Fixed header accounting to avoid the "Headers[id].stat.aliveCount" assertion.
We were incrementing the alive header field counter twice for each decrement,
which probably resulted in the alive counter wrapping back to zero, triggering
the assertion.
Amos Jeffries [Sun, 23 May 2010 11:25:59 +0000 (23:25 +1200)]
Author: Alex Rousskov <rousskov@measurement-factory.com>
Bug 2879: pt2: 3.0 regression in headers end finding
Consider the case when we received an empty (zero bytes) response.
The committed hack (bzr r9935) makes the "Invalid Response" warning misleading
because it adds CRLF to the empty response. The same hack makes the correct
error determination even more broken than it was (because the rest of the code
now sees content when none exited). It also mentions the wrong bug number.
The attached patch fixes the above and attempts to route empty response
processing to the right error (ERR_ZERO_SIZE_OBJECT).
TODO: Reconsider polluting cache.log with unlimited Invalid Response warnings,
at least in a forward proxy environment where the admin has no control over
responses.
When comm_close() has been called for the server fd but the close handler has
not yet been activated, the Server may receive an async call not associated
with the fd (e.g., more request body data coming from the HTTP or ICAP client)
that prompts the server to write to the fd. We now check whether it is still
safe to write before writing. If it is not safe, we do not write but wait for
our close handler to be called.
TODO: when all comm_write callers check for fd closing, comm API can be
redefined to drop unsafe calls instead of asserting.
Henrik Nordstrom [Fri, 14 May 2010 12:40:35 +0000 (14:40 +0200)]
Reset all addresses as OK after trying them all. This to avoid a "deadlock"
when all addresses of the currnet procotol have been marked bad but
there remains addresses in another protocol which means there is no addresses
we can connect to but unfortunately we don't know that in the current
upside-down layering.
Henrik Nordstrom [Fri, 14 May 2010 12:02:06 +0000 (14:02 +0200)]
Bug #2876: FD_SETSIZE override not working on all linux distributions
The glibc hack for overriding FD_SETSIZE seems to have broken down on some families
of Linux distribution, requiring one more header to be included before redefine.
Hopefully this does not break the FD_SETSIZE override on more systems than
it fixes.. if it does then some additional autoconffuu will be needed.
Henrik Nordstrom [Fri, 14 May 2010 05:39:29 +0000 (07:39 +0200)]
Fall back on IPv4 if IPv6 is not present
automatically fall back on IPv4 operation if it fails creating an
IPv6 socket. This may happen if Squid is built with IPv6 support
enabled but no IPv6 stack is available when it runs.
Henrik Nordstrom [Fri, 14 May 2010 04:13:30 +0000 (06:13 +0200)]
Clean up use of commResetFD when socket incompatible with requested address
This patch backs out part of the patch for Bug #2222 and replaces it by
crudely cycling over the available addresses, trying to skip over
addresses not compatible with the current socket.
This solves issues seen when using tproxy or tcp_outgoing_address and
DNS of the requested host returns AAAA records in addition to A records.
This change is interim, waiting for the larger connection setup
overhaul, but seems to do the trick for now.
One effect of this change is that there will be no fallback to the other
IP generation if the socket is configured to a specific outgoing
address. Priory the code threw away the outgoing address and tried
again when encountering an incompatibility.
Author: Francesco Chemolli <kinkie@squid-cache.org>
Improved helper configlets for wider compatibility.
* Add configlet tests for building the DB basic auth helper
* Improved detection of samba prefix for wbinfo_group and SMB
* Also check for SASL shared libraries in SASL helper
* Distribute the config.test files to enable auto-build properly
Bug 2899: Restore lost rfc1738_unescape() data type
Data type was converted to char from int during recent upgrades.
On unix systems char is unsigned making the safety checks fail on build.
This reverts the type back to a usable signed int, no logic changes.
Amos Jeffries [Tue, 23 Mar 2010 11:31:32 +0000 (00:31 +1300)]
Default pinger OFF
The pinger install is still done without the special permissions needed.
So the pinger will fail to run in most setups. Will turn this on again
in a later release when the pinger is actually installed properly by
default.
Amos Jeffries [Fri, 19 Mar 2010 10:22:14 +0000 (23:22 +1300)]
Author: Henrik Nordstrom <henrik@henriknordstrom.net>
Drop ufsdump from default builds.
As reported some weeks ago ufsdump fails to link on the upcoming Fedora
13 release due to linking issues, and as reported by Amos the same
linking issues is now also seen on Debian since somewhere between March
2 - 5.
While investigating this I found the following conclusions
- We are not actually installing ufsdump
- The dependencies between the Squid libraries are very non-obvious,
with libraries depending on plain object files and other strange things.
- The ufsdump linkage issues is somehow triggered by the libraries
including objects needing symbols from objects not included in that link
- Those failing library objects are not actually needed by ufsdump.
Linking succeeds if repeatedly removing each reported failing object
from the squid libraries.
- If the libraries were shared libraries then linking would fail on all
systems
The issue have been identified, or actually two separate issues. What is
yet unclear is what is the proper solution..
- Inline operator overloading causing indeterministic linkage,
resulting in seemingly unneeded sub modules being pulled in "at random".
Most notably this is seen with our custom new operation (which btw is
duplicated in two places: src/SquidNew.cc and include/SquidNew.h)
- The current Squid libraries have very unclear dependencies with no
clean boundaries, resulting in linking failure when the above happens..
Amos Jeffries [Wed, 10 Mar 2010 09:45:55 +0000 (22:45 +1300)]
Author: Henrik Nordstrom <henrik@henriknordstrom.net>
Various other Digest parser fixes
* Correct debug message when failing to parse digest attributes
* Correct digest stale=false in POST workaround code
* Fix new digest parser shutdown code when digest auth not configured
* Sanity check of the username.
" cannot be allowed in usernames until the digest helper protocol
has been redone
Amos Jeffries [Sat, 6 Mar 2010 03:42:04 +0000 (16:42 +1300)]
Author: Henrik Nordstrom <henrik@henriknordstrom.net>
Bug 2367: Fix stale=true on digest requests with unknown nonce
The nonce staleness check only worked if the stale nonce had not yet
been garbage collected, often resulting in incorrect stale=false
responses and resulting auth popups when using digest auth.
Note: this fix is different from how it's done in squid-2 where fixHeader
is called on all schemes in such conditions but only the active one with
and auth_user_request. Not entirely sure why that is done, but commit
message says something about Negotiate authentication.
projects / thirdparty / squid.git / log
