squid 3.5.23: latest patch (14129)

Seems to be a serious one.
"Bug #3940 pt2: Make 'cache deny' do what is documented".
(Duplicate of Bug 3783)

For details see:

http://bugs.squid-cache.org/show_bug.cgi?id=3940

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/lfs/squid b/lfs/squid
index db02367e599402443dffb2cbe2b61f06b687145f..00152080c5648a13de5d3e20c09a6b74072260bc 100644 (file)
--- a/lfs/squid
+++ b/lfs/squid
@@ -70,6 +70,7 @@ $(subst %,%_MD5,$(objects)) :
 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        @$(PREBUILD)
        @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar xaf $(DIR_DL)/$(DL_FILE)
+       cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14129.patch
        cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.5.23-fix-max-file-descriptors.patch
 
        cd $(DIR_APP) && autoreconf -vfi

diff --git a/src/patches/squid/squid-3.5-14129.patch b/src/patches/squid/squid-3.5-14129.patch
new file mode 100644 (file)
index 0000000..b930aca
--- /dev/null
+++ b/src/patches/squid/squid-3.5-14129.patch
@@ -0,0 +1,41 @@
+------------------------------------------------------------
+revno: 14129
+revision-id: squid3@treenet.co.nz-20161226022200-u1dnvhu0rdby78u2
+parent: squid3@treenet.co.nz-20161216043137-lsk9s4fq21sqsdfo
+fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=3940
+committer: Amos Jeffries <squid3@treenet.co.nz>
+branch nick: 3.5
+timestamp: Mon 2016-12-26 15:22:00 +1300
+message:
+  Bug 3940 pt2: Make 'cache deny' do what is documented
+  
+  Instead of overriding whatever cacheability was previously set to
+  (including changing non-cacheables to be cacheable) actually
+  prevent both cache read and write.
+------------------------------------------------------------
+# Bazaar merge directive format 2 (Bazaar 0.90)
+# revision_id: squid3@treenet.co.nz-20161226022200-u1dnvhu0rdby78u2
+# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
+# testament_sha1: 579020c4bb34961317f8fd0498393aba4a797b14
+# timestamp: 2016-12-26 02:23:14 +0000
+# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
+# base_revision_id: squid3@treenet.co.nz-20161216043137-\
+#   lsk9s4fq21sqsdfo
+# 
+# Begin patch
+=== modified file 'src/client_side_request.cc'
+--- src/client_side_request.cc 2016-09-23 15:28:42 +0000
++++ src/client_side_request.cc 2016-12-26 02:22:00 +0000
+@@ -1407,7 +1407,10 @@
+ ClientRequestContext::checkNoCacheDone(const allow_t &answer)
+ {
+     acl_checklist = NULL;
+-    http->request->flags.cachable = (answer == ACCESS_ALLOWED);
++    if (answer == ACCESS_DENIED) {
++        http->request->flags.noCache = true; // dont read reply from cache
++        http->request->flags.cachable = false; // dont store reply into cache
++    }
+     http->doCallouts();
+ }
+ 
+