# associate MIME types with filename extensions
TypesConfig /etc/mime.types
-DefaultType text/plain
# global (server-wide) SSL configuration, that is not specific to
# any virtual host
AccessFileName .htaccess
# and never show them
<Files ~ "^\.ht">
- Order allow,deny
- Deny from all
+ Require all denied
</Files>
# List of resources to look for when the client requests a directory
LoadModule authn_file_module /usr/lib/apache/mod_authn_file.so
+LoadModule unixd_module /usr/lib/apache/mod_unixd.so
#LoadModule authn_dbm_module /usr/lib/apache/mod_authn_dbm.so
#LoadModule authn_anon_module /usr/lib/apache/mod_authn_anon.so
#LoadModule authn_dbd_module /usr/lib/apache/mod_authn_dbd.so
#LoadModule authn_default_module /usr/lib/apache/mod_authn_default.so
+LoadModule authn_core_module /usr/lib/apache/mod_authn_core.so
+LoadModule authz_core_module /usr/lib/apache/mod_authz_core.so
LoadModule authz_host_module /usr/lib/apache/mod_authz_host.so
#LoadModule authz_groupfile_module /usr/lib/apache/mod_authz_groupfile.so
LoadModule authz_user_module /usr/lib/apache/mod_authz_user.so
#LoadModule authz_owner_module /usr/lib/apache/mod_authz_owner.so
#LoadModule authz_default_module /usr/lib/apache/mod_authz_default.so
LoadModule auth_basic_module /usr/lib/apache/mod_auth_basic.so
-LoadModule auth_digest_module /usr/lib/apache/mod_auth_digest.so
+#LoadModule auth_digest_module /usr/lib/apache/mod_auth_digest.so
#LoadModule dbd_module /usr/lib/apache/mod_dbd.so
#LoadModule dumpio_module /usr/lib/apache/mod_dumpio.so
#LoadModule ext_filter_module /usr/lib/apache/mod_ext_filter.so
LoadModule mime_module /usr/lib/apache/mod_mime.so
#LoadModule dav_module /usr/lib/apache/mod_dav.so
#LoadModule status_module /usr/lib/apache/mod_status.so
-LoadModule autoindex_module /usr/lib/apache/mod_autoindex.so
+#LoadModule autoindex_module /usr/lib/apache/mod_autoindex.so
#LoadModule asis_module /usr/lib/apache/mod_asis.so
#LoadModule info_module /usr/lib/apache/mod_info.so
-LoadModule cgi_module /usr/lib/apache/mod_cgi.so
+LoadModule cgid_module /usr/lib/apache/mod_cgid.so
#LoadModule dav_fs_module /usr/lib/apache/mod_dav_fs.so
#LoadModule vhost_alias_module /usr/lib/apache/mod_vhost_alias.so
#LoadModule negotiation_module /usr/lib/apache/mod_negotiation.so
#LoadModule userdir_module /usr/lib/apache/mod_userdir.so
LoadModule alias_module /usr/lib/apache/mod_alias.so
LoadModule rewrite_module /usr/lib/apache/mod_rewrite.so
+LoadModule socache_shmcb_module /usr/lib/apache/mod_socache_shmcb.so
LoadModule ssl_module /usr/lib/apache/mod_ssl.so
LoadModule php5_module /usr/lib/apache/libphp5.so
#
KeepAliveTimeout 15
-MinSpareServers 1
-MaxSpareServers 10
+MinSpareThreads 1
+MaxSpareThreads 20
StartServers 2
-MaxClients 256
+MaxRequestWorkers 256
+ThreadsPerChild 16
#
# The following directives modify normal HTTP response behavior to
SSLSessionCache shmcb:/var/log/httpd/ssl_scache(512000)
SSLSessionCacheTimeout 900
- # Semaphore:
- # Configure the path to the mutual exclusion semaphore the
- # SSL engine uses internally for inter-process synchronization.
- SSLMutex file:/var/log/httpd/ssl_mutex
-
# Pseudo Random Number Generator (PRNG):
# Configure one or more sources to seed the PRNG of the
# SSL library. The seed data should be of good random quality.
<Directory /srv/web/ipfire/html>
Options ExecCGI
AllowOverride None
- Order allow,deny
- Allow from all
+ Require all granted
</Directory>
<DirectoryMatch "/srv/web/ipfire/html/(graphs|sgraph)">
AuthName "IPFire - Restricted"
AuthType Basic
AuthUserFile /var/ipfire/auth/users
Require user admin
- <Files chpasswd.cgi>
- Satisfy Any
- Allow from All
+ <Files chpasswd.cgi>
+ Require all granted
</Files>
<Files webaccess.cgi>
- Satisfy Any
- Allow from All
- </Files>
- <Files credits.cgi>
- Satisfy Any
- Allow from All
+ Require all granted
</Files>
<Files dial.cgi>
Require user admin
<Directory /var/updatecache>
Options ExecCGI
AllowOverride None
- Order deny,allow
- Allow from all
+ Require all granted
</Directory>
Alias /repository/ /var/urlrepo/
<Directory /var/urlrepo>
Options ExecCGI
AllowOverride None
- Order deny,allow
- Allow from all
+ Require all granted
</Directory>
Alias /proxy-reports/ /var/log/sarg/
<Directory /srv/web/ipfire/html>
Options ExecCGI
AllowOverride None
- Order allow,deny
- Allow from all
+ Require all granted
</Directory>
<DirectoryMatch "/srv/web/ipfire/html/(graphs|sgraph)">
AuthName "IPFire - Restricted"
AuthUserFile /var/ipfire/auth/users
Require user admin
<Files chpasswd.cgi>
- Satisfy Any
- Allow from All
+ Require all granted
</Files>
<Files webaccess.cgi>
- Satisfy Any
- Allow from All
- </Files>
- <Files credits.cgi>
- Satisfy Any
- Allow from All
+ Require all granted
</Files>
<Files dial.cgi>
Require user admin
<Directory /var/updatecache>
Options ExecCGI
AllowOverride None
- Order deny,allow
- Allow from all
+ Require all granted
</Directory>
Alias /repository/ /var/urlrepo/
<Directory /var/urlrepo>
Options ExecCGI
AllowOverride None
- Order deny,allow
- Allow from all
+ Require all granted
</Directory>
Alias /wpad.dat /srv/web/ipfire/html/proxy.pac
</VirtualHost>
# SSLRequireSSL
Options ExecCGI
AllowOverride None
- Order allow,deny
- Allow from all
-# Order deny,allow
-# Deny from all
-# Allow from 127.0.0.1
+# Require all granted
+# Require ip 127.0.0.1
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /etc/nagios/htpasswd.users
# SSLRequireSSL
Options None
AllowOverride None
- Order allow,deny
- Allow from all
-# Order deny,allow
-# Deny from all
-# Allow from 127.0.0.1
+# Require all granted
+# Require ip 127.0.0.1
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /etc/nagios/htpasswd.users
<Directory /srv/web/openmailadmin>
Options +FollowSymlinks
AllowOverride None
- Order allow,deny
- Allow from all
+ Require all granted
</Directory>
</VirtualHost>
AuthType Basic
AuthUserFile /etc/icinga/htpasswd.users
- Order allow,deny
- Allow from all
-
Require valid-user
</Directory>
AuthType Basic
AuthUserFile /etc/icinga/htpasswd.users
- Order allow,deny
- Allow from all
-
Require valid-user
</Directory>
</VirtualHost>
# SSLRequireSSL
Options ExecCGI
AllowOverride None
- Order allow,deny
- Allow from all
-# Order deny,allow
-# Deny from all
-# Allow from 127.0.0.1
+# Require all granted
+# Require ip 127.0.0.1
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /etc/nagios/htpasswd.users
# SSLRequireSSL
Options None
AllowOverride None
- Order allow,deny
- Allow from all
-# Order deny,allow
-# Deny from all
-# Allow from 127.0.0.1
+# Require all granted
+# Require ip 127.0.0.1
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /etc/nagios/htpasswd.users
include /etc/httpd/conf/conf.d/php*.conf
Options None
AllowOverride None
- Order allow,deny
- Allow from all
+ Require all granted
</Directory>
</VirtualHost>
<Directory /srv/web/owncloud>
Options Indexes FollowSymlinks MultiViews
AllowOverride ALL
- Order allow,deny
- Allow from all
+ Require all granted
</Directory>
</VirtualHost>
user_dir =
; Directory in which the loadable extensions (modules) reside.
-extension_dir = "/usr/lib/php/extensions/no-debug-non-zts-20090626/"
+extension_dir = "/usr/lib/php/extensions/no-debug-zts-20090626/"
; Whether or not to enable the dl() function. The dl() function does NOT work
; properly in multithreaded servers, such as IIS or Zeus, and is automatically
<Directory /srv/web/phpSANE>
Options None
AllowOverride None
- Order allow,deny
- Allow from all
+ Require all granted
</Directory>
</VirtualHost>
#etc/httpd/conf/extra/httpd-ssl.conf
#etc/httpd/conf/extra/httpd-userdir.conf
#etc/httpd/conf/extra/httpd-vhosts.conf
+#etc/httpd/conf/extra/proxy-html.conf
etc/httpd/conf/global.conf
etc/httpd/conf/hostname.conf
etc/httpd/conf/httpd.conf
#etc/httpd/conf/original/extra/httpd-ssl.conf
#etc/httpd/conf/original/extra/httpd-userdir.conf
#etc/httpd/conf/original/extra/httpd-vhosts.conf
+#etc/httpd/conf/original/extra/proxy-html.conf
#etc/httpd/conf/original/httpd.conf
etc/httpd/conf/server-tuning.conf
etc/httpd/conf/ssl-global.conf
#etc/httpd/conf/vhosts.d/openmailadmin.conf
#srv/web
#srv/web/ipfire
+#srv/web/ipfire/manual/howto/access.html.es
+#srv/web/ipfire/manual/howto/auth.html.es
+#srv/web/ipfire/manual/howto/cgi.html.es
+#srv/web/ipfire/manual/howto/htaccess.html.es
+#srv/web/ipfire/manual/howto/http2.html.es
+#srv/web/ipfire/manual/howto/http2.html.fr
+#srv/web/ipfire/manual/howto/index.html.es
+#srv/web/ipfire/manual/howto/public_html.html.es
+#srv/web/ipfire/manual/mod/directive-dict.html.es
+#srv/web/ipfire/manual/mod/mod_brotli.html
+#srv/web/ipfire/manual/mod/mod_brotli.html.en
#srv/web/ipfire/cgi-bin
#srv/web/ipfire/cgi-bin/printenv
+#srv/web/ipfire/cgi-bin/printenv.vbs
+#srv/web/ipfire/cgi-bin/printenv.wsf
#srv/web/ipfire/cgi-bin/test-cgi
#srv/web/ipfire/error
#srv/web/ipfire/error/HTTP_BAD_GATEWAY.html.var
#srv/web/ipfire/icons/alert.red.png
#srv/web/ipfire/icons/apache_pb.gif
#srv/web/ipfire/icons/apache_pb.png
+#srv/web/ipfire/icons/apache_pb.svg
#srv/web/ipfire/icons/apache_pb2.gif
#srv/web/ipfire/icons/apache_pb2.png
-#srv/web/ipfire/icons/apache_pb2_ani.gif
#srv/web/ipfire/icons/back.gif
#srv/web/ipfire/icons/back.png
#srv/web/ipfire/icons/ball.gray.gif
#srv/web/ipfire/icons/link.png
#srv/web/ipfire/icons/movie.gif
#srv/web/ipfire/icons/movie.png
+#srv/web/ipfire/icons/odf6odb.png
+#srv/web/ipfire/icons/odf6odc.png
+#srv/web/ipfire/icons/odf6odf.png
+#srv/web/ipfire/icons/odf6odg.png
+#srv/web/ipfire/icons/odf6odi.png
+#srv/web/ipfire/icons/odf6odm.png
+#srv/web/ipfire/icons/odf6odp.png
+#srv/web/ipfire/icons/odf6ods.png
+#srv/web/ipfire/icons/odf6odt.png
+#srv/web/ipfire/icons/odf6otc.png
+#srv/web/ipfire/icons/odf6otf.png
+#srv/web/ipfire/icons/odf6otg.png
+#srv/web/ipfire/icons/odf6oth.png
+#srv/web/ipfire/icons/odf6oti.png
+#srv/web/ipfire/icons/odf6otp.png
+#srv/web/ipfire/icons/odf6ots.png
+#srv/web/ipfire/icons/odf6ott.png
#srv/web/ipfire/icons/p.gif
#srv/web/ipfire/icons/p.png
#srv/web/ipfire/icons/patch.gif
#srv/web/ipfire/icons/small/compressed.png
#srv/web/ipfire/icons/small/continued.gif
#srv/web/ipfire/icons/small/continued.png
-#srv/web/ipfire/icons/small/dir.gif
-#srv/web/ipfire/icons/small/dir.png
-#srv/web/ipfire/icons/small/dir2.gif
-#srv/web/ipfire/icons/small/dir2.png
#srv/web/ipfire/icons/small/doc.gif
#srv/web/ipfire/icons/small/doc.png
+#srv/web/ipfire/icons/small/folder.gif
+#srv/web/ipfire/icons/small/folder.png
+#srv/web/ipfire/icons/small/folder2.gif
+#srv/web/ipfire/icons/small/folder2.png
#srv/web/ipfire/icons/small/forward.gif
#srv/web/ipfire/icons/small/forward.png
#srv/web/ipfire/icons/small/generic.gif
#srv/web/ipfire/icons/sphere1.png
#srv/web/ipfire/icons/sphere2.gif
#srv/web/ipfire/icons/sphere2.png
+#srv/web/ipfire/icons/svg.png
#srv/web/ipfire/icons/tar.gif
#srv/web/ipfire/icons/tar.png
#srv/web/ipfire/icons/tex.gif
#srv/web/ipfire/icons/world1.png
#srv/web/ipfire/icons/world2.gif
#srv/web/ipfire/icons/world2.png
+#srv/web/ipfire/icons/xml.png
#srv/web/ipfire/manual
+#srv/web/ipfire/manual/BUILDING
#srv/web/ipfire/manual/LICENSE
#srv/web/ipfire/manual/bind.html
#srv/web/ipfire/manual/bind.html.de
#srv/web/ipfire/manual/custom-error.html
#srv/web/ipfire/manual/custom-error.html.en
#srv/web/ipfire/manual/custom-error.html.es
+#srv/web/ipfire/manual/custom-error.html.fr
#srv/web/ipfire/manual/custom-error.html.ja.utf8
#srv/web/ipfire/manual/custom-error.html.ko.euc-kr
#srv/web/ipfire/manual/custom-error.html.tr.utf8
#srv/web/ipfire/manual/developer/index.html
#srv/web/ipfire/manual/developer/index.html.en
#srv/web/ipfire/manual/developer/index.html.zh-cn.utf8
+#srv/web/ipfire/manual/developer/modguide.html
+#srv/web/ipfire/manual/developer/modguide.html.en
#srv/web/ipfire/manual/developer/modules.html
#srv/web/ipfire/manual/developer/modules.html.en
#srv/web/ipfire/manual/developer/modules.html.ja.utf8
+#srv/web/ipfire/manual/developer/new_api_2_4.html
+#srv/web/ipfire/manual/developer/new_api_2_4.html.en
+#srv/web/ipfire/manual/developer/output-filters.html
+#srv/web/ipfire/manual/developer/output-filters.html.en
#srv/web/ipfire/manual/developer/request.html
#srv/web/ipfire/manual/developer/request.html.en
#srv/web/ipfire/manual/developer/thread_safety.html
#srv/web/ipfire/manual/developer/thread_safety.html.en
#srv/web/ipfire/manual/dns-caveats.html
#srv/web/ipfire/manual/dns-caveats.html.en
+#srv/web/ipfire/manual/dns-caveats.html.fr
#srv/web/ipfire/manual/dns-caveats.html.ja.utf8
#srv/web/ipfire/manual/dns-caveats.html.ko.euc-kr
#srv/web/ipfire/manual/dns-caveats.html.tr.utf8
#srv/web/ipfire/manual/dso.html
#srv/web/ipfire/manual/dso.html.en
+#srv/web/ipfire/manual/dso.html.fr
#srv/web/ipfire/manual/dso.html.ja.utf8
#srv/web/ipfire/manual/dso.html.ko.euc-kr
#srv/web/ipfire/manual/dso.html.tr.utf8
#srv/web/ipfire/manual/env.html
#srv/web/ipfire/manual/env.html.en
+#srv/web/ipfire/manual/env.html.fr
#srv/web/ipfire/manual/env.html.ja.utf8
#srv/web/ipfire/manual/env.html.ko.euc-kr
#srv/web/ipfire/manual/env.html.tr.utf8
+#srv/web/ipfire/manual/expr.html
+#srv/web/ipfire/manual/expr.html.en
+#srv/web/ipfire/manual/expr.html.fr
#srv/web/ipfire/manual/faq
#srv/web/ipfire/manual/faq/index.html
#srv/web/ipfire/manual/faq/index.html.en
+#srv/web/ipfire/manual/faq/index.html.es
+#srv/web/ipfire/manual/faq/index.html.fr
#srv/web/ipfire/manual/faq/index.html.tr.utf8
#srv/web/ipfire/manual/faq/index.html.zh-cn.utf8
#srv/web/ipfire/manual/filter.html
#srv/web/ipfire/manual/filter.html.ja.utf8
#srv/web/ipfire/manual/filter.html.ko.euc-kr
#srv/web/ipfire/manual/filter.html.tr.utf8
+#srv/web/ipfire/manual/getting-started.html
+#srv/web/ipfire/manual/getting-started.html.en
+#srv/web/ipfire/manual/getting-started.html.fr
#srv/web/ipfire/manual/glossary.html
#srv/web/ipfire/manual/glossary.html.de
#srv/web/ipfire/manual/glossary.html.en
#srv/web/ipfire/manual/handler.html.fr
#srv/web/ipfire/manual/handler.html.ja.utf8
#srv/web/ipfire/manual/handler.html.ko.euc-kr
-#srv/web/ipfire/manual/handler.html.ru.koi8-r
#srv/web/ipfire/manual/handler.html.tr.utf8
#srv/web/ipfire/manual/handler.html.zh-cn.utf8
#srv/web/ipfire/manual/howto
#srv/web/ipfire/manual/howto/access.html
#srv/web/ipfire/manual/howto/access.html.en
+#srv/web/ipfire/manual/howto/access.html.fr
#srv/web/ipfire/manual/howto/auth.html
#srv/web/ipfire/manual/howto/auth.html.en
#srv/web/ipfire/manual/howto/auth.html.fr
#srv/web/ipfire/manual/howto/auth.html.tr.utf8
#srv/web/ipfire/manual/howto/cgi.html
#srv/web/ipfire/manual/howto/cgi.html.en
+#srv/web/ipfire/manual/howto/cgi.html.fr
#srv/web/ipfire/manual/howto/cgi.html.ja.utf8
#srv/web/ipfire/manual/howto/cgi.html.ko.euc-kr
#srv/web/ipfire/manual/howto/htaccess.html
#srv/web/ipfire/manual/howto/htaccess.html.ja.utf8
#srv/web/ipfire/manual/howto/htaccess.html.ko.euc-kr
#srv/web/ipfire/manual/howto/htaccess.html.pt-br
+#srv/web/ipfire/manual/howto/http2.html
+#srv/web/ipfire/manual/howto/http2.html.en
#srv/web/ipfire/manual/howto/index.html
#srv/web/ipfire/manual/howto/index.html.en
+#srv/web/ipfire/manual/howto/index.html.fr
#srv/web/ipfire/manual/howto/index.html.ja.utf8
#srv/web/ipfire/manual/howto/index.html.ko.euc-kr
#srv/web/ipfire/manual/howto/index.html.zh-cn.utf8
#srv/web/ipfire/manual/howto/public_html.html
#srv/web/ipfire/manual/howto/public_html.html.en
+#srv/web/ipfire/manual/howto/public_html.html.fr
#srv/web/ipfire/manual/howto/public_html.html.ja.utf8
#srv/web/ipfire/manual/howto/public_html.html.ko.euc-kr
#srv/web/ipfire/manual/howto/public_html.html.tr.utf8
+#srv/web/ipfire/manual/howto/reverse_proxy.html
+#srv/web/ipfire/manual/howto/reverse_proxy.html.en
#srv/web/ipfire/manual/howto/ssi.html
#srv/web/ipfire/manual/howto/ssi.html.en
+#srv/web/ipfire/manual/howto/ssi.html.fr
#srv/web/ipfire/manual/howto/ssi.html.ja.utf8
#srv/web/ipfire/manual/howto/ssi.html.ko.euc-kr
#srv/web/ipfire/manual/images
#srv/web/ipfire/manual/images/apache_header.gif
+#srv/web/ipfire/manual/images/bal-man-b.png
+#srv/web/ipfire/manual/images/bal-man-w.png
+#srv/web/ipfire/manual/images/bal-man.png
+#srv/web/ipfire/manual/images/build_a_mod_2.png
+#srv/web/ipfire/manual/images/build_a_mod_3.png
+#srv/web/ipfire/manual/images/build_a_mod_4.png
#srv/web/ipfire/manual/images/caching_fig1.gif
#srv/web/ipfire/manual/images/caching_fig1.png
#srv/web/ipfire/manual/images/caching_fig1.tr.png
#srv/web/ipfire/manual/images/mod_rewrite_fig2.gif
#srv/web/ipfire/manual/images/mod_rewrite_fig2.png
#srv/web/ipfire/manual/images/pixel.gif
+#srv/web/ipfire/manual/images/reverse-proxy-arch.png
#srv/web/ipfire/manual/images/rewrite_backreferences.png
+#srv/web/ipfire/manual/images/rewrite_process_uri.png
#srv/web/ipfire/manual/images/rewrite_rule_flow.png
#srv/web/ipfire/manual/images/right.gif
#srv/web/ipfire/manual/images/ssl_intro_fig1.gif
#srv/web/ipfire/manual/images/syntax_rewriterule.png
#srv/web/ipfire/manual/images/up.gif
#srv/web/ipfire/manual/index.html
+#srv/web/ipfire/manual/index.html.da
#srv/web/ipfire/manual/index.html.de
#srv/web/ipfire/manual/index.html.en
#srv/web/ipfire/manual/index.html.es
#srv/web/ipfire/manual/invoking.html.fr
#srv/web/ipfire/manual/invoking.html.ja.utf8
#srv/web/ipfire/manual/invoking.html.ko.euc-kr
-#srv/web/ipfire/manual/invoking.html.ru.koi8-r
#srv/web/ipfire/manual/invoking.html.tr.utf8
#srv/web/ipfire/manual/license.html
#srv/web/ipfire/manual/license.html.en
#srv/web/ipfire/manual/misc
#srv/web/ipfire/manual/misc/index.html
#srv/web/ipfire/manual/misc/index.html.en
+#srv/web/ipfire/manual/misc/index.html.fr
#srv/web/ipfire/manual/misc/index.html.ko.euc-kr
#srv/web/ipfire/manual/misc/index.html.tr.utf8
#srv/web/ipfire/manual/misc/index.html.zh-cn.utf8
#srv/web/ipfire/manual/misc/password_encryptions.html
#srv/web/ipfire/manual/misc/password_encryptions.html.en
+#srv/web/ipfire/manual/misc/password_encryptions.html.fr
#srv/web/ipfire/manual/misc/perf-tuning.html
#srv/web/ipfire/manual/misc/perf-tuning.html.en
+#srv/web/ipfire/manual/misc/perf-tuning.html.fr
#srv/web/ipfire/manual/misc/perf-tuning.html.ko.euc-kr
#srv/web/ipfire/manual/misc/perf-tuning.html.tr.utf8
#srv/web/ipfire/manual/misc/relevant_standards.html
#srv/web/ipfire/manual/misc/relevant_standards.html.en
+#srv/web/ipfire/manual/misc/relevant_standards.html.fr
#srv/web/ipfire/manual/misc/relevant_standards.html.ko.euc-kr
-#srv/web/ipfire/manual/misc/rewriteguide.html
-#srv/web/ipfire/manual/misc/rewriteguide.html.en
-#srv/web/ipfire/manual/misc/rewriteguide.html.ko.euc-kr
#srv/web/ipfire/manual/misc/security_tips.html
#srv/web/ipfire/manual/misc/security_tips.html.en
+#srv/web/ipfire/manual/misc/security_tips.html.fr
#srv/web/ipfire/manual/misc/security_tips.html.ko.euc-kr
#srv/web/ipfire/manual/misc/security_tips.html.tr.utf8
#srv/web/ipfire/manual/mod
-#srv/web/ipfire/manual/mod/beos.html
-#srv/web/ipfire/manual/mod/beos.html.de
-#srv/web/ipfire/manual/mod/beos.html.en
-#srv/web/ipfire/manual/mod/beos.html.es
-#srv/web/ipfire/manual/mod/beos.html.ko.euc-kr
#srv/web/ipfire/manual/mod/core.html
#srv/web/ipfire/manual/mod/core.html.de
#srv/web/ipfire/manual/mod/core.html.en
+#srv/web/ipfire/manual/mod/core.html.es
#srv/web/ipfire/manual/mod/core.html.fr
#srv/web/ipfire/manual/mod/core.html.ja.utf8
#srv/web/ipfire/manual/mod/core.html.tr.utf8
#srv/web/ipfire/manual/mod/directive-dict.html
#srv/web/ipfire/manual/mod/directive-dict.html.en
+#srv/web/ipfire/manual/mod/directive-dict.html.fr
#srv/web/ipfire/manual/mod/directive-dict.html.ja.utf8
#srv/web/ipfire/manual/mod/directive-dict.html.ko.euc-kr
#srv/web/ipfire/manual/mod/directive-dict.html.tr.utf8
#srv/web/ipfire/manual/mod/directives.html.de
#srv/web/ipfire/manual/mod/directives.html.en
#srv/web/ipfire/manual/mod/directives.html.es
+#srv/web/ipfire/manual/mod/directives.html.fr
#srv/web/ipfire/manual/mod/directives.html.ja.utf8
#srv/web/ipfire/manual/mod/directives.html.ko.euc-kr
-#srv/web/ipfire/manual/mod/directives.html.ru.koi8-r
#srv/web/ipfire/manual/mod/directives.html.tr.utf8
#srv/web/ipfire/manual/mod/directives.html.zh-cn.utf8
#srv/web/ipfire/manual/mod/event.html
#srv/web/ipfire/manual/mod/event.html.en
+#srv/web/ipfire/manual/mod/event.html.fr
#srv/web/ipfire/manual/mod/index.html
#srv/web/ipfire/manual/mod/index.html.de
#srv/web/ipfire/manual/mod/index.html.en
#srv/web/ipfire/manual/mod/index.html.es
+#srv/web/ipfire/manual/mod/index.html.fr
#srv/web/ipfire/manual/mod/index.html.ja.utf8
#srv/web/ipfire/manual/mod/index.html.ko.euc-kr
#srv/web/ipfire/manual/mod/index.html.tr.utf8
#srv/web/ipfire/manual/mod/index.html.zh-cn.utf8
+#srv/web/ipfire/manual/mod/mod_access_compat.html
+#srv/web/ipfire/manual/mod/mod_access_compat.html.en
+#srv/web/ipfire/manual/mod/mod_access_compat.html.fr
+#srv/web/ipfire/manual/mod/mod_access_compat.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_actions.html
#srv/web/ipfire/manual/mod/mod_actions.html.de
#srv/web/ipfire/manual/mod/mod_actions.html.en
+#srv/web/ipfire/manual/mod/mod_actions.html.fr
#srv/web/ipfire/manual/mod/mod_actions.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_actions.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_alias.html
#srv/web/ipfire/manual/mod/mod_alias.html.en
+#srv/web/ipfire/manual/mod/mod_alias.html.fr
#srv/web/ipfire/manual/mod/mod_alias.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_alias.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_alias.html.tr.utf8
+#srv/web/ipfire/manual/mod/mod_allowmethods.html
+#srv/web/ipfire/manual/mod/mod_allowmethods.html.en
+#srv/web/ipfire/manual/mod/mod_allowmethods.html.fr
#srv/web/ipfire/manual/mod/mod_asis.html
#srv/web/ipfire/manual/mod/mod_asis.html.en
+#srv/web/ipfire/manual/mod/mod_asis.html.fr
#srv/web/ipfire/manual/mod/mod_asis.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_asis.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_auth_basic.html
#srv/web/ipfire/manual/mod/mod_auth_digest.html.en
#srv/web/ipfire/manual/mod/mod_auth_digest.html.fr
#srv/web/ipfire/manual/mod/mod_auth_digest.html.ko.euc-kr
-#srv/web/ipfire/manual/mod/mod_authn_alias.html
-#srv/web/ipfire/manual/mod/mod_authn_alias.html.en
-#srv/web/ipfire/manual/mod/mod_authn_alias.html.fr
+#srv/web/ipfire/manual/mod/mod_auth_form.html
+#srv/web/ipfire/manual/mod/mod_auth_form.html.en
+#srv/web/ipfire/manual/mod/mod_auth_form.html.fr
#srv/web/ipfire/manual/mod/mod_authn_anon.html
#srv/web/ipfire/manual/mod/mod_authn_anon.html.en
+#srv/web/ipfire/manual/mod/mod_authn_anon.html.fr
#srv/web/ipfire/manual/mod/mod_authn_anon.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_authn_anon.html.ko.euc-kr
+#srv/web/ipfire/manual/mod/mod_authn_core.html
+#srv/web/ipfire/manual/mod/mod_authn_core.html.en
+#srv/web/ipfire/manual/mod/mod_authn_core.html.fr
#srv/web/ipfire/manual/mod/mod_authn_dbd.html
#srv/web/ipfire/manual/mod/mod_authn_dbd.html.en
+#srv/web/ipfire/manual/mod/mod_authn_dbd.html.fr
#srv/web/ipfire/manual/mod/mod_authn_dbm.html
#srv/web/ipfire/manual/mod/mod_authn_dbm.html.en
+#srv/web/ipfire/manual/mod/mod_authn_dbm.html.fr
#srv/web/ipfire/manual/mod/mod_authn_dbm.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_authn_dbm.html.ko.euc-kr
-#srv/web/ipfire/manual/mod/mod_authn_default.html
-#srv/web/ipfire/manual/mod/mod_authn_default.html.en
-#srv/web/ipfire/manual/mod/mod_authn_default.html.ja.utf8
-#srv/web/ipfire/manual/mod/mod_authn_default.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_authn_file.html
#srv/web/ipfire/manual/mod/mod_authn_file.html.en
#srv/web/ipfire/manual/mod/mod_authn_file.html.fr
#srv/web/ipfire/manual/mod/mod_authn_file.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_authn_file.html.ko.euc-kr
+#srv/web/ipfire/manual/mod/mod_authn_socache.html
+#srv/web/ipfire/manual/mod/mod_authn_socache.html.en
+#srv/web/ipfire/manual/mod/mod_authn_socache.html.fr
+#srv/web/ipfire/manual/mod/mod_authnz_fcgi.html
+#srv/web/ipfire/manual/mod/mod_authnz_fcgi.html.en
#srv/web/ipfire/manual/mod/mod_authnz_ldap.html
#srv/web/ipfire/manual/mod/mod_authnz_ldap.html.en
#srv/web/ipfire/manual/mod/mod_authnz_ldap.html.fr
+#srv/web/ipfire/manual/mod/mod_authz_core.html
+#srv/web/ipfire/manual/mod/mod_authz_core.html.en
+#srv/web/ipfire/manual/mod/mod_authz_core.html.fr
+#srv/web/ipfire/manual/mod/mod_authz_dbd.html
+#srv/web/ipfire/manual/mod/mod_authz_dbd.html.en
+#srv/web/ipfire/manual/mod/mod_authz_dbd.html.fr
#srv/web/ipfire/manual/mod/mod_authz_dbm.html
#srv/web/ipfire/manual/mod/mod_authz_dbm.html.en
+#srv/web/ipfire/manual/mod/mod_authz_dbm.html.fr
#srv/web/ipfire/manual/mod/mod_authz_dbm.html.ko.euc-kr
-#srv/web/ipfire/manual/mod/mod_authz_default.html
-#srv/web/ipfire/manual/mod/mod_authz_default.html.en
-#srv/web/ipfire/manual/mod/mod_authz_default.html.ja.utf8
-#srv/web/ipfire/manual/mod/mod_authz_default.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_authz_groupfile.html
#srv/web/ipfire/manual/mod/mod_authz_groupfile.html.en
+#srv/web/ipfire/manual/mod/mod_authz_groupfile.html.fr
#srv/web/ipfire/manual/mod/mod_authz_groupfile.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_authz_groupfile.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_authz_host.html
#srv/web/ipfire/manual/mod/mod_authz_host.html.en
#srv/web/ipfire/manual/mod/mod_authz_host.html.fr
-#srv/web/ipfire/manual/mod/mod_authz_host.html.ja.utf8
-#srv/web/ipfire/manual/mod/mod_authz_host.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_authz_owner.html
#srv/web/ipfire/manual/mod/mod_authz_owner.html.en
+#srv/web/ipfire/manual/mod/mod_authz_owner.html.fr
#srv/web/ipfire/manual/mod/mod_authz_owner.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_authz_owner.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_authz_user.html
#srv/web/ipfire/manual/mod/mod_authz_user.html.en
+#srv/web/ipfire/manual/mod/mod_authz_user.html.fr
#srv/web/ipfire/manual/mod/mod_authz_user.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_authz_user.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_autoindex.html
#srv/web/ipfire/manual/mod/mod_autoindex.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_autoindex.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_autoindex.html.tr.utf8
+#srv/web/ipfire/manual/mod/mod_buffer.html
+#srv/web/ipfire/manual/mod/mod_buffer.html.en
+#srv/web/ipfire/manual/mod/mod_buffer.html.fr
#srv/web/ipfire/manual/mod/mod_cache.html
#srv/web/ipfire/manual/mod/mod_cache.html.en
+#srv/web/ipfire/manual/mod/mod_cache.html.fr
#srv/web/ipfire/manual/mod/mod_cache.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_cache.html.ko.euc-kr
+#srv/web/ipfire/manual/mod/mod_cache_disk.html
+#srv/web/ipfire/manual/mod/mod_cache_disk.html.en
+#srv/web/ipfire/manual/mod/mod_cache_disk.html.fr
+#srv/web/ipfire/manual/mod/mod_cache_disk.html.ja.utf8
+#srv/web/ipfire/manual/mod/mod_cache_disk.html.ko.euc-kr
+#srv/web/ipfire/manual/mod/mod_cache_socache.html
+#srv/web/ipfire/manual/mod/mod_cache_socache.html.en
+#srv/web/ipfire/manual/mod/mod_cache_socache.html.fr
#srv/web/ipfire/manual/mod/mod_cern_meta.html
#srv/web/ipfire/manual/mod/mod_cern_meta.html.en
+#srv/web/ipfire/manual/mod/mod_cern_meta.html.fr
#srv/web/ipfire/manual/mod/mod_cern_meta.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_cgi.html
#srv/web/ipfire/manual/mod/mod_cgi.html.en
+#srv/web/ipfire/manual/mod/mod_cgi.html.fr
#srv/web/ipfire/manual/mod/mod_cgi.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_cgi.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_cgid.html
#srv/web/ipfire/manual/mod/mod_cgid.html.en
+#srv/web/ipfire/manual/mod/mod_cgid.html.fr
#srv/web/ipfire/manual/mod/mod_cgid.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_cgid.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_charset_lite.html
#srv/web/ipfire/manual/mod/mod_charset_lite.html.en
+#srv/web/ipfire/manual/mod/mod_charset_lite.html.fr
#srv/web/ipfire/manual/mod/mod_charset_lite.html.ko.euc-kr
+#srv/web/ipfire/manual/mod/mod_data.html
+#srv/web/ipfire/manual/mod/mod_data.html.en
+#srv/web/ipfire/manual/mod/mod_data.html.fr
#srv/web/ipfire/manual/mod/mod_dav.html
#srv/web/ipfire/manual/mod/mod_dav.html.en
+#srv/web/ipfire/manual/mod/mod_dav.html.fr
#srv/web/ipfire/manual/mod/mod_dav.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_dav.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_dav_fs.html
#srv/web/ipfire/manual/mod/mod_dav_fs.html.en
+#srv/web/ipfire/manual/mod/mod_dav_fs.html.fr
#srv/web/ipfire/manual/mod/mod_dav_fs.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_dav_fs.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_dav_lock.html
#srv/web/ipfire/manual/mod/mod_dav_lock.html.en
+#srv/web/ipfire/manual/mod/mod_dav_lock.html.fr
#srv/web/ipfire/manual/mod/mod_dav_lock.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_dbd.html
#srv/web/ipfire/manual/mod/mod_dbd.html.en
+#srv/web/ipfire/manual/mod/mod_dbd.html.fr
#srv/web/ipfire/manual/mod/mod_deflate.html
#srv/web/ipfire/manual/mod/mod_deflate.html.en
+#srv/web/ipfire/manual/mod/mod_deflate.html.fr
#srv/web/ipfire/manual/mod/mod_deflate.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_deflate.html.ko.euc-kr
+#srv/web/ipfire/manual/mod/mod_dialup.html
+#srv/web/ipfire/manual/mod/mod_dialup.html.en
+#srv/web/ipfire/manual/mod/mod_dialup.html.fr
#srv/web/ipfire/manual/mod/mod_dir.html
#srv/web/ipfire/manual/mod/mod_dir.html.en
+#srv/web/ipfire/manual/mod/mod_dir.html.fr
#srv/web/ipfire/manual/mod/mod_dir.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_dir.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_dir.html.tr.utf8
-#srv/web/ipfire/manual/mod/mod_disk_cache.html
-#srv/web/ipfire/manual/mod/mod_disk_cache.html.en
-#srv/web/ipfire/manual/mod/mod_disk_cache.html.ja.utf8
-#srv/web/ipfire/manual/mod/mod_disk_cache.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_dumpio.html
#srv/web/ipfire/manual/mod/mod_dumpio.html.en
+#srv/web/ipfire/manual/mod/mod_dumpio.html.fr
#srv/web/ipfire/manual/mod/mod_dumpio.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_echo.html
#srv/web/ipfire/manual/mod/mod_echo.html.en
+#srv/web/ipfire/manual/mod/mod_echo.html.fr
#srv/web/ipfire/manual/mod/mod_echo.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_echo.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_env.html
#srv/web/ipfire/manual/mod/mod_env.html.en
+#srv/web/ipfire/manual/mod/mod_env.html.fr
#srv/web/ipfire/manual/mod/mod_env.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_env.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_env.html.tr.utf8
-#srv/web/ipfire/manual/mod/mod_example.html
-#srv/web/ipfire/manual/mod/mod_example.html.en
-#srv/web/ipfire/manual/mod/mod_example.html.ko.euc-kr
+#srv/web/ipfire/manual/mod/mod_example_hooks.html
+#srv/web/ipfire/manual/mod/mod_example_hooks.html.en
+#srv/web/ipfire/manual/mod/mod_example_hooks.html.fr
+#srv/web/ipfire/manual/mod/mod_example_hooks.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_expires.html
#srv/web/ipfire/manual/mod/mod_expires.html.en
+#srv/web/ipfire/manual/mod/mod_expires.html.fr
#srv/web/ipfire/manual/mod/mod_expires.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_expires.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_ext_filter.html
#srv/web/ipfire/manual/mod/mod_ext_filter.html.en
+#srv/web/ipfire/manual/mod/mod_ext_filter.html.fr
#srv/web/ipfire/manual/mod/mod_ext_filter.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_ext_filter.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_file_cache.html
#srv/web/ipfire/manual/mod/mod_file_cache.html.en
+#srv/web/ipfire/manual/mod/mod_file_cache.html.fr
#srv/web/ipfire/manual/mod/mod_file_cache.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_filter.html
#srv/web/ipfire/manual/mod/mod_filter.html.en
+#srv/web/ipfire/manual/mod/mod_filter.html.fr
#srv/web/ipfire/manual/mod/mod_headers.html
#srv/web/ipfire/manual/mod/mod_headers.html.en
+#srv/web/ipfire/manual/mod/mod_headers.html.fr
#srv/web/ipfire/manual/mod/mod_headers.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_headers.html.ko.euc-kr
+#srv/web/ipfire/manual/mod/mod_heartbeat.html
+#srv/web/ipfire/manual/mod/mod_heartbeat.html.en
+#srv/web/ipfire/manual/mod/mod_heartbeat.html.fr
+#srv/web/ipfire/manual/mod/mod_heartmonitor.html
+#srv/web/ipfire/manual/mod/mod_heartmonitor.html.en
+#srv/web/ipfire/manual/mod/mod_heartmonitor.html.fr
+#srv/web/ipfire/manual/mod/mod_http2.html
+#srv/web/ipfire/manual/mod/mod_http2.html.en
#srv/web/ipfire/manual/mod/mod_ident.html
#srv/web/ipfire/manual/mod/mod_ident.html.en
+#srv/web/ipfire/manual/mod/mod_ident.html.fr
#srv/web/ipfire/manual/mod/mod_ident.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_ident.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_imagemap.html
#srv/web/ipfire/manual/mod/mod_imagemap.html.en
+#srv/web/ipfire/manual/mod/mod_imagemap.html.fr
#srv/web/ipfire/manual/mod/mod_imagemap.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_include.html
#srv/web/ipfire/manual/mod/mod_include.html.en
+#srv/web/ipfire/manual/mod/mod_include.html.fr
#srv/web/ipfire/manual/mod/mod_include.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_info.html
#srv/web/ipfire/manual/mod/mod_info.html.en
+#srv/web/ipfire/manual/mod/mod_info.html.fr
#srv/web/ipfire/manual/mod/mod_info.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_info.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_isapi.html
#srv/web/ipfire/manual/mod/mod_isapi.html.en
+#srv/web/ipfire/manual/mod/mod_isapi.html.fr
#srv/web/ipfire/manual/mod/mod_isapi.html.ko.euc-kr
+#srv/web/ipfire/manual/mod/mod_lbmethod_bybusyness.html
+#srv/web/ipfire/manual/mod/mod_lbmethod_bybusyness.html.en
+#srv/web/ipfire/manual/mod/mod_lbmethod_bybusyness.html.fr
+#srv/web/ipfire/manual/mod/mod_lbmethod_byrequests.html
+#srv/web/ipfire/manual/mod/mod_lbmethod_byrequests.html.en
+#srv/web/ipfire/manual/mod/mod_lbmethod_byrequests.html.fr
+#srv/web/ipfire/manual/mod/mod_lbmethod_bytraffic.html
+#srv/web/ipfire/manual/mod/mod_lbmethod_bytraffic.html.en
+#srv/web/ipfire/manual/mod/mod_lbmethod_bytraffic.html.fr
+#srv/web/ipfire/manual/mod/mod_lbmethod_heartbeat.html
+#srv/web/ipfire/manual/mod/mod_lbmethod_heartbeat.html.en
+#srv/web/ipfire/manual/mod/mod_lbmethod_heartbeat.html.fr
#srv/web/ipfire/manual/mod/mod_ldap.html
#srv/web/ipfire/manual/mod/mod_ldap.html.en
+#srv/web/ipfire/manual/mod/mod_ldap.html.fr
#srv/web/ipfire/manual/mod/mod_log_config.html
#srv/web/ipfire/manual/mod/mod_log_config.html.en
+#srv/web/ipfire/manual/mod/mod_log_config.html.fr
#srv/web/ipfire/manual/mod/mod_log_config.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_log_config.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_log_config.html.tr.utf8
+#srv/web/ipfire/manual/mod/mod_log_debug.html
+#srv/web/ipfire/manual/mod/mod_log_debug.html.en
+#srv/web/ipfire/manual/mod/mod_log_debug.html.fr
#srv/web/ipfire/manual/mod/mod_log_forensic.html
#srv/web/ipfire/manual/mod/mod_log_forensic.html.en
+#srv/web/ipfire/manual/mod/mod_log_forensic.html.fr
#srv/web/ipfire/manual/mod/mod_log_forensic.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_log_forensic.html.tr.utf8
#srv/web/ipfire/manual/mod/mod_logio.html
#srv/web/ipfire/manual/mod/mod_logio.html.en
+#srv/web/ipfire/manual/mod/mod_logio.html.fr
#srv/web/ipfire/manual/mod/mod_logio.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_logio.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_logio.html.tr.utf8
-#srv/web/ipfire/manual/mod/mod_mem_cache.html
-#srv/web/ipfire/manual/mod/mod_mem_cache.html.en
-#srv/web/ipfire/manual/mod/mod_mem_cache.html.ja.utf8
-#srv/web/ipfire/manual/mod/mod_mem_cache.html.ko.euc-kr
+#srv/web/ipfire/manual/mod/mod_lua.html
+#srv/web/ipfire/manual/mod/mod_lua.html.en
+#srv/web/ipfire/manual/mod/mod_lua.html.fr
+#srv/web/ipfire/manual/mod/mod_macro.html
+#srv/web/ipfire/manual/mod/mod_macro.html.en
+#srv/web/ipfire/manual/mod/mod_macro.html.fr
#srv/web/ipfire/manual/mod/mod_mime.html
#srv/web/ipfire/manual/mod/mod_mime.html.en
+#srv/web/ipfire/manual/mod/mod_mime.html.fr
#srv/web/ipfire/manual/mod/mod_mime.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_mime_magic.html
#srv/web/ipfire/manual/mod/mod_mime_magic.html.en
+#srv/web/ipfire/manual/mod/mod_mime_magic.html.fr
#srv/web/ipfire/manual/mod/mod_negotiation.html
#srv/web/ipfire/manual/mod/mod_negotiation.html.en
+#srv/web/ipfire/manual/mod/mod_negotiation.html.fr
#srv/web/ipfire/manual/mod/mod_negotiation.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_nw_ssl.html
#srv/web/ipfire/manual/mod/mod_nw_ssl.html.en
+#srv/web/ipfire/manual/mod/mod_nw_ssl.html.fr
+#srv/web/ipfire/manual/mod/mod_privileges.html
+#srv/web/ipfire/manual/mod/mod_privileges.html.en
+#srv/web/ipfire/manual/mod/mod_privileges.html.fr
#srv/web/ipfire/manual/mod/mod_proxy.html
#srv/web/ipfire/manual/mod/mod_proxy.html.en
#srv/web/ipfire/manual/mod/mod_proxy.html.fr
#srv/web/ipfire/manual/mod/mod_proxy.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_proxy_ajp.html
#srv/web/ipfire/manual/mod/mod_proxy_ajp.html.en
+#srv/web/ipfire/manual/mod/mod_proxy_ajp.html.fr
#srv/web/ipfire/manual/mod/mod_proxy_ajp.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_proxy_balancer.html
#srv/web/ipfire/manual/mod/mod_proxy_balancer.html.en
+#srv/web/ipfire/manual/mod/mod_proxy_balancer.html.fr
#srv/web/ipfire/manual/mod/mod_proxy_balancer.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_proxy_connect.html
#srv/web/ipfire/manual/mod/mod_proxy_connect.html.en
+#srv/web/ipfire/manual/mod/mod_proxy_connect.html.fr
#srv/web/ipfire/manual/mod/mod_proxy_connect.html.ja.utf8
+#srv/web/ipfire/manual/mod/mod_proxy_express.html
+#srv/web/ipfire/manual/mod/mod_proxy_express.html.en
+#srv/web/ipfire/manual/mod/mod_proxy_express.html.fr
+#srv/web/ipfire/manual/mod/mod_proxy_fcgi.html
+#srv/web/ipfire/manual/mod/mod_proxy_fcgi.html.en
+#srv/web/ipfire/manual/mod/mod_proxy_fcgi.html.fr
+#srv/web/ipfire/manual/mod/mod_proxy_fdpass.html
+#srv/web/ipfire/manual/mod/mod_proxy_fdpass.html.en
+#srv/web/ipfire/manual/mod/mod_proxy_fdpass.html.fr
#srv/web/ipfire/manual/mod/mod_proxy_ftp.html
#srv/web/ipfire/manual/mod/mod_proxy_ftp.html.en
-#srv/web/ipfire/manual/mod/mod_proxy_ftp.html.ja.utf8
+#srv/web/ipfire/manual/mod/mod_proxy_ftp.html.fr
+#srv/web/ipfire/manual/mod/mod_proxy_hcheck.html
+#srv/web/ipfire/manual/mod/mod_proxy_hcheck.html.en
+#srv/web/ipfire/manual/mod/mod_proxy_html.html
+#srv/web/ipfire/manual/mod/mod_proxy_html.html.en
+#srv/web/ipfire/manual/mod/mod_proxy_html.html.fr
#srv/web/ipfire/manual/mod/mod_proxy_http.html
#srv/web/ipfire/manual/mod/mod_proxy_http.html.en
#srv/web/ipfire/manual/mod/mod_proxy_http.html.fr
-#srv/web/ipfire/manual/mod/mod_proxy_http.html.ja.utf8
+#srv/web/ipfire/manual/mod/mod_proxy_http2.html
+#srv/web/ipfire/manual/mod/mod_proxy_http2.html.en
#srv/web/ipfire/manual/mod/mod_proxy_scgi.html
#srv/web/ipfire/manual/mod/mod_proxy_scgi.html.en
-#srv/web/ipfire/manual/mod/mod_proxy_scgi.html.ja.utf8
+#srv/web/ipfire/manual/mod/mod_proxy_scgi.html.fr
+#srv/web/ipfire/manual/mod/mod_proxy_wstunnel.html
+#srv/web/ipfire/manual/mod/mod_proxy_wstunnel.html.en
+#srv/web/ipfire/manual/mod/mod_ratelimit.html
+#srv/web/ipfire/manual/mod/mod_ratelimit.html.en
+#srv/web/ipfire/manual/mod/mod_ratelimit.html.fr
+#srv/web/ipfire/manual/mod/mod_reflector.html
+#srv/web/ipfire/manual/mod/mod_reflector.html.en
+#srv/web/ipfire/manual/mod/mod_reflector.html.fr
+#srv/web/ipfire/manual/mod/mod_remoteip.html
+#srv/web/ipfire/manual/mod/mod_remoteip.html.en
+#srv/web/ipfire/manual/mod/mod_remoteip.html.fr
#srv/web/ipfire/manual/mod/mod_reqtimeout.html
#srv/web/ipfire/manual/mod/mod_reqtimeout.html.en
+#srv/web/ipfire/manual/mod/mod_reqtimeout.html.fr
+#srv/web/ipfire/manual/mod/mod_request.html
+#srv/web/ipfire/manual/mod/mod_request.html.en
+#srv/web/ipfire/manual/mod/mod_request.html.fr
+#srv/web/ipfire/manual/mod/mod_request.html.tr.utf8
#srv/web/ipfire/manual/mod/mod_rewrite.html
#srv/web/ipfire/manual/mod/mod_rewrite.html.en
#srv/web/ipfire/manual/mod/mod_rewrite.html.fr
+#srv/web/ipfire/manual/mod/mod_sed.html
+#srv/web/ipfire/manual/mod/mod_sed.html.en
+#srv/web/ipfire/manual/mod/mod_sed.html.fr
+#srv/web/ipfire/manual/mod/mod_session.html
+#srv/web/ipfire/manual/mod/mod_session.html.en
+#srv/web/ipfire/manual/mod/mod_session.html.fr
+#srv/web/ipfire/manual/mod/mod_session_cookie.html
+#srv/web/ipfire/manual/mod/mod_session_cookie.html.en
+#srv/web/ipfire/manual/mod/mod_session_cookie.html.fr
+#srv/web/ipfire/manual/mod/mod_session_crypto.html
+#srv/web/ipfire/manual/mod/mod_session_crypto.html.en
+#srv/web/ipfire/manual/mod/mod_session_crypto.html.fr
+#srv/web/ipfire/manual/mod/mod_session_dbd.html
+#srv/web/ipfire/manual/mod/mod_session_dbd.html.en
+#srv/web/ipfire/manual/mod/mod_session_dbd.html.fr
#srv/web/ipfire/manual/mod/mod_setenvif.html
#srv/web/ipfire/manual/mod/mod_setenvif.html.en
+#srv/web/ipfire/manual/mod/mod_setenvif.html.fr
#srv/web/ipfire/manual/mod/mod_setenvif.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_setenvif.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_setenvif.html.tr.utf8
+#srv/web/ipfire/manual/mod/mod_slotmem_plain.html
+#srv/web/ipfire/manual/mod/mod_slotmem_plain.html.en
+#srv/web/ipfire/manual/mod/mod_slotmem_plain.html.fr
+#srv/web/ipfire/manual/mod/mod_slotmem_shm.html
+#srv/web/ipfire/manual/mod/mod_slotmem_shm.html.en
+#srv/web/ipfire/manual/mod/mod_slotmem_shm.html.fr
#srv/web/ipfire/manual/mod/mod_so.html
#srv/web/ipfire/manual/mod/mod_so.html.en
+#srv/web/ipfire/manual/mod/mod_so.html.fr
#srv/web/ipfire/manual/mod/mod_so.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_so.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_so.html.tr.utf8
+#srv/web/ipfire/manual/mod/mod_socache_dbm.html
+#srv/web/ipfire/manual/mod/mod_socache_dbm.html.en
+#srv/web/ipfire/manual/mod/mod_socache_dbm.html.fr
+#srv/web/ipfire/manual/mod/mod_socache_dc.html
+#srv/web/ipfire/manual/mod/mod_socache_dc.html.en
+#srv/web/ipfire/manual/mod/mod_socache_dc.html.fr
+#srv/web/ipfire/manual/mod/mod_socache_memcache.html
+#srv/web/ipfire/manual/mod/mod_socache_memcache.html.en
+#srv/web/ipfire/manual/mod/mod_socache_memcache.html.fr
+#srv/web/ipfire/manual/mod/mod_socache_shmcb.html
+#srv/web/ipfire/manual/mod/mod_socache_shmcb.html.en
+#srv/web/ipfire/manual/mod/mod_socache_shmcb.html.fr
#srv/web/ipfire/manual/mod/mod_speling.html
#srv/web/ipfire/manual/mod/mod_speling.html.en
+#srv/web/ipfire/manual/mod/mod_speling.html.fr
#srv/web/ipfire/manual/mod/mod_speling.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_speling.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_ssl.html
#srv/web/ipfire/manual/mod/mod_ssl.html.en
+#srv/web/ipfire/manual/mod/mod_ssl.html.fr
#srv/web/ipfire/manual/mod/mod_status.html
#srv/web/ipfire/manual/mod/mod_status.html.en
+#srv/web/ipfire/manual/mod/mod_status.html.fr
#srv/web/ipfire/manual/mod/mod_status.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_status.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_status.html.tr.utf8
#srv/web/ipfire/manual/mod/mod_substitute.html
#srv/web/ipfire/manual/mod/mod_substitute.html.en
+#srv/web/ipfire/manual/mod/mod_substitute.html.fr
#srv/web/ipfire/manual/mod/mod_suexec.html
#srv/web/ipfire/manual/mod/mod_suexec.html.en
#srv/web/ipfire/manual/mod/mod_suexec.html.fr
#srv/web/ipfire/manual/mod/mod_suexec.html.tr.utf8
#srv/web/ipfire/manual/mod/mod_unique_id.html
#srv/web/ipfire/manual/mod/mod_unique_id.html.en
+#srv/web/ipfire/manual/mod/mod_unique_id.html.fr
#srv/web/ipfire/manual/mod/mod_unique_id.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_unique_id.html.ko.euc-kr
+#srv/web/ipfire/manual/mod/mod_unixd.html
+#srv/web/ipfire/manual/mod/mod_unixd.html.en
+#srv/web/ipfire/manual/mod/mod_unixd.html.fr
+#srv/web/ipfire/manual/mod/mod_unixd.html.tr.utf8
#srv/web/ipfire/manual/mod/mod_userdir.html
#srv/web/ipfire/manual/mod/mod_userdir.html.en
+#srv/web/ipfire/manual/mod/mod_userdir.html.fr
#srv/web/ipfire/manual/mod/mod_userdir.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_userdir.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_userdir.html.tr.utf8
#srv/web/ipfire/manual/mod/mod_usertrack.html
#srv/web/ipfire/manual/mod/mod_usertrack.html.en
+#srv/web/ipfire/manual/mod/mod_usertrack.html.fr
#srv/web/ipfire/manual/mod/mod_version.html
#srv/web/ipfire/manual/mod/mod_version.html.en
#srv/web/ipfire/manual/mod/mod_version.html.ja.utf8
#srv/web/ipfire/manual/mod/mod_version.html.ko.euc-kr
#srv/web/ipfire/manual/mod/mod_vhost_alias.html
#srv/web/ipfire/manual/mod/mod_vhost_alias.html.en
+#srv/web/ipfire/manual/mod/mod_vhost_alias.html.fr
#srv/web/ipfire/manual/mod/mod_vhost_alias.html.tr.utf8
+#srv/web/ipfire/manual/mod/mod_watchdog.html
+#srv/web/ipfire/manual/mod/mod_watchdog.html.en
+#srv/web/ipfire/manual/mod/mod_xml2enc.html
+#srv/web/ipfire/manual/mod/mod_xml2enc.html.en
+#srv/web/ipfire/manual/mod/mod_xml2enc.html.fr
#srv/web/ipfire/manual/mod/module-dict.html
#srv/web/ipfire/manual/mod/module-dict.html.en
+#srv/web/ipfire/manual/mod/module-dict.html.fr
#srv/web/ipfire/manual/mod/module-dict.html.ja.utf8
#srv/web/ipfire/manual/mod/module-dict.html.ko.euc-kr
#srv/web/ipfire/manual/mod/module-dict.html.tr.utf8
#srv/web/ipfire/manual/mod/mpm_common.html
#srv/web/ipfire/manual/mod/mpm_common.html.de
#srv/web/ipfire/manual/mod/mpm_common.html.en
+#srv/web/ipfire/manual/mod/mpm_common.html.fr
#srv/web/ipfire/manual/mod/mpm_common.html.ja.utf8
#srv/web/ipfire/manual/mod/mpm_common.html.tr.utf8
#srv/web/ipfire/manual/mod/mpm_netware.html
#srv/web/ipfire/manual/mod/mpm_netware.html.en
+#srv/web/ipfire/manual/mod/mpm_netware.html.fr
#srv/web/ipfire/manual/mod/mpm_winnt.html
#srv/web/ipfire/manual/mod/mpm_winnt.html.de
#srv/web/ipfire/manual/mod/mpm_winnt.html.en
+#srv/web/ipfire/manual/mod/mpm_winnt.html.fr
#srv/web/ipfire/manual/mod/mpm_winnt.html.ja.utf8
#srv/web/ipfire/manual/mod/mpmt_os2.html
#srv/web/ipfire/manual/mod/mpmt_os2.html.en
+#srv/web/ipfire/manual/mod/mpmt_os2.html.fr
#srv/web/ipfire/manual/mod/prefork.html
#srv/web/ipfire/manual/mod/prefork.html.de
#srv/web/ipfire/manual/mod/prefork.html.en
+#srv/web/ipfire/manual/mod/prefork.html.fr
#srv/web/ipfire/manual/mod/prefork.html.ja.utf8
#srv/web/ipfire/manual/mod/prefork.html.tr.utf8
#srv/web/ipfire/manual/mod/quickreference.html
#srv/web/ipfire/manual/mod/quickreference.html.de
#srv/web/ipfire/manual/mod/quickreference.html.en
#srv/web/ipfire/manual/mod/quickreference.html.es
+#srv/web/ipfire/manual/mod/quickreference.html.fr
#srv/web/ipfire/manual/mod/quickreference.html.ja.utf8
#srv/web/ipfire/manual/mod/quickreference.html.ko.euc-kr
-#srv/web/ipfire/manual/mod/quickreference.html.ru.koi8-r
#srv/web/ipfire/manual/mod/quickreference.html.tr.utf8
#srv/web/ipfire/manual/mod/quickreference.html.zh-cn.utf8
#srv/web/ipfire/manual/mod/worker.html
#srv/web/ipfire/manual/mod/worker.html.de
#srv/web/ipfire/manual/mod/worker.html.en
+#srv/web/ipfire/manual/mod/worker.html.fr
#srv/web/ipfire/manual/mod/worker.html.ja.utf8
#srv/web/ipfire/manual/mod/worker.html.tr.utf8
#srv/web/ipfire/manual/mpm.html
#srv/web/ipfire/manual/new_features_2_2.html
#srv/web/ipfire/manual/new_features_2_2.html.en
#srv/web/ipfire/manual/new_features_2_2.html.fr
-#srv/web/ipfire/manual/new_features_2_2.html.ja.utf8
#srv/web/ipfire/manual/new_features_2_2.html.ko.euc-kr
#srv/web/ipfire/manual/new_features_2_2.html.pt-br
#srv/web/ipfire/manual/new_features_2_2.html.tr.utf8
+#srv/web/ipfire/manual/new_features_2_4.html
+#srv/web/ipfire/manual/new_features_2_4.html.en
+#srv/web/ipfire/manual/new_features_2_4.html.fr
+#srv/web/ipfire/manual/new_features_2_4.html.tr.utf8
#srv/web/ipfire/manual/platform
#srv/web/ipfire/manual/platform/ebcdic.html
#srv/web/ipfire/manual/platform/ebcdic.html.en
#srv/web/ipfire/manual/platform/ebcdic.html.ko.euc-kr
#srv/web/ipfire/manual/platform/index.html
#srv/web/ipfire/manual/platform/index.html.en
+#srv/web/ipfire/manual/platform/index.html.fr
#srv/web/ipfire/manual/platform/index.html.ko.euc-kr
#srv/web/ipfire/manual/platform/index.html.zh-cn.utf8
#srv/web/ipfire/manual/platform/netware.html
#srv/web/ipfire/manual/platform/netware.html.en
+#srv/web/ipfire/manual/platform/netware.html.fr
#srv/web/ipfire/manual/platform/netware.html.ko.euc-kr
#srv/web/ipfire/manual/platform/perf-hp.html
#srv/web/ipfire/manual/platform/perf-hp.html.en
+#srv/web/ipfire/manual/platform/perf-hp.html.fr
#srv/web/ipfire/manual/platform/perf-hp.html.ko.euc-kr
+#srv/web/ipfire/manual/platform/rpm.html
+#srv/web/ipfire/manual/platform/rpm.html.en
#srv/web/ipfire/manual/platform/win_compiling.html
#srv/web/ipfire/manual/platform/win_compiling.html.en
+#srv/web/ipfire/manual/platform/win_compiling.html.fr
#srv/web/ipfire/manual/platform/win_compiling.html.ko.euc-kr
#srv/web/ipfire/manual/platform/windows.html
#srv/web/ipfire/manual/platform/windows.html.en
+#srv/web/ipfire/manual/platform/windows.html.fr
#srv/web/ipfire/manual/platform/windows.html.ko.euc-kr
#srv/web/ipfire/manual/programs
#srv/web/ipfire/manual/programs/ab.html
#srv/web/ipfire/manual/programs/ab.html.en
+#srv/web/ipfire/manual/programs/ab.html.fr
#srv/web/ipfire/manual/programs/ab.html.ko.euc-kr
#srv/web/ipfire/manual/programs/ab.html.tr.utf8
#srv/web/ipfire/manual/programs/apachectl.html
#srv/web/ipfire/manual/programs/apachectl.html.en
+#srv/web/ipfire/manual/programs/apachectl.html.fr
#srv/web/ipfire/manual/programs/apachectl.html.ko.euc-kr
#srv/web/ipfire/manual/programs/apachectl.html.tr.utf8
#srv/web/ipfire/manual/programs/apxs.html
#srv/web/ipfire/manual/programs/apxs.html.en
+#srv/web/ipfire/manual/programs/apxs.html.fr
#srv/web/ipfire/manual/programs/apxs.html.ko.euc-kr
#srv/web/ipfire/manual/programs/apxs.html.tr.utf8
#srv/web/ipfire/manual/programs/configure.html
#srv/web/ipfire/manual/programs/configure.html.en
+#srv/web/ipfire/manual/programs/configure.html.fr
#srv/web/ipfire/manual/programs/configure.html.ko.euc-kr
#srv/web/ipfire/manual/programs/configure.html.tr.utf8
#srv/web/ipfire/manual/programs/dbmmanage.html
#srv/web/ipfire/manual/programs/dbmmanage.html.en
+#srv/web/ipfire/manual/programs/dbmmanage.html.fr
#srv/web/ipfire/manual/programs/dbmmanage.html.ko.euc-kr
#srv/web/ipfire/manual/programs/dbmmanage.html.tr.utf8
+#srv/web/ipfire/manual/programs/fcgistarter.html
+#srv/web/ipfire/manual/programs/fcgistarter.html.en
+#srv/web/ipfire/manual/programs/fcgistarter.html.fr
+#srv/web/ipfire/manual/programs/fcgistarter.html.tr.utf8
#srv/web/ipfire/manual/programs/htcacheclean.html
#srv/web/ipfire/manual/programs/htcacheclean.html.en
+#srv/web/ipfire/manual/programs/htcacheclean.html.fr
#srv/web/ipfire/manual/programs/htcacheclean.html.ko.euc-kr
#srv/web/ipfire/manual/programs/htcacheclean.html.tr.utf8
#srv/web/ipfire/manual/programs/htdbm.html
#srv/web/ipfire/manual/programs/htdbm.html.en
+#srv/web/ipfire/manual/programs/htdbm.html.fr
#srv/web/ipfire/manual/programs/htdbm.html.tr.utf8
#srv/web/ipfire/manual/programs/htdigest.html
#srv/web/ipfire/manual/programs/htdigest.html.en
+#srv/web/ipfire/manual/programs/htdigest.html.fr
#srv/web/ipfire/manual/programs/htdigest.html.ko.euc-kr
#srv/web/ipfire/manual/programs/htdigest.html.tr.utf8
#srv/web/ipfire/manual/programs/htpasswd.html
#srv/web/ipfire/manual/programs/htpasswd.html.en
+#srv/web/ipfire/manual/programs/htpasswd.html.fr
#srv/web/ipfire/manual/programs/htpasswd.html.ko.euc-kr
#srv/web/ipfire/manual/programs/htpasswd.html.tr.utf8
#srv/web/ipfire/manual/programs/httpd.html
#srv/web/ipfire/manual/programs/httpd.html.en
+#srv/web/ipfire/manual/programs/httpd.html.fr
#srv/web/ipfire/manual/programs/httpd.html.ko.euc-kr
#srv/web/ipfire/manual/programs/httpd.html.tr.utf8
#srv/web/ipfire/manual/programs/httxt2dbm.html
#srv/web/ipfire/manual/programs/httxt2dbm.html.en
+#srv/web/ipfire/manual/programs/httxt2dbm.html.fr
#srv/web/ipfire/manual/programs/httxt2dbm.html.tr.utf8
#srv/web/ipfire/manual/programs/index.html
#srv/web/ipfire/manual/programs/index.html.en
#srv/web/ipfire/manual/programs/index.html.es
-#srv/web/ipfire/manual/programs/index.html.ja.utf8
+#srv/web/ipfire/manual/programs/index.html.fr
#srv/web/ipfire/manual/programs/index.html.ko.euc-kr
-#srv/web/ipfire/manual/programs/index.html.ru.koi8-r
#srv/web/ipfire/manual/programs/index.html.tr.utf8
#srv/web/ipfire/manual/programs/index.html.zh-cn.utf8
+#srv/web/ipfire/manual/programs/log_server_status.html
+#srv/web/ipfire/manual/programs/log_server_status.html.en
#srv/web/ipfire/manual/programs/logresolve.html
#srv/web/ipfire/manual/programs/logresolve.html.en
+#srv/web/ipfire/manual/programs/logresolve.html.fr
#srv/web/ipfire/manual/programs/logresolve.html.ko.euc-kr
#srv/web/ipfire/manual/programs/logresolve.html.tr.utf8
#srv/web/ipfire/manual/programs/other.html
#srv/web/ipfire/manual/programs/other.html.en
+#srv/web/ipfire/manual/programs/other.html.fr
#srv/web/ipfire/manual/programs/other.html.ko.euc-kr
#srv/web/ipfire/manual/programs/other.html.tr.utf8
#srv/web/ipfire/manual/programs/rotatelogs.html
#srv/web/ipfire/manual/programs/rotatelogs.html.en
+#srv/web/ipfire/manual/programs/rotatelogs.html.fr
#srv/web/ipfire/manual/programs/rotatelogs.html.ko.euc-kr
#srv/web/ipfire/manual/programs/rotatelogs.html.tr.utf8
+#srv/web/ipfire/manual/programs/split-logfile.html
+#srv/web/ipfire/manual/programs/split-logfile.html.en
#srv/web/ipfire/manual/programs/suexec.html
#srv/web/ipfire/manual/programs/suexec.html.en
#srv/web/ipfire/manual/programs/suexec.html.ko.euc-kr
#srv/web/ipfire/manual/rewrite
#srv/web/ipfire/manual/rewrite/access.html
#srv/web/ipfire/manual/rewrite/access.html.en
+#srv/web/ipfire/manual/rewrite/access.html.fr
#srv/web/ipfire/manual/rewrite/advanced.html
#srv/web/ipfire/manual/rewrite/advanced.html.en
+#srv/web/ipfire/manual/rewrite/advanced.html.fr
#srv/web/ipfire/manual/rewrite/avoid.html
#srv/web/ipfire/manual/rewrite/avoid.html.en
+#srv/web/ipfire/manual/rewrite/avoid.html.fr
#srv/web/ipfire/manual/rewrite/flags.html
#srv/web/ipfire/manual/rewrite/flags.html.en
#srv/web/ipfire/manual/rewrite/flags.html.fr
#srv/web/ipfire/manual/rewrite/htaccess.html
#srv/web/ipfire/manual/rewrite/htaccess.html.en
+#srv/web/ipfire/manual/rewrite/htaccess.html.fr
#srv/web/ipfire/manual/rewrite/index.html
#srv/web/ipfire/manual/rewrite/index.html.en
#srv/web/ipfire/manual/rewrite/index.html.fr
#srv/web/ipfire/manual/rewrite/intro.html.fr
#srv/web/ipfire/manual/rewrite/proxy.html
#srv/web/ipfire/manual/rewrite/proxy.html.en
+#srv/web/ipfire/manual/rewrite/proxy.html.fr
#srv/web/ipfire/manual/rewrite/remapping.html
#srv/web/ipfire/manual/rewrite/remapping.html.en
+#srv/web/ipfire/manual/rewrite/remapping.html.fr
#srv/web/ipfire/manual/rewrite/rewritemap.html
#srv/web/ipfire/manual/rewrite/rewritemap.html.en
+#srv/web/ipfire/manual/rewrite/rewritemap.html.fr
#srv/web/ipfire/manual/rewrite/tech.html
#srv/web/ipfire/manual/rewrite/tech.html.en
#srv/web/ipfire/manual/rewrite/tech.html.fr
#srv/web/ipfire/manual/rewrite/vhosts.html
#srv/web/ipfire/manual/rewrite/vhosts.html.en
+#srv/web/ipfire/manual/rewrite/vhosts.html.fr
#srv/web/ipfire/manual/sections.html
#srv/web/ipfire/manual/sections.html.en
#srv/web/ipfire/manual/sections.html.fr
#srv/web/ipfire/manual/sections.html.tr.utf8
#srv/web/ipfire/manual/server-wide.html
#srv/web/ipfire/manual/server-wide.html.en
+#srv/web/ipfire/manual/server-wide.html.fr
#srv/web/ipfire/manual/server-wide.html.ja.utf8
#srv/web/ipfire/manual/server-wide.html.ko.euc-kr
#srv/web/ipfire/manual/server-wide.html.tr.utf8
#srv/web/ipfire/manual/sitemap.html.de
#srv/web/ipfire/manual/sitemap.html.en
#srv/web/ipfire/manual/sitemap.html.es
+#srv/web/ipfire/manual/sitemap.html.fr
#srv/web/ipfire/manual/sitemap.html.ja.utf8
#srv/web/ipfire/manual/sitemap.html.ko.euc-kr
#srv/web/ipfire/manual/sitemap.html.tr.utf8
#srv/web/ipfire/manual/sitemap.html.zh-cn.utf8
+#srv/web/ipfire/manual/socache.html
+#srv/web/ipfire/manual/socache.html.en
+#srv/web/ipfire/manual/socache.html.fr
#srv/web/ipfire/manual/ssl
#srv/web/ipfire/manual/ssl/index.html
#srv/web/ipfire/manual/ssl/index.html.en
+#srv/web/ipfire/manual/ssl/index.html.fr
#srv/web/ipfire/manual/ssl/index.html.ja.utf8
#srv/web/ipfire/manual/ssl/index.html.tr.utf8
#srv/web/ipfire/manual/ssl/index.html.zh-cn.utf8
#srv/web/ipfire/manual/ssl/ssl_compat.html
#srv/web/ipfire/manual/ssl/ssl_compat.html.en
+#srv/web/ipfire/manual/ssl/ssl_compat.html.fr
#srv/web/ipfire/manual/ssl/ssl_faq.html
#srv/web/ipfire/manual/ssl/ssl_faq.html.en
+#srv/web/ipfire/manual/ssl/ssl_faq.html.fr
#srv/web/ipfire/manual/ssl/ssl_howto.html
#srv/web/ipfire/manual/ssl/ssl_howto.html.en
+#srv/web/ipfire/manual/ssl/ssl_howto.html.fr
#srv/web/ipfire/manual/ssl/ssl_intro.html
#srv/web/ipfire/manual/ssl/ssl_intro.html.en
+#srv/web/ipfire/manual/ssl/ssl_intro.html.fr
#srv/web/ipfire/manual/ssl/ssl_intro.html.ja.utf8
#srv/web/ipfire/manual/stopping.html
#srv/web/ipfire/manual/stopping.html.de
#srv/web/ipfire/manual/suexec.html.ko.euc-kr
#srv/web/ipfire/manual/suexec.html.tr.utf8
#srv/web/ipfire/manual/upgrading.html
-#srv/web/ipfire/manual/upgrading.html.de
#srv/web/ipfire/manual/upgrading.html.en
#srv/web/ipfire/manual/upgrading.html.fr
-#srv/web/ipfire/manual/upgrading.html.ja.utf8
#srv/web/ipfire/manual/urlmapping.html
#srv/web/ipfire/manual/urlmapping.html.en
+#srv/web/ipfire/manual/urlmapping.html.fr
#srv/web/ipfire/manual/urlmapping.html.ja.utf8
#srv/web/ipfire/manual/urlmapping.html.ko.euc-kr
#srv/web/ipfire/manual/urlmapping.html.tr.utf8
#srv/web/ipfire/manual/vhosts/index.html.fr
#srv/web/ipfire/manual/vhosts/index.html.ja.utf8
#srv/web/ipfire/manual/vhosts/index.html.ko.euc-kr
-#srv/web/ipfire/manual/vhosts/index.html.ru.koi8-r
#srv/web/ipfire/manual/vhosts/index.html.tr.utf8
#srv/web/ipfire/manual/vhosts/index.html.zh-cn.utf8
#srv/web/ipfire/manual/vhosts/ip-based.html
#srv/web/ipfire/manual/vhosts/ip-based.html.tr.utf8
#srv/web/ipfire/manual/vhosts/mass.html
#srv/web/ipfire/manual/vhosts/mass.html.en
+#srv/web/ipfire/manual/vhosts/mass.html.fr
#srv/web/ipfire/manual/vhosts/mass.html.ko.euc-kr
#srv/web/ipfire/manual/vhosts/mass.html.tr.utf8
#srv/web/ipfire/manual/vhosts/name-based.html
#srv/web/ipfire/manual/vhosts/name-based.html.ja.utf8
#srv/web/ipfire/manual/vhosts/name-based.html.ko.euc-kr
#srv/web/ipfire/manual/vhosts/name-based.html.tr.utf8
-#usr/bin/apr-1-config
-#usr/bin/apu-1-config
+#usr/bin/ab
+#usr/bin/apxs
+#usr/bin/dbmmanage
+#usr/bin/htdbm
+#usr/bin/htdigest
+usr/bin/htpasswd
+#usr/bin/httxt2dbm
+#usr/bin/logresolve
#usr/include/apache
#usr/include/apache/ap_compat.h
#usr/include/apache/ap_config.h
#usr/include/apache/ap_config_auto.h
#usr/include/apache/ap_config_layout.h
+#usr/include/apache/ap_expr.h
+#usr/include/apache/ap_hooks.h
#usr/include/apache/ap_listen.h
#usr/include/apache/ap_mmn.h
#usr/include/apache/ap_mpm.h
#usr/include/apache/ap_regex.h
#usr/include/apache/ap_regkey.h
#usr/include/apache/ap_release.h
-#usr/include/apache/apr.h
-#usr/include/apache/apr_allocator.h
-#usr/include/apache/apr_anylock.h
-#usr/include/apache/apr_atomic.h
-#usr/include/apache/apr_base64.h
-#usr/include/apache/apr_buckets.h
-#usr/include/apache/apr_crypto.h
-#usr/include/apache/apr_date.h
-#usr/include/apache/apr_dbd.h
-#usr/include/apache/apr_dbm.h
-#usr/include/apache/apr_dso.h
-#usr/include/apache/apr_env.h
-#usr/include/apache/apr_errno.h
-#usr/include/apache/apr_escape.h
-#usr/include/apache/apr_file_info.h
-#usr/include/apache/apr_file_io.h
-#usr/include/apache/apr_fnmatch.h
-#usr/include/apache/apr_general.h
-#usr/include/apache/apr_getopt.h
-#usr/include/apache/apr_global_mutex.h
-#usr/include/apache/apr_hash.h
-#usr/include/apache/apr_hooks.h
-#usr/include/apache/apr_inherit.h
-#usr/include/apache/apr_ldap.h
-#usr/include/apache/apr_ldap_init.h
-#usr/include/apache/apr_ldap_option.h
-#usr/include/apache/apr_ldap_rebind.h
-#usr/include/apache/apr_ldap_url.h
-#usr/include/apache/apr_lib.h
-#usr/include/apache/apr_md4.h
-#usr/include/apache/apr_md5.h
-#usr/include/apache/apr_memcache.h
-#usr/include/apache/apr_mmap.h
-#usr/include/apache/apr_network_io.h
-#usr/include/apache/apr_optional.h
-#usr/include/apache/apr_optional_hooks.h
-#usr/include/apache/apr_poll.h
-#usr/include/apache/apr_pools.h
-#usr/include/apache/apr_portable.h
-#usr/include/apache/apr_proc_mutex.h
-#usr/include/apache/apr_queue.h
-#usr/include/apache/apr_random.h
-#usr/include/apache/apr_reslist.h
-#usr/include/apache/apr_ring.h
-#usr/include/apache/apr_rmm.h
-#usr/include/apache/apr_sdbm.h
-#usr/include/apache/apr_sha1.h
-#usr/include/apache/apr_shm.h
-#usr/include/apache/apr_signal.h
-#usr/include/apache/apr_skiplist.h
-#usr/include/apache/apr_strings.h
-#usr/include/apache/apr_strmatch.h
-#usr/include/apache/apr_support.h
-#usr/include/apache/apr_tables.h
-#usr/include/apache/apr_thread_cond.h
-#usr/include/apache/apr_thread_mutex.h
-#usr/include/apache/apr_thread_pool.h
-#usr/include/apache/apr_thread_proc.h
-#usr/include/apache/apr_thread_rwlock.h
-#usr/include/apache/apr_time.h
-#usr/include/apache/apr_uri.h
-#usr/include/apache/apr_user.h
-#usr/include/apache/apr_uuid.h
-#usr/include/apache/apr_version.h
-#usr/include/apache/apr_want.h
-#usr/include/apache/apr_xlate.h
-#usr/include/apache/apr_xml.h
-#usr/include/apache/apu.h
-#usr/include/apache/apu_errno.h
-#usr/include/apache/apu_version.h
-#usr/include/apache/apu_want.h
+#usr/include/apache/ap_slotmem.h
+#usr/include/apache/ap_socache.h
+#usr/include/apache/apache_noprobes.h
+#usr/include/apache/cache_common.h
+#usr/include/apache/heartbeat.h
#usr/include/apache/http_config.h
#usr/include/apache/http_connection.h
#usr/include/apache/http_core.h
#usr/include/apache/http_vhost.h
#usr/include/apache/httpd.h
#usr/include/apache/mod_auth.h
+#usr/include/apache/mod_cache.h
#usr/include/apache/mod_cgi.h
#usr/include/apache/mod_core.h
#usr/include/apache/mod_dav.h
#usr/include/apache/mod_include.h
#usr/include/apache/mod_log_config.h
#usr/include/apache/mod_proxy.h
+#usr/include/apache/mod_request.h
#usr/include/apache/mod_rewrite.h
+#usr/include/apache/mod_session.h
+#usr/include/apache/mod_so.h
#usr/include/apache/mod_ssl.h
+#usr/include/apache/mod_ssl_openssl.h
#usr/include/apache/mod_status.h
-#usr/include/apache/mpm.h
+#usr/include/apache/mod_unixd.h
+#usr/include/apache/mod_watchdog.h
+#usr/include/apache/mod_xml2enc.h
#usr/include/apache/mpm_common.h
-#usr/include/apache/mpm_default.h
#usr/include/apache/os.h
#usr/include/apache/scoreboard.h
#usr/include/apache/unixd.h
#usr/include/apache/util_cfgtree.h
#usr/include/apache/util_charset.h
+#usr/include/apache/util_cookies.h
#usr/include/apache/util_ebcdic.h
+#usr/include/apache/util_fcgi.h
#usr/include/apache/util_filter.h
#usr/include/apache/util_ldap.h
#usr/include/apache/util_md5.h
+#usr/include/apache/util_mutex.h
#usr/include/apache/util_script.h
#usr/include/apache/util_time.h
+#usr/include/apache/util_varbuf.h
#usr/include/apache/util_xml.h
#usr/lib/apache
#usr/lib/apache/build
-#usr/lib/apache/build/apr_rules.mk
#usr/lib/apache/build/config.nice
#usr/lib/apache/build/config_vars.mk
#usr/lib/apache/build/instdso.sh
#usr/lib/apache/build/library.mk
-#usr/lib/apache/build/libtool
#usr/lib/apache/build/ltlib.mk
-#usr/lib/apache/build/make_exports.awk
-#usr/lib/apache/build/make_var_export.awk
#usr/lib/apache/build/mkdir.sh
#usr/lib/apache/build/program.mk
#usr/lib/apache/build/rules.mk
#usr/lib/apache/build/special.mk
#usr/lib/apache/httpd.exp
+#usr/lib/apache/mod_access_compat.so
usr/lib/apache/mod_actions.so
usr/lib/apache/mod_alias.so
+usr/lib/apache/mod_allowmethods.so
usr/lib/apache/mod_asis.so
usr/lib/apache/mod_auth_basic.so
usr/lib/apache/mod_auth_digest.so
+usr/lib/apache/mod_auth_form.so
usr/lib/apache/mod_authn_anon.so
+usr/lib/apache/mod_authn_core.so
usr/lib/apache/mod_authn_dbd.so
usr/lib/apache/mod_authn_dbm.so
-usr/lib/apache/mod_authn_default.so
usr/lib/apache/mod_authn_file.so
+usr/lib/apache/mod_authn_socache.so
+usr/lib/apache/mod_authz_core.so
+usr/lib/apache/mod_authz_dbd.so
usr/lib/apache/mod_authz_dbm.so
-usr/lib/apache/mod_authz_default.so
usr/lib/apache/mod_authz_groupfile.so
usr/lib/apache/mod_authz_host.so
usr/lib/apache/mod_authz_owner.so
usr/lib/apache/mod_authz_user.so
usr/lib/apache/mod_autoindex.so
-usr/lib/apache/mod_cern_meta.so
-usr/lib/apache/mod_cgi.so
+usr/lib/apache/mod_buffer.so
+usr/lib/apache/mod_cache.so
+usr/lib/apache/mod_cache_disk.so
+usr/lib/apache/mod_cache_socache.so
+usr/lib/apache/mod_cgid.so
+usr/lib/apache/mod_charset_lite.so
+usr/lib/apache/mod_data.so
usr/lib/apache/mod_dav.so
usr/lib/apache/mod_dav_fs.so
+usr/lib/apache/mod_dav_lock.so
usr/lib/apache/mod_dbd.so
usr/lib/apache/mod_deflate.so
+usr/lib/apache/mod_dialup.so
usr/lib/apache/mod_dir.so
usr/lib/apache/mod_dumpio.so
+usr/lib/apache/mod_echo.so
usr/lib/apache/mod_env.so
usr/lib/apache/mod_expires.so
usr/lib/apache/mod_ext_filter.so
+usr/lib/apache/mod_file_cache.so
usr/lib/apache/mod_filter.so
usr/lib/apache/mod_headers.so
-usr/lib/apache/mod_ident.so
-usr/lib/apache/mod_imagemap.so
+usr/lib/apache/mod_heartbeat.so
+usr/lib/apache/mod_heartmonitor.so
usr/lib/apache/mod_include.so
usr/lib/apache/mod_info.so
+usr/lib/apache/mod_lbmethod_bybusyness.so
+usr/lib/apache/mod_lbmethod_byrequests.so
+usr/lib/apache/mod_lbmethod_bytraffic.so
+usr/lib/apache/mod_lbmethod_heartbeat.so
usr/lib/apache/mod_log_config.so
+usr/lib/apache/mod_log_debug.so
usr/lib/apache/mod_log_forensic.so
usr/lib/apache/mod_logio.so
+usr/lib/apache/mod_macro.so
usr/lib/apache/mod_mime.so
usr/lib/apache/mod_mime_magic.so
usr/lib/apache/mod_negotiation.so
usr/lib/apache/mod_proxy_ajp.so
usr/lib/apache/mod_proxy_balancer.so
usr/lib/apache/mod_proxy_connect.so
+usr/lib/apache/mod_proxy_express.so
+usr/lib/apache/mod_proxy_fcgi.so
+usr/lib/apache/mod_proxy_fdpass.so
usr/lib/apache/mod_proxy_ftp.so
+usr/lib/apache/mod_proxy_hcheck.so
+usr/lib/apache/mod_proxy_html.so
usr/lib/apache/mod_proxy_http.so
usr/lib/apache/mod_proxy_scgi.so
+usr/lib/apache/mod_proxy_wstunnel.so
+usr/lib/apache/mod_ratelimit.so
+usr/lib/apache/mod_reflector.so
+usr/lib/apache/mod_remoteip.so
usr/lib/apache/mod_reqtimeout.so
+usr/lib/apache/mod_request.so
usr/lib/apache/mod_rewrite.so
+usr/lib/apache/mod_sed.so
+usr/lib/apache/mod_session.so
+usr/lib/apache/mod_session_cookie.so
+usr/lib/apache/mod_session_crypto.so
+usr/lib/apache/mod_session_dbd.so
usr/lib/apache/mod_setenvif.so
+usr/lib/apache/mod_slotmem_plain.so
+usr/lib/apache/mod_slotmem_shm.so
+usr/lib/apache/mod_socache_dbm.so
+usr/lib/apache/mod_socache_memcache.so
+usr/lib/apache/mod_socache_shmcb.so
usr/lib/apache/mod_speling.so
usr/lib/apache/mod_ssl.so
usr/lib/apache/mod_status.so
usr/lib/apache/mod_substitute.so
usr/lib/apache/mod_unique_id.so
+usr/lib/apache/mod_unixd.so
usr/lib/apache/mod_userdir.so
usr/lib/apache/mod_usertrack.so
usr/lib/apache/mod_version.so
usr/lib/apache/mod_vhost_alias.so
-#usr/lib/apr-util-1
-usr/lib/apr-util-1/apr_dbd_sqlite3-1.so
-#usr/lib/apr-util-1/apr_dbd_sqlite3.a
-#usr/lib/apr-util-1/apr_dbd_sqlite3.la
-usr/lib/apr-util-1/apr_dbd_sqlite3.so
-#usr/lib/apr.exp
-#usr/lib/aprutil.exp
-#usr/lib/libapr-1.a
-#usr/lib/libapr-1.la
-usr/lib/libapr-1.so
-usr/lib/libapr-1.so.0
-usr/lib/libapr-1.so.0.5.1
-#usr/lib/libaprutil-1.a
-#usr/lib/libaprutil-1.la
-usr/lib/libaprutil-1.so
-usr/lib/libaprutil-1.so.0
-usr/lib/libaprutil-1.so.0.5.3
-#usr/lib/pkgconfig/apr-1.pc
-#usr/lib/pkgconfig/apr-util-1.pc
+usr/lib/apache/mod_watchdog.so
+usr/lib/apache/mod_xml2enc.so
#usr/sbin/ab
usr/sbin/apachectl
-#usr/sbin/apxs
#usr/sbin/checkgid
-#usr/sbin/dbmmanage
#usr/sbin/envvars
#usr/sbin/envvars-std
+usr/sbin/fcgistarter
#usr/sbin/htcacheclean
-#usr/sbin/htdbm
-#usr/sbin/htdigest
-usr/sbin/htpasswd
usr/sbin/httpd
-#usr/sbin/httxt2dbm
-#usr/sbin/logresolve
#usr/sbin/rotatelogs
+#usr/share/man/man1/ab.1
+#usr/share/man/man1/apxs.1
#usr/share/man/man1/dbmmanage.1
#usr/share/man/man1/htdbm.1
#usr/share/man/man1/htdigest.1
#usr/share/man/man1/htpasswd.1
#usr/share/man/man1/httxt2dbm.1
-#usr/share/man/man8/ab.8
+#usr/share/man/man1/logresolve.1
#usr/share/man/man8/apachectl.8
-#usr/share/man/man8/apxs.8
+#usr/share/man/man8/fcgistarter.8
#usr/share/man/man8/htcacheclean.8
#usr/share/man/man8/httpd.8
-#usr/share/man/man8/logresolve.8
#usr/share/man/man8/rotatelogs.8
#usr/share/man/man8/suexec.8
var/log/httpd
--- /dev/null
+usr/bin/apr-1-config
+#usr/include/apr-1
+#usr/include/apr-1/apr.h
+#usr/include/apr-1/apr_allocator.h
+#usr/include/apr-1/apr_atomic.h
+#usr/include/apr-1/apr_cstr.h
+#usr/include/apr-1/apr_dso.h
+#usr/include/apr-1/apr_env.h
+#usr/include/apr-1/apr_errno.h
+#usr/include/apr-1/apr_escape.h
+#usr/include/apr-1/apr_file_info.h
+#usr/include/apr-1/apr_file_io.h
+#usr/include/apr-1/apr_fnmatch.h
+#usr/include/apr-1/apr_general.h
+#usr/include/apr-1/apr_getopt.h
+#usr/include/apr-1/apr_global_mutex.h
+#usr/include/apr-1/apr_hash.h
+#usr/include/apr-1/apr_inherit.h
+#usr/include/apr-1/apr_lib.h
+#usr/include/apr-1/apr_mmap.h
+#usr/include/apr-1/apr_network_io.h
+#usr/include/apr-1/apr_perms_set.h
+#usr/include/apr-1/apr_poll.h
+#usr/include/apr-1/apr_pools.h
+#usr/include/apr-1/apr_portable.h
+#usr/include/apr-1/apr_proc_mutex.h
+#usr/include/apr-1/apr_random.h
+#usr/include/apr-1/apr_ring.h
+#usr/include/apr-1/apr_shm.h
+#usr/include/apr-1/apr_signal.h
+#usr/include/apr-1/apr_skiplist.h
+#usr/include/apr-1/apr_strings.h
+#usr/include/apr-1/apr_support.h
+#usr/include/apr-1/apr_tables.h
+#usr/include/apr-1/apr_thread_cond.h
+#usr/include/apr-1/apr_thread_mutex.h
+#usr/include/apr-1/apr_thread_proc.h
+#usr/include/apr-1/apr_thread_rwlock.h
+#usr/include/apr-1/apr_time.h
+#usr/include/apr-1/apr_user.h
+#usr/include/apr-1/apr_version.h
+#usr/include/apr-1/apr_want.h
+#usr/lib/apr.exp
+#usr/lib/libapr-1.la
+#usr/lib/libapr-1.so
+usr/lib/libapr-1.so.0
+usr/lib/libapr-1.so.0.6.2
+#usr/lib/pkgconfig/apr-1.pc
+#usr/share/apr-1
+#usr/share/apr-1/build
+#usr/share/apr-1/build/apr_common.m4
+#usr/share/apr-1/build/apr_rules.mk
+#usr/share/apr-1/build/find_apr.m4
+#usr/share/apr-1/build/libtool
+#usr/share/apr-1/build/make_exports.awk
+#usr/share/apr-1/build/make_var_export.awk
+#usr/share/apr-1/build/mkdir.sh
--- /dev/null
+usr/bin/apu-1-config
+#usr/include/apr-1/apr_anylock.h
+#usr/include/apr-1/apr_base64.h
+#usr/include/apr-1/apr_buckets.h
+#usr/include/apr-1/apr_crypto.h
+#usr/include/apr-1/apr_date.h
+#usr/include/apr-1/apr_dbd.h
+#usr/include/apr-1/apr_dbm.h
+#usr/include/apr-1/apr_hooks.h
+#usr/include/apr-1/apr_ldap.h
+#usr/include/apr-1/apr_ldap_init.h
+#usr/include/apr-1/apr_ldap_option.h
+#usr/include/apr-1/apr_ldap_rebind.h
+#usr/include/apr-1/apr_ldap_url.h
+#usr/include/apr-1/apr_md4.h
+#usr/include/apr-1/apr_md5.h
+#usr/include/apr-1/apr_memcache.h
+#usr/include/apr-1/apr_optional.h
+#usr/include/apr-1/apr_optional_hooks.h
+#usr/include/apr-1/apr_queue.h
+#usr/include/apr-1/apr_redis.h
+#usr/include/apr-1/apr_reslist.h
+#usr/include/apr-1/apr_rmm.h
+#usr/include/apr-1/apr_sdbm.h
+#usr/include/apr-1/apr_sha1.h
+#usr/include/apr-1/apr_siphash.h
+#usr/include/apr-1/apr_strmatch.h
+#usr/include/apr-1/apr_thread_pool.h
+#usr/include/apr-1/apr_uri.h
+#usr/include/apr-1/apr_uuid.h
+#usr/include/apr-1/apr_xlate.h
+#usr/include/apr-1/apr_xml.h
+#usr/include/apr-1/apu.h
+#usr/include/apr-1/apu_errno.h
+#usr/include/apr-1/apu_version.h
+#usr/include/apr-1/apu_want.h
+#usr/include/apr-1/expat.h
+#usr/lib/apr-util-1
+usr/lib/apr-util-1/apr_crypto_openssl-1.so
+#usr/lib/apr-util-1/apr_crypto_openssl.la
+usr/lib/apr-util-1/apr_crypto_openssl.so
+#usr/lib/aprutil.exp
+#usr/lib/libaprutil-1.la
+#usr/lib/libaprutil-1.so
+usr/lib/libaprutil-1.so.0
+usr/lib/libaprutil-1.so.0.6.0
+#usr/lib/pkgconfig/apr-util-1.pc
#usr/lib/libgnutls.la
#usr/lib/libgnutls.so
usr/lib/libgnutls.so.30
-usr/lib/libgnutls.so.30.14.6
+usr/lib/libgnutls.so.30.14.7
#usr/lib/libgnutlsxx.la
#usr/lib/libgnutlsxx.so
usr/lib/libgnutlsxx.so.28
usr/lib/php/doc/XML_Util/examples/example.php
usr/lib/php/doc/XML_Util/examples/example2.php
#usr/lib/php/extensions
-#usr/lib/php/extensions/no-debug-non-zts-20090626
-usr/lib/php/extensions/no-debug-non-zts-20090626/dba.so
-usr/lib/php/extensions/no-debug-non-zts-20090626/idn.so
+#usr/lib/php/extensions/no-debug-zts-20090626
+usr/lib/php/extensions/no-debug-zts-20090626/dba.so
+usr/lib/php/extensions/no-debug-zts-20090626/idn.so
#usr/lib/php/pearcmd.php
#usr/lib/php/peclcmd.php
#usr/lib/php/test
#usr/man/man1/php-config.1
#usr/man/man1/php.1
#usr/man/man1/phpize.1
-etc/httpd/conf/conf.d/php5.conf
etc/strongswan.d/swanctl.conf
#etc/swanctl
etc/swanctl/bliss
+etc/swanctl/conf.d
etc/swanctl/ecdsa
etc/swanctl/pkcs12
etc/swanctl/pkcs8
#usr/lib/libunbound.la
#usr/lib/libunbound.so
usr/lib/libunbound.so.2
-usr/lib/libunbound.so.2.5.3
+usr/lib/libunbound.so.2.5.5
usr/sbin/unbound
usr/sbin/unbound-anchor
usr/sbin/unbound-checkconf
--- /dev/null
+../../../common/apache2
\ No newline at end of file
--- /dev/null
+../../../common/apr
\ No newline at end of file
--- /dev/null
+../../../common/aprutil
\ No newline at end of file
--- /dev/null
+etc/system-release
+etc/issue
+etc/rc.d/init.d/unbound
+var/ipfire/langs
--- /dev/null
+../../../common/hdparm
\ No newline at end of file
--- /dev/null
+#!/bin/bash
+############################################################################
+# #
+# This file is part of the IPFire Firewall. #
+# #
+# IPFire is free software; you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation; either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# IPFire is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with IPFire; if not, write to the Free Software #
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
+# #
+# Copyright (C) 2017 IPFire-Team <info@ipfire.org>. #
+# #
+############################################################################
+#
+. /opt/pakfire/lib/functions.sh
+/usr/local/bin/backupctrl exclude >/dev/null 2>&1
+
+core=114
+
+# Remove old core updates from pakfire cache to save space...
+for (( i=1; i<=$core; i++ )); do
+ rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire
+done
+
+# Stop services
+ipsec stop
+/etc/init.d/squid stop
+/etc/init.d/unbound stop
+/etc/init.d/apache stop
+
+# Remove old apache configuration files of add-ons
+# These will be reinstalled by the updated packages
+# as soon as the core update is finished.
+rm -f \
+ /etc/httpd/conf/vhosts.d/cacti.conf \
+ /etc/httpd/conf/vhosts.d/icinga.conf \
+ /etc/httpd/conf/vhosts.d/nagios.conf \
+ /etc/httpd/conf/vhosts.d/openmailadmin.conf \
+ /etc/httpd/conf/vhosts.d/owncloud.conf \
+ /etc/httpd/conf/vhosts.d/phpSANE.conf
+
+# Extract files
+extract_files
+
+# update linker config
+ldconfig
+
+# Remove some files
+rm -f /usr/sbin/htpasswd
+
+# Update Language cache
+/usr/local/bin/update-lang-cache
+
+# Start services
+/etc/init.d/unbound start
+/etc/init.d/apache start
+/etc/init.d/squid start
+
+if grep -q "ENABLED=on" /var/ipfire/vpn/settings; then
+ ipsec start
+fi
+
+#
+# After pakfire has ended run it again and update all addons
+# this is needed for apache update.
+#
+echo '#!/bin/bash' > /tmp/pak_update
+echo 'while [ "$(ps -A | grep " update.sh")" != "" ]; do' >> /tmp/pak_update
+echo ' sleep 1' >> /tmp/pak_update
+echo 'done' >> /tmp/pak_update
+echo 'while [ "$(ps -A | grep " pakfire")" != "" ]; do' >> /tmp/pak_update
+echo ' sleep 1' >> /tmp/pak_update
+echo 'done' >> /tmp/pak_update
+echo '/opt/pakfire/pakfire update -y --force' >> /tmp/pak_update
+echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update
+echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update
+echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update
+echo 'touch /var/run/need_reboot ' >> /tmp/pak_update
+#
+killall -KILL pak_update
+chmod +x /tmp/pak_update
+/tmp/pak_update &
+
+# This update need a reboot...
+touch /var/run/need_reboot
+
+# Finish
+/etc/init.d/fireinfo start
+sendprofile
+
+# Update grub config to display new core version
+if [ -e /boot/grub/grub.cfg ]; then
+ grub-mkconfig -o /boot/grub/grub.cfg
+fi
+
+sync
+
+# Don't report the exitcode last command
+exit 0
--- /dev/null
+boot/config.txt
+boot/grub/grub.cfg
+boot/grub/grubenv
+etc/alternatives
+etc/collectd.custom
+etc/default/grub
+etc/ipsec.conf
+etc/ipsec.secrets
+etc/ipsec.user.conf
+etc/ipsec.user.secrets
+etc/localtime
+etc/shadow
+etc/snort/snort.conf
+etc/ssh/ssh_config
+etc/ssh/sshd_config
+etc/ssl/openssl.cnf
+etc/sudoers
+etc/sysconfig/firewall.local
+etc/sysconfig/rc.local
+etc/udev/rules.d/30-persistent-network.rules
+srv/web/ipfire/html/proxy.pac
+var/ipfire/dma
+var/ipfire/time
+var/ipfire/ovpn
+var/lib/alternatives
+var/log/cache
+var/log/dhcpcd.log
+var/log/messages
+var/state/dhcp/dhcpd.leases
+var/updatecache
--- /dev/null
+../../../common/gnutls
\ No newline at end of file
--- /dev/null
+../../../../common/i586/strongswan-padlock
\ No newline at end of file
--- /dev/null
+../../../common/squid
\ No newline at end of file
--- /dev/null
+../../../common/strongswan
\ No newline at end of file
--- /dev/null
+../../../common/unbound
\ No newline at end of file
$memory=0;
}
-&Header::openpage('', 1, '', '');
+&Header::openpage($Lang::tr{'wlanap configuration'}, 1, '', '');
&Header::openbigbox('100%', 'left', '', $errormessage);
if ( $errormessage ){
print "<tr><td class='base'>$Lang::tr{'wlanap wlan card'} ($wlanapsettings{'DRIVER'})</td>";
print $wlan_card_status eq 'up' ? $status_started : $status_stopped;
print"<td colspan='4'></td></tr>";
- print "<tr><td class='base' bgcolor='$color{'color22'}'>$Lang::tr{'wlanap access point'}</td>";
+ print "<tr><td class='base' bgcolor='$color{'color22'}'>$Lang::tr{'wlanap'}</td>";
print $wlan_ap_status eq 'up' ? $status_started : $status_stopped;
if ( ($memory != 0) && (@pid[0] ne "///") ){
print "<td bgcolor='$color{'color22'}' align='center'>@pid[0]</td>";
'ConnSched change profile title' => 'Wechsle zu Profil:',
'ConnSched days' => 'Tage:',
'ConnSched dial' => 'Verbinden',
-'ConnSched down' => 'Runter',
+'ConnSched down' => 'Herunter',
'ConnSched hangup' => 'Trennen',
'ConnSched ipsecstart' => 'IPsec (neu)starten',
-'ConnSched ipsecstop' => 'IPsec stop',
+'ConnSched ipsecstop' => 'IPsec stoppen',
'ConnSched reboot' => 'Neustarten',
'ConnSched reconnect' => 'Neu verbinden',
'ConnSched scheduled actions' => 'Geplante Aktionen',
'ConnSched select profile' => 'Wähle Profil',
'ConnSched shutdown' => 'Herunterfahren',
'ConnSched time' => 'Zeit:',
-'ConnSched up' => 'Hoch',
+'ConnSched up' => 'Herauf',
'ConnSched weekdays' => 'Wochentage:',
'Edit an existing route' => 'Eine existierende Route editieren',
'Enter TOS' => 'Aktivieren oder deaktivieren Sie die TOS-Bits <br /> und klicken Sie danach auf <i>Speichern</i>.',
'Existing Files' => 'Dateien in der Datenbank',
-'HDD temperature' => 'HDD-Temperatur',
+'HDD temperature' => 'Festplatten-Temperatur',
'Level7 Protocol' => 'Level7-Protokoll',
'Level7 Rule' => 'Level7-Regel',
'Level7 rule' => 'Level7-Regel',
'advproxy errmsg no browser' => 'Mindestens ein Browser oder Client muss für den Web-Zugriff zugelassen sein',
'advproxy errmsg no password' => 'Passwort kann nicht leer sein',
'advproxy errmsg no username' => 'Benutzername darf nicht leer sein',
-'advproxy errmsg non-transparent proxy required' => 'Web Proxy muss für die Authentifizierung im Nicht-transparenten Modus laufen',
+'advproxy errmsg non-transparent proxy required' => 'Web Proxy muss für die Authentifizierung im nicht-transparenten Modus laufen',
'advproxy errmsg ntlm domain' => 'Windows-Domänenname erforderlich',
'advproxy errmsg ntlm pdc' => 'Hostname der Primary Domain Controllers erforderlich',
'advproxy errmsg password incorrect' => 'Falsches Passwort',
'advproxy error design' => 'Design der Fehlermeldungen',
'advproxy error language' => 'Sprache der Fehlermeldungen',
'advproxy fake referer' => 'Gefälschter Referer für externe Web-Sites',
-'advproxy fake useragent' => 'Gefälschter Useragent für externe Web-Sites',
-'advproxy friday' => 'Fre',
+'advproxy fake useragent' => 'Gefälschter User-Agent für externe Web-Sites',
+'advproxy friday' => 'Fr',
'advproxy from' => 'Von',
'advproxy group access control' => 'Gruppenbasierte Zugriffskontrolle',
'advproxy group required' => 'Erforderliche Gruppe',
'advproxy log enabled' => 'Protokoll aktiviert',
'advproxy log query' => 'Protokolliere Query Terms',
'advproxy log settings' => 'Protokolleinstellungen',
-'advproxy log useragent' => 'Protokolliere Useragents',
+'advproxy log useragent' => 'Protokolliere User-Agents',
'advproxy max download size' => 'Max. Größe von Downloads (KB)',
'advproxy max size' => 'Max. Objektgröße (KB)',
'advproxy max upload size' => 'Max. Größe von Uploads (KB)',
'advproxy min size' => 'Min. Objektgröße (KB)',
'advproxy mode allow' => 'Zulassen',
'advproxy mode deny' => 'Verweigern',
-'advproxy monday' => 'Mon',
+'advproxy monday' => 'Mo',
'advproxy network based access' => 'Netzwerkbasierte Zugriffskontrolle',
'advproxy no cache sites' => 'Diese Domains nicht zwischenspeichern (eine pro Zeile)',
'advproxy no clients defined' => 'Keine Clients definiert',
'advproxy ram cache size' => 'Cachegröße im Arbeitsspeicher (MB)',
'advproxy redirector children' => 'Anzahl der Filterprozesse',
'advproxy reset' => 'Zurücksetzen',
-'advproxy saturday' => 'Sam',
+'advproxy saturday' => 'Sa',
'advproxy save and restart' => 'Speichern und Neustart',
'advproxy squid version' => 'Squid Cache Version',
'advproxy squidclamav' => 'SquidClamav',
'advproxy ssl ports' => 'Zulässige SSL-Ports (einer pro Zeile)',
'advproxy standard' => 'Standard',
'advproxy standard ports' => 'Zulässige Standard-Ports (einer pro Zeile)',
-'advproxy sunday' => 'Son',
+'advproxy sunday' => 'So',
'advproxy supervisor password' => 'Supervisor-Passwort',
-'advproxy suppress version' => 'Unterdrücke Versions-Informationen',
+'advproxy suppress version' => 'Unterdrücke Versionsinformationen',
'advproxy throttle binary' => 'Binärdateien',
'advproxy throttle dskimg' => 'CD-Images',
'advproxy throttle mmedia' => 'Multimedia',
'advproxy throttling per host on' => 'Begrenzung pro Host auf',
'advproxy throttling total on' => 'Begrenzung insgesamt auf',
'advproxy throttling unlimited' => 'unbegrenzt',
-'advproxy thursday' => 'Don',
+'advproxy thursday' => 'Do',
'advproxy time restrictions' => 'Zeitbeschränkungen',
'advproxy to' => 'Bis',
'advproxy transfer limits' => 'Transfergrenzen',
'advproxy transparent on' => 'Transparent auf',
-'advproxy tuesday' => 'Die',
+'advproxy tuesday' => 'Di',
'advproxy unknown' => 'Unbekannt',
'advproxy unrestricted ip clients' => 'Uneingeschränkte IP-Adressen (eine pro Zeile)',
'advproxy unrestricted mac clients' => 'Uneingeschränkte MAC-Adressen (eine pro Zeile)',
'advproxy via forwarding' => 'Proxy-Adresse weiterleiten',
'advproxy visible hostname' => 'Sichtbarer Hostname',
'advproxy web browser' => 'Web-Browser',
-'advproxy wednesday' => 'Mit',
+'advproxy wednesday' => 'Mi',
'again' => 'Wiederholung:',
'age second' => 'Sekunde',
'age seconds' => 'Sekunden',
'alt dialup' => 'Einwahl',
'alt home' => 'Startseite',
'alt information' => 'Information',
-'alt logs' => 'Logs',
+'alt logs' => 'Protokolle',
'alt ovpn' => 'OpenVPN',
'alt proxy' => 'Proxy',
'alt services' => 'Dienste',
'dnsforward entries' => 'Aktuelle Einträge',
'dnsforward forward_server' => 'DNS-Server',
'dnsforward zone' => 'Zone',
-'dnssec aware' => 'DNSSEC-aware',
-'dnssec disabled warning' => 'WARNING: DNSSEC wurde deaktiviert',
+'dnssec aware' => 'DNSSEC-Informationen verfügbar, aber nicht validierend',
+'dnssec disabled warning' => 'WARNUNG: DNSSEC wurde deaktiviert',
'dnssec information' => 'DNSSEC-Informationen',
'dnssec not supported' => 'DNSSEC wird nicht unterstützt',
'dnssec validating' => 'DNSSEC-validierend',
-'do not log this port list' => 'Verwerfe diese Port-Liste kurz bevor sie protokolliert werden (reduziert Protokollgröße)',
+'do not log this port list' => 'Verwerfe diese Port-Liste, kurz bevor sie protokolliert werden (reduziert Protokollgröße)',
'dod' => 'Dial-on-Demand-Modus',
'dod for dns' => 'Dial-on-Demand für DNS:',
'dod not compatible with ddns' => 'Dial-on-Demand ist nicht kompatibel mit dynamischen DNS-Diensten',
'drop action' => 'Standardverhalten der (Forward) Firewall in Modus "Blocked"',
'drop action1' => 'Standardverhalten der (Outgoing) Firewall in Modus "Blocked"',
'drop action2' => 'Standardverhalten der (Input) Firewall',
-'drop forward' => 'Verworfene (Forward) Firewall-Pakete loggen',
-'drop input' => 'Verworfene Input Pakete loggen',
-'drop newnotsyn' => 'Verworfene New Not Syn Pakete loggen',
-'drop outgoing' => 'Verworfene (Outgoing) Firewall-Pakete loggen',
-'drop portscan' => 'Verworfene Portscan Pakete loggen',
-'drop proxy' => 'Alle Pakete verwerfen die nicht direkt an den Proxy gerichtet sind',
-'drop samba' => 'Alle Microsoft Pakete verwerfen, Ports 135,137,138,139,445,1025',
-'drop wirelessforward' => 'Verworfene Wireless Forward Pakete loggen',
-'drop wirelessinput' => 'Verworfene Wireless Input Pakete loggen',
+'drop forward' => 'Verworfene (Forward) Firewall-Pakete protokollieren',
+'drop input' => 'Verworfene Input Pakete protokollieren',
+'drop newnotsyn' => 'Verworfene New Not Syn Pakete protokollieren',
+'drop outgoing' => 'Verworfene (Outgoing) Firewall-Pakete protokollieren',
+'drop portscan' => 'Verworfene Portscan Pakete protokollieren',
+'drop proxy' => 'Alle Pakete verwerfen, die nicht direkt an den Proxy gerichtet sind',
+'drop samba' => 'Alle Microsoft Pakete verwerfen (Ports 135,137,138,139,445,1025)',
+'drop wirelessforward' => 'Verworfene Wireless Forward Pakete protokollieren',
+'drop wirelessinput' => 'Verworfene Wireless Input Pakete protokollieren',
'dst port' => 'Ziel-Port',
'dstprt range overlaps' => 'Der Zielportbereich überlappt mit einem bereits definierten Port.',
'dstprt within existing' => 'Der Zielport liegt innerhalb eines bereits definierten Portbereichs.',
'eg' => 'z.B.:',
'email config' => 'Konfiguration',
'email empty field' => 'Leeres Feld',
-'email error' => 'ERROR: Testmail konnte nicht versendet werden',
+'email error' => 'FEHLER: Test-E-Mail konnte nicht versendet werden',
'email invalid' => 'Ungültiges Feld',
'email invalid mailfqdn' => 'Ungültiger FQDN für Mailserver',
'email invalid mailip' => 'Ungültige IP-Adresse für Mailserver',
'email mailrcpt' => 'E-Mail-Empfänger',
'email mailsender' => 'E-Mail-Absender',
'email mailuser' => 'Benutzername',
-'email server can not be empty' => 'Email-Server darf nicht leer sein',
+'email server can not be empty' => 'E-Mail-Server darf nicht leer sein',
'email settings' => 'Mailversand',
-'email subject' => 'IPFire Testmail',
-'email success' => 'Testmail erfolgreich versendet',
+'email subject' => 'IPFire Test-E-Mail',
+'email success' => 'Test-E-Mail erfolgreich versendet',
'email testmail' => 'Testnachricht senden',
'email text' => 'Testnachricht vom IPFire Mailversand.',
'email tls' => 'TLS aktivieren',
'email usemail' => 'Mailversand aktivieren',
-'emailreportlevel' => 'Email-Reportlevel',
+'emailreportlevel' => 'E-Mail-Reportlevel',
'empty' => 'Dieses Feld kann leer bleiben',
'empty profile' => 'Unbenannt',
'enable ignore filter' => '"Ignorieren"-Filter ein',
'esp keylife should be between 1 and 24 hours' => 'ESP Schlüssel-Lebensdauer sollte zwischen 1 und 24 Stunden betragen.',
'every' => 'Alle',
'exampel' => 'Beispiel',
-'exclude logfiles' => 'ohne Logdateien',
+'exclude logfiles' => 'ohne Protokolldateien',
'excluding buffers and cache' => '-/+ Puffer/Zwischenspeicher',
'expected' => 'Erwartet',
'expertoptions' => 'Expertenoptionen',
'exportkey' => 'PSK exportieren',
'external access' => 'Externer Zugang',
'external access configuration' => 'Einstellungen für externen Zugang',
-'external access rule added' => 'Regel für externen Zugang hinzugefügt; Starte Zugangskontroller neu',
-'external access rule changed' => 'External access Regel geändert; Der access controller wird neu gestartet.',
-'external access rule removed' => ' Regel für externen Zugang entfernt; Starte Zugangskontroller neu',
+'external access rule added' => 'Regel für externen Zugang hinzugefügt; starte Zugangskontroller neu',
+'external access rule changed' => 'External access Regel geändert; der access controller wird neu gestartet.',
+'external access rule removed' => ' Regel für externen Zugang entfernt; starte Zugangskontroller neu',
'external aliases configuration' => 'Externe Alias-Konfiguration',
'extrahd' => 'ExtraHD',
'extrahd because there is already a device mounted' => ' mounten, weil bereits ein Gerät gemountet ist',
'firewall log country' => 'Firewall-Protokoll (Land)',
'firewall log ip' => 'Firewall-Protokoll (IP)',
'firewall log port' => 'Firewall-Protokoll (Port)',
-'firewall logs' => 'Firewall-Logdateien',
-'firewall logs country' => 'Fw-Logdiagramme (Land)',
-'firewall logs ip' => 'Fw-Logdiagramme (IP)',
-'firewall logs port' => 'Fw-Logdiagramme (Port)',
+'firewall logs' => 'Firewall-Protokolldateien',
+'firewall logs country' => 'Fw-Protokolldiagramme (Land)',
+'firewall logs ip' => 'Fw-Protokolldiagramme (IP)',
+'firewall logs port' => 'Fw-Protokolldiagramme (Port)',
'firewall rules' => 'Firewallregeln',
'firewallhits' => 'Firewalltreffer',
'firmware' => 'Firmware',
'fritzdsl help' => 'Um eines der folgenden Fritz!DSL Modems (Fritz!Card DSL=fcdsl / Fritz!CardDSL SL=fcdslsl / Fritz!Card DSL V2.0=fcdsl2 / Fritz!Card DSL USB=fcdslusb / Fritz!Card DSL USB SL=fcdslslusb) nutzen zu können, müssen Sie ein Paket auf Ihre IPFire-Box laden. Bitte laden Sie den tarball entsprechend Ihrer Version von der IPFire-Webseite herunter und laden Sie dann die gesamte <b>fcdsl-(ihre_version).tgz</b> mit dem folgenden Formular hoch.',
'fritzdsl upload' => 'Fritz!DSL-Treiber hochladen',
'from' => 'Von',
-'from email adr' => 'Von Email Adresse',
-'from email pw' => 'Von Email Passwort',
-'from email server' => 'Von Email Server',
-'from email user' => 'Von Email Benutzer',
-'from warn email bad' => 'Von Email Adresse ist nicht gültig',
+'from email adr' => 'Von E-Mail-Adresse',
+'from email pw' => 'Von E-Mail-Passwort',
+'from email server' => 'Von E-Mail-Server',
+'from email user' => 'Von E-Mail-Benutzer',
+'from warn email bad' => 'Von E-Mail-Adresse ist nicht gültig',
'fw blue' => 'Firewalloptionen für das Blaue Interface',
-'fw default drop' => 'Firewall Policy',
-'fw logging' => 'Firewall-Logging',
+'fw default drop' => 'Firewall Richtlinie',
+'fw logging' => 'Firewall-Protokollierung',
'fw settings' => 'Firewall-Einstellungen',
'fw settings color' => 'Farben in Regeltabelle anzeigen',
'fw settings dropdown' => 'Alle Netzwerke auf Regelerstellungsseite anzeigen',
'fwdfw external port nat' => 'Externer Port (NAT)',
'fwdfw final_rule' => 'Letzte Regel: ',
'fwdfw from' => 'Von:',
-'fwdfw hint ip1' => 'Die zuletzt erzeugte Regel mag eventuell niemals zutreffen, da sich Quelle und Ziel überlappen.',
-'fwdfw hint ip2' => 'Bitte überprüfen Sie, ob diese Regel Sinn macht: ',
+'fwdfw hint ip1' => 'Die zuletzt erzeugte Regel könnte eventuell niemals zutreffen, da sich Quelle und Ziel überlappen.',
+'fwdfw hint ip2' => 'Bitte überprüfen Sie, ob diese Regel Sinn ergibt: ',
'fwdfw hint mac' => 'Sie nutzen MAC-Adressen in der Zielgruppe. Diese werden bei der Regelerstellung übersprungen.',
'fwdfw iface' => 'Interface',
'fwdfw ipsec network' => 'IPsec-Netzwerke:',
'fwhost stdnet' => 'Standard-Netzwerke:',
'fwhost type' => 'Typ',
'fwhost used' => 'Genutzt',
-'fwhost welcome' => 'Hier können einzelne Hosts, Netzwerke oder Dienste zu Gruppen zusammengefasst werden, was das erstellen von Firewallregeln einfacher und schneller macht.',
+'fwhost welcome' => 'Hier können einzelne Hosts, Netzwerke oder Dienste zu Gruppen zusammengefasst werden, was das Erstellen von Firewallregeln einfacher und schneller macht.',
'fwhost wo subnet' => '(Ohne Subnetz)',
'gateway' => 'Gateway',
'gateway ip' => 'Gateway-IP',
'hangup' => 'Trennen',
'hangup string' => 'Auflegen:',
'harddisk temperature' => 'Festplattentemperatur',
-'harddisk temperature graphs' => 'HDD-Diagramme',
+'harddisk temperature graphs' => 'Festplatten-Diagramme',
'hardware graphs' => 'Hardware-Diagramme',
'hardware support' => 'Hardware-Unterstützung',
'hdd temperature in' => 'Festplattentemperatur in',
'idle' => 'Leerlauf',
'idle timeout' => 'Leerlauf-Wartezeit in min (0 zum Deaktivieren):',
'idle timeout not set' => 'Leerlauf-Wartezeit nicht angegeben.',
-'ids log viewer' => 'Ansicht IDS-Log',
-'ids logs' => 'IDS-Logdateien',
+'ids log viewer' => 'Ansicht IDS-Protokoll',
+'ids logs' => 'IDS-Protokolldateien',
'ids preprocessor' => 'IDS-Präprozessor',
'ids rules license' => 'Um Sourcefire VRT Zertifizierte Regeln zu nutzen, müssen Sie sich unter',
'ids rules license1' => ' registrieren.',
'imsi' => 'IMSI',
'in' => 'Ein',
'inactive' => 'inaktiv',
-'include logfiles' => 'mit Logdateien',
+'include logfiles' => 'mit Protokolldateien',
'incoming' => 'eingehend',
'incoming compression in bytes per second' => 'Eingehende Kompression',
'incoming firewall access' => 'Eingehender Firewallzugang',
'internet' => 'INTERNET',
'intrusion detection' => 'Einbruchdetektierung',
'intrusion detection system' => 'Intrusion Detection System',
-'intrusion detection system log viewer' => 'Betrachter der IDS-Logfiles',
+'intrusion detection system log viewer' => 'Betrachter der IDS-Protokolldateien',
'intrusion detection system rules' => 'Intrusion Detection System Regeln',
'intrusion detection system2' => 'Intrusion Detection System:',
'invalid broadcast ip' => 'Ungültige Broadcast-IP',
'invalid input for dhcp wins' => 'Ungültige Eingabe für DHCP WINS',
'invalid input for dpd delay' => 'Ungültige Eingabe für DPD-Verzögerung',
'invalid input for dpd timeout' => 'Ungültige Eingabe für DPD-Zeitüberschreitung',
-'invalid input for e-mail address' => 'Ungültige Eingabe für die E-mail Adresse',
+'invalid input for e-mail address' => 'Ungültige Eingabe für die E-Mail-Adresse',
'invalid input for esp keylife' => 'Ungültige Eingabe für ESP Schlüssel-Lebensdauer',
'invalid input for hostname' => 'Ungültige Eingabe für Hostname',
'invalid input for ike lifetime' => 'Ungültige Eingabe für IKE Lebensdauer',
'invalid input for keepalive 1' => 'Ungültige Eingabe für Keepalive ping',
-'invalid input for keepalive 1:2' => 'Ungültige Eingabe für Keepalive mindestens ein Verhältnis von 1:2',
+'invalid input for keepalive 1:2' => 'Ungültige Eingabe für Keepalive (mindestens ein Verhältnis von 1:2)',
'invalid input for keepalive 2' => 'Ungültige Eingabe für Keepalive ping-restart',
'invalid input for max clients' => 'Ungültige Eingabe für Max Clients',
'invalid input for name' => 'Ungültige Eingabe für vollen Namen des Benutzers oder des System Hostnamens',
'invalid key' => 'Ungültiger Schlüssel.',
'invalid loaded file' => 'Ungültige geladene Datei',
'invalid local-remote id' => 'Local-Id und Remote-Id dürfen nicht gleich sein, und müssen einem "@"-Zeichen beginnen. Dies sind leftid und rightid in der StrongSwan-Terminologie.',
-'invalid logserver address' => 'Ungültige syslogd server Adresse',
+'invalid logserver address' => 'Ungültige syslogd-Server-Adresse',
'invalid mac address' => 'Ungültige MAC-Adresse',
'invalid max lease time' => 'Ungültige max. Haltezeit.',
'invalid maximum incoming size' => 'Ungültige max. ankommende Größe.',
'invalid mtu input' => 'Ungültige MTU',
'invalid netmask' => 'Ungültige Netzwerkmaske',
'invalid port' => 'Ungültiger Port. Bitte gültige Portnummer eingeben.',
-'invalid port list' => 'Portlisten-Syntax lautet: port[,port]... wobei port in /etc/services vorkommt oder Nummer',
+'invalid port list' => 'Portlisten-Syntax lautet: port[,port]... wobei port in /etc/services enthalten ist, alternativ Portnummer',
'invalid primary dns' => 'Ungültiger primärer DNS.',
'invalid primary ntp' => 'Ungültiger primärer NTP.',
'invalid secondary dns' => 'Ungültiger sekundärer DNS.',
'invalid time period' => 'Unzulässiger Zeitabschnitt.',
'invalid uplink speed' => 'Ungültige Uplink-Geschwindigkeit.',
'invalid upstream proxy username or password setting' => 'Ungültige/r Remote-Proxy-Benutzername oder Passwort-Einstellung',
-'invalid users' => 'Liste mit Benutzern denen der Zugriff untersagt ist',
+'invalid users' => 'Liste mit Benutzern, denen der Zugriff untersagt ist',
'invalid vpi vpci' => 'Ungültige VPI/VPCI-Einstellungen',
'invalid wins address' => 'Ungültige WINS Server Addresse.',
'invert' => 'Invertieren',
'ip address' => 'IP-Adresse',
'ip address in use' => 'IP-Adresse bereits vergeben',
-'ip address outside subnets' => 'IP-Adresse ausserhalb der(s) lokalen Subnetze(s)',
+'ip address outside subnets' => 'IP-Adresse außerhalb der(s) lokalen Subnetze(s)',
'ip alias added' => 'Externer IP-Alias hinzugefügt',
'ip alias changed' => 'Externer IP-Alias geändert',
'ip alias removed' => 'Externer IP-Alias entfernt',
'ipinfo' => 'IP-Info',
'ipsec' => 'IPsec',
'ipsec network' => 'IPsec-Netzwerke',
-'ipsec no connections' => 'Keine aktiven IPsec Verbindungen',
+'ipsec no connections' => 'Keine aktiven IPsec-Verbindungen',
'iptable rules' => 'IPTable-Regeln',
'iptmangles' => 'IPTable Mangles',
'iptnats' => 'IPTable Network Address Translation',
'lifetime' => 'Lebensdauer:',
'line' => 'Leitung',
'linkq' => 'Antwortzeit',
-'load printer' => 'Load Printer',
+'load printer' => 'Lade Drucker',
'loaded modules' => 'Geladene Module:',
'local hard disk' => 'Festplatte',
'local master' => 'Local Master',
'localkey' => 'Localkey',
'localkeyfile' => 'Localkeyfile',
'log' => 'Protokoll',
-'log enabled' => 'Log aktiviert',
-'log level' => 'Log Level',
+'log enabled' => 'Protokoll aktiviert',
+'log level' => 'Protokollierungslevel',
'log lines per page' => 'Zeilen pro Seite',
'log server address' => 'Syslog Server',
-'log settings' => 'Logdatei-Einstellungen',
-'log summaries' => 'Log Ãœbersicht',
-'log summary' => 'Log Zusammenfassung',
+'log settings' => 'Protokolldatei-Einstellungen',
+'log summaries' => 'Protokollübersicht',
+'log summary' => 'Protokollzusammenfassung',
'log var messages' => 'Einstellungen für /var/log/messages',
-'log view' => 'Log Anzeige',
+'log view' => 'Protokollanzeige',
'log viewer' => 'Protokollansicht',
-'log viewing options' => 'Log Ansichts-Optionen',
-'log-options' => 'Logfile Optionen',
+'log viewing options' => 'Protokollansichtsoptionen',
+'log-options' => 'Protokolldateioptionen',
'loged in at' => 'Angemeldet seit',
-'logging' => 'Logging',
+'logging' => 'Protokollierung',
'logging server' => 'Protokollierungs-Server',
'loginlogout' => 'Login/Logout',
-'logs' => 'Logdateien',
+'logs' => 'Protokolldateien',
'lookup failed' => 'Reverse Lookup gescheitert',
'loosedirectorychecking' => 'Loose directorychecking',
'low' => 'Niedrig',
'masquerading enabled' => 'NAT eingeschaltet',
'max bandwith' => 'Maximale Bandbreite',
'max incoming size' => 'Max. eingehende Größe (kB):',
-'max lease time' => 'Max. Haltezeit in min:',
+'max lease time' => 'Max. Haltezeit in min.:',
'max outgoing size' => 'Max. abgehende Größe (kB):',
'max reliability' => 'Maximale Zuverlässigkeit',
'max renewal time' => 'Maximale Aktualisierungszeit',
'maximum retries' => 'Maximale Wiederholversuche:',
'may' => 'Mai',
'mbmon display' => 'Anzeigen',
-'mbmon fan' => 'Fan Speed',
-'mbmon fan in' => 'Fan Speed in',
+'mbmon fan' => 'Lüftergeschwindigkeit',
+'mbmon fan in' => 'Lüftergeschwindigkeit in',
'mbmon graphs' => 'mbmon-Diagramme',
'mbmon label' => 'Label',
'mbmon settings' => 'mbmongraph Einstellungen',
-'mbmon temp' => 'Temperature',
-'mbmon temp in' => 'Temperature in',
+'mbmon temp' => 'Temperatur',
+'mbmon temp in' => 'Temperatur in',
'mbmon value' => 'Wert',
-'mbmon volt' => 'Voltage',
+'mbmon volt' => 'Spannung',
'meaning' => 'Bedeutung',
'media' => 'Laufwerke',
'media information' => 'Laufwerksinformationen',
'memory information' => 'Speicherinformationen',
'memory usage per' => 'Speichernutzung pro',
'messages' => 'Meldungen',
-'messages logging' => 'Logeinstellungen für /var/log/messages',
+'messages logging' => 'Protokolleinstellungen für /var/log/messages',
'method' => 'Methode:',
'min costs' => 'Minimale Kosten',
'min delay' => 'Minimale Verzögerung',
'no fritzdsl driver' => 'Kein Fritz!DSL-Treiber vorhanden. Bitte hochladen.',
'no hardware random number generator' => 'Dieses System hat keine Entropiequelle.',
'no information available' => 'Keine Informationen verfügbar.',
-'no log selected' => 'kein Log ausgewählt',
+'no log selected' => 'kein Protokoll ausgewählt',
'no modem selected' => 'Kein Modem ausgewählt',
'no set selected' => 'Es wurde kein Satz ausgewählt',
'no time limit' => 'unbregenzte Zeit',
'openvpn disabled' => 'DEAKTIVIERT',
'openvpn enabled' => 'AKTIVIERT',
'openvpn fragment allowed with udp' => '"fragment" kann nur in Kombination mit dem UDP-Protokoll genutzt werden.',
-'openvpn log' => 'OpenVPN Log',
+'openvpn log' => 'OpenVPN Protokoll',
'openvpn mssfix allowed with udp' => '"mssfix" kann nur in Kombination mit dem UDP-Protokoll genutzt werden.',
'openvpn network' => 'OpenVPN-Netzwerke',
'openvpn prefix local subnet' => 'Die Prefix-Notation wird nicht unterstützt. Bitte geben Sie eine Subnetzmaske beim lokalen Subnetz ein wie z.B. 255.255.255.0.',
'optional data' => '3. Optionale Einstellungen',
'options' => 'Optionen',
'options fw' => 'Firewalloptionen',
-'optionsfw portlist hint' => 'Die Liste der Ports muss durch ein Komma getrennt werden (z.B. 137,138). Sie können maximal bis zu 15 Ports pro Protokoll angeben.',
-'optionsfw warning' => 'Verändern dieser Optionen bedingt einen Neustart der Firewall',
+'optionsfw portlist hint' => 'Die Liste der Ports muss durch Kommata getrennt werden (z.B. 137,138). Sie können maximal bis zu 15 Ports pro Protokoll angeben.',
+'optionsfw warning' => 'Verändern dieser Optionen erfordert einen Neustart der Firewall',
'or' => 'oder',
'orange' => 'ORANGE',
'organization cant be empty' => 'Organisation darf nicht leer sein.',
'outgoing firewall edit ip group' => 'IP Adressgruppen bearbeiten',
'outgoing firewall edit mac group' => 'MAC Adressgruppen bearbeiten',
'outgoing firewall group error' => 'Eine Gruppe mit dem selben Namen existiert bereits.',
-'outgoing firewall groups' => 'Firewall Gruppen',
+'outgoing firewall groups' => 'Firewallgruppen',
'outgoing firewall ip groups' => 'Ausgehende Firewall IP Adressgruppen',
'outgoing firewall mac groups' => 'Ausgehende Firewall MAC Adressgruppen',
-'outgoing firewall mode0' => 'In diesem Modus ist es allen Rechnern im Netzwerk uneingeschränkt möglich Verbindungen ins Internet aufzubauen.',
+'outgoing firewall mode0' => 'In diesem Modus ist es allen Rechnern im Netzwerk uneingeschränkt möglich, Verbindungen ins Internet aufzubauen.',
'outgoing firewall mode1' => 'In diesem Modus werden nur Verbindungen nach den oben definierten Regeln zugelassen.',
'outgoing firewall mode2' => 'In diesem Modus werden sämtliche Verbindungen erlaubt, bis auf die oben definierten Block-Regeln.',
'outgoing firewall outgoing firewall reserved groupname' => 'Bitte einen anderen Gruppennamen verwenden, dieser ist ein reserviertes Wort.',
'ovpn generating the root and host certificates' => 'Die Erzeugung der Root- und Host-Zertifikate kann lange Zeit dauern.',
'ovpn ha' => 'Hash-Algorithmus',
'ovpn hmac' => 'HMAC-Optionen',
-'ovpn log' => 'OVPN-Log',
+'ovpn log' => 'OVPN-Protokoll',
'ovpn mgmt in root range' => 'Ein Port von 1024 oder höher ist erforderlich.',
'ovpn mtu-disc' => 'Path MTU Discovery',
'ovpn mtu-disc and mtu not 1500' => 'Path MTU Discovery benötigt eine MTU von 1500.',
'ovpn on orange' => 'OpenVPN auf ORANGE:',
'ovpn on red' => 'OpenVPN auf ROT:',
'ovpn port in root range' => 'Ein Port von 1024 oder höher ist erforderlich.',
-'ovpn reneg sec' => 'Session Key Lifetime',
+'ovpn reneg sec' => 'Sitzungsschlüssellebensdauer',
'ovpn routes push' => 'Routen (eine pro Zeile) z.b. 192.168.10.0/255.255.255.0 192.168.20.0/24',
'ovpn routes push options' => 'Route push Optionen',
'ovpn server status' => 'OpenVPN-Server-Status',
'ovpn_processprioN' => 'Normal',
'ovpn_processprioVD' => 'Sehr Tief',
'ovpn_processprioVH' => 'Sehr Hoch',
-'ovpnstatus log' => 'OVPN-Status-Log',
-'ovpnsys log' => 'OVPN-System-Log',
+'ovpnstatus log' => 'OVPN-Status-Protokoll',
+'ovpnsys log' => 'OVPN-System-Protokoll',
'p2p block' => 'P2P-Netzwerke',
'p2p block save notice' => 'Bitte lesen Sie die Firewallregeln neu ein, damit die Änderungen aktiv werden.',
'package failed to install' => 'Programmpaket konnte nicht installiert werden.',
'pakfire ago' => 'her.',
'pakfire available addons' => 'Verfügbare Addons:',
'pakfire configuration' => 'Pakfire Konfiguration',
-'pakfire core update auto' => 'Core und Addon Updates automatisch installieren:',
+'pakfire core update auto' => 'Core- und Addon-Updates automatisch installieren:',
'pakfire core update level' => 'Core-Update-Level',
'pakfire health check' => 'Mirrors auf Erreichbarkeit prüfen (Ping):',
-'pakfire install description' => 'Wählen Sie ein oder mehrere Pakete zur Installation aus und drücken Sie auf das plus Symbol.',
+'pakfire install description' => 'Wählen Sie ein oder mehrere Pakete zur Installation aus und drücken Sie auf das plus-Symbol.',
'pakfire install package' => 'Sie möchten folgende Pakete installieren: ',
'pakfire installed addons' => 'Installierte Addons:',
'pakfire last core list update' => 'Letztes Corelisten Update ist',
'pakfire possible dependency' => ' Möglicherweise haben diese Pakete Abhängigkeiten, d.h. andere Pakete müssen zusätzlich installiert werden. Dazu sehen Sie unten eine Liste.',
'pakfire register' => 'Registrierung am Pakfire-Server:',
'pakfire system state' => 'System Status',
-'pakfire uninstall description' => 'Wählen Sie ein oder mehrere Pakete zur Deinstallation aus und drücken Sie auf das minus Symbol.',
+'pakfire uninstall description' => 'Wählen Sie ein oder mehrere Pakete zur Deinstallation aus und drücken Sie auf das minus-Symbol.',
'pakfire uninstall package' => 'Sie möchten folgende Pakete deinstallieren: ',
'pakfire update daily' => 'Täglich nach Updates suchen:',
'pakfire updates' => 'Zur Verfügung stehende Updates:',
'proxy cachemgr' => 'Cachemanager aktivieren',
'proxy errmsg filedescriptors' => 'Ungültiger Anzahl Filedescriptoren',
'proxy filedescriptors' => 'Anzahl Filedescriptoren',
-'proxy log viewer' => 'Ansicht Proxy-Log',
-'proxy logs' => 'Proxy-Logdateien',
+'proxy log viewer' => 'Ansicht Proxy-Protokoll',
+'proxy logs' => 'Proxy-Protokolldateien',
'proxy no proxy extend' => 'oder geben Sie eine Liste von Zielen an, welche nicht über den Proxy angesprochen werden sollen',
'proxy no proxy local' => 'Lokalen Proxy auf blauen/grünen Netzwerken verhindern',
'proxy port' => 'Proxy-Port',
'remote access' => 'Fernwartung',
'remote announce' => 'Remote Announce',
'remote browse sync' => 'Remote Browse Sync',
-'remote host/ip' => 'Remote Host/IP',
-'remote logging' => 'Remote logging',
-'remote subnet' => 'Remote Subnetz:',
-'remote subnet is invalid' => 'Remote Subnetz ist ungültig.',
+'remote host/ip' => 'Entfernte(r) Host/IP',
+'remote logging' => 'Entfernte Protokollierung',
+'remote subnet' => 'Entferntes Subnetz:',
+'remote subnet is invalid' => 'Entferntes Subnetz ist ungültig.',
'removable device advice' => 'Stecken Sie ein Gerät an, aktualisieren Sie und binden Sie es vor der Benutzung ein. Melden Sie das Gerät vorm Entfernen ab.',
'remove' => 'Löschen',
'remove ca certificate' => 'CA-Zertifikat entfernen',
'reset' => 'Zurücksetzen',
'reset shares' => 'Freigaben zurücksetzen',
'resetglobals' => 'Globale Einstellungen zurücksetzen',
-'resetpolicy' => 'Policy zurücksetzen',
+'resetpolicy' => 'Richtlinie zurücksetzen',
'resetshares' => 'Shares zurücksetzen?',
'resetting the vpn configuration will remove the root ca, the host certificate and all certificate based connections' => 'Das Löschen des X509 wird die Root-CA, die Host-Zertifikate und alle zertifikatsbasierten Verbindungen entfernen.',
'restart' => 'Neustart',
'select source net' => 'Auswahl Quell-Netz',
'selecttraffic' => 'Trafficübersicht auswählen:',
'send cr' => 'ISP verlangt Zeilenrücklaufzeichen:',
-'send email notification' => 'Aktiviert, Email Benachrichtigung senden',
+'send email notification' => 'Aktiviert, E-Mail Benachrichtigung senden',
'send test mail' => 'Sende Testemail',
'september' => 'September',
'serial' => 'serielle',
'stop ovpn server' => 'Stoppe OpenVPN-Server',
'stopped' => 'ANGEHALTEN',
'subject' => 'Betreff',
-'subject test' => 'Testemail',
+'subject test' => 'Test-E-Mail',
'subject warn' => 'Warnung - Warnlevel erreicht',
'subnet' => 'Subnet',
'subnet is invalid' => 'Netzmaske ist ungültig',
'system has hwrng' => 'Dieses System hat einen Hardware-Zufallszahlengenerator.',
'system has rdrand' => 'Dieses System unterstützt Intel(R) RDRAND.',
'system information' => 'Systeminformationen',
-'system log viewer' => 'Betrachter der System-Logdateien',
-'system logs' => 'System-Logdateien',
+'system log viewer' => 'Betrachter der Systemprotokolldateien',
+'system logs' => 'Systemprotokolldateien',
'system status information' => 'System-Statusinformationen',
'ta key' => 'TLS-Authentifizierungsschlüssel',
'telephone not set' => 'Telefonnummer nicht angegeben.',
'template' => 'Vorlage',
'template warning' => 'Zur Einrichtung von QoS stehen Ihnen 2 Möglichkeiten zur Auswahl. Entweder Sie wählen speichern und erstellen Klassen und Regeln nach Ihren Wünschen, oder Sie wählen Vorlage, dann werden die Klassen und Regeln durch ein Template generiert.',
'test' => 'test',
-'test email could not be sent' => 'Könnte Testemail nicht senden',
-'test email was sent' => 'Testemail wurde erfolgreich versand',
+'test email could not be sent' => 'Könnte Test-E-Mail nicht senden',
+'test email was sent' => 'Test-E-Mail wurde erfolgreich versand',
'the following update was successfully installed' => 'Das folgende Update wurde erfolgreich installiert',
'the statistics were last updated at' => 'Die Statistik wurde zuletzt aktualisiert am',
'theme' => 'Style',
'tor connected relays' => 'Verbundene Relays',
'tor contact info' => 'Kontaktinformationen',
'tor daemon' => 'Daemon',
-'tor directory port' => 'Directory-Port',
+'tor directory port' => 'Verzeichnis-Port',
'tor enabled' => 'Tor einschalten',
'tor errmsg invalid accounting limit' => 'Ungültiges Accounting-Limit',
-'tor errmsg invalid directory port' => 'Ungültiger Directory-Port',
+'tor errmsg invalid directory port' => 'Ungültiger Verzeichnis-Port',
'tor errmsg invalid ip or mask' => 'Ungültiges IP-Subnetz',
'tor errmsg invalid relay address' => 'Ungültige Relay-Adresse',
'tor errmsg invalid relay name' => 'Ungültiger Relay-Nickname',
'tor relay enabled' => 'Tor-Relay einschalten',
'tor relay external address' => 'Externe Relay-Adresse',
'tor relay fingerprint' => 'Relay-Fingerabdruck',
-'tor relay mode' => 'Relay-Modues',
+'tor relay mode' => 'Relay-Modus',
'tor relay mode bridge' => 'Bridge',
'tor relay mode exit' => 'Exit-Node',
'tor relay mode private bridge' => 'private Bridge',
'tor relay mode relay' => 'Nur Relay',
-'tor relay nickname' => 'Relay-Nickname',
+'tor relay nickname' => 'Relay-Spitzname',
'tor relay port' => 'Relay-Port',
'tor service' => 'Tor-Service',
'tor socks port' => 'SOCKS-Port',
'tor traffic read written' => 'Gesamter Traffic (empfangen/gesendet)',
'tor use exit nodes' => 'Nur diese Exit-Nodes benutzen (eins pro Zeile)',
'total connection time' => 'Verbindungszeit',
-'total hits for log section' => 'Gesamte Treffer für Log Sektion',
+'total hits for log section' => 'Gesamte Treffer für Protokollsektion',
'traffic back' => 'Zurück',
'traffic calc time' => 'Berechnungszeitpunkt',
'traffic calc time bad' => 'Berechnungsintervall ist nicht gültig',
'upload a certificate request' => 'Eine Zertifikatsanfrage hochladen:',
'upload ca certificate' => 'CA-Zertifikat hochladen',
'upload dh key' => 'Diffie-Hellman-Parameter hochladen',
-'upload file' => 'Datei zum hochladen',
+'upload file' => 'Datei zum Hochladen',
'upload new ruleset' => 'Neuen Regelsatz hochladen',
'upload p12 file' => 'PKCS12-Datei hochladen',
'upload static key' => 'Statischen Schlüssel hochladen',
'urlfilter filesize' => 'Größe',
'urlfilter filter settings' => 'URL-Filter Einstellungen',
'urlfilter fri' => 'F',
-'urlfilter friday' => 'Fre',
+'urlfilter friday' => 'Fr',
'urlfilter from' => 'Von',
'urlfilter hourly' => 'stündlich',
'urlfilter import blacklist' => 'Blacklist importieren',
'urlfilter invalid user error' => 'Ungültiger Benutzername',
'urlfilter load blacklist' => 'Blacklist laden',
'urlfilter local file redirection' => 'Lokale Dateiumleitung',
-'urlfilter log' => 'Urlfilter Log',
+'urlfilter log' => 'URL-Filter Protokoll',
'urlfilter log summary' => 'Gesamtanzahl der URL-Filter-Treffer für',
-'urlfilter log viewer' => 'Ansicht URL-Filter-Log',
-'urlfilter logs' => 'URL-Filter-Logdateien',
+'urlfilter log viewer' => 'Ansicht URL-Filter-Protokoll',
+'urlfilter logs' => 'URL-Filter-Protokolldateien',
'urlfilter maintenance' => 'URL-Filter Wartung',
'urlfilter manage local file repository' => 'Lokale Dateiablage verwalten',
'urlfilter manage repository' => 'Ablage verwalten',
'urlfilter mode allow' => 'erlauben',
'urlfilter mode block' => 'sperren',
'urlfilter mon' => 'M',
-'urlfilter monday' => 'Mon',
+'urlfilter monday' => 'Mo',
'urlfilter monthly' => 'monatlich',
'urlfilter msg text 1' => 'Nachricht Zeile 1',
'urlfilter msg text 2' => 'Nachricht Zeile 2',
'urlfilter restore text' => 'Um eine vorher gesicherte Konfiguration wieder herzustellen, kann hier eine .tar.gz-Sicherungsdatei hochgeladen werden',
'urlfilter safesearch' => 'Aktiviere SafeSearch',
'urlfilter sat' => 'S',
-'urlfilter saturday' => 'Sam',
+'urlfilter saturday' => 'Sa',
'urlfilter save and restart' => 'Speichern und Neustart',
'urlfilter save schedule' => 'Updateeinstellungen speichern',
'urlfilter select blacklist' => 'Vorhandene Blacklist auswählen',
'urlfilter src' => 'Quelle',
'urlfilter src error' => 'Quelle darf nicht leer sein',
'urlfilter sun' => 'S',
-'urlfilter sunday' => 'Son',
+'urlfilter sunday' => 'So',
'urlfilter tar error' => 'Konnte die Dateien nicht aus dem Archiv extrahieren',
'urlfilter thu' => 'D',
-'urlfilter thursday' => 'Don',
+'urlfilter thursday' => 'Do',
'urlfilter time' => 'Zeit',
'urlfilter time quota' => 'Zeitkontingent',
'urlfilter time space' => 'Zeitraum',
'urlfilter timespace error' => 'Fehler bei der Angabe des Zeitraumes',
'urlfilter to' => 'Bis',
'urlfilter tue' => 'D',
-'urlfilter tuesday' => 'Die',
+'urlfilter tuesday' => 'Di',
'urlfilter unfiltered clients' => 'Ungefilterte IP-Adressen',
'urlfilter update information' => 'Eine aktualisierte Version steht zum Download bereit. Besuchen Sie <a href="http://www.urlfilter.net" target="_blank">http://www.urlfilter.net</a> für weitere Informationen.',
'urlfilter update notification' => 'Update-Benachrichtigung!',
'urlfilter username log' => 'Protokolliere Benutzername',
'urlfilter web proxy service required' => 'Um den URL-Filter zu verwenden, muss der Web-Proxy-Dienst aktiviert sein',
'urlfilter wed' => 'M',
-'urlfilter wednesday' => 'Mit',
+'urlfilter wednesday' => 'Mi',
'urlfilter weekday error' => 'Es muss mindestens ein Tag ausgewählt werden',
'urlfilter weekly' => 'wöchentlich',
'urlfilter whitelist always allowed' => 'Erlaube angepasste Whitelist für gesperrte Clients',
'used memory' => 'Genutzter Speicher',
'used swap' => 'Genutzter Swap',
'user' => 'Benutzer',
-'user log' => 'Benutzer Log',
-'user proxy logs' => 'Benutzer Proxy Log',
+'user log' => 'Benutzerprotokoll',
+'user proxy logs' => 'Benutzer Proxy Protokoll',
'username' => 'Benutzername:',
'username not set' => 'Benutzername nicht angegeben.',
'users department' => 'Abteilung des Benutzers',
-'users email' => 'E-mail-Adresse des Benutzers',
+'users email' => 'E-Mail-Adresse des Benutzers',
'users fullname or system hostname' => 'Voller Name oder System-Hostname des Benutzers',
'valid root certificate already exists' => 'Ein gültiges Root-Zertifikat existiert bereits.',
'valid till' => 'Gültig bis',
'vci number' => 'VCI-Nummer:',
'vendor' => 'Hersteller',
-'view log' => 'Log anzeigen',
+'view log' => 'Protokoll anzeigen',
'virtual address' => 'Virtuelle Addresse',
'virtual private networking' => 'Virtuelles Privates Netzwerk',
'visible in browselist' => 'Sichtbar in der Verzeichnisliste',
'vpn auth-dn' => 'Peer wird identifiziert durch entweder ein IPV4_ADDR, FQDN, USER_FQDN oder DER_ASN1_DN string in Remote ID Feld',
'vpn broken' => 'Gebrochen',
'vpn connecting' => 'VERBINDUNGSAUFBAU',
-'vpn delayed start' => 'Verzögerung bevor VPN gestartet wird (Sekunden)',
+'vpn delayed start' => 'Verzögerung, bevor VPN gestartet wird (in Sekunden)',
'vpn delayed start help' => 'Falls notwendig, kann diese Verzögerung dazu verwendet werden, um Dynamic-DNS-Updates ordnungsgemäß anzuwenden. 60 ist ein gängiger Wert, wenn ROT (RED) eine dynamische IP Adresse ist.',
'vpn incompatible use of defaultroute' => 'Hostname=%defaultroute nicht zulässig',
'vpn keyexchange' => 'Schlüsseltausch',
'vpn on blue' => 'VPN auf BLAU',
'vpn on green' => 'VPN auf GRÃœN',
'vpn on orange' => 'VPN auf ORANGE',
-'vpn on-demand' => 'ON DEMAND',
+'vpn on-demand' => 'BEI BEDARF',
'vpn payload compression' => 'Datennutzlast-Kompression aushandeln',
'vpn red name' => 'Öffentliche IP oder FQDN für das rote Interface oder <%defaultroute>',
'vpn remote id' => 'Remote ID',
'vpn start action' => 'Startaktion',
-'vpn start action route' => 'On Demand',
+'vpn start action route' => 'Bei Bedarf',
'vpn start action start' => 'Immer An',
'vpn statistic n2n' => 'OpenVPN-Netz-zu-Netz-Statistik',
'vpn statistic rw' => 'OpenVPN-Roadwarrior-Statistik',
'wlan client wpa mode ccmp tkip' => 'CCMP-TKIP',
'wlan client wpa mode tkip tkip' => 'TKIP-TKIP',
'wlan clients' => 'WLAN-Clients',
-'wlanap access point' => 'Access Point',
+'wlanap' => 'Access Point',
'wlanap channel' => 'Kanal',
+'wlanap configuration' => 'Access Point Konfiguration',
'wlanap country' => 'Ländercode',
'wlanap debugging' => 'Debugging',
'wlanap del interface' => 'Ausgewähltes Interface zurücksetzen?',
'yes' => 'Ja',
'you can only define one roadwarrior connection when using pre-shared key authentication' => 'Sie können nur eine Roadwarrior-Verbindung definieren, wenn die Pre-shared-Schlüsselauthentifizierung verwendet wird.<br/>Entweder haben Sie bereits eine Roadwarrior-Verbindung mit Pre-shared-Schlüsselauthentifizierung, oder Sie versuchen gerade, eine hinzuzufügen.',
'your department' => 'Ihre Abteilung',
-'your e-mail' => 'Ihre E-mail Adresse',
+'your e-mail' => 'Ihre E-Mail-Adresse',
);
#EOF
'wlan client wpa mode ccmp tkip' => 'CCMP-TKIP',
'wlan client wpa mode tkip tkip' => 'TKIP-TKIP',
'wlan clients' => 'Wireless clients',
-'wlanap access point' => 'Access Point',
+'wlanap' => 'Access Point',
'wlanap channel' => 'Channel',
+'wlanap configuration' => 'Access Point Configuration',
'wlanap country' => 'Country Code',
'wlanap debugging' => 'Debugging',
'wlanap del interface' => 'Remove selected interface?',
include Config
-VER = 2.2.29
+VER = 2.4.27
THISAPP = httpd-$(VER)
DL_FILE = $(THISAPP).tar.bz2
DL_FROM = $(URL_IPFIRE)
+
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
+DEPS = "aprutil pcre"
+
###############################################################################
# Top-level Rules
###############################################################################
-objects = $(DL_FILE) \
- httpd-2.2.2-config-1.patch
+objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-httpd-2.2.2-config-1.patch = $(DL_FROM)/httpd-2.2.2-config-1.patch
-$(DL_FILE)_MD5 = 579342fdeaa7b8b68d17fee91f8fab6e
-httpd-2.2.2-config-1.patch_MD5 = e02a3ec5925eb9e111400b9aa229f822
+$(DL_FILE)_MD5 = 97b6bbfa83c866dbe20ef317e3afd108
install : $(TARGET)
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && patch -Np1 -i $(DIR_DL)/httpd-2.2.2-config-1.patch
-
+ cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/apache-2.4.27-PR61382-fix.patch
+ cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/apache-2.4.27-CVE-2017-9798-fix.patch
### Add IPFire's layout, too
echo "# IPFire layout" >> $(DIR_APP)/config.layout
echo "<Layout IPFire>" >> $(DIR_APP)/config.layout
echo "</Layout>" >> $(DIR_APP)/config.layout
cd $(DIR_APP) && ./configure --enable-layout=IPFire \
- --enable-ssl --enable-mods-shared=all --enable-proxy
+ --enable-ssl --enable-mods-shared=all --enable-proxy --with-mpm=event
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
chown -v root:root /usr/lib/apache/httpd.exp \
- /usr/sbin/{apxs,apachectl,dbmmanage,envvars{,-std}} \
- /usr/share/man/man1/{dbmmanage,ht{dbm,digest,passwd,txt2dbm}}.1 \
- /usr/share/man/man8/{ab,apachectl,apxs,htcacheclean,httpd}.8 \
- /usr/share/man/man8/{logresolve,rotatelogs,suexec}.8
+ /usr/bin/{apxs,dbmmanage} \
+ /usr/sbin/apachectl \
+ /usr/share/man/man1/{ab,apxs,dbmmanage,ht{dbm,digest,passwd,txt2dbm},logresolve}.1 \
+ /usr/share/man/man8/{apachectl,htcacheclean,httpd}.8 \
+ /usr/share/man/man8/{rotatelogs,suexec}.8
# Install apache config
cp -rf $(DIR_CONF)/httpd/* /etc/httpd/conf
--- /dev/null
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007-2014 IPFire Team <info@ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER = 1.6.2
+
+THISAPP = apr-$(VER)
+DL_FILE = $(THISAPP).tar.bz2
+DL_FROM = http://archive.apache.org/dist/apr
+DIR_APP = $(DIR_SRC)/$(THISAPP)
+
+TARGET = $(DIR_INFO)/$(THISAPP)
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = e81a851967c79b5ce9bfbc909e4bf735
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+ @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+ @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+ @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+ @$(PREBUILD)
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
+
+ cd $(DIR_APP) && ./configure --prefix=/usr \
+ --disable-static --with-installbuilddir=/usr/share/apr-1/build
+ cd $(DIR_APP) && make $(MAKETUNING)
+ cd $(DIR_APP) && make install
+
+ @rm -rf $(DIR_APP)
+ @$(POSTBUILD)
--- /dev/null
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007-2014 IPFire Team <info@ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER = 1.6.0
+
+THISAPP = apr-util-$(VER)
+DL_FILE = $(THISAPP).tar.bz2
+DL_FROM = http://archive.apache.org/dist/apr
+DIR_APP = $(DIR_SRC)/$(THISAPP)
+
+TARGET = $(DIR_INFO)/$(THISAPP)
+
+DEPS = "apr"
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = 069a9a980776acab05212c5f37ef8368
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+ @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+ @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+ @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+ @$(PREBUILD)
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
+
+ cd $(DIR_APP) && ./configure --prefix=/usr \
+ --with-apr=/usr --with-gdbm=/usr --with-openssl=/usr --with-crypto --with-expat=/usr
+ cd $(DIR_APP) && make $(MAKETUNING)
+ cd $(DIR_APP) && make install
+
+ @rm -rf $(DIR_APP)
+ @$(POSTBUILD)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = cacti
-PAK_VER = 5
+PAK_VER = 6
DEPS = "netsnmpd mysql"
include Config
-VER = 3.5.14
+VER = 3.5.15
THISAPP = gnutls-$(VER)
DL_FILE = $(THISAPP).tar.xz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 1e84b57a472b5f3b01f2c1b7a3a2bcbe
+$(DL_FILE)_MD5 = bcdcbc65c50a7499617ad9f4d0058de9
install : $(TARGET)
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2015 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2017 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
include Config
-VER = 9.50
+VER = 9.52
THISAPP = hdparm-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = d380062ad6c4b40076736efbb640f1f5
+$(DL_FILE)_MD5 = 410539d0bf3cc247181594581edbfb53
install : $(TARGET)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = hostapd
-PAK_VER = 38
+PAK_VER = 39
DEPS = ""
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = icinga
-PAK_VER = 1
+PAK_VER = 2
DEPS = ""
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = nagios
-PAK_VER = 2
+PAK_VER = 3
DEPS = "traceroute"
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = openmailadmin
-PAK_VER = 1
+PAK_VER = 2
DEPS = "cyrus-imapd postfix mysql"
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = owncloud
-PAK_VER = 6
+PAK_VER = 7
DEPS = ""
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = phpSANE
-PAK_VER = 1
+PAK_VER = 2
DEPS = "sane netpbm"
include Config
-VER = 3.5.26
+VER = 3.5.27
THISAPP = squid-$(VER)
DL_FILE = $(THISAPP).tar.xz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 510e2c84773879c00d0e7ced997864d9
+$(DL_FILE)_MD5 = 39ef8199675d48a314b540f92c00c545
install : $(TARGET)
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar xaf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14169.patch
- cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14170.patch
- cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14171.patch
- cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14172.patch
- cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14173.patch
- cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14174.patch
- cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14175.patch
- cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14176.patch
- cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14177.patch
- cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14178.patch
- cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14179.patch
- cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14180.patch
- cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14181.patch
- cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14182.patch
- cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.5.26-fix-max-file-descriptors.patch
+ cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.5.27-fix-max-file-descriptors.patch
cd $(DIR_APP) && autoreconf -vfi
cd $(DIR_APP)/libltdl && autoreconf -vfi
include Config
-VER = 5.5.3
+VER = 5.6.0
THISAPP = strongswan-$(VER)
DL_FILE = $(THISAPP).tar.bz2
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 4afffe3c219bb2e04f09510905af836b
+$(DL_FILE)_MD5 = befb5e827d02433fea6669c20e11530a
install : $(TARGET)
include Config
-VER = 4.9.0
+VER = 4.9.2
THISAPP = tcpdump-$(VER)
DL_FILE = $(THISAPP).tar.gz
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = tcpdump
-PAK_VER = 8
+PAK_VER = 9
DEPS = ""
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 2b83364eef53b63ca3181b4eb56dab0c
+$(DL_FILE)_MD5 = 9bbc1ee33dab61302411b02dd0515576
install : $(TARGET)
include Config
-VER = 1.6.4
+VER = 1.6.6
THISAPP = unbound-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = ab6f7c07610907f1d87191c9ac2db87a
+$(DL_FILE)_MD5 = f2cc56bd88c9634fe18334d2421205f1
install : $(TARGET)
NAME="IPFire" # Software name
SNAME="ipfire" # Short name
VERSION="2.19" # Version number
-CORE="113" # Core Level (Filename)
-PAKFIRE_CORE="113" # Core Level (PAKFIRE)
+CORE="114" # Core Level (Filename)
+PAKFIRE_CORE="114" # Core Level (PAKFIRE)
GIT_BRANCH=`git rev-parse --abbrev-ref HEAD` # Git Branch
SLOGAN="www.ipfire.org" # Software slogan
CONFIG_ROOT=/var/ipfire # Configuration rootdir
lfsmake2 libevent2
lfsmake2 libevent2-compat
lfsmake2 expat
+ lfsmake2 apr
+ lfsmake2 aprutil
lfsmake2 unbound
lfsmake2 gnutls
lfsmake2 bind
unbound-control -q set_option val-permissive-mode: yes
}
+fix_time_if_dns_fail() {
+ # If DNS still not work try to init ntp with
+ # hardcoded ntp.ipfire.org (81.3.27.46)
+ if [ -e /var/ipfire/red/active ]; then
+ host 0.ipfire.pool.ntp.org > /dev/null 2>&1
+ if [ "${?}" != "0" ]; then
+ boot_mesg "DNS still not work ... init time with ntp.ipfire.org at 81.3.27.46 ..."
+ loadproc /usr/local/bin/settime 81.3.27.46
+ fi
+ fi
+}
+
case "$1" in
start)
# Print a nicer messagen when unbound is already running
# Update hosts
update_hosts
- # If DNS still not work try to init ntp with
- # hardcoded ntp.ipfire.org (81.3.27.46)
- if [ -e /var/ipfire/red/active ]; then
- host 0.ipfire.pool.ntp.org > /dev/null 2>&1
- if [ "${?}" != "0" ]; then
- boot_mesg "DNS still not work ... init time with ntp.ipfire.org at 81.3.27.46 ..."
- loadproc /usr/local/bin/settime 81.3.27.46
- fi
- fi
+ fix_time_if_dns_fail
;;
stop)
fi
update_forwarders
+
+ unbound-control flush_negative > /dev/null
+ unbound-control flush_bogus > /dev/null
+
+ fix_time_if_dns_fail
;;
test-name-server)
--- /dev/null
+--- server/core.c 2017/08/16 16:50:29 1805223
++++ server/core.c 2017/09/08 13:13:11 1807754
+@@ -2262,6 +2262,12 @@
+ /* method has not been registered yet, but resource restriction
+ * is always checked before method handling, so register it.
+ */
++ if (cmd->pool == cmd->temp_pool) {
++ /* In .htaccess, we can't globally register new methods. */
++ return apr_psprintf(cmd->pool, "Could not register method '%s' "
++ "for %s from .htaccess configuration",
++ method, cmd->cmd->name);
++ }
+ methnum = ap_method_register(cmd->pool,
+ apr_pstrdup(cmd->pool, method));
+ }
--- /dev/null
+Index: modules/http2/h2_bucket_beam.c
+===================================================================
+--- modules/http2/h2_bucket_beam.c (revision 1804645)
++++ modules/http2/h2_bucket_beam.c (working copy)
+@@ -287,7 +287,7 @@
+ /* do not count */
+ }
+ else if (APR_BUCKET_IS_FILE(b)) {
+- /* if unread, has no real mem footprint. how to test? */
++ /* if unread, has no real mem footprint. */
+ }
+ else {
+ len += b->length;
+@@ -316,32 +316,80 @@
+ return APR_SIZE_MAX;
+ }
+
+-static apr_status_t wait_cond(h2_bucket_beam *beam, apr_thread_mutex_t *lock)
++static int buffer_is_empty(h2_bucket_beam *beam)
+ {
+- if (beam->timeout > 0) {
+- return apr_thread_cond_timedwait(beam->cond, lock, beam->timeout);
++ return ((!beam->recv_buffer || APR_BRIGADE_EMPTY(beam->recv_buffer))
++ && H2_BLIST_EMPTY(&beam->send_list));
++}
++
++static apr_status_t wait_empty(h2_bucket_beam *beam, apr_read_type_e block,
++ apr_thread_mutex_t *lock)
++{
++ apr_status_t rv = APR_SUCCESS;
++
++ while (!buffer_is_empty(beam) && APR_SUCCESS == rv) {
++ if (APR_BLOCK_READ != block || !lock) {
++ rv = APR_EAGAIN;
++ }
++ else if (beam->timeout > 0) {
++ rv = apr_thread_cond_timedwait(beam->change, lock, beam->timeout);
++ }
++ else {
++ rv = apr_thread_cond_wait(beam->change, lock);
++ }
+ }
+- else {
+- return apr_thread_cond_wait(beam->cond, lock);
++ return rv;
++}
++
++static apr_status_t wait_not_empty(h2_bucket_beam *beam, apr_read_type_e block,
++ apr_thread_mutex_t *lock)
++{
++ apr_status_t rv = APR_SUCCESS;
++
++ while (buffer_is_empty(beam) && APR_SUCCESS == rv) {
++ if (beam->aborted) {
++ rv = APR_ECONNABORTED;
++ }
++ else if (beam->closed) {
++ rv = APR_EOF;
++ }
++ else if (APR_BLOCK_READ != block || !lock) {
++ rv = APR_EAGAIN;
++ }
++ else if (beam->timeout > 0) {
++ rv = apr_thread_cond_timedwait(beam->change, lock, beam->timeout);
++ }
++ else {
++ rv = apr_thread_cond_wait(beam->change, lock);
++ }
+ }
++ return rv;
+ }
+
+-static apr_status_t r_wait_space(h2_bucket_beam *beam, apr_read_type_e block,
+- h2_beam_lock *pbl, apr_size_t *premain)
++static apr_status_t wait_not_full(h2_bucket_beam *beam, apr_read_type_e block,
++ apr_size_t *pspace_left, h2_beam_lock *bl)
+ {
+- *premain = calc_space_left(beam);
+- while (!beam->aborted && *premain <= 0
+- && (block == APR_BLOCK_READ) && pbl->mutex) {
+- apr_status_t status;
+- report_prod_io(beam, 1, pbl);
+- status = wait_cond(beam, pbl->mutex);
+- if (APR_STATUS_IS_TIMEUP(status)) {
+- return status;
++ apr_status_t rv = APR_SUCCESS;
++ apr_size_t left;
++
++ while (0 == (left = calc_space_left(beam)) && APR_SUCCESS == rv) {
++ if (beam->aborted) {
++ rv = APR_ECONNABORTED;
+ }
+- r_purge_sent(beam);
+- *premain = calc_space_left(beam);
++ else if (block != APR_BLOCK_READ || !bl->mutex) {
++ rv = APR_EAGAIN;
++ }
++ else {
++ if (beam->timeout > 0) {
++ rv = apr_thread_cond_timedwait(beam->change, bl->mutex, beam->timeout);
++ }
++ else {
++ rv = apr_thread_cond_wait(beam->change, bl->mutex);
++ }
++ }
+ }
+- return beam->aborted? APR_ECONNABORTED : APR_SUCCESS;
++ *pspace_left = left;
++ return rv;
+ }
+
+ static void h2_beam_emitted(h2_bucket_beam *beam, h2_beam_proxy *proxy)
+@@ -404,8 +452,8 @@
+ if (!bl.mutex) {
+ r_purge_sent(beam);
+ }
+- else if (beam->cond) {
+- apr_thread_cond_broadcast(beam->cond);
++ else {
++ apr_thread_cond_broadcast(beam->change);
+ }
+ leave_yellow(beam, &bl);
+ }
+@@ -425,9 +473,7 @@
+ {
+ if (!beam->closed) {
+ beam->closed = 1;
+- if (beam->cond) {
+- apr_thread_cond_broadcast(beam->cond);
+- }
++ apr_thread_cond_broadcast(beam->change);
+ }
+ return APR_SUCCESS;
+ }
+@@ -582,7 +628,7 @@
+ apr_interval_time_t timeout)
+ {
+ h2_bucket_beam *beam;
+- apr_status_t status = APR_SUCCESS;
++ apr_status_t rv = APR_SUCCESS;
+
+ beam = apr_pcalloc(pool, sizeof(*beam));
+ if (!beam) {
+@@ -601,16 +647,15 @@
+ beam->max_buf_size = max_buf_size;
+ beam->timeout = timeout;
+
+- status = apr_thread_mutex_create(&beam->lock, APR_THREAD_MUTEX_DEFAULT,
+- pool);
+- if (status == APR_SUCCESS) {
+- status = apr_thread_cond_create(&beam->cond, pool);
+- if (status == APR_SUCCESS) {
++ rv = apr_thread_mutex_create(&beam->lock, APR_THREAD_MUTEX_DEFAULT, pool);
++ if (APR_SUCCESS == rv) {
++ rv = apr_thread_cond_create(&beam->change, pool);
++ if (APR_SUCCESS == rv) {
+ apr_pool_pre_cleanup_register(pool, beam, beam_cleanup);
+ *pbeam = beam;
+ }
+ }
+- return status;
++ return rv;
+ }
+
+ void h2_beam_buffer_size_set(h2_bucket_beam *beam, apr_size_t buffer_size)
+@@ -691,9 +736,7 @@
+ h2_blist_cleanup(&beam->send_list);
+ report_consumption(beam, &bl);
+ }
+- if (beam->cond) {
+- apr_thread_cond_broadcast(beam->cond);
+- }
++ apr_thread_cond_broadcast(beam->change);
+ leave_yellow(beam, &bl);
+ }
+ }
+@@ -730,18 +773,7 @@
+ h2_beam_lock bl;
+
+ if ((status = enter_yellow(beam, &bl)) == APR_SUCCESS) {
+- while (status == APR_SUCCESS
+- && !H2_BLIST_EMPTY(&beam->send_list)
+- && !H2_BPROXY_LIST_EMPTY(&beam->proxies)) {
+- if (block == APR_NONBLOCK_READ || !bl.mutex) {
+- status = APR_EAGAIN;
+- break;
+- }
+- if (beam->cond) {
+- apr_thread_cond_broadcast(beam->cond);
+- }
+- status = wait_cond(beam, bl.mutex);
+- }
++ status = wait_empty(beam, block, bl.mutex);
+ leave_yellow(beam, &bl);
+ }
+ return status;
+@@ -761,13 +793,18 @@
+ static apr_status_t append_bucket(h2_bucket_beam *beam,
+ apr_bucket *b,
+ apr_read_type_e block,
++ apr_size_t *pspace_left,
+ h2_beam_lock *pbl)
+ {
+ const char *data;
+ apr_size_t len;
+- apr_size_t space_left = 0;
+ apr_status_t status;
++ int can_beam, check_len;
+
++ if (beam->aborted) {
++ return APR_ECONNABORTED;
++ }
++
+ if (APR_BUCKET_IS_METADATA(b)) {
+ if (APR_BUCKET_IS_EOS(b)) {
+ beam->closed = 1;
+@@ -777,11 +814,31 @@
+ return APR_SUCCESS;
+ }
+ else if (APR_BUCKET_IS_FILE(b)) {
+- /* file bucket lengths do not really count */
++ /* For file buckets the problem is their internal readpool that
++ * is used on the first read to allocate buffer/mmap.
++ * Since setting aside a file bucket will de-register the
++ * file cleanup function from the previous pool, we need to
++ * call that only from the sender thread.
++ *
++ * Currently, we do not handle file bucket with refcount > 1 as
++ * the beam is then not in complete control of the file's lifetime.
++ * Which results in the bug that a file get closed by the receiver
++ * while the sender or the beam still have buckets using it.
++ *
++ * Additionally, we allow callbacks to prevent beaming file
++ * handles across. The use case for this is to limit the number
++ * of open file handles and rather use a less efficient beam
++ * transport. */
++ apr_bucket_file *bf = b->data;
++ apr_file_t *fd = bf->fd;
++ can_beam = (bf->refcount.refcount == 1);
++ if (can_beam && beam->can_beam_fn) {
++ can_beam = beam->can_beam_fn(beam->can_beam_ctx, beam, fd);
++ }
++ check_len = !can_beam;
+ }
+ else {
+- space_left = calc_space_left(beam);
+- if (space_left > 0 && b->length == ((apr_size_t)-1)) {
++ if (b->length == ((apr_size_t)-1)) {
+ const char *data;
+ status = apr_bucket_read(b, &data, &len, APR_BLOCK_READ);
+ if (status != APR_SUCCESS) {
+@@ -788,19 +845,15 @@
+ return status;
+ }
+ }
+-
+- if (space_left <= 0) {
+- status = r_wait_space(beam, block, pbl, &space_left);
+- if (status != APR_SUCCESS) {
+- return status;
+- }
+- if (space_left <= 0) {
+- return APR_EAGAIN;
+- }
++ check_len = 1;
++ }
++
++ if (check_len) {
++ if (b->length > *pspace_left) {
++ apr_bucket_split(b, *pspace_left);
+ }
+- /* space available, maybe need bucket split */
++ *pspace_left -= b->length;
+ }
+-
+
+ /* The fundamental problem is that reading a sender bucket from
+ * a receiver thread is a total NO GO, because the bucket might use
+@@ -830,32 +883,8 @@
+ apr_bucket_heap_make(b, data, len, NULL);
+ }
+ }
+- else if (APR_BUCKET_IS_FILE(b)) {
+- /* For file buckets the problem is their internal readpool that
+- * is used on the first read to allocate buffer/mmap.
+- * Since setting aside a file bucket will de-register the
+- * file cleanup function from the previous pool, we need to
+- * call that only from the sender thread.
+- *
+- * Currently, we do not handle file bucket with refcount > 1 as
+- * the beam is then not in complete control of the file's lifetime.
+- * Which results in the bug that a file get closed by the receiver
+- * while the sender or the beam still have buckets using it.
+- *
+- * Additionally, we allow callbacks to prevent beaming file
+- * handles across. The use case for this is to limit the number
+- * of open file handles and rather use a less efficient beam
+- * transport. */
+- apr_bucket_file *bf = b->data;
+- apr_file_t *fd = bf->fd;
+- int can_beam = (bf->refcount.refcount == 1);
+- if (can_beam && beam->can_beam_fn) {
+- can_beam = beam->can_beam_fn(beam->can_beam_ctx, beam, fd);
+- }
+- if (can_beam) {
+- status = apr_bucket_setaside(b, beam->send_pool);
+- }
+- /* else: enter ENOTIMPL case below */
++ else if (APR_BUCKET_IS_FILE(b) && can_beam) {
++ status = apr_bucket_setaside(b, beam->send_pool);
+ }
+
+ if (status == APR_ENOTIMPL) {
+@@ -865,12 +894,6 @@
+ * a counter example).
+ * We do the read while in the sender thread, so that the bucket may
+ * use pools/allocators safely. */
+- if (space_left < APR_BUCKET_BUFF_SIZE) {
+- space_left = APR_BUCKET_BUFF_SIZE;
+- }
+- if (space_left < b->length) {
+- apr_bucket_split(b, space_left);
+- }
+ status = apr_bucket_read(b, &data, &len, APR_BLOCK_READ);
+ if (status == APR_SUCCESS) {
+ status = apr_bucket_setaside(b, beam->send_pool);
+@@ -884,7 +907,7 @@
+ APR_BUCKET_REMOVE(b);
+ H2_BLIST_INSERT_TAIL(&beam->send_list, b);
+ beam->sent_bytes += b->length;
+-
++
+ return APR_SUCCESS;
+ }
+
+@@ -904,7 +927,8 @@
+ apr_read_type_e block)
+ {
+ apr_bucket *b;
+- apr_status_t status = APR_SUCCESS;
++ apr_status_t rv = APR_SUCCESS;
++ apr_size_t space_left = 0;
+ h2_beam_lock bl;
+
+ /* Called from the sender thread to add buckets to the beam */
+@@ -914,23 +938,31 @@
+
+ if (beam->aborted) {
+ move_to_hold(beam, sender_bb);
+- status = APR_ECONNABORTED;
++ rv = APR_ECONNABORTED;
+ }
+ else if (sender_bb) {
+- int force_report = !APR_BRIGADE_EMPTY(sender_bb);
+- while (!APR_BRIGADE_EMPTY(sender_bb) && status == APR_SUCCESS) {
++ int force_report = !APR_BRIGADE_EMPTY(sender_bb);
++
++ space_left = calc_space_left(beam);
++ while (!APR_BRIGADE_EMPTY(sender_bb) && APR_SUCCESS == rv) {
++ if (space_left <= 0) {
++ report_prod_io(beam, force_report, &bl);
++ rv = wait_not_full(beam, block, &space_left, &bl);
++ if (APR_SUCCESS != rv) {
++ break;
++ }
++ }
+ b = APR_BRIGADE_FIRST(sender_bb);
+- status = append_bucket(beam, b, block, &bl);
++ rv = append_bucket(beam, b, block, &space_left, &bl);
+ }
++
+ report_prod_io(beam, force_report, &bl);
+- if (beam->cond) {
+- apr_thread_cond_broadcast(beam->cond);
+- }
++ apr_thread_cond_broadcast(beam->change);
+ }
+ report_consumption(beam, &bl);
+ leave_yellow(beam, &bl);
+ }
+- return status;
++ return rv;
+ }
+
+ apr_status_t h2_beam_receive(h2_bucket_beam *beam,
+@@ -942,11 +974,16 @@
+ apr_bucket *bsender, *brecv, *ng;
+ int transferred = 0;
+ apr_status_t status = APR_SUCCESS;
+- apr_off_t remain = readbytes;
++ apr_off_t remain;
+ int transferred_buckets = 0;
+
+ /* Called from the receiver thread to take buckets from the beam */
+ if (enter_yellow(beam, &bl) == APR_SUCCESS) {
++ if (readbytes <= 0) {
++ readbytes = APR_SIZE_MAX;
++ }
++ remain = readbytes;
++
+ transfer:
+ if (beam->aborted) {
+ recv_buffer_cleanup(beam, &bl);
+@@ -955,11 +992,12 @@
+ }
+
+ /* transfer enough buckets from our receiver brigade, if we have one */
+- while (beam->recv_buffer
+- && !APR_BRIGADE_EMPTY(beam->recv_buffer)
+- && (readbytes <= 0 || remain >= 0)) {
++ while (remain >= 0
++ && beam->recv_buffer
++ && !APR_BRIGADE_EMPTY(beam->recv_buffer)) {
++
+ brecv = APR_BRIGADE_FIRST(beam->recv_buffer);
+- if (readbytes > 0 && brecv->length > 0 && remain <= 0) {
++ if (brecv->length > 0 && remain <= 0) {
+ break;
+ }
+ APR_BUCKET_REMOVE(brecv);
+@@ -970,11 +1008,11 @@
+
+ /* transfer from our sender brigade, transforming sender buckets to
+ * receiver ones until we have enough */
+- while (!H2_BLIST_EMPTY(&beam->send_list) && (readbytes <= 0 || remain >= 0)) {
+- bsender = H2_BLIST_FIRST(&beam->send_list);
++ while (remain >= 0 && !H2_BLIST_EMPTY(&beam->send_list)) {
++
+ brecv = NULL;
+-
+- if (readbytes > 0 && bsender->length > 0 && remain <= 0) {
++ bsender = H2_BLIST_FIRST(&beam->send_list);
++ if (bsender->length > 0 && remain <= 0) {
+ break;
+ }
+
+@@ -1020,11 +1058,12 @@
+ * been handed out. See also PR 59348 */
+ apr_bucket_file_enable_mmap(ng, 0);
+ #endif
+- remain -= bsender->length;
+- ++transferred;
+ APR_BUCKET_REMOVE(bsender);
+ H2_BLIST_INSERT_TAIL(&beam->hold_list, bsender);
++
++ remain -= bsender->length;
+ ++transferred;
++ ++transferred_buckets;
+ continue;
+ }
+ else {
+@@ -1041,6 +1080,7 @@
+ * receiver bucket references it any more. */
+ APR_BUCKET_REMOVE(bsender);
+ H2_BLIST_INSERT_TAIL(&beam->hold_list, bsender);
++
+ beam->received_bytes += bsender->length;
+ ++transferred_buckets;
+
+@@ -1063,8 +1103,8 @@
+ }
+ }
+
+- if (readbytes > 0 && remain < 0) {
+- /* too much, put some back */
++ if (remain < 0) {
++ /* too much, put some back into out recv_buffer */
+ remain = readbytes;
+ for (brecv = APR_BRIGADE_FIRST(bb);
+ brecv != APR_BRIGADE_SENTINEL(bb);
+@@ -1081,15 +1121,7 @@
+ }
+ }
+
+- if (transferred_buckets > 0) {
+- if (beam->cons_ev_cb) {
+- beam->cons_ev_cb(beam->cons_ctx, beam);
+- }
+- }
+-
+- if (beam->closed
+- && (!beam->recv_buffer || APR_BRIGADE_EMPTY(beam->recv_buffer))
+- && H2_BLIST_EMPTY(&beam->send_list)) {
++ if (beam->closed && buffer_is_empty(beam)) {
+ /* beam is closed and we have nothing more to receive */
+ if (!beam->close_sent) {
+ apr_bucket *b = apr_bucket_eos_create(bb->bucket_alloc);
+@@ -1100,28 +1132,23 @@
+ }
+ }
+
++ if (transferred_buckets > 0) {
++ if (beam->cons_ev_cb) {
++ beam->cons_ev_cb(beam->cons_ctx, beam);
++ }
++ }
++
+ if (transferred) {
+- if (beam->cond) {
+- apr_thread_cond_broadcast(beam->cond);
+- }
++ apr_thread_cond_broadcast(beam->change);
+ status = APR_SUCCESS;
+ }
+- else if (beam->closed) {
+- status = APR_EOF;
+- }
+- else if (block == APR_BLOCK_READ && bl.mutex && beam->cond) {
+- status = wait_cond(beam, bl.mutex);
++ else {
++ status = wait_not_empty(beam, block, bl.mutex);
+ if (status != APR_SUCCESS) {
+ goto leave;
+ }
+ goto transfer;
+ }
+- else {
+- if (beam->cond) {
+- apr_thread_cond_broadcast(beam->cond);
+- }
+- status = APR_EAGAIN;
+- }
+ leave:
+ leave_yellow(beam, &bl);
+ }
+Index: modules/http2/h2_bucket_beam.h
+===================================================================
+--- modules/http2/h2_bucket_beam.h (revision 1804645)
++++ modules/http2/h2_bucket_beam.h (working copy)
+@@ -190,7 +190,7 @@
+ unsigned int tx_mem_limits : 1; /* only memory size counts on transfers */
+
+ struct apr_thread_mutex_t *lock;
+- struct apr_thread_cond_t *cond;
++ struct apr_thread_cond_t *change;
+ void *m_ctx;
+ h2_beam_mutex_enter *m_enter;
+
+Index: modules/http2/h2_stream.c
+===================================================================
+--- modules/http2/h2_stream.c (revision 1804645)
++++ modules/http2/h2_stream.c (working copy)
+@@ -774,20 +774,20 @@
+ return NULL;
+ }
+
+-static apr_status_t add_data(h2_stream *stream, apr_off_t requested,
+- apr_off_t *plen, int *peos, int *complete,
+- h2_headers **pheaders)
++static apr_status_t add_buffered_data(h2_stream *stream, apr_off_t requested,
++ apr_off_t *plen, int *peos, int *is_all,
++ h2_headers **pheaders)
+ {
+ apr_bucket *b, *e;
+
+ *peos = 0;
+ *plen = 0;
+- *complete = 0;
++ *is_all = 0;
+ if (pheaders) {
+ *pheaders = NULL;
+ }
+
+- H2_STREAM_OUT_LOG(APLOG_TRACE2, stream, "add_data");
++ H2_STREAM_OUT_LOG(APLOG_TRACE2, stream, "add_buffered_data");
+ b = APR_BRIGADE_FIRST(stream->out_buffer);
+ while (b != APR_BRIGADE_SENTINEL(stream->out_buffer)) {
+ e = APR_BUCKET_NEXT(b);
+@@ -833,7 +833,7 @@
+ }
+ b = e;
+ }
+- *complete = 1;
++ *is_all = 1;
+ return APR_SUCCESS;
+ }
+
+@@ -865,7 +865,7 @@
+ requested = (*plen > 0)? H2MIN(*plen, max_chunk) : max_chunk;
+
+ /* count the buffered data until eos or a headers bucket */
+- status = add_data(stream, requested, plen, peos, &complete, pheaders);
++ status = add_buffered_data(stream, requested, plen, peos, &complete, pheaders);
+
+ if (status == APR_EAGAIN) {
+ /* TODO: ugly, someone needs to retrieve the response first */
+@@ -882,29 +882,39 @@
+ return APR_SUCCESS;
+ }
+
++ /* If there we do not have enough buffered data to satisfy the requested
++ * length *and* we counted the _complete_ buffer (and did not stop in the middle
++ * because of meta data there), lets see if we can read more from the
++ * output beam */
+ missing = H2MIN(requested, stream->max_mem) - *plen;
+ if (complete && !*peos && missing > 0) {
++ apr_status_t rv = APR_EOF;
++
+ if (stream->output) {
+ H2_STREAM_OUT_LOG(APLOG_TRACE2, stream, "pre");
+- status = h2_beam_receive(stream->output, stream->out_buffer,
+- APR_NONBLOCK_READ,
+- stream->max_mem - *plen);
++ rv = h2_beam_receive(stream->output, stream->out_buffer,
++ APR_NONBLOCK_READ, stream->max_mem - *plen);
+ H2_STREAM_OUT_LOG(APLOG_TRACE2, stream, "post");
+ }
+- else {
+- status = APR_EOF;
++
++ if (rv == APR_SUCCESS) {
++ /* count the buffer again, now that we have read output */
++ status = add_buffered_data(stream, requested, plen, peos, &complete, pheaders);
+ }
+-
+- if (APR_STATUS_IS_EOF(status)) {
++ else if (APR_STATUS_IS_EOF(rv)) {
+ apr_bucket *eos = apr_bucket_eos_create(c->bucket_alloc);
+ APR_BRIGADE_INSERT_TAIL(stream->out_buffer, eos);
+ *peos = 1;
+- status = APR_SUCCESS;
+ }
+- else if (status == APR_SUCCESS) {
+- /* do it again, now that we have gotten more */
+- status = add_data(stream, requested, plen, peos, &complete, pheaders);
++ else if (APR_STATUS_IS_EAGAIN(rv)) {
++ /* we set this is the status of this call only if there
++ * is no buffered data, see check below */
+ }
++ else {
++ /* real error reading. Give this back directly, even though
++ * we may have something buffered. */
++ status = rv;
++ }
+ }
+
+ if (status == APR_SUCCESS) {
+Index: modules/http2/h2_task.c
+===================================================================
+--- modules/http2/h2_task.c (revision 1804645)
++++ modules/http2/h2_task.c (working copy)
+@@ -129,7 +129,7 @@
+ apr_bucket_brigade* bb)
+ {
+ apr_bucket *b;
+- apr_status_t status = APR_SUCCESS;
++ apr_status_t rv = APR_SUCCESS;
+ int flush = 0, blocking;
+
+ if (task->frozen) {
+@@ -148,17 +148,16 @@
+ return APR_SUCCESS;
+ }
+
++send:
+ /* we send block once we opened the output, so someone is there
+ * reading it *and* the task is not assigned to a h2_req_engine */
+ blocking = (!task->assigned && task->output.opened);
+- if (!task->output.opened) {
+- for (b = APR_BRIGADE_FIRST(bb);
+- b != APR_BRIGADE_SENTINEL(bb);
+- b = APR_BUCKET_NEXT(b)) {
+- if (APR_BUCKET_IS_FLUSH(b)) {
+- flush = 1;
+- break;
+- }
++ for (b = APR_BRIGADE_FIRST(bb);
++ b != APR_BRIGADE_SENTINEL(bb);
++ b = APR_BUCKET_NEXT(b)) {
++ if (APR_BUCKET_IS_FLUSH(b) || APR_BUCKET_IS_EOS(b) || AP_BUCKET_IS_EOR(b)) {
++ flush = 1;
++ break;
+ }
+ }
+
+@@ -166,32 +165,48 @@
+ /* still have data buffered from previous attempt.
+ * setaside and append new data and try to pass the complete data */
+ if (!APR_BRIGADE_EMPTY(bb)) {
+- status = ap_save_brigade(f, &task->output.bb, &bb, task->pool);
++ if (APR_SUCCESS != (rv = ap_save_brigade(f, &task->output.bb, &bb, task->pool))) {
++ goto out;
++ }
+ }
+- if (status == APR_SUCCESS) {
+- status = send_out(task, task->output.bb, blocking);
+- }
++ rv = send_out(task, task->output.bb, blocking);
+ }
+ else {
+- /* no data buffered here, try to pass the brigade directly */
+- status = send_out(task, bb, blocking);
+- if (status == APR_SUCCESS && !APR_BRIGADE_EMPTY(bb)) {
+- /* could not write all, buffer the rest */
+- ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, task->c, APLOGNO(03405)
+- "h2_slave_out(%s): saving brigade",
+- task->id);
+- status = ap_save_brigade(f, &task->output.bb, &bb, task->pool);
+- flush = 1;
++ /* no data buffered previously, pass brigade directly */
++ rv = send_out(task, bb, blocking);
++
++ if (APR_SUCCESS == rv && !APR_BRIGADE_EMPTY(bb)) {
++ /* output refused to buffer it all, time to open? */
++ if (!task->output.opened && APR_SUCCESS == (rv = open_output(task))) {
++ /* Make another attempt to send the data. With the output open,
++ * the call might be blocking and send all data, so we do not need
++ * to save the brigade */
++ goto send;
++ }
++ else if (blocking && flush) {
++ /* Need to keep on doing this. */
++ goto send;
++ }
++
++ if (APR_SUCCESS == rv) {
++ /* could not write all, buffer the rest */
++ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, rv, task->c, APLOGNO(03405)
++ "h2_slave_out(%s): saving brigade", task->id);
++ ap_assert(NULL);
++ rv = ap_save_brigade(f, &task->output.bb, &bb, task->pool);
++ flush = 1;
++ }
+ }
+ }
+
+- if (status == APR_SUCCESS && !task->output.opened && flush) {
++ if (APR_SUCCESS == rv && !task->output.opened && flush) {
+ /* got a flush or could not write all, time to tell someone to read */
+- status = open_output(task);
++ rv = open_output(task);
+ }
+- ap_log_cerror(APLOG_MARK, APLOG_TRACE2, status, task->c,
++out:
++ ap_log_cerror(APLOG_MARK, APLOG_TRACE2, rv, task->c,
+ "h2_slave_out(%s): slave_out leave", task->id);
+- return status;
++ return rv;
+ }
+
+ static apr_status_t output_finish(h2_task *task)
+Index: modules/http2/h2_version.h
+===================================================================
+--- modules/http2/h2_version.h (revision 1804645)
++++ modules/http2/h2_version.h (working copy)
+@@ -26,7 +26,7 @@
+ * @macro
+ * Version number of the http2 module as c string
+ */
+-#define MOD_HTTP2_VERSION "1.10.7"
++#define MOD_HTTP2_VERSION "1.10.10"
+
+ /**
+ * @macro
+@@ -34,7 +34,7 @@
+ * release. This is a 24 bit number with 8 bits for major number, 8 bits
+ * for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203.
+ */
+-#define MOD_HTTP2_VERSION_NUM 0x010a06
++#define MOD_HTTP2_VERSION_NUM 0x010a0a
+
+
+ #endif /* mod_h2_h2_version_h */
+Index: modules/http2
+===================================================================
+--- modules/http2 (revision 1804645)
++++ modules/http2 (working copy)
+
+Property changes on: modules/http2
+___________________________________________________________________
+Modified: svn:mergeinfo
+## -0,0 +0,1 ##
+ Merged /httpd/httpd/trunk/modules/http2:r1803420,1803454,1804090
+Index: .
+===================================================================
+--- . (revision 1804645)
++++ . (working copy)
+
+Property changes on: .
+___________________________________________________________________
+Modified: svn:mergeinfo
+## -0,0 +0,1 ##
+ Merged /httpd/httpd/trunk:r1803420,1803454,1804090
+++ /dev/null
-------------------------------------------------------------
-revno: 14169
-revision-id: squid3@treenet.co.nz-20170614213720-3qmiohlx4zr2jnqq
-parent: squid3@treenet.co.nz-20170601134753-6u64sl2rzmbfs67l
-fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=2833
-author: Eduard Bagdasaryan <eduard.bagdasaryan@measurement-factory.com>
-committer: Amos Jeffries <squid3@treenet.co.nz>
-branch nick: 3.5
-timestamp: Thu 2017-06-15 09:37:20 +1200
-message:
- Bug 2833 pt2: Collapse internal revalidation requests (SMP-unaware caches), again.
-
- The security fix in v5 r14979 had a negative effect on collapsed
- forwarding. All "private" entries were considered automatically
- non-shareable among collapsed clients. However this is not true: there
- are many situations when collapsed forwarding should work despite of
- "private" entry status: 304/5xx responses are good examples of that.
- This patch fixes that by means of a new StoreEntry::shareableWhenPrivate
- flag.
-
- The suggested fix is not complete: To cover all possible situations, we
- need to decide whether StoreEntry::shareableWhenPrivate is true or not
- for all contexts where StoreEntry::setPrivateKey() is used. This patch
- fixes only few important cases inside http.cc, making CF (as well
- collapsed revalidation) work for some [non-cacheable] response status
- codes, including 3xx, 5xx and some others.
-
- The original support for internal revalidation requests collapsing
- was in trink r14755 and referred to Squid bugs 2833, 4311, and 4471.
-------------------------------------------------------------
-# Bazaar merge directive format 2 (Bazaar 0.90)
-# revision_id: squid3@treenet.co.nz-20170614213720-3qmiohlx4zr2jnqq
-# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# testament_sha1: 9e248e2e9d2f1defe1070eb808177df978fb4146
-# timestamp: 2017-06-14 21:51:05 +0000
-# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# base_revision_id: squid3@treenet.co.nz-20170601134753-\
-# 6u64sl2rzmbfs67l
-#
-# Begin patch
-=== modified file 'src/HttpHdrCc.cc'
---- src/HttpHdrCc.cc 2017-01-01 00:16:45 +0000
-+++ src/HttpHdrCc.cc 2017-06-14 21:37:20 +0000
-@@ -262,8 +262,8 @@
- case CC_PUBLIC:
- break;
- case CC_PRIVATE:
-- if (Private().size())
-- packerPrintf(p, "=\"" SQUIDSTRINGPH "\"", SQUIDSTRINGPRINT(Private()));
-+ if (private_.size())
-+ packerPrintf(p, "=\"" SQUIDSTRINGPH "\"", SQUIDSTRINGPRINT(private_));
- break;
-
- case CC_NO_CACHE:
-
-=== modified file 'src/MemStore.cc'
---- src/MemStore.cc 2017-01-01 00:16:45 +0000
-+++ src/MemStore.cc 2017-06-14 21:37:20 +0000
-@@ -299,7 +299,7 @@
- e.ping_status = PING_NONE;
-
- EBIT_CLR(e.flags, RELEASE_REQUEST);
-- EBIT_CLR(e.flags, KEY_PRIVATE);
-+ e.clearPrivate();
- EBIT_SET(e.flags, ENTRY_VALIDATED);
-
- MemObject::MemCache &mc = e.mem_obj->memCache;
-
-=== modified file 'src/Store.h'
---- src/Store.h 2017-01-01 00:16:45 +0000
-+++ src/Store.h 2017-06-14 21:37:20 +0000
-@@ -95,15 +95,19 @@
- void abort();
- void unlink();
- void makePublic(const KeyScope keyScope = ksDefault);
-- void makePrivate();
-+ void makePrivate(const bool shareable);
-+ /// A low-level method just resetting "private key" flags.
-+ /// To avoid key inconsistency please use forcePublicKey()
-+ /// or similar instead.
-+ void clearPrivate();
- void setPublicKey(const KeyScope keyScope = ksDefault);
- /// Resets existing public key to a public key with default scope,
- /// releasing the old default-scope entry (if any).
- /// Does nothing if the existing public key already has default scope.
- void clearPublicKeyScope();
-- void setPrivateKey();
-+ void setPrivateKey(const bool shareable);
- void expireNow();
-- void releaseRequest();
-+ void releaseRequest(const bool shareable = false);
- void negativeCache();
- void cacheNegatively(); /** \todo argh, why both? */
- void invokeHandlers();
-@@ -230,7 +234,13 @@
- /// update last reference timestamp and related Store metadata
- void touch();
-
-- virtual void release();
-+ virtual void release(const bool shareable = false);
-+
-+ /// May the caller commit to treating this [previously locked]
-+ /// entry as a cache hit?
-+ bool mayStartHitting() const {
-+ return !EBIT_TEST(flags, KEY_PRIVATE) || shareableWhenPrivate;
-+ }
-
- #if USE_ADAPTATION
- /// call back producer when more buffer space is available
-@@ -252,6 +262,13 @@
-
- unsigned short lock_count; /* Assume < 65536! */
-
-+ /// Nobody can find/lock KEY_PRIVATE entries, but some transactions
-+ /// (e.g., collapsed requests) find/lock a public entry before it becomes
-+ /// private. May such transactions start using the now-private entry
-+ /// they previously locked? This member should not affect transactions
-+ /// that already started reading from the entry.
-+ bool shareableWhenPrivate;
-+
- #if USE_ADAPTATION
- /// producer callback registered with deferProducer
- AsyncCall::Pointer deferredProducer;
-@@ -259,6 +276,8 @@
-
- bool validLength() const;
- bool hasOneOfEtags(const String &reqETags, const bool allowWeakMatch) const;
-+
-+ friend std::ostream &operator <<(std::ostream &os, const StoreEntry &e);
- };
-
- std::ostream &operator <<(std::ostream &os, const StoreEntry &e);
-
-=== modified file 'src/client_side_reply.cc'
---- src/client_side_reply.cc 2017-05-29 13:15:55 +0000
-+++ src/client_side_reply.cc 2017-06-14 21:37:20 +0000
-@@ -396,8 +396,8 @@
- if (result.flags.error && !EBIT_TEST(http->storeEntry()->flags, ENTRY_ABORTED))
- return;
-
-- if (collapsedRevalidation == crSlave && EBIT_TEST(http->storeEntry()->flags, KEY_PRIVATE)) {
-- debugs(88, 3, "CF slave hit private " << *http->storeEntry() << ". MISS");
-+ if (collapsedRevalidation == crSlave && !http->storeEntry()->mayStartHitting()) {
-+ debugs(88, 3, "CF slave hit private non-shareable " << *http->storeEntry() << ". MISS");
- // restore context to meet processMiss() expectations
- restoreState();
- http->logType = LOG_TCP_MISS;
-@@ -530,7 +530,7 @@
- // The previously identified hit suddenly became unsharable!
- // This is common for collapsed forwarding slaves but might also
- // happen to regular hits because we are called asynchronously.
-- if (EBIT_TEST(e->flags, KEY_PRIVATE)) {
-+ if (!e->mayStartHitting()) {
- debugs(88, 3, "unsharable " << *e << ". MISS");
- http->logType = LOG_TCP_MISS;
- processMiss();
-
-=== modified file 'src/fs/rock/RockSwapDir.cc'
---- src/fs/rock/RockSwapDir.cc 2017-01-01 00:16:45 +0000
-+++ src/fs/rock/RockSwapDir.cc 2017-06-14 21:37:20 +0000
-@@ -149,7 +149,7 @@
- e.ping_status = PING_NONE;
-
- EBIT_CLR(e.flags, RELEASE_REQUEST);
-- EBIT_CLR(e.flags, KEY_PRIVATE);
-+ e.clearPrivate();
- EBIT_SET(e.flags, ENTRY_VALIDATED);
-
- e.swap_dirn = index;
-
-=== modified file 'src/fs/ufs/UFSSwapDir.cc'
---- src/fs/ufs/UFSSwapDir.cc 2017-01-01 00:16:45 +0000
-+++ src/fs/ufs/UFSSwapDir.cc 2017-06-14 21:37:20 +0000
-@@ -809,7 +809,7 @@
- e->refcount = refcount;
- e->flags = newFlags;
- EBIT_CLR(e->flags, RELEASE_REQUEST);
-- EBIT_CLR(e->flags, KEY_PRIVATE);
-+ e->clearPrivate();
- e->ping_status = PING_NONE;
- EBIT_CLR(e->flags, ENTRY_VALIDATED);
- mapBitSet(e->swap_filen);
-
-=== modified file 'src/http.cc'
---- src/http.cc 2017-01-01 00:16:45 +0000
-+++ src/http.cc 2017-06-14 21:37:20 +0000
-@@ -290,7 +290,9 @@
- (Config.onoff.surrogate_is_remote
- && sctusable->noStoreRemote())) {
- surrogateNoStore = true;
-- entry->makePrivate();
-+ // Be conservative for now and make it non-shareable because
-+ // there is no enough information here to make the decision.
-+ entry->makePrivate(false);
- }
-
- /* The HttpHeader logic cannot tell if the header it's parsing is a reply to an
-@@ -315,12 +317,13 @@
- }
- }
-
--int
--HttpStateData::cacheableReply()
-+HttpStateData::ReuseDecision::Answers
-+HttpStateData::reusableReply(HttpStateData::ReuseDecision &decision)
- {
- HttpReply const *rep = finalReply();
- HttpHeader const *hdr = &rep->header;
- const char *v;
-+
- #if USE_HTTP_VIOLATIONS
-
- const RefreshPattern *R = NULL;
-@@ -337,24 +340,19 @@
- #define REFRESH_OVERRIDE(flag) 0
- #endif
-
-- if (EBIT_TEST(entry->flags, RELEASE_REQUEST)) {
-- debugs(22, 3, "NO because " << *entry << " has been released.");
-- return 0;
-- }
-+ if (EBIT_TEST(entry->flags, RELEASE_REQUEST))
-+ return decision.make(ReuseDecision::reuseNot, "the entry has been released");
-
- // RFC 7234 section 4: a cache MUST use the most recent response
- // (as determined by the Date header field)
-- if (sawDateGoBack) {
-- debugs(22, 3, "NO because " << *entry << " has an older date header.");
-- return 0;
-- }
-+ // TODO: whether such responses could be shareable?
-+ if (sawDateGoBack)
-+ return decision.make(ReuseDecision::reuseNot, "the response has an older date header");
-
- // Check for Surrogate/1.0 protocol conditions
- // NP: reverse-proxy traffic our parent server has instructed us never to cache
-- if (surrogateNoStore) {
-- debugs(22, 3, HERE << "NO because Surrogate-Control:no-store");
-- return 0;
-- }
-+ if (surrogateNoStore)
-+ return decision.make(ReuseDecision::reuseNot, "Surrogate-Control:no-store");
-
- // RFC 2616: HTTP/1.1 Cache-Control conditions
- if (!ignoreCacheControl) {
-@@ -363,11 +361,10 @@
- // for now we are not reliably doing that so we waste CPU re-checking request CC
-
- // RFC 2616 section 14.9.2 - MUST NOT cache any response with request CC:no-store
-- if (request && request->cache_control && request->cache_control->noStore() &&
-- !REFRESH_OVERRIDE(ignore_no_store)) {
-- debugs(22, 3, HERE << "NO because client request Cache-Control:no-store");
-- return 0;
-- }
-+ if (request && request->cache_control && request->cache_control->hasNoStore() &&
-+ !REFRESH_OVERRIDE(ignore_no_store))
-+ return decision.make(ReuseDecision::reuseNot,
-+ "client request Cache-Control:no-store");
-
- // NP: request CC:no-cache only means cache READ is forbidden. STORE is permitted.
- if (rep->cache_control && rep->cache_control->hasNoCache() && rep->cache_control->noCache().size() > 0) {
-@@ -376,19 +373,18 @@
- * successfully (ie, must revalidate AND these headers are prohibited on stale replies).
- * That is a bit tricky for squid right now so we avoid caching entirely.
- */
-- debugs(22, 3, HERE << "NO because server reply Cache-Control:no-cache has parameters");
-- return 0;
-+ return decision.make(ReuseDecision::reuseNot,
-+ "server reply Cache-Control:no-cache has parameters");
- }
-
- // NP: request CC:private is undefined. We ignore.
- // NP: other request CC flags are limiters on HIT/MISS. We don't care about here.
-
- // RFC 2616 section 14.9.2 - MUST NOT cache any response with CC:no-store
-- if (rep->cache_control && rep->cache_control->noStore() &&
-- !REFRESH_OVERRIDE(ignore_no_store)) {
-- debugs(22, 3, HERE << "NO because server reply Cache-Control:no-store");
-- return 0;
-- }
-+ if (rep->cache_control && rep->cache_control->hasNoStore() &&
-+ !REFRESH_OVERRIDE(ignore_no_store))
-+ return decision.make(ReuseDecision::reuseNot,
-+ "server reply Cache-Control:no-store");
-
- // RFC 2616 section 14.9.1 - MUST NOT cache any response with CC:private in a shared cache like Squid.
- // CC:private overrides CC:public when both are present in a response.
-@@ -401,27 +397,25 @@
- * successfully (ie, must revalidate AND these headers are prohibited on stale replies).
- * That is a bit tricky for squid right now so we avoid caching entirely.
- */
-- debugs(22, 3, HERE << "NO because server reply Cache-Control:private");
-- return 0;
-+ return decision.make(ReuseDecision::reuseNot,
-+ "server reply Cache-Control:private");
- }
- }
-
- // RFC 2068, sec 14.9.4 - MUST NOT cache any response with Authentication UNLESS certain CC controls are present
- // allow HTTP violations to IGNORE those controls (ie re-block caching Auth)
- if (request && (request->flags.auth || request->flags.authSent) && !REFRESH_OVERRIDE(ignore_auth)) {
-- if (!rep->cache_control) {
-- debugs(22, 3, HERE << "NO because Authenticated and server reply missing Cache-Control");
-- return 0;
-- }
-+ if (!rep->cache_control)
-+ return decision.make(ReuseDecision::reuseNot,
-+ "authenticated and server reply missing Cache-Control");
-
-- if (ignoreCacheControl) {
-- debugs(22, 3, HERE << "NO because Authenticated and ignoring Cache-Control");
-- return 0;
-- }
-+ if (ignoreCacheControl)
-+ return decision.make(ReuseDecision::reuseNot,
-+ "authenticated and ignoring Cache-Control");
-
- bool mayStore = false;
- // HTTPbis pt6 section 3.2: a response CC:public is present
-- if (rep->cache_control->Public()) {
-+ if (rep->cache_control->hasPublic()) {
- debugs(22, 3, HERE << "Authenticated but server reply Cache-Control:public");
- mayStore = true;
-
-@@ -441,15 +435,13 @@
- #endif
-
- // HTTPbis pt6 section 3.2: a response CC:s-maxage is present
-- } else if (rep->cache_control->sMaxAge()) {
-+ } else if (rep->cache_control->hasSMaxAge()) {
- debugs(22, 3, HERE << "Authenticated but server reply Cache-Control:s-maxage");
- mayStore = true;
- }
-
-- if (!mayStore) {
-- debugs(22, 3, HERE << "NO because Authenticated transaction");
-- return 0;
-- }
-+ if (!mayStore)
-+ return decision.make(ReuseDecision::reuseNot, "authenticated transaction");
-
- // NP: response CC:no-cache is equivalent to CC:must-revalidate,max-age=0. We MAY cache, and do so.
- // NP: other request CC flags are limiters on HIT/MISS/REFRESH. We don't care about here.
-@@ -460,12 +452,26 @@
- * probably should not be cachable
- */
- if ((v = hdr->getStr(HDR_CONTENT_TYPE)))
-- if (!strncasecmp(v, "multipart/x-mixed-replace", 25)) {
-- debugs(22, 3, HERE << "NO because Content-Type:multipart/x-mixed-replace");
-- return 0;
-- }
-+ if (!strncasecmp(v, "multipart/x-mixed-replace", 25))
-+ return decision.make(ReuseDecision::reuseNot, "Content-Type:multipart/x-mixed-replace");
-+
-+ // TODO: if possible, provide more specific message for each status code
-+ static const char *shareableError = "shareable error status code";
-+ static const char *nonShareableError = "non-shareable error status code";
-+ ReuseDecision::Answers statusAnswer = ReuseDecision::reuseNot;
-+ const char *statusReason = nonShareableError;
-
- switch (rep->sline.status()) {
-+
-+ /* There are several situations when a non-cacheable response may be
-+ * still shareable (e.g., among collapsed clients). We assume that these
-+ * are 3xx and 5xx responses, indicating server problems and some of
-+ * 4xx responses, common for all clients with a given cache key (e.g.,
-+ * 404 Not Found or 414 URI Too Long). On the other hand, we should not
-+ * share non-cacheable client-specific errors, such as 400 Bad Request
-+ * or 406 Not Acceptable.
-+ */
-+
- /* Responses that are cacheable */
-
- case Http::scOkay:
-@@ -482,112 +488,90 @@
- * Don't cache objects that need to be refreshed on next request,
- * unless we know how to refresh it.
- */
-+ if (refreshIsCachable(entry) || REFRESH_OVERRIDE(store_stale))
-+ decision.make(ReuseDecision::cachePositively, "refresh check returned cacheable");
-+ else
-+ decision.make(ReuseDecision::doNotCacheButShare, "refresh check returned non-cacheable");
-
-- if (!refreshIsCachable(entry) && !REFRESH_OVERRIDE(store_stale)) {
-- debugs(22, 3, "NO because refreshIsCachable() returned non-cacheable..");
-- return 0;
-- } else {
-- debugs(22, 3, HERE << "YES because HTTP status " << rep->sline.status());
-- return 1;
-- }
-- /* NOTREACHED */
- break;
-
- /* Responses that only are cacheable if the server says so */
-
- case Http::scFound:
- case Http::scTemporaryRedirect:
-- if (rep->date <= 0) {
-- debugs(22, 3, HERE << "NO because HTTP status " << rep->sline.status() << " and Date missing/invalid");
-- return 0;
-- }
-- if (rep->expires > rep->date) {
-- debugs(22, 3, HERE << "YES because HTTP status " << rep->sline.status() << " and Expires > Date");
-- return 1;
-- } else {
-- debugs(22, 3, HERE << "NO because HTTP status " << rep->sline.status() << " and Expires <= Date");
-- return 0;
-- }
-- /* NOTREACHED */
-+
-+ if (rep->date <= 0)
-+ decision.make(ReuseDecision::doNotCacheButShare, "Date is missing/invalid");
-+ else if (rep->expires > rep->date)
-+ decision.make(ReuseDecision::cachePositively, "Expires > Date");
-+ else
-+ decision.make(ReuseDecision::doNotCacheButShare, "Expires <= Date");
- break;
-
-- /* Errors can be negatively cached */
--
-+ /* These responses can be negatively cached. Most can also be shared. */
- case Http::scNoContent:
--
- case Http::scUseProxy:
--
-- case Http::scBadRequest:
--
- case Http::scForbidden:
--
- case Http::scNotFound:
--
- case Http::scMethodNotAllowed:
--
- case Http::scUriTooLong:
--
- case Http::scInternalServerError:
--
- case Http::scNotImplemented:
--
- case Http::scBadGateway:
--
- case Http::scServiceUnavailable:
--
- case Http::scGatewayTimeout:
- case Http::scMisdirectedRequest:
--
-- debugs(22, 3, "MAYBE because HTTP status " << rep->sline.status());
-- return -1;
--
-- /* NOTREACHED */
-+ statusAnswer = ReuseDecision::doNotCacheButShare;
-+ statusReason = shareableError;
-+ // fall through to the actual decision making below
-+
-+ case Http::scBadRequest: // no sharing; perhaps the server did not like something specific to this request
-+
-+#if USE_HTTP_VIOLATIONS
-+ if (Config.negativeTtl > 0)
-+ decision.make(ReuseDecision::cacheNegatively, "Config.negativeTtl > 0");
-+ else
-+#endif
-+ decision.make(statusAnswer, statusReason);
- break;
-
-- /* Some responses can never be cached */
--
-- case Http::scPartialContent: /* Not yet supported */
--
-+ /* these responses can never be cached, some
-+ of them can be shared though */
- case Http::scSeeOther:
--
- case Http::scNotModified:
--
- case Http::scUnauthorized:
--
- case Http::scProxyAuthenticationRequired:
--
-- case Http::scInvalidHeader: /* Squid header parsing error */
--
-- case Http::scHeaderTooLarge:
--
- case Http::scPaymentRequired:
-+ case Http::scInsufficientStorage:
-+ // TODO: use more specific reason for non-error status codes
-+ decision.make(ReuseDecision::doNotCacheButShare, shareableError);
-+ break;
-+
-+ case Http::scPartialContent: /* Not yet supported. TODO: make shareable for suitable ranges */
- case Http::scNotAcceptable:
-- case Http::scRequestTimeout:
-- case Http::scConflict:
-+ case Http::scRequestTimeout: // TODO: is this shareable?
-+ case Http::scConflict: // TODO: is this shareable?
- case Http::scLengthRequired:
- case Http::scPreconditionFailed:
- case Http::scPayloadTooLarge:
- case Http::scUnsupportedMediaType:
- case Http::scUnprocessableEntity:
-- case Http::scLocked:
-+ case Http::scLocked: // TODO: is this shareable?
- case Http::scFailedDependency:
-- case Http::scInsufficientStorage:
- case Http::scRequestedRangeNotSatisfied:
- case Http::scExpectationFailed:
--
-- debugs(22, 3, HERE << "NO because HTTP status " << rep->sline.status());
-- return 0;
--
-+ case Http::scInvalidHeader: /* Squid header parsing error */
-+ case Http::scHeaderTooLarge:
-+ decision.make(ReuseDecision::reuseNot, nonShareableError);
-+ break;
- default:
- /* RFC 2616 section 6.1.1: an unrecognized response MUST NOT be cached. */
-- debugs (11, 3, HERE << "NO because unknown HTTP status code " << rep->sline.status());
-- return 0;
-
-- /* NOTREACHED */
-+ decision.make(ReuseDecision::reuseNot, "unknown status code");
- break;
- }
-
-- /* NOTREACHED */
-+ return decision.answer;
- }
-
- /// assemble a variant key (vary-mark) from the given Vary header and HTTP request
-@@ -898,11 +882,12 @@
-
- Ctx ctx = ctx_enter(entry->mem_obj->urlXXX());
- HttpReply *rep = finalReply();
-+ const Http::StatusCode statusCode = rep->sline.status();
-
- entry->timestampsSet();
-
- /* Check if object is cacheable or not based on reply code */
-- debugs(11, 3, "HTTP CODE: " << rep->sline.status());
-+ debugs(11, 3, "HTTP CODE: " << statusCode);
-
- if (const StoreEntry *oldEntry = findPreviouslyCachedEntry(entry))
- sawDateGoBack = rep->olderThan(oldEntry->getReply());
-@@ -919,7 +904,9 @@
- const SBuf vary(httpMakeVaryMark(request, rep));
-
- if (vary.isEmpty()) {
-- entry->makePrivate();
-+ // TODO: check whether such responses are shareable.
-+ // Do not share for now.
-+ entry->makePrivate(false);
- if (!fwd->reforwardableStatus(rep->sline.status()))
- EBIT_CLR(entry->flags, ENTRY_FWD_HDR_WAIT);
- varyFailure = true;
-@@ -942,30 +929,31 @@
- if (!fwd->reforwardableStatus(rep->sline.status()))
- EBIT_CLR(entry->flags, ENTRY_FWD_HDR_WAIT);
-
-- switch (cacheableReply()) {
--
-- case 1:
-+ ReuseDecision decision(entry, statusCode);
-+
-+ switch (reusableReply(decision)) {
-+
-+ case ReuseDecision::reuseNot:
-+ entry->makePrivate(false);
-+ break;
-+
-+ case ReuseDecision::cachePositively:
- entry->makePublic();
- break;
-
-- case 0:
-- entry->makePrivate();
-+ case ReuseDecision::cacheNegatively:
-+ entry->cacheNegatively();
- break;
-
-- case -1:
--
--#if USE_HTTP_VIOLATIONS
-- if (Config.negativeTtl > 0)
-- entry->cacheNegatively();
-- else
--#endif
-- entry->makePrivate();
-+ case ReuseDecision::doNotCacheButShare:
-+ entry->makePrivate(true);
- break;
-
- default:
- assert(0);
- break;
- }
-+ debugs(11, 3, "decided: " << decision);
- }
-
- if (!ignoreCacheControl) {
-@@ -2429,3 +2417,29 @@
- mustStop(reason);
- }
-
-+HttpStateData::ReuseDecision::ReuseDecision(const StoreEntry *e, const Http::StatusCode code)
-+ : answer(HttpStateData::ReuseDecision::reuseNot), reason(nullptr), entry(e), statusCode(code) {}
-+
-+HttpStateData::ReuseDecision::Answers
-+HttpStateData::ReuseDecision::make(const HttpStateData::ReuseDecision::Answers ans, const char *why)
-+{
-+ answer = ans;
-+ reason = why;
-+ return answer;
-+}
-+
-+std::ostream &operator <<(std::ostream &os, const HttpStateData::ReuseDecision &d)
-+{
-+ static const char *ReuseMessages[] = {
-+ "do not cache and do not share", // reuseNot
-+ "cache positively and share", // cachePositively
-+ "cache negatively and share", // cacheNegatively
-+ "do not cache but share" // doNotCacheButShare
-+ };
-+
-+ assert(d.answer >= HttpStateData::ReuseDecision::reuseNot &&
-+ d.answer <= HttpStateData::ReuseDecision::doNotCacheButShare);
-+ return os << ReuseMessages[d.answer] << " because " << d.reason <<
-+ "; HTTP status " << d.statusCode << " " << *(d.entry);
-+}
-+
-
-=== modified file 'src/http.h'
---- src/http.h 2017-01-01 00:16:45 +0000
-+++ src/http.h 2017-06-14 21:37:20 +0000
-@@ -22,6 +22,23 @@
- {
-
- public:
-+
-+ /// assists in making and relaying entry caching/sharing decision
-+ class ReuseDecision
-+ {
-+ public:
-+ enum Answers { reuseNot = 0, cachePositively, cacheNegatively, doNotCacheButShare };
-+
-+ ReuseDecision(const StoreEntry *e, const Http::StatusCode code);
-+ /// stores the corresponding decision
-+ Answers make(const Answers ans, const char *why);
-+
-+ Answers answer; ///< the decision id
-+ const char *reason; ///< the decision reason
-+ const StoreEntry *entry; ///< entry for debugging
-+ const Http::StatusCode statusCode; ///< HTTP status for debugging
-+ };
-+
- HttpStateData(FwdState *);
- ~HttpStateData();
-
-@@ -39,8 +56,8 @@
- void readReply(const CommIoCbParams &io);
- virtual void maybeReadVirginBody(); // read response data from the network
-
-- // Determine whether the response is a cacheable representation
-- int cacheableReply();
-+ // Checks whether the response is cacheable/shareable.
-+ ReuseDecision::Answers reusableReply(ReuseDecision &decision);
-
- CachePeer *_peer; /* CachePeer request made to */
- int eof; /* reached end-of-object? */
-@@ -119,6 +136,8 @@
- CBDATA_CLASS2(HttpStateData);
- };
-
-+std::ostream &operator <<(std::ostream &os, const HttpStateData::ReuseDecision &d);
-+
- int httpCachable(const HttpRequestMethod&);
- void httpStart(FwdState *);
- SBuf httpMakeVaryMark(HttpRequest * request, HttpReply const * reply);
-
-=== modified file 'src/store.cc'
---- src/store.cc 2017-01-01 00:16:45 +0000
-+++ src/store.cc 2017-06-14 21:37:20 +0000
-@@ -171,11 +171,18 @@
- }
-
- void
--StoreEntry::makePrivate()
-+StoreEntry::makePrivate(const bool shareable)
- {
- /* This object should never be cached at all */
- expireNow();
-- releaseRequest(); /* delete object when not used */
-+ releaseRequest(shareable); /* delete object when not used */
-+}
-+
-+void
-+StoreEntry::clearPrivate()
-+{
-+ EBIT_CLR(flags, KEY_PRIVATE);
-+ shareableWhenPrivate = false;
- }
-
- void
-@@ -365,7 +372,8 @@
- ping_status(PING_NONE),
- store_status(STORE_PENDING),
- swap_status(SWAPOUT_NONE),
-- lock_count(0)
-+ lock_count(0),
-+ shareableWhenPrivate(false)
- {
- debugs(20, 5, "StoreEntry constructed, this=" << this);
- }
-@@ -504,14 +512,14 @@
- }
-
- void
--StoreEntry::releaseRequest()
-+StoreEntry::releaseRequest(const bool shareable)
- {
- if (EBIT_TEST(flags, RELEASE_REQUEST))
- return;
-
- setReleaseFlag(); // makes validToSend() false, preventing future hits
-
-- setPrivateKey();
-+ setPrivateKey(shareable);
- }
-
- int
-@@ -623,12 +631,16 @@
- * concept'.
- */
- void
--StoreEntry::setPrivateKey()
-+StoreEntry::setPrivateKey(const bool shareable)
- {
- const cache_key *newkey;
-
-- if (key && EBIT_TEST(flags, KEY_PRIVATE))
-- return; /* is already private */
-+ if (key && EBIT_TEST(flags, KEY_PRIVATE)) {
-+ // The entry is already private, but it may be still shareable.
-+ if (!shareable)
-+ shareableWhenPrivate = false;
-+ return;
-+ }
-
- if (key) {
- setReleaseFlag(); // will markForUnlink(); all caches/workers will know
-@@ -649,6 +661,7 @@
-
- assert(hash_lookup(store_table, newkey) == NULL);
- EBIT_SET(flags, KEY_PRIVATE);
-+ shareableWhenPrivate = shareable;
- hashInsert(newkey);
- }
-
-@@ -705,14 +718,17 @@
- if (StoreEntry *e2 = (StoreEntry *)hash_lookup(store_table, newkey)) {
- assert(e2 != this);
- debugs(20, 3, "Making old " << *e2 << " private.");
-- e2->setPrivateKey();
-- e2->release();
-+
-+ // TODO: check whether there is any sense in keeping old entry
-+ // shareable here. Leaving it non-shareable for now.
-+ e2->setPrivateKey(false);
-+ e2->release(false);
- }
-
- if (key)
- hashDelete();
-
-- EBIT_CLR(flags, KEY_PRIVATE);
-+ clearPrivate();
-
- hashInsert(newkey);
-
-@@ -830,7 +846,7 @@
- e->lock("storeCreateEntry");
-
- if (neighbors_do_private_keys || !flags.hierarchical)
-- e->setPrivateKey();
-+ e->setPrivateKey(false);
- else
- e->setPublicKey();
-
-@@ -1264,7 +1280,7 @@
-
- /* release an object from a cache */
- void
--StoreEntry::release()
-+StoreEntry::release(const bool shareable)
- {
- PROF_start(storeRelease);
- debugs(20, 3, "releasing " << *this << ' ' << getMD5Text());
-@@ -1274,7 +1290,7 @@
- if (locked()) {
- expireNow();
- debugs(20, 3, "storeRelease: Only setting RELEASE_REQUEST bit");
-- releaseRequest();
-+ releaseRequest(shareable);
- PROF_stop(storeRelease);
- return;
- }
-@@ -1282,7 +1298,7 @@
- Store::Root().memoryUnlink(*this);
-
- if (StoreController::store_dirs_rebuilding && swap_filen > -1) {
-- setPrivateKey();
-+ setPrivateKey(shareable);
-
- if (swap_filen > -1) {
- // lock the entry until rebuilding is done
-@@ -2181,7 +2197,11 @@
- if (EBIT_TEST(e.flags, REFRESH_REQUEST)) os << 'F';
- if (EBIT_TEST(e.flags, ENTRY_REVALIDATE_STALE)) os << 'E';
- if (EBIT_TEST(e.flags, ENTRY_DISPATCHED)) os << 'D';
-- if (EBIT_TEST(e.flags, KEY_PRIVATE)) os << 'I';
-+ if (EBIT_TEST(e.flags, KEY_PRIVATE)) {
-+ os << 'I';
-+ if (e.shareableWhenPrivate)
-+ os << 'H';
-+ }
- if (EBIT_TEST(e.flags, ENTRY_FWD_HDR_WAIT)) os << 'W';
- if (EBIT_TEST(e.flags, ENTRY_NEGCACHED)) os << 'N';
- if (EBIT_TEST(e.flags, ENTRY_VALIDATED)) os << 'V';
-
-=== modified file 'src/tests/stub_store.cc'
---- src/tests/stub_store.cc 2017-01-01 00:16:45 +0000
-+++ src/tests/stub_store.cc 2017-06-14 21:37:20 +0000
-@@ -43,11 +43,11 @@
- void StoreEntry::abort() STUB
- void StoreEntry::unlink() STUB
- void StoreEntry::makePublic(const KeyScope keyScope) STUB
--void StoreEntry::makePrivate() STUB
-+void StoreEntry::makePrivate(const bool shareable) STUB
- void StoreEntry::setPublicKey(const KeyScope keyScope) STUB
--void StoreEntry::setPrivateKey() STUB
-+void StoreEntry::setPrivateKey(const bool shareable) STUB
- void StoreEntry::expireNow() STUB
--void StoreEntry::releaseRequest() STUB
-+void StoreEntry::releaseRequest(const bool shareable) STUB
- void StoreEntry::negativeCache() STUB
- void StoreEntry::cacheNegatively() STUB
- void StoreEntry::purgeMem() STUB
-@@ -99,7 +99,7 @@
- int64_t StoreEntry::contentLen() const STUB_RETVAL(0)
- void StoreEntry::lock(const char *) STUB
- void StoreEntry::touch() STUB
--void StoreEntry::release() STUB
-+void StoreEntry::release(const bool shareable) STUB
-
- NullStoreEntry *NullStoreEntry::getInstance() STUB_RETVAL(NULL)
- const char *NullStoreEntry::getMD5Text() const STUB_RETVAL(NULL)
-
-=== modified file 'src/tests/testStoreController.cc'
---- src/tests/testStoreController.cc 2017-01-01 00:16:45 +0000
-+++ src/tests/testStoreController.cc 2017-06-14 21:37:20 +0000
-@@ -116,7 +116,7 @@
- e->lastModified(squid_curtime);
- e->refcount = 1;
- EBIT_CLR(e->flags, RELEASE_REQUEST);
-- EBIT_CLR(e->flags, KEY_PRIVATE);
-+ e->clearPrivate();
- e->ping_status = PING_NONE;
- EBIT_CLR(e->flags, ENTRY_VALIDATED);
- e->hashInsert((const cache_key *)name.termedBuf()); /* do it after we clear KEY_PRIVATE */
-
-=== modified file 'src/tests/testStoreHashIndex.cc'
---- src/tests/testStoreHashIndex.cc 2017-01-01 00:16:45 +0000
-+++ src/tests/testStoreHashIndex.cc 2017-06-14 21:37:20 +0000
-@@ -97,7 +97,7 @@
- e->lastModified(squid_curtime);
- e->refcount = 1;
- EBIT_CLR(e->flags, RELEASE_REQUEST);
-- EBIT_CLR(e->flags, KEY_PRIVATE);
-+ e->clearPrivate();
- e->ping_status = PING_NONE;
- EBIT_CLR(e->flags, ENTRY_VALIDATED);
- e->hashInsert((const cache_key *)name.termedBuf()); /* do it after we clear KEY_PRIVATE */
-
+++ /dev/null
-------------------------------------------------------------
-revno: 14170
-revision-id: squid3@treenet.co.nz-20170614215906-ly36sobvlr2pt0u6
-parent: squid3@treenet.co.nz-20170614213720-3qmiohlx4zr2jnqq
-fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=2833
-author: Eduard Bagdasaryan <eduard.bagdasaryan@measurement-factory.com>
-committer: Amos Jeffries <squid3@treenet.co.nz>
-branch nick: 3.5
-timestamp: Thu 2017-06-15 09:59:06 +1200
-message:
- Bug 2833 pt3: Do not respond with HTTP/304 to unconditional requests
-
- ... after internal revalidation. The original unconditional HttpRequest
- was still marked (and processed) as conditional after internal
- revalidation because the original (clear) Last-Modified and ETag values
- were not restored (cleared) after the internal revalidation abused them.
-
- TODO: Isolate the code converting the request into conditional one _and_
- the code that undoes that conversion, to keep both actions in sync.
-------------------------------------------------------------
-# Bazaar merge directive format 2 (Bazaar 0.90)
-# revision_id: squid3@treenet.co.nz-20170614215906-ly36sobvlr2pt0u6
-# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# testament_sha1: 0991e2d39b3bcebcf18cba3db0e3b57aabf23b8b
-# timestamp: 2017-06-14 22:22:43 +0000
-# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# base_revision_id: squid3@treenet.co.nz-20170614213720-\
-# 3qmiohlx4zr2jnqq
-#
-# Begin patch
-=== modified file 'src/client_side_reply.cc'
---- src/client_side_reply.cc 2017-06-14 21:37:20 +0000
-+++ src/client_side_reply.cc 2017-06-14 21:59:06 +0000
-@@ -72,8 +72,8 @@
- HTTPMSGUNLOCK(reply);
- }
-
--clientReplyContext::clientReplyContext(ClientHttpRequest *clientContext) : http (cbdataReference(clientContext)), old_entry (NULL), old_sc(NULL), deleting(false),
-- collapsedRevalidation(crNone)
-+clientReplyContext::clientReplyContext(ClientHttpRequest *clientContext) : http (cbdataReference(clientContext)), old_entry (NULL),
-+ old_sc(NULL), old_lastmod(-1), deleting(false), collapsedRevalidation(crNone)
- {}
-
- /** Create an error in the store awaiting the client side to read it.
-@@ -185,6 +185,8 @@
- debugs(88, 3, "clientReplyContext::saveState: saving store context");
- old_entry = http->storeEntry();
- old_sc = sc;
-+ old_lastmod = http->request->lastmod;
-+ old_etag = http->request->etag;
- old_reqsize = reqsize;
- tempBuffer.offset = reqofs;
- /* Prevent accessing the now saved entries */
-@@ -204,9 +206,13 @@
- sc = old_sc;
- reqsize = old_reqsize;
- reqofs = tempBuffer.offset;
-+ http->request->lastmod = old_lastmod;
-+ http->request->etag = old_etag;
- /* Prevent accessed the old saved entries */
- old_entry = NULL;
- old_sc = NULL;
-+ old_lastmod = -1;
-+ old_etag.clean();
- old_reqsize = 0;
- tempBuffer.offset = 0;
- }
-
-=== modified file 'src/client_side_reply.h'
---- src/client_side_reply.h 2017-01-01 00:16:45 +0000
-+++ src/client_side_reply.h 2017-06-14 21:59:06 +0000
-@@ -130,7 +130,11 @@
- void sendNotModifiedOrPreconditionFailedError();
-
- StoreEntry *old_entry;
-- store_client *old_sc; /* ... for entry to be validated */
-+ /* ... for entry to be validated */
-+ store_client *old_sc;
-+ time_t old_lastmod;
-+ String old_etag;
-+
- bool deleting;
-
- typedef enum {
-
+++ /dev/null
-------------------------------------------------------------
-revno: 14171
-revision-id: squidadm@squid-cache.org-20170615001633-wgrl5w8isv15o7gg
-parent: squid3@treenet.co.nz-20170614215906-ly36sobvlr2pt0u6
-committer: Source Maintenance <squidadm@squid-cache.org>
-branch nick: 3.5
-timestamp: Thu 2017-06-15 00:16:33 +0000
-message:
- SourceFormat Enforcement
-------------------------------------------------------------
-# Bazaar merge directive format 2 (Bazaar 0.90)
-# revision_id: squidadm@squid-cache.org-20170615001633-\
-# wgrl5w8isv15o7gg
-# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# testament_sha1: 237182ac5eed6aca7e9aca295a90057f3a8cf10b
-# timestamp: 2017-06-15 00:51:05 +0000
-# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# base_revision_id: squid3@treenet.co.nz-20170614215906-\
-# ly36sobvlr2pt0u6
-#
-# Begin patch
-=== modified file 'src/http.cc'
---- src/http.cc 2017-06-14 21:37:20 +0000
-+++ src/http.cc 2017-06-15 00:16:33 +0000
-@@ -523,7 +523,7 @@
- case Http::scMisdirectedRequest:
- statusAnswer = ReuseDecision::doNotCacheButShare;
- statusReason = shareableError;
-- // fall through to the actual decision making below
-+ // fall through to the actual decision making below
-
- case Http::scBadRequest: // no sharing; perhaps the server did not like something specific to this request
-
-@@ -2438,8 +2438,8 @@
- };
-
- assert(d.answer >= HttpStateData::ReuseDecision::reuseNot &&
-- d.answer <= HttpStateData::ReuseDecision::doNotCacheButShare);
-+ d.answer <= HttpStateData::ReuseDecision::doNotCacheButShare);
- return os << ReuseMessages[d.answer] << " because " << d.reason <<
-- "; HTTP status " << d.statusCode << " " << *(d.entry);
-+ "; HTTP status " << d.statusCode << " " << *(d.entry);
- }
-
-
+++ /dev/null
-------------------------------------------------------------
-revno: 14172
-revision-id: squid3@treenet.co.nz-20170621195439-l63xfsad58ghhhfu
-parent: squidadm@squid-cache.org-20170615001633-wgrl5w8isv15o7gg
-fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4671
-committer: Amos Jeffries <squid3@treenet.co.nz>
-branch nick: 3.5
-timestamp: Thu 2017-06-22 07:54:39 +1200
-message:
- Bug 4671 pt2: GCC 7: raise FTP Gateway CTRL channel buffer to 16KB
-
- Fixes
- error: %s directive output may be truncated writing up to 8191 bytes
- into a region of size 1019
- note: snprintf output between 8 and 8199 bytes into a destination of
- size 1024
-------------------------------------------------------------
-# Bazaar merge directive format 2 (Bazaar 0.90)
-# revision_id: squid3@treenet.co.nz-20170621195439-l63xfsad58ghhhfu
-# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# testament_sha1: eeb32b45efe5504eebeaae89088d4a81d807807c
-# timestamp: 2017-06-21 20:50:58 +0000
-# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# base_revision_id: squidadm@squid-cache.org-20170615001633-\
-# wgrl5w8isv15o7gg
-#
-# Begin patch
-=== modified file 'src/clients/FtpGateway.cc'
---- src/clients/FtpGateway.cc 2017-05-29 04:37:41 +0000
-+++ src/clients/FtpGateway.cc 2017-06-21 19:54:39 +0000
-@@ -192,7 +192,7 @@
-
- #define FTP_LOGIN_NOT_ESCAPED 0
-
--#define CTRL_BUFLEN 1024
-+#define CTRL_BUFLEN 16*1024
- static char cbuf[CTRL_BUFLEN];
-
- /*
-
+++ /dev/null
-------------------------------------------------------------
-revno: 14173
-revision-id: squid3@treenet.co.nz-20170621201248-ezpvykg0b307ix61
-parent: squid3@treenet.co.nz-20170621195439-l63xfsad58ghhhfu
-fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4671
-author: Alex Rousskov <rousskov@measurement-factory.com>
-committer: Amos Jeffries <squid3@treenet.co.nz>
-branch nick: 3.5
-timestamp: Thu 2017-06-22 08:12:48 +1200
-message:
- Replace new/delete operators using modern C++ rules.
-
- This change was motivated by "Mismatched free()/delete/delete[]" errors
- reported by valgrind and mused about in Squid source code.
-
- I speculate that the old new/delete replacement code was the result of
- slow accumulation of working hacks to accomodate various environments,
- as compiler support for the feature evolved. The cumulative result does
- not actually work well (see the above paragraph), and the replacement
- functions had the following visible coding problems according to [1,2]:
-
- a) Declared with non-standard profiles that included throw specifiers.
- b) Declared inline. C++ says that the results of inline declarations
- have unspecified effects. In Squid, they probably necessitated
- complex compiler-specific "extern inline" workarounds.
- c) Defined in the header file. C++ says that defining replacements "in
- any source file" is enough and that multiple replacements per
- program (which is what a header file definition produces) result in
- "undefined behavior".
- d) Declared inconsistently (only 2 out of 4 flavors). Declaring one base
- flavor should be sufficient, but if we declare more, we should
- declare all of them.
-
- [1] http://en.cppreference.com/w/cpp/memory/new/operator_new
- [2] http://en.cppreference.com/w/cpp/memory/new/operator_delete
-
- The replacements were not provided to clang (trunk r13219), but there
- was no explanation why. This patch does not change that exclusion.
-
- I have no idea whether any of the old hacks are still necessary in some
- cases. However, I suspect that either we do not care much if the
- replacements are not enabled on some poorly supported platforms OR we
- can disable them (or make them work) using much simpler hacks for the
- platforms we do care about.
-------------------------------------------------------------
-# Bazaar merge directive format 2 (Bazaar 0.90)
-# revision_id: squid3@treenet.co.nz-20170621201248-ezpvykg0b307ix61
-# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# testament_sha1: 4f15c23326e4e4fe2ca2a6c7a13333e01677a0b0
-# timestamp: 2017-06-21 20:51:02 +0000
-# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# base_revision_id: squid3@treenet.co.nz-20170621195439-\
-# l63xfsad58ghhhfu
-#
-# Begin patch
-=== modified file 'compat/os/macosx.h'
---- compat/os/macosx.h 2017-01-01 00:16:45 +0000
-+++ compat/os/macosx.h 2017-06-21 20:12:48 +0000
-@@ -28,11 +28,6 @@
-
- #include "compat/cmsg.h"
-
--// MacOS GCC 4.0.1 and 4.2.1 supply __GNUC_GNU_INLINE__ but do not actually define __attribute__((gnu_inline))
--#if defined(__cplusplus) && !defined(_SQUID_EXTERNNEW_)
--#define _SQUID_EXTERNNEW_ extern inline
--#endif
--
- #endif /* _SQUID_APPLE_ */
- #endif /* SQUID_OS_MACOSX_H */
-
-
-=== modified file 'compat/os/sgi.h'
---- compat/os/sgi.h 2017-01-01 00:16:45 +0000
-+++ compat/os/sgi.h 2017-06-21 20:12:48 +0000
-@@ -25,15 +25,6 @@
- #define _ABI_SOURCE
- #endif /* USE_ASYNC_IO */
-
--#if defined(__cplusplus) && !defined(_SQUID_EXTERNNEW_) && !defined(_GNUC_)
--/*
-- * The gcc compiler treats extern inline functions as being extern,
-- * while the SGI MIPSpro compilers treat them as inline. To get equivalent
-- * behavior, remove the inline keyword.
-- */
--#define _SQUID_EXTERNNEW_ extern
--#endif
--
- #endif /* _SQUID_SGI_ */
- #endif /* SQUID_OS_SGI_H */
-
-
-=== modified file 'compat/os/solaris.h'
---- compat/os/solaris.h 2017-01-01 00:16:45 +0000
-+++ compat/os/solaris.h 2017-06-21 20:12:48 +0000
-@@ -59,13 +59,6 @@
- #endif
-
- /*
-- * SunPro CC handles extern inline as inline, PLUS extern symbols.
-- */
--#if !defined(_SQUID_EXTERNNEW_) && defined(__SUNPRO_CC)
--#define _SQUID_EXTERNNEW_ extern
--#endif
--
--/*
- * SunStudio CC does not define C++ portability API __FUNCTION__
- */
- #if defined(__SUNPRO_CC) && !defined(__FUNCTION__)
-
-=== removed file 'include/SquidNew.h'
---- include/SquidNew.h 2017-01-01 00:16:45 +0000
-+++ include/SquidNew.h 1970-01-01 00:00:00 +0000
-@@ -1,41 +0,0 @@
--/*
-- * Copyright (C) 1996-2017 The Squid Software Foundation and contributors
-- *
-- * Squid software is distributed under GPLv2+ license and includes
-- * contributions from numerous individuals and organizations.
-- * Please see the COPYING and CONTRIBUTORS files for details.
-- */
--
--#ifndef SQUID_NEW_H
--#define SQUID_NEW_H
--
--#if !defined(__SUNPRO_CC) && !defined(__clang__)
--/* Any code using libstdc++ must have externally resolvable overloads
-- * for void * operator new - which means in the .o for the binary,
-- * or in a shared library. static libs don't propogate the symbol
-- * so, look in the translation unit containing main() in squid
-- * for the extern version in squid
-- */
--#include <new>
--
--_SQUID_EXTERNNEW_ void *operator new(size_t size) throw (std::bad_alloc)
--{
-- return xmalloc(size);
--}
--_SQUID_EXTERNNEW_ void operator delete (void *address) throw()
--{
-- xfree(address);
--}
--_SQUID_EXTERNNEW_ void *operator new[] (size_t size) throw (std::bad_alloc)
--{
-- return xmalloc(size);
--}
--_SQUID_EXTERNNEW_ void operator delete[] (void *address) throw()
--{
-- xfree(address);
--}
--
--#endif /* !__SUNPRO_CC && !__clang__*/
--
--#endif /* SQUID_NEW_H */
--
-
-=== modified file 'include/util.h'
---- include/util.h 2017-01-01 00:16:45 +0000
-+++ include/util.h 2017-06-21 20:12:48 +0000
-@@ -19,23 +19,6 @@
- SQUIDCEXTERN int tvSubUsec(struct timeval, struct timeval);
- SQUIDCEXTERN double tvSubDsec(struct timeval, struct timeval);
- SQUIDCEXTERN void Tolower(char *);
--#if defined(__cplusplus)
--/*
-- * Any code using libstdc++ must have externally resolvable overloads
-- * for void * operator new - which means in the .o for the binary,
-- * or in a shared library. static libs don't propogate the symbol
-- * so, look in the translation unit containing main() in squid
-- * for the extern version in squid
-- */
--#if !defined(_SQUID_EXTERNNEW_)
--#if defined(__GNUC_STDC_INLINE__) || defined(__GNUC_GNU_INLINE__)
--#define _SQUID_EXTERNNEW_ extern inline __attribute__((gnu_inline))
--#else
--#define _SQUID_EXTERNNEW_ extern inline
--#endif
--#endif
--#include "SquidNew.h"
--#endif
-
- SQUIDCEXTERN time_t parse_iso3307_time(const char *buf);
-
-
-=== modified file 'src/SquidNew.cc'
---- src/SquidNew.cc 2017-01-01 00:16:45 +0000
-+++ src/SquidNew.cc 2017-06-21 20:12:48 +0000
-@@ -8,29 +8,45 @@
-
- /* DEBUG: none Memory Allocation */
-
--#define _SQUID_EXTERNNEW_
--
- #include "squid.h"
-
--#ifdef __SUNPRO_CC
-+#if !defined(__clang__)
-
- #include <new>
--void *operator new(size_t size) throw (std::bad_alloc)
--{
-- return xmalloc(size);
--}
--void operator delete (void *address) throw()
--{
-- xfree (address);
--}
--void *operator new[] (size_t size) throw (std::bad_alloc)
--{
-- return xmalloc(size);
--}
--void operator delete[] (void *address) throw()
--{
-- xfree (address);
--}
--
--#endif /* __SUNPRO_CC */
-+
-+void *operator new(size_t size)
-+{
-+ return xmalloc(size);
-+}
-+void operator delete(void *address)
-+{
-+ xfree(address);
-+}
-+void *operator new[](size_t size)
-+{
-+ return xmalloc(size);
-+}
-+void operator delete[](void *address)
-+{
-+ xfree(address);
-+}
-+
-+void *operator new(size_t size, const std::nothrow_t &tag)
-+{
-+ return xmalloc(size);
-+}
-+void operator delete(void *address, const std::nothrow_t &tag)
-+{
-+ xfree(address);
-+}
-+void *operator new[](size_t size, const std::nothrow_t &tag)
-+{
-+ return xmalloc(size);
-+}
-+void operator delete[](void *address, const std::nothrow_t &tag)
-+{
-+ xfree(address);
-+}
-+
-+#endif /* !defined(__clang__) */
-
-
+++ /dev/null
-------------------------------------------------------------
-revno: 14174
-revision-id: squid3@treenet.co.nz-20170622153146-nxo8vl6a9r8z03v4
-parent: squid3@treenet.co.nz-20170621201248-ezpvykg0b307ix61
-fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4671
-committer: Amos Jeffries <squid3@treenet.co.nz>
-branch nick: 3.5
-timestamp: Fri 2017-06-23 03:31:46 +1200
-message:
- Bug 4671 pt3: various GCC 7 compile errors
-
- Also, remove limit on FTP realm strings
-
- Convert ftpRealm() from generating char* to SBuf. This fixes issues identified
- by GCC 7 where the realm string may be longer than the available buffer and
- gets truncated.
- The size of the buffer was making the occurance rather rare, but it is still
- possible.
-------------------------------------------------------------
-# Bazaar merge directive format 2 (Bazaar 0.90)
-# revision_id: squid3@treenet.co.nz-20170622153146-nxo8vl6a9r8z03v4
-# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# testament_sha1: b54e1a339544443ed9b34a094717b2781c746c76
-# timestamp: 2017-06-22 15:50:59 +0000
-# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# base_revision_id: squid3@treenet.co.nz-20170621201248-\
-# ezpvykg0b307ix61
-#
-# Begin patch
-=== modified file 'src/DiskIO/DiskThreads/aiops.cc'
---- src/DiskIO/DiskThreads/aiops.cc 2017-01-01 00:16:45 +0000
-+++ src/DiskIO/DiskThreads/aiops.cc 2017-06-22 15:31:46 +0000
-@@ -290,7 +290,7 @@
- /* Create threads and get them to sit in their wait loop */
- squidaio_thread_pool = memPoolCreate("aio_thread", sizeof(squidaio_thread_t));
-
-- assert(NUMTHREADS);
-+ assert(NUMTHREADS != 0);
-
- for (i = 0; i < NUMTHREADS; ++i) {
- threadp = (squidaio_thread_t *)squidaio_thread_pool->alloc();
-
-=== modified file 'src/clients/FtpGateway.cc'
---- src/clients/FtpGateway.cc 2017-06-21 19:54:39 +0000
-+++ src/clients/FtpGateway.cc 2017-06-22 15:31:46 +0000
-@@ -153,8 +153,8 @@
- virtual void timeout(const CommTimeoutCbParams &io);
- void ftpAcceptDataConnection(const CommAcceptCbParams &io);
-
-- static HttpReply *ftpAuthRequired(HttpRequest * request, const char *realm);
-- const char *ftpRealm(void);
-+ static HttpReply *ftpAuthRequired(HttpRequest * request, SBuf &realm);
-+ SBuf ftpRealm();
- void loginFailed(void);
-
- virtual void haveParsedReplyHeaders();
-@@ -1189,7 +1189,8 @@
- {
- if (!checkAuth(&request->header)) {
- /* create appropriate reply */
-- HttpReply *reply = ftpAuthRequired(request, ftpRealm());
-+ SBuf realm(ftpRealm()); // local copy so SBuf wont disappear too early
-+ HttpReply *reply = ftpAuthRequired(request, realm);
- entry->replaceHttpReply(reply);
- serverComplete();
- return;
-@@ -1290,7 +1291,9 @@
-
- #if HAVE_AUTH_MODULE_BASIC
- /* add Authenticate header */
-- newrep->header.putAuth("Basic", ftpRealm());
-+ // XXX: performance regression. c_str() may reallocate
-+ SBuf realm(ftpRealm()); // local copy so SBuf wont disappear too early
-+ newrep->header.putAuth("Basic", realm.c_str());
- #endif
-
- // add it to the store entry for response....
-@@ -1298,18 +1301,19 @@
- serverComplete();
- }
-
--const char *
-+SBuf
- Ftp::Gateway::ftpRealm()
- {
-- static char realm[8192];
-+ SBuf realm;
-
- /* This request is not fully authenticated */
-- if (!request) {
-- snprintf(realm, 8192, "FTP %s unknown", user);
-- } else if (request->port == 21) {
-- snprintf(realm, 8192, "FTP %s %s", user, request->GetHost());
-- } else {
-- snprintf(realm, 8192, "FTP %s %s port %d", user, request->GetHost(), request->port);
-+ realm.appendf("FTP %s ", user);
-+ if (!request)
-+ realm.append("unknown", 7);
-+ else {
-+ realm.append(request->GetHost());
-+ if (request->port != 21)
-+ realm.appendf(" port %d", request->port);
- }
- return realm;
- }
-@@ -2673,13 +2677,14 @@
- }
-
- HttpReply *
--Ftp::Gateway::ftpAuthRequired(HttpRequest * request, const char *realm)
-+Ftp::Gateway::ftpAuthRequired(HttpRequest * request, SBuf &realm)
- {
- ErrorState err(ERR_CACHE_ACCESS_DENIED, Http::scUnauthorized, request);
- HttpReply *newrep = err.BuildHttpReply();
- #if HAVE_AUTH_MODULE_BASIC
- /* add Authenticate header */
-- newrep->header.putAuth("Basic", realm);
-+ // XXX: performance regression. c_str() may reallocate
-+ newrep->header.putAuth("Basic", realm.c_str());
- #endif
- return newrep;
- }
-
-=== modified file 'src/fde.cc'
---- src/fde.cc 2017-01-01 00:16:45 +0000
-+++ src/fde.cc 2017-06-22 15:31:46 +0000
-@@ -85,15 +85,15 @@
- char const *
- fde::remoteAddr() const
- {
-- LOCAL_ARRAY(char, buf, MAX_IPSTRLEN );
-+ static char buf[MAX_IPSTRLEN+7]; // 7 = length of ':port' strings
-
- if (type != FD_SOCKET)
- return null_string;
-
- if ( *ipaddr )
-- snprintf( buf, MAX_IPSTRLEN, "%s:%d", ipaddr, (int)remote_port);
-+ snprintf(buf, sizeof(buf), "%s:%u", ipaddr, remote_port);
- else
-- local_addr.toUrl(buf,MAX_IPSTRLEN); // toHostStr does not include port.
-+ local_addr.toUrl(buf, sizeof(buf)); // toHostStr does not include port.
-
- return buf;
- }
-
-=== modified file 'src/fs/ufs/RebuildState.cc'
---- src/fs/ufs/RebuildState.cc 2017-01-01 00:16:45 +0000
-+++ src/fs/ufs/RebuildState.cc 2017-06-22 15:31:46 +0000
-@@ -444,7 +444,7 @@
- }
-
- if (0 == in_dir) { /* we need to read in a new directory */
-- snprintf(fullpath, MAXPATHLEN, "%s/%02X/%02X",
-+ snprintf(fullpath, sizeof(fullpath), "%s/%02X/%02X",
- sd->path,
- curlvl1, curlvl2);
-
-@@ -489,7 +489,7 @@
- continue;
- }
-
-- snprintf(fullfilename, MAXPATHLEN, "%s/%s",
-+ snprintf(fullfilename, sizeof(fullfilename), "%s/%s",
- fullpath, entry->d_name);
- debugs(47, 3, HERE << "Opening " << fullfilename);
- fd = file_open(fullfilename, O_RDONLY | O_BINARY);
-
-=== modified file 'src/fs/ufs/RebuildState.h'
---- src/fs/ufs/RebuildState.h 2017-01-01 00:16:45 +0000
-+++ src/fs/ufs/RebuildState.h 2017-06-22 15:31:46 +0000
-@@ -54,7 +54,7 @@
- dirent_t *entry;
- DIR *td;
- char fullpath[MAXPATHLEN];
-- char fullfilename[MAXPATHLEN];
-+ char fullfilename[MAXPATHLEN*2];
-
- StoreRebuildData counts;
-
-
-=== modified file 'src/gopher.cc'
---- src/gopher.cc 2017-01-01 00:16:45 +0000
-+++ src/gopher.cc 2017-06-22 15:31:46 +0000
-@@ -820,7 +820,7 @@
- * This will be called when request write is complete. Schedule read of reply.
- */
- static void
--gopherSendComplete(const Comm::ConnectionPointer &conn, char *buf, size_t size, Comm::Flag errflag, int xerrno, void *data)
-+gopherSendComplete(const Comm::ConnectionPointer &conn, char *, size_t size, Comm::Flag errflag, int xerrno, void *data)
- {
- GopherStateData *gopherState = (GopherStateData *) data;
- StoreEntry *entry = gopherState->entry;
-@@ -840,10 +840,6 @@
- err->url = xstrdup(entry->url());
- gopherState->fwd->fail(err);
- gopherState->serverConn->close();
--
-- if (buf)
-- memFree(buf, MEM_4K_BUF); /* Allocated by gopherSendRequest. */
--
- return;
- }
-
-@@ -885,9 +881,6 @@
- AsyncCall::Pointer call = commCbCall(5,5, "gopherReadReply",
- CommIoCbPtrFun(gopherReadReply, gopherState));
- entry->delayAwareRead(conn, gopherState->replybuf, BUFSIZ, call);
--
-- if (buf)
-- memFree(buf, MEM_4K_BUF); /* Allocated by gopherSendRequest. */
- }
-
- /**
-@@ -898,32 +891,31 @@
- gopherSendRequest(int fd, void *data)
- {
- GopherStateData *gopherState = (GopherStateData *)data;
-- char *buf = (char *)memAllocate(MEM_4K_BUF);
-+ MemBuf mb;
-+ mb.init();
-
- if (gopherState->type_id == GOPHER_CSO) {
- const char *t = strchr(gopherState->request, '?');
-
-- if (t != NULL)
-+ if (t)
- ++t; /* skip the ? */
- else
- t = "";
-
-- snprintf(buf, 4096, "query %s\r\nquit\r\n", t);
-- } else if (gopherState->type_id == GOPHER_INDEX) {
-- char *t = strchr(gopherState->request, '?');
--
-- if (t != NULL)
-- *t = '\t';
--
-- snprintf(buf, 4096, "%s\r\n", gopherState->request);
-+ mb.Printf("query %s\r\nquit", t);
- } else {
-- snprintf(buf, 4096, "%s\r\n", gopherState->request);
-+ if (gopherState->type_id == GOPHER_INDEX) {
-+ if (char *t = strchr(gopherState->request, '?'))
-+ *t = '\t';
-+ }
-+ mb.append(gopherState->request, strlen(gopherState->request));
- }
-+ mb.append("\r\n", 2);
-
-- debugs(10, 5, HERE << gopherState->serverConn);
-+ debugs(10, 5, gopherState->serverConn);
- AsyncCall::Pointer call = commCbCall(5,5, "gopherSendComplete",
- CommIoCbPtrFun(gopherSendComplete, gopherState));
-- Comm::Write(gopherState->serverConn, buf, strlen(buf), call, NULL);
-+ Comm::Write(gopherState->serverConn, &mb, call);
-
- gopherState->entry->makePublic();
- }
-
-=== modified file 'src/icmp/Makefile.am'
---- src/icmp/Makefile.am 2017-01-01 00:16:45 +0000
-+++ src/icmp/Makefile.am 2017-06-22 15:31:46 +0000
-@@ -59,7 +59,8 @@
- pinger_LDFLAGS = $(LIBADD_DL)
- pinger_LDADD=\
- libicmp-core.la \
-- ../ip/libip.la \
-+ $(top_builddir)/src/ip/libip.la \
-+ $(top_builddir)/src/base/libbase.la \
- $(COMPAT_LIB) \
- $(XTRA_LIBS)
-
-
+++ /dev/null
-------------------------------------------------------------
-revno: 14175
-revision-id: squid3@treenet.co.nz-20170629125627-socq6szqysvm9ifa
-parent: squid3@treenet.co.nz-20170622153146-nxo8vl6a9r8z03v4
-fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4112
-author: Sven Eisenberg <sven.eisenberg@lairdtech.com>
-committer: Amos Jeffries <squid3@treenet.co.nz>
-branch nick: 3.5
-timestamp: Fri 2017-06-30 00:56:27 +1200
-message:
- Bug 4112: ssl_engine does not accept cryptodev
-------------------------------------------------------------
-# Bazaar merge directive format 2 (Bazaar 0.90)
-# revision_id: squid3@treenet.co.nz-20170629125627-socq6szqysvm9ifa
-# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# testament_sha1: c74e6941e5b6df8e36d26dd5c02389ae2955bc21
-# timestamp: 2017-06-29 13:51:04 +0000
-# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# base_revision_id: squid3@treenet.co.nz-20170622153146-\
-# nxo8vl6a9r8z03v4
-#
-# Begin patch
-=== modified file 'src/ssl/support.cc'
---- src/ssl/support.cc 2017-01-27 16:14:19 +0000
-+++ src/ssl/support.cc 2017-06-29 12:56:27 +0000
-@@ -737,6 +737,7 @@
-
- #if HAVE_OPENSSL_ENGINE_H
- if (Config.SSL.ssl_engine) {
-+ ENGINE_load_builtin_engines();
- ENGINE *e;
- if (!(e = ENGINE_by_id(Config.SSL.ssl_engine)))
- fatalf("Unable to find SSL engine '%s'\n", Config.SSL.ssl_engine);
-
+++ /dev/null
-------------------------------------------------------------
-revno: 14176
-revision-id: squid3@treenet.co.nz-20170701073514-uzowexcysowqostf
-parent: squid3@treenet.co.nz-20170629125627-socq6szqysvm9ifa
-fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4687
-author: Lubos Uhliarik <luhliari@redhat.com>
-committer: Amos Jeffries <squid3@treenet.co.nz>
-branch nick: 3.5
-timestamp: Sat 2017-07-01 19:35:14 +1200
-message:
- Bug 4687: Wrong names of components in man page, section SEE ALSO
-------------------------------------------------------------
-# Bazaar merge directive format 2 (Bazaar 0.90)
-# revision_id: squid3@treenet.co.nz-20170701073514-uzowexcysowqostf
-# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# testament_sha1: 9099c98de3cb8fc125dd9952373de42c079b0ccc
-# timestamp: 2017-07-01 07:45:05 +0000
-# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# base_revision_id: squid3@treenet.co.nz-20170629125627-\
-# socq6szqysvm9ifa
-#
-# Begin patch
-=== modified file 'src/squid.8.in'
---- src/squid.8.in 2017-01-01 00:16:45 +0000
-+++ src/squid.8.in 2017-07-01 07:35:14 +0000
-@@ -265,11 +265,11 @@
- .SH SEE ALSO
- .if !'po4a'hide' .B cachemgr.cgi "(8), "
- .if !'po4a'hide' .B squidclient "(1), "
--.if !'po4a'hide' .B pam_auth "(8), "
--.if !'po4a'hide' .B squid_ldap_auth "(8), "
--.if !'po4a'hide' .B squid_ldap_group "(8), "
-+.if !'po4a'hide' .B basic_pam_auth "(8), "
-+.if !'po4a'hide' .B basic_ldap_auth "(8), "
-+.if !'po4a'hide' .B ext_ldap_group_acl "(8), "
- .if !'po4a'hide' .B ext_session_acl "(8), "
--.if !'po4a'hide' .B squid_unix_group "(8), "
-+.if !'po4a'hide' .B ext_unix_group_acl "(8), "
- .br
- The Squid FAQ wiki
- .if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq
-
+++ /dev/null
-------------------------------------------------------------
-revno: 14177
-revision-id: squid3@treenet.co.nz-20170701073754-4x1i6p5s1gzk73co
-parent: squid3@treenet.co.nz-20170701073514-uzowexcysowqostf
-committer: Amos Jeffries <squid3@treenet.co.nz>
-branch nick: 3.5
-timestamp: Sat 2017-07-01 19:37:54 +1200
-message:
- basic_ncsa_auth: fix hash listing wrap in man(8) page
-
- '*' list bullet points must be indented with whitespace.
- If they are not the list is treated as a single wrapped paragraph.
-------------------------------------------------------------
-# Bazaar merge directive format 2 (Bazaar 0.90)
-# revision_id: squid3@treenet.co.nz-20170701073754-4x1i6p5s1gzk73co
-# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# testament_sha1: ffd783ab19a438c56affcdc6c1d106fa00403f4f
-# timestamp: 2017-07-01 07:45:09 +0000
-# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# base_revision_id: squid3@treenet.co.nz-20170701073514-\
-# uzowexcysowqostf
-#
-# Begin patch
-=== modified file 'helpers/basic_auth/NCSA/basic_ncsa_auth.8'
---- helpers/basic_auth/NCSA/basic_ncsa_auth.8 2017-01-01 00:16:45 +0000
-+++ helpers/basic_auth/NCSA/basic_ncsa_auth.8 2017-07-01 07:37:54 +0000
-@@ -18,15 +18,15 @@
- .PP
- This authenticator accepts:
- .BR
--* Blowfish - for passwords 72 characters or less in length
--.BR
--* SHA256 - with salting and magic strings
--.BR
--* SHA512 - with salting and magic strings
--.BR
--* MD5 - with optional salt and magic strings
--.BR
--* DES - for passwords 8 characters or less in length
-+ * Blowfish \- for passwords 72 characters or less in length.
-+.BR
-+ * SHA256 \- with salting and magic strings.
-+.BR
-+ * SHA512 \- with salting and magic strings.
-+.BR
-+ * MD5 \- with optional salt and magic strings.
-+.BR
-+ * DES \- for passwords 8 characters or less in length.
- .
- NOTE: Blowfish and SHA algorithms require system-specific support.
- .
-
+++ /dev/null
-------------------------------------------------------------
-revno: 14178
-revision-id: squid3@treenet.co.nz-20170701081116-xekwolj1wdkeaxqv
-parent: squid3@treenet.co.nz-20170701073754-4x1i6p5s1gzk73co
-author: Alex Rousskov <rousskov@measurement-factory.com>
-committer: Amos Jeffries <squid3@treenet.co.nz>
-branch nick: 3.5
-timestamp: Sat 2017-07-01 20:11:16 +1200
-message:
- Fix message packing error handling in mgr and snmp SMP Forwarders.
-
- A missing "return" resulted in Forwarders sending garbage (or worse) to
- Coordinator.
-------------------------------------------------------------
-# Bazaar merge directive format 2 (Bazaar 0.90)
-# revision_id: squid3@treenet.co.nz-20170701081116-xekwolj1wdkeaxqv
-# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# testament_sha1: a593abc992a79d4539dede76b4f63e013f96d33a
-# timestamp: 2017-07-01 08:51:30 +0000
-# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# base_revision_id: squid3@treenet.co.nz-20170701073754-\
-# 4x1i6p5s1gzk73co
-#
-# Begin patch
-=== modified file 'src/ipc/Forwarder.cc'
---- src/ipc/Forwarder.cc 2017-01-01 00:16:45 +0000
-+++ src/ipc/Forwarder.cc 2017-07-01 08:11:16 +0000
-@@ -62,6 +62,7 @@
- // assume the pack() call failed because the message did not fit
- // TODO: add a more specific exception?
- handleError();
-+ return;
- }
-
- SendMessage(Ipc::Port::CoordinatorAddr(), message);
-
+++ /dev/null
-------------------------------------------------------------
-revno: 14179
-revision-id: squid3@treenet.co.nz-20170701095916-wknqmneq2w0mxt6a
-parent: squid3@treenet.co.nz-20170701081116-xekwolj1wdkeaxqv
-author: Alex Rousskov <rousskov@measurement-factory.com>
-committer: Amos Jeffries <squid3@treenet.co.nz>
-branch nick: 3.5
-timestamp: Sat 2017-07-01 21:59:16 +1200
-message:
- Fix mgr query handoff from the original recipient to Coordinator.
-
- This bug has already been fixed once, in trunk r11164.1.61, but that fix
- was accidentally undone shortly after, during significant cross-branch
- merging activity combined with the Forwarder class split. The final
- merge importing the associated code (trunk r11730) was buggy.
-
- The bug (explained in r11164.1.61) leads to a race condition between
-
- * Store notifying Server classes about the entry completion (which might
- trigger a bogus error message sent to the cache manager client while
- Coordinator sends its own valid response on the same connection!) and
-
- * post-cleanup() connection closure handlers of Server classes silently
- closing everything (and leaving Coordinator the only responding
- process on that shared connection).
-
- The bug probably was not noticed for so long because, evidently, the
- latter actions tend to win in the current code.
-------------------------------------------------------------
-# Bazaar merge directive format 2 (Bazaar 0.90)
-# revision_id: squid3@treenet.co.nz-20170701095916-wknqmneq2w0mxt6a
-# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# testament_sha1: c7e89c80468c7f388f7e09ad2d68a245789db50d
-# timestamp: 2017-07-01 10:51:12 +0000
-# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# base_revision_id: squid3@treenet.co.nz-20170701081116-\
-# xekwolj1wdkeaxqv
-#
-# Begin patch
-=== modified file 'src/ipc/Forwarder.h'
---- src/ipc/Forwarder.h 2017-01-01 00:16:45 +0000
-+++ src/ipc/Forwarder.h 2017-07-01 09:59:16 +0000
-@@ -47,12 +47,14 @@
- virtual void handleError();
- virtual void handleTimeout();
- virtual void handleException(const std::exception& e);
-- virtual void handleRemoteAck();
-
- private:
- static void RequestTimedOut(void* param);
- void requestTimedOut();
- void removeTimeoutEvent();
-+
-+ void handleRemoteAck();
-+
- static AsyncCall::Pointer DequeueRequest(unsigned int requestId);
-
- protected:
-
-=== modified file 'src/mgr/Forwarder.cc'
---- src/mgr/Forwarder.cc 2017-01-01 00:16:45 +0000
-+++ src/mgr/Forwarder.cc 2017-07-01 09:59:16 +0000
-@@ -102,17 +102,6 @@
- mustStop("commClosed");
- }
-
--/// called when Coordinator starts processing the request
--void
--Mgr::Forwarder::handleRemoteAck()
--{
-- Ipc::Forwarder::handleRemoteAck();
--
-- Must(entry != NULL);
-- EBIT_CLR(entry->flags, ENTRY_FWD_HDR_WAIT);
-- entry->complete();
--}
--
- /// send error page
- void
- Mgr::Forwarder::sendError(ErrorState *error)
-
-=== modified file 'src/mgr/Forwarder.h'
---- src/mgr/Forwarder.h 2017-01-01 00:16:45 +0000
-+++ src/mgr/Forwarder.h 2017-07-01 09:59:16 +0000
-@@ -40,7 +40,6 @@
- virtual void handleError();
- virtual void handleTimeout();
- virtual void handleException(const std::exception& e);
-- virtual void handleRemoteAck();
-
- private:
- void noteCommClosed(const CommCloseCbParams& params);
-
-=== modified file 'src/tests/stub_libmgr.cc'
---- src/tests/stub_libmgr.cc 2017-01-01 00:16:45 +0000
-+++ src/tests/stub_libmgr.cc 2017-07-01 09:59:16 +0000
-@@ -100,7 +100,6 @@
- void Mgr::Forwarder::handleError() STUB
- void Mgr::Forwarder::handleTimeout() STUB
- void Mgr::Forwarder::handleException(const std::exception& e) STUB
--void Mgr::Forwarder::handleRemoteAck() STUB
-
- #include "mgr/FunAction.h"
- Mgr::Action::Pointer Mgr::FunAction::Create(const CommandPointer &cmd, OBJH *aHandler) STUB_RETVAL(dummyAction)
-
+++ /dev/null
-------------------------------------------------------------
-revno: 14180
-revision-id: squid3@treenet.co.nz-20170701120848-q2xznzfvxb4kwvb6
-parent: squid3@treenet.co.nz-20170701095916-wknqmneq2w0mxt6a
-fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4464
-author: Christos Tsantilas <chtsanti@users.sourceforge.net>
-committer: Amos Jeffries <squid3@treenet.co.nz>
-branch nick: 3.5
-timestamp: Sun 2017-07-02 00:08:48 +1200
-message:
- Bug 4464: Reduce "!Comm::MonitorsRead(serverConnection->fd)" assertions.
-
- * Protect Squid Client classes from new requests that compete with
- ongoing pinned connection use and
- * resume dealing with new requests when those Client classes are done
- using the pinned connection.
-
- Replaced primary ConnStateData::pinConnection() calls with a pair of
- pinBusyConnection() and notePinnedConnectionBecameIdle() calls,
- depending on the pinned connection state ("busy" or "idle").
-
- Removed pinConnection() parameters that were not longer used or could be computed from the remaining parameters.
-
- Removed ConnStateData::httpsPeeked() code "hiding" the originating
- request and connection peer details while entering the first "idle"
- state. The old (trunk r11880.1.6) bump-server-first code used a pair of
- NULLs because "Intercepted connections do not have requests at the
- connection pinning stage", but that limitation no longer applicable
- because Squid always fakes (when intercepting) or parses (a CONNECT)
- request now, even during SslBump step1.
-
- The added XXX and TODOs are not directly related to this fix. They
- were added to document problems discovered while working on this fix.
-
- In v3.5 code, the same problems manifest as Read.cc
- "fd_table[conn->fd].halfClosedReader != NULL" assertions.
-
- This is a Measurement Factory project
-------------------------------------------------------------
-# Bazaar merge directive format 2 (Bazaar 0.90)
-# revision_id: squid3@treenet.co.nz-20170701120848-q2xznzfvxb4kwvb6
-# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# testament_sha1: e4f432eed8a845431d4bbbf023de04d682adeaff
-# timestamp: 2017-07-01 12:32:26 +0000
-# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# base_revision_id: squid3@treenet.co.nz-20170701095916-\
-# wknqmneq2w0mxt6a
-#
-# Begin patch
-=== modified file 'src/FwdState.cc'
---- src/FwdState.cc 2017-01-01 00:16:45 +0000
-+++ src/FwdState.cc 2017-07-01 12:08:48 +0000
-@@ -246,7 +246,7 @@
- #if USE_OPENSSL
- if (request->flags.sslPeek && request->clientConnectionManager.valid()) {
- CallJobHere1(17, 4, request->clientConnectionManager, ConnStateData,
-- ConnStateData::httpsPeeked, Comm::ConnectionPointer(NULL));
-+ ConnStateData::httpsPeeked, ConnStateData::PinnedIdleContext(Comm::ConnectionPointer(nullptr), request));
- }
- #endif
- } else {
-@@ -952,7 +952,7 @@
- #if USE_OPENSSL
- if (request->flags.sslPeek) {
- CallJobHere1(17, 4, request->clientConnectionManager, ConnStateData,
-- ConnStateData::httpsPeeked, serverConnection());
-+ ConnStateData::httpsPeeked, ConnStateData::PinnedIdleContext(serverConnection(), request));
- unregister(serverConn); // async call owns it now
- complete(); // destroys us
- return;
-
-=== modified file 'src/base/RefCount.h'
---- src/base/RefCount.h 2017-01-01 00:16:45 +0000
-+++ src/base/RefCount.h 2017-07-01 12:08:48 +0000
-@@ -54,9 +54,7 @@
-
- C & operator * () const {return *const_cast<C *>(p_); }
-
-- C const * getRaw() const {return p_; }
--
-- C * getRaw() {return const_cast<C *>(p_); }
-+ C * getRaw() const { return const_cast<C *>(p_); }
-
- bool operator == (const RefCount& p) const {
- return p.p_ == p_;
-
-=== modified file 'src/client_side.cc'
---- src/client_side.cc 2017-05-29 13:15:55 +0000
-+++ src/client_side.cc 2017-07-01 12:08:48 +0000
-@@ -836,6 +836,7 @@
- assert(areAllContextsForThisConnection());
- freeAllContexts();
-
-+ // XXX: Closing pinned conn is too harsh: The Client may want to continue!
- unpinConnection(true);
-
- if (Comm::IsConnOpen(clientConnection))
-@@ -1559,6 +1560,13 @@
-
- debugs(33, 3, HERE << "ConnnStateData(" << conn->clientConnection << "), Context(" << clientConnection << ")");
- connIsFinished();
-+ conn->kick();
-+}
-+
-+void
-+ConnStateData::kick()
-+{
-+ ConnStateData * conn = this; // XXX: Remove this diff minimization hack
-
- if (conn->pinning.pinned && !Comm::IsConnOpen(conn->pinning.serverConnection)) {
- debugs(33, 2, HERE << conn->clientConnection << " Connection was pinned but server side gone. Terminating client connection");
-@@ -3240,6 +3248,13 @@
- if (in.buf.isEmpty())
- break;
-
-+ // Prohibit concurrent requests when using a pinned to-server connection
-+ // because our Client classes do not support request pipelining.
-+ if (pinning.pinned && !pinning.readHandler) {
-+ debugs(33, 3, clientConnection << " waits for busy " << pinning.serverConnection);
-+ break;
-+ }
-+
- /* Limit the number of concurrent requests */
- if (concurrentRequestQueueFilled())
- break;
-@@ -4434,22 +4449,19 @@
- }
-
- void
--ConnStateData::httpsPeeked(Comm::ConnectionPointer serverConnection)
-+ConnStateData::httpsPeeked(PinnedIdleContext pic)
- {
- Must(sslServerBump != NULL);
-+ Must(sslServerBump->request == pic.request);
-+ Must(currentobject == NULL || currentobject->http == NULL || currentobject->http->request == pic.request.getRaw());
-
-- if (Comm::IsConnOpen(serverConnection)) {
-- pinConnection(serverConnection, NULL, NULL, false);
-+ if (Comm::IsConnOpen(pic.connection)) {
-+ notePinnedConnectionBecameIdle(pic);
-
- debugs(33, 5, HERE << "bumped HTTPS server: " << sslConnectHostOrIp);
-- } else {
-+ } else
- debugs(33, 5, HERE << "Error while bumping: " << sslConnectHostOrIp);
-
-- // copy error detail from bump-server-first request to CONNECT request
-- if (currentobject != NULL && currentobject->http != NULL && currentobject->http->request)
-- currentobject->http->request->detailError(sslServerBump->request->errType, sslServerBump->request->errDetail);
-- }
--
- getSslContextStart();
- }
-
-@@ -4952,19 +4964,35 @@
- }
-
- void
--ConnStateData::pinConnection(const Comm::ConnectionPointer &pinServer, HttpRequest *request, CachePeer *aPeer, bool auth, bool monitor)
--{
-- if (!Comm::IsConnOpen(pinning.serverConnection) ||
-- pinning.serverConnection->fd != pinServer->fd)
-- pinNewConnection(pinServer, request, aPeer, auth);
--
-- if (monitor)
-- startPinnedConnectionMonitoring();
--}
--
--void
--ConnStateData::pinNewConnection(const Comm::ConnectionPointer &pinServer, HttpRequest *request, CachePeer *aPeer, bool auth)
--{
-+ConnStateData::pinBusyConnection(const Comm::ConnectionPointer &pinServer, const HttpRequest::Pointer &request)
-+{
-+ pinConnection(pinServer, request);
-+}
-+
-+void
-+ConnStateData::notePinnedConnectionBecameIdle(PinnedIdleContext pic)
-+{
-+ Must(pic.connection != NULL);
-+ Must(pic.request != NULL);
-+ pinConnection(pic.connection, pic.request);
-+
-+ // monitor pinned server connection for remote-end closures.
-+ startPinnedConnectionMonitoring();
-+
-+ if (!currentobject)
-+ kick(); // in case clientParseRequests() was blocked by a busy pic.connection
-+}
-+
-+/// Forward future client requests using the given server connection.
-+void
-+ConnStateData::pinConnection(const Comm::ConnectionPointer &pinServer, const HttpRequest::Pointer &request)
-+{
-+ if (Comm::IsConnOpen(pinning.serverConnection) &&
-+ pinning.serverConnection->fd == pinServer->fd) {
-+ debugs(33, 3, "already pinned" << pinServer);
-+ return;
-+ }
-+
- unpinConnection(true); // closes pinned connection, if any, and resets fields
-
- pinning.serverConnection = pinServer;
-@@ -4973,23 +5001,21 @@
-
- Must(pinning.serverConnection != NULL);
-
-- // when pinning an SSL bumped connection, the request may be NULL
- const char *pinnedHost = "[unknown]";
-- if (request) {
-+ if (request != NULL) {
- pinning.host = xstrdup(request->GetHost());
- pinning.port = request->port;
- pinnedHost = pinning.host;
-+ pinning.auth = request->flags.connectionAuth;
- } else {
- pinning.port = pinServer->remote.port();
- }
- pinning.pinned = true;
-- if (aPeer)
-- pinning.peer = cbdataReference(aPeer);
-- pinning.auth = auth;
-+ pinning.peer = cbdataReference(pinServer->getPeer());
- char stmp[MAX_IPSTRLEN];
- char desc[FD_DESC_SZ];
- snprintf(desc, FD_DESC_SZ, "%s pinned connection for %s (%d)",
-- (auth || !aPeer) ? pinnedHost : aPeer->name,
-+ (pinning.auth || !pinning.peer) ? pinnedHost : pinning.peer->name,
- clientConnection->remote.toUrl(stmp,MAX_IPSTRLEN),
- clientConnection->fd);
- fd_note(pinning.serverConnection->fd, desc);
-@@ -5164,3 +5190,8 @@
- * connection has gone away */
- }
-
-+std::ostream &
-+operator <<(std::ostream &os, const ConnStateData::PinnedIdleContext &pic)
-+{
-+ return os << pic.connection << ", request=" << pic.request;
-+}
-
-=== modified file 'src/client_side.h'
---- src/client_side.h 2017-01-01 00:16:45 +0000
-+++ src/client_side.h 2017-07-01 12:08:48 +0000
-@@ -26,6 +26,8 @@
- #include "ssl/support.h"
- #endif
-
-+#include <iosfwd>
-+
- class ConnStateData;
- class ClientHttpRequest;
- class clientStreamNode;
-@@ -188,6 +190,11 @@
- /// Traffic parsing
- bool clientParseRequests();
- void readNextRequest();
-+
-+ // In v3.5, usually called via ClientSocketContext::keepaliveNextRequest().
-+ /// try to make progress on a transaction or read more I/O
-+ void kick();
-+
- ClientSocketContext::Pointer getCurrentContext() const;
- void addContextToQueue(ClientSocketContext * context);
- int getConcurrentRequestCount() const;
-@@ -287,9 +294,21 @@
- bool handleReadData();
- bool handleRequestBodyData();
-
-- /// Forward future client requests using the given server connection.
-- /// Optionally, monitor pinned server connection for remote-end closures.
-- void pinConnection(const Comm::ConnectionPointer &pinServerConn, HttpRequest *request, CachePeer *peer, bool auth, bool monitor = true);
-+ /// parameters for the async notePinnedConnectionBecameIdle() call
-+ class PinnedIdleContext
-+ {
-+ public:
-+ PinnedIdleContext(const Comm::ConnectionPointer &conn, const HttpRequest::Pointer &req): connection(conn), request(req) {}
-+
-+ Comm::ConnectionPointer connection; ///< to-server connection to be pinned
-+ HttpRequest::Pointer request; ///< to-server request that initiated serverConnection
-+ };
-+
-+ /// Called when a pinned connection becomes available for forwarding the next request.
-+ void notePinnedConnectionBecameIdle(PinnedIdleContext pic);
-+ /// Forward future client requests using the given to-server connection.
-+ /// The connection is still being used by the current client request.
-+ void pinBusyConnection(const Comm::ConnectionPointer &pinServerConn, const HttpRequest::Pointer &request);
- /// Undo pinConnection() and, optionally, close the pinned connection.
- void unpinConnection(const bool andClose);
- /// Returns validated pinnned server connection (and stops its monitoring).
-@@ -345,7 +364,7 @@
- /// generated
- void doPeekAndSpliceStep();
- /// called by FwdState when it is done bumping the server
-- void httpsPeeked(Comm::ConnectionPointer serverConnection);
-+ void httpsPeeked(PinnedIdleContext pic);
-
- /// Start to create dynamic SSL_CTX for host or uses static port SSL context.
- void getSslContextStart();
-@@ -449,7 +468,7 @@
- void clientAfterReadingRequests();
- bool concurrentRequestQueueFilled() const;
-
-- void pinNewConnection(const Comm::ConnectionPointer &pinServer, HttpRequest *request, CachePeer *aPeer, bool auth);
-+ void pinConnection(const Comm::ConnectionPointer &pinServerConn, const HttpRequest::Pointer &request);
-
- /* PROXY protocol functionality */
- bool proxyProtocolValidateClient();
-@@ -516,5 +535,7 @@
- void clientProcessRequest(ConnStateData *conn, HttpParser *hp, ClientSocketContext *context, const HttpRequestMethod& method, Http::ProtocolVersion http_ver);
- void clientPostHttpsAccept(ConnStateData *connState);
-
-+std::ostream &operator <<(std::ostream &os, const ConnStateData::PinnedIdleContext &pic);
-+
- #endif /* SQUID_CLIENTSIDE_H */
-
-
-=== modified file 'src/clients/FtpRelay.cc'
---- src/clients/FtpRelay.cc 2017-01-01 00:16:45 +0000
-+++ src/clients/FtpRelay.cc 2017-07-01 12:08:48 +0000
-@@ -210,9 +210,10 @@
- mgr->unpinConnection(false);
- ctrl.close();
- } else {
-- mgr->pinConnection(ctrl.conn, fwd->request,
-- ctrl.conn->getPeer(),
-- fwd->request->flags.connectionAuth);
-+ CallJobHere1(9, 4, mgr,
-+ ConnStateData,
-+ notePinnedConnectionBecameIdle,
-+ ConnStateData::PinnedIdleContext(ctrl.conn, fwd->request));
- ctrl.forget();
- }
- }
-
-=== modified file 'src/http.cc'
---- src/http.cc 2017-06-15 00:16:33 +0000
-+++ src/http.cc 2017-07-01 12:08:48 +0000
-@@ -1383,9 +1383,6 @@
- void
- HttpStateData::processReplyBody()
- {
-- Ip::Address client_addr;
-- bool ispinned = false;
--
- if (!flags.headers_parsed) {
- flags.do_next_read = true;
- maybeReadVirginBody();
-@@ -1435,35 +1432,49 @@
- }
- break;
-
-- case COMPLETE_PERSISTENT_MSG:
-+ case COMPLETE_PERSISTENT_MSG: {
- debugs(11, 5, "processReplyBody: COMPLETE_PERSISTENT_MSG from " << serverConnection);
-- /* yes we have to clear all these! */
-+
-+ // TODO: Remove serverConnectionSaved but preserve exception safety.
-+
- commUnsetConnTimeout(serverConnection);
- flags.do_next_read = false;
-
- comm_remove_close_handler(serverConnection->fd, closeHandler);
- closeHandler = NULL;
-- fwd->unregister(serverConnection);
-
-+ Ip::Address client_addr; // XXX: Remove as unused. Why was it added?
- if (request->flags.spoofClientIp)
- client_addr = request->client_addr;
-
-+ Comm::ConnectionPointer serverConnectionSaved = serverConnection;
-+ fwd->unregister(serverConnection);
-+ serverConnection = nullptr;
-+
-+ bool ispinned = false; // TODO: Rename to isOrShouldBePinned
- if (request->flags.pinned) {
- ispinned = true;
- } else if (request->flags.connectionAuth && request->flags.authSent) {
- ispinned = true;
- }
-
-- if (ispinned && request->clientConnectionManager.valid()) {
-- request->clientConnectionManager->pinConnection(serverConnection, request, _peer,
-- (request->flags.connectionAuth));
-+ if (ispinned) {
-+ if (request->clientConnectionManager.valid()) {
-+ CallJobHere1(11, 4, request->clientConnectionManager,
-+ ConnStateData,
-+ notePinnedConnectionBecameIdle,
-+ ConnStateData::PinnedIdleContext(serverConnectionSaved, request));
-+ } else {
-+ // must not pool/share ispinned connections, even orphaned ones
-+ serverConnectionSaved->close();
-+ }
- } else {
-- fwd->pconnPush(serverConnection, request->GetHost());
-+ fwd->pconnPush(serverConnectionSaved, request->GetHost());
- }
-
-- serverConnection = NULL;
- serverComplete();
- return;
-+ }
-
- case COMPLETE_NONPERSISTENT_MSG:
- debugs(11, 5, "processReplyBody: COMPLETE_NONPERSISTENT_MSG from " << serverConnection);
-
-=== modified file 'src/servers/FtpServer.cc'
---- src/servers/FtpServer.cc 2017-02-26 11:09:42 +0000
-+++ src/servers/FtpServer.cc 2017-07-01 12:08:48 +0000
-@@ -301,12 +301,8 @@
- Must(http != NULL);
- HttpRequest *const request = http->request;
- Must(request != NULL);
--
-- // this is not an idle connection, so we do not want I/O monitoring
-- const bool monitor = false;
--
- // make FTP peer connection exclusive to our request
-- pinConnection(conn, request, conn->getPeer(), false, monitor);
-+ pinBusyConnection(conn, request);
- }
-
- void
-
-=== modified file 'src/tests/stub_client_side.cc'
---- src/tests/stub_client_side.cc 2017-01-01 00:16:45 +0000
-+++ src/tests/stub_client_side.cc 2017-07-01 12:08:48 +0000
-@@ -60,7 +60,8 @@
- void ConnStateData::noteBodyConsumerAborted(BodyPipe::Pointer) STUB
- bool ConnStateData::handleReadData() STUB_RETVAL(false)
- bool ConnStateData::handleRequestBodyData() STUB_RETVAL(false)
--void ConnStateData::pinConnection(const Comm::ConnectionPointer &pinServerConn, HttpRequest *request, CachePeer *peer, bool auth, bool monitor) STUB
-+void ConnStateData::pinBusyConnection(const Comm::ConnectionPointer &, const HttpRequest::Pointer &) STUB
-+void ConnStateData::notePinnedConnectionBecameIdle(PinnedIdleContext) STUB
- void ConnStateData::unpinConnection(const bool andClose) STUB
- const Comm::ConnectionPointer ConnStateData::validatePinnedConnection(HttpRequest *request, const CachePeer *peer) STUB_RETVAL(NULL)
- void ConnStateData::clientPinnedConnectionClosed(const CommCloseCbParams &io) STUB
-@@ -70,7 +71,7 @@
- void ConnStateData::swanSong() STUB
- void ConnStateData::quitAfterError(HttpRequest *request) STUB
- #if USE_OPENSSL
--void ConnStateData::httpsPeeked(Comm::ConnectionPointer serverConnection) STUB
-+void ConnStateData::httpsPeeked(PinnedIdleContext) STUB
- void ConnStateData::getSslContextStart() STUB
- void ConnStateData::getSslContextDone(SSL_CTX * sslContext, bool isNew) STUB
- void ConnStateData::sslCrtdHandleReplyWrapper(void *data, const Helper::Reply &reply) STUB
-
+++ /dev/null
-------------------------------------------------------------
-revno: 14181
-revision-id: squidadm@squid-cache.org-20170701121615-ktx76udds2mzmc6c
-parent: squid3@treenet.co.nz-20170701120848-q2xznzfvxb4kwvb6
-committer: Source Maintenance <squidadm@squid-cache.org>
-branch nick: 3.5
-timestamp: Sat 2017-07-01 12:16:15 +0000
-message:
- SourceFormat Enforcement
-------------------------------------------------------------
-# Bazaar merge directive format 2 (Bazaar 0.90)
-# revision_id: squidadm@squid-cache.org-20170701121615-\
-# ktx76udds2mzmc6c
-# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# testament_sha1: d7942d1260def31f62ccc820a44bb769381beae2
-# timestamp: 2017-07-01 12:32:29 +0000
-# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# base_revision_id: squid3@treenet.co.nz-20170701120848-\
-# q2xznzfvxb4kwvb6
-#
-# Begin patch
-=== modified file 'src/client_side.cc'
---- src/client_side.cc 2017-07-01 12:08:48 +0000
-+++ src/client_side.cc 2017-07-01 12:16:15 +0000
-@@ -5195,3 +5195,4 @@
- {
- return os << pic.connection << ", request=" << pic.request;
- }
-+
-
+++ /dev/null
-------------------------------------------------------------
-revno: 14182
-revision-id: squid3@treenet.co.nz-20170701232253-3beaysa03xf5c67p
-parent: squidadm@squid-cache.org-20170701121615-ktx76udds2mzmc6c
-committer: Amos Jeffries <squid3@treenet.co.nz>
-branch nick: 3.5
-timestamp: Sun 2017-07-02 11:22:53 +1200
-message:
- Fix build on FreeBSD after rev.14180
-
- RefCount<> does not support assignment from nullptr with C++03
-------------------------------------------------------------
-# Bazaar merge directive format 2 (Bazaar 0.90)
-# revision_id: squid3@treenet.co.nz-20170701232253-3beaysa03xf5c67p
-# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# testament_sha1: d5ecf68c60c022783f69311e9049e546be8fa1a0
-# timestamp: 2017-07-01 23:50:58 +0000
-# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# base_revision_id: squidadm@squid-cache.org-20170701121615-\
-# ktx76udds2mzmc6c
-#
-# Begin patch
-=== modified file 'src/http.cc'
---- src/http.cc 2017-07-01 12:08:48 +0000
-+++ src/http.cc 2017-07-01 23:22:53 +0000
-@@ -1449,7 +1449,7 @@
-
- Comm::ConnectionPointer serverConnectionSaved = serverConnection;
- fwd->unregister(serverConnection);
-- serverConnection = nullptr;
-+ serverConnection = NULL;
-
- bool ispinned = false; // TODO: Rename to isOrShouldBePinned
- if (request->flags.pinned) {
-
return 0;
snprintf(commandstring, STRING_SIZE,
- "/usr/sbin/htpasswd -c -m -b " CONFIG_ROOT "/auth/users admin '%s'", password);
+ "/usr/bin/htpasswd -c -B -C 7 -b " CONFIG_ROOT "/auth/users admin '%s'", password);
sprintf(message, _("Setting %s 'admin' user password..."), NAME);
if (runhiddencommandwithstatus(commandstring, _("Setting password"), message, NULL)) {
sprintf(message, _("Problem setting %s 'admin' user password."), NAME);