl/ldap_group/squid_ldap_group.8:249
#: helpers/external_acl/session/squid_session.8:71
#: helpers/external_acl/unix_group/squid_unix_group.8:73
#: tools/cachemgr.cgi.8.in:59 tools/squidclient.1:171
msgid ""
"Distributed under the GNU General Public License (GNU GPL) version 2 or "
-"later (GPL2+)."
+"later (GPLv2+)."
msgstr ""
#. type: SH
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:50
#: helpers/basic_auth/PAM/basic_pam_auth.8:92
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:100
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:88
+#: helpers/digest_auth/file/digest_file_auth.8:76
#: helpers/external_acl/ldap_group/squid_ldap_group.8:250
#: helpers/external_acl/session/squid_session.8:72
#: helpers/external_acl/unix_group/squid_unix_group.8:74 src/squid.8.in:243
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:53
#: helpers/basic_auth/PAM/basic_pam_auth.8:95
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:103
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:91
+#: helpers/digest_auth/file/digest_file_auth.8:79
#: helpers/external_acl/ldap_group/squid_ldap_group.8:253
#: helpers/external_acl/session/squid_session.8:75
#: helpers/external_acl/unix_group/squid_unix_group.8:77 src/squid.8.in:246
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:55
#: helpers/basic_auth/PAM/basic_pam_auth.8:97
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:108
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:93
+#: helpers/digest_auth/file/digest_file_auth.8:81
#: helpers/external_acl/ldap_group/squid_ldap_group.8:258
#: helpers/external_acl/session/squid_session.8:77
#: helpers/external_acl/unix_group/squid_unix_group.8:79 src/squid.8.in:248
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:85
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:311
-#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:57
-#: helpers/basic_auth/PAM/basic_pam_auth.8:99
-#: helpers/basic_auth/RADIUS/basic_radius_auth.8:110
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:260
-#: helpers/external_acl/session/squid_session.8:79
-#: helpers/external_acl/unix_group/squid_unix_group.8:81 src/squid.8.in:250
-#: tools/cachemgr.cgi.8.in:67 tools/squidclient.1:179
-msgid "Report bugs or bug fixes using http://bugs.squid-cache.org/"
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:86
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:312
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:58
+#: helpers/basic_auth/PAM/basic_pam_auth.8:100
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:111
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:96
+#: helpers/digest_auth/file/digest_file_auth.8:84
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:261
+#: helpers/external_acl/session/squid_session.8:80
+#: helpers/external_acl/unix_group/squid_unix_group.8:82 src/squid.8.in:251
+msgid ""
+"Bug reports need to be made in English. See http://wiki.squid-cache.org/"
+"SquidFaq/BugReporting for details of what you need to include with your bug "
+"report."
msgstr ""
#. type: Plain text
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:60
#: helpers/basic_auth/PAM/basic_pam_auth.8:102
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:113
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:98
+#: helpers/digest_auth/file/digest_file_auth.8:86
#: helpers/external_acl/ldap_group/squid_ldap_group.8:263
#: helpers/external_acl/session/squid_session.8:82
#: helpers/external_acl/unix_group/squid_unix_group.8:84 src/squid.8.in:253
-#: tools/cachemgr.cgi.8.in:70 tools/squidclient.1:182
-msgid ""
-"Report serious security bugs to I<Squid Bugs E<lt>squid-bugs@squid-cache."
-"orgE<gt>>"
+#: tools/cachemgr.cgi.8.in:69 tools/squidclient.1:181
+msgid "Report bugs or bug fixes using http://bugs.squid-cache.org/"
msgstr ""
#. type: Plain text
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:63
#: helpers/basic_auth/PAM/basic_pam_auth.8:105
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:116
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:101
+#: helpers/digest_auth/file/digest_file_auth.8:89
#: helpers/external_acl/ldap_group/squid_ldap_group.8:266
#: helpers/external_acl/session/squid_session.8:85
#: helpers/external_acl/unix_group/squid_unix_group.8:87 src/squid.8.in:256
-#: tools/cachemgr.cgi.8.in:73 tools/squidclient.1:185
+#: tools/cachemgr.cgi.8.in:72 tools/squidclient.1:184
+msgid ""
+"Report serious security bugs to I<Squid Bugs E<lt>squid-bugs@squid-cache."
+"orgE<gt>>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:94
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:320
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:66
+#: helpers/basic_auth/PAM/basic_pam_auth.8:108
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:119
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:104
+#: helpers/digest_auth/file/digest_file_auth.8:92
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:269
+#: helpers/external_acl/session/squid_session.8:88
+#: helpers/external_acl/unix_group/squid_unix_group.8:90 src/squid.8.in:259
+#: tools/cachemgr.cgi.8.in:75 tools/squidclient.1:187
msgid ""
"Report ideas for new improvements to the I<Squid Developers mailing list>"
msgstr ""
#. type: SH
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:93
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:319
-#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:65
-#: helpers/basic_auth/PAM/basic_pam_auth.8:107
-#: helpers/basic_auth/RADIUS/basic_radius_auth.8:118
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:268
-#: helpers/external_acl/session/squid_session.8:87
-#: helpers/external_acl/unix_group/squid_unix_group.8:92 src/squid.8.in:258
-#: tools/cachemgr.cgi.8.in:75 tools/squidclient.1:187
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:96
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:322
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:68
+#: helpers/basic_auth/PAM/basic_pam_auth.8:110
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:121
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:106
+#: helpers/digest_auth/file/digest_file_auth.8:94
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:271
+#: helpers/external_acl/session/squid_session.8:90
+#: helpers/external_acl/unix_group/squid_unix_group.8:95 src/squid.8.in:261
+#: tools/cachemgr.cgi.8.in:77 tools/squidclient.1:189
#, no-wrap
msgid "SEE ALSO"
-msgstr "VIZ TAKÉ"
+msgstr ""
#. type: Plain text
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:7
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:16
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:31
#: helpers/external_acl/ldap_group/squid_ldap_group.8:18
-#, fuzzy
msgid "options"
-msgstr "-O nastavení"
+msgstr ""
#. type: Plain text
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:18
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:20
#: helpers/basic_auth/PAM/basic_pam_auth.8:21
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:31
+#: helpers/digest_auth/file/digest_file_auth.8:20
#: helpers/external_acl/ldap_group/squid_ldap_group.8:49
#: helpers/external_acl/session/squid_session.8:26
#: helpers/external_acl/unix_group/squid_unix_group.8:19 src/squid.8.in:59
#: tools/squidclient.1:56
#, no-wrap
msgid "OPTIONS"
-msgstr "MOŽNOSTI"
+msgstr ""
#. type: Plain text
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:67
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:324
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:327
msgid "Your favorite LDAP documentation."
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:325
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:275
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:328
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:278
msgid "B<RFC2254> - The String Representation of LDAP Search Filters,"
msgstr ""
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/PAM/basic_pam_auth.8:114
+#: helpers/basic_auth/PAM/basic_pam_auth.8:117
msgid "PAM Systems Administrator Guide"
msgstr ""
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/RADIUS/basic_radius_auth.8:121
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:124
msgid "B<RFC2058> - Remote Authentication Dial In User Service (RADIUS)"
msgstr ""
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:7
+msgid ""
+"Basic Authentication using SASL (specifically the cyrus-sasl authentication "
+"method)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:9
+#: helpers/digest_auth/file/digest_file_auth.8:9
+#: helpers/external_acl/session/squid_session.8:9
+msgid "Version 1.0"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:18
+msgid ""
+"B<basic_sasl_auth> is an installed binary helper for Squid. SASL is "
+"configurable (somewhat like PAM). Each service authenticating against SASL "
+"identifies itself with an application name. Each application can be "
+"configured independently by the SASL administrator."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:24
+msgid ""
+"To configure the authentication method used the file B<basic_sasl_auth.conf> "
+"can be placed in the appropriate location, usually B</usr/lib/sasl.>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:31
+msgid ""
+"The authentication database is defined by the B<pwcheck_method> parameter. "
+"Only the B<PLAIN> authentication mechanism is used."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:33
+msgid "Examples:"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:36
+msgid "use sasldb - the default if no conf file is installed."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:38
+#, no-wrap
+msgid " - use PAM authentication database\n"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:41
+#, no-wrap
+msgid ""
+" - use traditional \n"
+"B</etc/passwd>\n"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:43
+#, no-wrap
+msgid " - use slightly less traditional /etc/shadow\n"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:46
+msgid ""
+"Others methods may be supported by your cyrus-sasl implementation - consult "
+"your cyrus-sasl documentation for information."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:59
+msgid ""
+"Typically the authentication database ( B</etc/sasldb> , B</etc/shadow> , "
+"B<PAM> ) can not be accessed by a normal user. You should use setuid/setgid "
+"and an appropriate user/group on the executable to allow the authenticator "
+"to access the appropriate password database. If the access to the database "
+"is not permitted then the authenticator will typically fail with \"-1, "
+"generic error\"."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:74
+msgid ""
+"If the application name B<basic_sasl_auth> will also be used for the PAM "
+"service name if B<pwcheck_method:pam> is chosen. And example PAM "
+"configuration file B<basic_sasl_auth.pam> is also included."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:116
+#: helpers/digest_auth/file/digest_file_auth.8:98 src/squid.8.in:271
+msgid "The Squid FAQ wiki"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:119
+#: helpers/digest_auth/file/digest_file_auth.8:101 src/squid.8.in:274
+msgid "The Squid Configuration Manual"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:7
+msgid "File based digest authentication helper for Squid."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:14 tools/squidclient.1:30
+msgid "file"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:19
+msgid ""
+"B<digest_file_auth> is an installed binary authentication program for Squid. "
+"It handles digest authentication protocol and authenticates against a text "
+"file backend."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:24
+msgid ""
+"Accept digest hashed passwords rather than plaintext in the password file"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:28
+msgid "Username database file format:"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:28
+#, no-wrap
+msgid "- comment lines are possible and should start with a '#';"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:31
+#, no-wrap
+msgid "- empty or blank lines are possible;"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:34
+#, no-wrap
+msgid "- plaintext entry format is username:password"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:37
+#, no-wrap
+msgid "- HA1 entry format is username:realm:HA1"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:50
+msgid ""
+"To build a directory integrated backend, you need to be able to calculate "
+"the HA1 returned to squid. To avoid storing a plaintext password you can "
+"calculate B<MD5(username:realm:password)> when the user changes their "
+"password, and store the tuple B<username:realm:HA1.> then find the matching "
+"B<username:realm> when squid asks for the HA1."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:58
+msgid ""
+"This implementation could be improved by using such a triple for the file "
+"format. However storing such a triple does little to improve security: If "
+"compromised the B<username:realm:HA1> combination is \"plaintext equivalent"
+"\" - for the purposes of digest authentication they allow the user access. "
+"Password syncronisation is not tackled by digest - just preventing on the "
+"wire compromise."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:64
+msgid "Based on prior work by"
+msgstr ""
+
#. type: Plain text
#: helpers/external_acl/ldap_group/squid_ldap_group.8:7
msgid "Squid LDAP external acl group helper"
msgstr ""
#. type: Plain text
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:274
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:277
msgid "Your favorite LDAP documentation"
msgstr ""
msgid "Squid session tracking external acl group helper."
msgstr ""
-#. type: Plain text
-#: helpers/external_acl/session/squid_session.8:9
-msgid "Version 1.0"
-msgstr ""
-
#. type: Plain text
#: helpers/external_acl/session/squid_session.8:16
msgid "database"
msgstr ""
#. type: Plain text
-#: helpers/external_acl/unix_group/squid_unix_group.8:90
+#: helpers/external_acl/unix_group/squid_unix_group.8:93
msgid "Additionally bugs or bug-fixes can be reported to"
msgstr ""
#. type: Plain text
#: src/squid.8.in:70
msgid "Do not catch fatal signals."
-msgstr "Nemohu zachytit rozhodující signály."
+msgstr ""
#. type: Plain text
#: src/squid.8.in:74
#. type: Plain text
#: src/squid.8.in:90
msgid "Don't serve any requests until store is rebuilt."
-msgstr "Nepodáváme žádné žádosti na přestavbu do úložiště."
+msgstr ""
#. type: Plain text
#: src/squid.8.in:94
msgid "Print help message."
-msgstr "Vytiskout pomocnou zprávu."
+msgstr ""
#. type: Plain text
#: src/squid.8.in:100
#: src/squid.8.in:171
#, no-wrap
msgid "FILES"
-msgstr "SOUBORY"
+msgstr ""
#. type: Plain text
#: src/squid.8.in:173
"contributions."
msgstr ""
-#. type: Plain text
-#: src/squid.8.in:268
-msgid "The Squid FAQ wiki"
-msgstr ""
-
-#. type: Plain text
-#: src/squid.8.in:271
-msgid "The Squid Configuration Manual"
-msgstr ""
-
#. type: Plain text
#: tools/cachemgr.cgi.8.in:7
msgid "Squid HTTP proxy manager CGI web interface"
#: tools/cachemgr.cgi.8.in:43
#, no-wrap
msgid "SECURITY"
-msgstr "BEZPEČNOST"
+msgstr ""
#. type: Plain text
#: tools/cachemgr.cgi.8.in:50
"Foundation."
msgstr ""
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:67 tools/squidclient.1:179
+msgid ""
+"See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what "
+"you need to include with your bug report."
+msgstr ""
+
#. type: Plain text
#: tools/squidclient.1:7
msgid "A simple HTTP web client tool"
msgid "method"
msgstr ""
-#. type: Plain text
-#: tools/squidclient.1:30
-msgid "file"
-msgstr ""
-
#. type: Plain text
#: tools/squidclient.1:36 tools/squidclient.1:38
msgid "user"
#: tools/squidclient.1:162
msgid "WWW authentication password"
msgstr ""
-
-#~ msgid "squid"
-#~ msgstr "squid"
-
-#, fuzzy
-#~ msgid "squidclient"
-#~ msgstr "squid"
-
-#, fuzzy
-#~ msgid "B<squidclient>"
-#~ msgstr "squid"
-
-#, fuzzy
-#~ msgid "B<squid>"
-#~ msgstr "squid"
-
-#~ msgid "-n name"
-#~ msgstr "-n název"
msgstr ""
"Project-Id-Version: squid\n"
"Report-Msgid-Bugs-To: FULL NAME <EMAIL@ADDRESS>\n"
-"POT-Creation-Date: 2010-02-13 00:05+1400\n"
-"PO-Revision-Date: 2009-12-06 15:21+0000\n"
-"Last-Translator: MartinK <Unknown>\n"
+"POT-Creation-Date: 2010-05-01 00:17+1200\n"
+"PO-Revision-Date: 2010-06-06 10:48+0200\n"
+"Last-Translator: Robert Förster <Dessa@gmake.de>\n"
"Language-Team: German <de@li.org>\n"
+"Language: de\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Generator: Pootle 2.0.1\n"
"X-Launchpad-Export-Date: 2010-01-10 09:12+0000\n"
-"X-Generator: Launchpad (build Unknown)\n"
#. type: SH
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:3
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:3
#: helpers/basic_auth/PAM/basic_pam_auth.8:3
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:3
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:3
+#: helpers/digest_auth/file/digest_file_auth.8:3
#: helpers/external_acl/ldap_group/squid_ldap_group.8:3
#: helpers/external_acl/session/squid_session.8:3
#: helpers/external_acl/unix_group/squid_unix_group.8:3 src/squid.8.in:3
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:7
msgid "Local Users auth helper for Squid"
-msgstr ""
+msgstr "Authentifizierungshelfer für lokale Nutzer von Squid"
#. type: SH
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:8
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:8
#: helpers/basic_auth/PAM/basic_pam_auth.8:8
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:8
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:10
+#: helpers/digest_auth/file/digest_file_auth.8:10
#: helpers/external_acl/ldap_group/squid_ldap_group.8:10
#: helpers/external_acl/session/squid_session.8:10
#: helpers/external_acl/unix_group/squid_unix_group.8:8 src/squid.8.in:8
#: tools/cachemgr.cgi.8.in:8 tools/squidclient.1:8
#, no-wrap
msgid "SYNOPSIS"
-msgstr "ÜBERSICHT"
+msgstr "SYNTAX"
#. type: SH
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:11
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:12
#: helpers/basic_auth/PAM/basic_pam_auth.8:15
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:26
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:13
+#: helpers/digest_auth/file/digest_file_auth.8:15
#: helpers/external_acl/ldap_group/squid_ldap_group.8:26
#: helpers/external_acl/session/squid_session.8:18
#: helpers/external_acl/unix_group/squid_unix_group.8:15 src/squid.8.in:25
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:15
-#, fuzzy
msgid ""
"B<basic_getpwnam_auth> allows Squid to authenticate any local user accounts "
"to validate the user name and password of Basic HTTP authentication."
msgstr ""
-"Dieser Helfer erlaubt Squid sich mit einem RADIUS Server zu verbinden, um "
-"den Benutzernamen und das Passwort einer Basic HTTP Authentifizierung zu "
-"bestätigen."
+"B<basic_getpwnam_auth> erlaubt Squid, lokale Benutzeraccounts zu "
+"authentifizieren indem Benutzername und Passwort mittels HTTP-"
+"Authentifizierung überprüft werden."
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:21
msgid "It uses B<getpwnam()> and B<getspnam()> routines for authentication."
msgstr ""
+"Er nutzt B<getpwnam()> und B<getspnam()> Routinen zur Authentifizierung."
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:23
msgid "This has the following advantages over the NCSA module:"
-msgstr ""
+msgstr "Das hat folgende Vorteile gegenüber dem NCSA Modul:"
#. type: TP
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:23
#, no-wrap
msgid "Allows authentication of all known local users"
-msgstr ""
+msgstr "Erlaubt die Authentifizierung aller Lokal bekannten Nutzer"
#. type: TP
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:25
#, no-wrap
msgid "Allows authentication through nsswitch.conf"
-msgstr ""
+msgstr "Erlaubt die Authentifizierung mittels nsswitch.conf"
#. type: TP
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:27
#, no-wrap
msgid "Can handle NIS(+) requests"
-msgstr ""
+msgstr "Kann NIS(+) Anfragen verarbeiten"
#. type: TP
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:29
#, no-wrap
-msgid "Can handle LDAP request"
-msgstr ""
+msgid "Can handle LDAP requests"
+msgstr "Kann LDAP Anfragen verarbeiten"
#. type: TP
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:31
#, no-wrap
-msgid "Can handle PAM request"
-msgstr ""
+msgid "Can handle PAM requests"
+msgstr "Kann PAM Anfragen verarbeiten"
#. type: SH
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:34
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:24
#: helpers/basic_auth/PAM/basic_pam_auth.8:41
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:61
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:19
+#: helpers/digest_auth/file/digest_file_auth.8:25
#: helpers/external_acl/ldap_group/squid_ldap_group.8:209
#: helpers/external_acl/session/squid_session.8:50
#: helpers/external_acl/unix_group/squid_unix_group.8:33
#: tools/cachemgr.cgi.8.in:19
#, no-wrap
msgid "CONFIGURATION"
-msgstr ""
+msgstr "KONFIGURATION"
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:47
"recommended, but if you absolutely need to then make the program B<setuid> "
"B<root>"
msgstr ""
+"Wenn das Programm benutzt werden soll, gegen UNIX shadow Passwort "
+"Datenbanken zu Authentifizieren, muss es als root laufen, andernfalls wird "
+"es nicht berechtigt sein auf die Benutzer Passwort Datenbank zuzugreifen. "
+"Derartige Nutzung des Programms ist nicht empfohlen, aber wenn sie dies "
+"unbedigt benötigen, muss das Programm B<setuid> B<root> sein."
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:60
"author cannot be held responsible for any security issues due to such "
"installations."
msgstr ""
+"Bitte beachten sie, dass in derartiger Konfiguration dringend empfohlen wird "
+"das Programm in ein Verzeichnis zu verschieben wo normale Nutzer keinen "
+"Zugriff haben, da andernfalls ein Brute-forcen der Passwörter anderer "
+"Benutzer durch lokale Nutzer möglich wäre. Beachten sie ausserdem, dass das "
+"Programm keiner vollständigen Sicherheitsprüfung unterzogen wurde und der "
+"Author nicht für Sicherheitsprobleme, die durch derartige Nutzung entstehen, "
+"haftbar gemacht werden kann."
#. type: SH
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:61
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:30
#: helpers/basic_auth/PAM/basic_pam_auth.8:80
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:85
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:75
+#: helpers/digest_auth/file/digest_file_auth.8:59
#: helpers/external_acl/ldap_group/squid_ldap_group.8:232
#: helpers/external_acl/session/squid_session.8:63
#: helpers/external_acl/unix_group/squid_unix_group.8:62 src/squid.8.in:216
#: tools/cachemgr.cgi.8.in:51 tools/squidclient.1:163
#, no-wrap
msgid "AUTHOR"
-msgstr ""
+msgstr "AUTOR"
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:63
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:77
+#: helpers/digest_auth/file/digest_file_auth.8:61
#: helpers/external_acl/ldap_group/squid_ldap_group.8:234
#: helpers/external_acl/unix_group/squid_unix_group.8:64
msgid "This program was written by"
-msgstr ""
+msgstr "Dieses Programm wurde geschrieben von"
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:68
msgid "Based on original code by"
-msgstr ""
+msgstr "Basiert auf Originalcode von"
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:71
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:32
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:93
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:80
+#: helpers/digest_auth/file/digest_file_auth.8:68
#: helpers/external_acl/ldap_group/squid_ldap_group.8:243
#: helpers/external_acl/unix_group/squid_unix_group.8:67
msgid "This manual was written by"
-msgstr ""
+msgstr "Dieses Handbuch wurde geschrieben von"
#. type: SH
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:73
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:37
#: helpers/basic_auth/PAM/basic_pam_auth.8:84
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:95
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:83
+#: helpers/digest_auth/file/digest_file_auth.8:71
#: helpers/external_acl/ldap_group/squid_ldap_group.8:245
#: helpers/external_acl/session/squid_session.8:67
#: helpers/external_acl/unix_group/squid_unix_group.8:69 src/squid.8.in:226
#: tools/cachemgr.cgi.8.in:57 tools/squidclient.1:169
#, no-wrap
msgid "COPYRIGHT"
-msgstr ""
+msgstr "COPYRIGHT"
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:75
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:298
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:97
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:85
+#: helpers/digest_auth/file/digest_file_auth.8:73
#: helpers/external_acl/ldap_group/squid_ldap_group.8:247
#: helpers/external_acl/session/squid_session.8:69
#: helpers/external_acl/unix_group/squid_unix_group.8:71
msgid "This program and documentation is copyright to the authors named above."
msgstr ""
+"Dieses Programm sowie die Dokumentation unterliegt dem Copyright der oben "
+"genannten Autoren."
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:77
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:300
#: helpers/basic_auth/PAM/basic_pam_auth.8:91
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:99
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:87
+#: helpers/digest_auth/file/digest_file_auth.8:75
#: helpers/external_acl/ldap_group/squid_ldap_group.8:249
#: helpers/external_acl/session/squid_session.8:71
#: helpers/external_acl/unix_group/squid_unix_group.8:73
#: tools/cachemgr.cgi.8.in:59 tools/squidclient.1:171
msgid ""
"Distributed under the GNU General Public License (GNU GPL) version 2 or "
-"later (GPL2+)."
+"later (GPLv2+)."
msgstr ""
+"Verfügbar unter der GNU General Public License (GNU GPL) Version 2 oder "
+"später (GPL2+)."
#. type: SH
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:78
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:50
#: helpers/basic_auth/PAM/basic_pam_auth.8:92
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:100
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:88
+#: helpers/digest_auth/file/digest_file_auth.8:76
#: helpers/external_acl/ldap_group/squid_ldap_group.8:250
#: helpers/external_acl/session/squid_session.8:72
#: helpers/external_acl/unix_group/squid_unix_group.8:74 src/squid.8.in:243
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:53
#: helpers/basic_auth/PAM/basic_pam_auth.8:95
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:103
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:91
+#: helpers/digest_auth/file/digest_file_auth.8:79
#: helpers/external_acl/ldap_group/squid_ldap_group.8:253
#: helpers/external_acl/session/squid_session.8:75
#: helpers/external_acl/unix_group/squid_unix_group.8:77 src/squid.8.in:246
#: tools/cachemgr.cgi.8.in:63 tools/squidclient.1:175
-#, fuzzy
msgid ""
"Questions on the usage of this program can be sent to the I<Squid Users "
"mailing list>"
msgstr ""
-"Fragen zur Verwendung dieses Programms können an die I<Squid Users "
-"E<lt>squid-users@squid-cache.orgE<gt>> Mailingliste gesendet werden."
+"Fragen zur Verwendung dieses Programms können an die I<Squid Users mailing "
+"list> gesendet werden."
#. type: SH
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:83
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:55
#: helpers/basic_auth/PAM/basic_pam_auth.8:97
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:108
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:93
+#: helpers/digest_auth/file/digest_file_auth.8:81
#: helpers/external_acl/ldap_group/squid_ldap_group.8:258
#: helpers/external_acl/session/squid_session.8:77
#: helpers/external_acl/unix_group/squid_unix_group.8:79 src/squid.8.in:248
#: tools/cachemgr.cgi.8.in:65 tools/squidclient.1:177
#, no-wrap
msgid "REPORTING BUGS"
-msgstr ""
+msgstr "BUGS MELDEN"
#. type: Plain text
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:85
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:311
-#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:57
-#: helpers/basic_auth/PAM/basic_pam_auth.8:99
-#: helpers/basic_auth/RADIUS/basic_radius_auth.8:110
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:260
-#: helpers/external_acl/session/squid_session.8:79
-#: helpers/external_acl/unix_group/squid_unix_group.8:81 src/squid.8.in:250
-#: tools/cachemgr.cgi.8.in:67 tools/squidclient.1:179
-msgid "Report bugs or bug fixes using http://bugs.squid-cache.org/"
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:86
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:312
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:58
+#: helpers/basic_auth/PAM/basic_pam_auth.8:100
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:111
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:96
+#: helpers/digest_auth/file/digest_file_auth.8:84
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:261
+#: helpers/external_acl/session/squid_session.8:80
+#: helpers/external_acl/unix_group/squid_unix_group.8:82 src/squid.8.in:251
+msgid ""
+"Bug reports need to be made in English. See http://wiki.squid-cache.org/"
+"SquidFaq/BugReporting for details of what you need to include with your bug "
+"report."
msgstr ""
+"Bugreports müssen in englischer Sprache verfasst werden. Siehe http://wiki."
+"squid-cache.org/SquidFaq/BugReporting für Details was darin Enthalten sein "
+"muss."
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:88
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:60
#: helpers/basic_auth/PAM/basic_pam_auth.8:102
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:113
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:98
+#: helpers/digest_auth/file/digest_file_auth.8:86
#: helpers/external_acl/ldap_group/squid_ldap_group.8:263
#: helpers/external_acl/session/squid_session.8:82
#: helpers/external_acl/unix_group/squid_unix_group.8:84 src/squid.8.in:253
-#: tools/cachemgr.cgi.8.in:70 tools/squidclient.1:182
-#, fuzzy
-msgid ""
-"Report serious security bugs to I<Squid Bugs E<lt>squid-bugs@squid-cache."
-"orgE<gt>>"
-msgstr ""
-"Fragen zur Verwendung dieses Programms können an die I<Squid Users "
-"E<lt>squid-users@squid-cache.orgE<gt>> Mailingliste gesendet werden."
+#: tools/cachemgr.cgi.8.in:69 tools/squidclient.1:181
+msgid "Report bugs or bug fixes using http://bugs.squid-cache.org/"
+msgstr "Melden sie Bugs oder Bugfixes unter http://bugs.squid-cache.org/"
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:91
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:63
#: helpers/basic_auth/PAM/basic_pam_auth.8:105
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:116
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:101
+#: helpers/digest_auth/file/digest_file_auth.8:89
#: helpers/external_acl/ldap_group/squid_ldap_group.8:266
#: helpers/external_acl/session/squid_session.8:85
#: helpers/external_acl/unix_group/squid_unix_group.8:87 src/squid.8.in:256
-#: tools/cachemgr.cgi.8.in:73 tools/squidclient.1:185
+#: tools/cachemgr.cgi.8.in:72 tools/squidclient.1:184
+msgid ""
+"Report serious security bugs to I<Squid Bugs E<lt>squid-bugs@squid-cache."
+"orgE<gt>>"
+msgstr ""
+"Melden sie schwerwiegende Sicherheitslücken I<Squid Bugs E<lt>squid-bugs"
+"@squid-cache.orgE<gt>>"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:94
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:320
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:66
+#: helpers/basic_auth/PAM/basic_pam_auth.8:108
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:119
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:104
+#: helpers/digest_auth/file/digest_file_auth.8:92
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:269
+#: helpers/external_acl/session/squid_session.8:88
+#: helpers/external_acl/unix_group/squid_unix_group.8:90 src/squid.8.in:259
+#: tools/cachemgr.cgi.8.in:75 tools/squidclient.1:187
msgid ""
"Report ideas for new improvements to the I<Squid Developers mailing list>"
msgstr ""
+"Senden sie Vorschläge für Verbesserungen an die I<Squid Developers mailing "
+"Liste>"
#. type: SH
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:93
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:319
-#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:65
-#: helpers/basic_auth/PAM/basic_pam_auth.8:107
-#: helpers/basic_auth/RADIUS/basic_radius_auth.8:118
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:268
-#: helpers/external_acl/session/squid_session.8:87
-#: helpers/external_acl/unix_group/squid_unix_group.8:92 src/squid.8.in:258
-#: tools/cachemgr.cgi.8.in:75 tools/squidclient.1:187
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:96
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:322
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:68
+#: helpers/basic_auth/PAM/basic_pam_auth.8:110
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:121
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:106
+#: helpers/digest_auth/file/digest_file_auth.8:94
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:271
+#: helpers/external_acl/session/squid_session.8:90
+#: helpers/external_acl/unix_group/squid_unix_group.8:95 src/squid.8.in:261
+#: tools/cachemgr.cgi.8.in:77 tools/squidclient.1:189
#, no-wrap
msgid "SEE ALSO"
msgstr "SIEHE AUCH"
#. type: Plain text
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:7
msgid "LDAP authentication helper for Squid"
-msgstr ""
+msgstr "Authentifizierungshelfer für LDAP von Squid"
#. type: Plain text
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:12
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:27
#: helpers/external_acl/ldap_group/squid_ldap_group.8:14
msgid "base DN"
-msgstr ""
+msgstr "base DN"
#. type: Plain text
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:14
msgid "attribute"
-msgstr ""
+msgstr "attribute"
#. type: Plain text
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:16
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:31
#: helpers/external_acl/ldap_group/squid_ldap_group.8:18
-#, fuzzy
msgid "options"
-msgstr "-O Optionen"
+msgstr "options"
#. type: Plain text
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:18
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:33
msgid "LDAP server name"
-msgstr ""
+msgstr "LDAP server name"
#. type: Plain text
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:20
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:18
#: helpers/external_acl/ldap_group/squid_ldap_group.8:22 src/squid.8.in:17
#: tools/squidclient.1:28
-#, fuzzy
msgid "port"
-msgstr "-a port"
+msgstr "Port"
#. type: Plain text
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:22
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:37
#: helpers/external_acl/ldap_group/squid_ldap_group.8:24
msgid "URI"
-msgstr ""
+msgstr "URI"
#. type: Plain text
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:29
#: helpers/external_acl/ldap_group/squid_ldap_group.8:16
msgid "LDAP search filter"
-msgstr ""
+msgstr "LDAP Suchfilter"
#. type: Plain text
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:47
"subsequent lines of input to the helper, one username/password pair per line "
"separated by a space."
msgstr ""
+"B<basic_ldap_auth> erlaubt Squid zu einem LDAP Verzeichnis zu verbinden, um "
+"Benutzername und Passwort der Basic HTTP Authentifizierung zu überprüfen. "
+"LDAP Optionen werden in der Kommandozeile übergeben, wobei Benutzername und "
+"Passwörter, welche durch LDAP geprüft werden sollen, in darauffolgenden "
+"Zeilen in der Eingabe des Helfers angegeben werden, ein "
+"Benutzername/Password Paar pro Zeile getrennt durch ein Leerzeichen."
#. type: Plain text
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:56
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:20
#: helpers/basic_auth/PAM/basic_pam_auth.8:21
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:31
+#: helpers/digest_auth/file/digest_file_auth.8:20
#: helpers/external_acl/ldap_group/squid_ldap_group.8:49
#: helpers/external_acl/session/squid_session.8:26
#: helpers/external_acl/unix_group/squid_unix_group.8:19 src/squid.8.in:59
"E<lt>squid-users@squid-cache.orgE<gt>> Mailingliste gesendet werden."
#. type: Plain text
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:324
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:327
msgid "Your favorite LDAP documentation."
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:325
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:275
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:328
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:278
msgid "B<RFC2254> - The String Representation of LDAP Search Filters,"
msgstr ""
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/PAM/basic_pam_auth.8:114
+#: helpers/basic_auth/PAM/basic_pam_auth.8:117
msgid "PAM Systems Administrator Guide"
msgstr ""
"E<lt>squid-users@squid-cache.orgE<gt>> Mailingliste gesendet werden."
#. type: Plain text
-#: helpers/basic_auth/RADIUS/basic_radius_auth.8:121
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:124
msgid "B<RFC2058> - Remote Authentication Dial In User Service (RADIUS)"
msgstr ""
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:7
+msgid ""
+"Basic Authentication using SASL (specifically the cyrus-sasl authentication "
+"method)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:9
+#: helpers/digest_auth/file/digest_file_auth.8:9
+#: helpers/external_acl/session/squid_session.8:9
+msgid "Version 1.0"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:18
+msgid ""
+"B<basic_sasl_auth> is an installed binary helper for Squid. SASL is "
+"configurable (somewhat like PAM). Each service authenticating against SASL "
+"identifies itself with an application name. Each application can be "
+"configured independently by the SASL administrator."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:24
+msgid ""
+"To configure the authentication method used the file B<basic_sasl_auth.conf> "
+"can be placed in the appropriate location, usually B</usr/lib/sasl.>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:31
+msgid ""
+"The authentication database is defined by the B<pwcheck_method> parameter. "
+"Only the B<PLAIN> authentication mechanism is used."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:33
+msgid "Examples:"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:36
+msgid "use sasldb - the default if no conf file is installed."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:38
+#, no-wrap
+msgid " - use PAM authentication database\n"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:41
+#, no-wrap
+msgid ""
+" - use traditional \n"
+"B</etc/passwd>\n"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:43
+#, no-wrap
+msgid " - use slightly less traditional /etc/shadow\n"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:46
+msgid ""
+"Others methods may be supported by your cyrus-sasl implementation - consult "
+"your cyrus-sasl documentation for information."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:59
+msgid ""
+"Typically the authentication database ( B</etc/sasldb> , B</etc/shadow> , "
+"B<PAM> ) can not be accessed by a normal user. You should use setuid/setgid "
+"and an appropriate user/group on the executable to allow the authenticator "
+"to access the appropriate password database. If the access to the database "
+"is not permitted then the authenticator will typically fail with \"-1, "
+"generic error\"."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:74
+msgid ""
+"If the application name B<basic_sasl_auth> will also be used for the PAM "
+"service name if B<pwcheck_method:pam> is chosen. And example PAM "
+"configuration file B<basic_sasl_auth.pam> is also included."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:116
+#: helpers/digest_auth/file/digest_file_auth.8:98 src/squid.8.in:271
+msgid "The Squid FAQ wiki"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:119
+#: helpers/digest_auth/file/digest_file_auth.8:101 src/squid.8.in:274
+msgid "The Squid Configuration Manual"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:7
+#, fuzzy
+#| msgid "Local Users auth helper for Squid"
+msgid "File based digest authentication helper for Squid."
+msgstr "Authentifizierungshelfer für lokale Nutzer von Squid"
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:14 tools/squidclient.1:30
+#, fuzzy
+msgid "file"
+msgstr "-f Datei"
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:19
+msgid ""
+"B<digest_file_auth> is an installed binary authentication program for Squid. "
+"It handles digest authentication protocol and authenticates against a text "
+"file backend."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:24
+msgid ""
+"Accept digest hashed passwords rather than plaintext in the password file"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:28
+msgid "Username database file format:"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:28
+#, no-wrap
+msgid "- comment lines are possible and should start with a '#';"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:31
+#, no-wrap
+msgid "- empty or blank lines are possible;"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:34
+#, no-wrap
+msgid "- plaintext entry format is username:password"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:37
+#, no-wrap
+msgid "- HA1 entry format is username:realm:HA1"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:50
+msgid ""
+"To build a directory integrated backend, you need to be able to calculate "
+"the HA1 returned to squid. To avoid storing a plaintext password you can "
+"calculate B<MD5(username:realm:password)> when the user changes their "
+"password, and store the tuple B<username:realm:HA1.> then find the matching "
+"B<username:realm> when squid asks for the HA1."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:58
+msgid ""
+"This implementation could be improved by using such a triple for the file "
+"format. However storing such a triple does little to improve security: If "
+"compromised the B<username:realm:HA1> combination is \"plaintext equivalent"
+"\" - for the purposes of digest authentication they allow the user access. "
+"Password syncronisation is not tackled by digest - just preventing on the "
+"wire compromise."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:64
+#, fuzzy
+#| msgid "Based on original code by"
+msgid "Based on prior work by"
+msgstr "Basiert auf Originalcode von"
+
#. type: Plain text
#: helpers/external_acl/ldap_group/squid_ldap_group.8:7
msgid "Squid LDAP external acl group helper"
"E<lt>squid-users@squid-cache.orgE<gt>> Mailingliste gesendet werden."
#. type: Plain text
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:274
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:277
msgid "Your favorite LDAP documentation"
msgstr ""
msgid "Squid session tracking external acl group helper."
msgstr ""
-#. type: Plain text
-#: helpers/external_acl/session/squid_session.8:9
-msgid "Version 1.0"
-msgstr ""
-
#. type: Plain text
#: helpers/external_acl/session/squid_session.8:16
msgid "database"
msgstr ""
#. type: Plain text
-#: helpers/external_acl/unix_group/squid_unix_group.8:90
+#: helpers/external_acl/unix_group/squid_unix_group.8:93
msgid "Additionally bugs or bug-fixes can be reported to"
msgstr ""
#. type: Plain text
#: src/squid.8.in:100
#, fuzzy
-#| msgid "Install as a Windows Service (see -n option)."
msgid "Install as a Windows Service (see B<-n> option)."
msgstr "Installieren als Windows Dienst (siehe -n Option)."
#. type: Plain text
#: src/squid.8.in:131
#, fuzzy
-#| msgid "Install as a Windows Service (see -n option)."
msgid "Remove a Windows Service (see B<-n> option)."
msgstr "Installieren als Windows Dienst (siehe -n Option)."
"contributions."
msgstr ""
-#. type: Plain text
-#: src/squid.8.in:268
-msgid "The Squid FAQ wiki"
-msgstr ""
-
-#. type: Plain text
-#: src/squid.8.in:271
-msgid "The Squid Configuration Manual"
-msgstr ""
-
#. type: Plain text
#: tools/cachemgr.cgi.8.in:7
#, fuzzy
"Foundation."
msgstr ""
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:67 tools/squidclient.1:179
+msgid ""
+"See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what "
+"you need to include with your bug report."
+msgstr ""
+
#. type: Plain text
#: tools/squidclient.1:7
msgid "A simple HTTP web client tool"
msgid "method"
msgstr ""
-#. type: Plain text
-#: tools/squidclient.1:30
-#, fuzzy
-msgid "file"
-msgstr "-f Datei"
-
#. type: Plain text
#: tools/squidclient.1:36 tools/squidclient.1:38
msgid "user"
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1400\n"
-"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
-"Last-Translator: Amos Jeffries <squid3@treenet.co.nz>\n"
+"POT-Creation-Date: 2010-05-01 00:17+1200\n"
+"PO-Revision-Date: 2010-03-23 14:36+0200\n"
+"Last-Translator: Amos <squid3@treenet.co.nz>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
-"X-Generator: Translate Toolkit 1.5.1\n"
+"Language: en\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Generator: Pootle 2.0.1\n"
#. type: SH
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:3
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:3
#: helpers/basic_auth/PAM/basic_pam_auth.8:3
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:3
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:3
+#: helpers/digest_auth/file/digest_file_auth.8:3
#: helpers/external_acl/ldap_group/squid_ldap_group.8:3
#: helpers/external_acl/session/squid_session.8:3
#: helpers/external_acl/unix_group/squid_unix_group.8:3 src/squid.8.in:3
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:7
msgid "Local Users auth helper for Squid"
-msgstr ""
+msgstr "Local Users auth helper for Squid"
#. type: SH
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:8
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:8
#: helpers/basic_auth/PAM/basic_pam_auth.8:8
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:8
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:10
+#: helpers/digest_auth/file/digest_file_auth.8:10
#: helpers/external_acl/ldap_group/squid_ldap_group.8:10
#: helpers/external_acl/session/squid_session.8:10
#: helpers/external_acl/unix_group/squid_unix_group.8:8 src/squid.8.in:8
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:12
#: helpers/basic_auth/PAM/basic_pam_auth.8:15
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:26
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:13
+#: helpers/digest_auth/file/digest_file_auth.8:15
#: helpers/external_acl/ldap_group/squid_ldap_group.8:26
#: helpers/external_acl/session/squid_session.8:18
#: helpers/external_acl/unix_group/squid_unix_group.8:15 src/squid.8.in:25
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:21
msgid "It uses B<getpwnam()> and B<getspnam()> routines for authentication."
-msgstr ""
+msgstr "It uses B<getpwnam()> and B<getspnam()> routines for authentication."
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:23
#. type: TP
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:29
#, no-wrap
-msgid "Can handle LDAP request"
+msgid "Can handle LDAP requests"
msgstr ""
#. type: TP
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:31
#, no-wrap
-msgid "Can handle PAM request"
+msgid "Can handle PAM requests"
msgstr ""
#. type: SH
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:24
#: helpers/basic_auth/PAM/basic_pam_auth.8:41
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:61
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:19
+#: helpers/digest_auth/file/digest_file_auth.8:25
#: helpers/external_acl/ldap_group/squid_ldap_group.8:209
#: helpers/external_acl/session/squid_session.8:50
#: helpers/external_acl/unix_group/squid_unix_group.8:33
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:30
#: helpers/basic_auth/PAM/basic_pam_auth.8:80
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:85
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:75
+#: helpers/digest_auth/file/digest_file_auth.8:59
#: helpers/external_acl/ldap_group/squid_ldap_group.8:232
#: helpers/external_acl/session/squid_session.8:63
#: helpers/external_acl/unix_group/squid_unix_group.8:62 src/squid.8.in:216
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:63
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:77
+#: helpers/digest_auth/file/digest_file_auth.8:61
#: helpers/external_acl/ldap_group/squid_ldap_group.8:234
#: helpers/external_acl/unix_group/squid_unix_group.8:64
msgid "This program was written by"
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:71
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:32
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:93
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:80
+#: helpers/digest_auth/file/digest_file_auth.8:68
#: helpers/external_acl/ldap_group/squid_ldap_group.8:243
#: helpers/external_acl/unix_group/squid_unix_group.8:67
msgid "This manual was written by"
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:37
#: helpers/basic_auth/PAM/basic_pam_auth.8:84
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:95
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:83
+#: helpers/digest_auth/file/digest_file_auth.8:71
#: helpers/external_acl/ldap_group/squid_ldap_group.8:245
#: helpers/external_acl/session/squid_session.8:67
#: helpers/external_acl/unix_group/squid_unix_group.8:69 src/squid.8.in:226
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:75
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:298
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:97
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:85
+#: helpers/digest_auth/file/digest_file_auth.8:73
#: helpers/external_acl/ldap_group/squid_ldap_group.8:247
#: helpers/external_acl/session/squid_session.8:69
#: helpers/external_acl/unix_group/squid_unix_group.8:71
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:300
#: helpers/basic_auth/PAM/basic_pam_auth.8:91
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:99
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:87
+#: helpers/digest_auth/file/digest_file_auth.8:75
#: helpers/external_acl/ldap_group/squid_ldap_group.8:249
#: helpers/external_acl/session/squid_session.8:71
#: helpers/external_acl/unix_group/squid_unix_group.8:73
#: tools/cachemgr.cgi.8.in:59 tools/squidclient.1:171
msgid ""
"Distributed under the GNU General Public License (GNU GPL) version 2 or "
-"later (GPL2+)."
+"later (GPLv2+)."
msgstr ""
#. type: SH
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:50
#: helpers/basic_auth/PAM/basic_pam_auth.8:92
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:100
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:88
+#: helpers/digest_auth/file/digest_file_auth.8:76
#: helpers/external_acl/ldap_group/squid_ldap_group.8:250
#: helpers/external_acl/session/squid_session.8:72
#: helpers/external_acl/unix_group/squid_unix_group.8:74 src/squid.8.in:243
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:53
#: helpers/basic_auth/PAM/basic_pam_auth.8:95
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:103
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:91
+#: helpers/digest_auth/file/digest_file_auth.8:79
#: helpers/external_acl/ldap_group/squid_ldap_group.8:253
#: helpers/external_acl/session/squid_session.8:75
#: helpers/external_acl/unix_group/squid_unix_group.8:77 src/squid.8.in:246
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:55
#: helpers/basic_auth/PAM/basic_pam_auth.8:97
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:108
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:93
+#: helpers/digest_auth/file/digest_file_auth.8:81
#: helpers/external_acl/ldap_group/squid_ldap_group.8:258
#: helpers/external_acl/session/squid_session.8:77
#: helpers/external_acl/unix_group/squid_unix_group.8:79 src/squid.8.in:248
msgstr "REPORTING BUGS"
#. type: Plain text
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:85
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:311
-#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:57
-#: helpers/basic_auth/PAM/basic_pam_auth.8:99
-#: helpers/basic_auth/RADIUS/basic_radius_auth.8:110
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:260
-#: helpers/external_acl/session/squid_session.8:79
-#: helpers/external_acl/unix_group/squid_unix_group.8:81 src/squid.8.in:250
-#: tools/cachemgr.cgi.8.in:67 tools/squidclient.1:179
-msgid "Report bugs or bug fixes using http://bugs.squid-cache.org/"
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:86
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:312
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:58
+#: helpers/basic_auth/PAM/basic_pam_auth.8:100
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:111
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:96
+#: helpers/digest_auth/file/digest_file_auth.8:84
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:261
+#: helpers/external_acl/session/squid_session.8:80
+#: helpers/external_acl/unix_group/squid_unix_group.8:82 src/squid.8.in:251
+msgid ""
+"Bug reports need to be made in English. See http://wiki.squid-cache.org/"
+"SquidFaq/BugReporting for details of what you need to include with your bug "
+"report."
msgstr ""
#. type: Plain text
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:60
#: helpers/basic_auth/PAM/basic_pam_auth.8:102
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:113
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:98
+#: helpers/digest_auth/file/digest_file_auth.8:86
#: helpers/external_acl/ldap_group/squid_ldap_group.8:263
#: helpers/external_acl/session/squid_session.8:82
#: helpers/external_acl/unix_group/squid_unix_group.8:84 src/squid.8.in:253
-#: tools/cachemgr.cgi.8.in:70 tools/squidclient.1:182
-#, fuzzy
-msgid ""
-"Report serious security bugs to I<Squid Bugs E<lt>squid-bugs@squid-cache."
-"orgE<gt>>"
+#: tools/cachemgr.cgi.8.in:69 tools/squidclient.1:181
+msgid "Report bugs or bug fixes using http://bugs.squid-cache.org/"
msgstr ""
-"Any questions on usage can be sent to I<Squid Users E<lt>squid-users@squid-"
-"cache.orgE<gt>>"
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:91
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:63
#: helpers/basic_auth/PAM/basic_pam_auth.8:105
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:116
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:101
+#: helpers/digest_auth/file/digest_file_auth.8:89
#: helpers/external_acl/ldap_group/squid_ldap_group.8:266
#: helpers/external_acl/session/squid_session.8:85
#: helpers/external_acl/unix_group/squid_unix_group.8:87 src/squid.8.in:256
-#: tools/cachemgr.cgi.8.in:73 tools/squidclient.1:185
+#: tools/cachemgr.cgi.8.in:72 tools/squidclient.1:184
+#, fuzzy
+msgid ""
+"Report serious security bugs to I<Squid Bugs E<lt>squid-bugs@squid-cache."
+"orgE<gt>>"
+msgstr ""
+"Any questions on usage can be sent to I<Squid Users E<lt>squid-users@squid-"
+"cache.orgE<gt>>"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:94
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:320
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:66
+#: helpers/basic_auth/PAM/basic_pam_auth.8:108
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:119
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:104
+#: helpers/digest_auth/file/digest_file_auth.8:92
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:269
+#: helpers/external_acl/session/squid_session.8:88
+#: helpers/external_acl/unix_group/squid_unix_group.8:90 src/squid.8.in:259
+#: tools/cachemgr.cgi.8.in:75 tools/squidclient.1:187
msgid ""
"Report ideas for new improvements to the I<Squid Developers mailing list>"
msgstr ""
#. type: SH
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:93
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:319
-#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:65
-#: helpers/basic_auth/PAM/basic_pam_auth.8:107
-#: helpers/basic_auth/RADIUS/basic_radius_auth.8:118
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:268
-#: helpers/external_acl/session/squid_session.8:87
-#: helpers/external_acl/unix_group/squid_unix_group.8:92 src/squid.8.in:258
-#: tools/cachemgr.cgi.8.in:75 tools/squidclient.1:187
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:96
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:322
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:68
+#: helpers/basic_auth/PAM/basic_pam_auth.8:110
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:121
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:106
+#: helpers/digest_auth/file/digest_file_auth.8:94
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:271
+#: helpers/external_acl/session/squid_session.8:90
+#: helpers/external_acl/unix_group/squid_unix_group.8:95 src/squid.8.in:261
+#: tools/cachemgr.cgi.8.in:77 tools/squidclient.1:189
#, no-wrap
msgid "SEE ALSO"
msgstr "SEE ALSO"
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:20
#: helpers/basic_auth/PAM/basic_pam_auth.8:21
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:31
+#: helpers/digest_auth/file/digest_file_auth.8:20
#: helpers/external_acl/ldap_group/squid_ldap_group.8:49
#: helpers/external_acl/session/squid_session.8:26
#: helpers/external_acl/unix_group/squid_unix_group.8:19 src/squid.8.in:59
"more related to RADIUS than Squid."
#. type: Plain text
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:324
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:327
msgid "Your favorite LDAP documentation."
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:325
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:275
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:328
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:278
msgid "B<RFC2254> - The String Representation of LDAP Search Filters,"
msgstr ""
"E<lt>hno@squid-cache.orgE<gt>"
#. type: Plain text
-#: helpers/basic_auth/PAM/basic_pam_auth.8:114
+#: helpers/basic_auth/PAM/basic_pam_auth.8:117
#, fuzzy
msgid "PAM Systems Administrator Guide"
msgstr "B<pam>(8),B< PAM Systems Administrator Guide>"
"more related to RADIUS than Squid."
#. type: Plain text
-#: helpers/basic_auth/RADIUS/basic_radius_auth.8:121
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:124
msgid "B<RFC2058> - Remote Authentication Dial In User Service (RADIUS)"
msgstr "B<RFC2058> - Remote Authentication Dial In User Service (RADIUS)"
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:7
+msgid ""
+"Basic Authentication using SASL (specifically the cyrus-sasl authentication "
+"method)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:9
+#: helpers/digest_auth/file/digest_file_auth.8:9
+#: helpers/external_acl/session/squid_session.8:9
+msgid "Version 1.0"
+msgstr "Version 1.0"
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:18
+msgid ""
+"B<basic_sasl_auth> is an installed binary helper for Squid. SASL is "
+"configurable (somewhat like PAM). Each service authenticating against SASL "
+"identifies itself with an application name. Each application can be "
+"configured independently by the SASL administrator."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:24
+msgid ""
+"To configure the authentication method used the file B<basic_sasl_auth.conf> "
+"can be placed in the appropriate location, usually B</usr/lib/sasl.>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:31
+msgid ""
+"The authentication database is defined by the B<pwcheck_method> parameter. "
+"Only the B<PLAIN> authentication mechanism is used."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:33
+msgid "Examples:"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:36
+msgid "use sasldb - the default if no conf file is installed."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:38
+#, fuzzy, no-wrap
+msgid " - use PAM authentication database\n"
+msgstr "pam_auth - Squid PAM authentication helper"
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:41
+#, no-wrap
+msgid ""
+" - use traditional \n"
+"B</etc/passwd>\n"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:43
+#, no-wrap
+msgid " - use slightly less traditional /etc/shadow\n"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:46
+msgid ""
+"Others methods may be supported by your cyrus-sasl implementation - consult "
+"your cyrus-sasl documentation for information."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:59
+msgid ""
+"Typically the authentication database ( B</etc/sasldb> , B</etc/shadow> , "
+"B<PAM> ) can not be accessed by a normal user. You should use setuid/setgid "
+"and an appropriate user/group on the executable to allow the authenticator "
+"to access the appropriate password database. If the access to the database "
+"is not permitted then the authenticator will typically fail with \"-1, "
+"generic error\"."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:74
+msgid ""
+"If the application name B<basic_sasl_auth> will also be used for the PAM "
+"service name if B<pwcheck_method:pam> is chosen. And example PAM "
+"configuration file B<basic_sasl_auth.pam> is also included."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:116
+#: helpers/digest_auth/file/digest_file_auth.8:98 src/squid.8.in:271
+msgid "The Squid FAQ wiki"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:119
+#: helpers/digest_auth/file/digest_file_auth.8:101 src/squid.8.in:274
+msgid "The Squid Configuration Manual"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:7
+#, fuzzy
+msgid "File based digest authentication helper for Squid."
+msgstr ""
+"ncsa_auth - NCSA httpd-style password file authentication helper for Squid"
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:14 tools/squidclient.1:30
+#, fuzzy
+msgid "file"
+msgstr "-f file"
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:19
+msgid ""
+"B<digest_file_auth> is an installed binary authentication program for Squid. "
+"It handles digest authentication protocol and authenticates against a text "
+"file backend."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:24
+msgid ""
+"Accept digest hashed passwords rather than plaintext in the password file"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:28
+msgid "Username database file format:"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:28
+#, no-wrap
+msgid "- comment lines are possible and should start with a '#';"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:31
+#, no-wrap
+msgid "- empty or blank lines are possible;"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:34
+#, no-wrap
+msgid "- plaintext entry format is username:password"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:37
+#, no-wrap
+msgid "- HA1 entry format is username:realm:HA1"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:50
+msgid ""
+"To build a directory integrated backend, you need to be able to calculate "
+"the HA1 returned to squid. To avoid storing a plaintext password you can "
+"calculate B<MD5(username:realm:password)> when the user changes their "
+"password, and store the tuple B<username:realm:HA1.> then find the matching "
+"B<username:realm> when squid asks for the HA1."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:58
+msgid ""
+"This implementation could be improved by using such a triple for the file "
+"format. However storing such a triple does little to improve security: If "
+"compromised the B<username:realm:HA1> combination is \"plaintext equivalent"
+"\" - for the purposes of digest authentication they allow the user access. "
+"Password syncronisation is not tackled by digest - just preventing on the "
+"wire compromise."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:64
+msgid "Based on prior work by"
+msgstr ""
+
#. type: Plain text
#: helpers/external_acl/ldap_group/squid_ldap_group.8:7
#, fuzzy
"more related to RADIUS than Squid."
#. type: Plain text
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:274
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:277
msgid "Your favorite LDAP documentation"
msgstr ""
msgid "Squid session tracking external acl group helper."
msgstr "squid_session - Squid session tracking external acl group helper"
-#. type: Plain text
-#: helpers/external_acl/session/squid_session.8:9
-msgid "Version 1.0"
-msgstr "Version 1.0"
-
#. type: Plain text
#: helpers/external_acl/session/squid_session.8:16
msgid "database"
#. type: Plain text
#: helpers/external_acl/unix_group/squid_unix_group.8:46
-#, fuzzy
msgid ""
"This B<squid.conf> example defines two Squid acls. I<usergroup1> matches "
"users in I<group1> , and I<usergroup2> matches users in I<group2> or "
"I<group3>"
msgstr ""
-"This squid.conf example defines two Squid acls. usergroup1 matches users in "
-"group1, and usergroup2 matches users in group2 or group3"
+"This B<squid.conf> example defines two Squid acls. I<usergroup1> matches "
+"users in I<group1> , and I<usergroup2> matches users in I<group2> or "
+"I<group3>"
#. type: Plain text
#: helpers/external_acl/unix_group/squid_unix_group.8:56
"each alias by name."
#. type: Plain text
-#: helpers/external_acl/unix_group/squid_unix_group.8:90
+#: helpers/external_acl/unix_group/squid_unix_group.8:93
msgid "Additionally bugs or bug-fixes can be reported to"
msgstr ""
#. type: Plain text
#: src/squid.8.in:100
#, fuzzy
-#| msgid "Install as a Windows Service (see -n option)."
msgid "Install as a Windows Service (see B<-n> option)."
msgstr "Install as a Windows Service (see -n option)."
#. type: Plain text
#: src/squid.8.in:131
#, fuzzy
-#| msgid "Remove a Windows Service (see -n option)."
msgid "Remove a Windows Service (see B<-n> option)."
msgstr "Remove a Windows Service (see -n option)."
#. type: Plain text
#: src/squid.8.in:178
#, fuzzy
-#| msgid ""
-#| "The main configuration file. You must initially make changes to this "
-#| "file for B<squid> to work. For example, the default configuration does "
-#| "not allow access from any browser."
msgid ""
"The main configuration file. You must initially make changes to this file "
"for B<squid> to work. For example, the default configuration does not allow "
"contributions."
msgstr ""
-#. type: Plain text
-#: src/squid.8.in:268
-msgid "The Squid FAQ wiki"
-msgstr ""
-
-#. type: Plain text
-#: src/squid.8.in:271
-msgid "The Squid Configuration Manual"
-msgstr ""
-
#. type: Plain text
#: tools/cachemgr.cgi.8.in:7
#, fuzzy
"Foundation."
msgstr ""
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:67 tools/squidclient.1:179
+msgid ""
+"See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what "
+"you need to include with your bug report."
+msgstr ""
+
#. type: Plain text
#: tools/squidclient.1:7
msgid "A simple HTTP web client tool"
msgid "method"
msgstr ""
-#. type: Plain text
-#: tools/squidclient.1:30
-#, fuzzy
-msgid "file"
-msgstr "-f file"
-
#. type: Plain text
#: tools/squidclient.1:36 tools/squidclient.1:38
#, fuzzy
msgstr ""
"Project-Id-Version: squid\n"
"Report-Msgid-Bugs-To: FULL NAME <EMAIL@ADDRESS>\n"
-"POT-Creation-Date: 2010-02-13 00:05+1400\n"
+"POT-Creation-Date: 2010-05-01 00:17+1200\n"
"PO-Revision-Date: 2010-01-16 02:05+0000\n"
"Last-Translator: Amos Jeffries <Unknown>\n"
"Language-Team: English (Australia) <en_AU@li.org>\n"
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:3
#: helpers/basic_auth/PAM/basic_pam_auth.8:3
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:3
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:3
+#: helpers/digest_auth/file/digest_file_auth.8:3
#: helpers/external_acl/ldap_group/squid_ldap_group.8:3
#: helpers/external_acl/session/squid_session.8:3
#: helpers/external_acl/unix_group/squid_unix_group.8:3 src/squid.8.in:3
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:8
#: helpers/basic_auth/PAM/basic_pam_auth.8:8
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:8
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:10
+#: helpers/digest_auth/file/digest_file_auth.8:10
#: helpers/external_acl/ldap_group/squid_ldap_group.8:10
#: helpers/external_acl/session/squid_session.8:10
#: helpers/external_acl/unix_group/squid_unix_group.8:8 src/squid.8.in:8
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:12
#: helpers/basic_auth/PAM/basic_pam_auth.8:15
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:26
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:13
+#: helpers/digest_auth/file/digest_file_auth.8:15
#: helpers/external_acl/ldap_group/squid_ldap_group.8:26
#: helpers/external_acl/session/squid_session.8:18
#: helpers/external_acl/unix_group/squid_unix_group.8:15 src/squid.8.in:25
#. type: TP
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:29
-#, no-wrap
-msgid "Can handle LDAP request"
+#, fuzzy, no-wrap
+msgid "Can handle LDAP requests"
msgstr "Can handle LDAP request"
#. type: TP
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:31
-#, no-wrap
-msgid "Can handle PAM request"
+#, fuzzy, no-wrap
+msgid "Can handle PAM requests"
msgstr "Can handle PAM request"
#. type: SH
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:24
#: helpers/basic_auth/PAM/basic_pam_auth.8:41
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:61
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:19
+#: helpers/digest_auth/file/digest_file_auth.8:25
#: helpers/external_acl/ldap_group/squid_ldap_group.8:209
#: helpers/external_acl/session/squid_session.8:50
#: helpers/external_acl/unix_group/squid_unix_group.8:33
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:30
#: helpers/basic_auth/PAM/basic_pam_auth.8:80
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:85
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:75
+#: helpers/digest_auth/file/digest_file_auth.8:59
#: helpers/external_acl/ldap_group/squid_ldap_group.8:232
#: helpers/external_acl/session/squid_session.8:63
#: helpers/external_acl/unix_group/squid_unix_group.8:62 src/squid.8.in:216
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:63
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:77
+#: helpers/digest_auth/file/digest_file_auth.8:61
#: helpers/external_acl/ldap_group/squid_ldap_group.8:234
#: helpers/external_acl/unix_group/squid_unix_group.8:64
msgid "This program was written by"
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:71
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:32
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:93
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:80
+#: helpers/digest_auth/file/digest_file_auth.8:68
#: helpers/external_acl/ldap_group/squid_ldap_group.8:243
#: helpers/external_acl/unix_group/squid_unix_group.8:67
msgid "This manual was written by"
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:37
#: helpers/basic_auth/PAM/basic_pam_auth.8:84
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:95
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:83
+#: helpers/digest_auth/file/digest_file_auth.8:71
#: helpers/external_acl/ldap_group/squid_ldap_group.8:245
#: helpers/external_acl/session/squid_session.8:67
#: helpers/external_acl/unix_group/squid_unix_group.8:69 src/squid.8.in:226
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:75
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:298
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:97
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:85
+#: helpers/digest_auth/file/digest_file_auth.8:73
#: helpers/external_acl/ldap_group/squid_ldap_group.8:247
#: helpers/external_acl/session/squid_session.8:69
#: helpers/external_acl/unix_group/squid_unix_group.8:71
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:300
#: helpers/basic_auth/PAM/basic_pam_auth.8:91
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:99
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:87
+#: helpers/digest_auth/file/digest_file_auth.8:75
#: helpers/external_acl/ldap_group/squid_ldap_group.8:249
#: helpers/external_acl/session/squid_session.8:71
#: helpers/external_acl/unix_group/squid_unix_group.8:73
#: tools/cachemgr.cgi.8.in:59 tools/squidclient.1:171
+#, fuzzy
msgid ""
"Distributed under the GNU General Public License (GNU GPL) version 2 or "
-"later (GPL2+)."
+"later (GPLv2+)."
msgstr ""
"Distributed under the GNU General Public License (GNU GPL) version 2 or "
"later (GPL2+)."
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:50
#: helpers/basic_auth/PAM/basic_pam_auth.8:92
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:100
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:88
+#: helpers/digest_auth/file/digest_file_auth.8:76
#: helpers/external_acl/ldap_group/squid_ldap_group.8:250
#: helpers/external_acl/session/squid_session.8:72
#: helpers/external_acl/unix_group/squid_unix_group.8:74 src/squid.8.in:243
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:53
#: helpers/basic_auth/PAM/basic_pam_auth.8:95
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:103
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:91
+#: helpers/digest_auth/file/digest_file_auth.8:79
#: helpers/external_acl/ldap_group/squid_ldap_group.8:253
#: helpers/external_acl/session/squid_session.8:75
#: helpers/external_acl/unix_group/squid_unix_group.8:77 src/squid.8.in:246
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:55
#: helpers/basic_auth/PAM/basic_pam_auth.8:97
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:108
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:93
+#: helpers/digest_auth/file/digest_file_auth.8:81
#: helpers/external_acl/ldap_group/squid_ldap_group.8:258
#: helpers/external_acl/session/squid_session.8:77
#: helpers/external_acl/unix_group/squid_unix_group.8:79 src/squid.8.in:248
msgstr "REPORTING BUGS"
#. type: Plain text
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:85
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:311
-#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:57
-#: helpers/basic_auth/PAM/basic_pam_auth.8:99
-#: helpers/basic_auth/RADIUS/basic_radius_auth.8:110
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:260
-#: helpers/external_acl/session/squid_session.8:79
-#: helpers/external_acl/unix_group/squid_unix_group.8:81 src/squid.8.in:250
-#: tools/cachemgr.cgi.8.in:67 tools/squidclient.1:179
-msgid "Report bugs or bug fixes using http://bugs.squid-cache.org/"
-msgstr "Report bugs or bug fixes using http://bugs.squid-cache.org/"
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:86
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:312
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:58
+#: helpers/basic_auth/PAM/basic_pam_auth.8:100
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:111
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:96
+#: helpers/digest_auth/file/digest_file_auth.8:84
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:261
+#: helpers/external_acl/session/squid_session.8:80
+#: helpers/external_acl/unix_group/squid_unix_group.8:82 src/squid.8.in:251
+msgid ""
+"Bug reports need to be made in English. See http://wiki.squid-cache.org/"
+"SquidFaq/BugReporting for details of what you need to include with your bug "
+"report."
+msgstr ""
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:88
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:60
#: helpers/basic_auth/PAM/basic_pam_auth.8:102
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:113
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:98
+#: helpers/digest_auth/file/digest_file_auth.8:86
#: helpers/external_acl/ldap_group/squid_ldap_group.8:263
#: helpers/external_acl/session/squid_session.8:82
#: helpers/external_acl/unix_group/squid_unix_group.8:84 src/squid.8.in:253
-#: tools/cachemgr.cgi.8.in:70 tools/squidclient.1:182
-msgid ""
-"Report serious security bugs to I<Squid Bugs E<lt>squid-bugs@squid-cache."
-"orgE<gt>>"
-msgstr ""
-"Report serious security bugs to I<Squid Bugs E<lt>squid-bugs@squid-cache."
-"orgE<gt>>"
+#: tools/cachemgr.cgi.8.in:69 tools/squidclient.1:181
+msgid "Report bugs or bug fixes using http://bugs.squid-cache.org/"
+msgstr "Report bugs or bug fixes using http://bugs.squid-cache.org/"
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:91
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:63
#: helpers/basic_auth/PAM/basic_pam_auth.8:105
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:116
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:101
+#: helpers/digest_auth/file/digest_file_auth.8:89
#: helpers/external_acl/ldap_group/squid_ldap_group.8:266
#: helpers/external_acl/session/squid_session.8:85
#: helpers/external_acl/unix_group/squid_unix_group.8:87 src/squid.8.in:256
-#: tools/cachemgr.cgi.8.in:73 tools/squidclient.1:185
+#: tools/cachemgr.cgi.8.in:72 tools/squidclient.1:184
+msgid ""
+"Report serious security bugs to I<Squid Bugs E<lt>squid-bugs@squid-cache."
+"orgE<gt>>"
+msgstr ""
+"Report serious security bugs to I<Squid Bugs E<lt>squid-bugs@squid-cache."
+"orgE<gt>>"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:94
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:320
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:66
+#: helpers/basic_auth/PAM/basic_pam_auth.8:108
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:119
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:104
+#: helpers/digest_auth/file/digest_file_auth.8:92
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:269
+#: helpers/external_acl/session/squid_session.8:88
+#: helpers/external_acl/unix_group/squid_unix_group.8:90 src/squid.8.in:259
+#: tools/cachemgr.cgi.8.in:75 tools/squidclient.1:187
msgid ""
"Report ideas for new improvements to the I<Squid Developers mailing list>"
msgstr ""
"Report ideas for new improvements to the I<Squid Developers mailing list>"
#. type: SH
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:93
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:319
-#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:65
-#: helpers/basic_auth/PAM/basic_pam_auth.8:107
-#: helpers/basic_auth/RADIUS/basic_radius_auth.8:118
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:268
-#: helpers/external_acl/session/squid_session.8:87
-#: helpers/external_acl/unix_group/squid_unix_group.8:92 src/squid.8.in:258
-#: tools/cachemgr.cgi.8.in:75 tools/squidclient.1:187
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:96
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:322
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:68
+#: helpers/basic_auth/PAM/basic_pam_auth.8:110
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:121
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:106
+#: helpers/digest_auth/file/digest_file_auth.8:94
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:271
+#: helpers/external_acl/session/squid_session.8:90
+#: helpers/external_acl/unix_group/squid_unix_group.8:95 src/squid.8.in:261
+#: tools/cachemgr.cgi.8.in:77 tools/squidclient.1:189
#, no-wrap
msgid "SEE ALSO"
msgstr "SEE ALSO"
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:20
#: helpers/basic_auth/PAM/basic_pam_auth.8:21
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:31
+#: helpers/digest_auth/file/digest_file_auth.8:20
#: helpers/external_acl/ldap_group/squid_ldap_group.8:49
#: helpers/external_acl/session/squid_session.8:26
#: helpers/external_acl/unix_group/squid_unix_group.8:19 src/squid.8.in:59
"than Squid."
#. type: Plain text
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:324
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:327
msgid "Your favorite LDAP documentation."
msgstr "Your favorite LDAP documentation."
#. type: Plain text
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:325
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:275
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:328
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:278
msgid "B<RFC2254> - The String Representation of LDAP Search Filters,"
msgstr "B<RFC2254> - The String Representation of LDAP Search Filters,"
msgstr "Squid B<basic_pam_auth> and this manual is Copyright 1999,2002,2003"
#. type: Plain text
-#: helpers/basic_auth/PAM/basic_pam_auth.8:114
+#: helpers/basic_auth/PAM/basic_pam_auth.8:117
msgid "PAM Systems Administrator Guide"
msgstr "PAM Systems Administrator Guide"
"to RADIUS than Squid."
#. type: Plain text
-#: helpers/basic_auth/RADIUS/basic_radius_auth.8:121
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:124
msgid "B<RFC2058> - Remote Authentication Dial In User Service (RADIUS)"
msgstr "B<RFC2058> - Remote Authentication Dial In User Service (RADIUS)"
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:7
+msgid ""
+"Basic Authentication using SASL (specifically the cyrus-sasl authentication "
+"method)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:9
+#: helpers/digest_auth/file/digest_file_auth.8:9
+#: helpers/external_acl/session/squid_session.8:9
+msgid "Version 1.0"
+msgstr "Version 1.0"
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:18
+msgid ""
+"B<basic_sasl_auth> is an installed binary helper for Squid. SASL is "
+"configurable (somewhat like PAM). Each service authenticating against SASL "
+"identifies itself with an application name. Each application can be "
+"configured independently by the SASL administrator."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:24
+msgid ""
+"To configure the authentication method used the file B<basic_sasl_auth.conf> "
+"can be placed in the appropriate location, usually B</usr/lib/sasl.>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:31
+msgid ""
+"The authentication database is defined by the B<pwcheck_method> parameter. "
+"Only the B<PLAIN> authentication mechanism is used."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:33
+msgid "Examples:"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:36
+msgid "use sasldb - the default if no conf file is installed."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:38
+#, fuzzy, no-wrap
+#| msgid "Squid PAM Basic authentication helper"
+msgid " - use PAM authentication database\n"
+msgstr "Squid PAM Basic authentication helper"
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:41
+#, no-wrap
+msgid ""
+" - use traditional \n"
+"B</etc/passwd>\n"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:43
+#, no-wrap
+msgid " - use slightly less traditional /etc/shadow\n"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:46
+msgid ""
+"Others methods may be supported by your cyrus-sasl implementation - consult "
+"your cyrus-sasl documentation for information."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:59
+msgid ""
+"Typically the authentication database ( B</etc/sasldb> , B</etc/shadow> , "
+"B<PAM> ) can not be accessed by a normal user. You should use setuid/setgid "
+"and an appropriate user/group on the executable to allow the authenticator "
+"to access the appropriate password database. If the access to the database "
+"is not permitted then the authenticator will typically fail with \"-1, "
+"generic error\"."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:74
+msgid ""
+"If the application name B<basic_sasl_auth> will also be used for the PAM "
+"service name if B<pwcheck_method:pam> is chosen. And example PAM "
+"configuration file B<basic_sasl_auth.pam> is also included."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:116
+#: helpers/digest_auth/file/digest_file_auth.8:98 src/squid.8.in:271
+msgid "The Squid FAQ wiki"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:119
+#: helpers/digest_auth/file/digest_file_auth.8:101 src/squid.8.in:274
+msgid "The Squid Configuration Manual"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:7
+#, fuzzy
+#| msgid "LDAP authentication helper for Squid"
+msgid "File based digest authentication helper for Squid."
+msgstr "LDAP authentication helper for Squid"
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:14 tools/squidclient.1:30
+msgid "file"
+msgstr "file"
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:19
+msgid ""
+"B<digest_file_auth> is an installed binary authentication program for Squid. "
+"It handles digest authentication protocol and authenticates against a text "
+"file backend."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:24
+msgid ""
+"Accept digest hashed passwords rather than plaintext in the password file"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:28
+msgid "Username database file format:"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:28
+#, no-wrap
+msgid "- comment lines are possible and should start with a '#';"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:31
+#, no-wrap
+msgid "- empty or blank lines are possible;"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:34
+#, no-wrap
+msgid "- plaintext entry format is username:password"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:37
+#, no-wrap
+msgid "- HA1 entry format is username:realm:HA1"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:50
+msgid ""
+"To build a directory integrated backend, you need to be able to calculate "
+"the HA1 returned to squid. To avoid storing a plaintext password you can "
+"calculate B<MD5(username:realm:password)> when the user changes their "
+"password, and store the tuple B<username:realm:HA1.> then find the matching "
+"B<username:realm> when squid asks for the HA1."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:58
+msgid ""
+"This implementation could be improved by using such a triple for the file "
+"format. However storing such a triple does little to improve security: If "
+"compromised the B<username:realm:HA1> combination is \"plaintext equivalent"
+"\" - for the purposes of digest authentication they allow the user access. "
+"Password syncronisation is not tackled by digest - just preventing on the "
+"wire compromise."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:64
+#, fuzzy
+#| msgid "Based on original code by"
+msgid "Based on prior work by"
+msgstr "Based on original code by"
+
#. type: Plain text
#: helpers/external_acl/ldap_group/squid_ldap_group.8:7
msgid "Squid LDAP external acl group helper"
"LDAP than Squid."
#. type: Plain text
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:274
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:277
msgid "Your favorite LDAP documentation"
msgstr "Your favorite LDAP documentation"
msgid "Squid session tracking external acl group helper."
msgstr "Squid session tracking external acl group helper."
-#. type: Plain text
-#: helpers/external_acl/session/squid_session.8:9
-msgid "Version 1.0"
-msgstr "Version 1.0"
-
#. type: Plain text
#: helpers/external_acl/session/squid_session.8:16
msgid "database"
"each alias by name."
#. type: Plain text
-#: helpers/external_acl/unix_group/squid_unix_group.8:90
+#: helpers/external_acl/unix_group/squid_unix_group.8:93
msgid "Additionally bugs or bug-fixes can be reported to"
msgstr "Additionally bugs or bug-fixes can be reported to"
#. type: Plain text
#: src/squid.8.in:13
#, fuzzy
-#| msgid "I<facility>"
msgid "facility"
msgstr "I<facility>"
#. type: Plain text
#: src/squid.8.in:15
#, fuzzy
-#| msgid "config file"
msgid "config-file"
msgstr "config file"
#. type: Plain text
#: src/squid.8.in:21
#, fuzzy
-#| msgid "service name"
msgid "service-name"
msgstr "service name"
#. type: Plain text
#: src/squid.8.in:32
#, fuzzy
-#| msgid ""
-#| "B<squid> is a high-performance proxy caching server for web clients, "
-#| "supporting FTP, gopher, ICAP, ICP, HTCP and HTTP data objects. Unlike "
-#| "traditional caching software, B<squid> handles all requests in a single, "
-#| "non-blocking process."
msgid ""
"B<squid> is a high-performance proxy caching server for web clients, "
"supporting FTP, gopher, ICAP, ICP, HTCP and HTTP data objects. Unlike "
#. type: Plain text
#: src/squid.8.in:36
#, fuzzy
-#| msgid ""
-#| "B<squid> keeps meta data and especially hot objects cached in RAM, caches "
-#| "DNS lookups, supports non-blocking DNS lookups, and implements negative "
-#| "caching of failed requests."
msgid ""
"Squid keeps meta data and especially hot objects cached in RAM, caches DNS "
"lookups, supports non-blocking DNS lookups, and implements negative caching "
#. type: Plain text
#: src/squid.8.in:41
#, fuzzy
-#| msgid ""
-#| "B<squid> supports SSL, extensive access controls, and full request "
-#| "logging. By using the lightweight Internet Cache Protocols ICP, HTCP or "
-#| "CARP, B<squid> caches can be arranged in a hierarchy or mesh for "
-#| "additional bandwidth savings."
msgid ""
"Squid supports SSL, extensive access controls, and full request logging. By "
"using the lightweight Internet Cache Protocols ICP, HTCP or CARP, Squid "
#. type: Plain text
#: src/squid.8.in:49
#, fuzzy
-#| msgid ""
-#| "B<squid> consists of a main server program squid, some optional programs "
-#| "for custom processing and authentication, and some management and client "
-#| "tools. When squid starts up, it spawns a configurable number of helper "
-#| "processes, each of which can perform parallel lookups. This reduces the "
-#| "amount of time the cache waits for results."
msgid ""
"Squid consists of a main server program B<squid> , some optional programs "
"for custom processing and authentication, and some management and client "
#. type: Plain text
#: src/squid.8.in:51
#, fuzzy
-#| msgid "B<squid> is derived from the ARPA-funded Harvest Project"
msgid "Squid is derived from the ARPA-funded Harvest Project."
msgstr "B<squid> is derived from the ARPA-funded Harvest Project"
#. type: Plain text
#: src/squid.8.in:57
#, fuzzy
-#| msgid ""
-#| "This manual page only lists the command line arguments. For details on "
-#| "how to configure B<squid> see the file B<@SYSCONFDIR@/squid.conf."
-#| "documented,> the Squid wiki FAQ and examples at http://wiki.squid-cache."
-#| "org/ , or the configuration manual on the B<squid> home page http://www."
-#| "squid-cache.org/Doc/config/"
msgid ""
"This manual page only lists the command line arguments. For details on how "
"to configure Squid see the file B<@SYSCONFDIR@/squid.conf.documented,> the "
#. type: Plain text
#: src/squid.8.in:66
#, fuzzy
-#| msgid ""
-#| "Specify HTTP port number where Squid should listen for requests, in "
-#| "addition to any http_port specifications in squid.conf."
msgid ""
"Specify HTTP port number where Squid should listen for requests, in addition "
"to any B<http_port> specifications in B<squid.conf>"
#. type: Plain text
#: src/squid.8.in:86
#, fuzzy
-#| msgid ""
-#| "Use the given config-file instead of I<@SYSCONFDIR@/squid.conf>. If the "
-#| "file name starts with a ! or | then it is assumed to be an external "
-#| "command or command line. Can for example be used to pre-process the "
-#| "configuration before it is being read by Squid. To facilitate this Squid "
-#| "also understands the common #line notion to indicate the real source file."
msgid ""
"Use the given config-file instead of B<@SYSCONFDIR@/squid.conf .> If the "
"file name starts with a B<!> or B<|> then it is assumed to be an external "
#. type: Plain text
#: src/squid.8.in:100
#, fuzzy
-#| msgid "Install as a Windows Service (see -n option)."
msgid "Install as a Windows Service (see B<-n> option)."
msgstr "Install as a Windows Service (see -n option)."
#. type: Plain text
#: src/squid.8.in:112
#, fuzzy
-#| msgid "Use specified syslog facility. implies -s"
msgid "Use specified syslog facility. implies B<-s>"
msgstr "Use specified syslog facility. implies -s"
#. type: Plain text
#: src/squid.8.in:131
#, fuzzy
-#| msgid "Install as a Windows Service (see -n option)."
msgid "Remove a Windows Service (see B<-n> option)."
msgstr "Install as a Windows Service (see -n option)."
#. type: Plain text
#: src/squid.8.in:178
#, fuzzy
-#| msgid ""
-#| "The main configuration file. You must initially make changes to this "
-#| "file for B<squid> to work. For example, the default configuration does "
-#| "not allow access from any browser."
msgid ""
"The main configuration file. You must initially make changes to this file "
"for B<squid> to work. For example, the default configuration does not allow "
#. type: Plain text
#: src/squid.8.in:198
#, fuzzy
-#| msgid "The main configuration file for the Sample MSNT authenticator."
msgid "The main configuration file for the web B<cachemgr.cgi> tools."
msgstr "The main configuration file for the Sample MSNT authenticator."
#. type: Plain text
#: src/squid.8.in:206
#, fuzzy
-#| msgid ""
-#| "CSS Stylesheet to control the display of generated error pages. Use this "
-#| "to set any company branding you need, it will apply to every Language "
-#| "Squid provides error pages for."
msgid ""
"CSS Stylesheet to control the display of generated error pages. Use this to "
"set any company branding you need, it will apply to every language Squid "
#. type: Plain text
#: src/squid.8.in:215
#, fuzzy
-#| msgid "Location of B<squid> error pages and templates."
msgid "Location of Squid error pages and templates."
msgstr "Location of B<squid> error pages and templates."
#. type: Plain text
#: src/squid.8.in:240
#, fuzzy
-#| msgid ""
-#| "This file is distributed in the hope that it will be useful, but WITHOUT "
-#| "ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or "
-#| "FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for "
-#| "more details."
msgid ""
"This program is free software; you can redistribute it and/or modify it "
"under the terms of the GNU General Public License (version 2) as published "
"contributions."
msgstr ""
-#. type: Plain text
-#: src/squid.8.in:268
-msgid "The Squid FAQ wiki"
-msgstr ""
-
-#. type: Plain text
-#: src/squid.8.in:271
-msgid "The Squid Configuration Manual"
-msgstr ""
-
#. type: Plain text
#: tools/cachemgr.cgi.8.in:7
msgid "Squid HTTP proxy manager CGI web interface"
"Laboratory for Applied Network Research and funded by the National Science "
"Foundation."
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:67 tools/squidclient.1:179
+msgid ""
+"See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what "
+"you need to include with your bug report."
+msgstr ""
+
#. type: Plain text
#: tools/squidclient.1:7
msgid "A simple HTTP web client tool"
msgid "method"
msgstr "method"
-#. type: Plain text
-#: tools/squidclient.1:30
-msgid "file"
-msgstr "file"
-
#. type: Plain text
#: tools/squidclient.1:36 tools/squidclient.1:38
msgid "user"
"X-Launchpad-Export-Date: 2010-01-10 09:04+0000\n"
"X-Generator: Launchpad (build Unknown)\n"
-#. type: TH
-#: doc/cachemgr.cgi.8.in:1
#, no-wrap
-msgid "cachemgr.cgi"
-msgstr "cachemgr.cgi"
+#~ msgid "cachemgr.cgi"
+#~ msgstr "cachemgr.cgi"
-#. type: TH
-#: doc/cachemgr.cgi.8.in:1 doc/squid.8.in:1
#, no-wrap
-msgid "@PACKAGE_STRING@"
-msgstr "@PACKAGE_STRING@"
+#~ msgid "@PACKAGE_STRING@"
+#~ msgstr "@PACKAGE_STRING@"
#. type: SH
#: doc/cachemgr.cgi.8.in:4 doc/squid.8.in:4
msgid "NAME"
msgstr "NOMBRE"
-#. type: Plain text
-#: doc/cachemgr.cgi.8.in:6
-msgid "cachemgr.cgi - squid HTTP proxy manager interface"
-msgstr ""
+#~ msgid "cachemgr.cgi - squid HTTP proxy manager interface"
+#~ msgstr ""
#. type: SH
#: doc/cachemgr.cgi.8.in:6 doc/squid.8.in:6
msgid "SYNOPSIS"
msgstr "SINOPSIS"
-#. type: Plain text
-#: doc/cachemgr.cgi.8.in:8
-msgid "B<http://your.server/cgi-bin/cachemgr.cgi>"
-msgstr "B<http://su.servidor/cgi-bin/cachemgr.cgi>"
+#~ msgid "B<http://your.server/cgi-bin/cachemgr.cgi>"
+#~ msgstr "B<http://su.servidor/cgi-bin/cachemgr.cgi>"
#. type: SH
#: doc/cachemgr.cgi.8.in:8 doc/squid.8.in:26
msgid "DESCRIPTION"
msgstr "DESCRIPCIÓN"
-#. type: Plain text
-#: doc/cachemgr.cgi.8.in:13
-msgid ""
-"The cache manager (cachemgr.cgi) is a CGI utility for displaying statistics "
-"about the Squid HTTP proxy process as it runs. The cache manager is a "
-"convenient way to manage the cache and view statistics without logging into "
-"the server."
-msgstr ""
-"El gestor del caché (cachemgr.cgi) es una utilidad CGI para mostrar "
-"estadísticas sobre el proxy Squid HTTP y cómo funciona. El gestor caché es "
-"una vía conveniente para controlar el caché y ver estadísticas sin tener que "
-"iniciar sesión server."
+#~ msgid ""
+#~ "The cache manager (cachemgr.cgi) is a CGI utility for displaying statistics "
+#~ "about the Squid HTTP proxy process as it runs. The cache manager is a "
+#~ "convenient way to manage the cache and view statistics without logging into "
+#~ "the server."
+#~ msgstr ""
+#~ "El gestor del caché (cachemgr.cgi) es una utilidad CGI para mostrar "
+#~ "estadísticas sobre el proxy Squid HTTP y cómo funciona. El gestor caché es "
+#~ "una vía conveniente para controlar el caché y ver estadísticas sin tener que "
+#~ "iniciar sesión server."
#. type: SH
#: doc/cachemgr.cgi.8.in:13 doc/squid.8.in:123
msgid "FILES"
msgstr "ARCHIVOS"
-#. type: Plain text
-#: doc/cachemgr.cgi.8.in:15
-msgid "I<./cachemgr.conf>"
-msgstr "I<./cachemgr.conf>"
+#~ msgid "I<./cachemgr.conf>"
+#~ msgstr "I<./cachemgr.conf>"
-#. type: Plain text
-#: doc/cachemgr.cgi.8.in:17
-msgid "I<@DEFAULT_CACHEMGR_CONFIG@>"
-msgstr "I<@DEFAULT_CACHEMGR_CONFIG@>"
+#~ msgid "I<@DEFAULT_CACHEMGR_CONFIG@>"
+#~ msgstr "I<@DEFAULT_CACHEMGR_CONFIG@>"
-#. type: Plain text
-#: doc/cachemgr.cgi.8.in:22
-msgid ""
-"The access configuration file defining which Squid servers may be managed "
-"via this cachemgr.cgi program. Each line specifies a B<server>:B<port> "
-"followed by an optional description"
-msgstr ""
+#~ msgid ""
+#~ "The access configuration file defining which Squid servers may be managed "
+#~ "via this cachemgr.cgi program. Each line specifies a B<server>:B<port> "
+#~ "followed by an optional description"
+#~ msgstr ""
#. type: Plain text
#: doc/cachemgr.cgi.8.in:26
+#: tools/cachemgr.cgi.8.in:38
msgid ""
"The server name may contain shell wildcard characters such as *, [] etc. A "
"quick selection dropdown menu is automatically constructed from the simple "
"server names."
msgstr ""
+"El nombre de servidor puede contener caracteres comodines como *, [], etc. "
+"Una lista desplegable es construida automática a partir de los nombres de "
+"servidores"
#. type: Plain text
#: doc/cachemgr.cgi.8.in:30
+#: tools/cachemgr.cgi.8.in:42
msgid ""
"Specifying :port is optional. If not specified then the default proxy port "
"is assumed. :* or :any matches any port on the target server."
msgstr ""
+"Especificar :puerto es opcional. Si no es especificado el puerto por defecto "
+"del proxy es usado. :* o :any implica cualquier puerto en el servidor "
+"destino"
#. type: SH
#: doc/cachemgr.cgi.8.in:31 helpers/basic_auth/NCSA/ncsa_auth.8:33
msgid "SECURITY"
msgstr "SEGURIDAD"
-#. type: Plain text
-#: doc/cachemgr.cgi.8.in:36
-msgid ""
-"cachemgr.cgi calls the requested server on the requested port using HTTP and "
-"returns a formatted version of the response. To avoid abuse it is "
-"recommended to configure your web server to restrict access to the cachemgr."
-"cgi program."
-msgstr ""
+#~ msgid ""
+#~ "cachemgr.cgi calls the requested server on the requested port using HTTP and "
+#~ "returns a formatted version of the response. To avoid abuse it is "
+#~ "recommended to configure your web server to restrict access to the cachemgr."
+#~ "cgi program."
+#~ msgstr ""
-#. type: Plain text
-#: doc/cachemgr.cgi.8.in:39
-msgid ""
-"Configuration examples for many common web servers can be found in the Squid "
-"FAQ."
-msgstr ""
+#~ msgid ""
+#~ "Configuration examples for many common web servers can be found in the Squid "
+#~ "FAQ."
+#~ msgstr ""
#. type: SH
#: doc/cachemgr.cgi.8.in:39 doc/squid.8.in:178
msgid "SEE ALSO"
msgstr "VEA TAMBIÉN"
-#. type: Plain text
-#: doc/cachemgr.cgi.8.in:41
-msgid "B<squid>(8)"
-msgstr "B<squid>(8)"
-
-#. Could add the following sections:
-#. .SH ENVIRONMENT
-#. .SH DIAGNOSTICS
-#. .SH BUGS
-#. .SH AUTHOR
-#. .SH SEE ALSO
-#. type: Plain text
-#: doc/cachemgr.cgi.8.in:49
-msgid "B<The Squid FAQ>, Chapter 9 The Cache Manager"
-msgstr ""
-
-#. type: TH
-#: doc/squid.8.in:1
-#, no-wrap
-msgid "squid"
-msgstr "squid"
-
-#. type: Plain text
-#: doc/squid.8.in:6
-msgid "squid - proxy caching server"
-msgstr ""
-
-#. type: Plain text
-#: doc/squid.8.in:26
-msgid ""
-"B<squid> [ B<-dhisrvzCFNRSVYX> ] [ B<-l>I< facility> ] [ B<-f>I< config-"
-"file> ] [ -[ B<au> ] I<port> ] [ B<-k signal> ] [ B<-n>I< service-name> ] "
-"[ B<-O>I< cmd-line> ]"
-msgstr ""
-
-#. type: Plain text
-#: doc/squid.8.in:33
-msgid ""
-"B<squid> is a high-performance proxy caching server for web clients, "
-"supporting FTP, gopher, ICAP, ICP, HTCP and HTTP data objects. Unlike "
-"traditional caching software, B<squid> handles all requests in a single, non-"
-"blocking process."
-msgstr ""
-
-#. type: Plain text
-#: doc/squid.8.in:38
-msgid ""
-"B<squid> keeps meta data and especially hot objects cached in RAM, caches "
-"DNS lookups, supports non-blocking DNS lookups, and implements negative "
-"caching of failed requests."
-msgstr ""
-
-#. type: Plain text
-#: doc/squid.8.in:45
-msgid ""
-"B<squid> supports SSL, extensive access controls, and full request logging. "
-"By using the lightweight Internet Cache Protocols ICP, HTCP or CARP, "
-"B<squid> caches can be arranged in a hierarchy or mesh for additional "
-"bandwidth savings."
-msgstr ""
-
-#. type: Plain text
-#: doc/squid.8.in:52
-msgid ""
-"B<squid> consists of a main server program squid, some optional programs for "
-"custom processing and authentication, and some management and client tools. "
-"When squid starts up, it spawns a configurable number of helper processes, "
-"each of which can perform parallel lookups. This reduces the amount of time "
-"the cache waits for results."
-msgstr ""
-
-#. type: Plain text
-#: doc/squid.8.in:56
-msgid ""
-"B<squid> is derived from the ARPA-funded Harvest Project http://harvest.cs."
-"colorado.edu/"
-msgstr ""
-
-#. type: Plain text
-#: doc/squid.8.in:67
-msgid ""
-"This manual page only lists the command line arguments. For details on how "
-"to configure B<squid> see the file B<@DEFAULT_CONFIG_FILE@.documented,> the "
-"Squid wiki FAQ and examples at http://wiki.squid-cache.org/ , or the "
-"configuration manual on the B<squid> home page http://www.squid-cache.org/"
-"Doc/config/"
-msgstr ""
+#~ msgid "B<squid>(8)"
+#~ msgstr "B<squid>(8)"
+
+#~ msgid "B<The Squid FAQ>, Chapter 9 The Cache Manager"
+#~ msgstr ""
+
+#, no-wrap
+#~ msgid "squid"
+#~ msgstr "squid"
+
+#~ msgid "squid - proxy caching server"
+#~ msgstr ""
+
+#~ msgid ""
+#~ "B<squid> [ B<-dhisrvzCFNRSVYX> ] [ B<-l>I< facility> ] [ B<-f>I< config-"
+#~ "file> ] [ -[ B<au> ] I<port> ] [ B<-k signal> ] [ B<-n>I< service-name> ] "
+#~ "[ B<-O>I< cmd-line> ]"
+#~ msgstr ""
+
+#~ msgid ""
+#~ "B<squid> is a high-performance proxy caching server for web clients, "
+#~ "supporting FTP, gopher, ICAP, ICP, HTCP and HTTP data objects. Unlike "
+#~ "traditional caching software, B<squid> handles all requests in a single, non-"
+#~ "blocking process."
+#~ msgstr ""
+
+#~ msgid ""
+#~ "B<squid> keeps meta data and especially hot objects cached in RAM, caches "
+#~ "DNS lookups, supports non-blocking DNS lookups, and implements negative "
+#~ "caching of failed requests."
+#~ msgstr ""
+
+#~ msgid ""
+#~ "B<squid> supports SSL, extensive access controls, and full request logging. "
+#~ "By using the lightweight Internet Cache Protocols ICP, HTCP or CARP, "
+#~ "B<squid> caches can be arranged in a hierarchy or mesh for additional "
+#~ "bandwidth savings."
+#~ msgstr ""
+
+#~ msgid ""
+#~ "B<squid> consists of a main server program squid, some optional programs for "
+#~ "custom processing and authentication, and some management and client tools. "
+#~ "When squid starts up, it spawns a configurable number of helper processes, "
+#~ "each of which can perform parallel lookups. This reduces the amount of time "
+#~ "the cache waits for results."
+#~ msgstr ""
+
+#~ msgid ""
+#~ "B<squid> is derived from the ARPA-funded Harvest Project http://harvest.cs."
+#~ "colorado.edu/"
+#~ msgstr ""
+
+#~ msgid ""
+#~ "This manual page only lists the command line arguments. For details on how "
+#~ "to configure B<squid> see the file B<@DEFAULT_CONFIG_FILE@.documented,> the "
+#~ "Squid wiki FAQ and examples at http://wiki.squid-cache.org/ , or the "
+#~ "configuration manual on the B<squid> home page http://www.squid-cache.org/"
+#~ "Doc/config/"
+#~ msgstr ""
#. type: SH
#: doc/squid.8.in:69 helpers/basic_auth/NCSA/ncsa_auth.8:29
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:62
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:20
+#: helpers/basic_auth/PAM/basic_pam_auth.8:21
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:31
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:49
+#: helpers/external_acl/session/squid_session.8:26
+#: helpers/external_acl/unix_group/squid_unix_group.8:19
+#: src/squid.8.in:59
+#: tools/squidclient.1:56
#, no-wrap
msgid "OPTIONS"
-msgstr ""
+msgstr "OPCIONES"
-#. type: IP
-#: doc/squid.8.in:70
#, no-wrap
-msgid "-a port"
-msgstr "-a puerto"
+#~ msgid "-a port"
+#~ msgstr "-a puerto"
-#. type: Plain text
-#: doc/squid.8.in:73
-msgid ""
-"Specify HTTP port number where Squid should listen for requests, in addition "
-"to any http_port specifications in squid.conf."
-msgstr ""
+#~ msgid ""
+#~ "Specify HTTP port number where Squid should listen for requests, in addition "
+#~ "to any http_port specifications in squid.conf."
+#~ msgstr ""
-#. type: IP
-#: doc/squid.8.in:73
#, no-wrap
-msgid "-d level"
-msgstr "-d nivel"
+#~ msgid "-d level"
+#~ msgstr "-d nivel"
#. type: Plain text
#: doc/squid.8.in:75
+#: src/squid.8.in:74
msgid "Write debugging to stderr also."
-msgstr ""
+msgstr "Escribir informe para depuración en stderr también"
-#. type: IP
-#: doc/squid.8.in:75
#, no-wrap
-msgid "-f file"
-msgstr "-f archivo"
+#~ msgid "-f file"
+#~ msgstr "-f archivo"
-#. type: Plain text
-#: doc/squid.8.in:82
-msgid ""
-"Use the given config-file instead of I<@DEFAULT_CONFIG_FILE@>. If the file "
-"name starts with a ! or | then it is assumed to be an external command or "
-"command line. Can for example be used to pre-process the configuration "
-"before it is being read by Squid. To facilitate this Squid also understands "
-"the common #line notion to indicate the real source file."
-msgstr ""
+#~ msgid ""
+#~ "Use the given config-file instead of I<@DEFAULT_CONFIG_FILE@>. If the file "
+#~ "name starts with a ! or | then it is assumed to be an external command or "
+#~ "command line. Can for example be used to pre-process the configuration "
+#~ "before it is being read by Squid. To facilitate this Squid also understands "
+#~ "the common #line notion to indicate the real source file."
+#~ msgstr ""
-#. type: IP
-#: doc/squid.8.in:82
#, no-wrap
-msgid "-h"
-msgstr ""
+#~ msgid "-h"
+#~ msgstr ""
#. type: Plain text
#: doc/squid.8.in:84
msgid "Print help message."
msgstr "Imprimir mensaje de ayuda."
-#. type: IP
-#: doc/squid.8.in:84
#, no-wrap
-msgid "-i"
-msgstr ""
+#~ msgid "-i"
+#~ msgstr ""
-#. type: Plain text
-#: doc/squid.8.in:86
-msgid "Install as a Windows Service (see -n option)."
-msgstr ""
+#~ msgid "Install as a Windows Service (see -n option)."
+#~ msgstr ""
-#. type: IP
-#: doc/squid.8.in:86
#, no-wrap
-msgid "-k reconfigure | rotate | shutdown | interrupt | kill | debug | check | parse"
-msgstr "-k reconfigure | rotate | shutdown | interrupt | kill | debug | check | parse"
+#~ msgid "-k reconfigure | rotate | shutdown | interrupt | kill | debug | check | parse"
+#~ msgstr "-k reconfigure | rotate | shutdown | interrupt | kill | debug | check | parse"
-#. type: Plain text
-#: doc/squid.8.in:89
-msgid ""
-"Parse configuration file, then send signal to running copy (except -k parse) "
-"and exit."
-msgstr ""
+#~ msgid ""
+#~ "Parse configuration file, then send signal to running copy (except -k parse) "
+#~ "and exit."
+#~ msgstr ""
-#. type: IP
-#: doc/squid.8.in:89
#, no-wrap
-msgid "-n name"
-msgstr "-n nombre"
+#~ msgid "-n name"
+#~ msgstr "-n nombre"
#. type: Plain text
#: doc/squid.8.in:92
+#: src/squid.8.in:117
msgid ""
"Specify Windows Service name to use for service operations, default is: "
"B<Squid>"
msgstr ""
+"Especificar el nombre de servicio Windows a usar para las operaciones del "
+"servicio, el valor por defecto es B<Squid>"
-#. type: IP
-#: doc/squid.8.in:93
#, no-wrap
-msgid "-r"
-msgstr ""
+#~ msgid "-r"
+#~ msgstr ""
-#. type: Plain text
-#: doc/squid.8.in:95
-msgid "Remove a Windows Service (see -n option)."
-msgstr ""
+#~ msgid "Remove a Windows Service (see -n option)."
+#~ msgstr ""
-#. type: IP
-#: doc/squid.8.in:95
#, no-wrap
-msgid "-s"
-msgstr ""
+#~ msgid "-s"
+#~ msgstr ""
-#. type: Plain text
-#: doc/squid.8.in:98
-msgid "Enable logging to syslog. Also configurable in B<@DEFAULT_CONFIG_FILE@>"
-msgstr ""
+#~ msgid "Enable logging to syslog. Also configurable in B<@DEFAULT_CONFIG_FILE@>"
+#~ msgstr ""
-#. type: IP
-#: doc/squid.8.in:98
#, no-wrap
-msgid "-l facility"
-msgstr ""
+#~ msgid "-l facility"
+#~ msgstr ""
-#. type: Plain text
-#: doc/squid.8.in:100
-msgid "Use specified syslog facility. implies -s"
-msgstr ""
+#~ msgid "Use specified syslog facility. implies -s"
+#~ msgstr ""
-#. type: IP
-#: doc/squid.8.in:100
#, no-wrap
-msgid "-u port"
-msgstr "-u puerto"
+#~ msgid "-u port"
+#~ msgstr "-u puerto"
#. type: Plain text
#: doc/squid.8.in:102
+#: src/squid.8.in:150
msgid "Specify ICP port number (default: 3130), disable with 0."
msgstr ""
+"Especificar el número de puerto ICP (por defecto: 3130), deshabilitado con 0"
-#. type: IP
-#: doc/squid.8.in:102
#, no-wrap
-msgid "-v"
-msgstr ""
+#~ msgid "-v"
+#~ msgstr ""
#. type: Plain text
#: doc/squid.8.in:104
+#: src/squid.8.in:154
msgid "Print version and build details."
-msgstr ""
+msgstr "Imprimir versión y detalles de la compilación"
-#. type: IP
-#: doc/squid.8.in:104
#, no-wrap
-msgid "-z"
-msgstr "-z"
+#~ msgid "-z"
+#~ msgstr "-z"
#. type: Plain text
#: doc/squid.8.in:106
+#: src/squid.8.in:170
msgid "Create swap directories"
-msgstr ""
+msgstr "Crear directorios de intercambio"
-#. type: IP
-#: doc/squid.8.in:106
#, no-wrap
-msgid "-C"
-msgstr "-C"
+#~ msgid "-C"
+#~ msgstr "-C"
#. type: Plain text
#: doc/squid.8.in:108
+#: src/squid.8.in:70
msgid "Do not catch fatal signals."
-msgstr ""
+msgstr "No capturar señales de interrupción fatales"
-#. type: IP
-#: doc/squid.8.in:108
#, no-wrap
-msgid "-F"
-msgstr "-F"
+#~ msgid "-F"
+#~ msgstr "-F"
#. type: Plain text
#: doc/squid.8.in:110
+#: src/squid.8.in:90
msgid "Don't serve any requests until store is rebuilt."
msgstr ""
+"No responder niguna solicitud hasta que el almacén del caché sea "
+"reconstruido"
-#. type: IP
-#: doc/squid.8.in:110
#, no-wrap
-msgid "-N"
-msgstr "-N"
+#~ msgid "-N"
+#~ msgstr "-N"
#. type: Plain text
#: doc/squid.8.in:112
+#: src/squid.8.in:121
msgid "No daemon mode."
-msgstr ""
+msgstr "No ejecutar en modo servicio"
-#. type: IP
-#: doc/squid.8.in:112
#, no-wrap
-msgid "-O options"
-msgstr "-O opciones"
+#~ msgid "-O options"
+#~ msgstr "-O opciones"
#. type: Plain text
#: doc/squid.8.in:114
+#: src/squid.8.in:125
msgid "Set Windows Service Command line options in Registry."
msgstr ""
+"Configurar las opciones de línea de comando para el servicio Windows en el "
+"Registro"
-#. type: IP
-#: doc/squid.8.in:114
#, no-wrap
-msgid "-R"
-msgstr "-R"
+#~ msgid "-R"
+#~ msgstr "-R"
-#. type: Plain text
-#: doc/squid.8.in:116
-msgid "Do not set REUSEADDR on port."
-msgstr ""
+#~ msgid "Do not set REUSEADDR on port."
+#~ msgstr ""
-#. type: IP
-#: doc/squid.8.in:116
#, no-wrap
-msgid "-S"
-msgstr "-S"
+#~ msgid "-S"
+#~ msgstr "-S"
#. type: Plain text
#: doc/squid.8.in:118
+#: src/squid.8.in:146
msgid "Double-check swap during rebuild."
-msgstr ""
+msgstr "Verificar el área de intercambio durante la reconstrucción"
-#. type: IP
-#: doc/squid.8.in:118
#, no-wrap
-msgid "-X"
-msgstr "-X"
+#~ msgid "-X"
+#~ msgstr "-X"
#. type: Plain text
#: doc/squid.8.in:120
+#: src/squid.8.in:158
msgid "Force full debugging."
-msgstr ""
+msgstr "Forzar depuración completa"
-#. type: IP
-#: doc/squid.8.in:120
#, no-wrap
-msgid "-Y"
-msgstr "-Y"
+#~ msgid "-Y"
+#~ msgstr "-Y"
-#. type: Plain text
-#: doc/squid.8.in:122
-msgid "Only return UDP_HIT or UDP_MISS_NOFETCH during fast reload."
-msgstr ""
+#~ msgid "Only return UDP_HIT or UDP_MISS_NOFETCH during fast reload."
+#~ msgstr ""
-#. type: Plain text
-#: doc/squid.8.in:125
-msgid "I<@DEFAULT_CONFIG_FILE@>"
-msgstr ""
+#~ msgid "I<@DEFAULT_CONFIG_FILE@>"
+#~ msgstr ""
-#. type: Plain text
-#: doc/squid.8.in:131
-msgid ""
-"The main configuration file. You must initially make changes to this file "
-"for B<squid> to work. For example, the default configuration does not allow "
-"access from any browser."
-msgstr ""
+#~ msgid ""
+#~ "The main configuration file. You must initially make changes to this file "
+#~ "for B<squid> to work. For example, the default configuration does not allow "
+#~ "access from any browser."
+#~ msgstr ""
-#. type: Plain text
-#: doc/squid.8.in:134
-msgid "I<*.default files>"
-msgstr "I<*.default files>"
+#~ msgid "I<*.default files>"
+#~ msgstr "I<*.default files>"
-#. type: Plain text
-#: doc/squid.8.in:138
-msgid ""
-"Reference copy of the configuration file. Always kept up to date with the "
-"version of Squid you are using. Use this to look up the default "
-"configuration settings and syntax after upgrading."
-msgstr ""
+#~ msgid ""
+#~ "Reference copy of the configuration file. Always kept up to date with the "
+#~ "version of Squid you are using. Use this to look up the default "
+#~ "configuration settings and syntax after upgrading."
+#~ msgstr ""
-#. type: Plain text
-#: doc/squid.8.in:141
-msgid "I<@DEFAULT_CONFIG_FILE@.documented>"
-msgstr ""
+#~ msgid "I<@DEFAULT_CONFIG_FILE@.documented>"
+#~ msgstr ""
-#. type: Plain text
-#: doc/squid.8.in:147
-msgid ""
-"Reference copy of the configuration file. Always kept up to date with the "
-"version of Squid you are using. Use this to read the documentation for "
-"configuration options available in your build of Squid. The online "
-"configuration manual is also available for a full reference of options. "
-"B<see>http://www.squid-cache.org/Doc/config/"
-msgstr ""
+#~ msgid ""
+#~ "Reference copy of the configuration file. Always kept up to date with the "
+#~ "version of Squid you are using. Use this to read the documentation for "
+#~ "configuration options available in your build of Squid. The online "
+#~ "configuration manual is also available for a full reference of options. "
+#~ "B<see>http://www.squid-cache.org/Doc/config/"
+#~ msgstr ""
-#. type: Plain text
-#: doc/squid.8.in:150
-msgid "I<cachemgr.conf>"
-msgstr "I<cachemgr.conf>"
+#~ msgid "I<cachemgr.conf>"
+#~ msgstr "I<cachemgr.conf>"
-#. type: Plain text
-#: doc/squid.8.in:152
-msgid "The main configuration file for the web cachemgr.cgi tools."
-msgstr ""
+#~ msgid "The main configuration file for the web cachemgr.cgi tools."
+#~ msgstr ""
-#. type: Plain text
-#: doc/squid.8.in:155
-msgid "I<msntauth.conf>"
-msgstr "I<msntauth.conf>"
+#~ msgid "I<msntauth.conf>"
+#~ msgstr "I<msntauth.conf>"
#. type: Plain text
#: doc/squid.8.in:157
+#: src/squid.8.in:201
msgid "The main configuration file for the Sample MSNT authenticator."
msgstr ""
+"El archivo de configuración principal para la autenticación de dominio "
+"Windows NT"
-#. type: Plain text
-#: doc/squid.8.in:160
-msgid "I<errorpage.css>"
-msgstr "I<errorpage.css>"
+#~ msgid "I<errorpage.css>"
+#~ msgstr "I<errorpage.css>"
-#. type: Plain text
-#: doc/squid.8.in:164
-msgid ""
-"CSS Stylesheet to control the display of generated error pages. Use this to "
-"set any company branding you need, it will apply to every Language Squid "
-"provides error pages for."
-msgstr ""
+#~ msgid ""
+#~ "CSS Stylesheet to control the display of generated error pages. Use this to "
+#~ "set any company branding you need, it will apply to every Language Squid "
+#~ "provides error pages for."
+#~ msgstr ""
-#. type: Plain text
-#: doc/squid.8.in:167
-msgid "I<@DEFAULT_MIME_TABLE@ (mime_table)>"
-msgstr ""
+#~ msgid "I<@DEFAULT_MIME_TABLE@ (mime_table)>"
+#~ msgstr ""
#. type: Plain text
#: doc/squid.8.in:169
+#: src/squid.8.in:212
msgid "MIME type mappings for FTP gatewaying"
-msgstr ""
+msgstr "Correspondencia de tipos MIME para tráfico FTP"
-#. type: Plain text
-#: doc/squid.8.in:172
-msgid "I<@DEFAULT_ERROR_DIR@>"
-msgstr ""
+#~ msgid "I<@DEFAULT_ERROR_DIR@>"
+#~ msgstr ""
-#. type: Plain text
-#: doc/squid.8.in:176
-msgid "Location of B<squid> error pages and templates."
-msgstr ""
+#~ msgid "Location of B<squid> error pages and templates."
+#~ msgstr ""
-#. type: Plain text
-#: doc/squid.8.in:185
-msgid ""
-"B<cachemgr.cgi>(8), B<pam_auth>(8), B<squid_ldap_auth>(8), "
-"B<squid_ldap_group>(8), B<squid_session>(8), B<squid_unix_group>(8),"
-msgstr ""
+#~ msgid ""
+#~ "B<cachemgr.cgi>(8), B<pam_auth>(8), B<squid_ldap_auth>(8), "
+#~ "B<squid_ldap_group>(8), B<squid_session>(8), B<squid_unix_group>(8),"
+#~ msgstr ""
-#. type: Plain text
-#: doc/squid.8.in:188
-msgid ""
-"B<The Squid FAQ wiki http://wiki.squid-cache.org/SquidFaq> B<The Squid "
-"Configuration Manual http://www.squid-cache.org/Doc/config/>"
-msgstr ""
+#~ msgid ""
+#~ "B<The Squid FAQ wiki http://wiki.squid-cache.org/SquidFaq> B<The Squid "
+#~ "Configuration Manual http://www.squid-cache.org/Doc/config/>"
+#~ msgstr ""
-#. type: TH
-#: helpers/basic_auth/NCSA/ncsa_auth.8:13
#, no-wrap
-msgid "ncsa_auth"
-msgstr "ncsa_auth"
+#~ msgid "ncsa_auth"
+#~ msgstr "ncsa_auth"
-#. type: TH
-#: helpers/basic_auth/NCSA/ncsa_auth.8:13
#, no-wrap
-msgid "May 16, 2006"
-msgstr "16 de mayo, 2006"
+#~ msgid "May 16, 2006"
+#~ msgstr "16 de mayo, 2006"
-#. type: TH
-#: helpers/basic_auth/NCSA/ncsa_auth.8:13
#, no-wrap
-msgid "Squid NCSA Auth helper"
-msgstr ""
+#~ msgid "Squid NCSA Auth helper"
+#~ msgstr ""
-#. type: Plain text
-#: helpers/basic_auth/NCSA/ncsa_auth.8:17
-msgid ""
-"ncsa_auth - NCSA httpd-style password file authentication helper for Squid"
-msgstr ""
+#~ msgid ""
+#~ "ncsa_auth - NCSA httpd-style password file authentication helper for Squid"
+#~ msgstr ""
-#. type: Plain text
-#: helpers/basic_auth/NCSA/ncsa_auth.8:21
#, no-wrap
-msgid "B<ncsa_auth> I<passwdfile> \n"
-msgstr "B<ncsa_auth> I<passwdfile> \n"
+
#~ msgid "B<ncsa_auth> I<passwdfile> \n"
+
#~ msgstr "B<ncsa_auth> I<passwdfile> \n"
-#. type: Plain text
-#: helpers/basic_auth/NCSA/ncsa_auth.8:25
-msgid ""
-"B<ncsa_auth> allows Squid to read and authenticate user and password "
-"information from an NCSA/Apache httpd-style password file when using basic "
-"HTTP authentication."
-msgstr ""
+#~ msgid ""
+#~ "B<ncsa_auth> allows Squid to read and authenticate user and password "
+#~ "information from an NCSA/Apache httpd-style password file when using basic "
+#~ "HTTP authentication."
+#~ msgstr ""
-#. type: Plain text
-#: helpers/basic_auth/NCSA/ncsa_auth.8:27
-msgid ""
-"The only parameter is the password file. It must have permissions to be "
-"read by the user that Squid is running as (cache_effective_user in squid."
-"conf)."
-msgstr ""
+#~ msgid ""
+#~ "The only parameter is the password file. It must have permissions to be "
+#~ "read by the user that Squid is running as (cache_effective_user in squid."
+#~ "conf)."
+#~ msgstr ""
-#. type: Plain text
-#: helpers/basic_auth/NCSA/ncsa_auth.8:29
-msgid "This password file can be manipulated using htpasswd."
-msgstr ""
+#~ msgid "This password file can be manipulated using htpasswd."
+#~ msgstr ""
-#. type: Plain text
-#: helpers/basic_auth/NCSA/ncsa_auth.8:31
-msgid "Only specify the password file name."
-msgstr ""
+#~ msgid "Only specify the password file name."
+#~ msgstr ""
-#. type: SH
-#: helpers/basic_auth/NCSA/ncsa_auth.8:31
-#: helpers/external_acl/session/squid_session.8:34
#, no-wrap
-msgid "EXAMPLE"
-msgstr ""
+#~ msgid "EXAMPLE"
+#~ msgstr ""
-#. type: Plain text
-#: helpers/basic_auth/NCSA/ncsa_auth.8:33
-msgid "B<ncsa_auth> /etc/squid/squid.pass"
-msgstr ""
+#~ msgid "B<ncsa_auth> /etc/squid/squid.pass"
+#~ msgstr ""
-#. type: Plain text
-#: helpers/basic_auth/NCSA/ncsa_auth.8:35
-msgid "B<ncsa_auth> must have access to the password file to be executed."
-msgstr ""
+#~ msgid "B<ncsa_auth> must have access to the password file to be executed."
+#~ msgstr ""
-#. type: Plain text
-#: helpers/basic_auth/NCSA/ncsa_auth.8:37
-msgid "B<htpasswd>(1), B<squid>(8)"
-msgstr ""
+#~ msgid "B<htpasswd>(1), B<squid>(8)"
+#~ msgstr ""
#. type: SH
#: helpers/basic_auth/NCSA/ncsa_auth.8:37 helpers/basic_auth/PAM/pam_auth.8:70
#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:65
#: helpers/external_acl/session/squid_session.8:47
#: helpers/external_acl/unix_group/squid_unix_group.8:41
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:61
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:288
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:30
+#: helpers/basic_auth/PAM/basic_pam_auth.8:80
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:85
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:232
+#: helpers/external_acl/session/squid_session.8:63
+#: helpers/external_acl/unix_group/squid_unix_group.8:62
+#: src/squid.8.in:216
+#: tools/cachemgr.cgi.8.in:51
+#: tools/squidclient.1:163
#, no-wrap
msgid "AUTHOR"
-msgstr ""
+msgstr "AUTOR"
-#. type: Plain text
-#: helpers/basic_auth/NCSA/ncsa_auth.8:38
-msgid "Manpage written by Rodrigo Rubira Branco E<lt>rrbranco@br.ibm.comE<gt>"
-msgstr ""
+#~ msgid "Manpage written by Rodrigo Rubira Branco E<lt>rrbranco@br.ibm.comE<gt>"
+#~ msgstr ""
-#. type: TH
-#: helpers/basic_auth/PAM/pam_auth.8:1
#, no-wrap
-msgid "pam_auth"
-msgstr ""
+#~ msgid "pam_auth"
+#~ msgstr ""
-#. type: TH
-#: helpers/basic_auth/PAM/pam_auth.8:1
#, no-wrap
-msgid "5 Sep 2003"
-msgstr ""
+#~ msgid "5 Sep 2003"
+#~ msgstr ""
-#. type: TH
-#: helpers/basic_auth/PAM/pam_auth.8:1
#, no-wrap
-msgid "Squid PAM Auth"
-msgstr ""
+#~ msgid "Squid PAM Auth"
+#~ msgstr ""
-#. type: Plain text
-#: helpers/basic_auth/PAM/pam_auth.8:5
-msgid "pam_auth - Squid PAM authentication helper"
-msgstr ""
+#~ msgid "pam_auth - Squid PAM authentication helper"
+#~ msgstr ""
-#. type: Plain text
-#: helpers/basic_auth/PAM/pam_auth.8:8
-msgid "squid_pam_auth [-n \"service name\"] [-t TTL] [-o] [-1]"
-msgstr ""
+#~ msgid "squid_pam_auth [-n \"service name\"] [-t TTL] [-o] [-1]"
+#~ msgstr ""
-#. type: Plain text
-#: helpers/basic_auth/PAM/pam_auth.8:13
-msgid ""
-"This helper allows Squid to connect to a mostly any available PAM database "
-"to validate the user name and password of Basic HTTP authentication."
-msgstr ""
+#~ msgid ""
+#~ "This helper allows Squid to connect to a mostly any available PAM database "
+#~ "to validate the user name and password of Basic HTTP authentication."
+#~ msgstr ""
-#. type: TP
-#: helpers/basic_auth/PAM/pam_auth.8:14
#, no-wrap
-msgid "B<-s >I<service-name>"
-msgstr ""
+#~ msgid "B<-s >I<service-name>"
+#~ msgstr ""
-#. type: Plain text
-#: helpers/basic_auth/PAM/pam_auth.8:17
-msgid "Specifies the PAM service name Squid uses, defaults to \"squid\""
-msgstr ""
+#~ msgid "Specifies the PAM service name Squid uses, defaults to \"squid\""
+#~ msgstr ""
-#. type: TP
-#: helpers/basic_auth/PAM/pam_auth.8:18
#, no-wrap
-msgid "B<-t >I<TTL>"
-msgstr ""
+#~ msgid "B<-t >I<TTL>"
+#~ msgstr ""
#. type: Plain text
#: helpers/basic_auth/PAM/pam_auth.8:26
+#: helpers/basic_auth/PAM/basic_pam_auth.8:35
msgid ""
"Enables persistent PAM connections where the connection to the PAM database "
"is kept open and reused for new logins. The TTL specifies how long the "
"slightly outside the PAM specification and may not work with all PAM "
"configurations."
msgstr ""
+"Permite conexiones PAM persistentes cuando la base de datos PAM se mantiene "
+"abierta y es reusada para nuevos inicios de sesión. El parámetro TTL "
+"especifica cuánto tiempo debe perrmanecer abierta (en segundos). La "
+"configuración predeterminada es no manter la conexiones PAM abiertas. Por "
+"favor, observe que el uso de conexiones PAM persistentes está fuera de la "
+"especificación PAM y es posible que no funcione con algunas configuraciones "
+"PAM"
-#. type: TP
-#: helpers/basic_auth/PAM/pam_auth.8:27
#, no-wrap
-msgid "B<-o>"
-msgstr ""
+#~ msgid "B<-o>"
+#~ msgstr ""
#. type: Plain text
#: helpers/basic_auth/PAM/pam_auth.8:31
+#: helpers/basic_auth/PAM/basic_pam_auth.8:40
msgid ""
"Do not perform the PAM account management group (account expiration etc)"
msgstr ""
+"No ejecutar el grupo de administración de cuentas PAM (expiración de cuenta, "
+"etc)"
#. type: SH
#: helpers/basic_auth/PAM/pam_auth.8:33
#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:44
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:34
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:242
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:24
+#: helpers/basic_auth/PAM/basic_pam_auth.8:41
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:61
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:209
+#: helpers/external_acl/session/squid_session.8:50
+#: helpers/external_acl/unix_group/squid_unix_group.8:33
+#: tools/cachemgr.cgi.8.in:19
#, no-wrap
msgid "CONFIGURATION"
-msgstr ""
+msgstr "CONFIGURACIÓN"
-#. type: Plain text
-#: helpers/basic_auth/PAM/pam_auth.8:39
-msgid ""
-"The program needs a PAM service to be configured in B</etc/pam.conf> or B</"
-"etc/pam.d/E<lt>servicenameE<gt>>"
-msgstr ""
+#~ msgid ""
+#~ "The program needs a PAM service to be configured in B</etc/pam.conf> or B</"
+#~ "etc/pam.d/E<lt>servicenameE<gt>>"
+#~ msgstr ""
-#. type: Plain text
-#: helpers/basic_auth/PAM/pam_auth.8:44
-msgid ""
-"The default service name is \"squid\", and the program makes use of the "
-"'B<auth>' and 'B<account>' management groups to verify the password and the "
-"accounts validity."
-msgstr ""
+#~ msgid ""
+#~ "The default service name is \"squid\", and the program makes use of the "
+#~ "'B<auth>' and 'B<account>' management groups to verify the password and the "
+#~ "accounts validity."
+#~ msgstr ""
#. type: Plain text
#: helpers/basic_auth/PAM/pam_auth.8:48
+#: helpers/basic_auth/PAM/basic_pam_auth.8:58
msgid ""
"For details on how to configure PAM services, see the PAM documentation for "
"your system. This manual does not cover PAM configuration details."
msgstr ""
+"Para detalles sobre cómo configurar el servicio PAM, vea la configuración "
+"PAM de su sistema. Este manual no cubre los detalles de la configuración "
+"PAM."
#. type: SH
#: helpers/basic_auth/PAM/pam_auth.8:49
#: helpers/external_acl/unix_group/squid_unix_group.8:36
+#: helpers/basic_auth/PAM/basic_pam_auth.8:59
#, no-wrap
msgid "NOTES"
-msgstr ""
+msgstr "NOTAS"
#. type: Plain text
#: helpers/basic_auth/PAM/pam_auth.8:56
+#: helpers/basic_auth/PAM/basic_pam_auth.8:66
msgid ""
"When used for authenticating to local UNIX shadow password databases the "
"program must be running as root or else it won't have sufficient permissions "
"to access the user password database. Such use of this program is not "
"recommended, but if you absolutely need to then make the program setuid root"
msgstr ""
+"Cuando es usado para autenticación en un sistema local UNIX contra la base "
+"de datos de contraseñas shadow el programa debe ejecutarse como root o no se "
+"tienen los suficientes privilegios de acceso a la base de datos de "
+"usuarios. NO es recomendado usar este programa de esa forma, pero si es "
+"absolutamente necesaria establezca el bit de usuario a root."
-#. type: Plain text
-#: helpers/basic_auth/PAM/pam_auth.8:59
-msgid "B<chown root pam_auth>"
-msgstr ""
+#~ msgid "B<chown root pam_auth>"
+#~ msgstr ""
-#. type: Plain text
-#: helpers/basic_auth/PAM/pam_auth.8:61
-msgid "B<chmod u+s pam_auth>"
-msgstr ""
+#~ msgid "B<chmod u+s pam_auth>"
+#~ msgstr ""
#. type: Plain text
#: helpers/basic_auth/PAM/pam_auth.8:69
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:60
+#: helpers/basic_auth/PAM/basic_pam_auth.8:79
msgid ""
"Please note that in such configurations it is also strongly recommended that "
"the program is moved into a directory where normal users cannot access it, "
"author cannot be held responsible for any security issues due to such "
"installations."
msgstr ""
+"Por favor tenga en cuenta que en algunas configuraciones es muy recomendable "
+"que el programa se mueva a un directorio donde los usuarios normales no "
+"pueden acceder a él, de otro modo permitirá que se puedan obtener "
+"contraseñas de los usuarios. También tenga en cuenta que el programa no ha "
+"sido auditado y el autor no puede ser considerado responsable de cualquier "
+"problema de seguridad debido a dicha instalación."
-#. type: Plain text
-#: helpers/basic_auth/PAM/pam_auth.8:73
-msgid ""
-"Squid pam_auth and this manual is written by I<Henrik Nordstrom "
-"E<lt>hno@squid-cache.orgE<gt>>"
-msgstr ""
+#~ msgid ""
+#~ "Squid pam_auth and this manual is written by I<Henrik Nordstrom "
+#~ "E<lt>hno@squid-cache.orgE<gt>>"
+#~ msgstr ""
#. type: SH
#: helpers/basic_auth/PAM/pam_auth.8:74
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:73
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:296
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:37
+#: helpers/basic_auth/PAM/basic_pam_auth.8:84
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:95
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:245
+#: helpers/external_acl/session/squid_session.8:67
+#: helpers/external_acl/unix_group/squid_unix_group.8:69
+#: src/squid.8.in:226
+#: tools/cachemgr.cgi.8.in:57
+#: tools/squidclient.1:169
#, no-wrap
msgid "COPYRIGHT"
-msgstr ""
+msgstr "DERECHOS DE AUTOR"
-#. type: Plain text
-#: helpers/basic_auth/PAM/pam_auth.8:77
-msgid ""
-"Squid pam_auth and this manual is Copyright 1999,2002,2003 Henrik Nordstrom "
-"E<lt>hno@squid-cache.orgE<gt>"
-msgstr ""
+#~ msgid ""
+#~ "Squid pam_auth and this manual is Copyright 1999,2002,2003 Henrik Nordstrom "
+#~ "E<lt>hno@squid-cache.orgE<gt>"
+#~ msgstr ""
#. type: SH
#: helpers/basic_auth/PAM/pam_auth.8:78
#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:75
#: helpers/external_acl/session/squid_session.8:51
#: helpers/external_acl/unix_group/squid_unix_group.8:53
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:78
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:301
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:50
+#: helpers/basic_auth/PAM/basic_pam_auth.8:92
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:100
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:250
+#: helpers/external_acl/session/squid_session.8:72
+#: helpers/external_acl/unix_group/squid_unix_group.8:74
+#: src/squid.8.in:243
+#: tools/cachemgr.cgi.8.in:60
+#: tools/squidclient.1:172
#, no-wrap
msgid "QUESTIONS"
-msgstr ""
+msgstr "PREGUNTAS"
-#. type: Plain text
-#: helpers/basic_auth/PAM/pam_auth.8:82
-msgid ""
-"Questions on the usage of this program can be sent to the I<Squid Users "
-"E<lt>squid-users@squid-cache.orgE<gt>> mailing list."
-msgstr ""
+#~ msgid ""
+#~ "Questions on the usage of this program can be sent to the I<Squid Users "
+#~ "E<lt>squid-users@squid-cache.orgE<gt>> mailing list."
+#~ msgstr ""
#. type: SH
#: helpers/basic_auth/PAM/pam_auth.8:83
#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:81
#: helpers/external_acl/session/squid_session.8:55
#: helpers/external_acl/unix_group/squid_unix_group.8:57
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:83
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:309
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:55
+#: helpers/basic_auth/PAM/basic_pam_auth.8:97
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:108
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:258
+#: helpers/external_acl/session/squid_session.8:77
+#: helpers/external_acl/unix_group/squid_unix_group.8:79
+#: src/squid.8.in:248
+#: tools/cachemgr.cgi.8.in:65
+#: tools/squidclient.1:177
#, no-wrap
msgid "REPORTING BUGS"
-msgstr ""
+msgstr "NOTIFICACIÓN DE ERRORES"
-#. type: Plain text
-#: helpers/basic_auth/PAM/pam_auth.8:88
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:86
-#: helpers/external_acl/session/squid_session.8:60
-msgid ""
-"Report bugs or bug-fixes to I<Squid Bugs E<lt>squid-bugs@squid-cache."
-"orgE<gt>> or ideas for new improvements to I<Squid Developers E<lt>squid-"
-"dev@squid-cache.orgE<gt>>"
-msgstr ""
+#~ msgid ""
+#~ "Report bugs or bug-fixes to I<Squid Bugs E<lt>squid-bugs@squid-cache."
+#~ "orgE<gt>> or ideas for new improvements to I<Squid Developers E<lt>squid-"
+#~ "dev@squid-cache.orgE<gt>>"
+#~ msgstr ""
-#. type: Plain text
-#: helpers/basic_auth/PAM/pam_auth.8:90
-msgid "B<pam>(8),B< PAM Systems Administrator Guide>"
-msgstr ""
+#~ msgid "B<pam>(8),B< PAM Systems Administrator Guide>"
+#~ msgstr ""
-#. type: TH
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:1
#, no-wrap
-msgid "squid_radius_auth"
-msgstr ""
+#~ msgid "squid_radius_auth"
+#~ msgstr ""
-#. type: TH
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:1
#, no-wrap
-msgid "7 August 2004"
-msgstr ""
+#~ msgid "7 August 2004"
+#~ msgstr ""
-#. type: TH
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:1
#, no-wrap
-msgid "Squid RADIUS Auth"
-msgstr ""
+#~ msgid "Squid RADIUS Auth"
+#~ msgstr ""
-#. type: Plain text
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:5
-msgid "squid_radius_auth - Squid RADIUS authentication helper"
-msgstr ""
+#~ msgid "squid_radius_auth - Squid RADIUS authentication helper"
+#~ msgstr ""
-#. type: Plain text
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:9
-msgid "B<squid_radius_auth> -f configfile"
-msgstr ""
+#~ msgid "B<squid_radius_auth> -f configfile"
+#~ msgstr ""
-#. type: Plain text
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:12
-msgid "B<squid_radius_auth> -h \"server\" [-p port] [-i identifier] -w secret"
-msgstr ""
+#~ msgid "B<squid_radius_auth> -h \"server\" [-p port] [-i identifier] -w secret"
+#~ msgstr ""
-#. type: Plain text
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:16
-msgid ""
-"This helper allows Squid to connect to a RADIUS server to validate the user "
-"name and password of Basic HTTP authentication."
-msgstr ""
+#~ msgid ""
+#~ "This helper allows Squid to connect to a RADIUS server to validate the user "
+#~ "name and password of Basic HTTP authentication."
+#~ msgstr ""
+
+#, no-wrap
+#~ msgid "B<-f >I<configfile >"
+#~ msgstr ""
+
+#~ msgid ""
+#~ "Specifies the path to a configuration file. See the CONFIGURATION section "
+#~ "for details."
+#~ msgstr ""
+
+#, no-wrap
+#~ msgid "B<-h >I<server>"
+#~ msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:25
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:40
+msgid "Alternative method of specifying the server to connect to"
+msgstr "Método alternativo para conectar al servidor especificado"
+
+#, no-wrap
+#~ msgid "B<-p >I<port>"
+#~ msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:30
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:45
+msgid ""
+"Specify another server port where the RADIUS server listens for requests if "
+"different from the default RADIUS port. Normally not specified."
+msgstr ""
+"Indicar otro puerto de servidor cuando el servidor RADIUS escucha las "
+"solicitudes en un puerto diferente del puerto RADIUS por defecto. "
+"Normalmente no especificado"
+
+#, no-wrap
+#~ msgid "B<-i >I<identifier>"
+#~ msgstr ""
+
+#~ msgid ""
+#~ "Unique identifier identifying this Squid proxy to the RADIUS server. If not "
+#~ "specified the IP address is used as to identify the proxy."
+#~ msgstr ""
+
+#, no-wrap
+#~ msgid "B<-w >I<secret>"
+#~ msgstr ""
+
+#~ msgid ""
+#~ "Alternative method of specifying the shared secret. Using the configuration "
+#~ "file is generally more secure and recommended."
+#~ msgstr ""
+
+#, no-wrap
+#~ msgid "B<-t >I<timeout>"
+#~ msgstr ""
+
+#~ msgid "RADIUS request timeout. Default 10 seconds."
+#~ msgstr ""
+
+#~ msgid ""
+#~ "The configuration specifies how the helper connects to RADIUS. The file "
+#~ "contains a list of directives (one per line). Lines beginning with a # is "
+#~ "ignored."
+#~ msgstr ""
+
+#, no-wrap
+#~ msgid "B<server >I<radiusserver>"
+#~ msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:52
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:71
+msgid "specifies the name or address of the RADIUS server to connect to."
+msgstr "especifica el nombre o dirección del servidor RADIUS a conectarse"
+
+#, no-wrap
+#~ msgid "B<secret >I<somesecretstring>"
+#~ msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:56
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:75
+msgid "specifies the shared RADIUS secret."
+msgstr "especifica el secreto compartido con el servidor RADIUS"
+
+#, no-wrap
+#~ msgid "B<identifier >I<nameofserver>"
+#~ msgstr ""
+
+#~ msgid ""
+#~ "specifies what the proxy should identify itsels as to the RADIUS server. "
+#~ "This directive is optional."
+#~ msgstr ""
+
+#, no-wrap
+#~ msgid "B<port >I<portnumber>"
+#~ msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:65
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:84
+msgid ""
+"Specifies the port number or service name where the helper should connect."
+msgstr ""
+"Especifica el número de puerto o nombre de servicio donde el módulo debe "
+"conectar"
+
+#~ msgid ""
+#~ "This manual page was written by I<Henrik Nordstrom E<lt>hno@squid-cache."
+#~ "orgE<gt>>"
+#~ msgstr ""
+
+#~ msgid ""
+#~ "squid_radius_auth is written by I<Marc van Selm E<lt>selm@cistron.nlE<gt>> "
+#~ "with contributions from I<Henrik Nordstrom E<lt>hno@squid-cache.orgE<gt>> "
+#~ "and many others"
+#~ msgstr ""
+
+#~ msgid ""
+#~ "Any questions on usage can be sent to I<Squid Users E<lt>squid-users@squid-"
+#~ "cache.orgE<gt>>, or to your favorite RADIUS list/friend if the question is "
+#~ "more related to RADIUS than Squid."
+#~ msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:88
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:124
+msgid "B<RFC2058> - Remote Authentication Dial In User Service (RADIUS)"
+msgstr "B<RFC2058> Servicio de Autenticación Remota para Usuarios de Marcado"
+
+#, no-wrap
+#~ msgid "squid_session"
+#~ msgstr ""
+
+#, no-wrap
+#~ msgid "19 March 2006"
+#~ msgstr ""
+
+#. type: TH
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:1
+#: helpers/external_acl/session/squid_session.8:9
+#, no-wrap
+msgid "Version 1.0"
+msgstr "Versión 1.0"
+
+#~ msgid "squid_session - Squid session tracking external acl group helper"
+#~ msgstr ""
+
+#~ msgid "squid_session [-t idle_timeout] [-b dbpath] [-a]"
+#~ msgstr ""
+
+#~ msgid ""
+#~ "This helper maintains a concept of sessions by monitoring requests and "
+#~ "timing out sessions if no requests have been seen for the idle timeout timer."
+#~ msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:15
+#: helpers/external_acl/session/squid_session.8:25
+msgid "Intended use is for displaying \"terms of use\" pages, ad popups etc."
+msgstr ""
+"El uso sugerido es para desplegar las páginas de \"Términos de Uso\", ventanas "
+"emergentes, etc"
+
+#, no-wrap
+#~ msgid "B<-t >I<idletimeout >B<(default 3600)>"
+#~ msgstr ""
+
+#~ msgid "Specifies the session idle timeout timer."
+#~ msgstr ""
+
+#, no-wrap
+#~ msgid "B<-b >I<dbpath>"
+#~ msgstr ""
+
+#~ msgid ""
+#~ "Path to persistent database. If not specified the session details will be "
+#~ "kept in memory only and all sessions will reset each time Squid restarts "
+#~ "it's helpers (Squid restart or rotation of logs)."
+#~ msgstr ""
+
+#, no-wrap
+#~ msgid "B<-a>"
+#~ msgstr ""
+
+#~ msgid ""
+#~ "Active mode. In this mode sessions are started by evaluating an acl with the "
+#~ "argument LOGIN, or terminated by the argument LOGOUT."
+#~ msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:33
+#: helpers/external_acl/session/squid_session.8:49
+msgid ""
+"Without this flag the helper automatically starts the session after the "
+"first request."
+msgstr ""
+"Sin esta marca el módulo iniciará automáticamente la sesión luego de la "
+"primera solicitud"
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:37
+#: helpers/external_acl/session/squid_session.8:53
+msgid "Configuration example using the default automatic mode"
+msgstr "Configuración de ejemplo usando el modo automático por defecto"
+
+#~ msgid ""
+#~ "external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %"
+#~ "LOGIN /usr/local/squid/libexec/squid_session"
+#~ msgstr ""
+
+#~ msgid "acl session external session"
+#~ msgstr ""
+
+#~ msgid "http_access deny !session"
+#~ msgstr ""
+
+#~ msgid "deny_info http://your.server/bannerpage?url=%s session"
+#~ msgstr ""
+
+#~ msgid ""
+#~ "Then set up http://your.server/bannerpage to display a session startup page "
+#~ "and then redirect the user back to the requested URL given in the url query "
+#~ "parameter."
+#~ msgstr ""
+
+#~ msgid ""
+#~ "This helper and documentation was written by I<Henrik Nordstrom "
+#~ "E<lt>henrik@henriknordstrom.netE<gt>>"
+#~ msgstr ""
+
+#~ msgid ""
+#~ "Any questions on usage can be sent to I<Squid Users E<lt>squid-users@squid-"
+#~ "cache.orgE<gt>>."
+#~ msgstr ""
+
+#~ msgid "B<squid>(B<8>)"
+#~ msgstr ""
+
+#, no-wrap
+#~ msgid "squid_unix_group"
+#~ msgstr ""
+
+#, no-wrap
+#~ msgid "12 August 2002"
+#~ msgstr ""
+
+#. type: TH
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:1
+#: helpers/external_acl/unix_group/squid_unix_group.8:7
+#, no-wrap
+msgid "Squid UNIX Group helper"
+msgstr "Módulo de grupo UNIX de Squid"
+
+#~ msgid "squid_unix_group - Squid UNIX Group external_acl helper"
+#~ msgstr ""
+
+#~ msgid "squid_unix_group [-g groupname] [-g groupname...] [-p] [-s]"
+#~ msgstr ""
+
+#~ msgid ""
+#~ "This helper allows Squid to base access controls on users memberships in "
+#~ "UNIX groups."
+#~ msgstr ""
+
+#, no-wrap
+#~ msgid "B<-g >I<groupname >"
+#~ msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:16
+#: helpers/external_acl/unix_group/squid_unix_group.8:23
+msgid "Specifies a group name to match."
+msgstr "Especifica un nombre de grupo como criterio"
+
+#, no-wrap
+#~ msgid "B<-p>"
+#~ msgstr ""
+
+#~ msgid "Also match the users primary group from /etc/passwd"
+#~ msgstr ""
+
+#, no-wrap
+#~ msgid "B<-s>"
+#~ msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:24
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:188
+#: helpers/external_acl/unix_group/squid_unix_group.8:32
+msgid "Strip NT domain name component from user names (/ or \\e separated)"
+msgstr ""
+"Descomponer el nombre de dominio NT a partir de los nombres de usuario "
+"(separados por / o \\e )"
+
+#, no-wrap
+#~ msgid "EXAMPLES"
+#~ msgstr ""
+
+#~ msgid ""
+#~ "This squid.conf example defines two Squid acls. usergroup1 matches users in "
+#~ "group1, and usergroup2 matches users in group2 or group3"
+#~ msgstr ""
+
+#~ msgid ""
+#~ "external_acl_type unix_group %LOGIN /usr/local/squid/libexec/"
+#~ "squid_unix_group -p"
+#~ msgstr ""
+
+#~ msgid "acl usergroup1 external unix_group group1"
+#~ msgstr ""
+
+#~ msgid "acl usergroup2 external unix_group group2 group3"
+#~ msgstr ""
+
+#~ msgid ""
+#~ "By default up to 11 groups can be matched in one acl (including commandline "
+#~ "specified groups). This limit is defined by MAX_GROUPS in the source code."
+#~ msgstr ""
+
+#~ msgid ""
+#~ "squid_unix_group is written by I<Rodrigo Campos E<lt>rodrigo@geekbunker."
+#~ "orgE<gt>>"
+#~ msgstr ""
+
+#. type: SH
+#: helpers/external_acl/unix_group/squid_unix_group.8:48
+#: helpers/external_acl/unix_group/squid_unix_group.8:57
+#, no-wrap
+msgid "KNOWN ISSUES"
+msgstr "PROBLEMAS CONOCIDOS"
+
+#~ msgid ""
+#~ "Does not understand gid aliased groups sometimes used to work around groups "
+#~ "size limitations. If you are using gid aliased groups then you must specify "
+#~ "each alias by name."
+#~ msgstr ""
+
+#~ msgid ""
+#~ "Any questions on usage can be sent to I<Squid Users E<lt>squid-users@squid-"
+#~ "cache.orgE<gt>>"
+#~ msgstr ""
+
+#~ msgid ""
+#~ "Report bugs or bug-fixes to I<Rodrigo Campos E<lt>rodrigo@geekbunker."
+#~ "orgE<gt>> or I<Squid Developers E<lt>squid-dev@squid-cache.orgE<gt>>"
+#~ msgstr ""
+
+#~ msgid "B<group>(B<5>),B<passwd>(B<5>)"
+#~ msgstr ""
+
+#. type: TP
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:31
+#, no-wrap
+msgid "Can handle PAM requests"
+msgstr "Capaz de procesar solicitudes PAM"
+
+#. type: Plain text
+#: src/squid.8.in:209
+msgid "Some files also located elsewhere:"
+msgstr "Algunos archivos también localizado en cualquier lugar"
+
+#. type: TP
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:25
+#, no-wrap
+msgid "Allows authentication through nsswitch.conf"
+msgstr "Permitir autenticación a través de nsswitch.conf"
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:46
+msgid ""
+"Active mode. In this mode sessions are started by evaluating an acl with the "
+"argument B<LOGIN> , or terminated by the argument B<LOGOUT>"
+msgstr ""
+"Modo activo. En este modo las sesiones son iniciadas por la evaluación de "
+"ACLs con el argumento B<LOGIN> o terminadas con el argumento B<LOGOUT>"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:200
+msgid ""
+"LDAP attribute used to construct the user DN from the user name and base dn "
+"without needing to search for the user. A maximum of 16 occurrences of "
+"B<%s> are supported."
+msgstr ""
+"Atributo LDAP usado para construir el DN de usuario a partir del nombre de "
+"usuario y el DN base sin la necesidad de buscar el usuario. Un máximo de 16 "
+"ocurrencias de B<%s> son soportadas"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:47
+msgid ""
+"When used for authenticating to local UNIX shadow password databases the "
+"program must be running as root or else it won't have sufficient permissions "
+"to access the user password database. Such use of this program is not "
+"recommended, but if you absolutely need to then make the program B<setuid> "
+"B<root>"
+msgstr ""
+"Cuando se usa la base de datos de contraseñas shadow de UNIX para "
+"autenticación de usuarios locales el programa debe ejecutarse como root o no "
+"tendrá los suficientes privilegios de acceso a la base de datos de "
+"contraseñas shadow. Tal uso del programa NO es recomendado pero si es "
+"absolutamente necesario establezca el bit de identificación de usuario a "
+"root ( B<setuid> B<root>)"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:88 helpers/basic_auth/LDAP/basic_ldap_auth.8:314 helpers/basic_auth/NCSA/basic_ncsa_auth.8:60 helpers/basic_auth/PAM/basic_pam_auth.8:102 helpers/basic_auth/RADIUS/basic_radius_auth.8:113 helpers/external_acl/ldap_group/squid_ldap_group.8:263 helpers/external_acl/session/squid_session.8:82 helpers/external_acl/unix_group/squid_unix_group.8:84 src/squid.8.in:253 tools/cachemgr.cgi.8.in:69 tools/squidclient.1:181
+msgid "Report bugs or bug fixes using http://bugs.squid-cache.org/"
+msgstr "Notifique errores o parches usando http://bugs.squid-cache.org/"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:241 helpers/external_acl/ldap_group/squid_ldap_group.8:82
+msgid ""
+"Debug mode where each step taken will get reported in detail. Useful for "
+"understanding what goes wrong if the results is not what is expected."
+msgstr ""
+"En modo depuración cada paso generará un reporte detallado. Muy útil para "
+"comprender que funciona mal cuando los resultados no son lo esperado"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:145
+msgid "Specify the LDAP server to connect to"
+msgstr "Especifica el servidor LDAP a conectar"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:166
+msgid ""
+"Use a persistent LDAP connection. Normally the LDAP connection is only open "
+"while verifying a users group membership to preserve resources at the LDAP "
+"server. This option causes the LDAP connection to be kept open, allowing it "
+"to be reused for further user validations. Recommended for larger "
+"installations."
+msgstr ""
+"Usar conexiones LDAP persistentes. Normalmente, la conexión LDAP es abierta "
+"solo mientras se verifica la membresía de un grupo de usuario para preservar "
+"los recursos del servidor LDAP. Esta opción provoca que la conexión LDAP se "
+"mantenga abierta, permitiendo ser reusada para validaciones posteriores. "
+"Recomendado para las instalaciones más grandes"
+
+#. type: Plain text
+#: src/squid.8.in:137
+msgid "Do not set B<REUSEADDR> on port."
+msgstr "No configurar B<REUSEADDR> en el puerto"
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:11 helpers/external_acl/unix_group/squid_unix_group.8:13
+msgid "group"
+msgstr "grupo"
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:29
+msgid ""
+"B<basic_ncsa_auth> must have access to the password file to be executed."
+msgstr ""
+"B<basic_ncsa_auth> debe tener acceso al archivo de claves para ser ejecutado"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:62
+msgid ""
+"B<never> dereference aliases (default), B<always> dereference aliases, only "
+"while B<search>ing or only to B<find> the base object"
+msgstr ""
+"B<never> eliminar los aliases de referencia (por defecto), B<always> "
+"eliminar aliases de referencia, solo mientras B<search> o solo para B<find> "
+"el objeto base."
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:50
+msgid ""
+"Unique identifier identifying this Squid proxy to the RADIUS server. If not "
+"specified the IP address is used to identify the proxy."
+msgstr ""
+"Identificador único para identificar este servidor proxy Squid contra el "
+"servidor RADIUS. Si no es especificado, la dirección IP es usada para "
+"identificar al proxy"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:71
+msgid ""
+"Specifies the base DN under which the users are located (if different)"
+msgstr ""
+"Especifica el DN base bajo el cual los usuarios son localizados (si es "
+"diferente)"
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:26
+msgid "Specifies the PAM service name Squid uses, defaults to B<squid>"
+msgstr ""
+"Especifica el nombre del servicio PAM que Squid usa, el predeterminado es "
+"B<squid>"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:81 helpers/basic_auth/LDAP/basic_ldap_auth.8:304 helpers/basic_auth/NCSA/basic_ncsa_auth.8:53 helpers/basic_auth/PAM/basic_pam_auth.8:95 helpers/basic_auth/RADIUS/basic_radius_auth.8:103 helpers/external_acl/ldap_group/squid_ldap_group.8:253 helpers/external_acl/session/squid_session.8:75 helpers/external_acl/unix_group/squid_unix_group.8:77 src/squid.8.in:246 tools/cachemgr.cgi.8.in:63 tools/squidclient.1:175
+msgid ""
+"Questions on the usage of this program can be sent to the I<Squid Users "
+"mailing list>"
+msgstr ""
+"Preguntas acerca del uso de este programa pueden ser enviadas a <Squid Users "
+"mailing list>"
+
+#. type: Plain text
+#: src/squid.8.in:7
+msgid "HTTP web proxy caching server"
+msgstr "Servidor proxy-caché HTTP"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:108
+msgid ""
+"B<Note:> This can only be done if all your users are located directly under "
+"the same position in the LDAP tree and the login name is used for naming "
+"each user object. If your LDAP tree does not match these criterias or if you "
+"want to filter who are valid users then you need to use a search filter to "
+"search for your users DN ( B<-f> option)."
+msgstr ""
+"B<Note:> Esto solo puede ser hecho si todos los usuarios están localizados "
+"directamente bajo la misma posición en el árbol LDAP y el nombre de inicio "
+"de sesión es usado para identificar cada objeto de usuario. Si el árbol LDAP "
+"no cumple estos criterios o si desea filtrar a los usuarios válidos "
+"necesita filtrar por los DN de usuario."
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:87
+msgid ""
+"The DN and password to bind as while performing searches. Required if the "
+"directory does not allow anonymous searches."
+msgstr ""
+"El DN y clave para enlazar al directorio mientras se realizan las búsquedas. "
+"Requerido si el directorio no permite búsquedas anónimas."
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:141
+msgid ""
+"Specifies that the first query argument sent to the helper by Squid is a "
+"extension to the basedn and will be temporarily added in front of the global "
+"basedn for this query."
+msgstr ""
+"Especifica que el primer argumento de búsqueda enviado al módulo por Squid "
+"es una extensión del DN base y será agregado temporalmente al inicio del DN "
+"base global para esta consulta"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:287
+msgid ""
+"B<NOTE:> When constructing search filters it is strongly recommended to test "
+"the filter using B<ldapsearch> before you attempt to use B<basic_ldap_auth.> "
+"This to verify that the filter matches what you expect."
+msgstr ""
+"B<NOTE:> Cuando construya filtros de búsqueda es MUY recomendado probar el "
+"filtro usando B<ldapsearch> antes de usar B<basic_ldap_auth.> Esto es para "
+"verificar que el filtro encuentra lo que usted espera."
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:56
+msgid ""
+"By default up to 11 groups can be matched in one acl (including commandline "
+"specified groups). This limit is defined by B<MAX_GROUPS> in the source code."
+msgstr ""
+"Por defecto, un máximo de 11 grupos pueden ser usados en una ACL (incluyendo "
+"grupos especificados en la línea de comandos). Este límite está definido en "
+"el código fuente por B<MAX_GROUPS>"
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:13
+msgid "TTL"
+msgstr "TTL"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:22 helpers/basic_auth/LDAP/basic_ldap_auth.8:37 helpers/external_acl/ldap_group/squid_ldap_group.8:24
+msgid "URI"
+msgstr "URI"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:153
+msgid "Strip Kerberos Realm component from user names (@ separated)"
+msgstr "Descomponer identificador Kerberos a partir del nombre de usuario"
+
+#. type: Plain text
+#: src/squid.8.in:240
+msgid ""
+"This program is free software; you can redistribute it and/or modify it "
+"under the terms of the GNU General Public License (version 2) as published "
+"by the Free Software Foundation. It is distributed in the hope that it will "
+"be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of "
+"MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General "
+"Public License for more details."
+msgstr ""
+"Este programa es software libre; puede distribuirse y modificarse bajo los "
+"términos de la Licencia Pública General GNU (versión 2) publicada por la "
+"Fundación de Software Libre. Se distribuye en la esperanza de que sea útil, "
+"pero SIN NINGUNA GARANTÍA, incluso sin la garantía implícita de "
+"COMERCIALIZACIÓN o IDONEIDAD PARA UN PROPÓSITO PARTICULAR. Consulte la "
+"Licencia Pública General GNU para mayores detalles"
+
+#. type: Plain text
+#: tools/squidclient.1:158
+msgid "Proxy authentication password"
+msgstr "Contraseña de autenticación con el proxy"
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:28
+msgid "Also match the users primary group from B</etc/passwd>"
+msgstr ""
+"También usar como criterio el nombre de grupo primario de los usarios en "
+"B</etc/passwd>"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:99
+msgid ""
+"Specifies the name of the DN attribute that contains the username/login. "
+"Combined with the base DN to construct the users DN when no search filter is "
+"specified ( B<-f> option). Defaults to B<uid>"
+msgstr ""
+"Especifica el nombre del atributo DN que contiene el nombre de usuario / "
+"login. Combinado con el DN base para construir el DN de los usuarios cuando "
+"no se especifica un filtro de búsqueda (B<-f> opción). Por defecto es B<uid>"
+
+#. type: Plain text
+#: tools/squidclient.1:42 tools/squidclient.1:44
+msgid "password"
+msgstr "contraseña"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:240
+msgid "Based on prior work in B<squid_ldap_auth> by"
+msgstr "Basado en trabajos previos en B<squid_ldap_auth> por"
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:7
+msgid "Squid RADIUS authentication helper"
+msgstr "Módulo de autenticación RADIUS para Squid"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:290 helpers/basic_auth/RADIUS/basic_radius_auth.8:87
+msgid "This program is written by"
+msgstr "Este programa ha sido escrito por"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:214
+msgid ""
+"This helper is intended to be used as an B<external_acl_type> helper in "
+"B<squid.conf.>"
+msgstr ""
+"Se pretende usar este módulo como en B<external_acl_type> del módulo en "
+"B<squid.conf.>"
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:11
+msgid "passwd file"
+msgstr "Archivo de claves"
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:61
+msgid ""
+"Does not understand GID aliased groups sometimes used to work around groups "
+"size limitations. If you are using GID aliased groups then you must specify "
+"each alias by name."
+msgstr ""
+"No comprendo alias GID algunas veces usados para evadir las limitaciones en "
+"el número de grupos.Si está usando aliases GID para grupos debe especificar "
+"cada alias por nombre."
+
+#. type: Plain text
+#: tools/squidclient.1:20
+msgid "ping interval"
+msgstr "intervalo de ping"
+
+#. type: Plain text
+#: tools/squidclient.1:128
+msgid "Silent. Do not print data to stdout."
+msgstr "Silencioso. No imprimir datos a la salida estándar"
+
+#. type: Plain text
+#: src/squid.8.in:19
+msgid "signal"
+msgstr "señal"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:29 helpers/external_acl/ldap_group/squid_ldap_group.8:16
+msgid "LDAP search filter"
+msgstr "filtro de búsqueda LDAP"
+
+#. type: Plain text
+#: src/squid.8.in:271
+msgid "The Squid FAQ wiki"
+msgstr "La Wiki de Preguntas Frecuentemente Respondidas de Squid"
+
+#. type: Plain text
+#: src/squid.8.in:15
+msgid "config-file"
+msgstr "archivo-de-configuración"
+
+#. type: Plain text
+#: tools/squidclient.1:26
+msgid "method"
+msgstr "método"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:47
+msgid ""
+"B<basic_ldap_auth> allows Squid to connect to a LDAP directory to validate "
+"the user name and password of Basic HTTP authentication. LDAP options are "
+"specified as parameters on the command line, while the username(s) and "
+"password(s) to be checked against the LDAP directory are specified on "
+"subsequent lines of input to the helper, one username/password pair per line "
+"separated by a space."
+msgstr ""
+"B<basic_ldap_auth> permite a Squid conectarse a un directorio LDAP para "
+"validar el nombre de usuario y contraseña de la autenticación HTTP básica. "
+"Las opciones LDAP son especificadas como parámetros de la linea de comandos, "
+"mientras el/los usuario(s) y contraseña(s) a ser comprobados contra el "
+"directorio LDAP son especificados en lineas subsecuentes de la entrada del "
+"ayudante, un usuario/contraseña por linea separados por un espacio."
+
+#. type: Plain text
+#: src/squid.8.in:49
+msgid ""
+"Squid consists of a main server program B<squid> , some optional programs "
+"for custom processing and authentication, and some management and client "
+"tools. When squid starts up, it spawns a configurable number of helper "
+"processes, each of which can perform parallel lookups. This reduces the "
+"amount of time the cache waits for results."
+msgstr ""
+"Squid consiste de un programa principal de servidor B<squid>, algunos "
+"programas adicionales para personalización del procesamiento y autenticación "
+"y algunas herramientas clientes y de administración. Cuando squid inicia, "
+"se dispara un número configurable de módulos, cada uno de los cuales puede "
+"realizar búsquedas en paralelo. Esto reduce la cantidad de tiempo que el "
+"caché debe esperar los resultados"
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:24 helpers/external_acl/session/squid_session.8:14 tools/squidclient.1:34
+msgid "timeout"
+msgstr "tiempo de espera agotado"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:178
+msgid ""
+"Only bind once per LDAP connection. Some LDAP servers do not allow re-"
+"binding as another user after a successful I<ldap_bind.> The use of this "
+"option always opens a new connection for each login attempt. If combined "
+"with the B<-P> option for persistent LDAP connection then the connection "
+"used for searching for the user DN is kept persistent but a new connection "
+"is opened to verify each users password once the DN is found."
+msgstr ""
+"Solo se hacen asociaciones una vez por conexión LDAP. Algunos servidores "
+"LDAP no permiten re-asociar como otro usuario después de una exitosa "
+"asociación LDAP I<ldap_bind.> El uso de esta opción siempre abre una nueva "
+"conexión por cada intento de inicio de sesión. Si se combina con la opción "
+"B<-P> para conexiones LDAP persistentes entonces la conexión usada para la "
+"búsqueda de DNs de usuario es persistente pero cada nueva conexión es "
+"abierta para verificar cada clave de usuario una vez que el DN de usuario ha "
+"sido encontrado"
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:30
+msgid ""
+"B<basic_radius_auth> allows Squid to connect to a RADIUS server to validate "
+"the user name and password of Basic HTTP authentication."
+msgstr ""
+"B<basic_radius_auth> permite a Squid conectarse a un servidor RADIUS para "
+"validar el usuario y contraseña de la autenticación HTTP Básica."
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:20
+msgid "identifier"
+msgstr "Identificador"
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:7
+msgid "Squid HTTP proxy manager CGI web interface"
+msgstr "La interfaz web CGI del administrador del proxy HTTP Squid"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:90
+msgid ""
+"Will crash if other B<%> values than B<%s> are used, or if more than 15 "
+"B<%s> are used."
+msgstr ""
+"Fallara si otros B<%> valores que B<%s> son usados, o si mas de 15 B<%s> son "
+"usados."
+
+#. type: Plain text
+#: tools/squidclient.1:66
+msgid "Ping mode, perform I<count> iterations (0 to loop until interrupted)."
+msgstr ""
+"Modo ping, ejecutar I<count> iteraciones (0 para ejecutar indefinidamente "
+"hasta ser interrumpido)."
+
+#. type: Plain text
+#: tools/squidclient.1:134
+msgid "Trace I<count> HTTP relay or proxy hops"
+msgstr "Rastrear I<count> re-envíos HTTP o saltos de proxy"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:44
+msgid ""
+"As expected by the B<external_acl_type> construct of Squid, after specifying "
+"a username and group followed by a new line, this helper will produce either "
+"B<OK> or B<ERR> on the following line to show if the user is a member of the "
+"specified group."
+msgstr ""
+"Como es esperado por B<external_acl_type> de Squid, luego de especificar un "
+"nombre de usuario y grupo seguido de una nueva línea, este módulo devolverá "
+"B<OK> o B<ERR> en la siguiente línea para mostrar si el usuario es miembro "
+"del grupo especificado."
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:38
+msgid ""
+"B<Path> to persistent database. If not specified the session details will be "
+"kept in memory only and all sessions will reset each time Squid restarts "
+"it's helpers (Squid restart or rotation of logs)."
+msgstr ""
+"B<Path> a la base de datos persistente. Si no es especificado los detalles "
+"de la sesión permanecerán en memoria y serán eliminados cuando Squid re-"
+"inicie los módulos (re-inicios de Squid o rotación de archivos de registros)"
+
+#. type: Plain text
+#: src/squid.8.in:178
+msgid ""
+"The main configuration file. You must initially make changes to this file "
+"for B<squid> to work. For example, the default configuration does not allow "
+"access from any browser."
+msgstr ""
+"El archivo de configuración principal. Debe hacer los cambios iniciales a "
+"este archivo para que B<squid> funcione. Por ejemplo, la configuración por "
+"defecto no permite acceso desde ningún navegador."
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:107
+msgid ""
+"Or contact your favorite RADIUS list/friend if the question is more related "
+"to RADIUS than Squid."
+msgstr ""
+"O contacte a su amigo/lista favorita sobre RADIUS si la pregunta está más "
+"relacionada con RADIUS que a Squid"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:327
+msgid "Your favorite LDAP documentation."
+msgstr "Su documentación LDAP favorita."
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:118
+msgid ""
+"Use I<ldap_compare> instead of I<ldap_simple_bind> to verify the users "
+"password. B<passwordattr> is the LDAP attribute storing the users password."
+msgstr ""
+"Use I<ldap_compare> en lugar de I<ldap_simple_bind> para verificar la "
+"contraseña del usuario. B<passwordattr> es el atributo LDAP donde se guarda "
+"la contraseña del usuario."
+
+#. type: Plain text
+#: tools/squidclient.1:81
+msgid "If-Modified-Since time (in Epoch seconds)."
+msgstr "Si-Modificado-Desde (en segundos)"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:20 helpers/basic_auth/LDAP/basic_ldap_auth.8:35 helpers/basic_auth/RADIUS/basic_radius_auth.8:18 helpers/external_acl/ldap_group/squid_ldap_group.8:22 src/squid.8.in:17 tools/squidclient.1:28
+msgid "port"
+msgstr "puerto"
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:11
+msgid "service name"
+msgstr "nombre de servicio"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:328 helpers/external_acl/ldap_group/squid_ldap_group.8:278
+msgid "B<RFC2254> - The String Representation of LDAP Search Filters,"
+msgstr ""
+"B<RFC2254> - La cadena de representación de los filtros de búsqueda LDAP"
+
+#. type: Plain text
+#: tools/squidclient.1:71
+msgid "Retrieve URL from cache on hostname. Default is B<localhost>"
+msgstr ""
+"Recuperar la URL desde el caché con el nombre de host. Por defecto "
+"B<localhost>"
+
+#. type: Plain text
+#: src/squid.8.in:23
+msgid "command-line"
+msgstr "línea-de-comandos"
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:16
+msgid ""
+"B<basic_ncsa_auth> allows Squid to read and authenticate user and password "
+"information from an NCSA/Apache httpd-style password file when using basic "
+"HTTP authentication."
+msgstr ""
+"B<basic_ncsa_auth> permite a Squid leer y autenticar usuario y clave desde "
+"un archivo de claves al estilo del archivo de claves NCSA/Apache para "
+"autenticación HTTP básica"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:206
+msgid ""
+"Specify the LDAP server to connect to. Servers can also be specified last on "
+"the command line."
+msgstr ""
+"Especificar el servidor LDAP para conectarse. Los servidores también puede "
+"ser especificados como último parámetro en la línea de comandos."
+
+#. type: Plain text
+#: src/squid.8.in:206
+msgid ""
+"CSS Stylesheet to control the display of generated error pages. Use this to "
+"set any company branding you need, it will apply to every language Squid "
+"provides error pages for."
+msgstr ""
+"Hoja de estilo en cascada (CSS) para control el formato de la página de "
+"errores generada. Use el archivo para configurar la marca de la compañía, se "
+"apicará a cada lenguaje del cual Squid provea páginas de error"
+
+#. type: Plain text
+#: tools/squidclient.1:55
+msgid ""
+"B<squidclient> is a tool providing a command line interface for retrieving "
+"URLs. Designed for testing any HTTP 0.9, 1.0, or 1.1 web server or proxy. "
+"This tool can be combined with scripts to perform any basic HTTP operation. "
+"Some additional features for access to the B<squid> proxy object cache and "
+"management information are provided."
+msgstr ""
+"B<squidclient> es una herramienta que provee una interfaz de línea de "
+"comandos para acceder a direcciones URL. Diseña para pruebas contra servidor "
+"web o servidores proxy con protocolos HTTP 0.9, 1.0 o 1.1. Esta herramienta "
+"puede ser combinada con los scripts para ejecutar cualquier operación "
+"básica HTTP. Algunas características adicionales para acceder a objetos del "
+"caché o información de la administración mediante B<squid> es proveída."
+
+#. type: Plain text
+#: src/squid.8.in:193
+msgid ""
+"Use this to read the documentation for configuration options available in "
+"your build of Squid. The online configuration manual is also available for a "
+"full reference of options. B<see>http://www.squid-cache.org/Doc/config/"
+msgstr ""
+"Use esto para leer la documentación para las opciones de configuración "
+"disponibles en su versión de Squid. El manual de configuración en línea está "
+"disponible con la referencia completa de opciones. B<see>http://www.squid-"
+"cache.org/Doc/config/"
+
+#. type: Plain text
+#: tools/squidclient.1:40
+msgid "version"
+msgstr "versión"
+
+#. type: Plain text
+#: src/squid.8.in:215
+msgid "Location of Squid error pages and templates."
+msgstr "Ubicación de los archivos de páginas de error y plantillas"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:231
+msgid ""
+"Specify B<timeout> used when connecting to LDAP servers (requires Netscape "
+"LDAP API libraries)"
+msgstr ""
+"Especificar B<timeout> para conectar con los servidores LDAP (requiere "
+"librerías del API LDAP de Netscape)"
+
+#. type: TP
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:27
+#, no-wrap
+msgid "Can handle NIS(+) requests"
+msgstr "Autorizado a procesar consultas NIS(+)"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:93
+msgid ""
+"As the password needs to be printed in plain text in your Squid "
+"configuration and will be sent on the command line to the helper it is "
+"strongly recommended to use a account with minimal associated privileges. "
+"This to limit the damage in case someone could get hold of a copy of your "
+"Squid configuration file or extracts the password used from a process "
+"listing."
+msgstr ""
+"Debido a que la clave necesita escribirse en texto en claro en la "
+"configuración de Squid y será enviada en la línea de comando al módulo es "
+"MUY recomendable usar una cuenta con privilegios mínimos. Esto limita el "
+"daño en caso de que alguien obtenga una copia del archivo de configuración "
+"de Squid o extraiga la clave usada durante los listados."
+
+#. type: Plain text
+#: tools/squidclient.1:124
+msgid "Force cache to reload URL."
+msgstr "Forzar el caché a actualizar la URL"
+
+#. type: Plain text
+#: src/squid.8.in:51
+msgid "Squid is derived from the ARPA-funded Harvest Project."
+msgstr "Squid se origina en el Harvest Project auspiciado por ARPA"
+
+#. type: Plain text
+#: src/squid.8.in:142
+msgid ""
+"Enable logging to syslog. Also configurable in B<@SYSCONFDIR@/squid.conf>"
+msgstr ""
+"Habilitar el registro en syslog. Tambień configurable en "
+"B<@SYSCONFDIR@/squid.conf>"
+
+#. type: Plain text
+#: tools/squidclient.1:7
+msgid "A simple HTTP web client tool"
+msgstr "Una herramienta web cliente HTTP sencilla"
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:18
+msgid ""
+"B<squid_unix_group> allows Squid to base access controls on users "
+"memberships in UNIX groups."
+msgstr ""
+"B<squid_unix_group> permite a Squid realizar controles de acceso basado en "
+"la membresía de grupos UNIX de los usuarios"
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:60
+msgid "RADIUS request timeout. Default is 10 seconds."
+msgstr ""
+"Tiempo límite de espera para solicitudes RADIUS. El valor por defecto es 10 "
+"segundos."
#. type: TP
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:17
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:23
#, no-wrap
-msgid "B<-f >I<configfile >"
+msgid "Allows authentication of all known local users"
+msgstr "Permite la autenticación de usuarios locales conocidos"
+
+#. type: Plain text
+#: src/squid.8.in:274
+msgid "The Squid Configuration Manual"
+msgstr "El manual de configuración de Squid"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:56
+msgid ""
+"As expected by the basic authentication construct of Squid, after specifying "
+"a username and password followed by a new line, this helper will produce "
+"either B<OK> or B<ERR> on the following line to show if the specified "
+"credentials are correct according to the LDAP directory."
+msgstr ""
+"Como es esperado por la estructura de autenticación básica de Squid, luego "
+"de especificar un usuario y contraseña seguidos de una nueva linea, este "
+"ayudante producirá un B<OK> o un B<ERR> en la siguiente linea para mostrar "
+"si las credenciales especificadas son correctas de a cuerdo al directorio "
+"LDAP"
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:88
+msgid "Squid B<basic_pam_auth> and this manual is Copyright 1999,2002,2003"
+msgstr ""
+"Squid B<basic_pam_auth> y su manual está protegido por derechos de autor "
+"1999,2002,2003"
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:54
+msgid ""
+"The default service name is B<squid> , and the program makes use of the "
+"B<auth> and B<account> management groups to verify the password and the "
+"accounts validity."
+msgstr ""
+"El nombre de servicio es B<squid> , y el programa hace uso de B<auth> y "
+"B<account> para administración. Verifique la clave y la validez de la cuenta."
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:33
+msgid ""
+"B<squid_ldap_group> allows Squid to connect to a LDAP directory to authorize "
+"users via LDAP groups. LDAP options are specified as parameters on the "
+"command line, while the username(s) and group(s) to be checked against the "
+"LDAP directory are specified on subsequent lines of input to the helper, one "
+"username/group pair per line separated by a space."
+msgstr ""
+"B<squid_ldap_group> permite a Squid conectar a un directorio LDAP para "
+"autorizar grupos de usuarios LDAP. Las opciones LDAP son especificadas como "
+"parámetros en la línea de comandos, mientras, los nombres de usuario y "
+"grupos a ser autenticados contra el servidor LDAP son especificados en las "
+"líneas de entrada subsecuentes del módulo, un par nombre de usuario/grupo "
+"por línea separado por espacios"
+
+#. type: Plain text
+#: src/squid.8.in:166
+msgid "Only return B<UDP_HIT> or B<UDP_MISS_NOFETCH> during fast reload."
+msgstr ""
+"Solo devolver B<UDP_HIT> o B<UDP_MISS_NOFETCH> durante la recarga rápida"
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:19
+msgid "This password file can be manipulated using B<htpasswd.>"
+msgstr "Este archivo de claves puede ser manipulado usando B<htpasswd.>"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:7
+msgid "Local Users auth helper for Squid"
+msgstr "Módulo de autenticación de usuarios locales para Squid"
+
+#. type: Plain text
+#: tools/squidclient.1:116
+msgid "Port number of cache. Default is 3128."
+msgstr "Número de puerto del caché. Por defecto es 3128"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:21
+msgid "It uses B<getpwnam()> and B<getspnam()> routines for authentication."
+msgstr "Usa B<getpwnam()> y B<getspnam()> como rutinas de autenticación."
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:80
+msgid ""
+"specifies what name the proxy should use to identify itself to the RADIUS "
+"server. This directive is optional."
+msgstr ""
+"especifica qué nombre usará el servidor proxy para identificarse asímismo "
+"con el servidor RADIUS. La directiva es opcional"
+
+#. type: Plain text
+#: tools/squidclient.1:162
+msgid "WWW authentication password"
+msgstr "Contraseña de autenticación WWW"
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:34
+msgid ""
+"The access configuration file defining which Squid servers may be managed "
+"via this B<cachemgr.cgi> program. Each line specifies a B<server>:B<port> "
+"followed by an optional description"
+msgstr ""
+"El archivo de configuración de accesos define cuáles servidores Squid pueden "
+"ser administrador via el programa B<cachemgr.cgi>. Cada línea especifica un "
+"B<server>:B<port> seguido por una descripción opcional"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:201
+msgid ""
+"Specity the LDAP server to connect to by LDAP URI (requires OpenLDAP "
+"libraries). Servers can also be specified last on the command line."
+msgstr ""
+"Especificar el servidor LDAP para conectar a través del URI LDAP (las "
+"librerías OpenLDAP son requeridas). Los servidores también puede ser "
+"especificados como último parámetro en la línea de comandos."
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:91
+msgid "With contributions from many others."
+msgstr "Con la contribución de muchos otros"
+
+#. type: Plain text
+#: tools/squidclient.1:14
+msgid "remote host"
+msgstr "host remoto"
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:67
+msgid ""
+"The configuration specifies how the helper connects to RADIUS. The file "
+"contains a list of directives (one per line). Lines beginning with a B<#> "
+"are ignored."
+msgstr ""
+"La configuración especifica cóm el módulo conecta al servidor RADIUS. El "
+"archivo contiene una lista de directivas (una por línea). Las líneas "
+"empezando con B<#> son ignoradas"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:67
+msgid "B<REQUIRED.> Specifies the base DN under which the users are located."
+msgstr "B<REQUIRED.> Indica el DN base al que pertenece el usuario"
+
+#. type: Plain text
+#: tools/squidclient.1:22
+msgid "Host header"
+msgstr "cabecera de host"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:158
+msgid ""
+"Specify an alternate TCP port where the ldap server is listening if other "
+"than the default LDAP port 389."
+msgstr ""
+"Especificar puerto TCP alternativo si el servidor LDAP está escuchando en un "
+"puerto diferente al puerto por defecto 389"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:16 helpers/basic_auth/LDAP/basic_ldap_auth.8:31 helpers/external_acl/ldap_group/squid_ldap_group.8:18
+msgid "options"
+msgstr "opciones"
+
+#. type: Plain text
+#: tools/squidclient.1:36 tools/squidclient.1:38
+msgid "user"
+msgstr "usuario"
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:16
+msgid "server name"
+msgstr "nombre del servidor"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:23
+msgid "This has the following advantages over the NCSA module:"
+msgstr "Esto tiene las siguientes ventajas sobre el módulo NCSA:"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:12 helpers/basic_auth/LDAP/basic_ldap_auth.8:27 helpers/external_acl/ldap_group/squid_ldap_group.8:14
+msgid "base DN"
+msgstr "DN base"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:75 helpers/basic_auth/LDAP/basic_ldap_auth.8:298 helpers/basic_auth/RADIUS/basic_radius_auth.8:97 helpers/external_acl/ldap_group/squid_ldap_group.8:247 helpers/external_acl/session/squid_session.8:69 helpers/external_acl/unix_group/squid_unix_group.8:71
+msgid ""
+"This program and documentation is copyright to the authors named above."
+msgstr ""
+"Este programa y su documentación son propiedad intelectual de los autores "
+"nombrados anteriormente."
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:123
+msgid ""
+"LDAP search filter used to search the LDAP directory for any matching group "
+"memberships. In the filter B<%u> will be replaced by the user name (or DN "
+"if the B<-F> or B<-u> options are used) and B<%g> by the requested group "
+"name."
+msgstr ""
+"El filtro de búsqueda LDAP usado para buscar en el directorio LDAP para "
+"encontrar coincidencias por pertinencia a grupos. En el filtro B<%u> será "
+"remplazado por el nombre de usuario (o DN si las opciones B<-F> o B<-u> son "
+"usadas) y B<%g> por el grupo solicitado"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:48
+msgid ""
+"The program operates by searching with a search filter based on the users "
+"user name and requested group, and if a match is found it is determined that "
+"the user belongs to the group."
+msgstr ""
+"El programa realiza búsquedas basadas en criterios basados en el nombre de "
+"inicio de sesión de los usuarios y el grupo solicitado, si hay coincidencias "
+"implica que el usuario pertenece al grupo"
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:12
+msgid "config file"
+msgstr "Archivo de configuración"
+
+#. type: Plain text
+#: src/squid.8.in:13
+msgid "facility"
+msgstr "ubicación"
+
+#. type: Plain text
+#: src/squid.8.in:112
+msgid "Use specified syslog facility. implies B<-s>"
+msgstr "Usar la ubicación especificada en syslog. Implica B<-s>"
+
+#. type: Plain text
+#: tools/squidclient.1:77
+msgid "Extra headers to send. Use B<'\\n'> for new lines."
+msgstr "Cabeceras extra a enviar. Use B<'\\n'> para nuevas líneas"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:7
+msgid "LDAP authentication helper for Squid"
+msgstr "Módulo de autenticación LDAP para Squid"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:149
+msgid ""
+"Specity the LDAP server to connect to by a LDAP URI (requires OpenLDAP "
+"libraries)"
+msgstr ""
+"Especifica el servidor LDAP a conectar por un URI LDAP (requiere las "
+"librerías OpenLDAP)"
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:23
+msgid ""
+"B<squid_session> maintains a concept of sessions by monitoring requests and "
+"timing out sessions if no requests have been seen for the idle timeout timer."
msgstr ""
+"B<squid_session> mantiene un \"concepto\" de sesiones por monitoreo de "
+"solicitudes y expiración de sesiones HTTP si las solicitudes han sido vistas "
+"por el temporizador."
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:46
+msgid ""
+"The program needs a PAM service to be configured in B</etc/pam.conf> or "
+"B</etc/pam.d/squid>"
+msgstr ""
+"El programa necesita un servicio PAM para configurar en B</etc/pam.conf> o "
+"B</etc/pam.d/squid>"
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:67 tools/squidclient.1:179
+msgid ""
+"See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what "
+"you need to include with your bug report."
+msgstr ""
+"Vea http://wiki.squid-cache.org/SquidFaq/BugReporting para mayores detalles "
+"sobre lo que necesita incluir en el reporte de errores"
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:43
+msgid ""
+"This file is distributed in the hope that it will be useful, but WITHOUT ANY "
+"WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS "
+"FOR A PARTICULAR PURPOSE. See the GNU General Public License for more "
+"details."
+msgstr ""
+"Este archivo es distribuido en la esperanza de que sea útil, pero SIN "
+"NINGUNA GARANTÍA; incluso sin la garantía de COMERCIABILIDAD o IDONEIDAD "
+"PARA UN PROPÓSITO PARTICULAR. Vea la Licencia General Pública GNU para más "
+"detalles."
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:48
+msgid ""
+"You should have received a copy of the GNU General Public License along with "
+"this file; if not, write to the Free Software Foundation, Inc., 59 Temple "
+"Place, Suite 330, Boston, MA 02111-1307 USA"
+msgstr ""
+"Usted debe haber recibido una copia de la Licencia General Pública GNU con "
+"este archivo; si no, escriba a la Free Software Foundation, Inc., 59 Temple "
+"Place, Suite 330, Boston, MA 02111-1307 USA"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:231
+msgid ""
+"B<NOTE:> When constructing search filters it is recommended to first test "
+"the filter using B<ldapsearch> to verify that the filter matches what you "
+"expect before you attempt to use B<squid_ldap_group>"
+msgstr ""
+"B<NOTE:> Cuando se construyen filtros de búsqueda es recomendable primer "
+"hacer pruebas del filtro usando B<ldapsearch> para verificar que el filtro "
+"devuelve los resultados esperados antes de usar B<squid_ldap_group>"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:71 helpers/basic_auth/NCSA/basic_ncsa_auth.8:32 helpers/basic_auth/RADIUS/basic_radius_auth.8:93 helpers/external_acl/ldap_group/squid_ldap_group.8:243 helpers/external_acl/unix_group/squid_unix_group.8:67
+msgid "This manual was written by"
+msgstr "Este manual fue escrito por"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:212
+msgid ""
+"Specify an alternate TCP port where the ldap server is listening if other "
+"than the default LDAP port 389. Can also be specified within the server "
+"specificiation by using servername:port syntax."
+msgstr ""
+"Especificar un puerto TCP alternativo -distinto del predeterminado 389/tcp- "
+"para escucha del servidor LDAP. También puede ser especificado usando la "
+"sintáxis NombreDeServidor:puerto."
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:135
+msgid ""
+"LDAP search filter used to search the LDAP directory for any matching users. "
+" In the filter B<%s> will be replaced by the user name. If B<%> is to be "
+"included literally in the filter then use B<%%>"
+msgstr ""
+"El filtro de búsqueda LDAP usado para buscar en el directorio LDAP para "
+"encontrar coincidencias por nombres de inicio de sesión. Si B<%> necesita "
+"ser incluido (literalmente) en el filtro, use B<%%>"
+
+#. uid\=%s\""
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:82
+msgid ""
+"The search filter can contain up to 15 occurrences of B<%s> which will be "
+"replaced by the username, as in B<\\&\\&> for RFC2037 directories. For a "
+"detailed description of LDAP search filter syntax see RFC2254."
+msgstr ""
+"El filtro del búsqueda puede contener hasta 15 ocurrencias de B<%s> las que "
+"serán remplazadas por el nombre de usuario, como en B<\\&\\&> de acuerdo al "
+"RFC2037 para directorios. Para una descripción detallada de la sintáxis del "
+"filtro de búsqueda LDAP consulte el RFC2254"
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:22
+msgid "secret"
+msgstr "secreto"
+
+#. type: Plain text
+#: tools/squidclient.1:24
+msgid "local host"
+msgstr "host local"
+
+#. type: Plain text
+#: tools/squidclient.1:120
+msgid "Request body. Using the named file as data."
+msgstr "Cuerpo de la solicitud. Usando el archivo nombrado como datos"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:91 helpers/basic_auth/LDAP/basic_ldap_auth.8:317 helpers/basic_auth/NCSA/basic_ncsa_auth.8:63 helpers/basic_auth/PAM/basic_pam_auth.8:105 helpers/basic_auth/RADIUS/basic_radius_auth.8:116 helpers/external_acl/ldap_group/squid_ldap_group.8:266 helpers/external_acl/session/squid_session.8:85 helpers/external_acl/unix_group/squid_unix_group.8:87 src/squid.8.in:256 tools/cachemgr.cgi.8.in:72 tools/squidclient.1:184
+msgid ""
+"Report serious security bugs to I<Squid Bugs E<lt>squid-bugs@squid-"
+"cache.orgE<gt>>"
+msgstr ""
+"Reporte fallos de seguridad importantes a I<Squid Bugs E<lt>squid-bugs@squid-"
+"cache.orgE<gt>>"
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:82 helpers/external_acl/session/squid_session.8:65
+msgid "This program and documentation was written by"
+msgstr "Este programa y la documentación han sido escritos por"
+
+#. type: Plain text
+#: src/squid.8.in:100
+msgid "Install as a Windows Service (see B<-n> option)."
+msgstr "Instalar como servicio de Windows (vea la opción B<-n> )"
+
+#. type: Plain text
+#: src/squid.8.in:182 src/squid.8.in:188
+msgid ""
+"Reference copy of the configuration file. Always kept up to date with the "
+"version of Squid you are using."
+msgstr ""
+"Copia de referencia del archivo de configuración. Siempre mantenga una copia "
+"actualizada acorde con la versión de Squid en uso"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:165
+msgid ""
+"Use a persistent LDAP connection. Normally the LDAP connection is only open "
+"while validating a username to preserve resources at the LDAP server. This "
+"option causes the LDAP connection to be kept open, allowing it to be reused "
+"for further user validations. Recommended for larger installations."
+msgstr ""
+"Usar conexiones LDAP persistentes. Normalmente la conexión LDAP es abierta "
+"solo cuando se valida el nombre de usuario, para preservar los recursos del "
+"servidor LDAP. Esta opción provoca que la conexión LDAP permanezca abierta, "
+"permitiendo ser reusada para futuras validaciones de usuario. Recomendada "
+"para instalaciones grandes."
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:187
+msgid "when to dereference aliases. Defaults to B<never>"
+msgstr "Cuando disociar alias. Por defecto a B<never>"
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:93
+msgid "Additionally bugs or bug-fixes can be reported to"
+msgstr "Errores adicionales o parches pueden ser reportados a"
+
+#. type: Plain text
+#: tools/squidclient.1:85
+msgid "Ping interval in seconds (default 1 second)."
+msgstr "Segundos de intervalo del ping (por defecto un segundo)"
+
+#. type: Plain text
+#: tools/squidclient.1:150
+msgid "Verbose. Print outgoing message to stderr."
+msgstr "Informativo. Imprimir mensajes a la salida estándar"
+
+#. type: Plain text
+#: src/squid.8.in:21
+msgid "service-name"
+msgstr "nombre-del-servicio"
#. type: Plain text
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:21
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:76
msgid ""
-"Specifies the path to a configuration file. See the CONFIGURATION section "
-"for details."
+"Specify timeout used when connecting to LDAP servers (requires Netscape LDAP "
+"API libraries)"
msgstr ""
+"Especificar el límite del tiempo de espera para conectar a servidores LDAP "
+"(requiere las librerías API LDAP de Netscape)"
-#. type: TP
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:22
-#, no-wrap
-msgid "B<-h >I<server>"
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:126
+msgid ""
+"Search scope when performing user DN searches specified by the B<-f> option. "
+"Defaults to B<sub>"
msgstr ""
+"Alcance de la búsqueda cuando se especifican DN de usuario con la opción B<-"
+"f>. La opción por defecto es B<sub>"
#. type: Plain text
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:25
-msgid "Alternative method of specifying the server to connect to"
-msgstr ""
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:9
+msgid "Version 2.17"
+msgstr "Versión 2.17"
-#. type: TP
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:26
-#, no-wrap
-msgid "B<-p >I<port>"
+#. type: Plain text
+#: src/squid.8.in:225
+msgid ""
+"With contributions from many others in the Squid community. see "
+"CONTRIBUTORS for a full list of individuals who contributed code. see "
+"CREDITS for a list of major code contributing copyright holders."
msgstr ""
+"Con la contribución de muchos otros en la comunidad de Squid. Vea "
+"DESARROLLADORES para una lista completa de individuos que han contribuido "
+"código. Vea CREDITOS para una lista de principales contribuciones de código "
+"y derechos de autores"
#. type: Plain text
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:30
+#: src/squid.8.in:41
msgid ""
-"Specify another server port where the RADIUS server listens for requests if "
-"different from the default RADIUS port. Normally not specified."
+"Squid supports SSL, extensive access controls, and full request logging. By "
+"using the lightweight Internet Cache Protocols ICP, HTCP or CARP, Squid "
+"caches can be arranged in a hierarchy or mesh for additional bandwidth "
+"savings."
msgstr ""
+"Squid soporta SSL, extensos controles de acceso y registro completo de "
+"solicitudes. Usando los protocolos de caché ligeros como ICP, HTCP o CARP, "
+"se pueden crear en Squid jerarquías o mallas para ahorro adicional de ancho "
+"de banda"
-#. type: TP
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:31
-#, no-wrap
-msgid "B<-i >I<identifier>"
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:147
+msgid ""
+"As the password needs to be printed in plain text in your Squid "
+"configuration it is strongly recommended to use a account with minimal "
+"associated privileges. This to limit the damage in case someone could get "
+"hold of a copy of your Squid configuration file."
msgstr ""
+"Debido a que la contraseña debe ser impresa en formato de texto plano en su "
+"archivo de configuración de Squid, es altamente recomendable usar una cuenta "
+"con los mínimos privilegios asociados. Esto es para limitar el daño en caso "
+"de que alguien pudiera hacerse de su archivo de configuración."
#. type: Plain text
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:35
+#: tools/squidclient.1:12 tools/squidclient.1:32
+msgid "count"
+msgstr "conteo"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:130 helpers/external_acl/ldap_group/squid_ldap_group.8:178
+msgid "B<base> object only,"
+msgstr "Solo objetos B<base>"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:257
msgid ""
-"Unique identifier identifying this Squid proxy to the RADIUS server. If not "
-"specified the IP address is used as to identify the proxy."
+"Or contact your favorite LDAP list/friend if the question is more related to "
+"LDAP than Squid."
msgstr ""
+"O contacte a su lista/amigo favorito si su pregunta está más relacionada a "
+"LDAP que a Squid"
-#. type: TP
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:35
-#, no-wrap
-msgid "B<-w >I<secret>"
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:86 helpers/basic_auth/LDAP/basic_ldap_auth.8:312 helpers/basic_auth/NCSA/basic_ncsa_auth.8:58 helpers/basic_auth/PAM/basic_pam_auth.8:100 helpers/basic_auth/RADIUS/basic_radius_auth.8:111 helpers/external_acl/ldap_group/squid_ldap_group.8:261 helpers/external_acl/session/squid_session.8:80 helpers/external_acl/unix_group/squid_unix_group.8:82 src/squid.8.in:251
+msgid ""
+"Bug reports need to be made in English. See http://wiki.squid-"
+"cache.org/SquidFaq/BugReporting for details of what you need to include with "
+"your bug report."
msgstr ""
+"Los reportes de error deben ser escritos en inglés. Vea http://wiki.squid-"
+"cache.org/SquidFaq/BugReporting para detalles de lo que necesita incluir en "
+"el reporte de errores"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:20
+msgid "ldap_server_name"
+msgstr "ldap_server_name"
#. type: Plain text
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:39
+#: src/squid.8.in:36
msgid ""
-"Alternative method of specifying the shared secret. Using the configuration "
-"file is generally more secure and recommended."
+"Squid keeps meta data and especially hot objects cached in RAM, caches DNS "
+"lookups, supports non-blocking DNS lookups, and implements negative caching "
+"of failed requests."
msgstr ""
+"Squid guarda metadatos y especialmente objetos de acceso frecuente en la "
+"memoria RAM, hacé caché de búsquedas DNS, soporte búsquedas DNS asíncronas e "
+"implementa caché negativo para búsquedas fallidas"
-#. type: TP
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:40
-#, no-wrap
-msgid "B<-t >I<timeout>"
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:235 helpers/external_acl/ldap_group/squid_ldap_group.8:192
+msgid "Specify time limit on LDAP search operations"
+msgstr "Especificar límite de tiempo para las búsquedas LDAP"
+
+#. type: Plain text
+#: src/squid.8.in:107
+msgid ""
+"Parse configuration file, then send signal to running copy (except B<-k "
+"parse> ) and exit."
msgstr ""
+"Procesar el archivo de configuración, luego enviar la señal a la copia en "
+"ejecución (excepto B<-k parse>) y terminar"
#. type: Plain text
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:43
-msgid "RADIUS request timeout. Default 10 seconds."
+#: tools/cachemgr.cgi.8.in:18
+msgid ""
+"The cache manager ( B<cachemgr.cgi> ) is a CGI utility for displaying "
+"statistics about the Squid HTTP proxy process as it runs. The cache manager "
+"is a convenient way to manage the cache and view statistics without logging "
+"into the server."
msgstr ""
+"El administrador del caché ( B<cachemgr.cgi> ) es una utilidad CGI para "
+"facilitar la entrega de reportes estadísticos sobre el proceso proxy HTTP "
+"Squid en ejecución. El adminstrador de caché es una forma conveniente de "
+"administrar el caché y ver estadísticas sin iniciar sesión en el servidor"
#. type: Plain text
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:48
+#: tools/cachemgr.cgi.8.in:56 tools/squidclient.1:168
msgid ""
-"The configuration specifies how the helper connects to RADIUS. The file "
-"contains a list of directives (one per line). Lines beginning with a # is "
-"ignored."
+"Derived from Harvest. Further developed by by numerous individuals from the "
+"internet community. Development is led by Duane Wessels of the National "
+"Laboratory for Applied Network Research and funded by the National Science "
+"Foundation."
msgstr ""
+"Derivado de Harvest. Desarrollado posteriormente por numerosos individuos de "
+"la comunidad de Internet. El desarrollo es liderado por Duane Wessels del "
+"Laboratorio Nacional para la Red de Investigaciones Aplicacas y auspiciado "
+"por la Fundación Nacional de Ciencias"
-#. type: TP
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:49
-#, no-wrap
-msgid "B<server >I<radiusserver>"
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:196
+msgid ""
+"B<never> dereference aliases (default), B<always> dereference aliases, only "
+"while B<search ing> or only to B<find> the base object."
msgstr ""
+"B<never> disociar alias (predeterminado). B<siempre> disociar alias, solo "
+"mientras B<buscando> o solo al B<encontrar> el objeto base"
#. type: Plain text
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:52
-msgid "specifies the name or address of the RADIUS server to connect to."
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:157 helpers/external_acl/ldap_group/squid_ldap_group.8:103
+msgid ""
+"Less insecure version of the former parameter pair with two advantages: The "
+"password does not occur in the process listing, and the password is not "
+"being compromised if someone gets the squid configuration file without "
+"getting the secretfile."
msgstr ""
+"Menos insegura que la versión anterior del par de parámetros con dos "
+"ventajas: La clave no aparece en el proceso de listado y la clave no se "
+"compromete si alguien obtiene el archivo de configuración de Squid sin "
+"obtener el archivo con los secretos."
-#. type: TP
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:53
-#, no-wrap
-msgid "B<secret >I<somesecretstring>"
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:246
+msgid ""
+"For directories using the RFC2307 layout with a single domain, all you need "
+"to specify is usually the base DN under where your users are located and the "
+"server name:"
msgstr ""
+"Para directorios ajustados en diseño al RFC2307 con un único dominio todo lo "
+"que necesita es especificar es el DN base bajo el cual los usuarios son "
+"localizados y el nombre del servidor"
#. type: Plain text
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:56
-msgid "specifies the shared RADIUS secret."
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:53
+msgid "When to dereference aliases. Defaults to 'never'"
+msgstr "Cuando eliminar los aliases de referencia. Por defecto en \"nunca\""
+
+#. type: Plain text
+#: src/squid.8.in:198
+msgid "The main configuration file for the web B<cachemgr.cgi> tools."
msgstr ""
+"El archivo de configuración principal para las herramientas web "
+"B<cachemgr.cgi>"
-#. type: TP
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:57
-#, no-wrap
-msgid "B<identifier >I<nameofserver>"
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:216 helpers/external_acl/ldap_group/squid_ldap_group.8:204
+msgid "LDAP protocol version. Defaults to 2 if not specified."
msgstr ""
+"Versión del protocolo LDAP. Se usará la versión 2 si no se especifica."
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:7
+msgid "Squid PAM Basic authentication helper"
+msgstr "Módulo de autenticación PAM básica"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:224 helpers/external_acl/ldap_group/squid_ldap_group.8:107
+msgid "Enable LDAP over SSL (requires Netscape LDAP API libraries)"
+msgstr "Habilitar LDAP sobre SSL (requiere librerías del API LDAP de Netscape)"
#. type: Plain text
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:61
+#: tools/cachemgr.cgi.8.in:50
msgid ""
-"specifies what the proxy should identify itsels as to the RADIUS server. "
-"This directive is optional."
+"B<cachemgr.cgi> calls the requested server on the requested port using HTTP "
+"and returns a formatted version of the response. To avoid abuse it is "
+"recommended to configure your web server to restrict access to the "
+"B<cachemgr.cgi> program."
msgstr ""
+"B<cachemgr.cgi> invoca, usando el protocolo HTTP a los servidores "
+"solicitados usando el puerto configurado y retorna una versión formateada de "
+"la respuesta. Para prevenir el abuso es recomendable configurar su servidor "
+"web para restringir el acceso al programa B<cachemgr.cgi>"
-#. type: TP
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:62
-#, no-wrap
-msgid "B<port >I<portnumber>"
-msgstr ""
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:14
+msgid "attribute"
+msgstr "atributo"
#. type: Plain text
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:65
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:175
+msgid "search scope. Defaults to B<sub>"
+msgstr "Alcance de la búsqueda. El valor por defecto es B<sub>"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:276
msgid ""
-"Specifies the port number or service name where the helper should connect."
+"If you want to search for the user DN and your directory does not allow "
+"anonymous searches then you must also use the B<-D> and B<-w> flags to "
+"specify a user DN and password to log in as to perform the searches, as in "
+"the following complex Active Directory example"
msgstr ""
+"Si desea buscar por el DN del usuario y el directorio no permite las "
+"búsquedas anónimas debe usar también las opciones B<-D> and B<-w> para "
+"especificar el DN de usuario y clave para identificarse y realizar las "
+"búsquedas, como en el siguiente y complejo ejemplo para el Directorio Activo"
#. type: Plain text
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:68
-#: helpers/external_acl/unix_group/squid_unix_group.8:44
+#: src/squid.8.in:184
msgid ""
-"This manual page was written by I<Henrik Nordstrom E<lt>hno@squid-cache."
-"orgE<gt>>"
+"Use this to look up the default configuration settings and syntax after "
+"upgrading."
msgstr ""
+"Use esta para inspeccionar la configuración por defecto y la sintáxis luego "
+"de la actualización"
+
+#. type: Plain text
+#: tools/squidclient.1:93
+msgid "Specify a local IP address to bind to. Default is none."
+msgstr "Especificar una dirección IP local para enlazar. Por defecto ninguna"
+
+#. type: Plain text
+#: src/squid.8.in:131
+msgid "Remove a Windows Service (see B<-n> option)."
+msgstr "Remover el servicio Windows (vea la opción B<-n>)"
#. type: Plain text
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:74
+#: helpers/external_acl/unix_group/squid_unix_group.8:46
msgid ""
-"squid_radius_auth is written by I<Marc van Selm E<lt>selm@cistron.nlE<gt>> "
-"with contributions from I<Henrik Nordstrom E<lt>hno@squid-cache.orgE<gt>> "
-"and many others"
+"This B<squid.conf> example defines two Squid acls. I<usergroup1> matches "
+"users in I<group1> , and I<usergroup2> matches users in I<group2> or "
+"I<group3>"
msgstr ""
+"Este B<squid.conf> de ejemplo define dos ACLs de Squid. I<usergroup1> busca "
+"usuarios en I<group1> y I<usergroup2> busca usuarios en I<group2> or "
+"I<group3>"
+
+#. type: Plain text
+#: tools/squidclient.1:30
+msgid "file"
+msgstr "archivo"
+
+#. type: Plain text
+#: tools/squidclient.1:154
+msgid "HTTP Version. Use '-' for HTTP/0.9 omitted case"
+msgstr "Versión HTTP. Use '-' para HTTP/0.9 en caso de omitirse"
#. type: Plain text
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:80
+#: src/squid.8.in:32
msgid ""
-"Any questions on usage can be sent to I<Squid Users E<lt>squid-users@squid-"
-"cache.orgE<gt>>, or to your favorite RADIUS list/friend if the question is "
-"more related to RADIUS than Squid."
+"B<squid> is a high-performance proxy caching server for web clients, "
+"supporting FTP, gopher, ICAP, ICP, HTCP and HTTP data objects. Unlike "
+"traditional caching software, Squid handles all requests in a single, non-"
+"blocking process."
msgstr ""
+"B<squid> es servidor proxy-caché de alto rendimiento para clientes web que "
+"soporta FTP, gopher, ICAP, ICP, HTCP y objetos de datos HTTP. A diferencia "
+"del software de caché tradicional, Squid maneja todas las solicitudes en un "
+"único proceso asíncrono"
#. type: Plain text
-#: helpers/basic_auth/squid_radius_auth/squid_radius_auth.8:88
-msgid "B<RFC2058> - Remote Authentication Dial In User Service (RADIUS)"
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:142
+msgid ""
+"The DN and password to bind as while performing searches. Required by the B<-"
+"f> flag if the directory does not allow anonymous searches."
msgstr ""
+"DN y clave con autorización para efectuar las búsquedas. Es requerido por la "
+"opción B<-f> si el directorio no permite búsquedas anónimas."
-#. type: TH
-#: helpers/external_acl/session/squid_session.8:1
-#, no-wrap
-msgid "squid_session"
+#. type: Plain text
+#: tools/squidclient.1:16
+msgid "string"
+msgstr "cadena"
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:36
+msgid ""
+"Specifies the path to a configuration file. See the CONFIGURATION section "
+"for details on the file content."
msgstr ""
+"Especifica la ruta al archivo de configuración. Vea la sección CONFIGURACIÓN "
+"para detalles del contenido del archivo."
-#. type: TH
-#: helpers/external_acl/session/squid_session.8:1
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:133 helpers/external_acl/ldap_group/squid_ldap_group.8:181
+msgid "B<one> level below the base object or"
+msgstr "B<one> nivel por debajo del objeto base o"
+
+#. type: Plain text
+#: tools/squidclient.1:108
#, no-wrap
-msgid "19 March 2006"
+msgid ""
+"Request method, default is\n"
+"I<GET.>\n"
+"Squid also supports a non-standard method called\n"
+"I<PURGE.>\n"
+"You can use that to purge a specific URL from the cache.\n"
+"You need to have\n"
+"I<purge>\n"
+"access setup in\n"
+"B<squid.conf>\n"
+"similar to\n"
+"I<manager>\n"
+" access. Here is an example:\n"
msgstr ""
+"Método de la solicitud, por defecto es:\n"
+"I<GET.>\n"
+"Squid soporta también métodos de llamada no estándares.\n"
+"I<PURGE.>\n"
+"Puede usarse para eliminar una URL específica del caché.\n"
+"Necesita\n"
+"I<purge>\n"
+"en la configuración de acceso en\n"
+"B<squid.conf>\n"
+"similar al \n"
+"I<manager>\n"
+"acceso. Aquí hay un ejemplo.\n"
-#. type: TH
-#: helpers/external_acl/session/squid_session.8:1
-#, no-wrap
-msgid "Version 1.0"
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:22
+msgid ""
+"Configuration examples for many common web servers can be found in the Squid "
+"FAQ wiki."
msgstr ""
+"Ejemplos de configuración para los servidores web más usados pueden ser "
+"encontrados en la wiki de Preguntas Frecuentemente Respondidas de Squid"
#. type: Plain text
-#: helpers/external_acl/session/squid_session.8:5
-msgid "squid_session - Squid session tracking external acl group helper"
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:257
+msgid ""
+"And similarily if you only want to allow access to users having a specific "
+"attribute"
msgstr ""
+"Y similarmente si solo desea permitir acceso a usuarios con atributos "
+"específicos."
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:277
+msgid "Your favorite LDAP documentation"
+msgstr "Su documentación LDAP favorita"
#. type: Plain text
-#: helpers/external_acl/session/squid_session.8:8
-msgid "squid_session [-t idle_timeout] [-b dbpath] [-a]"
+#: src/squid.8.in:242
+msgid ""
+"see the CREDITS file for further copyright licensing of third-party code "
+"contributions."
msgstr ""
+"ver el archivo CREDITOS de concesión de licencias de derechos de autor "
+"además de las contribuciones de código de terceros."
#. type: Plain text
-#: helpers/external_acl/session/squid_session.8:13
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:136 helpers/external_acl/ldap_group/squid_ldap_group.8:184
+msgid "B<sub>tree below the base object"
+msgstr "B<sub>árbol debajo del objeto base"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:75
msgid ""
-"This helper maintains a concept of sessions by monitoring requests and "
-"timing out sessions if no requests have been seen for the idle timeout timer."
+"LDAP search B<filter> to locate the user DN. Required if the users are in a "
+"hierarchy below the base DN, or if the login name is not what builds the "
+"user specific part of the users DN."
msgstr ""
+"El filtro de búsqueda LDAP B<filter> para localizar el DN del usuario. Es "
+"requerido si los usuarios están abajo en la jerarquía del DN base o si el "
+"nombre de inicio de sesión no es parte del DN del usuario"
#. type: Plain text
-#: helpers/external_acl/session/squid_session.8:15
-msgid "Intended use is for displaying \"terms of use\" pages, ad popups etc."
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:56
+msgid ""
+"Alternative method of specifying the shared secret. Using the B<-f> option "
+"with a configuration file is generally more secure and recommended."
msgstr ""
+"Método alternativo para especificar el secreto compartido. Usando la opción "
+"B<-f> con un archivo de configuración es más seguro y recomendado"
-#. type: TP
-#: helpers/external_acl/session/squid_session.8:16
-#, no-wrap
-msgid "B<-t >I<idletimeout >B<(default 3600)>"
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:94 helpers/basic_auth/LDAP/basic_ldap_auth.8:320 helpers/basic_auth/NCSA/basic_ncsa_auth.8:66 helpers/basic_auth/PAM/basic_pam_auth.8:108 helpers/basic_auth/RADIUS/basic_radius_auth.8:119 helpers/external_acl/ldap_group/squid_ldap_group.8:269 helpers/external_acl/session/squid_session.8:88 helpers/external_acl/unix_group/squid_unix_group.8:90 src/squid.8.in:259 tools/cachemgr.cgi.8.in:75 tools/squidclient.1:187
+msgid ""
+"Report ideas for new improvements to the I<Squid Developers mailing list>"
+msgstr "Reporte idea para nuevas mejoras a I<Squid Developers mailing list>"
+
+#. type: Plain text
+#: tools/squidclient.1:60
+msgid "Do NOT include Accept: header."
+msgstr "NO incluir cabecera Accept"
+
+#. type: Plain text
+#: tools/squidclient.1:146
+msgid "WWW authentication username"
+msgstr "Nombre de usuario para autenticación WWW"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:7
+msgid "Squid LDAP external acl group helper"
+msgstr "Módulo Squid LDAP para ACLs externas de grupo"
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:31
+msgid ""
+"B<Timeout> for any session. If not specified the default is 3600 seconds."
msgstr ""
+"B<Timeout> para cualquier sesión. Si no es especificado el valor por defecto "
+"es 3600 segundos"
#. type: Plain text
-#: helpers/external_acl/session/squid_session.8:19
-msgid "Specifies the session idle timeout timer."
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:35
+msgid "Based on original documentation by"
+msgstr "Basado en la documentación original de"
+
+#. type: Plain text
+#: src/squid.8.in:86
+msgid ""
+"Use the given config-file instead of B<@SYSCONFDIR@/squid.conf .> If the "
+"file name starts with a B<!> or B<|> then it is assumed to be an external "
+"command or command line. Can for example be used to pre-process the "
+"configuration before it is being read by Squid. To facilitate this Squid "
+"also understands the common #line notion to indicate the real source file."
msgstr ""
+"Use el archivo de configuración dado en lugar de B<@SYSCONFDIR@/squid.conf "
+".> Si el nombre de archivo empieza con B<!> o B<|> entonces se asume que es "
+"comando externo o una orden de línea de comandos. Pueden ser usados para "
+"pre-procesamiento de la configuración antes de que sea leía por Squid. Para "
+"facilitar esto Squid comprende la noción #línea para indicar la fuente real "
+"del archivo"
-#. type: TP
-#: helpers/external_acl/session/squid_session.8:20
-#, no-wrap
-msgid "B<-b >I<dbpath>"
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:68
+msgid "Based on original code by"
+msgstr "Basado en el código originalmente creado por"
+
+#. type: Plain text
+#: src/squid.8.in:233
+msgid ""
+"This software product, SQUID, is developed by a team of individuals, and "
+"copyrighted (C) 2001 by the Regents of the University of California, with "
+"all rights reserved. UCSD administered the NLANR Cache grants, NCR 9616602 "
+"and NCR 9521745 under which most of this code was developed."
msgstr ""
+"Este producto de software, SQUID, es desarrollado por un equipo de "
+"individuos bajo de derechos de autor (C) 2001 por los Regentes de la "
+"Universidad de California, con todos los derechos reservados. UCSD "
+"administra los derechos para el caché NLANR, NCR 9616602 y NCR 9521745 bajo "
+"el cual la mayor parte del código es desarrollado"
#. type: Plain text
-#: helpers/external_acl/session/squid_session.8:25
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:182 helpers/external_acl/ldap_group/squid_ldap_group.8:170
+msgid "Do not follow referrals"
+msgstr "No seguir referidos"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:252
msgid ""
-"Path to persistent database. If not specified the session details will be "
-"kept in memory only and all sessions will reset each time Squid restarts "
-"it's helpers (Squid restart or rotation of logs)."
+"If you have sub-domains then you need to use a search filter approach to "
+"locate your user DNs as these can no longer be constructed direcly from the "
+"base DN and login name alone:"
msgstr ""
+"Si tiene sub-dominios entonces necesita usar un filtro de búsqueda para "
+"localizar el DN de los usuarios porque este no será construido directamente "
+"desde el DN base y nombre de inicio de sesión solamente."
-#. type: TP
-#: helpers/external_acl/session/squid_session.8:26
-#, no-wrap
-msgid "B<-a>"
+#. type: Plain text
+#: src/squid.8.in:173
+msgid "Squid configuration files located in @SYSCONFDIR@/:"
+msgstr "Los archivos de configuración de Squid están ubicados en @SYSCONFDIR@/:"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:152 helpers/external_acl/ldap_group/squid_ldap_group.8:98
+msgid ""
+"The DN and the name of a file containing the password to bind as while "
+"performing searches."
msgstr ""
+"DN y nombre del archivo que contiene las claves autorizadas para efectuar "
+"búsquedas."
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:18 helpers/basic_auth/LDAP/basic_ldap_auth.8:33
+msgid "LDAP server name"
+msgstr "nombre de servidor LDAP"
#. type: Plain text
-#: helpers/external_acl/session/squid_session.8:30
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:15
msgid ""
-"Active mode. In this mode sessions are started by evaluating an acl with the "
-"argument LOGIN, or terminated by the argument LOGOUT."
+"B<basic_getpwnam_auth> allows Squid to authenticate any local user accounts "
+"to validate the user name and password of Basic HTTP authentication."
msgstr ""
+"B<basic_getpwnam_auth> permite a Squid autenticar las cuentas de usuario "
+"local para validar el nombre de usuario y la contraseña de autenticación "
+"HTTP."
#. type: Plain text
-#: helpers/external_acl/session/squid_session.8:33
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:220 helpers/external_acl/ldap_group/squid_ldap_group.8:208
+msgid "Use TLS encryption"
+msgstr "Usa encriptacion TSL"
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:117
+msgid "PAM Systems Administrator Guide"
+msgstr "Guía de Administración de Sistemas para PAM"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:294
+msgid "This manual is written by"
+msgstr "Este manual ha sido escrito por"
+
+#. type: Plain text
+#: src/squid.8.in:57
msgid ""
-"Without this flag the helper automatically starts the session after the "
-"first request."
+"This manual page only lists the command line arguments. For details on how "
+"to configure Squid see the file B<@SYSCONFDIR@/squid.conf.documented,> the "
+"Squid wiki FAQ and examples at http://wiki.squid-cache.org/ , or the "
+"configuration manual on the Squid home page"
msgstr ""
+"Esta página de manual solo enumera los argumentos de línea de comandos. Para "
+"detalles sobre sobre configurar Squid vea el archivo "
+"B<@SYSCONFDIR@/squid.conf.documented,> la wiki, preguntas frecuentemente "
+"respondidas y ejemplos en http://wiki.squid-cache.org/ o el manual de "
+"configuración en la página principal de Squid"
#. type: Plain text
-#: helpers/external_acl/session/squid_session.8:37
-msgid "Configuration example using the default automatic mode"
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:266
+msgid ""
+"Or if the user attribute of the user DN is B<cn> instead of B<uid> and you "
+"do not want to have to search for the users then you could use something "
+"like the following example for Active Directory:"
msgstr ""
+"O si el atributo del usuario o el DN del usuario es B<cn> en lugar de B<uid> "
+"y no desea realizar búsquedas de usuario podría usar algo como el ejemplo "
+"siguiente para el Directorio Activo."
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:63 helpers/external_acl/ldap_group/squid_ldap_group.8:234 helpers/external_acl/unix_group/squid_unix_group.8:64
+msgid "This program was written by"
+msgstr "Este programa fue escrito por"
#. type: Plain text
-#: helpers/external_acl/session/squid_session.8:39
+#: helpers/basic_auth/PAM/basic_pam_auth.8:20
msgid ""
-"external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %"
-"LOGIN /usr/local/squid/libexec/squid_session"
+"B<basic_pam_auth> allows Squid to connect to a mostly any available PAM "
+"database to validate the user name and password of Basic HTTP authentication."
msgstr ""
+"B<basic_pam_auth> permite a Squid conectarse a la mayoría de bases de datos "
+"PAM para validar el nombre de usuario y contraseña de la autenticación HTTP "
+"básica"
#. type: Plain text
-#: helpers/external_acl/session/squid_session.8:41
-msgid "acl session external session"
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:308
+msgid ""
+"Or to your favorite LDAP list/friend if the question is more related to LDAP "
+"than Squid."
msgstr ""
+"O para su lista o amigo LDAP favorito si la pregunta está más relacionada a "
+"LDAP que a Squid."
#. type: Plain text
-#: helpers/external_acl/session/squid_session.8:43
-msgid "http_access deny !session"
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:7
+msgid "NCSA httpd-style password file authentication helper for Squid"
msgstr ""
+"Módulo de autenticación al estilo del archivo de configuración de claves "
+"http NCSA"
+
+#. type: TP
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:29
+#, no-wrap
+msgid "Can handle LDAP requests"
+msgstr "Capaz de procesar solicitudes LDAP"
#. type: Plain text
-#: helpers/external_acl/session/squid_session.8:45
-msgid "deny_info http://your.server/bannerpage?url=%s session"
+#: tools/squidclient.1:138
+msgid "Timeout value (seconds) for read/write operations."
msgstr ""
+"Límite del tiempo de espera (en segundos) para operaciones de "
+"lectura/escritura"
#. type: Plain text
-#: helpers/external_acl/session/squid_session.8:47
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:67
msgid ""
-"Then set up http://your.server/bannerpage to display a session startup page "
-"and then redirect the user back to the requested URL given in the url query "
-"parameter."
+"B<REQUIRED.> Specifies the base DN under which the groups are located."
msgstr ""
+"B<REQUERIDO.> Especifica el DN base bajo el cual los grupos son localizados"
#. type: Plain text
-#: helpers/external_acl/session/squid_session.8:50
+#: helpers/external_acl/session/squid_session.8:16
+msgid "database"
+msgstr "base de datos"
+
+#. type: Plain text
+#: tools/squidclient.1:46
+msgid "url"
+msgstr "url"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:77 helpers/basic_auth/LDAP/basic_ldap_auth.8:300 helpers/basic_auth/PAM/basic_pam_auth.8:91 helpers/basic_auth/RADIUS/basic_radius_auth.8:99 helpers/external_acl/ldap_group/squid_ldap_group.8:249 helpers/external_acl/session/squid_session.8:71 helpers/external_acl/unix_group/squid_unix_group.8:73 tools/cachemgr.cgi.8.in:59 tools/squidclient.1:171
msgid ""
-"This helper and documentation was written by I<Henrik Nordstrom "
-"E<lt>henrik@henriknordstrom.netE<gt>>"
+"Distributed under the GNU General Public License (GNU GPL) version 2 or "
+"later (GPLv2+)."
msgstr ""
+"Distribuido bajo la Licencia Pública General GNU (GNU GPL, siglas en inglés) "
+" versión 2 o posterior (GPLv2+)"
#. type: Plain text
-#: helpers/external_acl/session/squid_session.8:54
+#: src/squid.8.in:66
msgid ""
-"Any questions on usage can be sent to I<Squid Users E<lt>squid-users@squid-"
-"cache.orgE<gt>>."
+"Specify HTTP port number where Squid should listen for requests, in addition "
+"to any B<http_port> specifications in B<squid.conf>"
msgstr ""
+"Especifique el número de puerto HTTP en el cual debe escuchar Squid las "
+"solicitudes, en adición a cualquier B<http_port> especificado en "
+"B<squid.conf>"
#. type: Plain text
-#: helpers/external_acl/session/squid_session.8:62
-msgid "B<squid>(B<8>)"
-msgstr ""
+#: helpers/external_acl/session/squid_session.8:7
+msgid "Squid session tracking external acl group helper."
+msgstr "Módulo externo de seguimiento de sesiones para ACLs de grupo"
-#. type: TH
-#: helpers/external_acl/unix_group/squid_unix_group.8:1
-#, no-wrap
-msgid "squid_unix_group"
-msgstr ""
+#. type: Plain text
+#: tools/squidclient.1:18
+msgid "IMS"
+msgstr "IMS"
-#. type: TH
-#: helpers/external_acl/unix_group/squid_unix_group.8:1
-#, no-wrap
-msgid "12 August 2002"
+#. type: Plain text
+#: src/squid.8.in:218
+msgid ""
+"Squid was written over many years by a changing team of developers and "
+"maintained in turn by"
msgstr ""
+"Squid ha sido escrito durante años por un equipo cambiante de "
+"desarrolladores y mantenido actualmente por"
-#. type: TH
-#: helpers/external_acl/unix_group/squid_unix_group.8:1
-#, no-wrap
-msgid "Squid UNIX Group helper"
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:62
+msgid ""
+"Then set up http://your.server.example.com/bannerpage to display a session "
+"startup page and then redirect the user back to the requested URL given in "
+"the url query parameter."
msgstr ""
+"Ahora configure http://mi.servidor.ejemplo.com/baner.html para mostrar la "
+"página de inicio de sesión y luego redirigir la consulta de regreso al URL "
+"dado en el parámetro URL de la consulta"
#. type: Plain text
-#: helpers/external_acl/unix_group/squid_unix_group.8:5
-msgid "squid_unix_group - Squid UNIX Group external_acl helper"
+#: tools/squidclient.1:89
+msgid "Host header content"
+msgstr "Contenido de la cabecera del host"
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:23
+msgid ""
+"The only parameter is the password file. It must have permissions to be "
+"read by the user that Squid is running as."
msgstr ""
+"El único parámetro es el archivo de claves. Debe tener permiso de lectura "
+"para el usuario bajo el cual se ejecuta el proceso Squid."
#. type: Plain text
-#: helpers/external_acl/unix_group/squid_unix_group.8:8
-msgid "squid_unix_group [-g groupname] [-g groupname...] [-p] [-s]"
+#: tools/squidclient.1:142
+msgid "Proxy authentication username"
+msgstr "Nombre de usuario para autenticar con el proxy"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:61
+msgid ""
+"The program has two major modes of operation. In the default mode of "
+"operation the users DN is constructed using the base DN and user attribute. "
+"In the other mode of operation a search filter is used to locate valid user "
+"DN's below the base DN."
msgstr ""
+"El programa tiene dos modos principales de funcionamiento. En el modo por "
+"defecto , los usuarios DN se crean con el DN de base y de atributos del "
+"usuario. En el otro modo de operación un filtro de búsqueda se utiliza para "
+"localizar usuarios validos DN por debajo de la base DN."
#. type: Plain text
-#: helpers/external_acl/unix_group/squid_unix_group.8:12
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:18
msgid ""
-"This helper allows Squid to base access controls on users memberships in "
-"UNIX groups."
+"B<basic_sasl_auth> is an installed binary helper for Squid. SASL is "
+"configurable (somewhat like PAM). Each service authenticating against SASL "
+"identifies itself with an application name. Each application can be "
+"configured independently by the SASL administrator."
msgstr ""
+"B<basic_sasl_auth> es un binario auxiliar instalado para Squid. SASL es "
+"configurable (algo como a PAM). Cada servicio que se autentifica con SASL "
+"se identifica a sí mismo con el nombre de una aplicación. Cada aplicación "
+"puede ser configurada independientemente por el administrador de SASL."
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:33
+msgid "Examples:"
+msgstr "Ejemplos:"
#. type: TP
-#: helpers/external_acl/unix_group/squid_unix_group.8:13
+#: helpers/digest_auth/file/digest_file_auth.8:28
#, no-wrap
-msgid "B<-g >I<groupname >"
+msgid "- comment lines are possible and should start with a '#';"
+msgstr "- pueden usarse líneas de comentarios y deben de comenzar por '#\";"
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:46
+msgid ""
+"Others methods may be supported by your cyrus-sasl implementation - consult "
+"your cyrus-sasl documentation for information."
+msgstr "Otros métodos puede ser soportados"
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:7
+msgid "File based digest authentication helper for Squid."
msgstr ""
#. type: Plain text
-#: helpers/external_acl/unix_group/squid_unix_group.8:16
-msgid "Specifies a group name to match."
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:31
+msgid ""
+"The authentication database is defined by the B<pwcheck_method> parameter. "
+"Only the B<PLAIN> authentication mechanism is used."
msgstr ""
+"La base de datos de autenticación es definida por el parámetro "
+"B<pwcheck_method>. Sólo el mecanismo de autenticación B<BASICO> es usado."
-#. type: TP
-#: helpers/external_acl/unix_group/squid_unix_group.8:17
-#, no-wrap
-msgid "B<-p>"
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:59
+msgid ""
+"Typically the authentication database ( B</etc/sasldb> , B</etc/shadow> , "
+"B<PAM> ) can not be accessed by a normal user. You should use setuid/setgid "
+"and an appropriate user/group on the executable to allow the authenticator "
+"to access the appropriate password database. If the access to the database "
+"is not permitted then the authenticator will typically fail with \"-1, "
+"generic error\"."
msgstr ""
#. type: Plain text
-#: helpers/external_acl/unix_group/squid_unix_group.8:20
-msgid "Also match the users primary group from /etc/passwd"
+#: helpers/digest_auth/file/digest_file_auth.8:19
+msgid ""
+"B<digest_file_auth> is an installed binary authentication program for Squid. "
+"It handles digest authentication protocol and authenticates against a text "
+"file backend."
msgstr ""
#. type: TP
-#: helpers/external_acl/unix_group/squid_unix_group.8:21
+#: helpers/digest_auth/file/digest_file_auth.8:37
#, no-wrap
-msgid "B<-s>"
+msgid "- HA1 entry format is username:realm:HA1"
msgstr ""
#. type: Plain text
-#: helpers/external_acl/unix_group/squid_unix_group.8:24
-msgid "Strip NT domain name component from user names (/ or \\e separated)"
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:7
+msgid ""
+"Basic Authentication using SASL (specifically the cyrus-sasl authentication "
+"method)"
msgstr ""
+"Autenticación Básica usando SASL (específicamente el método de autenticación "
+"cyrus-sasl)"
-#. type: SH
-#: helpers/external_acl/unix_group/squid_unix_group.8:25
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:34
#, no-wrap
-msgid "EXAMPLES"
+msgid "- plaintext entry format is username:password"
msgstr ""
#. type: Plain text
-#: helpers/external_acl/unix_group/squid_unix_group.8:29
+#: helpers/digest_auth/file/digest_file_auth.8:50
msgid ""
-"This squid.conf example defines two Squid acls. usergroup1 matches users in "
-"group1, and usergroup2 matches users in group2 or group3"
+"To build a directory integrated backend, you need to be able to calculate "
+"the HA1 returned to squid. To avoid storing a plaintext password you can "
+"calculate B<MD5(username:realm:password)> when the user changes their "
+"password, and store the tuple B<username:realm:HA1.> then find the matching "
+"B<username:realm> when squid asks for the HA1."
msgstr ""
#. type: Plain text
-#: helpers/external_acl/unix_group/squid_unix_group.8:31
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:24
msgid ""
-"external_acl_type unix_group %LOGIN /usr/local/squid/libexec/"
-"squid_unix_group -p"
+"To configure the authentication method used the file B<basic_sasl_auth.conf> "
+"can be placed in the appropriate location, usually B</usr/lib/sasl.>"
msgstr ""
+"Para configurar el método de autenticación usado, el archivo "
+"B<basic_sasl_auth.conf> puede ponerse en la ruta apropiada, generalmente en "
+"B</usr/lib/sasl.>"
#. type: Plain text
-#: helpers/external_acl/unix_group/squid_unix_group.8:33
-msgid "acl usergroup1 external unix_group group1"
+#: helpers/digest_auth/file/digest_file_auth.8:58
+msgid ""
+"This implementation could be improved by using such a triple for the file "
+"format. However storing such a triple does little to improve security: If "
+"compromised the B<username:realm:HA1> combination is \"plaintext "
+"equivalent\" - for the purposes of digest authentication they allow the user "
+"access. Password syncronisation is not tackled by digest - just preventing "
+"on the wire compromise."
msgstr ""
#. type: Plain text
-#: helpers/external_acl/unix_group/squid_unix_group.8:35
-msgid "acl usergroup2 external unix_group group2 group3"
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:41
+#, no-wrap
+msgid ""
+" - use traditional \n"
+"B</etc/passwd>\n"
msgstr ""
#. type: Plain text
-#: helpers/external_acl/unix_group/squid_unix_group.8:40
-msgid ""
-"By default up to 11 groups can be matched in one acl (including commandline "
-"specified groups). This limit is defined by MAX_GROUPS in the source code."
-msgstr ""
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:36
+msgid "use sasldb - the default if no conf file is installed."
+msgstr "usar sasldb - por defecto si no hay fichero de configuración instalado."
#. type: Plain text
-#: helpers/external_acl/unix_group/squid_unix_group.8:47
-msgid ""
-"squid_unix_group is written by I<Rodrigo Campos E<lt>rodrigo@geekbunker."
-"orgE<gt>>"
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:43
+#, no-wrap
+msgid " - use slightly less traditional /etc/shadow\n"
+msgstr " - usar el ligeramente menos tradicional /etc/shadow\n"
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:64
+msgid "Based on prior work by"
msgstr ""
-#. type: SH
-#: helpers/external_acl/unix_group/squid_unix_group.8:48
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:38
#, no-wrap
-msgid "KNOWN ISSUES"
+msgid " - use PAM authentication database\n"
msgstr ""
#. type: Plain text
-#: helpers/external_acl/unix_group/squid_unix_group.8:52
-msgid ""
-"Does not understand gid aliased groups sometimes used to work around groups "
-"size limitations. If you are using gid aliased groups then you must specify "
-"each alias by name."
+#: helpers/digest_auth/file/digest_file_auth.8:28
+msgid "Username database file format:"
msgstr ""
#. type: Plain text
-#: helpers/external_acl/unix_group/squid_unix_group.8:56
+#: helpers/digest_auth/file/digest_file_auth.8:24
msgid ""
-"Any questions on usage can be sent to I<Squid Users E<lt>squid-users@squid-"
-"cache.orgE<gt>>"
+"Accept digest hashed passwords rather than plaintext in the password file"
msgstr ""
-#. type: Plain text
-#: helpers/external_acl/unix_group/squid_unix_group.8:62
-msgid ""
-"Report bugs or bug-fixes to I<Rodrigo Campos E<lt>rodrigo@geekbunker."
-"orgE<gt>> or I<Squid Developers E<lt>squid-dev@squid-cache.orgE<gt>>"
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:31
+#, no-wrap
+msgid "- empty or blank lines are possible;"
msgstr ""
#. type: Plain text
-#: helpers/external_acl/unix_group/squid_unix_group.8:64
-msgid "B<group>(B<5>),B<passwd>(B<5>)"
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:74
+msgid ""
+"If the application name B<basic_sasl_auth> will also be used for the PAM "
+"service name if B<pwcheck_method:pam> is chosen. And example PAM "
+"configuration file B<basic_sasl_auth.pam> is also included."
msgstr ""
--- /dev/null
+# SOME DESCRIPTIVE TITLE
+# Copyright (C) YEAR Free Software Foundation, Inc.
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2010-02-13 00:05+1400\n"
+"PO-Revision-Date: 2010-05-06 12:33+0200\n"
+"Last-Translator: Francesco Chemolli <kinkie@squid-cache.org>\n"
+"Language-Team: LANGUAGE <LL@li.org>\n"
+"Language: it\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n != 1);\n"
+"X-Generator: Pootle 2.0.1\n"
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:3 helpers/basic_auth/LDAP/basic_ldap_auth.8:3 helpers/basic_auth/NCSA/basic_ncsa_auth.8:3 helpers/basic_auth/PAM/basic_pam_auth.8:3 helpers/basic_auth/RADIUS/basic_radius_auth.8:3 helpers/external_acl/ldap_group/squid_ldap_group.8:3 helpers/external_acl/session/squid_session.8:3 helpers/external_acl/unix_group/squid_unix_group.8:3 src/squid.8.in:3 tools/cachemgr.cgi.8.in:3 tools/squidclient.1:3
+#, no-wrap
+msgid "NAME"
+msgstr "NOME"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:7
+msgid "Local Users auth helper for Squid"
+msgstr "Helper di autenticazione per database utenti di sistema per Squid"
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:8 helpers/basic_auth/LDAP/basic_ldap_auth.8:8 helpers/basic_auth/NCSA/basic_ncsa_auth.8:8 helpers/basic_auth/PAM/basic_pam_auth.8:8 helpers/basic_auth/RADIUS/basic_radius_auth.8:8 helpers/external_acl/ldap_group/squid_ldap_group.8:10 helpers/external_acl/session/squid_session.8:10 helpers/external_acl/unix_group/squid_unix_group.8:8 src/squid.8.in:8 tools/cachemgr.cgi.8.in:8 tools/squidclient.1:8
+#, no-wrap
+msgid "SYNOPSIS"
+msgstr "SINOSSI"
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:11 helpers/basic_auth/LDAP/basic_ldap_auth.8:39 helpers/basic_auth/NCSA/basic_ncsa_auth.8:12 helpers/basic_auth/PAM/basic_pam_auth.8:15 helpers/basic_auth/RADIUS/basic_radius_auth.8:26 helpers/external_acl/ldap_group/squid_ldap_group.8:26 helpers/external_acl/session/squid_session.8:18 helpers/external_acl/unix_group/squid_unix_group.8:15 src/squid.8.in:25 tools/cachemgr.cgi.8.in:11 tools/squidclient.1:47
+#, no-wrap
+msgid "DESCRIPTION"
+msgstr "DESCRIZIONE"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:15
+msgid ""
+"B<basic_getpwnam_auth> allows Squid to authenticate any local user accounts "
+"to validate the user name and password of Basic HTTP authentication."
+msgstr ""
+"B<basic_getpwnam_auth> consente a Squid di verifiare l'identità di utenti di "
+"sistema, usando il meccanismo di autenticazione HTTP Basic."
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:21
+msgid "It uses B<getpwnam()> and B<getspnam()> routines for authentication."
+msgstr ""
+"Utilizza le API B<getpwnam()> e B<getspnam()> per effettuare "
+"l'autenticazione."
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:23
+msgid "This has the following advantages over the NCSA module:"
+msgstr "Questo offre i seguenti vantaggi rispetto al modulo NCSA:"
+
+#. type: TP
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:23
+#, no-wrap
+msgid "Allows authentication of all known local users"
+msgstr "Consente l'autenticazione di tutti gli utenti locali noti"
+
+#. type: TP
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:25
+#, no-wrap
+msgid "Allows authentication through nsswitch.conf"
+msgstr "Consente l'autenticazione tramite nsswitch.conf"
+
+#. type: TP
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:27
+#, no-wrap
+msgid "Can handle NIS(+) requests"
+msgstr "Può gestire richieste NIS e NIS+"
+
+#. type: TP
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:29
+#, no-wrap
+msgid "Can handle LDAP request"
+msgstr "Può gestire richieste LDAP"
+
+#. type: TP
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:31
+#, no-wrap
+msgid "Can handle PAM request"
+msgstr "Può gestire richieste PAM"
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:34 helpers/basic_auth/LDAP/basic_ldap_auth.8:242 helpers/basic_auth/NCSA/basic_ncsa_auth.8:24 helpers/basic_auth/PAM/basic_pam_auth.8:41 helpers/basic_auth/RADIUS/basic_radius_auth.8:61 helpers/external_acl/ldap_group/squid_ldap_group.8:209 helpers/external_acl/session/squid_session.8:50 helpers/external_acl/unix_group/squid_unix_group.8:33 tools/cachemgr.cgi.8.in:19
+#, no-wrap
+msgid "CONFIGURATION"
+msgstr "CONFIGURAZIONE"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:47
+msgid ""
+"When used for authenticating to local UNIX shadow password databases the "
+"program must be running as root or else it won't have sufficient permissions "
+"to access the user password database. Such use of this program is not "
+"recommended, but if you absolutely need to then make the program B<setuid> "
+"B<root>"
+msgstr ""
+"Quando viene usato per autenticare gli utenti contro il database di shadow "
+"password, il programma deve essere in esecuzione con utentza root, o non "
+"avrà permessi di accesso sufficienti al database. Questo tipo di utilizzo "
+"non è raccomandato, ma se assolutamente necessario allora occorre rendere il "
+"programma B<setuid> B<root>"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:60 helpers/basic_auth/PAM/basic_pam_auth.8:79
+msgid ""
+"Please note that in such configurations it is also strongly recommended that "
+"the program is moved into a directory where normal users cannot access it, "
+"as this mode of operation will allow any local user to brute-force other "
+"users passwords. Also note the program has not been fully audited and the "
+"author cannot be held responsible for any security issues due to such "
+"installations."
+msgstr ""
+"Notare anche che in queste configurazioni è anche fortemente raccomandato di "
+"spostare il programma in una directory dove gli utenti del sistema non "
+"abbiano accesso, perchè altrimenti avranno la possibilità di tentare di "
+"forzare le password. Tenete anche presente che il software non è stato "
+"completamente analizzato dal punto di vista della sicurezza, e l'autore non "
+"può essere ritenuto responsabile per qualsiasi problema di sicurezza "
+"derivante da installazioni di questo tipo."
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:61 helpers/basic_auth/LDAP/basic_ldap_auth.8:288 helpers/basic_auth/NCSA/basic_ncsa_auth.8:30 helpers/basic_auth/PAM/basic_pam_auth.8:80 helpers/basic_auth/RADIUS/basic_radius_auth.8:85 helpers/external_acl/ldap_group/squid_ldap_group.8:232 helpers/external_acl/session/squid_session.8:63 helpers/external_acl/unix_group/squid_unix_group.8:62 src/squid.8.in:216 tools/cachemgr.cgi.8.in:51 tools/squidclient.1:163
+#, no-wrap
+msgid "AUTHOR"
+msgstr "AUTORE"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:63 helpers/external_acl/ldap_group/squid_ldap_group.8:234 helpers/external_acl/unix_group/squid_unix_group.8:64
+msgid "This program was written by"
+msgstr "Questo programma è stato scritto da"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:68
+msgid "Based on original code by"
+msgstr "Basto su codice originariamente scritto da"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:71 helpers/basic_auth/NCSA/basic_ncsa_auth.8:32 helpers/basic_auth/RADIUS/basic_radius_auth.8:93 helpers/external_acl/ldap_group/squid_ldap_group.8:243 helpers/external_acl/unix_group/squid_unix_group.8:67
+msgid "This manual was written by"
+msgstr "Questo manuale è stato scritto da"
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:73 helpers/basic_auth/LDAP/basic_ldap_auth.8:296 helpers/basic_auth/NCSA/basic_ncsa_auth.8:37 helpers/basic_auth/PAM/basic_pam_auth.8:84 helpers/basic_auth/RADIUS/basic_radius_auth.8:95 helpers/external_acl/ldap_group/squid_ldap_group.8:245 helpers/external_acl/session/squid_session.8:67 helpers/external_acl/unix_group/squid_unix_group.8:69 src/squid.8.in:226 tools/cachemgr.cgi.8.in:57 tools/squidclient.1:169
+#, no-wrap
+msgid "COPYRIGHT"
+msgstr "COPYRIGHT"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:75 helpers/basic_auth/LDAP/basic_ldap_auth.8:298 helpers/basic_auth/RADIUS/basic_radius_auth.8:97 helpers/external_acl/ldap_group/squid_ldap_group.8:247 helpers/external_acl/session/squid_session.8:69 helpers/external_acl/unix_group/squid_unix_group.8:71
+msgid "This program and documentation is copyright to the authors named above."
+msgstr ""
+"I diritti d'autore su questo programma e sulla relativa documentazione sono "
+"detenuti dagli autori sopra nominati"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:77 helpers/basic_auth/LDAP/basic_ldap_auth.8:300 helpers/basic_auth/PAM/basic_pam_auth.8:91 helpers/basic_auth/RADIUS/basic_radius_auth.8:99 helpers/external_acl/ldap_group/squid_ldap_group.8:249 helpers/external_acl/session/squid_session.8:71 helpers/external_acl/unix_group/squid_unix_group.8:73 tools/cachemgr.cgi.8.in:59 tools/squidclient.1:171
+msgid ""
+"Distributed under the GNU General Public License (GNU GPL) version 2 or "
+"later (GPL2+)."
+msgstr ""
+"Distribuito secondo le condizioni di licenza esposte nella GNU General "
+"Public License (GNU GPL) Versione 2 o successive (GPL2+)."
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:78 helpers/basic_auth/LDAP/basic_ldap_auth.8:301 helpers/basic_auth/NCSA/basic_ncsa_auth.8:50 helpers/basic_auth/PAM/basic_pam_auth.8:92 helpers/basic_auth/RADIUS/basic_radius_auth.8:100 helpers/external_acl/ldap_group/squid_ldap_group.8:250 helpers/external_acl/session/squid_session.8:72 helpers/external_acl/unix_group/squid_unix_group.8:74 src/squid.8.in:243 tools/cachemgr.cgi.8.in:60 tools/squidclient.1:172
+#, no-wrap
+msgid "QUESTIONS"
+msgstr "DOMANDE"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:81 helpers/basic_auth/LDAP/basic_ldap_auth.8:304 helpers/basic_auth/NCSA/basic_ncsa_auth.8:53 helpers/basic_auth/PAM/basic_pam_auth.8:95 helpers/basic_auth/RADIUS/basic_radius_auth.8:103 helpers/external_acl/ldap_group/squid_ldap_group.8:253 helpers/external_acl/session/squid_session.8:75 helpers/external_acl/unix_group/squid_unix_group.8:77 src/squid.8.in:246 tools/cachemgr.cgi.8.in:63 tools/squidclient.1:175
+msgid ""
+"Questions on the usage of this program can be sent to the I<Squid Users "
+"mailing list>"
+msgstr ""
+"Eventuali domande sull'uso di questo programma possono essere inviate alla "
+"I<Mailing list squid-users>"
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:83 helpers/basic_auth/LDAP/basic_ldap_auth.8:309 helpers/basic_auth/NCSA/basic_ncsa_auth.8:55 helpers/basic_auth/PAM/basic_pam_auth.8:97 helpers/basic_auth/RADIUS/basic_radius_auth.8:108 helpers/external_acl/ldap_group/squid_ldap_group.8:258 helpers/external_acl/session/squid_session.8:77 helpers/external_acl/unix_group/squid_unix_group.8:79 src/squid.8.in:248 tools/cachemgr.cgi.8.in:65 tools/squidclient.1:177
+#, no-wrap
+msgid "REPORTING BUGS"
+msgstr "SEGNALAZIONE BUGS"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:85 helpers/basic_auth/LDAP/basic_ldap_auth.8:311 helpers/basic_auth/NCSA/basic_ncsa_auth.8:57 helpers/basic_auth/PAM/basic_pam_auth.8:99 helpers/basic_auth/RADIUS/basic_radius_auth.8:110 helpers/external_acl/ldap_group/squid_ldap_group.8:260 helpers/external_acl/session/squid_session.8:79 helpers/external_acl/unix_group/squid_unix_group.8:81 src/squid.8.in:250 tools/cachemgr.cgi.8.in:67 tools/squidclient.1:179
+msgid "Report bugs or bug fixes using http://bugs.squid-cache.org/"
+msgstr ""
+"Per segnalare bug o proporre codice o migliorie si può usare http://bugs"
+".squid-cache.org/"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:88 helpers/basic_auth/LDAP/basic_ldap_auth.8:314 helpers/basic_auth/NCSA/basic_ncsa_auth.8:60 helpers/basic_auth/PAM/basic_pam_auth.8:102 helpers/basic_auth/RADIUS/basic_radius_auth.8:113 helpers/external_acl/ldap_group/squid_ldap_group.8:263 helpers/external_acl/session/squid_session.8:82 helpers/external_acl/unix_group/squid_unix_group.8:84 src/squid.8.in:253 tools/cachemgr.cgi.8.in:70 tools/squidclient.1:182
+msgid ""
+"Report serious security bugs to I<Squid Bugs "
+"E<lt>squid-bugs@squid-cache.orgE<gt>>"
+msgstr ""
+"Per segnalare gravi bug di sicurezza fate riferimento a I<Squid Bugs E<lt"
+">squid-bugs@squid-cache.orgE<gt>>"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:91 helpers/basic_auth/LDAP/basic_ldap_auth.8:317 helpers/basic_auth/NCSA/basic_ncsa_auth.8:63 helpers/basic_auth/PAM/basic_pam_auth.8:105 helpers/basic_auth/RADIUS/basic_radius_auth.8:116 helpers/external_acl/ldap_group/squid_ldap_group.8:266 helpers/external_acl/session/squid_session.8:85 helpers/external_acl/unix_group/squid_unix_group.8:87 src/squid.8.in:256 tools/cachemgr.cgi.8.in:73 tools/squidclient.1:185
+msgid "Report ideas for new improvements to the I<Squid Developers mailing list>"
+msgstr ""
+"Ci si può rivolgere alla I<mailing list degli sviluppatori di Squid> per "
+"segnalare idee o possibili miglirie"
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:93 helpers/basic_auth/LDAP/basic_ldap_auth.8:319 helpers/basic_auth/NCSA/basic_ncsa_auth.8:65 helpers/basic_auth/PAM/basic_pam_auth.8:107 helpers/basic_auth/RADIUS/basic_radius_auth.8:118 helpers/external_acl/ldap_group/squid_ldap_group.8:268 helpers/external_acl/session/squid_session.8:87 helpers/external_acl/unix_group/squid_unix_group.8:92 src/squid.8.in:258 tools/cachemgr.cgi.8.in:75 tools/squidclient.1:187
+#, no-wrap
+msgid "SEE ALSO"
+msgstr "VEDI ANCHE"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:7
+msgid "LDAP authentication helper for Squid"
+msgstr "Helper di autenticazione LDAP per Squid"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:12 helpers/basic_auth/LDAP/basic_ldap_auth.8:27 helpers/external_acl/ldap_group/squid_ldap_group.8:14
+msgid "base DN"
+msgstr "base DN"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:14
+msgid "attribute"
+msgstr "attributo"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:16 helpers/basic_auth/LDAP/basic_ldap_auth.8:31 helpers/external_acl/ldap_group/squid_ldap_group.8:18
+msgid "options"
+msgstr "opzioni"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:18 helpers/basic_auth/LDAP/basic_ldap_auth.8:33
+msgid "LDAP server name"
+msgstr "nome del server LDAP"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:20 helpers/basic_auth/LDAP/basic_ldap_auth.8:35 helpers/basic_auth/RADIUS/basic_radius_auth.8:18 helpers/external_acl/ldap_group/squid_ldap_group.8:22 src/squid.8.in:17 tools/squidclient.1:28
+msgid "port"
+msgstr "porta"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:22 helpers/basic_auth/LDAP/basic_ldap_auth.8:37 helpers/external_acl/ldap_group/squid_ldap_group.8:24
+msgid "URI"
+msgstr "URI"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:29 helpers/external_acl/ldap_group/squid_ldap_group.8:16
+msgid "LDAP search filter"
+msgstr "filtro di ricerca LDAP"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:47
+msgid ""
+"B<basic_ldap_auth> allows Squid to connect to a LDAP directory to validate "
+"the user name and password of Basic HTTP authentication. LDAP options are "
+"specified as parameters on the command line, while the username(s) and "
+"password(s) to be checked against the LDAP directory are specified on "
+"subsequent lines of input to the helper, one username/password pair per line "
+"separated by a space."
+msgstr ""
+"B<basic_ldap_auth> consente a Squid di collegarsi a un servizio di directory "
+"LDAP per verificare le credenziali fornite dell'utente tramite lo schema di "
+"autenticazione HTTP Basic. Le opzioni LDAP sono specificate come parametri "
+"della linea di comando, mentre le username e password da verificare vengono "
+"specificate come standard input all'helper, una coppia username/password per "
+"ogni linea, separati da uno spazio."
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:56
+msgid ""
+"As expected by the basic authentication construct of Squid, after specifying "
+"a username and password followed by a new line, this helper will produce "
+"either B<OK> or B<ERR> on the following line to show if the specified "
+"credentials are correct according to the LDAP directory."
+msgstr ""
+"Come richiesto dalle API di autenticazione tipo Basic di Squid, questo "
+"helper dopo aver ricevuto nome utente e password seguiti da un carattere di "
+"a capo, risponderà B<OK> o B<ERR> seguiti da un carattere di a capo, "
+"rispettivamente se le credenziali sono corrette o no."
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:61
+msgid ""
+"The program has two major modes of operation. In the default mode of "
+"operation the users DN is constructed using the base DN and user "
+"attribute. In the other mode of operation a search filter is used to locate "
+"valid user DN's below the base DN."
+msgstr ""
+"Questo programma ha due modalità di funzionamento principali. In quella "
+"standard il DN dell'utente è costruito usando il DN base e l'attributo "
+"utente. Nella modalità alternativa viene utilizzato un filtro di ricerca per "
+"trovare il DN dell'utente al di sotto del DN base."
+
+#. type: SH
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:62 helpers/basic_auth/NCSA/basic_ncsa_auth.8:20 helpers/basic_auth/PAM/basic_pam_auth.8:21 helpers/basic_auth/RADIUS/basic_radius_auth.8:31 helpers/external_acl/ldap_group/squid_ldap_group.8:49 helpers/external_acl/session/squid_session.8:26 helpers/external_acl/unix_group/squid_unix_group.8:19 src/squid.8.in:59 tools/squidclient.1:56
+#, no-wrap
+msgid "OPTIONS"
+msgstr "OPZIONI"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:67
+msgid "B<REQUIRED.> Specifies the base DN under which the users are located."
+msgstr ""
+"B<NECESSARIO>. Specifica il DN base sotto il quale sono registrati gli "
+"utenti."
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:75
+msgid ""
+"LDAP search B<filter> to locate the user DN. Required if the users are in a "
+"hierarchy below the base DN, or if the login name is not what builds the "
+"user specific part of the users DN."
+msgstr ""
+"B<Filtro> di ricerca LDAP per trovare il DN dell'utente. Necessario se gli "
+"utenti sono registrati in una gerarchia al di sotto del Base DN, o se il "
+"nome utente non è l'unico elemento costituente della porzione del DN "
+"specifico dell'utente."
+
+#. uid\=%s\""
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:82
+msgid ""
+"The search filter can contain up to 15 occurrences of B<%s> which will be "
+"replaced by the username, as in B<\\&\\&> for RFC2037 directories. For a "
+"detailed description of LDAP search filter syntax see RFC2254."
+msgstr ""
+"Il filtro di ricerca può contenere fino a 15 istanza di B<%s> che verrà "
+"sostituito dal nome utente, comportamento analogo a B<\\&\\&> nelle directory "
+"RFC2037. Per una descrizione dettagliata della sintassi da usare per "
+"esprimere filtri di ricerca LDAP si veda la RFC2254."
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:90
+msgid ""
+"Will crash if other B<%> values than B<%s> are used, or if more than 15 "
+"B<%s> are used."
+msgstr ""
+"Non si avvierà se vengono usati simboli B<%> diversi da B<%s>, o se B<%s> "
+"viene utilizzato più di 15 volte."
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:99
+msgid ""
+"Specifies the name of the DN attribute that contains the username/login. "
+"Combined with the base DN to construct the users DN when no search filter is "
+"specified ( B<-f> option). Defaults to B<uid>"
+msgstr ""
+"Specifica il nome dell'attributo del DN che contiene il nome utente. Viene "
+"combinato con il Base DN per costruire il DN dell'utente quando non viene "
+"specificato alcun filtro di ricerca (opzione B<-f>). Di default è B<uid>"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:108
+msgid ""
+"B<Note:> This can only be done if all your users are located directly under "
+"the same position in the LDAP tree and the login name is used for naming "
+"each user object. If your LDAP tree does not match these criterias or if you "
+"want to filter who are valid users then you need to use a search filter to "
+"search for your users DN ( B<-f> option)."
+msgstr ""
+"B<Nota:> questo è fattibile soltanto se tutti gli utenti sono registrati "
+"nella stessa posizione nell'alberatura LDAP, e il nome utente viene "
+"utilizzato come chiave per identificarli. Se l'alberatura LDAP non rispetta "
+"questi criteri, o se si vuole filtrare con più accuratezza quali siano gli "
+"utenti validi, conviene utilizzare un filtro di ricerca per localizzare il "
+"DN degli utenti (opzione B<-f>)."
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:118
+msgid ""
+"Use I<ldap_compare> instead of I<ldap_simple_bind> to verify the users "
+"password. B<passwordattr> is the LDAP attribute storing the users password."
+msgstr ""
+"Utilizza la chiamata I<ldap_compare> invece di I<ldap_simple_bind> per "
+"verificare la password dell'utente. B<passwordattr> specifica il nome "
+"dell'attributo LDAP dove viene registrata la password dell'utente."
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:126
+msgid ""
+"Search scope when performing user DN searches specified by the B<-f> "
+"option. Defaults to B<sub>"
+msgstr ""
+"Lo scope della ricerca da utilizzare quando si ricerca il DN degli utenti "
+"con l'opzione B<-f>. Il valore di default è B<sub>."
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:130 helpers/external_acl/ldap_group/squid_ldap_group.8:178
+msgid "B<base> object only,"
+msgstr "Solo l'oggetto B<base>,"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:133 helpers/external_acl/ldap_group/squid_ldap_group.8:181
+msgid "B<one> level below the base object or"
+msgstr "B<one>: un livello al di sotto dell'oggetto base, oppure"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:136 helpers/external_acl/ldap_group/squid_ldap_group.8:184
+msgid "B<sub>tree below the base object"
+msgstr "B<sub> l'intero albero al di sotto dell'oggetto base"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:142
+msgid ""
+"The DN and password to bind as while performing searches. Required by the "
+"B<-f> flag if the directory does not allow anonymous searches."
+msgstr ""
+"Il DN e la password tecnici da utilizzare per effettuare la ricerca "
+"dell'oggetto utente. È necessario specificarlo se si utilizza l'opzione "
+"B<-f> e il server LDAP non consente di effettuare ricerche all'utente "
+"anonimo."
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:147
+msgid ""
+"As the password needs to be printed in plain text in your Squid "
+"configuration it is strongly recommended to use a account with minimal "
+"associated privileges. This to limit the damage in case someone could get "
+"hold of a copy of your Squid configuration file."
+msgstr ""
+"Siccome la password deve essere scritta nel file di configurazione in "
+"maniera leggibile, si raccomanda di utilizzare una utenza techica con il "
+"livello di diritti di accesso minore possibile. Questo potrebbe aiutare a "
+"limitare i danni nel caso qualcuno non autorizzato riuscisse a ottenere una "
+"copia del file di configurazione di Squid."
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:152 helpers/external_acl/ldap_group/squid_ldap_group.8:98
+msgid ""
+"The DN and the name of a file containing the password to bind as while "
+"performing searches."
+msgstr ""
+"Il DN e il nome di un file che contiene la password da utilizzare per "
+"l'utenza tecnica che effettua le ricerche."
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:157 helpers/external_acl/ldap_group/squid_ldap_group.8:103
+msgid ""
+"Less insecure version of the former parameter pair with two advantages: The "
+"password does not occur in the process listing, and the password is not "
+"being compromised if someone gets the squid configuration file without "
+"getting the secretfile."
+msgstr ""
+"È una versione meno insicura della precedente coppia di parametri, con due "
+"vantaggi: la password non compare nell'elenco dei processi in esecuzione nel "
+"sitema, e non compare nel file di configurazione di Squid."
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:165
+msgid ""
+"Use a persistent LDAP connection. Normally the LDAP connection is only open "
+"while validating a username to preserve resources at the LDAP server. This "
+"option causes the LDAP connection to be kept open, allowing it to be reused "
+"for further user validations. Recommended for larger installations."
+msgstr ""
+"Usa una connessione LDAP di lunga durata. Normalmente la connessione LDAP "
+"viene mantenuta attiva soltanto mentre vengono verificate le credenziali "
+"utente, per risparmiare risorse sul server LDAP. Questa opzione fa sì che la "
+"connessione venga mantenuta aperta, consentendo di riutilizzarla per "
+"verifiche successive. Si raccomanda di attivarla per installazioni di grosse "
+"dimensioni."
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:178
+msgid ""
+"Only bind once per LDAP connection. Some LDAP servers do not allow "
+"re-binding as another user after a successful I<ldap_bind.> The use of this "
+"option always opens a new connection for each login attempt. If combined "
+"with the B<-P> option for persistent LDAP connection then the connection "
+"used for searching for the user DN is kept persistent but a new connection "
+"is opened to verify each users password once the DN is found."
+msgstr ""
+"Effettua una sola operazione di LDAP Bind per connessione. Alcuni server "
+"LDAP non consentono di cambiare l'utenza collegata (re-bind) dopo che la "
+"prima identificazione ha avuto successo. Se viene usata insieme all'opzione "
+"B<-P>, l'effetto è di mantenere aperta la connessione su cui vengono fatte "
+"le ricerche per localizzare il DN degli utenti, ma di utilizzare una nuova "
+"connessione ogni volta che viene verificata la password dell'utente."
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:182 helpers/external_acl/ldap_group/squid_ldap_group.8:170
+msgid "Do not follow referrals"
+msgstr "Non seguire i referrals"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:187
+msgid "when to dereference aliases. Defaults to B<never>"
+msgstr "quando si ebba risolvere gli alias. Il default è B<never> (mai)"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:196
+msgid ""
+"B<never> dereference aliases (default), B<always> dereference aliases, only "
+"while B<search ing> or only to B<find> the base object."
+msgstr ""
+"B<never>: non risolvere mai gli alias, B<always>: risolvi sempre gli alias, "
+"B<search ing>: solo durante le ricerche, o B<find>: solo per la ricerca dell"
+"'oggetto-base."
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:201
+msgid ""
+"Specity the LDAP server to connect to by LDAP URI (requires OpenLDAP "
+"libraries). Servers can also be specified last on the command line."
+msgstr ""
+"Indica la URI LDAP con l'indirizzo del server (richiede la disponibilità "
+"delle librerie OpenLDAP). I server possono anche essere specificati come "
+"ultimo argomento della linea di comando"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:206
+msgid ""
+"Specify the LDAP server to connect to. Servers can also be specified last on "
+"the command line."
+msgstr ""
+"Specifica il server LDAP a cui connettersi. I server possono anche essere "
+"specificati alla fine della linea di comando"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:212
+msgid ""
+"Specify an alternate TCP port where the ldap server is listening if other "
+"than the default LDAP port 389. Can also be specified within the server "
+"specificiation by using servername:port syntax."
+msgstr ""
+"Specifica una porta TCP alternativa, nel caso il server non sia alla porta "
+"standard (389). Può anche essere indicato insieme al nome host usando la "
+"sintassi nomeserver:porta."
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:216 helpers/external_acl/ldap_group/squid_ldap_group.8:204
+msgid "LDAP protocol version. Defaults to 2 if not specified."
+msgstr ""
+"Versione del protocollo LDAP da usare. Se non specificato, usa la versione "
+"2."
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:220 helpers/external_acl/ldap_group/squid_ldap_group.8:208
+msgid "Use TLS encryption"
+msgstr "Usa la cifratura TLS"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:224 helpers/external_acl/ldap_group/squid_ldap_group.8:107
+msgid "Enable LDAP over SSL (requires Netscape LDAP API libraries)"
+msgstr ""
+"Abilita la cifratura SSL del protocollo LDAP. Richiede le librerie LDAP di "
+"Netscape"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:231
+msgid ""
+"Specify B<timeout> used when connecting to LDAP servers (requires Netscape "
+"LDAP API libraries)"
+msgstr ""
+"Specifica il B<timeout> per la connessione al server LDAP (richiede le "
+"librerie LDAP di Netscape)"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:235 helpers/external_acl/ldap_group/squid_ldap_group.8:192
+msgid "Specify time limit on LDAP search operations"
+msgstr ""
+"Specifica il massimo tempo a disposizione per completare le operazioni di "
+"ricerca LDAP"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:241 helpers/external_acl/ldap_group/squid_ldap_group.8:82
+msgid ""
+"Debug mode where each step taken will get reported in detail. Useful for "
+"understanding what goes wrong if the results is not what is expected."
+msgstr ""
+"Modalità debug, che documenta ogni passo del processo con grande dettaglio. "
+"Utile per capire cosa sta malfunzionando, se i risultati sono diversi da "
+"quelli attesi."
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:246
+msgid ""
+"For directories using the RFC2307 layout with a single domain, all you need "
+"to specify is usually the base DN under where your users are located and the "
+"server name:"
+msgstr ""
+"Per le directory che usano la disposizione specificata nella RFC2307 con un "
+"singolo dominio, normalmente è sufficente specificare il Base DN sotto il "
+"quale si trovano tutti gli utenti, e il nome server:"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:252
+msgid ""
+"If you have sub-domains then you need to use a search filter approach to "
+"locate your user DNs as these can no longer be constructed direcly from the "
+"base DN and login name alone:"
+msgstr ""
+"Se utilizzate dei sottodmini, allora è necessario utilizzare un approccio "
+"basato su un filtro di ricerca per trovare i DN degli utenti, perchè in "
+"questo caso non è possibile costruirli direttamente partendo dal solo Base "
+"DN e nome utente:"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:257
+msgid ""
+"And similarily if you only want to allow access to users having a specific "
+"attribute"
+msgstr ""
+"Analogamente se si vuole consentire l'accesso soltanto a utenti con uno "
+"specifico attributo"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:266
+msgid ""
+"Or if the user attribute of the user DN is B<cn> instead of B<uid> and you "
+"do not want to have to search for the users then you could use something "
+"like the following example for Active Directory:"
+msgstr ""
+"O se l'attributo utente del DN e` B<cn> invece che B<uid> e non si vuole "
+"effettuare una ricerca per individuare gli oggetti utente, si può fare "
+"qualcosa di simile al seguente esempio per MS Active Directory:"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:276
+msgid ""
+"If you want to search for the user DN and your directory does not allow "
+"anonymous searches then you must also use the B<-D> and B<-w> flags to "
+"specify a user DN and password to log in as to perform the searches, as in "
+"the following complex Active Directory example"
+msgstr ""
+"Se si vuole cercare il DN dell'utente e il server non consente le ricerche "
+"anonime, è necessario usare le opzioni B<-D> e B<-w> per specificare le "
+"credenziali da utilizzare per effettuare le ricerche, come mostrato nel "
+"seguente esempio relativo a MS Active Directory"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:287
+msgid ""
+"B<NOTE:> When constructing search filters it is strongly recommended to test "
+"the filter using B<ldapsearch> before you attempt to use B<basic_ldap_auth.> "
+"This to verify that the filter matches what you expect."
+msgstr ""
+"B<NOTA:> quando si scrivono i filtri di ricerca si raccomanda di verificarne "
+"il corretto funzionamento tramite il comando B<ldapsearch> prima di "
+"utilizzarli per B<basic_ldap_auth>"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:290 helpers/basic_auth/RADIUS/basic_radius_auth.8:87
+msgid "This program is written by"
+msgstr "Questo programma è stato scritto da"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:294
+msgid "This manual is written by"
+msgstr "Questo manuale è stato scritto da"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:308
+msgid ""
+"Or to your favorite LDAP list/friend if the question is more related to LDAP "
+"than Squid."
+msgstr ""
+"O a una lista di supporto su LDAP se la domanda è legata più a LDAP che non "
+"a Squid."
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:324
+msgid "Your favorite LDAP documentation."
+msgstr "La vostra documentazione LDAP di riferimento."
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:325 helpers/external_acl/ldap_group/squid_ldap_group.8:275
+msgid "B<RFC2254> - The String Representation of LDAP Search Filters,"
+msgstr "B<RFC2254> - Rappresentazione testuale di filtri di ricerca LDAP,"
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:7
+msgid "NCSA httpd-style password file authentication helper for Squid"
+msgstr ""
+"Helper di autenticazione per Squid basato su in file di password stile "
+"Apache"
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:11
+msgid "passwd file"
+msgstr "file di password"
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:16
+msgid ""
+"B<basic_ncsa_auth> allows Squid to read and authenticate user and password "
+"information from an NCSA/Apache httpd-style password file when using basic "
+"HTTP authentication."
+msgstr ""
+"B<basic_ncsa_auth> consente a squid di identificare gli utenti leggendo le "
+"informazioni da un file di password in stile Apache, per l'autenticazione "
+"HTTP di tipo Basic."
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:19
+msgid "This password file can be manipulated using B<htpasswd.>"
+msgstr ""
+"Questo file di password può essere gestito usando il programma B<htpasswd>."
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:23
+msgid ""
+"The only parameter is the password file. It must have permissions to be "
+"read by the user that Squid is running as."
+msgstr ""
+"Il solo parametro è il percorso del file di password. I permessi di accesso "
+"a tale file devono consentire la lettura all'utente che esegue squid."
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:29
+msgid "B<basic_ncsa_auth> must have access to the password file to be executed."
+msgstr ""
+"B<basic_ncsa_auth> deve avere accesso al file di password per consentire "
+"l'esecuzione."
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:35
+msgid "Based on original documentation by"
+msgstr "Basato su documentazione originariamente scritta da"
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:43
+msgid ""
+"This file is distributed in the hope that it will be useful, but WITHOUT ANY "
+"WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS "
+"FOR A PARTICULAR PURPOSE. See the GNU General Public License for more "
+"details."
+msgstr ""
+"Questo file viene distribuito nella speranza che sia utile, ma SENZA ALCUNA "
+"GARANZIA; inclusa la garanzia implicita di COMMERCIABILITÀ o di "
+"UTILIZZABILITÀ PER QUALCHE SCOPO SPECIFICO. Si rimanda alla GNU General "
+"Public License per ulteriori dettagli."
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:48
+msgid ""
+"You should have received a copy of the GNU General Public License along with "
+"this file; if not, write to the Free Software Foundation, Inc., 59 Temple "
+"Place, Suite 330, Boston, MA 02111-1307 USA"
+msgstr ""
+"Dovreste aver ricevuto una copia della GNU General Public License insieme a "
+"questo file; se no vi invitiamo a scrivere alla Free Software Foundation, "
+"Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA"
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:7
+msgid "Squid PAM Basic authentication helper"
+msgstr "Helper di autenticazione per Squid per schema HTTP Basic e backend PAM"
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:11
+msgid "service name"
+msgstr "nome del servizio"
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:13
+msgid "TTL"
+msgstr "TTL"
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:20
+msgid ""
+"B<basic_pam_auth> allows Squid to connect to a mostly any available PAM "
+"database to validate the user name and password of Basic HTTP "
+"authentication."
+msgstr ""
+"B<basic_pam_auth> consente a squid di utilizzare quasi ogni possibile tipo "
+"di database supportato da PAM per verificare nome utente e password forniti "
+"dall'utente con lo schema di autehticazione HTTP Basic."
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:26
+msgid "Specifies the PAM service name Squid uses, defaults to B<squid>"
+msgstr ""
+"Specifica il nome del servizio PAM utilizzato da Squid, il default è "
+"B<squid>"
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:35
+msgid ""
+"Enables persistent PAM connections where the connection to the PAM database "
+"is kept open and reused for new logins. The TTL specifies how long the "
+"connection will be kept open (in seconds). Default is to not keep PAM "
+"connections open. Please note that the use of persistent PAM connections is "
+"slightly outside the PAM specification and may not work with all PAM "
+"configurations."
+msgstr ""
+"Consente l'utilizzo di connessioni PAM persistenti, dove la connessione al "
+"database PAM è mantenuta aperta e riutilizzata per più identificazioni. il "
+"parametro TTL specifica quanto a lungo mantenere aperta la la connessione "
+"(in secondi). Il valore di default è di chiudere la connessione PAM. Notare "
+"che l'utilizzo di connessioni PAM persistenti non è parte delle specifiche "
+"di PAM, e potrebbe non funzionare in tutte le possibili configurazioni."
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:40
+msgid "Do not perform the PAM account management group (account expiration etc)"
+msgstr "Non effettuare le operazioni di gestione account (scadenza, ecc)"
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:46
+msgid ""
+"The program needs a PAM service to be configured in B</etc/pam.conf> or "
+"B</etc/pam.d/squid>"
+msgstr ""
+"Questo programma richiede che sia stato configurato un servizio PAM di "
+"sistema in B</etc/pam.conf> oppure in B</etc/pam.d/squid>"
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:54
+msgid ""
+"The default service name is B<squid> , and the program makes use of the "
+"B<auth> and B<account> management groups to verify the password and the "
+"accounts validity."
+msgstr ""
+"Il nome del servizio di default è B<squid>, e il programma utilizza i gruppi "
+"di gestione B<auth> e B<account> per verificare rispettivamente la password "
+"e la validità dell'account."
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:58
+msgid ""
+"For details on how to configure PAM services, see the PAM documentation for "
+"your system. This manual does not cover PAM configuration details."
+msgstr ""
+"Per ulteriori dettagli su come configurare i servizi PAM, si rimanda alla "
+"documentazione dell'implementazione di PAM per il vostro sistema. Questo "
+"manuale NON copre i dettagli della configurazione PAM."
+
+#. type: SH
+#: helpers/basic_auth/PAM/basic_pam_auth.8:59
+#, no-wrap
+msgid "NOTES"
+msgstr "NOTE"
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:66
+msgid ""
+"When used for authenticating to local UNIX shadow password databases the "
+"program must be running as root or else it won't have sufficient permissions "
+"to access the user password database. Such use of this program is not "
+"recommended, but if you absolutely need to then make the program setuid root"
+msgstr ""
+"Quando viene usato per autenticare gli utenti contro il database di shadow "
+"password, il programma deve essere in esecuzione con utentza root, o non "
+"avrà permessi di accesso sufficienti al database. Questo tipo di utilizzo "
+"non è raccomandato, ma se assolutamente necessario allora occorre rendere il "
+"programma B<setuid> B<root>"
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:82 helpers/external_acl/session/squid_session.8:65
+msgid "This program and documentation was written by"
+msgstr "Questo programma e la relativa documentazione sono stati scritti da"
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:88
+msgid "Squid B<basic_pam_auth> and this manual is Copyright 1999,2002,2003"
+msgstr ""
+"Squid B<basic_pam_auth> e questo manuale sono Copyright 1999,2002,2003,2010"
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:114
+msgid "PAM Systems Administrator Guide"
+msgstr "Guida a PAM per gli amministratori di sistema"
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:7
+msgid "Squid RADIUS authentication helper"
+msgstr ""
+"Helper di autenticazione per Squid per schema HTTP Basic e backend RADIUS"
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:12
+msgid "config file"
+msgstr "file di configurazione"
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:16
+msgid "server name"
+msgstr "nome server"
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:20
+msgid "identifier"
+msgstr "identificativo"
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:22
+msgid "secret"
+msgstr "segreto"
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:24 helpers/external_acl/session/squid_session.8:14 tools/squidclient.1:34
+msgid "timeout"
+msgstr "timeout"
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:30
+msgid ""
+"B<basic_radius_auth> allows Squid to connect to a RADIUS server to validate "
+"the user name and password of Basic HTTP authentication."
+msgstr ""
+"B<basic_radius_auth> consente a Squid di collegarsi a un server RADIUS per "
+"verificare nome utente e password ottenuti tramite schema di autenticazione "
+"HTTP Basic."
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:36
+msgid ""
+"Specifies the path to a configuration file. See the CONFIGURATION section "
+"for details on the file content."
+msgstr ""
+"Specifica il percorso del file di configurazione. Si veda la sezione "
+"CONFIGURAZIONE per i dettagli sui contenuti di tale file."
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:40
+msgid "Alternative method of specifying the server to connect to"
+msgstr "Un modo alternativo per specificare il server a cui collegarsi"
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:45
+msgid ""
+"Specify another server port where the RADIUS server listens for requests if "
+"different from the default RADIUS port. Normally not specified."
+msgstr ""
+"Specifica una porta per contattare il server RADIUS, necessario se il "
+"servizio non si trova alla porta standard. Normalmente non viene "
+"specificata."
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:50
+msgid ""
+"Unique identifier identifying this Squid proxy to the RADIUS server. If not "
+"specified the IP address is used to identify the proxy."
+msgstr ""
+"Identificatore univoco per l'istanza di Squid nei confronti del server "
+"RADIUS. Se non viene specificato, viene utilizzato l'indirizzo IP del server "
+"di Squid."
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:56
+msgid ""
+"Alternative method of specifying the shared secret. Using the B<-f> option "
+"with a configuration file is generally more secure and recommended."
+msgstr ""
+"Metodo alternativo per specificare il segreto condiviso. L'uso dell'opzione "
+"B<-f> associata a un file di configurazione esterno è in generale più sicuro "
+"e pertanto raccomandato."
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:60
+msgid "RADIUS request timeout. Default is 10 seconds."
+msgstr ""
+"Tempo massimo di attesa di risposta dal server RADIUS. Il default è 10 "
+"secondi."
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:67
+msgid ""
+"The configuration specifies how the helper connects to RADIUS. The file "
+"contains a list of directives (one per line). Lines beginning with a B<#> "
+"are ignored."
+msgstr ""
+"La configurazione specifica come l'helper si collega al server RADIUS. Il "
+"file contiene una lista di direttive (una per riga). Le righe che iniziano "
+"con B<#> sono ignorate."
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:71
+msgid "specifies the name or address of the RADIUS server to connect to."
+msgstr "specifica il nome o indirizzo del server RADIUS a cui connettersi."
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:75
+msgid "specifies the shared RADIUS secret."
+msgstr "specifica il segreto condiviso RADIUS."
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:80
+msgid ""
+"specifies what name the proxy should use to identify itself to the RADIUS "
+"server. This directive is optional."
+msgstr ""
+"specifica con quale nome il proxy si deve identificare al server RADIUS. "
+"Questa direttiva è facoltativa."
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:84
+msgid "Specifies the port number or service name where the helper should connect."
+msgstr ""
+"Specifica il numero di porta (o nome di servizio) dove l'helper dovrebbe "
+"collegarsi."
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:91
+msgid "With contributions from many others."
+msgstr "Con il contributo di molti altri."
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:107
+msgid ""
+"Or contact your favorite RADIUS list/friend if the question is more related "
+"to RADIUS than Squid."
+msgstr ""
+"O a una lista di supporto su RADIUS se la domanda è legata più a RADIUS che "
+"non a Squid."
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:121
+msgid "B<RFC2058> - Remote Authentication Dial In User Service (RADIUS)"
+msgstr "B<RFC2058> - Remote Authentication Dial In User Service (RADIUS)"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:7
+msgid "Squid LDAP external acl group helper"
+msgstr "Helper di SQUID per ACL esterne basate su LDAP"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:9
+msgid "Version 2.17"
+msgstr "Versione 2.17"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:20
+msgid "ldap_server_name"
+msgstr "ldap_server_name"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:33
+msgid ""
+"B<squid_ldap_group> allows Squid to connect to a LDAP directory to authorize "
+"users via LDAP groups. LDAP options are specified as parameters on the "
+"command line, while the username(s) and group(s) to be checked against the "
+"LDAP directory are specified on subsequent lines of input to the helper, one "
+"username/group pair per line separated by a space."
+msgstr ""
+"B<squid_ldap_group> consente a Squid di collegarsi a un server LDAP per "
+"effettuare l'autorizzazione degli utenti via gruppi LDAP. Le opzioni LDAP "
+"sono specificate sulla linea di comando, mentre le utenze e i gruppi sui "
+"quali fare le verifiche sono passati come input all'helper, una coppia "
+"username/gruppo per linea separati da uno spazio."
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:44
+msgid ""
+"As expected by the B<external_acl_type> construct of Squid, after specifying "
+"a username and group followed by a new line, this helper will produce either "
+"B<OK> or B<ERR> on the following line to show if the user is a member of the "
+"specified group."
+msgstr ""
+"Come previsto dal meccanismo di B<external_acl_type> di Squid, dovo aver "
+"specificato nome utente e gruppo, seguiti da un acapo, questo helper dovrà "
+"rispondere B<OK> oppure B<ERR> seguiti da acapo, per dichiarare se l'utente "
+"sia membro del gruppo specificato."
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:48
+msgid ""
+"The program operates by searching with a search filter based on the users "
+"user name and requested group, and if a match is found it is determined that "
+"the user belongs to the group."
+msgstr ""
+"Il programma effettua una ricerca basata su un filtro derivato dal nome "
+"utente e dal gruppo richiesto, e se viene trovata una corrispondenza "
+"significa che l'utente appartiene al gruppo specificato."
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:53
+msgid "When to dereference aliases. Defaults to 'never'"
+msgstr "Quando seguire gli alias. Il default è 'never' (mai)"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:62
+msgid ""
+"B<never> dereference aliases (default), B<always> dereference aliases, only "
+"while B<search>ing or only to B<find> the base object"
+msgstr ""
+"B<never>: non risolvere mai gli alias, B<always>: risolvi sempre gli alias, "
+"B<search>: solo durante le ricerche, o B<find>: solo per la ricerca dell"
+"'oggetto-base."
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:67
+msgid "B<REQUIRED.> Specifies the base DN under which the groups are located."
+msgstr ""
+"B<OBBLIGATORIO>. Specifica il Base-DN sotto il quale sono registrati i "
+"gruppi."
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:71
+msgid "Specifies the base DN under which the users are located (if different)"
+msgstr ""
+"Specifica il Base-DN sotto il quale sono registrati gli utenti (se è "
+"diverso)"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:76
+msgid ""
+"Specify timeout used when connecting to LDAP servers (requires Netscape LDAP "
+"API libraries)"
+msgstr ""
+"Specifica il timeout da usare quando ci si collega ai server LDAP (richiede "
+"le liberie LDAP Netscape)"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:87
+msgid ""
+"The DN and password to bind as while performing searches. Required if the "
+"directory does not allow anonymous searches."
+msgstr ""
+"Il DN e la password da utilizzare quando si effettuano ricerche. È "
+"necessario se il server LDAP non consente richerche all'utente anonimo."
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:93
+msgid ""
+"As the password needs to be printed in plain text in your Squid "
+"configuration and will be sent on the command line to the helper it is "
+"strongly recommended to use a account with minimal associated privileges. "
+"This to limit the damage in case someone could get hold of a copy of your "
+"Squid configuration file or extracts the password used from a process "
+"listing."
+msgstr ""
+"Siccome la password deve essere scritta nel file di configurazione in "
+"maniera leggibile, si raccomanda di utilizzare una utenza techica con il "
+"livello di diritti di accesso minore possibile. Questo potrebbe aiutare a "
+"limitare i danni nel caso qualcuno non autorizzato riuscisse a ottenere una "
+"copia del file di configurazione di Squid."
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:123
+msgid ""
+"LDAP search filter used to search the LDAP directory for any matching group "
+"memberships. In the filter B<%u> will be replaced by the user name (or DN "
+"if the B<-F> or B<-u> options are used) and B<%g> by the requested group "
+"name."
+msgstr ""
+"Il filtro di ricerca LDAP da utilizzare per cercare nella directory le "
+"appartenenze a gruppi. Nel filtro B<%u> viene sostituito con il nome utente "
+"(o il DN dell'utente se sono usate le opzioni B<-F> o B<-u>), e B<%g> viene "
+"sostituito dal nome del gruppo ricercato."
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:135
+msgid ""
+"LDAP search filter used to search the LDAP directory for any matching "
+"users. In the filter B<%s> will be replaced by the user name. If B<%> is to "
+"be included literally in the filter then use B<%%>"
+msgstr ""
+"Il filtro di ricerca LDAP da usare per cercare gli utenti. Nel filtro B<%s> "
+"viene sostituito dal nome utente; se si vuole usare la lettera B<%> nel "
+"filtro, la si deve esprimere con B<%%>"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:141
+msgid ""
+"Specifies that the first query argument sent to the helper by Squid is a "
+"extension to the basedn and will be temporarily added in front of the global "
+"basedn for this query."
+msgstr ""
+"Specifica che la prima richiesta inviata da squid allo helper è una "
+"estensione al Base-DN, e verrà aggiunta temporaneamente a Base-DN globale "
+"per questa richiesta."
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:145
+msgid "Specify the LDAP server to connect to"
+msgstr "Specifica il server LDAP a cui connettersi"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:149
+msgid ""
+"Specity the LDAP server to connect to by a LDAP URI (requires OpenLDAP "
+"libraries)"
+msgstr ""
+"Specifica il server LDAP a cui connettersi come URI LDAP (richiede le "
+"librerie OpenLDAP)"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:153
+msgid "Strip Kerberos Realm component from user names (@ separated)"
+msgstr ""
+"Rimuovi la componente di Reame Kerberos dai nomi utente (delimitata dal "
+"carattere B<@>)"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:158
+msgid ""
+"Specify an alternate TCP port where the ldap server is listening if other "
+"than the default LDAP port 389."
+msgstr ""
+"Specifica una porta TCP da usare per il collegamento al server, se diversa "
+"dalla porta standard LDAP (389)."
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:166
+msgid ""
+"Use a persistent LDAP connection. Normally the LDAP connection is only open "
+"while verifying a users group membership to preserve resources at the LDAP "
+"server. This option causes the LDAP connection to be kept open, allowing it "
+"to be reused for further user validations. Recommended for larger "
+"installations."
+msgstr ""
+"Usa una connessione LDAP di lunga durata. Normalmente la connessione LDAP "
+"viene mantenuta attiva soltanto mentre vengono verificate le credenziali "
+"utente, per risparmiare risorse sul server LDAP. Questa opzione fa sì che la "
+"connessione venga mantenuta aperta, consentendo di riutilizzarla per "
+"verifiche successive. Si raccomanda di attivarla per installazioni di grosse "
+"dimensioni."
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:175
+msgid "search scope. Defaults to B<sub>"
+msgstr "scope della ricerca. Il default è B<sub>"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:188 helpers/external_acl/unix_group/squid_unix_group.8:32
+msgid "Strip NT domain name component from user names (/ or \\e separated)"
+msgstr ""
+"Rimuovi la componente del nome di dominio Windows dai nomi utente "
+"(delimitata dal carattere B</> o B<\\>)"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:200
+msgid ""
+"LDAP attribute used to construct the user DN from the user name and base dn "
+"without needing to search for the user. A maximum of 16 occurrences of "
+"B<%s> are supported."
+msgstr ""
+"Attributo LDAP utilizzato per costruire il DN dell'utente partendo dal nome "
+"utente e da un Base-DN, senza richiedere di effettuare una ricerca. Sono "
+"supportate al massimo 16 ricorrenze di B<%s>."
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:214
+msgid ""
+"This helper is intended to be used as an B<external_acl_type> helper in "
+"B<squid.conf.>"
+msgstr ""
+"Questo helper è progettato per essere usato come B<external_acl_type> nella "
+"configurazione di Squid."
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:231
+msgid ""
+"B<NOTE:> When constructing search filters it is recommended to first test "
+"the filter using B<ldapsearch> to verify that the filter matches what you "
+"expect before you attempt to use B<squid_ldap_group>"
+msgstr ""
+"B<NOTA:> quando si costruiscono dei filtri di ricerca, è raccomandato di "
+"verificarne il corretto funzionamento con il programma B<ldapsearch> prima "
+"di utilizzarli con B<squid_ldap_group>, per verificare che i risultati siano "
+"quelli attesi."
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:240
+msgid "Based on prior work in B<squid_ldap_auth> by"
+msgstr "Basato su un lavoro precedente in B<squid_ldap_auth> fatto da"
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:257
+msgid ""
+"Or contact your favorite LDAP list/friend if the question is more related to "
+"LDAP than Squid."
+msgstr ""
+"O a una lista di supporto su LDAP se la domanda è legata più a LDAP che non "
+"a Squid."
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:274
+msgid "Your favorite LDAP documentation"
+msgstr "La vostra documentazione LDAP di riferimento."
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:7
+msgid "Squid session tracking external acl group helper."
+msgstr "Helper di controllo accessi esterno basato sul tracciamento sessione."
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:9
+msgid "Version 1.0"
+msgstr "Versione 1.0"
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:16
+msgid "database"
+msgstr "base dati"
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:23
+msgid ""
+"B<squid_session> maintains a concept of sessions by monitoring requests and "
+"timing out sessions if no requests have been seen for the idle timeout "
+"timer."
+msgstr ""
+"B<squid_session> mantiene una tabella di sessione, controllando le richieste "
+"e utilizzando un timeout di inattività per chiuderle."
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:25
+msgid "Intended use is for displaying \"terms of use\" pages, ad popups etc."
+msgstr ""
+"Il suo scopo è di aiutare nel mostrare pagine di condizioni di utilizzo, "
+"pubblicità ecc."
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:31
+msgid "B<Timeout> for any session. If not specified the default is 3600 seconds."
+msgstr ""
+"B<Tempo di vita> per le sessioni. Se non specificato, il default è 3600 "
+"secondi."
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:38
+msgid ""
+"B<Path> to persistent database. If not specified the session details will be "
+"kept in memory only and all sessions will reset each time Squid restarts "
+"it's helpers (Squid restart or rotation of logs)."
+msgstr ""
+"B<Percorso> alla base dati persistente. Se non specificato, la tabella delle "
+"sessioni viene tenuta in memoria, e viene azzerata ogni volta che gli "
+"helper vengono riavviati (riavvio di Squid oppure rotazione dei log)"
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:46
+msgid ""
+"Active mode. In this mode sessions are started by evaluating an acl with the "
+"argument B<LOGIN> , or terminated by the argument B<LOGOUT>"
+msgstr ""
+"Modalità attiva. Quando è usata, le sessioni vengono iniziate valutando una "
+"acl con parametro B<LOGIN>, o terminate con il parametro B<LOGOUT>"
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:49
+msgid ""
+"Without this flag the helper automatically starts the session after the "
+"first request."
+msgstr ""
+"Senza questa opzione, lo helper inizia automaticamente la sessione dopo la "
+"prima richiesta."
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:53
+msgid "Configuration example using the default automatic mode"
+msgstr "Esempio di configurazione che usa la modalità automatica (il default)"
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:62
+msgid ""
+"Then set up http://your.server.example.com/bannerpage to display a session "
+"startup page and then redirect the user back to the requested URL given in "
+"the url query parameter."
+msgstr ""
+"Poi occorre allestire un sito web http://your.server.example.com/bannerpage "
+"che mostri una pagina di avvio di sessione, e poi reindirizzi l'utente alla "
+"URL originale, che viene passata come parametro \"url\" della richiesta HTTP."
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:7
+msgid "Squid UNIX Group helper"
+msgstr "Helper per Squid basato su gruppi UNIX"
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:11 helpers/external_acl/unix_group/squid_unix_group.8:13
+msgid "group"
+msgstr "gruppo"
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:18
+msgid ""
+"B<squid_unix_group> allows Squid to base access controls on users "
+"memberships in UNIX groups."
+msgstr ""
+"B<squid_unix_group> consente a Squid di basare i controlli di accesso "
+"sull'appartenenza dell'utente a gruppi UNIX."
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:23
+msgid "Specifies a group name to match."
+msgstr "Specifica un nome di gruppo per la verifica."
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:28
+msgid "Also match the users primary group from B</etc/passwd>"
+msgstr ""
+"Verifica anche il gruppo primario di appartenenza dell'utente nel file "
+"B</etc/passwd>"
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:46
+msgid ""
+"This B<squid.conf> example defines two Squid acls. I<usergroup1> matches "
+"users in I<group1> , and I<usergroup2> matches users in I<group2> or "
+"I<group3>"
+msgstr ""
+"Questo esempio di configurazione di Squid definisce due acl. I<usergroup1> "
+"verifica gli utenti nel gruppo I<group1>, e I<usergroup2> verifica gli "
+"utenti nei gruppi I<group2> o I<group3>"
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:56
+msgid ""
+"By default up to 11 groups can be matched in one acl (including commandline "
+"specified groups). This limit is defined by B<MAX_GROUPS> in the source "
+"code."
+msgstr ""
+"Per default una singola acl può verificare fino a 11 gruppi (inclusi quelli "
+"specificati sulla linea di comando). Questo limite è definito dal parametro "
+"B<MAX_GROUPS> nel codice sorgente."
+
+#. type: SH
+#: helpers/external_acl/unix_group/squid_unix_group.8:57
+#, no-wrap
+msgid "KNOWN ISSUES"
+msgstr "LIMITAZIONI NOTE"
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:61
+msgid ""
+"Does not understand GID aliased groups sometimes used to work around groups "
+"size limitations. If you are using GID aliased groups then you must specify "
+"each alias by name."
+msgstr ""
+"Non riesce a gestire i gruppi con alias di GID, che vengono talvolta "
+"utilizzati per aggirare limitazioni alle dimensioni dei gruppi. Se vengono "
+"utilizzati alias di GID, occorre specificare ogni alias per nome."
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:90
+msgid "Additionally bugs or bug-fixes can be reported to"
+msgstr "Inoltre, bug o soluzioni di bug possono essere segnalati a"
+
+#. type: Plain text
+#: src/squid.8.in:7
+msgid "HTTP web proxy caching server"
+msgstr "server proxy caching HTTP"
+
+#. type: Plain text
+#: src/squid.8.in:13
+msgid "facility"
+msgstr "sottosistema"
+
+#. type: Plain text
+#: src/squid.8.in:15
+msgid "config-file"
+msgstr "file di configurazione"
+
+#. type: Plain text
+#: src/squid.8.in:19
+msgid "signal"
+msgstr "segnale"
+
+#. type: Plain text
+#: src/squid.8.in:21
+msgid "service-name"
+msgstr "nome del servizio"
+
+#. type: Plain text
+#: src/squid.8.in:23
+msgid "command-line"
+msgstr "linea di comando"
+
+#. type: Plain text
+#: src/squid.8.in:32
+msgid ""
+"B<squid> is a high-performance proxy caching server for web clients, "
+"supporting FTP, gopher, ICAP, ICP, HTCP and HTTP data objects. Unlike "
+"traditional caching software, Squid handles all requests in a single, "
+"non-blocking process."
+msgstr ""
+"B<squid> è un server proxy con cache ad alte prestazioni per client WWW, con "
+"supporto supporta i protocolli FTP, gopher, ICAP, ICP, HTCP e HTTP. A "
+"differenza di altri software, Squid gestisce tutte operazioni all'interno di "
+"un singolo processo con I/O non bloccante."
+
+#. type: Plain text
+#: src/squid.8.in:36
+msgid ""
+"Squid keeps meta data and especially hot objects cached in RAM, caches DNS "
+"lookups, supports non-blocking DNS lookups, and implements negative caching "
+"of failed requests."
+msgstr ""
+"Squid tiene traccia delle informazioni sugli oggetti in cache e gli oggetti "
+"più richiesti in RAM, effettua caching delle richieste DNS, supporta "
+"richieste DNS non bloccanti, e implementa il caching negativo delle "
+"richieste fallite."
+
+#. type: Plain text
+#: src/squid.8.in:41
+msgid ""
+"Squid supports SSL, extensive access controls, and full request logging. By "
+"using the lightweight Internet Cache Protocols ICP, HTCP or CARP, Squid "
+"caches can be arranged in a hierarchy or mesh for additional bandwidth "
+"savings."
+msgstr ""
+"Squid supporta SSL, ha meccanismi di controllo accessi molto evoluti, e "
+"consente di registrare le richieste ricevute. Utilizzando i protocolli di "
+"coordinamento tra server cache ICP, HTCP e CARP, più server Squid possono "
+"essere collegati in maniera gerarchica per ottenere ulteriori risparmi di "
+"banda."
+
+#. type: Plain text
+#: src/squid.8.in:49
+msgid ""
+"Squid consists of a main server program B<squid> , some optional programs "
+"for custom processing and authentication, and some management and client "
+"tools. When squid starts up, it spawns a configurable number of helper "
+"processes, each of which can perform parallel lookups. This reduces the "
+"amount of time the cache waits for results."
+msgstr ""
+"Squid consiste di un programma primario B<squid>, e alcuni programmi "
+"opzionali che svolgono funzioni specifiche, e alcuni strumenti di gestione e "
+"client. Quando Squid viene avviato, lancia un numero configurabile di "
+"processi ausiliari, ciascuno dei quali può lavorare in parallelo. Questo "
+"riduce il tempo di attesa di risultati."
+
+#. type: Plain text
+#: src/squid.8.in:51
+msgid "Squid is derived from the ARPA-funded Harvest Project."
+msgstr "Squid deriva dal progetto Harvest, sponsorizzato da ARPA."
+
+#. type: Plain text
+#: src/squid.8.in:57
+msgid ""
+"This manual page only lists the command line arguments. For details on how "
+"to configure Squid see the file B<@SYSCONFDIR@/squid.conf.documented,> the "
+"Squid wiki FAQ and examples at http://wiki.squid-cache.org/ , or the "
+"configuration manual on the Squid home page"
+msgstr ""
+"Questa pagina di manuale elenca solo le opzioni da linea di comando. Per "
+"avere ulteriori dettagli su come configurare Squid, si veda il file "
+"B<@SYSCONFDIR@/squid.conf.documented> , il Wiki di squid, la FAQ oppure gli "
+"esempi all'indirizzo http://wiki.squid-cache.org/ , oppure il manuale di "
+"configurazione all'indirizzo http://www.squid-cache.org/ o uno dei suoi "
+"mirror."
+
+#. type: Plain text
+#: src/squid.8.in:66
+msgid ""
+"Specify HTTP port number where Squid should listen for requests, in addition "
+"to any B<http_port> specifications in B<squid.conf>"
+msgstr ""
+"Specifica il numero di porta dove Squid deve rimanere in attesa di richieste "
+"HTTP, in aggiunta a quelle specificate dalla direttiva B<http_port> nel "
+"file di configurazione"
+
+#. type: Plain text
+#: src/squid.8.in:70
+msgid "Do not catch fatal signals."
+msgstr "Non intercettare i messaggi di errore fatale."
+
+#. type: Plain text
+#: src/squid.8.in:74
+msgid "Write debugging to stderr also."
+msgstr "Scrive le informazioni di debug anche sullo standard error."
+
+#. type: Plain text
+#: src/squid.8.in:86
+msgid ""
+"Use the given config-file instead of B<@SYSCONFDIR@/squid.conf .> If the "
+"file name starts with a B<!> or B<|> then it is assumed to be an external "
+"command or command line. Can for example be used to pre-process the "
+"configuration before it is being read by Squid. To facilitate this Squid "
+"also understands the common #line notion to indicate the real source file."
+msgstr ""
+"Utilizza il file di configurazione specificato invece di "
+"B<@SYSCONFDIR@/squid.conf> . Se il nome file inizia col carattere B<!> o "
+"B<|> allora viene interpretato come comando esterno. Questo può essere utile "
+"per fare elaborazioni specifiche della configurazione prima che Squid la "
+"legga. Per agevolare questo processo Squid comprende anche la notazione "
+"#linea per indicare quale sia il nome reale del file."
+
+#. type: Plain text
+#: src/squid.8.in:90
+msgid "Don't serve any requests until store is rebuilt."
+msgstr ""
+"Non processare alcuna richiesta finchè non sia completata la ricostruzione "
+"dello stato dei contenuti della cache su disco."
+
+#. type: Plain text
+#: src/squid.8.in:94
+msgid "Print help message."
+msgstr "Stampa un messaggio di aiuto."
+
+#. type: Plain text
+#: src/squid.8.in:100
+msgid "Install as a Windows Service (see B<-n> option)."
+msgstr "Installa come servizio MS Windows (vedere anche l'opzione B<-n>)."
+
+#. type: Plain text
+#: src/squid.8.in:107
+msgid ""
+"Parse configuration file, then send signal to running copy (except B<-k "
+"parse> ) and exit."
+msgstr ""
+"Leggi il file di configurazione, invia un segnale alla copia di Squid in "
+"esecuzione (tranne nel caso del comando B<-k parse>) e esci."
+
+#. type: Plain text
+#: src/squid.8.in:112
+msgid "Use specified syslog facility. implies B<-s>"
+msgstr "Usa il marcatore di sottosistema sylog specificato. Implica B<-s>"
+
+#. type: Plain text
+#: src/squid.8.in:117
+msgid ""
+"Specify Windows Service name to use for service operations, default is: "
+"B<Squid>"
+msgstr ""
+"Specifica il nome del servizio MS Windows da usare, il default è B<Squid>"
+
+#. type: Plain text
+#: src/squid.8.in:121
+msgid "No daemon mode."
+msgstr "Non attivare la modalità servizio (daemon)."
+
+#. type: Plain text
+#: src/squid.8.in:125
+msgid "Set Windows Service Command line options in Registry."
+msgstr ""
+"Imposta le opzioni della linea di comando del servizio MS WIndows nel "
+"Registro di configurazione."
+
+#. type: Plain text
+#: src/squid.8.in:131
+msgid "Remove a Windows Service (see B<-n> option)."
+msgstr "Disinstalla un Servizio MS Windows (vedere anche l'opzione B<-n>)."
+
+#. type: Plain text
+#: src/squid.8.in:137
+msgid "Do not set B<REUSEADDR> on port."
+msgstr "Non impostare l'opzione B<REUSEADDR> sulla porta."
+
+#. type: Plain text
+#: src/squid.8.in:142
+msgid "Enable logging to syslog. Also configurable in B<@SYSCONFDIR@/squid.conf>"
+msgstr ""
+"Abilita la registrazione degli accessi verso il servizio syslog. Si può "
+"impostare anche nel file di configurazione."
+
+#. type: Plain text
+#: src/squid.8.in:146
+msgid "Double-check swap during rebuild."
+msgstr ""
+"Verifica in maniera approfondita lo stato delle metainformazioni registrate "
+"nei file di stato durante la ricostruzione."
+
+#. type: Plain text
+#: src/squid.8.in:150
+msgid "Specify ICP port number (default: 3130), disable with 0."
+msgstr ""
+"Specifica il numero di porta ICP (default: 3130), la disabilita se impostato "
+"a 0."
+
+#. type: Plain text
+#: src/squid.8.in:154
+msgid "Print version and build details."
+msgstr "Stampa la versione e i dettagli dei parametri di configurazione."
+
+#. type: Plain text
+#: src/squid.8.in:158
+msgid "Force full debugging."
+msgstr "Abilita la stampa delle informazioni complete di debug."
+
+#. type: Plain text
+#: src/squid.8.in:166
+msgid "Only return B<UDP_HIT> or B<UDP_MISS_NOFETCH> during fast reload."
+msgstr ""
+"Limita le risposte durante un riavvio veloce alle sole B<UDP_HIT> e "
+"B<UDP_MISS_NOFETCH>."
+
+#. type: Plain text
+#: src/squid.8.in:170
+msgid "Create swap directories"
+msgstr "Crea la struttura di directory necessaria per la cache."
+
+#. type: SH
+#: src/squid.8.in:171
+#, no-wrap
+msgid "FILES"
+msgstr "FILE"
+
+#. type: Plain text
+#: src/squid.8.in:173
+msgid "Squid configuration files located in @SYSCONFDIR@/:"
+msgstr "File di configurazione di Squid registrati in @SYSCONFDIR@/:"
+
+#. type: Plain text
+#: src/squid.8.in:178
+msgid ""
+"The main configuration file. You must initially make changes to this file "
+"for B<squid> to work. For example, the default configuration does not allow "
+"access from any browser."
+msgstr ""
+"Il file di configurazione principale. Perchè Squid funzioni è necessario "
+"modificare questo file. Ad esempio, la di default non consente accesso ad "
+"alcun utente."
+
+#. type: Plain text
+#: src/squid.8.in:182 src/squid.8.in:188
+msgid ""
+"Reference copy of the configuration file. Always kept up to date with the "
+"version of Squid you are using."
+msgstr ""
+"Copia di riferimento del file di configurazione. Viene mantenuta allineata "
+"con la versione di Squid in uso."
+
+#. type: Plain text
+#: src/squid.8.in:184
+msgid ""
+"Use this to look up the default configuration settings and syntax after "
+"upgrading."
+msgstr ""
+"La si può usare per verificare quali siano le impostazioni di default o la "
+"sintassi dopo un aggiornamento."
+
+#. type: Plain text
+#: src/squid.8.in:193
+msgid ""
+"Use this to read the documentation for configuration options available in "
+"your build of Squid. The online configuration manual is also available for a "
+"full reference of options. B<see>http://www.squid-cache.org/Doc/config/"
+msgstr ""
+"La si può usare per leggere la documentazione sulle opzioni di "
+"configurazioni disponibili nella vostra installazione di squid. Per una "
+"vista completa delle opzioni disponibili si può usare il manuale online, "
+"all'indirizzo http://www.squid-cache.org/Doc/config/"
+
+#. type: Plain text
+#: src/squid.8.in:198
+msgid "The main configuration file for the web B<cachemgr.cgi> tools."
+msgstr ""
+"Il file di configurazione principale per il programma web B<cachemgr.cgi>."
+
+#. type: Plain text
+#: src/squid.8.in:201
+msgid "The main configuration file for the Sample MSNT authenticator."
+msgstr "Il file di configurazione principale per l'autenticatore MSNT."
+
+#. type: Plain text
+#: src/squid.8.in:206
+msgid ""
+"CSS Stylesheet to control the display of generated error pages. Use this to "
+"set any company branding you need, it will apply to every language Squid "
+"provides error pages for."
+msgstr ""
+"Foglio di Stile (CSS) per controllare l'aspetto delle pagine di errore. Lo "
+"si può usare per impostare l'aspetto secondo gli standard aziendali. Viene "
+"applicato alle pagine di errore generate da Squid per ogni lingua "
+"supportata."
+
+#. type: Plain text
+#: src/squid.8.in:209
+msgid "Some files also located elsewhere:"
+msgstr "Alcuni file sono registrati altrove:"
+
+#. type: Plain text
+#: src/squid.8.in:212
+msgid "MIME type mappings for FTP gatewaying"
+msgstr "mappa dei tipi file MIME per le funzioni di gateway FTP"
+
+#. type: Plain text
+#: src/squid.8.in:215
+msgid "Location of Squid error pages and templates."
+msgstr "Posizione delle pagine di errore e modelli di Squid."
+
+#. type: Plain text
+#: src/squid.8.in:218
+msgid ""
+"Squid was written over many years by a changing team of developers and "
+"maintained in turn by"
+msgstr ""
+"Squid è stato scritto durante il corso di molti anni da una squadra di "
+"sviluppatori in costante evoluzione, e è stato manutenuto nel tempo da"
+
+#. type: Plain text
+#: src/squid.8.in:225
+msgid ""
+"With contributions from many others in the Squid community. see "
+"CONTRIBUTORS for a full list of individuals who contributed code. see "
+"CREDITS for a list of major code contributing copyright holders."
+msgstr ""
+"Col contributo di molte altre persone della comunità di Squid. La lista "
+"delle persone che hanno maggiormente contribuito e di coloro che detengono i "
+"diritti d'autore è registrata nel file CREDITS."
+
+#. type: Plain text
+#: src/squid.8.in:233
+msgid ""
+"This software product, SQUID, is developed by a team of individuals, and "
+"copyrighted (C) 2001 by the Regents of the University of California, with "
+"all rights reserved. UCSD administered the NLANR Cache grants, NCR 9616602 "
+"and NCR 9521745 under which most of this code was developed."
+msgstr ""
+"I diritti di copia suesto prodotto software, SQUID, è sviluppato da una "
+"squadra di persone, sono detenuti (C) 2001 dai Regents dell'Università della "
+"California; tutti i diritti riservati. UCSD ha amministrato le donazioni "
+"NLANR Cache, grants numero NCR 9616602 e NCR 9521745, grazie ai quali gran "
+"parte del codice di squid è stato sviluppato."
+
+#. type: Plain text
+#: src/squid.8.in:240
+msgid ""
+"This program is free software; you can redistribute it and/or modify it "
+"under the terms of the GNU General Public License (version 2) as published "
+"by the Free Software Foundation. It is distributed in the hope that it will "
+"be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of "
+"MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General "
+"Public License for more details."
+msgstr ""
+"This program is free software; you can redistribute it and/or modify it "
+"under the terms of the GNU General Public License (version 2) as published "
+"by the Free Software Foundation. It is distributed in the hope that it will "
+"be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of "
+"MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General "
+"Public License for more details."
+
+#. type: Plain text
+#: src/squid.8.in:242
+msgid ""
+"see the CREDITS file for further copyright licensing of third-party code "
+"contributions."
+msgstr ""
+"si rimanda al file CREDITS per ulteriori informazioni su copyright e "
+"condizioni di licenza dei contributi di terze parti."
+
+#. type: Plain text
+#: src/squid.8.in:268
+msgid "The Squid FAQ wiki"
+msgstr "Il Wiki contenente la FAQ di Squid"
+
+#. type: Plain text
+#: src/squid.8.in:271
+msgid "The Squid Configuration Manual"
+msgstr "Il Manuale di Configurazione di Squid"
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:7
+msgid "Squid HTTP proxy manager CGI web interface"
+msgstr "L'interfaccia Web CGI Proxy Manager Squid"
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:18
+msgid ""
+"The cache manager ( B<cachemgr.cgi> ) is a CGI utility for displaying "
+"statistics about the Squid HTTP proxy process as it runs. The cache manager "
+"is a convenient way to manage the cache and view statistics without logging "
+"into the server."
+msgstr ""
+"Il cache manager ( B<cachemgr.cgi> ) è un tool CGI che consente di mostrare "
+"statistiche sul processo Squid in esecuzione. Il cache manager è un metodo "
+"comodo per gestire Squid e accedere a statistiche di funzionamento senza la "
+"necessità di accedere al sistema operativo."
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:22
+msgid ""
+"Configuration examples for many common web servers can be found in the Squid "
+"FAQ wiki."
+msgstr ""
+"Esempi di configurazione per molti diffusi webserver possono essere trovati "
+"nel Wiki di Squid."
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:34
+msgid ""
+"The access configuration file defining which Squid servers may be managed "
+"via this B<cachemgr.cgi> program. Each line specifies a B<server>:B<port> "
+"followed by an optional description"
+msgstr ""
+"La file di controllo della configurazione di accesso che definisce quali "
+"server Squid possano essere gestiti da questa installazione di "
+"B<cachemgr.cgi>. Ogni linea specifica un server, con il formato "
+"B<server>:B<port> , opzionalmente seguiti da una descrizione"
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:38
+msgid ""
+"The server name may contain shell wildcard characters such as *, [] etc. A "
+"quick selection dropdown menu is automatically constructed from the simple "
+"server names."
+msgstr ""
+"Il nome del server può contenere caratteri jolly con sintassi shell, come *, "
+"[] ecc. Un menu di selezione viene costruito automaticamente elencando i "
+"nomi dei server."
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:42
+msgid ""
+"Specifying :port is optional. If not specified then the default proxy port "
+"is assumed. :* or :any matches any port on the target server."
+msgstr ""
+"La specifica della B<:porta> è opzionale. Se non viene specificata, viene "
+"automaticamente definita la porta standard. La sintassi B<:*> oppure B<:any> "
+"può essere usata per indicare una porta qualsiasi del server."
+
+#. type: SH
+#: tools/cachemgr.cgi.8.in:43
+#, no-wrap
+msgid "SECURITY"
+msgstr "SICUREZZA"
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:50
+msgid ""
+"B<cachemgr.cgi> calls the requested server on the requested port using HTTP "
+"and returns a formatted version of the response. To avoid abuse it is "
+"recommended to configure your web server to restrict access to the "
+"B<cachemgr.cgi> program."
+msgstr ""
+"B<cachemgr.cgi> accede al server specificato sulla porta specificata in "
+"HTTP, e resituisce una versione processata della risposta. Per evitare che "
+"se ne possa abusare, si raccomanda di configurare il web server in maniera "
+"tale da limitare l'acesso al programma B<cachemgr.cgi>."
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:56 tools/squidclient.1:168
+msgid ""
+"Derived from Harvest. Further developed by by numerous individuals from the "
+"internet community. Development is led by Duane Wessels of the National "
+"Laboratory for Applied Network Research and funded by the National Science "
+"Foundation."
+msgstr ""
+"Derivato da Harvest. Ulteriormente sviluppato da numerose persone della "
+"comunità Internet. Lo sviluppo è guidato da Duane Wessels del National "
+"Laboratory for Applied Network Research (USA), usando fondi concessi dalla "
+"National Science Foundation (USA)."
+
+#. type: Plain text
+#: tools/squidclient.1:7
+msgid "A simple HTTP web client tool"
+msgstr "Un semplice client HTTP"
+
+#. type: Plain text
+#: tools/squidclient.1:12 tools/squidclient.1:32
+msgid "count"
+msgstr "conteggio"
+
+#. type: Plain text
+#: tools/squidclient.1:14
+msgid "remote host"
+msgstr "sistema remoto"
+
+#. type: Plain text
+#: tools/squidclient.1:16
+msgid "string"
+msgstr "stringa"
+
+#. type: Plain text
+#: tools/squidclient.1:18
+msgid "IMS"
+msgstr "IMS"
+
+#. type: Plain text
+#: tools/squidclient.1:20
+msgid "ping interval"
+msgstr "intervallo di ping"
+
+#. type: Plain text
+#: tools/squidclient.1:22
+msgid "Host header"
+msgstr "Header HTTP Host"
+
+#. type: Plain text
+#: tools/squidclient.1:24
+msgid "local host"
+msgstr "sistema locale"
+
+#. type: Plain text
+#: tools/squidclient.1:26
+msgid "method"
+msgstr "metodo"
+
+#. type: Plain text
+#: tools/squidclient.1:30
+msgid "file"
+msgstr "file"
+
+#. type: Plain text
+#: tools/squidclient.1:36 tools/squidclient.1:38
+msgid "user"
+msgstr "utente"
+
+#. type: Plain text
+#: tools/squidclient.1:40
+msgid "version"
+msgstr "versione"
+
+#. type: Plain text
+#: tools/squidclient.1:42 tools/squidclient.1:44
+msgid "password"
+msgstr "password"
+
+#. type: Plain text
+#: tools/squidclient.1:46
+msgid "url"
+msgstr "url"
+
+#. type: Plain text
+#: tools/squidclient.1:55
+msgid ""
+"B<squidclient> is a tool providing a command line interface for retrieving "
+"URLs. Designed for testing any HTTP 0.9, 1.0, or 1.1 web server or proxy. "
+"This tool can be combined with scripts to perform any basic HTTP operation. "
+"Some additional features for access to the B<squid> proxy object cache and "
+"management information are provided."
+msgstr ""
+"B<squidclient> è uno strumento a linea di comando per accedere a URL. È "
+"stato scritto per fare prove verso qualsiasi server web o proxy secondo le "
+"specifiche HTTP versione 0.9, 1.0 o 1.1 . Questo strumento può essere "
+"combinato con script per svolgere qualsiasi operazione HTTP di base. Alcune "
+"funzionalità aggiuntive sono orientate all'accesso di informazioni di "
+"gestione di Squid."
+
+#. type: Plain text
+#: tools/squidclient.1:60
+msgid "Do NOT include Accept: header."
+msgstr "Non includere lo header HTTP Accept: ."
+
+#. type: Plain text
+#: tools/squidclient.1:66
+msgid "Ping mode, perform I<count> iterations (0 to loop until interrupted)."
+msgstr ""
+"Modalità Ping, effettua I<count> iterazioni (specificare 0 per continuare "
+"finchè esplicitamente interrotto)"
+
+#. type: Plain text
+#: tools/squidclient.1:71
+msgid "Retrieve URL from cache on hostname. Default is B<localhost>"
+msgstr ""
+"Richiedi la URL alla cache sul server B<hostname> (default: B<localhost>)"
+
+#. type: Plain text
+#: tools/squidclient.1:77
+msgid "Extra headers to send. Use B<'\\n'> for new lines."
+msgstr ""
+"Header HTTP aggiuntivi da inviare. Per indicare l'acapo si può usare B<'\\\n"
+"'>."
+
+#. type: Plain text
+#: tools/squidclient.1:81
+msgid "If-Modified-Since time (in Epoch seconds)."
+msgstr "Tempo per If-Modified-Since (in secondi dalla Epoch)."
+
+#. type: Plain text
+#: tools/squidclient.1:85
+msgid "Ping interval in seconds (default 1 second)."
+msgstr "Intervallo di ping in secondi (default: 1 secondo)."
+
+#. type: Plain text
+#: tools/squidclient.1:89
+msgid "Host header content"
+msgstr "Continuto dello Header HTTP 'Host:'"
+
+#. type: Plain text
+#: tools/squidclient.1:93
+msgid "Specify a local IP address to bind to. Default is none."
+msgstr "Specifica un indirizzo IP locale da utilizzare. Il default è nessuno."
+
+#. type: Plain text
+#: tools/squidclient.1:108
+#, no-wrap
+msgid ""
+"Request method, default is\n"
+"I<GET.>\n"
+"Squid also supports a non-standard method called\n"
+"I<PURGE.>\n"
+"You can use that to purge a specific URL from the cache.\n"
+"You need to have\n"
+"I<purge>\n"
+"access setup in\n"
+"B<squid.conf>\n"
+"similar to\n"
+"I<manager>\n"
+" access. Here is an example:\n"
+msgstr ""
+"Metodo HTTP per effettuare la richiesta, il default è I<GET>. Squid offre "
+"anche un metodo non standard chiamato I<PURGE>, che può essere usato per "
+"rimuovere dalla cache una specifica URL. Per poterlo fare è necessario avere "
+"impostato correttamente l'accesso alle funzioni I<purge> nella "
+"configurazione di squid, in maniera analoga a quanto fatto per l'accesso "
+"alle funzioni di I<manager>. Ecco un esempio:"
+
+#. type: Plain text
+#: tools/squidclient.1:116
+msgid "Port number of cache. Default is 3128."
+msgstr "Porta di servizio della cache. Il default è 3128."
+
+#. type: Plain text
+#: tools/squidclient.1:120
+msgid "Request body. Using the named file as data."
+msgstr ""
+"Corpo (body) della richiesta, utilizza come contenuto il file passato come "
+"parametro."
+
+#. type: Plain text
+#: tools/squidclient.1:124
+msgid "Force cache to reload URL."
+msgstr "Costringi la cache a riscaricare i contenuti della URL."
+
+#. type: Plain text
+#: tools/squidclient.1:128
+msgid "Silent. Do not print data to stdout."
+msgstr "Silenzio. Non scivere nulla su standard output."
+
+#. type: Plain text
+#: tools/squidclient.1:134
+msgid "Trace I<count> HTTP relay or proxy hops"
+msgstr "Traccia I<count> passaggi attraverso proxy"
+
+#. type: Plain text
+#: tools/squidclient.1:138
+msgid "Timeout value (seconds) for read/write operations."
+msgstr ""
+"Tempo massimo di attesa (in secondi) per le operazioni di lettura e "
+"scrittura."
+
+#. type: Plain text
+#: tools/squidclient.1:142
+msgid "Proxy authentication username"
+msgstr "Nome utente usato per identificarsi al proxy"
+
+#. type: Plain text
+#: tools/squidclient.1:146
+msgid "WWW authentication username"
+msgstr "Nome utente usato per identificarsi al server web"
+
+#. type: Plain text
+#: tools/squidclient.1:150
+msgid "Verbose. Print outgoing message to stderr."
+msgstr "Prolisso. Stampa il messaggio inviato sullo standard error."
+
+#. type: Plain text
+#: tools/squidclient.1:154
+msgid "HTTP Version. Use '-' for HTTP/0.9 omitted case"
+msgstr ""
+"Versione HTTP. Si può usare il valore '-' per indicare il caso di HTTP/0.9 "
+"senza indicazione esplicita della versione"
+
+#. type: Plain text
+#: tools/squidclient.1:158
+msgid "Proxy authentication password"
+msgstr "Password per l'identificazione al proxy"
+
+#. type: Plain text
+#: tools/squidclient.1:162
+msgid "WWW authentication password"
+msgstr "Password per l'identificazione al server web"
msgid ""
msgstr ""
"Project-Id-Version: Squid-3\n"
-"POT-Creation-Date: 2010-02-13 00:05+1400\n"
+"POT-Creation-Date: 2010-05-01 00:17+1200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
"Content-Transfer-Encoding: ENCODING"
#. type: SH
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:3 helpers/basic_auth/LDAP/basic_ldap_auth.8:3 helpers/basic_auth/NCSA/basic_ncsa_auth.8:3 helpers/basic_auth/PAM/basic_pam_auth.8:3 helpers/basic_auth/RADIUS/basic_radius_auth.8:3 helpers/external_acl/ldap_group/squid_ldap_group.8:3 helpers/external_acl/session/squid_session.8:3 helpers/external_acl/unix_group/squid_unix_group.8:3 src/squid.8.in:3 tools/cachemgr.cgi.8.in:3 tools/squidclient.1:3
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:3 helpers/basic_auth/LDAP/basic_ldap_auth.8:3 helpers/basic_auth/NCSA/basic_ncsa_auth.8:3 helpers/basic_auth/PAM/basic_pam_auth.8:3 helpers/basic_auth/RADIUS/basic_radius_auth.8:3 helpers/basic_auth/SASL/basic_sasl_auth.8:3 helpers/digest_auth/file/digest_file_auth.8:3 helpers/external_acl/ldap_group/squid_ldap_group.8:3 helpers/external_acl/session/squid_session.8:3 helpers/external_acl/unix_group/squid_unix_group.8:3 src/squid.8.in:3 tools/cachemgr.cgi.8.in:3 tools/squidclient.1:3
#, no-wrap
msgid "NAME"
msgstr ""
msgstr ""
#. type: SH
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:8 helpers/basic_auth/LDAP/basic_ldap_auth.8:8 helpers/basic_auth/NCSA/basic_ncsa_auth.8:8 helpers/basic_auth/PAM/basic_pam_auth.8:8 helpers/basic_auth/RADIUS/basic_radius_auth.8:8 helpers/external_acl/ldap_group/squid_ldap_group.8:10 helpers/external_acl/session/squid_session.8:10 helpers/external_acl/unix_group/squid_unix_group.8:8 src/squid.8.in:8 tools/cachemgr.cgi.8.in:8 tools/squidclient.1:8
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:8 helpers/basic_auth/LDAP/basic_ldap_auth.8:8 helpers/basic_auth/NCSA/basic_ncsa_auth.8:8 helpers/basic_auth/PAM/basic_pam_auth.8:8 helpers/basic_auth/RADIUS/basic_radius_auth.8:8 helpers/basic_auth/SASL/basic_sasl_auth.8:10 helpers/digest_auth/file/digest_file_auth.8:10 helpers/external_acl/ldap_group/squid_ldap_group.8:10 helpers/external_acl/session/squid_session.8:10 helpers/external_acl/unix_group/squid_unix_group.8:8 src/squid.8.in:8 tools/cachemgr.cgi.8.in:8 tools/squidclient.1:8
#, no-wrap
msgid "SYNOPSIS"
msgstr ""
#. type: SH
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:11 helpers/basic_auth/LDAP/basic_ldap_auth.8:39 helpers/basic_auth/NCSA/basic_ncsa_auth.8:12 helpers/basic_auth/PAM/basic_pam_auth.8:15 helpers/basic_auth/RADIUS/basic_radius_auth.8:26 helpers/external_acl/ldap_group/squid_ldap_group.8:26 helpers/external_acl/session/squid_session.8:18 helpers/external_acl/unix_group/squid_unix_group.8:15 src/squid.8.in:25 tools/cachemgr.cgi.8.in:11 tools/squidclient.1:47
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:11 helpers/basic_auth/LDAP/basic_ldap_auth.8:39 helpers/basic_auth/NCSA/basic_ncsa_auth.8:12 helpers/basic_auth/PAM/basic_pam_auth.8:15 helpers/basic_auth/RADIUS/basic_radius_auth.8:26 helpers/basic_auth/SASL/basic_sasl_auth.8:13 helpers/digest_auth/file/digest_file_auth.8:15 helpers/external_acl/ldap_group/squid_ldap_group.8:26 helpers/external_acl/session/squid_session.8:18 helpers/external_acl/unix_group/squid_unix_group.8:15 src/squid.8.in:25 tools/cachemgr.cgi.8.in:11 tools/squidclient.1:47
#, no-wrap
msgid "DESCRIPTION"
msgstr ""
#. type: TP
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:29
#, no-wrap
-msgid "Can handle LDAP request"
+msgid "Can handle LDAP requests"
msgstr ""
#. type: TP
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:31
#, no-wrap
-msgid "Can handle PAM request"
+msgid "Can handle PAM requests"
msgstr ""
#. type: SH
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:34 helpers/basic_auth/LDAP/basic_ldap_auth.8:242 helpers/basic_auth/NCSA/basic_ncsa_auth.8:24 helpers/basic_auth/PAM/basic_pam_auth.8:41 helpers/basic_auth/RADIUS/basic_radius_auth.8:61 helpers/external_acl/ldap_group/squid_ldap_group.8:209 helpers/external_acl/session/squid_session.8:50 helpers/external_acl/unix_group/squid_unix_group.8:33 tools/cachemgr.cgi.8.in:19
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:34 helpers/basic_auth/LDAP/basic_ldap_auth.8:242 helpers/basic_auth/NCSA/basic_ncsa_auth.8:24 helpers/basic_auth/PAM/basic_pam_auth.8:41 helpers/basic_auth/RADIUS/basic_radius_auth.8:61 helpers/basic_auth/SASL/basic_sasl_auth.8:19 helpers/digest_auth/file/digest_file_auth.8:25 helpers/external_acl/ldap_group/squid_ldap_group.8:209 helpers/external_acl/session/squid_session.8:50 helpers/external_acl/unix_group/squid_unix_group.8:33 tools/cachemgr.cgi.8.in:19
#, no-wrap
msgid "CONFIGURATION"
msgstr ""
msgstr ""
#. type: SH
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:61 helpers/basic_auth/LDAP/basic_ldap_auth.8:288 helpers/basic_auth/NCSA/basic_ncsa_auth.8:30 helpers/basic_auth/PAM/basic_pam_auth.8:80 helpers/basic_auth/RADIUS/basic_radius_auth.8:85 helpers/external_acl/ldap_group/squid_ldap_group.8:232 helpers/external_acl/session/squid_session.8:63 helpers/external_acl/unix_group/squid_unix_group.8:62 src/squid.8.in:216 tools/cachemgr.cgi.8.in:51 tools/squidclient.1:163
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:61 helpers/basic_auth/LDAP/basic_ldap_auth.8:288 helpers/basic_auth/NCSA/basic_ncsa_auth.8:30 helpers/basic_auth/PAM/basic_pam_auth.8:80 helpers/basic_auth/RADIUS/basic_radius_auth.8:85 helpers/basic_auth/SASL/basic_sasl_auth.8:75 helpers/digest_auth/file/digest_file_auth.8:59 helpers/external_acl/ldap_group/squid_ldap_group.8:232 helpers/external_acl/session/squid_session.8:63 helpers/external_acl/unix_group/squid_unix_group.8:62 src/squid.8.in:216 tools/cachemgr.cgi.8.in:51 tools/squidclient.1:163
#, no-wrap
msgid "AUTHOR"
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:63 helpers/external_acl/ldap_group/squid_ldap_group.8:234 helpers/external_acl/unix_group/squid_unix_group.8:64
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:63 helpers/basic_auth/SASL/basic_sasl_auth.8:77 helpers/digest_auth/file/digest_file_auth.8:61 helpers/external_acl/ldap_group/squid_ldap_group.8:234 helpers/external_acl/unix_group/squid_unix_group.8:64
msgid "This program was written by"
msgstr ""
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:71 helpers/basic_auth/NCSA/basic_ncsa_auth.8:32 helpers/basic_auth/RADIUS/basic_radius_auth.8:93 helpers/external_acl/ldap_group/squid_ldap_group.8:243 helpers/external_acl/unix_group/squid_unix_group.8:67
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:71 helpers/basic_auth/NCSA/basic_ncsa_auth.8:32 helpers/basic_auth/RADIUS/basic_radius_auth.8:93 helpers/basic_auth/SASL/basic_sasl_auth.8:80 helpers/digest_auth/file/digest_file_auth.8:68 helpers/external_acl/ldap_group/squid_ldap_group.8:243 helpers/external_acl/unix_group/squid_unix_group.8:67
msgid "This manual was written by"
msgstr ""
#. type: SH
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:73 helpers/basic_auth/LDAP/basic_ldap_auth.8:296 helpers/basic_auth/NCSA/basic_ncsa_auth.8:37 helpers/basic_auth/PAM/basic_pam_auth.8:84 helpers/basic_auth/RADIUS/basic_radius_auth.8:95 helpers/external_acl/ldap_group/squid_ldap_group.8:245 helpers/external_acl/session/squid_session.8:67 helpers/external_acl/unix_group/squid_unix_group.8:69 src/squid.8.in:226 tools/cachemgr.cgi.8.in:57 tools/squidclient.1:169
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:73 helpers/basic_auth/LDAP/basic_ldap_auth.8:296 helpers/basic_auth/NCSA/basic_ncsa_auth.8:37 helpers/basic_auth/PAM/basic_pam_auth.8:84 helpers/basic_auth/RADIUS/basic_radius_auth.8:95 helpers/basic_auth/SASL/basic_sasl_auth.8:83 helpers/digest_auth/file/digest_file_auth.8:71 helpers/external_acl/ldap_group/squid_ldap_group.8:245 helpers/external_acl/session/squid_session.8:67 helpers/external_acl/unix_group/squid_unix_group.8:69 src/squid.8.in:226 tools/cachemgr.cgi.8.in:57 tools/squidclient.1:169
#, no-wrap
msgid "COPYRIGHT"
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:75 helpers/basic_auth/LDAP/basic_ldap_auth.8:298 helpers/basic_auth/RADIUS/basic_radius_auth.8:97 helpers/external_acl/ldap_group/squid_ldap_group.8:247 helpers/external_acl/session/squid_session.8:69 helpers/external_acl/unix_group/squid_unix_group.8:71
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:75 helpers/basic_auth/LDAP/basic_ldap_auth.8:298 helpers/basic_auth/RADIUS/basic_radius_auth.8:97 helpers/basic_auth/SASL/basic_sasl_auth.8:85 helpers/digest_auth/file/digest_file_auth.8:73 helpers/external_acl/ldap_group/squid_ldap_group.8:247 helpers/external_acl/session/squid_session.8:69 helpers/external_acl/unix_group/squid_unix_group.8:71
msgid "This program and documentation is copyright to the authors named above."
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:77 helpers/basic_auth/LDAP/basic_ldap_auth.8:300 helpers/basic_auth/PAM/basic_pam_auth.8:91 helpers/basic_auth/RADIUS/basic_radius_auth.8:99 helpers/external_acl/ldap_group/squid_ldap_group.8:249 helpers/external_acl/session/squid_session.8:71 helpers/external_acl/unix_group/squid_unix_group.8:73 tools/cachemgr.cgi.8.in:59 tools/squidclient.1:171
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:77 helpers/basic_auth/LDAP/basic_ldap_auth.8:300 helpers/basic_auth/PAM/basic_pam_auth.8:91 helpers/basic_auth/RADIUS/basic_radius_auth.8:99 helpers/basic_auth/SASL/basic_sasl_auth.8:87 helpers/digest_auth/file/digest_file_auth.8:75 helpers/external_acl/ldap_group/squid_ldap_group.8:249 helpers/external_acl/session/squid_session.8:71 helpers/external_acl/unix_group/squid_unix_group.8:73 tools/cachemgr.cgi.8.in:59 tools/squidclient.1:171
msgid ""
"Distributed under the GNU General Public License (GNU GPL) version 2 or "
-"later (GPL2+)."
+"later (GPLv2+)."
msgstr ""
#. type: SH
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:78 helpers/basic_auth/LDAP/basic_ldap_auth.8:301 helpers/basic_auth/NCSA/basic_ncsa_auth.8:50 helpers/basic_auth/PAM/basic_pam_auth.8:92 helpers/basic_auth/RADIUS/basic_radius_auth.8:100 helpers/external_acl/ldap_group/squid_ldap_group.8:250 helpers/external_acl/session/squid_session.8:72 helpers/external_acl/unix_group/squid_unix_group.8:74 src/squid.8.in:243 tools/cachemgr.cgi.8.in:60 tools/squidclient.1:172
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:78 helpers/basic_auth/LDAP/basic_ldap_auth.8:301 helpers/basic_auth/NCSA/basic_ncsa_auth.8:50 helpers/basic_auth/PAM/basic_pam_auth.8:92 helpers/basic_auth/RADIUS/basic_radius_auth.8:100 helpers/basic_auth/SASL/basic_sasl_auth.8:88 helpers/digest_auth/file/digest_file_auth.8:76 helpers/external_acl/ldap_group/squid_ldap_group.8:250 helpers/external_acl/session/squid_session.8:72 helpers/external_acl/unix_group/squid_unix_group.8:74 src/squid.8.in:243 tools/cachemgr.cgi.8.in:60 tools/squidclient.1:172
#, no-wrap
msgid "QUESTIONS"
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:81 helpers/basic_auth/LDAP/basic_ldap_auth.8:304 helpers/basic_auth/NCSA/basic_ncsa_auth.8:53 helpers/basic_auth/PAM/basic_pam_auth.8:95 helpers/basic_auth/RADIUS/basic_radius_auth.8:103 helpers/external_acl/ldap_group/squid_ldap_group.8:253 helpers/external_acl/session/squid_session.8:75 helpers/external_acl/unix_group/squid_unix_group.8:77 src/squid.8.in:246 tools/cachemgr.cgi.8.in:63 tools/squidclient.1:175
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:81 helpers/basic_auth/LDAP/basic_ldap_auth.8:304 helpers/basic_auth/NCSA/basic_ncsa_auth.8:53 helpers/basic_auth/PAM/basic_pam_auth.8:95 helpers/basic_auth/RADIUS/basic_radius_auth.8:103 helpers/basic_auth/SASL/basic_sasl_auth.8:91 helpers/digest_auth/file/digest_file_auth.8:79 helpers/external_acl/ldap_group/squid_ldap_group.8:253 helpers/external_acl/session/squid_session.8:75 helpers/external_acl/unix_group/squid_unix_group.8:77 src/squid.8.in:246 tools/cachemgr.cgi.8.in:63 tools/squidclient.1:175
msgid ""
"Questions on the usage of this program can be sent to the I<Squid Users "
"mailing list>"
msgstr ""
#. type: SH
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:83 helpers/basic_auth/LDAP/basic_ldap_auth.8:309 helpers/basic_auth/NCSA/basic_ncsa_auth.8:55 helpers/basic_auth/PAM/basic_pam_auth.8:97 helpers/basic_auth/RADIUS/basic_radius_auth.8:108 helpers/external_acl/ldap_group/squid_ldap_group.8:258 helpers/external_acl/session/squid_session.8:77 helpers/external_acl/unix_group/squid_unix_group.8:79 src/squid.8.in:248 tools/cachemgr.cgi.8.in:65 tools/squidclient.1:177
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:83 helpers/basic_auth/LDAP/basic_ldap_auth.8:309 helpers/basic_auth/NCSA/basic_ncsa_auth.8:55 helpers/basic_auth/PAM/basic_pam_auth.8:97 helpers/basic_auth/RADIUS/basic_radius_auth.8:108 helpers/basic_auth/SASL/basic_sasl_auth.8:93 helpers/digest_auth/file/digest_file_auth.8:81 helpers/external_acl/ldap_group/squid_ldap_group.8:258 helpers/external_acl/session/squid_session.8:77 helpers/external_acl/unix_group/squid_unix_group.8:79 src/squid.8.in:248 tools/cachemgr.cgi.8.in:65 tools/squidclient.1:177
#, no-wrap
msgid "REPORTING BUGS"
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:85 helpers/basic_auth/LDAP/basic_ldap_auth.8:311 helpers/basic_auth/NCSA/basic_ncsa_auth.8:57 helpers/basic_auth/PAM/basic_pam_auth.8:99 helpers/basic_auth/RADIUS/basic_radius_auth.8:110 helpers/external_acl/ldap_group/squid_ldap_group.8:260 helpers/external_acl/session/squid_session.8:79 helpers/external_acl/unix_group/squid_unix_group.8:81 src/squid.8.in:250 tools/cachemgr.cgi.8.in:67 tools/squidclient.1:179
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:86 helpers/basic_auth/LDAP/basic_ldap_auth.8:312 helpers/basic_auth/NCSA/basic_ncsa_auth.8:58 helpers/basic_auth/PAM/basic_pam_auth.8:100 helpers/basic_auth/RADIUS/basic_radius_auth.8:111 helpers/basic_auth/SASL/basic_sasl_auth.8:96 helpers/digest_auth/file/digest_file_auth.8:84 helpers/external_acl/ldap_group/squid_ldap_group.8:261 helpers/external_acl/session/squid_session.8:80 helpers/external_acl/unix_group/squid_unix_group.8:82 src/squid.8.in:251
+msgid ""
+"Bug reports need to be made in English. See "
+"http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you "
+"need to include with your bug report."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:88 helpers/basic_auth/LDAP/basic_ldap_auth.8:314 helpers/basic_auth/NCSA/basic_ncsa_auth.8:60 helpers/basic_auth/PAM/basic_pam_auth.8:102 helpers/basic_auth/RADIUS/basic_radius_auth.8:113 helpers/basic_auth/SASL/basic_sasl_auth.8:98 helpers/digest_auth/file/digest_file_auth.8:86 helpers/external_acl/ldap_group/squid_ldap_group.8:263 helpers/external_acl/session/squid_session.8:82 helpers/external_acl/unix_group/squid_unix_group.8:84 src/squid.8.in:253 tools/cachemgr.cgi.8.in:69 tools/squidclient.1:181
msgid "Report bugs or bug fixes using http://bugs.squid-cache.org/"
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:88 helpers/basic_auth/LDAP/basic_ldap_auth.8:314 helpers/basic_auth/NCSA/basic_ncsa_auth.8:60 helpers/basic_auth/PAM/basic_pam_auth.8:102 helpers/basic_auth/RADIUS/basic_radius_auth.8:113 helpers/external_acl/ldap_group/squid_ldap_group.8:263 helpers/external_acl/session/squid_session.8:82 helpers/external_acl/unix_group/squid_unix_group.8:84 src/squid.8.in:253 tools/cachemgr.cgi.8.in:70 tools/squidclient.1:182
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:91 helpers/basic_auth/LDAP/basic_ldap_auth.8:317 helpers/basic_auth/NCSA/basic_ncsa_auth.8:63 helpers/basic_auth/PAM/basic_pam_auth.8:105 helpers/basic_auth/RADIUS/basic_radius_auth.8:116 helpers/basic_auth/SASL/basic_sasl_auth.8:101 helpers/digest_auth/file/digest_file_auth.8:89 helpers/external_acl/ldap_group/squid_ldap_group.8:266 helpers/external_acl/session/squid_session.8:85 helpers/external_acl/unix_group/squid_unix_group.8:87 src/squid.8.in:256 tools/cachemgr.cgi.8.in:72 tools/squidclient.1:184
msgid ""
"Report serious security bugs to I<Squid Bugs "
"E<lt>squid-bugs@squid-cache.orgE<gt>>"
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:91 helpers/basic_auth/LDAP/basic_ldap_auth.8:317 helpers/basic_auth/NCSA/basic_ncsa_auth.8:63 helpers/basic_auth/PAM/basic_pam_auth.8:105 helpers/basic_auth/RADIUS/basic_radius_auth.8:116 helpers/external_acl/ldap_group/squid_ldap_group.8:266 helpers/external_acl/session/squid_session.8:85 helpers/external_acl/unix_group/squid_unix_group.8:87 src/squid.8.in:256 tools/cachemgr.cgi.8.in:73 tools/squidclient.1:185
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:94 helpers/basic_auth/LDAP/basic_ldap_auth.8:320 helpers/basic_auth/NCSA/basic_ncsa_auth.8:66 helpers/basic_auth/PAM/basic_pam_auth.8:108 helpers/basic_auth/RADIUS/basic_radius_auth.8:119 helpers/basic_auth/SASL/basic_sasl_auth.8:104 helpers/digest_auth/file/digest_file_auth.8:92 helpers/external_acl/ldap_group/squid_ldap_group.8:269 helpers/external_acl/session/squid_session.8:88 helpers/external_acl/unix_group/squid_unix_group.8:90 src/squid.8.in:259 tools/cachemgr.cgi.8.in:75 tools/squidclient.1:187
msgid "Report ideas for new improvements to the I<Squid Developers mailing list>"
msgstr ""
#. type: SH
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:93 helpers/basic_auth/LDAP/basic_ldap_auth.8:319 helpers/basic_auth/NCSA/basic_ncsa_auth.8:65 helpers/basic_auth/PAM/basic_pam_auth.8:107 helpers/basic_auth/RADIUS/basic_radius_auth.8:118 helpers/external_acl/ldap_group/squid_ldap_group.8:268 helpers/external_acl/session/squid_session.8:87 helpers/external_acl/unix_group/squid_unix_group.8:92 src/squid.8.in:258 tools/cachemgr.cgi.8.in:75 tools/squidclient.1:187
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:96 helpers/basic_auth/LDAP/basic_ldap_auth.8:322 helpers/basic_auth/NCSA/basic_ncsa_auth.8:68 helpers/basic_auth/PAM/basic_pam_auth.8:110 helpers/basic_auth/RADIUS/basic_radius_auth.8:121 helpers/basic_auth/SASL/basic_sasl_auth.8:106 helpers/digest_auth/file/digest_file_auth.8:94 helpers/external_acl/ldap_group/squid_ldap_group.8:271 helpers/external_acl/session/squid_session.8:90 helpers/external_acl/unix_group/squid_unix_group.8:95 src/squid.8.in:261 tools/cachemgr.cgi.8.in:77 tools/squidclient.1:189
#, no-wrap
msgid "SEE ALSO"
msgstr ""
msgstr ""
#. type: SH
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:62 helpers/basic_auth/NCSA/basic_ncsa_auth.8:20 helpers/basic_auth/PAM/basic_pam_auth.8:21 helpers/basic_auth/RADIUS/basic_radius_auth.8:31 helpers/external_acl/ldap_group/squid_ldap_group.8:49 helpers/external_acl/session/squid_session.8:26 helpers/external_acl/unix_group/squid_unix_group.8:19 src/squid.8.in:59 tools/squidclient.1:56
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:62 helpers/basic_auth/NCSA/basic_ncsa_auth.8:20 helpers/basic_auth/PAM/basic_pam_auth.8:21 helpers/basic_auth/RADIUS/basic_radius_auth.8:31 helpers/digest_auth/file/digest_file_auth.8:20 helpers/external_acl/ldap_group/squid_ldap_group.8:49 helpers/external_acl/session/squid_session.8:26 helpers/external_acl/unix_group/squid_unix_group.8:19 src/squid.8.in:59 tools/squidclient.1:56
#, no-wrap
msgid "OPTIONS"
msgstr ""
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:324
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:327
msgid "Your favorite LDAP documentation."
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:325 helpers/external_acl/ldap_group/squid_ldap_group.8:275
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:328 helpers/external_acl/ldap_group/squid_ldap_group.8:278
msgid "B<RFC2254> - The String Representation of LDAP Search Filters,"
msgstr ""
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/PAM/basic_pam_auth.8:114
+#: helpers/basic_auth/PAM/basic_pam_auth.8:117
msgid "PAM Systems Administrator Guide"
msgstr ""
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/RADIUS/basic_radius_auth.8:121
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:124
msgid "B<RFC2058> - Remote Authentication Dial In User Service (RADIUS)"
msgstr ""
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:7
+msgid ""
+"Basic Authentication using SASL (specifically the cyrus-sasl authentication "
+"method)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:9 helpers/digest_auth/file/digest_file_auth.8:9 helpers/external_acl/session/squid_session.8:9
+msgid "Version 1.0"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:18
+msgid ""
+"B<basic_sasl_auth> is an installed binary helper for Squid. SASL is "
+"configurable (somewhat like PAM). Each service authenticating against SASL "
+"identifies itself with an application name. Each application can be "
+"configured independently by the SASL administrator."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:24
+msgid ""
+"To configure the authentication method used the file B<basic_sasl_auth.conf> "
+"can be placed in the appropriate location, usually B</usr/lib/sasl.>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:31
+msgid ""
+"The authentication database is defined by the B<pwcheck_method> parameter. "
+"Only the B<PLAIN> authentication mechanism is used."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:33
+msgid "Examples:"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:36
+msgid "use sasldb - the default if no conf file is installed."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:38
+#, no-wrap
+msgid " - use PAM authentication database\n"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:41
+#, no-wrap
+msgid ""
+" - use traditional \n"
+"B</etc/passwd>\n"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:43
+#, no-wrap
+msgid " - use slightly less traditional /etc/shadow\n"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:46
+msgid ""
+"Others methods may be supported by your cyrus-sasl implementation - consult "
+"your cyrus-sasl documentation for information."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:59
+msgid ""
+"Typically the authentication database ( B</etc/sasldb> , B</etc/shadow> , "
+"B<PAM> ) can not be accessed by a normal user. You should use setuid/setgid "
+"and an appropriate user/group on the executable to allow the authenticator "
+"to access the appropriate password database. If the access to the database "
+"is not permitted then the authenticator will typically fail with \"-1, "
+"generic error\"."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:74
+msgid ""
+"If the application name B<basic_sasl_auth> will also be used for the PAM "
+"service name if B<pwcheck_method:pam> is chosen. And example PAM "
+"configuration file B<basic_sasl_auth.pam> is also included."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:116 helpers/digest_auth/file/digest_file_auth.8:98 src/squid.8.in:271
+msgid "The Squid FAQ wiki"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:119 helpers/digest_auth/file/digest_file_auth.8:101 src/squid.8.in:274
+msgid "The Squid Configuration Manual"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:7
+msgid "File based digest authentication helper for Squid."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:14 tools/squidclient.1:30
+msgid "file"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:19
+msgid ""
+"B<digest_file_auth> is an installed binary authentication program for "
+"Squid. It handles digest authentication protocol and authenticates against a "
+"text file backend."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:24
+msgid "Accept digest hashed passwords rather than plaintext in the password file"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:28
+msgid "Username database file format:"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:28
+#, no-wrap
+msgid "- comment lines are possible and should start with a '#';"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:31
+#, no-wrap
+msgid "- empty or blank lines are possible;"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:34
+#, no-wrap
+msgid "- plaintext entry format is username:password"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:37
+#, no-wrap
+msgid "- HA1 entry format is username:realm:HA1"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:50
+msgid ""
+"To build a directory integrated backend, you need to be able to calculate "
+"the HA1 returned to squid. To avoid storing a plaintext password you can "
+"calculate B<MD5(username:realm:password)> when the user changes their "
+"password, and store the tuple B<username:realm:HA1.> then find the matching "
+"B<username:realm> when squid asks for the HA1."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:58
+msgid ""
+"This implementation could be improved by using such a triple for the file "
+"format. However storing such a triple does little to improve security: If "
+"compromised the B<username:realm:HA1> combination is \"plaintext "
+"equivalent\" - for the purposes of digest authentication they allow the user "
+"access. Password syncronisation is not tackled by digest - just preventing "
+"on the wire compromise."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:64
+msgid "Based on prior work by"
+msgstr ""
+
#. type: Plain text
#: helpers/external_acl/ldap_group/squid_ldap_group.8:7
msgid "Squid LDAP external acl group helper"
msgstr ""
#. type: Plain text
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:274
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:277
msgid "Your favorite LDAP documentation"
msgstr ""
msgid "Squid session tracking external acl group helper."
msgstr ""
-#. type: Plain text
-#: helpers/external_acl/session/squid_session.8:9
-msgid "Version 1.0"
-msgstr ""
-
#. type: Plain text
#: helpers/external_acl/session/squid_session.8:16
msgid "database"
msgstr ""
#. type: Plain text
-#: helpers/external_acl/unix_group/squid_unix_group.8:90
+#: helpers/external_acl/unix_group/squid_unix_group.8:93
msgid "Additionally bugs or bug-fixes can be reported to"
msgstr ""
"contributions."
msgstr ""
-#. type: Plain text
-#: src/squid.8.in:268
-msgid "The Squid FAQ wiki"
-msgstr ""
-
-#. type: Plain text
-#: src/squid.8.in:271
-msgid "The Squid Configuration Manual"
-msgstr ""
-
#. type: Plain text
#: tools/cachemgr.cgi.8.in:7
msgid "Squid HTTP proxy manager CGI web interface"
"Foundation."
msgstr ""
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:67 tools/squidclient.1:179
+msgid ""
+"See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what "
+"you need to include with your bug report."
+msgstr ""
+
#. type: Plain text
#: tools/squidclient.1:7
msgid "A simple HTTP web client tool"
msgid "method"
msgstr ""
-#. type: Plain text
-#: tools/squidclient.1:30
-msgid "file"
-msgstr ""
-
#. type: Plain text
#: tools/squidclient.1:36 tools/squidclient.1:38
msgid "user"
--- /dev/null
+# SOME DESCRIPTIVE TITLE
+# Copyright (C) YEAR Free Software Foundation, Inc.
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: Squid-3\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2010-03-20 00:25+1400\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=CHARSET\n"
+"Content-Transfer-Encoding: ENCODING\n"
+"X-Generator: Translate Toolkit 1.5.3\n"
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:3 helpers/basic_auth/LDAP/basic_ldap_auth.8:3 helpers/basic_auth/NCSA/basic_ncsa_auth.8:3 helpers/basic_auth/PAM/basic_pam_auth.8:3 helpers/basic_auth/RADIUS/basic_radius_auth.8:3 helpers/external_acl/ldap_group/squid_ldap_group.8:3 helpers/external_acl/session/squid_session.8:3 helpers/external_acl/unix_group/squid_unix_group.8:3 src/squid.8.in:3 tools/cachemgr.cgi.8.in:3 tools/squidclient.1:3
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:3
+#: helpers/digest_auth/file/digest_file_auth.8:3
+#, no-wrap
+msgid "NAME"
+msgstr "NOM"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:7
+msgid "Local Users auth helper for Squid"
+msgstr ""
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:8 helpers/basic_auth/LDAP/basic_ldap_auth.8:8 helpers/basic_auth/NCSA/basic_ncsa_auth.8:8 helpers/basic_auth/PAM/basic_pam_auth.8:8 helpers/basic_auth/RADIUS/basic_radius_auth.8:8 helpers/external_acl/ldap_group/squid_ldap_group.8:10 helpers/external_acl/session/squid_session.8:10 helpers/external_acl/unix_group/squid_unix_group.8:8 src/squid.8.in:8 tools/cachemgr.cgi.8.in:8 tools/squidclient.1:8
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:10
+#: helpers/digest_auth/file/digest_file_auth.8:10
+#, no-wrap
+msgid "SYNOPSIS"
+msgstr "SINÒPSIS"
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:11 helpers/basic_auth/LDAP/basic_ldap_auth.8:39 helpers/basic_auth/NCSA/basic_ncsa_auth.8:12 helpers/basic_auth/PAM/basic_pam_auth.8:15 helpers/basic_auth/RADIUS/basic_radius_auth.8:26 helpers/external_acl/ldap_group/squid_ldap_group.8:26 helpers/external_acl/session/squid_session.8:18 helpers/external_acl/unix_group/squid_unix_group.8:15 src/squid.8.in:25 tools/cachemgr.cgi.8.in:11 tools/squidclient.1:47
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:13
+#: helpers/digest_auth/file/digest_file_auth.8:15
+#, no-wrap
+msgid "DESCRIPTION"
+msgstr "DESCRIPCION"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:15
+msgid ""
+"B<basic_getpwnam_auth> allows Squid to authenticate any local user accounts "
+"to validate the user name and password of Basic HTTP authentication."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:21
+msgid "It uses B<getpwnam()> and B<getspnam()> routines for authentication."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:23
+msgid "This has the following advantages over the NCSA module:"
+msgstr ""
+
+#. type: TP
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:23
+#, no-wrap
+msgid "Allows authentication of all known local users"
+msgstr ""
+
+#. type: TP
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:25
+#, no-wrap
+msgid "Allows authentication through nsswitch.conf"
+msgstr ""
+
+#. type: TP
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:27
+#, no-wrap
+msgid "Can handle NIS(+) requests"
+msgstr ""
+
+#. type: TP
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:29
+#, no-wrap
+msgid "Can handle LDAP requests"
+msgstr ""
+
+#. type: TP
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:31
+#, no-wrap
+msgid "Can handle PAM requests"
+msgstr ""
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:34 helpers/basic_auth/LDAP/basic_ldap_auth.8:242 helpers/basic_auth/NCSA/basic_ncsa_auth.8:24 helpers/basic_auth/PAM/basic_pam_auth.8:41 helpers/basic_auth/RADIUS/basic_radius_auth.8:61 helpers/external_acl/ldap_group/squid_ldap_group.8:209 helpers/external_acl/session/squid_session.8:50 helpers/external_acl/unix_group/squid_unix_group.8:33 tools/cachemgr.cgi.8.in:19
+#, no-wrap
+msgid "CONFIGURATION"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:47
+msgid ""
+"When used for authenticating to local UNIX shadow password databases the "
+"program must be running as root or else it won't have sufficient permissions "
+"to access the user password database. Such use of this program is not "
+"recommended, but if you absolutely need to then make the program B<setuid> "
+"B<root>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:60 helpers/basic_auth/PAM/basic_pam_auth.8:79
+msgid ""
+"Please note that in such configurations it is also strongly recommended that "
+"the program is moved into a directory where normal users cannot access it, "
+"as this mode of operation will allow any local user to brute-force other "
+"users passwords. Also note the program has not been fully audited and the "
+"author cannot be held responsible for any security issues due to such "
+"installations."
+msgstr ""
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:61 helpers/basic_auth/LDAP/basic_ldap_auth.8:288 helpers/basic_auth/NCSA/basic_ncsa_auth.8:30 helpers/basic_auth/PAM/basic_pam_auth.8:80 helpers/basic_auth/RADIUS/basic_radius_auth.8:85 helpers/external_acl/ldap_group/squid_ldap_group.8:232 helpers/external_acl/session/squid_session.8:63 helpers/external_acl/unix_group/squid_unix_group.8:62 src/squid.8.in:216 tools/cachemgr.cgi.8.in:51 tools/squidclient.1:163
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:75
+#: helpers/digest_auth/file/digest_file_auth.8:59
+#, no-wrap
+msgid "AUTHOR"
+msgstr "AUTOR"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:63 helpers/external_acl/ldap_group/squid_ldap_group.8:234 helpers/external_acl/unix_group/squid_unix_group.8:64
+msgid "This program was written by"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:68
+msgid "Based on original code by"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:71 helpers/basic_auth/NCSA/basic_ncsa_auth.8:32 helpers/basic_auth/RADIUS/basic_radius_auth.8:93 helpers/external_acl/ldap_group/squid_ldap_group.8:243 helpers/external_acl/unix_group/squid_unix_group.8:67
+msgid "This manual was written by"
+msgstr ""
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:73 helpers/basic_auth/LDAP/basic_ldap_auth.8:296 helpers/basic_auth/NCSA/basic_ncsa_auth.8:37 helpers/basic_auth/PAM/basic_pam_auth.8:84 helpers/basic_auth/RADIUS/basic_radius_auth.8:95 helpers/external_acl/ldap_group/squid_ldap_group.8:245 helpers/external_acl/session/squid_session.8:67 helpers/external_acl/unix_group/squid_unix_group.8:69 src/squid.8.in:226 tools/cachemgr.cgi.8.in:57 tools/squidclient.1:169
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:83
+#: helpers/digest_auth/file/digest_file_auth.8:71
+#, no-wrap
+msgid "COPYRIGHT"
+msgstr "COPYRIGHT"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:75 helpers/basic_auth/LDAP/basic_ldap_auth.8:298 helpers/basic_auth/RADIUS/basic_radius_auth.8:97 helpers/external_acl/ldap_group/squid_ldap_group.8:247 helpers/external_acl/session/squid_session.8:69 helpers/external_acl/unix_group/squid_unix_group.8:71
+msgid "This program and documentation is copyright to the authors named above."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:77 helpers/basic_auth/LDAP/basic_ldap_auth.8:300 helpers/basic_auth/PAM/basic_pam_auth.8:91 helpers/basic_auth/RADIUS/basic_radius_auth.8:99 helpers/external_acl/ldap_group/squid_ldap_group.8:249 helpers/external_acl/session/squid_session.8:71 helpers/external_acl/unix_group/squid_unix_group.8:73 tools/cachemgr.cgi.8.in:59 tools/squidclient.1:171
+msgid ""
+"Distributed under the GNU General Public License (GNU GPL) version 2 or "
+"later (GPLv2+)."
+msgstr ""
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:78 helpers/basic_auth/LDAP/basic_ldap_auth.8:301 helpers/basic_auth/NCSA/basic_ncsa_auth.8:50 helpers/basic_auth/PAM/basic_pam_auth.8:92 helpers/basic_auth/RADIUS/basic_radius_auth.8:100 helpers/external_acl/ldap_group/squid_ldap_group.8:250 helpers/external_acl/session/squid_session.8:72 helpers/external_acl/unix_group/squid_unix_group.8:74 src/squid.8.in:243 tools/cachemgr.cgi.8.in:60 tools/squidclient.1:172
+#, no-wrap
+msgid "QUESTIONS"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:81 helpers/basic_auth/LDAP/basic_ldap_auth.8:304 helpers/basic_auth/NCSA/basic_ncsa_auth.8:53 helpers/basic_auth/PAM/basic_pam_auth.8:95 helpers/basic_auth/RADIUS/basic_radius_auth.8:103 helpers/external_acl/ldap_group/squid_ldap_group.8:253 helpers/external_acl/session/squid_session.8:75 helpers/external_acl/unix_group/squid_unix_group.8:77 src/squid.8.in:246 tools/cachemgr.cgi.8.in:63 tools/squidclient.1:175
+msgid ""
+"Questions on the usage of this program can be sent to the I<Squid Users "
+"mailing list>"
+msgstr ""
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:83 helpers/basic_auth/LDAP/basic_ldap_auth.8:309 helpers/basic_auth/NCSA/basic_ncsa_auth.8:55 helpers/basic_auth/PAM/basic_pam_auth.8:97 helpers/basic_auth/RADIUS/basic_radius_auth.8:108 helpers/external_acl/ldap_group/squid_ldap_group.8:258 helpers/external_acl/session/squid_session.8:77 helpers/external_acl/unix_group/squid_unix_group.8:79 src/squid.8.in:248 tools/cachemgr.cgi.8.in:65 tools/squidclient.1:177
+#, no-wrap
+msgid "REPORTING BUGS"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:86 helpers/basic_auth/LDAP/basic_ldap_auth.8:312 helpers/basic_auth/NCSA/basic_ncsa_auth.8:58 helpers/basic_auth/PAM/basic_pam_auth.8:100 helpers/basic_auth/RADIUS/basic_radius_auth.8:111 helpers/external_acl/ldap_group/squid_ldap_group.8:261 helpers/external_acl/session/squid_session.8:80 helpers/external_acl/unix_group/squid_unix_group.8:82 src/squid.8.in:251
+msgid ""
+"Bug reports need to be made in English. See "
+"http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you "
+"need to include with your bug report."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:88 helpers/basic_auth/LDAP/basic_ldap_auth.8:314 helpers/basic_auth/NCSA/basic_ncsa_auth.8:60 helpers/basic_auth/PAM/basic_pam_auth.8:102 helpers/basic_auth/RADIUS/basic_radius_auth.8:113 helpers/external_acl/ldap_group/squid_ldap_group.8:263 helpers/external_acl/session/squid_session.8:82 helpers/external_acl/unix_group/squid_unix_group.8:84 src/squid.8.in:253 tools/cachemgr.cgi.8.in:69 tools/squidclient.1:181
+msgid "Report bugs or bug fixes using http://bugs.squid-cache.org/"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:91 helpers/basic_auth/LDAP/basic_ldap_auth.8:317 helpers/basic_auth/NCSA/basic_ncsa_auth.8:63 helpers/basic_auth/PAM/basic_pam_auth.8:105 helpers/basic_auth/RADIUS/basic_radius_auth.8:116 helpers/external_acl/ldap_group/squid_ldap_group.8:266 helpers/external_acl/session/squid_session.8:85 helpers/external_acl/unix_group/squid_unix_group.8:87 src/squid.8.in:256 tools/cachemgr.cgi.8.in:72 tools/squidclient.1:184
+msgid ""
+"Report serious security bugs to I<Squid Bugs "
+"E<lt>squid-bugs@squid-cache.orgE<gt>>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:94 helpers/basic_auth/LDAP/basic_ldap_auth.8:320 helpers/basic_auth/NCSA/basic_ncsa_auth.8:66 helpers/basic_auth/PAM/basic_pam_auth.8:108 helpers/basic_auth/RADIUS/basic_radius_auth.8:119 helpers/external_acl/ldap_group/squid_ldap_group.8:269 helpers/external_acl/session/squid_session.8:88 helpers/external_acl/unix_group/squid_unix_group.8:90 src/squid.8.in:259 tools/cachemgr.cgi.8.in:75 tools/squidclient.1:187
+msgid "Report ideas for new improvements to the I<Squid Developers mailing list>"
+msgstr ""
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:96 helpers/basic_auth/LDAP/basic_ldap_auth.8:322 helpers/basic_auth/NCSA/basic_ncsa_auth.8:68 helpers/basic_auth/PAM/basic_pam_auth.8:110 helpers/basic_auth/RADIUS/basic_radius_auth.8:121 helpers/external_acl/ldap_group/squid_ldap_group.8:271 helpers/external_acl/session/squid_session.8:90 helpers/external_acl/unix_group/squid_unix_group.8:95 src/squid.8.in:261 tools/cachemgr.cgi.8.in:77 tools/squidclient.1:189
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:106
+#: helpers/digest_auth/file/digest_file_auth.8:94
+#, no-wrap
+msgid "SEE ALSO"
+msgstr "VEJATZ TANBEN"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:7
+msgid "LDAP authentication helper for Squid"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:12 helpers/basic_auth/LDAP/basic_ldap_auth.8:27 helpers/external_acl/ldap_group/squid_ldap_group.8:14
+msgid "base DN"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:14
+msgid "attribute"
+msgstr "atribut"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:16 helpers/basic_auth/LDAP/basic_ldap_auth.8:31 helpers/external_acl/ldap_group/squid_ldap_group.8:18
+msgid "options"
+msgstr "opcions"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:18 helpers/basic_auth/LDAP/basic_ldap_auth.8:33
+msgid "LDAP server name"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:20 helpers/basic_auth/LDAP/basic_ldap_auth.8:35 helpers/basic_auth/RADIUS/basic_radius_auth.8:18 helpers/external_acl/ldap_group/squid_ldap_group.8:22 src/squid.8.in:17 tools/squidclient.1:28
+msgid "port"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:22 helpers/basic_auth/LDAP/basic_ldap_auth.8:37 helpers/external_acl/ldap_group/squid_ldap_group.8:24
+msgid "URI"
+msgstr "URI"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:29 helpers/external_acl/ldap_group/squid_ldap_group.8:16
+msgid "LDAP search filter"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:47
+msgid ""
+"B<basic_ldap_auth> allows Squid to connect to a LDAP directory to validate "
+"the user name and password of Basic HTTP authentication. LDAP options are "
+"specified as parameters on the command line, while the username(s) and "
+"password(s) to be checked against the LDAP directory are specified on "
+"subsequent lines of input to the helper, one username/password pair per line "
+"separated by a space."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:56
+msgid ""
+"As expected by the basic authentication construct of Squid, after specifying "
+"a username and password followed by a new line, this helper will produce "
+"either B<OK> or B<ERR> on the following line to show if the specified "
+"credentials are correct according to the LDAP directory."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:61
+msgid ""
+"The program has two major modes of operation. In the default mode of "
+"operation the users DN is constructed using the base DN and user "
+"attribute. In the other mode of operation a search filter is used to locate "
+"valid user DN's below the base DN."
+msgstr ""
+
+#. type: SH
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:62 helpers/basic_auth/NCSA/basic_ncsa_auth.8:20 helpers/basic_auth/PAM/basic_pam_auth.8:21 helpers/basic_auth/RADIUS/basic_radius_auth.8:31 helpers/external_acl/ldap_group/squid_ldap_group.8:49 helpers/external_acl/session/squid_session.8:26 helpers/external_acl/unix_group/squid_unix_group.8:19 src/squid.8.in:59 tools/squidclient.1:56
+#: helpers/digest_auth/file/digest_file_auth.8:20
+#, no-wrap
+msgid "OPTIONS"
+msgstr "OPCIONS"
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:67
+msgid "B<REQUIRED.> Specifies the base DN under which the users are located."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:75
+msgid ""
+"LDAP search B<filter> to locate the user DN. Required if the users are in a "
+"hierarchy below the base DN, or if the login name is not what builds the "
+"user specific part of the users DN."
+msgstr ""
+
+#. uid\=%s\""
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:82
+msgid ""
+"The search filter can contain up to 15 occurrences of B<%s> which will be "
+"replaced by the username, as in B<\\&\\&> for RFC2037 directories. For a "
+"detailed description of LDAP search filter syntax see RFC2254."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:90
+msgid ""
+"Will crash if other B<%> values than B<%s> are used, or if more than 15 "
+"B<%s> are used."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:99
+msgid ""
+"Specifies the name of the DN attribute that contains the username/login. "
+"Combined with the base DN to construct the users DN when no search filter is "
+"specified ( B<-f> option). Defaults to B<uid>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:108
+msgid ""
+"B<Note:> This can only be done if all your users are located directly under "
+"the same position in the LDAP tree and the login name is used for naming "
+"each user object. If your LDAP tree does not match these criterias or if you "
+"want to filter who are valid users then you need to use a search filter to "
+"search for your users DN ( B<-f> option)."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:118
+msgid ""
+"Use I<ldap_compare> instead of I<ldap_simple_bind> to verify the users "
+"password. B<passwordattr> is the LDAP attribute storing the users password."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:126
+msgid ""
+"Search scope when performing user DN searches specified by the B<-f> "
+"option. Defaults to B<sub>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:130 helpers/external_acl/ldap_group/squid_ldap_group.8:178
+msgid "B<base> object only,"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:133 helpers/external_acl/ldap_group/squid_ldap_group.8:181
+msgid "B<one> level below the base object or"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:136 helpers/external_acl/ldap_group/squid_ldap_group.8:184
+msgid "B<sub>tree below the base object"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:142
+msgid ""
+"The DN and password to bind as while performing searches. Required by the "
+"B<-f> flag if the directory does not allow anonymous searches."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:147
+msgid ""
+"As the password needs to be printed in plain text in your Squid "
+"configuration it is strongly recommended to use a account with minimal "
+"associated privileges. This to limit the damage in case someone could get "
+"hold of a copy of your Squid configuration file."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:152 helpers/external_acl/ldap_group/squid_ldap_group.8:98
+msgid ""
+"The DN and the name of a file containing the password to bind as while "
+"performing searches."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:157 helpers/external_acl/ldap_group/squid_ldap_group.8:103
+msgid ""
+"Less insecure version of the former parameter pair with two advantages: The "
+"password does not occur in the process listing, and the password is not "
+"being compromised if someone gets the squid configuration file without "
+"getting the secretfile."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:165
+msgid ""
+"Use a persistent LDAP connection. Normally the LDAP connection is only open "
+"while validating a username to preserve resources at the LDAP server. This "
+"option causes the LDAP connection to be kept open, allowing it to be reused "
+"for further user validations. Recommended for larger installations."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:178
+msgid ""
+"Only bind once per LDAP connection. Some LDAP servers do not allow "
+"re-binding as another user after a successful I<ldap_bind.> The use of this "
+"option always opens a new connection for each login attempt. If combined "
+"with the B<-P> option for persistent LDAP connection then the connection "
+"used for searching for the user DN is kept persistent but a new connection "
+"is opened to verify each users password once the DN is found."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:182 helpers/external_acl/ldap_group/squid_ldap_group.8:170
+msgid "Do not follow referrals"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:187
+msgid "when to dereference aliases. Defaults to B<never>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:196
+msgid ""
+"B<never> dereference aliases (default), B<always> dereference aliases, only "
+"while B<search ing> or only to B<find> the base object."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:201
+msgid ""
+"Specity the LDAP server to connect to by LDAP URI (requires OpenLDAP "
+"libraries). Servers can also be specified last on the command line."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:206
+msgid ""
+"Specify the LDAP server to connect to. Servers can also be specified last on "
+"the command line."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:212
+msgid ""
+"Specify an alternate TCP port where the ldap server is listening if other "
+"than the default LDAP port 389. Can also be specified within the server "
+"specificiation by using servername:port syntax."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:216 helpers/external_acl/ldap_group/squid_ldap_group.8:204
+msgid "LDAP protocol version. Defaults to 2 if not specified."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:220 helpers/external_acl/ldap_group/squid_ldap_group.8:208
+msgid "Use TLS encryption"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:224 helpers/external_acl/ldap_group/squid_ldap_group.8:107
+msgid "Enable LDAP over SSL (requires Netscape LDAP API libraries)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:231
+msgid ""
+"Specify B<timeout> used when connecting to LDAP servers (requires Netscape "
+"LDAP API libraries)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:235 helpers/external_acl/ldap_group/squid_ldap_group.8:192
+msgid "Specify time limit on LDAP search operations"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:241 helpers/external_acl/ldap_group/squid_ldap_group.8:82
+msgid ""
+"Debug mode where each step taken will get reported in detail. Useful for "
+"understanding what goes wrong if the results is not what is expected."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:246
+msgid ""
+"For directories using the RFC2307 layout with a single domain, all you need "
+"to specify is usually the base DN under where your users are located and the "
+"server name:"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:252
+msgid ""
+"If you have sub-domains then you need to use a search filter approach to "
+"locate your user DNs as these can no longer be constructed direcly from the "
+"base DN and login name alone:"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:257
+msgid ""
+"And similarily if you only want to allow access to users having a specific "
+"attribute"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:266
+msgid ""
+"Or if the user attribute of the user DN is B<cn> instead of B<uid> and you "
+"do not want to have to search for the users then you could use something "
+"like the following example for Active Directory:"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:276
+msgid ""
+"If you want to search for the user DN and your directory does not allow "
+"anonymous searches then you must also use the B<-D> and B<-w> flags to "
+"specify a user DN and password to log in as to perform the searches, as in "
+"the following complex Active Directory example"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:287
+msgid ""
+"B<NOTE:> When constructing search filters it is strongly recommended to test "
+"the filter using B<ldapsearch> before you attempt to use B<basic_ldap_auth.> "
+"This to verify that the filter matches what you expect."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:290 helpers/basic_auth/RADIUS/basic_radius_auth.8:87
+msgid "This program is written by"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:294
+msgid "This manual is written by"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:308
+msgid ""
+"Or to your favorite LDAP list/friend if the question is more related to LDAP "
+"than Squid."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:327
+msgid "Your favorite LDAP documentation."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:328 helpers/external_acl/ldap_group/squid_ldap_group.8:278
+msgid "B<RFC2254> - The String Representation of LDAP Search Filters,"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:7
+msgid "NCSA httpd-style password file authentication helper for Squid"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:11
+msgid "passwd file"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:16
+msgid ""
+"B<basic_ncsa_auth> allows Squid to read and authenticate user and password "
+"information from an NCSA/Apache httpd-style password file when using basic "
+"HTTP authentication."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:19
+msgid "This password file can be manipulated using B<htpasswd.>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:23
+msgid ""
+"The only parameter is the password file. It must have permissions to be "
+"read by the user that Squid is running as."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:29
+msgid "B<basic_ncsa_auth> must have access to the password file to be executed."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:35
+msgid "Based on original documentation by"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:43
+msgid ""
+"This file is distributed in the hope that it will be useful, but WITHOUT ANY "
+"WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS "
+"FOR A PARTICULAR PURPOSE. See the GNU General Public License for more "
+"details."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:48
+msgid ""
+"You should have received a copy of the GNU General Public License along with "
+"this file; if not, write to the Free Software Foundation, Inc., 59 Temple "
+"Place, Suite 330, Boston, MA 02111-1307 USA"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:7
+msgid "Squid PAM Basic authentication helper"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:11
+msgid "service name"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:13
+msgid "TTL"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:20
+msgid ""
+"B<basic_pam_auth> allows Squid to connect to a mostly any available PAM "
+"database to validate the user name and password of Basic HTTP "
+"authentication."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:26
+msgid "Specifies the PAM service name Squid uses, defaults to B<squid>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:35
+msgid ""
+"Enables persistent PAM connections where the connection to the PAM database "
+"is kept open and reused for new logins. The TTL specifies how long the "
+"connection will be kept open (in seconds). Default is to not keep PAM "
+"connections open. Please note that the use of persistent PAM connections is "
+"slightly outside the PAM specification and may not work with all PAM "
+"configurations."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:40
+msgid "Do not perform the PAM account management group (account expiration etc)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:46
+msgid ""
+"The program needs a PAM service to be configured in B</etc/pam.conf> or "
+"B</etc/pam.d/squid>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:54
+msgid ""
+"The default service name is B<squid> , and the program makes use of the "
+"B<auth> and B<account> management groups to verify the password and the "
+"accounts validity."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:58
+msgid ""
+"For details on how to configure PAM services, see the PAM documentation for "
+"your system. This manual does not cover PAM configuration details."
+msgstr ""
+
+#. type: SH
+#: helpers/basic_auth/PAM/basic_pam_auth.8:59
+#, no-wrap
+msgid "NOTES"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:66
+msgid ""
+"When used for authenticating to local UNIX shadow password databases the "
+"program must be running as root or else it won't have sufficient permissions "
+"to access the user password database. Such use of this program is not "
+"recommended, but if you absolutely need to then make the program setuid root"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:82 helpers/external_acl/session/squid_session.8:65
+msgid "This program and documentation was written by"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:88
+msgid "Squid B<basic_pam_auth> and this manual is Copyright 1999,2002,2003"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:117
+msgid "PAM Systems Administrator Guide"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:7
+msgid "Squid RADIUS authentication helper"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:12
+msgid "config file"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:16
+msgid "server name"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:20
+msgid "identifier"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:22
+msgid "secret"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:24 helpers/external_acl/session/squid_session.8:14 tools/squidclient.1:34
+msgid "timeout"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:30
+msgid ""
+"B<basic_radius_auth> allows Squid to connect to a RADIUS server to validate "
+"the user name and password of Basic HTTP authentication."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:36
+msgid ""
+"Specifies the path to a configuration file. See the CONFIGURATION section "
+"for details on the file content."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:40
+msgid "Alternative method of specifying the server to connect to"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:45
+msgid ""
+"Specify another server port where the RADIUS server listens for requests if "
+"different from the default RADIUS port. Normally not specified."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:50
+msgid ""
+"Unique identifier identifying this Squid proxy to the RADIUS server. If not "
+"specified the IP address is used to identify the proxy."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:56
+msgid ""
+"Alternative method of specifying the shared secret. Using the B<-f> option "
+"with a configuration file is generally more secure and recommended."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:60
+msgid "RADIUS request timeout. Default is 10 seconds."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:67
+msgid ""
+"The configuration specifies how the helper connects to RADIUS. The file "
+"contains a list of directives (one per line). Lines beginning with a B<#> "
+"are ignored."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:71
+msgid "specifies the name or address of the RADIUS server to connect to."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:75
+msgid "specifies the shared RADIUS secret."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:80
+msgid ""
+"specifies what name the proxy should use to identify itself to the RADIUS "
+"server. This directive is optional."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:84
+msgid "Specifies the port number or service name where the helper should connect."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:91
+msgid "With contributions from many others."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:107
+msgid ""
+"Or contact your favorite RADIUS list/friend if the question is more related "
+"to RADIUS than Squid."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:124
+msgid "B<RFC2058> - Remote Authentication Dial In User Service (RADIUS)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:7
+msgid "Squid LDAP external acl group helper"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:9
+msgid "Version 2.17"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:20
+msgid "ldap_server_name"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:33
+msgid ""
+"B<squid_ldap_group> allows Squid to connect to a LDAP directory to authorize "
+"users via LDAP groups. LDAP options are specified as parameters on the "
+"command line, while the username(s) and group(s) to be checked against the "
+"LDAP directory are specified on subsequent lines of input to the helper, one "
+"username/group pair per line separated by a space."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:44
+msgid ""
+"As expected by the B<external_acl_type> construct of Squid, after specifying "
+"a username and group followed by a new line, this helper will produce either "
+"B<OK> or B<ERR> on the following line to show if the user is a member of the "
+"specified group."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:48
+msgid ""
+"The program operates by searching with a search filter based on the users "
+"user name and requested group, and if a match is found it is determined that "
+"the user belongs to the group."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:53
+msgid "When to dereference aliases. Defaults to 'never'"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:62
+msgid ""
+"B<never> dereference aliases (default), B<always> dereference aliases, only "
+"while B<search>ing or only to B<find> the base object"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:67
+msgid "B<REQUIRED.> Specifies the base DN under which the groups are located."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:71
+msgid "Specifies the base DN under which the users are located (if different)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:76
+msgid ""
+"Specify timeout used when connecting to LDAP servers (requires Netscape LDAP "
+"API libraries)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:87
+msgid ""
+"The DN and password to bind as while performing searches. Required if the "
+"directory does not allow anonymous searches."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:93
+msgid ""
+"As the password needs to be printed in plain text in your Squid "
+"configuration and will be sent on the command line to the helper it is "
+"strongly recommended to use a account with minimal associated privileges. "
+"This to limit the damage in case someone could get hold of a copy of your "
+"Squid configuration file or extracts the password used from a process "
+"listing."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:123
+msgid ""
+"LDAP search filter used to search the LDAP directory for any matching group "
+"memberships. In the filter B<%u> will be replaced by the user name (or DN "
+"if the B<-F> or B<-u> options are used) and B<%g> by the requested group "
+"name."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:135
+msgid ""
+"LDAP search filter used to search the LDAP directory for any matching "
+"users. In the filter B<%s> will be replaced by the user name. If B<%> is to "
+"be included literally in the filter then use B<%%>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:141
+msgid ""
+"Specifies that the first query argument sent to the helper by Squid is a "
+"extension to the basedn and will be temporarily added in front of the global "
+"basedn for this query."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:145
+msgid "Specify the LDAP server to connect to"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:149
+msgid ""
+"Specity the LDAP server to connect to by a LDAP URI (requires OpenLDAP "
+"libraries)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:153
+msgid "Strip Kerberos Realm component from user names (@ separated)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:158
+msgid ""
+"Specify an alternate TCP port where the ldap server is listening if other "
+"than the default LDAP port 389."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:166
+msgid ""
+"Use a persistent LDAP connection. Normally the LDAP connection is only open "
+"while verifying a users group membership to preserve resources at the LDAP "
+"server. This option causes the LDAP connection to be kept open, allowing it "
+"to be reused for further user validations. Recommended for larger "
+"installations."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:175
+msgid "search scope. Defaults to B<sub>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:188 helpers/external_acl/unix_group/squid_unix_group.8:32
+msgid "Strip NT domain name component from user names (/ or \\e separated)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:200
+msgid ""
+"LDAP attribute used to construct the user DN from the user name and base dn "
+"without needing to search for the user. A maximum of 16 occurrences of "
+"B<%s> are supported."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:214
+msgid ""
+"This helper is intended to be used as an B<external_acl_type> helper in "
+"B<squid.conf.>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:231
+msgid ""
+"B<NOTE:> When constructing search filters it is recommended to first test "
+"the filter using B<ldapsearch> to verify that the filter matches what you "
+"expect before you attempt to use B<squid_ldap_group>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:240
+msgid "Based on prior work in B<squid_ldap_auth> by"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:257
+msgid ""
+"Or contact your favorite LDAP list/friend if the question is more related to "
+"LDAP than Squid."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:277
+msgid "Your favorite LDAP documentation"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:7
+msgid "Squid session tracking external acl group helper."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:9
+msgid "Version 1.0"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:16
+msgid "database"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:23
+msgid ""
+"B<squid_session> maintains a concept of sessions by monitoring requests and "
+"timing out sessions if no requests have been seen for the idle timeout "
+"timer."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:25
+msgid "Intended use is for displaying \"terms of use\" pages, ad popups etc."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:31
+msgid "B<Timeout> for any session. If not specified the default is 3600 seconds."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:38
+msgid ""
+"B<Path> to persistent database. If not specified the session details will be "
+"kept in memory only and all sessions will reset each time Squid restarts "
+"it's helpers (Squid restart or rotation of logs)."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:46
+msgid ""
+"Active mode. In this mode sessions are started by evaluating an acl with the "
+"argument B<LOGIN> , or terminated by the argument B<LOGOUT>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:49
+msgid ""
+"Without this flag the helper automatically starts the session after the "
+"first request."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:53
+msgid "Configuration example using the default automatic mode"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:62
+msgid ""
+"Then set up http://your.server.example.com/bannerpage to display a session "
+"startup page and then redirect the user back to the requested URL given in "
+"the url query parameter."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:7
+msgid "Squid UNIX Group helper"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:11 helpers/external_acl/unix_group/squid_unix_group.8:13
+msgid "group"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:18
+msgid ""
+"B<squid_unix_group> allows Squid to base access controls on users "
+"memberships in UNIX groups."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:23
+msgid "Specifies a group name to match."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:28
+msgid "Also match the users primary group from B</etc/passwd>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:46
+msgid ""
+"This B<squid.conf> example defines two Squid acls. I<usergroup1> matches "
+"users in I<group1> , and I<usergroup2> matches users in I<group2> or "
+"I<group3>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:56
+msgid ""
+"By default up to 11 groups can be matched in one acl (including commandline "
+"specified groups). This limit is defined by B<MAX_GROUPS> in the source "
+"code."
+msgstr ""
+
+#. type: SH
+#: helpers/external_acl/unix_group/squid_unix_group.8:57
+#, no-wrap
+msgid "KNOWN ISSUES"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:61
+msgid ""
+"Does not understand GID aliased groups sometimes used to work around groups "
+"size limitations. If you are using GID aliased groups then you must specify "
+"each alias by name."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:93
+msgid "Additionally bugs or bug-fixes can be reported to"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:7
+msgid "HTTP web proxy caching server"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:13
+msgid "facility"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:15
+msgid "config-file"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:19
+msgid "signal"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:21
+msgid "service-name"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:23
+msgid "command-line"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:32
+msgid ""
+"B<squid> is a high-performance proxy caching server for web clients, "
+"supporting FTP, gopher, ICAP, ICP, HTCP and HTTP data objects. Unlike "
+"traditional caching software, Squid handles all requests in a single, "
+"non-blocking process."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:36
+msgid ""
+"Squid keeps meta data and especially hot objects cached in RAM, caches DNS "
+"lookups, supports non-blocking DNS lookups, and implements negative caching "
+"of failed requests."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:41
+msgid ""
+"Squid supports SSL, extensive access controls, and full request logging. By "
+"using the lightweight Internet Cache Protocols ICP, HTCP or CARP, Squid "
+"caches can be arranged in a hierarchy or mesh for additional bandwidth "
+"savings."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:49
+msgid ""
+"Squid consists of a main server program B<squid> , some optional programs "
+"for custom processing and authentication, and some management and client "
+"tools. When squid starts up, it spawns a configurable number of helper "
+"processes, each of which can perform parallel lookups. This reduces the "
+"amount of time the cache waits for results."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:51
+msgid "Squid is derived from the ARPA-funded Harvest Project."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:57
+msgid ""
+"This manual page only lists the command line arguments. For details on how "
+"to configure Squid see the file B<@SYSCONFDIR@/squid.conf.documented,> the "
+"Squid wiki FAQ and examples at http://wiki.squid-cache.org/ , or the "
+"configuration manual on the Squid home page"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:66
+msgid ""
+"Specify HTTP port number where Squid should listen for requests, in addition "
+"to any B<http_port> specifications in B<squid.conf>"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:70
+msgid "Do not catch fatal signals."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:74
+msgid "Write debugging to stderr also."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:86
+msgid ""
+"Use the given config-file instead of B<@SYSCONFDIR@/squid.conf .> If the "
+"file name starts with a B<!> or B<|> then it is assumed to be an external "
+"command or command line. Can for example be used to pre-process the "
+"configuration before it is being read by Squid. To facilitate this Squid "
+"also understands the common #line notion to indicate the real source file."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:90
+msgid "Don't serve any requests until store is rebuilt."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:94
+msgid "Print help message."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:100
+msgid "Install as a Windows Service (see B<-n> option)."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:107
+msgid ""
+"Parse configuration file, then send signal to running copy (except B<-k "
+"parse> ) and exit."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:112
+msgid "Use specified syslog facility. implies B<-s>"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:117
+msgid ""
+"Specify Windows Service name to use for service operations, default is: "
+"B<Squid>"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:121
+msgid "No daemon mode."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:125
+msgid "Set Windows Service Command line options in Registry."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:131
+msgid "Remove a Windows Service (see B<-n> option)."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:137
+msgid "Do not set B<REUSEADDR> on port."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:142
+msgid "Enable logging to syslog. Also configurable in B<@SYSCONFDIR@/squid.conf>"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:146
+msgid "Double-check swap during rebuild."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:150
+msgid "Specify ICP port number (default: 3130), disable with 0."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:154
+msgid "Print version and build details."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:158
+msgid "Force full debugging."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:166
+msgid "Only return B<UDP_HIT> or B<UDP_MISS_NOFETCH> during fast reload."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:170
+msgid "Create swap directories"
+msgstr ""
+
+#. type: SH
+#: src/squid.8.in:171
+#, no-wrap
+msgid "FILES"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:173
+msgid "Squid configuration files located in @SYSCONFDIR@/:"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:178
+msgid ""
+"The main configuration file. You must initially make changes to this file "
+"for B<squid> to work. For example, the default configuration does not allow "
+"access from any browser."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:182 src/squid.8.in:188
+msgid ""
+"Reference copy of the configuration file. Always kept up to date with the "
+"version of Squid you are using."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:184
+msgid ""
+"Use this to look up the default configuration settings and syntax after "
+"upgrading."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:193
+msgid ""
+"Use this to read the documentation for configuration options available in "
+"your build of Squid. The online configuration manual is also available for a "
+"full reference of options. B<see>http://www.squid-cache.org/Doc/config/"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:198
+msgid "The main configuration file for the web B<cachemgr.cgi> tools."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:201
+msgid "The main configuration file for the Sample MSNT authenticator."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:206
+msgid ""
+"CSS Stylesheet to control the display of generated error pages. Use this to "
+"set any company branding you need, it will apply to every language Squid "
+"provides error pages for."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:209
+msgid "Some files also located elsewhere:"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:212
+msgid "MIME type mappings for FTP gatewaying"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:215
+msgid "Location of Squid error pages and templates."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:218
+msgid ""
+"Squid was written over many years by a changing team of developers and "
+"maintained in turn by"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:225
+msgid ""
+"With contributions from many others in the Squid community. see "
+"CONTRIBUTORS for a full list of individuals who contributed code. see "
+"CREDITS for a list of major code contributing copyright holders."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:233
+msgid ""
+"This software product, SQUID, is developed by a team of individuals, and "
+"copyrighted (C) 2001 by the Regents of the University of California, with "
+"all rights reserved. UCSD administered the NLANR Cache grants, NCR 9616602 "
+"and NCR 9521745 under which most of this code was developed."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:240
+msgid ""
+"This program is free software; you can redistribute it and/or modify it "
+"under the terms of the GNU General Public License (version 2) as published "
+"by the Free Software Foundation. It is distributed in the hope that it will "
+"be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of "
+"MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General "
+"Public License for more details."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:242
+msgid ""
+"see the CREDITS file for further copyright licensing of third-party code "
+"contributions."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:271
+msgid "The Squid FAQ wiki"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:274
+msgid "The Squid Configuration Manual"
+msgstr ""
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:7
+msgid "Squid HTTP proxy manager CGI web interface"
+msgstr ""
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:18
+msgid ""
+"The cache manager ( B<cachemgr.cgi> ) is a CGI utility for displaying "
+"statistics about the Squid HTTP proxy process as it runs. The cache manager "
+"is a convenient way to manage the cache and view statistics without logging "
+"into the server."
+msgstr ""
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:22
+msgid ""
+"Configuration examples for many common web servers can be found in the Squid "
+"FAQ wiki."
+msgstr ""
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:34
+msgid ""
+"The access configuration file defining which Squid servers may be managed "
+"via this B<cachemgr.cgi> program. Each line specifies a B<server>:B<port> "
+"followed by an optional description"
+msgstr ""
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:38
+msgid ""
+"The server name may contain shell wildcard characters such as *, [] etc. A "
+"quick selection dropdown menu is automatically constructed from the simple "
+"server names."
+msgstr ""
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:42
+msgid ""
+"Specifying :port is optional. If not specified then the default proxy port "
+"is assumed. :* or :any matches any port on the target server."
+msgstr ""
+
+#. type: SH
+#: tools/cachemgr.cgi.8.in:43
+#, no-wrap
+msgid "SECURITY"
+msgstr ""
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:50
+msgid ""
+"B<cachemgr.cgi> calls the requested server on the requested port using HTTP "
+"and returns a formatted version of the response. To avoid abuse it is "
+"recommended to configure your web server to restrict access to the "
+"B<cachemgr.cgi> program."
+msgstr ""
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:56 tools/squidclient.1:168
+msgid ""
+"Derived from Harvest. Further developed by by numerous individuals from the "
+"internet community. Development is led by Duane Wessels of the National "
+"Laboratory for Applied Network Research and funded by the National Science "
+"Foundation."
+msgstr ""
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:67 tools/squidclient.1:179
+msgid ""
+"See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what "
+"you need to include with your bug report."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:7
+msgid "A simple HTTP web client tool"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:12 tools/squidclient.1:32
+msgid "count"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:14
+msgid "remote host"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:16
+msgid "string"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:18
+msgid "IMS"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:20
+msgid "ping interval"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:22
+msgid "Host header"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:24
+msgid "local host"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:26
+msgid "method"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:30
+msgid "file"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:36 tools/squidclient.1:38
+msgid "user"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:40
+msgid "version"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:42 tools/squidclient.1:44
+msgid "password"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:46
+msgid "url"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:55
+msgid ""
+"B<squidclient> is a tool providing a command line interface for retrieving "
+"URLs. Designed for testing any HTTP 0.9, 1.0, or 1.1 web server or proxy. "
+"This tool can be combined with scripts to perform any basic HTTP operation. "
+"Some additional features for access to the B<squid> proxy object cache and "
+"management information are provided."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:60
+msgid "Do NOT include Accept: header."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:66
+msgid "Ping mode, perform I<count> iterations (0 to loop until interrupted)."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:71
+msgid "Retrieve URL from cache on hostname. Default is B<localhost>"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:77
+msgid "Extra headers to send. Use B<'\\n'> for new lines."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:81
+msgid "If-Modified-Since time (in Epoch seconds)."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:85
+msgid "Ping interval in seconds (default 1 second)."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:89
+msgid "Host header content"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:93
+msgid "Specify a local IP address to bind to. Default is none."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:108
+#, no-wrap
+msgid ""
+"Request method, default is\n"
+"I<GET.>\n"
+"Squid also supports a non-standard method called\n"
+"I<PURGE.>\n"
+"You can use that to purge a specific URL from the cache.\n"
+"You need to have\n"
+"I<purge>\n"
+"access setup in\n"
+"B<squid.conf>\n"
+"similar to\n"
+"I<manager>\n"
+" access. Here is an example:\n"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:116
+msgid "Port number of cache. Default is 3128."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:120
+msgid "Request body. Using the named file as data."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:124
+msgid "Force cache to reload URL."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:128
+msgid "Silent. Do not print data to stdout."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:134
+msgid "Trace I<count> HTTP relay or proxy hops"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:138
+msgid "Timeout value (seconds) for read/write operations."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:142
+msgid "Proxy authentication username"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:146
+msgid "WWW authentication username"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:150
+msgid "Verbose. Print outgoing message to stderr."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:154
+msgid "HTTP Version. Use '-' for HTTP/0.9 omitted case"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:158
+msgid "Proxy authentication password"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:162
+msgid "WWW authentication password"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:18
+msgid ""
+"B<basic_sasl_auth> is an installed binary helper for Squid. SASL is "
+"configurable (somewhat like PAM). Each service authenticating against SASL "
+"identifies itself with an application name. Each application can be "
+"configured independently by the SASL administrator."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:33
+msgid "Examples:"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:28
+#, no-wrap
+msgid "- comment lines are possible and should start with a '#';"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:46
+msgid ""
+"Others methods may be supported by your cyrus-sasl implementation - consult "
+"your cyrus-sasl documentation for information."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:7
+msgid "File based digest authentication helper for Squid."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:31
+msgid ""
+"The authentication database is defined by the B<pwcheck_method> parameter. "
+"Only the B<PLAIN> authentication mechanism is used."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:59
+msgid ""
+"Typically the authentication database ( B</etc/sasldb> , B</etc/shadow> , "
+"B<PAM> ) can not be accessed by a normal user. You should use setuid/setgid "
+"and an appropriate user/group on the executable to allow the authenticator "
+"to access the appropriate password database. If the access to the database "
+"is not permitted then the authenticator will typically fail with \"-1, "
+"generic error\"."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:19
+msgid ""
+"B<digest_file_auth> is an installed binary authentication program for Squid. "
+"It handles digest authentication protocol and authenticates against a text "
+"file backend."
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:37
+#, no-wrap
+msgid "- HA1 entry format is username:realm:HA1"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:7
+msgid ""
+"Basic Authentication using SASL (specifically the cyrus-sasl authentication "
+"method)"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:34
+#, no-wrap
+msgid "- plaintext entry format is username:password"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:50
+msgid ""
+"To build a directory integrated backend, you need to be able to calculate "
+"the HA1 returned to squid. To avoid storing a plaintext password you can "
+"calculate B<MD5(username:realm:password)> when the user changes their "
+"password, and store the tuple B<username:realm:HA1.> then find the matching "
+"B<username:realm> when squid asks for the HA1."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:24
+msgid ""
+"To configure the authentication method used the file B<basic_sasl_auth.conf> "
+"can be placed in the appropriate location, usually B</usr/lib/sasl.>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:58
+msgid ""
+"This implementation could be improved by using such a triple for the file "
+"format. However storing such a triple does little to improve security: If "
+"compromised the B<username:realm:HA1> combination is \"plaintext "
+"equivalent\" - for the purposes of digest authentication they allow the user "
+"access. Password syncronisation is not tackled by digest - just preventing "
+"on the wire compromise."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:41
+#, no-wrap
+msgid ""
+" - use traditional \n"
+"B</etc/passwd>\n"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:36
+msgid "use sasldb - the default if no conf file is installed."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:43
+#, no-wrap
+msgid " - use slightly less traditional /etc/shadow\n"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:64
+msgid "Based on prior work by"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:38
+#, no-wrap
+msgid " - use PAM authentication database\n"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:28
+msgid "Username database file format:"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:24
+msgid ""
+"Accept digest hashed passwords rather than plaintext in the password file"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:31
+#, no-wrap
+msgid "- empty or blank lines are possible;"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:74
+msgid ""
+"If the application name B<basic_sasl_auth> will also be used for the PAM "
+"service name if B<pwcheck_method:pam> is chosen. And example PAM "
+"configuration file B<basic_sasl_auth.pam> is also included."
+msgstr ""
--- /dev/null
+# SOME DESCRIPTIVE TITLE
+# Copyright (C) YEAR Free Software Foundation, Inc.
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+msgid ""
+msgstr ""
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2010-02-13 00:05+1400\n"
+"PO-Revision-Date: 2010-03-20 16:31+0200\n"
+"Last-Translator: Arthur <arthur@psw.ro>\n"
+"Language-Team: LANGUAGE <LL@li.org>\n"
+"Language: ro\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=3; plural=(n==1 ? 0 : (n==0 || (n%100 > 0 && n%100 < "
+"20)) ? 1 : 2);;\n"
+"X-Generator: Pootle 2.0.1\n"
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:3 helpers/basic_auth/LDAP/basic_ldap_auth.8:3 helpers/basic_auth/NCSA/basic_ncsa_auth.8:3 helpers/basic_auth/PAM/basic_pam_auth.8:3 helpers/basic_auth/RADIUS/basic_radius_auth.8:3 helpers/external_acl/ldap_group/squid_ldap_group.8:3 helpers/external_acl/session/squid_session.8:3 helpers/external_acl/unix_group/squid_unix_group.8:3 src/squid.8.in:3 tools/cachemgr.cgi.8.in:3 tools/squidclient.1:3
+#, no-wrap
+msgid "NAME"
+msgstr "Nume"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:7
+msgid "Local Users auth helper for Squid"
+msgstr ""
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:8 helpers/basic_auth/LDAP/basic_ldap_auth.8:8 helpers/basic_auth/NCSA/basic_ncsa_auth.8:8 helpers/basic_auth/PAM/basic_pam_auth.8:8 helpers/basic_auth/RADIUS/basic_radius_auth.8:8 helpers/external_acl/ldap_group/squid_ldap_group.8:10 helpers/external_acl/session/squid_session.8:10 helpers/external_acl/unix_group/squid_unix_group.8:8 src/squid.8.in:8 tools/cachemgr.cgi.8.in:8 tools/squidclient.1:8
+#, no-wrap
+msgid "SYNOPSIS"
+msgstr ""
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:11 helpers/basic_auth/LDAP/basic_ldap_auth.8:39 helpers/basic_auth/NCSA/basic_ncsa_auth.8:12 helpers/basic_auth/PAM/basic_pam_auth.8:15 helpers/basic_auth/RADIUS/basic_radius_auth.8:26 helpers/external_acl/ldap_group/squid_ldap_group.8:26 helpers/external_acl/session/squid_session.8:18 helpers/external_acl/unix_group/squid_unix_group.8:15 src/squid.8.in:25 tools/cachemgr.cgi.8.in:11 tools/squidclient.1:47
+#, no-wrap
+msgid "DESCRIPTION"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:15
+msgid ""
+"B<basic_getpwnam_auth> allows Squid to authenticate any local user accounts "
+"to validate the user name and password of Basic HTTP authentication."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:21
+msgid "It uses B<getpwnam()> and B<getspnam()> routines for authentication."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:23
+msgid "This has the following advantages over the NCSA module:"
+msgstr ""
+
+#. type: TP
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:23
+#, no-wrap
+msgid "Allows authentication of all known local users"
+msgstr ""
+
+#. type: TP
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:25
+#, no-wrap
+msgid "Allows authentication through nsswitch.conf"
+msgstr ""
+
+#. type: TP
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:27
+#, no-wrap
+msgid "Can handle NIS(+) requests"
+msgstr ""
+
+#. type: TP
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:29
+#, no-wrap
+msgid "Can handle LDAP request"
+msgstr ""
+
+#. type: TP
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:31
+#, no-wrap
+msgid "Can handle PAM request"
+msgstr ""
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:34 helpers/basic_auth/LDAP/basic_ldap_auth.8:242 helpers/basic_auth/NCSA/basic_ncsa_auth.8:24 helpers/basic_auth/PAM/basic_pam_auth.8:41 helpers/basic_auth/RADIUS/basic_radius_auth.8:61 helpers/external_acl/ldap_group/squid_ldap_group.8:209 helpers/external_acl/session/squid_session.8:50 helpers/external_acl/unix_group/squid_unix_group.8:33 tools/cachemgr.cgi.8.in:19
+#, no-wrap
+msgid "CONFIGURATION"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:47
+msgid ""
+"When used for authenticating to local UNIX shadow password databases the "
+"program must be running as root or else it won't have sufficient permissions "
+"to access the user password database. Such use of this program is not "
+"recommended, but if you absolutely need to then make the program B<setuid> "
+"B<root>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:60 helpers/basic_auth/PAM/basic_pam_auth.8:79
+msgid ""
+"Please note that in such configurations it is also strongly recommended that "
+"the program is moved into a directory where normal users cannot access it, "
+"as this mode of operation will allow any local user to brute-force other "
+"users passwords. Also note the program has not been fully audited and the "
+"author cannot be held responsible for any security issues due to such "
+"installations."
+msgstr ""
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:61 helpers/basic_auth/LDAP/basic_ldap_auth.8:288 helpers/basic_auth/NCSA/basic_ncsa_auth.8:30 helpers/basic_auth/PAM/basic_pam_auth.8:80 helpers/basic_auth/RADIUS/basic_radius_auth.8:85 helpers/external_acl/ldap_group/squid_ldap_group.8:232 helpers/external_acl/session/squid_session.8:63 helpers/external_acl/unix_group/squid_unix_group.8:62 src/squid.8.in:216 tools/cachemgr.cgi.8.in:51 tools/squidclient.1:163
+#, no-wrap
+msgid "AUTHOR"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:63 helpers/external_acl/ldap_group/squid_ldap_group.8:234 helpers/external_acl/unix_group/squid_unix_group.8:64
+msgid "This program was written by"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:68
+msgid "Based on original code by"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:71 helpers/basic_auth/NCSA/basic_ncsa_auth.8:32 helpers/basic_auth/RADIUS/basic_radius_auth.8:93 helpers/external_acl/ldap_group/squid_ldap_group.8:243 helpers/external_acl/unix_group/squid_unix_group.8:67
+msgid "This manual was written by"
+msgstr ""
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:73 helpers/basic_auth/LDAP/basic_ldap_auth.8:296 helpers/basic_auth/NCSA/basic_ncsa_auth.8:37 helpers/basic_auth/PAM/basic_pam_auth.8:84 helpers/basic_auth/RADIUS/basic_radius_auth.8:95 helpers/external_acl/ldap_group/squid_ldap_group.8:245 helpers/external_acl/session/squid_session.8:67 helpers/external_acl/unix_group/squid_unix_group.8:69 src/squid.8.in:226 tools/cachemgr.cgi.8.in:57 tools/squidclient.1:169
+#, no-wrap
+msgid "COPYRIGHT"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:75 helpers/basic_auth/LDAP/basic_ldap_auth.8:298 helpers/basic_auth/RADIUS/basic_radius_auth.8:97 helpers/external_acl/ldap_group/squid_ldap_group.8:247 helpers/external_acl/session/squid_session.8:69 helpers/external_acl/unix_group/squid_unix_group.8:71
+msgid "This program and documentation is copyright to the authors named above."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:77 helpers/basic_auth/LDAP/basic_ldap_auth.8:300 helpers/basic_auth/PAM/basic_pam_auth.8:91 helpers/basic_auth/RADIUS/basic_radius_auth.8:99 helpers/external_acl/ldap_group/squid_ldap_group.8:249 helpers/external_acl/session/squid_session.8:71 helpers/external_acl/unix_group/squid_unix_group.8:73 tools/cachemgr.cgi.8.in:59 tools/squidclient.1:171
+msgid ""
+"Distributed under the GNU General Public License (GNU GPL) version 2 or "
+"later (GPL2+)."
+msgstr ""
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:78 helpers/basic_auth/LDAP/basic_ldap_auth.8:301 helpers/basic_auth/NCSA/basic_ncsa_auth.8:50 helpers/basic_auth/PAM/basic_pam_auth.8:92 helpers/basic_auth/RADIUS/basic_radius_auth.8:100 helpers/external_acl/ldap_group/squid_ldap_group.8:250 helpers/external_acl/session/squid_session.8:72 helpers/external_acl/unix_group/squid_unix_group.8:74 src/squid.8.in:243 tools/cachemgr.cgi.8.in:60 tools/squidclient.1:172
+#, no-wrap
+msgid "QUESTIONS"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:81 helpers/basic_auth/LDAP/basic_ldap_auth.8:304 helpers/basic_auth/NCSA/basic_ncsa_auth.8:53 helpers/basic_auth/PAM/basic_pam_auth.8:95 helpers/basic_auth/RADIUS/basic_radius_auth.8:103 helpers/external_acl/ldap_group/squid_ldap_group.8:253 helpers/external_acl/session/squid_session.8:75 helpers/external_acl/unix_group/squid_unix_group.8:77 src/squid.8.in:246 tools/cachemgr.cgi.8.in:63 tools/squidclient.1:175
+msgid ""
+"Questions on the usage of this program can be sent to the I<Squid Users "
+"mailing list>"
+msgstr ""
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:83 helpers/basic_auth/LDAP/basic_ldap_auth.8:309 helpers/basic_auth/NCSA/basic_ncsa_auth.8:55 helpers/basic_auth/PAM/basic_pam_auth.8:97 helpers/basic_auth/RADIUS/basic_radius_auth.8:108 helpers/external_acl/ldap_group/squid_ldap_group.8:258 helpers/external_acl/session/squid_session.8:77 helpers/external_acl/unix_group/squid_unix_group.8:79 src/squid.8.in:248 tools/cachemgr.cgi.8.in:65 tools/squidclient.1:177
+#, no-wrap
+msgid "REPORTING BUGS"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:85 helpers/basic_auth/LDAP/basic_ldap_auth.8:311 helpers/basic_auth/NCSA/basic_ncsa_auth.8:57 helpers/basic_auth/PAM/basic_pam_auth.8:99 helpers/basic_auth/RADIUS/basic_radius_auth.8:110 helpers/external_acl/ldap_group/squid_ldap_group.8:260 helpers/external_acl/session/squid_session.8:79 helpers/external_acl/unix_group/squid_unix_group.8:81 src/squid.8.in:250 tools/cachemgr.cgi.8.in:67 tools/squidclient.1:179
+msgid "Report bugs or bug fixes using http://bugs.squid-cache.org/"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:88 helpers/basic_auth/LDAP/basic_ldap_auth.8:314 helpers/basic_auth/NCSA/basic_ncsa_auth.8:60 helpers/basic_auth/PAM/basic_pam_auth.8:102 helpers/basic_auth/RADIUS/basic_radius_auth.8:113 helpers/external_acl/ldap_group/squid_ldap_group.8:263 helpers/external_acl/session/squid_session.8:82 helpers/external_acl/unix_group/squid_unix_group.8:84 src/squid.8.in:253 tools/cachemgr.cgi.8.in:70 tools/squidclient.1:182
+msgid ""
+"Report serious security bugs to I<Squid Bugs "
+"E<lt>squid-bugs@squid-cache.orgE<gt>>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:91 helpers/basic_auth/LDAP/basic_ldap_auth.8:317 helpers/basic_auth/NCSA/basic_ncsa_auth.8:63 helpers/basic_auth/PAM/basic_pam_auth.8:105 helpers/basic_auth/RADIUS/basic_radius_auth.8:116 helpers/external_acl/ldap_group/squid_ldap_group.8:266 helpers/external_acl/session/squid_session.8:85 helpers/external_acl/unix_group/squid_unix_group.8:87 src/squid.8.in:256 tools/cachemgr.cgi.8.in:73 tools/squidclient.1:185
+msgid "Report ideas for new improvements to the I<Squid Developers mailing list>"
+msgstr ""
+
+#. type: SH
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:93 helpers/basic_auth/LDAP/basic_ldap_auth.8:319 helpers/basic_auth/NCSA/basic_ncsa_auth.8:65 helpers/basic_auth/PAM/basic_pam_auth.8:107 helpers/basic_auth/RADIUS/basic_radius_auth.8:118 helpers/external_acl/ldap_group/squid_ldap_group.8:268 helpers/external_acl/session/squid_session.8:87 helpers/external_acl/unix_group/squid_unix_group.8:92 src/squid.8.in:258 tools/cachemgr.cgi.8.in:75 tools/squidclient.1:187
+#, no-wrap
+msgid "SEE ALSO"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:7
+msgid "LDAP authentication helper for Squid"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:12 helpers/basic_auth/LDAP/basic_ldap_auth.8:27 helpers/external_acl/ldap_group/squid_ldap_group.8:14
+msgid "base DN"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:14
+msgid "attribute"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:16 helpers/basic_auth/LDAP/basic_ldap_auth.8:31 helpers/external_acl/ldap_group/squid_ldap_group.8:18
+msgid "options"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:18 helpers/basic_auth/LDAP/basic_ldap_auth.8:33
+msgid "LDAP server name"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:20 helpers/basic_auth/LDAP/basic_ldap_auth.8:35 helpers/basic_auth/RADIUS/basic_radius_auth.8:18 helpers/external_acl/ldap_group/squid_ldap_group.8:22 src/squid.8.in:17 tools/squidclient.1:28
+msgid "port"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:22 helpers/basic_auth/LDAP/basic_ldap_auth.8:37 helpers/external_acl/ldap_group/squid_ldap_group.8:24
+msgid "URI"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:29 helpers/external_acl/ldap_group/squid_ldap_group.8:16
+msgid "LDAP search filter"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:47
+msgid ""
+"B<basic_ldap_auth> allows Squid to connect to a LDAP directory to validate "
+"the user name and password of Basic HTTP authentication. LDAP options are "
+"specified as parameters on the command line, while the username(s) and "
+"password(s) to be checked against the LDAP directory are specified on "
+"subsequent lines of input to the helper, one username/password pair per line "
+"separated by a space."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:56
+msgid ""
+"As expected by the basic authentication construct of Squid, after specifying "
+"a username and password followed by a new line, this helper will produce "
+"either B<OK> or B<ERR> on the following line to show if the specified "
+"credentials are correct according to the LDAP directory."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:61
+msgid ""
+"The program has two major modes of operation. In the default mode of "
+"operation the users DN is constructed using the base DN and user "
+"attribute. In the other mode of operation a search filter is used to locate "
+"valid user DN's below the base DN."
+msgstr ""
+
+#. type: SH
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:62 helpers/basic_auth/NCSA/basic_ncsa_auth.8:20 helpers/basic_auth/PAM/basic_pam_auth.8:21 helpers/basic_auth/RADIUS/basic_radius_auth.8:31 helpers/external_acl/ldap_group/squid_ldap_group.8:49 helpers/external_acl/session/squid_session.8:26 helpers/external_acl/unix_group/squid_unix_group.8:19 src/squid.8.in:59 tools/squidclient.1:56
+#, no-wrap
+msgid "OPTIONS"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:67
+msgid "B<REQUIRED.> Specifies the base DN under which the users are located."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:75
+msgid ""
+"LDAP search B<filter> to locate the user DN. Required if the users are in a "
+"hierarchy below the base DN, or if the login name is not what builds the "
+"user specific part of the users DN."
+msgstr ""
+
+#. uid\=%s\""
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:82
+msgid ""
+"The search filter can contain up to 15 occurrences of B<%s> which will be "
+"replaced by the username, as in B<\\&\\&> for RFC2037 directories. For a "
+"detailed description of LDAP search filter syntax see RFC2254."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:90
+msgid ""
+"Will crash if other B<%> values than B<%s> are used, or if more than 15 "
+"B<%s> are used."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:99
+msgid ""
+"Specifies the name of the DN attribute that contains the username/login. "
+"Combined with the base DN to construct the users DN when no search filter is "
+"specified ( B<-f> option). Defaults to B<uid>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:108
+msgid ""
+"B<Note:> This can only be done if all your users are located directly under "
+"the same position in the LDAP tree and the login name is used for naming "
+"each user object. If your LDAP tree does not match these criterias or if you "
+"want to filter who are valid users then you need to use a search filter to "
+"search for your users DN ( B<-f> option)."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:118
+msgid ""
+"Use I<ldap_compare> instead of I<ldap_simple_bind> to verify the users "
+"password. B<passwordattr> is the LDAP attribute storing the users password."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:126
+msgid ""
+"Search scope when performing user DN searches specified by the B<-f> "
+"option. Defaults to B<sub>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:130 helpers/external_acl/ldap_group/squid_ldap_group.8:178
+msgid "B<base> object only,"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:133 helpers/external_acl/ldap_group/squid_ldap_group.8:181
+msgid "B<one> level below the base object or"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:136 helpers/external_acl/ldap_group/squid_ldap_group.8:184
+msgid "B<sub>tree below the base object"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:142
+msgid ""
+"The DN and password to bind as while performing searches. Required by the "
+"B<-f> flag if the directory does not allow anonymous searches."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:147
+msgid ""
+"As the password needs to be printed in plain text in your Squid "
+"configuration it is strongly recommended to use a account with minimal "
+"associated privileges. This to limit the damage in case someone could get "
+"hold of a copy of your Squid configuration file."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:152 helpers/external_acl/ldap_group/squid_ldap_group.8:98
+msgid ""
+"The DN and the name of a file containing the password to bind as while "
+"performing searches."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:157 helpers/external_acl/ldap_group/squid_ldap_group.8:103
+msgid ""
+"Less insecure version of the former parameter pair with two advantages: The "
+"password does not occur in the process listing, and the password is not "
+"being compromised if someone gets the squid configuration file without "
+"getting the secretfile."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:165
+msgid ""
+"Use a persistent LDAP connection. Normally the LDAP connection is only open "
+"while validating a username to preserve resources at the LDAP server. This "
+"option causes the LDAP connection to be kept open, allowing it to be reused "
+"for further user validations. Recommended for larger installations."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:178
+msgid ""
+"Only bind once per LDAP connection. Some LDAP servers do not allow "
+"re-binding as another user after a successful I<ldap_bind.> The use of this "
+"option always opens a new connection for each login attempt. If combined "
+"with the B<-P> option for persistent LDAP connection then the connection "
+"used for searching for the user DN is kept persistent but a new connection "
+"is opened to verify each users password once the DN is found."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:182 helpers/external_acl/ldap_group/squid_ldap_group.8:170
+msgid "Do not follow referrals"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:187
+msgid "when to dereference aliases. Defaults to B<never>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:196
+msgid ""
+"B<never> dereference aliases (default), B<always> dereference aliases, only "
+"while B<search ing> or only to B<find> the base object."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:201
+msgid ""
+"Specity the LDAP server to connect to by LDAP URI (requires OpenLDAP "
+"libraries). Servers can also be specified last on the command line."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:206
+msgid ""
+"Specify the LDAP server to connect to. Servers can also be specified last on "
+"the command line."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:212
+msgid ""
+"Specify an alternate TCP port where the ldap server is listening if other "
+"than the default LDAP port 389. Can also be specified within the server "
+"specificiation by using servername:port syntax."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:216 helpers/external_acl/ldap_group/squid_ldap_group.8:204
+msgid "LDAP protocol version. Defaults to 2 if not specified."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:220 helpers/external_acl/ldap_group/squid_ldap_group.8:208
+msgid "Use TLS encryption"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:224 helpers/external_acl/ldap_group/squid_ldap_group.8:107
+msgid "Enable LDAP over SSL (requires Netscape LDAP API libraries)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:231
+msgid ""
+"Specify B<timeout> used when connecting to LDAP servers (requires Netscape "
+"LDAP API libraries)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:235 helpers/external_acl/ldap_group/squid_ldap_group.8:192
+msgid "Specify time limit on LDAP search operations"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:241 helpers/external_acl/ldap_group/squid_ldap_group.8:82
+msgid ""
+"Debug mode where each step taken will get reported in detail. Useful for "
+"understanding what goes wrong if the results is not what is expected."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:246
+msgid ""
+"For directories using the RFC2307 layout with a single domain, all you need "
+"to specify is usually the base DN under where your users are located and the "
+"server name:"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:252
+msgid ""
+"If you have sub-domains then you need to use a search filter approach to "
+"locate your user DNs as these can no longer be constructed direcly from the "
+"base DN and login name alone:"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:257
+msgid ""
+"And similarily if you only want to allow access to users having a specific "
+"attribute"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:266
+msgid ""
+"Or if the user attribute of the user DN is B<cn> instead of B<uid> and you "
+"do not want to have to search for the users then you could use something "
+"like the following example for Active Directory:"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:276
+msgid ""
+"If you want to search for the user DN and your directory does not allow "
+"anonymous searches then you must also use the B<-D> and B<-w> flags to "
+"specify a user DN and password to log in as to perform the searches, as in "
+"the following complex Active Directory example"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:287
+msgid ""
+"B<NOTE:> When constructing search filters it is strongly recommended to test "
+"the filter using B<ldapsearch> before you attempt to use B<basic_ldap_auth.> "
+"This to verify that the filter matches what you expect."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:290 helpers/basic_auth/RADIUS/basic_radius_auth.8:87
+msgid "This program is written by"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:294
+msgid "This manual is written by"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:308
+msgid ""
+"Or to your favorite LDAP list/friend if the question is more related to LDAP "
+"than Squid."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:324
+msgid "Your favorite LDAP documentation."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:325 helpers/external_acl/ldap_group/squid_ldap_group.8:275
+msgid "B<RFC2254> - The String Representation of LDAP Search Filters,"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:7
+msgid "NCSA httpd-style password file authentication helper for Squid"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:11
+msgid "passwd file"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:16
+msgid ""
+"B<basic_ncsa_auth> allows Squid to read and authenticate user and password "
+"information from an NCSA/Apache httpd-style password file when using basic "
+"HTTP authentication."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:19
+msgid "This password file can be manipulated using B<htpasswd.>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:23
+msgid ""
+"The only parameter is the password file. It must have permissions to be "
+"read by the user that Squid is running as."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:29
+msgid "B<basic_ncsa_auth> must have access to the password file to be executed."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:35
+msgid "Based on original documentation by"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:43
+msgid ""
+"This file is distributed in the hope that it will be useful, but WITHOUT ANY "
+"WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS "
+"FOR A PARTICULAR PURPOSE. See the GNU General Public License for more "
+"details."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:48
+msgid ""
+"You should have received a copy of the GNU General Public License along with "
+"this file; if not, write to the Free Software Foundation, Inc., 59 Temple "
+"Place, Suite 330, Boston, MA 02111-1307 USA"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:7
+msgid "Squid PAM Basic authentication helper"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:11
+msgid "service name"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:13
+msgid "TTL"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:20
+msgid ""
+"B<basic_pam_auth> allows Squid to connect to a mostly any available PAM "
+"database to validate the user name and password of Basic HTTP "
+"authentication."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:26
+msgid "Specifies the PAM service name Squid uses, defaults to B<squid>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:35
+msgid ""
+"Enables persistent PAM connections where the connection to the PAM database "
+"is kept open and reused for new logins. The TTL specifies how long the "
+"connection will be kept open (in seconds). Default is to not keep PAM "
+"connections open. Please note that the use of persistent PAM connections is "
+"slightly outside the PAM specification and may not work with all PAM "
+"configurations."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:40
+msgid "Do not perform the PAM account management group (account expiration etc)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:46
+msgid ""
+"The program needs a PAM service to be configured in B</etc/pam.conf> or "
+"B</etc/pam.d/squid>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:54
+msgid ""
+"The default service name is B<squid> , and the program makes use of the "
+"B<auth> and B<account> management groups to verify the password and the "
+"accounts validity."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:58
+msgid ""
+"For details on how to configure PAM services, see the PAM documentation for "
+"your system. This manual does not cover PAM configuration details."
+msgstr ""
+
+#. type: SH
+#: helpers/basic_auth/PAM/basic_pam_auth.8:59
+#, no-wrap
+msgid "NOTES"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:66
+msgid ""
+"When used for authenticating to local UNIX shadow password databases the "
+"program must be running as root or else it won't have sufficient permissions "
+"to access the user password database. Such use of this program is not "
+"recommended, but if you absolutely need to then make the program setuid root"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:82 helpers/external_acl/session/squid_session.8:65
+msgid "This program and documentation was written by"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:88
+msgid "Squid B<basic_pam_auth> and this manual is Copyright 1999,2002,2003"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/PAM/basic_pam_auth.8:114
+msgid "PAM Systems Administrator Guide"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:7
+msgid "Squid RADIUS authentication helper"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:12
+msgid "config file"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:16
+msgid "server name"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:20
+msgid "identifier"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:22
+msgid "secret"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:24 helpers/external_acl/session/squid_session.8:14 tools/squidclient.1:34
+msgid "timeout"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:30
+msgid ""
+"B<basic_radius_auth> allows Squid to connect to a RADIUS server to validate "
+"the user name and password of Basic HTTP authentication."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:36
+msgid ""
+"Specifies the path to a configuration file. See the CONFIGURATION section "
+"for details on the file content."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:40
+msgid "Alternative method of specifying the server to connect to"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:45
+msgid ""
+"Specify another server port where the RADIUS server listens for requests if "
+"different from the default RADIUS port. Normally not specified."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:50
+msgid ""
+"Unique identifier identifying this Squid proxy to the RADIUS server. If not "
+"specified the IP address is used to identify the proxy."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:56
+msgid ""
+"Alternative method of specifying the shared secret. Using the B<-f> option "
+"with a configuration file is generally more secure and recommended."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:60
+msgid "RADIUS request timeout. Default is 10 seconds."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:67
+msgid ""
+"The configuration specifies how the helper connects to RADIUS. The file "
+"contains a list of directives (one per line). Lines beginning with a B<#> "
+"are ignored."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:71
+msgid "specifies the name or address of the RADIUS server to connect to."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:75
+msgid "specifies the shared RADIUS secret."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:80
+msgid ""
+"specifies what name the proxy should use to identify itself to the RADIUS "
+"server. This directive is optional."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:84
+msgid "Specifies the port number or service name where the helper should connect."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:91
+msgid "With contributions from many others."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:107
+msgid ""
+"Or contact your favorite RADIUS list/friend if the question is more related "
+"to RADIUS than Squid."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:121
+msgid "B<RFC2058> - Remote Authentication Dial In User Service (RADIUS)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:7
+msgid "Squid LDAP external acl group helper"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:9
+msgid "Version 2.17"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:20
+msgid "ldap_server_name"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:33
+msgid ""
+"B<squid_ldap_group> allows Squid to connect to a LDAP directory to authorize "
+"users via LDAP groups. LDAP options are specified as parameters on the "
+"command line, while the username(s) and group(s) to be checked against the "
+"LDAP directory are specified on subsequent lines of input to the helper, one "
+"username/group pair per line separated by a space."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:44
+msgid ""
+"As expected by the B<external_acl_type> construct of Squid, after specifying "
+"a username and group followed by a new line, this helper will produce either "
+"B<OK> or B<ERR> on the following line to show if the user is a member of the "
+"specified group."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:48
+msgid ""
+"The program operates by searching with a search filter based on the users "
+"user name and requested group, and if a match is found it is determined that "
+"the user belongs to the group."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:53
+msgid "When to dereference aliases. Defaults to 'never'"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:62
+msgid ""
+"B<never> dereference aliases (default), B<always> dereference aliases, only "
+"while B<search>ing or only to B<find> the base object"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:67
+msgid "B<REQUIRED.> Specifies the base DN under which the groups are located."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:71
+msgid "Specifies the base DN under which the users are located (if different)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:76
+msgid ""
+"Specify timeout used when connecting to LDAP servers (requires Netscape LDAP "
+"API libraries)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:87
+msgid ""
+"The DN and password to bind as while performing searches. Required if the "
+"directory does not allow anonymous searches."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:93
+msgid ""
+"As the password needs to be printed in plain text in your Squid "
+"configuration and will be sent on the command line to the helper it is "
+"strongly recommended to use a account with minimal associated privileges. "
+"This to limit the damage in case someone could get hold of a copy of your "
+"Squid configuration file or extracts the password used from a process "
+"listing."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:123
+msgid ""
+"LDAP search filter used to search the LDAP directory for any matching group "
+"memberships. In the filter B<%u> will be replaced by the user name (or DN "
+"if the B<-F> or B<-u> options are used) and B<%g> by the requested group "
+"name."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:135
+msgid ""
+"LDAP search filter used to search the LDAP directory for any matching "
+"users. In the filter B<%s> will be replaced by the user name. If B<%> is to "
+"be included literally in the filter then use B<%%>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:141
+msgid ""
+"Specifies that the first query argument sent to the helper by Squid is a "
+"extension to the basedn and will be temporarily added in front of the global "
+"basedn for this query."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:145
+msgid "Specify the LDAP server to connect to"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:149
+msgid ""
+"Specity the LDAP server to connect to by a LDAP URI (requires OpenLDAP "
+"libraries)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:153
+msgid "Strip Kerberos Realm component from user names (@ separated)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:158
+msgid ""
+"Specify an alternate TCP port where the ldap server is listening if other "
+"than the default LDAP port 389."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:166
+msgid ""
+"Use a persistent LDAP connection. Normally the LDAP connection is only open "
+"while verifying a users group membership to preserve resources at the LDAP "
+"server. This option causes the LDAP connection to be kept open, allowing it "
+"to be reused for further user validations. Recommended for larger "
+"installations."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:175
+msgid "search scope. Defaults to B<sub>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:188 helpers/external_acl/unix_group/squid_unix_group.8:32
+msgid "Strip NT domain name component from user names (/ or \\e separated)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:200
+msgid ""
+"LDAP attribute used to construct the user DN from the user name and base dn "
+"without needing to search for the user. A maximum of 16 occurrences of "
+"B<%s> are supported."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:214
+msgid ""
+"This helper is intended to be used as an B<external_acl_type> helper in "
+"B<squid.conf.>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:231
+msgid ""
+"B<NOTE:> When constructing search filters it is recommended to first test "
+"the filter using B<ldapsearch> to verify that the filter matches what you "
+"expect before you attempt to use B<squid_ldap_group>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:240
+msgid "Based on prior work in B<squid_ldap_auth> by"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:257
+msgid ""
+"Or contact your favorite LDAP list/friend if the question is more related to "
+"LDAP than Squid."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:274
+msgid "Your favorite LDAP documentation"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:7
+msgid "Squid session tracking external acl group helper."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:9
+msgid "Version 1.0"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:16
+msgid "database"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:23
+msgid ""
+"B<squid_session> maintains a concept of sessions by monitoring requests and "
+"timing out sessions if no requests have been seen for the idle timeout "
+"timer."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:25
+msgid "Intended use is for displaying \"terms of use\" pages, ad popups etc."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:31
+msgid "B<Timeout> for any session. If not specified the default is 3600 seconds."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:38
+msgid ""
+"B<Path> to persistent database. If not specified the session details will be "
+"kept in memory only and all sessions will reset each time Squid restarts "
+"it's helpers (Squid restart or rotation of logs)."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:46
+msgid ""
+"Active mode. In this mode sessions are started by evaluating an acl with the "
+"argument B<LOGIN> , or terminated by the argument B<LOGOUT>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:49
+msgid ""
+"Without this flag the helper automatically starts the session after the "
+"first request."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:53
+msgid "Configuration example using the default automatic mode"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/session/squid_session.8:62
+msgid ""
+"Then set up http://your.server.example.com/bannerpage to display a session "
+"startup page and then redirect the user back to the requested URL given in "
+"the url query parameter."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:7
+msgid "Squid UNIX Group helper"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:11 helpers/external_acl/unix_group/squid_unix_group.8:13
+msgid "group"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:18
+msgid ""
+"B<squid_unix_group> allows Squid to base access controls on users "
+"memberships in UNIX groups."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:23
+msgid "Specifies a group name to match."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:28
+msgid "Also match the users primary group from B</etc/passwd>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:46
+msgid ""
+"This B<squid.conf> example defines two Squid acls. I<usergroup1> matches "
+"users in I<group1> , and I<usergroup2> matches users in I<group2> or "
+"I<group3>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:56
+msgid ""
+"By default up to 11 groups can be matched in one acl (including commandline "
+"specified groups). This limit is defined by B<MAX_GROUPS> in the source "
+"code."
+msgstr ""
+
+#. type: SH
+#: helpers/external_acl/unix_group/squid_unix_group.8:57
+#, no-wrap
+msgid "KNOWN ISSUES"
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:61
+msgid ""
+"Does not understand GID aliased groups sometimes used to work around groups "
+"size limitations. If you are using GID aliased groups then you must specify "
+"each alias by name."
+msgstr ""
+
+#. type: Plain text
+#: helpers/external_acl/unix_group/squid_unix_group.8:90
+msgid "Additionally bugs or bug-fixes can be reported to"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:7
+msgid "HTTP web proxy caching server"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:13
+msgid "facility"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:15
+msgid "config-file"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:19
+msgid "signal"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:21
+msgid "service-name"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:23
+msgid "command-line"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:32
+msgid ""
+"B<squid> is a high-performance proxy caching server for web clients, "
+"supporting FTP, gopher, ICAP, ICP, HTCP and HTTP data objects. Unlike "
+"traditional caching software, Squid handles all requests in a single, "
+"non-blocking process."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:36
+msgid ""
+"Squid keeps meta data and especially hot objects cached in RAM, caches DNS "
+"lookups, supports non-blocking DNS lookups, and implements negative caching "
+"of failed requests."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:41
+msgid ""
+"Squid supports SSL, extensive access controls, and full request logging. By "
+"using the lightweight Internet Cache Protocols ICP, HTCP or CARP, Squid "
+"caches can be arranged in a hierarchy or mesh for additional bandwidth "
+"savings."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:49
+msgid ""
+"Squid consists of a main server program B<squid> , some optional programs "
+"for custom processing and authentication, and some management and client "
+"tools. When squid starts up, it spawns a configurable number of helper "
+"processes, each of which can perform parallel lookups. This reduces the "
+"amount of time the cache waits for results."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:51
+msgid "Squid is derived from the ARPA-funded Harvest Project."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:57
+msgid ""
+"This manual page only lists the command line arguments. For details on how "
+"to configure Squid see the file B<@SYSCONFDIR@/squid.conf.documented,> the "
+"Squid wiki FAQ and examples at http://wiki.squid-cache.org/ , or the "
+"configuration manual on the Squid home page"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:66
+msgid ""
+"Specify HTTP port number where Squid should listen for requests, in addition "
+"to any B<http_port> specifications in B<squid.conf>"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:70
+msgid "Do not catch fatal signals."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:74
+msgid "Write debugging to stderr also."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:86
+msgid ""
+"Use the given config-file instead of B<@SYSCONFDIR@/squid.conf .> If the "
+"file name starts with a B<!> or B<|> then it is assumed to be an external "
+"command or command line. Can for example be used to pre-process the "
+"configuration before it is being read by Squid. To facilitate this Squid "
+"also understands the common #line notion to indicate the real source file."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:90
+msgid "Don't serve any requests until store is rebuilt."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:94
+msgid "Print help message."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:100
+msgid "Install as a Windows Service (see B<-n> option)."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:107
+msgid ""
+"Parse configuration file, then send signal to running copy (except B<-k "
+"parse> ) and exit."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:112
+msgid "Use specified syslog facility. implies B<-s>"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:117
+msgid ""
+"Specify Windows Service name to use for service operations, default is: "
+"B<Squid>"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:121
+msgid "No daemon mode."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:125
+msgid "Set Windows Service Command line options in Registry."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:131
+msgid "Remove a Windows Service (see B<-n> option)."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:137
+msgid "Do not set B<REUSEADDR> on port."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:142
+msgid "Enable logging to syslog. Also configurable in B<@SYSCONFDIR@/squid.conf>"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:146
+msgid "Double-check swap during rebuild."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:150
+msgid "Specify ICP port number (default: 3130), disable with 0."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:154
+msgid "Print version and build details."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:158
+msgid "Force full debugging."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:166
+msgid "Only return B<UDP_HIT> or B<UDP_MISS_NOFETCH> during fast reload."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:170
+msgid "Create swap directories"
+msgstr ""
+
+#. type: SH
+#: src/squid.8.in:171
+#, no-wrap
+msgid "FILES"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:173
+msgid "Squid configuration files located in @SYSCONFDIR@/:"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:178
+msgid ""
+"The main configuration file. You must initially make changes to this file "
+"for B<squid> to work. For example, the default configuration does not allow "
+"access from any browser."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:182 src/squid.8.in:188
+msgid ""
+"Reference copy of the configuration file. Always kept up to date with the "
+"version of Squid you are using."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:184
+msgid ""
+"Use this to look up the default configuration settings and syntax after "
+"upgrading."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:193
+msgid ""
+"Use this to read the documentation for configuration options available in "
+"your build of Squid. The online configuration manual is also available for a "
+"full reference of options. B<see>http://www.squid-cache.org/Doc/config/"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:198
+msgid "The main configuration file for the web B<cachemgr.cgi> tools."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:201
+msgid "The main configuration file for the Sample MSNT authenticator."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:206
+msgid ""
+"CSS Stylesheet to control the display of generated error pages. Use this to "
+"set any company branding you need, it will apply to every language Squid "
+"provides error pages for."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:209
+msgid "Some files also located elsewhere:"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:212
+msgid "MIME type mappings for FTP gatewaying"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:215
+msgid "Location of Squid error pages and templates."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:218
+msgid ""
+"Squid was written over many years by a changing team of developers and "
+"maintained in turn by"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:225
+msgid ""
+"With contributions from many others in the Squid community. see "
+"CONTRIBUTORS for a full list of individuals who contributed code. see "
+"CREDITS for a list of major code contributing copyright holders."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:233
+msgid ""
+"This software product, SQUID, is developed by a team of individuals, and "
+"copyrighted (C) 2001 by the Regents of the University of California, with "
+"all rights reserved. UCSD administered the NLANR Cache grants, NCR 9616602 "
+"and NCR 9521745 under which most of this code was developed."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:240
+msgid ""
+"This program is free software; you can redistribute it and/or modify it "
+"under the terms of the GNU General Public License (version 2) as published "
+"by the Free Software Foundation. It is distributed in the hope that it will "
+"be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of "
+"MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General "
+"Public License for more details."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:242
+msgid ""
+"see the CREDITS file for further copyright licensing of third-party code "
+"contributions."
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:268
+msgid "The Squid FAQ wiki"
+msgstr ""
+
+#. type: Plain text
+#: src/squid.8.in:271
+msgid "The Squid Configuration Manual"
+msgstr ""
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:7
+msgid "Squid HTTP proxy manager CGI web interface"
+msgstr ""
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:18
+msgid ""
+"The cache manager ( B<cachemgr.cgi> ) is a CGI utility for displaying "
+"statistics about the Squid HTTP proxy process as it runs. The cache manager "
+"is a convenient way to manage the cache and view statistics without logging "
+"into the server."
+msgstr ""
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:22
+msgid ""
+"Configuration examples for many common web servers can be found in the Squid "
+"FAQ wiki."
+msgstr ""
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:34
+msgid ""
+"The access configuration file defining which Squid servers may be managed "
+"via this B<cachemgr.cgi> program. Each line specifies a B<server>:B<port> "
+"followed by an optional description"
+msgstr ""
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:38
+msgid ""
+"The server name may contain shell wildcard characters such as *, [] etc. A "
+"quick selection dropdown menu is automatically constructed from the simple "
+"server names."
+msgstr ""
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:42
+msgid ""
+"Specifying :port is optional. If not specified then the default proxy port "
+"is assumed. :* or :any matches any port on the target server."
+msgstr ""
+
+#. type: SH
+#: tools/cachemgr.cgi.8.in:43
+#, no-wrap
+msgid "SECURITY"
+msgstr ""
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:50
+msgid ""
+"B<cachemgr.cgi> calls the requested server on the requested port using HTTP "
+"and returns a formatted version of the response. To avoid abuse it is "
+"recommended to configure your web server to restrict access to the "
+"B<cachemgr.cgi> program."
+msgstr ""
+
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:56 tools/squidclient.1:168
+msgid ""
+"Derived from Harvest. Further developed by by numerous individuals from the "
+"internet community. Development is led by Duane Wessels of the National "
+"Laboratory for Applied Network Research and funded by the National Science "
+"Foundation."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:7
+msgid "A simple HTTP web client tool"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:12 tools/squidclient.1:32
+msgid "count"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:14
+msgid "remote host"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:16
+msgid "string"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:18
+msgid "IMS"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:20
+msgid "ping interval"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:22
+msgid "Host header"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:24
+msgid "local host"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:26
+msgid "method"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:30
+msgid "file"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:36 tools/squidclient.1:38
+msgid "user"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:40
+msgid "version"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:42 tools/squidclient.1:44
+msgid "password"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:46
+msgid "url"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:55
+msgid ""
+"B<squidclient> is a tool providing a command line interface for retrieving "
+"URLs. Designed for testing any HTTP 0.9, 1.0, or 1.1 web server or proxy. "
+"This tool can be combined with scripts to perform any basic HTTP operation. "
+"Some additional features for access to the B<squid> proxy object cache and "
+"management information are provided."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:60
+msgid "Do NOT include Accept: header."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:66
+msgid "Ping mode, perform I<count> iterations (0 to loop until interrupted)."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:71
+msgid "Retrieve URL from cache on hostname. Default is B<localhost>"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:77
+msgid "Extra headers to send. Use B<'\\n'> for new lines."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:81
+msgid "If-Modified-Since time (in Epoch seconds)."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:85
+msgid "Ping interval in seconds (default 1 second)."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:89
+msgid "Host header content"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:93
+msgid "Specify a local IP address to bind to. Default is none."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:108
+#, no-wrap
+msgid ""
+"Request method, default is\n"
+"I<GET.>\n"
+"Squid also supports a non-standard method called\n"
+"I<PURGE.>\n"
+"You can use that to purge a specific URL from the cache.\n"
+"You need to have\n"
+"I<purge>\n"
+"access setup in\n"
+"B<squid.conf>\n"
+"similar to\n"
+"I<manager>\n"
+" access. Here is an example:\n"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:116
+msgid "Port number of cache. Default is 3128."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:120
+msgid "Request body. Using the named file as data."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:124
+msgid "Force cache to reload URL."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:128
+msgid "Silent. Do not print data to stdout."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:134
+msgid "Trace I<count> HTTP relay or proxy hops"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:138
+msgid "Timeout value (seconds) for read/write operations."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:142
+msgid "Proxy authentication username"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:146
+msgid "WWW authentication username"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:150
+msgid "Verbose. Print outgoing message to stderr."
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:154
+msgid "HTTP Version. Use '-' for HTTP/0.9 omitted case"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:158
+msgid "Proxy authentication password"
+msgstr ""
+
+#. type: Plain text
+#: tools/squidclient.1:162
+msgid "WWW authentication password"
+msgstr ""
msgstr ""
"Project-Id-Version: squid\n"
"Report-Msgid-Bugs-To: FULL NAME <EMAIL@ADDRESS>\n"
-"POT-Creation-Date: 2010-02-13 00:05+1400\n"
+"POT-Creation-Date: 2010-05-01 00:17+1200\n"
"PO-Revision-Date: 2010-01-16 02:20+0000\n"
"Last-Translator: Amos Jeffries <Unknown>\n"
"Language-Team: Russian <ru@li.org>\n"
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:3
#: helpers/basic_auth/PAM/basic_pam_auth.8:3
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:3
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:3
+#: helpers/digest_auth/file/digest_file_auth.8:3
#: helpers/external_acl/ldap_group/squid_ldap_group.8:3
#: helpers/external_acl/session/squid_session.8:3
#: helpers/external_acl/unix_group/squid_unix_group.8:3 src/squid.8.in:3
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:8
#: helpers/basic_auth/PAM/basic_pam_auth.8:8
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:8
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:10
+#: helpers/digest_auth/file/digest_file_auth.8:10
#: helpers/external_acl/ldap_group/squid_ldap_group.8:10
#: helpers/external_acl/session/squid_session.8:10
#: helpers/external_acl/unix_group/squid_unix_group.8:8 src/squid.8.in:8
#: tools/cachemgr.cgi.8.in:8 tools/squidclient.1:8
#, no-wrap
msgid "SYNOPSIS"
-msgstr ""
+msgstr "СИНТАКСИС"
#. type: SH
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:11
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:12
#: helpers/basic_auth/PAM/basic_pam_auth.8:15
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:26
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:13
+#: helpers/digest_auth/file/digest_file_auth.8:15
#: helpers/external_acl/ldap_group/squid_ldap_group.8:26
#: helpers/external_acl/session/squid_session.8:18
#: helpers/external_acl/unix_group/squid_unix_group.8:15 src/squid.8.in:25
"B<basic_getpwnam_auth> allows Squid to authenticate any local user accounts "
"to validate the user name and password of Basic HTTP authentication."
msgstr ""
+"<basic_getpwnam_auth> позволяет Squid авторизовать любых пользователей чьи "
+"имена и пароли подходят для Базовой HTTP авторизации."
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:21
msgid "It uses B<getpwnam()> and B<getspnam()> routines for authentication."
-msgstr ""
+msgstr "Используйте процедуры B<getpwnam()> и B<getspnam()> для идентификации."
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:23
msgid "This has the following advantages over the NCSA module:"
-msgstr ""
+msgstr "Это имеет приимущество над модулем NCSA:"
#. type: TP
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:23
#, no-wrap
msgid "Allows authentication of all known local users"
-msgstr ""
+msgstr "Позволяет идентифицировать всех известных локальных пользователей"
#. type: TP
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:25
#, no-wrap
msgid "Allows authentication through nsswitch.conf"
-msgstr ""
+msgstr "Позволяет идентифицировать с помощью nsswitch.conf"
#. type: TP
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:27
#, no-wrap
msgid "Can handle NIS(+) requests"
-msgstr ""
+msgstr "Может обрабатывать запросы NIS(+)"
#. type: TP
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:29
#, no-wrap
-msgid "Can handle LDAP request"
-msgstr ""
+msgid "Can handle LDAP requests"
+msgstr "Может обрабатывать запросы LDAP"
#. type: TP
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:31
#, no-wrap
-msgid "Can handle PAM request"
-msgstr ""
+msgid "Can handle PAM requests"
+msgstr "Может обрабатывать запросы PAM"
#. type: SH
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:34
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:24
#: helpers/basic_auth/PAM/basic_pam_auth.8:41
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:61
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:19
+#: helpers/digest_auth/file/digest_file_auth.8:25
#: helpers/external_acl/ldap_group/squid_ldap_group.8:209
#: helpers/external_acl/session/squid_session.8:50
#: helpers/external_acl/unix_group/squid_unix_group.8:33
"author cannot be held responsible for any security issues due to such "
"installations."
msgstr ""
+"Пожалуйста, обратите внимание, что в такой конфигурации, настоятельно "
+"рекомендуется, что бы программа была перемещена в папку недоступную обычным "
+"пользователям, так как это режим работы позволит любому локальному "
+"пользователю перебрать пароли других пользователей. Также обратите внимание, "
+"программа не была полностью проверена и автор не может нести "
+"ответственность за любые проблемы безопасности из-за такой установки."
#. type: SH
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:61
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:30
#: helpers/basic_auth/PAM/basic_pam_auth.8:80
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:85
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:75
+#: helpers/digest_auth/file/digest_file_auth.8:59
#: helpers/external_acl/ldap_group/squid_ldap_group.8:232
#: helpers/external_acl/session/squid_session.8:63
#: helpers/external_acl/unix_group/squid_unix_group.8:62 src/squid.8.in:216
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:63
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:77
+#: helpers/digest_auth/file/digest_file_auth.8:61
#: helpers/external_acl/ldap_group/squid_ldap_group.8:234
#: helpers/external_acl/unix_group/squid_unix_group.8:64
msgid "This program was written by"
-msgstr ""
+msgstr "Эта программа была написана"
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:68
msgid "Based on original code by"
-msgstr ""
+msgstr "Основан на оригинальном коде"
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:71
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:32
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:93
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:80
+#: helpers/digest_auth/file/digest_file_auth.8:68
#: helpers/external_acl/ldap_group/squid_ldap_group.8:243
#: helpers/external_acl/unix_group/squid_unix_group.8:67
msgid "This manual was written by"
-msgstr ""
+msgstr "Это руководство было написано"
#. type: SH
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:73
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:37
#: helpers/basic_auth/PAM/basic_pam_auth.8:84
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:95
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:83
+#: helpers/digest_auth/file/digest_file_auth.8:71
#: helpers/external_acl/ldap_group/squid_ldap_group.8:245
#: helpers/external_acl/session/squid_session.8:67
#: helpers/external_acl/unix_group/squid_unix_group.8:69 src/squid.8.in:226
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:75
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:298
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:97
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:85
+#: helpers/digest_auth/file/digest_file_auth.8:73
#: helpers/external_acl/ldap_group/squid_ldap_group.8:247
#: helpers/external_acl/session/squid_session.8:69
#: helpers/external_acl/unix_group/squid_unix_group.8:71
msgid "This program and documentation is copyright to the authors named above."
msgstr ""
+"Эта программа и документация является интеллектуальной собственностью "
+"вышеуказанных авторов."
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:77
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:300
#: helpers/basic_auth/PAM/basic_pam_auth.8:91
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:99
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:87
+#: helpers/digest_auth/file/digest_file_auth.8:75
#: helpers/external_acl/ldap_group/squid_ldap_group.8:249
#: helpers/external_acl/session/squid_session.8:71
#: helpers/external_acl/unix_group/squid_unix_group.8:73
#: tools/cachemgr.cgi.8.in:59 tools/squidclient.1:171
msgid ""
"Distributed under the GNU General Public License (GNU GPL) version 2 or "
-"later (GPL2+)."
+"later (GPLv2+)."
msgstr ""
+"Распространяется согласно лицензии (GNU GPL) версии 2 или более поздних "
+"(GPLv2+)."
#. type: SH
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:78
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:50
#: helpers/basic_auth/PAM/basic_pam_auth.8:92
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:100
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:88
+#: helpers/digest_auth/file/digest_file_auth.8:76
#: helpers/external_acl/ldap_group/squid_ldap_group.8:250
#: helpers/external_acl/session/squid_session.8:72
#: helpers/external_acl/unix_group/squid_unix_group.8:74 src/squid.8.in:243
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:53
#: helpers/basic_auth/PAM/basic_pam_auth.8:95
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:103
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:91
+#: helpers/digest_auth/file/digest_file_auth.8:79
#: helpers/external_acl/ldap_group/squid_ldap_group.8:253
#: helpers/external_acl/session/squid_session.8:75
#: helpers/external_acl/unix_group/squid_unix_group.8:77 src/squid.8.in:246
"Questions on the usage of this program can be sent to the I<Squid Users "
"mailing list>"
msgstr ""
+"Вопросы по использованию этой программы могут быть заданы в I<Squid Users "
+"mailing list>"
#. type: SH
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:83
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:55
#: helpers/basic_auth/PAM/basic_pam_auth.8:97
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:108
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:93
+#: helpers/digest_auth/file/digest_file_auth.8:81
#: helpers/external_acl/ldap_group/squid_ldap_group.8:258
#: helpers/external_acl/session/squid_session.8:77
#: helpers/external_acl/unix_group/squid_unix_group.8:79 src/squid.8.in:248
msgstr "СООБЩЕНИЕ ОБ ОШИБКАХ"
#. type: Plain text
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:85
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:311
-#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:57
-#: helpers/basic_auth/PAM/basic_pam_auth.8:99
-#: helpers/basic_auth/RADIUS/basic_radius_auth.8:110
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:260
-#: helpers/external_acl/session/squid_session.8:79
-#: helpers/external_acl/unix_group/squid_unix_group.8:81 src/squid.8.in:250
-#: tools/cachemgr.cgi.8.in:67 tools/squidclient.1:179
-msgid "Report bugs or bug fixes using http://bugs.squid-cache.org/"
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:86
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:312
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:58
+#: helpers/basic_auth/PAM/basic_pam_auth.8:100
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:111
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:96
+#: helpers/digest_auth/file/digest_file_auth.8:84
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:261
+#: helpers/external_acl/session/squid_session.8:80
+#: helpers/external_acl/unix_group/squid_unix_group.8:82 src/squid.8.in:251
+msgid ""
+"Bug reports need to be made in English. See http://wiki.squid-cache.org/"
+"SquidFaq/BugReporting for details of what you need to include with your bug "
+"report."
msgstr ""
+"Отчёты об ошибках должны быть написаны на английском языке. См. на "
+"http://wiki.squid-cache.org/SquidFaq/BugReporting, что нужно включать в "
+"отчёт."
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:88
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:60
#: helpers/basic_auth/PAM/basic_pam_auth.8:102
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:113
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:98
+#: helpers/digest_auth/file/digest_file_auth.8:86
#: helpers/external_acl/ldap_group/squid_ldap_group.8:263
#: helpers/external_acl/session/squid_session.8:82
#: helpers/external_acl/unix_group/squid_unix_group.8:84 src/squid.8.in:253
-#: tools/cachemgr.cgi.8.in:70 tools/squidclient.1:182
-msgid ""
-"Report serious security bugs to I<Squid Bugs E<lt>squid-bugs@squid-cache."
-"orgE<gt>>"
+#: tools/cachemgr.cgi.8.in:69 tools/squidclient.1:181
+msgid "Report bugs or bug fixes using http://bugs.squid-cache.org/"
msgstr ""
+"Сообщите об ошибках или их исправлениях используя http://bugs.squid-cache."
+"org/"
#. type: Plain text
#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:91
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:63
#: helpers/basic_auth/PAM/basic_pam_auth.8:105
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:116
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:101
+#: helpers/digest_auth/file/digest_file_auth.8:89
#: helpers/external_acl/ldap_group/squid_ldap_group.8:266
#: helpers/external_acl/session/squid_session.8:85
#: helpers/external_acl/unix_group/squid_unix_group.8:87 src/squid.8.in:256
-#: tools/cachemgr.cgi.8.in:73 tools/squidclient.1:185
+#: tools/cachemgr.cgi.8.in:72 tools/squidclient.1:184
+msgid ""
+"Report serious security bugs to I<Squid Bugs E<lt>squid-bugs@squid-cache."
+"orgE<gt>>"
+msgstr ""
+"Сообщите о серьёзных проблемах безопасности в I<Squid Bugs E<lt>squid-"
+"bugs@squid-cache.orgE<gt>>"
+
+#. type: Plain text
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:94
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:320
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:66
+#: helpers/basic_auth/PAM/basic_pam_auth.8:108
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:119
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:104
+#: helpers/digest_auth/file/digest_file_auth.8:92
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:269
+#: helpers/external_acl/session/squid_session.8:88
+#: helpers/external_acl/unix_group/squid_unix_group.8:90 src/squid.8.in:259
+#: tools/cachemgr.cgi.8.in:75 tools/squidclient.1:187
msgid ""
"Report ideas for new improvements to the I<Squid Developers mailing list>"
msgstr ""
+"Сообщите о новых идеях по улучшению программы в I<Squid Developers mailing "
+"list>"
#. type: SH
-#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:93
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:319
-#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:65
-#: helpers/basic_auth/PAM/basic_pam_auth.8:107
-#: helpers/basic_auth/RADIUS/basic_radius_auth.8:118
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:268
-#: helpers/external_acl/session/squid_session.8:87
-#: helpers/external_acl/unix_group/squid_unix_group.8:92 src/squid.8.in:258
-#: tools/cachemgr.cgi.8.in:75 tools/squidclient.1:187
+#: helpers/basic_auth/getpwnam/basic_getpwnam_auth.8:96
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:322
+#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:68
+#: helpers/basic_auth/PAM/basic_pam_auth.8:110
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:121
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:106
+#: helpers/digest_auth/file/digest_file_auth.8:94
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:271
+#: helpers/external_acl/session/squid_session.8:90
+#: helpers/external_acl/unix_group/squid_unix_group.8:95 src/squid.8.in:261
+#: tools/cachemgr.cgi.8.in:77 tools/squidclient.1:189
#, no-wrap
msgid "SEE ALSO"
msgstr "СМОТРИТЕ ТАКЖЕ"
#. type: Plain text
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:14
msgid "attribute"
-msgstr ""
+msgstr "параметр"
#. type: Plain text
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:16
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:31
#: helpers/external_acl/ldap_group/squid_ldap_group.8:18
msgid "options"
-msgstr ""
+msgstr "опции"
#. type: Plain text
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:18
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:33
msgid "LDAP server name"
-msgstr ""
+msgstr "Адрес сервера LDAP"
#. type: Plain text
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:20
#: helpers/external_acl/ldap_group/squid_ldap_group.8:22 src/squid.8.in:17
#: tools/squidclient.1:28
msgid "port"
-msgstr ""
+msgstr "порт"
#. type: Plain text
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:22
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:37
#: helpers/external_acl/ldap_group/squid_ldap_group.8:24
msgid "URI"
-msgstr ""
+msgstr "URL"
#. type: Plain text
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:29
#: helpers/external_acl/ldap_group/squid_ldap_group.8:16
msgid "LDAP search filter"
-msgstr ""
+msgstr "Фильтр поиска LDAP"
#. type: Plain text
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:47
"subsequent lines of input to the helper, one username/password pair per line "
"separated by a space."
msgstr ""
+"B<basic_ldap_auth> позволяет Squid подключиться к каталогу LDAP для проверки "
+"имени пользователя и пароля для идентификации по HTTP (Basic HTTP "
+"authentication).Опции LDAP задаются в виде параметров в командной строке, а "
+"имя пользователя(ей) и пароль(и) проверяются в каталоге LDAP указанном "
+"следующей строкой ввода в помощнике, одна пара имя пользователя/пароль в "
+"каждой строке, отделена пробелом."
#. type: Plain text
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:56
#: helpers/basic_auth/NCSA/basic_ncsa_auth.8:20
#: helpers/basic_auth/PAM/basic_pam_auth.8:21
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:31
+#: helpers/digest_auth/file/digest_file_auth.8:20
#: helpers/external_acl/ldap_group/squid_ldap_group.8:49
#: helpers/external_acl/session/squid_session.8:26
#: helpers/external_acl/unix_group/squid_unix_group.8:19 src/squid.8.in:59
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:133
#: helpers/external_acl/ldap_group/squid_ldap_group.8:181
msgid "B<one> level below the base object or"
-msgstr ""
+msgstr "B<one> уровнем ниже базового объекта или"
#. type: Plain text
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:136
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:290
#: helpers/basic_auth/RADIUS/basic_radius_auth.8:87
msgid "This program is written by"
-msgstr ""
+msgstr "Эта программа написана"
#. type: Plain text
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:294
msgid "This manual is written by"
-msgstr ""
+msgstr "Это руководство написано"
#. type: Plain text
#: helpers/basic_auth/LDAP/basic_ldap_auth.8:308
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:324
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:327
msgid "Your favorite LDAP documentation."
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/LDAP/basic_ldap_auth.8:325
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:275
+#: helpers/basic_auth/LDAP/basic_ldap_auth.8:328
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:278
msgid "B<RFC2254> - The String Representation of LDAP Search Filters,"
msgstr ""
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/PAM/basic_pam_auth.8:114
+#: helpers/basic_auth/PAM/basic_pam_auth.8:117
msgid "PAM Systems Administrator Guide"
msgstr ""
msgstr ""
#. type: Plain text
-#: helpers/basic_auth/RADIUS/basic_radius_auth.8:121
+#: helpers/basic_auth/RADIUS/basic_radius_auth.8:124
msgid "B<RFC2058> - Remote Authentication Dial In User Service (RADIUS)"
msgstr ""
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:7
+msgid ""
+"Basic Authentication using SASL (specifically the cyrus-sasl authentication "
+"method)"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:9
+#: helpers/digest_auth/file/digest_file_auth.8:9
+#: helpers/external_acl/session/squid_session.8:9
+msgid "Version 1.0"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:18
+msgid ""
+"B<basic_sasl_auth> is an installed binary helper for Squid. SASL is "
+"configurable (somewhat like PAM). Each service authenticating against SASL "
+"identifies itself with an application name. Each application can be "
+"configured independently by the SASL administrator."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:24
+msgid ""
+"To configure the authentication method used the file B<basic_sasl_auth.conf> "
+"can be placed in the appropriate location, usually B</usr/lib/sasl.>"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:31
+msgid ""
+"The authentication database is defined by the B<pwcheck_method> parameter. "
+"Only the B<PLAIN> authentication mechanism is used."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:33
+msgid "Examples:"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:36
+msgid "use sasldb - the default if no conf file is installed."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:38
+#, no-wrap
+msgid " - use PAM authentication database\n"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:41
+#, no-wrap
+msgid ""
+" - use traditional \n"
+"B</etc/passwd>\n"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:43
+#, no-wrap
+msgid " - use slightly less traditional /etc/shadow\n"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:46
+msgid ""
+"Others methods may be supported by your cyrus-sasl implementation - consult "
+"your cyrus-sasl documentation for information."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:59
+msgid ""
+"Typically the authentication database ( B</etc/sasldb> , B</etc/shadow> , "
+"B<PAM> ) can not be accessed by a normal user. You should use setuid/setgid "
+"and an appropriate user/group on the executable to allow the authenticator "
+"to access the appropriate password database. If the access to the database "
+"is not permitted then the authenticator will typically fail with \"-1, "
+"generic error\"."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:74
+msgid ""
+"If the application name B<basic_sasl_auth> will also be used for the PAM "
+"service name if B<pwcheck_method:pam> is chosen. And example PAM "
+"configuration file B<basic_sasl_auth.pam> is also included."
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:116
+#: helpers/digest_auth/file/digest_file_auth.8:98 src/squid.8.in:271
+msgid "The Squid FAQ wiki"
+msgstr ""
+
+#. type: Plain text
+#: helpers/basic_auth/SASL/basic_sasl_auth.8:119
+#: helpers/digest_auth/file/digest_file_auth.8:101 src/squid.8.in:274
+msgid "The Squid Configuration Manual"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:7
+msgid "File based digest authentication helper for Squid."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:14 tools/squidclient.1:30
+msgid "file"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:19
+msgid ""
+"B<digest_file_auth> is an installed binary authentication program for Squid. "
+"It handles digest authentication protocol and authenticates against a text "
+"file backend."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:24
+msgid ""
+"Accept digest hashed passwords rather than plaintext in the password file"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:28
+msgid "Username database file format:"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:28
+#, no-wrap
+msgid "- comment lines are possible and should start with a '#';"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:31
+#, no-wrap
+msgid "- empty or blank lines are possible;"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:34
+#, no-wrap
+msgid "- plaintext entry format is username:password"
+msgstr ""
+
+#. type: TP
+#: helpers/digest_auth/file/digest_file_auth.8:37
+#, no-wrap
+msgid "- HA1 entry format is username:realm:HA1"
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:50
+msgid ""
+"To build a directory integrated backend, you need to be able to calculate "
+"the HA1 returned to squid. To avoid storing a plaintext password you can "
+"calculate B<MD5(username:realm:password)> when the user changes their "
+"password, and store the tuple B<username:realm:HA1.> then find the matching "
+"B<username:realm> when squid asks for the HA1."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:58
+msgid ""
+"This implementation could be improved by using such a triple for the file "
+"format. However storing such a triple does little to improve security: If "
+"compromised the B<username:realm:HA1> combination is \"plaintext equivalent"
+"\" - for the purposes of digest authentication they allow the user access. "
+"Password syncronisation is not tackled by digest - just preventing on the "
+"wire compromise."
+msgstr ""
+
+#. type: Plain text
+#: helpers/digest_auth/file/digest_file_auth.8:64
+msgid "Based on prior work by"
+msgstr ""
+
#. type: Plain text
#: helpers/external_acl/ldap_group/squid_ldap_group.8:7
msgid "Squid LDAP external acl group helper"
msgstr ""
#. type: Plain text
-#: helpers/external_acl/ldap_group/squid_ldap_group.8:274
+#: helpers/external_acl/ldap_group/squid_ldap_group.8:277
msgid "Your favorite LDAP documentation"
msgstr ""
msgid "Squid session tracking external acl group helper."
msgstr ""
-#. type: Plain text
-#: helpers/external_acl/session/squid_session.8:9
-msgid "Version 1.0"
-msgstr ""
-
#. type: Plain text
#: helpers/external_acl/session/squid_session.8:16
msgid "database"
msgstr ""
#. type: Plain text
-#: helpers/external_acl/unix_group/squid_unix_group.8:90
+#: helpers/external_acl/unix_group/squid_unix_group.8:93
msgid "Additionally bugs or bug-fixes can be reported to"
msgstr ""
#: src/squid.8.in:171
#, no-wrap
msgid "FILES"
-msgstr ""
+msgstr "ФАЙЛЫ"
#. type: Plain text
#: src/squid.8.in:173
"contributions."
msgstr ""
-#. type: Plain text
-#: src/squid.8.in:268
-msgid "The Squid FAQ wiki"
-msgstr ""
-
-#. type: Plain text
-#: src/squid.8.in:271
-msgid "The Squid Configuration Manual"
-msgstr ""
-
#. type: Plain text
#: tools/cachemgr.cgi.8.in:7
msgid "Squid HTTP proxy manager CGI web interface"
"Foundation."
msgstr ""
+#. type: Plain text
+#: tools/cachemgr.cgi.8.in:67 tools/squidclient.1:179
+msgid ""
+"See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what "
+"you need to include with your bug report."
+msgstr ""
+
#. type: Plain text
#: tools/squidclient.1:7
msgid "A simple HTTP web client tool"
msgid "method"
msgstr ""
-#. type: Plain text
-#: tools/squidclient.1:30
-msgid "file"
-msgstr ""
-
#. type: Plain text
#: tools/squidclient.1:36 tools/squidclient.1:38
msgid "user"
+++ /dev/null
-cat ../{src,lib,include}/*{.,/*.,/*/*.,/*/*/*.}{c,cc,h} 2>/dev/null \
- | grep " DEBUG:" \
- | sed -e 's/ \* DEBUG: //' \
- | sort -u \
- | sort -n
<!doctype linuxdoc system>
<article>
-<title>Squid 3.0.STABLE24 release notes</title>
+<title>Squid 3.0.STABLE25 release notes</title>
<author>Squid Developers</author>
<abstract>
<sect>Notice
<p>
-The Squid Team are pleased to announce the release of Squid-3.0.STABLE24.
+The Squid Team are pleased to announce the release of Squid-3.0.STABLE25.
This new release is available for download from <url url="http://www.squid-cache.org/Versions/v3/3.0/"> or the <url url="http://www.squid-cache.org/Mirrors/http-mirrors.html" name="mirrors">.
<!doctype linuxdoc system>
<article>
-<title>Squid 3.1.0.17 release notes</title>
+<title>Squid 3.1.5 release notes</title>
<author>Squid Developers</author>
<abstract>
<sect>Notice
<p>
-The Squid Team are pleased to announce the release of Squid-3.1.0.17 for testing.
+The Squid Team are pleased to announce the release of Squid-3.1.5.
This new release is available for download from <url url="http://www.squid-cache.org/Versions/v3/3.1/"> or the <url url="http://www.squid-cache.org/Mirrors/http-mirrors.html" name="mirrors">.
A large number of the show-stopper bugs have been fixed along with general improvements to the ICAP support.
-While this release is not deemed ready for production use, we believe it is ready for wider testing by the community.
+While this release is not fully bug-free we believe it is ready for use in production on many systems.
-We welcome feedback and bug reports. If you find a bug, please see <url url="http://wiki.squid-cache.org/SquidFaq/TroubleShooting#head-7067fc0034ce967e67911becaabb8c95a34d576d"> for how to submit a report with a stack trace.
+We welcome feedback and bug reports. If you find a new bug, please see <url url="http://wiki.squid-cache.org/SquidFaq/BugReporting"> for how to submit a report with a stack trace and other required details. Additional information is also very welcome on other open bugs.
<sect1>Known issues
<p>
-Although this release is deemed good enough for use in many setups, please note the existence of <url url="http://www.squid-cache.org/bugs/buglist.cgi?query_format=advanced&short_desc_type=allwordssubstr&short_desc=&target_milestone=3.1&long_desc_type=allwordssubstr&long_desc=&bug_file_loc_type=allwordssubstr&bug_file_loc=&status_whiteboard_type=allwordssubstr&status_whiteboard=&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&emailtype1=substring&email1=&emailtype2=substring&email2=&bugidtype=include&bug_id=&votes=&chfieldfrom=&chfieldto=Now&chfieldvalue=&cmdtype=doit&order=bugs.bug_severity&field0-0-0=noop&type0-0-0=noop&value0-0-0=" name="open bugs against Squid-3.1">.
+Although this release is deemed good enough for use in many setups, please note the existence of <url url="http://bugs.squid-cache.org/buglist.cgi?query_format=advanced&target_milestone=3.1&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&cmdtype=doit&order=bugs.bug_severity" name="open bugs against Squid-3.1">.
+
+<p>Some issues to note as currently known in this release which are not able to be fixed in this 3.1 series are:
+
+<itemize>
+ <item>The lack of some features available in Squid-2.x series. See the regression sections below for full details.
+ <item>The lack of IPv6 split-stack support for MacOSX, OpenBSD and maybe others.
+</itemize>
+
+<p>Currently known issues which only depends on available developer time and may still be resolved in a future 3.1 release are:
+
+<itemize>
+ <item>IPv4 fall-back occasionally failing on dual IPv4/IPv6 websites.
+ <item>An ongoing slow FD leak introduced somewhere during the Squid-3.0 cycle.
+ <item>Windows support is still largely missing.
+ <item>Build status for the 3.x series is still largely unknown for Unix based OS and other less popular systems.
+</itemize>
+
<sect1>Changes since earlier releases of Squid-3.1
<p>
<sect1>New Version Numbering System
-<p>Begining with 3.1 the Squid Developers are trialling a new release numbering system.
+<p>Begining with 3.1 the Squid Developers are using a new release numbering system.
<p>We have decided, based on input from interested users to drop the Squid-2 terminology of
(DEVEL, PRE, RC, and STABLE) from the release package names.
<p>All this is previous policy you should be accustomed to. Now we get to the new numbering change.
-<p>Initial branch packages will be generated with a 3.X.0.Z version as testing packages.
+<p>Initial branch packages will be generated with a 3.X.0.Z version as beta testing packages.
Packages and Snapshots generated with these 3-dot numbers are expected to be relatively stable regarding feature behaviors.
Suitable for testing, but without any guarantees under production loads. This replaces both the old PRE and RC packages.
-<p>If a large number of bugs are found several *.0.Z packages may be attempted before any is considered production-ready.
+<p>If a large number of bugs are found several *.0.Z packages may be attempted before any is fully frozen for production use.
+ To be frozen as stable the code must be compiling well and have passed a period of 14 days with no new bugs reported against
+ the new code added in that release.
<p>When one of these Squid-3.X.0.Z packages passes our bug-free standards a 3.X.Y numbered release will be made.
<p>squid.conf has undergone a facelift.
<p>Don't worry, few operational changes have been made.
-Older configs from are still expected to run in 3.1 with only the usual minor
+Older configs from Squdi 2.x and 3.0 are still expected to run in 3.1 with only the usual minor
changes seen between major release. Details on those are listed below.
-<p>New users will be relieved to see a short 32-line or less squid.conf on clean installs.
+<p>New users will be relieved to see a very short squid.conf on clean installs.
Many of the options have reasonable defaults but had previously needed them explicitly configured!
These are now proper built-in defaults and no longer need to be in squid.conf unless changed.
<p>All of the option documentation has been offloaded to another file <em>squid.conf.documented</em> which
-contains a fully documented set of options previously cluttering up squid.conf itself.
+contains a fully documented set of available options previously cluttering up squid.conf itself.
<p>Package maintainers are provided with a second file squid.conf.default which as always contains the default
config options provided on a clean install.
+<p>We are also providing online copies of configuration documentation.
+ Updated live to match the latest release of each Squid series, and a combined global version.
+ This is available on <url url="http://www.squid-cache.org/Doc/config/" name="the Squid website">
+
<sect1>Internet Protocol version 6 (IPv6)
<p>Pinger has been upgraded to perform both ICMP and ICMPv6 as required.
As a result of this and due to a change in the binary protocol format between them,
- new builds of squid are no longer backwards-compatible with old pinger binaries.
- You will need to perform "make install-pinger" again after installing squid.
+ new builds of Squid are no longer backwards-compatible with old pinger binaries.
+ You will need to perform "make install-pinger" again after installing Squid.
<p>Peer and Client SNMP tables have been altered to handle IPv6 addresses.
As a side effect of this the long-missing fix to show seperate named peers on one IP
The table structure change is identical for both IPv4-only and Dual modes but with
IPv4-only simply not including any IPv6 entries. This means any third-party SNMP
software which hard coded the MIB paths needs to be upgraded for this Squid release.
-
+ Details can be found in the wiki <url url="http://wiki.squid-cache.org/Features/Snmp#Squid_OIDs" name="SNMP feature page">.
<sect2>Limitations of IPv6 Support
+<p>In this release there is no split-stack support. This means that OS which do not provide
+ IP stacks based on the KAME stack with Hybrid extensions to do IPv4-mapping cannot use IPv6
+ with Squid.
+
<p>Specify a specific tcp_outgoing_address and the clients who match its ACL are limited
to the IPv4 or IPv6 network that address belongs to. They are not permitted over the
IPv4-IPv6 boundary. Some ACL voodoo can however be applied to explicitly route the
<p>WCCP is not available (neither version 1 or 2).
It remains built into squid for use with IPv4 traffic but IPv6 cannot use it.
-<p>Transparent Interception is done via NAT at the OS level and is not available in IPv6.
- Squid will ensure that any port set with transparent, intercept, or tproxy options be an IPv4-only
+<p>Pseudo-Transparent Interception is done via NAT at the OS level and is not available in IPv6.
+ Squid will ensure that any port set with transparent or intercept options be an IPv4-only
listening address. Wildcard can still be used but will not open as an IPv6.
To ensure that squid can accept IPv6 traffic on its default port, an alternative should
be chosen to handle transparently intercepted traffic.
http_port 8080 intercept
</verb>
+<p>Real transparent Interception (TPROXY) may be able to perform IPv6 interception.
+ However this currently still needs kernel patching with experimental patches to enable IPv6.
+ Squid will attempt to discover support on startup and may permit or deny IPv6 wildcard for
+ tproxy flagged ports depending on your system.
+
<p>The bundled NTLM Auth helper is IPv4-native between itself and the NTLM server.
A new one will be needed for IPv6 traffic between the helper and server.
<p>The error_directory option in squid.conf needs to be removed.
<p>For best coverage of languages, using the latest language pack of error files is recommended.
-Updates can be downloaded from <url url="http://www.squid-cahch.org/Versions/langpack/" name="www.squid-cache.org/Versions/langpack/">
+Updates can be downloaded from <url url="http://www.squid-cache.org/Versions/langpack/" name="www.squid-cache.org/Versions/langpack/">
<p>The squid developers are interested in making squid available in a wide variety of languages.
Contribution of new languages is encouraged.
</itemize>
<sect2>Squid Configuration
-<p>Squid 3.1 needs to be configured with --enable-zph-qos for the ZPH QoS controls to be available.
+<p>Squid 3.1 needs to be configured with <em>--enable-zph-qos</em> for the ZPH QoS controls to be available.
-<p>The configuration options for 2.7 and 3.1 are based on different ZPH patches.
-The two releases configuration differs and only the TOS mode settings are directly translatable.
+<p>The configuration options for Squid 2.7 and 3.1 are based on different ZPH patches.
+ The two releases configuration differs and only the TOS mode settings are directly translatable.
<itemize>
<item><em>qos_flows local-hit=0xff</em> Responses found as a HIT in the local cache
<item><em>qos_flows parent-hit=0xff</em> Responses found as a HIT in a parent peer
</itemize>
-<p>The lines above are spearated for documentation. qos_flows may be configured with all options on one line, or separated as shown.
-Also options may be repeated as many times as desired. Only the final configured value for any option will be used.
+<p>The lines above are separated for documentation. qos_flows may be configured with all options on one line, or separated as shown.
+ Also options may be repeated as many times as desired. Only the final configured value for any option will be used.
<p>The legacy <em>Option</em> and <em>Priority</em> modes available in Squid-2.7 are no longer supported.
<p>Details in <url url="http://wiki.squid-cache.org/Features/SslBump" name="The Squid wiki">
-<p>Squid-in-the-middle decryption and encryption of straight CONNECT and transparently redirected SSL traffic,
-using configurable client- and server-side certificates.
-While decrypted, the traffic can be inspected using ICAP.
+<p>Squid-in-the-middle decryption and encryption of CONNECT tunneled SSL traffic,
+ using configurable client- and server-side certificates.
+ While decrypted, the traffic can be inspected using ICAP.
+
+<p>Squid 3.1 releases limit SSL Bump to CONNECT requests and requires that clients are
+ configured to explicitly use the proxy in their browser settings or via WPAD/PAC
+ configuration. Use of interception for port 443 is not officially supported, despite
+ being known to work under certain limited networking circumstances.
<sect1>eCAP Adaptation Module support
<p>Details in <url url="http://wiki.squid-cache.org/Features/eCAP" name="The Squid wiki">
+<p>eCAP provides a way to integrate CAP modules directly into Squid without the need for
+ a c-icap server wrapper. This enables faster processing.
+
+<p>Currently known and available eCAP modules are listed in the wiki feature page on eCAP.
+
+
<sect1>ICAP Bypass and Retry enhancements
<p>Details in <url url="http://wiki.squid-cache.org/Features/ICAP" name="The Squid wiki">
should be large enough to not require an explicit configuration in most
environments yet may be small enough to limit side-effects of loops.
+
<sect1>ICY streaming protocol support
<p>Squid-3.1 adds native support for streaming protocol ICY.
+ Also commonly known as SHOUTcast multimedia streams.
<p>This protocol uses port 80 and violates RFC 2616 by using an HTTP/1.1 compliant request and non-HTTP reply
to start the stream transaction. If the reply is handled according to HTTP/1.1 RFC-compliance requirements
<p>Squid-2 contained a hack using the <em>update_http0.9</em> squid.conf option to work around the
unusual replies. This option is now obsolete.
-<p>The proto ACL type matches <em>ICY</em> once the reply has been received, before that the processing
+<p>The <em>proto</em> ACL type matches <em>ICY</em> once the reply has been received, before that the processing
is only aware on an HTTP request. So the ACL will match <em>HTTP</em>.
count against this limit.
</verb>
+ <tag>ignore_expect_100</tag>
+ <p>Ported from 2.7. Requires --enable-http-violations
+ Prevents 417 errors being sent to broken HTTP/1.1 non-compliant clients.
+
<tag>include</tag>
<p>New option to import entire secondary configuration files into squid.conf.
<verb>
direct client address in the access log.
</verb>
+ <tag>max_filedescriptors</tag>
+ <p>Ported from 2.7.
+
<tag>netdb_filename</tag>
<verb>
A filename where Squid stores it's netdb state between restarts.
<verb>
Control whether the pinger is active at run-time.
Enables turning ICMP pinger on and off with a simple squid -k reconfigure.
- default is on when --enable-icmp is compiled in.
+ default is off when --enable-icmp is compiled in.
</verb>
<tag>ssl_bump</tag>
<tag>maximum_object_size_in_memory</tag>
<p>Default size limit increased to 512KB.
+ <tag>memory_pools_limit</tag>
+ <p>Memory limits have been revised and corrected from 3.1.4 onwards.
+ <p>Please check and update your squid.conf to use the text <em>none</em> for no limit instead of the old 0 (zero).
+ <p>All users upgrading need to be aware that from Squid-3.3 setting this option to 0 (zero) will mean zero bytes of memory get pooled.
+
<tag>negative_ttl</tag>
<p>New default of 0 seconds. To prevent negative-caching of failure messages unless explicitly
permitted by the message generating web server.
is never forced or permitted out the IPv4 interface.
acl to_ipv6 dst ipv6
+ http_access allow to_ipv6 !all
+
tcp_outgoing_address 2002::c001 good_service_net to_ipv6
tcp_outgoing_address 10.0.0.2 good_service_net !to_ipv6
<p>Disable error page localization for visitors.
<p>error_directory option is required if this option is used.
- <tag>--disable-caps</tag>
- <p>Build without libcap support. The default is to auto-detect system capabilities
- and enable support when possible.
- <p>NOTE: Disabling this or building without libcap support will break TPROXY support.
-
<tag>--disable-ipv6</tag>
<p>Build without IPv6 support. The default is to auto-detect system capabilities
and build with IPv6 when possible.
<p>Build without support for loadable modules.
<tag>--disable-strict-error-checking</tag>
- <p>Build Squid without advanced compiler error checking.
+ <p>Build Squid without advanced compiler error checking (without the -Werror option).
This only affects the building process, enabling it to complete despite some
possibly serious issues.
Please do not use lightly, and please report the build issues which make it needed
to the squid developers before doing so.
<tag>--disable-translation</tag>
- <p>Prevent Squid generating localized error page templates and manuals.
+ <p>Prevent Squid generating localized error page templates and manuals when built.
Which is usually tried, but may not be needed.
- <p>This is a development optimization for building from VCS when localization is
- not needed. Has no effect on pre-translated source bundles.
-
- <tag>--with-dns-cname</tag>
- <p>Enable CNAME recursion within the Internal DNS resolver stub squid uses.
- This has no effect on the external DNS helper.
- <p>Please note this extension is still experimental and may encounter problems.
- To see if it is actually needed you can run squid without it for a period and
- check the CNAME-Only Requests statistics squid maintains.
- <p>If it produces ongoing serious problems the external helper may be needed
- but please report the bugs anyway.
+ <p>This is an optimization for building fast when localization is not needed
+ or localization tools are not available.
+ <p>A copy of the latest translated files can instead be downloaded from
+<url url="http://www.squid-cache.org/Versions/langpack/" name="http://www.squid-cache.org/Versions/langpack/">
<tag>--with-logdir=PATH</tag>
<p>Allow build-time configuration of Default location for squid logs.
<p>Absolute path to po2html executable.
Default is to automatically detect the binary.
+ <tag>--without-libcap</tag>
+ <p>Build without libcap support. The default is to auto-detect system capabilities
+ and enable support when possible.
+ <p>NOTE: Disabling this or building without libcap support will break TPROXY support.
+
</descrip>
<sect1>Changes to existing options<label id="modifiedoptions">
<tag>--enable-linux-tproxy</tag>
<p>Deprecated. Remains only to support old TPROXY version 2.2 installations.
+ Scheduled for complete removal in Squid 3.2
<tag>--enable-ntlm-auth-helpers</tag>
<p>Helper previously built by <em>SMB</em> is now built by <em>smb_lm</em>.
<tag>--disable-internl-dns</tag>
<p>Better support for Linux using the external DNS helper.
The helper will now compile and work with dns_nameservers on more variants of Linux than previously.
+ It is still deprecated however and use of this option should be avoided as much as possible.
<tag>--with-aio</tag>
<p>Deprecated. POSIX AIO is now auto-detected and enabled.
<tag>--disable-carp</tag>
<p>Removed. CARP is required by several peering algoithms. Disabling is not useful.
+
+ <tag>--disable-mempools</tag>
+ <p>Replaced by memory_pools squid.conf option.
</descrip>
<tag>auth_param</tag>
<p><em>blankpassword</em> option for basic scheme removed.
+ <tag>cache_peer</tag>
+ <p><em>http11</em> Obsolete.
+
<tag>external_acl_type</tag>
<p>Format tag <em>%{Header}</em> replaced by <em>%>{Header}</em>
<p>Format tag <em>%{Header:member}</em> replaced by <em>%>{Header:member}</em>
<tag>redirector_bypass</tag>
<p>Replaced by <em>url_rewrite_bypass</em>
+ <tag>server_http11</tag>
+ <p>Obsolete.
+
<tag>upgrade_http0.9</tag>
<p>Obsolete. ICY protocol streaming support added natively.
<tag>cache_peer</tag>
<p><em>idle=</em> not yet ported from 2.7
- <p><em>http11</em> not yet ported from 2.7
<p><em>monitorinterval=</em> not yet ported from 2.6
<p><em>monitorsize=</em> not yet ported from 2.6
<p><em>monitortimeout=</em> not yet ported from 2.6
<p><em>http11</em> not yet ported from 2.7
<p><em>urlgroup=</em> not yet ported from 2.6
- <tag>ignore_expect_100</tag>
- <p>Not yet ported from 2.7
-
<tag>ignore_ims_on_miss</tag>
<p>Not yet ported from 2.7
<p>Not yet ported from 2.6
<tag>logfile_daemon</tag>
- <p>Not yet ported from 2.7
+ <p>Not yet ported from 2.7.
<tag>logformat</tag>
<p><em>%oa</em> tag not yet ported from 2.7
<p><em>%sn</em> tag not yet ported from 2.7
- <tag>max_filedescriptors</tag>
- <p>Not yet ported from 2.7
-
<tag>max_stale</tag>
<p>Not yet ported from 2.7
<tag>refresh_stale_hit</tag>
<p>Not yet ported from 2.7
- <tag>server_http11</tag>
- <p>Not yet ported from 2.7
-
<tag>storeurl_access</tag>
<p>Not yet ported from 2.7
<LI>squid_ldap_auth - basic_ldap_auth - Authenticate with LDAP user accounts.</LI>
<LI>ncsa_auth - basic_ncsa_auth - Authenticate with NCSA httpd-style password file.</LI>
<LI>pam_auth - basic_pam_auth - Authenticate with the system PAM infrastructure.</LI>
-<LI>pop3.pl - basic_pop3_auth.pl - Authenticate with a mail server POP3/SMTP credentials</LI>
-<LI>squid_sasl_auth - basic_sasl_auth - Authenticate with SASL ???</LI>
-<LI>smb_auth - basic_smb_auth - Authenticate with Samba SMB ???</LI>
+<LI>pop3.pl - basic_pop3_auth - Authenticate with a mail server POP3/SMTP credentials</LI>
+<LI>squid_sasl_auth - basic_sasl_auth - Authenticate with SASL.</LI>
+<LI>smb_auth - basic_smb_auth - Authenticate with Samba SMB.</LI>
<LI>yp_auth - basic_nis_auth - Authenticate with NIS security system.</LI>
<LI>mswin_sspi - basic_sspi_auth - Authenticate with a Windows Domain Controller using SSPI.</LI>
-<LI>MSNT-muti-domain - basic_msnt_multi_domain_auth.pl - Authenticate with any one of multiple Windows Domain Controllers.</LI>
+<LI>MSNT-multi-domain - basic_msnt_multi_domain_auth - Authenticate with any one of multiple Windows Domain Controllers.</LI>
<LI>squid_radius_auth - basic_radius_auth - Authenticate with RADIUS.</LI>
</UL>
</P>
<P>
<UL>
-<LI>(none yet converted)</LI>
+<LI>digest_pw_auth - digest_file_auth - Authenticate against credentials stored in a simple text file.</LI>
</UL>
</P>
<P>
<UL>
+<LI>fakeauth_auth - ntlm_fake_auth - Perform NTLMSSP to recover the username but don't verify the password.</LI>
<LI>ntlm_auth - ntlm_smb_lm_auth - Perform SMB LanManager domain-less authentication over NTLM protocol.</LI>
</UL>
</P>
<P>3.1 began the Internationalization of Squid with the public facing error pages.
This move begins the Localization of the internal administrator facing manuals.</P>
+
<H2><A NAME="ss2.4">2.4</A> <A HREF="#toc2.4">Solaris 10 pthreads Support (Experimental)</A>
</H2>
<P>Automatic detection and use of the pthreads library available from Solaris 10</P>
+
<H2><A NAME="s3">3.</A> <A HREF="#toc3">Changes to squid.conf since Squid-3.1</A></H2>
<P>There have been changes to Squid's configuration file since Squid-3.1.</P>
<P>
<DL>
+<DT><B>adapted_http_access</B><DD>
+<P>Access control based on altered HTTP request following adaptation alterations (ICAP, eCAP, URL rewriter).
+An upgraded drop-in replacement for <EM>http_access2</EM> found in Squid-2.</P>
+
<DT><B>eui_lookup</B><DD>
-<P> Whether to lookup the EUI or MAC address of a connected client.</P>
+<P>Whether to lookup the EUI or MAC address of a connected client.</P>
<DT><B>memory_cache_mode</B><DD>
-<P> Controls which objects to keep in the memory cache (cache_mem)
+<P>Controls which objects to keep in the memory cache (cache_mem)
<PRE>
'always' Keep most recently fetched objects in memory (default)
</P>
<DT><B>logfile_daemon</B><DD>
-<P>Ported from 2.7</P>
+<P>Ported from 2.7. Specify the file I/O daemon helper to run for logging.</P>
+
+<DT><B>tproxy_uses_indirect_client</B><DD>
+<P>Controls whether the indirect client address found in the X-Forwarded-For
+header is used for spoofing instead of the directly connected client address.
+Requires both <EM>--enable-follow-x-forwarded-for</EM> and <EM>--enable-linux-netfilter</EM></P>
</DL>
</P>
<P>
<DL>
+<DT><B>access_log</B><DD>
+<P>New <EM>stdio</EM> module to send log data directly from Squid to a disk file.
+This is the historic behaviour of Squid before logging modules were introduced, and
+remains the default used when no module is selected.
+It is recommended to upgrade logging to the faster <EM>daemon:</EM> module.</P>
+<P>New <EM>daemon</EM> module to send each log line as text data to a file I/O daemon handling the slow disk I/O.
+New installs, or installs with no logs configured explicitly will use this module by default.</P>
+<P>New <EM>tcp</EM> module to send each log line as text data to a TCP receiver.</P>
+<P>New <EM>udp</EM> module to send each log line as text data to a UDP receiver.</P>
+
<DT><B>acl random</B><DD>
<P>New type <EM>random</EM>. Pseudo-randomly match requests based on a configured probability.</P>
<P>Deprecated <EM>children=N</EM> in favor of <EM>children-max=N</EM>.</P>
<DT><B>logformat</B><DD>
+<P><EM>%>lp</EM> Local TCP port used by transactions with http servers.</P>
<P><EM>%sn</EM> Unique sequence number per log line. Ported from 2.7</P>
-<P><EM>%>eui</EM> EUI logging (EUI-48 / MAC address for IPv4, EUI-64 for IPv6)
+<P><EM>%<eui</EM> EUI logging (EUI-48 / MAC address for IPv4, EUI-64 for IPv6)
Both EUI forms are logged in the same field. Type can be identified by length or byte delimiter.</P>
+<DT><B>memory_pools_limit</B><DD>
+<P>Memory limits have been revised and corrected from 3.1.4 onwards.</P>
+<P>Please check and update your squid.conf to use the text <EM>none</EM> for no limit instead of the old 0 (zero).</P>
+<P>All users upgrading need to be aware that from Squid-3.3 setting this option to 0 (zero) will mean zero bytes of memory get pooled.</P>
+
<DT><B>windows_ipaddrchangemonitor</B><DD>
<P>Now only available to be set in Windows builds.</P>
<P>
<DL>
+<DT><B>--enable-auth-basic[=HELPERS]</B><DD>
+<P>Specified without any parameters all helpers will be auto-built.</P>
+<P>With an explicit empty list <EM>=""</EM> protocol suport will be built but no helpers.</P>
+<P>With an explicit list protocol support and just those helpers will be built.</P>
+
+<DT><B>--enable-auth-digest[=HELPERS]</B><DD>
+<P>Specified without any parameters all helpers will be auto-built.</P>
+<P>With an explicit empty list <EM>=""</EM> protocol suport will be built but no helpers.</P>
+<P>With an explicit list protocol support and just those helpers will be built.</P>
+
+<DT><B>--enable-auth-negotiate</B><DD>
+<P>Specified without any parameters all helpers will be auto-built.</P>
+<P>With an explicit empty list <EM>=""</EM> protocol suport will be built but no helpers.</P>
+<P>With an explicit list protocol support and just those helpers will be built.</P>
+
+<DT><B>--enable-auth-ntlm</B><DD>
+<P>Specified without any parameters all helpers will be auto-built.</P>
+<P>With an explicit empty list <EM>=""</EM> protocol suport will be built but no helpers.</P>
+<P>With an explicit list protocol support and just those helpers will be built.</P>
+
<DT><B>--enable-eui</B><DD>
<P>Enable Support for handling EUI operations.
This includes ARP lookups for MAC (EUI-48) addresses and the ACL arp type tests.</P>
+<DT><B>--enable-log-daemon-helpers</B><DD>
+<P>Build helpers for logging I/O.</P>
+
<DT><B>--enable-url-rewrite-helpers</B><DD>
<P>Build helpers for some basic URL-rewrite actions. For use by url_rewrite_program.
If omitted or set to =all then all bundled helpers that are able to build will be built.
<P>
<DL>
-<DT><B>???alphabetical list within group ordered: enable, disable, with, without) ???</B><DD>
-<P> ???explain??</P>
+<DT><B>--enable-auth</B><DD>
+<P>No longer takes a list of arguments. This option now is restricted to building with or without for authentication.</P>
+<P>The new <EM>--enable-auth-X</EM>/<EM>--disable-auth-X</EM> parameters determine which authentication protocols and helpers are built.</P>
</DL>
</P>
<DT><B>--enable-arp-acl</B><DD>
<P>Replaced by --enable-eui</P>
+<DT><B>--enable-auth-basic-helpers</B><DD>
+<P>replaced by <EM>--enable-auth-basic</EM>.</P>
+
+<DT><B>--enable-auth-digest-helpers</B><DD>
+<P>replaced by <EM>--enable-auth-digest</EM>.</P>
+
+<DT><B>--enable-auth-negotiate-helpers</B><DD>
+<P>replaced by <EM>--enable-auth-negotiate</EM>.</P>
+
+<DT><B>--enable-auth-ntlm-helpers</B><DD>
+<P>replaced by <EM>--enable-auth-ntlm</EM>.</P>
+
</DL>
</P>
<DT><B>auth_param</B><DD>
<P><EM>blankpassword</EM> option for basic scheme removed.</P>
+<DT><B>cache_peer</B><DD>
+<P><EM>http11</EM> Obsolete.</P>
+
<DT><B>external_acl_type</B><DD>
<P>Format tag <EM>%{Header}</EM> replaced by <EM>%>{Header}</EM></P>
<P>Format tag <EM>%{Header:member}</EM> replaced by <EM>%>{Header:member}</EM></P>
<DT><B>http_port</B><DD>
<P><EM>no-connection-auth</EM> replaced by <EM>connection-auth=[on|off]</EM>. Default is ON.</P>
<P><EM>transparent</EM> option replaced by <EM>intercept</EM></P>
+<P><EM>http11</EM> obsolete.</P>
+
+<DT><B>http_access2</B><DD>
+<P>Replaced by <EM>adapted_http_access</EM></P>
<DT><B>httpd_accel_no_pmtu_disc</B><DD>
<P>Replaced by <EM>http_port disable-pmtu-discovery=</EM> option</P>
<DT><B>redirector_bypass</B><DD>
<P>Replaced by <EM>url_rewrite_bypass</EM></P>
+<DT><B>server_http11</B><DD>
+<P>Obsolete.</P>
+
<DT><B>upgrade_http0.9</B><DD>
<P>Obsolete.</P>
<P>COSS <EM>maxfullbufs=</EM> option not yet ported from 2.6</P>
<DT><B>cache_peer</B><DD>
-<P><EM>multicast-siblings</EM> not yet ported from 2.7</P>
<P><EM>idle=</EM> not yet ported from 2.7</P>
-<P><EM>http11</EM> not yet ported from 2.7</P>
<P><EM>monitorinterval=</EM> not yet ported from 2.6</P>
<P><EM>monitorsize=</EM> not yet ported from 2.6</P>
<P><EM>monitortimeout=</EM> not yet ported from 2.6</P>
<DT><B>external_refresh_check</B><DD>
<P>Not yet ported from 2.7</P>
-<DT><B>http_access2</B><DD>
-<P>Not yet ported from 2.6</P>
-
<DT><B>http_port</B><DD>
<P><EM>act-as-origin</EM> not yet ported from 2.7</P>
-<P><EM>http11</EM> not yet ported from 2.7</P>
<P><EM>urlgroup=</EM> not yet ported from 2.6</P>
-<DT><B>ignore_expect_100</B><DD>
-<P>Not yet ported from 2.7</P>
-
<DT><B>ignore_ims_on_miss</B><DD>
<P>Not yet ported from 2.7</P>
<DT><B>logformat</B><DD>
<P><EM>%oa</EM> tag not yet ported from 2.7</P>
-<DT><B>max_filedescriptors</B><DD>
-<P>Not yet ported from 2.7</P>
-
<DT><B>max_stale</B><DD>
<P>Not yet ported from 2.7</P>
<DT><B>refresh_stale_hit</B><DD>
<P>Not yet ported from 2.7</P>
-<DT><B>server_http11</B><DD>
-<P>Not yet ported from 2.7</P>
-
<DT><B>storeurl_access</B><DD>
<P>Not yet ported from 2.7</P>
<item>squid_ldap_auth - basic_ldap_auth - Authenticate with LDAP user accounts.
<item>ncsa_auth - basic_ncsa_auth - Authenticate with NCSA httpd-style password file.
<item>pam_auth - basic_pam_auth - Authenticate with the system PAM infrastructure.
- <item>pop3.pl - basic_pop3_auth.pl - Authenticate with a mail server POP3/SMTP credentials
+ <item>pop3.pl - basic_pop3_auth - Authenticate with a mail server POP3/SMTP credentials
<item>squid_sasl_auth - basic_sasl_auth - Authenticate with SASL.
<item>smb_auth - basic_smb_auth - Authenticate with Samba SMB.
<item>yp_auth - basic_nis_auth - Authenticate with NIS security system.
<item>mswin_sspi - basic_sspi_auth - Authenticate with a Windows Domain Controller using SSPI.
- <item>MSNT-multi-domain - basic_msnt_multi_domain_auth.pl - Authenticate with any one of multiple Windows Domain Controllers.
+ <item>MSNT-multi-domain - basic_msnt_multi_domain_auth - Authenticate with any one of multiple Windows Domain Controllers.
<item>squid_radius_auth - basic_radius_auth - Authenticate with RADIUS.
</itemize>
<sect2>Digest Authentication protocol helpers
<p><itemize>
- <item>(none yet converted)
+ <item>digest_pw_auth - digest_file_auth - Authenticate against credentials stored in a simple text file.
</itemize>
<sect2>External ACL helpers
<sect2>Negotiate Authentication protocol helpers
<p><itemize>
+ <item>mswin_sspi - negotiate_sspi_auth - Authenticate with a Windows Domain Controller using SSPI.
<item>squid_kerb_auth - negotiate_kerberos_auth - Authenticate with Kerberos servers.
</itemize>
<sect2>NTLM Authentication protocol helpers
<p><itemize>
+ <item>fakeauth_auth - ntlm_fake_auth - Perform NTLMSSP to recover the username but don't verify the password.
+ <item>mswin_ntlm_auth - ntlm_sspi_auth - Perform NTLMSSP authentication using Windows native Security Support Provider Interface API.
<item>ntlm_auth - ntlm_smb_lm_auth - Perform SMB LanManager domain-less authentication over NTLM protocol.
+ <item>no_check.pl - Deprecated. - Use the faster and less easily decrypted ntlm_fake_auth instead.
</itemize>
<sect2>URL re-write helpers
<p>3.1 began the Internationalization of Squid with the public facing error pages.
This move begins the Localization of the internal administrator facing manuals.
+
<sect1>Solaris 10 pthreads Support (Experimental)
<p>Automatic detection and use of the pthreads library available from Solaris 10
+
<sect>Changes to squid.conf since Squid-3.1
<p>
There have been changes to Squid's configuration file since Squid-3.1.
<sect1>New tags<label id="newtags">
<p>
<descrip>
+ <tag>adapted_http_access</tag>
+ <p>Access control based on altered HTTP request following adaptation alterations (ICAP, eCAP, URL rewriter).
+ An upgraded drop-in replacement for <em>http_access2</em> found in Squid-2.
+
<tag>eui_lookup</tag>
- <p> Whether to lookup the EUI or MAC address of a connected client.
+ <p>Whether to lookup the EUI or MAC address of a connected client.
<tag>memory_cache_mode</tag>
- <p> Controls which objects to keep in the memory cache (cache_mem)
+ <p>Controls which objects to keep in the memory cache (cache_mem)
<verb>
'always' Keep most recently fetched objects in memory (default)
</verb>
<tag>logfile_daemon</tag>
- <p>Ported from 2.7
+ <p>Ported from 2.7. Specify the file I/O daemon helper to run for logging.
+
+ <tag>tproxy_uses_indirect_client</tag>
+ <p>Controls whether the indirect client address found in the X-Forwarded-For
+ header is used for spoofing instead of the directly connected client address.
+ Requires both <em>--enable-follow-x-forwarded-for</em> and <em>--enable-linux-netfilter</em>
</descrip>
<sect1>Changes to existing tags<label id="modifiedtags">
<p>
<descrip>
+ <tag>access_log</tag>
+ <p>New <em>stdio</em> module to send log data directly from Squid to a disk file.
+ This is the historic behaviour of Squid before logging modules were introduced, and
+ remains the default used when no module is selected.
+ It is recommended to upgrade logging to the faster <em>daemon:</em> module.
+ <p>New <em>daemon</em> module to send each log line as text data to a file I/O daemon handling the slow disk I/O.
+ New installs, or installs with no logs configured explicitly will use this module by default.
+ <p>New <em>tcp</em> module to send each log line as text data to a TCP receiver.
+ <p>New <em>udp</em> module to send each log line as text data to a UDP receiver.
+
<tag>acl random</tag>
<p>New type <em>random</em>. Pseudo-randomly match requests based on a configured probability.
<p>Deprecated <em>children=N</em> in favor of <em>children-max=N</em>.
<tag>logformat</tag>
+ <p><em>%>lp</em> Local TCP port used by transactions with http servers.
<p><em>%sn</em> Unique sequence number per log line. Ported from 2.7
- <p><em>%>eui</em> EUI logging (EUI-48 / MAC address for IPv4, EUI-64 for IPv6)
+ <p><em>%<eui</em> EUI logging (EUI-48 / MAC address for IPv4, EUI-64 for IPv6)
Both EUI forms are logged in the same field. Type can be identified by length or byte delimiter.
+ <tag>memory_pools_limit</tag>
+ <p>Memory limits have been revised and corrected from 3.1.4 onwards.
+ <p>Please check and update your squid.conf to use the text <em>none</em> for no limit instead of the old 0 (zero).
+ <p>All users upgrading need to be aware that from Squid-3.3 setting this option to 0 (zero) will mean zero bytes of memory get pooled.
+
<tag>windows_ipaddrchangemonitor</tag>
<p>Now only available to be set in Windows builds.
<sect1>New options<label id="newoptions">
<p>
<descrip>
+ <tag>--enable-auth-basic[=HELPERS]</tag>
+ <p>Specified without any parameters all helpers will be auto-built.
+ <p>With an explicit empty list <em>=""</em> protocol suport will be built but no helpers.
+ <p>With an explicit list protocol support and just those helpers will be built.
+
+ <tag>--enable-auth-digest[=HELPERS]</tag>
+ <p>Specified without any parameters all helpers will be auto-built.
+ <p>With an explicit empty list <em>=""</em> protocol suport will be built but no helpers.
+ <p>With an explicit list protocol support and just those helpers will be built.
+
+ <tag>--enable-auth-negotiate</tag>
+ <p>Specified without any parameters all helpers will be auto-built.
+ <p>With an explicit empty list <em>=""</em> protocol suport will be built but no helpers.
+ <p>With an explicit list protocol support and just those helpers will be built.
+
+ <tag>--enable-auth-ntlm</tag>
+ <p>Specified without any parameters all helpers will be auto-built.
+ <p>With an explicit empty list <em>=""</em> protocol suport will be built but no helpers.
+ <p>With an explicit list protocol support and just those helpers will be built.
+
<tag>--enable-eui</tag>
<p>Enable Support for handling EUI operations.
This includes ARP lookups for MAC (EUI-48) addresses and the ACL arp type tests.
+ <tag>--enable-log-daemon-helpers</tag>
+ <p>Build helpers for logging I/O.
+
<tag>--enable-url-rewrite-helpers</tag>
<p>Build helpers for some basic URL-rewrite actions. For use by url_rewrite_program.
If omitted or set to =all then all bundled helpers that are able to build will be built.
<sect1>Changes to existing options<label id="modifiedoptions">
<p>
<descrip>
- <tag>???alphabetical list within group ordered: enable, disable, with, without) ???</tag>
- <p> ???explain??
+ <tag>--enable-auth</tag>
+ <p>No longer takes a list of arguments. This option now is restricted to building with or without for authentication.
+ <p>The new <em>--enable-auth-X</em>/<em>--disable-auth-X</em> parameters determine which authentication protocols and helpers are built.
</descrip>
</p>
<tag>--enable-arp-acl</tag>
<p>Replaced by --enable-eui
+ <tag>--enable-auth-basic-helpers</tag>
+ <p>replaced by <em>--enable-auth-basic</em>.
+
+ <tag>--enable-auth-digest-helpers</tag>
+ <p>replaced by <em>--enable-auth-digest</em>.
+
+ <tag>--enable-auth-negotiate-helpers</tag>
+ <p>replaced by <em>--enable-auth-negotiate</em>.
+
+ <tag>--enable-auth-ntlm-helpers</tag>
+ <p>replaced by <em>--enable-auth-ntlm</em>.
+
</descrip>
<tag>auth_param</tag>
<p><em>blankpassword</em> option for basic scheme removed.
+ <tag>cache_peer</tag>
+ <p><em>http11</em> Obsolete.
+
<tag>external_acl_type</tag>
<p>Format tag <em>%{Header}</em> replaced by <em>%>{Header}</em>
<p>Format tag <em>%{Header:member}</em> replaced by <em>%>{Header:member}</em>
<tag>http_port</tag>
<p><em>no-connection-auth</em> replaced by <em>connection-auth=[on|off]</em>. Default is ON.
<p><em>transparent</em> option replaced by <em>intercept</em>
+ <p><em>http11</em> obsolete.
<tag>http_access2</tag>
- <p>Repalced by <em>adapted_http_access</em>
+ <p>Replaced by <em>adapted_http_access</em>
<tag>httpd_accel_no_pmtu_disc</tag>
<p>Replaced by <em>http_port disable-pmtu-discovery=</em> option
<tag>redirector_bypass</tag>
<p>Replaced by <em>url_rewrite_bypass</em>
+ <tag>server_http11</tag>
+ <p>Obsolete.
+
<tag>upgrade_http0.9</tag>
<p>Obsolete.
<tag>cache_peer</tag>
<p><em>idle=</em> not yet ported from 2.7
- <p><em>http11</em> not yet ported from 2.7
<p><em>monitorinterval=</em> not yet ported from 2.6
<p><em>monitorsize=</em> not yet ported from 2.6
<p><em>monitortimeout=</em> not yet ported from 2.6
<tag>http_port</tag>
<p><em>act-as-origin</em> not yet ported from 2.7
- <p><em>http11</em> not yet ported from 2.7
<p><em>urlgroup=</em> not yet ported from 2.6
- <tag>ignore_expect_100</tag>
- <p>Not yet ported from 2.7
-
<tag>ignore_ims_on_miss</tag>
<p>Not yet ported from 2.7
<tag>logformat</tag>
<p><em>%oa</em> tag not yet ported from 2.7
- <tag>max_filedescriptors</tag>
- <p>Not yet ported from 2.7
-
<tag>max_stale</tag>
<p>Not yet ported from 2.7
<tag>refresh_stale_hit</tag>
<p>Not yet ported from 2.7
- <tag>server_http11</tag>
- <p>Not yet ported from 2.7
-
<tag>storeurl_access</tag>
<p>Not yet ported from 2.7
## List of automated translations possible:
ERROR_TEMPLATES = \
- templates/ERR_FTP_PUT_MODIFIED \
- templates/ERR_ESI \
- templates/ERR_SECURE_CONNECT_FAIL \
- templates/ERR_ZERO_SIZE_OBJECT \
- templates/ERR_SHUTTING_DOWN \
- templates/ERR_URN_RESOLVE \
+ templates/ERR_ACCESS_DENIED \
+ templates/ERR_CACHE_ACCESS_DENIED \
+ templates/ERR_CACHE_MGR_ACCESS_DENIED \
+ templates/ERR_CANNOT_FORWARD \
templates/ERR_CONNECT_FAIL \
- templates/ERR_SOCKET_FAILURE \
+ templates/ERR_DIR_LISTING \
+ templates/ERR_DNS_FAIL \
+ templates/ERR_ESI \
+ templates/ERR_FORWARDING_DENIED \
+ templates/ERR_FTP_DISABLED \
+ templates/ERR_FTP_FAILURE \
+ templates/ERR_FTP_FORBIDDEN \
templates/ERR_FTP_NOT_FOUND \
+ templates/ERR_FTP_PUT_CREATED \
+ templates/ERR_FTP_PUT_ERROR \
+ templates/ERR_FTP_PUT_MODIFIED \
templates/ERR_FTP_UNAVAILABLE \
+ templates/ERR_ICAP_FAILURE \
+ templates/ERR_INVALID_REQ \
+ templates/ERR_INVALID_RESP \
+ templates/ERR_INVALID_URL \
templates/ERR_LIFETIME_EXP \
- templates/ERR_READ_ERROR \
+ templates/ERR_NO_RELAY \
templates/ERR_ONLY_IF_CACHED_MISS \
- templates/ERR_UNSUP_HTTPVERSION \
+ templates/ERR_READ_ERROR \
templates/ERR_READ_TIMEOUT \
- templates/ERR_ICAP_FAILURE \
- templates/ERR_DIR_LISTING \
- templates/ERR_FTP_FORBIDDEN \
- templates/ERR_ACCESS_DENIED \
- templates/ERR_FORWARDING_DENIED \
- templates/ERR_CANNOT_FORWARD \
- templates/ERR_CACHE_MGR_ACCESS_DENIED \
- templates/ERR_INVALID_REQ \
- templates/ERR_CACHE_ACCESS_DENIED \
- templates/ERR_FTP_PUT_ERROR \
- templates/ERR_FTP_PUT_CREATED \
+ templates/ERR_SECURE_CONNECT_FAIL \
+ templates/ERR_SHUTTING_DOWN \
+ templates/ERR_SOCKET_FAILURE \
templates/ERR_TOO_BIG \
+ templates/ERR_UNSUP_HTTPVERSION \
templates/ERR_UNSUP_REQ \
- templates/ERR_FTP_FAILURE \
- templates/ERR_DNS_FAIL \
- templates/ERR_FTP_DISABLED \
- templates/ERR_NO_RELAY \
- templates/ERR_INVALID_URL \
- templates/ERR_INVALID_RESP \
- templates/ERR_WRITE_ERROR
+ templates/ERR_URN_RESOLVE \
+ templates/ERR_WRITE_ERROR \
+ templates/ERR_ZERO_SIZE_OBJECT
TRANSLATE_LANGUAGES = \
af.lang \
Adi Sudana
Aecio F. Neto
Alexandre Correa <ajcorrea@gmail.com>
- Amos Jeffries
+ Amos Jeffries <squid3@treenet.co.nz>
Arthur Titeica <arthur@psw.ro>
- Bratislav Ilic
+ Bratislav Ilic <batailic@gmail.com>
Christian Schmidt
Constantin Rack
Evgeni Gechev
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
#: templates/ERR_READ_TIMEOUT:7
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
#: templates/ERR_URN_RESOLVE:3
#: templates/ERR_ACCESS_DENIED:6
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
#: templates/ERR_READ_ERROR:7
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
#: templates/ERR_WRITE_ERROR:7
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr ""
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr ""
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
+msgid "ERROR: The requested URN could not be retrieved"
msgstr ""
#: templates/ERR_ESI:5
msgid "File updated"
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr ""
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr ""
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr ""
msgid "Illegal double-escape in the URL-Path"
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr ""
msgid "Request is too large."
msgstr ""
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr ""
msgstr ""
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
#: templates/ERR_TOO_BIG:5
#: templates/ERR_NO_RELAY:6
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
#: templates/ERR_TOO_BIG:8
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
#: templates/ERR_SHUTTING_DOWN:5
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
#: templates/ERR_FORWARDING_DENIED:6
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
#: templates/ERR_FTP_NOT_FOUND:7
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
#: templates/ERR_CANNOT_FORWARD:6
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
msgstr ""
#: templates/ERR_DNS_FAIL:5
"directive was specified."
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr ""
"revalidation prohibited by the <q>only-if-cached</q> directive."
msgstr ""
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
ro ro-ro ro-md
ru ru-ru
sk sk-sk
-sr sr-sp
+sr-latn sr sr-sp sr-latn-cs
sv sv-fi sv-se
th th-th
tr tr-tr
uk uk-ua
+vi vi-vn
zh-tw zh-hk zh-mo
zh-cn zh-sg
msgstr ""
"Project-Id-Version: squid\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2009-01-27 20:36+0000\n"
"Last-Translator: MaXeR <Unknown>\n"
"Language-Team: Arabic <ar@li.org>\n"
#: templates/ERR_READ_TIMEOUT:7
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
#: templates/ERR_URN_RESOLVE:3
#: templates/ERR_ACCESS_DENIED:6
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
#: templates/ERR_READ_ERROR:7
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
#: templates/ERR_WRITE_ERROR:7
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr ""
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr ""
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
+msgid "ERROR: The requested URN could not be retrieved"
msgstr ""
#: templates/ERR_ESI:5
msgid "File updated"
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr ""
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr ""
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr ""
msgid "Illegal double-escape in the URL-Path"
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "مسار غير صحيح"
msgid "Request is too large."
msgstr ""
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr ""
msgstr ""
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
#: templates/ERR_TOO_BIG:5
#: templates/ERR_NO_RELAY:6
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
#: templates/ERR_TOO_BIG:8
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
#: templates/ERR_SHUTTING_DOWN:5
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
#: templates/ERR_FORWARDING_DENIED:6
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
#: templates/ERR_FTP_NOT_FOUND:7
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
#: templates/ERR_CANNOT_FORWARD:6
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
msgstr ""
#: templates/ERR_DNS_FAIL:5
"directive was specified."
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr ""
"revalidation prohibited by the <q>only-if-cached</q> directive."
msgstr ""
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2009-10-05 17:49+0000\n"
"Last-Translator: Elxan İsmayılov <elxan.i@gmail.com>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
msgstr ""
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"Məlumatlar şəbəkədən oxunan zaman gözləmə müddəti bitmişdir. Şəbəkə və ya "
"server işləmir, yaxud həddindən arıq yüklənmişdir. Xahiş edirik, sorğunu "
msgstr "Giriş qadağandır."
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"Hal-hazirda giriş nəzarəti qaydaları sorğunuzun cavablandırılmasına qadağa "
msgstr ""
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
"Məlumatlar şəbəkədən oxunan zaman səhv baş vermişdir. Xahiş edirik, "
"sorğunuzu təkrar edin."
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
"İnformasiya şəbəkəyə ötürülərkən xəta olmuşdur.Xahiş edirik, sorğunu təkrar "
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr ""
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "SƏHV: Sorğulanan URL ilə əlaqə yaradılmadı"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "SƏHV: Sorğulanan URN ilə əlaqə yaradılmadı"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "SƏHV: Sorğulanan URL ilə əlaqə yaradılmadı"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "Fayl yeniləndi"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Yönləndirmə qadağandır."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr ""
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "%T texnologiyasından çox şey gözləməyə dəyməz :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr "İCAP protokol s�^�hvi"
msgid "Illegal double-escape in the URL-Path"
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
#, fuzzy
msgid "Invalid URL"
msgid "Request is too large."
msgstr "Sorğu həddən ziyadə böyükdür."
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
#, fuzzy
msgid "Socket Failure"
msgstr ""
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
"Hədəf server və ya şəbəkə cavab vermir. Xahiş edirik, sorğunu təkrarlayın."
msgstr "Sistemdən gələn cavab: <i>%E</i>"
#: templates/ERR_NO_RELAY:6
+#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
"Bu keş serveri üçün WAIS ötürücü təyin edilməyib. Administratora əlaqə "
"saxlayın."
#: templates/ERR_TOO_BIG:8
+#, fuzzy
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
"Bu limitlər sizin keşi idarə edən Internet xidməti provayderi tərəfindən "
msgstr "Bu keş FTP protokolunu təmin etmir."
#: templates/ERR_SHUTTING_DOWN:5
+#, fuzzy
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"Keş hal-hazırda işini dayandırır və bu səbəbdən sizin sorğunuzu cavablandıra "
"bilməyəcək. Xahiş edirik, sorğunuzu tezliklə bir daha təkrarlayın."
#: templates/ERR_FORWARDING_DENIED:6
+#, fuzzy
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"Sibling tipli əlaqə yaratmaq cəhdinə görə keş sorğunuzu yönləndirməyəcəkdir. "
#, fuzzy
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"Mümkün səbəblərdən biri sorğu zamanı istifadə olunan FTP adresin RFC 1738 "
#, fuzzy
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"Sorğu hədəf serverə, və ya digər yuxarı səviyyəli keş serverələrə göndərilə "
"bilməz. Səhvin mümkün səbəbləri keş administratoru bu keşin hədəf "
"serverləri birbaşa sorğulamasını qadağan etmişdir və ya bütün yuxarı "
"səviyyəli keş-serverlər hal-hazırda əlçatmazdılar."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "Uzaqda yerləşən kompyuterin İP adresini təyin mumkun olmadı <q>%H</q>"
"directive was specified."
msgstr "Obyekt keşdə tapılmadı və <q>only-if-cached</q> əmri təyin olunmuşdur."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr ""
"tapılmadı, <em>və ya</em> <q>only-if-cached</q> əmri ilə qadağan olunmuş "
"obyektin yenilənməsi tələb olunur."
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "Sıfır Uzunluqlu Cavab"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "SƏHV: Sorğulanan URN ilə əlaqə yaradılmadı"
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
-"PO-Revision-Date: 2009-09-27 15:50+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
+"PO-Revision-Date: 2010-05-06 12:49+0200\n"
"Last-Translator: Evgeni Gechev <etg@setcom.bg>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
+"Language: bg\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
-"Language: bg\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Pootle 1.2.1\n"
+"X-Generator: Pootle 2.0.1\n"
#: templates/ERR_DIR_LISTING:6
msgid "<a href=\"../\">Parent Directory</a> (<a href=\"/\">Root Directory</a>)"
#: templates/ERR_READ_TIMEOUT:7
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"Изтече максимално допустимото време за четене на данни от мрежата. Мрежата "
"или сървърът са недостъпни или претоварени. Моля, опитайте отново да "
#: templates/ERR_ACCESS_DENIED:6
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"Конфигурацията за контрол на достъпа не позволява да бъде изпълнена Вашата "
#: templates/ERR_READ_ERROR:7
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
"Възникна грешка при четене на данни от мрежата. Моля, опитайте отново да "
#: templates/ERR_WRITE_ERROR:7
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
"Възникна грешка при изпращане на данни в мрежата. Моля, опитайте отново да "
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr "директория: <a href=\"%U\">%U</a>/"
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "ГРЕШКА: Заявената страница е недостъпна."
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "Ð\93Ð Ð\95ШÐ\9aÐ\90: Ð\97аÑ\8fвениÑ\8fÑ\82 адÑ\80еÑ\81 е недоÑ\81Ñ\82Ñ\8aпен."
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "Ð\93Ð Ð\95ШÐ\9aÐ\90: Ð\97аÑ\8fвенаÑ\82а Ñ\81Ñ\82Ñ\80аниÑ\86а не може да бÑ\8aде изÑ\82еглена"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "Файлът е обновен"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr "За браузер Firefox идете на: <ul>"
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr "За браузер Internet Explorer идете на: <ul>"
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr "За браузер Opera идете на: <ul>"
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Пренасочването на заявката е отказано."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr "Генерирано на %T от %h (%s)"
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "Не очаквайте прекалено много на този етап :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr "Как да намерите тези настройки на Вашия браузер:"
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr "Грешка на ICAP протокола."
msgid "Illegal double-escape in the URL-Path"
msgstr "Невалиден double-escape символ в адреса"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr "В полето HTTP proxy напишете име на proxy сървър %h и порт 3128."
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "Невалиден адрес"
msgid "Request is too large."
msgstr "Заявката е прекалено голяма."
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr "Изберете Автоматично откриване на настройките."
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr "Изберете Използване на Автоматично конфигуриране на прокси сървър."
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Грешка при Socket операция"
msgstr "Възникна следната грешка при опит за достъп до: <a href=\"%U\">%U</a>"
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
"Вероятно отдалеченият сървър или мрежа са недостъпни. Моля, опитайте отново "
"да направите Вашата заявка."
#: templates/ERR_NO_RELAY:6
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
"Няма дефиниран WAIS Relay за този кеш сървър. Обърнете се към администратора."
#: templates/ERR_TOO_BIG:8
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
"Тези ограничения са поставени от Интернет доставчика, който администрира "
#: templates/ERR_SHUTTING_DOWN:5
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"Кеш сървърът е в процес на рестартиране и в момента не може да изпълни "
"вашата заявка. Моля опитайте отново след няколко минути."
#: templates/ERR_FORWARDING_DENIED:6
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"Този кеш сървър няма да пренасочи Вашата заявка, защото не е висшестоящ кеш "
#: templates/ERR_FTP_NOT_FOUND:7
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
-"Това би могло да бъде причинено от заявка, в която е посочен абсолютен път "
-"(което е неправилно според документ RFC 1738). Ако това е причината, то "
+"Това би могло да бъде причинено от FTP заявка, в която е посочен абсолютен "
+"път (което е неправилно според документ RFC 1738). Ако това е причината, то "
"файлът би могъл да бъде намерен на адрес <a href=\"%B\">%B</a>."
#: templates/ERR_SECURE_CONNECT_FAIL:7
#: templates/ERR_CANNOT_FORWARD:6
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"Заявката не може да бъде пренасочена към сървъра източник или към някой от "
"висшестоящите кеш сървъри. Най-вероятно причината за тази грешка е, че "
"администратора не позволява директни обръщения към сървъра източник, и "
"всички кеш сървъри от по-горно ниво в момента са недостъпни."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+"Инструменти -> Опции за интернет -> Връзки -> LAN настройки -> "
+"Прокси сървър"
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "Не може да бъде намерен IP адресът на сървъра <q>%H</q>"
"Подадена е заявка за обект, който не се намира в кеша, а попада в обсега на "
"директивата <q>only-if-cached</q>."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr "При опит да бъде записан файлът: <a href=\"%U\">%U</a>"
"трябва да бъде изтеглен наново или да бъде проверена неговата валидност, "
"което е недопустимо поради директивата <q>only-if-cached</q>."
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "Отговор с нулева големина"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "ГРЕШКА: Заявеният адрес е недостъпен."
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2010-02-04 18:35+1300\n"
"Last-Translator: Jordi Bruguera <jordi@dns1.grn.es>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
msgstr ""
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"Hi ha hagut un excés en el temps de lectura de dades de la xarxa.Hi "
"ha congestió o indisposició del servidor i/o la xarxa.Intenteu-"
msgstr "Accés no autoritzat."
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"La configuració del control d'accés impedeix realitzar aquesta "
msgstr ""
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
"S'ha produït un error quan es llegien les dades de la xarxa. Repetiu "
"la petició"
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
"S'ha produït un error mentre s'intentava escriure a la xarxa. "
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr ""
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "ERROR: No es pot mostrar la URL que heu sol.licitat"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "ERROR: No es pot mostrar la URN que heu sol.licitat"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "ERROR: No es pot mostrar la URL que heu sol.licitat"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "Fitxer actualitzat"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Reenviament denegat."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr ""
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "Ei :) no esperis massa de les URN a %T !!"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr ""
msgid "Illegal double-escape in the URL-Path"
msgstr "La URL conté un doble caràcter d'escapament."
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "URL incorrecte."
msgid "Request is too large."
msgstr "La petici&ocute; és massa llarga."
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Errada de connexió de xarxa"
msgstr ""
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
"El servidor o la xarxa remota no es troben disponibles. Torneu-ho a provar "
"d'aqui a una estona."
msgstr "El sistema diu: <i>%E</i>"
#: templates/ERR_NO_RELAY:6
+#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
"No hi ha un reenviador de protocol WAIS per a aquesta cache. Comenta-li a "
"l'administrador."
#: templates/ERR_TOO_BIG:8
+#, fuzzy
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
"Aquests límits han estat establerts pel proveïdor Internet que "
msgstr "Aquesta cache no accepta connexions FTP."
#: templates/ERR_SHUTTING_DOWN:5
+#, fuzzy
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"Aquesta <i>cache</i> està en procés d'aturada inmediata i no "
"pot atendre la vostra petició. Reintenteu la petició d'aqui a "
"uns minuts."
#: templates/ERR_FORWARDING_DENIED:6
+#, fuzzy
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"Aquesta cache no reenviarà la vostra petició donat que "
msgstr ""
#: templates/ERR_FTP_NOT_FOUND:7
+#, fuzzy
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"Aquest error pot ser causat per una URL del protocol FTP amb un camí "
#, fuzzy
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"Aquesta petició no s'ha pogut enviar al servidor d'origen o a una cache "
"superior. La causa més probable per aquest error és "
"l'administrador de la cache no permet connexions directes amb els servidors "
"d'origen, o no hi ha cap cache superior disponible."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr ""
"S'ha especificat una directiva <q>only-if-cached</q> i no s'ha trobat un "
"document vàlid a la cache."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr "Mentre s'intentava la comanda PUT a la URL: <a href=\"%U\">%U</a>"
"q>. El document no s'ha trobat a la cache, o necessitava revalidació, "
"expressament prohibida per la directiva <q>only-if-cached</q>."
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#, fuzzy
msgid "Zero Sized Reply"
msgstr "Resposta de longitut ZERO :)"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "ERROR: No es pot mostrar la URN que heu sol.licitat"
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2009-11-20 17:14+0000\n"
"Last-Translator: Kuvaly <kuvaly@seznam.cz>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
"požadavku:"
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"Došlo k překročení časového limitu během čtení dat ze sítě. Síť nebo server "
"mohou být mimo provoz nebo přetížené. Prosím zkuste požadavek zopakovat."
msgstr "Přístup odepřen."
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"Nastavení přístupových práv aktuálně neumožňuje zpracovat požadavek. Prosím "
msgstr "Ze serveru ICAP byla přijata neplatná odpověď."
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
"Nastala chyba při čtení dat ze sítě. Prosím zkuste požadavek zopakovat."
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
"Nastala chyba při odesílání dat na síť. Prosím zkuste požadavek zopakovat."
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr "Adresář: <a href=\"%U\">%U</a>/"
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "CHYBA: Nelze získat požadované URL"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "CHYBA: Nelze získat požadované URN"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "CHYBA: Nelze získat požadované URL"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "Soubor aktualizován"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr ""
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr ""
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "Hey, neočekáváte příliš mnoho od URN na %T :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr "Chyba protokolu ICAP."
msgid "Illegal double-escape in the URL-Path"
msgstr "Chybný double-escape v URL cestě"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "Neplatná URL"
msgid "Request is too large."
msgstr "Požadavek může být příliš velký"
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr ""
msgstr ""
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
msgstr "Vzdálený systém nebo síť jsou nedostupné. Zkuste to znova."
#: templates/ERR_TOO_BIG:5
msgstr "Vzdálený systém odpověděl: <i>%E</i>"
#: templates/ERR_NO_RELAY:6
+#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr "Cache server nemá definovaný WAIS Relay! Vyhubujte administratorovi."
#: templates/ERR_TOO_BIG:8
+#, fuzzy
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
"Tento limit byl nastaven administrátorem této cache. Pokud si myslíte, že je "
msgstr "Tento cache server nepodporuje protokol FTP."
#: templates/ERR_SHUTTING_DOWN:5
+#, fuzzy
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"Tento cache server je právě restartován a nemůže obsloužit Váš požadavek. "
"Zkuste to za chvíli znova."
#: templates/ERR_FORWARDING_DENIED:6
+#, fuzzy
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"Cache server nepřesměruje Váš požadavek, protože to nedovolují vztahy v "
msgstr ""
#: templates/ERR_FTP_NOT_FOUND:7
+#, fuzzy
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"To může být zapříčiněno použitím absolutní cesty v FTP URL (což odporuje RFC "
#, fuzzy
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"Požadavek nemůže být přesměrován k dotazovanému serveru nebo nadřazeným "
"cache serverům. Příčinou může být Administrátor zakázal přímý přístup k "
"dotazovaným serverům Všechny nadřazené cache servery jsou nedostupné."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "Jméno serveru není možno převést na IP adresu. <q>%H</q>"
"Požadovaný dokument se nenachází v cachi, přičemž byla specifikována "
"direktiva <q>only-if-cached</q>."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr "Při pokusu o PUT následujícího URL: <a href=\"%U\">%U</a>"
"revalidation prohibited by the <q>only-if-cached</q> directive."
msgstr ""
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr ""
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "CHYBA: Nelze získat požadované URN"
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2008-11-07 17:17+1300\n"
"Last-Translator: Morten S. Nielsen <mortensn@geocities.com>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
msgstr ""
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"En timeout opstod mens der der blev ventet pæ at læse data fra "
"netværket. Netværket kan være nede eller forstoppet. "
msgstr "Adgang Nægtet."
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"Adgangs kontrollen tillader ikke din forespørgsel. Kontakt din "
msgstr ""
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
"En fejl opstod mens der blev læst data fra nettet. Prøv igen."
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
"En fejl opstod mens der blev skrevet data til nettet. Prøv igen."
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr ""
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "FEJL: Den angivne URL kunne ikke hentes"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "FEJL: Den angivne URN kunne ikke hentes"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "FEJL: Den angivne URL kunne ikke hentes"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "Fil opdateret"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Videresendelse Nægtet."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr ""
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "Hallo, forvent nu ikke for meget af URNs på %T :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr ""
msgid "Illegal double-escape in the URL-Path"
msgstr "Ugyldig dobbelt-escape i URL sti"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "Ugyldig URL"
msgid "Request is too large."
msgstr "Forespørgslen er for stor."
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Socket Fejl"
msgstr ""
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
"Der kunne ikke opnås forbindelse til den anden computer. Netvæ"
"rket eller computeren kan være nede. Prøv eventuelt igen."
#: templates/ERR_NO_RELAY:6
#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
"Der er ikke nogen WAIS Relæ maskine defineret for denne proxy cache! "
#: templates/ERR_TOO_BIG:8
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
msgstr "Denne cache understøtter ikke FTP."
#: templates/ERR_SHUTTING_DOWN:5
+#, fuzzy
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"Proxy cachen er i gang med at lukke ned og kan derfor ikke betjene din "
"forespørgsel nu. Prøv venligst igen snart."
#: templates/ERR_FORWARDING_DENIED:6
+#, fuzzy
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"Denne cache vil ikke videresende din forespørgsel fordi den prø"
msgstr ""
#: templates/ERR_FTP_NOT_FOUND:7
+#, fuzzy
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"Dette kan muligvis forårsages af en FTP URL med en absolut sti "
msgstr ""
#: templates/ERR_CANNOT_FORWARD:6
+#, fuzzy
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"Denne forespørgsel kunne ikke videresendes til den oprindelige server "
"eller en af forældre cache'ene. Dette skyldes sandsynligvis at cache "
"forbindelser til servere og alle forældre cache'er kan ikke nås "
"for øjeblikket."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "Kunne ikke finde IP nummeret for navnet <q>%H</q>"
"Dokumentet blev ikke fundet i cachen og <q>only-if-cached</q> (kun-hvis-gemt-"
"i-cachen) direktivet var specificeret."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr ""
"kræver en bekræftelse af gyldighed som bliver forbudt af <q>only-"
"if-cached</q> direktivet."
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "Nul Størrelse Svar"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "FEJL: Den angivne URN kunne ikke hentes"
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
-"PO-Revision-Date: 2009-09-26 08:42+1300\n"
-"Last-Translator: Constantin Rack <info@vigos.com>\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
+"PO-Revision-Date: 2010-06-10 10:13+0200\n"
+"Last-Translator: Robert Förster <Dessa@gmake.de>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
+"Language: de\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
-"Language: de\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Pootle 1.2.1\n"
+"X-Generator: Pootle 2.0.1\n"
#: templates/ERR_DIR_LISTING:6
msgid "<a href=\"../\">Parent Directory</a> (<a href=\"/\">Root Directory</a>)"
"request:"
msgstr ""
"<b>Ungültige Anfrage</b> Fehler erhalten als versucht wurde die Anfrage zu "
-"Bearbeiten:"
+"bearbeiten:"
#: templates/ERR_INVALID_RESP:4
msgid ""
#: templates/ERR_READ_TIMEOUT:7
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
-"Zeitüberschreitung beim Warten auf Daten des Netzwerks. Das Netzwerk oder "
-"der Server könnten nicht Verfügbar oder überlastet sein. Bitte versuchen "
-"sie es erneut."
+"Zeitüberschreitung beim Warten auf Daten des Netzwerks. Das Netzwerk oder "
+"der Server könnten nicht verfügbar oder überlastet sein. Bitte versuchen sie "
+"es erneut."
#: templates/ERR_URN_RESOLVE:3
msgid "A URL for the requested URN could not be retrieved"
#: templates/ERR_ACCESS_DENIED:6
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
-"Die Anfrage wurde aufgrund mangelnder Zugriffsrechte verweigert. Bitte "
+"Die Anfrage wurde aufgrund mangelnder Zugriffsrechte verweigert. Bitte "
"kontaktieren Sie Ihren Dienstanbieter falls sie denken, dass dies ein Fehler "
"ist."
#: templates/ERR_READ_ERROR:7
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
-"Ein Fehler ist beim Lesen vom Netzwerk aufgetreten. Bitte wiederholen sie "
+"Ein Fehler ist beim Lesen vom Netzwerk aufgetreten. Bitte wiederholen sie "
"die Anfrage."
#: templates/ERR_WRITE_ERROR:7
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
-"Ein Fehler ist beim Schreiben auf das Netzwerk aufgetreten. Bitte "
+"Ein Fehler ist beim Schreiben auf das Netzwerk aufgetreten. Bitte "
"wiederholen sie die Anfrage."
#: templates/ERR_CACHE_ACCESS_DENIED:3 templates/ERR_CACHE_ACCESS_DENIED:5
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr "Verzeichnis: <a href=\"%U\">%U</a>/"
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "FEHLER: Die angeforderte URL konnte nicht gefunden werden"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "FEHLER: Die angeforderte URN konnte nicht gefunden werden"
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "FEHLER: Der angeforderte URN konnte nicht gefunden werden"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
#: templates/ERR_FTP_PUT_CREATED:1
msgid "FTP PUT Successful: File Created"
-msgstr "FTP PUT Erfolgreich: Datei erstellt"
+msgstr "FTP PUT erfolgreich: Datei erstellt"
#: templates/ERR_FTP_PUT_MODIFIED:1
msgid "FTP PUT Successful: File Updated"
-msgstr "FTP PUT Erfolgreich: Datei aktualisiert"
+msgstr "FTP PUT erfolgreich: Datei aktualisiert"
#: templates/ERR_FTP_PUT_ERROR:3
msgid "FTP PUT/upload failed"
msgid "File updated"
msgstr "Datei aktualisiert"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr "Für Firefox Browser gehen sie zu: <ul>"
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr "Für Internet Explorer Browser gehen sie zu: <ul>"
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr "Für Opera Browser gehen sie zu: <ul>"
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Weiterleitung verweigert."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr "Erzeugt am %T von %h (%s)"
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr "HTTP/1.1 <q>Expect</q> wird von einer HTTP/1.0 Software erfragt"
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
-msgstr "Hey, erwarte nicht zuviel von URNs am %T :)"
+msgstr "Hey, erwarten sie nicht zuviel von URNs auf %T :)"
+
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr "Wie sie diese Einstellung in ihrem Browser finden:"
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgid "Illegal double-escape in the URL-Path"
msgstr "Ungültiger Doppel-Escape im URL-Pfad"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr "Im HTTP Proxy Feld geben sie den Proxy Namen %h und Port 3128 ein."
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "Ungültige URL"
msgid "Request is too large."
msgstr "Anfrage ist zu lang."
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr "Automatische Suche von Einstellungen"
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr "Automatisches Konfigurationsskript verwenden"
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Socketfehler"
"Squid is unable to create a TCP socket, presumably due to excessive load. "
"Please retry your request."
msgstr ""
-"Squid kann keinen TCP Socket erstellen, warscheinlich aufgrund von großer "
-"Systemlast. Bitte wiederholen sie die Anfrage."
+"Squid kann keinen TCP-Socket erstellen, wahrscheinlich aufgrund von großer "
+"Systemlast. Bitte wiederholen Sie die Anfrage."
#: templates/ERR_FTP_FAILURE:5 templates/ERR_FTP_FORBIDDEN:5
#: templates/ERR_FTP_NOT_FOUND:5 templates/ERR_FTP_PUT_ERROR:5
"holen festgestellt:"
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
-"Der Zielhost oder das Zielnetzwerk ist momentan nicht verfügbar. Bitte "
+"Der Zielhost oder das Zielnetzwerk ist momentan nicht verfügbar. Bitte "
"wiederholen sie die Anfrage."
#: templates/ERR_TOO_BIG:5
#: templates/ERR_NO_RELAY:6
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
-"Es ist kein WAIS Relay für diesen Cache definiert! Sagen sie dies dem "
+"Es ist kein WAIS Relay für diesen Cache definiert! Sagen sie dies dem "
"Administrator."
#: templates/ERR_TOO_BIG:8
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
"Diese Einschränkungen wurden vom Internetdienstanbieter eingerichtet der "
-"diesen Cache betreibt. Bitte kontaktieren sie ihn falls sie denken, dass "
+"diesen Cache betreibt. Bitte kontaktieren sie ihn falls sie denken, dass "
"dies ein Fehler ist."
#: templates/ERR_UNSUP_HTTPVERSION:6
#: templates/ERR_SHUTTING_DOWN:5
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"Dieser Cache wird momentan heruntergefahren und kann daher die Anfrage nicht "
-"bearbeiten. Bitte wiederholen sie die Anfrage gleich noch einmal."
+"bearbeiten. Bitte wiederholen sie die Anfrage gleich noch einmal."
#: templates/ERR_FORWARDING_DENIED:6
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"Dieser Cache wird ihre Anfrage nicht weiterleiten da er versucht ein "
-"Geschwisterverhältnis zu erzwingen. Warscheinlich ist der Client auf %i ein "
+"Geschwisterverhältnis zu erzwingen. Warscheinlich ist der Client auf %i ein "
"Cache der falsch konfiguriert wurde."
#: templates/ERR_ICAP_FAILURE:7
#: templates/ERR_FTP_NOT_FOUND:7
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"Die Ursache kann eine FTP URL mit einem Absoluten Pfad sein (was nicht RFC "
-"1738 konform ist).
Wenn dies der Fall ist, ist die Datei unter <a href=\"%B"
+"1738 konform ist). Wenn dies der Fall ist, ist die Datei unter <a href=\"%B"
"\">%B</a> zu finden."
#: templates/ERR_SECURE_CONNECT_FAIL:7
#: templates/ERR_CANNOT_FORWARD:6
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
-"Die Anfrage kann nicht an den Quellserver oder irgendeinen Vergeschalteten "
-"Cache weitergeleitet werden. Der wahrscheinlichste Grund ist, dass der "
+"Die Anfrage kann nicht an den Quellserver oder irgendeinen vorgeschalteten "
+"Cache weitergeleitet werden. Der wahrscheinlichste Grund ist, dass der "
"Administrator diesem Cache nicht erlaubt direkte Verbindungen zu "
"Quellservern herzustellen oder alle vorgeschalteten Cache Server momentan "
"nicht erreichbar sind."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+"Extras -> Internetoptionen -> Verbindung -> LAN Einstellungen ->"
+"Proxy"
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+"Extras -> Optionen -> Erweitert -> Netzwerk -> "
+"Verbindungseinstellungen"
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+"Extras -> Einstellungen -> Erweitert -> Netzwerk -> Proxyserver"
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "Konnte keine IP Adresse vom Hostnamen <q>%H</q> ermitteln."
"Kein gültiges Dokument wurde im Cache gefunden und <q>only-if-cached</q> "
"Option wurde angegeben."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr "Webbrowserkonfiguration"
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr ""
"revalidation prohibited by the <q>only-if-cached</q> directive."
msgstr ""
"Sie haben eine Anfrage mit der <q>only-if-cached</q> Cache Kontrolloption "
-"getätigt. Das Dokument wurde nicht im Cache gefunden, <em>oder</em> ioder es "
+"getätigt. Das Dokument wurde nicht im Cache gefunden, <em>oder</em> es "
"forderte eine Aktualisierung an welche durch die <q>only-if-cached</q> "
"Option unterbunden wurde."
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+"Ihre Webbrowserkonfiguration muss korrigiert werden um dieses Netzwerk zu "
+"nutzen."
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "Nullgrößenantwort"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "FEHLER: Die angeforderte URN konnte nicht gefunden werden"
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2009-02-25 14:35+1300\n"
"Last-Translator: George Papamichelakis <george@step.gr>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
msgstr ""
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"Προέκυψε χρονικό όριο κατά την ανάγνωση δεδομένων από το δίκτυο. Το δίκτυο ή "
"ο εξυπηρετητής δεν λειτουργεί ή υπολειτουργεί. Παρακαλώ ξαναδοκιμάστε."
msgstr "Απαγορεύεται η Πρόσβαση."
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"Οι ρυθμίσεις του μηχανισμού πρόσβασης αποτρέπουν την ολοκλήρωση της αιτήσεως "
msgstr ""
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
"Προέκυψε σφάλμα κατά την ανάγνωση δεδομένων από το δίκτυο. Παρακαλώ "
"ξαναδοκιμάστε το αίτημα σας."
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
"Προέκυψε σφάλμα κατά την εγγραφή στο δίκτυο. Παρακαλώ δοκιμάστε ξανά το "
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr ""
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "ΣΦΑΛΜΑ: Αδύνατη η πρόσβαση στην αιτούμενη διεύθυνση"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "ΣΦΑΛΜΑ: Δεν βρέθηκε διεύθυνση για το ζητούμενο όνομα"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "ΣΦΑΛΜΑ: Αδύνατη η πρόσβαση στην αιτούμενη διεύθυνση"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "Το αρχείο ανανεώθηκε"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Απαγορεύεται η προώθηση."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr ""
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "Μεταξύ μας, μην περιμένετε και πολλά από URNs στο %T :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr ""
msgid "Illegal double-escape in the URL-Path"
msgstr "Λανθασμένοι χαρακτήρες διαφυγής στη διεύθυνση"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "Λανθασμένη Διεύθυνση"
msgid "Request is too large."
msgstr "Η αίτηση είναι υπερμεγέθης."
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Σφάλμα Σύνδεσης"
msgstr ""
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
"Ο απομακρυσμένος υπολογιστής (ή δίκτυο) μάλλον δεν λειτουργεί. Δοκιμάστε "
"αργότερα."
msgstr "Το σύστημα ενημέρωσε ότι: <i>%E</i>"
#: templates/ERR_NO_RELAY:6
+#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
"Δεν έχει καθοριστεί υπολογιστής WAIS Relay για αυτό το μεσολαβητή! "
"Παραπονεθείτε στον Διαχειριστή. "
#: templates/ERR_TOO_BIG:8
+#, fuzzy
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
"Τα όρια αυτά καθορίζονται από τον Παροχέα Υπηρεσιών Διαδικτύου που "
msgstr "Αυτός ο μεσολαβητής δεν υποστηρίζει FTP."
#: templates/ERR_SHUTTING_DOWN:5
+#, fuzzy
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"Το σύστημα είναι σε διαδικασία τερματισμού και δεν μπορεί να εξυπηρετήσει το "
"αίτημα σας αυτή τη στιγμή. Παρακαλώ δοκιμάστε ξανά σε λίγο."
#: templates/ERR_FORWARDING_DENIED:6
+#, fuzzy
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"Ο μεσολαβητής δεν θα προωθήσει το αίτημα σας γιατί προσπαθεί να επιβάλει μια "
msgstr ""
#: templates/ERR_FTP_NOT_FOUND:7
+#, fuzzy
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"Αυτό μπορεί να συμβαίνει από μια διεύθυνση FTP με απόλυτή διαδρομή (το οποίο "
#, fuzzy
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"Το αίτημα σας δεν ήταν δυνατό να προωθηθεί στον αρχικό εξυπηρετητή αλλά και "
"ούτε σε κάποιο γονικό μεσολαβητή. Η πιο πιθανές αιτίες είναι Ο διαχειριστής "
"εξυπηρετητές, και Όλοι οι διαθέσιμοι γονικοί μεσολαβητές, δεν είναι "
"διαθέσιμοι."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "Δεν ήταν δυνατόν να εξακριβωθεί η διεύθυνση IP για το όνομα <q>%H</q>"
"Δεν βρέθηκε έγκυρο αντίγραφο στην μνήμη και έχει καθοριστεί η επιλογή "
"<q>only-if-cached</q>."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr "Κατα τη διάρκεια μεταφόρτωσης στη διεύθυνση: <a href=\"%U\">%U</a>"
"βρέθηκε αντίγραφο στη μνήμη, <em>ή</em> ήταν απαραίτητη η επαναφόρτωσή του "
"που απαγορεύεται από την επιλογή <q>only-if-cached</q>. "
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "Απάντηση Μηδενικού Μεγέθους"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "ΣΦΑΛΜΑ: Δεν βρέθηκε διεύθυνση για το ζητούμενο όνομα"
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
-"PO-Revision-Date: 2009-10-29 23:58+1300\n"
-"Last-Translator: Amos Jeffries <squid3@treenet.co.nz>\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
+"PO-Revision-Date: 2010-05-01 00:17+1300\n"
+"Last-Translator: Amos <squid3@treenet.co.nz>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Language: en\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Pootle 1.2.0\n"
+"X-Generator: Pootle 2.0.1\n"
#: templates/ERR_DIR_LISTING:6
msgid "<a href=\"../\">Parent Directory</a> (<a href=\"/\">Root Directory</a>)"
#: templates/ERR_READ_TIMEOUT:7
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
#: templates/ERR_URN_RESOLVE:3
msgid "A URL for the requested URN could not be retrieved"
#: templates/ERR_ACCESS_DENIED:6
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
#: templates/ERR_FTP_FORBIDDEN:4
#: templates/ERR_READ_ERROR:7
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
#: templates/ERR_WRITE_ERROR:7
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
#: templates/ERR_CACHE_ACCESS_DENIED:3 templates/ERR_CACHE_ACCESS_DENIED:5
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr "Directory: <a href=\"%U\">%U</a>/"
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "ERROR: The requested URL could not be retrieved"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "ERROR: The requested URN not be retrieved"
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "ERROR: The requested URN could not be retrieved"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "File updated"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr "For Firefox browsers go to: <ul>"
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr "For Internet Explorer browsers go to: <ul>"
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr "For Opera browsers go to: <ul>"
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Forwarding Denied."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr "Generated %T by %h (%s)"
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr "HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "Hey, don't expect too much from URNs on %T :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr "How to find these settings in your browser:"
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr "ICAP protocol error."
msgid "Illegal double-escape in the URL-Path"
msgstr "Illegal double-escape in the URL-Path"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "Invalid URL"
msgid "Request is too large."
msgstr "Request is too large."
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr "Select Automatically detect settings"
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr "Select Use Automatic proxy configuration"
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Socket Failure"
"href=\"%U\">%U</a>"
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
-msgstr "The remote host or network may be down. Please try the request again."
+msgid "The remote host or network may be down. Please try the request again."
+msgstr "The remote host or network may be down. Please try the request again."
#: templates/ERR_TOO_BIG:5
msgid "The request or reply is too large."
#: templates/ERR_NO_RELAY:6
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
#: templates/ERR_TOO_BIG:8
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
#: templates/ERR_UNSUP_HTTPVERSION:6
#: templates/ERR_SHUTTING_DOWN:5
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
#: templates/ERR_FORWARDING_DENIED:6
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
#: templates/ERR_ICAP_FAILURE:7
#: templates/ERR_FTP_NOT_FOUND:7
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
#: templates/ERR_SECURE_CONNECT_FAIL:7
#: templates/ERR_CANNOT_FORWARD:6
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
+
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
"Valid document was not found in the cache and <q>only-if-cached</q> "
"directive was specified."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr "Web Browser Configuration"
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
"directive. The document was not found in the cache, <em>or</em> it required "
"revalidation prohibited by the <q>only-if-cached</q> directive."
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+"Your Web Browser configuration needs to be corrected to use this network."
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "Zero Sized Reply"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "ERROR: The requested URN not be retrieved"
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
#: templates/ERR_READ_TIMEOUT:7
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
#: templates/ERR_URN_RESOLVE:3
#: templates/ERR_ACCESS_DENIED:6
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
#: templates/ERR_READ_ERROR:7
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
#: templates/ERR_WRITE_ERROR:7
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr ""
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr ""
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
+msgid "ERROR: The requested URN could not be retrieved"
msgstr ""
#: templates/ERR_ESI:5
msgid "File updated"
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr ""
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr ""
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr ""
msgid "Illegal double-escape in the URL-Path"
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr ""
msgid "Request is too large."
msgstr ""
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr ""
msgstr ""
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
#: templates/ERR_TOO_BIG:5
#: templates/ERR_NO_RELAY:6
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
#: templates/ERR_TOO_BIG:8
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
#: templates/ERR_SHUTTING_DOWN:5
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
#: templates/ERR_FORWARDING_DENIED:6
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
#: templates/ERR_FTP_NOT_FOUND:7
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
#: templates/ERR_CANNOT_FORWARD:6
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
msgstr ""
#: templates/ERR_DNS_FAIL:5
"directive was specified."
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr ""
"revalidation prohibited by the <q>only-if-cached</q> directive."
msgstr ""
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
msgstr ""
"Project-Id-Version: squid\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2009-03-06 00:14+0000\n"
"Last-Translator: juancarlospaco <juancarlospaco@hotmail.com>\n"
"Language-Team: Spanish <es@li.org>\n"
#: templates/ERR_READ_TIMEOUT:7
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
-"Se acabó el tiempo máximo de lectura mientras se leían "
-"datos de la red. La red o el servidor pueden estar congestionados. Por "
-"favor, inténtelo de nuevo"
+"Un tiempo de espera se produjo mientras se esperaba leer datos de la red. La "
+"red o el servidor puede estar caído o congestionado. Por favor, inténtelo "
+"de nuevo."
#: templates/ERR_URN_RESOLVE:3
msgid "A URL for the requested URN could not be retrieved"
#: templates/ERR_ACCESS_DENIED:6
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
-"Las reglas de control de acceso impiden que su petición sea permitida "
-"en este momento. Contacte con su proveedor de servicios si cree que esto es "
-"incorrecto."
+"La configuración de control de acceso evita que su solicitud sea permitida "
+"en este momento. Por favor, póngase en contacto con su proveedor de "
+"servicios si cree que esto es incorrecto."
#: templates/ERR_FTP_FORBIDDEN:4
msgid ""
#: templates/ERR_READ_ERROR:7
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
-"Ha ocurrido algún problema mientras se leían datos de la red. "
-"Por favor, inténtelo de nuevo."
+"Se ha producido un error al leer datos de la red. Por favor, inténtelo de "
+"nuevo."
#: templates/ERR_WRITE_ERROR:7
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
-"Se ha producido un error mientras se escribían datos en la red. Por "
-"favor, inténtelo de nuevo."
+"Se ha producido un error al escribir datos de la red. Por favor, inténtelo "
+"de nuevo."
#: templates/ERR_CACHE_ACCESS_DENIED:3 templates/ERR_CACHE_ACCESS_DENIED:5
msgid "Cache Access Denied."
msgstr "Directorio: %U"
#: templates/ERR_DIR_LISTING:2
-#, fuzzy
msgid "Directory: <a href=\"%U\">%U</a>/"
-msgstr "Directorio: <a href=\"/\">%U</a>/"
+msgstr "Directorio: <a href=\"%U\">%U</a>/"
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "ERROR: El URL solicitado no se ha podido conseguir"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "ERROR: El URN solicitado no se ha podido conseguir"
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "ERROR: La URN requerida no pudo ser obtenida."
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "Archivo actualizado"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr "Para navegadores basados en Firefox vaya a:"
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr "Para navegadores Internet Explorer vaya a:"
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr "Para navegadores Opera vaya a:"
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Reenvío denegado."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr "Generado %T por %h (%s)"
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+"HTTP/1.1 <q>Esperado:</q> la característica ha sido requerida desde un "
+"software HTTP/1.0."
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "Hey, no espere mucho de URNs en %T :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr "Como encontrar estas preferencias en su navegador:"
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr "Error de protocolo ICAP."
msgid "Illegal double-escape in the URL-Path"
msgstr "Hay un doble-escape ilegal en la ruta de la URL"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+"En la caja de entrada de HTTP proxy escriba el nombre del proxy %h y el "
+"puerto 3128"
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "URL Inválida"
msgid "Request is too large."
msgstr "La petición es demasiado grande."
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr "Seleccione Detectar preferencias automáticamente"
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr "Seleccione Usar Configuración automática de Proxy"
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Fallo en el puerto (socket)"
"href=\"%U\">%U</a>"
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
-"El equipo remoto o la red deben estar caídas. Por favor intenta la petición "
-"de nuevo."
+"El host remoto o la red se ha caído. Por favor, inténtelo de nuevo la "
+"petición."
#: templates/ERR_TOO_BIG:5
msgid "The request or reply is too large."
#: templates/ERR_NO_RELAY:6
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
-"Este caché no tiene definido ninguna pasarela para el protocolo "
-"WAIS !! ¡Grítele al administrador del caché !"
+"No esta definido el host wais relay para este cache. comentar con el "
+"administrador"
#: templates/ERR_TOO_BIG:8
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
-"Estos límites fueron establecidos por el Proveedor de Servicios de "
-"Internet que opera este caché. Por favor, contacte con él "
-"directamente si cree que esto es un error."
+"Estos límites han sido establecidos por el proveedor de servicios de "
+"Internet que opera este caché. Por favor, comuníquese con ellos directamente "
+"si cree que esto es un error"
#: templates/ERR_UNSUP_HTTPVERSION:6
msgid "This Squid does not accept the HTTP version you are attempting to use."
#: templates/ERR_SHUTTING_DOWN:5
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
-"Esta caché está en proceso de apagarse y no puede servir tu petición en este "
-"momento. Por favor vuelve a intentar tu petición de nuevo pronto."
+"Este caché está en el proceso de apagado y no puede atender su solicitud en "
+"este momento. Por favor, inténtelo de nuevo pronto."
#: templates/ERR_FORWARDING_DENIED:6
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
-"Este caché no permite reenviar su petición porque trata de "
-"obligar a mantener una relación de hermandad. Quizás el "
-"cliente en %i es un caché que ha sido mal configurado."
+"Este caché no transmitirá su solicitud, ya que intenta imponer una relación "
+"de conexión. Quizás el cliente en% i es un caché que se ha desconfigurado."
#: templates/ERR_ICAP_FAILURE:7
msgid "This means that some aspect of the ICAP communication failed."
#: templates/ERR_FTP_NOT_FOUND:7
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
-"Esto puede ser causado por un URL FTP con un camino absoluto (y por lo tanto "
-"no cumple con RFC 1738). Si esta es la causa, entonces el archivo puede "
-"
ser obtenido en <a href=\"%B\">%B</a>."
+"Esto podria ser causado por una URL del FTP con ruta absoluta (La cual no "
+"cumple con el RFC 1738). si esto es la causa, entonces el archivo puede ser "
+"
buscado en <a href=\"%B\">%B</a>."
#: templates/ERR_SECURE_CONNECT_FAIL:7
msgid ""
#: templates/ERR_CANNOT_FORWARD:6
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
-"La petición no ha podido ser enviada al servidor origen o a alguno de "
-"los cachés padres. Las razones más probables de que haya "
-"ocurrido este error son el administrador de lo caché no permite que "
-"este caché realice conexiones directas a los servidores origen, y "
-"todos los cachés configurados como padres son inalcanzables en este "
-"momento."
+"Esta solicitud no ha podido comunicarse con el servidor de origen o de "
+"alguna de los cachés padres. La causa más probable de este error es que el "
+"administrador de caché no permite que este caché realice conexiones directas "
+"a los servidores de origen, y todos los cachés configurados como padres son "
+"inalcanzables en este momento."
+
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+"Herramientas -> Opciones de Internet -> Conexión -> Preferencias "
+"de RED ->Proxy"
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+"Herramientas -> Opciones -> Avanzado -> Red -> Ajustes de "
+"conexión"
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+"Herramientas -> Opciones -> Avanzado -> Red -> Servidores Proxy"
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
"No se encontró un documento válido en el caché y se "
"especificó la directiva <q>only-if-cached</q>."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr "Configuración del Navegador de Internet"
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr ""
"<em>o</em> requiere revalidación prohibida por la directiva <q>only-"
"if-cached</q>"
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+"Su configuración de Navegador de Internet necesita ser corregida para usar "
+"esta red."
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "Respuesta vacía (tamaño cero)"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "ERROR: El URN solicitado no se ha podido conseguir"
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2009-01-29 22:14+0000\n"
"Last-Translator: Tanel Kurvits <Unknown>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
msgstr "<b>Vigane vastus</b> järgnev viga sooritades päringut:"
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"Lugejal katkes võrgust andmeid lugedes kannatus. Võrk võ"
"iserver võib olla maas või umbes. Proovige uuesti."
msgstr "Juurdepääs keelatud."
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"Juurdepääsu kontrolli konfiguratsioon blokeerib teie päringut."
msgstr ""
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr "Andmete lugemisel tekkis veasituatsioon. Palun korrake päringut."
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr "Võrku kirjutades tekkis viga. Palun korrake päringut."
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr ""
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "VIGA: Päring URLile ei saa vastust"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "VIGA: Päring URNile ei saa vastust"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "VIGA: Päring URLile ei saa vastust"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "Fail on uuendatud"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Edastamine keelatud."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr ""
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "Hei, mida sa ootad URNidelt %T peal:)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr ""
msgid "Illegal double-escape in the URL-Path"
msgstr "Vigane topelt-kaldkriips URLi teel"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "Vigane URL"
msgid "Request is too large."
msgstr "Päring võib olla liiga suur"
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Pistiku viga"
"a>"
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
"Server või arvutivõrk ei tööta. Palun korrake pä"
"ringut."
msgstr "Süsteem vastas: <i>%E</i>"
#: templates/ERR_NO_RELAY:6
+#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
"Selles vahemälu serveris on WAISi edastav host kirjeldamata! Kontakteeruge "
"administraatoriga."
#: templates/ERR_TOO_BIG:8
+#, fuzzy
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
"Need piirangus on seadnud teie teenusepakkuja, keshaldab seda vahemälu "
msgstr "See vahemälu server ei toeta FTPd."
#: templates/ERR_SHUTTING_DOWN:5
+#, fuzzy
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"Meie server on saanud käsu töö lõpetada ja ei saa teie "
"päringut hetkel teenindada. Palun korrake oma päringut motilde;ne "
"aja pärast."
#: templates/ERR_FORWARDING_DENIED:6
+#, fuzzy
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"Meie vahemälu server ei edasta teie päringut, kuna ta kasutab andmete "
msgstr ""
#: templates/ERR_FTP_NOT_FOUND:7
+#, fuzzy
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"See olukord võib olla tekkinud, kui FTP URL on antud absoluutse teega "
#, fuzzy
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"Päringut ei õnnestunud edastada ei originaali serverile ega "
"ühelegi vanem vahemälu serverile. Ilmselt on põhjus vahemälu "
"originaali serverile ja kõik kirjeldatud vanem vahemälu serverid on "
"hetkel kättesaamatud."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "Ei õnnestu saada hosti <q>%H</q> nimele vastavat IP aadressi"
"Kehtiv dokument puudub vahemälu serverist ja päring sisaldas <q>only-if-"
"cached</q> direktiivi."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
#, fuzzy
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
"nõudis uuendamist, mis on aga keelatud <q>only-if-cached</q> "
"direktiiviga."
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "Vastus on tühi"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "VIGA: Päring URNile ei saa vastust"
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
-"PO-Revision-Date: 2009-02-27 23:14+0330\n"
+"POT-Creation-Date: 2010-03-08 00:04+1300\n"
+"PO-Revision-Date: 2010-06-07 23:05+0330\n"
"Last-Translator: Mohsen Saeedi <mohsen.saeedi@gmail.com>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
"MIME-Version: 1.0\n"
msgstr "<a href=\"../\">مسیر اصلی</a> (<a href=\"/\">مسیر ریشه</a>)"
#: templates/ERR_INVALID_REQ:4
-msgid ""
-"<b>Invalid Request</b> error was encountered while trying to process the "
-"request:"
+msgid "<b>Invalid Request</b> error was encountered while trying to process the request:"
msgstr "<b>درخواست نامعتبر</b> این خطا در زمان پردازش درخواست روی داده بود:"
#: templates/ERR_INVALID_RESP:4
-msgid ""
-"<b>Invalid Response</b> error was encountered while trying to process the "
-"request:"
+msgid "<b>Invalid Response</b> error was encountered while trying to process the request:"
msgstr "<b>پاسخ نامعتبر</b> این خطا در زمان پردازش درخواست روی داده بود:"
#: templates/ERR_READ_TIMEOUT:7
-msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
-msgstr ""
-"زمان مجاز جهت خواندن اطلاعات از روی شبکه سپری شده است. شبکه یا سرور مورد نظر "
-"احتمالا از کار افتاده یا دارای بار زیاد است. لطفا دوباره تلاش کنید."
+msgid "A Timeout occurred while waiting to read data from the network. The network or server may be down or congested. Please retry your request."
+msgstr "زمان مجاز جهت خواندن اطلاعات از روی شبکه سپری شده است. شبکه یا سرور مورد نظر احتمالا از کار افتاده یا دارای بار زیاد است. لطفا دوباره تلاش کنید."
#: templates/ERR_URN_RESOLVE:3
msgid "A URL for the requested URN could not be retrieved"
msgstr "دسترسی رد شد."
#: templates/ERR_ACCESS_DENIED:6
-msgid ""
-"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
-"incorrect."
-msgstr ""
-"تنظیمات سطح دسترسی هماکنون به شما اجازه این درخواست را نمیدهد. در صورتی که "
-"احساس میکنید باید دسترسی داشته باشید با تهیهکننده سرویس خود تماس بگیرید."
+msgid "Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect."
+msgstr "تنظیمات سطح دسترسی هماکنون به شما اجازه این درخواست را نمیدهد. در صورتی که احساس میکنید باید دسترسی داشته باشید با تهیهکننده سرویس خود تماس بگیرید."
#: templates/ERR_FTP_FORBIDDEN:4
-msgid ""
-"An FTP authentication failure occurred while trying to retrieve the URL: <a "
-"href=\"%U\">%U</a>"
-msgstr ""
-"موقع تلاش جهت دسترسی به آدرس مورد نظر عمل شناسایی کاربر بر روی FTP با عدم "
-"موفقیت همراه بود. : <a href=\"%U\">%U</a>"
+msgid "An FTP authentication failure occurred while trying to retrieve the URL: <a href=\"%U\">%U</a>"
+msgstr "موقع تلاش جهت دسترسی به آدرس مورد نظر عمل شناسایی کاربر بر روی FTP با عدم موفقیت همراه بود. : <a href=\"%U\">%U</a>"
#: templates/ERR_FTP_FAILURE:4
-msgid ""
-"An FTP protocol error occurred while trying to retrieve the URL: <a href=\"%U"
-"\">%U</a>"
-msgstr ""
-"یک خطا روی پروتکل FTP در زمان اتصال به آدرس مورد نظر رخ داد.: <a href=\"%U"
-"\">%U</a>"
+msgid "An FTP protocol error occurred while trying to retrieve the URL: <a href=\"%U\">%U</a>"
+msgstr "یک خطا روی پروتکل FTP در زمان اتصال به آدرس مورد نظر رخ داد.: <a href=\"%U\">%U</a>"
#: templates/ERR_ICAP_FAILURE:10
msgid "An Illegal response was received from the ICAP server."
msgstr "یک جواب نامعتبر از خادم ICAP دریافت شد. "
#: templates/ERR_READ_ERROR:7
-msgid ""
-"An error condition occurred while reading data from the network. Please "
-"retry your request."
-msgstr ""
-"یک خطا در هنگام خواندن اطلاعات از روی شبکه روی داد. لطفا دوباره تلاش کنید. "
+msgid "An error condition occurred while reading data from the network. Please retry your request."
+msgstr "یک خطا در هنگام خواندن اطلاعات از روی شبکه روی داد. لطفا دوباره تلاش کنید. "
#: templates/ERR_WRITE_ERROR:7
-msgid ""
-"An error condition occurred while writing to the network. Please retry your "
-"request."
-msgstr ""
-"یک خطا در هنگام فرستادن اطلاعات در شبکه روی داد. لطفا دوباره تلاش کنید. "
+msgid "An error condition occurred while writing to the network. Please retry your request."
+msgstr "یک خطا در هنگام فرستادن اطلاعات در شبکه روی داد. لطفا دوباره تلاش کنید. "
-#: templates/ERR_CACHE_ACCESS_DENIED:3 templates/ERR_CACHE_ACCESS_DENIED:5
+#: templates/ERR_CACHE_ACCESS_DENIED:3
+#: templates/ERR_CACHE_ACCESS_DENIED:5
msgid "Cache Access Denied."
msgstr "دسترسی به نهانگاه رد شد."
#: templates/ERR_LIFETIME_EXP:5
msgid "Connection Lifetime Expired"
-msgstr "زÙ\85اÙ\86 ارتباط Ù\85Ù\86Ù\82ضÛ\8c Ø´د."
+msgstr "دÙ\88رÙ\87 عÙ\85ر ارتباط Ø´Ù\85ا بÙ\87 پاÛ\8cاÙ\86 رسÛ\8cد."
#: templates/ERR_CONNECT_FAIL:5
msgid "Connection to %I failed."
#: templates/ERR_INVALID_REQ:10
msgid "Content-Length missing for POST or PUT requests."
-msgstr ""
+msgstr "طول محتویات درخواست برای PUT یا POST کم است."
#: templates/ERR_DIR_LISTING:3
msgid "Directory Content:"
msgstr "محتویات مسیر:"
#: templates/ERR_DIR_LISTING:4
-#, fuzzy
msgid "Directory Listing"
-msgstr "محتویات مسیر:"
+msgstr "محتویات مسیر"
#: templates/ERR_DIR_LISTING:1
-#, fuzzy
msgid "Directory: %U"
-msgstr "Ù\85ØتÙ\88Û\8cات Ù\85سÛ\8cر:"
+msgstr "Ù\85سÛ\8cر : U%"
#: templates/ERR_DIR_LISTING:2
msgid "Directory: <a href=\"%U\">%U</a>/"
-msgstr ""
-
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
-#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
-#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
-#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
-#: templates/ERR_FTP_FAILURE:2 templates/ERR_FTP_FORBIDDEN:2
-#: templates/ERR_FTP_NOT_FOUND:2 templates/ERR_FTP_PUT_ERROR:2
-#: templates/ERR_FTP_UNAVAILABLE:2 templates/ERR_ICAP_FAILURE:2
-#: templates/ERR_INVALID_REQ:2 templates/ERR_INVALID_RESP:2
-#: templates/ERR_INVALID_URL:2 templates/ERR_LIFETIME_EXP:2
-#: templates/ERR_NO_RELAY:2 templates/ERR_ONLY_IF_CACHED_MISS:2
-#: templates/ERR_READ_ERROR:2 templates/ERR_READ_TIMEOUT:2
-#: templates/ERR_SECURE_CONNECT_FAIL:2 templates/ERR_SHUTTING_DOWN:2
-#: templates/ERR_SOCKET_FAILURE:2 templates/ERR_TOO_BIG:2
-#: templates/ERR_UNSUP_HTTPVERSION:2 templates/ERR_UNSUP_REQ:2
-#: templates/ERR_URN_RESOLVE:2 templates/ERR_WRITE_ERROR:2
+msgstr "مسیر: <a href=\"%U\">%U</a>/"
+
+#: templates/ERR_ACCESS_DENIED:2
+#: templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2
+#: templates/ERR_CANNOT_FORWARD:2
+#: templates/ERR_CONNECT_FAIL:2
+#: templates/ERR_DNS_FAIL:2
+#: templates/ERR_ESI:2
+#: templates/ERR_FORWARDING_DENIED:2
+#: templates/ERR_FTP_DISABLED:2
+#: templates/ERR_FTP_FAILURE:2
+#: templates/ERR_FTP_FORBIDDEN:2
+#: templates/ERR_FTP_NOT_FOUND:2
+#: templates/ERR_FTP_PUT_ERROR:2
+#: templates/ERR_FTP_UNAVAILABLE:2
+#: templates/ERR_ICAP_FAILURE:2
+#: templates/ERR_INVALID_REQ:2
+#: templates/ERR_INVALID_RESP:2
+#: templates/ERR_INVALID_URL:2
+#: templates/ERR_LIFETIME_EXP:2
+#: templates/ERR_NO_RELAY:2
+#: templates/ERR_ONLY_IF_CACHED_MISS:2
+#: templates/ERR_READ_ERROR:2
+#: templates/ERR_READ_TIMEOUT:2
+#: templates/ERR_SECURE_CONNECT_FAIL:2
+#: templates/ERR_SHUTTING_DOWN:2
+#: templates/ERR_SOCKET_FAILURE:2
+#: templates/ERR_TOO_BIG:2
+#: templates/ERR_UNSUP_HTTPVERSION:2
+#: templates/ERR_UNSUP_REQ:2
+#: templates/ERR_URN_RESOLVE:2
+#: templates/ERR_WRITE_ERROR:2
#: templates/ERR_ZERO_SIZE_OBJECT:2
msgid "ERROR"
msgstr "خطا"
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:1
msgid "ERROR: Cache Manager Access Denied"
-msgstr "خطا: رد شدÙ\86 دسترسÛ\8c براÛ\8c Ù\85دÛ\8cرÛ\8cت Ù\86Ù\87اÙ\86گاÙ\87"
+msgstr "خطا: اجازÙ\87 دسترسÛ\8c بÙ\87 Ù\85دÛ\8cرÛ\8cت Cache Ù\88جÙ\88د Ù\86دارد."
#: templates/ERR_FTP_PUT_ERROR:1
msgid "ERROR: FTP upload failed"
msgstr "خطا: بارگذاری روی FTP با موفقیت همراه نبود"
-#: templates/ERR_ACCESS_DENIED:1 templates/ERR_CANNOT_FORWARD:1
-#: templates/ERR_CONNECT_FAIL:1 templates/ERR_DNS_FAIL:1 templates/ERR_ESI:1
-#: templates/ERR_FORWARDING_DENIED:1 templates/ERR_FTP_DISABLED:1
-#: templates/ERR_FTP_FAILURE:1 templates/ERR_FTP_FORBIDDEN:1
-#: templates/ERR_FTP_NOT_FOUND:1 templates/ERR_FTP_UNAVAILABLE:1
-#: templates/ERR_ICAP_FAILURE:1 templates/ERR_INVALID_REQ:1
-#: templates/ERR_INVALID_RESP:1 templates/ERR_INVALID_URL:1
-#: templates/ERR_LIFETIME_EXP:1 templates/ERR_NO_RELAY:1
-#: templates/ERR_ONLY_IF_CACHED_MISS:1 templates/ERR_READ_ERROR:1
-#: templates/ERR_READ_TIMEOUT:1 templates/ERR_SECURE_CONNECT_FAIL:1
-#: templates/ERR_SHUTTING_DOWN:1 templates/ERR_SOCKET_FAILURE:1
-#: templates/ERR_TOO_BIG:1 templates/ERR_UNSUP_HTTPVERSION:1
-#: templates/ERR_UNSUP_REQ:1 templates/ERR_WRITE_ERROR:1
+#: templates/ERR_ACCESS_DENIED:1
+#: templates/ERR_CANNOT_FORWARD:1
+#: templates/ERR_CONNECT_FAIL:1
+#: templates/ERR_DNS_FAIL:1
+#: templates/ERR_ESI:1
+#: templates/ERR_FORWARDING_DENIED:1
+#: templates/ERR_FTP_DISABLED:1
+#: templates/ERR_FTP_FAILURE:1
+#: templates/ERR_FTP_FORBIDDEN:1
+#: templates/ERR_FTP_NOT_FOUND:1
+#: templates/ERR_FTP_UNAVAILABLE:1
+#: templates/ERR_ICAP_FAILURE:1
+#: templates/ERR_INVALID_REQ:1
+#: templates/ERR_INVALID_RESP:1
+#: templates/ERR_INVALID_URL:1
+#: templates/ERR_LIFETIME_EXP:1
+#: templates/ERR_NO_RELAY:1
+#: templates/ERR_ONLY_IF_CACHED_MISS:1
+#: templates/ERR_READ_ERROR:1
+#: templates/ERR_READ_TIMEOUT:1
+#: templates/ERR_SECURE_CONNECT_FAIL:1
+#: templates/ERR_SHUTTING_DOWN:1
+#: templates/ERR_SOCKET_FAILURE:1
+#: templates/ERR_TOO_BIG:1
+#: templates/ERR_UNSUP_HTTPVERSION:1
+#: templates/ERR_UNSUP_REQ:1
+#: templates/ERR_WRITE_ERROR:1
#: templates/ERR_ZERO_SIZE_OBJECT:1
msgid "ERROR: The requested URL could not be retrieved"
msgstr "خطا: آدرس درخواست شده را نمیتوانست دریافت شود"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
-msgstr ""
+msgstr "پردازش ESI با عدم موفقیت همراه بود."
#: templates/ERR_FTP_PUT_CREATED:1
msgid "FTP PUT Successful: File Created"
-msgstr ""
+msgstr "عمل بارگذاری روی FTP با موفقیت همراه بود: فایل ساخته شد."
#: templates/ERR_FTP_PUT_MODIFIED:1
msgid "FTP PUT Successful: File Updated"
-msgstr ""
+msgstr "عمل بارگذاری روی FTP با موفقیت همراه بود. فایل بروزرسانی شد."
#: templates/ERR_FTP_PUT_ERROR:3
msgid "FTP PUT/upload failed"
-msgstr ""
+msgstr "باگذاری روی FTP/ بارگذاری با عدم موفقیت همراه بود."
#: templates/ERR_FTP_DISABLED:5
msgid "FTP is Disabled"
-msgstr ""
+msgstr "FTP قابل دسترس نیست."
#: templates/ERR_SECURE_CONNECT_FAIL:5
msgid "Failed to establish a secure connection to %I"
-msgstr ""
+msgstr "ایجاد یک ارتباط امن به I% با عدم موفقیت همراه بود."
#: templates/ERR_FTP_PUT_CREATED:3
msgid "File created"
-msgstr ""
+msgstr "فایل ایجاد شد."
#: templates/ERR_FTP_PUT_MODIFIED:3
msgid "File updated"
-msgstr ""
+msgstr "فایل بروزرسانی شد."
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
-msgstr ""
-
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
-#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
-#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
-#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
-#: templates/ERR_FORWARDING_DENIED:8 templates/ERR_FTP_DISABLED:8
-#: templates/ERR_FTP_FAILURE:8 templates/ERR_FTP_FORBIDDEN:8
-#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
-#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
-#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
-#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
-#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
-#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
-#: templates/ERR_SECURE_CONNECT_FAIL:9 templates/ERR_SHUTTING_DOWN:7
-#: templates/ERR_SOCKET_FAILURE:9 templates/ERR_TOO_BIG:10
-#: templates/ERR_UNSUP_HTTPVERSION:8 templates/ERR_UNSUP_REQ:8
-#: templates/ERR_URN_RESOLVE:8 templates/ERR_WRITE_ERROR:9
+msgstr "امکان Forward بسته شده است."
+
+#: templates/ERR_ACCESS_DENIED:8
+#: templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8
+#: templates/ERR_CANNOT_FORWARD:8
+#: templates/ERR_CONNECT_FAIL:9
+#: templates/ERR_DIR_LISTING:7
+#: templates/ERR_DNS_FAIL:9
+#: templates/ERR_ESI:9
+#: templates/ERR_FORWARDING_DENIED:8
+#: templates/ERR_FTP_DISABLED:8
+#: templates/ERR_FTP_FAILURE:8
+#: templates/ERR_FTP_FORBIDDEN:8
+#: templates/ERR_FTP_NOT_FOUND:9
+#: templates/ERR_FTP_PUT_CREATED:4
+#: templates/ERR_FTP_PUT_ERROR:9
+#: templates/ERR_FTP_PUT_MODIFIED:4
+#: templates/ERR_FTP_UNAVAILABLE:8
+#: templates/ERR_ICAP_FAILURE:11
+#: templates/ERR_INVALID_REQ:14
+#: templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_URL:13
+#: templates/ERR_LIFETIME_EXP:8
+#: templates/ERR_NO_RELAY:8
+#: templates/ERR_ONLY_IF_CACHED_MISS:8
+#: templates/ERR_READ_ERROR:9
+#: templates/ERR_READ_TIMEOUT:9
+#: templates/ERR_SECURE_CONNECT_FAIL:9
+#: templates/ERR_SHUTTING_DOWN:7
+#: templates/ERR_SOCKET_FAILURE:9
+#: templates/ERR_TOO_BIG:10
+#: templates/ERR_UNSUP_HTTPVERSION:8
+#: templates/ERR_UNSUP_REQ:8
+#: templates/ERR_URN_RESOLVE:8
+#: templates/ERR_WRITE_ERROR:9
#: templates/ERR_ZERO_SIZE_OBJECT:8
msgid "Generated %T by %h (%s)"
-msgstr ""
+msgstr "%T توسط %h(%s) تولید شد."
+
+#: templates/ERR_INVALID_REQ:12
+msgid "HTTP/1.1 Expect: feature is being asked from an HTTP/1.0 software."
+msgstr "انتظار برای HTTP/1.1 : این ویژگی از یک نرم افزار با HTTP/1.0 درخواست شده است."
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
-msgstr ""
+msgstr "آهای، انتظار زیادی از URNها بر روی T% نداشته باش :)"
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
-msgstr ""
+msgstr "خطا در قرارداد ICAP"
#: templates/ERR_TOO_BIG:7
-msgid ""
-"If you are making a GET request, then the item you are trying to download is "
-"too large."
-msgstr ""
+msgid "If you are making a GET request, then the item you are trying to download is too large."
+msgstr "اگر شما یک درخواست GET دارید، موردی که شما در تلاش برای دریافت آن هستید بسیار بزرگ است."
#: templates/ERR_TOO_BIG:6
-msgid ""
-"If you are making a POST or PUT request, then the item you are trying to "
-"upload is too large."
-msgstr ""
+msgid "If you are making a POST or PUT request, then the item you are trying to upload is too large."
+msgstr "اگر شما یک درخواست PUT یا POST دارید، موردی که شما در تلاش برای بارگذاری هستید بسیار بزرگ است."
-#: templates/ERR_INVALID_REQ:11 templates/ERR_INVALID_URL:11
+#: templates/ERR_INVALID_REQ:11
+#: templates/ERR_INVALID_URL:11
msgid "Illegal character in hostname; underscores are not allowed."
-msgstr ""
+msgstr "کاراکتر غیرمجاز در نام دستگاه، زیرین خط (ـ) اجازه داده نشده است."
#: templates/ERR_INVALID_URL:10
msgid "Illegal double-escape in the URL-Path"
-msgstr ""
+msgstr "۲ فاصله خالی غیر مجاز در مسیر نشانی اینترنتی"
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
-msgstr ""
+msgstr "نشانی اینترنتی نامعتبر"
#: templates/ERR_INVALID_REQ:8
msgid "Missing HTTP Identifier (HTTP/1.0)."
-msgstr ""
+msgstr "فقدان شناسه HTTP (نسخه 1.0)"
#: templates/ERR_INVALID_REQ:7
msgid "Missing URL."
-msgstr ""
+msgstr "فقدان نشانی اینترنتی"
#: templates/ERR_INVALID_URL:9
msgid "Missing hostname"
-msgstr ""
+msgstr "فقدان hostname"
#: templates/ERR_INVALID_URL:8
-msgid ""
-"Missing or incorrect access protocol (should be <q>http://</q> or similar)"
-msgstr ""
+msgid "Missing or incorrect access protocol (should be <q>http://</q> or similar)"
+msgstr "فقدان یا ناصحیح بودن قرارداد دستیابی (باید به فرم<q>http://</q> یا شبیه آن باشد)"
#: templates/ERR_INVALID_REQ:6
msgid "Missing or unknown request method."
-msgstr ""
+msgstr "فقدان یا ناشناخته بودن روش درخواست."
#: templates/ERR_NO_RELAY:5
msgid "No Wais Relay"
-msgstr ""
+msgstr "عدم رله Wais"
-#: templates/ERR_FTP_PUT_CREATED:2 templates/ERR_FTP_PUT_MODIFIED:2
+#: templates/ERR_FTP_PUT_CREATED:2
+#: templates/ERR_FTP_PUT_MODIFIED:2
msgid "Operation successful"
-msgstr ""
+msgstr "عملیات موفقیتآمیز"
#: templates/ERR_DIR_LISTING:5
msgid "Parent Directory"
-msgstr ""
+msgstr "شاخه والد"
#: templates/ERR_CACHE_ACCESS_DENIED:7
-msgid ""
-"Please contact the <a href=\"mailto:%w%W\">cache administrator</a> if you "
-"have difficulties authenticating yourself or <a href=\"http://%h/cgi-bin/"
-"chpasswd.cgi\">change</a> your default password."
-msgstr ""
+msgid "Please contact the <a href=\"mailto:%w%W\">cache administrator</a> if you have difficulties authenticating yourself or <a href=\"http://%h/cgi-bin/chpasswd.cgi\">change</a> your default password."
+msgstr "لطفا در صورت داشتن مشکلاتی در زمینه شناسایی خودتان با <a href=\"mailto:%w%W\">cache administrator</a> تماس حاصل فرمایید یا از طریق <a href=\"http://%h/cgi-bin/chpasswd.cgi\">تغییر</a> رمز خود مشکل را حل نمایید."
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:7
-msgid ""
-"Please contact the <a href=\"mailto:%w%W\">cache administrator</a> if you "
-"have difficulties authenticating yourself or, if you <em>are</em> the "
-"administrator, read Squid documentation on cache manager interface and check "
-"cache log for more detailed error messages."
+msgid "Please contact the <a href=\"mailto:%w%W\">cache administrator</a> if you have difficulties authenticating yourself or, if you <em>are</em> the administrator, read Squid documentation on cache manager interface and check cache log for more detailed error messages."
msgstr ""
#: templates/ERR_READ_ERROR:5
msgid "Read Error"
-msgstr ""
+msgstr "خطا در خواندن"
#: templates/ERR_READ_TIMEOUT:5
msgid "Read Timeout"
-msgstr ""
+msgstr "سپری شدن زمان مجاز خواندن"
#: templates/ERR_INVALID_REQ:9
msgid "Request is too large."
-msgstr ""
+msgstr "درخواست بسیار بزرگ است."
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
-msgstr ""
+msgstr "خرابی سوکت"
#: templates/ERR_INVALID_URL:6
msgid "Some aspect of the requested URL is incorrect."
-msgstr ""
+msgstr "برخی از صُور نشانی اینترنتی درخواست شده ناصحیح است."
-#: templates/ERR_ICAP_FAILURE:8 templates/ERR_INVALID_REQ:5
+#: templates/ERR_ICAP_FAILURE:8
+#: templates/ERR_INVALID_REQ:5
#: templates/ERR_INVALID_URL:7
msgid "Some possible problems are:"
-msgstr ""
+msgstr "بعضی از مشکلات احتمالی:"
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:6
-msgid ""
-"Sorry, you are not currently allowed to request %U from this cache manager "
-"until you have authenticated yourself."
+msgid "Sorry, you are not currently allowed to request %U from this cache manager until you have authenticated yourself."
msgstr ""
#: templates/ERR_CACHE_ACCESS_DENIED:6
-msgid ""
-"Sorry, you are not currently allowed to request %U from this cache until you "
-"have authenticated yourself."
+msgid "Sorry, you are not currently allowed to request %U from this cache until you have authenticated yourself."
msgstr ""
#: templates/ERR_ZERO_SIZE_OBJECT:6
msgstr ""
#: templates/ERR_UNSUP_REQ:6
-msgid ""
-"Squid does not support all request methods for all access protocols. For "
-"example, you can not POST a Gopher request."
+msgid "Squid does not support all request methods for all access protocols. For example, you can not POST a Gopher request."
msgstr ""
#: templates/ERR_LIFETIME_EXP:6
-msgid ""
-"Squid has terminated the request because it has exceeded the maximum "
-"connection lifetime."
+msgid "Squid has terminated the request because it has exceeded the maximum connection lifetime."
msgstr ""
#: templates/ERR_SOCKET_FAILURE:7
-msgid ""
-"Squid is unable to create a TCP socket, presumably due to excessive load. "
-"Please retry your request."
+msgid "Squid is unable to create a TCP socket, presumably due to excessive load. Please retry your request."
msgstr ""
-#: templates/ERR_FTP_FAILURE:5 templates/ERR_FTP_FORBIDDEN:5
-#: templates/ERR_FTP_NOT_FOUND:5 templates/ERR_FTP_PUT_ERROR:5
+#: templates/ERR_FTP_FAILURE:5
+#: templates/ERR_FTP_FORBIDDEN:5
+#: templates/ERR_FTP_NOT_FOUND:5
+#: templates/ERR_FTP_PUT_ERROR:5
#: templates/ERR_FTP_UNAVAILABLE:5
msgid "Squid sent the following FTP command:"
-msgstr ""
+msgstr "اسکویید دستور FTP روبرو را فرستاد:"
#: templates/ERR_DNS_FAIL:6
msgid "The DNS server returned:"
-msgstr ""
+msgstr "کارگزار DNS برگشت داده : "
#: templates/ERR_ESI:6
msgid "The ESI processor returned:"
-msgstr ""
+msgstr "پردازش ESI برگشت داده:"
#: templates/ERR_FTP_UNAVAILABLE:4
msgid "The FTP server was too busy to retrieve the URL: <a href=\"%U\">%U</a>"
msgstr ""
#: templates/ERR_INVALID_RESP:5
-msgid ""
-"The HTTP Response message received from the contacted server could not be "
-"understood or was otherwise malformed. Please contact the site operator."
+msgid "The HTTP Response message received from the contacted server could not be understood or was otherwise malformed. Please contact the site operator."
msgstr ""
#: templates/ERR_ICAP_FAILURE:9
msgid "The ICAP server is not reachable."
-msgstr ""
+msgstr "کارگزار ICAP قابل دسترس نیست."
#: templates/ERR_FTP_NOT_FOUND:4
msgid "The following URL could not be retrieved: <a href=\"%U\">%U</a>"
msgstr ""
-#: templates/ERR_ACCESS_DENIED:4 templates/ERR_CACHE_ACCESS_DENIED:4
-#: templates/ERR_CACHE_MGR_ACCESS_DENIED:4 templates/ERR_CANNOT_FORWARD:4
-#: templates/ERR_CONNECT_FAIL:4 templates/ERR_DNS_FAIL:4 templates/ERR_ESI:4
-#: templates/ERR_FORWARDING_DENIED:4 templates/ERR_FTP_DISABLED:4
-#: templates/ERR_ICAP_FAILURE:4 templates/ERR_INVALID_URL:4
-#: templates/ERR_LIFETIME_EXP:4 templates/ERR_NO_RELAY:4
-#: templates/ERR_ONLY_IF_CACHED_MISS:4 templates/ERR_READ_ERROR:4
-#: templates/ERR_READ_TIMEOUT:4 templates/ERR_SECURE_CONNECT_FAIL:4
-#: templates/ERR_SHUTTING_DOWN:4 templates/ERR_SOCKET_FAILURE:4
-#: templates/ERR_TOO_BIG:4 templates/ERR_UNSUP_HTTPVERSION:4
-#: templates/ERR_UNSUP_REQ:4 templates/ERR_WRITE_ERROR:4
+#: templates/ERR_ACCESS_DENIED:4
+#: templates/ERR_CACHE_ACCESS_DENIED:4
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:4
+#: templates/ERR_CANNOT_FORWARD:4
+#: templates/ERR_CONNECT_FAIL:4
+#: templates/ERR_DNS_FAIL:4
+#: templates/ERR_ESI:4
+#: templates/ERR_FORWARDING_DENIED:4
+#: templates/ERR_FTP_DISABLED:4
+#: templates/ERR_ICAP_FAILURE:4
+#: templates/ERR_INVALID_URL:4
+#: templates/ERR_LIFETIME_EXP:4
+#: templates/ERR_NO_RELAY:4
+#: templates/ERR_ONLY_IF_CACHED_MISS:4
+#: templates/ERR_READ_ERROR:4
+#: templates/ERR_READ_TIMEOUT:4
+#: templates/ERR_SECURE_CONNECT_FAIL:4
+#: templates/ERR_SHUTTING_DOWN:4
+#: templates/ERR_SOCKET_FAILURE:4
+#: templates/ERR_TOO_BIG:4
+#: templates/ERR_UNSUP_HTTPVERSION:4
+#: templates/ERR_UNSUP_REQ:4
+#: templates/ERR_WRITE_ERROR:4
#: templates/ERR_ZERO_SIZE_OBJECT:4
-msgid ""
-"The following error was encountered while trying to retrieve the URL: <a "
-"href=\"%U\">%U</a>"
+msgid "The following error was encountered while trying to retrieve the URL: <a href=\"%U\">%U</a>"
msgstr ""
#: templates/ERR_URN_RESOLVE:4
-msgid ""
-"The following error was encountered while trying to retrieve the URN: <a "
-"href=\"%U\">%U</a>"
+msgid "The following error was encountered while trying to retrieve the URN: <a href=\"%U\">%U</a>"
msgstr ""
#: templates/ERR_CONNECT_FAIL:7
msgid "The request or reply is too large."
msgstr ""
-#: templates/ERR_ACCESS_DENIED:3 templates/ERR_CANNOT_FORWARD:3
-#: templates/ERR_CONNECT_FAIL:3 templates/ERR_DNS_FAIL:3 templates/ERR_ESI:3
-#: templates/ERR_FORWARDING_DENIED:3 templates/ERR_FTP_DISABLED:3
-#: templates/ERR_FTP_FAILURE:3 templates/ERR_FTP_FORBIDDEN:3
-#: templates/ERR_FTP_NOT_FOUND:3 templates/ERR_FTP_UNAVAILABLE:3
-#: templates/ERR_ICAP_FAILURE:3 templates/ERR_INVALID_REQ:3
-#: templates/ERR_INVALID_RESP:3 templates/ERR_INVALID_URL:3
-#: templates/ERR_LIFETIME_EXP:3 templates/ERR_NO_RELAY:3
-#: templates/ERR_ONLY_IF_CACHED_MISS:3 templates/ERR_READ_ERROR:3
-#: templates/ERR_READ_TIMEOUT:3 templates/ERR_SECURE_CONNECT_FAIL:3
-#: templates/ERR_SHUTTING_DOWN:3 templates/ERR_SOCKET_FAILURE:3
-#: templates/ERR_TOO_BIG:3 templates/ERR_UNSUP_REQ:3
-#: templates/ERR_WRITE_ERROR:3 templates/ERR_ZERO_SIZE_OBJECT:3
+#: templates/ERR_ACCESS_DENIED:3
+#: templates/ERR_CANNOT_FORWARD:3
+#: templates/ERR_CONNECT_FAIL:3
+#: templates/ERR_DNS_FAIL:3
+#: templates/ERR_ESI:3
+#: templates/ERR_FORWARDING_DENIED:3
+#: templates/ERR_FTP_DISABLED:3
+#: templates/ERR_FTP_FAILURE:3
+#: templates/ERR_FTP_FORBIDDEN:3
+#: templates/ERR_FTP_NOT_FOUND:3
+#: templates/ERR_FTP_UNAVAILABLE:3
+#: templates/ERR_ICAP_FAILURE:3
+#: templates/ERR_INVALID_REQ:3
+#: templates/ERR_INVALID_RESP:3
+#: templates/ERR_INVALID_URL:3
+#: templates/ERR_LIFETIME_EXP:3
+#: templates/ERR_NO_RELAY:3
+#: templates/ERR_ONLY_IF_CACHED_MISS:3
+#: templates/ERR_READ_ERROR:3
+#: templates/ERR_READ_TIMEOUT:3
+#: templates/ERR_SECURE_CONNECT_FAIL:3
+#: templates/ERR_SHUTTING_DOWN:3
+#: templates/ERR_SOCKET_FAILURE:3
+#: templates/ERR_TOO_BIG:3
+#: templates/ERR_UNSUP_REQ:3
+#: templates/ERR_WRITE_ERROR:3
+#: templates/ERR_ZERO_SIZE_OBJECT:3
msgid "The requested URL could not be retrieved"
msgstr ""
-#: templates/ERR_FTP_FAILURE:6 templates/ERR_FTP_FORBIDDEN:6
-#: templates/ERR_FTP_NOT_FOUND:6 templates/ERR_FTP_PUT_ERROR:6
+#: templates/ERR_FTP_FAILURE:6
+#: templates/ERR_FTP_FORBIDDEN:6
+#: templates/ERR_FTP_NOT_FOUND:6
+#: templates/ERR_FTP_PUT_ERROR:6
#: templates/ERR_FTP_UNAVAILABLE:6
msgid "The server responded with:"
msgstr ""
-#: templates/ERR_CONNECT_FAIL:6 templates/ERR_ICAP_FAILURE:6
-#: templates/ERR_READ_ERROR:6 templates/ERR_READ_TIMEOUT:6
-#: templates/ERR_SECURE_CONNECT_FAIL:6 templates/ERR_SOCKET_FAILURE:6
+#: templates/ERR_CONNECT_FAIL:6
+#: templates/ERR_ICAP_FAILURE:6
+#: templates/ERR_READ_ERROR:6
+#: templates/ERR_READ_TIMEOUT:6
+#: templates/ERR_SECURE_CONNECT_FAIL:6
+#: templates/ERR_SOCKET_FAILURE:6
#: templates/ERR_WRITE_ERROR:6
msgid "The system returned: <i>%E</i>"
msgstr ""
#: templates/ERR_NO_RELAY:6
-msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
-"administrator."
+msgid "There is no WAIS Relay host defined for this Cache! Yell at the administrator."
msgstr ""
#: templates/ERR_TOO_BIG:8
-msgid ""
-"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
-"error."
+msgid "These limits have been established by the Internet Service Provider who operates this cache. Please contact them directly if you feel this is an error."
msgstr ""
#: templates/ERR_UNSUP_HTTPVERSION:6
#: templates/ERR_FTP_DISABLED:6
msgid "This cache does not support FTP."
-msgstr ""
+msgstr "این کارگزار Cache از قرارداد FTP پشتیبانی نمیکند."
#: templates/ERR_SHUTTING_DOWN:5
-msgid ""
-"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+msgid "This cache is in the process of shutting down and can not service your request at this time. Please retry your request again soon."
msgstr ""
#: templates/ERR_FORWARDING_DENIED:6
-msgid ""
-"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
-"misconfigured."
+msgid "This cache will not forward your request because it is trying to enforce a sibling relationship. Perhaps the client at %i is a cache which has been misconfigured."
msgstr ""
#: templates/ERR_ICAP_FAILURE:7
msgstr ""
#: templates/ERR_FTP_PUT_ERROR:7
-msgid ""
-"This means that the FTP server may not have permission or space to store the "
-"file. Check the path, permissions, diskspace and try again."
+msgid "This means that the FTP server may not have permission or space to store the file. Check the path, permissions, diskspace and try again."
msgstr ""
#: templates/ERR_DNS_FAIL:7
-msgid ""
-"This means that the cache was not able to resolve the hostname presented in "
-"the URL. Check if the address is correct."
+msgid "This means that the cache was not able to resolve the hostname presented in the URL. Check if the address is correct."
msgstr ""
#: templates/ERR_ESI:7
-msgid ""
-"This means that the surrogate was not able to process the ESI template. "
-"Please report this error to the webmaster."
+msgid "This means that the surrogate was not able to process the ESI template. Please report this error to the webmaster."
msgstr ""
#: templates/ERR_FTP_NOT_FOUND:7
-msgid ""
-"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
-"<a href=\"%B\">%B</a>."
+msgid "This might be caused by an FTP URL with an absolute path (which does not comply with RFC 1738). If this is the cause, then the file can be found at <a href=\"%B\">%B</a>."
msgstr ""
#: templates/ERR_SECURE_CONNECT_FAIL:7
-msgid ""
-"This proxy and the remote host failed to negotiate a mutually acceptable "
-"security settings for handling your request. It is possible that the remote "
-"host does not support secure connections, or the proxy is not satisfied with "
-"the host security credentials."
+msgid "This proxy and the remote host failed to negotiate a mutually acceptable security settings for handling your request. It is possible that the remote host does not support secure connections, or the proxy is not satisfied with the host security credentials."
msgstr ""
#: templates/ERR_CANNOT_FORWARD:6
-msgid ""
-"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+msgid "This request could not be forwarded to the origin server or to any parent caches. The most likely cause for this error is that the cache administrator does not allow this cache to make direct connections to origin servers, and all configured parent caches are currently unreachable."
msgstr ""
#: templates/ERR_DNS_FAIL:5
msgid "Unable to forward this request at this time."
msgstr ""
-#: templates/ERR_UNSUP_HTTPVERSION:3 templates/ERR_UNSUP_HTTPVERSION:5
+#: templates/ERR_UNSUP_HTTPVERSION:3
+#: templates/ERR_UNSUP_HTTPVERSION:5
msgid "Unsupported HTTP version"
-msgstr ""
+msgstr "نسخه HTTP پشتیبانی نشده"
#: templates/ERR_UNSUP_REQ:5
msgid "Unsupported Request Method and Protocol"
-msgstr ""
+msgstr "روش پشتیبانینشده درخواست و قرارداد"
#: templates/ERR_ONLY_IF_CACHED_MISS:5
-msgid ""
-"Valid document was not found in the cache and <q>only-if-cached</q> "
-"directive was specified."
+msgid "Valid document was not found in the cache and <q>only-if-cached</q> directive was specified."
msgstr ""
#: templates/ERR_FTP_PUT_ERROR:4
#: templates/ERR_WRITE_ERROR:5
msgid "Write Error"
-msgstr ""
+msgstr "خطا در نوشتن"
#: templates/ERR_ONLY_IF_CACHED_MISS:6
-msgid ""
-"You have issued a request with a <q>only-if-cached</q> cache control "
-"directive. The document was not found in the cache, <em>or</em> it required "
-"revalidation prohibited by the <q>only-if-cached</q> directive."
-msgstr ""
-
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
-#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
-#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
-#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
-#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
-#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
-#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
-#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
-#: templates/ERR_READ_TIMEOUT:8 templates/ERR_SECURE_CONNECT_FAIL:8
-#: templates/ERR_SHUTTING_DOWN:6 templates/ERR_SOCKET_FAILURE:8
-#: templates/ERR_TOO_BIG:9 templates/ERR_UNSUP_HTTPVERSION:7
-#: templates/ERR_UNSUP_REQ:7 templates/ERR_URN_RESOLVE:7
-#: templates/ERR_WRITE_ERROR:8 templates/ERR_ZERO_SIZE_OBJECT:7
+msgid "You have issued a request with a <q>only-if-cached</q> cache control directive. The document was not found in the cache, <em>or</em> it required revalidation prohibited by the <q>only-if-cached</q> directive."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7
+#: templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_CONNECT_FAIL:8
+#: templates/ERR_DNS_FAIL:8
+#: templates/ERR_FORWARDING_DENIED:7
+#: templates/ERR_FTP_DISABLED:7
+#: templates/ERR_FTP_FAILURE:7
+#: templates/ERR_FTP_FORBIDDEN:7
+#: templates/ERR_FTP_NOT_FOUND:8
+#: templates/ERR_FTP_PUT_ERROR:8
+#: templates/ERR_FTP_UNAVAILABLE:7
+#: templates/ERR_INVALID_REQ:13
+#: templates/ERR_INVALID_RESP:7
+#: templates/ERR_INVALID_URL:12
+#: templates/ERR_LIFETIME_EXP:7
+#: templates/ERR_NO_RELAY:7
+#: templates/ERR_ONLY_IF_CACHED_MISS:7
+#: templates/ERR_READ_ERROR:8
+#: templates/ERR_READ_TIMEOUT:8
+#: templates/ERR_SECURE_CONNECT_FAIL:8
+#: templates/ERR_SHUTTING_DOWN:6
+#: templates/ERR_SOCKET_FAILURE:8
+#: templates/ERR_TOO_BIG:9
+#: templates/ERR_UNSUP_HTTPVERSION:7
+#: templates/ERR_UNSUP_REQ:7
+#: templates/ERR_URN_RESOLVE:7
+#: templates/ERR_WRITE_ERROR:8
+#: templates/ERR_ZERO_SIZE_OBJECT:7
msgid "Your cache administrator is <a href=\"mailto:%w%W\">%w</a>."
msgstr ""
#: templates/ERR_INVALID_RESP:6
-msgid ""
-"Your cache administrator may be able to provide you with more details about "
-"the exact nature of the problem if needed."
+msgid "Your cache administrator may be able to provide you with more details about the exact nature of the problem if needed."
msgstr ""
#: templates/ERR_ESI:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr ""
+
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2009-01-19 17:55+1300\n"
"Last-Translator: Panu H_llfors <panupa@iki.fi>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
msgstr ""
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"Odotettaessa tietoa verkosta yhteys aikakatkaistiin. Verkko tai palvelin "
"saattaa olla alhaalla tai ruuhkautunut. Uusi hakupyyntösi."
msgstr "Pääsy evätty."
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"Pääsynvalvonnan asetukset eväävät pyyntösi. Jos koet, että tämä on väärin, "
msgstr ""
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr "On ilmennyt virhetila luettaessa tietoa verkosta. Uusi hakupyyntösi."
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
"Kirjoitettaessa tietoa verkkoon ilmeni virhetilanne. Uusi hakupyyntösi."
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr ""
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "VIRHE: Pyydettyä URL-osoitetta ei voitu hakea"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr ""
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "VIRHE: Pyydettyä URL-osoitetta ei voitu hakea"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "Tiedosto päivitetty"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Edelleenohjaus evätty."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr ""
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "Hei, älä odota liikaa URN:iltä kun kyseessä on %T :-)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr ""
msgid "Illegal double-escape in the URL-Path"
msgstr "Kielletty kaksois-escape URL-osoitteessa"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "Virheellinen URL-osoite"
msgid "Request is too large."
msgstr "Hakupyyntö on liian suuri"
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Sokettivirhe"
msgstr ""
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
msgstr "Kohdepalvelin tai -verkko saattaa olla alhaalla. Uusi hakupyyntösi."
#: templates/ERR_TOO_BIG:5
msgstr "Järjestelmä palautti viestin:<i>%E</i>"
#: templates/ERR_NO_RELAY:6
+#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
"Tälle välityspalvelimelle ei ole määritelty WAIS-linkkipalvelinta. Komenna "
#: templates/ERR_TOO_BIG:8
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
#: templates/ERR_SHUTTING_DOWN:5
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
#: templates/ERR_FORWARDING_DENIED:6
+#, fuzzy
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"Tämä välityspalvelin ei edelleenohjaa pyyntöäsi koska se yrittää vahvistaa "
#: templates/ERR_FTP_NOT_FOUND:7
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
msgstr ""
#: templates/ERR_CANNOT_FORWARD:6
+#, fuzzy
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"Pyyntöäsi ei voitu edelleenohjata lähdepalvelimelle tai yhdellekään "
"ylemmälle välityspalvelimelle. Todennäköisin syy tähän on, että "
"yhteyksiä lähdepalvelimiin ja kaikki käytössä olevat ylemmät "
"välityspalvelimet ovat tavoittamattomissa."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "Nimelle <q>%H</q> ei voitu määrittää IP-osoitetta."
"Sopivaa dokumenttia ei löytynyt välityspalvelimesta, ja pyynnössäsi oli "
"<q>only-if-cached</q> (vain välityspalvelimesta) -määritys. "
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr "Yritettäessä lähettää seuraavaa URL-osoitetta: <a href=\"%U\">%U</a>"
"löytynyt välityspalvelimesta <em>tai</em> se vaati uudellenvahvistuksen, "
"jonka <q>only-if-cached</q> (vain välityspalvelimesta) -määritys kieltää."
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
-"PO-Revision-Date: 2009-11-20 13:49+0000\n"
-"Last-Translator: Quentin THEURET <quentin.theuret@gmail.com>\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
+"PO-Revision-Date: 2010-05-04 13:49+0200\n"
+"Last-Translator: <fli4l.charrier@free.fr>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
+"Language: fr\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
-"X-Generator: Translate Toolkit 1.4.0\n"
+"Plural-Forms: nplurals=2; plural=(n > 1);\n"
+"X-Generator: Pootle 2.0.1\n"
#: templates/ERR_DIR_LISTING:6
msgid "<a href=\"../\">Parent Directory</a> (<a href=\"/\">Root Directory</a>)"
"la requête :"
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"Un délai critique s'est écoulé en attendant des données du réseau. Le réseau "
"ou le serveur sont peut-être hors service ou défaillants. Veuillez réitérer "
msgstr "Accès interdit."
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"La configuration du contrôle d'accès interdit à votre requête d'être "
msgstr "Une réponse illégale a été reçue du serveur ICAP."
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
"Une erreur est survenue en essayant d'accéder au réseau.Veuillez réitérer "
"votre requête."
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
"Une erreur s'est produite lors de l'accès au réseau. Veuillez réitérer votre "
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr "Répertoire: <a href=\"%U\">%U</a>/"
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "ERREUR : L'URL demandée n'a pu être chargée"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "ERREUR : L'URN demandée n'a pu être chargée"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "ERREUR : L'URL demandée n'a pu être chargée"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "Fichier mis à jour"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Relais interdit."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr "Générée le %T par %h (%s)"
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "Hé ! N'espérez pas trop des URNs de %T :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr "Erreur de protocole ICAP."
msgid "Illegal double-escape in the URL-Path"
msgstr "Double échappement illégal dans le chemin de l'URL"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "URL invalide"
msgid "Request is too large."
msgstr "La requête est peut-être trop volumineuse"
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Erreur de socket"
"\"%U\">%U</a>"
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
"La machine distante ou le réseau sont peut-être hors service. Veuillez "
"réitérer votre requête."
msgstr "Le système a retourné : <i>%E</i>"
#: templates/ERR_NO_RELAY:6
+#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
"Il n'y a pas de machine définie comme relais WAIS sur ce cache !Adressez-"
"vous à votre administrateur."
#: templates/ERR_TOO_BIG:8
+#, fuzzy
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
"Ces limites ont été établies par le Fournisseur d'Accès à Internet qui opère "
msgstr "Ce cache ne prend pas en compte le protocole FTP."
#: templates/ERR_SHUTTING_DOWN:5
+#, fuzzy
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"Ce cache est en cours de mise hors-service temporaire et il lui est "
"impossible de satisfaire votre requête actuellement. Veuillez réiterer votre "
"requête ultérieurement."
#: templates/ERR_FORWARDING_DENIED:6
+#, fuzzy
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"Ce cache ne fera pas suivre votre requête car il tente de respecter une "
"modèle ESI. Veuillez reporter cette erreur au webmaster."
#: templates/ERR_FTP_NOT_FOUND:7
+#, fuzzy
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"Ceci pourrait etre causé par une URL de FTP avec un chemin absolu (ce qui "
"proxy n'est pas satisfait des droits de l'hôte."
#: templates/ERR_CANNOT_FORWARD:6
+#, fuzzy
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"Cette requête ne peut pas être transférée au serveur d'origine ou à tous les "
"caches parent. La cause la plus fréquente pour cette erreur est que "
"connexions directe vers les serveurs d'origine, et tous les caches parents "
"configurés sont actuellement innacessibles."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "Impossible d'associer une adresse IP à la machine <q>%H</q>"
"Aucun document valide n'a été trouvé dans le cache et la directive <q>only-"
"if-cached</q> a été spécifiée."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr "En essayant d'envoyer (PUT) l'URL suivante : <a href=\"%U\">%U</a>"
"cached</q>. Le document n'a pas été trouvé dans le cache, <em>ou</em> il "
"nécessite une revalidation, interdite par la directive <q>only-if-cached</q>."
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "Réponse de taille nulle"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "ERREUR : L'URN demandée n'a pu être chargée"
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2009-06-07 15:11+1300\n"
"Last-Translator: yoav <yoavb@zavit.net.il>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
msgstr ""
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"נוצר פסק-זמן בעת המתנה לקריאת מידע מהרשת. יכול להיות שהרשת או השרת למטה או "
"עמוסים. אנא נסה שוב."
msgstr "הגישה נדחית"
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"הגדרות הגישה מונעות אישור בקשתך. במקרה ולדעתך זוהי טעות אנא צור קשר עם מנהל "
msgstr ""
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr "ארעה שגיאת תנאי בזמן קריאת מידע מהשרת. אנא נסה שוב."
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr "ארעה שגיאת תנאי בזמן כתיבת מידע לרשת. אנא נסה שוב."
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr ""
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "שגיאה: הכתובת המבוקשת לא נגישה"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr ""
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "שגיאה: הכתובת המבוקשת לא נגישה"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "הקובץ עודכן"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "העברה נדחית."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr ""
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "אל תצפה יותר מדי מ-URN על %T :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr ""
msgid "Illegal double-escape in the URL-Path"
msgstr "בריחה כפולה שגויה בנתיב"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "כתובת שגויה"
msgid "Request is too large."
msgstr "הבקשה ארוכה מדי"
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "שגיאת חיבור"
msgstr ""
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
msgstr "יכול להיות שהשרת המרוחק למטה. אנא נסה שוב."
#: templates/ERR_TOO_BIG:5
#: templates/ERR_NO_RELAY:6
#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr "לא הוגדר שרת WAIS!"
#, fuzzy
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
"הגבלות אלו הוצבו ע\"י ספק האינטרנט אשר מתחזק שרת זה. אנא צור עמם רשק אם "
msgstr "שרת זה אינו תוצך ב-FTP."
#: templates/ERR_SHUTTING_DOWN:5
+#, fuzzy
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"השרת נמצא במצב של כיבוי ואינו יכול להשיב לבקשתך כעת. אנא נסה שוב בקרוב."
#: templates/ERR_FORWARDING_DENIED:6
+#, fuzzy
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"השרת לא יעביר את בקשתך בגלל שהיא מנסה לחייב קשרי ילדים. אולי הלקוח ב %i הוא "
msgstr ""
#: templates/ERR_FTP_NOT_FOUND:7
+#, fuzzy
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"יכול להיות שהשגיאה נוצרה בגלל נתיב מוחלט (אשר לא עונה לדרישות RFC 1738). אם "
#: templates/ERR_CANNOT_FORWARD:6
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
msgstr ""
#: templates/ERR_DNS_FAIL:5
"לא נמצא מסמך מתאים בזכרון והשרת הוגדר להראות רק דפים שבזכרון <q>only-if-"
"cached</q>. "
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr "שגיאה כאשר ניסיתי לשלוח את: <a href=\"%U\">%U</a>"
"revalidation prohibited by the <q>only-if-cached</q> directive."
msgstr ""
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2009-09-30 09:51+0000\n"
"Last-Translator: Muszela Balázs <bazsi86@gmail.com>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
msgstr ""
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"Időtúllépés történt mialatt az adatok hálózatról való olvasására várakozott "
"a cache. A hálózat vagy a szerver nem elérhető vagy túlterhelt állapotban "
msgstr "Hozzáférés megtagadva."
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"A hozzáférési konfigurációban beállítottak alapján kérését jelenleg nem "
msgstr ""
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
"Hiba történt az adatok hálózatról való olvasásakor. Ismételje meg kérését!"
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr "Hiba történt az adatok hálózatra való írásakor. Ismételje meg kérését!"
#: templates/ERR_CONNECT_FAIL:5
msgid "Connection to %I failed."
-msgstr ""
+msgstr "Csatlakozás a(z) %I-hez/hoz meghiúsult."
#: templates/ERR_INVALID_REQ:10
msgid "Content-Length missing for POST or PUT requests."
#: templates/ERR_DIR_LISTING:3
msgid "Directory Content:"
-msgstr ""
+msgstr "Könyvtár tartalom:"
#: templates/ERR_DIR_LISTING:4
-#, fuzzy
msgid "Directory Listing"
-msgstr "FTP Könyvtár Listázás"
+msgstr "Könyvtár listázás"
#: templates/ERR_DIR_LISTING:1
-#, fuzzy
msgid "Directory: %U"
-msgstr "FTP Könyvtár: %U"
+msgstr "Könyvtár: %U"
#: templates/ERR_DIR_LISTING:2
#, fuzzy
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr "FTP Könyvtár: <a href=\"/\">%U</a>/"
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "HIBA: A kért URL nem tölthető le"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "HIBA: A kért URN nem tölthető le"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "HIBA: A kért URL nem tölthető le"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "Az állomány frissítése megtörtént"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Kéréstovábbítás megtagadva."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr ""
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "Nem érdemes túl sokat várni a %T-n lévő URN-ektől :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
-msgstr ""
+msgstr "ICAP protokoll hiba."
#: templates/ERR_TOO_BIG:7
#, fuzzy
msgid "Illegal double-escape in the URL-Path"
msgstr "Az URL elérési út részében dupla escape szekvencia található"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "Érvénytelen URL"
msgid "Request is too large."
msgstr "A kérés vagy a válasz túl nagy méretű."
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Socket hiba"
#: templates/ERR_ICAP_FAILURE:8 templates/ERR_INVALID_REQ:5
#: templates/ERR_INVALID_URL:7
-#, fuzzy
msgid "Some possible problems are:"
-msgstr "Lehetséges problémák:"
+msgstr "Néhány lehetséges probléma:"
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:6
msgid ""
msgstr ""
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
"A kiszolgáló szerver vagy az adott hálózat valószínűleg nem működik. Kérjük, "
"ismételje meg kérését!"
msgstr "A rendszer válasza: <i>%E</i>"
#: templates/ERR_NO_RELAY:6
+#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
"Nincs a cache számára WAIS szerver megadva! Szóljon az adminisztrátornak."
#: templates/ERR_TOO_BIG:8
+#, fuzzy
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
"A cache-t működtető Internet szolgáltató vezette be ezeket a korlátozásokat. "
msgstr "Ez a cache szerver nem szolgál ki FTP kéréseket."
#: templates/ERR_SHUTTING_DOWN:5
+#, fuzzy
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"A cache leállásra készül és ezért nem tudja kiszolgálni a kérését. Kérjük, "
"rövid idő múlva ismételje meg kérését!"
#, fuzzy
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"Ez a cache szerver nem továbbítja kérését mivel szomszédsági kapcsolatot "
msgstr ""
#: templates/ERR_FTP_NOT_FOUND:7
+#, fuzzy
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"A hibát lehet hogy az okozta, hogy az FTP URL abszolút elérési utat "
#, fuzzy
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"A kérés nem továbbítható a forrás, illetve egyik szülő cache szerverhez sem. "
"A hiba oka valószínűleg alábbiakban rejlik a cache adminisztrátor nem "
"engedélyezi a forrás szerverekhez való közvetlen kapcsolat felépítését és "
"egyik általunk használt szülő cache szerver sem érhető el jelenleg."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
#: templates/ERR_DNS_FAIL:5
#, fuzzy
msgid "Unable to determine IP address from host name <q>%H</q>"
"A cache-ben érvényes dokumentum nem található és a kérésben <q>only-if-"
"cached</q> direktíva volt beállítva."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr "Webböngésző konfiguráció"
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr "Az alábbi URL-re történő PUT műveletnél: <a href=\"%U\">%U</a>"
"dokumentum érvényesség-ellenőrzést igényelt volna, ezt azonban az <q>only-if-"
"cached</q> direktíva megtiltotta."
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "Üres válasz"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "HIBA: A kért URN nem tölthető le"
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2008-12-18 01:19+1300\n"
"Last-Translator: Arthur Tumanyan <arthurtumanyan@yahoo.com>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
msgstr ""
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"Ցանցից տվյալների ընթերցման ընթացքում սպասման առավելագույն ժամանակը "
"գերազանցվեց․Ցանցը կամ հանգույցը չեն աշխատում կամ գերբեռնված են։ Խնդրվում է "
msgstr "Մուտքն արգելված է."
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"Մուտքի կառավարման պարամետրերը թույլ չեն տալիս կատարել Ձեր հարցումը տվյալ "
msgstr ""
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
"Ցանցից տվյալների ընթերցման ժամանակ առաջացավ սխալ.Խնդրվում է կրկնել հարցումը."
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
"Տվյալները ցանց ուղարկելու ժամանակ առաջացավ սխալ․ Խնդրվում է կրկնել հարցումը․"
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr ""
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "ՍԽԱԼ: Պահանջվող URL չի կարող առաքվել"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "ՍԽԱԼ: Պահանջվող URN չի կարող առաքվել"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "ՍԽԱԼ: Պահանջվող URL չի կարող առաքվել"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "Ֆայլը թարմացված է"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Վերահասցեագրումն արգելված է."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr ""
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "Չարժե շատ բան սպասել URN-ից %T -ի վրա :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr ""
msgid "Illegal double-escape in the URL-Path"
msgstr "Անթույլատրելի կրկնակի կառավարող նիշ URL ուղղում"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr ""
msgid "Request is too large."
msgstr "Հարցման ծավալը շատ մեծ է"
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Socket ձախողում "
msgstr ""
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
"Հեռակա հանգույցը կամ ցանցը չեն պատասխանում. Խնդրվում է կրկնել հարցումը. "
msgstr "Ստացված պատասխանը: <i>%E</i>"
#: templates/ERR_NO_RELAY:6
+#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr "Այս քեշի համար WAIS Relay որոշված չէ! Հայտնեք կառավարիչին. "
#: templates/ERR_TOO_BIG:8
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
msgstr ""
#: templates/ERR_SHUTTING_DOWN:5
+#, fuzzy
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"Այս քեշը տվյալ պահին գտնվում է անջատման պրոցեսում և չի կարող սպասարկել Ձեր "
"հարցումը․Կրկնեք հարցումը որոշ ժամանակ անց․"
#: templates/ERR_FORWARDING_DENIED:6
+#, fuzzy
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"Այս քեշը անկարող է վերահասցեագրել Ձեր հարցումը sibling տիպի "
msgstr ""
#: templates/ERR_FTP_NOT_FOUND:7
+#, fuzzy
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"Սա կարող է լինել FTP URL -ի բացարձակ ուղղով հարցման արդյունք (ինչը չի "
#, fuzzy
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"Այս հարցումը հնարավոր չէ վերահասցեագրել սկզբնաղբյուր սերվերին կամ ծնողական "
"քեշերից որևէ մեկին․Սխալի ամենահավանական պատճառներն են Այս սերվերի կառավարիչը "
"արգելել է բոլոր ուղիղ միացումները սկզբնաղբյուր սերվերների հետ Բոլոր ծնողական "
"քեշերը տվյալ պահին անհասանելի են."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "Անհնար է որոշել <q>%H</q> հանգույցի IP հասցեն."
"directive was specified."
msgstr "Օբյեկտը քեշում գտնված չէ; ձևավորվեց <q>only-if-cached</q> դիրեկտիվը."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
#, fuzzy
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
"revalidation prohibited by the <q>only-if-cached</q> directive."
msgstr ""
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "Զրոյական երկարությամբ պատասխան "
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "ՍԽԱԼ: Պահանջվող URN չի կարող առաքվել"
msgstr ""
"Project-Id-Version: squid\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2008-11-02 03:46+1300\n"
"Last-Translator: Ramdhani Fathurrohman <kontak@ramdhani.net>\n"
"Language-Team: Indonesian <id@li.org>\n"
"permintaan:"
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"Timeout terjadi ketika menunggu untuk membaca data dari jaringan. Jaringan "
"atau server mungkin mati atau tersumbat. Coba coba lagi permintaan anda."
msgstr "Akses Ditolak"
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"Konfigurasi kontrol akses mencegah permintaan anda dibolehkan pada waktu "
msgstr "Sebuah tanggapan Illegal diterima dari ICAP server."
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
"Kondisi kesalahan terjadi sedangkan membaca data dari jaringan. Silahkan "
"coba lagi permintaan anda."
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
"Kondisi kesalahan terjadi ketika sedang menulis kepada jaringan. Silahkan "
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr ""
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr ""
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr ""
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "URL untuk URN yang diminta tidak bisa didapatkan kembali"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "File sudah diperbaharui"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr ""
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr ""
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr ""
msgid "Illegal double-escape in the URL-Path"
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr ""
msgid "Request is too large."
msgstr ""
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr ""
msgstr ""
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
#: templates/ERR_TOO_BIG:5
#: templates/ERR_NO_RELAY:6
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
#: templates/ERR_TOO_BIG:8
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
#: templates/ERR_SHUTTING_DOWN:5
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
#: templates/ERR_FORWARDING_DENIED:6
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
#: templates/ERR_FTP_NOT_FOUND:7
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
#: templates/ERR_CANNOT_FORWARD:6
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
msgstr ""
#: templates/ERR_DNS_FAIL:5
"directive was specified."
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr ""
"revalidation prohibited by the <q>only-if-cached</q> directive."
msgstr ""
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
-"PO-Revision-Date: 2009-11-02 23:27+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
+"PO-Revision-Date: 2010-05-05 13:38+0200\n"
"Last-Translator: Francesco Chemolli <kinkie@squid-cache.org>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
+"Language: it\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
-"Language: it\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Pootle 1.2.1\n"
+"X-Generator: Pootle 2.0.1\n"
"X-Launchpad-Export-Date: 2009-07-22 10:00+0000\n"
#: templates/ERR_DIR_LISTING:6
msgid "<a href=\"../\">Parent Directory</a> (<a href=\"/\">Root Directory</a>)"
msgstr ""
-"<a href=\"../\">Directory superiore</a> (<a href=\"/\">Directory radice</a>)"
+"<a href=\"../\">Directory superiore</a> (<a href=\"/\">Directory principale</a>)"
#: templates/ERR_INVALID_REQ:4
msgid ""
#: templates/ERR_READ_TIMEOUT:7
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
-"Si è verificato un timeout durante la ricezione dei dati dalla rete. La rete "
-"o il server potrebbero essere scollegati o in congestione. Riprovare più "
-"tardi."
+"Si è verificato un errore di time-out durante la lettura delle informazioni. "
+"La rete o il server potrebbero essere inaccessibili o sovraccarichi. "
+"Riprovare più tardi."
#: templates/ERR_URN_RESOLVE:3
msgid "A URL for the requested URN could not be retrieved"
#: templates/ERR_ACCESS_DENIED:6
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
-"La configurazione di controllo d'accesso non consente di soddisfare la "
-"richiesta. Si prega di contattare il fornitore del servizio nel caso questo "
-"comportamento sia scorretto."
+"La richiesta non è permessa dalle impostazioni di sicurezza. Se ritieni sia "
+"un errore, contatta il fornitore del servizio."
#: templates/ERR_FTP_FORBIDDEN:4
msgid ""
#: templates/ERR_READ_ERROR:7
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
-"Si è verificato un errore nella ricezione dei dati dalla rete. Si prega di "
-"ritentare la richiesta."
+"Si è verificato un errore durante la lettura delle informazioni dalla rete. "
+"Riprova più tardi."
#: templates/ERR_WRITE_ERROR:7
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
-"Si è verificato un errore durante la ricezione dei dati dalla rete. Si prega "
-"di ritentare la richiesta."
+"Si è verificato un errore durante la scrittura di informazioni sulla rete. "
+"Riprova più tardi."
#: templates/ERR_CACHE_ACCESS_DENIED:3 templates/ERR_CACHE_ACCESS_DENIED:5
msgid "Cache Access Denied."
#: templates/ERR_LIFETIME_EXP:5
msgid "Connection Lifetime Expired"
-msgstr "Il timeout di mantenimento della connessione è scaduto."
+msgstr "Il tempo di mantenimento di connessioni inattive è scaduto."
#: templates/ERR_CONNECT_FAIL:5
msgid "Connection to %I failed."
#: templates/ERR_INVALID_REQ:10
msgid "Content-Length missing for POST or PUT requests."
-msgstr "Una richiesta di tipo POST o PUT non contiene il campo Content-Length."
+msgstr "La richiesta di tipo POST o PUT non contiene il campo Content-Length."
#: templates/ERR_DIR_LISTING:3
msgid "Directory Content:"
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr "Directory: <a href=\"%U\">%U</a>/"
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:1
msgid "ERROR: Cache Manager Access Denied"
-msgstr "ERRORE: l'accesso al Cache Manager è negato."
+msgstr "ERRORE: accesso al Cache Manager negato."
#: templates/ERR_FTP_PUT_ERROR:1
msgid "ERROR: FTP upload failed"
-msgstr "ERRORE: l'invio del file via FTP non ha avuto successo."
+msgstr "ERRORE: l'invio del file via FTP non è riuscito."
#: templates/ERR_ACCESS_DENIED:1 templates/ERR_CANNOT_FORWARD:1
#: templates/ERR_CONNECT_FAIL:1 templates/ERR_DNS_FAIL:1 templates/ERR_ESI:1
msgstr "ERRORE: non è possibile accedere alla URL richiesta"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
+msgid "ERROR: The requested URN could not be retrieved"
msgstr "ERRORE: non è possibile accedere alla URN richiesta"
#: templates/ERR_ESI:5
msgid "File updated"
msgstr "Il file è stato aggiornato."
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr "Per configurare Mozilla Firefox accedere a: <ul>"
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr "Per configurare Microsoft Internet Explorer: <ul>"
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr "Per configurare i browser Opera: <ul>"
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Inoltro negato."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr "Generato da %h (%s) il %T."
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+"Un software HTTP/1.0 sta cercando di utilizzare le funzionalità <q>Expect</"
+"q> di HTTP/1.1."
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
-msgstr "Hey, non ci si deve aspettare granchè dalle URN su %T :)"
+msgstr "Ehi, non ci si deve aspettare granché dalle URN su %T :)"
+
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr "Indicazioni su come configurare il tuo browser sono disponibili a:"
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
#: templates/ERR_INVALID_REQ:11 templates/ERR_INVALID_URL:11
msgid "Illegal character in hostname; underscores are not allowed."
-msgstr ""
-"C'è un carattere irregolare nel nome host: gli underscore \"_\" non sono "
-"consentiti."
+msgstr "Nome host non valido: i caratteri underscore (\"_\") non sono consentiti."
#: templates/ERR_INVALID_URL:10
msgid "Illegal double-escape in the URL-Path"
msgstr "Doppia codifica (\"double-escape\") non valida nella path della URL."
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+"Nel box \"Proxy HTTP\" inserisci l'indirizzo del proxy (%h) e la porta 3128."
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "URL non valida"
msgid "Request is too large."
msgstr "La richiesta è di dimensioni troppo grandi."
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr "Seleziona \"Rileva automaticamente impostazioni\""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr "Seleziona \"Usa script di configurazione automatica\""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "L'operazione di rete (socket) è fallita."
#: templates/ERR_INVALID_URL:6
msgid "Some aspect of the requested URL is incorrect."
-msgstr "Qualche aspetto della URL richiesta è scorretto"
+msgstr "Qualcosa nella URL richiesta non è corretto."
#: templates/ERR_ICAP_FAILURE:8 templates/ERR_INVALID_REQ:5
#: templates/ERR_INVALID_URL:7
#: templates/ERR_ZERO_SIZE_OBJECT:6
msgid "Squid did not receive any data for this request."
-msgstr "Squid non ha ricevuto risposta a questa richiesta."
+msgstr "Squid non ha ricevuto dati per questa richiesta."
#: templates/ERR_UNSUP_REQ:6
msgid ""
"Squid has terminated the request because it has exceeded the maximum "
"connection lifetime."
msgstr ""
-"La richiesta è stata interrotta perchè è stato superato il limite di durata "
-"massimo della connessione."
+"La richiesta è stata interrotta perché è stato superato il limite di durata "
+"massima della connessione."
#: templates/ERR_SOCKET_FAILURE:7
msgid ""
"Squid is unable to create a TCP socket, presumably due to excessive load. "
"Please retry your request."
msgstr ""
-"Squid non è in grado di aprire un socket TCP, probabilmente a causa del "
-"sovraccarico. Si prega di ritentare la richiesta."
+"Squid non è in grado di aprire un socket TCP, probabilmente per un "
+"sovraccarico. Riprovare più tardi."
#: templates/ERR_FTP_FAILURE:5 templates/ERR_FTP_FORBIDDEN:5
#: templates/ERR_FTP_NOT_FOUND:5 templates/ERR_FTP_PUT_ERROR:5
"il seguente errore:"
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
-"Il server remoto o un tratto di rete necessario a raggiungerlo potrebbero "
-"essere guasti. Si prega di ritentare la richiesta tra qualche minuto."
+"Il server remoto e` irraggiungibile, forse per un guasto di rete. Riprova "
+"tra qualche minuto."
#: templates/ERR_TOO_BIG:5
msgid "The request or reply is too large."
#: templates/ERR_NO_RELAY:6
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
-"Non è stato configurato alcun server di relay per il protocollo WAIS su "
-"questa Cache! Prenditela con l'amministratore."
+"Non è stato definito nessun host per il relay del servizio WAIS! Prenditela "
+"con l'amministratore."
#: templates/ERR_TOO_BIG:8
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
-"Questi limiti sono stati imposti dal provider che gestisce questo Proxy. Se "
-"ritenete che questo sia scorretto si prega di contattarlo."
+"Questi limiti sono stati stabiliti dall'ISP che gestisce questo proxy. Se "
+"ritieni sia un errore, contatta il fornitore del servizio."
#: templates/ERR_UNSUP_HTTPVERSION:6
msgid "This Squid does not accept the HTTP version you are attempting to use."
#: templates/ERR_SHUTTING_DOWN:5
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
-"Questo Proxy non è in grado di soddisfare la richiesta perchè è in fase di "
-"spegnimento. si prega di riprovare tra qualche minuto."
+"Non è possibile eseguire la richiesta perché è in corso lo spegnimento del "
+"proxy. Riprova tra poco."
#: templates/ERR_FORWARDING_DENIED:6
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
-"Il proxy non inoltrerà questa richiesta, perchè tenta di stabilire una "
-"relazione di parentela. Probabilmente il client all'indirizzo %i è una cache "
-"configurata in modo sbagliato."
+"Questo proxy non inoltrerà questa richiesta perché tenta di forzare una "
+"relazione di parentela. Forse il client all'indirizzo %i è un proxy "
+"configurato in modo errato."
#: templates/ERR_ICAP_FAILURE:7
msgid "This means that some aspect of the ICAP communication failed."
#: templates/ERR_FTP_NOT_FOUND:7
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
-"Questo potrebbe essere causato da una URL FTP con un percorso completo, "
-"comportamento questo non conforme allo standard imposto dalla RFC 1738. Se "
-"
questo è il caso, il file è disponibile alla URL <a href=\"%B\">%B</a>."
+"Questo potrebbe essere causato da una URL FTP contenente percorsi assoluti "
+"(il che non è compatibile con la RFC 1738). Se è questa la causa, il file "
+"
può essere disponibile all'indirizzo <a href=\"%B\">%B</a>."
#: templates/ERR_SECURE_CONNECT_FAIL:7
msgid ""
"host does not support secure connections, or the proxy is not satisfied with "
"the host security credentials."
msgstr ""
-"Questo Proxy e il server remoto non sono riusciti a negoziare una "
-"connessione cifrata con caratteristiche mutuamente accettabili. È possibile "
-"che il server non supporti le connessioni cifrate, o che il proxy non sia "
-"soddisfatto dalle credenziali di sicurezza proposte dal server."
+"Questo proxy e l'host remoto non sono riusciti a negoziare una connessione "
+"sicura. Probabilmente il server remoto non supporta connessioni sicure, o il "
+"proxy non è soddisfatto delle credenziali di sicurezza proposte dall'host."
#: templates/ERR_CANNOT_FORWARD:6
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
-"Non è stato possibile inoltrare la richiesta al server di origine nè ad "
-"alcun proxy di tipo <em>parent</em> noto. La causa più probabile è che "
-"questo proxy sia configurato per non contattare mai direttamente il server "
-"di origine, e che tutti i proxy <em>parent</em> non siano disponibili in "
-"questo momento."
+"La richiesta non può essere inoltrata al server di origine dei dati né ad "
+"alcun proxy di livello superiore. La causa più probabile è che "
+"l'amministratore del proxy abbia bloccato le connessioni dirette al server "
+"originario, e che tutti i proxy di livello superiore siano inaccessibili."
+
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+"Strumenti -> Opzioni Internet -> Connessioni -> Impostazioni LAN "
+"->Proxy"
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+"Strumenti -> Opzioni -> Avanzate -> Rete -> Impostazioni di "
+"connessione"
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr "Strumenti -> Preferenze -> Avanzate -> Rete -> Server proxy"
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
"Valid document was not found in the cache and <q>only-if-cached</q> "
"directive was specified."
msgstr ""
-"Non è stato possibile reperire un documento aggiornato nella cache e la "
+"Non è stato possibile reperire un documento valido nella cache, e la "
"richiesta contiene la direttiva <q>only-if-cached</q>."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr "Configurazione del browser"
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr ""
"<em>oppure</em> richiedeva una operazione di verifica, non consentita dalla "
"direttiva."
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+"La configurazione del tuo browser dev'essere modificata prima di poter "
+"utilizzare questa rete."
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
-msgstr "Risposta di dimensione nulla."
+msgstr "Risposta di dimensione nulla"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "ERRORE: non è possibile accedere alla URN richiesta"
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2009-01-30 20:02+1300\n"
"Last-Translator: Takahiro Kambe <taca@back-street.net>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
"生しました:"
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"ネットワークからデータを読もうと待っている間にタイムアウトが発生しました。"
"ネットワークもしくはサーバが稼働していないか、あるいは混雑しています。再度リ"
msgstr "アクセスを拒否されました。"
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"設定されているアクセス制御の設定のため、今回はあなたからのリクエストは受けつ"
msgstr "ICAPサーバから不正な応答がありました。"
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
"ネットワークからデータを受信している間にエラーが発生しました。再度、リクエス"
"トしてください。"
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
"ネットワークにデータを送信している間にエラーが発生しました。再度リクエストし"
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr "ディレクトリ: <a href=\"/\">%U</a>/"
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "エラー: 要求されたURLからデータを取り出せませんでした。"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "エラー: 要求されたURNからデータを取り出せませんでした。"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "エラー: 要求されたURLからデータを取り出せませんでした。"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "ファイルを更新しました。"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "転送は拒否されました。"
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr "%Tに%h (%s)が生成しました。"
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "やあ、%Tの時点でURNには多くを期待しないでください。:)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr "ICAPのプロトコル・エラーです。"
msgid "Illegal double-escape in the URL-Path"
msgstr "不正な二重のエスケープがURLパスにあります。"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "不正なURL"
msgid "Request is too large."
msgstr "リクエストが長すぎます。"
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "ソケット作成に失敗"
msgstr ""
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
"接続先のホストもしくはネットワークが稼働していません.しばらく待ってからもう"
"一度試して下さい."
msgstr "システムが以下のエラーを返しました: <i>%E</i>"
#: templates/ERR_NO_RELAY:6
+#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr "WAIS リレー用ホストが定義されていません! 管理者に連絡してください."
#, fuzzy
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
"これらの制限は、このキャッシュの運用者によって課されています。これがエラーだ"
msgstr "キャッシュは FTP をサポートしていません."
#: templates/ERR_SHUTTING_DOWN:5
+#, fuzzy
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"このキャッシュは稼働停止の処理に入っていて、現在あなたのリクエストへのサービ"
"スを提供できません。後で再度リクエストしてください."
#: templates/ERR_FORWARDING_DENIED:6
+#, fuzzy
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"キャッシュ間における関係を強制的に兄弟関係となるようにしているため,キャッ"
msgstr ""
#: templates/ERR_FTP_NOT_FOUND:7
+#, fuzzy
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"これは(RFC 1738に従っていない)絶対パスを含んだFTPのURLによる可能性がありま"
#, fuzzy
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"あなたのリクエストは,元のサーバもしくは他の親キャッシュサーバへ転送できませ"
"ん.これは次の理由により発生したと考えられますキャッシュ管理者が元のサーバに"
"直接接続しないように設定した. 設定されている全ての親キャッシュサーバへ現在到"
"達できない."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "以下のホスト名の IP address を調べられません.<q>%H</q>"
"<q>only-if-cached</q> の指定がありましたが,その文書がキャッシュに存在してい"
"ません."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr "以下の URL を PUT しようとした際に: <a href=\"%U\">%U</a>"
"(<q>only-if-cached</q> によって禁止されている)この文書が更新されているかどう"
"かの再確認が必要です."
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "サイズがゼロの応答"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "エラー: 要求されたURNからデータを取り出せませんでした。"
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2009-06-05 17:23+1300\n"
"Last-Translator: Jaeyeon Jung <jjung@cosmos.kaist.ac.kr>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
msgstr ""
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"데이터를 네트웍을 통해 읽어오려고 기다리던 중 시간이 경과하였습니다. 네트웍"
"이 혼잡상태에 있거나 서버가 서비스 불능 상태일 수 있습니다. 다시 요청하십시"
msgstr "서버 이용 요구가 거절되었습니다."
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"이 서버를 이용하기 위해서는 이용 허가가 필요합니다. 관리자에게 문의 하십시오."
msgstr ""
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
"데이터를 네트웍을 통해 읽어오는 동안 에러가 발생했습니다. 다시 요청하십시오."
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
"네트웍을 통해서 데이터를 쓰던 중 에러가 발생했습니다. 다시 시도해 주십시오."
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr ""
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "에러: 요청된 URL을 가져올 수 없습니다"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr ""
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "에러: 요청된 URL을 가져올 수 없습니다"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "파일이 변경되었습니다"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "포워딩 불가"
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr ""
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "%T의 URN에 대해 너무 많은 것을 기대하지 마세요. :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr ""
msgid "Illegal double-escape in the URL-Path"
msgstr "URL-Path에 double-escape이 있다."
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "잘못된 URL"
msgid "Request is too large."
msgstr "Request가 너무 크다."
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "소켓 생성 실패"
msgstr ""
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
msgstr "상대 호스트나 네트웍이 동작하지 않습니다. 다시 시도하십시오."
#: templates/ERR_TOO_BIG:5
msgstr "시스템은 아래와 같은 메시지를 보내왔습니다: <i>%E</i>"
#: templates/ERR_NO_RELAY:6
+#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
"이 캐쉬는 WAIS Relay 호스트가 지정되어 있지 않습니다. 관리자 에게 요청하십시"
#: templates/ERR_TOO_BIG:8
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
msgstr "FTP 서비스가 불가능 합니다."
#: templates/ERR_SHUTTING_DOWN:5
+#, fuzzy
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"이 캐쉬는 서비스를 마치려고 하기 때문에 현재는 요청된 서비스를 수행할 수 없습"
"니다. 조금 후 다시 시도해 주십시오."
#: templates/ERR_FORWARDING_DENIED:6
+#, fuzzy
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"이 캐쉬는 sibling 관계로 설정되어 있기 때문에 이 요청을 처리할 수 없습니다. %"
msgstr ""
#: templates/ERR_FTP_NOT_FOUND:7
+#, fuzzy
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"FTP URL을 절대 경로로 지정하였을 때 (RFC 1738에 어긋납니다) 이러한 문제가 발"
#, fuzzy
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"이 요청을 origin server나 다른 parent cache로 진행 시킬 수 없습니다. 다음과 "
"같은 원인이 있을 수 있습니다. 이 캐쉬는 origin server로 직접 연결이 불가능 하"
"도록 캐쉬 관리자에 의해 설정되었다. 모든 parent cache로의 접속이 불가능 하다."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "<q>%H</q> 에 대해서 IP 주소를 찾을 수 없습니다."
"directive was specified."
msgstr "캐쉬에 유효한 문서가 없고 <q>only-if-cached</q> 가 지정되었습니다."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr "다음 URL을 전송하던 중: <a href=\"%U\">%U</a>"
"<q>only-if-cached</q>가 지정되어 문서가 요청되었습니다. 요청된 문서가 캐쉬에 "
"없거나, <em>혹은</em> 재확인을 해야 합니다."
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2009-06-07 19:27+1300\n"
"Last-Translator: DVM <dvm382@takas.lt>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
msgstr ""
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"Klaida įvyko laukiant duomenų atsiuntimo iš tinklo. Tinklas arba serveris "
"gali būti atjungtas arba perkrautas. Prašome pakartoti užklausą."
msgstr "Priėjimas draudžiamas."
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"Priėjimo kontrolės konfigūracija šiuo metu neleidžia atsiųsti jūsų nurodyto "
msgstr ""
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
"Įvyko klaida skaitant duomenis tinkle. Prašome pakartoti savo užklausą."
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr "Įvyko klaida bandant rašyti tinkle. Prašome pakartoti savo užklausą."
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr ""
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "KLAIDA: Puslapis nurodytu adresu negali būti atsiųstas"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "KLAIDA: Nurodytas URN negali būti atsiųstas"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "KLAIDA: Puslapis nurodytu adresu negali būti atsiųstas"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "Failas atnaujintas"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Pervedimo komanda neleistina."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr ""
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "Mielieji, siūlau daug nesitikėti iš URNų %T :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr ""
msgid "Illegal double-escape in the URL-Path"
msgstr "Neleistinas double-escape kodas adrese"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "Klaidingas adresas"
msgid "Request is too large."
msgstr "Užklausa per didelė"
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Socket klaida"
msgstr ""
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
"Nurodytas serveris arba tinklas yra atjungtas. Pabandykite vykdyti užklausą "
"vėliau."
msgstr "Sistema atsakė: <i>%E</i>"
#: templates/ERR_NO_RELAY:6
+#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
"WAIS Relay serveris yra nenurodytas šiame proxy serveryje! Šauk ant (tik ne "
"į) admino."
#: templates/ERR_TOO_BIG:8
+#, fuzzy
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
"Šie apribojimai yra uždėti jūsų Interneto tiekėjo. Prašome kreiptis į savo "
msgstr "Šis proxy serveris nepalaiko FTP."
#: templates/ERR_SHUTTING_DOWN:5
+#, fuzzy
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"Šiuo metu kešas yra išjungiamas ir negali jūsų aptarnauti. Prašome pakartoti "
"užklausą vėliau."
#: templates/ERR_FORWARDING_DENIED:6
+#, fuzzy
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"Šis kešas negali perkelti jūsų užklausos, kadangi ji bando sukurti sibling "
msgstr ""
#: templates/ERR_FTP_NOT_FOUND:7
+#, fuzzy
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"Tai gali būti sąlygota FTP adreso su pilnu keliu (kuris neatitinka RFC 1738 "
#, fuzzy
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"Užklausa negali būti persiųsta į pagrindinį serverį arba kurį nors pagalbinį "
"proxy serverį. Pagrindinės tokios klaidos priežastys yra šios Proxy "
"administratorius neleidžia serveriui kurti tiesioginių susijungimų su "
"serveriais, ir Visi pagalbiniai proxy serveriai šiuo metu yra nepasiekiami."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "Neįmanoma nustatyti <q>%H</q> serverio IP adreso"
"Tinkamas dokumentas nerastas proxy serveryje ir <q>only-if-cached</q> "
"komanda buvo nurodyta."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
#, fuzzy
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
"Dokumentas nerastas serveryje, <em>arba</em> jis pareikalavopatvirtinimo "
"uždrausto <q>only-if-cached</q> komandos."
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "Atsakymas nulinis"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "KLAIDA: Nurodytas URN negali būti atsiųstas"
msgstr ""
"Project-Id-Version: squid\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2009-10-28 12:47+0000\n"
"Last-Translator: Mārtiņš Bruņenieks <Unknown>\n"
"Language-Team: Latvian <lv@li.org>\n"
"<b>Nekorekta atbilde</b> notikusi kļūda mēģinot apstrādāt pieprasījumu:"
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"Iestājusies noildze, gaidot datus no tīkla. Tīkls vai serveris nestrādā vai "
"ir pārslogots."
msgstr "Pieeja liegta"
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"Šobrīd pēc pieejas kontroles uzstādījumiem jūsu pieprasījums nav atļauts. Ja "
msgstr "Saņemta nekorekta atbilde no ICAP servera"
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
"Iestājusies kļūdas situācija saņemot datus no tīkla. Lūdzu atkārtojiet savu "
"pieprasījumu."
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
"Iestājusies kļūdas situācijanosūtot datus pa tīklu. Lūdzu atkārtojiet savu "
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr "Direktorijs: <a href=\"/\">%U</a>/"
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "KĻŪDA: Pieprasītā adrese nav atrodama"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
msgstr "KĻŪDA: Pieprasītā adrese nav atrodama"
#: templates/ERR_ESI:5
msgid "File updated"
msgstr "Datne augšupielādēta"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Pārsūtīšana aizliegta."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr "Ģenerēts %T by %h (%s)"
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "Hi, neiaizraujies par daudz ar %T :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr "ICAP protokola kļūda."
msgid "Illegal double-escape in the URL-Path"
msgstr "Adresē ir divas atsoļa rakstzīmes, kas ir aizliegtas"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "Nepareizs URL"
msgid "Request is too large."
msgstr "Pieprasījums ir par lielu."
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Savienojuma kļūda"
"Iestājusies sekojoša kļūda mēģinot atvērt adresi: <a href=\"%U\">%U</a>"
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
msgstr "Serveris vai tīkls nestrādā. Lūdzu atkārtojiet pieprasījumu."
#: templates/ERR_TOO_BIG:5
msgstr "Sistēma atbildēja: <i>%E</i>"
#: templates/ERR_NO_RELAY:6
+#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
"Šai kešatmiņai nav definēta WAIS retranslācija. Griezieties pie "
"administratora."
#: templates/ERR_TOO_BIG:8
+#, fuzzy
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
"Šos limitus ir uzstādījis pakalpojuma sniedzējs, kurš uztur šo kešatmiņu. "
msgstr "Šī kešatmiņa neatbalsta FTP."
#: templates/ERR_SHUTTING_DOWN:5
+#, fuzzy
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"Šī kešatmiņa ir izslēgšanās procesā un nevar šobrīd apkalpot Jūsu "
"pieprasījumu. Lūdzu atkārtojiet Jūsu pieprasījumu nedaudz vēlāk."
#: templates/ERR_FORWARDING_DENIED:6
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
msgstr ""
#: templates/ERR_FTP_NOT_FOUND:7
+#, fuzzy
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"Šo var izsaukt FTP adrese ar absolūto ceļu (kas nav saderīgs RFC 1738). Ja "
#: templates/ERR_CANNOT_FORWARD:6
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
msgstr ""
#: templates/ERR_DNS_FAIL:5
"Kešatmiņā nav atrasts derīgs dokuments un tiek piemērota direktīva <q>only-"
"if-cached</q> ."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr "Mēģinot izpildīt operāciju PUT sekojošā adresē: <a href=\"%U\">%U</a>"
"revalidation prohibited by the <q>only-if-cached</q> directive."
msgstr ""
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "Nulles izmēra atbilde"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "KĻŪDA: Pieprasītā adrese nav atrodama"
msgstr ""
"Project-Id-Version: squid\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2009-06-05 23:33+0000\n"
"Last-Translator: Mohamad Faizul bin Zulkifli <piju@mylinux.net.my>\n"
"Language-Team: Malay <ms@li.org>\n"
"request:"
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"Tiada maklum balas dari rangkaian. Pelayan mungkin tutup. Sila cuba lagi"
#: templates/ERR_ACCESS_DENIED:6
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
msgstr "Respon yang salah diterima dari pelayan ICAP"
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
"Keadaan yang salah dihadapi ketika membaca data dari rangkaian. Sila cuba lg"
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr "Keadaan yang salah dihadapi ketika menulis di rangkaian. Sila cuba lg"
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr "Direktori: <a href=\"/\">%U</a>/"
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "RALAT: URL yang diminta tidak dapat diterima"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr ""
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "RALAT: URL yang diminta tidak dapat diterima"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "Fail dikemaskini"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr ""
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr "Dibuat pada %T by %h (%s)"
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr ""
msgid "Illegal double-escape in the URL-Path"
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "URL Salah"
msgid "Request is too large."
msgstr "Permintaan terlalu besar"
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Kegagalan Socket"
msgstr ""
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
#: templates/ERR_TOO_BIG:5
#: templates/ERR_NO_RELAY:6
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
#: templates/ERR_TOO_BIG:8
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
#: templates/ERR_SHUTTING_DOWN:5
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
#: templates/ERR_FORWARDING_DENIED:6
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
#: templates/ERR_FTP_NOT_FOUND:7
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
#: templates/ERR_CANNOT_FORWARD:6
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
msgstr ""
#: templates/ERR_DNS_FAIL:5
"directive was specified."
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr ""
"revalidation prohibited by the <q>only-if-cached</q> directive."
msgstr ""
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
msgstr ""
"Project-Id-Version: squid\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
-"PO-Revision-Date: 2009-10-16 07:15+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
+"PO-Revision-Date: 2010-03-18 23:24+0200\n"
"Last-Translator: Rene Wijninga <r.wijninga@whine.nl>\n"
"Language-Team: Dutch <nl@li.org>\n"
"MIME-Version: 1.0\n"
"Content-Transfer-Encoding: 8bit\n"
"Language: nl\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Pootle 1.2.1\n"
+"X-Generator: Pootle 2.0.1\n"
"X-Launchpad-Export-Date: 2009-10-04 07:36+0000\n"
#: templates/ERR_DIR_LISTING:6
#: templates/ERR_READ_TIMEOUT:7
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"Er is een timeout opgetreden tijdens het lezen van data van het netwerk. "
"Het netwerk of de server zijn niet beschikbaar of overbelast. Probeer het "
#: templates/ERR_ACCESS_DENIED:6
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"U heeft geen toegang tot de URL die u probeerde op te vragen van deze "
#: templates/ERR_READ_ERROR:7
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
"Er is een fout opgetreden tijdens het lezen van data van het netwerk. "
#: templates/ERR_WRITE_ERROR:7
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
"Er is een fout opgetreden tijdens het schrijven naar het netwerk. Probeer "
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr "Map: <a href=\"%U\">%U</a>/"
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "FOUT: De gevraagde URL kon niet worden opgehaald"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "FOUT: De gevraagde URN kon niet worden opgehaald"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "FOUT: De gevraagde URL kon niet worden opgehaald"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "Bestand vernieuwd"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr "Voor Firefox browsers ga naar: <ul>"
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr "Voor Internet Explorer browsers ga naar: <ul>"
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr "Voor Opera browsers ga naar: <ul>"
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Doorsturen niet toegestaan."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr "Gegenereerd %T door %h (%s)"
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+"HTTP/1.1 <q>Verwacht:</q> feature wordt gevraagd door HTTP/1.0 software."
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "Hmmm, verwacht niet teveel van URNs op %T :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr "Hoe kunt u deze instellingen in uw browser vinden:"
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr "ICAP protocol fout."
msgid "Illegal double-escape in the URL-Path"
msgstr "Ongeldige <q>dubbele escape</q> in het URL pad"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+"Bij het HTTP Proxy keuzescherm vult u bij proxy naam %h en poort 3128 in."
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "Ongeldige URL"
msgid "Request is too large."
msgstr "Het verzoek is te lang."
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr "Selecteer: Instellingen automatisch detecteren"
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr "Selecteer: Gebruik automatisch proxy configuratie"
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Socket Fout"
"U</a>"
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
"De server of het netwerk dat u probeert te benaderen is onbereikbaar. "
-"Probeer het opnieuw."
+"Probeer het later nog eens.."
#: templates/ERR_TOO_BIG:5
msgid "The request or reply is too large."
#: templates/ERR_NO_RELAY:6
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
"Er is geen WAIS Relay host gedefinieerd voor deze Cache! Neem contact op "
#: templates/ERR_TOO_BIG:8
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
"Deze grootte-beperkingen zijn ingesteld door de beheerder van deze cache. "
#: templates/ERR_SHUTTING_DOWN:5
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"Deze cache is bezig met herstarten en kan daarom momenteel niet aan uw "
"verzoek voldoen. Probeer het later opnieuw."
#: templates/ERR_FORWARDING_DENIED:6
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"Deze cache zal uw verzoek niet doorsturen, omdat het een sibling relatie "
#: templates/ERR_FTP_NOT_FOUND:7
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"Dit kan veroorzaakt worden door een FTP URL met een absoluut pad (hetgeen "
#: templates/ERR_CANNOT_FORWARD:6
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"Dit verzoek kon niet worden doorgestuurd naar de oorspronkelijke server of "
"een van de parent caches. De meest waarschijnlijke reden voor deze fout is "
"server te praten, en alle ingestelde parent caches op dit moment "
"onbereikbaar zijn."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+"Configuratie -> Internet Opties -> Verbinding -> LAN Instellingen -"
+">Proxy"
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+"Configuratie -> Internet Opties -> Geavanceerd -> Netwerk ->LAN "
+"Instellingen "
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+"Configuratie ->Voorkeursinstellingen -> Geavanceerd -> Netwerk ->"
+"Proxy Servers"
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "Niet in staat om het IP adres te bepalen van server <q>%H</q>"
"Een geldig document werd niet gevonden in de cache, en de <q>only-if-cached</"
"q> richtlijn was ingesteld."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr "Web Browser Configuratie"
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr ""
"een herbevestiging nodig die niet werd toegestaan door de <q>only-if-cached</"
"q> richtlijn."
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+"Uw Browser instellingen dienen te worden aangepast om dit netwerk te kunnen "
+"gebruiken."
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "Antwoord is leeg"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "FOUT: De gevraagde URN kon niet worden opgehaald"
--- /dev/null
+msgid ""
+msgstr ""
+"Project-Id-Version: Squid-3\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: Translate Toolkit 1.5.3\n"
+
+#: templates/ERR_DIR_LISTING:6
+msgid "<a href=\"../\">Parent Directory</a> (<a href=\"/\">Root Directory</a>)"
+msgstr ""
+
+#: templates/ERR_INVALID_REQ:4
+msgid ""
+"<b>Invalid Request</b> error was encountered while trying to process the "
+"request:"
+msgstr ""
+
+#: templates/ERR_INVALID_RESP:4
+msgid ""
+"<b>Invalid Response</b> error was encountered while trying to process the "
+"request:"
+msgstr ""
+
+#: templates/ERR_READ_TIMEOUT:7
+msgid ""
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
+msgstr ""
+
+#: templates/ERR_URN_RESOLVE:3
+msgid "A URL for the requested URN could not be retrieved"
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:5
+msgid "Access Denied."
+msgstr "Accès interdich."
+
+#: templates/ERR_ACCESS_DENIED:6
+msgid ""
+"Access control configuration prevents your request from being allowed at "
+"this time. Please contact your service provider if you feel this is "
+"incorrect."
+msgstr ""
+
+#: templates/ERR_FTP_FORBIDDEN:4
+msgid ""
+"An FTP authentication failure occurred while trying to retrieve the URL: <a "
+"href=\"%U\">%U</a>"
+msgstr ""
+
+#: templates/ERR_FTP_FAILURE:4
+msgid ""
+"An FTP protocol error occurred while trying to retrieve the URL: <a href=\"%U"
+"\">%U</a>"
+msgstr ""
+
+#: templates/ERR_ICAP_FAILURE:10
+msgid "An Illegal response was received from the ICAP server."
+msgstr ""
+
+#: templates/ERR_READ_ERROR:7
+msgid ""
+"An error condition occurred while reading data from the network. Please "
+"retry your request."
+msgstr ""
+
+#: templates/ERR_WRITE_ERROR:7
+msgid ""
+"An error condition occurred while writing to the network. Please retry your "
+"request."
+msgstr ""
+
+#: templates/ERR_CACHE_ACCESS_DENIED:3 templates/ERR_CACHE_ACCESS_DENIED:5
+msgid "Cache Access Denied."
+msgstr "Accès a l'amagatal interdich."
+
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:3
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:5
+msgid "Cache Manager Access Denied."
+msgstr ""
+
+#: templates/ERR_URN_RESOLVE:5
+msgid "Cannot Resolve URN"
+msgstr "Impossible de resòlvre l'URN"
+
+#: templates/ERR_LIFETIME_EXP:5
+msgid "Connection Lifetime Expired"
+msgstr "Durada de vida de la connexion depassada"
+
+#: templates/ERR_CONNECT_FAIL:5
+msgid "Connection to %I failed."
+msgstr "La connexion a %I a fracassat."
+
+#: templates/ERR_INVALID_REQ:10
+msgid "Content-Length missing for POST or PUT requests."
+msgstr ""
+
+#: templates/ERR_DIR_LISTING:3
+msgid "Directory Content:"
+msgstr ""
+
+#: templates/ERR_DIR_LISTING:4
+msgid "Directory Listing"
+msgstr ""
+
+#: templates/ERR_DIR_LISTING:1
+msgid "Directory: %U"
+msgstr "Repertòri : %U"
+
+#: templates/ERR_DIR_LISTING:2
+msgid "Directory: <a href=\"%U\">%U</a>/"
+msgstr "Repertòri : <a href=\"%U\">%U</a>/"
+
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
+#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
+#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
+#: templates/ERR_FTP_FAILURE:2 templates/ERR_FTP_FORBIDDEN:2
+#: templates/ERR_FTP_NOT_FOUND:2 templates/ERR_FTP_PUT_ERROR:2
+#: templates/ERR_FTP_UNAVAILABLE:2 templates/ERR_ICAP_FAILURE:2
+#: templates/ERR_INVALID_REQ:2 templates/ERR_INVALID_RESP:2
+#: templates/ERR_INVALID_URL:2 templates/ERR_LIFETIME_EXP:2
+#: templates/ERR_NO_RELAY:2 templates/ERR_ONLY_IF_CACHED_MISS:2
+#: templates/ERR_READ_ERROR:2 templates/ERR_READ_TIMEOUT:2
+#: templates/ERR_SECURE_CONNECT_FAIL:2 templates/ERR_SHUTTING_DOWN:2
+#: templates/ERR_SOCKET_FAILURE:2 templates/ERR_TOO_BIG:2
+#: templates/ERR_UNSUP_HTTPVERSION:2 templates/ERR_UNSUP_REQ:2
+#: templates/ERR_URN_RESOLVE:2 templates/ERR_WRITE_ERROR:2
+#: templates/ERR_ZERO_SIZE_OBJECT:2
+msgid "ERROR"
+msgstr "ERROR"
+
+#: templates/ERR_CACHE_ACCESS_DENIED:1
+msgid "ERROR: Cache Access Denied"
+msgstr ""
+
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:1
+msgid "ERROR: Cache Manager Access Denied"
+msgstr ""
+
+#: templates/ERR_FTP_PUT_ERROR:1
+msgid "ERROR: FTP upload failed"
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:1 templates/ERR_CANNOT_FORWARD:1
+#: templates/ERR_CONNECT_FAIL:1 templates/ERR_DNS_FAIL:1 templates/ERR_ESI:1
+#: templates/ERR_FORWARDING_DENIED:1 templates/ERR_FTP_DISABLED:1
+#: templates/ERR_FTP_FAILURE:1 templates/ERR_FTP_FORBIDDEN:1
+#: templates/ERR_FTP_NOT_FOUND:1 templates/ERR_FTP_UNAVAILABLE:1
+#: templates/ERR_ICAP_FAILURE:1 templates/ERR_INVALID_REQ:1
+#: templates/ERR_INVALID_RESP:1 templates/ERR_INVALID_URL:1
+#: templates/ERR_LIFETIME_EXP:1 templates/ERR_NO_RELAY:1
+#: templates/ERR_ONLY_IF_CACHED_MISS:1 templates/ERR_READ_ERROR:1
+#: templates/ERR_READ_TIMEOUT:1 templates/ERR_SECURE_CONNECT_FAIL:1
+#: templates/ERR_SHUTTING_DOWN:1 templates/ERR_SOCKET_FAILURE:1
+#: templates/ERR_TOO_BIG:1 templates/ERR_UNSUP_HTTPVERSION:1
+#: templates/ERR_UNSUP_REQ:1 templates/ERR_WRITE_ERROR:1
+#: templates/ERR_ZERO_SIZE_OBJECT:1
+msgid "ERROR: The requested URL could not be retrieved"
+msgstr "ERREUR : L'URL demandada a pas pogut èsser cargada"
+
+#: templates/ERR_URN_RESOLVE:1
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr ""
+
+#: templates/ERR_ESI:5
+msgid "ESI Processing failed."
+msgstr "Lo tractament ESI a fracassat."
+
+#: templates/ERR_FTP_PUT_CREATED:1
+msgid "FTP PUT Successful: File Created"
+msgstr ""
+
+#: templates/ERR_FTP_PUT_MODIFIED:1
+msgid "FTP PUT Successful: File Updated"
+msgstr ""
+
+#: templates/ERR_FTP_PUT_ERROR:3
+msgid "FTP PUT/upload failed"
+msgstr ""
+
+#: templates/ERR_FTP_DISABLED:5
+msgid "FTP is Disabled"
+msgstr "Lo FTP es desactivat"
+
+#: templates/ERR_SECURE_CONNECT_FAIL:5
+msgid "Failed to establish a secure connection to %I"
+msgstr ""
+
+#: templates/ERR_FTP_PUT_CREATED:3
+msgid "File created"
+msgstr "Fichièr creat"
+
+#: templates/ERR_FTP_PUT_MODIFIED:3
+msgid "File updated"
+msgstr "Fichièr mes a jorn"
+
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr "Per Firefox, anatz a : <ul>"
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr "Per Internet Explorer, anatz a : <ul>"
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr "Per Opera, anatz a : <ul>"
+
+#: templates/ERR_FORWARDING_DENIED:5
+msgid "Forwarding Denied."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
+#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
+#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
+#: templates/ERR_FORWARDING_DENIED:8 templates/ERR_FTP_DISABLED:8
+#: templates/ERR_FTP_FAILURE:8 templates/ERR_FTP_FORBIDDEN:8
+#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
+#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
+#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
+#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
+#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
+#: templates/ERR_SECURE_CONNECT_FAIL:9 templates/ERR_SHUTTING_DOWN:7
+#: templates/ERR_SOCKET_FAILURE:9 templates/ERR_TOO_BIG:10
+#: templates/ERR_UNSUP_HTTPVERSION:8 templates/ERR_UNSUP_REQ:8
+#: templates/ERR_URN_RESOLVE:8 templates/ERR_WRITE_ERROR:9
+#: templates/ERR_ZERO_SIZE_OBJECT:8
+msgid "Generated %T by %h (%s)"
+msgstr "Generada lo %T per %h (%s)"
+
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
+#: templates/ERR_URN_RESOLVE:6
+msgid "Hey, don't expect too much from URNs on %T :)"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
+#: templates/ERR_ICAP_FAILURE:5
+msgid "ICAP protocol error."
+msgstr "Error de protocòl ICAP."
+
+#: templates/ERR_TOO_BIG:7
+msgid ""
+"If you are making a GET request, then the item you are trying to download is "
+"too large."
+msgstr ""
+
+#: templates/ERR_TOO_BIG:6
+msgid ""
+"If you are making a POST or PUT request, then the item you are trying to "
+"upload is too large."
+msgstr ""
+
+#: templates/ERR_INVALID_REQ:11 templates/ERR_INVALID_URL:11
+msgid "Illegal character in hostname; underscores are not allowed."
+msgstr ""
+
+#: templates/ERR_INVALID_URL:10
+msgid "Illegal double-escape in the URL-Path"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
+#: templates/ERR_INVALID_URL:5
+msgid "Invalid URL"
+msgstr "URL invalida"
+
+#: templates/ERR_INVALID_REQ:8
+msgid "Missing HTTP Identifier (HTTP/1.0)."
+msgstr "Abséncia d'identificant HTTP (HTTP/1.0)"
+
+#: templates/ERR_INVALID_REQ:7
+msgid "Missing URL."
+msgstr "Abséncia d'URL"
+
+#: templates/ERR_INVALID_URL:9
+msgid "Missing hostname"
+msgstr "Nom de maquina absent"
+
+#: templates/ERR_INVALID_URL:8
+msgid ""
+"Missing or incorrect access protocol (should be <q>http://</q> or similar)"
+msgstr ""
+
+#: templates/ERR_INVALID_REQ:6
+msgid "Missing or unknown request method."
+msgstr "Metòde de requèsta desconegut o perdut."
+
+#: templates/ERR_NO_RELAY:5
+msgid "No Wais Relay"
+msgstr ""
+
+#: templates/ERR_FTP_PUT_CREATED:2 templates/ERR_FTP_PUT_MODIFIED:2
+msgid "Operation successful"
+msgstr "Ooperacion capitada"
+
+#: templates/ERR_DIR_LISTING:5
+msgid "Parent Directory"
+msgstr "Dorsièr parent"
+
+#: templates/ERR_CACHE_ACCESS_DENIED:7
+msgid ""
+"Please contact the <a href=\"mailto:%w%W\">cache administrator</a> if you "
+"have difficulties authenticating yourself or <a href=\"http://%h/cgi-bin/"
+"chpasswd.cgi\">change</a> your default password."
+msgstr ""
+
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:7
+msgid ""
+"Please contact the <a href=\"mailto:%w%W\">cache administrator</a> if you "
+"have difficulties authenticating yourself or, if you <em>are</em> the "
+"administrator, read Squid documentation on cache manager interface and check "
+"cache log for more detailed error messages."
+msgstr ""
+
+#: templates/ERR_READ_ERROR:5
+msgid "Read Error"
+msgstr "Error de lectura"
+
+#: templates/ERR_READ_TIMEOUT:5
+msgid "Read Timeout"
+msgstr ""
+
+#: templates/ERR_INVALID_REQ:9
+msgid "Request is too large."
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
+#: templates/ERR_SOCKET_FAILURE:5
+msgid "Socket Failure"
+msgstr "Error de socket"
+
+#: templates/ERR_INVALID_URL:6
+msgid "Some aspect of the requested URL is incorrect."
+msgstr ""
+
+#: templates/ERR_ICAP_FAILURE:8 templates/ERR_INVALID_REQ:5
+#: templates/ERR_INVALID_URL:7
+msgid "Some possible problems are:"
+msgstr "Problèmas envisajables :"
+
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:6
+msgid ""
+"Sorry, you are not currently allowed to request %U from this cache manager "
+"until you have authenticated yourself."
+msgstr ""
+
+#: templates/ERR_CACHE_ACCESS_DENIED:6
+msgid ""
+"Sorry, you are not currently allowed to request %U from this cache until you "
+"have authenticated yourself."
+msgstr ""
+
+#: templates/ERR_ZERO_SIZE_OBJECT:6
+msgid "Squid did not receive any data for this request."
+msgstr ""
+
+#: templates/ERR_UNSUP_REQ:6
+msgid ""
+"Squid does not support all request methods for all access protocols. For "
+"example, you can not POST a Gopher request."
+msgstr ""
+
+#: templates/ERR_LIFETIME_EXP:6
+msgid ""
+"Squid has terminated the request because it has exceeded the maximum "
+"connection lifetime."
+msgstr ""
+
+#: templates/ERR_SOCKET_FAILURE:7
+msgid ""
+"Squid is unable to create a TCP socket, presumably due to excessive load. "
+"Please retry your request."
+msgstr ""
+
+#: templates/ERR_FTP_FAILURE:5 templates/ERR_FTP_FORBIDDEN:5
+#: templates/ERR_FTP_NOT_FOUND:5 templates/ERR_FTP_PUT_ERROR:5
+#: templates/ERR_FTP_UNAVAILABLE:5
+msgid "Squid sent the following FTP command:"
+msgstr ""
+
+#: templates/ERR_DNS_FAIL:6
+msgid "The DNS server returned:"
+msgstr "Lo servidor DNS a tornat :"
+
+#: templates/ERR_ESI:6
+msgid "The ESI processor returned:"
+msgstr "Lo processor ESI a respondut :"
+
+#: templates/ERR_FTP_UNAVAILABLE:4
+msgid "The FTP server was too busy to retrieve the URL: <a href=\"%U\">%U</a>"
+msgstr ""
+
+#: templates/ERR_INVALID_RESP:5
+msgid ""
+"The HTTP Response message received from the contacted server could not be "
+"understood or was otherwise malformed. Please contact the site operator."
+msgstr ""
+
+#: templates/ERR_ICAP_FAILURE:9
+msgid "The ICAP server is not reachable."
+msgstr "Lo servidor ICAP es pas jonhible."
+
+#: templates/ERR_FTP_NOT_FOUND:4
+msgid "The following URL could not be retrieved: <a href=\"%U\">%U</a>"
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:4 templates/ERR_CACHE_ACCESS_DENIED:4
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:4 templates/ERR_CANNOT_FORWARD:4
+#: templates/ERR_CONNECT_FAIL:4 templates/ERR_DNS_FAIL:4 templates/ERR_ESI:4
+#: templates/ERR_FORWARDING_DENIED:4 templates/ERR_FTP_DISABLED:4
+#: templates/ERR_ICAP_FAILURE:4 templates/ERR_INVALID_URL:4
+#: templates/ERR_LIFETIME_EXP:4 templates/ERR_NO_RELAY:4
+#: templates/ERR_ONLY_IF_CACHED_MISS:4 templates/ERR_READ_ERROR:4
+#: templates/ERR_READ_TIMEOUT:4 templates/ERR_SECURE_CONNECT_FAIL:4
+#: templates/ERR_SHUTTING_DOWN:4 templates/ERR_SOCKET_FAILURE:4
+#: templates/ERR_TOO_BIG:4 templates/ERR_UNSUP_HTTPVERSION:4
+#: templates/ERR_UNSUP_REQ:4 templates/ERR_WRITE_ERROR:4
+#: templates/ERR_ZERO_SIZE_OBJECT:4
+msgid ""
+"The following error was encountered while trying to retrieve the URL: <a "
+"href=\"%U\">%U</a>"
+msgstr ""
+"L'error seguenta s'es producha en ensajant d'accedir a l'URL : <a href=\"%U\">"
+"%U</a>"
+
+#: templates/ERR_URN_RESOLVE:4
+msgid ""
+"The following error was encountered while trying to retrieve the URN: <a "
+"href=\"%U\">%U</a>"
+msgstr ""
+
+#: templates/ERR_CONNECT_FAIL:7
+msgid "The remote host or network may be down. Please try the request again."
+msgstr ""
+
+#: templates/ERR_TOO_BIG:5
+msgid "The request or reply is too large."
+msgstr "La requèsta o la responsa es tròp gròssa."
+
+#: templates/ERR_ACCESS_DENIED:3 templates/ERR_CANNOT_FORWARD:3
+#: templates/ERR_CONNECT_FAIL:3 templates/ERR_DNS_FAIL:3 templates/ERR_ESI:3
+#: templates/ERR_FORWARDING_DENIED:3 templates/ERR_FTP_DISABLED:3
+#: templates/ERR_FTP_FAILURE:3 templates/ERR_FTP_FORBIDDEN:3
+#: templates/ERR_FTP_NOT_FOUND:3 templates/ERR_FTP_UNAVAILABLE:3
+#: templates/ERR_ICAP_FAILURE:3 templates/ERR_INVALID_REQ:3
+#: templates/ERR_INVALID_RESP:3 templates/ERR_INVALID_URL:3
+#: templates/ERR_LIFETIME_EXP:3 templates/ERR_NO_RELAY:3
+#: templates/ERR_ONLY_IF_CACHED_MISS:3 templates/ERR_READ_ERROR:3
+#: templates/ERR_READ_TIMEOUT:3 templates/ERR_SECURE_CONNECT_FAIL:3
+#: templates/ERR_SHUTTING_DOWN:3 templates/ERR_SOCKET_FAILURE:3
+#: templates/ERR_TOO_BIG:3 templates/ERR_UNSUP_REQ:3
+#: templates/ERR_WRITE_ERROR:3 templates/ERR_ZERO_SIZE_OBJECT:3
+msgid "The requested URL could not be retrieved"
+msgstr "L'URL demandada a pas pogut èsser cargada"
+
+#: templates/ERR_FTP_FAILURE:6 templates/ERR_FTP_FORBIDDEN:6
+#: templates/ERR_FTP_NOT_FOUND:6 templates/ERR_FTP_PUT_ERROR:6
+#: templates/ERR_FTP_UNAVAILABLE:6
+msgid "The server responded with:"
+msgstr "Lo servidor a respondut :"
+
+#: templates/ERR_CONNECT_FAIL:6 templates/ERR_ICAP_FAILURE:6
+#: templates/ERR_READ_ERROR:6 templates/ERR_READ_TIMEOUT:6
+#: templates/ERR_SECURE_CONNECT_FAIL:6 templates/ERR_SOCKET_FAILURE:6
+#: templates/ERR_WRITE_ERROR:6
+msgid "The system returned: <i>%E</i>"
+msgstr "Lo sistèma a tornat : <i>%E</i>"
+
+#: templates/ERR_NO_RELAY:6
+msgid ""
+"There is no WAIS Relay host defined for this Cache! Yell at the "
+"administrator."
+msgstr ""
+
+#: templates/ERR_TOO_BIG:8
+msgid ""
+"These limits have been established by the Internet Service Provider who "
+"operates this cache. Please contact them directly if you feel this is an "
+"error."
+msgstr ""
+
+#: templates/ERR_UNSUP_HTTPVERSION:6
+msgid "This Squid does not accept the HTTP version you are attempting to use."
+msgstr ""
+
+#: templates/ERR_FTP_DISABLED:6
+msgid "This cache does not support FTP."
+msgstr ""
+
+#: templates/ERR_SHUTTING_DOWN:5
+msgid ""
+"This cache is in the process of shutting down and can not service your "
+"request at this time. Please retry your request again soon."
+msgstr ""
+
+#: templates/ERR_FORWARDING_DENIED:6
+msgid ""
+"This cache will not forward your request because it is trying to enforce a "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
+"misconfigured."
+msgstr ""
+
+#: templates/ERR_ICAP_FAILURE:7
+msgid "This means that some aspect of the ICAP communication failed."
+msgstr ""
+
+#: templates/ERR_FTP_PUT_ERROR:7
+msgid ""
+"This means that the FTP server may not have permission or space to store the "
+"file. Check the path, permissions, diskspace and try again."
+msgstr ""
+
+#: templates/ERR_DNS_FAIL:7
+msgid ""
+"This means that the cache was not able to resolve the hostname presented in "
+"the URL. Check if the address is correct."
+msgstr ""
+
+#: templates/ERR_ESI:7
+msgid ""
+"This means that the surrogate was not able to process the ESI template. "
+"Please report this error to the webmaster."
+msgstr ""
+
+#: templates/ERR_FTP_NOT_FOUND:7
+msgid ""
+"This might be caused by an FTP URL with an absolute path (which does not "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
+"<a href=\"%B\">%B</a>."
+msgstr ""
+
+#: templates/ERR_SECURE_CONNECT_FAIL:7
+msgid ""
+"This proxy and the remote host failed to negotiate a mutually acceptable "
+"security settings for handling your request. It is possible that the remote "
+"host does not support secure connections, or the proxy is not satisfied with "
+"the host security credentials."
+msgstr ""
+
+#: templates/ERR_CANNOT_FORWARD:6
+msgid ""
+"This request could not be forwarded to the origin server or to any parent "
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
+#: templates/ERR_DNS_FAIL:5
+msgid "Unable to determine IP address from host name <q>%H</q>"
+msgstr "Impossible d'associar una adreça IP a la maquina <q>%H</q>"
+
+#: templates/ERR_CANNOT_FORWARD:5
+msgid "Unable to forward this request at this time."
+msgstr ""
+
+#: templates/ERR_UNSUP_HTTPVERSION:3 templates/ERR_UNSUP_HTTPVERSION:5
+msgid "Unsupported HTTP version"
+msgstr "Version de HTTP pas suportada"
+
+#: templates/ERR_UNSUP_REQ:5
+msgid "Unsupported Request Method and Protocol"
+msgstr ""
+
+#: templates/ERR_ONLY_IF_CACHED_MISS:5
+msgid ""
+"Valid document was not found in the cache and <q>only-if-cached</q> "
+"directive was specified."
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
+#: templates/ERR_FTP_PUT_ERROR:4
+msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
+msgstr ""
+
+#: templates/ERR_WRITE_ERROR:5
+msgid "Write Error"
+msgstr "Problèma d'escritura"
+
+#: templates/ERR_ONLY_IF_CACHED_MISS:6
+msgid ""
+"You have issued a request with a <q>only-if-cached</q> cache control "
+"directive. The document was not found in the cache, <em>or</em> it required "
+"revalidation prohibited by the <q>only-if-cached</q> directive."
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
+#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
+#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
+#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
+#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
+#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
+#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
+#: templates/ERR_READ_TIMEOUT:8 templates/ERR_SECURE_CONNECT_FAIL:8
+#: templates/ERR_SHUTTING_DOWN:6 templates/ERR_SOCKET_FAILURE:8
+#: templates/ERR_TOO_BIG:9 templates/ERR_UNSUP_HTTPVERSION:7
+#: templates/ERR_UNSUP_REQ:7 templates/ERR_URN_RESOLVE:7
+#: templates/ERR_WRITE_ERROR:8 templates/ERR_ZERO_SIZE_OBJECT:7
+msgid "Your cache administrator is <a href=\"mailto:%w%W\">%w</a>."
+msgstr "Vòstre administrator d'amagatal es <a href=\"mailto:%w\">%w</a>."
+
+#: templates/ERR_INVALID_RESP:6
+msgid ""
+"Your cache administrator may be able to provide you with more details about "
+"the exact nature of the problem if needed."
+msgstr ""
+
+#: templates/ERR_ESI:8
+msgid "Your webmaster is <a href=\"mailto:%w\">%w</a>."
+msgstr "Vòstre webmèstre es <a href=\"mailto:%w\">%w</a>."
+
+#: templates/ERR_ZERO_SIZE_OBJECT:5
+msgid "Zero Sized Reply"
+msgstr "Responsa de talha nulla"
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2010-01-02 23:51+0000\n"
"Last-Translator: Jarosław Ogrodnik <nobodythere@gmail.com>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
"zapytania"
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"Przekroczony zostal dopuszczalny czas oczekiwania na dane z sieci. Sieć lub "
"serwer źródłowy mogą być niedostępne lub przeciążone. Proszę ponowić żądanie."
msgstr "Dostęp zabroniony."
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"Konfiguracja serwera wyklucza Twój dostęp do niego w chwili obecnej. "
msgstr "Odebrano błędną odpowiedź z serwera ICAP"
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
"Podczas czytania dokumentu z sieci wystąpił błąd. Proszę ponowić żądanie."
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr "Wystąpił błąd podczas próby zapisu do sieci. Proszę ponowić żądanie."
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr "Katalog: <a href=\"%U\">%U</a>/"
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "BŁĄD: Żądany URL nie może zostać pobrany"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "BŁĄD: Żądany URN nie może zostać sprowadzony"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "BŁĄD: Żądany URL nie może zostać pobrany"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "plik uaktualniony"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Przekazanie żądania zabronione."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr "Utworzono %T przez %h (%s)"
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "Proszę nie spodziewać się zbyt wiele od URNów z %T :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr ""
msgid "Illegal double-escape in the URL-Path"
msgstr "podwójna sekwencja escape w ścieżce URL"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "błędny URL"
msgid "Request is too large."
msgstr "RZbyt duży rozmiar żądania"
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
#, fuzzy
msgid "Socket Failure"
msgstr ""
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
"Serwer źródłowy lub sieć mogą być nieczynne. Spróbuj ponowić żądanie później."
msgstr "System zwrócił wartość: <i>%E</i>"
#: templates/ERR_NO_RELAY:6
+#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
"Dla tego serwera cache nie został zdefiniowany WAIS relay! Zawiadom "
#: templates/ERR_TOO_BIG:8
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
#: templates/ERR_SHUTTING_DOWN:5
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
#: templates/ERR_FORWARDING_DENIED:6
+#, fuzzy
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"Ten serwer cache nie przekaże Twojego żądania ponieważ wymusza ono relację "
#: templates/ERR_FTP_NOT_FOUND:7
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
#, fuzzy
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"Żądanie nie może zostać przakazane serwerowi źródłowemu ani żadnemu z "
"serwerów-rodziców. Najbardziej prawdopodobne źródła błędu to Administrator "
"serwera cache nie pozwala temu cache na bezpośrednie połączenia do serwerów "
"źródłowych Wszystkie kooperujące serwery-rodzice są w tej chwili niedostępne."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "Nie można ustalić adresu IP hosta o nazwie <q>%H</q>"
"żądanie z dyrektywą <q>only-if-cached</q> dotyczyło dokumentu aktualnie nie "
"przechowywanego przez sewer cache."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
#, fuzzy
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
"znaleziony w zasobech serwera cache <em>lub</em> wymagał odświeżenia "
"zabronionego dyrektywą <q>only-if-cached</q>."
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "sprowadzony dokument ma zerowy rozmiar"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "BŁĄD: Żądany URN nie może zostać sprowadzony"
msgstr ""
"Project-Id-Version: squid\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2009-09-25 09:18+1300\n"
"Last-Translator: Aecio F. Neto <aecioneto@gmail.com>\n"
"Language-Team: Brazilian Portuguese <pt_BR@li.org>\n"
"<b>Resposta Inválida</b> erro encontrado ao tentar processar a requisição:"
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"Tempo esgotado esperando a leitura de dados pela rede. A rede ou o servidor "
"pode estar desconectado ou congestionado. Por favor, tente novamente sua "
msgstr "Acesso Negado."
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"A configuração do controle de acesso impede que sua requisição seja "
msgstr "Uma resposta ilegal foi recebida do servidor ICAP."
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
"Uma condição de erro ocorreu ao ler dados da rede. Por favor, repita sua "
"requisição."
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
"Ocorreu um erro ao tentar escrever na rede. Por favor, repita sua requisição."
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr "Directório: <a href=\"%U\">%U</a>/"
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "ERRO: A URL requisitada não pode ser recuperada"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "ERRO: A URN requisitada não pode ser recuperada"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "ERRO: A URL requisitada não pode ser recuperada"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "Arquivo atualizado"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Encaminhamento Negado."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr "Gerado %T por %h (%s)"
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "Olha, não espere muito por URNs em %T :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr "Erro de protocolo ICAP."
msgid "Illegal double-escape in the URL-Path"
msgstr "Escape duplo ilegal na URL-Path"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "URL inválida"
msgid "Request is too large."
msgstr "Requisição é muito grande."
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Falha de socket"
"a>"
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
"O host remoto ou a rede pode estar fora do ar. Por favor, faça a requisição "
"novamente."
msgstr "O sistema retornou: <i>%E</i>"
#: templates/ERR_NO_RELAY:6
+#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
"Não há nenhum host de WAIS Relay definido para esse Cache! Contate o "
"administrador."
#: templates/ERR_TOO_BIG:8
+#, fuzzy
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
"Esses limites foram estabelecidos pelo Provedor de Serviço Internet em que "
msgstr "Esse cache não suporta FTP."
#: templates/ERR_SHUTTING_DOWN:5
+#, fuzzy
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"Este cache está sendo desligado e não pode atender sua requisição neste "
"momento. Por favor, tente novamente em breve."
#: templates/ERR_FORWARDING_DENIED:6
+#, fuzzy
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"Este cache não encaminhará sua requisição porque está tentando forçar um "
"favor, informe este erro ao webmaster."
#: templates/ERR_FTP_NOT_FOUND:7
+#, fuzzy
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"Isto pode ter sido causado por uma URL de FTP com um caminho absoluto (que "
"com as credenciais de segurança do host."
#: templates/ERR_CANNOT_FORWARD:6
+#, fuzzy
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"Esta requisição não pode ser encaminhada ao servidor de origem ou para "
"nenhum cache pai. A causa mais provável para este erro é que o administrador "
"do cache não permite que este cache faça conexões diretas aos servidores de "
"origem e que todos caches superiores estão inalcançáveis no momento."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "Impossível determinar o endereço IP do nome de host <q>%H</q>"
"Um documento válido não foi encontrado no cache e a diretiva <q>only-if-"
"cached</q> foi especificada."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr "Ao tentar executar o PUT na seguinte URL: <a href=\"%U\">%U</a>"
"cached</q>. O documento não foi encontrado no cache <em>ou</em> o cache "
"requer uma revalidação, que é proibida por esta diretiva."
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "Resposta de tamanho zero"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "ERRO: A URN requisitada não pode ser recuperada"
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2009-06-14 14:41+1300\n"
"Last-Translator: Pedro Lineu Orso <orso@pop.hsbcbamerindus.com.br>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
msgstr ""
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"Excedeu o tempo limite enquanto esperava para ler dados na rede. A rede ou "
"servidor pode estar indisponível ou congestionado. Por favor tente novamente."
msgstr "Proibido o Acesso."
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"O controle de acessos impediu sua requisição. Caso você não concorde com "
msgstr ""
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
"Ocorreu uma condição de erro enquanto lia o dado na rede. Por favor tente "
"novamente."
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
"Uma condição de erro ocorreu enquanto escrevia na rede. Por favor tente "
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr ""
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "ERRO: A URL solicitada não pode ser recuperada"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "ERRO: URN requisitada não pode ser recuperada"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "ERRO: A URL solicitada não pode ser recuperada"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "Arquivo atualizado"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Expedição proibida."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr ""
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "Não espere muita coisa de URNS em %T :-)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr ""
msgid "Illegal double-escape in the URL-Path"
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "URL inválida"
msgid "Request is too large."
msgstr "A requisição pode ser muito grande"
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Falha no Socket"
msgstr ""
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
"O host remoto (servidor) ou a rede pode estar indisponível. Por favor tente "
"novamente."
msgstr "O sistema retornou: <i>%E</i>"
#: templates/ERR_NO_RELAY:6
+#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
"Não há servidor WAIS definido para este cache! Fale com o administrador."
#: templates/ERR_TOO_BIG:8
+#, fuzzy
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
"Os limites foram estabelecidos pelo administrador deste cache. Por favor, "
#, fuzzy
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"Este servidor de cache está em procedimento de shutting down e não pode "
"servir sua requisição neste momento. Por favor, tente mais tarde."
#, fuzzy
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"Este cache não expediu sua solicitação porque está tentando forçar "
msgstr ""
#: templates/ERR_FTP_NOT_FOUND:7
+#, fuzzy
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"Isto pode ter como causa uma URL de FTP com caminho absoluto (que não está "
#, fuzzy
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"Esta requisição não pode ser encaminhada para o servidor ou para qualquer "
"outro cache. A causa mais provável para este erro é O administrador do cache "
"não permite que este cache faça conexões diretas para servidores, e Todos os "
"caches configurados não estão disponíveis."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "Incapaz de determinar o endereço IP através do nome do host <q>%H</q>"
"Não foi encontrado documento válido no cache e a opção <q>only-if-cached</q> "
"foi especificada. "
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr "Na tentativa de salvar (PUT) a seguinte URL: <a href=\"%U\">%U</a>"
"ativa. O documento não foi encontrado no cache, <em>ou</em> requer "
"revalidação proibida pela opção <q>only-if-cached</q>"
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "Resposta com tamanho zero"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "ERRO: URN requisitada não pode ser recuperada"
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
-"PO-Revision-Date: 2010-01-18 21:29+0200\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
+"PO-Revision-Date: 2010-03-20 16:29+0200\n"
"Last-Translator: Arthur <arthur@psw.ro>\n"
"Language-Team: Romanian <ro@li.org>\n"
"MIME-Version: 1.0\n"
"Language: ro\n"
"Plural-Forms: nplurals=3; plural=(n==1 ? 0 : (n==0 || (n%100 > 0 && n%100 < "
"20)) ? 1 : 2);;\n"
-"X-Generator: Pootle 2.0.0\n"
+"X-Generator: Pootle 2.0.1\n"
"X-Launchpad-Export-Date: 2009-01-18 05:16+0000\n"
#: templates/ERR_DIR_LISTING:6
#: templates/ERR_READ_TIMEOUT:7
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
-"S-a depăşit timpul de aşteptare în tipul citirii datelor de la reţea. "
-"Reţeaua sau serverul ar putea fi căzute sau congestionate. Vă rugăm să "
+"S-a depăşit timpul de aşteptare în tipul citirii datelor de la reţea. "
+"Reţeaua sau serverul ar putea fi căzute sau congestionate. Vă rugăm să "
"încercaţi din nou."
#: templates/ERR_URN_RESOLVE:3
#: templates/ERR_ACCESS_DENIED:6
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"Configuraţia de control al accesului împiedică ca cererea dumneavoastră să "
-"fie permisă în acest moment. Vă rugăm contactaţi furnizorul de servicii "
-"dacă credeţi că acest lucru nu este corect."
+"fie permisă în acest moment. Vă rugăm contactaţi furnizorul de servicii dacă "
+"credeţi că acest lucru nu este corect."
#: templates/ERR_FTP_FORBIDDEN:4
msgid ""
#: templates/ERR_READ_ERROR:7
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
-"A survenit o eroare în timp ce se citeau date din reţea. Vă rugăm să "
+"A survenit o eroare în timp ce se citeau date din reţea. Vă rugăm să "
"încercaţi cererea din nou."
#: templates/ERR_WRITE_ERROR:7
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
-"A survenit o eroare în timp ce se scriau date în reţea. Vă rugăm să "
+"A survenit o eroare în timp ce se scriau date în reţea. Vă rugăm să "
"încercaţi cererea din nou."
#: templates/ERR_CACHE_ACCESS_DENIED:3 templates/ERR_CACHE_ACCESS_DENIED:5
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr "Directorul: <a href=\"%U\">%U</a>/"
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "EROARE: URL-ul cerut nu a putut fi accesat"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "EROARE: URN-ul cerut nu a putut fi accesat"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "EROARE: URL-ul cerut nu a putut fi accesat"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "Fişierul a fost actualizat"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr "Pentru navigatorul Firefox mergeţi la: <ul>"
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr "Pentru navigatorul Internet Explorer mergeţi la: <ul>"
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr "Pentru navigatorul Opera mergeţi la: <ul>"
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Înaintarea cererii este interzisă."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr "Generat %T de către %h (%s)"
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+"HTTP/1.1 Capabilitatea <q>Expect:</q> este cerută de software HTTP/1.0."
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "Hei, nu vă aşteptaţi la prea multe de la URN-uri pe %T :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr "Cum să găseşti aceste setări în navigatorul tău:"
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr "Eroare în protocolul ICAP."
msgid "Illegal double-escape in the URL-Path"
msgstr "Secvenţa escape-dublu este ilegală în calea URL"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+"În căsuţa pentru proxy HTTP tastează numele proxy-ului %h şi portul 3128."
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "URL invalid"
msgid "Request is too large."
msgstr "Cererea este prea mare."
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr "Selectează Detectează automat setările"
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr "Selectează Configurare pentru proxy automată"
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Eroare de Socket"
"href=\"%U\">%U</a>"
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
-"Calculatorul sau reţeaua destinaţie s-ar putea să fie inoperabile. Vă rugăm "
+"Calculatorul sau reţeaua destinaţie s-ar putea să fie inoperabile. Vă rugăm "
"să încercaţi cererea din nou."
#: templates/ERR_TOO_BIG:5
#: templates/ERR_NO_RELAY:6
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
-"Nu este definit niciun relay WAIS pentru acest cache! Strigaţi la "
-"administrator!"
+"Nu este definit niciun relay WAIS pentru acest cache! Strigaţi la "
+"administrator."
#: templates/ERR_TOO_BIG:8
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
"Aceste limite au fost impuse de către organizaţia care oferă serviciile de "
-"Internet şi care administreză acest cache. Vă rugăm să îi contactaţi în mod "
+"Internet şi care administreză acest cache. Vă rugăm să îi contactaţi în mod "
"direct dacă sunteţi de părere că este o greşeală."
#: templates/ERR_UNSUP_HTTPVERSION:6
#: templates/ERR_SHUTTING_DOWN:5
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"Acest cache este în curs de închidere şi nu poate procesa cererea în acest "
-"moment. Vă rugăm să repetaţi cererea cât mai curând."
+"moment. Vă rugăm să repetaţi cererea cât mai curând."
#: templates/ERR_FORWARDING_DENIED:6
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"Acest cache nu va înainta cererea dumneavoastră din cauză că încearcă să "
-"stabilească o relaţie de echivalenţă. Poate că clientul %i este un cache "
+"stabilească o relaţie de echivalenţă. Poate că clientul %i este un cache "
"care a fost configurat greşit."
#: templates/ERR_ICAP_FAILURE:7
#: templates/ERR_FTP_NOT_FOUND:7
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"Acest lucru poate fi cauzat de un URL FTP cu o cale absolută (ceea ce nu "
-"este conform RFC-ului 1738). Dacă aceasta este cauza, atunci fişierul poate "
+"este conform RFC-ului 1738). Dacă aceasta este cauza, atunci fişierul poate "
"fi găsit la <a href=\"%B\">%B</a>."
#: templates/ERR_SECURE_CONNECT_FAIL:7
#: templates/ERR_CANNOT_FORWARD:6
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"Această cerere nu a putut fi înaintată către serverul de origine sau un "
-"cache părinte. Cea mai probabilă cauză de eroare este că administratorul "
+"cache părinte. Cea mai probabilă cauză de eroare este că administratorul "
"cache-ului nu permite acestui cache să facă conexiuni directe către "
"serverele de origine şi toate cache-urile părinte nu pot fi contactate în "
"acest moment."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "Nu pot determina adresa IP din numele host-ului pentru <q>%H</q>"
"Un document valid nu a fost găsit în cache şi directiva <q>only-if-cached</"
"q> (numai dacă este deja în cache) a fost specificată."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr "Configurarea navigatorului de internet"
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr "În timp ce făceam PUT la următorul URL: <a href=\"%U\">%U</a>"
"necesitat o revalidare, revalidare interzisă de directiva <q>only-if-cached</"
"q>."
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+"Configurarea navigatorului de internet trebuie modificată pentru a putea "
+"utiliza această reţea."
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "Răspuns de lungime zero"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "EROARE: URN-ul cerut nu a putut fi accesat"
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2009-06-14 11:47+0000\n"
"Last-Translator: Amos Jeffries <Unknown>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
msgstr "Получен <b>недопустимый ответ</b> при попытке обработки запроса:"
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"Превышено время ожидания ответа во время чтения данных из сети. Сеть или "
"сервер не работают либо перегружены. Пожалуйста, повторите запрос."
msgstr "Доступ запрещён."
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"Настройка контроля доступа не даёт возможности выполнить Ваш запрос в "
msgstr "Получен недопустимый ответ от сервера ICAP."
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
"При попытке чтения данных из сети произошла ошибка. Пожалуйста, повторите "
"запрос."
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
"При попытке отправки данных в сеть произошла ошибка. Пожалуйста, повторите "
msgstr "Каталог: %U"
#: templates/ERR_DIR_LISTING:2
-#, fuzzy
msgid "Directory: <a href=\"%U\">%U</a>/"
-msgstr "Каталог: <a href=\"/\">%U</a>/"
+msgstr "Каталог: <a href=\"%U\">%U</a>/"
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "ОШИБКА: Запрошенный URL не может быть получен"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "ОШИБКА: Запрошенный URN не может быть получен"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "ОШИБКА: Запрошенный URL не может быть получен"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "Файл обновлён"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Пересылка запрещена."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr "Создано %T на %h (%s)"
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "Не стоит ожидать чудес от URN-ов на %T :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr "Ошибка протокола ICAP."
msgid "Illegal double-escape in the URL-Path"
msgstr "Недопустимое двойное экранирование в пути URL (URL-Path)"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr "В поле ввода HTTP прокси введите имя прокси %h и порт 3128"
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "Недопустимый URL"
msgid "Request is too large."
msgstr "Запрос слишком велик."
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr "Выберите Автоматически определять настройки"
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr "Выберите Использовать Автоматическое определение прокси"
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Ошибка сокета"
msgstr "При получении URN <a href=\"%U\">%U</a> произошла следующая ошибка"
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
-msgstr ""
-"Возможно, удаленный узел или сеть недоступны. Пожалуйста, повторите запрос "
-"позже."
+msgid "The remote host or network may be down. Please try the request again."
+msgstr "Удаленный узел или сеть недоступен. Повторите запрос позднее"
#: templates/ERR_TOO_BIG:5
msgid "The request or reply is too large."
msgstr "Система вернула: <i>%E</i>"
#: templates/ERR_NO_RELAY:6
+#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
"Для этого кэша не определен узел Wais Relay. Обратитесь к администратору."
#: templates/ERR_TOO_BIG:8
+#, fuzzy
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
"Эти ограничения установлены администратором, который управляет этим кэшем. "
msgstr "Этот кэш не поддерживает протокол FTP."
#: templates/ERR_SHUTTING_DOWN:5
+#, fuzzy
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"Этот кэш находится в процессе завершения работы и не может выполнить Ваш "
"запрос в настоящее время. Пожалуйста, повторите запрос через некторое время."
#: templates/ERR_FORWARDING_DENIED:6
+#, fuzzy
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"Этот кэш не будет пересылать Ваш запрос потому, что он пытается "
"сообщите об этой ошибке веб-мастеру."
#: templates/ERR_FTP_NOT_FOUND:7
+#, fuzzy
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"Это может быть вызвано FTP URL c абсолютным путём (который не соответствует "
"удостоверением безопасности узла."
#: templates/ERR_CANNOT_FORWARD:6
+#, fuzzy
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"Этот запрос не может быть перенаправлен ни к первичному серверу, ни к "
"родительским кэшам. Наиболее вероятная причина этой ошибки в том, что "
"администратор запретил прямые соединения к первичным серверам, а все "
"указанные родительские кэши в данный момент недоступны."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "Невозможно определить IP-адрес по имени узла <q>%H</q>"
"Действительный документ не найден в кэше и указана деректива <q>only-if-"
"cached</q>."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr "При попытке запроса PUT для следующего URL: <a href=\"%U\">%U</a>"
"Документ не был найден в кэше <em>или</em> он требует проверки "
"достоверности, запрещённой директивой <q>only-if-cached</q>."
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "Пустой ответ (нулевой длины)"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "ОШИБКА: Запрошенный URN не может быть получен"
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
-"PO-Revision-Date: 2009-12-04 05:36+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
+"PO-Revision-Date: 2010-03-19 18:57+0100\n"
"Last-Translator: Ivan Masár <helix84@centrum.sk>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
"MIME-Version: 1.0\n"
"Content-Transfer-Encoding: 8bit\n"
"Language: sk\n"
"Plural-Forms: nplurals=3; plural=(n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2;\n"
-"X-Generator: Pootle 1.2.1\n"
+"X-Generator: Pootle 2.0.1\n"
#: templates/ERR_DIR_LISTING:6
msgid "<a href=\"../\">Parent Directory</a> (<a href=\"/\">Root Directory</a>)"
#: templates/ERR_READ_TIMEOUT:7
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
-"Vyhradený čas vypršal počas čítania zo siete. Sieť alebo server môžu byť "
-"mimo prevádzky alebo preťažené. Opakujte prosím svoju požiadavku. "
+"Vyhradený čas vypršal počas čakania na načítanie dát zo siete. Sieť alebo "
+"server môžu byť mimo prevádzky alebo preťažené. Prosím, zopakujte svoju "
+"požiadavku."
#: templates/ERR_URN_RESOLVE:3
msgid "A URL for the requested URN could not be retrieved"
#: templates/ERR_ACCESS_DENIED:6
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
-"Prístup k dokumentu vám v tomto čase nebol umožnený v dôsledku "
-"nedostatočných prístupových práv. Ak si myslíte, že je to chyba, kontaktujte "
-"prosím správcu daného systému."
+"Vašu požiadavku v tomto čase nebolo možné splniť kvôli konfigurácii riadenia "
+"prístupu. Ak si myslíte, že je to chyba, prosím, kontaktujte správcu daného "
+"systému."
#: templates/ERR_FTP_FORBIDDEN:4
msgid ""
"An FTP authentication failure occurred while trying to retrieve the URL: <a "
"href=\"%U\">%U</a>"
msgstr ""
-"Pri pokuse získať URL sa vyskytla chyba autentifikácie: <a href=\"%U\">%U</a>"
+"Pri pokuse získať URL sa vyskytla chyba autentifikácie FTP: <a href=\"%U\">%"
+"U</a>"
#: templates/ERR_FTP_FAILURE:4
msgid ""
#: templates/ERR_READ_ERROR:7
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
-"Vyskytla sa chyba pri prenose údajov cez sieť. Prosím, opakujte svoju "
+"Vyskytla sa chyba pri načítavaní údajov cez sieť. Prosím, opakujte svoju "
"požiadavku."
#: templates/ERR_WRITE_ERROR:7
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
"Vyskytla sa chyba pri zápise do siete. Prosím, opakujte svoju požiadavku."
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr "Adresár: <a href=\"%U\">%U</a>/"
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "CHYBA: Požadovaný URL nebolo možné získať"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "CHYBA: Požadované URN nebolo možné získať"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "CHYBA: Požadovaný URL nebolo možné získať"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "Súbor aktualizovaný"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr "Prehliadače Firefox - choďte na: <ul>"
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr "Prehliadače Internet Explorer - choďte na: <ul>"
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr "Prehliadače Opera - choďte na: <ul>"
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Preposielanie zamietnuté."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr "Vytvoril %T, %h (%s)"
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+"Vlastnosť <q>Expect:</q> verzie HTTP/1.1 sa požaduje od softvéru verzie "
+"HTTP/1.0."
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "Hej, neočakávaj priveľa od URN na %T :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr "Ako nájsť tieto nastavenia vo vašom prehliadači:"
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr "Chyba protokoly ICAP."
msgid "Illegal double-escape in the URL-Path"
msgstr "Chybná dvojitá úniková klauzula v URL-Path"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr "V poli HTTP proxy napíšte názov proxy %h a port 3128."
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "Neplatný URL"
msgid "Request is too large."
msgstr "Požiadavka je príliš dlhá."
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr "Vyberte Automaticky zistiť nastavenia"
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr "Vyberte Automatická konfigurácia proxy"
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Chyba socketu"
"Pri pokuse o získanie URN sa vyskytla nasledovná chyba: <a href=\"%U\">%U</a>"
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
-"Vzdialený server alebo sieť sú nedostupné. Prosím, opakujte svoju požiadavku."
+"Vzdialený server alebo sieť môžu byť nedostupné. Prosím, opakujte svoju "
+"požiadavku."
#: templates/ERR_TOO_BIG:5
msgid "The request or reply is too large."
#: templates/ERR_NO_RELAY:6
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
-"Tento cache server nemá nastavenú žiadnu WAIS Relay! Kričte na svojho "
+"Tento cache server nemá nastavený žiadny WAIS Relay server! Kričte na svojho "
"správcu."
#: templates/ERR_TOO_BIG:8
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
-"Tieto obmedzenia zaviedol poskytovateľ služby tohto cache servera. Prosím, "
+"Tieto obmedzenia zaviedol poskytovateľ tohto cache servera. Prosím, "
"kontaktujte ho priamo ak máte pocit, že to je chyba."
#: templates/ERR_UNSUP_HTTPVERSION:6
#: templates/ERR_SHUTTING_DOWN:5
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
-"Táto cache sa práve vypína a nemôže spracovať vašu požiadavku. Opakujte "
-"prosím svoju požiadavku o chvíľu."
+"Táto cache sa práve vypína a nemôže spracovať vašu požiadavku. Prosím, "
+"zopakujte svoju požiadavku o chvíľu."
#: templates/ERR_FORWARDING_DENIED:6
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
-"Tento server nepresmeruje vašu požiadavku, pretože mu to nedovoľujú vzťahy v "
-"hierarchii cache serverov. Cache server %i je možno zle nakonfigurovaný."
+"Tento server nepresmeruje vašu požiadavku, pretože sa pokúša o vynútenie "
+"vzťahu súrodenec. Možno je klient na %i cache server, ktorý bol zle "
+"nakonfigurovaný."
#: templates/ERR_ICAP_FAILURE:7
msgid "This means that some aspect of the ICAP communication failed."
#: templates/ERR_FTP_NOT_FOUND:7
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"To môže byť spôsobené uvedením absolútnej cesty v FTP URL (čo odporuje RFC "
-"1738). V tom
to prípade by ste súbor mohli nájsť na <a href=\"%B\">%B</a>."
+"1738). V tom prípade by ste súbor mohli nájsť na <a href=\"%B\">%B</a>."
#: templates/ERR_SECURE_CONNECT_FAIL:7
msgid ""
#: templates/ERR_CANNOT_FORWARD:6
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"Požiadavku nemožno presmerovať k pôvodnému serveru alebo nadradeným cache "
"serverom. Príčinou môže byť, že správca cache servera nedovolil tomuto cache "
"serveru priamy prístup k pôvodným serverom a všetky nadradené cache servery "
"sú práve nedostupné."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+"Nástroje -> Možnosti internetu -> Pripojenie -> Nastavenia LAN -"
+"> Proxy"
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+"Nástroje -> Možnosti -> Rozšírené -> Sieť -> Nastavenie "
+"pripojenia"
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+"Nástroje -> Nastavenia -> Rozšírené -> Sieť -> Proxy servery"
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "Nie je možné previesť názov počítača na IP adresu <q>%H</q>"
"Vami požadovaný dokument sa nenachádza v cache, a bola uvedená direktíva "
"<q>only-if-cached</q>."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr "Konfigurácia webového prehliadača"
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr "Pri pokuse o operáciu PUT na nasledovný URL: <a href=\"%U\">%U</a>"
"tento dokument vyžaduje aktualizáciu pričom toto je direktívou <q>only-if-"
"cached</q> obmedzené."
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+"Aby ste mohli používať túto sieť, musíte upraviť konfiguráciu vášho webového "
+"prehliadača."
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "Odpoveď s nulovou veľkosťou"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "CHYBA: Požadované URN nebolo možné získať"
--- /dev/null
+msgid ""
+msgstr ""
+"Project-Id-Version: Squid-3\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: Translate Toolkit 1.5.3\n"
+
+#: templates/ERR_DIR_LISTING:6
+msgid "<a href=\"../\">Parent Directory</a> (<a href=\"/\">Root Directory</a>)"
+msgstr ""
+
+#: templates/ERR_INVALID_REQ:4
+msgid ""
+"<b>Invalid Request</b> error was encountered while trying to process the "
+"request:"
+msgstr ""
+
+#: templates/ERR_INVALID_RESP:4
+msgid ""
+"<b>Invalid Response</b> error was encountered while trying to process the "
+"request:"
+msgstr ""
+
+#: templates/ERR_READ_TIMEOUT:7
+msgid ""
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
+msgstr ""
+
+#: templates/ERR_URN_RESOLVE:3
+msgid "A URL for the requested URN could not be retrieved"
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:5
+msgid "Access Denied."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:6
+msgid ""
+"Access control configuration prevents your request from being allowed at "
+"this time. Please contact your service provider if you feel this is "
+"incorrect."
+msgstr ""
+
+#: templates/ERR_FTP_FORBIDDEN:4
+msgid ""
+"An FTP authentication failure occurred while trying to retrieve the URL: <a "
+"href=\"%U\">%U</a>"
+msgstr ""
+
+#: templates/ERR_FTP_FAILURE:4
+msgid ""
+"An FTP protocol error occurred while trying to retrieve the URL: <a href=\"%U"
+"\">%U</a>"
+msgstr ""
+
+#: templates/ERR_ICAP_FAILURE:10
+msgid "An Illegal response was received from the ICAP server."
+msgstr ""
+
+#: templates/ERR_READ_ERROR:7
+msgid ""
+"An error condition occurred while reading data from the network. Please "
+"retry your request."
+msgstr ""
+
+#: templates/ERR_WRITE_ERROR:7
+msgid ""
+"An error condition occurred while writing to the network. Please retry your "
+"request."
+msgstr ""
+
+#: templates/ERR_CACHE_ACCESS_DENIED:3 templates/ERR_CACHE_ACCESS_DENIED:5
+msgid "Cache Access Denied."
+msgstr ""
+
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:3
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:5
+msgid "Cache Manager Access Denied."
+msgstr ""
+
+#: templates/ERR_URN_RESOLVE:5
+msgid "Cannot Resolve URN"
+msgstr ""
+
+#: templates/ERR_LIFETIME_EXP:5
+msgid "Connection Lifetime Expired"
+msgstr ""
+
+#: templates/ERR_CONNECT_FAIL:5
+msgid "Connection to %I failed."
+msgstr ""
+
+#: templates/ERR_INVALID_REQ:10
+msgid "Content-Length missing for POST or PUT requests."
+msgstr ""
+
+#: templates/ERR_DIR_LISTING:3
+msgid "Directory Content:"
+msgstr ""
+
+#: templates/ERR_DIR_LISTING:4
+msgid "Directory Listing"
+msgstr ""
+
+#: templates/ERR_DIR_LISTING:1
+msgid "Directory: %U"
+msgstr ""
+
+#: templates/ERR_DIR_LISTING:2
+msgid "Directory: <a href=\"%U\">%U</a>/"
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
+#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
+#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
+#: templates/ERR_FTP_FAILURE:2 templates/ERR_FTP_FORBIDDEN:2
+#: templates/ERR_FTP_NOT_FOUND:2 templates/ERR_FTP_PUT_ERROR:2
+#: templates/ERR_FTP_UNAVAILABLE:2 templates/ERR_ICAP_FAILURE:2
+#: templates/ERR_INVALID_REQ:2 templates/ERR_INVALID_RESP:2
+#: templates/ERR_INVALID_URL:2 templates/ERR_LIFETIME_EXP:2
+#: templates/ERR_NO_RELAY:2 templates/ERR_ONLY_IF_CACHED_MISS:2
+#: templates/ERR_READ_ERROR:2 templates/ERR_READ_TIMEOUT:2
+#: templates/ERR_SECURE_CONNECT_FAIL:2 templates/ERR_SHUTTING_DOWN:2
+#: templates/ERR_SOCKET_FAILURE:2 templates/ERR_TOO_BIG:2
+#: templates/ERR_UNSUP_HTTPVERSION:2 templates/ERR_UNSUP_REQ:2
+#: templates/ERR_URN_RESOLVE:2 templates/ERR_WRITE_ERROR:2
+#: templates/ERR_ZERO_SIZE_OBJECT:2
+msgid "ERROR"
+msgstr ""
+
+#: templates/ERR_CACHE_ACCESS_DENIED:1
+msgid "ERROR: Cache Access Denied"
+msgstr ""
+
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:1
+msgid "ERROR: Cache Manager Access Denied"
+msgstr ""
+
+#: templates/ERR_FTP_PUT_ERROR:1
+msgid "ERROR: FTP upload failed"
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:1 templates/ERR_CANNOT_FORWARD:1
+#: templates/ERR_CONNECT_FAIL:1 templates/ERR_DNS_FAIL:1 templates/ERR_ESI:1
+#: templates/ERR_FORWARDING_DENIED:1 templates/ERR_FTP_DISABLED:1
+#: templates/ERR_FTP_FAILURE:1 templates/ERR_FTP_FORBIDDEN:1
+#: templates/ERR_FTP_NOT_FOUND:1 templates/ERR_FTP_UNAVAILABLE:1
+#: templates/ERR_ICAP_FAILURE:1 templates/ERR_INVALID_REQ:1
+#: templates/ERR_INVALID_RESP:1 templates/ERR_INVALID_URL:1
+#: templates/ERR_LIFETIME_EXP:1 templates/ERR_NO_RELAY:1
+#: templates/ERR_ONLY_IF_CACHED_MISS:1 templates/ERR_READ_ERROR:1
+#: templates/ERR_READ_TIMEOUT:1 templates/ERR_SECURE_CONNECT_FAIL:1
+#: templates/ERR_SHUTTING_DOWN:1 templates/ERR_SOCKET_FAILURE:1
+#: templates/ERR_TOO_BIG:1 templates/ERR_UNSUP_HTTPVERSION:1
+#: templates/ERR_UNSUP_REQ:1 templates/ERR_WRITE_ERROR:1
+#: templates/ERR_ZERO_SIZE_OBJECT:1
+msgid "ERROR: The requested URL could not be retrieved"
+msgstr ""
+
+#: templates/ERR_URN_RESOLVE:1
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr ""
+
+#: templates/ERR_ESI:5
+msgid "ESI Processing failed."
+msgstr ""
+
+#: templates/ERR_FTP_PUT_CREATED:1
+msgid "FTP PUT Successful: File Created"
+msgstr ""
+
+#: templates/ERR_FTP_PUT_MODIFIED:1
+msgid "FTP PUT Successful: File Updated"
+msgstr ""
+
+#: templates/ERR_FTP_PUT_ERROR:3
+msgid "FTP PUT/upload failed"
+msgstr ""
+
+#: templates/ERR_FTP_DISABLED:5
+msgid "FTP is Disabled"
+msgstr ""
+
+#: templates/ERR_SECURE_CONNECT_FAIL:5
+msgid "Failed to establish a secure connection to %I"
+msgstr ""
+
+#: templates/ERR_FTP_PUT_CREATED:3
+msgid "File created"
+msgstr ""
+
+#: templates/ERR_FTP_PUT_MODIFIED:3
+msgid "File updated"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_FORWARDING_DENIED:5
+msgid "Forwarding Denied."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
+#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
+#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
+#: templates/ERR_FORWARDING_DENIED:8 templates/ERR_FTP_DISABLED:8
+#: templates/ERR_FTP_FAILURE:8 templates/ERR_FTP_FORBIDDEN:8
+#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
+#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
+#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
+#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
+#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
+#: templates/ERR_SECURE_CONNECT_FAIL:9 templates/ERR_SHUTTING_DOWN:7
+#: templates/ERR_SOCKET_FAILURE:9 templates/ERR_TOO_BIG:10
+#: templates/ERR_UNSUP_HTTPVERSION:8 templates/ERR_UNSUP_REQ:8
+#: templates/ERR_URN_RESOLVE:8 templates/ERR_WRITE_ERROR:9
+#: templates/ERR_ZERO_SIZE_OBJECT:8
+msgid "Generated %T by %h (%s)"
+msgstr ""
+
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
+#: templates/ERR_URN_RESOLVE:6
+msgid "Hey, don't expect too much from URNs on %T :)"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
+#: templates/ERR_ICAP_FAILURE:5
+msgid "ICAP protocol error."
+msgstr ""
+
+#: templates/ERR_TOO_BIG:7
+msgid ""
+"If you are making a GET request, then the item you are trying to download is "
+"too large."
+msgstr ""
+
+#: templates/ERR_TOO_BIG:6
+msgid ""
+"If you are making a POST or PUT request, then the item you are trying to "
+"upload is too large."
+msgstr ""
+
+#: templates/ERR_INVALID_REQ:11 templates/ERR_INVALID_URL:11
+msgid "Illegal character in hostname; underscores are not allowed."
+msgstr ""
+
+#: templates/ERR_INVALID_URL:10
+msgid "Illegal double-escape in the URL-Path"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
+#: templates/ERR_INVALID_URL:5
+msgid "Invalid URL"
+msgstr ""
+
+#: templates/ERR_INVALID_REQ:8
+msgid "Missing HTTP Identifier (HTTP/1.0)."
+msgstr ""
+
+#: templates/ERR_INVALID_REQ:7
+msgid "Missing URL."
+msgstr ""
+
+#: templates/ERR_INVALID_URL:9
+msgid "Missing hostname"
+msgstr ""
+
+#: templates/ERR_INVALID_URL:8
+msgid ""
+"Missing or incorrect access protocol (should be <q>http://</q> or similar)"
+msgstr ""
+
+#: templates/ERR_INVALID_REQ:6
+msgid "Missing or unknown request method."
+msgstr ""
+
+#: templates/ERR_NO_RELAY:5
+msgid "No Wais Relay"
+msgstr ""
+
+#: templates/ERR_FTP_PUT_CREATED:2 templates/ERR_FTP_PUT_MODIFIED:2
+msgid "Operation successful"
+msgstr ""
+
+#: templates/ERR_DIR_LISTING:5
+msgid "Parent Directory"
+msgstr ""
+
+#: templates/ERR_CACHE_ACCESS_DENIED:7
+msgid ""
+"Please contact the <a href=\"mailto:%w%W\">cache administrator</a> if you "
+"have difficulties authenticating yourself or <a href=\"http://%h/cgi-bin/"
+"chpasswd.cgi\">change</a> your default password."
+msgstr ""
+
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:7
+msgid ""
+"Please contact the <a href=\"mailto:%w%W\">cache administrator</a> if you "
+"have difficulties authenticating yourself or, if you <em>are</em> the "
+"administrator, read Squid documentation on cache manager interface and check "
+"cache log for more detailed error messages."
+msgstr ""
+
+#: templates/ERR_READ_ERROR:5
+msgid "Read Error"
+msgstr ""
+
+#: templates/ERR_READ_TIMEOUT:5
+msgid "Read Timeout"
+msgstr ""
+
+#: templates/ERR_INVALID_REQ:9
+msgid "Request is too large."
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
+#: templates/ERR_SOCKET_FAILURE:5
+msgid "Socket Failure"
+msgstr ""
+
+#: templates/ERR_INVALID_URL:6
+msgid "Some aspect of the requested URL is incorrect."
+msgstr ""
+
+#: templates/ERR_ICAP_FAILURE:8 templates/ERR_INVALID_REQ:5
+#: templates/ERR_INVALID_URL:7
+msgid "Some possible problems are:"
+msgstr ""
+
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:6
+msgid ""
+"Sorry, you are not currently allowed to request %U from this cache manager "
+"until you have authenticated yourself."
+msgstr ""
+
+#: templates/ERR_CACHE_ACCESS_DENIED:6
+msgid ""
+"Sorry, you are not currently allowed to request %U from this cache until you "
+"have authenticated yourself."
+msgstr ""
+
+#: templates/ERR_ZERO_SIZE_OBJECT:6
+msgid "Squid did not receive any data for this request."
+msgstr ""
+
+#: templates/ERR_UNSUP_REQ:6
+msgid ""
+"Squid does not support all request methods for all access protocols. For "
+"example, you can not POST a Gopher request."
+msgstr ""
+
+#: templates/ERR_LIFETIME_EXP:6
+msgid ""
+"Squid has terminated the request because it has exceeded the maximum "
+"connection lifetime."
+msgstr ""
+
+#: templates/ERR_SOCKET_FAILURE:7
+msgid ""
+"Squid is unable to create a TCP socket, presumably due to excessive load. "
+"Please retry your request."
+msgstr ""
+
+#: templates/ERR_FTP_FAILURE:5 templates/ERR_FTP_FORBIDDEN:5
+#: templates/ERR_FTP_NOT_FOUND:5 templates/ERR_FTP_PUT_ERROR:5
+#: templates/ERR_FTP_UNAVAILABLE:5
+msgid "Squid sent the following FTP command:"
+msgstr ""
+
+#: templates/ERR_DNS_FAIL:6
+msgid "The DNS server returned:"
+msgstr ""
+
+#: templates/ERR_ESI:6
+msgid "The ESI processor returned:"
+msgstr ""
+
+#: templates/ERR_FTP_UNAVAILABLE:4
+msgid "The FTP server was too busy to retrieve the URL: <a href=\"%U\">%U</a>"
+msgstr ""
+
+#: templates/ERR_INVALID_RESP:5
+msgid ""
+"The HTTP Response message received from the contacted server could not be "
+"understood or was otherwise malformed. Please contact the site operator."
+msgstr ""
+
+#: templates/ERR_ICAP_FAILURE:9
+msgid "The ICAP server is not reachable."
+msgstr ""
+
+#: templates/ERR_FTP_NOT_FOUND:4
+msgid "The following URL could not be retrieved: <a href=\"%U\">%U</a>"
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:4 templates/ERR_CACHE_ACCESS_DENIED:4
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:4 templates/ERR_CANNOT_FORWARD:4
+#: templates/ERR_CONNECT_FAIL:4 templates/ERR_DNS_FAIL:4 templates/ERR_ESI:4
+#: templates/ERR_FORWARDING_DENIED:4 templates/ERR_FTP_DISABLED:4
+#: templates/ERR_ICAP_FAILURE:4 templates/ERR_INVALID_URL:4
+#: templates/ERR_LIFETIME_EXP:4 templates/ERR_NO_RELAY:4
+#: templates/ERR_ONLY_IF_CACHED_MISS:4 templates/ERR_READ_ERROR:4
+#: templates/ERR_READ_TIMEOUT:4 templates/ERR_SECURE_CONNECT_FAIL:4
+#: templates/ERR_SHUTTING_DOWN:4 templates/ERR_SOCKET_FAILURE:4
+#: templates/ERR_TOO_BIG:4 templates/ERR_UNSUP_HTTPVERSION:4
+#: templates/ERR_UNSUP_REQ:4 templates/ERR_WRITE_ERROR:4
+#: templates/ERR_ZERO_SIZE_OBJECT:4
+msgid ""
+"The following error was encountered while trying to retrieve the URL: <a "
+"href=\"%U\">%U</a>"
+msgstr ""
+
+#: templates/ERR_URN_RESOLVE:4
+msgid ""
+"The following error was encountered while trying to retrieve the URN: <a "
+"href=\"%U\">%U</a>"
+msgstr ""
+
+#: templates/ERR_CONNECT_FAIL:7
+msgid "The remote host or network may be down. Please try the request again."
+msgstr ""
+
+#: templates/ERR_TOO_BIG:5
+msgid "The request or reply is too large."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:3 templates/ERR_CANNOT_FORWARD:3
+#: templates/ERR_CONNECT_FAIL:3 templates/ERR_DNS_FAIL:3 templates/ERR_ESI:3
+#: templates/ERR_FORWARDING_DENIED:3 templates/ERR_FTP_DISABLED:3
+#: templates/ERR_FTP_FAILURE:3 templates/ERR_FTP_FORBIDDEN:3
+#: templates/ERR_FTP_NOT_FOUND:3 templates/ERR_FTP_UNAVAILABLE:3
+#: templates/ERR_ICAP_FAILURE:3 templates/ERR_INVALID_REQ:3
+#: templates/ERR_INVALID_RESP:3 templates/ERR_INVALID_URL:3
+#: templates/ERR_LIFETIME_EXP:3 templates/ERR_NO_RELAY:3
+#: templates/ERR_ONLY_IF_CACHED_MISS:3 templates/ERR_READ_ERROR:3
+#: templates/ERR_READ_TIMEOUT:3 templates/ERR_SECURE_CONNECT_FAIL:3
+#: templates/ERR_SHUTTING_DOWN:3 templates/ERR_SOCKET_FAILURE:3
+#: templates/ERR_TOO_BIG:3 templates/ERR_UNSUP_REQ:3
+#: templates/ERR_WRITE_ERROR:3 templates/ERR_ZERO_SIZE_OBJECT:3
+msgid "The requested URL could not be retrieved"
+msgstr ""
+
+#: templates/ERR_FTP_FAILURE:6 templates/ERR_FTP_FORBIDDEN:6
+#: templates/ERR_FTP_NOT_FOUND:6 templates/ERR_FTP_PUT_ERROR:6
+#: templates/ERR_FTP_UNAVAILABLE:6
+msgid "The server responded with:"
+msgstr ""
+
+#: templates/ERR_CONNECT_FAIL:6 templates/ERR_ICAP_FAILURE:6
+#: templates/ERR_READ_ERROR:6 templates/ERR_READ_TIMEOUT:6
+#: templates/ERR_SECURE_CONNECT_FAIL:6 templates/ERR_SOCKET_FAILURE:6
+#: templates/ERR_WRITE_ERROR:6
+msgid "The system returned: <i>%E</i>"
+msgstr ""
+
+#: templates/ERR_NO_RELAY:6
+msgid ""
+"There is no WAIS Relay host defined for this Cache! Yell at the "
+"administrator."
+msgstr ""
+
+#: templates/ERR_TOO_BIG:8
+msgid ""
+"These limits have been established by the Internet Service Provider who "
+"operates this cache. Please contact them directly if you feel this is an "
+"error."
+msgstr ""
+
+#: templates/ERR_UNSUP_HTTPVERSION:6
+msgid "This Squid does not accept the HTTP version you are attempting to use."
+msgstr ""
+
+#: templates/ERR_FTP_DISABLED:6
+msgid "This cache does not support FTP."
+msgstr ""
+
+#: templates/ERR_SHUTTING_DOWN:5
+msgid ""
+"This cache is in the process of shutting down and can not service your "
+"request at this time. Please retry your request again soon."
+msgstr ""
+
+#: templates/ERR_FORWARDING_DENIED:6
+msgid ""
+"This cache will not forward your request because it is trying to enforce a "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
+"misconfigured."
+msgstr ""
+
+#: templates/ERR_ICAP_FAILURE:7
+msgid "This means that some aspect of the ICAP communication failed."
+msgstr ""
+
+#: templates/ERR_FTP_PUT_ERROR:7
+msgid ""
+"This means that the FTP server may not have permission or space to store the "
+"file. Check the path, permissions, diskspace and try again."
+msgstr ""
+
+#: templates/ERR_DNS_FAIL:7
+msgid ""
+"This means that the cache was not able to resolve the hostname presented in "
+"the URL. Check if the address is correct."
+msgstr ""
+
+#: templates/ERR_ESI:7
+msgid ""
+"This means that the surrogate was not able to process the ESI template. "
+"Please report this error to the webmaster."
+msgstr ""
+
+#: templates/ERR_FTP_NOT_FOUND:7
+msgid ""
+"This might be caused by an FTP URL with an absolute path (which does not "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
+"<a href=\"%B\">%B</a>."
+msgstr ""
+
+#: templates/ERR_SECURE_CONNECT_FAIL:7
+msgid ""
+"This proxy and the remote host failed to negotiate a mutually acceptable "
+"security settings for handling your request. It is possible that the remote "
+"host does not support secure connections, or the proxy is not satisfied with "
+"the host security credentials."
+msgstr ""
+
+#: templates/ERR_CANNOT_FORWARD:6
+msgid ""
+"This request could not be forwarded to the origin server or to any parent "
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
+#: templates/ERR_DNS_FAIL:5
+msgid "Unable to determine IP address from host name <q>%H</q>"
+msgstr ""
+
+#: templates/ERR_CANNOT_FORWARD:5
+msgid "Unable to forward this request at this time."
+msgstr ""
+
+#: templates/ERR_UNSUP_HTTPVERSION:3 templates/ERR_UNSUP_HTTPVERSION:5
+msgid "Unsupported HTTP version"
+msgstr ""
+
+#: templates/ERR_UNSUP_REQ:5
+msgid "Unsupported Request Method and Protocol"
+msgstr ""
+
+#: templates/ERR_ONLY_IF_CACHED_MISS:5
+msgid ""
+"Valid document was not found in the cache and <q>only-if-cached</q> "
+"directive was specified."
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
+#: templates/ERR_FTP_PUT_ERROR:4
+msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
+msgstr ""
+
+#: templates/ERR_WRITE_ERROR:5
+msgid "Write Error"
+msgstr ""
+
+#: templates/ERR_ONLY_IF_CACHED_MISS:6
+msgid ""
+"You have issued a request with a <q>only-if-cached</q> cache control "
+"directive. The document was not found in the cache, <em>or</em> it required "
+"revalidation prohibited by the <q>only-if-cached</q> directive."
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
+#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
+#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
+#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
+#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
+#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
+#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
+#: templates/ERR_READ_TIMEOUT:8 templates/ERR_SECURE_CONNECT_FAIL:8
+#: templates/ERR_SHUTTING_DOWN:6 templates/ERR_SOCKET_FAILURE:8
+#: templates/ERR_TOO_BIG:9 templates/ERR_UNSUP_HTTPVERSION:7
+#: templates/ERR_UNSUP_REQ:7 templates/ERR_URN_RESOLVE:7
+#: templates/ERR_WRITE_ERROR:8 templates/ERR_ZERO_SIZE_OBJECT:7
+msgid "Your cache administrator is <a href=\"mailto:%w%W\">%w</a>."
+msgstr ""
+
+#: templates/ERR_INVALID_RESP:6
+msgid ""
+"Your cache administrator may be able to provide you with more details about "
+"the exact nature of the problem if needed."
+msgstr ""
+
+#: templates/ERR_ESI:8
+msgid "Your webmaster is <a href=\"mailto:%w\">%w</a>."
+msgstr ""
+
+#: templates/ERR_ZERO_SIZE_OBJECT:5
+msgid "Zero Sized Reply"
+msgstr ""
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
-"PO-Revision-Date: 2008-11-29 19:45+1300\n"
-"Last-Translator: Bratislav Ilic <batailic@gmail.com>\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
+"PO-Revision-Date: 2010-03-08 23:50+0200\n"
+"Last-Translator: Bratislav <batailic@gmail.com>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
-"X-Generator: Pootle 1.1.0\n"
+"Language: sr-Latn\n"
+"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%"
+"10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
+"X-Generator: Pootle 2.0.1\n"
#: templates/ERR_DIR_LISTING:6
msgid "<a href=\"../\">Parent Directory</a> (<a href=\"/\">Root Directory</a>)"
msgstr ""
-"<a href=\"../\">Надређени директоријум</a> (<a href=\"/\">Основни "
-"директоријум</a>)"
+"<a href=\"../\">Nadređeni direktorijum</a> (<a href=\"/\">Osnovni "
+"direktorijum</a>)"
#: templates/ERR_INVALID_REQ:4
msgid ""
"<b>Invalid Request</b> error was encountered while trying to process the "
"request:"
-msgstr ""
+msgstr "<b>Neispravan zahtev</b> greška prilikom obrade vašeg zahteva:"
#: templates/ERR_INVALID_RESP:4
msgid ""
"<b>Invalid Response</b> error was encountered while trying to process the "
"request:"
-msgstr ""
+msgstr "<b>Neispravan odgovor</b> greška prilikom obrade vašeg zahteva:"
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
-"Prilikom isèitavanja greške sa mreže došlo je do prekida. Mreža ili server "
-"su možda preoptereæeni ili nedostupni. Molimo pokušajte ponovo."
+"Zastoj prilikom čitanja podataka sa mreže. Mreža ili server su možda "
+"preopterećeni ili nedostupni. Molimo pokušajte ponovo."
#: templates/ERR_URN_RESOLVE:3
msgid "A URL for the requested URN could not be retrieved"
-msgstr "Tražena adresa (URL) za URN ne može da se dovuèe"
+msgstr "Adresa (URL) za traženi podatak (URN) ne može da se učita"
#: templates/ERR_ACCESS_DENIED:5
msgid "Access Denied."
msgstr "Pristup nije dozvoljen."
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
-"Sistem za kontrolu pristupa konfigurisan je tako da vam u ovom trenutku "
-"pristup nije dozvoljen. Ako smatrate da to nije u redu, molimo da "
-"kontaktirate vašeg servis provajdera."
+"Sistem je konfigurisan tako da vam u ovom trenutku pristup nije dozvoljen. "
+"Ako smatrate da to ne bi trebalo da bude slučaj obratite se vašem dobavljaču "
+"usluga."
#: templates/ERR_FTP_FORBIDDEN:4
-#, fuzzy
msgid ""
"An FTP authentication failure occurred while trying to retrieve the URL: <a "
"href=\"%U\">%U</a>"
msgstr ""
-"Prilikom pokušaja da se dovuèe URL: <a href=\"%U\">%U</a> nije uspela FTP "
-"autentifikacija."
+"Nije uspela FTP autentifikacija prilikom učitavanja adrese (URL): <a href=\"%"
+"U\">%U</a>."
#: templates/ERR_FTP_FAILURE:4
msgid ""
"An FTP protocol error occurred while trying to retrieve the URL: <a href=\"%U"
"\">%U</a>"
msgstr ""
-"Desila se greška u FTP protokolu prilikom dovlaèenja URL-a: <a href=\"%U\">%"
-"U</a>"
+"Greška u FTP protokolu prilikom učitavanja adrese (URL): <a href=\"%U\">%U</"
+"a>"
#: templates/ERR_ICAP_FAILURE:10
msgid "An Illegal response was received from the ICAP server."
-msgstr ""
+msgstr "Neispravan odgovor ICAP servera."
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
-"Desila se greška prilikom èitanja podataka sa mreže. Molimo pokušajte "
-"ponovo."
+"Greška prilikom učitavanja podataka sa mreže. Molimo pokušajte ponovo."
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
-msgstr "Desila se greška prilikom upisa u mreži. Molimo pokušajte ponovo."
+msgstr ""
+"Desila se greška prilikom upisa podataka ka mreži. Molimo pokušajte ponovo."
#: templates/ERR_CACHE_ACCESS_DENIED:3 templates/ERR_CACHE_ACCESS_DENIED:5
msgid "Cache Access Denied."
#: templates/ERR_URN_RESOLVE:5
msgid "Cannot Resolve URN"
-msgstr "Ne mogu da odgonetnem URN"
+msgstr "Nije moguće prepoznati URN"
#: templates/ERR_LIFETIME_EXP:5
msgid "Connection Lifetime Expired"
-msgstr "Dozvoljeno trajanje konekcije je prekoraèeno"
+msgstr "Trajanje konekcije prekoračeno"
#: templates/ERR_CONNECT_FAIL:5
msgid "Connection to %I failed."
-msgstr ""
+msgstr "Konekcija ka %I nije uspela."
#: templates/ERR_INVALID_REQ:10
msgid "Content-Length missing for POST or PUT requests."
-msgstr "Nedostaje dužina zahteva (Content-Length) za POST ili PUT zahtev"
+msgstr "Nedostaje dužina sadržaja za POST ili PUT zahtev."
#: templates/ERR_DIR_LISTING:3
msgid "Directory Content:"
-msgstr ""
+msgstr "Sadržaj direktorijuma:"
#: templates/ERR_DIR_LISTING:4
msgid "Directory Listing"
-msgstr ""
+msgstr "Listing direktorijuma:"
#: templates/ERR_DIR_LISTING:1
msgid "Directory: %U"
-msgstr ""
+msgstr "Direktorijum %U"
#: templates/ERR_DIR_LISTING:2
msgid "Directory: <a href=\"%U\">%U</a>/"
-msgstr ""
+msgstr "Direktorijum: <a href=\"%U\">%U</a>/"
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
#: templates/ERR_FTP_PUT_ERROR:1
msgid "ERROR: FTP upload failed"
-msgstr "GREŠKA: FTP PUT/upload nije uspeo"
+msgstr "GREŠKA: FTP upis/upload nije uspeo"
#: templates/ERR_ACCESS_DENIED:1 templates/ERR_CANNOT_FORWARD:1
#: templates/ERR_CONNECT_FAIL:1 templates/ERR_DNS_FAIL:1 templates/ERR_ESI:1
#: templates/ERR_UNSUP_REQ:1 templates/ERR_WRITE_ERROR:1
#: templates/ERR_ZERO_SIZE_OBJECT:1
msgid "ERROR: The requested URL could not be retrieved"
-msgstr "GREŠKA: Tražena adresa (URL) ne može da se dovuèe"
+msgstr "GREŠKA: Tražena adresa (URL) ne može da se učita"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "GREŠKA: Tražena adresa (URL) za URN ne može da se dovuèe"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "GREŠKA: Tražena adresa (URL) ne može da se učita"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
#: templates/ERR_FTP_PUT_CREATED:1
msgid "FTP PUT Successful: File Created"
-msgstr "FTP PUT uspešan: Fajl je prenesen"
+msgstr "FTP PUT uspešan: Fajl je kreiran"
#: templates/ERR_FTP_PUT_MODIFIED:1
msgid "FTP PUT Successful: File Updated"
#: templates/ERR_FTP_PUT_ERROR:3
msgid "FTP PUT/upload failed"
-msgstr "FTP PUT/upload nije uspeo"
+msgstr "FTP PUT/upis nije uspeo"
#: templates/ERR_FTP_DISABLED:5
msgid "FTP is Disabled"
-msgstr "FTP nije omoguæen."
+msgstr "FTP je onemogućen."
#: templates/ERR_SECURE_CONNECT_FAIL:5
msgid "Failed to establish a secure connection to %I"
-msgstr "Nije uspelo uspostavljanje sigune konekcije sa %I"
+msgstr "Nije uspelo uspostavljanje sigurne veze sa %I"
#: templates/ERR_FTP_PUT_CREATED:3
msgid "File created"
-msgstr "Fajl je prenesen"
+msgstr "Fajl je kreiran"
#: templates/ERR_FTP_PUT_MODIFIED:3
msgid "File updated"
msgstr "Fajl je osvežen"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
-msgstr "Prosleðivanje odbijeno."
+msgstr "Prosleđivanje nije dozvoljeno."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
#: templates/ERR_URN_RESOLVE:8 templates/ERR_WRITE_ERROR:9
#: templates/ERR_ZERO_SIZE_OBJECT:8
msgid "Generated %T by %h (%s)"
-msgstr ""
+msgstr "Generisano %T sa %h (%s)"
+
+#: templates/ERR_INVALID_REQ:12
+#, fuzzy
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr "HTTP/1.1 Zahtev: funkcija je tražena od HTTP/1.0 softvera."
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
-msgstr "Hej, nemoj mnogo da oèekujes od URNova na %T! :)"
+msgstr "Hej, ne očekuj previše od URN-a na %T :)"
+
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr "Greška u ICAP protokolu."
#: templates/ERR_TOO_BIG:7
-#, fuzzy
msgid ""
"If you are making a GET request, then the item you are trying to download is "
"too large."
-msgstr ""
-"Ako ste uputili GET zahtev, onda je telo odgovora to što pokušavate da "
-"skinete preveliko."
+msgstr "Ako ste uputili GET zahtev, onda je podatak koji tražite prevelik."
#: templates/ERR_TOO_BIG:6
-#, fuzzy
msgid ""
"If you are making a POST or PUT request, then the item you are trying to "
"upload is too large."
msgstr ""
-"Ukoliko je vaš zahtev POST ili PUT, onda je telo zahteva to štopokušavate da "
-"upload-ujete preveliko."
+"Ukoliko je vaš zahtev POST ili PUT, onda je podatak koji pokušavate da "
+"upišete prevelik."
#: templates/ERR_INVALID_REQ:11 templates/ERR_INVALID_URL:11
msgid "Illegal character in hostname; underscores are not allowed."
msgstr ""
-"Nedozvoljeni karakteri u imenu raèunara; donja crta (_) nije dozvoljena."
+"Nedozvoljeni karakteri u imenu računara; donja crta (_) nije dozvoljena."
#: templates/ERR_INVALID_URL:10
msgid "Illegal double-escape in the URL-Path"
-msgstr "Nedozvoljeni dvostruki-escape u URL putanji"
+msgstr "Nedozvoljene dvostruke \"escape\" sekvence u URL putanji"
+
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
#: templates/ERR_INVALID_REQ:8
msgid "Missing HTTP Identifier (HTTP/1.0)."
-msgstr "Nedostaje HTTP identifikator (HTTP/1.0)."
+msgstr "Nedostaje HTTP identifikator (HTTP/1.0)."
#: templates/ERR_INVALID_REQ:7
msgid "Missing URL."
#: templates/ERR_INVALID_URL:9
msgid "Missing hostname"
-msgstr "Nedostaje ime raèunara (servera)"
+msgstr "Nedostaje ime računara (servera)"
#: templates/ERR_INVALID_URL:8
msgid ""
"Missing or incorrect access protocol (should be <q>http://</q> or similar)"
msgstr ""
-"Pristupni protokol nedostaje ili je neispravan (trebao bi da bude <q>http://"
-"</q> ili slièno)"
+"Protokol pristupa je neispravan (treba da bude <q>http://</q> ili slično)"
#: templates/ERR_INVALID_REQ:6
msgid "Missing or unknown request method."
-msgstr "Metod zahteva je nepoznat ili nedostaje."
+msgstr "Zahtevani metod pristupa je nepoznat."
#: templates/ERR_NO_RELAY:5
msgid "No Wais Relay"
-msgstr "Nema Wais relay-a"
+msgstr "Nema Wais servera"
#: templates/ERR_FTP_PUT_CREATED:2 templates/ERR_FTP_PUT_MODIFIED:2
msgid "Operation successful"
-msgstr "Operacija je okonèana uspešno"
+msgstr "Operacija uspešna"
#: templates/ERR_DIR_LISTING:5
msgid "Parent Directory"
-msgstr ""
+msgstr "Nadređeni direktorijum"
#: templates/ERR_CACHE_ACCESS_DENIED:7
msgid ""
"have difficulties authenticating yourself or <a href=\"http://%h/cgi-bin/"
"chpasswd.cgi\">change</a> your default password."
msgstr ""
-"Ukoliko budete imali problema oko autentifikacije molimo kontaktirajte <a "
-"href=\"mailto:%w%W\">proksi administratora</a> ili želite da <a href="
-"\"http://%h/cgi-bin/chpasswd.cgi\">promenite</a> svoju poèetnu lozinku."
+"Molimo kontaktirajte <a href=\"mailto:%w%W\">keš administratora</a> ako "
+"imate problema sa autentifikacijom ili <a href=\"http://%h/cgi-bin/chpasswd."
+"cgi\">promenite</a> vašu šifru."
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:7
msgid ""
"administrator, read Squid documentation on cache manager interface and check "
"cache log for more detailed error messages."
msgstr ""
-"koliko budete imali problema oko autentifikacije molimo kontaktirajte <a "
-"href=\"mailto:%w%W\">proxy administratora</a> a ako vi <em>jeste</em> "
-"administrator, proèitajte dokumentaciju o keš menadžeru za Squid i proverite "
-"keš log za detaljnije opise grešaka."
+"Molimo kontaktirajte <a href=\"mailto:%w%W\">proksi administratora</a> ako "
+"imate probplema sa autentifikacijom ili, ako vi <em>jeste</em> "
+"administrator, pročitajte dokumentaciju o Squid keš menadžeru i proverite "
+"keš žurnal za detaljnije poruke o grešakama."
#: templates/ERR_READ_ERROR:5
msgid "Read Error"
-msgstr "Greška u èitanju"
+msgstr "Greška čitanja"
#: templates/ERR_READ_TIMEOUT:5
msgid "Read Timeout"
-msgstr "Predugo vreme èitanja"
+msgstr "Zastoj čitanja"
#: templates/ERR_INVALID_REQ:9
msgid "Request is too large."
-msgstr "Zahtev je predug."
+msgstr "Zahtev je prevelik."
+
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
#: templates/ERR_ICAP_FAILURE:8 templates/ERR_INVALID_REQ:5
#: templates/ERR_INVALID_URL:7
msgid "Some possible problems are:"
-msgstr ""
+msgstr "Mogući problemi su:"
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:6
-#, fuzzy
msgid ""
"Sorry, you are not currently allowed to request %U from this cache manager "
"until you have authenticated yourself."
msgstr ""
-"Na žalost trenutno vam nije dozvoljeno da zahtevate %U iz ovog keš menadžera "
-"pre nego što se autentifikujete."
+"Na žalost nije vam dozvoljen da zahtevat %U od ovog keš menadžera ukoliko se "
+"ne autentifikujete."
#: templates/ERR_CACHE_ACCESS_DENIED:6
-#, fuzzy
msgid ""
"Sorry, you are not currently allowed to request %U from this cache until you "
"have authenticated yourself."
msgstr ""
-"Na žalost trenutno vam nije dozvoljeno da zahtevate %U iz ovog proksi "
-"servera pre nego što se ne autentifikujete."
+"Na žalost nije vam dozvoljen da zahtev %U od ovog proksi servera ukoliko se "
+"ne autentifikujete."
#: templates/ERR_ZERO_SIZE_OBJECT:6
-#, fuzzy
msgid "Squid did not receive any data for this request."
-msgstr "Squid proksi nije dobio nikakav odgovor na vaš zahtev."
+msgstr "Squid proksi nije dobio nikakve podatke na vaš zahtev."
#: templates/ERR_UNSUP_REQ:6
msgid ""
msgstr "ESI procesor je vratio:"
#: templates/ERR_FTP_UNAVAILABLE:4
-#, fuzzy
msgid "The FTP server was too busy to retrieve the URL: <a href=\"%U\">%U</a>"
msgstr ""
-"FTP server je bio preoptereæen prilikom pokušaja da se dovuèe URL: <a href="
-"\"%U\">%U</a>"
+"FTP server je bio preopterećen prilikom učitavanja adrese (URL): <a href=\"%U"
+"\">%U</a>"
#: templates/ERR_INVALID_RESP:5
msgid ""
"The HTTP Response message received from the contacted server could not be "
"understood or was otherwise malformed. Please contact the site operator."
msgstr ""
-"HTTP odgovor koji je dobijen od kontaktiranog servera ne može da se razume "
-"ili je na neki nacin pogrešno formirana. Molimo kontaktirajte operatora "
-"sajta."
+"HTTP odgovor dobijen od kontaktiranog servera nije moguće razumeti ili je na "
+"neki način pogrešno formiran. Molimo kontaktirajte operatora sajta."
#: templates/ERR_ICAP_FAILURE:9
msgid "The ICAP server is not reachable."
#: templates/ERR_FTP_NOT_FOUND:4
msgid "The following URL could not be retrieved: <a href=\"%U\">%U</a>"
-msgstr ""
+msgstr "Adresa (URL) nije dostupna: <a href=\"%U\">%U</a>"
#: templates/ERR_ACCESS_DENIED:4 templates/ERR_CACHE_ACCESS_DENIED:4
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:4 templates/ERR_CANNOT_FORWARD:4
msgid ""
"The following error was encountered while trying to retrieve the URL: <a "
"href=\"%U\">%U</a>"
-msgstr ""
+msgstr "Greška učitavanja podataka sa adrese (URL): <a href=\"%U\">%U</a>"
#: templates/ERR_URN_RESOLVE:4
msgid ""
"The following error was encountered while trying to retrieve the URN: <a "
"href=\"%U\">%U</a>"
-msgstr ""
+msgstr "Greška učitavanja podataka (URN): <a href=\"%U\">%U</a>"
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
-msgstr "Udaljeni raèunar ili mreža nisu operativni. Molimo pokušajte kasnije."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
+msgstr "Udaljeni računar ili mreža nisu dostupni. Molimo pokušajte ponovo."
#: templates/ERR_TOO_BIG:5
msgid "The request or reply is too large."
#: templates/ERR_TOO_BIG:3 templates/ERR_UNSUP_REQ:3
#: templates/ERR_WRITE_ERROR:3 templates/ERR_ZERO_SIZE_OBJECT:3
msgid "The requested URL could not be retrieved"
-msgstr "Tražena adresa (URL) ne može da se dovuèe"
+msgstr "Tražena adresa (URL) ne može da se učita"
#: templates/ERR_FTP_FAILURE:6 templates/ERR_FTP_FORBIDDEN:6
#: templates/ERR_FTP_NOT_FOUND:6 templates/ERR_FTP_PUT_ERROR:6
#: templates/ERR_FTP_UNAVAILABLE:6
msgid "The server responded with:"
-msgstr ""
+msgstr "Odgovor servera:"
#: templates/ERR_CONNECT_FAIL:6 templates/ERR_ICAP_FAILURE:6
#: templates/ERR_READ_ERROR:6 templates/ERR_READ_TIMEOUT:6
#: templates/ERR_SECURE_CONNECT_FAIL:6 templates/ERR_SOCKET_FAILURE:6
#: templates/ERR_WRITE_ERROR:6
msgid "The system returned: <i>%E</i>"
-msgstr "Sistem je dao povratnu informaciju: <i>%E</i>"
+msgstr "Odgovor sistema je: <i>%E</i>"
#: templates/ERR_NO_RELAY:6
+#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
-"Za ovaj proksi server nije definisan WAIS relay raèunar! Pitajte "
+"Za ovaj proksi server nije definisan WAIS server! Kritikujte vašeg "
"administratora."
#: templates/ERR_TOO_BIG:8
+#, fuzzy
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
-"Ove limite postavio je intenet servis provajder koji koristi ovaj proksi "
-"server. Ako smatrate da je to greška, molimo stupite u kontakt sa "
+"Ove limite postavio je intenet servis provajder koji upravlja ovim proksi "
+"serverom. Ako smatrate da je to greška, molimo stupite u kontakt sa "
"administratorom."
#: templates/ERR_UNSUP_HTTPVERSION:6
msgid "This Squid does not accept the HTTP version you are attempting to use."
-msgstr ""
+msgstr "Squid server ne može da obradi HTTP verziju koju koristite."
#: templates/ERR_FTP_DISABLED:6
msgid "This cache does not support FTP."
-msgstr "Ovaj proksi server ne omoguèava FTP saobraæaj."
+msgstr "Ovaj proksi server ne podržava FTP."
#: templates/ERR_SHUTTING_DOWN:5
+#, fuzzy
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
-"Ovaj proksi server je u procesu iskljuèivanja i ne može da izvrši zahtev u "
-"ovom trenutku. Molimo pokušajte ponovo uskoro."
+"Ovaj proksi server je u procesu isključivanja i ne može da izvrši vaš zahtev "
+"u ovom trenutku. Molimo pokušajte ponovo uskoro."
#: templates/ERR_FORWARDING_DENIED:6
+#, fuzzy
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"Ovaj proksi server neæe da prosledi vaš zahtev zato što pokušava da poštuje "
"webmastera o ovoj grešci."
#: templates/ERR_FTP_NOT_FOUND:7
+#, fuzzy
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"To može da bude prouzrokovano time što je FTP adresa (URL) sa apsolutnom "
#, fuzzy
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"Ovaj zahtev nije mogao da bude prosleðen izvonom serveru niti bilo kom "
"nadreðenom proxy serveru. Najverovatniji uzrok ove greške je da keš "
"administrator ne dozvoljava da ovaj proksi server direktno pristupi izvonom "
"serveru, svi konfigurisani nadreðeni proksi serveri su trenutno nedostupni."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "Nije moguæe odrediti IP adresu iz imena raèunara za <q>%H</q>"
"U kešu nije naðen validan dokument a specificirane je direktiva <q>only-if-"
"cached</q>."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr ""
"nije naðen u proksi arhivi, <em>ili</em> se zahteva revalidacija kojaje "
"zabranjena direktivom <q>only-if-cached</q>."
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "Odgovor nulte dužine"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "GREŠKA: Tražena podatak (URN) ne može da se učita"
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
-"PO-Revision-Date: 2009-11-11 10:15+0000\n"
-"Last-Translator: Fredrik Svensson <fredrik@member.fsf.org>\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
+"PO-Revision-Date: 2010-02-10 23:51+0000\n"
+"Last-Translator: Henrik Nordström <henrik@henriknordstrom.net>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
-"X-Generator: Translate Toolkit 1.4.0\n"
+"X-Generator: Translate Toolkit 1.5.3\n"
#: templates/ERR_DIR_LISTING:6
msgid "<a href=\"../\">Parent Directory</a> (<a href=\"/\">Root Directory</a>)"
"rfrågan skulle behandlas:"
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"En timeout inträffade i väntan på att få läsa "
"data från nätverket. Antingen är servern nere eller "
msgstr "Tillträde Nekas."
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"Tillträdeskontrollen förhindrar Er begäran från att "
msgstr "Svaret från ICAP servern är ogiltigt och kan inte tolkas."
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
"Ett fel inträffade vid försök att läsa data från "
"nätverket. Vänligen försök igen."
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
"Ett fel inträffade vid försök att skriva till nä"
#: templates/ERR_DIR_LISTING:3
msgid "Directory Content:"
-msgstr ""
+msgstr "Kataloginnehåll:"
#: templates/ERR_DIR_LISTING:4
msgid "Directory Listing"
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr "Katalog: <a href=\"%U\">%U</a>/"
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "FEL: Begärd URL kunde inte hämtas"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "FEL: Begärd URN kunde inte hämtas"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "FEL: Begärd URL kunde inte hämtas"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "Filen uppdaterades"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Vidarebefodran Nekad."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr "Skapad %T av %h (%s)"
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr ""
"Men hallå, förvänta dig inte för mycket från en "
"URNs på %T :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr "ICAP protokollfel."
msgid "Illegal double-escape in the URL-Path"
msgstr "Ej tillåten dubbel-escape i URL-Sökvägen"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "Felaktig URL"
msgid "Request is too large."
msgstr "Förfrågan är för stor."
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Socket Fel"
"\"%U\">%U</a>"
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
"Begärd värd eller nätverk kan vara nere. Vänligen "
"försök igen."
msgstr "Systemet returnerade: <i>%E</i>"
#: templates/ERR_NO_RELAY:6
+#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
"Det finns ingen WAIS Relay värd definerad för denna cache! Skrik "
"på din administratör."
#: templates/ERR_TOO_BIG:8
+#, fuzzy
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
"Dessa gränser är inställda av den Internet Leverantör "
#: templates/ERR_UNSUP_HTTPVERSION:6
msgid "This Squid does not accept the HTTP version you are attempting to use."
-msgstr ""
+msgstr "Squid fungerar inte med den versionen av HTTP som du försöker använda"
#: templates/ERR_FTP_DISABLED:6
msgid "This cache does not support FTP."
msgstr "Denna cache stödjer inte FTP."
#: templates/ERR_SHUTTING_DOWN:5
+#, fuzzy
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"Denna cache håller på att stänga av sig och kan dä"
"rför inte behandla din förfrågan. Vänligen fö"
"rsök igen lite senare."
#: templates/ERR_FORWARDING_DENIED:6
+#, fuzzy
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"Denna cache kommer inte vidarebefodra en begäran eftersom den fö"
"nligen kontakta den ansvariga för webbservern ifråga."
#: templates/ERR_FTP_NOT_FOUND:7
+#, fuzzy
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"Detta kan orsakas av en FTP URL med en absolut sökväg (vilket inte "
"de säkerhets alternativ eller certifikat som presenterades av servern."
#: templates/ERR_CANNOT_FORWARD:6
+#, fuzzy
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"Denna förfrågan kunde ej vidarebefodras till ursprunglig server "
"eller till överliggande cache-noder. Den mest sannolika anledningen "
"att göra direkta anslutningar till ursprungliga servrar, och alla ö"
"verliggande cache-noder kan ej nås för tillfället."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr ""
#: templates/ERR_UNSUP_HTTPVERSION:3 templates/ERR_UNSUP_HTTPVERSION:5
msgid "Unsupported HTTP version"
-msgstr ""
+msgstr "Icke stödd HTTP version"
#: templates/ERR_UNSUP_REQ:5
msgid "Unsupported Request Method and Protocol"
"Senaste dokumentet återfanns inte i cachen och <q>only-if-cached</q> "
"direktivet är satt."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr ""
"em> det krävs en uppdatering av cache databasen, men förhindras av "
"<q>only-if-cached</q> direktivet."
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "Storleken på svaret var lika med noll"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "FEL: Begärd URN kunde inte hämtas"
<p><b>Access Denied.</b></p>
</blockquote>
-<p>Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.</p>
+<p>Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.</p>
<p>Your cache administrator is <a href="mailto:%w%W">%w</a>.</p>
<br>
--- /dev/null
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html><head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<title>Web Browser Configuration</title>
+<style type="text/css"><!--
+ %l
+
+body
+:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }
+:lang(he) { direction: rtl; float: right; }
+ --></style>
+</head><body>
+<div id="titles">
+<h1>ERROR</h1>
+<h2>Web Browser Configuration</h2>
+</div>
+<hr>
+
+<div id="content">
+<blockquote id="error">
+<p>Your Web Browser configuration needs to be corrected to use this network.</p>
+</blockquote>
+
+<p>How to find these settings in your browser:</p>
+
+<div id="firefox">
+For Firefox browsers go to:
+<ul>
+<li>Tools -> Options -> Advanced -> Network -> Connection Settings</li>
+<li>In the HTTP proxy box type the proxy name %h and port 3128.</li>
+</ul>
+</div>
+
+<div id="microsoft">
+For Internet Explorer browsers go to:
+<ul>
+<li>Tools -> Internet Options -> Connection -> LAN Settings ->Proxy</li>
+<li>In the HTTP proxy box type the proxy name %h and port 3128.</li>
+</ul>
+</div>
+
+<div id="opera">
+For Opera browsers go to:
+<ul>
+<li>Tools -> Preferences -> Advanced -> Network -> Proxy Servers</li>
+<li>In the HTTP proxy box type the proxy name %h and port 3128.</li>
+</ul>
+</div>
+
+<p>Your cache administrator is <a href="mailto:%w%W">%w</a>.</p>
+<br>
+</div>
+
+<hr>
+<div id="footer">
+<p>Generated %T by %h (%s)</p>
+<!-- %c -->
+</div>
+</body></html>
--- /dev/null
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html><head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<title>Web Browser Configuration</title>
+<style type="text/css"><!--
+ %l
+
+body
+:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }
+:lang(he) { direction: rtl; float: right; }
+ --></style>
+</head><body>
+<div id="titles">
+<h1>ERROR</h1>
+<h2>Web Browser Configuration</h2>
+</div>
+<hr>
+
+<div id="content">
+<blockquote id="error">
+<p>Your Web Browser configuration needs to be corrected to use this network.</p>
+</blockquote>
+
+<p>How to find these settings in your browser:</p>
+
+<div id="firefox">
+For Firefox browsers go to:
+<ul>
+<li>Tools -> Options -> Advanced -> Network -> Connection Settings</li>
+</li>Select Auto-detect proxy settings for this network</li>
+</ul>
+</div>
+
+<div id="microsoft">
+For Internet Explorer browsers go to:
+<ul>
+<li>Tools -> Internet Options -> Connection -> LAN Settings ->Proxy</li>
+<li>Select Automatically detect settings</li>
+</ul>
+</div>
+
+<div id="opera">
+For Opera browsers go to:
+<ul>
+<li>Tools -> Preferences -> Advanced -> Network -> Proxy Servers</li>
+<li>Select Use Automatic proxy configuration</li>
+</ul>
+</div>
+
+<p>Your cache administrator is <a href="mailto:%w%W">%w</a>.</p>
+<br>
+</div>
+
+<hr>
+<div id="footer">
+<p>Generated %T by %h (%s)</p>
+<!-- %c -->
+</div>
+</body></html>
<p><b>Unable to forward this request at this time.</b></p>
</blockquote>
-<p>This request could not be forwarded to the origin server or to any parent caches. The most likely cause for this error is that the cache administrator does not allow this cache to make direct connections to origin servers, and all configured parent caches are currently unreachable.</p>
+<p>This request could not be forwarded to the origin server or to any parent caches. The most likely cause for this error is that the cache administrator does not allow this cache to make direct connections to origin servers, and all configured parent caches are currently unreachable.</p>
<p>Your cache administrator is <a href="mailto:%w%W">%w</a>.</p>
<p id="sysmsg">The system returned: <i>%E</i></p>
-<p>The remote host or network may be down. Please try the request again.</p>
+<p>The remote host or network may be down. Please try the request again.</p>
<p>Your cache administrator is <a href="mailto:%w%W">%w</a>.</p>
<p><b>Forwarding Denied.</b></p>
</blockquote>
-<p>This cache will not forward your request because it is trying to enforce a sibling relationship. Perhaps the client at %i is a cache which has been misconfigured.</p>
+<p>This cache will not forward your request because it is trying to enforce a sibling relationship. Perhaps the client at %i is a cache which has been misconfigured.</p>
<p>Your cache administrator is <a href="mailto:%w%W">%w</a>.</p>
<pre>%g</pre>
</blockquote>
-<p>This might be caused by an FTP URL with an absolute path (which does not comply with RFC 1738).
If this is the cause, then the file can be found at <a href="%B">%B</a>.</p>
+<p>This might be caused by an FTP URL with an absolute path (which does not comply with RFC 1738). If this is the cause, then the file can be found at <a href="%B">%B</a>.</p>
<p>Your cache administrator is <a href="mailto:%w%W">%w</a>.</p>
<br>
<li><p>Request is too large.</p></li>
<li><p>Content-Length missing for POST or PUT requests.</p></li>
<li><p>Illegal character in hostname; underscores are not allowed.</p></li>
+<li><p>HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software.</p></li>
</ul>
<p>Your cache administrator is <a href="mailto:%w%W">%w</a>.</p>
<p><b>No Wais Relay</b></p>
</blockquote>
-<p>There is no WAIS Relay host defined for this Cache! Yell at the administrator.</p>
+<p>There is no WAIS Relay host defined for this Cache! Yell at the administrator.</p>
<p>Your cache administrator is <a href="mailto:%w%W">%w</a>.</p>
<br>
<p id="sysmsg">The system returned: <i>%E</i></p>
-<p>An error condition occurred while reading data from the network. Please retry your request.</p>
+<p>An error condition occurred while reading data from the network. Please retry your request.</p>
<p>Your cache administrator is <a href="mailto:%w%W">%w</a>.</p>
<br>
<p id="sysmsg">The system returned: <i>%E</i></p>
-<p>A Timeout occurred while waiting to read data from the network. The network or server may be down or congested. Please retry your request.</p>
+<p>A Timeout occurred while waiting to read data from the network. The network or server may be down or congested. Please retry your request.</p>
<p>Your cache administrator is <a href="mailto:%w%W">%w</a>.</p>
<br>
<div id="content">
<p>The following error was encountered while trying to retrieve the URL: <a href="%U">%U</a></p>
-<p>This cache is in the process of shutting down and can not service your request at this time. Please retry your request again soon.</p>
+<p>This cache is in the process of shutting down and can not service your request at this time. Please retry your request again soon.</p>
<p>Your cache administrator is <a href="mailto:%w%W">%w</a>.</p>
<br>
<p>If you are making a POST or PUT request, then the item you are trying to upload is too large.</p>
<p>If you are making a GET request, then the item you are trying to download is too large.</p>
-<p>These limits have been established by the Internet Service Provider who operates this cache. Please contact them directly if you feel this is an error.</p>
+<p>These limits have been established by the Internet Service Provider who operates this cache. Please contact them directly if you feel this is an error.</p>
<p>Your cache administrator is <a href="mailto:%w%W">%w</a>.</p>
<br>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
-<title>ERROR: The requested URN not be retrieved</title>
+<title>ERROR: The requested URN could not be retrieved</title>
<style type="text/css"><!--
%l
<p id="sysmsg">The system returned: <i>%E</i></p>
-<p>An error condition occurred while writing to the network. Please retry your request.</p>
+<p>An error condition occurred while writing to the network. Please retry your request.</p>
<p>Your cache administrator is <a href="mailto:%w%W">%w</a>.</p>
<br>
msgstr ""
"Project-Id-Version: squid\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2009-06-11 06:25+0000\n"
"Last-Translator: Anon Sricharoenchai <Unknown>\n"
"Language-Team: Thai <th@li.org>\n"
msgstr ""
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
-msgstr ""
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
+msgstr "มีภาวะข้อผิดผลาดระหว่างที่กำลังรับข้อมูลจากระบบเครือข่าย. กรุณาเรียกดูใหม่อีกครั้ง."
#: templates/ERR_URN_RESOLVE:3
msgid "A URL for the requested URN could not be retrieved"
#: templates/ERR_ACCESS_DENIED:6
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
msgstr ""
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr "มีภาวะข้อผิดผลาดระหว่างที่กำลังรับข้อมูลจากระบบเครือข่าย. กรุณาเรียกดูใหม่อีกครั้ง."
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr "มีภาวะข้อผิดผลาดระหว่างที่กำลังส่งข้อมูลไปยังระบบเครือข่าย. กรุณาเรียกดูใหม่อีกครั้ง."
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr ""
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "ERROR: ไม่สามารถเรียกดู URL ที่ได้รับการร้องขอ"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "ERROR: ไม่สามารถเรียกดู URN ที่ได้รับการร้องขอ"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "ERROR: ไม่สามารถเรียกดู URL ที่ได้รับการร้องขอ"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "ไฟล์ถูกแทนที่ด้วยไฟล์ใหม่"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "การส่งต่อ (forwarding) ไม่ได้รับอนุญาต"
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr ""
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "เฮ้, อย่าคาดหวังจาก URN บน %T มากเกินไปนัก :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr "เกิดความผิดพลาดในโปรโตคอล ICAP"
msgid "Illegal double-escape in the URL-Path"
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "URL ผิดรูปแบบ (invalid)"
msgid "Request is too large."
msgstr "คำสั่งหรือคำร้อง (request) ที่ส่ง มีขนาดใหญ่เกินไป"
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "เกิดการล้มเหลวใน socket"
msgstr "พบความผิดพลาดดังต่อไปนี้ระหว่างที่พยายามเรียกดู URN: <a href=\"%U\">%U</a>"
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
#: templates/ERR_TOO_BIG:5
#: templates/ERR_NO_RELAY:6
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
#: templates/ERR_TOO_BIG:8
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
msgstr "ระบบแคชนี้ไม่รองรับ FTP"
#: templates/ERR_SHUTTING_DOWN:5
+#, fuzzy
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"ระบบแคชนี้กำลังเข้าสู่กระบวนการปิดระบบ และไม่สามารถให้บริการตามคำขอที่คุณเรียกใช้มา "
"ในขณะนี้. กรุณาเรียกใช้มาใหม่อีกครั้งในภายหลัง"
#: templates/ERR_FORWARDING_DENIED:6
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
#: templates/ERR_FTP_NOT_FOUND:7
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
#: templates/ERR_CANNOT_FORWARD:6
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
msgstr ""
#: templates/ERR_DNS_FAIL:5
"directive was specified."
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr "ระหว่างที่พยายาม PUT URL ต่อไปนี้: <a href=\"%U\">%U</a>"
"revalidation prohibited by the <q>only-if-cached</q> directive."
msgstr ""
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "สิ่งที่ตอบกลับมา ว่างเปล่า"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "ERROR: ไม่สามารถเรียกดู URN ที่ได้รับการร้องขอ"
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2010-01-10 15:46+0000\n"
"Last-Translator: Hüseyin Sevgi <hsevgi@msn.com>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
msgstr "<b>Geçersiz Yanıt</b> İşlem sırasında bir hata ile karşılaşıldı:"
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"İstemiş olduğunuz bilgileri ağdan okuma sırasında okuma zamanı doldu. Hedef "
"sunucu kapalı veya çok meşgul olabilir. Lütfen isteğinizi tekrar giriniz."
msgstr "Erişim Yasak."
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"Erişim kontrol mekanizması istediğiniz bilgilere ulaşmanızı yasaklıyor. "
msgstr "ICAP sunucusundan yasadışı bir yanıt alınmıştır."
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
"Ağdan bilgileri okuma sırasında hata oluştu. Lütfen isteğinizi tekrar "
"giriniz."
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
"Bilgiler ağ üzerine gönderilirken hata oluştu. Lütfen isteğinizi tekrar "
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr "Dizin: <a href=\"%U\">%U</a>/"
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "HATA: İstenilen URL'e ulaşılamadı"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "HATA: İstenilen URN'e ulaşılamadı"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "HATA: İstenilen URL'e ulaşılamadı"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "Dosya güncellendi."
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Yönlendirme yasak."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr "%h (%s) tarafından %T oluşturuldu"
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "%T de URN den fazla birsey beklemeyin. :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr "ICAP iletişim hatası."
msgid "Illegal double-escape in the URL-Path"
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "Yanlış URL."
msgid "Request is too large."
msgstr "İstenilen dosya çok büyük."
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Bağlantı hatası (Socket Failure)."
msgstr "URN: <a href=\"%U\">%U</a> erişilirken bir hata ile karşılaşıldı."
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
msgstr "Uzak bağlantı veya ağ bozuk olabilir. Lütfen tekrar deneyin."
#: templates/ERR_TOO_BIG:5
msgstr "Sistemden gelen mesaj: <i>%E</i>"
#: templates/ERR_NO_RELAY:6
+#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
"Bu Cache Sunucuda WAIS sunucu tanımlı değil. Lütfen Cache Yöneticisi ile "
"bağlantıya geçiniz."
#: templates/ERR_TOO_BIG:8
+#, fuzzy
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
"Bu sınırlar internet servis sağlayıcınız tarafından kurulmuştur. Eğer bunun "
msgstr "Bu cache sunucu FTP desteklemiyor."
#: templates/ERR_SHUTTING_DOWN:5
+#, fuzzy
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"Bu önbellik şuan kapatılıyor ve isteğinize cevap veremez. Lütfen kısa bir "
"süre sonra tekrar deneyin."
#: templates/ERR_FORWARDING_DENIED:6
+#, fuzzy
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"Bu Cache Sunucu, yapılan ayarlardan ve tanımlanan kullanıcı hakklarından "
#: templates/ERR_FTP_NOT_FOUND:7
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
msgstr ""
#: templates/ERR_CANNOT_FORWARD:6
+#, fuzzy
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"Bu istek şu anda başka bir Cache Sunucuya veya hedef WWW Sunucuya "
"yönlendirilemez.Bunun sebebi aşağıdakilerden herhangi biri olabilir cache "
"yöneticisi isteklerin hedef WWW sunucuya gitmesine izin vermiyor hiç bir ana "
"Cache Sunucuya şu anda ulaşılamıyor."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "<q>%H</q> isimli sunucuya ait herhangi bir IP adresi bulunamadı."
"İstediğiniz doğru doküman cache sunucusunda bulunamadı ve <q>only-if-cached</"
"q> (sadece Cache Sunucunda bulunuyor ise) tanımlı."
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr ""
"cache sunucusunda bulunamadı veya bu mekanizmanın izin vermediği tazeleme "
"yapılması gerekiyor."
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "Sıfır Uzunlukta cevap"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "HATA: İstenilen URN'e ulaşılamadı"
msgstr ""
"Project-Id-Version: squid\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2009-12-03 12:10+1300\n"
"Last-Translator: Feshchuk Yuriy <swopster@meta.ua>\n"
"Language-Team: Ukrainian <uk@li.org>\n"
msgstr "<b>Невірна відповідь</b> виникла при обробці запиту:"
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"Перевищено час очікування при отриманні даних з мережі. Мережа або сервер не "
"працюють чи перенавантажені. Будь-ласка, повторіть запит."
msgstr "Доступ заборонено"
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"Налаштування контролю доступу забороняє обробку Вашого запиту в даний час. "
msgstr "Отримано некоректну відповідь від сервера ICAP."
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
"Під час читання даних з мережі сталася помилка. Будь-ласка, повторіть запит."
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
"Під час відправлення даних в мережу виникла помилка. Будь-ласка, повторіть "
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr "Директорія: <a href=\"%U\">%U</a>/"
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "ПОМИЛКА: Запитаний URL не може бути отриманий"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "ПОМИЛКА: Запитаний URN не може бути отриманий"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "ПОМИЛКА: Запитаний URL не може бути отриманий"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "Файл поновлено"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Пересилку заборонено"
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr "Згенеровано %T на %h (%s)"
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
#, fuzzy
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "Не варто очікувати надто багато від URN'ів на %T."
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr "Помилка протоколу ICAP"
msgid "Illegal double-escape in the URL-Path"
msgstr "В шляху URL присутній зайвий символ <q>/</q>;"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "Недійсний URL"
msgid "Request is too large."
msgstr "Запит завеликий"
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Помилка TCP сокету"
msgstr "При отриманні URN: <a href=\"%U\">%U</a> виникла помилка."
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
"Віддалений вузел чи мережа не відповідають. Будь-ласка, повторіть запит."
msgstr "Система повідомляє: <i>%E</i>"
#: templates/ERR_NO_RELAY:6
+#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
"Для даного кешу не визначено WAIS Relay вузол. Покричіть на Адміністратора."
#: templates/ERR_TOO_BIG:8
+#, fuzzy
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
"Ці ліміти встановлено Інтернет постачальником, котрий керує даним кешом. "
msgstr "FTP відключено"
#: templates/ERR_SHUTTING_DOWN:5
+#, fuzzy
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"Зараз кеш в процесі припинення роботи і не може виконати Ваш запит. Будь-"
"ласка, повторіть запит через деякий час."
#: templates/ERR_FORWARDING_DENIED:6
+#, fuzzy
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"Цей кеш не перешле Ваш запит, через намагання встановити родинні "
"про цю помилку Вебмайстра."
#: templates/ERR_FTP_NOT_FOUND:7
+#, fuzzy
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"Це може бути викликано FTP адресою з абсолютним URL шляхом (який не "
"безпечні з'єднання, або кеш не задоволений сертифікатом безпечності вузла."
#: templates/ERR_CANNOT_FORWARD:6
+#, fuzzy
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"Даний запит не може бути пересланий ні до первинного сервера ні до будь-"
"якого з батьківських кешів. Найбільш ймовірною причиною є те, що "
"Адміністратор кешу заборонив здійснювати прямі з'єднання до первинних "
"серверів, та всі визначені батьківські кеш-сервера зараз недосяжні."
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "Неможливо визначити IP адресу вузла: <q>%H</q>"
"Необхідний документ не знайдений в кеші і визначена директива <q>only-if-"
"cached</q> (<q>тільки в кеші</q>)"
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr "При спробі помістити файл за адресою: <a href=\"%U\">%U</a> ."
"потребує оновлення, що заборонено директивою <q>only-if-cached</q> "
"(<q>тільки в кеші</q>)."
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "Відповідь нульової довжини"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "ПОМИЛКА: Запитаний URN не може бути отриманий"
msgstr ""
"Project-Id-Version: squid\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2009-03-14 16:45+0000\n"
"Last-Translator: Akmal Xushvaqov <akmalxster@gmail.com>\n"
"Language-Team: Uzbek <uz@li.org>\n"
msgstr "<b>Яроқсиз жавоб</b> хатолик сўров жараёнида яратилди :"
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"Тармоқдан маълумотлар ўқиш учун кутилаётганда узилиш рўй берди. Тармоқ ёки "
"сервер ўчирилган ёки ўчириб-ёқилган бўлиши мумкин . Илтимос, сўровингизни "
#: templates/ERR_ACCESS_DENIED:6
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
msgstr ""
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr ""
+"Тармоқдан маълумотлар ўқиш учун кутилаётганда узилиш рўй берди. Тармоқ ёки "
+"сервер ўчирилган ёки ўчириб-ёқилган бўлиши мумкин . Илтимос, сўровингизни "
+"қайта киритинг."
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr ""
+"Тармоқдан маълумотлар ўқиш учун кутилаётганда узилиш рўй берди. Тармоқ ёки "
+"сервер ўчирилган ёки ўчириб-ёқилган бўлиши мумкин . Илтимос, сўровингизни "
+"қайта киритинг."
#: templates/ERR_CACHE_ACCESS_DENIED:3 templates/ERR_CACHE_ACCESS_DENIED:5
msgid "Cache Access Denied."
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr "Директория: <a href=\"/\">%U</a>/"
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "ХАТО: Сўралган URL топилмади."
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "Хато: Сўралган URN топилмади"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "ХАТО: Сўралган URL топилмади."
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "Файл янгиланди"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "Узатиш рад қилинди."
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr "%h (%s) томонидан %T яратилган"
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "Эй, %T'даги URN'лардан кўп кутманг :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr "ICAP протоколда хатолик."
msgid "Illegal double-escape in the URL-Path"
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "Яроқсиз URL"
msgid "Request is too large."
msgstr "Сўров жуда катта."
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Сокет яроқсиз"
msgstr ""
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
msgstr ""
"Масофадаги ҳост ёки тармоқ ўчирилган бўлиши мумкин. Илтимос, суровингизни "
"қайтадан киритиб, уриниб кўринг."
#: templates/ERR_NO_RELAY:6
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
#: templates/ERR_TOO_BIG:8
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
#: templates/ERR_SHUTTING_DOWN:5
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
#: templates/ERR_FORWARDING_DENIED:6
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
#: templates/ERR_FTP_NOT_FOUND:7
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
#: templates/ERR_CANNOT_FORWARD:6
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
msgstr ""
#: templates/ERR_DNS_FAIL:5
"directive was specified."
msgstr ""
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr ""
"revalidation prohibited by the <q>only-if-cached</q> directive."
msgstr ""
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr ""
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "Хато: Сўралган URN топилмади"
--- /dev/null
+msgid ""
+msgstr ""
+"Project-Id-Version: Squid-3\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
+"PO-Revision-Date: 2010-04-28 16:17+0200\n"
+"Last-Translator: <clytie@riverland.net.au>\n"
+"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Language: vi\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+"X-Generator: Pootle 2.0.1\n"
+
+#: templates/ERR_DIR_LISTING:6
+msgid "<a href=\"../\">Parent Directory</a> (<a href=\"/\">Root Directory</a>)"
+msgstr "<a href=\"../\">Thư mục cấp trên</a> (<a href=\"/\">Thư mục gốc</a>)"
+
+#: templates/ERR_INVALID_REQ:4
+msgid ""
+"<b>Invalid Request</b> error was encountered while trying to process the "
+"request:"
+msgstr "Gặp một lỗi <b>Sai Yêu Cầu</b> trong khi thử xử lý yêu cầu :"
+
+#: templates/ERR_INVALID_RESP:4
+msgid ""
+"<b>Invalid Response</b> error was encountered while trying to process the "
+"request:"
+msgstr "Gặp một lỗi <b>Sai Đáp Ứng</b> trong khi thử xử lý yêu cầu :"
+
+#: templates/ERR_READ_TIMEOUT:7
+msgid ""
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
+msgstr ""
+"Quá hạn trong khi đợi đọc dữ liệu từ mạng. Có thể là mạng không chạy được "
+"hoặc bị tắc nghẽn. Hãy thử lại gửi yêu cầu."
+
+#: templates/ERR_URN_RESOLVE:3
+msgid "A URL for the requested URN could not be retrieved"
+msgstr "Không thể lấy được một địa chỉ URL cho URN yêu cầu"
+
+#: templates/ERR_ACCESS_DENIED:5
+msgid "Access Denied."
+msgstr "Truy cập bị từ chối."
+
+#: templates/ERR_ACCESS_DENIED:6
+msgid ""
+"Access control configuration prevents your request from being allowed at "
+"this time. Please contact your service provider if you feel this is "
+"incorrect."
+msgstr ""
+"Cấu hình điều khiển truy cập không cho phép bạn yêu cầu vào lúc này. Hãy "
+"liên lạc với nhà cung cấp dịch vụ nếu bạn thấy rằng trường hợp này không "
+"đúng."
+
+#: templates/ERR_FTP_FORBIDDEN:4
+msgid ""
+"An FTP authentication failure occurred while trying to retrieve the URL: <a "
+"href=\"%U\">%U</a>"
+msgstr ""
+"Gặp lỗi xác thực FTP trong khi thử lấy địa chỉ URL: <a href=\"%U\">%U</a>"
+
+#: templates/ERR_FTP_FAILURE:4
+msgid ""
+"An FTP protocol error occurred while trying to retrieve the URL: <a href=\"%U"
+"\">%U</a>"
+msgstr ""
+"Gặp lỗi giao thức FTP trong khi thử lấy địa chỉ URL: <a href=\"%U\">%U</a>"
+
+#: templates/ERR_ICAP_FAILURE:10
+msgid "An Illegal response was received from the ICAP server."
+msgstr "Nhận được một đáp ứng cấm từ máy phục vụ ICAP."
+
+#: templates/ERR_READ_ERROR:7
+msgid ""
+"An error condition occurred while reading data from the network. Please "
+"retry your request."
+msgstr "Gặp lỗi trong khi đọc dữ liệu từ mạng. Hãy thử lại gửi yêu cầu."
+
+#: templates/ERR_WRITE_ERROR:7
+msgid ""
+"An error condition occurred while writing to the network. Please retry your "
+"request."
+msgstr "Gặp lỗi trong khi ghi vào mạng. Hãy thử lại gửi yêu cầu."
+
+#: templates/ERR_CACHE_ACCESS_DENIED:3 templates/ERR_CACHE_ACCESS_DENIED:5
+msgid "Cache Access Denied."
+msgstr "Truy cập đến vùng nhớ tạm bị từ chối."
+
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:3
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:5
+msgid "Cache Manager Access Denied."
+msgstr "Truy cập đến trình quản lý vùng nhớ tạm bị từ chối."
+
+#: templates/ERR_URN_RESOLVE:5
+msgid "Cannot Resolve URN"
+msgstr "Không tìm thấy URN"
+
+#: templates/ERR_LIFETIME_EXP:5
+msgid "Connection Lifetime Expired"
+msgstr "Quá hạn kết nối"
+
+#: templates/ERR_CONNECT_FAIL:5
+msgid "Connection to %I failed."
+msgstr "Kết nối đến %I bị lỗi."
+
+#: templates/ERR_INVALID_REQ:10
+msgid "Content-Length missing for POST or PUT requests."
+msgstr ""
+"Dòng đầu chiều dài nội dung (Content-Length) bị thiếu trong yêu cầu POST hay "
+"PUT."
+
+#: templates/ERR_DIR_LISTING:3
+msgid "Directory Content:"
+msgstr "Nội dung thư mục:"
+
+#: templates/ERR_DIR_LISTING:4
+msgid "Directory Listing"
+msgstr "Danh sách thư mục"
+
+#: templates/ERR_DIR_LISTING:1
+msgid "Directory: %U"
+msgstr "Thư mục: %U"
+
+#: templates/ERR_DIR_LISTING:2
+msgid "Directory: <a href=\"%U\">%U</a>/"
+msgstr "Thư mục: <a href=\"%U\">%U</a>/"
+
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
+#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
+#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
+#: templates/ERR_FTP_FAILURE:2 templates/ERR_FTP_FORBIDDEN:2
+#: templates/ERR_FTP_NOT_FOUND:2 templates/ERR_FTP_PUT_ERROR:2
+#: templates/ERR_FTP_UNAVAILABLE:2 templates/ERR_ICAP_FAILURE:2
+#: templates/ERR_INVALID_REQ:2 templates/ERR_INVALID_RESP:2
+#: templates/ERR_INVALID_URL:2 templates/ERR_LIFETIME_EXP:2
+#: templates/ERR_NO_RELAY:2 templates/ERR_ONLY_IF_CACHED_MISS:2
+#: templates/ERR_READ_ERROR:2 templates/ERR_READ_TIMEOUT:2
+#: templates/ERR_SECURE_CONNECT_FAIL:2 templates/ERR_SHUTTING_DOWN:2
+#: templates/ERR_SOCKET_FAILURE:2 templates/ERR_TOO_BIG:2
+#: templates/ERR_UNSUP_HTTPVERSION:2 templates/ERR_UNSUP_REQ:2
+#: templates/ERR_URN_RESOLVE:2 templates/ERR_WRITE_ERROR:2
+#: templates/ERR_ZERO_SIZE_OBJECT:2
+msgid "ERROR"
+msgstr "LỖI"
+
+#: templates/ERR_CACHE_ACCESS_DENIED:1
+msgid "ERROR: Cache Access Denied"
+msgstr "LỖI: truy cập đến vùng nhớ tạm bị từ chối"
+
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:1
+msgid "ERROR: Cache Manager Access Denied"
+msgstr "LỖI: truy cập đến trình quản lý vùng nhớ tạm bị từ chối"
+
+#: templates/ERR_FTP_PUT_ERROR:1
+msgid "ERROR: FTP upload failed"
+msgstr "LỖI: không tải lên được qua FTP"
+
+#: templates/ERR_ACCESS_DENIED:1 templates/ERR_CANNOT_FORWARD:1
+#: templates/ERR_CONNECT_FAIL:1 templates/ERR_DNS_FAIL:1 templates/ERR_ESI:1
+#: templates/ERR_FORWARDING_DENIED:1 templates/ERR_FTP_DISABLED:1
+#: templates/ERR_FTP_FAILURE:1 templates/ERR_FTP_FORBIDDEN:1
+#: templates/ERR_FTP_NOT_FOUND:1 templates/ERR_FTP_UNAVAILABLE:1
+#: templates/ERR_ICAP_FAILURE:1 templates/ERR_INVALID_REQ:1
+#: templates/ERR_INVALID_RESP:1 templates/ERR_INVALID_URL:1
+#: templates/ERR_LIFETIME_EXP:1 templates/ERR_NO_RELAY:1
+#: templates/ERR_ONLY_IF_CACHED_MISS:1 templates/ERR_READ_ERROR:1
+#: templates/ERR_READ_TIMEOUT:1 templates/ERR_SECURE_CONNECT_FAIL:1
+#: templates/ERR_SHUTTING_DOWN:1 templates/ERR_SOCKET_FAILURE:1
+#: templates/ERR_TOO_BIG:1 templates/ERR_UNSUP_HTTPVERSION:1
+#: templates/ERR_UNSUP_REQ:1 templates/ERR_WRITE_ERROR:1
+#: templates/ERR_ZERO_SIZE_OBJECT:1
+msgid "ERROR: The requested URL could not be retrieved"
+msgstr "LỖI: không thể lấy địa chỉ URL yêu cầu"
+
+#: templates/ERR_URN_RESOLVE:1
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "LỖI: không thể lấy địa chỉ URL yêu cầu"
+
+#: templates/ERR_ESI:5
+msgid "ESI Processing failed."
+msgstr "Lỗi xử lý ESI."
+
+#: templates/ERR_FTP_PUT_CREATED:1
+msgid "FTP PUT Successful: File Created"
+msgstr "FTP PUT thành công: tập tin đã được tạo"
+
+#: templates/ERR_FTP_PUT_MODIFIED:1
+msgid "FTP PUT Successful: File Updated"
+msgstr "FTP PUT thành công: tập tin đã được cập nhật"
+
+#: templates/ERR_FTP_PUT_ERROR:3
+msgid "FTP PUT/upload failed"
+msgstr "Lỗi PUT hay tải lên qua FTP"
+
+#: templates/ERR_FTP_DISABLED:5
+msgid "FTP is Disabled"
+msgstr "Chức năng FTP bị tắt"
+
+#: templates/ERR_SECURE_CONNECT_FAIL:5
+msgid "Failed to establish a secure connection to %I"
+msgstr "Không thiết lập được một kết nối bảo mật đến %I"
+
+#: templates/ERR_FTP_PUT_CREATED:3
+msgid "File created"
+msgstr "Tập tin đã được tạo"
+
+#: templates/ERR_FTP_PUT_MODIFIED:3
+msgid "File updated"
+msgstr "Tập tin đã được cập nhật"
+
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr "Đối với trình duyệt Firefox thì thăm: <ul>"
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr "Đối với trình duyệt Internet Explorer (IE) thì thăm: <ul>"
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr "Đối với trình duyệt Opera thì thăm: <ul>"
+
+#: templates/ERR_FORWARDING_DENIED:5
+msgid "Forwarding Denied."
+msgstr "Chuyển tiếp bị từ chối."
+
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
+#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
+#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
+#: templates/ERR_FORWARDING_DENIED:8 templates/ERR_FTP_DISABLED:8
+#: templates/ERR_FTP_FAILURE:8 templates/ERR_FTP_FORBIDDEN:8
+#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
+#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
+#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
+#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
+#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
+#: templates/ERR_SECURE_CONNECT_FAIL:9 templates/ERR_SHUTTING_DOWN:7
+#: templates/ERR_SOCKET_FAILURE:9 templates/ERR_TOO_BIG:10
+#: templates/ERR_UNSUP_HTTPVERSION:8 templates/ERR_UNSUP_REQ:8
+#: templates/ERR_URN_RESOLVE:8 templates/ERR_WRITE_ERROR:9
+#: templates/ERR_ZERO_SIZE_OBJECT:8
+msgid "Generated %T by %h (%s)"
+msgstr "Tạo %T bởi %h (%s)"
+
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr "HTTP/1.1 <q>Mong đợi:</q> tính năng được yêu cầu từ phần mềm HTTP/1.0."
+
+#: templates/ERR_URN_RESOLVE:6
+msgid "Hey, don't expect too much from URNs on %T :)"
+msgstr "URN trên %T không có nhiều khả năng."
+
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr "Cách tìm thiết lập này trong trình duyệt:"
+
+#: templates/ERR_ICAP_FAILURE:5
+msgid "ICAP protocol error."
+msgstr "Lỗi giao thức ICAP."
+
+#: templates/ERR_TOO_BIG:7
+msgid ""
+"If you are making a GET request, then the item you are trying to download is "
+"too large."
+msgstr "Gửi một yêu cầu GET (lấy) thì bạn đang thử tải về một mục quá lớn."
+
+#: templates/ERR_TOO_BIG:6
+msgid ""
+"If you are making a POST or PUT request, then the item you are trying to "
+"upload is too large."
+msgstr ""
+"Gửi một yêu cầu POST (gửi) hay PUT (để) thì bạn đang thử tải lên một mục quá "
+"lớn."
+
+#: templates/ERR_INVALID_REQ:11 templates/ERR_INVALID_URL:11
+msgid "Illegal character in hostname; underscores are not allowed."
+msgstr "Gặp ký tự cấm trong tên máy: không cho phép dùng dấu gạch dưới."
+
+#: templates/ERR_INVALID_URL:10
+msgid "Illegal double-escape in the URL-Path"
+msgstr "Gặp ký tự thoát đôi cấm trong đường dẫn URL"
+
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr "Trong hộp ủy nhiệm HTTP, gõ tên ủy nhiệm %h và cổng 3128."
+
+#: templates/ERR_INVALID_URL:5
+msgid "Invalid URL"
+msgstr "URL sai"
+
+#: templates/ERR_INVALID_REQ:8
+msgid "Missing HTTP Identifier (HTTP/1.0)."
+msgstr "Thiếu dấu nhận diện HTTP (HTTP/1.0)."
+
+#: templates/ERR_INVALID_REQ:7
+msgid "Missing URL."
+msgstr "URL còn thiếu."
+
+#: templates/ERR_INVALID_URL:9
+msgid "Missing hostname"
+msgstr "Tên máy còn thiếu"
+
+#: templates/ERR_INVALID_URL:8
+msgid ""
+"Missing or incorrect access protocol (should be <q>http://</q> or similar)"
+msgstr ""
+"Giao thức truy cập còn thiếu hay sai (nên là <q>http://</q> hay tương tự)"
+
+#: templates/ERR_INVALID_REQ:6
+msgid "Missing or unknown request method."
+msgstr "Phương pháp truy cập còn thiếu hay không rõ."
+
+#: templates/ERR_NO_RELAY:5
+msgid "No Wais Relay"
+msgstr "Không có bộ tiếp lại WAIS"
+
+#: templates/ERR_FTP_PUT_CREATED:2 templates/ERR_FTP_PUT_MODIFIED:2
+msgid "Operation successful"
+msgstr "Thao tác thành công"
+
+#: templates/ERR_DIR_LISTING:5
+msgid "Parent Directory"
+msgstr "Thư mục cấp trên"
+
+#: templates/ERR_CACHE_ACCESS_DENIED:7
+msgid ""
+"Please contact the <a href=\"mailto:%w%W\">cache administrator</a> if you "
+"have difficulties authenticating yourself or <a href=\"http://%h/cgi-bin/"
+"chpasswd.cgi\">change</a> your default password."
+msgstr ""
+"Hãy liên lạc với <a href=\"mailto:%w%W\">quản trị vùng nhớ tạm</a> nếu bạn "
+"gặp khó khăn trong việc tự xác thực, hoặc bạn <a href=\"http://%h/cgi-bin/"
+"chpasswd.cgi\">thay đổi</a> mật khẩu mặc định của mình."
+
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:7
+msgid ""
+"Please contact the <a href=\"mailto:%w%W\">cache administrator</a> if you "
+"have difficulties authenticating yourself or, if you <em>are</em> the "
+"administrator, read Squid documentation on cache manager interface and check "
+"cache log for more detailed error messages."
+msgstr ""
+"Hãy liên lạc với <a href=\"mailto:%w%W\">quản trị vùng nhớ tạm</a> nếu bạn "
+"gặp khó khăn trong việc tự xác thực, hoặc nếu bạn <em>có phải</em> là quản "
+"trị thì đọc tài liệu hướng dẫn Squid về giao diện quản lý vùng nhớ tạm và "
+"kiểm tra lại sổ theo dõi vùng nhớ tạm có thông điệp lỗi chi tiết hơn không."
+
+#: templates/ERR_READ_ERROR:5
+msgid "Read Error"
+msgstr "Lỗi đọc"
+
+#: templates/ERR_READ_TIMEOUT:5
+msgid "Read Timeout"
+msgstr "Quá hạn đọc"
+
+#: templates/ERR_INVALID_REQ:9
+msgid "Request is too large."
+msgstr "Yêu cầu quá lớn."
+
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr "Bật tùy chọn Tự động phát hiện thiết lập"
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr "Bật tùy chọn Dùng tự động cấu hình ủy nhiệm"
+
+#: templates/ERR_SOCKET_FAILURE:5
+msgid "Socket Failure"
+msgstr "Lỗi ổ cắm"
+
+#: templates/ERR_INVALID_URL:6
+msgid "Some aspect of the requested URL is incorrect."
+msgstr "Địa chỉ URL yêu cầu có một phần không đúng."
+
+#: templates/ERR_ICAP_FAILURE:8 templates/ERR_INVALID_REQ:5
+#: templates/ERR_INVALID_URL:7
+msgid "Some possible problems are:"
+msgstr "Một số vấn đề có thể gặp:"
+
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:6
+msgid ""
+"Sorry, you are not currently allowed to request %U from this cache manager "
+"until you have authenticated yourself."
+msgstr ""
+"Để yêu cầu %U từ trình quản lý vùng nhớ tạm này thì trước tiên bạn cần phải "
+"tự xác thực."
+
+#: templates/ERR_CACHE_ACCESS_DENIED:6
+msgid ""
+"Sorry, you are not currently allowed to request %U from this cache until you "
+"have authenticated yourself."
+msgstr ""
+"Để yêu cầu %U từ vùng nhớ tạm này thì trước tiên bạn cần phải tự xác thực."
+
+#: templates/ERR_ZERO_SIZE_OBJECT:6
+msgid "Squid did not receive any data for this request."
+msgstr "Squid chưa nhận dữ liệu cho yêu cầu này."
+
+#: templates/ERR_UNSUP_REQ:6
+msgid ""
+"Squid does not support all request methods for all access protocols. For "
+"example, you can not POST a Gopher request."
+msgstr ""
+"Squid không hỗ trợ tất cả các phương pháp yêu cầu cho mỗi giao thức truy "
+"cập. Chẳng hạn, bạn không có khả năng POST một yêu cầu Gopher."
+
+#: templates/ERR_LIFETIME_EXP:6
+msgid ""
+"Squid has terminated the request because it has exceeded the maximum "
+"connection lifetime."
+msgstr "Squid đã chấm dứt yêu cầu vì nó vượt quá thời gian kết nối tối đa."
+
+#: templates/ERR_SOCKET_FAILURE:7
+msgid ""
+"Squid is unable to create a TCP socket, presumably due to excessive load. "
+"Please retry your request."
+msgstr ""
+"Squid không thể tạo một ổ cắm TCP, giả sử do trọng tải quá lớn. Hãy thử lại "
+"gửi yêu cầu."
+
+#: templates/ERR_FTP_FAILURE:5 templates/ERR_FTP_FORBIDDEN:5
+#: templates/ERR_FTP_NOT_FOUND:5 templates/ERR_FTP_PUT_ERROR:5
+#: templates/ERR_FTP_UNAVAILABLE:5
+msgid "Squid sent the following FTP command:"
+msgstr "Squid đã gửi lệnh FTP theo đây:"
+
+#: templates/ERR_DNS_FAIL:6
+msgid "The DNS server returned:"
+msgstr "Máy phục vụ DNS trả lại:"
+
+#: templates/ERR_ESI:6
+msgid "The ESI processor returned:"
+msgstr "Bộ xử lý ESI trả lại:"
+
+#: templates/ERR_FTP_UNAVAILABLE:4
+msgid "The FTP server was too busy to retrieve the URL: <a href=\"%U\">%U</a>"
+msgstr "Máy phục vụ FTP quá bận để lấy địa chỉ URL: <a href=\"%U\">%U</a>"
+
+#: templates/ERR_INVALID_RESP:5
+msgid ""
+"The HTTP Response message received from the contacted server could not be "
+"understood or was otherwise malformed. Please contact the site operator."
+msgstr ""
+
+#: templates/ERR_ICAP_FAILURE:9
+msgid "The ICAP server is not reachable."
+msgstr ""
+
+#: templates/ERR_FTP_NOT_FOUND:4
+msgid "The following URL could not be retrieved: <a href=\"%U\">%U</a>"
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:4 templates/ERR_CACHE_ACCESS_DENIED:4
+#: templates/ERR_CACHE_MGR_ACCESS_DENIED:4 templates/ERR_CANNOT_FORWARD:4
+#: templates/ERR_CONNECT_FAIL:4 templates/ERR_DNS_FAIL:4 templates/ERR_ESI:4
+#: templates/ERR_FORWARDING_DENIED:4 templates/ERR_FTP_DISABLED:4
+#: templates/ERR_ICAP_FAILURE:4 templates/ERR_INVALID_URL:4
+#: templates/ERR_LIFETIME_EXP:4 templates/ERR_NO_RELAY:4
+#: templates/ERR_ONLY_IF_CACHED_MISS:4 templates/ERR_READ_ERROR:4
+#: templates/ERR_READ_TIMEOUT:4 templates/ERR_SECURE_CONNECT_FAIL:4
+#: templates/ERR_SHUTTING_DOWN:4 templates/ERR_SOCKET_FAILURE:4
+#: templates/ERR_TOO_BIG:4 templates/ERR_UNSUP_HTTPVERSION:4
+#: templates/ERR_UNSUP_REQ:4 templates/ERR_WRITE_ERROR:4
+#: templates/ERR_ZERO_SIZE_OBJECT:4
+msgid ""
+"The following error was encountered while trying to retrieve the URL: <a "
+"href=\"%U\">%U</a>"
+msgstr ""
+
+#: templates/ERR_URN_RESOLVE:4
+msgid ""
+"The following error was encountered while trying to retrieve the URN: <a "
+"href=\"%U\">%U</a>"
+msgstr ""
+
+#: templates/ERR_CONNECT_FAIL:7
+msgid "The remote host or network may be down. Please try the request again."
+msgstr ""
+
+#: templates/ERR_TOO_BIG:5
+msgid "The request or reply is too large."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:3 templates/ERR_CANNOT_FORWARD:3
+#: templates/ERR_CONNECT_FAIL:3 templates/ERR_DNS_FAIL:3 templates/ERR_ESI:3
+#: templates/ERR_FORWARDING_DENIED:3 templates/ERR_FTP_DISABLED:3
+#: templates/ERR_FTP_FAILURE:3 templates/ERR_FTP_FORBIDDEN:3
+#: templates/ERR_FTP_NOT_FOUND:3 templates/ERR_FTP_UNAVAILABLE:3
+#: templates/ERR_ICAP_FAILURE:3 templates/ERR_INVALID_REQ:3
+#: templates/ERR_INVALID_RESP:3 templates/ERR_INVALID_URL:3
+#: templates/ERR_LIFETIME_EXP:3 templates/ERR_NO_RELAY:3
+#: templates/ERR_ONLY_IF_CACHED_MISS:3 templates/ERR_READ_ERROR:3
+#: templates/ERR_READ_TIMEOUT:3 templates/ERR_SECURE_CONNECT_FAIL:3
+#: templates/ERR_SHUTTING_DOWN:3 templates/ERR_SOCKET_FAILURE:3
+#: templates/ERR_TOO_BIG:3 templates/ERR_UNSUP_REQ:3
+#: templates/ERR_WRITE_ERROR:3 templates/ERR_ZERO_SIZE_OBJECT:3
+msgid "The requested URL could not be retrieved"
+msgstr ""
+
+#: templates/ERR_FTP_FAILURE:6 templates/ERR_FTP_FORBIDDEN:6
+#: templates/ERR_FTP_NOT_FOUND:6 templates/ERR_FTP_PUT_ERROR:6
+#: templates/ERR_FTP_UNAVAILABLE:6
+msgid "The server responded with:"
+msgstr ""
+
+#: templates/ERR_CONNECT_FAIL:6 templates/ERR_ICAP_FAILURE:6
+#: templates/ERR_READ_ERROR:6 templates/ERR_READ_TIMEOUT:6
+#: templates/ERR_SECURE_CONNECT_FAIL:6 templates/ERR_SOCKET_FAILURE:6
+#: templates/ERR_WRITE_ERROR:6
+msgid "The system returned: <i>%E</i>"
+msgstr ""
+
+#: templates/ERR_NO_RELAY:6
+msgid ""
+"There is no WAIS Relay host defined for this Cache! Yell at the "
+"administrator."
+msgstr ""
+
+#: templates/ERR_TOO_BIG:8
+msgid ""
+"These limits have been established by the Internet Service Provider who "
+"operates this cache. Please contact them directly if you feel this is an "
+"error."
+msgstr ""
+
+#: templates/ERR_UNSUP_HTTPVERSION:6
+msgid "This Squid does not accept the HTTP version you are attempting to use."
+msgstr ""
+
+#: templates/ERR_FTP_DISABLED:6
+msgid "This cache does not support FTP."
+msgstr ""
+
+#: templates/ERR_SHUTTING_DOWN:5
+msgid ""
+"This cache is in the process of shutting down and can not service your "
+"request at this time. Please retry your request again soon."
+msgstr ""
+
+#: templates/ERR_FORWARDING_DENIED:6
+msgid ""
+"This cache will not forward your request because it is trying to enforce a "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
+"misconfigured."
+msgstr ""
+
+#: templates/ERR_ICAP_FAILURE:7
+msgid "This means that some aspect of the ICAP communication failed."
+msgstr ""
+
+#: templates/ERR_FTP_PUT_ERROR:7
+msgid ""
+"This means that the FTP server may not have permission or space to store the "
+"file. Check the path, permissions, diskspace and try again."
+msgstr ""
+
+#: templates/ERR_DNS_FAIL:7
+msgid ""
+"This means that the cache was not able to resolve the hostname presented in "
+"the URL. Check if the address is correct."
+msgstr ""
+
+#: templates/ERR_ESI:7
+msgid ""
+"This means that the surrogate was not able to process the ESI template. "
+"Please report this error to the webmaster."
+msgstr ""
+
+#: templates/ERR_FTP_NOT_FOUND:7
+msgid ""
+"This might be caused by an FTP URL with an absolute path (which does not "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
+"<a href=\"%B\">%B</a>."
+msgstr ""
+
+#: templates/ERR_SECURE_CONNECT_FAIL:7
+msgid ""
+"This proxy and the remote host failed to negotiate a mutually acceptable "
+"security settings for handling your request. It is possible that the remote "
+"host does not support secure connections, or the proxy is not satisfied with "
+"the host security credentials."
+msgstr ""
+
+#: templates/ERR_CANNOT_FORWARD:6
+msgid ""
+"This request could not be forwarded to the origin server or to any parent "
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
+#: templates/ERR_DNS_FAIL:5
+msgid "Unable to determine IP address from host name <q>%H</q>"
+msgstr ""
+
+#: templates/ERR_CANNOT_FORWARD:5
+msgid "Unable to forward this request at this time."
+msgstr ""
+
+#: templates/ERR_UNSUP_HTTPVERSION:3 templates/ERR_UNSUP_HTTPVERSION:5
+msgid "Unsupported HTTP version"
+msgstr ""
+
+#: templates/ERR_UNSUP_REQ:5
+msgid "Unsupported Request Method and Protocol"
+msgstr ""
+
+#: templates/ERR_ONLY_IF_CACHED_MISS:5
+msgid ""
+"Valid document was not found in the cache and <q>only-if-cached</q> "
+"directive was specified."
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
+#: templates/ERR_FTP_PUT_ERROR:4
+msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
+msgstr ""
+
+#: templates/ERR_WRITE_ERROR:5
+msgid "Write Error"
+msgstr ""
+
+#: templates/ERR_ONLY_IF_CACHED_MISS:6
+msgid ""
+"You have issued a request with a <q>only-if-cached</q> cache control "
+"directive. The document was not found in the cache, <em>or</em> it required "
+"revalidation prohibited by the <q>only-if-cached</q> directive."
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
+#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
+#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
+#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
+#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
+#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
+#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
+#: templates/ERR_READ_TIMEOUT:8 templates/ERR_SECURE_CONNECT_FAIL:8
+#: templates/ERR_SHUTTING_DOWN:6 templates/ERR_SOCKET_FAILURE:8
+#: templates/ERR_TOO_BIG:9 templates/ERR_UNSUP_HTTPVERSION:7
+#: templates/ERR_UNSUP_REQ:7 templates/ERR_URN_RESOLVE:7
+#: templates/ERR_WRITE_ERROR:8 templates/ERR_ZERO_SIZE_OBJECT:7
+msgid "Your cache administrator is <a href=\"mailto:%w%W\">%w</a>."
+msgstr ""
+
+#: templates/ERR_INVALID_RESP:6
+msgid ""
+"Your cache administrator may be able to provide you with more details about "
+"the exact nature of the problem if needed."
+msgstr ""
+
+#: templates/ERR_ESI:8
+msgid "Your webmaster is <a href=\"mailto:%w\">%w</a>."
+msgstr ""
+
+#: templates/ERR_ZERO_SIZE_OBJECT:5
+msgid "Zero Sized Reply"
+msgstr ""
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "LỖI: không thể lấy URN yêu cầu"
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2009-10-28 11:35+0000\n"
"Last-Translator: 王英华 <wantinghard@gmail.com>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
msgstr "<b>非法响应</b> 尝试处理请求时发生错误:"
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"等待从网络读取数据时发生超时。 网络或服务器下线或拥挤。 请重新发送你的请求。"
msgstr "访问被拒绝。"
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"当前的存取控制设定禁止您的请求被接受,如果您觉得这是错误的,请与您网路服务的"
msgstr "收到来自 ICAP 服务器的一个非法响应。"
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr "正在通过网络读取数据时发生了错误,请重新尝试。"
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr "通过网络写入数据时发生了错误,请重新尝试。"
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr "文件夹: <a href=\"%U\">%U</a>/"
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "错误: 不能获取请求的 URL"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "错误: 没有获取到请求的 URN"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "错误: 不能获取请求的 URL"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "文件已更新"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "拒绝转送"
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr "已由 %h (%s) 生成 %T"
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "抱歉!您不能对 %T 上的 URNs 期待太多 :)"
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr "ICAP 协议错误。"
msgid "Illegal double-escape in the URL-Path"
msgstr "网址路径中有不合法双重转义符"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "无效的网址"
msgid "Request is too large."
msgstr "请求命令过长"
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Socket 建立失败"
msgstr "当尝试读取以下 URN 时: <a href=\"%U\">%U</a>"
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
msgstr "您要连结的网络服务器或网络可能发生故障。请稍后再试。"
#: templates/ERR_TOO_BIG:5
msgstr "系统返回以下内容:<i>%E</i>"
#: templates/ERR_NO_RELAY:6
+#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr "本缓存服务器没有设定 WAIS 中继主机!如有疑问请与缓存服务器管理员联系。"
#: templates/ERR_TOO_BIG:8
+#, fuzzy
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
"这些长度限制由操作本缓存服务器的服务提供者制定。如果您觉得这是错误的,请与他"
msgstr "本缓存服务器未开放文件传输服务。"
#: templates/ERR_SHUTTING_DOWN:5
+#, fuzzy
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr "本缓存服务器正在关闭,暂时无法为您服务。请稍侯再试。"
#: templates/ERR_FORWARDING_DENIED:6
+#, fuzzy
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"本缓存服务器无法转送您的请求,也许您是通过一个并未被本缓存服务器设定为允许存"
msgstr "这意味着代理不能处理 ESI 模板。请向网站管理员报告这个错误。"
#: templates/ERR_FTP_NOT_FOUND:7
+#, fuzzy
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
"这可能是由于 FTP 网址(URL)中包含了绝对路径所致(不符合 RFC1738)。如果真的"
"端计算机不支持安全连接,或者代理对主机的安全凭据不认可。"
#: templates/ERR_CANNOT_FORWARD:6
+#, fuzzy
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"您的请求无法被转送到原始网络服务器或其他的上层缓存服务器,发生这个问题最可能"
"的原因是缓存服务器管理员不允许本服务器与原始网络服务器直接连结,而 所有本服务"
"器指定的上层缓存服务器都暂时无法连结。"
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "不能由主机名 <q>%H</q> 确定 IP 地址。"
"请求的文件在本缓存服务器上未找到,而您设定了<q>only-if-cached</q>(只读取缓"
"存)指令。"
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr "当尝试上传(PUT)到以下位置时: <a href=\"%U\">%U</a>"
"而所要的文件并未存在于本缓存服务器中,<em>或者</em>这个连结请求需要刷新文件"
"而 <q>only-if-cached</q> 指令禁止这么做。"
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "响应内容长度为零"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "错误: 没有获取到请求的 URN"
msgstr ""
"Project-Id-Version: Squid-3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2010-02-13 00:05+1300\n"
+"POT-Creation-Date: 2010-05-01 00:17+1300\n"
"PO-Revision-Date: 2009-06-05 16:09+1300\n"
"Last-Translator: Erick C. Chang <erick@mail.thu.edu.tw>\n"
"Language-Team: Squid Developers <squid-dev@squid-cache.org>\n"
msgstr ""
#: templates/ERR_READ_TIMEOUT:7
+#, fuzzy
msgid ""
-"A Timeout occurred while waiting to read data from the network. The network "
-"or server may be down or congested. Please retry your request."
+"A Timeout occurred while waiting to read data from the network. The network "
+"or server may be down or congested. Please retry your request."
msgstr ""
"當透過網路讀取資料時,超過了等待時限。這可能是因為網路或是欲連結的網站伺服器"
"發生壅塞或損壞。請重新嘗試一遍您的連結要求。"
msgstr "存取被拒絕"
#: templates/ERR_ACCESS_DENIED:6
+#, fuzzy
msgid ""
"Access control configuration prevents your request from being allowed at "
-"this time. Please contact your service provider if you feel this is "
+"this time. Please contact your service provider if you feel this is "
"incorrect."
msgstr ""
"欲連結之網站的存取控制設定目前禁止了您的連線要求,如果您覺得得到這樣的訊息並"
msgstr ""
#: templates/ERR_READ_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while reading data from the network. Please "
+"An error condition occurred while reading data from the network. Please "
"retry your request."
msgstr "正在透過網路讀取資料時發生了錯誤的情況,請再嘗試一遍您的連結要求。"
#: templates/ERR_WRITE_ERROR:7
+#, fuzzy
msgid ""
-"An error condition occurred while writing to the network. Please retry your "
+"An error condition occurred while writing to the network. Please retry your "
"request."
msgstr "正在透過網路寫入資料時發生了錯誤的情況,請重新嘗試一遍您的連結要求。"
msgid "Directory: <a href=\"%U\">%U</a>/"
msgstr ""
-#: templates/ERR_ACCESS_DENIED:2 templates/ERR_CACHE_ACCESS_DENIED:2
+#: templates/ERR_ACCESS_DENIED:2 templates/ERR_AGENT_CONFIGURE:2
+#: templates/ERR_AGENT_WPAD:2 templates/ERR_CACHE_ACCESS_DENIED:2
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:2 templates/ERR_CANNOT_FORWARD:2
#: templates/ERR_CONNECT_FAIL:2 templates/ERR_DNS_FAIL:2 templates/ERR_ESI:2
#: templates/ERR_FORWARDING_DENIED:2 templates/ERR_FTP_DISABLED:2
msgstr "錯誤: 欲連結之網址(URL)無法正確的傳回"
#: templates/ERR_URN_RESOLVE:1
-msgid "ERROR: The requested URN not be retrieved"
-msgstr "錯誤:欲連結之網址(URL)無法正確的傳回"
+#, fuzzy
+msgid "ERROR: The requested URN could not be retrieved"
+msgstr "錯誤: 欲連結之網址(URL)無法正確的傳回"
#: templates/ERR_ESI:5
msgid "ESI Processing failed."
msgid "File updated"
msgstr "檔案已被更新了"
+#: templates/ERR_AGENT_CONFIGURE:6 templates/ERR_AGENT_WPAD:6
+msgid "For Firefox browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:9 templates/ERR_AGENT_WPAD:8
+msgid "For Internet Explorer browsers go to: <ul>"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:12 templates/ERR_AGENT_WPAD:11
+msgid "For Opera browsers go to: <ul>"
+msgstr ""
+
#: templates/ERR_FORWARDING_DENIED:5
msgid "Forwarding Denied."
msgstr "轉送要求被拒"
-#: templates/ERR_ACCESS_DENIED:8 templates/ERR_CACHE_ACCESS_DENIED:8
+#: templates/ERR_ACCESS_DENIED:8 templates/ERR_AGENT_CONFIGURE:16
+#: templates/ERR_AGENT_WPAD:15 templates/ERR_CACHE_ACCESS_DENIED:8
#: templates/ERR_CACHE_MGR_ACCESS_DENIED:8 templates/ERR_CANNOT_FORWARD:8
#: templates/ERR_CONNECT_FAIL:9 templates/ERR_DIR_LISTING:7
#: templates/ERR_DNS_FAIL:9 templates/ERR_ESI:9
#: templates/ERR_FTP_NOT_FOUND:9 templates/ERR_FTP_PUT_CREATED:4
#: templates/ERR_FTP_PUT_ERROR:9 templates/ERR_FTP_PUT_MODIFIED:4
#: templates/ERR_FTP_UNAVAILABLE:8 templates/ERR_ICAP_FAILURE:11
-#: templates/ERR_INVALID_REQ:13 templates/ERR_INVALID_RESP:8
+#: templates/ERR_INVALID_REQ:14 templates/ERR_INVALID_RESP:8
#: templates/ERR_INVALID_URL:13 templates/ERR_LIFETIME_EXP:8
#: templates/ERR_NO_RELAY:8 templates/ERR_ONLY_IF_CACHED_MISS:8
#: templates/ERR_READ_ERROR:9 templates/ERR_READ_TIMEOUT:9
msgid "Generated %T by %h (%s)"
msgstr ""
+#: templates/ERR_INVALID_REQ:12
+msgid ""
+"HTTP/1.1 <q>Expect:</q> feature is being asked from an HTTP/1.0 software."
+msgstr ""
+
#: templates/ERR_URN_RESOLVE:6
msgid "Hey, don't expect too much from URNs on %T :)"
msgstr "抱歉!您不能對 URNs 在 %T 上期待太多 :) "
+#: templates/ERR_AGENT_CONFIGURE:5 templates/ERR_AGENT_WPAD:5
+msgid "How to find these settings in your browser:"
+msgstr ""
+
#: templates/ERR_ICAP_FAILURE:5
msgid "ICAP protocol error."
msgstr ""
msgid "Illegal double-escape in the URL-Path"
msgstr "不合法的網站連結路徑(缺少 <q>//</q>)"
+#: templates/ERR_AGENT_CONFIGURE:8 templates/ERR_AGENT_CONFIGURE:11
+#: templates/ERR_AGENT_CONFIGURE:14
+msgid "In the HTTP proxy box type the proxy name %h and port 3128."
+msgstr ""
+
#: templates/ERR_INVALID_URL:5
msgid "Invalid URL"
msgstr "不正確的位置"
msgid "Request is too large."
msgstr "要求命令過長"
+#: templates/ERR_AGENT_WPAD:10
+msgid "Select Automatically detect settings"
+msgstr ""
+
+#: templates/ERR_AGENT_WPAD:13
+msgid "Select Use Automatic proxy configuration"
+msgstr ""
+
#: templates/ERR_SOCKET_FAILURE:5
msgid "Socket Failure"
msgstr "Socket 建立失敗"
msgstr ""
#: templates/ERR_CONNECT_FAIL:7
-msgid "The remote host or network may be down. Please try the request again."
+#, fuzzy
+msgid "The remote host or network may be down. Please try the request again."
msgstr "您欲連結的網站伺服器或是網路可能發生故障。請稍後再試。"
#: templates/ERR_TOO_BIG:5
msgstr "系統回應了下列錯誤訊息:<i>%E</i>"
#: templates/ERR_NO_RELAY:6
+#, fuzzy
msgid ""
-"There is no WAIS Relay host defined for this Cache! Yell at the "
+"There is no WAIS Relay host defined for this Cache! Yell at the "
"administrator."
msgstr ""
"本快取伺服器未提供 WAIS 廣域資訊伺服器服務!如有疑問請洽快取伺服器管理者。"
#: templates/ERR_TOO_BIG:8
msgid ""
"These limits have been established by the Internet Service Provider who "
-"operates this cache. Please contact them directly if you feel this is an "
+"operates this cache. Please contact them directly if you feel this is an "
"error."
msgstr ""
msgstr "本快取伺服器並未開放支援檔案傳輸服務。"
#: templates/ERR_SHUTTING_DOWN:5
+#, fuzzy
msgid ""
"This cache is in the process of shutting down and can not service your "
-"request at this time. Please retry your request again soon."
+"request at this time. Please retry your request again soon."
msgstr ""
"本網路快取伺服器目前正在進行關閉程序,暫時無法對您的連線要求提供服務。請稍待"
"片刻重新嘗試連線。"
#: templates/ERR_FORWARDING_DENIED:6
+#, fuzzy
msgid ""
"This cache will not forward your request because it is trying to enforce a "
-"sibling relationship. Perhaps the client at %i is a cache which has been "
+"sibling relationship. Perhaps the client at %i is a cache which has been "
"misconfigured."
msgstr ""
"本快取伺服器將無法替您轉向您的連線要求,也許是因為您所使用的快取伺服器(%i)"
#: templates/ERR_FTP_NOT_FOUND:7
msgid ""
"This might be caused by an FTP URL with an absolute path (which does not "
-"comply with RFC 1738). If this is the cause, then the file can be found at "
+"comply with RFC 1738). If this is the cause, then the file can be found at "
"<a href=\"%B\">%B</a>."
msgstr ""
#, fuzzy
msgid ""
"This request could not be forwarded to the origin server or to any parent "
-"caches. The most likely cause for this error is that the cache "
-"administrator does not allow this cache to make direct connections to origin "
-"servers, and all configured parent caches are currently unreachable."
+"caches. The most likely cause for this error is that the cache administrator "
+"does not allow this cache to make direct connections to origin servers, and "
+"all configured parent caches are currently unreachable."
msgstr ""
"您的連結要求無法被轉向原始網站伺服器或其他的上層快取伺服器,發生這個問題的最"
"可能的原因可能是網路快取伺服器管理者不允許本伺服器逕行直接連結原始的網頁位"
"置,或是 所有本伺服器設定的上層伺服器目前都暫時無法連結上。"
+#: templates/ERR_AGENT_CONFIGURE:10 templates/ERR_AGENT_WPAD:9
+msgid ""
+"Tools -> Internet Options -> Connection -> LAN Settings ->Proxy"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:7 templates/ERR_AGENT_WPAD:7
+msgid ""
+"Tools -> Options -> Advanced -> Network -> Connection Settings"
+msgstr ""
+
+#: templates/ERR_AGENT_CONFIGURE:13 templates/ERR_AGENT_WPAD:12
+msgid ""
+"Tools -> Preferences -> Advanced -> Network -> Proxy Servers"
+msgstr ""
+
#: templates/ERR_DNS_FAIL:5
msgid "Unable to determine IP address from host name <q>%H</q>"
msgstr "無法將您輸入的網站主機位置轉譯成正確的 IP 位置 <q>%H</q>"
"您要求的文件並未存在於本快取伺服器上,而且您設定了 <q>only-if-cached</q> 指"
"令。"
+#: templates/ERR_AGENT_CONFIGURE:1 templates/ERR_AGENT_CONFIGURE:3
+#: templates/ERR_AGENT_WPAD:1 templates/ERR_AGENT_WPAD:3
+msgid "Web Browser Configuration"
+msgstr ""
+
#: templates/ERR_FTP_PUT_ERROR:4
msgid "While trying to PUT the following URL: <a href=\"%U\">%U</a>"
msgstr "當嘗試上傳(PUT)下列位置時:<a href=\"%U\">%U</a>"
"快取伺服器中,<em>或者</em> 這個連線要求被 <q>only-if-cached</q> 指令認定是禁"
"用的。"
-#: templates/ERR_ACCESS_DENIED:7 templates/ERR_CANNOT_FORWARD:7
+#: templates/ERR_AGENT_CONFIGURE:4 templates/ERR_AGENT_WPAD:4
+msgid ""
+"Your Web Browser configuration needs to be corrected to use this network."
+msgstr ""
+
+#: templates/ERR_ACCESS_DENIED:7 templates/ERR_AGENT_CONFIGURE:15
+#: templates/ERR_AGENT_WPAD:14 templates/ERR_CANNOT_FORWARD:7
#: templates/ERR_CONNECT_FAIL:8 templates/ERR_DNS_FAIL:8
#: templates/ERR_FORWARDING_DENIED:7 templates/ERR_FTP_DISABLED:7
#: templates/ERR_FTP_FAILURE:7 templates/ERR_FTP_FORBIDDEN:7
#: templates/ERR_FTP_NOT_FOUND:8 templates/ERR_FTP_PUT_ERROR:8
-#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:12
+#: templates/ERR_FTP_UNAVAILABLE:7 templates/ERR_INVALID_REQ:13
#: templates/ERR_INVALID_RESP:7 templates/ERR_INVALID_URL:12
#: templates/ERR_LIFETIME_EXP:7 templates/ERR_NO_RELAY:7
#: templates/ERR_ONLY_IF_CACHED_MISS:7 templates/ERR_READ_ERROR:8
#: templates/ERR_ZERO_SIZE_OBJECT:5
msgid "Zero Sized Reply"
msgstr "大小為零的資料回應"
+
+#~ msgid "ERROR: The requested URN not be retrieved"
+#~ msgstr "錯誤:欲連結之網址(URL)無法正確的傳回"
-SUBDIRS = \
+EXTRA_DIST = defines.h
+
+DIST_SUBDIRS = \
basic_auth \
digest_auth \
external_acl \
negotiate_auth \
ntlm_auth \
url_rewrite
+
+SUBDIRS = \
+ basic_auth \
+ digest_auth \
+ external_acl \
+ log_daemon \
+ negotiate_auth \
+ url_rewrite
+
+if ENABLE_AUTH_NTLM
+SUBDIRS += ntlm_auth
+endif
libexec_SCRIPTS = basic_db_auth
CLEANFILES += basic_db_auth basic_db_auth.8
-do_subst = sed -e 's,[@]PERL[@],$(PERL),g'
man_MANS = basic_db_auth.8
EXTRA_DIST= \
+ basic_db_auth.8 \
passwd.sql \
- basic_db_auth.in
-
-## So that the man(8) file is ready for snapshot manuals bundling.
-dist-hook: basic_db_auth.8
+ basic_db_auth.pl.in \
+ config.test
basic_db_auth.8: basic_db_auth
pod2man basic_db_auth basic_db_auth.8
-basic_db_auth: basic_db_auth.in
- $(do_subst) < $(srcdir)/basic_db_auth.in >basic_db_auth
+basic_db_auth: basic_db_auth.pl.in
+ $(subst_perlshell)
use DBI;
use Getopt::Long;
use Pod::Usage;
+use Digest::MD5 qw(md5 md5_hex md5_base64);
$|=1;
=pod
=head1 NAME
-db_auth.pl - Database auth helper for Squid
+basic_db_auth - Database auth helper for Squid
=cut
my $db_cond = "enabled = 1";
my $plaintext = 0;
my $persist = 0;
+my $isjoomla = 0;
+my $debug = 0;
+my $hashsalt = undef;
=pod
=head1 SYNOPSIS
-db_auth.pl [options]
+basic_db_auth [options]
=head1 DESCRIPTOIN
=item B<--cond>
Condition, defaults to enabled=1. Specify 1 or "" for no condition
+If you use --joomla flag, this condition will be changed to block=0
=item B<--plaintext>
Database contains plain-text passwords
+=item B<--salt>
+
+Selects the correct salt to evaluate passwords
+
=item B<--persist>
Keep a persistent database connection open between queries.
+=item B<--joomla>
+
+Tells helper that user database is Joomla DB. So their unusual salt
+hashing is understood.
+
=back
=cut
'cond=s' => \$db_cond,
'plaintext' => \$plaintext,
'persist' => \$persist,
+ 'joomla' => \$isjoomla,
+ 'debug' => \$debug,
+ 'salt=s' => \$hashsalt,
);
my ($_dbh, $_sth);
+$db_cond = "block = 0" if $isjoomla;
sub close_db()
{
return if !defined($_dbh);
+ undef $_sth;
$_dbh->disconnect();
undef $_dbh;
- undef $_sth;
}
sub open_db()
warn ("Could not connect to $dsn\n");
return undef;
}
- $_sth = $_dbh->prepare("SELECT $db_passwdcol FROM $db_table WHERE $db_usercol = ?" . ($db_cond ne "" ? " AND $db_cond" : "")) || die;
+ my $sql_query;
+ $sql_query = "SELECT $db_passwdcol FROM $db_table WHERE $db_usercol = ?" . ($db_cond ne "" ? " AND $db_cond" : "");
+ $_sth = $_dbh->prepare($sql_query) || die;
return $_sth;
}
{
my ($password, $key) = @_;
- return 1 if crypt($password, $key) eq $key;
-
- return 1 if $plaintext && $password eq $key;
+ if ($isjoomla){
+ my $salt;
+ my $key2;
+ ($key2,$salt) = split (/$salt/, $key);
+ return 1 if md5_hex($password.$salt).':'.$salt eq $key;
+ }
+ else{
+ return 1 if defined $hashsalt && crypt($password, $hashsalt) eq $key;
+ return 1 if crypt($password, $key) eq $key;
+ return 1 if $plaintext && $password eq $key;
+ }
return 0;
}
=head1 COPYRIGHT
Copyright (C) 2007 Henrik Nordstrom <henrik@henriknordstrom.net>
+Copyright (C) 2010 Luis Daniel Lucio Quiroz <dlucio@okay.com.mx> (Joomla support)
This program is free software. You may redistribute copies of it under the
terms of the GNU General Public License version 2, or (at youropinion) any
later version.
## Test: do we have perl to build the helper scripts?
## Test: do we have pod2man to build the manual?
-perl --version >/dev/null && pod2man --help >/dev/null
+perl --version >/dev/null && echo | pod2man >/dev/null
exit $?
libexec_PROGRAMS = basic_ldap_auth
man_MANS = basic_ldap_auth.8
-EXTRA_DIST = basic_ldap_auth.8
+EXTRA_DIST = basic_ldap_auth.8 config.test
basic_ldap_auth_SOURCES = basic_ldap_auth.cc
LDADD = \
.
.if !'po4a'hide' .TP
.if !'po4a'hide' .B "\-v 2|3"
-LDAP protocol version. Defaults to 2 if not specified.
+LDAP protocol version. Defaults to 3 if not specified.
.
.if !'po4a'hide' .TP
.if !'po4a'hide' .BI \-Z
you need to specify is usually the base DN under where your users
are located and the server name:
.IP
-.if !'po4a'hide' .R basic_ldap_auth -b "ou=people,dc=your,dc=domain" ldapserver
+.if !'po4a'hide' .B basic_ldap_auth -b "ou=people,dc=your,dc=domain" ldapserver
.PP
If you have sub\-domains then you need to use a search filter approach
to locate your user DNs as these can no longer be constructed direcly
from the base DN and login name alone:
.IP
-.if !'po4a'hide' .R basic_ldap_auth -b "dc=your,dc=domain" -f "uid=%s" ldapserver
+.if !'po4a'hide' .B basic_ldap_auth -b "dc=your,dc=domain" -f "uid=%s" ldapserver
.PP
And similarily if you only want to allow access to users having a
specific attribute
.IP
-.if !'po4a'hide' .R basic_ldap_auth -b "dc=your,dc=domain" -f "(&(uid=%s)(specialattribute=value))" ldapserver
+.if !'po4a'hide' .B basic_ldap_auth -b "dc=your,dc=domain" -f "(&(uid=%s)(specialattribute=value))" ldapserver
.PP
Or if the user attribute of the user DN is
.B "cn"
and you do not want to have to search for the users then you could use something
like the following example for Active Directory:
.IP
-.if !'po4a'hide' .R basic_ldap_auth -u cn -b "cn=Users,dc=your,dc=domain" ldapserver
+.if !'po4a'hide' .B basic_ldap_auth -u cn -b "cn=Users,dc=your,dc=domain" ldapserver
.PP
If you want to search for the user DN and your directory does not allow
anonymous searches then you must also use the
flags to specify a user DN and password to log in as to perform the searches, as in the
following complex Active Directory example
.IP
-.if !'po4a'hide' .R basic_ldap_auth -P -R -b "dc=your,dc=domain" -D "cn=squid,cn=users,dc=your,dc=domain" -w "secretsquidpassword" -f "(&(userPrincipalName=%s)(objectClass=Person))" activedirectoryserver
+.if !'po4a'hide' .B basic_ldap_auth -P -R -b "dc=your,dc=domain" -D "cn=squid,cn=users,dc=your,dc=domain" -w "secretsquidpassword" -f "(&(userPrincipalName=%s)(objectClass=Person))" activedirectoryserver
.
.PP
.B NOTE:
.SH COPYRIGHT
This program and documentation is copyright to the authors named above.
.PP
-Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPL2+).
+Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).
.
.SH QUESTIONS
Questions on the usage of this program can be sent to the
LDAP than Squid.
.
.SH REPORTING BUGS
+Bug reports need to be made in English.
+See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report.
+.PP
Report bugs or bug fixes using http://bugs.squid-cache.org/
.PP
Report serious security bugs to
.if !'po4a'hide' <squid-dev@squid-cache.org>
.
.SH SEE ALSO
-.if !'po4a'hide' .B squid "(8), "
-.if !'po4a'hide' .B ldapsearch "(1), "
+.if !'po4a'hide' .BR squid "(8), "
+.if !'po4a'hide' .BR ldapsearch "(1), "
+.if !'po4a'hide' .BR GPL "(7), "
.br
Your favorite LDAP documentation.
.br
.BR RFC2254 " - The String Representation of LDAP Search Filters,"
+.br
+The Squid FAQ wiki
+.if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
+.br
+The Squid Configuration Manual
+.if !'po4a'hide' http://www.squid-cache.org/Doc/config/
+
* - Allow full filter specifications in -f
*/
+#define SQUID_NO_ALLOC_PROTECT 1
+#include "config.h"
+
#define LDAP_DEPRECATED 1
#include "rfc1738.h"
#include <stdio.h>
#include <string.h>
-#include <stdlib.h>
#include <ctype.h>
#ifdef _SQUID_MSWIN_ /* Native Windows port and MinGW */
#endif
-#define PROGRAM_NAME "squid_ldap_auth"
+#define PROGRAM_NAME "basic_ldap_auth"
/* Global options */
static const char *basedn;
#ifdef LDAP_VERSION3
if (version == -1) {
- version = LDAP_VERSION2;
+ version = LDAP_VERSION3;
}
if (ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version) != LDAP_SUCCESS) {
fprintf(stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n",
free(ldapServer);
ldapServer = newhost;
} else {
- ldapServer = strdup(value);
+ ldapServer = xstrdup(value);
}
break;
case 'b':
free(ldapServer);
ldapServer = newhost;
} else {
- ldapServer = strdup(value);
+ ldapServer = xstrdup(value);
}
argc--;
argv++;
}
if (!ldapServer)
- ldapServer = strdup("localhost");
+ ldapServer = xstrdup("localhost");
if (!basedn) {
fprintf(stderr, "Usage: " PROGRAM_NAME " -b basedn [options] [ldap_server_name[:port]]...\n\n");
+include $(top_srcdir)/src/Common.am
-libexec_SCRIPTS = basic_msnt_multi_domain_auth.pl
-EXTRA_DIST = basic_msnt_multi_domain_auth.pl README.txt
+libexec_SCRIPTS = basic_msnt_multi_domain_auth
+EXTRA_DIST = basic_msnt_multi_domain_auth.pl.in README.txt config.test
+CLEANFILES += basic_msnt_multi_domain_auth
+
+basic_msnt_multi_domain_auth: basic_msnt_multi_domain_auth.pl.in
+ $(subst_perlshell)
-#!/usr/bin/perl
+#!@PERL@
# $Id$
#if you define this, debugging output will be printed to STDERR.
+++ /dev/null
-
- GNU GENERAL PUBLIC LICENSE
- Version 2, June 1991
-
- Copyright (C) 1989, 1991 Free Software Foundation, Inc.
- 675 Mass Ave, Cambridge, MA 02139, USA
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
- Preamble
-
- The licenses for most software are designed to take away your
-freedom to share and change it. By contrast, the GNU General Public
-License is intended to guarantee your freedom to share and change free
-software--to make sure the software is free for all its users. This
-General Public License applies to most of the Free Software
-Foundation's software and to any other program whose authors commit to
-using it. (Some other Free Software Foundation software is covered by
-the GNU Library General Public License instead.) You can apply it to
-your programs, too.
-
- When we speak of free software, we are referring to freedom, not
-price. Our General Public Licenses are designed to make sure that you
-have the freedom to distribute copies of free software (and charge for
-this service if you wish), that you receive source code or can get it
-if you want it, that you can change the software or use pieces of it
-in new free programs; and that you know you can do these things.
-
- To protect your rights, we need to make restrictions that forbid
-anyone to deny you these rights or to ask you to surrender the rights.
-These restrictions translate to certain responsibilities for you if you
-distribute copies of the software, or if you modify it.
-
- For example, if you distribute copies of such a program, whether
-gratis or for a fee, you must give the recipients all the rights that
-you have. You must make sure that they, too, receive or can get the
-source code. And you must show them these terms so they know their
-rights.
-
- We protect your rights with two steps: (1) copyright the software, and
-(2) offer you this license which gives you legal permission to copy,
-distribute and/or modify the software.
-
- Also, for each author's protection and ours, we want to make certain
-that everyone understands that there is no warranty for this free
-software. If the software is modified by someone else and passed on, we
-want its recipients to know that what they have is not the original, so
-that any problems introduced by others will not reflect on the original
-authors' reputations.
-
- Finally, any free program is threatened constantly by software
-patents. We wish to avoid the danger that redistributors of a free
-program will individually obtain patent licenses, in effect making the
-program proprietary. To prevent this, we have made it clear that any
-patent must be licensed for everyone's free use or not licensed at all.
-
- The precise terms and conditions for copying, distribution and
-modification follow.
-\f
- GNU GENERAL PUBLIC LICENSE
- TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
-
- 0. This License applies to any program or other work which contains
-a notice placed by the copyright holder saying it may be distributed
-under the terms of this General Public License. The "Program", below,
-refers to any such program or work, and a "work based on the Program"
-means either the Program or any derivative work under copyright law:
-that is to say, a work containing the Program or a portion of it,
-either verbatim or with modifications and/or translated into another
-language. (Hereinafter, translation is included without limitation in
-the term "modification".) Each licensee is addressed as "you".
-
-Activities other than copying, distribution and modification are not
-covered by this License; they are outside its scope. The act of
-running the Program is not restricted, and the output from the Program
-is covered only if its contents constitute a work based on the
-Program (independent of having been made by running the Program).
-Whether that is true depends on what the Program does.
-
- 1. You may copy and distribute verbatim copies of the Program's
-source code as you receive it, in any medium, provided that you
-conspicuously and appropriately publish on each copy an appropriate
-copyright notice and disclaimer of warranty; keep intact all the
-notices that refer to this License and to the absence of any warranty;
-and give any other recipients of the Program a copy of this License
-along with the Program.
-
-You may charge a fee for the physical act of transferring a copy, and
-you may at your option offer warranty protection in exchange for a fee.
-
- 2. You may modify your copy or copies of the Program or any portion
-of it, thus forming a work based on the Program, and copy and
-distribute such modifications or work under the terms of Section 1
-above, provided that you also meet all of these conditions:
-
- a) You must cause the modified files to carry prominent notices
- stating that you changed the files and the date of any change.
-
- b) You must cause any work that you distribute or publish, that in
- whole or in part contains or is derived from the Program or any
- part thereof, to be licensed as a whole at no charge to all third
- parties under the terms of this License.
-
- c) If the modified program normally reads commands interactively
- when run, you must cause it, when started running for such
- interactive use in the most ordinary way, to print or display an
- announcement including an appropriate copyright notice and a
- notice that there is no warranty (or else, saying that you provide
- a warranty) and that users may redistribute the program under
- these conditions, and telling the user how to view a copy of this
- License. (Exception: if the Program itself is interactive but
- does not normally print such an announcement, your work based on
- the Program is not required to print an announcement.)
-\f
-These requirements apply to the modified work as a whole. If
-identifiable sections of that work are not derived from the Program,
-and can be reasonably considered independent and separate works in
-themselves, then this License, and its terms, do not apply to those
-sections when you distribute them as separate works. But when you
-distribute the same sections as part of a whole which is a work based
-on the Program, the distribution of the whole must be on the terms of
-this License, whose permissions for other licensees extend to the
-entire whole, and thus to each and every part regardless of who wrote it.
-
-Thus, it is not the intent of this section to claim rights or contest
-your rights to work written entirely by you; rather, the intent is to
-exercise the right to control the distribution of derivative or
-collective works based on the Program.
-
-In addition, mere aggregation of another work not based on the Program
-with the Program (or with a work based on the Program) on a volume of
-a storage or distribution medium does not bring the other work under
-the scope of this License.
-
- 3. You may copy and distribute the Program (or a work based on it,
-under Section 2) in object code or executable form under the terms of
-Sections 1 and 2 above provided that you also do one of the following:
-
- a) Accompany it with the complete corresponding machine-readable
- source code, which must be distributed under the terms of Sections
- 1 and 2 above on a medium customarily used for software interchange; or,
-
- b) Accompany it with a written offer, valid for at least three
- years, to give any third party, for a charge no more than your
- cost of physically performing source distribution, a complete
- machine-readable copy of the corresponding source code, to be
- distributed under the terms of Sections 1 and 2 above on a medium
- customarily used for software interchange; or,
-
- c) Accompany it with the information you received as to the offer
- to distribute corresponding source code. (This alternative is
- allowed only for noncommercial distribution and only if you
- received the program in object code or executable form with such
- an offer, in accord with Subsection b above.)
-
-The source code for a work means the preferred form of the work for
-making modifications to it. For an executable work, complete source
-code means all the source code for all modules it contains, plus any
-associated interface definition files, plus the scripts used to
-control compilation and installation of the executable. However, as a
-special exception, the source code distributed need not include
-anything that is normally distributed (in either source or binary
-form) with the major components (compiler, kernel, and so on) of the
-operating system on which the executable runs, unless that component
-itself accompanies the executable.
-
-If distribution of executable or object code is made by offering
-access to copy from a designated place, then offering equivalent
-access to copy the source code from the same place counts as
-distribution of the source code, even though third parties are not
-compelled to copy the source along with the object code.
-\f
- 4. You may not copy, modify, sublicense, or distribute the Program
-except as expressly provided under this License. Any attempt
-otherwise to copy, modify, sublicense or distribute the Program is
-void, and will automatically terminate your rights under this License.
-However, parties who have received copies, or rights, from you under
-this License will not have their licenses terminated so long as such
-parties remain in full compliance.
-
- 5. You are not required to accept this License, since you have not
-signed it. However, nothing else grants you permission to modify or
-distribute the Program or its derivative works. These actions are
-prohibited by law if you do not accept this License. Therefore, by
-modifying or distributing the Program (or any work based on the
-Program), you indicate your acceptance of this License to do so, and
-all its terms and conditions for copying, distributing or modifying
-the Program or works based on it.
-
- 6. Each time you redistribute the Program (or any work based on the
-Program), the recipient automatically receives a license from the
-original licensor to copy, distribute or modify the Program subject to
-these terms and conditions. You may not impose any further
-restrictions on the recipients' exercise of the rights granted herein.
-You are not responsible for enforcing compliance by third parties to
-this License.
-
- 7. If, as a consequence of a court judgment or allegation of patent
-infringement or for any other reason (not limited to patent issues),
-conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License. If you cannot
-distribute so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you
-may not distribute the Program at all. For example, if a patent
-license would not permit royalty-free redistribution of the Program by
-all those who receive copies directly or indirectly through you, then
-the only way you could satisfy both it and this License would be to
-refrain entirely from distribution of the Program.
-
-If any portion of this section is held invalid or unenforceable under
-any particular circumstance, the balance of the section is intended to
-apply and the section as a whole is intended to apply in other
-circumstances.
-
-It is not the purpose of this section to induce you to infringe any
-patents or other property right claims or to contest validity of any
-such claims; this section has the sole purpose of protecting the
-integrity of the free software distribution system, which is
-implemented by public license practices. Many people have made
-generous contributions to the wide range of software distributed
-through that system in reliance on consistent application of that
-system; it is up to the author/donor to decide if he or she is willing
-to distribute software through any other system and a licensee cannot
-impose that choice.
-
-This section is intended to make thoroughly clear what is believed to
-be a consequence of the rest of this License.
-\f
- 8. If the distribution and/or use of the Program is restricted in
-certain countries either by patents or by copyrighted interfaces, the
-original copyright holder who places the Program under this License
-may add an explicit geographical distribution limitation excluding
-those countries, so that distribution is permitted only in or among
-countries not thus excluded. In such case, this License incorporates
-the limitation as if written in the body of this License.
-
- 9. The Free Software Foundation may publish revised and/or new versions
-of the General Public License from time to time. Such new versions will
-be similar in spirit to the present version, but may differ in detail to
-address new problems or concerns.
-
-Each version is given a distinguishing version number. If the Program
-specifies a version number of this License which applies to it and "any
-later version", you have the option of following the terms and conditions
-either of that version or of any later version published by the Free
-Software Foundation. If the Program does not specify a version number of
-this License, you may choose any version ever published by the Free Software
-Foundation.
-
- 10. If you wish to incorporate parts of the Program into other free
-programs whose distribution conditions are different, write to the author
-to ask for permission. For software which is copyrighted by the Free
-Software Foundation, write to the Free Software Foundation; we sometimes
-make exceptions for this. Our decision will be guided by the two goals
-of preserving the free status of all derivatives of our free software and
-of promoting the sharing and reuse of software generally.
-
- NO WARRANTY
-
- 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
-FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
-OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
-PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
-OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
-TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
-PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
-REPAIR OR CORRECTION.
-
- 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
-REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
-INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
-OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
-TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
-YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
-PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
-POSSIBILITY OF SUCH DAMAGES.
-
- END OF TERMS AND CONDITIONS
-\f
- Appendix: How to Apply These Terms to Your New Programs
-
- If you develop a new program, and you want it to be of the greatest
-possible use to the public, the best way to achieve this is to make it
-free software which everyone can redistribute and change under these terms.
-
- To do so, attach the following notices to the program. It is safest
-to attach them to the start of each source file to most effectively
-convey the exclusion of warranty; and each file should have at least
-the "copyright" line and a pointer to where the full notice is found.
-
- <one line to give the program's name and a brief idea of what it does.>
- Copyright (C) 19yy <name of author>
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-
-Also add information on how to contact you by electronic and paper mail.
-
-If the program is interactive, make it output a short notice like this
-when it starts in an interactive mode:
-
- Gnomovision version 69, Copyright (C) 19yy name of author
- Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
- This is free software, and you are welcome to redistribute it
- under certain conditions; type `show c' for details.
-
-The hypothetical commands `show w' and `show c' should show the appropriate
-parts of the General Public License. Of course, the commands you use may
-be called something other than `show w' and `show c'; they could even be
-mouse-clicks or menu items--whatever suits your program.
-
-You should also get your employer (if you work as a programmer) or your
-school, if any, to sign a "copyright disclaimer" for the program, if
-necessary. Here is a sample; alter the names:
-
- Yoyodyne, Inc., hereby disclaims all copyright interest in the program
- `Gnomovision' (which makes passes at compilers) written by James Hacker.
-
- <signature of Ty Coon>, 1 April 1989
- Ty Coon, President of Vice
-
-This General Public License does not permit incorporating your program into
-proprietary programs. If your program is a subroutine library, you may
-consider it more useful to permit linking proprietary applications with the
-library. If this is what you want to do, use the GNU Library General
-Public License instead of this License.
-
-#
-# Makefile for the Squid Object Cache server
-#
-# $Id$
-#
-# Uncomment and customize the following to suit your needs:
-#
-
include $(top_srcdir)/src/Common.am
MSNTAUTH_CONF = $(sysconfdir)/msntauth.conf
md4.h smbdes.h smbencrypt.h usersfile.h
EXTRA_DIST = \
- COPYING-2.0 \
msntauth.conf.default \
msntauth-v2.0.lsm \
- README.html
+ README.html \
+ config.test
sysconf_DATA = \
msntauth.conf.default
-LDADD = -L$(top_builddir)/lib -lmiscutil $(XTRA_LIBS) $(top_builddir)/compat/libcompat.la
+LDADD = $(COMPAT_LIB) $(XTRA_LIBS)
## we need our local files too (but avoid -I. at all costs)
INCLUDES += -I$(srcdir)
confload.o: confload.c
$(COMPILE) -DSYSCONFDIR=\"$(sysconfdir)\" -c $(srcdir)/confload.c -o $@
-install-data-local:
+install-data-local: msntauth.conf.default
@if test -f $(DESTDIR)$(MSNTAUTH_CONF) ; then \
echo "$@ will not overwrite existing $(DESTDIR)$(MSNTAUTH_CONF)" ; \
else \
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
+#define SQUID_NO_ALLOC_PROTECT 1
-int SMBlib_errno;
-int SMBlib_SMB_Error;
-#define SMBLIB_ERRNO
-#define uchar unsigned char
#include "util.h"
#include "smblib-priv.h"
#include "smblib.h"
#include <string.h>
#include <signal.h>
+#define SMBLIB_ERRNO
+#define uchar unsigned char
+
+int SMBlib_errno;
+int SMBlib_SMB_Error;
SMB_State_Types SMBlib_State;
/* Initialize the SMBlib package */
*/
/* the types are provided by squid's configure preocess */
+#define SQUID_NO_ALLOC_PROTECT 1
#include "config.h"
+
#define BOOL int16_t
#define int16 int16_t
#include <netdb.h>
-#include <sys/types.h>
#include <netinet/in.h>
#include <sys/socket.h>
#include <signal.h>
-
/*
* usersfile.c
* (C) 2000 Antonino Iannella, Stellar-X Pty Ltd
* The code originated from denyusers.c.
*/
+#define SQUID_NO_ALLOC_PROTECT 1
+#include "config.h"
+#include "util.h"
+
#include <stdio.h>
-#include <stdlib.h>
#include <string.h>
#include <syslog.h>
#include <unistd.h>
} else {
if (uf->path)
free(uf->path);
- uf->path = strdup(path);
+ uf->path = xstrdup(path);
}
/* Open the users file. Report any errors. */
'\0',
(uf->Alloc >> 1) * sizeof(*uf->names));
}
- uf->names[uf->Inuse] = strdup(buf);
+ uf->names[uf->Inuse] = xstrdup(buf);
uf->Inuse++;
}
fclose(fp);
libexec_PROGRAMS = basic_ncsa_auth
basic_ncsa_auth_SOURCES = basic_ncsa_auth.cc crypt_md5.cc crypt_md5.h
man_MANS = basic_ncsa_auth.8
-EXTRA_DIST = basic_ncsa_auth.8
+EXTRA_DIST = basic_ncsa_auth.8 config.test
LDADD = \
$(COMPAT_LIB) \
$(CRYPTLIB) \
.if !'po4a'hide' <squid-users@squid-cache.org>
.
.SH REPORTING BUGS
+Bug reports need to be made in English.
+See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report.
+.PP
Report bugs or bug fixes using http://bugs.squid-cache.org/
.PP
Report serious security bugs to
.if !'po4a'hide' <squid-dev@squid-cache.org>
.
.SH SEE ALSO
-.if !'po4a'hide' .B squid "(8), "
-.if !'po4a'hide' .B htpasswd "(1)"
+.if !'po4a'hide' .BR squid "(8), "
+.if !'po4a'hide' .BR htpasswd "(1), "
+.if !'po4a'hide' .BR GPL "(7), "
+.br
+The Squid FAQ wiki
+.if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
+.br
+The Squid Configuration Manual
+.if !'po4a'hide' http://www.squid-cache.org/Doc/config/
+
/*
- * ncsa_auth.c
- *
* AUTHOR: Arjan de Vet <Arjan.deVet@adv.iae.nl>
*
* Example authentication program for Squid, based on the original
*/
#include "config.h"
+#include "crypt_md5.h"
+#include "hash.h"
+#include "helpers/defines.h"
#include "rfc1738.h"
+#include "util.h"
#if HAVE_STDIO_H
#include <stdio.h>
#endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
#if HAVE_STRING_H
#include <string.h>
#endif
-#if HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
#if HAVE_SYS_STAT_H
#include <sys/stat.h>
#endif
#include <crypt.h>
#endif
-#include "util.h"
-#include "hash.h"
-#include "crypt_md5.h"
-
static hash_table *hash = NULL;
static HASHFREE my_free;
/* initial setup */
hash = hash_create((HASHCMP *) strcmp, 7921, hash_string);
if (NULL == hash) {
- fprintf(stderr, "ncsa_auth: cannot create hash table\n");
+ fprintf(stderr, "FATAL: Cannot create hash table\n");
exit(1);
}
f = fopen(passwdfile, "r");
if (NULL == f) {
- fprintf(stderr, "%s: %s\n", passwdfile, xstrerror());
+ fprintf(stderr, "FATAL: %s: %s\n", passwdfile, xstrerror());
exit(1);
}
while (fgets(buf, 8192, f) != NULL) {
{
struct stat sb;
time_t change_time = -1;
- char buf[256];
+ char buf[HELPER_INPUT_BUFFER];
char *user, *passwd, *p;
user_data *u;
setbuf(stdout, NULL);
exit(1);
}
if (stat(argv[1], &sb) != 0) {
- fprintf(stderr, "cannot stat %s\n", argv[1]);
+ fprintf(stderr, "FATAL: cannot stat %s\n", argv[1]);
exit(1);
}
- while (fgets(buf, 256, stdin) != NULL) {
+ while (fgets(buf, HELPER_INPUT_BUFFER, stdin) != NULL) {
if ((p = strchr(buf, '\n')) != NULL)
*p = '\0'; /* strip \n */
if (stat(argv[1], &sb) == 0) {
}
}
if ((user = strtok(buf, " ")) == NULL) {
- printf("ERR\n");
+ SEND_ERR("");
continue;
}
if ((passwd = strtok(NULL, "")) == NULL) {
- printf("ERR\n");
+ SEND_ERR("");
continue;
}
rfc1738_unescape(user);
rfc1738_unescape(passwd);
u = (user_data *) hash_lookup(hash, user);
if (u == NULL) {
- printf("ERR No such user\n");
+ SEND_ERR("No such user");
#if HAVE_CRYPT
} else if (strcmp(u->passwd, (char *) crypt(passwd, u->passwd)) == 0) {
- printf("OK\n");
+ SEND_OK("");
#endif
} else if (strcmp(u->passwd, (char *) crypt_md5(passwd, u->passwd)) == 0) {
- printf("OK\n");
+ SEND_OK("");
} else if (strcmp(u->passwd, (char *) md5sum(passwd)) == 0) { /* md5 without salt and magic strings - Added by Ramon de Carvalho and Rodrigo Rubira Branco */
- printf("OK\n");
+ SEND_OK("");
} else {
- printf("ERR Wrong password\n");
+ SEND_ERR("Wrong password");
}
}
if (hash != NULL) {
SquidMD5Final(digest,&ctx);
for (idx=0; idx<16; idx++)
- sprintf(&sum[idx*2],"%02x",digest[idx]);
+ snprintf(&sum[idx*2],(33-(idx*2)),"%02x",digest[idx]);
sum[32]='\0';
$(COMPAT_LIB) \
$(CRYPTLIB) \
$(XTRA_LIBS)
+
+EXTRA_DIST = config.test
include $(top_srcdir)/src/Common.am
man_MANS = basic_pam_auth.8
-EXTRA_DIST = basic_pam_auth.8
+EXTRA_DIST = basic_pam_auth.8 config.test
libexec_PROGRAMS = basic_pam_auth
basic_pam_auth_SOURCES = basic_pam_auth.cc
the program setuid root
.if !'po4a'hide' .RS
.if !'po4a'hide' .P
-.if !'po4a'hide' .B chown root pam_auth
+.if !'po4a'hide' .B chown root basic_pam_auth
.if !'po4a'hide' .br
-.if !'po4a'hide' .B chmod u+s pam_auth
+.if !'po4a'hide' .B chmod u+s basic_pam_auth
.if !'po4a'hide' .RE
.PP
Please note that in such configurations it is also strongly recommended
and this manual is Copyright 1999,2002,2003
.if !'po4a'hide' .I Henrik Nordstrom <hno@squid-cache.org>
.
-Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPL2+).
+Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).
.
.SH QUESTIONS
Questions on the usage of this program can be sent to the
.if !'po4a'hide' <squid-users@squid-cache.org>
.
.SH REPORTING BUGS
+Bug reports need to be made in English.
+See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report.
+.PP
Report bugs or bug fixes using http://bugs.squid-cache.org/
.PP
Report serious security bugs to
.
.SH SEE ALSO
.if !'po4a'hide' .BR squid "(8), "
-.if !'po4a'hide' .BR pam "(8), "
+.if !'po4a'hide' .BR pam "(3), "
.if !'po4a'hide' .BR pam.conf "(5), "
.if !'po4a'hide' .BR chown "(1), "
.if !'po4a'hide' .BR chmod "(1), "
+.if !'po4a'hide' .BR GPL "(7), "
.br
PAM Systems Administrator Guide
+.br
+The Squid FAQ wiki
+.if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
+.br
+The Squid Configuration Manual
+.if !'po4a'hide' http://www.squid-cache.org/Doc/config/
+
*
* Compile this program with: gcc -o basic_pam_auth basic_pam_auth.cc -lpam -ldl
*/
+#define SQUID_NO_ALLOC_PROTECT 1
#include "config.h"
-
+#include "helpers/defines.h"
#include "rfc1738.h"
#include "util.h"
#if HAVE_ASSERT_H
#include <assert.h>
#endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
#if HAVE_STRING_H
#include <string.h>
#endif
#include <security/pam_appl.h>
#endif
-#define BUFSIZE 8192
-
-
/* The default PAM service name */
#ifndef DEFAULT_SQUID_PAM_SERVICE
#define DEFAULT_SQUID_PAM_SERVICE "squid"
* expects a single converstation message of type PAM_PROMPT_ECHO_OFF.
*/
static int
-password_conversation(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr)
+password_conversation(int num_msg, PAM_CONV_FUNC_CONST_PARM struct pam_message **msg, struct pam_response **resp, void *appdata_ptr)
{
if (num_msg != 1 || msg[0]->msg_style != PAM_PROMPT_ECHO_OFF) {
- fprintf(stderr, "ERROR: Unexpected PAM converstaion '%d/%s'\n", msg[0]->msg_style, msg[0]->msg);
+ debug("ERROR: Unexpected PAM converstaion '%d/%s'\n", msg[0]->msg_style, msg[0]->msg);
return PAM_CONV_ERR;
}
#if _SQUID_SOLARIS_
}
#endif
if (!appdata_ptr) {
- fprintf(stderr, "ERROR: No password available to password_converstation!\n");
+ debug("ERROR: No password available to password_converstation!\n");
return PAM_CONV_ERR;
}
*resp = static_cast<struct pam_response *>(calloc(num_msg, sizeof(struct pam_response)));
if (!*resp) {
- fprintf(stderr, "ERROR: Out of memory!\n");
+ debug("ERROR: Out of memory!\n");
return PAM_CONV_ERR;
}
- (*resp)[0].resp = strdup((char *) appdata_ptr);
+ (*resp)[0].resp = xstrdup((char *) appdata_ptr);
(*resp)[0].resp_retcode = 0;
return ((*resp)[0].resp ? PAM_SUCCESS : PAM_CONV_ERR);
int retval = PAM_SUCCESS;
char *user;
char *password_buf;
- char buf[BUFSIZE];
+ char buf[HELPER_INPUT_BUFFER];
time_t pamh_created = 0;
int ttl = DEFAULT_SQUID_PAM_TTL;
const char *service = DEFAULT_SQUID_PAM_SERVICE;
no_acct_mgmt = 1;
break;
default:
- fprintf(stderr, "Unknown getopt value '%c'\n", ch);
+ fprintf(stderr, "FATAL: Unknown getopt value '%c'\n", ch);
usage(argv[0]);
exit(1);
}
}
start:
if (optind < argc) {
- fprintf(stderr, "Unknown option '%s'\n", argv[optind]);
+ fprintf(stderr, "FATAL: Unknown option '%s'\n", argv[optind]);
usage(argv[0]);
exit(1);
}
- while (fgets(buf, BUFSIZE, stdin)) {
+ while (fgets(buf, HELPER_INPUT_BUFFER, stdin)) {
user = buf;
password_buf = strchr(buf, '\n');
if (!password_buf) {
- fprintf(stderr, "authenticator: Unexpected input '%s'\n", buf);
+ debug("ERROR: %s: Unexpected input '%s'\n", argv[0], buf);
goto error;
}
*password_buf = '\0';
password_buf = strchr(buf, ' ');
if (!password_buf) {
- fprintf(stderr, "authenticator: Unexpected input '%s'\n", buf);
+ debug("ERROR: %s: Unexpected input '%s'\n", argv[0], buf);
goto error;
}
*password_buf++ = '\0';
/* Create PAM connection */
retval = pam_start(service, user, &conv, &pamh);
if (retval != PAM_SUCCESS) {
- fprintf(stderr, "ERROR: failed to create PAM authenticator\n");
+ debug("ERROR: failed to create PAM authenticator\n");
goto error;
}
} else if (!pamh || (time(NULL) - pamh_created) >= ttl || pamh_created > time(NULL)) {
if (pamh) {
retval = pam_end(pamh, retval);
if (retval != PAM_SUCCESS) {
- fprintf(stderr, "WARNING: failed to release PAM authenticator\n");
+ debug("WARNING: failed to release PAM authenticator\n");
}
pamh = NULL;
}
/* Initialize persistent PAM connection */
retval = pam_start(service, "squid@", &conv, &pamh);
if (retval != PAM_SUCCESS) {
- fprintf(stderr, "ERROR: failed to create PAM authenticator\n");
+ debug("ERROR: failed to create PAM authenticator\n");
goto error;
}
pamh_created = time(NULL);
if (retval == PAM_SUCCESS && !no_acct_mgmt)
retval = pam_acct_mgmt(pamh, 0);
if (retval == PAM_SUCCESS) {
- fprintf(stdout, "OK\n");
+ SEND_OK("");
} else {
error:
- fprintf(stdout, "ERR\n");
+ SEND_ERR("");
}
/* cleanup */
retval = PAM_SUCCESS;
if (ttl == 0 || retval != PAM_SUCCESS) {
retval = pam_end(pamh, retval);
if (retval != PAM_SUCCESS) {
- fprintf(stderr, "WARNING: failed to release PAM authenticator\n");
+ debug("WARNING: failed to release PAM authenticator\n");
}
pamh = NULL;
}
retval = pam_end(pamh, retval);
if (retval != PAM_SUCCESS) {
pamh = NULL;
- fprintf(stderr, "ERROR: failed to release PAM authenticator\n");
+ debug("ERROR: failed to release PAM authenticator\n");
}
}
return 0;
-libexec_SCRIPTS = basic_pop3_auth.pl
-EXTRA_DIST = basic_pop3_auth.pl
+include $(top_srcdir)/src/Common.am
+
+libexec_SCRIPTS = basic_pop3_auth
+EXTRA_DIST = basic_pop3_auth.pl.in config.test
+CLEANFILES += basic_pop3_auth
+
+basic_pop3_auth: basic_pop3_auth.pl.in
+ $(subst_perlshell)
-#!/usr/bin/perl
+#!@PERL@
#
# POP3 authenticator for Squid
# Copyright (C) 2006 Henrik Nordstrom <henrik@henriknordstrom.net>
+++ /dev/null
-#
-# Makefile RADIUS authentifications for squid
-#
-#
-
-PREFIX = /usr/local/squid
-BINDIR = $(PREFIX)/libexec/
-MANDIR = $(PREFIX)/man/man8
-MANEXT = .8
-CONFDIR = $(PREFIX)/etc
-
-INCLUDES = radius.h md5.h
-
-ALL: squid_radius_auth
-
-
-attrprint.o: attrprint.c $(INCLUDES)
- $(CC) $(CFLAGS) -c attrprint.c
-
-dict.o: dict.c $(INCLUDES)
- $(CC) $(CFLAGS) -c dict.c
-
-util.o: util.c $(INCLUDES)
- $(CC) $(CFLAGS) -c util.c
-
-squid_radius_auth: squid_rad_auth.o md5.o util.o
- $(CC) $(LDFLAGS) -o squid_radius_auth squid_rad_auth.o md5.o util.o $(LIBS)
-
-squid_radius_auth.o: squid_rad_auth.c $(INCLUDES)
- $(CC) $(CFLAGS) -c squid_rad_auth.c
-
-md5.o: md5.c md5.h
- $(CC) $(CFLAGS) -c md5.c
-
-clean:
- rm -f *.o squid_radius_auth
-
-install: squid_radius_auth
- mkdir -p $(DESTDIR)$(BINDIR)
- install -m 755 -s squid_radius_auth $(DESTDIR)$(BINDIR)/squid_radius_auth
- mkdir -p $(DESTDIR)$(MANDIR)
- install -m 755 squid_radius_auth.8 $(DESTDIR)$(MANDIR)/squid_radius_auth$(MANEXT)
- mkdir -p $(DESTDIR)$(CONFDIR)
- install -m 644 etc/squid_radius_auth.conf $(DESTDIR)$(CONFDIR)/squid_radius_auth.conf.default
- if ! test -f $(DESTDIR)$(CONFDIR)/squid_radius_auth.conf; then \
- cp -p $(DESTDIR)$(CONFDIR)/squid_radius_auth.conf.default $(DESTDIR)$(CONFDIR)/squid_radius_auth.conf; \
- fi
-
-
libexec_PROGRAMS = basic_radius_auth
man_MANS = basic_radius_auth.8
-EXTRA_DIST = basic_radius_auth.8
+EXTRA_DIST = basic_radius_auth.8 config.test
basic_radius_auth_SOURCES = \
basic_radius_auth.cc \
radius.h \
+++ /dev/null
-#
-# Makefile RADIUS authentifications for squid & Linux (2.0.x, lib5 or libc6)
-#
-#
-
-CC = gcc
-CFLAGS = -O2 -Wall -g
-LDFLAGS = -g
-LIBS =
-
-include Make.inc
+++ /dev/null
-#
-# Makefile RADIUS authentifications for squid & Solaris 2.5.1
-#
-#
-
-CC = gcc
-CFLAGS = -O2 -Wall -g
-LDFLAGS = -g
-LIBS = -lsocket -lnsl
-
-include Make.inc
.SH COPYRIGHT
This program and documentation is copyright to the authors named above.
.PP
-Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPL2+).
+Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).
.
.SH QUESTIONS
Questions on the usage of this program can be sent to the
RADIUS than Squid.
.
.SH REPORTING BUGS
+Bug reports need to be made in English.
+See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report.
+.PP
Report bugs or bug fixes using http://bugs.squid-cache.org/
.PP
Report serious security bugs to
.if !'po4a'hide' <squid-dev@squid-cache.org>
.
.SH SEE ALSO
-.if !'po4a'hide' .B squid "(8) "
+.if !'po4a'hide' .BR squid "(8), "
+.if !'po4a'hide' .BR GPL "(7), "
.br
.BR RFC2058 " - Remote Authentication Dial In User Service (RADIUS)"
+.br
+The Squid FAQ wiki
+.if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
+.br
+The Squid Configuration Manual
+.if !'po4a'hide' http://www.squid-cache.org/Doc/config/
+
* and many others
*/
-#include "config.h"
-#include "md5.h"
-#include "radius.h"
-#include "radius-util.h"
+#include "config.h"
+#include "helpers/defines.h"
+#include "md5.h"
+#include "radius.h"
+#include "radius-util.h"
-#if HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
#if HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#if HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
-#if HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
#if HAVE_PWD_H
#include <pwd.h>
#endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
#if HAVE_TIME_H
#include <time.h>
#endif
#include <errno.h>
#endif
+/* AYJ: helper input buffer may be a lot larger than this used to expect... */
#define MAXPWNAM 254
#define MAXPASS 254
-#define MAXLINE 254
+#define MAXLINE 254
static void md5_calc(uint8_t out[16], void *in, size_t len);
totallen = ntohs(auth->length);
if (totallen != length) {
- fprintf(stderr,
- "basic_radius_auth: Received invalid reply length from server (want %d/ got %d)\n",
- totallen, length);
+ debug("Received invalid reply length from server (want %d/ got %d)\n", totallen, length);
return -1;
}
if (auth->id != request_id) {
md5_calc(calc_digest, (unsigned char *) auth, length + secretlen);
if (memcmp(reply_digest, calc_digest, AUTH_VECTOR_LEN) != 0) {
- fprintf(stderr, "Warning: Received invalid reply digest from server\n");
+ debug("WARNING: Received invalid reply digest from server\n");
return -1;
}
if (auth->code != PW_AUTHENTICATION_ACK)
char username[MAXPWNAM];
char passwd[MAXPASS];
char *ptr;
- char authstring[MAXLINE];
+ char buf[HELPER_INPUT_BUFFER];
const char *cfname = NULL;
int err = 0;
socklen_t salen;
if (cfname) {
if (rad_auth_config(cfname) < 0) {
- fprintf(stderr, "%s: can't open configuration file '%s'.\n", argv[0], cfname);
+ fprintf(stderr, "FATAL: %s: can't open configuration file '%s'.\n", argv[0], cfname);
exit(1);
}
}
if (!*server) {
- fprintf(stderr, "%s: Server not specified\n", argv[0]);
+ fprintf(stderr, "FATAL: %s: Server not specified\n", argv[0]);
exit(1);
}
if (!*secretkey) {
- fprintf(stderr, "%s: Shared secret not specified\n", argv[0]);
+ fprintf(stderr, "FATAL: %s: Shared secret not specified\n", argv[0]);
exit(1);
}
#ifdef _SQUID_MSWIN_
/* Get the IP address of the authentication server */
if ((auth_ipaddr = get_ipaddr(server)) == 0) {
- fprintf(stderr, "Couldn't find host %s\n", server);
+ fprintf(stderr, "FATAL: %s: Couldn't find host %s\n", argv[0], server);
exit(1);
}
sockfd = socket(AF_INET, SOCK_DGRAM, 0);
fcntl(sockfd, F_SETFL, fcntl(sockfd, F_GETFL, 0) | O_NONBLOCK);
#endif
nas_ipaddr = ntohl(salocal.sin_addr.s_addr);
- while (fgets(authstring, MAXLINE, stdin) != NULL) {
+ while (fgets(buf, HELPER_INPUT_BUFFER, stdin) != NULL) {
char *end;
/* protect me form to long lines */
- if ((end = strchr(authstring, '\n')) == NULL) {
+ if ((end = strchr(buf, '\n')) == NULL) {
err = 1;
continue;
}
if (err) {
- printf("ERR\n");
+ SEND_ERR("");
err = 0;
continue;
}
- if (strlen(authstring) > MAXLINE) {
- printf("ERR\n");
+ if (strlen(buf) > HELPER_INPUT_BUFFER) {
+ SEND_ERR("");
continue;
}
/* Strip off the trailing newline */
*end = '\0';
/* Parse out the username and password */
- ptr = authstring;
+ ptr = buf;
while (isspace(*ptr))
ptr++;
if ((end = strchr(ptr, ' ')) == NULL) {
- printf("ERR\n"); /* No password */
+ SEND_ERR("No password");
continue;
}
*end = '\0';
urldecode(passwd, ptr, MAXPASS);
if (authenticate(sockfd, username, passwd))
- printf("OK\n");
+ SEND_OK("");
else
- printf("ERR\n");
+ SEND_ERR("");
}
close(sockfd);
exit(1);
#include "config.h"
-#if HAVE_SYS_TYES_H
-#include <sys/types.h>
-#endif
#if HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
-#if HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
#if HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#if HAVE_STDIO_H
#include <stdio.h>
#endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
#if HAVE_NETDB_H
#include <netdb.h>
#endif
include $(top_srcdir)/src/Common.am
+man_MANS = basic_sasl_auth.8
libexec_PROGRAMS = basic_sasl_auth
basic_sasl_auth_SOURCES = basic_sasl_auth.cc
basic_sasl_auth_LDADD = \
$(LIBSASL) \
$(XTRA_LIBS)
-EXTRA_DIST = basic_sasl_auth.pam basic_sasl_auth.conf
+EXTRA_DIST = \
+ basic_sasl_auth.8 \
+ basic_sasl_auth.conf \
+ basic_sasl_auth.pam \
+ config.test
+++ /dev/null
-This program authenticates users using SASL (specifically the
-cyrus-sasl authentication method).
-
-SASL is configurable (somewhat like PAM). Each service authenticating
-against SASL identifies itself with an application name. Each
-"application" can be configured independently by the SASL administrator.
-
-For this authenticator, the SASL application name is, by default,
-
- basic_sasl_auth
-
-To configure the authentication method used the file "basic_sasl_auth.conf"
-can be placed in the appropriate location, usually "/usr/lib/sasl".
-
-The authentication database is defined by the "pwcheck_method" parameter.
-Only the "PLAIN" authentication mechanism is used.
-
-Examples:
-
-pwcheck_method:sasldb
- use sasldb - the default if no conf file is installed.
-pwcheck_method:pam
- use PAM
-pwcheck_method:passwd
- use traditional /etc/passwd
-pwcheck_method:shadow
- use slightly less traditional /etc/shadow
-
-Others methods may be supported by your cyrus-sasl implementation -
-consult your cyrus-sasl documentation for information.
-
-Typically the authentication database (/etc/sasldb, /etc/shadow, pam)
-can not be accessed by a "normal" user. You should use setuid/setgid
-and an appropriate user/group on the executable to allow the
-authenticator to access the appropriate password database. If the
-access to the database is not permitted then the authenticator
-will typically fail with "-1, generic error".
-
- chown root.mail sasl_auth
- chmod ug+s sasl_auth
-
-If the application name ("basic_sasl_auth") will also be used for the
-pam service name if pwcheck_method:pam is chosen. And example pam
-configuration file "basic_sasl_auth.pam" is also included.
-
-
-Ian Castle
-ian.castle@coldcomfortfarm.net
-March 2002
--- /dev/null
+.if !'po4a'hide' .TH basic_sasl_auth 8
+.
+.SH NAME
+.if !'po4a'hide' .B basic_sasl_auth
+.if !'po4a'hide' \-
+Basic Authentication using SASL (specifically the cyrus-sasl authentication method)
+.PP
+Version 1.0
+.
+.SH SYNOPSIS
+.if !'po4a'hide' .B basic_sasl_auth
+.
+.SH DESCRIPTION
+.B basic_sasl_auth
+is an installed binary helper for Squid. SASL is configurable (somewhat like PAM).
+Each service authenticating against SASL identifies itself with an application name.
+Each application can be configured independently by the SASL administrator.
+.
+.SH CONFIGURATION
+To configure the authentication method used the file
+.B basic_sasl_auth.conf
+can be placed in the appropriate location, usually
+.B /usr/lib/sasl.
+.PP
+The authentication database is defined by the
+.B pwcheck_method
+parameter.
+Only the
+.B PLAIN
+authentication mechanism is used.
+.PP
+Examples:
+.
+.if !'po4a'hide' .B pwcheck_method:sasldb
+use sasldb - the default if no conf file is installed.
+.if !'po4a'hide' .B pwcheck_method:pam
+ - use PAM authentication database
+.if !'po4a'hide' .B pwcheck_method:passwd
+ - use traditional
+.B /etc/passwd
+.if !'po4a'hide' .B pwcheck_method:shadow
+ - use slightly less traditional /etc/shadow
+.PP
+Others methods may be supported by your cyrus-sasl implementation -
+consult your cyrus-sasl documentation for information.
+.PP
+Typically the authentication database (
+.B /etc/sasldb
+,
+.B /etc/shadow
+,
+.B PAM
+)
+can not be accessed by a normal user. You should use setuid/setgid
+and an appropriate user/group on the executable to allow the
+authenticator to access the appropriate password database. If the
+access to the database is not permitted then the authenticator
+will typically fail with "-1, generic error".
+.PP
+.if !'po4a'hide' .RS
+.if !'po4a'hide' .P
+.if !'po4a'hide' .B chown root.mail basic_sasl_auth
+.if !'po4a'hide' .br
+.if !'po4a'hide' .B chmod ug+s basic_sasl_auth
+.if !'po4a'hide' .RE
+.PP
+If the application name
+.B basic_sasl_auth
+will also be used for the PAM service name if
+.B pwcheck_method:pam
+is chosen. And example PAM configuration file
+.B basic_sasl_auth.pam
+is also included.
+.
+.SH AUTHOR
+This program was written by
+.if !'po4a'hide' .I Ian Castle <ian.castle@coldcomfortfarm.net>
+.PP
+This manual was written by
+.if !'po4a'hide' .I Ian Castle <ian.castle@coldcomfortfarm.net>
+.if !'po4a'hide' .I Amos Jeffries <amosjeffries@squid-cache.org>
+.
+.SH COPYRIGHT
+This program and documentation is copyright to the authors named above.
+.PP
+Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).
+.
+.SH QUESTIONS
+Questions on the usage of this program can be sent to the
+.I Squid Users mailing list
+.if !'po4a'hide' <squid-users@squid-cache.org>
+.
+.SH REPORTING BUGS
+Bug reports need to be made in English.
+See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report.
+.PP
+Report bugs or bug fixes using http://bugs.squid-cache.org/
+.PP
+Report serious security bugs to
+.I Squid Bugs <squid-bugs@squid-cache.org>
+.PP
+Report ideas for new improvements to the
+.I Squid Developers mailing list
+.if !'po4a'hide' <squid-dev@squid-cache.org>
+.
+.SH SEE ALSO
+.if !'po4a'hide' .BR squid "(8), "
+.if !'po4a'hide' .BR SASL "(3), "
+.if !'po4a'hide' .BR PAM "(7), "
+.if !'po4a'hide' .BR passwd "(1), "
+.if !'po4a'hide' .BR shadow "(5), "
+.if !'po4a'hide' .BR chown "(1), "
+.if !'po4a'hide' .BR chmod "(1), "
+.if !'po4a'hide' .BR GPL "(7), "
+.br
+The Squid FAQ wiki
+.if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
+.br
+The Squid Configuration Manual
+.if !'po4a'hide' http://www.squid-cache.org/Doc/config/
*
*/
#include "config.h"
+#include "helpers/defines.h"
#include "rfc1738.h"
#include "util.h"
#if HAVE_STRING_H
#include <string.h>
#endif
-#ifdef HAVE_SASL_SASL_H
+#if HAVE_SASL_SASL_H
#include <sasl/sasl.h>
#else
#include <sasl.h>
int
main(int argc, char *argv[])
{
- char line[8192];
+ char line[HELPER_INPUT_BUFFER];
char *username, *password;
#if SASL_VERSION_MAJOR < 2
const char *errstr;
rc = sasl_server_init( NULL, APP_NAME_SASL );
if ( rc != SASL_OK ) {
- fprintf( stderr, "error %d %s\n", rc, sasl_errstring(rc, NULL, NULL ));
- fprintf( stdout, "ERR\n" );
+ fprintf(stderr, "FATAL: %d %s\n", rc, sasl_errstring(rc, NULL, NULL ));
return 1;
}
#endif
if ( rc != SASL_OK ) {
- fprintf( stderr, "error %d %s\n", rc, sasl_errstring(rc, NULL, NULL ));
- fprintf( stdout, "ERR\n" );
+ fprintf(stderr, "FATAL: %d %s\n", rc, sasl_errstring(rc, NULL, NULL ));
return 1;
}
- while ( fgets( line, sizeof( line ), stdin )) {
+ while ( fgets( line, HELPER_INPUT_BUFFER, stdin )) {
username = &line[0];
password = strchr( line, '\n' );
- if ( !password) {
- fprintf( stderr, "authenticator: Unexpected input '%s'\n", line );
- fprintf( stdout, "ERR\n" );
+ if (!password) {
+ debug("ERROR: %s: Unexpected input '%s'\n", argv[0], line);
+ SEND_ERR("Unexpected Empty Input");
continue;
}
*password = '\0';
password = strchr ( line, ' ' );
- if ( !password) {
- fprintf( stderr, "authenticator: Unexpected input '%s'\n", line );
- fprintf( stdout, "ERR\n" );
+ if (!password) {
+ debug("ERROR: %s: Unexpected input '%s' (no password)\n", argv[0], line );
+ SEND_ERR("No Password");
continue;
}
*password++ = '\0';
if ( rc != SASL_OK ) {
#if SASL_VERSION_MAJOR < 2
if ( errstr ) {
- fprintf( stderr, "errstr %s\n", errstr );
+ debug("errstr %s\n", errstr);
}
if ( rc != SASL_BADAUTH ) {
- fprintf( stderr, "error %d %s\n", rc, sasl_errstring(rc, NULL, NULL ));
- }
+ debug("ERROR: %d %s\n", rc, sasl_errstring(rc, NULL, NULL));
+ SEND_ERR(sasl_errstring(rc, NULL, NULL));
+ } else
#endif
- fprintf( stdout, "ERR\n" );
+ SEND_ERR("");
} else {
- fprintf( stdout, "OK\n" );
+ SEND_OK("");
}
-
}
- sasl_dispose( &conn );
+ sasl_dispose(&conn);
sasl_done();
-
return 0;
}
if [ -f /usr/lib/libsasl.la -o -f /usr/lib/libsasl2.la ]; then
exit 0
fi
+ if [ -f /usr/lib/libsasl.so -o -f /usr/lib/libsasl2.so ]; then
+ exit 0
+ fi
fi
exit 1
basic_smb_auth_CXXFLAGS = -DSAMBAPREFIX=\"$(SAMBAPREFIX)\" -DHELPERSCRIPT=\"$(SMB_AUTH_HELPER_PATH)\"
basic_smb_auth_LDADD = $(COMPAT_LIB) $(XTRA_LIBS)
-EXTRA_DIST = basic_smb_auth.sh COPYING-2.0
+EXTRA_DIST = basic_smb_auth.sh COPYING-2.0 config.test
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
*/
+#define SQUID_NO_ALLOC_PROTECT 1
#include "config.h"
#include "rfc1738.h"
#include "util.h"
#if HAVE_STDIO_H
#include <stdio.h>
#endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
#if HAVE_STRING_H
#include <string.h>
#endif
}
if (strcmp(argv[i], "-S") == 0) {
if (lastdom != NULL) {
- if ((lastdom->authshare = strdup(argv[++i])) == NULL)
+ if ((lastdom->authshare = xstrdup(argv[++i])) == NULL)
return 1;
/* convert backslashes to forward slashes */
#!/bin/sh
-if [ -x ${SAMBAPREFIX:-/usr/local/samba}/bin/smbclient ]; then
- exit 0
-fi
+for prefix in ${SAMBAPREFIX} /usr/local /opt /opt/samba /usr/local/samba /usr
+do
+ if [ -x ${prefix}/bin/smbclient ]; then
+ exit 0
+ fi
+done
exit 1
basic_sspi_auth_SOURCES = basic_sspi_auth.cc valid.cc valid.h
basic_sspi_auth_LDADD = \
+ -L$(top_builddir)/lib -lsspwin32 \
$(COMPAT_LIB) \
- -lnetapi32 -ladvapi32 -lsspwin32 \
+ -lnetapi32 -ladvapi32
$(XTRA_LIBS)
-EXTRA_DIST = readme.txt
+man_MANS = basic_db_auth.8
+EXTRA_DIST = basic_sspi_auth.8 config.test
--- /dev/null
+.if !'po4a'hide' .TH basic_sspi_auth 8
+.
+.SH NAME
+.if !'po4a'hide' .B basic_sspi_auth
+.if !'po4a'hide' \-
+Basic authentication protocol
+.PP
+Version 2.0
+.
+.SH SYNOPSIS
+.if !'po4a'hide' .B basic_sspi_auth
+.if !'po4a'hide' .B "[\-d] [\-A "
+Group Name
+.if !'po4a'hide' .B "] [\-D "
+Group Name
+.if !'po4a'hide' .B "] [\-O "
+Default Domain
+.if !'po4a'hide' .B "]"
+.
+.SH DESCRIPTION
+.B basic_sspi_auth
+is a simple authentication module for the Squid proxy server running on Windows NT
+to authenticate users on an NT domain in native WIN32 mode.
+.
+.PP
+Usage is simple. It accepts a username and password on standard input
+and will return OK if the username/password is valid for the domain/machine,
+or ERR if there was some problem.
+It's possible to authenticate against NT trusted domains specifyng the username
+in the domain\\username Microsoft notation.
+.
+.SH OPTIONS
+.if !'po4a'hide' .B basic_sspi_auth
+.if !'po4a'hide' .B \-d
+Write debug info to stderr.
+.if !'po4a'hide' .B \-A
+A Windows Local Group name allowed to authenticate.
+.if !'po4a'hide' .B \-D
+A Windows Local Group name not allowed to authenticate.
+.if !'po4a'hide' .B \-O
+The default Domain against to authenticate.
+.
+.SH CONFGURATION
+.PP Allowing Users.
+Users that are allowed to access the web proxy must have the Windows NT
+User Rights "logon from the network" and must be included in the NT LOCAL User Groups
+specified in the Authenticator's command line.
+.PP
+This can be accomplished creating a local user group on the NT machine, grant the privilege,
+and adding users to it.
+.
+.PP
+You will need to set the following line in
+.B squid.conf
+to enable the authenticator:
+.if !'po4a'hide' .RS
+.if !'po4a'hide' auth_param basic program c:/squid/libexec/basic_sspi_auth.exe [options]
+.if !'po4a'hide' .RE
+.
+.PP
+You will need to set the following lines in
+.B squid.conf
+to enable authentication for your access list -
+.if !'po4a'hide' .RS
+.if !'po4a'hide' acl aclName proxy_auth REQUIRED
+.if !'po4a'hide' http_access allow aclName
+.if !'po4a'hide' .RE
+.
+.PP
+You will need to specify the absolute path to
+.B basic_sspi_auth
+in the
+.B "auth_param basic program"
+directive.
+.
+.SH TESTING
+.PP
+I strongly urge that
+.B basic_sspi_auth
+is tested prior to being used in a
+production environment. It may behave differently on different platforms.
+To test it, run it from the command line. Enter username and password
+pairs separated by a space. Press ENTER to get an OK or ERR message.
+Make sure pressing
+.B CTRL-D
+ behaves the same as a carriage return.
+Make sure pressing
+.B CTRL-C
+ aborts the program.
+.PP
+Test that entering no details does not result in an OK or ERR message.
+.
+Test that entering an invalid username and password results in an ERR message.
+.
+Note that if NT guest user access is allowed on the PDC, an OK message
+may be returned instead of ERR.
+.
+Test that entering an valid username and password results in an OK message.
+.
+Test that entering a guest username and password returns the correct
+response for the site's access policy.
+.
+.SH AUTHOR
+This program was written by
+.if !'po4a'hide' .I Guido Serassio <guido.serassio@acmeconsulting.it>
+.PP
+Based on prior work by
+.if !'po4a'hide' .I Antonino Iannella (2000)
+.if !'po4a'hide' .I Andrew Tridgell (1997)
+.if !'po4a'hide' .I Richard Sharpe (1996)
+.if !'po4a'hide' .I Bill Welliver (1999)
+.PP
+This manual was written by
+.if !'po4a'hide' .I Guido Serassio <guido.serassio@acmeconsulting.it>
+.if !'po4a'hide' .I Amos Jeffries <amosjeffries@squid-cache.org>
+.
+.SH COPYRIGHT
+This program and documentation is copyright to the authors named above.
+.PP
+Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).
+.
+.SH QUESTIONS
+Questions on the usage of this program can be sent to the
+.I Squid Users mailing list
+.if !'po4a'hide' <squid-users@squid-cache.org>
+.
+.SH REPORTING BUGS
+Bug reports need to be made in English.
+See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report.
+.PP
+Report bugs or bug fixes using http://bugs.squid-cache.org/
+.PP
+Report serious security bugs to
+.I Squid Bugs <squid-bugs@squid-cache.org>
+.PP
+Report ideas for new improvements to the
+.I Squid Developers mailing list
+.if !'po4a'hide' <squid-dev@squid-cache.org>
+.
+.SH SEE ALSO
+.if !'po4a'hide' .BR squid "(8), "
+.if !'po4a'hide' .BR GPL "(7), "
+.br
+The Squid FAQ wiki
+.if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
+.br
+The Squid Configuration Manual
+.if !'po4a'hide' http://www.squid-cache.org/Doc/config/
*/
#include "config.h"
+#include "helpers/defines.h"
#include "util.h"
#if HAVE_STDIO_H
void
usage()
{
- fprintf(stderr,
- "%s usage:\n%s [-A|D UserGroup][-O DefaultDomain][-d]\n"
+ fprintf(stderr, "Usage:\n%s [-A|D UserGroup][-O DefaultDomain][-d]\n"
"-A can specify a Windows Local Group name allowed to authenticate\n"
"-D can specify a Windows Local Group name not allowed to authenticate\n"
"-O can specify the default Domain against to authenticate\n"
"-d enable debugging.\n"
"-h this message\n\n",
- my_program_name, my_program_name);
+ my_program_name);
}
void
process_options(int argc, char *argv[])
{
- int opt, had_error = 0;
+ int opt;
while (-1 != (opt = getopt(argc, argv, "dhA:D:O:"))) {
switch (opt) {
case 'A':
opt = optopt;
/* fall thru to default */
default:
- fprintf(stderr, "Unknown option: -%c. Exiting\n", opt);
- had_error = 1;
+ fprintf(stderr, "FATAL: Unknown option: -%c\n", opt);
+ usage();
+ exit(1);
}
}
- if (had_error) {
- usage();
- exit(1);
- }
}
/* Main program for simple authentication.
Scans and checks for Squid input, and attempts to validate the user.
*/
-
int
main(int argc, char **argv)
-
{
- char wstr[256];
+ char wstr[HELPER_INPUT_BUFFER];
char username[256];
char password[256];
char *p;
my_program_name = argv[0];
process_options(argc, argv);
- debug("%s build " __DATE__ ", " __TIME__ " starting up...\n", my_program_name);
-
if (LoadSecurityDll(SSP_BASIC, NTLM_PACKAGE_NAME) == NULL) {
- fprintf(stderr, "FATAL, can't initialize SSPI, exiting.\n");
+ fprintf(stderr, "FATAL: can't initialize SSPI, exiting.\n");
exit(1);
}
debug("SSPI initialized OK\n");
setbuf(stdout, NULL);
setbuf(stderr, NULL);
- while (1) {
- /* Read whole line from standard input. Terminate on break. */
- if (fgets(wstr, 255, stdin) == NULL)
- break;
+ while (fgets(wstr, HELPER_INPUT_BUFFER, stdin) != NULL) {
if (NULL == strchr(wstr, '\n')) {
err = 1;
continue;
}
if (err) {
- fprintf(stderr, "Oversized message\n");
- puts("ERR");
- goto error;
+ SEND_ERR("Oversized message");
+ err = 0;
+ fflush(stdout);
+ continue;
}
if ((p = strchr(wstr, '\n')) != NULL)
/* Check for invalid or blank entries */
if ((username[0] == '\0') || (password[0] == '\0')) {
- fprintf(stderr, "Invalid Request\n");
- puts("ERR");
+ SEND_ERR("Invalid Request");
fflush(stdout);
continue;
}
debug("Trying to validate; %s %s\n", username, password);
if (Valid_User(username, password, NTGroup) == NTV_NO_ERROR)
- puts("OK");
+ SEND_OK("");
else
- printf("ERR %s\n", errormsg);
-error:
+ SEND_ERR(errormsg);
err = 0;
fflush(stdout);
}
+++ /dev/null
-This is a simple authentication module for the Squid proxy server running on Windows NT
-to authenticate users on an NT domain in native WIN32 mode.
-
-Usage is simple. It accepts a username and password on standard input
-and will return OK if the username/password is valid for the domain/machine,
-or ERR if there was some problem.
-It's possible to authenticate against NT trusted domains specifyng the username
-in the domain\\username Microsoft notation.
-
-
-==============
-Program Syntax
-==============
-
-mswin_auth [-A UserGroup][-D UserGroup][-O DefaultDomain][-d]
-
--A can specify a Windows Local Group name allowed to authenticate.
--D can specify a Windows Local Group name not allowed to authenticate.
--O can specify the default Domain against to authenticate.
--d enable debugging.
-
-This is released under the GNU General Public License.
-
-
-==============
-Allowing Users
-==============
-
-Users that are allowed to access the web proxy must have the Windows NT
-User Rights "logon from the network" and must be included in the NT LOCAL User Groups
-specified in the Authenticator's command line.
-This can be accomplished creating a local user group on the NT machine, grant the privilege,
-and adding users to it.
-
-Refer to Squid documentation for the required changes to squid.conf.
-
-
-============
-Installation
-============
-
-Type 'make', then 'make install', then 'make clean'.
-
-On Cygwin the default is to install 'mswin_auth' into /usr/local/squid/libexec,
-with other Windows environments into c:/squid/libexec.
-
-Refer to Squid documentation for the required changes to squid.conf.
-You will need to set the following line to enable the authenticator:
-
-auth_param basic program /usr/local/squid/libexec/mswin_auth [options]
-
-or
-
-auth_param basic program c:/squid/libexec/mswin_auth [options]
-
-You will need to set the following lines to enable authentication for
-your access list -
-
- acl <yourACL> proxy_auth REQUIRED
- http_access allow <yourACL>
-
-You will need to specify the absolute path to mswin_auth in the
-'auth_param basic program' directive, and check the 'auth_param basic children'
-and 'auth_param basic credentialsttl'.
-
-
-==================
-Compilation issues
-==================
-
-The Makefile assumes that GCC is in the current PATH.
-mswin_auth compile ONLY on Cygwin Environment, MinGW + MSYS Environment
-or MS VC++.
-
-
-=======
-Testing
-=======
-
-I strongly urge that mswin_auth is tested prior to being used in a
-production environment. It may behave differently on different platforms.
-To test it, run it from the command line. Enter username and password
-pairs separated by a space. Press ENTER to get an OK or ERR message.
-Make sure pressing <CTRL><D> behaves the same as a carriage return.
-Make sure pressing <CTRL><C> aborts the program.
-
-Test that entering no details does not result in an OK or ERR message.
-Test that entering an invalid username and password results in an ERR message.
-Note that if NT guest user access is allowed on the PDC, an OK message
-may be returned instead of ERR.
-Test that entering an valid username and password results in an OK message.
-Test that entering a guest username and password returns the correct
-response for the site's access policy.
-
-
-===============
-Contact details
-===============
-
-To contact the maintainer of this package, e-mail on squidnt@acmeconsulting.it.
-
$(CRYPTLIB)
man_MANS = basic_getpwnam_auth.8
+
+EXTRA_DIST = basic_getpwnam_auth.8 config.test
.TP
Can handle NIS(+) requests
.TP
-Can handle LDAP request
+Can handle LDAP requests
.TP
-Can handle PAM request
+Can handle PAM requests
.
.SH CONFIGURATION
.if !'po4a'hide' .RS
.if !'po4a'hide' .I Jon Thackray <jrmt@uk.gdscorp.com>.
.PP
This manual was written by
-.if !'po4a'hide' .I Amos Jeffries <squid3@treenet.co.nz>
+.if !'po4a'hide' .I Amos Jeffries <amosjeffries@squid-cache.org>
.
.SH COPYRIGHT
This program and documentation is copyright to the authors named above.
.PP
-Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPL2+).
+Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).
.
.SH QUESTIONS
Questions on the usage of this program can be sent to the
.if !'po4a'hide' <squid-users@squid-cache.org>
.
.SH REPORTING BUGS
+Bug reports need to be made in English.
+See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report.
+.PP
Report bugs or bug fixes using http://bugs.squid-cache.org/
.PP
Report serious security bugs to
.if !'po4a'hide' .BR chmod "(1), "
.if !'po4a'hide' .BR nsswitch.conf "(5), "
.if !'po4a'hide' .BR getpwnam "(3), "
-.if !'po4a'hide' .BR getspnam "(3) "
+.if !'po4a'hide' .BR getspnam "(3), "
+.if !'po4a'hide' .BR GPL "(7), "
+.br
+The Squid FAQ wiki
+.if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
+.br
+The Squid Configuration Manual
+.if !'po4a'hide' http://www.squid-cache.org/Doc/config/
+
*/
#include "config.h"
+#include "helpers/defines.h"
#include "rfc1738.h"
+#include "util.h"
#if HAVE_STDIO_H
#include <stdio.h>
#include <shadow.h>
#endif
-#include "util.h"
-
-#define ERR "ERR\n"
-#define OK "OK\n"
-
static int
passwd_auth(char *user, char *passwd)
{
main(int argc, char **argv)
{
int auth = 0;
- char buf[256];
+ char buf[HELPER_INPUT_BUFFER];
char *user, *passwd, *p;
setbuf(stdout, NULL);
- while (fgets(buf, 256, stdin) != NULL) {
+ while (fgets(buf, HELPER_INPUT_BUFFER, stdin) != NULL) {
if ((p = strchr(buf, '\n')) != NULL)
*p = '\0'; /* strip \n */
if ((user = strtok(buf, " ")) == NULL) {
- printf(ERR);
+ SEND_ERR("No Username");
continue;
}
if ((passwd = strtok(NULL, "")) == NULL) {
- printf(ERR);
+ SEND_ERR("No Password");
continue;
}
rfc1738_unescape(user);
auth = passwd_auth(user, passwd);
#endif
if (auth == 0) {
- printf("ERR No such user\n");
+ SEND_ERR("No such user");
} else {
if (auth == 2) {
- printf("ERR Wrong password\n");
+ SEND_ERR("Wrong password");
} else {
- printf(OK);
+ SEND_OK("");
}
}
}
- exit(0);
+ return 0;
}
--- /dev/null
+#ifndef __SQUID_HELPERS_DEFINES_H
+#define __SQUID_HELPERS_DEFINES_H
+
+/*
+ * This file contains several macro definitions which are
+ * useful and shared between helpers.
+ */
+
+#define HELPER_INPUT_BUFFER 8196
+
+#define safe_free(x) if (x) { free(x); x = NULL; }
+
+/* send OK result to Squid with a string parameter. */
+#define SEND_OK(x) fprintf(stdout, "OK %s\n",x)
+
+/* send ERR result to Squid with a string parameter. */
+#define SEND_ERR(x) fprintf(stdout, "ERR %s\n",x)
+
+#endif /* __SQUID_HELPERS_DEFINES_H */
-# Makefile for digest auth helpers in the Squid Object Cache server
-#
-# $Id$
-#
+## Alphabetical list of sub-directories to distribute with Squid:
+DIST_SUBDIRS= \
+ eDirectory \
+ file \
+ ldap
-DIST_SUBDIRS = password ldap eDirectory
-SUBDIRS = $(DIGEST_AUTH_HELPERS)
+SUBDIRS= $(DIGEST_AUTH_HELPERS)
$(CRYPTLIB) \
$(XTRA_LIBS) \
$(SSLLIB)
+
+EXTRA_DIST = config.test
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*
*/
+#define SQUID_NO_ALLOC_PROTECT 1
+#include "config.h"
#include "digest_common.h"
* ldap_backend.c
* AUTHOR: Flavio Pescuma, MARA Systems AB <flavio@marasystems.com>
*/
+#define SQUID_NO_ALLOC_PROTECT 1
+#include "config.h"
#define LDAP_DEPRECATED 1
static int searchscope = LDAP_SCOPE_SUBTREE;
static int persistent = 0;
static int noreferrals = 0;
-static int debug = 0;
+static int show_debug_messages = 0;
static int port = LDAP_PORT;
static int strip_nt_domain = 0;
static int edir_universal_passwd = 0;
snprintf(filter, sizeof(filter), usersearchfilter, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login);
retrysrch:
- if (debug)
+ if (show_debug_messages)
fprintf(stderr, "user filter '%s', searchbase '%s'\n", filter, searchbase);
rc = ldap_search_s(ld, searchbase, searchscope, filter, NULL, 0, &res);
}
}
} else if (userdnattr) {
- sprintf(searchbase, "%s=%s, %s", userdnattr, login, userbasedn);
+ snprintf(searchbase, 8192, "%s=%s, %s", userdnattr, login, userbasedn);
retrydnattr:
- if (debug)
+ if (show_debug_messages)
fprintf(stderr, "searchbase '%s'\n", searchbase);
rc = ldap_search_s(ld, searchbase, searchscope, NULL, NULL, 0, &res);
}
if (rc == LDAP_SUCCESS) {
entry = ldap_first_entry(ld, res);
if (entry) {
- if (debug)
+ if (show_debug_messages)
printf("ldap dn: %s\n", ldap_get_dn(ld, entry));
if (edir_universal_passwd) {
/* actually talk to NMAS to get a password */
nmas_res = nds_get_password(ld, ldap_get_dn(ld, entry), &universal_password_len, universal_password);
if (nmas_res == LDAP_SUCCESS && universal_password) {
- if (debug)
+ if (show_debug_messages)
printf("NMAS returned value %s\n", universal_password);
values[0] = universal_password;
} else {
- if (debug)
+ if (show_debug_messages)
printf("Error reading Universal Password: %d = %s\n", nmas_res, ldap_err2string(nmas_res));
}
} else {
return NULL;
}
if (!values) {
- if (debug)
+ if (show_debug_messages)
printf("No attribute value found\n");
if (edir_universal_passwd)
free(universal_password);
}
value++;
}
- if (debug)
+ if (show_debug_messages)
printf("password: %s\n", password);
if (password)
- password = strdup(password);
+ password = xstrdup(password);
if (edir_universal_passwd) {
free(values);
free(universal_password);
ld = NULL;
}
}
- if (debug)
+ if (show_debug_messages)
fprintf(stderr, "Connected OK\n");
}
}
free(ldapServer);
ldapServer = newhost;
} else {
- ldapServer = strdup(value);
+ ldapServer = xstrdup(value);
}
break;
case 'A':
break;
#endif
case 'd':
- debug = 1;
+ show_debug_messages = 1;
break;
case 'E':
strip_nt_domain = 1;
free(ldapServer);
ldapServer = newhost;
} else {
- ldapServer = strdup(value);
+ ldapServer = xstrdup(value);
}
argc--;
argv++;
if ((e = strrchr(buf, '\r')))
*e = 0;
- bindpasswd = strdup(buf);
+ bindpasswd = xstrdup(buf);
if (!bindpasswd) {
fprintf(stderr, PROGRAM_NAME " ERROR: can not allocate memory\n");
}
--- /dev/null
+include $(top_srcdir)/src/Common.am
+
+## we need our local files too (but avoid -I. at all costs)
+INCLUDES += -I$(srcdir)
+
+man_MANS = digest_file_auth.8
+libexec_PROGRAMS = digest_file_auth
+digest_file_auth_SOURCES = digest_file_auth.cc \
+ digest_common.h \
+ text_backend.cc \
+ text_backend.h
+
+LDADD = \
+ $(COMPAT_LIB) \
+ $(CRYPTLIB) \
+ $(SSLLIB) \
+ $(XTRA_LIBS)
+
+EXTRA_DIST = digest_file_auth.8 config.test
#define _SQUID_DIGEST_COMMON_H_
#include "config.h"
+#include "hash.h"
+#include "rfc2617.h"
+#include "util.h"
+
#if HAVE_STDIO_H
#include <stdio.h>
#endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
#if HAVE_STRING_H
#include <string.h>
#endif
-#if HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
#if HAVE_SYS_STAT_H
#include <sys/stat.h>
#endif
#include <crypt.h>
#endif
-#include "util.h"
-#include "hash.h"
-#include "rfc2617.h"
-
typedef struct _request_data {
char *user;
char *realm;
--- /dev/null
+.if !'po4a'hide' .TH digest_file_auth 8
+.
+.SH NAME
+.if !'po4a'hide' .B digest_file_auth
+.if !'po4a'hide' \-
+File based digest authentication helper for Squid.
+.PP
+Version 1.0
+.
+.SH SYNOPSIS
+.if !'po4a'hide' .B digest_file_auth
+.if !'po4a'hide' .B [\-c]
+file
+.
+.SH DESCRIPTION
+.B digest_file_auth
+is an installed binary authentication program for Squid. It handles digest
+authentication protocol and authenticates against a text file backend.
+.
+.SH OPTIONS
+.if !'po4a'hide' .TP 12
+.if !'po4a'hide' .B \-c
+Accept digest hashed passwords rather than plaintext in the password file
+.
+.SH CONFIGURATION
+.PP
+Username database file format:
+.TP 6
+- comment lines are possible and should start with a '#';
+.
+.TP
+- empty or blank lines are possible;
+.
+.TP
+- plaintext entry format is username:password
+.
+.TP
+- HA1 entry format is username:realm:HA1
+.
+.PP
+To build a directory integrated backend, you need to be able to
+calculate the HA1 returned to squid. To avoid storing a plaintext
+password you can calculate
+.B MD5(username:realm:password)
+when the user changes their password, and store the tuple
+.B username:realm:HA1.
+then find the matching
+.B username:realm
+when squid asks for the HA1.
+.PP
+This implementation could be improved by using such a triple for
+the file format. However storing such a triple does little to
+improve security: If compromised the
+.B username:realm:HA1
+combination is "plaintext equivalent" - for the purposes of digest authentication
+they allow the user access. Password syncronisation is not tackled
+by digest - just preventing on the wire compromise.
+.
+.SH AUTHOR
+This program was written by
+.if !'po4a'hide' .I Robert Collins <robertc@squid-cache.org>
+.PP
+Based on prior work by
+.if !'po4a'hide' .I Arjan de Vet <Arjan.deVet@adv.iae.nl>
+.if !'po4a.hide' .I Jon Thackray <jrmt@uk.gdscorp.com>
+.PP
+This manual was written by
+.if !'po4a'hide' .I Robert Collins <robertc@squid-cache.org>
+.if !'po4a'hide' .I Amos Jeffries <amosjeffries@squid-cache.org>
+.
+.SH COPYRIGHT
+This program and documentation is copyright to the authors named above.
+.PP
+Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).
+.
+.SH QUESTIONS
+Questions on the usage of this program can be sent to the
+.I Squid Users mailing list
+.if !'po4a'hide' <squid-users@squid-cache.org>
+.
+.SH REPORTING BUGS
+Bug reports need to be made in English.
+See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report.
+.PP
+Report bugs or bug fixes using http://bugs.squid-cache.org/
+.PP
+Report serious security bugs to
+.I Squid Bugs <squid-bugs@squid-cache.org>
+.PP
+Report ideas for new improvements to the
+.I Squid Developers mailing list
+.if !'po4a'hide' <squid-dev@squid-cache.org>
+.
+.SH SEE ALSO
+.if !'po4a'hide' .BR squid "(8), "
+.if !'po4a'hide' .BR GPL "(7), "
+.br
+The Squid FAQ wiki
+.if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
+.br
+The Squid Configuration Manual
+.if !'po4a'hide' http://www.squid-cache.org/Doc/config/
/*
- * digest_pw_auth.c
+ * digest_file_auth.cc
*
* AUTHOR: Robert Collins. Based on ncsa_auth.c by Arjan de Vet
* <Arjan.deVet@adv.iae.nl>
* Copyright (c) 2003 Robert Collins <robertc@squid-cache.org>
*/
+#include "config.h"
#include "digest_common.h"
#include "text_backend.h"
-#define PROGRAM_NAME "digest_pw_auth"
+
+#define PROGRAM_NAME "digest_file_auth"
static void
GetHHA1(RequestData * requestData)
ProcessArguments(argc, argv);
while (fgets(buf, 256, stdin) != NULL)
DoOneRequest(buf);
- exit(0);
+ return 0;
}
*
* Copyright (c) 2003 Robert Collins <robertc@squid-cache.org>
*/
+#define SQUID_NO_ALLOC_PROTECT 1
+#include "config.h"
#include "text_backend.h"
static void
my_free(void *p)
{
- user_data *u = p;
+ user_data *u = static_cast<user_data*>(p);
xfree(u->hash.key);
xfree(u->passwd);
xfree(u);
/* initial setup */
hash = hash_create((HASHCMP *) strcmp, 7921, hash_string);
if (NULL == hash) {
- fprintf(stderr, "digest_pw_auth: cannot create hash table\n");
+ fprintf(stderr, "digest_file_auth: cannot create hash table\n");
exit(1);
}
f = fopen(passwordFile, "r");
/* We cannot accept plaintext passwords when using HA1 encoding,
* as the passwords may be output to cache.log if debugging is on.
*/
- fprintf(stderr, "digest_pw_auth: ignoring invalid password for %s\n", user);
+ fprintf(stderr, "digest_file_auth: ignoring invalid password for %s\n", user);
continue;
}
- u = xcalloc(1, sizeof(*u));
+ u = static_cast<user_data*>(xcalloc(1, sizeof(*u)));
if (realm) {
int len = strlen(user) + strlen(realm) + 2;
u->hash.key = malloc(len);
- snprintf(u->hash.key, len, "%s:%s", user, realm);
+ snprintf(static_cast<char*>(u->hash.key), len, "%s:%s", user, realm);
} else {
u->hash.key = xstrdup(user);
}
passwdfile = argv[2];
}
if (!passwdfile) {
- fprintf(stderr, "Usage: digest_
pw_auth [OPTIONS] <passwordfile>\n");
+ fprintf(stderr, "Usage: digest_
file_auth [OPTIONS] <passwordfile>\n");
fprintf(stderr, " -c accept digest hashed passwords rather than plaintext in passwordfile\n");
exit(1);
}
if (!hash)
return NULL;
len = snprintf(buf, sizeof(buf), "%s:%s", requestData->user, requestData->realm);
- if (len >= sizeof(buf))
+ if (len >= static_cast<int>(sizeof(buf)))
return NULL;
- u = (user_data *) hash_lookup(hash, buf);
+ u = (user_data*)hash_lookup(hash, buf);
if (u)
return u;
- u = (user_data *) hash_lookup(hash, requestData->user);
+ u = (user_data*)hash_lookup(hash, requestData->user);
return u;
}
$(CRYPTLIB) \
$(XTRA_LIBS) \
$(SSLLIB)
+
+EXTRA_DIST = config.test
* ldap_backend.c
* AUTHOR: Flavio Pescuma, MARA Systems AB <flavio@marasystems.com>
*/
+#define SQUID_NO_ALLOC_PROTECT 1
+#include "config.h"
+#include "util.h"
#define LDAP_DEPRECATED 1
static int searchscope = LDAP_SCOPE_SUBTREE;
static int persistent = 0;
static int noreferrals = 0;
-static int debug = 0;
+static int show_debug_messages = 0;
static int port = LDAP_PORT;
static int strip_nt_domain = 0;
static int aliasderef = LDAP_DEREF_NEVER;
snprintf(filter, sizeof(filter), usersearchfilter, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login);
retrysrch:
- if (debug)
+ if (show_debug_messages)
fprintf(stderr, "user filter '%s', searchbase '%s'\n", filter, searchbase);
rc = ldap_search_s(ld, searchbase, searchscope, filter, NULL, 0, &res);
}
}
} else if (userdnattr) {
- sprintf(searchbase, "%s=%s, %s", userdnattr, login, userbasedn);
+ snprintf(searchbase, 8192, "%s=%s, %s", userdnattr, login, userbasedn);
retrydnattr:
- if (debug)
+ if (show_debug_messages)
fprintf(stderr, "searchbase '%s'\n", searchbase);
rc = ldap_search_s(ld, searchbase, searchscope, NULL, NULL, 0, &res);
}
return NULL;
}
if (!values) {
- if (debug)
+ if (show_debug_messages)
printf("No attribute value found\n");
ldap_msgfree(res);
return NULL;
}
value++;
}
- if (debug)
+ if (show_debug_messages)
printf("password: %s\n", password);
if (password)
- password = strdup(password);
+ password = xstrdup(password);
ldap_value_free(values);
ldap_msgfree(res);
return password;
ld = NULL;
}
}
- if (debug)
+ if (show_debug_messages)
fprintf(stderr, "Connected OK\n");
}
}
free(ldapServer);
ldapServer = newhost;
} else {
- ldapServer = strdup(value);
+ ldapServer = xstrdup(value);
}
break;
case 'A':
break;
#endif
case 'd':
- debug = 1;
+ show_debug_messages = 1;
break;
case 'E':
strip_nt_domain = 1;
free(ldapServer);
ldapServer = newhost;
} else {
- ldapServer = strdup(value);
+ ldapServer = xstrdup(value);
}
argc--;
argv++;
if ((e = strrchr(buf, '\r')))
*e = 0;
- bindpasswd = strdup(buf);
+ bindpasswd = xstrdup(buf);
if (!bindpasswd) {
fprintf(stderr, PROGRAM_NAME " ERROR: can not allocate memory\n");
}
+++ /dev/null
-#
-# Makefile for the Squid Object Cache server
-#
-# $Id$
-#
-# Uncomment and customize the following to suit your needs:
-#
-
-include $(top_srcdir)/src/Common.am
-
-## we need our local files too (but avoid -I. at all costs)
-INCLUDES += -I$(srcdir)
-
-
-libexec_PROGRAMS = digest_pw_auth
-digest_pw_auth_SOURCES = digest_pw_auth.c \
- digest_common.h \
- text_backend.c \
- text_backend.h
-
-LDADD = \
- $(top_builddir)/compat/libcompat.la \
- -L$(top_builddir)/lib -lmiscutil \
- $(CRYPTLIB) \
- $(XTRA_LIBS) \
- $(SSLLIB)
-#
-# Makefile for the ip_user external_acl helper by Rodrigo Campos
-#
-# $Id$
-#
-# Uncomment and customize the following to suit your needs:
-#
-
include $(top_srcdir)/src/Common.am
## we need our local files too (but avoid -I. at all costs)
example.conf \
example-deny_all_but.conf \
license \
- README
+ README \
+ config.test
LDADD = \
$(top_builddir)/compat/libcompat.la \
-#
-# Makefile for the Squid LDAP authentication helper
-#
-# $Id$
-#
-# Uncomment and customize the following to suit your needs:
-#
-
include $(top_srcdir)/src/Common.am
## we need our local files too (but avoid -I. at all costs)
libexec_PROGRAMS = squid_ldap_group
man_MANS = squid_ldap_group.8
-EXTRA_DIST = squid_ldap_group.8
+EXTRA_DIST = squid_ldap_group.8 config.test
squid_ldap_group_SOURCES = squid_ldap_group.c
LDADD = \
.
.if !'po4a'hide' .TP
.if !'po4a'hide' .BI \-v " 2|3"
-LDAP protocol version. Defaults to 2 if not specified.
+LDAP protocol version. Defaults to 3 if not specified.
.
.if !'po4a'hide' .TP
.if !'po4a'hide' .BI \-Z
.SH COPYRIGHT
This program and documentation is copyright to the authors named above.
.PP
-Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPL2+).
+Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).
.
.SH QUESTIONS
Questions on the usage of this program can be sent to the
LDAP than Squid.
.
.SH REPORTING BUGS
+Bug reports need to be made in English.
+See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report.
+.PP
Report bugs or bug fixes using http://bugs.squid-cache.org/
.PP
Report serious security bugs to
.
.SH SEE ALSO
.if !'po4a'hide' .BR squid "(8), "
-.if !'po4a'hide' .BR squid_ldap_auth "(8), "
+.if !'po4a'hide' .BR basic_ldap_auth "(8), "
.if !'po4a'hide' .BR ldapsearch "(1), "
+.if !'po4a'hide' .BR GPL "(7), "
.br
Your favorite LDAP documentation
.br
.BR RFC2254 " - The String Representation of LDAP Search Filters,"
+.br
+The Squid FAQ wiki
+.if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
+.br
+The Squid Configuration Manual
+.if !'po4a'hide' http://www.squid-cache.org/Doc/config/
* as published by the Free Software Foundation; either version 2,
* or (at your option) any later version.
*/
+#define SQUID_NO_ALLOC_PROTECT 1
+#include "config.h"
#define LDAP_DEPRECATED 1
#include <stdio.h>
#include <string.h>
-#include <stdlib.h>
#include <ctype.h>
#ifdef _SQUID_MSWIN_ /* Native Windows port and MinGW */
static int searchscope = LDAP_SCOPE_SUBTREE;
static int persistent = 0;
static int noreferrals = 0;
-static int debug = 0;
+static int show_debug_messages = 0;
static int aliasderef = LDAP_DEREF_NEVER;
#if defined(NETSCAPE_SSL)
static char *sslpath = NULL;
free(ldapServer);
ldapServer = newhost;
} else {
- ldapServer = strdup(value);
+ ldapServer = xstrdup(value);
}
break;
case 'b':
break;
#endif
case 'd':
- debug = 1;
+ show_debug_messages = 1;
break;
case 'g':
use_extension_dn = 1;
free(ldapServer);
ldapServer = newhost;
} else {
- ldapServer = strdup(value);
+ ldapServer = xstrdup(value);
}
argc--;
argv++;
#ifdef LDAP_VERSION3
if (version == -1) {
- version = LDAP_VERSION2;
+ version = LDAP_VERSION3;
}
if (ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version) != LDAP_SUCCESS) {
fprintf(stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n",
break;
}
}
- if (debug)
+ if (show_debug_messages)
fprintf(stderr, "Connected OK\n");
}
if (searchLDAP(ld, group, user, extension_dn) == 0) {
fprintf(stderr, PROGRAM_NAME " ERROR, Failed to construct LDAP search filter. filter=\"%s\", user=\"%s\", group=\"%s\"\n", filter, member, group);
return 1;
}
- if (debug)
+ if (show_debug_messages)
fprintf(stderr, "group filter '%s', searchbase '%s'\n", filter, searchbase);
rc = ldap_search_s(ld, searchbase, searchscope, filter, searchattr, 1, &res);
snprintf(searchbase, sizeof(searchbase), "%s", userbasedn ? userbasedn : basedn);
ldap_escape_value(escaped_login, sizeof(escaped_login), login);
snprintf(filter, sizeof(filter), usersearchfilter, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login);
- if (debug)
+ if (show_debug_messages)
fprintf(stderr, "user filter '%s', searchbase '%s'\n", filter, searchbase);
rc = ldap_search_s(ld, searchbase, searchscope, filter, searchattr, 1, &res);
if (rc != LDAP_SUCCESS) {
} else if (userdnattr) {
char dn[8192];
if (extension_dn && *extension_dn)
- sprintf(dn, "%s=%s, %s, %s", userdnattr, login, extension_dn, userbasedn ? userbasedn : basedn);
+ snprintf(dn, 8192, "%s=%s, %s, %s", userdnattr, login, extension_dn, userbasedn ? userbasedn : basedn);
else
- sprintf(dn, "%s=%s, %s", userdnattr, login, userbasedn ? userbasedn : basedn);
+ snprintf(dn, 8192, "%s=%s, %s", userdnattr, login, userbasedn ? userbasedn : basedn);
return searchLDAPGroup(ld, group, dn, extension_dn);
} else {
return searchLDAPGroup(ld, group, login, extension_dn);
if ((e = strrchr(buf, '\r')))
*e = 0;
- bindpasswd = strdup(buf);
+ bindpasswd = xstrdup(buf);
if (!bindpasswd) {
fprintf(stderr, PROGRAM_NAME " ERROR: can not allocate memory\n");
}
-#
-# Makefile for the Squid Object Cache server
-#
-# $Id$
-#
-# Uncomment and customize the following to suit your needs:
-#
-
libexec_PROGRAMS = mswin_check_ad_group
mswin_check_ad_group_SOURCES = mswin_check_ad_group.c mswin_check_ad_group.h
-ladsiid \
$(XTRA_LIBS)
-EXTRA_DIST = readme.txt
+EXTRA_DIST = readme.txt config.test
#if HAVE_CTYPE_H
#include <ctype.h>
#endif
-#ifdef HAVE_STRING_H
+#if HAVE_STRING_H
#include <string.h>
#endif
#if HAVE_GETOPT_H
-lntdll \
$(XTRA_LIBS)
-EXTRA_DIST = readme.txt
+EXTRA_DIST = readme.txt config.test
#if HAVE_CTYPE_H
#include <ctype.h>
#endif
-#ifdef HAVE_STRING_H
+#if HAVE_STRING_H
#include <string.h>
#endif
#if HAVE_GETOPT_H
-#
-# Makefile for the Squid LDAP authentication helper
-#
-# $Id$
-#
-# Uncomment and customize the following to suit your needs:
-#
-
include $(top_srcdir)/src/Common.am
## we need our local files too (but avoid -I. at all costs)
libexec_PROGRAMS = squid_session
man_MANS = squid_session.8
-EXTRA_DIST = squid_session.8
+EXTRA_DIST = squid_session.8 config.test
squid_session_SOURCES = squid_session.c
LDADD = \
if [ -f /usr/include/db_185.h ]; then
exit 0
fi
-if [ -f /usr/include/db.h ]; then
+if [ -f /usr/include/db.h ] && grep dbopen /usr/include/db.h; then
exit 0
fi
exit 1
.SH COPYRIGHT
This program and documentation is copyright to the authors named above.
.PP
-Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPL2+).
+Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).
.
.SH QUESTIONS
Questions on the usage of this program can be sent to the
.if !'po4a'hide' <squid-users@squid-cache.org>
.
.SH REPORTING BUGS
+Bug reports need to be made in English.
+See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report.
+.PP
Report bugs or bug fixes using http://bugs.squid-cache.org/
.PP
Report serious security bugs to
.if !'po4a'hide' <squid-dev@squid-cache.org>
.
.SH SEE ALSO
-.if !'po4a'hide' .BR squid "(8)"
+.if !'po4a'hide' .BR squid "(8), "
+.if !'po4a'hide' .BR GPL "(7), "
+.br
+The Squid FAQ wiki
+.if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
+.br
+The Squid Configuration Manual
+.if !'po4a'hide' http://www.squid-cache.org/Doc/config/
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
*/
-#ifdef HAVE_CONFIG_H
+#if HAVE_CONFIG_H
#include "config.h"
#endif
#ifndef __BIT_TYPES_DEFINED__
#define __BIT_TYPES_DEFINED__
#endif
-#if defined(HAVE_DB_185_H)
+
+#if HAVE_DB_185_H
#include <db_185.h>
-#elif defined(HAVE_DB_H)
+#elif HAVE_DB_H
#include <db.h>
-#else
-#include <db_185.h>
#endif
static int session_ttl = 3600;
-#
-# Makefile for the Squid LDAP authentication helper
-#
-# $Id$
-#
-# Uncomment and customize the following to suit your needs:
-#
-
include $(top_srcdir)/src/Common.am
## we need our local files too (but avoid -I. at all costs)
libexec_PROGRAMS = squid_unix_group
man_MANS = squid_unix_group.8
-EXTRA_DIST = squid_unix_group.8
+EXTRA_DIST = squid_unix_group.8 config.test
squid_unix_group_SOURCES = check_group.c
LDADD = \
.SH COPYRIGHT
This program and documentation is copyright to the authors named above.
.PP
-Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPL2+).
+Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).
.
.SH QUESTIONS
Questions on the usage of this program can be sent to the
.if !'po4a'hide' <squid-users@squid-cache.org>
.
.SH REPORTING BUGS
+Bug reports need to be made in English.
+See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report.
+.PP
Report bugs or bug fixes using http://bugs.squid-cache.org/
.PP
Report serious security bugs to
.SH SEE ALSO
.if !'po4a'hide' .BR squid "(8), "
.if !'po4a'hide' .BR group "(5), "
-.if !'po4a'hide' .BR passwd "(5)"
+.if !'po4a'hide' .BR passwd "(5), "
+.if !'po4a'hide' .BR GPL "(7), "
+.br
+The Squid FAQ wiki
+.if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
+.br
+The Squid Configuration Manual
+.if !'po4a'hide' http://www.squid-cache.org/Doc/config/
+
-#
-# Makefile for the Squid LDAP authentication helper
-#
-# $Id$
-#
-# Uncomment and customize the following to suit your needs:
-#
-
libexec_SCRIPTS = wbinfo_group.pl
#man_MANS = squid_wbinfo_group.8
#EXTRA_DIST = squid_wbinfo_group.8
-EXTRA_DIST = wbinfo_group.pl
+EXTRA_DIST = wbinfo_group.pl config.test
#!/bin/sh
-if [ -x ${SAMBAPREFIX:-/usr/local/samba}/bin/wbinfo -a -x /usr/bin/perl ]; then
- exit 0
-fi
-if [ -x /usr/bin/wbinfo -a -x /usr/bin/perl ]; then
- exit 0
-fi
+
+for sambaprefix in ${SAMBAPREFIX} /usr/local /opt /opt/samba /usr/local/samba /usr
+do
+ for perlprefix in /usr /usr/local /opt /opt/perl
+ do
+ if [ -x $sambaprefix/bin/wbinfo -a -x $perlprefix/bin/perl ]; then
+ exit 0
+ fi
+ done
+done
exit 1
libexec_PROGRAMS = log_file_daemon
log_file_daemon_SOURCES = log_file_daemon.cc
+EXTRA_DIST = config.test
#if HAVE_STDIO_H
#include <stdio.h>
#endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
-DIST_SUBDIRS = mswin_sspi kerberos
+DIST_SUBDIRS = kerberos SSPI
SUBDIRS = $(NEGOTIATE_AUTH_HELPERS)
--- /dev/null
+include $(top_srcdir)/src/Common.am
+
+libexec_PROGRAMS = negotiate_sspi_auth
+
+negotiate_sspi_auth_SOURCES = negotiate_sspi_auth.cc
+
+LDADD = \
+ -L$(top_builddir)/lib -lsspwin32 \
+ $(COMPAT_LIB) \
+ -ladvapi32 \
+ $(XTRA_LIBS)
+
+EXTRA_DIST = readme.txt config.test
-
/*
- * mswin_negotiate_auth: helper for Negotiate Authentication for Squid Cache
+ * negotiate_sspi_auth: helper for Negotiate Authentication for Squid Cache
*
* (C)2005 Guido Serassio - Acme Consulting S.r.l.
*
*
*
*/
-
+#include "config.h"
+#include "helpers/defines.h"
+#include "libntlmauth/support_bits.cci"
+#include "sspwin32.h"
#include "util.h"
+
+#include <windows.h>
+#include <sspi.h>
+#include <security.h>
#if HAVE_GETOPT_H
#include <getopt.h>
#endif
-#include "negotiate.h"
#if HAVE_CTYPE_H
#include <ctype.h>
#endif
-#define BUFFER_SIZE 10240
-
-int debug_enabled = 0;
int Negotiate_packet_debug_enabled = 0;
-
static int have_serverblob;
-/* makes a null-terminated string upper-case. Changes CONTENTS! */
-void
-uc(char *string)
-{
- char *p = string, c;
- while ((c = *p)) {
- *p = xtoupper(c);
- p++;
- }
-}
-
-/* makes a null-terminated string lower-case. Changes CONTENTS! */
-static void
-lc(char *string)
-{
- char *p = string, c;
- while ((c = *p)) {
- *p = xtolower(c);
- p++;
- }
-}
-
-void
-helperfail(const char *reason)
-{
-#if FAIL_DEBUG
- fail_debug_enabled = 1;
+/* A couple of harmless helper macros */
+#define SEND(X) debug("sending '%s' to squid\n",X); printf(X "\n");
+#ifdef __GNUC__
+#define SEND2(X,Y...) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
+#define SEND3(X,Y...) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
+#else
+/* no gcc, no debugging. varargs macros are a gcc extension */
+#define SEND2(X,Y) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
+#define SEND3(X,Y,Z) debug("sending '" X "' to squid\n",Y,Z); printf(X "\n",Y,Z);
#endif
- SEND2("BH %s", reason);
-}
+
+char *negotiate_check_auth(SSP_blobP auth, int auth_length);
/*
* options:
my_program_name);
}
-
void
process_options(int argc, char *argv[])
{
opt = optopt;
/* fall thru to default */
default:
- fprintf(stderr, "unknown option: -%c. Exiting\n", opt);
+ fprintf(stderr, "ERROR: unknown option: -%c. Exiting\n", opt);
usage();
had_error = 1;
}
int
manage_request()
{
- char buf[BUFFER_SIZE];
+ char buf[HELPER_INPUT_BUFFER];
char helper_command[3];
char *c, *decoded;
int plen, status;
BOOL Done = FALSE;
try_again:
- if (fgets(buf, BUFFER_SIZE, stdin) == NULL)
+ if (fgets(buf, HELPER_INPUT_BUFFER, stdin))
return 0;
- c = memchr(buf, '\n', BUFFER_SIZE); /* safer against overrun than strchr */
+ c = memchr(buf, '\n', HELPER_INPUT_BUFFER); /* safer against overrun than strchr */
if (c) {
if (oversized) {
- helperfail("illegal request received");
- fprintf(stderr, "Illegal request received: '%s'\n", buf);
+ SEND("BH illegal request received");
+ fprintf(stderr, "ERROR: Illegal request received: '%s'\n", buf);
return 1;
}
*c = '\0';
have_serverblob = 1;
}
} else
- helperfail("can't obtain server blob");
+ SEND("BH can't obtain server blob");
return 1;
}
if (memcmp(buf, "KK ", 3) == 0) { /* authenticate-request */
if (!have_serverblob) {
- helperfail("invalid server blob");
+ SEND("BH invalid server blob");
return 1;
}
/* figure out what we got */
c = (char *) SSP_ValidateNegotiateCredentials(decoded, plen, &Done, &status, cred);
if (status == SSP_ERROR) {
-#if FAIL_DEBUG
- fail_debug_enabled = 1;
-#endif
FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM |
FORMAT_MESSAGE_IGNORE_INSERTS,
NULL,
}
} else { /* not an auth-request */
- helperfail("illegal request received");
+ SEND("BH illegal request received");
fprintf(stderr, "Illegal request received: '%s'\n", buf);
return 1;
}
- helperfail("detected protocol error");
+ SEND("BH detected protocol error");
return 1;
/********* END ********/
}
debug("%s build " __DATE__ ", " __TIME__ " starting up...\n", my_program_name);
if (LoadSecurityDll(SSP_NTLM, NEGOTIATE_PACKAGE_NAME) == NULL) {
- fprintf(stderr, "FATAL, can't initialize SSPI, exiting.\n");
+ fprintf(stderr, "FATAL: %s: can't initialize SSPI, exiting.\n", argv[0]);
exit(1);
}
debug("SSPI initialized OK\n");
* Hosted at http://sourceforge.net/projects/squidkerbauth
*/
#include "config.h"
+#include "compat/getaddrinfo.h"
+#include "compat/getnameinfo.h"
#if HAVE_GSSAPI
#if HAVE_STDOI_H
#include <stdio.h>
#endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
#if HAVE_NETDB_H
#include <netdb.h>
#endif
#if HAVE_TIME_H
#include <time.h>
#endif
-#if HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
#include "util.h"
#include "base64.h"
-#include "getaddrinfo.h"
-#include "getnameinfo.h"
#if HAVE_GSSAPI_GSSAPI_H
#include <gssapi/gssapi.h>
LogTime(), PROGRAM, hostname);
return NULL;
}
- rc = xgetaddrinfo(hostname, NULL, NULL, &hres);
+ rc = getaddrinfo(hostname, NULL, NULL, &hres);
if (rc != 0) {
fprintf(stderr,
"%s| %s: ERROR: resolving hostname with getaddrinfo: %s failed\n",
- LogTime(), PROGRAM, xgai_strerror(rc));
+ LogTime(), PROGRAM, gai_strerror(rc));
return NULL;
}
hres_list = hres;
count++;
hres_list = hres_list->ai_next;
}
- rc = xgetnameinfo(hres->ai_addr, hres->ai_addrlen, hostname,
- sizeof(hostname), NULL, 0, 0);
+ rc = getnameinfo(hres->ai_addr, hres->ai_addrlen, hostname,
+ sizeof(hostname), NULL, 0, 0);
if (rc != 0) {
fprintf(stderr,
"%s| %s: ERROR: resolving ip address with getnameinfo: %s failed\n",
- LogTime(), PROGRAM, xgai_strerror(rc));
- xfreeaddrinfo(hres);
+ LogTime(), PROGRAM, gai_strerror(rc));
+ freeaddrinfo(hres);
return NULL;
}
- xfreeaddrinfo(hres);
+ freeaddrinfo(hres);
hostname[sysconf(_SC_HOST_NAME_MAX) - 1] = '\0';
return (xstrdup(hostname));
}
GSS_C_GSS_CODE, GSS_C_NULL_OID, &msg_ctx, &status_string);
if (maj_stat == GSS_S_COMPLETE) {
if (sizeof(buf) > len + status_string.length + 1) {
- sprintf(buf + len, "%s", (char *) status_string.value);
+ snprintf(buf + len, (sizeof(buf)-len), "%s", (char *) status_string.value);
len += status_string.length;
}
gss_release_buffer(&min_stat, &status_string);
gss_release_buffer(&min_stat, &status_string);
}
if (sizeof(buf) > len + 2) {
- sprintf(buf + len, "%s", ". ");
+ snprintf(buf + len, (sizeof(buf)-len), "%s", ". ");
len += 2;
}
msg_ctx = 0;
GSS_C_MECH_CODE, GSS_C_NULL_OID, &msg_ctx, &status_string);
if (maj_stat == GSS_S_COMPLETE) {
if (sizeof(buf) > len + status_string.length) {
- sprintf(buf + len, "%s", (char *) status_string.value);
+ snprintf(buf + len,(sizeof(buf)-len), "%s", (char *) status_string.value);
len += status_string.length;
}
gss_release_buffer(&min_stat, &status_string);
#if HAVE_STDIO_H
#include <stdio.h>
#endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
#if HAVE_NETDB_H
#include <netdb.h>
#endif
#if HAVE_TIME_H
#include <time.h>
#endif
-#if HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
#if HAVE_ERRNO_H
#include <errno.h>
#endif
GSS_C_GSS_CODE, GSS_C_NULL_OID, &msg_ctx, &status_string);
if (maj_stat == GSS_S_COMPLETE) {
if (sizeof(buf) > len + status_string.length + 1) {
- sprintf(buf + len, "%s", (char *) status_string.value);
+ snprintf(buf + len, (sizeof(buf)-len), "%s", (char *)status_string.value);
len += status_string.length;
}
gss_release_buffer(&min_stat, &status_string);
gss_release_buffer(&min_stat, &status_string);
}
if (sizeof(buf) > len + 2) {
- sprintf(buf + len, "%s", ". ");
+ snprintf(buf + len, (sizeof(buf)-len), "%s", ". ");
len += 2;
}
msg_ctx = 0;
GSS_C_MECH_CODE, GSS_C_NULL_OID, &msg_ctx, &status_string);
if (maj_stat == GSS_S_COMPLETE) {
if (sizeof(buf) > len + status_string.length) {
- sprintf(buf + len, "%s", (char *) status_string.value);
+ snprintf(buf + len, (sizeof(buf)-len), "%s", (char *) status_string.value);
len += status_string.length;
}
gss_release_buffer(&min_stat, &status_string);
+++ /dev/null
-#
-# Makefile for the Squid Object Cache server
-#
-# $Id$
-#
-
-include $(top_srcdir)/src/Common.am
-
-## we need our local files too (but avoid -I. at all costs)
-INCLUDES += -I$(srcdir)
-
-
-libexec_PROGRAMS = mswin_negotiate_auth
-
-mswin_negotiate_auth_SOURCES = libnegotiatessp.c negotiate_auth.c negotiate.h
-
-LDADD = -L$(top_builddir)/lib -lsspwin32 -ladvapi32 -lmiscutil $(XTRA_LIBS)
-
-EXTRA_DIST = readme.txt
+++ /dev/null
-/*
- * (C) 2005 Guido Serassio <guido.serassio@acmeconsulting.it>
- * Based on previous work of Francesco Chemolli, Robert Collins and Andrew Doran
- *
- * Distributed freely under the terms of the GNU General Public License,
- * version 2. See the file COPYING for licensing details
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
- */
-
-#ifndef _NEGOTIATE_H_
-#define _NEGOTIATE_H_
-
-#include "sspwin32.h"
-#include <windows.h>
-#include <sspi.h>
-#include <security.h>
-#undef debug
-
-/************* CONFIGURATION ***************/
-/*
- * define this if you want debugging
- */
-#ifndef DEBUG
-#define DEBUG
-#endif
-
-#define FAIL_DEBUG 0
-
-/************* END CONFIGURATION ***************/
-
-#include <sys/types.h>
-
-extern int debug_enabled;
-#if FAIL_DEBUG
-extern int fail_debug_enabled;
-#endif
-
-/* Debugging stuff */
-
-#ifdef __GNUC__ /* this is really a gcc-ism */
-#ifdef DEBUG
-#include <stdio.h>
-#include <unistd.h>
-static char *__foo;
-#define debug(X...) if (debug_enabled) { \
- fprintf(stderr,"ntlm-auth[%d](%s:%d): ", getpid(), \
- ((__foo=strrchr(__FILE__,'/'))==NULL?__FILE__:__foo+1),\
- __LINE__);\
- fprintf(stderr,X); }
-#else /* DEBUG */
-#define debug(X...) /* */
-#endif /* DEBUG */
-#else /* __GNUC__ */
-static void
-debug(char *format,...)
-{
-#ifdef DEBUG
-#ifdef _SQUID_MSWIN_
-#if FAIL_DEBUG
- if (debug_enabled || fail_debug_enabled) {
-#else
-if (debug_enabled) {
-#endif
- va_list args;
-
- va_start(args,format);
- fprintf(stderr, "negotiate-auth[%d]: ",getpid());
- vfprintf(stderr, format, args);
- va_end(args);
-#if FAIL_DEBUG
- fail_debug_enabled = 0;
-#endif
- }
-#endif /* _SQUID_MSWIN_ */
-#endif /* DEBUG */
-}
-#endif /* __GNUC__ */
-
-
-/* A couple of harmless helper macros */
-#define SEND(X) debug("sending '%s' to squid\n",X); printf(X "\n");
-#ifdef __GNUC__
-#define SEND2(X,Y...) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
-#define SEND3(X,Y...) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
-#else
-/* no gcc, no debugging. varargs macros are a gcc extension */
-#define SEND2(X,Y) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
-#define SEND3(X,Y,Z) debug("sending '" X "' to squid\n",Y,Z); printf(X "\n",Y,Z);
-#endif
-
-extern void uc(char *);
-
-extern char *negotiate_check_auth(SSP_blobP auth, int auth_length);
-extern void hex_dump(void *, int);
-
-#define safe_free(x) if (x) { free(x); x = NULL; }
-
-#endif /* _NEGOTIATE_H_ */
-# Makefile for storage modules in the Squid Object Cache server
-#
-# $Id$
-#
-
-DIST_SUBDIRS = fakeauth no_check smb_lm mswin_sspi
+DIST_SUBDIRS = fake smb_lm SSPI
SUBDIRS = $(NTLM_AUTH_HELPERS)
--- /dev/null
+include $(top_srcdir)/src/Common.am
+
+man_MANS = ntlm_sspi_auth.8
+
+libexec_PROGRAMS = ntlm_sspi_auth
+
+ntlm_sspi_auth_SOURCES = ntlm_sspi_auth.cc
+
+LDADD = \
+ -L$(top_builddir)/libntlmauth -lntlmauth \
+ -L$(top_builddir)/lib -lsspwin32 \
+ $(COMPAT_LIB) \
+ -lnetapi32 \
+ -ladvapi32 \
+ $(XTRA_LIBS)
+
+EXTRA_DIST = ntlm_sspi_auth.8 config.test
--- /dev/null
+.if !'po4a'hide' .TH ntlm_sspi_auth.exe 8
+.
+.SH NAME
+.if !'po4a'hide' .B ntlm_sspi_auth.exe
+.if !'po4a'hide' \-
+Native Windows NTLM/NTLMv2 authenticator for Squid with
+automatic support for NTLM NEGOTIATE packets.
+.PP
+Version 1.22
+.
+.SH SYNOPSIS
+.if !'po4a'hide' .B ntlm_sspi_auth.exe
+.if !'po4a'hide' .B "[\-dhv] [\-A "
+Group Name
+.if !'po4a'hide' .B "] [\-D "
+Group Name
+.if !'po4a'hide' .B "]"
+.
+.SH DESCRIPTION
+.B ntlm_sspi_auth.exe
+is an installed binary built on Windows systems. It provides native access to the
+Security Service Provider Interface of Windows for authenticating with NTLM / NTLMv2.
+It has automatic support for NTLM NEGOTIATE packets.
+.
+.SH OPTIONS
+.if !'po4a'hide' .TP 12
+.if !'po4a'hide' .B \-d
+Write debug info to stderr.
+.if !'po4a'hide' .B \-h
+Display the binary help and command line syntax info using stderr.
+.if !'po4a'hide' .B \-v
+Enables verbose NTLM packet debugging.
+.if !'po4a'hide' .B \-A
+Specify a Windows Local Group name allowed to authenticate.
+.if !'po4a'hide' .B \-D
+Specify a Windows Local Group name which is to be denied authentication.
+.
+.SH CONFIGURATION
+.PP Allowing Users
+.PP
+Users that are allowed to access the web proxy must have the Windows NT
+User Rights "logon from the network".
+.PP
+Optionally the authenticator can verify the NT LOCAL group membership of
+the user against the User Group specified in the Authenticator's command
+line.
+.PP
+This can be accomplished creating a local user group on the NT machine,
+grant the privilege, and adding users to it, it works only with MACHINE
+Local Groups, not Domain Local Groups.
+.PP
+Better group checking is available with External Acl, see mswin_check_group
+documentation.
+.PP
+.B squid.conf
+typical minimal required changes:
+.if !'po4a'hide' .RS
+.if !'po4a'hide' auth_param ntlm program c:/squid/libexec/mswin_ntlm_auth.exe
+.if !'po4a'hide' auth_param ntlm children 5
+.if !'po4a'hide'
+.if !'po4a'hide' acl password proxy_auth REQUIRED
+.if !'po4a'hide'
+.if !'po4a'hide' http_access allow password
+.if !'po4a'hide' http_access deny all
+.
+.PP Refer to Squid documentation for more details.
+.
+.PP
+Internet Explorer has some problems with
+.B ftp://
+URLs when handling internal Squid FTP icons.
+The following
+.B squid.conf
+ACL works around this when placed before the authentication ACL:
+.if !'po4a'hide' .RS
+.if !'po4a'hide' acl internal_icons urlpath_regex -i /squid-internal-static/icons/
+.if !'po4a'hide'
+.if !'po4a'hide' http_access allow our_networks internal_icons
+.
+.SH AUTHOR
+This program was written by
+.if !'po4a'hide' .I Guido Serassio <guido.serassio@acmeconsulting.it>
+.PP
+Based on prior work in by
+.if !'po4a'hide' .I Francesco Chemolli <kinkie@squid-cache.org>
+.if !'po4a'hide' .I Robert Collins <lifeless@squid-cache.org>
+.PP
+This manual was written by
+.if !'po4a'hide' .I Guido Serassio <guido.serassio@acmeconsulting.it>
+.if !'po4a'hide' .I Amos Jeffries <amosjeffries@squid-cache.org>
+.
+.SH COPYRIGHT
+This program and documentation is copyright to the authors named above.
+.PP
+Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).
+.
+.SH QUESTIONS
+Questions on the usage of this program can be sent to the
+.I Squid Users mailing list
+.if !'po4a'hide' <squid-users@squid-cache.org>
+.
+.SH REPORTING BUGS
+Bug reports need to be made in English.
+See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report.
+.PP
+Report bugs or bug fixes using http://bugs.squid-cache.org/
+.PP
+Report serious security bugs to
+.I Squid Bugs <squid-bugs@squid-cache.org>
+.PP
+Report ideas for new improvements to the
+.I Squid Developers mailing list
+.if !'po4a'hide' <squid-dev@squid-cache.org>
+.
+.SH SEE ALSO
+.if !'po4a'hide' .BR squid "(8), "
+.if !'po4a'hide' .BR GPL "(7), "
+.br
+The Squid FAQ wiki
+.if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
+.br
+The Squid Configuration Manual
+.if !'po4a'hide' http://www.squid-cache.org/Doc/config/
--- /dev/null
+/*
+ * ntlm_sspi_auth: helper for NTLM Authentication for Squid Cache
+ *
+ * (C)2002,2005 Guido Serassio - Acme Consulting S.r.l.
+ *
+ * Authors:
+ * Guido Serassio <guido.serassio@acmeconsulting.it>
+ * Acme Consulting S.r.l., Italy <http://www.acmeconsulting.it>
+ *
+ * With contributions from others mentioned in the change history section
+ * below.
+ *
+ * Based on previous work of Francesco Chemolli and Robert Collins.
+ *
+ * Dependencies: Windows NT4 SP4 and later.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ *
+ * History:
+ *
+ * Version 1.22
+ * 29-10-2005 Guido Serassio
+ * Updated for Negotiate auth support.
+ * Version 1.21
+ * 21-02-2004 Guido Serassio
+ * Removed control of use of NTLM NEGOTIATE packet from
+ * command line, now the support is automatic.
+ * Version 1.20
+ * 30-11-2003 Guido Serassio
+ * Added support for NTLM local calls.
+ * Added control of use of NTLM NEGOTIATE packet from
+ * command line.
+ * Updated documentation.
+ * Version 1.10
+ * 07-09-2003 Guido Serassio
+ * Now is true NTLM authenticator.
+ * More debug info.
+ * Updated documentation.
+ * Version 1.0
+ * 29-06-2002 Guido Serassio
+ * First release.
+ *
+ *
+ */
+
+/************* CONFIGURATION ***************/
+
+#define FAIL_DEBUG 0
+
+/************* END CONFIGURATION ***************/
+
+typedef unsigned char uchar;
+
+#include "config.h"
+#include "helpers/defines.h"
+#include "libntlmauth/ntlmauth.h"
+#include "libntlmauth/support_bits.h"
+#include "sspwin32.h"
+#include "util.h"
+
+#include <windows.h>
+#include <sspi.h>
+#include <security.h>
+#if HAVE_CTYPE_H
+#include <ctype.h>
+#endif
+#if HAVE_GETOPT_H
+#include <getopt.h>
+#endif
+#include <lm.h>
+#include <ntsecapi.h>
+
+#define BUFFER_SIZE 10240
+
+int NTLM_packet_debug_enabled = 0;
+static int have_challenge;
+char * NTAllowedGroup;
+char * NTDisAllowedGroup;
+int UseDisallowedGroup = 0;
+int UseAllowedGroup = 0;
+
+#if FAIL_DEBUG
+int fail_debug_enabled = 0;
+#endif
+
+/* returns 1 on success, 0 on failure */
+int
+Valid_Group(char *UserName, char *Group)
+{
+ int result = FALSE;
+ WCHAR wszUserName[UNLEN+1]; // Unicode user name
+ WCHAR wszGroup[GNLEN+1]; // Unicode Group
+
+ LPLOCALGROUP_USERS_INFO_0 pBuf = NULL;
+ LPLOCALGROUP_USERS_INFO_0 pTmpBuf;
+ DWORD dwLevel = 0;
+ DWORD dwFlags = LG_INCLUDE_INDIRECT;
+ DWORD dwPrefMaxLen = -1;
+ DWORD dwEntriesRead = 0;
+ DWORD dwTotalEntries = 0;
+ NET_API_STATUS nStatus;
+ DWORD i;
+ DWORD dwTotalCount = 0;
+
+ /* Convert ANSI User Name and Group to Unicode */
+
+ MultiByteToWideChar(CP_ACP, 0, UserName,
+ strlen(UserName) + 1, wszUserName,
+ sizeof(wszUserName) / sizeof(wszUserName[0]));
+ MultiByteToWideChar(CP_ACP, 0, Group,
+ strlen(Group) + 1, wszGroup, sizeof(wszGroup) / sizeof(wszGroup[0]));
+
+ /*
+ * Call the NetUserGetLocalGroups function
+ * specifying information level 0.
+ *
+ * The LG_INCLUDE_INDIRECT flag specifies that the
+ * function should also return the names of the local
+ * groups in which the user is indirectly a member.
+ */
+ nStatus = NetUserGetLocalGroups(NULL,
+ wszUserName,
+ dwLevel,
+ dwFlags,
+ (LPBYTE *) & pBuf, dwPrefMaxLen, &dwEntriesRead, &dwTotalEntries);
+ /*
+ * If the call succeeds,
+ */
+ if (nStatus == NERR_Success) {
+ if ((pTmpBuf = pBuf) != NULL) {
+ for (i = 0; i < dwEntriesRead; i++) {
+ if (pTmpBuf == NULL) {
+ result = FALSE;
+ break;
+ }
+ if (wcscmp(pTmpBuf->lgrui0_name, wszGroup) == 0) {
+ result = TRUE;
+ break;
+ }
+ pTmpBuf++;
+ dwTotalCount++;
+ }
+ }
+ } else
+ result = FALSE;
+ /*
+ * Free the allocated memory.
+ */
+ if (pBuf != NULL)
+ NetApiBufferFree(pBuf);
+ return result;
+}
+
+
+char * AllocStrFromLSAStr(LSA_UNICODE_STRING LsaStr)
+{
+ size_t len;
+ static char * target;
+
+ len = LsaStr.Length/sizeof(WCHAR) + 1;
+
+ /* allocate buffer for str + null termination */
+ safe_free(target);
+ target = (char *)xmalloc(len);
+ if (target == NULL)
+ return NULL;
+
+ /* copy unicode buffer */
+ WideCharToMultiByte(CP_ACP, 0, LsaStr.Buffer, LsaStr.Length, target, len, NULL, NULL );
+
+ /* add null termination */
+ target[len-1] = '\0';
+ return target;
+}
+
+
+char * GetDomainName(void)
+
+{
+ LSA_HANDLE PolicyHandle;
+ LSA_OBJECT_ATTRIBUTES ObjectAttributes;
+ NTSTATUS status;
+ PPOLICY_PRIMARY_DOMAIN_INFO ppdiDomainInfo;
+ PWKSTA_INFO_100 pwkiWorkstationInfo;
+ DWORD netret;
+ char * DomainName = NULL;
+
+ /*
+ * Always initialize the object attributes to all zeroes.
+ */
+ memset(&ObjectAttributes, '\0', sizeof(ObjectAttributes));
+
+ /*
+ * You need the local workstation name. Use NetWkstaGetInfo at level
+ * 100 to retrieve a WKSTA_INFO_100 structure.
+ *
+ * The wki100_computername field contains a pointer to a UNICODE
+ * string containing the local computer name.
+ */
+ netret = NetWkstaGetInfo(NULL, 100, (LPBYTE *)&pwkiWorkstationInfo);
+ if (netret == NERR_Success) {
+ /*
+ * We have the workstation name in:
+ * pwkiWorkstationInfo->wki100_computername
+ *
+ * Next, open the policy object for the local system using
+ * the LsaOpenPolicy function.
+ */
+ status = LsaOpenPolicy(
+ NULL,
+ &ObjectAttributes,
+ GENERIC_READ | POLICY_VIEW_LOCAL_INFORMATION,
+ &PolicyHandle
+ );
+
+ /*
+ * Error checking.
+ */
+ if (status) {
+ debug("OpenPolicy Error: %ld\n", status);
+ } else {
+
+ /*
+ * You have a handle to the policy object. Now, get the
+ * domain information using LsaQueryInformationPolicy.
+ */
+ status = LsaQueryInformationPolicy(PolicyHandle,
+ PolicyPrimaryDomainInformation,
+ (void **)&ppdiDomainInfo);
+ if (status) {
+ debug("LsaQueryInformationPolicy Error: %ld\n", status);
+ } else {
+
+ /* Get name in useable format */
+ DomainName = AllocStrFromLSAStr(ppdiDomainInfo->Name);
+
+ /*
+ * Check the Sid pointer, if it is null, the
+ * workstation is either a stand-alone computer
+ * or a member of a workgroup.
+ */
+ if (ppdiDomainInfo->Sid) {
+
+ /*
+ * Member of a domain. Display it in debug mode.
+ */
+ debug("Member of Domain %s\n",DomainName);
+ } else {
+ DomainName = NULL;
+ }
+ }
+ }
+
+ /*
+ * Clean up all the memory buffers created by the LSA and
+ * Net* APIs.
+ */
+ NetApiBufferFree(pwkiWorkstationInfo);
+ LsaFreeMemory((LPVOID)ppdiDomainInfo);
+ } else
+ debug("NetWkstaGetInfo Error: %ld\n", netret);
+ return DomainName;
+}
+
+/* returns NULL on failure, or a pointer to
+ * the user's credentials (domain\\username)
+ * upon success. WARNING. It's pointing to static storage.
+ * In case of problem sets as side-effect ntlm_errno to one of the
+ * codes defined in libntlmauth/ntlmauth.h
+ */
+int
+ntlm_check_auth(ntlm_authenticate * auth, char *user, char *domain, int auth_length)
+{
+ int x;
+ int rv;
+ char credentials[DNLEN+UNLEN+2]; /* we can afford to waste */
+ lstring tmp;
+
+ if (!NTLM_LocalCall) {
+
+ user[0] = '\0';
+ domain[0] = '\0';
+ x = ntlm_unpack_auth(auth, user, domain, auth_length);
+
+ if (x != NTLM_ERR_NONE)
+ return x;
+
+ if (domain[0] == '\0') {
+ debug("No domain supplied. Returning no-auth\n");
+ return NTLM_BAD_REQUEST;
+ }
+ if (user[0] == '\0') {
+ debug("No username supplied. Returning no-auth\n");
+ return NTLM_BAD_REQUEST;
+ }
+ debug("checking domain: '%s', user: '%s'\n", domain, user);
+
+ } else
+ debug("checking local user\n");
+
+ snprintf(credentials, DNLEN+UNLEN+2, "%s\\%s", domain, user);
+
+ rv = SSP_ValidateNTLMCredentials(auth, auth_length, credentials);
+
+ debug("Login attempt had result %d\n", rv);
+
+ if (!rv) { /* failed */
+ return NTLM_SSPI_ERROR;
+ }
+
+ if (UseAllowedGroup) {
+ if (!Valid_Group(credentials, NTAllowedGroup)) {
+ debug("User %s not in allowed Group %s\n", credentials, NTAllowedGroup);
+ return NTLM_BAD_NTGROUP;
+ }
+ }
+ if (UseDisallowedGroup) {
+ if (Valid_Group(credentials, NTDisAllowedGroup)) {
+ debug("User %s is in denied Group %s\n", credentials, NTDisAllowedGroup);
+ return NTLM_BAD_NTGROUP;
+ }
+ }
+
+ debug("credentials: %s\n", credentials);
+ return NTLM_ERR_NONE;
+}
+
+void
+helperfail(const char *reason)
+{
+#if FAIL_DEBUG
+ fail_debug_enabled =1;
+#endif
+ SEND2("BH %s", reason);
+}
+
+/*
+ options:
+ -d enable debugging.
+ -v enable verbose NTLM packet debugging.
+ -A can specify a Windows Local Group name allowed to authenticate.
+ -D can specify a Windows Local Group name not allowed to authenticate.
+ */
+char *my_program_name = NULL;
+
+void
+usage()
+{
+ fprintf(stderr,
+ "Usage: %s [-d] [-v] [-A|D LocalUserGroup] [-h]\n"
+ " -d enable debugging.\n"
+ " -v enable verbose NTLM packet debugging.\n"
+ " -A specify a Windows Local Group name allowed to authenticate\n"
+ " -D specify a Windows Local Group name not allowed to authenticate\n"
+ " -h this message\n\n",
+ my_program_name);
+}
+
+
+void
+process_options(int argc, char *argv[])
+{
+ int opt, had_error = 0;
+
+ opterr =0;
+ while (-1 != (opt = getopt(argc, argv, "hdvA:D:"))) {
+ switch (opt) {
+ case 'A':
+ safe_free(NTAllowedGroup);
+ NTAllowedGroup=xstrdup(optarg);
+ UseAllowedGroup = 1;
+ break;
+ case 'D':
+ safe_free(NTDisAllowedGroup);
+ NTDisAllowedGroup=xstrdup(optarg);
+ UseDisallowedGroup = 1;
+ break;
+ case 'd':
+ debug_enabled = 1;
+ break;
+ case 'v':
+ debug_enabled = 1;
+ NTLM_packet_debug_enabled = 1;
+ break;
+ case 'h':
+ usage();
+ exit(0);
+ case '?':
+ opt = optopt;
+ /* fall thru to default */
+ default:
+ fprintf(stderr, "unknown option: -%c. Exiting\n", opt);
+ usage();
+ had_error = 1;
+ }
+ }
+ if (had_error)
+ exit(1);
+}
+
+int
+manage_request()
+{
+ ntlmhdr *fast_header;
+ char buf[BUFFER_SIZE];
+ char helper_command[3];
+ char *c, *decoded, *cred;
+ int plen;
+ int oversized = 0;
+ char * ErrorMessage;
+ static ntlm_negotiate local_nego;
+ char domain[DNLEN+1];
+ char user[UNLEN+1];
+
+ /* NP: for some reason this helper sometimes needs to accept
+ * from clients that send no negotiate packet. */
+ if (memcpy(local_nego.signature, "NTLMSSP", 8) != 0) {
+ memset(&local_nego, 0, sizeof(ntlm_negotiate)); /* reset */
+ memcpy(local_nego.signature, "NTLMSSP", 8); /* set the signature */
+ local_nego.type = le32toh(NTLM_NEGOTIATE); /* this is a challenge */
+ local_nego.flags = le32toh(NTLM_NEGOTIATE_ALWAYS_SIGN |
+ NTLM_NEGOTIATE_USE_NTLM |
+ NTLM_NEGOTIATE_USE_LM |
+ NTLM_NEGOTIATE_ASCII );
+ }
+
+try_again:
+ if (fgets(buf, BUFFER_SIZE, stdin) == NULL)
+ return 0;
+
+ c = memchr(buf, '\n', BUFFER_SIZE); /* safer against overrun than strchr */
+ if (c) {
+ if (oversized) {
+ helperfail("illegal request received");
+ fprintf(stderr, "Illegal request received: '%s'\n", buf);
+ return 1;
+ }
+ *c = '\0';
+ } else {
+ fprintf(stderr, "No newline in '%s'\n", buf);
+ oversized = 1;
+ goto try_again;
+ }
+ if ((strlen(buf) > 3) && NTLM_packet_debug_enabled) {
+ decoded = base64_decode(buf + 3);
+ strncpy(helper_command, buf, 2);
+ debug("Got '%s' from Squid with data:\n", helper_command);
+ hex_dump(decoded, ((strlen(buf) - 3) * 3) / 4);
+ } else
+ debug("Got '%s' from Squid\n", buf);
+ if (memcmp(buf, "YR", 2) == 0) { /* refresh-request */
+ /* figure out what we got */
+ if (strlen(buf) > 3)
+ decoded = base64_decode(buf + 3);
+ else {
+ debug("Negotiate packet not supplied - self generated\n");
+ decoded = (char *) &local_nego;
+ }
+ /* Note: we don't need to manage memory at this point, since
+ * base64_decode returns a pointer to static storage.
+ */
+ if (!decoded) { /* decoding failure, return error */
+ SEND("NA Packet format error, couldn't base64-decode");
+ return 1;
+ }
+ /* fast-track-decode request type. */
+ fast_header = (struct _ntlmhdr *) decoded;
+
+ /* sanity-check: it IS a NTLMSSP packet, isn't it? */
+ if (ntlm_validate_packet(fast_header, NTLM_ANY) != NTLM_ERR_NONE) {
+ SEND("NA Broken authentication packet");
+ return 1;
+ }
+ switch (fast_header->type) {
+ case NTLM_NEGOTIATE:
+ /* Obtain challenge against SSPI */
+ if (strlen(buf) > 3)
+ plen = (strlen(buf) - 3) * 3 / 4; /* we only need it here. Optimization */
+ else
+ plen = sizeof(ntlmhdr) + sizeof u_int32_t); /* local_nego only has header and flags set. */
+ debug("attempting SSPI challenge retrieval\n");
+ if ((c = (char *) SSP_MakeChallenge((ntlm_negotiate *) decoded, plen)) != NULL ) {
+ if (NTLM_packet_debug_enabled) {
+ printf("TT %s\n",c);
+ decoded = base64_decode(c);
+ debug("sending 'TT' to squid with data:\n");
+ hex_dump(decoded, (strlen(c) * 3) / 4);
+ if (NTLM_LocalCall)
+ debug("NTLM Local Call detected\n");
+ } else {
+ SEND2("TT %s", c);
+ }
+ have_challenge = 1;
+ } else
+ helperfail("can't obtain challenge");
+ return 1;
+ /* notreached */
+ case NTLM_CHALLENGE:
+ SEND("NA Got a challenge. We refuse to have our authority disputed");
+ return 1;
+ /* notreached */
+ case NTLM_AUTHENTICATE:
+ SEND("NA Got authentication request instead of negotiate request");
+ return 1;
+ /* notreached */
+ default:
+ helperfail("unknown refresh-request packet type");
+ return 1;
+ }
+ return 1;
+ }
+ if (memcmp(buf, "KK ", 3) == 0) { /* authenticate-request */
+ if (!have_challenge) {
+ helperfail("invalid challenge");
+ return 1;
+ }
+ /* figure out what we got */
+ decoded = base64_decode(buf + 3);
+ /* Note: we don't need to manage memory at this point, since
+ * base64_decode returns a pointer to static storage.
+ */
+
+ if (!decoded) { /* decoding failure, return error */
+ SEND("NA Packet format error, couldn't base64-decode");
+ return 1;
+ }
+ /* fast-track-decode request type. */
+ fast_header = (struct _ntlmhdr *) decoded;
+
+ /* sanity-check: it IS a NTLMSSP packet, isn't it? */
+ if (ntlm_validate_packet(fast_header, NTLM_ANY) != NTLM_ERR_NONE) {
+ SEND("NA Broken authentication packet");
+ return 1;
+ }
+ switch (fast_header->type) {
+ case NTLM_NEGOTIATE:
+ SEND("NA Invalid negotiation request received");
+ return 1;
+ /* notreached */
+ case NTLM_CHALLENGE:
+ SEND
+ ("NA Got a challenge. We refuse to have our authority disputed");
+ return 1;
+ /* notreached */
+ case NTLM_AUTHENTICATE:
+ /* check against SSPI */
+ plen = (strlen(buf) - 3) * 3 / 4; /* we only need it here. Optimization */
+ err = ntlm_check_auth((ntlm_authenticate *) decoded, user, domain, plen);
+ have_challenge = 0;
+ if (err != NTLM_ERR_NONE) {
+#if FAIL_DEBUG
+ fail_debug_enabled =1;
+#endif
+ switch (ntlm_errno) {
+ case NTLM_ERR_NONE:
+ break;
+ case NTLM_BAD_NTGROUP:
+ SEND("NA Incorrect Group Membership");
+ return 1;
+ case NTLM_BAD_REQUEST:
+ SEND("NA Incorrect Request Format");
+ return 1;
+ case NTLM_SSPI_ERROR:
+ FormatMessage(
+ FORMAT_MESSAGE_ALLOCATE_BUFFER |
+ FORMAT_MESSAGE_FROM_SYSTEM |
+ FORMAT_MESSAGE_IGNORE_INSERTS,
+ NULL,
+ GetLastError(),
+ MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language
+ (LPTSTR) &ErrorMessage,
+ 0,
+ NULL);
+ if (ErrorMessage[strlen(ErrorMessage) - 1] == '\n')
+ ErrorMessage[strlen(ErrorMessage) - 1] = '\0';
+ if (ErrorMessage[strlen(ErrorMessage) - 1] == '\r')
+ ErrorMessage[strlen(ErrorMessage) - 1] = '\0';
+ SEND2("NA %s", ErrorMessage);
+ LocalFree(ErrorMessage);
+ return 1;
+ default:
+ SEND("NA Unknown Error");
+ return 1;
+ }
+ }
+ /* let's lowercase them for our convenience */
+ SEND3("AF %s\\%s", lc(domain), lc(user));
+ return 1;
+ default:
+ helperfail("unknown authentication packet type");
+ return 1;
+ }
+ return 1;
+ } else { /* not an auth-request */
+ helperfail("illegal request received");
+ fprintf(stderr, "Illegal request received: '%s'\n", buf);
+ return 1;
+ }
+ helperfail("detected protocol error");
+ return 1;
+ /********* END ********/
+}
+
+int
+main(int argc, char *argv[])
+{
+ my_program_name = argv[0];
+
+ process_options(argc, argv);
+
+ debug("%s build " __DATE__ ", " __TIME__ " starting up...\n", my_program_name);
+
+ if (LoadSecurityDll(SSP_NTLM, NTLM_PACKAGE_NAME) == NULL) {
+ fprintf(stderr, "FATAL, can't initialize SSPI, exiting.\n");
+ exit(1);
+ }
+ debug("SSPI initialized OK\n");
+
+ atexit(UnloadSecurityDll);
+
+ /* initialize FDescs */
+ setbuf(stdout, NULL);
+ setbuf(stderr, NULL);
+
+ while (manage_request()) {
+ /* everything is done within manage_request */
+ }
+ exit(0);
+}
--- /dev/null
+include $(top_srcdir)/src/Common.am
+
+libexec_PROGRAMS = ntlm_fake_auth
+ntlm_fake_auth_SOURCES = ntlm_fake_auth.cc
+
+ntlm_fake_auth_LDADD = \
+ -L$(top_builddir)/libntlmauth -lntlmauth \
+ $(COMPAT_LIB) \
+ $(CRYPTLIB) \
+ $(XTRA_LIBS)
+
+## Demo using perl.
+## ntlm_fake_auth.pl: ntlm_fake_auth.pl.in
+## $(subst_perlshell)
+
+EXTRA_DIST = config.test \
+ ntlm_fake_auth.pl.in
--- /dev/null
+/*
+ * $Id$
+ *
+ * AUTHOR: Andrew Doran <ad@interlude.eu.org>
+ * AUTHOR: Robert Collins <rbtcollins@hotmail.com>
+ * AUTHOR: Guido Serassio: <guido.serassio@acmeconsulting.it>
+ *
+ * SQUID Web Proxy Cache http://www.squid-cache.org/
+ * ----------------------------------------------------------
+ *
+ * Squid is the result of efforts by numerous individuals from
+ * the Internet community; see the CONTRIBUTORS file for full
+ * details. Many organizations have provided support for Squid's
+ * development; see the SPONSORS file for full details. Squid is
+ * Copyrighted (C) 2001 by the Regents of the University of
+ * California; see the COPYRIGHT file for full details. Squid
+ * incorporates software developed and/or copyrighted by other
+ * sources; see the CREDITS file for full details.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ *
+ */
+/*
+ * Example ntlm authentication program for Squid, based on the
+ * original proxy_auth code from client_side.c, written by
+ * Jon Thackray <jrmt@uk.gdscorp.com>. Initial ntlm code by
+ * Andrew Doran <ad@interlude.eu.org>.
+ *
+ * This code gets the username and returns it. No validation is done.
+ * and by the way: it is a complete patch-up. Use the "real thing" NTLMSSP
+ * if you can.
+ *
+ * Revised by Guido Serassio: <guido.serassio@acmeconsulting.it>
+ *
+ * - Added negotiation of UNICODE char support
+ * - More detailed debugging info
+ *
+ */
+
+/* undefine this to have strict protocol adherence. You don't really need
+ * that though */
+#define IGNORANCE_IS_BLISS
+
+#include "config.h"
+#include "libntlmauth/ntlmauth.h"
+#include "libntlmauth/support_bits.cci"
+#include "util.h"
+
+#if HAVE_CTYPE_H
+#include <ctype.h>
+#endif
+#if HAVE_STRING_H
+#include <string.h>
+#endif
+#if HAVE_CRYPT_H
+#include <crypt.h>
+#endif
+#if HAVE_PWD_H
+#include <pwd.h>
+#endif
+#if HAVE_GETOPT_H
+#include <getopt.h>
+#endif
+
+/* A couple of harmless helper macros */
+#define SEND(X) debug("sending '%s' to squid\n",X); printf(X "\n");
+#ifdef __GNUC__
+#define SEND2(X,Y...) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
+#define SEND3(X,Y...) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
+#else
+/* no gcc, no debugging. varargs macros are a gcc extension */
+#define SEND2(X,Y) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
+#define SEND3(X,Y,Z) debug("sending '" X "' to squid\n",Y,Z); printf(X "\n",Y,Z);
+#endif
+
+#define ERR "ERR\n"
+#define OK "OK\n"
+
+#define BUFFER_SIZE 10240
+
+const char *authenticate_ntlm_domain = "WORKGROUP";
+int strip_domain_enabled = 0;
+int NTLM_packet_debug_enabled = 0;
+
+/*
+ * options:
+ * -d enable debugging.
+ * -v enable verbose NTLM packet debugging.
+ * -l if specified, changes behavior on failures to last-ditch.
+ */
+char *my_program_name = NULL;
+
+static void
+usage(void)
+{
+ fprintf(stderr,
+ "Usage: %s [-d] [-v] [-h]\n"
+ " -d enable debugging.\n"
+ " -S strip domain from username.\n"
+ " -v enable verbose NTLM packet debugging.\n"
+ " -h this message\n\n",
+ my_program_name);
+}
+
+static void
+process_options(int argc, char *argv[])
+{
+ int opt, had_error = 0;
+
+ opterr = 0;
+ while (-1 != (opt = getopt(argc, argv, "hdvS"))) {
+ switch (opt) {
+ case 'd':
+ debug_enabled = 1;
+ break;
+ case 'v':
+ debug_enabled = 1;
+ NTLM_packet_debug_enabled = 1;
+ break;
+ case 'S':
+ strip_domain_enabled = 1;
+ break;
+ case 'h':
+ usage();
+ exit(0);
+ case '?':
+ opt = optopt;
+ /* fall thru to default */
+ default:
+ fprintf(stderr, "unknown option: -%c. Exiting\n", opt);
+ usage();
+ had_error = 1;
+ }
+ }
+ if (had_error)
+ exit(1);
+}
+
+int
+main(int argc, char *argv[])
+{
+ char buf[BUFFER_SIZE];
+ int buflen = 0;
+ char user[NTLM_MAX_FIELD_LENGTH], domain[NTLM_MAX_FIELD_LENGTH];
+ char *p;
+ ntlmhdr *packet = NULL;
+ char helper_command[3];
+ int len;
+ char *data = NULL;
+
+ setbuf(stdout, NULL);
+ setbuf(stderr, NULL);
+
+ my_program_name = argv[0];
+
+ process_options(argc, argv);
+
+ debug("%s build " __DATE__ ", " __TIME__ " starting up...\n", my_program_name);
+
+ while (fgets(buf, BUFFER_SIZE, stdin) != NULL) {
+ user[0] = '\0'; /*no user code */
+ domain[0] = '\0'; /*no domain code */
+
+ if ((p = strchr(buf, '\n')) != NULL)
+ *p = '\0'; /* strip \n */
+ buflen = strlen(buf); /* keep this so we only scan the buffer for \0 once per loop */
+ if (buflen > 3)
+ packet = (ntlmhdr*)base64_decode(buf + 3);
+ if (buflen > 3 && NTLM_packet_debug_enabled) {
+ strncpy(helper_command, buf, 2);
+ helper_command[2] = '\0';
+ debug("Got '%s' from Squid with data:\n", helper_command);
+ hex_dump((unsigned char*)packet, ((buflen - 3) * 3) / 4);
+ } else
+ debug("Got '%s' from Squid\n", buf);
+
+ if (strncasecmp(buf, "YR", 2) == 0) {
+ char nonce[NTLM_NONCE_LEN];
+ ntlm_challenge chal;
+ ntlm_make_nonce(nonce);
+ if (buflen > 3) {
+ ntlm_negotiate *nego = (ntlm_negotiate *)packet;
+ ntlm_make_challenge(&chal, authenticate_ntlm_domain, NULL, nonce, NTLM_NONCE_LEN, nego->flags);
+ } else {
+ ntlm_make_challenge(&chal, authenticate_ntlm_domain, NULL, nonce, NTLM_NONCE_LEN, NTLM_NEGOTIATE_ASCII);
+ }
+ // TODO: find out what this context means, and why only the fake auth helper contains it.
+ chal.context_high = htole32(0x003a<<16);
+
+ len = sizeof(chal) - sizeof(chal.payload) + le16toh(chal.target.maxlen);
+ data = (char *) base64_encode_bin((char *) &chal, len);
+ if (NTLM_packet_debug_enabled) {
+ printf("TT %s\n", data);
+ debug("sending 'TT' to squid with data:\n");
+ hex_dump((unsigned char *)&chal, len);
+ } else
+ SEND2("TT %s", data);
+ } else if (strncasecmp(buf, "KK ", 3) == 0) {
+ if (!packet) {
+ SEND("BH received KK with no data! user=");
+ } else if (ntlm_validate_packet(packet, NTLM_AUTHENTICATE) == NTLM_ERR_NONE) {
+ if (ntlm_unpack_auth((ntlm_authenticate *)packet, user, domain, (buflen-3)) == NTLM_ERR_NONE) {
+ lc(user);
+ lc(domain);
+ if (strip_domain_enabled) {
+ SEND2("AF %s", user);
+ } else {
+ SEND3("AF %s%s%s", domain, (*domain?"\\":""), user);
+ }
+ } else {
+ lc(user);
+ lc(domain);
+ SEND3("NA invalid credentials, user=%s%s%s", domain, (*domain?"\\":""), user);
+ }
+ } else {
+ SEND("BH wrong packet type! user=");
+ }
+ }
+ }
+ exit(0);
+}
-#!/usr/bin/perl
+#!@PERL@
+#
# (C) 2000 Francesco Chemolli <kinkie@kame.usr.dsi.unimi.it>
+# Distributed freely under the terms of the GNU General Public License,
+# version 2. For the licensing terms, see the file COPYING that
+# came with Squid.
#
+# This is a dummy NTLM authentication module for Squid.
+# It performs the NTLM challenge, but then it doesn't verify the
+# user's credentials, it just takes the client's domain and username
+# at face value.
+# It's included mostly for demonstration purposes.
+#
# TODO: use command-line arguments
#use MIME::Base64;
+++ /dev/null
-#
-# Makefile for the Squid Object Cache server
-#
-# $Id$
-#
-# Uncomment and customize the following to suit your needs:
-#
-
-include $(top_srcdir)/src/Common.am
-
-libexec_PROGRAMS = fakeauth_auth
-fakeauth_auth_SOURCES = fakeauth_auth.c ntlm.h
-
-## we need our local files too (but avoid -I. at all costs)
-INCLUDES += -I$(srcdir)
-
-LDADD = \
- $(top_builddir)/compat/libcompat.la \
- -L$(top_builddir)/lib -lmiscutil \
- $(CRYPTLIB) \
- $(XTRA_LIBS)
+++ /dev/null
-/*
- *
- * AUTHOR: Robert Collins <rbtcollins@hotmail.com>
- *
- * Example ntlm authentication program for Squid, based on the
- * original proxy_auth code from client_side.c, written by
- * Jon Thackray <jrmt@uk.gdscorp.com>. Initial ntlm code by
- * Andrew Doran <ad@interlude.eu.org>.
- *
- * This code gets the username and returns it. No validation is done.
- * and by the way: it is a complete patch-up. Use the "real thing" NTLMSSP
- * if you can.
- *
- * Revised by Guido Serassio: <guido.serassio@acmeconsulting.it>
- *
- * - Added negotiation of UNICODE char support
- * - More detailed debugging info
- *
- */
-
-#include "config.h"
-#include "ntlmauth.h"
-#include "squid_endian.h"
-
-#include "util.h"
-#include <ctype.h>
-
-#if HAVE_STDIO_H
-#include <stdio.h>
-#endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-#if HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#if HAVE_STRING_H
-#include <string.h>
-#endif
-#if HAVE_CRYPT_H
-#include <crypt.h>
-#endif
-#if HAVE_PWD_H
-#include <pwd.h>
-#endif
-#if HAVE_GETOPT_H
-#include <getopt.h>
-#endif
-#include "ntlm.h"
-
-#define ERR "ERR\n"
-#define OK "OK\n"
-
-#define BUFFER_SIZE 10240
-
-const char *authenticate_ntlm_domain = "WORKGROUP";
-int debug_enabled = 0;
-int strip_domain_enabled = 0;
-int NTLM_packet_debug_enabled = 0;
-
-/* NTLM authentication by ad@interlude.eu.org - 07/1999 */
-/* XXX this is not done cleanly... */
-
-static void
-hex_dump(void *data, int size)
-{
- /* dumps size bytes of *data to stdout. Looks like:
- * [0000] 75 6E 6B 6E 6F 77 6E 20
- * 30 FF 00 00 00 00 39 00 unknown 0.....9.
- * (in a single line of course)
- */
-
- if (!data)
- return;
-
- if (debug_enabled) {
- unsigned char *p = data;
- unsigned char c;
- int n;
- char bytestr[4] = {0};
- char addrstr[10] = {0};
- char hexstr[16 * 3 + 5] = {0};
- char charstr[16 * 1 + 5] = {0};
- for (n = 1; n <= size; n++) {
- if (n % 16 == 1) {
- /* store address for this line */
- snprintf(addrstr, sizeof(addrstr), "%.4x",
- (int) (p - (unsigned char *) data));
- }
- c = *p;
- if (xisalnum(c) == 0) {
- c = '.';
- }
- /* store hex str (for left side) */
- snprintf(bytestr, sizeof(bytestr), "%02X ", *p);
- strncat(hexstr, bytestr, sizeof(hexstr) - strlen(hexstr) - 1);
-
- /* store char str (for right side) */
- snprintf(bytestr, sizeof(bytestr), "%c", c);
- strncat(charstr, bytestr, sizeof(charstr) - strlen(charstr) - 1);
-
- if (n % 16 == 0) {
- /* line completed */
- fprintf(stderr, "[%4.4s] %-50.50s %s\n", addrstr, hexstr, charstr);
- hexstr[0] = 0;
- charstr[0] = 0;
- } else if (n % 8 == 0) {
- /* half line: add whitespaces */
- strncat(hexstr, " ", sizeof(hexstr) - strlen(hexstr) - 1);
- strncat(charstr, " ", sizeof(charstr) - strlen(charstr) - 1);
- }
- p++; /* next byte */
- }
-
- if (strlen(hexstr) > 0) {
- /* print rest of buffer if not empty */
- fprintf(stderr, "[%4.4s] %-50.50s %s\n", addrstr, hexstr, charstr);
- }
- }
-}
-
-
-/* makes a null-terminated string lower-case. Changes CONTENTS! */
-static void
-lc(char *string)
-{
- char *p = string, c;
- while ((c = *p)) {
- *p = xtolower(c);
- p++;
- }
-}
-
-
-/*
- * Generates a challenge request. The randomness of the 8 byte
- * challenge strings can be guarenteed to be poor at best.
- */
-void
-ntlmMakeChallenge(struct ntlm_challenge *chal, int32_t flags)
-{
- static unsigned hash;
- int r;
- char *d;
- int i;
-
- debug("ntlmMakeChallenge: flg %08x\n", flags);
-
- memset(chal, 0, sizeof(*chal));
- memcpy(chal->hdr.signature, "NTLMSSP", 8);
- chal->flags = htole32(CHALLENGE_TARGET_IS_DOMAIN |
- NEGOTIATE_ALWAYS_SIGN |
- NEGOTIATE_USE_NTLM |
- NEGOTIATE_REQUEST_TARGET |
- (NEGOTIATE_UNICODE & flags ? NEGOTIATE_UNICODE : NEGOTIATE_ASCII)
- );
- chal->hdr.type = htole32(NTLM_CHALLENGE);
- chal->flags = flags;
- chal->unknown[6] = htole16(0x003a);
-
- d = (char *) chal + 48;
- i = 0;
-
- if (authenticate_ntlm_domain != NULL)
- while (authenticate_ntlm_domain[i++]);
-
- chal->flags = flags;
- chal->target.offset = htole32(48);
- chal->target.maxlen = htole16(i);
- chal->target.len = chal->target.maxlen;
-
- r = (int) rand();
- r = (hash ^ r) + r;
-
- for (i = 0; i < 8; i++) {
- chal->challenge[i] = r;
- r = (r >> 2) ^ r;
- }
-
- hash = r;
-}
-
-/*
- * Check the vailidity of a request header. Return -1 on error.
- */
-int
-ntlmCheckHeader(ntlmhdr * hdr, int type)
-{
- /*
- * Must be the correct security package and request type. The
- * 8 bytes compared includes the ASCII 'NUL'.
- */
- if (memcmp(hdr->signature, "NTLMSSP", 8) != 0) {
- fprintf(stderr, "ntlmCheckHeader: bad header signature\n");
- return (-1);
- }
- if (type == NTLM_ANY)
- return 0;
-
- if (le32toh(hdr->type) != type) {
- /* don't report this error - it's ok as we do a if() around this function */
-// fprintf(stderr, "ntlmCheckHeader: type is %d, wanted %d\n",
- // le32toh(hdr->type), type);
- return (-1);
- }
- return (0);
-}
-
-/*
- * Extract a string from an NTLM request and return as ASCII.
- */
-char *
-ntlmGetString(ntlmhdr * hdr, strhdr * str, int flags)
-{
- static char buf[512];
- u_short *s, c;
- char *d, *sc;
- int l, o;
-
- l = le16toh(str->len);
- o = le32toh(str->offset);
-
- /* Sanity checks. XXX values arbitrarialy chosen */
- if (l <= 0 || l >= 32 || o >= 256) {
- fprintf(stderr, "ntlmGetString: insane: l:%d o:%d\n", l, o);
- return (NULL);
- }
- if ((flags & NEGOTIATE_ASCII) == 0) {
- /* UNICODE string */
- s = (u_short *) ((char *) hdr + o);
- d = buf;
-
- for (l >>= 1; l; s++, l--) {
- c = le16toh(*s);
- if (c > 254 || c == '\0') {
- fprintf(stderr, "ntlmGetString: bad uni: %04x\n", c);
- return (NULL);
- }
- *d++ = c;
- }
-
- *d = 0;
- } else {
- /* ASCII/OEM string */
- sc = (char *) hdr + o;
- d = buf;
-
- for (; l; l--) {
- if (*sc == '\0' || !xisprint(*sc)) {
- fprintf(stderr, "ntlmGetString: bad ascii: %04x\n", *sc);
- return (NULL);
- }
- *d++ = *sc++;
- }
-
- *d = 0;
- }
-
- return (buf);
-}
-
-/*
- * Decode the strings in an NTLM authentication request
- */
-static int
-ntlmDecodeAuth(struct ntlm_authenticate *auth, char *buf, size_t size)
-{
- const char *p;
- char *origbuf;
- int s;
-
- if (!buf) {
- return 1;
- }
- origbuf = buf;
- if (ntlmCheckHeader(&auth->hdr, NTLM_AUTHENTICATE)) {
- fprintf(stderr, "ntlmDecodeAuth: header check fails\n");
- return -1;
- }
- debug("ntlmDecodeAuth: size of %d\n", (int) size);
- debug("ntlmDecodeAuth: flg %08x\n", auth->flags);
- debug("ntlmDecodeAuth: usr o(%d) l(%d)\n", auth->user.offset, auth->user.len);
-
- if ((p = ntlmGetString(&auth->hdr, &auth->domain, auth->flags)) == NULL)
- p = authenticate_ntlm_domain;
-
- debug("ntlmDecodeAuth: Domain '%s'.\n", p);
-
- if ((s = strlen(p) + 1) >= size)
- return 1;
- strcpy(buf, p);
-
- debug("ntlmDecodeAuth: Domain '%s'.\n", buf);
-
- size -= s;
- buf += (s - 1);
- *buf++ = '\\'; /* Using \ is more consistent with MS-proxy */
-
- if ( (p = ntlmGetString(&auth->hdr, &auth->user, auth->flags)) == NULL)
- return 1;
-
- if ((s = strlen(p) + 1) >= size)
- return 1;
-
- while (*p)
- *buf++ = (*p++); //tolower
-
- *buf++ = '\0';
- size -= s;
-
- debug("ntlmDecodeAuth: user: %s%s\n", origbuf, p);
-
- return 0;
-}
-
-
-/*
- * options:
- * -d enable debugging.
- * -v enable verbose NTLM packet debugging.
- * -l if specified, changes behavior on failures to last-ditch.
- */
-char *my_program_name = NULL;
-
-static void
-usage(void)
-{
- fprintf(stderr,
- "Usage: %s [-d] [-v] [-h]\n"
- " -d enable debugging.\n"
- " -S strip domain from username.\n"
- " -v enable verbose NTLM packet debugging.\n"
- " -h this message\n\n",
- my_program_name);
-}
-
-
-static void
-process_options(int argc, char *argv[])
-{
- int opt, had_error = 0;
-
- opterr = 0;
- while (-1 != (opt = getopt(argc, argv, "hdvS"))) {
- switch (opt) {
- case 'd':
- debug_enabled = 1;
- break;
- case 'v':
- debug_enabled = 1;
- NTLM_packet_debug_enabled = 1;
- break;
- case 'S':
- strip_domain_enabled = 1;
- break;
- case 'h':
- usage();
- exit(0);
- case '?':
- opt = optopt;
- /* fall thru to default */
- default:
- fprintf(stderr, "unknown option: -%c. Exiting\n", opt);
- usage();
- had_error = 1;
- }
- }
- if (had_error)
- exit(1);
-}
-
-
-int
-main(int argc, char *argv[])
-{
- char buf[BUFFER_SIZE];
- int buflen = 0;
- char user[256], *p, *decoded = NULL;
- struct ntlm_challenge chal;
- struct ntlm_negotiate *nego;
- char helper_command[3];
- int len;
- char *data = NULL;
-
- setbuf(stdout, NULL);
- setbuf(stderr, NULL);
-
- my_program_name = argv[0];
-
- process_options(argc, argv);
-
- debug("%s build " __DATE__ ", " __TIME__ " starting up...\n", my_program_name);
-
- while (fgets(buf, BUFFER_SIZE, stdin) != NULL) {
- user[0] = '\0'; /*no usercode */
-
- if ((p = strchr(buf, '\n')) != NULL)
- *p = '\0'; /* strip \n */
- buflen = strlen(buf); /* keep this so we only scan the buffer for \0 once per loop */
- if (buflen > 3)
- decoded = base64_decode(buf + 3);
- if (buflen > 3 && NTLM_packet_debug_enabled) {
- strncpy(helper_command, buf, 2);
- helper_command[2] = '\0';
- debug("Got '%s' from Squid with data:\n", helper_command);
- hex_dump(decoded, ((strlen(buf) - 3) * 3) / 4);
- } else
- debug("Got '%s' from Squid\n", buf);
-
- if (strncasecmp(buf, "YR", 2) == 0) {
- if (buflen > 3) {
- nego = (struct ntlm_negotiate *) decoded;
- ntlmMakeChallenge(&chal, nego->flags);
- } else
- ntlmMakeChallenge(&chal, NEGOTIATE_ASCII);
- len =
- sizeof(chal) - sizeof(chal.pad) +
- le16toh(chal.target.maxlen);
- data = (char *) base64_encode_bin((char *) &chal, len);
- if (NTLM_packet_debug_enabled) {
- printf("TT %s\n", data);
- decoded = base64_decode(data);
- debug("sending 'TT' to squid with data:\n");
- hex_dump(decoded, (strlen(data) * 3) / 4);
- } else
- SEND2("TT %s", data);
- } else if (strncasecmp(buf, "KK ", 3) == 0) {
- if (!decoded) {
- SEND2("BH received KK with no data! user=%s", user);
- } else if (!ntlmCheckHeader((ntlmhdr *) decoded, NTLM_AUTHENTICATE)) {
- if (!ntlmDecodeAuth((struct ntlm_authenticate *) decoded, user, 256)) {
- lc(user);
- if (strip_domain_enabled) {
- strtok(user, "\\");
- p = strtok(NULL, "\\");
- if (!p)
- p = user;
- SEND2("AF %s", p);
- } else {
- SEND2("AF %s", user);
- }
- } else {
- lc(user);
- SEND2("NA invalid credentials, user=%s", user);
- }
- } else {
- lc(user);
- SEND2("BH wrong packet type! user=%s", user);
- }
- }
- }
- exit(0);
-}
+++ /dev/null
-/*
- * $Id$
- *
- * AUTHOR: Andrew Doran <ad@interlude.eu.org>
- *
- * SQUID Web Proxy Cache http://www.squid-cache.org/
- * ----------------------------------------------------------
- *
- * Squid is the result of efforts by numerous individuals from
- * the Internet community; see the CONTRIBUTORS file for full
- * details. Many organizations have provided support for Squid's
- * development; see the SPONSORS file for full details. Squid is
- * Copyrighted (C) 2001 by the Regents of the University of
- * California; see the COPYRIGHT file for full details. Squid
- * incorporates software developed and/or copyrighted by other
- * sources; see the CREDITS file for full details.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
- *
- */
-
-#ifndef _NTLM_H_
-#define _NTLM_H_
-
-/* undefine this to have strict protocol adherence. You don't really need
- * that though */
-#define IGNORANCE_IS_BLISS
-
-#include <sys/types.h>
-
-/* All of this cruft is little endian */
-#include "squid_endian.h"
-
-/* NTLM request types that we know about */
-#define NTLM_ANY 0
-
-/* Negotiation request sent by client */
-struct ntlm_negotiate {
- ntlmhdr hdr; /* NTLM header */
- int32_t flags; /* Request flags */
- strhdr domain; /* Domain we wish to authenticate in */
- strhdr workstation; /* Client workstation name */
- char pad[256]; /* String data */
-};
-
-/* Challenge request sent by server. */
-struct ntlm_challenge {
- ntlmhdr hdr; /* NTLM header */
- strhdr target; /* Authentication target (domain/server ...) */
- int32_t flags; /* Request flags */
- u_char challenge[8]; /* Challenge string */
- int16_t unknown[8]; /* Some sort of context data */
- char pad[256]; /* String data */
-};
-
-/* Authentication request sent by client in response to challenge */
-struct ntlm_authenticate {
- ntlmhdr hdr; /* NTLM header */
- strhdr lmresponse; /* LANMAN challenge response */
- strhdr ntresponse; /* NT challenge response */
- strhdr domain; /* Domain to authenticate against */
- strhdr user; /* Username */
- strhdr workstation; /* Workstation name */
- strhdr sessionkey; /* Session key for server's use */
- int32_t flags; /* Request flags */
- char pad[256 * 6]; /* String data */
-};
-
-char *ntlmGetString(ntlmhdr * hdr, strhdr * str, int flags);
-void ntlmMakeChallenge(struct ntlm_challenge *chal, int32_t flags);
-int ntlmCheckHeader(ntlmhdr * hdr, int type);
-int ntlmCheckNegotiation(struct ntlm_negotiate *neg);
-int ntlmAuthenticate(struct ntlm_authenticate *neg);
-
-#define safe_free(x) if (x) { free(x); x = NULL; }
-
-#undef debug
-
-/************* CONFIGURATION ***************/
-/*
- * define this if you want debugging
- */
-#ifndef DEBUG
-#define DEBUG
-#endif
-
-#define FAIL_DEBUG 0
-
-/************* END CONFIGURATION ***************/
-
-#include <sys/types.h>
-
-extern int debug_enabled;
-#if FAIL_DEBUG
-extern int fail_debug_enabled;
-#endif
-
-/* Debugging stuff */
-
-#ifdef __GNUC__ /* this is really a gcc-ism */
-#ifdef DEBUG
-#include <stdio.h>
-#include <unistd.h>
-static const char *__foo;
-#define debug(X...) if (debug_enabled) { \
- fprintf(stderr,"ntlm-auth[%ld](%s:%d): ", (long)getpid(), \
- ((__foo=strrchr(__FILE__,'/'))==NULL?__FILE__:__foo+1),\
- __LINE__);\
- fprintf(stderr,X); }
-#else /* DEBUG */
-#define debug(X...) /* */
-#endif /* DEBUG */
-#else /* __GNUC__ */
-static void
-debug(char *format,...)
-{
-#ifdef DEBUG
-#ifdef _SQUID_MSWIN_
-#if FAIL_DEBUG
- if (debug_enabled || fail_debug_enabled) {
-#else
-if (debug_enabled) {
-#endif
- va_list args;
-
- va_start(args, format);
- fprintf(stderr, "ntlm-auth[%ld]: ", (long)getpid());
- vfprintf(stderr, format, args);
- va_end(args);
-#if FAIL_DEBUG
- fail_debug_enabled = 0;
-#endif
- }
-#endif /* _SQUID_MSWIN_ */
-#endif /* DEBUG */
-}
-#endif /* __GNUC__ */
-
-
-/* A couple of harmless helper macros */
-#define SEND(X) debug("sending '%s' to squid\n",X); printf(X "\n");
-#ifdef __GNUC__
-#define SEND2(X,Y...) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
-#else
-/* no gcc, no debugging. varargs macros are a gcc extension */
-#define SEND2(X,Y) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
-#endif
-
-#endif /* _NTLM_H_ */
+++ /dev/null
-#
-# Makefile for the Squid Object Cache server
-#
-# $Id$
-#
-
-include $(top_srcdir)/src/Common.am
-
-libexec_PROGRAMS = mswin_ntlm_auth
-
-mswin_ntlm_auth_SOURCES = libntlmssp.c ntlm_auth.c ntlm.h
-
-## we need our local files too (but avoid -I. at all costs)
-INCLUDES += -I$(srcdir)
-
-LDADD = \
- $(top_builddir)/compat/libcompat.la \
- -L$(top_builddir)/lib -lmiscutil -lntlmauth \
- -lsspwin32 \
- -lnetapi32 \
- -ladvapi32 \
- $(XTRA_LIBS)
-
-EXTRA_DIST = readme.txt
+++ /dev/null
-/*
- * (C) 2002,2005 Guido Serassio <guido.serassio@acmeconsulting.it>
- * Based on previous work of Francesco Chemolli and Robert Collins
- * Distributed freely under the terms of the GNU General Public License,
- * version 2. See the file COPYING for licensing details
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
- */
-
-typedef unsigned char uchar;
-
-#include "util.h"
-#include "ntlm.h"
-#if HAVE_CTYPE_H
-#include <ctype.h>
-#endif
-#include <lm.h>
-#include <ntsecapi.h>
-
-/* returns 1 on success, 0 on failure */
-int
-Valid_Group(char *UserName, char *Group)
-{
- int result = FALSE;
- WCHAR wszUserName[UNLEN+1]; // Unicode user name
- WCHAR wszGroup[GNLEN+1]; // Unicode Group
-
- LPLOCALGROUP_USERS_INFO_0 pBuf = NULL;
- LPLOCALGROUP_USERS_INFO_0 pTmpBuf;
- DWORD dwLevel = 0;
- DWORD dwFlags = LG_INCLUDE_INDIRECT;
- DWORD dwPrefMaxLen = -1;
- DWORD dwEntriesRead = 0;
- DWORD dwTotalEntries = 0;
- NET_API_STATUS nStatus;
- DWORD i;
- DWORD dwTotalCount = 0;
-
- /* Convert ANSI User Name and Group to Unicode */
-
- MultiByteToWideChar(CP_ACP, 0, UserName,
- strlen(UserName) + 1, wszUserName,
- sizeof(wszUserName) / sizeof(wszUserName[0]));
- MultiByteToWideChar(CP_ACP, 0, Group,
- strlen(Group) + 1, wszGroup, sizeof(wszGroup) / sizeof(wszGroup[0]));
-
- /*
- * Call the NetUserGetLocalGroups function
- * specifying information level 0.
- *
- * The LG_INCLUDE_INDIRECT flag specifies that the
- * function should also return the names of the local
- * groups in which the user is indirectly a member.
- */
- nStatus = NetUserGetLocalGroups(NULL,
- wszUserName,
- dwLevel,
- dwFlags,
- (LPBYTE *) & pBuf, dwPrefMaxLen, &dwEntriesRead, &dwTotalEntries);
- /*
- * If the call succeeds,
- */
- if (nStatus == NERR_Success) {
- if ((pTmpBuf = pBuf) != NULL) {
- for (i = 0; i < dwEntriesRead; i++) {
- if (pTmpBuf == NULL) {
- result = FALSE;
- break;
- }
- if (wcscmp(pTmpBuf->lgrui0_name, wszGroup) == 0) {
- result = TRUE;
- break;
- }
- pTmpBuf++;
- dwTotalCount++;
- }
- }
- } else
- result = FALSE;
- /*
- * Free the allocated memory.
- */
- if (pBuf != NULL)
- NetApiBufferFree(pBuf);
- return result;
-}
-
-
-char * AllocStrFromLSAStr(LSA_UNICODE_STRING LsaStr)
-{
- size_t len;
- static char * target;
-
- len = LsaStr.Length/sizeof(WCHAR) + 1;
-
- /* allocate buffer for str + null termination */
- safe_free(target);
- target = (char *)xmalloc(len);
- if (target == NULL)
- return NULL;
-
- /* copy unicode buffer */
- WideCharToMultiByte(CP_ACP, 0, LsaStr.Buffer, LsaStr.Length, target, len, NULL, NULL );
-
- /* add null termination */
- target[len-1] = '\0';
- return target;
-}
-
-
-char * GetDomainName(void)
-
-{
- LSA_HANDLE PolicyHandle;
- LSA_OBJECT_ATTRIBUTES ObjectAttributes;
- NTSTATUS status;
- PPOLICY_PRIMARY_DOMAIN_INFO ppdiDomainInfo;
- PWKSTA_INFO_100 pwkiWorkstationInfo;
- DWORD netret;
- char * DomainName = NULL;
-
- /*
- * Always initialize the object attributes to all zeroes.
- */
- memset(&ObjectAttributes, '\0', sizeof(ObjectAttributes));
-
- /*
- * You need the local workstation name. Use NetWkstaGetInfo at level
- * 100 to retrieve a WKSTA_INFO_100 structure.
- *
- * The wki100_computername field contains a pointer to a UNICODE
- * string containing the local computer name.
- */
- netret = NetWkstaGetInfo(NULL, 100, (LPBYTE *)&pwkiWorkstationInfo);
- if (netret == NERR_Success) {
- /*
- * We have the workstation name in:
- * pwkiWorkstationInfo->wki100_computername
- *
- * Next, open the policy object for the local system using
- * the LsaOpenPolicy function.
- */
- status = LsaOpenPolicy(
- NULL,
- &ObjectAttributes,
- GENERIC_READ | POLICY_VIEW_LOCAL_INFORMATION,
- &PolicyHandle
- );
-
- /*
- * Error checking.
- */
- if (status) {
- debug("OpenPolicy Error: %ld\n", status);
- } else {
-
- /*
- * You have a handle to the policy object. Now, get the
- * domain information using LsaQueryInformationPolicy.
- */
- status = LsaQueryInformationPolicy(PolicyHandle,
- PolicyPrimaryDomainInformation,
- (void **)&ppdiDomainInfo);
- if (status) {
- debug("LsaQueryInformationPolicy Error: %ld\n", status);
- } else {
-
- /* Get name in useable format */
- DomainName = AllocStrFromLSAStr(ppdiDomainInfo->Name);
-
- /*
- * Check the Sid pointer, if it is null, the
- * workstation is either a stand-alone computer
- * or a member of a workgroup.
- */
- if (ppdiDomainInfo->Sid) {
-
- /*
- * Member of a domain. Display it in debug mode.
- */
- debug("Member of Domain %s\n",DomainName);
- } else {
- DomainName = NULL;
- }
- }
- }
-
- /*
- * Clean up all the memory buffers created by the LSA and
- * Net* APIs.
- */
- NetApiBufferFree(pwkiWorkstationInfo);
- LsaFreeMemory((LPVOID)ppdiDomainInfo);
- } else
- debug("NetWkstaGetInfo Error: %ld\n", netret);
- return DomainName;
-}
-
-
-int ntlm_errno;
-
-
-/* returns NULL on failure, or a pointer to
- * the user's credentials (domain\\username)
- * upon success. WARNING. It's pointing to static storage.
- * In case of problem sets as side-effect ntlm_errno to one of the
- * codes defined in ntlm.h
- */
-char *
-ntlm_check_auth(ntlm_authenticate * auth, int auth_length)
-{
- int rv;
- char domain[DNLEN+1];
- char user[UNLEN+1];
- static char credentials[DNLEN+UNLEN+2]; /* we can afford to waste */
-
- lstring tmp;
-
- if (!NTLM_LocalCall) {
-
- tmp = ntlm_fetch_string((char *) auth, auth_length, &auth->domain);
-
- if (tmp.str == NULL || tmp.l == 0) {
- debug("No domain supplied. Returning no-auth\n");
- ntlm_errno = NTLM_BAD_REQUEST;
- return NULL;
- }
- if (Use_Unicode) {
- /* copy unicode buffer */
- WideCharToMultiByte(CP_ACP, 0, (LPCWSTR) tmp.str, tmp.l, domain, DNLEN, NULL, NULL );
- /* add null termination */
- domain[tmp.l / sizeof(WCHAR)] = '\0';
- } else {
- if (tmp.l > DNLEN) {
- debug("Domain string exceeds %d bytes, rejecting\n", DNLEN);
- ntlm_errno = NTLM_BAD_REQUEST;
- return NULL;
- }
- memcpy(domain, tmp.str, tmp.l);
- domain[tmp.l] = '\0';
- }
- tmp = ntlm_fetch_string((char *) auth, auth_length, &auth->user);
- if (tmp.str == NULL || tmp.l == 0) {
- debug("No username supplied. Returning no-auth\n");
- ntlm_errno = NTLM_BAD_REQUEST;
- return NULL;
- }
- if (Use_Unicode) {
- /* copy unicode buffer */
- WideCharToMultiByte(CP_ACP, 0, (LPCWSTR) tmp.str, tmp.l, user, UNLEN, NULL, NULL );
- /* add null termination */
- user[tmp.l / sizeof(WCHAR)] = '\0';
- } else {
- if (tmp.l > UNLEN) {
- debug("Username string exceeds %d bytes, rejecting\n", UNLEN);
- ntlm_errno = NTLM_BAD_REQUEST;
- return NULL;
- }
- memcpy(user, tmp.str, tmp.l);
- user[tmp.l] = '\0';
- }
- debug("checking domain: '%s', user: '%s'\n", domain, user);
-
- } else
- debug("checking local user\n");
-
- rv = SSP_ValidateNTLMCredentials(auth, auth_length, credentials);
-
- debug("Login attempt had result %d\n", rv);
-
- if (!rv) { /* failed */
- ntlm_errno = NTLM_SSPI_ERROR;
- return NULL;
- }
-
- if (UseAllowedGroup) {
- if (!Valid_Group(credentials, NTAllowedGroup)) {
- ntlm_errno = NTLM_BAD_NTGROUP;
- debug("User %s not in allowed Group %s\n", credentials, NTAllowedGroup);
- return NULL;
- }
- }
- if (UseDisallowedGroup) {
- if (Valid_Group(credentials, NTDisAllowedGroup)) {
- ntlm_errno = NTLM_BAD_NTGROUP;
- debug("User %s is in denied Group %s\n", credentials, NTDisAllowedGroup);
- return NULL;
- }
- }
-
- debug("credentials: %s\n", credentials);
- return credentials;
-}
-
-
-const char *
-ntlm_make_negotiate(void)
-{
- ntlm_negotiate ne;
- const char *encoded;
- memset(&ne, 0, sizeof(ntlm_negotiate)); /* reset */
- memcpy(ne.signature, "NTLMSSP", 8); /* set the signature */
- ne.type = le32toh(NTLM_NEGOTIATE); /* this is a challenge */
- ne.flags = le32toh(
- NEGOTIATE_ALWAYS_SIGN |
- NEGOTIATE_USE_NTLM |
- NEGOTIATE_USE_LM |
- NEGOTIATE_ASCII |
- 0
- );
- encoded = base64_encode_bin((char *) &ne, NEGOTIATE_LENGTH);
- debug("Negotiate packet not supplied - self generated\n");
- return encoded;
-}
-
-
-void hex_dump(void *data, int size)
-{
- /* dumps size bytes of *data to stdout. Looks like:
- * [0000] 75 6E 6B 6E 6F 77 6E 20
- * 30 FF 00 00 00 00 39 00 unknown 0.....9.
- * (in a single line of course)
- */
-
- if (!data)
- return;
-
- if (debug_enabled) {
- unsigned char *p = data;
- unsigned char c;
- int n;
- char bytestr[4] = {0};
- char addrstr[10] = {0};
- char hexstr[ 16*3 + 5] = {0};
- char charstr[16*1 + 5] = {0};
- for (n=1; n<=size; n++) {
- if (n%16 == 1) {
- /* store address for this line */
- snprintf(addrstr, sizeof(addrstr), "%.4x",
- ((unsigned int)p-(unsigned int)data) );
- }
-
- c = *p;
- if (xisalnum(c) == 0) {
- c = '.';
- }
-
- /* store hex str (for left side) */
- snprintf(bytestr, sizeof(bytestr), "%02X ", *p);
- strncat(hexstr, bytestr, sizeof(hexstr)-strlen(hexstr)-1);
-
- /* store char str (for right side) */
- snprintf(bytestr, sizeof(bytestr), "%c", c);
- strncat(charstr, bytestr, sizeof(charstr)-strlen(charstr)-1);
-
- if (n%16 == 0) {
- /* line completed */
- fprintf(stderr, "[%4.4s] %-50.50s %s\n", addrstr, hexstr, charstr);
- hexstr[0] = 0;
- charstr[0] = 0;
- } else if (n%8 == 0) {
- /* half line: add whitespaces */
- strncat(hexstr, " ", sizeof(hexstr)-strlen(hexstr)-1);
- strncat(charstr, " ", sizeof(charstr)-strlen(charstr)-1);
- }
- p++; /* next byte */
- }
-
- if (strlen(hexstr) > 0) {
- /* print rest of buffer if not empty */
- fprintf(stderr, "[%4.4s] %-50.50s %s\n", addrstr, hexstr, charstr);
- }
- }
-}
-
+++ /dev/null
-/*
- * (C) 2002,2005 Guido Serassio <guido.serassio@acmeconsulting.it>
- * Based on previous work of Francesco Chemolli, Robert Collins and Andrew Doran
- *
- * Distributed freely under the terms of the GNU General Public License,
- * version 2. See the file COPYING for licensing details
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
- */
-
-#ifndef _NTLM_H_
-#define _NTLM_H_
-
-#include "sspwin32.h"
-#include <windows.h>
-#include <sspi.h>
-#include <security.h>
-#include "ntlmauth.h"
-#undef debug
-
-/************* CONFIGURATION ***************/
-/*
- * define this if you want debugging
- */
-#ifndef DEBUG
-#define DEBUG
-#endif
-
-#define FAIL_DEBUG 0
-
-/************* END CONFIGURATION ***************/
-
-#include <sys/types.h>
-
-extern int debug_enabled;
-#if FAIL_DEBUG
-extern int fail_debug_enabled;
-#endif
-
-/* Debugging stuff */
-
-#ifdef __GNUC__ /* this is really a gcc-ism */
-#ifdef DEBUG
-#include <stdio.h>
-#include <unistd.h>
-static char *__foo;
-#define debug(X...) if (debug_enabled) { \
- fprintf(stderr,"ntlm-auth[%d](%s:%d): ", getpid(), \
- ((__foo=strrchr(__FILE__,'/'))==NULL?__FILE__:__foo+1),\
- __LINE__);\
- fprintf(stderr,X); }
-#else /* DEBUG */
-#define debug(X...) /* */
-#endif /* DEBUG */
-#else /* __GNUC__ */
-static void
-debug(char *format,...)
-{
-#ifdef DEBUG
-#ifdef _SQUID_MSWIN_
-#if FAIL_DEBUG
- if (debug_enabled || fail_debug_enabled) {
-#else
-if (debug_enabled) {
-#endif
- va_list args;
-
- va_start(args,format);
- fprintf(stderr, "ntlm-auth[%d]: ",getpid());
- vfprintf(stderr, format, args);
- va_end(args);
-#if FAIL_DEBUG
- fail_debug_enabled = 0;
-#endif
- }
-#endif /* _SQUID_MSWIN_ */
-#endif /* DEBUG */
-}
-#endif /* __GNUC__ */
-
-
-/* A couple of harmless helper macros */
-#define SEND(X) debug("sending '%s' to squid\n",X); printf(X "\n");
-#ifdef __GNUC__
-#define SEND2(X,Y...) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
-#else
-/* no gcc, no debugging. varargs macros are a gcc extension */
-#define SEND2(X,Y) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
-#endif
-
-extern char * NTAllowedGroup;
-extern char * NTDisAllowedGroup;
-extern int UseDisallowedGroup;
-extern int UseAllowedGroup;
-extern int ntlm_errno;
-
-#define NTLM_NO_ERROR 0
-#define NTLM_SSPI_ERROR 1
-#define NTLM_BAD_NTGROUP 2
-#define NTLM_BAD_REQUEST 3
-
-#define NEGOTIATE_LENGTH 16
-
-extern void uc(char *);
-
-extern const char * ntlm_make_negotiate(void);
-extern char *ntlm_check_auth(ntlm_authenticate * auth, int auth_length);
-extern void hex_dump(void *, int);
-
-#define safe_free(x) if (x) { free(x); x = NULL; }
-
-#endif /* _NTLM_H_ */
+++ /dev/null
-/*
- * mswin_ntlm_auth: helper for NTLM Authentication for Squid Cache
- *
- * (C)2002,2005 Guido Serassio - Acme Consulting S.r.l.
- *
- * Authors:
- * Guido Serassio <guido.serassio@acmeconsulting.it>
- * Acme Consulting S.r.l., Italy <http://www.acmeconsulting.it>
- *
- * With contributions from others mentioned in the change history section
- * below.
- *
- * Based on previous work of Francesco Chemolli and Robert Collins.
- *
- * Dependencies: Windows NT4 SP4 and later.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
- *
- * History:
- *
- * Version 1.22
- * 29-10-2005 Guido Serassio
- * Updated for Negotiate auth support.
- * Version 1.21
- * 21-02-2004 Guido Serassio
- * Removed control of use of NTLM NEGOTIATE packet from
- * command line, now the support is automatic.
- * Version 1.20
- * 30-11-2003 Guido Serassio
- * Added support for NTLM local calls.
- * Added control of use of NTLM NEGOTIATE packet from
- * command line.
- * Updated documentation.
- * Version 1.10
- * 07-09-2003 Guido Serassio
- * Now is true NTLM authenticator.
- * More debug info.
- * Updated documentation.
- * Version 1.0
- * 29-06-2002 Guido Serassio
- * First release.
- *
- *
- */
-
-#include "util.h"
-#if HAVE_GETOPT_H
-#include <getopt.h>
-#endif
-#include "ntlm.h"
-#if HAVE_CTYPE_H
-#include <ctype.h>
-#endif
-
-#define BUFFER_SIZE 10240
-
-int debug_enabled = 0;
-int NTLM_packet_debug_enabled = 0;
-
-static int have_challenge;
-
-char * NTAllowedGroup;
-char * NTDisAllowedGroup;
-int UseDisallowedGroup = 0;
-int UseAllowedGroup = 0;
-#if FAIL_DEBUG
-int fail_debug_enabled = 0;
-#endif
-
-/* makes a null-terminated string upper-case. Changes CONTENTS! */
-void
-uc(char *string)
-{
- char *p = string, c;
- while ((c = *p)) {
- *p = xtoupper(c);
- p++;
- }
-}
-
-/* makes a null-terminated string lower-case. Changes CONTENTS! */
-static void
-lc(char *string)
-{
- char *p = string, c;
- while ((c = *p)) {
- *p = xtolower(c);
- p++;
- }
-}
-
-void
-helperfail(const char *reason)
-{
-#if FAIL_DEBUG
- fail_debug_enabled =1;
-#endif
- SEND2("BH %s", reason);
-}
-
-/*
- options:
- -d enable debugging.
- -v enable verbose NTLM packet debugging.
- -A can specify a Windows Local Group name allowed to authenticate.
- -D can specify a Windows Local Group name not allowed to authenticate.
- */
-char *my_program_name = NULL;
-
-void
-usage()
-{
- fprintf(stderr,
- "Usage: %s [-d] [-v] [-A|D LocalUserGroup] [-h]\n"
- " -d enable debugging.\n"
- " -v enable verbose NTLM packet debugging.\n"
- " -A specify a Windows Local Group name allowed to authenticate\n"
- " -D specify a Windows Local Group name not allowed to authenticate\n"
- " -h this message\n\n",
- my_program_name);
-}
-
-
-void
-process_options(int argc, char *argv[])
-{
- int opt, had_error = 0;
-
- opterr =0;
- while (-1 != (opt = getopt(argc, argv, "hdvA:D:"))) {
- switch (opt) {
- case 'A':
- safe_free(NTAllowedGroup);
- NTAllowedGroup=xstrdup(optarg);
- UseAllowedGroup = 1;
- break;
- case 'D':
- safe_free(NTDisAllowedGroup);
- NTDisAllowedGroup=xstrdup(optarg);
- UseDisallowedGroup = 1;
- break;
- case 'd':
- debug_enabled = 1;
- break;
- case 'v':
- debug_enabled = 1;
- NTLM_packet_debug_enabled = 1;
- break;
- case 'h':
- usage();
- exit(0);
- case '?':
- opt = optopt;
- /* fall thru to default */
- default:
- fprintf(stderr, "unknown option: -%c. Exiting\n", opt);
- usage();
- had_error = 1;
- }
- }
- if (had_error)
- exit(1);
-}
-
-
-const char *
-obtain_challenge(ntlm_negotiate * nego, int nego_length)
-{
- const char *ch = NULL;
-
- debug("attempting SSPI challenge retrieval\n");
- ch = SSP_MakeChallenge(nego, nego_length);
- if (ch) {
- debug("Got it\n");
- return ch; /* All went OK, returning */
- }
- return NULL;
-}
-
-
-int
-manage_request()
-{
- ntlmhdr *fast_header;
- char buf[BUFFER_SIZE];
- char helper_command[3];
- char *c, *decoded, *cred;
- int plen;
- int oversized = 0;
- char * ErrorMessage;
-
-try_again:
- if (fgets(buf, BUFFER_SIZE, stdin) == NULL)
- return 0;
-
- c = memchr(buf, '\n', BUFFER_SIZE); /* safer against overrun than strchr */
- if (c) {
- if (oversized) {
- helperfail("illegal request received");
- fprintf(stderr, "Illegal request received: '%s'\n", buf);
- return 1;
- }
- *c = '\0';
- } else {
- fprintf(stderr, "No newline in '%s'\n", buf);
- oversized = 1;
- goto try_again;
- }
- if ((strlen(buf) > 3) && NTLM_packet_debug_enabled) {
- decoded = base64_decode(buf + 3);
- strncpy(helper_command, buf, 2);
- debug("Got '%s' from Squid with data:\n", helper_command);
- hex_dump(decoded, ((strlen(buf) - 3) * 3) / 4);
- } else
- debug("Got '%s' from Squid\n", buf);
- if (memcmp(buf, "YR", 2) == 0) { /* refresh-request */
- /* figure out what we got */
- if (strlen(buf) > 3)
- decoded = base64_decode(buf + 3);
- else
- decoded = base64_decode(ntlm_make_negotiate());
- /* Note: we don't need to manage memory at this point, since
- * base64_decode returns a pointer to static storage.
- */
- if (!decoded) { /* decoding failure, return error */
- SEND("NA Packet format error, couldn't base64-decode");
- return 1;
- }
- /* fast-track-decode request type. */
- fast_header = (struct _ntlmhdr *) decoded;
-
- /* sanity-check: it IS a NTLMSSP packet, isn't it? */
- if (memcmp(fast_header->signature, "NTLMSSP", 8) != 0) {
- SEND("NA Broken authentication packet");
- return 1;
- }
- switch (fast_header->type) {
- case NTLM_NEGOTIATE:
- /* Obtain challenge against SSPI */
- if (strlen(buf) > 3)
- plen = (strlen(buf) - 3) * 3 / 4; /* we only need it here. Optimization */
- else
- plen = NEGOTIATE_LENGTH;
- if ((c = (char *) obtain_challenge((ntlm_negotiate *) decoded, plen)) != NULL ) {
- if (NTLM_packet_debug_enabled) {
- printf("TT %s\n",c);
- decoded = base64_decode(c);
- debug("sending 'TT' to squid with data:\n");
- hex_dump(decoded, (strlen(c) * 3) / 4);
- if (NTLM_LocalCall)
- debug("NTLM Local Call detected\n");
- } else {
- SEND2("TT %s", c);
- }
- have_challenge = 1;
- } else
- helperfail("can't obtain challenge");
- return 1;
- /* notreached */
- case NTLM_CHALLENGE:
- SEND
- ("NA Got a challenge. We refuse to have our authority disputed");
- return 1;
- /* notreached */
- case NTLM_AUTHENTICATE:
- SEND("NA Got authentication request instead of negotiate request");
- return 1;
- /* notreached */
- default:
- helperfail("unknown refresh-request packet type");
- return 1;
- }
- return 1;
- }
- if (memcmp(buf, "KK ", 3) == 0) { /* authenticate-request */
- if (!have_challenge) {
- helperfail("invalid challenge");
- return 1;
- }
- /* figure out what we got */
- decoded = base64_decode(buf + 3);
- /* Note: we don't need to manage memory at this point, since
- * base64_decode returns a pointer to static storage.
- */
-
- if (!decoded) { /* decoding failure, return error */
- SEND("NA Packet format error, couldn't base64-decode");
- return 1;
- }
- /* fast-track-decode request type. */
- fast_header = (struct _ntlmhdr *) decoded;
-
- /* sanity-check: it IS a NTLMSSP packet, isn't it? */
- if (memcmp(fast_header->signature, "NTLMSSP", 8) != 0) {
- SEND("NA Broken authentication packet");
- return 1;
- }
- switch (fast_header->type) {
- case NTLM_NEGOTIATE:
- SEND("NA Invalid negotiation request received");
- return 1;
- /* notreached */
- case NTLM_CHALLENGE:
- SEND
- ("NA Got a challenge. We refuse to have our authority disputed");
- return 1;
- /* notreached */
- case NTLM_AUTHENTICATE:
- /* check against SSPI */
- plen = (strlen(buf) - 3) * 3 / 4; /* we only need it here. Optimization */
- cred = ntlm_check_auth((ntlm_authenticate *) decoded, plen);
- have_challenge = 0;
- if (cred == NULL) {
-#if FAIL_DEBUG
- fail_debug_enabled =1;
-#endif
- switch (ntlm_errno) {
- case NTLM_BAD_NTGROUP:
- SEND("NA Incorrect Group Membership");
- return 1;
- case NTLM_BAD_REQUEST:
- SEND("NA Incorrect Request Format");
- return 1;
- case NTLM_SSPI_ERROR:
- FormatMessage(
- FORMAT_MESSAGE_ALLOCATE_BUFFER |
- FORMAT_MESSAGE_FROM_SYSTEM |
- FORMAT_MESSAGE_IGNORE_INSERTS,
- NULL,
- GetLastError(),
- MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language
- (LPTSTR) &ErrorMessage,
- 0,
- NULL);
- if (ErrorMessage[strlen(ErrorMessage) - 1] == '\n')
- ErrorMessage[strlen(ErrorMessage) - 1] = '\0';
- if (ErrorMessage[strlen(ErrorMessage) - 1] == '\r')
- ErrorMessage[strlen(ErrorMessage) - 1] = '\0';
- SEND2("NA %s", ErrorMessage);
- LocalFree(ErrorMessage);
- return 1;
- default:
- SEND("NA Unknown Error");
- return 1;
- }
- }
- lc(cred); /* let's lowercase them for our convenience */
- SEND2("AF %s", cred);
- return 1;
- default:
- helperfail("unknown authentication packet type");
- return 1;
- }
- return 1;
- } else { /* not an auth-request */
- helperfail("illegal request received");
- fprintf(stderr, "Illegal request received: '%s'\n", buf);
- return 1;
- }
- helperfail("detected protocol error");
- return 1;
- /********* END ********/
-}
-
-int
-main(int argc, char *argv[])
-{
- my_program_name = argv[0];
-
- process_options(argc, argv);
-
- debug("%s build " __DATE__ ", " __TIME__ " starting up...\n", my_program_name);
-
- if (LoadSecurityDll(SSP_NTLM, NTLM_PACKAGE_NAME) == NULL) {
- fprintf(stderr, "FATAL, can't initialize SSPI, exiting.\n");
- exit(1);
- }
- debug("SSPI initialized OK\n");
-
- atexit(UnloadSecurityDll);
-
- /* initialize FDescs */
- setbuf(stdout, NULL);
- setbuf(stderr, NULL);
-
- while (manage_request()) {
- /* everything is done within manage_request */
- }
- exit(0);
-}
+++ /dev/null
-mswin_ntlm_auth.exe
-
-Native Windows NTLM/NTLMv2 authenticator for Squid with
-automatic support for NTLM NEGOTIATE packets.
-
-=====
-Usage
-=====
-
-mswin_ntlm_auth [-d] [-v] [-A|D LocalUserGroup] [-h]
-
--d enables debugging.
--v enables verbose NTLM packet debugging.
--A specify a Windows Local Group name allowed to authenticate.
--D specify a Windows Local Group name not allowed to authenticate.
--h print program usage
-
-This is released under the GNU General Public License
-
-==============
-Allowing Users
-==============
-
-Users that are allowed to access the web proxy must have the Windows NT
-User Rights "logon from the network".
-Optionally the authenticator can verify the NT LOCAL group membership of
-the user against the User Group specified in the Authenticator's command
-line.
-This can be accomplished creating a local user group on the NT machine,
-grant the privilege, and adding users to it, it works only with MACHINE
-Local Groups, not Domain Local Groups.
-Better group checking is available with External Acl, see mswin_check_group
-documentation.
-
-Squid.conf typical minimal required changes:
-
-auth_param ntlm program c:/squid/libexec/mswin_ntlm_auth.exe
-auth_param ntlm children 5
-
-acl password proxy_auth REQUIRED
-
-http_access allow password
-http_access deny all
-
-Refer to Squid documentation for more details.
-
-Currently Internet Explorer has some problems with ftp:// URLs when handling
-internal Squid FTP icons. The following squid.conf ACL works around this:
-
-acl internal_icons urlpath_regex -i /squid-internal-static/icons/
-
-http_access allow our_networks internal_icons <== BEFORE authentication ACL !!!
+++ /dev/null
-#
-# Makefile for the Squid Object Cache server
-#
-# $Id$
-#
-# Uncomment and customize the following to suit your needs:
-#
-
-libexec_SCRIPTS = no_check.pl
-
-EXTRA_DIST = \
- no_check.pl \
- README.no_check_ntlm_auth
-
+++ /dev/null
-This is a dummy NTLM authentication module for Squid.
-It performs the NTLM challenge, but then it doesn't verify the
-user's credentials, it just takes the client's domain and username
-at face value.
-It's included mostly for demonstration purposes.
-
-(C) 2000 Francesco Chemolli <kinkie@kame.usr.dsi.unimi.it>
-Distributed freely under the terms of the GNU General Public License,
-version 2. For the licensing terms, see the file COPYING that
-came with Squid.
+++ /dev/null
-#!/bin/sh
-exit 0
-#
-# Makefile for the Squid Object Cache server
-#
-
include $(top_srcdir)/src/Common.am
-SUBDIRS = smbval
-
libexec_PROGRAMS = ntlm_smb_lm_auth
-ntlm_smb_lm_auth_SOURCES = libntlmssp.c ntlm_smb_lm_auth.c ntlm_smb_lm_auth.h
+ntlm_smb_lm_auth_SOURCES = ntlm_smb_lm_auth.cc
-## we need our local files too (but avoid -I. at all costs)
-INCLUDES += \
- -I$(srcdir) \
- -I$(srcdir)/smbval
-
-LDADD = \
- $(top_builddir)/compat/libcompat.la \
- -L$(top_builddir)/lib -lntlmauth -lmiscutil \
- smbval/libsmbvalid.a \
+ntlm_smb_lm_auth_LDADD = \
+ -L$(top_builddir)/libntlmauth -lntlmauth \
+ $(COMPAT_LIB) \
$(CRYPTLIB) \
$(XTRA_LIBS)
+
+EXTRA_DIST = config.test
+++ /dev/null
-/*
- * (C) 2000 Francesco Chemolli <kinkie@kame.usr.dsi.unimi.it>
- * Distributed freely under the terms of the GNU General Public License,
- * version 2. See the file COPYING for licensing details
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
- */
-
-typedef unsigned char uchar;
-
-#include "ntlm_smb_lm_auth.h"
-#include "util.h" /* from Squid */
-#include "valid.h"
-#include "smbencrypt.h"
-
-#if HAVE_STRING_H
-#include <string.h>
-#endif /* HAVE_STRING_H */
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif /* HAVE_STDLIB_H */
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-/* these are part of rfcnb-priv.h and smblib-priv.h */
-extern int SMB_Get_Error_Msg(int msg, char *msgbuf, int len);
-extern int SMB_Get_Last_Error();
-extern int RFCNB_Get_Last_Errno();
-
-#include "smblib-priv.h" /* for SMB_Handle_Type */
-
-/* a few forward-declarations. Hackish, but I don't care right now */
-SMB_Handle_Type SMB_Connect_Server(SMB_Handle_Type Con_Handle, char *server, char *NTdomain);
-
-/* this one is reallllly haackiish. We really should be using anything from smblib-priv.h
- */
-static char const *SMB_Prots[] = {"PC NETWORK PROGRAM 1.0",
- "MICROSOFT NETWORKS 1.03",
- "MICROSOFT NETWORKS 3.0",
- "DOS LANMAN1.0",
- "LANMAN1.0",
- "DOS LM1.2X002",
- "LM1.2X002",
- "DOS LANMAN2.1",
- "LANMAN2.1",
- "Samba",
- "NT LM 0.12",
- "NT LANMAN 1.0",
- NULL
- };
-
-#if 0
-int SMB_Discon(SMB_Handle_Type Con_Handle, BOOL KeepHandle);
-int SMB_Negotiate(void *Con_Handle, char *Prots[]);
-int SMB_Logon_Server(SMB_Handle_Type Con_Handle, char *UserName, char *PassWord, char *Domain, int precrypted);
-#endif
-
-#ifdef DEBUG
-#define debug_dump_ntlmssp_flags dump_ntlmssp_flags
-#else /* DEBUG */
-#define debug_dump_ntlmssp_flags(X) /* empty */
-#endif /* DEBUG */
-
-
-#define ENCODED_PASS_LEN 24
-static unsigned char challenge[NONCE_LEN];
-static unsigned char lmencoded_empty_pass[ENCODED_PASS_LEN],
-ntencoded_empty_pass[ENCODED_PASS_LEN];
-SMB_Handle_Type handle = NULL;
-
-/* Disconnects from the DC. A reconnection will be done upon the next request
- */
-void
-dc_disconnect()
-{
- if (handle != NULL)
- SMB_Discon(handle, 0);
- handle = NULL;
-}
-
-int
-connectedp()
-{
- return (handle != NULL);
-}
-
-
-/* Tries to connect to a DC. Returns 0 on failure, 1 on OK */
-int
-is_dc_ok(char *domain, char *domain_controller)
-{
- SMB_Handle_Type h = SMB_Connect_Server(NULL, domain_controller, domain);
- if (h == NULL)
- return 0;
- SMB_Discon(h, 0);
- return 1;
-}
-
-
-static char errstr[1001];
-/* returns 0 on success, > 0 on failure */
-static int
-init_challenge(char *domain, char *domain_controller)
-{
- int smberr;
-
- if (handle != NULL) {
- return 0;
- }
- debug("Connecting to server %s domain %s\n", domain_controller, domain);
- handle = SMB_Connect_Server(NULL, domain_controller, domain);
- smberr = SMB_Get_Last_Error();
- SMB_Get_Error_Msg(smberr, errstr, 1000);
-
-
- if (handle == NULL) { /* couldn't connect */
- debug("Couldn't connect to SMB Server. Error:%s\n", errstr);
- return 1;
- }
- if (SMB_Negotiate(handle, SMB_Prots) < 0) { /* An error */
- debug("Error negotiating protocol with SMB Server\n");
- SMB_Discon(handle, 0);
- handle = NULL;
- return 2;
- }
- if (handle->Security == 0) { /* share-level security, unuseable */
- debug("SMB Server uses share-level security .. we need user security.\n");
- SMB_Discon(handle, 0);
- handle = NULL;
- return 3;
- }
- memcpy(challenge, handle->Encrypt_Key, NONCE_LEN);
- SMBencrypt((unsigned char *)"",challenge,lmencoded_empty_pass);
- SMBNTencrypt((unsigned char *)"",challenge,ntencoded_empty_pass);
- return 0;
-}
-
-static char my_domain[100], my_domain_controller[100];
-const char *
-make_challenge(char *domain, char *domain_controller)
-{
- /* trying to circumvent some strange problem wih pointers in SMBLib */
- /* Ugly as hell, but the lib is going to be dropped... */
- strcpy(my_domain,domain);
- strcpy(my_domain_controller,domain_controller);
- if (init_challenge(my_domain, my_domain_controller) > 0) {
- return NULL;
- }
- return ntlm_make_challenge(my_domain, my_domain_controller, (char *)challenge, NONCE_LEN);
-}
-
-int ntlm_errno;
-#define MAX_USERNAME_LEN 255
-#define MAX_DOMAIN_LEN 255
-#define MAX_PASSWD_LEN 31
-static char credentials[MAX_USERNAME_LEN+MAX_DOMAIN_LEN+2]; /* we can afford to waste */
-
-
-/* Fetches the user's credentials from the challenge.
- * Returns NULL if domain or user is not defined
- * No identity control is performed.
- * WARNING! The result is static storage, shared with ntlm_check_auth
- */
-char *
-fetch_credentials(ntlm_authenticate * auth, int auth_length)
-{
- char *p = credentials;
- lstring tmp;
- tmp = ntlm_fetch_string((char *) auth, auth_length, &auth->domain);
- *p = '\0';
- if (tmp.str == NULL)
- return NULL;
- memcpy(p, tmp.str, tmp.l);
- p += tmp.l;
- *p++ = '\\';
- *p = '\0';
- tmp = ntlm_fetch_string((char *) auth, auth_length, &auth->user);
- if (tmp.str == NULL)
- return NULL;
- memcpy(p, tmp.str, tmp.l);
- *(p + tmp.l) = '\0';
- return credentials;
-}
-
-/* returns NULL on failure, or a pointer to
- * the user's credentials (domain\\username)
- * upon success. WARNING. It's pointing to static storage.
- * In case of problem sets as side-effect ntlm_errno to one of the
- * codes defined in ntlm.h
- */
-char *
-ntlm_check_auth(ntlm_authenticate * auth, int auth_length)
-{
- int rv;
- char pass[MAX_PASSWD_LEN+1];
- char *domain = credentials;
- char *user;
- lstring tmp;
-
- if (handle == NULL) { /*if null we aren't connected, but it shouldn't happen */
- debug("Weird, we've been disconnected\n");
- ntlm_errno = NTLM_NOT_CONNECTED;
- return NULL;
- }
-
- /* debug("fetching domain\n"); */
- tmp = ntlm_fetch_string((char *) auth, auth_length, &auth->domain);
- if (tmp.str == NULL || tmp.l == 0) {
- debug("No domain supplied. Returning no-auth\n");
- ntlm_errno = NTLM_LOGON_ERROR;
- return NULL;
- }
- if (tmp.l > MAX_DOMAIN_LEN) {
- debug("Domain string exceeds %d bytes, rejecting\n", MAX_DOMAIN_LEN);
- ntlm_errno = NTLM_LOGON_ERROR;
- return NULL;
- }
- memcpy(domain, tmp.str, tmp.l);
- user = domain + tmp.l;
- *user++ = '\0';
-
- /* debug("fetching user name\n"); */
- tmp = ntlm_fetch_string((char *) auth, auth_length, &auth->user);
- if (tmp.str == NULL || tmp.l == 0) {
- debug("No username supplied. Returning no-auth\n");
- ntlm_errno = NTLM_LOGON_ERROR;
- return NULL;
- }
- if (tmp.l > MAX_USERNAME_LEN) {
- debug("Username string exceeds %d bytes, rejecting\n", MAX_USERNAME_LEN);
- ntlm_errno = NTLM_LOGON_ERROR;
- return NULL;
- }
- memcpy(user, tmp.str, tmp.l);
- *(user + tmp.l) = '\0';
-
-
- /* Authenticating against the NT response doesn't seem to work... */
- tmp = ntlm_fetch_string((char *) auth, auth_length, &auth->lmresponse);
- if (tmp.str == NULL || tmp.l == 0) {
- fprintf(stderr, "No auth at all. Returning no-auth\n");
- ntlm_errno = NTLM_LOGON_ERROR;
- return NULL;
- }
- if (tmp.l > MAX_PASSWD_LEN) {
- debug("Password string exceeds %d bytes, rejecting\n", MAX_PASSWD_LEN);
- ntlm_errno = NTLM_LOGON_ERROR;
- return NULL;
- }
-
- memcpy(pass, tmp.str, tmp.l);
- pass[min(MAX_PASSWD_LEN,tmp.l)] = '\0';
-
-#if 1
- debug("Empty LM pass detection: user: '%s', ours:'%s', his: '%s'"
- "(length: %d)\n",
- user,lmencoded_empty_pass,tmp.str,tmp.l);
- if (memcmp(tmp.str,lmencoded_empty_pass,ENCODED_PASS_LEN)==0) {
- fprintf(stderr,"Empty LM password supplied for user %s\\%s. "
- "No-auth\n",domain,user);
- ntlm_errno=NTLM_LOGON_ERROR;
- return NULL;
- }
-
- tmp = ntlm_fetch_string ((char *) auth, auth_length, &auth->ntresponse);
- if (tmp.str != NULL && tmp.l != 0) {
- debug("Empty NT pass detection: user: '%s', ours:'%s', his: '%s'"
- "(length: %d)\n",
- user,ntencoded_empty_pass,tmp.str,tmp.l);
- if (memcmp(tmp.str,lmencoded_empty_pass,ENCODED_PASS_LEN)==0) {
- fprintf(stderr,"Empty NT password supplied for user %s\\%s. "
- "No-auth\n",domain,user);
- ntlm_errno=NTLM_LOGON_ERROR;
- return NULL;
- }
- }
-#endif
-
- /* TODO: check against empty password!!!!! */
-
-
-
- debug("checking domain: '%s', user: '%s', pass='%s'\n", domain, user, pass);
-
- rv = SMB_Logon_Server(handle, user, pass, domain, 1);
- debug("Login attempt had result %d\n", rv);
-
- if (rv != NTV_NO_ERROR) { /* failed */
- ntlm_errno = rv;
- return NULL;
- }
- *(user - 1) = '\\'; /* hack. Performing, but ugly. */
-
- debug("credentials: %s\n", credentials);
- return credentials;
-}
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
*
*/
-
+#define SQUID_NO_ALLOC_PROTECT 1
#include "config.h"
-#include "ntlmauth.h"
-#include "ntlm_smb_lm_auth.h"
-#include "squid_endian.h"
-#include "util.h"
-#include "smbval/smblib-common.h"
-#include "smbval/rfcnb-error.h"
+#include "libntlmauth/ntlmauth.h"
+#include "libntlmauth/smb.h"
+#include "libntlmauth/rfcnb.h"
+#include "libntlmauth/support_bits.cci"
+#include "util.h" /* from Squid */
+#if HAVE_STRING_H
+#include <string.h>
+#endif
+#if HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+#if HAVE_SIGNAL_H
#include <signal.h>
-
-/* these are part of rfcnb-priv.h and smblib-priv.h */
-extern int SMB_Get_Error_Msg(int msg, char *msgbuf, int len);
-extern int SMB_Get_Last_Error(void);
-extern int SMB_Get_Last_SMB_Err(void);
-extern int RFCNB_Get_Last_Error(void);
-
-
+#endif
+#if HAVE_ERRNO_H
#include <errno.h>
-
-#define BUFFER_SIZE 10240
-
+#endif
#if HAVE_STDLIB_H
#include <stdlib.h>
#endif
#if HAVE_GETOPT_H
#include <getopt.h>
#endif
-#ifdef HAVE_STRING_H
+#if HAVE_STRING_H
#include <string.h>
#endif
-#ifdef HAVE_CTYPE_H
+#if HAVE_CTYPE_H
#include <ctype.h>
#endif
-#ifdef HAVE_UNISTD_H
+#if HAVE_UNISTD_H
#include <unistd.h>
#endif
-#ifdef HAVE_ASSERT_H
+#if HAVE_ASSERT_H
#include <assert.h>
#endif
+#if HAVE_TIME_H
+#include <time.h>
+#endif
+
+
+/************* CONFIGURATION ***************/
+
+#define DEAD_DC_RETRY_INTERVAL 30
+
+/************* END CONFIGURATION ***************/
+
+/* A couple of harmless helper macros */
+#define SEND(X) debug("sending '%s' to squid\n",X); printf(X "\n");
+#ifdef __GNUC__
+#define SEND2(X,Y...) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
+#define SEND3(X,Y...) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
+#else
+/* no gcc, no debugging. varargs macros are a gcc extension */
+#define SEND2 printf
+#define SEND3 printf
+#endif
+
+const char *make_challenge(char *domain, char *controller);
+char *ntlm_check_auth(ntlm_authenticate * auth, int auth_length);
+void dc_disconnect(void);
+int connectedp(void);
+int is_dc_ok(char *domain, char *domain_controller);
+
+typedef struct _dc dc;
+struct _dc {
+ char *domain;
+ char *controller;
+ time_t dead; /* 0 if it's alive, otherwise time of death */
+ dc *next;
+};
/* local functions */
void send_bh_or_ld(char const *bhmessage, ntlm_authenticate * failedauth, int authlen);
const char * obtain_challenge(void);
void manage_request(void);
+/* these are part of rfcnb-priv.h and smblib-priv.h */
+extern int SMB_Get_Error_Msg(int msg, char *msgbuf, int len);
+extern int SMB_Get_Last_Error();
+extern int RFCNB_Get_Last_Errno();
+extern int RFCNB_Get_Last_Error(void);
+extern int SMB_Get_Last_SMB_Err(void);
-#ifdef DEBUG
-char error_messages_buffer[BUFFER_SIZE];
-#endif
+/* a few forward-declarations. Hackish, but I don't care right now */
+SMB_Handle_Type SMB_Connect_Server(SMB_Handle_Type Con_Handle, char *server, char *NTdomain);
+
+/* this one is reallllly haackiish. We really should be using anything from smblib-priv.h
+ */
+static char const *SMB_Prots[] = {"PC NETWORK PROGRAM 1.0",
+ "MICROSOFT NETWORKS 1.03",
+ "MICROSOFT NETWORKS 3.0",
+ "DOS LANMAN1.0",
+ "LANMAN1.0",
+ "DOS LM1.2X002",
+ "LM1.2X002",
+ "DOS LANMAN2.1",
+ "LANMAN2.1",
+ "Samba",
+ "NT LM 0.12",
+ "NT LANMAN 1.0",
+ NULL
+ };
+
+#define ENCODED_PASS_LEN 24
+#define MAX_USERNAME_LEN 255
+#define MAX_DOMAIN_LEN 255
+#define MAX_PASSWD_LEN 31
+
+static unsigned char challenge[NTLM_NONCE_LEN];
+static unsigned char lmencoded_empty_pass[ENCODED_PASS_LEN],
+ntencoded_empty_pass[ENCODED_PASS_LEN];
+SMB_Handle_Type handle = NULL;
+int ntlm_errno;
+static char credentials[MAX_USERNAME_LEN+MAX_DOMAIN_LEN+2]; /* we can afford to waste */
+static char my_domain[100], my_domain_controller[100];
+static char errstr[1001];
+#if DEBUG
+char error_messages_buffer[NTLM_BLOB_BUFFER_SIZE];
+#endif
char load_balance = 0, protocol_pedantic = 0;
-#ifdef NTLM_FAIL_OPEN
+#if NTLM_FAIL_OPEN
char last_ditch_enabled = 0;
#endif
-
dc *controllers = NULL;
int numcontrollers = 0;
dc *current_dc;
-
char smb_error_buffer[1000];
-/* signal handler to be invoked when the authentication operation
- * times out */
-static char got_timeout = 0;
-static void
-timeout_during_auth(int signum)
+
+/* Disconnects from the DC. A reconnection will be done upon the next request
+ */
+void
+dc_disconnect()
{
- dc_disconnect();
+ if (handle != NULL)
+ SMB_Discon(handle, 0);
+ handle = NULL;
}
-/* makes a null-terminated string upper-case. Changes CONTENTS! */
-static void
-uc(char *string)
+int
+connectedp()
+{
+ return (handle != NULL);
+}
+
+/* Tries to connect to a DC. Returns 0 on failure, 1 on OK */
+int
+is_dc_ok(char *domain, char *domain_controller)
{
- char *p = string, c;
- while ((c = *p)) {
- *p = xtoupper(c);
- p++;
+ SMB_Handle_Type h = SMB_Connect_Server(NULL, domain_controller, domain);
+ if (h == NULL)
+ return 0;
+ SMB_Discon(h, 0);
+ return 1;
+}
+
+/* returns 0 on success, > 0 on failure */
+static int
+init_challenge(char *domain, char *domain_controller)
+{
+ int smberr;
+
+ if (handle != NULL) {
+ return 0;
+ }
+ debug("Connecting to server %s domain %s\n", domain_controller, domain);
+ handle = SMB_Connect_Server(NULL, domain_controller, domain);
+ smberr = SMB_Get_Last_Error();
+ SMB_Get_Error_Msg(smberr, errstr, 1000);
+
+
+ if (handle == NULL) { /* couldn't connect */
+ debug("Couldn't connect to SMB Server. Error:%s\n", errstr);
+ return 1;
}
+ if (SMB_Negotiate(handle, SMB_Prots) < 0) { /* An error */
+ debug("Error negotiating protocol with SMB Server\n");
+ SMB_Discon(handle, 0);
+ handle = NULL;
+ return 2;
+ }
+ if (handle->Security == 0) { /* share-level security, unuseable */
+ debug("SMB Server uses share-level security .. we need user security.\n");
+ SMB_Discon(handle, 0);
+ handle = NULL;
+ return 3;
+ }
+ memcpy(challenge, handle->Encrypt_Key, NTLM_NONCE_LEN);
+ SMBencrypt((unsigned char *)"",challenge,lmencoded_empty_pass);
+ SMBNTencrypt((unsigned char *)"",challenge,ntencoded_empty_pass);
+ return 0;
}
-/* makes a null-terminated string lower-case. Changes CONTENTS! */
-static void
-lc(char *string)
+const char *
+make_challenge(char *domain, char *domain_controller)
{
- char *p = string, c;
- while ((c = *p)) {
- *p = xtolower(c);
- p++;
+ /* trying to circumvent some strange problem wih pointers in SMBLib */
+ /* Ugly as hell, but the lib is going to be dropped... */
+ strcpy(my_domain,domain);
+ strcpy(my_domain_controller,domain_controller);
+ if (init_challenge(my_domain, my_domain_controller) > 0) {
+ return NULL;
+ }
+ ntlm_challenge chal;
+ u_int32_t flags = NTLM_REQUEST_NON_NT_SESSION_KEY |
+ NTLM_CHALLENGE_TARGET_IS_DOMAIN |
+ NTLM_NEGOTIATE_ALWAYS_SIGN |
+ NTLM_NEGOTIATE_USE_NTLM |
+ NTLM_NEGOTIATE_USE_LM |
+ NTLM_NEGOTIATE_ASCII;
+ ntlm_make_challenge(&chal, my_domain, my_domain_controller, (char *)challenge, NTLM_NONCE_LEN, flags);
+ int len = sizeof(chal) - sizeof(chal.payload) + le16toh(chal.target.maxlen);
+ return base64_encode_bin((char *)&chal, len);
+}
+
+/* returns NULL on failure, or a pointer to
+ * the user's credentials (domain\\username)
+ * upon success. WARNING. It's pointing to static storage.
+ * In case of problem sets as side-effect ntlm_errno to one of the
+ * codes defined in ntlm.h
+ */
+char *
+ntlm_check_auth(ntlm_authenticate * auth, int auth_length)
+{
+ int rv;
+ char pass[MAX_PASSWD_LEN+1];
+ char *domain = credentials;
+ char *user;
+ lstring tmp;
+
+ if (handle == NULL) { /*if null we aren't connected, but it shouldn't happen */
+ debug("Weird, we've been disconnected\n");
+ ntlm_errno = NTLM_ERR_NOT_CONNECTED;
+ return NULL;
+ }
+
+ /* debug("fetching domain\n"); */
+ tmp = ntlm_fetch_string(&(auth->hdr), auth_length, &auth->domain, auth->flags);
+ if (tmp.str == NULL || tmp.l == 0) {
+ debug("No domain supplied. Returning no-auth\n");
+ ntlm_errno = NTLM_ERR_LOGON;
+ return NULL;
+ }
+ if (tmp.l > MAX_DOMAIN_LEN) {
+ debug("Domain string exceeds %d bytes, rejecting\n", MAX_DOMAIN_LEN);
+ ntlm_errno = NTLM_ERR_LOGON;
+ return NULL;
+ }
+ memcpy(domain, tmp.str, tmp.l);
+ user = domain + tmp.l;
+ *user++ = '\0';
+
+ /* debug("fetching user name\n"); */
+ tmp = ntlm_fetch_string(&(auth->hdr), auth_length, &auth->user, auth->flags);
+ if (tmp.str == NULL || tmp.l == 0) {
+ debug("No username supplied. Returning no-auth\n");
+ ntlm_errno = NTLM_ERR_LOGON;
+ return NULL;
+ }
+ if (tmp.l > MAX_USERNAME_LEN) {
+ debug("Username string exceeds %d bytes, rejecting\n", MAX_USERNAME_LEN);
+ ntlm_errno = NTLM_ERR_LOGON;
+ return NULL;
+ }
+ memcpy(user, tmp.str, tmp.l);
+ *(user + tmp.l) = '\0';
+
+
+ /* Authenticating against the NT response doesn't seem to work... */
+ tmp = ntlm_fetch_string(&(auth->hdr), auth_length, &auth->lmresponse, auth->flags);
+ if (tmp.str == NULL || tmp.l == 0) {
+ fprintf(stderr, "No auth at all. Returning no-auth\n");
+ ntlm_errno = NTLM_ERR_LOGON;
+ return NULL;
+ }
+ if (tmp.l > MAX_PASSWD_LEN) {
+ debug("Password string exceeds %d bytes, rejecting\n", MAX_PASSWD_LEN);
+ ntlm_errno = NTLM_ERR_LOGON;
+ return NULL;
+ }
+
+ memcpy(pass, tmp.str, tmp.l);
+ pass[min(MAX_PASSWD_LEN,tmp.l)] = '\0';
+
+#if 1
+ debug("Empty LM pass detection: user: '%s', ours:'%s', his: '%s' (length: %d)\n",
+ user,lmencoded_empty_pass,tmp.str,tmp.l);
+ if (memcmp(tmp.str,lmencoded_empty_pass,ENCODED_PASS_LEN)==0) {
+ fprintf(stderr,"Empty LM password supplied for user %s\\%s. "
+ "No-auth\n",domain,user);
+ ntlm_errno=NTLM_ERR_LOGON;
+ return NULL;
+ }
+
+ tmp = ntlm_fetch_string(&(auth->hdr), auth_length, &auth->ntresponse, auth->flags);
+ if (tmp.str != NULL && tmp.l != 0) {
+ debug("Empty NT pass detection: user: '%s', ours:'%s', his: '%s' (length: %d)\n",
+ user,ntencoded_empty_pass,tmp.str,tmp.l);
+ if (memcmp(tmp.str,lmencoded_empty_pass,ENCODED_PASS_LEN)==0) {
+ fprintf(stderr,"ERROR: Empty NT password supplied for user %s\\%s. No-auth\n", domain, user);
+ ntlm_errno = NTLM_ERR_LOGON;
+ return NULL;
+ }
}
+#endif
+
+ /* TODO: check against empty password!!!!! */
+
+
+ debug("checking domain: '%s', user: '%s', pass='%s'\n", domain, user, pass);
+
+ rv = SMB_Logon_Server(handle, user, pass, domain, 1);
+ debug("Login attempt had result %d\n", rv);
+
+ if (rv != NTLM_ERR_NONE) { /* failed */
+ ntlm_errno = rv;
+ return NULL;
+ }
+ *(user - 1) = '\\'; /* hack. Performing, but ugly. */
+
+ debug("credentials: %s\n", credentials);
+ return credentials;
}
+/* signal handler to be invoked when the authentication operation
+ * times out */
+static char got_timeout = 0;
+static void
+timeout_during_auth(int signum)
+{
+ dc_disconnect();
+}
void
send_bh_or_ld(char const *bhmessage, ntlm_authenticate * failedauth, int authlen)
{
-#ifdef NTLM_FAIL_OPEN
- char *creds = NULL;
+#if NTLM_FAIL_OPEN
+ char user[NTLM_MAX_FIELD_LENGTH];
+ char domain[NTLM_MAX_FIELD_LENGTH];
if (last_ditch_enabled) {
- creds = fetch_credentials(failedauth, authlen);
- if (creds) {
- lc(creds);
- SEND2("LD %s", creds);
+ user[0] = '\0';
+ domain[0] = '\0';
+ if (ntlm_unpack_auth(failedauth, user, domain, authlen) == 0) {
+ lc(domain);
+ lc(user);
+ SEND3("LD %s%s%s", domain, (domain[0]!='\0'?"//":""), user);
} else {
SEND("NA last-ditch on, but no credentials");
}
} else {
#endif
SEND2("BH %s", bhmessage);
-#ifdef NTLM_FAIL_OPEN
+#if NTLM_FAIL_OPEN
}
#endif
}
fprintf(stderr,
"WARNING. The -f flag is DEPRECATED and always active.\n");
break;
-#ifdef NTLM_FAIL_OPEN
+#if NTLM_FAIL_OPEN
case 'l':
last_ditch_enabled = 1;
break;
char *d, *c;
/* d will not be freed in case of non-error. Since we don't reconfigure,
* it's going to live as long as the process anyways */
- d = malloc(strlen(argv[j]) + 1);
+ d = (char*)malloc(strlen(argv[j]) + 1);
strcpy(d, argv[j]);
debug("Adding domain-controller %s\n", d);
if (NULL == (c = strchr(d, '\\')) && NULL == (c = strchr(d, '/'))) {
manage_request()
{
ntlmhdr *fast_header;
- char buf[BUFFER_SIZE];
+ char buf[NTLM_BLOB_BUFFER_SIZE];
const char *ch;
char *ch2, *decoded, *cred = NULL;
int plen;
- if (fgets(buf, BUFFER_SIZE, stdin) == NULL) {
+ if (fgets(buf, NTLM_BLOB_BUFFER_SIZE, stdin) == NULL) {
fprintf(stderr, "fgets() failed! dying..... errno=%d (%s)\n", errno,
strerror(errno));
exit(1); /* BIIG buffer */
}
debug("managing request\n");
- ch2 = memchr(buf, '\n', BUFFER_SIZE); /* safer against overrun than strchr */
+ ch2 = (char*)memchr(buf, '\n', NTLM_BLOB_BUFFER_SIZE); /* safer against overrun than strchr */
if (ch2) {
*ch2 = '\0'; /* terminate the string at newline. */
ch = ch2;
return;
}
/* fast-track-decode request type. */
- fast_header = (struct _ntlmhdr *) decoded;
+ fast_header = (ntlmhdr *) decoded;
/* sanity-check: it IS a NTLMSSP packet, isn't it? */
- if (memcmp(fast_header->signature, "NTLMSSP", 8) != 0) {
+ if (ntlm_validate_packet(fast_header, NTLM_ANY) < 0) {
SEND("NA Broken authentication packet");
return;
}
}
if (cred == NULL) {
int smblib_err, smb_errorclass, smb_errorcode, nb_error;
- if (ntlm_errno == NTLM_LOGON_ERROR) { /* hackish */
+ if (ntlm_errno == NTLM_ERR_LOGON) { /* hackish */
SEND("NA Logon Failure");
return;
}
SEND("BH unknown authentication packet type");
return;
}
-
-
+ /* notreached */
return;
}
if (memcmp(buf, "YR", 2) == 0) { /* refresh-request */
main(int argc, char *argv[])
{
debug("ntlm_auth build " __DATE__ ", " __TIME__ " starting up...\n");
-#ifdef DEBUG
+#if DEBUG
debug("changing dir to /tmp\n");
if (chdir("/tmp") != 0) {
debug("ERROR: (%d) failed.\n",errno);
while (1) {
manage_request();
}
+ /* notreached */
return 0;
}
+++ /dev/null
-/*
- * (C) 2000 Francesco Chemolli <kinkie@kame.usr.dsi.unimi.it>,
- * inspired by previous work by Andrew Doran <ad@interlude.eu.org>
- *
- * Distributed freely under the terms of the GNU General Public License,
- * version 2. See the file COPYING for licensing details
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
- */
-
-#ifndef _NTLM_H_
-#define _NTLM_H_
-
-#include "config.h"
-#include "ntlmauth.h"
-
-/* for time_t */
-#if HAVE_TIME_H
-#include <time.h>
-#endif
-#if HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
-
-/************* CONFIGURATION ***************/
-/*
- * define this if you want debugging
- */
-#ifndef DEBUG
-#define DEBUG
-#endif
-
-#define DEAD_DC_RETRY_INTERVAL 30
-
-/************* END CONFIGURATION ***************/
-
-
-/* A couple of harmless helper macros */
-#define SEND(X) debug("sending '%s' to squid\n",X); printf(X "\n");
-#ifdef __GNUC__
-#define SEND2(X,Y...) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
-#else
-/* no gcc, no debugging. varargs macros are a gcc extension */
-#define SEND2 printf
-#endif
-
-extern int ntlm_errno;
-#define NTLM_NO_ERROR 0
-#define NTLM_SERVER_ERROR 1
-#define NTLM_PROTOCOL_ERROR 2
-#define NTLM_LOGON_ERROR 3
-#define NTLM_UNTRUSTED_DOMAIN 4
-#define NTLM_BAD_PROTOCOL -1
-#define NTLM_NOT_CONNECTED 10
-
-
-const char *make_challenge(char *domain, char *controller);
-extern char *ntlm_check_auth(ntlm_authenticate * auth, int auth_length);
-extern char *fetch_credentials(ntlm_authenticate * auth, int auth_length);
-void dc_disconnect(void);
-int connectedp(void);
-int is_dc_ok(char *domain, char *domain_controller);
-
-typedef struct _dc dc;
-struct _dc {
- char *domain;
- char *controller;
- time_t dead; /* 0 if it's alive, otherwise time of death */
- dc *next;
-};
-
-
-#endif /* _NTLM_H_ */
+++ /dev/null
-# makefile for smblib
-
-include $(top_srcdir)/src/Common.am
-
-## we need our local files too (but avoid -I. at all costs)
-INCLUDES += -I$(srcdir)
-
-
-noinst_LIBRARIES = libsmbvalid.a
-
-libsmbvalid_a_SOURCES = valid.c session.c rfcnb-util.c rfcnb-io.c \
- smblib-util.c smblib.c smbencrypt.c smbdes.c md4.c byteorder.h \
- rfcnb-error.h rfcnb-util.h smbencrypt.h smblib.h valid.h \
- md4.h rfcnb-io.h rfcnb.h smblib-common.h std-defines.h \
- rfcnb-common.h rfcnb-priv.h smbdes.h smblib-priv.h std-includes.h
-
-##OBJS = smblib.o smblib-util.o file.o smb-errors.o exper.o smblib-api.o smbencrypt.o smbdes.o md4.o
+++ /dev/null
-/* UNIX RFCNB (RFC1001/RFC1002) NetBIOS implementation
- *
- * Version 1.0
- * RFCNB Common Structures etc Defines
- *
- * Copyright (C) Richard Sharpe 1996
- *
- */
-
-/*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- */
-
-#ifndef _SMB_LM_SMBVAL_RFCNB_COMMON_H
-#define _SMB_LM_SMBVAL_RFCNB_COMMON_H
-
-/* A data structure we need */
-
-typedef struct RFCNB_Pkt {
-
- char *data; /* The data in this portion */
- int len;
- struct RFCNB_Pkt *next;
-
-} RFCNB_Pkt;
-
-#endif /* _SMB_LM_SMBVAL_RFCNB_COMMON_H */
+++ /dev/null
-/* UNIX RFCNB (RFC1001/RFC1002) NetBIOS implementation
- *
- * Version 1.0
- * RFCNB Error Response Defines
- *
- * Copyright (C) Richard Sharpe 1996
- *
- */
-
-/*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- */
-
-/* Error responses */
-
-#define RFCNBE_Bad -1 /* Bad response */
-#define RFCNBE_OK 0
-
-/* these should follow the spec ... is there one ? */
-
-#define RFCNBE_NoSpace 1 /* Could not allocate space for a struct */
-#define RFCNBE_BadName 2 /* Could not translate a name */
-#define RFCNBE_BadRead 3 /* Read sys call failed */
-#define RFCNBE_BadWrite 4 /* Write Sys call failed */
-#define RFCNBE_ProtErr 5 /* Protocol Error */
-#define RFCNBE_ConGone 6 /* Connection dropped */
-#define RFCNBE_BadHandle 7 /* Handle passed was bad */
-#define RFCNBE_BadSocket 8 /* Problems creating socket */
-#define RFCNBE_ConnectFailed 9 /* Connect failed */
-#define RFCNBE_CallRejNLOCN 10 /* Call rejected, not listening on CN */
-#define RFCNBE_CallRejNLFCN 11 /* Call rejected, not listening for CN */
-#define RFCNBE_CallRejCNNP 12 /* Call rejected, called name not present */
-#define RFCNBE_CallRejInfRes 13 /* Call rejetced, name ok, no resources */
-#define RFCNBE_CallRejUnSpec 14 /* Call rejected, unspecified error */
-#define RFCNBE_BadParam 15 /* Bad parameters passed ... */
-#define RFCNBE_Timeout 16 /* IO Timed out */
-
-/* Text strings for the error responses */
-extern char const *RFCNB_Error_Strings[];
-/*
- * static char *RFCNB_Error_Strings[] = {
- *
- * "RFCNBE_OK: Routine completed successfully.",
- * "RFCNBE_NoSpace: No space available for a malloc call.",
- * "RFCNBE_BadName: NetBIOS name could not be translated to IP address.",
- * "RFCNBE_BadRead: Read system call returned an error. Check errno.",
- * "RFCNBE_BadWrite: Write system call returned an error. Check errno.",
- * "RFCNBE_ProtErr: A protocol error has occurred.",
- * "RFCNBE_ConGone: Connection dropped during a read or write system call.",
- * "RFCNBE_BadHandle: Bad connection handle passed.",
- * "RFCNBE_BadSocket: Problems creating socket.",
- * "RFCNBE_ConnectFailed: Connection failed. See errno.",
- * "RFCNBE_CallRejNLOCN: Call rejected. Not listening on called name.",
- * "RFCNBE_CallRejNLFCN: Call rejected. Not listening for called name.",
- * "RFCNBE_CallRejCNNP: Call rejected. Called name not present.",
- * "RFCNBE_CallRejInfRes: Call rejected. Name present, but insufficient resources.",
- * "RFCNBE_CallRejUnSpec: Call rejected. Unspecified error.",
- * "RFCNBE_BadParam: Bad parameters passed to a routine.",
- * "RFCNBE_Timeout: IO Operation timed out ..."
- *
- * };
- */
+++ /dev/null
-/* UNIX RFCNB (RFC1001/RFC1002) NetBIOS implementation
- *
- * Version 1.0
- * RFCNB IO Routines Defines
- *
- * Copyright (C) Richard Sharpe 1996
- *
- */
-
-/*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- */
-
-#ifndef _SMB_LM_SMBVAL_RFCNB_IO_H
-#define _SMB_LM_SMBVAL_RFCNB_IO_H
-
-extern int RFCNB_Put_Pkt(struct RFCNB_Con *con, struct RFCNB_Pkt *pkt, int len);
-
-extern int RFCNB_Get_Pkt(struct RFCNB_Con *con, struct RFCNB_Pkt *pkt, int len);
-
-extern void RFCNB_Free_Pkt(struct RFCNB_Pkt *pkt);
-
-#endif /* _SMB_LM_SMBVAL_RFCNB_IO_H */
+++ /dev/null
-/* UNIX RFCNB (RFC1001/RFC1002) NetBIOS implementation
- *
- * Version 1.0
- * RFCNB Utility Defines
- *
- * Copyright (C) Richard Sharpe 1996
- *
- */
-
-/*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- */
-
-#include "std-includes.h"
-
-
-void RFCNB_CvtPad_Name(char *name1, char *name2);
-
-void RFCNB_AName_To_NBName(char *AName, char *NBName);
-
-void RFCNB_NBName_To_AName(char *NBName, char *AName);
-
-void RFCNB_Print_Hex(FILE * fd, struct RFCNB_Pkt *pkt, int Offset, int Len);
-
-struct RFCNB_Pkt *RFCNB_Alloc_Pkt(int n);
-
-void RFCNB_Print_Pkt(FILE * fd, char *dirn, struct RFCNB_Pkt *pkt, int len);
-
-int RFCNB_Name_To_IP(char *host, struct in_addr *Dest_IP);
-
-int RFCNB_Close(int socket);
-
-int RFCNB_IP_Connect(struct in_addr Dest_IP, int port);
-
-int RFCNB_Session_Req(struct RFCNB_Con *con,
- char *Called_Name,
- char *Calling_Name,
- BOOL * redirect,
- struct in_addr *Dest_IP,
- int *port);
+++ /dev/null
-/* UNIX RFCNB (RFC1001/RFC1002) NetBIOS implementation
- *
- * Version 1.0
- * RFCNB Defines
- *
- * Copyright (C) Richard Sharpe 1996
- *
- */
-
-/*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- */
-
-#ifndef SMB_LM_SMBVAL_RFCNB_H
-#define SMB_LM_SMBVAL_RFCNB_H
-
-/* Error responses */
-
-#include "rfcnb-error.h"
-#include "rfcnb-common.h"
-#include "smblib-priv.h"
-#include "rfcnb-priv.h"
-
-/* Defines we need */
-
-#define RFCNB_Default_Port 139
-
-/* Definition of routines we define */
-
-extern void *RFCNB_Call(char *Called_Name, char *Calling_Name, char *Called_Address, int port);
-
-extern int RFCNB_Send(struct RFCNB_Con *Con_Handle, struct RFCNB_Pkt *Data, int Length);
-
-extern int RFCNB_Recv(void *Con_Handle, struct RFCNB_Pkt *Data, int Length);
-
-extern int RFCNB_Hangup(struct RFCNB_Con *con_Handle);
-
-extern void *RFCNB_Listen(void);
-
-extern void RFCNB_Get_Error(char *buffer, int buf_len);
-
-extern struct RFCNB_Pkt *RFCNB_Alloc_Pkt(int n);
-
-extern void RFCNB_Free_Pkt(struct RFCNB_Pkt *pkt);
-
-extern int RFCNB_Set_Sock_NoDelay(struct RFCNB_Con *con_Handle, BOOL yn);
-
-#endif /* SMB_LM_SMBVAL_RFCNB_H */
+++ /dev/null
-#ifndef __SMB_LM_SMBVAL_SMBENCRYPT_H
-#define __SMB_LM_SMBVAL_SMBENCRYPT_H
-
-
-extern void SMBencrypt(uchar * passwd, uchar * c8, uchar * p24);
-extern void SMBNTencrypt(uchar * passwd, uchar * c8, uchar * p24);
-
-#endif /* __SMB_LM_SMBVAL_SMBENCRYPT_H */
-
+++ /dev/null
-#ifndef __SMBLIB_COMMON_H__
-#define __SMBLIB_COMMON_H__
-
-/* UNIX SMBlib NetBIOS implementation
- *
- * Version 1.0
- * SMBlib Common Defines
- *
- * Copyright (C) Richard Sharpe 1996
- *
- */
-
-/*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- */
-
-/* To get the error class we want the first 8 bits */
-/* Because we just grab 4bytes from the SMB header, we have to re-order */
-/* here, but it makes the NtStatus part easier in future */
-
-#define SMBlib_Error_Class(p) (p & 0x000000FF)
-
-/* To get the error code, we want the bottom 16 bits */
-
-#define SMBlib_Error_Code(p) (((unsigned int)p & 0xFFFF0000) >>16)
-
-/* Error CLASS codes and etc ... */
-
-#define SMBC_SUCCESS 0
-#define SMBC_ERRDOS 0x01
-#define SMBC_ERRSRV 0x02
-#define SMBC_ERRHRD 0x03
-#define SMBC_ERRCMD 0xFF
-
-/* Success error codes */
-
-#define SMBS_BUFFERED 0x54
-#define SMBS_LOGGED 0x55
-#define SMBS_DISPLAYED 0x56
-
-/* ERRDOS Error codes */
-
-#define SMBD_badfunc 0x01
-#define SMBD_badfile 0x02
-#define SMBD_badpath 0x03
-#define SMBD_nofids 0x04
-#define SMBD_noaccess 0x05
-#define SMBD_badfid 0x06
-#define SMBD_badmcb 0x07
-#define SMBD_nomem 0x08
-#define SMBD_badmem 0x09
-#define SMBD_badenv 0x0A
-#define SMBD_badformat 0x0B
-#define SMBD_badaccess 0x0C
-#define SMBD_baddata 0x0D
-#define SMBD_reserved 0x0E
-#define SMBD_baddrive 0x0F
-#define SMBD_remcd 0x10
-#define SMBD_diffdevice 0x11
-#define SMBD_nofiles 0x12
-#define SMBD_badshare 0x20
-#define SMBD_errlock 0x21
-#define SMBD_filexists 0x50
-
-/* Server errors ... */
-
-#define SMBV_error 0x01 /* Generic error */
-#define SMBV_badpw 0x02
-#define SMBV_badtype 0x03
-#define SMBV_access 0x04
-#define SMBV_invnid 0x05
-#define SMBV_invnetname 0x06
-#define SMBV_invdevice 0x07
-#define SMBV_qfull 0x31
-#define SMBV_qtoobig 0x32
-#define SMBV_qeof 0x33
-#define SMBV_invpfid 0x34
-#define SMBV_paused 0x51
-#define SMBV_msgoff 0x52
-#define SMBV_noroom 0x53
-#define SMBV_rmuns 0x57
-#define SMBV_nosupport 0xFFFF
-
-/* Hardware error codes ... */
-
-#define SMBH_nowrite 0x13
-#define SMBH_badunit 0x14
-#define SMBH_notready 0x15
-#define SMBH_badcmd 0x16
-#define SMBH_data 0x17
-#define SMBH_badreq 0x18
-#define SMBH_seek 0x19
-#define SMBH_badmedia 0x1A
-#define SMBH_badsector 0x1B
-#define SMBH_nopaper 0x1C
-#define SMBH_write 0x1D
-#define SMBH_read 0x1E
-#define SMBH_general 0x1F
-#define SMBH_badshare 0x20
-
-/* Access mode defines ... */
-
-#define SMB_AMODE_WTRU 0x4000
-#define SMB_AMODE_NOCACHE 0x1000
-#define SMB_AMODE_COMPAT 0x0000
-#define SMB_AMODE_DENYRWX 0x0010
-#define SMB_AMODE_DENYW 0x0020
-#define SMB_AMODE_DENYRX 0x0030
-#define SMB_AMODE_DENYNONE 0x0040
-#define SMB_AMODE_OPENR 0x0000
-#define SMB_AMODE_OPENW 0x0001
-#define SMB_AMODE_OPENRW 0x0002
-#define SMB_AMODE_OPENX 0x0003
-#define SMB_AMODE_FCBOPEN 0x00FF
-#define SMB_AMODE_LOCUNKN 0x0000
-#define SMB_AMODE_LOCMSEQ 0x0100
-#define SMB_AMODE_LOCMRAN 0x0200
-#define SMB_AMODE_LOCRAL 0x0300
-
-/* File attribute encoding ... */
-
-#define SMB_FA_ORD 0x00
-#define SMB_FA_ROF 0x01
-#define SMB_FA_HID 0x02
-#define SMB_FA_SYS 0x04
-#define SMB_FA_VOL 0x08
-#define SMB_FA_DIR 0x10
-#define SMB_FA_ARC 0x20
-
-/* Define the protocol types ... */
-
-#define SMB_P_Unknown -1 /* Hmmm, is this smart? */
-#define SMB_P_Core 0
-#define SMB_P_CorePlus 1
-#define SMB_P_DOSLanMan1 2
-#define SMB_P_LanMan1 3
-#define SMB_P_DOSLanMan2 4
-#define SMB_P_LanMan2 5
-#define SMB_P_DOSLanMan2_1 6
-#define SMB_P_LanMan2_1 7
-#define SMB_P_NT1 8
-
-/* SMBlib return codes */
-/* We want something that indicates whether or not the return code was a */
-/* remote error, a local error in SMBlib or returned from lower layer ... */
-/* Wonder if this will work ... */
-/* SMBlibE_Remote = 1 indicates remote error */
-/* SMBlibE_ values < 0 indicate local error with more info available */
-/* SMBlibE_ values >1 indicate local from SMBlib code errors? */
-
-#define SMBlibE_Success 0
-#define SMBlibE_Remote 1 /* Remote error, get more info from con */
-#define SMBlibE_BAD -1
-#define SMBlibE_LowerLayer 2 /* Lower layer error */
-#define SMBlibE_NotImpl 3 /* Function not yet implemented */
-#define SMBlibE_ProtLow 4 /* Protocol negotiated does not support req */
-#define SMBlibE_NoSpace 5 /* No space to allocate a structure */
-#define SMBlibE_BadParam 6 /* Bad parameters */
-#define SMBlibE_NegNoProt 7 /* None of our protocols was liked */
-#define SMBlibE_SendFailed 8 /* Sending an SMB failed */
-#define SMBlibE_RecvFailed 9 /* Receiving an SMB failed */
-#define SMBlibE_GuestOnly 10 /* Logged in as guest */
-#define SMBlibE_CallFailed 11 /* Call remote end failed */
-#define SMBlibE_ProtUnknown 12 /* Protocol unknown */
-#define SMBlibE_NoSuchMsg 13 /* Keep this up to date */
-
-typedef struct { /* A structure for a Dirent */
-
- unsigned char resume_key[21]; /* Don't touch this */
- unsigned char file_attributes; /* Attributes of file */
- unsigned int date_time; /* date and time of last mod */
- unsigned int size;
- char filename[13]; /* The name of the file */
-
-} SMB_CP_dirent;
-
-#endif /* __SMBLIB_COMMON_H__ */
+++ /dev/null
-/* UNIX SMBlib NetBIOS implementation
- *
- * Version 1.0
- * SMBlib Defines
- *
- * Copyright (C) Richard Sharpe 1996
- *
- */
-
-/*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- */
-
-#include "std-defines.h"
-#include "smblib-common.h"
-
-/* Just define all the entry points */
-
-/* Create a handle to allow us to set/override some parameters ... */
-
-void *SMB_Create_Con_Handle();
-
-/* Connect to a server, but do not do a tree con etc ... */
-
-void *SMB_Connect_Server(void *Con, char *server, char *NTdomain);
-
-/* Connect to a server and give us back a handle. If Con == NULL, create */
-/* The handle and populate it with defaults */
-
-void *SMB_Connect(void *Con, void **tree,
- char *name, char *User, char *Password);
-
-/* Negotiate a protocol */
-
-int SMB_Negotiate(void *Con_Handle, char *Prots[]);
-
-/* Connect to a tree ... */
-
-void *SMB_TreeConnect(void *con_handle, void *tree_handle,
- char *path, char *password, char *dev);
-
-/* Disconnect a tree ... */
-
-int SMB_TreeDisconect(void *tree_handle);
-
-/* Open a file */
-
-void *SMB_Open(void *tree_handle,
- void *file_handle,
- char *file_name,
- unsigned short mode,
- unsigned short search);
-
-/* Close a file */
-
-int SMB_Close(void *file_handle);
-
-/* Disconnect from server. Has flag to specify whether or not we keep the */
-/* handle. */
-
-int SMB_Discon(void *Con, BOOL KeepHandle);
-
-void *SMB_Create(void *Tree_Handle,
- void *File_Handle,
- char *file_name,
- short search);
-
-int SMB_Delete(void *tree, char *file_name, short search);
-
-int SMB_Create_Dir(void *tree, char *dir_name);
-
-int SMB_Delete_Dir(void *tree, char *dir_name);
-
-int SMB_Check_Dir(void *tree, char *dir_name);
-
-int SMB_Get_Last_Error();
-
-int SMB_Get_Last_SMB_Err();
-
-int SMB_Get_Error_Msg(int msg, char *msgbuf, int len);
-
-void *SMB_Logon_And_TCon(void *con, void *tree, char *user, char *pass,
- char *service, char *st);
-
-
-#define SMBLIB_DEFAULT_DOMAIN "anydom"
+++ /dev/null
-#ifndef __STD_DEFINES__
-#define __STD_DEFINES__
-
-/* RFCNB Standard includes ... */
-/*
- *
- * SMBlib Standard Includes
- *
- * Copyright (C) 1996, Richard Sharpe
- *
- * One day we will conditionalize these on OS types ... */
-
-/*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- */
-
-#include "config.h"
-#define BOOL int16_t
-#define int16 int16_t
-#define uint16 u_int16_t
-#define int32 int32_t
-#define uint32 u_int32_t
-
-#include <netdb.h>
-#include <sys/types.h>
-#include <netinet/in.h>
-#include <sys/socket.h>
-#include <signal.h>
-#include <errno.h>
-#include <stdio.h>
-#include <unistd.h>
-#include <strings.h>
-
-#define TRUE 1
-#define FALSE 0
-
-#endif /* __STD_DEFINES__ */
+++ /dev/null
-/* RFCNB Standard includes ... */
-/*
- *
- * RFCNB Standard Includes
- *
- * Copyright (C) 1996, Richard Sharpe
- *
- * One day we will conditionalize these on OS types ... */
-
-/*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- */
-
-/* the types are provided by squid's configure preocess */
-#include "util.h"
-#define BOOL int16_t
-#define int16 int16_t
-
-#include <netdb.h>
-#include <sys/types.h>
-#include <netinet/in.h>
-#include <sys/socket.h>
-#include <signal.h>
-#include <errno.h>
-#include <stdio.h>
-#include <unistd.h>
-
-#define TRUE 1
-#define FALSE 0
-
-/* Pick up define for INADDR_NONE */
-
-#ifndef INADDR_NONE
-#define INADDR_NONE -1
-#endif
+++ /dev/null
-#ifndef _VALID_H_
-#define _VALID_H_
-/* SMB User verification function */
-
-#define NTV_NO_ERROR 0
-#define NTV_SERVER_ERROR 1
-#define NTV_PROTOCOL_ERROR 2
-#define NTV_LOGON_ERROR 3
-
-int Valid_User(char *USERNAME, char *PASSWORD, char *SERVER, char *BACKUP, char *DOMAIN);
-void *NTLM_Connect(char *SERVER, char *BACKUP, char *DOMAIN, char *nonce);
-int NTLM_Auth(void *handle, char *USERNAME, char *PASSWORD, int flag);
-void NTLM_Disconnect(void *handle);
-
-#endif
libexec_SCRIPTS = url_fake_rewrite.sh
-EXTRA_DIST = url_fake_rewrite.sh
+EXTRA_DIST = url_fake_rewrite.sh config.test
#if HAVE_CSTRING
#include <cstring>
#endif
+#if HAVE_STRING_H
+#include <string.h>
+#endif
#define BUFFER_SIZE 10240
* -h interface help.
*/
char *my_program_name = NULL;
-int debug_enabled = 0;
+int print_debug_messages = 0;
static void
usage(void)
while (-1 != (opt = getopt(argc, argv, "hd"))) {
switch (opt) {
case 'd':
- debug_enabled = 1;
+ print_debug_messages = 1;
break;
case 'h':
usage();
-#ifndef _MEM_POOLS_H_
-#define _MEM_POOLS_H_
+#ifndef _MEM_POOL_H_
+#define _MEM_POOL_H_
/**
\defgroup MemPoolsAPI Memory Management (Memory Pool Allocator)
/// \ingroup MemPoolsAPI
#define MB ((size_t)1024*1024)
/// \ingroup MemPoolsAPI
-#define mem_unlimited_size 2 * 1024 * MB
-/// \ingroup MemPoolsAPI
#define toMB(size) ( ((double) size) / MB )
/// \ingroup MemPoolsAPI
#define toKB(size) ( (size + 1024 - 1) / 1024 )
#define MEM_MAX_FREE 65535 /* ushort is max number of items per chunk */
class MemImplementingAllocator;
-class MemChunk;
class MemPoolStats;
/// \ingroup MemPoolsAPI
class MemPoolMeter
{
public:
+ MemPoolMeter();
void flush();
MemMeter alloc;
MemMeter inuse;
MemMeter idle;
- /** account Allocations */
- mgb_t gb_saved;
/** history Allocations */
- mgb_t gb_osaved;
+ mgb_t gb_allocated;
+ mgb_t gb_oallocated;
+
+ /** account Saved Allocations */
+ mgb_t gb_saved;
/** account Free calls */
mgb_t gb_freed;
*/
MemImplementingAllocator * create(const char *label, size_t obj_size);
- /**
- \param label Name for the pool. Displayed in stats.
- \param obj_size Size of elements in MemPool.
- \param chunked ??
- */
- MemImplementingAllocator * create(const char *label, size_t obj_size, bool const chunked);
-
/**
* Sets upper limit in bytes to amount of free ram kept in pools. This is
* not strict upper limit, but a hint. When MemPools are over this limit,
* totally free chunks are immediately considered for release. Otherwise
* only chunks that have not been referenced for a long time are checked.
*/
- void setIdleLimit(size_t new_idle_limit);
-
- size_t idleLimit() const;
+ void setIdleLimit(ssize_t new_idle_limit);
+ ssize_t idleLimit() const;
/**
\par
void setDefaultPoolChunking(bool const &);
MemImplementingAllocator *pools;
- int mem_idle_limit;
+ ssize_t mem_idle_limit;
int poolCount;
bool defaultIsChunked;
private:
\param stats Object to be filled with statistical data about pool.
\retval Number of objects in use, ie. allocated.
*/
- virtual int getStats(MemPoolStats * stats) = 0;
+ virtual int getStats(MemPoolStats * stats, int accumulate = 0) = 0;
virtual MemPoolMeter const &getMeter() const = 0;
/**
* Free a element allocated by MemAllocator::alloc()
*/
- virtual void free(void *) = 0;
+ virtual void freeOne(void *) = 0;
virtual char const *objectType() const;
virtual size_t objectSize() const = 0;
/**
* Free a element allocated by MemAllocatorProxy::alloc()
*/
- void free(void *);
+ void freeOne(void *);
int inUseCount() const;
size_t objectSize() const;
void \
CLASS::operator delete (void *address) \
{ \
- Pool().free(address); \
+ Pool().freeOne(address); \
}
/// \ingroup MemPoolsAPI
{
public:
MemImplementingAllocator(char const *aLabel, size_t aSize);
+ virtual ~MemImplementingAllocator();
virtual MemPoolMeter const &getMeter() const;
virtual MemPoolMeter &getMeter();
virtual void flushMetersFull();
/**
* Free a element allocated by MemImplementingAllocator::alloc()
*/
- virtual void free(void *);
+ virtual void freeOne(void *);
virtual bool idleTrigger(int shift) const = 0;
virtual void clean(time_t maxage) = 0;
- /** Hint to the allocator - may be ignored */
- virtual void setChunkSize(size_t chunksize) {}
virtual size_t objectSize() const;
virtual int getInUseCount() = 0;
protected:
virtual void *allocate() = 0;
- virtual void deallocate(void *) = 0;
-private:
+ virtual void deallocate(void *, bool aggressive) = 0;
MemPoolMeter meter;
+ int memPID;
public:
MemImplementingAllocator *next;
public:
size_t alloc_calls;
size_t free_calls;
+ size_t saved_calls;
size_t obj_size;
};
-/// \ingroup MemPoolsAPI
-class MemPool : public MemImplementingAllocator
-{
-public:
- friend class MemChunk;
- MemPool(const char *label, size_t obj_size);
- ~MemPool();
- void convertFreeCacheToChunkFreeCache();
- virtual void clean(time_t maxage);
-
- /**
- \param stats Object to be filled with statistical data about pool.
- \retval Number of objects in use, ie. allocated.
- */
- virtual int getStats(MemPoolStats * stats);
-
- void createChunk();
- void *get();
- void push(void *obj);
- virtual int getInUseCount();
-protected:
- virtual void *allocate();
- virtual void deallocate(void *);
-public:
- /**
- * Allows you tune chunk size of pooling. Objects are allocated in chunks
- * instead of individually. This conserves memory, reduces fragmentation.
- * Because of that memory can be freed also only in chunks. Therefore
- * there is tradeoff between memory conservation due to chunking and free
- * memory fragmentation.
- *
- \note As a general guideline, increase chunk size only for pools that keep
- * very many items for relatively long time.
- */
- virtual void setChunkSize(size_t chunksize);
-
- virtual bool idleTrigger(int shift) const;
-
- size_t chunk_size;
- int chunk_capacity;
- int memPID;
- int chunkCount;
- size_t inuse;
- size_t idle;
- void *freeCache;
- MemChunk *nextFreeChunk;
- MemChunk *Chunks;
- Splay<MemChunk *> allChunks;
-};
-
-/// \ingroup MemPoolsAPI
-class MemMalloc : public MemImplementingAllocator
-{
-public:
- MemMalloc(char const *label, size_t aSize);
- virtual bool idleTrigger(int shift) const;
- virtual void clean(time_t maxage);
-
- /**
- \param stats Object to be filled with statistical data about pool.
- \retval Number of objects in use, ie. allocated.
- */
- virtual int getStats(MemPoolStats * stats);
-
- virtual int getInUseCount();
-protected:
- virtual void *allocate();
- virtual void deallocate(void *);
-private:
- int inuse;
-};
-
-/// \ingroup MemPoolsAPI
-class MemChunk
-{
-public:
- MemChunk(MemPool *pool);
- ~MemChunk();
- void *freeList;
- void *objCache;
- int inuse_count;
- MemChunk *nextFreeChunk;
- MemChunk *next;
- time_t lastref;
- MemPool *pool;
-};
-
/// \ingroup MemPoolsAPI
class MemPoolStats
{
int tot_items_idle;
int tot_overhead;
- int mem_idle_limit;
+ ssize_t mem_idle_limit;
};
/// \ingroup MemPoolsAPI
}
-#endif /* _MEM_POOLS_H_ */
+#endif /* _MEM_POOL_H_ */
--- /dev/null
+#ifndef _MEM_POOL_CHUNKED_H_
+#define _MEM_POOL_CHUNKED_H_
+
+#include "MemPool.h"
+
+/// \ingroup MemPoolsAPI
+#define MEM_PAGE_SIZE 4096
+/// \ingroup MemPoolsAPI
+#define MEM_CHUNK_SIZE 4096 * 4
+/// \ingroup MemPoolsAPI
+#define MEM_CHUNK_MAX_SIZE 256 * 1024 /* 2MB */
+/// \ingroup MemPoolsAPI
+#define MEM_MIN_FREE 32
+/// \ingroup MemPoolsAPI
+#define MEM_MAX_FREE 65535 /* ushort is max number of items per chunk */
+
+class MemChunk;
+
+/// \ingroup MemPoolsAPI
+class MemPoolChunked : public MemImplementingAllocator
+{
+public:
+ friend class MemChunk;
+ MemPoolChunked(const char *label, size_t obj_size);
+ ~MemPoolChunked();
+ void convertFreeCacheToChunkFreeCache();
+ virtual void clean(time_t maxage);
+
+ /**
+ \param stats Object to be filled with statistical data about pool.
+ \retval Number of objects in use, ie. allocated.
+ */
+ virtual int getStats(MemPoolStats * stats, int accumulate);
+
+ void createChunk();
+ void *get();
+ void push(void *obj);
+ virtual int getInUseCount();
+protected:
+ virtual void *allocate();
+ virtual void deallocate(void *, bool aggressive);
+public:
+ /**
+ * Allows you tune chunk size of pooling. Objects are allocated in chunks
+ * instead of individually. This conserves memory, reduces fragmentation.
+ * Because of that memory can be freed also only in chunks. Therefore
+ * there is tradeoff between memory conservation due to chunking and free
+ * memory fragmentation.
+ *
+ \note As a general guideline, increase chunk size only for pools that keep
+ * very many items for relatively long time.
+ */
+ virtual void setChunkSize(size_t chunksize);
+
+ virtual bool idleTrigger(int shift) const;
+
+ size_t chunk_size;
+ int chunk_capacity;
+ int memPID;
+ int chunkCount;
+ void *freeCache;
+ MemChunk *nextFreeChunk;
+ MemChunk *Chunks;
+ Splay<MemChunk *> allChunks;
+};
+
+/// \ingroup MemPoolsAPI
+class MemChunk
+{
+public:
+ MemChunk(MemPoolChunked *pool);
+ ~MemChunk();
+ void *freeList;
+ void *objCache;
+ int inuse_count;
+ MemChunk *nextFreeChunk;
+ MemChunk *next;
+ time_t lastref;
+ MemPoolChunked *pool;
+};
+
+#endif /* _MEM_POOL_CHUNKED_H_ */
--- /dev/null
+#ifndef _MEM_POOL_MALLOC_H_
+#define _MEM_POOL_MALLOC_H_
+
+/**
+ \defgroup MemPoolsAPI Memory Management (Memory Pool Allocator)
+ \ingroup Components
+ *
+ *\par
+ * MemPools are a pooled memory allocator running on top of malloc(). It's
+ * purpose is to reduce memory fragmentation and provide detailed statistics
+ * on memory consumption.
+ *
+ \par
+ * Preferably all memory allocations in Squid should be done using MemPools
+ * or one of the types built on top of it (i.e. cbdata).
+ *
+ \note Usually it is better to use cbdata types as these gives you additional
+ * safeguards in references and typechecking. However, for high usage pools where
+ * the cbdata functionality of cbdata is not required directly using a MemPool
+ * might be the way to go.
+ */
+
+#include "MemPool.h"
+
+/// \ingroup MemPoolsAPI
+class MemPoolMalloc : public MemImplementingAllocator
+{
+public:
+ MemPoolMalloc(char const *label, size_t aSize);
+ ~MemPoolMalloc();
+ virtual bool idleTrigger(int shift) const;
+ virtual void clean(time_t maxage);
+
+ /**
+ \param stats Object to be filled with statistical data about pool.
+ \retval Number of objects in use, ie. allocated.
+ */
+ virtual int getStats(MemPoolStats * stats, int accumulate);
+
+ virtual int getInUseCount();
+protected:
+ virtual void *allocate();
+ virtual void deallocate(void *, bool aggressive);
+private:
+ Stack<void *> freelist;
+};
+
+
+#endif /* _MEM_POOL_MALLOC_H_ */
/*
* $Id$
*
- * DEBUG: none Refcount allocator
+ * DEBUG: section -- Refcount allocator
* AUTHOR: Robert Collins
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
struct RefCountable_ {
RefCountable_():count_(0) {}
- virtual ~RefCountable_() {}
+ virtual ~RefCountable_() { assert(count_ == 0); }
/* Not private, to allow class hierarchies */
void RefCountReference() const {
#endif
#endif
-
-/* Typedefs for missing entries on a system */
-
-/* int8_t */
-#ifndef HAVE_INT8_T
-#if HAVE_CHAR && SIZEOF_CHAR == 1
-typedef char int8_t;
-#else
-#error NO 8 bit signed type available
-#endif
-#endif
-
-/* u_int8_t */
-#ifndef HAVE_U_INT8_T
-#if HAVE_UINT8_T
-typedef uint8_t u_int8_t;
-#else
-typedef unsigned char u_int8_t;
-#endif
-#endif
-
-/* int16_t */
-#ifndef HAVE_INT16_T
-#if HAVE_SHORT && SIZEOF_SHORT == 2
-typedef short int16_t;
-#elif HAVE_INT && SIZEOF_INT == 2
-typedef int int16_t;
-#else
-#error NO 16 bit signed type available
-#endif
-#endif
-
-/* u_int16_t */
-#ifndef HAVE_U_INT16_T
-#if HAVE_UINT16_T
-typedef uint16_t u_int16_t;
-#else
-typedef unsigned int16_t u_int16_t;
-#endif
-#endif
-
-/* int32_t */
-#ifndef HAVE_INT32_T
-#if HAVE_INT && SIZEOF_INT == 4
-typedef int int32_t;
-#elif HAVE_LONG && SIZEOF_LONG == 4
-typedef long int32_t;
-#else
-#error NO 32 bit signed type available
-#endif
-#endif
-
-/* u_int32_t */
-#ifndef HAVE_U_INT32_T
-#if HAVE_UINT32_T
-typedef uint32_t u_int32_t;
-#else
-typedef unsigned int32_t u_int32_t;
-#endif
-#endif
-
-/* int64_t */
-#ifndef HAVE_INT64_T
-#if HAVE___INT64
-typedef __int64 int64_t;
-#elif HAVE_LONG && SIZEOF_LONG == 8
-typedef long int64_t;
-#elif HAVE_LONG_LONG && SIZEOF_LONG_LONG == 8
-typedef long long int64_t;
-#else
-#error NO 64 bit signed type available
-#endif
-#endif
-
-/* u_int64_t */
-#ifndef HAVE_U_INT64_T
-#if HAVE_UINT64_T
-typedef uint64_t u_int64_t;
-#else
-typedef unsigned int64_t u_int64_t;
-#endif
-#endif
-
-
-#ifndef HAVE_PID_T
-typedef int pid_t;
-#endif
-
-#ifndef HAVE_SIZE_T
-typedef unsigned int size_t;
-#endif
-
-#ifndef HAVE_SSIZE_T
-typedef int ssize_t;
-#endif
-
-#ifndef HAVE_OFF_T
-typedef int off_t;
-#endif
-
-#ifndef HAVE_MODE_T
-typedef unsigned short mode_t;
-#endif
-
-#ifndef HAVE_FD_MASK
-typedef unsigned long fd_mask;
-#endif
-
-#ifndef HAVE_SOCKLEN_T
-typedef int socklen_t;
-#endif
-
-#ifndef HAVE_MTYP_T
-typedef long mtyp_t;
-#endif
-
#if !defined(CACHEMGR_HOSTNAME)
#define CACHEMGR_HOSTNAME ""
#else
#define SQUID_UDP_SO_RCVBUF SQUID_DETECT_UDP_SO_RCVBUF
#endif
-#ifdef HAVE_MEMCPY
+#if HAVE_MEMCPY
#define xmemcpy(d,s,n) memcpy((d),(s),(n))
#elif HAVE_BCOPY
#define xmemcpy(d,s,n) bcopy((s),(d),(n))
#define xmemcpy(d,s,n) memmove((d),(s),(n))
#endif
-#ifdef HAVE_MEMMOVE
+#if HAVE_MEMMOVE
#define xmemmove(d,s,n) memmove((d),(s),(n))
#elif HAVE_BCOPY
#define xmemmove(d,s,n) bcopy((s),(d),(n))
#endif
+#if HAVE_CTYPE_H
+#include <ctype.h>
+#endif
#define xisspace(x) isspace((unsigned char)x)
#define xtoupper(x) toupper((unsigned char)x)
#define xtolower(x) tolower((unsigned char)x)
*
*/
-#include "squid_types.h"
-
typedef struct SquidMD5Context {
uint32_t buf[4];
uint32_t bytes[2];
+++ /dev/null
-/*
- * $Id$
- *
- * * * * * * * * Legal stuff * * * * * * *
- *
- * (C) 2000 Francesco Chemolli <kinkie@kame.usr.dsi.unimi.it>,
- * inspired by previous work by Andrew Doran <ad@interlude.eu.org>.
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * SQUID Web Proxy Cache http://www.squid-cache.org/
- * ----------------------------------------------------------
- *
- * Squid is the result of efforts by numerous individuals from
- * the Internet community; see the CONTRIBUTORS file for full
- * details. Many organizations have provided support for Squid's
- * development; see the SPONSORS file for full details. Squid is
- * Copyrighted (C) 2001 by the Regents of the University of
- * California; see the COPYRIGHT file for full details. Squid
- * incorporates software developed and/or copyrighted by other
- * sources; see the CREDITS file for full details.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
- *
- * * * * * * * * Declaration of intents * * * * * * *
- *
- * This header contains definitions and defines allowing to decode and
- * understand NTLM packets, as sent by Internet Explorer.
- * It's put here as it is a common utility to all HTLM-enabled modules.
- */
-
-#ifndef SQUID_NTLMAUTH_H
-#define SQUID_NTLMAUTH_H
-
-/* int*_t */
-#include "config.h"
-
-/* All of this cruft is little endian */
-#include "squid_endian.h"
-
-/* Used internally. Microsoft seems to think this is right, I believe them.
- * Right. */
-#define MAX_FIELD_LENGTH 300 /* max length of an NTLMSSP field */
-
-
-/* Here start the NTLMSSP definitions */
-/* NTLM request types that we know about */
-#define NTLM_NEGOTIATE 1
-#define NTLM_CHALLENGE 2
-#define NTLM_CHALLENGE_HEADER_OFFSET 40
-#define NTLM_AUTHENTICATE 3
-
-#define NONCE_LEN 8
-
-/* negotiate request flags */
-#define NEGOTIATE_UNICODE 0x0001
-#define NEGOTIATE_ASCII 0x0002
-#define NEGOTIATE_REQUEST_TARGET 0x0004
-#define NEGOTIATE_REQUEST_SIGN 0x0010
-#define NEGOTIATE_REQUEST_SEAL 0x0020
-#define NEGOTIATE_DATAGRAM_STYLE 0x0040
-#define NEGOTIATE_USE_LM 0x0080
-#define NEGOTIATE_USE_NETWARE 0x0100
-#define NEGOTIATE_USE_NTLM 0x0200
-#define NEGOTIATE_DOMAIN_SUPPLIED 0x1000
-#define NEGOTIATE_WORKSTATION_SUPPLIED 0x2000
-#define NEGOTIATE_THIS_IS_LOCAL_CALL 0x4000
-#define NEGOTIATE_ALWAYS_SIGN 0x8000
-
-/* challenge request flags */
-#define CHALLENGE_TARGET_IS_DOMAIN 0x10000
-#define CHALLENGE_TARGET_IS_SERVER 0x20000
-#define CHALLENGE_TARGET_IS_SHARE 0x40000
-
-/* these are marked as "extra" fields */
-#define REQUEST_INIT_RESPONSE 0x100000
-#define REQUEST_ACCEPT_RESPONSE 0x200000
-#define REQUEST_NON_NT_SESSION_KEY 0x400000
-
-
-/* String header. String data resides at the end of the request */
-typedef struct _strhdr {
- int16_t len; /* Length in bytes */
- int16_t maxlen; /* Allocated space in bytes */
- int32_t offset; /* Offset from start of request */
-} strhdr;
-
-/* We use this to keep data/lenght couples. Only used internally. */
-typedef struct _lstring {
- int32_t l; /* length, -1 if empty */
- char *str; /* the string. NULL if not initialized */
-} lstring;
-
-/* This is an header common to all signatures, it's used to discriminate
- * among the different signature types. */
-typedef struct _ntlmhdr {
- char signature[8]; /* "NTLMSSP" */
- int32_t type; /* One of the NTLM_* types above. */
-} ntlmhdr;
-
-/* Negotiation request sent by client */
-typedef struct _ntlm_negotiate {
- char signature[8]; /* "NTLMSSP" */
- int32_t type; /* LSWAP(0x1) */
- u_int32_t flags; /* Request flags */
- strhdr domain; /* Domain we wish to authenticate in */
- strhdr workstation; /* Client workstation name */
- char payload[256]; /* String data */
-} ntlm_negotiate;
-
-/* Challenge request sent by server. */
-typedef struct _ntlm_challenge {
- char signature[8]; /* "NTLMSSP" */
- int32_t type; /* LSWAP(0x2) */
- strhdr target; /* Authentication target (domain/server ...) */
- u_int32_t flags; /* Request flags */
- u_char challenge[NONCE_LEN]; /* Challenge string */
- u_int32_t context_low; /* LS part of the server context handle */
- u_int32_t context_high; /* MS part of the server context handle */
- char payload[256]; /* String data */
-} ntlm_challenge;
-
-/* Authentication request sent by client in response to challenge */
-typedef struct _ntlm_authenticate {
- char signature[8]; /* "NTLMSSP" */
- int32_t type; /* LSWAP(0x3) */
- strhdr lmresponse; /* LANMAN challenge response */
- strhdr ntresponse; /* NT challenge response */
- strhdr domain; /* Domain to authenticate against */
- strhdr user; /* Username */
- strhdr workstation; /* Workstation name */
- strhdr sessionkey; /* Session key for server's use */
- int32_t flags; /* Request flags */
- char payload[256 * 6]; /* String data */
-} ntlm_authenticate;
-
-const char *ntlm_make_challenge(char *domain, char *domain_controller,
- char *challenge_nonce, int challenge_nonce_len);
-lstring ntlm_fetch_string(char *packet, int32_t length, strhdr * str);
-void ntlm_add_to_payload(char *payload, int *payload_length,
- strhdr * hdr, char *toadd,
- int toadd_length, int base_offset);
-
-#endif /* SQUID_NTLMAUTH_H */
-
#ifndef _PROFILING_H_
#define _PROFILING_H_
class CacheManager;
#endif
-#ifdef USE_XPROF_STATS
+#if USE_XPROF_STATS
-#if !defined(_SQUID_SOLARIS_)
+#if !_SQUID_SOLARIS_
typedef int64_t hrtime_t;
-#else
-#include <sys/time.h>
#endif
#if defined(__GNUC__) && ( defined(__i386) || defined(__i386__) )
}
#else
-static inline hrtime_t
-get_tick(void)
-{
- return 0; // unsupported on this CPU
-}
+/* This CPU is unsupported. Short-circuit, no profiling here */
+#define get_tick() 0
#undef USE_XPROF_STATS
#endif
#endif /* USE_XPROF_STATS - maybe disabled above */
-#ifdef USE_XPROF_STATS
+#if USE_XPROF_STATS
typedef enum {
XPROF_PROF_UNACCOUNTED,
SQUIDCEXTERN int rfc1035QueryCompare(const rfc1035_query *, const rfc1035_query *);
SQUIDCEXTERN void rfc1035RRDestroy(rfc1035_rr ** rr, int n);
SQUIDCEXTERN void rfc1035MessageDestroy(rfc1035_message ** message);
-SQUIDCEXTERN int rfc1035_errno;
-SQUIDCEXTERN const char *rfc1035_error_message;
+SQUIDCEXTERN const char * rfc1035ErrorMessage(int n);
#define RFC1035_TYPE_A 1
#define RFC1035_TYPE_CNAME 5
*/
#define RFC2181_MAXHOSTNAMELEN 256
-/// Back-port macro for old squid code still using SQUIDHOSTNAMELEN without RFC reference.
+/** Back-port macro for old squid code still using SQUIDHOSTNAMELEN without RFC reference. */
#define SQUIDHOSTNAMELEN RFC2181_MAXHOSTNAMELEN
#endif /* _SQUID_INCLUDE_RFC1123_H */
/* RFC3596 section 2.1 defines new RR type AAAA as 28 */
#define RFC1035_TYPE_AAAA 28
-/* rfc3596 library wraps rfc1035 errno and error_message */
-#define rfc3596_errno rfc1035_errno
-#define rfc3596_error_message rfc1035_error_message
-
-
#endif /* SQUID_RFC3596_H */
-/*
- * $Id$
- */
-
#ifndef SQUID_SNMP_API_H
#define SQUID_SNMP_API_H
#include "config.h"
-#ifdef HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
/***********************************************************
Copyright 1989 by Carnegie Mellon University
#undef timerisset
#define timerisset(tvp) ((tvp)->tv_sec || (tvp)->tv_usec)
-#ifdef HAVE_SRAND
+#if HAVE_SRAND
#define random rand
#define srandom srand
#endif /* HAVE_SRAND */
*/
#include "config.h"
-#include "squid_types.h"
/*
* Some systems define bswap_16() and bswap_32() in <byteswap.h>
#if HAVE_BYTESWAP_H
# include <byteswap.h>
#endif /* HAVE_BYTESWAP_H */
-#ifdef HAVE_MACHINE_BYTE_SWAP_H
+#if HAVE_MACHINE_BYTE_SWAP_H
# include <machine/byte_swap.h>
#endif /* HAVE_MACHINE_BYTE_SWAP_H */
#if HAVE_SYS_BSWAP_H
-/*
- * Squid VCS $Id$
- */
#include "config.h"
#if HAVE_STRNSTR
-/* Is strnstr exists and is usablewe do so. */
+/* Is strnstr exists and is usable we do so. */
#define squid_strnstr(a,b,c) strnstr(a,b,c)
#else /* not HAVE_STRNSTR */
+++ /dev/null
-/*
- * $Id$
- */
-#ifndef _SQUIDINC_STRTOLL_H
-#define _SQUIDINC_STRTOLL_H
-
-#include "config.h"
-
-#if HAVE_STRTOLL
-
-/*
- * Get strtoll() declaration.
- */
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-
-#else
-
-/**
-\par
-* Convert a string to a int64 integer.
-\par
-* Ignores `locale' stuff. Assumes that the upper and lower case
-* alphabets and digits are each contiguous.
-*/
-SQUIDCEXTERN int64_t strtoll(const char *nptr, char **endptr, int base);
-
-#endif /* !HAVE_STRTOLL */
-
-#endif /* _SQUIDINC_STRTOLL_H */
#if HAVE_TIME_H
#include <time.h>
#endif
-#if HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
#if HAVE_ARPA_INET_H
#include <arpa/inet.h>
#endif
-#if defined(_SQUID_FREEBSD_)
-#define _etext etext
-#endif
-
SQUIDCEXTERN const char *mkhttpdlogtime(const time_t *);
SQUIDCEXTERN const char *mkrfc1123(time_t);
SQUIDCEXTERN char *uudecode(const char *);
SQUIDCEXTERN const char *xitoa(int num);
SQUIDCEXTERN const char *xint64toa(int64_t num);
-#if !HAVE_DRAND48
-SQUIDCEXTERN double drand48(void);
-#endif
-
typedef struct {
size_t count;
size_t bytes;
#ifdef _SQUID_MSWIN_
SQUIDCEXTERN int chroot (const char *);
SQUIDCEXTERN int ftruncate(int, off_t);
-#ifndef HAVE_GETTIMEOFDAY
+#if !HAVE_GETTIMEOFDAY
SQUIDCEXTERN int gettimeofday(struct timeval * ,void *);
#endif
SQUIDCEXTERN int kill(pid_t, int);
libsspwin32.a
noinst_LIBRARIES = \
libmiscutil.a \
- libntlmauth.a \
$(LIBSSPWIN32)
#
win32lib.c
libmiscutil_a_SOURCES = \
MemPool.cc \
+ MemPoolChunked.cc \
+ MemPoolMalloc.cc \
base64.c \
charset.c \
getfullhostname.c \
libmiscutil_a_LIBADD = $(LIBOBJS)
# $(top_srcdir)/include/version.h should be a dependency
-libntlmauth_a_SOURCES = \
- ntlmauth.c
-libntlmauth_a_LIBADD = \
- $(LIBOBJS)
libsspwin32_a_SOURCES = \
base64.c \
sspwin32.c
*
*/
-/*
- * Old way:
- * xmalloc each item separately, upon free stack into idle pool array.
- * each item is individually malloc()ed from system, imposing libmalloc
- * overhead, and additionally we add our overhead of pointer size per item
- * as we keep a list of pointer to free items.
- *
- * Chunking:
- * xmalloc Chunk that fits at least MEM_MIN_FREE (32) items in an array, but
- * limit Chunk size to MEM_CHUNK_MAX_SIZE (256K). Chunk size is rounded up to
- * MEM_PAGE_SIZE (4K), trying to have chunks in multiples of VM_PAGE size.
- * Minimum Chunk size is MEM_CHUNK_SIZE (16K).
- * A number of items fits into a single chunk, depending on item size.
- * Maximum number of items per chunk is limited to MEM_MAX_FREE (65535).
- *
- * We populate Chunk with a linkedlist, each node at first word of item,
- * and pointing at next free item. Chunk->FreeList is pointing at first
- * free node. Thus we stuff free housekeeping into the Chunk itself, and
- * omit pointer overhead per item.
- *
- * Chunks are created on demand, and new chunks are inserted into linklist
- * of chunks so that Chunks with smaller pointer value are placed closer
- * to the linklist head. Head is a hotspot, servicing most of requests, so
- * slow sorting occurs and Chunks in highest memory tend to become idle
- * and freeable.
- *
- * event is registered that runs every 15 secs and checks reference time
- * of each idle chunk. If a chunk is not referenced for 15 secs, it is
- * released.
- *
- * [If mem_idle_limit is exceeded with pools, every chunk that becomes
- * idle is immediately considered for release, unless this is the only
- * chunk with free items in it.] (not implemented)
- *
- * In cachemgr output, there are new columns for chunking. Special item,
- * Frag, is shown to estimate approximately fragmentation of chunked
- * pools. Fragmentation is calculated by taking amount of items in use,
- * calculating needed amount of chunks to fit all, and then comparing to
- * actual amount of chunks in use. Frag number, in percent, is showing
- * how many percent of chunks are in use excessively. 100% meaning that
- * twice the needed amount of chunks are in use.
- * "part" item shows number of chunks partially filled. This shows how
- * badly fragmentation is spread across all chunks.
- *
- * Andres Kroonmaa.
- * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
- */
-
#include "config.h"
#if HAVE_ASSERT_H
#include <assert.h>
#endif
#include "MemPool.h"
+#include "MemPoolChunked.h"
+#include "MemPoolMalloc.h"
#define FLUSH_LIMIT 1000 /* Flush memPool counters to memMeters after flush limit calls */
-#define MEM_MAX_MMAP_CHUNKS 2048
#if HAVE_STRING_H
#include <string.h>
static int Pool_id_counter = 0;
-/* local prototypes */
-static int memCompChunks(MemChunk * const &, MemChunk * const &);
-static int memCompObjChunks(void * const &, MemChunk * const &);
-
MemPools &
MemPools::GetInstance()
{
}
void
-MemPools::setIdleLimit(size_t new_idle_limit)
+MemPools::setIdleLimit(ssize_t new_idle_limit)
{
mem_idle_limit = new_idle_limit;
}
-size_t
+ssize_t
MemPools::idleLimit() const
{
return mem_idle_limit;
}
-/* Compare chunks */
-static int
-memCompChunks(MemChunk * const &chunkA, MemChunk * const &chunkB)
-{
- if (chunkA->objCache > chunkB->objCache)
- return 1;
- else if (chunkA->objCache < chunkB->objCache)
- return -1;
- else
- return 0;
-}
-
-/* Compare object to chunk */
-static int
-memCompObjChunks(void *const &obj, MemChunk * const &chunk)
-{
- /* object is lower in memory than the chunks arena */
- if (obj < chunk->objCache)
- return -1;
- /* object is within the pool */
- if (obj < (void *) ((char *) chunk->objCache + chunk->pool->chunk_size))
- return 0;
- /* object is above the pool */
- return 1;
-}
-
-MemChunk::MemChunk(MemPool *aPool)
-{
- /* should have a pool for this too -
- * note that this requres:
- * allocate one chunk for the pool of chunks's first chunk
- * allocate a chunk from that pool
- * move the contents of one chunk into the other
- * free the first chunk.
- */
- inuse_count = 0;
- next = NULL;
- pool = aPool;
-
- objCache = xcalloc(1, pool->chunk_size);
- freeList = objCache;
- void **Free = (void **)freeList;
-
- for (int i = 1; i < pool->chunk_capacity; i++) {
- *Free = (void *) ((char *) Free + pool->obj_size);
- void **nextFree = (void **)*Free;
- (void) VALGRIND_MAKE_MEM_NOACCESS(Free, pool->obj_size);
- Free = nextFree;
- }
- nextFreeChunk = pool->nextFreeChunk;
- pool->nextFreeChunk = this;
-
- memMeterAdd(pool->getMeter().alloc, pool->chunk_capacity);
- memMeterAdd(pool->getMeter().idle, pool->chunk_capacity);
- pool->idle += pool->chunk_capacity;
- pool->chunkCount++;
- lastref = squid_curtime;
- pool->allChunks.insert(this, memCompChunks);
-}
-
-MemPool::MemPool(const char *aLabel, size_t aSize) : MemImplementingAllocator(aLabel, aSize)
-{
- chunk_size = 0;
- chunk_capacity = 0;
- memPID = 0;
- chunkCount = 0;
- inuse = 0;
- idle = 0;
- freeCache = 0;
- nextFreeChunk = 0;
- Chunks = 0;
- next = 0;
- MemImplementingAllocator *last_pool;
-
- assert(aLabel != NULL && aSize);
-
- setChunkSize(MEM_CHUNK_SIZE);
-
- /* Append as Last */
- for (last_pool = MemPools::GetInstance().pools; last_pool && last_pool->next;)
- last_pool = last_pool->next;
- if (last_pool)
- last_pool->next = this;
- else
- MemPools::GetInstance().pools = this;
-
- memPID = ++Pool_id_counter;
-}
-
-MemChunk::~MemChunk()
-{
- memMeterDel(pool->getMeter().alloc, pool->chunk_capacity);
- memMeterDel(pool->getMeter().idle, pool->chunk_capacity);
- pool->idle -= pool->chunk_capacity;
- pool->chunkCount--;
- pool->allChunks.remove(this, memCompChunks);
- xfree(objCache);
-}
-
-void
-MemPool::push(void *obj)
-{
- void **Free;
- /* XXX We should figure out a sane way of avoiding having to clear
- * all buffers. For example data buffers such as used by MemBuf do
- * not really need to be cleared.. There was a condition based on
- * the object size here, but such condition is not safe.
- */
- if (doZeroOnPush)
- memset(obj, 0, obj_size);
- Free = (void **)obj;
- *Free = freeCache;
- freeCache = obj;
- (void) VALGRIND_MAKE_MEM_NOACCESS(obj, obj_size);
-}
-
-/*
- * Find a chunk with a free item.
- * Create new chunk on demand if no chunk with frees found.
- * Insert new chunk in front of lowest ram chunk, making it preferred in future,
- * and resulting slow compaction towards lowest ram area.
- */
-void *
-MemPool::get()
-{
- void **Free;
-
- /* first, try cache */
- if (freeCache) {
- Free = (void **)freeCache;
- (void) VALGRIND_MAKE_MEM_DEFINED(Free, obj_size);
- freeCache = *Free;
- *Free = NULL;
- return Free;
- }
- /* then try perchunk freelist chain */
- if (nextFreeChunk == NULL) {
- /* no chunk with frees, so create new one */
- createChunk();
- }
- /* now we have some in perchunk freelist chain */
- MemChunk *chunk = nextFreeChunk;
-
- Free = (void **)chunk->freeList;
- chunk->freeList = *Free;
- *Free = NULL;
- chunk->inuse_count++;
- chunk->lastref = squid_curtime;
-
- if (chunk->freeList == NULL) {
- /* last free in this chunk, so remove us from perchunk freelist chain */
- nextFreeChunk = chunk->nextFreeChunk;
- }
- (void) VALGRIND_MAKE_MEM_DEFINED(Free, obj_size);
- return Free;
-}
-
-/* just create a new chunk and place it into a good spot in the chunk chain */
-void
-MemPool::createChunk()
-{
- MemChunk *chunk, *newChunk;
-
- newChunk = new MemChunk(this);
-
- chunk = Chunks;
- if (chunk == NULL) { /* first chunk in pool */
- Chunks = newChunk;
- return;
- }
- if (newChunk->objCache < chunk->objCache) {
- /* we are lowest ram chunk, insert as first chunk */
- newChunk->next = chunk;
- Chunks = newChunk;
- return;
- }
- while (chunk->next) {
- if (newChunk->objCache < chunk->next->objCache) {
- /* new chunk is in lower ram, insert here */
- newChunk->next = chunk->next;
- chunk->next = newChunk;
- return;
- }
- chunk = chunk->next;
- }
- /* we are the worst chunk in chain, add as last */
- chunk->next = newChunk;
-}
-
/* Change the default calue of defaultIsChunked to override
* all pools - including those used before main() starts where
* MemPools::GetInstance().setDefaultPoolChunking() can be called.
*/
MemPools::MemPools() : pools(NULL), mem_idle_limit(2 * MB),
- poolCount (0), defaultIsChunked (!DISABLE_POOLS && !RUNNING_ON_VALGRIND)
+ poolCount (0), defaultIsChunked (USE_CHUNKEDMEMPOOLS && !RUNNING_ON_VALGRIND)
{
char *cfg = getenv("MEMPOOLS");
if (cfg)
defaultIsChunked = atoi(cfg);
-#if HAVE_MALLOPT && M_MMAP_MAX
- mallopt(M_MMAP_MAX, MEM_MAX_MMAP_CHUNKS);
-#endif
-}
-
-void
-MemPool::setChunkSize(size_t chunksize)
-{
- int cap;
- size_t csize = chunksize;
-
- if (Chunks) /* unsafe to tamper */
- return;
-
- csize = ((csize + MEM_PAGE_SIZE - 1) / MEM_PAGE_SIZE) * MEM_PAGE_SIZE; /* round up to page size */
- cap = csize / obj_size;
-
- if (cap < MEM_MIN_FREE)
- cap = MEM_MIN_FREE;
- if (cap * obj_size > MEM_CHUNK_MAX_SIZE)
- cap = MEM_CHUNK_MAX_SIZE / obj_size;
- if (cap > MEM_MAX_FREE)
- cap = MEM_MAX_FREE;
- if (cap < 1)
- cap = 1;
-
- csize = cap * obj_size;
- csize = ((csize + MEM_PAGE_SIZE - 1) / MEM_PAGE_SIZE) * MEM_PAGE_SIZE; /* round up to page size */
- cap = csize / obj_size;
-
- chunk_capacity = cap;
- chunk_size = csize;
}
MemImplementingAllocator *
MemPools::create(const char *label, size_t obj_size)
-{
- return create (label, obj_size, defaultIsChunked);
-}
-
-MemImplementingAllocator *
-MemPools::create(const char *label, size_t obj_size, bool const chunked)
{
++poolCount;
- if (chunked)
- return new MemPool (label, obj_size);
+ if (defaultIsChunked)
+ return new MemPoolChunked (label, obj_size);
else
- return new MemMalloc (label, obj_size);
+ return new MemPoolMalloc (label, obj_size);
}
void
defaultIsChunked = aBool;
}
-/*
- * warning: we do not clean this entry from Pools assuming destruction
- * is used at the end of the program only
- */
-MemPool::~MemPool()
-{
- MemChunk *chunk, *fchunk;
- MemImplementingAllocator *find_pool, *prev_pool;
-
- flushMetersFull();
- clean(0);
- assert(inuse == 0 && "While trying to destroy pool");
-
- chunk = Chunks;
- while ( (fchunk = chunk) != NULL) {
- chunk = chunk->next;
- delete fchunk;
- }
- /* TODO we should be doing something about the original Chunks pointer here. */
-
- assert(MemPools::GetInstance().pools != NULL && "Called MemPool::~MemPool, but no pool exists!");
-
- /* Pool clean, remove it from List and free */
- for (find_pool = MemPools::GetInstance().pools, prev_pool = NULL; (find_pool && this != find_pool); find_pool = find_pool->next)
- prev_pool = find_pool;
- assert(find_pool != NULL && "pool to destroy not found");
-
- if (prev_pool)
- prev_pool->next = next;
- else
- MemPools::GetInstance().pools = next;
- --MemPools::GetInstance().poolCount;
-}
-
char const *
MemAllocator::objectType() const
{
calls = free_calls;
if (calls) {
- getMeter().gb_freed.count += calls;
- memMeterDel(getMeter().inuse, calls);
- memMeterAdd(getMeter().idle, calls);
+ meter.gb_freed.count += calls;
free_calls = 0;
}
calls = alloc_calls;
if (calls) {
- meter.gb_saved.count += calls;
- memMeterAdd(meter.inuse, calls);
- memMeterDel(meter.idle, calls);
+ meter.gb_allocated.count += calls;
alloc_calls = 0;
}
+ calls = saved_calls;
+ if (calls) {
+ meter.gb_saved.count += calls;
+ saved_calls = 0;
+ }
}
void
MemImplementingAllocator::flushMetersFull()
{
flushMeters();
+ getMeter().gb_allocated.bytes = getMeter().gb_allocated.count * obj_size;
getMeter().gb_saved.bytes = getMeter().gb_saved.count * obj_size;
getMeter().gb_freed.bytes = getMeter().gb_freed.count * obj_size;
}
alloc.level = 0;
inuse.level = 0;
idle.level = 0;
+ gb_allocated.count = 0;
+ gb_allocated.bytes = 0;
+ gb_oallocated.count = 0;
+ gb_oallocated.bytes = 0;
gb_saved.count = 0;
gb_saved.bytes = 0;
gb_freed.count = 0;
gb_freed.bytes = 0;
}
+
+MemPoolMeter::MemPoolMeter()
+{
+ flush();
+}
+
/*
* Updates all pool counters, and recreates TheMeter totals from all pools
*/
memMeterAdd(TheMeter.alloc, pool->getMeter().alloc.level * pool->obj_size);
memMeterAdd(TheMeter.inuse, pool->getMeter().inuse.level * pool->obj_size);
memMeterAdd(TheMeter.idle, pool->getMeter().idle.level * pool->obj_size);
+ TheMeter.gb_allocated.count += pool->getMeter().gb_allocated.count;
TheMeter.gb_saved.count += pool->getMeter().gb_saved.count;
TheMeter.gb_freed.count += pool->getMeter().gb_freed.count;
+ TheMeter.gb_allocated.bytes += pool->getMeter().gb_allocated.bytes;
TheMeter.gb_saved.bytes += pool->getMeter().gb_saved.bytes;
TheMeter.gb_freed.bytes += pool->getMeter().gb_freed.bytes;
}
memPoolIterateDone(&iter);
}
-void *
-MemMalloc::allocate()
-{
- inuse++;
- return xcalloc(1, obj_size);
-}
-
-void
-MemMalloc::deallocate(void *obj)
-{
- inuse--;
- xfree(obj);
-}
-
void *
MemImplementingAllocator::alloc()
{
}
void
-MemImplementingAllocator::free(void *obj)
+MemImplementingAllocator::freeOne(void *obj)
{
assert(obj != NULL);
(void) VALGRIND_CHECK_MEM_IS_ADDRESSABLE(obj, obj_size);
- deallocate(obj);
+ deallocate(obj, MemPools::GetInstance().mem_idle_limit == 0);
++free_calls;
}
-int
-MemPool::getInUseCount()
-{
- return inuse;
-}
-
-void *
-MemPool::allocate()
-{
- void *p = get();
- assert(idle);
- --idle;
- ++inuse;
- return p;
-}
-
-void
-MemPool::deallocate(void *obj)
-{
- push(obj);
- assert(inuse);
- --inuse;
- ++idle;
-}
-
-void
-MemPool::convertFreeCacheToChunkFreeCache()
-{
- void *Free;
- /*
- * OK, so we have to go through all the global freeCache and find the Chunk
- * any given Free belongs to, and stuff it into that Chunk's freelist
- */
-
- while ((Free = freeCache) != NULL) {
- MemChunk *chunk = NULL;
- chunk = const_cast<MemChunk *>(*allChunks.find(Free, memCompObjChunks));
- assert(splayLastResult == 0);
- assert(chunk->inuse_count > 0);
- chunk->inuse_count--;
- (void) VALGRIND_MAKE_MEM_DEFINED(Free, sizeof(void *));
- freeCache = *(void **)Free; /* remove from global cache */
- *(void **)Free = chunk->freeList; /* stuff into chunks freelist */
- (void) VALGRIND_MAKE_MEM_NOACCESS(Free, sizeof(void *));
- chunk->freeList = Free;
- chunk->lastref = squid_curtime;
- }
-
-}
-
-/* removes empty Chunks from pool */
-void
-MemPool::clean(time_t maxage)
-{
- MemChunk *chunk, *freechunk, *listTail;
- time_t age;
-
- if (!this)
- return;
- if (!Chunks)
- return;
-
- flushMetersFull();
- convertFreeCacheToChunkFreeCache();
- /* Now we have all chunks in this pool cleared up, all free items returned to their home */
- /* We start now checking all chunks to see if we can release any */
- /* We start from Chunks->next, so first chunk is not released */
- /* Recreate nextFreeChunk list from scratch */
-
- chunk = Chunks;
- while ((freechunk = chunk->next) != NULL) {
- age = squid_curtime - freechunk->lastref;
- freechunk->nextFreeChunk = NULL;
- if (freechunk->inuse_count == 0)
- if (age >= maxage) {
- chunk->next = freechunk->next;
- delete freechunk;
- freechunk = NULL;
- }
- if (chunk->next == NULL)
- break;
- chunk = chunk->next;
- }
-
- /* Recreate nextFreeChunk list from scratch */
- /* Populate nextFreeChunk list in order of "most filled chunk first" */
- /* in case of equal fill, put chunk in lower ram first */
- /* First (create time) chunk is always on top, no matter how full */
-
- chunk = Chunks;
- nextFreeChunk = chunk;
- chunk->nextFreeChunk = NULL;
-
- while (chunk->next) {
- chunk->next->nextFreeChunk = NULL;
- if (chunk->next->inuse_count < chunk_capacity) {
- listTail = nextFreeChunk;
- while (listTail->nextFreeChunk) {
- if (chunk->next->inuse_count > listTail->nextFreeChunk->inuse_count)
- break;
- if ((chunk->next->inuse_count == listTail->nextFreeChunk->inuse_count) &&
- (chunk->next->objCache < listTail->nextFreeChunk->objCache))
- break;
- listTail = listTail->nextFreeChunk;
- }
- chunk->next->nextFreeChunk = listTail->nextFreeChunk;
- listTail->nextFreeChunk = chunk->next;
- }
- chunk = chunk->next;
- }
- /* We started from 2nd chunk. If first chunk is full, remove it */
- if (nextFreeChunk->inuse_count == chunk_capacity)
- nextFreeChunk = nextFreeChunk->nextFreeChunk;
-
- return;
-}
-
/*
* Returns all cached frees to their home chunks
* If chunks unreferenced age is over, destroys Idle chunk
void
MemPools::clean(time_t maxage)
{
- MemImplementingAllocator *pool;
- MemPoolIterator *iter;
+ flushMeters();
+ if (mem_idle_limit < 0) // no limit to enforce
+ return;
int shift = 1;
- flushMeters();
if (TheMeter.idle.level > mem_idle_limit)
maxage = shift = 0;
+ MemImplementingAllocator *pool;
+ MemPoolIterator *iter;
iter = memPoolIterate();
while ((pool = memPoolIterateNext(iter)))
if (pool->idleTrigger(shift))
memPoolIterateDone(&iter);
}
-bool
-MemPool::idleTrigger(int shift) const
-{
- return getMeter().idle.level > (chunk_capacity << shift);
-}
-
/* Persistent Pool stats. for GlobalStats accumulation */
static MemPoolStats pp_stats;
-/*
- * Update MemPoolStats struct for single pool
- */
-int
-MemPool::getStats(MemPoolStats * stats)
-{
- MemChunk *chunk;
- int chunks_free = 0;
- int chunks_partial = 0;
-
- if (stats != &pp_stats) /* need skip memset for GlobalStats accumulation */
- /* XXX Fixme */
- memset(stats, 0, sizeof(MemPoolStats));
-
- clean((time_t) 555555); /* don't want to get chunks released before reporting */
-
- stats->pool = this;
- stats->label = objectType();
- stats->meter = &getMeter();
- stats->obj_size = obj_size;
- stats->chunk_capacity = chunk_capacity;
-
- /* gather stats for each Chunk */
- chunk = Chunks;
- while (chunk) {
- if (chunk->inuse_count == 0)
- chunks_free++;
- else if (chunk->inuse_count < chunk_capacity)
- chunks_partial++;
- chunk = chunk->next;
- }
-
- stats->chunks_alloc += chunkCount;
- stats->chunks_inuse += chunkCount - chunks_free;
- stats->chunks_partial += chunks_partial;
- stats->chunks_free += chunks_free;
-
- stats->items_alloc += getMeter().alloc.level;
- stats->items_inuse += getMeter().inuse.level;
- stats->items_idle += getMeter().idle.level;
-
- stats->overhead += sizeof(MemPool) + chunkCount * sizeof(MemChunk) + strlen(objectType()) + 1;
-
- return getMeter().inuse.level;
-}
-
-/* TODO extract common logic to MemAllocate */
-int
-MemMalloc::getStats(MemPoolStats * stats)
-{
- if (stats != &pp_stats) /* need skip memset for GlobalStats accumulation */
- /* XXX Fixme */
- memset(stats, 0, sizeof(MemPoolStats));
-
- stats->pool = this;
- stats->label = objectType();
- stats->meter = &getMeter();
- stats->obj_size = obj_size;
- stats->chunk_capacity = 0;
-
- stats->chunks_alloc += 0;
- stats->chunks_inuse += 0;
- stats->chunks_partial += 0;
- stats->chunks_free += 0;
-
- stats->items_alloc += getMeter().alloc.level;
- stats->items_inuse += getMeter().inuse.level;
- stats->items_idle += getMeter().idle.level;
-
- stats->overhead += sizeof(MemMalloc) + strlen(objectType()) + 1;
-
- return getMeter().inuse.level;
-}
-
-int
-MemMalloc::getInUseCount()
-{
- return inuse;
-}
-
/*
* Totals statistics is returned
*/
/* gather all stats for Totals */
iter = memPoolIterate();
while ((pool = memPoolIterateNext(iter))) {
- if (pool->getStats(&pp_stats) > 0)
+ if (pool->getStats(&pp_stats, 1) > 0)
pools_inuse++;
}
memPoolIterateDone(&iter);
stats->tot_items_inuse = pp_stats.items_inuse;
stats->tot_items_idle = pp_stats.items_idle;
- stats->tot_overhead += pp_stats.overhead + MemPools::GetInstance().poolCount * sizeof(MemPool *);
+ stats->tot_overhead += pp_stats.overhead + MemPools::GetInstance().poolCount * sizeof(MemAllocator *);
stats->mem_idle_limit = MemPools::GetInstance().mem_idle_limit;
return pools_inuse;
return ((s + sizeof(void*) - 1) / sizeof(void*)) * sizeof(void*);
}
-MemMalloc::MemMalloc(char const *aLabel, size_t aSize) : MemImplementingAllocator(aLabel, aSize) { inuse = 0; }
-
-bool
-MemMalloc::idleTrigger(int shift) const
-{
- return false;
-}
-
-void
-MemMalloc::clean(time_t maxage)
-{
-}
-
int
memPoolInUseCount(MemAllocator * pool)
{
}
void
-MemAllocatorProxy::free(void *address)
+MemAllocatorProxy::freeOne(void *address)
{
- getAllocator()->free(address);
+ getAllocator()->freeOne(address);
/* TODO: check for empty, and if so, if the default type has altered,
* switch
*/
next(NULL),
alloc_calls(0),
free_calls(0),
+ saved_calls(0),
obj_size(RoundedSize(aSize))
{
+ memPID = ++Pool_id_counter;
+
+ MemImplementingAllocator *last_pool;
+
+ assert(aLabel != NULL && aSize);
+ /* Append as Last */
+ for (last_pool = MemPools::GetInstance().pools; last_pool && last_pool->next;)
+ last_pool = last_pool->next;
+ if (last_pool)
+ last_pool->next = this;
+ else
+ MemPools::GetInstance().pools = this;
+}
+
+MemImplementingAllocator::~MemImplementingAllocator()
+{
+ MemImplementingAllocator *find_pool, *prev_pool;
+
+ assert(MemPools::GetInstance().pools != NULL && "Called MemImplementingAllocator::~MemImplementingAllocator, but no pool exists!");
+
+ /* Pool clean, remove it from List and free */
+ for (find_pool = MemPools::GetInstance().pools, prev_pool = NULL; (find_pool && this != find_pool); find_pool = find_pool->next)
+ prev_pool = find_pool;
+ assert(find_pool != NULL && "pool to destroy not found");
+
+ if (prev_pool)
+ prev_pool->next = next;
+ else
+ MemPools::GetInstance().pools = next;
+ --MemPools::GetInstance().poolCount;
}
void
--- /dev/null
+
+/*
+ * $Id$
+ *
+ * DEBUG: section 63 Low Level Memory Pool Management
+ * AUTHOR: Alex Rousskov, Andres Kroonmaa, Robert Collins
+ *
+ * SQUID Internet Object Cache http://squid.nlanr.net/Squid/
+ * ----------------------------------------------------------
+ *
+ * Squid is the result of efforts by numerous individuals from the
+ * Internet community. Development is led by Duane Wessels of the
+ * National Laboratory for Applied Network Research and funded by the
+ * National Science Foundation. Squid is Copyrighted (C) 1998 by
+ * the Regents of the University of California. Please see the
+ * COPYRIGHT file for full details. Squid incorporates software
+ * developed and/or copyrighted by other sources. Please see the
+ * CREDITS file for full details.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ *
+ */
+
+/*
+ * Old way:
+ * xmalloc each item separately, upon free stack into idle pool array.
+ * each item is individually malloc()ed from system, imposing libmalloc
+ * overhead, and additionally we add our overhead of pointer size per item
+ * as we keep a list of pointer to free items.
+ *
+ * Chunking:
+ * xmalloc Chunk that fits at least MEM_MIN_FREE (32) items in an array, but
+ * limit Chunk size to MEM_CHUNK_MAX_SIZE (256K). Chunk size is rounded up to
+ * MEM_PAGE_SIZE (4K), trying to have chunks in multiples of VM_PAGE size.
+ * Minimum Chunk size is MEM_CHUNK_SIZE (16K).
+ * A number of items fits into a single chunk, depending on item size.
+ * Maximum number of items per chunk is limited to MEM_MAX_FREE (65535).
+ *
+ * We populate Chunk with a linkedlist, each node at first word of item,
+ * and pointing at next free item. Chunk->FreeList is pointing at first
+ * free node. Thus we stuff free housekeeping into the Chunk itself, and
+ * omit pointer overhead per item.
+ *
+ * Chunks are created on demand, and new chunks are inserted into linklist
+ * of chunks so that Chunks with smaller pointer value are placed closer
+ * to the linklist head. Head is a hotspot, servicing most of requests, so
+ * slow sorting occurs and Chunks in highest memory tend to become idle
+ * and freeable.
+ *
+ * event is registered that runs every 15 secs and checks reference time
+ * of each idle chunk. If a chunk is not referenced for 15 secs, it is
+ * released.
+ *
+ * [If mem_idle_limit is exceeded with pools, every chunk that becomes
+ * idle is immediately considered for release, unless this is the only
+ * chunk with free items in it.] (not implemented)
+ *
+ * In cachemgr output, there are new columns for chunking. Special item,
+ * Frag, is shown to estimate approximately fragmentation of chunked
+ * pools. Fragmentation is calculated by taking amount of items in use,
+ * calculating needed amount of chunks to fit all, and then comparing to
+ * actual amount of chunks in use. Frag number, in percent, is showing
+ * how many percent of chunks are in use excessively. 100% meaning that
+ * twice the needed amount of chunks are in use.
+ * "part" item shows number of chunks partially filled. This shows how
+ * badly fragmentation is spread across all chunks.
+ *
+ * Andres Kroonmaa.
+ * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
+ */
+
+#include "config.h"
+#if HAVE_ASSERT_H
+#include <assert.h>
+#endif
+
+#include "MemPoolChunked.h"
+
+#define MEM_MAX_MMAP_CHUNKS 2048
+
+#if HAVE_STRING_H
+#include <string.h>
+#endif
+
+/*
+ * XXX This is a boundary violation between lib and src.. would be good
+ * if it could be solved otherwise, but left for now.
+ */
+extern time_t squid_curtime;
+
+/* local prototypes */
+static int memCompChunks(MemChunk * const &, MemChunk * const &);
+static int memCompObjChunks(void * const &, MemChunk * const &);
+
+/* Compare chunks */
+static int
+memCompChunks(MemChunk * const &chunkA, MemChunk * const &chunkB)
+{
+ if (chunkA->objCache > chunkB->objCache)
+ return 1;
+ else if (chunkA->objCache < chunkB->objCache)
+ return -1;
+ else
+ return 0;
+}
+
+/* Compare object to chunk */
+static int
+memCompObjChunks(void *const &obj, MemChunk * const &chunk)
+{
+ /* object is lower in memory than the chunks arena */
+ if (obj < chunk->objCache)
+ return -1;
+ /* object is within the pool */
+ if (obj < (void *) ((char *) chunk->objCache + chunk->pool->chunk_size))
+ return 0;
+ /* object is above the pool */
+ return 1;
+}
+
+MemChunk::MemChunk(MemPoolChunked *aPool)
+{
+ /* should have a pool for this too -
+ * note that this requres:
+ * allocate one chunk for the pool of chunks's first chunk
+ * allocate a chunk from that pool
+ * move the contents of one chunk into the other
+ * free the first chunk.
+ */
+ inuse_count = 0;
+ next = NULL;
+ pool = aPool;
+
+ objCache = xcalloc(1, pool->chunk_size);
+ freeList = objCache;
+ void **Free = (void **)freeList;
+
+ for (int i = 1; i < pool->chunk_capacity; i++) {
+ *Free = (void *) ((char *) Free + pool->obj_size);
+ void **nextFree = (void **)*Free;
+ (void) VALGRIND_MAKE_MEM_NOACCESS(Free, pool->obj_size);
+ Free = nextFree;
+ }
+ nextFreeChunk = pool->nextFreeChunk;
+ pool->nextFreeChunk = this;
+
+ memMeterAdd(pool->getMeter().alloc, pool->chunk_capacity);
+ memMeterAdd(pool->getMeter().idle, pool->chunk_capacity);
+ pool->chunkCount++;
+ lastref = squid_curtime;
+ pool->allChunks.insert(this, memCompChunks);
+}
+
+MemPoolChunked::MemPoolChunked(const char *aLabel, size_t aSize) : MemImplementingAllocator(aLabel, aSize)
+{
+ chunk_size = 0;
+ chunk_capacity = 0;
+ chunkCount = 0;
+ freeCache = 0;
+ nextFreeChunk = 0;
+ Chunks = 0;
+ next = 0;
+
+ setChunkSize(MEM_CHUNK_SIZE);
+
+#if HAVE_MALLOPT && M_MMAP_MAX
+ mallopt(M_MMAP_MAX, MEM_MAX_MMAP_CHUNKS);
+#endif
+}
+
+MemChunk::~MemChunk()
+{
+ memMeterDel(pool->getMeter().alloc, pool->chunk_capacity);
+ memMeterDel(pool->getMeter().idle, pool->chunk_capacity);
+ pool->chunkCount--;
+ pool->allChunks.remove(this, memCompChunks);
+ xfree(objCache);
+}
+
+void
+MemPoolChunked::push(void *obj)
+{
+ void **Free;
+ /* XXX We should figure out a sane way of avoiding having to clear
+ * all buffers. For example data buffers such as used by MemBuf do
+ * not really need to be cleared.. There was a condition based on
+ * the object size here, but such condition is not safe.
+ */
+ if (doZeroOnPush)
+ memset(obj, 0, obj_size);
+ Free = (void **)obj;
+ *Free = freeCache;
+ freeCache = obj;
+ (void) VALGRIND_MAKE_MEM_NOACCESS(obj, obj_size);
+}
+
+/*
+ * Find a chunk with a free item.
+ * Create new chunk on demand if no chunk with frees found.
+ * Insert new chunk in front of lowest ram chunk, making it preferred in future,
+ * and resulting slow compaction towards lowest ram area.
+ */
+void *
+MemPoolChunked::get()
+{
+ void **Free;
+
+ saved_calls++;
+
+ /* first, try cache */
+ if (freeCache) {
+ Free = (void **)freeCache;
+ (void) VALGRIND_MAKE_MEM_DEFINED(Free, obj_size);
+ freeCache = *Free;
+ *Free = NULL;
+ return Free;
+ }
+ /* then try perchunk freelist chain */
+ if (nextFreeChunk == NULL) {
+ /* no chunk with frees, so create new one */
+ saved_calls--; // compensate for the ++ above
+ createChunk();
+ }
+ /* now we have some in perchunk freelist chain */
+ MemChunk *chunk = nextFreeChunk;
+
+ Free = (void **)chunk->freeList;
+ chunk->freeList = *Free;
+ *Free = NULL;
+ chunk->inuse_count++;
+ chunk->lastref = squid_curtime;
+
+ if (chunk->freeList == NULL) {
+ /* last free in this chunk, so remove us from perchunk freelist chain */
+ nextFreeChunk = chunk->nextFreeChunk;
+ }
+ (void) VALGRIND_MAKE_MEM_DEFINED(Free, obj_size);
+ return Free;
+}
+
+/* just create a new chunk and place it into a good spot in the chunk chain */
+void
+MemPoolChunked::createChunk()
+{
+ MemChunk *chunk, *newChunk;
+
+ newChunk = new MemChunk(this);
+
+ chunk = Chunks;
+ if (chunk == NULL) { /* first chunk in pool */
+ Chunks = newChunk;
+ return;
+ }
+ if (newChunk->objCache < chunk->objCache) {
+ /* we are lowest ram chunk, insert as first chunk */
+ newChunk->next = chunk;
+ Chunks = newChunk;
+ return;
+ }
+ while (chunk->next) {
+ if (newChunk->objCache < chunk->next->objCache) {
+ /* new chunk is in lower ram, insert here */
+ newChunk->next = chunk->next;
+ chunk->next = newChunk;
+ return;
+ }
+ chunk = chunk->next;
+ }
+ /* we are the worst chunk in chain, add as last */
+ chunk->next = newChunk;
+}
+
+void
+MemPoolChunked::setChunkSize(size_t chunksize)
+{
+ int cap;
+ size_t csize = chunksize;
+
+ if (Chunks) /* unsafe to tamper */
+ return;
+
+ csize = ((csize + MEM_PAGE_SIZE - 1) / MEM_PAGE_SIZE) * MEM_PAGE_SIZE; /* round up to page size */
+ cap = csize / obj_size;
+
+ if (cap < MEM_MIN_FREE)
+ cap = MEM_MIN_FREE;
+ if (cap * obj_size > MEM_CHUNK_MAX_SIZE)
+ cap = MEM_CHUNK_MAX_SIZE / obj_size;
+ if (cap > MEM_MAX_FREE)
+ cap = MEM_MAX_FREE;
+ if (cap < 1)
+ cap = 1;
+
+ csize = cap * obj_size;
+ csize = ((csize + MEM_PAGE_SIZE - 1) / MEM_PAGE_SIZE) * MEM_PAGE_SIZE; /* round up to page size */
+ cap = csize / obj_size;
+
+ chunk_capacity = cap;
+ chunk_size = csize;
+}
+
+/*
+ * warning: we do not clean this entry from Pools assuming destruction
+ * is used at the end of the program only
+ */
+MemPoolChunked::~MemPoolChunked()
+{
+ MemChunk *chunk, *fchunk;
+
+ flushMetersFull();
+ clean(0);
+ assert(meter.inuse.level == 0 && "While trying to destroy pool");
+
+ chunk = Chunks;
+ while ( (fchunk = chunk) != NULL) {
+ chunk = chunk->next;
+ delete fchunk;
+ }
+ /* TODO we should be doing something about the original Chunks pointer here. */
+
+}
+
+int
+MemPoolChunked::getInUseCount()
+{
+ return meter.inuse.level;
+}
+
+void *
+MemPoolChunked::allocate()
+{
+ void *p = get();
+ assert(meter.idle.level > 0);
+ memMeterDec(meter.idle);
+ memMeterInc(meter.inuse);
+ return p;
+}
+
+void
+MemPoolChunked::deallocate(void *obj, bool aggressive)
+{
+ push(obj);
+ assert(meter.inuse.level > 0);
+ memMeterDec(meter.inuse);
+ memMeterInc(meter.idle);
+}
+
+void
+MemPoolChunked::convertFreeCacheToChunkFreeCache()
+{
+ void *Free;
+ /*
+ * OK, so we have to go through all the global freeCache and find the Chunk
+ * any given Free belongs to, and stuff it into that Chunk's freelist
+ */
+
+ while ((Free = freeCache) != NULL) {
+ MemChunk *chunk = NULL;
+ chunk = const_cast<MemChunk *>(*allChunks.find(Free, memCompObjChunks));
+ assert(splayLastResult == 0);
+ assert(chunk->inuse_count > 0);
+ chunk->inuse_count--;
+ (void) VALGRIND_MAKE_MEM_DEFINED(Free, sizeof(void *));
+ freeCache = *(void **)Free; /* remove from global cache */
+ *(void **)Free = chunk->freeList; /* stuff into chunks freelist */
+ (void) VALGRIND_MAKE_MEM_NOACCESS(Free, sizeof(void *));
+ chunk->freeList = Free;
+ chunk->lastref = squid_curtime;
+ }
+
+}
+
+/* removes empty Chunks from pool */
+void
+MemPoolChunked::clean(time_t maxage)
+{
+ MemChunk *chunk, *freechunk, *listTail;
+ time_t age;
+
+ if (!this)
+ return;
+ if (!Chunks)
+ return;
+
+ flushMetersFull();
+ convertFreeCacheToChunkFreeCache();
+ /* Now we have all chunks in this pool cleared up, all free items returned to their home */
+ /* We start now checking all chunks to see if we can release any */
+ /* We start from Chunks->next, so first chunk is not released */
+ /* Recreate nextFreeChunk list from scratch */
+
+ chunk = Chunks;
+ while ((freechunk = chunk->next) != NULL) {
+ age = squid_curtime - freechunk->lastref;
+ freechunk->nextFreeChunk = NULL;
+ if (freechunk->inuse_count == 0)
+ if (age >= maxage) {
+ chunk->next = freechunk->next;
+ delete freechunk;
+ freechunk = NULL;
+ }
+ if (chunk->next == NULL)
+ break;
+ chunk = chunk->next;
+ }
+
+ /* Recreate nextFreeChunk list from scratch */
+ /* Populate nextFreeChunk list in order of "most filled chunk first" */
+ /* in case of equal fill, put chunk in lower ram first */
+ /* First (create time) chunk is always on top, no matter how full */
+
+ chunk = Chunks;
+ nextFreeChunk = chunk;
+ chunk->nextFreeChunk = NULL;
+
+ while (chunk->next) {
+ chunk->next->nextFreeChunk = NULL;
+ if (chunk->next->inuse_count < chunk_capacity) {
+ listTail = nextFreeChunk;
+ while (listTail->nextFreeChunk) {
+ if (chunk->next->inuse_count > listTail->nextFreeChunk->inuse_count)
+ break;
+ if ((chunk->next->inuse_count == listTail->nextFreeChunk->inuse_count) &&
+ (chunk->next->objCache < listTail->nextFreeChunk->objCache))
+ break;
+ listTail = listTail->nextFreeChunk;
+ }
+ chunk->next->nextFreeChunk = listTail->nextFreeChunk;
+ listTail->nextFreeChunk = chunk->next;
+ }
+ chunk = chunk->next;
+ }
+ /* We started from 2nd chunk. If first chunk is full, remove it */
+ if (nextFreeChunk->inuse_count == chunk_capacity)
+ nextFreeChunk = nextFreeChunk->nextFreeChunk;
+
+ return;
+}
+
+bool
+MemPoolChunked::idleTrigger(int shift) const
+{
+ return meter.idle.level > (chunk_capacity << shift);
+}
+
+/*
+ * Update MemPoolStats struct for single pool
+ */
+int
+MemPoolChunked::getStats(MemPoolStats * stats, int accumulate)
+{
+ MemChunk *chunk;
+ int chunks_free = 0;
+ int chunks_partial = 0;
+
+ if (!accumulate) /* need skip memset for GlobalStats accumulation */
+ memset(stats, 0, sizeof(MemPoolStats));
+
+ clean((time_t) 555555); /* don't want to get chunks released before reporting */
+
+ stats->pool = this;
+ stats->label = objectType();
+ stats->meter = &meter;
+ stats->obj_size = obj_size;
+ stats->chunk_capacity = chunk_capacity;
+
+ /* gather stats for each Chunk */
+ chunk = Chunks;
+ while (chunk) {
+ if (chunk->inuse_count == 0)
+ chunks_free++;
+ else if (chunk->inuse_count < chunk_capacity)
+ chunks_partial++;
+ chunk = chunk->next;
+ }
+
+ stats->chunks_alloc += chunkCount;
+ stats->chunks_inuse += chunkCount - chunks_free;
+ stats->chunks_partial += chunks_partial;
+ stats->chunks_free += chunks_free;
+
+ stats->items_alloc += meter.alloc.level;
+ stats->items_inuse += meter.inuse.level;
+ stats->items_idle += meter.idle.level;
+
+ stats->overhead += sizeof(MemPoolChunked) + chunkCount * sizeof(MemChunk) + strlen(objectType()) + 1;
+
+ return meter.inuse.level;
+}
--- /dev/null
+
+/*
+ * $Id$
+ *
+ * DEBUG: section 63 Low Level Memory Pool Management
+ * AUTHOR: Alex Rousskov, Andres Kroonmaa, Robert Collins, Henrik Nordstrom
+ *
+ * SQUID Internet Object Cache http://squid.nlanr.net/Squid/
+ * ----------------------------------------------------------
+ *
+ * Squid is the result of efforts by numerous individuals from the
+ * Internet community. Development is led by Duane Wessels of the
+ * National Laboratory for Applied Network Research and funded by the
+ * National Science Foundation. Squid is Copyrighted (C) 1998 by
+ * the Regents of the University of California. Please see the
+ * COPYRIGHT file for full details. Squid incorporates software
+ * developed and/or copyrighted by other sources. Please see the
+ * CREDITS file for full details.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ *
+ */
+
+
+#include "config.h"
+#if HAVE_ASSERT_H
+#include <assert.h>
+#endif
+
+#include "MemPoolMalloc.h"
+
+#if HAVE_STRING_H
+#include <string.h>
+#endif
+
+/*
+ * XXX This is a boundary violation between lib and src.. would be good
+ * if it could be solved otherwise, but left for now.
+ */
+extern time_t squid_curtime;
+
+void *
+MemPoolMalloc::allocate()
+{
+ void *obj = freelist.pop();
+ if (obj) {
+ memMeterDec(meter.idle);
+ saved_calls++;
+ } else {
+ obj = xcalloc(1, obj_size);
+ memMeterInc(meter.alloc);
+ }
+ memMeterInc(meter.inuse);
+ return obj;
+}
+
+void
+MemPoolMalloc::deallocate(void *obj, bool aggressive)
+{
+ memMeterDec(meter.inuse);
+ if (aggressive) {
+ xfree(obj);
+ memMeterDec(meter.alloc);
+ } else {
+ if (doZeroOnPush)
+ memset(obj, 0, obj_size);
+ memMeterInc(meter.idle);
+ freelist.push_back(obj);
+ }
+}
+
+/* TODO extract common logic to MemAllocate */
+int
+MemPoolMalloc::getStats(MemPoolStats * stats, int accumulate)
+{
+ if (!accumulate) /* need skip memset for GlobalStats accumulation */
+ memset(stats, 0, sizeof(MemPoolStats));
+
+ stats->pool = this;
+ stats->label = objectType();
+ stats->meter = &meter;
+ stats->obj_size = obj_size;
+ stats->chunk_capacity = 0;
+
+ stats->chunks_alloc += 0;
+ stats->chunks_inuse += 0;
+ stats->chunks_partial += 0;
+ stats->chunks_free += 0;
+
+ stats->items_alloc += meter.alloc.level;
+ stats->items_inuse += meter.inuse.level;
+ stats->items_idle += meter.idle.level;
+
+ stats->overhead += sizeof(MemPoolMalloc) + strlen(objectType()) + 1;
+
+ return meter.inuse.level;
+}
+
+int
+MemPoolMalloc::getInUseCount()
+{
+ return meter.inuse.level;
+}
+
+MemPoolMalloc::MemPoolMalloc(char const *aLabel, size_t aSize) : MemImplementingAllocator(aLabel, aSize)
+{
+}
+
+MemPoolMalloc::~MemPoolMalloc()
+{
+ assert(meter.inuse.level == 0 && "While trying to destroy pool");
+ clean(0);
+}
+
+bool
+MemPoolMalloc::idleTrigger(int shift) const
+{
+ return freelist.count >> (shift ? 8 : 0);
+}
+
+void
+MemPoolMalloc::clean(time_t maxage)
+{
+ while (void *obj = freelist.pop()) {
+ memMeterDec(meter.idle);
+ memMeterDec(meter.alloc);
+ xfree(obj);
+ }
+}
+
-
/*
* $Id$
*
*
*/
-/*
+/**
* CPU Profiling implementation.
*
+ * \par
* This library implements the Probes needed to gather stats.
* See src/ProfStats.c which implements historical recording and
* presentation in CacheMgr.cgi.
*
+ * \par
* For timing we prefer on-CPU ops that retrieve cpu ticks counter.
* For Intel, this is "rdtsc", which is 64-bit counter that virtually
* never wraps. For alpha, this is "rpcc" which is 32-bit counter and
* probename must be added to profiling.h into xprof_type enum list
* with prepended "XPROF_" string.
*
- * Description.
- * PROF gathers stats per probename into structures. It indexes these
+ * \section description Description.
+ * \par PROF
+ * gathers stats per probename into structures. It indexes these
* structures by enum type index in an array.
*
- * PROF records best, best, average and worst values for delta time,
+ * \par PROF
+ * records best, best, average and worst values for delta time,
* also, if UNACCED is defined, it measures "empty" time during which
* no probes are in measuring state. This allows to see time "unaccounted"
* for. If OVERHEAD is defined, additional calculations are made at every
* probe to measure approximate overhead of the probe code itself.
*
+ * \par
* Probe data is stored in linked-list, so the more probes you define,
* the more overhead is added to find the deepest nested probe. To reduce
* average overhead, linked list is manipulated each time PR_start is
* fast and frequent sections of code, we want to reduce this overhead
* to absolute minimum possible.
*
+ * \par
* For actual measurements, probe overhead cancels out mostly. Still,
* do not take the measured times as facts, they should be viewed in
* relative comparison to overall CPU time and on the same platform.
*
+ * \par
* Every 1 second, Event within squid is called that parses gathered
* statistics of every probe, and accumulates that into historical
* structures for last 1,5,30 secs, 1,5,30 mins, and 1,5 and 24 hours.
* Each second active probe stats are reset, and only historical data
* is presented in cachemgr output.
*
- * Reading stats.
+ * \section reading Reading stats.
+ * \par
* "Worst case" may be misleading. Anything can happen at any section
* of code that could delay reaching to probe stop. For eg. system may
* need to service interrupt routine, task switch could occur, or page
* in given section of code, and its average completion time. This data
* could be used to detect bottlenecks withing squid and optimise them.
*
+ * \par
* TOTALS are quite off reality. Its there just to summarise cumulative
* times and percent column. Percent values over 100% shows that there
* have been some probes nested into each other.
*
*/
-#include "profiling.h"
+#define SQUID_NO_ALLOC_PROTECT 1
+#include "config.h"
-#include <assert.h>
+/* This include needs to be BELOW config, as it may undef USE_XPROF_STATS */
+#include "profiling.h"
-#ifdef USE_XPROF_STATS
+#if USE_XPROF_STATS
+#if HAVE_ASSERT_H
+#include <assert.h>
+#endif
#if HAVE_GNUMALLLOC_H
#include <gnumalloc.h>
#elif HAVE_MALLOC_H
* hack by Martin Hamilton <martinh@gnu.org> to make Squid build on
* Win32 with GNU-Win32 - sorry, folks! */
-#ifndef HAVE_DRAND48
+#if !HAVE_DRAND48
#define N 16
#define MASK ((unsigned)(1 << (N - 1)) + (1 << (N - 1)) - 1)
/*
* Squid Change History:
*
- * 2009-10-16 : import eui64_ntoa() function from NetBSD eui64.c
+ * 2009-10-16 : import eui64_aton() function from NetBSD eui64.c
*/
/* $NetBSD: eui64.c,v 1.1 2005/07/11 15:35:25 kiyohara Exp $ */
* Columbia University, New York City
*/
-#include <stdio.h>
-#include "eui64_aton.h"
+#include "config.h"
+#include "compat/eui64_aton.h"
+#if HAVE_STDIO_H
+#include <stdio.h>
+#endif
/*
* Convert an ASCII representation of an EUI-64 to binary form.
/* An emulation of the RFC 2553 / Posix getaddrinfo resolver interface.
*/
-#ifndef HAVE_GETADDRINFO
+#if !HAVE_GETADDRINFO
/* Need to turn off Posix features in glibc to build this */
#undef _POSIX_C_SOURCE
#undef _XOPEN_SOURCE
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
+#include "compat/getaddrinfo.h"
+#include "compat/inet_pton.h"
+
#if HAVE_STRING_H
#include <string.h>
#endif
#if HAVE_ERRNO_H
#include <errno.h>
#endif
-
#if HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#include <ws2tcpip.h>
#endif
-#include "getaddrinfo.h"
-#include "inet_pton.h"
-
static struct addrinfo *
dup_addrinfo (struct addrinfo *info, void *addr, size_t addrlen) {
struct addrinfo *ret;
return (*res == NULL) ? EAI_MEMORY : 0;
}
- /* If AI_NUMERIC is specified, use xinet_pton to translate numbers and
+ /* If AI_NUMERIC is specified, use inet_pton to translate numbers and
dots notation. */
if (hints->ai_flags & AI_NUMERICHOST) {
struct sockaddr_in sin;
sin.sin_family = result.ai_family;
sin.sin_port = htons (port);
- if (xinet_pton(result.ai_family, nodename, &sin.sin_addr))
+ if (inet_pton(result.ai_family, nodename, &sin.sin_addr))
return EAI_NONAME;
sin.sin_addr.s_addr = inet_addr (nodename);
/* Duplicate result and addr and return */
*/
#include "getfullhostname.h"
-#if 0 /* we SHOULD NOT need ALL these here. */
-#if HAVE_LIBC_H
-#include <libc.h>
-#endif
-#if HAVE_STDIO_H
-#include <stdio.h>
-#endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-#if HAVE_STRING_H
-#include <string.h>
-#endif
-#if HAVE_SYS_PARAM_H
-#include <sys/param.h>
-#endif
-#if HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#if HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#if HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#if HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-
-#endif // 0
-
#if HAVE_UNISTD_H
/* for gethostname() function */
#include <unistd.h>
#endif
-#if HAVE_NETDB_H && !defined(_SQUID_NETDB_H_) /* protect on NEXTSTEP */
-#define _SQUID_NETDB_H_
+#if HAVE_NETDB_H
/* for gethostbyname() */
#include <netdb.h>
#endif
/* for RFC 2181 constants */
#include "rfc2181.h"
-/* for xstrncpy() - may need breakign out of there. */
+/* for xstrncpy() - may need breaking out of there. */
#include "util.h"
/**
if (gethostname(buf, RFC2181_MAXHOSTNAMELEN) < 0)
return NULL;
- /** \todo convert this to a xgetaddrinfo() call */
+ /** \todo convert this to a getaddrinfo() call */
if ((hp = gethostbyname(buf)) != NULL)
xstrncpy(buf, hp->h_name, RFC2181_MAXHOSTNAMELEN);
return buf;
* - gethostbyaddr() is usually not thread safe.
*/
-#ifndef HAVE_GETNAMEINFO
+#if !HAVE_GETNAMEINFO
+
+#include "compat/inet_ntop.h"
+#include "compat/getaddrinfo.h"
-#if HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
#if HAVE_STDIO_H
#include <stdio.h>
#endif
#include <inttypes.h>
#endif
-#ifdef _SQUID_MSWIN_
+#if _SQUID_MSWIN_
#undef IN_ADDR
#include <ws2tcpip.h>
#endif
-#include "getaddrinfo.h"
-
-#if !HAVE_INET_NTOP
-#include "inet_ntop.h"
-#endif
-
static const struct afd {
int a_af;
int a_addrlen;
int a_off;
int a_portoff;
} afdl [] = {
-#ifdef INET6
+#if INET6
{PF_INET6, sizeof(struct in6_addr), sizeof(struct sockaddr_in6),
offsetof(struct sockaddr_in6, sin6_addr),
offsetof(struct sockaddr_in6, sin6_port)},
{0, 0, 0, 0, 0},
};
-#ifdef INET6
+#if INET6
static int ip6_parsenumeric __P((const struct sockaddr *, const char *, char *,
size_t, int));
static int ip6_sa2str __P((const struct sockaddr_in6 *, char *, size_t, int));
if (sa == NULL)
return EAI_FAIL;
-#ifdef HAVE_SA_LEN /*XXX*/
+#if HAVE_SA_LEN /*XXX*/
if (sa->sa_len != salen)
return EAI_FAIL;
#endif
if (v4a == 0)
flags |= NI_NUMERICHOST;
break;
-#ifdef INET6
+#if INET6
case AF_INET6: {
const struct sockaddr_in6 *sin6;
sin6 = (const struct sockaddr_in6 *)sa;
goto numeric;
} else {
-#ifdef USE_GETIPNODEBY
+#if USE_GETIPNODEBY
hp = getipnodebyaddr(addr, afd->a_addrlen, afd->a_af, &h_error);
#else
hp = gethostbyaddr(addr, afd->a_addrlen, afd->a_af);
-#ifdef HAVE_H_ERRNO
+#if HAVE_H_ERRNO
h_error = h_errno;
#else
h_error = EINVAL;
}
#endif
if (strlen(hp->h_name) + 1 > hostlen) {
-#ifdef USE_GETIPNODEBY
+#if USE_GETIPNODEBY
freehostent(hp);
#endif
return EAI_OVERFLOW;
}
strncpy(host, hp->h_name, hostlen);
-#ifdef USE_GETIPNODEBY
+#if USE_GETIPNODEBY
freehostent(hp);
#endif
} else {
numeric:
switch (afd->a_af) {
-#ifdef INET6
+#if INET6
case AF_INET6: {
int error;
}
#endif
default:
- if (xinet_ntop(afd->a_af, addr, host,
- hostlen) == NULL)
+ if (inet_ntop(afd->a_af, addr, host,
+ hostlen) == NULL)
return EAI_SYSTEM;
break;
}
return(0);
}
-#ifdef INET6
+#if INET6
static int
ip6_parsenumeric(sa, addr, host, hostlen, flags)
const struct sockaddr *sa;
int numaddrlen;
char numaddr[512];
- if (xinet_ntop(AF_INET6, addr, numaddr, sizeof(numaddr)) == NULL)
+ if (inet_ntop(AF_INET6, addr, numaddr, sizeof(numaddr)) == NULL)
return EAI_SYSTEM;
numaddrlen = strlen(numaddr);
ifindex = (unsigned int)sa6->sin6_scope_id;
a6 = &sa6->sin6_addr;
-#ifdef NI_NUMERICSCOPE
+#if NI_NUMERICSCOPE
if ((flags & NI_NUMERICSCOPE) != 0) {
n = snprintf(buf, bufsiz, "%u", sa6->sin6_scope_id);
if (n < 0 || n >= bufsiz)
/*
* $Id$
*
- * DEBUG: section 0 Hash Tables
+ * DEBUG: section 00 Hash Tables
* AUTHOR: Harvest Derived
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
}
-#ifdef USE_HASH_DRIVER
+#if USE_HASH_DRIVER
/*
* hash-driver - Run with a big file as stdin to insert each line into the
* hash table, then prints the whole hash table, then deletes a random item,
#include "config.h"
-#ifndef HAVE_INET_NTOP
+#if !HAVE_INET_NTOP
#include "inet_ntop.h"
/*
#include "config.h"
-#ifndef HAVE_INET_PTON
+#if !HAVE_INET_PTON
/*
* Copyright (c) 2004 by Internet Systems Consortium, Inc. ("ISC")
#include "config.h"
+#include "compat/initgroups.h"
#if HAVE_GRP_H
#include <grp.h>
#endif
-#if HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
#if HAVE_LIMITS_H
#include <limits.h>
#endif
-#if !HAVE_INITGROUPS
-#include "initgroups.h"
-#endif
int initgroups(const char *name, gid_t basegid)
{
-#ifdef HAVE_SETGROUPS
+#if HAVE_SETGROUPS
#ifndef NGROUPS_MAX
#define NGROUPS_MAX 16
#endif
-/*
- * $Id$
- */
-
#include "config.h"
#include "util.h"
#if HAVE_CTYPE_H
#include <ctype.h>
#endif
-#if HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
#if HAVE_TIME_H
#include <time.h>
#endif
-#if HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
#define ASCII_DIGIT(c) ((c)-48)
TRIE_CXXFLAGS=
fi
-AC_TEST_CHECKFORHUGEOBJECTS
-TRIE_CXXFLAGS="$TRIE_CXXFLAGS $HUGE_OBJECT_FLAG"
+if test "$GCC" = "yes" ; then
+ AC_TEST_CHECKFORHUGEOBJECTS
+ TRIE_CXXFLAGS="$TRIE_CXXFLAGS $HUGE_OBJECT_FLAG"
+fi
AC_SUBST(TRIE_CFLAGS)
AC_SUBST(TRIE_CXXFLAGS)
* bindings. libtrie itself is written in C++.
*/
-#ifdef HAVE_CONFIG_H
+#if HAVE_CONFIG_H
#include "config.h"
#endif
* For C bindings see Trie.h
*/
-#ifdef HAVE_CONFIG_H
+#if HAVE_CONFIG_H
#include "config.h"
#endif
#ifdef __cplusplus
#include "TrieNode.h"
#include "TrieCharTransform.h"
-#ifdef HAVE_UNISTD_H
+#if HAVE_UNISTD_H
#include <unistd.h>
#endif
#include <ctype.h>
* For C bindings see Trei.h
*/
-#ifdef HAVE_CONFIG_H
+#if HAVE_CONFIG_H
#include "config.h"
#endif
*/
#include "Trie.h"
-#ifdef HAVE_UNISTD_H
+#if HAVE_UNISTD_H
#include <unistd.h>
#endif
#include "TrieNode.h"
#include "TrieNode.h"
#include "TrieCharTransform.h"
-#ifdef HAVE_UNISTD_H
+#if HAVE_UNISTD_H
#include <unistd.h>
#endif
+++ /dev/null
-/*
- * $Id$
- *
- * * * * * * * * Legal stuff * * * * * * *
- *
- * (C) 2000 Francesco Chemolli <kinkie@kame.usr.dsi.unimi.it>,
- * inspired by previous work by Andrew Doran <ad@interlude.eu.org>.
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
- *
- */
-
-#include "config.h"
-
-#ifdef HAVE_STRING_H
-#include <string.h>
-#endif
-#ifdef HAVE_STRINGS_H
-#include <strings.h>
-#endif
-
-#include "ntlmauth.h"
-#include "squid_endian.h"
-#include "util.h" /* for base64-related stuff */
-
-#if UNUSED_CODE
-/* Dumps NTLM flags to standard error for debugging purposes */
-void
-ntlm_dump_ntlmssp_flags(u_int32_t flags)
-{
- fprintf(stderr, "flags: %s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s\n",
- (flags & NEGOTIATE_UNICODE ? "Unicode " : ""),
- (flags & NEGOTIATE_ASCII ? "ASCII " : ""),
- (flags & NEGOTIATE_REQUEST_TARGET ? "ReqTgt " : ""),
- (flags & NEGOTIATE_REQUEST_SIGN ? "ReqSign " : ""),
- (flags & NEGOTIATE_REQUEST_SEAL ? "ReqSeal " : ""),
- (flags & NEGOTIATE_DATAGRAM_STYLE ? "Dgram " : ""),
- (flags & NEGOTIATE_USE_LM ? "UseLM " : ""),
- (flags & NEGOTIATE_USE_NETWARE ? "UseNW " : ""),
- (flags & NEGOTIATE_USE_NTLM ? "UseNTLM " : ""),
- (flags & NEGOTIATE_DOMAIN_SUPPLIED ? "HaveDomain " : ""),
- (flags & NEGOTIATE_WORKSTATION_SUPPLIED ? "HaveWKS " : ""),
- (flags & NEGOTIATE_THIS_IS_LOCAL_CALL ? "LocalCall " : ""),
- (flags & NEGOTIATE_ALWAYS_SIGN ? "AlwaysSign " : ""),
- (flags & CHALLENGE_TARGET_IS_DOMAIN ? "Tgt_is_domain" : ""),
- (flags & CHALLENGE_TARGET_IS_SERVER ? "Tgt_is_server " : ""),
- (flags & CHALLENGE_TARGET_IS_SHARE ? "Tgt_is_share " : ""),
- (flags & REQUEST_INIT_RESPONSE ? "Req_init_response " : ""),
- (flags & REQUEST_ACCEPT_RESPONSE ? "Req_accept_response " : ""),
- (flags & REQUEST_NON_NT_SESSION_KEY ? "Req_nonnt_sesskey " : "")
- );
-}
-
-#endif
-
-#define lstring_zero(s) s.str=NULL; s.l=-1;
-
-/* fetches a string from the authentication packet.
- * The lstring data-part points to inside the packet itself.
- * It's up to the user to memcpy() that if the value needs to
- * be used in any way that requires a tailing \0. (he can check whether the
- * value is there though, in that case lstring.length==-1).
- */
-lstring
-ntlm_fetch_string(char *packet, int32_t length, strhdr * str)
-{
- int16_t l; /* length */
- int32_t o; /* offset */
- lstring rv;
-
- lstring_zero(rv);
-
- l = le16toh(str->len);
- o = le32toh(str->offset);
- /* debug("fetch_string(plength=%d,l=%d,o=%d)\n",length,l,o); */
-
- if (l < 0 || l > MAX_FIELD_LENGTH || o + l > length || o == 0) {
- /* debug("ntlmssp: insane data (l: %d, o: %d)\n", l,o); */
- return rv;
- }
- rv.str = packet + o;
- rv.l = l;
-
- return rv;
-}
-
-/* Adds something to the payload. The caller must guarrantee that
- * there is enough space in the payload string to accommodate the
- * added value.
- * payload_length and hdr will be modified as a side-effect.
- * base_offset is the payload offset from the packet's beginning, and is
- */
-void
-ntlm_add_to_payload(char *payload, int *payload_length,
- strhdr * hdr, char *toadd,
- int toadd_length, int base_offset)
-{
-
- int l = (*payload_length);
- memcpy(payload + l, toadd, toadd_length);
-
- hdr->len = htole16(toadd_length);
- hdr->maxlen = htole16(toadd_length);
- hdr->offset = htole32(l + base_offset); /* 48 is the base offset of the payload */
- (*payload_length) += toadd_length;
-}
-
-
-/* prepares a base64-encode challenge packet to be sent to the client
- * note: domain should be upper_case
- * note: the storage type for the returned value depends on
- * base64_encode_bin. Currently this means static storage.
- */
-const char *
-ntlm_make_challenge(char *domain, char *domain_controller,
- char *challenge_nonce, int challenge_nonce_len)
-{
- ntlm_challenge ch;
- int pl = 0;
- const char *encoded;
- memset(&ch, 0, sizeof(ntlm_challenge)); /* reset */
- memcpy(ch.signature, "NTLMSSP", 8); /* set the signature */
- ch.type = htole32(NTLM_CHALLENGE); /* this is a challenge */
- ntlm_add_to_payload(ch.payload, &pl, &ch.target, domain, strlen(domain),
- NTLM_CHALLENGE_HEADER_OFFSET);
- ch.flags = htole32(
- REQUEST_NON_NT_SESSION_KEY |
- CHALLENGE_TARGET_IS_DOMAIN |
- NEGOTIATE_ALWAYS_SIGN |
- NEGOTIATE_USE_NTLM |
- NEGOTIATE_USE_LM |
- NEGOTIATE_ASCII |
- 0
- );
- ch.context_low = 0; /* check this out */
- ch.context_high = 0;
- memcpy(ch.challenge, challenge_nonce, challenge_nonce_len);
- encoded = base64_encode_bin((char *) &ch, NTLM_CHALLENGE_HEADER_OFFSET + pl);
- return encoded;
-}
-
/*
* $Id$
*
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
#if HAVE_MEMORY_H
#include <memory.h>
#endif
-#if HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
#if HAVE_ASSERT_H
#include <assert.h>
#endif
-int rfc1035_errno;
-const char *rfc1035_error_message;
-
/*
* rfc1035HeaderPack()
*
return 0;
}
-static void
-rfc1035SetErrno(int n)
+const char *
+rfc1035ErrorMessage(int n)
{
- switch (rfc1035_errno = n) {
+ if (n < 0)
+ n = -n;
+ switch (n) {
case 0:
- rfc1035_error_message = "No error condition";
+ return "No error condition";
break;
case 1:
- rfc1035_error_message = "Format Error: The name server was "
- "unable to interpret the query.";
+ return "Format Error: The name server was "
+ "unable to interpret the query.";
break;
case 2:
- rfc1035_error_message = "Server Failure: The name server was "
- "unable to process this query.";
+ return "Server Failure: The name server was "
+ "unable to process this query.";
break;
case 3:
- rfc1035_error_message = "Name Error: The domain name does "
- "not exist.";
+ return "Name Error: The domain name does "
+ "not exist.";
break;
case 4:
- rfc1035_error_message = "Not Implemented: The name server does "
- "not support the requested kind of query.";
+ return "Not Implemented: The name server does "
+ "not support the requested kind of query.";
break;
case 5:
- rfc1035_error_message = "Refused: The name server refuses to "
- "perform the specified operation.";
+ return "Refused: The name server refuses to "
+ "perform the specified operation.";
break;
case rfc1035_unpack_error:
- rfc1035_error_message = "The DNS reply message is corrupt or could "
- "not be safely parsed.";
+ return "The DNS reply message is corrupt or could "
+ "not be safely parsed.";
break;
default:
- rfc1035_error_message = "Unknown Error";
+ return "Unknown Error";
break;
}
}
msg = (rfc1035_message*)xcalloc(1, sizeof(*msg));
if (rfc1035HeaderUnpack(buf + off, sz - off, &off, msg)) {
RFC1035_UNPACK_DEBUG;
- rfc1035SetErrno(rfc1035_unpack_error);
xfree(msg);
return -rfc1035_unpack_error;
}
- rfc1035_errno = 0;
- rfc1035_error_message = NULL;
i = (unsigned int) msg->qdcount;
if (i != 1) {
/* This can not be an answer to our queries.. */
RFC1035_UNPACK_DEBUG;
- rfc1035SetErrno(rfc1035_unpack_error);
xfree(msg);
return -rfc1035_unpack_error;
}
for (j = 0; j < i; j++) {
if (rfc1035QueryUnpack(buf, sz, &off, &querys[j])) {
RFC1035_UNPACK_DEBUG;
- rfc1035SetErrno(rfc1035_unpack_error);
rfc1035MessageDestroy(&msg);
return -rfc1035_unpack_error;
}
*answer = msg;
if (msg->rcode) {
RFC1035_UNPACK_DEBUG;
- rfc1035SetErrno((int) msg->rcode);
- return -rfc1035_errno;
+ return -msg->rcode;
}
if (msg->ancount == 0)
return 0;
*/
rfc1035MessageDestroy(&msg);
*answer = NULL;
- rfc1035SetErrno(rfc1035_unpack_error);
return -rfc1035_unpack_error;
}
return nr;
#if DRIVER
#include <sys/socket.h>
-#include <sys/time.h>
int
main(int argc, char *argv[])
{
&answers,
&rid);
if (n < 0) {
- printf("ERROR %d\n", rfc1035_errno);
+ printf("ERROR %d\n", -n);
} else if (rid != sid) {
printf("ERROR, ID mismatch (%#hx, %#hx)\n", sid, rid);
} else {
-
/*
* $Id$
*
#if HAVE_STDIO_H
#include <stdio.h>
#endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
#if HAVE_STRING_H
#include <string.h>
#endif
#if HAVE_CTYPE_H
#include <ctype.h>
#endif
-#if HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
#if HAVE_TIME_H
#include <time.h>
#endif
-#if HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
-
#include "util.h"
#define RFC850_STRFTIME "%A, %d-%b-%y %H:%M:%S GMT"
if (!tm)
return -1;
tm->tm_isdst = -1;
-#ifdef HAVE_TIMEGM
+#if HAVE_TIMEGM
t = timegm(tm);
#elif HAVE_TM_TM_GMTOFF
t = mktime(tm);
struct tm *gmt = gmtime(t);
-#ifndef USE_GMT
+#if !USE_GMT
int gmt_min, gmt_hour, gmt_yday, day_offset;
size_t len;
struct tm *lt;
* allocated - KA */
if (do_escape == 1) {
- (void) sprintf(q, "%%%02X", (unsigned char) *p);
+ (void) snprintf(q, (bufsize-(p-buf)), "%%%02X", (unsigned char) *p);
q += sizeof(char) * 2;
} else {
*q = *p;
return (buf);
}
-#if 0 /* legacy API */
/*
- * rfc1738_escape - Returns a static buffer that contains the RFC
- * 1738 compliant, escaped version of the given url.
+ * Converts a ascii hex code into a binary character.
*/
-char *
-rfc1738_escape(const char *url)
-{
- return rfc1738_do_escape(url, 0);
-}
-
-/*
- * rfc1738_escape_unescaped - Returns a static buffer that contains
- * the RFC 1738 compliant, escaped version of the given url.
- */
-char *
-rfc1738_escape_unescaped(const char *url)
-{
- return rfc1738_do_escape(url, -1);
-}
-
-/*
- * rfc1738_escape_part - Returns a static buffer that contains the
- * RFC 1738 compliant, escaped version of the given url segment.
- */
-char *
-rfc1738_escape_part(const char *url)
-{
- return rfc1738_do_escape(url, 1);
-}
-#endif /* 0 */
-
-/*
- * rfc1738_unescape() - Converts escaped characters (%xy numbers) in
- * given the string. %% is a %. %ab is the 8-bit hexadecimal number "ab"
- */
-static inline int
+static int
fromhex(char ch)
{
if (ch >= '0' && ch <= '9')
return -1;
}
+/*
+ * rfc1738_unescape() - Converts escaped characters (%xy numbers) in
+ * given the string. %% is a %. %ab is the 8-bit hexadecimal number "ab"
+ */
void
rfc1738_unescape(char *s)
{
j++; /* Skip % */
} else {
/* decode */
- char v1, v2;
- int x;
+ int v1, v2, x;
v1 = fromhex(s[j + 1]);
if (v1 < 0)
continue; /* non-hex or \0 */
-
/*
* $Id$
*
*/
#include "config.h"
+#include "compat/inet_pton.h"
#include "util.h"
#if HAVE_STDIO_H
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
#if HAVE_MEMORY_H
#include <memory.h>
#endif
-#if HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
#if HAVE_ASSERT_H
#include <assert.h>
#endif
* \return the size of the query
*/
ssize_t
-
rfc3596BuildPTRQuery4(const struct in_addr addr, char *buf, size_t sz, unsigned short qid, rfc1035_query * query)
{
static char rev[RFC1035_MAXHOSTNAMESZ];
}
ssize_t
-
rfc3596BuildPTRQuery6(const struct in6_addr addr, char *buf, size_t sz, unsigned short qid, rfc1035_query * query)
{
static char rev[RFC1035_MAXHOSTNAMESZ];
const uint8_t* r = addr.s6_addr;
char* p = rev;
- int i; // NP: MUST allow signed for loop termination.
+ int i; /* NP: MUST allow signed for loop termination. */
/* work from the raw addr field. anything else may have representation changes. */
/* The sin6_port and sin6_addr members shall be in network byte order. */
# undef main(a,b)
#include <sys/socket.h>
-#include <sys/time.h>
int
main(int argc, char *argv[])
((struct sockaddr_in6 *)S)->sin6_family = AF_INET6;
((struct sockaddr_in6 *)S)->sin6_port = htons(atoi(argv[var+1]));
- if ( ! xinet_pton(AF_INET6, argv[var], &((struct sockaddr_in6 *)S)->sin6_addr.s_addr) )
+ if ( ! inet_pton(AF_INET6, argv[var], &((struct sockaddr_in6 *)S)->sin6_addr.s_addr) )
perror("listen address");
return 1;
}
((struct sockaddr_in *)S)->sin_family = AF_INET;
((struct sockaddr_in *)S)->sin_port = htons(atoi(argv[var+1]));
- if ( ! xinet_pton(AF_INET, argv[var], &((struct sockaddr_in *)S)->sin_addr.s_addr) )
+ if ( ! inet_pton(AF_INET, argv[var], &((struct sockaddr_in *)S)->sin_addr.s_addr) )
perror("listen address");
return 1;
}
memset(buf, '\0', 512);
sz = 512;
- if (xinet_pton(AF_INET6, input, &junk6)) {
+ if (inet_pton(AF_INET6, input, &junk6)) {
sid = rfc1035BuildPTRQuery6(junk6, buf, &sz);
sidb=0;
- } else if (xinet_pton(AF_INET, input, &junk4)) {
+ } else if (inet_pton(AF_INET, input, &junk4)) {
sid = rfc1035BuildPTRQuery4(junk4, buf, &sz);
sidb=0;
} else {
&rid);
if (n < 0) {
- printf("ERROR %d\n", rfc1035_errno);
+ printf("ERROR %d\n", -n);
} else if (rid != sid && rid != sidb) {
printf("ERROR, ID mismatch (%#hx, %#hx)\n", sid, rid);
printf("ERROR, ID mismatch (%#hx, %#hx)\n", sidb, rid);
#include "util.h"
-#include "ntlmauth.h"
+#include "libntlmauth/ntlmauth.h"
#include "sspwin32.h"
typedef struct _AUTH_SEQ {
#endif
extern int sys_nerr;
-#if NEED_SYS_ERRLIST && !defined(_SQUID_NETBSD_)
+
+#if NEED_SYS_ERRLIST
extern char *sys_errlist[];
#endif
-/*
- * $Id$
- */
-
/* Copyright (C) 2004 Free Software Foundation, Inc.
* Written by Yoann Vandoorselaere <yoann@prelude-ids.org>
*
* USA.
*/
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-/* Specification. */
-#include "strsep.h"
+#include "config.h"
+#include "compat/strsep.h"
#include <string.h>
char *
-strsep (char **stringp, const char *delim)
+strsep(char **stringp, const char *delim)
{
char *start = *stringp;
char *ptr;
/* modified for long long <mgd@swarm.org> 1999-08-12 */
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
+#include "config.h"
+#include "compat/strtoll.h"
+
#if HAVE_CTYPE_H
#include <ctype.h>
#endif
#include <errno.h>
#endif
-/* Specification. */
-#include "strtoll.h"
-
#ifndef INT64_MIN
/* Native 64 bit system without strtoll() */
-/*
- * $Id$
- */
-
/* A reasonably functional tmpnam. */
/* Originally by Tom Hageman, tom@basil.icce.rug.nl */
*/
#include "config.h"
+#include "compat/tempnam.h"
#if HAVE_LIBC_H
#include <libc.h>
#if HAVE_STDIO_H
#include <stdio.h>
#endif
-#if HAVE_TYPES_H
-#include <sys/types.h>
-#endif
#if HAVE_LIMITS_H
#include <limits.h>
#endif
+#define SQUID_UNIT_TEST 1
#include "config.h"
#if HAVE_ASSERT_H
+#define SQUID_UNIT_TEST 1
#include "config.h"
#if HAVE_ASSERT_H
/* Test the MessageUnpack function itself */
res = rfc1035MessageUnpack(buf, len, &msg);
- CPPUNIT_ASSERT_EQUAL((const char*)NULL, rfc1035_error_message);
CPPUNIT_ASSERT_EQUAL(1, res);
CPPUNIT_ASSERT(msg != NULL);
rfc1035MessageDestroy(&msg);
/* Test the MessageUnpack function itself */
res = rfc1035MessageUnpack(buf, len, &msg);
- CPPUNIT_ASSERT(rfc1035_error_message != NULL);
- CPPUNIT_ASSERT(0 == memcmp("The DNS reply message is corrupt or could not be safely parsed.", rfc1035_error_message, 63));
+ CPPUNIT_ASSERT(0 == memcmp("The DNS reply message is corrupt or could not be safely parsed.", rfc1035ErrorMessage(res), 63));
CPPUNIT_ASSERT(res < 0);
CPPUNIT_ASSERT(msg == NULL);
}
+#define SQUID_UNIT_TEST 1
#include "config.h"
#if HAVE_ASSERT_H
-
/*
* $Id$
*
#define _etext etext
+/* NP: this file is where the memory allocators are defined. */
+#define SQUID_NO_ALLOC_PROTECT 1
+
#include "config.h"
#include "profiling.h"
#if HAVE_STDIO_H
#include <stdio.h>
#endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
#if HAVE_STRING_H
#include <string.h>
#endif
return 0;
}
-#ifndef HAVE_GETTIMEOFDAY
+#if !HAVE_GETTIMEOFDAY
int
gettimeofday(struct timeval *pcur_time, void *tzp)
{
#include "profiling.h"
#include "xusleep.h"
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
-#if HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
-#if HAVE_SYS_SELECT_H
-#include <sys/select.h>
-#endif
-
-/*
+/**
* xusleep, as usleep but accepts longer pauses
*/
int
--- /dev/null
+include $(top_srcdir)/src/Common.am
+include $(top_srcdir)/src/TestHeaders.am
+
+noinst_LIBRARIES = libntlmauth.a
+
+libntlmauth_a_SOURCES = \
+ ntlmauth.cc \
+ ntlmauth.h \
+ rfcnb.h \
+ rfcnb-io.c \
+ rfcnb-priv.h \
+ rfcnb-session.c \
+ rfcnb-util.c \
+ smb-byteorder.h \
+ smb-des.c \
+ smb-des.h \
+ smb-encrypt.c \
+ smb.h \
+ smblib.c \
+ smblib-priv.h \
+ smblib-util.c \
+ smblmauth.c \
+ smblmauth.h \
+ smb-md4.c \
+ smb-md4.h \
+ support_bits.cci
--- /dev/null
+/*
+ * $Id$
+ *
+ * AUTHOR: Francesco Chemolli <kinkie@kame.usr.dsi.unimi.it>
+ * AUTHOR: Guido Serassio: <guido.serassio@acmeconsulting.it>
+ * AUTHOR: Amos Jeffries <squid3@treenet.co.nz>
+ *
+ * * * * * * * * Legal stuff * * * * * * *
+ *
+ * (C) 2000 Francesco Chemolli <kinkie@kame.usr.dsi.unimi.it>,
+ * inspired by previous work by Andrew Doran <ad@interlude.eu.org>.
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ *
+ */
+
+#include "config.h"
+
+#if HAVE_STRING_H
+#include <string.h>
+#endif
+#if HAVE_STRINGS_H
+#include <strings.h>
+#endif
+
+#include "libntlmauth/ntlmauth.h"
+#include "util.h" /* for base64-related stuff */
+
+/* ************************************************************************* */
+/* DEBUG functions */
+/* ************************************************************************* */
+
+/** Dumps NTLM flags to standard error for debugging purposes */
+void
+ntlm_dump_ntlmssp_flags(u_int32_t flags)
+{
+ fprintf(stderr, "flags: %s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s\n",
+ (flags & NTLM_NEGOTIATE_UNICODE ? "Unicode " : ""),
+ (flags & NTLM_NEGOTIATE_ASCII ? "ASCII " : ""),
+ (flags & NTLM_NEGOTIATE_REQUEST_TARGET ? "ReqTgt " : ""),
+ (flags & NTLM_NEGOTIATE_REQUEST_SIGN ? "ReqSign " : ""),
+ (flags & NTLM_NEGOTIATE_REQUEST_SEAL ? "ReqSeal " : ""),
+ (flags & NTLM_NEGOTIATE_DATAGRAM_STYLE ? "Dgram " : ""),
+ (flags & NTLM_NEGOTIATE_USE_LM ? "UseLM " : ""),
+ (flags & NTLM_NEGOTIATE_USE_NETWARE ? "UseNW " : ""),
+ (flags & NTLM_NEGOTIATE_USE_NTLM ? "UseNTLM " : ""),
+ (flags & NTLM_NEGOTIATE_DOMAIN_SUPPLIED ? "HaveDomain " : ""),
+ (flags & NTLM_NEGOTIATE_WORKSTATION_SUPPLIED ? "HaveWKS " : ""),
+ (flags & NTLM_NEGOTIATE_THIS_IS_LOCAL_CALL ? "LocalCall " : ""),
+ (flags & NTLM_NEGOTIATE_ALWAYS_SIGN ? "AlwaysSign " : ""),
+ (flags & NTLM_CHALLENGE_TARGET_IS_DOMAIN ? "Tgt_is_domain" : ""),
+ (flags & NTLM_CHALLENGE_TARGET_IS_SERVER ? "Tgt_is_server " : ""),
+ (flags & NTLM_CHALLENGE_TARGET_IS_SHARE ? "Tgt_is_share " : ""),
+ (flags & NTLM_REQUEST_INIT_RESPONSE ? "Req_init_response " : ""),
+ (flags & NTLM_REQUEST_ACCEPT_RESPONSE ? "Req_accept_response " : ""),
+ (flags & NTLM_REQUEST_NON_NT_SESSION_KEY ? "Req_nonnt_sesskey " : "")
+ );
+}
+
+/* ************************************************************************* */
+/* Packet and Payload handling functions */
+/* ************************************************************************* */
+
+/**
+ * Check the validity of a decoded NTLM packet.
+ *
+ * \retval NTLM_ERR_NONE Packet is okay
+ * \retval NTLM_ERR_BLOB Packet is not even an NTLMSSP packet at all.
+ * \retval NTLM_ERR_PROTOCOL Packet is not the expected type.
+ */
+int
+ntlm_validate_packet(const ntlmhdr * hdr, const int type)
+{
+ /*
+ * Must be the correct security package and request type.
+ * The 8 bytes compared includes the ASCII 'NUL'.
+ */
+ if (memcmp(hdr->signature, "NTLMSSP", 8) != 0) {
+ fprintf(stderr, "ntlmCheckHeader: bad header signature\n");
+ return NTLM_ERR_BLOB;
+ }
+ if (type == NTLM_ANY)
+ return NTLM_ERR_NONE;
+
+ if (le32toh(hdr->type) != type) {
+ /* don't report this error - it's ok as we do a if() around this function */
+// fprintf(stderr, "ntlmCheckHeader: type is %d, wanted %d\n", le32toh(hdr->type), type);
+ return NTLM_ERR_PROTOCOL;
+ }
+ return NTLM_ERR_NONE;
+}
+
+#define lstring_zero(s) s.str=NULL; s.l=-1;
+
+/**
+ * Fetches a string from the authentication packet.
+ * The lstring data-part may point to inside the packet itself or a temporary static buffer.
+ * It's up to the user to memcpy() that if the value needs to
+ * be used in any way that requires a tailing \0. (can check whether the
+ * value is there though, in that case lstring.length == -1).
+ *
+ * String may be either ASCII or UNICODE depending on whether flags contains NTLM_NEGOTIATE_ASCII
+ */
+lstring
+ntlm_fetch_string(const ntlmhdr *packet, const int32_t packet_size, const strhdr * str, const u_int32_t flags)
+{
+ int16_t l; /* length */
+ int32_t o; /* offset */
+ static char buf[NTLM_MAX_FIELD_LENGTH];
+ lstring rv;
+ u_short *s, c;
+ char *d, *sc;
+
+ lstring_zero(rv);
+
+ l = le16toh(str->len);
+ o = le32toh(str->offset);
+ /* debug("fetch_string(plength=%d,l=%d,o=%d)\n",packet_size,l,o); */
+
+ if (l < 0 || l > NTLM_MAX_FIELD_LENGTH || o + l > packet_size || o == 0) {
+ /* debug("ntlmssp: insane data (l: %d, o: %d)\n", l,o); */
+ return rv;
+ }
+ rv.str = (char *)packet + o;
+ if ((flags & NTLM_NEGOTIATE_ASCII) == 0) {
+ /* UNICODE string */
+ s = (u_short *) ((char *) packet + o);
+ rv.str = d = buf;
+
+ for (l >>= 1; l; s++, l--) {
+ c = le16toh(*s);
+ if (c > 254 || c == '\0') {
+ fprintf(stderr, "ntlmssp: bad unicode: %04x\n", c);
+ return rv;
+ }
+ *d++ = c;
+ rv.l++;
+ }
+ } else {
+ /* ASCII/OEM string */
+ sc = (char *) packet + o;
+
+ for (; l; l--) {
+ if (*sc == '\0' || !xisprint(*sc)) {
+ fprintf(stderr, "ntlmssp: bad ascii: %04x\n", *sc);
+ return rv;
+ }
+ rv.l++;
+ }
+ }
+
+ return rv;
+}
+
+/**
+ * Adds something to the payload. The caller must guarrantee that
+ * there is enough space in the payload string to accommodate the
+ * added value.
+ * payload_length and hdr will be modified as a side-effect.
+ */
+void
+ntlm_add_to_payload(const ntlmhdr *packet_hdr,
+ char *payload,
+ int *payload_length,
+ strhdr * hdr,
+ const char *toadd,
+ const int toadd_length)
+{
+ int l = (*payload_length);
+ memcpy(payload + l, toadd, toadd_length);
+
+ hdr->len = htole16(toadd_length);
+ hdr->maxlen = htole16(toadd_length);
+ hdr->offset = htole32(l + payload - (char*)packet_hdr);
+ (*payload_length) += toadd_length;
+}
+
+
+/* ************************************************************************* */
+/* Negotiate Packet functions */
+/* ************************************************************************* */
+
+// ?
+
+
+/* ************************************************************************* */
+/* Challenge Packet functions */
+/* ************************************************************************* */
+
+/*
+ * Generates a challenge request nonce. The randomness of the 8 byte
+ * challenge strings can be guarenteed to be poor at best.
+ */
+void
+ntlm_make_nonce(char *nonce)
+{
+ static unsigned hash;
+ int i;
+ int r = (int) rand();
+ r = (hash ^ r) + r;
+
+ for (i = 0; i < NTLM_NONCE_LEN; i++) {
+ nonce[i] = r;
+ r = (r >> 2) ^ r;
+ }
+ hash = r;
+}
+
+/**
+ * Prepares a challenge packet to be sent to the client
+ * \note domain should be upper_case
+ */
+void
+ntlm_make_challenge(ntlm_challenge *ch,
+ const char *domain, const char *domain_controller_UNUSED,
+ const char *challenge_nonce, const int challenge_nonce_len,
+ const u_int32_t flags)
+{
+ int pl = 0;
+ memset(ch, 0, sizeof(ntlm_challenge)); /* reset */
+ memcpy(ch->hdr.signature, "NTLMSSP", 8); /* set the signature */
+ ch->hdr.type = htole32(NTLM_CHALLENGE); /* this is a challenge */
+ if (domain != NULL) {
+ ntlm_add_to_payload(&ch->hdr, ch->payload, &pl, &ch->target, domain, strlen(domain));
+ }
+ ch->flags = htole32(flags);
+ ch->context_low = 0; /* check this out */
+ ch->context_high = 0;
+ memcpy(ch->challenge, challenge_nonce, challenge_nonce_len);
+}
+
+/* ************************************************************************* */
+/* Authenticate Packet functions */
+/* ************************************************************************* */
+
+/**
+ * Unpack the strings in an NTLM authentication response from client.
+ * The caller is responsible for initializing the user and domain buffers
+ * this function will only insert data if the packet contains any. Otherwise
+ * the buffers will be left untouched.
+ *
+ * \retval NTLM_ERR_NONE username present, maybe also domain.
+ * \retval NTLM_ERR_PROTOCOL packet type is not an authentication packet.
+ * \retval NTLM_ERR_LOGON no username.
+ * \retval NTLM_ERR_BLOB domain field is apparently larger than the packet.
+ */
+int
+ntlm_unpack_auth(const ntlm_authenticate *auth, char *user, char *domain, const int32_t size)
+{
+ lstring rv;
+
+ if (ntlm_validate_packet(&auth->hdr, NTLM_AUTHENTICATE)) {
+ fprintf(stderr, "ntlmDecodeAuth: header check fails\n");
+ return NTLM_ERR_PROTOCOL;
+ }
+ debug("ntlmDecodeAuth: size of %d\n", size);
+ debug("ntlmDecodeAuth: flg %08x\n", auth->flags);
+ debug("ntlmDecodeAuth: usr o(%d) l(%d)\n", auth->user.offset, auth->user.len);
+
+ rv = ntlm_fetch_string(&auth->hdr, size, &auth->domain, auth->flags);
+ if (rv.l > 0) {
+ memcpy(rv.str, domain, rv.l);
+ domain[rv.l] = '\0';
+ debug("ntlm_unpack_auth: Domain '%s'.\n", domain);
+ }
+ if (rv.l >= size)
+ return NTLM_ERR_BLOB;
+
+ rv = ntlm_fetch_string(&auth->hdr, size, &auth->user, auth->flags);
+ if (rv.l > 0) {
+ memcpy(rv.str, user, rv.l);
+ user[rv.l] = '\0';
+ debug("ntlm_unpack_auth: Username '%s'.\n", user);
+ } else
+ return NTLM_ERR_LOGON;
+
+ return NTLM_ERR_NONE;
+}
--- /dev/null
+/*
+ * $Id$
+ *
+ * * * * * * * * Legal stuff * * * * * * *
+ *
+ * (C) 2000 Francesco Chemolli <kinkie@kame.usr.dsi.unimi.it>,
+ * inspired by previous work by Andrew Doran <ad@interlude.eu.org>.
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ *
+ *
+ * SQUID Web Proxy Cache http://www.squid-cache.org/
+ * ----------------------------------------------------------
+ *
+ * Squid is the result of efforts by numerous individuals from
+ * the Internet community; see the CONTRIBUTORS file for full
+ * details. Many organizations have provided support for Squid's
+ * development; see the SPONSORS file for full details. Squid is
+ * Copyrighted (C) 2001 by the Regents of the University of
+ * California; see the COPYRIGHT file for full details. Squid
+ * incorporates software developed and/or copyrighted by other
+ * sources; see the CREDITS file for full details.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ *
+ * * * * * * * * Declaration of intents * * * * * * *
+ *
+ * This header contains definitions and defines allowing to decode and
+ * understand NTLM packets, as sent by Internet Explorer.
+ * It's put here as it is a common utility to all HTLM-enabled modules.
+ */
+
+#ifndef SQUID_NTLMAUTH_H
+#define SQUID_NTLMAUTH_H
+
+#include "config.h"
+
+/* NP: All of this cruft is little endian */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+ /* Used internally. Microsoft seems to think this is right, I believe them.
+ * Right. */
+#define NTLM_MAX_FIELD_LENGTH 300 /* max length of an NTLMSSP field */
+
+ /* max length of the BLOB data. (and helper input/output buffer) */
+#define NTLM_BLOB_BUFFER_SIZE 10240
+
+ /* Here start the NTLMSSP definitions */
+
+ /* these are marked as "extra" fields */
+#define NTLM_REQUEST_INIT_RESPONSE 0x100000
+#define NTLM_REQUEST_ACCEPT_RESPONSE 0x200000
+#define NTLM_REQUEST_NON_NT_SESSION_KEY 0x400000
+
+ /* NTLM error codes */
+#define NTLM_ERR_INTERNAL -3
+#define NTLM_ERR_BLOB -2
+#define NTLM_ERR_BAD_PROTOCOL -1
+#define NTLM_ERR_NONE 0 /* aka. SMBLM_ERR_NONE */
+ /* codes used by smb_lm helper */
+#define NTLM_ERR_SERVER 1 /* aka. SMBLM_ERR_SERVER */
+#define NTLM_ERR_PROTOCOL 2 /* aka. SMBLM_ERR_PROTOCOL */
+#define NTLM_ERR_LOGON 3 /* aka. SMBLM_ERR_LOGON */
+#define NTLM_ERR_UNTRUSTED_DOMAIN 4
+#define NTLM_ERR_NOT_CONNECTED 10
+ /* codes used by mswin_ntlmsspi helper */
+#define NTLM_SSPI_ERROR 1
+#define NTLM_BAD_NTGROUP 2
+#define NTLM_BAD_REQUEST 3
+ /* TODO: reduce the above codes down to one set non-overlapping. */
+
+ /** String header. String data resides at the end of the request */
+ typedef struct _strhdr {
+ int16_t len; /**< Length in bytes */
+ int16_t maxlen; /**< Allocated space in bytes */
+ int32_t offset; /**< Offset from start of request */
+ } strhdr;
+
+ /** We use this to keep data/length couples. */
+ typedef struct _lstring {
+ int32_t l; /**< length, -1 if empty */
+ char *str; /**< the string. NULL if not initialized */
+ } lstring;
+
+ /** Debug dump the given flags field to stderr */
+ void ntlm_dump_ntlmssp_flags(const u_int32_t flags);
+
+
+ /* ************************************************************************* */
+ /* Packet and Payload structures and handling functions */
+ /* ************************************************************************* */
+
+ /* NTLM request types that we know about */
+#define NTLM_ANY 0
+#define NTLM_NEGOTIATE 1
+#define NTLM_CHALLENGE 2
+#define NTLM_AUTHENTICATE 3
+
+ /** This is an header common to all packets, it's used to discriminate
+ * among the different packet signature types.
+ */
+ typedef struct _ntlmhdr {
+ char signature[8]; /**< "NTLMSSP" */
+ int32_t type; /**< One of the NTLM_* types above. */
+ } ntlmhdr;
+
+ /** Validate the packet type matches one we want. */
+ int ntlm_validate_packet(const ntlmhdr *packet, const int type);
+
+ /** Retrieve a string from the NTLM packet payload. */
+ lstring ntlm_fetch_string(const ntlmhdr *packet,
+ const int32_t packet_length,
+ const strhdr *str,
+ const u_int32_t flags);
+
+ /** Append a string to the NTLM packet payload. */
+ void ntlm_add_to_payload(const ntlmhdr *packet_hdr,
+ char *payload,
+ int *payload_length,
+ strhdr * hdr,
+ const char *toadd,
+ const int toadd_length);
+
+
+ /* ************************************************************************* */
+ /* Negotiate Packet structures and functions */
+ /* ************************************************************************* */
+
+ /* negotiate request flags */
+#define NTLM_NEGOTIATE_UNICODE 0x0001
+#define NTLM_NEGOTIATE_ASCII 0x0002
+#define NTLM_NEGOTIATE_REQUEST_TARGET 0x0004
+#define NTLM_NEGOTIATE_REQUEST_SIGN 0x0010
+#define NTLM_NEGOTIATE_REQUEST_SEAL 0x0020
+#define NTLM_NEGOTIATE_DATAGRAM_STYLE 0x0040
+#define NTLM_NEGOTIATE_USE_LM 0x0080
+#define NTLM_NEGOTIATE_USE_NETWARE 0x0100
+#define NTLM_NEGOTIATE_USE_NTLM 0x0200
+#define NTLM_NEGOTIATE_DOMAIN_SUPPLIED 0x1000
+#define NTLM_NEGOTIATE_WORKSTATION_SUPPLIED 0x2000
+#define NTLM_NEGOTIATE_THIS_IS_LOCAL_CALL 0x4000
+#define NTLM_NEGOTIATE_ALWAYS_SIGN 0x8000
+
+ /** Negotiation request sent by client */
+ typedef struct _ntlm_negotiate {
+ ntlmhdr hdr; /**< "NTLMSSP" , LSWAP(0x1) */
+ u_int32_t flags; /**< Request flags */
+ strhdr domain; /**< Domain we wish to authenticate in */
+ strhdr workstation; /**< Client workstation name */
+ char payload[256]; /**< String data */
+ } ntlm_negotiate;
+
+
+ /* ************************************************************************* */
+ /* Challenge Packet structures and functions */
+ /* ************************************************************************* */
+
+#define NTLM_NONCE_LEN 8
+
+ /* challenge request flags */
+#define NTLM_CHALLENGE_TARGET_IS_DOMAIN 0x10000
+#define NTLM_CHALLENGE_TARGET_IS_SERVER 0x20000
+#define NTLM_CHALLENGE_TARGET_IS_SHARE 0x40000
+
+ /** Challenge request sent by server. */
+ typedef struct _ntlm_challenge {
+ ntlmhdr hdr; /**< "NTLMSSP" , LSWAP(0x2) */
+ strhdr target; /**< Authentication target (domain/server ...) */
+ u_int32_t flags; /**< Request flags */
+ u_char challenge[NTLM_NONCE_LEN]; /**< Challenge string */
+ u_int32_t context_low; /**< LS part of the server context handle */
+ u_int32_t context_high; /**< MS part of the server context handle */
+ char payload[256]; /**< String data */
+ } ntlm_challenge;
+
+ /* Size of the ntlm_challenge structures formatted fields (excluding payload) */
+#define NTLM_CHALLENGE_HEADER_OFFSET (sizeof(ntlm_challenge)-256)
+
+ /** Generate a challenge request nonce. */
+ void ntlm_make_nonce(char *nonce);
+
+ /** Generate a challenge request Blob to be sent to the client. */
+ void ntlm_make_challenge(ntlm_challenge *ch,
+ const char *domain,
+ const char *domain_controller,
+ const char *challenge_nonce,
+ const int challenge_nonce_len,
+ const u_int32_t flags);
+
+
+ /* ************************************************************************* */
+ /* Authenticate Packet structures and functions */
+ /* ************************************************************************* */
+
+ /** Authentication request sent by client in response to challenge */
+ typedef struct _ntlm_authenticate {
+ ntlmhdr hdr; /**< "NTLMSSP" , LSWAP(0x3) */
+ strhdr lmresponse; /**< LANMAN challenge response */
+ strhdr ntresponse; /**< NT challenge response */
+ strhdr domain; /**< Domain to authenticate against */
+ strhdr user; /**< Username */
+ strhdr workstation; /**< Workstation name */
+ strhdr sessionkey; /**< Session key for server's use */
+ int32_t flags; /**< Request flags */
+ char payload[256 * 6]; /**< String data */
+ } ntlm_authenticate;
+
+ /** Unpack username and domain out of a packet payload. */
+ int ntlm_unpack_auth(const ntlm_authenticate *auth,
+ char *user,
+ char *domain,
+ const int32_t size);
+
+
+#if __cplusplus
+}
+#endif
+
+#endif /* SQUID_NTLMAUTH_H */
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
-/* #include <features.h> */
#include "config.h"
-#include "std-includes.h"
-#include "rfcnb-priv.h"
-#include "rfcnb-util.h"
-#include "rfcnb-io.h"
+#include "libntlmauth/rfcnb-priv.h"
+
#include <sys/uio.h>
#include <sys/signal.h>
#include <string.h>
char hdr[RFCNB_Pkt_Hdr_Len]; /* Local space for the header */
struct RFCNB_Pkt *pkt_frag;
int more, this_time, offset, frag_len, this_len;
- BOOL seen_keep_alive = TRUE;
+ int seen_keep_alive = 1;
/* Read that header straight into the buffer */
#endif
} else {
- seen_keep_alive = FALSE;
+ seen_keep_alive = 0;
}
}
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
-/* Defines we need */
+/* The Public API stuff */
+#include "libntlmauth/rfcnb.h"
-#define GLOBAL extern
+/* The internals */
+#include "libntlmauth/smb-byteorder.h"
-#include "rfcnb-error.h"
-#include "rfcnb-common.h"
-#include "byteorder.h"
+#if HAVE_NETINET_IN_H
+#include <netinet/in.h>
+#endif
#ifdef RFCNB_PORT
#define RFCNB_Default_Port RFCNB_PORT
/* Structures */
-typedef struct redirect_addr *redirect_ptr;
-
-struct redirect_addr {
-
- struct in_addr ip_addr;
- int port;
- redirect_ptr next;
-
-};
-
-typedef struct RFCNB_Con {
-
- int fd; /* File descripter for TCP/IP connection */
- int rfc_errno; /* last error */
- int timeout; /* How many milli-secs before IO times out */
- int redirects; /* How many times we were redirected */
- struct redirect_addr *redirect_list; /* First is first address */
- struct redirect_addr *last_addr;
-
-} RFCNB_Con;
-
typedef char RFCNB_Hdr[4]; /* The header is 4 bytes long with */
/* char[0] as the type, char[1] the */
/* flags, and char[2..3] the length */
extern int RFCNB_saved_errno; /* Save this from point of error */
#endif
+/* I/O functions */
+extern int RFCNB_Put_Pkt(RFCNB_Con *con, RFCNB_Pkt *pkt, int len);
+
+extern int RFCNB_Get_Pkt(RFCNB_Con *con, RFCNB_Pkt *pkt, int len);
+
+extern void RFCNB_Free_Pkt(RFCNB_Pkt *pkt);
+
+/* Util functions */
+
+void RFCNB_CvtPad_Name(char *name1, char *name2);
+
+void RFCNB_AName_To_NBName(char *AName, char *NBName);
+
+void RFCNB_NBName_To_AName(char *NBName, char *AName);
+
+void RFCNB_Print_Hex(FILE * fd, RFCNB_Pkt *pkt, int Offset, int Len);
+
+RFCNB_Pkt *RFCNB_Alloc_Pkt(int n);
+
+void RFCNB_Print_Pkt(FILE * fd, char *dirn, RFCNB_Pkt *pkt, int len);
+
+int RFCNB_Name_To_IP(char *host, struct in_addr *Dest_IP);
+
+int RFCNB_Close(int socket);
+
+int RFCNB_IP_Connect(struct in_addr Dest_IP, int port);
+
+int RFCNB_Session_Req(RFCNB_Con *con,
+ char *Called_Name,
+ char *Calling_Name,
+ int * redirect,
+ struct in_addr *Dest_IP,
+ int *port);
+
#endif /* __RFCNB_H__ */
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
+#define SQUID_NO_ALLOC_PROTECT 1
+#include "config.h"
+#include "libntlmauth/rfcnb-priv.h"
+#include <netinet/tcp.h>
#include <string.h>
-#include <stdlib.h>
int RFCNB_errno = 0;
int RFCNB_saved_errno = 0;
-#define RFCNB_ERRNO
-
-#include "std-includes.h"
-#include <netinet/tcp.h>
-#include "rfcnb-priv.h"
-#include "rfcnb-util.h"
-#include "rfcnb-io.h"
-#include "rfcnb.h"
+//#define RFCNB_ERRNO
/* local functions */
-
-int RFCNB_Get_Last_Error(void);
int RFCNB_Get_Last_Errno(void);
void RFCNB_Get_Error_Msg(int code, char *msg_buf, int len);
void RFCNB_Register_Print_Routine(void (*fn) ());
struct RFCNB_Con *con;
struct in_addr Dest_IP;
int Client;
- BOOL redirect;
+ int redirect;
struct redirect_addr *redir_addr;
char *Service_Address;
}
/* Now connect to the remote end */
- redirect = TRUE; /* Fudge this one so we go once through */
+ redirect = 1; /* Fudge this one so we go once through */
while (redirect) { /* Connect and get session info etc */
- redirect = FALSE; /* Assume all OK */
+ redirect = 0; /* Assume all OK */
/* Build the redirect info. First one is first addr called */
/* And tack it onto the list of addresses we called */
/* Set TCP_NODELAY on the socket */
int
-RFCNB_Set_Sock_NoDelay(struct RFCNB_Con *con_Handle, BOOL yn)
+RFCNB_Set_Sock_NoDelay(struct RFCNB_Con *con_Handle, int yn)
{
return (setsockopt(con_Handle->fd, IPPROTO_TCP, TCP_NODELAY,
void
RFCNB_Get_Error(char *buffer, int buf_len)
{
-
if (RFCNB_saved_errno <= 0) {
- sprintf(buffer, "%s", RFCNB_Error_Strings[RFCNB_errno]);
+ snprintf(buffer, buf_len, "%s", RFCNB_Error_Strings[RFCNB_errno]);
} else {
- sprintf(buffer, "%s\n\terrno:%s", RFCNB_Error_Strings[RFCNB_errno],
- strerror(RFCNB_saved_errno));
+ snprintf(buffer, buf_len, "%s\n\terrno:%s", RFCNB_Error_Strings[RFCNB_errno],
+ strerror(RFCNB_saved_errno));
}
-
}
/* Pick up the last error response and returns as a code */
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
+#define SQUID_NO_ALLOC_PROTECT 1
+#include "config.h"
+#include "libntlmauth/rfcnb-priv.h"
-#include <string.h>
-#include <stdlib.h>
-
-#include "std-includes.h"
-#include "rfcnb-priv.h"
-#include "rfcnb-util.h"
-#include "rfcnb-io.h"
#include <arpa/inet.h>
-
-#ifndef uint16
-#ifdef u_int16_t
-typedef u_int16_t uint16;
-#else
-typedef unsigned short uint16;
-#endif
-#endif
+#include <string.h>
extern void (*Prot_Print_Routine) (); /* Pointer to protocol print routine */
RFCNB_Session_Req(struct RFCNB_Con *con,
char *Called_Name,
char *Calling_Name,
- BOOL * redirect,
+ int * redirect,
struct in_addr *Dest_IP,
int *port)
{
case RFCNB_SESSION_RETARGET: /* Go elsewhere */
- *redirect = TRUE; /* Copy port and ip addr */
+ *redirect = 1; /* Copy port and ip addr */
memcpy(Dest_IP, (resp + RFCNB_Pkt_IP_Offset), sizeof(struct in_addr));
*port = SVAL(resp, RFCNB_Pkt_Port_Offset);
--- /dev/null
+/* UNIX RFCNB (RFC1001/RFC1002) NetBIOS implementation
+ *
+ * Version 1.0
+ * RFCNB Defines
+ *
+ * Copyright (C) Richard Sharpe 1996
+ *
+ */
+
+/*
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ */
+
+#ifndef _LIBNTLMAUTH_RFCNB_H
+#define _LIBNTLMAUTH_RFCNB_H
+
+#include <netdb.h>
+#include <sys/types.h>
+#include <netinet/in.h>
+#include <sys/socket.h>
+#include <signal.h>
+#include <errno.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <strings.h>
+#if HAVE_NETINET_IN_H
+#include <netinet/in.h>
+#endif
+
+/* API Defines we need */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+ /* Error responses */
+ /* these should follow the spec ... is there one ? */
+
+#define RFCNBE_Bad -1 /* Bad response */
+#define RFCNBE_OK 0 /* Routine completed successfully. */
+#define RFCNBE_NoSpace 1 /* Could not allocate space for a struct */
+#define RFCNBE_BadName 2 /* Could not translate a name */
+#define RFCNBE_BadRead 3 /* Read sys call failed */
+#define RFCNBE_BadWrite 4 /* Write Sys call failed */
+#define RFCNBE_ProtErr 5 /* Protocol Error */
+#define RFCNBE_ConGone 6 /* Connection dropped */
+#define RFCNBE_BadHandle 7 /* Handle passed was bad */
+#define RFCNBE_BadSocket 8 /* Problems creating socket */
+#define RFCNBE_ConnectFailed 9 /* Connect failed */
+#define RFCNBE_CallRejNLOCN 10 /* Call rejected, not listening on CN */
+#define RFCNBE_CallRejNLFCN 11 /* Call rejected, not listening for CN */
+#define RFCNBE_CallRejCNNP 12 /* Call rejected, called name not present */
+#define RFCNBE_CallRejInfRes 13 /* Call rejetced, name ok, no resources */
+#define RFCNBE_CallRejUnSpec 14 /* Call rejected, unspecified error */
+#define RFCNBE_BadParam 15 /* Bad parameters passed ... */
+#define RFCNBE_Timeout 16 /* IO Timed out */
+
+ /* Text strings for the error responses */
+ extern char const *RFCNB_Error_Strings[];
+ /*
+ * static char *RFCNB_Error_Strings[] = {
+ *
+ * "RFCNBE_OK: Routine completed successfully.",
+ * "RFCNBE_NoSpace: No space available for a malloc call.",
+ * "RFCNBE_BadName: NetBIOS name could not be translated to IP address.",
+ * "RFCNBE_BadRead: Read system call returned an error. Check errno.",
+ * "RFCNBE_BadWrite: Write system call returned an error. Check errno.",
+ * "RFCNBE_ProtErr: A protocol error has occurred.",
+ * "RFCNBE_ConGone: Connection dropped during a read or write system call.",
+ * "RFCNBE_BadHandle: Bad connection handle passed.",
+ * "RFCNBE_BadSocket: Problems creating socket.",
+ * "RFCNBE_ConnectFailed: Connection failed. See errno.",
+ * "RFCNBE_CallRejNLOCN: Call rejected. Not listening on called name.",
+ * "RFCNBE_CallRejNLFCN: Call rejected. Not listening for called name.",
+ * "RFCNBE_CallRejCNNP: Call rejected. Called name not present.",
+ * "RFCNBE_CallRejInfRes: Call rejected. Name present, but insufficient resources.",
+ * "RFCNBE_CallRejUnSpec: Call rejected. Unspecified error.",
+ * "RFCNBE_BadParam: Bad parameters passed to a routine.",
+ * "RFCNBE_Timeout: IO Operation timed out ..."
+ *
+ * };
+ */
+
+#define RFCNB_Default_Port 139
+
+ /* API Structures */
+
+ typedef struct redirect_addr * redirect_ptr;
+
+ struct redirect_addr {
+ struct in_addr ip_addr;
+ int port;
+ redirect_ptr next;
+ };
+
+ typedef struct RFCNB_Con {
+ int fd; /* File descripter for TCP/IP connection */
+ int rfc_errno; /* last error */
+ int timeout; /* How many milli-secs before IO times out */
+ int redirects; /* How many times we were redirected */
+ struct redirect_addr *redirect_list; /* First is first address */
+ struct redirect_addr *last_addr;
+ } RFCNB_Con;
+
+ typedef struct RFCNB_Pkt {
+ char *data; /* The data in this portion */
+ int len;
+ struct RFCNB_Pkt *next;
+ } RFCNB_Pkt;
+
+ /* API Definition of routines we define */
+
+ void *RFCNB_Call(char *Called_Name, char *Calling_Name, char *Called_Address, int port);
+
+ int RFCNB_Send(RFCNB_Con *Con_Handle, RFCNB_Pkt *Data, int Length);
+
+ int RFCNB_Recv(void *Con_Handle, RFCNB_Pkt *Data, int Length);
+
+ int RFCNB_Hangup(RFCNB_Con *con_Handle);
+
+ void *RFCNB_Listen(void);
+
+ void RFCNB_Get_Error(char *buffer, int buf_len);
+
+ int RFCNB_Get_Last_Error(void);
+
+ RFCNB_Pkt *RFCNB_Alloc_Pkt(int n);
+
+ void RFCNB_Free_Pkt(RFCNB_Pkt *pkt);
+
+ int RFCNB_Set_Sock_NoDelay(RFCNB_Con *con_Handle, int yn);
+
+#ifdef __cplusplus
+};
+#endif
+
+#endif /* _LIBNTLMAUTH_RFCNB_H */
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
+#ifndef _LIBNTLMAUTH_SMB_BYTEORER_H
+#define _LIBNTLMAUTH_SMB_BYTEORER_H
/*
* This file implements macros for machine independent short and
#define IVAL(buf,pos) (SVAL(buf,pos)|SVAL(buf,(pos)+2)<<16)
#define SSVALX(buf,pos,val) (CVAL(buf,pos)=(val)&0xFF,CVAL(buf,pos+1)=(val)>>8)
#define SIVALX(buf,pos,val) (SSVALX(buf,pos,val&0xFFFF),SSVALX(buf,pos+2,val>>16))
-#define SVALS(buf,pos) ((int16)SVAL(buf,pos))
-#define IVALS(buf,pos) ((int32)IVAL(buf,pos))
-#define SSVAL(buf,pos,val) SSVALX((buf),(pos),((uint16)(val)))
-#define SIVAL(buf,pos,val) SIVALX((buf),(pos),((uint32)(val)))
-#define SSVALS(buf,pos,val) SSVALX((buf),(pos),((int16)(val)))
-#define SIVALS(buf,pos,val) SIVALX((buf),(pos),((int32)(val)))
+#define SVALS(buf,pos) ((int16_t)SVAL(buf,pos))
+#define IVALS(buf,pos) ((int32_t)IVAL(buf,pos))
+#define SSVAL(buf,pos,val) SSVALX((buf),(pos),((uint16_t)(val)))
+#define SIVAL(buf,pos,val) SIVALX((buf),(pos),((uint32_t)(val)))
+#define SSVALS(buf,pos,val) SSVALX((buf),(pos),((int16_t)(val)))
+#define SIVALS(buf,pos,val) SIVALX((buf),(pos),((int32_t)(val)))
#else
/* this handles things for architectures like the 386 that can handle
* alignment errors */
* WARNING: This section is dependent on the length of int16 and int32
* being correct
*/
-#define SVAL(buf,pos) (*(uint16 *)((char *)(buf) + (pos)))
-#define IVAL(buf,pos) (*(uint32 *)((char *)(buf) + (pos)))
-#define SVALS(buf,pos) (*(int16 *)((char *)(buf) + (pos)))
-#define IVALS(buf,pos) (*(int32 *)((char *)(buf) + (pos)))
-#define SSVAL(buf,pos,val) SVAL(buf,pos)=((uint16)(val))
-#define SIVAL(buf,pos,val) IVAL(buf,pos)=((uint32)(val))
-#define SSVALS(buf,pos,val) SVALS(buf,pos)=((int16)(val))
-#define SIVALS(buf,pos,val) IVALS(buf,pos)=((int32)(val))
+#define SVAL(buf,pos) (*(uint16_t *)((char *)(buf) + (pos)))
+#define IVAL(buf,pos) (*(uint32_t *)((char *)(buf) + (pos)))
+#define SVALS(buf,pos) (*(int16_t *)((char *)(buf) + (pos)))
+#define IVALS(buf,pos) (*(int32_t *)((char *)(buf) + (pos)))
+#define SSVAL(buf,pos,val) SVAL(buf,pos)=((uint16_t)(val))
+#define SIVAL(buf,pos,val) IVAL(buf,pos)=((uint32_t)(val))
+#define SSVALS(buf,pos,val) SVALS(buf,pos)=((int16_t)(val))
+#define SIVALS(buf,pos,val) IVALS(buf,pos)=((int32_t)(val))
#endif
#define RIVAL(buf,pos) IREV(IVAL(buf,pos))
#define RSSVAL(buf,pos,val) SSVAL(buf,pos,SREV(val))
#define RSIVAL(buf,pos,val) SIVAL(buf,pos,IREV(val))
+
+#endif /* LIBNTLMAUTH_SMB_BYTEORER_H */
* should confirm it for yourself (and maybe let me know if you come
* up with a different answer to the one above)
*/
-
-#include "smbdes.h"
+#include "config.h"
+#include "libntlmauth/smb-des.h"
/* local functions */
void cred_hash1(unsigned char *out, unsigned char *in, unsigned char *key);
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
+#include "config.h"
+#include "libntlmauth/smb-byteorder.h"
+#include "libntlmauth/smb-des.h"
+#include "libntlmauth/smb-md4.h"
+#include "libntlmauth/smblib-priv.h"
-#include "std-includes.h"
#include <string.h>
#include <ctype.h>
#include <dirent.h>
#include <netinet/in.h>
#include <arpa/inet.h>
-#include "smblib-priv.h"
-#include "md4.h"
-#include "smbdes.h"
-
-#define uchar unsigned char
extern int DEBUGLEVEL;
-#include "byteorder.h"
-#include "smbencrypt.h"
-
/* local functions */
char *StrnCpy(char *dest, char *src, int n);
void strupper(char *s);
-void E_md4hash(uchar * passwd, uchar * p16);
+void E_md4hash(unsigned char * passwd, unsigned char * p16);
void nt_lm_owf_gen(char *pwd, char *nt_p16, char *p16);
/*
* It takes a password, a 8 byte "crypt key" and puts 24 bytes of
* encrypted password into p24 */
void
-SMBencrypt(uchar * passwd, uchar * c8, uchar * p24)
+SMBencrypt(unsigned char * passwd, unsigned char * c8, unsigned char * p24)
{
- uchar p14[15], p21[21];
+ unsigned char p14[15], p21[21];
memset(p21, '\0', 21);
memset(p14, '\0', 14);
/* Routines for Windows NT MD4 Hash functions. */
static int
-_my_wcslen(int16 * str)
+_my_wcslen(int16_t * str)
{
int len = 0;
while (*str++ != 0)
*/
static int
-_my_mbstowcs(int16 * dst, uchar * src, int len)
+_my_mbstowcs(int16_t * dst, unsigned char * src, int len)
{
int i;
- int16 val;
+ int16_t val;
for (i = 0; i < len; i++) {
val = *src;
* Creates the MD4 Hash of the users password in NT UNICODE.
*/
void
-E_md4hash(uchar * passwd, uchar * p16)
+E_md4hash(unsigned char * passwd, unsigned char * p16)
{
int len;
- int16 wpwd[129];
+ int16_t wpwd[129];
/* Password cannot be longer than 128 characters */
len = strlen((char *) passwd);
_my_mbstowcs(wpwd, passwd, len);
wpwd[len] = 0; /* Ensure string is null terminated */
/* Calculate length in bytes */
- len = _my_wcslen(wpwd) * sizeof(int16);
+ len = _my_wcslen(wpwd) * sizeof(int16_t);
mdfour(p16, (unsigned char *) wpwd, len);
}
/* Does the NT MD4 hash then des encryption. */
void
-SMBNTencrypt(uchar * passwd, uchar * c8, uchar * p24)
+SMBNTencrypt(unsigned char * passwd, unsigned char * c8, unsigned char * p24)
{
- uchar p21[21];
+ unsigned char p21[21];
memset(p21, '\0', 21);
/* Calculate the MD4 hash (NT compatible) of the password */
memset(nt_p16, '\0', 16);
- E_md4hash((uchar *) passwd, (uchar *) nt_p16);
+ E_md4hash((unsigned char *) passwd, (unsigned char *) nt_p16);
/* Mangle the passwords into Lanman format */
passwd[14] = '\0';
/* Calculate the SMB (lanman) hash functions of the password */
memset(p16, '\0', 16);
- E_P16((uchar *) passwd, (uchar *) p16);
+ E_P16((unsigned char *) passwd, (unsigned char *) p16);
/* clear out local copy of user's password (just being paranoid). */
memset(passwd, 0, sizeof(passwd));
*
* It assumes that a int is at least 32 bits long
*/
+#include "config.h"
+#include "libntlmauth/smblib-priv.h"
+#include "libntlmauth/smb-md4.h"
+
#include <string.h>
-#include "std-defines.h" /* for the types */
-#include "md4.h"
-static uint32 A, B, C, D;
+static uint32_t A, B, C, D;
-static uint32
-F(uint32 X, uint32 Y, uint32 Z)
+static uint32_t
+F(uint32_t X, uint32_t Y, uint32_t Z)
{
return (X & Y) | ((~X) & Z);
}
-static uint32
-G(uint32 X, uint32 Y, uint32 Z)
+static uint32_t
+G(uint32_t X, uint32_t Y, uint32_t Z)
{
return (X & Y) | (X & Z) | (Y & Z);
}
-static uint32
-H(uint32 X, uint32 Y, uint32 Z)
+static uint32_t
+H(uint32_t X, uint32_t Y, uint32_t Z)
{
return X ^ Y ^ Z;
}
-static uint32
-lshift(uint32 x, int s)
+static uint32_t
+lshift(uint32_t x, int s)
{
x &= 0xFFFFFFFF;
return ((x << s) & 0xFFFFFFFF) | (x >> (32 - s));
}
#define ROUND1(a,b,c,d,k,s) a = lshift(a + F(b,c,d) + X[k], s)
-#define ROUND2(a,b,c,d,k,s) a = lshift(a + G(b,c,d) + X[k] + (uint32)0x5A827999,s)
-#define ROUND3(a,b,c,d,k,s) a = lshift(a + H(b,c,d) + X[k] + (uint32)0x6ED9EBA1,s)
+#define ROUND2(a,b,c,d,k,s) a = lshift(a + G(b,c,d) + X[k] + (uint32_t)0x5A827999,s)
+#define ROUND3(a,b,c,d,k,s) a = lshift(a + H(b,c,d) + X[k] + (uint32_t)0x6ED9EBA1,s)
/* this applies md4 to 64 byte chunks */
static void
-mdfour64(uint32 * M)
+mdfour64(uint32_t * M)
{
int j;
- uint32 AA, BB, CC, DD;
- uint32 X[16];
+ uint32_t AA, BB, CC, DD;
+ uint32_t X[16];
for (j = 0; j < 16; j++)
X[j] = M[j];
}
static void
-copy64(uint32 * M, unsigned char *in)
+copy64(uint32_t * M, unsigned char *in)
{
int i;
}
static void
-copy4(unsigned char *out, uint32 x)
+copy4(unsigned char *out, uint32_t x)
{
out[0] = x & 0xFF;
out[1] = (x >> 8) & 0xFF;
mdfour(unsigned char *out, unsigned char *in, int n)
{
unsigned char buf[128];
- uint32 M[16];
- uint32 b = n * 8;
+ uint32_t M[16];
+ uint32_t b = n * 8;
int i;
A = 0x67452301;
--- /dev/null
+/* UNIX SMBlib NetBIOS implementation
+ *
+ * Version 1.0
+ * SMBlib Defines
+ *
+ * Copyright (C) Richard Sharpe 1996
+ *
+ */
+
+/*
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ */
+#ifndef _SMBVAL_SMBLIB_H
+#define _SMBVAL_SMBLIB_H
+
+#include <netdb.h>
+#include <sys/types.h>
+#include <netinet/in.h>
+#include <sys/socket.h>
+#include <signal.h>
+#include <errno.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <strings.h>
+
+#ifdef PRIVATE_API
+#define SMBLIB_DEFAULT_DOMAIN "anydom"
+#endif /* PRIVATE_API */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+ /* To get the error class we want the first 8 bits */
+ /* Because we just grab 4bytes from the SMB header, we have to re-order */
+ /* here, but it makes the NtStatus part easier in future */
+
+#define SMBlib_Error_Class(p) (p & 0x000000FF)
+
+ /* To get the error code, we want the bottom 16 bits */
+
+#define SMBlib_Error_Code(p) (((unsigned int)p & 0xFFFF0000) >>16)
+
+ /* Error CLASS codes and etc ... */
+
+#define SMBC_SUCCESS 0
+#define SMBC_ERRDOS 0x01
+#define SMBC_ERRSRV 0x02
+#define SMBC_ERRHRD 0x03
+#define SMBC_ERRCMD 0xFF
+
+ /* Success error codes */
+
+#define SMBS_BUFFERED 0x54
+#define SMBS_LOGGED 0x55
+#define SMBS_DISPLAYED 0x56
+
+ /* ERRDOS Error codes */
+
+#define SMBD_badfunc 0x01
+#define SMBD_badfile 0x02
+#define SMBD_badpath 0x03
+#define SMBD_nofids 0x04
+#define SMBD_noaccess 0x05
+#define SMBD_badfid 0x06
+#define SMBD_badmcb 0x07
+#define SMBD_nomem 0x08
+#define SMBD_badmem 0x09
+#define SMBD_badenv 0x0A
+#define SMBD_badformat 0x0B
+#define SMBD_badaccess 0x0C
+#define SMBD_baddata 0x0D
+#define SMBD_reserved 0x0E
+#define SMBD_baddrive 0x0F
+#define SMBD_remcd 0x10
+#define SMBD_diffdevice 0x11
+#define SMBD_nofiles 0x12
+#define SMBD_badshare 0x20
+#define SMBD_errlock 0x21
+#define SMBD_filexists 0x50
+
+ /* Server errors ... */
+
+#define SMBV_error 0x01 /* Generic error */
+#define SMBV_badpw 0x02
+#define SMBV_badtype 0x03
+#define SMBV_access 0x04
+#define SMBV_invnid 0x05
+#define SMBV_invnetname 0x06
+#define SMBV_invdevice 0x07
+#define SMBV_qfull 0x31
+#define SMBV_qtoobig 0x32
+#define SMBV_qeof 0x33
+#define SMBV_invpfid 0x34
+#define SMBV_paused 0x51
+#define SMBV_msgoff 0x52
+#define SMBV_noroom 0x53
+#define SMBV_rmuns 0x57
+#define SMBV_nosupport 0xFFFF
+
+ /* Hardware error codes ... */
+
+#define SMBH_nowrite 0x13
+#define SMBH_badunit 0x14
+#define SMBH_notready 0x15
+#define SMBH_badcmd 0x16
+#define SMBH_data 0x17
+#define SMBH_badreq 0x18
+#define SMBH_seek 0x19
+#define SMBH_badmedia 0x1A
+#define SMBH_badsector 0x1B
+#define SMBH_nopaper 0x1C
+#define SMBH_write 0x1D
+#define SMBH_read 0x1E
+#define SMBH_general 0x1F
+#define SMBH_badshare 0x20
+
+ /* Access mode defines ... */
+
+#define SMB_AMODE_WTRU 0x4000
+#define SMB_AMODE_NOCACHE 0x1000
+#define SMB_AMODE_COMPAT 0x0000
+#define SMB_AMODE_DENYRWX 0x0010
+#define SMB_AMODE_DENYW 0x0020
+#define SMB_AMODE_DENYRX 0x0030
+#define SMB_AMODE_DENYNONE 0x0040
+#define SMB_AMODE_OPENR 0x0000
+#define SMB_AMODE_OPENW 0x0001
+#define SMB_AMODE_OPENRW 0x0002
+#define SMB_AMODE_OPENX 0x0003
+#define SMB_AMODE_FCBOPEN 0x00FF
+#define SMB_AMODE_LOCUNKN 0x0000
+#define SMB_AMODE_LOCMSEQ 0x0100
+#define SMB_AMODE_LOCMRAN 0x0200
+#define SMB_AMODE_LOCRAL 0x0300
+
+ /* File attribute encoding ... */
+
+#define SMB_FA_ORD 0x00
+#define SMB_FA_ROF 0x01
+#define SMB_FA_HID 0x02
+#define SMB_FA_SYS 0x04
+#define SMB_FA_VOL 0x08
+#define SMB_FA_DIR 0x10
+#define SMB_FA_ARC 0x20
+
+ /* Define the protocol types ... */
+
+#define SMB_P_Unknown -1 /* Hmmm, is this smart? */
+#define SMB_P_Core 0
+#define SMB_P_CorePlus 1
+#define SMB_P_DOSLanMan1 2
+#define SMB_P_LanMan1 3
+#define SMB_P_DOSLanMan2 4
+#define SMB_P_LanMan2 5
+#define SMB_P_DOSLanMan2_1 6
+#define SMB_P_LanMan2_1 7
+#define SMB_P_NT1 8
+
+ /* SMBlib return codes */
+ /* We want something that indicates whether or not the return code was a */
+ /* remote error, a local error in SMBlib or returned from lower layer ... */
+ /* Wonder if this will work ... */
+ /* SMBlibE_Remote = 1 indicates remote error */
+ /* SMBlibE_ values < 0 indicate local error with more info available */
+ /* SMBlibE_ values >1 indicate local from SMBlib code errors? */
+
+#define SMBlibE_Success 0
+#define SMBlibE_Remote 1 /* Remote error, get more info from con */
+#define SMBlibE_BAD -1
+#define SMBlibE_LowerLayer 2 /* Lower layer error */
+#define SMBlibE_NotImpl 3 /* Function not yet implemented */
+#define SMBlibE_ProtLow 4 /* Protocol negotiated does not support req */
+#define SMBlibE_NoSpace 5 /* No space to allocate a structure */
+#define SMBlibE_BadParam 6 /* Bad parameters */
+#define SMBlibE_NegNoProt 7 /* None of our protocols was liked */
+#define SMBlibE_SendFailed 8 /* Sending an SMB failed */
+#define SMBlibE_RecvFailed 9 /* Receiving an SMB failed */
+#define SMBlibE_GuestOnly 10 /* Logged in as guest */
+#define SMBlibE_CallFailed 11 /* Call remote end failed */
+#define SMBlibE_ProtUnknown 12 /* Protocol unknown */
+#define SMBlibE_NoSuchMsg 13 /* Keep this up to date */
+
+ typedef struct { /* A structure for a Dirent */
+
+ unsigned char resume_key[21]; /* Don't touch this */
+ unsigned char file_attributes; /* Attributes of file */
+ unsigned int date_time; /* date and time of last mod */
+ unsigned int size;
+ char filename[13]; /* The name of the file */
+
+ } SMB_CP_dirent;
+
+ /* Handle Structures */
+
+ typedef struct SMB_Tree_Structure * SMB_Tree_Handle;
+ typedef struct SMB_Connect_Def * SMB_Handle_Type;
+
+ struct SMB_Tree_Structure {
+ SMB_Tree_Handle next, prev;
+ SMB_Handle_Type con;
+ char path[129];
+ char device_type[20];
+ int mbs; /* Local MBS */
+ int tid;
+ };
+
+ struct SMB_Connect_Def {
+ SMB_Handle_Type Next_Con, Prev_Con; /* Next and previous conn */
+ int protocol; /* What is the protocol */
+ int prot_IDX; /* And what is the index */
+ void *Trans_Connect; /* The connection */
+
+ /* All these strings should be malloc'd */
+
+ char service[80], username[80], password[80], desthost[80], sock_options[80];
+ char address[80], myname[80];
+
+ SMB_Tree_Handle first_tree, last_tree; /* List of trees on this server */
+
+ int gid; /* Group ID, do we need it? */
+ int mid; /* Multiplex ID? We might need one per con */
+ int pid; /* Process ID */
+
+ int uid; /* Authenticated user id. */
+
+ /* It is pretty clear that we need to bust some of */
+ /* these out into a per TCon record, as there may */
+ /* be multiple TCon's per server, etc ... later */
+
+ int port; /* port to use in case not default, this is a TCPism! */
+
+ int max_xmit; /* Max xmit permitted by server */
+ int Security; /* 0 = share, 1 = user */
+ int Raw_Support; /* bit 0 = 1 = Read Raw supported, 1 = 1 Write raw */
+ int16_t encrypt_passwords; /* TRUE/FALSE. FALSE = don't */
+ int MaxMPX, MaxVC, MaxRaw;
+ unsigned int SessionKey, Capabilities;
+ int SvrTZ; /* Server Time Zone */
+ int Encrypt_Key_Len;
+ char Encrypt_Key[80], Domain[80], PDomain[80], OSName[80], LMType[40];
+ char Svr_OS[80], Svr_LMType[80], Svr_PDom[80];
+ };
+
+ /* Initialize the SMBlib package */
+ int SMB_Init(void);
+
+ /* Create a handle to allow us to set/override some parameters ... */
+ SMB_Handle_Type SMB_Create_Con_Handle();
+
+ /* Connect to a server, but do not do a tree con etc ... */
+ SMB_Handle_Type SMB_Connect_Server(SMB_Handle_Type Con_Handle,
+ char *server,
+ char *NTdomain);
+
+ /* Connect to a server and give us back a handle. If Con == NULL, create */
+ /* The handle and populate it with defaults */
+ SMB_Handle_Type SMB_Connect(SMB_Handle_Type Con_Handle,
+ SMB_Tree_Handle * tree,
+ char *service,
+ char *username,
+ char *password);
+
+ int SMB_Logon_Server(SMB_Handle_Type Con_Handle,
+ char *UserName,
+ char *PassWord,
+ char *UserDomain,
+ int precrypted);
+
+ /* Negotiate a protocol */
+ int SMB_Negotiate(SMB_Handle_Type con, char const *Prots[]);
+
+ /* Connect to a tree ... */
+ SMB_Tree_Handle SMB_TreeConnect(SMB_Handle_Type con,
+ SMB_Tree_Handle tree,
+ char *path,
+ char *password,
+ char const *device);
+
+
+ /* Disconnect a tree ... */
+ int SMB_TreeDisconect(void *tree_handle);
+
+ /* Open a file */
+ void *SMB_Open(void *tree_handle,
+ void *file_handle,
+ char *file_name,
+ unsigned short mode,
+ unsigned short search);
+
+ /* Close a file */
+ int SMB_Close(void *file_handle);
+
+ /* Disconnect from server. Has flag to specify whether or not we keep the */
+ /* handle. */
+ int SMB_Discon(SMB_Handle_Type Con,
+ int KeepHandle);
+
+ void *SMB_Create(void *Tree_Handle,
+ void *File_Handle,
+ char *file_name,
+ short search);
+
+ int SMB_Delete(void *tree,
+ char *file_name,
+ short search);
+
+ int SMB_Create_Dir(void *tree,
+ char *dir_name);
+
+ int SMB_Delete_Dir(void *tree,
+ char *dir_name);
+
+ int SMB_Check_Dir(void *tree,
+ char *dir_name);
+
+ int SMB_Get_Last_Error();
+
+ int SMB_Get_Last_SMB_Err();
+
+ int SMB_Get_Error_Msg(int msg,
+ char *msgbuf,
+ int len);
+
+ void *SMB_Logon_And_TCon(SMB_Handle_Type Con_Handle,
+ void *tree,
+ char *user,
+ char *pass,
+ char *service,
+ char *st);
+
+ /* Encryption Functions */
+
+ void SMBencrypt(unsigned char * passwd,
+ unsigned char * c8,
+ unsigned char * p24);
+
+ void SMBNTencrypt(unsigned char * passwd,
+ unsigned char * c8,
+ unsigned char * p24);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _SMBVAL_SMBLIB_H */
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
-#include "std-defines.h"
-#include "smblib-common.h"
+/* The public API bits */
+#define PRIVATE_API
+#include "libntlmauth/smb.h"
+
+//#include "std-defines.h"
#include <unistd.h>
-#include "byteorder.h" /* Hmmm ... hot good */
+//#include "byteorder.h" /* Hmmm ... not good */
#ifndef max
#define max(a,b) ((a) < (b) ? (b) : (a))
#define SMB_FLG2_EXT_ATR 0x02 /* We know about Extended Attributes */
#define SMB_FLG2_LNG_NAM 0x04 /* Long names ? */
+/* Not good */
+#if 0
typedef unsigned short WORD;
typedef unsigned short UWORD;
typedef unsigned int ULONG;
typedef unsigned char BYTE;
typedef unsigned char UCHAR;
+#endif
/* Some macros to allow access to actual packet data so that we */
/* can change the underlying representation of packets. */
/* We define these as offsets into a char SMB[] array for the */
/* sake of portability */
-/* NOTE!. Some of the leng
ht defines, SMB_<protreq>_len do not include */
+/* NOTE!. Some of the leng
th defines, SMB_<protreq>_len do not include */
/* the data that follows in the SMB packet, so the code will have to */
/* take that into account. */
} status;
} SMB_Status;
-typedef struct SMB_Tree_Structure *SMB_Tree_Handle;
-
-typedef struct SMB_Connect_Def *SMB_Handle_Type;
-
-struct SMB_Connect_Def {
-
- SMB_Handle_Type Next_Con, Prev_Con; /* Next and previous conn */
- int protocol; /* What is the protocol */
- int prot_IDX; /* And what is the index */
- void *Trans_Connect; /* The connection */
-
- /* All these strings should be malloc'd */
-
- char service[80], username[80], password[80], desthost[80], sock_options[80];
- char address[80], myname[80];
-
- SMB_Tree_Handle first_tree, last_tree; /* List of trees on this server */
-
- int gid; /* Group ID, do we need it? */
- int mid; /* Multiplex ID? We might need one per con */
- int pid; /* Process ID */
-
- int uid; /* Authenticated user id. */
-
- /* It is pretty clear that we need to bust some of */
- /* these out into a per TCon record, as there may */
- /* be multiple TCon's per server, etc ... later */
-
- int port; /* port to use in case not default, this is a TCPism! */
-
- int max_xmit; /* Max xmit permitted by server */
- int Security; /* 0 = share, 1 = user */
- int Raw_Support; /* bit 0 = 1 = Read Raw supported, 1 = 1 Write raw */
- BOOL encrypt_passwords; /* FALSE = don't */
- int MaxMPX, MaxVC, MaxRaw;
- unsigned int SessionKey, Capabilities;
- int SvrTZ; /* Server Time Zone */
- int Encrypt_Key_Len;
- char Encrypt_Key[80], Domain[80], PDomain[80], OSName[80], LMType[40];
- char Svr_OS[80], Svr_LMType[80], Svr_PDom[80];
-
-};
-
-#ifndef SMBLIB_DEFAULT_DOMAIN
+#if 0
+// #ifndef SMBLIB_DEFAULT_DOMAIN
#define SMBLIB_DEFAULT_DOMAIN "STAFF"
#endif
#define SMBLIB_DEFAULT_OSNAME "UNIX of some type"
#define SMB_Sec_Mode_Share 0
#define SMB_Sec_Mode_User 1
-/* A Tree_Structure */
-
-struct SMB_Tree_Structure {
-
- SMB_Tree_Handle next, prev;
- SMB_Handle_Type con;
- char path[129];
- char device_type[20];
- int mbs; /* Local MBS */
- int tid;
-
-};
-
typedef struct SMB_File_Def SMB_File;
struct SMB_File_Def {
-
SMB_Tree_Handle tree;
char filename[256]; /* We should malloc this ... */
- UWORD fid;
+ unsigned short /*UWORD*/ fid;
unsigned int lastmod;
unsigned int size; /* Could blow up if 64bit files supported */
- UWORD access;
+ unsigned short /*UWORD*/ access;
off_t fileloc;
-
};
/* global Variables for the library */
-
extern SMB_State_Types SMBlib_State;
-
-#ifndef SMBLIB_ERRNO
extern int SMBlib_errno;
extern int SMBlib_SMB_Error; /* last Error */
-#endif
-
-extern SMB_Tree_Handle SMB_TreeConnect(SMB_Handle_Type con, SMB_Tree_Handle tree,
- char *path, char *password, char const *dev);
-extern int SMB_Init(void);
extern void SMB_Get_My_Name(char *name, int len);
-extern int SMB_Negotiate(SMB_Handle_Type Con_Handle, char const *Prots[]);
-extern int SMB_Discon(SMB_Handle_Type Con_Handle, BOOL KeepHandle);
-
-extern int SMB_Logon_Server(SMB_Handle_Type Con_Handle, char *UserName,
- char *PassWord, char *UserDomain, int precrypted);
+extern int SMB_Discon(SMB_Handle_Type Con_Handle, int KeepHandle);
extern int SMB_Get_Error_Msg(int msg, char *msgbuf, int len);
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
+#define SQUID_NO_ALLOC_PROTECT 1
+#include "config.h"
+#include "libntlmauth/rfcnb.h"
+#include "libntlmauth/smblib-priv.h"
+#include "libntlmauth/smb-byteorder.h"
-#include "smblib-priv.h"
-#include <stdlib.h>
#include <string.h>
-#include "rfcnb.h"
-
/* local functions */
char * SMB_DOSTimToStr(int DOS_time);
-char * SMB_AtrToStr(int attribs, BOOL verbose);
+char * SMB_AtrToStr(int attribs, int verbose);
int SMB_Get_Tree_MBS(SMB_Tree_Handle tree);
int SMB_Get_Max_Buf_Siz(SMB_Handle_Type Con_Handle);
int SMB_Get_Protocol_IDX(SMB_Handle_Type Con_Handle);
int SMB_Get_Protocol(SMB_Handle_Type Con_Handle);
int SMB_Figure_Protocol(char const *dialects[], int prot_index);
-int SMB_TreeDisconnect(SMB_Tree_Handle Tree_Handle, BOOL discard);
+int SMB_TreeDisconnect(SMB_Tree_Handle Tree_Handle, int discard);
// int SMB_Get_Last_Error(void);
int SMB_Get_Last_SMB_Err(void);
/* Print out an SMB pkt in all its gory detail ... */
#if 0 // DEAD CODE
void
-SMB_Print_Pkt(FILE fd, RFCNB_Pkt * pkt, BOOL command, int Offset, int Len)
+SMB_Print_Pkt(FILE fd, RFCNB_Pkt * pkt, int command, int Offset, int Len)
{
/* Well, just how do we do this ... print it I suppose */
DOS_month = (DOS_time & 0x01E00000) >> 21;
DOS_year = ((DOS_time & 0xFE000000) >> 25) + 80;
- sprintf(SMB_Time_Temp, "%2d/%02d/%2d %2d:%02d:%02d", DOS_day, DOS_month,
- DOS_year, DOS_hour, DOS_min, DOS_sec);
+ snprintf(SMB_Time_Temp, 48, "%2d/%02d/%2d %2d:%02d:%02d", DOS_day, DOS_month,
+ DOS_year, DOS_hour, DOS_min, DOS_sec);
return (SMB_Time_Temp);
* true, we print out long form of strings ...
*/
char *
-SMB_AtrToStr(int attribs, BOOL verbose)
+SMB_AtrToStr(int attribs, int verbose)
{
static char SMB_Attrib_Temp[128];
}
int
-SMB_TreeDisconnect(SMB_Tree_Handle Tree_Handle, BOOL discard)
+SMB_TreeDisconnect(SMB_Tree_Handle Tree_Handle, int discard)
{
struct RFCNB_Pkt *pkt;
int pkt_len;
/* What about the tree handle ? */
- if (discard == TRUE) { /* Unlink it and free it ... */
+ if (discard) { /* Unlink it and free it ... */
if (Tree_Handle->next == NULL)
Tree_Handle->con->first_tree = Tree_Handle->prev;
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
-
+#define SQUID_NO_ALLOC_PROTECT 1
#include "config.h"
-#include <stdlib.h>
+
+#include "libntlmauth/rfcnb.h"
+#include "libntlmauth/smblib-priv.h"
+#include "libntlmauth/smb-byteorder.h"
+//#include "smbencrypt.h"
+
#include <ctype.h>
+#include <signal.h>
#include <string.h>
int SMBlib_errno;
int SMBlib_SMB_Error;
-#define SMBLIB_ERRNO
-#define uchar unsigned char
-#include "smblib-priv.h"
-
-#include "rfcnb.h"
-#include "smbencrypt.h"
-
-#include <signal.h>
+SMB_State_Types SMBlib_State;
/* local functions */
int SMB_Term(void);
SMB_Handle_Type SMB_Create_Con_Handle(void);
-int SMBlib_Set_Sock_NoDelay(SMB_Handle_Type Con_Handle, BOOL yn);
-SMB_Handle_Type SMB_Connect_Server(SMB_Handle_Type Con_Handle, char *server, char *NTdomain);
-SMB_Handle_Type SMB_Connect(SMB_Handle_Type Con_Handle, SMB_Tree_Handle * tree, char *service, char *username, char *password);
-
+int SMBlib_Set_Sock_NoDelay(SMB_Handle_Type Con_Handle, int yn);
-/* #define DEBUG */
-SMB_State_Types SMBlib_State;
-
-/* Initialize the SMBlib package */
+/** Initialize the SMBlib package */
int
SMB_Init()
{
-
SMBlib_State = SMB_State_Started;
-
signal(SIGPIPE, SIG_IGN); /* Ignore these ... */
/* If SMBLIB_Instrument is defines, turn on the instrumentation stuff */
#ifdef SMBLIB_INSTRUMENT
-
SMBlib_Instrument_Init();
-
#endif
-
return 0;
-
}
int
SMB_Term()
{
-
#ifdef SMBLIB_INSTRUMENT
-
SMBlib_Instrument_Term(); /* Clean up and print results */
-
#endif
-
return 0;
-
}
/**
}
int
-SMBlib_Set_Sock_NoDelay(SMB_Handle_Type Con_Handle, BOOL yn)
+SMBlib_Set_Sock_NoDelay(SMB_Handle_Type Con_Handle, int yn)
{
if (RFCNB_Set_Sock_NoDelay(Con_Handle->Trans_Connect, yn) < 0) {
fprintf(stderr, "Setting no-delay on TCP socket failed ...\n");
int i;
/* Get a connection structure if one does not exist */
-
con = Con_Handle;
if (Con_Handle == NULL) {
-
if ((con = (struct SMB_Connect_Def *) malloc(sizeof(struct SMB_Connect_Def))) == NULL) {
-
-
SMBlib_errno = SMBlibE_NoSpace;
return NULL;
}
}
- /* Init some things ... */
+ /* Init some things ... */
strcpy(con->service, "");
strcpy(con->username, "");
strcpy(con->password, "");
}
}
-
con->port = 0; /* No port selected */
/* Get some things we need for the SMB Header */
-
con->pid = getpid();
con->mid = con->pid; /* This will do for now ... */
con->uid = 0; /* Until we have done a logon, no uid ... */
con->port);
/* Did we get one? */
-
if (con->Trans_Connect == NULL) {
-
if (Con_Handle == NULL) {
Con_Handle = NULL;
free(con);
}
return (con);
-
}
/* SMB_Connect: Connect to the indicated server */
int i;
/* Get a connection structure if one does not exist */
-
con = Con_Handle;
if (Con_Handle == NULL) {
-
if ((con = (struct SMB_Connect_Def *) malloc(sizeof(struct SMB_Connect_Def))) == NULL) {
-
SMBlib_errno = SMBlibE_NoSpace;
return NULL;
}
}
- /* Init some things ... */
+ /* Init some things ... */
strcpy(con->service, service);
strcpy(con->username, username);
strcpy(con->password, password);
con->port = 0; /* No port selected */
/* Get some things we need for the SMB Header */
-
con->pid = getpid();
con->mid = con->pid; /* This will do for now ... */
con->uid = 0; /* Until we have done a logon, no uid */
con->gid = getgid();
/* Now figure out the host portion of the service */
-
strcpy(temp, service);
host = (char *) strtok(temp, "/\\"); /* Separate host name portion */
strcpy(con->desthost, host);
/* Did we get one? */
if (con->Trans_Connect == NULL) {
-
if (Con_Handle == NULL) {
free(con);
Con_Handle = NULL;
}
SMBlib_errno = -SMBlibE_CallFailed;
return NULL;
-
}
/* Now, negotiate the protocol */
return NULL;
}
return (con);
-
}
/* Logon to the server. That is, do a session setup if we can. We do not do */
/* Unicode yet! */
-
int
SMB_Logon_Server(SMB_Handle_Type Con_Handle, char *UserName,
char *PassWord, char *UserDomain, int precrypted)
/* First we need a packet etc ... but we need to know what protocol has */
/* been negotiated to figure out if we can do it and what SMB format to */
/* use ... */
-
if (Con_Handle->protocol < SMB_P_LanMan1) {
-
SMBlib_errno = SMBlibE_ProtLow;
return (SMBlibE_BAD);
-
}
if (precrypted) {
pass_len = 24;
strcpy(pword, PassWord);
if (Con_Handle->encrypt_passwords) {
pass_len = 24;
- SMBencrypt((uchar *) PassWord, (uchar *) Con_Handle->Encrypt_Key, (uchar *) pword);
+ SMBencrypt((unsigned char *) PassWord, (unsigned char *) Con_Handle->Encrypt_Key, (unsigned char *) pword);
} else
pass_len = strlen(pword);
}
/* Now build the correct structure */
-
if (Con_Handle->protocol < SMB_P_NT1) {
param_len = strlen(UserName) + 1 + pass_len + 1 +
}
/* Now send it and get a response */
-
if (RFCNB_Send(Con_Handle->Trans_Connect, pkt, pkt_len) < 0) {
-
#ifdef DEBUG
fprintf(stderr, "Error sending SessSetupX request\n");
#endif
-
RFCNB_Free_Pkt(pkt);
SMBlib_errno = SMBlibE_SendFailed;
return (SMBlibE_BAD);
-
}
- /* Now get the response ... */
+ /* Now get the response ... */
if (RFCNB_Recv(Con_Handle->Trans_Connect, pkt, pkt_len) < 0) {
-
#ifdef DEBUG
fprintf(stderr, "Error receiving response to SessSetupAndX\n");
#endif
-
RFCNB_Free_Pkt(pkt);
SMBlib_errno = SMBlibE_RecvFailed;
return (SMBlibE_BAD);
-
}
- /* Check out the response type ... */
+ /* Check out the response type ... */
if (CVAL(SMB_Hdr(pkt), SMB_hdr_rcls_offset) != SMBC_SUCCESS) { /* Process error */
-
#ifdef DEBUG
fprintf(stderr, "SMB_SessSetupAndX failed with errorclass = %i, Error Code = %i\n",
CVAL(SMB_Hdr(pkt), SMB_hdr_rcls_offset),
SVAL(SMB_Hdr(pkt), SMB_hdr_err_offset));
#endif
-
SMBlib_SMB_Error = IVAL(SMB_Hdr(pkt), SMB_hdr_rcls_offset);
RFCNB_Free_Pkt(pkt);
SMBlib_errno = SMBlibE_Remote;
return (SMBlibE_BAD);
-
}
+
/** @@@ mdz: check for guest login { **/
if (SVAL(SMB_Hdr(pkt), SMB_ssetpr_act_offset) & 0x1) {
/* do we allow guest login? NO! */
return (SMBlibE_BAD);
-
}
/** @@@ mdz: } **/
-
#ifdef DEBUG
fprintf(stderr, "SessSetupAndX response. Action = %i\n",
SVAL(SMB_Hdr(pkt), SMB_ssetpr_act_offset));
#endif
/* Now pick up the UID for future reference ... */
-
Con_Handle->uid = SVAL(SMB_Hdr(pkt), SMB_hdr_uid_offset);
RFCNB_Free_Pkt(pkt);
-
return (0);
-
}
-
/* Disconnect from the server, and disconnect all tree connects */
-
int
-SMB_Discon(SMB_Handle_Type Con_Handle, BOOL KeepHandle)
+SMB_Discon(SMB_Handle_Type Con_Handle, int KeepHandle)
{
-
/* We just disconnect the connection for now ... */
if (Con_Handle != NULL)
RFCNB_Hangup(Con_Handle->Trans_Connect);
free(Con_Handle);
return (0);
-
}
#include "config.h"
+#include "libntlmauth/ntlmauth.h"
+#include "libntlmauth/smblmauth.h"
+#include "libntlmauth/smb.h"
#if HAVE_SYS_TYPES_H
#include <sys/types.h>
#include <string.h>
#endif
-#include "smblib-priv.h"
-#include "valid.h"
-
-SMB_Handle_Type SMB_Connect_Server(void *, char *, char *);
-
+/** Do a full authentication sequence against the given server with user/pass/domain.
+ * Password is pre-encrypted.
+ */
int
-Valid_User(char *username, char *password, char *server, char *backup, char *domain)
+smblm_authenticate_atomic(char *username, char *password, char *server, char *backup, char *domain)
{
int pass_is_precrypted_p = 0;
char const *supportedDialects[] = {
if (con == NULL) { /* Error ... */
con = SMB_Connect_Server(NULL, backup, domain);
if (con == NULL) {
- return (NTV_SERVER_ERROR);
+ return SMBLM_ERR_SERVER;
}
}
if (SMB_Negotiate(con, supportedDialects) < 0) { /* An error */
SMB_Discon(con, 0);
- return (NTV_PROTOCOL_ERROR);
+ return SMBLM_ERR_PROTOCOL;
}
/* Test for a server in share level mode do not authenticate against it */
if (con->Security == 0) {
SMB_Discon(con, 0);
- return (NTV_PROTOCOL_ERROR);
+ return SMBLM_ERR_PROTOCOL;
}
if (SMB_Logon_Server(con, username, password, domain, pass_is_precrypted_p) < 0) {
SMB_Discon(con, 0);
- return (NTV_LOGON_ERROR);
+ return SMBLM_ERR_LOGON;
}
SMB_Discon(con, 0);
- return (NTV_NO_ERROR);
+ return SMBLM_ERR_NONE;
}
+/** Fetches a SMB LanMan challenge nonce from the given server. */
void *
-NTLM_Connect(char *server, char *backup, char *domain, char *nonce)
+smblm_get_nonce(char *server, char *backup, char *domain, char *nonce)
{
char const *SMB_Prots[] = {
/* "PC NETWORK PROGRAM 1.0", */
return (NULL);
}
}
+
if (SMB_Negotiate(con, SMB_Prots) < 0) { /* An error */
SMB_Discon(con, 0);
return (NULL);
}
+
/* Test for a server in share level mode do not authenticate against it */
if (con->Security == 0) {
SMB_Discon(con, 0);
return (NULL);
}
- memcpy(nonce, con->Encrypt_Key, 8);
+ memcpy(nonce, con->Encrypt_Key, 8);
return (con);
}
+/** Authenticate with given username/password */
int
-NTLM_Auth(void *handle, char *username, char *password, int flag)
+smblm_authenticate(void *handle, char *username, char *password, int flag)
{
SMB_Handle_Type con = handle;
if (SMB_Logon_Server(con, username, password, NULL, flag) < 0) {
- return (NTV_LOGON_ERROR);
+ return SMBLM_ERR_LOGON;
}
- return (NTV_NO_ERROR);
-}
-
-void
-NTLM_Disconnect(void *handle)
-{
- SMB_Handle_Type con = handle;
- SMB_Discon(con, 0);
+ return SMBLM_ERR_NONE;
}
--- /dev/null
+#ifndef _LIBNTLMAUTH_SMBLMAUTH_H
+#define _LIBNTLMAUTH_SMBLMAUTH_H
+
+/* TODO: copyright. who owns this? there was none in the original code!! */
+/* Maybe Richard Sharpe or maybe not. */
+
+/* SMB LM Error Codes */
+#define SMBLM_ERR_NONE 0
+#define SMBLM_ERR_SERVER 1
+#define SMBLM_ERR_PROTOCOL 2
+#define SMBLM_ERR_LOGON 3
+
+/**
+ * Connect to a SMB LanMan server and authenticate the provided credentials.
+ *
+ * TODO: const-correctness on the parameters.
+ */
+extern int smblm_authenticate_atomic(char *username,
+ char *password,
+ char *server,
+ char *backup,
+ char *domain);
+
+/** Fetches a SMB LanMan challenge nonce from the given server. */
+void * smblm_get_nonce(char *server,
+ char *backup,
+ char *domain,
+ char *nonce);
+
+/** Authenticate with given username/password */
+int smblm_authenticate(void *handle,
+ char *username,
+ char *password,
+ int flag);
+
+/** Disconnect a handle from use */
+#define smblm_disconnect(x) SMB_Discon(X, 0)
+
+#endif /* _LIBNTLMAUTH_SMBLMAUTH_H */
-/*
- * (C) 2005 Guido Serassio <guido.serassio@acmeconsulting.it>
- * Based on previous work of Francesco Chemolli and Robert Collins
- * Distributed freely under the terms of the GNU General Public License,
- * version 2. See the file COPYING for licensing details
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
+#ifndef _SQUID_LIBNTLMAUTH_SUPPORT_BITS_CCI
+#define _SQUID_LIBNTLMAUTH_SUPPORT_BITS_CCI
+
+#if HAVE_STRING_H
+#include <string.h>
+#endif
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+/*
+ * Defines several functions which are used and mutually shared by the NTLM helpers
+ * These do not (yet) have a defined stable home to go to.
+ * For now include this file into helper main .cc where needed.
*/
-typedef unsigned char uchar;
+/* makes a null-terminated string upper-case. Changes CONTENTS! */
+static void
+uc(char *string)
+{
+ char *p = string, c;
+ while ((c = *p)) {
+ *p = xtoupper(c);
+ p++;
+ }
+}
-#include "util.h"
-#include "negotiate.h"
-#if HAVE_CTYPE_H
-#include <ctype.h>
-#endif
+/* makes a null-terminated string lower-case. Changes CONTENTS! */
+static void
+lc(char *string)
+{
+ char *p = string, c;
+ while ((c = *p)) {
+ *p = xtolower(c);
+ p++;
+ }
+}
-void
-hex_dump(void *data, int size)
+static void
+hex_dump(unsigned char *data, int size)
{
/* dumps size bytes of *data to stdout. Looks like:
* [0000] 75 6E 6B 6E 6F 77 6E 20
for (n = 1; n <= size; n++) {
if (n % 16 == 1) {
/* store address for this line */
- snprintf(addrstr, sizeof(addrstr), "%.4x",
- ((unsigned int) p - (unsigned int) data));
+ snprintf(addrstr, sizeof(addrstr), "%.4x", (int) (p - data));
}
c = *p;
if (xisalnum(c) == 0) {
strncat(hexstr, " ", sizeof(hexstr) - strlen(hexstr) - 1);
strncat(charstr, " ", sizeof(charstr) - strlen(charstr) - 1);
}
- p++; /* next byte */
+ p++; /* next byte */
}
if (strlen(hexstr) > 0) {
}
}
}
+
+#endif /* _SQUID_LIBNTLMAUTH_SUPPORT_BITS_CCI */
cd $tmpdir
./bootstrap.sh
-eval `grep "^ *VERSION=" configure | sed -e 's/-BZR//'`
-eval `grep "^ *PACKAGE=" configure`
+eval `grep "^ *PACKAGE_VERSION=" configure | sed -e 's/-BZR//' | sed -e 's/PACKAGE_//'`
+eval `grep "^ *PACKAGE_TARNAME=" configure | sed -e 's/_TARNAME//'`
if [ ${name} != ${PACKAGE}-${VERSION} ]; then
echo "ERROR! The tag and configure version numbers do not match!"
echo "${name} != ${PACKAGE}-${VERSION}"
#!/bin/sh -e
# Nightly cron job to generate snapshot releases
top=$PWD
-versions=/server/httpd/htdocs/squid-cache.org/Versions/
+versions=/server/httpd/htdocs/squid-cache.org/content/Versions/
TMPDIR=/home/squidadm/$LOGNAME.cron
export TMPDIR
if [ -d $TMPDIR ]; then
# autotool derived files not kept in trunk, but still need to bootstrap for make dist
../commit/bootstrap squid-3
-make_snapshot ../commit/squid-3/mksnapshot.sh trunk v3 HEAD 6
+make_snapshot ../commit/squid-3/mksnapshot.sh trunk v3 3.HEAD 6
rm -f /server/httpd/htdocs/squid-cache.org/CONTRIBUTORS.new
cp ../commit/squid-3/CONTRIBUTORS /server/httpd/htdocs/squid-cache.org/CONTRIBUTORS.new
chmod 444 /server/httpd/htdocs/squid-cache.org/CONTRIBUTORS.new
-mv -f /server/httpd/htdocs/squid-cache.org/CONTRIBUTORS.new /server/httpd/htdocs/squid-cache.org/CONTRIBUTORS.txt
+mv -f /server/httpd/htdocs/squid-cache.org/CONTRIBUTORS.new /server/httpd/htdocs/squid-cache.org/content/CONTRIBUTORS.txt
rm -f /server/httpd/htdocs/squid-cache.org/SPONSORS.new
cp ../commit/squid-3/SPONSORS /server/httpd/htdocs/squid-cache.org/SPONSORS.new
chmod 444 /server/httpd/htdocs/squid-cache.org/SPONSORS.new
-mv -f /server/httpd/htdocs/squid-cache.org/SPONSORS.new /server/httpd/htdocs/squid-cache.org/SPONSORS.txt
+mv -f /server/httpd/htdocs/squid-cache.org/SPONSORS.new /server/httpd/htdocs/squid-cache.org/content/SPONSORS.txt
../commit/bootstrap squid-3.1
make_snapshot ../commit/squid-3/mksnapshot.sh branches/SQUID_3_1 v3 3.1 3
-../commit/bootstrap squid-3.0
-make_snapshot ../commit/squid-3/mksnapshot.sh branches/SQUID_3_0 v3 3.0 3
+#../commit/bootstrap squid-3.0
+#make_snapshot ../commit/squid-3/mksnapshot.sh branches/SQUID_3_0 v3 3.0 3
../commit/bootstrap squid-2
make_snapshot ../commit/squid-2/mksnapshot.sh HEAD v2 HEAD 3
BZRROOT=${BZRROOT:-/bzr}
# generate a tarball name from the branch ($1) note that trunk is at
-# /bzr/trunk, but we call it HEAD for consistency with CVS (squid 2.x), and
+# /bzr/trunk, but we call it 3.HEAD for consistency with CVS (squid 2.x), and
# branches are in /bzr/branches/ but we don't want 'branches/' in the tarball
# name so we strip that.
branchpath=${1:-trunk}
rm -f ${tag}.out
bzr export $tmpdir $BZRROOT/$module/$branchpath || exit 1
-if [ ! -f $tmpdir/configyre ] && [ -f $tmpdir/configure.in ]; then
+if [ ! -f $tmpdir/configure ] && [ -f $tmpdir/configure.in ]; then
sh -c "cd $tmpdir && ./bootstrap.sh"
fi
if [ ! -f $tmpdir/configure ]; then
fi
cd $tmpdir
-eval `grep "^ *VERSION=" configure | sed -e 's/-BZR//' | sed -e 's/-CVS//'`
-eval `grep "^ *PACKAGE=" configure`
+eval `grep "^ *PACKAGE_VERSION=" configure | sed -e 's/-BZR//' | sed -e 's/PACKAGE_//'`
+eval `grep "^ *PACKAGE_TARNAME=" configure | sed -e 's/_TARNAME//'`
ed -s configure.in <<EOS
g/${VERSION}-[A-Z]*/ s//${VERSION}-${date}/
w
w
EOS
+echo "STATE..."
+echo "PACKAGE: ${PACKAGE}"
+echo "VERSION: ${VERSION}"
+echo "TAG: ${tag}"
+echo "STARTDIR: ${startdir}"
+echo "TMPDIR: ${tmpdir}"
+
./test-builds.sh --cleanup || exit 1
./configure --silent
make -s dist-all
-basetarball=/server/httpd/htdocs/squid-cache.org/Versions/v`echo $VERSION | cut -d. -f1`/`echo $VERSION | cut -d. -f-2|cut -d- -f1`/${PACKAGE}-${VERSION}.tar.bz2
-if (echo $VERSION | grep PRE) || (echo $VERSION | grep STABLE); then
- if [ -f $basetarball ]; then
- tar jxf ${PACKAGE}-${VERSION}-${date}.tar.bz2
- tar jxf $basetarball
- echo "Differences from ${PACKAGE}-${VERSION} to ${PACKAGE}-${VERSION}-${date}" >${PACKAGE}-${VERSION}-${date}.diff
- diff -ruN ${PACKAGE}-${VERSION} ${PACKAGE}-${VERSION}-${date} >>${PACKAGE}-${VERSION}-${date}.diff || true
- else
- #cvs -q rdiff -u -r SQUID_`echo $VERSION | tr .- __` -r $tag $module >>${PACKAGE}-${VERSION}-${date}.diff || true
- fi
-elif [ -f STABLE_BRANCH ]; then
- #stable=`cat STABLE_BRANCH`
- #echo "Differences from ${stable} to ${PACKAGE}-${VERSION}-${date}" >${PACKAGE}-${VERSION}-${date}.diff
- #cvs -q rdiff -u -r $stable -r $tag $module >>${PACKAGE}-${VERSION}-${date}.diff
+webbase=/server/httpd/htdocs/squid-cache.org/content/
+basetarball=${webbase}/Versions/v`echo $VERSION | cut -d. -f1`/`echo $VERSION | cut -d. -f-2|cut -d- -f1`/${PACKAGE}-${VERSION}.tar.bz2
+
+echo "Building Tarball diff (${basetarball}) ..."
+if [ -f $basetarball ]; then
+ tar jxf ${PACKAGE}-${VERSION}-${date}.tar.bz2
+ tar jxf $basetarball
+ echo "Differences from ${PACKAGE}-${VERSION} to ${PACKAGE}-${VERSION}-${date}" >${PACKAGE}-${VERSION}-${date}.diff
+ diff -ruN ${PACKAGE}-${VERSION} ${PACKAGE}-${VERSION}-${date} >>${PACKAGE}-${VERSION}-${date}.diff || true
+else
+ echo "Building Tarball diff ... skipped (no tarball exists)."
fi
cd $startdir
+echo "Preparing to publish: $tmpdir/${PACKAGE}-${VERSION}-${date}.tar.* ..."
+#echo "LOCAL: " ; pwd
+#echo "BUILT TARS: " ; ls -1 $tmpdir/*.tar.* || true
+
cp -p $tmpdir/${PACKAGE}-${VERSION}-${date}.tar.gz .
echo ${PACKAGE}-${VERSION}-${date}.tar.gz >>${tag}.out
cp -p $tmpdir/${PACKAGE}-${VERSION}-${date}.tar.bz2 .
for f in `ls -1 ${tmpdir}/doc/manuals/*.1 ${tmpdir}/doc/manuals/*.8 2>/dev/null` ; do
cat ${f} | groff -E -Thtml -mandoc >${f}.html
done
- sh -c "cd ${tmpdir}/doc/manuals && tar -zcf $PWD/${PACKAGE}-${VERSION}-${date}-manuals.tar.gz *.html *.1 *.8"
+ sh -c "cd ${tmpdir}/doc/manuals && tar -zcf ${PWD}/${PACKAGE}-${VERSION}-${date}-manuals.tar.gz *.html *.1 *.8"
echo ${PACKAGE}-${VERSION}-${date}-manuals.tar.gz >>${tag}.out
fi
# Generate language-pack tarballs
-# NP: Only to be done on HEAD branch.
-if test "${VERSION}" = "3.HEAD" ; then
+# NP: Only to be done on trunk.
+if test "${tag}" = "trunk" ; then
sh -c "cd $tmpdir/errors && tar -zcf ${PWD}/${PACKAGE}-${VERSION}-${date}-langpack.tar.gz ./*/* ./alias* ./TRANSLATORS ./COPYRIGHT "
echo ${PACKAGE}-${VERSION}-${date}-langpack.tar.gz >>${tag}.out
fi
[type: man] helpers/basic_auth/RADIUS/basic_radius_auth.8 $lang:doc/manuals/$lang/basic_radius_auth.8
+[type: man] helpers/basic_auth/SASL/basic_sasl_auth.8 $lang:doc/manuals/$lang/basic_sasl_auth.8
+
+[type: man] helpers/digest_auth/file/digest_file_auth.8 $lang:doc/manuals/$lang/digest_file_auth.8
+
[type: man] helpers/external_acl/ldap_group/squid_ldap_group.8 $lang:doc/manuals/$lang/squid_ldap_group.8
[type: man] helpers/external_acl/session/squid_session.8 $lang:doc/manuals/$lang/squid_session.8
#!/bin/sh
#
+# This script contains the code run to perform automatic source maintenance
+#
+
+## Source Code Format Enforcement
+#
# A checker to recursively reformat all source files: .h .c .cc .cci
# using a custom astyle formatter and to use MD5 to validate that
# the formatter has not altered the code syntax.
# On squid-cache.org we have to use the python scripted md5sum
HOST=`hostname`
if test "$HOST" = "squid-cache.org" ; then
- MD5="python /usr/local/share/python2.4/Tools/scripts/md5sum.py -"
+ MD5="md5"
else
MD5="md5sum"
fi
ROOT=`bzr root`
+
+srcformat ()
+{
PWD=`pwd`
+echo "FORMAT: ${PWD}..."
+
for FILENAME in `ls -1`; do
case ${FILENAME} in
*.h|*.c|*.cc|*.cci)
+ #
+ # Code Style formatting maintenance
+ #
${ROOT}/scripts/formater.pl ${FILENAME}
-
if test -e $FILENAME -a -e "$FILENAME.astylebak"; then
md51=`cat $FILENAME| tr -d "\n \t\r" | $MD5`;
md52=`cat $FILENAME.astylebak| tr -d "\n \t\r" | $MD5`;
else
rm -f $FILENAME.astylebak
fi
- continue
fi
+
+ #
+ # DEBUG Section list maintenance
+ #
+ grep " DEBUG: section" <${FILENAME} | sed -e 's/ \* DEBUG: //' >>${ROOT}/doc/debug-sections.tmp
+
+ #
+ # File permissions maintenance.
+ #
+ chmod 644 ${FILENAME}
+ ;;
+
+ *.pl|*.sh)
+ #
+ # File permissions maintenance.
+ #
+ chmod 755 ${FILENAME}
;;
Makefile.am)
esac
- if test -d $FILENAME ; then
+ if test "$FILENAME" = "libltdl" ; then
+ :
+ elif test -d $FILENAME ; then
cd $FILENAME
- $ROOT/scripts/srcformat.sh || exit 1
+ srcformat ${ROOT} || exit 1
cd ..
fi
done
+}
+
+echo "" >${ROOT}/doc/debug-sections.tmp
+srcformat || exit 1
+sort -u <${ROOT}/doc/debug-sections.tmp | sort -n >${ROOT}/doc/debug-sections.txt
+rm ${ROOT}/doc/debug-sections.tmp
#if HAVE_MEMORY_H
#include <memory.h>
#endif
-#ifdef HAVE_STRING_H
+#if HAVE_STRING_H
#include <string.h>
#endif
-#ifdef HAVE_STRINGS_H
+#if HAVE_STRINGS_H
#include <strings.h>
#endif
#if HAVE_BSTRING_H
#if HAVE_MEMORY_H
#include <memory.h>
#endif
-#ifdef HAVE_STRING_H
+#if HAVE_STRING_H
#include <string.h>
#endif
-#ifdef HAVE_STRINGS_H
+#if HAVE_STRINGS_H
#include <strings.h>
#endif
#if HAVE_BSTRING_H
case SNMP_PDU_GET:
case SNMP_PDU_GETNEXT:
-#ifdef SNMP_PDU_SET
+#if SNMP_PDU_SET
case SNMP_PDU_SET:
#endif
return (1);
SOFTWARE.
******************************************************************/
+#define SQUID_NO_STRING_BUFFER_PROTECT 1
#include "config.h"
#include <stdio.h>
#if HAVE_MEMORY_H
#include <memory.h>
#endif
-#ifdef HAVE_STRING_H
+#if HAVE_STRING_H
#include <string.h>
#endif
-#ifdef HAVE_STRINGS_H
+#if HAVE_STRINGS_H
#include <strings.h>
#endif
#if HAVE_BSTRING_H
#if HAVE_MEMORY_H
#include <memory.h>
#endif
-#ifdef HAVE_STRING_H
+#if HAVE_STRING_H
#include <string.h>
#endif
-#ifdef HAVE_STRINGS_H
+#if HAVE_STRINGS_H
#include <strings.h>
#endif
#if HAVE_BSTRING_H
snmplib_debug(0, "%s: On or around line %d\n", string, Line);
}
-#ifdef TEST
+#if TEST
print_subtree(tree, count)
struct snmp_mib_tree *tree;
int count;
xfree(oldnp);
}
-#ifndef TEST
+#if !TEST
static
#endif
struct snmp_mib_tree *
init_node_hash(nodes);
/* XXX nodes isn't needed in do_subtree() ??? */
do_subtree(tp, &nodes);
-#ifdef TEST
+#if TEST
print_subtree(tp, 0);
#endif /* TEST */
/* If any nodes are left, the tree is probably inconsistent */
* Parses a mib file and returns a linked list of nodes found in the file.
* Returns NULL on error.
*/
-#ifndef TEST
+#if !TEST
static
#endif
struct node *
return NULL;
}
}
-#ifdef TEST
+#if TEST
{
struct enum_list *ep;
#if HAVE_MEMORY_H
#include <memory.h>
#endif
-#ifdef HAVE_STRING_H
+#if HAVE_STRING_H
#include <string.h>
#endif
-#ifdef HAVE_STRINGS_H
+#if HAVE_STRINGS_H
#include <strings.h>
#endif
#if HAVE_BSTRING_H
*
***************************************************************************/
-#ifdef HAVE_CONFIG_H
+#if HAVE_CONFIG_H
#include "config.h"
#endif /* HAVE_CONFIG_H */
#if HAVE_MEMORY_H
#include <memory.h>
#endif
-#ifdef HAVE_STRING_H
+#if HAVE_STRING_H
#include <string.h>
#endif
-#ifdef HAVE_STRINGS_H
+#if HAVE_STRINGS_H
#include <strings.h>
#endif
#if HAVE_BSTRING_H
/* Cool. Now insert the appropriate lengths.
*/
-#ifdef DEBUG_MSG_ENCODE
+#if DEBUG_MSG_ENCODE
snmplib_debug(9, "Msg: Vars returned 0x%x. PDU Started at 0x%x\n",
bufp, PDUHeaderPtr);
snmplib_debug(9, "MSG: Entire PDU length is %d (0x%x - 0x%x)\n",
if (tmp == NULL)
return (NULL);
-#ifdef DEBUG_MSG_ENCODE
+#if DEBUG_MSG_ENCODE
snmplib_debug(9, "MSG: Entire message length is %d (0x%x - 0x%x)\n",
(int) (bufp - MsgPtr), MsgPtr, bufp);
#endif
#if HAVE_MEMORY_H
#include <memory.h>
#endif
-#ifdef HAVE_STRING_H
+#if HAVE_STRING_H
#include <string.h>
#endif
-#ifdef HAVE_STRINGS_H
+#if HAVE_STRINGS_H
#include <strings.h>
#endif
#if HAVE_BSTRING_H
snmp_pdu_create(int command) {
struct snmp_pdu *pdu;
-#ifdef DEBUG_PDU
+#if DEBUG_PDU
snmplib_debug(8, "PDU: Creating\n");
#endif
pdu->enterprise_length = 0;
pdu->variables = NULL;
-#ifdef DEBUG_PDU
+#if DEBUG_PDU
snmplib_debug(8, "PDU: Created %x\n", (unsigned int) pdu);
#endif
snmp_pdu_clone(struct snmp_pdu *Src) {
struct snmp_pdu *Dest;
-#ifdef DEBUG_PDU
+#if DEBUG_PDU
snmplib_debug(8, "PDU %x: Cloning\n", (unsigned int) Src);
#endif
}
xmemcpy((char *) Dest, (char *) Src, sizeof(struct snmp_pdu));
-#ifdef DEBUG_PDU
+#if DEBUG_PDU
snmplib_debug(8, "PDU %x: Created %x\n", (unsigned int) Src, (unsigned int) Dest);
#endif
return (Dest);
int i;
int copied = 0;
-#ifdef DEBUG_PDU
+#if DEBUG_PDU
snmplib_debug(8, "PDU %x: Fixing. Err index is %d\n",
(unsigned int) pdu, (unsigned int) pdu->errindex);
#endif
snmp_set_api_error(SNMPERR_UNABLE_TO_FIX);
return (NULL);
}
-#ifdef DEBUG_PDU
+#if DEBUG_PDU
snmplib_debug(8, "PDU %x: Fixed PDU is %x\n",
(unsigned int) pdu, (unsigned int) newpdu);
#endif
{
u_char *bufp;
-#ifdef DEBUG_PDU_ENCODE
+#if DEBUG_PDU_ENCODE
snmplib_debug(8, "PDU: Encoding %d\n", PDU->command);
#endif
switch (PDU->command) {
/**********************************************************************/
-#ifdef TRP_REQ_MSG
+#if TRP_REQ_MSG
case TRP_REQ_MSG:
/* SNMPv1 Trap */
/* Normal PDU Encoding */
/* request id */
-#ifdef DEBUG_PDU_ENCODE
+#if DEBUG_PDU_ENCODE
snmplib_debug(8, "PDU: Request ID %d (0x%x)\n", PDU->reqid, DestBuf);
#endif
bufp = asn_build_int(DestBuf, DestBufLen,
return (NULL);
/* error status */
-#ifdef DEBUG_PDU_ENCODE
+#if DEBUG_PDU_ENCODE
snmplib_debug(8, "PDU: Error Status %d (0x%x)\n", PDU->errstat, bufp);
#endif
bufp = asn_build_int(bufp, DestBufLen,
return (NULL);
/* error index */
-#ifdef DEBUG_PDU_ENCODE
+#if DEBUG_PDU_ENCODE
snmplib_debug(8, "PDU: Error index %d (0x%x)\n", PDU->errindex, bufp);
#endif
bufp = asn_build_int(bufp, DestBufLen,
u_char *bufp;
u_char PDUType;
u_char ASNType;
-#ifdef UNUSED_CODE
+#if UNUSED_CODE
int four;
oid objid[MAX_NAME_LEN];
#endif
if (bufp == NULL)
ASN_PARSE_ERROR(NULL);
-#ifdef DEBUG_PDU_DECODE
+#if DEBUG_PDU_DECODE
snmplib_debug(8, "PDU Type: %d\n", PDUType);
#endif
PDU->command = PDUType;
switch (PDUType) {
-#ifdef TRP_REQ_MSG
+#if TRP_REQ_MSG
case TRP_REQ_MSG:
/* SNMPv1 Trap Message */
if (bufp == NULL)
ASN_PARSE_ERROR(NULL);
-#ifdef DEBUG_PDU_DECODE
+#if DEBUG_PDU_DECODE
snmplib_debug(8, "PDU Request ID: %d\n", PDU->reqid);
#endif
if (bufp == NULL)
ASN_PARSE_ERROR(NULL);
-#ifdef DEBUG_PDU_DECODE
+#if DEBUG_PDU_DECODE
snmplib_debug(8, "PDU Error Status: %d\n", PDU->errstat);
#endif
if (bufp == NULL)
ASN_PARSE_ERROR(NULL);
-#ifdef DEBUG_PDU_DECODE
+#if DEBUG_PDU_DECODE
snmplib_debug(8, "PDU Error Index: %d\n", PDU->errindex);
#endif
#if HAVE_MEMORY_H
#include <memory.h>
#endif
-#ifdef HAVE_STRING_H
+#if HAVE_STRING_H
#include <string.h>
#endif
-#ifdef HAVE_STRINGS_H
+#if HAVE_STRINGS_H
#include <strings.h>
#endif
#if HAVE_BSTRING_H
snmp_var_new(oid * Name, int Len) {
struct variable_list *New;
-#ifdef DEBUG_VARS
+#if DEBUG_VARS
printf("VARS: Creating.\n");
#endif
snmp_set_api_error(SNMPERR_OS_ERR);
return (NULL);
}
-#ifdef DEBUG_VARS
+#if DEBUG_VARS
printf("VARS: Copying name, size (%d)\n", Len);
#endif
snmp_var_clone(struct variable_list *Src) {
struct variable_list *Dest;
-#ifdef DEBUG_VARS
+#if DEBUG_VARS
printf("VARS: Cloning.\n");
#endif
snmp_set_api_error(SNMPERR_OS_ERR);
return (NULL);
}
-#ifdef DEBUG_VARS
+#if DEBUG_VARS
printf("VARS: Copying entire variable list. (Size %d)\n",
sizeof(struct variable_list));
#endif
xfree(Dest);
return (NULL);
}
-#ifdef DEBUG_VARS
+#if DEBUG_VARS
printf("VARS: Copying name OID. (Size %d)\n", Src->name_length);
#endif
xmemcpy((char *) Dest->name, (char *) Src->name,
xfree(Dest);
return (NULL);
}
-#ifdef DEBUG_VARS
+#if DEBUG_VARS
printf("VARS: Copying value (Size %d)\n", Src->val_len);
#endif
xmemcpy((char *) Dest->val.string, (char *) Src->val.string, Src->val_len);
}
-#ifdef DEBUG_VARS
+#if DEBUG_VARS
printf("VARS: Cloned %x.\n", (unsigned int) Dest);
#endif
-#ifdef DEBUG_VARS_MALLOC
+#if DEBUG_VARS_MALLOC
printf("VARS: Cloned (%x)\n", (unsigned int) Dest);
printf("VARS: Name is (%x)\n", (unsigned int) Dest->name);
#endif
int ThisVarLen = 0;
VarLastP = VarP;
-#ifdef DEBUG_VARS_DECODE
+#if DEBUG_VARS_DECODE
printf("VARS: Decoding buffer of length %d\n", *BufLen);
#endif
snmp_set_api_error(SNMPERR_PDU_PARSE);
return (NULL);
}
-#ifdef DEBUG_VARS_DECODE
+#if DEBUG_VARS_DECODE
printf("VARS: All Variable length %d\n", AllVarLen);
#endif
snmp_set_api_error(SNMPERR_PDU_PARSE);
PARSE_ERROR;
}
-#ifdef DEBUG_VARS_DECODE
+#if DEBUG_VARS_DECODE
printf("VARS: Header type 0x%x (%d bytes left)\n", VarBindType, ThisVarLen);
#endif
snmp_set_api_error(SNMPERR_PDU_PARSE);
PARSE_ERROR;
}
-#ifdef DEBUG_VARS_DECODE
+#if DEBUG_VARS_DECODE
printf("VARS: Decoded OBJID (%d bytes). (%d bytes left)\n",
Var->name_length, ThisVarLen);
#endif
PARSE_ERROR;
ThisVarLen = DataLen;
-#ifdef DEBUG_VARS_DECODE
+#if DEBUG_VARS_DECODE
printf("VARS: Data type %d\n", Var->type);
#endif
bufp = asn_parse_int(DataPtr, &ThisVarLen,
&Var->type, (int *) Var->val.integer,
Var->val_len);
-#ifdef DEBUG_VARS_DECODE
+#if DEBUG_VARS_DECODE
printf("VARS: Decoded integer '%d' (%d bytes left)\n",
*(Var->val.integer), ThisVarLen);
#endif
bufp = asn_parse_unsigned_int(DataPtr, &ThisVarLen,
&Var->type, (u_int *) Var->val.integer,
Var->val_len);
-#ifdef DEBUG_VARS_DECODE
+#if DEBUG_VARS_DECODE
printf("VARS: Decoded timeticks '%d' (%d bytes left)\n",
*(Var->val.integer), ThisVarLen);
#endif
bufp = asn_parse_string(DataPtr, &ThisVarLen,
&Var->type, Var->val.string,
&Var->val_len);
-#ifdef DEBUG_VARS_DECODE
+#if DEBUG_VARS_DECODE
printf("VARS: Decoded string '%s' (length %d) (%d bytes left)\n",
(Var->val.string), Var->val_len, ThisVarLen);
#endif
if (bufp) {
xmemcpy((char *) Var->val.objid, (char *) TmpBuf, Var->val_len);
}
-#ifdef DEBUG_VARS_DECODE
+#if DEBUG_VARS_DECODE
printf("VARS: Decoded OBJID (length %d) (%d bytes left)\n",
Var->val_len, ThisVarLen);
#endif
if (bufp == NULL)
PARSE_ERROR;
-#ifdef DEBUG_VARS_DECODE
+#if DEBUG_VARS_DECODE
printf("VARS: Adding to list.\n");
#endif
/* Add variable to the list */
#include "HttpVersion.h"
#include "HttpRequestMethod.h"
#include "HierarchyLogEntry.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
#include "HttpRequestMethod.h"
#if ICAP_CLIENT
#include "adaptation/icap/Elements.h"
const char *url;
+ /** \brief This subclass holds log info for HTTP protocol
+ * \todo Inner class declarations should be moved outside
+ * \todo details of HTTP held in the parent class need moving into here.
+ */
class HttpDetails
{
}
} http;
- class ICPDetails
+ /** \brief This subclass holds log info for ICP protocol
+ * \todo Inner class declarations should be moved outside
+ */
+ class IcpDetails
{
public:
- ICPDetails() : opcode(ICP_INVALID) {}
+ IcpDetails() : opcode(ICP_INVALID) {}
icp_opcode opcode;
} icp;
+ /** \brief This subclass holds log info for HTCP protocol
+ * \todo Inner class declarations should be moved outside
+ */
class HtcpDetails
{
public:
const char *opcode;
} htcp;
+ /** \brief This subclass holds log info for Squid internal stats
+ * \todo Inner class declarations should be moved outside
+ * \todo some details relevant to particular protocols need shuffling to other sub-classes
+ * \todo this object field need renaming to 'squid' or something.
+ */
class CacheDetails
{
{;
}
- IpAddress caddr;
+ Ip::Address caddr;
int64_t requestSize;
int64_t replySize;
int requestHeadersSize; ///< received, including request line
} cache;
+ /** \brief This subclass holds log info for various headers in raw format
+ * \todo shuffle this to the relevant protocol section.
+ */
class Headers
{
// Why is this a sub-class and not a set of real "private:" fields?
// It looks like its duplicating HTTPRequestMethod anyway!
+ // TODO: shuffle this to the relevant protocol section OR replace with request->method
class Private
{
public:
IcapLogEntry():request(NULL),reply(NULL),outcome(Adaptation::Icap::xoUnknown),trTime(0),ioTime(0),resStatus(HTTP_STATUS_NONE) {}
- IpAddress hostAddr; ///< ICAP server IP address
+ Ip::Address hostAddr; ///< ICAP server IP address
String serviceName; ///< ICAP service name
String reqUri; ///< ICAP Request-URI
Adaptation::Icap::ICAP::Method reqMethod; ///< ICAP request method
*/
#include "acl/Acl.h"
-#ifdef USE_SQUID_EUI
+#if USE_SQUID_EUI
#include "acl/Arp.h"
#include "acl/Eui64.h"
#endif
#include "acl/SourceAsn.h"
#include "acl/SourceDomain.h"
#include "acl/SourceIp.h"
-#ifdef USE_SSL
+#if USE_SSL
#include "acl/SslErrorData.h"
#include "acl/SslError.h"
#include "acl/CertificateData.h"
ACL::Prototype ACLUrlPort::RegistryProtoype(&ACLUrlPort::RegistryEntry_, "port");
ACLStrategised<int> ACLUrlPort::RegistryEntry_(new ACLIntRange, ACLUrlPortStrategy::Instance(), "port");
-#ifdef USE_SSL
+#if USE_SSL
ACL::Prototype ACLSslError::RegistryProtoype(&ACLSslError::RegistryEntry_, "ssl_error");
ACLStrategised<int> ACLSslError::RegistryEntry_(new ACLSslErrorData, ACLSslErrorStrategy::Instance(), "ssl_error");
ACL::Prototype ACLCertificate::UserRegistryProtoype(&ACLCertificate::UserRegistryEntry_, "user_cert");
ACLStrategised<SSL *> ACLCertificate::CARegistryEntry_(new ACLCertificateData (sslGetCAAttribute), ACLCertificateStrategy::Instance(), "ca_cert");
#endif
-#ifdef USE_SQUID_EUI
+#if USE_SQUID_EUI
ACL::Prototype ACLARP::RegistryProtoype(&ACLARP::RegistryEntry_, "arp");
ACLARP ACLARP::RegistryEntry_("arp");
ACL::Prototype ACLEui64::RegistryProtoype(&ACLEui64::RegistryEntry_, "eui64");
-#include "squid.h"
+#include "config.h"
+#include "Debug.h"
+#include "protos.h"
-
-#ifdef HAVE_AUTH_MODULE_BASIC
+#if HAVE_AUTH_MODULE_BASIC
#include "auth/basic/basicScheme.h"
#endif
-
-#ifdef HAVE_AUTH_MODULE_NTLM
-#include "auth/ntlm/ntlmScheme.h"
-#endif
-
-#ifdef HAVE_AUTH_MODULE_DIGEST
+#if HAVE_AUTH_MODULE_DIGEST
#include "auth/digest/digestScheme.h"
#endif
-
-#ifdef HAVE_AUTH_MODULE_NEGOTIATE
+#if HAVE_AUTH_MODULE_NEGOTIATE
#include "auth/negotiate/negotiateScheme.h"
#endif
-
-#ifdef HAVE_AUTH_MODULE_BASIC
-static const char *basic_type = basicScheme::GetInstance().type();
-#endif
-
-#ifdef HAVE_AUTH_MODULE_NTLM
-static const char *ntlm_type = ntlmScheme::GetInstance().type();
-#endif
-
-#ifdef HAVE_AUTH_MODULE_DIGEST
-static const char *digest_type = digestScheme::GetInstance().type();
-#endif
-
-#ifdef HAVE_AUTH_MODULE_NEGOTIATE
-static const char *negotiate_type = negotiateScheme::GetInstance().type();
+#if HAVE_AUTH_MODULE_NTLM
+#include "auth/ntlm/ntlmScheme.h"
#endif
+/**
+ * Initialize the authentication modules (if any)
+ * This is required once, before any configuration actions are taken.
+ */
+void
+InitAuthSchemes()
+{
+ debugs(29,1,"Initializing Authentication Schemes ...");
+#if HAVE_AUTH_MODULE_BASIC
+ static const char *basic_type = basicScheme::GetInstance()->type();
+ debugs(29,1,"Initialized Authentication Scheme '" << basic_type << "'");
+#endif
+#if HAVE_AUTH_MODULE_DIGEST
+ static const char *digest_type = digestScheme::GetInstance()->type();
+ debugs(29,1,"Initialized Authentication Scheme '" << digest_type << "'");
+#endif
+#if HAVE_AUTH_MODULE_NEGOTIATE
+ static const char *negotiate_type = negotiateScheme::GetInstance()->type();
+ debugs(29,1,"Initialized Authentication Scheme '" << negotiate_type << "'");
+#endif
+#if HAVE_AUTH_MODULE_NTLM
+ static const char *ntlm_type = ntlmScheme::GetInstance()->type();
+ debugs(29,1,"Initialized Authentication Scheme '" << ntlm_type << "'");
+#endif
+ debugs(29,1,"Initializing Authentication Schemes Complete.");
+}
#include "squid.h"
+#include "base/TextException.h"
#include "BodyPipe.h"
-#include "TextException.h"
CBDATA_CLASS_INIT(BodyPipe);
return bodySize() - thePutSize; // bodySize() asserts that size is known
}
+void BodyPipe::expectProductionEndAfter(uint64_t size)
+{
+ const uint64_t expectedSize = thePutSize + size;
+ if (bodySizeKnown())
+ Must(bodySize() == expectedSize);
+ else
+ theBodySize = expectedSize;
+}
+
void
BodyPipe::clearProducer(bool atEof)
{
bool needsMoreData() const { return bodySizeKnown() && unproducedSize() > 0; }
uint64_t unproducedSize() const; // size of still unproduced data
bool stillProducing(const Producer *producer) const { return theProducer == producer; }
+ void expectProductionEndAfter(uint64_t extraSize); ///< sets or checks body size
// called by consumers
bool setConsumerIfNotLate(Consumer *aConsumer);
#include "squid.h"
+#include "base/TextException.h"
#include "Parsing.h"
-#include "TextException.h"
#include "ChunkedCodingParser.h"
#include "MemBuf.h"
theChunkSize = theLeftBodySize = 0;
doNeedMoreData = false;
theIn = theOut = NULL;
+ useOriginBody = -1;
}
bool ChunkedCodingParser::parse(MemBuf *rawData, MemBuf *parsedContent)
return;
}
+ // to allow chunk extensions in any chunk, remove this size check
+ if (size == 0) // is this the last-chunk?
+ parseChunkExtension(p, theIn->content() + crlfBeg);
+
theIn->consume(crlfEnd);
theChunkSize = theLeftBodySize = size;
debugs(94,7, "found chunk: " << theChunkSize);
return false;
}
+// chunk-extension= *( ";" chunk-ext-name [ "=" chunk-ext-val ] )
+void ChunkedCodingParser::parseChunkExtension(const char *startExt, const char *endExt)
+{
+ // chunk-extension starts at startExt and ends with LF at endEx
+ for (const char *p = startExt; p < endExt;) {
+
+ while (*p == ' ' || *p == '\t') ++p; // skip spaces before ';'
+
+ if (*p++ != ';') // each ext name=value pair is preceded with ';'
+ return;
+
+ while (*p == ' ' || *p == '\t') ++p; // skip spaces before name
+
+ if (p >= endExt)
+ return; // malformed extension: ';' without ext name=value pair
+
+ const int extSize = endExt - p;
+ // TODO: we need debugData() stream manipulator to dump data
+ debugs(94,7, "Found chunk extension; size=" << extSize);
+
+ // TODO: support implied *LWS around '='
+ if (extSize > 18 && strncmp(p, "use-original-body=", 18) == 0) {
+ (void)StringToInt64(p+18, useOriginBody, &p, 10);
+ debugs(94, 3, HERE << "use-original-body=" << useOriginBody);
+ return; // remove to support more than just use-original-body
+ } else {
+ debugs(94, 5, HERE << "skipping unknown chunk extension");
+ // TODO: support quoted-string chunk-ext-val
+ while (p < endExt && *p != ';') ++p; // skip until the next ';'
+ }
+ }
+}
void parseTrailerHeader();
void parseMessageEnd();
+ void parseChunkExtension(const char *, const char * );
bool findCrlf(size_t &crlfBeg, size_t &crlfEnd);
private:
uint64_t theChunkSize;
uint64_t theLeftBodySize;
bool doNeedMoreData;
+
+public:
+ int64_t useOriginBody;
};
#endif /* SQUID_CHUNKEDCODINGPARSER_H */
#ifndef SQUID__SRC_CLIENTINFO_H
#define SQUID__SRC_CLIENTINFO_H
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
#include "hash.h"
#include "enums.h"
#include "typedefs.h"
public:
hash_link hash; /* must be first */
- IpAddress addr;
+ Ip::Address addr;
struct {
int result_hist[LOG_TYPE_MAX];
-
/*
* $Id$
*
- * DEBUG: section 5 Comms
+ * DEBUG: section 05 Comm
* AUTHOR: Robert Collins <robertc@squid-cache.org>
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
$(OBJS): $(top_srcdir)/include/version.h $(top_builddir)/include/autoconf.h
## Because compatibility is almost universal. And the link order is important.
+## NP: libmisc util.cc depends on rint from math library
COMPAT_LIB = \
-L$(top_builddir)/lib -lmiscutil \
$(top_builddir)/compat/libcompat.la
+
+## Some helpers are written in Perl and need the local shell defined properly
+subst_perlshell = sed -e 's,[@]PERL[@],$(PERL),g' <$(srcdir)/$@.pl.in >$@ || ($(RM) -f $@ ; exit 1)
#if DELAY_POOLS
#include "squid.h"
+#include "auth/UserRequest.h"
#include "DelayPools.h"
#include "DelayIdComposite.h"
#include "CommRead.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
class StoreEntry;
-class AuthUserRequest;
-
/// \ingroup DelayPoolsAPI
class CompositePoolNode : public RefCountable, public Updateable
{
public:
CompositeSelectionDetails() {}
- IpAddress src_addr;
- AuthUserRequest *user;
+ Ip::Address src_addr;
+ AuthUserRequest::Pointer user;
String tag;
};
-
/*
* $Id$
*
- * DEBUG: section 3 Configuration File Parsing
+ * DEBUG: section 03 Configuration File Parsing
* AUTHOR: Robert Collins
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
/*
- * DEBUG: section 5 Socket Functions
+ * DEBUG: section 05 Socket Functions
* AUTHOR: Robert Collins
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
#ifndef _SQUIDCONNECTIONDETAIL_H_
#define _SQUIDCONNECTIONDETAIL_H_
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
class ConnectionDetail
{
ConnectionDetail();
- IpAddress me;
+ Ip::Address me;
- IpAddress peer;
+ Ip::Address peer;
};
#endif
/*
* $Id$
*
- * DEBUG: section 0 Debug Routines
+ * DEBUG: section 00 Debug Routines
* AUTHOR: Harvest Derived
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
/*
* $Id$
*
- * DEBUG: section 3 Configuration Settings
+ * DEBUG: section 03 Configuration Settings
* AUTHOR: Robert Collins
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
}
void
-DelayUserBucket::operator delete (void *address)
+DelayUserBucket::operator delete(void *address)
{
- DelayPools::MemoryUsed -= sizeof (DelayUserBucket);
- ::operator delete (address);
+ DelayPools::MemoryUsed -= sizeof(DelayUserBucket);
+ ::operator delete(address);
}
-DelayUserBucket::DelayUserBucket(AuthUser *aUser) : authUser (aUser)
+DelayUserBucket::DelayUserBucket(AuthUser::Pointer aUser) : authUser(aUser)
{
debugs(77, 3, "DelayUserBucket::DelayUserBucket");
-
- authUser->lock();
}
DelayUserBucket::~DelayUserBucket()
{
- authUser->unlock();
+ authUser = NULL;
debugs(77, 3, "DelayUserBucket::~DelayUserBucket");
}
DelayUserBucket::stats (StoreEntry *entry) const
{
storeAppendPrintf(entry, " %s:", authUser->username());
- theBucket.stats (entry);
+ theBucket.stats(entry);
}
-DelayUser::Id::Id(DelayUser::Pointer aDelayUser,AuthUser *aUser) : theUser(aDelayUser)
+DelayUser::Id::Id(DelayUser::Pointer aDelayUser, AuthUser::Pointer aUser) : theUser(aDelayUser)
{
theBucket = new DelayUserBucket(aUser);
DelayUserBucket::Pointer const *existing = theUser->buckets.find(theBucket, DelayUserCmp);
#include "squid.h"
#include "auth/Gadgets.h"
+#include "auth/User.h"
#include "CompositePoolNode.h"
#include "DelayIdComposite.h"
#include "DelayBucket.h"
void operator delete (void *);
void stats(StoreEntry *)const;
- DelayUserBucket(AuthUser *);
+ DelayUserBucket(AuthUser::Pointer);
~DelayUserBucket();
DelayBucket theBucket;
- AuthUser *authUser;
+ AuthUser::Pointer authUser;
};
/// \ingroup DelayPoolsAPI
public:
void *operator new(size_t);
void operator delete (void *);
- Id (RefCount<DelayUser>, AuthUser *);
+ Id(RefCount<DelayUser>, AuthUser::Pointer);
~Id();
virtual int bytesWanted (int min, int max) const;
virtual void bytesIn(int qty);
-
/*
* $Id$
*
- * DEBUG: section 5 Comm
+ * DEBUG: section 05 Comm
*/
#include "DescriptorSet.h"
char skey1[32];
char skey2[32];
char skey3[32];
- IpAddress localhost;
+ Ip::Address localhost;
ikey = (getpid() << 10) + (instanceID << 2);
ikey &= 0x7fffffff;
#include "dlink.h"
#include "typedefs.h"
-#ifdef AUFS_IO_THREADS
+#if AUFS_IO_THREADS
#define NUMTHREADS AUFS_IO_THREADS
#else
#define NUMTHREADS (Config.cacheSwap.n_configured*16)
if (ctrlp->operation == _AIO_READ)
squidaio_xfree(ctrlp->bufp, ctrlp->len);
- squidaio_ctrl_pool->free(ctrlp);
+ squidaio_ctrl_pool->freeOne(ctrlp);
}
return retval;
#include "DiskThreads.h"
#include <stdio.h>
-#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <pthread.h>
MemAllocator *pool;
if ((pool = squidaio_get_pool(size)) != NULL) {
- pool->free(p);
+ pool->freeOne(p);
} else
xfree(p);
}
int len = strlen(str) + 1;
if ((pool = squidaio_get_pool(len)) != NULL) {
- pool->free(str);
+ pool->freeOne(str);
} else
xfree(str);
}
resultp->aio_errno = requestp->err;
}
- squidaio_request_pool->free(requestp);
+ squidaio_request_pool->freeOne(requestp);
} /* squidaio_cleanup_request */
#include "squid.h"
#include "squid_windows.h"
+#include "CommIO.h"
#include "DiskThreads.h"
+#include "SquidTime.h"
+#include "Store.h"
#include <stdio.h>
-#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <errno.h>
#include <dirent.h>
#include <signal.h>
-#include "CommIO.h"
-#include "SquidTime.h"
-#include "Store.h"
#define RIDICULOUS_LENGTH 4096
}
dlinkDelete(m, &used_list);
- DiskThreadsIOStrategy::Instance.squidaio_ctrl_pool->free(ctrlp);
+ DiskThreadsIOStrategy::Instance.squidaio_ctrl_pool->freeOne(ctrlp);
}
}
-
/*
* $Id$
*
- * DEBUG: section 1 Main Loop
+ * DEBUG: section 01 Main Loop
* AUTHOR: Harvest Derived
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
--- /dev/null
+/*
+ * $Id$
+ */
+
+#include "squid.h"
+#include "base/TextException.h"
+#include "SquidTime.h"
+#include "FadingCounter.h"
+
+FadingCounter::FadingCounter(): horizon(-1), precision(10), delta(-1),
+ lastTime(0), total(0)
+{
+ counters.reserve(precision);
+ while (counters.size() < static_cast<unsigned int>(precision))
+ counters.push_back(0);
+}
+
+void FadingCounter::clear()
+{
+ for (int i = 0; i < precision; ++i)
+ counters[i] = 0;
+ lastTime = current_dtime;
+ total = 0;
+}
+
+void FadingCounter::configure(double newHorizon)
+{
+ if (fabs(newHorizon - horizon) >= 1e-3) { // diff exceeds one millisecond
+ clear(); // for simplicity
+ horizon = newHorizon;
+ delta = horizon / precision; // may become negative or zero
+ }
+}
+
+int FadingCounter::count(int howMany)
+{
+ Must(howMany >= 0);
+
+ if (delta < 0)
+ return total += howMany; // forget nothing
+
+ if (horizon < 1e-3) // (e.g., zero)
+ return howMany; // remember nothing
+
+ const double deltas = (current_dtime - lastTime) / delta;
+ if (deltas >= precision || current_dtime < lastTime) {
+ clear(); // forget all values
+ } else {
+ // forget stale values, if any
+ // fmod() or "current_dtime/delta" will overflow int for small deltas
+ const int lastSlot = static_cast<int>(fmod(lastTime, horizon) / delta);
+ const int staleSlots = static_cast<int>(deltas);
+ for (int i = 0, s = lastSlot + 1; i < staleSlots; ++i, ++s) {
+ const int idx = s % precision;
+ total -= counters[idx];
+ counters[idx] = 0;
+ Must(total >= 0);
+ }
+ }
+
+ // apply new information
+ lastTime = current_dtime;
+ const int curSlot = static_cast<int>(fmod(lastTime, horizon) / delta);
+ counters[curSlot % precision] += howMany;
+ total += howMany;
+ Must(total >= 0);
+
+ return total;
+}
--- /dev/null
+/*
+ * $Id$
+ */
+
+#ifndef SQUID_FADING_COUNTER_H
+#define SQUID_FADING_COUNTER_H
+
+#include "Array.h"
+
+/// Counts events, forgetting old ones. Usefull for "3 errors/minute" limits.
+class FadingCounter
+{
+public:
+ FadingCounter();
+
+ /// 0=remember nothing; -1=forget nothing; new value triggers clear()
+ void configure(double horizonSeconds);
+
+ void clear(); ///< forgets all events
+
+ int count(int howMany); ///< count fresh, return #events remembered
+ int remembered() const { return total; } ///< possibly stale #events
+
+ /// read-only memory horizon in seconds; older events are forgotten
+ double horizon;
+
+private:
+ const int precision; ///< #counting slots, controls measur. occuracy
+ double delta; ///< sub-interval duration = horizon/precision
+
+ double lastTime; ///< time of the last update
+ Vector<int> counters; ///< events per delta (possibly stale)
+ int total; ///< number of remembered events (possibly stale)
+};
+
+#endif /* SQUID_FADING_COUNTER_H */
int64_t peer_response_time; ///< last peer response delay
timeval first_conn_start; ///< first connection use among all peers
int64_t total_response_time; ///< cumulative for all peers
+ u_short peer_local_port; //< local port of the last server-side connection
};
extern void hierarchyNote(HierarchyLogEntry *, hier_code, const char *);
}
/*
- * Return true if the first range offset is larger than the configured
- * limit.
- * Note that exceeding the limit (returning true) results in only
- * grabbing the needed range elements from the origin.
+ * \retval true Fetch only requested ranges. The first range is larger that configured limit.
+ * \retval false Full download. Not a range request, no limit, or the limit is not yet reached.
*/
bool
-HttpHdrRange::offsetLimitExceeded() const
+HttpHdrRange::offsetLimitExceeded(const int64_t limit) const
{
if (NULL == this)
/* not a range request */
return false;
- if (Config.rangeOffsetLimit == 0)
- /* disabled */
+ if (limit == 0)
+ /* 0 == disabled */
return true;
- if (-1 == Config.rangeOffsetLimit)
- /* forced */
+ if (-1 == limit)
+ /* 'none' == forced */
return false;
if (firstOffset() == -1)
/* tail request */
return true;
- if (Config.rangeOffsetLimit >= firstOffset())
+ if (limit >= firstOffset())
/* below the limit */
return false;
{"Date", HDR_DATE, ftDate_1123},
{"ETag", HDR_ETAG, ftETag},
{"Expires", HDR_EXPIRES, ftDate_1123},
+ {"Expect", HDR_EXPECT, ftStr},
{"From", HDR_FROM, ftStr},
{"Host", HDR_HOST, ftStr},
{"If-Match", HDR_IF_MATCH, ftStr}, /* for now */
HDR_CONTENT_ENCODING,
HDR_CONTENT_LANGUAGE,
HDR_CONNECTION,
+ HDR_EXPECT,
HDR_IF_MATCH, HDR_IF_NONE_MATCH,
HDR_LINK, HDR_PRAGMA,
HDR_PROXY_CONNECTION,
HDR_WWW_AUTHENTICATE,
HDR_AUTHENTICATION_INFO,
HDR_PROXY_AUTHENTICATION_INFO,
- /* HDR_EXPECT, HDR_TE, HDR_TRAILER */
+ /* HDR_TE, HDR_TRAILER */
#if X_ACCELERATOR_VARY
HDR_X_ACCELERATOR_VARY,
#endif
Headers[id].stat.seenCount++;
- Headers[id].stat.aliveCount++;
-
debugs(55, 9, "parsed HttpHeaderEntry: '" << name << ": " << value << "'");
return new HttpHeaderEntry(id, name.termedBuf(), value.termedBuf());
String header (getStrOrList(id));
while (strListGetItem(&header, separator, &item, &ilen, &pos)) {
- if (strncmp(item, member, mlen) == 0
+ if (strncasecmp(item, member, mlen) == 0
&& (item[mlen] == '=' || item[mlen] == separator || item[mlen] == ';' || item[mlen] == '\0')) {
result = 1;
break;
String header (getByName(name));
while (strListGetItem(&header, separator, &item, &ilen, &pos)) {
- if (strncmp(item, member, mlen) == 0
+ if (strncasecmp(item, member, mlen) == 0
&& (item[mlen] == '=' || item[mlen] == separator || item[mlen] == ';' || item[mlen] == '\0')) {
result = 1;
break;
HDR_DATE,
HDR_ETAG,
HDR_EXPIRES,
+ HDR_EXPECT,
HDR_FROM,
HDR_HOST,
HDR_IF_MATCH,
bool willBeComplex() const;
int64_t firstOffset() const;
int64_t lowestOffset(int64_t) const;
- bool offsetLimitExceeded() const;
+ bool offsetLimitExceeded(const int64_t limit) const;
bool contains(HttpHdrRangeSpec& r) const;
Vector<HttpHdrRangeSpec *> specs;
-
/*
* $Id$
*
*/
#include "squid.h"
-#include "HttpHeader.h"
-#include "HttpHdrContRange.h"
#include "acl/FilledChecklist.h"
+#include "compat/strtoll.h"
+#include "HttpHdrContRange.h"
+#include "HttpHeader.h"
#include "MemBuf.h"
static void httpHeaderPutStrvf(HttpHeader * hdr, http_hdr_type id, const char *fmt, va_list vargs);
{
const char *end, *pos;
val->clean();
- assert (*start == '"');
+ if (*start != '"') {
+ debugs(66, 2, "failed to parse a quoted-string header field near '" << start << "'");
+ return 0;
+ }
pos = start + 1;
- while (1) {
- if (!(end = index (pos,'"'))) {
+ while (*pos != '"') {
+ bool quoted = (*pos == '\\');
+ if (quoted)
+ pos++;
+ if (!*pos) {
debugs(66, 2, "failed to parse a quoted-string header field near '" << start << "'");
+ val->clean();
return 0;
}
-
- /* check for quoted-chars */
- if (*(end - 1) != '\\') {
- /* done */
- val->append(start + 1, end-start-1);
- return 1;
- }
-
- /* try for the end again */
- pos = end + 1;
+ end = pos + strcspn(pos + quoted, "\"\\") + quoted;
+ val->append(pos, end-pos);
+ pos = end;
}
+ /* Make sure it's defined even if empty "" */
+ if (!val->defined())
+ val->limitInit("", 0);
+ return 1;
}
/**
int
httpMsgIsPersistent(HttpVersion const &http_ver, const HttpHeader * hdr)
{
-#if WHEN_SQUID_IS_HTTP1_1
-
if ((http_ver.major >= 1) && (http_ver.minor >= 1)) {
/*
* for modern versions of HTTP: persistent unless there is
* a "Connection: close" header.
*/
return !httpHeaderHasConnDir(hdr, "close");
- } else
-#else
- {
-#endif
+ } else {
/*
* Persistent connections in Netscape 3.x are allegedly broken,
* return false if it is a browser connection. If there is a
*/
const char *agent = hdr->getStr(HDR_USER_AGENT);
- if (agent && !hdr->has(HDR_VIA)) {
- if (!strncasecmp(agent, "Mozilla/3.", 10))
- return 0;
+ if (agent && !hdr->has(HDR_VIA)) {
+ if (!strncasecmp(agent, "Mozilla/3.", 10))
+ return 0;
- if (!strncasecmp(agent, "Netscape/3.", 11))
- return 0;
- }
+ if (!strncasecmp(agent, "Netscape/3.", 11))
+ return 0;
+ }
- /* for old versions of HTTP: persistent if has "keep-alive" */
- return httpHeaderHasConnDir(hdr, "keep-alive");
-}
+ /* for old versions of HTTP: persistent if has "keep-alive" */
+ return httpHeaderHasConnDir(hdr, "keep-alive");
+ }
}
void HttpMsg::packInto(Packer *p, bool full_uri) const
/* rv->cache_control */
/* rv->content_range */
/* rv->keep_alive */
- HttpVersion ver(1,0);
+ HttpVersion ver(1,1);
httpStatusLineSet(&rv->sline, ver, HTTP_NOT_MODIFIED, "");
for (t = 0; ImsEntries[t] != HDR_OTHER; ++t)
/* Not as efficient as skipping the header duplication,
* but easier to maintain
*/
- HttpReply *temp = make304 ();
+ HttpReply *temp = make304();
MemBuf *rv = temp->pack();
delete temp;
return rv;
const char *ctype, int64_t clen, time_t lmt, time_t expiresTime)
{
HttpHeader *hdr;
- HttpVersion ver(1,0);
+ HttpVersion ver(1,1);
httpStatusLineSet(&sline, ver, status, reason);
hdr = &header;
hdr->putStr(HDR_SERVER, visible_appname_string);
HttpReply::redirect(http_status status, const char *loc)
{
HttpHeader *hdr;
- HttpVersion ver(1,0);
+ HttpVersion ver(1,1);
httpStatusLineSet(&sline, ver, status, httpStatusString(status));
hdr = &header;
hdr->putStr(HDR_SERVER, APP_FULLNAME);
#if ICAP_CLIENT
#include "adaptation/icap/icap_log.h"
#endif
+#include "acl/FilledChecklist.h"
HttpRequest::HttpRequest() : HttpMsg(hoRequest)
{
#if ICAP_CLIENT
icapHistory_ = NULL;
#endif
+ rangeOffsetLimit = -2; //a value of -2 means not checked yet
}
void
// points to a pipe that is owned and initiated by another object.
body_pipe = NULL;
- AUTHUSERREQUESTUNLOCK(auth_user_request, "request");
+ auth_user_request = NULL;
safe_free(canonical);
{
assert(p);
/* pack request-line */
- packerPrintf(p, "%s " SQUIDSTRINGPH " HTTP/1.0\r\n",
- RequestMethodStr(method), SQUIDSTRINGPRINT(urlpath));
+ packerPrintf(p, "%s " SQUIDSTRINGPH " HTTP/%d.%d\r\n",
+ RequestMethodStr(method), SQUIDSTRINGPRINT(urlpath),
+ http_ver.major, http_ver.minor);
/* headers */
header.packInto(p);
/* trailer */
return false;
client_addr = aReq->client_addr;
+#if FOLLOW_X_FORWARDED_FOR
+ indirect_client_addr = aReq->indirect_client_addr;
+#endif
#if USE_SQUID_EUI
client_eui48 = aReq->client_eui48;
client_eui64 = aReq->client_eui64;
// may eventually need cloneNullAdaptationImmune() for that.
flags = aReq->flags.cloneAdaptationImmune();
- if (aReq->auth_user_request) {
- auth_user_request = aReq->auth_user_request;
- AUTHUSERREQUESTLOCK(auth_user_request, "inheritProperties");
- }
+ auth_user_request = aReq->auth_user_request;
if (aReq->pinned_connection) {
pinned_connection = cbdataReference(aReq->pinned_connection);
dnsWait = dns.wait;
}
}
+
+int64_t
+HttpRequest::getRangeOffsetLimit()
+{
+ /* -2 is the starting value of rangeOffsetLimit.
+ * If it is -2, that means we haven't checked it yet.
+ * Otherwise, return the current value */
+ if (rangeOffsetLimit != -2)
+ return rangeOffsetLimit;
+
+ rangeOffsetLimit = 0; // default value for rangeOffsetLimit
+
+ ACLFilledChecklist ch(NULL, this, NULL);
+ ch.src_addr = client_addr;
+ ch.my_addr = my_addr;
+
+ for (acl_size_t *l = Config.rangeOffsetLimit; l; l = l -> next) {
+ /* if there is no ACL list or if the ACLs listed match use this limit value */
+ if (!l->aclList || ch.matchAclListFast(l->aclList)) {
+ debugs(58, 4, HERE << "rangeOffsetLimit=" << rangeOffsetLimit);
+ rangeOffsetLimit = l->size; // may be -1
+ break;
+ }
+ }
+
+ return rangeOffsetLimit;
+}
-
/*
* $Id$
*
#endif
public:
- IpAddress host_addr;
+ Ip::Address host_addr;
- AuthUserRequest *auth_user_request;
+ AuthUserRequest::Pointer auth_user_request;
u_short port;
int64_t max_forwards;
- IpAddress client_addr;
+ Ip::Address client_addr;
#if FOLLOW_X_FORWARDED_FOR
- IpAddress indirect_client_addr;
+ Ip::Address indirect_client_addr;
#endif /* FOLLOW_X_FORWARDED_FOR */
#if USE_SQUID_EUI
Eui::Eui64 client_eui64;
#endif
- IpAddress my_addr;
+ Ip::Address my_addr;
HierarchyLogEntry hier;
cbdataReferenceDone(pinned_connection);
}
+ int64_t getRangeOffsetLimit(); /* the result of this function gets cached in rangeOffsetLimit */
+
private:
const char *packableURI(bool full_uri) const;
+ mutable int64_t rangeOffsetLimit; /* caches the result of getRangeOffsetLimit */
+
protected:
virtual void packFirstLineInto(Packer * p, bool full_uri) const;
_icp_common_t();
_icp_common_t(char *buf, unsigned int len);
- void handleReply(char *buf, IpAddress &from);
+ void handleReply(char *buf, Ip::Address &from);
static _icp_common_t *createMessage(icp_opcode opcode, int flags, const char *url, int reqnum, int pad);
icp_opcode getOpCode() const;
#endif
HttpRequest *request;
int fd;
- IpAddress from;
+ Ip::Address from;
char *url;
};
/// \ingroup ServerProtocolICPAPI
struct icpUdpData {
- IpAddress address;
+ Ip::Address address;
void *msg;
size_t len;
icpUdpData *next;
};
/// \ingroup ServerProtocolICPAPI
-HttpRequest* icpGetRequest(char *url, int reqnum, int fd, IpAddress &from);
+HttpRequest* icpGetRequest(char *url, int reqnum, int fd, Ip::Address &from);
/// \ingroup ServerProtocolICPAPI
-int icpAccessAllowed(IpAddress &from, HttpRequest * icp_request);
+int icpAccessAllowed(Ip::Address &from, HttpRequest * icp_request);
/// \ingroup ServerProtocolICPAPI
-SQUIDCEXTERN void icpCreateAndSend(icp_opcode, int flags, char const *url, int reqnum, int pad, int fd, const IpAddress &from);
+SQUIDCEXTERN void icpCreateAndSend(icp_opcode, int flags, char const *url, int reqnum, int pad, int fd, const Ip::Address &from);
/// \ingroup ServerProtocolICPAPI
extern icp_opcode icpGetCommonOpcode();
/// \ingroup ServerProtocolICPAPI
-SQUIDCEXTERN int icpUdpSend(int, const IpAddress &, icp_common_t *, log_type, int);
+SQUIDCEXTERN int icpUdpSend(int, const Ip::Address &, icp_common_t *, log_type, int);
/// \ingroup ServerProtocolICPAPI
SQUIDCEXTERN log_type icpLogFromICPCode(icp_opcode opcode);
/// \ingroup ServerProtocolICPAPI
-void icpDenyAccess(IpAddress &from, char *url, int reqnum, int fd);
+void icpDenyAccess(Ip::Address &from, char *url, int reqnum, int fd);
/// \ingroup ServerProtocolICPAPI
SQUIDCEXTERN PF icpHandleUdp;
SQUIDCEXTERN PF icpUdpSendQueue;
/// \ingroup ServerProtocolICPAPI
-SQUIDCEXTERN void icpHandleIcpV3(int, IpAddress &, char *, int);
+SQUIDCEXTERN void icpHandleIcpV3(int, Ip::Address &, char *, int);
/// \ingroup ServerProtocolICPAPI
SQUIDCEXTERN int icpCheckUdpHit(StoreEntry *, HttpRequest * request);
-
/*
* $Id$
*
}
void *
-
-LeakFinder::add
-(void *p, const char *file, int line)
+LeakFinder::addSome(void *p, const char *file, int line)
{
assert(hash_lookup(table, p) == NULL);
LeakFinderPtr *c = new LeakFinderPtr(p, file, line);
}
void *
-LeakFinder::free(void *p, const char *file, int line)
+LeakFinder::freeSome(void *p, const char *file, int line)
{
assert(p);
LeakFinderPtr *c = (LeakFinderPtr *) hash_lookup(table, p);
-
-
-
#ifndef SQUID_LEAKFINDER_H
#define SQUID_LEAKFINDER_H
+#include "config.h"
+
#if USE_LEAKFINDER
-#define leakAdd(p,l) if (l) l->add(p,__FILE__,__LINE__)
+
+#include "hash.h"
+
+#define leakAdd(p,l) if (l) l->addSome(p,__FILE__,__LINE__)
#define leakTouch(p,l) if (l) l->touch(p,__FILE__,__LINE__)
-#define leakFree(p,l) if (l) l->free(p,__FILE__,__LINE__)
+#define leakFree(p,l) if (l) l->freeSome(p,__FILE__,__LINE__)
class LeakFinderPtr : public hash_link
{
LeakFinder();
~LeakFinder();
- void *add
- (void *, const char *, const int);
+ void *addSome(void *, const char *, const int);
void *touch(void *, const char *, const int);
- void *free(void *, const char *, const int);
+ void *freeSome(void *, const char *, const int);
void dump();
#include <dlfcn.h>
#endif
-#include "TextException.h"
+#include "base/TextException.h"
#include "LoadableModule.h"
// Note: We must use preprocessor instead of C ifs because if dlopen()
# libraries used by many targets
COMMON_LIBS = \
- base/libbase.la \
- libsquid.la \
auth/libacls.la \
ident/libident.la \
acl/libacls.la \
acl/libstate.la \
auth/libauth.la \
acl/libapi.la \
+ base/libbase.la \
+ libsquid.la \
ip/libip.la \
fs/libfs.la \
ipc/libipc.la
recv-announce \
tests/testUfs \
tests/testCoss \
- tests/testNull
+ tests/testNull \
+ ufsdump
## cfgen is used when building squid
## ufsdump is a debug utility, it is possibly useful for end users with cache
## corruption, but at this point we do not install it.
noinst_PROGRAMS = \
- cf_gen \
- ufsdump
+ cf_gen
sbin_PROGRAMS = \
squid
$(UNLINKD)
cf_gen_SOURCES = cf_gen.cc
-nodist_cf_gen_HEADER = cf_gen_defines.h
+nodist_cf_gen_HEADER = cf_gen_defines.cci
cf_gen_LDADD= \
$(COMPAT_LIB) \
$(EPOLL_LIBS) \
$(MINGW_LIBS) \
$(XTRA_LIBS)
-cf_gen.$(OBJEXT): cf_gen_defines.h
+cf_gen.$(OBJEXT): cf_gen_defines.cci
-## cf_gen.cc needs src/cf_gen_defines.h
+## cf_gen.cc needs src/cf_gen_defines.cci
INCLUDES += -I$(top_builddir)/src
CommCalls.h \
DescriptorSet.cc \
DescriptorSet.h \
- SquidConfig.cc \
- TextException.cc \
- TextException.h
+ SquidConfig.cc
squid_SOURCES = \
$(ACL_REGISTRATION_SOURCES) \
ExternalACL.h \
ExternalACLEntry.cc \
ExternalACLEntry.h \
+ FadingCounter.h \
+ FadingCounter.cc \
fd.cc \
fde.cc \
fde.h \
SquidTime.h
BUILT_SOURCES = \
- cf_gen_defines.h \
- cf_parser.h \
+ cf_gen_defines.cci \
+ cf_parser.cci \
err_type.cc \
globals.cc \
hier_code.cc \
StoreMetaURL.cc \
StoreMetaVary.cc \
String.cc \
+ SquidNew.cc \
time.cc \
ufsdump.cc \
dlink.h \
DiskIO/DiskThreads/DiskThreadsIOStrategy.h
DiskIO_DiskDaemon_diskd_SOURCES = DiskIO/DiskDaemon/diskd.cc
-DiskIO_DiskDaemon_diskd_LDADD = $(top_builddir)/lib/libmiscutil.a $(XTRA_LIBS)
+DiskIO_DiskDaemon_diskd_LDADD = $(COMPAT_LIB) $(XTRA_LIBS)
DEFAULT_HTTP_PORT = $(CACHE_HTTP_PORT)
snmp_core.o snmp_agent.o: ../snmplib/libsnmp.a $(top_srcdir)/include/cache_snmp.h
globals.cc: globals.h mk-globals-c.awk
- $(AWK) -f $(srcdir)/mk-globals-c.awk < $(srcdir)/globals.h > $@
+ $(AWK) -f $(srcdir)/mk-globals-c.awk < $(srcdir)/globals.h > $@ || ($(RM) -f $@ && exit 1)
-## Generate files containing strng arrays for various enums....
+## Generate files containing string arrays for various enums....
hier_code.cc: hier_code.h mk-string-arrays.awk
- $(AWK) -f $(srcdir)/mk-string-arrays.awk < $(srcdir)/hier_code.h > $@
+ $(AWK) -f $(srcdir)/mk-string-arrays.awk < $(srcdir)/hier_code.h > $@ || ($(RM) -f $@ && exit 1)
err_type.cc: err_type.h mk-string-arrays.awk
- $(AWK) -f $(srcdir)/mk-string-arrays.awk < $(srcdir)/err_type.h > $@
+ $(AWK) -f $(srcdir)/mk-string-arrays.awk < $(srcdir)/err_type.h > $@ || ($(RM) -f $@ && exit 1)
lookup_t.cc: lookup_t.h mk-string-arrays.awk
- $(AWK) -f $(srcdir)/mk-string-arrays.awk < $(srcdir)/lookup_t.h > $@
+ $(AWK) -f $(srcdir)/mk-string-arrays.awk < $(srcdir)/lookup_t.h > $@ || ($(RM) -f $@ && exit 1)
icp_opcode.cc: icp_opcode.h mk-string-arrays.awk
- $(AWK) -f $(srcdir)/mk-string-arrays.awk < $(srcdir)/icp_opcode.h > $@
+ $(AWK) -f $(srcdir)/mk-string-arrays.awk < $(srcdir)/icp_opcode.h > $@ || ($(RM) -f $@ && exit 1)
swap_log_op.cc: swap_log_op.h mk-string-arrays.awk
- $(AWK) -f $(srcdir)/mk-string-arrays.awk < $(srcdir)/swap_log_op.h > $@
+ $(AWK) -f $(srcdir)/mk-string-arrays.awk < $(srcdir)/swap_log_op.h > $@ || ($(RM) -f $@ && exit 1)
## other generated files...
$(CC) -o $@ $(LDFLAGS) $@.o CacheDigest.o debug.o globals.o store_key_md5.o $(STD_APP_LIBS)
## If autodependency works well this is not needed anymore
-cache_cf.o: cf_parser.h
+cache_cf.o: cf_parser.cci
-# squid.conf.default is built by cf_gen when making cf_parser.h
-squid.conf.default squid.conf.documented: cf_parser.h
+# squid.conf.default is built by cf_gen when making cf_parser.cci
+squid.conf.default squid.conf.documented: cf_parser.cci
true
-cf_parser.h: cf.data cf_gen$(EXEEXT)
+cf_parser.cci: cf.data cf_gen$(EXEEXT)
./cf_gen cf.data $(srcdir)/cf.data.depend
-cf_gen_defines.h: $(srcdir)/cf_gen_defines $(srcdir)/cf.data.pre
- $(AWK) -f $(srcdir)/cf_gen_defines <$(srcdir)/cf.data.pre >cf_gen_defines.h
+cf_gen_defines.cci: $(srcdir)/cf_gen_defines $(srcdir)/cf.data.pre
+ $(AWK) -f $(srcdir)/cf_gen_defines <$(srcdir)/cf.data.pre >$@ || ($(RM) -f $@ && exit 1)
## FIXME: generate a sed command file from configure. Then this doesn't
$(INSTALL_DATA) squid.conf.default $(DESTDIR)$(DEFAULT_CONFIG_FILE).default; \
echo "$(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE).documented"; \
$(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE).documented; \
- $(mkinstalldirs) $(DESTDIR)$(DEFAULT_LOG_PREFIX)
+ $(mkinstalldirs) $(DESTDIR)$(DEFAULT_LOG_PREFIX); \
+ $(mkinstalldirs) $(DESTDIR)`dirname $(DEFAULT_PIDFILE)`
uninstall-local: squid.conf.default
@$(SHELL) $(top_srcdir)/scripts/remove-cfg.sh "$(RM)" $(DESTDIR)$(DEFAULT_MIME_TABLE) $(srcdir)/mime.conf.default
acl/libstate.la \
auth/libauth.la \
ip/libip.la \
+ base/libbase.la \
$(SQUID_CPPUNIT_LIBS) \
$(SQUID_CPPUNIT_LA) \
- -L../lib -lmiscutil \
+ $(COMPAT_LIB) \
$(XTRA_LIBS)
tests_testHttpReply_DEPENDENCIES= $(SQUID_CPPUNIT_LA) \
$(top_builddir)/lib/libmiscutil.a
## Tests of the CacheManager module.
tests_testCacheManager_SOURCES = \
+ $(ACL_REGISTRATION_SOURCES) \
debug.cc \
HttpRequest.cc \
HttpRequestMethod.cc \
useragent.cc \
wccp2.cc \
whois.cc \
+ FadingCounter.cc \
$(WIN32_SOURCE) \
wordlist.cc
nodist_tests_testCacheManager_SOURCES = \
## Tests of the Even module.
tests_testEvent_SOURCES = \
+ $(ACL_REGISTRATION_SOURCES) \
debug.cc \
EventLoop.h \
EventLoop.cc \
useragent.cc \
wccp2.cc \
whois.cc \
+ FadingCounter.cc \
$(WIN32_SOURCE) \
wordlist.cc
nodist_tests_testEvent_SOURCES = \
## Tests of the EventLoop module.
tests_testEventLoop_SOURCES = \
+ $(ACL_REGISTRATION_SOURCES) \
debug.cc \
EventLoop.h \
EventLoop.cc \
useragent.cc \
wccp2.cc \
whois.cc \
+ FadingCounter.cc \
$(WIN32_SOURCE) \
wordlist.cc
nodist_tests_testEventLoop_SOURCES = \
$(SQUID_CPPUNIT_LA)
tests_test_http_range_SOURCES = \
+ $(ACL_REGISTRATION_SOURCES) \
tests/test_http_range.cc \
BodyPipe.cc \
cache_cf.cc \
useragent.cc \
wccp2.cc \
whois.cc \
+ FadingCounter.cc \
$(WIN32_SOURCE) \
wordlist.cc \
Packer.cc \
## Tests of the HttpRequest module.
tests_testHttpRequest_SOURCES = \
+ $(ACL_REGISTRATION_SOURCES) \
debug.cc \
HttpRequest.cc \
HttpRequestMethod.cc \
useragent.cc \
wccp2.cc \
whois.cc \
+ FadingCounter.cc \
$(WIN32_SOURCE) \
wordlist.cc
nodist_tests_testHttpRequest_SOURCES = \
$(SWAP_TEST_SOURCES)
nodist_tests_testCoss_SOURCES = \
swap_log_op.cc \
+ SquidMath.cc \
+ SquidMath.h \
$(SWAP_TEST_GEN_SOURCES)
tests_testCoss_LDADD = \
libsquid.la \
## Tests of the URL module.
## TODO: Trim this down once the insanity is over.
tests_testURL_SOURCES = \
+ $(ACL_REGISTRATION_SOURCES) \
debug.cc \
url.cc \
URLScheme.cc \
useragent.cc \
wccp2.cc \
whois.cc \
+ FadingCounter.cc \
$(WIN32_SOURCE) \
wordlist.cc
nodist_tests_testURL_SOURCES = \
mb->Printf("memBufReport is not yet implemented @?@\n");
}
-#ifndef _USE_INLINE_
+#if !_USE_INLINE_
#include "MemBuf.cci"
#endif
#endif
};
-#ifdef _USE_INLINE_
+#if _USE_INLINE_
#include "MemBuf.cci"
#endif
-
/*
* $Id$
*
- * DEBUG: section 3 Configuration File Parsing
+ * DEBUG: section 03 Configuration File Parsing
* AUTHOR: Harvest Derived
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
*
*/
+#include "config.h"
+#include "compat/strtoll.h"
#include "Parsing.h"
/*
}
bool
-GetHostWithPort(char *token, IpAddress *ipa)
+GetHostWithPort(char *token, Ip::Address *ipa)
{
char *t;
char *host;
/*
* $Id$
*
- * DEBUG: section 3 Configuration File Parsing
+ * DEBUG: section 03 Configuration File Parsing
* AUTHOR: Harvest Derived
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
extern bool StringToInt64(const char *str, int64_t &result, const char **p, int base);
/**
- * Parse a socket address (host:port), fill the given IpAddress object
+ * Parse a socket address (host:port), fill the given Ip::Address object
* \retval false Failure.
* \retval true Success.
* Destroys token during parse.
*/
-extern bool GetHostWithPort(char *token, IpAddress *ipa);
+extern bool GetHostWithPort(char *token, Ip::Address *ipa);
#endif /* SQUID_PARSING_H */
#include "cbdata.h"
#include "PingData.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
class ps_state
{
void *callback_data;
FwdServer *servers;
/*
- * Why are these IpAddress instead of peer *? Because a
+ * Why are these Ip::Address instead of peer *? Because a
* peer structure can become invalid during the peer selection
* phase, specifically after a reconfigure. Thus we need to lookup
* the peer * based on the address when we are finally ready to
* reference the peer structure.
*/
- IpAddress first_parent_miss;
+ Ip::Address first_parent_miss;
- IpAddress closest_parent_miss;
+ Ip::Address closest_parent_miss;
/*
* ->hit can be peer* because it should only be
* accessed during the thread when it is set
#include "config.h"
-#ifdef HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
-
class ping_data
{
#include "squid.h"
-#ifdef USE_XPROF_STATS
+#if USE_XPROF_STATS
#include "CacheManager.h"
#include "event.h"
http_port_list *next;
- IpAddress s;
+ Ip::Address s;
char *protocol; /* protocol name */
char *name; /* visible name */
char *defaultsite; /* default web site */
*/
#include "squid.h"
+#include "base/TextException.h"
#include "Server.h"
#include "Store.h"
+#include "fde.h" /* for fd_table[fd].closing */
#include "HttpRequest.h"
#include "HttpReply.h"
-#include "TextException.h"
#include "errorpage.h"
#include "SquidTime.h"
sendMoreRequestBody();
}
+bool
+ServerStateData::canSend(int fd) const
+{
+ return fd >= 0 && !fd_table[fd].closing();
+}
+
void
ServerStateData::sendMoreRequestBody()
{
assert(requestBodySource != NULL);
assert(!requestSender);
+
+ const int fd = dataDescriptor();
+
+ if (!canSend(fd)) {
+ debugs(9,3, HERE << "cannot send request body to closing FD " << fd);
+ return; // wait for the kid's close handler; TODO: assert(closer);
+ }
+
MemBuf buf;
if (requestBodySource->getMoreData(buf)) {
debugs(9,3, HERE << "will write " << buf.contentSize() << " request body bytes");
typedef CommCbMemFunT<ServerStateData, CommIoCbParams> Dialer;
requestSender = asyncCall(93,3, "ServerStateData::sentRequestBody",
Dialer(this, &ServerStateData::sentRequestBody));
- comm_write_mbuf(dataDescriptor(), &buf, requestSender);
+ comm_write_mbuf(fd, &buf, requestSender);
} else {
debugs(9,3, HERE << "will wait for more request body bytes or eof");
requestSender = NULL;
void handleRequestBodyProductionEnded();
virtual void handleRequestBodyProducerAborted() = 0;
+ /// whether it is not too late to write to the server
+ bool canSend(int fd) const;
// sending of the request body to the server
void sendMoreRequestBody();
// has body; kids overwrite to increment I/O stats counters
*
*/
-/* #define _SQUID_EXTERNNEW_ */ /* Why? kinkie */
+#define _SQUID_EXTERNNEW_
+
#include "squid.h"
_SQUID_INLINE_ std::ostream & operator<<(std::ostream& os, String const &aString);
-#ifdef _USE_INLINE_
+#if _USE_INLINE_
#include "String.cci"
#endif
#if HAVE_TIME_H
#include <time.h>
#endif
-#if HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
-
+/* NP: sys/time.h is provided by libcompat */
/* globals for accessing time */
extern struct timeval current_time;
/// \ingroup StoreAPI
SQUIDCEXTERN void storeGetMemSpace(int size);
-#ifdef _USE_INLINE_
+#if _USE_INLINE_
#include "Store.cci"
#endif
*/
#include "squid.h"
+#include "base/TextException.h"
#include "Store.h"
-#include "TextException.h"
int
String::psize() const
-#ifndef _USE_INLINE_
+#if !_USE_INLINE_
#include "String.cci"
#endif
#include "config.h"
#include <cstring>
-#ifdef HAVE_STDINT_H
+#if HAVE_STDINT_H
#include <stdint.h> //for INT_MAX
#else /* HAVE_STDINT_H */
#ifndef INT_MAX
-
/*
* $Id$
*
*/
#include "squid.h"
+#include "compat/strtoll.h"
#include "SwapDir.h"
#include "StoreFileSystem.h"
#include "ConfigOption.h"
#include "acl/Arp.h"
#include "acl/FilledChecklist.h"
#include "eui/Eui48.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
#include "wordlist.h"
static void aclParseArpList(SplayNode<Eui::Eui48 *> **curlist);
-static int aclMatchArp(SplayNode<Eui::Eui48 *> **dataptr, IpAddress &c);
+static int aclMatchArp(SplayNode<Eui::Eui48 *> **dataptr, Ip::Address &c);
static SplayNode<Eui::Eui48 *>::SPLAYCMP aclArpCompare;
static SplayNode<Eui::Eui48 *>::SPLAYWALKEE aclDumpArpListWalkee;
/* aclMatchArp */
/***************/
int
-aclMatchArp(SplayNode<Eui::Eui48 *> **dataptr, IpAddress &c)
+aclMatchArp(SplayNode<Eui::Eui48 *> **dataptr, Ip::Address &c)
{
Eui::Eui48 result;
SplayNode<Eui::Eui48 *> **Top = dataptr;
{
public:
uint8_t len;
- IpAddress addr;
+ Ip::Address addr;
- m_ADDR() : len(sizeof(IpAddress)) {};
+ m_ADDR() : len(sizeof(Ip::Address)) {};
};
/* END of definitions for radix tree entries */
/* PUBLIC */
int
-asnMatchIp(CbDataList<int> *data, IpAddress &addr)
+asnMatchIp(CbDataList<int> *data, Ip::Address &addr)
{
struct squid_radix_node *rn;
as_info *e;
CbDataList<int> *q = NULL;
as_info *asinfo = NULL;
- IpAddress mask;
- IpAddress addr;
+ Ip::Address mask;
+ Ip::Address addr;
char *t;
int bitl;
CbDataList<int> *q;
as_info *asinfo;
char buf[MAX_IPSTRLEN];
- IpAddress addr;
- IpAddress mask;
+ Ip::Address addr;
+ Ip::Address mask;
assert(e);
assert(e->e_info);
bool
-ACLASN::match(IpAddress toMatch)
+ACLASN::match(Ip::Address toMatch)
{
return asnMatchIp(data, toMatch);
}
}
}
-ACLData<IpAddress> *
+ACLData<Ip::Address> *
ACLASN::clone() const
{
if (data)
/* explicit template instantiation required for some systems */
-template class ACLStrategised<IpAddress>;
+template class ACLStrategised<Ip::Address>;
ACL::Prototype ACLASN::SourceRegistryProtoype(&ACLASN::SourceRegistryEntry_, "src_as");
-ACLStrategised<IpAddress> ACLASN::SourceRegistryEntry_(new ACLASN, ACLSourceASNStrategy::Instance(), "src_as");
+ACLStrategised<Ip::Address> ACLASN::SourceRegistryEntry_(new ACLASN, ACLSourceASNStrategy::Instance(), "src_as");
ACL::Prototype ACLASN::DestinationRegistryProtoype(&ACLASN::DestinationRegistryEntry_, "dst_as");
-ACLStrategised<IpAddress> ACLASN::DestinationRegistryEntry_(new ACLASN, ACLDestinationASNStrategy::Instance(), "dst_as");
+ACLStrategised<Ip::Address> ACLASN::DestinationRegistryEntry_(new ACLASN, ACLDestinationASNStrategy::Instance(), "dst_as");
int
-ACLSourceASNStrategy::match (ACLData<IpAddress> * &data, ACLFilledChecklist *checklist)
+ACLSourceASNStrategy::match (ACLData<Ip::Address> * &data, ACLFilledChecklist *checklist)
{
return data->match(checklist->src_addr);
}
debugs(28, 3, "asnMatchAcl: Can't yet compare '" << "unknown" /*name*/ << "' ACL for '" << checklist->request->GetHost() << "'");
checklist->changeState (DestinationIPLookup::Instance());
} else {
- IpAddress noaddr;
+ Ip::Address noaddr;
noaddr.SetNoAddr();
return data->match(noaddr);
}
#include "CbDataList.h"
#include "acl/Strategised.h"
#include "acl/Checklist.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
-SQUIDCEXTERN int asnMatchIp(CbDataList<int> *, IpAddress &);
+SQUIDCEXTERN int asnMatchIp(CbDataList<int> *, Ip::Address &);
/// \ingroup ACLAPI
SQUIDCEXTERN void asnInit(void);
SQUIDCEXTERN void asnFreeMemory(void);
/// \ingroup ACLAPI
-class ACLASN : public ACLData<IpAddress>
+class ACLASN : public ACLData<Ip::Address>
{
public:
virtual ~ACLASN();
- virtual bool match(IpAddress);
+ virtual bool match(Ip::Address);
virtual wordlist *dump();
virtual void parse();
bool empty() const;
- virtual ACLData<IpAddress> *clone() const;
+ virtual ACLData<Ip::Address> *clone() const;
virtual void prepareForUse();
private:
static ACL::Prototype SourceRegistryProtoype;
- static ACLStrategised<IpAddress> SourceRegistryEntry_;
+ static ACLStrategised<Ip::Address> SourceRegistryEntry_;
static ACL::Prototype DestinationRegistryProtoype;
- static ACLStrategised<IpAddress> DestinationRegistryEntry_;
+ static ACLStrategised<Ip::Address> DestinationRegistryEntry_;
CbDataList<int> *data;
};
#include "acl/Asn.h"
#include "acl/Strategy.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
/// \ingroup ACLAPI
-class ACLDestinationASNStrategy : public ACLStrategy<IpAddress>
+class ACLDestinationASNStrategy : public ACLStrategy<Ip::Address>
{
public:
#include "acl/Eui64.h"
#include "acl/FilledChecklist.h"
#include "eui/Eui64.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
#include "wordlist.h"
static void aclParseEuiList(SplayNode<Eui::Eui64 *> **curlist);
-static int aclMatchEui(SplayNode<Eui::Eui64 *> **dataptr, IpAddress &c);
+static int aclMatchEui(SplayNode<Eui::Eui64 *> **dataptr, Ip::Address &c);
static SplayNode<Eui::Eui64 *>::SPLAYCMP aclEui64Compare;
static SplayNode<Eui::Eui64 *>::SPLAYWALKEE aclDumpEuiListWalkee;
/* aclMatchEui */
/***************/
int
-aclMatchEui(SplayNode<Eui::Eui64 *> **dataptr, IpAddress &c)
+aclMatchEui(SplayNode<Eui::Eui64 *> **dataptr, Ip::Address &c)
{
Eui::Eui64 result;
SplayNode<Eui::Eui64 *> **Top = dataptr;
CBDATA_CLASS_INIT(ACLFilledChecklist);
-#if MOVED
-int
-ACLFilledChecklist::authenticated()
-{
- http_hdr_type headertype;
-
- if (NULL == request) {
- fatal ("requiresRequest SHOULD have been true for this ACL!!");
- return 0;
- } else if (request->flags.accelerated) {
- /* WWW authorization on accelerated requests */
- headertype = HDR_AUTHORIZATION;
- } else if (request->flags.intercepted || request->flags.spoof_client_ip) {
- debugs(28, DBG_IMPORTANT, HERE << " authentication not applicable on intercepted requests.");
- return -1;
- } else {
- /* Proxy authorization on proxy requests */
- headertype = HDR_PROXY_AUTHORIZATION;
- }
-
- /* get authed here */
- /* Note: this fills in auth_user_request when applicable */
- /*
- * DPW 2007-05-08
- * tryToAuthenticateAndSetAuthUser used to try to lock and
- * unlock auth_user_request on our behalf, but it was too
- * ugly and hard to follow. Now we do our own locking here.
- *
- * I'm not sure what tryToAuthenticateAndSetAuthUser does when
- * auth_user_request is set before calling. I'm tempted to
- * unlock and set it to NULL, but it seems safer to save the
- * pointer before calling and unlock it afterwards. If the
- * pointer doesn't change then its a no-op.
- */
- AuthUserRequest *old_auth_user_request = auth_user_request;
- auth_acl_t result = AuthUserRequest::tryToAuthenticateAndSetAuthUser (&auth_user_request, headertype, request, conn(), src_addr);
- if (auth_user_request)
- AUTHUSERREQUESTLOCK(auth_user_request, "ACLFilledChecklist");
- AUTHUSERREQUESTUNLOCK(old_auth_user_request, "old ACLFilledChecklist");
- switch (result) {
-
- case AUTH_ACL_CANNOT_AUTHENTICATE:
- debugs(28, 4, "aclMatchAcl: returning 0 user authenticated but not authorised.");
- return 0;
-
- case AUTH_AUTHENTICATED:
-
- return 1;
- break;
-
- case AUTH_ACL_HELPER:
- debugs(28, 4, "aclMatchAcl: returning 0 sending credentials to helper.");
- changeState (ProxyAuthLookup::Instance());
- return 0;
-
- case AUTH_ACL_CHALLENGE:
- debugs(28, 4, "aclMatchAcl: returning 0 sending authentication challenge.");
- changeState (ProxyAuthNeeded::Instance());
- return 0;
-
- default:
- fatal("unexpected authenticateAuthenticate reply\n");
- return 0;
- }
-}
-#endif
-
void
ACLFilledChecklist::checkCallback(allow_t answer)
{
- debugs(28, 5, "ACLFilledChecklist::checkCallback: " << this << " answer=" << answer);
+ debugs(28, 5, HERE << this << " answer=" << answer);
/* During reconfigure, we can end up not finishing call
* sequences into the auth code */
- if (auth_user_request) {
+ if (auth_user_request != NULL) {
/* the filled_checklist lock */
- AUTHUSERREQUESTUNLOCK(auth_user_request, "ACLFilledChecklist");
+ auth_user_request = NULL;
/* it might have been connection based */
- assert(conn() != NULL);
- /*
- * DPW 2007-05-08
- * yuck, this make me uncomfortable. why do this here?
- * ConnStateData will do its own unlocking.
- */
- AUTHUSERREQUESTUNLOCK(conn()->auth_user_request, "conn via ACLFilledChecklist");
- conn()->auth_type = AUTH_BROKEN;
+ if (conn()) {
+ conn()->auth_user_request = NULL;
+ }
}
ACLChecklist::checkCallback(answer); // may delete us
HTTPMSGUNLOCK(reply);
- // no auth_user_request in builds without any Authentication configured
- if (auth_user_request)
- AUTHUSERREQUESTUNLOCK(auth_user_request, "ACLFilledChecklist destructor");
-
cbdataReferenceDone(conn_);
debugs(28, 4, HERE << "ACLFilledChecklist destroyed " << this);
#define SQUID_ACLFILLED_CHECKLIST_H
#include "acl/Checklist.h"
+#include "auth/UserRequest.h"
-class AuthUserRequest;
class ExternalACLEntry;
class ConnStateData;
virtual bool hasReply() const { return reply != NULL; }
public:
- IpAddress src_addr;
- IpAddress dst_addr;
- IpAddress my_addr;
+ Ip::Address src_addr;
+ Ip::Address dst_addr;
+ Ip::Address my_addr;
struct peer *dst_peer;
char *dst_rdns;
HttpReply *reply;
char rfc931[USER_IDENT_SZ];
- AuthUserRequest *auth_user_request;
+ AuthUserRequest::Pointer auth_user_request;
#if SQUID_SNMP
char *snmp_community;
*/
#include "squid.h"
+#include "compat/getaddrinfo.h"
#include "acl/Ip.h"
#include "acl/Checklist.h"
#include "MemBuf.h"
int
aclIpAddrNetworkCompare(acl_ip_data * const &p, acl_ip_data * const &q)
{
- IpAddress A = p->addr1;
+ Ip::Address A = p->addr1;
/* apply netmask */
A.ApplyMask(q->mask);
* This function should NOT be called if 'asc' is a hostname!
*/
bool
-acl_ip_data::DecodeMask(const char *asc, IpAddress &mask, int ctype)
+acl_ip_data::DecodeMask(const char *asc, Ip::Address &mask, int ctype)
{
char junk;
int a1 = 0;
LOCAL_ARRAY(char, mask, 256);
acl_ip_data *r = NULL;
acl_ip_data **Q = NULL;
- IpAddress temp;
+ Ip::Address temp;
char c;
unsigned int changed;
acl_ip_data *q = new acl_ip_data;
addr2[0] = '\0';
} else if (sscanf(t, "%s", addr1) == 1) {
/*
- * Note, must use plain xgetaddrinfo() here because at startup
+ * Note, must use plain getaddrinfo() here because at startup
* ipcache hasn't been initialized
- * TODO: offload this to one of the IpAddress lookups.
+ * TODO: offload this to one of the Ip::Address lookups.
*/
debugs(28, 5, "aclIpParseIpData: Lookup Host/IP " << addr1);
struct addrinfo *hp = NULL, *x = NULL;
struct addrinfo hints;
- IpAddress *prev_addr = NULL;
+ Ip::Address *prev_addr = NULL;
memset(&hints, 0, sizeof(struct addrinfo));
hints.ai_flags |= AI_V4MAPPED | AI_ALL;
#endif
- int errcode = xgetaddrinfo(addr1,NULL,&hints,&hp);
+ int errcode = getaddrinfo(addr1,NULL,&hints,&hp);
if (hp == NULL) {
debugs(28, 0, "aclIpParseIpData: Bad host/IP: '" << addr1 <<
"' in '" << t << "', flags=" << hints.ai_flags <<
- " : (" << errcode << ") " << xgai_strerror(errcode) );
+ " : (" << errcode << ") " << gai_strerror(errcode) );
self_destruct();
return NULL;
}
return NULL;
}
- xfreeaddrinfo(hp);
+ freeaddrinfo(hp);
return q;
}
}
int
-ACLIP::match(IpAddress &clientip)
+ACLIP::match(Ip::Address &clientip)
{
static acl_ip_data ClientAddress;
/*
acl_ip_data::acl_ip_data () :addr1(), addr2(), mask(), next (NULL) {}
-acl_ip_data::acl_ip_data (IpAddress const &anAddress1, IpAddress const &anAddress2, IpAddress const &aMask, acl_ip_data *aNext) : addr1(anAddress1), addr2(anAddress2), mask(aMask), next(aNext) {}
+acl_ip_data::acl_ip_data (Ip::Address const &anAddress1, Ip::Address const &anAddress2, Ip::Address const &aMask, acl_ip_data *aNext) : addr1(anAddress1), addr2(anAddress2), mask(aMask), next(aNext) {}
#include "acl/Acl.h"
#include "splay.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
/// \ingroup ACLAPI
class acl_ip_data
acl_ip_data ();
- acl_ip_data (IpAddress const &, IpAddress const &, IpAddress const &, acl_ip_data *);
+ acl_ip_data (Ip::Address const &, Ip::Address const &, Ip::Address const &, acl_ip_data *);
void toStr(char *buf, int len) const;
- IpAddress addr1;
+ Ip::Address addr1;
- IpAddress addr2;
+ Ip::Address addr2;
- IpAddress mask; /**< \todo This should perhapse be stored as a CIDR range now instead of a full IP mask. */
+ Ip::Address mask; /**< \todo This should perhapse be stored as a CIDR range now instead of a full IP mask. */
acl_ip_data *next; /**< used for parsing, not for storing */
private:
- static bool DecodeMask(const char *asc, IpAddress &mask, int string_format_type);
+ static bool DecodeMask(const char *asc, Ip::Address &mask, int string_format_type);
};
MEMPROXY_CLASS_INLINE(acl_ip_data);
protected:
- int match(IpAddress &);
+ int match(Ip::Address &);
IPSplay *data;
private:
class ACLChecklist;
#include "acl/Strategy.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
-class ACLSourceASNStrategy : public ACLStrategy<IpAddress>
+class ACLSourceASNStrategy : public ACLStrategy<Ip::Address>
{
public:
void
ACLStrategised<MatchType>::operator delete (void *address)
{
- Pool->free(address);
+ Pool->freeOne(address);
}
template <class MatchType>
int
ACLTagStrategy::match (ACLData<MatchType> * &data, ACLFilledChecklist *checklist)
{
- if (checklist->conn() != NULL)
+ if (checklist->request != NULL)
return data->match (checklist->request->tag.termedBuf());
return 0;
}
#include "adaptation/AccessRule.h"
#include "adaptation/Config.h"
#include "adaptation/AccessCheck.h"
-
+#include "base/TextException.h"
/** \cond AUTODOCS-IGNORE */
cbdata_type Adaptation::AccessCheck::CBDATA_AccessCheck = CBDATA_UNKNOWN;
void
Adaptation::Config::freeService()
{
+ FreeAccess();
+ FreeServiceGroups();
+
+ DetachServices();
+
while (!serviceConfigs.empty()) {
delete serviceConfigs.back();
serviceConfigs.pop_back();
// with global arrays shared by those individual configs
Adaptation::Config::~Config()
{
- FreeAccess();
- FreeServiceGroups();
-
- // invalidate each service so that it can be deleted when refcount=0
- while (!AllServices().empty()) {
- AllServices().back()->invalidate();
- AllServices().pop_back();
- }
-
freeService();
}
int send_client_ip;
int send_client_username;
int service_failure_limit;
+ time_t oldest_service_failure;
int service_revival_delay;
int icap_uses_indirect_client;
#include "config.h"
-#include "globals.h"
-#include "TextException.h"
-#include "SquidTime.h"
-#include "HttpRequest.h" /* for alLogformatHasAdaptToken */
#include "adaptation/Config.h"
#include "adaptation/History.h"
+#include "base/TextException.h"
+#include "globals.h"
+#include "HttpRequest.h" /* for alLogformatHasAdaptToken */
+#include "SquidTime.h"
/// impossible services value to identify unset theNextServices
const static char *TheNullServices = ",null,";
/*
- * DEBUG: section 93 ICAP (RFC 3507) Client
+ * DEBUG: section 93 ICAP (RFC 3507) Client
*/
#include "squid.h"
/*
- * DEBUG: section 93 ICAP (RFC 3507) Client
+ * DEBUG: section 93 ICAP (RFC 3507) Client
*/
#include "squid.h"
/*
- * DEBUG: section 93 Adaptation
+ * DEBUG: section 93 Adaptation
*/
#include "squid.h"
-#include "TextException.h"
-#include "HttpRequest.h"
-#include "HttpReply.h"
-#include "HttpMsg.h"
#include "adaptation/Config.h"
#include "adaptation/Iterator.h"
#include "adaptation/Service.h"
#include "adaptation/ServiceFilter.h"
#include "adaptation/ServiceGroups.h"
+#include "base/TextException.h"
+#include "HttpRequest.h"
+#include "HttpReply.h"
+#include "HttpMsg.h"
Adaptation::Iterator::Iterator(Adaptation::Initiator *anInitiator,
/*
- * DEBUG: section XXX
+ * DEBUG: section 93 Adaptation
*/
#include "squid.h"
-#include "HttpMsg.h"
-#include "TextException.h"
#include "adaptation/Message.h"
+#include "base/TextException.h"
+#include "HttpMsg.h"
Adaptation::Message::Message(): header(NULL)
{
/*
- * DEBUG: section XXX
+ * DEBUG: section 93 Adaptation
*/
#include "squid.h"
}
return NULL;
}
+
+void Adaptation::DetachServices()
+{
+ while (!AllServices().empty())
+ AllServices().pop_back()->detach();
+}
Service(const ServiceConfig &aConfig);
virtual ~Service();
- // call when the service is no longer needed or valid
- virtual void invalidate() = 0;
-
virtual bool probed() const = 0; // see comments above
virtual bool broken() const;
virtual bool up() const = 0; // see comments above
virtual void finalize(); // called after creation
+ /// called when removed from the config; the service will be
+ /// auto-destroyed when the last refcounting user leaves
+ virtual void detach() = 0;
+ /// whether detached() was called
+ virtual bool detached() const = 0;
+
protected:
ServiceConfig &writeableCfg() { return theConfig; }
extern Services &AllServices();
extern ServicePointer FindService(const Service::Id &key);
+/// detach all adaptation services from current configuration
+extern void DetachServices();
+
} // namespace Adaptation
#endif /* SQUID_ADAPTATION__SERVICE_H */
/*
- * DEBUG: section XXX
+ * DEBUG: section 93 Adaptation
*/
#include "squid.h"
Adaptation::ServiceConfig::grokUri(const char *value)
{
// TODO: find core code that parses URLs and extracts various parts
+ // AYJ: most of this is duplicate of urlParse() in src/url.cc
if (!value || !*value) {
debugs(3, 0, HERE << cfg_filename << ':' << config_lineno << ": " <<
bool have_port = false;
- if ((e = strchr(s, ':')) != NULL) {
- have_port = true;
- } else if ((e = strchr(s, '/')) != NULL) {
- have_port = false;
+ int len = 0;
+ if (*s == '[') {
+ const char *t;
+ if ((t = strchr(s, ']')) == NULL)
+ return false;
+
+ s++;
+ len = t - s;
+ if ((e = strchr(t, ':')) != NULL) {
+ have_port = true;
+ } else if ((e = strchr(t, '/')) != NULL) {
+ have_port = false;
+ } else {
+ return false;
+ }
} else {
- return false;
+ if ((e = strchr(s, ':')) != NULL) {
+ have_port = true;
+ } else if ((e = strchr(s, '/')) != NULL) {
+ have_port = false;
+ } else {
+ return false;
+ }
+ len = e - s;
}
- int len = e - s;
host.limitInit(s, len);
s = e;
-
/*
* $Id$
+ * DEBUG: section 93 eCAP Interface
*/
-
#include "squid.h"
-#include <libecap/common/registry.h>
#include "adaptation/ecap/Host.h"
#include "adaptation/ecap/ServiceRep.h"
#include "adaptation/ecap/Config.h"
Adaptation::Ecap::Config::finalize()
{
Adaptation::Config::finalize();
- libecap::shared_ptr<Adaptation::Ecap::Host> host(new Adaptation::Ecap::Host);
- libecap::RegisterHost(host);
+ Host::Register();
+ CheckUnusedAdapterServices(AllServices());
}
Adaptation::ServicePointer
-
/*
* $Id$
- *
+ * DEBUG: section 93 eCAP Interface
*/
#ifndef SQUID_ECAP_CONFIG_H
+/*
+ * DEBUG: section 93 eCAP Interface
+ */
#include "squid.h"
#include <libecap/adapter/service.h>
#include <libecap/common/names.h>
-#include "TextException.h"
+#include <libecap/common/registry.h>
+#include "base/TextException.h"
#include "adaptation/ecap/ServiceRep.h"
#include "adaptation/ecap/Host.h"
const libecap::Name Adaptation::Ecap::protocolHtcp("Htcp", libecap::Name::NextId());
#endif
+/// the host application (i.e., Squid) wrapper registered with libecap
+static libecap::shared_ptr<Adaptation::Ecap::Host> TheHost;
+
Adaptation::Ecap::Host::Host()
{
// assign our host-specific IDs to well-known names
+ // this code can run only once
+
libecap::headerReferer.assignHostId(HDR_REFERER);
libecap::protocolHttp.assignHostId(PROTO_HTTP);
void
Adaptation::Ecap::Host::noteService(const libecap::weak_ptr<libecap::adapter::Service> &weak)
{
- // Many ecap_service lines may use the same service URI. Find each
- // matching service rep, make sure it is an eCAP rep,
- // and update it with the actual eCAP service.
- int found = 0;
-
- libecap::shared_ptr<libecap::adapter::Service> shared(weak);
- typedef Adaptation::Services::iterator SI;
- for (SI i = Adaptation::AllServices().begin(); i != Adaptation::AllServices().end(); ++i) {
- if ((*i)->cfg().uri == shared->uri().c_str()) {
- ServiceRep *rep = dynamic_cast<ServiceRep*>(i->getRaw());
- Must(rep);
- rep->noteService(shared);
- ++found;
- }
- }
-
- debugs(93,5, HERE << "Found " << found << " ecap_service configs for " <<
- shared->uri());
- if (!found) {
- debugs(93,1, "Warning: ignoring loaded eCAP module service without " <<
- "a matching ecap_service configuration: " << shared->uri());
- }
+ Must(!weak.expired());
+ RegisterAdapterService(weak.lock());
}
static int
if (debug)
Debug::finishDebug();
}
+
+void
+Adaptation::Ecap::Host::Register()
+{
+ if (!TheHost) {
+ TheHost.reset(new Adaptation::Ecap::Host);
+ libecap::RegisterHost(TheHost);
+ }
+}
-
/*
* $Id$
+ * DEBUG: section 93 eCAP Interface
*/
#ifndef SQUID_ECAP_HOST_H
class Host : public libecap::host::Host
{
public:
- Host();
-
// About
virtual std::string uri() const; // unique across all vendors
virtual void describe(std::ostream &os) const; // free-format info
// Logging
virtual std::ostream *openDebug(libecap::LogVerbosity lv);
virtual void closeDebug(std::ostream *debug);
+
+ static void Register(); ///< register adaptation host
+
+private:
+ Host();
+ Host (const Host&); ///< not implemented
+ Host& operator= (const Host&); ///< not implemented
};
extern const libecap::Name protocolInternal;
/*
- * DEBUG: section XXX
+ * DEBUG: section 93 eCAP Interface
*/
-
#include "squid.h"
#include "HttpRequest.h"
#include "HttpReply.h"
#include "BodyPipe.h"
-#include "TextException.h"
#include <libecap/common/names.h>
#include <libecap/common/area.h>
#include <libecap/common/version.h>
#include "adaptation/ecap/MessageRep.h"
#include "adaptation/ecap/XactionRep.h"
#include "adaptation/ecap/Host.h" /* for protocol constants */
+#include "base/TextException.h"
/* HeaderRep */
const String value = squidId == HDR_OTHER ?
theHeader.getByName(name.image().c_str()) :
theHeader.getStrOrList(squidId);
- return Value::FromTempString(value.termedBuf());
+ return value.defined() ?
+ Value::FromTempString(value.termedBuf()) : Value();
}
void
-
/*
* $Id$
+ * DEBUG: section 93 eCAP Interface
*/
#ifndef SQUID__ECAP__MESSAGE_REP_H
+/*
+ * DEBUG: section 93 eCAP Interface
+ */
#include "squid.h"
+#include <list>
#include <libecap/adapter/service.h>
-#include "TextException.h"
#include "adaptation/ecap/ServiceRep.h"
#include "adaptation/ecap/XactionRep.h"
+#include "base/TextException.h"
+
+// configured eCAP service wrappers
+static std::list<Adaptation::Ecap::ServiceRep::AdapterService> TheServices;
Adaptation::Ecap::ServiceRep::ServiceRep(const Adaptation::ServiceConfig &cfg):
- /*AsyncJob("Adaptation::Ecap::ServiceRep"),*/ Adaptation::Service(cfg)
+ /*AsyncJob("Adaptation::Ecap::ServiceRep"),*/ Adaptation::Service(cfg),
+ isDetached(false)
{
}
{
}
-void Adaptation::Ecap::ServiceRep::noteService(const AdapterService &s)
-{
- Must(s != NULL);
- theService = s;
- debugs(93,7, HERE << "matched loaded and configured eCAP services: " <<
- s->uri() << ' ' << cfg().key << "\n");
-}
-
-void Adaptation::Ecap::ServiceRep::invalidate()
-{
- theService->retire();
- theService.reset();
-}
-
void Adaptation::Ecap::ServiceRep::noteFailure()
{
assert(false); // XXX: should this be ICAP-specific?
Adaptation::Ecap::ServiceRep::finalize()
{
Adaptation::Service::finalize();
+ theService = FindAdapterService(cfg().uri);
if (theService) {
debugs(93,3, HERE << "starting eCAP service: " << theService->uri());
theService->start();
// returns a temporary string depicting service status, for debugging
const char *Adaptation::Ecap::ServiceRep::status() const
{
- assert(false); // move generic stuff from ICAP to Adaptation
- // add theService->status()?
- return NULL;
+ // TODO: move generic stuff from eCAP and ICAP to Adaptation
+ static MemBuf buf;
+
+ buf.reset();
+ buf.append("[", 1);
+
+ if (up())
+ buf.append("up", 2);
+ else
+ buf.append("down", 4);
+
+ if (detached())
+ buf.append(",detached", 9);
+
+ buf.append("]", 1);
+ buf.terminate();
+
+ return buf.content();
+}
+
+void Adaptation::Ecap::ServiceRep::detach()
+{
+ isDetached = true;
+}
+
+bool Adaptation::Ecap::ServiceRep::detached() const
+{
+ return isDetached;
+}
+
+Adaptation::Ecap::ServiceRep::AdapterService
+Adaptation::Ecap::FindAdapterService(const String& serviceUri)
+{
+ typedef std::list<ServiceRep::AdapterService>::const_iterator ASCI;
+ for (ASCI s = TheServices.begin(); s != TheServices.end(); ++s) {
+ Must(*s);
+ if (serviceUri == (*s)->uri().c_str())
+ return *s;
+ }
+ return ServiceRep::AdapterService();
+}
+
+void
+Adaptation::Ecap::RegisterAdapterService(const Adaptation::Ecap::ServiceRep::AdapterService& adapterService)
+{
+ typedef std::list<ServiceRep::AdapterService>::iterator ASI;
+ for (ASI s = TheServices.begin(); s != TheServices.end(); ++s) {
+ Must(*s);
+ if (adapterService->uri() == (*s)->uri()) {
+ *s = adapterService;
+ debugs(93, 3, "updated eCAP module service: " <<
+ adapterService->uri());
+ return;
+ }
+ }
+ TheServices.push_back(adapterService);
+ debugs(93, 3, "registered eCAP module service: " << adapterService->uri());
+}
+
+void
+Adaptation::Ecap::UnregisterAdapterService(const String& serviceUri)
+{
+ typedef std::list<ServiceRep::AdapterService>::iterator ASI;
+ for (ASI s = TheServices.begin(); s != TheServices.end(); ++s) {
+ if (serviceUri == (*s)->uri().c_str()) {
+ TheServices.erase(s);
+ debugs(93, 3, "unregistered eCAP module service: " << serviceUri);
+ return;
+ }
+ }
+ debugs(93, 3, "failed to unregister eCAP module service: " << serviceUri);
+}
+
+void
+Adaptation::Ecap::CheckUnusedAdapterServices(const Adaptation::Services& cfgs)
+{
+ typedef std::list<ServiceRep::AdapterService>::const_iterator ASCI;
+ for (ASCI loaded = TheServices.begin(); loaded != TheServices.end();
+ ++loaded) {
+ bool found = false;
+ for (Services::const_iterator cfged = cfgs.begin();
+ cfged != cfgs.end() && !found; ++cfged) {
+ found = (*cfged)->cfg().uri == (*loaded)->uri().c_str();
+ }
+ if (!found)
+ debugs(93, 1, "Warning: loaded eCAP service has no matching " <<
+ "ecap_service config option: " << (*loaded)->uri());
+ }
}
-
/*
* $Id$
+ * DEBUG: section 93 eCAP Interface
*/
#ifndef SQUID_ECAP_SERVICE_REP_H
virtual ~ServiceRep();
typedef libecap::shared_ptr<libecap::adapter::Service> AdapterService;
- void noteService(const AdapterService &s);
virtual void finalize();
- // call when the service is no longer needed or valid
- virtual void invalidate();
-
virtual bool probed() const;
virtual bool up() const;
virtual const char *status() const;
+ virtual void detach();
+ virtual bool detached() const;
+
private:
AdapterService theService; // the actual adaptation service we represent
+ bool isDetached;
};
+/// register loaded eCAP module service
+extern void RegisterAdapterService(const ServiceRep::AdapterService& adapterService);
+/// unregister loaded eCAP module service by service uri
+extern void UnregisterAdapterService(const String& serviceUri);
+
+/// returns loaded eCAP module service by service uri
+extern ServiceRep::AdapterService FindAdapterService(const String& serviceUri);
+
+/// check for loaded eCAP services without matching ecap_service in squid.conf
+extern void CheckUnusedAdapterServices(const Services& services);
} // namespace Ecap
} // namespace Adaptation
+/*
+ * DEBUG: section 93 eCAP Interface
+ */
#include "squid.h"
#include <libecap/common/area.h>
#include <libecap/common/delay.h>
#include <libecap/adapter/xaction.h>
-#include "TextException.h"
#include "HttpRequest.h"
#include "HttpReply.h"
#include "SquidTime.h"
#include "adaptation/ecap/XactionRep.h"
+#include "base/TextException.h"
CBDATA_NAMESPACED_CLASS_INIT(Adaptation::Ecap::XactionRep, XactionRep);
-
/*
* $Id$
+ * DEBUG: section 93 eCAP Interface
*/
#ifndef SQUID_ECAP_XACTION_REP_H
Adaptation::Icap::Config Adaptation::Icap::TheConfig;
Adaptation::Icap::Config::Config(): preview_enable(0), preview_size(0),
+ allow206_enable(0),
connect_timeout_raw(0), io_timeout_raw(0), reuse_connections(0),
client_username_header(NULL), client_username_encode(0), repeat(NULL)
{
Adaptation::ServicePointer
Adaptation::Icap::Config::createService(const Adaptation::ServiceConfig &cfg)
{
- Adaptation::Icap::ServiceRep::Pointer s = new Adaptation::Icap::ServiceRep(cfg);
- s->setSelf(s);
- return s.getRaw();
+ return new Adaptation::Icap::ServiceRep(cfg);
}
time_t Adaptation::Icap::Config::connect_timeout(bool bypassable) const
int default_options_ttl;
int preview_enable;
int preview_size;
+ int allow206_enable;
time_t connect_timeout_raw;
time_t io_timeout_raw;
int reuse_connections;
const XactOutcome xoError = "ICAP_ERR_OTHER";
const XactOutcome xoOpt = "ICAP_OPT";
const XactOutcome xoEcho = "ICAP_ECHO";
+const XactOutcome xoPartEcho = "ICAP_PART_ECHO";
const XactOutcome xoModified = "ICAP_MOD";
const XactOutcome xoSatisfied = "ICAP_SAT";
extern const XactOutcome xoError; ///< all kinds of transaction errors
extern const XactOutcome xoOpt; ///< OPTION transaction
extern const XactOutcome xoEcho; ///< preserved virgin message (ICAP 204)
+extern const XactOutcome xoPartEcho; ///< preserved virgin msg part (ICAP 206)
extern const XactOutcome xoModified; ///< replaced virgin msg with adapted
extern const XactOutcome xoSatisfied; ///< request satisfaction
/*
- * DEBUG: section 93 ICAP (RFC 3507) Client
+ * DEBUG: section 93 ICAP (RFC 3507) Client
*/
#include "squid.h"
-#include "TextException.h"
-#include "HttpRequest.h"
-#include "HttpReply.h"
#include "acl/FilledChecklist.h"
-#include "HttpMsg.h"
#include "adaptation/icap/Launcher.h"
#include "adaptation/icap/Xaction.h"
#include "adaptation/icap/ServiceRep.h"
#include "adaptation/icap/Config.h"
+#include "base/TextException.h"
+#include "HttpMsg.h"
+#include "HttpRequest.h"
+#include "HttpReply.h"
Adaptation::Icap::Launcher::Launcher(const char *aTypeName,
*/
#include "squid.h"
+#include "AccessLogEntry.h"
+#include "adaptation/History.h"
+#include "adaptation/icap/Client.h"
+#include "adaptation/icap/Config.h"
+#include "adaptation/icap/History.h"
+#include "adaptation/icap/Launcher.h"
+#include "adaptation/icap/ModXact.h"
+#include "adaptation/icap/ServiceRep.h"
+#include "adaptation/Initiator.h"
+#include "auth/UserRequest.h"
+#include "base/TextException.h"
+#include "ChunkedCodingParser.h"
#include "comm.h"
#include "HttpMsg.h"
#include "HttpRequest.h"
#include "HttpReply.h"
-#include "adaptation/Initiator.h"
-#include "adaptation/icap/ServiceRep.h"
-#include "adaptation/icap/Launcher.h"
-#include "adaptation/icap/ModXact.h"
-#include "adaptation/icap/Client.h"
-#include "ChunkedCodingParser.h"
-#include "TextException.h"
-#include "auth/UserRequest.h"
-#include "adaptation/icap/Config.h"
#include "SquidTime.h"
-#include "AccessLogEntry.h"
-#include "adaptation/icap/History.h"
-#include "adaptation/History.h"
// flow and terminology:
// HTTP| --> receive --> encode --> write --> |network
handle204NoContent();
break;
+ case 206:
+ handle206PartialContent();
+ break;
+
default:
debugs(93, 5, HERE << "ICAP status " << icapReply->sline.status);
handleUnknownScode();
// server must not respond before the end of preview: we may send ieof
Must(preview.enabled() && preview.done() && !preview.ieof());
- // 100 "Continue" cancels our preview commitment, not 204s outside preview
- if (!state.allowedPostview204)
+ // 100 "Continue" cancels our Preview commitment,
+ // but not commitment to handle 204 or 206 outside Preview
+ if (!state.allowedPostview204 && !state.allowedPostview206)
stopBackup();
state.parsing = State::psIcapHeader; // eventually
prepEchoing();
}
+void Adaptation::Icap::ModXact::handle206PartialContent()
+{
+ if (state.writing == State::writingPaused) {
+ Must(preview.enabled());
+ Must(state.allowedPreview206);
+ debugs(93, 7, HERE << "206 inside preview");
+ } else {
+ Must(state.writing > State::writingPaused);
+ Must(state.allowedPostview206);
+ debugs(93, 7, HERE << "206 outside preview");
+ }
+ state.parsing = State::psHttpHeader;
+ state.sending = State::sendingAdapted;
+ state.readyForUob = true;
+ checkConsuming();
+}
+
// Called when we receive a 204 No Content response and
// when we are trying to bypass a service failure.
// We actually start sending (echoig or not) in startSending.
}
}
+/// Called when we received use-original-body chunk extension in 206 response.
+/// We actually start sending (echoing or not) in startSending().
+void Adaptation::Icap::ModXact::prepPartialBodyEchoing(uint64_t pos)
+{
+ Must(virginBodySending.active());
+ Must(virgin.header->body_pipe != NULL);
+
+ setOutcome(xoPartEcho);
+
+ debugs(93, 7, HERE << "will echo virgin body suffix from " <<
+ virgin.header->body_pipe << " offset " << pos );
+
+ // check that use-original-body=N does not point beyond buffered data
+ const uint64_t virginDataEnd = virginConsumed +
+ virgin.body_pipe->buf().contentSize();
+ Must(pos <= virginDataEnd);
+ virginBodySending.progress(static_cast<size_t>(pos));
+
+ state.sending = State::sendingVirgin;
+ checkConsuming();
+
+ if (virgin.header->body_pipe->bodySizeKnown())
+ adapted.body_pipe->expectProductionEndAfter(virgin.header->body_pipe->bodySize() - pos);
+
+ debugs(93, 7, HERE << "will echo virgin body suffix to " <<
+ adapted.body_pipe);
+
+ // Start echoing data
+ echoMore();
+}
+
void Adaptation::Icap::ModXact::handleUnknownScode()
{
stopParsing();
}
if (parsed) {
+ if (state.readyForUob && bodyParser->useOriginBody >= 0) {
+ prepPartialBodyEchoing(
+ static_cast<uint64_t>(bodyParser->useOriginBody));
+ stopParsing();
+ return;
+ }
+
stopParsing();
stopSending(true); // the parser succeeds only if all parsed data fits
return;
if (preview.enabled()) {
buf.Printf("Preview: %d\r\n", (int)preview.ad());
- if (virginBody.expected()) // there is a body to preview
- virginBodySending.plan();
- else
+ if (!virginBody.expected()) // there is no body to preview
finishNullOrEmptyBodyPreview(httpBuf);
}
- if (shouldAllow204()) {
- debugs(93,5, HERE << "will allow 204s outside of preview");
- state.allowedPostview204 = true;
- buf.Printf("Allow: 204\r\n");
- if (virginBody.expected()) // there is a body to echo
- virginBodySending.plan();
- }
+ makeAllowHeader(buf);
if (TheConfig.send_client_ip && request) {
- IpAddress client_addr;
+ Ip::Address client_addr;
#if FOLLOW_X_FORWARDED_FOR
if (TheConfig.icap_uses_indirect_client) {
client_addr = request->indirect_client_addr;
httpBuf.clean();
}
+// decides which Allow values to write and updates the request buffer
+void Adaptation::Icap::ModXact::makeAllowHeader(MemBuf &buf)
+{
+ const bool allow204in = preview.enabled(); // TODO: add shouldAllow204in()
+ const bool allow204out = state.allowedPostview204 = shouldAllow204();
+ const bool allow206in = state.allowedPreview206 = shouldAllow206in();
+ const bool allow206out = state.allowedPostview206 = shouldAllow206out();
+
+ debugs(93,9, HERE << "Allows: " << allow204in << allow204out <<
+ allow206in << allow206out);
+
+ const bool allow204 = allow204in || allow204out;
+ const bool allow206 = allow206in || allow206out;
+
+ if (!allow204 && !allow206)
+ return; // nothing to do
+
+ if (virginBody.expected()) // if there is a virgin body, plan to send it
+ virginBodySending.plan();
+
+ // writing Preview:... means we will honor 204 inside preview
+ // writing Allow/204 means we will honor 204 outside preview
+ // writing Allow:206 means we will honor 206 inside preview
+ // writing Allow:204,206 means we will honor 206 outside preview
+ const char *allowHeader = NULL;
+ if (allow204out && allow206)
+ allowHeader = "Allow: 204, 206\r\n";
+ else if (allow204out)
+ allowHeader = "Allow: 204\r\n";
+ else if (allow206)
+ allowHeader = "Allow: 206\r\n";
+
+ if (allowHeader) { // may be nil if only allow204in is true
+ buf.append(allowHeader, strlen(allowHeader));
+ debugs(93,5, HERE << "Will write " << allowHeader);
+ }
+}
+
void Adaptation::Icap::ModXact::makeUsernameHeader(const HttpRequest *request, MemBuf &buf)
{
- if (const AuthUserRequest *auth = request->auth_user_request) {
- if (char const *name = auth->username()) {
- const char *value = TheConfig.client_username_encode ?
- base64_encode(name) : name;
- buf.Printf("%s: %s\r\n", TheConfig.client_username_header,
- value);
+ if (request->auth_user_request != NULL) {
+ char const *name = request->auth_user_request->username();
+ if (name) {
+ const char *value = TheConfig.client_username_encode ? base64_encode(name) : name;
+ buf.Printf("%s: %s\r\n", TheConfig.client_username_header, value);
}
}
}
return canBackupEverything();
}
+// decides whether to allow 206 responses in some mode
+bool Adaptation::Icap::ModXact::shouldAllow206any()
+{
+ return TheConfig.allow206_enable && service().allows206() &&
+ virginBody.expected(); // no need for 206 without a body
+}
+
+// decides whether to allow 206 responses in preview mode
+bool Adaptation::Icap::ModXact::shouldAllow206in()
+{
+ return shouldAllow206any() && preview.enabled();
+}
+
+// decides whether to allow 206 responses outside of preview
+bool Adaptation::Icap::ModXact::shouldAllow206out()
+{
+ return shouldAllow206any() && canBackupEverything();
+}
+
// used by shouldAllow204 and decideOnRetries
bool Adaptation::Icap::ModXact::canBackupEverything() const
{
if (!doneSending() && state.sending != State::sendingUndecided)
buf.Printf("S(%d)", state.sending);
+ if (state.readyForUob)
+ buf.append("6", 1);
+
if (canStartBypass)
buf.append("Y", 1);
bool virginBodyEndReached(const VirginBodyAct &act) const;
void makeRequestHeaders(MemBuf &buf);
+ void makeAllowHeader(MemBuf &buf);
void makeUsernameHeader(const HttpRequest *request, MemBuf &buf);
void addLastRequestChunk(MemBuf &buf);
void openChunk(MemBuf &buf, size_t chunkSize, bool ieof);
void decideOnPreview();
void decideOnRetries();
bool shouldAllow204();
+ bool shouldAllow206any();
+ bool shouldAllow206in();
+ bool shouldAllow206out();
bool canBackupEverything() const;
void prepBackup(size_t expectedSize);
bool validate200Ok();
void handle200Ok();
void handle204NoContent();
+ void handle206PartialContent();
void handleUnknownScode();
void bypassFailure();
void disableBypass(const char *reason, bool includeGroupBypass);
void prepEchoing();
+ void prepPartialBodyEchoing(uint64_t pos);
void echoMore();
virtual bool doneAll() const;
bool serviceWaiting; // waiting for ICAP service options
bool allowedPostview204; // mmust handle 204 No Content outside preview
+ bool allowedPostview206; // must handle 206 Partial Content outside preview
+ bool allowedPreview206; // must handle 206 Partial Content inside preview
+ bool readyForUob; ///< got a 206 response and expect a use-origin-body
// will not write anything [else] to the ICAP server connection
bool doneWriting() const { return writing == writingReallyDone; }
// will not use virgin.body_pipe
bool doneConsumingVirgin() const {
return writing >= writingAlmostDone
- && (sending == sendingAdapted || sending == sendingDone);
+ && ((sending == sendingAdapted && !readyForUob) ||
+ sending == sendingDone);
}
// parsed entire ICAP response from the ICAP server
#include "adaptation/icap/OptXact.h"
#include "adaptation/icap/Options.h"
-#include "TextException.h"
+#include "adaptation/icap/Config.h"
+#include "base/TextException.h"
#include "SquidTime.h"
#include "HttpRequest.h"
buf.Printf("OPTIONS " SQUIDSTRINGPH " ICAP/1.0\r\n", SQUIDSTRINGPRINT(uri));
const String host = s.cfg().host;
buf.Printf("Host: " SQUIDSTRINGPH ":%d\r\n", SQUIDSTRINGPRINT(host), s.cfg().port);
+ if (TheConfig.allow206_enable)
+ buf.Printf("Allow: 206\r\n");
buf.append(ICAP::crlf, 2);
// XXX: HttpRequest cannot fully parse ICAP Request-Line
#include "squid.h"
-#include "wordlist.h"
-#include "HttpReply.h"
-#include "adaptation/icap/Options.h"
-#include "TextException.h"
#include "adaptation/icap/Config.h"
+#include "adaptation/icap/Options.h"
+#include "base/TextException.h"
+#include "HttpReply.h"
#include "SquidTime.h"
+#include "wordlist.h"
Adaptation::Icap::Options::Options(): error("unconfigured"),
max_connections(-1), allow204(false),
+ allow206(false),
preview(-1), theTTL(-1)
{
theTransfers.preview.name = "Transfer-Preview";
if (h->hasListMember(HDR_ALLOW, "204", ','))
allow204 = true;
+ if (h->hasListMember(HDR_ALLOW, "206", ','))
+ allow206 = true;
+
cfgIntHeader(h, "Preview", preview);
cfgTransferList(h, theTransfers.preview);
String serviceId;
int max_connections;
bool allow204;
+ bool allow206;
int preview;
protected:
*/
#include "squid.h"
-#include "TextException.h"
-#include "HttpReply.h"
-#include "adaptation/icap/ServiceRep.h"
+#include "adaptation/icap/Config.h"
+#include "adaptation/icap/ModXact.h"
#include "adaptation/icap/Options.h"
#include "adaptation/icap/OptXact.h"
+#include "adaptation/icap/ServiceRep.h"
+#include "base/TextException.h"
#include "ConfigParser.h"
-#include "adaptation/icap/Config.h"
-#include "adaptation/icap/ModXact.h"
+#include "HttpReply.h"
#include "SquidTime.h"
CBDATA_NAMESPACED_CLASS_INIT(Adaptation::Icap, ServiceRep);
Adaptation::Icap::ServiceRep::ServiceRep(const Adaptation::ServiceConfig &svcCfg):
AsyncJob("Adaptation::Icap::ServiceRep"), Adaptation::Service(svcCfg),
theOptions(NULL), theOptionsFetcher(0), theLastUpdate(0),
- theSessionFailures(0), isSuspended(0), notifying(false),
- updateScheduled(false), self(NULL),
- wasAnnouncedUp(true) // do not announce an "up" service at startup
+ isSuspended(0), notifying(false),
+ updateScheduled(false),
+ wasAnnouncedUp(true), // do not announce an "up" service at startup
+ isDetached(false)
{}
Adaptation::Icap::ServiceRep::~ServiceRep()
{
Must(!theOptionsFetcher);
- changeOptions(0);
-}
-
-void
-Adaptation::Icap::ServiceRep::setSelf(Pointer &aSelf)
-{
- assert(!self && aSelf != NULL);
- self = aSelf;
+ delete theOptions;
}
void
Adaptation::Icap::ServiceRep::finalize()
{
Adaptation::Service::finalize();
- assert(self != NULL);
// use /etc/services or default port if needed
const bool have_port = cfg().port >= 0;
writeableCfg().port = 1344;
}
}
-}
-void Adaptation::Icap::ServiceRep::invalidate()
-{
- assert(self != NULL);
- Pointer savedSelf = self; // to prevent destruction when we nullify self
- self = NULL;
-
- announceStatusChange("invalidated by reconfigure", false);
-
- savedSelf = NULL; // may destroy us and, hence, invalidate cbdata(this)
- // TODO: it would be nice to invalidate cbdata(this) when not destroyed
+ theSessionFailures.configure(TheConfig.oldest_service_failure > 0 ?
+ TheConfig.oldest_service_failure : -1);
}
void Adaptation::Icap::ServiceRep::noteFailure()
{
- ++theSessionFailures;
- debugs(93,4, HERE << " failure " << theSessionFailures << " out of " <<
- TheConfig.service_failure_limit << " allowed " << status());
+ const int failures = theSessionFailures.count(1);
+ debugs(93,4, HERE << " failure " << failures << " out of " <<
+ TheConfig.service_failure_limit << " allowed in " <<
+ TheConfig.oldest_service_failure << "sec " << status());
if (isSuspended)
return;
if (TheConfig.service_failure_limit >= 0 &&
- theSessionFailures > TheConfig.service_failure_limit)
+ failures > TheConfig.service_failure_limit)
suspend("too many failures");
// TODO: Should bypass setting affect how much Squid tries to talk to
bool Adaptation::Icap::ServiceRep::up() const
{
- return self != NULL && !isSuspended && hasOptions();
+ return !isSuspended && hasOptions();
}
bool Adaptation::Icap::ServiceRep::wantsUrl(const String &urlPath) const
return true; // in the future, we may have ACLs to prevent 204s
}
+bool Adaptation::Icap::ServiceRep::allows206() const
+{
+ Must(hasOptions());
+ if (theOptions->allow206)
+ return true; // in the future, we may have ACLs to prevent 206s
+ return false;
+}
+
static
void ServiceRep_noteTimeToUpdate(void *data)
void Adaptation::Icap::ServiceRep::noteTimeToUpdate()
{
- if (self != NULL)
+ if (!detached())
updateScheduled = false;
- if (!self || theOptionsFetcher) {
+ if (detached() || theOptionsFetcher) {
debugs(93,5, HERE << "ignores options update " << status());
return;
}
debugs(93,5, HERE << "Adaptation::Icap::Service is asked to call " << *cb <<
" when ready " << status());
- Must(self != NULL);
Must(!broken()); // we do not wait for a broken service
Client i;
- i.service = self; // TODO: is this really needed?
+ i.service = Pointer(this); // TODO: is this really needed?
i.callback = cb;
theClients.push_back(i);
bool Adaptation::Icap::ServiceRep::needNewOptions() const
{
- return self != NULL && !up();
+ return !detached() && !up();
}
void Adaptation::Icap::ServiceRep::changeOptions(Adaptation::Icap::Options *newOptions)
delete theOptions;
theOptions = newOptions;
- theSessionFailures = 0;
+ theSessionFailures.clear();
isSuspended = 0;
theLastUpdate = squid_curtime;
buf.append("up", 2);
else {
buf.append("down", 4);
- if (!self)
- buf.append(",gone", 5);
if (isSuspended)
buf.append(",susp", 5);
buf.append(",stale", 6);
}
+ if (detached())
+ buf.append(",detached", 9);
+
if (theOptionsFetcher)
buf.append(",fetch", 6);
if (notifying)
buf.append(",notif", 6);
- if (theSessionFailures > 0)
- buf.Printf(",fail%d", theSessionFailures);
+ if (const int failures = theSessionFailures.remembered())
+ buf.Printf(",fail%d", failures);
buf.append("]", 1);
buf.terminate();
return buf.content();
}
+
+void Adaptation::Icap::ServiceRep::detach()
+{
+ debugs(93,3, HERE << "detaching ICAP service: " << cfg().uri <<
+ ' ' << status());
+ isDetached = true;
+}
+
+bool Adaptation::Icap::ServiceRep::detached() const
+{
+ return isDetached;
+}
#define SQUID_ICAPSERVICEREP_H
#include "cbdata.h"
+#include "FadingCounter.h"
#include "adaptation/Service.h"
#include "adaptation/forward.h"
#include "adaptation/Initiator.h"
ServiceRep(const Adaptation::ServiceConfig &config);
virtual ~ServiceRep();
- void setSelf(Pointer &aSelf); // needs self pointer for OptXact
virtual void finalize();
- void invalidate(); // call when the service is no longer needed or valid
-
- bool probed() const; // see comments above
- bool up() const; // see comments above
+ virtual bool probed() const; // see comments above
+ virtual bool up() const; // see comments above
virtual Adaptation::Initiate *makeXactLauncher(Adaptation::Initiator *, HttpMsg *virginHeader, HttpRequest *virginCause);
bool wantsUrl(const String &urlPath) const;
bool wantsPreview(const String &urlPath, size_t &wantedSize) const;
bool allows204() const;
+ bool allows206() const;
void noteFailure(); // called by transactions to report service failure
//AsyncJob virtual methods
virtual bool doneAll() const { return Adaptation::Initiator::doneAll() && false;}
+ virtual void detach();
+ virtual bool detached() const;
+
public: // treat these as private, they are for callbacks only
void noteTimeToUpdate();
void noteTimeToNotify();
Adaptation::Initiate *theOptionsFetcher; // pending ICAP OPTIONS transaction
time_t theLastUpdate; // time the options were last updated
- static const int TheSessionFailureLimit;
- int theSessionFailures;
+ FadingCounter theSessionFailures;
const char *isSuspended; // also stores suspension reason for debugging
bool notifying; // may be true in any state except for the initial
const char *status() const;
- Pointer self;
mutable bool wasAnnouncedUp; // prevent sequential same-state announcements
+ bool isDetached;
CBDATA_CLASS2(ServiceRep);
};
#include "adaptation/icap/Xaction.h"
#include "adaptation/icap/Launcher.h"
#include "adaptation/icap/Config.h"
-#include "TextException.h"
+#include "base/TextException.h"
#include "pconn.h"
#include "HttpRequest.h"
#include "HttpReply.h"
// TODO: obey service-specific, OPTIONS-reported connection limit
void Adaptation::Icap::Xaction::openConnection()
{
- IpAddress client_addr;
+ Ip::Address client_addr;
Must(connection < 0);
disableRetries(); // we only retry pconn failures
- IpAddress outgoing;
+ Ip::Address outgoing;
connection = comm_open(SOCK_STREAM, 0, outgoing,
COMM_NONBLOCKING, s.cfg().uri.termedBuf());
}
if (reuseConnection) {
- IpAddress client_addr;
+ Ip::Address client_addr;
//status() adds leading spaces.
debugs(93,3, HERE << "pushing pconn" << status());
AsyncCall::Pointer call = NULL;
{
debugs(93, 2, HERE << typeName <<
" failed to connect to " << service().cfg().uri);
- theService->noteFailure();
throw TexcHere("cannot connect to the ICAP service");
}
theService->cfg().methodStr() << " " <<
theService->cfg().uri << status());
reuseConnection = false;
- service().noteFailure();
-
throw TexcHere(connector != NULL ?
"timed out while connecting to the ICAP service" :
"timed out while talking to the ICAP service");
void Adaptation::Icap::Xaction::callException(const std::exception &e)
{
setOutcome(xoError);
+ service().noteFailure();
Adaptation::Initiate::callException(e);
}
/* get authed here */
/* Note: this fills in auth_user_request when applicable */
- /*
- * DPW 2007-05-08
- * tryToAuthenticateAndSetAuthUser used to try to lock and
- * unlock auth_user_request on our behalf, but it was too
- * ugly and hard to follow. Now we do our own locking here.
- *
- * I'm not sure what tryToAuthenticateAndSetAuthUser does when
- * auth_user_request is set before calling. I'm tempted to
- * unlock and set it to NULL, but it seems safer to save the
- * pointer before calling and unlock it afterwards. If the
- * pointer doesn't change then its a no-op.
- */
- AuthUserRequest *old_auth_user_request = checklist->auth_user_request;
- const auth_acl_t result = AuthUserRequest::tryToAuthenticateAndSetAuthUser(
- &checklist->auth_user_request, headertype, request,
- checklist->conn(), checklist->src_addr);
- if (checklist->auth_user_request)
- AUTHUSERREQUESTLOCK(checklist->auth_user_request, "ACLAuth::authenticated");
- AUTHUSERREQUESTUNLOCK(old_auth_user_request, "old ACLAuth");
+ const AuthAclState result = AuthUserRequest::tryToAuthenticateAndSetAuthUser(
+ &checklist->auth_user_request, headertype, request,
+ checklist->conn(), checklist->src_addr);
switch (result) {
case AUTH_ACL_CANNOT_AUTHENTICATE:
* 1 : Match
*/
int
-ACLMaxUserIP::match(AuthUserRequest * auth_user_request,
-
- IpAddress const &src_addr)
+ACLMaxUserIP::match(AuthUserRequest::Pointer auth_user_request, Ip::Address const &src_addr)
{
/*
* the logic for flush the ip list when the limit is hit vs keep
ti = match(checklist->auth_user_request, checklist->src_addr);
- AUTHUSERREQUESTUNLOCK(checklist->auth_user_request, "ACLChecklist via ACLMaxUserIP");
+ checklist->auth_user_request = NULL;
return ti;
}
#include "acl/Acl.h"
#include "acl/Checklist.h"
-
-class AuthUserRequest;
+#include "auth/UserRequest.h"
/// \ingroup ACLAPI
class ACLMaxUserIP : public ACL
static Prototype RegistryProtoype;
static ACLMaxUserIP RegistryEntry_;
- int match(AuthUserRequest *, IpAddress const &);
+ int match(AuthUserRequest::Pointer, Ip::Address const &);
char const *class_;
int maximum;
ACLFilledChecklist *checklist = Filled(cl);
checklist->asyncInProgress(true);
- debugs(28, 3, "ACLChecklist::checkForAsync: checking password via authenticator");
+ debugs(28, 3, HERE << "checking password via authenticator");
- AuthUserRequest *auth_user_request;
/* make sure someone created auth_user_request for us */
assert(checklist->auth_user_request != NULL);
- auth_user_request = checklist->auth_user_request;
-
- int validated = authenticateValidateUser(auth_user_request);
- assert(validated);
- auth_user_request->start(LookupDone, checklist);
+ assert(checklist->auth_user_request->valid());
+ checklist->auth_user_request->start(LookupDone, checklist);
}
void
if (result != NULL)
fatal("AclLookupProxyAuthDone: Old code floating around somewhere.\nMake clean and if that doesn't work, report a bug to the squid developers.\n");
- if (!authenticateValidateUser(checklist->auth_user_request) || checklist->conn() == NULL) {
+ if (checklist->auth_user_request == NULL || !checklist->auth_user_request->valid() || checklist->conn() == NULL) {
/* credentials could not be checked either way
* restart the whole process */
/* OR the connection was closed, there's no way to continue */
- AUTHUSERREQUESTUNLOCK(checklist->auth_user_request, "ProxyAuthLookup");
+ checklist->auth_user_request = NULL;
if (checklist->conn() != NULL) {
- AUTHUSERREQUESTUNLOCK(checklist->conn()->auth_user_request, "conn via ProxyAuthLookup"); // DPW discomfort
- checklist->conn()->auth_type = AUTH_BROKEN;
+ checklist->conn()->auth_user_request = NULL;
}
}
ACLProxyAuth::matchForCache(ACLChecklist *cl)
{
ACLFilledChecklist *checklist = Filled(cl);
- assert (checklist->auth_user_request);
+ assert (checklist->auth_user_request != NULL);
return data->match(checklist->auth_user_request->username());
}
ACLProxyAuth::matchProxyAuth(ACLChecklist *cl)
{
ACLFilledChecklist *checklist = Filled(cl);
- checkAuthForCaching(checklist);
+ if (!authenticateUserAuthenticated(Filled(checklist)->auth_user_request)) {
+ return 0;
+ }
/* check to see if we have matched the user-acl before */
- int result = cacheMatchAcl(&checklist->auth_user_request->user()->
- proxy_match_cache, checklist);
- AUTHUSERREQUESTUNLOCK(checklist->auth_user_request, "ACLChecklist via ACLProxyAuth");
+ int result = cacheMatchAcl(&checklist->auth_user_request->user()->proxy_match_cache, checklist);
+ checklist->auth_user_request = NULL;
return result;
}
-
-void
-ACLProxyAuth::checkAuthForCaching(ACLChecklist *checklist)const
-{
- /* for completeness */
- /* consistent parameters ? */
- assert(authenticateUserAuthenticated(Filled(checklist)->auth_user_request));
- /* this check completed */
-}
-
virtual bool empty () const;
virtual bool requiresRequest() const {return true;}
- virtual ACL *clone()const;
+ virtual ACL *clone() const;
virtual int matchForCache(ACLChecklist *checklist);
private:
static Prototype RegexRegistryProtoype;
static ACLProxyAuth RegexRegistryEntry_;
int matchProxyAuth(ACLChecklist *);
- void checkAuthForCaching(ACLChecklist *) const;
ACLData<char const *> *data;
char const *type_;
};
--- /dev/null
+#ifndef _SQUID__SRC_AUTH_AUTHACLSTATE_H
+#define _SQUID__SRC_AUTH_AUTHACLSTATE_H
+
+typedef enum {
+ AUTH_ACL_CHALLENGE = -2,
+ AUTH_ACL_HELPER = -1,
+ AUTH_ACL_CANNOT_AUTHENTICATE = 0,
+ AUTH_AUTHENTICATED = 1
+} AuthAclState;
+
+#endif
--- /dev/null
+#ifndef _SQUID__SRC_AUTH_AUTHTYPE_H
+#define _SQUID__SRC_AUTH_AUTHTYPE_H
+
+typedef enum {
+ AUTH_UNKNOWN, /* default */
+ AUTH_BASIC,
+ AUTH_NTLM,
+ AUTH_DIGEST,
+ AUTH_NEGOTIATE,
+ AUTH_BROKEN /* known type, but broken data */
+} AuthType;
+
+extern const char *AuthType_str[];
+
+#endif
-
/*
* $Id$
*
#include "auth/Config.h"
#include "auth/UserRequest.h"
-/* Get Auth User: Return a filled out auth_user structure for the given
+Auth::authConfig Auth::TheConfig;
+
+/**
+ * Get Auth User: Return a filled out auth_user structure for the given
* Proxy Auth (or Auth) header. It may be a cached Auth User or a new
* Unauthenticated structure. The structure is given an inital lock here.
* It may also be NULL reflecting that no user could be created.
*/
-AuthUserRequest *
+AuthUserRequest::Pointer
AuthConfig::CreateAuthUser(const char *proxy_auth)
{
assert(proxy_auth != NULL);
return NULL;
}
- AuthUserRequest *result = config->decode (proxy_auth);
-
- /*
- * DPW 2007-05-08
- * Do not lock the AuthUserRequest on the caller's behalf.
- * Callers must manage their own locks.
- */
- return result;
+ return config->decode(proxy_auth);
}
AuthConfig *
AuthConfig::Find(const char *proxy_auth)
{
- for (authConfig::iterator i = Config.authConfiguration.begin(); i != Config.authConfiguration.end(); ++i)
+ for (Auth::authConfig::iterator i = Auth::TheConfig.begin(); i != Auth::TheConfig.end(); ++i)
if (strncasecmp(proxy_auth, (*i)->type(), strlen((*i)->type())) == 0)
return *i;
#ifndef SQUID_AUTHCONFIG_H
#define SQUID_AUTHCONFIG_H
-class AuthUserRequest;
+#include "auth/UserRequest.h"
+#include "HelperChildConfig.h"
+
class StoreEntry;
class HttpReply;
class HttpRequest;
+class wordlist;
/* for http_hdr_type parameters-by-value */
#include "HttpHeader.h"
{
public:
- static AuthUserRequest *CreateAuthUser (const char *proxy_auth);
+ static AuthUserRequest::Pointer CreateAuthUser(const char *proxy_auth);
static AuthConfig *Find(const char *proxy_auth);
- AuthConfig() {}
+ AuthConfig() : authenticateChildren(20), authenticate(NULL) {}
virtual ~AuthConfig() {}
\param proxy_auth Login Pattern to parse.
\retval * Details needed to authenticate.
*/
- virtual AuthUserRequest *decode(char const *proxy_auth) = 0;
+ virtual AuthUserRequest::Pointer decode(char const *proxy_auth) = 0;
/**
* squid is finished with this config, release any unneeded resources.
*/
virtual bool configured() const = 0;
+ /**
+ * Shutdown just the auth helpers.
+ * For use by log rotate etc. where auth needs to stay running, with the helpers restarted.
+ */
+ virtual void rotateHelpers(void) = 0;
+
/**
* Responsible for writing to the StoreEntry the configuration parameters that a user
* would put in a config file to recreate the running configuration.
virtual void dump(StoreEntry *, const char *, AuthConfig *) = 0;
/** add headers as needed when challenging for auth */
- virtual void fixHeader(AuthUserRequest *, HttpReply *, http_hdr_type, HttpRequest *) = 0;
+ virtual void fixHeader(AuthUserRequest::Pointer, HttpReply *, http_hdr_type, HttpRequest *) = 0;
/** prepare to handle requests */
virtual void init(AuthConfig *) = 0;
/** expose any/all statistics to a CacheManager */
virtual void parse(AuthConfig *, int, char *) = 0;
/** the http string id */
virtual const char * type() const = 0;
+
+public:
+ HelperChildConfig authenticateChildren;
+ wordlist *authenticate;
};
+namespace Auth
+{
+
+typedef Vector<AuthConfig *> authConfig;
+
+extern authConfig TheConfig;
+
+}; // namespace Auth
+
#endif /* SQUID_AUTHCONFIG_H */
-
/*
* $Id$
*
{
int rv = 0;
- for (authConfig::iterator i = Config.authConfiguration.begin(); i != Config.authConfiguration.end(); ++i)
+ for (Auth::authConfig::iterator i = Auth::TheConfig.begin(); i != Auth::TheConfig.end(); ++i)
if ((*i)->configured())
++rv;
- debugs(29, 9, "authenticateActiveSchemeCount: " << rv << " active.");
+ debugs(29, 9, HERE << rv << " active.");
return rv;
}
int
authenticateSchemeCount(void)
{
- int rv = AuthScheme::Schemes().size();
+ int rv = AuthScheme::GetSchemes().size();
- debugs(29, 9, "authenticateSchemeCount: " << rv << " active.");
+ debugs(29, 9, HERE << rv << " active.");
return rv;
}
static void
-authenticateRegisterWithCacheManager(authConfig * config)
+authenticateRegisterWithCacheManager(Auth::authConfig * config)
{
- for (authConfig::iterator i = config->begin(); i != config->end(); ++i) {
+ for (Auth::authConfig::iterator i = config->begin(); i != config->end(); ++i) {
AuthConfig *scheme = *i;
scheme->registerWithCacheManager();
}
}
void
-authenticateInit(authConfig * config)
+authenticateInit(Auth::authConfig * config)
{
- for (authConfig::iterator i = config->begin(); i != config->end(); ++i) {
- AuthConfig *scheme = *i;
+ /* Do this first to clear memory and remove dead state on a reconfigure */
+ if (proxy_auth_username_cache)
+ AuthUser::CachedACLsReset();
+
+ /* If we do not have any auth config state to create stop now. */
+ if (!config)
+ return;
- if (scheme->configured())
- scheme->init(scheme);
+ for (Auth::authConfig::iterator i = config->begin(); i != config->end(); ++i) {
+ AuthConfig *schemeCfg = *i;
+
+ if (schemeCfg->configured())
+ schemeCfg->init(schemeCfg);
}
if (!proxy_auth_username_cache)
AuthUser::cacheInit();
- else
- AuthUser::CachedACLsReset();
- authenticateRegisterWithCacheManager(&Config.authConfiguration);
+ authenticateRegisterWithCacheManager(config);
}
void
-authenticateShutdown(void)
-{
- debugs(29, 2, "authenticateShutdown: shutting down auth schemes");
- /* free the cache if we are shutting down */
-
- if (shutting_down) {
- hashFreeItems(proxy_auth_username_cache, AuthUserHashPointer::removeFromCache);
- AuthScheme::FreeAll();
- } else {
- for (AuthScheme::const_iterator i = AuthScheme::Schemes().begin(); i != AuthScheme::Schemes().end(); ++i)
- (*i)->done();
- }
-}
-
-/**
- \retval 0 not in use
- \retval ? in use
- */
-int
-authenticateAuthUserInuse(AuthUser * auth_user)
+authenticateRotate(void)
{
- assert(auth_user != NULL);
- return auth_user->references;
+ for (Auth::authConfig::iterator i = Auth::TheConfig.begin(); i != Auth::TheConfig.end(); ++i)
+ if ((*i)->configured())
+ (*i)->rotateHelpers();
}
void
-authenticateAuthUserMerge(AuthUser * from, AuthUser * to)
+authenticateReset(void)
{
- to->absorb (from);
-}
+ debugs(29, 2, HERE << "Reset authentication State.");
-/**
- * Cleans all config-dependent data from the auth_user cache.
- \note It DOES NOT Flush the user cache.
- */
-void
-authenticateUserCacheRestart(void)
-{
- AuthUserHashPointer *usernamehash;
- AuthUser *auth_user;
- debugs(29, 3, HERE << "Clearing config dependent cache data.");
+ /* free all username cache entries */
hash_first(proxy_auth_username_cache);
-
+ AuthUserHashPointer *usernamehash;
while ((usernamehash = ((AuthUserHashPointer *) hash_next(proxy_auth_username_cache)))) {
- auth_user = usernamehash->user();
- debugs(29, 5, "authenticateUserCacheRestat: Clearing cache ACL results for user: " << auth_user->username());
+ debugs(29, 5, HERE << "Clearing entry for user: " << usernamehash->user()->username());
+ hash_remove_link(proxy_auth_username_cache, (hash_link *)usernamehash);
+ delete usernamehash;
}
-}
+ /* schedule shutdown of the helpers */
+ authenticateRotate();
-void
-AuthUserHashPointer::removeFromCache(void *usernamehash_p)
-{
- AuthUserHashPointer *usernamehash = static_cast<AuthUserHashPointer *>(usernamehash_p);
- AuthUser *auth_user = usernamehash->auth_user;
-
- if ((authenticateAuthUserInuse(auth_user) - 1))
- debugs(29, 1, "AuthUserHashPointer::removeFromCache: entry in use - not freeing");
-
- auth_user->unlock();
-
- /** \todo change behaviour - we remove from the auth user list here, and then unlock, and the
- * delete ourselves.
- */
+ /* free current global config details too. */
+ Auth::TheConfig.clean();
}
-AuthUserHashPointer::AuthUserHashPointer(AuthUser * anAuth_user):
+AuthUserHashPointer::AuthUserHashPointer(AuthUser::Pointer anAuth_user):
auth_user(anAuth_user)
{
key = (void *)anAuth_user->username();
next = NULL;
hash_join(proxy_auth_username_cache, (hash_link *) this);
-
- /** lock for presence in the cache */
- auth_user->lock();
}
-AuthUser *
+AuthUser::Pointer
AuthUserHashPointer::user() const
{
return auth_user;
#include "hash.h"
#include "MemPool.h"
-#include "typedefs.h" /* for authConfig */
+#include "auth/Config.h"
+#include "auth/User.h"
class AuthUser;
/**
\ingroup AuthAPI
*
- * This is used to link auth_users into the username cache.
+ * This is used to link AuthUsers objects into the username cache.
* Because some schemes may link in aliases to a user,
* the link is not part of the AuthUser structure itself.
*
- \todo Inheritance in a struct? this should be a class.
+ * Code must not hold onto copies of these objects.
+ * They may exist only so long as the AuthUser being referenced
+ * is recorded in the cache. Any caller using hash_remove_link
+ * must then delete the AuthUserHashPointer.
*/
-struct AuthUserHashPointer : public hash_link {
+class AuthUserHashPointer : public hash_link
+{
/* first two items must be same as hash_link */
public:
- static void removeFromCache (void *anAuthUserHashPointer);
MEMPROXY_CLASS(AuthUserHashPointer);
- AuthUserHashPointer(AuthUser *);
+ AuthUserHashPointer(AuthUser::Pointer);
+ ~AuthUserHashPointer() { auth_user = NULL; };
- AuthUser *user() const;
+ AuthUser::Pointer user() const;
private:
- AuthUser *auth_user;
+ AuthUser::Pointer auth_user;
};
MEMPROXY_CLASS_INLINE(AuthUserHashPointer);
*/
typedef void AUTHSSTATS(StoreEntry *);
-/**
- \ingroup AuthAPI
- * subsumed by the C++ interface
- \todo does 'subsumed' mean deprecated use a C++ API call?
+/// \ingroup AuthAPI
+extern void authenticateInit(Auth::authConfig *);
+
+/** \ingroup AuthAPI
+ * Remove all idle authentication state. Intended for use by reconfigure.
+ *
+ * Removes the username cache contents and global configuration state.
+ * Stops just short of detaching the auth components completely.
+ *
+ * Currently active requests should finish. Howevee new requests will not use
+ * authentication unless something causes the global config to be rebuilt.
+ * Such as a configure load action adding config and re-running authenticateInit().
*/
-extern void authenticateAuthUserMerge(AuthUser *, AuthUser *);
+extern void authenticateReset(void);
-/// \ingroup AuthAPI
-extern void authenticateInit(authConfig *);
-/// \ingroup AuthAPI
-extern void authenticateShutdown(void);
-/// \ingroup AuthAPI
-extern int authenticateAuthUserInuse(AuthUser * auth_user);
+extern void authenticateRotate(void);
/// \ingroup AuthAPI
extern void authenticateFreeProxyAuthUserACLResults(void *data);
/// \ingroup AuthAPI
extern int authenticateSchemeCount(void);
-/// \ingroup AuthAPI
-extern void authenticateUserCacheRestart(void);
/// \ingroup AuthAPI
extern void authenticateOnCloseConnection(ConnStateData * conn);
## authentication framework; this library is always built
libauth_la_SOURCES = \
+ AuthType.h \
+ AuthType.cc \
Config.cc \
Config.h \
+ Gadgets.cc \
+ Gadgets.h \
Scheme.cc \
Scheme.h \
+ State.h \
+ State.cc \
User.h \
User.cci \
User.cc \
UserRequest.h \
- UserRequest.cc \
- Gadgets.cc \
- Gadgets.h
+ UserRequest.cc
libauth_la_LIBADD = $(AUTH_LIBS_TO_BUILD)
libauth_la_DEPENDENCIES = $(AUTH_LIBS_TO_BUILD)
AclMaxUserIp.cc \
AclMaxUserIp.h \
AclProxyAuth.cc \
- AclProxyAuth.h
-
+ AclProxyAuth.h \
+ AuthAclState.h
libbasic_la_SOURCES = \
basic/basicScheme.cc \
basic/basicScheme.h \
basic/auth_basic.cc \
- basic/auth_basic.h
+ basic/auth_basic.h \
+ basic/basicUserRequest.cc \
+ basic/basicUserRequest.h
libdigest_la_SOURCES = \
digest/digestScheme.cc \
digest/digestScheme.h \
digest/auth_digest.cc \
- digest/auth_digest.h
+ digest/auth_digest.h \
+ digest/digestUserRequest.cc \
+ digest/digestUserRequest.h
libntlm_la_SOURCES = \
ntlm/ntlmScheme.cc \
ntlm/ntlmScheme.h \
ntlm/auth_ntlm.cc \
- ntlm/auth_ntlm.h
+ ntlm/auth_ntlm.h \
+ ntlm/ntlmUserRequest.cc \
+ ntlm/ntlmUserRequest.h
libnegotiate_la_SOURCES = \
negotiate/negotiateScheme.cc \
negotiate/negotiateScheme.h \
negotiate/auth_negotiate.cc \
- negotiate/auth_negotiate.h
+ negotiate/auth_negotiate.h \
+ negotiate/negotiateUserRequest.cc \
+ negotiate/negotiateUserRequest.h
+
+AuthType.cc: AuthType.h $(top_srcdir)/src/mk-string-arrays.awk
+ $(AWK) -f $(top_srcdir)/src/mk-string-arrays.awk < $(srcdir)/AuthType.h > $@ || (rm -f $@ ; exit 1)
+
+CLEANFILES += AuthType.cc
TESTS += testHeaders
-
/*
* $Id$
*
#include "auth/Gadgets.h"
#include "auth/Config.h"
-Vector<AuthScheme*> *AuthScheme::_Schemes = NULL;
+Vector<AuthScheme::Pointer> *AuthScheme::_Schemes = NULL;
void
-AuthScheme::AddScheme(AuthScheme &instance)
+AuthScheme::AddScheme(AuthScheme::Pointer instance)
{
iterator i = GetSchemes().begin();
while (i != GetSchemes().end()) {
- assert(strcmp((*i)->type(), instance.type()) != 0);
+ assert(strcmp((*i)->type(), instance->type()) != 0);
++i;
}
- GetSchemes().push_back (&instance);
+ GetSchemes().push_back(instance);
}
-AuthScheme *
+AuthScheme::Pointer
AuthScheme::Find(const char *typestr)
{
for (iterator i = GetSchemes().begin(); i != GetSchemes().end(); ++i) {
return *i;
}
- return NULL;
-}
-
-Vector<AuthScheme *> const &
-AuthScheme::Schemes()
-{
- return GetSchemes();
+ return AuthScheme::Pointer(NULL);
}
-Vector<AuthScheme*> &
+Vector<AuthScheme::Pointer> &
AuthScheme::GetSchemes()
{
if (!_Schemes)
- _Schemes = new Vector<AuthScheme *>;
+ _Schemes = new Vector<AuthScheme::Pointer>;
return *_Schemes;
}
-/*
- * called when a graceful shutdown is to occur
- * of each scheme module.
+/**
+ * Called when a graceful shutdown is to occur of each scheme module.
+ * On completion the auth components are to be considered deleted.
+ * None will be available globally. Some may remain around for their
+ * currently active connections to close, but only those active
+ * connections will retain pointers to them.
*/
void
AuthScheme::FreeAll()
{
+ assert(shutting_down);
+
while (GetSchemes().size()) {
- AuthScheme *scheme = GetSchemes().back();
+ AuthScheme::Pointer scheme = GetSchemes().back();
GetSchemes().pop_back();
scheme->done();
}
-
/*
* $Id$
*
#ifndef SQUID_AUTHSCHEME_H
#define SQUID_AUTHSCHEME_H
-#include "squid.h"
+#include "config.h"
#include "Array.h"
+#include "RefCount.h"
+
+class AuthConfig;
/**
\defgroup AuthSchemeAPI Authentication Scheme API
*/
/**
- \ingroup AuthAPI
- \ingroup AuthSchemeAPI
- \par
+ * \ingroup AuthAPI
+ * \ingroup AuthSchemeAPI
+ * \par
* I represent an authentication scheme. For now my children
- * store both the scheme metadata, and the scheme configuration.
- \par
+ * store the scheme metadata.
+ * \par
* Should we need multiple configs of a single scheme,
* a new class AuthConfiguration should be made, and the
* config specific calls on AuthScheme moved to it.
*/
-class AuthScheme
+class AuthScheme : public RefCountable
{
+public:
+ typedef RefCount<AuthScheme> Pointer;
+ typedef Vector<AuthScheme::Pointer>::iterator iterator;
+ typedef Vector<AuthScheme::Pointer>::const_iterator const_iterator;
public:
- static void AddScheme(AuthScheme &);
+ AuthScheme() : initialised (false) {};
+ virtual ~AuthScheme() {};
+
+ static void AddScheme(AuthScheme::Pointer);
+
+ /**
+ * Final termination of all authentication components.
+ * To be used only on shutdown. All global pointers are released.
+ * After this all schemes will appear completely unsupported
+ * until a call to InitAuthModules().
+ * Release the Auth::TheConfig handles instead to disable authentication
+ * without terminiating all support.
+ */
static void FreeAll();
- static Vector<AuthScheme*> const &Schemes();
- static AuthScheme *Find(const char *);
- typedef Vector<AuthScheme*>::iterator iterator;
- typedef Vector<AuthScheme*>::const_iterator const_iterator;
- AuthScheme() : initialised (false) {}
- virtual ~AuthScheme() {}
+ /**
+ * Locate an authentication scheme component by Name.
+ */
+ static AuthScheme::Pointer Find(const char *);
/* per scheme methods */
virtual char const *type () const = 0;
virtual void done() = 0;
virtual AuthConfig *createConfig() = 0;
+
// Not implemented
AuthScheme(AuthScheme const &);
AuthScheme &operator=(AuthScheme const&);
+ static Vector<AuthScheme::Pointer> &GetSchemes();
+
protected:
bool initialised;
private:
- static Vector<AuthScheme*> &GetSchemes();
- static Vector<AuthScheme*> *_Schemes;
+ static Vector<AuthScheme::Pointer> *_Schemes;
};
#endif /* SQUID_AUTHSCHEME_H */
--- /dev/null
+#include "config.h"
+#include "auth/State.h"
+
+CBDATA_GLOBAL_TYPE(authenticateStateData);
+
+void
+authenticateStateFree(authenticateStateData * r)
+{
+ r->auth_user_request = NULL;
+ cbdataFree(r);
+}
--- /dev/null
+#ifndef __AUTH_AUTHENTICATE_STATE_T__
+#define __AUTH_AUTHENTICATE_STATE_T__
+
+#include "auth/UserRequest.h"
+
+/**
+ * CBDATA state for NTLM, Negotiate, and Digest stateful authentication.
+ */
+typedef struct {
+ void *data;
+ AuthUserRequest::Pointer auth_user_request;
+ RH *handler;
+} authenticateStateData;
+
+extern CBDATA_GLOBAL_TYPE(authenticateStateData);
+
+extern void authenticateStateFree(authenticateStateData * r);
+
+#endif /* __AUTH_AUTHENTICATE_STATE_T__ */
#include "acl/Gadgets.h"
#include "event.h"
#include "SquidTime.h"
+#include "Store.h"
-#ifndef _USE_INLINE_
+#if !_USE_INLINE_
#include "auth/User.cci"
#endif
// This should be converted into a pooled type. Does not need to be cbdata
-CBDATA_TYPE(auth_user_ip_t);
+CBDATA_TYPE(AuthUserIP);
-AuthUser::AuthUser (AuthConfig *aConfig) :
- auth_type (AUTH_UNKNOWN), config(aConfig),
- usernamehash (NULL), ipcount (0), expiretime (0), references (0), username_(NULL)
+time_t AuthUser::last_discard = 0;
+
+const char *CredentialsState_str[] = { "Unchecked", "Ok", "Pending", "Handshake", "Failed" };
+
+
+AuthUser::AuthUser(AuthConfig *aConfig) :
+ auth_type(AUTH_UNKNOWN),
+ config(aConfig),
+ ipcount(0),
+ expiretime(0),
+ credentials_state(Unchecked),
+ username_(NULL)
{
proxy_auth_list.head = proxy_auth_list.tail = NULL;
proxy_match_cache.head = proxy_match_cache.tail = NULL;
ip_list.head = ip_list.tail = NULL;
- requests.head = requests.tail = NULL;
- debugs(29, 5, "AuthUser::AuthUser: Initialised auth_user '" << this << "' with refcount '" << references << "'.");
+ debugs(29, 5, "AuthUser::AuthUser: Initialised auth_user '" << this << "'.");
+}
+
+AuthUser::CredentialsState
+AuthUser::credentials() const
+{
+ return credentials_state;
}
-/* Combine two user structs. ONLY to be called from within a scheme
+void
+AuthUser::credentials(CredentialsState newCreds)
+{
+ credentials_state = newCreds;
+}
+
+
+/**
+ * Combine two user structs. ONLY to be called from within a scheme
* module. The scheme module is responsible for ensuring that the
* two users _can_ be merged without invalidating all the request
* scheme data. The scheme is also responsible for merging any user
* related scheme data itself.
*/
void
-AuthUser::absorb (AuthUser *from)
+AuthUser::absorb(AuthUser::Pointer from)
{
- AuthUserRequest *auth_user_request;
+
+ /* RefCount children CANNOT be merged like this. The external AuthUser::Pointer's cannot be changed. */
+
+ /* check that we only have the two references:
+ * 1) our function scope
+ * 2) the parsing function scope)
+ */
+ assert(from->RefCountCount() == 2);
+
/*
- * XXX combine two authuser structs. Incomplete: it should merge
- * in hash references too and ask the module to merge in scheme
- * data
+ * XXX Incomplete: it should merge in hash references too and ask the module to merge in scheme data
+ * dlink_list proxy_auth_list;
+ * dlink_list proxy_match_cache;
*/
+
debugs(29, 5, "authenticateAuthUserMerge auth_user '" << from << "' into auth_user '" << this << "'.");
- dlink_node *link = from->requests.head;
-
- while (link) {
- auth_user_request = static_cast<AuthUserRequest *>(link->data);
- dlink_node *tmplink = link;
- link = link->next;
- dlinkDelete(tmplink, &from->requests);
- dlinkAddTail(auth_user_request, tmplink, &requests);
- auth_user_request->user(this);
- }
- references += from->references;
- from->references = 0;
- delete from;
+ /* absorb the list of IP address sources (for max_user_ip controls) */
+ AuthUserIP *new_ipdata;
+ while (from->ip_list.head != NULL) {
+ new_ipdata = static_cast<AuthUserIP *>(from->ip_list.head->data);
+
+ /* If this IP has expired - ignore the expensive merge actions. */
+ if (new_ipdata->ip_expiretime + Config.authenticateIpTTL < squid_curtime) {
+ /* This IP has expired - remove from the source list */
+ dlinkDelete(&new_ipdata->node, &(from->ip_list));
+ cbdataFree(new_ipdata);
+ /* catch incipient underflow */
+ from->ipcount--;
+ } else {
+ /* add to our list. replace if already present. */
+ AuthUserIP *ipdata = static_cast<AuthUserIP *>(ip_list.head->data);
+ bool found = false;
+ while (ipdata) {
+ AuthUserIP *tempnode = static_cast<AuthUserIP *>(ipdata->node.next->data);
+
+ if (ipdata->ipaddr == new_ipdata->ipaddr) {
+ /* This IP has already been seen. */
+ found = true;
+ /* update IP ttl and stop searching. */
+ ipdata->ip_expiretime = max(ipdata->ip_expiretime, new_ipdata->ip_expiretime);
+ break;
+ } else if (ipdata->ip_expiretime + Config.authenticateIpTTL < squid_curtime) {
+ /* This IP has expired - cleanup the destination list */
+ dlinkDelete(&ipdata->node, &ip_list);
+ cbdataFree(ipdata);
+ /* catch incipient underflow */
+ assert(ipcount);
+ ipcount--;
+ }
+
+ ipdata = tempnode;
+ }
+
+ if (!found) {
+ /* This ip is not in the seen list. Add it. */
+ dlinkAddTail(&new_ipdata->node, &ipdata->node, &ip_list);
+ ipcount++;
+ /* remove from the source list */
+ dlinkDelete(&new_ipdata->node, &(from->ip_list));
+ from->ipcount--;
+ }
+ }
+ }
}
AuthUser::~AuthUser()
{
- AuthUserRequest *auth_user_request;
- dlink_node *link, *tmplink;
- debugs(29, 5, "AuthUser::~AuthUser: Freeing auth_user '" << this << "' with refcount '" << references << "'.");
- assert(references == 0);
- /* were they linked in by username ? */
-
- if (usernamehash) {
- assert(usernamehash->user() == this);
- debugs(29, 5, "AuthUser::~AuthUser: removing usernamehash entry '" << usernamehash << "'");
- hash_remove_link(proxy_auth_username_cache,
- (hash_link *) usernamehash);
- /* don't free the key as we use the same user string as the auth_user
- * structure */
- delete usernamehash;
- }
-
- /* remove any outstanding requests */
- link = requests.head;
-
- while (link) {
- debugs(29, 5, "AuthUser::~AuthUser: removing request entry '" << link->data << "'");
- auth_user_request = static_cast<AuthUserRequest *>(link->data);
- tmplink = link;
- link = link->next;
- dlinkDelete(tmplink, &requests);
- dlinkNodeDelete(tmplink);
- delete auth_user_request;
- }
+ debugs(29, 5, "AuthUser::~AuthUser: Freeing auth_user '" << this << "'.");
+ assert(RefCountCount() == 0);
/* free cached acl results */
aclCacheMatchFlush(&proxy_match_cache);
{
if (!proxy_auth_username_cache) {
/* First time around, 7921 should be big enough */
- proxy_auth_username_cache =
- hash_create((HASHCMP *) strcmp, 7921, hash_string);
+ proxy_auth_username_cache = hash_create((HASHCMP *) strcmp, 7921, hash_string);
assert(proxy_auth_username_cache);
eventAdd("User Cache Maintenance", cacheCleanup, NULL, Config.authenticateGCInterval, 1);
+ last_discard = squid_curtime;
}
}
AuthUser::CachedACLsReset()
{
/*
- * We walk the hash by username as that is the unique key we use.
* This must complete all at once, because we are ensuring correctness.
*/
AuthUserHashPointer *usernamehash;
- AuthUser *auth_user;
- char const *username = NULL;
+ AuthUser::Pointer auth_user;
debugs(29, 3, "AuthUser::CachedACLsReset: Flushing the ACL caches for all users.");
hash_first(proxy_auth_username_cache);
while ((usernamehash = ((AuthUserHashPointer *) hash_next(proxy_auth_username_cache)))) {
auth_user = usernamehash->user();
- username = auth_user->username();
/* free cached acl results */
aclCacheMatchFlush(&auth_user->proxy_match_cache);
-
}
debugs(29, 3, "AuthUser::CachedACLsReset: Finished.");
* entries at a time. Lets see how it flys first.
*/
AuthUserHashPointer *usernamehash;
- AuthUser *auth_user;
+ AuthUser::Pointer auth_user;
char const *username = NULL;
debugs(29, 3, "AuthUser::cacheCleanup: Cleaning the user cache now");
debugs(29, 3, "AuthUser::cacheCleanup: Current time: " << current_time.tv_sec);
auth_user = usernamehash->user();
username = auth_user->username();
- /* if we need to have inpedendent expiry clauses, insert a module call
+ /* if we need to have indedendent expiry clauses, insert a module call
* here */
debugs(29, 4, "AuthUser::cacheCleanup: Cache entry:\n\tType: " <<
auth_user->auth_type << "\n\tUsername: " << username <<
"\n\texpires: " <<
(long int) (auth_user->expiretime + Config.authenticateTTL) <<
- "\n\treferences: " << (long int) auth_user->references);
+ "\n\treferences: " << (long int) auth_user->RefCountCount());
if (auth_user->expiretime + Config.authenticateTTL <= current_time.tv_sec) {
debugs(29, 5, "AuthUser::cacheCleanup: Removing user " << username << " from cache due to timeout.");
- /* the minus 1 accounts for the cache lock */
-
- if (!(authenticateAuthUserInuse(auth_user) - 1))
- /* we don't warn if we leave the user in the cache,
- * because other modules (ie delay pools) may keep
- * locks on users, and thats legitimate
- */
- auth_user->unlock();
+
+ /* Old credentials are always removed. Existing users must hold their own
+ * AuthUser::Pointer to the credentials. Cache exists only for finding
+ * and re-using current valid credentials.
+ */
+ hash_remove_link(proxy_auth_username_cache, usernamehash);
+ delete usernamehash;
}
}
debugs(29, 3, "AuthUser::cacheCleanup: Finished cleaning the user cache.");
eventAdd("User Cache Maintenance", cacheCleanup, NULL, Config.authenticateGCInterval, 1);
+ last_discard = squid_curtime;
}
void
AuthUser::clearIp()
{
- auth_user_ip_t *ipdata, *tempnode;
+ AuthUserIP *ipdata, *tempnode;
- ipdata = (auth_user_ip_t *) ip_list.head;
+ ipdata = (AuthUserIP *) ip_list.head;
while (ipdata) {
- tempnode = (auth_user_ip_t *) ipdata->node.next;
+ tempnode = (AuthUserIP *) ipdata->node.next;
/* walk the ip list */
dlinkDelete(&ipdata->node, &ip_list);
cbdataFree(ipdata);
}
void
-AuthUser::removeIp(IpAddress ipaddr)
+AuthUser::removeIp(Ip::Address ipaddr)
{
- auth_user_ip_t *ipdata = (auth_user_ip_t *) ip_list.head;
+ AuthUserIP *ipdata = (AuthUserIP *) ip_list.head;
while (ipdata) {
/* walk the ip list */
return;
}
- ipdata = (auth_user_ip_t *) ipdata->node.next;
+ ipdata = (AuthUserIP *) ipdata->node.next;
}
}
void
-AuthUser::addIp(IpAddress ipaddr)
+AuthUser::addIp(Ip::Address ipaddr)
{
- auth_user_ip_t *ipdata = (auth_user_ip_t *) ip_list.head;
+ AuthUserIP *ipdata = (AuthUserIP *) ip_list.head;
int found = 0;
- CBDATA_INIT_TYPE(auth_user_ip_t);
+ CBDATA_INIT_TYPE(AuthUserIP);
/*
* we walk the entire list to prevent the first item in the list
* a timeout+reconfigure
*/
while (ipdata) {
- auth_user_ip_t *tempnode = (auth_user_ip_t *) ipdata->node.next;
+ AuthUserIP *tempnode = (AuthUserIP *) ipdata->node.next;
/* walk the ip list */
if (ipdata->ipaddr == ipaddr) {
return;
/* This ip is not in the seen list */
- ipdata = cbdataAlloc(auth_user_ip_t);
+ ipdata = cbdataAlloc(AuthUserIP);
ipdata->ip_expiretime = squid_curtime;
debugs(29, 2, "authenticateAuthUserAddIp: user '" << username() << "' has been seen at a new IP address (" << ipaddr << ")");
}
-
+/**
+ * Add the AuthUser structure to the username cache.
+ */
void
-AuthUser::lock()
+AuthUser::addToNameCache()
{
- debugs(29, 9, "authenticateAuthUserLock auth_user '" << this << "'.");
- assert(this != NULL);
- references++;
- debugs(29, 9, "authenticateAuthUserLock auth_user '" << this << "' now at '" << references << "'.");
+ /* AuthUserHashPointer will self-register with the username cache */
+ new AuthUserHashPointer(this);
}
+/**
+ * Dump the username cache statictics for viewing...
+ */
void
-AuthUser::unlock()
+AuthUser::UsernameCacheStats(StoreEntry *output)
{
- debugs(29, 9, "authenticateAuthUserUnlock auth_user '" << this << "'.");
- assert(this != NULL);
+ AuthUserHashPointer *usernamehash;
- if (references > 0) {
- references--;
- } else {
- debugs(29, 1, "Attempt to lower Auth User " << this << " refcount below 0!");
- }
+ /* overview of username cache */
+ storeAppendPrintf(output, "Cached Usernames: %d of %d\n", proxy_auth_username_cache->count, proxy_auth_username_cache->size);
+ storeAppendPrintf(output, "Next Garbage Collection in %d seconds.\n", static_cast<int32_t>(last_discard + Config.authenticateGCInterval - squid_curtime));
- debugs(29, 9, "authenticateAuthUserUnlock auth_user '" << this << "' now at '" << references << "'.");
+ /* cache dump column titles */
+ storeAppendPrintf(output, "\n%-15s %-9s %-9s %-9s %s\n",
+ "Type",
+ "State",
+ "Check TTL",
+ "Cache TTL",
+ "Username");
+ storeAppendPrintf(output, "--------------- --------- --------- --------- ------------------------------\n");
- if (references == 0)
- delete this;
-}
-
-/* addToNameCache: add a auth_user structure to the username cache */
-void
-AuthUser::addToNameCache()
-{
- usernamehash = new AuthUserHashPointer (this);
+ hash_first(proxy_auth_username_cache);
+ while ((usernamehash = ((AuthUserHashPointer *) hash_next(proxy_auth_username_cache)))) {
+ AuthUser::Pointer auth_user = usernamehash->user();
+
+ storeAppendPrintf(output, "%-15s %-9s %-9d %-9d %s\n",
+ AuthType_str[auth_user->auth_type],
+ CredentialsState_str[auth_user->credentials()],
+ auth_user->ttl(),
+ static_cast<int32_t>(auth_user->expiretime - squid_curtime + Config.authenticateTTL),
+ auth_user->username()
+ );
+ }
}
}
void
-AuthUser::username(char const*aString)
+AuthUser::username(char const *aString)
{
if (aString) {
assert(!username_);
safe_free(username_);
}
}
-
-void
-AuthUser::addRequest(AuthUserRequest *request)
-{
- /* lock for the request link */
-
- lock();
- dlink_node *node = dlinkNodeNew();
-
- dlinkAdd(request, node, &requests);
-}
#ifndef SQUID_AUTHUSER_H
#define SQUID_AUTHUSER_H
-class AuthUserRequest;
+#include "auth/AuthType.h"
+#include "dlink.h"
+#include "ip/Address.h"
+#include "RefCount.h"
+
class AuthConfig;
class AuthUserHashPointer;
-
-/* for auth_type_t */
-#include "enums.h"
-
-#include "ip/IpAddress.h"
-#include "dlink.h"
+class StoreEntry;
/**
* \ingroup AuthAPI
* structure is the cached ACL match results. This structure, is private to
* the authentication framework.
*/
-class AuthUser
+class AuthUser : public RefCountable
{
-
public:
+ typedef RefCount<AuthUser> Pointer;
+
/* extra fields for proxy_auth */
/* auth_type and auth_module are deprecated. Do Not add new users of these fields.
* Aim to remove shortly
*/
/** \deprecated this determines what scheme owns the user data. */
- auth_type_t auth_type;
+ AuthType auth_type;
/** the config for this user */
AuthConfig *config;
- /** we only have one username associated with a given auth_user struct */
- AuthUserHashPointer *usernamehash;
/** we may have many proxy-authenticate strings that decode to the same user */
dlink_list proxy_auth_list;
dlink_list proxy_match_cache;
size_t ipcount;
long expiretime;
- /** how many references are outstanding to this instance */
- size_t references;
- /** the auth_user_request structures that link to this. Yes it could be a splaytree
- * but how many requests will a single username have in parallel? */
- dlink_list requests;
static void cacheInit();
static void CachedACLsReset();
- void absorb(AuthUser *from);
+ void absorb(AuthUser::Pointer from);
virtual ~AuthUser();
_SQUID_INLINE_ char const *username() const;
_SQUID_INLINE_ void username(char const *);
- void clearIp();
- void removeIp(IpAddress);
- void addIp(IpAddress);
- _SQUID_INLINE_ void addRequest(AuthUserRequest *);
- void lock();
- void unlock();
+ /**
+ * How long these credentials are still valid for.
+ * Negative numbers means already expired.
+ */
+ virtual int32_t ttl() const = 0;
+
+ /* Manage list of IPs using this username */
+ void clearIp();
+ void removeIp(Ip::Address);
+ void addIp(Ip::Address);
void addToNameCache();
+ static void UsernameCacheStats(StoreEntry * output);
+
+ enum CredentialsState { Unchecked, Ok, Pending, Handshake, Failed };
+ CredentialsState credentials() const;
+ void credentials(CredentialsState);
+
+private:
+ /**
+ * The current state these credentials are in:
+ * Unchecked
+ * Authenticated
+ * Pending helper result
+ * Handshake happening in stateful auth.
+ * Failed auth
+ */
+ CredentialsState credentials_state;
protected:
- AuthUser (AuthConfig *);
+ AuthUser(AuthConfig *);
private:
- static void cacheCleanup (void *unused);
+ /**
+ * Garbage Collection for the username cache.
+ */
+ static void cacheCleanup(void *unused);
+ static time_t last_discard; /// Time of last username cache garbage collection.
/**
* DPW 2007-05-08
dlink_list ip_list;
};
-#ifdef _USE_INLINE_
+extern const char *CredentialsState_str[];
+
+#if _USE_INLINE_
#include "auth/User.cci"
#endif
-
/*
* $Id$
*
/* Generic Functions */
-size_t
-AuthUserRequest::refCount () const
-{
- return references;
-}
-
char const *
AuthUserRequest::username() const
{
- if (user())
+ if (user() != NULL)
return user()->username();
else
return NULL;
}
-size_t
-authenticateRequestRefCount (AuthUserRequest *aRequest)
-{
- return aRequest->refCount();
-}
-
/**** PUBLIC FUNCTIONS (ALL GENERIC!) ****/
/* send the initial data to an authenticator module */
AuthUserRequest::start(RH * handler, void *data)
{
assert(handler);
+ assert(data);
debugs(29, 9, "authenticateStart: auth_user_request '" << this << "'");
module_start(handler, data);
}
-/*
- * Check a auth_user pointer for validity. Does not check passwords, just data
- * sensability. Broken or Unknown auth_types are not valid for use...
- */
-
-int
-authenticateValidateUser(AuthUserRequest * auth_user_request)
+bool
+AuthUserRequest::valid() const
{
- debugs(29, 9, "authenticateValidateUser: Validating Auth_user request '" << auth_user_request << "'.");
-
- if (auth_user_request == NULL) {
- debugs(29, 4, "authenticateValidateUser: Auth_user_request was NULL!");
- return 0;
- }
+ debugs(29, 9, HERE << "Validating AuthUserRequest '" << this << "'.");
- if (auth_user_request->user() == NULL) {
- debugs(29, 4, "authenticateValidateUser: No associated auth_user structure");
- return 0;
+ if (user() == NULL) {
+ debugs(29, 4, HERE << "No associated AuthUser data");
+ return false;
}
- if (auth_user_request->user()->auth_type == AUTH_UNKNOWN) {
- debugs(29, 4, "authenticateValidateUser: Auth_user '" << auth_user_request->user() << "' uses unknown scheme.");
- return 0;
+ if (user()->auth_type == AUTH_UNKNOWN) {
+ debugs(29, 4, HERE << "AuthUser '" << user() << "' uses unknown scheme.");
+ return false;
}
- if (auth_user_request->user()->auth_type == AUTH_BROKEN) {
- debugs(29, 4, "authenticateValidateUser: Auth_user '" << auth_user_request->user() << "' is broken for it's scheme.");
- return 0;
+ if (user()->auth_type == AUTH_BROKEN) {
+ debugs(29, 4, HERE << "AuthUser '" << user() << "' is broken for it's scheme.");
+ return false;
}
/* any other sanity checks that we need in the future */
- /* Thus should a module call to something like authValidate */
-
/* finally return ok */
- debugs(29, 5, "authenticateValidateUser: Validated Auth_user request '" << auth_user_request << "'.");
-
- return 1;
-
+ debugs(29, 5, HERE << "Validated. AuthUserRequest '" << this << "'.");
+ return true;
}
void *
fatal ("AuthUserRequest child failed to override operator delete\n");
}
-AuthUserRequest::AuthUserRequest():_auth_user(NULL), message(NULL),
- references (0), lastReply (AUTH_ACL_CANNOT_AUTHENTICATE)
+AuthUserRequest::AuthUserRequest():
+ _auth_user(NULL),
+ message(NULL),
+ lastReply(AUTH_ACL_CANNOT_AUTHENTICATE)
{
- debugs(29, 5, "AuthUserRequest::AuthUserRequest: initialised request " <<
- this);
+ debugs(29, 5, "AuthUserRequest::AuthUserRequest: initialised request " << this);
}
AuthUserRequest::~AuthUserRequest()
{
- dlink_node *link;
- debugs(29, 5, "AuthUserRequest::~AuthUserRequest: freeing request " <<
- this);
- assert(references == 0);
-
- if (user()) {
- /* unlink from the auth_user struct */
- link = user()->requests.head;
-
- while (link && (link->data != this))
- link = link->next;
-
- assert(link != NULL);
-
- dlinkDelete(link, &user()->requests);
-
- dlinkNodeDelete(link);
-
- /* unlock the request structure's lock */
- user()->unlock();
+ assert(RefCountCount()==0);
+ debugs(29, 5, "AuthUserRequest::~AuthUserRequest: freeing request " << this);
+ if (user() != NULL) {
+ /* release our references to the user credentials */
user(NULL);
}
- safe_free (message);
+ safe_free(message);
}
void
-AuthUserRequest::setDenyMessage (char const *aString)
+AuthUserRequest::setDenyMessage(char const *aString)
{
- safe_free (message);
- message = xstrdup (aString);
+ safe_free(message);
+ message = xstrdup(aString);
}
char const *
-AuthUserRequest::getDenyMessage ()
+AuthUserRequest::getDenyMessage()
{
return message;
}
}
static void
-authenticateAuthUserRequestSetIp(AuthUserRequest * auth_user_request, IpAddress &ipaddr)
+authenticateAuthUserRequestSetIp(AuthUserRequest::Pointer auth_user_request, Ip::Address &ipaddr)
{
- AuthUser *auth_user = auth_user_request->user();
+ AuthUser::Pointer auth_user = auth_user_request->user();
if (!auth_user)
return;
}
void
-authenticateAuthUserRequestRemoveIp(AuthUserRequest * auth_user_request, IpAddress const &ipaddr)
+authenticateAuthUserRequestRemoveIp(AuthUserRequest::Pointer auth_user_request, Ip::Address const &ipaddr)
{
- AuthUser *auth_user = auth_user_request->user();
+ AuthUser::Pointer auth_user = auth_user_request->user();
if (!auth_user)
return;
}
void
-authenticateAuthUserRequestClearIp(AuthUserRequest * auth_user_request)
+authenticateAuthUserRequestClearIp(AuthUserRequest::Pointer auth_user_request)
{
- if (auth_user_request)
+ if (auth_user_request != NULL)
auth_user_request->user()->clearIp();
}
int
-authenticateAuthUserRequestIPCount(AuthUserRequest * auth_user_request)
+authenticateAuthUserRequestIPCount(AuthUserRequest::Pointer auth_user_request)
{
- assert(auth_user_request);
- assert(auth_user_request->user());
+ assert(auth_user_request != NULL);
+ assert(auth_user_request->user() != NULL);
return auth_user_request->user()->ipcount;
}
* authenticateUserAuthenticated: is this auth_user structure logged in ?
*/
int
-authenticateUserAuthenticated(AuthUserRequest * auth_user_request)
+authenticateUserAuthenticated(AuthUserRequest::Pointer auth_user_request)
{
- if (!authenticateValidateUser(auth_user_request))
+ if (auth_user_request == NULL || !auth_user_request->valid())
return 0;
return auth_user_request->authenticated();
* This is basically a handle approach.
*/
static void
-authenticateAuthenticateUser(AuthUserRequest * auth_user_request, HttpRequest * request, ConnStateData * conn, http_hdr_type type)
+authenticateAuthenticateUser(AuthUserRequest::Pointer auth_user_request, HttpRequest * request, ConnStateData * conn, http_hdr_type type)
{
- assert(auth_user_request != NULL);
+ assert(auth_user_request.getRaw() != NULL);
auth_user_request->authenticate(request, conn, type);
}
-static AuthUserRequest *
-authTryGetUser (AuthUserRequest **auth_user_request, ConnStateData * conn, HttpRequest * request)
+static AuthUserRequest::Pointer
+authTryGetUser(AuthUserRequest::Pointer auth_user_request, ConnStateData * conn, HttpRequest * request)
{
- if (*auth_user_request)
- return *auth_user_request;
- else if (request != NULL && request->auth_user_request)
+ if (auth_user_request != NULL)
+ return auth_user_request;
+ else if (request != NULL && request->auth_user_request != NULL)
return request->auth_user_request;
else if (conn != NULL)
return conn->auth_user_request;
*
* Caller is responsible for locking and unlocking their *auth_user_request!
*/
-auth_acl_t
-AuthUserRequest::authenticate(AuthUserRequest ** auth_user_request, http_hdr_type headertype, HttpRequest * request, ConnStateData * conn, IpAddress &src_addr)
+AuthAclState
+AuthUserRequest::authenticate(AuthUserRequest::Pointer * auth_user_request, http_hdr_type headertype, HttpRequest * request, ConnStateData * conn, Ip::Address &src_addr)
{
const char *proxy_auth;
assert(headertype != 0);
* connection when we recieve no authentication header.
*/
- if (((proxy_auth == NULL) && (!authenticateUserAuthenticated(authTryGetUser(auth_user_request,conn,request))))
- || (conn != NULL && conn->auth_type == AUTH_BROKEN)) {
+ /* a) can we find other credentials to use? and b) are they logged in already? */
+ if (proxy_auth == NULL && !authenticateUserAuthenticated(authTryGetUser(*auth_user_request,conn,request))) {
/* no header or authentication failed/got corrupted - restart */
- debugs(29, 4, "authenticateAuthenticate: broken auth or no proxy_auth header. Requesting auth header.");
+ debugs(29, 4, HERE << "No Proxy-Auth header and no working alternative. Requesting auth header.");
+
/* something wrong with the AUTH credentials. Force a new attempt */
+ /* connection auth we must reset on auth errors */
if (conn != NULL) {
- conn->auth_type = AUTH_UNKNOWN;
- AUTHUSERREQUESTUNLOCK(conn->auth_user_request, "conn");
+ conn->auth_user_request = NULL;
}
*auth_user_request = NULL;
* No check for function required in the if: its compulsory for conn based
* auth modules
*/
- if (proxy_auth && conn != NULL && conn->auth_user_request &&
+ if (proxy_auth && conn != NULL && conn->auth_user_request != NULL &&
authenticateUserAuthenticated(conn->auth_user_request) &&
conn->auth_user_request->connLastHeader() != NULL &&
strcmp(proxy_auth, conn->auth_user_request->connLastHeader())) {
- debugs(29, 2, "authenticateAuthenticate: DUPLICATE AUTH - authentication header on already authenticated connection!. AU " <<
+ debugs(29, 2, "WARNING: DUPLICATE AUTH - authentication header on already authenticated connection!. AU " <<
conn->auth_user_request << ", Current user '" <<
conn->auth_user_request->username() << "' proxy_auth " <<
proxy_auth);
- /* remove this request struct - the link is already authed and it can't be to
- * reauth.
- */
+ /* remove this request struct - the link is already authed and it can't be to reauth. */
/* This should _only_ ever occur on the first pass through
* authenticateAuthenticate
*/
assert(*auth_user_request == NULL);
- AUTHUSERREQUESTUNLOCK(conn->auth_user_request, "conn");
- /* Set the connection auth type */
- conn->auth_type = AUTH_UNKNOWN;
+ conn->auth_user_request = NULL;
}
/* we have a proxy auth header and as far as we know this connection has
* not had bungled connection oriented authentication happen on it. */
- debugs(29, 9, "authenticateAuthenticate: header " << (proxy_auth ? proxy_auth : "-") << ".");
+ debugs(29, 9, HERE << "header " << (proxy_auth ? proxy_auth : "-") << ".");
if (*auth_user_request == NULL) {
- debugs(29, 9, "authenticateAuthenticate: This is a new checklist test on FD:" << (conn != NULL ? conn->fd : -1) );
+ debugs(29, 9, HERE << "This is a new checklist test on FD:" << (conn != NULL ? conn->fd : -1) );
- if (proxy_auth && !request->auth_user_request && conn != NULL && conn->auth_user_request) {
+ if (proxy_auth && request->auth_user_request == NULL && conn != NULL && conn->auth_user_request != NULL) {
AuthConfig * scheme = AuthConfig::Find(proxy_auth);
- if (!conn->auth_user_request->user() || conn->auth_user_request->user()->config != scheme) {
- debugs(29, 1, "authenticateAuthenticate: Unexpected change of authentication scheme from '" <<
+ if (conn->auth_user_request->user() == NULL || conn->auth_user_request->user()->config != scheme) {
+ debugs(29, 1, "WARNING: Unexpected change of authentication scheme from '" <<
conn->auth_user_request->user()->config->type() <<
"' to '" << proxy_auth << "' (client " <<
src_addr << ")");
- AUTHUSERREQUESTUNLOCK(conn->auth_user_request, "conn");
- conn->auth_type = AUTH_UNKNOWN;
+ conn->auth_user_request = NULL;
}
}
- if ((!request->auth_user_request)
- && (conn == NULL || conn->auth_type == AUTH_UNKNOWN)) {
+ if (request->auth_user_request == NULL && (conn == NULL || conn->auth_user_request == NULL)) {
/* beginning of a new request check */
- debugs(29, 4, "authenticateAuthenticate: no connection authentication type");
+ debugs(29, 4, HERE << "No connection authentication type");
*auth_user_request = AuthConfig::CreateAuthUser(proxy_auth);
- if (!authenticateValidateUser(*auth_user_request)) {
- if (*auth_user_request == NULL)
- return AUTH_ACL_CHALLENGE;
-
+ if (*auth_user_request == NULL)
+ return AUTH_ACL_CHALLENGE;
+ else if (!(*auth_user_request)->valid()) {
/* the decode might have left a username for logging, or a message to
* the user */
if ((*auth_user_request)->username()) {
request->auth_user_request = *auth_user_request;
- AUTHUSERREQUESTLOCK(request->auth_user_request, "request");
}
*auth_user_request = NULL;
return AUTH_ACL_CHALLENGE;
}
- /* the user_request comes prelocked for the caller to createAuthUser (us) */
- } else if (request->auth_user_request) {
+ } else if (request->auth_user_request != NULL) {
*auth_user_request = request->auth_user_request;
} else {
assert (conn != NULL);
- if (conn->auth_user_request) {
+ if (conn->auth_user_request != NULL) {
*auth_user_request = conn->auth_user_request;
} else {
/* failed connection based authentication */
- debugs(29, 4, "authenticateAuthenticate: Auth user request " <<
+ debugs(29, 4, HERE << "Auth user request " <<
*auth_user_request << " conn-auth user request " <<
conn->auth_user_request << " conn type " <<
- conn->auth_type << " authentication failed.");
+ conn->auth_user_request->user()->auth_type << " authentication failed.");
*auth_user_request = NULL;
return AUTH_ACL_CHALLENGE;
if (!authenticateUserAuthenticated(*auth_user_request)) {
/* User not logged in. Log them in */
- authenticateAuthenticateUser(*auth_user_request, request,
- conn, headertype);
+ authenticateAuthenticateUser(*auth_user_request, request, conn, headertype);
switch (authenticateDirection(*auth_user_request)) {
case 1:
- if (NULL == request->auth_user_request) {
+ if (request->auth_user_request == NULL) {
request->auth_user_request = *auth_user_request;
- AUTHUSERREQUESTLOCK(request->auth_user_request, "request");
}
/* fallthrough to -2 */
if ((*auth_user_request)->username()) {
if (!request->auth_user_request) {
request->auth_user_request = *auth_user_request;
- AUTHUSERREQUESTLOCK(request->auth_user_request, "request");
}
}
/* copy username to request for logging on client-side */
/* the credentials are correct at this point */
- if (NULL == request->auth_user_request) {
+ if (request->auth_user_request == NULL) {
request->auth_user_request = *auth_user_request;
- AUTHUSERREQUESTLOCK(request->auth_user_request, "request");
authenticateAuthUserRequestSetIp(*auth_user_request, src_addr);
}
return AUTH_AUTHENTICATED;
}
-auth_acl_t
-
-AuthUserRequest::tryToAuthenticateAndSetAuthUser(AuthUserRequest ** auth_user_request, http_hdr_type headertype, HttpRequest * request, ConnStateData * conn, IpAddress &src_addr)
+AuthAclState
+AuthUserRequest::tryToAuthenticateAndSetAuthUser(AuthUserRequest::Pointer * auth_user_request, http_hdr_type headertype, HttpRequest * request, ConnStateData * conn, Ip::Address &src_addr)
{
/* If we have already been called, return the cached value */
- AuthUserRequest *t = authTryGetUser (auth_user_request, conn, request);
+ AuthUserRequest::Pointer t = authTryGetUser(*auth_user_request, conn, request);
- if (t && t->lastReply != AUTH_ACL_CANNOT_AUTHENTICATE
- && t->lastReply != AUTH_ACL_HELPER) {
- if (!*auth_user_request)
+ if (t != NULL && t->lastReply != AUTH_ACL_CANNOT_AUTHENTICATE && t->lastReply != AUTH_ACL_HELPER) {
+ if (*auth_user_request == NULL)
*auth_user_request = t;
- if (!request->auth_user_request && t->lastReply == AUTH_AUTHENTICATED) {
+ if (request->auth_user_request == NULL && t->lastReply == AUTH_AUTHENTICATED) {
request->auth_user_request = t;
- AUTHUSERREQUESTLOCK(request->auth_user_request, "request");
}
return t->lastReply;
}
/* ok, call the actual authenticator routine. */
- auth_acl_t result = authenticate(auth_user_request, headertype, request, conn, src_addr);
+ AuthAclState result = authenticate(auth_user_request, headertype, request, conn, src_addr);
- t = authTryGetUser (auth_user_request, conn, request);
+ t = authTryGetUser(*auth_user_request, conn, request);
- if (t && result != AUTH_ACL_CANNOT_AUTHENTICATE &&
- result != AUTH_ACL_HELPER)
+ if (t != NULL && result != AUTH_ACL_CANNOT_AUTHENTICATE && result != AUTH_ACL_HELPER)
t->lastReply = result;
return result;
* -2: authenticate broken in some fashion
*/
int
-authenticateDirection(AuthUserRequest * auth_user_request)
+authenticateDirection(AuthUserRequest::Pointer auth_user_request)
{
- if (!auth_user_request)
+ if (auth_user_request == NULL || auth_user_request->user() == NULL)
return -2;
return auth_user_request->direction();
}
void
-AuthUserRequest::addReplyAuthHeader(HttpReply * rep, AuthUserRequest * auth_user_request, HttpRequest * request, int accelerated, int internal)
+AuthUserRequest::addReplyAuthHeader(HttpReply * rep, AuthUserRequest::Pointer auth_user_request, HttpRequest * request, int accelerated, int internal)
/* send the auth types we are configured to support (and have compiled in!) */
{
http_hdr_type type;
else {
/* call each configured & running authscheme */
- for (authConfig::iterator i = Config.authConfiguration.begin(); i != Config.authConfiguration.end(); ++i) {
+ for (Auth::authConfig::iterator i = Auth::TheConfig.begin(); i != Auth::TheConfig.end(); ++i) {
AuthConfig *scheme = *i;
if (scheme->active())
}
void
-authenticateFixHeader(HttpReply * rep, AuthUserRequest * auth_user_request, HttpRequest * request, int accelerated, int internal)
+authenticateFixHeader(HttpReply * rep, AuthUserRequest::Pointer auth_user_request, HttpRequest * request, int accelerated, int internal)
{
AuthUserRequest::addReplyAuthHeader(rep, auth_user_request, request, accelerated, internal);
}
/* call the active auth module and allow it to add a trailer to the request */
void
-authenticateAddTrailer(HttpReply * rep, AuthUserRequest * auth_user_request, HttpRequest * request, int accelerated)
+authenticateAddTrailer(HttpReply * rep, AuthUserRequest::Pointer auth_user_request, HttpRequest * request, int accelerated)
{
if (auth_user_request != NULL)
auth_user_request->addTrailer(rep, accelerated);
}
-void
-
-AuthUserRequest::_lock()
-{
- assert(this);
- debugs(29, 9, "AuthUserRequest::lock: auth_user request '" << this << " " << references << "->" << references+1);
- ++references;
-}
-
-void
-AuthUserRequest::_unlock()
-{
- assert(this != NULL);
-
- if (references > 0) {
- debugs(29, 9, "AuthUserRequest::unlock: auth_user request '" << this << " " << references << "->" << references-1);
- --references;
- } else {
- debugs(29, 1, "Attempt to lower Auth User request " << this << " refcount below 0!");
- }
-
- if (references == 0) {
- debugs(29, 9, "AuthUserRequest::unlock: deleting auth_user_request '" << this << "'.");
- /* not locked anymore */
- delete this;
- }
-}
-
-AuthScheme *
+AuthScheme::Pointer
AuthUserRequest::scheme() const
{
/* TODO: this should be overriden by the child and be essentially a no-op */
-
/*
* $Id$
*
#ifndef SQUID_AUTHUSERREQUEST_H
#define SQUID_AUTHUSERREQUEST_H
-#include "client_side.h"
-
-class AuthUser;
+#include "auth/AuthAclState.h"
+#include "auth/Scheme.h"
+#include "auth/User.h"
+#include "dlink.h"
+#include "ip/Address.h"
+#include "typedefs.h"
+#include "HttpHeader.h"
class ConnStateData;
+class HttpReply;
+class HttpRequest;
-class AuthScheme;
-
-struct AuthUserIP {
+/// \ingroup AuthAPI
+class AuthUserIP
+{
+public:
dlink_node node;
/* IP addr this user authenticated from */
- IpAddress ipaddr;
+ Ip::Address ipaddr;
time_t ip_expiretime;
};
/**
\ingroup AuthAPI
* This is a short lived structure is the visible aspect of the authentication framework.
+ *
+ * It and its children hold the state data while processing authentication for a client request.
+ * The AuthenticationStateData object is merely a CBDATA wrapper for one of these.
*/
-class AuthUserRequest
+class AuthUserRequest : public RefCountable
{
+public:
+ typedef RefCount<AuthUserRequest> Pointer;
public:
/**
* it has request specific data, and links to user specific data
* the user
*/
- AuthUser *_auth_user;
+ AuthUser::Pointer _auth_user;
/**
* Used by squid to determine what the next step in performing authentication for a given scheme is.
\retval false Timeouts on cached credentials have occurred or for any reason the credentials are not valid.
*/
virtual int authenticated() const = 0;
+
+ /**
+ * Check a auth_user pointer for validity.
+ * Does not check passwords, just data sensability. Broken or Unknown auth_types are not valid for use...
+ *
+ * \retval false User credentials are missing.
+ * \retval false User credentials use an unknown scheme type.
+ * \retval false User credentials are broken for their scheme.
+ *
+ * \retval true User credentials exist and may be able to authenticate.
+ */
+ bool valid() const;
+
virtual void authenticate(HttpRequest * request, ConnStateData * conn, http_hdr_type type) = 0;
/* template method */
virtual int module_direction() = 0;
*/
virtual void module_start(RH *handler, void *data) = 0;
- virtual AuthUser *user() {return _auth_user;}
+ virtual AuthUser::Pointer user() {return _auth_user;}
- virtual const AuthUser *user() const {return _auth_user;}
+ virtual const AuthUser::Pointer user() const {return _auth_user;}
- virtual void user(AuthUser *aUser) {_auth_user=aUser;}
+ virtual void user(AuthUser::Pointer aUser) {_auth_user=aUser;}
- static auth_acl_t tryToAuthenticateAndSetAuthUser(AuthUserRequest **, http_hdr_type, HttpRequest *, ConnStateData *, IpAddress &);
- static void addReplyAuthHeader(HttpReply * rep, AuthUserRequest * auth_user_request, HttpRequest * request, int accelerated, int internal);
+ static AuthAclState tryToAuthenticateAndSetAuthUser(AuthUserRequest::Pointer *, http_hdr_type, HttpRequest *, ConnStateData *, Ip::Address &);
+ static void addReplyAuthHeader(HttpReply * rep, AuthUserRequest::Pointer auth_user_request, HttpRequest * request, int accelerated, int internal);
AuthUserRequest();
/** Possibly overrideable in future */
char const * getDenyMessage();
- size_t refCount() const;
- void _lock(); /**< \note please use AUTHUSERREQUESTLOCK() */
- void _unlock(); /**< \note please use AUTHUSERREQUESTUNLOCK() */
-
/**
* Squid does not make assumptions about where the username is stored.
* This function must return a pointer to a NULL terminated string to be used in logging the request.
*/
char const *username() const;
- AuthScheme *scheme() const;
+ AuthScheme::Pointer scheme() const;
virtual const char * connLastHeader();
private:
- static auth_acl_t authenticate(AuthUserRequest ** auth_user_request, http_hdr_type headertype, HttpRequest * request, ConnStateData * conn, IpAddress &src_addr);
+ static AuthAclState authenticate(AuthUserRequest::Pointer * auth_user_request, http_hdr_type headertype, HttpRequest * request, ConnStateData * conn, Ip::Address &src_addr);
/** return a message on the 407 error pages */
char *message;
- /** how many 'processes' are working on this data */
- size_t references;
-
/**
* We only attempt authentication once per http request. This
* is to allow multiple auth acl references from different _access areas
* when using connection based authentication
*/
- auth_acl_t lastReply;
+ AuthAclState lastReply;
};
/* AuthUserRequest */
-/**
- \ingroup AuthAPI
- \deprecated Use AuthUserRequest::refCount() instead.
- */
-extern size_t authenticateRequestRefCount (AuthUserRequest *);
-
/// \ingroup AuthAPI
-extern void authenticateFixHeader(HttpReply *, AuthUserRequest *, HttpRequest *, int, int);
+extern void authenticateFixHeader(HttpReply *, AuthUserRequest::Pointer, HttpRequest *, int, int);
/// \ingroup AuthAPI
-extern void authenticateAddTrailer(HttpReply *, AuthUserRequest *, HttpRequest *, int);
+extern void authenticateAddTrailer(HttpReply *, AuthUserRequest::Pointer, HttpRequest *, int);
/// \ingroup AuthAPI
-extern void authenticateAuthUserRequestRemoveIp(AuthUserRequest *, IpAddress const &);
+extern void authenticateAuthUserRequestRemoveIp(AuthUserRequest::Pointer, Ip::Address const &);
/// \ingroup AuthAPI
-extern void authenticateAuthUserRequestClearIp(AuthUserRequest *);
+extern void authenticateAuthUserRequestClearIp(AuthUserRequest::Pointer);
/// \ingroup AuthAPI
-extern int authenticateAuthUserRequestIPCount(AuthUserRequest *);
+extern int authenticateAuthUserRequestIPCount(AuthUserRequest::Pointer);
/// \ingroup AuthAPI
/// \deprecated Use AuthUserRequest::direction() instead.
-extern int authenticateDirection(AuthUserRequest *);
+extern int authenticateDirection(AuthUserRequest::Pointer);
/// \ingroup AuthAPI
/// See AuthUserRequest::authenticated()
-extern int authenticateUserAuthenticated(AuthUserRequest *);
-/// \ingroup AuthAPI
-extern int authenticateValidateUser(AuthUserRequest *);
-
-/// \todo Drop dead code? or make a debugging option.
-#if 0
-#define AUTHUSERREQUESTUNLOCK(a,b) if(a){(a)->_unlock();debugs(0,0,HERE << "auth_user_request " << a << " was unlocked for " << b); (a)=NULL;}
-#define AUTHUSERREQUESTLOCK(a,b) { (a)->_lock(); debugs(0,0,HERE << "auth_user_request " << a << " was locked for " << b); }
-#endif
-#define AUTHUSERREQUESTUNLOCK(a,b) if(a){(a)->_unlock();(a)=NULL;}
-#define AUTHUSERREQUESTLOCK(a,b) (a)->_lock()
+extern int authenticateUserAuthenticated(AuthUserRequest::Pointer);
#endif /* SQUID_AUTHUSERREQUEST_H */
#include "squid.h"
-#include "auth_basic.h"
+#include "auth/basic/auth_basic.h"
+#include "auth/basic/basicScheme.h"
+#include "auth/basic/basicUserRequest.h"
#include "auth/Gadgets.h"
+#include "auth/State.h"
#include "CacheManager.h"
#include "Store.h"
#include "HttpReply.h"
-#include "basicScheme.h"
#include "rfc1738.h"
#include "wordlist.h"
#include "SquidTime.h"
-static void
-authenticateStateFree(AuthenticateStateData * r)
-{
- cbdataFree(r);
-}
-
/* Basic Scheme */
-
static HLPCB authenticateBasicHandleReply;
static AUTHSSTATS authenticateBasicStats;
static helper *basicauthenticators = NULL;
-static AuthBasicConfig basicConfig;
-
static int authbasic_initialised = 0;
/* internal functions */
-/* TODO: move to basicScheme.cc - after all per request and user functions are moved out */
-void
-basicScheme::done()
-{
- /* TODO: this should be a Config call. */
-
- if (basicauthenticators)
- helperShutdown(basicauthenticators);
-
- authbasic_initialised = 0;
-
- if (!shutting_down)
- return;
-
- delete basicauthenticators;
- basicauthenticators = NULL;
-
- /* XXX Reinstate auth shutdown for dynamic schemes? */
- debugs(29, DBG_CRITICAL, HERE << "Basic authentication Shutdown.");
-}
-
bool
AuthBasicConfig::active() const
{
const char *
AuthBasicConfig::type() const
{
- return basicScheme::GetInstance().type();
+ return basicScheme::GetInstance()->type();
}
-AuthBasicUserRequest::AuthBasicUserRequest() : _theUser(NULL)
-{}
+int32_t
+BasicUser::ttl() const
+{
+ if (credentials() != Ok && credentials() != Pending)
+ return -1; // TTL is obsolete NOW.
-AuthBasicUserRequest::~AuthBasicUserRequest()
-{}
+ int32_t basic_ttl = expiretime - squid_curtime + static_cast<AuthBasicConfig*>(config)->credentialsTTL;
+ int32_t global_ttl = static_cast<int32_t>(expiretime - squid_curtime + Config.authenticateTTL);
+ return min(basic_ttl, global_ttl);
+}
bool
BasicUser::authenticated() const
{
- if ((flags.credentials_ok == 1) && (credentials_checkedtime + basicConfig.credentialsTTL > squid_curtime))
+ if ((credentials() == Ok) && (expiretime + static_cast<AuthBasicConfig*>(config)->credentialsTTL > squid_curtime))
return true;
debugs(29, 4, "User not authenticated or credentials need rechecking.");
return false;
}
-int
-AuthBasicUserRequest::authenticated() const
-{
- BasicUser const *basic_auth = dynamic_cast<BasicUser const *>(user());
-
- if (basic_auth && basic_auth->authenticated())
- return 1;
-
- return 0;
-}
-
-/* log a basic user in
- */
void
-AuthBasicUserRequest::authenticate(HttpRequest * request, ConnStateData * conn, http_hdr_type type)
+AuthBasicConfig::fixHeader(AuthUserRequest::Pointer auth_user_request, HttpReply *rep, http_hdr_type hdrType, HttpRequest * request)
{
- assert(user() != NULL);
-
- basic_data *basic_auth = dynamic_cast<BasicUser *>(user());
-
- /* if the password is not ok, do an identity */
-
- if (!basic_auth || basic_auth->flags.credentials_ok != 1)
- return;
-
- /* are we about to recheck the credentials externally? */
- if ((basic_auth->credentials_checkedtime + basicConfig.credentialsTTL) <= squid_curtime) {
- debugs(29, 4, "authBasicAuthenticate: credentials expired - rechecking");
- return;
+ if (authenticate) {
+ debugs(29, 9, HERE << "Sending type:" << hdrType << " header: 'Basic realm=\"" << basicAuthRealm << "\"'");
+ httpHeaderPutStrf(&rep->header, hdrType, "Basic realm=\"%s\"", basicAuthRealm);
}
-
- /* we have been through the external helper, and the credentials haven't expired */
- debugs(29, 9, "authenticateBasicAuthenticateuser: user '" << basic_auth->username() << "' authenticated");
-
- /* Decode now takes care of finding the AuthUser struct in the cache */
- /* after external auth occurs anyway */
- basic_auth->expiretime = current_time.tv_sec;
-
- return;
}
-int
-AuthBasicUserRequest::module_direction()
+void
+AuthBasicConfig::rotateHelpers()
{
- /* null auth_user is checked for by authenticateDirection */
- basic_data *basic_auth = dynamic_cast<BasicUser *>(user());
- assert (basic_auth);
-
- switch (basic_auth->flags.credentials_ok) {
-
- case 0: /* not checked */
- return -1;
-
- case 1: /* checked & ok */
-
- if (basic_auth->credentials_checkedtime + basicConfig.credentialsTTL <= squid_curtime)
- return -1;
-
- return 0;
-
- case 2: /* paused while waiting for a username:password check on another request */
- return -1;
-
- case 3: /* authentication process failed. */
- return 0;
+ /* schedule closure of existing helpers */
+ if (basicauthenticators) {
+ helperShutdown(basicauthenticators);
}
- return -2;
+ /* NP: dynamic helper restart will ensure they start up again as needed. */
}
+/** shutdown the auth helpers and free any allocated configuration details */
void
-AuthBasicConfig::fixHeader(AuthUserRequest *auth_user_request, HttpReply *rep, http_hdr_type hdrType, HttpRequest * request)
+AuthBasicConfig::done()
{
- if (authenticate) {
- debugs(29, 9, HERE << "Sending type:" << hdrType << " header: 'Basic realm=\"" << basicAuthRealm << "\"'");
- httpHeaderPutStrf(&rep->header, hdrType, "Basic realm=\"%s\"", basicAuthRealm);
+ authbasic_initialised = 0;
+
+ if (basicauthenticators) {
+ helperShutdown(basicauthenticators);
}
-}
-/* free any allocated configuration details */
-void
-AuthBasicConfig::done()
-{
+ delete basicauthenticators;
+ basicauthenticators = NULL;
+
if (authenticate)
wordlistDestroy(&authenticate);
static void
authenticateBasicHandleReply(void *data, char *reply)
{
- AuthenticateStateData *r = static_cast<AuthenticateStateData *>(data);
+ authenticateStateData *r = static_cast<authenticateStateData *>(data);
BasicAuthQueueNode *tmpnode;
char *t = NULL;
void *cbdata;
assert(r->auth_user_request != NULL);
assert(r->auth_user_request->user()->auth_type == AUTH_BASIC);
- basic_data *basic_auth = dynamic_cast<basic_data *>(r->auth_user_request->user());
+
+ /* this is okay since we only play with the BasicUser child fields below
+ * and dont pass the pointer itself anywhere */
+ BasicUser *basic_auth = dynamic_cast<BasicUser *>(r->auth_user_request->user().getRaw());
assert(basic_auth != NULL);
if (reply && (strncasecmp(reply, "OK", 2) == 0))
- basic_auth->flags.credentials_ok = 1;
+ basic_auth->credentials(AuthUser::Ok);
else {
- basic_auth->flags.credentials_ok = 3;
+ basic_auth->credentials(AuthUser::Failed);
if (t && *t)
r->auth_user_request->setDenyMessage(t);
}
- basic_auth->credentials_checkedtime = squid_curtime;
+ basic_auth->expiretime = squid_curtime;
if (cbdataReferenceValidDone(r->data, &cbdata))
r->handler(cbdata, NULL);
storeAppendPrintf(entry, "%s basic casesensitive %s\n", name, casesensitive ? "on" : "off");
}
-AuthBasicConfig::AuthBasicConfig() : authenticateChildren(20)
+AuthBasicConfig::AuthBasicConfig() :
+ credentialsTTL( 2*60*60 ),
+ casesensitive(0),
+ utf8(0)
{
- /* TODO: move into initialisation list */
- credentialsTTL = 2 * 60 * 60; /* two hours */
basicAuthRealm = xstrdup("Squid proxy-caching web server");
}
helperStats(sentry, basicauthenticators, "Basic Authenticator Statistics");
}
-CBDATA_TYPE(AuthenticateStateData);
-
-static AuthUser *
+static AuthUser::Pointer
authBasicAuthUserFindUsername(const char *username)
{
AuthUserHashPointer *usernamehash;
delete this;
}
-BasicUser::BasicUser(AuthConfig *aConfig) : AuthUser (aConfig) , passwd (NULL), credentials_checkedtime(0), auth_queue(NULL), cleartext (NULL), currentRequest (NULL), httpAuthHeader (NULL)
-{
- flags.credentials_ok = 0;
-}
+BasicUser::BasicUser(AuthConfig *aConfig) :
+ AuthUser(aConfig),
+ passwd(NULL),
+ auth_queue(NULL),
+ cleartext(NULL),
+ currentRequest(NULL),
+ httpAuthHeader(NULL)
+{}
bool
BasicUser::decodeCleartext()
*seperator = ':';
}
- if (!basicConfig.casesensitive)
+ if (!static_cast<AuthBasicConfig*>(config)->casesensitive)
Tolower((char *)username());
}
}
void
-BasicUser::decode(char const *proxy_auth, AuthUserRequest *auth_user_request)
+BasicUser::decode(char const *proxy_auth, AuthUserRequest::Pointer auth_user_request)
{
currentRequest = auth_user_request;
httpAuthHeader = proxy_auth;
- if (decodeCleartext ()) {
+ if (decodeCleartext()) {
extractUsername();
extractPassword();
}
- currentRequest = NULL;
+ currentRequest = NULL; // AYJ: why ?? we have only just filled it with data!
+ // so that we dont have circular UserRequest->User->UseRequest loops persisting outside the auth decode sequence????
+
+ // okay we dont need the original buffer string any more.
httpAuthHeader = NULL;
}
return true;
}
+/**
+ * Generate a duplicate of the bad credentials before clearing the working copy.
+ */
void
-BasicUser::makeLoggingInstance(AuthBasicUserRequest *auth_user_request)
+BasicUser::makeLoggingInstance(AuthUserRequest::Pointer auth_user_request)
{
if (username()) {
/* log the username */
debugs(29, 9, HERE << "Creating new user for logging '" << username() << "'");
/* new scheme data */
- BasicUser *basic_auth = new BasicUser(& basicConfig);
+ AuthUser::Pointer basic_auth = dynamic_cast<AuthUser*>(new BasicUser(config));
auth_user_request->user(basic_auth);
/* save the credentials */
basic_auth->username(username());
username(NULL);
/* set the auth_user type */
basic_auth->auth_type = AUTH_BROKEN;
- /* link the request to the user */
- basic_auth->addRequest(auth_user_request);
}
}
-AuthUser *
-BasicUser::makeCachedFrom()
-{
- /* the user doesn't exist in the username cache yet */
- debugs(29, 9, HERE << "Creating new user '" << username() << "'");
- BasicUser *basic_user = new BasicUser(&basicConfig);
- /* save the credentials */
- basic_user->username(username());
- username(NULL);
- basic_user->passwd = passwd;
- passwd = NULL;
- /* set the auth_user type */
- basic_user->auth_type = AUTH_BASIC;
- /* current time for timeouts */
- basic_user->expiretime = current_time.tv_sec;
-
- /* this basic_user struct is the 'lucky one' to get added to the username cache */
- /* the requests after this link to the basic_user */
- /* store user in hash */
- basic_user->addToNameCache();
- return basic_user;
-}
-
void
BasicUser::updateCached(BasicUser *from)
{
- debugs(29, 9, HERE << "Found user '" << from->username() << "' in the user cache as '" << this << "'");
+ debugs(29, 9, HERE << "Found user '" << from->username() << "' already in the user cache as '" << this << "'");
+
+ assert(strcmp(from->username(), username()) == 0);
if (strcmp(from->passwd, passwd)) {
debugs(29, 4, HERE << "new password found. Updating in user master record and resetting auth state to unchecked");
- flags.credentials_ok = 0;
+ credentials(Unchecked);
xfree(passwd);
passwd = from->passwd;
from->passwd = NULL;
}
- if (flags.credentials_ok == 3) {
+ if (credentials() == Failed) {
debugs(29, 4, HERE << "last attempt to authenticate this user failed, resetting auth state to unchecked");
- flags.credentials_ok = 0;
+ credentials(Unchecked);
}
}
* "cannot decode credentials". Use the message field to return a
* descriptive message to the user.
*/
-AuthUserRequest *
+AuthUserRequest::Pointer
AuthBasicConfig::decode(char const *proxy_auth)
{
- AuthBasicUserRequest *auth_user_request = new AuthBasicUserRequest();
+ AuthUserRequest::Pointer auth_user_request = dynamic_cast<AuthUserRequest*>(new AuthBasicUserRequest);
/* decode the username */
/* trim BASIC from string */
while (xisgraph(*proxy_auth))
proxy_auth++;
- BasicUser *basic_auth, local_basic(&basicConfig);
+ /* decoder copy. maybe temporary. maybe added to hash if none already existing. */
+ BasicUser *local_basic = new BasicUser(this);
/* Trim leading whitespace before decoding */
while (xisspace(*proxy_auth))
proxy_auth++;
- local_basic.decode(proxy_auth, auth_user_request);
+ local_basic->decode(proxy_auth, auth_user_request);
- if (!local_basic.valid()) {
- local_basic.makeLoggingInstance(auth_user_request);
+ if (!local_basic->valid()) {
+ local_basic->makeLoggingInstance(auth_user_request);
return auth_user_request;
}
- /* now lookup and see if we have a matching auth_user structure in
- * memory. */
+ /* now lookup and see if we have a matching auth_user structure in memory. */
+ AuthUser::Pointer auth_user;
+
+ if ((auth_user = authBasicAuthUserFindUsername(local_basic->username())) == NULL) {
+ /* the user doesn't exist in the username cache yet */
+ /* save the credentials */
+ debugs(29, 9, HERE << "Creating new user '" << local_basic->username() << "'");
+ /* set the auth_user type */
+ local_basic->auth_type = AUTH_BASIC;
+ /* current time for timeouts */
+ local_basic->expiretime = current_time.tv_sec;
- AuthUser *auth_user;
+ /* this basic_user struct is the 'lucky one' to get added to the username cache */
+ /* the requests after this link to the basic_user */
+ /* store user in hash */
+ local_basic->addToNameCache();
- if ((auth_user = authBasicAuthUserFindUsername(local_basic.username())) == NULL) {
- auth_user = local_basic.makeCachedFrom();
- basic_auth = dynamic_cast<BasicUser *>(auth_user);
- assert (basic_auth);
+ auth_user = dynamic_cast<AuthUser*>(local_basic);
+ assert(auth_user != NULL);
} else {
- basic_auth = dynamic_cast<BasicUser *>(auth_user);
- assert (basic_auth);
- basic_auth->updateCached (&local_basic);
+ /* replace the current cached password with the new one */
+ BasicUser *basic_auth = dynamic_cast<BasicUser *>(auth_user.getRaw());
+ assert(basic_auth);
+ basic_auth->updateCached(local_basic);
+ auth_user = basic_auth;
}
/* link the request to the in-cache user */
- auth_user_request->user(basic_auth);
-
- basic_auth->addRequest(auth_user_request);
-
+ auth_user_request->user(auth_user);
return auth_user_request;
}
/** Initialize helpers and the like for this auth scheme. Called AFTER parsing the
* config file */
void
-AuthBasicConfig::init(AuthConfig * scheme)
+AuthBasicConfig::init(AuthConfig * schemeCfg)
{
if (authenticate) {
authbasic_initialised = 1;
helperOpenServers(basicauthenticators);
- CBDATA_INIT_TYPE(AuthenticateStateData);
+ CBDATA_INIT_TYPE(authenticateStateData);
}
}
}
void
-BasicUser::queueRequest(AuthUserRequest * auth_user_request, RH * handler, void *data)
+BasicUser::queueRequest(AuthUserRequest::Pointer auth_user_request, RH * handler, void *data)
{
BasicAuthQueueNode *node;
- node = static_cast<BasicAuthQueueNode *>(xmalloc(sizeof(BasicAuthQueueNode)));
+ node = static_cast<BasicAuthQueueNode *>(xcalloc(1, sizeof(BasicAuthQueueNode)));
assert(node);
/* save the details */
node->next = auth_queue;
node->data = cbdataReference(data);
}
-/* send the initial data to a basic authenticator module */
void
-AuthBasicUserRequest::module_start(RH * handler, void *data)
+BasicUser::submitRequest(AuthUserRequest::Pointer auth_user_request, RH * handler, void *data)
{
- basic_data *basic_auth;
- assert(user()->auth_type == AUTH_BASIC);
- basic_auth = dynamic_cast<basic_data *>(user());
- assert(basic_auth != NULL);
- debugs(29, 9, HERE << "'" << basic_auth->username() << ":" << basic_auth->passwd << "'");
-
- if (basicConfig.authenticate == NULL) {
- handler(data, NULL);
- return;
- }
-
- /* check to see if the auth_user already has a request outstanding */
- if (basic_auth->flags.credentials_ok == 2) {
- /* there is a request with the same credentials already being verified */
- basic_auth->queueRequest(this, handler, data);
- return;
- }
-
- basic_auth->submitRequest (this, handler, data);
-}
-
-void
-BasicUser::submitRequest(AuthUserRequest * auth_user_request, RH * handler, void *data)
-{
- /* mark the user as haveing verification in progress */
- flags.credentials_ok = 2;
- AuthenticateStateData *r = NULL;
+ /* mark the user as having verification in progress */
+ credentials(Pending);
+ authenticateStateData *r = NULL;
char buf[8192];
char user[1024], pass[1024];
- r = cbdataAlloc(AuthenticateStateData);
+ r = cbdataAlloc(authenticateStateData);
r->handler = handler;
r->data = cbdataReference(data);
r->auth_user_request = auth_user_request;
- if (basicConfig.utf8) {
+ if (static_cast<AuthBasicConfig*>(config)->utf8) {
latin1_to_utf8(user, sizeof(user), username());
latin1_to_utf8(pass, sizeof(pass), passwd);
xstrncpy(user, rfc1738_escape(user), sizeof(user));
snprintf(buf, sizeof(buf), "%s %s\n", user, pass);
helperSubmit(basicauthenticators, buf, authenticateBasicHandleReply, r);
}
-
-AuthConfig *
-basicScheme::createConfig()
-{
- return &basicConfig;
-}
#ifndef __AUTH_BASIC_H__
#define __AUTH_BASIC_H__
+
#include "auth/Gadgets.h"
#include "auth/User.h"
#include "auth/UserRequest.h"
#define DefaultAuthenticateChildrenMax 32 /* 32 processes */
-/* Generic */
-
-class AuthenticateStateData
-{
-
-public:
- void *data;
- AuthUserRequest *auth_user_request;
- RH *handler;
-};
-
-/* queue of auth requests waiting for verification to occur */
-
+/** queue of auth requests waiting for verification to occur */
class BasicAuthQueueNode
{
public:
BasicAuthQueueNode *next;
- AuthUserRequest *auth_user_request;
+ AuthUserRequest::Pointer auth_user_request;
RH *handler;
void *data;
};
-class AuthBasicUserRequest;
-
class BasicUser : public AuthUser
{
BasicUser(AuthConfig *);
~BasicUser();
bool authenticated() const;
- void queueRequest(AuthUserRequest * auth_user_request, RH * handler, void *data);
- void submitRequest (AuthUserRequest * auth_user_request, RH * handler, void *data);
- void decode(char const *credentials, AuthUserRequest *);
+ void queueRequest(AuthUserRequest::Pointer auth_user_request, RH * handler, void *data);
+ void submitRequest(AuthUserRequest::Pointer auth_user_request, RH * handler, void *data);
+ void decode(char const *credentials, AuthUserRequest::Pointer);
char *getCleartext() {return cleartext;}
bool valid() const;
- void makeLoggingInstance(AuthBasicUserRequest *auth_user_request);
- AuthUser * makeCachedFrom();
+ void makeLoggingInstance(AuthUserRequest::Pointer auth_user_request);
+
+ /** Update the cached password for a username. */
void updateCached(BasicUser *from);
- char *passwd;
- time_t credentials_checkedtime;
+ virtual int32_t ttl() const;
- struct {
+ char *passwd;
-unsigned int credentials_ok:
- 2; /*0=unchecked,1=ok,2=failed */
- } flags;
BasicAuthQueueNode *auth_queue;
private:
void extractUsername();
void extractPassword();
char *cleartext;
- AuthUserRequest *currentRequest;
+ AuthUserRequest::Pointer currentRequest;
char const *httpAuthHeader;
};
MEMPROXY_CLASS_INLINE(BasicUser);
-typedef class BasicUser basic_data;
-
-/* follows the http request around */
-
-class AuthBasicUserRequest : public AuthUserRequest
-{
-
-public:
- MEMPROXY_CLASS(AuthBasicUserRequest);
-
- AuthBasicUserRequest();
- virtual ~AuthBasicUserRequest();
-
- virtual int authenticated() const;
- virtual void authenticate(HttpRequest * request, ConnStateData *conn, http_hdr_type type);
- virtual int module_direction();
- virtual void module_start(RH *, void *);
- virtual AuthUser *user() {return _theUser;}
-
- virtual const AuthUser *user() const {return _theUser;}
-
- virtual void user (AuthUser *aUser) {_theUser=dynamic_cast<BasicUser *>(aUser);}
-
-private:
- BasicUser *_theUser;
-};
-
-MEMPROXY_CLASS_INLINE(AuthBasicUserRequest);
-
-#include "HelperChildConfig.h"
-
/* configuration runtime data */
class AuthBasicConfig : public AuthConfig
~AuthBasicConfig();
virtual bool active() const;
virtual bool configured() const;
- virtual AuthUserRequest *decode(char const *proxy_auth);
+ virtual AuthUserRequest::Pointer decode(char const *proxy_auth);
virtual void done();
+ virtual void rotateHelpers();
virtual void dump(StoreEntry *, const char *, AuthConfig *);
- virtual void fixHeader(AuthUserRequest *, HttpReply *, http_hdr_type, HttpRequest *);
+ virtual void fixHeader(AuthUserRequest::Pointer, HttpReply *, http_hdr_type, HttpRequest *);
virtual void init(AuthConfig *);
virtual void parse(AuthConfig *, int, char *);
virtual void registerWithCacheManager(void);
virtual const char * type() const;
- HelperChildConfig authenticateChildren;
char *basicAuthRealm;
- wordlist *authenticate;
time_t credentialsTTL;
int casesensitive;
int utf8;
};
-#endif
+#endif /* __AUTH_BASIC_H__ */
-
/*
* $Id$
*
*
*/
-#include "basicScheme.h"
+#include "config.h"
+#include "auth/basic/basicScheme.h"
+#include "helper.h"
+
+/* for AuthConfig */
+#include "auth/basic/auth_basic.h"
+
+AuthScheme::Pointer basicScheme::_instance = NULL;
-AuthScheme &
+AuthScheme::Pointer
basicScheme::GetInstance()
{
- if (_instance == NULL)
+ if (_instance == NULL) {
_instance = new basicScheme();
- return *_instance;
-}
-
-basicScheme::basicScheme()
-{
- AddScheme(*this);
+ AddScheme(_instance);
+ }
+ return _instance;
}
char const *
return "basic";
}
-basicScheme *basicScheme::_instance = NULL;
+void
+basicScheme::done()
+{
+ /* clear the global handle to this scheme. */
+ _instance = NULL;
+
+ debugs(29, DBG_CRITICAL, HERE << "Basic authentication Schema Detached.");
+}
+
+AuthConfig *
+basicScheme::createConfig()
+{
+ AuthBasicConfig *newCfg = new AuthBasicConfig;
+ return dynamic_cast<AuthConfig*>(newCfg);
+}
-
/*
* $Id$
*
#define SQUID_BASICSCHEME_H
#include "auth/Scheme.h"
+#include "auth/basic/auth_basic.h"
/// \ingroup AuthAPI
/// \ingroup AuthSchemeAPI
{
public:
- static AuthScheme &GetInstance();
- basicScheme();
+ static AuthScheme::Pointer GetInstance();
+ basicScheme() {};
virtual ~basicScheme() {}
/* per scheme */
basicScheme &operator=(basicScheme const &);
private:
- static basicScheme *_instance;
+ static AuthScheme::Pointer _instance;
+// AuthBasicConfig basicConfig;
};
#endif /* SQUID_BASICSCHEME_H */
--- /dev/null
+#include "config.h"
+#include "auth/basic/basicUserRequest.h"
+#include "SquidTime.h"
+
+#include "auth/basic/auth_basic.h"
+
+int
+AuthBasicUserRequest::authenticated() const
+{
+ BasicUser const *basic_auth = dynamic_cast<BasicUser const *>(user().getRaw());
+
+ if (basic_auth && basic_auth->authenticated())
+ return 1;
+
+ return 0;
+}
+
+/* log a basic user in
+ */
+void
+AuthBasicUserRequest::authenticate(HttpRequest * request, ConnStateData * conn, http_hdr_type type)
+{
+ assert(user() != NULL);
+
+ /* if the password is not ok, do an identity */
+ if (!user() || user()->credentials() != AuthUser::Ok)
+ return;
+
+ /* are we about to recheck the credentials externally? */
+ if ((user()->expiretime + static_cast<AuthBasicConfig*>(AuthConfig::Find("basic"))->credentialsTTL) <= squid_curtime) {
+ debugs(29, 4, HERE << "credentials expired - rechecking");
+ return;
+ }
+
+ /* we have been through the external helper, and the credentials haven't expired */
+ debugs(29, 9, HERE << "user '" << user()->username() << "' authenticated");
+
+ /* Decode now takes care of finding the AuthUser struct in the cache */
+ /* after external auth occurs anyway */
+ user()->expiretime = current_time.tv_sec;
+
+ return;
+}
+
+int
+AuthBasicUserRequest::module_direction()
+{
+ /* null auth_user is checked for by authenticateDirection */
+ if (user()->auth_type != AUTH_BASIC)
+ return -2;
+
+ switch (user()->credentials()) {
+
+ case AuthUser::Unchecked:
+ case AuthUser::Pending:
+ return -1;
+
+ case AuthUser::Ok:
+ if (user()->expiretime + static_cast<AuthBasicConfig*>(AuthConfig::Find("basic"))->credentialsTTL <= squid_curtime)
+ return -1;
+ return 0;
+
+ case AuthUser::Failed:
+ return 0;
+
+ default:
+ return -2;
+ }
+}
+
+/* send the initial data to a basic authenticator module */
+void
+AuthBasicUserRequest::module_start(RH * handler, void *data)
+{
+ assert(user()->auth_type == AUTH_BASIC);
+ BasicUser *basic_auth = dynamic_cast<BasicUser *>(user().getRaw());
+ assert(basic_auth != NULL);
+ debugs(29, 9, HERE << "'" << basic_auth->username() << ":" << basic_auth->passwd << "'");
+
+ if (static_cast<AuthBasicConfig*>(AuthConfig::Find("basic"))->authenticate == NULL) {
+ debugs(29, DBG_CRITICAL, "ERROR: No Basic authentication program configured.");
+ handler(data, NULL);
+ return;
+ }
+
+ /* check to see if the auth_user already has a request outstanding */
+ if (user()->credentials() == AuthUser::Pending) {
+ /* there is a request with the same credentials already being verified */
+ basic_auth->queueRequest(this, handler, data);
+ return;
+ }
+
+ basic_auth->submitRequest(this, handler, data);
+}
+
--- /dev/null
+#ifndef _SQUID_SRC_AUTH_BASIC_USERREQUEST_H
+#define _SQUID_SRC_AUTH_BASIC_USERREQUEST_H
+
+#include "MemPool.h"
+#include "auth/UserRequest.h"
+
+class ConnStateData;
+class HttpRequest;
+
+/* follows the http request around */
+
+class AuthBasicUserRequest : public AuthUserRequest
+{
+
+public:
+ MEMPROXY_CLASS(AuthBasicUserRequest);
+
+ AuthBasicUserRequest() {};
+ virtual ~AuthBasicUserRequest() { assert(RefCountCount()==0); };
+
+ virtual int authenticated() const;
+ virtual void authenticate(HttpRequest * request, ConnStateData *conn, http_hdr_type type);
+ virtual int module_direction();
+ virtual void module_start(RH *, void *);
+};
+
+MEMPROXY_CLASS_INLINE(AuthBasicUserRequest);
+
+#endif /* _SQUID_SRC_AUTH_BASIC_USERREQUEST_H */
#include "squid.h"
#include "rfc2617.h"
-#include "auth_digest.h"
+#include "auth/digest/auth_digest.h"
#include "auth/Gadgets.h"
#include "event.h"
#include "CacheManager.h"
#include "wordlist.h"
#include "SquidTime.h"
/* TODO don't include this */
-#include "digestScheme.h"
+#include "auth/digest/digestScheme.h"
+#include "auth/digest/digestUserRequest.h"
/* Digest Scheme */
-static HLPCB authenticateDigestHandleReply;
static AUTHSSTATS authenticateDigestStats;
-static helper *digestauthenticators = NULL;
+helper *digestauthenticators = NULL;
static hash_table *digest_nonce_cache;
-static AuthDigestConfig digestConfig;
-
static int authdigest_initialised = 0;
static MemAllocator *digest_nonce_pool = NULL;
-CBDATA_TYPE(DigestAuthenticateStateData);
+// CBDATA_TYPE(DigestAuthenticateStateData);
+
+enum http_digest_attr_type {
+ DIGEST_USERNAME,
+ DIGEST_REALM,
+ DIGEST_QOP,
+ DIGEST_ALGORITHM,
+ DIGEST_URI,
+ DIGEST_NONCE,
+ DIGEST_NC,
+ DIGEST_CNONCE,
+ DIGEST_RESPONSE,
+ DIGEST_ENUM_END
+};
+
+static const HttpHeaderFieldAttrs DigestAttrs[DIGEST_ENUM_END] = {
+ {"username", (http_hdr_type)DIGEST_USERNAME},
+ {"realm", (http_hdr_type)DIGEST_REALM},
+ {"qop", (http_hdr_type)DIGEST_QOP},
+ {"algorithm", (http_hdr_type)DIGEST_ALGORITHM},
+ {"uri", (http_hdr_type)DIGEST_URI},
+ {"nonce", (http_hdr_type)DIGEST_NONCE},
+ {"nc", (http_hdr_type)DIGEST_NC},
+ {"cnonce", (http_hdr_type)DIGEST_CNONCE},
+ {"response", (http_hdr_type)DIGEST_RESPONSE},
+};
+
+static HttpHeaderFieldInfo *DigestFieldsInfo = NULL;
/*
*
static void authenticateDigestNonceSetup(void);
static void authenticateDigestNonceShutdown(void);
static void authenticateDigestNonceReconfigure(void);
-static const char *authenticateDigestNonceNonceb64(digest_nonce_h * nonce);
-static int authDigestNonceIsValid(digest_nonce_h * nonce, char nc[9]);
static int authDigestNonceIsStale(digest_nonce_h * nonce);
static void authDigestNonceEncode(digest_nonce_h * nonce);
-static int authDigestNonceLastRequest(digest_nonce_h * nonce);
static void authDigestNonceLink(digest_nonce_h * nonce);
-static void authDigestNonceUnlink(digest_nonce_h * nonce);
#if NOT_USED
static int authDigestNonceLinks(digest_nonce_h * nonce);
#endif
safe_free(nonce->key);
- digest_nonce_pool->free(nonce);
+ digest_nonce_pool->freeOne(nonce);
}
}
if (!digest_nonce_cache) {
digest_nonce_cache = hash_create((HASHCMP *) strcmp, 7921, hash_string);
assert(digest_nonce_cache);
- eventAdd("Digest none cache maintenance", authenticateDigestNonceCacheCleanup, NULL, digestConfig.nonceGCInterval, 1);
+ eventAdd("Digest none cache maintenance", authenticateDigestNonceCacheCleanup, NULL, static_cast<AuthDigestConfig*>(AuthConfig::Find("digest"))->nonceGCInterval, 1);
}
}
debugs(29, 3, "authenticateDigestNonceCacheCleanup: Finished cleaning the nonce cache.");
- if (digestConfig.active())
- eventAdd("Digest none cache maintenance", authenticateDigestNonceCacheCleanup, NULL, digestConfig.nonceGCInterval, 1);
+ if (static_cast<AuthDigestConfig*>(AuthConfig::Find("digest"))->active())
+ eventAdd("Digest none cache maintenance", authenticateDigestNonceCacheCleanup, NULL, static_cast<AuthDigestConfig*>(AuthConfig::Find("digest"))->nonceGCInterval, 1);
}
static void
#endif
-static void
+void
authDigestNonceUnlink(digest_nonce_h * nonce)
{
assert(nonce != NULL);
authenticateDigestNonceDelete(nonce);
}
-static const char *
-authenticateDigestNonceNonceb64(digest_nonce_h * nonce)
+const char *
+authenticateDigestNonceNonceb64(const digest_nonce_h * nonce)
{
if (!nonce)
return NULL;
return nonce;
}
-static int
+int
authDigestNonceIsValid(digest_nonce_h * nonce, char nc[9])
{
unsigned long intnc;
}
/* is the nonce-count ok ? */
- if (!digestConfig.CheckNonceCount) {
+ if (!static_cast<AuthDigestConfig*>(AuthConfig::Find("digest"))->CheckNonceCount) {
nonce->nc++;
return -1; /* forced OK by configuration */
}
- if ((digestConfig.NonceStrictness && intnc != nonce->nc + 1) ||
+ if ((static_cast<AuthDigestConfig*>(AuthConfig::Find("digest"))->NonceStrictness && intnc != nonce->nc + 1) ||
intnc < nonce->nc + 1) {
debugs(29, 4, "authDigestNonceIsValid: Nonce count doesn't match");
nonce->flags.valid = 0;
return -1;
/* has it's max duration expired? */
- if (nonce->noncedata.creationtime + digestConfig.noncemaxduration < current_time.tv_sec) {
+ if (nonce->noncedata.creationtime + static_cast<AuthDigestConfig*>(AuthConfig::Find("digest"))->noncemaxduration < current_time.tv_sec) {
debugs(29, 4, "authDigestNonceIsStale: Nonce is too old. " <<
nonce->noncedata.creationtime << " " <<
- digestConfig.noncemaxduration << " " <<
+ static_cast<AuthDigestConfig*>(AuthConfig::Find("digest"))->noncemaxduration << " " <<
current_time.tv_sec);
nonce->flags.valid = 0;
return -1;
}
- if (nonce->nc > digestConfig.noncemaxuses) {
+ if (nonce->nc > static_cast<AuthDigestConfig*>(AuthConfig::Find("digest"))->noncemaxuses) {
debugs(29, 4, "authDigestNoncelastRequest: Nonce count over user limit");
nonce->flags.valid = 0;
return -1;
return 0;
}
-/* return -1 if the digest will be stale on the next request */
-static int
+/**
+ * \retval 0 the digest is not stale yet
+ * \retval -1 the digest will be stale on the next request
+ */
+const int
authDigestNonceLastRequest(digest_nonce_h * nonce)
{
if (!nonce)
return -1;
}
- if (nonce->nc >= digestConfig.noncemaxuses - 1) {
+ if (nonce->nc >= static_cast<AuthDigestConfig*>(AuthConfig::Find("digest"))->noncemaxuses - 1) {
debugs(29, 4, "authDigestNoncelastRequest: Nonce count about to hit user limit");
return -1;
}
}
/* USER related functions */
-static AuthUser *
+static AuthUser::Pointer
authDigestUserFindUsername(const char *username)
{
AuthUserHashPointer *usernamehash;
- AuthUser *auth_user;
debugs(29, 9, HERE << "Looking for user '" << username << "'");
if (username && (usernamehash = static_cast < auth_user_hash_pointer * >(hash_lookup(proxy_auth_username_cache, username)))) {
- while ((usernamehash->user()->auth_type != AUTH_DIGEST) &&
- (usernamehash->next))
- usernamehash = static_cast < auth_user_hash_pointer * >(usernamehash->next);
-
- auth_user = NULL;
+ while ((usernamehash->user()->auth_type != AUTH_DIGEST) && (usernamehash->next))
+ usernamehash = static_cast<AuthUserHashPointer *>(usernamehash->next);
if (usernamehash->user()->auth_type == AUTH_DIGEST) {
- auth_user = usernamehash->user();
+ return usernamehash->user();
}
-
- return auth_user;
}
return NULL;
}
-static void
-authDigestUserShutdown(void)
+void
+AuthDigestConfig::rotateHelpers()
{
- /** \todo Future work: the auth framework could flush it's cache */
- AuthUserHashPointer *usernamehash;
- AuthUser *auth_user;
- hash_first(proxy_auth_username_cache);
-
- while ((usernamehash = ((auth_user_hash_pointer *) hash_next(proxy_auth_username_cache)))) {
- auth_user = usernamehash->user();
-
- if (strcmp(auth_user->config->type(), "digest") == 0)
- auth_user->unlock();
+ /* schedule closure of existing helpers */
+ if (digestauthenticators) {
+ helperShutdown(digestauthenticators);
}
+
+ /* NP: dynamic helper restart will ensure they start up again as needed. */
}
/** delete the digest request structure. Does NOT delete related structures */
if (digestauthenticators)
helperShutdown(digestauthenticators);
+ if (DigestFieldsInfo) {
+ httpHeaderDestroyFieldsInfo(DigestFieldsInfo, DIGEST_ENUM_END);
+ DigestFieldsInfo = NULL;
+ }
+
authdigest_initialised = 0;
if (!shutting_down) {
delete digestauthenticators;
digestauthenticators = NULL;
- authDigestUserShutdown();
+ PurgeCredentialsCache();
authenticateDigestNonceShutdown();
debugs(29, 2, "authenticateDigestDone: Digest authentication shut down.");
+
+ /* clear the global handle to this scheme. */
+ _instance = NULL;
}
void
return false;
}
-int
-AuthDigestUserRequest::authenticated() const
-{
- if (credentials() == Ok)
- return 1;
-
- return 0;
-}
-
-/** log a digest user in
- */
-void
-AuthDigestUserRequest::authenticate(HttpRequest * request, ConnStateData * conn, http_hdr_type type)
-{
- AuthUser *auth_user;
- AuthDigestUserRequest *digest_request;
- digest_user_h *digest_user;
-
- HASHHEX SESSIONKEY;
- HASHHEX HA2 = "";
- HASHHEX Response;
-
- assert(authUser() != NULL);
- auth_user = authUser();
-
- digest_user = dynamic_cast < digest_user_h * >(auth_user);
-
- assert(digest_user != NULL);
-
- /* if the check has corrupted the user, just return */
-
- if (credentials() == Failed) {
- return;
- }
-
- digest_request = this;
-
- /* do we have the HA1 */
-
- if (!digest_user->HA1created) {
- credentials(Pending);
- return;
- }
-
- if (digest_request->nonce == NULL) {
- /* this isn't a nonce we issued */
- credentials(Failed);
- return;
- }
-
- DigestCalcHA1(digest_request->algorithm, NULL, NULL, NULL,
- authenticateDigestNonceNonceb64(digest_request->nonce),
- digest_request->cnonce,
- digest_user->HA1, SESSIONKEY);
- DigestCalcResponse(SESSIONKEY, authenticateDigestNonceNonceb64(digest_request->nonce),
- digest_request->nc, digest_request->cnonce, digest_request->qop,
- RequestMethodStr(request->method), digest_request->uri, HA2, Response);
-
- debugs(29, 9, "\nResponse = '" << digest_request->response << "'\nsquid is = '" << Response << "'");
-
- if (strcasecmp(digest_request->response, Response) != 0) {
- if (!digest_request->flags.helper_queried) {
- /* Query the helper in case the password has changed */
- digest_request->flags.helper_queried = 1;
- digest_request->credentials_ok = Pending;
- return;
- }
-
- if (digestConfig.PostWorkaround && request->method != METHOD_GET) {
- /* Ugly workaround for certain very broken browsers using the
- * wrong method to calculate the request-digest on POST request.
- * This should be deleted once Digest authentication becomes more
- * widespread and such broken browsers no longer are commonly
- * used.
- */
- DigestCalcResponse(SESSIONKEY, authenticateDigestNonceNonceb64(digest_request->nonce),
- digest_request->nc, digest_request->cnonce, digest_request->qop,
- RequestMethodStr(METHOD_GET), digest_request->uri, HA2, Response);
-
- if (strcasecmp(digest_request->response, Response)) {
- credentials(Failed);
- digest_request->setDenyMessage("Incorrect password");
- return;
- } else {
- const char *useragent = request->header.getStr(HDR_USER_AGENT);
-
- static IpAddress last_broken_addr;
- static int seen_broken_client = 0;
-
- if (!seen_broken_client) {
- last_broken_addr.SetNoAddr();
- seen_broken_client = 1;
- }
-
- if (last_broken_addr != request->client_addr) {
- debugs(29, 1, "\nDigest POST bug detected from " <<
- request->client_addr << " using '" <<
- (useragent ? useragent : "-") <<
- "'. Please upgrade browser. See Bug #630 for details.");
-
- last_broken_addr = request->client_addr;
- }
- }
- } else {
- credentials(Failed);
- digest_request->flags.invalid_password = 1;
- digest_request->setDenyMessage("Incorrect password");
- return;
- }
-
- /* check for stale nonce */
- if (!authDigestNonceIsValid(digest_request->nonce, digest_request->nc)) {
- debugs(29, 3, "authenticateDigestAuthenticateuser: user '" << digest_user->username() << "' validated OK but nonce stale");
- credentials(Failed);
- digest_request->setDenyMessage("Stale nonce");
- return;
- }
- }
-
- credentials(Ok);
-
- /* password was checked and did match */
- debugs(29, 4, "authenticateDigestAuthenticateuser: user '" << digest_user->username() << "' validated OK");
-
- /* auth_user is now linked, we reset these values
- * after external auth occurs anyway */
- auth_user->expiretime = current_time.tv_sec;
- return;
-}
-
-int
-AuthDigestUserRequest::module_direction()
-{
- switch (credentials()) {
-
- case Unchecked:
- return -1;
-
- case Ok:
-
- return 0;
-
- case Pending:
- return -1;
-
- case Failed:
-
- /* send new challenge */
- return 1;
- }
-
- return -2;
-}
-
-/* add the [proxy]authorisation header */
-void
-AuthDigestUserRequest::addHeader(HttpReply * rep, int accel)
-{
- http_hdr_type type;
-
- /* don't add to authentication error pages */
-
- if ((!accel && rep->sline.status == HTTP_PROXY_AUTHENTICATION_REQUIRED)
- || (accel && rep->sline.status == HTTP_UNAUTHORIZED))
- return;
-
- type = accel ? HDR_AUTHENTICATION_INFO : HDR_PROXY_AUTHENTICATION_INFO;
-
-#if WAITING_FOR_TE
- /* test for http/1.1 transfer chunked encoding */
- if (chunkedtest)
- return;
-
-#endif
-
- if ((digestConfig.authenticate) && authDigestNonceLastRequest(nonce)) {
- flags.authinfo_sent = 1;
- debugs(29, 9, "authDigestAddHead: Sending type:" << type << " header: 'nextnonce=\"" << authenticateDigestNonceNonceb64(nonce) << "\"");
- httpHeaderPutStrf(&rep->header, type, "nextnonce=\"%s\"", authenticateDigestNonceNonceb64(nonce));
- }
-}
-
-#if WAITING_FOR_TE
-/* add the [proxy]authorisation header */
-void
-AuthDigestUserRequest::addTrailer(HttpReply * rep, int accel)
-{
- int type;
-
- if (!auth_user_request)
- return;
-
-
- /* has the header already been send? */
- if (flags.authinfo_sent)
- return;
-
- /* don't add to authentication error pages */
- if ((!accel && rep->sline.status == HTTP_PROXY_AUTHENTICATION_REQUIRED)
- || (accel && rep->sline.status == HTTP_UNAUTHORIZED))
- return;
-
- type = accel ? HDR_AUTHENTICATION_INFO : HDR_PROXY_AUTHENTICATION_INFO;
-
- if ((digestConfig.authenticate) && authDigestNonceLastRequest(nonce)) {
- debugs(29, 9, "authDigestAddTrailer: Sending type:" << type << " header: 'nextnonce=\"" << authenticateDigestNonceNonceb64(nonce) << "\"");
- httpTrailerPutStrf(&rep->header, type, "nextnonce=\"%s\"", authenticateDigestNonceNonceb64(nonce));
- }
-}
-
-#endif
-
/* add the [www-|Proxy-]authenticate header on a 407 or 401 reply */
void
-AuthDigestConfig::fixHeader(AuthUserRequest *auth_user_request, HttpReply *rep, http_hdr_type hdrType, HttpRequest * request)
+AuthDigestConfig::fixHeader(AuthUserRequest::Pointer auth_user_request, HttpReply *rep, http_hdr_type hdrType, HttpRequest * request)
{
if (!authenticate)
return;
int stale = 0;
- if (auth_user_request) {
+ if (auth_user_request != NULL) {
AuthDigestUserRequest *digest_request;
- digest_request = dynamic_cast < AuthDigestUserRequest * >(auth_user_request);
+ digest_request = dynamic_cast<AuthDigestUserRequest*>(auth_user_request.getRaw());
assert (digest_request != NULL);
stale = !digest_request->flags.invalid_password;
DigestUser::~DigestUser()
{
-
dlink_node *link, *tmplink;
link = nonces.head;
}
}
-static void
-authenticateDigestHandleReply(void *data, char *reply)
+int32_t
+DigestUser::ttl() const
{
- DigestAuthenticateStateData *replyData = static_cast < DigestAuthenticateStateData * >(data);
- AuthUserRequest *auth_user_request;
- AuthDigestUserRequest *digest_request;
- digest_user_h *digest_user;
- char *t = NULL;
- void *cbdata;
- debugs(29, 9, "authenticateDigestHandleReply: {" << (reply ? reply : "<NULL>") << "}");
-
- if (reply) {
- if ((t = strchr(reply, ' ')))
- *t++ = '\0';
-
- if (*reply == '\0' || *reply == '\n')
- reply = NULL;
- }
-
- assert(replyData->auth_user_request != NULL);
- auth_user_request = replyData->auth_user_request;
- digest_request = dynamic_cast < AuthDigestUserRequest * >(auth_user_request);
- assert(digest_request);
+ int32_t global_ttl = static_cast<int32_t>(expiretime - squid_curtime + Config.authenticateTTL);
- digest_user = dynamic_cast < digest_user_h * >(auth_user_request->user());
- assert(digest_user != NULL);
-
- if (reply && (strncasecmp(reply, "ERR", 3) == 0)) {
- digest_request->credentials(AuthDigestUserRequest::Failed);
- digest_request->flags.invalid_password = 1;
+ /* find the longest lasting nonce. */
+ int32_t latest_nonce = -1;
+ dlink_node *link = nonces.head;
+ while (link) {
+ digest_nonce_h *nonce = static_cast<digest_nonce_h *>(link->data);
+ if (nonce->flags.valid && nonce->noncedata.creationtime > latest_nonce)
+ latest_nonce = nonce->noncedata.creationtime;
- if (t && *t)
- digest_request->setDenyMessage(t);
- } else if (reply) {
- CvtBin(reply, digest_user->HA1);
- digest_user->HA1created = 1;
+ link = link->next;
}
+ if (latest_nonce == -1)
+ return min(-1, global_ttl);
- if (cbdataReferenceValidDone(replyData->data, &cbdata))
- replyData->handler(cbdata, NULL);
-
- //we know replyData->auth_user_request != NULL, or we'd have asserted
- AUTHUSERREQUESTUNLOCK(replyData->auth_user_request, "replyData");
+ int32_t nonce_ttl = latest_nonce - current_time.tv_sec + static_cast<AuthDigestConfig*>(AuthConfig::Find("digest"))->noncemaxduration;
- cbdataFree(replyData);
+ return min(nonce_ttl, global_ttl);
}
/* Initialize helpers and the like for this auth scheme. Called AFTER parsing the
AuthDigestConfig::init(AuthConfig * scheme)
{
if (authenticate) {
+ DigestFieldsInfo = httpHeaderBuildFieldsInfo(DigestAttrs, DIGEST_ENUM_END);
authenticateDigestNonceSetup();
authdigest_initialised = 1;
helperOpenServers(digestauthenticators);
- CBDATA_INIT_TYPE(DigestAuthenticateStateData);
+ CBDATA_INIT_TYPE(authenticateStateData);
}
}
safe_free(digestAuthRealm);
}
-AuthDigestConfig::AuthDigestConfig() : authenticateChildren(20)
+AuthDigestConfig::AuthDigestConfig()
{
/* TODO: move into initialisation list */
/* 5 minutes */
const char *
AuthDigestConfig::type() const
{
- return digestScheme::GetInstance().type();
+ return digestScheme::GetInstance()->type();
}
static void
authDigestNonceUserUnlink(digest_nonce_h * nonce)
{
- digest_user_h *digest_user;
+ DigestUser *digest_user;
dlink_node *link, *tmplink;
if (!nonce)
authDigestUserLinkNonce(DigestUser * user, digest_nonce_h * nonce)
{
dlink_node *node;
- digest_user_h *digest_user;
+ DigestUser *digest_user;
if (!user || !nonce)
return;
}
/* setup the necessary info to log the username */
-static AuthUserRequest *
-authDigestLogUsername(char *username, AuthDigestUserRequest *auth_user_request)
+static AuthUserRequest::Pointer
+authDigestLogUsername(char *username, AuthUserRequest::Pointer auth_user_request)
{
assert(auth_user_request != NULL);
/* log the username */
debugs(29, 9, "authDigestLogUsername: Creating new user for logging '" << username << "'");
- digest_user_h *digest_user = new DigestUser(&digestConfig);
+ AuthUser::Pointer digest_user = new DigestUser(static_cast<AuthDigestConfig*>(AuthConfig::Find("digest")));
/* save the credentials */
digest_user->username(username);
/* set the auth_user type */
digest_user->auth_type = AUTH_BROKEN;
/* link the request to the user */
- auth_user_request->authUser(digest_user);
auth_user_request->user(digest_user);
- digest_user->addRequest (auth_user_request);
return auth_user_request;
}
* Decode a Digest [Proxy-]Auth string, placing the results in the passed
* Auth_user structure.
*/
-AuthUserRequest *
+AuthUserRequest::Pointer
AuthDigestConfig::decode(char const *proxy_auth)
{
const char *item;
String temp(proxy_auth);
while (strListGetItem(&temp, ',', &item, &ilen, &pos)) {
- if ((p = strchr(item, '=')) && (p - item < ilen))
- ilen = p++ - item;
-
- if (!strncmp(item, "username", ilen)) {
- /* white space */
+ /* isolate directive name & value */
+ size_t nlen;
+ size_t vlen;
+ if ((p = (const char *)memchr(item, '=', ilen)) && (p - item < ilen)) {
+ nlen = p++ - item;
+ vlen = ilen - (p - item);
+ } else {
+ nlen = ilen;
+ vlen = 0;
+ }
- while (xisspace(*p))
- p++;
+ /* parse value. auth-param = token "=" ( token | quoted-string ) */
+ String value;
+ if (vlen > 0) {
+ if (*p == '"') {
+ if (!httpHeaderParseQuotedString(p, &value)) {
+ debugs(29, 9, "authDigestDecodeAuth: Failed to parse attribute '" << item << "' in '" << temp << "'");
+ continue;
+ }
+ } else {
+ value.limitInit(p, vlen);
+ }
+ } else {
+ debugs(29, 9, "authDigestDecodeAuth: Failed to parse attribute '" << item << "' in '" << temp << "'");
+ continue;
+ }
- /* quote mark */
- p++;
+ /* find type */
+ http_digest_attr_type type = (http_digest_attr_type)httpHeaderIdByName(item, nlen, DigestFieldsInfo, DIGEST_ENUM_END);
+ switch (type) {
+ case DIGEST_USERNAME:
safe_free(username);
- username = xstrndup(p, strchr(p, '"') + 1 - p);
-
+ username = xstrndup(value.rawBuf(), value.size() + 1);
debugs(29, 9, "authDigestDecodeAuth: Found Username '" << username << "'");
- } else if (!strncmp(item, "realm", ilen)) {
- /* white space */
-
- while (xisspace(*p))
- p++;
-
- /* quote mark */
- p++;
+ break;
+ case DIGEST_REALM:
safe_free(digest_request->realm);
- digest_request->realm = xstrndup(p, strchr(p, '"') + 1 - p);
-
+ digest_request->realm = xstrndup(value.rawBuf(), value.size() + 1);
debugs(29, 9, "authDigestDecodeAuth: Found realm '" << digest_request->realm << "'");
- } else if (!strncmp(item, "qop", ilen)) {
- /* white space */
-
- while (xisspace(*p))
- p++;
-
- if (*p == '\"')
- /* quote mark */
- p++;
+ break;
+ case DIGEST_QOP:
safe_free(digest_request->qop);
- digest_request->qop = xstrndup(p, strcspn(p, "\" \t\r\n()<>@,;:\\/[]?={}") + 1);
-
+ digest_request->qop = xstrndup(value.rawBuf(), value.size() + 1);
debugs(29, 9, "authDigestDecodeAuth: Found qop '" << digest_request->qop << "'");
- } else if (!strncmp(item, "algorithm", ilen)) {
- /* white space */
-
- while (xisspace(*p))
- p++;
-
- if (*p == '\"')
- /* quote mark */
- p++;
+ break;
+ case DIGEST_ALGORITHM:
safe_free(digest_request->algorithm);
- digest_request->algorithm = xstrndup(p, strcspn(p, "\" \t\r\n()<>@,;:\\/[]?={}") + 1);
-
+ digest_request->algorithm = xstrndup(value.rawBuf(), value.size() + 1);
debugs(29, 9, "authDigestDecodeAuth: Found algorithm '" << digest_request->algorithm << "'");
- } else if (!strncmp(item, "uri", ilen)) {
- /* white space */
-
- while (xisspace(*p))
- p++;
-
- /* quote mark */
- p++;
+ break;
+ case DIGEST_URI:
safe_free(digest_request->uri);
- digest_request->uri = xstrndup(p, strchr(p, '"') + 1 - p);
-
+ digest_request->uri = xstrndup(value.rawBuf(), value.size() + 1);
debugs(29, 9, "authDigestDecodeAuth: Found uri '" << digest_request->uri << "'");
- } else if (!strncmp(item, "nonce", ilen)) {
- /* white space */
-
- while (xisspace(*p))
- p++;
-
- /* quote mark */
- p++;
+ break;
+ case DIGEST_NONCE:
safe_free(digest_request->nonceb64);
- digest_request->nonceb64 = xstrndup(p, strchr(p, '"') + 1 - p);
-
+ digest_request->nonceb64 = xstrndup(value.rawBuf(), value.size() + 1);
debugs(29, 9, "authDigestDecodeAuth: Found nonce '" << digest_request->nonceb64 << "'");
- } else if (!strncmp(item, "nc", ilen)) {
- /* white space */
-
- while (xisspace(*p))
- p++;
-
- xstrncpy(digest_request->nc, p, 9);
+ break;
+ case DIGEST_NC:
+ if (value.size() != 8) {
+ debugs(29, 9, "authDigestDecodeAuth: Invalid nc '" << value << "' in '" << temp << "'");
+ }
+ xstrncpy(digest_request->nc, value.rawBuf(), value.size() + 1);
debugs(29, 9, "authDigestDecodeAuth: Found noncecount '" << digest_request->nc << "'");
- } else if (!strncmp(item, "cnonce", ilen)) {
- /* white space */
-
- while (xisspace(*p))
- p++;
-
- /* quote mark */
- p++;
+ break;
+ case DIGEST_CNONCE:
safe_free(digest_request->cnonce);
- digest_request->cnonce = xstrndup(p, strchr(p, '"') + 1 - p);
-
+ digest_request->cnonce = xstrndup(value.rawBuf(), value.size() + 1);
debugs(29, 9, "authDigestDecodeAuth: Found cnonce '" << digest_request->cnonce << "'");
- } else if (!strncmp(item, "response", ilen)) {
- /* white space */
-
- while (xisspace(*p))
- p++;
-
- /* quote mark */
- p++;
+ break;
+ case DIGEST_RESPONSE:
safe_free(digest_request->response);
- digest_request->response = xstrndup(p, strchr(p, '"') + 1 - p);
-
+ digest_request->response = xstrndup(value.rawBuf(), value.size() + 1);
debugs(29, 9, "authDigestDecodeAuth: Found response '" << digest_request->response << "'");
+ break;
+
+ default:
+ debugs(29, 3, "authDigestDecodeAuth: Unknown attribute '" << item << "' in '" << temp << "'");
+ break;
}
}
* correct values - 400/401/407
*/
- /* first the NONCE count */
+ /* 2069 requirements */
- if (digest_request->cnonce && strlen(digest_request->nc) != 8) {
- debugs(29, 4, "authenticateDigestDecode: nonce count length invalid");
+ /* do we have a username ? */
+ if (!username || username[0] == '\0') {
+ debugs(29, 2, "authenticateDigestDecode: Empty or not present username");
return authDigestLogUsername(username, digest_request);
}
- /* now the nonce */
- nonce = authenticateDigestNonceFindNonce(digest_request->nonceb64);
-
- if (!nonce) {
- /* we couldn't find a matching nonce! */
- debugs(29, 4, "authenticateDigestDecode: Unexpected or invalid nonce received");
+ /* Sanity check of the username.
+ * " can not be allowed in usernames until * the digest helper protocol
+ * have been redone
+ */
+ if (strchr(username, '"')) {
+ debugs(29, 2, "authenticateDigestDecode: Unacceptable username '" << username << "'");
return authDigestLogUsername(username, digest_request);
}
- digest_request->nonce = nonce;
- authDigestNonceLink(nonce);
-
- /* check the qop is what we expected. Note that for compatability with
- * RFC 2069 we should support a missing qop. Tough. */
+ /* do we have a realm ? */
+ if (!digest_request->realm || digest_request->realm[0] == '\0') {
+ debugs(29, 2, "authenticateDigestDecode: Empty or not present realm");
+ return authDigestLogUsername(username, digest_request);
+ }
- if (digest_request->qop && strcmp(digest_request->qop, QOP_AUTH) != 0) {
- /* we received a qop option we didn't send */
- debugs(29, 4, "authenticateDigestDecode: Invalid qop option received");
+ /* and a nonce? */
+ if (!digest_request->nonceb64 || digest_request->nonceb64[0] == '\0') {
+ debugs(29, 2, "authenticateDigestDecode: Empty or not present nonce");
return authDigestLogUsername(username, digest_request);
}
/* we can't check the URI just yet. We'll check it in the
- * authenticate phase */
+ * authenticate phase, but needs to be given */
+ if (!digest_request->uri || digest_request->uri[0] == '\0') {
+ debugs(29, 2, "authenticateDigestDecode: Missing URI field");
+ return authDigestLogUsername(username, digest_request);
+ }
/* is the response the correct length? */
-
if (!digest_request->response || strlen(digest_request->response) != 32) {
- debugs(29, 4, "authenticateDigestDecode: Response length invalid");
+ debugs(29, 2, "authenticateDigestDecode: Response length invalid");
return authDigestLogUsername(username, digest_request);
}
- /* do we have a username ? */
- if (!username || username[0] == '\0') {
- debugs(29, 4, "authenticateDigestDecode: Empty or not present username");
+ /* check the algorithm is present and supported */
+ if (!digest_request->algorithm)
+ digest_request->algorithm = xstrndup("MD5", 4);
+ else if (strcmp(digest_request->algorithm, "MD5")
+ && strcmp(digest_request->algorithm, "MD5-sess")) {
+ debugs(29, 2, "authenticateDigestDecode: invalid algorithm specified!");
return authDigestLogUsername(username, digest_request);
}
- /* check that we're not being hacked / the username hasn't changed */
- if (nonce->user && strcmp(username, nonce->user->username())) {
- debugs(29, 4, "authenticateDigestDecode: Username for the nonce does not equal the username for the request");
- return authDigestLogUsername(username, digest_request);
+ /* 2617 requirements, indicated by qop */
+ if (digest_request->qop) {
+
+ /* check the qop is what we expected. */
+ if (strcmp(digest_request->qop, QOP_AUTH) != 0) {
+ /* we received a qop option we didn't send */
+ debugs(29, 2, "authenticateDigestDecode: Invalid qop option received");
+ return authDigestLogUsername(username, digest_request);
+ }
+
+ /* check cnonce */
+ if (!digest_request->cnonce || digest_request->cnonce[0] == '\0') {
+ debugs(29, 2, "authenticateDigestDecode: Missing cnonce field");
+ return authDigestLogUsername(username, digest_request);
+ }
+
+ /* check nc */
+ if (strlen(digest_request->nc) != 8 || strspn(digest_request->nc, "0123456789abcdefABCDEF") != 8) {
+ debugs(29, 2, "authenticateDigestDecode: invalid nonce count");
+ return authDigestLogUsername(username, digest_request);
+ }
+ } else {
+ /* cnonce and nc both require qop */
+ if (digest_request->cnonce || digest_request->nc) {
+ debugs(29, 2, "authenticateDigestDecode: missing qop!");
+ return authDigestLogUsername(username, digest_request);
+ }
}
- /* if we got a qop, did we get a cnonce or did we get a cnonce wihtout a qop? */
- if ((digest_request->qop && !digest_request->cnonce)
- || (!digest_request->qop && digest_request->cnonce)) {
- debugs(29, 4, "authenticateDigestDecode: qop without cnonce, or vice versa!");
+ /** below nonce state dependent **/
+
+ /* now the nonce */
+ nonce = authenticateDigestNonceFindNonce(digest_request->nonceb64);
+ if (!nonce) {
+ /* we couldn't find a matching nonce! */
+ debugs(29, 2, "authenticateDigestDecode: Unexpected or invalid nonce received");
+ digest_request->user()->credentials(AuthUser::Failed);
return authDigestLogUsername(username, digest_request);
}
- /* check the algorithm is present and supported */
- if (!digest_request->algorithm)
- digest_request->algorithm = xstrndup("MD5", 4);
- else if (strcmp(digest_request->algorithm, "MD5")
- && strcmp(digest_request->algorithm, "MD5-sess")) {
- debugs(29, 4, "authenticateDigestDecode: invalid algorithm specified!");
+ digest_request->nonce = nonce;
+ authDigestNonceLink(nonce);
+
+ /* check that we're not being hacked / the username hasn't changed */
+ if (nonce->user && strcmp(username, nonce->user->username())) {
+ debugs(29, 2, "authenticateDigestDecode: Username for the nonce does not equal the username for the request");
return authDigestLogUsername(username, digest_request);
}
/* we don't send or parse opaques. Ok so we're flexable ... */
/* find the user */
- digest_user_h *digest_user;
+ DigestUser *digest_user;
- AuthUser *auth_user;
+ AuthUser::Pointer auth_user;
if ((auth_user = authDigestUserFindUsername(username)) == NULL) {
/* the user doesn't exist in the username cache yet */
debugs(29, 9, "authDigestDecodeAuth: Creating new digest user '" << username << "'");
- digest_user = new DigestUser (&digestConfig);
+ digest_user = new DigestUser(this);
/* auth_user is a parent */
auth_user = digest_user;
/* save the username */
authDigestUserLinkNonce(digest_user, nonce);
} else {
debugs(29, 9, "authDigestDecodeAuth: Found user '" << username << "' in the user cache as '" << auth_user << "'");
- digest_user = static_cast < digest_user_h * >(auth_user);
+ digest_user = static_cast<DigestUser *>(auth_user.getRaw());
xfree(username);
}
/*link the request and the user */
assert(digest_request != NULL);
- digest_request->authUser (digest_user);
-
digest_request->user(digest_user);
-
- digest_user->addRequest (digest_request);
-
debugs(29, 9, "username = '" << digest_user->username() << "'\nrealm = '" <<
digest_request->realm << "'\nqop = '" << digest_request->qop <<
"'\nalgorithm = '" << digest_request->algorithm << "'\nuri = '" <<
return digest_request;
}
-/* send the initial data to a digest authenticator module */
-void
-AuthDigestUserRequest::module_start(RH * handler, void *data)
-{
- DigestAuthenticateStateData *r = NULL;
- char buf[8192];
- digest_user_h *digest_user;
- assert(user()->auth_type == AUTH_DIGEST);
- digest_user = dynamic_cast < digest_user_h * >(user());
- assert(digest_user != NULL);
- debugs(29, 9, "authenticateStart: '\"" << digest_user->username() << "\":\"" << realm << "\"'");
-
- if (digestConfig.authenticate == NULL) {
- handler(data, NULL);
- return;
- }
-
- r = cbdataAlloc(DigestAuthenticateStateData);
- r->handler = handler;
- r->data = cbdataReference(data);
- r->auth_user_request = this;
- AUTHUSERREQUESTLOCK(r->auth_user_request, "r");
- if (digestConfig.utf8) {
- char userstr[1024];
- latin1_to_utf8(userstr, sizeof(userstr), digest_user->username());
- snprintf(buf, 8192, "\"%s\":\"%s\"\n", userstr, realm);
- } else {
- snprintf(buf, 8192, "\"%s\":\"%s\"\n", digest_user->username(), realm);
- }
-
- helperSubmit(digestauthenticators, buf, authenticateDigestHandleReply, r);
-}
-
-DigestUser::DigestUser (AuthConfig *aConfig) : AuthUser (aConfig), HA1created (0)
+DigestUser::DigestUser(AuthConfig *aConfig) : AuthUser(aConfig), HA1created (0)
{}
-
-AuthUser *
-AuthDigestUserRequest::authUser() const
-{
- return const_cast<AuthUser *>(user());
-}
-
-void
-AuthDigestUserRequest::authUser(AuthUser *aUser)
-{
- assert(!authUser());
- user(aUser);
- user()->lock();
-}
-
-AuthDigestUserRequest::CredentialsState
-AuthDigestUserRequest::credentials() const
-{
- return credentials_ok;
-}
-
-void
-AuthDigestUserRequest::credentials(CredentialsState newCreds)
-{
- credentials_ok = newCreds;
-}
-
-AuthDigestUserRequest::AuthDigestUserRequest() : nonceb64(NULL) ,cnonce(NULL) ,realm(NULL),
- pszPass(NULL) ,algorithm(NULL) ,pszMethod(NULL),
- qop(NULL) ,uri(NULL) ,response(NULL),
- nonce(NULL), _theUser (NULL) ,
- credentials_ok (Unchecked)
-{}
-
-/** delete the digest request structure. Does NOT delete related structures */
-AuthDigestUserRequest::~AuthDigestUserRequest()
-{
- safe_free (nonceb64);
- safe_free (cnonce);
- safe_free (realm);
- safe_free (pszPass);
- safe_free (algorithm);
- safe_free (pszMethod);
- safe_free (qop);
- safe_free (uri);
- safe_free (response);
-
- if (nonce)
- authDigestNonceUnlink(nonce);
-}
-
-AuthConfig *
-digestScheme::createConfig()
-{
- return &digestConfig;
-}
-
#ifndef __AUTH_DIGEST_H__
#define __AUTH_DIGEST_H__
-#include "rfc2617.h"
+
+#include "auth/Config.h"
#include "auth/Gadgets.h"
+#include "auth/State.h"
#include "auth/User.h"
#include "auth/UserRequest.h"
-#include "auth/Config.h"
#include "helper.h"
+#include "rfc2617.h"
/* Generic */
-class DigestAuthenticateStateData
-{
-
-public:
- void *data;
- AuthUserRequest *auth_user_request;
- RH *handler;
-};
-
typedef struct _digest_nonce_data digest_nonce_data;
typedef struct _digest_nonce_h digest_nonce_h;
DigestUser(AuthConfig *);
~DigestUser();
int authenticated() const;
+
+ virtual int32_t ttl() const;
+
HASH HA1;
int HA1created;
MEMPROXY_CLASS_INLINE(DigestUser);
-typedef class DigestUser digest_user_h;
-
-/* the digest_request structure is what follows the http_request around */
-
-class AuthDigestUserRequest : public AuthUserRequest
-{
-
-public:
- enum CredentialsState {Unchecked, Ok, Pending, Failed};
- MEMPROXY_CLASS(AuthDigestUserRequest);
-
- AuthDigestUserRequest();
- virtual ~AuthDigestUserRequest();
-
- virtual int authenticated() const;
- virtual void authenticate(HttpRequest * request, ConnStateData * conn, http_hdr_type type);
- virtual int module_direction();
- virtual void addHeader(HttpReply * rep, int accel);
-#if WAITING_FOR_TE
-
- virtual void addTrailer(HttpReply * rep, int accel);
-#endif
-
- virtual void module_start(RH *, void *);
- virtual AuthUser *user() {return _theUser;}
-
- virtual const AuthUser *user() const {return _theUser;}
-
- virtual void user(AuthUser *aUser) {_theUser=dynamic_cast<DigestUser *>(aUser);}
-
- CredentialsState credentials() const;
- void credentials(CredentialsState);
-
- void authUser(AuthUser *);
- AuthUser *authUser() const;
-
- char *nonceb64; /* "dcd98b7102dd2f0e8b11d0f600bfb0c093" */
- char *cnonce; /* "0a4f113b" */
- char *realm; /* = "testrealm@host.com" */
- char *pszPass; /* = "Circle Of Life" */
- char *algorithm; /* = "md5" */
- char nc[9]; /* = "00000001" */
- char *pszMethod; /* = "GET" */
- char *qop; /* = "auth" */
- char *uri; /* = "/dir/index.html" */
- char *response;
-
- struct {
- unsigned int authinfo_sent:1;
- unsigned int invalid_password:1;
- unsigned int helper_queried:1;
- } flags;
- digest_nonce_h *nonce;
-
-private:
- DigestUser *_theUser;
- CredentialsState credentials_ok;
-};
-
-MEMPROXY_CLASS_INLINE(AuthDigestUserRequest);
/* data to be encoded into the nonce's b64 representation */
} flags;
};
-#include "HelperChildConfig.h"
+extern void authDigestNonceUnlink(digest_nonce_h * nonce);
+extern int authDigestNonceIsValid(digest_nonce_h * nonce, char nc[9]);
+extern const char *authenticateDigestNonceNonceb64(const digest_nonce_h * nonce);
+extern const int authDigestNonceLastRequest(digest_nonce_h * nonce);
/* configuration runtime data */
AuthDigestConfig();
virtual bool active() const;
virtual bool configured() const;
- virtual AuthUserRequest *decode(char const *proxy_auth);
+ virtual AuthUserRequest::Pointer decode(char const *proxy_auth);
virtual void done();
+ virtual void rotateHelpers();
virtual void dump(StoreEntry *, const char *, AuthConfig *);
- virtual void fixHeader(AuthUserRequest *, HttpReply *, http_hdr_type, HttpRequest *);
+ virtual void fixHeader(AuthUserRequest::Pointer, HttpReply *, http_hdr_type, HttpRequest *);
virtual void init(AuthConfig *);
virtual void parse(AuthConfig *, int, char *);
virtual void registerWithCacheManager(void);
virtual const char * type() const;
- HelperChildConfig authenticateChildren;
char *digestAuthRealm;
- wordlist *authenticate;
time_t nonceGCInterval;
time_t noncemaxduration;
unsigned int noncemaxuses;
/* strings */
#define QOP_AUTH "auth"
+extern helper *digestauthenticators;
+
#endif
-
/*
* $Id$
*
*
*/
-#include "digestScheme.h"
+#include "config.h"
+#include "auth/digest/digestScheme.h"
+#include "helper.h"
-AuthScheme &
+AuthScheme::Pointer
digestScheme::GetInstance()
{
- if (_instance == NULL)
+ if (_instance == NULL) {
_instance = new digestScheme();
- return *_instance;
-}
-
-digestScheme::digestScheme()
-{
- AddScheme(*this);
+ AddScheme(_instance);
+ }
+ return _instance;
}
char const *
return "digest";
}
-digestScheme *digestScheme::_instance = NULL;
+AuthScheme::Pointer digestScheme::_instance = NULL;
+
+AuthConfig *
+digestScheme::createConfig()
+{
+ AuthDigestConfig *digestCfg = new AuthDigestConfig;
+ return dynamic_cast<AuthConfig*>(digestCfg);
+}
+
+void
+digestScheme::PurgeCredentialsCache(void)
+{
+ AuthUserHashPointer *usernamehash;
+ AuthUser::Pointer auth_user;
+ hash_first(proxy_auth_username_cache);
+
+ while ((usernamehash = static_cast<AuthUserHashPointer *>(hash_next(proxy_auth_username_cache)) )) {
+ auth_user = usernamehash->user();
+
+ if (strcmp(auth_user->config->type(), "digest") == 0) {
+ hash_remove_link(proxy_auth_username_cache, static_cast<hash_link*>(usernamehash));
+ delete usernamehash;
+ }
+ }
+}
-
/*
* $Id$
*
#define SQUID_DIGESTSCHEME_H
#include "auth/Scheme.h"
+#include "auth/digest/auth_digest.h"
/// \ingroup AuthSchemeAPI
/// \ingroup AuthAPI
{
public:
- static AuthScheme &GetInstance();
- digestScheme();
+ static AuthScheme::Pointer GetInstance();
+ digestScheme() {};
virtual ~digestScheme() {}
/* per scheme */
virtual char const *type () const;
virtual void done();
virtual AuthConfig *createConfig();
+
/* Not implemented */
digestScheme (digestScheme const &);
digestScheme &operator=(digestScheme const &);
private:
- static digestScheme *_instance;
+ static AuthScheme::Pointer _instance;
+
+ /**
+ * Remove all cached user credentials from circulation.
+ * Intended for use during shutdown procedure.
+ * After calling this all newly received credentials must be re-authenticated.
+ */
+ static void PurgeCredentialsCache(void);
};
#endif /* SQUID_DIGESTSCHEME_H */
--- /dev/null
+#include "config.h"
+#include "auth/digest/auth_digest.h"
+#include "auth/digest/digestUserRequest.h"
+#include "auth/State.h"
+#include "HttpReply.h"
+#include "HttpRequest.h"
+#include "SquidTime.h"
+
+AuthDigestUserRequest::AuthDigestUserRequest() :
+ nonceb64(NULL),
+ cnonce(NULL),
+ realm(NULL),
+ pszPass(NULL),
+ algorithm(NULL),
+ pszMethod(NULL),
+ qop(NULL),
+ uri(NULL),
+ response(NULL),
+ nonce(NULL)
+{}
+
+/**
+ * Delete the digest request structure.
+ * Does NOT delete related AuthUser structures
+ */
+AuthDigestUserRequest::~AuthDigestUserRequest()
+{
+ assert(RefCountCount()==0);
+
+ safe_free(nonceb64);
+ safe_free(cnonce);
+ safe_free(realm);
+ safe_free(pszPass);
+ safe_free(algorithm);
+ safe_free(pszMethod);
+ safe_free(qop);
+ safe_free(uri);
+ safe_free(response);
+
+ if (nonce)
+ authDigestNonceUnlink(nonce);
+}
+
+int
+AuthDigestUserRequest::authenticated() const
+{
+ if (user() != NULL && user()->credentials() == AuthUser::Ok)
+ return 1;
+
+ return 0;
+}
+
+/** log a digest user in
+ */
+void
+AuthDigestUserRequest::authenticate(HttpRequest * request, ConnStateData * conn, http_hdr_type type)
+{
+ HASHHEX SESSIONKEY;
+ HASHHEX HA2 = "";
+ HASHHEX Response;
+
+ /* if the check has corrupted the user, just return */
+ if (user() == NULL || user()->credentials() == AuthUser::Failed) {
+ return;
+ }
+
+ AuthUser::Pointer auth_user = user();
+
+ DigestUser *digest_user = dynamic_cast<DigestUser*>(auth_user.getRaw());
+ assert(digest_user != NULL);
+
+ AuthDigestUserRequest *digest_request = this;
+
+ /* do we have the HA1 */
+ if (!digest_user->HA1created) {
+ auth_user->credentials(AuthUser::Pending);
+ return;
+ }
+
+ if (digest_request->nonce == NULL) {
+ /* this isn't a nonce we issued */
+ auth_user->credentials(AuthUser::Failed);
+ return;
+ }
+
+ DigestCalcHA1(digest_request->algorithm, NULL, NULL, NULL,
+ authenticateDigestNonceNonceb64(digest_request->nonce),
+ digest_request->cnonce,
+ digest_user->HA1, SESSIONKEY);
+ DigestCalcResponse(SESSIONKEY, authenticateDigestNonceNonceb64(digest_request->nonce),
+ digest_request->nc, digest_request->cnonce, digest_request->qop,
+ RequestMethodStr(request->method), digest_request->uri, HA2, Response);
+
+ debugs(29, 9, "\nResponse = '" << digest_request->response << "'\nsquid is = '" << Response << "'");
+
+ if (strcasecmp(digest_request->response, Response) != 0) {
+ if (!digest_request->flags.helper_queried) {
+ /* Query the helper in case the password has changed */
+ digest_request->flags.helper_queried = 1;
+ auth_user->credentials(AuthUser::Pending);
+ return;
+ }
+
+ if (static_cast<AuthDigestConfig*>(AuthConfig::Find("digest"))->PostWorkaround && request->method != METHOD_GET) {
+ /* Ugly workaround for certain very broken browsers using the
+ * wrong method to calculate the request-digest on POST request.
+ * This should be deleted once Digest authentication becomes more
+ * widespread and such broken browsers no longer are commonly
+ * used.
+ */
+ DigestCalcResponse(SESSIONKEY, authenticateDigestNonceNonceb64(digest_request->nonce),
+ digest_request->nc, digest_request->cnonce, digest_request->qop,
+ RequestMethodStr(METHOD_GET), digest_request->uri, HA2, Response);
+
+ if (strcasecmp(digest_request->response, Response)) {
+ auth_user->credentials(AuthUser::Failed);
+ digest_request->flags.invalid_password = 1;
+ digest_request->setDenyMessage("Incorrect password");
+ return;
+ } else {
+ const char *useragent = request->header.getStr(HDR_USER_AGENT);
+
+ static Ip::Address last_broken_addr;
+ static int seen_broken_client = 0;
+
+ if (!seen_broken_client) {
+ last_broken_addr.SetNoAddr();
+ seen_broken_client = 1;
+ }
+
+ if (last_broken_addr != request->client_addr) {
+ debugs(29, 1, "\nDigest POST bug detected from " <<
+ request->client_addr << " using '" <<
+ (useragent ? useragent : "-") <<
+ "'. Please upgrade browser. See Bug #630 for details.");
+
+ last_broken_addr = request->client_addr;
+ }
+ }
+ } else {
+ auth_user->credentials(AuthUser::Failed);
+ digest_request->flags.invalid_password = 1;
+ digest_request->setDenyMessage("Incorrect password");
+ return;
+ }
+
+ /* check for stale nonce */
+ if (!authDigestNonceIsValid(digest_request->nonce, digest_request->nc)) {
+ debugs(29, 3, "authenticateDigestAuthenticateuser: user '" << auth_user->username() << "' validated OK but nonce stale");
+ auth_user->credentials(AuthUser::Failed);
+ digest_request->setDenyMessage("Stale nonce");
+ return;
+ }
+ }
+
+ auth_user->credentials(AuthUser::Ok);
+
+ /* password was checked and did match */
+ debugs(29, 4, "authenticateDigestAuthenticateuser: user '" << auth_user->username() << "' validated OK");
+
+ /* auth_user is now linked, we reset these values
+ * after external auth occurs anyway */
+ auth_user->expiretime = current_time.tv_sec;
+ return;
+}
+
+int
+AuthDigestUserRequest::module_direction()
+{
+ if (user()->auth_type != AUTH_DIGEST)
+ return -2;
+
+ switch (user()->credentials()) {
+
+ case AuthUser::Ok:
+ return 0;
+
+ case AuthUser::Failed:
+ /* send new challenge */
+ return 1;
+
+ case AuthUser::Unchecked:
+ case AuthUser::Pending:
+ return -1;
+
+ default:
+ return -2;
+ }
+}
+
+/* add the [proxy]authorisation header */
+void
+AuthDigestUserRequest::addHeader(HttpReply * rep, int accel)
+{
+ http_hdr_type type;
+
+ /* don't add to authentication error pages */
+
+ if ((!accel && rep->sline.status == HTTP_PROXY_AUTHENTICATION_REQUIRED)
+ || (accel && rep->sline.status == HTTP_UNAUTHORIZED))
+ return;
+
+ type = accel ? HDR_AUTHENTICATION_INFO : HDR_PROXY_AUTHENTICATION_INFO;
+
+#if WAITING_FOR_TE
+ /* test for http/1.1 transfer chunked encoding */
+ if (chunkedtest)
+ return;
+#endif
+
+ if ((static_cast<AuthDigestConfig*>(AuthConfig::Find("digest"))->authenticate) && authDigestNonceLastRequest(nonce)) {
+ flags.authinfo_sent = 1;
+ debugs(29, 9, "authDigestAddHead: Sending type:" << type << " header: 'nextnonce=\"" << authenticateDigestNonceNonceb64(nonce) << "\"");
+ httpHeaderPutStrf(&rep->header, type, "nextnonce=\"%s\"", authenticateDigestNonceNonceb64(nonce));
+ }
+}
+
+#if WAITING_FOR_TE
+/** add the [proxy]authorisation header */
+void
+AuthDigestUserRequest::addTrailer(HttpReply * rep, int accel)
+{
+ int type;
+
+ if (!auth_user_request)
+ return;
+
+ /* has the header already been send? */
+ if (flags.authinfo_sent)
+ return;
+
+ /* don't add to authentication error pages */
+ if ((!accel && rep->sline.status == HTTP_PROXY_AUTHENTICATION_REQUIRED)
+ || (accel && rep->sline.status == HTTP_UNAUTHORIZED))
+ return;
+
+ type = accel ? HDR_AUTHENTICATION_INFO : HDR_PROXY_AUTHENTICATION_INFO;
+
+ if ((static_cast<AuthDigestConfig*>(digestScheme::GetInstance()->getConfig())->authenticate) && authDigestNonceLastRequest(nonce)) {
+ debugs(29, 9, "authDigestAddTrailer: Sending type:" << type << " header: 'nextnonce=\"" << authenticateDigestNonceNonceb64(nonce) << "\"");
+ httpTrailerPutStrf(&rep->header, type, "nextnonce=\"%s\"", authenticateDigestNonceNonceb64(nonce));
+ }
+}
+#endif
+
+/* send the initial data to a digest authenticator module */
+void
+AuthDigestUserRequest::module_start(RH * handler, void *data)
+{
+ authenticateStateData *r = NULL;
+ char buf[8192];
+
+ assert(user() != NULL && user()->auth_type == AUTH_DIGEST);
+ debugs(29, 9, "authenticateStart: '\"" << user()->username() << "\":\"" << realm << "\"'");
+
+ if (static_cast<AuthDigestConfig*>(AuthConfig::Find("digest"))->authenticate == NULL) {
+ debugs(29, DBG_CRITICAL, "ERROR: No Digest authentication program configured.");
+ handler(data, NULL);
+ return;
+ }
+
+ r = cbdataAlloc(authenticateStateData);
+ r->handler = handler;
+ r->data = cbdataReference(data);
+ r->auth_user_request = static_cast<AuthUserRequest*>(this);
+ if (static_cast<AuthDigestConfig*>(AuthConfig::Find("digest"))->utf8) {
+ char userstr[1024];
+ latin1_to_utf8(userstr, sizeof(userstr), user()->username());
+ snprintf(buf, 8192, "\"%s\":\"%s\"\n", userstr, realm);
+ } else {
+ snprintf(buf, 8192, "\"%s\":\"%s\"\n", user()->username(), realm);
+ }
+
+ helperSubmit(digestauthenticators, buf, AuthDigestUserRequest::HandleReply, r);
+}
+
+void
+AuthDigestUserRequest::HandleReply(void *data, char *reply)
+{
+ authenticateStateData *replyData = static_cast < authenticateStateData * >(data);
+ char *t = NULL;
+ void *cbdata;
+ debugs(29, 9, HERE << "{" << (reply ? reply : "<NULL>") << "}");
+
+ if (reply) {
+ if ((t = strchr(reply, ' ')))
+ *t++ = '\0';
+
+ if (*reply == '\0' || *reply == '\n')
+ reply = NULL;
+ }
+
+ assert(replyData->auth_user_request != NULL);
+ AuthUserRequest::Pointer auth_user_request = replyData->auth_user_request;
+
+ if (reply && (strncasecmp(reply, "ERR", 3) == 0)) {
+ /* allow this because the digest_request pointer is purely local */
+ AuthDigestUserRequest *digest_request = dynamic_cast<AuthDigestUserRequest *>(auth_user_request.getRaw());
+ assert(digest_request);
+
+ digest_request->user()->credentials(AuthUser::Failed);
+ digest_request->flags.invalid_password = 1;
+
+ if (t && *t)
+ digest_request->setDenyMessage(t);
+ } else if (reply) {
+ /* allow this because the digest_request pointer is purely local */
+ DigestUser *digest_user = dynamic_cast<DigestUser *>(auth_user_request->user().getRaw());
+ assert(digest_user != NULL);
+
+ CvtBin(reply, digest_user->HA1);
+ digest_user->HA1created = 1;
+ }
+
+ if (cbdataReferenceValidDone(replyData->data, &cbdata))
+ replyData->handler(cbdata, NULL);
+
+ replyData->auth_user_request = NULL;
+
+ cbdataFree(replyData);
+}
--- /dev/null
+#ifndef _SQUID_SRC_AUTH_DIGEST_USERREQUEST_H
+#define _SQUID_SRC_AUTH_DIGEST_USERREQUEST_H
+
+#include "auth/UserRequest.h"
+#include "auth/digest/auth_digest.h"
+#include "MemPool.h"
+
+class ConnStateData;
+class HttpReply;
+class HttpRequest;
+
+/**
+ * The AuthDigestUserRequest structure is what follows the http_request around
+ */
+class AuthDigestUserRequest : public AuthUserRequest
+{
+
+public:
+ MEMPROXY_CLASS(AuthDigestUserRequest);
+
+ AuthDigestUserRequest();
+ virtual ~AuthDigestUserRequest();
+
+ virtual int authenticated() const;
+ virtual void authenticate(HttpRequest * request, ConnStateData * conn, http_hdr_type type);
+ virtual int module_direction();
+ virtual void addHeader(HttpReply * rep, int accel);
+#if WAITING_FOR_TE
+
+ virtual void addTrailer(HttpReply * rep, int accel);
+#endif
+
+ virtual void module_start(RH *, void *);
+
+ char *nonceb64; /* "dcd98b7102dd2f0e8b11d0f600bfb0c093" */
+ char *cnonce; /* "0a4f113b" */
+ char *realm; /* = "testrealm@host.com" */
+ char *pszPass; /* = "Circle Of Life" */
+ char *algorithm; /* = "md5" */
+ char nc[9]; /* = "00000001" */
+ char *pszMethod; /* = "GET" */
+ char *qop; /* = "auth" */
+ char *uri; /* = "/dir/index.html" */
+ char *response;
+
+ struct {
+ unsigned int authinfo_sent:1;
+ unsigned int invalid_password:1;
+ unsigned int helper_queried:1;
+ } flags;
+ digest_nonce_h *nonce;
+
+private:
+ static HLPCB HandleReply;
+};
+
+MEMPROXY_CLASS_INLINE(AuthDigestUserRequest);
+
+#endif /* _SQUID_SRC_AUTH_DIGEST_USERREQUEST_H */
#include "squid.h"
-#include "auth_negotiate.h"
+#include "auth/negotiate/auth_negotiate.h"
#include "auth/Gadgets.h"
+#include "auth/State.h"
#include "CacheManager.h"
#include "Store.h"
#include "client_side.h"
#include "HttpRequest.h"
#include "SquidTime.h"
/** \todo remove this include */
-#include "negotiateScheme.h"
+#include "auth/negotiate/negotiateScheme.h"
+#include "auth/negotiate/negotiateUserRequest.h"
#include "wordlist.h"
/**
\ingroup AuthNegotiateAPI
*/
-/**
- * Maximum length (buffer size) for token strings.
- */
-// AYJ: must match re-definition in helpers/negotiate_auth/squid_kerb_auth/squid_kerb_auth.c
-#define MAX_AUTHTOKEN_LEN 32768
-
-
-/// \ingroup AuthNegotiateInternal
-static void
-authenticateStateFree(authenticateStateData * r)
-{
- AUTHUSERREQUESTUNLOCK(r->auth_user_request, "r");
- cbdataFree(r);
-}
-
/* Negotiate Scheme */
-static HLPSCB authenticateNegotiateHandleReply;
static AUTHSSTATS authenticateNegotiateStats;
/// \ingroup AuthNegotiateInternal
-static statefulhelper *negotiateauthenticators = NULL;
-
-CBDATA_TYPE(authenticateStateData);
+statefulhelper *negotiateauthenticators = NULL;
/// \ingroup AuthNegotiateInternal
static int authnegotiate_initialised = 0;
/// \ingroup AuthNegotiateInternal
-static auth_negotiate_config negotiateConfig;
+AuthNegotiateConfig negotiateConfig;
/// \ingroup AuthNegotiateInternal
static hash_table *proxy_auth_cache = NULL;
*
*/
-/**
- \ingroup AuthNegotiateInternal
- \todo move to negotiateScheme.cc
- */
void
-negotiateScheme::done()
+AuthNegotiateConfig::rotateHelpers()
{
- /* TODO: this should be a Config call. */
- debugs(29, 2, "negotiateScheme::done: shutting down Negotiate authentication.");
-
- if (negotiateauthenticators)
+ /* schedule closure of existing helpers */
+ if (negotiateauthenticators) {
helperStatefulShutdown(negotiateauthenticators);
+ }
+
+ /* NP: dynamic helper restart will ensure they start up again as needed. */
+}
+void
+AuthNegotiateConfig::done()
+{
authnegotiate_initialised = 0;
+ if (negotiateauthenticators) {
+ helperStatefulShutdown(negotiateauthenticators);
+ }
+
if (!shutting_down)
return;
delete negotiateauthenticators;
negotiateauthenticators = NULL;
- debugs(29, 2, "negotiateScheme::done: Negotiate authentication Shutdown.");
-}
-
-void
-AuthNegotiateConfig::done()
-{
if (authenticate)
wordlistDestroy(&authenticate);
+
+ debugs(29, 2, "negotiateScheme::done: Negotiate authentication Shutdown.");
}
void
}
-AuthNegotiateConfig::AuthNegotiateConfig() : authenticateChildren(20), keep_alive(1)
+AuthNegotiateConfig::AuthNegotiateConfig() : keep_alive(1)
{ }
void
const char *
AuthNegotiateConfig::type() const
{
- return negotiateScheme::GetInstance().type();
+ return negotiateScheme::GetInstance()->type();
}
/**
}
/* Negotiate Scheme */
-/* See AuthUserRequest.cc::authenticateDirection for return values */
-int
-AuthNegotiateUserRequest::module_direction()
-{
- /* null auth_user is checked for by authenticateDirection */
-
- if (waiting || client_blob)
- return -1; /* need helper response to continue */
-
- switch (auth_state) {
-
- /* no progress at all. */
-
- case AUTHENTICATE_STATE_NONE:
- debugs(29, 1, "AuthNegotiateUserRequest::direction: called before Negotiate Authenticate for request " << this << "!. Report a bug to squid-dev.");
- return -2; /* error */
-
- case AUTHENTICATE_STATE_FAILED:
- return -2; /* error */
-
- case AUTHENTICATE_STATE_IN_PROGRESS:
- assert(server_blob);
- return 1; /* send to client */
-
- case AUTHENTICATE_STATE_DONE:
- return 0; /* do nothing */
-
- case AUTHENTICATE_STATE_INITIAL:
- debugs(29, 1, "AuthNegotiateUserRequest::direction: Unexpected AUTHENTICATE_STATE_INITIAL");
- return -2;
- }
-
- return -2;
-}
-
-/* add the [proxy]authorisation header */
void
-AuthNegotiateUserRequest::addHeader(HttpReply * rep, int accel)
-{
- http_hdr_type type;
-
- if (!server_blob)
- return;
-
- /* don't add to authentication error pages */
-
- if ((!accel && rep->sline.status == HTTP_PROXY_AUTHENTICATION_REQUIRED)
- || (accel && rep->sline.status == HTTP_UNAUTHORIZED))
- return;
-
- type = accel ? HDR_AUTHENTICATION_INFO : HDR_PROXY_AUTHENTICATION_INFO;
-
- httpHeaderPutStrf(&rep->header, type, "Negotiate %s", server_blob);
-
- safe_free(server_blob);
-}
-
-void
-AuthNegotiateConfig::fixHeader(AuthUserRequest *auth_user_request, HttpReply *rep, http_hdr_type reqType, HttpRequest * request)
+AuthNegotiateConfig::fixHeader(AuthUserRequest::Pointer auth_user_request, HttpReply *rep, http_hdr_type reqType, HttpRequest * request)
{
AuthNegotiateUserRequest *negotiate_request;
request->flags.proxy_keepalive = 0;
}
} else {
- negotiate_request = dynamic_cast<AuthNegotiateUserRequest *>(auth_user_request);
-
+ negotiate_request = dynamic_cast<AuthNegotiateUserRequest *>(auth_user_request.getRaw());
assert(negotiate_request != NULL);
- switch (negotiate_request->auth_state) {
+ switch (negotiate_request->user()->credentials()) {
- case AUTHENTICATE_STATE_FAILED:
+ case AuthUser::Failed:
/* here it makes sense to drop the connection, as auth is
* tied to it, even if MAYBE the client could handle it - Kinkie */
rep->header.delByName("keep-alive");
request->flags.proxy_keepalive = 0;
/* fall through */
- case AUTHENTICATE_STATE_DONE:
+ case AuthUser::Ok:
/* Special case: authentication finished OK but disallowed by ACL.
* Need to start over to give the client another chance.
*/
-
if (negotiate_request->server_blob) {
debugs(29, 9, "authenticateNegotiateFixErrorHeader: Sending type:" << reqType << " header: 'Negotiate " << negotiate_request->server_blob << "'");
httpHeaderPutStrf(&rep->header, reqType, "Negotiate %s", negotiate_request->server_blob);
debugs(29, 9, "authenticateNegotiateFixErrorHeader: Connection authenticated");
httpHeaderPutStrf(&rep->header, reqType, "Negotiate");
}
-
break;
- case AUTHENTICATE_STATE_NONE:
+ case AuthUser::Unchecked:
/* semantic change: do not drop the connection.
* 2.5 implementation used to keep it open - Kinkie */
debugs(29, 9, "AuthNegotiateConfig::fixHeader: Sending type:" << reqType << " header: 'Negotiate'");
httpHeaderPutStrf(&rep->header, reqType, "Negotiate");
break;
- case AUTHENTICATE_STATE_IN_PROGRESS:
+ case AuthUser::Handshake:
/* we're waiting for a response from the client. Pass it the blob */
debugs(29, 9, "AuthNegotiateConfig::fixHeader: Sending type:" << reqType << " header: 'Negotiate " << negotiate_request->server_blob << "'");
httpHeaderPutStrf(&rep->header, reqType, "Negotiate %s", negotiate_request->server_blob);
safe_free(negotiate_request->server_blob);
break;
-
default:
- debugs(29, 0, "AuthNegotiateConfig::fixHeader: state " << negotiate_request->auth_state << ".");
+ debugs(29, DBG_CRITICAL, "AuthNegotiateConfig::fixHeader: state " << negotiate_request->user()->credentials() << ".");
fatal("unexpected state in AuthenticateNegotiateFixErrorHeader.\n");
}
}
debugs(29, 5, "NegotiateUser::~NegotiateUser: doing nothing to clearNegotiate scheme data for '" << this << "'");
}
-static void
-authenticateNegotiateHandleReply(void *data, void *lastserver, char *reply)
+int32_t
+NegotiateUser::ttl() const
{
- authenticateStateData *r = static_cast<authenticateStateData *>(data);
-
- int valid;
- char *blob, *arg = NULL;
-
- AuthUserRequest *auth_user_request;
- AuthUser *auth_user;
- NegotiateUser *negotiate_user;
- AuthNegotiateUserRequest *negotiate_request;
-
- debugs(29, 8, "authenticateNegotiateHandleReply: helper: '" << lastserver << "' sent us '" << (reply ? reply : "<NULL>") << "'");
- valid = cbdataReferenceValid(r->data);
-
- if (!valid) {
- debugs(29, 1, "authenticateNegotiateHandleReply: invalid callback data. helper '" << lastserver << "'.");
- cbdataReferenceDone(r->data);
- authenticateStateFree(r);
- return;
- }
-
- if (!reply) {
- debugs(29, 1, "authenticateNegotiateHandleReply: Helper '" << lastserver << "' crashed!.");
- reply = (char *)"BH Internal error";
- }
-
- auth_user_request = r->auth_user_request;
- assert(auth_user_request != NULL);
- negotiate_request = dynamic_cast<AuthNegotiateUserRequest *>(auth_user_request);
-
- assert(negotiate_request != NULL);
- assert(negotiate_request->waiting);
- negotiate_request->waiting = 0;
- safe_free(negotiate_request->client_blob);
-
- auth_user = negotiate_request->user();
- assert(auth_user != NULL);
- assert(auth_user->auth_type == AUTH_NEGOTIATE);
- negotiate_user = dynamic_cast<negotiate_user_t *>(auth_user_request->user());
-
- assert(negotiate_user != NULL);
-
- if (negotiate_request->authserver == NULL)
- negotiate_request->authserver = static_cast<helper_stateful_server*>(lastserver);
- else
- assert(negotiate_request->authserver == lastserver);
-
- /* seperate out the useful data */
- blob = strchr(reply, ' ');
-
- if (blob) {
- blob++;
- arg = strchr(blob + 1, ' ');
- } else {
- arg = NULL;
- }
-
- if (strncasecmp(reply, "TT ", 3) == 0) {
- /* we have been given a blob to send to the client */
- if (arg)
- *arg++ = '\0';
- safe_free(negotiate_request->server_blob);
- negotiate_request->request->flags.must_keepalive = 1;
- if (negotiate_request->request->flags.proxy_keepalive) {
- negotiate_request->server_blob = xstrdup(blob);
- negotiate_request->auth_state = AUTHENTICATE_STATE_IN_PROGRESS;
- auth_user_request->denyMessage("Authentication in progress");
- debugs(29, 4, "authenticateNegotiateHandleReply: Need to challenge the client with a server blob '" << blob << "'");
- } else {
- negotiate_request->auth_state = AUTHENTICATE_STATE_FAILED;
- auth_user_request->denyMessage("NTLM authentication requires a persistent connection");
- }
- } else if (strncasecmp(reply, "AF ", 3) == 0 && arg != NULL) {
- /* we're finished, release the helper */
-
- if (arg)
- *arg++ = '\0';
-
- negotiate_user->username(arg);
-
- auth_user_request->denyMessage("Login successful");
-
- safe_free(negotiate_request->server_blob);
-
- negotiate_request->server_blob = xstrdup(blob);
-
- negotiate_request->releaseAuthServer();
-
- negotiate_request->auth_state = AUTHENTICATE_STATE_DONE;
-
- debugs(29, 4, "authenticateNegotiateHandleReply: Successfully validated user via Negotiate. Username '" << blob << "'");
-
- /* connection is authenticated */
- debugs(29, 4, "AuthNegotiateUserRequest::authenticate: authenticated user " << negotiate_user->username());
- /* see if this is an existing user with a different proxy_auth
- * string */
- AuthUserHashPointer *usernamehash = static_cast<AuthUserHashPointer *>(hash_lookup(proxy_auth_username_cache, negotiate_user->username()));
- AuthUser *local_auth_user = negotiate_request->user();
- while (usernamehash && (usernamehash->user()->auth_type != AUTH_NEGOTIATE || strcmp(usernamehash->user()->username(), negotiate_user->username()) != 0))
- usernamehash = static_cast<AuthUserHashPointer *>(usernamehash->next);
- if (usernamehash) {
- /* we can't seamlessly recheck the username due to the
- * challenge-response nature of the protocol.
- * Just free the temporary auth_user */
- usernamehash->user()->absorb(local_auth_user);
- //authenticateAuthUserMerge(local_auth_user, usernamehash->user());
- local_auth_user = usernamehash->user();
- negotiate_request->_auth_user = local_auth_user;
- } else {
- /* store user in hash's */
- local_auth_user->addToNameCache();
- // authenticateUserNameCacheAdd(local_auth_user);
- }
- /* set these to now because this is either a new login from an
- * existing user or a new user */
- local_auth_user->expiretime = current_time.tv_sec;
- negotiate_request->releaseAuthServer();
- negotiate_request->auth_state = AUTHENTICATE_STATE_DONE;
-
- } else if (strncasecmp(reply, "NA ", 3) == 0 && arg != NULL) {
- /* authentication failure (wrong password, etc.) */
-
- if (arg)
- *arg++ = '\0';
-
- auth_user_request->denyMessage(arg);
-
- negotiate_request->auth_state = AUTHENTICATE_STATE_FAILED;
-
- safe_free(negotiate_request->server_blob);
-
- negotiate_request->server_blob = xstrdup(blob);
-
- negotiate_request->releaseAuthServer();
-
- debugs(29, 4, "authenticateNegotiateHandleReply: Failed validating user via Negotiate. Error returned '" << blob << "'");
- } else if (strncasecmp(reply, "BH ", 3) == 0) {
- /* TODO kick off a refresh process. This can occur after a YR or after
- * a KK. If after a YR release the helper and resubmit the request via
- * Authenticate Negotiate start.
- * If after a KK deny the user's request w/ 407 and mark the helper as
- * Needing YR. */
- auth_user_request->denyMessage(blob);
- negotiate_request->auth_state = AUTHENTICATE_STATE_FAILED;
- safe_free(negotiate_request->server_blob);
- negotiate_request->releaseAuthServer();
- debugs(29, 1, "authenticateNegotiateHandleReply: Error validating user via Negotiate. Error returned '" << reply << "'");
- } else {
- /* protocol error */
- fatalf("authenticateNegotiateHandleReply: *** Unsupported helper response ***, '%s'\n", reply);
- }
-
- if (negotiate_request->request) {
- HTTPMSGUNLOCK(negotiate_request->request);
- negotiate_request->request = NULL;
- }
- r->handler(r->data, NULL);
- cbdataReferenceDone(r->data);
- authenticateStateFree(r);
+ return -1; // Negotiate cannot be cached.
}
static void
helperStatefulStats(sentry, negotiateauthenticators, "Negotiate Authenticator Statistics");
}
-
-/** send the initial data to a stateful negotiate authenticator module */
-void
-AuthNegotiateUserRequest::module_start(RH * handler, void *data)
-{
- authenticateStateData *r = NULL;
- static char buf[MAX_AUTHTOKEN_LEN];
- negotiate_user_t *negotiate_user;
- AuthUser *auth_user = user();
-
- assert(data);
- assert(handler);
- assert(auth_user);
- assert(auth_user->auth_type == AUTH_NEGOTIATE);
-
- negotiate_user = dynamic_cast<negotiate_user_t *>(user());
-
- debugs(29, 8, "AuthNegotiateUserRequest::module_start: auth state is '" << auth_state << "'");
-
- if (negotiateConfig.authenticate == NULL) {
- debugs(29, 0, "AuthNegotiateUserRequest::module_start: no Negotiate program specified.");
- handler(data, NULL);
- return;
- }
-
- r = cbdataAlloc(authenticateStateData);
- r->handler = handler;
- r->data = cbdataReference(data);
- r->auth_user_request = this;
- AUTHUSERREQUESTLOCK(r->auth_user_request, "r");
-
- if (auth_state == AUTHENTICATE_STATE_INITIAL) {
- snprintf(buf, MAX_AUTHTOKEN_LEN, "YR %s\n", client_blob); //CHECKME: can ever client_blob be 0 here?
- } else {
- snprintf(buf, MAX_AUTHTOKEN_LEN, "KK %s\n", client_blob);
- }
-
- waiting = 1;
-
- safe_free(client_blob);
- helperStatefulSubmit(negotiateauthenticators, buf, authenticateNegotiateHandleReply, r, authserver);
-}
-
-/**
- * Atomic action: properly release the Negotiate auth helpers which may have been reserved
- * for this request connections use.
- */
-void
-AuthNegotiateUserRequest::releaseAuthServer()
-{
- if (authserver) {
- debugs(29, 6, HERE << "releasing Negotiate auth server '" << authserver << "'");
- helperStatefulReleaseServer(authserver);
- authserver = NULL;
- } else
- debugs(29, 6, HERE << "No Negotiate auth server to release.");
-}
-
-/* clear any connection related authentication details */
-void
-AuthNegotiateUserRequest::onConnectionClose(ConnStateData *conn)
-{
- assert(conn != NULL);
-
- debugs(29, 8, "AuthNegotiateUserRequest::onConnectionClose: closing connection '" << conn << "' (this is '" << this << "')");
-
- if (conn->auth_user_request == NULL) {
- debugs(29, 8, "AuthNegotiateUserRequest::onConnectionClose: no auth_user_request");
- return;
- }
-
- releaseAuthServer();
-
- /* unlock the connection based lock */
- debugs(29, 9, "AuthNegotiateUserRequest::onConnectionClose: Unlocking auth_user from the connection '" << conn << "'.");
-
- AUTHUSERREQUESTUNLOCK(conn->auth_user_request, "conn");
-}
-
/*
* Decode a Negotiate [Proxy-]Auth string, placing the results in the passed
* Auth_user structure.
*/
-AuthUserRequest *
+AuthUserRequest::Pointer
AuthNegotiateConfig::decode(char const *proxy_auth)
{
NegotiateUser *newUser = new NegotiateUser(&negotiateConfig);
- AuthNegotiateUserRequest *auth_user_request = new AuthNegotiateUserRequest ();
+ AuthUserRequest *auth_user_request = new AuthNegotiateUserRequest();
assert(auth_user_request->user() == NULL);
+
auth_user_request->user(newUser);
auth_user_request->user()->auth_type = AUTH_NEGOTIATE;
- auth_user_request->user()->addRequest(auth_user_request);
/* all we have to do is identify that it's Negotiate - the helper does the rest */
debugs(29, 9, "AuthNegotiateConfig::decode: Negotiate authentication");
return auth_user_request;
}
-int
-AuthNegotiateUserRequest::authenticated() const
-{
- if (auth_state == AUTHENTICATE_STATE_DONE) {
- debugs(29, 9, "AuthNegotiateUserRequest::authenticated: user authenticated.");
- return 1;
- }
-
- debugs(29, 9, "AuthNegotiateUserRequest::authenticated: user not fully authenticated.");
-
- return 0;
-}
-
-void
-AuthNegotiateUserRequest::authenticate(HttpRequest * aRequest, ConnStateData * conn, http_hdr_type type)
-{
- const char *proxy_auth, *blob;
-
- /** \todo rename this!! */
- AuthUser *local_auth_user;
- negotiate_user_t *negotiate_user;
-
- local_auth_user = user();
- assert(local_auth_user);
- assert(local_auth_user->auth_type == AUTH_NEGOTIATE);
- negotiate_user = dynamic_cast<negotiate_user_t *>(local_auth_user);
- assert (this);
-
- /** Check that we are in the client side, where we can generate
- * auth challenges */
-
- if (conn == NULL) {
- auth_state = AUTHENTICATE_STATE_FAILED;
- debugs(29, 1, "AuthNegotiateUserRequest::authenticate: attempt to perform authentication without a connection!");
- return;
- }
-
- if (waiting) {
- debugs(29, 1, "AuthNegotiateUserRequest::authenticate: waiting for helper reply!");
- return;
- }
-
- if (server_blob) {
- debugs(29, 2, "AuthNegotiateUserRequest::authenticate: need to challenge client '" << server_blob << "'!");
- return;
- }
-
- /* get header */
- proxy_auth = aRequest->header.getStr(type);
-
- /* locate second word */
- blob = proxy_auth;
-
- if (blob) {
- while (xisspace(*blob) && *blob)
- blob++;
-
- while (!xisspace(*blob) && *blob)
- blob++;
-
- while (xisspace(*blob) && *blob)
- blob++;
- }
-
- switch (auth_state) {
-
- case AUTHENTICATE_STATE_NONE:
- /* we've received a negotiate request. pass to a helper */
- debugs(29, 9, "AuthNegotiateUserRequest::authenticate: auth state negotiate none. Received blob: '" << proxy_auth << "'");
- auth_state = AUTHENTICATE_STATE_INITIAL;
- safe_free(client_blob);
- client_blob=xstrdup(blob);
- conn->auth_type = AUTH_NEGOTIATE;
- assert(conn->auth_user_request == NULL);
- conn->auth_user_request = this;
- AUTHUSERREQUESTLOCK(conn->auth_user_request, "conn");
- request = aRequest;
- HTTPMSGLOCK(request);
- return;
-
- break;
-
- case AUTHENTICATE_STATE_INITIAL:
- debugs(29, 1, "AuthNegotiateUserRequest::authenticate: need to ask helper");
-
- return;
-
- break;
-
-
- case AUTHENTICATE_STATE_IN_PROGRESS:
- /* we should have received a blob from the client. Hand it off to
- * some helper */
- safe_free(client_blob);
-
- client_blob = xstrdup (blob);
-
- if (request)
- HTTPMSGUNLOCK(request);
- request = aRequest;
- HTTPMSGLOCK(request);
- return;
-
- break;
-
- case AUTHENTICATE_STATE_DONE:
- fatal("AuthNegotiateUserRequest::authenticate: unexpect auth state DONE! Report a bug to the squid developers.\n");
-
- break;
-
- case AUTHENTICATE_STATE_FAILED:
- /* we've failed somewhere in authentication */
- debugs(29, 9, "AuthNegotiateUserRequest::authenticate: auth state negotiate failed. " << proxy_auth);
-
- return;
-
- break;
- }
-
- return;
-}
-
-AuthNegotiateUserRequest::AuthNegotiateUserRequest() :
- /*conn(NULL),*/ auth_state(AUTHENTICATE_STATE_NONE),
- _theUser(NULL)
-{
- waiting=0;
- client_blob=0;
- server_blob=0;
- authserver=NULL;
- request=NULL;
-}
-
-AuthNegotiateUserRequest::~AuthNegotiateUserRequest()
-{
- safe_free(server_blob);
- safe_free(client_blob);
-
- if (authserver != NULL) {
- debugs(29, 9, "AuthNegotiateUserRequest::~AuthNegotiateUserRequest: releasing server '" << authserver << "'");
- helperStatefulReleaseServer(authserver);
- authserver = NULL;
- }
- if (request) {
- HTTPMSGUNLOCK(request);
- request = NULL;
- }
-}
-
void
NegotiateUser::deleteSelf() const
{
delete this;
}
-NegotiateUser::NegotiateUser (AuthConfig *aConfig) : AuthUser (aConfig)
+NegotiateUser::NegotiateUser(AuthConfig *aConfig) : AuthUser (aConfig)
{
proxy_auth_list.head = proxy_auth_list.tail = NULL;
}
-
-AuthConfig *
-negotiateScheme::createConfig()
-{
- return &negotiateConfig;
-}
-
-const char *
-AuthNegotiateUserRequest::connLastHeader()
-{
- return NULL;
-}
-
#ifndef __AUTH_NEGOTIATE_H__
#define __AUTH_NEGOTIATE_H__
+
+#include "auth/Config.h"
#include "auth/Gadgets.h"
+#include "auth/State.h"
#include "auth/User.h"
#include "auth/UserRequest.h"
-#include "auth/Config.h"
#include "helper.h"
/**
/// \ingroup AuthNegotiateAPI
#define DefaultAuthenticateChildrenMax 32 /* 32 processes */
-#ifndef __AUTH_AUTHENTICATE_STATE_T__
-#define __AUTH_AUTHENTICATE_STATE_T__
-
-/// \ingroup AuthNegotiateAPI
-typedef enum {
- AUTHENTICATE_STATE_NONE,
- AUTHENTICATE_STATE_INITIAL,
- AUTHENTICATE_STATE_IN_PROGRESS,
- AUTHENTICATE_STATE_DONE,
- AUTHENTICATE_STATE_FAILED
-} auth_state_t; /* connection level auth state */
-
-/* Generic */
-
-/// \ingroup AuthNegotiateAPI
-typedef struct {
- void *data;
- AuthUserRequest *auth_user_request;
- RH *handler;
-} authenticateStateData;
-#endif
-
/// \ingroup AuthNegotiateAPI
class NegotiateUser : public AuthUser
{
public:
MEMPROXY_CLASS(NegotiateUser);
- virtual void deleteSelf() const;
NegotiateUser(AuthConfig *);
~NegotiateUser();
+ virtual void deleteSelf() const;
+ virtual int32_t ttl() const;
+
dlink_list proxy_auth_list;
};
MEMPROXY_CLASS_INLINE(NegotiateUser);
-/// \ingroup AuthNegotiateAPI
-typedef class NegotiateUser negotiate_user_t;
-
-/// \ingroup AuthNegotiateAPI
-class AuthNegotiateUserRequest : public AuthUserRequest
-{
-
-public:
- MEMPROXY_CLASS(AuthNegotiateUserRequest);
-
- AuthNegotiateUserRequest();
- virtual ~AuthNegotiateUserRequest();
- virtual int authenticated() const;
- virtual void authenticate(HttpRequest * request, ConnStateData * conn, http_hdr_type type);
- virtual int module_direction();
- virtual void onConnectionClose(ConnStateData *);
- virtual void module_start(RH *, void *);
- virtual AuthUser *user() {return _theUser;}
-
- virtual const AuthUser *user() const {return _theUser;}
-
- virtual void addHeader(HttpReply * rep, int accel);
-
- virtual void user (AuthUser *aUser) {_theUser=dynamic_cast<NegotiateUser *>(aUser);}
-
- virtual const char * connLastHeader();
-
- /*we need to store the helper server between requests */
- helper_stateful_server *authserver;
- void releaseAuthServer(void); ///< Release the authserver helper server properly.
-
- /* what connection is this associated with */
- /* ConnStateData * conn;*/
-
- /* how far through the authentication process are we? */
- auth_state_t auth_state;
-
- /* our current blob to pass to the client */
- char *server_blob;
- /* our current blob to pass to the server */
- char *client_blob;
-
- /* currently waiting for helper response */
- unsigned char waiting;
-
- /* need access to the request flags to mess around on pconn failure */
- HttpRequest *request;
-
-private:
- /* the user */
- NegotiateUser * _theUser;
-};
-
-MEMPROXY_CLASS_INLINE(AuthNegotiateUserRequest);
-
-#include "HelperChildConfig.h"
+extern statefulhelper *negotiateauthenticators;
/* configuration runtime data */
AuthNegotiateConfig();
virtual bool active() const;
virtual bool configured() const;
- virtual AuthUserRequest *decode(char const *proxy_auth);
+ virtual AuthUserRequest::Pointer decode(char const *proxy_auth);
virtual void done();
+ virtual void rotateHelpers();
virtual void dump(StoreEntry *, const char *, AuthConfig *);
- virtual void fixHeader(AuthUserRequest *, HttpReply *, http_hdr_type, HttpRequest *);
+ virtual void fixHeader(AuthUserRequest::Pointer, HttpReply *, http_hdr_type, HttpRequest *);
virtual void init(AuthConfig *);
virtual void parse(AuthConfig *, int, char *);
virtual void registerWithCacheManager(void);
virtual const char * type() const;
- HelperChildConfig authenticateChildren;
int keep_alive;
- wordlist *authenticate;
};
-/// \ingroup AuthNegotiateAPI
-typedef class AuthNegotiateConfig auth_negotiate_config;
+extern AuthNegotiateConfig negotiateConfig;
#endif
-
/*
* $Id$
*
*
*/
-#include "negotiateScheme.h"
+#include "config.h"
+#include "auth/negotiate/negotiateScheme.h"
+#include "helper.h"
-AuthScheme &
+AuthScheme::Pointer
negotiateScheme::GetInstance()
{
- if (_instance == NULL)
+ if (_instance == NULL) {
_instance = new negotiateScheme();
- return *_instance;
-}
-
-negotiateScheme::negotiateScheme()
-{
- AddScheme(*this);
+ AddScheme(_instance);
+ }
+ return _instance;
}
char const *
return "negotiate";
}
-negotiateScheme *negotiateScheme::_instance = NULL;
+AuthScheme::Pointer negotiateScheme::_instance = NULL;
+
+/**
+ \ingroup AuthNegotiateInternal
+ \todo move to negotiateScheme.cc
+ */
+void
+negotiateScheme::done()
+{
+ /* clear the global handle to this scheme. */
+ _instance = NULL;
+
+ debugs(29, 2, "negotiateScheme::done: Negotiate authentication Shutdown.");
+}
+
+AuthConfig *
+negotiateScheme::createConfig()
+{
+ AuthNegotiateConfig *negotiateCfg = new AuthNegotiateConfig;
+ return dynamic_cast<AuthConfig*>(negotiateCfg);
+}
-
/*
* $Id$
*
#define SQUID_NEGOTIATESCHEME_H
#include "auth/Scheme.h"
+#include "auth/negotiate/auth_negotiate.h"
/// \ingroup AuthSchemeAPI
/// \ingroup AuthAPI
{
public:
- static AuthScheme &GetInstance();
- negotiateScheme();
+ static AuthScheme::Pointer GetInstance();
+ negotiateScheme() {};
virtual ~negotiateScheme() {};
/* per scheme */
virtual char const *type () const;
virtual void done();
virtual AuthConfig *createConfig();
+
/* Not implemented */
negotiateScheme (negotiateScheme const &);
negotiateScheme &operator=(negotiateScheme const &);
private:
- static negotiateScheme *_instance;
+ static AuthScheme::Pointer _instance;
};
#endif /* SQUID_negotiateSCHEME_H */
--- /dev/null
+#include "config.h"
+#include "auth/negotiate/auth_negotiate.h"
+#include "auth/negotiate/negotiateUserRequest.h"
+#include "auth/User.h"
+#include "helper.h"
+#include "HttpReply.h"
+#include "HttpRequest.h"
+#include "SquidTime.h"
+
+/**
+ * Maximum length (buffer size) for token strings.
+ */
+// AYJ: must match re-definition in helpers/negotiate_auth/kerberos/negotiate_kerb_auth.cc
+#define MAX_AUTHTOKEN_LEN 32768
+
+AuthNegotiateUserRequest::AuthNegotiateUserRequest()
+{
+ waiting=0;
+ client_blob=0;
+ server_blob=0;
+ authserver=NULL;
+ request=NULL;
+}
+
+AuthNegotiateUserRequest::~AuthNegotiateUserRequest()
+{
+ assert(RefCountCount()==0);
+ safe_free(server_blob);
+ safe_free(client_blob);
+
+ if (authserver != NULL) {
+ debugs(29, 9, HERE << "releasing server '" << authserver << "'");
+ helperStatefulReleaseServer(authserver);
+ authserver = NULL;
+ }
+ if (request) {
+ HTTPMSGUNLOCK(request);
+ request = NULL;
+ }
+}
+
+const char *
+AuthNegotiateUserRequest::connLastHeader()
+{
+ return NULL;
+}
+
+int
+AuthNegotiateUserRequest::authenticated() const
+{
+ if (user() != NULL && user()->credentials() == AuthUser::Ok) {
+ debugs(29, 9, HERE << "user authenticated.");
+ return 1;
+ }
+
+ debugs(29, 9, HERE << "user not fully authenticated.");
+ return 0;
+}
+
+/* See AuthUserRequest.cc::authenticateDirection for return values */
+int
+AuthNegotiateUserRequest::module_direction()
+{
+ /* null auth_user is checked for by authenticateDirection */
+
+ if (waiting || client_blob)
+ return -1; /* need helper response to continue */
+
+ if (user()->auth_type != AUTH_NEGOTIATE)
+ return -2;
+
+ switch (user()->credentials()) {
+
+ case AuthUser::Handshake:
+ assert(server_blob);
+ return 1; /* send to client */
+
+ case AuthUser::Ok:
+ return 0; /* do nothing */
+
+ case AuthUser::Failed:
+ return -2;
+
+ default:
+ debugs(29, DBG_IMPORTANT, "WARNING: Negotiate Authentication in unexpected state: " << user()->credentials());
+ return -2;
+ }
+}
+
+/* add the [proxy]authorisation header */
+void
+AuthNegotiateUserRequest::addHeader(HttpReply * rep, int accel)
+{
+ http_hdr_type type;
+
+ if (!server_blob)
+ return;
+
+ /* don't add to authentication error pages */
+ if ((!accel && rep->sline.status == HTTP_PROXY_AUTHENTICATION_REQUIRED)
+ || (accel && rep->sline.status == HTTP_UNAUTHORIZED))
+ return;
+
+ type = accel ? HDR_AUTHENTICATION_INFO : HDR_PROXY_AUTHENTICATION_INFO;
+ httpHeaderPutStrf(&rep->header, type, "Negotiate %s", server_blob);
+
+ safe_free(server_blob);
+}
+
+/** send the initial data to a stateful negotiate authenticator module */
+void
+AuthNegotiateUserRequest::module_start(RH * handler, void *data)
+{
+ static char buf[MAX_AUTHTOKEN_LEN];
+
+ assert(data);
+ assert(handler);
+
+ assert(user() != NULL);
+ assert(user()->auth_type == AUTH_NEGOTIATE);
+
+ debugs(29, 8, HERE << "auth state is '" << user()->credentials() << "'");
+
+ if (static_cast<AuthNegotiateConfig*>(AuthConfig::Find("negotiate"))->authenticate == NULL) {
+ debugs(29, DBG_CRITICAL, "ERROR: No Negotiate authentication program configured.");
+ handler(data, NULL);
+ return;
+ }
+
+ authenticateStateData *r = cbdataAlloc(authenticateStateData);
+ r->handler = handler;
+ r->data = cbdataReference(data);
+ r->auth_user_request = this;
+
+ if (user()->credentials() == AuthUser::Pending) {
+ snprintf(buf, MAX_AUTHTOKEN_LEN, "YR %s\n", client_blob); //CHECKME: can ever client_blob be 0 here?
+ } else {
+ snprintf(buf, MAX_AUTHTOKEN_LEN, "KK %s\n", client_blob);
+ }
+
+ waiting = 1;
+
+ safe_free(client_blob);
+ helperStatefulSubmit(negotiateauthenticators, buf, AuthNegotiateUserRequest::HandleReply, r, authserver);
+}
+
+/**
+ * Atomic action: properly release the Negotiate auth helpers which may have been reserved
+ * for this request connections use.
+ */
+void
+AuthNegotiateUserRequest::releaseAuthServer()
+{
+ if (authserver) {
+ debugs(29, 6, HERE << "releasing Negotiate auth server '" << authserver << "'");
+ helperStatefulReleaseServer(authserver);
+ authserver = NULL;
+ } else
+ debugs(29, 6, HERE << "No Negotiate auth server to release.");
+}
+
+/* clear any connection related authentication details */
+void
+AuthNegotiateUserRequest::onConnectionClose(ConnStateData *conn)
+{
+ assert(conn != NULL);
+
+ debugs(29, 8, "AuthNegotiateUserRequest::onConnectionClose: closing connection '" << conn << "' (this is '" << this << "')");
+
+ if (conn->auth_user_request == NULL) {
+ debugs(29, 8, "AuthNegotiateUserRequest::onConnectionClose: no auth_user_request");
+ return;
+ }
+
+ releaseAuthServer();
+
+ /* unlock the connection based lock */
+ debugs(29, 9, "AuthNegotiateUserRequest::onConnectionClose: Unlocking auth_user from the connection '" << conn << "'.");
+
+ conn->auth_user_request = NULL;
+}
+
+void
+AuthNegotiateUserRequest::authenticate(HttpRequest * aRequest, ConnStateData * conn, http_hdr_type type)
+{
+ assert (this);
+
+ /** Check that we are in the client side, where we can generate auth challenges */
+ if (conn == NULL) {
+ user()->credentials(AuthUser::Failed);
+ debugs(29, DBG_IMPORTANT, "WARNING: Negotiate Authentication attempt to perform authentication without a connection!");
+ return;
+ }
+
+ if (waiting) {
+ debugs(29, DBG_IMPORTANT, "WARNING: Negotiate Authentication waiting for helper reply!");
+ return;
+ }
+
+ if (server_blob) {
+ debugs(29, 2, HERE << "need to challenge client '" << server_blob << "'!");
+ return;
+ }
+
+ /* get header */
+ const char *proxy_auth = aRequest->header.getStr(type);
+
+ /* locate second word */
+ const char *blob = proxy_auth;
+
+ if (blob) {
+ while (xisspace(*blob) && *blob)
+ blob++;
+
+ while (!xisspace(*blob) && *blob)
+ blob++;
+
+ while (xisspace(*blob) && *blob)
+ blob++;
+ }
+
+ switch (user()->credentials()) {
+
+ case AuthUser::Unchecked:
+ /* we've received a negotiate request. pass to a helper */
+ debugs(29, 9, HERE << "auth state negotiate none. Received blob: '" << proxy_auth << "'");
+ user()->credentials(AuthUser::Pending);
+ safe_free(client_blob);
+ client_blob=xstrdup(blob);
+ assert(conn->auth_user_request == NULL);
+ conn->auth_user_request = this;
+ request = aRequest;
+ HTTPMSGLOCK(request);
+ break;
+
+ case AuthUser::Pending:
+ debugs(29, 1, HERE << "need to ask helper");
+ break;
+
+ case AuthUser::Handshake:
+ /* we should have received a blob from the client. Hand it off to
+ * some helper */
+ safe_free(client_blob);
+ client_blob = xstrdup(blob);
+ if (request)
+ HTTPMSGUNLOCK(request);
+ request = aRequest;
+ HTTPMSGLOCK(request);
+ break;
+
+ case AuthUser::Ok:
+ fatal("AuthNegotiateUserRequest::authenticate: unexpected auth state DONE! Report a bug to the squid developers.\n");
+ break;
+
+ case AuthUser::Failed:
+ /* we've failed somewhere in authentication */
+ debugs(29, 9, HERE << "auth state negotiate failed. " << proxy_auth);
+ break;
+ }
+
+ return;
+}
+
+void
+AuthNegotiateUserRequest::HandleReply(void *data, void *lastserver, char *reply)
+{
+ authenticateStateData *r = static_cast<authenticateStateData *>(data);
+
+ int valid;
+ char *blob, *arg = NULL;
+
+ debugs(29, 8, HERE << "helper: '" << lastserver << "' sent us '" << (reply ? reply : "<NULL>") << "'");
+ valid = cbdataReferenceValid(r->data);
+
+ if (!valid) {
+ debugs(29, DBG_IMPORTANT, "ERROR: Negotiate Authentication invalid callback data. helper '" << lastserver << "'.");
+ cbdataReferenceDone(r->data);
+ authenticateStateFree(r);
+ return;
+ }
+
+ if (!reply) {
+ debugs(29, DBG_IMPORTANT, "ERROR: Negotiate Authentication Helper '" << lastserver << "' crashed!.");
+ reply = (char *)"BH Internal error";
+ }
+
+ AuthUserRequest::Pointer auth_user_request = r->auth_user_request;
+ assert(auth_user_request != NULL);
+
+ AuthNegotiateUserRequest *negotiate_request = dynamic_cast<AuthNegotiateUserRequest *>(auth_user_request.getRaw());
+ assert(negotiate_request != NULL);
+
+ assert(negotiate_request->waiting);
+ negotiate_request->waiting = 0;
+ safe_free(negotiate_request->client_blob);
+
+ assert(auth_user_request->user() != NULL);
+ assert(auth_user_request->user()->auth_type == AUTH_NEGOTIATE);
+
+ if (negotiate_request->authserver == NULL)
+ negotiate_request->authserver = static_cast<helper_stateful_server*>(lastserver);
+ else
+ assert(negotiate_request->authserver == lastserver);
+
+ /* seperate out the useful data */
+ blob = strchr(reply, ' ');
+
+ if (blob) {
+ blob++;
+ arg = strchr(blob + 1, ' ');
+ } else {
+ arg = NULL;
+ }
+
+ if (strncasecmp(reply, "TT ", 3) == 0) {
+ /* we have been given a blob to send to the client */
+ if (arg)
+ *arg++ = '\0';
+ safe_free(negotiate_request->server_blob);
+ negotiate_request->request->flags.must_keepalive = 1;
+ if (negotiate_request->request->flags.proxy_keepalive) {
+ negotiate_request->server_blob = xstrdup(blob);
+ auth_user_request->user()->credentials(AuthUser::Handshake);
+ auth_user_request->denyMessage("Authentication in progress");
+ debugs(29, 4, HERE << "Need to challenge the client with a server blob '" << blob << "'");
+ } else {
+ auth_user_request->user()->credentials(AuthUser::Failed);
+ auth_user_request->denyMessage("NTLM authentication requires a persistent connection");
+ }
+ } else if (strncasecmp(reply, "AF ", 3) == 0 && arg != NULL) {
+ /* we're finished, release the helper */
+
+ if (arg)
+ *arg++ = '\0';
+
+ auth_user_request->user()->username(arg);
+ auth_user_request->denyMessage("Login successful");
+ safe_free(negotiate_request->server_blob);
+ negotiate_request->server_blob = xstrdup(blob);
+ negotiate_request->releaseAuthServer();
+ auth_user_request->user()->credentials(AuthUser::Ok);
+ debugs(29, 4, HERE << "Successfully validated user via Negotiate. Username '" << blob << "'");
+
+ /* connection is authenticated */
+ debugs(29, 4, HERE << "authenticated user " << auth_user_request->user()->username());
+ /* see if this is an existing user with a different proxy_auth
+ * string */
+ AuthUserHashPointer *usernamehash = static_cast<AuthUserHashPointer *>(hash_lookup(proxy_auth_username_cache, auth_user_request->user()->username()));
+ AuthUser::Pointer local_auth_user = negotiate_request->user();
+ while (usernamehash && (usernamehash->user()->auth_type != AUTH_NEGOTIATE || strcmp(usernamehash->user()->username(), auth_user_request->user()->username()) != 0))
+ usernamehash = static_cast<AuthUserHashPointer *>(usernamehash->next);
+ if (usernamehash) {
+ /* we can't seamlessly recheck the username due to the
+ * challenge-response nature of the protocol.
+ * Just free the temporary auth_user after merging as
+ * much of it new state into the existing one as possible */
+ usernamehash->user()->absorb(local_auth_user);
+ local_auth_user = usernamehash->user();
+ /* from here on we are working with the original cached credentials. */
+ negotiate_request->_auth_user = local_auth_user;
+ } else {
+ /* store user in hash's */
+ local_auth_user->addToNameCache();
+ }
+ /* set these to now because this is either a new login from an
+ * existing user or a new user */
+ local_auth_user->expiretime = current_time.tv_sec;
+ negotiate_request->releaseAuthServer();
+ negotiate_request->user()->credentials(AuthUser::Ok);
+
+ } else if (strncasecmp(reply, "NA ", 3) == 0 && arg != NULL) {
+ /* authentication failure (wrong password, etc.) */
+
+ if (arg)
+ *arg++ = '\0';
+
+ auth_user_request->denyMessage(arg);
+ negotiate_request->user()->credentials(AuthUser::Failed);
+ safe_free(negotiate_request->server_blob);
+ negotiate_request->server_blob = xstrdup(blob);
+ negotiate_request->releaseAuthServer();
+ debugs(29, 4, HERE << "Failed validating user via Negotiate. Error returned '" << blob << "'");
+ } else if (strncasecmp(reply, "BH ", 3) == 0) {
+ /* TODO kick off a refresh process. This can occur after a YR or after
+ * a KK. If after a YR release the helper and resubmit the request via
+ * Authenticate Negotiate start.
+ * If after a KK deny the user's request w/ 407 and mark the helper as
+ * Needing YR. */
+ auth_user_request->denyMessage(blob);
+ auth_user_request->user()->credentials(AuthUser::Failed);
+ safe_free(negotiate_request->server_blob);
+ negotiate_request->releaseAuthServer();
+ debugs(29, DBG_IMPORTANT, "ERROR: Negotiate Authentication validating user. Error returned '" << reply << "'");
+ } else {
+ /* protocol error */
+ fatalf("authenticateNegotiateHandleReply: *** Unsupported helper response ***, '%s'\n", reply);
+ }
+
+ negotiate_request->request = NULL;
+ r->handler(r->data, NULL);
+ cbdataReferenceDone(r->data);
+ authenticateStateFree(r);
+}
+
--- /dev/null
+#ifndef _SQUID_SRC_AUTH_NEGOTIATE_USERREQUEST_H
+#define _SQUID_SRC_AUTH_NEGOTIATE_USERREQUEST_H
+
+#include "auth/UserRequest.h"
+#include "helper.h"
+#include "MemPool.h"
+
+class ConnStateData;
+class HttpReply;
+class HttpRequest;
+struct helper_stateful_server;
+
+/// \ingroup AuthNegotiateAPI
+class AuthNegotiateUserRequest : public AuthUserRequest
+{
+
+public:
+ MEMPROXY_CLASS(AuthNegotiateUserRequest);
+
+ AuthNegotiateUserRequest();
+ virtual ~AuthNegotiateUserRequest();
+ virtual int authenticated() const;
+ virtual void authenticate(HttpRequest * request, ConnStateData * conn, http_hdr_type type);
+ virtual int module_direction();
+ virtual void onConnectionClose(ConnStateData *);
+ virtual void module_start(RH *, void *);
+
+ virtual void addHeader(HttpReply * rep, int accel);
+
+ virtual const char * connLastHeader();
+
+ /* we need to store the helper server between requests */
+ helper_stateful_server *authserver;
+ void releaseAuthServer(void); ///< Release the authserver helper server properly.
+
+ /* what connection is this associated with */
+ /* ConnStateData * conn;*/
+
+ /* our current blob to pass to the client */
+ char *server_blob;
+ /* our current blob to pass to the server */
+ char *client_blob;
+
+ /* currently waiting for helper response */
+ unsigned char waiting;
+
+ /* need access to the request flags to mess around on pconn failure */
+ HttpRequest *request;
+
+private:
+ static HLPSCB HandleReply;
+};
+
+MEMPROXY_CLASS_INLINE(AuthNegotiateUserRequest);
+
+#endif /* _SQUID_SRC_AUTH_NEGOTIATE_USERREQUEST_H */
#include "squid.h"
-#include "auth_ntlm.h"
#include "auth/Gadgets.h"
+#include "auth/ntlm/auth_ntlm.h"
+#include "auth/ntlm/ntlmScheme.h"
+#include "auth/ntlm/ntlmUserRequest.h"
+#include "auth/State.h"
#include "CacheManager.h"
#include "Store.h"
#include "client_side.h"
#include "HttpReply.h"
#include "HttpRequest.h"
-/* TODO remove this include */
-#include "ntlmScheme.h"
#include "wordlist.h"
#include "SquidTime.h"
-
-static void
-authenticateStateFree(authenticateStateData * r)
-{
- AUTHUSERREQUESTUNLOCK(r->auth_user_request, "r");
- cbdataFree(r);
-}
-
/* NTLM Scheme */
-static HLPSCB authenticateNTLMHandleReply;
static AUTHSSTATS authenticateNTLMStats;
-static statefulhelper *ntlmauthenticators = NULL;
-
-CBDATA_TYPE(authenticateStateData);
-
+statefulhelper *ntlmauthenticators = NULL;
static int authntlm_initialised = 0;
-static auth_ntlm_config ntlmConfig;
-
static hash_table *proxy_auth_cache = NULL;
/*
*
*/
-/* move to ntlmScheme.cc */
void
-ntlmScheme::done()
+AuthNTLMConfig::rotateHelpers()
{
- /* TODO: this should be a Config call. */
- debugs(29, 2, "ntlmScheme::done: shutting down NTLM authentication.");
-
- if (ntlmauthenticators)
+ /* schedule closure of existing helpers */
+ if (ntlmauthenticators) {
helperStatefulShutdown(ntlmauthenticators);
+ }
+ /* NP: dynamic helper restart will ensure they start up again as needed. */
+}
+
+/* free any allocated configuration details */
+void
+AuthNTLMConfig::done()
+{
authntlm_initialised = 0;
+ if (ntlmauthenticators) {
+ helperStatefulShutdown(ntlmauthenticators);
+ }
+
if (!shutting_down)
return;
delete ntlmauthenticators;
ntlmauthenticators = NULL;
- debugs(29, 2, "ntlmScheme::done: NTLM authentication Shutdown.");
-}
-
-/* free any allocated configuration details */
-void
-AuthNTLMConfig::done()
-{
if (authenticate)
wordlistDestroy(&authenticate);
+
+ debugs(29, 2, "ntlmScheme::done: NTLM authentication Shutdown.");
}
void
}
-AuthNTLMConfig::AuthNTLMConfig() : authenticateChildren(20), keep_alive(1)
+AuthNTLMConfig::AuthNTLMConfig() : keep_alive(1)
{ }
void
const char *
AuthNTLMConfig::type() const
{
- return ntlmScheme::GetInstance().type();
+ return ntlmScheme::GetInstance()->type();
}
/* Initialize helpers and the like for this auth scheme. Called AFTER parsing the
}
/* NTLM Scheme */
-/* See AuthUserRequest.cc::authenticateDirection for return values */
-int
-AuthNTLMUserRequest::module_direction()
-{
- /* null auth_user is checked for by authenticateDirection */
-
- if (waiting || client_blob)
- return -1; /* need helper response to continue */
-
- switch (auth_state) {
-
- /* no progress at all. */
-
- case AUTHENTICATE_STATE_NONE:
- debugs(29, 1, "AuthNTLMUserRequest::direction: called before NTLM Authenticate for request " << this << "!. Report a bug to squid-dev.");
- return -2; /* error */
-
- case AUTHENTICATE_STATE_FAILED:
- return -2; /* error */
-
-
- case AUTHENTICATE_STATE_IN_PROGRESS:
- assert(server_blob);
- return 1; /* send to client */
-
- case AUTHENTICATE_STATE_DONE:
- return 0; /* do nothing */
-
- case AUTHENTICATE_STATE_INITIAL:
- debugs(29, 1, "AuthNTLMUserRequest::direction: Unexpected AUTHENTICATE_STATE_INITIAL");
- return -2;
- }
-
- return -2;
-}
void
-AuthNTLMConfig::fixHeader(AuthUserRequest *auth_user_request, HttpReply *rep, http_hdr_type hdrType, HttpRequest * request)
+AuthNTLMConfig::fixHeader(AuthUserRequest::Pointer auth_user_request, HttpReply *rep, http_hdr_type hdrType, HttpRequest * request)
{
- AuthNTLMUserRequest *ntlm_request;
-
if (!authenticate)
return;
request->flags.proxy_keepalive = 0;
}
} else {
- ntlm_request = dynamic_cast<AuthNTLMUserRequest *>(auth_user_request);
-
+ AuthNTLMUserRequest *ntlm_request = dynamic_cast<AuthNTLMUserRequest *>(auth_user_request.getRaw());
assert(ntlm_request != NULL);
- switch (ntlm_request->auth_state) {
+ switch (ntlm_request->user()->credentials()) {
- case AUTHENTICATE_STATE_FAILED:
+ case AuthUser::Failed:
/* here it makes sense to drop the connection, as auth is
* tied to it, even if MAYBE the client could handle it - Kinkie */
request->flags.proxy_keepalive = 0;
/* fall through */
- case AUTHENTICATE_STATE_DONE:
+ case AuthUser::Ok:
/* Special case: authentication finished OK but disallowed by ACL.
* Need to start over to give the client another chance.
*/
/* fall through */
- case AUTHENTICATE_STATE_NONE:
+ case AuthUser::Unchecked:
/* semantic change: do not drop the connection.
* 2.5 implementation used to keep it open - Kinkie */
debugs(29, 9, "AuthNTLMConfig::fixHeader: Sending type:" << hdrType << " header: 'NTLM'");
httpHeaderPutStrf(&rep->header, hdrType, "NTLM");
break;
- case AUTHENTICATE_STATE_IN_PROGRESS:
+ case AuthUser::Handshake:
/* we're waiting for a response from the client. Pass it the blob */
debugs(29, 9, "AuthNTLMConfig::fixHeader: Sending type:" << hdrType << " header: 'NTLM " << ntlm_request->server_blob << "'");
httpHeaderPutStrf(&rep->header, hdrType, "NTLM %s", ntlm_request->server_blob);
safe_free(ntlm_request->server_blob);
break;
-
default:
- debugs(29, 0, "AuthNTLMConfig::fixHeader: state " << ntlm_request->auth_state << ".");
+ debugs(29, DBG_CRITICAL, "AuthNTLMConfig::fixHeader: state " << ntlm_request->user()->credentials() << ".");
fatal("unexpected state in AuthenticateNTLMFixErrorHeader.\n");
}
}
debugs(29, 5, "NTLMUser::~NTLMUser: doing nothing to clearNTLM scheme data for '" << this << "'");
}
-static void
-authenticateNTLMHandleReply(void *data, void *lastserver, char *reply)
+int32_t
+NTLMUser::ttl() const
{
- authenticateStateData *r = static_cast<authenticateStateData *>(data);
-
- int valid;
- char *blob;
-
- AuthUserRequest *auth_user_request;
- AuthUser *auth_user;
- NTLMUser *ntlm_user;
- AuthNTLMUserRequest *ntlm_request;
-
- debugs(29, 8, "authenticateNTLMHandleReply: helper: '" << lastserver << "' sent us '" << (reply ? reply : "<NULL>") << "'");
- valid = cbdataReferenceValid(r->data);
-
- if (!valid) {
- debugs(29, 1, "authenticateNTLMHandleReply: invalid callback data. helper '" << lastserver << "'.");
- cbdataReferenceDone(r->data);
- authenticateStateFree(r);
- return;
- }
-
- if (!reply) {
- debugs(29, 1, "authenticateNTLMHandleReply: Helper '" << lastserver << "' crashed!.");
- reply = (char *)"BH Internal error";
- }
-
- auth_user_request = r->auth_user_request;
- assert(auth_user_request != NULL);
- ntlm_request = dynamic_cast<AuthNTLMUserRequest *>(auth_user_request);
-
- assert(ntlm_request != NULL);
- assert(ntlm_request->waiting);
- ntlm_request->waiting = 0;
- safe_free(ntlm_request->client_blob);
-
- auth_user = ntlm_request->user();
- assert(auth_user != NULL);
- assert(auth_user->auth_type == AUTH_NTLM);
- ntlm_user = dynamic_cast<ntlm_user_t *>(auth_user_request->user());
-
- assert(ntlm_user != NULL);
-
- if (ntlm_request->authserver == NULL)
- ntlm_request->authserver = static_cast<helper_stateful_server*>(lastserver);
- else
- assert(ntlm_request->authserver == lastserver);
-
- /* seperate out the useful data */
- blob = strchr(reply, ' ');
-
- if (blob)
- blob++;
-
- if (strncasecmp(reply, "TT ", 3) == 0) {
- /* we have been given a blob to send to the client */
- safe_free(ntlm_request->server_blob);
- ntlm_request->request->flags.must_keepalive = 1;
- if (ntlm_request->request->flags.proxy_keepalive) {
- ntlm_request->server_blob = xstrdup(blob);
- ntlm_request->auth_state = AUTHENTICATE_STATE_IN_PROGRESS;
- auth_user_request->denyMessage("Authentication in progress");
- debugs(29, 4, "authenticateNTLMHandleReply: Need to challenge the client with a server blob '" << blob << "'");
- } else {
- ntlm_request->auth_state = AUTHENTICATE_STATE_FAILED;
- auth_user_request->denyMessage("NTLM authentication requires a persistent connection");
- }
- } else if (strncasecmp(reply, "AF ", 3) == 0) {
- /* we're finished, release the helper */
- ntlm_user->username(blob);
- auth_user_request->denyMessage("Login successful");
- safe_free(ntlm_request->server_blob);
-
- debugs(29, 4, "authenticateNTLMHandleReply: Successfully validated user via NTLM. Username '" << blob << "'");
- /* connection is authenticated */
- debugs(29, 4, "AuthNTLMUserRequest::authenticate: authenticated user " << ntlm_user->username());
- /* see if this is an existing user with a different proxy_auth
- * string */
- auth_user_hash_pointer *usernamehash = static_cast<AuthUserHashPointer *>(hash_lookup(proxy_auth_username_cache, ntlm_user->username()));
- AuthUser *local_auth_user = ntlm_request->user();
- while (usernamehash && (usernamehash->user()->auth_type != AUTH_NTLM || strcmp(usernamehash->user()->username(), ntlm_user->username()) != 0))
- usernamehash = static_cast<AuthUserHashPointer *>(usernamehash->next);
- if (usernamehash) {
- /* we can't seamlessly recheck the username due to the
- * challenge-response nature of the protocol.
- * Just free the temporary auth_user */
- usernamehash->user()->absorb(local_auth_user);
- //authenticateAuthUserMerge(local_auth_user, usernamehash->user());
- local_auth_user = usernamehash->user();
- ntlm_request->_auth_user = local_auth_user;
- } else {
- /* store user in hash's */
- local_auth_user->addToNameCache();
- // authenticateUserNameCacheAdd(local_auth_user);
- }
- /* set these to now because this is either a new login from an
- * existing user or a new user */
- local_auth_user->expiretime = current_time.tv_sec;
- ntlm_request->releaseAuthServer();
- ntlm_request->auth_state = AUTHENTICATE_STATE_DONE;
- } else if (strncasecmp(reply, "NA ", 3) == 0) {
- /* authentication failure (wrong password, etc.) */
- auth_user_request->denyMessage(blob);
- ntlm_request->auth_state = AUTHENTICATE_STATE_FAILED;
- safe_free(ntlm_request->server_blob);
- ntlm_request->releaseAuthServer();
- debugs(29, 4, "authenticateNTLMHandleReply: Failed validating user via NTLM. Error returned '" << blob << "'");
- } else if (strncasecmp(reply, "BH ", 3) == 0) {
- /* TODO kick off a refresh process. This can occur after a YR or after
- * a KK. If after a YR release the helper and resubmit the request via
- * Authenticate NTLM start.
- * If after a KK deny the user's request w/ 407 and mark the helper as
- * Needing YR. */
- auth_user_request->denyMessage(blob);
- ntlm_request->auth_state = AUTHENTICATE_STATE_FAILED;
- safe_free(ntlm_request->server_blob);
- ntlm_request->releaseAuthServer();
- debugs(29, 1, "authenticateNTLMHandleReply: Error validating user via NTLM. Error returned '" << reply << "'");
- } else {
- /* protocol error */
- fatalf("authenticateNTLMHandleReply: *** Unsupported helper response ***, '%s'\n", reply);
- }
-
- if (ntlm_request->request) {
- HTTPMSGUNLOCK(ntlm_request->request);
- ntlm_request->request = NULL;
- }
- r->handler(r->data, NULL);
- cbdataReferenceDone(r->data);
- authenticateStateFree(r);
+ return -1; // NTLM credentials cannot be cached.
}
static void
helperStatefulStats(sentry, ntlmauthenticators, "NTLM Authenticator Statistics");
}
-
-/* send the initial data to a stateful ntlm authenticator module */
-void
-AuthNTLMUserRequest::module_start(RH * handler, void *data)
-{
- authenticateStateData *r = NULL;
- static char buf[8192];
- ntlm_user_t *ntlm_user;
- AuthUser *auth_user = user();
-
- assert(data);
- assert(handler);
- assert(auth_user);
- assert(auth_user->auth_type == AUTH_NTLM);
-
- ntlm_user = dynamic_cast<ntlm_user_t *>(user());
-
- debugs(29, 8, "AuthNTLMUserRequest::module_start: auth state is '" << auth_state << "'");
-
- if (ntlmConfig.authenticate == NULL) {
- debugs(29, 0, "AuthNTLMUserRequest::module_start: no NTLM program specified.");
- handler(data, NULL);
- return;
- }
-
- r = cbdataAlloc(authenticateStateData);
- r->handler = handler;
- r->data = cbdataReference(data);
- r->auth_user_request = this;
- AUTHUSERREQUESTLOCK(r->auth_user_request, "r");
-
- if (auth_state == AUTHENTICATE_STATE_INITIAL) {
- snprintf(buf, 8192, "YR %s\n", client_blob); //CHECKME: can ever client_blob be 0 here?
- } else {
- snprintf(buf, 8192, "KK %s\n", client_blob);
- }
-
- waiting = 1;
-
- safe_free(client_blob);
- helperStatefulSubmit(ntlmauthenticators, buf, authenticateNTLMHandleReply, r, authserver);
-}
-
-/**
- * Atomic action: properly release the NTLM auth helpers which may have been reserved
- * for this request connections use.
- */
-void
-AuthNTLMUserRequest::releaseAuthServer()
-{
- if (authserver) {
- debugs(29, 6, HERE << "releasing NTLM auth server '" << authserver << "'");
- helperStatefulReleaseServer(authserver);
- authserver = NULL;
- } else
- debugs(29, 6, HERE << "No NTLM auth server to release.");
-}
-
-/* clear any connection related authentication details */
-void
-AuthNTLMUserRequest::onConnectionClose(ConnStateData *conn)
-{
- assert(conn != NULL);
-
- debugs(29, 8, "AuthNTLMUserRequest::onConnectionClose: closing connection '" << conn << "' (this is '" << this << "')");
-
- if (conn->auth_user_request == NULL) {
- debugs(29, 8, "AuthNTLMUserRequest::onConnectionClose: no auth_user_request");
- return;
- }
-
- // unlock / un-reserve the helpers
- releaseAuthServer();
-
- /* unlock the connection based lock */
- debugs(29, 9, "AuthNTLMUserRequest::onConnectionClose: Unlocking auth_user from the connection '" << conn << "'.");
-
- AUTHUSERREQUESTUNLOCK(conn->auth_user_request, "conn");
-}
-
/*
* Decode a NTLM [Proxy-]Auth string, placing the results in the passed
* Auth_user structure.
*/
-AuthUserRequest *
+AuthUserRequest::Pointer
AuthNTLMConfig::decode(char const *proxy_auth)
{
- NTLMUser *newUser = new NTLMUser(&ntlmConfig);
- AuthNTLMUserRequest *auth_user_request = new AuthNTLMUserRequest ();
+ NTLMUser *newUser = new NTLMUser(AuthConfig::Find("ntlm"));
+ AuthUserRequest::Pointer auth_user_request = new AuthNTLMUserRequest();
assert(auth_user_request->user() == NULL);
+
auth_user_request->user(newUser);
auth_user_request->user()->auth_type = AUTH_NTLM;
- auth_user_request->user()->addRequest(auth_user_request);
/* all we have to do is identify that it's NTLM - the helper does the rest */
debugs(29, 9, "AuthNTLMConfig::decode: NTLM authentication");
return auth_user_request;
}
-int
-AuthNTLMUserRequest::authenticated() const
-{
- if (auth_state == AUTHENTICATE_STATE_DONE) {
- debugs(29, 9, "AuthNTLMUserRequest::authenticated: user authenticated.");
- return 1;
- }
-
- debugs(29, 9, "AuthNTLMUserRequest::authenticated: user not fully authenticated.");
-
- return 0;
-}
-
-void
-AuthNTLMUserRequest::authenticate(HttpRequest * aRequest, ConnStateData * conn, http_hdr_type type)
-{
- const char *proxy_auth, *blob;
-
- /* TODO: rename this!! */
- AuthUser *local_auth_user;
- ntlm_user_t *ntlm_user;
-
- local_auth_user = user();
- assert(local_auth_user);
- assert(local_auth_user->auth_type == AUTH_NTLM);
- ntlm_user = dynamic_cast<ntlm_user_t *>(local_auth_user);
- assert (this);
-
- /* Check that we are in the client side, where we can generate
- * auth challenges */
-
- if (conn == NULL || !cbdataReferenceValid(conn)) {
- auth_state = AUTHENTICATE_STATE_FAILED;
- debugs(29, 1, "AuthNTLMUserRequest::authenticate: attempt to perform authentication without a connection!");
- return;
- }
-
- if (waiting) {
- debugs(29, 1, "AuthNTLMUserRequest::authenticate: waiting for helper reply!");
- return;
- }
-
- if (server_blob) {
- debugs(29, 2, "AuthNTLMUserRequest::authenticate: need to challenge client '" << server_blob << "'!");
- return;
- }
-
- /* get header */
- proxy_auth = aRequest->header.getStr(type);
-
- /* locate second word */
- blob = proxy_auth;
-
- /* if proxy_auth is actually NULL, we'd better not manipulate it. */
- if (blob) {
- while (xisspace(*blob) && *blob)
- blob++;
-
- while (!xisspace(*blob) && *blob)
- blob++;
-
- while (xisspace(*blob) && *blob)
- blob++;
- }
-
- switch (auth_state) {
-
- case AUTHENTICATE_STATE_NONE:
- /* we've received a ntlm request. pass to a helper */
- debugs(29, 9, "AuthNTLMUserRequest::authenticate: auth state ntlm none. Received blob: '" << proxy_auth << "'");
- auth_state = AUTHENTICATE_STATE_INITIAL;
- safe_free(client_blob);
- client_blob=xstrdup(blob);
- conn->auth_type = AUTH_NTLM;
- assert(conn->auth_user_request == NULL);
- conn->auth_user_request = this;
- AUTHUSERREQUESTLOCK(conn->auth_user_request, "conn");
- request = aRequest;
- HTTPMSGLOCK(request);
- return;
-
- break;
-
- case AUTHENTICATE_STATE_INITIAL:
- debugs(29, 1, "AuthNTLMUserRequest::authenticate: need to ask helper");
-
- return;
-
- break;
-
-
- case AUTHENTICATE_STATE_IN_PROGRESS:
- /* we should have received a blob from the client. Hand it off to
- * some helper */
- safe_free(client_blob);
-
- client_blob = xstrdup (blob);
-
- if (request)
- HTTPMSGUNLOCK(request);
- request = aRequest;
- HTTPMSGLOCK(request);
- return;
-
- break;
-
- case AUTHENTICATE_STATE_DONE:
- fatal("AuthNTLMUserRequest::authenticate: unexpect auth state DONE! Report a bug to the squid developers.\n");
-
- break;
-
- case AUTHENTICATE_STATE_FAILED:
- /* we've failed somewhere in authentication */
- debugs(29, 9, "AuthNTLMUserRequest::authenticate: auth state ntlm failed. " << proxy_auth);
-
- return;
-
- break;
- }
-
- return;
-}
-
-AuthNTLMUserRequest::AuthNTLMUserRequest() :
- /*conn(NULL),*/ auth_state(AUTHENTICATE_STATE_NONE),
- _theUser(NULL)
-{
- waiting=0;
- client_blob=0;
- server_blob=0;
- authserver=NULL;
- request = NULL;
-}
-
-AuthNTLMUserRequest::~AuthNTLMUserRequest()
-{
- safe_free(server_blob);
- safe_free(client_blob);
-
- releaseAuthServer();
-
- if (request) {
- HTTPMSGUNLOCK(request);
- request = NULL;
- }
-}
-
void
NTLMUser::deleteSelf() const
{
{
proxy_auth_list.head = proxy_auth_list.tail = NULL;
}
-
-AuthConfig *
-ntlmScheme::createConfig()
-{
- return &ntlmConfig;
-}
-
-const char *
-AuthNTLMUserRequest::connLastHeader()
-{
- return NULL;
-}
#define DefaultAuthenticateChildrenMax 32 /* 32 processes */
-#ifndef __AUTH_AUTHENTICATE_STATE_T__
-#define __AUTH_AUTHENTICATE_STATE_T__
-typedef enum {
- AUTHENTICATE_STATE_NONE,
- AUTHENTICATE_STATE_INITIAL,
- AUTHENTICATE_STATE_IN_PROGRESS,
- AUTHENTICATE_STATE_DONE,
- AUTHENTICATE_STATE_FAILED
-} auth_state_t; /* connection level auth state */
-
-/* Generic */
-
-typedef struct {
- void *data;
- AuthUserRequest *auth_user_request;
- RH *handler;
-} authenticateStateData;
-#endif
-
class NTLMUser : public AuthUser
{
public:
MEMPROXY_CLASS(NTLMUser);
- virtual void deleteSelf() const;
NTLMUser(AuthConfig *);
~NTLMUser();
+
+ virtual void deleteSelf() const;
+ virtual int32_t ttl() const;
+
dlink_list proxy_auth_list;
};
typedef class NTLMUser ntlm_user_t;
-class AuthNTLMUserRequest : public AuthUserRequest
-{
-
-public:
- MEMPROXY_CLASS(AuthNTLMUserRequest);
-
- AuthNTLMUserRequest();
- virtual ~AuthNTLMUserRequest();
- virtual int authenticated() const;
- virtual void authenticate(HttpRequest * request, ConnStateData * conn, http_hdr_type type);
- virtual int module_direction();
- virtual void onConnectionClose(ConnStateData *);
- virtual void module_start(RH *, void *);
- virtual AuthUser *user() {return _theUser;}
-
- virtual const AuthUser *user() const {return _theUser;}
-
- virtual void user (AuthUser *aUser) {_theUser=dynamic_cast<NTLMUser *>(aUser);}
-
- virtual const char * connLastHeader();
-
- /* we need to store the helper server between requests */
- helper_stateful_server *authserver;
- void releaseAuthServer(void); ///< Release authserver NTLM helpers properly when finished or abandoning.
-
- /* what connection is this associated with */
-// ConnStateData * conn;
-
- /* how far through the authentication process are we? */
- auth_state_t auth_state;
-
- /* our current blob to pass to the client */
- char *server_blob;
- /* our current blob to pass to the server */
- char *client_blob;
-
- /* currently waiting for helper response */
- unsigned char waiting;
-
- /* need access to the request flags to mess around on pconn failure */
- HttpRequest *request;
-
-private:
- /* the user */
- NTLMUser * _theUser;
-};
-
-MEMPROXY_CLASS_INLINE(AuthNTLMUserRequest);
-
-#include "HelperChildConfig.h"
-
/* configuration runtime data */
class AuthNTLMConfig : public AuthConfig
AuthNTLMConfig();
virtual bool active() const;
virtual bool configured() const;
- virtual AuthUserRequest *decode(char const *proxy_auth);
+ virtual AuthUserRequest::Pointer decode(char const *proxy_auth);
virtual void done();
+ virtual void rotateHelpers();
virtual void dump(StoreEntry *, const char *, AuthConfig *);
- virtual void fixHeader(AuthUserRequest *, HttpReply *, http_hdr_type, HttpRequest *);
+ virtual void fixHeader(AuthUserRequest::Pointer, HttpReply *, http_hdr_type, HttpRequest *);
virtual void init(AuthConfig *);
virtual void parse(AuthConfig *, int, char *);
virtual void registerWithCacheManager(void);
virtual const char * type() const;
- HelperChildConfig authenticateChildren;
int keep_alive;
- wordlist *authenticate;
};
typedef class AuthNTLMConfig auth_ntlm_config;
+extern statefulhelper *ntlmauthenticators;
+
#endif
-
/*
* $Id$
*
*
*/
-#include "ntlmScheme.h"
+#include "config.h"
+#include "auth/ntlm/auth_ntlm.h"
+#include "auth/ntlm/ntlmScheme.h"
+#include "helper.h"
-AuthScheme &
+AuthScheme::Pointer
ntlmScheme::GetInstance()
{
- if (_instance == NULL)
+ if (_instance == NULL) {
_instance = new ntlmScheme();
- return *_instance;
-}
-
-ntlmScheme::ntlmScheme()
-{
- AddScheme(*this);
+ AddScheme(_instance);
+ }
+ return _instance;
}
char const *
return "ntlm";
}
-ntlmScheme *ntlmScheme::_instance = NULL;
+AuthScheme::Pointer ntlmScheme::_instance = NULL;
+
+void
+ntlmScheme::done()
+{
+ /* clear the global handle to this scheme. */
+ _instance = NULL;
+
+ debugs(29, 2, "ntlmScheme::done: NTLM authentication Shutdown.");
+}
+
+AuthConfig *
+ntlmScheme::createConfig()
+{
+ auth_ntlm_config *ntlmCfg = new auth_ntlm_config;
+ return dynamic_cast<AuthConfig*>(ntlmCfg);
+}
#define SQUID_NTLMSCHEME_H
#include "auth/Scheme.h"
+#include "auth/ntlm/auth_ntlm.h"
/// \ingroup AuthSchemeAPI
/// \ingroup AuthAPI
{
public:
- static AuthScheme &GetInstance();
- ntlmScheme();
+ static AuthScheme::Pointer GetInstance();
+ ntlmScheme() {};
virtual ~ntlmScheme() {};
/* per scheme */
virtual char const *type () const;
virtual void done();
virtual AuthConfig *createConfig();
+
/* Not implemented */
ntlmScheme (ntlmScheme const &);
ntlmScheme &operator=(ntlmScheme const &);
private:
- static ntlmScheme *_instance;
+ /**
+ * Main instance of this authentication Scheme.
+ * NULL when the scheme is not being used.
+ */
+ static AuthScheme::Pointer _instance;
};
#endif /* SQUID_ntlmSCHEME_H */
--- /dev/null
+#include "config.h"
+#include "auth/ntlm/ntlmUserRequest.h"
+#include "auth/ntlm/auth_ntlm.h"
+#include "auth/State.h"
+#include "cbdata.h"
+#include "HttpRequest.h"
+#include "SquidTime.h"
+
+/* state wrapper functions */
+
+AuthNTLMUserRequest::AuthNTLMUserRequest()
+{
+ waiting=0;
+ client_blob=0;
+ server_blob=0;
+ authserver=NULL;
+ request = NULL;
+}
+
+AuthNTLMUserRequest::~AuthNTLMUserRequest()
+{
+ assert(RefCountCount()==0);
+ safe_free(server_blob);
+ safe_free(client_blob);
+
+ releaseAuthServer();
+
+ if (request) {
+ HTTPMSGUNLOCK(request);
+ request = NULL;
+ }
+}
+
+const char *
+AuthNTLMUserRequest::connLastHeader()
+{
+ return NULL;
+}
+
+/* See AuthUserRequest.cc::authenticateDirection for return values */
+int
+AuthNTLMUserRequest::module_direction()
+{
+ /* null auth_user is checked for by authenticateDirection */
+
+ if (waiting || client_blob)
+ return -1; /* need helper response to continue */
+
+ if (user()->auth_type != AUTH_NTLM)
+ return -2;
+
+ switch (user()->credentials()) {
+
+ case AuthUser::Handshake:
+ assert(server_blob);
+ return 1; /* send to client */
+
+ case AuthUser::Ok:
+ return 0; /* do nothing */
+
+ case AuthUser::Failed:
+ return -2;
+
+ default:
+ debugs(29, DBG_IMPORTANT, "WARNING: NTLM Authentication in unexpected state: " << user()->credentials());
+ return -2;
+ }
+}
+
+/* send the initial data to a stateful ntlm authenticator module */
+void
+AuthNTLMUserRequest::module_start(RH * handler, void *data)
+{
+ authenticateStateData *r = NULL;
+ static char buf[8192];
+
+ assert(data);
+ assert(handler);
+
+ debugs(29, 8, HERE << "credentials state is '" << user()->credentials() << "'");
+
+ if (static_cast<AuthNTLMConfig*>(AuthConfig::Find("ntlm"))->authenticate == NULL) {
+ debugs(29, DBG_CRITICAL, "ERROR: NTLM Start: no NTLM program configured.");
+ handler(data, NULL);
+ return;
+ }
+
+ r = cbdataAlloc(authenticateStateData);
+ r->handler = handler;
+ r->data = cbdataReference(data);
+ r->auth_user_request = this;
+
+ if (user()->credentials() == AuthUser::Pending) {
+ snprintf(buf, 8192, "YR %s\n", client_blob); //CHECKME: can ever client_blob be 0 here?
+ } else {
+ snprintf(buf, 8192, "KK %s\n", client_blob);
+ }
+
+ waiting = 1;
+
+ safe_free(client_blob);
+ helperStatefulSubmit(ntlmauthenticators, buf, AuthNTLMUserRequest::HandleReply, r, authserver);
+}
+
+/**
+ * Atomic action: properly release the NTLM auth helpers which may have been reserved
+ * for this request connections use.
+ */
+void
+AuthNTLMUserRequest::releaseAuthServer()
+{
+ if (authserver) {
+ debugs(29, 6, HERE << "releasing NTLM auth server '" << authserver << "'");
+ helperStatefulReleaseServer(authserver);
+ authserver = NULL;
+ } else
+ debugs(29, 6, HERE << "No NTLM auth server to release.");
+}
+
+void
+AuthNTLMUserRequest::onConnectionClose(ConnStateData *conn)
+{
+ assert(conn != NULL);
+
+ debugs(29, 8, "AuthNTLMUserRequest::onConnectionClose: closing connection '" << conn << "' (this is '" << this << "')");
+
+ if (conn->auth_user_request == NULL) {
+ debugs(29, 8, "AuthNTLMUserRequest::onConnectionClose: no auth_user_request");
+ return;
+ }
+
+ // unlock / un-reserve the helpers
+ releaseAuthServer();
+
+ /* unlock the connection based lock */
+ debugs(29, 9, "AuthNTLMUserRequest::onConnectionClose: Unlocking auth_user from the connection '" << conn << "'.");
+
+ conn->auth_user_request = NULL;
+}
+
+int
+AuthNTLMUserRequest::authenticated() const
+{
+ if (user()->credentials() == AuthUser::Ok) {
+ debugs(29, 9, "AuthNTLMUserRequest::authenticated: user authenticated.");
+ return 1;
+ }
+
+ debugs(29, 9, "AuthNTLMUserRequest::authenticated: user not fully authenticated.");
+
+ return 0;
+}
+
+void
+AuthNTLMUserRequest::authenticate(HttpRequest * aRequest, ConnStateData * conn, http_hdr_type type)
+{
+ const char *proxy_auth, *blob;
+
+ assert(this);
+
+ /* Check that we are in the client side, where we can generate
+ * auth challenges */
+
+ if (conn == NULL || !cbdataReferenceValid(conn)) {
+ user()->credentials(AuthUser::Failed);
+ debugs(29, 1, "AuthNTLMUserRequest::authenticate: attempt to perform authentication without a connection!");
+ return;
+ }
+
+ if (waiting) {
+ debugs(29, 1, "AuthNTLMUserRequest::authenticate: waiting for helper reply!");
+ return;
+ }
+
+ if (server_blob) {
+ debugs(29, 2, "AuthNTLMUserRequest::authenticate: need to challenge client '" << server_blob << "'!");
+ return;
+ }
+
+ /* get header */
+ proxy_auth = aRequest->header.getStr(type);
+
+ /* locate second word */
+ blob = proxy_auth;
+
+ /* if proxy_auth is actually NULL, we'd better not manipulate it. */
+ if (blob) {
+ while (xisspace(*blob) && *blob)
+ blob++;
+
+ while (!xisspace(*blob) && *blob)
+ blob++;
+
+ while (xisspace(*blob) && *blob)
+ blob++;
+ }
+
+ switch (user()->credentials()) {
+
+ case AuthUser::Unchecked:
+ /* we've received a ntlm request. pass to a helper */
+ debugs(29, 9, "AuthNTLMUserRequest::authenticate: auth state ntlm none. Received blob: '" << proxy_auth << "'");
+ user()->credentials(AuthUser::Pending);
+ safe_free(client_blob);
+ client_blob=xstrdup(blob);
+ assert(conn->auth_user_request == NULL);
+ conn->auth_user_request = this;
+ request = aRequest;
+ HTTPMSGLOCK(request);
+ break;
+
+ case AuthUser::Pending:
+ debugs(29, 1, "AuthNTLMUserRequest::authenticate: need to ask helper");
+ break;
+
+ case AuthUser::Handshake:
+ /* we should have received a blob from the client. Hand it off to
+ * some helper */
+ safe_free(client_blob);
+ client_blob = xstrdup (blob);
+
+ if (request)
+ HTTPMSGUNLOCK(request);
+ request = aRequest;
+ HTTPMSGLOCK(request);
+ break;
+
+ case AuthUser::Ok:
+ fatal("AuthNTLMUserRequest::authenticate: unexpect auth state DONE! Report a bug to the squid developers.\n");
+ break;
+
+ case AuthUser::Failed:
+ /* we've failed somewhere in authentication */
+ debugs(29, 9, "AuthNTLMUserRequest::authenticate: auth state ntlm failed. " << proxy_auth);
+ break;
+ }
+}
+
+void
+AuthNTLMUserRequest::HandleReply(void *data, void *lastserver, char *reply)
+{
+ authenticateStateData *r = static_cast<authenticateStateData *>(data);
+
+ int valid;
+ char *blob;
+
+ debugs(29, 8, "authenticateNTLMHandleReply: helper: '" << lastserver << "' sent us '" << (reply ? reply : "<NULL>") << "'");
+ valid = cbdataReferenceValid(r->data);
+
+ if (!valid) {
+ debugs(29, 1, "authenticateNTLMHandleReply: invalid callback data. helper '" << lastserver << "'.");
+ cbdataReferenceDone(r->data);
+ authenticateStateFree(r);
+ return;
+ }
+
+ if (!reply) {
+ debugs(29, 1, "authenticateNTLMHandleReply: Helper '" << lastserver << "' crashed!.");
+ reply = (char *)"BH Internal error";
+ }
+
+ AuthUserRequest::Pointer auth_user_request = r->auth_user_request;
+ assert(auth_user_request != NULL);
+
+ AuthNTLMUserRequest *ntlm_request = dynamic_cast<AuthNTLMUserRequest *>(auth_user_request.getRaw());
+ assert(ntlm_request != NULL);
+ assert(ntlm_request->waiting);
+ assert(ntlm_request->user() != NULL);
+ assert(ntlm_request->user()->auth_type == AUTH_NTLM);
+
+ ntlm_request->waiting = 0;
+ safe_free(ntlm_request->client_blob);
+
+ if (ntlm_request->authserver == NULL)
+ ntlm_request->authserver = static_cast<helper_stateful_server*>(lastserver);
+ else
+ assert(ntlm_request->authserver == lastserver);
+
+ /* seperate out the useful data */
+ blob = strchr(reply, ' ');
+ if (blob)
+ blob++;
+
+ if (strncasecmp(reply, "TT ", 3) == 0) {
+ /* we have been given a blob to send to the client */
+ safe_free(ntlm_request->server_blob);
+ ntlm_request->request->flags.must_keepalive = 1;
+ if (ntlm_request->request->flags.proxy_keepalive) {
+ ntlm_request->server_blob = xstrdup(blob);
+ ntlm_request->user()->credentials(AuthUser::Handshake);
+ auth_user_request->denyMessage("Authentication in progress");
+ debugs(29, 4, "authenticateNTLMHandleReply: Need to challenge the client with a server blob '" << blob << "'");
+ } else {
+ ntlm_request->user()->credentials(AuthUser::Failed);
+ auth_user_request->denyMessage("NTLM authentication requires a persistent connection");
+ }
+ } else if (strncasecmp(reply, "AF ", 3) == 0) {
+ /* we're finished, release the helper */
+ auth_user_request->user()->username(blob);
+ auth_user_request->denyMessage("Login successful");
+ safe_free(ntlm_request->server_blob);
+
+ debugs(29, 4, "authenticateNTLMHandleReply: Successfully validated user via NTLM. Username '" << blob << "'");
+ /* connection is authenticated */
+ debugs(29, 4, "AuthNTLMUserRequest::authenticate: authenticated user " << auth_user_request->user()->username());
+ /* see if this is an existing user with a different proxy_auth
+ * string */
+ auth_user_hash_pointer *usernamehash = static_cast<AuthUserHashPointer *>(hash_lookup(proxy_auth_username_cache, auth_user_request->user()->username()));
+ AuthUser::Pointer local_auth_user = ntlm_request->user();
+ while (usernamehash && (usernamehash->user()->auth_type != AUTH_NTLM || strcmp(usernamehash->user()->username(), auth_user_request->user()->username()) != 0))
+ usernamehash = static_cast<AuthUserHashPointer *>(usernamehash->next);
+ if (usernamehash) {
+ /* we can't seamlessly recheck the username due to the
+ * challenge-response nature of the protocol.
+ * Just free the temporary auth_user */
+ usernamehash->user()->absorb(local_auth_user);
+ local_auth_user = usernamehash->user();
+ ntlm_request->_auth_user = local_auth_user;
+ } else {
+ /* store user in hash's */
+ local_auth_user->addToNameCache();
+ }
+ /* set these to now because this is either a new login from an
+ * existing user or a new user */
+ local_auth_user->expiretime = current_time.tv_sec;
+ ntlm_request->releaseAuthServer();
+ local_auth_user->credentials(AuthUser::Ok);
+ } else if (strncasecmp(reply, "NA ", 3) == 0) {
+ /* authentication failure (wrong password, etc.) */
+ auth_user_request->denyMessage(blob);
+ ntlm_request->user()->credentials(AuthUser::Failed);
+ safe_free(ntlm_request->server_blob);
+ ntlm_request->releaseAuthServer();
+ debugs(29, 4, "authenticateNTLMHandleReply: Failed validating user via NTLM. Error returned '" << blob << "'");
+ } else if (strncasecmp(reply, "BH ", 3) == 0) {
+ /* TODO kick off a refresh process. This can occur after a YR or after
+ * a KK. If after a YR release the helper and resubmit the request via
+ * Authenticate NTLM start.
+ * If after a KK deny the user's request w/ 407 and mark the helper as
+ * Needing YR. */
+ auth_user_request->denyMessage(blob);
+ auth_user_request->user()->credentials(AuthUser::Failed);
+ safe_free(ntlm_request->server_blob);
+ ntlm_request->releaseAuthServer();
+ debugs(29, 1, "authenticateNTLMHandleReply: Error validating user via NTLM. Error returned '" << reply << "'");
+ } else {
+ /* protocol error */
+ fatalf("authenticateNTLMHandleReply: *** Unsupported helper response ***, '%s'\n", reply);
+ }
+
+ if (ntlm_request->request) {
+ HTTPMSGUNLOCK(ntlm_request->request);
+ ntlm_request->request = NULL;
+ }
+ r->handler(r->data, NULL);
+ cbdataReferenceDone(r->data);
+ authenticateStateFree(r);
+}
--- /dev/null
+#ifndef _SQUID_SRC_AUTH_NTLM_USERREQUEST_H
+#define _SQUID_SRC_AUTH_NTLM_USERREQUEST_H
+
+#include "auth/UserRequest.h"
+#include "auth/ntlm/auth_ntlm.h"
+#include "MemPool.h"
+
+class ConnStateData;
+class HttpReply;
+class HttpRequest;
+struct helper_stateful_server;
+
+class AuthNTLMUserRequest : public AuthUserRequest
+{
+
+public:
+ MEMPROXY_CLASS(AuthNTLMUserRequest);
+
+ AuthNTLMUserRequest();
+ virtual ~AuthNTLMUserRequest();
+ virtual int authenticated() const;
+ virtual void authenticate(HttpRequest * request, ConnStateData * conn, http_hdr_type type);
+ virtual int module_direction();
+ virtual void onConnectionClose(ConnStateData *);
+ virtual void module_start(RH *, void *);
+
+ virtual const char * connLastHeader();
+
+ /* we need to store the helper server between requests */
+ helper_stateful_server *authserver;
+ void releaseAuthServer(void); ///< Release authserver NTLM helpers properly when finished or abandoning.
+
+ /* what connection is this associated with */
+// ConnStateData * conn;
+
+ /* our current blob to pass to the client */
+ char *server_blob;
+
+ /* our current blob to pass to the server */
+ char *client_blob;
+
+ /* currently waiting for helper response */
+ unsigned char waiting;
+
+ /* need access to the request flags to mess around on pconn failure */
+ HttpRequest *request;
+
+private:
+ static HLPSCB HandleReply;
+};
+
+MEMPROXY_CLASS_INLINE(AuthNTLMUserRequest);
+
+#endif /* _SQUID_SRC_AUTH_NTLM_USERREQUEST_H */
/*
- * DEBUG: section 93 ICAP (RFC 3507) Client
+ * DEBUG: section 93 ICAP (RFC 3507) Client
*/
#include "squid.h"
+#include "base/AsyncCall.h"
+#include "base/AsyncJob.h"
+#include "base/TextException.h"
#include "cbdata.h"
#include "MemBuf.h"
-#include "TextException.h"
-#include "base/AsyncJob.h"
-#include "base/AsyncCall.h"
unsigned int AsyncJob::TheLastId = 0;
#define SQUID_ASYNC_JOB_H
#include "base/AsyncCall.h"
-#include "TextException.h"
/**
\defgroup AsyncJobAPI Async-Jobs API
AsyncJob.cc \
AsyncJobCalls.h \
AsyncCallQueue.cc \
- AsyncCallQueue.h
+ AsyncCallQueue.h \
+ TextException.cc \
+ TextException.h
-#include "squid.h"
-#include "TextException.h"
+#include "config.h"
+#include "base/TextException.h"
+#include "Debug.h"
+#include "util.h"
TextException::TextException()
{
// Origin: xstd/TextException
-#include "squid.h"
+#include "config.h"
#include <exception>
// simple exception to report custom errors
/*
* $Id$
*
- * DEBUG: section 3 Configuration File Parsing
+ * DEBUG: section 03 Configuration File Parsing
* AUTHOR: Harvest Derived
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
#endif
#include "HttpRequestMethod.h"
#include "ident/Config.h"
-#include "ip/IpIntercept.h"
+#include "ip/Intercept.h"
+#include "ip/QosConfig.h"
#include "log/Config.h"
#include "MemBuf.h"
#include "Parsing.h"
static void free_icap_service_type(Adaptation::Icap::Config *);
static void parse_icap_class_type();
static void parse_icap_access_type();
+
+static void parse_icap_service_failure_limit(Adaptation::Icap::Config *);
+static void dump_icap_service_failure_limit(StoreEntry *, const char *, const Adaptation::Icap::Config &);
+static void free_icap_service_failure_limit(Adaptation::Icap::Config *);
#endif
#if USE_ECAP
static void free_denyinfo(acl_deny_info_list ** var);
#if USE_WCCPv2
-static void parse_IpAddress_list(IpAddress_list **);
-static void dump_IpAddress_list(StoreEntry *, const char *, const IpAddress_list *);
-static void free_IpAddress_list(IpAddress_list **);
+static void parse_IpAddress_list(Ip::Address_list **);
+static void dump_IpAddress_list(StoreEntry *, const char *, const Ip::Address_list *);
+static void free_IpAddress_list(Ip::Address_list **);
#if CURRENTLY_UNUSED
-static int check_null_IpAddress_list(const IpAddress_list *);
+static int check_null_IpAddress_list(const Ip::Address_list *);
#endif /* CURRENTLY_UNUSED */
#endif /* USE_WCCPv2 */
int err_count = 0;
CacheManager *manager=CacheManager::GetInstance();
+ debugs(5, 4, HERE);
+
configFreeMemory();
ACLMethodData::ThePurgeCount = 0;
uniqueHostname(),
visible_appname_string);
+ /* Use visible_hostname as default surrogate_id */
+ if (!Config.Accel.surrogate_id) {
+ const char *t = getMyHostname();
+ Config.Accel.surrogate_id = xstrdup( (t?t:"unset-id") );
+ }
+
if (!Config.udpMaxHitObjsz || Config.udpMaxHitObjsz > SQUID_UDP_SO_SNDBUF)
Config.udpMaxHitObjsz = SQUID_UDP_SO_SNDBUF;
}
static void
-dump_address(StoreEntry * entry, const char *name, IpAddress &addr)
+dump_address(StoreEntry * entry, const char *name, Ip::Address &addr)
{
char buf[MAX_IPSTRLEN];
storeAppendPrintf(entry, "%s %s\n", name, addr.NtoA(buf,MAX_IPSTRLEN) );
}
static void
-parse_address(IpAddress *addr)
+parse_address(Ip::Address *addr)
{
char *token = strtok(NULL, w_space);
}
static void
-free_address(IpAddress *addr)
+free_address(Ip::Address *addr)
{
addr->SetEmpty();
}
}
static void
-parse_authparam(authConfig * config)
+parse_authparam(Auth::authConfig * config)
{
char *type_str;
char *param_str;
if ((param_str = strtok(NULL, w_space)) == NULL)
self_destruct();
- /* find a configuration for the scheme */
- AuthConfig *scheme = AuthConfig::Find (type_str);
+ /* find a configuration for the scheme in the currently parsed configs... */
+ AuthConfig *schemeCfg = AuthConfig::Find(type_str);
- if (scheme == NULL) {
- /* Create a configuration */
- AuthScheme *theScheme;
+ if (schemeCfg == NULL) {
+ /* Create a configuration based on the scheme info */
+ AuthScheme::Pointer theScheme = AuthScheme::Find(type_str);
- if ((theScheme = AuthScheme::Find(type_str)) == NULL) {
- debugs(3, 0, "Parsing Config File: Unknown authentication scheme '" << type_str << "'.");
- return;
+ if (theScheme == NULL) {
+ debugs(3, DBG_CRITICAL, "Parsing Config File: Unknown authentication scheme '" << type_str << "'.");
+ self_destruct();
}
config->push_back(theScheme->createConfig());
- scheme = config->back();
- assert (scheme);
+ schemeCfg = AuthConfig::Find(type_str);
+ if (schemeCfg == NULL) {
+ debugs(3, DBG_CRITICAL, "Parsing Config File: Corruption configuring authentication scheme '" << type_str << "'.");
+ self_destruct();
+ }
}
- scheme->parse(scheme, config->size(), param_str);
+ schemeCfg->parse(schemeCfg, config->size(), param_str);
}
static void
-free_authparam(authConfig * cfg)
+free_authparam(Auth::authConfig * cfg)
{
- AuthConfig *scheme;
- /* DON'T FREE THESE FOR RECONFIGURE */
-
- if (reconfiguring)
- return;
+ /* Wipe the Auth globals and Detach/Destruct component config + state. */
+ cfg->clean();
+ /* remove our pointers to the probably-dead sub-configs */
while (cfg->size()) {
- scheme = cfg->pop_back();
- scheme->done();
+ cfg->pop_back();
+ }
+
+ /* on reconfigure initialize new auth schemes for the new config. */
+ if (reconfiguring) {
+ InitAuthSchemes();
}
}
dump_refreshpattern(StoreEntry * entry, const char *name, refresh_t * head)
{
while (head != NULL) {
- storeAppendPrintf(entry, "%s%s %s %d %d%% %d\n",
+ storeAppendPrintf(entry, "%s%s %s %d %d%% %d",
name,
head->flags.icase ? " -i" : null_string,
head->pattern,
if (head->flags.refresh_ims)
storeAppendPrintf(entry, " refresh-ims");
+ if (head->flags.store_stale)
+ storeAppendPrintf(entry, " store-stale");
+
#if HTTP_VIOLATIONS
if (head->flags.override_expire)
double pct = 0.0;
time_t max = 0;
int refresh_ims = 0;
+ int store_stale = 0;
+
#if HTTP_VIOLATIONS
int override_expire = 0;
while ((token = strtok(NULL, w_space)) != NULL) {
if (!strcmp(token, "refresh-ims")) {
refresh_ims = 1;
+ } else if (!strcmp(token, "store-stale")) {
+ store_stale = 1;
#if HTTP_VIOLATIONS
} else if (!strcmp(token, "override-expire"))
if (refresh_ims)
t->flags.refresh_ims = 1;
+ if (store_stale)
+ t->flags.store_stale = 1;
+
#if HTTP_VIOLATIONS
if (override_expire)
storeAppendPrintf(entry, "\n");
}
-#include "cf_parser.h"
+#include "cf_parser.cci"
peer_t
parseNeighborType(const char *s)
#if USE_WCCPv2
static void
-parse_IpAddress_list(IpAddress_list ** head)
+parse_IpAddress_list(Ip::Address_list ** head)
{
char *token;
- IpAddress_list *s;
- IpAddress ipa;
+ Ip::Address_list *s;
+ Ip::Address ipa;
while ((token = strtok(NULL, w_space))) {
if (GetHostWithPort(token, &ipa)) {
while (*head)
head = &(*head)->next;
- s = static_cast<IpAddress_list *>(xcalloc(1, sizeof(*s)));
+ s = static_cast<Ip::Address_list *>(xcalloc(1, sizeof(*s)));
s->s = ipa;
*head = s;
}
static void
-dump_IpAddress_list(StoreEntry * e, const char *n, const IpAddress_list * s)
+dump_IpAddress_list(StoreEntry * e, const char *n, const Ip::Address_list * s)
{
char ntoabuf[MAX_IPSTRLEN];
}
static void
-free_IpAddress_list(IpAddress_list ** head)
+free_IpAddress_list(Ip::Address_list ** head)
{
if (*head) delete *head;
*head = NULL;
* be used by icp_port and htcp_port
*/
static int
-check_null_IpAddress_list(const IpAddress_list * s)
+check_null_IpAddress_list(const Ip::Address_list * s)
{
return NULL == s;
}
static void
parse_http_port_option(http_port_list * s, char *token)
{
- if (strncmp(token, "defaultsite=", 12) == 0) {
+ /* modes first */
+
+ if (strcmp(token, "accel") == 0) {
+ if (s->intercepted || s->spoof_client_ip) {
+ debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: Accelerator mode requires its own port. It cannot be shared with other modes.");
+ self_destruct();
+ }
+ s->accel = 1;
+ } else if (strcmp(token, "transparent") == 0 || strcmp(token, "intercept") == 0) {
+ if (s->accel || s->spoof_client_ip) {
+ debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: Intercept mode requires its own interception port. It cannot be shared with other modes.");
+ self_destruct();
+ }
+ s->intercepted = 1;
+ Ip::Interceptor.StartInterception();
+ /* Log information regarding the port modes under interception. */
+ debugs(3, DBG_IMPORTANT, "Starting Authentication on port " << s->s);
+ debugs(3, DBG_IMPORTANT, "Disabling Authentication on port " << s->s << " (interception enabled)");
+
+#if USE_IPV6
+ /* INET6: until transparent REDIRECT works on IPv6 SOCKET, force wildcard to IPv4 */
+ debugs(3, DBG_IMPORTANT, "Disabling IPv6 on port " << s->s << " (interception enabled)");
+ if ( !s->s.SetIPv4() ) {
+ debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: IPv6 addresses cannot be transparent (protocol does not provide NAT)" << s->s );
+ self_destruct();
+ }
+#endif
+ } else if (strcmp(token, "tproxy") == 0) {
+ if (s->intercepted || s->accel) {
+ debugs(3,DBG_CRITICAL, "FATAL: http(s)_port: TPROXY option requires its own interception port. It cannot be shared with other modes.");
+ self_destruct();
+ }
+ s->spoof_client_ip = 1;
+ Ip::Interceptor.StartTransparency();
+ /* Log information regarding the port modes under transparency. */
+ debugs(3, DBG_IMPORTANT, "Starting IP Spoofing on port " << s->s);
+ debugs(3, DBG_IMPORTANT, "Disabling Authentication on port " << s->s << " (IP spoofing enabled)");
+
+ if (!Ip::Interceptor.ProbeForTproxy(s->s)) {
+ debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: TPROXY support in the system does not work.");
+ self_destruct();
+ }
+
+ } else if (strncmp(token, "defaultsite=", 12) == 0) {
+ if (!s->accel) {
+ debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: defaultsite option requires Acceleration mode flag.");
+ self_destruct();
+ }
safe_free(s->defaultsite);
s->defaultsite = xstrdup(token + 12);
- s->accel = 1;
- } else if (strncmp(token, "name=", 5) == 0) {
- safe_free(s->name);
- s->name = xstrdup(token + 5);
} else if (strcmp(token, "vhost") == 0) {
+ if (!s->accel) {
+ debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: vhost option requires Acceleration mode flag.");
+ self_destruct();
+ }
s->vhost = 1;
- s->accel = 1;
} else if (strcmp(token, "vport") == 0) {
+ if (!s->accel) {
+ debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: vport option requires Acceleration mode flag.");
+ self_destruct();
+ }
s->vport = -1;
- s->accel = 1;
} else if (strncmp(token, "vport=", 6) == 0) {
+ if (!s->accel) {
+ debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: vport option requires Acceleration mode flag.");
+ self_destruct();
+ }
s->vport = xatos(token + 6);
- s->accel = 1;
} else if (strncmp(token, "protocol=", 9) == 0) {
+ if (!s->accel) {
+ debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: protocol option requires Acceleration mode flag.");
+ self_destruct();
+ }
s->protocol = xstrdup(token + 9);
- s->accel = 1;
- } else if (strcmp(token, "accel") == 0) {
- s->accel = 1;
} else if (strcmp(token, "allow-direct") == 0) {
+ if (!s->accel) {
+ debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: vport option requires Acceleration mode flag.");
+ self_destruct();
+ }
s->allow_direct = 1;
} else if (strcmp(token, "ignore-cc") == 0) {
- s->ignore_cc = 1;
#if !HTTP_VIOLATIONS
if (!s->accel) {
- debugs(3, DBG_CRITICAL, "FATAL: ignore-cc is only valid in accelerator mode");
+ debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: ignore-cc option requires Scceleration mode flag.");
self_destruct();
}
#endif
+ s->ignore_cc = 1;
+ } else if (strncmp(token, "name=", 5) == 0) {
+ safe_free(s->name);
+ s->name = xstrdup(token + 5);
} else if (strcmp(token, "no-connection-auth") == 0) {
s->connection_auth_disabled = true;
} else if (strcmp(token, "connection-auth=off") == 0) {
s->disable_pmtu_discovery = DISABLE_PMTU_ALWAYS;
else
self_destruct();
-
- } else if (strcmp(token, "transparent") == 0 || strcmp(token, "intercept") == 0) {
- s->intercepted = 1;
- IpInterceptor.StartInterception();
- /* Log information regarding the port modes under interception. */
- debugs(3, DBG_IMPORTANT, "Starting Authentication on port " << s->s);
- debugs(3, DBG_IMPORTANT, "Disabling Authentication on port " << s->s << " (interception enabled)");
-
-#if USE_IPV6
- /* INET6: until transparent REDIRECT works on IPv6 SOCKET, force wildcard to IPv4 */
- debugs(3, DBG_IMPORTANT, "Disabling IPv6 on port " << s->s << " (interception enabled)");
- if ( !s->s.SetIPv4() ) {
- debugs(3, DBG_CRITICAL, "http(s)_port: IPv6 addresses cannot be transparent (protocol does not provide NAT)" << s->s );
- self_destruct();
- }
-#endif
- } else if (strcmp(token, "tproxy") == 0) {
- if (s->intercepted || s->accel) {
- debugs(3,DBG_CRITICAL, "http(s)_port: TPROXY option requires its own interception port. It cannot be shared.");
- self_destruct();
- }
- s->spoof_client_ip = 1;
- IpInterceptor.StartTransparency();
- /* Log information regarding the port modes under transparency. */
- debugs(3, DBG_IMPORTANT, "Starting IP Spoofing on port " << s->s);
- debugs(3, DBG_IMPORTANT, "Disabling Authentication on port " << s->s << " (IP spoofing enabled)");
-
- if (!IpInterceptor.ProbeForTproxy(s->s)) {
- debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: TPROXY support in the system does not work.");
- self_destruct();
- }
-
} else if (strcmp(token, "ipv4") == 0) {
#if USE_IPV6
if ( !s->s.SetIPv4() ) {
- debugs(3, 0, "http(s)_port: IPv6 addresses cannot be used a IPv4-Only." << s->s );
+ debugs(3, DBG_CRITICAL, "FATAL: http(s)_port: IPv6 addresses cannot be used a IPv4-Only." << s->s );
self_destruct();
}
#endif
t = strchr(t, ',');
}
#if USE_SSL
+ } else if (strcmp(token, "sslBump") == 0) {
+ s->sslBump = 1; // accelerated when bumped, otherwise not
} else if (strncmp(token, "cert=", 5) == 0) {
safe_free(s->cert);
s->cert = xstrdup(token + 5);
s->key = xstrdup(token + 4);
} else if (strncmp(token, "version=", 8) == 0) {
s->version = xatoi(token + 8);
-
if (s->version < 1 || s->version > 4)
self_destruct();
} else if (strncmp(token, "options=", 8) == 0) {
} else if (strncmp(token, "sslcontext=", 11) == 0) {
safe_free(s->sslcontext);
s->sslcontext = xstrdup(token + 11);
- } else if (strcmp(token, "sslBump") == 0) {
- s->sslBump = 1; // accelerated when bumped, otherwise not
#endif
} else {
self_destruct();
}
-
- if ( s->spoof_client_ip && (s->intercepted || s->accel) ) {
- debugs(3,DBG_CRITICAL, "http(s)_port: TPROXY option requires its own interception port. It cannot be shared.");
- self_destruct();
- }
}
static http_port_list *
n,
s->s.ToURL(buf,MAX_IPSTRLEN));
- if (s->defaultsite)
- storeAppendPrintf(e, " defaultsite=%s", s->defaultsite);
-
if (s->intercepted)
storeAppendPrintf(e, " intercept");
+ if (s->spoof_client_ip)
+ storeAppendPrintf(e, " tproxy");
+
+ if (s->accel)
+ storeAppendPrintf(e, " accel");
+
if (s->vhost)
storeAppendPrintf(e, " vhost");
if (s->vport)
storeAppendPrintf(e, " vport");
+ if (s->defaultsite)
+ storeAppendPrintf(e, " defaultsite=%s", s->defaultsite);
+
if (s->connection_auth_disabled)
storeAppendPrintf(e, " connection-auth=off");
else
}
#if USE_SSL
+ if (s->sslBump)
+ storeAppendPrintf(e, " sslBump");
+
if (s->cert)
storeAppendPrintf(e, " cert=%s", s->cert);
if (s->sslcontext)
storeAppendPrintf(e, " sslcontext=%s", s->sslcontext);
-
- if (s->sslBump)
- storeAppendPrintf(e, " sslBump");
#endif
}
}
#endif /* USE_ECAP */
+
+#if ICAP_CLIENT
+static void parse_icap_service_failure_limit(Adaptation::Icap::Config *cfg)
+{
+ char *token;
+ time_t d;
+ time_t m;
+ cfg->service_failure_limit = GetInteger();
+
+ if ((token = strtok(NULL, w_space)) == NULL)
+ return;
+
+ if (strcmp(token,"in") != 0) {
+ debugs(3, 0, "expecting 'in' on'" << config_input_line << "'");
+ self_destruct();
+ }
+
+ if ((token = strtok(NULL, w_space)) == NULL) {
+ self_destruct();
+ }
+
+ d = static_cast<time_t> (xatoi(token));
+
+ m = static_cast<time_t> (1);
+
+ if (0 == d)
+ (void) 0;
+ else if ((token = strtok(NULL, w_space)) == NULL) {
+ debugs(3, 0, "No time-units on '" << config_input_line << "'");
+ self_destruct();
+ } else if ((m = parseTimeUnits(token)) == 0)
+ self_destruct();
+
+ cfg->oldest_service_failure = (m * d);
+}
+
+static void dump_icap_service_failure_limit(StoreEntry *entry, const char *name, const Adaptation::Icap::Config &cfg)
+{
+ storeAppendPrintf(entry, "%s %d", name, cfg.service_failure_limit);
+ if (cfg.oldest_service_failure > 0) {
+ storeAppendPrintf(entry, " in %d seconds", (int)cfg.oldest_service_failure);
+ }
+ storeAppendPrintf(entry, "\n");
+}
+
+static void free_icap_service_failure_limit(Adaptation::Icap::Config *cfg)
+{
+ cfg->oldest_service_failure = 0;
+ cfg->service_failure_limit = 0;
+}
+
+#endif
return;
}
- debugs(16, DBG_IMPORTANT, "CacheManager: " <<
+ debugs(16, 2, "CacheManager: " <<
(mgr->user_name ? mgr->user_name : "<unknown>") << "@" <<
fd_table[fd].ipaddr << " requesting '" <<
mgr->action << "'" );
#endif
static OBJH cbdataDump;
-#ifdef CBDATA_DEBUG
+#if CBDATA_DEBUG
static OBJH cbdataDumpHistory;
#endif
#if HASHED_CBDATA
hash_remove_link(cbdata_htable, &c->hash);
delete c;
- cbdata_index[theType].pool->free((void *)p);
+ cbdata_index[theType].pool->freeOne((void *)p);
#else
c->cbdata::~cbdata();
- cbdata_index[theType].pool->free(c);
+ cbdata_index[theType].pool->freeOne(c);
#endif
return NULL;
}
#if HASHED_CBDATA
hash_remove_link(cbdata_htable, &c->hash);
delete c;
- cbdata_index[theType].pool->free((void *)p);
+ cbdata_index[theType].pool->freeOne((void *)p);
#else
c->cbdata::~cbdata();
- cbdata_index[theType].pool->free(c);
+ cbdata_index[theType].pool->freeOne(c);
#endif
}
icap_access_type icap_class acl
icap_class_type icap_service
icap_service_type
+icap_service_failure_limit
ecap_service_type
int
kb_int64_t
NAME: auth_param
TYPE: authparam
-LOC: Config.authConfiguration
+LOC: Auth::TheConfig
DEFAULT: none
DOC_START
This is used to define parameters for the various authentication
translate the HTTP iso-latin-1 charset to UTF-8 before sending the
username & password to the helper.
- "children" numberofchildren [startup=N] [idle=N]
+ "children" numberofchildren [startup=N] [idle=N] [concurrency=N]
The maximum number of authenticator processes to spawn. If you start too few
Squid will have to wait for them to process a backlog of credential
verifications, slowing it down. When password verifications are
traffic needs and to keep idle=N free above those traffic needs up to
the maximum.
- auth_param basic children 20 startup=0 idle=1
-
- "concurrency" concurrency
- The number of concurrent requests the helper can process.
- The default of 0 is used for helpers who only supports
- one request at a time. Setting this changes the protocol used to
- include a channel number first on the request/response line, allowing
- multiple requests to be sent to the same helper in parallell without
- wating for the response.
+ The concurrency= option sets the number of concurrent requests the
+ helper can process. The default of 0 is used for helpers who only
+ supports one request at a time. Setting this to a number greater than
+ 0 changes the protocol used to include a channel number first on the
+ request/response line, allowing multiple requests to be sent to the
+ same helper in parallell without wating for the response.
Must not be set unless it's known the helper supports this.
- auth_param basic concurrency 0
+
+ auth_param basic children 20 startup=0 idle=1
"realm" realmstring
Specifies the realm name which is to be reported to the
translate the HTTP iso-latin-1 charset to UTF-8 before sending the
username & password to the helper.
- "children" numberofchildren [startup=N] [idle=N]
+ "children" numberofchildren [startup=N] [idle=N] [concurrency=N]
The maximum number of authenticator processes to spawn (default 5).
If you start too few Squid will have to wait for them to
process a backlog of H(A1) calculations, slowing it down.
traffic needs and to keep idle=N free above those traffic needs up to
the maximum.
+ The concurrency= option sets the number of concurrent requests the
+ helper can process. The default of 0 is used for helpers who only
+ supports one request at a time. Setting this to a number greater than
+ 0 changes the protocol used to include a channel number first on the
+ request/response line, allowing multiple requests to be sent to the
+ same helper in parallell without wating for the response.
+ Must not be set unless it's known the helper supports this.
+
auth_param digest children 20 startup=0 idle=1
"realm" realmstring
If a request reaches us from a source that is allowed by this
configuration item, then we consult the X-Forwarded-For header
to see where that host received the request from. If the
- X-Forwarded-For header contains multiple addresses, and if
- acl_uses_indirect_client is on, then we continue backtracking
- until we reach an address for which we are not allowed to
- follow the X-Forwarded-For header, or until we reach the first
- address in the list. (If acl_uses_indirect_client is off, then
- it's impossible to backtrack through more than one level of
- X-Forwarded-For addresses.)
+ X-Forwarded-For header contains multiple addresses, we continue
+ backtracking until we reach an address for which we are not allowed
+ to follow the X-Forwarded-For header, or until we reach the first
+ address in the list. For the purpose of ACL used in the
+ follow_x_forwarded_for directive the src ACL type always matches
+ the address we are testing and srcdomain matches its rDNS.
The end result of this process is an IP address that we will
refer to as the indirect client address. This address may
be treated as the client address for access control, ICAP, delay
pools and logging, depending on the acl_uses_indirect_client,
- icap_uses_indirect_client, delay_pool_uses_indirect_client and
- log_uses_indirect_client options.
+ icap_uses_indirect_client, delay_pool_uses_indirect_client,
+ log_uses_indirect_client and tproxy_uses_indirect_client options.
This clause only supports fast acl types.
See http://wiki.squid-cache.org/SquidFaq/SquidAcl for details.
direct client address in the access log.
DOC_END
+NAME: tproxy_uses_indirect_client
+COMMENT: on|off
+TYPE: onoff
+IFDEF: FOLLOW_X_FORWARDED_FOR&&LINUX_NETFILTER
+DEFAULT: off
+LOC: Config.onoff.tproxy_uses_indirect_client
+DOC_START
+ Controls whether the indirect client address
+ (see follow_x_forwarded_for) is used instead of the
+ direct client address when spoofing the outgoing client.
+
+ This has no effect on requests arriving in non-tproxy
+ mode ports.
+
+ SECURITY WARNING: Usage of this option is dangerous
+ and should not be used trivially. Correct configuration
+ of folow_x_forewarded_for with a limited set of trusted
+ sources is required to prevent abuse of your proxy.
+DOC_END
+
NAME: http_access
TYPE: acl_access
LOC: Config.accessList.http
DEFAULT: none
LOC: Config.Sockaddr.http
DOC_START
- Usage: port [options]
- hostname:port [options]
- 1.2.3.4:port [options]
+ Usage: port [mode] [options]
+ hostname:port [mode] [options]
+ 1.2.3.4:port [mode] [options]
The socket addresses where Squid will listen for HTTP client
requests. You may specify multiple socket addresses.
There are three forms: port alone, hostname with port, and
IP address with port. If you specify a hostname or IP
address, Squid binds the socket to that specific
- address. This replaces the old 'tcp_incoming_address'
- option. Most likely, you do not need to bind to a specific
+ address. Most likely, you do not need to bind to a specific
address, so you can use the port number alone.
If you are running Squid in accelerator mode, you
You may specify multiple socket addresses on multiple lines.
- Options:
+ Modes:
intercept Support for IP-Layer interception of
outgoing requests without browser settings.
accel Accelerator mode. Also needs at least one of
vhost / vport / defaultsite.
+ sslbump Intercept each CONNECT request matching ssl_bump ACL,
+ establish secure connection with the client and with
+ the server, decrypt HTTP messages as they pass through
+ Squid, and treat them as unencrypted HTTP messages,
+ becoming the man-in-the-middle.
+
+ The ssl_bump option is required to fully enable
+ the SslBump feature.
+
+ Omitting the mode flag causes default forward proxy mode to be used.
+
+
+ Accelerator Mode Options:
+
allow-direct Allow direct forwarding in accelerator mode. Normally
accelerated requests are denied direct forwarding as if
never_direct was used.
accelerators should consider the default.
Implies accel.
- vhost Accelerator mode using Host header for virtual
- domain support. Implies accel.
+ vhost Using the Host header for virtual domain support.
+ Also uses the port as specified in Host: header.
- vport Accelerator with IP based virtual host support.
- Implies accel.
+ vport IP based virtual host support. Using the http_port number
+ in passed on Host: headers.
- vport=NN As above, but uses specified port number rather
- than the http_port number. Implies accel.
+ vport=NN Uses the specified port number rather than the
+ http_port number.
protocol= Protocol to reconstruct accelerated requests with.
- Defaults to http.
+ Defaults to http://.
ignore-cc Ignore request Cache-Control headers.
Warning: This option violates HTTP specifications if
used in non-accelerator setups.
+
+ SSL Bump Mode Options:
+
+ cert= Path to SSL certificate (PEM format).
+
+ key= Path to SSL private key file (PEM format)
+ if not specified, the certificate file is
+ assumed to be a combined certificate and
+ key file.
+
+ version= The version of SSL/TLS supported
+ 1 automatic (default)
+ 2 SSLv2 only
+ 3 SSLv3 only
+ 4 TLSv1 only
+
+ cipher= Colon separated list of supported ciphers.
+
+ options= Various SSL engine options. The most important
+ being:
+ NO_SSLv2 Disallow the use of SSLv2
+ NO_SSLv3 Disallow the use of SSLv3
+ NO_TLSv1 Disallow the use of TLSv1
+ SINGLE_DH_USE Always create a new key when using
+ temporary/ephemeral DH key exchanges
+ See src/ssl_support.c or OpenSSL SSL_CTX_set_options
+ documentation for a complete list of options.
+
+ clientca= File containing the list of CAs to use when
+ requesting a client certificate.
+
+ cafile= File containing additional CA certificates to
+ use when verifying client certificates. If unset
+ clientca will be used.
+
+ capath= Directory containing additional CA certificates
+ and CRL lists to use when verifying client certificates.
+
+ crlfile= File of additional CRL lists to use when verifying
+ the client certificate, in addition to CRLs stored in
+ the capath. Implies VERIFY_CRL flag below.
+
+ dhparams= File containing DH parameters for temporary/ephemeral
+ DH key exchanges.
+
+ sslflags= Various flags modifying the use of SSL:
+ DELAYED_AUTH
+ Don't request client certificates
+ immediately, but wait until acl processing
+ requires a certificate (not yet implemented).
+ NO_DEFAULT_CA
+ Don't use the default CA lists built in
+ to OpenSSL.
+ NO_SESSION_REUSE
+ Don't allow for session reuse. Each connection
+ will result in a new SSL session.
+ VERIFY_CRL
+ Verify CRL lists when accepting client
+ certificates.
+ VERIFY_CRL_ALL
+ Verify CRL lists for all certificates in the
+ client certificate chain.
+
+ sslcontext= SSL session ID context identifier.
+
+
+ Other Options:
+
connection-auth[=on|off]
use connection-auth=off to tell Squid to prevent
forwarding Microsoft connection oriented authentication
sporadically hang or never complete requests set
disable-pmtu-discovery option to 'transparent'.
- sslBump Intercept each CONNECT request matching ssl_bump ACL,
- establish secure connection with the client and with
- the server, decrypt HTTP messages as they pass through
- Squid, and treat them as unencrypted HTTP messages,
- becoming the man-in-the-middle.
-
- When this option is enabled, additional options become
- available to specify SSL-related properties of the
- client-side connection: cert, key, version, cipher,
- options, clientca, cafile, capath, crlfile, dhparams,
- sslflags, and sslcontext. See the https_port directive
- for more information on these options.
-
- The ssl_bump option is required to fully enable
- the SslBump feature.
-
name= Specifies a internal name for the port. Defaults to
the port specification (port or addr:port)
TYPE: QosConfig
IFDEF: USE_ZPH_QOS
DEFAULT: none
-LOC: Config.zph
+LOC: Ip::Qos::TheConfig
DOC_START
Allows you to select a TOS/DSCP value to mark outgoing
connections with, based on where the reply was sourced.
TYPE: string
DOC_START
SSL engine options to use when proxying https:// URLs
+
+ The most important being:
+
+ NO_SSLv2 Disallow the use of SSLv2
+ NO_SSLv3 Disallow the use of SSLv3
+ NO_TLSv1 Disallow the use of TLSv1
+ SINGLE_DH_USE
+ Always create a new key when using
+ temporary/ephemeral DH key exchanges
+
+ These options vary depending on your SSL engine.
+ See the OpenSSL SSL_CTX_set_options documentation for a
+ complete list of possible options.
DOC_END
NAME: sslproxy_cipher
TYPE: string
DOC_START
SSL cipher list to use when proxying https:// URLs
+
+ Colon separated list of supported ciphers.
DOC_END
NAME: sslproxy_cafile
usage: neighbor_type_domain neighbor parent|sibling domain domain ...
Modifying the neighbor type for specific domains is now
- possible. You can treat some domains differently than the the
+ possible. You can treat some domains differently than the
default neighbor type specified on the 'cache_peer' line.
Normally it should only be necessary to list domains which
should be treated differently because the default neighbor type
<A Server IP address or peer name
la Local IP address (http_port)
lp Local port number (http_port)
+ <lp Local port number of the last server or peer connection
sn Unique sequence number per log line entry
ts Seconds since epoch
tu subsecond time (milliseconds)
Place: The destination host name or IP and port.
Place Format: \\host:port
+ tcp To send each log line as text data to a TCP receiver.
+ Place: The destination host name or IP and port.
+ Place Format: \\host:port
+
Default:
access_log daemon:@DEFAULT_ACCESS_LOG@ squid
DOC_END
DOC_START
Specify the path to the logfile-writing daemon. This daemon is
used to write the access and store logs, if configured.
+
+ Squid sends a number of commands to the log daemon:
+ L<data>\n - logfile data
+ R\n - rotate file
+ T\n - truncate file
+ O\n - repoen file
+ F\n - flush file
+ r<n>\n - set rotate count to <n>
+ b<n>\n - 1 = buffer output, 0 = don't buffer output
+
+ No responses is expected.
DOC_END
NAME: log_access
NAME: client_netmask
TYPE: address
LOC: Config.Addrs.client_netmask
-DEFAULT: 255.255.255.255
+DEFAULT: no_addr
DOC_START
A netmask for client addresses in logfiles and cachemgr output.
Change this to protect the privacy of your cache clients.
ignore-private
ignore-auth
refresh-ims
+ store-stale
override-expire enforces min age even if the server
sent an explicit expiry time (e.g., with the
ensures that the client will receive an updated version
if one is available.
+ store-stale stores responses even if they don't have explicit
+ freshness or a validator (i.e., Last-Modified or an ETag)
+ present, or if they're already stale. By default, Squid will
+ not cache such responses because they usually can't be
+ reused. Note that such responses will be stale by default.
+
Basically a cached object is:
FRESH if expires < now, else STALE
DOC_END
NAME: range_offset_limit
-COMMENT: (bytes)
-TYPE: b_int64_t
+COMMENT: size [acl acl...]
+TYPE: acl_b_size_t
LOC: Config.rangeOffsetLimit
-DEFAULT: 0 KB
+DEFAULT: none
DOC_START
- Sets a upper limit on how far into the the file a Range request
- may be to cause Squid to prefetch the whole file. If beyond this
- limit Squid forwards the Range request as it is and the result
- is NOT cached.
-
+ usage: (size) [units] [[!]aclname]
+
+ Sets an upper limit on how far (number of bytes) into the file
+ a Range request may be to cause Squid to prefetch the whole file.
+ If beyond this limit, Squid forwards the Range request as it is and
+ the result is NOT cached.
+
This is to stop a far ahead range request (lets say start at 17MB)
from making Squid fetch the whole object up to that point before
sending anything to the client.
-
- A value of 0 causes Squid to never fetch more than the
+
+ Multiple range_offset_limit lines may be specified, and they will
+ be searched from top to bottom on each request until a match is found.
+ The first match found will be used. If no line matches a request, the
+ default limit of 0 bytes will be used.
+
+ 'size' is the limit specified as a number of units.
+
+ 'units' specifies whether to use bytes, KB, MB, etc.
+ If no units are specified bytes are assumed.
+
+ A size of 0 causes Squid to never fetch more than the
client requested. (default)
-
- A value of -1 causes Squid to always fetch the object from the
+
+ A size of 'none' causes Squid to always fetch the object from the
beginning so it may cache the result. (2.0 style)
-
- NP: Using -1 here will override any quick_abort settings that may
- otherwise apply to the range request. The range request will
+
+ 'aclname' is the name of a defined ACL.
+
+ NP: Using 'none' as the byte value here will override any quick_abort settings
+ that may otherwise apply to the range request. The range request will
be fully fetched from start to finish regardless of the client
actions. This affects bandwidth usage.
DOC_END
or response to be rejected.
DOC_END
+NAME: ignore_expect_100
+COMMENT: on|off
+IFDEF: HTTP_VIOLATIONS
+TYPE: onoff
+LOC: Config.onoff.ignore_expect_100
+DEFAULT: off
+DOC_START
+ This option makes Squid ignore any Expect: 100-continue header present
+ in the request. RFC 2616 requires that Squid being unable to satisfy
+ the response expectation MUST return a 417 error.
+
+ Note: Enabling this is a HTTP protocol violation, but some clients may
+ not handle it well..
+DOC_END
+
COMMENT_START
TIMEOUTS
-----------------------------------------------------------------------------
NAME: httpd_accel_surrogate_id
TYPE: string
+DEFAULT: none
LOC: Config.Accel.surrogate_id
-DEFAULT: unset-id
DOC_START
Surrogates (http://www.esi.org/architecture_spec_1.0.html)
need an identification token to allow control targeting. Because
a farm of surrogates may all perform the same tasks, they may share
an identification token.
+
+ The default ID is the visible_hostname
DOC_END
NAME: http_accel_surrogate_remote
NAME: wccp_router
TYPE: address
LOC: Config.Wccp.router
-DEFAULT: 0.0.0.0
+DEFAULT: any_addr
IFDEF: USE_WCCP
DOC_START
Use this option to define your WCCP ``home'' router for
NAME: persistent_connection_after_error
TYPE: onoff
LOC: Config.onoff.error_pconns
-DEFAULT: off
+DEFAULT: on
DOC_START
With this directive the use of persistent connections after
HTTP errors can be disabled. Useful if you have clients
NAME: snmp_incoming_address
TYPE: address
LOC: Config.Addrs.snmp_incoming
-DEFAULT: 0.0.0.0
+DEFAULT: any_addr
IFDEF: SQUID_SNMP
DOC_NONE
NAME: snmp_outgoing_address
TYPE: address
LOC: Config.Addrs.snmp_outgoing
-DEFAULT: 255.255.255.255
+DEFAULT: no_addr
IFDEF: SQUID_SNMP
DOC_START
Just like 'udp_incoming_address', but for the SNMP port.
snmp_outgoing_address is used for SNMP packets returned to SNMP
agents.
- The default snmp_incoming_address (0.0.0.0) is to listen on all
+ The default snmp_incoming_address is to listen on all
available network interfaces.
- If snmp_outgoing_address is set to 255.255.255.255 (the default)
- it will use the same socket as snmp_incoming_address. Only
- change this if you want to have SNMP replies sent using another
- address than where this Squid listens for SNMP queries.
+ If snmp_outgoing_address is not set it will use the same socket
+ as snmp_incoming_address. Only change this if you want to have
+ SNMP replies sent using another address than where this Squid
+ listens for SNMP queries.
NOTE, snmp_incoming_address and snmp_outgoing_address can not have
the same value since they both use port 3401.
NAME: udp_incoming_address
TYPE: address
LOC:Config.Addrs.udp_incoming
-DEFAULT: 0.0.0.0
+DEFAULT: any_addr
DOC_START
udp_incoming_address is used for UDP packets received from other
caches.
NAME: udp_outgoing_address
TYPE: address
LOC: Config.Addrs.udp_outgoing
-DEFAULT: 255.255.255.255
+DEFAULT: no_addr
DOC_START
udp_outgoing_address is used for UDP packets sent out to other
caches.
IFDEF: MULTICAST_MISS_STREAM
TYPE: address
LOC: Config.mcast_miss.addr
-DEFAULT: 255.255.255.255
+DEFAULT: no_addr
DOC_START
If you enable this option, every "cache miss" URL will
be sent out on the specified multicast address.
DOC_END
NAME: icap_service_failure_limit
-TYPE: int
+COMMENT: limit [in memory-depth time-units]
+TYPE: icap_service_failure_limit
IFDEF: ICAP_CLIENT
-LOC: Adaptation::Icap::TheConfig.service_failure_limit
+LOC: Adaptation::Icap::TheConfig
DEFAULT: 10
DOC_START
The limit specifies the number of failures that Squid tolerates
when establishing a new TCP connection with an ICAP service. If
the number of failures exceeds the limit, the ICAP service is
not used for new ICAP requests until it is time to refresh its
- OPTIONS. The per-service failure counter is reset to zero each
- time Squid fetches new service OPTIONS.
+ OPTIONS.
A negative value disables the limit. Without the limit, an ICAP
service will not be considered down due to connectivity failures
between ICAP OPTIONS requests.
+
+ Squid forgets ICAP service failures older than the specified
+ value of memory-depth. The memory fading algorithm
+ is approximate because Squid does not remember individual
+ errors but groups them instead, splitting the option
+ value into ten time slots of equal length.
+
+ When memory-depth is 0 and by default this option has no
+ effect on service failure expiration.
+
+ Squid always forgets failures when updating service settings
+ using an ICAP OPTIONS transaction, regardless of this option
+ setting.
+
+ For example,
+ # suspend service usage after 10 failures in 5 seconds:
+ icap_service_failure_limit 10 in 5 seconds
DOC_END
NAME: icap_service_revival_delay
basis by OPTIONS requests.
DOC_END
+NAME: icap_206_enable
+TYPE: onoff
+IFDEF: ICAP_CLIENT
+COMMENT: on|off
+LOC: Adaptation::Icap::TheConfig.allow206_enable
+DEFAULT: on
+DOC_START
+ 206 (Partial Content) responses is an ICAP extension that allows the
+ ICAP agents to optionally combine adapted and original HTTP message
+ content. The decision to combine is postponed until the end of the
+ ICAP response. Squid supports Partial Content extension by default.
+
+ Activation of the Partial Content extension is negotiated with each
+ ICAP service during OPTIONS exchange. Most ICAP servers should handle
+ negotation correctly even if they do not support the extension, but
+ some might fail. To disable Partial Content support for all ICAP
+ services and to avoid any negotiation, set this option to "off".
+
+ Example:
+ icap_206_enable off
+DOC_END
+
NAME: icap_default_options_ttl
TYPE: int
IFDEF: ICAP_CLIENT
memory_pools_limit to a reasonably high value even if your
configuration will use less memory.
- If set to zero, Squid will keep all memory it can. That is, there
+ If set to none, Squid will keep all memory it can. That is, there
will be no limit on the total amount of memory used for safe-keeping.
To disable memory allocation optimization, do not set
Whether to lookup the EUI or MAC address of a connected client.
DOC_END
+NAME: max_filedescriptors max_filedesc
+TYPE: int
+DEFAULT: 0
+LOC: Config.max_filedescriptors
+DOC_START
+ The maximum number of filedescriptors supported.
+
+ The default "0" means Squid inherits the current ulimit setting.
+
+ Note: Changing this requires a restart of Squid. Also
+ not all comm loops supports large values.
+DOC_END
+
NAME: workers
TYPE: int
LOC: Config.workers
/*
- * DEBUG: none Generate squid.conf.default and cf_parser.h
+ * DEBUG: none Generate squid.conf.default and cf_parser.cci
* AUTHOR: Max Okumoto
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
* (ie it creates the squid.conf.default file from the cf.data file)
*
* The output files are as follows:
- * cf_parser.h - this file contains, default_all() which
+ * cf_parser.cci - this file contains, default_all() which
* initializes variables with the default
* values, parse_line() that parses line from
* squid.conf.default, dump_config that dumps the
//#include "squid.h"
#include "config.h"
//#include "SquidTime.h"
-#include "cf_gen_defines.h"
#include "util.h"
#if HAVE_STRING_H
#include <ctype.h>
#endif
+#include "cf_gen_defines.cci"
+
#define MAX_LINE 1024 /* longest configuration line */
-#define _PATH_PARSER "cf_parser.h"
+#define _PATH_PARSER "cf_parser.cci"
#define _PATH_SQUID_CONF "squid.conf.documented"
#define _PATH_SQUID_CONF_SHORT "squid.conf.default"
#define _PATH_CF_DEPEND "cf.data.depend"
"static void\n"
"dump_config(StoreEntry *entry)\n"
"{\n"
+ " debugs(5, 4, HERE);\n"
);
for (entry = head; entry != NULL; entry = entry->next) {
"static void\n"
"free_all(void)\n"
"{\n"
+ " debugs(5, 4, HERE);\n"
);
for (entry = head; entry != NULL; entry = entry->next) {
define["FOLLOW_X_FORWARDED_FOR"]="--enable-follow-x-forwarded-for"
define["FOLLOW_X_FORWARDED_FOR&&DELAY_POOLS"]="--enable-follow-x-forwarded-for and --enable-delay-pools"
define["FOLLOW_X_FORWARDED_FOR&&ICAP_CLIENT"]="--enable-follow-x-forwarded-for and --enable-icap-client"
+ define["FOLLOW_X_FORWARDED_FOR&&LINUX_NETFILTER"]="--enable-follow-x-forwarded-for and --enable-linux-netfilter"
define["HTTP_VIOLATIONS"]="--enable-http-violations"
define["ICAP_CLIENT"]="--enable-icap-client"
define["SQUID_SNMP"]="--enable-snmp"
/*
* $Id$
*
- * DEBUG: section 0 Client Database
+ * DEBUG: section 00 Client Database
* AUTHOR: Duane Wessels
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
#include "event.h"
#include "CacheManager.h"
#include "ClientInfo.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
#include "SquidMath.h"
#include "SquidTime.h"
#include "Store.h"
static hash_table *client_table = NULL;
-static ClientInfo *clientdbAdd(const IpAddress &addr);
+static ClientInfo *clientdbAdd(const Ip::Address &addr);
static FREE clientdbFreeItem;
static void clientdbStartGC(void);
static void clientdbScheduledGC(void *);
static ClientInfo *
-clientdbAdd(const IpAddress &addr)
+clientdbAdd(const Ip::Address &addr)
{
ClientInfo *c;
char *buf = new char[MAX_IPSTRLEN];
}
void
-clientdbUpdate(const IpAddress &addr, log_type ltype, protocol_t p, size_t size)
+clientdbUpdate(const Ip::Address &addr, log_type ltype, protocol_t p, size_t size)
{
char key[MAX_IPSTRLEN];
ClientInfo *c;
* -1. To get the current value, simply call with delta = 0.
*/
int
-clientdbEstablished(const IpAddress &addr, int delta)
+clientdbEstablished(const Ip::Address &addr, int delta)
{
char key[MAX_IPSTRLEN];
ClientInfo *c;
#define CUTOFF_SECONDS 3600
int
-clientdbCutoffDenied(const IpAddress &addr)
+clientdbCutoffDenied(const Ip::Address &addr)
{
char key[MAX_IPSTRLEN];
int NR;
#if SQUID_SNMP
-IpAddress *
-client_entry(IpAddress *current)
+Ip::Address *
+client_entry(Ip::Address *current)
{
ClientInfo *c = NULL;
char key[MAX_IPSTRLEN];
{
char key[MAX_IPSTRLEN];
ClientInfo *c = NULL;
- IpAddress keyIp;
+ Ip::Address keyIp;
*ErrP = SNMP_ERR_NOERROR;
MemBuf tmp;
#include "clientStream.h"
#include "comm.h"
#include "comm/ListenStateData.h"
+#include "base/TextException.h"
#include "ConnectionDetail.h"
#include "eui/Config.h"
#include "fde.h"
#include "HttpRequest.h"
#include "ident/Config.h"
#include "ident/Ident.h"
-#include "ip/IpIntercept.h"
+#include "ip/Intercept.h"
#include "ipc/StartListening.h"
#include "MemBuf.h"
#include "MemObject.h"
static int connKeepReadingIncompleteRequest(ConnStateData * conn);
static void connCancelIncompleteRequests(ConnStateData * conn);
-static ConnStateData *connStateCreate(const IpAddress &peer, const IpAddress &me, int fd, http_port_list *port);
+static ConnStateData *connStateCreate(const Ip::Address &peer, const Ip::Address &me, int fd, http_port_list *port);
int
aLogEntry->cache.requestSize += request->content_length;
aLogEntry->cache.extuser = request->extacl_user.termedBuf();
- if (request->auth_user_request) {
+ if (request->auth_user_request != NULL) {
if (request->auth_user_request->username())
- aLogEntry->cache.authuser =
- xstrdup(request->auth_user_request->username());
+ aLogEntry->cache.authuser = xstrdup(request->auth_user_request->username());
- AUTHUSERREQUESTUNLOCK(request->auth_user_request, "request via clientPrepareLogWithRequestDetails");
+// WTF?? request->auth_user_request = NULL;
}
}
if (!flags.swanSang)
debugs(33, 1, "BUG: ConnStateData was not destroyed properly; FD " << fd);
- AUTHUSERREQUESTUNLOCK(auth_user_request, "~conn");
-
cbdataReferenceDone(port);
if (bodyPipe != NULL)
debugs(33, 3, "clientSetKeepaliveFlag: method = " <<
RequestMethodStr(request->method));
- HttpVersion http_ver(1,0);
- /* we are HTTP/1.0, no matter what the client requests... */
+ /* We are HTTP/1.1 facing clients now*/
+ HttpVersion http_ver(1,1);
if (httpMsgIsPersistent(http_ver, req_hdr))
request->flags.proxy_keepalive = 1;
assert(request->range);
/* check if we still want to do ranges */
+ int64_t roffLimit = request->getRangeOffsetLimit();
+
if (!rep)
range_err = "no [parse-able] reply";
else if ((rep->sline.status != HTTP_OK) && (rep->sline.status != HTTP_PARTIAL_CONTENT))
range_err = "canonization failed";
else if (http->request->range->isComplex())
range_err = "too complex range header";
- else if (!logTypeIsATcpHit(http->logType) && http->request->range->offsetLimitExceeded())
+ else if (!logTypeIsATcpHit(http->logType) && http->request->range->offsetLimitExceeded(roffLimit))
range_err = "range outside range_offset_limit";
/* get rid of our range specs on error */
* If transparent or interception mode is working clone the transparent and interception flags
* from the port settings to the request.
*/
- if (IpInterceptor.InterceptActive()) {
+ if (Ip::Interceptor.InterceptActive()) {
request->flags.intercepted = http->flags.intercepted;
}
- if (IpInterceptor.TransparentActive()) {
+ if (Ip::Interceptor.TransparentActive()) {
request->flags.spoof_client_ip = conn->port->spoof_client_ip;
}
goto finish;
}
+ if (request->header.has(HDR_EXPECT)) {
+ int ignore = 0;
+#if HTTP_VIOLATIONS
+ if (Config.onoff.ignore_expect_100) {
+ String expect = request->header.getList(HDR_EXPECT);
+ if (expect.caseCmp("100-continue") == 0)
+ ignore = 1;
+ expect.clean();
+ }
+#endif
+ if (!ignore) {
+ clientStreamNode *node = context->getClientReplyContext();
+ clientReplyContext *repContext = dynamic_cast<clientReplyContext *>(node->data.getRaw());
+ assert (repContext);
+ repContext->setReplyToError(ERR_INVALID_REQ, HTTP_EXPECTATION_FAILED, request->method, http->uri, conn->peer, request, NULL, NULL);
+ assert(context->http->out.offset == 0);
+ context->pullData();
+ goto finish;
+ }
+ }
+
http->request = HTTPMSGLOCK(request);
clientSetKeepaliveFlag(http);
}
ConnStateData *
-connStateCreate(const IpAddress &peer, const IpAddress &me, int fd, http_port_list *port)
+connStateCreate(const Ip::Address &peer, const Ip::Address &me, int fd, http_port_list *port)
{
ConnStateData *result = new ConnStateData;
result->port = cbdataReference(port);
if (port->intercepted || port->spoof_client_ip) {
- IpAddress client, dst;
+ Ip::Address client, dst;
- if (IpInterceptor.NatLookup(fd, me, peer, client, dst) == 0) {
+ if (Ip::Interceptor.NatLookup(fd, me, peer, client, dst) == 0) {
result->me = client;
result->peer = dst;
result->transparent(true);
#ifndef SQUID_CLIENTSIDE_H
#define SQUID_CLIENTSIDE_H
+#include "auth/UserRequest.h"
#include "base/AsyncJob.h"
#include "BodyPipe.h"
#include "comm.h"
#include "StoreIOBuffer.h"
class ConnStateData;
-
class ClientHttpRequest;
-
class clientStreamNode;
-
-class AuthUserRequest;
-
class ChunkedCodingParser;
class HttpParser;
int64_t bodySizeLeft();
/**
- * Is this connection based authentication? if so what type it
- * is.
- */
- auth_type_t auth_type;
-
- /**
- * note this is ONLY connection based because NTLM is against HTTP spec.
+ * note this is ONLY connection based because NTLM and Negotiate is against HTTP spec.
* the user details for connection based authentication
*/
- AuthUserRequest *auth_user_request;
+ AuthUserRequest::Pointer auth_user_request;
/**
* used by the owner of the connection, opaque otherwise
*/
ClientSocketContext::Pointer currentobject;
- IpAddress peer;
+ Ip::Address peer;
- IpAddress me;
+ Ip::Address me;
- IpAddress log_addr;
+ Ip::Address log_addr;
char rfc931[USER_IDENT_SZ];
int nrequests;
/* old includes without reasons given. */
#include "squid.h"
+#include "acl/FilledChecklist.h"
+#include "acl/Gadgets.h"
+#include "auth/UserRequest.h"
+#include "client_side.h"
#include "client_side_reply.h"
-#include "errorpage.h"
-#include "StoreClient.h"
-#include "Store.h"
-#include "HttpReply.h"
-#include "HttpRequest.h"
-#include "forward.h"
#include "clientStream.h"
-#include "auth/UserRequest.h"
+#if DELAY_POOLS
+#include "DelayPools.h"
+#endif
+#include "errorpage.h"
#if USE_SQUID_ESI
#include "esi/Esi.h"
#endif
-#include "MemObject.h"
#include "fde.h"
-#include "acl/FilledChecklist.h"
-#include "acl/Gadgets.h"
-#if DELAY_POOLS
-#include "DelayPools.h"
-#endif
-#include "client_side.h"
+#include "forward.h"
+#include "HttpReply.h"
+#include "HttpRequest.h"
+#include "ip/QosConfig.h"
+#include "MemObject.h"
#include "SquidTime.h"
+#include "StoreClient.h"
+#include "Store.h"
CBDATA_CLASS_INIT(clientReplyContext);
/* Local functions */
extern "C" CSS clientReplyStatus;
-extern ErrorState *clientBuildError(err_type, http_status, char const *, IpAddress &, HttpRequest *);
+extern ErrorState *clientBuildError(err_type, http_status, char const *, Ip::Address &, HttpRequest *);
/* privates */
void
clientReplyContext::setReplyToError(
err_type err, http_status status, const HttpRequestMethod& method, char const *uri,
- IpAddress &addr, HttpRequest * failedrequest, const char *unparsedrequest,
- AuthUserRequest * auth_user_request)
+ Ip::Address &addr, HttpRequest * failedrequest, const char *unparsedrequest,
+ AuthUserRequest::Pointer auth_user_request)
{
- ErrorState *errstate =
- clientBuildError(err, status, uri, addr, failedrequest);
+ ErrorState *errstate = clientBuildError(err, status, uri, addr, failedrequest);
if (unparsedrequest)
errstate->request_hdrs = xstrdup(unparsedrequest);
createStoreEntry(method, request_flags());
- if (auth_user_request) {
- errstate->auth_user_request = auth_user_request;
- AUTHUSERREQUESTLOCK(errstate->auth_user_request, "errstate");
- }
+ errstate->auth_user_request = auth_user_request;
assert(errstate->callback_data == NULL);
errorAppendEntry(http->storeEntry(), errstate);
* responses
*/
authenticateFixHeader(reply, request->auth_user_request, request, 0, 1);
- } else if (request->auth_user_request)
- authenticateFixHeader(reply, request->auth_user_request, request,
- http->flags.accel, 0);
+ } else if (request->auth_user_request != NULL)
+ authenticateFixHeader(reply, request->auth_user_request, request, http->flags.accel, 0);
/* Append X-Cache */
httpHeaderPutStrf(hdr, HDR_X_CACHE, "%s from %s",
reply = HTTPMSGLOCK(rep);
if (reply->sline.protocol == PROTO_HTTP) {
- /* enforce 1.0 reply version (but only on real HTTP traffic) */
- reply->sline.version = HttpVersion(1,0);
+ /* RFC 2616 requires us to advertise our 1.1 version (but only on real HTTP traffic) */
+ reply->sline.version = HttpVersion(1,1);
}
/* do header conversions */
assert(http->out.size == 0);
assert(http->out.offset == 0);
#if USE_ZPH_QOS
- if (Config.zph.tos_local_hit) {
- debugs(33, 2, "ZPH Local hit, TOS=" << Config.zph.tos_local_hit);
- comm_set_tos(http->getConn()->fd, Config.zph.tos_local_hit);
+ if (Ip::Qos::TheConfig.tos_local_hit) {
+ debugs(33, 2, "ZPH Local hit, TOS=" << Ip::Qos::TheConfig.tos_local_hit);
+ comm_set_tos(http->getConn()->fd, Ip::Qos::TheConfig.tos_local_hit);
}
#endif /* USE_ZPH_QOS */
localTempBuffer.offset = reqofs;
void
clientReplyContext::sendBodyTooLargeError()
{
- IpAddress tmp_noaddr;
+ Ip::Address tmp_noaddr;
tmp_noaddr.SetNoAddr(); // TODO: make a global const
http->logType = LOG_TCP_DENIED_REPLY;
ErrorState *err = clientBuildError(ERR_TOO_BIG, HTTP_FORBIDDEN, NULL,
if (page_id == ERR_NONE)
page_id = ERR_ACCESS_DENIED;
- IpAddress tmp_noaddr;
+ Ip::Address tmp_noaddr;
tmp_noaddr.SetNoAddr();
err = clientBuildError(page_id, HTTP_FORBIDDEN, NULL,
http->getConn() != NULL ? http->getConn()->peer : tmp_noaddr,
if (reqofs==0 && !logTypeIsATcpHit(http->logType)) {
assert(fd >= 0); // the beginning of this method implies fd may be -1
int tos = 0;
- if (Config.zph.tos_sibling_hit && http->request->hier.code==SIBLING_HIT ) {
- tos = Config.zph.tos_sibling_hit;
+ if (Ip::Qos::TheConfig.tos_sibling_hit && http->request->hier.code==SIBLING_HIT ) {
+ tos = Ip::Qos::TheConfig.tos_sibling_hit;
debugs(33, 2, "ZPH: Sibling Peer hit with hier.code=" << http->request->hier.code << ", TOS=" << tos);
- } else if (Config.zph.tos_parent_hit && http->request->hier.code==PARENT_HIT) {
- tos = Config.zph.tos_parent_hit;
+ } else if (Ip::Qos::TheConfig.tos_parent_hit && http->request->hier.code==PARENT_HIT) {
+ tos = Ip::Qos::TheConfig.tos_parent_hit;
debugs(33, 2, "ZPH: Parent Peer hit with hier.code=" << http->request->hier.code << ", TOS=" << tos);
- } else if (Config.zph.preserve_miss_tos && Config.zph.preserve_miss_tos_mask) {
- tos = fd_table[fd].upstreamTOS & Config.zph.preserve_miss_tos_mask;
+ } else if (Ip::Qos::TheConfig.preserve_miss_tos && Ip::Qos::TheConfig.preserve_miss_tos_mask) {
+ tos = fd_table[fd].upstreamTOS & Ip::Qos::TheConfig.preserve_miss_tos_mask;
debugs(33, 2, "ZPH: Preserving TOS on miss, TOS="<<tos);
}
comm_set_tos(fd,tos);
ErrorState *
clientBuildError(err_type page_id, http_status status, char const *url,
- IpAddress &src_addr, HttpRequest * request)
+ Ip::Address &src_addr, HttpRequest * request)
{
ErrorState *err = errorCon(page_id, status, request);
err->src_addr = src_addr;
#include "client_side_request.h"
class ErrorState;
-class IpAddress;
+#include "ip/forward.h"
/* XXX make static method */
int storeOKTransferDone() const;
int storeNotOKTransferDone() const;
- void setReplyToError(err_type, http_status, const HttpRequestMethod&, char const *, IpAddress &, HttpRequest *, const char *, AuthUserRequest *);
+ void setReplyToError(err_type, http_status, const HttpRequestMethod&, char const *, Ip::Address &, HttpRequest *, const char *, AuthUserRequest::Pointer);
void createStoreEntry(const HttpRequestMethod& m, request_flags flags);
void removeStoreReference(store_client ** scp, StoreEntry ** ep);
void removeClientStoreReference(store_client **scp, ClientHttpRequest *http);
*/
#include "squid.h"
-#include "clientStream.h"
-#include "client_side_request.h"
-#include "auth/UserRequest.h"
-#include "HttpRequest.h"
-#include "ProtoPort.h"
#include "acl/FilledChecklist.h"
#include "acl/Gadgets.h"
-#include "client_side.h"
-#include "client_side_reply.h"
-#include "Store.h"
-#include "HttpReply.h"
-#include "MemObject.h"
-#include "ClientRequestContext.h"
-#include "SquidTime.h"
-#include "wordlist.h"
-#include "inet_pton.h"
-#include "fde.h"
-
#if USE_ADAPTATION
#include "adaptation/AccessCheck.h"
#include "adaptation/Iterator.h"
#if ICAP_CLIENT
#include "adaptation/icap/History.h"
#endif
-//static void adaptationAclCheckDoneWrapper(Adaptation::ServicePointer service, void *data);
#endif
-
+#include "auth/UserRequest.h"
+#include "clientStream.h"
+#include "client_side.h"
+#include "client_side_reply.h"
+#include "client_side_request.h"
+#include "ClientRequestContext.h"
+#include "compat/inet_pton.h"
+#include "fde.h"
+#include "HttpReply.h"
+#include "HttpRequest.h"
+#include "MemObject.h"
+#include "ProtoPort.h"
+#include "Store.h"
+#include "SquidTime.h"
+#include "wordlist.h"
#if LINGERING_CLOSE
request->my_addr.SetPort(0);
- /* RFC 2616 says 'upgrade' to our 1.0 regardless of what the client is */
- HttpVersion http_ver(1,0);
+ /* Our version is HTTP/1.1 */
+ HttpVersion http_ver(1,1);
request->http_ver = http_ver;
http->request = HTTPMSGLOCK(request);
const char *p;
const char *asciiaddr;
int l;
- IpAddress addr;
+ Ip::Address addr;
p = request->x_forwarded_for_iterator.termedBuf();
l = request->x_forwarded_for_iterator.size();
clientStreamNode *node = (clientStreamNode *)http->client_stream.tail->prev->data;
clientReplyContext *repContext = dynamic_cast<clientReplyContext *>(node->data.getRaw());
assert (repContext);
- IpAddress tmpnoaddr;
+ Ip::Address tmpnoaddr;
tmpnoaddr.SetNoAddr();
repContext->setReplyToError(page_id, status,
http->request->method, NULL,
http->getConn() != NULL ? http->getConn()->peer : tmpnoaddr,
http->request,
NULL,
- http->getConn() != NULL && http->getConn()->auth_user_request ?
+ http->getConn() != NULL && http->getConn()->auth_user_request != NULL ?
http->getConn()->auth_user_request : http->request->auth_user_request);
node = (clientStreamNode *)http->client_stream.tail->data;
request->flags.loopdetect = 1;
}
-#if FORW_VIA_DB
+#if USE_FORW_VIA_DB
fvdbCountVia(s.termedBuf());
#endif
logReferer(fqdnFromAddr(http->getConn()->log_addr), str, http->log_uri);
#endif
-#if FORW_VIA_DB
+#if USE_FORW_VIA_DB
if (req_hdr->has(HDR_X_FORWARDED_FOR)) {
String s = req_hdr->getList(HDR_X_FORWARDED_FOR);
new_request->my_addr = old_request->my_addr;
new_request->flags = old_request->flags;
new_request->flags.redirected = 1;
-
- if (old_request->auth_user_request) {
- new_request->auth_user_request = old_request->auth_user_request;
- AUTHUSERREQUESTLOCK(new_request->auth_user_request, "new request");
- }
+ new_request->auth_user_request = old_request->auth_user_request;
if (old_request->body_pipe != NULL) {
new_request->body_pipe = old_request->body_pipe;
#endif
}
-#ifndef _USE_INLINE_
+#if !_USE_INLINE_
#include "client_side_request.cci"
#endif
// The original author of the code also wanted to pass an errno to
// setReplyToError, but it seems unlikely that the errno reflects the
// true cause of the error at this point, so I did not pass it.
- IpAddress noAddr;
+ Ip::Address noAddr;
noAddr.SetNoAddr();
ConnStateData * c = getConn();
repContext->setReplyToError(ERR_ICAP_FAILURE, HTTP_INTERNAL_SERVER_ERROR,
request->method, NULL,
(c != NULL ? c->peer : noAddr), request, NULL,
- (c != NULL && c->auth_user_request ?
+ (c != NULL && c->auth_user_request != NULL ?
c->auth_user_request : request->auth_user_request));
node = (clientStreamNode *)client_stream.tail->data;
SQUIDCEXTERN void tunnelStart(ClientHttpRequest *, int64_t *, int *);
-#ifdef _USE_INLINE_
+#if _USE_INLINE_
#include "Store.h"
#include "client_side_request.cci"
#endif
/*
- * DEBUG: section 5 Socket Functions
+ * DEBUG: section 05 Socket Functions
* AUTHOR: Harvest Derived
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
#include "CommCalls.h"
#include "DescriptorSet.h"
#include "icmp/net_db.h"
-#include "ip/IpAddress.h"
-#include "ip/IpIntercept.h"
+#include "ip/Address.h"
+#include "ip/Intercept.h"
#if defined(_SQUID_CYGWIN_)
#include <sys/ioctl.h>
static void commStopHalfClosedMonitor(int fd);
static IOCB commHalfClosedReader;
-static void comm_init_opened(int new_socket, IpAddress &addr, unsigned char TOS, const char *note, struct addrinfo *AI);
-static int comm_apply_flags(int new_socket, IpAddress &addr, int flags, struct addrinfo *AI);
+static void comm_init_opened(int new_socket, Ip::Address &addr, unsigned char TOS, const char *note, struct addrinfo *AI);
+static int comm_apply_flags(int new_socket, Ip::Address &addr, int flags, struct addrinfo *AI);
struct comm_io_callback_t {
// defaults given by client
char *host;
u_short default_port;
- IpAddress default_addr;
+ Ip::Address default_addr;
// NP: CANNOT store the default addr:port together as it gets set/reset differently.
DnsLookupDetails dns; ///< host lookup details
- IpAddress S;
+ Ip::Address S;
AsyncCall::Pointer callback;
int fd;
* synchronous wrapper around udp socket functions
*/
int
-comm_udp_recvfrom(int fd, void *buf, size_t len, int flags, IpAddress &from)
+comm_udp_recvfrom(int fd, void *buf, size_t len, int flags, Ip::Address &from)
{
statCounter.syscalls.sock.recvfroms++;
int x = 0;
int
comm_udp_recv(int fd, void *buf, size_t len, int flags)
{
- IpAddress nul;
+ Ip::Address nul;
return comm_udp_recvfrom(fd, buf, len, flags, nul);
}
u_short
comm_local_port(int fd)
{
- IpAddress temp;
+ Ip::Address temp;
struct addrinfo *addr = NULL;
fde *F = &fd_table[fd];
int
comm_open(int sock_type,
int proto,
- IpAddress &addr,
+ Ip::Address &addr,
int flags,
const char *note)
{
int
comm_open_listener(int sock_type,
int proto,
- IpAddress &addr,
+ Ip::Address &addr,
int flags,
const char *note)
{
/* attempt native enabled port. */
sock = comm_openex(sock_type, proto, addr, flags, 0, note);
-#if USE_IPV6
- /* under IPv6 there is the possibility IPv6 is present but disabled. */
- /* try again as IPv4-native */
- if ( sock < 0 && addr.IsIPv6() && addr.SetIPv4() ) {
- /* attempt to open this IPv4-only. */
- sock = comm_openex(sock_type, proto, addr, flags, 0, note);
- debugs(50, 2, HERE << "attempt open " << note << " socket on: " << addr);
- }
-#endif
-
return sock;
}
int
comm_openex(int sock_type,
int proto,
- IpAddress &addr,
+ Ip::Address &addr,
int flags,
unsigned char TOS,
const char *note)
debugs(50, 3, "comm_openex: Attempt open socket for: " << addr );
- if ((new_socket = socket(AI->ai_family, AI->ai_socktype, AI->ai_protocol)) < 0) {
+ new_socket = socket(AI->ai_family, AI->ai_socktype, AI->ai_protocol);
+#if USE_IPV6
+ /* under IPv6 there is the possibility IPv6 is present but disabled. */
+ /* try again as IPv4-native if possible */
+ if ( new_socket < 0 && addr.IsIPv6() && addr.SetIPv4() ) {
+ /* attempt to open this IPv4-only. */
+ addr.FreeAddrInfo(AI);
+ /* Setup the socket addrinfo details for use */
+ addr.GetAddrInfo(AI);
+ AI->ai_socktype = sock_type;
+ AI->ai_protocol = proto;
+ debugs(50, 3, "comm_openex: Attempt fallback open socket for: " << addr );
+ new_socket = socket(AI->ai_family, AI->ai_socktype, AI->ai_protocol);
+ debugs(50, 2, HERE << "attempt open " << note << " socket on: " << addr);
+ }
+#endif
+
+ if (new_socket < 0) {
/* Increase the number of reserved fd's if calls to socket()
* are failing because the open file table is full. This
* limits the number of simultaneous clients */
/// update FD tables after a local or remote (IPC) comm_openex();
void
comm_init_opened(int new_socket,
- IpAddress &addr,
+ Ip::Address &addr,
unsigned char TOS,
const char *note,
struct addrinfo *AI)
/// returns new_socket or -1 on error
static int
comm_apply_flags(int new_socket,
- IpAddress &addr,
+ Ip::Address &addr,
int flags,
struct addrinfo *AI)
{
void
comm_import_opened(int fd,
- IpAddress &addr,
+ Ip::Address &addr,
int flags,
const char *note,
struct addrinfo *AI)
int
ConnectStateData::commResetFD()
{
- struct addrinfo *AI = NULL;
- IpAddress nul;
- int new_family = AF_UNSPEC;
// XXX: do we have to check this?
//
statCounter.syscalls.sock.sockets++;
- /* setup a bare-bones addrinfo */
- /* TODO INET6: for WinXP we may need to check the local_addr type and setup the family properly. */
- nul.GetAddrInfo(AI);
- new_family = AI->ai_family;
+ fde *F = &fd_table[fd];
- int fd2 = socket(AI->ai_family, AI->ai_socktype, AI->ai_protocol);
+ struct addrinfo *AI = NULL;
+ F->local_addr.GetAddrInfo(AI);
+ int new_family = AI->ai_family;
- nul.FreeAddrInfo(AI);
+ int fd2 = socket(new_family, AI->ai_socktype, AI->ai_protocol);
if (fd2 < 0) {
debugs(5, DBG_CRITICAL, HERE << "WARNING: FD " << fd2 << " socket failed to allocate: " << xstrerror());
if (ENFILE == errno || EMFILE == errno)
fdAdjustReserved();
+ F->local_addr.FreeAddrInfo(AI);
return 0;
}
close(fd2);
+ F->local_addr.FreeAddrInfo(AI);
return 0;
}
commResetSelect(fd);
close(fd2);
- fde *F = &fd_table[fd];
debugs(50, 3, "commResetFD: Reset socket FD " << fd << "->" << fd2 << " : family=" << new_family );
/* INET6: copy the new sockets family type to the FDE table */
- fd_table[fd].sock_family = new_family;
+ F->sock_family = new_family;
+
+ F->flags.called_connect = 0;
- fd_table[fd].flags.called_connect = 0;
/*
* yuck, this has assumptions about comm_open() arguments for
* the original socket
comm_set_transparent(fd);
}
- AI = NULL;
- F->local_addr.GetAddrInfo(AI);
-
if (commBind(fd, *AI) != COMM_OK) {
debugs(5, DBG_CRITICAL, "WARNING: Reset of FD " << fd << " for " << F->local_addr << " failed to bind: " << xstrerror());
F->local_addr.FreeAddrInfo(AI);
if (squid_curtime - connstart > Config.Timeout.connect)
return 0;
} else {
- if (tries > addrcount)
+ if (tries > addrcount) {
+ /* Flush bad address count in case we are
+ * skipping over incompatible protocol
+ */
+ ipcacheMarkAllGood(host);
return 0;
+ }
}
return commResetFD();
void
ConnectStateData::connect()
{
- if (S.IsAnyAddr())
- defaults();
+ defaults();
debugs(5,5, HERE << "to " << S);
callCallback(COMM_OK, 0);
break;
-#if USE_IPV6
case COMM_ERR_PROTOCOL:
+ debugs(5, 5, HERE "FD " << fd << ": COMM_ERR_PROTOCOL - try again");
/* problem using the desired protocol over this socket.
- * count the connection attempt, reset the socket, and immediately try again */
+ * skip to the next address and hope it's more compatible
+ * but do not mark the current address as bad
+ */
tries++;
- commResetFD();
- connect();
+ if (commRetryConnect()) {
+ /* Force an addr cycle to move forward to the next possible address */
+ ipcacheCycleAddr(host, NULL);
+ eventAdd("commReconnect", commReconnect, this, this->addrcount == 1 ? 0.05 : 0.0, 0);
+ } else {
+ debugs(5, 5, HERE << "FD " << fd << ": COMM_ERR_PROTOCOL - ERR tried too many times already.");
+ callCallback(COMM_ERR_CONNECT, errno);
+ }
break;
-#endif
default:
debugs(5, 5, HERE "FD " << fd << ": * - try again");
}
int
-comm_connect_addr(int sock, const IpAddress &address)
+comm_connect_addr(int sock, const Ip::Address &address)
{
comm_err_t status = COMM_OK;
fde *F = &fd_table[sock];
assert(address.GetPort() != 0);
- debugs(5, 9, "comm_connect_addr: connecting socket " << sock << " to " << address << " (want family: " << F->sock_family << ")");
+ debugs(5, 9, HERE << "connecting socket FD " << sock << " to " << address << " (want family: " << F->sock_family << ")");
- /* BUG 2222 FIX: reset the FD when its found to be IPv4 in IPv6 mode */
- /* inverse case of IPv4 failing to connect on IPv6 socket is handeld post-connect.
+#if USE_IPV6
+ /* Handle IPv6 over IPv4-only socket case.
* this case must presently be handled here since the GetAddrInfo asserts on bad mappings.
- * eventually we want it to throw a Must() that gets handled there instead of this if.
- * NP: because commresetFD is private to ConnStateData we have to return an error and
+ * NP: because commResetFD is private to ConnStateData we have to return an error and
* trust its handled properly.
*/
-#if USE_IPV6
if (F->sock_family == AF_INET && !address.IsIPv4()) {
+ errno = ENETUNREACH;
return COMM_ERR_PROTOCOL;
}
-#endif
+
+ /* Handle IPv4 over IPv6-only socket case.
+ * This case is presently handled here as it's both a known case and it's
+ * uncertain what error will be returned by the IPv6 stack in such case. It's
+ * possible this will also be handled by the errno checks below after connect()
+ * but needs carefull cross-platform verification, and verifying the address
+ * condition here is simple.
+ */
+ if (!F->local_addr.IsIPv4() && address.IsIPv4()) {
+ errno = ENETUNREACH;
+ return COMM_ERR_PROTOCOL;
+ }
+#endif /* USE_IPV6 */
address.GetAddrInfo(AI, F->sock_family);
status = COMM_OK;
else if (ignoreErrno(errno))
status = COMM_INPROGRESS;
+ else if (errno == EAFNOSUPPORT || errno == EINVAL)
+ return COMM_ERR_PROTOCOL;
else
-#if USE_IPV6
- if ( F->sock_family == AF_INET6 && address.IsIPv4() ) {
-
- /* failover to trying IPv4-only link if an IPv6 one fails */
- /* to catch the edge case of apps listening on IPv4-localhost */
- F->sock_family = AF_INET;
- int res = comm_connect_addr(sock, address);
-
- /* if that fails too, undo our temporary socktype hack so the repeat works properly. */
- if (res == COMM_ERROR)
- F->sock_family = AF_INET6;
-
- return res;
- } else
-#endif
- return COMM_ERROR;
+ return COMM_ERROR;
address.NtoA(F->ipaddr, MAX_IPSTRLEN);
L.l_linger = 0;
if (setsockopt(fd, SOL_SOCKET, SO_LINGER, (char *) &L, sizeof(L)) < 0)
- debugs(50, 0, "commResetTCPClose: FD " << fd << ": " << xstrerror());
+ debugs(50, DBG_CRITICAL, "ERROR: Closing FD " << fd << " with TCP RST: " << xstrerror());
comm_close(fd);
}
/* Send a udp datagram to specified TO_ADDR. */
int
comm_udp_sendto(int fd,
- const IpAddress &to_addr,
+ const Ip::Address &to_addr,
const void *buf,
int len)
{
debugs(5, 5, "commCloseAllSockets: FD " << fd << ": Calling timeout handler");
ScheduleCallHere(callback);
} else {
- debugs(5, 5, "commCloseAllSockets: FD " << fd << ": calling comm_close()");
- comm_close(fd);
+ debugs(5, 5, "commCloseAllSockets: FD " << fd << ": calling comm_reset_close()");
+ comm_reset_close(fd);
}
}
}
struct sockaddr_un* addr,
int flags)
{
- // TODO: merge with comm_openex() when IpAddress becomes NetAddress
+ // TODO: merge with comm_openex() when Ip::Address becomes NetAddress
int new_socket;
#include "base/AsyncCall.h"
#include "StoreIOBuffer.h"
#include "Array.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
#define COMMIO_FD_READCB(fd) (&commfd_table[(fd)].readcb)
#define COMMIO_FD_WRITECB(fd) (&commfd_table[(fd)].writecb)
COMM_ERR_CONNECT = -8,
COMM_ERR_DNS = -9,
COMM_ERR_CLOSING = -10,
-#if USE_IPV6
COMM_ERR_PROTOCOL = -11, /* IPv4 or IPv6 cannot be used on the fd socket */
-#endif
COMM_ERR__END__ = -999999 /* Dummy entry to make syntax valid (comma on line above), do not use. New entries added above */
} comm_err_t;
SQUIDCEXTERN void commConnectStart(int fd, const char *, u_short, CNCB *, void *);
void commConnectStart(int fd, const char *, u_short, AsyncCall::Pointer &cb);
-SQUIDCEXTERN int comm_connect_addr(int sock, const IpAddress &addr);
+SQUIDCEXTERN int comm_connect_addr(int sock, const Ip::Address &addr);
SQUIDCEXTERN void comm_init(void);
SQUIDCEXTERN void comm_exit(void);
-SQUIDCEXTERN int comm_open(int, int, IpAddress &, int, const char *note);
+SQUIDCEXTERN int comm_open(int, int, Ip::Address &, int, const char *note);
SQUIDCEXTERN int comm_open_uds(int sock_type, int proto, struct sockaddr_un* addr, int flags);
/// update Comm state after getting a comm_open() FD from another process
-SQUIDCEXTERN void comm_import_opened(int fd, IpAddress &addr, int flags, const char *note, struct addrinfo *AI);
+SQUIDCEXTERN void comm_import_opened(int fd, Ip::Address &addr, int flags, const char *note, struct addrinfo *AI);
/**
* Open a port specially bound for listening or sending through a specific port.
* (in debugs or cachemgr) will occur in Native IPv4 format.
* A reconfigure is needed to reset the stored IP in most cases and attempt a port re-open.
*/
-SQUIDCEXTERN int comm_open_listener(int sock_type, int proto, IpAddress &addr, int flags, const char *note);
+SQUIDCEXTERN int comm_open_listener(int sock_type, int proto, Ip::Address &addr, int flags, const char *note);
-SQUIDCEXTERN int comm_openex(int, int, IpAddress &, int, unsigned char TOS, const char *);
+SQUIDCEXTERN int comm_openex(int, int, Ip::Address &, int, unsigned char TOS, const char *);
SQUIDCEXTERN u_short comm_local_port(int fd);
SQUIDCEXTERN int comm_set_tos(int fd, int tos);
SQUIDCEXTERN void commSetSelect(int, unsigned int, PF *, void *, time_t);
SQUIDCEXTERN void commResetSelect(int);
-SQUIDCEXTERN int comm_udp_sendto(int sock, const IpAddress &to, const void *buf, int buflen);
+SQUIDCEXTERN int comm_udp_sendto(int sock, const Ip::Address &to, const void *buf, int buflen);
extern void comm_write(int fd, const char *buf, int len, IOCB *callback, void *callback_data, FREE *func);
extern void comm_write(int fd, const char *buf, int size, AsyncCall::Pointer &callback, FREE * free_func = NULL);
SQUIDCEXTERN void comm_write_mbuf(int fd, MemBuf *mb, IOCB * handler, void *handler_data);
extern void comm_read(int fd, char *buf, int len, AsyncCall::Pointer &callback);
extern void comm_read_cancel(int fd, IOCB *callback, void *data);
extern void comm_read_cancel(int fd, AsyncCall::Pointer &callback);
-extern int comm_udp_recvfrom(int fd, void *buf, size_t len, int flags, IpAddress &from);
+extern int comm_udp_recvfrom(int fd, void *buf, size_t len, int flags, Ip::Address &from);
extern int comm_udp_recv(int fd, void *buf, size_t len, int flags);
extern ssize_t comm_udp_send(int s, const void *buf, size_t len, int flags);
extern bool comm_has_incomplete_write(int);
/*
- * DEBUG: section 5 Listener Socket Handler
+ * DEBUG: section 05 Listener Socket Handler
* AUTHOR: Harvest Derived
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
return false;
}
-bool
+void
Comm::ListenStateData::acceptOne()
{
/*
if (newfd == COMM_NOMESSAGE) {
/* register interest again */
- debugs(5, 5, HERE << "try later: FD " << fd << " handler: " << *theCallback);
+ debugs(5, 5, HERE << "try later: FD " << fd << " handler: " << theCallback);
commSetSelect(fd, COMM_SELECT_READ, doAccept, this, 0);
- return false;
+ return;
}
// A non-recoverable error; notify the caller */
- debugs(5, 5, HERE << "non-recoverable error: FD " << fd << " handler: " << *theCallback);
+ debugs(5, 5, HERE << "non-recoverable error: FD " << fd << " handler: " << theCallback);
notify(-1, COMM_ERROR, errno, connDetails);
- return false;
+ mayAcceptMore = false;
+ return;
}
debugs(5, 5, HERE << "accepted: FD " << fd <<
" newfd: " << newfd << " from: " << connDetails.peer <<
- " handler: " << *theCallback);
+ " handler: " << theCallback);
notify(newfd, COMM_OK, 0, connDetails);
- return true;
}
void
{
assert(isOpen(fd));
debugs(5, 2, HERE << "connection on FD " << fd);
- mayAcceptMore = acceptOne();
+ acceptOne();
}
void
/// Method callback for whenever an FD is ready to accept a client connection.
static void doAccept(int fd, void *data);
- bool acceptOne();
+ void acceptOne();
int oldAccept(ConnectionDetail &details);
AsyncCall::Pointer theCallback;
-
/*
* $Id$
*
- * DEBUG: section 5 Socket Functions
+ * DEBUG: section 05 Socket Functions
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
* ----------------------------------------------------------
#include "fde.h"
#include "SquidTime.h"
-#ifdef USE_EPOLL
+#if USE_EPOLL
#define DEBUG_EPOLL 0
-
/*
* $Id$
*
- * DEBUG: section 5 Socket Functions
+ * DEBUG: section 05 Socket Functions
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
* ----------------------------------------------------------
-
/*
* $Id$
*
- * DEBUG: section 5 Socket Functions
+ * DEBUG: section 05 Socket Functions
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
* ----------------------------------------------------------
#include "Store.h"
#include "fde.h"
-#ifdef USE_POLL
+#if USE_POLL
+
+#if HAVE_POLL_H
+#include <poll.h>
+#endif
+
+/* Needed for poll() on Linux at least */
+#if USE_POLL
+#ifndef POLLRDNORM
+#define POLLRDNORM POLLIN
+#endif
+#ifndef POLLWRNORM
+#define POLLWRNORM POLLOUT
+#endif
+#endif
static int MAX_POLL_TIME = 1000; /* see also comm_quick_poll_required() */
-
/*
* $Id$
*
- * DEBUG: section 5 Socket Functions
+ * DEBUG: section 05 Socket Functions
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
* ----------------------------------------------------------
#include "CacheManager.h"
#include "SquidTime.h"
-#ifdef USE_SELECT
+#if USE_SELECT
#include "Store.h"
#include "fde.h"
-
/*
* $Id$
*
- * DEBUG: section 5 Socket Functions
+ * DEBUG: section 05 Socket Functions
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
* ----------------------------------------------------------
#include "CacheManager.h"
#include "SquidTime.h"
-#ifdef USE_SELECT_WIN32
+#if USE_SELECT_WIN32
#include "Store.h"
#include "fde.h"
/*
* $Id$
*
- * DEBUG: section 0 Debug Routines
+ * DEBUG: section 00 Debug Routines
* AUTHOR: Harvest Derived
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
#include "DelayBucket.h"
#include "DelayUser.h"
#include "DelayTagged.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
/// \ingroup DelayPoolsInternal
long DelayPools::MemoryUsed = 0;
virtual char const *label() const = 0;
- virtual unsigned int makeKey(IpAddress &src_addr) const = 0;
+ virtual unsigned int makeKey(Ip::Address &src_addr) const = 0;
DelaySpec spec;
protected:
virtual char const *label() const {return "Individual";}
- virtual unsigned int makeKey(IpAddress &src_addr) const;
+ virtual unsigned int makeKey(Ip::Address &src_addr) const;
};
/// \ingroup DelayPoolsInternal
protected:
virtual char const *label() const {return "Network";}
- virtual unsigned int makeKey (IpAddress &src_addr) const;
+ virtual unsigned int makeKey (Ip::Address &src_addr) const;
};
/* don't use remote storage for these */
virtual char const *label() const {return "Individual";}
- virtual unsigned int makeKey (IpAddress &src_addr) const;
+ virtual unsigned int makeKey(Ip::Address &src_addr) const;
- unsigned char makeHostKey (IpAddress &src_addr) const;
+ unsigned char makeHostKey(Ip::Address &src_addr) const;
DelaySpec spec;
VectorMap<unsigned char, ClassCBucket> buckets;
}
unsigned int
-IndividualPool::makeKey (IpAddress &src_addr) const
+IndividualPool::makeKey(Ip::Address &src_addr) const
{
/* IPv4 required for this pool */
if ( !src_addr.IsIPv4() )
}
unsigned int
-ClassCNetPool::makeKey (IpAddress &src_addr) const
+ClassCNetPool::makeKey(Ip::Address &src_addr) const
{
/* IPv4 required for this pool */
if ( !src_addr.IsIPv4() )
}
unsigned char
-ClassCHostPool::makeHostKey (IpAddress &src_addr) const
+ClassCHostPool::makeHostKey(Ip::Address &src_addr) const
{
/* IPv4 required for this pool */
if ( !src_addr.IsIPv4() )
}
unsigned int
-ClassCHostPool::makeKey (IpAddress &src_addr) const
+ClassCHostPool::makeKey(Ip::Address &src_addr) const
{
/* IPv4 required for this pool */
if ( !src_addr.IsIPv4() )
-
/*
* $Id$
*
- * DEBUG: section 6 Disk I/O Routines
+ * DEBUG: section 06 Disk I/O Routines
* AUTHOR: Harvest Derived
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
if (m == NULL)
return;
- dlink_node_pool->free(m);
+ dlink_node_pool->freeOne(m);
}
void
helperSubmit(dnsservers, buf, callback, data);
}
-#ifdef SQUID_SNMP
+#if SQUID_SNMP
/*
* The function to return the DNS via SNMP
*/
return Answer;
}
-#endif /*SQUID_SNMP */
+#endif /* SQUID_SNMP */
#endif /* USE_DNSSERVERS */
#ifndef to exclude the internal DNS code from compile process when
using external DNS process.
*/
-#ifndef USE_DNSSERVERS
+#if !USE_DNSSERVERS
#ifdef _SQUID_WIN32_
#include "squid_windows.h"
#define REG_TCPIP_PARA_INTERFACES "SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters\\Interfaces"
IDNSCB *callback;
void *callback_data;
int attempt;
- const char *error;
int rcode;
idns_query *queue;
unsigned short domain;
};
struct _ns {
- IpAddress S;
+ Ip::Address S;
int nqueries;
int nreplies;
nsvc *vc;
static IOCB idnsReadVCHeader;
static void idnsDoSendQueryVC(nsvc *vc);
-static int idnsFromKnownNameserver(IpAddress const &from);
+static int idnsFromKnownNameserver(Ip::Address const &from);
static idns_query *idnsFindQuery(unsigned short id);
static void idnsGrokReply(const char *buf, size_t sz);
static PF idnsRead;
static void
idnsAddNameserver(const char *buf)
{
- IpAddress A;
+ Ip::Address A;
if (!(A = buf)) {
debugs(78, 0, "WARNING: rejecting '" << buf << "' as a name server, because it is not a numeric IP address");
nameservers[ns].vc = vc;
vc->ns = ns;
- IpAddress addr;
+ Ip::Address addr;
if (!Config.Addrs.udp_outgoing.IsNoAddr())
addr = Config.Addrs.udp_outgoing;
}
static int
-idnsFromKnownNameserver(IpAddress const &from)
+idnsFromKnownNameserver(Ip::Address const &from)
{
int i;
dlinkDelete(&q->lru, &lru_list);
idnsRcodeCount(n, q->attempt);
- q->error = NULL;
if (n < 0) {
- debugs(78, 3, "idnsGrokReply: error " << rfc1035_error_message << " (" << rfc1035_errno << ")");
-
- q->error = rfc1035_error_message;
q->rcode = -n;
+ debugs(78, 3, "idnsGrokReply: error " << rfc1035ErrorMessage(n) << " (" << q->rcode << ")");
if (q->rcode == 2 && ++q->attempt < MAX_ATTEMPT) {
/*
// remove the hashed query info
idnsDropMessage(message, q);
+ // reset the query as an A query
+ q->nsends = 0;
q->start_t = current_time;
q->id = idnsQueryID();
rfc1035SetQueryID(q->buf, q->id);
/* else initial results were empty. just use the final set as authoritative */
debugs(78, 6, HERE << "Sending " << n << " DNS results to caller.");
- idnsCallback(q, message->answer, n, q->error);
+ idnsCallback(q, message->answer, n, rfc1035ErrorMessage(n));
rfc1035MessageDestroy(&message);
cbdataFree(q);
}
int max = INCOMING_DNS_MAX;
static char rbuf[SQUID_UDP_SO_RCVBUF];
int ns;
- IpAddress from;
+ Ip::Address from;
debugs(78, 3, "idnsRead: starting with FD " << fd);
* The cause of this is still unknown, however copying the data appears
* to allow it to be passed further without this erasure.
*/
- IpAddress bugbypass;
+ Ip::Address bugbypass;
while (max--) {
len = comm_udp_recvfrom(fd, rbuf, SQUID_UDP_SO_RCVBUF, 0, bugbypass);
std::setw(5)<< std::setprecision(2) << tvSubDsec(q->start_t, current_time) << " seconds");
if (q->rcode != 0)
- idnsCallback(q, NULL, -q->rcode, q->error);
+ idnsCallback(q, NULL, -q->rcode, rfc1035ErrorMessage(q->rcode));
else
idnsCallback(q, NULL, -16, "Timeout");
if (DnsSocketA < 0 && DnsSocketB < 0) {
int port;
- IpAddress addr; // since we don't want to alter Config.Addrs.udp_* and dont have one of our own.
+ Ip::Address addr; // since we don't want to alter Config.Addrs.udp_* and dont have one of our own.
if (!Config.Addrs.udp_outgoing.IsNoAddr())
addr = Config.Addrs.udp_outgoing;
addr = Config.Addrs.udp_incoming;
#if IPV6_SPECIAL_SPLITSTACK
- IpAddress addr4 = addr;
+ Ip::Address addr4 = addr;
if ( addr.IsAnyAddr() || addr.IsIPv6() ) {
debugs(78, 2, "idnsInit: attempt open DNS socket to: " << addr);
}
void
-idnsPTRLookup(const IpAddress &addr, IDNSCB * callback, void *data)
+idnsPTRLookup(const Ip::Address &addr, IDNSCB * callback, void *data)
{
idns_query *q;
idnsSendQuery(q);
}
-#ifdef SQUID_SNMP
+#if SQUID_SNMP
/*
* The function to return the DNS via SNMP
*/
/*
- * DEBUG: section 0 DNS Resolver
+ * DEBUG: section 00 DNS Resolver Daemon
* AUTHOR: Harvest Derived
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
*/
#include "config.h"
+#include "compat/inet_ntop.h"
+#include "compat/getaddrinfo.h"
+#include "compat/getnameinfo.h"
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
#if HAVE_STDIO_H
#include <stdio.h>
#endif
-#if HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
#if HAVE_CTYPE_H
#include <ctype.h>
#endif
#if HAVE_MEMORY_H
#include <memory.h>
#endif
-#if HAVE_NETDB_H && !defined(_SQUID_NETDB_H_) /* protect NEXTSTEP */
-#define _SQUID_NETDB_H_
+#if HAVE_NETDB_H
#include <netdb.h>
#endif
#if HAVE_PWD_H
#if HAVE_SYS_PARAM_H
#include <sys/param.h>
#endif
-#if HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
-#if HAVE_SYS_RESOURCE_H
-#include <sys/resource.h> /* needs sys/time.h above it */
-#endif
#if HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#if HAVE_LIBC_H
#include <libc.h>
#endif
-#ifdef HAVE_SYS_SYSCALL_H
+#if HAVE_SYS_SYSCALL_H
#include <sys/syscall.h>
#endif
-#ifdef HAVE_STRING_H
+#if HAVE_STRING_H
#include <string.h>
#endif
-#ifdef HAVE_STRINGS_H
+#if HAVE_STRINGS_H
#include <strings.h>
#endif
#if HAVE_BSTRING_H
#include <bstring.h>
#endif
-#ifdef HAVE_CRYPT_H
+#if HAVE_CRYPT_H
#include <crypt.h>
#endif
-#if HAVE_SYS_SELECT_H
-#include <sys/select.h>
-#endif
#if HAVE_GETOPT_H
#include <getopt.h>
#endif
\endverbatim
*/
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
#if LIBRESOLV_DNS_TTL_HACK
/// \ingroup dnsserver
int ttl = 0;
int retry = 0;
unsigned int i = 0;
- IpAddress ipa;
+ Ip::Address ipa;
char ntoabuf[MAX_IPSTRLEN];
struct addrinfo hints;
struct addrinfo *AI = NULL;
hints.ai_flags = AI_CANONNAME;
for (;;) {
- xfreeaddrinfo(AI);
+ freeaddrinfo(AI);
AI = NULL;
- if ( 0 == (res = xgetaddrinfo(buf,NULL,&hints,&AI)) )
+ if ( 0 == (res = getaddrinfo(buf,NULL,&hints,&AI)) )
break;
if (res != EAI_AGAIN)
/* annoying inet_ntop breaks the nice code by requiring the in*_addr */
switch (aiptr->ai_family) {
case AF_INET:
- xinet_ntop(aiptr->ai_family, &((struct sockaddr_in*)aiptr->ai_addr)->sin_addr, ntoabuf, MAX_IPSTRLEN);
+ inet_ntop(aiptr->ai_family, &((struct sockaddr_in*)aiptr->ai_addr)->sin_addr, ntoabuf, MAX_IPSTRLEN);
break;
#if USE_IPV6
case AF_INET6:
- xinet_ntop(aiptr->ai_family, &((struct sockaddr_in6*)aiptr->ai_addr)->sin6_addr, ntoabuf, MAX_IPSTRLEN);
+ inet_ntop(aiptr->ai_family, &((struct sockaddr_in6*)aiptr->ai_addr)->sin6_addr, ntoabuf, MAX_IPSTRLEN);
break;
#endif
default:
*/
if (NULL != AI && NULL != AI->ai_addr) {
for (;;) {
- if ( 0 == (res = xgetnameinfo(AI->ai_addr, AI->ai_addrlen, ntoabuf, MAX_IPSTRLEN, NULL,0,0)) )
+ if ( 0 == (res = getnameinfo(AI->ai_addr, AI->ai_addrlen, ntoabuf, MAX_IPSTRLEN, NULL,0,0)) )
break;
if (res != EAI_AGAIN)
break;
case EAI_FAIL:
- printf("$fail DNS Domain/IP '%s' does not exist: %s.\n", buf, xgai_strerror(res));
+ printf("$fail DNS Domain/IP '%s' does not exist: %s.\n", buf, gai_strerror(res));
break;
#if defined(EAI_NODATA) || defined(EAI_NONAME)
-#ifdef EAI_NODATA
+#if EAI_NODATA
/* deprecated. obsolete on some OS */
case EAI_NODATA:
#endif
-#ifdef EAI_NONAME
+#if EAI_NONAME
case EAI_NONAME:
#endif
- printf("$fail DNS Domain/IP '%s' exists without any FQDN/IPs: %s.\n", buf, xgai_strerror(res));
+ printf("$fail DNS Domain/IP '%s' exists without any FQDN/IPs: %s.\n", buf, gai_strerror(res));
break;
#endif
default:
- printf("$fail A system error occured looking up Domain/IP '%s': %s.\n", buf, xgai_strerror(res));
+ printf("$fail A system error occured looking up Domain/IP '%s': %s.\n", buf, gai_strerror(res));
}
- xfreeaddrinfo(AI);
+ freeaddrinfo(AI);
}
/**
int ns6count = 0;
#endif
#if HAVE_RES_INIT
- IpAddress ipa;
+ Ip::Address ipa;
#ifdef _SQUID_RES_NSADDR_LIST
extern char *optarg;
#endif
STREAM_FAILED
} clientStream_status_t;
-typedef enum {
- AUTH_ACL_CHALLENGE = -2,
- AUTH_ACL_HELPER = -1,
- AUTH_ACL_CANNOT_AUTHENTICATE = 0,
- AUTH_AUTHENTICATED = 1
-} auth_acl_t;
-
-typedef enum {
- AUTH_UNKNOWN, /* default */
- AUTH_BASIC,
- AUTH_NTLM,
- AUTH_DIGEST,
- AUTH_NEGOTIATE,
- AUTH_BROKEN /* known type, but broken data */
-} auth_type_t;
-
/* stateful helper callback response codes */
typedef enum {
S_HELPER_UNKNOWN,
-
/*
* $Id$
*
- * DEBUG: section 4 Error Generation
+ * DEBUG: section 04 Error Generation
* AUTHOR: Duane Wessels
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
wordlistDestroy(&err->ftp.server_msg);
safe_free(err->ftp.request);
safe_free(err->ftp.reply);
- AUTHUSERREQUESTUNLOCK(err->auth_user_request, "errstate");
+ err->auth_user_request = NULL;
safe_free(err->err_msg);
#if USE_ERR_LOCALES
if (err->err_language != Config.errorDefaultLanguage)
#define CVT_BUF_SZ 512
const char *
-ErrorState::Convert(char token, bool url_presentable)
+ErrorState::Convert(char token, bool building_deny_info_url)
{
static MemBuf mb;
const char *p = NULL; /* takes priority over mb if set */
int do_quote = 1;
- int no_urlescape = 1; /* item is NOT to be further URL-encoded */
+ int no_urlescape = 0; /* if true then item is NOT to be further URL-encoded */
char ntoabuf[MAX_IPSTRLEN];
mb.reset();
switch (token) {
case 'a':
- if (request && request->auth_user_request)
+ if (request && request->auth_user_request != NULL)
p = request->auth_user_request->username();
if (!p)
p = "-";
break;
case 'B':
- if (url_presentable) break;
+ if (building_deny_info_url) break;
p = request ? ftpUrlWith2f(request) : "[no URL]";
- no_urlescape = 1;
break;
case 'c':
- if (url_presentable) break;
+ if (building_deny_info_url) break;
p = errorPageName(type);
break;
break;
case 'f':
- if (url_presentable) break;
+ if (building_deny_info_url) break;
/* FTP REQUEST LINE */
if (ftp.request)
p = ftp.request;
break;
case 'F':
- if (url_presentable) break;
+ if (building_deny_info_url) break;
/* FTP REPLY LINE */
if (ftp.request)
p = ftp.reply;
break;
case 'g':
- if (url_presentable) break;
+ if (building_deny_info_url) break;
/* FTP SERVER MESSAGE */
if (ftp.server_msg)
wordlistCat(ftp.server_msg, &mb);
p = request->hier.host;
else
p = request->GetHost();
- } else if (!url_presentable)
+ } else if (!building_deny_info_url)
p = "[unknown host]";
break;
case 'I':
if (request && request->hier.host[0] != '\0') // if non-empty string
mb.Printf("%s", request->hier.host);
- else if (!url_presentable)
+ else if (!building_deny_info_url)
p = "[unknown]";
break;
case 'l':
- if (url_presentable) break;
+ if (building_deny_info_url) break;
mb.append(error_stylesheet.content(), error_stylesheet.contentSize());
do_quote = 0;
break;
case 'L':
- if (url_presentable) break;
+ if (building_deny_info_url) break;
if (Config.errHtmlText) {
mb.Printf("%s", Config.errHtmlText);
do_quote = 0;
- } else if (!url_presentable)
+ } else
p = "[not available]";
break;
case 'm':
- if (url_presentable) break;
+ if (building_deny_info_url) break;
p = auth_user_request->denyMessage("[not available]");
break;
case 'M':
- p = request ? RequestMethodStr(request->method) : "[unknown method]";
+ if (request)
+ p = RequestMethodStr(request->method);
+ else if (!building_deny_info_url)
+ p= "[unknown method]";
break;
case 'o':
p = request ? request->extacl_message.termedBuf() : external_acl_message;
- if (!p)
+ if (!p && !building_deny_info_url)
p = "[not available]";
break;
case 'p':
if (request) {
mb.Printf("%d", (int) request->port);
- } else if (!url_presentable) {
+ } else if (!building_deny_info_url) {
p = "[unknown port]";
}
break;
case 'P':
- p = request ? ProtocolStr[request->protocol] : "[unknown protocol]";
+ if (request) {
+ p = ProtocolStr[request->protocol];
+ } else if (!building_deny_info_url) {
+ p = "[unknown protocol]";
+ }
break;
case 'R':
- if (url_presentable) {
+ if (building_deny_info_url) {
p = (request->urlpath.size() != 0 ? request->urlpath.termedBuf() : "/");
break;
}
case 's':
/* for backward compat we make %s show the full URL. Drop this in some future release. */
- if (url_presentable) {
+ if (building_deny_info_url) {
p = request ? urlCanonical(request) : url;
debugs(0,0, "WARNING: deny_info now accepts coded tags. Use %u to get the full URL instead of %s");
} else
break;
case 'S':
- if (url_presentable) break;
+ if (building_deny_info_url) {
+ p = visible_appname_string;
+ break;
+ }
/* signature may contain %-escapes, recursion */
if (page_id != ERR_SQUID_SIGNATURE) {
const int saved_id = page_id;
case 'U':
/* Using the fake-https version of canonical so error pages see https:// */
/* even when the url-path cannot be shown as more than '*' */
- p = request ? urlCanonicalFakeHttps(request) : url ? url : "[no URL]";
+ if (request)
+ p = urlCanonicalFakeHttps(request);
+ else if (url)
+ p = url;
+ else if (!building_deny_info_url)
+ p = "[no URL]";
break;
case 'u':
- p = request ? urlCanonical(request) : url ? url : "[no URL]";
+ if (request)
+ p = urlCanonical(request);
+ else if (url)
+ p = url;
+ else if (!building_deny_info_url)
+ p = "[no URL]";
break;
case 'w':
if (Config.adminEmail)
mb.Printf("%s", Config.adminEmail);
- else if (!url_presentable)
+ else if (!building_deny_info_url)
p = "[unknown]";
break;
case 'W':
- if (url_presentable) break;
+ if (building_deny_info_url) break;
if (Config.adminEmail && Config.onoff.emailErrData)
Dump(&mb);
+ no_urlescape = 1;
break;
case 'z':
- if (url_presentable) break;
+ if (building_deny_info_url) break;
if (dnsError.size() > 0)
p = dnsError.termedBuf();
else if (ftp.cwd_msg)
break;
case 'Z':
- if (url_presentable) break;
+ if (building_deny_info_url) break;
if (err_msg)
p = err_msg;
else
if (do_quote)
p = html_quote(p);
- if (url_presentable && !no_urlescape)
+ if (building_deny_info_url && !no_urlescape)
p = rfc1738_escape_part(p);
return p;
/*
- * DEBUG: section 4 Error Generation
+ * DEBUG: section 04 Error Generation
* AUTHOR: Duane Wessels
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
#define SQUID_ERRORPAGE_H
#include "squid.h"
+#include "auth/UserRequest.h"
#include "cbdata.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
/**
\defgroup ErrorPageAPI Error Pages API
\endverbatim
*/
-class AuthUserRequest;
class HttpReply;
class MemBuf;
* Several of the codes produce blocks of non-URL compatible results.
* When processing the deny_info location URL they will be skipped.
*
- * \param token The token following % which need to be converted
- * \param url_presentable URL-encode the the output for deny_info redirect
+ * \param token The token following % which need to be converted
+ * \param building_deny_info_url Perform special deny_info actions, such as URL-encoding and token skipping.
*/
- const char *Convert(char token, bool url_presentable);
+ const char *Convert(char token, bool building_deny_info_url);
/**
* CacheManager / Debug dump of the ErrorState object.
int page_id;
char *err_language;
http_status httpStatus;
- AuthUserRequest *auth_user_request;
+ AuthUserRequest::Pointer auth_user_request;
HttpRequest *request;
char *url;
int xerrno;
String dnsError; ///< DNS lookup error message
time_t ttl;
- IpAddress src_addr;
+ Ip::Address src_addr;
char *redirect_url;
ERCB *callback;
void *callback_data;
#include "esi/Expression.h"
#include "HttpRequest.h"
#include "MemBuf.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
/* quick reference on behaviour here.
* The ESI specification 1.0 requires the ESI processor to be able to
/* don't touch incoming, it's a pointer into buffered anyway */
}
-extern ErrorState *clientBuildError (err_type, http_status, char const *, IpAddress &, HttpRequest *);
+extern ErrorState *clientBuildError (err_type, http_status, char const *, Ip::Address &, HttpRequest *);
/* This can ONLY be used before we have sent *any* data to the client */
/*
- * DEBUG: section ?? EUI Lookup
+ * DEBUG: section 89 EUI-48 Lookup
* AUTHOR: Duane Wessels
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
#include "Debug.h"
#include "eui/Eui48.h"
#include "globals.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
-#if defined(_SQUID_CYGWIN_)
+#if _SQUID_CYGWIN_
#include <squid_windows.h>
#endif
and can be wrapped
*/
-#if defined(_SQUID_WIN32_)
+#if _SQUID_WIN32_
struct arpreq {
- IpAddress arp_pa; /* protocol address */
+ Ip::Address arp_pa; /* protocol address */
struct sockaddr arp_ha; /* hardware address */
int arp_flags; /* flags */
// return binary representation of the EUI
bool
-Eui::Eui48::lookup(IpAddress &c)
+Eui::Eui48::lookup(Ip::Address &c)
{
struct arpreq arpReq;
-#if !defined(_SQUID_WIN32_)
+#if !_SQUID_WIN32_
struct sockaddr_in *sa = NULL;
#endif /* !_SQUID_WIN32_ */
- IpAddress ipAddr = c;
+ Ip::Address ipAddr = c;
ipAddr.SetPort(0);
-#if defined(_SQUID_LINUX_)
+#if _SQUID_LINUX_
unsigned char ifbuffer[sizeof(struct ifreq) * 64];
struct ifconf ifc;
close(tmpSocket);
-#elif defined(_SQUID_SOLARIS_)
+#elif _SQUID_SOLARIS_
/* IPv6 builds do not provide the first http_port as an IPv4 socket for ARP */
int tmpSocket = socket(AF_INET,SOCK_STREAM,0);
return true;
}
-#elif defined(_SQUID_FREEBSD_) || defined(_SQUID_NETBSD_) || defined(_SQUID_OPENBSD_) || defined(_SQUID_DRAGONFLY_) || defined(_SQUID_KFREEBSD_)
+#elif _SQUID_FREEBSD_ || _SQUID_NETBSD_ || _SQUID_OPENBSD_ || _SQUID_DRAGONFLY_ || _SQUID_KFREEBSD_
int mib[6];
set(arpReq.arp_ha.sa_data, 6);
return true;
-#elif defined(_SQUID_WIN32_)
+#elif _SQUID_WIN32_
DWORD dwNetTable = 0;
/* EUI-48 is 6 bytes. */
#define SZ_EUI48_BUF 6
-class IpAddress;
+namespace Ip
+{
+class Address;
+};
#if HAVE_CSTRING
#include <cstring>
bool encode(char *buf, const int len);
// lookup an EUI-48 / MAC address via ARP
- bool lookup(IpAddress &c);
+ bool lookup(Ip::Address &c);
private:
unsigned char eui[SZ_EUI48_BUF];
/*
- * DEBUG: section ?? EUI-64 Handling
+ * DEBUG: section 89 EUI-64 Handling
* AUTHOR: Amos Jeffries
*
* Copyright (c) 2009, Amos Jeffries <squid3@treenet.co.nz>
#if USE_SQUID_EUI
+#include "compat/eui64_aton.h"
#include "Debug.h"
#include "eui/Eui64.h"
#include "globals.h"
-#include "ip/IpAddress.h"
-
-#if HAVE_SYS_EUI64_H
-#include <sys/eui64.h>
-#else
-#include "eui64_aton.h"
-#endif
+#include "ip/Address.h"
bool
Eui::Eui64::decode(const char *asc)
// return binary representation of the EUI
bool
-Eui::Eui64::lookup(IpAddress &c)
+Eui::Eui64::lookup(Ip::Address &c)
{
/* try to short-circuit slow OS lookups by using SLAAC data */
if (lookupSlaac(c)) return true;
}
bool
-Eui::Eui64::lookupSlaac(IpAddress &c)
+Eui::Eui64::lookupSlaac(Ip::Address &c)
{
#if USE_IPV6
/* RFC 4291 Link-Local unicast addresses which contain SLAAC - usually trustable. */
// return binary representation of the EUI
bool
-Eui::Eui64::lookupNdp(IpAddress &c)
+Eui::Eui64::lookupNdp(Ip::Address &c)
{
+#if 0 /* no actual lookup coded yet */
#if USE_IPV6
-#if 0 /* no OS yet supported for NDP protocol lookup */
-
-#else
+ /* no OS yet supported for NDP protocol lookup */
debugs(28, 0, "ERROR: ARP / MAC / EUI-* operations not supported on this operating system.");
-#endif
/*
* Address was not found on any interface
#else
debugs(28, 0, "ERROR: IPv6 EUI-64 operations not supported on this operating system.");
#endif
+#endif /* 0 */
clear();
return false;
#if USE_SQUID_EUI
-class IpAddress;
+namespace Ip
+{
+class Address;
+};
#if HAVE_CSTRING
#include <cstring>
bool encode(char *buf, const int len);
// lookup an EUI-64 address via IPv6 SLAAC or NDP
- bool lookup(IpAddress &c);
+ bool lookup(Ip::Address &c);
// lookup an EUI-64 address via IPv6 NDP
- bool lookupNdp(IpAddress &c);
+ bool lookupNdp(Ip::Address &c);
// lookup an EUI-64 address via decoding the IPv6 address SLAAC data
- bool lookupSlaac(IpAddress &c);
+ bool lookupSlaac(Ip::Address &c);
private:
unsigned char eui[SZ_EUI64_BUF];
*
*/
-#include "event.h"
+#include "config.h"
+#include "compat/drand48.h"
#include "CacheManager.h"
+#include "event.h"
#include "Store.h"
#include "SquidTime.h"
dlink_list queue;
+ /**
+ * Configuration flag. May only be altered by the configuration parser.
+ *
+ * Indicates that all uses of this external_acl_type helper require authentication
+ * details to be processed. If none are available its a fail match.
+ */
bool require_auth;
enum {
QUOTE_METHOD_URL
} quote;
- IpAddress local_addr;
+ Ip::Address local_addr;
};
struct _external_acl_format {
if (acl->def->require_auth) {
int ti;
/* Make sure the user is authenticated */
+ debugs(82, 3, "aclMatchExternal: " << acl->def->name << " check user authenticated.");
if ((ti = AuthenticateAcl(ch)) != 1) {
debugs(82, 2, "aclMatchExternal: " << acl->def->name << " user not authenticated (" << ti << ")");
return ti;
}
+ debugs(82, 3, "aclMatchExternal: " << acl->def->name << " user is authenticated.");
}
key = makeExternalAclKey(ch, acl);
- if (acl->def->require_auth)
- AUTHUSERREQUESTUNLOCK(ch->auth_user_request, "ACLChecklist via aclMatchExternal");
-
if (!key) {
/* Not sufficient data to process */
return -1;
switch (format->type) {
case _external_acl_format::EXT_ACL_LOGIN:
- assert (ch->auth_user_request);
+ assert (ch->auth_user_request != NULL);
str = ch->auth_user_request->username();
break;
#if USE_IDENT
if (acl->def->require_auth) {
int ti;
/* Make sure the user is authenticated */
+ debugs(82, 3, "aclMatchExternal: " << acl->def->name << " check user authenticated.");
if ((ti = AuthenticateAcl(ch)) != 1) {
debugs(82, 1, "externalAclLookup: " << acl->def->name <<
callback(callback_data, NULL);
return;
}
+ debugs(82, 3, "aclMatchExternal: " << acl->def->name << " user is authenticated.");
}
const char *key = makeExternalAclKey(ch, acl);
#define SQUID_FDE_H
#include "comm.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
class PconnPool;
unsigned int type;
u_short remote_port;
- IpAddress local_addr;
+ Ip::Address local_addr;
unsigned char tos;
int sock_family;
char ipaddr[MAX_IPSTRLEN]; /* dotted decimal address of peer */
halfClosedReader = NULL;
// XXX: the following memset may corrupt or leak new or changed members
memset(this, 0, sizeof(fde));
- local_addr.SetEmpty(); // IpAddress likes to be setup nicely.
+ local_addr.SetEmpty(); // Ip::Address likes to be setup nicely.
}
};
SQUIDCEXTERN int fdNFree(void);
+#define FD_READ_METHOD(fd, buf, len) (*fd_table[fd].read_method)(fd, buf, len)
+#define FD_WRITE_METHOD(fd, buf, len) (*fd_table[fd].write_method)(fd, buf, len)
+
#endif /* SQUID_FDE_H */
-
/*
* $Id$
*
- * DEBUG: section 8 Swap File Bitmap
+ * DEBUG: section 08 Swap File Bitmap
* AUTHOR: Harvest Derived
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
#include "SquidTime.h"
#include "Store.h"
#include "icmp/net_db.h"
-#include "ip/IpIntercept.h"
+#include "ip/Intercept.h"
static PSC fwdStartCompleteWrapper;
static PF fwdServerClosedWrapper;
int ctimeout;
int ftimeout = Config.Timeout.forward - (squid_curtime - start_t);
- IpAddress outgoing;
+ Ip::Address outgoing;
unsigned short tos;
- IpAddress client_addr;
+ Ip::Address client_addr;
assert(fs);
assert(server_fd == -1);
debugs(17, 3, "fwdConnectStart: " << url);
comm_add_close_handler(fd, fwdServerClosedWrapper, this);
+ // TODO: Avoid this if %<lp is not used? F->local_port is often cached.
+ request->hier.peer_local_port = comm_local_port(fd);
+
dispatch();
return;
if (!fs->_peer)
origin_tries++;
+ request->hier.peer_local_port = comm_local_port(fd);
+
/*
* stats.conn_open is used to account for the number of
* connections that we have open to the peer, so we can limit
commSetTimeout(fd, ctimeout, fwdConnectTimeoutWrapper, this);
-#if LINUX_TPROXY2
- if (!fs->_peer && request->flags.spoof_client_ip) {
- // try to set the outgoing address using TPROXY v2
- // if it fails we abort any further TPROXY actions on this connection
- if (IpInterceptor.SetTproxy2OutgoingAddr(int fd, const IpAddress &src) == -1) {
- request->flags.spoof_client_ip = 0;
- }
- }
-#endif
-
updateHierarchyInfo();
commConnectStart(fd, host, port, fwdConnectDoneWrapper, this);
}
* - address of the client for which we made the connection
*/
void
-FwdState::pconnPush(int fd, const peer *_peer, const HttpRequest *req, const char *domain, IpAddress &client_addr)
+FwdState::pconnPush(int fd, const peer *_peer, const HttpRequest *req, const char *domain, Ip::Address &client_addr)
{
if (_peer) {
fwdPconnPool->push(fd, _peer->name, _peer->http_port, domain, client_addr);
memFree(fs, MEM_FWD_SERVER);
}
-static IpAddress
+static Ip::Address
aclMapAddr(acl_address * head, ACLChecklist * ch)
{
acl_address *l;
- IpAddress addr;
+ Ip::Address addr;
for (l = head; l; l = l->next) {
if (!l->aclList || ch->matchAclListFast(l->aclList))
return 0;
}
-IpAddress
+Ip::Address
getOutgoingAddr(HttpRequest * request, struct peer *dst_peer)
{
if (request && request->flags.spoof_client_ip) {
- if (!dst_peer || !dst_peer->options.no_tproxy)
- return request->client_addr;
+ if (!dst_peer || !dst_peer->options.no_tproxy) {
+#if FOLLOW_X_FORWARDED_FOR && LINUX_NETFILTER
+ if (Config.onoff.tproxy_uses_indirect_client)
+ return request->indirect_client_addr;
+ else
+#endif
+ return request->client_addr;
+ }
// else no tproxy today ...
}
if (!Config.accessList.outgoing_address) {
- return IpAddress(); // anything will do.
+ return Ip::Address(); // anything will do.
}
ACLFilledChecklist ch(NULL, request, NULL);
ch.dst_peer = dst_peer;
if (request) {
- ch.src_addr = request->client_addr;
+#if FOLLOW_X_FORWARDED_FOR
+ if (Config.onoff.acl_uses_indirect_client)
+ ch.src_addr = request->indirect_client_addr;
+ else
+#endif
+ ch.src_addr = request->client_addr;
ch.my_addr = request->my_addr;
}
#include "comm.h"
#include "hier_code.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
class FwdServer
{
bool checkRetry();
bool checkRetriable();
void dispatch();
- void pconnPush(int fd, const peer *_peer, const HttpRequest *req, const char *domain, IpAddress &client_addr);
+ void pconnPush(int fd, const peer *_peer, const HttpRequest *req, const char *domain, Ip::Address &client_addr);
bool dontRetry() { return flags.dont_retry; }
unsigned int forward_completed:1;
} flags;
- IpAddress src; /* Client address for this connection. Needed for transparent operations. */
+ Ip::Address src; /* Client address for this connection. Needed for transparent operations. */
// NP: keep this last. It plays with private/public
CBDATA_CLASS2(FwdState);
static fqdncache_entry *fqdncacheCreateEntry(const char *name);
static void fqdncacheCallback(fqdncache_entry *, int wait);
static fqdncache_entry *fqdncache_get(const char *);
-static FQDNH dummy_handler;
static int fqdncacheExpiredEntry(const fqdncache_entry *);
static void fqdncacheLockEntry(fqdncache_entry * f);
static void fqdncacheUnlockEntry(fqdncache_entry * f);
* and does not affect the FQDN cache.
*/
void
-fqdncache_nbgethostbyaddr(IpAddress &addr, FQDNH * handler, void *handlerData)
+fqdncache_nbgethostbyaddr(const Ip::Address &addr, FQDNH * handler, void *handlerData)
{
fqdncache_entry *f = NULL;
char name[MAX_IPSTRLEN];
generic_cbdata *c;
- assert(handler);
addr.NtoA(name,MAX_IPSTRLEN);
debugs(35, 4, "fqdncache_nbgethostbyaddr: Name '" << name << "'.");
FqdncacheStats.requests++;
if (name[0] == '\0') {
debugs(35, 4, "fqdncache_nbgethostbyaddr: Invalid name!");
const DnsLookupDetails details("Invalid hostname", -1); // error, no lookup
- handler(NULL, details, handlerData);
+ if (handler)
+ handler(NULL, details, handlerData);
return;
}
*
*/
const char *
-fqdncache_gethostbyaddr(IpAddress &addr, int flags)
+fqdncache_gethostbyaddr(const Ip::Address &addr, int flags)
{
char name[MAX_IPSTRLEN];
fqdncache_entry *f = NULL;
FqdncacheStats.misses++;
if (flags & FQDN_LOOKUP_IF_MISS) {
- fqdncache_nbgethostbyaddr(addr, dummy_handler, NULL);
+ fqdncache_nbgethostbyaddr(addr, NULL, NULL);
}
return NULL;
}
}
-/// \ingroup FQDNCacheInternal
-static void
-dummy_handler(const char *, const DnsLookupDetails &, void *)
-{
- return;
-}
-
/// \ingroup FQDNCacheAPI
const char *
-fqdnFromAddr(IpAddress &addr)
+fqdnFromAddr(const Ip::Address &addr)
{
const char *n;
static char buf[MAX_IPSTRLEN];
}
-#ifdef SQUID_SNMP
+#if SQUID_SNMP
/**
* \ingroup FQDNCacheAPI
* The function to return the FQDN statistics via SNMP
#include "fs/ufs/ufscommon.h"
#endif
-#ifdef HAVE_FS_COSS
+#if HAVE_FS_COSS
#include "fs/coss/StoreFScoss.h"
#endif
-#ifdef HAVE_FS_UFS
+#if HAVE_FS_UFS
static StoreFSufs<UFSSwapDir> *UfsInstance;
#endif
-#ifdef HAVE_FS_AUFS
+#if HAVE_FS_AUFS
static StoreFSufs<UFSSwapDir> *AufsInstance;
#endif
-#ifdef HAVE_FS_DISKD
+#if HAVE_FS_DISKD
static StoreFSufs<UFSSwapDir> *DiskdInstance;
#endif
* (b) declare the StoreFScoss::stats as static and
* (c) merge the StoreFScoss::stat() method with the static
* StoreFScoss::Stats() */
-#ifdef HAVE_FS_COSS
+#if HAVE_FS_COSS
StoreFScoss &CossInstance = StoreFScoss::GetInstance();
#endif
void Fs::Init()
{
-#ifdef HAVE_FS_UFS
+#if HAVE_FS_UFS
UfsInstance = new StoreFSufs<UFSSwapDir>("Blocking", "ufs");
#endif
-#ifdef HAVE_FS_AUFS
+#if HAVE_FS_AUFS
AufsInstance = new StoreFSufs<UFSSwapDir>("DiskThreads", "aufs");;
#endif
-#ifdef HAVE_FS_DISKD
+#if HAVE_FS_DISKD
DiskdInstance = new StoreFSufs<UFSSwapDir>("DiskDaemon", "diskd");;
#endif
void Fs::Clean()
{
-#ifdef HAVE_FS_UFS
+#if HAVE_FS_UFS
delete UfsInstance;
#endif
-#ifdef HAVE_FS_AUFS
+#if HAVE_FS_AUFS
delete AufsInstance;
#endif
-#ifdef HAVE_FS_DISKD
+#if HAVE_FS_DISKD
delete DiskdInstance;
#endif
static char *
storeCossDirSwapLogFile(SwapDir * sd, const char *ext)
{
- LOCAL_ARRAY(char, path, SQUID_MAXPATHLEN);
- LOCAL_ARRAY(char, pathtmp, SQUID_MAXPATHLEN);
+ LOCAL_ARRAY(char, path, MAXPATHLEN);
+ LOCAL_ARRAY(char, pathtmp, MAXPATHLEN);
LOCAL_ARRAY(char, digit, 32);
char *pathtmp2;
if (Config.Log.swap) {
- xstrncpy(pathtmp, sd->path, SQUID_MAXPATHLEN - 64);
+ xstrncpy(pathtmp, sd->path, MAXPATHLEN - 64);
pathtmp2 = pathtmp;
while ((pathtmp2 = strchr(pathtmp2, '/')) != NULL)
pathtmp[strlen(pathtmp) - 1] = '\0';
for (pathtmp2 = pathtmp; *pathtmp2 == '.'; pathtmp2++);
- snprintf(path, SQUID_MAXPATHLEN - 64, Config.Log.swap, pathtmp2);
+ snprintf(path, MAXPATHLEN - 64, Config.Log.swap, pathtmp2);
- if (strncmp(path, Config.Log.swap, SQUID_MAXPATHLEN - 64) == 0) {
+ if (strncmp(path, Config.Log.swap, MAXPATHLEN - 64) == 0) {
strcat(path, ".");
snprintf(digit, 32, "%02d", sd->index);
strncat(path, digit, 3);
}
} else {
- xstrncpy(path, sd->path, SQUID_MAXPATHLEN - 64);
+ xstrncpy(path, sd->path, MAXPATHLEN - 64);
strcat(path, "/swap.state");
}
char *
UFSSwapDir::swapSubDir(int subdirn)const
{
- LOCAL_ARRAY(char, fullfilename, SQUID_MAXPATHLEN);
+ LOCAL_ARRAY(char, fullfilename, MAXPATHLEN);
assert(0 <= subdirn && subdirn < l1);
- snprintf(fullfilename, SQUID_MAXPATHLEN, "%s/%02X", path, subdirn);
+ snprintf(fullfilename, MAXPATHLEN, "%s/%02X", path, subdirn);
return fullfilename;
}
char *
UFSSwapDir::logFile(char const *ext) const
{
- LOCAL_ARRAY(char, lpath, SQUID_MAXPATHLEN);
- LOCAL_ARRAY(char, pathtmp, SQUID_MAXPATHLEN);
+ LOCAL_ARRAY(char, lpath, MAXPATHLEN);
+ LOCAL_ARRAY(char, pathtmp, MAXPATHLEN);
LOCAL_ARRAY(char, digit, 32);
char *pathtmp2;
if (Config.Log.swap) {
- xstrncpy(pathtmp, path, SQUID_MAXPATHLEN - 64);
+ xstrncpy(pathtmp, path, MAXPATHLEN - 64);
pathtmp2 = pathtmp;
while ((pathtmp2 = strchr(pathtmp2, '/')) != NULL)
pathtmp[strlen(pathtmp) - 1] = '\0';
for (pathtmp2 = pathtmp; *pathtmp2 == '.'; pathtmp2++);
- snprintf(lpath, SQUID_MAXPATHLEN - 64, Config.Log.swap, pathtmp2);
+ snprintf(lpath, MAXPATHLEN - 64, Config.Log.swap, pathtmp2);
- if (strncmp(lpath, Config.Log.swap, SQUID_MAXPATHLEN - 64) == 0) {
+ if (strncmp(lpath, Config.Log.swap, MAXPATHLEN - 64) == 0) {
strcat(lpath, ".");
snprintf(digit, 32, "%02d", index);
strncat(lpath, digit, 3);
}
} else {
- xstrncpy(lpath, path, SQUID_MAXPATHLEN - 64);
+ xstrncpy(lpath, path, MAXPATHLEN - 64);
strcat(lpath, "/swap.state");
}
D1 = (swap_index / N0) % N1;
N2 = SD->l2;
D2 = ((swap_index / N0) / N1) % N2;
- snprintf(p1, SQUID_MAXPATHLEN, "%s/%02X/%02X",
+ snprintf(p1, MAXPATHLEN, "%s/%02X/%02X",
SD->path, D1, D2);
debugs(36, 3, "storeDirClean: Cleaning directory " << p1);
dir_pointer = opendir(p1);
char *
UFSSwapDir::fullPath(sfileno filn, char *fullpath) const
{
- LOCAL_ARRAY(char, fullfilename, SQUID_MAXPATHLEN);
+ LOCAL_ARRAY(char, fullfilename, MAXPATHLEN);
int L1 = l1;
int L2 = l2;
fullpath[0] = '\0';
- snprintf(fullpath, SQUID_MAXPATHLEN, "%s/%02X/%02X/%08X",
+ snprintf(fullpath, MAXPATHLEN, "%s/%02X/%02X/%08X",
path,
((filn / L2) / L2) % L1,
(filn / L2) % L2,
}
if (0 == in_dir) { /* we need to read in a new directory */
- snprintf(fullpath, SQUID_MAXPATHLEN, "%s/%02X/%02X",
+ snprintf(fullpath, MAXPATHLEN, "%s/%02X/%02X",
sd->path,
curlvl1, curlvl2);
continue;
}
- snprintf(fullfilename, SQUID_MAXPATHLEN, "%s/%s",
+ snprintf(fullfilename, MAXPATHLEN, "%s/%s",
fullpath, entry->d_name);
debugs(47, 3, "commonUfsDirGetNextFile: Opening " << fullfilename);
fd = file_open(fullfilename, O_RDONLY | O_BINARY);
return currentEntry();
}
-#ifndef _USE_INLINE_
+#if !_USE_INLINE_
#include "ufscommon.cci"
#endif
struct dirent *entry;
DIR *td;
- char fullpath[SQUID_MAXPATHLEN];
- char fullfilename[SQUID_MAXPATHLEN];
+ char fullpath[MAXPATHLEN];
+ char fullfilename[MAXPATHLEN];
struct _store_rebuild_data counts;
void *cbdata;
};
-#ifdef _USE_INLINE_
+#if _USE_INLINE_
#include "ufscommon.cci"
#endif
/*
* $Id$
*
- * DEBUG: section 9 File Transfer Protocol (FTP)
+ * DEBUG: section 09 File Transfer Protocol (FTP)
* AUTHOR: Harvest Derived
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
#include "squid.h"
#include "comm.h"
#include "comm/ListenStateData.h"
+#include "compat/strtoll.h"
#include "ConnectionDetail.h"
#include "errorpage.h"
#include "fde.h"
ctrl.last_command = ebuf;
+ if (!canSend(ctrl.fd)) {
+ debugs(9, 2, HERE << "cannot send to closing ctrl FD " << ctrl.fd);
+ // TODO: assert(ctrl.closer != NULL);
+ return;
+ }
+
typedef CommCbMemFunT<FtpStateData, CommIoCbParams> Dialer;
AsyncCall::Pointer call = asyncCall(9, 5, "FtpStateData::ftpWriteCommandCallback",
Dialer(this, &FtpStateData::ftpWriteCommandCallback));
char h1, h2, h3, h4;
int n;
u_short port;
- IpAddress ipa_remote;
+ Ip::Address ipa_remote;
int fd = ftpState->data.fd;
char *buf;
debugs(9, 3, HERE);
static void
ftpSendPassive(FtpStateData * ftpState)
{
- IpAddress addr;
+ Ip::Address addr;
struct addrinfo *AI = NULL;
/** Checks the server control channel is still available before running. */
int p1, p2;
int n;
u_short port;
- IpAddress ipa_remote;
+ Ip::Address ipa_remote;
int fd = ftpState->data.fd;
char *buf;
LOCAL_ARRAY(char, ipaddr, 1024);
ftpOpenListenSocket(FtpStateData * ftpState, int fallback)
{
int fd;
-
- IpAddress addr;
+ Ip::Address addr;
struct addrinfo *AI = NULL;
int on = 1;
int x = 0;
ftpSendPORT(FtpStateData * ftpState)
{
int fd;
-
- IpAddress ipa;
+ Ip::Address ipa;
struct addrinfo *AI = NULL;
unsigned char *addrptr;
unsigned char *portptr;
ftpSendEPRT(FtpStateData * ftpState)
{
int fd;
- IpAddress addr;
+ Ip::Address addr;
struct addrinfo *AI = NULL;
char buf[MAX_IPSTRLEN];
ftpState->flags.pasv_supported = 0;
fd = ftpOpenListenSocket(ftpState, 0);
- addr.InitAddrInfo(AI);
+ Ip::Address::InitAddrInfo(AI);
if (getsockname(fd, AI->ai_addr, &AI->ai_addrlen)) {
- addr.FreeAddrInfo(AI);
+ Ip::Address::FreeAddrInfo(AI);
debugs(9, DBG_CRITICAL, HERE << "getsockname(" << fd << ",..): " << xstrerror());
/* XXX Need to set error message */
ftpState->writeCommand(cbuf);
ftpState->state = SENT_EPRT;
- addr.FreeAddrInfo(AI);
+ Ip::Address::FreeAddrInfo(AI);
}
static void
entry->lock();
ErrorState *ferr = errorCon(ERR_DIR_LISTING, HTTP_OK, request);
ferr->ftp.listing = &listing;
- ferr->ftp.cwd_msg = xstrdup(cwd_message.termedBuf());
+ ferr->ftp.cwd_msg = xstrdup(cwd_message.size()? cwd_message.termedBuf() : "");
ferr->ftp.server_msg = ctrl.message;
ctrl.message = NULL;
entry->replaceHttpReply( ferr->BuildHttpReply() );
extern int theOutIcpConnection; /* -1 */
extern int DnsSocketA; /* -1 */
extern int DnsSocketB; /* -1 */
-#ifdef SQUID_SNMP
+#if SQUID_SNMP
extern int theInSnmpConnection; /* -1 */
extern int theOutSnmpConnection; /* -1 */
extern struct acl_deny_info_list *DenyInfoList; /* NULL */
-//MOVED:icp_v2.cc extern IpAddress theOutICPAddr;
-//MOVED:snmp_core.cc extern IpAddress theOutSNMPAddr;
-
extern struct timeval squid_start;
extern int starting_up; /* 1 */
extern int shutting_down; /* 0 */
if (hlp->cmdline == NULL)
return;
+ if (hlp->childs.concurrency)
+ debugs(84, 0, "ERROR: concurrency= is not yet supported for stateful helpers ('" << hlp->cmdline << "')");
+
char *progname = hlp->cmdline->key;
char *s;
}
if (srv->data != NULL)
- hlp->datapool->free(srv->data);
+ hlp->datapool->freeOne(srv->data);
cbdataReferenceDone(srv->parent);
#include "squid.h"
#include "cbdata.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
#include "HelperChildConfig.h"
class helper_request;
const char *id_name;
HelperChildConfig childs; ///< Configuration settings for number running.
int ipc_type;
- IpAddress addr;
+ Ip::Address addr;
time_t last_queue_warn;
time_t last_restart;
public:
int index;
int pid;
- IpAddress addr;
+ Ip::Address addr;
int rfd;
int wfd;
void *hIpc;
void checkHit();
void checkedHit(StoreEntry *e);
- void setFrom (IpAddress &from);
- void setDataHeader (htcpDataHeader *);
+ void setFrom(Ip::Address &from);
+ void setDataHeader(htcpDataHeader *);
char *method;
char *uri;
char *version;
private:
HttpRequest *checkHitRequest;
- IpAddress from; // was a ptr. return to such IFF needed. otherwise copy should do.
+ Ip::Address from; // was a ptr. return to such IFF needed. otherwise copy should do.
htcpDataHeader *dhdr;
};
static u_int32_t queried_id[N_QUERIED_KEYS];
static cache_key queried_keys[N_QUERIED_KEYS][SQUID_MD5_DIGEST_LENGTH];
-static IpAddress queried_addr[N_QUERIED_KEYS];
+static Ip::Address queried_addr[N_QUERIED_KEYS];
static MemAllocator *htcpDetailPool = NULL;
static int old_squid_format = 0;
static void htcpFreeSpecifier(htcpSpecifier * s);
static void htcpFreeDetail(htcpDetail * s);
-static void htcpHandleMsg(char *buf, int sz, IpAddress &from);
+static void htcpHandleMsg(char *buf, int sz, Ip::Address &from);
-static void htcpLogHtcp(IpAddress &, int, log_type, const char *);
-static void htcpHandleMon(htcpDataHeader *, char *buf, int sz, IpAddress &from);
+static void htcpLogHtcp(Ip::Address &, int, log_type, const char *);
+static void htcpHandleMon(htcpDataHeader *, char *buf, int sz, Ip::Address &from);
-static void htcpHandleNop(htcpDataHeader *, char *buf, int sz, IpAddress &from);
+static void htcpHandleNop(htcpDataHeader *, char *buf, int sz, Ip::Address &from);
-static void htcpHandleSet(htcpDataHeader *, char *buf, int sz, IpAddress &from);
+static void htcpHandleSet(htcpDataHeader *, char *buf, int sz, Ip::Address &from);
-static void htcpHandleTst(htcpDataHeader *, char *buf, int sz, IpAddress &from);
+static void htcpHandleTst(htcpDataHeader *, char *buf, int sz, Ip::Address &from);
static void htcpRecv(int fd, void *data);
-static void htcpSend(const char *buf, int len, IpAddress &to);
+static void htcpSend(const char *buf, int len, Ip::Address &to);
-static void htcpTstReply(htcpDataHeader *, StoreEntry *, htcpSpecifier *, IpAddress &);
+static void htcpTstReply(htcpDataHeader *, StoreEntry *, htcpSpecifier *, Ip::Address &);
-static void htcpHandleTstRequest(htcpDataHeader *, char *buf, int sz, IpAddress &from);
+static void htcpHandleTstRequest(htcpDataHeader *, char *buf, int sz, Ip::Address &from);
-static void htcpHandleTstResponse(htcpDataHeader *, char *, int, IpAddress &);
+static void htcpHandleTstResponse(htcpDataHeader *, char *, int, Ip::Address &);
static void
htcpHexdump(const char *tag, const char *s, int sz)
static void
-htcpSend(const char *buf, int len, IpAddress &to)
+htcpSend(const char *buf, int len, Ip::Address &to)
{
int x;
void
-htcpSpecifier::setFrom (IpAddress &aSocket)
+htcpSpecifier::setFrom(Ip::Address &aSocket)
{
from = aSocket;
}
void
-htcpSpecifier::setDataHeader (htcpDataHeader *aDataHeader)
+htcpSpecifier::setDataHeader(htcpDataHeader *aDataHeader)
{
dhdr = aDataHeader;
}
static void
htcpFreeDetail(htcpDetail * d)
{
- htcpDetailPool->free(d);
+ htcpDetailPool->freeOne(d);
}
/*
}
static int
-htcpAccessCheck(acl_access * acl, htcpSpecifier * s, IpAddress &from)
+htcpAccessCheck(acl_access * acl, htcpSpecifier * s, Ip::Address &from)
{
/* default deny if no access list present */
if (!acl)
}
static void
-htcpTstReply(htcpDataHeader * dhdr, StoreEntry * e, htcpSpecifier * spec, IpAddress &from)
+htcpTstReply(htcpDataHeader * dhdr, StoreEntry * e, htcpSpecifier * spec, Ip::Address &from)
{
htcpStuff stuff;
static char pkt[8192];
static void
-htcpClrReply(htcpDataHeader * dhdr, int purgeSucceeded, IpAddress &from)
+htcpClrReply(htcpDataHeader * dhdr, int purgeSucceeded, Ip::Address &from)
{
htcpStuff stuff;
static char pkt[8192];
static void
-htcpHandleNop(htcpDataHeader * hdr, char *buf, int sz, IpAddress &from)
+htcpHandleNop(htcpDataHeader * hdr, char *buf, int sz, Ip::Address &from)
{
debugs(31, 3, "htcpHandleNop: Unimplemented");
}
static void
-htcpHandleTst(htcpDataHeader * hdr, char *buf, int sz, IpAddress &from)
+htcpHandleTst(htcpDataHeader * hdr, char *buf, int sz, Ip::Address &from)
{
debugs(31, 3, "htcpHandleTst: sz = " << sz);
static void
-htcpHandleTstResponse(htcpDataHeader * hdr, char *buf, int sz, IpAddress &from)
+htcpHandleTstResponse(htcpDataHeader * hdr, char *buf, int sz, Ip::Address &from)
{
htcpReplyData htcpReply;
cache_key *key = NULL;
- IpAddress *peer;
+ Ip::Address *peer;
htcpDetail *d = NULL;
char *t;
static void
-htcpHandleTstRequest(htcpDataHeader * dhdr, char *buf, int sz, IpAddress &from)
+htcpHandleTstRequest(htcpDataHeader * dhdr, char *buf, int sz, Ip::Address &from)
{
/* buf should be a SPECIFIER */
htcpSpecifier *s;
static void
-htcpHandleMon(htcpDataHeader * hdr, char *buf, int sz, IpAddress &from)
+htcpHandleMon(htcpDataHeader * hdr, char *buf, int sz, Ip::Address &from)
{
debugs(31, 3, "htcpHandleMon: Unimplemented");
}
static void
-htcpHandleSet(htcpDataHeader * hdr, char *buf, int sz, IpAddress &from)
+htcpHandleSet(htcpDataHeader * hdr, char *buf, int sz, Ip::Address &from)
{
debugs(31, 3, "htcpHandleSet: Unimplemented");
}
static void
-htcpHandleClr(htcpDataHeader * hdr, char *buf, int sz, IpAddress &from)
+htcpHandleClr(htcpDataHeader * hdr, char *buf, int sz, Ip::Address &from)
{
htcpSpecifier *s;
/* buf[0/1] is reserved and reason */
* hands it off to other functions to break apart message-specific data.
*/
static void
-htcpHandleMsg(char *buf, int sz, IpAddress &from)
+htcpHandleMsg(char *buf, int sz, Ip::Address &from)
{
htcpHeader htcpHdr;
htcpDataHeader hdr;
{
static char buf[8192];
int len;
- static IpAddress from;
+ static Ip::Address from;
/* Receive up to 8191 bytes, leaving room for a null */
return;
}
- IpAddress incomingAddr = Config.Addrs.udp_incoming;
+ Ip::Address incomingAddr = Config.Addrs.udp_incoming;
incomingAddr.SetPort(Config.Port.htcp);
AsyncCall::Pointer call = asyncCall(31, 2,
Ipc::fdnInHtcpSocket, call);
if (!Config.Addrs.udp_outgoing.IsNoAddr()) {
- IpAddress outgoingAddr = Config.Addrs.udp_outgoing;
+ Ip::Address outgoingAddr = Config.Addrs.udp_outgoing;
outgoingAddr.SetPort(Config.Port.htcp);
enter_suid();
}
static void
-htcpLogHtcp(IpAddress &caddr, int opcode, log_type logcode, const char *url)
+htcpLogHtcp(Ip::Address &caddr, int opcode, log_type logcode, const char *url)
{
AccessLogEntry al;
if (LOG_TAG_NONE == logcode)
#include "HttpHeader.h"
-class IpAddress;
+#include "ip/forward.h"
/// \ingroup ServerProtocolHTCP
class HtcpReplyData
typedef class HtcpReplyData htcpReplyData;
/// \ingroup ServerProtocolHTCP
-SQUIDCEXTERN void neighborsHtcpReply(const cache_key *, htcpReplyData *, const IpAddress &);
+SQUIDCEXTERN void neighborsHtcpReply(const cache_key *, htcpReplyData *, const Ip::Address &);
/// \ingroup ServerProtocolHTCP
SQUIDCEXTERN void htcpInit(void);
#include "acl/FilledChecklist.h"
#include "auth/UserRequest.h"
+#include "base/TextException.h"
#if DELAY_POOLS
#include "DelayPools.h"
#endif
#include "rfc1738.h"
#include "SquidTime.h"
#include "Store.h"
-#include "TextException.h"
#define SQUID_ENTER_THROWING_CODE() try {
* unless we know how to refresh it.
*/
- if (!refreshIsCachable(entry)) {
+ if (!refreshIsCachable(entry) && !REFRESH_OVERRIDE(store_stale)) {
debugs(22, 3, "refreshIsCachable() returned non-cacheable..");
return 0;
- }
-
- /* don't cache objects from peers w/o LMT, Date, or Expires */
- /* check that is it enough to check headers @?@ */
- if (rep->date > -1)
- return 1;
- else if (rep->last_modified > -1)
- return 1;
- else if (!_peer)
- return 1;
-
- /* @?@ (here and 302): invalid expires header compiles to squid_curtime */
- else if (rep->expires > -1)
+ } else
return 1;
- else
- return 0;
/* NOTREACHED */
break;
HttpStateData::processReplyHeader()
{
/** Creates a blank header. If this routine is made incremental, this will not do */
+
+ /* NP: all exit points to this function MUST call ctx_exit(ctx) */
Ctx ctx = ctx_enter(entry->mem_obj->url);
+
debugs(11, 3, "processReplyHeader: key '" << entry->getMD5Text() << "'");
assert(!flags.headers_parsed);
+ if (!readBuf->hasContent()) {
+ ctx_exit(ctx);
+ return;
+ }
+
http_status error = HTTP_STATUS_NONE;
HttpReply *newrep = new HttpReply;
if (!parsed && error > 0) { // unrecoverable parsing error
debugs(11, 3, "processReplyHeader: Non-HTTP-compliant header: '" << readBuf->content() << "'");
flags.headers_parsed = 1;
- newrep->sline.version = HttpVersion(1,0);
+ newrep->sline.version = HttpVersion(1,1);
newrep->sline.status = error;
HttpReply *vrep = setVirginReply(newrep);
entry->replaceHttpReply(vrep);
readBuf->consume(header_bytes_read);
}
+ /* Skip 1xx messages for now. Advertised in Via as an internal 1.0 hop */
+ if (newrep->sline.protocol == PROTO_HTTP && newrep->sline.status >= 100 && newrep->sline.status < 200) {
+
+#if WHEN_HTTP11_EXPECT_HANDLED
+ /* When HTTP/1.1 check if the client is expecting a 1xx reply and maybe pass it on */
+ if (orig_request->header.has(HDR_EXPECT)) {
+ // TODO: pass to the client anyway?
+ }
+#endif
+ delete newrep;
+ debugs(11, 2, HERE << "1xx headers consume " << header_bytes_read << " bytes header.");
+ header_bytes_read = 0;
+ if (reply_bytes_read > 0)
+ debugs(11, 2, HERE << "1xx headers consume " << reply_bytes_read << " bytes reply.");
+ reply_bytes_read = 0;
+ ctx_exit(ctx);
+ processReplyHeader();
+ return;
+ }
+
flags.chunked = 0;
if (newrep->sline.protocol == PROTO_HTTP && newrep->header.hasListMember(HDR_TRANSFER_ENCODING, "chunked", ',')) {
flags.chunked = 1;
orig_request->hier.peer_reply_status = newrep->sline.status;
ctx_exit(ctx);
-
}
/**
if (len == 0) { // reached EOF?
eof = 1;
flags.do_next_read = 0;
+
+ /* Bug 2879: Replies may terminate with \r\n then EOF instead of \r\n\r\n
+ * Ensure here that we have at minimum two \r\n when EOF is seen.
+ * TODO: Add eof parameter to headersEnd() and move this hack there.
+ */
+ if (readBuf->contentSize() && !flags.headers_parsed) {
+ /*
+ * Yes Henrik, there is a point to doing this. When we
+ * called httpProcessReplyHeader() before, we didn't find
+ * the end of headers, but now we are definately at EOF, so
+ * we want to process the reply headers.
+ */
+ /* Fake an "end-of-headers" to work around such broken servers */
+ readBuf->append("\r\n", 2);
+ }
}
if (!flags.headers_parsed) { // have not parsed headers yet?
debugs(11, DBG_IMPORTANT, "WARNING: HTTP: Invalid Response: Headers did not parse at all for " << entry->url() << " AKA " << orig_request->GetHost() << orig_request->urlpath.termedBuf() );
} else {
error = ERR_ZERO_SIZE_OBJECT;
- debugs(11, DBG_IMPORTANT, "WARNING: HTTP: Invalid Response: No object data received for " << entry->url() << " AKA " << orig_request->GetHost() << orig_request->urlpath.termedBuf() );
+ debugs(11, (orig_request->flags.accelerated?DBG_IMPORTANT:2), "WARNING: HTTP: Invalid Response: No object data received for " <<
+ entry->url() << " AKA " << orig_request->GetHost() << orig_request->urlpath.termedBuf() );
}
}
HttpStateData::processReplyBody()
{
AsyncCall::Pointer call;
- IpAddress client_addr;
+ Ip::Address client_addr;
bool ispinned = false;
if (!flags.headers_parsed) {
if (orig_request->extacl_user.size())
username = orig_request->extacl_user.termedBuf();
- else if (orig_request->auth_user_request)
+ else if (orig_request->auth_user_request != NULL)
username = orig_request->auth_user_request->username();
snprintf(loginbuf, sizeof(loginbuf), "%s%s", username, orig_request->peer_login + 1);
* the server and fetch only the requested content)
*/
+ int64_t roffLimit = orig_request->getRangeOffsetLimit();
+
if (NULL == orig_request->range || !orig_request->flags.cachable
- || orig_request->range->offsetLimitExceeded() || orig_request->flags.connection_auth)
+ || orig_request->range->offsetLimitExceeded(roffLimit) || orig_request->flags.connection_auth)
result = false;
debugs(11, 8, "decideIfWeDoRanges: range specs: " <<
http_state_flags stateFlags)
{
const int offset = mb->size;
- HttpVersion httpver(1,0);
+ HttpVersion httpver(1,1);
mb->Printf("%s %s HTTP/%d.%d\r\n",
RequestMethodStr(aRequest->method),
aRequest->urlpath.size() ? aRequest->urlpath.termedBuf() : "/",
MemBuf mb;
debugs(11, 5, "httpSendRequest: FD " << fd << ", request " << request << ", this " << this << ".");
+
+ if (!canSend(fd)) {
+ debugs(11,3, HERE << "cannot send request to closing FD " << fd);
+ assert(closeHandler != NULL);
+ return false;
+ }
+
typedef CommCbMemFunT<HttpStateData, CommTimeoutCbParams> TimeoutDialer;
AsyncCall::Pointer timeoutCall = asyncCall(11, 5, "HttpStateData::httpTimeout",
TimeoutDialer(this,&HttpStateData::httpTimeout));
sendComplete(io);
} else {
debugs(11, 2, "doneSendingRequestBody: matched brokenPosts");
+
+ if (!canSend(fd)) {
+ debugs(11,2, HERE << "cannot send CRLF to closing FD " << fd);
+ assert(closeHandler != NULL);
+ return;
+ }
+
typedef CommCbMemFunT<HttpStateData, CommIoCbParams> Dialer;
Dialer dialer(this, &HttpStateData::sendComplete);
AsyncCall::Pointer call= asyncCall(11,5, "HttpStateData::SendComplete", dialer);
deleteThis("HttpStateData::abortTransaction");
}
-#if DEAD_CODE
-void
-httpBuildVersion(HttpVersion * version, unsigned int major, unsigned int minor)
-{
- version->major = major;
- version->minor = minor;
-}
-#endif
-
HttpRequest *
HttpStateData::originalRequest()
{
}
void
-Icmp::Log(const IpAddress &addr, const u_int8_t type, const char* pkt_str, const int rtt, const int hops)
+Icmp::Log(const Ip::Address &addr, const u_int8_t type, const char* pkt_str, const int rtt, const int hops)
{
debugs(42, 2, "pingerLog: " << std::setw(9) << current_time.tv_sec <<
"." << std::setfill('0') << std::setw(6) <<
#define _INCLUDE_ICMP_H
#include "config.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
#define PINGER_PAYLOAD_SZ 8192
/* This is a line-data format struct. DO NOT alter. */
struct pingerEchoData {
- IpAddress to;
+ Ip::Address to;
unsigned char opcode;
int psize;
char payload[PINGER_PAYLOAD_SZ];
/* This is a line-data format struct. DO NOT alter. */
struct pingerReplyData {
- IpAddress from;
+ Ip::Address from;
unsigned char opcode;
int rtt;
int hops;
* Content longer than MAX_PAYLOAD will be truncated.
\param len Length of the payload in bytes if any is to be sent or 0.
*/
- virtual void SendEcho(IpAddress &to, int opcode, const char *payload=NULL, int len=0) =0;
+ virtual void SendEcho(Ip::Address &to, int opcode, const char *payload=NULL, int len=0) =0;
/// Handle ICMP responses.
virtual void Recv(void) =0;
int ipHops(int ttl);
/// Log the packet.
- void Log(const IpAddress &addr, const u_int8_t type, const char* pkt_str, const int rtt, const int hops);
+ void Log(const Ip::Address &addr, const u_int8_t type, const char* pkt_str, const int rtt, const int hops);
/* no use wasting memory */
int icmp_sock;
}
void
-Icmp4::SendEcho(IpAddress &to, int opcode, const char *payload, int len)
+Icmp4::SendEcho(Ip::Address &to, int opcode, const char *payload, int len)
{
int x;
LOCAL_ARRAY(char, pkt, MAX_PKT4_SZ);
#include "config.h"
#include "Icmp.h"
-#if HAVE_NETINET_IN_SYSTM_H
-#include <netinet/in_systm.h>
-#endif
#if HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
virtual int Open();
#if USE_ICMP
- virtual void SendEcho(IpAddress &, int, const char*, int);
+ virtual void SendEcho(Ip::Address &, int, const char*, int);
virtual void Recv(void);
#endif
};
* Generates an RFC 4443 Icmp6 ECHO Packet and sends into the network.
*/
void
-Icmp6::SendEcho(IpAddress &to, int opcode, const char *payload, int len)
+Icmp6::SendEcho(Ip::Address &to, int opcode, const char *payload, int len)
{
int x;
LOCAL_ARRAY(char, pkt, MAX_PKT6_SZ);
virtual int Open();
#if USE_ICMP
- virtual void SendEcho(IpAddress &, int, const char*, int);
+ virtual void SendEcho(Ip::Address &, int, const char*, int);
virtual void Recv(void);
#endif
};
/*
* $Id$
*
- * DEBUG: section 3 Configuration Settings
+ * DEBUG: section 03 Configuration Settings
* AUTHOR: Amos Jeffries
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
#include "config.h"
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-
/**
* Squid pinger Configuration settings
*
private:
// unused in IcmpPinger
- virtual void SendEcho(IpAddress &to, int opcode, const char *payload, int len) {};
+ virtual void SendEcho(Ip::Address &to, int opcode, const char *payload, int len) {};
/**
* Control channel(s) to squid.
#if USE_ICMP
void
-IcmpSquid::SendEcho(IpAddress &to, int opcode, const char *payload, int len)
+IcmpSquid::SendEcho(Ip::Address &to, int opcode, const char *payload, int len)
{
static pingerEchoData pecho;
int x, slen;
int n;
static int fail_count = 0;
pingerReplyData preply;
- static IpAddress F;
+ static Ip::Address F;
commSetSelect(icmp_sock, COMM_SELECT_READ, icmpSquidRecv, NULL, 0);
memset(&preply, '\0', sizeof(pingerReplyData));
#endif /* USE_ICMP */
void
-IcmpSquid::DomainPing(IpAddress &to, const char *domain)
+IcmpSquid::DomainPing(Ip::Address &to, const char *domain)
{
#if USE_ICMP
debugs(37, 4, HERE << "'" << domain << "' (" << to << ")");
const char *args[2];
int rfd;
int wfd;
- IpAddress localhost;
+ Ip::Address localhost;
/* User configured disabled. */
if (!Config.pinger.enable) {
virtual int Open();
virtual void Close();
- void DomainPing(IpAddress &to, const char *domain);
+ void DomainPing(Ip::Address &to, const char *domain);
#if USE_ICMP
- virtual void SendEcho(IpAddress &to, int opcode, const char* payload=NULL, int len=0);
+ virtual void SendEcho(Ip::Address &to, int opcode, const char* payload=NULL, int len=0);
virtual void Recv(void);
#endif
};
#include "forward.h"
#include "SquidTime.h"
#include "wordlist.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
#if USE_ICMP
#include "icmp/IcmpSquid.h"
static hash_table *addr_table = NULL;
static hash_table *host_table = NULL;
-IpAddress networkFromInaddr(const IpAddress &a);
+Ip::Address networkFromInaddr(const Ip::Address &a);
static void netdbRelease(netdbEntry * n);
-static void netdbHashInsert(netdbEntry * n, IpAddress &addr);
+static void netdbHashInsert(netdbEntry * n, Ip::Address &addr);
static void netdbHashDelete(const char *key);
static void netdbHostInsert(netdbEntry * n, const char *hostname);
static void netdbHostDelete(const net_db_name * x);
static wordlist *peer_names = NULL;
static void
-netdbHashInsert(netdbEntry * n, IpAddress &addr)
+netdbHashInsert(netdbEntry * n, Ip::Address &addr)
{
networkFromInaddr(addr).NtoA(n->network, MAX_IPSTRLEN);
n->hash.key = n->network;
}
static netdbEntry *
-netdbLookupAddr(const IpAddress &addr)
+netdbLookupAddr(const Ip::Address &addr)
{
netdbEntry *n;
char *key = new char[MAX_IPSTRLEN];
}
static netdbEntry *
-netdbAdd(IpAddress &addr)
+netdbAdd(Ip::Address &addr)
{
netdbEntry *n;
static void
netdbSendPing(const ipcache_addrs *ia, const DnsLookupDetails &, void *data)
{
- IpAddress addr;
+ Ip::Address addr;
char *hostname = NULL;
static_cast<generic_cbdata *>(data)->unwrap(&hostname);
netdbEntry *n;
xfree(hostname);
}
-IpAddress
-networkFromInaddr(const IpAddress &in)
+Ip::Address
+networkFromInaddr(const Ip::Address &in)
{
- IpAddress out;
+ Ip::Address out;
out = in;
#if USE_IPV6
netdbEntry *n;
netdbEntry N;
- IpAddress addr;
+ Ip::Address addr;
int count = 0;
struct timeval start = current_time;
static void
netdbExchangeHandleReply(void *data, StoreIOBuffer receivedData)
{
- IpAddress addr;
+ Ip::Address addr;
netdbExchangeState *ex = (netdbExchangeState *)data;
int rec_sz = 0;
}
void
-netdbHandlePingReply(const IpAddress &from, int hops, int rtt)
+netdbHandlePingReply(const Ip::Address &from, int hops, int rtt)
{
#if USE_ICMP
netdbEntry *n;
#if 0 // AYJ: Looks to be unused code.
int
-netdbHops(IpAddress &addr)
+netdbHops(Ip::Address &addr)
{
#if USE_ICMP
netdbEntry *n = netdbLookupAddr(addr);
}
void
-netdbExchangeUpdatePeer(IpAddress &addr, peer * e, double rtt, double hops)
+netdbExchangeUpdatePeer(Ip::Address &addr, peer * e, double rtt, double hops)
{
#if USE_ICMP
netdbEntry *n;
}
void
-netdbDeleteAddrNetwork(IpAddress &addr)
+netdbDeleteAddrNetwork(Ip::Address &addr)
{
#if USE_ICMP
netdbEntry *n = netdbLookupAddr(addr);
HttpReply *reply = new HttpReply;
#if USE_ICMP
- IpAddress addr;
+ Ip::Address addr;
netdbEntry *n;
int i;
HTTPMSGLOCK(ex->r);
assert(NULL != ex->r);
- ex->r->http_ver = HttpVersion(1,0);
+ ex->r->http_ver = HttpVersion(1,1);
ex->connstate = STATE_HEADER;
ex->e = storeCreateEntry(uri, uri, request_flags(), METHOD_GET);
ex->buf_sz = NETDB_REQBUF_SZ;
#include "config.h"
-class IpAddress;
+namespace Ip
+{
+class Address;
+};
+
class StoreEntry;
class HttpRequest;
SQUIDCEXTERN void netdbInit(void);
-SQUIDCEXTERN void netdbHandlePingReply(const IpAddress &from, int hops, int rtt);
+SQUIDCEXTERN void netdbHandlePingReply(const Ip::Address &from, int hops, int rtt);
SQUIDCEXTERN void netdbPingSite(const char *hostname);
SQUIDCEXTERN void netdbDump(StoreEntry *);
-#if 0 // AYJ: Looks to be unused now.
-SQUIDCEXTERN int netdbHops(IpAddress &);
-#endif
-
SQUIDCEXTERN void netdbFreeMemory(void);
SQUIDCEXTERN int netdbHostHops(const char *host);
SQUIDCEXTERN int netdbHostRtt(const char *host);
SQUIDCEXTERN void netdbUpdatePeer(HttpRequest *, peer * e, int rtt, int hops);
-SQUIDCEXTERN void netdbDeleteAddrNetwork(IpAddress &addr);
+SQUIDCEXTERN void netdbDeleteAddrNetwork(Ip::Address &addr);
SQUIDCEXTERN void netdbBinaryExchange(StoreEntry *);
SQUIDCEXTERN void netdbExchangeStart(void *);
-SQUIDCEXTERN void netdbExchangeUpdatePeer(IpAddress &, peer *, double, double);
+SQUIDCEXTERN void netdbExchangeUpdatePeer(Ip::Address &, peer *, double, double);
SQUIDCEXTERN peer *netdbClosestParent(HttpRequest *);
SQUIDCEXTERN void netdbHostData(const char *host, int *samp, int *rtt, int *hops);
#ifndef SQUID_SRC_TEST_URL_H
#define SQUID_SRC_TEST_URL_H
+#define SQUID_UNIT_TEST 1
+
#include "Icmp.h"
#include <cppunit/extensions/HelperMacros.h>
virtual void Close() {};
/// Construct ECHO request
- virtual void SendEcho(IpAddress &to, int opcode, const char *payload, int len) {};
+ virtual void SendEcho(Ip::Address &to, int opcode, const char *payload, int len) {};
/// Handle ICMP responses.
virtual void Recv(void) {};
#include "SquidTime.h"
#include "SwapDir.h"
#include "icmp/net_db.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
#include "ipc/StartListening.h"
#include "rfc1738.h"
public Ipc::StartListeningCb
{
public:
- typedef void (*Handler)(int fd, int errNo, IpAddress& addr);
- IcpListeningStartedDialer(Handler aHandler, IpAddress& anAddr):
+ typedef void (*Handler)(int fd, int errNo, Ip::Address& addr);
+ IcpListeningStartedDialer(Handler aHandler, Ip::Address& anAddr):
handler(aHandler), addr(anAddr) {}
virtual void print(std::ostream &os) const {
public:
Handler handler;
- IpAddress addr;
+ Ip::Address addr;
};
-static void icpIncomingConnectionOpened(int fd, int errNo, IpAddress& addr);
+static void icpIncomingConnectionOpened(int fd, int errNo, Ip::Address& addr);
/// \ingroup ServerProtocolICPInternal2
-static void icpLogIcp(const IpAddress &, log_type, int, const char *, int);
+static void icpLogIcp(const Ip::Address &, log_type, int, const char *, int);
/// \ingroup ServerProtocolICPInternal2
-static void icpHandleIcpV2(int, IpAddress &, char *, int);
+static void icpHandleIcpV2(int, Ip::Address &, char *, int);
/// \ingroup ServerProtocolICPInternal2
static void icpCount(void *, int, size_t, int);
static icpUdpData *IcpQueueTail = NULL;
/// \ingroup ServerProtocolICPInternal2
-IpAddress theOutICPAddr;
+Ip::Address theOutICPAddr;
/* icp_common_t */
_icp_common_t::_icp_common_t() : opcode(ICP_INVALID), version(0), length(0), reqnum(0), flags(0), pad(0), shostid(0)
/// \ingroup ServerProtocolICPInternal2
static void
-icpLogIcp(const IpAddress &caddr, log_type logcode, int len, const char *url, int delay)
+icpLogIcp(const Ip::Address &caddr, log_type logcode, int len, const char *url, int delay)
{
AccessLogEntry al;
int
icpUdpSend(int fd,
- const IpAddress &to,
+ const Ip::Address &to,
icp_common_t * msg,
log_type logcode,
int delay)
}
void
-icpCreateAndSend(icp_opcode opcode, int flags, char const *url, int reqnum, int pad, int fd, const IpAddress &from)
+icpCreateAndSend(icp_opcode opcode, int flags, char const *url, int reqnum, int pad, int fd, const Ip::Address &from)
{
icp_common_t *reply = _icp_common_t::createMessage(opcode, flags, url, reqnum, pad);
icpUdpSend(fd, from, reply, icpLogFromICPCode(opcode), 0);
}
void
-icpDenyAccess(IpAddress &from, char *url, int reqnum, int fd)
+icpDenyAccess(Ip::Address &from, char *url, int reqnum, int fd)
{
debugs(12, 2, "icpDenyAccess: Access Denied for " << from << " by " << AclMatchedName << ".");
}
int
-icpAccessAllowed(IpAddress &from, HttpRequest * icp_request)
+icpAccessAllowed(Ip::Address &from, HttpRequest * icp_request)
{
/* absent an explicit allow, we deny all */
if (!Config.accessList.icp)
}
HttpRequest *
-icpGetRequest(char *url, int reqnum, int fd, IpAddress &from)
+icpGetRequest(char *url, int reqnum, int fd, Ip::Address &from)
{
if (strpbrk(url, w_space)) {
url = rfc1738_escape(url);
}
static void
-doV2Query(int fd, IpAddress &from, char *buf, icp_common_t header)
+doV2Query(int fd, Ip::Address &from, char *buf, icp_common_t header)
{
int rtt = 0;
int src_rtt = 0;
}
void
-_icp_common_t::handleReply(char *buf, IpAddress &from)
+_icp_common_t::handleReply(char *buf, Ip::Address &from)
{
if (neighbors_do_private_keys && reqnum == 0) {
debugs(12, 0, "icpHandleIcpV2: Neighbor " << from << " returned reqnum = 0");
}
static void
-icpHandleIcpV2(int fd, IpAddress &from, char *buf, int len)
+icpHandleIcpV2(int fd, Ip::Address &from, char *buf, int len)
{
if (len <= 0) {
debugs(12, 3, "icpHandleIcpV2: ICP message is too small");
static void
icpPktDump(icp_common_t * pkt)
{
-
- IpAddress a;
+ Ip::Address a;
debugs(12, 9, "opcode: " << std::setw(3) << pkt->opcode << " " << icp_opcode_str[pkt->opcode]);
debugs(12, 9, "version: "<< std::left << std::setw(8) << pkt->version);
{
int *N = &incoming_sockets_accepted;
- IpAddress from;
+ Ip::Address from;
LOCAL_ARRAY(char, buf, SQUID_UDP_SO_RCVBUF);
int len;
int icp_version;
icpConnectionsOpen(void)
{
u_int16_t port;
-
- IpAddress addr;
+ Ip::Address addr;
struct addrinfo *xai = NULL;
int x;
}
static void
-icpIncomingConnectionOpened(int fd, int errNo, IpAddress& addr)
+icpIncomingConnectionOpened(int fd, int errNo, Ip::Address& addr)
{
theInIcpConnection = fd;
/// \ingroup ServerProtocolICPInternal3
static void
-doV3Query(int fd, IpAddress &from, char *buf, icp_common_t header)
+doV3Query(int fd, Ip::Address &from, char *buf, icp_common_t header)
{
/* We have a valid packet */
char *url = buf + sizeof(icp_common_t) + sizeof(u_int32_t);
/// \ingroup ServerProtocolICPInternal3
/* Currently Harvest cached-2.x uses ICP_VERSION_3 */
void
-icpHandleIcpV3(int fd, IpAddress&from, char *buf, int len)
+icpHandleIcpV3(int fd, Ip::Address &from, char *buf, int len)
{
if (len <= 0) {
debugs(12, 3, "icpHandleIcpV3: ICP message is too small");
hash_link hash; /* must be first */
int fd; /* IDENT fd */
- IpAddress me;
-
- IpAddress my_peer;
+ Ip::Address me;
+ Ip::Address my_peer;
IdentClient *clients;
char buf[4096];
} IdentStateData;
* start a TCP connection to the peer host on port 113
*/
void
-Ident::Start(IpAddress &me, IpAddress &my_peer, IDCB * callback, void *data)
+Ident::Start(Ip::Address &me, Ip::Address &my_peer, IDCB * callback, void *data)
{
IdentStateData *state;
int fd;
return;
}
- IpAddress addr = me;
+ Ip::Address addr = me;
addr.SetPort(0); // NP: use random port for secure outbound to IDENT_PORT
fd = comm_open_listener(SOCK_STREAM,
#include "cbdata.h"
-class IpAddress;
+#include "ip/forward.h"
namespace Ident
{
* Self-registers with a global ident lookup manager,
* will call Ident::Init() itself if the manager has not been initialized already.
*/
-void Start(IpAddress &me, IpAddress &my_peer, IDCB * callback, void *cbdata);
+void Start(Ip::Address &me, Ip::Address &my_peer, IDCB * callback, void *cbdata);
/**
\ingroup IdentAPI
#if USE_IPV6
/* check for an IP address and format appropriately if found */
- IpAddress test = lc_host;
+ Ip::Address test = lc_host;
if ( !test.IsAnyAddr() ) {
test.ToHostname(lc_host,SQUIDHOSTNAMELEN);
}
* domains
*/
+#if USE_IPV6
+ /* For IPV6 addresses also check for a colon */
+ if (Config.appendDomain && !strchr(lc_host, '.') && !strchr(lc_host, ':'))
+#else
if (Config.appendDomain && !strchr(lc_host, '.'))
+#endif
strncat(lc_host, Config.appendDomain, SQUIDHOSTNAMELEN -
strlen(lc_host) - 1);
LOCAL_ARRAY(char, host, SQUIDHOSTNAMELEN + 1);
xstrncpy(host, getMyHostname(), SQUIDHOSTNAMELEN);
+#if USE_IPV6
+ /* For IPV6 addresses also check for a colon */
+ if (Config.appendDomain && !strchr(host, '.') && !strchr(host, ':'))
+#else
if (Config.appendDomain && !strchr(host, '.'))
+#endif
strncat(host, Config.appendDomain, SQUIDHOSTNAMELEN -
strlen(host) - 1);
/*
- * DEBUG: section 14 IP Storage and Handling
+ * DEBUG: section 14 IP Storage and Handling
* AUTHOR: Amos Jeffries
*
* SQUID Internet Object Cache http://squid.nlanr.net/Squid/
* developed and/or copyrighted by other sources. Please see the
* CREDITS file for full details.
*
- * This IpAddress code is copyright (C) 2007 by Treehouse Networks Ltd
+ * This Ip::Address code is copyright (C) 2007 by Treehouse Networks Ltd
* of New Zealand. It is published and Lisenced as an extension of
* squid under the same conditions as the main squid application.
*
*/
#include "config.h"
+#include "compat/inet_ntop.h"
+#include "compat/getaddrinfo.h"
#include "Debug.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
#include "util.h"
-
#if HAVE_ASSERT_H
#include <assert.h>
#endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
#if HAVE_STRING_H
#include <string.h>
#endif
#if HAVE_ARPA_INET_H
-#include <arpa/inet.h> /* inet_ntoa() */
+/* for inet_ntoa() */
+#include <arpa/inet.h>
#endif
#ifdef INET6
#if USE_IPV6
#define IASSERT(a,b) \
if(!(b)){ printf("assert \"%s\" at line %d\n", a, __LINE__); \
- printf("IpAddress invalid? with IsIPv4()=%c, IsIPv6()=%c\n",(IsIPv4()?'T':'F'),(IsIPv6()?'T':'F')); \
+ printf("Ip::Address invalid? with IsIPv4()=%c, IsIPv6()=%c\n",(IsIPv4()?'T':'F'),(IsIPv6()?'T':'F')); \
printf("ADDRESS:"); \
for(unsigned int i = 0; i < sizeof(m_SocketAddr.sin6_addr); i++) { \
printf(" %x", m_SocketAddr.sin6_addr.s6_addr[i]); \
#else
#define IASSERT(a,b) \
if(!(b)){ printf("assert \"%s\" at line %d\n", a, __LINE__); \
- printf("IpAddress invalid? with IsIPv4()=%c, IsIPv6()=%c\n",(IsIPv4()?'T':'F'),(IsIPv6()?'T':'F')); \
+ printf("Ip::Address invalid? with IsIPv4()=%c, IsIPv6()=%c\n",(IsIPv4()?'T':'F'),(IsIPv6()?'T':'F')); \
printf("ADDRESS: %x\n", (unsigned int)m_SocketAddr.sin_addr.s_addr); \
assert(b); \
}
#endif
-IpAddress::IpAddress()
+Ip::Address::Address()
{
SetEmpty();
}
-IpAddress::~IpAddress()
+Ip::Address::~Address()
{
- memset(this,0,sizeof(IpAddress));
+ memset(this,0,sizeof(Ip::Address));
}
int
-IpAddress::GetCIDR() const
+Ip::Address::GetCIDR() const
{
uint8_t shift,byte;
uint8_t bit,caught;
return len;
}
-const int IpAddress::ApplyMask(IpAddress const &mask_addr)
+const int
+Ip::Address::ApplyMask(Ip::Address const &mask_addr)
{
uint32_t *p1 = (uint32_t*)(&m_SocketAddr.sin6_addr);
uint32_t const *p2 = (uint32_t const *)(&mask_addr.m_SocketAddr.sin6_addr);
p1[i] &= p2[i];
}
- /* we have found a situation where mask forms or destroys a IPv4 map. */
- check4Mapped();
-
return changes;
}
-bool IpAddress::ApplyMask(const unsigned int cidr, int mtype)
+bool
+Ip::Address::ApplyMask(const unsigned int cidr, int mtype)
{
uint8_t clearbits = 0;
uint8_t* p = NULL;
return true;
}
-bool IpAddress::IsSockAddr() const
+bool
+Ip::Address::IsSockAddr() const
{
return (m_SocketAddr.sin6_port != 0);
}
-bool IpAddress::IsIPv4() const
+bool
+Ip::Address::IsIPv4() const
{
#if USE_IPV6
return IsAnyAddr() || IsNoAddr() || IN6_IS_ADDR_V4MAPPED( &m_SocketAddr.sin6_addr );
#endif
}
-bool IpAddress::IsIPv6() const
+bool
+Ip::Address::IsIPv6() const
{
#if USE_IPV6
return IsAnyAddr() || IsNoAddr() || !IN6_IS_ADDR_V4MAPPED( &m_SocketAddr.sin6_addr );
#endif
}
-bool IpAddress::IsAnyAddr() const
+bool
+Ip::Address::IsAnyAddr() const
{
#if USE_IPV6
return IN6_IS_ADDR_UNSPECIFIED( &m_SocketAddr.sin6_addr );
}
/// NOTE: Does NOT clear the Port stored. Ony the Address and Type.
-void IpAddress::SetAnyAddr()
+void
+Ip::Address::SetAnyAddr()
{
#if USE_IPV6
memset(&m_SocketAddr.sin6_addr, 0, sizeof(struct in6_addr) );
#endif
}
-/// NOTE: completely empties the IpAddress structure. Address, Port, Type, everything.
-void IpAddress::SetEmpty()
+/// NOTE: completely empties the Ip::Address structure. Address, Port, Type, everything.
+void
+Ip::Address::SetEmpty()
{
memset(&m_SocketAddr, 0, sizeof(m_SocketAddr) );
}
#if USE_IPV6
-const struct in6_addr IpAddress::v4_localhost = {{{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+const struct in6_addr Ip::Address::v4_localhost = {{{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0xff, 0xff, 0x7f, 0x00, 0x00, 0x01 }}
};
-const struct in6_addr IpAddress::v4_anyaddr = {{{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+const struct in6_addr Ip::Address::v4_anyaddr = {{{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00 }}
};
-const struct in6_addr IpAddress::v6_noaddr = {{{ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+const struct in6_addr Ip::Address::v4_noaddr = {{{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }}
+};
+const struct in6_addr Ip::Address::v6_noaddr = {{{ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }}
};
#endif
-bool IpAddress::SetIPv4()
+bool
+Ip::Address::SetIPv4()
{
#if USE_IPV6
if ( IsLocalhost() ) {
#endif
}
-bool IpAddress::IsLocalhost() const
+bool
+Ip::Address::IsLocalhost() const
{
#if USE_IPV6
return IN6_IS_ADDR_LOOPBACK( &m_SocketAddr.sin6_addr ) || IN6_ARE_ADDR_EQUAL( &m_SocketAddr.sin6_addr, &v4_localhost );
#endif
}
-void IpAddress::SetLocalhost()
+void
+Ip::Address::SetLocalhost()
{
#if USE_IPV6
m_SocketAddr.sin6_addr = in6addr_loopback;
#endif
}
-bool IpAddress::IsSiteLocal6() const
+bool
+Ip::Address::IsSiteLocal6() const
{
#if USE_IPV6
return IN6_IS_ADDR_SITELOCAL( &m_SocketAddr.sin6_addr );
#endif
}
-bool IpAddress::IsSlaac() const
+bool
+Ip::Address::IsSlaac() const
{
#if USE_IPV6
return m_SocketAddr.sin6_addr.s6_addr[10] == htons(0xff) &&
#endif
}
-bool IpAddress::IsNoAddr() const
+bool
+Ip::Address::IsNoAddr() const
{
// IFF the address == 0xff..ff (all ones)
#if USE_IPV6
#endif
}
-void IpAddress::SetNoAddr()
+void
+Ip::Address::SetNoAddr()
{
#if USE_IPV6
memset(&m_SocketAddr.sin6_addr, 0xFF, sizeof(struct in6_addr) );
}
#if USE_IPV6
-
-bool IpAddress::GetReverseString6(char buf[MAX_IPSTRLEN], const struct in6_addr &dat) const
+bool
+Ip::Address::GetReverseString6(char buf[MAX_IPSTRLEN], const struct in6_addr &dat) const
{
char *p = buf;
unsigned char const *r = dat.s6_addr;
return true;
}
-
#endif
-bool IpAddress::GetReverseString4(char buf[MAX_IPSTRLEN], const struct in_addr &dat) const
+bool
+Ip::Address::GetReverseString4(char buf[MAX_IPSTRLEN], const struct in_addr &dat) const
{
unsigned int i = (unsigned int) ntohl(dat.s_addr);
snprintf(buf, 32, "%u.%u.%u.%u.in-addr.arpa.",
return true;
}
-bool IpAddress::GetReverseString(char buf[MAX_IPSTRLEN], int show_type) const
+bool
+Ip::Address::GetReverseString(char buf[MAX_IPSTRLEN], int show_type) const
{
if (show_type == AF_UNSPEC) {
return false;
}
-IpAddress& IpAddress::operator =(const IpAddress &s)
+Ip::Address&
+Ip::Address::operator =(const Ip::Address &s)
{
- memcpy(this, &s, sizeof(IpAddress));
+ memcpy(this, &s, sizeof(Ip::Address));
return *this;
};
-IpAddress::IpAddress(const char*s)
+Ip::Address::Address(const char*s)
{
SetEmpty();
operator=(s);
}
-bool IpAddress::operator =(const char* s)
+bool
+Ip::Address::operator =(const char* s)
{
return LookupHostIP(s, true);
}
-bool IpAddress::GetHostByName(const char* s)
+bool
+Ip::Address::GetHostByName(const char* s)
{
return LookupHostIP(s, false);
}
-bool IpAddress::LookupHostIP(const char *s, bool nodns)
+bool
+Ip::Address::LookupHostIP(const char *s, bool nodns)
{
int err = 0;
want.ai_family = AF_INET;
#endif
- if ( (err = xgetaddrinfo(s, NULL, &want, &res)) != 0) {
- debugs(14,3, HERE << "Given Bad IP '" << s << "': " << xgai_strerror(err) );
- /* free the memory xgetaddrinfo() dynamically allocated. */
+ if ( (err = getaddrinfo(s, NULL, &want, &res)) != 0) {
+ debugs(14,3, HERE << "Given Bad IP '" << s << "': " << gai_strerror(err) );
+ /* free the memory getaddrinfo() dynamically allocated. */
if (res) {
- xfreeaddrinfo(res);
+ freeaddrinfo(res);
res = NULL;
}
return false;
operator=(*res);
SetPort(port);
- /* free the memory xgetaddrinfo() dynamically allocated. */
- xfreeaddrinfo(res);
+ /* free the memory getaddrinfo() dynamically allocated. */
+ freeaddrinfo(res);
res = NULL;
return true;
}
-IpAddress::IpAddress(struct sockaddr_in const &s)
+Ip::Address::Address(struct sockaddr_in const &s)
{
SetEmpty();
operator=(s);
};
-IpAddress& IpAddress::operator =(struct sockaddr_in const &s)
+Ip::Address &
+Ip::Address::operator =(struct sockaddr_in const &s)
{
#if USE_IPV6
Map4to6((const in_addr)s.sin_addr, m_SocketAddr.sin6_addr);
memcpy(&m_SocketAddr, &s, sizeof(struct sockaddr_in));
#endif
- /* maintain stored family values properly */
- check4Mapped();
-
return *this;
};
-IpAddress& IpAddress::operator =(const struct sockaddr_storage &s)
+Ip::Address &
+Ip::Address::operator =(const struct sockaddr_storage &s)
{
#if USE_IPV6
/* some AF_* magic to tell socket types apart and what we need to do */
return *this;
};
-void IpAddress::check4Mapped()
-{
- // obsolete.
- // TODO use this NOW to set the sin6_family properly on exporting. not on import.
-}
-
#if USE_IPV6
-IpAddress::IpAddress(struct sockaddr_in6 const &s)
+Ip::Address::Address(struct sockaddr_in6 const &s)
{
SetEmpty();
operator=(s);
};
-IpAddress& IpAddress::operator =(struct sockaddr_in6 const &s)
+Ip::Address &
+Ip::Address::operator =(struct sockaddr_in6 const &s)
{
memcpy(&m_SocketAddr, &s, sizeof(struct sockaddr_in6));
- /* maintain address family properly */
- check4Mapped();
return *this;
};
-
#endif
-IpAddress::IpAddress(struct in_addr const &s)
+Ip::Address::Address(struct in_addr const &s)
{
SetEmpty();
operator=(s);
};
-IpAddress& IpAddress::operator =(struct in_addr const &s)
+Ip::Address &
+Ip::Address::operator =(struct in_addr const &s)
{
#if USE_IPV6
Map4to6((const in_addr)s, m_SocketAddr.sin6_addr);
memcpy(&m_SocketAddr.sin_addr, &s, sizeof(struct in_addr));
#endif
-
- /* maintain stored family type properly */
- check4Mapped();
-
return *this;
};
#if USE_IPV6
-
-IpAddress::IpAddress(struct in6_addr const &s)
+Ip::Address::Address(struct in6_addr const &s)
{
SetEmpty();
operator=(s);
};
-IpAddress& IpAddress::operator =(struct in6_addr const &s)
+Ip::Address &
+Ip::Address::operator =(struct in6_addr const &s)
{
memcpy(&m_SocketAddr.sin6_addr, &s, sizeof(struct in6_addr));
m_SocketAddr.sin6_family = AF_INET6;
- /* maintain address family type properly */
- check4Mapped();
-
return *this;
};
-
#endif
-IpAddress::IpAddress(const IpAddress &s)
+Ip::Address::Address(const Ip::Address &s)
{
SetEmpty();
operator=(s);
}
-IpAddress::IpAddress(IpAddress *s)
+Ip::Address::Address(Ip::Address *s)
{
SetEmpty();
if (s)
- memcpy(this, s, sizeof(IpAddress));
+ memcpy(this, s, sizeof(Ip::Address));
}
-IpAddress::IpAddress(const struct hostent &s)
+Ip::Address::Address(const struct hostent &s)
{
SetEmpty();
operator=(s);
}
-bool IpAddress::operator =(const struct hostent &s)
+bool
+Ip::Address::operator =(const struct hostent &s)
{
struct in_addr* ipv4 = NULL;
return true;
}
-IpAddress::IpAddress(const struct addrinfo &s)
+Ip::Address::Address(const struct addrinfo &s)
{
SetEmpty();
operator=(s);
}
-bool IpAddress::operator =(const struct addrinfo &s)
+bool
+Ip::Address::operator =(const struct addrinfo &s)
{
struct sockaddr_in* ipv4 = NULL;
return true;
}
-void IpAddress::GetAddrInfo(struct addrinfo *&dst, int force) const
+void
+Ip::Address::GetAddrInfo(struct addrinfo *&dst, int force) const
{
if (dst == NULL) {
dst = new addrinfo;
}
}
-void IpAddress::InitAddrInfo(struct addrinfo *&ai) const
+void
+Ip::Address::InitAddrInfo(struct addrinfo *&ai)
{
if (ai == NULL) {
ai = new addrinfo;
}
-void IpAddress::FreeAddrInfo(struct addrinfo *&ai) const
+void
+Ip::Address::FreeAddrInfo(struct addrinfo *&ai)
{
if (ai == NULL) return;
ai = NULL;
}
-int IpAddress::matchIPAddr(const IpAddress &rhs) const
+int
+Ip::Address::matchIPAddr(const Ip::Address &rhs) const
{
#if USE_IPV6
uint8_t *l = (uint8_t*)m_SocketAddr.sin6_addr.s6_addr;
return 0;
}
-int IpAddress::compareWhole(const IpAddress &rhs) const
+int
+Ip::Address::compareWhole(const Ip::Address &rhs) const
{
return memcmp(this, &rhs, sizeof(*this));
}
-bool IpAddress::operator ==(const IpAddress &s) const
+bool
+Ip::Address::operator ==(const Ip::Address &s) const
{
return (0 == matchIPAddr(s));
}
-bool IpAddress::operator !=(const IpAddress &s) const
+bool
+Ip::Address::operator !=(const Ip::Address &s) const
{
return ! ( operator==(s) );
}
-bool IpAddress::operator <=(const IpAddress &rhs) const
+bool
+Ip::Address::operator <=(const Ip::Address &rhs) const
{
if (IsAnyAddr() && !rhs.IsAnyAddr())
return true;
return (matchIPAddr(rhs) <= 0);
}
-bool IpAddress::operator >=(const IpAddress &rhs) const
+bool
+Ip::Address::operator >=(const Ip::Address &rhs) const
{
if (IsNoAddr() && !rhs.IsNoAddr())
return true;
return ( matchIPAddr(rhs) >= 0);
}
-bool IpAddress::operator >(const IpAddress &rhs) const
+bool
+Ip::Address::operator >(const Ip::Address &rhs) const
{
if (IsNoAddr() && !rhs.IsNoAddr())
return true;
return ( matchIPAddr(rhs) > 0);
}
-bool IpAddress::operator <(const IpAddress &rhs) const
+bool
+Ip::Address::operator <(const Ip::Address &rhs) const
{
- if (IsNoAddr() && !rhs.IsNoAddr())
+ if (IsAnyAddr() && !rhs.IsAnyAddr())
return true;
return ( matchIPAddr(rhs) < 0);
}
-u_short IpAddress::GetPort() const
+u_short
+Ip::Address::GetPort() const
{
return ntohs( m_SocketAddr.sin6_port );
}
-u_short IpAddress::SetPort(u_short prt)
+u_short
+Ip::Address::SetPort(u_short prt)
{
m_SocketAddr.sin6_port = htons(prt);
*
* A copy of the buffer is also returned for simple immediate display.
*/
-char* IpAddress::NtoA(char* buf, const unsigned int blen, int force) const
+char *
+Ip::Address::NtoA(char* buf, const unsigned int blen, int force) const
{
// Ensure we have a buffer.
if (buf == NULL) {
#if USE_IPV6
if ( force == AF_INET6 || (force == AF_UNSPEC && IsIPv6()) ) {
- xinet_ntop(AF_INET6, &m_SocketAddr.sin6_addr, buf, blen);
+ inet_ntop(AF_INET6, &m_SocketAddr.sin6_addr, buf, blen);
} else if ( force == AF_INET || (force == AF_UNSPEC && IsIPv4()) ) {
struct in_addr tmp;
GetInAddr(tmp);
- xinet_ntop(AF_INET, &tmp, buf, blen);
+ inet_ntop(AF_INET, &tmp, buf, blen);
#else
if ( force == AF_UNSPEC || (force == AF_INET && IsIPv4()) ) {
- xinet_ntop(AF_INET, &m_SocketAddr.sin_addr, buf, blen);
+ inet_ntop(AF_INET, &m_SocketAddr.sin_addr, buf, blen);
#endif
} else {
debugs(14,0,"WARNING: Corrupt IP Address details OR required to display in unknown format (" <<
return buf;
}
-unsigned int IpAddress::ToHostname(char *buf, const unsigned int blen) const
+unsigned int
+Ip::Address::ToHostname(char *buf, const unsigned int blen) const
{
char *p = buf;
p++;
}
- /* 7 being space for [,], and port */
+ /* 8 being space for [ ] : and port digits */
if ( IsIPv6() )
- NtoA(p, blen-7, AF_INET6);
+ NtoA(p, blen-8, AF_INET6);
else
- NtoA(p, blen-7, AF_INET);
+ NtoA(p, blen-8, AF_INET);
// find the end of the new string
while (*p != '\0' && p < buf+blen)
return (p - buf);
}
-char* IpAddress::ToURL(char* buf, unsigned int blen) const
+char *
+Ip::Address::ToURL(char* buf, unsigned int blen) const
{
char *p = buf;
return buf;
}
-void IpAddress::GetSockAddr(struct sockaddr_storage &addr, const int family) const
+void
+Ip::Address::GetSockAddr(struct sockaddr_storage &addr, const int family) const
{
struct sockaddr_in *sin = NULL;
if ( family == AF_INET && !IsIPv4()) {
// FIXME INET6: caller using the wrong socket type!
- debugs(14, DBG_CRITICAL, HERE << "IpAddress::GetSockAddr : Cannot convert non-IPv4 to IPv4. from " << *this);
+ debugs(14, DBG_CRITICAL, HERE << "Ip::Address::GetSockAddr : Cannot convert non-IPv4 to IPv4. from " << *this);
assert(false);
}
#endif /* USE_IPV6 */
}
-void IpAddress::GetSockAddr(struct sockaddr_in &buf) const
+void
+Ip::Address::GetSockAddr(struct sockaddr_in &buf) const
{
#if USE_IPV6
buf.sin_port = m_SocketAddr.sin6_port;
Map6to4( m_SocketAddr.sin6_addr, buf.sin_addr);
} else {
- debugs(14, DBG_CRITICAL, HERE << "IpAddress::GetSockAddr : Cannot convert non-IPv4 to IPv4. from " << *this );
+ debugs(14, DBG_CRITICAL, HERE << "Ip::Address::GetSockAddr : Cannot convert non-IPv4 to IPv4. from " << *this );
memset(&buf,0xFFFFFFFF,sizeof(struct sockaddr_in));
assert(false);
}
#if USE_IPV6
-
-void IpAddress::GetSockAddr(struct sockaddr_in6 &buf) const
+void
+Ip::Address::GetSockAddr(struct sockaddr_in6 &buf) const
{
memcpy(&buf, &m_SocketAddr, sizeof(struct sockaddr_in6));
/* maintain address family. It may have changed inside us. */
buf.sin6_len = sizeof(struct sockaddr_in6);
#endif
}
-
#endif
#if USE_IPV6
-
-void IpAddress::Map4to6(const struct in_addr &in, struct in6_addr &out) const
+void
+Ip::Address::Map4to6(const struct in_addr &in, struct in6_addr &out) const
{
/* check for special cases */
if ( in.s_addr == 0x00000000) {
/* ANYADDR */
- memset(&out, 0, sizeof(struct in6_addr));
+ out = v4_anyaddr;
} else if ( in.s_addr == 0xFFFFFFFF) {
/* NOADDR */
- memset(&out, 255, sizeof(struct in6_addr));
+ out = v4_noaddr;
} else {
/* general */
- memset(&out, 0, sizeof(struct in6_addr));
- out.s6_addr[10] = 0xFF;
- out.s6_addr[11] = 0xFF;
+ out = v4_anyaddr;
out.s6_addr[12] = ((uint8_t *)&in.s_addr)[0];
out.s6_addr[13] = ((uint8_t *)&in.s_addr)[1];
out.s6_addr[14] = ((uint8_t *)&in.s_addr)[2];
}
}
-void IpAddress::Map6to4(const struct in6_addr &in, struct in_addr &out) const
+void
+Ip::Address::Map6to4(const struct in6_addr &in, struct in_addr &out) const
{
/* ANYADDR */
/* NOADDR */
((uint8_t *)&out.s_addr)[3] = in.s6_addr[15];
}
-#endif
-
-#if USE_IPV6
-void IpAddress::GetInAddr(in6_addr &buf) const
+void
+Ip::Address::GetInAddr(in6_addr &buf) const
{
memcpy(&buf, &m_SocketAddr.sin6_addr, sizeof(struct in6_addr));
}
-
#endif
-bool IpAddress::GetInAddr(struct in_addr &buf) const
+bool
+Ip::Address::GetInAddr(struct in_addr &buf) const
{
#if USE_IPV6
// default:
// non-compatible IPv6 Pure Address
- debugs(14,1, HERE << "IpAddress::GetInAddr : Cannot convert non-IPv4 to IPv4. IPA=" << *this);
+ debugs(14,1, HERE << "Ip::Address::GetInAddr : Cannot convert non-IPv4 to IPv4. IPA=" << *this);
memset(&buf,0xFFFFFFFF,sizeof(struct in_addr));
assert(false);
return false;
* developed and/or copyrighted by other sources. Please see the
* CREDITS file for full details.
*
- * This IpAddress code is copyright (C) 2007 by Treehouse Networks Ltd
+ * This Ip::Address code is copyright (C) 2007 by Treehouse Networks Ltd
* of New Zealand. It is published and Lisenced as an extension of
* squid under the same conditions as the main squid application.
*
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
*
*/
-#ifndef _INC_IPADDRESS_H
-#define _INC_IPADDRESS_H
-
-#include "getaddrinfo.h"
-#include "getnameinfo.h"
-#include "inet_ntop.h"
-#include "inet_pton.h"
+#ifndef _SQUID_IP_IPADDRESS_H
+#define _SQUID_IP_IPADDRESS_H
+#include "config.h"
#if HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#ifdef _SQUID_MSWIN_
#include <ws2tcpip.h>
#endif
-#if HAVE_NETDB_H && !defined(_SQUID_NETDB_H_) /* protect NEXTSTEP */
-#define _SQUID_NETDB_H_
-#ifdef _SQUID_NEXT_
-#include <netinet/in_systm.h>
-#endif
+#if HAVE_NETDB_H
#include <netdb.h>
#endif
#include <ostream>
#endif
+namespace Ip
+{
+
/* FreeBSD hack:
* This OS has at least one version that defines these as private
* kernel macros commented as being 'non-standard'.
/**
* Holds and manipulates IPv4, IPv6, and Socket Addresses.
*/
-class IpAddress
+class Address
{
public:
/** @name Constructors and Destructor */
/*@{*/
- IpAddress();
- IpAddress(const IpAddress &);
+ Address();
+ Address(const Address &);
/**
* This constructor takes its own copy of the object pointed to for memory-safe usage later.
\deprecated Use of pointers can be nasty. Consider this a last-resort.
* Prefer the by-reference (&) version instead.
*/
- IpAddress(IpAddress *);
+ Address(Address *);
- IpAddress(const struct in_addr &);
+ Address(const struct in_addr &);
- IpAddress(const struct sockaddr_in &);
+ Address(const struct sockaddr_in &);
#if USE_IPV6
- IpAddress(const struct in6_addr &);
+ Address(const struct in6_addr &);
- IpAddress(const struct sockaddr_in6 &);
+ Address(const struct sockaddr_in6 &);
#endif
- IpAddress(const struct hostent &);
- IpAddress(const struct addrinfo &);
- IpAddress(const char*);
+ Address(const struct hostent &);
+ Address(const struct addrinfo &);
+ Address(const char*);
/// Default destructor.
- ~IpAddress();
+ ~Address();
/*@}*/
/** @name Assignment Operators */
/*@{*/
- IpAddress& operator =(const IpAddress &s);
- IpAddress& operator =(struct sockaddr_in const &s);
- IpAddress& operator =(struct sockaddr_storage const &s);
- IpAddress& operator =(struct in_addr const &s);
+ Address& operator =(const Address &s);
+ Address& operator =(struct sockaddr_in const &s);
+ Address& operator =(struct sockaddr_storage const &s);
+ Address& operator =(struct in_addr const &s);
#if USE_IPV6
- IpAddress& operator =(struct in6_addr const &s);
- IpAddress& operator =(struct sockaddr_in6 const &s);
+ Address& operator =(struct in6_addr const &s);
+ Address& operator =(struct sockaddr_in6 const &s);
#endif
bool operator =(const struct hostent &s);
bool operator =(const struct addrinfo &s);
/** @name Boolean Operators */
/*@{*/
- bool operator ==(IpAddress const &s) const;
- bool operator !=(IpAddress const &s) const;
- bool operator >=(IpAddress const &rhs) const;
- bool operator <=(IpAddress const &rhs) const;
- bool operator >(IpAddress const &rhs) const;
- bool operator <(IpAddress const &rhs) const;
+ bool operator ==(Address const &s) const;
+ bool operator !=(Address const &s) const;
+ bool operator >=(Address const &rhs) const;
+ bool operator <=(Address const &rhs) const;
+ bool operator >(Address const &rhs) const;
+ bool operator <(Address const &rhs) const;
public:
/* methods */
bool IsSockAddr() const;
/** Content-neutral test for whether the specific IP case ANY_ADDR is stored.
- * This is the default content of a new undefined IpAddress object.
+ * This is the default content of a new undefined Ip::Address object.
\retval true IPv4 0.0.0.0
\retval true IPv6 ::
\retval false anything else.
bool IsNoAddr() const;
/** Content-neutral test for whether the specific IP case LOCALHOST is stored.
- * This is the default content of a new undefined IpAddress object.
+ * This is the default content of a new undefined Ip::Address object.
\retval true IPv4 127.0.0.1
\retval true IPv6 ::1
\retval false anything else.
/** Apply a mask to the stored address.
\param mask Netmask format to be bit-mask-AND'd over the stored address.
*/
- const int ApplyMask(const IpAddress &mask);
+ const int ApplyMask(const Address &mask);
/** Apply a mask to the stored address.
* CIDR will be converted appropriate to map the stored content.
\retval 1 IP rhs is greater (numerically) than that stored.
\retval -1 IP rhs is less (numerically) than that stored.
*/
- int matchIPAddr(const IpAddress &rhs) const;
+ int matchIPAddr(const Address &rhs) const;
/** Compare taking IP, port, protocol, etc. into account. Returns an
integer less than, equal to, or greater than zero if the object
is found, respectively, to be less than, to match, or to be greater
than rhs. The exact ordering algorithm is not specified and may change.
*/
- int compareWhole(const IpAddress &rhs) const;
+ int compareWhole(const Ip::Address &rhs) const;
/**
- * Get RFC 3493 addrinfo structure from the IpAddress data
+ * Get RFC 3493 addrinfo structure from the Ip::Address data
* for protocol-neutral socket operations.
* Should be passed a NULL pointer of type struct addrinfo* it will
* allocate memory for the structures involved. (see FreeAddrInfo to clear).
* Some situations may also require an actual call to the system getaddrinfo()
* to pull relevant OS details for the socket.
\par
- * IpAddress allocated objects MUST be destructed by IpAddress::FreeAddrInfo
+ * Ip::Address allocated objects MUST be destructed by Ip::Address::FreeAddrInfo
* System getaddrinfo() allocated objects MUST be freed with system freeaddrinfo()
\par
* Some OS require that IPv4 addresses are pre-mapped by the client.
#endif
/**
- * Equivalent to the sysem call freeaddrinfo() but for IpAddress allocated data
+ * Equivalent to the sysem call freeaddrinfo() but for Ip::Address allocated data
*/
- void FreeAddrInfo(struct addrinfo *&ai) const;
+ static void FreeAddrInfo(struct addrinfo *&ai);
/**
* Initializes an empty addrinfo properly for use.
* about to be changed and the stored details may not match the new ones coming.
\param ai addrinfo struct to be initialized as AF_UNSPEC with large address buffer
*/
- void InitAddrInfo(struct addrinfo *&ai) const;
+ static void InitAddrInfo(struct addrinfo *&ai);
/**
* Lookup a Host by Name. Equivalent to system call gethostbyname(char*)
*/
void GetSockAddr(struct sockaddr_storage &addr, const int family) const;
-
- /// \deprecated Deprecated for public use. Use IpAddress::GetAddrInfo()
void GetSockAddr(struct sockaddr_in &) const;
-
- /// \deprecated Deprecated for public use. Use IpAddress::GetAddrInfo()
bool GetInAddr(struct in_addr &) const; /* false if could not convert IPv6 down to IPv4 */
#if USE_IPV6
-
- /// \deprecated Deprecated for public use. Use IpAddress::GetAddrInfo()
void GetSockAddr(struct sockaddr_in6 &) const;
-
- /// \deprecated Deprecated for public use. Use IpAddress::GetAddrInfo()
void GetInAddr(struct in6_addr &) const;
#endif
bool GetReverseString4(char buf[MAX_IPSTRLEN], const struct in_addr &dat) const;
- void check4Mapped();
-
#if USE_IPV6
bool GetReverseString6(char buf[MAX_IPSTRLEN], const struct in6_addr &dat) const;
/* variables */
#if USE_IPV6
-
struct sockaddr_in6 m_SocketAddr;
#else
-
struct sockaddr_in m_SocketAddr;
#endif
static const unsigned int MAX_IP6_STRLEN = STRLEN_IP6R;
static const struct in6_addr v4_localhost;
static const struct in6_addr v4_anyaddr;
+ static const struct in6_addr v4_noaddr;
static const struct in6_addr v6_noaddr;
#endif
};
inline std::ostream &
-operator << (std::ostream &os, const IpAddress &ipa)
+operator << (std::ostream &os, const Address &ipa)
{
char buf[MAX_IPSTRLEN];
os << ipa.ToURL(buf,MAX_IPSTRLEN);
}
// WAS _sockaddr_in_list in an earlier incarnation
-class IpAddress_list
+class Address_list
{
public:
- IpAddress_list() { next = NULL; };
- ~IpAddress_list() { if (next) delete next; next = NULL; };
+ Address_list() { next = NULL; };
+ ~Address_list() { if (next) delete next; next = NULL; };
- IpAddress s;
- IpAddress_list *next;
+ Address s;
+ Address_list *next;
};
+}; // namespace Ip
+
+extern void parse_IpAddress_list_token(Ip::Address_list **, char *);
-#endif /* _INC_IPADDRESS_H */
+#endif /* _SQUID_IP_IPADDRESS_H */
*
*/
#include "config.h"
-#include "ip/IpIntercept.h"
+#include "ip/Intercept.h"
#include "fde.h"
#if IPF_TRANSPARENT
#endif /* IPF_TRANSPARENT required headers */
#if PF_TRANSPARENT
-#include <sys/types.h>
#include <sys/socket.h>
#include <sys/ioctl.h>
#include <sys/fcntl.h>
#endif /* PF_TRANSPARENT required headers */
#if LINUX_NETFILTER
-#include <linux/types.h>
#include <linux/netfilter_ipv4.h>
#endif
-#if LINUX_TPROXY2
-#if HAVE_LINUX_NETFILTER_IPV4_IP_TPROXY_H
-#include <linux/netfilter_ipv4/ip_tproxy.h>
-#else
-#error " TPROXY v2 Header file missing: linux/netfilter_ipv4/ip_tproxy.h. Perhapse you meant to use TPROXY v4 ? "
-#endif
-#endif
-
-
// single global instance for access by other components.
-IpIntercept IpInterceptor;
+Ip::Intercept Ip::Interceptor;
void
-IpIntercept::StopTransparency(const char *str)
+Ip::Intercept::StopTransparency(const char *str)
{
if (transparent_active) {
debugs(89, DBG_IMPORTANT, "Stopping full transparency: " << str);
}
void
-IpIntercept::StopInterception(const char *str)
+Ip::Intercept::StopInterception(const char *str)
{
if (intercept_active) {
debugs(89, DBG_IMPORTANT, "Stopping IP interception: " << str);
}
int
-IpIntercept::NetfilterInterception(int fd, const IpAddress &me, IpAddress &dst, int silent)
+Ip::Intercept::NetfilterInterception(int fd, const Ip::Address &me, Ip::Address &dst, int silent)
{
#if LINUX_NETFILTER
struct addrinfo *lookup = NULL;
dst = *lookup;
}
- dst.FreeAddrInfo(lookup);
+ Address::FreeAddrInfo(lookup);
if (me != dst) {
debugs(89, 5, HERE << "address NAT: me= " << me << ", dst= " << dst);
}
int
-IpIntercept::NetfilterTransparent(int fd, const IpAddress &me, IpAddress &client, int silent)
+Ip::Intercept::NetfilterTransparent(int fd, const Ip::Address &me, Ip::Address &client, int silent)
{
#if LINUX_NETFILTER
}
int
-IpIntercept::IpfwInterception(int fd, const IpAddress &me, IpAddress &dst, int silent)
+Ip::Intercept::IpfwInterception(int fd, const Ip::Address &me, Ip::Address &dst, int silent)
{
#if IPFW_TRANSPARENT
struct addrinfo *lookup = NULL;
dst = *lookup;
}
- dst.FreeAddrInfo(lookup);
+ Address::FreeAddrInfo(lookup);
if (me != dst) {
debugs(89, 5, HERE << "address NAT: me= " << me << ", dst= " << dst);
}
int
-IpIntercept::IpfInterception(int fd, const IpAddress &me, IpAddress &client, IpAddress &dst, int silent)
+Ip::Intercept::IpfInterception(int fd, const Ip::Address &me, Ip::Address &client, Ip::Address &dst, int silent)
{
#if IPF_TRANSPARENT /* --enable-ipf-transparent */
}
int
-IpIntercept::PfInterception(int fd, const IpAddress &me, IpAddress &client, IpAddress &dst, int silent)
+Ip::Intercept::PfInterception(int fd, const Ip::Address &me, Ip::Address &client, Ip::Address &dst, int silent)
{
#if PF_TRANSPARENT /* --enable-pf-transparent */
int
-IpIntercept::NatLookup(int fd, const IpAddress &me, const IpAddress &peer, IpAddress &client, IpAddress &dst)
+Ip::Intercept::NatLookup(int fd, const Ip::Address &me, const Ip::Address &peer, Ip::Address &client, Ip::Address &dst)
{
/* --enable-linux-netfilter */
/* --enable-ipfw-transparent */
return -1;
}
-#if LINUX_TPROXY2
-int
-IpIntercept::SetTproxy2OutgoingAddr(int fd, const IpAddress &src)
-{
- IpAddress addr;
- struct in_tproxy itp;
-
- src.GetInAddr(itp.v.addr.faddr);
- itp.v.addr.fport = 0;
-
- /* If these syscalls fail then we just fallback to connecting
- * normally by simply ignoring the errors...
- */
- itp.op = TPROXY_ASSIGN;
-
- addr = (struct in_addr)itp.v.addr.faddr;
- addr.SetPort(itp.v.addr.fport);
-
- if (setsockopt(fd, SOL_IP, IP_TPROXY, &itp, sizeof(itp)) == -1) {
- debugs(20, 1, "tproxy ip=" << addr << " ERROR ASSIGN");
- return -1;
- } else {
- itp.op = TPROXY_FLAGS;
- itp.v.flags = ITP_CONNECT;
-
- if (setsockopt(fd, SOL_IP, IP_TPROXY, &itp, sizeof(itp)) == -1) {
- debugs(20, 1, "tproxy ip=" << addr << " ERROR CONNECT");
- return -1;
- }
- }
-
- return 0;
-}
-#endif
-
bool
-IpIntercept::ProbeForTproxy(IpAddress &test)
+Ip::Intercept::ProbeForTproxy(Ip::Address &test)
{
debugs(3, 3, "Detect TPROXY support on port " << test);
-#if LINUX_TPROXY2
-
-#if USE_IPV6
- /* TPROXYv2 is not IPv6 capable. Force wildcard sockets to IPv4. Die on IPv6 IPs */
- debugs(3, DBG_IMPORTANT, "Disabling IPv6 on port " << test << " (TPROXYv2 interception enabled)");
- if ( test.IsIPv6() && !test.SetIPv4() ) {
- debugs(3, DBG_CRITICAL, "IPv6 requires TPROXYv4 support. You only have TPROXYv2 for " << test );
- return false;
- }
-#endif /* USE_IPV6 */
- return true;
-
-#else /* not LINUX_TPROXY2 */
#if defined(IP_TRANSPARENT)
debugs(3, 3, "...Probing for IPv6 TPROXY support.");
struct sockaddr_in6 tmp_ip6;
- IpAddress tmp = "::2";
+ Ip::Address tmp = "::2";
tmp.SetPort(0);
tmp.GetSockAddr(tmp_ip6);
debugs(3, 3, "...Probing for IPv4 TPROXY support.");
struct sockaddr_in tmp_ip4;
- IpAddress tmp = "127.0.0.2";
+ Ip::Address tmp = "127.0.0.2";
tmp.SetPort(0);
tmp.GetSockAddr(tmp_ip4);
#else /* undefined IP_TRANSPARENT */
debugs(3, 3, "setsockopt(IP_TRANSPARENT) not supported on this platform. Disabling TPROXYv4.");
#endif
-#endif /* LINUX_TPROXY2 */
return false;
}
* AUTHOR: Amos Jeffries
*
*/
-#ifndef SQUID_IPINTERCEPTION_H
-#define SQUID_IPINTERCEPTION_H
-
-class IpAddress;
+#ifndef SQUID_IP_IPINTERCEPT_H
+#define SQUID_IP_IPINTERCEPT_H
/* for time_t */
#include "SquidTime.h"
+namespace Ip
+{
+
+class Address;
+
/**
\defgroup IpInterceptAPI IP Interception and Transparent Proxy API
\ingroup SquidComponent
* instead there is this neutral API which other connection state machines
* and the comm layer use to co-ordinate their own state for transparency.
*/
-class IpIntercept
+class Intercept
{
public:
- IpIntercept() : transparent_active(0), intercept_active(0), last_reported(0) {};
- ~IpIntercept() {};
+ Intercept() : transparent_active(0), intercept_active(0), last_reported(0) {};
+ ~Intercept() {};
/** Perform NAT lookups */
- int NatLookup(int fd, const IpAddress &me, const IpAddress &peer, IpAddress &client, IpAddress &dst);
-
-#if LINUX_TPROXY2
- // only relevant to TPROXY v2 connections.
- // which require the address be set specifically post-connect.
- int SetTproxy2OutgoingAddr(int fd, const IpAddress &src);
-#endif
+ int NatLookup(int fd, const Address &me, const Address &peer, Address &client, Address &dst);
/**
* Test system networking calls for TPROXY support.
* \retval true TPROXY is available.
* \retval false TPROXY is not available.
*/
- bool ProbeForTproxy(IpAddress &test);
+ bool ProbeForTproxy(Address &test);
/**
\retval 0 Full transparency is disabled.
\retval 0 Successfuly located the new address.
\retval -1 An error occured during NAT lookups.
*/
- int NetfilterInterception(int fd, const IpAddress &me, IpAddress &client, int silent);
+ int NetfilterInterception(int fd, const Address &me, Address &client, int silent);
/**
* perform Lookups on Netfilter fully-transparent interception targets (TPROXY).
\retval 0 Successfuly located the new address.
\retval -1 An error occured during NAT lookups.
*/
- int NetfilterTransparent(int fd, const IpAddress &me, IpAddress &dst, int silent);
+ int NetfilterTransparent(int fd, const Address &me, Address &dst, int silent);
/**
* perform Lookups on IPFW interception.
\retval 0 Successfuly located the new address.
\retval -1 An error occured during NAT lookups.
*/
- int IpfwInterception(int fd, const IpAddress &me, IpAddress &client, int silent);
+ int IpfwInterception(int fd, const Address &me, Address &client, int silent);
/**
* perform Lookups on IPF interception.
\retval 0 Successfuly located the new address.
\retval -1 An error occured during NAT lookups.
*/
- int IpfInterception(int fd, const IpAddress &me, IpAddress &client, IpAddress &dst, int silent);
+ int IpfInterception(int fd, const Address &me, Address &client, Address &dst, int silent);
/**
* perform Lookups on PF interception.
\retval 0 Successfuly located the new address.
\retval -1 An error occured during NAT lookups.
*/
- int PfInterception(int fd, const IpAddress &me, IpAddress &client, IpAddress &dst, int silent);
+ int PfInterception(int fd, const Address &me, Address &client, Address &dst, int silent);
int transparent_active;
\ingroup IpInterceptAPI
* Globally available instance of the IP Interception manager.
*/
-extern IpIntercept IpInterceptor;
+extern Intercept Interceptor;
+
+}; // namespace Ip
-#endif /* SQUID_IPINTERCEPTION_H */
+#endif /* SQUID_IP_IPINTERCEPT_H */
noinst_LTLIBRARIES = libip.la
libip_la_SOURCES = \
- IpAddress.h \
- IpAddress.cc \
- IpIntercept.h \
- IpIntercept.cc \
+ forward.h \
+ Address.h \
+ Address.cc \
+ Intercept.h \
+ Intercept.cc \
QosConfig.h \
QosConfig.cc
TESTS += testIpAddress
testIpAddress_SOURCES= \
- testIpAddress.cc \
- testIpAddress.h
+ testAddress.cc \
+ testAddress.h
nodist_testIpAddress_SOURCES= \
$(top_srcdir)/src/tests/testMain.cc \
$(top_srcdir)/test-suite/test_tools.cc
#include "QosConfig.h"
-QosConfig::QosConfig() :
+Ip::Qos::QosConfig Ip::Qos::TheConfig;
+
+Ip::Qos::QosConfig::QosConfig() :
tos_local_hit(0),
tos_sibling_hit(0),
tos_parent_hit(0),
}
void
-QosConfig::parseConfigLine()
+Ip::Qos::QosConfig::parseConfigLine()
{
// %i honors 0 and 0x prefixes, which are important for things like umask
/* parse options ... */
* which means no StoreEntry refrences. Just a basic char* buffer.
*/
void
-QosConfig::dumpConfigLine(char *entry, const char *name) const
+Ip::Qos::QosConfig::dumpConfigLine(char *entry, const char *name) const
{
char *p = entry;
snprintf(p, 10, "%s", name); // strlen("qos_flows ");
#if USE_ZPH_QOS
+namespace Ip
+{
+
+namespace Qos
+{
+
class QosConfig
{
public:
void dumpConfigLine(char *entry, const char *name) const;
};
+extern QosConfig TheConfig;
+
/* legacy parser access wrappers */
#define parse_QosConfig(X) (X)->parseConfigLine()
#define free_QosConfig(X)
storeAppendPrintf(e, "%s", temp); \
} while(0);
+}; // namespace Qos
+}; // namespace Ip
+
#endif /* USE_ZPH_QOS */
#endif /* SQUID_QOSCONFIG_H */
--- /dev/null
+/*
+ * DEBUG: section 14 IP Storage and Handling
+ * AUTHOR: Henrik Nordstrom
+ *
+ * SQUID Internet Object Cache http://squid.nlanr.net/Squid/
+ * ----------------------------------------------------------
+ *
+ * Squid is the result of efforts by numerous individuals from the
+ * Internet community. Development is led by Duane Wessels of the
+ * National Laboratory for Applied Network Research and funded by the
+ * National Science Foundation. Squid is Copyrighted (C) 1998 by
+ * the Regents of the University of California. Please see the
+ * COPYRIGHT file for full details. Squid incorporates software
+ * developed and/or copyrighted by other sources. Please see the
+ * CREDITS file for full details.
+ *
+ * This wrapper code is copyright (C) 2010 by Henrik Nordstrom
+ * It is published and Lisenced as an extension of squid under the
+ * same conditions as the main squid application.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ *
+ */
+#ifndef _SQUID_IP_FORWARD_H
+#define _SQUID_IP_FORWARD_H
+
+// Forward-declare Ip classes needed by reference in other parts of the code
+// for passing objects around without actually touching them
+namespace Ip
+{
+class Address;
+}
+#endif /* _SQUID_IP_FORWARD_H */
#if USE_ZPH_QOS
-#include "QosConfig.h"
+#include "ip/QosConfig.h"
#include "Store.h"
-QosConfig::QosConfig() :
+Ip::QosConfig::QosConfig() :
tos_local_hit(0),
tos_sibling_hit(0),
tos_parent_hit(0),
}
void
-QosConfig::parseConfigLine()
+Ip::QosConfig::parseConfigLine()
{
// %i honors 0 and 0x prefixes, which are important for things like umask
/* parse options ... */
}
void
-QosConfig::dumpConfigLine(char *entry, const char *name) const
+Ip::QosConfig::dumpConfigLine(char *entry, const char *name) const
{
; /* Not needed in stub */
}
+#define SQUID_UNIT_TEST 1
#include "config.h"
-#include "testIpAddress.h"
-#include "ip/IpAddress.h"
+#include "compat/getaddrinfo.h"
+#include "testAddress.h"
+#include "ip/Address.h"
#if HAVE_CSTRING
#include <cstring>
void
testIpAddress::testDefaults()
{
- IpAddress anIPA;
+ Ip::Address anIPA;
/* test stored values */
CPPUNIT_ASSERT( anIPA.IsAnyAddr() );
inval.s_addr = htonl(0xC0A8640C);
outval.s_addr = htonl(0x00000000);
- IpAddress anIPA(inval);
+ Ip::Address anIPA(inval);
/* test stored values */
CPPUNIT_ASSERT( !anIPA.IsAnyAddr() );
inval.s6_addr32[2] = htonl(0xFFFFFFFF);
inval.s6_addr32[3] = htonl(0xFFFFFFFF);
- IpAddress anIPA(inval);
+ Ip::Address anIPA(inval);
/* test stored values */
CPPUNIT_ASSERT( !anIPA.IsAnyAddr() );
insock.sin_len = sizeof(struct sockaddr_in);
#endif
- IpAddress anIPA((const struct sockaddr_in)insock);
+ Ip::Address anIPA((const struct sockaddr_in)insock);
/* test stored values */
CPPUNIT_ASSERT( !anIPA.IsAnyAddr() );
insock.sin6_len = sizeof(struct sockaddr_in6);
#endif
- IpAddress anIPA((const struct sockaddr_in6)insock);
+ Ip::Address anIPA((const struct sockaddr_in6)insock);
/* test stored values */
CPPUNIT_ASSERT( !anIPA.IsAnyAddr() );
insock.sin_len = sizeof(struct sockaddr_in);
#endif
- IpAddress inIPA(insock);
- IpAddress outIPA(inIPA);
+ Ip::Address inIPA(insock);
+ Ip::Address outIPA(inIPA);
/* test stored values */
hp = gethostbyname("192.168.100.12");
CPPUNIT_ASSERT( hp != NULL /* gethostbyname failure.*/ );
- IpAddress anIPA(*hp);
+ Ip::Address anIPA(*hp);
/* test stored values */
CPPUNIT_ASSERT( !anIPA.IsAnyAddr() );
expectval.s_addr = htonl(0xC0A8640C);
- IpAddress anIPA = "192.168.100.12";
+ Ip::Address anIPA = "192.168.100.12";
/* test stored values */
CPPUNIT_ASSERT( !anIPA.IsAnyAddr() );
expectv6.s6_addr32[2] = htonl(0x00000000);
expectv6.s6_addr32[3] = htonl(0x00000045);
- IpAddress bnIPA = "2000:800::45";
+ Ip::Address bnIPA = "2000:800::45";
/* test stored values */
CPPUNIT_ASSERT( !bnIPA.IsAnyAddr() );
CPPUNIT_ASSERT( memcmp( &expectv6, &outval6, sizeof(struct in6_addr)) == 0 );
/* test IPv6 as an old netmask format. This is invalid but sometimes use. */
- IpAddress cnIPA = "ffff:ffff:fff0::";
+ Ip::Address cnIPA = "ffff:ffff:fff0::";
expectv6.s6_addr32[0] = htonl(0xFFFFFFFF);
expectv6.s6_addr32[1] = htonl(0xFFF00000);
void
testIpAddress::testSetEmpty()
{
- IpAddress anIPA;
+ Ip::Address anIPA;
struct in_addr inval;
inval.s_addr = htonl(0xC0A8640C);
void
testIpAddress::testBooleans()
{
- IpAddress lhsIPA;
- IpAddress rhsIPA;
+ Ip::Address lhsIPA;
+ Ip::Address rhsIPA;
struct in_addr valLow;
struct in_addr valHigh;
CPPUNIT_ASSERT( ( lhsIPA <= rhsIPA ) );
CPPUNIT_ASSERT( !( lhsIPA < rhsIPA ) );
+ /* test equality versus ANYADDR */
+ lhsIPA.SetAnyAddr();
+ rhsIPA.SetAnyAddr();
+ CPPUNIT_ASSERT( lhsIPA.matchIPAddr(rhsIPA) == 0 );
+ CPPUNIT_ASSERT( ( lhsIPA == rhsIPA ) );
+ CPPUNIT_ASSERT( !( lhsIPA != rhsIPA ) );
+ CPPUNIT_ASSERT( ( lhsIPA >= rhsIPA ) );
+ CPPUNIT_ASSERT( !( lhsIPA > rhsIPA ) );
+ CPPUNIT_ASSERT( ( lhsIPA <= rhsIPA ) );
+ CPPUNIT_ASSERT( !( lhsIPA < rhsIPA ) );
+
+ /* test equality versus NOADDR */
+ lhsIPA.SetNoAddr();
+ rhsIPA.SetNoAddr();
+ CPPUNIT_ASSERT( lhsIPA.matchIPAddr(rhsIPA) == 0 );
+ CPPUNIT_ASSERT( ( lhsIPA == rhsIPA ) );
+ CPPUNIT_ASSERT( !( lhsIPA != rhsIPA ) );
+ CPPUNIT_ASSERT( ( lhsIPA >= rhsIPA ) );
+ CPPUNIT_ASSERT( !( lhsIPA > rhsIPA ) );
+ CPPUNIT_ASSERT( ( lhsIPA <= rhsIPA ) );
+ CPPUNIT_ASSERT( !( lhsIPA < rhsIPA ) );
+
/* test inequality (less than) */
lhsIPA = valLow;
rhsIPA = valHigh;
CPPUNIT_ASSERT( ( lhsIPA <= rhsIPA ) );
CPPUNIT_ASSERT( ( lhsIPA < rhsIPA ) );
+ /* test inequality versus ANYADDR (less than) */
+ lhsIPA.SetAnyAddr();
+ rhsIPA = valHigh;
+ CPPUNIT_ASSERT( lhsIPA.matchIPAddr(rhsIPA) < 0 );
+ CPPUNIT_ASSERT( !( lhsIPA == rhsIPA ) );
+ CPPUNIT_ASSERT( ( lhsIPA != rhsIPA ) );
+ CPPUNIT_ASSERT( !( lhsIPA >= rhsIPA ) );
+ CPPUNIT_ASSERT( !( lhsIPA > rhsIPA ) );
+ CPPUNIT_ASSERT( ( lhsIPA <= rhsIPA ) );
+ CPPUNIT_ASSERT( ( lhsIPA < rhsIPA ) );
+
+ /* test inequality versus NOADDR (less than) */
+ lhsIPA = valLow;
+ rhsIPA.SetNoAddr();
+ CPPUNIT_ASSERT( lhsIPA.matchIPAddr(rhsIPA) < 0 );
+ CPPUNIT_ASSERT( !( lhsIPA == rhsIPA ) );
+ CPPUNIT_ASSERT( ( lhsIPA != rhsIPA ) );
+ CPPUNIT_ASSERT( !( lhsIPA >= rhsIPA ) );
+ CPPUNIT_ASSERT( !( lhsIPA > rhsIPA ) );
+ CPPUNIT_ASSERT( ( lhsIPA <= rhsIPA ) );
+ CPPUNIT_ASSERT( ( lhsIPA < rhsIPA ) );
+
+ /* test inequality (greater than) */
+ lhsIPA = valHigh;
+ rhsIPA = valLow;
+ CPPUNIT_ASSERT( lhsIPA.matchIPAddr(rhsIPA) > 0 );
+ CPPUNIT_ASSERT( !( lhsIPA == rhsIPA ) );
+ CPPUNIT_ASSERT( ( lhsIPA != rhsIPA ) );
+ CPPUNIT_ASSERT( ( lhsIPA >= rhsIPA ) );
+ CPPUNIT_ASSERT( ( lhsIPA > rhsIPA ) );
+ CPPUNIT_ASSERT( !( lhsIPA <= rhsIPA ) );
+ CPPUNIT_ASSERT( !( lhsIPA < rhsIPA ) );
+
/* test inequality (greater than) */
lhsIPA = valHigh;
+ rhsIPA.SetAnyAddr();
+ CPPUNIT_ASSERT( lhsIPA.matchIPAddr(rhsIPA) > 0 );
+ CPPUNIT_ASSERT( !( lhsIPA == rhsIPA ) );
+ CPPUNIT_ASSERT( ( lhsIPA != rhsIPA ) );
+ CPPUNIT_ASSERT( ( lhsIPA >= rhsIPA ) );
+ CPPUNIT_ASSERT( ( lhsIPA > rhsIPA ) );
+ CPPUNIT_ASSERT( !( lhsIPA <= rhsIPA ) );
+ CPPUNIT_ASSERT( !( lhsIPA < rhsIPA ) );
+
+ /* test inequality versus NOADDR (greater than) */
+ lhsIPA.SetNoAddr();
rhsIPA = valLow;
CPPUNIT_ASSERT( lhsIPA.matchIPAddr(rhsIPA) > 0 );
CPPUNIT_ASSERT( !( lhsIPA == rhsIPA ) );
{
struct in_addr inval;
char buf[MAX_IPSTRLEN];
- IpAddress anIPA;
+ Ip::Address anIPA;
anIPA.SetAnyAddr();
inval.s_addr = htonl(0xC0A8640C);
- IpAddress anIPA(inval);
+ Ip::Address anIPA(inval);
/* test values */
anIPA.ToURL(buf,MAX_IPSTRLEN);
ip6val.s6_addr32[2] = htonl(0xFFFFFFFF);
ip6val.s6_addr32[3] = htonl(0xFFFFFFFF);
- IpAddress bnIPA(ip6val);
+ Ip::Address bnIPA(ip6val);
bnIPA.ToURL(buf,MAX_IPSTRLEN);
CPPUNIT_ASSERT( memcmp("[c0a8:640c:ffff:ffff:ffff:ffff:ffff:ffff]", buf, 41) == 0 );
sock.sin_len = sizeof(struct sockaddr_in);
#endif
- IpAddress anIPA(sock);
+ Ip::Address anIPA(sock);
char buf[MAX_IPSTRLEN];
/* test values */
ip6val.sin6_len = sizeof(struct sockaddr_in6);
#endif
- IpAddress bnIPA(ip6val);
+ Ip::Address bnIPA(ip6val);
bnIPA.ToURL(buf,MAX_IPSTRLEN);
CPPUNIT_ASSERT( memcmp("[c0a8:640c:ffff:ffff:ffff:ffff:ffff:ffff]:80", buf, 44) == 0 );
struct in_addr ipv4val;
ipv4val.s_addr = htonl(0xC0A8640C);
- IpAddress v4IPA(ipv4val);
+ Ip::Address v4IPA(ipv4val);
/* test IPv4 output */
v4IPA.GetReverseString(buf);
ip6val.s6_addr32[2] = htonl(0xFFFFFFFF);
ip6val.s6_addr32[3] = htonl(0xFFFFFFFF);
- IpAddress v6IPA(ip6val);
+ Ip::Address v6IPA(ip6val);
/* test IPv6 output */
v6IPA.GetReverseString(buf);
testIpAddress::testMasking()
{
char buf[MAX_IPSTRLEN];
- IpAddress anIPA;
- IpAddress maskIPA;
+ Ip::Address anIPA;
+ Ip::Address maskIPA;
/* Test Basic CIDR Routine */
anIPA.SetAnyAddr();
CPPUNIT_ASSERT( memcmp("ffff:ffff:ffff:ffff:ffff::", buf, 26) == 0 );
#endif
- /* Test Network Bitmask from IpAddress */
+ /* Test Network Bitmask from Ip::Address */
anIPA.SetNoAddr();
maskIPA = "255.255.240.0";
CPPUNIT_ASSERT_EQUAL( 20 , maskIPA.GetCIDR() );
hints.ai_flags = AI_NUMERICHOST;
- IpAddress anIP = "127.0.0.1";
+ Ip::Address anIP = "127.0.0.1";
/* assert this just to check that getaddrinfo is working properly */
- CPPUNIT_ASSERT( xgetaddrinfo("127.0.0.1", NULL, &hints, &expect ) == 0 );
+ CPPUNIT_ASSERT( getaddrinfo("127.0.0.1", NULL, &hints, &expect ) == 0 );
anIP.GetAddrInfo(ipval);
CPPUNIT_ASSERT( memcmp( expect->ai_addr, ipval->ai_addr, expect->ai_addrlen ) == 0 );
- xfreeaddrinfo(expect);
+ freeaddrinfo(expect);
}
void
expectval.s_addr = htonl(0xC0A8640C);
- IpAddress anIPA = "192.168.100.12";
+ Ip::Address anIPA = "192.168.100.12";
/* test stored values */
#include "squid.h"
#include "comm.h"
#include "fde.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
#include "rfc1738.h"
static const char *hello_string = "hi there\n";
}
pid_t
-ipcCreate(int type, const char *prog, const char *const args[], const char *name, IpAddress &local_addr, int *rfd, int *wfd, void **hIpc)
+ipcCreate(int type, const char *prog, const char *const args[], const char *name, Ip::Address &local_addr, int *rfd, int *wfd, void **hIpc)
{
pid_t pid;
- IpAddress ChS;
- IpAddress PaS;
+ Ip::Address ChS;
+ Ip::Address PaS;
struct addrinfo *AI = NULL;
int crfd = -1;
int prfd = -1;
debugs(54, 6, HERE << "opening listen FD at " << p.addr << " for kid" <<
request.requestorId);
- IpAddress addr = p.addr; // comm_open_listener may modify it
+ Ip::Address addr = p.addr; // comm_open_listener may modify it
enter_suid();
const int sock = comm_open_listener(p.sock_type, p.proto, addr, p.flags,
#include "config.h"
#include <map>
#include "comm.h"
+#include "base/TextException.h"
#include "ipc/Port.h"
#include "ipc/Messages.h"
#include "ipc/Kids.h"
int sock_type;
int proto;
- IpAddress addr; ///< will be memset and memcopied
+ Ip::Address addr; ///< will be memset and memcopied
int flags;
int fdNote; ///< index into fd_note() comment strings
};
#include "config.h"
#include "comm.h"
-#include "TextException.h"
+#include "base/TextException.h"
#include "ipc/SharedListen.h"
#include "ipc/StartListening.h"
}
-void Ipc::StartListening(int sock_type, int proto, IpAddress &addr,
+void Ipc::StartListening(int sock_type, int proto, Ip::Address &addr,
int flags, FdNoteId fdNote, AsyncCall::Pointer &callback)
{
OpenListenerParams p;
#define SQUID_IPC_START_LISTENING_H
#include <iosfwd>
+#include "ip/forward.h"
#include "ipc/FdNotes.h"
#include "base/AsyncCall.h"
-class IpAddress;
-
namespace Ipc
{
/// Depending on whether SMP is on, either ask Coordinator to send us
/// the listening FD or call comm_open_listener() directly.
-extern void StartListening(int sock_type, int proto, IpAddress &addr,
+extern void StartListening(int sock_type, int proto, Ip::Address &addr,
int flags, FdNoteId fdNote, AsyncCall::Pointer &callback);
} // namespace Ipc;
*/
#include "config.h"
+#include "base/TextException.h"
#include "ipc/Strand.h"
#include "ipc/Messages.h"
#include "ipc/SharedListen.h"
#include "config.h"
#include <string.h>
-#include "TextException.h"
+#include "protos.h"
+#include "base/TextException.h"
#include "ipc/TypedMsgHdr.h"
Ipc::TypedMsgHdr::TypedMsgHdr()
#include "config.h"
#include "comm.h"
#include "CommCalls.h"
+#include "base/TextException.h"
#include "ipc/UdsOp.h"
int type;
int crfd;
int cwfd;
- IpAddress local_addr;
+ Ip::Address local_addr;
struct addrinfo PS;
const char *prog;
char **args;
}
pid_t
-ipcCreate(int type, const char *prog, const char *const args[], const char *name, IpAddress &local_addr, int *rfd, int *wfd, void **hIpc)
+ipcCreate(int type, const char *prog, const char *const args[], const char *name, Ip::Address &local_addr, int *rfd, int *wfd, void **hIpc)
{
unsigned long thread;
DWORD ecode = 0;
pid_t pid;
- IpAddress tmp_addr;
+ Ip::Address tmp_addr;
struct addrinfo *aiCS = NULL;
struct addrinfo *aiPS = NULL;
return ipcCloseAllFD(prfd, pwfd, crfd, cwfd);
}
- /* NP: tmp_addr was left with eiether empty or aiCS in IpAddress format */
+ /* NP: tmp_addr was left with eiether empty or aiCS in Ip::Address format */
if (comm_connect_addr(pwfd, tmp_addr) == COMM_ERROR) {
CloseHandle((HANDLE) thread);
return ipcCloseAllFD(prfd, pwfd, -1, -1);
int prfd_ipc = -1, pwfd_ipc = -1, crfd_ipc = -1, cwfd_ipc = -1;
char *prog = NULL, *buf1 = NULL;
- IpAddress PS_ipc;
- IpAddress CS_ipc;
+ Ip::Address PS_ipc;
+ Ip::Address CS_ipc;
struct addrinfo *aiPS_ipc = NULL;
struct addrinfo *aiCS_ipc = NULL;
int cwfd = params->cwfd;
char **args = params->args;
- IpAddress PS = params->PS;
- IpAddress local_addr = params->local_addr;
+ Ip::Address PS = params->PS;
+ Ip::Address local_addr = params->local_addr;
buf1 = (char *)xcalloc(1, 8192);
strcpy(buf1, params->prog);
#include "SquidTime.h"
#include "Store.h"
#include "wordlist.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
/**
\defgroup IPCacheAPI IP Cache API
struct timeval request_time;
dlink_node lru;
unsigned short locks;
-#if DNS_CNAME
- unsigned short cname_wait;
-#endif
-
struct {
unsigned int negcached:1;
unsigned int fromhosts:1;
#else
static IDNSCB ipcacheHandleReply;
#endif
-static IPH ipcacheHandleCnameRecurse;
static int ipcacheExpiredEntry(ipcache_entry *);
#if USE_DNSSERVERS
static int ipcacheParse(ipcache_entry *, const char *buf);
{
hash_link *e = (hash_link *)hash_lookup(ip_table, i->hash.key);
-#if DNS_CNAME
- /* INET6 : should NOT be adding this entry until all CNAME have been received. */
- assert(i->cname_wait == 0);
-#endif
-
if (NULL != e) {
/* avoid colission */
ipcache_entry *q = (ipcache_entry *) e;
-#if DNS_CNAME
- if (q == i) {
- /* can occur with Multiple-depth CNAME Recursion if parent returned early with additional */
- /* just need to drop from the hash without releasing actual memory */
- ipcacheRelease(q, false);
- } else
-#endif
- ipcacheRelease(q);
+ ipcacheRelease(q);
}
hash_join(ip_table, &i->hash);
if (ipcount > 0) {
int j, k;
- i->addrs.in_addrs = (IpAddress *)xcalloc(ipcount, sizeof(IpAddress));
+ i->addrs.in_addrs = static_cast<Ip::Address *>(xcalloc(ipcount, sizeof(Ip::Address)));
for (int l = 0; l < ipcount; l++)
i->addrs.in_addrs[l].SetEmpty(); // perform same init actions as constructor would.
i->addrs.bad_mask = (unsigned char *)xcalloc(ipcount, sizeof(unsigned char));
if (answers[k].type == RFC1035_TYPE_CNAME) {
cname_found=1;
IpcacheStats.rr_cname++;
-
-#if DNS_CNAME
- debugs(14, 5, "ipcacheParse: " << name << " CNAME " << answers[k].rdata << " (checking destination: " << i << ").");
- const ipcache_addrs *res = ipcache_gethostbyname(answers[k].rdata, 0);
- if (res) {
- na += res->count;
- debugs(14, 5, "ipcacheParse: CNAME " << answers[k].rdata << " already has " << res->count << " IPs cached.");
- } else {
- /* keep going on this, but flag the fact that we need to wait for a CNAME lookup to finish */
- debugs(14, 5, "ipcacheParse: CNAME " << answers[k].rdata << " has no IPs! Recursing.");
- ipcache_nbgethostbyname(answers[k].rdata, ipcacheHandleCnameRecurse, new generic_cbdata(i) );
- i->cname_wait++;
- }
-#endif /* DNS_CNAME */
-
continue;
}
// otherwise its an unknown RR. debug at level 9 since we usually want to ignore these and they are common.
debugs(14, 9, HERE << "Unknown RR type received: type=" << answers[k].type << " starting at " << &(answers[k]) );
}
-
-#if DNS_CNAME
- if (na == 0 && i->cname_wait >0 ) {
- /* don't set any error message (yet). Allow recursion to do its work first. */
- IpcacheStats.cname_only++;
- return 0;
- }
-#endif /* DNS_CNAME */
-
if (na == 0) {
debugs(14, 1, "ipcacheParse: No Address records in response to '" << name << "'");
i->error_message = xstrdup("No Address records");
return 0;
}
- i->addrs.in_addrs = (IpAddress *)xcalloc(na, sizeof(IpAddress));
+ i->addrs.in_addrs = static_cast<Ip::Address *>(xcalloc(na, sizeof(Ip::Address)));
for (int l = 0; l < na; l++)
i->addrs.in_addrs[l].SetEmpty(); // perform same init actions as constructor would.
i->addrs.bad_mask = (unsigned char *)xcalloc(na, sizeof(unsigned char));
j++;
#endif
}
-#if DNS_CNAME
- else if (answers[k].type == RFC1035_TYPE_CNAME) {
- debugs(14, 3, "ipcacheParse: " << name << " #x CNAME " << answers[k].rdata);
- const ipcache_addrs *res = ipcache_gethostbyname(answers[k].rdata, 0);
- if (res) {
- /* NP: the results of *that* query need to be integrated in place of the CNAME */
- /* Ideally we should also integrate the min TTL of the above IPA's into ttl. */
- for (int l = 0; l < res->count; l++, j++) {
- i->addrs.in_addrs[j] = res->in_addrs[l];
- debugs(14, 3, "ipcacheParse: " << name << " #" << j << " " << i->addrs.in_addrs[j] );
- }
- } else {
- debugs(14, 9, "ipcacheParse: " << answers[k].rdata << " (CNAME) waiting on A/AAAA records.");
- }
- }
-#endif /* DNS_CNAME */
-
if (ttl == 0 || (int) answers[k].ttl < ttl)
ttl = answers[k].ttl;
}
i->flags.negcached = 0;
-#if DNS_CNAME
- /* SPECIAL CASE: may get here IFF CNAME received with Additional records */
- /* reurn 0/'wait for further details' value. */
- /* NP: 'No DNS Results' is a return -1 +msg */
- if (i->cname_wait)
- return 0;
- else
-#endif /* DNS_CNAME */
- return i->addrs.count;
+ return i->addrs.count;
}
#endif
ipcache_entry *i = NULL;
const ipcache_addrs *addrs = NULL;
generic_cbdata *c;
- assert(handler != NULL);
debugs(14, 4, "ipcache_nbgethostbyname: Name '" << name << "'.");
IpcacheStats.requests++;
debugs(14, 4, "ipcache_nbgethostbyname: Invalid name!");
IpcacheStats.invalid++;
const DnsLookupDetails details("Invalid hostname", -1); // error, no lookup
- handler(NULL, details, handlerData);
+ if (handler)
+ handler(NULL, details, handlerData);
return;
}
debugs(14, 4, "ipcache_nbgethostbyname: BYPASS for '" << name << "' (already numeric)");
IpcacheStats.numeric_hits++;
const DnsLookupDetails details(NULL, -1); // no error, no lookup
- handler(addrs, details, handlerData);
+ if (handler)
+ handler(addrs, details, handlerData);
return;
}
memset(&lru_list, '\0', sizeof(lru_list));
memset(&static_addrs, '\0', sizeof(ipcache_addrs));
- static_addrs.in_addrs = (IpAddress *)xcalloc(1, sizeof(IpAddress));
- static_addrs.in_addrs->SetEmpty(); // properly setup the IpAddress!
+ static_addrs.in_addrs = static_cast<Ip::Address *>(xcalloc(1, sizeof(Ip::Address)));
+ static_addrs.in_addrs->SetEmpty(); // properly setup the Ip::Address!
static_addrs.bad_mask = (unsigned char *)xcalloc(1, sizeof(unsigned char));
ipcache_high = (long) (((float) Config.ipcache.size *
(float) Config.ipcache.high) / (float) 100);
IpcacheStats.misses++;
if (flags & IP_LOOKUP_IF_MISS)
- ipcache_nbgethostbyname(name, ipcacheHandleCnameRecurse, NULL);
+ ipcache_nbgethostbyname(name, NULL, NULL);
return NULL;
}
}
}
-#if DNS_CNAME
-/**
- * Takes two IpAddress arrays and merges them into a single array
- * which is allocated dynamically to fit the number of unique addresses
- *
- \param aaddrs One list to merge
- \param alen Size of list aaddrs
- \param baddrs Other list to merge
- \param alen Size of list baddrs
- \param out Combined list of unique addresses (sorted with IPv6 first in IPv6-mode)
- \param outlen Size of list out
- */
-void
-ipcacheMergeIPLists(const IpAddress *aaddrs, const int alen,
- const IpAddress *baddrs, const int blen,
- IpAddress **out, int &outlen )
-{
- int fc=0, t=0, c=0;
-
- IpAddress const *ip4ptrs[255];
-#if USE_IPV6
- IpAddress const *ip6ptrs[255];
-#endif
- int num_ip4 = 0;
- int num_ip6 = 0;
-
- memset(ip4ptrs, 0, sizeof(IpAddress*)*255);
-#if USE_IPV6
- memset(ip6ptrs, 0, sizeof(IpAddress*)*255);
-#endif
-
- // for each unique address in list A - grab ptr
- for (t = 0; t < alen; t++) {
- if (aaddrs[t].IsIPv4()) {
- // check against IPv4 pruned list
- for (c = 0; c <= num_ip4; c++) {
- if (ip4ptrs[c] && aaddrs[t] == *(ip4ptrs[c]) ) break; // duplicate.
- }
- if (c > num_ip4) {
- ip4ptrs[num_ip4] = &aaddrs[t];
- num_ip4++;
- }
- }
-#if USE_IPV6
- else if (aaddrs[t].IsIPv6()) {
- debugs(14,8, HERE << "A[" << t << "]=IPv6 " << aaddrs[t]);
- // check against IPv6 pruned list
- for (c = 0; c <= num_ip6; c++) {
- if (ip6ptrs[c] && aaddrs[t] == *ip6ptrs[c]) break; // duplicate.
- }
- if (c > num_ip6) {
- ip6ptrs[num_ip6] = &aaddrs[t];
- num_ip6++;
- }
- }
-#endif
- }
-
- // for each unique address in list B - grab ptr
- for (t = 0; t < blen; t++) {
- if (baddrs[t].IsIPv4()) {
- // check against IPv4 pruned list
- for (c = 0; c <= num_ip4; c++) {
- if (ip4ptrs[c] && baddrs[t] == *ip4ptrs[c]) break; // duplicate.
- }
- if (c > num_ip4) {
- ip4ptrs[num_ip4] = &baddrs[t];
- num_ip4++;
- }
- }
-#if USE_IPV6
- else if (baddrs[t].IsIPv6()) {
- // check against IPv6 pruned list
- for (c = 0; c <= num_ip6; c++) {
- if (ip6ptrs[c] && baddrs[t] == *ip6ptrs[c]) break; // duplicate.
- }
- if (c > num_ip6) {
- ip6ptrs[num_ip6] = &baddrs[t];
- num_ip6++;
- }
- }
-#endif
- }
-
- fc = num_ip6 + num_ip4;
-
- assert(fc > 0);
-
- debugs(14, 5, "ipcacheMergeIPLists: Merge " << alen << "+" << blen << " into " << fc << " unique IPs.");
-
- // copy the old IPs into the new list buffer.
- (*out) = (IpAddress*)xcalloc(fc, sizeof(IpAddress));
- outlen=0;
-
- assert(out != NULL);
-
-#if USE_IPV6
- /* IPv6 are preferred (tried first) over IPv4 */
-
- for (int l = 0; outlen < num_ip6; l++, outlen++) {
- (*out)[outlen] = *ip6ptrs[l];
- debugs(14, 5, "ipcacheMergeIPLists: #" << outlen << " " << (*out)[outlen] );
- }
-#endif /* USE_IPV6 */
-
- for (int l = 0; outlen < num_ip4; l++, outlen++) {
- (*out)[outlen] = *ip4ptrs[l];
- debugs(14, 5, "ipcacheMergeIPLists: #" << outlen << " " << (*out)[outlen] );
- }
-
- assert(outlen == fc); // otherwise something broke badly!
-}
-#endif /* DNS_CNAME */
-
-/// \ingroup IPCacheInternal
-/// Callback.
-static void
-ipcacheHandleCnameRecurse(const ipcache_addrs *addrs, const DnsLookupDetails &, void *cbdata)
-{
-#if DNS_CNAME
- ipcache_entry *i = NULL;
- char *pname = NULL;
- IpAddress *tmpbuf = NULL;
- int fc = 0;
- int ttl = 0;
- generic_cbdata* gcb = (generic_cbdata*)cbdata;
- // count of addrs at parent and child (REQ as .count is a char type!)
- int ccount = 0, pcount = 0;
-
- debugs(14, 5, "ipcacheHandleCnameRecurse: Handling basic A/AAAA response.");
-
- /* IFF no CNAME recursion being processed. do nothing. */
- if (cbdata == NULL)
- return;
-
- gcb->unwrap(&i);
- assert(i != NULL);
-
- // make sure we are actualy waiting for a CNAME callback to be run.
- assert(i->cname_wait > 0);
- // count this event. its being handled.
- i->cname_wait--;
-
- pname = (char*)i->hash.key;
- assert(pname != NULL);
-
- debugs(14, 5, "ipcacheHandleCnameRecurse: Handling CNAME recursion. CBDATA('" << gcb->data << "')='" << pname << "' -> " << std::hex << i);
-
- if (i == NULL) {
- return; // Parent has expired. Don't merge, just leave for future Ref:
- }
-
- /* IFF addrs is NULL (Usually an Error or Timeout occured on lookup.) */
- /* Ignore it and HOPE that we got some Additional records to use. */
- if (addrs == NULL)
- return;
-
- ccount = (0+ addrs->count);
- pcount = (0+ i->addrs.count);
- ttl = i->expires;
-
- /* IFF no CNAME results. do none of the processing BUT finish anyway. */
- if (addrs) {
-
- debugs(14, 5, "ipcacheHandleCnameRecurse: Merge IP Lists for " << pname << " (" << pcount << "+" << ccount << ")");
-
- /* add new IP records to entry */
- tmpbuf = i->addrs.in_addrs;
- i->addrs.in_addrs = NULL;
- ipcacheMergeIPLists(tmpbuf, pcount, addrs->in_addrs, ccount, &(i->addrs.in_addrs), fc);
- debugs(14,8, HERE << "in=" << tmpbuf << ", out=" << i->addrs.in_addrs );
- assert( (pcount>0 ? tmpbuf!=NULL : tmpbuf==NULL) );
- safe_free(tmpbuf);
-
- if ( pcount > 0) {
- /* IFF the parent initial lookup was given Additional records with A */
- // clear the 'bad IP mask'
- safe_free(i->addrs.bad_mask);
- }
- // create a new bad IP mask to fit the new size needed.
- if (fc > 0) {
- i->addrs.bad_mask = (unsigned char*)xcalloc(fc, sizeof(unsigned char));
- memset(i->addrs.bad_mask, 0, sizeof(unsigned char)*fc);
- }
-
- if (fc < 256)
- i->addrs.count = (unsigned char) fc;
- else
- i->addrs.count = 255;
-
- if (ttl == 0 || ttl > Config.positiveDnsTtl)
- ttl = Config.positiveDnsTtl;
-
- if (ttl < Config.negativeDnsTtl)
- ttl = Config.negativeDnsTtl;
-
- i->expires = squid_curtime + ttl;
-
- i->flags.negcached = 0;
-
- i->addrs.cur = 0;
-
- i->addrs.badcount = 0;
- }
-
- if (fc == 0) {
- i->error_message = xstrdup("No DNS Records");
- }
-
- /* finish the lookup we were doing on parent when we got side-tracked for CNAME loop */
- if (i->cname_wait == 0) {
- ipcacheAddEntry(i);
- ipcacheCallback(i, i->age()); // age since i creation, includes CNAMEs
- }
- // else still more CNAME to be found.
-#endif /* DNS_CNAME */
-}
-
/// \ingroup IPCacheAPI
void
ipcacheInvalidate(const char *name)
ipcache_addrs *
ipcacheCheckNumeric(const char *name)
{
-
- IpAddress ip;
+ Ip::Address ip;
/* check if it's already a IP address in text form. */
/* it may be IPv6-wrapped */
\param addr specific addres to be marked bad
*/
void
-ipcacheMarkBadAddr(const char *name, IpAddress &addr)
+ipcacheMarkBadAddr(const char *name, const Ip::Address &addr)
{
ipcache_entry *i;
ipcache_addrs *ia;
/// \ingroup IPCacheAPI
void
-ipcacheMarkGoodAddr(const char *name, IpAddress &addr)
+ipcacheMarkAllGood(const char *name)
+{
+ ipcache_entry *i;
+ ipcache_addrs *ia;
+ int k;
+
+ if ((i = ipcache_get(name)) == NULL)
+ return;
+
+ ia = &i->addrs;
+
+ /* All bad, reset to All good */
+ debugs(14, 3, "ipcacheMarkAllGood: Changing ALL " << name << " addrs to OK (" << ia->badcount << "/" << ia->count << " bad)");
+
+ for (k = 0; k < ia->count; k++)
+ ia->bad_mask[k] = 0;
+
+ ia->badcount = 0;
+}
+
+/// \ingroup IPCacheAPI
+void
+ipcacheMarkGoodAddr(const char *name, const Ip::Address &addr)
{
ipcache_entry *i;
ipcache_addrs *ia;
{
ipcache_entry *i;
- IpAddress ip;
+ Ip::Address ip;
if (!(ip = ipaddr)) {
#if USE_IPV6
i->addrs.cur = 0;
i->addrs.badcount = 0;
- i->addrs.in_addrs = (IpAddress *)xcalloc(1, sizeof(IpAddress));
+ i->addrs.in_addrs = static_cast<Ip::Address *>(xcalloc(1, sizeof(Ip::Address)));
i->addrs.bad_mask = (unsigned char *)xcalloc(1, sizeof(unsigned char));
i->addrs.in_addrs[0] = ip;
i->addrs.bad_mask[0] = FALSE;
return 0;
}
-#ifdef SQUID_SNMP
+#if SQUID_SNMP
/**
\ingroup IPCacheAPI
*
#include "log/ModStdio.h"
#include "log/ModSyslog.h"
#include "log/ModUdp.h"
+#include "log/ModTcp.h"
CBDATA_TYPE(Logfile);
} else if (strncmp(path, "daemon:", 7) == 0) {
patharg = path + 7;
ret = logfile_mod_daemon_open(lf, patharg, bufsz, fatal_flag);
+ } else if (strncmp(path, "tcp:", 4) == 0) {
+ patharg = path + 4;
+ ret = logfile_mod_tcp_open(lf, patharg, bufsz, fatal_flag);
} else if (strncmp(path, "udp:", 4) == 0) {
patharg = path + 4;
ret = logfile_mod_udp_open(lf, patharg, bufsz, fatal_flag);
#include "config.h"
#include "dlink.h"
+#if HAVE_SYS_PARAM_H
+#include <sys/param.h>
+#endif
+
class logfile_buffer_t
{
public:
{
public:
- char path[SQUID_MAXPATHLEN];
+ char path[MAXPATHLEN];
struct {
unsigned int fatal;
ModStdio.h \
ModSyslog.cc \
ModSyslog.h \
+ ModTcp.cc \
+ ModTcp.h \
ModUdp.cc \
ModUdp.h
lf->data = ll;
ll->eol = 1;
{
- IpAddress localhost;
+ Ip::Address localhost;
args[0] = "(logfile-daemon)";
args[1] = path;
args[2] = NULL;
--- /dev/null
+/*
+ * DEBUG: section 50 Log file handling
+ * AUTHOR: Dhaval Varia
+ * Developed based on ModUdp.* by Adrian Chadd
+ *
+ * SQUID Web Proxy Cache http://www.squid-cache.org/
+ * ----------------------------------------------------------
+ *
+ * Squid is the result of efforts by numerous individuals from
+ * the Internet community; see the CONTRIBUTORS file for full
+ * details. Many organizations have provided support for Squid's
+ * development; see the SPONSORS file for full details. Squid is
+ * Copyrighted (C) 2001 by the Regents of the University of
+ * California; see the COPYRIGHT file for full details. Squid
+ * incorporates software developed and/or copyrighted by other
+ * sources; see the CREDITS file for full details.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ *
+ */
+
+#include "squid.h"
+#include "comm.h"
+#include "log/File.h"
+#include "log/ModTcp.h"
+#include "Parsing.h"
+
+/*
+ * This logfile TCP module is mostly inspired by a patch by Tim Starling
+ * from Wikimedia.
+ *
+ * It doesn't do any TCP buffering - it'd be quite a bit of work for
+ * something which the kernel could be doing for you!
+ */
+
+typedef struct {
+ int fd;
+ char *buf;
+ size_t bufsz;
+ int offset;
+} l_tcp_t;
+
+static void
+logfile_mod_tcp_write(Logfile * lf, const char *buf, size_t len)
+{
+ l_tcp_t *ll = (l_tcp_t *) lf->data;
+ ssize_t s;
+ s = write(ll->fd, (char const *) buf, len);
+
+ fd_bytes(ll->fd, s, FD_WRITE);
+#if 0
+ if (s < 0) {
+ debugs(1, 1, "logfile (tcp): got errno (" << errno << "):" << xstrerror());
+ }
+ if (s != len) {
+ debugs(1, 1, "logfile (tcp): len=" << len << ", wrote=" << s);
+ }
+#endif
+
+ /* We don't worry about network errors for now */
+}
+
+static void
+logfile_mod_tcp_flush(Logfile * lf)
+{
+ l_tcp_t *ll = (l_tcp_t *) lf->data;
+ if (0 == ll->offset)
+ return;
+ logfile_mod_tcp_write(lf, ll->buf, (size_t) ll->offset);
+ ll->offset = 0;
+}
+
+static void
+logfile_mod_tcp_writeline(Logfile * lf, const char *buf, size_t len)
+{
+ l_tcp_t *ll = (l_tcp_t *) lf->data;
+
+ if (0 == ll->bufsz) {
+ /* buffering disabled */
+ logfile_mod_tcp_write(lf, buf, len);
+ return;
+ }
+ if (ll->offset > 0 && (ll->offset + len + 4) > ll->bufsz)
+ logfile_mod_tcp_flush(lf);
+
+ if (len > ll->bufsz) {
+ /* too big to fit in buffer */
+ logfile_mod_tcp_write(lf, buf, len);
+ return;
+ }
+ /* buffer it */
+ xmemcpy(ll->buf + ll->offset, buf, len);
+
+ ll->offset += len;
+
+ assert(ll->offset >= 0);
+
+ assert((size_t) ll->offset <= ll->bufsz);
+}
+
+static void
+logfile_mod_tcp_linestart(Logfile * lf)
+{
+}
+
+static void
+logfile_mod_tcp_lineend(Logfile * lf)
+{
+}
+
+static void
+logfile_mod_tcp_rotate(Logfile * lf)
+{
+ return;
+}
+
+static void
+logfile_mod_tcp_close(Logfile * lf)
+{
+ l_tcp_t *ll = (l_tcp_t *) lf->data;
+ lf->f_flush(lf);
+
+ if (ll->fd >= 0)
+ file_close(ll->fd);
+
+ if (ll->buf)
+ xfree(ll->buf);
+
+ xfree(lf->data);
+ lf->data = NULL;
+}
+
+
+
+/*
+ * This code expects the path to be //host:port
+ */
+int
+logfile_mod_tcp_open(Logfile * lf, const char *path, size_t bufsz, int fatal_flag)
+{
+ debugs(5, 3, "Tcp Open called");
+ Ip::Address addr;
+
+ char *strAddr;
+
+ lf->f_close = logfile_mod_tcp_close;
+ lf->f_linewrite = logfile_mod_tcp_writeline;
+ lf->f_linestart = logfile_mod_tcp_linestart;
+ lf->f_lineend = logfile_mod_tcp_lineend;
+ lf->f_flush = logfile_mod_tcp_flush;
+ lf->f_rotate = logfile_mod_tcp_rotate;
+
+ l_tcp_t *ll = static_cast<l_tcp_t*>(xcalloc(1, sizeof(*ll)));
+ lf->data = ll;
+
+ if (strncmp(path, "//", 2) == 0) {
+ path += 2;
+ }
+ strAddr = xstrdup(path);
+
+ if (!GetHostWithPort(strAddr, &addr)) {
+ if (lf->flags.fatal) {
+ fatalf("Invalid TCP logging address '%s'\n", lf->path);
+ } else {
+ debugs(50, DBG_IMPORTANT, "Invalid TCP logging address '" << lf->path << "'");
+ safe_free(strAddr);
+ return FALSE;
+ }
+ }
+
+ safe_free(strAddr);
+
+ Ip::Address any_addr;
+ any_addr.SetAnyAddr();
+
+#if USE_IPV6
+ // require the sending TCP port to be of the right family for the destination address.
+ if (addr.IsIPv4())
+ any_addr.SetIPv4();
+#endif
+
+ ll->fd = comm_open(SOCK_STREAM, IPPROTO_TCP, any_addr, COMM_NONBLOCKING, "TCP log socket");
+ if (ll->fd < 0) {
+ if (lf->flags.fatal) {
+ fatalf("Unable to open TCP socket for logging\n");
+ } else {
+ debugs(50, DBG_IMPORTANT, "Unable to open TCP socket for logging");
+ return FALSE;
+ }
+ } else if (!comm_connect_addr(ll->fd, &addr)) {
+ if (lf->flags.fatal) {
+ fatalf("Unable to connect to %s for TCP log: %s\n", lf->path, xstrerror());
+ } else {
+ debugs(50, DBG_IMPORTANT, "Unable to connect to " << lf->path << " for TCP log: " << xstrerror());
+ return FALSE;
+ }
+ }
+ if (ll->fd == -1) {
+ if (ENOENT == errno && fatal_flag) {
+ fatalf("Cannot open '%s' because\n"
+ "\tthe parent directory does not exist.\n"
+ "\tPlease create the directory.\n", path);
+ } else if (EACCES == errno && fatal_flag) {
+ fatalf("Cannot open '%s' for writing.\n"
+ "\tThe parent directory must be writeable by the\n"
+ "\tuser '%s', which is the cache_effective_user\n"
+ "\tset in squid.conf.", path, Config.effectiveUser);
+ } else {
+ debugs(50, DBG_IMPORTANT, "logfileOpen (TCP): " << lf->path << ": " << xstrerror());
+ return 0;
+ }
+ }
+
+ bufsz = 65536;
+ if (bufsz > 0) {
+ ll->buf = static_cast<char*>(xmalloc(bufsz));
+ ll->bufsz = bufsz;
+ }
+
+ return 1;
+}
--- /dev/null
+/*
+ * $Id$
+ *
+ * DEBUG: section 50 Log file handling
+ * AUTHOR: Dhaval Varia
+ * Developed based on ModUdp.* by Adrian Chadd
+ *
+ * SQUID Web Proxy Cache http://www.squid-cache.org/
+ * ----------------------------------------------------------
+ *
+ * Squid is the result of efforts by numerous individuals from
+ * the Internet community; see the CONTRIBUTORS file for full
+ * details. Many organizations have provided support for Squid's
+ * development; see the SPONSORS file for full details. Squid is
+ * Copyrighted (C) 2001 by the Regents of the University of
+ * California; see the COPYRIGHT file for full details. Squid
+ * incorporates software developed and/or copyrighted by other
+ * sources; see the CREDITS file for full details.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ *
+ */
+#ifndef _SQUID_SRC_LOG_MODTCP_H
+#define _SQUID_SRC_LOG_MODTCP_H
+
+#include "config.h"
+
+class Logfile;
+
+extern int logfile_mod_tcp_open(Logfile * lf, const char *path, size_t bufsz, int fatal_flag);
+
+#endif /* _SQUID_SRC_LOG_MODTCP_H */
int
logfile_mod_udp_open(Logfile * lf, const char *path, size_t bufsz, int fatal_flag)
{
- IpAddress addr;
+ Ip::Address addr;
char *strAddr;
lf->f_close = logfile_mod_udp_close;
}
safe_free(strAddr);
- IpAddress no_addr;
- no_addr.SetNoAddr();
+ Ip::Address any_addr;
+ any_addr.SetAnyAddr();
#if USE_IPV6
// require the sending UDP port to be of the right family for the destination address.
if (addr.IsIPv4())
- no_addr.SetIPv4();
+ any_addr.SetIPv4();
#endif
- ll->fd = comm_open(SOCK_DGRAM, IPPROTO_UDP, no_addr, COMM_NONBLOCKING, "UDP log socket");
+ ll->fd = comm_open(SOCK_DGRAM, IPPROTO_UDP, any_addr, COMM_NONBLOCKING, "UDP log socket");
if (ll->fd < 0) {
if (lf->flags.fatal) {
fatalf("Unable to open UDP socket for logging\n");
debugs(50, DBG_IMPORTANT, "Unable to open UDP socket for logging");
return FALSE;
}
- } else if (comm_connect_addr(ll->fd, &addr)) {
+ } else if (!comm_connect_addr(ll->fd, &addr)) {
if (lf->flags.fatal) {
fatalf("Unable to connect to %s for UDP log: %s\n", lf->path, xstrerror());
} else {
"LOG_TYPE_MAX"
};
-#if FORW_VIA_DB
+#if USE_FORW_VIA_DB
typedef struct {
hash_link hash;
LFT_LOCAL_IP,
LFT_LOCAL_PORT,
/*LFT_LOCAL_NAME, */
+ LFT_PEER_LOCAL_PORT,
LFT_TIME_SECONDS_SINCE_EPOCH,
LFT_TIME_SUBSECOND,
{"la", LFT_LOCAL_IP},
{"lp", LFT_LOCAL_PORT},
/*{ "lA", LFT_LOCAL_NAME }, */
+ {"<lp", LFT_PEER_LOCAL_PORT},
{"ts", LFT_TIME_SECONDS_SINCE_EPOCH},
{"tu", LFT_TIME_SUBSECOND},
break;
+ case LFT_PEER_LOCAL_PORT:
+ if (al->hier.peer_local_port) {
+ outint = al->hier.peer_local_port;
+ doint = 1;
+ }
+
+ break;
+
case LFT_TIME_SECONDS_SINCE_EPOCH:
// some platforms store time in 32-bit, some 64-bit...
outoff = static_cast<int64_t>(current_time.tv_sec);
logformat *format;
struct logformat_token_table_entry *te;
- debugs(46, 0, "accessLogDumpLogFormat called");
+ debugs(46, 4, "accessLogDumpLogFormat called");
for (format = definitions; format; format = format->next) {
- debugs(46, 0, "Dumping logformat definition for " << format->name);
+ debugs(46, 3, "Dumping logformat definition for " << format->name);
storeAppendPrintf(entry, "logformat %s ", format->name);
for (t = format->format; t; t = t->next) {
user2 = accessLogFormatName(al->cache.rfc931);
- logfilePrintf(logfile, "%s %s %s [%s] \"%s %s HTTP/%d.%d\" %d %"PRId64" %s%s:%s",
+ logfilePrintf(logfile, "%s %s %s [%s] \"%s %s HTTP/%d.%d\" %d %"PRId64" %s%s:%s%s",
client,
user2 ? user2 : dash_str,
user1 ? user1 : dash_str,
al->cache.replySize,
log_tags[al->cache.code],
al->http.statusSfx(),
- hier_code_str[al->hier.code]);
+ hier_code_str[al->hier.code],
+ (Config.onoff.log_mime_hdrs?"":"\n"));
safe_free(user1);
logfilePrintf(logfile, " [%s] [%s]\n", ereq, erep);
safe_free(ereq);
safe_free(erep);
- } else {
- logfilePrintf(logfile, "\n");
}
-
}
#if ICAP_CLIENT
accessLogRotate(void)
{
customlog *log;
-#if FORW_VIA_DB
+#if USE_FORW_VIA_DB
fvdbClear();
#endif
n_ichoices(0),
peer_reply_status(HTTP_STATUS_NONE),
peer_response_time(-1),
- total_response_time(-1)
+ total_response_time(-1),
+ peer_local_port(0)
{
memset(host, '\0', SQUIDHOSTNAMELEN);
memset(cd_host, '\0', SQUIDHOSTNAMELEN);
static void
accessLogRegisterWithCacheManager(void)
{
-#if FORW_VIA_DB
+#if USE_FORW_VIA_DB
fvdbRegisterWithCacheManager();
#endif
}
assert(sizeof(log_tags) == (LOG_TYPE_MAX + 1) * sizeof(char *));
+#if USE_ADAPTATION
+ alLogformatHasAdaptToken = false;
+#endif
+#if ICAP_CLIENT
+ alLogformatHasIcapToken = false;
+#endif
+
for (log = Config.Log.accesslogs; log; log = log->next) {
if (log->type == CLF_NONE)
continue;
LogfileStatus = LOG_ENABLE;
-#if USE_ADAPTATION
- alLogformatHasAdaptToken = false;
-#endif
-#if ICAP_CLIENT
- alLogformatHasIcapToken = false;
-#endif
#if USE_ADAPTATION || ICAP_CLIENT
for (logformat_token * curr_token = (log->logFormat?log->logFormat->format:NULL); curr_token; curr_token = curr_token->next) {
#if USE_ADAPTATION
}
#endif
-#if FORW_VIA_DB
+#if USE_FORW_VIA_DB
fvdbInit();
}
-#if FORW_VIA_DB
+#if USE_FORW_VIA_DB
static void
fvdbInit(void)
return 0;
}
-
/*
* $Id$
*
- * DEBUG: section 1 Startup and Main Loop
+ * DEBUG: section 01 Startup and Main Loop
* AUTHOR: Harvest Derived
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
#include "adaptation/icap/icap_log.h"
#endif
#include "auth/Gadgets.h"
+#include "base/TextException.h"
#include "ConfigParser.h"
#include "errorpage.h"
#include "event.h"
#include "MemPool.h"
#include "icmp/IcmpSquid.h"
#include "icmp/net_db.h"
-#include "TextException.h"
#if USE_LOADABLE_MODULES
#include "LoadableModules.h"
WIN32_svcstatusupdate(SERVICE_STOP_PENDING, (wait + 1) * 1000);
#endif
+ /* run the closure code which can be shared with reconfigure */
serverConnectionsClose();
+
+ /* detach the auth components (only do this on full shutdown) */
+ AuthScheme::FreeAll();
+
eventAdd("SquidShutdown", &StopEventLoop, this, (double) (wait + 1), 1, false);
}
#endif
#ifndef _SQUID_MSWIN_
-#ifdef KILL_PARENT_OPT
+#if KILL_PARENT_OPT
if (getppid() > 1) {
debugs(1, 1, "Killing master process, pid " << getppid());
htcpInit();
#endif
-#ifdef SQUID_SNMP
+#if SQUID_SNMP
snmpConnectionOpen();
#endif
#endif
icmpEngine.Close();
-#ifdef SQUID_SNMP
+#if SQUID_SNMP
snmpConnectionShutdown();
#endif
htcpSocketClose();
#endif
-#ifdef SQUID_SNMP
+#if SQUID_SNMP
snmpConnectionClose();
#endif
#endif
redirectShutdown();
- authenticateShutdown();
+ authenticateReset();
externalAclShutdown();
storeDirCloseSwapLogs();
storeLogClose();
setEffectiveUser();
_db_init(Debug::cache_log, Debug::debugOptions);
ipcache_restart(); /* clear stuck entries */
- authenticateUserCacheRestart(); /* clear stuck ACL entries */
fqdncache_restart(); /* sigh, fqdncache too */
parseEtcHosts();
errorInitialize(); /* reload error pages */
accessLogInit();
+
+#if USE_LOADABLE_MODULES
+ LoadableModulesConfigure(Config.loadable_module_names);
+#endif
+
+#if USE_ADAPTATION
+ bool enableAdaptation = false;
+#if ICAP_CLIENT
+ Adaptation::Icap::TheConfig.finalize();
+ enableAdaptation = Adaptation::Icap::TheConfig.onoff || enableAdaptation;
+#endif
+#if USE_ECAP
+ Adaptation::Ecap::TheConfig.finalize(); // must be after we load modules
+ enableAdaptation = Adaptation::Ecap::TheConfig.onoff || enableAdaptation;
+#endif
+ Adaptation::Config::Finalize(enableAdaptation);
+#endif
+
#if ICAP_CLIENT
icapLogOpen();
#endif
#endif
redirectInit();
- authenticateInit(&Config.authConfiguration);
+ authenticateInit(&Auth::TheConfig);
externalAclInit();
if (IamPrimaryProcess()) {
dnsShutdown();
#endif
redirectShutdown();
- authenticateShutdown();
+ authenticateRotate();
externalAclShutdown();
_db_rotate_log(); /* cache.log */
dnsInit();
#endif
redirectInit();
- authenticateInit(&Config.authConfiguration);
+ authenticateInit(&Auth::TheConfig);
externalAclInit();
}
#endif
debugs(1, 1, "Process ID " << getpid());
-
+ setSystemLimits();
debugs(1, 1, "With " << Squid_MaxFD << " file descriptors available");
#ifdef _SQUID_MSWIN_
redirectInit();
- authenticateInit(&Config.authConfiguration);
+ authenticateInit(&Auth::TheConfig);
externalAclInit();
Ident::Init();
#endif
-#ifdef SQUID_SNMP
+#if SQUID_SNMP
snmpInit();
/* we may want the parsing process to set this up in the future */
Store::Root(new StoreController);
+ InitAuthSchemes(); /* required for config parsing */
+
parse_err = parseConfigFile(ConfigFile);
Mem::Report();
static void
mainStartScript(const char *prog)
{
- char script[SQUID_MAXPATHLEN];
+ char script[MAXPATHLEN];
char *t;
size_t sl = 0;
pid_t cpid;
htcpSocketClose();
#endif
-#ifdef SQUID_SNMP
+#if SQUID_SNMP
snmpConnectionClose();
#endif
DelayPools::FreePools();
#endif
- authenticateShutdown();
+ authenticateReset();
#if USE_WIN32_SERVICE
WIN32_svcstatusupdate(SERVICE_STOP_PENDING, 10000);
void
memFree(void *p, int type)
{
- MemPools[type]->free(p);
+ MemPools[type]->freeOne(p);
}
/* allocate a variable size buffer using best-fit pool */
memMeterDec(StrCountMeter);
memMeterDel(StrVolumeMeter, size);
- pool ? pool->free(buf) : xfree(buf);
+ pool ? pool->freeOne(buf) : xfree(buf);
}
/* Find the best fit MEM_X_BUF type */
new_pool_limit = 0;
else if (Config.MemPools.limit > 0)
new_pool_limit = Config.MemPools.limit;
- else
- new_pool_limit = mem_unlimited_size;
+ else {
+ if (Config.MemPools.limit == 0)
+ debugs(13, 1, "memory_pools_limit 0 has been chagned to memory_pools_limit none. Please update your config");
+ new_pool_limit = -1;
+ }
#if 0
/** \par
MemPoolMeter *pm = mp_st->meter;
const char *delim = "\t ";
+#if HAVE_IOMANIP
+ stream.setf(std::ios_base::fixed);
+#endif
stream << std::setw(20) << std::left << mp_st->label << delim;
stream << std::setw(4) << std::right << mp_st->obj_size << delim;
/* Chunks */
- stream << std::setw(4) << toKB(mp_st->obj_size * mp_st->chunk_capacity) << delim;
- stream << std::setw(4) << mp_st->chunk_capacity << delim;
-
if (mp_st->chunk_capacity) {
+ stream << std::setw(4) << toKB(mp_st->obj_size * mp_st->chunk_capacity) << delim;
+ stream << std::setw(4) << mp_st->chunk_capacity << delim;
+
needed = mp_st->items_inuse / mp_st->chunk_capacity;
if (mp_st->items_inuse % mp_st->chunk_capacity)
needed++;
excess = mp_st->chunks_inuse - needed;
- }
- stream << std::setw(4) << mp_st->chunks_alloc << delim;
- stream << std::setw(4) << mp_st->chunks_inuse << delim;
- stream << std::setw(4) << mp_st->chunks_free << delim;
- stream << std::setw(4) << mp_st->chunks_partial << delim;
- stream << std::setprecision(3) << xpercent(excess, needed) << delim;
+ stream << std::setw(4) << mp_st->chunks_alloc << delim;
+ stream << std::setw(4) << mp_st->chunks_inuse << delim;
+ stream << std::setw(4) << mp_st->chunks_free << delim;
+ stream << std::setw(4) << mp_st->chunks_partial << delim;
+ stream << std::setprecision(3) << xpercent(excess, needed) << delim;
+ } else {
+ stream << delim;
+ stream << delim;
+ stream << delim;
+ stream << delim;
+ stream << delim;
+ stream << delim;
+ stream << delim;
+ }
/*
* Fragmentation calculation:
* needed = inuse.level / chunk_capacity
stream << toKB(mp_st->obj_size * pm->idle.hwater_level) << delim;
/* saved */
stream << (int)pm->gb_saved.count << delim;
- stream << std::setprecision(3) << xpercent(pm->gb_saved.count, AllMeter->gb_saved.count) << delim;
- stream << std::setprecision(3) << xpercent(pm->gb_saved.bytes, AllMeter->gb_saved.bytes) << delim;
- stream << std::setprecision(3) << xdiv(pm->gb_saved.count - pm->gb_osaved.count, xm_deltat) << "\n";
- pm->gb_osaved.count = pm->gb_saved.count;
+ stream << std::setprecision(3) << xpercent(pm->gb_saved.count, AllMeter->gb_allocated.count) << delim;
+ stream << std::setprecision(3) << xpercent(pm->gb_saved.bytes, AllMeter->gb_allocated.bytes) << delim;
+ stream << std::setprecision(3) << xdiv(pm->gb_allocated.count - pm->gb_oallocated.count, xm_deltat) << "\n";
+ pm->gb_oallocated.count = pm->gb_allocated.count;
}
static int
"In Use\t\t\t\t\t"
"Idle\t\t\t"
"Allocations Saved\t\t\t"
- "Hit Rate\t"
+ "Rate\t"
"\n"
" \t (bytes)\t"
"KB/ch\t obj/ch\t"
"(#)\t (KB)\t high (KB)\t high (hrs)\t %alloc\t"
"(#)\t (KB)\t high (KB)\t"
"(#)\t %cnt\t %vol\t"
- "(#) / sec\t"
+ "(#)/sec\t"
"\n";
xm_deltat = current_dtime - xm_time;
xm_time = current_dtime;
if (!mp_stats.pool) /* pool destroyed */
continue;
- if (mp_stats.pool->getMeter().gb_saved.count > 0) /* this pool has been used */
+ if (mp_stats.pool->getMeter().gb_allocated.count > 0) /* this pool has been used */
sortme[npools++] = mp_stats;
else
not_used++;
PoolReport(&mp_stats, mp_total.TheMeter, stream);
/* Cumulative */
- stream << "Cumulative allocated volume: "<< double_to_str(buf, 64, mp_total.TheMeter->gb_saved.bytes) << "\n";
+ stream << "Cumulative allocated volume: "<< double_to_str(buf, 64, mp_total.TheMeter->gb_allocated.bytes) << "\n";
/* overhead */
stream << "Current overhead: " << mp_total.tot_overhead << " bytes (" <<
std::setprecision(3) << xpercent(mp_total.tot_overhead, mp_total.TheMeter->inuse.level) << "%)\n";
/* limits */
- stream << "Idle pool limit: " << std::setprecision(2) << toMB(mp_total.mem_idle_limit) << " MB\n";
+ if (mp_total.mem_idle_limit >= 0)
+ stream << "Idle pool limit: " << std::setprecision(2) << toMB(mp_total.mem_idle_limit) << " MB\n";
/* limits */
stream << "Total Pools created: " << mp_total.tot_pools_alloc << "\n";
stream << "Pools ever used: " << mp_total.tot_pools_alloc - not_used << " (shown above)\n";
/*
* $Id$
*
- * DEBUG: section 7 Multicast
+ * DEBUG: section 07 Multicast
* AUTHOR: Martin Hamilton
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
#include "SquidTime.h"
#include "Store.h"
#include "icmp/net_db.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
/* count mcast group peers every 15 minutes */
#define MCAST_COUNT_RATE 900
static void peerCountMcastPeersSchedule(peer * p, time_t when);
static IRCB peerCountHandleIcpReply;
-static void neighborIgnoreNonPeer(const IpAddress &, icp_opcode);
+static void neighborIgnoreNonPeer(const Ip::Address &, icp_opcode);
static OBJH neighborDumpPeers;
static OBJH neighborDumpNonPeers;
static void dump_peers(StoreEntry * sentry, peer * peers);
peer *
-whichPeer(const IpAddress &from)
+whichPeer(const Ip::Address &from)
{
int j;
void
neighbors_init(void)
{
- IpAddress nul;
+ Ip::Address nul;
struct addrinfo *AI = NULL;
struct servent *sep = NULL;
const char *me = getMyHostname();
static peer *non_peers = NULL;
static void
-neighborIgnoreNonPeer(const IpAddress &from, icp_opcode opcode)
+neighborIgnoreNonPeer(const Ip::Address &from, icp_opcode opcode)
{
peer *np;
* If a hit process is already started, then sobeit
*/
void
-neighborsUdpAck(const cache_key * key, icp_common_t * header, const IpAddress &from)
+neighborsUdpAck(const cache_key * key, icp_common_t * header, const Ip::Address &from)
{
peer *p = NULL;
StoreEntry *entry;
if (squid_curtime - p->stats.last_connect_probe == 0)
return ret;/* don't probe to often */
- IpAddress temp(getOutgoingAddr(NULL,p));
+ Ip::Address temp(getOutgoingAddr(NULL,p));
fd = comm_open(SOCK_STREAM, IPPROTO_TCP, temp, COMM_NONBLOCKING, p->host);
#if USE_HTCP
void
-neighborsHtcpReply(const cache_key * key, htcpReplyData * htcp, const IpAddress &from)
+neighborsHtcpReply(const cache_key * key, htcpReplyData * htcp, const Ip::Address &from)
{
StoreEntry *e = Store::Root().get(key);
MemObject *mem = NULL;
parent->unlinkList(this);
if (nfds_alloc == PCONN_FDS_SZ)
- pconn_fds_pool->free(fds);
+ pconn_fds_pool->freeOne(fds);
else
xfree(fds);
xmemcpy(fds, old, nfds * sizeof(int));
if (nfds == PCONN_FDS_SZ)
- pconn_fds_pool->free(old);
+ pconn_fds_pool->freeOne(old);
else
xfree(old);
}
/* ========== PconnPool PRIVATE FUNCTIONS ============================================ */
const char *
-PconnPool::key(const char *host, u_short port, const char *domain, IpAddress &client_address)
+PconnPool::key(const char *host, u_short port, const char *domain, Ip::Address &client_address)
{
LOCAL_ARRAY(char, buf, SQUIDHOSTNAMELEN * 3 + 10);
char ntoabuf[MAX_IPSTRLEN];
}
void
-PconnPool::push(int fd, const char *host, u_short port, const char *domain, IpAddress &client_address)
+PconnPool::push(int fd, const char *host, u_short port, const char *domain, Ip::Address &client_address)
{
IdleConnList *list;
const char *aKey;
* transactions create persistent connections but are not retriable.
*/
int
-PconnPool::pop(const char *host, u_short port, const char *domain, IpAddress &client_address, bool isRetriable)
+PconnPool::pop(const char *host, u_short port, const char *domain, Ip::Address &client_address, bool isRetriable)
{
const char * aKey = key(host, port, domain, client_address);
};
-class IpAddress;
+#include "ip/forward.h"
+
class StoreEntry;
class IdleConnLimit;
~PconnPool();
void moduleInit();
- void push(int fd, const char *host, u_short port, const char *domain, IpAddress &client_address);
- int pop(const char *host, u_short port, const char *domain, IpAddress &client_address, bool retriable);
+ void push(int fd, const char *host, u_short port, const char *domain, Ip::Address &client_address);
+ int pop(const char *host, u_short port, const char *domain, Ip::Address &client_address, bool retriable);
void count(int uses);
void dumpHist(StoreEntry *e);
void dumpHash(StoreEntry *e);
private:
- static const char *key(const char *host, u_short port, const char *domain, IpAddress &client_address);
+ static const char *key(const char *host, u_short port, const char *domain, Ip::Address &client_address);
int hist[PCONN_HIST_SZ];
hash_table *table;
if (n_userhash_peers == 0)
return NULL;
- if (request->auth_user_request)
+ if (request->auth_user_request != NULL)
key = request->auth_user_request->username();
if (!key)
*/
#include "Packer.h"
/* for routines still in this file that take CacheManager parameters */
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
/* for parameters that still need these */
#include "enums.h"
/* some parameters stil need this */
class HttpRequestMethod;
-#if FORW_VIA_DB
+#if USE_FORW_VIA_DB
SQUIDCEXTERN void fvdbCountVia(const char *key);
SQUIDCEXTERN void fvdbCountForw(const char *key);
#endif
SQUIDCEXTERN void requirePathnameExists(const char *name, const char *path);
SQUIDCEXTERN void parse_time_t(time_t * var);
-SQUIDCEXTERN void parse_IpAddress_list_token(IpAddress_list **, char *);
-
/* client_side.c - FD related client side routines */
SQUIDCEXTERN void clientdbInit(void);
-SQUIDCEXTERN void clientdbUpdate(const IpAddress &, log_type, protocol_t, size_t);
+SQUIDCEXTERN void clientdbUpdate(const Ip::Address &, log_type, protocol_t, size_t);
-SQUIDCEXTERN int clientdbCutoffDenied(const IpAddress &);
+SQUIDCEXTERN int clientdbCutoffDenied(const Ip::Address &);
void clientdbDump(StoreEntry *);
SQUIDCEXTERN void clientdbFreeMemory(void);
-SQUIDCEXTERN int clientdbEstablished(const IpAddress &, int);
+SQUIDCEXTERN int clientdbEstablished(const Ip::Address &, int);
SQUIDCEXTERN void clientOpenListenSockets(void);
SQUIDCEXTERN void clientHttpConnectionsClose(void);
SQUIDCEXTERN void httpRequestFree(void *);
SQUIDCEXTERN void idnsShutdown(void);
SQUIDCEXTERN void idnsALookup(const char *, IDNSCB *, void *);
-SQUIDCEXTERN void idnsPTRLookup(const IpAddress &, IDNSCB *, void *);
+SQUIDCEXTERN void idnsPTRLookup(const Ip::Address &, IDNSCB *, void *);
SQUIDCEXTERN void fd_close(int fd);
SQUIDCEXTERN void fd_open(int fd, unsigned int type, const char *);
SQUIDCEXTERN void filemapFreeMemory(fileMap *);
-SQUIDCEXTERN void fqdncache_nbgethostbyaddr(IpAddress &, FQDNH *, void *);
+SQUIDCEXTERN void fqdncache_nbgethostbyaddr(const Ip::Address &, FQDNH *, void *);
-SQUIDCEXTERN const char *fqdncache_gethostbyaddr(IpAddress &, int flags);
+SQUIDCEXTERN const char *fqdncache_gethostbyaddr(const Ip::Address &, int flags);
SQUIDCEXTERN void fqdncache_init(void);
SQUIDCEXTERN void fqdnStats(StoreEntry *);
SQUIDCEXTERN void fqdncacheReleaseInvalid(const char *);
-SQUIDCEXTERN const char *fqdnFromAddr(IpAddress &);
+SQUIDCEXTERN const char *fqdnFromAddr(const Ip::Address &);
SQUIDCEXTERN int fqdncacheQueueDrain(void);
SQUIDCEXTERN void fqdncacheFreeMemory(void);
SQUIDCEXTERN void fqdncache_restart(void);
SQUIDCEXTERN void snmpConnectionClose(void);
SQUIDCEXTERN const char * snmpDebugOid(oid * Name, snint Len, MemBuf &outbuf);
-SQUIDCEXTERN void addr2oid(IpAddress &addr, oid *Dest);
-SQUIDCEXTERN void oid2addr(oid *Dest, IpAddress &addr, u_int code);
+SQUIDCEXTERN void addr2oid(Ip::Address &addr, oid *Dest);
+SQUIDCEXTERN void oid2addr(oid *Dest, Ip::Address &addr, u_int code);
-SQUIDCEXTERN IpAddress *client_entry(IpAddress *current);
+SQUIDCEXTERN Ip::Address *client_entry(Ip::Address *current);
SQUIDCEXTERN variable_list *snmp_basicFn(variable_list *, snint *);
SQUIDCEXTERN variable_list *snmp_confFn(variable_list *, snint *);
SQUIDCEXTERN variable_list *snmp_sysFn(variable_list *, snint *);
SQUIDCEXTERN variable_list *snmp_netDnsFn(variable_list *, snint *);
#else
SQUIDCEXTERN variable_list *snmp_netIdnsFn(variable_list *, snint *);
-#endif
+#endif /* USE_DNSSERVERS */
SQUIDCEXTERN variable_list *snmp_meshPtblFn(variable_list *, snint *);
SQUIDCEXTERN variable_list *snmp_meshCtblFn(variable_list *, snint *);
#endif /* SQUID_SNMP */
SQUIDCEXTERN void ipcache_init(void);
SQUIDCEXTERN void stat_ipcache_get(StoreEntry *);
SQUIDCEXTERN void ipcacheCycleAddr(const char *name, ipcache_addrs *);
-
-SQUIDCEXTERN void ipcacheMarkBadAddr(const char *name, IpAddress &);
-
-SQUIDCEXTERN void ipcacheMarkGoodAddr(const char *name, IpAddress &);
+SQUIDCEXTERN void ipcacheMarkBadAddr(const char *name, const Ip::Address &);
+SQUIDCEXTERN void ipcacheMarkGoodAddr(const char *name, const Ip::Address &);
+SQUIDCEXTERN void ipcacheMarkAllGood(const char *name);
SQUIDCEXTERN void ipcacheFreeMemory(void);
SQUIDCEXTERN ipcache_addrs *ipcacheCheckNumeric(const char *name);
SQUIDCEXTERN void ipcache_restart(void);
int *timeout);
SQUIDCEXTERN void neighborAddAcl(const char *, const char *);
-SQUIDCEXTERN void neighborsUdpAck(const cache_key *, icp_common_t *, const IpAddress &);
+SQUIDCEXTERN void neighborsUdpAck(const cache_key *, icp_common_t *, const Ip::Address &);
SQUIDCEXTERN void neighborAdd(const char *, const char *, int, int, int, int, int);
SQUIDCEXTERN void neighbors_init(void);
#if USE_HTCP
SQUIDCEXTERN void dump_peer_options(StoreEntry *, peer *);
SQUIDCEXTERN int peerHTTPOkay(const peer *, HttpRequest *);
-SQUIDCEXTERN peer *whichPeer(const IpAddress &from);
+SQUIDCEXTERN peer *whichPeer(const Ip::Address &from);
SQUIDCEXTERN void peerSelect(HttpRequest *, StoreEntry *, PSC *, void *data);
SQUIDCEXTERN void peerSelectInit(void);
SQUIDCEXTERN void peerDigestNotePeerGone(PeerDigest * pd);
SQUIDCEXTERN void peerDigestStatsReport(const PeerDigest * pd, StoreEntry * e);
-extern IpAddress getOutgoingAddr(HttpRequest * request, struct peer *dst_peer);
+extern Ip::Address getOutgoingAddr(HttpRequest * request, struct peer *dst_peer);
unsigned long getOutgoingTOS(HttpRequest * request);
SQUIDCEXTERN void urnStart(HttpRequest *, StoreEntry *);
SQUIDCEXTERN void writePidFile(void);
SQUIDCEXTERN void setSocketShutdownLifetimes(int);
SQUIDCEXTERN void setMaxFD(void);
+SQUIDCEXTERN void setSystemLimits(void);
SQUIDCEXTERN void squid_signal(int sig, SIGHDLR *, int flags);
SQUIDCEXTERN pid_t readPidFile(void);
SQUIDCEXTERN void keepCapabilities(void);
const char *prog,
const char *const args[],
const char *name,
- IpAddress &local_addr,
+ Ip::Address &local_addr,
int *rfd,
int *wfd,
void **hIpc);
/* upstream proxy authentication */
SQUIDCEXTERN char *peer_proxy_negotiate_auth(char *principal_name, char *proxy);
#endif
+
+ /* call to ensure the auth component schemes exist. */
+ SQUIDCEXTERN void InitAuthSchemes(void);
+
#endif /* SQUID_PROTOS_H */
-
/*
* $Id$
*
- * DEBUG: section 0 Announcement Server
+ * DEBUG: section 00 Announcement Server
* AUTHOR: Harvest Derived
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
*
*/
+#include "config.h"
#include <stdio.h>
#include <fcntl.h>
-#include <stdlib.h>
#include <string.h>
-#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <unistd.h>
#include <signal.h>
-#include "config.h"
-
#define RECV_BUF_SIZE 8192
/*
void *data;
char *orig_url;
- IpAddress client_addr;
+ Ip::Address client_addr;
const char *client_ident;
const char *method_s;
RH *handler;
r->client_addr.SetNoAddr();
r->client_ident = NULL;
- if (http->request->auth_user_request)
+ if (http->request->auth_user_request != NULL)
r->client_ident = http->request->auth_user_request->username();
else if (http->request->extacl_user.defined()) {
r->client_ident = http->request->extacl_user.termedBuf();
dlinkDelete(&lru_node->node, &lru->list);
- lru_node_pool->free(lru_node);
+ lru_node_pool->freeOne(lru_node);
lru->count -= 1;
}
goto try_again;
}
- lru_node_pool->free(lru_node);
+ lru_node_pool->freeOne(lru_node);
lru->count -= 1;
lru->setPolicyNode(entry, NULL);
return entry;
LOCAL_ARRAY(char, tbuf, 256);
LOCAL_ARRAY(char, sndbuf, BUFSIZ);
- IpAddress S;
+ Ip::Address S;
char *host = Config.Announce.host;
char *file = NULL;
u_short port = Config.Announce.port;
{
variable_list *Answer = NULL;
- IpAddress laddr;
+ Ip::Address laddr;
char *cp = NULL;
peer *p = NULL;
int cnt = 0;
*
*/
#include "squid.h"
-#include "comm.h"
-#include "cache_snmp.h"
#include "acl/FilledChecklist.h"
-#include "ip/IpAddress.h"
+#include "cache_snmp.h"
+#include "comm.h"
#include "ipc/StartListening.h"
+#include "compat/strsep.h"
+#include "ip/Address.h"
#define SNMP_REQUEST_SIZE 4096
#define MAX_PROTOSTAT 5
-
/// dials snmpConnectionOpened call
class SnmpListeningStartedDialer: public CallDialer,
public Ipc::StartListeningCb
};
-IpAddress theOutSNMPAddr;
+Ip::Address theOutSNMPAddr;
typedef struct _mib_tree_entry mib_tree_entry;
typedef oid *(instance_Fn) (oid * name, snint * len, mib_tree_entry * current, oid_ParseFn ** Fn);
snmpHandleUdp(int sock, void *not_used)
{
LOCAL_ARRAY(char, buf, SNMP_REQUEST_SIZE);
- IpAddress from;
+ Ip::Address from;
snmp_request_t *snmp_rq;
int len;
client_Inst(oid * name, snint * len, mib_tree_entry * current, oid_ParseFn ** Fn)
{
oid *instance = NULL;
- IpAddress laddr;
- IpAddress *aux;
+ Ip::Address laddr;
+ Ip::Address *aux;
int size = 0;
int newshift = 0;
}
int i, r = 1;
- while (r <= namelen) {
+ while (r < namelen) {
/* Find the child node which matches this */
for (i = 0; i < e->children && e->leaves[i]->name[r] != name[r]; i++) ; // seek-loop
*name = NULL;
*nl = 0;
char *s = xstrdup(str);
+ char *s_ = s;
/* Parse the OID string into oid bits */
- while ( (p = strsep(&s, delim)) != NULL) {
+ while ( (p = strsep(&s_, delim)) != NULL) {
*name = (oid*)xrealloc(*name, sizeof(oid) * ((*nl) + 1));
(*name)[*nl] = atoi(p);
(*nl)++;
oid == 32.1.50.239.162.33.251.20.50.0.0.0.0.0.0.0.0.0.1
*/
void
-addr2oid(IpAddress &addr, oid * Dest)
+addr2oid(Ip::Address &addr, oid * Dest)
{
u_int i ;
u_char *cp = NULL;
IPv6 adress : 20:01:32:ef:a2:21:fb:32:00:00:00:00:00:00:00:00:OO:01
*/
void
-oid2addr(oid * id, IpAddress &addr, u_int size)
+oid2addr(oid * id, Ip::Address &addr, u_int size)
{
struct in_addr iaddr;
u_int i;
.if !'po4a'hide' <squid-users@squid-cache.org>
.
.SH REPORTING BUGS
+Bug reports need to be made in English.
+See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report.
+.PP
Report bugs or bug fixes using http://bugs.squid-cache.org/
.PP
Report serious security bugs to
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
#if HAVE_STDIO_H
#include <stdio.h>
#endif
-#if HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
#if HAVE_CTYPE_H
#include <ctype.h>
#endif
#if HAVE_ERRNO_H
#include <errno.h>
#endif
-#if HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
#if HAVE_GRP_H
#include <grp.h>
#endif
#if HAVE_MEMORY_H
#include <memory.h>
#endif
-#if HAVE_NETDB_H && !defined(_SQUID_NETDB_H_) /* protect NEXTSTEP */
-#define _SQUID_NETDB_H_
-#ifdef _SQUID_NEXT_
-#include <netinet/in_systm.h>
-#endif
+#if HAVE_NETDB_H
#include <netdb.h>
#endif
#if HAVE_PATHS_H
#if HAVE_LIBC_H
#include <libc.h>
#endif
-#ifdef HAVE_SYS_SYSCALL_H
+#if HAVE_SYS_SYSCALL_H
#include <sys/syscall.h>
#endif
-#ifdef HAVE_STRING_H
+#if HAVE_STRING_H
#include <string.h>
#endif
-#ifdef HAVE_STRINGS_H
+#if HAVE_STRINGS_H
#include <strings.h>
#endif
#if HAVE_BSTRING_H
#include <bstring.h>
#endif
-#if HAVE_SYS_SELECT_H
-#include <sys/select.h>
-#endif
#if HAVE_GETOPT_H
#include <getopt.h>
#endif
#ifdef _SQUID_WIN32_
#include <io.h>
#endif
-
-#if HAVE_DIRENT_H
-#include <dirent.h>
-#define NAMLEN(dirent) strlen((dirent)->d_name)
-#else /* HAVE_DIRENT_H */
-#define dirent direct
-#define NAMLEN(dirent) (dirent)->d_namlen
-#if HAVE_SYS_NDIR_H
-#include <sys/ndir.h>
-#endif /* HAVE_SYS_NDIR_H */
-#if HAVE_SYS_DIR_H
-#include <sys/dir.h>
-#endif /* HAVE_SYS_DIR_H */
-#if HAVE_NDIR_H
-#include <ndir.h>
-#endif /* HAVE_NDIR_H */
-#endif /* HAVE_DIRENT_H */
-
-#if defined(__QNX__)
-#include <unix.h>
-#endif
-
#if HAVE_SYS_MOUNT_H
#include <sys/mount.h>
#endif
-
-/*
- * We require poll.h before using poll(). If the symbols used
- * by poll() are defined elsewhere, we will need to make this
- * a more sophisticated test.
- * -- Oskar Pearson <oskar@is.co.za>
- * -- Stewart Forster <slf@connect.com.au>
- */
-#if USE_POLL
-#if HAVE_POLL_H
-#include <poll.h>
-#endif /* HAVE_POLL_H */
-#endif /* USE_POLL */
-
-
-/*
- * Trap unintentional use of fd_set. Must not be used outside the
- * select code as it only supports FD_SETSIZE number of filedescriptors
- * and Squid may be running with a lot more..
- * But only for code linked into Squid, not the helpers.. (unlinkd, pinger)
- */
-#ifdef SQUID_FDSET_NOUSE
-# ifndef SQUID_HELPER
-# define fd_set ERROR_FD_SET_USED
-# endif
-#endif
-
#if HAVE_MATH_H
#include <math.h>
#endif
-#if 0 // moved to include/rfc2181.h - RFC defined constants
-#define SQUIDHOSTNAMELEN 256
-#endif
-
#ifndef MAXPATHLEN
#define MAXPATHLEN SQUID_MAXPATHLEN
#endif
-
-#if !HAVE_STRUCT_RUSAGE
-/*
- * If we don't have getrusage() then we create a fake structure
- * with only the fields Squid cares about. This just makes the
- * source code cleaner, so we don't need lots of #ifdefs in other
- * places
- */
-
-struct rusage {
-
- struct timeval ru_stime;
-
- struct timeval ru_utime;
- int ru_maxrss;
- int ru_majflt;
-};
-
-#endif
-
-#if !defined(HAVE_GETPAGESIZE) && defined(_SQUID_HPUX_)
-#define HAVE_GETPAGESIZE
-#define getpagesize( ) sysconf(_SC_PAGE_SIZE)
-#endif
-
-#if defined(_SQUID_MSWIN_) && !defined(getpagesize)
-/* Windows may lack getpagesize() prototype */
-SQUIDCEXTERN size_t getpagesize(void);
-#endif /* _SQUID_MSWIN_ */
-
-#ifndef SA_RESTART
-#define SA_RESTART 0
-#endif
-#ifndef SA_NODEFER
-#define SA_NODEFER 0
-#endif
-#ifndef SA_RESETHAND
-#define SA_RESETHAND 0
-#endif
-#if SA_RESETHAND == 0 && defined(SA_ONESHOT)
-#undef SA_RESETHAND
-#define SA_RESETHAND SA_ONESHOT
-#endif
-
#if LEAK_CHECK_MODE
#define LOCAL_ARRAY(type,name,size) \
static type *local_##name=NULL; \
#endif
#include "md5.h"
-
#if USE_SSL
#include "ssl_support.h"
#endif
-
-/* Needed for poll() on Linux at least */
-#if USE_POLL
-#ifndef POLLRDNORM
-#define POLLRDNORM POLLIN
-#endif
-#ifndef POLLWRNORM
-#define POLLWRNORM POLLOUT
-#endif
-#endif
-
-#ifdef SQUID_SNMP
+#if SQUID_SNMP
#include "cache_snmp.h"
#endif
-
#include "hash.h"
#include "rfc3596.h"
-
-
#include "defines.h"
#include "enums.h"
#include "typedefs.h"
#include "util.h"
#include "profiling.h"
#include "MemPool.h"
-
-#include "ip/IpAddress.h"
-
-#if !HAVE_TEMPNAM
-#include "tempnam.h"
-#endif
-
-#if !HAVE_STRSEP
-#include "strsep.h"
-#endif
-
-#if !HAVE_STRTOLL
-#include "strtoll.h"
-#endif
-
-#if !HAVE_INITGROUPS
-#include "initgroups.h"
-#endif
-
+#include "ip/Address.h"
#include "structs.h"
#include "protos.h"
#include "globals.h"
-/* Exclude CPPUnit tests from the below restriction. */
-/* BSD implementation uses these still */
-#if !defined(SQUID_UNIT_TEST)
-/*
- * Squid source files should not call these functions directly.
- * Use xmalloc, xfree, xcalloc, snprintf, and xstrdup instead.
- * Also use xmemcpy, xisspace, ...
- */
-#ifndef malloc
-#define malloc +
-#endif
-template <class V>
-void free(V x) { fatal("Do not use ::free()"); }
-#ifndef calloc
-#define calloc +
-#endif
-#ifndef sprintf
-#define sprintf +
-#endif
-#ifndef strdup
-#define strdup +
-#endif
-#endif /* !SQUID_UNIT_TEST */
-
-/*
- * Hey dummy, don't be tempted to move this to lib/config.h.in
- * again. O_NONBLOCK will not be defined there because you didn't
- * #include <fcntl.h> yet.
- */
-#if defined(_SQUID_SUNOS_)
-/*
- * We assume O_NONBLOCK is broken, or does not exist, on SunOS.
- */
-#define SQUID_NONBLOCK O_NDELAY
-#elif defined(O_NONBLOCK)
-/*
-* We used to assume O_NONBLOCK was broken on Solaris, but evidence
-* now indicates that its fine on Solaris 8, and in fact required for
-* properly detecting EOF on FIFOs. So now we assume that if
-* its defined, it works correctly on all operating systems.
-*/
-#define SQUID_NONBLOCK O_NONBLOCK
-/*
-* O_NDELAY is our fallback.
-*/
-#else
-#define SQUID_NONBLOCK O_NDELAY
-#endif
-
/*
* I'm sick of having to keep doing this ..
*/
ssl_options[] = {
-#ifdef SSL_OP_MICROSOFT_SESS_ID_BUG
+#if SSL_OP_MICROSOFT_SESS_ID_BUG
{
"MICROSOFT_SESS_ID_BUG", SSL_OP_MICROSOFT_SESS_ID_BUG
},
#endif
-#ifdef SSL_OP_NETSCAPE_CHALLENGE_BUG
+#if SSL_OP_NETSCAPE_CHALLENGE_BUG
{
"NETSCAPE_CHALLENGE_BUG", SSL_OP_NETSCAPE_CHALLENGE_BUG
},
#endif
-#ifdef SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
+#if SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
{
"NETSCAPE_REUSE_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
},
#endif
-#ifdef SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
+#if SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
{
"SSLREF2_REUSE_CERT_TYPE_BUG", SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
},
#endif
-#ifdef SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
+#if SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
{
"MICROSOFT_BIG_SSLV3_BUFFER", SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
},
#endif
-#ifdef SSL_OP_MSIE_SSLV2_RSA_PADDING
+#if SSL_OP_MSIE_SSLV2_RSA_PADDING
{
"MSIE_SSLV2_RSA_PADDING", SSL_OP_MSIE_SSLV2_RSA_PADDING
},
#endif
-#ifdef SSL_OP_SSLEAY_080_CLIENT_DH_BUG
+#if SSL_OP_SSLEAY_080_CLIENT_DH_BUG
{
"SSLEAY_080_CLIENT_DH_BUG", SSL_OP_SSLEAY_080_CLIENT_DH_BUG
},
#endif
-#ifdef SSL_OP_TLS_D5_BUG
+#if SSL_OP_TLS_D5_BUG
{
"TLS_D5_BUG", SSL_OP_TLS_D5_BUG
},
#endif
-#ifdef SSL_OP_TLS_BLOCK_PADDING_BUG
+#if SSL_OP_TLS_BLOCK_PADDING_BUG
{
"TLS_BLOCK_PADDING_BUG", SSL_OP_TLS_BLOCK_PADDING_BUG
},
#endif
-#ifdef SSL_OP_TLS_ROLLBACK_BUG
+#if SSL_OP_TLS_ROLLBACK_BUG
{
"TLS_ROLLBACK_BUG", SSL_OP_TLS_ROLLBACK_BUG
},
#endif
-#ifdef SSL_OP_ALL
+#if SSL_OP_ALL
{
"ALL", SSL_OP_ALL
},
#endif
-#ifdef SSL_OP_SINGLE_DH_USE
+#if SSL_OP_SINGLE_DH_USE
{
"SINGLE_DH_USE", SSL_OP_SINGLE_DH_USE
},
#endif
-#ifdef SSL_OP_EPHEMERAL_RSA
+#if SSL_OP_EPHEMERAL_RSA
{
"EPHEMERAL_RSA", SSL_OP_EPHEMERAL_RSA
},
#endif
-#ifdef SSL_OP_PKCS1_CHECK_1
+#if SSL_OP_PKCS1_CHECK_1
{
"PKCS1_CHECK_1", SSL_OP_PKCS1_CHECK_1
},
#endif
-#ifdef SSL_OP_PKCS1_CHECK_2
+#if SSL_OP_PKCS1_CHECK_2
{
"PKCS1_CHECK_2", SSL_OP_PKCS1_CHECK_2
},
#endif
-#ifdef SSL_OP_NETSCAPE_CA_DN_BUG
+#if SSL_OP_NETSCAPE_CA_DN_BUG
{
"NETSCAPE_CA_DN_BUG", SSL_OP_NETSCAPE_CA_DN_BUG
},
#endif
-#ifdef SSL_OP_NON_EXPORT_FIRST
+#if SSL_OP_NON_EXPORT_FIRST
{
"NON_EXPORT_FIRST", SSL_OP_NON_EXPORT_FIRST
},
#endif
-#ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
+#if SSL_OP_CIPHER_SERVER_PREFERENCE
{
"CIPHER_SERVER_PREFERENCE", SSL_OP_CIPHER_SERVER_PREFERENCE
},
#endif
-#ifdef SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
+#if SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
{
"NETSCAPE_DEMO_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
},
#endif
-#ifdef SSL_OP_NO_SSLv2
+#if SSL_OP_NO_SSLv2
{
"NO_SSLv2", SSL_OP_NO_SSLv2
},
#endif
-#ifdef SSL_OP_NO_SSLv3
+#if SSL_OP_NO_SSLv3
{
"NO_SSLv3", SSL_OP_NO_SSLv3
},
#endif
-#ifdef SSL_OP_NO_TLSv1
+#if SSL_OP_NO_TLSv1
{
"NO_TLSv1", SSL_OP_NO_TLSv1
},
else if (strcmp(flag, "NO_SESSION_REUSE") == 0)
fl |= SSL_FLAG_NO_SESSION_REUSE;
-#ifdef X509_V_FLAG_CRL_CHECK
+#if X509_V_FLAG_CRL_CHECK
else if (strcmp(flag, "VERIFY_CRL") == 0)
fl |= SSL_FLAG_VERIFY_CRL;
ssl_initialized = 1;
SSL_load_error_strings();
SSLeay_add_ssl_algorithms();
-#ifdef HAVE_OPENSSL_ENGINE_H
+#if HAVE_OPENSSL_ENGINE_H
if (Config.SSL.ssl_engine) {
ENGINE *e;
fl |= SSL_FLAG_VERIFY_CRL;
}
-#ifdef X509_V_FLAG_CRL_CHECK
+#if X509_V_FLAG_CRL_CHECK
if (fl & SSL_FLAG_VERIFY_CRL_ALL)
X509_STORE_set_flags(SSL_CTX_get_cert_store(sslContext), X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL);
else if (fl & SSL_FLAG_VERIFY_CRL)
fl |= SSL_FLAG_VERIFY_CRL;
}
-#ifdef X509_V_FLAG_CRL_CHECK
+#if X509_V_FLAG_CRL_CHECK
if (fl & SSL_FLAG_VERIFY_CRL_ALL)
X509_STORE_set_flags(SSL_CTX_get_cert_store(sslContext), X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL);
else if (fl & SSL_FLAG_VERIFY_CRL)
static OBJH statCountersHistograms;
static OBJH statClientRequests;
-#ifdef XMALLOC_STATISTICS
+#if XMALLOC_STATISTICS
static void info_get_mallstat(int, int, int, void *);
static double xm_time;
static double xm_deltat;
#endif
-#ifdef XMALLOC_STATISTICS
+#if XMALLOC_STATISTICS
static void
info_get_mallstat(int size, int number, int oldnum, void *data)
{
storeAppendPrintf(sentry, "Squid Object Cache: Version %s\n",
version_string);
-#ifdef _SQUID_WIN32_
+#if _SQUID_WIN32_
if (WIN32_run_mode == _WIN_SQUID_RUN_MODE_SERVICE) {
storeAppendPrintf(sentry,"\nRunning as %s Windows System Service on %s\n",
manager->registerAction("active_requests",
"Client-side Active Requests",
statClientRequests, 0, 1);
+ manager->registerAction("username_cache",
+ "Active Cached Usernames",
+ AuthUser::UsernameCacheStats, 0, 1);
#if DEBUG_OPENFD
manager->registerAction("openfd_objects", "Objects with Swapout files open",
statOpenfdObj, 0, 0);
(int) http->start_time.tv_usec,
tvSubDsec(http->start_time, current_time));
- if (http->request->auth_user_request)
+ if (http->request->auth_user_request != NULL)
p = http->request->auth_user_request->username();
else if (http->request->extacl_user.defined()) {
p = http->request->extacl_user.termedBuf();
void
StoreEntry::operator delete (void *address)
{
- pool->free(address);
+ pool->freeOne(address);
}
void
storeReplAdd(const char *type, REMOVALPOLICYCREATE * create)
{
int i;
- /* find the number of currently known repl types */
+ /* find the number of currently known repl types */
for (i = 0; storerepl_list && storerepl_list[i].typestr; i++) {
- assert(strcmp(storerepl_list[i].typestr, type) != 0);
+ if (strcmp(storerepl_list[i].typestr, type) == 0) {
+ debugs(20, 1, "WARNING: Trying to load store replacement policy " << type << " twice.");
+ return;
+ }
}
/* add the new type */
return NULL;
}
-#ifndef _USE_INLINE_
+#if !_USE_INLINE_
#include "Store.cci"
#endif
return 0;
}
- if ( Config.rangeOffsetLimit < 0 && mem->request && mem->request->range ) {
+ int64_t roffLimit = mem->request->getRangeOffsetLimit();
+
+ if ( roffLimit < 0 && mem->request && mem->request->range ) {
/* Don't abort if the admin has configured range_ofset -1 to download fully for caching. */
debugs(90, 3, "CheckQuickAbort2: NO admin configured range replies to full-download");
return 0;
long reqid;
int outlen;
- IpAddress from;
+ Ip::Address from;
struct snmp_pdu *PDU;
ACLChecklist *acl_checklist;
acl_address *next;
ACLList *aclList;
- IpAddress addr;
+ Ip::Address addr;
};
struct acl_tos {
#include "icmp/IcmpConfig.h"
#endif
-#if USE_ZPH_QOS
-#include "ip/QosConfig.h"
-#endif
-
#include "HelperChildConfig.h"
/* forward decl for SquidConfig, see RemovalPolicy.h */
#if USE_WCCP
struct {
-
- IpAddress router;
-
- IpAddress address;
+ Ip::Address router;
+ Ip::Address address;
int version;
} Wccp;
#endif
#if USE_WCCPv2
struct {
- IpAddress_list *router;
-
- IpAddress address;
+ Ip::Address_list *router;
+ Ip::Address address;
int forwarding_method;
int return_method;
int assignment_method;
struct {
- IpAddress udp_incoming;
-
- IpAddress udp_outgoing;
+ Ip::Address udp_incoming;
+ Ip::Address udp_outgoing;
#if SQUID_SNMP
-
- IpAddress snmp_incoming;
-
- IpAddress snmp_outgoing;
+ Ip::Address snmp_incoming;
+ Ip::Address snmp_outgoing;
#endif
/* FIXME INET6 : this should really be a CIDR value */
- IpAddress client_netmask;
+ Ip::Address client_netmask;
} Addrs;
size_t tcpRcvBufsz;
size_t udpMaxHitObjsz;
#if HTTP_VIOLATIONS
int reload_into_ims;
+ int ignore_expect_100;
#endif
int offline;
int acl_uses_indirect_client;
int delay_pool_uses_indirect_client;
int log_uses_indirect_client;
+#if LINUX_NETFILTER
+ int tproxy_uses_indirect_client;
+#endif
#endif /* FOLLOW_X_FORWARDED_FOR */
int WIN32_IpAddrChangeMonitor;
#endif
} accessList;
acl_deny_info_list *denyInfoList;
- authConfig authConfiguration;
struct {
size_t list_width;
int n_allocated;
int n_configured;
} cacheSwap;
+ /*
+ * I'm sick of having to keep doing this ..
+ */
+#define INDEXSD(i) (Config.cacheSwap.swapDirs[(i)].getRaw())
struct {
char *directory;
} comm_incoming;
int max_open_disk_fds;
int uri_whitespace;
- int64_t rangeOffsetLimit;
+ acl_size_t *rangeOffsetLimit;
#if MULTICAST_MISS_STREAM
struct {
- IpAddress addr;
+ Ip::Address addr;
int ttl;
unsigned short port;
char *encode_key;
time_t minimum_expiry_time; /* seconds */
external_acl *externalAclHelperList;
-#if USE_ZPH_QOS
- QosConfig zph;
-#endif
-
#if USE_SSL
struct {
char *accept_filter;
int umask;
+ int max_filedescriptors;
int workers;
#if USE_LOADABLE_MODULES
};
struct _ipcache_addrs {
- IpAddress *in_addrs;
+ Ip::Address *in_addrs;
unsigned char *bad_mask;
unsigned char count;
unsigned char cur;
char *host;
peer_t type;
- IpAddress in_addr;
+ Ip::Address in_addr;
struct {
int pings_sent;
int tcp_up; /* 0 if a connect() fails */
- IpAddress addresses[10];
+ Ip::Address addresses[10];
int n_addresses;
int rr_count;
peer *next;
struct {
unsigned int icase:1;
unsigned int refresh_ims:1;
+ unsigned int store_stale:1;
#if HTTP_VIOLATIONS
unsigned int override_expire:1;
unsigned int override_lastmod:1;
/*
* $Id$
*
- * DEBUG: section 3 Configuration File Parsing
+ * DEBUG: section 03 Configuration File Parsing
* AUTHOR: Robert Collins
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
#include "client_side_request.h"
#include "Store.h"
-#ifndef _USE_INLINE_
+#if !_USE_INLINE_
#include "client_side_request.cci"
#endif
/* bah, cheating on stub count */
pid_t
-ipcCreate(int type, const char *prog, const char *const args[], const char *name, IpAddress &local_addr, int *rfd, int *wfd, void **hIpc)
+ipcCreate(int type, const char *prog, const char *const args[], const char *name, Ip::Address &local_addr, int *rfd, int *wfd, void **hIpc)
{
fatal ("Not implemented");
return -1;
fatal("storeAppendVPrintf: Not implemented");
}
-#ifndef _USE_INLINE_
+#if !_USE_INLINE_
#include "Store.cci"
#endif
CPPUNIT_TEST_SUITE_REGISTRATION( testAuth );
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthConfig );
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthUserRequest );
-#ifdef HAVE_AUTH_MODULE_BASIC
+#if HAVE_AUTH_MODULE_BASIC
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthBasicUserRequest );
#endif
-#ifdef HAVE_AUTH_MODULE_DIGEST
+#if HAVE_AUTH_MODULE_DIGEST
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthDigestUserRequest );
#endif
-#ifdef HAVE_AUTH_MODULE_NTLM
+#if HAVE_AUTH_MODULE_NTLM
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNTLMUserRequest );
#endif
-#ifdef HAVE_AUTH_MODULE_NEGOTIATE
+#if HAVE_AUTH_MODULE_NEGOTIATE
CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNegotiateUserRequest );
#endif
AuthConfig *
getConfig(char const *type_str)
{
- Vector<AuthConfig *> &config = Config.authConfiguration;
+ Auth::authConfig &config = Auth::TheConfig;
/* find a configuration for the scheme */
- AuthConfig *scheme = AuthConfig::Find (type_str);
+ AuthConfig *scheme = AuthConfig::Find(type_str);
if (scheme == NULL) {
/* Create a configuration */
- AuthScheme *theScheme;
+ AuthScheme::Pointer theScheme = AuthScheme::Find(type_str);
- if ((theScheme = AuthScheme::Find(type_str)) == NULL) {
+ if (theScheme == NULL) {
return NULL;
//fatalf("Unknown authentication scheme '%s'.\n", type_str);
}
config.push_back(theScheme->createConfig());
scheme = config.back();
- assert (scheme);
+ assert(scheme);
}
return scheme;
void
setup_scheme(AuthConfig *scheme, char const **params, unsigned param_count)
{
- Vector<AuthConfig *> &config = Config.authConfiguration;
+ Auth::authConfig &config = Auth::TheConfig;
for (unsigned position=0; position < param_count; position++) {
char *param_str=xstrdup(params[position]);
Mem::Init();
- Vector<AuthConfig *> &config = Config.authConfiguration;
+ Auth::authConfig &config = Auth::TheConfig;
char const *digest_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd",
"realm foo"
Debug::Levels[29]=9;
fake_auth_setup();
- for (AuthScheme::const_iterator i = AuthScheme::Schemes().begin(); i != AuthScheme::Schemes().end(); ++i) {
- AuthUserRequest *authRequest = AuthConfig::CreateAuthUser(find_proxy_auth((*i)->type()));
+ for (AuthScheme::iterator i = AuthScheme::GetSchemes().begin(); i != AuthScheme::GetSchemes().end(); ++i) {
+ AuthUserRequest::Pointer authRequest = AuthConfig::CreateAuthUser(find_proxy_auth((*i)->type()));
CPPUNIT_ASSERT(authRequest != NULL);
}
}
Debug::Levels[29]=9;
fake_auth_setup();
- for (AuthScheme::const_iterator i = AuthScheme::Schemes().begin(); i != AuthScheme::Schemes().end(); ++i) {
+ for (AuthScheme::iterator i = AuthScheme::GetSchemes().begin(); i != AuthScheme::GetSchemes().end(); ++i) {
// create a user request
// check its scheme matches *i
- AuthUserRequest *authRequest = AuthConfig::CreateAuthUser(find_proxy_auth((*i)->type()));
+ AuthUserRequest::Pointer authRequest = AuthConfig::CreateAuthUser(find_proxy_auth((*i)->type()));
CPPUNIT_ASSERT_EQUAL(authRequest->scheme(), *i);
}
}
-#ifdef HAVE_AUTH_MODULE_BASIC
+#if HAVE_AUTH_MODULE_BASIC
+#include "auth/basic/basicUserRequest.h"
#include "auth/basic/auth_basic.h"
/* AuthBasicUserRequest::AuthBasicUserRequest works
*/
void
testAuthBasicUserRequest::username()
{
- AuthBasicUserRequest();
- AuthBasicUserRequest *temp=new AuthBasicUserRequest();
+ AuthUserRequest::Pointer temp = new AuthBasicUserRequest();
BasicUser *basic_auth=new BasicUser(AuthConfig::Find("basic"));
basic_auth->username("John");
temp->user(basic_auth);
- basic_auth->addRequest(temp);
CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
- delete temp;
}
#endif /* HAVE_AUTH_MODULE_BASIC */
-#ifdef HAVE_AUTH_MODULE_DIGEST
+#if HAVE_AUTH_MODULE_DIGEST
#include "auth/digest/auth_digest.h"
/* AuthDigestUserRequest::AuthDigestUserRequest works
*/
void
testAuthDigestUserRequest::username()
{
- AuthDigestUserRequest();
- AuthDigestUserRequest *temp=new AuthDigestUserRequest();
- DigestUser *user=new DigestUser(AuthConfig::Find("digest"));
- user->username("John");
- temp->user(user);
- user->addRequest(temp);
+ AuthUserRequest::Pointer temp = new AuthDigestUserRequest();
+ DigestUser *duser=new DigestUser(AuthConfig::Find("digest"));
+ duser->username("John");
+ temp->user(duser);
CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
- delete temp;
}
#endif /* HAVE_AUTH_MODULE_DIGEST */
-#ifdef HAVE_AUTH_MODULE_NTLM
+#if HAVE_AUTH_MODULE_NTLM
#include "auth/ntlm/auth_ntlm.h"
/* AuthNTLMUserRequest::AuthNTLMUserRequest works
*/
void
testAuthNTLMUserRequest::username()
{
- AuthNTLMUserRequest();
- AuthNTLMUserRequest *temp=new AuthNTLMUserRequest();
- NTLMUser *user=new NTLMUser(AuthConfig::Find("ntlm"));
- user->username("John");
- temp->user(user);
- user->addRequest(temp);
+ AuthUserRequest::Pointer temp = new AuthNTLMUserRequest();
+ NTLMUser *nuser=new NTLMUser(AuthConfig::Find("ntlm"));
+ nuser->username("John");
+ temp->user(nuser);
CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
- delete temp;
}
#endif /* HAVE_AUTH_MODULE_NTLM */
-#ifdef HAVE_AUTH_MODULE_NEGOTIATE
+#if HAVE_AUTH_MODULE_NEGOTIATE
#include "auth/negotiate/auth_negotiate.h"
/* AuthNegotiateUserRequest::AuthNegotiateUserRequest works
*/
void
testAuthNegotiateUserRequest::username()
{
- AuthNegotiateUserRequest();
- AuthNegotiateUserRequest *temp=new AuthNegotiateUserRequest();
- NegotiateUser *user=new NegotiateUser(AuthConfig::Find("negotiate"));
- user->username("John");
- temp->user(user);
- user->addRequest(temp);
+ AuthUserRequest::Pointer temp = new AuthNegotiateUserRequest();
+ NegotiateUser *nuser=new NegotiateUser(AuthConfig::Find("negotiate"));
+ nuser->username("John");
+ temp->user(nuser);
CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
- delete temp;
}
#endif /* HAVE_AUTH_MODULE_NEGOTIATE */
void construction();
};
-#ifdef HAVE_AUTH_MODULE_BASIC
+#if HAVE_AUTH_MODULE_BASIC
+#include "auth/basic/basicUserRequest.h"
class testAuthBasicUserRequest : public CPPUNIT_NS::TestFixture
{
CPPUNIT_TEST_SUITE( testAuthBasicUserRequest );
};
#endif
-#ifdef HAVE_AUTH_MODULE_DIGEST
+#if HAVE_AUTH_MODULE_DIGEST
+#include "auth/digest/digestUserRequest.h"
class testAuthDigestUserRequest : public CPPUNIT_NS::TestFixture
{
CPPUNIT_TEST_SUITE( testAuthDigestUserRequest );
};
#endif
-#ifdef HAVE_AUTH_MODULE_NTLM
+#if HAVE_AUTH_MODULE_NTLM
+#include "auth/ntlm/ntlmUserRequest.h"
class testAuthNTLMUserRequest : public CPPUNIT_NS::TestFixture
{
CPPUNIT_TEST_SUITE( testAuthNTLMUserRequest );
};
#endif
-#ifdef HAVE_AUTH_MODULE_NEGOTIATE
+#if HAVE_AUTH_MODULE_NEGOTIATE
+#include "auth/negotiate/negotiateUserRequest.h"
class testAuthNegotiateUserRequest : public CPPUNIT_NS::TestFixture
{
CPPUNIT_TEST_SUITE( testAuthNegotiateUserRequest );
+#define SQUID_UNIT_TEST 1
#include "squid.h"
#include "testCoss.h"
#include "Store.h"
+#define SQUID_UNIT_TEST 1
#include "config.h"
#include <cppunit/TestAssert.h>
+#define SQUID_UNIT_TEST 1
#include "config.h"
#include <cppunit/TestAssert.h>
+#define SQUID_UNIT_TEST 1
#include "config.h"
#include <cppunit/TestAssert.h>
#include "HttpReply.h"
#include "Mem.h"
-/* to avoid libsquid.la and its comm stuff */
-#include "TextException.cc"
-
CPPUNIT_TEST_SUITE_REGISTRATION( testHttpReply );
struct SquidConfig Config;
+#define SQUID_UNIT_TEST 1
#include "config.h"
#include <cppunit/TestAssert.h>
+#define SQUID_UNIT_TEST 1
+#include "config.h"
+
#include <cppunit/BriefTestProgressListener.h>
#include <cppunit/TextTestProgressListener.h>
#include <cppunit/CompilerOutputter.h>
+#define SQUID_UNIT_TEST 1
#include "squid.h"
#include "testNull.h"
#include "Store.h"
*
*/
+#define SQUID_UNIT_TEST 1
#include "testStoreSupport.h"
#include "event.h"
#include "EventLoop.h"
+#define SQUID_UNIT_TEST 1
#include "config.h"
#include "testString.h"
+#define SQUID_UNIT_TEST 1
#include "config.h"
#include <cppunit/TestAssert.h>
+#define SQUID_UNIT_TEST 1
#include "config.h"
#include "testUfs.h"
#include "Store.h"
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
*
*/
+#define SQUID_UNIT_TEST 1
#include "config.h"
#if 0
*/
#include "squid.h"
-#include "ProtoPort.h"
-#include "SwapDir.h"
+#include "compat/initgroups.h"
+#include "compat/getaddrinfo.h"
+#include "compat/getnameinfo.h"
+#include "compat/tempnam.h"
#include "fde.h"
+#include "ip/Intercept.h"
#include "MemBuf.h"
-#include "wordlist.h"
+#include "ProtoPort.h"
#include "SquidMath.h"
#include "SquidTime.h"
-#include "ip/IpIntercept.h"
#include "ipc/Kids.h"
#include "ipc/Coordinator.h"
+#include "SwapDir.h"
+#include "wordlist.h"
#if HAVE_SYS_PRCTL_H
#include <sys/prctl.h>
else
fprintf(debug_log, "FATAL: Received signal %d...dying.\n", sig);
-#ifdef PRINT_STACK_TRACE
+#if PRINT_STACK_TRACE
#ifdef _SQUID_HPUX_
{
extern void U_STACK_TRACE(void); /* link with -lcl */
DebugSignal = sig;
if (state == 0) {
-#ifndef MEM_GEN_TRACE
+#if !MEM_GEN_TRACE
Debug::parseOptions("ALL,7");
#else
state = 1;
} else {
-#ifndef MEM_GEN_TRACE
+#if !MEM_GEN_TRACE
Debug::parseOptions(Debug::debugOptions);
#else
LOCAL_ARRAY(char, host, SQUIDHOSTNAMELEN + 1);
static int present = 0;
struct addrinfo *AI = NULL;
- IpAddress sa;
+ Ip::Address sa;
if (Config.visibleHostname != NULL)
return Config.visibleHostname;
sa.GetAddrInfo(AI);
/* we are looking for a name. */
- if (xgetnameinfo(AI->ai_addr, AI->ai_addrlen, host, SQUIDHOSTNAMELEN, NULL, 0, NI_NAMEREQD ) == 0) {
+ if (getnameinfo(AI->ai_addr, AI->ai_addrlen, host, SQUIDHOSTNAMELEN, NULL, 0, NI_NAMEREQD ) == 0) {
/* DNS lookup successful */
/* use the official name from DNS lookup */
debugs(50, 4, "getMyHostname: resolved " << sa << " to '" << host << "'");
memset(&hints, 0, sizeof(addrinfo));
hints.ai_flags = AI_CANONNAME;
- if (xgetaddrinfo(host, NULL, NULL, &AI) == 0) {
+ if (getaddrinfo(host, NULL, NULL, &AI) == 0) {
/* DNS lookup successful */
/* use the official name from DNS lookup */
debugs(50, 6, "getMyHostname: '" << host << "' has rDNS.");
/* AYJ: do we want to flag AI_ALL and cache the result anywhere. ie as our local host IPs? */
if (AI) {
- xfreeaddrinfo(AI);
+ freeaddrinfo(AI);
AI = NULL;
}
return host;
}
- if (AI) xfreeaddrinfo(AI);
+ if (AI) freeaddrinfo(AI);
debugs(50, 1, "WARNING: '" << host << "' rDNS test failed: " << xstrerror());
}
}
return pid;
}
+/* A little piece of glue for odd systems */
+#ifndef RLIMIT_NOFILE
+#ifdef RLIMIT_OFILE
+#define RLIMIT_NOFILE RLIMIT_OFILE
+#endif
+#endif
+/** Figure out the number of supported filedescriptors */
void
setMaxFD(void)
{
-#if HAVE_SETRLIMIT
- /* try to use as many file descriptors as possible */
- /* System V uses RLIMIT_NOFILE and BSD uses RLIMIT_OFILE */
-
+#if HAVE_SETRLIMIT && defined(RLIMIT_NOFILE)
struct rlimit rl;
-#if defined(RLIMIT_NOFILE)
-
if (getrlimit(RLIMIT_NOFILE, &rl) < 0) {
- debugs(50, 0, "setrlimit: RLIMIT_NOFILE: " << xstrerror());
- } else {
- rl.rlim_cur = Squid_MaxFD;
-
+ debugs(50, DBG_CRITICAL, "setrlimit: RLIMIT_NOFILE: " << xstrerror());
+ } else if (Config.max_filedescriptors > 0) {
+#if USE_SELECT || USE_SELECT_WIN32
+ /* select() breaks if this gets set too big */
+ if (Config.max_filedescriptors > FD_SETSIZE)
+ rl.rlim_cur = FD_SETSIZE;
+ else
+#endif
+ rl.rlim_cur = Config.max_filedescriptors;
if (rl.rlim_cur > rl.rlim_max)
- Squid_MaxFD = rl.rlim_cur = rl.rlim_max;
-
- if (setrlimit(RLIMIT_NOFILE, &rl) < 0) {
- snprintf(tmp_error_buf, ERROR_BUF_SZ,
- "setrlimit: RLIMIT_NOFILE: %s", xstrerror());
- fatal_dump(tmp_error_buf);
+ rl.rlim_max = rl.rlim_cur;
+ if (setrlimit(RLIMIT_NOFILE, &rl)) {
+ debugs(50, DBG_CRITICAL, "setrlimit: RLIMIT_NOFILE: " << xstrerror());
+ getrlimit(RLIMIT_NOFILE, &rl);
+ rl.rlim_cur = rl.rlim_max;
+ if (setrlimit(RLIMIT_NOFILE, &rl)) {
+ debugs(50, DBG_CRITICAL, "setrlimit: RLIMIT_NOFILE: " << xstrerror());
+ }
}
}
-
-#elif defined(RLIMIT_OFILE)
- if (getrlimit(RLIMIT_OFILE, &rl) < 0) {
- debugs(50, 0, "setrlimit: RLIMIT_NOFILE: " << xstrerror());
+ if (getrlimit(RLIMIT_NOFILE, &rl) < 0) {
+ debugs(50, DBG_CRITICAL, "setrlimit: RLIMIT_NOFILE: " << xstrerror());
} else {
- rl.rlim_cur = Squid_MaxFD;
+ Squid_MaxFD = rl.rlim_cur;
+ }
- if (rl.rlim_cur > rl.rlim_max)
- Squid_MaxFD = rl.rlim_cur = rl.rlim_max;
+#endif /* HAVE_SETRLIMIT */
+}
- if (setrlimit(RLIMIT_OFILE, &rl) < 0) {
- snprintf(tmp_error_buf, ERROR_BUF_SZ,
- "setrlimit: RLIMIT_OFILE: %s", xstrerror());
+void
+setSystemLimits(void)
+{
+#if HAVE_SETRLIMIT && defined(RLIMIT_NOFILE) && !defined(_SQUID_CYGWIN_)
+ /* limit system filedescriptors to our own limit */
+ struct rlimit rl;
+ if (getrlimit(RLIMIT_NOFILE, &rl) < 0) {
+ debugs(50, DBG_CRITICAL, "setrlimit: RLIMIT_NOFILE: " << xstrerror());
+ } else {
+ rl.rlim_cur = Squid_MaxFD;
+ if (setrlimit(RLIMIT_NOFILE, &rl) < 0) {
+ snprintf(tmp_error_buf, ERROR_BUF_SZ, "setrlimit: RLIMIT_NOFILE: %s", xstrerror());
fatal_dump(tmp_error_buf);
}
}
-
-#endif
-#else /* HAVE_SETRLIMIT */
- debugs(21, 1, "setMaxFD: Cannot increase: setrlimit() not supported on this system");
-
#endif /* HAVE_SETRLIMIT */
#if HAVE_SETRLIMIT && defined(RLIMIT_DATA)
-
if (getrlimit(RLIMIT_DATA, &rl) < 0) {
- debugs(50, 0, "getrlimit: RLIMIT_DATA: " << xstrerror());
+ debugs(50, DBG_CRITICAL, "getrlimit: RLIMIT_DATA: " << xstrerror());
} else if (rl.rlim_max > rl.rlim_cur) {
rl.rlim_cur = rl.rlim_max; /* set it to the max */
if (setrlimit(RLIMIT_DATA, &rl) < 0) {
- snprintf(tmp_error_buf, ERROR_BUF_SZ,
- "setrlimit: RLIMIT_DATA: %s", xstrerror());
+ snprintf(tmp_error_buf, ERROR_BUF_SZ, "setrlimit: RLIMIT_DATA: %s", xstrerror());
fatal_dump(tmp_error_buf);
}
}
-
#endif /* RLIMIT_DATA */
+ if (Config.max_filedescriptors > Squid_MaxFD) {
+ debugs(50, DBG_IMPORTANT, "NOTICE: Could not increase the number of filedescriptors");
+ }
+
#if HAVE_SETRLIMIT && defined(RLIMIT_VMEM)
if (getrlimit(RLIMIT_VMEM, &rl) < 0) {
debugs(50, 0, "getrlimit: RLIMIT_VMEM: " << xstrerror());
rl.rlim_cur = rl.rlim_max; /* set it to the max */
if (setrlimit(RLIMIT_VMEM, &rl) < 0) {
- snprintf(tmp_error_buf, ERROR_BUF_SZ,
- "setrlimit: RLIMIT_VMEM: %s", xstrerror());
+ snprintf(tmp_error_buf, ERROR_BUF_SZ, "setrlimit: RLIMIT_VMEM: %s", xstrerror());
fatal_dump(tmp_error_buf);
}
}
-
#endif /* RLIMIT_VMEM */
}
*nt = '\0';
debugs(1, 5, "etc_hosts: got hostname '" << lt << "'");
+#if USE_IPV6
+ /* For IPV6 addresses also check for a colon */
+ if (Config.appendDomain && !strchr(lt, '.') && !strchr(lt, ':')) {
+#else
if (Config.appendDomain && !strchr(lt, '.')) {
+#endif
/* I know it's ugly, but it's only at reconfig */
strncpy(buf2, lt, 512);
strncat(buf2, Config.appendDomain, 512 - strlen(lt) - 1);
void
keepCapabilities(void)
{
-#if HAVE_PRCTL && defined(PR_SET_KEEPCAPS) && USE_LIBCAP
+#if USE_LIBCAP && HAVE_PRCTL && defined(PR_SET_KEEPCAPS)
if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0)) {
- IpInterceptor.StopTransparency("capability setting has failed.");
+ Ip::Interceptor.StopTransparency("capability setting has failed.");
}
#endif
}
else
caps = cap_init();
if (!caps) {
- IpInterceptor.StopTransparency("Can't get current capabilities");
+ Ip::Interceptor.StopTransparency("Can't get current capabilities");
} else {
int ncaps = 0;
int rc = 0;
cap_value_t cap_list[10];
cap_list[ncaps++] = CAP_NET_BIND_SERVICE;
- if (IpInterceptor.TransparentActive()) {
+ if (Ip::Interceptor.TransparentActive()) {
cap_list[ncaps++] = CAP_NET_ADMIN;
-#if LINUX_TPROXY2
- cap_list[ncaps++] = CAP_NET_BROADCAST;
-#endif
}
cap_clear_flag(caps, CAP_EFFECTIVE);
rc |= cap_set_flag(caps, CAP_PERMITTED, ncaps, cap_list, CAP_SET);
if (rc || cap_set_proc(caps) != 0) {
- IpInterceptor.StopTransparency("Error enabling needed capabilities.");
+ Ip::Interceptor.StopTransparency("Error enabling needed capabilities.");
}
cap_free(caps);
}
#elif defined(_SQUID_LINUX_)
- IpInterceptor.StopTransparency("Missing needed capability support.");
+ Ip::Interceptor.StopTransparency("Missing needed capability support.");
#endif /* HAVE_SYS_CAPABILITY_H */
}
statCounter.server.all.requests++;
statCounter.server.other.requests++;
/* Create socket. */
- IpAddress temp = getOutgoingAddr(request,NULL);
+ Ip::Address temp = getOutgoingAddr(request,NULL);
int flags = COMM_NONBLOCKING;
if (request->flags.spoof_client_ip) {
flags |= COMM_TRANSPARENT;
flags.proxying = tunnelState->request->flags.proxying;
MemBuf mb;
mb.init();
- mb.Printf("CONNECT %s HTTP/1.0\r\n", tunnelState->url);
+ mb.Printf("CONNECT %s HTTP/1.1\r\n", tunnelState->url);
HttpStateData::httpBuildRequestHeader(tunnelState->request,
tunnelState->request,
NULL, /* StoreEntry */
/// \deprecated Use AuthUserHashPointer instead.
typedef struct AuthUserHashPointer auth_user_hash_pointer;
-/// \ingroup AuthAPI
-/// \deprecated Use AuthUserIP instead.
-typedef struct AuthUserIP auth_user_ip_t;
-
/* temporary: once Config is fully hidden, this shouldn't be needed */
#include "Array.h"
-
/*
* $Id$
*
- * DEBUG: section 0 UFS Store Dump
+ * DEBUG: section 00 UFS Store Dump Tool
* AUTHOR: Robert Collins
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
/*
* $Id$
*
- * DEBUG: section 2 Unlink Daemon
+ * DEBUG: section 02 Unlink Daemon
* AUTHOR: Duane Wessels
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
unlinkdInit(void)
{
const char *args[2];
- IpAddress localhost;
+ Ip::Address localhost;
args[0] = "(unlinkd)";
args[1] = NULL;
/*
* $Id$
*
- * DEBUG: - Unlink Daemon
+ * DEBUG: section -- Unlink Daemon
* AUTHOR: Duane Wessels
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
return NULL;
}
+#if USE_IPV6
+ /* For IPV6 addresses also check for a colon */
+ if (Config.appendDomain && !strchr(host, '.') && !strchr(host, ':'))
+#else
if (Config.appendDomain && !strchr(host, '.'))
+#endif
strncat(host, Config.appendDomain, SQUIDHOSTNAMELEN - strlen(host) - 1);
/* remove trailing dots from hostnames */
return NULL;
}
-#ifdef HARDCODE_DENY_PORTS
+#if HARDCODE_DENY_PORTS
/* These ports are filtered in the default squid.conf, but
* maybe someone wants them hardcoded... */
if (port == 7 || port == 9 || port == 19) {
break;
case PROTO_HTTPS:
-#ifdef USE_SSL
+#if USE_SSL
rc = 1;
};
struct wccp_cache_entry_t {
- IpAddress ip_addr;
+ struct in_addr ip_addr; // WCCP on-the-wire in 32-bit IPv4-only.
int revision;
char hash[WCCP_HASH_SIZE];
int reserved;
};
struct wccp_i_see_you_t {
- int type;
- int version;
- int change;
- int id;
- int number;
+ int32_t type;
+ int32_t version;
+ int32_t change;
+ int32_t id;
+ int32_t number;
struct wccp_cache_entry_t wccp_cache_entry[WCCP_ACTIVE_CACHES];
};
static int last_assign_buckets_change;
static unsigned int number_caches;
-static IpAddress local_ip;
+static Ip::Address local_ip;
static PF wccpHandleUdp;
static int wccpLowestIP(void);
static void
wccpHandleUdp(int sock, void *not_used)
{
-
- IpAddress from;
+ Ip::Address from;
int len;
debugs(80, 6, "wccpHandleUdp: Called.");
for (loop = 0; loop < (unsigned) ntohl(wccp_i_see_you.number); loop++) {
assert(loop < WCCP_ACTIVE_CACHES);
- if (wccp_i_see_you.wccp_cache_entry[loop].ip_addr < local_ip)
+ if (local_ip > wccp_i_see_you.wccp_cache_entry[loop].ip_addr)
return 0;
- if (wccp_i_see_you.wccp_cache_entry[loop].ip_addr == local_ip)
+ if (local_ip == wccp_i_see_you.wccp_cache_entry[loop].ip_addr)
found = 1;
}
#if USE_WCCPv2
#include "comm.h"
+#include "compat/strsep.h"
#include "event.h"
+#include "ip/Address.h"
#include "Parsing.h"
#include "Store.h"
#include "SwapDir.h"
-#include "ip/IpAddress.h"
#if HAVE_NETDB_H
#include <netdb.h>
static struct wccp2_router_id_element_t wccp2_router_id_element;
-/** \interface WCCpv2_Protocol
+/** \interface WCCPv2_Protocol
* Sect 5.6.9 Capabilities Info Component
*/
struct wccp2_capability_info_header_t {
void
wccp2Init(void)
{
- IpAddress_list *s;
+ Ip::Address_list *s;
char *ptr;
uint32_t service_flags;
commSetSelect(sock, COMM_SELECT_READ, wccp2HandleUdp, NULL, 0);
/* FIXME INET6 : drop conversion boundary */
- IpAddress from_tmp;
+ Ip::Address from_tmp;
len = comm_udp_recvfrom(sock,
&wccp2_i_see_you,
struct wccp2_mask_identity_info_t *wccp2_mask_identity_info_ptr;
- IpAddress router;
+ Ip::Address router;
debugs(80, 6, "wccp2HereIam: Called");
if (wccp2_numrouters > 1) {
/* FIXME INET6 : drop temp conversion */
- IpAddress tmp_rtr(router);
+ Ip::Address tmp_rtr(router);
comm_udp_sendto(theWccp2Connection,
tmp_rtr,
&wccp_packet,
port = strsep(&tmp2, ",");
}
- if (i == 8) {
+ if (i == WCCP2_NUMPORTS && port) {
fatalf("parse_wccp2_service_ports: too many ports (maximum: 8) in list '%s'\n", options);
}
int new_socket;
fde *F = NULL;
- IpAddress localhost;
- IpAddress handle0;
- IpAddress handle1;
+ Ip::Address localhost;
+ Ip::Address handle0;
+ Ip::Address handle1;
struct addrinfo *AI = NULL;
localhost.SetLocalhost();
/*
* $Id$
*
- * DEBUG: section 3 Configuration File Parsing
+ * DEBUG: section 03 Configuration File Parsing
* AUTHOR: Harvest Derived
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
/*
* $Id$
*
- * DEBUG: section 86 ESI Expressions
+ * DEBUG: section 86 ESI Expressions
* AUTHOR: Robert Collins
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
#include "squid.h"
-#if !DISABLE_POOLS
+#if USE_MEMPOOLS
#include "MemPool.h"
assert (something);
assert (something->aValue == 0);
something->aValue = 5;
- Pool->free(something);
+ Pool->freeOne(something);
SomethingToAlloc *otherthing = static_cast<SomethingToAlloc *>(Pool->alloc());
assert (otherthing == something);
assert (otherthing->aValue == 0);
- Pool->free (otherthing);
+ Pool->freeOne(otherthing);
delete Pool;
}
-#endif /* DISABLE_POOLS */
+#endif /* USE_MEMPOOLS */
int
main (int argc, char **argv)
{
-#if !DISABLE_POOLS
+#if USE_MEMPOOLS
MemPoolTest aTest;
aTest.run();
#endif
--without-pthreads \
--without-aio \
--without-dl \
- --without-openssl \
--without-large-files \
--without-valgrind-debug \
--without-ipv6-split-stack \
--enable-select \
--enable-http-violations \
--enable-ipfw-transparent \
- --enable-ipf-transparent \
- --enable-pf-transparent \
- --enable-linux-netfilter \
- --enable-linux-tproxy \
--enable-leakfinder \
--enable-follow-x-forwarded-for \
--enable-ident-lookups \
--enable-internal-dns \
--enable-default-hostsfile \
--enable-auth \
- --enable-basic-auth-helpers=all \
- --enable-ntlm-auth-helpers=all \
- --enable-negotiate-auth-helpers=all \
- --enable-digest-auth-helpers=all \
+ --enable-basic-auth-helpers \
+ --enable-ntlm-auth-helpers \
+ --enable-negotiate-auth-helpers \
+ --enable-digest-auth-helpers \
--enable-ntlm-fail-open \
- --enable-external-acl-helpers=all \
- --enable-url-rewrite-helpers=all \
+ --enable-external-acl-helpers \
+ --enable-url-rewrite-helpers \
--enable-mempools \
--enable-unlinkd \
--enable-stacktraces \
--with-large-files \
--enable-underscores \
--enable-icap-client \
- --enable-auth="basic,digest,ntlm" \
- --enable-basic-auth-helpers="LDAP,MSNT,NCSA,PAM,SASL,SMB,YP,getpwnam,multi-domain-NTLM" \
- --enable-ntlm-auth-helpers="SMB" \
- --enable-digest-auth-helpers="ldap,password" \
+ --enable-auth \
+ --enable-auth-basic="LDAP,MSNT,NCSA,PAM,SASL,SMB,YP,getpwnam,multi-domain-NTLM" \
+ --enable-auth-ntlm="SMB" \
+ --enable-auth-digest="ldap,password" \
--enable-external-acl-helpers="ip_user,ldap_group,session,unix_group,wbinfo_group" \
--with-filedescriptors=65536 \
--enable-epoll \
--enable-cpu-profiling \
--enable-win32-service \
--enable-default-hostsfile=none \
- --enable-auth="basic,ntlm,digest,negotiate" \
--enable-disk-io="Blocking,AIO,DiskThreads" \
"
--enable-underscores \
--enable-icap-client \
--enable-auth="basic,digest,ntlm" \
- --enable-basic-auth-helpers="LDAP,MSNT,NCSA,PAM,SASL,SMB,YP,getpwnam,multi-domain-NTLM" \
- --enable-ntlm-auth-helpers="SMB" \
- --enable-digest-auth-helpers="ldap,password" \
+ --enable-auth-basic="LDAP,MSNT,NCSA,PAM,SASL,SMB,YP,getpwnam,multi-domain-NTLM" \
+ --enable-auth-ntlm="SMB" \
+ --enable-auth-digest="ldap,password" \
--enable-external-acl-helpers="ip_user,ldap_group,session,unix_group,wbinfo_group" \
--with-filedescriptors=65536 \
--enable-epoll \
/*
* $Id$
*
- * DEBUG: section 0 Hash Tables
+ * DEBUG: section 00 Hash Tables
* AUTHOR: Harvest Derived
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
*
*/
+#include "config.h"
+#if HAVE_UNISTD_H
#include <unistd.h>
-#include <stdlib.h>
+#endif
+#if HAVE_STDIO_H
#include <stdio.h>
-#include <sys/types.h>
+#endif
+#if HAVE_CTYPE_H
#include <ctype.h>
-#include <sys/time.h>
+#endif
+#if HAVE_STRINGS_H
#include <strings.h>
+#endif
+#if HAVE_ASSERT_H
#include <assert.h>
+#endif
+
#include "hash.h"
+
#undef free
extern void my_free(char *, int, void *);
}
-#ifdef USE_HASH_DRIVER
+#if USE_HASH_DRIVER
/*
* hash-driver - Run with a big file as stdin to insert each line into the
* hash table, then prints the whole hash table, then deletes a random item,
+#include "config.h"
+#include "hash.h"
+
+#if HAVE_UNISTD_H
#include <unistd.h>
-#include <stdlib.h>
+#endif
+#if HAVE_STDIO_H
#include <stdio.h>
-#include <sys/types.h>
+#endif
+#if HAVE_CTYPE_H
#include <ctype.h>
-#include <sys/time.h>
+#endif
+#if HAVE_STRINGS_H
#include <strings.h>
-#include <sys/time.h>
-#include <sys/resource.h>
-
-#include "hash.h"
+#endif
static hash_table *mem_table = NULL;
static hash_link *mem_entry;
-
#include "config.h"
-
-/*
- * On some systems, FD_SETSIZE is set to something lower than the
- * actual number of files which can be opened. IRIX is one case,
- * NetBSD is another. So here we increase FD_SETSIZE to our
- * configure-discovered maximum *before* any system includes.
- */
-#define CHANGE_FD_SETSIZE 1
-
-/* Cannot increase FD_SETSIZE on Linux */
-#if defined(_SQUID_LINUX_)
-#undef CHANGE_FD_SETSIZE
-#define CHANGE_FD_SETSIZE 0
-#endif
-
-/* Cannot increase FD_SETSIZE on FreeBSD before 2.2.0, causes select(2)
- * to return EINVAL. */
-/* Marian Durkovic <marian@svf.stuba.sk> */
-/* Peter Wemm <peter@spinner.DIALix.COM> */
-#if defined(_SQUID_FREEBSD_)
-#include <osreldate.h>
-#if __FreeBSD_version < 220000
-#undef CHANGE_FD_SETSIZE
-#define CHANGE_FD_SETSIZE 0
-#endif
-#endif
-
-/* Increase FD_SETSIZE if SQUID_MAXFD is bigger */
-#if CHANGE_FD_SETSIZE && SQUID_MAXFD > DEFAULT_FD_SETSIZE
-#define FD_SETSIZE SQUID_MAXFD
-#endif
+#include "compat/getaddrinfo.h"
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
#if HAVE_STDIO_H
#include <stdio.h>
#endif
#if HAVE_FCNTL_H
#include <fcntl.h>
#endif
-#ifdef HAVE_STRING_H
+#if HAVE_STRING_H
#include <string.h>
#endif
-#ifdef HAVE_STRINGS_H
+#if HAVE_STRINGS_H
#include <strings.h>
#endif
-#ifdef HAVE_BSTRING_H
+#if HAVE_BSTRING_H
#include <bstring.h>
#endif
-#if HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#if HAVE_SYS_SELECT_H
-#include <sys/select.h>
-#endif
#if HAVE_SIGNAL_H
#include <signal.h>
#endif
#if HAVE_TIME_H
#include <time.h>
#endif
-#if HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
#if HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#include <sys/stat.h>
#endif
-#include "getaddrinfo.h"
-
#define PROXY_PORT "3128"
#define PROXY_ADDR "127.0.0.1"
#define MAX_FDS 1024
hints.ai_family = AF_UNSPEC;
hints.ai_socktype = SOCK_STREAM;
- xgetaddrinfo(proxy_addr, proxy_port, &hints, AI);
+ getaddrinfo(proxy_addr, proxy_port, &hints, AI);
if ((s = socket(AI->ai_family, AI->ai_socktype, AI->ai_protocol)) < 0) {
perror("socket");
- xfreeaddrinfo(AI);
- return -1;
- }
-
- if (connect(s, AI->ai_addr, AI->ai_addrlen) < 0) {
+ s = -1;
+ } else if (connect(s, AI->ai_addr, AI->ai_addrlen) < 0) {
close(s);
perror("connect");
- xfreeaddrinfo(AI);
- return -1;
+ s = -1;
}
- xfreeaddrinfo(AI);
+ freeaddrinfo(AI);
return s;
}
/*
* $Id$
*
- * DEBUG: section xx Refcount allocator
+ * DEBUG: section -- Refcount allocator
* AUTHOR: Robert Collins
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
#if HAVE_STDIO_H
#include <stdio.h>
#endif
#if HAVE_FCNTL_H
#include <fcntl.h>
#endif
-#ifdef HAVE_STRING_H
+#if HAVE_STRING_H
#include <string.h>
#endif
-#ifdef HAVE_STRINGS_H
+#if HAVE_STRINGS_H
#include <strings.h>
#endif
-#if HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#if HAVE_SYS_SELECT_H
-#include <sys/select.h>
-#endif
#if HAVE_SIGNAL_H
#include <signal.h>
#endif
#if HAVE_TIME_H
#include <time.h>
#endif
-#if HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
#if HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
#if HAVE_STDIO_H
#include <stdio.h>
#endif
#if HAVE_FCNTL_H
#include <fcntl.h>
#endif
-#ifdef HAVE_STRING_H
+#if HAVE_STRING_H
#include <string.h>
#endif
-#ifdef HAVE_STRINGS_H
+#if HAVE_STRINGS_H
#include <strings.h>
#endif
-#if HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#if HAVE_SYS_SELECT_H
-#include <sys/select.h>
-#endif
#if HAVE_SIGNAL_H
#include <signal.h>
#endif
#if HAVE_TIME_H
#include <time.h>
#endif
-#if HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
#if HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#if HAVE_ASSERT_H
#include <assert.h>
#endif
+#if HAVE_NETDB_H
#include <netdb.h>
+#endif
+#if HAVE_SYS_WAIT_H
#include <sys/wait.h>
+#endif
#define READ_BUF_SZ 4096
#define URL_BUF_SZ 4096
// XXX: This file is made of large pieces of src/debug.cc and src/tools.cc
// with only a few minor modifications. TODO: redesign or delete.
-#define _SQUID_EXTERNNEW_
#include "squid.h"
/* AYJ: the debug stuff here should really be in a stub_debug.cc file for tests to link */
if (m == NULL)
return;
- dlink_node_pool->free(m);
+ dlink_node_pool->freeOne(m);
}
void
-#include <sys/time.h>
+#include "config.h"
+
+#if HAVE_ASSERT_H
#include <assert.h>
+#endif
int
main(int argc, char *argv[])
/*
- * DEBUG: section 0 CGI Cache Manager
+ * DEBUG: section -- CGI Cache Manager
* AUTHOR: Duane Wessels
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
*/
#include "config.h"
+#include "compat/tempnam.h"
#include "rfc1738.h"
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
#if HAVE_STDIO_H
#include <stdio.h>
#endif
-#if HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
#if HAVE_CTYPE_H
#include <ctype.h>
#endif
#if HAVE_MEMORY_H
#include <memory.h>
#endif
-#if HAVE_NETDB_H && !defined(_SQUID_NETDB_H_) /* protect NEXTSTEP */
-#define _SQUID_NETDB_H_
+#if HAVE_NETDB_H
#include <netdb.h>
#endif
#if HAVE_PWD_H
#if HAVE_SYS_PARAM_H
#include <sys/param.h>
#endif
-#if HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
-#if HAVE_SYS_RESOURCE_H
-#include <sys/resource.h> /* needs sys/time.h above it */
-#endif
#if HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#if HAVE_CRYPT_H
#include <crypt.h>
#endif
-#if HAVE_SYS_SELECT_H
-#include <sys/select.h>
-#endif
#if HAVE_FNMATCH_H
extern "C" {
#include <fnmatch.h>
#endif
#include "util.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
#include "getfullhostname.h"
#ifndef DEFAULT_CACHEMGR_CONFIG
char ipbuf[MAX_IPSTRLEN];
struct addrinfo *AI = NULL;
- IpAddress S;
+ Ip::Address S;
int s;
int l;
if (strlen(buf) == 0)
#endif
{
- free(buf);
+ xfree(buf);
return NULL;
}
the National Science Foundation.
.
.SH COPYRIGHT
-Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPL2+).
+Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).
.
.SH QUESTIONS
Questions on the usage of this program can be sent to the
.if !'po4a'hide' <squid-users@squid-cache.org>
.
.SH REPORTING BUGS
+See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report.
+.PP
Report bugs or bug fixes using http://bugs.squid-cache.org/
.PP
Report serious security bugs to
the National Science Foundation.
.
.SH COPYRIGHT
-Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPL2+).
+Distributed under the GNU General Public License (GNU GPL) version 2 or later (GPLv2+).
.
.SH QUESTIONS
Questions on the usage of this program can be sent to the
.if !'po4a'hide' <squid-users@squid-cache.org>
.
.SH REPORTING BUGS
+See http://wiki.squid-cache.org/SquidFaq/BugReporting for details of what you need to include with your bug report.
+.PP
Report bugs or bug fixes using http://bugs.squid-cache.org/
.PP
Report serious security bugs to
/*
* $Id$
*
- * DEBUG: section 0 WWW Client
+ * DEBUG: section -- WWW Client
* AUTHOR: Harvest Derived
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
#if HAVE_STDIO_H
#include <stdio.h>
#endif
-#if HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-#if HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
#if HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
-#if HAVE_NETDB_H && !defined(_SQUID_NETDB_H_) /* protect NEXTSTEP */
-#define _SQUID_NETDB_H_
+#if HAVE_NETDB_H
#include <netdb.h>
#endif
#if HAVE_SIGNAL_H
#include <getopt.h>
#endif
-#include "squid_types.h"
-
#include "util.h"
-#include "ip/IpAddress.h"
+#include "ip/Address.h"
#ifndef BUFSIZ
#define BUFSIZ 8192
typedef void SIGHDLR(int sig);
/* Local functions */
-static int client_comm_bind(int, const IpAddress &);
+static int client_comm_bind(int, const Ip::Address &);
-static int client_comm_connect(int, const IpAddress &, struct timeval *);
+static int client_comm_connect(int, const Ip::Address &, struct timeval *);
static void usage(const char *progname);
static int Now(struct timeval *);
fprintf(stderr,
"Version: %s\n"
"Usage: %s [-arsv] [-g count] [-h remote host] [-H 'string'] [-i IMS] [-I ping-interval] [-j 'Host-header']"
- "[-l local-host] [-m method] [-p port] [-P file] [-t count] [-T timeout] [-u proxy-user] [-U www-user] "
+ "[-k] [-l local-host] [-m method] [-p port] [-P file] [-t count] [-T timeout] [-u proxy-user] [-U www-user] "
"[-V version] [-w proxy-password] [-W www-password] url\n"
"\n"
"Options:\n"
" -i IMS If-Modified-Since time (in Epoch seconds).\n"
" -I interval Ping interval in seconds (default 1 second).\n"
" -j hosthdr Host header content\n"
+ " -k Keep the connection active. Default is to do only one request then close.\n"
" -l host Specify a local IP address to bind to. Default is none.\n"
" -m method Request method, default is GET.\n"
" -p port Port number of cache. Default is %d.\n"
int opt_noaccept = 0;
int opt_verbose = 0;
const char *hostname, *localhost;
- IpAddress iaddr;
+ Ip::Address iaddr;
char url[BUFSIZ], msg[MESSAGELEN], buf[BUFSIZ];
char extra_hdrs[HEADERLEN];
const char *method = "GET";
if (newhost) {
char *t;
newhost += 3;
- newhost = strdup(newhost);
+ newhost = xstrdup(newhost);
t = newhost + strcspn(newhost, "@/?");
if (*t == '@') {
newhost = t + 1;
} else
strcat(msg, "Connection: keep-alive\r\n");
}
- } else {
- if (!keep_alive)
- strcat(msg, "Connection: close\r\n");
}
+ /* HTTP/1.1 may need close */
+ if (!keep_alive)
+ strcat(msg, "Connection: close\r\n");
strcat(msg, extra_hdrs);
strcat(msg, "\r\n");
}
static int
-client_comm_bind(int sock, const IpAddress &addr)
+client_comm_bind(int sock, const Ip::Address &addr)
{
int res;
}
static int
-client_comm_connect(int sock, const IpAddress &addr, struct timeval *tvp)
+client_comm_connect(int sock, const Ip::Address &addr, struct timeval *tvp)
{
int res;
static struct addrinfo *AI = NULL;
projects / thirdparty / squid.git / commitdiff
