git.ipfire.org Git - thirdparty/squid.git/log

Bug #1238: Explain the login= cache_peer option more clearly

$(RM) is not automatically defined on BSD make, so hardcode 'rm
-rf' instead

Bug #1216: 2.5.STABLE8-RC2 enhanced cache.log : httpProcessReplyHeader message

Forward port of 2.5 patch.

Bug #1234: util.c:612: xstrndup: Assertion `n' failed.

Forward port of 2.5 patch.

Bug #1154: Disable Path-MTU discovery on intercepted requests

This patch adds a disable-pmtu-discovery option to http_port directive
allowing one to disable Path-MTU discovery on accelerated requests.

Based on 2.5 patch.

Bootstrapped

Added configure test to see if -lepoll is available when using --enable-epoll:

-lepoll is not needed (and may be not present) on kernel 2.6 platforms
with newest glibc, but may be needed on systems updated from 2.4 to 2.6
kernel still using old glibc.

Bug #1178: ufsdump will not compile with --enable-epoll configure option

usfdump doesn't depend from comm_epoll.cc

With this patch the selection of epoll during configure is now similar to
other comm loops type.

Bootstrapped

Missing ufsdump source file dependency

Bug #1226: Improve password handling in FTP gatewaying

Forward port of 2.5 patch

Forward port of all latest 2.5 changes

Bugfix another typo

Bugfix a cut & paste typo

Check for errors on signal()

Kill unused opt_accel_uses_host global.

Bug #1209: Squid 3.0 segfaults when requesting mgr:config

Patch from Gonzalo Arana

Bug #1225: WCCP easily disturbed by forged packets

Forward port of 2.5 patch.

Fixed some trivial indentations bugs making the document somewhat hard
to follow

Bug #1187: Usernames with whitespace

Add sanity checks on LDAP user names

Forward port of 2.5 patch.

Bug #1181: missing %EXT_USER in tag external_acl_type in squid.conf.default

Reported by Gonzalo Arana

Bug #1194: FTP data connection fails on some FTP servers when requesting
directory without a trailing slash

This patch simplifies FTP data connection management to always reopen a
new connection after a failed FTP request.

Forward port of 2.5 patch.

Bug #1217: Buffer overflow in WCCP recvfrom() call

The length argument of the WCCP recvfrom() call is
larger than it should be. An attacker may send a
larger-than-normal WCCP packet and overflow a buffer.

Reported by the FSC Vulnerability Research Team

Bug #1189: buffer overflow bug in gopherToHTML()

Yet another buffer overflow bug in gopherToHTML(). This one is similar
to others already found and the same solution is used. If a potential
overflow is detected, the excess input is simply lost.

Forward port of Duane's 2.5 patch.

Bug #1190: Denial of service with forged WCCP messages

WCCP_I_SEE_YOU messages contain a 'number of caches' field which
should be between 1 and 32. Values outside that range may
crash Squid if WCCP is enabled, and if an attacker can
spoof UDP packets with the WCCP router's IP address.

This patch drops and logs WCCP_I_SEE_YOU messages if the number of
caches is less than 1 or greater than 32.

Forward port of Duane's 2.5 patch.

Bug #1212: helper leak on squid -k reconfigure

HelperShutdown does not actually shutdown any helper.
The problem was originated during the forward port of fixes from bug #1118.
This patch also adds a debug message "shutting down".

Reported by Gonzalo Arana

Correct memory_pools_limit description given the current default
of 5 MB.

Bug #1136: Internal DNS sometimes truncates host names in reverse (PTR)
lookups

Compressed hostnames was not dealt with proper, only saving the data of
the initial string + 2 bytes.

Bug #1197: DNS related memory leak on certain malformed DNS responses

Backed out previos patch: wrong patch description

Bug #1136: Internal DNS sometimes truncates host names in reverse (PTR)
lookups

Compressed hostnames was not dealt with proper, only saving the data of
the initial string + 2 bytes.

Bug #1203: Icons are broken in non-anonymous FTP when using the short_icon_urls option

Replaced by rfc2756.txt

Kill netmask guessing in IP based ACLs. If netmask is not specified
assume a /32 mask.

Imported ICP and HTCP documentation

Imported HTCP and ICP documentation

Microsoft draft documenting the Negotiate authentication scheme and
related extensions for connection pinning

rfc2227.txt
        Simple Hit-Metering and Usage-Limiting for HTTP

rfc2518.txt
        HTTP Extensions for Distributed Authoring -- WEBDAV
        Numerous extension methods to HTTP

CGI and ICAP specifications

Imported RFC and I-D documents relevant to HTTP proxies

Cleanup to follow the general style

Fix RemovalPolicySettings() to properly initialize it's members

checkRunningPid() may be called when debug_log is already initialized

Bootstrapped

MinGW needs NULL definition when building libTrie

On native Windows mkdir() accept only one argument

MSVC fixup:

Changes developed during latest code sprint allowing
the build with MS Visual Studio 2005 beta 1:

- log() needs type casting
- abs() needs type casting
- Splay<> template fix
- type casting for ESI tag
- getpagesize() prototype is not defined in all Windows
build environment
- Windows specific type casting for recv() and send()
- strchr() on Windows doesn't like username() as argument

MSVC fixup:

Allow build of GNUregex lib with MS Visual Studio 2005

Windows native support for ARP acls

Supported build platforms:

Cygwin
MinGW + Msys
MS Visual Studio 2005

mark Store::Root() as inline, and remove a duplicate store lookup from neighbours.cc

Allow the build with --enable-icmp and --enable-htcp configure options.

Fixed missing inclusion of Parsing.h in Delay Pools

Bootstrapped

Merge in current state of store refactoring work. The search method has been
fully implemented for all current store types.

Patches applied:

* robertc@squid-cache.org--squid/squid--store-interface--3.0--base-0
   tag of robertc@squid-cache.org--squid/squid--HEAD--3.0--patch-516

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-1
   merge in the diskio logic cleanup we depend on

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-2
   setup a unit test environment for store.cc

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-3
   merge from HEAD

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-4
   start formal store interface refactoring, moving stat into the Store hierarchy

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-5
   make SwapDirs reference counted, test StoreControllers new methods

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-6
   move storeDirInit to be just the virtual init method on Store

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-7
   nuke Config.Swap.maxSize for calls to Store::Root().maxSize()

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-8
   migrate Reference and dereference to StoreController

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-9
   make store maintenance a top level Store api call

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-10
   move storeDirUpdateSize to Store interface

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-11
   move store creation into the Store API

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-12
   move storeDirSync into the Store API

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-13
   more INDEXSD nuking, and push the swapdir aspects of store statting into SwapDir

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-14
   more INDEXSD nuking. move SwapDir.low_size to a minSize() query

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-15
   another INDEXSD removal, storeDirCallback folded into the Store API

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-16
   correct logic error in StoreController::Callback from previous changes

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-17
   storeUnlink -> StoreEntry::unlink

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-18
   snapshot, beginning the introduction of a separate HashIndex store layer

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-19
   clean up store entry construction a little

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-20
   setup Ufs testing harness

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-22
   make RemovalPolicySettingsa class

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-23
   make testUfs use a real UFSSwapDir

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-24
   testUfs should clean up after it succeeds

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-25
   merge from HEAD

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-26
   wave enough dead chickens that we can set a store object to public

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-27
   get testUfs to put an object in the store successfully

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-28
   get testUfs to save clean log state

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-29
   let rebuild work fully on testUfs, so we can start adapting RebuildState to being a StoreSearch

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-30
   implement basic search for UFSSwapDirs

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-31
   check UFS search iteration stops

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-32
   convert RebuildState to CDBATA_CLASS2

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-33
   switch from log based searching to replacement policy based searching for UFSSwapDirs

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-34
   rename variable s to swapData in UFS restore from directory routine

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-35
   store rebuilds need to check for duplicates across the entire store.

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-36
   start testing COSS - store creation for starters

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-37
   make StoreSearch a header of its own, and implement search(NULL,NULL) for COSS

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-38
   start testing the Null store type

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-39
   implement null store search(NULL, NULL)

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-40
   remove a couple of unneded SwapDir.h includes

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-41
   move search one level up in the Store hierarchy

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-42
   test the rudiments of StoreHashIndex

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-43
   move hash initialisation into StoreHashIndex::init

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-44
   oops, forgot new files

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-45
   implement search for StoreHashIndex

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-46
   void * apis suck badly. fix a casting problem with destroyStoreEntry

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-47
   implement search for StoreController

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-48
   convert store object statting to use the StoreSearch api

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-49
   convert cache digests to the store search api

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-50
   convert store cleanup callback to use the store api

* robertc@squid-cache.org--squid/squid--store-interface--3.0--patch-51
   merge from HEAD

TIOCNOTTY is not available on all platforms (OpenBSD 3.6 is one)

One more #ifdef is needed.

Bootstrapped

Dont mess up cppunit COPYING & INSTALL files on bootstrap

hno@squid-cache.org--squid/autotools--killgenerated--3.0--patch-8

Ignore generated documentation files

Cosmetic workaround for autoconf not inheriting --silent when running
configure in subdirectories

Kill unused variable

Bug #1177: Don't close all "other" filedescriptors

Currently when Squid is started it forcibly closes all "other" filedescriptors
other than stdin/stdout/stderr. While this is a reasonable security precaution
to clean up filedescriptor leakage from the caller it crashes some SSL libraries
and possibly other functions which opens internal filedescriptors on startup or
while the configuration is parsed.

It also causes problems for daemontools or other service monitors monitoring
the daemon by keeping a unused pipe open to the daemon process.

Bug #495: Connect timeout should produce a 504 or 503

patch forwardported to squid-3 by charles bruneteau

Bug #1174: acl based access logging causes assertion failure "!finished() && !asyncInProgress()" (ACLChecklist.cc::markFinished)

libtool cfgaux moved into cfgaux

Bootstrapped

And fix libtool bootsatrapping of cppunit as well

Bootstrapped

And use the found libtool version..

Search for proper libtool versions

Bug #1149: segfault on mgr:vm_objects

Forward port of 2.5 patch

cherry pick bugfix: cannot close all file descriptors from store refactoring work

Build fails on Linux and FreeBSD (and probably on all others platforms)
with --enable-forw-via-db configure option:

Correct type casting is needed.

Fix for a wrong configure warning on Solaris 9 x86 when enabling ARP ACl support:

The effective host type is i386-pc-solaris2.9

Bootstrapped

Bug #1172: Strategised ACLs were not being called for replyRequired.

note minimum_expiry_time for ESI environments

Bug #1173: assertion failure: cbdata.cc:402 "c->locks > 0"

patch by Gonzalo Arana

Bug 954: Segment violation when using a blank user name in digest authentication

Forward ported by Kinkie

minumum_expiry_time directive

        The minimum caching time according to (Expires - Date)
        Headers Squid honors if the object can't be revalidated
        defaults to 60 seconds. In reverse proxy enorinments it
        might be desirable to honor shorter object lifetimes. It
        is most likely better to make your server return a
        meaningful Last-Modified header however.

by Thomas Ristic <thr@bootet.net>

Bootstrapped

Fix client db scheduling logics - Forward port of 2.5 fix.

Bug #707: Added functionality to query the origin server for IMS requests.

Original 2.5 STABLE3 patch from Brian.

This adds two new config options:

1. refresh_all_ims (on/default off) will force all IMS queries to pass
through to the origin server (or parent cache).
2. refresh_patterns have a refresh-ims option, which does the same, but on a
more selective level.

:wq

Bug #1168: Forward port of 2.5 patch for handle crashing helpers more gracefully

bug# 1118: Squid sends requests to redirectors with shutdown flag on

Incremental Patch

Bug #1118: Squid sends requests to redirectors with shutdown flag on

Bug #1170: Don't install cppunit on "make install"

Bootstrapped

Bug #1167: Cannot build ARP ACL support on FreeBSD 5.3 with gcc 3.4.2

On FreeBSD gcc 3.4.2 doesn't like the following code:

(char *) sdl = (char *) sin + ROUNDUP(sin->sin_len);

fix ufsdump to link again...

Bug #1041: assertion failed: comm_epoll.cc: assert(F->flags.open)

Patch by Gonzalo Arana

Bug #874: rough port of the http_reply_header_size functionality

gcc 3.4.2 fixes from Henrik

change automake --force to -f - different automakes use different long versions

Bug #944: Fails to compile on openbsd etc.

There is several platforms where malloc.h SHOULD NOT be used even if
it exists, other platforms where it must be used..

In additions a few minor stupidities.

Bug #1165: Fix type error for diskd on openbsd

use force and copy with automake to ensure that version upgrades are smooth

Bug #639: merge in Leeaan Bent's fix.

Autoconf and bootstrap cleanups from hno

Bootstrapped