+Changes in squid-6.13 (31 Jan 2025):
+
+ - Bug 5352: Do not get stuck when RESPMOD is slower than read(2)
+ - Bug 5405: Large uploads fill request buffer and die
+ - Bug 5093: List http_port params that https_port/ftp_port lack
+ - Bug 5311: clarify configuration byte units
+ - Bug 5091: document that changes to workers require restart
+ - Bug 5481: Fix GCC v14 build [-Wmaybe-uninitialized]
+ - Nil request dereference in ACLExtUser and SourceDomainCheck ACLs
+ - Fix GCC v14 [-Wanalyzer-null-dereference] warnings in Kerberos
+ - Clarify --enable-ecap failure on missing shared library support
+ - Fix syntax error in configure.ac
+ - Remove GNU'ism in release notes Makefile
+ - Annotate PoolMalloc memory in valgrind builds
+ - Fix systemd startup sequence to require active Local Filesystem
+ - Display Linux variant at ./configure time
+ - Refactor peerRefreshDNS() to clarify its (void*)1 logic
+ - Portability: remove explicit check for libdl
+ - ext_time_quota_acl: remove -l option
+ - ... and some documentation updates
+ - ... and some CI updates
+
Changes in squid-6.12 (12 Oct 2024):
- Fix validation of Digest auth header parameters
- Bug 3320: miss_access description confusing
- Bug 3241: squid_kerb_auth cross compilation fix
- Bug 3237: seq fault in free() from rfc1035RRDestroy
- - Bug 3190: Large HTTP POST stuck after early ICAP 400 error response
+ - Bug 3190: Large HTTP POST stuck after early ICAP 400 error response
- db_auth: display available DSN drivers on connect error
- Updated OpenSSL 1.0.0 version checks
- ... and several documentation fixes
- Bug 2965 (partial): Compile errors on MinGW
- Fix to only ssl-bump CONNECT requests if they are about to be tunneled
- Fix cache manager display of -i/+i in regex ACL config display
- - Fix cache manager display of cache_peer options userhash and sourcehash
+ - Fix cache manager display of cache_peer options userhash and sourcehash
- Fix URL re-writer loosing many transaction details
- Fix always-true comparison in ICAP for some 32-bit platforms
- Support for 'slow' group ACLs in ssl_bump access control
- Various minor debug and documentation cleanups
Changes to squid-3.0.STABLE6 (20 May 2008):
-
+
- Bug 2254: umask Feature from 2.6 added
- cachemgr.cgi default config file added
- Several authentication bug fixes
- WCCP2 doesn't update statCounter.syscalls.sock.sendtos counter.
- Releasenotes Table of contents should use relative links without
filename.
- - Reject HTTP/0.9 formatted CONNECT requests.
+ - Reject HTTP/0.9 formatted CONNECT requests.
- Cosmetic cleanup to use safe_free instead of xfree + manual
assign to NULL
- Bug #1650: transparent interception "Unable to forward this
- [Minor] Segfault in authenticateDigestHandleReply. (Bug #1031)
- [Minor] acl time fails to parse multiple time specifications
(Bug #1060)
- - [Minor] cachemgr config dumps mixed up Range and Request-Range
+ - [Minor] cachemgr config dumps mixed up Range and Request-Range
headers in http_header_access & replace directives. (Bug #1056)
- [Minor] Content-Disposition added as a well known header (Bug #961)
- [Cosmetic] Don't warn about arp acls not being supported on FreeBSD
will not handle sessions, but will always enforce password
correctness.. (patch submitted by Sean Burford).
- Issue with persistent connections and PUT/POST request corrected
-
+
Changes to squid-2.5.STABLE1 (September 25, 2002):
- Major rewrite of proxy authentication to support other schemes
- Added "forward.log" support, but its work in progress.
- Rewrote much of the IP and FQDN cache implementation.
This change gets rid of pending hits.
- - Changed peerWouldBePinged() to return false if our
+ - Changed peerWouldBePinged() to return false if our
ICP/HTCP port is zero (i.e. disabled).
- Changed src/net_db.c to use src/logfile.c routines,
rather than stdio, because of solaris stdio filedescriptor
a bit more sane with substantially less overhead. Some
tuning work still remains to make it perform optimal.
See the start of store_asyncufs.h for all the knobs.
- - Fixed storage FS modules to use individual swap space
+ - Fixed storage FS modules to use individual swap space
high/low values rather than the global ones.
- Fixed storage FS bugs with calling file_map_bit_reset()
before checking the bit value. Calling with an invalid
- Added --heap-replacement configure option. This enables
the alternative cache replacement policies, such as
GDSF, and LFUDA.
- - WCCP establishes and registers with the router faster.
+ - WCCP establishes and registers with the router faster.
- Added 'maxconn' acl type to limit the number of established
connections from a single client IP address. Submitted
by Vadim Kolontsov.
- Fixed a bug with "no_cache" access list. If not defined,
everything was uncachable by default.
- Fixed a bug with timed-out client-side HTTP connections.
- We didn't cancel the read handler, which could lead to
+ We didn't cancel the read handler, which could lead to
"rwstate != NULL" warnings.
- Changed comm_open() to only call fdAdjustReserved() for
specific errors (ENFILE, EMFILE);
- Removed view-based access crontrol
- Cleaned up and simplified SNMP section of squid.conf
- Changed the SNMP code to use a tree stucture.
- - Added objects to MIB:
+ - Added objects to MIB:
Request Hit Ratio's
Byte Hit Ratio's
Number of Clients
Nordstrom).
- Rewrote peer digest module to fix memory leaks on reconfigure
and clean the code. Increased "current" digest version to 5
- ("required" version is still 3). Revised "Peer Select" cache
+ ("required" version is still 3). Revised "Peer Select" cache
manager stats.
- Added "-k parse" command line option: parses the config file
but does not send a signal unlike other -k options.
question (used to be all set to 1 second worth
of traffic). Pools are restored to this level
on reconfiguratoin.
- - Changed storeClientCopy to give a swap-in failure if
+ - Changed storeClientCopy to give a swap-in failure if
the number of open disk FD's is above the 'max_open_disk_fds'
limit. Otherwise, a very loaded cache will end up with
all disk files open for reading, and none for writing.
- Added proxy-authentication to cachemgr.cgi's requests
(Henrik Nordstrom).
- Changed Squid to *truncate* rather than *unlink* purged
- swap files. Can be reversed by undefining
+ swap files. Can be reversed by undefining
USE_TRUNCATE_NOT_UNLINK in src/defines.h.
- Changed internal icon headers to use Cache-control
Max-age instead of Expires.
- Fixed logging of hierarchy codes for SSL requests (Henrik
Nordstrom).
- Added some descriptions to mib.txt.
- - Fixed a bug with non-hierarchical requests (e.g. POST)
+ - Fixed a bug with non-hierarchical requests (e.g. POST)
and cache digests. We used to look up non-hierarchical
requests in peer digests. A false hit may cause Squid
to forward a request to a sibling. In combination with
'Cache-control: only-if-cached, this generates 504 Gateway
Timeout responses and the request may not be re-forwardable.
- - Fixed a filedescriptor leak for some aborted requests.
+ - Fixed a filedescriptor leak for some aborted requests.
Changes to Squid-2.1 (November 16, 1998):
failures (e.g. miss_access rules).
- Changed signal handlers with ASYNC_IO and Linux so that
-k command line options work (Miquel van Smoorenburg).
- - Rewrote shutdown code to use events instead of setting
+ - Rewrote shutdown code to use events instead of setting
FD timeouts.
- Fixed cachemgr 'objects' (statObjects()) by adding a check
for READ_AHEAD_GAP, and calling storeCheckSwapout() in
Changes to squid-1.2.beta22 (June 1, 1998):
- - do not cut off "; parameter" from "digitized" Content-Type
+ - do not cut off "; parameter" from "digitized" Content-Type
http fields
- - Added X-Request-URI for persistent connection debugging
+ - Added X-Request-URI for persistent connection debugging
(Henrik Nordstrom)
- Added Polish error pages from Maciej Kozinski.
- Fixed hash_first/hash_next bugs with **Current pointer.
- Fixed some small memory leaks.
- Fixed single-bit-int flag checks (Henrik Nordstrom).
- Replaced "complex" (offset accounting) calls to snprintf with MemBuf
- - Do not send only-if-cached cc directive with requests
+ - Do not send only-if-cached cc directive with requests
for peer's digests.
- Added "automatic tuning" for incoming request rate, i.e.
how often to check HTTP and ICP sockets. See comm.c
- Fixed FTP directory parsing again.
- Made FTP directory listing "Generated" tagline like
the one for error pages.
- - Fixed an assertion coredump in statHistCopy from
+ - Fixed an assertion coredump in statHistCopy from
reconfiguring with different #peers in squid.conf
- Ignore leading whitespace on requests (and replies). RFC
2068 section 4.1, robustness (Henrik Nordstrom)
- Fixed ftpTraverseDirectory coredump for NULL ftpState->filepath
(Joe Ramey).
- Fixed daylight savings time bug (again).
- - A lot of Cache Digests additions, fixes, and tuning.
+ - A lot of Cache Digests additions, fixes, and tuning.
Cache Digests are still "very experimental".
- Fixed snprintf() bug. When len == 1, snprintf() would treat
the buffer as unknown size, emulating sprintf() behaviour.
. FdTable split into FdTable and ConnTable. FdTable simplified
. PeerTable and PeerStat merged and put into new cacheMesh
group
- . cacheClientTable added for client statistics and accounting
+ . cacheClientTable added for client statistics and accounting
(cacheMesh 2)
- . cacheSec and cacheAccounting groups removed
+ . cacheSec and cacheAccounting groups removed
. fixed acl bug when communities not defined
. snmp_acl now survives bad configuration
- SNMP MIB version check changed to non-rcs.
- Added memory pools for variable size objects (strings).
- There are three pools; for small, medium, and large objects.
+ There are three pools; for small, medium, and large objects.
- Extended String object to use memory pools. Most fixed size char
array fields will be replaced using string pools. Same for most
malloc()-ed buffers.
request is cancelled for fails on the client side.
- Filled in some squid.conf comments (never_direct,
always_direct).
- - Added RES_DNSRCH to dnsserver's _res.options when the
+ - Added RES_DNSRCH to dnsserver's _res.options when the
-D command line option is given.
- Fixed repeated Detected DEAD/REVIVED Sibling messages when
peer->tcp_up == 0 (Michael O'Reilly).
- Changed "-d" command line option to take debugging level
as argument. Debugging equal-to or less-than the argument
will be written to stderr.
- - Removed unused urlClean() function from url.c.
+ - Removed unused urlClean() function from url.c.
- Fixed a bug that allowed '?' parts of urls to be recorded in
store.log. Logged urls are now "clean".
- Cache Manager got new Web interface (cachemgr.cgi). New .cgi
the Host: header (Eric Stern).
- Year-2000 fixes (Arjan de Vet).
- Fixed looping for cache hits on HEAD requests.
- - Fixed parseHttpRequest() coredump for
+ - Fixed parseHttpRequest() coredump for
"GET http://foo HTTP/1.0\r\n\r\n\r\n"
Changes to squid-1.2.beta11 (Jan 6, 1998):
- Fixed ICP bug causing excessive TIMEOUTs with sibling
neighbors. We must call the ICP reply callback even for
sibling misses.
- - Fixed some dnsserver-related reconfigure bugs. Need to
+ - Fixed some dnsserver-related reconfigure bugs. Need to
use cbdataLock, etc in fqdncache.c. Also don't want to
use ipcacheQueueDrain() and fqdncacheQueueDrain().
- Fixed persistent connection bug. We were incorrectly
--enable-store-key=sha|md5
--enable-xmalloc-statistics
--enable-xmalloc-debug
- --enable-xmalloc-debug-count
- --async-io
+ --enable-xmalloc-debug-count
+ --async-io
- Fixed confusing with the use/meaning of ERR_CANNOT_FORWARD
by creating ERR_FORWARDING_DENIED and changing the
content of the ERR_CANNOT_FORWARD text.
- Simpler cacheobj implementation.
- persistent connection histogram
- SERVER-SIDE PERSISTENT CONNECTIONS:
- - Added pconn.c
+ - Added pconn.c
- Addec Cofig.Timeout.pconn; default 120 seconds
- Added httpState->flags
- Added flags arg to httpBuildRequestHeader()
- New configuration system. Everything is generated from
'cf.data.pre', including the main parser, setting defaults,
- outputting current values, and freeing memory.
+ outputting current values, and freeing memory.
This also involved moving some of the local data structures
(e.g. struct _acl *AclList in acl.c) to the Config
structure. (Max Okumoto)