From: guijan Date: Mon, 2 May 2022 18:50:11 +0000 (+0000) Subject: Delete trailing whitespace (#1041) X-Git-Tag: SQUID_5_6~1 X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=71d45937146f814692d4b2cd2cb5351468d0d8e4;p=thirdparty%2Fsquid.git Delete trailing whitespace (#1041) --- diff --git a/acinclude/compiler-flags.m4 b/acinclude/compiler-flags.m4 index 839da9e5e9..6b69f6342a 100644 --- a/acinclude/compiler-flags.m4 +++ b/acinclude/compiler-flags.m4 @@ -6,7 +6,7 @@ ## # check if the compiler accepts a supplied flag -# first argument is the variable containing the result +# first argument is the variable containing the result # (will be set to "yes" or "no") # second argument is the flag to be tested, verbatim # @@ -28,7 +28,7 @@ AC_DEFUN([SQUID_CC_CHECK_ARGUMENT],[ # Check if the compiler requires a supplied flag to build a test program. # When cross-compiling set flags explicitly. # -# first argument is the variable containing the result +# first argument is the variable containing the result # (will be set to "yes" or "no") # second argument is the flag to be tested, verbatim # third is the #include and global setup for test program, verbatim @@ -57,8 +57,8 @@ AC_DEFUN([SQUID_CC_REQUIRE_ARGUMENT],[ # - gcc # - sunstudio # - none (undetected) -# -AC_DEFUN([SQUID_CC_GUESS_VARIANT], [ +# +AC_DEFUN([SQUID_CC_GUESS_VARIANT], [ AC_CACHE_CHECK([what kind of compiler we're using],[squid_cv_compiler], [ AC_REQUIRE([AC_PROG_CC]) @@ -127,42 +127,42 @@ AC_DEFUN([SQUID_CC_GUESS_VARIANT], [ # squid_cv_cxx_option_werror (-Werror) # squid_cv_cc_option_wall (-Wall) # squid_cv_cc_option_optimize (-O3) -# +# AC_DEFUN([SQUID_CC_GUESS_OPTIONS], [ AC_REQUIRE([SQUID_CC_GUESS_VARIANT]) AC_MSG_CHECKING([for compiler variant]) case "$squid_cv_compiler" in - gcc) - squid_cv_cc_option_werror="-Werror" - squid_cv_cxx_option_werror="-Werror" + gcc) + squid_cv_cc_option_werror="-Werror" + squid_cv_cxx_option_werror="-Werror" squid_cv_cc_option_wall="-Wall" squid_cv_cc_option_optimize="-O3" squid_cv_cc_arg_pipe="-pipe" ;; - sunstudio) - squid_cv_cc_option_werror="-errwarn=%all -errtags" - squid_cv_cxx_option_werror="-errwarn=%all,no%badargtype2w,no%wbadinit,no%wbadasg -errtags" + sunstudio) + squid_cv_cc_option_werror="-errwarn=%all -errtags" + squid_cv_cxx_option_werror="-errwarn=%all,no%badargtype2w,no%wbadinit,no%wbadasg -errtags" squid_cv_cc_option_wall="+w" squid_cv_cc_option_optimize="-fast" squid_cv_cc_arg_pipe="" ;; - clang) + clang) squid_cv_cxx_option_werror="-Werror -Qunused-arguments" squid_cv_cc_option_werror="$squid_cv_cxx_option_werror" squid_cv_cc_option_wall="-Wall" squid_cv_cc_option_optimize="-O2" squid_cv_cc_arg_pipe="" ;; - icc) + icc) squid_cv_cxx_option_werror="-Werror" - squid_cv_cc_option_werror="$squid_cv_cxx_option_werror" + squid_cv_cc_option_werror="$squid_cv_cxx_option_werror" squid_cv_cc_option_wall="-Wall" squid_cv_cc_option_optimize="-O2" squid_cv_cc_arg_pipe="" ;; - *) - squid_cv_cxx_option_werror="" - squid_cv_cc_option_werror="" + *) + squid_cv_cxx_option_werror="" + squid_cv_cc_option_werror="" squid_cv_cc_option_wall="" squid_cv_cc_option_optimize="-O" squid_cv_cc_arg_pipe="" diff --git a/acinclude/init.m4 b/acinclude/init.m4 index 5433d7a511..9f0de168d5 100644 --- a/acinclude/init.m4 +++ b/acinclude/init.m4 @@ -5,7 +5,7 @@ ## Please see the COPYING and CONTRIBUTORS files for details. ## -dnl This encapsulates the nasty mess of headers we need to check when +dnl This encapsulates the nasty mess of headers we need to check when dnl checking types. AC_DEFUN([SQUID_DEFAULT_INCLUDES],[[ /* What a mess.. many systems have added the (now standard) bit types @@ -15,10 +15,10 @@ AC_DEFUN([SQUID_DEFAULT_INCLUDES],[[ */ #if HAVE_SYS_TYPES_H #include -#endif +#endif #if HAVE_LINUX_TYPES_H #include -#endif +#endif #if HAVE_STDLIB_H #include #endif @@ -37,7 +37,7 @@ AC_DEFUN([SQUID_DEFAULT_INCLUDES],[[ #if HAVE_NETINET_IN_SYSTM_H #include #endif -]]) +]]) dnl *BSD net headers AC_DEFUN([SQUID_BSDNET_INCLUDES],[ diff --git a/acinclude/krb5.m4 b/acinclude/krb5.m4 index 7aa93abd85..a0f44b0e9c 100644 --- a/acinclude/krb5.m4 +++ b/acinclude/krb5.m4 @@ -15,7 +15,7 @@ AC_DEFUN([SQUID_CHECK_KRB5_SOLARIS_BROKEN_KRB5_H], [ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include int i; -]])], [ squid_cv_broken_krb5_h=no ], [ +]])], [ squid_cv_broken_krb5_h=no ], [ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #if defined(__cplusplus) #define KRB5INT_BEGIN_DECLS extern "C" { @@ -246,7 +246,7 @@ gss_OID gss_mech_spnego = &_gss_mech_spnego; return 1; } - ]])], + ]])], [ squid_cv_have_spnego=yes ], [ squid_cv_have_spnego=no ],[:])]) ]) diff --git a/acinclude/lib-checks.m4 b/acinclude/lib-checks.m4 index 19b88df38f..30a9524ee4 100644 --- a/acinclude/lib-checks.m4 +++ b/acinclude/lib-checks.m4 @@ -15,7 +15,7 @@ AC_DEFUN([SQUID_CHECK_REGEX_WORKS],[ #include #endif #if HAVE_REGEX_H -#include +#include #endif ]], [[ regex_t t; regcomp(&t,"",0);]])], @@ -197,7 +197,7 @@ AC_DEFUN([SQUID_CHECK_OPENSSL_GETCERTIFICATE_WORKS],[ SQUID_STATE_ROLLBACK(check_SSL_get_certificate) ]) -dnl Checks whether the SSL_CTX_new and similar functions require +dnl Checks whether the SSL_CTX_new and similar functions require dnl a const 'SSL_METHOD *' argument AC_DEFUN([SQUID_CHECK_OPENSSL_CONST_SSL_METHOD],[ AH_TEMPLATE(SQUID_USE_CONST_SSL_METHOD, "Define to 1 if the SSL_CTX_new and similar openSSL API functions require 'const SSL_METHOD *'") diff --git a/acinclude/os-deps.m4 b/acinclude/os-deps.m4 index fa2f068a78..e089505249 100644 --- a/acinclude/os-deps.m4 +++ b/acinclude/os-deps.m4 @@ -86,7 +86,7 @@ dnl check that we have functional libcap2 headers dnl sets squid_cv_sys_capability_works to "yes" or "no" AC_DEFUN([SQUID_CHECK_FUNCTIONAL_LIBCAP2],[ - AC_CACHE_CHECK([for operational libcap2 headers], + AC_CACHE_CHECK([for operational libcap2 headers], squid_cv_sys_capability_works, AC_LINK_IFELSE([AC_LANG_PROGRAM([[ #include @@ -218,7 +218,7 @@ int main(int argc, char **argv) { i = j = 1<<14; while (j) { j >>= 1; - if (dup2(0, i) < 0) { + if (dup2(0, i) < 0) { i -= j; } else { close(i); @@ -272,7 +272,7 @@ AC_CACHE_CHECK([for sin6_len field in struct sockaddr_in6], #include #include #include - ]], [[ struct sockaddr_in6 s; s.sin6_len = 1; ]])],[ ac_cv_have_sin6_len_in_struct_sai="yes" ],[ ac_cv_have_sin6_len_in_struct_sai="no" + ]], [[ struct sockaddr_in6 s; s.sin6_len = 1; ]])],[ ac_cv_have_sin6_len_in_struct_sai="yes" ],[ ac_cv_have_sin6_len_in_struct_sai="no" ]) ]) SQUID_DEFINE_BOOL(HAVE_SIN6_LEN_IN_SAI,$ac_cv_have_sin6_len_in_struct_sai, @@ -291,7 +291,7 @@ AC_CACHE_CHECK([for ss_len field in struct sockaddr_storage], #include #include #include - ]], [[ struct sockaddr_storage s; s.ss_len = 1; ]])],[ ac_cv_have_ss_len_in_struct_ss="yes" ],[ ac_cv_have_ss_len_in_struct_ss="no" + ]], [[ struct sockaddr_storage s; s.ss_len = 1; ]])],[ ac_cv_have_ss_len_in_struct_ss="yes" ],[ ac_cv_have_ss_len_in_struct_ss="no" ]) ]) SQUID_DEFINE_BOOL(HAVE_SS_LEN_IN_SS,$ac_cv_have_ss_len_in_struct_ss, @@ -310,7 +310,7 @@ AC_CACHE_CHECK([for sin_len field in struct sockaddr_in], #include #include #include - ]], [[ struct sockaddr_in s; s.sin_len = 1; ]])],[ ac_cv_have_sin_len_in_struct_sai="yes" ],[ ac_cv_have_sin_len_in_struct_sai="no" + ]], [[ struct sockaddr_in s; s.sin_len = 1; ]])],[ ac_cv_have_sin_len_in_struct_sai="yes" ],[ ac_cv_have_sin_len_in_struct_sai="no" ]) ]) SQUID_DEFINE_BOOL(HAVE_SIN_LEN_IN_SAI,$ac_cv_have_sin_len_in_struct_sai,[Define if sockaddr_in has field sin_len]) @@ -407,7 +407,7 @@ int main(int argc, char **argv) if (getsockopt(fd, SOL_SOCKET, SO_RCVBUF, &val, &len) < 0) return 1; #endif if (val <= 0) return 1; - fp = fopen("conftestval", "w"); + fp = fopen("conftestval", "w"); fprintf (fp, "%d\n", val); return 0; } @@ -457,7 +457,7 @@ int main(int argc, char **argv) if (getsockopt(fd, SOL_SOCKET, SO_SNDBUF, &val, &len) < 0) return 1; #endif if (val <= 0) return 1; - fp = fopen("conftestval", "w"); + fp = fopen("conftestval", "w"); fprintf (fp, "%d\n", val); return 0; } @@ -511,7 +511,7 @@ int main(int argc, char **argv) if (getsockopt(fd, SOL_SOCKET, SO_RCVBUF, &val, &len) < 0) return 1; #endif if (val <= 0) return 1; - fp = fopen("conftestval", "w"); + fp = fopen("conftestval", "w"); fprintf (fp, "%d\n", val); return 0; } @@ -563,7 +563,7 @@ AC_CACHE_CHECK(for working statvfs() interface,ac_cv_func_statvfs,[ #include ]], [[ struct statvfs sfs; -sfs.f_blocks = sfs.f_bfree = sfs.f_frsize = +sfs.f_blocks = sfs.f_bfree = sfs.f_frsize = sfs.f_files = sfs.f_ffree = 0; statvfs("/tmp", &sfs); ]])],[ac_cv_func_statvfs=yes],[ac_cv_func_statvfs=no]) @@ -586,7 +586,7 @@ AC_CACHE_CHECK([for f_frsize field in struct statfs], #if HAVE_SYS_VFS_H #include #endif - ]], [[ struct statfs s; s.f_frsize = 0; ]])],[ ac_cv_have_f_frsize_in_struct_statfs="yes" ],[ ac_cv_have_f_frsize_in_struct_statfs="no" + ]], [[ struct statfs s; s.f_frsize = 0; ]])],[ ac_cv_have_f_frsize_in_struct_statfs="yes" ],[ ac_cv_have_f_frsize_in_struct_statfs="no" ]) ]) SQUID_DEFINE_BOOL(HAVE_F_FRSIZE_IN_STATFS,$ac_cv_have_f_frsize_in_struct_statfs,[Define if struct statfs has field f_frsize (Linux 2.6 or later)]) @@ -629,7 +629,7 @@ AC_DEFUN([SQUID_CHECK_RESOLVER_FIELDS],[ #if HAVE_RESOLV_H #include #endif - ]], + ]], [[_res_ext.nsaddr_list[[0]].s_addr;]])],[ ac_cv_have_res_ext_nsaddr_list="yes" ],[ ac_cv_have_res_ext_nsaddr_list="no"])) @@ -708,7 +708,7 @@ AC_CACHE_CHECK(for _res.nsaddr_list, ac_cv_have_res_nsaddr_list, #if HAVE_RESOLV_H #include #endif - ]], + ]], [[_res.ns_list[[0]].addr;]])], [ac_cv_have_res_ns_list="yes"],[ac_cv_have_res_ns_list="no"])) if test $ac_cv_have_res_ns_list = "yes" ; then diff --git a/acinclude/pam.m4 b/acinclude/pam.m4 index c6e8c7e391..bc78d206b7 100644 --- a/acinclude/pam.m4 +++ b/acinclude/pam.m4 @@ -25,15 +25,15 @@ password_conversation(int num_msg, const struct pam_message **msg, struct pam_re static struct pam_conv conv = { &password_conversation, 0 }; ]])], [ squid_cv_pam_conv_signature=linux -], [ +], [ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include static int password_conversation(int num_msg, struct pam_message **msg, struct pam_response **resp, void *appdata_ptr) { return 0; } static struct pam_conv conv = { &password_conversation, 0 }; -]])], [ +]])], [ squid_cv_pam_conv_signature=solaris - ], [ + ], [ squid_cv_pam_conv_signature=unknown ]) ]) diff --git a/acinclude/pkg.m4 b/acinclude/pkg.m4 index 8e8c15f452..430193412f 100644 --- a/acinclude/pkg.m4 +++ b/acinclude/pkg.m4 @@ -7,7 +7,7 @@ # pkg.m4 - Macros to locate and utilise pkg-config. -*- Autoconf -*- # serial 1 (pkg-config-0.24) -# +# # Copyright © 2004 Scott James Remnant . # # This program is free software; you can redistribute it and/or modify @@ -128,7 +128,7 @@ if test $pkg_failed = yes; then _PKG_SHORT_ERRORS_SUPPORTED if test $_pkg_short_errors_supported = yes; then $1[]_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors "$2" 2>&1` - else + else $1[]_PKG_ERRORS=`$PKG_CONFIG --print-errors "$2" 2>&1` fi # Put the nasty error message in config.log where it belongs diff --git a/acinclude/squid-util.m4 b/acinclude/squid-util.m4 index 3707be2c5f..6a4e6699fb 100644 --- a/acinclude/squid-util.m4 +++ b/acinclude/squid-util.m4 @@ -70,7 +70,7 @@ SQUID_STATE_COMMIT($1) dnl look for modules in the base-directory supplied as argument. dnl fill-in the variable pointed-to by the second argument with the -dnl space-separated list of modules +dnl space-separated list of modules AC_DEFUN([SQUID_LOOK_FOR_MODULES],[ $2="" for dir in $1/*; do @@ -113,7 +113,7 @@ dnl named $2_modulename to value "yes" dnl e.g. SQUID_CHECK_EXISTING_MODULES([$srcdir/src/fs],[foo_module_candidates]) dnl where $foo_module_candidates is "foo bar gazonk" dnl checks whether $srcdir/src/fs/{foo,bar,gazonk} exist and are all dirs -dnl AND sets $foo_module_candidates_foo, $foo_module_candidates_bar +dnl AND sets $foo_module_candidates_foo, $foo_module_candidates_bar dnl and $foo_module_candidates_gazonk to "yes" AC_DEFUN([SQUID_CHECK_EXISTING_MODULES],[ for squid_module_check_exist_tmp in $$2 @@ -145,12 +145,12 @@ dnl 0: "no" , "false", 0, "" dnl aborts with an error for unknown values AC_DEFUN([SQUID_DEFINE_BOOL],[ squid_tmp_define="" -case "$2" in +case "$2" in yes|true|1) squid_tmp_define="1" ;; no|false|0|"") squid_tmp_define="0" ;; *) AC_MSG_ERROR([SQUID_DEFINE[]_BOOL: unrecognized value for $1: '$2']) ;; esac -ifelse([$#],3, +ifelse([$#],3, [AC_DEFINE_UNQUOTED([$1], [$squid_tmp_define],[$3])], [AC_DEFINE_UNQUOTED([$1], [$squid_tmp_define])] ) @@ -170,7 +170,7 @@ AC_DEFUN([SQUID_EMBED_BUILD_INFO],[ AS_HELP_STRING([--enable-build-info="build info string"], [Add an additional string in the output of "squid -v". Default is not to add anything. If the string is not specified, - tries to determine nick and revision number of the current + tries to determine nick and revision number of the current bazaar branch]),[ case "$enableval" in no) ${TRUE} diff --git a/bootstrap.sh b/bootstrap.sh index abe2e51ca6..07391990f5 100755 --- a/bootstrap.sh +++ b/bootstrap.sh @@ -62,7 +62,7 @@ find_path() path=`which $tool` if test $? -gt 0 ; then # path for $tool not found. Not defining, and hoping for the best - echo + echo return fi echo $(dirname $path) @@ -74,7 +74,7 @@ bootstrap() { else echo "$1 failed" echo "Autotool bootstrapping failed. You will need to investigate and correct" ; - echo "before you can develop on this source tree" + echo "before you can develop on this source tree" exit 1 fi } @@ -117,7 +117,7 @@ echo "libtool ($ltversion) : ${LIBTOOL_BIN}${ltver}" echo "libtool path : $ltpath" for dir in \ - "" + "" do if [ -z "$dir" ] || [ -d $dir ]; then if ( diff --git a/compat/GnuRegex.c b/compat/GnuRegex.c index 70649f277a..9ef932e5ca 100644 --- a/compat/GnuRegex.c +++ b/compat/GnuRegex.c @@ -166,7 +166,7 @@ static int re_match_2(struct re_pattern_buffer * buffer, const char *string1, /* As in Harbison and Steele. */ #define SIGN_EXTEND_CHAR(c) ((((unsigned char) (c)) ^ 128) - 128) #endif - + /* Should we use malloc or alloca? If REGEX_MALLOC is not defined, we * use `alloca' instead of `malloc'. This is because using malloc in * re_search* or re_match* could cause memory leaks when C-g is used in @@ -232,7 +232,7 @@ typedef char boolean; #endif #define false 0 #define true 1 - + /* These are the command codes that appear in compiled regular * expressions. Some opcodes are followed by argument bytes. A * command code can specify any interpretation whatsoever for its @@ -358,7 +358,7 @@ typedef enum { notwordbound /* Succeeds if not at a word boundary. */ } re_opcode_t; - + /* Common operations on the compiled pattern. */ /* Store NUMBER in two contiguous bytes starting at DESTINATION. */ @@ -432,7 +432,7 @@ unsigned char **source; #endif /* not EXTRACT_MACROS */ #endif /* DEBUG */ - + /* If DEBUG is defined, Regex prints many voluminous messages about what * it is doing (if the variable `debug' is nonzero). If linked with the * main program in `iregex.c', you can enter patterns and strings @@ -719,7 +719,7 @@ int size2; #define DEBUG_PRINT_DOUBLE_STRING(w, s1, sz1, s2, sz2) #endif /* not DEBUG */ - + /* This table gives an error message for each of the error codes listed * in regex.h. Obviously the order here has to be same as there. */ @@ -741,7 +741,7 @@ static const char *re_error_msg[] = {NULL, /* REG_NOERROR */ "Regular expression too big", /* REG_ESIZE */ "Unmatched ) or \\)", /* REG_ERPAREN */ }; - + /* Subroutine declarations and macros for regex_compile. */ /* Fetch the next character in the uncompiled pattern---translating it @@ -929,7 +929,7 @@ static reg_errcode_t compile_range(const char **p_ptr, const char *pend, char *t || STREQ (string, "space") || STREQ (string, "print") \ || STREQ (string, "punct") || STREQ (string, "graph") \ || STREQ (string, "cntrl") || STREQ (string, "blank")) - + /* `regex_compile' compiles PATTERN (of length SIZE) according to SYNTAX. * Returns one of error codes defined in `regex.h', or zero for success. * @@ -1857,7 +1857,7 @@ normal_char: return REG_NOERROR; } /* regex_compile */ - + /* Subroutines for `regex_compile'. */ /* Store OP at LOC followed by two-byte integer parameter ARG. */ @@ -2010,7 +2010,7 @@ compile_range(const char **p_ptr, const char *pend, char *translate, reg_syntax_ return REG_NOERROR; } - + /* Failure stack declarations and macros; both re_compile_fastmap and * re_match_2 use a failure stack. These have to be macros because of * REGEX_ALLOCATE. */ @@ -2277,7 +2277,7 @@ typedef struct { \ DEBUG_STATEMENT (nfailure_points_popped++); \ } /* POP_FAILURE_POINT */ - + /* re_compile_fastmap computes a ``fastmap'' for the compiled pattern in * BUFP. A fastmap records which of the (1 << BYTEWIDTH) possible * characters can start a string that matches the pattern. This fastmap @@ -2517,7 +2517,7 @@ handle_on_failure_jump: bufp->can_be_null |= path_can_be_null; return 0; } /* re_compile_fastmap */ - + /* Searching routines. */ /* Like re_search_2, below, but only one string is specified, and @@ -2659,7 +2659,7 @@ advance: } return -1; } /* re_search_2 */ - + /* Declarations and macros for re_match_2. */ /* Structure for per-register (a.k.a. per-group) information. @@ -2797,7 +2797,7 @@ wordchar_p(const char *d, const char *end1, const char *string2) * to actually save any registers when none are active. */ #define NO_HIGHEST_ACTIVE_REG (1 << BYTEWIDTH) #define NO_LOWEST_ACTIVE_REG (NO_HIGHEST_ACTIVE_REG + 1) - + /* Matching routines. */ /* re_match_2 matches the compiled pattern in BUFP against the @@ -3846,7 +3846,7 @@ fail: return -1; /* Failure to match. */ } /* re_match_2 */ - + /* Subroutine definitions for re_match_2. */ /* We are passed P pointing to a register number after a start_memory. @@ -4077,7 +4077,7 @@ bcmp_translate(unsigned char const *s1, unsigned char const*s2, register int len } return 0; } - + /* Entry points for GNU code. */ /* POSIX.2 functions */ diff --git a/compat/GnuRegex.h b/compat/GnuRegex.h index 14482b94b6..29ced47fbf 100644 --- a/compat/GnuRegex.h +++ b/compat/GnuRegex.h @@ -210,7 +210,7 @@ typedef unsigned reg_syntax_t; | RE_NO_BK_PARENS | RE_NO_BK_REFS \ | RE_NO_BK_VBAR | RE_UNMATCHED_RIGHT_PAREN_ORD) /* [[[end syntaxes]]] */ - + /* Maximum number of duplicates an interval can allow. Some systems * (erroneously) define this in other header files, but we want our * value, so remove any previous define. */ @@ -276,7 +276,7 @@ typedef enum { REG_ESIZE, /* Compiled pattern bigger than 2^16 bytes. */ REG_ERPAREN /* Unmatched ) or \); not returned from regcomp. */ } reg_errcode_t; - + /* This data structure represents a compiled pattern. Before calling * the pattern compiler, the fields `buffer', `allocated', `fastmap', * `translate', and `no_sub' can be set. After the pattern has been @@ -355,7 +355,7 @@ typedef struct re_pattern_buffer regex_t; /* search.c (search_buffer) in Emacs needs this one opcode value. It is * defined both in `regex.c' and here. */ #define RE_EXACTN_VALUE 1 - + /* Type for byte offsets within the string. POSIX mandates this. */ typedef int regoff_t; @@ -381,7 +381,7 @@ typedef struct { regoff_t rm_so; /* Byte offset from string's start to substring's start. */ regoff_t rm_eo; /* Byte offset from string's start to substring's end. */ } regmatch_t; - + /* Declarations for routines. */ /* To avoid duplicating every routine declaration -- once with a diff --git a/compat/compat.dox b/compat/compat.dox index 540db47c89..8bf2222612 100644 --- a/compat/compat.dox +++ b/compat/compat.dox @@ -14,7 +14,7 @@ \section sec1 Aim -\par +\par Squid aims to build and run on many modern systems. To do this we have traditionally added small hacks and wrappers all over the code whenever one was needed. The final result of that is a vast amount of code duplication, dodgy licensing on diff --git a/configure.ac b/configure.ac index b6ba336912..c8e441ef1f 100644 --- a/configure.ac +++ b/configure.ac @@ -246,7 +246,7 @@ esac dnl Substitutions AC_DEFINE_UNQUOTED(CONFIG_HOST_TYPE, "$host",[Host type from configure]) -AC_DEFINE_UNQUOTED(SQUID_CONFIGURE_OPTIONS, "$ac_configure_args", +AC_DEFINE_UNQUOTED(SQUID_CONFIGURE_OPTIONS, "$ac_configure_args", [configure command line used to configure Squid]) CACHE_EFFECTIVE_USER="nobody" @@ -392,7 +392,7 @@ fi AC_ARG_ENABLE(debug-cbdata, AS_HELP_STRING([--enable-debug-cbdata], - [Provide some debug information in cbdata]), [ + [Provide some debug information in cbdata]), [ SQUID_YESNO([$enableval], [unrecognized argument to --enable-debug-cbdata: $enableval]) ]) @@ -419,7 +419,7 @@ AC_MSG_NOTICE([xmalloc stats display: $enable_xmalloc_statistics]) squid_opt_aufs_threads="" AC_ARG_WITH(aufs-threads, AS_HELP_STRING([--with-aufs-threads=N_THREADS], - [Tune the number of worker threads for the aufs object store.]), [ + [Tune the number of worker threads for the aufs object store.]), [ case $withval in [[0-9]]*) squid_opt_aufs_threads=$withval @@ -487,7 +487,7 @@ AC_ARG_ENABLE(disk-io, Set without a value or omitted, all available modules will be built. See src/DiskIO for a list of available modules, or Programmers Guide section on DiskIO - for details on how to build your custom disk module]), [ + for details on how to build your custom disk module]), [ case $enableval in yes) ${TRUE} @@ -667,7 +667,7 @@ for module in $squid_disk_module_candidates none; do SQUID_CFLAGS="$SQUID_CFLAGS -D_REENTRANT -lpthread" SQUID_CXXFLAGS="$SQUID_CXXFLAGS -D_REENTRANT -lpthread" AC_SEARCH_LIBS([pthread_create],[pthread thread],[ - LIBPTHREADS="" #in LIBS + LIBPTHREADS="" #in LIBS ],[ AC_MSG_NOTICE(pthread library required but cannot be found.) squid_opt_use_diskthreads="no" @@ -1075,7 +1075,7 @@ AC_MSG_NOTICE([Web Cache Coordination Protocol enabled: $enable_wccp]) test "x$squid_host_os" = "xmingw" && enable_wccpv2=no AC_ARG_ENABLE(wccpv2, AS_HELP_STRING([--disable-wccpv2], - [Disable Web Cache Coordination V2 Protocol]), [ + [Disable Web Cache Coordination V2 Protocol]), [ SQUID_YESNO([$enableval], [unrecognized argument to --disable-wccpv2: $enableval]) ]) @@ -1084,13 +1084,13 @@ SQUID_DEFINE_BOOL(USE_WCCPv2,${enable_wccpv2:=yes}, AC_MSG_NOTICE([Web Cache Coordination V2 Protocol enabled: $enable_wccpv2]) AC_ARG_ENABLE(kill-parent-hack, - AS_HELP_STRING([--enable-kill-parent-hack],[Kill parent on shutdown]), [ + AS_HELP_STRING([--enable-kill-parent-hack],[Kill parent on shutdown]), [ SQUID_YESNO([$enableval], [unrecognized argument to --enable-kill-parent-hack: $enableval]) ]) SQUID_DEFINE_BOOL(KILL_PARENT_OPT,${enable_kill_parent_hack:=no}, - [A dangerous feature which causes Squid to kill its parent - process (presumably the RunCache script) upon receipt + [A dangerous feature which causes Squid to kill its parent + process (presumably the RunCache script) upon receipt of SIGTERM or SIGINT. Deprecated, Use with caution.]) AC_MSG_NOTICE([Kill parent on shutdown hack enabled: $enable_kill_parent_hack]) @@ -1162,7 +1162,7 @@ include ) AC_CHECK_HEADERS( \ net/if_arp.h \ - net/route.h, + net/route.h, [], [], [[ #include #include @@ -1537,14 +1537,14 @@ if test "x$with_mit_krb5" != "xno" -a "x$with_solaris_krb5" != "xyes"; then if test "x$LIB_KRB5_LIBS" != "x"; then if test "x$with_apple_krb5" = "xyes" ; then AC_DEFINE(USE_APPLE_KRB5,1,[Apple Kerberos support is available]) - KRB5_FLAVOUR="Apple" + KRB5_FLAVOUR="Apple" else AC_DEFINE(USE_MIT_KRB5,1,[MIT Kerberos support is available]) - KRB5_FLAVOUR="MIT" + KRB5_FLAVOUR="MIT" fi KRB5LIBS="$LIB_KRB5_PATH $LIB_KRB5_LIBS $KRB5LIBS" KRB5INCS="$LIB_KRB5_CFLAGS" - + # check for other specific broken implementations CXXFLAGS="$CXXFLAGS $KRB5INCS" LIBS="$LIBS $KRB5LIBS" @@ -1622,8 +1622,8 @@ if test "x$with_solaris_krb5" = "xyes" -a "x$KRB5LIBS" = "x"; then KRB5LIBS="$LIB_KRB5_PATH $LIB_KRB5_LIBS $KRB5LIBS" KRB5INCS="$LIB_KRB5_CFLAGS" AC_DEFINE(USE_SOLARIS_KRB5,1,[Solaris Kerberos support is available]) - KRB5_FLAVOUR="Solaris" - + KRB5_FLAVOUR="Solaris" + # check for other specific broken implementations CXXFLAGS="$CXXFLAGS $KRB5INCS" LIBS="$LIBS $KRB5LIBS" @@ -1795,8 +1795,8 @@ if test "x$with_heimdal_krb5" != "xno" -a "x$KRB5LIBS" = "x"; then KRB5LIBS="$LIB_KRB5_PATH $LIB_KRB5_LIBS $KRB5LIBS" KRB5INCS="$LIB_KRB5_CFLAGS" AC_DEFINE(USE_HEIMDAL_KRB5,1,[Heimdal Kerberos support is available]) - KRB5_FLAVOUR="Heimdal" - + KRB5_FLAVOUR="Heimdal" + # check for other specific broken implementations CXXFLAGS="$CXXFLAGS $KRB5INCS" LIBS="$LIBS $KRB5LIBS" @@ -1863,7 +1863,7 @@ if test "x$with_gnugss" != "xno" -a "x$KRB5LIBS" = "x"; then KRB5LIBS="$LIB_KRB5_PATH $LIB_KRB5_LIBS $KRB5LIBS" KRB5INCS="$LIB_KRB5_CFLAGS" AC_DEFINE(USE_GNUGSS,1,[GNU Kerberos support is available]) - KRB5_FLAVOUR="GNU GSS" + KRB5_FLAVOUR="GNU GSS" # check for other specific broken implementations CXXFLAGS="$CXXFLAGS $KRB5INCS" @@ -1959,8 +1959,8 @@ case "$squid_host_os" in return 0; } - ]])], - [ AC_DEFINE(HAVE_LDAP, 1, [LDAP support]) + ]])], + [ AC_DEFINE(HAVE_LDAP, 1, [LDAP support]) AC_MSG_RESULT(yes) ], [ AC_MSG_RESULT(no) ], [ AC_MSG_RESULT(cross-compiler cant tell) ]) @@ -1980,8 +1980,8 @@ case "$squid_host_os" in { return strcmp(LDAP_VENDOR_NAME,"OpenLDAP"); } - ]])], - [ AC_DEFINE(HAVE_OPENLDAP, 1, [OpenLDAP support]) + ]])], + [ AC_DEFINE(HAVE_OPENLDAP, 1, [OpenLDAP support]) AC_MSG_RESULT(yes) ], [ AC_MSG_RESULT(no) ], [ AC_MSG_RESULT(cross-compiler cant tell) ]) @@ -1997,7 +1997,7 @@ case "$squid_host_os" in { return strcmp(LDAP_VENDOR_NAME,"Sun Microsystems Inc."); } - ]])], + ]])], [ AC_DEFINE(HAVE_SUN_LDAP_SDK, 1, [Sun LDAP SDK support]) AC_MSG_RESULT(yes) ], [ AC_MSG_RESULT(no) ], @@ -2016,7 +2016,7 @@ case "$squid_host_os" in { return strcmp(LDAP_VENDOR_NAME,"mozilla.org"); } - ]])], + ]])], [ AC_DEFINE(HAVE_MOZILLA_LDAP_SDK, 1, [Mozilla LDAP SDK support]) AC_MSG_RESULT(yes) ], [ AC_MSG_RESULT(no)], @@ -2441,7 +2441,7 @@ dnl UNIX Build environment dnl AS_HELP_STRING is not suited here because it cannot to specify newlines AC_ARG_WITH(build-environment, AS_HELP_STRING([--with-build-environment=model], - [The build environment to use. Normally one of + [The build environment to use. Normally one of POSIX_V6_ILP32_OFF32 (32 bits), POSIX_V6_ILP32_OFFBIG (32 bits with large file support), POSIX_V6_LP64_OFF64 (64 bits), @@ -2990,7 +2990,7 @@ case "$squid_host_os" in ac_cv_func_getrusage='yes' AC_MSG_NOTICE([Using own rusage on Windows.]) ;; - *) + *) AC_CHECK_TYPE(struct rusage,AC_DEFINE(HAVE_STRUCT_RUSAGE,1,[The system provides struct rusage]),,[ #if HAVE_SYS_TIME_H #include @@ -3203,7 +3203,7 @@ esac dnl --with-maxfd present for compatibility with Squid-2. dnl undocumented in ./configure --help to encourage using the Squid-3 directive AC_ARG_WITH(maxfd,, -[ +[ case ${withval} in [[0-9]]*) squid_filedescriptors_num=$withval @@ -3218,7 +3218,7 @@ AC_ARG_WITH(maxfd,, AC_ARG_WITH(filedescriptors, AS_HELP_STRING([--with-filedescriptors=NUMBER], [Force squid to support NUMBER filedescriptors]), -[ +[ case ${withval} in [[0-9]]*) squid_filedescriptors_num=$withval @@ -3686,10 +3686,10 @@ fi AC_CHECK_LIB(regex, regexec, [REGEXLIB="-lregex"],[REGEXLIB='']) AC_ARG_ENABLE(gnuregex, AS_HELP_STRING([--enable-gnuregex], - [Compile GNUregex. Unless you have reason to use + [Compile GNUregex. Unless you have reason to use this option, you should not enable it. - This library file is usually only required on Windows and - very old Unix boxes which do not have their own regex + This library file is usually only required on Windows and + very old Unix boxes which do not have their own regex library built in.]), [ SQUID_YESNO([$enableval],[unrecognized argument to --enable-gnuregex: $enableval]) ]) @@ -3752,7 +3752,7 @@ fi dnl Squid will not usually attempt to translate templates when building AC_ARG_ENABLE(translation, AS_HELP_STRING([--enable-translation],[Generate the localized error page templates and manuals. - Which can also be downloaded from http://www.squid-cache.org/Versions/langpack/.]), [ + Which can also be downloaded from http://www.squid-cache.org/Versions/langpack/.]), [ SQUID_YESNO([$enableval], [unrecognized argument to --enable-translation: $enableval]) ]) @@ -3826,7 +3826,7 @@ AC_MSG_NOTICE([BUILD EXTRA C++ FLAGS: $SQUID_CXXFLAGS]) AC_MSG_NOTICE([BUILD Tools C++ FLAGS: $BUILDCXXFLAGS]) dnl Clean up after OSF/1 core dump bug -rm -f core +rm -f core AC_CONFIG_FILES([ Makefile diff --git a/contrib/Makefile.am b/contrib/Makefile.am index faa9ec7aa9..ca299dbc60 100644 --- a/contrib/Makefile.am +++ b/contrib/Makefile.am @@ -28,7 +28,7 @@ EXTRA_DIST = \ nextstep/pre_install \ solaris/solaris-krb5-include.patch -all: +all: install: install-@host_os@ diff --git a/doc/Programming-Guide/01_Main.dox b/doc/Programming-Guide/01_Main.dox index b605eabb22..238ea5668a 100644 --- a/doc/Programming-Guide/01_Main.dox +++ b/doc/Programming-Guide/01_Main.dox @@ -54,10 +54,10 @@ \c module_foo_bar() . \par - Note that the Squid source changes rapidly, and while we + Note that the Squid source changes rapidly, and while we do make some effort to document code as we go some parts of the documentation may be left out. If you find any - inconsistencies, please feel free to notify + inconsistencies, please feel free to notify http://www.squid-cache.org/Support/contact.dyn the Squid Developers. */ diff --git a/doc/Programming-Guide/02_CodingConventions.dox b/doc/Programming-Guide/02_CodingConventions.dox index f5c567684f..73a7a5e86a 100644 --- a/doc/Programming-Guide/02_CodingConventions.dox +++ b/doc/Programming-Guide/02_CodingConventions.dox @@ -138,7 +138,7 @@ X::saidFubar() \par Simple functions do not exactly need a detailed description of their operation. - The \ref PARAM and \ref RETVAL + The \ref PARAM and \ref RETVAL should be enough for any developer to understand the function. \par Long or Complex Functions diff --git a/doc/Programming-Guide/03_MajorComponents.dox b/doc/Programming-Guide/03_MajorComponents.dox index 0f987c6560..fb3d9e4e57 100644 --- a/doc/Programming-Guide/03_MajorComponents.dox +++ b/doc/Programming-Guide/03_MajorComponents.dox @@ -18,7 +18,7 @@ \par Here new client connections are accepted, parsed, and reply data sent. Per-connection state information is held - in a data structure called ConnStateData. Per-request + in a data structure called ConnStateData. Per-request state information is stored in the clientSocketContext structure. With HTTP/1.1 we may have multiple requests from a single TCP connection. @@ -29,14 +29,14 @@ TODO: find out what has replaced clientSocketContext since it seems to not exist This is where requests are processed. We determine if the request is to be redirected, if it passes access lists, and setup the initial client stream for internal requests. - Temporary state for this processing is held in a + Temporary state for this processing is held in a clientRequestContext. TODO: find out what has replaced clientRequestContext since it seems not to exist now. -\section ClientSideReply Client Side Reply +\section ClientSideReply Client Side Reply \par - This is where we determine if the request is cache HIT, - REFRESH, MISS, etc. This involves querying the store + This is where we determine if the request is cache HIT, + REFRESH, MISS, etc. This involves querying the store (possibly multiple times) to work through Vary lists and the list. Per-request state information is stored in the clientReplyContext. @@ -218,7 +218,7 @@ TODO: get callback_data (object?) linking or replacement named. Manual reference counting such as cbdata uses is error prone, and time consuming for the programmer. C++'s operator overloading allows us to create automatic reference counting pointers, that will - free objects when they are no longer needed. With some care these + free objects when they are no longer needed. With some care these objects can be passed to functions needed Callback Data pointers. TODO: get cbdata documenting and linking. @@ -331,7 +331,7 @@ TODO: get RFCs linked from ietf These routines decide whether a cached object is stale or fresh, based on the \em refresh_pattern configuration options. If an object is fresh, it can be returned as a cache hit. - If it is stale, then it must be revalidated with an + If it is stale, then it must be revalidated with an If-Modified-Since request. \section SNMPSupport SNMP Support @@ -352,7 +352,7 @@ TODO: get RFCs linked from ietf \section ESI ESI \par ESI is an implementation of Edge Side Includes (http://www.esi.org). - ESI is implemented as a client side stream and a small + ESI is implemented as a client side stream and a small modification to client_side_reply.c to check whether ESI should be inserted into the reply stream or not. diff --git a/doc/Programming-Guide/05_TypicalRequestFlow.dox b/doc/Programming-Guide/05_TypicalRequestFlow.dox index 3525baeb61..fa275d71c6 100644 --- a/doc/Programming-Guide/05_TypicalRequestFlow.dox +++ b/doc/Programming-Guide/05_TypicalRequestFlow.dox @@ -19,12 +19,12 @@ for notification when access control checking is completed. \li After the access controls have been verified, the request - may be redirected. + may be redirected. \li The client-side-request is forwarded up the client stream - to GetMoreData() which looks for the requested object in the - cache, and or Vary: versions of the same. If is a cache hit, - then the client-side registers its interest in the + to GetMoreData() which looks for the requested object in the + cache, and or Vary: versions of the same. If is a cache hit, + then the client-side registers its interest in the StoreEntry. Otherwise, Squid needs to forward the request, perhaps with an If-Modified-Since header. diff --git a/doc/Programming-Guide/DelayPools.dox b/doc/Programming-Guide/DelayPools.dox index e2eede9656..3666fd7d88 100644 --- a/doc/Programming-Guide/DelayPools.dox +++ b/doc/Programming-Guide/DelayPools.dox @@ -44,7 +44,7 @@ For instance: \par Dynamically defined pool arrangements. - For instance an aggregate (class 1) combined with the per-class-C-net tracking of a + For instance an aggregate (class 1) combined with the per-class-C-net tracking of a class 3 pool, without the individual host tracking. This differs from a class 3 pool with -1/-1 in the host bucket, because no memory or cpu would be used on hosts, whereas with a class 3 pool, they are diff --git a/doc/Programming-Guide/Groups.dox b/doc/Programming-Guide/Groups.dox index 9a0e0068cf..e115be0b0f 100644 --- a/doc/Programming-Guide/Groups.dox +++ b/doc/Programming-Guide/Groups.dox @@ -40,7 +40,7 @@ /** \defgroup libsquid Squid Library - * + * \par * These objects are provided publicly through lidsquid.la */ @@ -65,7 +65,7 @@ /** \defgroup Callbacks Event Callback Functions - * + * \par * Squid uses events to process asynchronous actions. * These methods are registered as callbacks to receive notice whenever a diff --git a/lib/snmplib/Makefile.am b/lib/snmplib/Makefile.am index c1e1aaec92..19e9b0bd0e 100644 --- a/lib/snmplib/Makefile.am +++ b/lib/snmplib/Makefile.am @@ -8,7 +8,7 @@ ## Process this file with automake to produce Makefile.in ## ## Makefile for libsnmp. -## +## AM_CFLAGS = $(SQUID_CFLAGS) AM_CXXFLAGS = $(SQUID_CXXFLAGS) AM_CPPFLAGS = \ diff --git a/scripts/calc-must-ids.sh b/scripts/calc-must-ids.sh index 6c940a07ff..b1e31e5e22 100755 --- a/scripts/calc-must-ids.sh +++ b/scripts/calc-must-ids.sh @@ -10,7 +10,7 @@ # Usage: # calc-must-ids.sh [MustID] # Given an id it searches for the related Must expression in all -# source files. If no arguments given it returns all Must expressions +# source files. If no arguments given it returns all Must expressions # with its ids and their exact position in the source files. # # Example usage: diff --git a/src/Comm.dox b/src/Comm.dox index b4cd52cfc8..d683048fa0 100644 --- a/src/Comm.dox +++ b/src/Comm.dox @@ -9,7 +9,7 @@ /** \defgroup Comm Comm Module \ingroup Components - + \section Basic Basic Comm API principles @@ -57,7 +57,7 @@ with an AsyncCall object. This call guarantees that the passed Call will be canceled (see the AsyncCall API for call cancellation definitions and details). Naturally, the code has to store the - original read callback Call pointer to use this interface. + original read callback Call pointer to use this interface. \par The comm_read_cancel() call does not guarantee that the read operation diff --git a/src/Common.am b/src/Common.am index 532caac6d0..1c8d96f82d 100644 --- a/src/Common.am +++ b/src/Common.am @@ -43,7 +43,7 @@ DEFS += -DDEFAULT_CONFIG_FILE=\"$(DEFAULT_CONFIG_FILE)\" \ ## so that others can always use += for these variables CLEANFILES = -check_PROGRAMS = +check_PROGRAMS = TESTS = AM_CPPFLAGS = \ diff --git a/src/Makefile.am b/src/Makefile.am index c331be4c1f..dfb67a9cb8 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -770,7 +770,7 @@ squid.conf.default squid.conf.documented: cf_parser.cci cf_parser.cci: cf.data cf_gen$(EXEEXT) ./cf_gen$(EXEEXT) cf.data $(srcdir)/cf.data.depend -# The cf_gen_defines.cci is auto-generated and does not exist when the +# The cf_gen_defines.cci is auto-generated and does not exist when the # dependencies computed. We need to add its include files (autoconf.h) here cf_gen_defines.cci: $(srcdir)/cf_gen_defines $(srcdir)/cf.data.pre $(top_builddir)/include/autoconf.h $(AWK) -f $(srcdir)/cf_gen_defines <$(srcdir)/cf.data.pre >$@ || ($(RM) -f $@ && exit 1) @@ -848,7 +848,7 @@ CLEANFILES += cf.data squid.conf.default squid.conf.documented \ test_tools.cc: $(top_srcdir)/test-suite/test_tools.cc cp $(top_srcdir)/test-suite/test_tools.cc . -# stock tools for unit tests - library independent versions of dlink_list +# stock tools for unit tests - library independent versions of dlink_list # etc. # globals.cc is needed by test_tools.cc. # Neither of these should be disted from here. diff --git a/src/acl/external/file_userip/example.conf b/src/acl/external/file_userip/example.conf index e0f8cc9ac8..020a63f6c8 100644 --- a/src/acl/external/file_userip/example.conf +++ b/src/acl/external/file_userip/example.conf @@ -9,10 +9,10 @@ # # Lines that begin with a # are ignored # The main format is: -# +# # Single user # ip[/mask] user -# +# # Users that belong to "group" (/etc/group) # ip[/mask] @group # diff --git a/src/adaptation/notes.dox b/src/adaptation/notes.dox index 12b9c40cde..51b12de94b 100644 --- a/src/adaptation/notes.dox +++ b/src/adaptation/notes.dox @@ -9,7 +9,7 @@ /** \defgroup Adaptation Adaptation \ingroup Components - + \section Term Terminology diff --git a/src/base/AsyncCalls.dox b/src/base/AsyncCalls.dox index dceae34c28..90a9c91d12 100644 --- a/src/base/AsyncCalls.dox +++ b/src/base/AsyncCalls.dox @@ -9,7 +9,7 @@ /** \defgroup AsyncCalls Asynchronous Calls \ingroup Components - + \section Terminology Terminology @@ -82,7 +82,7 @@ will not be dialed. - A call may be canceled at any time. -- A canceled call will not be dialed. +- A canceled call will not be dialed. - Cancellation has immediate effect: The call will never be dialed after cancel() is called diff --git a/src/base/AsyncJobs.dox b/src/base/AsyncJobs.dox index d8f4794b1a..6d70c6874d 100644 --- a/src/base/AsyncJobs.dox +++ b/src/base/AsyncJobs.dox @@ -9,7 +9,7 @@ /** \defgroup AsyncJobs Asynchronous Jobs \ingroup Components - + \section AsyncJobsTerminology Terminology - \b Job: an AsyncJob object. diff --git a/src/cf.data.pre b/src/cf.data.pre index 21493c09a8..48f3e1319d 100644 --- a/src/cf.data.pre +++ b/src/cf.data.pre @@ -8,21 +8,21 @@ COMMENT_START WELCOME TO @SQUID@ ---------------------------- - + This is the documentation for the Squid configuration file. This documentation can also be found online at: http://www.squid-cache.org/Doc/config/ - + You may wish to look at the Squid home page and wiki for the FAQ and other documentation: http://www.squid-cache.org/ http://wiki.squid-cache.org/SquidFaq http://wiki.squid-cache.org/ConfigExamples - + This documentation shows what the defaults for various directives happen to be. If you don't need to change the default, you should leave the line out of your squid.conf in most cases. - + In some cases "none" refers to no default setting at all, while in other cases it refers to the value of the option - the comments for that keyword indicate if this is the case. @@ -495,7 +495,7 @@ DOC_START "optimistic" kernel simply kills Squid kid with a SIGBUS signal. Some of the memory limits enforced by the kernel are currently poorly understood: We do not know how to detect and check them. This - option ensures that the mapped memory will be available. + option ensures that the mapped memory will be available. This option may have a positive performance side-effect: Locking memory at start avoids runtime paging I/O. Paging slows Squid down. @@ -1044,7 +1044,7 @@ DEFAULT_DOC: ACLs all, manager, localhost, to_localhost, and CONNECT are predefi DOC_START Defining an Access List - Every access list definition must begin with an aclname and acltype, + Every access list definition must begin with an aclname and acltype, followed by either type-specific arguments or a quoted filename that they are read from. @@ -1061,7 +1061,7 @@ DOC_START -i,+i By default, regular expressions are CASE-SENSITIVE. To make them case-insensitive, use the -i option. To return case-sensitive use the +i option between patterns, or make a new ACL line - without -i. + without -i. -n Disable lookups and address type conversions. If lookup or conversion is required because the parameter type (IP or @@ -1072,7 +1072,7 @@ DOC_START -m[=delimiters] Perform a list membership test, interpreting values as comma-separated token lists and matching against individual - tokens instead of whole values. + tokens instead of whole values. The optional "delimiters" parameter specifies one or more alternative non-alphanumeric delimiter characters. non-alphanumeric delimiter characters. @@ -1194,10 +1194,10 @@ endif acl aclname myportname 3128 ... # *_port name [fast] acl aclname proto HTTP FTP ... # request protocol [fast] - + acl aclname method GET POST ... # HTTP request method [fast] - acl aclname http_status 200 301 500- 400-403 ... + acl aclname http_status 200 301 500- 400-403 ... # status code in reply [fast] acl aclname browser [-i] regexp ... @@ -1499,7 +1499,7 @@ IF USE_OPENSSL acl aclname server_cert_fingerprint [-sha1] fingerprint # match against server SSL certificate fingerprint [fast] # - # The fingerprint is the digest of the DER encoded version + # The fingerprint is the digest of the DER encoded version # of the whole certificate. The user should use the form: XX:XX:... # Optional argument specifies the digest algorithm to use. # The SHA1 digest algorithm is the default and is currently @@ -1509,7 +1509,7 @@ IF USE_OPENSSL # matches server name obtained from various sources [fast] # # The ACL computes server name(s) using such information sources as - # CONNECT request URI, TLS client SNI, and TLS server certificate + # CONNECT request URI, TLS client SNI, and TLS server certificate # subject (CN and SubjectAltName). The computed server name(s) usually # change with each SslBump step, as more info becomes available: # * SNI is used as the server name instead of the request URI, @@ -1526,7 +1526,7 @@ IF USE_OPENSSL # # Unlike dstdomain, this ACL does not perform DNS lookups. # - # An ACL option below may be used to restrict what information + # An ACL option below may be used to restrict what information # sources are used to extract the server names from: # # --client-requested @@ -1586,7 +1586,7 @@ ENDIF # This group ACL is fast if all evaluated ACLs in the group are fast # and slow otherwise. - acl aclname all-of acl1 acl2 ... + acl aclname all-of acl1 acl2 ... # match all of the acls [fast or slow] # The first mismatching ACL stops further ACL evaluation. # @@ -1713,7 +1713,7 @@ DOC_START refer to as the indirect client address. This address may be treated as the client address for access control, ICAP, delay pools and logging, depending on the acl_uses_indirect_client, - icap_uses_indirect_client, delay_pool_uses_indirect_client, + icap_uses_indirect_client, delay_pool_uses_indirect_client, log_uses_indirect_client and tproxy_uses_indirect_client options. This clause only supports fast acl types. @@ -2094,13 +2094,13 @@ DOC_START especially useful in interception environments where Squid is likely to see connections for unsupported protocols that Squid should either terminate or tunnel at TCP level. - + on_unsupported_protocol [!]acl ... - + The first matching action wins. Only fast ACLs are supported. Supported actions are: - + tunnel: Establish a TCP connection with the intended server and blindly shovel TCP packets between the client and server. @@ -2283,17 +2283,17 @@ DOC_START generate-host-certificates[=] Dynamically create SSL server certificates for the - destination hosts of bumped CONNECT requests.When + destination hosts of bumped CONNECT requests.When enabled, the cert and key options are used to sign generated certificates. Otherwise generated certificate will be selfsigned. - If there is a CA certificate lifetime of the generated + If there is a CA certificate lifetime of the generated certificate equals lifetime of the CA certificate. If - generated certificate is selfsigned lifetime is three + generated certificate is selfsigned lifetime is three years. This option is enabled by default when ssl-bump is used. See the ssl-bump option above for more information. - + dynamic_cert_mem_cache_size=SIZE Approximate total RAM size spent on cached generated certificates. If set to zero, caching is disabled. The @@ -2424,7 +2424,7 @@ DOC_START Other Options: connection-auth[=on|off] - use connection-auth=off to tell Squid to prevent + use connection-auth=off to tell Squid to prevent forwarding Microsoft connection oriented authentication (NTLM, Negotiate and Kerberos) @@ -2848,62 +2848,62 @@ DOC_START Regardless of this option setting, when dealing with intercepted traffic, Squid always verifies that the destination IP address matches the Host header domain or IP (called 'authority form URL'). - + This enforcement is performed to satisfy a MUST-level requirement in RFC 2616 section 14.23: "The Host field value MUST represent the naming authority of the origin server or gateway given by the original URL". - + When set to ON: Squid always responds with an HTTP 409 (Conflict) error page and logs a security warning if there is no match. - + Squid verifies that the destination IP address matches the Host header for forward-proxy and reverse-proxy traffic as well. For those traffic types, Squid also enables the following checks, comparing the corresponding Host header and Request-URI components: - + * The host names (domain or IP) must be identical, but valueless or missing Host header disables all checks. For the two host names to match, both must be either IP or FQDN. - + * Port numbers must be identical, but if a port is missing the scheme-default port is assumed. - - + + When set to OFF (the default): Squid allows suspicious requests to continue but logs a security warning and blocks caching of the response. - + * Forward-proxy traffic is not checked at all. - + * Reverse-proxy traffic is not checked at all. - + * Intercepted traffic which passes verification is handled according to client_dst_passthru. - + * Intercepted requests which fail verification are sent to the client original destination instead of DIRECT. This overrides 'client_dst_passthru off'. - + For now suspicious intercepted CONNECT requests are always responded to with an HTTP 409 (Conflict) error page. - - + + SECURITY NOTE: - + As described in CVE-2009-0801 when the Host: header alone is used to determine the destination of a request it becomes trivial for malicious scripts on remote websites to bypass browser same-origin security policy and sandboxing protections. - + The cause of this is that such applets are allowed to perform their own HTTP stack, in which case the same-origin policy of the browser sandbox only verifies that the applet tries to contact the same IP as from where it was loaded at the IP level. The Host: header may be different from the connected IP and approved origin. - + DOC_END NAME: client_dst_passthru @@ -2914,20 +2914,20 @@ DOC_START With NAT or TPROXY intercepted traffic Squid may pass the request directly to the original client destination IP or seek a faster source using the HTTP Host header. - + Using Host to locate alternative servers can provide faster connectivity with a range of failure recovery options. But can also lead to connectivity trouble when the client and server are attempting stateful interactions unaware of the proxy. - + This option (on by default) prevents alternative DNS entries being located to send intercepted traffic DIRECT to an origin server. The clients original destination IP and port will be used instead. - + Regardless of this option setting, when dealing with intercepted traffic Squid will verify the Host: header and any traffic which fails Host verification will be treated as if this option were ON. - + see host_verify_strict for details on the verification process. DOC_END @@ -2943,17 +2943,17 @@ DEFAULT: min-version=1.0 LOC: Security::ProxyOutgoingConfig DOC_START disable Do not support https:// URLs. - + cert=/path/to/client/certificate A client X.509 certificate to use when connecting. - + key=/path/to/client/private_key The private key corresponding to the cert= above. If key= is not specified cert= is assumed to reference a PEM file containing both the certificate and private key. - + cipher=... The list of valid TLS ciphers to use. min-version=1.N @@ -2997,29 +2997,29 @@ DOC_START for a more complete list. http://www.gnutls.org/manual/gnutls.html#Priority-Strings - + cafile= PEM file containing CA certificates to use when verifying the peer certificate. May be repeated to load multiple files. capath= A directory containing additional CA certificates to use when verifying the peer certificate. Requires OpenSSL or LibreSSL. - + crlfile=... A certificate revocation list file to use when verifying the peer certificate. - + flags=... Specify various flags modifying the TLS implementation: - + DONT_VERIFY_PEER Accept certificates even if they fail to verify. DONT_VERIFY_DOMAIN Don't verify the peer certificate matches the server name - + default-ca[=off] Whether to use the system Trusted CAs. Default is ON. - + domain= The peer name as advertised in its certificate. Used for verifying the correctness of the received peer certificate. If not specified the peer hostname will be @@ -3167,7 +3167,7 @@ DOC_START not allow to make decisions based on SSL handshake info. peek-and-splice - Decide whether to bump or splice the connection based on + Decide whether to bump or splice the connection based on client-to-squid and server-to-squid SSL hello messages. XXX: Remove. @@ -3282,7 +3282,7 @@ DEFAULT: none TYPE: sslproxy_cert_adapt LOC: Config.ssl_client.cert_adapt DOC_START - + sslproxy_cert_adapt acl ... The following certificate adaptation algorithms are supported: @@ -3296,12 +3296,12 @@ DOC_START the CA certificate used to sign generated certificates. setCommonName or setCommonName{CN} - Sets Subject.CN property to the host name specified as a + Sets Subject.CN property to the host name specified as a CN parameter or, if no explicit CN parameter was specified, extracted from the CONNECT request. It is a misconfiguration to use setCommonName without an explicit parameter for intercepted or tproxied SSL connections. - + This clause only supports fast acl types. Squid first groups sslproxy_cert_adapt options by adaptation algorithm. @@ -3336,12 +3336,12 @@ DOC_START DOC_END COMMENT_START - OPTIONS RELATING TO EXTERNAL SSL_CRTD + OPTIONS RELATING TO EXTERNAL SSL_CRTD ----------------------------------------------------------------------------- COMMENT_END NAME: sslcrtd_program -TYPE: eol +TYPE: eol IFDEF: USE_SSL_CRTD DEFAULT: @DEFAULT_SSL_CRTD@ -s @DEFAULT_SSL_DB_DIR@ -M 4MB LOC: Ssl::TheConfig.ssl_crtd @@ -3374,18 +3374,18 @@ DOC_START The startup= and idle= options allow some measure of skew in your tuning. - + startup=N - + Sets the minimum number of processes to spawn when Squid starts or reconfigures. When set to zero the first request will cause spawning of the first child process to handle it. - + Starting too few children temporary slows Squid under load while it tries to spawn enough additional processes to cope with traffic. - + idle=N - + Sets a minimum of how many processes Squid is to try and keep available at all times. When traffic begins to rise above what the existing processes can handle this many more will be spawned up to the maximum @@ -3398,7 +3398,7 @@ DOC_START numberofchildren limit. If the queued requests exceed queue size for more than 3 minutes squid aborts its operation. The default value is set to 2*numberofchildren. - + You must have at least one ssl_crtd process. DOC_END @@ -3431,32 +3431,32 @@ DOC_START does not support spawning more than 32 helpers. Usage: numberofchildren [option]... - + The startup= and idle= options allow some measure of skew in your tuning. - + startup=N - + Sets the minimum number of processes to spawn when Squid starts or reconfigures. When set to zero the first request will cause spawning of the first child process to handle it. - + Starting too few children temporary slows Squid under load while it tries to spawn enough additional processes to cope with traffic. - + idle=N - + Sets a minimum of how many processes Squid is to try and keep available at all times. When traffic begins to rise above what the existing processes can handle this many more will be spawned up to the maximum configured. A minimum setting of 1 is required. concurrency= - + The number of requests each certificate validator helper can handle in parallel. A value of 0 indicates the certficate validator does not support concurrency. Defaults to 1. - + When this directive is set to a value >= 1 then the protocol used to communicate with the helper is modified to include a request ID in front of the request/response. The request @@ -3470,7 +3470,7 @@ DOC_START child can be started due to numberofchildren limit. If the queued requests exceed queue size for more than 3 minutes squid aborts its operation. The default value is set to 2*numberofchildren. - + You must have at least one ssl_crt_validator process. DOC_END @@ -3485,11 +3485,11 @@ DEFAULT: none LOC: Config.peers DOC_START To specify other caches in a hierarchy, use the format: - + cache_peer hostname type http-port icp-port [options] - + For example, - + # proxy icp # hostname type port port options # -------------------- -------- ----- ----- ----------- @@ -3497,96 +3497,96 @@ DOC_START cache_peer sib1.foo.net sibling 3128 3130 proxy-only cache_peer sib2.foo.net sibling 3128 3130 proxy-only cache_peer example.com parent 80 0 default - cache_peer cdn.example.com sibling 3128 0 - + cache_peer cdn.example.com sibling 3128 0 + type: either 'parent', 'sibling', or 'multicast'. - + proxy-port: The port number where the peer accept HTTP requests. For other Squid proxies this is usually 3128 For web servers this is usually 80 - + icp-port: Used for querying neighbor caches about objects. Set to 0 if the peer does not support ICP or HTCP. See ICP and HTCP options below for additional details. - - + + ==== ICP OPTIONS ==== - + You MUST also set icp_port and icp_access explicitly when using these options. The defaults will prevent peer traffic using ICP. - - + + no-query Disable ICP queries to this neighbor. - + multicast-responder Indicates the named peer is a member of a multicast group. ICP queries will not be sent directly to the peer, but ICP replies will be accepted from it. - + closest-only Indicates that, for ICP_OP_MISS replies, we'll only forward CLOSEST_PARENT_MISSes and never FIRST_PARENT_MISSes. - + background-ping To only send ICP queries to this neighbor infrequently. This is used to keep the neighbor round trip time updated and is usually used in conjunction with weighted-round-robin. - - + + ==== HTCP OPTIONS ==== - + You MUST also set htcp_port and htcp_access explicitly when using these options. The defaults will prevent peer traffic using HTCP. - - + + htcp Send HTCP, instead of ICP, queries to the neighbor. You probably also want to set the "icp-port" to 4827 instead of 3130. This directive accepts a comma separated list of options described below. - + htcp=oldsquid Send HTCP to old Squid versions (2.5 or earlier). - + htcp=no-clr Send HTCP to the neighbor but without sending any CLR requests. This cannot be used with only-clr. - + htcp=only-clr Send HTCP to the neighbor but ONLY CLR requests. This cannot be used with no-clr. - + htcp=no-purge-clr Send HTCP to the neighbor including CLRs but only when they do not result from PURGE requests. - + htcp=forward-clr Forward any HTCP CLR requests this proxy receives to the peer. - - + + ==== PEER SELECTION METHODS ==== - + The default peer selection method is ICP, with the first responding peer being used as source. These options can be used for better load balancing. - - + + default This is a parent cache which can be used as a "last-resort" if a peer cannot be located by any of the peer-selection methods. If specified more than once, only the first is used. - + round-robin Load-Balance parents which should be used in a round-robin fashion in the absence of any ICP queries. weight=N can be used to add bias. - + weighted-round-robin Load-Balance parents which should be used in a round-robin fashion with the frequency of each parent being based on the round trip time. Closer parents are used more often. Usually used for background-ping parents. weight=N can be used to add bias. - + carp Load-Balance parents which should be used as a CARP array. The requests will be distributed among the parents based on the CARP load balancing hash function based on their weight. - + userhash Load-balance parents based on the client proxy_auth or ident username. - + sourcehash Load-balance parents based on the client source IP. multicast-siblings @@ -3597,97 +3597,97 @@ DOC_START a "parent" cache, anyway. It's useful, e.g., when configuring a pool of redundant Squid proxies, being members of the same multicast group. - - + + ==== PEER SELECTION OPTIONS ==== - + weight=N use to affect the selection of a peer during any weighted peer-selection mechanisms. The weight must be an integer; default is 1, larger weights are favored more. This option does not affect parent selection if a peering protocol is not in use. - + basetime=N Specify a base amount to be subtracted from round trip times of parents. It is subtracted before division by weight in calculating which parent to fectch from. If the rtt is less than the base time the rtt is set to a minimal value. - + ttl=N Specify a TTL to use when sending multicast ICP queries to this address. Only useful when sending to a multicast group. Because we don't accept ICP replies from random hosts, you must configure other group members as peers with the 'multicast-responder' option. - + no-delay To prevent access to this neighbor from influencing the delay pools. - + digest-url=URL Tell Squid to fetch the cache digest (if digests are enabled) for this host from the specified URL rather than the Squid default location. - - + + ==== CARP OPTIONS ==== - + carp-key=key-specification use a different key than the full URL to hash against the peer. - the key-specification is a comma-separated list of the keywords + the key-specification is a comma-separated list of the keywords scheme, host, port, path, params Order is not important. - + ==== ACCELERATOR / REVERSE-PROXY OPTIONS ==== - + originserver Causes this parent to be contacted as an origin server. Meant to be used in accelerator setups when the peer is a web server. - + forceddomain=name Set the Host header of requests forwarded to this peer. Useful in accelerator setups where the server (peer) expects a certain domain name but clients may request others. ie example.com or www.example.com - + no-digest Disable request of cache digests. - + no-netdb-exchange Disables requesting ICMP RTT database (NetDB). - - + + ==== AUTHENTICATION OPTIONS ==== - + login=user:password If this is a personal/workgroup proxy and your parent requires proxy authentication. - + Note: The string can include URL escapes (i.e. %20 for spaces). This also means % must be written as %%. - + login=PASSTHRU Send login details received from client to this peer. Both Proxy- and WWW-Authorization headers are passed without alteration to the peer. Authentication is not required by Squid for this to work. - + Note: This will pass any form of authentication but only Basic auth will work through a proxy unless the connection-auth options are also used. login=PASS Send login details received from client to this peer. Authentication is not required by this option. - + If there are no client-provided authentication headers to pass on, but username and password are available from an external ACL user= and password= result tags they may be sent instead. - + Note: To combine this with proxy_auth both proxies must share the same user database as HTTP only allows for a single login (one for proxy, one for origin server). Also be warned this will expose your users proxy password to the peer. USE WITH CAUTION - + login=*:password Send the username to the upstream cache, but with a fixed password. This is meant to be used when the peer @@ -3697,57 +3697,57 @@ DOC_START information which is added to the username. This can be used to identify this proxy to the peer, similar to the login=username:password option above. - + login=NEGOTIATE If this is a personal/workgroup proxy and your parent requires a secure proxy authentication. The first principal from the default keytab or defined by - the environment variable KRB5_KTNAME will be used. - + the environment variable KRB5_KTNAME will be used. + WARNING: The connection may transmit requests from multiple clients. Negotiate often assumes end-to-end authentication and a single-client. Which is not strictly true here. - + login=NEGOTIATE:principal_name If this is a personal/workgroup proxy and your parent - requires a secure proxy authentication. + requires a secure proxy authentication. The principal principal_name from the default keytab or defined by the environment variable KRB5_KTNAME will be used. - + WARNING: The connection may transmit requests from multiple clients. Negotiate often assumes end-to-end authentication and a single-client. Which is not strictly true here. - + connection-auth=on|off Tell Squid that this peer does or not support Microsoft connection oriented authentication, and any such challenges received from there should be ignored. Default is auto to automatically determine the status of the peer. - + auth-no-keytab Do not use a keytab to authenticate to a peer when login=NEGOTIATE is specified. Let the GSSAPI implementation determine which already existing credentials cache to use instead. - - + + ==== SSL / HTTPS / TLS OPTIONS ==== - + tls Encrypt connections to this peer with TLS. - + sslcert=/path/to/ssl/certificate A client X.509 certificate to use when connecting to this peer. - + sslkey=/path/to/ssl/key The private key corresponding to sslcert above. If sslkey= is not specified sslcert= is assumed to reference a PEM file containing both the certificate and private key. - + sslcipher=... The list of valid SSL ciphers to use when connecting to this peer. @@ -3794,16 +3794,16 @@ DOC_START tls-cafile= PEM file containing CA certificates to use when verifying the peer certificate. May be repeated to load multiple files. - + sslcapath=... A directory containing additional CA certificates to use when verifying the peer certificate. Requires OpenSSL or LibreSSL. - + sslcrlfile=... A certificate revocation list file to use when verifying the peer certificate. - + sslflags=... Specify various flags modifying the SSL implementation: - + DONT_VERIFY_PEER Accept certificates even if they fail to verify. @@ -3811,35 +3811,35 @@ DOC_START DONT_VERIFY_DOMAIN Don't verify the peer certificate matches the server name - + ssldomain= The peer name as advertised in it's certificate. Used for verifying the correctness of the received peer certificate. If not specified the peer hostname will be used. - + front-end-https[=off|on|auto] Enable the "Front-End-Https: On" header needed when using Squid as a SSL frontend in front of Microsoft OWA. See MS KB document Q307347 for details on this header. If set to auto the header will only be added if the request is forwarded as a https:// URL. - + tls-default-ca[=off] Whether to use the system Trusted CAs. Default is ON. - + tls-no-npn Do not use the TLS NPN extension to advertise HTTP/1.1. ==== GENERAL OPTIONS ==== - + connect-timeout=N A peer-specific connect timeout. Also see the peer_connect_timeout directive. - + connect-fail-limit=N How many times connecting to a peer must fail before it is marked as down. Standby connection failures count towards this limit. Default is 10. - + allow-miss Disable Squid's use of only-if-cached when forwarding requests to siblings. This is primarily useful when icp_hit_stale is used by the sibling. Excessive use @@ -3848,28 +3848,28 @@ DOC_START deny cache peer usage on requests from a peer: acl fromPeer ... cache_peer_access peerName deny fromPeer - + max-conn=N Limit the number of concurrent connections the Squid may open to this peer, including already opened idle and standby connections. There is no peer-specific connection limit by default. - + A peer exceeding the limit is not used for new requests unless a standby connection is available. - + max-conn currently works poorly with idle persistent connections: When a peer reaches its max-conn limit, and there are idle persistent connections to the peer, the peer may not be selected because the limiting code does not know whether Squid can reuse those idle connections. - + standby=N Maintain a pool of N "hot standby" connections to an UP peer, available for requests when no idle persistent connection is available (or safe) to use. By default and with zero N, no such pool is maintained. N must not exceed the max-conn limit (if any). - + At start or after reconfiguration, Squid opens new TCP standby connections until there are N connections available and then replenishes the standby pool as @@ -3877,14 +3877,14 @@ DOC_START connection never goes back to the standby pool, but may go to the regular idle persistent connection pool shared by all peers and origin servers. - + Squid never opens multiple new standby connections concurrently. This one-at-a-time approach minimizes flooding-like effect on peers. Furthermore, just a few standby connections should be sufficient in most cases to supply most new requests with a ready-to-use connection. - + Standby connections obey server_idle_pconn_timeout. For the feature to work as intended, the peer must be configured to accept and keep them open longer than @@ -3893,7 +3893,7 @@ DOC_START connections. Default request_timeout and server_idle_pconn_timeout values ensure such a configuration. - + name=xxx Unique name for the peer. Required if you have multiple peers on the same host but different ports. @@ -3901,13 +3901,13 @@ DOC_START directives to identify the peer. Can be used by outgoing access controls through the peername ACL type. - + no-tproxy Do not use the client-spoof TPROXY support when forwarding requests to this peer. Use normal address selection instead. This overrides the spoof_client_ip ACL. - + proxy-only objects fetched from the peer will not be stored locally. - + DOC_END NAME: cache_peer_access @@ -4006,7 +4006,7 @@ DOC_START certain persistent connection failures and any attempts to use a different peer. However, low-level connection reopening attempts (enabled using connect_retries) are not counted. - + See also: forward_timeout and connect_retries. DOC_END @@ -4188,14 +4188,14 @@ LOC: Config.Store.maxObjectSize DOC_START Set the default value for max-size parameter on any cache_dir. The value is specified in bytes, and the default is 4 MB. - + If you wish to get a high BYTES hit ratio, you should probably increase this (one 32 MB object hit counts for 3200 10KB hits). - + If you wish to increase hit ratio more than you want to save bandwidth you should leave this low. - + NOTE: if using the LFUDA replacement policy you should increase this value to maximize the byte hit rate improvement of LFUDA! See cache_replacement_policy for a discussion of this policy. @@ -4655,7 +4655,7 @@ DOC_START default %d/%b/%Y:%H:%M:%S %z tr Response time (milliseconds) dt Total time spent making DNS lookups (milliseconds) - tS Approximate master transaction start time in + tS Approximate master transaction start time in . format. Currently, Squid considers the master transaction started when a complete HTTP request header initiating @@ -4776,7 +4776,7 @@ DOC_START [http::]: [option ...] [acl acl ...] @@ -5025,12 +5025,12 @@ DOC_START In most cases, the first ACL name must not contain the '=' character and should not be equal to an existing logformat name. You can always start with an 'all' ACL to work around those restrictions. - + Will log to the specified module:place using the specified format (which must be defined in a logformat directive) those entries which match ALL the acl's specified (which must be defined in acl clauses). If no acl is specified, all requests will be logged to this destination. - + ===== Available options for the recommended directive format ===== logformat=name Names log line format (either built-in or @@ -5049,7 +5049,7 @@ DOC_START on-error=die|drop Defines action on unrecoverable errors. The 'drop' action ignores (i.e., does not log) affected log records. The default 'die' action - kills the affected worker. The drop action + kills the affected worker. The drop action support has not been tested for modules other than tcp. @@ -5063,20 +5063,20 @@ DOC_START Only supported by the stdio module. ===== Modules Currently available ===== - + none Do not log any requests matching these ACL. Do not specify Place or logformat name. - + stdio Write each log line to disk immediately at the completion of each request. Place: the filename and path to be written. - + daemon Very similar to stdio. But instead of writing to disk the log line is passed to a daemon helper for asychronous handling instead. Place: varies depending on the daemon. - + log_file_daemon Place: the file name and path to be written. - + syslog To log each request via syslog facility. Place: The syslog facility and priority level for these entries. Place Format: facility.priority @@ -5086,7 +5086,7 @@ DOC_START And priority could be any of: err, warning, notice, info, debug. - + udp To send each log line as text data to a UDP receiver. Place: The destination host name or IP and port. Place Format: //host:port @@ -5112,7 +5112,7 @@ DOC_START The icap_log option format is: icap_log [ [acl acl ...]] icap_log none [acl acl ...]] - + Please see access_log option documentation for details. The two kinds of logs share the overall configuration approach and many features. @@ -5161,7 +5161,7 @@ DOC_START icap::ru ICAP Request-URI. Similar to ru. - icap::rm ICAP request method (REQMOD, RESPMOD, or + icap::rm ICAP request method (REQMOD, RESPMOD, or OPTIONS). Similar to existing rm. icap::>st The total size of the ICAP request sent to the ICAP @@ -5252,10 +5252,10 @@ DOC_START saved and for how long. There are not really utilities to analyze this data, so you can safely disable it (the default). - + Store log uses modular logging outputs. See access_log for the list of modules supported. - + Example: cache_store_log stdio:@DEFAULT_STORE_LOG@ cache_store_log daemon:@DEFAULT_STORE_LOG@ @@ -5531,7 +5531,7 @@ DOC_START NATs may be able to put the connection on a "fast path" through the translator using EPSV, as the EPRT command will never be used - and therefore, translation of the data portion of the segments + and therefore, translation of the data portion of the segments will never be needed. EPSV is often required to interoperate with FTP servers on IPv6 @@ -5747,18 +5747,18 @@ DOC_START The startup= and idle= options allow some measure of skew in your tuning. - + startup= - + Sets a minimum of how many processes are to be spawned when Squid starts or reconfigures. When set to zero the first request will cause spawning of the first child process to handle it. - + Starting too few will cause an initial slowdown in traffic as Squid attempts to simultaneously spawn enough processes to cope. - + idle= - + Sets a minimum of how many processes Squid is to try and keep available at all times. When traffic begins to rise above what the existing processes can handle this many more will be spawned up to the maximum @@ -5813,14 +5813,14 @@ DOC_START To preserve same-origin security policies in browsers and prevent Host: header forgery by redirectors Squid rewrites any Host: header in redirected requests. - + If you are running an accelerator this may not be a wanted effect of a redirector. This directive enables you disable Host: alteration in reverse-proxy traffic. - + WARNING: Entries are cached on the result of the URL rewriting process, so be careful if you have domain-virtual hosts. - + WARNING: Squid and other software verifies the URL and Host are matching, so be careful not to relay through other proxies or inspecting firewalls with this disabled. @@ -5974,21 +5974,21 @@ DOC_START queues. Using too many helpers wastes your system resources. Usage: numberofchildren [option]... - + The startup= and idle= options allow some measure of skew in your tuning. - + startup= - + Sets a minimum of how many processes are to be spawned when Squid starts or reconfigures. When set to zero the first request will cause spawning of the first child process to handle it. - + Starting too few will cause an initial slowdown in traffic as Squid attempts to simultaneously spawn enough processes to cope. - + idle= - + Sets a minimum of how many processes Squid is to try and keep available at all times. When traffic begins to rise above what the existing processes can handle this many more will be spawned up to the maximum @@ -6058,7 +6058,7 @@ DOC_START queue grows too large, the action is prescribed by the on-persistent-overload option. You should only enable this if the helpers are not critical to your caching system. If you use - helpers for critical caching components, and you enable this + helpers for critical caching components, and you enable this option, users may not get objects from cache. This options sets default queue-size option of the store_id_children to 0. @@ -6252,9 +6252,9 @@ DOC_START ensures that the client will receive an updated version if one is available. - store-stale stores responses even if they don't have explicit - freshness or a validator (i.e., Last-Modified or an ETag) - present, or if they're already stale. By default, Squid will + store-stale stores responses even if they don't have explicit + freshness or a validator (i.e., Last-Modified or an ETag) + present, or if they're already stale. By default, Squid will not cache such responses because they usually can't be reused. Note that such responses will be stale by default. @@ -6399,35 +6399,35 @@ LOC: Config.rangeOffsetLimit DEFAULT: none DOC_START usage: (size) [units] [[!]aclname] - - Sets an upper limit on how far (number of bytes) into the file - a Range request may be to cause Squid to prefetch the whole file. - If beyond this limit, Squid forwards the Range request as it is and + + Sets an upper limit on how far (number of bytes) into the file + a Range request may be to cause Squid to prefetch the whole file. + If beyond this limit, Squid forwards the Range request as it is and the result is NOT cached. - + This is to stop a far ahead range request (lets say start at 17MB) from making Squid fetch the whole object up to that point before sending anything to the client. - - Multiple range_offset_limit lines may be specified, and they will - be searched from top to bottom on each request until a match is found. - The first match found will be used. If no line matches a request, the + + Multiple range_offset_limit lines may be specified, and they will + be searched from top to bottom on each request until a match is found. + The first match found will be used. If no line matches a request, the default limit of 0 bytes will be used. - + 'size' is the limit specified as a number of units. - + 'units' specifies whether to use bytes, KB, MB, etc. If no units are specified bytes are assumed. - + A size of 0 causes Squid to never fetch more than the client requested. (default) - + A size of 'none' causes Squid to always fetch the object from the beginning so it may cache the result. (2.0 style) - + 'aclname' is the name of a defined ACL. - - NP: Using 'none' as the byte value here will override any quick_abort settings + + NP: Using 'none' as the byte value here will override any quick_abort settings that may otherwise apply to the range request. The range request will be fully fetched from start to finish regardless of the client actions. This affects bandwidth usage. @@ -7126,16 +7126,16 @@ DOC_START the idle connection pool (or equivalent). No effect on ongoing/active transactions. Connection lifetime is the time period from the connection acceptance or opening time until "now". - + This limit is useful in environments with long-lived connections where Squid configuration or environmental factors change during a single connection lifetime. If unrestricted, some connections may last for hours and even days, ignoring those changes that should have affected their behavior or their existence. - + Currently, a new lifetime value supplied via Squid reconfiguration has no effect on already idle connections unless they become busy. - + When set to '0' this limit is not used. DOC_END @@ -8783,7 +8783,7 @@ DOC_START DOC_END COMMENT_START - OPTIONS INFLUENCING REQUEST FORWARDING + OPTIONS INFLUENCING REQUEST FORWARDING ----------------------------------------------------------------------------- COMMENT_END @@ -9016,7 +9016,7 @@ DOC_START See the accf_dataready(9) man page for details. Linux: - + The 'data' filter delays delivering of new connections to Squid until there is some data to process by TCP_ACCEPT_DEFER. You may optionally specify a number of seconds to wait by @@ -9122,12 +9122,12 @@ DOC_START between ICAP OPTIONS requests. Squid forgets ICAP service failures older than the specified - value of memory-depth. The memory fading algorithm - is approximate because Squid does not remember individual + value of memory-depth. The memory fading algorithm + is approximate because Squid does not remember individual errors but groups them instead, splitting the option value into ten time slots of equal length. - When memory-depth is 0 and by default this option has no + When memory-depth is 0 and by default this option has no effect on service failure expiration. Squid always forgets failures when updating service settings @@ -9163,7 +9163,7 @@ DEFAULT: on DOC_START The ICAP Preview feature allows the ICAP server to handle the HTTP message by looking only at the beginning of the message body - or even without receiving the body at all. In some environments, + or even without receiving the body at all. In some environments, previews greatly speedup ICAP processing. During an ICAP OPTIONS transaction, the server may tell Squid what @@ -9357,7 +9357,7 @@ DOC_START * block: send an HTTP error response to the client * bypass: ignore the "over-connected" ICAP service * wait: wait (in a FIFO queue) for an ICAP connection slot - * force: proceed, ignoring the Max-Connections limit + * force: proceed, ignoring the Max-Connections limit In SMP mode with N workers, each worker assumes the service connection limit is Max-Connections/N, even though not all @@ -9365,7 +9365,7 @@ DOC_START The default value is "bypass" if service is bypassable, otherwise it is set to "wait". - + max-conn=number Use the given number as the Max-Connections limit, regardless @@ -9470,7 +9470,7 @@ DEFAULT: none DOC_START This deprecated option was documented to define an ICAP service chain, even though it actually defined a set of similar, redundant - services, and the chains were not supported. + services, and the chains were not supported. To define a set of redundant services, please use the adaptation_service_set directive. For service chains, use @@ -9558,7 +9558,7 @@ DOC_START connection-encryption=on|off Determines the eCAP service effect on the connections_encrypted - ACL. + ACL. Defaults to "on", which does not taint the master transaction w.r.t. that ACL. @@ -9746,8 +9746,8 @@ DOC_START This option specifies the table entry names that Squid must accept from and forward to the adaptation transactions. - An ICAP REQMOD or RESPMOD transaction may set an entry in the - shared table by returning an ICAP header field with a name + An ICAP REQMOD or RESPMOD transaction may set an entry in the + shared table by returning an ICAP header field with a name specified in adaptation_masterx_shared_names. An eCAP REQMOD or RESPMOD transaction may set an entry in the @@ -9775,24 +9775,24 @@ DOC_START headers or eCAP options to Squid ICAP requests or eCAP transactions. Use it to pass custom authentication tokens and other transaction-state related meta information to an ICAP/eCAP service. - + The addition of a meta header is ACL-driven: adaptation_meta name value [!]aclname ... - + Processing for a given header name stops after the first ACL list match. Thus, it is impossible to add two headers with the same name. If no ACL - lists match for a given header name, no such header is added. For + lists match for a given header name, no such header is added. For example: - + # do not debug transactions except for those that need debugging adaptation_meta X-Debug 1 needs_debugging - + # log all transactions except for those that must remain secret adaptation_meta X-Log 1 !keep_secret - + # mark transactions from users in the "G 1" group adaptation_meta X-Authenticated-Groups "G 1" authed_as_G1 - + The "value" parameter may be a regular squid.conf token or a "double quoted string". Within the quoted string, use backslash (\) to escape any character, which is currently only useful for escaping backslashes @@ -9895,17 +9895,17 @@ LOC: Config.dns.packet_max DOC_START Maximum number of bytes packet size to advertise via EDNS. Set to "none" to disable EDNS large packet support. - + For legacy reasons DNS UDP replies will default to 512 bytes which is too small for many responses. EDNS provides a means for Squid to negotiate receiving larger responses back immediately without having to failover with repeat requests. Responses larger than this limit will retain the old behaviour of failover to TCP DNS. - + Squid has no real fixed limit internally, but allowing packet sizes over 1500 bytes requires network jumbogram support and is usually not necessary. - + WARNING: The RFC also indicates that some older resolvers will reply with failure of the whole request if the extension is added. Some resolvers have already been identified which will reply with mangled @@ -10276,10 +10276,10 @@ DOC_START receiving an error response with status 403 (Forbidden), 500 (Internal Error), 501 or 503 (Service not available). Status 502 and 504 (Gateway errors) are always retried. - + This is mainly useful if you are in a complex cache hierarchy to work around access control errors. - + NOTE: This retry will attempt to find another working destination. Which is different from the server which just failed. DOC_END @@ -10434,7 +10434,7 @@ TYPE: onoff DEFAULT: on LOC: Config.onoff.WIN32_IpAddrChangeMonitor DOC_START - On Windows Squid by default will monitor IP address changes and will + On Windows Squid by default will monitor IP address changes and will reconfigure itself after any detected event. This is very useful for proxies connected to internet with dial-up interfaces. In some cases (a Proxy server acting as VPN gateway is one) it could be @@ -10477,7 +10477,7 @@ DOC_START and FTP agents that require a "Please Continue" control message response to actually send the request body to Squid. It is mostly useful in adaptation environments. - + When Squid receives an HTTP request with an "Expect: 100-continue" header or an FTP upload command (e.g., STOR), Squid normally sends the request headers or FTP command information to an adaptation service (or @@ -10487,7 +10487,7 @@ DOC_START that request body or data transfer may never come because Squid has not responded with the HTTP 100 or FTP 150 (Please Continue) control message to the request sender yet! - + An allow match tells Squid to respond with the HTTP 100 or FTP 150 (Please Continue) control message on its own, before forwarding the request to an adaptation service or peer. Such a response usually forces diff --git a/src/cf_gen_defines b/src/cf_gen_defines index 36d27a5306..eaa4504bb5 100644 --- a/src/cf_gen_defines +++ b/src/cf_gen_defines @@ -1,4 +1,4 @@ -#!/usr/bin/awk -f +#!/usr/bin/awk -f ## Copyright (C) 1996-2022 The Squid Software Foundation and contributors ## diff --git a/src/http/RegisteredHeadersHash.gperf b/src/http/RegisteredHeadersHash.gperf index 60c56ff28c..c8a17cf45e 100644 --- a/src/http/RegisteredHeadersHash.gperf +++ b/src/http/RegisteredHeadersHash.gperf @@ -20,7 +20,7 @@ %enum %global-table %ignore-case -%struct-type +%struct-type class HeaderTableRecord; %% Accept, Http::HdrType::ACCEPT, Http::HdrFieldType::ftStr, HdrKind::ListHeader|HdrKind::RequestHeader diff --git a/src/log/DB/doc/views.sql b/src/log/DB/doc/views.sql index 4399420225..b253e38834 100644 --- a/src/log/DB/doc/views.sql +++ b/src/log/DB/doc/views.sql @@ -393,7 +393,7 @@ CREATE OR REPLACE VIEW days_with_infos AS SELECT SUM(http_reply_size) FROM access_log a1 WHERE a.date_day = a1.date_day - ) * 100 + ) * 100 ) AS most_active_client_t_pc FROM access_log a diff --git a/test-builds.sh b/test-builds.sh index fcaeaeba8e..8f4ec4d8f2 100755 --- a/test-builds.sh +++ b/test-builds.sh @@ -153,7 +153,7 @@ else fi for t in $tests; do - if test -e "$t"; then + if test -e "$t"; then # A configuration file cfg="$t" elif test -e "$top/test-suite/buildtests/${t}.opts"; then diff --git a/test-suite/Makefile.am b/test-suite/Makefile.am index 69bb74c0e8..0233c0e850 100644 --- a/test-suite/Makefile.am +++ b/test-suite/Makefile.am @@ -88,7 +88,7 @@ stub_fatal.cc: $(top_srcdir)/src/tests/stub_fatal.cc stub_libmem.cc: $(top_srcdir)/src/tests/stub_libmem.cc STUB.h cp $(top_srcdir)/src/tests/stub_libmem.cc $@ - + STUB.h: $(top_srcdir)/src/tests/STUB.h cp $(top_srcdir)/src/tests/STUB.h $@ diff --git a/test-suite/buildtests/layer-01-minimal.opts b/test-suite/buildtests/layer-01-minimal.opts index 39e23d8bb4..68fa118440 100644 --- a/test-suite/buildtests/layer-01-minimal.opts +++ b/test-suite/buildtests/layer-01-minimal.opts @@ -8,7 +8,7 @@ # # Minimal configuration options. # - Everthing that can be disabled is -# - Everyhing that can be done without is +# - Everyhing that can be done without is # # # Check - everything MUST work at this level @@ -33,7 +33,7 @@ MAKETEST="distcheck" # GCC-9 cannot (yet) test this due to segmentation faults in std::string template optimizations (via cppunit) # --disable-optimizations \ # -# NP: DISTCHECK_CONFIGURE_FLAGS is a magic automake macro for the +# NP: DISTCHECK_CONFIGURE_FLAGS is a magic automake macro for the # distcheck target recursive tests beteen scripted runs. # we use it to perform the same duty between our nested scripts. DISTCHECK_CONFIGURE_FLAGS=" \ diff --git a/test-suite/buildtests/layer-02-maximus.opts b/test-suite/buildtests/layer-02-maximus.opts index d297585ee4..bec117f164 100644 --- a/test-suite/buildtests/layer-02-maximus.opts +++ b/test-suite/buildtests/layer-02-maximus.opts @@ -48,7 +48,7 @@ MAKETEST="distcheck" # --enable-cpu-profiling \ Requires CPU support. # # -# NP: DISTCHECK_CONFIGURE_FLAGS is a magic automake macro for the +# NP: DISTCHECK_CONFIGURE_FLAGS is a magic automake macro for the # distcheck target recursive tests beteen scripted runs. # we use it to perform the same duty between our nested scripts. DISTCHECK_CONFIGURE_FLAGS=" \ diff --git a/test-suite/buildtests/layer-04-noauth-everything.opts b/test-suite/buildtests/layer-04-noauth-everything.opts index 4ce14709a6..0c44c72558 100644 --- a/test-suite/buildtests/layer-04-noauth-everything.opts +++ b/test-suite/buildtests/layer-04-noauth-everything.opts @@ -47,7 +47,7 @@ MAKETEST="distcheck" # --enable-cpu-profiling \ Requires CPU support. # # -# NP: DISTCHECK_CONFIGURE_FLAGS is a magic automake macro for the +# NP: DISTCHECK_CONFIGURE_FLAGS is a magic automake macro for the # distcheck target recursive tests beteen scripted runs. # we use it to perform the same duty between our nested scripts. DISTCHECK_CONFIGURE_FLAGS=" \ diff --git a/test-suite/buildtests/os-debian.opts b/test-suite/buildtests/os-debian.opts index 2a8cb5a236..870755e1e3 100644 --- a/test-suite/buildtests/os-debian.opts +++ b/test-suite/buildtests/os-debian.opts @@ -15,7 +15,7 @@ MAKETEST="check installcheck uninstallcheck" # # This is to test any release build against what the package maintainers are seeing # -# NP: DISTCHECK_CONFIGURE_FLAGS is a magic automake macro for the +# NP: DISTCHECK_CONFIGURE_FLAGS is a magic automake macro for the # distcheck target recursive tests beteen scripted runs. # we use it to perform the same duty between our nested scripts. DISTCHECK_CONFIGURE_FLAGS=" \ diff --git a/test-suite/buildtests/os-mingw.opts b/test-suite/buildtests/os-mingw.opts index d1c792bc84..2873a37ddf 100644 --- a/test-suite/buildtests/os-mingw.opts +++ b/test-suite/buildtests/os-mingw.opts @@ -13,7 +13,7 @@ MAKETEST="check installcheck uninstallcheck" # # Configure options currently supported by MinGW environment # -# NP: DISTCHECK_CONFIGURE_FLAGS is a magic automake macro for the +# NP: DISTCHECK_CONFIGURE_FLAGS is a magic automake macro for the # distcheck target recursive tests beteen scripted runs. # we use it to perform the same duty between our nested scripts. DISTCHECK_CONFIGURE_FLAGS=" \ diff --git a/test-suite/buildtests/os-ubuntu.opts b/test-suite/buildtests/os-ubuntu.opts index 1c634c46dc..031d3ceddf 100644 --- a/test-suite/buildtests/os-ubuntu.opts +++ b/test-suite/buildtests/os-ubuntu.opts @@ -14,7 +14,7 @@ MAKETEST="check installcheck uninstallcheck" # # This is to test any release build against what the package maintainers are seeing # -# NP: DISTCHECK_CONFIGURE_FLAGS is a magic automake macro for the +# NP: DISTCHECK_CONFIGURE_FLAGS is a magic automake macro for the # distcheck target recursive tests beteen scripted runs. # we use it to perform the same duty between our nested scripts. DISTCHECK_CONFIGURE_FLAGS=" \ diff --git a/test-suite/testheaders.sh b/test-suite/testheaders.sh index dc8a5bc9dc..f7aac5b1ab 100755 --- a/test-suite/testheaders.sh +++ b/test-suite/testheaders.sh @@ -35,7 +35,7 @@ for f in $@; do #include "${f}" int main( int argc, char* argv[] ) { return 0; } EOF - if ${cc} -c -o $t.o $t.cc ; then + if ${cc} -c -o $t.o $t.cc ; then echo "Ok." else echo "Fail." diff --git a/tools/purge/conffile.hh b/tools/purge/conffile.hh index a467ceb2b5..939a01701a 100644 --- a/tools/purge/conffile.hh +++ b/tools/purge/conffile.hh @@ -69,7 +69,7 @@ struct CacheDir { typedef std::vector CacheDirVector; int -readConfigFile( CacheDirVector& cachedir, +readConfigFile( CacheDirVector& cachedir, const char* fn, FILE* debug = 0 ); // purpose: read squid.conf file and extract cache_dir entries diff --git a/tools/purge/convert.hh b/tools/purge/convert.hh index c7691e688e..95d965fd40 100644 --- a/tools/purge/convert.hh +++ b/tools/purge/convert.hh @@ -72,7 +72,7 @@ my_inet_ntoa( const struct in_addr& a, HostAddress buffer ); const char* my_sock_ntoa( const struct sockaddr_in& a, SockAddress buffer ); // purpose: thread-safely convert IPv4 socket pair into ASCII rep. - // paramtr: a (IN): socket_in address + // paramtr: a (IN): socket_in address // buffer (OUT): storage area to store representation into. // returns: pointer to buffer diff --git a/tools/purge/socket.hh b/tools/purge/socket.hh index 0923c5e169..8886137918 100644 --- a/tools/purge/socket.hh +++ b/tools/purge/socket.hh @@ -118,13 +118,13 @@ connectTo( struct in_addr host, unsigned short port, bool nodelay = false, // paramtr: host (IN): address describing the server // port (IN): port to connect at the server // nodelay (IN): true=set TCP_NODELAY option. - // sendBufferSize (IN): don't set (use sys defaults) if < 0 - // recvBufferSize (IN): don't set (use sys defaults) if < 0 + // sendBufferSize (IN): don't set (use sys defaults) if < 0 + // recvBufferSize (IN): don't set (use sys defaults) if < 0 // returns: >=0 is the descriptor of the opened, connected socket, // -1 is an indication of an error (errno may have been reset). int -serverSocket( struct in_addr host, unsigned short port, +serverSocket( struct in_addr host, unsigned short port, int backlog = SOMAXCONN, bool reuse = true, bool nodelay = false, int sendBufferSize = -1, int recvBufferSize = -1 ); // purpose: open a server socket for listening @@ -134,8 +134,8 @@ serverSocket( struct in_addr host, unsigned short port, // reuse (IN): set SO_REUSEADDR option - default usefully // nodelay (IN): true=set TCP_NODELAY option. // SETTING TCP_NODELAY ON A SERVER SOCKET DOES NOT MAKE SENSE! - // sendBufferSize (IN): don't set (use sys defaults) if < 0 - // recvBufferSize (IN): don't set (use sys defaults) if < 0 + // sendBufferSize (IN): don't set (use sys defaults) if < 0 + // recvBufferSize (IN): don't set (use sys defaults) if < 0 // returns: opened listening fd, or -1 on error. // warning: error message will be printed on stderr and errno reset. diff --git a/tools/purge/squid-tlv.hh b/tools/purge/squid-tlv.hh index a1065ee2a4..43b106fbd6 100644 --- a/tools/purge/squid-tlv.hh +++ b/tools/purge/squid-tlv.hh @@ -59,8 +59,8 @@ typedef int bool; // taken from Squid-2.x // NOTE! We must preserve the order of this list! enum SquidMetaType { - STORE_META_VOID, // should not come up - STORE_META_KEY_URL, // key w/ keytype + STORE_META_VOID, // should not come up + STORE_META_KEY_URL, // key w/ keytype STORE_META_KEY_SHA, STORE_META_KEY_MD5, STORE_META_URL, // the url , if not in the header