This patch add the %tS logformat code to represent master transaction start time
in <seconds>.<milliseconds> format, similar to the existing access.log "current
time" field (%ts.%03tu).
Also allow formated values for adaptation_meta values.
Alex Rousskov [Mon, 2 Dec 2013 00:36:24 +0000 (17:36 -0700)]
Documented that ACLs should be refcounted.
Refcounting would avoid ACL destruction problems (when some ACLs use other
ACLs or when an ACL goes async during reconfigure) and may even reduce
problems with AclMatchedName.
Alex Rousskov [Mon, 2 Dec 2013 00:35:50 +0000 (17:35 -0700)]
Destroy ACLs in the reverse order of creation to avoid destruction segfaults
during reconfiguration.
Group ACLs created later may use other ACLs created earlier. A group ACL must
be deleted first so that its AclDeleter can safely access registration status
(and avoid double deletion) of the ACLs it uses. Since ACLs are remembered (in
Config.aclList) using a singly-linked list, it is difficult to change their
deletion order. Instead, we change their listing order from FIFO to LIFO.
Amos Jeffries [Sun, 1 Dec 2013 07:24:58 +0000 (00:24 -0700)]
Portability: std::string:npos is not always appropriate for String::npos
On some systems such as Windows MinGW the signed/unsigned property of
std::string::npos does not match up with the Squdi String class size_type
signed/unsigned property. Resulting in compiler signed vs unsigned
mismatch errors when compiling.
Nathan Hoad [Fri, 29 Nov 2013 23:26:03 +0000 (16:26 -0700)]
Bug 3972: Segfault when getting the deny info page ID after a reconfigure
Older ACL code was using a stale AclMatchedName value. More recent code resets
the AclMatchedName global to NULL to avoid leaking the stale value, but that
may crash strcmp() in aclGetDenyInfoPage(). Long-term, the global should be
removed, of course.
Alex Rousskov [Fri, 29 Nov 2013 19:47:54 +0000 (12:47 -0700)]
Support libecap v1.0, allowing asynchronous adapters and eCAP version checks.
After these changes, Squid can support eCAP adapters built with libecap v1.0,
but stops supporting adapters built with earlier libecap versions (due to API
changes). The new libecap version allows Squid to better check the version of
the eCAP adapter being loaded as well as the version of the eCAP library being
used. This should help with migration to libecap v1.0.
Expose [running] main event loop as a global so that modules can add engines.
Amos Jeffries [Fri, 29 Nov 2013 04:41:07 +0000 (21:41 -0700)]
Receive annotations from external ACL helpers
This completes the annotation support for common helper interfaces by
making custom key=value pairs sent by external ACL helpers in to
NotePair objects and attaching to the active request.
The other side of this - sending values to the helper is deferred until
the helper format can be converted to logformat codes.
Amos Jeffries [Wed, 27 Nov 2013 00:37:24 +0000 (13:37 +1300)]
Cleanup: convert helper allocation from cbdataAlloc to new
The helper_server and helper_stateful_server classes are already
CBDATA_CLASS2 defined classes with new/delete operators and the free
operation already handled by delete(). However teh allocation was not
using new() and thus not calling the class constructors properly.
Alex Rousskov [Mon, 18 Nov 2013 15:55:05 +0000 (08:55 -0700)]
Re-compute Range response content offset after an FTP response was adapted.
Moved HTTP-only offset calculation code to the general ServerStateData code so
that [converted-to-HTTP] FTP responses can use it. FTP code computes the range
offset on its own earlier, but we must REcalculate in case the response is
adapted into a response with a different (or no) content range.
aclocal on Windows cannot handle line-wrapping \ characters and leaves
them present in the output m4 code. in side AC_CONFIG_FILES macro this
results in a mystery file '\\r' being 'registered'.
The list of Makefiles does not even need ths line-wrap indicator as
demonstrated by the tools/Makefile missing its one for some time without
problems.
Alex Rousskov [Wed, 13 Nov 2013 18:29:13 +0000 (11:29 -0700)]
Propagate FTP server connection closures to idle FTP gw clients but
carefully close the FTP server connection upon receiving an FTP 221 response.
FTP gateway code pins server connections; when there is no traffic, the
client-side code holds on to the server connection. The old code did not
notice pinned server connection closure until it was time to write the next
FTP request to that connection. Squid now monitors the idle pinned server
connection and closes the client connection if the server connection closes
(or, to be more precise, if the server connection gets marked as ready for
reading).
Client-side monitoring of an idle pinned connection ends when the server side
starts using the pinned connection again (because the server side becomes
responsible for monitoring EOF conditions then). Added
borrowPinnedConnection() and related methods to distinguish validation of
pinned connection and responsibility transfer.
Careful closure of the FTP server connection upon receiving an FTP 221
response is necessary to avoid the client-side idle server connection
monitoring code closing the client connection upon detecting server-side EOF
_before_ the client side had enough time to forward that 221 response to the
not-yet-idle client. The latter may take some time because, in part, the
response may have to go through an ICAP RESPMOD service first.
Amos Jeffries [Wed, 13 Nov 2013 00:06:19 +0000 (13:06 +1300)]
Make HTTP header parser obey relaxed_header_parser
Some unimportant warnings were not obeying the directives silent/loud
setting values.
This abstracts the condition to simplify code and make all the
non-critical warnings depend on the directive for their display level.
This patch adds the new ACL adaptation_service, to match the name of:
- an adaptation service or group that had been applied to the master
transaction in the past
- an adaptation service or group that is being applied to the master
transaction now
An adaptation group is formed by adaptation_service_chain or adaptation_service_set directives.
Both REQMOD and RESPMOD services, successful or failed service applications
matches this acl.
Alex Rousskov [Wed, 6 Nov 2013 01:11:17 +0000 (18:11 -0700)]
Leave Copyright and (C) (but not AUTHOR-like) boilerplate lines in sources
except when we [think we will] have a permission to move them to CONTRIBUTORS.
If one Copyright or (C) line in the old boilerplate is preserved, then all
such lines are preserved.
Alex Rousskov [Mon, 4 Nov 2013 23:52:32 +0000 (16:52 -0700)]
Initial support for gatewaying FTP EPRT and EPSV commands.
Client side validates the IPv6-friendly commands, but the server side
independently decides which of the four standard data connection establishment
commands to use. In practice only PASV and EPSV commands are sent because
Squid still does not support active FTP connections on the server side.
Moved EPSV- and some PASV-handling code from proxy-specific ftp.cc into
general FtpServer.cc for the client-side gateway code to reuse.
Alex Rousskov [Thu, 7 Nov 2013 19:45:12 +0000 (12:45 -0700)]
Replace blocking sleep(3) and close UDS socket on failures.
The two addressed XXX were not causing any known serious bugs on their own,
but the blocking sleep was ugly and possibly in the way of further
kid registration fixes/improvements.
Squid fails parsing error-details.txt template when one or more listed OpenSSL
errors are not supported on running platform.
This patch add a hardcoded list of OpenSSL errors wich can be optional.
Bug 3906: Filedescriptor leaks on snmp
author: Alex Rousskov <rousskov@measurement-factory.com>, Christos Tsantilas <chtsanti@users.sourceforge.net>
Coordinator should not send SNMP client FD to strands when broadcasting SNMP
requests. Strands do not need the descriptor and were forgetting to close it,
causing one FD leak on every SNMP query in SMP mode.
Enhance Ipc::TypedMsgHdr to be able to tell whether the message has a FD.
projects / thirdparty / squid.git / log
