## Process this file with automake to produce Makefile.in
#
-# $Id: Makefile.am,v 1.12 2002/07/07 18:00:55 hno Exp $
+# $Id: Makefile.am,v 1.13 2002/08/31 13:16:13 robertc Exp $
#
AUTOMAKE_OPTIONS = dist-bzip2 subdir-objects 1.5
rm -f $(distdir)/$$subdir/autoconf.h; \
fi; \
done
+ cp $(top_srcdir)/doc/release-notes/release-2.5.html $(distdir)/RELEASENOTES.html
EXTRA_DIST = \
ChangeLog \
--- /dev/null
+DOC = release-2.5
+
+all: $(DOC).html $(DOC).ps
+
+$(DOC).ps: $(DOC).sgml
+ linuxdoc -B latex -o ps $(DOC)
+
+#$(DOC).dvi: $(DOC).tex
+# latex $(DOC).tex
+# latex $(DOC).tex
+# latex $(DOC).tex
+#
+
+$(DOC).txt: $(DOC).sgml
+ linuxdoc -B txt --filter $(DOC)
+
+$(DOC).html: $(DOC).sgml
+ linuxdoc -B html --split=0 $(DOC)
+
+$(DOC).man: $(DOC).sgml
+ linuxdoc -B txt -m $(DOC)
+
+clean:
+ rm -f *.html
+ rm -f $(DOC).tex $(DOC).ps $(DOC).dvi $(DOC).aux $(DOC).log $(DOC).toc
+ rm -f $(DOC).txt $(DOC).man
--- /dev/null
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
+<HTML>
+<HEAD>
+ <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.21">
+ <TITLE>Squid 2.5 release notes</TITLE>
+</HEAD>
+<BODY>
+<H1>Squid 2.5 release notes</H1>
+
+<H2>Squid Developers</H2>$Id: release-2.5.html,v 1.2 2002/08/31 13:16:13 robertc Exp $
+<HR>
+<EM>This document contains the release notes for version 2.5 of Squid.
+Squid is a WWW Cache application developed by the National Laboratory
+for Applied Network Research and members of the Web Caching community.</EM>
+<HR>
+<H2><A NAME="s1">1. Key changes from squid 2.4:</A></H2>
+
+<P>
+<UL>
+<LI>Major rewrite of proxy authentication to support other schemes
+than basic. First in the line is NTLM support but others can
+easily be added (minimal digest is present). See the Programmers
+Guide for the internals.
+Thanks to the SAMBA team for some excellent collaboration on the
+NTLM support!
+(Robert Collins & Francesco Chemolli)</LI>
+<LI>Optimized searching in proxy_auth and ident ACL types. Squid
+should now handle large access lists a lot more efficiently.
+(Francesco Chemolli)</LI>
+<LI>Fixed forwarding/peer loop detection code (Brian Degenhardt) -
+now a peer is ignored if it turns out to be us, rather than
+committing suicide</LI>
+<LI>Changed the internal URL code to obey appendDomain for
+internal objects if it needs appending. This fixes weirdnesses
+where a machine can think it is "foo.bar.com", and "foo" is
+requested.
+(Brian Degenhardt)</LI>
+<LI>Added the use of Automake to create the Makefile.in's in the
+squid source tree. This will allow libtool in the future, and
+immediately allows better dependency tracking - with or
+without gcc - as well as the dist-all and distcheck targets
+for developers which respectively build a tar.gz and a tar.bz2
+distribution, and check that what will be distributed builds.
+(Robert Collins)</LI>
+<LI>Added TOS and source address selection based on ACLs,
+written by Roger Venning. This allows administrators to set
+the TOS precedence bits and/or the source IP from a set of
+available IPs based upon some ACLs, generally to map different
+users to different outgoing links and traffic profiles.</LI>
+<LI>Added 'max-conn' option to 'cache_peer'</LI>
+<LI>Added SSL gatewaying support, allowing Squid to act as a SSL
+server in accelerator setups.</LI>
+<LI>Many new authentication helpers.</LI>
+<LI>no_cache now applies to cache hits as well as cache misses</LI>
+<LI>the Gopher client in Squid has been significantly improved</LI>
+<LI>Squid now sanity checks FTP data connections to ensure the
+connection is from the requested server. Can be disabled if
+needed by turning off the ftp_sanitycheck option.</LI>
+<LI>external acl support. A mechanism where flexible ACL checks
+can be driven by external helpers. See the external_acl_type
+and acl external directives.</LI>
+<LI>Countless other small things and fixes</LI>
+<LI>HTML pages generated by Squid or CacheMgr as well as the
+ERR documents now contain a doctype declaration so that
+browsers know which HTML specification the document uses.
+In addition to that they have a new look
+(background-color, font) and are valid according to the HTML
+standards at www.w3.org.
+(Clemens Löser)</LI>
+<LI>Login and password send to Basic auth helpers is now URL
+escaped to allow for spaces and other "odd" characters in
+logins and passwords</LI>
+<LI>Proxy Authentication is no longer blindly forwarded to peer
+caches if not used locally. If forwarding of proxy authentication
+is desired then it must now be configured with the login=PASS
+cache_peer option.</LI>
+<LI>Responses with Vary: in the header are now cached by squid.
+(Henrik Nordstrom).</LI>
+</UL>
+</P>
+
+<H2><A NAME="s2">2. Changes to squid.conf</A></H2>
+
+<P>
+<DL>
+<DT><B>http_port</B><DD><P>Allows ip address specification.</P>
+<DT><B>https_port</B><DD><P>This is an option for use with SSL acceleration - it determines where squid listens for SSL requests.</P>
+<DT><B>ssl_unclean_shutdown</B><DD><P>This is used to handle some bugs in browsers that don't fully support SSL.</P>
+<DT><B>tcp_incoming_address</B><DD><P>This has been removed - use the http_port line to specify ip address's.</P>
+<DT><B>cache_peer</B><DD><P>login= has been extended to allow pass through authentication, fixed password authentication and maximum connection limits.</P>
+<DT><B>hosts_file</B><DD><P>Directs squid to read in a set of name-address associations upon startup and reconfiguration.</P>
+<DT><B>authenticate_program</B><DD>
+<DT><B>authenticate_children</B><DD>
+<DT><B>proxy_auth_realm</B><DD><P>Removed. See auth_param.</P>
+<DT><B>auth_param</B><DD><P>This replaces the authenticate_program directive. It allows configuration of multiple authentication helpers, one for each of the supported authentication schemes. Such schemes include "NTLM", "Digest (from RFC 2617)", and "Basic".</P>
+<DT><B>authenticate_cache_garbage_interval</B><DD><P>This directive sets the garbage collection interval for the authentication cache.</P>
+<DT><B>external_acl_type</B><DD><P>This directive configures the new external ACL Helper interface. VERY useful for authenticating by group membership - i.e. from an LDAP server or NT domain.</P>
+<DT><B>request_body_max_size</B><DD><P>The default for this is now 0 - unlimited.</P>
+<DT><B>reply_body_max_size</B><DD><P>Now multiple size limits are allowed based on ACL lists.</P>
+<DT><B>refresh_pattern</B><DD><P>The default is now blank - users must uncomment the suggested default to use it. This allows the use of a blank refresh pattern if desired.</P>
+<DT><B>request_timeout</B><DD><P>Raised the default to 5 minutes.</P>
+<DT><B>persistent_request_timeout</B><DD><P>New directive - how long to wait after a reply is completed before closing the connection.</P>
+<DT><B>acl</B><DD><P>New acl types
+<UL>
+<LI>referer_regex (match Referer headers),</LI>
+<LI>max_user_ip (limit concurrent IP's a single user may use)</LI>
+<LI>rep_mime_type (filter replies based on their content type).</LI>
+<LI>external (use an external helper)</LI>
+</UL>
+</P>
+<DT><B>http_reply_access</B><DD><P>Limit HTTP replies based on ACL's. This is complementary to http_access.</P>
+<DT><B>tcp_outgoing_tos</B><DD>
+<DT><B>tcp_outgoing_ds</B><DD>
+<DT><B>tcp_outgoing_dscp</B><DD><P>These three directives allow marking of outbound connections at the IP level - i.e. for choosing routes based on the usercode.</P>
+<DT><B>tcp_outgoing_address</B><DD><P>Allows mapping of requests onto specific outbound IP address's.</P>
+<DT><B>anonymize_headers</B><DD><P>Removed. See header_access.</P>
+<DT><B>header_access</B><DD><P>Allow granular filtering of HTTP headers.</P>
+<DT><B>header_replace</B><DD><P>Replace specific headers with custom values.</P>
+<DT><B>pipeline_prefetch</B><DD><P>Now defaults to off for bandwidth management and access logging reasons.</P>
+<DT><B>vary_ignore_expire</B><DD><P>Enables a workaround for web servers that immediately expire Varied objects because they think squid is unable to handle Vary:.</P>
+<DT><B>sleep_after_fork</B><DD><P>Give the OS a small amount of time to accomodate the fork+exec used to launch helpers - if squid has a lot of virtual memory allocated the OS may run out of virtual memory during helper spawning otherwise.</P>
+</DL>
+</P>
+</BODY>
+</HTML>
--- /dev/null
+<!doctype linuxdoc system>
+<article>
+<title>Squid 2.5 release notes</title>
+<author>Squid Developers</author>
+<date>$Id: release-2.5.sgml,v 1.2 2002/08/31 13:16:13 robertc Exp $</date>
+
+<abstract>
+This document contains the release notes for version 2.5 of Squid.
+Squid is a WWW Cache application developed by the National Laboratory
+for Applied Network Research and members of the Web Caching community.
+</abstract>
+
+<toc>
+<sect>Key changes from squid 2.4:
+<p>
+<itemize>
+ <item>Major rewrite of proxy authentication to support other schemes
+ than basic. First in the line is NTLM support but others can
+ easily be added (minimal digest is present). See the Programmers
+ Guide for the internals.
+ Thanks to the SAMBA team for some excellent collaboration on the
+ NTLM support!
+ (Robert Collins & Francesco Chemolli)
+ <item>Optimized searching in proxy_auth and ident ACL types. Squid
+ should now handle large access lists a lot more efficiently.
+ (Francesco Chemolli)
+ <item>Fixed forwarding/peer loop detection code (Brian Degenhardt) -
+ now a peer is ignored if it turns out to be us, rather than
+ committing suicide
+ <item>Changed the internal URL code to obey appendDomain for
+ internal objects if it needs appending. This fixes weirdnesses
+ where a machine can think it is "foo.bar.com", and "foo" is
+ requested.
+ (Brian Degenhardt)
+ <item>Added the use of Automake to create the Makefile.in's in the
+ squid source tree. This will allow libtool in the future, and
+ immediately allows better dependency tracking - with or
+ without gcc - as well as the dist-all and distcheck targets
+ for developers which respectively build a tar.gz and a tar.bz2
+ distribution, and check that what will be distributed builds.
+ (Robert Collins)
+ <item>Added TOS and source address selection based on ACLs,
+ written by Roger Venning. This allows administrators to set
+ the TOS precedence bits and/or the source IP from a set of
+ available IPs based upon some ACLs, generally to map different
+ users to different outgoing links and traffic profiles.
+ <item>Added 'max-conn' option to 'cache_peer'
+ <item>Added SSL gatewaying support, allowing Squid to act as a SSL
+ server in accelerator setups.
+ <item>Many new authentication helpers.
+ <item>no_cache now applies to cache hits as well as cache misses
+ <item>the Gopher client in Squid has been significantly improved
+ <item>Squid now sanity checks FTP data connections to ensure the
+ connection is from the requested server. Can be disabled if
+ needed by turning off the ftp_sanitycheck option.
+ <item>external acl support. A mechanism where flexible ACL checks
+ can be driven by external helpers. See the external_acl_type
+ and acl external directives.
+ <item>Countless other small things and fixes
+ <item>HTML pages generated by Squid or CacheMgr as well as the
+ ERR documents now contain a doctype declaration so that
+ browsers know which HTML specification the document uses.
+ In addition to that they have a new look
+ (background-color, font) and are valid according to the HTML
+ standards at www.w3.org.
+ (Clemens Löser)
+ <item>Login and password send to Basic auth helpers is now URL
+ escaped to allow for spaces and other "odd" characters in
+ logins and passwords
+ <item>Proxy Authentication is no longer blindly forwarded to peer
+ caches if not used locally. If forwarding of proxy authentication
+ is desired then it must now be configured with the login=PASS
+ cache_peer option.
+ <item>Responses with Vary: in the header are now cached by squid.
+ (Henrik Nordstrom).
+</itemize>
+
+<sect>Changes to squid.conf
+<p><descrip>
+<tag>http_port</tag>Allows ip address specification.
+<tag>https_port</tag>This is an option for use with SSL acceleration - it determines where squid listens for SSL requests.
+<tag>ssl_unclean_shutdown</tag>This is used to handle some bugs in browsers that don't fully support SSL.
+<tag>tcp_incoming_address</tag>This has been removed - use the http_port line to specify ip address's.
+<tag>cache_peer</tag>login= has been extended to allow pass through authentication, fixed password authentication and maximum connection limits.
+<tag>hosts_file</tag>Directs squid to read in a set of name-address associations upon startup and reconfiguration.
+<tag>authenticate_program</tag><p><tag>authenticate_children</tag><p><tag>proxy_auth_realm</tag>Removed. See auth_param.
+<tag>auth_param</tag>This replaces the authenticate_program directive. It allows configuration of multiple authentication helpers, one for each of the supported authentication schemes. Such schemes include "NTLM", "Digest (from RFC 2617)", and "Basic".
+<tag>authenticate_cache_garbage_interval</tag>This directive sets the garbage collection interval for the authentication cache.
+<tag>external_acl_type</tag>This directive configures the new external ACL Helper interface. VERY useful for authenticating by group membership - i.e. from an LDAP server or NT domain.
+<tag>request_body_max_size</tag>The default for this is now 0 - unlimited.
+<tag>reply_body_max_size</tag>Now multiple size limits are allowed based on ACL lists.
+<tag>refresh_pattern</tag>The default is now blank - users must uncomment the suggested default to use it. This allows the use of a blank refresh pattern if desired.
+<tag>request_timeout</tag>Raised the default to 5 minutes.
+<tag>persistent_request_timeout</tag> New directive - how long to wait after a reply is completed before closing the connection.
+<tag>acl</tag>New acl types<itemize><item>referer_regex (match Referer headers),
+<item>max_user_ip (limit concurrent IP's a single user may use)
+<item>rep_mime_type (filter replies based on their content type).
+<item>external (use an external helper)</itemize>
+<tag>http_reply_access</tag>Limit HTTP replies based on ACL's. This is complementary to http_access.
+<tag>tcp_outgoing_tos</tag><p><tag>tcp_outgoing_ds</tag><p><tag>tcp_outgoing_dscp</tag>These three directives allow marking of outbound connections at the IP level - i.e. for choosing routes based on the usercode.
+<tag>tcp_outgoing_address</tag>Allows mapping of requests onto specific outbound IP address's.
+<tag>anonymize_headers</tag>Removed. See header_access.
+<tag>header_access</tag>Allow granular filtering of HTTP headers.
+<tag>header_replace</tag>Replace specific headers with custom values.
+<tag>pipeline_prefetch</tag>Now defaults to off for bandwidth management and access logging reasons.
+<tag>vary_ignore_expire</tag>Enables a workaround for web servers that immediately expire Varied objects because they think squid is unable to handle Vary:.
+<tag>sleep_after_fork</tag>Give the OS a small amount of time to accomodate the fork+exec used to launch helpers - if squid has a lot of virtual memory allocated the OS may run out of virtual memory during helper spawning otherwise.
+</descrip>
+</article>
+
projects / thirdparty / squid.git / commitdiff
