From: robertc <> Date: Sun, 20 Apr 2003 09:35:38 +0000 (+0000) Subject: Summary: Add squid-3.0 release notes. X-Git-Tag: SQUID_3_0_PRE1~248 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f3f75132990eeb1b7067af577a490f4c4b50d265;p=thirdparty%2Fsquid.git Summary: Add squid-3.0 release notes. Keywords: Create a blank squid-3.0 release notes, ready for fleshing out. Change default created release notes to the 3.0 set. Fill out the release notes from the CVS logs (50000 lines of review later!) Still needs a final review and the remaining squid.conf changes copied/moved from the key changes section to the squid.conf section. --- diff --git a/Makefile.am b/Makefile.am index a589e2dfc5..ed2cf80282 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,6 +1,6 @@ ## Process this file with automake to produce Makefile.in # -# $Id: Makefile.am,v 1.20 2003/02/12 02:00:35 hno Exp $ +# $Id: Makefile.am,v 1.21 2003/04/20 03:35:39 robertc Exp $ # AUTOMAKE_OPTIONS = dist-bzip2 subdir-objects 1.5 @@ -24,7 +24,7 @@ dist-hook: @if [ -f $(top_srcdir)/RELEASENOTES.html ]; then \ cp -p $(top_srcdir)/RELEASENOTES.html $(distdir)/RELEASENOTES.html; \ else \ - cp $(top_srcdir)/doc/release-notes/release-2.5.html $(distdir)/RELEASENOTES.html; \ + cp $(top_srcdir)/doc/release-notes/release-3.0.html $(distdir)/RELEASENOTES.html; \ fi EXTRA_DIST = \ diff --git a/Makefile.in b/Makefile.in index a943e41858..de35dcc656 100644 --- a/Makefile.in +++ b/Makefile.in @@ -14,7 +14,7 @@ @SET_MAKE@ # -# $Id: Makefile.in,v 1.53 2003/03/11 22:13:12 robertc Exp $ +# $Id: Makefile.in,v 1.54 2003/04/20 03:35:39 robertc Exp $ # SHELL = @SHELL@ @@ -485,7 +485,7 @@ dist-hook: @if [ -f $(top_srcdir)/RELEASENOTES.html ]; then \ cp -p $(top_srcdir)/RELEASENOTES.html $(distdir)/RELEASENOTES.html; \ else \ - cp $(top_srcdir)/doc/release-notes/release-2.5.html $(distdir)/RELEASENOTES.html; \ + cp $(top_srcdir)/doc/release-notes/release-3.0.html $(distdir)/RELEASENOTES.html; \ fi install-pinger: diff --git a/doc/release-notes/Makefile b/doc/release-notes/Makefile index ca7b89d16f..3b9325b51f 100644 --- a/doc/release-notes/Makefile +++ b/doc/release-notes/Makefile @@ -1,4 +1,4 @@ -DOC = release-2.5 +DOC = release-3.0 all: $(DOC).html $(DOC).ps diff --git a/doc/release-notes/release-3.0.html b/doc/release-notes/release-3.0.html new file mode 100644 index 0000000000..d5652ca4f9 --- /dev/null +++ b/doc/release-notes/release-3.0.html @@ -0,0 +1,167 @@ + + + + + Squid 3.0 release notes + + +

Squid 3.0 release notes

+ +

Squid Developers

$Id: release-3.0.html,v 1.1 2003/04/20 03:35:38 robertc Exp $ +
+This document contains the release notes for version 3.0 of Squid. +Squid is a WWW Cache application developed by the National Laboratory +for Applied Network Research and members of the Web Caching community. +
+

1. Key changes from squid 2.5:

+ +

+

+

+ +

2. Changes to squid.conf

+ +

+

+
read_ahead_gap

Config directive by Jeffrey D. Wheelhouse. Allows the read-ahead gap to be configured from squid.conf (previously hardcoded at 16 KB)

+
request_entities

New squid.conf directive "request_entities on/off".If set to "on" then Squid will allow GET/HEAD requests with request entities, even if such entites are "undefined" in the HTTP specification. (Henrik Nordstrom)

+
cache_peer

New options for reverse proxy setups +

+

+
https_port

New option : dhparams=/path/to/file.pem https_port option to specify DH parameters for forward-secrecy in encryption (practically denies decryption even if the private key is known from what I understand). (Henrik Nordstrom)

+
header_replace

This is now dependent on --disable-http-violations (Henrik Nordstrom)

+
email_err_data

Allow disabling the data now embedded in the mailto links on Squid's ERR pages.

+
refresh_pattern

Make the default refresh_pattern merely a suggested default. This is consistent with older Squid versions due to a bug in the "DEFAULT-IF-NONE" processing of refresh_pattern. (Henrik)

+
+

+ +

3. Known limitations

+ +

+

+

+ + + diff --git a/doc/release-notes/release-3.0.sgml b/doc/release-notes/release-3.0.sgml new file mode 100644 index 0000000000..325650715a --- /dev/null +++ b/doc/release-notes/release-3.0.sgml @@ -0,0 +1,137 @@ + +
+Squid 3.0 release notes +Squid Developers +$Id: release-3.0.sgml,v 1.1 2003/04/20 03:35:38 robertc Exp $ + + +This document contains the release notes for version 3.0 of Squid. +Squid is a WWW Cache application developed by the National Laboratory +for Applied Network Research and members of the Web Caching community. + + + +Key changes from squid 2.5: +

+ + Clean up the squid code to consistenly use [u_]int<len>_t throughout, rather than some [u_]num<len> and some [u_]<len>_t instances. (Robert Collins). + Escapes Basic auth login and password information when sent to the helpers, to allow for spaces and other odd characters (Henrik Nordstrom). + New option ftp_sanitycheck (Henrik Nordstrom). + Gopher improvements (Henrik Nordstrom). + CARP enabled by default (Henrik Nordstrom). + Documented no_cache change (not new, but rather important) (Henrik) + Make http_port optional, allowing for SSL-only operation. Squid will refuse to start unless at least one port is defined. (Henrik). + Ability to read the configuration file from an external program pipe (Henrik). + Major cleanup or CARP. Now plays well with the other peering algorithms as just another non-ICP peering method. (Henrik) + Spelling corrections by Reuben Farrelly. + SASL auth helper by Ian Castle. + SNMP leak fix (Henrik). + Object reference counting supported to ease some programming tasks (Robert Collins). + EXEEXT cleanups, to hopefully allow pinger to install cleanly on cygwin etc.. (Henrik) + epoll support (David Nicklay) + Deferred reads removed from comms layer, implemented a layer above, allowing more efficent comms layers (such as epoll). (Robert Collins). + ACL Source code extracted into multiple separate classes, allowing great flexability in future development, and also for custom squid builds today. (Robert Collins) + Delay classes heavily refactored to allow easier extension and reuse. (Robert Collins). + Class 4 delay pools - user specific buckets. (Robert Collins). + Convert core squid source to C++ (Robert Collins). + clientStreams, rationalising the client side logic to allow plugin output streams, and providing a simple interface to the store. See the programmers guide for details. (Robert Collins). + Andres Kroonmaa's chunked memory pool allocator included. (Squid 2.5 ?) + Comms layer refactored to increase efficiency (Adrian Chadd). + Range processing moved from client side to both client and server (Robert Collins). + autoconf 2.5 support (Robert Collins). + Added support for sys/bitypes.h, apparently needed for some of the bittypes on tru64 and possibly others. (Henrik Nordstrom) + Edge Side Include implementation (www.esi.org). (Robert Collins). + Reduce the depth of recursion in make, improving make -j performance. (Robert Collins) + Hi-resolution CPU profiling from Andres Kroonma, for single-threaded use only. + kqueue support (Adrian Chadd). + Cleanup of the relation between accelerated request and transparently intercepted request. The two are now handled separately from each other. +This fixes two issues:Transparently intercepted requests is no longer under the restrictions of accelerated requests in peering relations etc.. +No risk of confusion in authentication. Authentication is now allowed for accelerated requests but not transparently intercepted requests. + (Henrik Nordstrom) + --enable-auth-on-accel configure option to enable authentication in accelerator setups (Henrik Nordstrom) + Cleaned up module/helper configure checks to use the same logics everywhere. (Henrik Nordstrom) + Added a small trap detecting incorrect --with-aufs-threads arguments (Henrik Nordstrom) + Change --disable-hostname-checks to --enable-hostname-checks, default to not verify hostname sanity. (Henrik Nordstrom) + also removed the dot magics. These are more evil than helpful and breaks semantic transparency in certain configurations. (Henrik Nordstrom) + added reporting of "Process Data Segment Size via sbrk()" when sbrk() call exists. According to the sbrk() man page, calling sbrk(0) returns the end of the data segment. By storing the data segment offset when Squid starts, we can report the size of the data segment at any time. This might be a better metric than getrusage()'s MAX RSS, which, in my experience, is often less than the process size reported by 'ps' (presumably because some of the processes memory is swapped to disk). However, initial tests show that the sbrk() trick reports a value slightly smaller than reported by 'ps'. (Duane Wessels) + failure_ratio is a ratio, not a percentage. Removed %% from printf. (Duane Wessels) + Start using inline C and C++ code via .cci source files. This defaults to inlined, with a configure option to disable for troubleshooting or development. (Robert Collins). + Unify much of the IO logic, shrinking the code base for diskd/aufs/ufs. (Robert Collins). + Introduce 'make check' support to provide an automated test suite for squid. (Robert Collins). + Fix --disable-... options to default to be enabled.. (CARP, WCCP, IDENT, ..) (Henrik Nordstrom) + pthreads detection and compilation bugfixes. (Henrik Nordstrom, Robert Collins) + Better MacOSX support (Robert Collins, Adrian Chadd, Henrik Nordstrom) + --with-filedescriptors=XX configure option (Francesco Chemolli) + Killed the remains of ALARM_UPDATES_TIME (--enable-time-hack) (Henrik Nordstrom) + Not all systems support the 'obsolete' getpass() function (Henrik Nordstrom) + UNIX domain IPC sockets support - Centralised the IPC type selection to defines.h by the defines IPC_STREAM and IPC_DGRAM. (Henrik Nordstrom) + Removed potentially dangerous debugging options. Developers know how to edit configure.in or set defines. configure --help lineups. (Henrik Nordstrom) + --enable-large-files to enable support for large files (>2GB) on 32-bit GNU libc systems. (Henrik Nordstrom) + Astyle is the code formatter of choice for squid-3 C++ code. See http://www.squid-cache.org/~robertc/squid-3-style.txt for the squid 3 style conventions. + WIN32 port update by Guido - Fix the problems on Windows related to open file renaming and text/binary file issues. + LDAP basic auth helper improvements (Henrik, David Begley, Christoph Lechleitner, Juerg Michel) + Digest auth helper improvements (Robert Collins, Sean Burford) + Digest authentication scheme bugfixs & improvements (Robert Collins) + Merge of http(s)_port and accelerator directive updates from rproxyThe httpd_accel_* directives is now gone, replaced by http(s)_port options + The http(s)_port options has a list of new options for controlling the type and mode of port created with respect totransparent proxying + plain acceleration + host header based acceleration + normal proxying (default) + + To enforce a reasonable level of security in accelerators, accelerated requests are denied to go direct unless forced by always_direct. + (Henrik Nordstrom) + Cache manager auth helper output tidyup (Duane Wessels). + Native Windows port enhancements:Another fix for profiling support + Added correct timezone handling + Fixed rotate problem + Added native Windows support to client.cc + This patch add the native Windows support for profiling and fix some C++/C include files problems. + Support for Windows .NET (5.2). + Added native Windows and Cygwin support to pinger.cc + Introduced the use of IPPROTO_TCP and IPPROTO_UDP defines instead of '0' on comm_open, needed by Winsocket. See this old squid-dev thread about http://www.squid-cache.org/mail-archive/squid-dev/200108/0162.html. + Added native Windows support to cachemgr.cc + Added native Windows support to dnsserver.cc + On Windows, fork() is not available, so we need to use a workaround in store_dir.cc for create store directories sequentially + By Guido Serassio. + SSL support updateSupport for outgoing SSL connections + SSL encrypted peers + https:// gatewaying for clients not supporting SSL or URLs rewritten via a redirector to https://... + Client certificate support + Hardware crypto SSL acceleration support via OpenSSL engine + SSL key/certificate now read while parsing squid.conf to support secure key protection and chroot. + A few minor bugfixes/optimizations + (Henrik Nordstrom) + --enable-default-hostsfile configure option by Guido Serassio. Tells the default /etc/hosts file location + Fix "access_log none" (and "forward_log none") (Arkadi E. Shishlov). + New squid.conf directive to disable hostname verifications. It isn't really our business to enforce what characters is used in hostnames. (Henrik Nordstrom). + ftp_sanitycheck option (default on) to make Squid sanity check the FTP data connection.Ignore "BAD" PASV replies, asking Squid to connect to another server than requested. + Ignore PORT and default connections coming from another address than expected. + (Henrik Nordstrom) + Peering enhancement options for satellite or other high latency links by Robert Cohen. + Cleanup of authentication forwarding, and added gatewaying proxy->reverseproxy when the same Squid is acting as both proxy and reverseproxy with authentication. (Henrik Nordstrom) + The mailto links on Squid's ERR pages now contain data about the cccurred error by default, so that the email will contain this data in its body. This feature can be disabled via the email_err_data directive. (Clemens Löser) + Disable pipeline_prefetch in HEAD as it is known to be broken due to the store_client_copy() api change (Henrik) + + +Changes to squid.conf +

+read_ahead_gapConfig directive by Jeffrey D. Wheelhouse. Allows the read-ahead gap to be configured from squid.conf (previously hardcoded at 16 KB) +request_entitiesNew squid.conf directive "request_entities on/off".If set to "on" then Squid will allow GET/HEAD requests with request entities, even if such entites are "undefined" in the HTTP specification. (Henrik Nordstrom) +cache_peerNew options for reverse proxy setupsoriginserver +name=XXX +forceddomain=XXX + +https_portNew option : dhparams=/path/to/file.pem https_port option to specify DH parameters for forward-secrecy in encryption (practically denies decryption even if the private key is known from what I understand). (Henrik Nordstrom) +header_replaceThis is now dependent on --disable-http-violations (Henrik Nordstrom) +email_err_dataAllow disabling the data now embedded in the mailto links on Squid's ERR pages. +refresh_patternMake the default refresh_pattern merely a suggested default. This is consistent with older Squid versions due to a bug in the "DEFAULT-IF-NONE" processing of refresh_pattern. (Henrik) + + +Known limitations +

+ + SSL Acceleration Support - CRL's are not currently supported. The design has been completed, but time to implement is missing - contact squid-dev@squid-cache.org for more details. + + +

+