Amos Jeffries [Fri, 20 Jun 2008 12:46:59 +0000 (06:46 -0600)]
Bug 1566 (also Bug 975): esi:include aborts with lock assert
Proper fix requires callers inserting HTTPMSGLOCK() when the base rep
pointers are set, and HTTPMSGUNLOCK() macros when done. The lock/unlock
mechanism will take care of garbage collection in the background if used
properly.
The function this patches has no need to perform any of that itself
either way (it's a * not a ** ptr parameter so _cannot_ be safely deleted).
I'm cementing the temporary fix for 975 and 1566 as a permanent one and
documenting the correct requirements of the functions callers to prevent
memory leaks.
If leaks are found it will be separate bugs in the calling code related
to bad refcounting.
Amos Jeffries [Thu, 19 Jun 2008 05:35:31 +0000 (23:35 -0600)]
Author: Henrik Nordstrom <henrik@henriknordstrom.net>
Fix SNMP reporting of counters with a value >= 0xFF800000
The ASN.1 encoding of unsigned integers incorrectly compressed the value
as if it was a signed integer, truncating leading 0xFF octest, causing
0xFF800000 to be send ax 0x800000, 0xFFFF8000 as 0x8000 etc..
Amos Jeffries [Fri, 13 Jun 2008 04:42:05 +0000 (22:42 -0600)]
Update ACL docs
- Some regex types were missing -i mentions.
- Altered auth type to mention intercept alongside transparent
now that they are distinct in squid
- Also cosmetic re-order of a few items to provide a some type grouping
Amos Jeffries [Thu, 22 May 2008 06:04:40 +0000 (18:04 +1200)]
Silence secondary errors on fatal shutdowns.
This patch causes fatal() errors to set the shutdown flag before aborting.
The result of this is that secondary errors not related to the fatal condition
but caused during the shutdown sequence no longer confuse the error traces.
It also cleans up a little broken whitespace formatting in the snmp_core.cc
Amos Jeffries [Mon, 19 May 2008 11:24:47 +0000 (05:24 -0600)]
Author: Guido Serassio <serassio@squid-cache.org>
Windows port: Added new mswin_check_ad_group external ACL helper
This helper allow the lookup of users's group membership in a Windows
Active Directory domain.
It overcomes the Lan Manager limits of mswin_check_lm_group, but it can be
used only with native Windows Active Directory domains, so mswin_check_lm_group
will not removed from Squid.
Amos Jeffries [Tue, 13 May 2008 14:51:16 +0000 (08:51 -0600)]
Add cachemgr.conf.default for easier maintenance
cachemgr.conf has for a long while been created conditionally if none
already existed, but no current new default file was added to compare
for new configuration options.
This patch adds a file named cachemgr.conf.default next to the cachemgr.conf
cachemgr.conf.default file is replaces unconditionally so that it remains
current with the most recently installed build.
cachemgr.conf itself is only created if not already present so as not to
loose local configuration changes.
Amos Jeffries [Mon, 12 May 2008 01:51:12 +0000 (13:51 +1200)]
Bug 2206: Build error caused by incorrect configure include file detection
Adds type-definitions for the *BSD family networking OS header files which
depend on them without including the necessary definition headers themselves.
Amos Jeffries [Mon, 12 May 2008 01:48:26 +0000 (13:48 +1200)]
Bug 2196: configure: net*/*.h present but cannot be compiled
This moves critical net*/*.h file tests from the general location
and use testign to the *BSD special testing which accounts for
system file dependencies.
TODO: some files are still missing dependencies even with the *BSD test
their brokenness will be fixed at a later point. (bug 2206)
Amos Jeffries [Sun, 4 May 2008 11:53:29 +0000 (23:53 +1200)]
Author: Henrik Nordstrom <henrik@henriknordstrom.net>
Make --with-large-files try to build 64-bit if possible
--with-large-files for some reason tried to make a 32-bit build with
large file offsets even if the host supports 64-bit applications, making
--with-large-files degrade Squid capabilities on 64-bit OS:es..
Amos Jeffries [Sun, 4 May 2008 11:08:15 +0000 (23:08 +1200)]
Author: Guido Serassio <serassio@squid-cache.org>
Windows port: Add support for the Windows machine DNS domain, and also automatically derived default domain
This patch adds the capacity to get the machine DNS domain from the registry, similar to
search but only accepting a single domain.
In addition it adds support for automatically deriving the domain from
the fully qualified hostname.
Also fixed some memory leaks during the DNS configuration parse in the registry.
Amos Jeffries [Sun, 4 May 2008 11:05:58 +0000 (23:05 +1200)]
Author: Guido Serassio <serassio@squid-cache.org>
Removed the advertisement clause from BSD license
According to the new revised (3-clause) BSD license:
ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
the advertisement clause (3) of old (4-clause) BSD license can
be deleted.
Also added forgotten reference to lib/strnstr.cc into CREDITS
Adds --enable-zph-qos options to turn on the following:
- Allows you to select a TOS/Diffserv value to mark local hits.
- Allows you to select a TOS/Diffserv value to mark peer hits.
- Allows you to selectively set only sibling or sibling+parent requests
- Allows any HTTP response towards clients will
have the TOS value of the response comming from the remote
server masked with the value of zph_preserve_miss_tos_mask.
For this to work correctly, you will need to patch your linux
kernel with the TOS preserving ZPH patch.
The kernel patch can be downloaded from http://zph.bratcheda.org
- Allows you to mask certain bits in the TOS received from the
remote server, before copying the value to the TOS send towards
clients.
Amos Jeffries [Fri, 2 May 2008 11:08:58 +0000 (23:08 +1200)]
Author: Christos Tsantilas <chtsanti@users.sourceforge.net>
Bug 2308: Segmentation fault in AuthDigestUserRequest::authUser
In this patch:
- In method AuthDigestConfig::decode just do not delete the digest_request on
errors but use it as is in the authDigestLogUsername functions.
- In the method AuthDigestConfig::fixHeader change the line "int stale = 1;"
to "int stale = 0;" to make squid respond with "stale=false" in the first
unauthenticated request of web client.
strnstr() is not provided on all OS (Linux with gcc 3.x for one).
And some OS are known to bundle an unsafe version (MacOS X 10.4 has a
buffer overrun)
So code should use the function named squid_strnstr() and auto-tools will
test to see if the OS provided version is usable.
Author: Christos Tsantilas <chtsanti@users.sourceforge.net>
Bug 2311: crashes/restarts when ICAP enabled on respmod for HTTP body size greater than 100kb
Author: Henrik Nordstrom <henrik@henriknordstrom.net>
Bug #2310: Incorrect default time/date log format
The %tl and %tg logformat tags is meant to use the same date format as
Apache/NCSA, but in Squid-3 there was a space instead of : between the
date and time.
Reentrant debugging occurs when something being written into the debugging
stream produces its own debugging. For example, a field accessor method may
make cbdata-validation calls, which would produce debugging. Logging such
field would crash Squid if sufficiently high debugging level is enabled.
With this change, the Debug methods detect reentrant calls and mostly ignore
them, allowing the caller to append debugging information to the existing
debug stream. A short debugging label is added before and after the reentrant
debugging message to reduce confusion that overlapping debugging statements
may cause during log analysis.
Author: Henrik Nordstrom <henrik@henriknordstrom.net>
Fallback on transparent interception mode even if the connection didn't seem to be transparently intercepted
Needed to deal properly with situations where connections to the local host
is intercepted, or when people NAT outside the Squid server but still compile
Squid with support for the NAT/interception method availabe on the host OS..