/*
* From discussions it was chosen to push compat code as far down as possible.
- * That means we can have a seperate compat for most
+ * That means we can have a separate compat for most
* compatability and portability hacks and resolutions.
*
* This file is meant to collate all those hacks files together and
basic_db_auth [options]
-=head1 DESCRIPTOIN
+=head1 DESCRIPTION
This program verifies username & password to a database
Copyright (C) 2007 Henrik Nordstrom <henrik@henriknordstrom.net>
Copyright (C) 2010 Luis Daniel Lucio Quiroz <dlucio@okay.com.mx> (Joomla support)
This program is free software. You may redistribute copies of it under the
-terms of the GNU General Public License version 2, or (at youropinion) any
+terms of the GNU General Public License version 2, or (at your opinion) any
later version.
=head1 QUESTIONS
.B Note:
This can only be done if all your users are located directly under
the same position in the LDAP tree and the login name is used for naming
-each user object. If your LDAP tree does not match these criterias or if
+each user object. If your LDAP tree does not match these criteria or if
you want to filter who are valid users then you need to use a search filter
to search for your users DN (
.B \-f
.B never
dereference aliases (default),
.B always
-dereference aliases, only while
-.B search ing
+dereference aliases, only during a
+.B search
or only to
.B find
the base object.
.
.if !'po4a'hide' .TP
.if !'po4a'hide' .B "\-H ldap_uri
-Specity the LDAP server to connect to by LDAP URI (requires OpenLDAP libraries).
+Specify the LDAP server to connect to by LDAP URI (requires OpenLDAP libraries).
Servers can also be specified last on the command line.
.
.if !'po4a'hide' .TP
* the file format. However storing such a triple does little to
* improve security: If compromised the username:realm:HA1 combination
* is "plaintext equivalent" - for the purposes of digest authentication
- * they allow the user access. Password syncronisation is not tackled
+ * they allow the user access. Password synchronization is not tackled
* by digest - just preventing on the wire compromise.
*
* Copyright (c) 2003 Robert Collins <robertc@squid-cache.org>
* the file format. However storing such a triple does little to
* improve security: If compromised the username:realm:HA1 combination
* is "plaintext equivalent" - for the purposes of digest authentication
- * they allow the user access. Password syncronisation is not tackled
+ * they allow the user access. Password synchronization is not tackled
* by digest - just preventing on the wire compromise.
*
* Copyright (c) 2003 Robert Collins <robertc@squid-cache.org>
is an installed binary authentication program for Squid. It handles digest
authentication protocol and authenticates against a text file backend.
.
-This program will automatically detect the existence of a concurrecy channel-ID and adjust appropriately.
+This program will automatically detect the existence of a concurrency channel-ID and adjust appropriately.
It may be used with any value 0 or above for the auth_param children concurrency= parameter.
.
.SH OPTIONS
improve security: If compromised the
.B username:realm:HA1
combination is "plaintext equivalent" - for the purposes of digest authentication
-they allow the user access. Password syncronisation is not tackled
+they allow the user access. Password synchronization is not tackled
by digest - just preventing on the wire compromise.
.
.SH AUTHOR
* the file format. However storing such a triple does little to
* improve security: If compromised the username:realm:HA1 combination
* is "plaintext equivalent" - for the purposes of digest authentication
- * they allow the user access. Password syncronisation is not tackled
+ * they allow the user access. Password synchronization is not tackled
* by digest - just preventing on the wire compromise.
*
* Copyright (c) 2003 Robert Collins <robertc@squid-cache.org>
* the file format. However storing such a triple does little to
* improve security: If compromised the username:realm:HA1 combination
* is "plaintext equivalent" - for the purposes of digest authentication
- * they allow the user access. Password syncronisation is not tackled
+ * they allow the user access. Password synchronization is not tackled
* by digest - just preventing on the wire compromise.
*
* Copyright (c) 2003 Robert Collins <robertc@squid-cache.org>
.BI never
dereference aliases (default),
.BI always
-dereference aliases, only while
-.BR search ing
+dereference aliases, only during a
+.BR search
or only to
.B find
the base object
.
.if !'po4a'hide' .TP
.if !'po4a'hide' .BI \-H " ldapuri"
-Specity the LDAP server to connect to by a LDAP URI (requires OpenLDAP libraries)
+Specify the LDAP server to connect to by a LDAP URI (requires OpenLDAP libraries)
.
.if !'po4a'hide' .TP
.if !'po4a'hide' .BI \-K
export KRB5_KTNAME
If you use a different Kerberos domain than the machine itself is in you can point squid to
-the seperate Kerberos config file by setting the following environmnet variable in the startup
+the separate Kerberos config file by setting the following environment variable in the startup
script.
KRB5_CONFIG=/etc/krb5-squid.conf
.if !'po4a'hide' .ft
.
If you use a different Kerberos domain than the machine itself is in you can point squid to
-the seperate Kerberos config file by setting the following environmnet variable in the startup
+the separate Kerberos config file by setting the following environment variable in the startup
script.
.if !'po4a'hide' .P
.if !'po4a'hide' .ft CR
) or a fixed period of time (
.B \-T
). The former is suitable for displaying terms and conditions to a user; the
-latter is suitable for the display of advertisments or other notices (both as a
+latter is suitable for the display of advertisements or other notices (both as a
splash page \- see config examples in the wiki online). The session helper can also be used
to force users to re\-authenticate if the
.B %LOGIN
environment is created within the directory. The advantage of the latter
is better database support between multiple instances of the session
helper. Using multiple instances of the session helper with a single
-database file will cause synchronisation problems between processes.
+database file will cause synchronization problems between processes.
If this option is not specified the session details will be kept in
memory only and all sessions will reset each time Squid restarts its
helpers (Squid restart or rotation of logs).
log_db_daemon DSN [options]
-=head1 DESCRIPTOIN
+=head1 DESCRIPTION
This program writes Squid access.log entries to a database.
Presently only accepts the B<squid> native format
WHERE squid_request_status LIKE '%MISS%')
/
(SELECT COUNT(*) FROM access_log)*100
- AS pecentage;
+ AS percentage;
=item Response time ranges
This script currently implements only the C<L> (i.e. "append a line to the log") command, therefore the log lines are never purged from the table. This approach has an obvious scalability problem.
-One solution would be to implement e.g. the "rotate log" command in a way that would calculate some summary values, put them in a "summary table" and then delete the lines used to caluclate those values.
+One solution would be to implement e.g. the "rotate log" command in a way that would calculate some summary values, put them in a "summary table" and then delete the lines used to calculate those values.
Similar cleanup code could be implemented in an external script and run periodically independently from squid log commands.
export KRB5_KTNAME
If you use a different Kerberos domain than the machine itself is in you can point squid to
-the seperate Kerberos config file by setting the following environmnet variable in the startup
+the separate Kerberos config file by setting the following environment variable in the startup
script.
KRB5_CONFIG=/etc/krb-squid5.conf
export KRB5_KTNAME
If you use a different Kerberos domain than the machine itself is in you can point squid to
-the seperate Kerberos config file by setting the following environmnet variable in the startup
+the separate Kerberos config file by setting the following environment variable in the startup
script.
KRB5_CONFIG=/etc/krb5\-squid.conf
Rewrite rules are matched in the same order as they appear in the rules file.
So for best performance, sort it in order of frequency of occurrence.
-This program will automatically detect the existence of a concurrecy channel-ID and adjust appropriately.
+This program will automatically detect the existence of a concurrency channel-ID and adjust appropriately.
It may be used with any value 0 or above for the store_id_children concurrency= parameter.
=head1 OPTIONS
\par
* configure will take a list of storage types through the
* --enable-store-io parameter. This parameter takes a list of
- * space seperated storage types. For example,
+ * space separated storage types. For example,
* --enable-store-io="ufs aufs" .
*
\par
\defgroup IPCacheInternal IP Cache Internals
\ingroup IPCacheAPI
\todo when IP cache is provided as a class. These sub-groups will be obsolete
- * for now they are used to seperate the public and private functions.
+ * for now they are used to separate the public and private functions.
* with the private ones all being in IPCachInternal and public in IPCacheAPI
*
\section InternalOperation Internal Operation
Because the generation and signing of SSL certificates takes time
Squid must use external process to handle the work.
.
-This process generates new SSL certificates and uses a disk cache of certificatess
+This process generates new SSL certificates and uses a disk cache of certificates
to improve response times on repeated requests.
Communication occurs via TCP sockets bound to the loopback interface.
.
.
.PP
For simple configuration the helper defaults can be used.
-Only HTTP listening port options are required to enable generation and set the signign CA certificate.
+Only HTTP listening port options are required to enable generation and set the signing CA certificate.
For Example:
.if !'po4a'hide' .RS
.if !'po4a'hide' .B http_port 3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/usr/local/squid/ssl_cert/www.sample.com.pem
projects / thirdparty / squid.git / commitdiff
