From: Amos Jeffries <squid3@treenet.co.nz>
Date: Tue, 24 Aug 2010 00:41:20 +0000 (+1200)
Subject: Prep for 3.1.7
X-Git-Tag: SQUID_3_1_7~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4d06bba302ca75a7f8c333a36f7fe1663904655d;p=thirdparty%2Fsquid.git

Prep for 3.1.7
---

diff --git a/ChangeLog b/ChangeLog
index 07b6421b55..af31bcb6ac 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,20 @@
+Changes to squid-3.1.7 (23 Aug 2010):
+
+	- Regression Bug 3021: Large DNS reply causes crash
+	- Regression Bug 3011: ICAP, HTTPS, cache_peer probe IPv4-only port fixes
+	- Regression Bug 2997: visible_hostname directive no longer matches docs
+	- Bug 3012: deprecate sslBump and support ssl-bump spelling in http_port
+	- Bug 3006: handle IPV6_V6ONLY definition missing
+	- Bug 3004: Solaris 9 SunStudio 12 build failure
+	- Bug 3003: inconsistent concepts in documentation of cache_dir
+	- Bug 3001: dnsserver link issues
+	- HTTP/1.1: default keep-alive for 1.1 clients (bug 3016)
+	- HTTP/1.1: Improved Range header field validation
+	- HTTP/1.1: Forward multiple unknown Cache-Control directives
+	- HTTP/1.1: Stop sending Proxy-Connection header
+	- Fix 32-bit wrap in refresh_pattern min/max values
+	- ... and several documentation corrections.
+
 Changes to squid-3.1.6 (02 Aug 2010):
 
 	- Bug 2994, 2995: IPv4-only regressions
diff --git a/doc/release-notes/release-3.1.html b/doc/release-notes/release-3.1.html
index 2b6feeeb3c..6a283bff07 100644
--- a/doc/release-notes/release-3.1.html
+++ b/doc/release-notes/release-3.1.html
@@ -1,11 +1,11 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
 <HTML>
 <HEAD>
- <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.65">
- <TITLE>Squid 3.1.6 release notes</TITLE>
+ <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.66">
+ <TITLE>Squid 3.1.7 release notes</TITLE>
 </HEAD>
 <BODY>
-<H1>Squid 3.1.6 release notes</H1>
+<H1>Squid 3.1.7 release notes</H1>
 
 <H2>Squid Developers</H2>
 <HR>
@@ -70,7 +70,7 @@ for Applied Network Research and members of the Web Caching community.</EM>
 <HR>
 <H2><A NAME="s1">1.</A> <A HREF="#toc1">Notice</A></H2>
 
-<P>The Squid Team are pleased to announce the release of Squid-3.1.6</P>
+<P>The Squid Team are pleased to announce the release of Squid-3.1.7</P>
 <P>This new release is available for download from 
 <A HREF="http://www.squid-cache.org/Versions/v3/3.1/">http://www.squid-cache.org/Versions/v3/3.1/</A> or the 
 <A HREF="http://www.squid-cache.org/Mirrors/http-mirrors.html">mirrors</A>.</P>
@@ -241,7 +241,7 @@ with Squid. From 3.1.6 the automatic capability detection will enable these abil
 <LI>permit IPv6 server connection provided tcp_outgoing_address has been configured (see below).</LI>
 </UL>
 </P>
-<P><EM>NOTE:</EM> SNMP, ICP and HTCP are not yet opening double ports so they will only run as IPv4-only or IPv6-only.</P>
+<P><EM>NOTE:</EM> ICAP, SNMP, ICP and HTCP are not yet opening double ports so they will only run as IPv4-only or IPv6-only.</P>
 
 <P>Specify a specific tcp_outgoing_address and the clients who match its ACL are limited
 to the IPv4 or IPv6 network that address belongs to. They are not permitted over the
@@ -1033,8 +1033,8 @@ Default: ON
 
 <DT><B>ssl_bump</B><DD>
 <P>New Access control for which CONNECT requests to an http_port
-marked with an sslBump flag are actually "bumped". Please
-see the sslBump flag of an http_port option for more details
+marked with an ssl-bump flag are actually "bumped". Please
+see the ssl-bump flag of an http_port option for more details
 about decoding proxied SSL connections.
 DEFAULT: No requests are bumped.
 <PRE>
@@ -1288,7 +1288,7 @@ format, so all helpers will need to be checked and converted to cope with such i
 </PRE>
 </P>
 
-<DT><B>http_port transparent intercept sslbump connection-auth[=on|off] ignore-cc</B><DD>
+<DT><B>http_port transparent intercept ssl-bump connection-auth[=on|off] ignore-cc</B><DD>
 <P>Option 'transparent' is being deprecated in favour of 'intercept' which more clearly identifies what the option does.
 For now option 'tproxy' remains with old behaviour meaning fully-invisible proxy using TPROXY support.</P>
 <P>New port options
@@ -1315,7 +1315,7 @@ For now option 'tproxy' remains with old behaviour meaning fully-invisible proxy
                         Warning: This option violates HTTP specifications if
                         used in non-accelerator setups.
 
-           sslBump      Intercept each CONNECT request matching ssl_bump ACL,
+           ssl-bump     Intercept each CONNECT request matching ssl_bump ACL,
                         establish secure connection with the client and with
                         the server, decrypt HTTP messages as they pass through
                         Squid, and treat them as unencrypted HTTP messages,
@@ -1329,12 +1329,12 @@ For now option 'tproxy' remains with old behaviour meaning fully-invisible proxy
                         for more information on these options.
 
                         The ssl_bump option is required to fully enable
-                        the SslBump feature.
+                        the SSL Bump feature.
         
 </PRE>
 </P>
 
-<DT><B>https_port intercept sslbump connection-auth[=on|off]</B><DD>
+<DT><B>https_port intercept ssl-bump connection-auth[=on|off]</B><DD>
 <P>New port options. see http_port.</P>
 
 <DT><B>icap_service bypass=on|off|1|0 routing=on|off|1|0</B><DD>
@@ -1361,7 +1361,7 @@ For now option 'tproxy' remains with old behaviour meaning fully-invisible proxy
                 should have the same method and vectoring point as the current
                 ICAP transaction.  Services violating these rules are ignored.
                 An empty X-Next-Services value results in an empty plan which
-                ends the current adaptation. 
+                ends the current adaptation.
 
                 Routing is not allowed by default: the ICAP X-Next-Services
                 response header is ignored.
diff --git a/doc/release-notes/release-3.1.sgml b/doc/release-notes/release-3.1.sgml
index 00385ee633..4a5e27a0da 100644
--- a/doc/release-notes/release-3.1.sgml
+++ b/doc/release-notes/release-3.1.sgml
@@ -1,6 +1,6 @@
 <!doctype linuxdoc system>
 <article>
-<title>Squid 3.1.6 release notes</title>
+<title>Squid 3.1.7 release notes</title>
 <author>Squid Developers</author>
 
 <abstract>
@@ -13,7 +13,7 @@ for Applied Network Research and members of the Web Caching community.
 
 <sect>Notice
 <p>
-The Squid Team are pleased to announce the release of Squid-3.1.6
+The Squid Team are pleased to announce the release of Squid-3.1.7
 
 This new release is available for download from <url url="http://www.squid-cache.org/Versions/v3/3.1/"> or the <url url="http://www.squid-cache.org/Mirrors/http-mirrors.html" name="mirrors">.
 
@@ -171,7 +171,7 @@ config options provided on a clean install.
     <item>permit IPv6-only snmp_incoming_address and snmp_outgoing_address to be configured.
     <item>permit IPv6 server connection provided tcp_outgoing_address has been configured (see below).
 </itemize>
-<p><em>NOTE:</em> SNMP, ICP and HTCP are not yet opening double ports so they will only run as IPv4-only or IPv6-only.
+<p><em>NOTE:</em> ICAP, SNMP, ICP and HTCP are not yet opening double ports so they will only run as IPv4-only or IPv6-only.
 
 <p>Specify a specific tcp_outgoing_address and the clients who match its ACL are limited
  to the IPv4 or IPv6 network that address belongs to. They are not permitted over the
@@ -880,8 +880,8 @@ logformat icap_squid %ts.%03tu %6icap::tr %>a %icap::to/%03icap::Hs %icap::<size
 
 	<tag>ssl_bump</tag>
 	<p>New Access control for which CONNECT requests to an http_port
-	marked with an sslBump flag are actually "bumped". Please
-	see the sslBump flag of an http_port option for more details
+	marked with an ssl-bump flag are actually "bumped". Please
+	see the ssl-bump flag of an http_port option for more details
 	about decoding proxied SSL connections.
 	DEFAULT: No requests are bumped.
 	<verb>
@@ -1111,7 +1111,7 @@ NOCOMMENT_START
 	X-Forwarded-For entries, and place itself as the sole entry.
 	</verb>
 
-	<tag>http_port transparent intercept sslbump connection-auth[=on|off] ignore-cc</tag>
+	<tag>http_port transparent intercept ssl-bump connection-auth[=on|off] ignore-cc</tag>
 	<p>Option 'transparent' is being deprecated in favour of 'intercept' which more clearly identifies what the option does.
 	For now option 'tproxy' remains with old behaviour meaning fully-invisible proxy using TPROXY support.</p>
 	<p>New port options
@@ -1138,7 +1138,7 @@ NOCOMMENT_START
 	                Warning: This option violates HTTP specifications if
 	                used in non-accelerator setups.
 
-	   sslBump      Intercept each CONNECT request matching ssl_bump ACL,
+	   ssl-bump     Intercept each CONNECT request matching ssl_bump ACL,
 	                establish secure connection with the client and with
 	                the server, decrypt HTTP messages as they pass through
 	                Squid, and treat them as unencrypted HTTP messages,
@@ -1152,10 +1152,10 @@ NOCOMMENT_START
 	                for more information on these options.
 
 	                The ssl_bump option is required to fully enable
-	                the SslBump feature.
+	                the SSL Bump feature.
         </verb>
 
-	<tag>https_port intercept sslbump connection-auth[=on|off]</tag>
+	<tag>https_port intercept ssl-bump connection-auth[=on|off]</tag>
 	<p>New port options. see http_port.
 
 	<tag>icap_service bypass=on|off|1|0 routing=on|off|1|0 ipv6=on|off</tag>
@@ -1182,7 +1182,7 @@ NOCOMMENT_START
 		should have the same method and vectoring point as the current
 		ICAP transaction.  Services violating these rules are ignored.
 		An empty X-Next-Services value results in an empty plan which
-		ends the current adaptation. 
+		ends the current adaptation.
 
 		Routing is not allowed by default: the ICAP X-Next-Services
 		response header is ignored.