Alex Rousskov [Wed, 5 Feb 2014 18:04:47 +0000 (19:04 +0100)]
Fix keepalive handling for non-ranged requests.
Internal keepalive flag was ignored by a mismatched interface between ClientSocketContext::socketState
and writeComplete in the case of non-ranged requests.
Amos Jeffries [Sun, 2 Feb 2014 01:24:53 +0000 (18:24 -0700)]
Fix peerSelectDnsResults() IP address cycling
The local ip variable is the index of the IP address to be used.
Loop counter n is only used to prevent cycling indefinitely and should
not be used to access the array indexes.
Patch written by 'dim [1]' contributor to FreeBSD and imported to Squid
under FreeBSD license. see
http://svnweb.freebsd.org/ports/head/www/squid33/files/patch-include__Array.h
Amos Jeffries [Fri, 24 Jan 2014 01:57:15 +0000 (18:57 -0700)]
Enable -n command line option for non-Windows Squid builds
This command line option is used on Windows to name the service instance
of Squid being run and/or managed. At this point it still only has
useful effect on Windows, but can now be used by components on other
systems as well.
Show the running instance service name in cacehmgr and -v output.
Also remove _WIN_SQUID_DEFAULT_SERVICE_NAME macro which duplicated the
APP_SHORTNAME macro. This changes the Windows service name from Squid to
squid (lower case) on future Squid-3 for Windows.
When running Squid in SMP mode, the 'client_list' command cannot be used as the
coordinator doesn't call clientdbInit(), and thus doesn't have the client_list
action registered.
This patch uses RegisteredRunner to initialize clientdb and register the
'client_list' command
Doug Dixon [Mon, 20 Jan 2014 10:43:03 +0000 (23:43 +1300)]
Bug 1202 part 1: documentation and debugs for refresh_pattern algorithms
This contains only the code documentation and debugs changes as relevant
to the current code. Some which are only relevant to the new code from
that bug patch have been omitted.
It omits all logic changes and function renaming changes.
Amos Jeffries [Mon, 20 Jan 2014 01:20:40 +0000 (14:20 +1300)]
Set error page Content-Type character set to UTF-8
This fixes issues with some user agents displaying non-English / ASCII
error page translations. Our translation system uses and produces UTF-8
templates for the langpack content.
It also encourages UTF-8 usage in third-party error pages.
Amos Jeffries [Mon, 20 Jan 2014 01:11:58 +0000 (14:11 +1300)]
cachemgr: Enable per-report Content-Type header
The default for all reports is plain text in UTF-8.
NOTE: UTF-8 selected because although current reports limit themselves
to ASCII character ranges, some reports may contain text pulled from the
protocol transferred and UTF-8 display covers most unexpected cases.
Amos Jeffries [Fri, 17 Jan 2014 11:44:26 +0000 (03:44 -0800)]
Fix external_acl_type async loop failures
When externa_acl_type uses %LOGIN and is required to trigger async
authentication lookups it returns and hits the async loop prevention
check when starting to trigger its own external helper lookup. This
results in a DUNNO output from the helper as final status instead of
the real helepr lookup result.
Avoid these by allowing async helpers to loop several times before
aborting the lookups.
Also, extend debug message to indicate loop count.
Thanks to Peter Benko for trackign down the issue and testing solutions.
Amos Jeffries [Wed, 15 Jan 2014 02:11:05 +0000 (15:11 +1300)]
Cleanup: Fix StoreIOBuffer initialization cases
When StoreIOBuffer isconstructed with an invalid (negative) size for the
content data mark it as an error immedately and set a valid length of
zero bytes.
Also, remove some unnecessary code in store_client.cc resulting.
This patch investigates the Ipc::MemMap class which is a shared cache with
timeouts for use with squid SMP.
TODO: Ipc::MemMap class has similar interfaces and functionality with the
Ipc::StoreMap class. These two classes should implemented as kid classes of
an Ipc::SharedCache class which encompass features from Ipc::MemMap and
Ipc::StoreMap classes.
Amos Jeffries [Sun, 5 Jan 2014 20:19:06 +0000 (12:19 -0800)]
Disable error page translation by default in builds
There is no need for every build from VCS to have fresh translations.
Enable explicitly for snapshot and release scripts instead so that
translated template files are still available online and pre-translated
in the distributed packages.
Amos Jeffries [Sun, 5 Jan 2014 19:49:23 +0000 (11:49 -0800)]
Cleanup: remove ClientSocketContextNew() wrapper function
This wrapper function for the ClientSocketContext default constructor
is better performed as an explicit parametered constructor which
prevents accidental use of the default constructor leading to invalid
state after creation (a context always requires connectino and parent
pointers).
Amos Jeffries [Wed, 8 Jan 2014 04:29:04 +0000 (21:29 -0700)]
Cleanup: remove useless makesnmplib variable from build
Squid coding guidelines require automake variables to use naming pattern
ENABLE_* and there is already ENABLE_SNMP defined with intended overlap
of usage. We can drop this unusual variable completely.
Alex Rousskov [Mon, 6 Jan 2014 20:55:13 +0000 (13:55 -0700)]
Centrally destroy all explicit and implicit ACLs to avoid destruction segfaults
during reconfiguration.
Group ACLs created later may use other ACLs created earlier and vice versa, a
group ACL created earlier may use other ACLs created later. The latter is
possible when an ACL (e.g., A2 below) is declared when the group already
exists:
acl A1 src 127.0.0.1
acl Group all-of A1
acl A2 src 127.0.0.2
acl Group all-of A2
Thus, the group (i.e., InnerNode) ACL destructor may access already deleted
children regardless of the global ACL deletion order (FIFO or LIFO with
respect to ACL creation). Instead of relying on the deletion order to protect
InnerNode, we remove the InnerNode ACL destructor completely and rely on a
global set of registered ACLs to destroy all ACLs.
The old code was destroying all explicit ACLs in the same centralized fashion.
We now add implicit ACLs (commonly used by InnerNodes) to the centralized
destruction sequence. We added a new destruction-dedicated container to avoid
messing with the by-name ACL search that Config.aclList global is used for.
This new container will become unnecessary once we start refcounting ACLs.
Amos Jeffries [Sun, 5 Jan 2014 02:56:31 +0000 (18:56 -0800)]
Add logformat code %>rd to log client URL domain name
Logging the Host header or the full URL have been the only ways to log
the domain name requested by the client. However full URL may contain
far too many unwanted bytes and Host header many contain a host:port
very different to the URL.
Alex Rousskov [Wed, 1 Jan 2014 20:13:23 +0000 (13:13 -0700)]
Initial Large Rock and Collapsed Forwarding support.
Large Rock: Support disk (and shared memory) caching of responses exceeding
one db slot (or one shared memory page) in size. A single db slot/page size is
still limited to 32KB (smaller values can be configured for disk caches using
the newly added cache_dir slot-size option). Removal of old rock cache dir
(followed by squid-z) is required -- the on-disk db structure has changed.
Collapsed Forwarding: Optionally merge concurrent cachable requests for the
same URI earlier: After the request headers have been parsed (as before), but
now _before_ the response headers have been received. Merging of requests
received by different SMP workers is supported. Controlled by the new
collapsed_forwarding directive in squid.conf. Disabled by default because all
but one of the merged requests have to be delayed (until the response headers
are received) for the merging to work, which may be worse than forwarding all
concurrent requests immediately. The overall feature idea and request
eligibility conditions are based on Collapsed Forwarding in Squid2.
Summary of other important changes (merged branch log contains the details):
* Tightened StoreEntry locking. Split StoreEntry::lock() into "just lock" and
"update entry reference time" interfaces, addressing an old XXX. Improved
entry lock/unlock debugging. Needs more work.
* Adjusted StoreIOState::write() API to allow callers detect write errors.
* Simplified MemObject::write() API to remove an essentially unused callback.
* Mark client streams that sent everything as STREAM_COMPLETE. The old code
used STREAM_UNPLANNED_COMPLETE if the completed stream was associated with a
non-persistent connection, which did not make sense to me and, IIRC, led to
store entry aborts even though the entries were not damaged in any way.
* mem_hdr::hasContigousContentRange() now returns true for empty ranges.
* Support "appending" ReadWriteLock state that can be shared by readers and
the writer. The writer promises not to update key metadata (except growing
object size and next pointers) and readers promise to be careful when
reading growing slices.
* Fixed StoreEntry::mayStartSwapOut() logic to handle terminated swapouts.
* Improved STORE_MEM_CLIENT detection and documented known (and mostly old)
StoreEntry::storeClientType() problems.
* Removed StoreEntry::hidden_mem_obj hack.
* Polished StoreEntry debugging to report more info, less noise. Use e: prefix.
* Added a script to extract store entry(ies) debugging from cache.log.
Alex Rousskov [Fri, 27 Dec 2013 18:37:26 +0000 (11:37 -0700)]
Updated tests/testRock and the store rebuild stubs it needs.
Synced tests/testUfs after updating the store rebuild stubs.
Store uses StoreController::store_dirs_rebuilding to decide whether the entry
release should be delayed. Thus, storeRebuildComplete() must update it. Also
synced the corresponding CPPUNIT_ASSERT_EQUAL() statements to expect a zero
value after the rebuild is completed.
Do not create an entry just to get its key: Creating forces a public key which
necessarily invalidates the previously cached entry with the same key, if any.
Unlock unused entries. This helps with their release later (and adds more
realism to the test case).
Fixed entry #5 test case to account for the fact that creating a second entry
with the same public key invalidates the first entry.
Release instead of just unlinking entries. StoreEntry::release() is the public
interface which updates internal tables as needed. StoreEntry::unlink() is an
internal call for updating the disk cache-related state; it does not update
the the in-transit index.
Alex Rousskov [Mon, 23 Dec 2013 05:26:23 +0000 (22:26 -0700)]
Bug 3806: Caching responses with Vary header
Various fixes making Vary caching work better.
More work is needed to re-enable shared memory caching of Vary responses.
bag5s r12741: Do not start storing the vary marker object until its key becomes public.
bag5s r12742: Log failed (due to "Vary object loop" or "URL mismatch") hits as TCP_MISSes.
bag5s r12743: Refuse to cache Vary-controlled objects in shared memory (for now).
Jakob Bohm [Sat, 21 Dec 2013 17:31:59 +0000 (09:31 -0800)]
Bug 3985: 60s limit introduced by balance_on_multiple_ip breaks bad IP recovery
Alternative fix if necessary would be to calculate a dynamic timeout
value based on number and timeouts for connections and forwarding.
However, as noted in the bug report the address markings are reset every
TTL when the stored RR are replaced. This meets the criteria for periodic
retries of marked-BAD IPs. Also if all IPs are marked BAD they all get
un-marked and retried. So for now just remove the TTL hack.
Amos Jeffries [Sat, 21 Dec 2013 04:54:54 +0000 (20:54 -0800)]
Fix \-unescaping in quoted strings from helpers
strwordtok() was unescaping '\' values in unquoted tokens. This causes
problems with NTLM helper response user\DOMAIN values which are sent as
a un-quoted un-escaped value.
Restrict un-escaping of '\' to only occur when inside "quoted" words.
Amos Jeffries [Fri, 20 Dec 2013 11:34:44 +0000 (03:34 -0800)]
WCCPv2: fix assertion 'Cannot convert non-IPv4 to IPv4' on FreeBSD
FreeBSD does not set the from-address on recv() if there was an error
reading the packet. This can result in Ip::Address assertion if the
error is not checked for before the IP address is mapped into Squid
internal format.
Alex Rousskov [Wed, 18 Dec 2013 17:19:00 +0000 (10:19 -0700)]
Added send_hit and store_miss squid.conf directives
to control caching of responses using response info.
The existing "cache" directive is checked before Squid has access to the
response and, hence, could not use response-based ACLs such as http_status.
Response-based ACLs may be essential when fine-tuning caching. Squid Bug 3937
(StoreID can lead to 302 infinite loop) is a good use case.
Updated old "cache" directive documentation to provide more information, to
help folks distinguish the three related directives, and to polish for
clarity.
TODO: Support lookup_hit and possibly deprecate/remove "cache".
projects / thirdparty / squid.git / log
