From 198c39265bc110bb2130cbfd3c81d968dbcad5c8 Mon Sep 17 00:00:00 2001 From: Matthias Fischer Date: Tue, 26 Apr 2016 18:50:14 +0200 Subject: [PATCH] squid 3.4.14: latest patches, sorted options The 'configure'-options were sorted (kind of) to get a better overview. Added latest patches from upstream. Changed '--enable-async-io=8' to '--enable-async-io=16' because of http://www.squid-cache.org/mail-archive/squid-users/200705/0768.html : "The default number of threads is dependent on the number of aufs cache_dir lines, based on a reasonable estimate of how the code behaves." Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer --- lfs/squid | 28 +-- src/patches/squid-3.4-13233.patch | 274 ++++++++++++++++++++++++++++++ src/patches/squid-3.4-13234.patch | 33 ++++ src/patches/squid-3.4-13235.patch | 97 +++++++++++ 4 files changed, 420 insertions(+), 12 deletions(-) create mode 100644 src/patches/squid-3.4-13233.patch create mode 100644 src/patches/squid-3.4-13234.patch create mode 100644 src/patches/squid-3.4-13235.patch diff --git a/lfs/squid b/lfs/squid index 7e41c1620e..6725a6e827 100644 --- a/lfs/squid +++ b/lfs/squid @@ -75,6 +75,10 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13230.patch cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13231.patch cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13232.patch + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13233.patch + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13234.patch + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13235.patch + cd $(DIR_APP) && autoreconf -vfi cd $(DIR_APP)/libltdl && autoreconf -vfi @@ -85,11 +89,15 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) --mandir=/usr/share/man \ --libexecdir=/usr/lib/squid \ --localstatedir=/var \ - --disable-ipv6 \ --disable-ssl \ - --enable-poll \ --disable-icmp \ --disable-wccp \ + --disable-wccpv2 \ + --disable-kqueue \ + --disable-esi \ + --disable-arch-native \ + --disable-ipv6 \ + --enable-poll \ --enable-ident-lookups \ --enable-storeio="aufs,diskd,ufs" \ --enable-underscores \ @@ -107,26 +115,22 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) --enable-url-rewrite-helpers \ --enable-build-info \ --enable-eui \ - --with-pthreads \ - --with-dl \ - --with-filedescriptors=$$(( 16384 * 64 )) \ - --with-large-files \ - --with-aio \ - --enable-async-io=8 \ + --enable-async-io=16 \ --enable-unlinkd \ --enable-internal-dns \ --enable-epoll \ - --disable-kqueue \ --enable-select \ --enable-cache-digests \ --enable-forw-via-db \ --enable-htcp \ --enable-kill-parent-hack \ - --disable-wccpv2 \ --enable-icap-client \ - --disable-esi \ --enable-zph-qos \ - --disable-arch-native + --with-pthreads \ + --with-dl \ + --with-filedescriptors=$$(( 16384 * 64 )) \ + --with-large-files \ + --with-aio cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install diff --git a/src/patches/squid-3.4-13233.patch b/src/patches/squid-3.4-13233.patch new file mode 100644 index 0000000000..d657838718 --- /dev/null +++ b/src/patches/squid-3.4-13233.patch @@ -0,0 +1,274 @@ +------------------------------------------------------------ +revno: 13233 +revision-id: squid3@treenet.co.nz-20160420063907-hcnf4qmcg5hbjc11 +parent: squid3@treenet.co.nz-20160330141410-t6p2dhzr8ri36fap +committer: Amos Jeffries +branch nick: 3.4 +timestamp: Wed 2016-04-20 18:39:07 +1200 +message: + cachemgr.cgi: use dynamic MemBuf for internal content generation + + Using a fixed size buffer limits how big content lines can be. Modern + HTTP is fast reaching the point where such limits are problematic. + Also fixes incorrect uses of snprintf() by removing them. +------------------------------------------------------------ +# Bazaar merge directive format 2 (Bazaar 0.90) +# revision_id: squid3@treenet.co.nz-20160420063907-hcnf4qmcg5hbjc11 +# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4 +# testament_sha1: 161e86814f6f14d74557a3fa169b37b6601c08a1 +# timestamp: 2016-04-20 06:50:57 +0000 +# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4 +# base_revision_id: squid3@treenet.co.nz-20160330141410-\ +# t6p2dhzr8ri36fap +# +# Begin patch +=== modified file 'src/tests/stub_cbdata.cc' +--- src/tests/stub_cbdata.cc 2012-11-01 10:31:28 +0000 ++++ src/tests/stub_cbdata.cc 2016-04-20 06:39:07 +0000 +@@ -5,7 +5,13 @@ + #include "tests/STUB.h" + + void cbdataRegisterWithCacheManager(void) STUB +- ++void *cbdataInternalAlloc(cbdata_type type, const char *, int sz) { ++ return xcalloc(1, sz); ++} ++void *cbdataInternalFree(void *p, const char *, int) { ++ xfree(p); ++ return nullptr; ++} + #if USE_CBDATA_DEBUG + void *cbdataInternalAllocDbg(cbdata_type type, const char *, int) STUB_RETVAL(NULL) + void *cbdataInternalFreeDbg(void *p, const char *, int) STUB_RETVAL(NULL) + +=== modified file 'src/tests/stub_mem.cc' +--- src/tests/stub_mem.cc 2012-08-29 07:29:35 +0000 ++++ src/tests/stub_mem.cc 2016-04-20 06:39:07 +0000 +@@ -5,7 +5,7 @@ + #include "squid.h" + + #define STUB_API "stub_mem.cc" +-#include "STUB.h" ++#include "tests/STUB.h" + #include "Mem.h" + + void + +=== modified file 'tools/Makefile.am' +--- tools/Makefile.am 2014-04-06 04:37:08 +0000 ++++ tools/Makefile.am 2016-04-20 06:39:07 +0000 +@@ -35,15 +35,24 @@ + stub_debug.cc: $(top_srcdir)/src/tests/stub_debug.cc + cp $(top_srcdir)/src/tests/stub_debug.cc . + ++MemBuf.cc: $(top_srcdir)/src/MemBuf.cc ++ cp $(top_srcdir)/src/MemBuf.cc $@ ++ + time.cc: $(top_srcdir)/src/time.cc + cp $(top_srcdir)/src/time.cc . + ++stub_cbdata.cc: $(top_srcdir)/src/tests/stub_cbdata.cc ++ cp $(top_srcdir)/src/tests/stub_cbdata.cc $@ ++ ++stub_mem.cc: $(top_srcdir)/src/tests/stub_mem.cc ++ cp $(top_srcdir)/src/tests/stub_mem.cc $@ ++ + # stock tools for unit tests - library independent versions of dlink_list + # etc. + # globals.cc is needed by test_tools.cc. + # Neither of these should be disted from here. + TESTSOURCES= test_tools.cc +-CLEANFILES += test_tools.cc stub_debug.cc time.cc ++CLEANFILES += test_tools.cc MemBuf.cc stub_debug.cc time.cc stub_cbdata.cc stub_mem.cc + + ## ##### helper-mux ##### + +@@ -74,7 +83,10 @@ + libexec_PROGRAMS = cachemgr$(CGIEXT) + + cachemgr__CGIEXT__SOURCES = cachemgr.cc \ ++ MemBuf.cc \ ++ stub_cbdata.cc \ + stub_debug.cc \ ++ stub_mem.cc \ + test_tools.cc \ + time.cc + + +=== modified file 'tools/cachemgr.cc' +--- tools/cachemgr.cc 2015-01-09 10:32:57 +0000 ++++ tools/cachemgr.cc 2016-04-20 06:39:07 +0000 +@@ -35,6 +35,7 @@ + #include "getfullhostname.h" + #include "html_quote.h" + #include "ip/Address.h" ++#include "MemBuf.h" + #include "rfc1123.h" + #include "rfc1738.h" + #include "util.h" +@@ -460,8 +461,8 @@ + return url; + } + +-static const char * +-munge_menu_line(const char *buf, cachemgr_request * req) ++static void ++munge_menu_line(MemBuf &out, const char *buf, cachemgr_request * req) + { + char *x; + const char *a; +@@ -469,15 +470,14 @@ + const char *p; + char *a_url; + char *buf_copy; +- static char html[2 * 1024]; +- +- if (strlen(buf) < 1) +- return buf; +- +- if (*buf != ' ') +- return buf; +- +- buf_copy = x = xstrdup(buf); ++ ++ const char bufLen = strlen(buf); ++ if (bufLen < 1 || *buf != ' ') { ++ out.append(buf, bufLen); ++ return; ++ } ++ ++ buf_copy = x = xstrndup(buf, bufLen); + + a = xstrtok(&x, '\t'); + +@@ -489,59 +489,56 @@ + + /* no reason to give a url for a disabled action */ + if (!strcmp(p, "disabled")) +- snprintf(html, sizeof(html), "
  • %s (disabled).\n", d, a_url); ++ out.Printf("
  • %s (disabled).\n", d, a_url); + else + /* disable a hidden action (requires a password, but password is not in squid.conf) */ + if (!strcmp(p, "hidden")) +- snprintf(html, sizeof(html), "
  • %s (hidden).\n", d, a_url); ++ out.Printf("
  • %s (hidden).\n", d, a_url); + else + /* disable link if authentication is required and we have no password */ + if (!strcmp(p, "protected") && !req->passwd) +- snprintf(html, sizeof(html), "
  • %s (requires authentication).\n", +- d, menu_url(req, "authenticate"), a_url); ++ out.Printf("
  • %s (requires authentication).\n", ++ d, menu_url(req, "authenticate"), a_url); + else + /* highlight protected but probably available entries */ + if (!strcmp(p, "protected")) +- snprintf(html, sizeof(html), "
  • %s\n", +- a_url, d); ++ out.Printf("
  • %s\n", ++ a_url, d); + + /* public entry or unknown type of protection */ + else +- snprintf(html, sizeof(html), "
  • %s\n", a_url, d); ++ out.Printf("
  • %s\n", a_url, d); + + xfree(a_url); + + xfree(buf_copy); +- +- return html; + } + +-static const char * +-munge_other_line(const char *buf, cachemgr_request * req) ++static void ++munge_other_line(MemBuf &out, const char *buf, cachemgr_request *) + { + static const char *ttags[] = {"td", "th"}; + +- static char html[4096]; + static int table_line_num = 0; + static int next_is_header = 0; + int is_header = 0; + const char *ttag; + char *buf_copy; + char *x, *p; +- int l = 0; + /* does it look like a table? */ + + if (!strchr(buf, '\t') || *buf == '\t') { + /* nope, just text */ +- snprintf(html, sizeof(html), "%s%s", +- table_line_num ? "\n
    " : "", html_quote(buf));
++        if (table_line_num)
++            out.append("\n
    ", 14);
++        out.Printf("%s", html_quote(buf));
+         table_line_num = 0;
+-        return html;
++        return;
+     }
+ 
+     /* start html table */
+     if (!table_line_num) {
+-        l += snprintf(html + l, sizeof(html) - l, "
    \n");
++        out.append("
    \n", 46);
+         next_is_header = 0;
+     }
+ 
+@@ -551,7 +548,7 @@
+     ttag = ttags[is_header];
+ 
+     /* record starts */
+-    l += snprintf(html + l, sizeof(html) - l, "");
++    out.append("", 4);
+ 
+     /* substitute '\t' */
+     buf_copy = x = xstrdup(buf);
+@@ -568,18 +565,17 @@
+             ++x;
+         }
+ 
+-        l += snprintf(html + l, sizeof(html) - l, "<%s colspan=\"%d\" align=\"%s\">%s",
+-                      ttag, column_span,
+-                      is_header ? "center" : is_number(cell) ? "right" : "left",
+-                      html_quote(cell), ttag);
++        out.Printf("<%s colspan=\"%d\" align=\"%s\">%s",
++                   ttag, column_span,
++                   is_header ? "center" : is_number(cell) ? "right" : "left",
++                   html_quote(cell), ttag);
+     }
+ 
+     xfree(buf_copy);
+     /* record ends */
+-    snprintf(html + l, sizeof(html) - l, "\n");
++    out.append("\n", 6);
+     next_is_header = is_header && strstr(buf, "\t\t");
+     ++table_line_num;
+-    return html;
+ }
+ 
+ static const char *
+@@ -736,14 +732,18 @@
+             /* yes, fall through, we do not want to loose the first line */
+ 
+         case isBody:
++        {
+             /* interpret [and reformat] cache response */
+-
++            MemBuf out;
++            out.init();
+             if (parse_menu)
+-                fputs(munge_menu_line(buf, req), stdout);
++                munge_menu_line(out, buf, req);
+             else
+-                fputs(munge_other_line(buf, req), stdout);
++                munge_other_line(out, buf, req);
+ 
+-            break;
++            fputs(out.buf, stdout);
++        }
++        break;
+ 
+         case isForward:
+             /* forward: no modifications allowed */
+
diff --git a/src/patches/squid-3.4-13234.patch b/src/patches/squid-3.4-13234.patch
new file mode 100644
index 0000000000..6f701faef7
--- /dev/null
+++ b/src/patches/squid-3.4-13234.patch
@@ -0,0 +1,33 @@
+------------------------------------------------------------
+revno: 13234
+revision-id: squid3@treenet.co.nz-20160420101437-36eofkldxfku61kj
+parent: squid3@treenet.co.nz-20160420063907-hcnf4qmcg5hbjc11
+committer: Amos Jeffries 
+branch nick: 3.4
+timestamp: Wed 2016-04-20 22:14:37 +1200
+message:
+  nullptr is a C++11 feature
+------------------------------------------------------------
+# Bazaar merge directive format 2 (Bazaar 0.90)
+# revision_id: squid3@treenet.co.nz-20160420101437-36eofkldxfku61kj
+# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
+# testament_sha1: 0f9f2a5b29a7ef02befe2a4e2e6357ef4bcffbce
+# timestamp: 2016-04-20 10:51:03 +0000
+# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
+# base_revision_id: squid3@treenet.co.nz-20160420063907-\
+#   hcnf4qmcg5hbjc11
+# 
+# Begin patch
+=== modified file 'src/tests/stub_cbdata.cc'
+--- src/tests/stub_cbdata.cc	2016-04-20 06:39:07 +0000
++++ src/tests/stub_cbdata.cc	2016-04-20 10:14:37 +0000
+@@ -10,7 +10,7 @@
+ }
+ void *cbdataInternalFree(void *p, const char *, int) {
+     xfree(p);
+-    return nullptr;
++    return NULL;
+ }
+ #if USE_CBDATA_DEBUG
+ void *cbdataInternalAllocDbg(cbdata_type type, const char *, int) STUB_RETVAL(NULL)
+
diff --git a/src/patches/squid-3.4-13235.patch b/src/patches/squid-3.4-13235.patch
new file mode 100644
index 0000000000..e38022500c
--- /dev/null
+++ b/src/patches/squid-3.4-13235.patch
@@ -0,0 +1,97 @@
+------------------------------------------------------------
+revno: 13235
+revision-id: squid3@treenet.co.nz-20160420111514-4hpxglbn9k15l5sa
+parent: squid3@treenet.co.nz-20160420101437-36eofkldxfku61kj
+committer: Amos Jeffries 
+branch nick: 3.4
+timestamp: Wed 2016-04-20 23:15:14 +1200
+message:
+  Fix several ESI element construction issues
+  
+  * Do not wrap active logic in assert().
+  
+  * Fix localbuf array bounds checking.
+  
+  * Add Must() conditions to verify array writes will succeed
+------------------------------------------------------------
+# Bazaar merge directive format 2 (Bazaar 0.90)
+# revision_id: squid3@treenet.co.nz-20160420111514-4hpxglbn9k15l5sa
+# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
+# testament_sha1: e95687b13c98667ab09966e7f94d511ca3e6ad96
+# timestamp: 2016-04-20 11:18:22 +0000
+# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
+# base_revision_id: squid3@treenet.co.nz-20160420101437-\
+#   36eofkldxfku61kj
+# 
+# Begin patch
+=== modified file 'src/esi/Esi.cc'
+--- src/esi/Esi.cc	2013-06-27 15:58:46 +0000
++++ src/esi/Esi.cc	2016-04-20 11:15:14 +0000
+@@ -991,7 +991,7 @@
+     ESIElement::Pointer element;
+     int specifiedattcount = attrCount * 2;
+     char *position;
+-    assert (ellen < sizeof (localbuf)); /* prevent unexpected overruns. */
++    Must(ellen < sizeof(localbuf)); /* prevent unexpected overruns. */
+ 
+     debugs(86, 5, "ESIContext::Start: element '" << el << "' with " << specifiedattcount << " tags");
+ 
+@@ -1005,15 +1005,17 @@
+         /* Spit out elements we aren't interested in */
+         localbuf[0] = '<';
+         localbuf[1] = '\0';
+-        assert (xstrncpy (&localbuf[1], el, sizeof(localbuf) - 2));
++        xstrncpy(&localbuf[1], el, sizeof(localbuf) - 2);
+         position = localbuf + strlen (localbuf);
+ 
+         for (i = 0; i < specifiedattcount && attr[i]; i += 2) {
++            Must(static_cast(position - localbuf) < sizeof(localbuf) - 1);
+             *position = ' ';
+             ++position;
+             /* TODO: handle thisNode gracefully */
+-            assert (xstrncpy (position, attr[i], sizeof(localbuf) + (position - localbuf)));
++            xstrncpy(position, attr[i], sizeof(localbuf) - (position - localbuf));
+             position += strlen (position);
++            Must(static_cast(position - localbuf) < sizeof(localbuf) - 2);
+             *position = '=';
+             ++position;
+             *position = '\"';
+@@ -1022,18 +1024,21 @@
+             char ch;
+             while ((ch = *chPtr++) != '\0') {
+                 if (ch == '\"') {
+-                    assert( xstrncpy(position, """, sizeof(localbuf) + (position-localbuf)) );
++                    Must(static_cast(position - localbuf) < sizeof(localbuf) - 6);
++                    xstrncpy(position, """, sizeof(localbuf) - (position-localbuf));
+                     position += 6;
+                 } else {
++                    Must(static_cast(position - localbuf) < sizeof(localbuf) - 1);
+                     *position = ch;
+                     ++position;
+                 }
+             }
+-            position += strlen (position);
++            Must(static_cast(position - localbuf) < sizeof(localbuf) - 1);
+             *position = '\"';
+             ++position;
+         }
+ 
++        Must(static_cast(position - localbuf) < sizeof(localbuf) - 2);
+         *position = '>';
+         ++position;
+         *position = '\0';
+@@ -1119,11 +1124,11 @@
+     switch (ESIElement::IdentifyElement (el)) {
+ 
+     case ESIElement::ESI_ELEMENT_NONE:
+-        assert (ellen < sizeof (localbuf)); /* prevent unexpected overruns. */
++        Must(ellen < sizeof(localbuf) - 3); /* prevent unexpected overruns. */
+         /* Add elements we aren't interested in */
+         localbuf[0] = '<';
+         localbuf[1] = '/';
+-        assert (xstrncpy (&localbuf[2], el, sizeof(localbuf) - 3));
++        xstrncpy(&localbuf[2], el, sizeof(localbuf) - 3);
+         position = localbuf + strlen (localbuf);
+         *position = '>';
+         ++position;
+
-- 
2.39.2