Amos Jeffries [Thu, 19 Feb 2009 02:08:56 +0000 (15:08 +1300)]
Author: Henrik Nordstrom <henrik@henriknordstrom.net>
external_acl_type %<{ and %USER_CERT_ / %CA_CERT_ parsing brokenness
The parsing of external_acl_type formats was sligtly broken, destroying
%<{ (request header) if SSL was enabled and never able to parse %USER_CERT_
or %CA_CERT_..
Also clarified request/reply header syntax slightly
Amos Jeffries [Sun, 8 Feb 2009 09:34:00 +0000 (22:34 +1300)]
Author: Francesco Chemolli + Amos Jeffries
Pconn not being used when they should.
A slight misalignment between the keys generated for push and pop of
connections to the waiting pool caused new connections never to match
any of the existing connections.
This patch makes several alterations to achieve a fix:
- reduces the FwdState push logics down into a simple selection in
pconnPush function which previously was a dumb wrapper.
- adds a dump of current hash keys to the cacheManager pconn report
- adds much better debugging to the pconn process at level 48,3 and 48,6
- adds some additional documentation of code to the related call tree
Pconn API after this patch :
The Pconn KEY takes several parameters (host, port, domain, client-ip).
For HTTP requests this is normally generated from the request data of
same name with domain being optional since it may be identical to host.
However for peer-sourced requests this alters slightly and the host:port
fields become the peer NAME and HTTP-PORT.
This means the pconn key in abstract becomes a key to the TCP remote-end of
the link with an optional anchor on the domain being requested.
Amos Jeffries [Sun, 18 Jan 2009 03:30:40 +0000 (16:30 +1300)]
Import 3.1 TestBed scripts.
I'm sick of fiddling with the old manual testing permutations.
3.1 testbed is now stable enough to port.
This adds the basic build test structure and layers which 3.0 is currently
known to pass. Some 'make check' errors prevent further layers being added
at this time. That is expected to change.
Amos Jeffries [Sat, 17 Jan 2009 03:04:27 +0000 (16:04 +1300)]
Bug 2556: HTCP fails without icp_port
Removes requirement for ICP port to be open for peer UDP queries to take
place.
TODO: Some work still needs to be done to separate the timeout from
icp_timeout and break ICP specific query logics out into icp code files.
But that is just cleanup for later.
Amos Jeffries [Fri, 26 Dec 2008 21:47:16 +0000 (10:47 +1300)]
Author: Christos Tsantilas <chtsanti@users.sourceforge.net>
Bug 2542: squid fails to resume dowload (and breaks content) when any ICAP filter is attached
In the case the icap client is enabled, the
ServerStateData::handleMoreAdaptedBodyAvailable called to handle the incoming
data from the ICAP server. Inside this function a StoreIOBuffer created to pass
the data to the related StoreEntry.
The bug is that the offset passed to the StoreIOBuffer did not count the 206
response offsets.
This patch uses the ServerStateData::currentOffset to compute the correct
offset (which also used in the case the icap client is not enabled).
Amos Jeffries [Mon, 1 Dec 2008 10:39:25 +0000 (23:39 +1300)]
Bug 2526: default ALLOW when no list specified.
The expected behavior of ACL checking should cause an implicit default
deny state to be reached unless a terminating denial causes a state to
flip to allow.
A small logic flaw means that completely explicitly absent access control
list was flipped to ALLOW state.
It is believed that most security controls which have explicitly coded
defaults in ther configuration are not impacted by the bug or its fix.
Only empty delay pools and ICAP re*mods are expected to have any change
in behavior as a result.
Amos Jeffries [Mon, 1 Dec 2008 05:30:29 +0000 (18:30 +1300)]
Rollback rev 8909
This change to StoreIO overlooked the signedness of the StoreIO* length
parameter. It may have resulted in objects that should not have been
store making their way into the cache.
Caches created by 3.0.STABLE10 release are known to contain many invalid
entries when rolled back to STABLE9 release. Whether or not these entries
are fatal to Squid is still unknown. It is currently expected that they
will be erased properly, but cause a lot of cache.log warnings while that
is happening. It is left to admin to decide if its worth purging their
cache on upgrade.
Amos Jeffries [Sat, 11 Oct 2008 13:59:29 +0000 (02:59 +1300)]
Bug 2393: DNS requests getting stuck in idns queue
Port of Squid-2 fix by Henrik Nordstrom
There seems to be two problems here.
a) On TCP communication failure Squid starts to restransmit the TCP query as
fast as it can, with no bounds checking. Keeps doing that until there is a
response or Squid is restarted...
b) For some reason the retransmit queue seems to halt for you. I have not yet
reproduced this issue, but may be related to the first..
Author: Hasso Tepper <hasso@estpak.ee>
Bug 2465: Support for DragonFly BSD
Part 1, this covers all the known code changes.
Bootstrap auto-tools system still needs an update to discover the OS
properly. See Bug report for details.
This change makes the current and future releases of 3.0 fully compatible
with the langpack bundles now released by the Squid Developers.
Existing translation files currently distributed are tagged for removal
in some future release and should be replaced/updated by the langpack
contents.
This patch:
- merges back the current templates directory contents as if it was a
new language to replace English/* .
- makes those templates the default hard-coded language files
- makes those files always distribute and install
We had a vote on this some (several) months before 3.0 got branched, and
it was decided to drop COSS from the Squid-3.0 branch once branched.
Then the branching got delayed, and this task was forgotten when it
finally branched.
Until COSS gets significantly updated it's counter-productive to ship it
in STABLE releases. But the current code needs to be kept in trunk as
reference on how things got refactored for the day the current COSS code
gets forward ported to Squid-3.
Amos Jeffries [Mon, 11 Aug 2008 13:09:45 +0000 (01:09 +1200)]
Fix: cppunit tests broken by squid.h defines
In order to promote safe coding and the use of internal accounting API
Squid mangles certain common function definitions such as malloc/calloc.
While this is a great idea for Squid internal code. It's not good when
integrating external cppunit macro libraries. At least one of which in
use performs its own allocation during testing.
This adds an extra layer of protection to prevent redirection with certain
unit-tests where the macros needed clash with Squid.
projects / thirdparty / squid.git / log
