From: Amos Jeffries <squid3@treenet.co.nz>
Date: Mon, 23 Nov 2009 03:01:46 +0000 (+1300)
Subject: Prep 3.1.0.15
X-Git-Tag: SQUID_3_1_0_15~1
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=9b0cc7abbae479cf8c15a04236dd3e3ff7547558;p=thirdparty%2Fsquid.git

Prep 3.1.0.15
---

diff --git a/ChangeLog b/ChangeLog
index 20181c4a8f..463374c33d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,24 @@
+Changes to squid-3.1.0.15 (23 Nov 2009):
+
+	- Regression Fix: myip ACL not accepted in config
+	- Bug 2795: acl arp lookups including port
+	- Bug 2794: ESI parsing fails on FreeBSD
+	- Bug 2778: fix linking issues using SunCC
+	- Bug 2724: eCAP build failure unless ICAP enabled
+	- Bug 2628: Correct default PID location to PREFIX/var/run/squid.pid
+	- Bug 2617: Performance degradation during processing list of dstdomain ACL's
+	- Bug 2374: Support ICY / ICEcast / SHOUTcast streaming protocol.
+	- Fix: 64-bit filesize issue in squidclient POST of large files
+	- Fix: send correct Connection: header on intercepted replies
+	- Support libtool 2.x
+	- ESI libraries libexpat and libxml2 now optional
+	- ESI support default enabled
+	- Bump libcap minimum requirement to libcap 2.09+
+	- ARP / MAC support fixes for IPv6-mode
+	- Add outstanding IPv6 settings to squid.conf (localnet, localhost)
+	- ... and many additions to the background testing structure
+	- ... and very many minor build and code cleanups for non-GCC compilers.
+
 Changes to squid-3.1.0.14 (27 Sep 2009):
 
 	- Bug 2777: Various build issues on OpenSolaris
diff --git a/doc/release-notes/release-3.1.html b/doc/release-notes/release-3.1.html
index 65f20f2a3e..37b21f223a 100644
--- a/doc/release-notes/release-3.1.html
+++ b/doc/release-notes/release-3.1.html
@@ -1,11 +1,11 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
 <HTML>
 <HEAD>
- <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.65">
- <TITLE>Squid 3.1.0.13 release notes</TITLE>
+ <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.66">
+ <TITLE>Squid 3.1.0.15 release notes</TITLE>
 </HEAD>
 <BODY>
-<H1>Squid 3.1.0.13 release notes</H1>
+<H1>Squid 3.1.0.15 release notes</H1>
 
 <H2>Squid Developers</H2>
 <HR>
@@ -33,6 +33,7 @@ for Applied Network Research and members of the Web Caching community.</EM>
 <LI><A NAME="toc2.7">2.7</A> <A HREF="#ss2.7">SSL Bump (for HTTPS Filtering and Adaptation)</A>
 <LI><A NAME="toc2.8">2.8</A> <A HREF="#ss2.8">eCAP Adaptation Module support</A>
 <LI><A NAME="toc2.9">2.9</A> <A HREF="#ss2.9">ICAP Bypass and Retry enhancements</A>
+<LI><A NAME="toc2.10">2.10</A> <A HREF="#ss2.10">ICY streaming protocol support</A>
 </UL>
 <P>
 <H2><A NAME="toc3">3.</A> <A HREF="#s3">Windows support</A></H2>
@@ -81,7 +82,7 @@ for Applied Network Research and members of the Web Caching community.</EM>
 <HR>
 <H2><A NAME="s1">1.</A> <A HREF="#toc1">Notice</A></H2>
 
-<P>The Squid Team are pleased to announce the release of Squid-3.1.0.13 for testing.</P>
+<P>The Squid Team are pleased to announce the release of Squid-3.1.0.15 for testing.</P>
 <P>This new release is available for download from 
 <A HREF="http://www.squid-cache.org/Versions/v3/3.1/">http://www.squid-cache.org/Versions/v3/3.1/</A> or the 
 <A HREF="http://www.squid-cache.org/Mirrors/http-mirrors.html">mirrors</A>.</P>
@@ -117,6 +118,7 @@ While this release is not deemed ready for production use, we believe it is read
 <LI>SSL Bump (for HTTPS Filtering and Adaptation)</LI>
 <LI>eCAP Adaptation Module support</LI>
 <LI>ICAP Bypass and Retry enhancements</LI>
+<LI>ICY streaming protocol support</LI>
 </UL>
 </P>
 <P>Most user-facing changes are reflected in squid.conf (see below).</P>
@@ -218,14 +220,10 @@ software which hard coded the MIB paths needs to be upgraded for this Squid rele
 to the IPv4 or IPv6 network that address belongs to. They are not permitted over the
 IPv4-IPv6 boundary. Some ACL voodoo can however be applied to explicitly route the
 IPv6/IPv4 bound traffic (DIRECT access) out an appropriate interface.
-<PRE>
-    acl toIP6 dst ipv6
-    tcp_outgoing_address 2001::1 toIP6
-    tcp_outgoing_address 10.0.0.1 !toIP6
-</PRE>
-</P>
+See the squid.conf documentation for further details.</P>
 
-<P>WCCP is not available (neither version 1 or 2). It remains built into squid for use with IPv4 traffic but IPv6 cannot use it.</P>
+<P>WCCP is not available (neither version 1 or 2).
+It remains built into squid for use with IPv4 traffic but IPv6 cannot use it.</P>
 
 <P>Transparent Interception is done via NAT at the OS level and is not available in IPv6.
 Squid will ensure that any port set with transparent, intercept, or tproxy options be an IPv4-only
@@ -406,6 +404,26 @@ limit is exceeded, the master transaction fails. The default limit of 16
 should be large enough to not require an explicit configuration in most
 environments yet may be small enough to limit side-effects of loops.</P>
 
+<H2><A NAME="ss2.10">2.10</A> <A HREF="#toc2.10">ICY streaming protocol support</A>
+</H2>
+
+<P>Squid-3.1 adds native support for streaming protocol ICY.</P>
+
+<P>This protocol uses port 80 and violates RFC 2616 by using an HTTP/1.1 compliant request and non-HTTP reply
+to start the stream transaction. If the reply is handled according to HTTP/1.1 RFC-compliance requirements
+the audio stream becomes jerky and contains regular 'popping' sounds.</P>
+
+<P>Squid now processes the ICY replies natively according to the ICY requirements, not HTTP/1.1 requirements.
+The streamed data is not cacheable. All processing and access controls may be applied the same as for HTTP.</P>
+
+<H3>squid.conf change</H3>
+
+<P>Squid-2 contained a hack using the <EM>update_http0.9</EM> squid.conf option to work around the
+unusual replies. This option is now obsolete.</P>
+
+<P>The proto ACL type matches <EM>ICY</EM> once the reply has been received, before that the processing
+is only aware on an HTTP request. So the ACL will match <EM>HTTP</EM>.</P>
+
 
 <H2><A NAME="s3">3.</A> <A HREF="#toc3">Windows support</A></H2>
 
@@ -1276,7 +1294,8 @@ DEFAULT: None bypassed.
 <P>
 <DL>
 <DT><B>acl</B><DD>
-<P>New preset content <EM>ipv6</EM> available as a preset type in the src and dst ACL matching all of the public IPv6 network space.</P>
+<P>New preset <EM>ipv6</EM> available in the src and dst ACL matching all of the public IPv6 network space.</P>
+<P>New preset <EM>ipv4</EM> available in the src and dst ACL matching all of IPv4 network space.</P>
 <P>New acl type myportname, matching the name of the http_port or https_port where the request was accepted.</P>
 <P>New acl type tag, matching the tag= returned from the external_acl_type helper.</P>
 <P>New acl type peername, matching against a named cache_peer entry where the request will be attempted first.
@@ -1284,6 +1303,8 @@ NP: peername currently is limited to only match the first peer possible.
 <PRE>
         acl aclname dst ipv6                    # request for IPv6-enabled site
         acl aclname src ipv6                    # request from IPv6 address
+        acl aclname dst ipv4                    # request for IPv4 site
+        acl aclname src ipv4                    # request from IPv4 address
         acl aclname myportname 3128 ...         # http(s)_port name
         acl aclname peername myPeer ...         # cache_peer ... name=myPeer
         acl aclname tag value ...               # tag= option from external ACL
@@ -1725,6 +1746,13 @@ and build with IPv6 when possible.</P>
 <DT><B>--disable-loadable-modules</B><DD>
 <P>Build without support for loadable modules.</P>
 
+<DT><B>--disable-strict-error-checking</B><DD>
+<P>Build Squid without advanced compiler error checking.
+This only affects the building process, enabling it to complete despite some
+possibly serious issues.
+Please do not use lightly, and please report the build issues which make it needed
+to the squid developers before doing so.</P>
+
 <DT><B>--disable-translation</B><DD>
 <P>Prevent Squid generating localized error page templates and manuals.
 Which is usually tried, but may not be needed.</P>
@@ -1853,6 +1881,9 @@ Use --without-pthreads to disable, but only if you really have to.</P>
 <DT><B>redirector_bypass</B><DD>
 <P>Replaced by <EM>url_rewrite_bypass</EM></P>
 
+<DT><B>upgrade_http0.9</B><DD>
+<P>Obsolete. ICY protocol streaming support added natively.</P>
+
 <DT><B>zph_local</B><DD>
 <P>Replaced by <EM>qos_flows local-hit=</EM></P>
 
@@ -2065,9 +2096,6 @@ Use --without-pthreads to disable, but only if you really have to.</P>
 <DT><B>update_headers</B><DD>
 <P>Not yet ported from 2.7</P>
 
-<DT><B>upgrade_http0.9</B><DD>
-<P>Not yet ported from 2.7</P>
-
 <DT><B>zero_buffers</B><DD>
 <P>Not yet ported from 2.7</P>
 
diff --git a/doc/release-notes/release-3.1.sgml b/doc/release-notes/release-3.1.sgml
index 7356858804..dd2e44f5e5 100644
--- a/doc/release-notes/release-3.1.sgml
+++ b/doc/release-notes/release-3.1.sgml
@@ -1,6 +1,6 @@
 <!doctype linuxdoc system>
 <article>
-<title>Squid 3.1.0.13 release notes</title>
+<title>Squid 3.1.0.15 release notes</title>
 <author>Squid Developers</author>
 
 <abstract>
@@ -13,7 +13,7 @@ for Applied Network Research and members of the Web Caching community.
 
 <sect>Notice
 <p>
-The Squid Team are pleased to announce the release of Squid-3.1.0.13 for testing.
+The Squid Team are pleased to announce the release of Squid-3.1.0.15 for testing.
 
 This new release is available for download from <url url="http://www.squid-cache.org/Versions/v3/3.1/"> or the <url url="http://www.squid-cache.org/Mirrors/http-mirrors.html" name="mirrors">.
 
@@ -46,6 +46,7 @@ The most important of these new features are:
 	<item>SSL Bump (for HTTPS Filtering and Adaptation)
 	<item>eCAP Adaptation Module support
 	<item>ICAP Bypass and Retry enhancements
+	<item>ICY streaming protocol support
 </itemize>
 
 Most user-facing changes are reflected in squid.conf (see below).
@@ -142,13 +143,10 @@ config options provided on a clean install.
  to the IPv4 or IPv6 network that address belongs to. They are not permitted over the
  IPv4-IPv6 boundary. Some ACL voodoo can however be applied to explicitly route the
  IPv6/IPv4 bound traffic (DIRECT access) out an appropriate interface.
-<verb>
-    acl toIP6 dst ipv6
-    tcp_outgoing_address 2001::1 toIP6
-    tcp_outgoing_address 10.0.0.1 !toIP6
-</verb>
+ See the squid.conf documentation for further details.
 
-<p>WCCP is not available (neither version 1 or 2). It remains built into squid for use with IPv4 traffic but IPv6 cannot use it.
+<p>WCCP is not available (neither version 1 or 2).
+   It remains built into squid for use with IPv4 traffic but IPv6 cannot use it.
 
 <p>Transparent Interception is done via NAT at the OS level and is not available in IPv6.
    Squid will ensure that any port set with transparent, intercept, or tproxy options be an IPv4-only
@@ -311,6 +309,23 @@ While decrypted, the traffic can be inspected using ICAP.
   should be large enough to not require an explicit configuration in most
   environments yet may be small enough to limit side-effects of loops.
 
+<sect1>ICY streaming protocol support
+<p>Squid-3.1 adds native support for streaming protocol ICY.
+
+<p>This protocol uses port 80 and violates RFC 2616 by using an HTTP/1.1 compliant request and non-HTTP reply
+  to start the stream transaction. If the reply is handled according to HTTP/1.1 RFC-compliance requirements
+  the audio stream becomes jerky and contains regular 'popping' sounds.
+
+<p>Squid now processes the ICY replies natively according to the ICY requirements, not HTTP/1.1 requirements.
+  The streamed data is not cacheable. All processing and access controls may be applied the same as for HTTP.
+
+<sect2>squid.conf change
+<p>Squid-2 contained a hack using the <em>update_http0.9</em> squid.conf option to work around the
+  unusual replies. This option is now obsolete.
+
+<p>The proto ACL type matches <em>ICY</em> once the reply has been received, before that the processing
+  is only aware on an HTTP request. So the ACL will match <em>HTTP</em>.
+
 
 <sect>Windows support
 <P>This Squid version can run on Windows as a system service using the Cygwin emulation environment, 
@@ -1062,7 +1077,8 @@ NOCOMMENT_START
 <p>
 <descrip>
 	<tag>acl</tag>
-	<p>New preset content <em>ipv6</em> available as a preset type in the src and dst ACL matching all of the public IPv6 network space.
+	<p>New preset <em>ipv6</em> available in the src and dst ACL matching all of the public IPv6 network space.
+	<p>New preset <em>ipv4</em> available in the src and dst ACL matching all of IPv4 network space.
 	<p>New acl type myportname, matching the name of the http_port or https_port where the request was accepted.
 	<p>New acl type tag, matching the tag= returned from the external_acl_type helper.
 	<p>New acl type peername, matching against a named cache_peer entry where the request will be attempted first.
@@ -1070,6 +1086,8 @@ NOCOMMENT_START
         <verb>
 	acl aclname dst ipv6			# request for IPv6-enabled site
 	acl aclname src ipv6			# request from IPv6 address
+	acl aclname dst ipv4			# request for IPv4 site
+	acl aclname src ipv4			# request from IPv4 address
         acl aclname myportname 3128 ...         # http(s)_port name
 	acl aclname peername myPeer ...		# cache_peer ... name=myPeer
 	acl aclname tag value ...		# tag= option from external ACL
@@ -1476,6 +1494,13 @@ This section gives an account of those changes in three categories:
 	<tag>--disable-loadable-modules</tag>
 	<p>Build without support for loadable modules.
 
+	<tag>--disable-strict-error-checking</tag>
+	<p>Build Squid without advanced compiler error checking.
+	   This only affects the building process, enabling it to complete despite some
+	   possibly serious issues.
+	   Please do not use lightly, and please report the build issues which make it needed
+	   to the squid developers before doing so.
+
 	<tag>--disable-translation</tag>
         <p>Prevent Squid generating localized error page templates and manuals.
            Which is usually tried, but may not be needed.
@@ -1598,7 +1623,7 @@ This section gives an account of those changes in three categories:
 	<p>Replaced by <em>url_rewrite_bypass</em>
 
 	<tag>upgrade_http0.9</tag>
-	<p>ICY protocol streaming support added natively.
+	<p>Obsolete. ICY protocol streaming support added natively.
 
 	<tag>zph_local</tag>
 	<p>Replaced by <em>qos_flows local-hit=</em>