Replace most USE_IPV6 with run-time support probing
This unifies the code built for IPv4-only, dual-stack and split-stack.
* --disable-ipv6 option remains, however it now prevents the run-time probe
* Probing previously done in ./configure at build time is now merged and
performed run-time on every startup. IPv6 is enabled or disabled based on
the underlying OS support for sockets and setsockopt operations required.
* Parsing and other operations which can be performed without specific IPv6
connectivity are enabled.
* Some DNS logic alterations have had to be made to merge the split-stack
DNS and leverage it for IPv4-only mode. Otherwise the logics are unchanged
from previous dual-stack builds which have been well tested.
This breaks the DNS sockets into two when split-stack mode is used.
DnsSocketA becomes IPv4-only and DnsSocketB becomes used as IPv6-only.
Without Split-stack mode DnsSocketA is the only one actually used.
NP: comm outgoing socket support is still a blocker on split-stack support.
However this update is required for the upcoming run-time support.
Author: Alex Rousskov <rousskov@measurement-factory.com>
Fixed comm.cc:377: "fd_table[fd].halfClosedReader != NULL" assertion
Client side must stop reading when switching to a tunnel mode. The old code
called low-level commSetSelect to stop reading, but that left Comm tables in
an inconsistent state, with the client side reader callback still scheduled.
Squid would assert when the tunnel called comm_read with its own callback.
The bug is unrelated to half-closed connections despite halfClosedReader
mentioned in the assertion text. The assertion means "no more than one active
reader per FD".
Author: Alex Rousskov <rousskov@measurement-factory.com>
Prevent memory leaks when cloning Range requests.
HttpRequest::range field was set to a new HttpHdrRange object twice:
once in HttpRequest::clone() and once in HttpRequest::hdrCacheInit()
called from clone().
Polished HttpReply::clone() to make sure HttpReply::hdrCacheInit()
does not use uninitialized HttpReply::sline field and to prevent
benign double-initialization of HttpReply::keep_alive.
Bundle a slightly hacked version of libltdl/ltdl.h which does not use <>
for inclusion of its dependency files. This makes it portable to OS with
older libtool versions.
Amos Jeffries [Sun, 27 Jun 2010 09:35:30 +0000 (21:35 +1200)]
Author: Robert Collins <robertc@robertcollins.net>
Bug 2950: HTTP responses with no Date, L-M or Expires can now be cached
HTTP responses with no Date, Last-modified or Expires headers can
now be cached (given an appropriate refresh_pattern). Previously we
were not caching them in case of an infinite loop in cache farms:
however Squid adds Date: headers now which remove that concern.
Amos Jeffries [Sat, 12 Jun 2010 11:42:52 +0000 (23:42 +1200)]
Author: Henrik Nordstrom <henrik@henriknordstrom.net>
Port from 2.7: max_filedescriptor config option
Since Squid no longer really has any hardcoded filedescriptor limitations
it makes sense to have a squid.conf directive allowing the number of
filedescriptors to be tuned runtime. Default if unset is to obey whatever
ulimit settings as before.
* setMaxFD: figures out what to we can use for Squid_MaxFD
* setSystemLimits: Configures the system limitations to match our
expectations which might be lower than what setMaxFD finds if
the comm loop has additional restrictions
AYJ:
Henrik informs that loops using fd_set() (select and win32-select) must
be kept below FD_SETSIZE or they can hang Squid or cause out-of-bounds
memory errors.
NP: Squid-2 does not appear to limit select() like this. May need fixing too.
Amos Jeffries [Sun, 30 May 2010 13:05:25 +0000 (07:05 -0600)]
Author: Henrik Nordstrom <henrik@henriknordstrom.net>
Disable chunked memory pools by default. Rework memory pools
- Default to the old simple non-chunked pool type using malloc
with a simple freelist per pool.
- Various statistics & cachemgr Memory Utilization fixes
- Source reorganisation to split pool implementations from the general
framework. Allocators now in MemPoolChunked.cc and MemPoolMalloc.cc,
with general framework & statistics in MemPool.cc.
The chunked allocator is still available and can be activated by setting
the environment variable MEMPOOLS=1 but the default is now the non-chunked
allocator which has been fixed to account allocations properly for statistics
and also maintain a simple freelist to cache allocations.
No squid.conf changes, other than that the memory_pools and
memory_pools_limit directives now works as intended (not possible
with the chunked allocator).
Amos Jeffries [Fri, 28 May 2010 06:10:57 +0000 (00:10 -0600)]
Author: Alex Rousskov <rousskov@measurement-factory.com>
Bug 2697: Adaptation leaks and extra requests after reconfiguration
This patch "detaches" services from the configuration during reconfiguration.
Detached services do not participate in new adaptation transactions but allow
the old transactions to finish nicely. Once all users are gone, the refcounted
service disappears.
As a side effect of these fixes, several aspects of eCAP service registration
and mapping of loaded and configured eCAP services have been fixed. We will be
able to claim support for eCAP reconfiguration after libecap adds
reconfiguration API.
Amos Jeffries [Wed, 26 May 2010 03:46:04 +0000 (15:46 +1200)]
Author: Alex Rousskov <rousskov@measurement-factory.com>
Author: Amos Jeffries <squid3@treenet.co.nz>
Fixed IpAddress port printing for ports higher than 9999:
snprintf includes zero-terminator in its size limit, so 7
rather than 6 bytes are needed to snprintf a colon followed
by 5 port digits.
Also, fix ToHostname calculation potentially truncating port numbers
Amos Jeffries [Wed, 26 May 2010 03:43:53 +0000 (15:43 +1200)]
Author: Alex Rousskov <rousskov@measurement-factory.com>
Bug 2633: Fix Ecap::HeaderRep::value(name) fails when there is no named header field
Calling Adaptation::Ecap::HeaderRep::value(const Name &name) with names
of header fields that do not exist leads to
ICAP/AsyncJob.cc(218) dial: AsyncJob::noteStart threw exception:
basic_string::_S_construct NULL not valid
I suspect this is a combination of
- std::string constructor incapable of handling a nil char* pointer.
- String::termedBuf() returning an nil pointer when the string is empty.
When there is no specified header field in the message, the value()
wrapper in Squid gets an empty String for the header value, which is
then used to create std::string, which fails or leads to failure.
I think it is wrong for termedBuf to return nil (because nil is not
0-terminated). I have not tried to fix that because we will have a new
String class soon.
Fixed header accounting to avoid the "Headers[id].stat.aliveCount" assertion.
We were incrementing the alive header field counter twice for each decrement,
which probably resulted in the alive counter wrapping back to zero, triggering
the assertion.
Amos Jeffries [Sun, 23 May 2010 11:25:59 +0000 (23:25 +1200)]
Author: Alex Rousskov <rousskov@measurement-factory.com>
Bug 2879: pt2: 3.0 regression in headers end finding
Consider the case when we received an empty (zero bytes) response.
The committed hack (bzr r9935) makes the "Invalid Response" warning misleading
because it adds CRLF to the empty response. The same hack makes the correct
error determination even more broken than it was (because the rest of the code
now sees content when none exited). It also mentions the wrong bug number.
The attached patch fixes the above and attempts to route empty response
processing to the right error (ERR_ZERO_SIZE_OBJECT).
TODO: Reconsider polluting cache.log with unlimited Invalid Response warnings,
at least in a forward proxy environment where the admin has no control over
responses.
When comm_close() has been called for the server fd but the close handler has
not yet been activated, the Server may receive an async call not associated
with the fd (e.g., more request body data coming from the HTTP or ICAP client)
that prompts the server to write to the fd. We now check whether it is still
safe to write before writing. If it is not safe, we do not write but wait for
our close handler to be called.
TODO: when all comm_write callers check for fd closing, comm API can be
redefined to drop unsafe calls instead of asserting.
Henrik Nordstrom [Fri, 14 May 2010 12:40:35 +0000 (14:40 +0200)]
Reset all addresses as OK after trying them all. This to avoid a "deadlock"
when all addresses of the currnet procotol have been marked bad but
there remains addresses in another protocol which means there is no addresses
we can connect to but unfortunately we don't know that in the current
upside-down layering.
Henrik Nordstrom [Fri, 14 May 2010 12:02:06 +0000 (14:02 +0200)]
Bug #2876: FD_SETSIZE override not working on all linux distributions
The glibc hack for overriding FD_SETSIZE seems to have broken down on some families
of Linux distribution, requiring one more header to be included before redefine.
Hopefully this does not break the FD_SETSIZE override on more systems than
it fixes.. if it does then some additional autoconffuu will be needed.
Henrik Nordstrom [Fri, 14 May 2010 05:39:29 +0000 (07:39 +0200)]
Fall back on IPv4 if IPv6 is not present
automatically fall back on IPv4 operation if it fails creating an
IPv6 socket. This may happen if Squid is built with IPv6 support
enabled but no IPv6 stack is available when it runs.
Henrik Nordstrom [Fri, 14 May 2010 04:13:30 +0000 (06:13 +0200)]
Clean up use of commResetFD when socket incompatible with requested address
This patch backs out part of the patch for Bug #2222 and replaces it by
crudely cycling over the available addresses, trying to skip over
addresses not compatible with the current socket.
This solves issues seen when using tproxy or tcp_outgoing_address and
DNS of the requested host returns AAAA records in addition to A records.
This change is interim, waiting for the larger connection setup
overhaul, but seems to do the trick for now.
One effect of this change is that there will be no fallback to the other
IP generation if the socket is configured to a specific outgoing
address. Priory the code threw away the outgoing address and tried
again when encountering an incompatibility.