wessels [Tue, 5 Dec 2000 17:10:57 +0000 (17:10 +0000)]
A number of CARP bug fixes.
peer->carp.hash was an unsigned long, but the spec requires 32-bit math
on integers. Since longs are known to sometimes be 64-bits, its safer
to use unsigned int.
peer->carp.load_factor was a float, but its better to use double to
be consistent with other floating point functions and variables.
In parse_peer() I'm concerned that *token could be signed, so its
now casted to unsigned int.
In parse_peer() there is a bug in calculating the proxy hostname hash.
On the final ROTATE_LEFT, it should be "=" rather than "+=".
In carpInit() pay special attention to int/double conversion bugs
and passing ints to functions that expect doubles.
In carpInit() there is a bug with the value of "k". In the loop,
k needs to be incremented *before* its used. The internet-draft
begins with k=1, so the first time through the loop k should equal 2.
Added "carp" to cache manager for info and debugging.
I think there are still two bugs: (1) the draft says the multipliers
must be calculated in order of smallest to largest factor. We don't
do that yet. (2) the 'score' calculation needs to be converted to
double when we multiply by the multiplier. Otherwise there will
be overflows since the multiplier can be greater than 1.
wessels [Tue, 5 Dec 2000 16:11:24 +0000 (16:11 +0000)]
Argh, that last patch to src/store_dir.c is bogus. sd->log.clean.done
will never be NULL, it's sd->log.clean.state that's the problem.
Also, this way I get to fix it in four files, not just one.
wessels [Tue, 5 Dec 2000 15:55:47 +0000 (15:55 +0000)]
parse_peer() was checking for a self-configured peer, but its not
safe to call getMyHostname() before we parsed the whole config
file. Therefore, I moved this check into neighbors_open().
adrian [Mon, 27 Nov 2000 07:03:33 +0000 (07:03 +0000)]
Handle cancelled reads. diskdstate->flags_closing is now set and cleared
when a FD is opened and closed, and during storeDiskdReadDone() the
copy and callback are only made if the callbackdata is valid.
This differs from before where the copy would always take place, but
the callback would only occur if the callbackdata was valid.
Note that I'm assert()ing that flags_closing == 0 if the callbackdata is
valid. If this ever gets triggered, I think we have another problem ..
adrian [Sat, 25 Nov 2000 23:02:14 +0000 (23:02 +0000)]
few changes to fix for XMALLOC_DEBUG:
- check_free shouldn't be called with a NULL pointer
- I needed to increase DBG_ARRY_SZ to handle larger alloc count
(perhaps should we use realloc here to grow dynamically?)
- cf_gen.c used inconsitently alloc funcs: xcalloc() but free(),
resulting in check_free() to assert during make using cf_gen
adrian [Sat, 25 Nov 2000 21:51:04 +0000 (21:51 +0000)]
Replace safe_free() with the appropriate memFree() now that these two
objects are from memory pools. (I believe it was me who converted them
initially, but missed this..)
wessels [Wed, 22 Nov 2000 04:14:44 +0000 (04:14 +0000)]
Everywhere where Squid inserts text received from the network into
a HTML page (error pages, FTP listings, Gopher listings, ...) care
must be taken to ensure that the text is properly encoded as HTML,
or a malicious user might be able to insert script code or other
HTML tags, and exploit the web browser of any user visiting their
page or clicking on that funny link received in a email..
adrian [Sat, 18 Nov 2000 17:46:32 +0000 (17:46 +0000)]
Don't return NULL in createRemovalPolicy() if there is no match for
the given policy type. None of the FS code handles this correctly,
and it was causing SIGSEGVs when a cache_replacement_policy was not
set in squid.conf, defaulting to lru, and lru was not compiled in.
We now warn very loudly and die with an error. cache.log will tell the
user to check cache_replacement_policy and memory_replacement_policy
in their squid.conf file.
adrian [Wed, 15 Nov 2000 20:01:53 +0000 (20:01 +0000)]
Fixed the internal URL code to obey appendDomain for internal
objects if it needs appending. This fixes weirdnesses where
a machine can think it is "foo.bar.com", and "foo" is requested.
wessels [Wed, 15 Nov 2000 09:32:53 +0000 (09:32 +0000)]
DW:
- My recent clientLifetimeTimeout addition causes a memory leak because
cbdata was locked, but never unlocked if the timeout never happens.
Maybe its safe enough to assume that if the FD is open, and the
timeout triggers, that 'http' is valid.
adrian [Fri, 10 Nov 2000 16:04:50 +0000 (16:04 +0000)]
Store rebuild double-check cleanup by Robert Collins, slightly altered
by me.
This code implements a two-tiered doublecheck - -S reportonly which warns
for mismatched file lengths, and -S force which will unlink files which
fail a doublecheck. Actual file unlinking is also implemented now, so when
a double check is performed, it will actually clean up the cache store.
wessels [Fri, 10 Nov 2000 01:21:27 +0000 (01:21 +0000)]
DW:
- Rewrite of much of refreshCheck().
This was prompted by a bug report that we didn't properly handle the
must-revalidate directive. Indeed, we always caused a refresh
for must-revalidate. The spec says must-revalidate only takes effect
for stale responses.
I find the spec to be unclear on how to handle must-revalidate without
an explicit expiration time. Currently, if we have a response
that has must-revalidate, no expires, but the last-modified factor
rule says the reponse is fresh, then we don't force a validation.
Also added support for the max-stale request directive.
I changed some of the internal accounting to use status codes. In the
future it may be useful to have a "refresh.log" file so people can
figure out why a particular request got validated, or didn't.
wessels [Thu, 9 Nov 2000 03:22:16 +0000 (03:22 +0000)]
DW:
- Two bugs with yesterday's date parsing changes. (1) Need to incrment
past "," after strchr(), and (2) struct tm tm needs to be static
in parse_date2().
wessels [Wed, 8 Nov 2000 06:43:15 +0000 (06:43 +0000)]
Radu Greab (radu@netsoft.ro):
- If an AS contains networks with mask 0, when trying to view the
AS Number Database squid enters into an infinite loop. The patch
below fixes the problem.
wessels [Wed, 8 Nov 2000 06:37:35 +0000 (06:37 +0000)]
DW:
- Changes prompted by bug report that "Wed Aug 9 11:36:06 2000" could
not be parsed. The parse_rfc1123() code assumed there was an extra
space after Aug and before "9".
This change breaks the parsing into smaller functions to make the
code easier to read and understand.
I changed parsing of the "third" date format (asctime()) to use
a buffer copy and strtok. This makes it more flexible. For example,
we don't have to require strlen(s) < 24.
hno [Sun, 5 Nov 2000 06:04:09 +0000 (06:04 +0000)]
Cross-site scripting fixes by Robert Collins and Henrik Nordstrom
Everywhere where Squid inserts text received from the network into
a HTML page (error pages, FTP listings, Gopher listings, ...) care
must be taken to ensure that the text is properly encoded as HTML,
or a malicious user might be able to insert script code or other
HTML tags, and exploit the web browser of any user visiting their
page or clicking on that funny link received in a email..
wessels [Sat, 4 Nov 2000 00:03:54 +0000 (00:03 +0000)]
DW:
- A fix for problems relating to large DNS replies. RFC 1035 says
that DNS/UDP messages must be 512 octets or less. Some servers
(BIND on OS/2) are sending larger packets, but Squid was only
reading the first 512 octets. This could cause buffer overruns
in rfc1035.c.
This patch changes recv() to use the maximum UDP socket buffer
size. However, if we get a large reply we tell rfc1035.c that
we only got 512 octets. Thus, its a little safer if that code
has bugs and reads past 512.
wessels [Fri, 3 Nov 2000 23:43:58 +0000 (23:43 +0000)]
DW:
- If we discover a truncated packetin the middle of unpacking
a resource record, we need to zap RR fields that were already
unpacked. Otherwise we can end up with RR->class = RFC1035_CLASS_IN,
RR->type = RFC1035_TYPE_A, and RR->rdlenght = 0.
wessels [Thu, 2 Nov 2000 04:48:16 +0000 (04:48 +0000)]
DW:
- replacement should use SwapDir high/low values, not the global ones.
Made this patch for diskd some time ago, but never duplicated the
patch in all the other fs duplicated code.
adrian [Tue, 17 Oct 2000 14:06:01 +0000 (14:06 +0000)]
Andres Kroonmaa's MemPool tidyup, take 1. Take a whole bunch of
xmalloc/xcalloc's and replace them with mempool'ed versions of
things. Not everything has been converted, but this is a start.
Notable weirdnesses are:
* aufs - there are now a few pools which are used for string allocation
for things like object paths. This might not be the most optimal
solution but its better than what existed.
* pconn.c - an initial pconn FD set is mempool'ed, and if the pconn set
grows bigger than PCONN_FD_SZ it changes to xmalloc()
* client_side.c - the incoming request buffer is now initially mempooled,
of size CLIENT_REQ_BUF_SZ (4096 bytes atm). If it needs to grow, it
changes to xmalloc()
wessels [Fri, 13 Oct 2000 12:35:05 +0000 (12:35 +0000)]
DW:
- We have to test the bit before calling file_map_bit_reset.
file_map_bit_reset doesn't do bounds checking. It assumes
filn is a valid file number, but it might not be because
the map is dynamic in size. Also clearing an already clear
bit puts the map counter of-of-whack. Damn, been looking
for that bug for a long time.
wessels [Wed, 11 Oct 2000 00:15:30 +0000 (00:15 +0000)]
DW:
- My change to eliminate stdio from net_db.c sucked. It leaked memory,
and it had awkward buffer offset junk. Its probably better to
use the logfile.c code, which unfortunately requires a change
to logfileOpen(). Previously the logfile code exited with
a fatal message if there was an error opening or writing the
file. For netdb we don't care that much, so I added a "fatal"
flag to logfileOpen().
wessels [Tue, 10 Oct 2000 08:22:25 +0000 (08:22 +0000)]
DW:
- I get coredumps in free() with CommWriteStateCallbackAndFree sometime.
Not sure if there is a bug here, but it seems like that code could
lead to double-freeing the buffer. This change makes it safer by
NULL-ing the free_func before freeing the buffer.
wessels [Tue, 10 Oct 2000 08:10:42 +0000 (08:10 +0000)]
DW:
- Changed "WARNING: swapin MD5 mismatch" logging so that it is printed
only on powers of ten, just like "ignored XX replies non-peer"
messages in neighbors.c.
wessels [Tue, 10 Oct 2000 00:37:10 +0000 (00:37 +0000)]
DW:
- in storeClientReadHeader I see no reason to stay in the loop checking
swap header values when we find a mismatch. Currently every
bad swapfile is displaying both MD5 mismatch and URL mismatch.
wessels [Fri, 6 Oct 2000 11:12:35 +0000 (11:12 +0000)]
DW:
- In lru_remove(), it seems to be possible for an entry to exist
in the hash but not be in the LRU list, so check for that case
rather than suffer a NULL pointer access.
wessels [Thu, 5 Oct 2000 00:25:35 +0000 (00:25 +0000)]
Takahiro Kambe <taca@kyoto.jepro.co.jp>:
- I compiled squid 2.3STABLE4 and found that three error documents
weren't translated in Japanese. And I found a missing translation
in the Japanese error document which I sent in 2.3STABLE2 days.
So I'll send those document now. I've attached the translated
files.
wessels [Thu, 5 Oct 2000 00:23:57 +0000 (00:23 +0000)]
Dan Larsson <root@tyfon.net>:
- The error template ERR_TOO_BIG is missing in the swedish errors.
I've translated the english version from Squid-2.3STABLE4.
wessels [Wed, 4 Oct 2000 23:09:24 +0000 (23:09 +0000)]
"Nguyen, Hai" <hnguyen@websense.com>:
- If a redirector returns 301/302 Squid would ignore the new Location
if the original URL is a cache hit. So, we need to force all
301/302 redirects to be cache misses.
wessels [Wed, 4 Oct 2000 21:32:13 +0000 (21:32 +0000)]
DW:
- Fixed range_offset_limit, again. The problem this time is that
client_side.c wouldn't set the we_dont_do_ranges flag for normal
cache misses. It was only being set for requests that might
have been hits, but we decided to change to a miss. I moved half
of clientCheckRangeOffsetLimit into HttpHdrRange.c and called
it httpHdrRangeOffsetLimit. The other half stays in client_side.c
but is now called clientCheckRangeForceMiss. Also removed the
confusing we_dont_do_ranges flag.
wessels [Wed, 4 Oct 2000 08:18:48 +0000 (08:18 +0000)]
DW:
- log SSL status codes in access.log. Since ssl.c doesn't know about
HttpReply or MemObject, the least ugly way to do this seems to be
passing a pointer to the HTTP status variable.
projects / thirdparty / squid.git / log
