From: Amos Jeffries Date: Fri, 26 Jun 2009 09:08:44 +0000 (+1200) Subject: Prep for 3.1.0.9 X-Git-Tag: SQUID_3_2_0_1~929 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=5df6d59606cab44e120e3ff702938aaf781dde85;p=thirdparty%2Fsquid.git Prep for 3.1.0.9 --- diff --git a/ChangeLog b/ChangeLog index f385dd9f55..742e1b46fd 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,20 @@ +Changes to squid-3.1.0.9 (26 Jun 2009): + + - Bug 2682: Add ftp_epsv control to disable EPSV support. + - Bug 2665: Detach automake system from using -I. + - Bug 2395: FTP auth errors not displayed + - ... also several changes and bugs closed in 3.0.STABLE16 + - Port from 2.7: Show local address on listening sockets + - Add "tag" type acl matching tags set by external acl helpers. + - Adds Language alias linker/installer/upgrade scripts + - Support for GCC 4.4 + - Fix false NAT lookup errors on Linux + - Fix many Windows port issues + - Fix squid_kerb_auth helepr install location + - Better detection of IPv6 stack types + - Updates Licensing information for Squid 3.1 + - ... and many packaging portability build and install issues + Changes to squid-3.1.0.8 (24 May 2009): - Bug 2656: Pinger dies with general protection fault diff --git a/doc/release-notes/release-3.1.html b/doc/release-notes/release-3.1.html index 6dc06952d1..2183a41920 100644 --- a/doc/release-notes/release-3.1.html +++ b/doc/release-notes/release-3.1.html @@ -1,11 +1,11 @@ - - Squid 3.1.0.7 release notes + + Squid 3.1.0.9 release notes -

Squid 3.1.0.7 release notes

Squid 3.1.0.9 release notes

Squid Developers

@@ -80,7 +80,7 @@ for Applied Network Research and members of the Web Caching community.

1. Notice

The Squid Team are pleased to announce the release of Squid-3.1.0.7 for testing.

The Squid Team are pleased to announce the release of Squid-3.1.0.9 for testing.

This new release is available for download from http://www.squid-cache.org/Versions/v3/3.1/ or the mirrors.

@@ -793,6 +793,25 @@ New translations can be downloaded from http://www.squid-cache.org/Versions/lang

ftp_epsv

+        FTP Protocol extensions permit the use of a special "EPSV" command.
+
+        NATs may be able to put the connection on a "fast path" through the
+        translator using EPSV, as the EPRT command will never be used and therefore,
+        translation of the data portion of the segments will never be needed.
+
+        Turning this OFF will prevent EPSV being attempted.
+
+        WARNING: Doing so will convert Squid back to the old behavior with all
+        the related problems with external NAT devices/layers.
+
+        Requires ftp_passive to be ON (default) for any effect.
+        
+

ftp_epsv_all

@@ -814,6 +833,10 @@ New translations can be downloaded from http://www.squid-cache.org/Versions/lang

forward_max_tries

Controls how many different forward paths Squid will try +before giving up. Default: 10

include

New option to import entire secondary configuration files into squid.conf.

@@ -968,9 +991,10 @@ DEFAULT: None bypassed.
 
 
 

-acl dst ipv6

+
acl

 New preset content ipv6 available as a preset type in the src and dst ACL matching all of the public IPv6 network space.
 New acl type myportname, matching the name of the http_port or https_port where the request was accepted.
+New acl type tag, matching the tag= returned from the external_acl_type helper.
 New acl type peername, matching against a named cache_peer entry where the request will be attempted first.
 NP: peername currently is limited to only match the first peer possible.
 
@@ -978,6 +1002,7 @@ NP: peername currently is limited to only match the first peer possible.
         acl aclname src ipv6                    # request from IPv6 address
         acl aclname myportname 3128 ...         # http(s)_port name
         acl aclname peername myPeer ...         # cache_peer ... name=myPeer
+        acl aclname tag value ...               # tag= option from external ACL
         
 
 
@@ -1022,7 +1047,7 @@ see cache_mem and maximum_object_size_in_memory for size parameters.
 
cache_mem

 Default size increased to 256MB.
 
-
cache_peer htcp-no-clr htcp-no-purge-clr htcp-only-clr htcp-forward-clr connection-auth[=on|off|auto]

+
cache_peer htcp-no-clr htcp-no-purge-clr htcp-only-clr htcp-forward-clr connection-auth[=on|off|auto] connect-fail-limit=N

 New Options.
 
         use 'htcp-no-clr' to send HTCP to the neighbor but without
@@ -1044,6 +1069,10 @@ see cache_mem and maximum_object_size_in_memory for size parameters.
         and any such challenges received from there should be
         ignored. Default is 'auto' to automatically determine the
         status of the peer.
+
+        use 'connect-fail-limit=nn' to specify how many times
+        connecting to a peer must fail before it is marked as
+        down. Default is 10.
         
 
 
@@ -1066,6 +1095,10 @@ contained in the directory it points at. If absent, error page localization will

debug_options rotate=

New parameter rotate=N to control number of cache.log rotations independent of other logs.

+ +

external_acl_type

New options 'ipv4' and 'ipv6' are added to set the IPv4/v6 protocol between squid and its helpers. Please be aware of some limits to these options. These options only affet the transport protocol used @@ -1074,9 +1107,7 @@ format, so all helpers will need to be checked and converted to cope with such i

           ipv4 / ipv6   IP-mode used to communicate to this helper.
                         For compatability with older configurations and helpers
-                        'ipv4' is the default unless --with-localhost-ipv6 is used.
-                        --with-localhost-ipv6 changes the default to 'ipv6'.
-                        SPECIAL NOTE: explicit use of these options override --with-localhost-ipv6
+                        the default is 'ipv4'.

@@ -1152,6 +1183,9 @@ For now option 'tproxy' remains with old behaviour meaning fully-invisible proxy

https_port intercept sslbump connection-auth[=on|off]

New port options. see http_port.

logfile_rotate

No longer controls cache.log rotation. Use debug_options rotate=N instead.

maximum_object_size_in_memory

Default size limit increased to 512KB.

@@ -1161,7 +1195,16 @@ permitted by the message generating web server.

Changing this is an RFC 2616 violation and now requires --enable-http-violations

refresh_pattern

New set of basic patterns. These should always be listed after any custom ptterns. +

New option 'ignore-must-revalidate'. +

+        ignore-must-revalidate ignores any ``Cache-Control: must-revalidate``
+        headers received from a server. Doing this VIOLATES
+        the HTTP standard. Enabling this feature could make you
+        liable for problems which it causes.
+        
+

New set of basic patterns. These should always be listed after any custom patterns. They ensure RFC compliance with certain protocol and request handling in the absence of accurate Cache-Control: and Expires: information.

@@ -1216,7 +1259,6 @@ refresh_pattern .                    0   20%     4320
 Method names now accepted. Replacing the old magic numbers.
 '1' becomes 'gre' and '2' becomes 'l2'
 
-
 
 
 
@@ -1297,12 +1339,6 @@ check the CNAME-Only Requests statistics squid maintains.
 If it produces ongoing serious problems the external helper may be needed
 but please report the bugs anyway.
 
---with-localhost-ipv6

-Build support for squid to map all 127.0.0.1 traffic onto ::1.
-The default is to build with 127.0.0.1 and ::1 being considered seperate IP.
-see the IPv6 details above for a better description.
-WARNING: This is an RFC violation. Use is discouraged.
-
 
--with-logdir=PATH

 Allow build-time configuration of Default location for squid logs.
 
@@ -1310,6 +1346,9 @@ see the IPv6 details above for a better description.
 Enable special additions for IPv6 support in Windows XP.
 see the IPv6 details above for a better description.
 
+
--with-pidfile=PATH

+Allow build-time configuration of Default location and name of squid.pid file.
+
 
--with-po2html=PATH

 Absolute path to po2html executable.
 Default is to automatically detect the binary.
@@ -1382,7 +1421,6 @@ The helper will now compile and work with dns_nameservers on more variants of Li
 
 
http_port

 no-connection-auth replaced by connection-auth=[on|off]. Default is ON.
-tcpkeepalive= replaced by keepalive=
 transparent option replaced by intercept
 
 
httpd_accel_no_pmtu_disc

diff --git a/doc/release-notes/release-3.1.sgml b/doc/release-notes/release-3.1.sgml
index 5fba020a4c..0a03b16231 100644
--- a/doc/release-notes/release-3.1.sgml
+++ b/doc/release-notes/release-3.1.sgml
@@ -1,6 +1,6 @@
 
 
-Squid 3.1.0.8 release notes
+Squid 3.1.0.9 release notes
 Squid Developers
 
 
@@ -13,7 +13,7 @@ for Applied Network Research and members of the Web Caching community.
 
 Notice
 
-The Squid Team are pleased to announce the release of Squid-3.1.0.8 for testing.
+The Squid Team are pleased to announce the release of Squid-3.1.0.9 for testing.
 
 This new release is available for download from  or the .