1 Changes to squid-3.HEAD (current):
3 - IPv6 (Internet Protocol version 6) support
4 - ICMPv6 (Internet Control Message Protocol version 6) support
5 - FTP agent now supports EPSV/EPRT commands
6 - DNS internal resolver now supports AAAA and CNAME records
7 - SNMP peer and client tables now support IPv6
8 - SNMP peer table supports named peers with multiple entries per IP
9 - SslBump: Squid-in-the-middle decryption and encryption of straight
10 CONNECT and transparently redirected SSL traffic, using configurable
11 client- and server-side certificates. While decrypted, the traffic
12 can be expected using ICAP.
13 - TPROXY version 4 support now included.
14 - IPFW and Netfilter interception methods may now both be built in one binary.
15 - ZPH Quality of Service patch now integrated
16 - Null store now fully obsoleted and removed
17 - Unknown request methods all supported
18 - Follow_x_forwarder_for ported from 2.6
19 - Follow XFF extensions added
21 Changes to squid-3.0.STABLE6 (20 May 2008):
23 - Bug 2254: umask Feature from 2.6 added
24 - cachemgr.cgi default config file added
25 - Several authentication bug fixes
26 - Improved Windows Support
27 - better DNS lookup methods for unqualified hostames
28 - better support for 64-bit environments
29 - Bug 2332: Crash when tunnelling
30 - Removed the advertisement clause from BSD licenses
31 according to the GPLv2+ changes in BSD
32 - ... and other bugs and minor cleanups
34 Changes to squid-3.0.STABLE5 (28 Apr 2008):
36 - Support for resolv.conf 'domain' option
37 - Improved URI support, including
38 longer URI up to 8192 bytes accepted
39 better handling of intercepted URI
40 better port for non-FQDN URI lookups
41 - Improved logging, including
42 Bug 3210 fixed: incorrect timestamp format in earlier 3.0 releases.
43 Fixed 'log_ip_on_direct' option behaviour
44 - Support for profiling on x86 64-bit systems
45 - .. and other bugs and minor code cleanups.
47 Changes to squid-3.0.STABLE4 (2 Apr 2008):
49 - Bug 2288: compile error slipped into STABLE3.
51 Changes to squid-3.0.STABLE3 (31 Mar 2008):
53 - Improved HTTP 1.1 support.
54 - Improved MacOSX (Leopard) support
55 - Bug 2206: Proxy-Authentication regression in STABLE2.
56 - Strip Domain from NTLM usernames for use in class 4 Delay Pools
57 - ... and other bugs and minor code cleanup
59 Changes to squid-3.0.STABLE2 (1 Mar 2008):
61 - Add myportname ACL for matching the accepting port name (see release notes)
62 - Add include directive for squid.conf (see release notes)
63 - Add ability to strip kerberos realm from usernames during Auth
64 - License cleanup to comply with GPLv2 or later
65 - Updated Error Pages and Translations
66 - Updated configuration examples
67 - Updated valgrind support for valgrind-3.3.0
68 - Improved support for Windows and MacOS X Leopard
69 - Improved support for files larger than 2GB
70 - Improved support for CARP arrays and WCCPv2
71 - Improved cachmgr, SNMP, and log reporting
72 - ... and as usual Many bug fixes since STABLE 1
74 Changes to squid-3.0.STABLE1 (13 Dec 2007):
76 - Major rewrite translating the code to C++, originally based on
78 - Internal client streams concept for content adaptation
79 - ICAP (Internet Content Adaptation Protocol) client support
80 - ESI (Edge Side Includes) support added
81 - Improved support for files larger than 2GB.
82 - And a lot more. Most features from Squid-2.6 is supported, but not
83 all. See the release notes for details.
85 Older ChangeLog follows. The sections relating to Squid-2.6 is not entirely
86 authorative for this release and mirrored here for reference only.
88 - CARP now plays well with the other peering algorithms,
89 and support for CARP peerings is compiled by default. Can be
90 disabled by --disable-carp
91 - Configuration file can be read from an external program
92 or preprocessor. See squid.8 man page.
93 - http_port is now optional, allowing for SSL only operation
94 - Satellite and other high latency peering relations enhancements
96 - Nuked num32 types, and made type detection more robust by the
97 use of typedefs rather than #defines.
98 - the mailto links on Squid's ERR pages now contain data about the
99 occurred error by default, so that the email will contain this data in
100 its body. This feature can be disabled via the email_err_data directive.
102 - COSS now uses a file called stripe and the path in squid.conf is the
103 directory this is placed in. Additionally squid -z will create the
105 - WCCPv2 support, including mask assignment support
106 - HTCP support for access control and the CRL operation for
107 purgeing of cache content
109 - Windows-related fixes, including Vista and Longhorn identification
110 - Client-side parsing and some string use optimisations
111 - Lots of off-by-one and memory leaks in corner cases have been fixed
113 - Improved high-resolution profiling
114 - Windows overlapped-IO and thread support added to the Async IO disk code
115 - Improvements for handling large DNS replies
117 Changes to squid-2.6.STABLE15 (31 Aug 2007)
119 - The select() I/O loop got broken by the /dev/poll addition
121 - Bug #2017: Fails to work around broken servers sending just the HTTP
123 - Bug #2023: Compile error with old GCC 2.x or other ANSI-C compilers
125 - squid.conf.default updated and reorganised in more sensible groups
126 - correct and document the syslog access_log format
127 - Armenian error pages translation
128 - digest_ldap_helper usage help updated
129 - Bug #1560: ftpSendPasv: getsockname(-1,..): (9) Bad file descriptor
130 - Improve delay pools in low traffic environment by checking timeouts
131 at a steady 1 second interval even when there is not much activity
132 - Don't request authentication on transparently intercepted
134 - Cleanup linux capabilities for tproxy
135 - Bug #2003: 'via' config directive doesn't affect response headers
136 - Bug #1902: Adds Numeric Hit and invalid request counters to IP Cache
137 - Add missing $|=1 to squid_db_auth
138 - Bug #2050: Persistent connection dropped if cache has no
140 - Verify the URL on memory cache hits
141 - Bug #2057: NTLM stop work in messengers after upgrade to 2.6.STABLE14
142 - Bug #1972: Squid sets peers to down state when they are in fact
144 - potential segmentation fault in storeLocateVary()
145 - Bug #2066: chdir after chroot
146 - Windows port: Fix compiler warnings when building Squid as
147 application (not Windows service mode)
148 - Spelling correction of received
150 Changes to squid-2.6.STABLE14 (15 Jul 2007)
152 - squid.conf.default cleanup to have options in their proper sections.
153 - documentation correction in the refresh_pattern ignore-auth option
154 - URI-escaping not uses the recommended upper-case hex codes
155 - refresh_pattern min-age 0 correted to really mean 0, and not 1 second
156 - Always use xisxxxx() Squid defined macros instead of ctype
158 - Kerberos SPNEGO/Negotiate helper for the negotiate scheme
159 - Database basic auth helper using Perl DBI to connect to most SQL DBs
160 - Solaris /dev/poll network I/O support
161 - configure fixes to make cross compilation somewhat easier
162 - Removed incorrect -a reference from http_port documentation
163 - Bug #1900: Double "squid -k shutdown" makes Squid restart again
164 - Bug #1968: Squid hangs occasionally when using DNS search paths
165 - Novell eDirectory digest auth helper (digest_edir_auth)
166 - Bug #1130: min-size option for cache_dir
167 - POP3 basic auth helper querying a POP3 server
168 - Cosmetic squid_ldap_auth fixes from Squid-3
169 - Bug #1085: Add no-wrap to cache manager HTML tables
170 - Automatically restart if number of available filedescriptors becomes
171 alarmingly low, preventing a situation where Squid would otherwise
172 permanently stop processing requests.
173 - Bug #2010: snmp_core.cc:828: warning: array subscript is above
175 - Deal better with forwarding loops
177 Changes to squid-2.6.STABLE13 (11 May 2007)
179 - Make sure reply headers gets sent even if there is no body available
180 yet, fixing RealMedia streaming over HTTP issues.
181 - Undo an accidental name change of storeUnregisterAbort.
182 - Kill an ancient malplaced storeUnregisterAbort call from ftp.c
183 - Bug #1814: SSL memory leak on persistent SSL connections
184 - Don't log ECONNREFUSED/ECONNABORTED accept failures in cache.log
185 - Cosmetic fix: added missing newline in WCCPv2 configuration dump.
186 - Ukrainan error messages
187 - Convert various error pages from DOS to UNIX text format
188 - Bug #1820: COSS assertion failure t->length == MD5_DIGEST_CHARS
189 - Clarify the max-conn=n cache_peer option syntax slightly
190 - Bug #1892: COSS segfault on shutdown
191 - Windows port: fix undefined ECONNABORTED
192 - Make refreshIsCachable handle ETag as a cache validator, not
194 - in_port_t is not portable, use unsigned short instead
195 - Fix fs / auth / snmp dependencies
196 - Portability: statfs() may reqire #include <sys/statfs.h>
198 Changes to squid-2.6.STABLE12 (20 Mar 2007)
200 - Assertion error on TRACE
202 Changes to squid-2.6.STABLE11 (17 Mar 2007)
204 - Bug #1915: assertion failed: client_side.c:4055: "buf != NULL ||
206 - Handle garbage helper responses better in concurrent protocol format
207 - Fix kqueue when overflowing the changes queue
208 - Make sure the child worker process commits suicide if it could
210 - Don't log short responses at debug level 1
211 - Fix bswap16 & bwsap32 error on NetBSD
212 - Fix collapsed_forwarding for non-GET requests
214 Changes to squid-2.6.STABLE10 (4 Mar 2007)
216 - Upgrade HTTP/0.9 responses to our HTTP version (HTTP/1.0)
217 - various diskd bugfixes
218 - In the access.log hierarchy field log the unique peer name
219 instead of the host name
220 - unlinkdClose() should be called after (not before) storeDirSync()
221 - CLEAN_BUF_SZ was defined, but never used anywhere
222 - logging HTTP-request size
223 - Fix icmp pinger communication on FreeBSD and other not supporing
224 large dgram AF_UNIX sockets
225 - Release objects on swapin failure
226 - Bug #1787: Objects stuck in cache if origin server clock in future
227 - Bug #1420: 302 responses with an Expires header is always cached
228 - Primitive support for HTTP/1.1 chunked encoding, working around
230 - Clean up relations between TCP probing and DNS checks of peers with
232 - Fix a minor HTML coding error in ftp directory listings with // in
234 - Bug #1875, #1420. Cleanup of refresh logics when dealing with
235 non-refreshable content
236 - Gopher cleanups and bugfixes
237 - Negotiate authentication fixed again. Broken since STABLE7 by the
239 - Bug #1892: COSS tries to shut down the same directory twice on exit
240 - Bug #1908: store*DirRebuildFromSwapLog() ignores some SWAP_LOG_DEL
242 - Added support for Subversion HTTP request methods MKACTIVITY,
245 Changes to squid-2.6.STABLE9 (24 Jan 2007)
247 - Bug #1878: If-Modified-Since broken in 2.6.STABLE8
248 - Bug #1877 diskd bug in storeDiskdIOCallback()
250 Changes to squid-2.6.STABLE8 (21 Jan 2007)
252 - Bug #1873: authenticateNTLMFixErrorHeader: state 4.
253 - Document the https_port vhost option, useful in combination with
254 a wildcard certificate
255 - Document the existence of connection pinning / forwarding of NTLM
256 auth and a few other features overlooked in the release notes.
257 - Spelling correction of the ssl cache_peer option
258 - Add back the optional "accel" http_port option. Makes accelerator
259 mode configurations easier to read.
260 - Bug #1872: Date parsing error causing objects to get unexpectedly
262 - Cleanup to have the access.log tags autogenerated from enums.h
263 - Bug #1783: STALE: Entry's timestamp greater than check time. Clock
265 - Don't update object timestamps on a failed revalidation.
266 - Fix how ftp://user@host URLs is rendered when Squid is built with
267 leak checking enabled
269 Changes to squid-2.6.STABLE7 (13 Jan 2007)
271 - Windows port: Fix intermittent build error using Visual Studio
272 - Add missing tproxy info from the dump of http port configuration
273 - Bug #1853: Support for ARP ACL on NetBSD
274 - clientNatLookup(): fix wrong function name in debug messages
275 - Convert ncsa_auth man page from DOS to Unix text format.
276 - Bug #1858: digest_ldap_auth had some remains of old hash format
277 - Correct the select_loops counter when using select(). Was counted twice
278 - Clarify the http_port vhost option a bit
279 - Fix cache-control: max-stale without value or bad value
280 - Bug #1857: Segmentation fault on certain types of ftp:// requests
281 - Bug #1848: external_acl crashes with an infinite loop under high load
282 - Bug #1792: max_user_ip not working with NTLM authentication
283 - Bug #1865: deny_info redirection with authentication related acls
284 - Small example on how to use the squid_session helper
285 - Bug #1863: cache_peer monitorurl, monitorsize and monitorinterval not working properly
286 - Clarify the transparent http_port option a bit more
287 - Bug #1828: squid.conf docutemtation error for proxy_auth digest
288 - Bug #1867: squid.pid isn't removed on shutdown
290 Changes to squid-2.6.STABLE6 (12 Dec 2006)
292 - Bug #1817: Assertion failure assert(buflen >= copy_sz) in htcp.c htcpBuildAuth()
293 - Add client source port logformat tag >p
294 - Cleanup of transparent & accelerator mode request parsing to untangle the firewall dependencies a bit
295 - Bug #1799: Harmless 1 byte buffer overflow on long host names in /etc/hosts
296 - automake no longer recommends mkinstalldirs. Removed.
297 - Only use crypt() if it's available, allowing ncsa_auth to be built
298 on platofms without crypt() support.
299 - Windows port documentation updates
300 - Bug #1818: Assertion failure assert(e->swap_dirn >= 0) in fs/coss/store_dir_coss.c storeCoss_DeleteStoreEntry
301 - Bug #1117: assertion failed: aufs/store_dir_aufs.c:642: "rb->flags.need_to_validate"
302 - Remove extra newline in redirect message sent by deny_info http://... aclname
303 - Bug #1805: assertion failed: StatHist.c:195: "D[i] >= 0"
304 - Clarify the external_acl_type helper format specification and some defaults
305 - Add support for the weight= parameter to round-robin peers
306 - Bug #1832: Error building squid-2.6.STABLE5 using --enable-truncate
307 - Convert snmpDebugOid to use a temporary String object instead of strcat
308 - Document that proxy_auth also accepts -i for case-insensitive operation
309 - Remove malloc/free of temporary buffer in time parsing routines.
310 - Reduce memory allocator pressure by not continually allocating client-side read buffers
311 - Accept large dates >2^31 on 64-bit platformst. Seen for example in the Google logo.
312 - Convert the connStateData->chr single link list to a normal dlink_list for clarity.
313 - Bug #1584: Unable to register with multiple WCCP2 routers
314 - Fix the WCCPv2 mask assignment code to not crash as the value assignments are built.
315 - Bug #439: Multicast ICP peering is unstable and considers most peers dead
316 - Bug #1801: NTLM authentication ends up in a loop if the server responds with a retriable error
317 - Bug #1839: Cosmetic debug message cleanup in peerHandleHtcpReply.
318 - Bug #1840: Disable digest and netdb queries to multicast peers
319 - Bug #1641: assertion failed: stmem.c:149: "size > 0" while processing certain Vary objects
320 - Fix build errors when using latest MinGW Windows environment
322 Changes to squid-2.6.STABLE5 (3 Now 2006)
324 - Bug #1776: 2.6.STABLE4 aufs fails to compile if coss isn't enabled
325 - COSS improvements and cleanups
326 - SNMP linking issue resolved, enabling SNMP support to be build in all platforms
327 - Bug #1784: access_log syslog results in blanks syslog lines between every entry
328 - Bug #1719: Incorrect error message on invalid cache_peer specifications
329 - Bug #1785: Memory leak in handling of negatively cached objects
330 - Bug #1780: Incorrect Vary processing in combination with collapsed_forwarding
331 - Bug #1782: Memory leak in ncsa_auth on password changes
332 - Suppress some annoying coss startup messages raising the debug level to 2.
333 - Clarify the external_acl_helper concurrency= change.
334 - aioDone() could be called twice from aufs and from coss (when using AIOPS) during shutdown.
335 - Bug #1794: Accept 00:00-24:00 as a valid time specification even if redundand and the same as 00:00-23:59
336 - Bug #1795: Theoretical memory leak in storeSetPublicKey
337 - Removing port 563 from the default SSL_ports and Safe_ports ACLs
338 - Bug #1724: Automatically enable Linux Netfilter support with --enable-linux-tproxy.
339 - Bug #1800: squid -k reconfigure crash when using req/rep_header acls
340 - Clarify the select/poll/kqueue/epoll configure --enable/disable options
341 - Bug #1779: Delay pools fairness when multiple connections compete for bandwidth
342 - Bug #1802: Crash on exit in certain conditions where cache.log is not writeable
343 - Bug #1796: Assertion error HttpHeader.c:914: "str"
344 - Bug #1790: Crash on wccp2 + mask assignement + standard wccp service
345 - Silence harmless gcc compile warning.
346 - Clean up poll memory on shutdown
347 - Ported select, poll and win32 to new comm event framework
348 - Windows port: Correctly identify Windows Vista and Windows Server Longhorn
349 - Added a basic comm_select_simple comm loop only requiring minimal POSIX compliance.
350 - Safeguard from kb_t counter overflows on 32-bit platforms
352 Changes to squid-2.6.STABLE4 (23 Sep 2006)
354 - Bug #1736: Missing Italian translation of ERR_TOO_BIG error page
355 - Windows port enhancement: added native exception handler with signal emulation
356 - Fix the %un log_format tag again. Got broken in 2.6.STABLE2
357 - Fix Squid crash when using %a in ERR_INVALID_REQ and ERR_INVALID_URL error messages.
358 - Bug #212: variable %i always 0.0.0.0 in many error pages
359 - Bug #1708: Ports in ACL accepts characters and out of range
360 - Bug #1706: Squid time acl accepts invalid time range.
361 - Fix another harmless fake_auth compiler warning on gcc 4.1.1 x86
362 - Fix an harmless snmp_core.c compiler warning on gcc 4.1.1 x86
363 - Bug #1744: squid-2.6.STABLE3 - fakeauth_auth crashing on certain requests
364 - Bug #1746: Harmless off by one overrun in ncsa_auth md5 password validation
365 - Bug #1598: start_announce cannot be disabled
366 - Periodically flush cache.log to disk when "buffered_logs on" is set
367 - Numerous COSS improvements and fixes
368 - Windows port: merge of MinGW support
369 - Windows port: Merged Windows threads support into aufs
370 - Bug #1759: Windows port cachemgr.cgi attempts to write to file system root directory
371 - Numerous portability fixes
372 - Various minor statistics cleanup on 64-bit hosts with more than 4GB of memory
373 - Bug #1758: HEAD on ftp:// URLs always returned 200 OK.
374 - Bug #1760: FTP related memory leak
375 - Bug #1770: WCCP2 weighted assignment
376 - Bug #1768: Redundant DNS PTR lookups
377 - Bug #1696: Add support for wccpv2 mask assignment
378 - Bug #1774: ncsa_auth support for cramfs timestamps
379 - Bug #1769: near-hit and filedescriptor usage missing in SNMP MIB
380 - Bug #1725: cache_peer login=PASS documentation somewhat confusing
381 - Bug #1590: Silence those ETag loop warnings
382 - Bug #1740: Squid crashes on certain malformed HTTP responses
383 - Bug #1699: assertion failed: authenticate.c:836: "auth_user_request != NULL"
384 - Improve error reporting on unexpected CONNECT requests in accelerator mode
385 - Cosmetic change to increase cache.log detail level on invalid requests
386 - Bug #1229: http_port and other directives accept invalid ports
387 - Reject http_port specifications using both transparent and accelerator options
388 - Cosmetic cleanup to not dump stacktraces on configuration errors
391 Changes to squid-2.6.STABLE3 (18 Aug 2006)
393 - Bug #1577: assertion failed "fm->max_n_files <= (1 << 24)" on
394 very large cache_dir. Limit number of objects stored to slightly
396 - Bug #1705: Correct error message on invalid time weekday specification
397 - Don't attempt to guess netmask in src/dst acl specifications
398 if none was provided. Assume it's an IP even if it ends in 0
399 - Bug #1665: log_format %ue, %us tags for external or ssl user id
400 - Bug #1707: delay pools often ignored the set limit
401 - Bug #1716: Support for recent OpenSSL 0.9.7 versions
402 (0.9.8 always worked)
403 - COSS fixes and performance improvements
404 - Memory leak when reading configuration files with overlapping
405 ACL data where squid -k parse complains.
406 - Memory leak related to pinned connections
407 - Show include acls unexpanded in cachemgr configuration dumps
408 - Fixed WARNING defer handler for HTTP Socket does not call commDeferFD
409 - Bug #1304: Downloads may hang when using the cache_dir max-size option
410 - Optimization of network I/O
411 - Bug #1730: make problem with --enable-follow-x-forwarded-for on Solaris
412 - Fixed a memory leak on certain invalid requests
413 - Bug #1733: ERR_CANNOT_FORWARD Portuguese translation update
414 - Bug #582: ntlm fake_auth not handles non-ascii login names
415 - New startup message indicating the type of event loop used
416 - Bug #1602: TCP fallback on truncated DNS responses
417 - Bug #1667: assertion failed: store.c:1081: "e->store_status == STORE_PENDING"
418 - Bug #1723: cachemgr now works in accelerator mode
420 Changes to squid-2.6.STABLE2 (31 Jul 2006)
422 - WCCP2 doesn't update statCounter.syscalls.sock.sendtos counter.
423 - Releasenotes Table of contents should use relative links without
425 - Reject HTTP/0.9 formatted CONNECT requests.
426 - Cosmetic cleanup to use safe_free instead of xfree + manual
428 - Bug #1650: transparent interception "Unable to forward this
429 request at this time"
430 - Bug #1658: Memory corruption when using client-side SSL certificates
431 - Add storeRecycle; a storeIO method to delete a StoreEntry w/out
432 deleting the underlying object.
433 - Many COSS fixes and new coss data dumper utility for diagnostics
434 - Bug #1669: SEGV in storeAddVaryReadOld
435 - Many fixes in debug sections and spelling of debug messages
436 - Don't keep client connection persistent if there was a mismatch in
438 - Move eventCleanup debug messages to debug level 2 (was 0)
439 - Add the missing concurrency parameters to basic and digest auth
441 - Bug #1670: assertion failure: i->prefix_size > 0 in client_side.c:2509
442 - Log SSL user id in the custom log User name format (%un)
443 - Bug #1653: Username info not logged into Cachemgr active_requests
445 - Added to the redirectors interface the support for SSL client
447 - squid.conf.default cleanup to remove references to old options
448 - Fix many filedescriptors in combination with TPROXY
449 - Fix connection pinning in transparently intercepted connections
450 - Bug #1679: LDFLAGS not honored in some programs.
451 - Minor cleanup of port numbers in transparent interception or
453 - Bug #1671: transparent interception fails with FreeBSD ipfw or
455 - Bug #1660: Accept-Encoding related memory corruption
456 - Bug #1651: Odd results if url_rewriter defined multiple times
457 - Bug #1655: Squid does not produce coredumps under linux when
459 - Bug #1673: cache digests not served to other caches
460 - Cleanup of Linux capability code used by tproxy
461 - Bug #1684: xstrdup: tried to dup a NULL pointer!
462 - Bug #1668: unchecked vsnprintf() return code could lead to log
464 - Bug #1688: Assertion failure in HttpHeader.c in some header_access
466 - Cygwin support fir --disable-internal-dns
467 - Silence those annoying sslReadServer: Connection reset by peer
469 - Bug #1693: persistent connections broken in transparent
471 - Bug #1691: multicast peering issues
472 - Bug #1696: Correct WCCP2 processing of router capability info
474 - Bug #1694: Assertion failure in mgr:config if using
475 access_log_format %<h
476 - Bug #1677: Duplicate etags in the If-None-Match header
477 - Bug #1665: access_log_format codes for login names from external
479 - Bug #1681: All ntlmauthenticator processes are busy
480 - Added ARP acl support for OpenBSD and ARP fixes for Windows
481 - Bug #1700: WCCP fails on FreeBSD (Unable to disconnect WCCP out
483 - WCCP2 correct dampening of assign buckets when there it lots of
485 - minimum_expiry_time to tune the magic 60 seconds limit of what
486 is considered cachable when the object doesn't have any cache
488 - Bug #1703: wrong path to diskd helper corrected, and config
489 parser extended to trap incorrect paths early
490 - Bug #1703: COSS failed to initialize async-io threads
491 - Bug #1703: should abort if diskd helper exits unexpectedly
492 - Bug #1702: Warn if acl name is too long
493 - Bug #1685: Crashes or other odd results after storeSwapMetaUnpack: errors
494 - wccp2_rebuild_wait directive to delay registering with WCCP until the
495 - Bug #1662: Infinite loop in external acl with grace period if the
496 same http_access line had multiple external acls
498 Changes to squid-2.6.STABLE1 (1 Jul 2006)
500 - New --enable-default-hostsfile configure option
501 - Added username info to active_requests cachemgr stats
502 - Modified squid MIB to incorporate squid.conf visible_hostname
503 - Added multi-line capability in squid.conf
504 - Added new httpd_suppress_version_string configuration directive
506 - Negotiate authentication scheme support
507 - NTLM authentication scheme rewritten
508 - Customizable access log formats
509 - Selective access logging
510 - Access logging via syslog
511 - Reverse proxy enhancements, with new cache_peer based forwarding
513 - LDAP based Digest helper (Note: not true LDAP integration, just using
514 LDAP for storage of the Digest hashes)
515 - Improved helper communication protocol
516 - External ACL improvements. %PATH, log=, grace=, and more..
517 - Improved SSL support with hardware offload, client certificate
518 support (primitive), chained certificates and numerous bug fixes
519 - DNS lookups now use the search path from /etc/resolv.conf or
521 - Linux epoll support
522 - collapsed forwarding to optimize reverse proxies or other
523 setups having very many clients going to the same URL
524 - New improved COSS implementation
525 - Optional support for blank passwords
526 - The old and obsolete Samba-2.2.X winbind helpers have been removed
527 - external acls now uses the simplified URL-escaped protol "3.0" by
529 - Linux TPROXY support
530 - Support for proxying of Microsoft Integrated Login by adding
531 support for the deviations from the HTTP protocol required
532 to support these authentication mechanisms
533 - Added the capability to run as a Windows service under Cygwin
534 - CARP now plays well with the other peering algorithms
535 - read_ahead_gap option to read ahead more than 16KB of the reply
536 - check_hostnames and allow_underscore squid.conf options
537 - http_port is now optional, allowing for SSL only operation
538 - Full ETag/Vary support, caching responses which varies with
539 request details (browser, language etc).
540 - umask now defaults to 027 to protect the content of cache and
541 log files from local users
542 - HTCP support for access control and the CRL operation for
543 purgeing of cache content
544 - Optionally follow X-Forwarded-For headers to determine the original
545 client IP behind sedond level proxies
546 - FreeBSD kqueue support
548 Changes to squid-2.5.STABLE14 (20 May 2006)
549 - [Minor] icons not displayed when visible_hostname is a
550 short hostname (without domain). (Bug #1532)
551 - [Medium] Memleak in HTCP client code (default disabled)
553 - [Major] memory leak in ident processing (Bug #1557)
554 - [Medium] Memory leak in header processing related to external_acl
555 header detail format tag (Bug #1564)
557 Changes to squid-2.5.STABLE13 (12 Mar 2006)
558 - [Minor] Fails to compile on Solaris and some other platforms
559 with undefined reference to setenv (Bug #1435)
560 - [Cosmetic] Added WebDAV REPORT method to know HTTP methods list
561 - [Minor] Squid ntlm_auth (not the Samba provided one) giving
562 odd results if --enable-ntlm-fail-open is used (Bug #1022)
563 - [Minor] wbinfo_group.pl doesn't work with Samba 3.0.21 and later
565 - [Minor] Squid crash when asyncio function counters url accessed
566 from Cachemgr CGI (Bug #1464)
567 - [Cosmetic] Linux compile warning about prctl called with too few
568 arguments (Bug #1483)
569 - [Minor] Wrong timezone declaration for 64 bit Irix (Bug #1479)
570 - [Minor] Some 206 responses logged incorrectly (Bug #1511)
571 - [Minor] Issues in processing ranges on objects >2GB (Bug #437)
572 - [Cosmetic] Segmentation fault on empty proxy_auth ACLs (Bug #1414)
573 - [Minor] Ident access lists don't work in delay_access statements
575 - [Minor] Some clients support NTLM even if not initially negotiating
576 persistent connections (Bug #1447)
577 - [Medium] 504 Gateway Time-out on FTP uploads (Bug #1459)
578 - [Medium] delay pools given too much bandwidht after "-k reconfigure"
580 - [Cosmetic] New persistent_connection_after_error configuration
581 directive (Bug #1482)
582 - [Cosmetic] Hangs at 100% CPU if /dev/null is not accessible (Bug
584 - [Minor] Fails to compile on Fedora Core 5 test 2 x86_64 (Bug #1492)
585 - [Cosmetic] Typo in ftp.c (Bug #1507)
586 - [Cosmetic] Error in FTP listings of files with -> in their name
588 - [Cosmetic] With Squid-2.5 there is no more the DUPLICATE IP logging
589 in cache.log (Bug #779)
590 - [Minor] Fails to process long host names (Bug #1434)
591 - [Cosmetic] Azerbaijani errors translation (Bug #1454)
592 - [Cosmetic] misleading error message message for bad/unresolveable
593 cache_peer name (Bug #1504)
594 - [Cosmetic] confusing statistics on stateful helpers (NTLM auth)
596 - [Major] connstate memory leak (Bug #1522)
598 Changes to squid-2.5.STABLE12 (22 Oct 2005)
600 - [Major] Error introduced in 2.5.STABLE11 causing truncated responses
601 when using delay pools (Bug #1405)
602 - [Cosmetic] Document that tcp_outgoing_* works badly in combination
603 with server_persistent_connections (Bug #454)
604 - [Cosmetic] Add additinal tracing to squid_ldap_auth making
605 diagnostics easier on squid_ldap_auth configuration errors
607 - [Minor] $HOME not set when started as root (Bug #1401)
608 - [Minor] httpd_accel_single_host breaks in combination with
609 server_persistent_connections (Bug #1402)
610 - [Cosmetic] Setting CACHE_HTTP_PORT to configure was only partially
611 implemented, effectively ignored. (Bug #1403)
612 - [Minor] CNAME based DNS addresses could get cached for longer
613 than intended (Bug #1404)
614 - [Minor] Incorrect handling of squid-internal-dynamic/netdb exchanges
615 in transparently intercepting proxies (Bug #1410).
616 - [Minor] Cache revalidations on HEAD requests causing poor cache
617 hit ratio (Bug #1411).
618 - [Minor] Not possible to send 302 redirects via a redirector in
619 response to CONNECT requests (bug #1412)
620 - [Minor] Incorrect handling of Set-Cookie on cache refreshes (Bug
622 - [Major] Segmentation fault crash in rfc1738_do_escape (Bug #1426)
623 - [Minor] Delay pools class 3 fails on clients in network 255
626 Changes to squid-2.5.STABLE11 (22 Sep 2005)
628 - [Minor] Workaround for servers sending double content-length headers
630 - [Cosmetic] Updated Spanish error messages by Nicolas Ruiz
631 - [Cosmetic] Date header corrected on internal objects (icons etc)
633 - [Minor] squid -k fails in combination with chroot after patch for
635 - [Cosmetic] Segmentation fault if compiled with
636 --enable-ipf-transparent but denied access to the NAT device.
638 - [Minor] httpd_accel_signle_host incompatible with redireection
640 - [Minor] squid -k reconfigure internal corruption if the type of
641 a cache_dir is changed (Bug #1308)
642 - [Minor] SNMP GETNEXT fails if the given OID is outside the Squid MIB
644 - [Minor] Title in FTP listings somewhat messed up after previous
645 patch for bug 1220 (Bug #1220)
646 - [Minor] FTP listings uses "BASE HREF" much more than it needs to,
647 confusing authentication. (Bug #1204)
648 - [Minor] winfo_group.pl only looked for the first group if multiple
649 groups were defined in the same acl. (Bug #1333)
650 - [Cosmetic] Compiler warnings on some 64-bit platforms (Bug #1316)
651 - [Cosmetic] Removed some debug output from wb_ntlm_atuh (Bug #518)
652 - [Cosmetic] The new --with-build-environment=... option doesn't work
653 - [Cosmetic] New 'mail_program' configuration option in squid.conf
654 - [Minor] Fails to compile with ip-filter and ARP support on Solaris
656 - [Major] Segmentation fault in sslConnectTimeout (Bug #1355)
657 - [Medium] assertion failed in StatHist.c:93 (Bug #1325)
658 - [Minor] More chroot_dir and squid -k reconfigure issues (Bug #1331)
659 - [Cosmetic] Invalid URLs in error messages when failing to connect
660 to peer, and a few other inconsistent error messages (Bug #1342)
661 - [Cosmetic] Fails to compile with glibc -D_FORTIFY_SOURCE=2
663 - [Minor] Some odd FTP servers respond with 250 where 226 is expected
665 - [Cosmetic] Greek translation of error messages (Bug #1351)
666 - [Major] Assertion failed store_status == STORE_PENDING (Bug #1368)
667 - [Minor] squid_ldap_auth -U does not work (Bug #1370)
668 - [Minor] SNMP cacheClientTable fails on "long" IP addresses
670 - [Minor] Solaris Sparc + IP-Filter compile error (Bug #1374)
671 - [Minor] E-mail sent when cache dies is blocked from many antispam
673 - [Minor] LDAP helpers does not work with TLS (-Z option) (Bug #1389)
674 - [Cosmetic] Incorrect store dir selection debug message on objects
675 larger than 2Gigabyte (Bug #1343)
676 - [Cosmetic] header_id enum misused as an signed integer (Bug #1343)
677 - [Cosmetic] Allow leaving core dumps when started as root (Bug #1335)
678 - [Medium] Clients could bypass delay_pool settings by faking a cache
679 hit request (Bug #500)
680 - [Minor] IP-Filter 4.X support (Bug #1378)
681 - [Medium] Odd results on pipelined CONNECT requests
682 - [Major] Squid crashing with "FATAL: Incorrect scheme in auth header"
683 when using NTLM authentication.
684 - [Cosmetic] Odd results when pipeline_prefetch is combined with NTLM
685 authentication (bug #1396)
686 - [Minor] invalid host was processed as IP 255.255.255.255 in dst acl
688 - [Cosmetic] New --with-maxfd=N configure option to override build
689 time filedescriptor limit test
690 - [Minor] Added support for Windows code name "Longhorn" on Cygwin.
692 Changes to squid-2.5.STABLE10 (17 May 2005)
694 - [Minor Security] Fix race condition in relation to old Netscape
695 Set-Cookie specifications
696 - [Minor] Fails to parse D.J. Bernstein's FTP EPLF ftp listing
697 format and PASV resposes (Bug #1252)
698 - [Medium] BASE HREF missing on ftp directory URLs without /
700 - [Minor security] confusing http_access results on configuration
702 - [Cosmetic] More robust Date parser (Bug #321)
703 - [Minor] reload_with_ims fails to refresh negatively cached objects
705 - [Cosmetic] delay_access description clarification (Bug #1245)
706 - [Cosmetic] Check for integer overflow in size specifications in
707 squid.conf (Bug #1247)
708 - [Cosmetic] bzero is a non-standard function not available on all
709 platforms (Bug #1256)
710 - [Cosmetic] Compiler warnings if pid_t is not an int (Bug #1257)
711 - [Cosmetic] Incorrect use of ctype functions (Bug #1259)
712 - [Cosmetic] Defer digest fetch if the peer is not allowed to be used
714 - [Minor] Duplicate content-length headers logged incorrectly or
715 not cleaned up properly (Bug #1262)
716 - [Cosmetic] Extend relaxed_header_parser to work around "excess
717 data from" errors from many major web servers. (Bug #1265)
718 - [Minor] Add HTTP headers to a netdb error messages
719 - [Minor] Multiple minor aufs issues (Bug #671)
720 - [Minor] Basic authentication fails with very long logins or
722 - [Minor] CONNECT requests truncated if client side disconnects first
724 - [Minor] --disable-hostname-checks configure option did not work
725 - [Cosmetic] LDAP helpers adjusted to compile with SUN LDAP SDK
726 - [Cosmetic] aufs warning about open event filedescriptors on shutdown
727 - [Medium] Failed to process requests for files larger than 2GB in size
728 - [Cosmetic] rename() related cleanup
729 - [Cosmetic] New cachemgr pending_objects and client_objects actions
730 - [Cosmetic] external acls requiring authentication did not request
731 new credentials on access denials like proxy_auth does.
732 - [Cosmetic] Syslog facility now configurable via command line options.
733 - [Cosmetic] New %a error page template code expanding into the
734 authenticated user name. (Bug #798)
735 - [Minor] IP-Filter 4.0 support in --enable-ipf-transparent
736 - [Minor] Support interception of multiple ports
737 - [Cosmetic] Allow "squid -k ..." to run even if the local hostname
738 can not be determined (Bug #1196)
739 - [Cosmetic] Configuration file parser now handles DOS/Windows formatted
740 configuration files with CRLF lineendings proper.
741 - [Minor] Unrecognized Cache-Control directives now forwarded properly
743 - [Minor] Authentication helpers now returns useable information
744 in the %m error page macro on failed authentication (Bug #1223)
745 - [Minor] pid file management corrected in chroot use (Bug #1157)
746 - [Minor Security] Fix for CVE-1999-0710: cachemgr malicouse use.
747 cachemgr.cgi now reads a config file telling which proxy servers
749 - [Minor] aufs statistics improvements
750 - [Minor] SNMP bugfixes and support for SNMPv2(c) (Bug #1288, #1299)
751 - [Minor] ARP acl documentation and cachemgr config dump corrections
752 - [Minor] dstdomain/dstdom_regex acls now allow matching of numeric
753 hostnames in addition to the reverse lookup of the domain name.
754 - [Security] Internal DNS client hardened against spoofing
756 Changes to squid-2.5.STABLE9 (24 Feb 2005)
758 - [Medium] Don't retry requests on 403 errors (Bug #1210)
759 - [Minor] Ignore invalid FQDN DNS responses (Bug #1222)
760 - [Minor] cache_peer related memory leaks on reconfigure (Bug #1246)
761 - [Cosmetic] Adjusted to build cleanly with GCC-4 (Bug #1211)
762 - [Minor] relaxed_header_parser extended to work around even more
763 broken web servers (Bug #1242)
764 - [Minor] FTP gatewaying URLs cleaned up slightly, mainly to work
765 better with Mozilla but also to improve security slightly on
767 - [Minor] High characters allowed un-encoded in FTP and Gopher
768 listings to allow the user-agent to display data in non-iso8859-1
769 charsets. (Bug #1220)
770 - [Cosmetic] format fixes to silence compiler warnings on many
772 - [Major] Assertion failures on certain odd DNS responses (Bug #1234)
774 Changes to squid-2.5.STABLE8 (11 Feb 2005)
776 - [Minor] 100% CPU usage on half-closed PUT/POST requests (Bug #354,
778 - [Cosmetic] Document -v (protocol version) option to LDAP helpers
779 - [Minor] The new req_header and resp_header acls segfaults
780 immediately on parse of squid.conf (Bug #961)
781 - [Minor] Failure to shut down busy helpers on -k rotate/reconfigure
783 - [Minor] Don't use O_NONBLOCK on disk files. (Bug #1102)
784 - [Minor] Squid fails to close TCP connection after blank HTTP
786 - [Minor security] Random error messages in response to malformed
787 host name (Bug #1143)
788 - [Minor] PURGE should not be able to delete internal objects
790 - [Minor] httpd_accel_port 0 (virtual) not working correctly (Bug
792 - [Minor] cachemgr vm_objects segfault (Bug #1149)
793 - [Minor security] Confusing results on empty acl declarations (Bug
795 - [Minor] Don't close all "other" filedescriptors on startup (Bug
797 - [Minor] fakeauth_auth memory leak and NULL pointer access (Bug
799 - [Security] buffer overflow bug in gopherToHTML() (Bug #1189)
800 - [Medium security] Denial of service with forged WCCP messages
802 - [Minor] DNS related memory leak on certain malformed DNS responses
804 - [Minor] Internal DNS sometimes truncates host names in reverse
805 (PTR) lookups (Bug #1136)
806 - [Minor Security] Add sanity checks on LDAP user names (Bug #1187)
807 - [Security] Harden Squid against HTTP request smuggling attacks
808 - [Minor] Icon URLs fails in non-anonymous FTP directory listings is
809 short_icon_urls is on (Bug #1203)
810 - [Security] Harden Squid against HTTP response splitting attacks
812 - [Medium security] Buffer overflow in WCCP recvfrom() call
814 - [Security] Properly handle oversized reply headers (Bug #1216)
815 - [Minor] LDAP helpers search fixed to properly ask for no attributes
816 - [Minor] A sporadic segmentation fault when using ntlm authentication
818 - [Major] Segmentation fault on failed PUT/POST requests (Bug #1224)
819 - [Medium] Persistent connection mismatch on failed PUT/POST request
821 - [Minor] WCCP easily disturbed by forged packets (Bug #1225)
822 - [Minor] Password management in ftp:// gatewaying improved (Bug #1226)
823 - [Major] HTTP reply data corruption in certain situations involving
824 reply headers split over multiple packets (Bug #1233)
826 Changes to squid-2.5.STABLE7 (11 Oct 2004)
828 - [Medium] No objects cached in ufs cache_dir type in some
829 configurations. Issue introduced in 2.5.STABLE6 by the patch for
830 Bug #676. (Bug #1011)
831 - [Minor] LDAP helpers update to correct LDAP connection management
832 and add support for literal password compare instead of binding
833 - [Minor] A large number of queued DNS lookups for the same domain
835 - [Cosmetic] request_header_max_size configuration partly ignored
837 - [Minor] Partial hit results in TCP_HIT, not TCP_MISS. (Bug #1001)
838 - [Cosmetic] HEAD requests may return stale information
840 - [Cosmetic] Warn if cache_dir ufs can not create files. (Bug #918)
841 - [Minor] case insensitive authentication (Bug #431)
842 - [Cosmetic] Add delay pools information to active_requests. (Bug
844 - [Minor] Apparent memory leak in client_db (Bug #833)
845 - [Minor] NTLM authentication truncated causing failures. (Bug
847 - [Cosmetic] Grammatical corrections in squid.conf.default
848 - [Cosmetic] Unknown %X errorpage codes incorrectly quoted. (Bug
850 - [Medium] Segfaults and other strange crashes when using heap
851 policies. (Bug #1009)
852 - [Minor] Supplementary group memberships not set (Bug #1021)
853 - [Cosmetic] ERR_TOO_BIG Portuguese translation
854 - [Minor] external_acl does not handle newlines (Bug #1038)
855 - [Major] NTLM authentication denial of service when using msnt_auth
856 or fake_auth (Bug #1045)
857 - [Medium] Memory leaks when using NTLM authentication without
858 challenge reuse. (Bug #994)
859 - [Minor] Temporary NTLM memory leak with challenge reuse enabled
861 - [Minor] assertion failed: "n_ufs_dirs <=
862 Config.cacheSwap.n_configured". (Bug #1053)
863 - [Minor] Segfault in authenticateDigestHandleReply. (Bug #1031)
864 - [Minor] acl time fails to parse multiple time specifications
866 - [Minor] cachemgr config dumps mixed up Range and Request-Range
867 headers in http_header_access & replace directives. (Bug #1056)
868 - [Minor] Content-Disposition added as a well known header (Bug #961)
869 - [Cosmetic] Don't warn about arp acls not being supported on FreeBSD
871 - [Cosmetic] Limit internal send/receive buffer sizes (Bug #1075)
872 - [Medium] New acl types to match arbitrary HTTP headers. In addition
873 the http_header_access & replace directives now support arbitrary
874 headers and not only the well known ones. (Bug #961)
875 - [Cosmetic] ncsa_auth now accepts Window formatted password files
877 - [Cosmetic] Support the --program-prefix/suffix options or other
878 configure program name transforms (Bug #1019)
879 - [Minor] Fix race condition in CONNECT and also handle aborts of
880 CONNECT requests in a more graceful manner. (Bug #859)
881 - [Minor] New balance_on_multiple_ip directive to work around certain
882 broken load balancers and optimized ipcache on reload requests
884 - [Medium] New reply_header_max_size directive
886 - [Minor] Suspected instability on aborted PUT/POST requests
888 - [Security] SNMP Denial of Service fix (CAN-2004-0918)
890 Changes to squid-2.5.STABLE6 (9 Jul 2004)
892 - Bug #937: NTLM assertion error "srv->flags.reserved"
893 - Bug #935: squid_ldap_auth can be confused by the use of reserved
895 - Helper queue warnings imprecise on the number of helpers required
896 - squid_ldap_auth TLS mode works correctly again
897 - Bug #940, #305: pkg-config support for finding correct OpenSSL
899 - Bug #426: "Vary: *" is ignored
900 - 100% CPU usage on Linux-2.2
901 - Version number should not include -CVS if autoconf is run
902 - Bug #947: deny_info redirection with requested URL escaped wrongly
903 - Bug #495: CONNECT timeout should produce a 504 or 503
904 - Bug #956: cache_swap_log documentation referred to swap.state by
905 it's old swap.log name
906 - ntlm/auth_ntlm.c(683): warning #187: use of "=" where "==" may
908 - Bug #962: rfc1035NameUnpack: Assertion (*off) < sz failed
909 - Bug #954: Segment violation when using a blank user name in digest
911 - Bug #943: assertion failed: errorpage.c:292: "mem->inmem_hi == 0"
912 - Spelling corrections in configure and squid.conf.default
913 - The meaning of ERR in digest helper protocol clarified in the
914 squid.conf documentation
915 - Bug #950: Spelling error in Turkish ERR_DNS_FAIL
916 - Bug #616: Negative cached 404 replies with VARY header never matched
917 - Bug #968: range_offset_limit -1 KB rejected as invalid syntax
918 due to a shortcoming in the fix to bug #817
919 - Bug #570: Very large cache_mem values reported wrongly in cache.log
920 - Bug #676: store_dir_select_algorithm least-load doesn't work for
922 - Bug #946: cacheCurrentUnlinkRequests should be a counter, not gauge
923 - Bug #948: Show client ip in cache.log debug output
924 - Bug #960: compilation issue on OpenBSD/m88k
925 - Bug #969: FTP directory listing HTML DOCTYPE misread by some tools
926 - Bug #991: dns_servers should default to localhost if no resolv.conf
927 - Bug #717: msnt_auth documentation update
928 - Bug #753: Segfault in memBufVPrintf on certain architectures
930 - Bug #941: Negative size in access.log on long running CONNECT
932 - Bug #972: Segmentation fault after "Likely proxy abuse detected"
933 - Bug #981: sasl_auth updated to work with SALS2
934 - Overflow bug in Squid's ntlm_auth helper used for transparent NTLM
935 authentication to a NT domain without using Samba.
937 Changes to squid-2.5.STABLE5 (1 Mar 2004):
939 - cache.log message on "squid -k reconfigure" was slightly confusing,
940 claiming Squid restarted when it just reread the configuration.
941 - Bug #787: digest auth never detects password changes
942 - Bug #789: login with space confuses redirector helpers
943 - Bug #791: FQDNcache discards negative responses when using
945 - pam_auth fails on Solaris when using pam_authtok_get. Persistent
946 PAM connections are unsafe and now disabled by default.
947 - auth_param documentation clarifications and added default realm
948 values making only the helper program a required attribute
949 - Bug #795: German ERR_DNS_FAIL correction
950 - Bug #803: Lithuanian error messages update
951 - Bug #806: Segfault if failing to load error page
952 - Bug #812: Mozilla/Netscape plugins mime type defined (.xpi)
953 - Bug #817: maximum_object_size too large causes squid not to cache
954 - Bug #824: 100% CPU loop if external_acl combined with separate
955 authentication acl in the same http_access line
956 - squid_ldap_group updated to version 2.12 with support for ldaps://
957 (LDAPv2 over SSL) and a numer of other improvements.
958 - Bug #799: positive_dns_ttl ignored when using internal DNS.
959 - Bug #690: Incorrect html on empty Gopher responses
960 - Bug #729: --enable-arp-acl may give warning about net/route.h
961 - Bug #14: attempts to establish connection may look like syn flood
962 attack if the contacted server is refusing connections
963 - errorpage README files included in the distribution again showing
964 who contributed which translation
965 - Bug #848: connect_timeout connect_timeout ends up twice the length.
966 forward_timeout option added to address this.
967 - Bug #849: DNS log error messages should report the failed query
968 - Bug #851: DNS retransmits too often
969 - Bug #862: Very frequently repeated POST requests may cause a
970 filedescriptor shortage due to persitent connections building up
971 - Bug #853: Sporatic segmentation faults on aborted FTP PUT requests
972 - Bug #571: Need to limit use of persistent connections when
973 filedescriptor usage is high
974 - Bug #856: FTP/Gopher Icon URLs are unneededly complex and often
975 does not work properly
976 - Bug #860: redirector_access does not handle "slow" acls such as
977 "dst" or "external" requiring a external lookup.
978 - Bug #865: Persistent connection usage too high after sudden burst
980 - Bug #867: cache_peer max-conn=.. option does not work
981 - Bug #868: refuses to start if pid_filename none is specified
982 - Bug #887: LDAP helper -Z (TLS) option does not work
983 - Bug #877: Squid doesn't follow telnet protocol on FTP control
985 - Bug #908: Random auth popups and account lockouts when using ntlm
986 - Support for NTLM_NEGOTIATE exchanges with ntlm helpers
987 - Bug #585: cache_peer_access fails with NTLM authentication
988 - Bug #592: always/never_direct fails with NTLM authentication
989 - wbinfo_group update for Samba-3
990 - Bug #892: helpers/ntlm_auth/SMB/ fails to compile on FreeBSD 5.0
991 - Bug #924: miss_access restricts internal and cachemgr requests
992 even if these are local
993 - Bug #925: auth headers send by squidclient are mildly malformed
994 - Bug #922: miss_access and delay_access and several other
995 authentication related bug fixes.
996 - Bug #909: Added ARP acl support for FreeBSD
997 - Bug #926: deny_info with http_reply_access or miss_access
998 - Bug #872: reply_body_max_size problems when using NTLM auth
999 - Bug #825: random segmentation faults when using digest auth
1000 - Bug #910: Partial fix for temporary memory leaks when using NTLM
1001 auth. There is still problems if challenge reuse is enabled.
1002 - ftp://anonymous@host/ now accepted without requiring a password
1003 - Bug #594: several mime type updates (ftp:// related)
1004 - url_regex enhanced to allow matching of %00
1006 Changes to squid-2.5.STABLE4 (15 Sep 2003):
1008 - Lithuanian error messages added to the distribution
1009 - Bug #660: segfauld if more than one custom deny_info line
1010 - cache_dir disd documentation cleanup
1011 - check open of /dev/null to avoid 100% CPU loop in badly
1012 configured chroot environments
1013 - documentation update on uri_whitespace to refer to the correct RFC
1014 - Bug #655: icmpRecv: recv: (11) Resource temporarily unavailable
1015 - Bug #683: external_acl does not wait for ident lookups to complete
1016 - aufs: Fix a minor use-after-free problem which could cause the
1017 count of opening filedescriptors to grow larger than it should
1018 - Syntax changes to make GCC-3.3 accept Squid without complaints
1019 - Warning if CARP server defined in incorrect load factor order
1020 - neighbor_type_domain documentation update
1021 - http_header_access now works when using cache peers
1022 - high_memory_warning now uses sbrk as fallback mechanism on
1023 platforms where neither mallinfo or mstats are available.
1024 - hosts_file now handles comments at the end of lines correcly
1025 - storeCheckCachable() Stats corrected for release_request and
1026 wrong_content_length.
1027 - cachePeerPingsSent MIB type corrected
1028 - unused minimum_retry_timeout directive removed
1029 - Bug #702: ERR_TO_BIG spanish translation
1030 - Bug #705: Memory leak on deny_info TCP_RESET
1031 - Code cleanup to fix compile error in httpHeaderDelById
1032 - Bug #699: Host header now forwarded exactly where it was in the
1033 original request to work around certain broken firewalls or
1034 load balancers which fail if this header is too far into the
1036 - Bug #704: Memory leak on reply_body_max_size
1037 - Bug #686: requests denied due to http_reply_access are now
1038 logged with TCP_DENIED (instead of TCP_MISS, etc).
1039 - Bug #708: ie_refresh now sends no-cache to have the reload
1040 request propagate properly in cache meshes
1041 - Bug #700: Crashes related to ftpTimeout: timeout in SENT_PASV state
1042 - Bug #709: cbdata.c:186: "c->valid" assertion due to peer
1044 - Bug #710: round-robin cache_dir selection incorrectly
1046 - Statistics corrections in HTTP header statitics
1047 - QUICKSTART cleanups
1048 - Bug #715: statCounter.syscalls.disk counters treated
1049 inconsistently. Now increment the counters in AUFS
1050 functions and for unlinkd.
1051 - Improvements to the (experimental) COSS storage scheme.
1052 - Bug #721: User name field in access.log sometimes blank
1053 - Bug #94: assertion failed: http.c: "-1 == cfd ||
1054 FD_SOCKET == fd_table[cfd].type"
1055 - Bug #716: assertion failed: client_side.c:1478: "size > 0"
1056 - Bug #732: aufs calculates number of threads and limits wrongly
1057 - Bug #663: Username not logged into access.log in case of /407
1058 - Bug #267: Form POSTing troubles with NTLM authentication
1059 and occationally in differen other error conditions.
1060 - Bug #736: ICP dynamic timeout algorithm ignores multicast.
1061 - Bug #733: No explicit error message when ncsa_auth can't access
1063 - Bug #267, #757: POST with NTLM stops after persistent connection
1065 - Bug #742: Wrong status code on access denials if delay_access
1066 is used. Most notably 407 instead of 403 could be returned.
1067 - Bug #763: segfault if using ntlm in http_reply_access
1068 - Bug #638: assertion error if using proxy_auth in delay_access
1069 - Bug #756: segmentation fault if using ntlm proxy_auth in delay_access
1070 - The issue of reply_body_max_size limiting the size of error
1071 messages no longer applies.
1072 - external_acl_type concurrency= option renamed to children= to
1073 prepare for Squid-3 upgrades. Old syntax still accepted for the
1074 duration of the Squid-2.5 release.
1075 - number of filedescriptors rounded down to an even multiple of 64
1076 to work around issues in certain libc implementations.
1077 - winbind helpers less noisy in cache.log on restarts/shutdown.
1078 - Squid now automatically restarts helpers if too many of them
1081 Changes to squid-2.5.STABLE3 (25 May 2003):
1083 - Bug #573: Occational false negatives in external acl lookups
1084 - Bug #577: assertion failed: cbdata.c:224: "c->y == c" when
1085 external_acl helpers crashes
1086 - Bug #590: Squid may hang or behave oddly on shutdown while
1087 requests is being processed.
1088 - Bug #590: external acl lookups does not deal well with queue
1090 - cache_effective_user documentation update
1091 - cache_peer documentation update for htcp and carp
1092 - Bug #600: The example header_access paranoid setting is
1093 missing WWW-Authenticate
1094 - Bug #605: Segmentation fault in idnsGrokReply() on certain
1096 - Fixes to build properly on AIX 5
1097 - Bug #574: wb_group updated to version 1.1 to make group names
1098 case insensitive and correct a segfault issue in the helper
1099 - SNMP mib updates to make cacheNumObjCount,
1100 cacheCurrentUnlinkRequests, cacheCurrentSwapSize and cacheClients
1101 correctly report as gauges (was reporting as counters).
1102 - Woraround for --enable-ssl Kerberos issue on RedHat 9
1103 - Bug #579: Close and repopen log files on "squid -k reconfigure"
1104 - Bug #598: squid_ldap_auth could segfault if LDAP server is
1106 - Bug #609,#612: msntauth helper fixes in dealing with large
1107 or non-existing allow/deny user files.
1108 - Bug #620: acl ident REQUIRED matches even if the ident lookup fails
1109 - Bug #432: reply_body_max_size fails with ident or proxy_auth acls
1110 and also fails to block large objects where the content-length
1112 - Bug #606: Basic auth looping and gets stuck at high CPU usage when
1113 multiple proxy_auth ACLs combined in one line and login fails.
1114 - squid_ldap_auth updated with support for TLS and SSL
1115 - Bug #623: segfault if using negated external acls in certain
1116 configurations involving other acls later on the same http_access
1118 - Bug #622: wb_group helper update to version 1.2 to ass support for
1119 Domain-Qualified groups refering to groups in a specific domain
1120 - Bug #596: logic error in poll() error management
1121 - Bug #597: logic errors in error management
1122 - Bug #591: segmentation fault in authentication on "squid -k debug"
1123 - Bug #587: smb_auth fails on complex logins involving domain names
1124 or other odd characters
1125 - Bug #558, #587: smb_auth.pl fails on complex logins involving
1126 domain names or other odd characters
1127 - Bug #643: external_acl fails with ttl=0 due to a change introduced
1128 by the patch for Bug #553 in 2.5.STABLE2.
1129 - Bug #630: minor issues in digest authantication causing random
1130 authentication failures and incompability with many mainstream
1131 browser digest implementations due to browser qop bugs. To deal
1132 with those broken browser nonce_stricness now defaults to off,
1133 and two new digest options have been added (check_nonce_count
1134 and post_workaround) to allow workarounds to other quite bad
1135 browser bugs if needed.
1136 - Bug #644: digest authentication fails on requests with one
1137 or more comma in the requested URL
1138 - Bug #648: deny_info TCP_RESET not working. The fix for this also
1139 adds the ability to send redirects.
1141 Changes to squid-2.5.STABLE2 (Mars 17, 2003):
1143 - Contrib files added back to the distribution
1144 - Several compiler warnings fixed when using --disable-ident or
1145 --disable-http-violations
1146 - authentication can now be used in most access controls, but
1147 must in most cases first be enforced in http_access to force
1148 the user to authenticate.
1149 - cleanups in the developer bootstrap.sh process when preparing
1151 - several squid.conf.default documentation updated to correctly
1152 refer to the current names when refering to other directives
1153 - authenticate_ip_ttl documentation updates
1154 - several assertion faults and segmentation violations corrected
1155 - the RunCache/RunAccel and squid.rc scripts updated to refer to
1156 the squid binary in sbin rather than the old bin location.
1157 - squid_ldap_auth command line processing fixes when specifying
1158 the LDAP server last on the line instead of -h option
1159 - aufs data corruption bugfix
1160 - aufs performance improvement for low traffic systems
1161 - aufs stability improvements
1162 - external_acl corrected to properly deal with quoted strings
1163 - WCCPv1 bugfix to make sure the router accepts the hash assignments
1164 - "Total accounted memory" now correctly reported in cachemgr
1165 - several small memory leaks (mostly reconfigure related)
1166 - new squid.conf option to allow GET/HEAD requests with a request
1168 - "make uninstall" no longer removes squid.conf
1169 - cachemgr.cgi now uses POST to avoid having the cachemgr password
1170 logged in the web server logs
1171 - authentication schemes which are known to not be proxyable are now
1172 filtered out from forwarded server replies to avoid that the clients
1173 tries to use such schemes when we know for a fact it won't work
1174 - spelling corrections in various error messages
1175 - now possible to define acl values with spaces in them
1176 by using the "include file" feature
1177 - squid_ldap_group updated to 2.10 to fix compilation issues with
1178 recent (and older) OpenLDAP libraries and to make the helper deal
1179 correctly with true LDAP groups by first looking up the user DN.
1180 - Some internal code cleanups
1181 - now verifies that programs etc exists iside the chroot directory
1182 when using chroot_dir. No longer neccesary to set up a split view
1183 environment where the same paths works both inside the chroot and
1184 outside just to convince Squid that the files is actually there..
1185 - improved memory usage reporting
1186 - --disable-hostname-checks configure option
1187 - no longer ignores double dots in host names. Any hostname with
1188 double dots is now rejected as invalid.
1189 - log_mime_hdrs no longer logs garbage if very long headers
1191 - 'select_fds_hist' object added to cachemgr 'histogram' output
1192 - pid file now unlinked when squid has really shut down, not
1193 immediately when the shutdown request is received. This allows
1194 the pid file to be monitored to determine when Squid has shut down
1196 - correct authentication scheme setups on some platforms or compilers
1197 - several squid.conf.default documentation updates to remove references
1198 to renamed or replaced directives by changing them to their current
1200 - the SSL reverse proxy support updated to allow building with
1201 OpenSSL 0.9.7 and and later.
1202 - Corrected a minor performance problem while processing HEAD replies
1203 from various broken web servers not sending a correct HTTP reply
1204 - time acls can now specify multiple times in the same acl name, like
1205 most other acl types.
1206 - winbind helpers updated to match Samba-2.2.7a and should
1207 work with Samba-2.2.6 or later (required). For compability with
1208 older Samba versions A new configure option --with-samba-sources=...
1209 has been added to allow you to specify which Samba version the
1210 helpers should be built for if different than the above versions.
1211 - Squid MIB definition syntax correction to work better with newer
1212 (and older) SNMP tools.
1213 - Fixed access.log format when logging "error:invalid-HTTP-ident" on
1214 requests where parsing the HTTP identifier (HTTP/1.0) failed.
1215 - "make distclean" no longer removes the icons, this avoids the
1216 dependency on "uudecode" to rebuild Squid after "make distclean"
1217 - User name returned by external acl lookups (external_acl_type)
1218 is now available as "ident" in later acl checks in addition to
1219 the logging in access.log.
1220 - Incorrect behaviour of Digest authentication partly corrected - it
1221 will not handle sessions, but will always enforce password
1222 correctness.. (patch submitted by Sean Burford).
1223 - Issue with persistent connections and PUT/POST request corrected
1225 Changes to squid-2.5.STABLE1 (September 25, 2002):
1227 - Major rewrite of proxy authentication to support other schemes
1228 than basic. First in the line is NTLM support but others can
1229 easily be added (minimal digest is present). See Programmers Guide.
1230 (Robert Collins & Francesco Chemolli)
1231 - Reworked how request bodies are passed down to the protocols.
1232 Now all client side processing is inside client_side.c, and
1233 the pass and pump modules is no longer used.
1235 - Optimized searching in proxy_auth and ident ACL types. Squid should
1236 now handle large access lists a lot more efficiently.
1237 (Francesco Chemolli)
1238 - Fixed forwarding/peer loop detection code (Brian Degenhardt) -
1239 now a peer is ignored if it turns out to be us, rather than
1241 - Changed the internal URL code to obey appendDomain for internal
1242 objects if it needs appending. This fixes weirdnesses where
1243 a machine can think it is "foo.bar.com", and "foo" is requested.
1245 - Added the use of Automake to create the Makefile.in's in the squid
1246 source tree. This will allow libtool in the future, and immediately
1247 allows better dependency tracking - with or without gcc - as well
1248 as the dist-all and distcheck targets for developers which respectively
1249 build a tar.gz and a tar.bz2 distribution, and check that what will be
1251 - Added TOS and source address selection based on ACLs,
1252 written by Roger Venning. This allows administrators to set
1253 the TOS precedence bits and/or the source IP from a set of
1254 available IPs based upon some ACLs, generally to map different
1255 users to different outgoing links and traffic profiles.
1256 - Added 'max-conn' option to 'cache_peer'
1257 - Added SSL gatewaying support, allowing Squid to act as a SSL server
1258 in accelerator setups.
1259 - SASL authentication helper by Ian Castle
1260 - msntauth updated to v2.0.3
1261 - no_cache now applies to cache hits as well as cache misses
1262 - the Gopher client in Squid has been significantly improved
1263 - Squid now sanity checks FTP data connections to ensure the
1264 connection is from the requested server. Can be disabled if
1265 needed by turning off the ftp_sanitycheck option.
1266 - external acl support. A mechanism where flexible ACL checks
1267 can be driven by external helpers. See the external_acl_type
1268 and acl external directives.
1269 - Countless other small things and fixes
1270 - HTML pages generated by Squid or CacheMgr as well as the
1271 ERR documents now contain a doctype declaration so that
1272 browsers know which HTML specification the document uses.
1273 In addition to that they have a new look (background-color, font)
1274 and are valid according to the HTML standards at www.w3.org.
1276 - Login and password send to Basic auth helpers is now URL escaped
1277 to allow for spaces and other "odd" characters in logins and
1279 - Proxy Authentication is no longer blindly forwarded to peer
1280 caches if not used locally. If forwarding of proxy authentication
1281 is desired then it must now be configured with the login=PASS
1283 - Responses with Vary: in the header are now cached by squid.
1285 - Removed unused 'siteselect_timeout' directive.
1287 Changes to Squid-2.4.STABLE7 (July 2, 2002):
1289 - Squid now drops any requests using transfer-encoding.
1290 Squid is a HTTP/1.0 proxy and as such do not support
1291 the use of transfer-encoding.
1292 - The MSNT auth helper has been updated to v2.0.3+fixes for
1293 buffer overflow security issues found in this helper.
1294 - A security issue in how Squid forwards proxy authentication
1295 credentials has been fixed
1296 - Minor changes to support Apple MAC OS X and some other platforms
1298 - The client -T option has been implemented
1299 - HTCP related bugfixes in "squid -k reconfigure"
1300 - Several bugfixes and cleanup of the Gopher client, both
1301 to correct some security issues and to make Squid properly
1302 render certain Gopher menus.
1303 - FTP data channels are now sanity checked to match the address of
1304 the requested FTP server. This to prevent theft or injection of
1305 data. See the new ftp_sanitycheck directive if this is not desired.
1306 - Security fixes in how Squid parses FTP directory listings into HTML
1308 Changes to Squid-2.4.STABLE6 (March 19, 2002):
1310 - The patch for 2.4.STABLE5 was insufficiently tested and
1311 introduced a bug that causes frequent assertions when
1312 handling DNS PTR answers.
1314 Changes to Squid-2.4.STABLE5 (March 15, 2002):
1316 - Fixed an array bounds bug in lib/rfc1035.c. This bug
1317 could allow a malicious DNS server to send bogus replies
1318 and corrupt the heap memory.
1320 Changes to Squid-2.4.STABLE4 (Feb 19, 2002)
1322 - htcp_port 0 now properly disables htcp
1323 - Fixed problem with certain non-anonymous ftp:// style URL's
1324 - SNMP bugfixes including several memory leaks
1326 Changes to Squid-2.4.STABLE3 (Nov 28, 2001):
1328 - Fixed bug #255: core dump on SSL/CONNECT if access denied by
1330 - Fixed bug #246: corrupt on-disk meta information preventing
1331 rebuilds of lost swap.state files
1332 - Fixed bug #243: squid_ldap_auth now supports spaces in passwords
1333 - Fixed a coredump when creating FTP directories
1334 - Fixed a compile time problem with statHistDump prototype mistmatch,
1335 reported by some compilers
1336 - Fixed a potential coredump situation on snmpwalk in certain
1338 - Fixed bug #229: filedescriptor leakage in the "aufs" cache_dir
1339 store implementation
1340 - Serbian error message translations
1342 Changes to Squid-2.4.STABLE2 (Aug 24, 2001):
1344 - Expanded configure's GCC optimization disabling check to
1346 - avoid negative served_date in storeTimestampsSet().
1347 - Made 'diskd' pathnames more configurable
1348 - Make sure squid parent dies if child is killed with
1350 - Changed diskd offset args to off_t instead of int
1351 - Fixed bugs #102, #101, #205: various problems with useragent
1353 - Fixed bug #116: Large Age: values still cause problems
1354 - Fixed bug #119: Floating point exception in
1355 storeDirUpdateSwapSize()
1356 - Fixed bug #114: usernames not logged with
1357 authenticate_ip_ttl_is_strict
1358 - Fixed bug #115: squid eating up resources (eventAdd args)
1359 - Fixed bug #125: garbage HTCP requests cause assertion
1360 - Fixed bug #134: 'virtual port' support ignores
1361 httpd_accel_port, causes a loop in httpd_accel mode
1362 - Fixed bug #135: assertion failed: logfile.c:135: "lf->offset
1364 - Fixed bug #137: Ranges on misses are over-done
1365 - Fixed bug #160: referer_log doesn't seem to work
1366 - Fixed bug #162: some memory leaks (SNMP, delay_pools,
1367 comm_dns_incoming histogram)
1368 - Fixed bug #165: "Store Mem Buffer" leaks badly
1369 - Fixed bug #172: Ident Based ACLs fail when applied to
1371 - Fixed bug #177: LinuxPPC 2000 segfault bug due to varargs abuse
1372 - Fixed bug #182: 'config' cachemgr option dumps core with
1374 - Fixed bug #185: storeDiskdDirParseQ[12]() use wrong number
1375 of args in debug/printf
1376 - Fixed bug #187: bugs in lib/base64.c
1377 - Fixed bug #184: storeDiskdShmGet() assertion; changed
1378 diskd to use bitmap instead of linked list
1379 - Fixed bug #194: Compilation fails on index() on some
1381 - Fixed bug #197: refreshIsCachable() incorrectly checks
1382 entry->mem_obj->reply
1383 - Fixed bug #215: NULL pointer access for proxy requests
1386 Changes to Squid-2.4.STABLE1 (Mar 20, 2001):
1388 - Fixed a bug in and cleaned up class 2/3 delay pools
1390 - Fixed a coredump bug when using external dnsservers that
1392 - Fixed some NULL pointer bugs for NULL storage system
1394 - Fixed a bug with useragent logging that caused Squid to
1395 think the logfile never got opened.
1396 - Fixed a compiling bug with --disable-unlinkd.
1397 - Changed src/squid.h to always use O_NONBLOCK on Solaris
1399 - Fixed a bug with signed/unsigned bitfield flag variables
1400 that caused problems on Solaris.
1401 - Fixed a bug in clientBuildReplyHeader() that could add
1402 an Age: header with a negative value, causing an assertion
1404 - Fixed an SNMP reporting bug. cacheCurrentResFileDescrCnt
1405 was returning the number of FDs in use, rather than
1406 the number of reserved FDs.
1407 - Added the 'pipeline_prefetch' configuration option.
1408 - cache_dir syntax changed to use options instead of many
1409 arguments. This means that the max_objsize argument now
1410 is an optional option, and that the syntax for how to
1411 specify the diskd magics is slightly different.
1412 - Various fixes for CYGWIN
1413 - Upgraded MSNT auth module to version 2.0.
1414 - Fixed potential problems with HTML by making sure all
1415 HTML output is properly encoded.
1416 - Fixed a memory initialization problem with resource records in
1418 - Rewrote date parsing in lib/rfc1123.c and made it a little
1420 - Added Cache-control: max-stale support.
1421 - Fixed 'range_offset_limit' again. The problem this time
1422 is that client_side.c wouldn't set the we_dont_do_ranges
1423 flag for normal cache misses. It was only being set for
1424 requests that might have been hits, but we decided to
1426 - Added the Authenticate-Info and Proxy-Authenticate-Info
1427 headers from RFC 2617.
1428 - HTTP header lines longer than 64K could cause an assertion.
1429 Now they get ignored.
1430 - Fixed an IP address scanning bug that caused "123.foo.com"
1431 to be interpreted as an IP address.
1432 - Converted many structure allocations to use mem pools.
1433 - Changed proxy authentication to strip leading whitespace
1434 from usernames after decoding.
1435 - Prevented NULL pointer access in aclMatchAcl(). Some
1436 ACL types require checklist->request_t, but it won't be
1437 available in some cases (like snmp_access). Warn the
1438 admin that the ACL can't be checked and that we're denying
1440 - Allow zero-size disk caches.
1441 - The actual filesystem blocksize is now used to account
1442 for space overheads when calculating on-disk cache size.
1443 - Made the maximum memory cache object size configurable.
1444 - Added 'minimum_direct_rtt' configuration option.
1445 - Added 'ie_refresh' configuration option, which is a hack
1446 to turn IMS requests into no-cache requests.
1447 - Added support for netfilter in linux-2.4. This allows transparent
1448 proxy connections to function correctly in the absence of a Host:
1449 header. This requires --enable-linux-netfilter to be passed through
1450 to configure. (Evan Jones)
1451 - Fixed a bug with clientAccessCheck() that allowed proxy
1452 requests in accel mode.
1453 - Fixed a bug with 301/302 replies from redirectors. Now
1454 we force them to be cache misses.
1455 - Accommodated changes to the IP-Filter ioctl() interface
1456 for intercepted connections.
1457 - Fixed handling of client lifetime timeouts.
1458 - Fixed a buffer overflow bug with internal DNS replies
1459 by truncating received packets to 512 bytes, as per
1461 - Added "forward.log" support, but its work in progress.
1462 - Rewrote much of the IP and FQDN cache implementation.
1463 This change gets rid of pending hits.
1464 - Changed peerWouldBePinged() to return false if our
1465 ICP/HTCP port is zero (i.e. disabled).
1466 - Changed src/net_db.c to use src/logfile.c routines,
1467 rather than stdio, because of solaris stdio filedescriptor
1469 - Made netdbReloadState() more robust in case of corrupted
1471 - Rewrote some freshness/staleness functions in src/refresh.c,
1472 partially inspired to support cache-control max-stale.
1473 - Fixed status code logging for SSL/CONNECT requests.
1474 - Added a hack to subtract cache digest network traffic
1475 from statistics so that byte hit ratio stays positive
1476 and more closely reflects what people expect it to be.
1477 - Fixed a bug with storeCheckTooSmall() that caused
1478 internal icons and cache digests to always be released.
1479 - Added statfs(2) support for displaying actual filesystem
1480 usage in the cache manager 'storedir' output.
1481 - Changed status reporting for storage rebuilding. Now it
1482 prints percentage complete instead of number of entries
1484 - Use mkstemp() rather than problem-prone tempnam().
1485 - Changed urlParse() to condense multiple dots in hostnames.
1486 - Major rewrite of async-io (src/fs/aufs) to make it behave
1487 a bit more sane with substantially less overhead. Some
1488 tuning work still remains to make it perform optimal.
1489 See the start of store_asyncufs.h for all the knobs.
1490 - Fixed storage FS modules to use individual swap space
1491 high/low values rather than the global ones.
1492 - Fixed storage FS bugs with calling file_map_bit_reset()
1493 before checking the bit value. Calling with an invalid
1494 value caused memory corruption in random places.
1495 - Prevent NULL pointer access in store_repl_lru.c for
1496 entries that exist in the hash but not the LRU list.
1498 Changes to Squid-2.4.DEVEL4 ():
1500 - Added --enable-auth-modules=... configure option
1501 - Improved ICP dead peer detection to also work when the workload
1503 - Improved TCP dead peer detection and recovery
1504 - Squid is now a bit more persistent in trying to find a alive
1505 parent when never_direct is used.
1506 - nonhierarchical_direct squid.conf directive to make non-ICP
1507 peer selection behave a bit more like ICP selection with respect
1509 - Bugfix where netdb selection could override never_direct
1510 - ICP timeout selection now prefers to use parents only when
1511 calculating the dynamic timeout to compensate for common RTT
1512 differences between parents and siblings.
1513 - No longer starts to swap out objects which are known to be above
1514 the maximum allowed size.
1515 - allow-miss cache_peer option disabling the use of "only-if-cached".
1516 Meant to be used in conjunction with icp_hit_stale.
1517 - Delay pools tuned to allow large initial pool values
1518 - cachemgr filesystem space information changed to show useable space
1519 rather than raw space, and platform support somewhat extended.
1520 - Logs destination IP in the hierarchy log tag when going direct.
1521 (can be disabled by turning log_ip_on_direct off)
1522 - Async-IO on linux now makes proper use of mutexes. This fixes some
1523 odd pthread segfaults on SMP Linux machines, at a slight performance
1525 - %s can now be used in cache_swap_log and will be substituted with
1526 the last path component of cache_dir.
1527 - no_cache is now a full ACL check without, allowing most ACL types
1529 - The CONNECT method now obeys miss_access requirements
1530 - proxy_auth_regex and ident_regex ACL types
1531 - Fixed a StoreEntry memory leak during "dirty" rebuild
1532 - Helper processes no longer hold unrelated filedescriptors open
1533 - Helpers are now restarted when the logs are rotated
1534 - Negatively cached DNS entries are now purged on "reload".
1535 - PURGE now also purges the DNS cache
1536 - HEAD on FTP objects no longer retrieves the whole object
1537 - More cleanups of the dstdomain ACL type
1538 - Squid no longer tries to do Range internally if it is not supported
1539 by the origin server. Doing so could cause bandwidth spikes and/or
1541 - httpd_accel_single_host squid.conf directive
1542 - "round-robin" cache_peer counters are reset every 5 minutes to
1543 compensate previously dead peers
1544 - DNS retransmit parameters
1545 - Show all FTP server messages
1546 - squid.conf.default now indicates if a directive isn't enabled in
1547 the installed binary, and what configure option to use for enabling it
1548 - Fixed a temporary memory leak on persistent POSTs
1549 - Fixed a temporary memory leak when the server response headers
1550 includes NULL characters
1551 - authenticate_ip_ttl_is_strict squid.conf option
1552 - req_mime_type ACL type
1553 - A reworked storage system that supports storage directories in
1554 a more modular fashion. The object replacement and IO is now
1555 responsibility of the storage directory, and not of the storage
1557 - Fixed a bogus MD5 mismatch warning sometimes seen when using
1558 aufs or diskd stores
1559 - Added --enable-stacktraces configure option to set PRINT_STACK_TRACE,
1560 and extended support for this to Linux/GNU libc.
1561 - Disabled the "request timeout" error message sent if the user agent
1562 did not provide a request in a timely manner after opening the
1563 connection. Now the connection is silently closed. The error message
1564 was confusing user agents utilizing persistent connections.
1565 - Fixed configure --enable descriptions to match the arg names.
1566 - Eliminated compile warnings from auth_modules/MSNT code.
1567 - Require first character of hostnames to be alphanumeric.
1568 - Made ARP ACL work for Solaris.
1569 - Removed storeClientListSearch().
1570 - Added counters to track diskd operation success and
1572 - Fixed range_offset_limit.
1573 - Added code to retry ServFail replies for internal DNS
1575 - Added referer header logging (Jens-S. Voeckler).
1576 - Added "multi-domain-NTLM" authentication module, a Perl
1577 script from Thomas Jarosch.
1578 - Added configurable warning messages for high memory usage,
1579 high response time, and high page faults.
1580 - Made store dir selection algorithm configurable.
1581 - Added support for admin-definable extension methods,
1583 - Added 'maximum_object_size_in_memory' as a configuration option -
1584 this defines the watermark where objects transit from being true
1585 hot objects to being in-transit objects in memory. It currently
1587 - Change to the fqdn code which changes how pending DNS requests
1588 are treated as private and only become public once they are
1589 completed. This can add extra load on DNS servers but prevents
1590 all the pending clients blocking if one of the queries got
1591 stuck. (Duane Wessels)
1592 - Converted more code to use MemPools, from Andres Kroonmaa.
1593 - Added more CYGWIN patches from Robert Collins.
1595 Changes to Squid-2.4.DEVEL3 ():
1597 - Added Logfile module.
1598 - Added DISKD stats via cachemgr.
1599 - Added squid.conf options for DISKD magic constants.
1601 Changes to Squid-2.4.DEVEL2 (Feb 29, 2000):
1603 Changes to Squid-2.4.DEVEL1 ():
1605 Changes to Squid-2.3.STABLE4 (July 18, 2000):
1607 - Fixed --localstatedir configure option (IKEDA Shigeru).
1608 - Fixed IPFilter headers on OpenBSD (Nic Bellamy, Brad
1610 - Added pthread_sigmask() check to configure (Daniel
1612 - Added CYGWIN patches from Robert Collins.
1613 - Changed internal DNS lookups to retry queries that are
1614 returned with RCODE 2 (ServFail).
1615 - Added 'virtual port' support (Gregg Kellogg). If
1616 'httpd_accel_uses_host_header' is enabled, then we use
1617 the port number from the Host header. Otherwise, when
1618 'httpd_accel_port' is set to "0" we use the port number
1619 of the local end of the client socket.
1620 - Fixed a typo in carp.c (Nikolaj Yourgandjiev).
1621 - Made Squid accept GET requests that have a "content-length:
1623 - Added a sanity check on the NHttpSockets[] array index
1625 - Added a friendlier message when Squid can't find any DNS
1626 nameserver addresses to use (Daniel Kiracofe).
1627 - Added nonstandard WEBDAV methods: BMOVE, BDELETE, BPROPFIND
1629 - Added missing '%c' token replacement in error page
1631 - Fixed a bug with 'minimum_object_size' that prevented
1632 internal icons from being loaded.
1633 - Fixed "extra semicolon" bug in storeExpiredReferenceAge()
1634 that could prevent any objects from being replaced.
1635 - Make sure that storeDirDiskFull() doesn't actually
1636 *increase* the cache size.
1637 - Changed a storeSwapMetaUnpack() assertion to a recoverable
1639 - Removed "wccpHereIam" event check that could cause Squid
1640 to stop sending HERE_I_AM messages.
1642 Changes to Squid-2.3.STABLE3 (May 15, 2000):
1644 - Fixed malloc linking problems on Solaris. The configure
1645 script incorrectly set options for dlmalloc.
1646 - Added a configure check to remove compiler optimization
1648 - Updated MSNT authenticator module.
1649 - Updated Estonian error pages.
1650 - Updated Japanese error pages.
1651 - Fixed expires bug in httpReplyHdrCacheInit. It was
1652 incorrectly setting expires based on max-age. It was using
1653 the current time as a basis, instead of the response date.
1654 - Fixed "USE_DNSSERVER" typos.
1655 - Added a workaround for getpwnam() problems on Solaris.
1656 getpwnam() could fail if there are fewer than 256 FDs
1657 available. This causes root to own some disk files.
1658 - Added an 'offline_toggle' option via the cache manager.
1659 - Added a 'minimum_object_size' option. Files smaller than
1660 this size are not stored.
1661 - Added 'passive_ftp' option to disable passive FTP transfers.
1662 - Added 'wccp_version' option because some Cisco IOS versions
1663 require WCCP version 3.
1664 - The 'client' program in ping mode (-g) now prints transfer
1666 - Fixed logging of proxy auth username for redirected
1668 - Fixed bogus Age values for IMS requests.
1669 - Fixed persistent connection timeout for client-side
1670 connections. It was hard-coded to 15 seconds, now uses
1671 the 'pconn_timeout' value.
1672 - Fixed up httpAcceptDefer. It wasn't being used properly
1673 and caused high CPU usage when Squid gets close to the FD
1675 - Numerous delay_pools fixes and checks.
1676 - Fixed SNMP coredumps from running snmpwalk.
1677 - Added a check for errno == EPIPE in icmp.c when pinger uses
1678 a Unix socket instead of a UDP socket.
1679 - Fixed ACL checklist memory initialization bugs.
1680 - Cleaned up the MIB file. Replaced contact information and
1681 checked description fields.
1682 - Removed LRU reference_age hard-coded upper limit.
1683 - Fixed async I/O FD leak.
1684 - Made getMyHostname() more robust.
1685 - Fixed domain list matching bug. "x-foo.com" wasn't properly
1686 compared to ".foo.com" and confused splay tree ordering.
1687 - Added a check for whitespace in hostnames and optionally
1688 strip whitespace if 'uri_whitespace' setting allows.
1689 - Added status code and checking to ASN/whois queries.
1691 Changes to Squid-2.3.STABLE2 (Mar 2, 2000):
1693 - Changed Copyright text.
1694 - Changed configure so that some IRIX-6.4 hacks apply to
1695 all IRIX-6.* versions.
1696 - Cleaned up HTML bugs in error pages.
1697 - Told configure to check for netinet/if_ether.h, which
1698 is used in ARP ACL code, but might not be required.
1699 - Added "Cookie" to known HTTP headers so it can be
1700 used in anonymizer configuration.
1701 - Added optional TCP_REDIRECT log code for logging
1702 of 301/302 responses returned by Squid.
1703 - Added a check for a currently running Squid process.
1704 If the pid file exists, and the pid is running,
1705 Squid complains and refuses to start another instance.
1706 - Changed async I/O scope to PTHREAD_SCOPE_PROCESS for
1708 - Fixed a bug with the PURGE method. The purge enable
1709 flag was not getting cleared during reconfigure.
1710 Also required PURGE method to be used in http_access
1711 list before enabling.
1712 - Fixed async I/O assertions for file open errors.
1713 - Fixed internal DNS assertion when unpacking truncated
1715 - Fixed anonymize_headers bug that caused all headers
1716 to be allowed after a reconfigure.
1717 - Fixed an access denied bug for accelerator-only installations.
1718 - Fixed internal DNS initialization so that it uses
1719 'dns_nameservers' settings in squid.conf if set.
1720 - Fixed 'maxconn' ACL bug that caused it to work backwards
1722 - Fixed syslog bug for daemon mode on Linux.
1723 - Fixed 'http_port' parsing bugs.
1724 - Fixed internal DNS byte ordering bugs for PTR queries.
1725 - Fixed internal DNS queue getting stuck during periods
1726 of low activity (Henrik).
1727 - Fixed byte ordering bugs for parsing EPLF FTP listings
1729 - Fixed 'request_body_max_size' bug that caused all
1730 POST, PUT requests to be denied if max size is set
1732 - Fixed 'redirector_access' bug when using 'myport' ACLs.
1733 - Fixed CARP neighbor selection bugs for down peers.
1734 - Added 'client_persistent_connections' and
1735 'server_persistent_connections' flags to disable persistent
1736 connections for clients and servers.
1737 - Fixed access logging bug that caused many requests to be
1739 - Added some bounds checking to delay pools code.
1741 Changes to Squid-2.3.STABLE1 (Jan 9, 2000):
1743 - Updated PAM authentication module from Henrik Nordstrom.
1744 - Updated Bulgarian error messages from Svetlin Simeonov.
1745 - Changed ACL routines so that User-Agent (browser) string
1746 is always taken from compiled HTTP request headers
1747 instead of passed as an argument to aclCreateChecklist.
1748 - Added a 'strip' option to the 'uri_whitesace' configuration
1749 directive and made it the default behavior. Whitespace
1750 found in URI's is now stripped out by default.
1751 - Added chroot feature. The 'chroot_dir' config option enables
1752 it and specifies the directory.
1753 - Changed clientBuildReplyHeader so that the Age header is
1754 added only for cache hits, and only when we can calculate
1755 a valid, positive age value.
1756 - Changed clientWriteComplete and clientGotNotEnough so
1757 that they keep persistent connections open for more types
1758 of replies that don't have bodies.
1759 - Changed filemap.c routines to dynamically grow filemap
1761 - Added a hack to ftp.c to deal with ftp.netscape.com, which
1762 sometimes doesn't acknowledge PASV commands.
1763 - Fixed FTP bug with ftpScheduleReadControlReply; there
1764 was not always a timeout handler on the control socket
1765 after the transfer completed.
1766 - Fixed FTP filedescriptor leak from invalid PASV replies.
1767 - Changed httpBuildRequestHeader so that it doesn't
1768 copy the Host header from the client request. Instead
1769 we should generate our own Host header which is known
1771 - Changed storeTimestampsSet to adjust entry->timestamp
1772 if the response includes an Age header.
1773 - Removed size limit from storeKeyHashBuckets.
1774 - Changed fwdConnectStart from a "heavy" to a "light" event.
1775 - Fixed an 'anonymize_headers' bug that affects unknown
1776 HTTP headers. With the bug, if you list a header that
1777 Squid doesn't know about (such as "Charset"), it would
1778 add HDR_OTHER to the allow/deny mask. This caused all
1779 unknown headers to be allowed or denied (depending on
1780 the scheme you use). Now, with the bug fixed, an unknown
1781 header in the 'anonymize_headers' list is simply ignored.
1783 Changes to Squid-2.3.DEVEL3 ():
1785 - Added MSNT auth module from Antonino Iannella.
1786 - Added --enable-underscores configure option. This allows
1787 Squid to accept hostnames with underscores in them. Your
1788 DNS resolver may still complain about them, however.
1789 - Added --heap-replacement configure option. This enables
1790 the alternative cache replacement policies, such as
1792 - WCCP establishes and registers with the router faster.
1793 - Added 'maxconn' acl type to limit the number of established
1794 connections from a single client IP address. Submitted
1796 - Close FTP data socket as soon as transfer completes
1797 (Alexander V. Lukyanov).
1798 - Fixed ftpReadPass() to not clobber ctrl.message when
1799 the PASS command fails.
1800 - Added a redirect.c patch so squidGuard is able to do
1801 per-user access control (Antony T Curtis).
1802 - discard the pumpMethod() function, and instead use the
1803 fact that the request has a request entity (content-length
1805 - Reload the MIME icons at reconfigure time (Radu Greab).
1806 - Updated Richard Huveneers' SMB authentication module to
1807 his version 0.05 package.
1808 - Fixed lib/heap.c::heap_delete() bug when deleting the
1810 - Fixed an integer conversion bug in
1811 lib/rfc1035.c::rfc1035AnswersUnpack().
1812 - Fixed lib/rfc1738 routines to encode reserved characters,
1813 in addition to encoding the unsafe characters (Henrik).
1814 - Changed the interface for splay compare and "walk"
1815 functions to take a void pointer, instead of a splayNode
1817 - Changed numerous HTTP parsing routines to use ssize_t
1818 instead of size_t. This was done because size_t may be
1819 signed or unsigned. When it is unsigned, gcc emits
1820 numerous "comparison is always true" warnings. At least
1821 we know ssize_t is always signed.
1822 - Fixed src/HttpHeaderTools::httpHeaderHasConnDir() and
1823 friends so that it properly handles multi-value lists.
1824 - Added an "end" (ssize_t) parameter to
1825 src/HttpReply::httpReplyParse() so that we know exactly
1826 where to terminate the header buffer.
1827 - Changed src/access_log.c::log_quote() so that it only
1828 encodes whitespace characters, and not all URL-special
1829 characters (Henrik).
1830 - Added local port ACL type ("myport") (Henrik).
1831 - Added maximum number of connections per client ("maxconn")
1833 - Fixed proxy authentication username/password parsing to
1834 be more robust (Henrik).
1835 - Fixed ACL domain/host and domain/domain comparison
1836 functions yet again. Eliminated duplicate code so that
1837 only src/url.c::matchDomainName() contains this mysterious
1839 - Changed the 'http_port' option to accept an IP address
1840 or hostname as well (Henrik).
1841 - Removed 'tcp_incoming_addr' option.
1842 - Added an access control list for the redirector
1843 ('redirector_access'). Requests which match are sent to
1844 the redirector. All requests. are redirected by default.
1845 - Added the 'authenticate_ip_ttl' option. It specifies
1846 how long a valid proxy authentication credential is
1847 bound to a specific address.
1848 - Added 280, 488, 591, and 777 to "Safe_ports" ACL.
1849 - Removed the unused and highly questionable 'forward_snmpd_port'
1851 - Added an option to accept DNS messages from unknown nameservers.
1852 This may be necessary if replies come from a different address
1853 than queries are sent to.
1854 - Added #includes for IP Filter files in netinet directory.
1855 - Fixed a bug with retrying forwarded IMS requests (Henrik).
1856 - Fixed a bug in src/client_side.c::clientInterpretRequestHeaders()
1857 where we were checking a cache-control bit before getting the
1858 mask from the HTTP headers (pallo@initio.no).
1859 - Fixed a bug with "no_cache" access list. If not defined,
1860 everything was uncachable by default.
1861 - Fixed a bug with timed-out client-side HTTP connections.
1862 We didn't cancel the read handler, which could lead to
1863 "rwstate != NULL" warnings.
1864 - Changed comm_open() to only call fdAdjustReserved() for
1865 specific errors (ENFILE, EMFILE);
1866 - Fixed NULL pointer bug in idnsParseResolvConf().
1867 - Split CACHE_DIGEST_HIT into CD_PARENT_HIT and CD_SIBLING_HIT.
1868 - Added DELETE request method.
1869 - Added RFC 2518 HTTP status codes.
1870 - Fixed handling of URL passwords when we need to rewrite a
1871 BASE HREF URL (Henrik).
1872 - Fixed a bug with FTP requests where a request gets aborted,
1873 but we try to complete it anyway. It would result in a
1874 "store_status != STORE_PENDING" assertion. The solution
1875 is to check for ENTRY_ABORTED before reading from
1876 the control channel too.
1877 - Changed FTP to retry a request if Squid fails to establish
1878 a PASV data connection (Henrik).
1879 - Fixed numerous HTCP memory leaks and an uninitialized memory
1881 - Changed httpMaybeRemovePublic() with RFC 2518 and 2616 in
1883 - Minor fixes for Rhapsody systems.
1884 - Define _XOPEN_SOURCE_EXTENDED in squid.h so that AIX systems
1885 don't include varargs.h.
1886 - Changed src/store_client.c::storeClientType() so that
1887 an entry can have more than one STORE_MEM_CLIENT.
1888 - Changed src/store_client.c::storeClientReadHeader()
1889 to check swapfile metadata (Henrik).
1890 - Changed src/url.c::urlCheckRequest() to return FALSE for
1891 any "https://" URL. These should always be CONNECT
1892 instead. If Squid gets an "https://" URL, it is a browser
1894 - Added numerous squid.conf options for controlling cache
1895 digests. Previously these were hard-coded in
1896 src/store_digest.c. (Martin Hamilton)
1897 - Added 'cache_peer' option called 'digest-url' that
1898 lets you specify the URL for a peer's digest.
1900 - Added DELAY_POOLS hacks to scan "slow" connections in
1901 a random order (David Luyer).
1902 - ARP_ACL fixes from Damien Miller. Linux 2.2.x uses a
1903 per-interface arp/neighbour cache, whereas 2.0.x uses a
1904 unified cache. Under 2.2.x you are required to specify
1905 a interface name when looking up ARP table entries with
1907 - If the process umask is not set (i.e. 0), then Squid
1910 Changes to Squid-2.3.DEVEL2 ():
1912 - Added --enable-truncate configure option.
1913 - Updated Czech error messages ()
1914 - Updated French error messages ()
1915 - Updated Spanish error messages ()
1916 - Added xrename() function for better debugging.
1917 - Disallow empty ("") password in aclDecodeProxyAuth()
1919 - Fixed ACL SPLAY subdomain detection (again).
1920 - Increased default 'request_body_max_size' from 100KB
1921 to 1MB in cf.data.pre.
1922 - Added 'content_length' member to request_t structure
1923 so we don't have to use httpHdrGetInt() so often.
1924 - Fixed repeatedly calling memDataInit() for every reconfigure.
1925 - Cleaned up the case when fwdDispatch() cannot forward a
1926 request. Error messages used to report "[no URL]".
1927 - Added a check to return specific error messages for a
1928 "store_digest" request when the digest entry doesn't exist
1929 and we reach internalStart().
1930 - Changed the interface of storeSwapInStart() to avoid a bug
1931 where we closed "sc->swapin_sio" but couldn't set the
1933 - Changed storeDirClean() so that the rate it gets called
1934 depends on the number of objects deleted.
1936 - Added 'hostname_aliases' option to detect internal requests
1937 (cache digests) when a cache has more than one hostname
1939 - Async I/O NUMTHREADS now configurable with --enable-async-io=N
1941 - Added queue length to async I/O cachemgr stats (Henrik Nordstrom).
1942 - Added OPTIONS request method.
1944 Changes to Squid-2.3.DEVEL1 ():
1946 - Added WCCP support. This adds the 'wccp_router' squid.conf
1948 - Added internal DNS queries; Most installations can run
1949 without the external dnsserver processes.
1950 - Rewrote much of the code that stores cache objects on
1951 disk. Developed a programming interface that should
1952 allow new storage systems to be added easily. This still
1953 is pretty ugly and needs a lot of work, however.
1954 - Replaced async_io.c "tags" with callback data locks.
1955 This probably breaks async IO in a bad way.
1956 - Tried to write an Async IO disk storage module.
1957 - Added code to replace the StoreEntry linked list with a
1958 heap structure. This allows for different replacement
1959 algorithms, instead of being stuck with LRU. This adds
1960 the 'replacement_policy' squid.conf option. (John Dilley
1962 - Fixed HTCP queries by actually checking for freshness
1963 based on the HTCP header fields.
1964 - Fixed passing of redirector command line arguments.
1965 - Added 'request_header_max_size' squid.conf option.
1966 - Added 'request_body_max_size' squid.conf option.
1967 - Added 'reply_body_max_size' squid.conf option.
1968 - Added 'peer_connect_timeout' squid.conf option.
1969 - Added 'redirector_bypass' squid.conf option.
1970 - Added RFC 2518 (WEBDAV) request methods.
1972 Changes to Squid-2.2 (April 19, 1999):
1974 - Removed all SNMP specific ACL code
1975 SNMP now uses generic squid ACL's
1976 - Removed view-based access crontrol
1977 - Cleaned up and simplified SNMP section of squid.conf
1978 - Changed the SNMP code to use a tree stucture.
1979 - Added objects to MIB:
1983 - Changed SNMP Agent to return object instances correctly.
1984 - Added our own assert() macro so we can use debug() instead of
1986 - Added eventFreeMemory().
1987 - Fixed ipcCreate() bug when debug_log has FD <= 2.
1988 - Changed watchChild() and related code in main.c so that
1989 Squid can behave more like a proper daemon process.
1990 - Added 'prefer_direct' option (enabled by default) so that
1991 people can give parents higher preference than direct.
1992 - Fixed ipc.c close() bug for async IO. On FreeBSD,
1993 comm_close() doesn't work for child processes when async IO is
1995 - Fixed setting the public key for large ``icons'' (Henrik
1997 - Rewrote peer digest module to fix memory leaks on reconfigure
1998 and clean the code. Increased "current" digest version to 5
1999 ("required" version is still 3). Revised "Peer Select" cache
2001 - Added "-k parse" command line option: parses the config file
2002 but does not send a signal unlike other -k options.
2003 - Revamped storeAbort() calling. Only store_client.c has all
2004 the right information to determine if the request should
2005 be aborted. Now client and server modules just storeUnregister
2006 without ever needing to call storeAbort.
2007 - Small change of Squid output for FTP (Andrew Filonov,
2009 - clientGetsOldEntry() sends old entry if new request status
2010 is in the 500-range (Henrik Nordstrom).
2011 - Changed configure so it works with IRIX6.4 C compiler (broken?)
2012 option -OPT:fast_io=ON.
2013 - Fixed comm_connect_addr() non-blocking connections for
2014 SONY NEWSOS (Makoto MATSUSHITA).
2015 - Changed "#ifdef __STDC__" to "#if STDC_HEADERS" as recommended
2016 by autoconf documentation.
2017 - Fixed client-side cache-control max-age (Henrik Nordstrom).
2018 - Added a new error page: ERR_SHUTTING_DOWN. fwdStart() returns
2019 this error if it is called while squid is in the process of
2021 - Added support for linuxthreads package under FreeBSD (Tony Finch).
2022 - Fixed HP-UX StatHist.c assertions by making the "hbase_f"
2023 functions non-static (Michael Pelletier).
2024 - Fixed logging of authenticated usernames even if the
2025 authorization is not cached (Dancer).
2026 - Fixed pconnPush() bug that prevented holding on to
2027 persistent connections (Manfred Bathelt).
2028 - Pid file now rewritten on SIGHUP.
2029 - Numerous Ident changes:
2030 - Ident lookups will now be done on demand if you use the
2032 - The 'ident_lookup on|off' option has been replaced with
2033 an access list, so you can do lookups only for some
2035 - Added an 'ident_timeout' option to specifiy the amount
2036 of time to wait for an ident lookup.
2037 - Added a (local) hit rate to mempool metering.
2038 - FTP Restarts (REST command) is now supported.
2039 - Check for libintl.a on SCO3.2.
2040 - Disable poll() on SCO3.2.
2041 - Numerous Async IO enhancements from Henrik.
2042 - Removed cache_mem_low and cache_mem_high options (Henrik
2044 - Replaced 'persistent_client_posts' with 'broken_posts' access
2046 - Rewrote the anonymizer.
2047 - Removed the http_anonymizer option.
2048 - Added the anonymize_headers option to allow individual
2049 referencing of headers for addition or removal. See
2050 'anonymize_headers' in squid.conf for additional
2052 - Fixed config file parser's handing of optional directives.
2053 Some people might get new warnings about unknown config
2055 - Added 'myip' ACL type. This is the local IP address for
2056 connected sockets (Luyer).
2057 - Fixed parsing of FTP DOS directory listings with spaces
2059 - Numerous DELAY_POOL changes/fixes from David Luyer:
2060 - Makes no-delay neighbors for DELAY_POOLS work by
2061 using a fd_set with the connections to no-delay
2063 - Makes IP addresses ending in 0 and 255, and
2064 network number 255, work with individual and
2065 network delay pools (they were previously not
2066 permitted, and documented as such).
2067 - Massive overhaul of delay pools code - dynamically
2068 allocated delay pools, as many as required.
2069 - delayPoolsUpdate stops running if DELAY_POOLS is
2070 configured but no delay pools are configured.
2071 - Initial delay pool levels are now configurable
2072 as a percentage of the maximum for the pool in
2073 question (used to be all set to 1 second worth
2074 of traffic). Pools are restored to this level
2076 - Changed storeClientCopy to give a swap-in failure if
2077 the number of open disk FD's is above the 'max_open_disk_fds'
2078 limit. Otherwise, a very loaded cache will end up with
2079 all disk files open for reading, and none for writing.
2080 - Added lib/inet_ntoa.c from BSD Unix for systems that have
2081 broken inet_ntoa(). (Erik Hofman).
2082 - Added more specific FTP error messages for "permission
2083 denied, "file not found," and "service unavailable."
2085 - Added xisspace(), xisdigit(), etc, macros to cast function
2086 args and eliminate compiler warnings.
2087 - Fixed case-sensitive comparisons of domain names (Henrik
2089 - Added proxy-authentication to cachemgr.cgi's requests
2091 - Changed Squid to *truncate* rather than *unlink* purged
2092 swap files. Can be reversed by undefining
2093 USE_TRUNCATE_NOT_UNLINK in src/defines.h.
2094 - Changed internal icon headers to use Cache-control
2095 Max-age instead of Expires.
2096 - Changed storeMaintainSwapSpace behavior to be adjusted
2097 smoothly, instead of discretely, between store_swap_low
2098 and store_swap_high. This includes the number of
2099 objects to scan, number to remove, and time until the
2100 next storeMaintainSwapSpace event.
2101 - Fixed a quick_abort bug that incorrectly calculated
2103 - Added getpwnam() auth module from Erik Hofman.
2104 - Added 'coredump_dir' option.
2105 - Fixed a peerDestroy() assertion that required peer->digest
2106 to be NULL at the end of peerDestroy().
2107 - configure script now automatically enables dlmalloc for
2109 - configure enables poll() on linux 2.2 and later (Henrik).
2110 - Icon files are now distributed in binary format, install
2111 will not need to run 'sh' and 'uudecode'.
2112 - Fixed some bugs with large responses (>READ_AHEAD_GAP) and
2113 re-forwarding requests and ENTRY_FWD_HDR_WAIT.
2114 fwdCheckDeferRead() will NOT defer reading if the
2115 ENTRY_FWD_HDR_WAIT bit is set.
2116 - Fixed a "F->flags.open" assertion for aborted FTP PUT's.
2117 - Fixed a (double) cast problem that caused statAvgTick()
2118 events to be added as fast as possible.
2119 - Changed httpPacked304Reply() to not include the Content-Length
2120 header for 304 replies that Squid generates. We used to
2121 include the length of the cached object, and this broke
2122 persistent connections.
2126 - Fixed configure bug for statvfs() checks. Configure reports
2127 "test: =: unary operator expected" or similar because an
2128 unquoted variable is not defined.
2129 - Fixed aclDestroyAcls() assertion because some ACL types
2130 are not listed in the switch statement. Occurs for
2131 srcdom_regex and dstdom_regex ACL types during reconfigure.
2132 - Typo "applicatoin" in src/mime.conf
2133 - The unlinkd daemon never saw the USE_TRUNCATE_NOT_UNLINK
2134 #define because it didn't include squid.h.
2135 - Fixed commRetryFD() when bind() fails. commRetryFD was
2136 closing the filedescriptor, but it is the upper layer's
2138 - Changed configure's "maximum number of filedescriptors"
2139 detection to only use getrlimit() for Linux. On AIX,
2140 getrlimit returns RLIM_INFINITY.
2141 - Fixed snmpInit() nesting bug.
2142 - Fixed a bug with peerGetSomeParent(). It was adding
2143 a parent to the FwdServers list, regardless of the
2144 ps->direct value. This could cause every request to
2145 go to a parent even when always_direct is used.
2146 - Changed fwdServerClosed() to rotate the "forward servers"
2147 list when a connection establishment fails. Otherwise
2148 it always kept trying to connect to the first server
2153 - Fixed preprocessor problems for HP-UX in lib/safe_inet_addr.c.
2154 - Avoid coredump in aclMatchAcl() if someone tries to use
2155 proxy authentication with a non-HTTP request (e.g. icp_access).
2156 - Moved 'ident_lookup_access' in squid.conf so it appears
2157 after the ACL section.
2158 - Fixed typo in squid.conf on "Config.Addrs.snmp_outgoing"
2159 - Fixed a case in clientCacheHit() where we thought it
2160 was a hit, but the reply status was not 200, so we
2161 had to perform a cache miss. We forgot to change the
2162 log_type and these were being recorded as TCP_HIT's.
2163 - Fixed a void pointer subtraction bug in delayIdPtrHashCmp().
2164 - Fixed delay_pools coredump and memory leak bugs from
2165 NULL delay_id values.
2166 - Fixed a SEGV bug with delay_pools when requesting
2167 'objects' or 'vm_objects' from the cachemgr.
2168 - Added a workaround for buggy FTP servers that return
2169 a size of zero for non-zero-sized objects.
2170 - Removed umask(0) call from main().
2171 - Fixed a peer selection bug that caused us to never select
2172 a neighbor based on ICP replies if the ICP timeout occurs.
2173 In conjunction with this, removed the PING_TIMEOUT state.
2174 - Fixed a store_rebuild bug that caused us to get stuck trying
2175 if a cache_dir subdirectory didn't exist.
2176 - Fixed a buffer overrun bug in gb_to_str().
2180 - Fixed a dread_ctrl leak caused in store_client.c
2181 - Fixed a memory leak in eventRun().
2182 - Fixed a memory leak of ErrorState structures due to
2184 - Fixed detection of subdomain collisions for SPLAY trees.
2185 - Fixed logging of hierarchy codes for SSL requests (Henrik
2187 - Added some descriptions to mib.txt.
2188 - Fixed a bug with non-hierarchical requests (e.g. POST)
2189 and cache digests. We used to look up non-hierarchical
2190 requests in peer digests. A false hit may cause Squid
2191 to forward a request to a sibling. In combination with
2192 'Cache-control: only-if-cached, this generates 504 Gateway
2193 Timeout responses and the request may not be re-forwardable.
2194 - Fixed a filedescriptor leak for some aborted requests.
2197 Changes to Squid-2.1 (November 16, 1998):
2199 - Changed delayPoolsUpdate() to be called as an event.
2200 - Replaced comm_select FD scanning loops with global fd_set
2201 structures. Inspired by Jeff Mogul's patch for squid 1.1.
2202 - Moved functions common to dns.c, redirect.c, authenticate.c,
2203 ipcache.c, and fqdncache.c into helper.c.
2204 - Changed storeClientCopy2() so that it keeps sending the remainder
2205 of a STORE_ABORTED request, instead of cutting off the client as
2206 soon as the object becomes aborted.
2207 - Fixed combined ipf-transparent proxy and a local http-accelerator
2208 operation (Quinton Dolan).
2209 - Rewrote base64_decode.c because of potential buffer overrun
2211 - Configurable handling of whitespace in request URI's.
2212 See 'uri_whitespace' in squid.conf.
2213 - Added ability to generate HTTP redirect messages from
2214 the redirector output by prepending "301:" or "302:" to the
2215 new url. See FAQ 4.16 for more details.
2216 - Eliminated refreshWhen() which was out-of-sync with refreshCheck()
2217 potentially causing under-utilized cache digests
2218 - Maintain refreshCheck statistics on per-protocol basis so we
2219 can tell why ICP or Digests return too many misses, etc.
2220 - Fixed delay_pools.c class2/class3 typo (Simon Woods).
2221 - Changed squid.conf's default access controls to deny all
2222 HTTP requests. Admins must write ACL rules to specifically
2223 allow their local clients.
2224 - Patched French error messages (Mathias HERBERTS).
2225 - NextStep porting fixes by Mike Laster:
2226 - use xstrdup() in cf_gen.c
2227 - check for putenv() in configure
2228 - #define S_ISDIR macro
2229 - Added --disable-poll configure option (Henrik Nordstrom).
2230 - Fixed internal URL hostname case bugs (Henrik Nordstrom).
2231 - Patched ftp.c so we never cache autenticated FTP requests
2233 - Fixed FTP authentication. We tried to unescape authentication
2234 given by basic authentication which is not URL escaped
2236 - Fixed HTTP version for common logfile format (Henrik Nordstrom).
2237 - Added 'redirect_rewrites_host_header' option to disable rewriting
2238 of Host header for redirector responses (Henrik Nordstrom).
2239 - Allow semi-customized error message signatures (Henrik Nordstrom).
2240 - Fixed bug with errors for unsupported requests (Henrik Nordstrom).
2241 - Fixed handling of blank lines in ACL input files (Henrik
2243 - Changed proxy_auth ACL type to consist of a list of valid
2244 users. REQUIRED == any (same as ident ACL). ACL type user
2245 changed to ident since this is what it really is.
2247 - Fixed long URL bugs; make sure 'log_uri' never exceeds
2249 - Allow comments in external ACL files (Gerhard Wiesinger).
2250 - Added 'range_offset_limit' configuration option. Requests
2251 with ranges that start after this value will be passed
2252 on unmodified, and Squid will not cache the response
2254 - Added Client HTTP Hit byte counters to 'counters' output
2256 - Got Squid to compile with --enable-async-io on FreeBSD.
2257 - Fixed infinite loop bug for cachemgr 'config' option.
2258 - Fixed cachability bugs for replies with Pragma: no-cache.
2259 - Made content-type multipart/x-mixed-replace uncachable.
2260 - Y2K fix for parsing dates in "Wed Jun 9 01:29:59 1993 GMT"
2261 format (Richard Kettlewell).
2262 - Fixed passing -s option to dnsserver processes (Alvaro Jose
2264 - Changed proxy_auth to work on internal objects and when in
2265 accelerator mode. (Henrik Nordstrom)
2266 - Added login=user:password option to cache_peer directive to
2267 be used from a dial-up cache where the parent requires proxy
2268 authentication. (Henrik Nordstrom)
2269 - If you want to "auto-login", then use a URL on the form
2270 http://username:password@server/.... Squid now picks this up
2271 when going direct, and turns it into basic WWW
2272 authentication. It is also possible to do automatic login to
2273 certain servers by using a redirector to add the needed
2274 authentication information. (Henrik Nordstrom)
2275 - Changed refreshCheck() so that objects with negative age
2277 - Fixed "plain" FTP listings (Henrik Nordstrom).
2278 - Fixed showing banner/logon message for top-level FTP
2279 directories (Henrik Nordstrom).
2280 * Changes below have been made to SQUID_2_1_PATCH1
2281 - Fixed pinger packet size assertion.
2282 - Fixed WAIS forwarding.
2283 - Fixed dnsserver coredump bug caused by using both -D and
2285 * Changes below have been made to SQUID_2_1_PATCH2
2286 - Fixed EBIT macro bugs when the bitmask is a 64-bit long.
2287 - Fixed proxy auth NULL password bug.
2288 - Fixed queueing of multiple peerRefreshDNS events.
2289 - Added a stack of StoreEntry objects to be released after
2290 store rebuild completes.
2291 - Fixed NULL pointer bugs with too-large requests (found by
2293 - Fixed reading replies from buggy ident servers. Replies
2294 might not have terminating CR or LF (Henrik Nordstrom).
2295 - Changed internal StoreEntry key so that the request method
2296 is encoded as a single octet. Encoding an enumerated type
2297 has size and byte-order incompatibilities, especially for
2299 - Fixed storeEntryLocked so that SPECIAL, but PRIVATE entries
2300 are not always locked. This fixes having multiple
2301 store_digest's stuck in memory.
2302 - Fixed clientProcessOnlyIfCachedMiss so it unlocks and
2303 unregisters from "cache hit" entries.
2304 * Changes below have been made to SQUID_2_1_PATCH3
2305 - Fixed memory leak in clientHandleIMSReply for
2306 storeClientCopy failures.
2308 Changes to Squid-2.0 (October 2, 1998):
2310 - Added NAT/Transparent hijacking code from Quinton Dolan.
2311 - Added actual filesystem usage to cachemgr 'storedir' page.
2312 Only works for operating systems which support statvfs().
2313 - Fixed HTCP compile-time bugs.
2314 - Fixed quick_abort bugs. Configured values are stored as
2316 - Removed fwdAbortFetch(). It breaks quick_abort and seems
2318 - Changed storeDirSelectSwapDir() to skip swap directories
2319 when their utilization is over the high water mark ratio.
2320 - Fixed off-by-one bug for dead neighbor detection (Joe Ramey).
2321 - fixed bugs in Content-Range header generation
2322 - changed the way Range requests are handled:
2323 - do not "advertise" our ability to process ranges at
2325 - on hits, handle simple ranges and forward complex
2327 - on misses, fetch the whole document for simple ranges
2328 and forward range request for complex ranges
2329 The change is supposed to decrease the number of cases when
2330 clients such as Adobe acrobat reader get confused when we
2331 send a "200" response instead of "206" (because we cannot
2332 handle complex ranges, even for hits) Note: Support for
2333 complex ranges requires storage of partial objects.
2334 - Removed SNMP mib-2.system group from squid.
2335 - Removed SNMP ability to iterate through ipcache and friends.
2336 - Added SNMP ipcache/fqdncache basic statistics.
2337 - Converted SQUID-MIB to SMIv2 (RFC 1902).
2338 - Moved SQUID-MIB to enterprises section of the tree in preparation
2339 of the split into PROXY-MIB & SQUID-MIB.
2340 - Corrected minor errors in SQUID-MIB.
2341 - Moved uptime into cacheSystem from cacheConfig.
2342 - Corrected a number of get-next-request bugs, snmpwalk should now
2343 return all objects and not skip some.
2344 - Fixed netdbClosestParent() so it won't return sibling
2346 - Fixed a bug with secondary clients on entries with
2347 ENTRY_BAD_LENGTH set. We should release the
2348 bad entry to prevent secondary clients jumping on.
2349 - Changed MIB to prevent parse warnings at startup.
2350 * Changes below have been made to SQUID_2_0_PATCH1
2351 - Fixed a forwarding loop bug. Even though we were detecting
2352 a loop, it was not being broken.
2353 - Try to prevent sibling forwarding loops by NOT forwarding a
2354 request to a sibling if we have a stale copy of the object.
2355 Validation requests should only be sent to parents (or
2357 - Fixed ncsa_auth hash bugs when re-reading password file.
2358 - Changed clientHierarchical() so that by default SSL/CONNECT
2359 requests do NOT go to neighbor caches.
2360 - Changed clientHandleIMSReply() to not call storeAbort()
2361 because there can be more than one client hanging on the
2362 StoreEntry. This hopefully fixes "store_status !=
2363 STORE_ABORTED" assertions.
2364 - Added temporary fix to httpMakePublic() to prevent assertions
2365 (!EBIT_TEST(e->flags, RELEASE_REQUEST)) in storeSetPublicKey().
2366 * Changes below have been made to SQUID_2_0_PATCH2
2367 - PATCH1 introduced a seriously stupid bug which prevented ICP
2368 queries for all requests. Fixed by checking
2369 request->hierarchical in peerSelectFoo().
2371 Changes to squid-1.2.beta25 (September 21, 1998):
2373 - Fixed async IO bugs from adding filedescriptor arg to AIOCB
2374 callbacks (Henrik Nordstrom).
2375 - Fixed store_swapout.c assertion. We were freeing object data
2376 past the swapout_done offset. This probably happens (only?)
2377 when an object changes from cachable to uncachable while
2378 it is being swapped out.
2379 - Added MEM_CLIENT_SOCK_BUF type so we can change the size
2380 of the buffers used for writing data to the client sockets.
2381 - Added configure check for libbind.a. If found, it will be
2382 used instead of libresolv.a.
2383 - Changed fwdStart() to always allow internally generated
2384 requests, such as for peer digests. These requests are
2385 known to fwdStart() because the address arg is set to
2387 - Completed initial HTCP implementation. It works, but is not
2389 - Added counters for I/O syscalls.
2390 - Fixed httpMaybeRemovePublic. With broken ICP neighbors
2391 (netapp) Squid doesn't use private keys. This caused us
2392 to remove almost every object from the cache.
2393 - Added 'asndb' cachemgr stats to show AS Number tree.
2394 - Fixed AS Number byte-order bug for netmasks.
2395 - Fixed comm_incoming calling rate for high loads (Stewart
2397 - Give always_direct higher precedence than never_direct
2399 - Changed PORT ACL type to accept ranges. Now you can easily
2400 deny, for example, all priveleged ports except 80, 70, 21,
2402 - ARP ACL fixes for Linux (David Luyer).
2403 - Replaced various "EBIT" flags bitfileds with structures of
2405 - Changed storeKeyPrivate and storeKeyPublic to be a bit more
2406 efficient by removing snprintf(). This causes an
2407 incompatibility with old cache keys, however. To transition,
2408 we will look up both the new and old style keys for about the
2409 next 30 days. After that, if you haven't run this (or a
2410 future) version, your cache contents will be lost.
2411 - Made the client-side write buffer size configurable with
2412 a #define in defines.h. By default it is still 4096 bytes.
2413 - Removed redirectUnregister(). It should be unnecessary
2414 because of cbdata locks.
2415 - Fixed multiple HEAD request brokennesses (Henrik Nordstrom).
2416 - Changed non-blocking connect(2) code to call getsockopt()
2417 instead of connect() again. This is the approach recommended
2418 by Stevens, and fixes bugs on BSD-ish systems when subsequent
2419 connect() calls loop with EAGAIN status.
2420 - Added MD5 cache keys to memory pool accounting.
2421 - Added code to track number of open DISK descriptors and stop
2422 swapping out objects if the number of disk descriptors becomes
2423 too large. For now the limit must be manually configured with
2424 the 'max_open_disk_fds'. By default, there is no limit.
2425 - Stopped encoding a request method in the high byte of the ICP
2426 reqnum field. Instead queried cache keys are copied to a
2427 static array, indexed by the reqnum, modulo the array size.
2428 Now we just use the request number to lookup a cache key,
2429 instead of rebuilding it from the ICP reply URL and method,
2430 unless we have netapp neighbors--they don't do reqnum
2432 - Fixed reconfigure memory access bugs in redirect.c.
2433 - Ignore unreasonably large ICP RTT values which cause overflow
2434 bugs in calculating the average RTT (thanks Niall!)
2436 Changes to squid-1.2.beta24 (August 21, 1998):
2438 - Added Bulgarian error pages by Evgeny Gechev.
2439 - Changed StoreEntry->lock_count to a u_short.
2440 - Replaced urlcmp with strcmp
2441 - Fixed pragma no-cache ejecting ENTRY_SPECIAL objects
2443 - Eliminated unneeded BASE HREF on "root" directories (Henrik
2445 - Fixed peerDigestFetchFinish() assertion caused by forwarding
2446 failures (e.g. miss_access rules).
2447 - Changed signal handlers with ASYNC_IO and Linux so that
2448 -k command line options work (Miquel van Smoorenburg).
2449 - Rewrote shutdown code to use events instead of setting
2451 - Fixed cachemgr 'objects' (statObjects()) by adding a check
2452 for READ_AHEAD_GAP, and calling storeCheckSwapout() in
2453 storeBufferFlush(). Otherwise, the read-past pages would
2455 - Fixed DNSSERVER shutdown bugs. The re-opened dnsserver processes
2456 were being closed by the dnsServerShutdown event.
2457 - Modified storeHashInsert() to insert PRIVATE objects at
2458 the tail of the LRU list, and PUBLIC objects at the head.
2459 Thus, PRIVATE objects get kicked out quicker.
2460 - Added David Luyer's DELAY_POOLS code.
2461 - Fixed a bug due to HEAD replies which lack the end-of-headers
2463 - Made proxy-auth realm string configurable (Bob Franklin)
2464 - Changed default mime time to a viewable one (Henrik Nordstrom).
2465 - configure fixes for Sony's NEWS-OS 6.x (Makoto MATSUSHITA).
2466 - Fixed 'you are running out of filedescriptors' bug which
2467 could cause the HTTP incoming connection handler to not
2469 - Changed syslog logging. Now squid debug levels 0 and 1 go
2470 to syslog. Level 0 gets LOG_WARNING and level 1 gets LOG_NOTICE
2471 (this needs more work!)
2472 - Fixed memory access errors in statAvgTick().
2473 - Fixed duplicate requestUnlink() bug in forward.c
2474 - Fixed possible memory access bugs from not setting e->mem_obj
2475 = NULL in destroy_MemObject().
2476 - Deleted TCP_IMS_MISS tag. Always use TCP_IMS_HIT instead.
2477 - Modified headersEnd and httpMsgIsolateHeaders to account
2478 for funky line terminations such as CRCRNL.
2479 (``but Netscape and IE _tolerate_ this'')
2480 - Fixed carp functions (Eric Stern).
2481 - Replaced internal proxy_auth code with extern authentication
2482 module (Arjan de Vet).
2483 - moved hash.c to libmiscutil.a.
2484 - Fixed handling of ICP queries with whitespace in URLs.
2485 Now we return ICP error and escape the URL before logging.
2486 - Added configure check for socklen_t (David Luyer).
2487 - Removed USE_SPLAY #defines; it is now standard.
2488 - Added FD arg to async IO callbacks (AIOCB) so we can eliminate
2489 temporary disk_ctrl_t structures.
2490 - Changed ENOSPC disk write errors to reduce specific cache_dir
2491 sizes, and not just the size of the cache as a whole.
2492 - Added httpMaybeRemovePublic() to purge public objects for
2493 certain responses even though they are uncachable. This is
2494 needed, for example, when an initially cachable object
2495 later becomes uncachable.
2496 - Added refresh_pattern options to ignore client reloads
2498 - Relocated disk.c code which combines blocks for writing
2501 Changes to squid-1.2.beta23 (June 22, 1998):
2503 - Added Turkish error pages by Tural KAPTAN.
2504 - Added basic support for Range requests. For most cachable
2505 requests, Squid replies with an "Accept-Ranges" header. Upon
2506 receiving a potentially cachable Range request for a not
2507 cached object, Squid requests the whole object from origin
2508 server and then replies with specified range(s) to the
2509 client. Multi-range requests are supported. Adjacent
2510 overlapping ranges are merged. If-Range requests are
2511 supported. Limitations: Multi-range requests with out of
2512 order ranges are not supported.
2513 - Made md5.c use standard memcpy and memset if they are
2515 - Memory pools will now shrink if Squid is run-time
2516 reconfigured with smaller value of memory_pools_limit tag.
2517 - Added counter for number of clients (Tomi Hakala).
2518 - Changed neighbor UP/DOWN algorithm to require 10 failed TCP
2519 connections for UP->DOWN transition.
2520 - Added 'unique_hostname' configuration option when its
2521 necessary to have multiple machines with the same visible
2523 - Fixed pumpReadFromClient() to not read too many bytes on
2524 persistent connections.
2525 - We can now cache HTTP replies with Set-Cookie. These evil
2526 headers are now filtered out for cache hits on the client
2528 - Fixed SNMP bugs caused by using snmpwalk.
2529 - Fixed snmp system Group; all objects are now returned.
2530 - Fixed snmp system Group sysDescr and sysContact.
2531 - Fixed snmp system Group sysObjectID it now returns a OBJECT
2533 - Allocate FwdState from mem pools.
2534 - Minor HTCP progress.
2535 - Moved 'miss_access' ACL check from client_side.c to forward.c
2536 - Fixed logging of usernames for requests which require
2537 proxy-authentication.
2538 - Fixed HTTP request parser to accept lowercase HTTP identifier
2540 - Fixed FTP listings to always include links to the parent
2541 directory (Henrik Nordstrom).
2542 - Fixed FTP to show an "empty" listing instead of showing
2543 a "document contains no data" error (Henrik Nordstrom).
2544 - Fixed refreshCheck() bug. Often it was checking the
2545 refresh patterns against the string "[null_mem_obj]"
2546 because we moved URLs to MemObject.
2547 - Added CARP support by Eric Stern.
2548 - Fixed select-spin bug when an ICP reply actually gets queued
2549 and we failed to execute the write callback.
2550 - Fixed a storeCheckSwapOut bug. We were freeing up to
2551 the queued offset instead of the done offset. This
2552 resulted in a small chunk of object data not being in
2553 memory and not yet written to disk. A client could
2554 recieve a partial object because file_read() unexpectedly
2556 - Fixed proxy-authentication hangs (Henrik Nordstrom).
2557 - Fixed request_t->flags bug causing authenticated, proxied
2558 responses to be cached (Arjan de Vet).
2559 - Fixed MIME types for .tgz extension (Henrik Nordstrom).
2560 - Added view and download options to FTP listings (Henrik
2562 - Modified configure to allow using pre-installed libdlmalloc.a
2564 - Fixed cachemgr 'objects' implementation.
2565 - Changed refreshCheck() algorithm. For cached objects, we
2566 now check, in the following order:
2568 * response Expires (if present)
2569 * refresh_pattern max-age
2570 * response Last-Modified compared to refresh_pattern
2571 LM-factor (only if Last-Modified is present)
2572 * refresh_pattern min-age
2573 - Changed Copyrights.
2575 Changes to squid-1.2.beta22 (June 1, 1998):
2577 - do not cut off "; parameter" from "digitized" Content-Type
2579 - Added X-Request-URI for persistent connection debugging
2581 - Added Polish error pages from Maciej Kozinski.
2582 - Fixed hash_first/hash_next bugs with **Current pointer.
2583 Replaced with *next pointer.
2584 - Fixed PUT/POST bugs in client (Henrik Nordstrom).
2585 - Deny forwarding loops in httpd accel mode (Henrik Nordstrom).
2586 - Fixed eventRun "spin" bug when event delta time == 0.
2587 - Fixed setting Last Modified time on cached entries when
2588 receiving a 304 reply.
2589 - Added while loop in httpAccept().
2590 - Added while loop in icpHandleUdp().
2591 - Fixed some small memory leaks.
2592 - Fixed single-bit-int flag checks (Henrik Nordstrom).
2593 - Replaced "complex" (offset accounting) calls to snprintf with MemBuf
2594 - Do not send only-if-cached cc directive with requests
2596 - Added "automatic tuning" for incoming request rate, i.e.
2597 how often to check HTTP and ICP sockets. See comm.c
2598 comments for details.
2600 Changes to squid-1.2.beta21 (May 22, 1998):
2602 - Added Italian error pages by Alessio Bragadini.
2603 - Added Estonian error pages by Toomas Soome.
2604 - Added Russian (koi-r) error pages by Andrew L. Davydov.
2605 - Added Czech error pages by Jakub Nantl.
2606 - Fixed asnAclInitialize calling to prevent coredump.
2607 - Fixed FTP directory parsing again.
2608 - Made FTP directory listing "Generated" tagline like
2609 the one for error pages.
2610 - Fixed an assertion coredump in statHistCopy from
2611 reconfiguring with different #peers in squid.conf
2612 - Ignore leading whitespace on requests (and replies). RFC
2613 2068 section 4.1, robustness (Henrik Nordstrom)
2614 - Fixed keep_alive bug. We did not always honour reply
2615 headers, but rather assumed connections could be persistent.
2616 - Fixed reading whois output for AS numbers, especially when
2617 they are longer than 4 KB.
2618 - Removed 'cache_stoplist_pattern' configuration option. This
2619 feature is now handled by 'no_cache'.
2620 - If a URN resolves to only one URL, just return it immediately
2621 instead of giving the user a "choice" (Andy Powell).
2622 - Fixed year-2000 bug in lib/iso3307.c (Henrik Nordstrom).
2623 - Changed squid-internal object names.
2624 - Added netdb exchange protocol.
2625 - Fixed wordlistDestroy() uninitialized pointer bug in
2626 ftpParseControlReply.
2627 - Fixed redirector subprocess to show real program name.
2628 - Changed URN menu output to be sorted.
2629 - Added fast select(2) timeouts when using ASYNC_IO.
2630 - Added ARP ACL support for Linux (David Luyer).
2631 - Added binary http headers to requests
2632 - request_t objects are now created and destroyed in a consistent way
2633 - Fixed cache control printf bug
2634 - Added a lot of new http header ids
2635 - Improved Connection: header handling; now both Connection and
2636 Proxy-Connection headers are checked for connection directives
2637 - Connection request header is now handled correctly regardless
2638 of its position and the number of entries
2639 - Only replies with valid Content-Length can be sent with keep-alive
2640 connection directive (Henrik Nordstrom)
2641 - Better handling of persistent connection "clues" in HTTP headers;
2642 the decision now depends on HTTP version (and User-Agent exceptions)
2643 - Removed handling of "length=" directive in IMS headers;
2644 the directive is not in the HTTP/1.1 standard;
2645 standing by for objections
2646 - allowed/denied headers are now checked using bit masks instead of
2648 - removed Uri: from allowed headers; Uri is deprecated in RFC 2068
2649 - removed processing of Request-Range header (not in specs?)
2650 - Fixed byte-order bugs in cacheDigestHashKey.
2651 - Changed hash_remove_link() to return void.
2652 - Changed ipcache_gethostbyname() to return NULL if
2653 i->addrs.count == 0.
2654 - Added millisecond-timing to select/poll loops and event
2656 - Changed 'peerPingTimeout' value to be twice the average
2657 of all the peer ICP RTT's.
2658 - Added 'half_closed_clients' option to force closing of
2659 client connections which might only be half-closed.
2660 - Fixed matchDomainName coredump bug.
2661 - Don't cache HTTP replies with Vary: headers until we
2662 get content negotiation working.
2663 - Fixed SSL proxying to forward full HTTP request headers.
2664 - Changed storeGetMemSpace(). Only purge down to the HIGH
2665 water mark; move locked entries to the head of the inmem
2667 - Changed clientReadRequest() to locally handle any
2668 "squid-internal-static" URL for any host.
2669 - Disable persistent connections for client connections
2670 from broken Netscape User-Agent, version 3.* (Stewart Forster)
2672 Changes to squid-1.2.beta20 (April 24, 1998):
2674 - Improved support for only-if-cached cache control directive.
2675 - Enabled 304 replies for ENTRY_SPECIAL objects (e.g., icons).
2676 - Fixed 'quick_abort' percent calculation bug.
2677 - Fixed quick_abort FPE bug.
2678 - Changed more errno-checking functions to use ignoreErrno().
2679 - Added ERESTART to ignoreErrno() because of report from
2681 - Fixed '#elsif' typo.
2682 - Fixed MemPool assertion by moving memInit() to before
2683 configuration parsing functions.
2684 - Fixed default 'announce_period' value (was 1 day, should
2686 - Added configure warning for low filedescriptors and pointer
2688 - Fixed httpBodySet() bug causing URN related coredumps.
2689 - Changed ipcacheCycleAddr() to always cycle through all all
2690 available addresses, and not just advance when one of
2692 - Fixed squid-internal bug for mixed-case hostnames (Henrik
2694 - Fixed ICP counting probelm. icpUdpSend() arg should be
2695 LOG_ICP_QUERY instead of LOG_TAG_NONE.
2696 - Added some additional fault toleranse on FTP data channels
2698 - Corrected error reporting on FTP "hacks" (Henrik Nordstrom).
2699 - Added lock/unlock for StoreEntry during storeAbort().
2700 - Added filemap bit usage stats to cachemgr 'storedir' and
2702 - Replaced 'cache_stoplist' with 'no_cache' Access list.
2703 - Fixed (hopefully) remaining swapfile-open-at-exit bugs.
2704 - Fixed default hierarchy_stoplist to be ``default if none.''
2705 - Fixed 'fake a recent reply' hack for detecting DEAD
2706 and ALIVE neighbors (Joe Ramey).
2707 - Fixed FTP directory parsing bugs (Joe Ramey).
2708 - Fixed ftpTraverseDirectory coredump for NULL ftpState->filepath
2710 - Fixed daylight savings time bug (again).
2711 - A lot of Cache Digests additions, fixes, and tuning.
2712 Cache Digests are still "very experimental".
2713 - Fixed snprintf() bug. When len == 1, snprintf() would treat
2714 the buffer as unknown size, emulating sprintf() behaviour.
2715 - Made Error page language configurable with configure script
2717 - Fixed squid-internal URLs when http_port == 80.
2718 - Remember the client address on redirected requests (Henrik
2720 - Don't rebuild the request if the redirector returned the same
2721 URL (Henrik Nordstrom).
2722 - Rewrite Host: header on redirected requests (Henrik
2724 - Include port (if non-standard) in generated Host: headers
2726 - Fixed rfc1123 timezone hacks for Windows NT
2728 - Added Russian Error pages by Ilia Zadorozhko.
2729 - Added totals for ICP and HTTP hits to cachemgr client_list
2731 - Changed error message to 'Generated TIME by HOST (SQUID/VER)'
2732 because any string with an '@' must be an email address.
2733 - Fixed POST for content-length == 0.
2734 - Fixed "huge 304 reply" loop bug.
2735 - Fixed --enable-splaytree compile bugs.
2736 - Removed ASN lookup code in peer_select.c.
2737 - Added warnings if ACL code detects subdomains in SPLAY
2739 - Rewrote some bits of httpRequestFree() to eliminate
2740 possible bugs that could cause an "e->lock_count" asseertion.
2741 - Added value/bounds checking to _db_init() when setting
2742 the debugLevels[] array.
2744 Changes to squid-1.2.beta19 (Apr 8, 1998):
2746 - Squid-1.2.beta19 compiles and runs on Windows/NT with
2747 Cygnus Gnu-WIN32 b19 (Henrik Nordstrom).
2748 - Added French Error pages by Frank DENIS.
2749 - Added Dutch Error pages by Mark Visser
2750 - Added German Error pages by Bernd P. Ziller, Jens Frank,
2752 - Added support for only-if-cached cache-control directive.
2753 - Added RELAXED_HTTP_PARSER #define to allow requests which are
2754 missing the HTTP identifier on the request line (e.g. buggy
2755 SpyGame queries). RELAXED_HTTP_PARSER is undefined by default.
2756 - Fixed disk.c FD leak for delayed closes in
2757 diskHandleWriteComplete().
2758 - Fixed cache announcement feature.
2759 - Fixed httpReadReply() to retry failed HTTP requests on
2760 persistent connections when read() returns -1, not only
2762 - Fixed cbdata memory counting leak. cbdataUnlock() always
2763 called free(), never memFree().
2764 - Fixed storeDirWriteCleanLogs() malloc bug on Alphas.
2765 - Fixed `++loopdetect < 10' assertion due to
2766 clientHandleIMSReply bug for invalid/partial HTTP
2768 - Added preliminary code for HTCP.
2769 - Renamed 'aux' dir to 'cfgaux' for legacy DOS machines.
2770 - Added "snmp_community" as an ACL type.
2771 - Cleaned up proxy-auth acl implementation and removed
2773 - Added generic 'hashFreeItems()' function for efficiently
2774 freeing hash table pointers.
2775 - Added whoisTimeout() for ASN code.
2776 - Removed BINARY TREE code.
2777 - Fixed forgetting to reset Config.Swap.maxSize in
2779 - Fixed httpReplyUpdateOnNotModified() arguments-in-wrong-order
2780 bug which caused not modified replies to not get updated.
2781 - Fixed client_side.c bugs which could cause data to be written
2782 to the client in the wrong order for persistent connections.
2783 clientPurgeRequest() and clientHandleIMSComplete() must not
2784 call comm_write(). Instead they must create and write to
2786 - Fixed ICP query service time counting bug(s).
2787 - replaced 'char *mime_headers_end()' with 'size_t headersEnd()'
2788 to fix buffer overruns. This also requires adding 'buf_sz'
2789 args to some functions like clientBuildReplyHeader().
2790 But we can eliminate the need to NULL-terminate the
2792 - Changed commConnectCallback() to reset the FD timeout to
2793 zero before notifying about the connection. This requires
2794 commSetTimeout() calls in numerous places to reinstall
2796 - Changed comm_poll_incoming() to be called less frequently
2797 (every 15 I/O's instead of every 7 FD's) (Michael O'Reilly).
2798 - Removed HAVE_SYSLOG case for debug() macro. Almost all
2799 systems do have syslog(), but more importatnly the
2800 _db_level value is needed for debugging to stderr.
2801 - Rewrote squid/dnsserver interface to use smaller, single-line
2803 - Rewrote 'dns' cachemgr output to use a table format.
2804 - Rewrote a lot of dnsserver.c.
2805 - Added eventAddIsh() for semi-random event scheduling.
2806 - Fixed an ftpTimeout bug for sessions which use PORT
2808 - Fixed ftp.c to recognized invalid PASV replies (e.g.
2810 - Removed hash_insert(). All hasing uses hash_join() now.
2811 - Renamed hash_unlink() to hash_remove_link().
2812 - Added hashPrime() to find closes prime hash table size
2814 - Fixed Keep-Alive ratio counting bug which prevented
2815 persistent connections from being used between cache
2817 - Changed icmp.c to NOT queue messages sent from squid to
2819 - Changed icp_v2.c to NOT queue ICP messages by default.
2820 But they will be queued and resent once if the first
2821 send fails. Counters.icp.queued_replies counts the
2822 number of messaages queued.
2823 - Cleaned up ICP logging.
2824 - Added identTimeout().
2825 - Fixed ipcache reply counting bug. Overcounted dnsserver
2826 replies for partial replies.
2827 - Added urlInternal() for building internal Squid URLs.
2828 - Changed peerAllowedToUse() to check both 'cache_peer_domain'
2829 AND 'cache_peer_acl' configurations. This should be changed
2830 in the fugure to use ONLY cache_peer_acl.
2831 - Changed DEAD/REVIVED neighbor detection to avoid reporting
2832 so many false deaths. (Joe Ramey).
2833 - Added some preliminary code to support "cache digests."
2834 - Fixed pumpClose() coredumps (?).
2835 - Updated cachemgr 'info' output to show median service
2836 times for various categories.
2837 - Fixed ABW bug in storeDirWriteCleanLogs(). sizeof(off_t)
2838 != sizeof(int) for Alphas.
2839 - Fixed potential alignment problem in storeDirWriteCleanLogs().
2840 - Fixed store_rebuild.c to NOT replace current, but
2841 not-swapped-out StoreEntry's with on-disk entries.
2842 - Changed storeCleanup() to call storeRelease on invalid
2843 entries which don't have a swapfile (i.e. no unlink()
2845 - Fixed storeSwapInStart() to fail for unvalidated
2848 . renovated mib and added descriptions and comments
2849 . added hit and byte counters to client_db , for
2851 . cacheClientTable, netdbTable, cachePeerTable,
2852 cacheConnTable now indexed by ip address. hash_lookup was
2853 enhanced to allow for subsequent hash_next's similar to
2854 hash_first, to speed up getnext's in tables which refer to
2855 hash-table structures.
2856 . added generic (well, sorf of) table indexing functionality
2857 . added makefile dependencies for snmplib and cache_snmp.h
2858 . WaisHost, WaisPort, Timeouts removed
2859 . FdTable split into FdTable and ConnTable. FdTable simplified
2860 . PeerTable and PeerStat merged and put into new cacheMesh
2862 . cacheClientTable added for client statistics and accounting
2864 . cacheSec and cacheAccounting groups removed
2865 . fixed acl bug when communities not defined
2866 . snmp_acl now survives bad configuration
2868 Changes to squid-1.2.beta18 (Mar 23, 1998):
2870 - Added v1.1 'test_reachability' option.
2871 - Fixed hash4() len == 0 bug.
2872 - Fixed Config.Swap.maxSize reconfigure bug.
2873 - Fixed ICP query bug determining request method.
2874 - Moved ICP's storeGet() cache lookup into neighborsUdpAck()
2875 so that we know neighbors are alive even when they send
2876 us replies for unknown entries.
2877 - Changed configure script to add '-std1' for Digital Unix cc.
2878 - Fixed SNMP sizeof(int) / sizeof(long) bugs for 64-bit
2880 - Added support for 'Cache-Control: Only-If-Cached' request header.
2881 - Fixed CheckQuickAbort() bugs for multiple clients on one
2882 StoreEntry. Also changed storePendingNClients() to return
2883 mem->nclients instead of counting the number of store_client
2884 entries with pending callback functions.
2886 Changes to squid-1.2.beta17 (Mar 17, 1998):
2888 - SNMP MIB version check changed to non-rcs.
2889 - Added memory pools for variable size objects (strings).
2890 There are three pools; for small, medium, and large objects.
2891 - Extended String object to use memory pools. Most fixed size char
2892 array fields will be replaced using string pools. Same for most
2893 malloc()-ed buffers.
2894 - Changed icon handling to use the hostname and port of the squid
2895 server, instead of the special hostname "internal.squid"
2897 - All icons are now configured in mime.conf. No hardcoded icons,
2898 including gohper icons (Henrik Nordstrom).
2899 - Fixed ICP bug when we send queries, but expect zero
2901 - Fixed alignment/casting bugs for ICP messages.
2902 - A generic client-to-server "pump" was added to handle HTTP
2903 PUT as well as POST methods on the client-cache side. Based on
2904 "pump" PUT requests can be made to either HTTP or FTP url's.
2905 Code is still beta and interoperability with browsers etc has
2907 - Put #ifdefs around 'source_ping' code.
2908 - Added missing typedef for _arp_ip_data (Wesha).
2909 - Added regular-expression-based ACLs for client and server
2910 domain names (Henrik Nordstrom).
2911 - Fixed ident-related coredumps from incorrect callback data.
2912 - Fixed parse_rfc1123() "space" bug.
2913 - Fixed xrealloc() XMALLOC_DEBUG bug (not calling check_free())..
2914 - Fixed some src/asn.c end-of-reply bugs and memory leaks.
2915 - Fixed some peer->options flag-setting bugs.
2916 - Fixed single-parent feature to work again
2917 - Removed 'single_parent_bypass' configuration option; instead
2918 just use 'no-query'.
2919 - Surrounded 'source_ping' code with #ifdefs.
2920 - Changed 'deny_info URL' to use a custom Error page.
2921 - Modified src/client.c for testing POST requests.
2922 - Fixed hash4() for SCO (Vlado Potisk).
2924 Changes to squid-1.2.beta16 (Mar 4, 1998):
2926 - Added Spanish error messages from Javier Puche.
2927 - Added Portuguese error messages from Pedro Lineu Orso
2928 - Added a simple but very effective hack to cachemgr.cgi that tries to
2929 interpret lines with '\t' as table records and formats them
2930 accordingly. With a few exceptions (see source code), first line
2931 becomes a table heading ("<th>" html tag) and the rest is formated
2933 - Added "mem_pools_limit" configuration option. Semantics of
2934 "mem_pools" option has also changed a bit to reflect new memory
2936 - Reorganized memory pools. Squid now supports a global pool
2937 limit instead of individual pool limits. Per-pool limits can be
2938 implemented on top of the current scheme if needed, but it is
2939 probably hard to guess their values. Squid distributes pool
2940 memory among "frequently allocated" objects. There is a
2941 configurable limit on the total amount of "idle" memory to be
2942 kept in reserve. All requests that exceed that amount are
2943 satisfied using malloc library. Support for variable size
2944 objects (mostly strings) will be enabled soon.
2945 - memAllocate() has now only one parameter. Objects are always
2946 reset with 0s. (We actually never used that parameter before;
2947 it was always set to "clear").
2948 - Added Squid "signature" to all ERR_ pages. The signature is
2949 hardcoded and is added on-the-fly. The signature may use
2950 %-escapes. Added interface to add more hard-coded responses if
2951 needed (see errorpage.c::error_hard_text).
2952 - Both default and configured directories are searched for ERR_
2953 pages now. Configured directory is, of course, searched first.
2954 This allows you to customize a subset of ERR_ pages (in a
2955 separate directory) without danger of getting other copies out
2957 - Security controls for the SNMP agent added. Besides
2958 communities (like password) and views (part of tree
2959 accessible), the snmp_acl config option can be used to do acl
2960 based access checks per community.
2961 - SNMP agent was heavily re-written, based on cmu-snmpV1.8. You
2962 can now walk through the whole mib tree. Several new variables
2963 added under cacheProtoAggregateStats
2964 - Added rudimental statistics for HTTP headers.
2965 - Adjusted StatLogHist to a more generic/flexible StatHist.
2966 Moved StatHist implementation into a separate file.
2967 - Added FTP support for PORT if PASV fails, also try the
2968 default FTP data port (Henrik Nordstrom).
2969 - Fixed NULL pointer bug in clientGetHeadersForIMS when a
2970 request is cancelled for fails on the client side.
2971 - Filled in some squid.conf comments (never_direct,
2973 - Added RES_DNSRCH to dnsserver's _res.options when the
2974 -D command line option is given.
2975 - Fixed repeated Detected DEAD/REVIVED Sibling messages when
2976 peer->tcp_up == 0 (Michael O'Reilly).
2977 - Fixed storeGetNextFile's incorrect "directory does not exist"
2978 errors (Michael O'Reilly).
2979 - Fixed aiops.c race condition (Michael O'Reilly, Stewart
2981 - Added 'dns_nameservers' config option to specify non-default
2982 DNS nameserver addresses (Maxim Krasnyansky).
2983 - Added lib/util.c code to show memory map as a tree
2985 - Added HTTP and ICP median service times to Counters and
2986 cachemgr average stats.
2987 - Changed "-d" command line option to take debugging level
2988 as argument. Debugging equal-to or less-than the argument
2989 will be written to stderr.
2990 - Removed unused urlClean() function from url.c.
2991 - Fixed a bug that allowed '?' parts of urls to be recorded in
2992 store.log. Logged urls are now "clean".
2993 - Cache Manager got new Web interface (cachemgr.cgi). New .cgi
2994 script forwards basic authentication from browser to squid.
2995 Authentication info is encoded within all dynamically generated
2996 pages so you do not have to type your password often.
2997 Authentication records expire after 3 hours (default) since
2998 last use. Cachemgr.cgi now recognizes "action protection" types
3000 - Added better recognition of available protection for actions
3001 in Cache Manager. Actions are classified as "public" (no
3002 password needed), "protected" (must specify a valid password),
3003 "disabled" (those with a "disable" password in squid.conf), and
3004 "hidden" (actions that require a password, but do not have
3005 corresponding cachemgr_passwd entry). If you manage to request
3006 a hidden, disabled, or unknown action, squid replies with
3007 "Invalid URL" message. If a password is needed, and you failed
3008 to provide one, squid replies with "Access Denied" message and
3009 asks you to authenticate yourself.
3010 - Added "basic" authentication scheme for the Cache Manager.
3011 When a password protected function is accessed, Squid sends an
3012 HTTP_UNAUTHORIZED reply allowing the client to authorize itself
3013 by specifying "name" and "password" for the specified action.
3014 The user name is currently used for logging purposes only. The
3015 password must be an appropriate "cachemgr_passwd" entry from
3016 squid.conf. The old interface (appending @password to the url)
3017 is still supported but discouraged. Note: it is not possible
3018 to pass authentication information between squid and browser
3019 *via a web server*. The server will strip all authentication
3020 headers coming from the browser. A similar problem exists for
3021 Proxy-Authentication scheme.
3022 - Added ERR_CACHE_MGR_ACCESS_DENIED page to notify of
3023 authentication failures when accessing Cache Manager.
3024 - Added "-v" (Verbose) and "-H" (extra Headers) options to client.c.
3025 - Added simple context-based debugging to debug.c. Currently,
3026 the context is defined as a constant string. Context reporting
3027 is triggered by debug() calls. Context debugging routines
3028 print minimal amount of information sufficient to describe
3029 current context. The interface will be enhanced in the future.
3030 - Replaced _http_reply with HttpReply. HttpReply is a
3031 stand-alone object that is responsible for parsing, swapping,
3032 and comm_writing of HTTP replies. Moved these functions from
3033 various modules into HttpReply module.
3034 - Added HttpStatusLine, HttpHeader, HttpBody.
3035 - All HTTP headers are now parsed and stored in a "compiled"
3036 form in the HttpHeader object. This allows for a great
3037 flexibility in header processing and builds basis for support
3038 of yet unsupported HTTP headers.
3039 - Added Packer, a memory/store redirector with a printf
3040 interface. Packer allows to comm_write() or swap() an object
3041 using a single routine.
3042 - Added MemBuf, a auto-growing memory buffer with printf
3043 capabilities. MemBuf replaces most of old local buffers for
3044 compiling text messages.
3045 - Added MemPool that maintains a pre-allocated pool of opaque
3046 objects. Used to eliminate memory thrashing when allocating
3047 small objects (e.g. field-names and field-value in http
3050 Changes to squid-1.2.beta15 (Feb 13, 1998):
3052 NOTE: This version has changes which may cause all or part
3053 of your cache to be lost. However, you can problably
3054 save most of it by doing a slow restart. Specifically:
3056 1. Kill the running squid-1.2.beta14 process; wait for it to
3058 2. Remove all 'swap.state*' files, either in each cache_dir, or
3059 as defined in your squid.conf
3060 3. Start squid-1.2.beta15. The store will be rebuilt from the
3061 existing swap files, reading the directories and opening
3064 - Fixed some problems related to disk (and pipe) write error
3065 handling. file_close() doesn't always close the file
3066 immediately; i.e. when there are pending buffers to write.
3067 StoreEntry->lock_count could become zero while a write is
3068 pending, then bad things happen during the callback.
3069 - The file_write() callback data must now be in the callback
3070 database (cbdata). We now use the swapout_ctrl_t structure
3071 for the callback data; it stays around for as long as we are
3073 - Changed the way write errors are handled by diskHandleWrite.
3074 If there is no callback function, now we exit with a fatal
3075 message under the assumption that the file in question is a
3076 log file or IPC pipe. Otherwise, we flush all the pending
3077 write buffers (so we don't see multiple repeated write errors
3078 from the same descriptor) and let the upper layer decide how
3079 to handle the failure.
3080 - Fixed storeDirWriteCleanLogs. A write failure was leaving
3081 some empty swap.state files, even though it tells us that its
3082 "not replacing the file." Don't flush/rename logs which we
3083 have prematurely closed due to write failures, indiciated by
3084 fd[dirn] == -1. Close these files LAST, not before
3086 - Fixed storeDirClean to clean directories in a more sensible
3087 order, instead of the new "MONOTONIC" order for swap files.
3088 - Merged fdstat.c functions into fd.c.
3089 - Cleaned up some debugging sections. Some unrelated source
3090 files were using the same section.
3091 - Removed curly brackets from all cachemgr output.
3092 - Removed unused filemap->last_file_number_allocated member.
3093 - Removed unused fde->lifetime_data member.
3094 - Fixed incorrectly applying htonl() on icp_common_t->shostid.
3095 - Call setsid() before exec() in ipc.c so that child processes
3096 don't receive SIGINT (etc) when running squid on a tty.
3097 - Changed StoreEntry->object_len to ->swap_file_sz so we
3098 can verify the disk file size at restart. Moved object_len
3099 to MemObject->object_sz. Note object_sz is initialized
3100 to -1. If object_sz < 0, then we need to open the swap
3101 file and read the swap metadata.
3102 - Changed store_client->mem to ->entry because we need
3103 e->swap_file_sz to set mem->object_sz at swapin.
3104 - Renamed storeSwapData structure to storeSwapLogData.
3105 - Fixed storeGetNextFile to not increment d->dirn. Added
3106 check for opendir() failure.
3107 - Fixed storeRebuildStart to properly link the directory
3108 list for storeRebuildfromDirectory mode.
3109 - Added -S command line option to double-check store
3110 consistency with disk files in storeCleanup().
3111 - Fixed a problem with transactional logging. In many
3112 cases we were adding the public cache key and then
3113 logging a delete for the private key. This is worthless
3114 because during rebuild we could not locate the previous
3115 public-keyed entry. Now we assert that only public-keyed
3116 entries can be logged to swap.state. storeSetPublicKey()
3117 and storeSetPrivateKey() have been modified to log an
3118 ADD or DEL when the key changes.
3119 - Fixed storeDirClean bug. Needed to call
3120 storeDirProperFileno() so the "dirn bits" get set.
3121 - Fixed a storeRebuildFromDirectory bug. fullpath[] and
3122 fullfilename[] were static to that function and did
3123 not change when the "rebuild_dir" arg did. Moved these
3124 buffers to the rebuild_dir structure.
3125 - In storeRebuildFromSwapLog, we were calling storeRelease()
3126 for cache key collisions. This only set the RELEASE_REQUEST
3127 bit and did not clear the swap_file_number in the filemap or
3128 in the StoreEntry, so the swap file could get unlinked later
3129 when it was really released.
3130 - Fixed FTP so that ';type=X' specifically sets the HTTP reply
3131 content-type and content-encoding (Henrik Nordstrom).
3132 - Removed 'icon_content_type' configuration option. Content
3133 types now taken from mime.conf (Henrik Nordstrom).
3134 - Added additional memory malloc tracing and memory leak
3135 detection. Use --enable-xmalloc-debug-trace configure
3136 option and -m command line option (Henrik Nordstrom).
3138 Changes to squid-1.2.beta14 (Feb 6, 1998):
3140 - Replaced snmplib free() calls with xfree().
3141 - Changed the 'net_db_name' hash table structure to
3142 make it easier to move names from one network to another
3143 (copied from 1.1 code).
3144 - Filled in some of the config dump routines (dump_acl,
3146 - Full memory debugging option (--enable-xmalloc-debug-trace)
3148 - Filled-in and clarified many squid.conf comments (Oskar
3150 - Fixed up handling of SWAP_LOG_DEL swap.state entries.
3152 Changes to squid-1.2.beta13 (Feb 4, 1998):
3154 - NOTE: With this version the "swap.state" file format has
3155 changed. Running this version for the first time will
3156 cause your current cache contents to be lost!
3157 - NOTE: this version still has the bug where we don't rewind
3158 a swapout file and rewrite the swap meta data. Objects
3159 larger than 8KB will be lost when rebuilding from the swap
3161 - Combined various interprocess communication setup functions
3163 - Removed some leftover ICP_HIT_OBJ things.
3164 - Removed cacheinfo and proto_count() and friends; these are to
3165 be replaced in functionality by StatCounters and 5/60 minute
3166 average views via cachemgr.
3167 - Fixed --enable-acltree configure message (Masashi Fujita).
3168 - Fixed no reference to @LIB_MALLOC@ in src/Makefile.in
3170 - Fixed building outside of source tree (Masashi Fujita).
3171 - FTP: Format NLST listings, and inform the user that the NLST
3172 (plain) format is available when we find a LIST listing that we
3173 don't understand (Henrik Nordstrom)
3174 - FTP: Use SIZE on Binary transfers, and not ASCII. The
3175 condition was inversed, making squid use SIZE on ASCII
3176 transfers (Henrik Nordstrom).
3177 - Enable virtual and Host: based acceleration in order to be
3178 able to use Squid as a transparent proxy without breaking
3179 either virtual servers or clients not sending Host: header
3180 the order of the virtual and Host: based acceleration needs
3181 to be swapped, giving Host: a higher precendence than virtual
3182 host (Henrik Nordstrom).
3183 - Use memmove/bcopy as detected by configure Some systems does
3184 not have memmove, but have the older bcopy implementation
3186 - Completely rewritten aiops.c that creates and manages a pool
3187 of threads so thread creation overhead is eliminated (SLF).
3188 - Lots of mods to store.c to detect and cancel outstanding
3189 ASYNC ops. Code is not proven exhaustive and there are
3190 definately still cases to be found where outstanding disk ops
3191 aren't cancelled properly (SLF).
3192 - Changes to call interface to a few routines to support disk
3193 op `tagging', so operations can be cleanly cancelled on
3194 store_abort()s (SLF).
3195 - Implementation of swap.state files as transaction logs.
3196 Removed objects are now noted with a negative object size.
3197 This allows reliatively clean rebuilds from non-clean
3199 - Now that the swap.state files are transaction logs, there's
3200 now no need to validate by stat()ing. All the validation
3201 procedure does is now just set the valid bit AFTER all the
3202 swap.state files have been read, because by that time, only
3203 valid objects can be left. Object still need to be marked
3204 invalid when reading the swap.state file because there's no
3205 guarantee the file has been retaken or deleted (SLF).
3206 - An fstat() call is now added after every
3207 storeSwapInFileOpened() so object sizes can be checked. Added
3208 code to storeRelease() the object if the sizes don't match (SLF).
3209 - #defining USE_ASYNC_IO now uses the async unlink() rather than
3211 - #defining MONOTONIC_STORE will support the creation of disk
3212 objects clustered into directories. This GREATLY improves disk
3213 performance (factor of 3) over old `write-over-old-object'
3214 method. If using the MONOTONIC_STORE, the
3215 {get/put}_unusedFileno stack stuff is disabled. This is
3216 actually a good thing and greatly reduces the risk of serving
3217 up bad objects (SLF).
3218 - Fixed unlink() in storeWriteCleanLogs to be real unlink()
3219 rather than ASYNC/unlinkd unlinks. swap.state.new files were
3220 being removed just after they were created due to delayed
3222 - Disabled various assertions and made these into debug warning
3223 messages to make the code more stable until the bugs can be
3225 - Added most of Michael O'Reilly's patches which included many
3226 bug fixes. Ask him for full details (SLF).
3227 - Moved aio_check_callbacks in comm_{poll|select}(). It was
3228 called after the fdset had been built which was wrong because
3229 the callbacks were changing the state of the read/write
3230 handlers prior to the poll/select() calls (SLF).
3231 - Fixed ARP ACL memory leaks (Dale).
3232 - Eliminated URL and SHA cache keys. Cache keys will always
3234 - Fixed up store swap meta data.
3235 - Changed swap.state logs to a binary format.
3236 - The swap.state logs are written transaction-style.
3238 Changes to squid-1.2.beta12 (Jan 30, 1998):
3240 - Added metadata headers to cache swap files. This is an
3241 incompatible change with previous versions. Running this
3242 version for the first time will cause your current cache
3243 contents to be lost.
3244 - -D_REENTRANT when linking with -lpthreads (Henrik Nordstrom)
3245 - Show symlink destinations as a hyperlink in FTP listings
3247 - Fixed not allocating enough space for rewriting URLs with
3248 the Host: header (Eric Stern).
3249 - Year-2000 fixes (Arjan de Vet).
3250 - Fixed looping for cache hits on HEAD requests.
3251 - Fixed parseHttpRequest() coredump for
3252 "GET http://foo HTTP/1.0\r\n\r\n\r\n"
3254 Changes to squid-1.2.beta11 (Jan 6, 1998):
3256 - Fixed fake 'struct rusage' definition which prevented compling
3258 - Fixed copy-by-ref bug for request->headers in
3259 clientRedirectDone() (Michael O'Reilly).
3260 - Workaround for Solaris pthreads closing FD 0 upon fork()
3262 - Fixed shutdown bug with outgoing UDP sockets; we need to
3263 disable their read handlers.
3264 - For comm_poll(), use the fast 50 msec timeout only when
3265 USE_ASYNC_IO is defined.
3266 - Fixed pointer bug when freeing AS# ACL entries.
3267 - Fixed forgetting to reset Config.npeers to zero in free_peer().
3268 - Fixed ICP bug causing excessive TIMEOUTs with sibling
3269 neighbors. We must call the ICP reply callback even for
3271 - Fixed some dnsserver-related reconfigure bugs. Need to
3272 use cbdataLock, etc in fqdncache.c. Also don't want to
3273 use ipcacheQueueDrain() and fqdncacheQueueDrain().
3274 - Fixed persistent connection bug. We were incorrectly
3275 deciding that non-200 replies without content-length
3276 would not have a reply body.
3277 - Fixed intAverage() precedence bug.
3278 - Fixed memmove() 'len' arg bug.
3279 - Changed algorithm for determining alive/dead state of peers.
3280 Instead of using a fixed number of unacknowledged ICP
3281 replies, it is now based on timeouts. If there are no ICP
3282 replies received from a peer within 'dead_peer_timeout'
3283 seconds, then we call it dead.
3284 - Added calls to getCurrentTime() in
3285 comm_{select,poll}_incoming() when ALARM_UPDATES_TIME is not
3287 - Fixed shutdown bug when the incoming and outgoing ICP socket
3288 is the same file descriptor.
3289 - Added buffered writes for storeWriteCleanLogs() (Stewart
3291 - Patches for Qnx4 (Jean-Claude MICHOT).
3292 - Fixed returning void functions which seems to be a GCC-ism.
3293 - New configure script options (Henrik Nordstrom):
3294 --enable-new-storekey=[sha|md5(|url)] (was --enable-hashkey)
3298 --enable-useragent-log
3299 --enable-kill-parent (this should be named -hack)
3302 --enable-cachemgr-hostname[=hostname] (new)
3303 --enable-arp-acl (new)
3304 - Added Doug Lea malloc-2.6.4 to the distribution, so that
3305 people easily can try a decent malloc package if they syspect
3306 their malloc is broken. --enable-dlmalloc (Henrik Nordstrom).
3307 - Made XMALLOC_DEBUG_COUNT working again. Requires a small stub
3308 function (Henrik Nordstrom).
3309 - Removed top-level Makefile. People must now run 'configure'
3311 - Fixed checkFailureRatio() implementation.
3312 - Made 'squid -z' behave like the 1.1 version.
3315 Changes to squid-1.2.beta10 (Jan 1, 1998):
3317 - Fixed content-length bugs for 204 replies, 304 replies,
3318 and HEAD requests (Henrik Nordstrom).
3319 - Fixed errorAppendEntry() bug in gopherReadReply().
3320 - Basic support for FTP URL typecodes (;type=X).
3321 - Support for access controls based on ethernet MAC addresses
3323 - Initial URN support; see
3324 http://squid.nlanr.net/Squid/urn-support.html
3325 - Fixed client-side persistent connections for objects with
3326 bad content lengths (Henrik Nordstrom).
3327 - Fixed bad call to storeDirUpdateSwapSize() for objects which
3328 never reach SWAPOUT_DONE state.
3329 - Fixed up poll() #defines in squid.h (Stewart Forster).
3330 - Changed poll() timeout from 1000 msec to 50 msec for
3331 better performance under low load (Stewart Forster).
3332 - Changed storeWriteCleanLogs() to write objects in the LRU
3333 list order instead of the random hash table order.
3334 - Fixed FTP bug when data socket connections fail or timeout.
3335 - Reuse FTP data connection when possible (Henrik Nordstrom).
3336 - Added configure options (Henrik Nordstrom)
3337 --enable-store-key=sha|md5
3338 --enable-xmalloc-statistics
3339 --enable-xmalloc-debug
3340 --enable-xmalloc-debug-count
3342 - Fixed confusing with the use/meaning of ERR_CANNOT_FORWARD
3343 by creating ERR_FORWARDING_DENIED and changing the
3344 content of the ERR_CANNOT_FORWARD text.
3345 - Fixed pipeline request bug from using strdup() (Henrik
3347 - Call clientReadRequest() directly instead of commSetSelect()
3348 for pipelined requests (Henrik Nordstrom).
3349 - Fixed 4k page leak in icpHandleIMSReply();
3350 - Renamed 'icp*' functions to 'client*' names in client_side.c.
3352 Changes to squid-1.2.beta8 (Dec 2, 1997):
3354 - Fixed accessLogLog() to log ident from Proxy-Authorization
3355 request header (BoB Miorelli).
3356 - Fixed #includes, prototypes, etc. in SNMP source files.
3357 - Moved 'POLLRDNORM' and 'POLLWRNORM' macro checks from
3358 include/config.h.in to src/squid.h
3359 - Moved 'num32' typedefs from src/typedefs.h to
3360 include/config.h.in.
3361 - Moved snmplib/md5.c to lib/md5.c.
3362 - Added MD5 cache key support.
3363 - Removed xmalloc() return check in uudeocde.c
3364 - Added 'ifdef' support to cf_gen.c for optional code (e.g. SNMP)
3365 - Changed 'client' program to provide easier cache manager access,
3366 e.g.: 'client mgr:info'
3367 - Fixed 'client' to send 'Connection' instead of 'Proxy-Connection'
3368 for simulated keep-alive requests.
3369 - Removed 'fd' arg from clientProcess* functions.
3370 - Fixed bugs from using errorSend() on persistent/pipelined
3371 client connections. A latter request should not be allowed to
3372 write to the client fd until the current request completes.
3373 Now use errorAppendEntry() for such situations.
3374 - Fixed content-length bugs. We were using content-length == 0
3375 to also indicate a lack of content-length reply header. But
3376 'content-length: 0' might appear in a reply, so now use -1 to
3377 indicate that no content length given.
3378 - Split up clientProcessRequest() into smaller chunks so it
3379 might be easier to follow.
3380 - renamed various client_side.c functions to start with 'client'
3382 - Fixed a 'cbdata leak' from the comm.c close handlers.
3383 - Fixed a 'cbdata leak' from the comm.c connect routines.
3384 - Fixed comm_select() and comm_poll() to stop looping on the
3385 incoming HTTP/ICP sockets. If there are fewer than 7 FD's
3386 ready for I/O, the incoming sockets might not get service, so
3387 comm_select() would be called for up to 7 times until the
3388 'incoming_counter' was incremented enough to trigger a call
3389 to comm_select_incoming(). Now we make sure
3390 comm_select_incoming() gets called if select returns less
3392 - Added errorpage '%B' token to generate FTP URLs with a '%2f'
3393 inserted at the start of the url-path. calls ftpUrlWith2f().
3395 - Changed fqdncache.c to use LRU double-linked list instead of qsort()
3396 for replacement and cachemgr output.
3397 - Changed ipcache.c to use LRU double-linked list instead of qsort()
3398 - Changed hash_insert() and hash_join() to return void.
3399 for replacement and cachemgr output.
3400 - Moved StoreEntry->method member to MemObject->method.
3401 - Made StoreEntry->flags 16 bits.
3402 - Made StoreEntry->refcount 16 bits.
3403 - Changed URL-based public cache key to always include the request
3406 Changes to squid-1.2.beta7 (Nov 24, 1997):
3408 - Fixed poll() for Linux (David Luyer).
3409 - SHA optimizations (David Luyer).
3410 - Fixed errno clashes with macro on Linux (David Luyer).
3411 - Fixed storeDirCloseSwapLogs(); logs might not be open.
3412 - Fixed storeClientCopy2() bug. Detect when there is
3413 no more data to send for objects in STORE_OK state.
3414 - Fixed FTP truncation bug when ftpState->size == 0, e.g.
3415 especially directory listings.
3416 - Mega FTP fix from Henrik Nordstrom. A better job of
3417 implementing the '%2f' hack.
3418 - Fixed some pipelined request bugs. storeClientCopy() was
3419 being given the wrong StoreEntry, and we had a race condition
3420 which is now handled by storeClientCopyPending().
3421 - Added initial SNMP support.
3423 Changes to squid-1.2.beta6 (Nov 13, 1997):
3425 - Fixed Authorized responses getting swapped out when they
3426 don't have Proxy-Revalidate reply header.
3427 - Fixed Proxy Authentication support. We never sent back
3428 a 407 reply, and were incorrectly incrementing the passwd
3429 before comparing it.
3430 - Fixed stat()ing pathnames for default values before parsing
3431 config file (Ron Gomes).
3432 - Fixed logging request and response headers on separate lines
3434 - Fixed FTP Authentication message (Henrik Nordstrom).
3435 - Changed Proxy Authentication to trigger a reread of the passwd
3436 file if a password check fails (Henrik Nordstrom).
3437 - Changed FTP to retry the first CWD with a leading slash if it
3440 Changes to squid-1.2.beta5 (Nov 6, 1997):
3442 - Track the 'keep-alive ratio' for a peer as the ratio of
3443 the number of replies including 'Proxy-Connection: Keep-Alive'
3444 compared to the number of requests sent. If the peer does
3445 not support Persistent connections then this ratio will tend
3446 toward zero. If the ratio is less than 50% after 10 requests
3447 then we'll stop sending Keep-Alive.
3448 - Proper support for %nn escapes in FTP, and numerous
3449 other fixes (Henrik Nordstrom).
3450 - Support for Secure Hash Algorithm and framework for other
3451 hash functions as cache keys.
3452 - Fixed SSL snprintf() bug which broke SSL proxying.
3453 - Fixed store_dir swap log bug from reconfigure (SIGHUP).
3454 - Fixed LRU Reference Age bug. The arg to pow() must be
3455 minutes, not seconds.
3457 Changes to squid-1.2.beta4 (Oct 30, 1997):
3459 - Fixed DST bug in rfc1123.c
3460 - Changed default http_accel_port to 80.
3461 - added errorCon() as a ErrorState constructor function
3463 - Added ERR_FTP_FAILURE message for ftpFail().
3464 - For FTP, the timeout callback must be moved to the 'data'
3465 descriptor when data transfer begins. Otherwise we are
3466 likely to get a timeout on the control descriptor.
3467 - Fixed double-free bug in httpRequestFree().
3468 - Fixed store_swap_size counting bug in storeSwapOutHandle().
3470 Changes to squid-1.2.beta3 (Oct 29, 1997):
3472 - Initialize _res.options to RES_DEFAULT in dnsserver.c.
3473 - Fix assertions which assumed 4-byte pointers.
3474 - Fix missing % in fqdncache.c snprintf().
3476 Changes to squid-1.2.beta2 (Oct 28, 1997):
3478 - Fixed aiops.c and async_io.c so that they actually compile
3479 with USE_ASYNC_IO (Arjan de Vet).
3480 - Fixed errState->errno causing problems with some macros
3482 - Fixed memory leaks in pconn.c (Max Okumoto).
3483 - Enhanced 'client' program with 'ping' behaviour (Ron Gomes).
3484 - Fixed InvokeHandlers() from calling memCopy() for ALL
3485 store_client's with callbacks. A store_client might be reading
3487 - Rewrote storeMaintainSwapSpace(). No longer will we scan one
3488 bucket at a time. Instead we'll maintain a single LRU
3489 list. When an object is 'touched' we move it to the
3490 top of this list. When we need disk space, we delete
3492 - Removed storeGetSwapSpace().
3494 Changes to squid-1.2.beta1 ():
3496 - Reworked storage manager to not keep objects in memory during
3497 transit. In other words, no separate NOVM distribution.
3498 - Lots of cleanup and debugging for beta release.
3499 - Use snprintf() everywhere instead of sprintf().
3500 - The 'in_memory' hash table has been replaced with a
3501 doubly-linked list. New objects are added to the head of
3502 the list. When memory space is needed, old objects are
3503 purged from the tail of the list.
3505 Changes to squid-1.2.alpha7 ():
3507 - fixes fixes fixes.
3508 - Made Arjan's PROXY_AUTH ACL patch standard.
3510 Changes to squid-1.2.alpha6 ():
3512 - Simpler cacheobj implementation.
3513 - persistent connection histogram
3514 - SERVER-SIDE PERSISTENT CONNECTIONS:
3516 - Addec Cofig.Timeout.pconn; default 120 seconds
3517 - Added httpState->flags
3518 - Added flags arg to httpBuildRequestHeader()
3519 - Added HTTP_PROXYING and HTTP_KEEPALIVE flags
3520 - Added 'Connection' to allowed HTTP headers (http-anon.c)
3521 - Added 'Proxy-Connection' to allowed HTTP headers
3523 - Merged proxyhttpStart() with httpStart() and created
3524 new httpBuildState().
3525 - New httpPconnTransferDone() detects end-of-data on
3526 persistent connections.
3528 Changes to squid-1.2.alpha5 ():
3530 - New configuration system. Everything is generated from
3531 'cf.data.pre', including the main parser, setting defaults,
3532 outputting current values, and freeing memory.
3533 This also involved moving some of the local data structures
3534 (e.g. struct _acl *AclList in acl.c) to the Config
3535 structure. (Max Okumoto)
3536 - No more '/i' for regular expressions. Now insert a '-i'
3537 to switch to case-insensitive. Use '+i' for case-sensitive.
3538 - When you have a variable named the same as its type, sizeof()
3539 gets the wrong one (fde).
3540 - Need to flush unbuffered logs before fork().
3541 - Added two fields swap log: refcount and e->flag.
3542 - Removed all the .h files for each .c file. Now #include stuff
3543 is in either: defines.h, enums.h, typedefs.h, structs.h,
3544 or protos.h, globals.h. This greatly reduces dependencies
3545 between the various source files.
3546 - globals.c is generated from globals.h by a Perl script.
3547 - Started customizable error texts.
3549 Changes to squid-1.2.alpha4 ():
3551 - New MIME configuration, regular expression based
3552 - Added request_timeout config option
3553 - Multiple HTTP sockets (Lincoln Dale).
3554 - Moved 'fds_are_n_free' check to httpAccept().
3555 - s/USE_POLL/HAVE_POLL/; make poll() default if available.
3556 - Changed storeRegister to use offsets and make immediate
3557 callbacks if appropriate.
3558 - Removed icpDetectClientClose(). Some of that functionality
3559 goes into clientReadRequest() and the rest into
3561 - Moved IP lookups to commConnect stuff.
3562 - Added support for retrying connect().
3563 - New inline debug() macro (David Luyer).
3564 - Replace frequent gettimeofday() calls with alarm(3) based
3565 clock. Need to add more gettimeofday() calls to get back
3566 high-resolution timestamp logging (Andres Kroonmaa).
3567 - Added support for Cache-control: proxy-revalidate;
3568 based on squid-1.1 patch from Mike Mitchell.
3570 Changes to squid-1.2.alpha3 ():
3572 - Implemented persistent connections between clients and squid.
3573 - Moved various FD tables (comm.c, fdstat.c, disk.c) to a single
3575 - Removed use of FD as an identifier in certain callback
3576 operations (ipcache, fqdncache).
3577 - General code cleanup.
3578 - Fixed typedefs for callback functions.
3579 - Removed FD lifetime/timeout dichotomy. Now we only have
3580 timeouts, however the lifetime concept/keyword may still
3581 linger in certain places.
3582 - Change Makefile 'realclean' target to 'distclean'
3583 - Changed config file parsing of time specifications to use
3585 - Removed storetoString.c
3587 Changes to squid-1.2.alpha2 ():
3589 - Merged squid-1.1.9, squid-1.1.10 changes
3591 Changes to squid-1.2.alpha1 ():
3593 - Unified peer selection algorithm.
3594 - aiops.c and aiops.h are a threaded implementation of
3595 asynchronous file operations (Stewart Forster).
3596 - async_io.c and async_io.h are complete rewrites of the old
3597 versions (Stewart Forster).
3598 - Rewrote all disk file operations of squid to support
3599 the idea of callbacks except where not required (Stewart
3601 - Background validation of 'tainted' swap log entries (Stewart
3603 - Modified storeWriteCleanLog to create the log file using the
3604 open/write rather than fopen/printf (Stewart Forster).
3605 - Added the EINTR error response to handle badly interrupted
3606 system calls (Stewart Forster).
3607 - UDP_HIT_OBJ not supported, removed.
3608 - Different sized 'cache_dirs' supported.
3610 ==============================================================================
projects / thirdparty / squid.git / blob