serassio [Wed, 15 Aug 2007 01:17:43 +0000 (01:17 +0000)]
Fix build errors on HP Tru64 Unix and may be others
- xusleep.c: on Tru64 timeval is defined in sys/time.h
- move the definition of ISO C99 Standard printf() macros for 64 bit
integers from squid.h to squid_types.h
rousskov [Mon, 13 Aug 2007 22:48:20 +0000 (22:48 +0000)]
Bug #2016 fix: Prevent BodyPipe async calls from getting seemingly
out of order and causing truncated responses, especially with ICAP.
When BodyPipe consumer is gone, all async calls for that consumer must not
reach the next consumer (if any). Similarly, we should not schedule async calls
when no consumer has been registered yet.
Otherwise, the calls may go out of order if _some_ calls are dropped due to
the ultimate destination being temporary NULL. The new code does not schedule
async calls until consumer is registered. The new code also keeps track of the
number of outstanding events and skips that number if the consumer leaves.
TODO: when AscyncCall support is improved, should we just schedule calls
directly to consumer? It could be a much cleaner solution than counting
pending calls and skipping them when needed.
amosjeffries [Mon, 13 Aug 2007 05:57:28 +0000 (05:57 +0000)]
Fix bug 1560 : Bad filedescriptor in ftpSend actions.
This was caused by some FTP operations failing and calling the ftpFail
properly, but then going on to call an ftpSend.
It may also occur when a ftpSend event is scheduled prior to the server
control channel dying or being closed.
This patch adds a function haveControlChannel(const char *caller_name)
which displays a debug notice at level 3 and returns false if the server
control channels are not available. This is now called by each Sending
operation before it begins.
serassio [Sat, 11 Aug 2007 19:27:27 +0000 (19:27 +0000)]
Windows port: workaround for fatal build error using latest MinGW
Using the latest MinGW (gcc 3.4.5 + mingw-runtime 3.13) we cannot build with
-Wmissing-prototypes -Wmissing-declarations gcc options due to some heavy
tricks contained in own MinGW include files.
rousskov [Fri, 10 Aug 2007 05:30:52 +0000 (05:30 +0000)]
Bug 2034 fix, v4: Separate handling of virgin server responses and ICAP-adapted
responses. Both can be active at the same time. Only one can become final and
get into the store entry.
Also, do not abort ICAP transactions when the virgin response ends prematurely.
Keep going because the ICAP initiator may still want to know the ICAP reaction
to the now-truncated virgin message.
This version passes a few basic tests, but may need more work and does need
polishing. For example, the common code should be factored out from
ICAPModXact::noteBodyProductionEnded and ICAPModXact::noteBodyProducerAborted.
rousskov [Wed, 8 Aug 2007 02:02:51 +0000 (02:02 +0000)]
Bug #2000 fix: Use StoreEntryStreamBuf::overflow() profile that matches
std::streambuf::overflow() profile for virtual method overriding to work.
Some GCC (or libstdc++) versions distinguished "char" used by our old
StoreEntryStreamBuf::overflow() from "int_type" used by their std::streambuf.
In such cases, overflow() overriding would not work and overflowed data would
not be appended to the store entry because the default overflow() does
nothing. This happened on Debian 4.1.2 lenny/sid (unstable) with
gcc version 4.1.3 20070629 (prerelease).
The fix works for a few recent GCC libstdc++ libraries I have tested with but
may cause Squid compilation, check, or runtime failures with libraries using
different std::streambuf::overflow() profiles. If that happens, ./configure
may need to detect the correct profile. Alternatively, we can supply an
overflow() wrapper for multiple profiles in hope that one will match
std::streambuf::overflow (ick!).
Amos Jeffries <squid3@treenet.co.nz> reported and helped fix this bug.
rousskov [Wed, 8 Aug 2007 01:45:51 +0000 (01:45 +0000)]
Do not assume that store stream cannot flush its contents into the store entry
unless we call the flush method. Depending on stream implementation, it is
possible that the stream will flush while we add data to it and before we
call flush().
Added more store stream output cases, including floating point numbers and
their formatting.
rousskov [Wed, 8 Aug 2007 01:41:56 +0000 (01:41 +0000)]
Bug #2000 pre-fix: Polish StoreEntryStream style.
This change should not have significant runtime effects. It makes
StoreEntryStream code a little easier to understand and brings it a little
closer to Squid3 coding style guidelines.
amosjeffries [Fri, 3 Aug 2007 08:22:52 +0000 (08:22 +0000)]
Add pointer validation in helperStatefulHandleRead check for callback data.
Coverity checker detected a NULL pointer dereference.
Existing logics to handle missing callback data were present, but the if()
tests were incomplete and unable to catch this case.
amosjeffries [Fri, 3 Aug 2007 08:16:59 +0000 (08:16 +0000)]
Add assert()s to validate state in Auth Digest
Coverity checker picked up a number of cases where casting might (rarely)
cause a NULL pointer and a dereference occured afterwards.
This patch adds several assert statements to cause squid to abort at the
source of these errors rather than segfault later.
No code logic has been changed in any way.
amosjeffries [Fri, 3 Aug 2007 08:11:17 +0000 (08:11 +0000)]
Add assert()s to validate state in Basic Auth
Coverity checker picked up a number of cases where casting might (rarely)
cause a NULL pointer and a dereference occured afterwards.
This patch adds several assert statements to cause squid to abort at the
source of these errors rather than segfault later.
No code logic has been changed in any way.
amosjeffries [Fri, 3 Aug 2007 08:07:34 +0000 (08:07 +0000)]
Add assert()s to validate state in Auth Negotiate
Coverity checker picked up a number of cases where casting might (rarely)
cause a NULL pointer and a dereference occured afterwards.
This patch adds several assert statements to cause squid to abort at the
source of these errors rather than segfault later.
No code logic has been changed in any way.
amosjeffries [Fri, 3 Aug 2007 07:57:30 +0000 (07:57 +0000)]
Add assert()'s to check for NULL pointers in NTLM auth.
Coverity checker picked up a number of cases where casting might (rarely)
cause a NULL pointer and a dereference occured afterwards.
This patch adds several assert statements to cause squid to abort at the
source of these errors rather than segfault later.
No code logic has been changed in any way.
amosjeffries [Fri, 3 Aug 2007 07:21:17 +0000 (07:21 +0000)]
Fix memory leaks in NTLM session helper RFCNB_Call(...)
Coverity checker identified that the connect structures were not being
free'd on any of the error cases.
This patch adds several calls to free(con) to prevent the leaks.
It also adds a call to close any partial connections properly when
RFCNB_Session_Req fails. Previously it would leave the open TCP
connection hanging and return a NULL pointer.
amosjeffries [Fri, 3 Aug 2007 04:58:15 +0000 (04:58 +0000)]
Add new section to squid.conf: ERROR PAGE CUSTOMISATION
Moves existing error page rerlated options from MISC section to their own.
Options moved are:
deny_info, error_directory, email_err_data, err_html_text
rousskov [Fri, 3 Aug 2007 01:32:22 +0000 (01:32 +0000)]
Partial bug #2034 fix: Inform BodyPipe of the body size when known.
This fix helps the ICAP client to detect aborts and to announce the end of the
HTTP message to the ICAP server.
A bigger problem is that the HTTP side is using the adapted response to make
decisions about the origin server connection. That bug still needs to be
fixed.
amosjeffries [Thu, 2 Aug 2007 08:52:01 +0000 (08:52 +0000)]
Coverity detected a code-path in helpers/ntlm_auth/SMB/ntlm_auth.c
that dereferences NULL credentials.
Added an assert to check for the condition in real-use.
Possibly need to add a default case to the switch on line 360.
amosjeffries [Thu, 2 Aug 2007 08:08:25 +0000 (08:08 +0000)]
Prevent manipulation of a pointer if it is NULL in NTLM auth.
Coverity checker detected.
AuthNTLMUserRequest::authenticate attempted to locate the auth header.
If there is no header resulting it would still attempt to scan its ptr
down the header text. This prevents the scanning occuring on NULL.
amosjeffries [Thu, 2 Aug 2007 07:52:01 +0000 (07:52 +0000)]
Fix memory leaks in MSNT session helper RFCNB_Call(...)
Coverity checker identified that the connect structures were not being
free'd on any of the error cases.
This patch adds several calls to free(con) to prevent the leaks.
It also adds a call to close any partial connections properly when
RFCNB_Session_Req fails. Previously it would leave the open TCP
connection hanging and return a NULL pointer.
rousskov [Thu, 2 Aug 2007 02:51:06 +0000 (02:51 +0000)]
Polished ICAP debugging so that users can see fatal ICAP service failures
(and not much more) at debug level 2. This may help identify why a service
is suspended.
rousskov [Wed, 1 Aug 2007 10:36:47 +0000 (10:36 +0000)]
Author: Henrik Nordstrom <henrik@henriknordstrom.net>
Bug #1872: Date parsing error causing HTTP objects to get unexpectedly cached
and fresh ICAP OPTIONS rejected.
Applied Henrik's patch from Squid2 patchset #11161. The bug was affecting ICAP
Options TTLs, marking some ICAP services with soon-to-expire options as being
down. Original patch text is below.
An unexpected and undesired sideeffect of the earlier change to accept dates
far in the future was that the date calculations suddenly got daylight savings
sensitive due to mktime() automatically adjusting the supplied date. This has the
unfortunate effect that if Squid is running in a timezone with daylight savings
things may get cached longer than they should.
rousskov [Wed, 1 Aug 2007 10:18:08 +0000 (10:18 +0000)]
Bug 2024 fix: Do not optimize StoreEntry::write call away for zero-size
data because StoreEntry::write invokes client-side handlers for response
headers, even if there is no body data to write.
rousskov [Wed, 1 Aug 2007 10:16:00 +0000 (10:16 +0000)]
Bug #2029 fix: When ICAP produces a response before the entire
virgin response is read, do not abort the transaction.
The code needed to be re-arranged to make sure that virgin response body
is not appended to the store when adapted body is written there. The
changes resulted in a cleaner code, where virgin data never enters the
store if ICAP adaptation was started, and adapted data is always
written to the store. More polishing work is needed here.