From: Francesco Chemolli <5175948+kinkie@users.noreply.github.com> Date: Wed, 9 Jul 2025 16:01:14 +0000 (+0000) Subject: Bug 5303: document regexp dialect (#2110) X-Git-Tag: SQUID_7_1~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7b4e08da3f8db41b2e46c04ca528c536776bb6f2;p=thirdparty%2Fsquid.git Bug 5303: document regexp dialect (#2110) Squid currently uses the GNU API providing regex_t and regcomp() with POSIX.2 implementation expected. Squid specifically uses/requires the REG_EXTENDED pattern matching - which is commonly referred to as "POSIX extended regex". --- diff --git a/src/cf.data.pre b/src/cf.data.pre index 7e20f96c03..d2d7202322 100644 --- a/src/cf.data.pre +++ b/src/cf.data.pre @@ -1217,9 +1217,9 @@ ENDIF acl aclname dstdomain [-n] .foo.com ... # Destination server from URL [fast] acl aclname srcdom_regex [-i] \.foo\.com ... - # regex matching client name [slow] + # POSIX extended regex matching client name [slow] acl aclname dstdom_regex [-n] [-i] \.foo\.com ... - # regex matching server [fast] + # POSIX extended regex matching server [fast] # # For dstdomain and dstdom_regex a reverse lookup is tried if a IP # based URL is used and no match is found. The name "none" is used @@ -1255,11 +1255,11 @@ ENDIF # h1:m1 must be less than h2:m2 acl aclname url_regex [-i] ^http:// ... - # regex matching on whole URL [fast] + # POSIX extended regex matching on whole URL [fast] acl aclname urllogin [-i] [^a-zA-Z0-9] ... - # regex matching on URL login field + # POSIX extended regex matching on URL login field acl aclname urlpath_regex [-i] \.gif$ ... - # regex matching on URL path [fast] + # POSIX extended regex matching on URL path [fast] acl aclname port 80 70 21 0-1024 ... # destination TCP port (or port range) of the request [fast] @@ -1279,11 +1279,12 @@ ENDIF acl aclname http_status 200 301 500- 400-403 ... # status code in reply [fast] - acl aclname browser [-i] regexp ... - # pattern match on User-Agent header (see also req_header below) [fast] + acl aclname browser [-i] regex ... + # POSIX extended regex match on User-Agent header + # (see also req_header below) [fast] - acl aclname referer_regex [-i] regexp ... - # pattern match on Referer header [fast] + acl aclname referer_regex [-i] regex ... + # POSIX extended regex match on Referer header [fast] # Referer is highly unreliable, so use with care acl aclname proxy_auth [-i] username ... @@ -1297,8 +1298,8 @@ ENDIF # their parameter syntax and username matching algorithm. acl aclname proxy_auth_regex [-i] username_pattern ... - # perform http authentication challenge to the client and regex match - # supplied username [slow] + # perform http authentication challenge to the client and + # POSIX extended regex match on supplied username [slow] # # Will use proxy authentication in forward-proxy scenarios, and plain # http authentication in reverse-proxy scenarios @@ -1346,19 +1347,19 @@ ENDIF # or ratio of matches:non-matches (3:5). acl aclname req_mime_type [-i] mime-type ... - # regex match against the mime type of the request generated + # POSIX extended regex match against the mime type of the request generated # by the client. Can be used to detect file upload or some # types HTTP tunneling requests [fast] # NOTE: This does NOT match the reply. You cannot use this # to match the returned file type. acl aclname req_header header-name [-i] any\.regex\.here - # regex match against any of the known request headers. May be + # POSIX extended regex match against any of the known request headers. May be # thought of as a superset of "browser", "referer" and "mime-type" # ACL [fast] acl aclname rep_mime_type [-i] mime-type ... - # regex match against the mime type of the reply received by + # POSIX extended regex match against the mime type of the reply received by # squid. Can be used to detect file download or some # types HTTP tunneling requests. [fast] # NOTE: This has no effect in http_access rules. It only has @@ -1366,7 +1367,7 @@ ENDIF # http_reply_access. acl aclname rep_header header-name [-i] any\.regex\.here - # regex match against any of the known reply headers. May be + # POSIX extended regex match against any of the known reply headers. May be # thought of as a superset of "browser", "referer" and "mime-type" # ACLs [fast] @@ -1390,7 +1391,7 @@ ENDIF # syntax and username matching algorithm. acl aclname ext_user_regex [-i] username_pattern ... - # regex match on username returned by external acl helper [slow] + # POSIX extended regex match on username returned by external acl helper [slow] acl aclname tag tagvalue ... # string match on tag returned by external acl helper [fast] @@ -1641,7 +1642,7 @@ IF USE_OPENSSL # connection, this target is the destination IP address). acl aclname ssl::server_name_regex [-i] \.foo\.com ... - # regex matches server name obtained from various sources [fast] + # POSIX extended regex matches server name obtained from various sources [fast] # # See ssl::server_name for details, including IPv6 address formatting # caveats. Use case-insensitive matching (i.e. -i option) to reduce