Hello community,
here is the log from the commit of package squid3 for openSUSE:Factory
checked in at Tue Nov 10 12:20:50 CET 2009.
--------
--- squid3/squid3.changes 2009-09-02 15:16:15.000000000 +0200
+++ /mounts/work_src_done/STABLE/squid3/squid3.changes 2009-10-08 00:29:20.000000000 +0200
@@ -1,0 +2,41 @@
+Thu Oct 8 00:26:45 CEST 2009 - chris@computersalat.de
+
+- bnc#545162 - squid-3.0.STABLE19
+ o several BUG fixes
+
+-------------------------------------------------------------------
+Wed Oct 7 23:58:37 CEST 2009 - chris@computersalat.de
+
+- added upstream patches
+ o squid-3.0-9107.patch - squid-3.0-9124.patch
+
+-------------------------------------------------------------------
+Mon Sep 14 13:37:55 UTC 2009 - chris@computersalat.de
+
+- new version 3.0.STABLE19
+ * Bug 2745: Invalid Response error on small reads
+ * Bug 2739: DNS resolver option ndots can't be parsed from resolv.conf
+ * Bug 2734: some compile errors on Solaris
+ * Bug 2648: stateful helpers stuck in reserved if client disconnects while helper busy
+ * Bug 2541: Hang in 100% CPU loop while extacting header details
+ using a delimiter other than comma
+ * Bug 2362: Remove support for deferred state in stateful helpers
+ * Add 0.0.0.0 as a to_localhost address
+ * Docs: Improve chroot directive documentation slightly
+ * Fixup libxml2 include magics, was failing when a configure cache was used
+ * ... and some minor testing improvements.
+- spec mods
+ o adding group winbind, add squid to group winbind
+ when using squid with samba-winbind for ntlm_auth
+ squid needs read access to /var/lib/samba/winbindd_privileged
+ group winbind is added if squid is installed before winbind ;)
+
+-------------------------------------------------------------------
+Sat Sep 5 20:21:53 CEST 2009 - chris@computersalat.de
+
+- added upstream patches
+ o b9097 - b9103
+- rpmlint
+ o added fdupes
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
b9091.patch
b9093.patch
b9094.patch
b9095.patch
b9096.patch
squid-3.0.STABLE18-RELEASENOTES.html
squid-3.0.STABLE18.tar.bz2
New:
----
squid-3.0-9107.patch
squid-3.0-9108.patch
squid-3.0-9109.patch
squid-3.0-9110.patch
squid-3.0-9111.patch
squid-3.0-9112.patch
squid-3.0-9113.patch
squid-3.0-9114.patch
squid-3.0-9115.patch
squid-3.0-9116.patch
squid-3.0-9117.patch
squid-3.0-9118.patch
squid-3.0-9119.patch
squid-3.0-9120.patch
squid-3.0-9121.patch
squid-3.0-9122.patch
squid-3.0-9123.patch
squid-3.0-9124.patch
squid-3.0.STABLE19-RELEASENOTES.html
squid-3.0.STABLE19.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ squid3.spec ++++++
--- /var/tmp/diff_new_pack.aO6qWC/_old 2009-11-10 12:17:21.000000000 +0100
+++ /var/tmp/diff_new_pack.aO6qWC/_new 2009-11-10 12:17:21.000000000 +0100
@@ -1,5 +1,5 @@
#
-# spec file for package squid3 (Version 3.0.STABLE18)
+# spec file for package squid3 (Version 3.0.STABLE19)
#
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -25,8 +25,8 @@
Name: squid3
Summary: Squid Version 3 WWW Proxy Server
-Version: 3.0.STABLE18
-Release: 2
+Version: 3.0.STABLE19
+Release: 1
License: GPL v2 or later
Url: http://www.squid-cache.org/Versions/v3
Group: Productivity/Networking/Web/Proxy
@@ -34,7 +34,8 @@
Conflicts: squid squid2 squid23 squid-beta
Obsoletes: squid-beta squid2
AutoReqProv: on
-PreReq: /usr/sbin/useradd, %insserv_prereq, %fillup_prereq
+PreReq: %insserv_prereq %fillup_prereq
+PreReq: pwdutils /usr/bin/getent
Source0: http://www.squid-cache.org/Versions/v3/3.0/squid-%{version}.tar.bz2
#%define squid_ldapauth_version 1.3
#Source1: squid_ldapauth-%{squid_ldapauth_version}.tar.bz2
@@ -54,11 +55,24 @@
# please read every file if there is interest about what the patch changes
# or just visit: http://www.squid-cache.org/Versions/v3/3.0/changesets/
#
-Patch3: http://www.squid-cache.org/Versions/v3/3.0/changesets/b9091.patch
-Patch5: http://www.squid-cache.org/Versions/v3/3.0/changesets/b9093.patch
-Patch6: http://www.squid-cache.org/Versions/v3/3.0/changesets/b9094.patch
-Patch7: http://www.squid-cache.org/Versions/v3/3.0/changesets/b9095.patch
-Patch8: http://www.squid-cache.org/Versions/v3/3.0/changesets/b9096.patch
+Patch1: http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9107.patch
+Patch2: http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9108.patch
+Patch3: http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9109.patch
+Patch4: http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9110.patch
+Patch5: http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9111.patch
+Patch6: http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9112.patch
+Patch7: http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9113.patch
+Patch8: http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9114.patch
+Patch9: http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9115.patch
+Patch10: http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9116.patch
+Patch11: http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9117.patch
+Patch12: http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9118.patch
+Patch13: http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9119.patch
+Patch14: http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9120.patch
+Patch15: http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9121.patch
+Patch16: http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9122.patch
+Patch17: http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9123.patch
+Patch18: http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9124.patch
#
Patch101: squid-beta-3.0-libmxl2.patch
Patch102: squid-beta-3.0-ia64.patch
@@ -73,6 +87,9 @@
%endif
BuildRequires: libexpat-devel libxml2-devel
BuildRequires: openldap2-devel opensp-devel pam-devel sharutils
+%if 0%{?suse_version} > 1030 || 0%{?fedora_version} > 8
+BuildRequires: fdupes
+%endif
Requires: logrotate
Provides: http_proxy
@@ -105,15 +122,26 @@
%setup -q -n squid-%{version}
%{__cp} %{S:11} .
%patch0 -p1
-# can not patch inexistent file
-#%patch1 -p0
-#%patch2 -p0
+# upstream patches after RELEASE
+%patch1 -p0
+%patch2 -p0
%patch3 -p0
-#%patch4 -p0
+%patch4 -p0
%patch5 -p0
%patch6 -p0
%patch7 -p0
%patch8 -p0
+%patch9 -p0
+%patch10 -p0
+%patch11 -p0
+%patch12 -p0
+%patch13 -p0
+%patch14 -p0
+%patch15 -p0
+%patch16 -p0
+%patch17 -p0
+%patch18 -p0
+# other patches
%patch101 -p1
perl -p -i -e 's|SAMBAPREFIX=/usr/local/samba|SAMBAPREFIX=/usr|' helpers/basic_auth/SMB/Makefile.in
perl -p -i -e 's|SAMBAPREFIX=/usr/local/samba|SAMBAPREFIX=/usr|' helpers/ntlm_auth/SMB/Makefile.in
@@ -240,10 +268,29 @@
install -m 644 %{SOURCE10} $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.squid
# remove unpackaged files
rm -f $RPM_BUILD_ROOT/usr/man/man8/*.8
+# fix file duplicates
+%if 0%{?suse_version} > 1030
+%fdupes -s $RPM_BUILD_ROOT
+%endif
+%if 0%{?fedora_version} > 8
+fdupes -q -n -r $RPM_BUILD_ROOT
+%endif
%pre
-/usr/sbin/useradd -r -o -g nogroup -u 31 -s /bin/false -c "WWW-proxy squid" \
- -d /var/cache/squid squid 2> /dev/null || :
+# we need this group for squid (ntlmauth)
+# read access to /var/lib/samba/winbindd_privileged
+if [ -z "`%{_bindir}/getent group winbind 2>/dev/null`" ]; then
+ %{_sbindir}/groupadd -r winbind 2>/dev/null
+fi
+if [ -z "`%{_bindir}/getent passwd squid 2>/dev/null`" ]; then
+/usr/sbin/useradd -c "WWW-proxy squid" -d /var/cache/squid \
+ -G winbind -g nogroup -o -u 31 -r -s /bin/false \
+ squid 2>/dev/null
+fi
+# if squid is not member of winbind, add him
+if [ `%{_bindir}/id -nG squid 2>/dev/null | %{__grep} -q winbind >/dev/null; echo $?` -ne 0 ]; then
+ %{_sbindir}/groupmod -A squid winbind 2>/dev/null
+fi
%post
%run_permissions
++++++ squid-3.0-9107.patch ++++++
------------------------------------------------------------
revno: 9107
revision-id: squid3@treenet.co.nz-20090924090752-sracmnmgdf5o1s0w
parent: amosjeffries@squid-cache.org-20090906112845-8rp57jfebr77mw32
committer: Amos Jeffries
branch nick: SQUID_3_0
timestamp: Thu 2009-09-24 21:07:52 +1200
message:
Author: Henrik Nordstrom
Correct a mistyped asser usin = instead of ==
in this case completely harmless but still wrong..
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20090924090752-sracmnmgdf5o1s0w
# target_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0/
# testament_sha1: 7d6de59a90ad9661d705362d26171eae0845b5eb
# timestamp: 2009-09-24 09:51:01 +0000
# source_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0
# base_revision_id: amosjeffries@squid-cache.org-20090906112845-\
# 8rp57jfebr77mw32
#
# Begin patch
=== modified file 'src/auth/digest/auth_digest.cc'
--- src/auth/digest/auth_digest.cc 2009-02-19 02:19:34 +0000
+++ src/auth/digest/auth_digest.cc 2009-09-24 09:07:52 +0000
@@ -1035,7 +1035,7 @@
authDigestNonceLink(nonce);
/* ping this nonce to this auth user */
- assert((nonce->user == NULL) || (nonce->user = user));
+ assert((nonce->user == NULL) || (nonce->user == user));
/* we don't lock this reference because removing the user removes the
* hash too. Of course if that changes we're stuffed so read the code huh?
++++++ squid-3.0-9108.patch ++++++
------------------------------------------------------------
revno: 9108
revision-id: squid3@treenet.co.nz-20090924092445-e76zca3991fwatzu
parent: squid3@treenet.co.nz-20090924090752-sracmnmgdf5o1s0w
committer: Amos Jeffries
branch nick: SQUID_3_0
timestamp: Thu 2009-09-24 21:24:45 +1200
message:
Author: Philippe Lantin
Bug 2624: Invalid response for IMS request
Squid forgot to verify the client provided If-Modified-Since when
seeing a 304 from upstream.
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20090924092445-e76zca3991fwatzu
# target_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0/
# testament_sha1: f38ad2828ab0085fae57b94cb86e024bdd059f94
# timestamp: 2009-09-24 09:51:05 +0000
# source_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0
# base_revision_id: squid3@treenet.co.nz-20090924090752-\
# sracmnmgdf5o1s0w
#
# Begin patch
=== modified file 'src/client_side_reply.cc'
--- src/client_side_reply.cc 2009-08-02 10:59:16 +0000
+++ src/client_side_reply.cc 2009-09-24 09:24:45 +0000
@@ -366,7 +366,7 @@
// if client sent IMS
- if (http->request->flags.ims) {
+ if (http->request->flags.ims && !old_entry->modifiedSince(http->request)) {
// forward the 304 from origin
debugs(88, 3, "handleIMSReply: origin replied 304, revalidating existing entry and forwarding 304 to client");
sendClientUpstreamResponse();
++++++ squid-3.0-9109.patch ++++++
------------------------------------------------------------
revno: 9109
revision-id: squid3@treenet.co.nz-20090924094350-jjq300yuyb0lkvdi
parent: squid3@treenet.co.nz-20090924092445-e76zca3991fwatzu
committer: Amos Jeffries
branch nick: SQUID_3_0
timestamp: Thu 2009-09-24 21:43:50 +1200
message:
Author: Peter Pramberger
Bug 2761: Gopher and double HTTP response header
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20090924094350-jjq300yuyb0lkvdi
# target_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0/
# testament_sha1: d5a07e18bd7eea5f2d7dbbe652f0ead2b0a3184a
# timestamp: 2009-09-24 09:51:08 +0000
# source_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0
# base_revision_id: squid3@treenet.co.nz-20090924092445-\
# e76zca3991fwatzu
#
# Begin patch
=== modified file 'src/gopher.cc'
--- src/gopher.cc 2007-05-29 19:31:36 +0000
+++ src/gopher.cc 2009-09-24 09:43:50 +0000
@@ -37,6 +37,7 @@
#include "errorpage.h"
#include "Store.h"
#include "HttpRequest.h"
+#include "HttpReply.h"
#include "comm.h"
#if DELAY_POOLS
#include "DelayPools.h"
@@ -104,7 +105,6 @@
GopherStateData;
static PF gopherStateFree;
-static void gopher_mime_content(MemBuf * mb, const char *name, const char *def);
static void gopherMimeCreate(GopherStateData *);
static void gopher_request_parse(const HttpRequest * req,
char *type_id,
@@ -140,35 +140,13 @@
cbdataFree(gopherState);
}
-
-/* figure out content type from file extension */
-static void
-gopher_mime_content(MemBuf * mb, const char *name, const char *def_ctype)
-{
- char *ctype = mimeGetContentType(name);
- char *cenc = mimeGetContentEncoding(name);
-
- if (cenc)
- mb->Printf("Content-Encoding: %s\r\n", cenc);
-
- mb->Printf("Content-Type: %s\r\n",
- ctype ? ctype : def_ctype);
-}
-
-
-
-/* create MIME Header for Gopher Data */
+/* Create MIME Header for Gopher Data */
static void
gopherMimeCreate(GopherStateData * gopherState)
{
- MemBuf mb;
-
- mb.init();
-
- mb.Printf("HTTP/1.0 200 OK Gatewaying\r\n"
- "Server: Squid/%s\r\n"
- "Date: %s\r\n",
- version_string, mkrfc1123(squid_curtime));
+ StoreEntry *entry = gopherState->entry;
+ const char *mime_type = NULL;
+ const char *mime_enc = NULL;
switch (gopherState->type_id) {
@@ -181,7 +159,7 @@
case GOPHER_WWW:
case GOPHER_CSO:
- mb.Printf("Content-Type: text/html\r\n");
+ mime_type = "text/html";
break;
case GOPHER_GIF:
@@ -189,17 +167,17 @@
case GOPHER_IMAGE:
case GOPHER_PLUS_IMAGE:
- mb.Printf("Content-Type: image/gif\r\n");
+ mime_type = "image/gif";
break;
case GOPHER_SOUND:
case GOPHER_PLUS_SOUND:
- mb.Printf("Content-Type: audio/basic\r\n");
+ mime_type = "audio/basic";
break;
case GOPHER_PLUS_MOVIE:
- mb.Printf("Content-Type: video/mpeg\r\n");
+ mime_type = "video/mpeg";
break;
case GOPHER_MACBINHEX:
@@ -210,20 +188,33 @@
case GOPHER_BIN:
/* Rightnow We have no idea what it is. */
- gopher_mime_content(&mb, gopherState->request, def_gopher_bin);
+ mime_enc = mimeGetContentEncoding(gopherState->request);
+ mime_type = mimeGetContentType(gopherState->request);
+ if (!mime_type)
+ mime_type = def_gopher_bin;
break;
case GOPHER_FILE:
default:
- gopher_mime_content(&mb, gopherState->request, def_gopher_text);
+ mime_enc = mimeGetContentEncoding(gopherState->request);
+ mime_type = mimeGetContentType(gopherState->request);
+ if (!mime_type)
+ mime_type = def_gopher_text;
break;
}
- mb.Printf("\r\n");
- EBIT_CLR(gopherState->entry->flags, ENTRY_FWD_HDR_WAIT);
- gopherState->entry->append(mb.buf, mb.size);
- mb.clean();
+ assert(entry->isEmpty());
+ EBIT_CLR(entry->flags, ENTRY_FWD_HDR_WAIT);
+
+ HttpReply *reply = new HttpReply;
+ entry->buffer();
+ HttpVersion version(1, 0);
+ reply->setHeaders(version, HTTP_OK, "Gatewaying", mime_type, -1, -1, -2);
+ if (mime_enc)
+ reply->header.putStr(HDR_CONTENT_ENCODING, mime_enc);
+
+ entry->replaceHttpReply(reply);
}
/* Parse a gopher request into components. By Anawat. */
++++++ squid-3.0-9110.patch ++++++
------------------------------------------------------------
revno: 9110
revision-id: squid3@treenet.co.nz-20090924095211-bwycyk413vh859fm
parent: squid3@treenet.co.nz-20090924094350-jjq300yuyb0lkvdi
committer: Amos Jeffries
branch nick: SQUID_3_0
timestamp: Thu 2009-09-24 21:52:11 +1200
message:
Author: Luigi Gangitano
Bug 2779: Support GNU/kFreeBSD
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20090924095211-bwycyk413vh859fm
# target_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0/
# testament_sha1: 660d2f13c77efd3226ced04c76b5249535d0f93f
# timestamp: 2009-09-24 10:00:41 +0000
# source_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0
# base_revision_id: squid3@treenet.co.nz-20090924094350-\
# jjq300yuyb0lkvdi
#
# Begin patch
=== modified file 'include/config.h'
--- include/config.h 2008-09-18 10:39:48 +0000
+++ include/config.h 2009-09-24 09:52:11 +0000
@@ -89,6 +89,9 @@
#if USE_ASYNC_IO && defined(LINUXTHREADS)
#define _SQUID_LINUX_THREADS_
#endif
+
+#elif defined(__FreeBSD_kernel__) /* GNU/kFreeBSD */
+#define _SQUID_KFREEBSD_
#elif defined(__sgi__) || defined(sgi) || defined(__sgi) /* SGI */
#define _SQUID_SGI_
=== modified file 'src/ACLARP.cc'
--- src/ACLARP.cc 2008-09-18 10:39:48 +0000
+++ src/ACLARP.cc 2009-09-24 09:52:11 +0000
@@ -438,7 +438,7 @@
return (0 == splayLastResult);
}
-#elif defined(_SQUID_FREEBSD_) || defined(_SQUID_NETBSD_) || defined(_SQUID_OPENBSD_) || defined(_SQUID_DRAGONFLY_)
+#elif defined(_SQUID_FREEBSD_) || defined(_SQUID_NETBSD_) || defined(_SQUID_OPENBSD_) || defined(_SQUID_DRAGONFLY_) || defined(_SQUID_KFREEBSD_)
struct arpreq arpReq;
++++++ squid-3.0-9111.patch ++++++
------------------------------------------------------------
revno: 9111
revision-id: squid3@treenet.co.nz-20091002080223-16ht239hwpnnkg33
parent: squid3@treenet.co.nz-20090924095211-bwycyk413vh859fm
committer: Amos Jeffries
branch nick: SQUID_3_0
timestamp: Fri 2009-10-02 21:02:23 +1300
message:
Fix segfault parsing cache_dir with IOEngine= set
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20091002080223-16ht239hwpnnkg33
# target_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0/
# testament_sha1: 6f0c6733a1bb13821b8debaa1b82d1a413db6738
# timestamp: 2009-10-02 08:16:54 +0000
# source_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0
# base_revision_id: squid3@treenet.co.nz-20090924095211-\
# bwycyk413vh859fm
#
# Begin patch
=== modified file 'src/fs/ufs/store_dir_ufs.cc'
--- src/fs/ufs/store_dir_ufs.cc 2007-12-02 14:19:58 +0000
+++ src/fs/ufs/store_dir_ufs.cc 2009-10-02 08:02:23 +0000
@@ -143,7 +143,7 @@
IO->io = anIO;
/* Change the IO Options */
- if (currentIOOptions->options.size() > 2)
+ if (currentIOOptions && currentIOOptions->options.size() > 2)
delete currentIOOptions->options.pop_back();
/* TODO: factor out these 4 lines */
++++++ squid-3.0-9112.patch ++++++
------------------------------------------------------------
revno: 9112
revision-id: squid3@treenet.co.nz-20091002080626-hkvywmkoq4z9155r
parent: squid3@treenet.co.nz-20091002080223-16ht239hwpnnkg33
committer: Amos Jeffries
branch nick: SQUID_3_0
timestamp: Fri 2009-10-02 21:06:26 +1300
message:
Author: Henrik Nordstrom
Bug 2510: digest_ldap_auth uses incorrect logic with TLS
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20091002080626-hkvywmkoq4z9155r
# target_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0/
# testament_sha1: 3b47e899a81d616d406bf0d5d471a99d61be7808
# timestamp: 2009-10-02 08:16:56 +0000
# source_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0
# base_revision_id: squid3@treenet.co.nz-20091002080223-\
# 16ht239hwpnnkg33
#
# Begin patch
=== modified file 'helpers/digest_auth/ldap/ldap_backend.c'
--- helpers/digest_auth/ldap/ldap_backend.c 2007-09-22 23:35:28 +0000
+++ helpers/digest_auth/ldap/ldap_backend.c 2009-10-02 08:06:26 +0000
@@ -361,11 +361,11 @@
}
if (use_tls) {
#ifdef LDAP_OPT_X_TLS
- if ((version == LDAP_VERSION3) && (ldap_start_tls_s(ld, NULL, NULL) == LDAP_SUCCESS)) {
- fprintf(stderr, "Could not Activate TLS connection\n");
- ldap_unbind(ld);
- ld = NULL;
- }
+ if (version != LDAP_VERSION3) {
+ fprintf(stderr, "TLS requires LDAP version 3\n");
+ exit(1);
+ } else if (ldap_start_tls_s(ld, NULL, NULL) != LDAP_SUCCESS) {
+ exit(1);
#else
fprintf(stderr, "TLS not supported with your LDAP library\n");
ldap_unbind(ld);
++++++ squid-3.0-9113.patch ++++++
------------------------------------------------------------
revno: 9113
revision-id: squid3@treenet.co.nz-20091002080755-vl9u3kawqv5b5jtj
parent: squid3@treenet.co.nz-20091002080626-hkvywmkoq4z9155r
committer: Amos Jeffries
branch nick: SQUID_3_0
timestamp: Fri 2009-10-02 21:07:55 +1300
message:
Bug 2735: Incomplete -fhuge-objects detection
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20091002080755-vl9u3kawqv5b5jtj
# target_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0/
# testament_sha1: 707c857b80b0c67b4960397e2750aa44081e4207
# timestamp: 2009-10-02 08:16:58 +0000
# source_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0
# base_revision_id: squid3@treenet.co.nz-20091002080626-\
# hkvywmkoq4z9155r
#
# Begin patch
=== modified file 'acinclude.m4'
--- acinclude.m4 2008-05-12 01:51:12 +0000
+++ acinclude.m4 2009-10-02 08:07:55 +0000
@@ -72,8 +72,8 @@
AC_DEFUN([AC_TEST_CHECKFORHUGEOBJECTS],[
AC_MSG_CHECKING([whether compiler accepts -fhuge-objects])
AC_CACHE_VAL([ac_cv_test_checkforhugeobjects],[
- ac_cv_test_checkforhugeobjects=`echo "int foo;" > conftest.cc
-${CXX} -Werror -fhuge-objects -c conftest.cc 2>/dev/null
+ ac_cv_test_checkforhugeobjects=`echo "int main(int argc, char **argv) { int foo; }" > conftest.cc
+${CXX} -Werror -fhuge-objects -o conftest.bin conftest.cc 2>/dev/null
res=$?
rm -f conftest.*
echo yes
++++++ squid-3.0-9114.patch ++++++
------------------------------------------------------------
revno: 9114
revision-id: squid3@treenet.co.nz-20091002081113-3lkbb0kcdwws5gc5
parent: squid3@treenet.co.nz-20091002080755-vl9u3kawqv5b5jtj
committer: Amos Jeffries
branch nick: SQUID_3_0
timestamp: Fri 2009-10-02 21:11:13 +1300
message:
Bug 2722: http_port accel combined with CONNECT has bizarre behaviour
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20091002081113-3lkbb0kcdwws5gc5
# target_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0/
# testament_sha1: 4816c7ffb2fcedebb02217842f4d216120dd41ba
# timestamp: 2009-10-02 08:17:01 +0000
# source_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0
# base_revision_id: squid3@treenet.co.nz-20091002080755-\
# vl9u3kawqv5b5jtj
#
# Begin patch
=== modified file 'src/client_side.cc'
--- src/client_side.cc 2009-07-26 10:54:29 +0000
+++ src/client_side.cc 2009-10-02 08:11:13 +0000
@@ -1913,6 +1913,15 @@
/* Set method_p */
*method_p = HttpRequestMethod(&hp->buf[hp->m_start], &hp->buf[hp->m_end]);
+ /* deny CONNECT via accelerated ports */
+ if (*method_p == METHOD_CONNECT && conn && conn->port && conn->port->accel) {
+ debugs(33, DBG_IMPORTANT, "WARNING: CONNECT method received on " << conn->port->protocol << " Accelerator port " << conn->port->s.GetPort() );
+ /* XXX need a way to say "this many character length string" */
+ debugs(33, DBG_IMPORTANT, "WARNING: for request: " << hp->buf);
+ /* XXX need some way to set 405 status on the error reply */
+ return parseHttpRequestAbort(conn, "error:method-not-allowed");
+ }
+
if (*method_p == METHOD_NONE) {
/* AYJ: hp->buf is occasionally full of binary crap. Replace any non-printables with underscores.
Also crop the output at 100 chars, we should not need a whole binary streaming video to identify the issue
++++++ squid-3.0-9115.patch ++++++
------------------------------------------------------------
revno: 9115
revision-id: squid3@treenet.co.nz-20091002081408-oapg8wxum20bkm69
parent: squid3@treenet.co.nz-20091002081113-3lkbb0kcdwws5gc5
committer: Amos Jeffries
branch nick: SQUID_3_0
timestamp: Fri 2009-10-02 21:14:08 +1300
message:
Author: Henrik Nordstrom
Bug 2768: squid_ldap_group argument parsing error
-K is a boolean argument and should not eat the next argument as data.
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20091002081408-oapg8wxum20bkm69
# target_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0/
# testament_sha1: bb93b1fd85abdacc825ea4e6ea5a3759f5fe3c9c
# timestamp: 2009-10-02 08:17:03 +0000
# source_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0
# base_revision_id: squid3@treenet.co.nz-20091002081113-\
# 3lkbb0kcdwws5gc5
#
# Begin patch
=== modified file 'helpers/external_acl/ldap_group/squid_ldap_group.c'
--- helpers/external_acl/ldap_group/squid_ldap_group.c 2009-06-06 09:59:08 +0000
+++ helpers/external_acl/ldap_group/squid_ldap_group.c 2009-10-02 08:14:08 +0000
@@ -233,6 +233,7 @@
case 'd':
case 'g':
case 'S':
+ case 'K':
break;
default:
if (strlen(argv[1]) > 2) {
++++++ squid-3.0-9116.patch ++++++
------------------------------------------------------------
revno: 9116
revision-id: squid3@treenet.co.nz-20091002082808-amkfydm8vhkh6muc
parent: squid3@treenet.co.nz-20091002081408-oapg8wxum20bkm69
committer: Amos Jeffries
branch nick: SQUID_3_0
timestamp: Fri 2009-10-02 21:28:08 +1300
message:
Author: Henrik Nordstrom
Remove the suggesting hinting that one may end http_access with "allow all".
Just mentioning "deny all" is sufficient, and less risky..
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20091002082808-amkfydm8vhkh6muc
# target_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0/
# testament_sha1: ffef9ae34e66464e12eaa11140f10760accae1b5
# timestamp: 2009-10-02 08:36:21 +0000
# source_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0
# base_revision_id: squid3@treenet.co.nz-20091002081408-\
# oapg8wxum20bkm69
#
# Begin patch
=== modified file 'src/cf.data.pre'
--- src/cf.data.pre 2009-08-19 06:48:43 +0000
+++ src/cf.data.pre 2009-10-02 08:28:08 +0000
@@ -676,8 +676,8 @@
opposite of the last line in the list. If the last line was
deny, the default is allow. Conversely, if the last line
is allow, the default will be deny. For these reasons, it is a
- good idea to have an "deny all" or "allow all" entry at the end
- of your access lists to avoid potential confusion.
+ good idea to have an "deny all" entry at the end of your access
+ lists to avoid potential confusion.
NOCOMMENT_START
#Recommended minimum configuration:
++++++ squid-3.0-9117.patch ++++++
------------------------------------------------------------
revno: 9117
revision-id: squid3@treenet.co.nz-20091002083121-y7g9uvysvcf4eodw
parent: squid3@treenet.co.nz-20091002082808-amkfydm8vhkh6muc
committer: Amos Jeffries
branch nick: SQUID_3_0
timestamp: Fri 2009-10-02 21:31:21 +1300
message:
Author: Henrik Nordstrom
Split some asserts with side-effects
assert expressions should not have any noticeable sideffects or otherwise
be important for the program flow operation. If not unexpected results is
seen from compiling with -DNODEBUG
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20091002083121-y7g9uvysvcf4eodw
# target_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0/
# testament_sha1: 98654b288486bc7f1d0d55e0066505f2979a4601
# timestamp: 2009-10-02 08:36:32 +0000
# source_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0
# base_revision_id: squid3@treenet.co.nz-20091002082808-\
# amkfydm8vhkh6muc
#
# Begin patch
=== modified file 'src/ACLProxyAuth.cc'
--- src/ACLProxyAuth.cc 2008-06-13 13:43:09 +0000
+++ src/ACLProxyAuth.cc 2009-10-02 08:31:21 +0000
@@ -143,7 +143,8 @@
assert(checklist->auth_user_request != NULL);
auth_user_request = checklist->auth_user_request;
- assert(authenticateValidateUser(auth_user_request));
+ int validated = authenticateValidateUser(auth_user_request);
+ assert(validated);
auth_user_request->start(LookupDone, checklist);
}
=== modified file 'src/client_side_request.cc'
--- src/client_side_request.cc 2009-04-10 09:23:50 +0000
+++ src/client_side_request.cc 2009-10-02 08:31:21 +0000
@@ -1125,7 +1125,8 @@
// subscribe to receive reply body
if (new_rep->body_pipe != NULL) {
icapBodySource = new_rep->body_pipe;
- assert(icapBodySource->setConsumerIfNotLate(this));
+ int consumer_ok = icapBodySource->setConsumerIfNotLate(this);
+ assert(consumer_ok);
}
clientStreamNode *node = (clientStreamNode *)client_stream.tail->prev->data;
++++++ squid-3.0-9118.patch ++++++
------------------------------------------------------------
revno: 9118
revision-id: squid3@treenet.co.nz-20091002084933-kcyho8s01u4crwke
parent: squid3@treenet.co.nz-20091002083121-y7g9uvysvcf4eodw
committer: Amos Jeffries
branch nick: SQUID_3_0
timestamp: Fri 2009-10-02 21:49:33 +1300
message:
Author: Henrik Nordstrom
Bug 2773: Segfault in RFC2069 Digest authantication
Squid segfaulted if digest authentication is enabled an a client responded
with RFC2069 style response.
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20091002084933-kcyho8s01u4crwke
# target_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0/
# testament_sha1: 1f1869c35d50e9be1385a3bd214b2d5e1f3d6145
# timestamp: 2009-10-02 08:52:13 +0000
# source_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0
# base_revision_id: squid3@treenet.co.nz-20091002083121-\
# y7g9uvysvcf4eodw
#
# Begin patch
=== modified file 'lib/rfc2617.c'
--- lib/rfc2617.c 2009-04-10 08:25:46 +0000
+++ lib/rfc2617.c 2009-10-02 08:49:33 +0000
@@ -168,7 +168,7 @@
SquidMD5Update(&Md5Ctx, pszMethod, strlen(pszMethod));
SquidMD5Update(&Md5Ctx, ":", 1);
SquidMD5Update(&Md5Ctx, pszDigestUri, strlen(pszDigestUri));
- if (strcasecmp(pszQop, "auth-int") == 0) {
+ if (pszQop && strcasecmp(pszQop, "auth-int") == 0) {
SquidMD5Update(&Md5Ctx, ":", 1);
SquidMD5Update(&Md5Ctx, HEntity, HASHHEXLEN);
}
@@ -182,7 +182,7 @@
SquidMD5Update(&Md5Ctx, ":", 1);
SquidMD5Update(&Md5Ctx, pszNonce, strlen(pszNonce));
SquidMD5Update(&Md5Ctx, ":", 1);
- if (*pszQop) {
+ if (pszQop) {
SquidMD5Update(&Md5Ctx, pszNonceCount, strlen(pszNonceCount));
SquidMD5Update(&Md5Ctx, ":", 1);
SquidMD5Update(&Md5Ctx, pszCNonce, strlen(pszCNonce));
=== modified file 'src/auth/digest/auth_digest.cc'
--- src/auth/digest/auth_digest.cc 2009-09-24 09:07:52 +0000
+++ src/auth/digest/auth_digest.cc 2009-10-02 08:49:33 +0000
@@ -1105,6 +1105,7 @@
/* quote mark */
p++;
+ safe_free(username);
username = xstrndup(p, strchr(p, '"') + 1 - p);
debugs(29, 9, "authDigestDecodeAuth: Found Username '" << username << "'");
@@ -1117,6 +1118,7 @@
/* quote mark */
p++;
+ safe_free(digest_request->realm);
digest_request->realm = xstrndup(p, strchr(p, '"') + 1 - p);
debugs(29, 9, "authDigestDecodeAuth: Found realm '" << digest_request->realm << "'");
@@ -1130,6 +1132,7 @@
/* quote mark */
p++;
+ safe_free(digest_request->qop);
digest_request->qop = xstrndup(p, strcspn(p, "\" \t\r\n()<>@,;:\\/[]?={}") + 1);
debugs(29, 9, "authDigestDecodeAuth: Found qop '" << digest_request->qop << "'");
@@ -1143,6 +1146,7 @@
/* quote mark */
p++;
+ safe_free(digest_request->algorithm);
digest_request->algorithm = xstrndup(p, strcspn(p, "\" \t\r\n()<>@,;:\\/[]?={}") + 1);
debugs(29, 9, "authDigestDecodeAuth: Found algorithm '" << digest_request->algorithm << "'");
@@ -1155,6 +1159,7 @@
/* quote mark */
p++;
+ safe_free(digest_request->uri);
digest_request->uri = xstrndup(p, strchr(p, '"') + 1 - p);
debugs(29, 9, "authDigestDecodeAuth: Found uri '" << digest_request->uri << "'");
@@ -1167,6 +1172,7 @@
/* quote mark */
p++;
+ safe_free(digest_request->nonceb64);
digest_request->nonceb64 = xstrndup(p, strchr(p, '"') + 1 - p);
debugs(29, 9, "authDigestDecodeAuth: Found nonce '" << digest_request->nonceb64 << "'");
@@ -1188,6 +1194,7 @@
/* quote mark */
p++;
+ safe_free(digest_request->cnonce);
digest_request->cnonce = xstrndup(p, strchr(p, '"') + 1 - p);
debugs(29, 9, "authDigestDecodeAuth: Found cnonce '" << digest_request->cnonce << "'");
@@ -1200,6 +1207,7 @@
/* quote mark */
p++;
+ safe_free(digest_request->response);
digest_request->response = xstrndup(p, strchr(p, '"') + 1 - p);
debugs(29, 9, "authDigestDecodeAuth: Found response '" << digest_request->response << "'");
++++++ squid-3.0-9119.patch ++++++
------------------------------------------------------------
revno: 9119
revision-id: kinkie@squid-cache.org-20091002133531-ju2ho5272trez109
parent: squid3@treenet.co.nz-20091002084933-kcyho8s01u4crwke
committer: Francesco Chemolli
branch nick: SQUID_3_0
timestamp: Fri 2009-10-02 15:35:31 +0200
message:
Removed extra comma in enum which made SunStudio CC unhappy
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: kinkie@squid-cache.org-20091002133531-ju2ho5272trez109
# target_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0/
# testament_sha1: f1c1fbb6897d603a72193fdcca501be9bca23151
# timestamp: 2009-10-02 13:50:18 +0000
# source_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0
# base_revision_id: squid3@treenet.co.nz-20091002084933-\
# kcyho8s01u4crwke
#
# Begin patch
=== modified file 'src/comm.h'
--- src/comm.h 2008-02-25 10:45:24 +0000
+++ src/comm.h 2009-10-02 13:35:31 +0000
@@ -20,7 +20,7 @@
COMM_INPROGRESS = -7,
COMM_ERR_CONNECT = -8,
COMM_ERR_DNS = -9,
- COMM_ERR_CLOSING = -10,
+ COMM_ERR_CLOSING = -10
} comm_err_t;
typedef void IOFCB(int fd, StoreIOBuffer receivedData, comm_err_t flag, int xerrno, void *data);
typedef void IOWCB(int fd, char *buffer, size_t len, comm_err_t flag, int xerrno, void *data);
++++++ squid-3.0-9120.patch ++++++
------------------------------------------------------------
revno: 9120
revision-id: kinkie@squid-cache.org-20091002152616-fp24whhpveryvwt6
parent: kinkie@squid-cache.org-20091002133531-ju2ho5272trez109
committer: Francesco Chemolli
branch nick: SQUID_3_0
timestamp: Fri 2009-10-02 17:26:16 +0200
message:
Fixed some issues uncovered by SunStudio CC.
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: kinkie@squid-cache.org-20091002152616-fp24whhpveryvwt6
# target_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0/
# testament_sha1: 79169b63f496f8953dd8fb3c3f7eb60f1266ae6d
# timestamp: 2009-10-02 15:50:25 +0000
# source_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0
# base_revision_id: kinkie@squid-cache.org-20091002133531-\
# ju2ho5272trez109
#
# Begin patch
=== modified file 'src/client_side.cc'
--- src/client_side.cc 2009-10-02 08:11:13 +0000
+++ src/client_side.cc 2009-10-02 15:26:16 +0000
@@ -942,14 +942,14 @@
return;
}
- int64_t next = getNextRangeOffset();
-
- assert (next >= http->out.offset);
-
- int64_t skip = next - http->out.offset;
+ int64_t nextOffset = getNextRangeOffset();
+
+ assert (nextOffset >= http->out.offset);
+
+ int64_t skip = nextOffset - http->out.offset;
/* adjust for not to be transmitted bytes */
- http->out.offset = next;
+ http->out.offset = nextOffset;
if (available.size() <= skip)
return;
@@ -1914,8 +1914,8 @@
*method_p = HttpRequestMethod(&hp->buf[hp->m_start], &hp->buf[hp->m_end]);
/* deny CONNECT via accelerated ports */
- if (*method_p == METHOD_CONNECT && conn && conn->port && conn->port->accel) {
- debugs(33, DBG_IMPORTANT, "WARNING: CONNECT method received on " << conn->port->protocol << " Accelerator port " << conn->port->s.GetPort() );
+ if (*method_p == METHOD_CONNECT && conn != NULL && conn->port && conn->port->accel) {
+ debugs(33, DBG_IMPORTANT, "WARNING: CONNECT method received on " << conn->port->protocol << " Accelerator port " << ntohs(conn->port->s.sin_port) );
/* XXX need a way to say "this many character length string" */
debugs(33, DBG_IMPORTANT, "WARNING: for request: " << hp->buf);
/* XXX need some way to set 405 status on the error reply */
++++++ squid-3.0-9121.patch ++++++
------------------------------------------------------------
revno: 9121
revision-id: squidadm@squid-cache.org-20091003022522-h4jus0ukqtepjzks
parent: kinkie@squid-cache.org-20091002152616-fp24whhpveryvwt6
committer: Automatic source maintenance
branch nick: SQUID_3_0
timestamp: Fri 2009-10-02 20:25:22 -0600
message:
Bootstrapped
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squidadm@squid-cache.org-20091003022522-\
# h4jus0ukqtepjzks
# target_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0/
# testament_sha1: c98b987171b72d694d16255320adffd35ec31632
# timestamp: 2009-10-03 02:50:51 +0000
# source_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0
# base_revision_id: kinkie@squid-cache.org-20091002152616-\
# fp24whhpveryvwt6
#
# Begin patch
=== modified file 'configure'
--- configure 2009-09-06 11:28:45 +0000
+++ configure 2009-10-03 02:25:22 +0000
@@ -21561,8 +21561,8 @@
$as_echo_n "(cached) " >&6
else
- ac_cv_test_checkforhugeobjects=`echo "int foo;" > conftest.cc
-${CXX} -Werror -fhuge-objects -c conftest.cc 2>/dev/null
+ ac_cv_test_checkforhugeobjects=`echo "int main(int argc, char **argv) { int foo; }" > conftest.cc
+${CXX} -Werror -fhuge-objects -o conftest.bin conftest.cc 2>/dev/null
res=$?
rm -f conftest.*
echo yes
++++++ squid-3.0-9122.patch ++++++
------------------------------------------------------------
revno: 9122
revision-id: squid3@treenet.co.nz-20091003111825-ib07kp2hxoga2aof
parent: squidadm@squid-cache.org-20091003022522-h4jus0ukqtepjzks
committer: Amos Jeffries
branch nick: SQUID_3_0
timestamp: Sun 2009-10-04 00:18:25 +1300
message:
Fix bracket omitted in rev9112
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20091003111825-ib07kp2hxoga2aof
# target_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0/
# testament_sha1: 36dd638141313e1da80938fbe33430033c0d4fb5
# timestamp: 2009-10-03 11:50:35 +0000
# source_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0
# base_revision_id: squidadm@squid-cache.org-20091003022522-\
# h4jus0ukqtepjzks
#
# Begin patch
=== modified file 'helpers/digest_auth/ldap/ldap_backend.c'
--- helpers/digest_auth/ldap/ldap_backend.c 2009-10-02 08:06:26 +0000
+++ helpers/digest_auth/ldap/ldap_backend.c 2009-10-03 11:18:25 +0000
@@ -366,6 +366,7 @@
exit(1);
} else if (ldap_start_tls_s(ld, NULL, NULL) != LDAP_SUCCESS) {
exit(1);
+ }
#else
fprintf(stderr, "TLS not supported with your LDAP library\n");
ldap_unbind(ld);
++++++ squid-3.0-9123.patch ++++++
------------------------------------------------------------
revno: 9123
revision-id: squid3@treenet.co.nz-20091004004638-osbi0a61wg3k5y5s
parent: squid3@treenet.co.nz-20091003111825-ib07kp2hxoga2aof
committer: Amos Jeffries
branch nick: SQUID_3_0
timestamp: Sun 2009-10-04 13:46:38 +1300
message:
Correct LINUX_CAPABILITY actions on non-Linux
non-Linux should not set transparency OFF, just because they dont have
Linux syscap.
Also kill bad use of goto. Should have been an if-else sequence.
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20091004004638-osbi0a61wg3k5y5s
# target_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0/
# testament_sha1: 46cdd281a11b0308c4c93f07f1af1b8a1aa4367b
# timestamp: 2009-10-04 00:50:41 +0000
# source_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0
# base_revision_id: squid3@treenet.co.nz-20091003111825-\
# ib07kp2hxoga2aof
#
# Begin patch
=== modified file 'src/tools.cc'
--- src/tools.cc 2008-07-15 11:51:16 +0000
+++ src/tools.cc 2009-10-04 00:46:38 +0000
@@ -1356,7 +1356,10 @@
static void
restoreCapabilities(int keep)
{
-#if defined(_SQUID_LINUX_) && HAVE_SYS_CAPABILITY_H
+/* NP: keep these two if-endif separate. Non-Linux work perfectly well without Linux syscap support. */
+#if defined(_SQUID_LINUX_)
+
+#if HAVE_SYS_CAPABILITY_H
#ifndef _LINUX_CAPABILITY_VERSION_1
#define _LINUX_CAPABILITY_VERSION_1 _LINUX_CAPABILITY_VERSION
#endif
@@ -1366,54 +1369,48 @@
head->version = _LINUX_CAPABILITY_VERSION_1;
if (capget(head, cap) != 0) {
- debugs(50, 1, "Can't get current capabilities");
- goto nocap;
- }
-
- if (head->version != _LINUX_CAPABILITY_VERSION_1) {
- debugs(50, 1, "Invalid capability version " << head->version << " (expected " << _LINUX_CAPABILITY_VERSION_1 << ")");
- goto nocap;
- }
-
- head->pid = 0;
-
- cap->inheritable = 0;
- cap->effective = (1 << CAP_NET_BIND_SERVICE);
-#if LINUX_TPROXY
-
- if (need_linux_tproxy)
- cap->effective |= (1 << CAP_NET_ADMIN) | (1 << CAP_NET_BROADCAST);
-
-#endif
-
- if (!keep)
- cap->permitted &= cap->effective;
-
- if (capset(head, cap) != 0) {
- /* Silent failure unless TPROXY is required */
-#if LINUX_TPROXY
-
+ debugs(50, DBG_IMPORTANT, "Can't get current capabilities");
+ }
+ else if (head->version != _LINUX_CAPABILITY_VERSION_1) {
+ debugs(50, DBG_IMPORTANT, "Invalid capability version " << head->version << " (expected " << _LINUX_CAPABILITY_VERSION_1 << ")");
+ }
+ else {
+
+ head->pid = 0;
+
+ cap->inheritable = 0;
+ cap->effective = (1 << CAP_NET_BIND_SERVICE);
+
+#if LINUX_TPROXY
if (need_linux_tproxy)
- debugs(50, 1, "Error enabling needed capabilities. Will continue without tproxy support");
-
- need_linux_tproxy = 0;
-
-#endif
-
+ cap->effective |= (1 << CAP_NET_ADMIN) | (1 << CAP_NET_BROADCAST);
+#endif
+
+ if (!keep)
+ cap->permitted &= cap->effective;
+
+ if (capset(head, cap) != 0) {
+ /* Silent failure unless TPROXY is required */
+#if LINUX_TPROXY
+ if (need_linux_tproxy)
+ debugs(50, 1, "Error enabling needed capabilities. Will continue without tproxy support");
+ need_linux_tproxy = 0;
+#endif
+ }
}
-nocap:
xfree(head);
xfree(cap);
-#else
+
+#else /* not HAVE_SYS_CAPABILITY_H */
+
#if LINUX_TPROXY
-
if (need_linux_tproxy)
debugs(50, 1, "Missing needed capability support. Will continue without tproxy support");
-
need_linux_tproxy = 0;
-
-#endif
-
-#endif
+#endif
+
+#endif /* HAVE_SYS_CAPABILITY_H */
+
+#endif /* !defined(_SQUID_LINUX_) */
}
++++++ squid-3.0-9124.patch ++++++
------------------------------------------------------------
revno: 9124
revision-id: squid3@treenet.co.nz-20091004012510-w1p671qrkwz8swfl
parent: squid3@treenet.co.nz-20091004004638-osbi0a61wg3k5y5s
committer: Amos Jeffries
branch nick: SQUID_3_0
timestamp: Sun 2009-10-04 14:25:10 +1300
message:
Author: Alin Nastac
Cleanup: deprecate ugly hack for sys/capability.h
Needed once to prevent build clashes between libc and sys/capabilility.h
headers. As of libcap2 that is no longer the case and from 2.26 in fact
prevents a clean build.
Add detection for libcap to enable the hack only if actually needed.
Add --disable-caps option to disabke libcap and TPROXY2
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20091004012510-w1p671qrkwz8swfl
# target_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0/
# testament_sha1: a5b5ab9569a8a4a223cd19a6ae609575ada11e4e
# timestamp: 2009-10-04 01:50:39 +0000
# source_branch: http://www.squid-cache.org/bzr/squid3/branches\
# /SQUID_3_0
# base_revision_id: squid3@treenet.co.nz-20091004004638-\
# osbi0a61wg3k5y5s
#
# Begin patch
=== modified file 'configure.in'
--- configure.in 2009-09-06 11:28:45 +0000
+++ configure.in 2009-10-04 01:25:10 +0000
@@ -1961,6 +1961,7 @@
ipl.h \
libc.h \
limits.h \
+ linux/types.h \
machine/byte_swap.h \
malloc.h \
math.h \
@@ -2019,8 +2020,7 @@
inttypes.h \
grp.h \
db.h \
- db_185.h \
- sys/capability.h
+ db_185.h
)
AC_CHECK_HEADERS(
@@ -2285,6 +2285,29 @@
#include
#endif])
+dnl Check for libcap header (assume its not broken unless
+use_caps=yes
+AC_ARG_ENABLE(caps, AS_HELP_STRING([--disable-caps],[disable usage of Linux capabilities library to control privileges]),
+[ if test "x$enableval" = "xyes" ; then
+ AC_MSG_RESULT(forced yes)
+ else
+ AC_MSG_RESULT(no)
+ use_caps=no
+ fi
+],[AC_MSG_RESULT(yes)])
+if test "x$use_caps" = "xyes"; then
+ dnl Check for libcap1 breakage or libcap2 fixed (assume broken unless found working)
+ libcap_broken=1
+ AC_CHECK_HEADERS(sys/capability.h)
+ AC_CACHE_CHECK([for operational libcap2], $libcap_broken,
+ AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include ]], [[
+ capget(NULL, NULL);
+ capset(NULL, NULL);
+ ]])],[libcap_broken=0],[])
+ )
+ AC_DEFINE_UNQUOTED([LIBCAP_BROKEN],$libcap_broken,[if libcap2 is available and not clashing with libc])
+fi
+
AC_CHECK_TYPE(mtyp_t,AC_DEFINE(HAVE_MTYP_T,1,[mtyp_t is defined by the system headers]),,[#include
#include
#include ])
@@ -2939,7 +2962,7 @@
AC_DEFINE(LINUX_NETFILTER, 0)
fi
AC_MSG_RESULT($LINUX_NETFILTER)
-fi
+fi
if test "$LINUX_NETFILTER" = "no" ; then
echo "WARNING: Cannot find necessary Linux kernel (Netfilter) header files"
echo " Linux Transparent Proxy support WILL NOT be enabled"
@@ -2949,6 +2972,7 @@
dnl Linux Netfilter/TPROXY support requires some specific header files
dnl Shamelessly copied from shamelessly copied from above
if test "$LINUX_TPROXY" ; then
+ if test "$use_caps" = "yes"; then
AC_MSG_CHECKING(if TPROXY header files are installed)
# hold on to your hats...
if test "$ac_cv_header_linux_netfilter_ipv4_ip_tproxy_h" = "yes" && test "$LINUX_NETFILTER" = "yes"; then
@@ -2959,11 +2983,17 @@
AC_DEFINE(LINUX_TPROXY, 0, [Enable real Transparent Proxy support for Netfilter TPROXY.])
fi
AC_MSG_RESULT($LINUX_TPROXY)
+ else
+ AC_MSG_WARN([Missing needed capabilities (libcap or libcap2) for TPROXY v2])
+ AC_MSG_WARN([Linux Transparent Proxy support WILL NOT be enabled])
+ LINUX_TPROXY="no"
+ fi
fi
if test "$LINUX_TPROXY" = "no" && test "$LINUX_NETFILTER" = "yes"; then
echo "WARNING: Cannot find TPROXY headers, you need to install the"
echo "tproxy package from:"
echo " - lynx http://www.balabit.com/downloads/tproxy/"
+ echo "And libcap-dev or libcap2-dev"
sleep 10
fi
=== modified file 'include/squid_types.h'
--- include/squid_types.h 2008-05-12 01:51:12 +0000
+++ include/squid_types.h 2009-10-04 01:25:10 +0000
@@ -60,6 +60,9 @@
#if HAVE_SYS_TYPES_H
#include
#endif
+#if HAVE_LINUX_TYPES_H
+#include
+#endif
#if STDC_HEADERS
#include
#include
=== modified file 'src/tools.cc'
--- src/tools.cc 2009-10-04 00:46:38 +0000
+++ src/tools.cc 2009-10-04 01:25:10 +0000
@@ -40,16 +40,16 @@
#include "wordlist.h"
#include "SquidTime.h"
-#ifdef _SQUID_LINUX_
-#if HAVE_SYS_CAPABILITY_H
+#if defined(_SQUID_LINUX_) && HAVE_SYS_CAPABILITY_H
+// HACK: LIBCAP_BROKEN Ugly glue to get around linux header madness colliding with glibc
+#if LIBCAP_BROKEN
#undef _POSIX_SOURCE
-/* Ugly glue to get around linux header madness colliding with glibc */
#define _LINUX_TYPES_H
#define _LINUX_FS_H
typedef uint32_t __u32;
+#endif
#include
-#endif
-#endif
+#endif /* HAVE_SYS_CAPABILITY_H */
#if HAVE_SYS_PRCTL_H
#include
++++++ squid-3.0.STABLE18-RELEASENOTES.html -> squid-3.0.STABLE19-RELEASENOTES.html ++++++
--- squid3/squid-3.0.STABLE18-RELEASENOTES.html 2009-08-11 13:48:00.000000000 +0200
+++ /mounts/work_src_done/STABLE/squid3/squid-3.0.STABLE19-RELEASENOTES.html 2009-09-14 16:28:56.000000000 +0200
@@ -2,10 +2,10 @@
<HTML>
<HEAD>
<META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.50">
- <TITLE>Squid 3.0.STABLE18 release notes</TITLE>
+ <TITLE>Squid 3.0.STABLE19 release notes</TITLE>
</HEAD>
<BODY>
-<H1>Squid 3.0.STABLE18 release notes</H1>
+<H1>Squid 3.0.STABLE19 release notes</H1>
<H2>Squid Developers</H2>
<HR>
@@ -60,7 +60,7 @@
<HR>
<H2><A NAME="s1">1.</A> <A HREF="#toc1">Notice</A></H2>
-<P>The Squid Team are pleased to announce the release of Squid-3.0.STABLE18.</P>
+<P>The Squid Team are pleased to announce the release of Squid-3.0.STABLE19.</P>
<P>This new release is available for download from
<A HREF="http://www.squid-cache.org/Versions/v3/3.0/">http://www.squid-cache.org/Versions/v3/3.0/</A> or the
<A HREF="http://www.squid-cache.org/Mirrors/http-mirrors.html">mirrors</A>.</P>
++++++ squid-3.0.STABLE18.tar.bz2 -> squid-3.0.STABLE19.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.0.STABLE18/bootstrap.sh new/squid-3.0.STABLE19/bootstrap.sh
--- old/squid-3.0.STABLE18/bootstrap.sh 2009-08-04 13:57:34.000000000 +0200
+++ new/squid-3.0.STABLE19/bootstrap.sh 2009-09-06 13:29:24.000000000 +0200
@@ -16,7 +16,30 @@
eval $2 --version 2>/dev/null | grep -i "$1.*$3" >/dev/null
}
-find_version()
+show_version()
+{
+ tool=$1
+ found="NOT_FOUND"
+ shift
+ versions="$*"
+ for version in $versions; do
+ for variant in "" "-${version}" "`echo $version | sed -e 's/\.//g'`"; do
+ if check_version $tool ${tool}${variant} $version; then
+ found="${version}"
+ break
+ fi
+ done
+ if [ "x$found" != "xNOT_FOUND" ]; then
+ break
+ fi
+ done
+ if [ "x$found" = "xNOT_FOUND" ]; then
+ found="??"
+ fi
+ echo $found
+}
+
+find_variant()
{
tool=$1
found="NOT_FOUND"
@@ -53,16 +76,21 @@
}
# Adjust paths of required autool packages
-amver=`find_version automake ${amversions}`
-acver=`find_version autoconf ${acversions}`
-ltver=`find_version libtool ${ltversions}`
+amver=`find_variant automake ${amversions}`
+acver=`find_variant autoconf ${acversions}`
+ltver=`find_variant libtool ${ltversions}`
+
+# Produce debug output about what version actually found.
+amversion=`show_version automake ${amversions}`
+acversion=`show_version autoconf ${acversions}`
+ltversion=`show_version libtool ${ltversions}`
# Set environment variable to tell automake which autoconf to use.
AUTOCONF="autoconf${acver}" ; export AUTOCONF
-echo "automake : $amver"
-echo "autoconfg: $acver"
-echo "libtool : $ltver"
+echo "automake ($amversion) : automake$amver"
+echo "autoconf ($acversion) : autoconf$acver"
+echo "libtool ($ltversion) : libtool$ltver"
for dir in \
"" \
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.0.STABLE18/ChangeLog new/squid-3.0.STABLE19/ChangeLog
--- old/squid-3.0.STABLE18/ChangeLog 2009-08-04 13:57:34.000000000 +0200
+++ new/squid-3.0.STABLE19/ChangeLog 2009-09-06 13:29:24.000000000 +0200
@@ -1,3 +1,16 @@
+Changes to squid-3.0.STABLE19 (06 Sep 2009):
+
+ - Bug 2745: Invalid Response error on small reads
+ - Bug 2739: DNS resolver option ndots can't be parsed from resolv.conf
+ - Bug 2734: some compile errors on Solaris
+ - Bug 2648: stateful helpers stuck in reserved if client disconnects while helper busy
+ - Bug 2541: Hang in 100% CPU loop while extacting header details using a delimiter other than comma
+ - Bug 2362: Remove support for deferred state in stateful helpers
+ - Add 0.0.0.0 as a to_localhost address
+ - Docs: Improve chroot directive documentation slightly
+ - Fixup libxml2 include magics, was failing when a configure cache was used
+ - ... and some minor testing improvements.
+
Changes to squid-3.0.STABLE18 (04 Aug 2009):
- Bug 2728: regression: assertion failed: !eof
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.0.STABLE18/configure new/squid-3.0.STABLE19/configure
--- old/squid-3.0.STABLE18/configure 2009-08-04 13:57:50.000000000 +0200
+++ new/squid-3.0.STABLE19/configure 2009-09-06 13:29:39.000000000 +0200
@@ -1,7 +1,7 @@
#! /bin/sh
# From configure.in Revision.
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.62 for Squid Web Proxy 3.0.STABLE18.
+# Generated by GNU Autoconf 2.62 for Squid Web Proxy 3.0.STABLE19.
#
# Report bugs to http://www.squid-cache.org/bugs/.
#
@@ -751,8 +751,8 @@
# Identity of this package.
PACKAGE_NAME='Squid Web Proxy'
PACKAGE_TARNAME='squid'
-PACKAGE_VERSION='3.0.STABLE18'
-PACKAGE_STRING='Squid Web Proxy 3.0.STABLE18'
+PACKAGE_VERSION='3.0.STABLE19'
+PACKAGE_STRING='Squid Web Proxy 3.0.STABLE19'
PACKAGE_BUGREPORT='http://www.squid-cache.org/bugs/'
ac_unique_file="src/main.cc"
@@ -1664,7 +1664,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures Squid Web Proxy 3.0.STABLE18 to adapt to many kinds of systems.
+\`configure' configures Squid Web Proxy 3.0.STABLE19 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1734,7 +1734,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of Squid Web Proxy 3.0.STABLE18:";;
+ short | recursive ) echo "Configuration of Squid Web Proxy 3.0.STABLE19:";;
esac
cat <<\_ACEOF
@@ -2046,7 +2046,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-Squid Web Proxy configure 3.0.STABLE18
+Squid Web Proxy configure 3.0.STABLE19
generated by GNU Autoconf 2.62
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
@@ -2060,7 +2060,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by Squid Web Proxy $as_me 3.0.STABLE18, which was
+It was created by Squid Web Proxy $as_me 3.0.STABLE19, which was
generated by GNU Autoconf 2.62. Invocation command line was
$ $0 $@
@@ -2778,7 +2778,7 @@
# Define the identity of the package.
PACKAGE='squid'
- VERSION='3.0.STABLE18'
+ VERSION='3.0.STABLE19'
cat >>confdefs.h <<_ACEOF
@@ -26087,20 +26087,20 @@
cat >>confdefs.h <<_ACEOF
#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
_ACEOF
-
-else
-
- CPPFLAGS="$SAVED_CPPFLAGS"
-
+ ac_cv_libxml2_include=yes
fi
done
+ CPPFLAGS="$SAVED_CPPFLAGS"
fi
done
+if test "x$ac_cv_libxml2_include" = "xyes"; then
+ SQUID_CXXFLAGS="-I/usr/include/libxml2 $SQUID_CXXFLAGS"
+fi
{ $as_echo "$as_me:$LINENO: checking for an ANSI C-conforming const" >&5
$as_echo_n "checking for an ANSI C-conforming const... " >&6; }
@@ -48084,7 +48084,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by Squid Web Proxy $as_me 3.0.STABLE18, which was
+This file was extended by Squid Web Proxy $as_me 3.0.STABLE19, which was
generated by GNU Autoconf 2.62. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -48137,7 +48137,7 @@
_ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_version="\\
-Squid Web Proxy config.status 3.0.STABLE18
+Squid Web Proxy config.status 3.0.STABLE19
configured by $0, generated by GNU Autoconf 2.62,
with options \\"`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.0.STABLE18/configure.in new/squid-3.0.STABLE19/configure.in
--- old/squid-3.0.STABLE18/configure.in 2009-08-04 13:57:50.000000000 +0200
+++ new/squid-3.0.STABLE19/configure.in 2009-09-06 13:29:39.000000000 +0200
@@ -1,7 +1,7 @@
dnl Configuration input file for Squid
dnl
dnl
-AC_INIT(Squid Web Proxy, 3.0.STABLE18, http://www.squid-cache.org/bugs/, squid)
+AC_INIT(Squid Web Proxy, 3.0.STABLE19, http://www.squid-cache.org/bugs/, squid)
AC_PREREQ(2.52)
AM_CONFIG_HEADER(include/autoconf.h)
AC_CONFIG_AUX_DIR(cfgaux)
@@ -2059,10 +2059,12 @@
SAVED_CPPFLAGS="$CPPFLAGS"
CPPFLAGS="-I/usr/include/libxml2 $CPPFLAGS"
unset ac_cv_header_libxml_parser_h
- AC_CHECK_HEADERS([libxml/parser.h], [], [
- CPPFLAGS="$SAVED_CPPFLAGS"
- ])
+ AC_CHECK_HEADERS([libxml/parser.h], [ac_cv_libxml2_include=yes], [])
+ CPPFLAGS="$SAVED_CPPFLAGS"
])
+if test "x$ac_cv_libxml2_include" = "xyes"; then
+ SQUID_CXXFLAGS="-I/usr/include/libxml2 $SQUID_CXXFLAGS"
+fi
AC_C_CONST
AC_C_BIGENDIAN
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.0.STABLE18/include/version.h new/squid-3.0.STABLE19/include/version.h
--- old/squid-3.0.STABLE18/include/version.h 2009-08-04 13:57:50.000000000 +0200
+++ new/squid-3.0.STABLE19/include/version.h 2009-09-06 13:29:39.000000000 +0200
@@ -9,5 +9,5 @@
*/
#ifndef SQUID_RELEASE_TIME
-#define SQUID_RELEASE_TIME 1249387052
+#define SQUID_RELEASE_TIME 1252236563
#endif
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.0.STABLE18/RELEASENOTES.html new/squid-3.0.STABLE19/RELEASENOTES.html
--- old/squid-3.0.STABLE18/RELEASENOTES.html 2009-08-04 13:58:33.000000000 +0200
+++ new/squid-3.0.STABLE19/RELEASENOTES.html 2009-09-06 13:30:21.000000000 +0200
@@ -2,10 +2,10 @@
<HTML>
<HEAD>
<META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.50">
- <TITLE>Squid 3.0.STABLE18 release notes</TITLE>
+ <TITLE>Squid 3.0.STABLE19 release notes</TITLE>
</HEAD>
<BODY>
-<H1>Squid 3.0.STABLE18 release notes</H1>
+<H1>Squid 3.0.STABLE19 release notes</H1>
<H2>Squid Developers</H2>
<HR>
@@ -60,7 +60,7 @@
<HR>
<H2><A NAME="s1">1.</A> <A HREF="#toc1">Notice</A></H2>
-<P>The Squid Team are pleased to announce the release of Squid-3.0.STABLE18.</P>
+<P>The Squid Team are pleased to announce the release of Squid-3.0.STABLE19.</P>
<P>This new release is available for download from
<A HREF="http://www.squid-cache.org/Versions/v3/3.0/">http://www.squid-cache.org/Versions/v3/3.0/</A> or the
<A HREF="http://www.squid-cache.org/Mirrors/http-mirrors.html">mirrors</A>.</P>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.0.STABLE18/src/auth/negotiate/auth_negotiate.cc new/squid-3.0.STABLE19/src/auth/negotiate/auth_negotiate.cc
--- old/squid-3.0.STABLE18/src/auth/negotiate/auth_negotiate.cc 2009-08-04 13:57:48.000000000 +0200
+++ new/squid-3.0.STABLE19/src/auth/negotiate/auth_negotiate.cc 2009-09-06 13:29:36.000000000 +0200
@@ -367,13 +367,12 @@
debugs(29, 5, "NegotiateUser::~NegotiateUser: doing nothing to clearNegotiate scheme data for '" << this << "'");
}
-static stateful_helper_callback_t
+static void
authenticateNegotiateHandleReply(void *data, void *lastserver, char *reply)
{
authenticateStateData *r = static_cast(data);
int valid;
- stateful_helper_callback_t result = S_HELPER_UNKNOWN;
char *blob, *arg = NULL;
AuthUserRequest *auth_user_request;
@@ -385,11 +384,10 @@
valid = cbdataReferenceValid(r->data);
if (!valid) {
- debugs(29, 1, "authenticateNegotiateHandleReply: invalid callback data. Releasing helper '" << lastserver << "'.");
+ debugs(29, 1, "authenticateNegotiateHandleReply: invalid callback data. helper '" << lastserver << "'.");
cbdataReferenceDone(r->data);
authenticateStateFree(r);
- debugs(29, 9, "authenticateNegotiateHandleReply: telling stateful helper : " << S_HELPER_RELEASE);
- return S_HELPER_RELEASE;
+ return;
}
if (!reply) {
@@ -433,18 +431,16 @@
if (arg)
*arg++ = '\0';
safe_free(negotiate_request->server_blob);
- negotiate_request->request->flags.must_keepalive = 1;
- if (negotiate_request->request->flags.proxy_keepalive) {
- negotiate_request->server_blob = xstrdup(blob);
- negotiate_request->auth_state = AUTHENTICATE_STATE_IN_PROGRESS;
- auth_user_request->denyMessage("Authentication in progress");
- debugs(29, 4, "authenticateNegotiateHandleReply: Need to challenge the client with a server blob '" << blob << "'");
- result = S_HELPER_RESERVE;
- } else {
- negotiate_request->auth_state = AUTHENTICATE_STATE_FAILED;
- auth_user_request->denyMessage("NTLM authentication requires a persistent connection");
- result = S_HELPER_RELEASE;
- }
+ negotiate_request->request->flags.must_keepalive = 1;
+ if (negotiate_request->request->flags.proxy_keepalive) {
+ negotiate_request->server_blob = xstrdup(blob);
+ negotiate_request->auth_state = AUTHENTICATE_STATE_IN_PROGRESS;
+ auth_user_request->denyMessage("Authentication in progress");
+ debugs(29, 4, "authenticateNegotiateHandleReply: Need to challenge the client with a server blob '" << blob << "'");
+ } else {
+ negotiate_request->auth_state = AUTHENTICATE_STATE_FAILED;
+ auth_user_request->denyMessage("NTLM authentication requires a persistent connection");
+ }
} else if (strncasecmp(reply, "AF ", 3) == 0 && arg != NULL) {
/* we're finished, release the helper */
@@ -463,8 +459,6 @@
negotiate_request->auth_state = AUTHENTICATE_STATE_DONE;
- result = S_HELPER_RELEASE;
-
debugs(29, 4, "authenticateNegotiateHandleReply: Successfully validated user via Negotiate. Username '" << blob << "'");
/* connection is authenticated */
@@ -510,8 +504,6 @@
authenticateNegotiateReleaseServer(negotiate_request);
- result = S_HELPER_RELEASE;
-
debugs(29, 4, "authenticateNegotiateHandleReply: Failed validating user via Negotiate. Error returned '" << blob << "'");
} else if (strncasecmp(reply, "BH ", 3) == 0) {
/* TODO kick off a refresh process. This can occur after a YR or after
@@ -523,7 +515,6 @@
negotiate_request->auth_state = AUTHENTICATE_STATE_FAILED;
safe_free(negotiate_request->server_blob);
authenticateNegotiateReleaseServer(negotiate_request);
- result = S_HELPER_RELEASE;
debugs(29, 1, "authenticateNegotiateHandleReply: Error validating user via Negotiate. Error returned '" << reply << "'");
} else {
/* protocol error */
@@ -537,8 +528,6 @@
r->handler(r->data, NULL);
cbdataReferenceDone(r->data);
authenticateStateFree(r);
- debugs(29, 9, "authenticateNegotiateHandleReply: telling stateful helper : " << result);
- return result;
}
static void
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.0.STABLE18/src/auth/ntlm/auth_ntlm.cc new/squid-3.0.STABLE19/src/auth/ntlm/auth_ntlm.cc
--- old/squid-3.0.STABLE18/src/auth/ntlm/auth_ntlm.cc 2009-08-04 13:57:48.000000000 +0200
+++ new/squid-3.0.STABLE19/src/auth/ntlm/auth_ntlm.cc 2009-09-06 13:29:36.000000000 +0200
@@ -329,13 +329,12 @@
debugs(29, 5, "NTLMUser::~NTLMUser: doing nothing to clearNTLM scheme data for '" << this << "'");
}
-static stateful_helper_callback_t
+static void
authenticateNTLMHandleReply(void *data, void *lastserver, char *reply)
{
authenticateStateData *r = static_cast(data);
int valid;
- stateful_helper_callback_t result = S_HELPER_UNKNOWN;
char *blob;
AuthUserRequest *auth_user_request;
@@ -347,11 +346,10 @@
valid = cbdataReferenceValid(r->data);
if (!valid) {
- debugs(29, 1, "authenticateNTLMHandleReply: invalid callback data. Releasing helper '" << lastserver << "'.");
+ debugs(29, 1, "authenticateNTLMHandleReply: invalid callback data. helper '" << lastserver << "'.");
cbdataReferenceDone(r->data);
authenticateStateFree(r);
- debugs(29, 9, "authenticateNTLMHandleReply: telling stateful helper : " << S_HELPER_RELEASE);
- return S_HELPER_RELEASE;
+ return;
}
if (!reply) {
@@ -389,25 +387,22 @@
if (strncasecmp(reply, "TT ", 3) == 0) {
/* we have been given a blob to send to the client */
safe_free(ntlm_request->server_blob);
- ntlm_request->request->flags.must_keepalive = 1;
- if (ntlm_request->request->flags.proxy_keepalive) {
- ntlm_request->server_blob = xstrdup(blob);
- ntlm_request->auth_state = AUTHENTICATE_STATE_IN_PROGRESS;
- auth_user_request->denyMessage("Authentication in progress");
- debugs(29, 4, "authenticateNTLMHandleReply: Need to challenge the client with a server blob '" << blob << "'");
- result = S_HELPER_RESERVE;
- } else {
- ntlm_request->auth_state = AUTHENTICATE_STATE_FAILED;
- auth_user_request->denyMessage("NTLM authentication requires a persistent connection");
- result = S_HELPER_RELEASE;
- }
+ ntlm_request->request->flags.must_keepalive = 1;
+ if (ntlm_request->request->flags.proxy_keepalive) {
+ ntlm_request->server_blob = xstrdup(blob);
+ ntlm_request->auth_state = AUTHENTICATE_STATE_IN_PROGRESS;
+ auth_user_request->denyMessage("Authentication in progress");
+ debugs(29, 4, "authenticateNTLMHandleReply: Need to challenge the client with a server blob '" << blob << "'");
+ } else {
+ ntlm_request->auth_state = AUTHENTICATE_STATE_FAILED;
+ auth_user_request->denyMessage("NTLM authentication requires a persistent connection");
+ }
} else if (strncasecmp(reply, "AF ", 3) == 0) {
/* we're finished, release the helper */
ntlm_user->username(blob);
auth_user_request->denyMessage("Login successful");
safe_free(ntlm_request->server_blob);
- result = S_HELPER_RELEASE;
debugs(29, 4, "authenticateNTLMHandleReply: Successfully validated user via NTLM. Username '" << blob << "'");
/* connection is authenticated */
debugs(29, 4, "AuthNTLMUserRequest::authenticate: authenticated user " << ntlm_user->username());
@@ -441,7 +436,6 @@
ntlm_request->auth_state = AUTHENTICATE_STATE_FAILED;
safe_free(ntlm_request->server_blob);
authenticateNTLMReleaseServer(ntlm_request);
- result = S_HELPER_RELEASE;
debugs(29, 4, "authenticateNTLMHandleReply: Failed validating user via NTLM. Error returned '" << blob << "'");
} else if (strncasecmp(reply, "BH ", 3) == 0) {
/* TODO kick off a refresh process. This can occur after a YR or after
@@ -453,7 +447,6 @@
ntlm_request->auth_state = AUTHENTICATE_STATE_FAILED;
safe_free(ntlm_request->server_blob);
authenticateNTLMReleaseServer(ntlm_request);
- result = S_HELPER_RELEASE;
debugs(29, 1, "authenticateNTLMHandleReply: Error validating user via NTLM. Error returned '" << reply << "'");
} else {
/* protocol error */
@@ -467,8 +460,6 @@
r->handler(r->data, NULL);
cbdataReferenceDone(r->data);
authenticateStateFree(r);
- debugs(29, 9, "authenticateNTLMHandleReply: telling stateful helper : " << result);
- return result;
}
static void
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.0.STABLE18/src/cbdata.h new/squid-3.0.STABLE19/src/cbdata.h
--- old/squid-3.0.STABLE18/src/cbdata.h 2009-08-04 13:57:49.000000000 +0200
+++ new/squid-3.0.STABLE19/src/cbdata.h 2009-09-06 13:29:37.000000000 +0200
@@ -88,7 +88,12 @@
#define cbdataAlloc(type) ((type *)cbdataInternalAlloc(CBDATA_##type))
#define cbdataFree(var) do {if (var) {cbdataInternalFree(var); var = NULL;}} while(0)
#define cbdataReferenceValidDone(var, ptr) cbdataInternalReferenceDoneValid((void **)&(var), (ptr))
+
+/**
+ * This needs to be defined LAST in teh class definition. It plays with private/public states in C++.
+ */
#define CBDATA_CLASS2(type) \
+ private: \
static cbdata_type CBDATA_##type; \
public: \
void *operator new(size_t size) { \
@@ -98,8 +103,7 @@
} \
void operator delete (void *address) { \
if (address) cbdataInternalFree(address);\
- } \
- private:
+ }
#endif
#define cbdataReference(var) (cbdataInternalLock(var), var)
#define cbdataReferenceDone(var) do {if (var) {cbdataInternalUnlock(var); var = NULL;}} while(0)
@@ -130,7 +134,7 @@
* - RBC 20060820
*/
void *data; /* the wrapped data */
- private:
+
CBDATA_CLASS2(generic_cbdata);
};
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.0.STABLE18/src/cf.data.pre new/squid-3.0.STABLE19/src/cf.data.pre
--- old/squid-3.0.STABLE18/src/cf.data.pre 2009-08-04 13:57:49.000000000 +0200
+++ new/squid-3.0.STABLE19/src/cf.data.pre 2009-09-06 13:29:37.000000000 +0200
@@ -632,7 +632,7 @@
#Recommended minimum configuration:
acl manager proto cache_object
acl localhost src 127.0.0.1/32
-acl to_localhost dst 127.0.0.0/8
+acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
#
# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
@@ -5452,11 +5452,11 @@
LOC: Config.chroot_dir
DEFAULT: none
DOC_START
- Use this to have Squid do a chroot() while initializing. This
- also causes Squid to fully drop root privileges after
- initializing. This means, for example, if you use a HTTP
- port less than 1024 and try to reconfigure, you will may get an
- error saying that Squid can not open the port.
+ Specifies a directiry where Squid should do a chroot() while
+ initializing. This also causes Squid to fully drop root
+ privileges after initializing. This means, for example, if you
+ use a HTTP port less than 1024 and try to reconfigure, you may
+ get an error saying that Squid can not open the port.
DOC_END
NAME: balance_on_multiple_ip
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.0.STABLE18/src/dns_internal.cc new/squid-3.0.STABLE19/src/dns_internal.cc
--- old/squid-3.0.STABLE18/src/dns_internal.cc 2009-08-04 13:57:49.000000000 +0200
+++ new/squid-3.0.STABLE19/src/dns_internal.cc 2009-09-06 13:29:37.000000000 +0200
@@ -347,7 +347,7 @@
if (NULL == t)
continue;
- if (strncmp(t, "ndots:", 6) != 0) {
+ if (strncmp(t, "ndots:", 6) == 0) {
ndots = atoi(t + 6);
if (ndots < 1)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.0.STABLE18/src/enums.h new/squid-3.0.STABLE19/src/enums.h
--- old/squid-3.0.STABLE18/src/enums.h 2009-08-04 13:57:49.000000000 +0200
+++ new/squid-3.0.STABLE19/src/enums.h 2009-09-06 13:29:37.000000000 +0200
@@ -374,18 +374,9 @@
typedef enum {
S_HELPER_UNKNOWN,
S_HELPER_RESERVE,
- S_HELPER_RELEASE,
- S_HELPER_DEFER
+ S_HELPER_RELEASE
} stateful_helper_callback_t;
-/* stateful helper reservation info */
-typedef enum {
- S_HELPER_FREE, /* available for requests */
- S_HELPER_RESERVED, /* in a reserved state - no active request, but state data in the helper shouldn't be disturbed */
- S_HELPER_DEFERRED /* available for requests, and at least one more will come from a previous caller with the server pointer */
-} stateful_helper_reserve_t;
-
-
#if SQUID_SNMP
enum {
SNMP_C_VIEW,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.0.STABLE18/src/forward.h new/squid-3.0.STABLE19/src/forward.h
--- old/squid-3.0.STABLE18/src/forward.h 2009-08-04 13:57:49.000000000 +0200
+++ new/squid-3.0.STABLE19/src/forward.h 2009-09-06 13:29:38.000000000 +0200
@@ -82,7 +82,6 @@
static void abort(void*);
private:
- CBDATA_CLASS2(FwdState);
Pointer self;
ErrorState *err;
int client_fd;
@@ -111,6 +110,9 @@
struct sockaddr_in src;
#endif
+
+ // NP: keep this last. It plays with private/public
+ CBDATA_CLASS2(FwdState);
};
#endif
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.0.STABLE18/src/helper.cc new/squid-3.0.STABLE19/src/helper.cc
--- old/squid-3.0.STABLE18/src/helper.cc 2009-08-04 13:57:49.000000000 +0200
+++ new/squid-3.0.STABLE19/src/helper.cc 2009-09-06 13:29:38.000000000 +0200
@@ -56,12 +56,10 @@
static void helperStatefulDispatch(helper_stateful_server * srv, helper_stateful_request * r);
static void helperKickQueue(helper * hlp);
static void helperStatefulKickQueue(statefulhelper * hlp);
+static void helperStatefulServerDone(helper_stateful_server * srv);
static void helperRequestFree(helper_request * r);
static void helperStatefulRequestFree(helper_stateful_request * r);
static void StatefulEnqueue(statefulhelper * hlp, helper_stateful_request * r);
-static helper_stateful_request *StatefulServerDequeue(helper_stateful_server * srv);
-static void StatefulServerEnqueue(helper_stateful_server * srv, helper_stateful_request * r);
-static void helperStatefulServerKickQueue(helper_stateful_server * srv);
static bool helperStartStats(StoreEntry *sentry, void *hlp, const char *label);
@@ -249,10 +247,7 @@
helper_stateful_server *srv = cbdataAlloc(helper_stateful_server);
srv->hIpc = hIpc;
srv->pid = pid;
- srv->flags.reserved = S_HELPER_FREE;
- srv->deferred_requests = 0;
- srv->stats.deferbyfunc = 0;
- srv->stats.deferbycb = 0;
+ srv->flags.reserved = 0;
srv->stats.submits = 0;
srv->stats.releases = 0;
srv->index = k;
@@ -319,8 +314,7 @@
debugs(84, 9, "helperSubmit: " << buf);
}
-/* lastserver = "server last used as part of a deferred or reserved
- * request sequence"
+/* lastserver = "server last used as part of a reserved request sequence"
*/
void
helperStatefulSubmit(statefulhelper * hlp, const char *buf, HLPSCB * callback, void *data, helper_stateful_server * lastserver)
@@ -346,28 +340,12 @@
if ((buf != NULL) && lastserver) {
debugs(84, 5, "StatefulSubmit with lastserver " << lastserver);
- /* the queue doesn't count for this assert because queued requests
- * have already gone through here and been tested.
- * It's legal to have deferred_requests == 0 and queue entries
- * and status of S_HELPEER_DEFERRED.
- * BUT: It's not legal to submit a new request w/lastserver in
- * that state.
- */
- assert(!(lastserver->deferred_requests == 0 &&
- lastserver->flags.reserved == S_HELPER_DEFERRED));
- if (lastserver->flags.reserved != S_HELPER_RESERVED) {
- lastserver->stats.submits++;
- lastserver->deferred_requests--;
- }
+ assert(lastserver->flags.reserved);
+ assert(!(lastserver->request));
- if (!(lastserver->request)) {
- debugs(84, 5, "StatefulSubmit dispatching");
- helperStatefulDispatch(lastserver, r);
- } else {
- debugs(84, 5, "StatefulSubmit queuing");
- StatefulServerEnqueue(lastserver, r);
- }
+ debugs(84, 5, "StatefulSubmit dispatching");
+ helperStatefulDispatch(lastserver, r);
} else {
helper_stateful_server *srv;
if ((srv = StatefulGetFirstAvailable(hlp))) {
@@ -380,149 +358,25 @@
}
/*
- * helperStatefulDefer
- *
- * find and add a deferred request to a helper
- */
-helper_stateful_server *
-helperStatefulDefer(statefulhelper * hlp)
-{
- if (hlp == NULL) {
- debugs(84, 3, "helperStatefulDefer: hlp == NULL");
- return NULL;
- }
-
- debugs(84, 5, "helperStatefulDefer: Running servers " << hlp->n_running);
-
- if (hlp->n_running == 0) {
- debugs(84, 1, "helperStatefulDefer: No running servers!. ");
- return NULL;
- }
-
- helper_stateful_server *rv = StatefulGetFirstAvailable(hlp);
-
- if (rv == NULL) {
- /*
- * all currently busy; loop through servers and find server
- * with the shortest queue
- */
-
- for (dlink_node *n = hlp->servers.head; n != NULL; n = n->next) {
- helper_stateful_server *srv = (helper_stateful_server *)n->data;
-
- if (srv->flags.reserved == S_HELPER_RESERVED)
- continue;
-
- if (!srv->flags.shutdown)
- continue;
-
- if ((hlp->IsAvailable != NULL) && (srv->data != NULL) &&
- !(hlp->IsAvailable(srv->data)))
- continue;
-
- if ((rv != NULL) && (rv->deferred_requests < srv->deferred_requests))
- continue;
-
- rv = srv;
- }
- }
-
- if (rv == NULL) {
- debugs(84, 1, "helperStatefulDefer: None available.");
- return NULL;
- }
-
- /* consistency check:
- * when the deferred count is 0,
- * submits + releases == deferbyfunc + deferbycb
- * Or in english, when there are no deferred requests, the amount
- * we have submitted to the queue or cancelled must equal the amount
- * we have said we wanted to be able to submit or cancel
- */
- if (rv->deferred_requests == 0)
- assert(rv->stats.submits + rv->stats.releases ==
- rv->stats.deferbyfunc + rv->stats.deferbycb);
-
- rv->flags.reserved = S_HELPER_DEFERRED;
-
- rv->deferred_requests++;
-
- rv->stats.deferbyfunc++;
-
- return rv;
-}
-
-void
-helperStatefulReset(helper_stateful_server * srv)
-/* puts this helper back in the queue. the calling app is required to
- * manage the state in the helper.
- */
-{
- statefulhelper *hlp = srv->parent;
- helper_stateful_request *r = srv->request;
-
- if (r != NULL) {
- /* reset attempt DURING an outstaning request */
- debugs(84, 1, "helperStatefulReset: RESET During request " << hlp->id_name << " ");
- srv->flags.busy = 0;
- srv->roffset = 0;
- helperStatefulRequestFree(r);
- srv->request = NULL;
- }
-
- srv->flags.busy = 0;
-
- if (srv->queue.head) {
- srv->flags.reserved = S_HELPER_DEFERRED;
- } else {
- srv->flags.reserved = S_HELPER_FREE;
-
- if ((srv->parent->OnEmptyQueue != NULL) && (srv->data))
- srv->parent->OnEmptyQueue(srv->data);
- }
-
- helperStatefulServerKickQueue(srv);
-}
-
-/*
* DPW 2007-05-08
*
* helperStatefulReleaseServer tells the helper that whoever was
* using it no longer needs its services.
- *
- * If the state is S_HELPER_DEFERRED, decrease the deferred count.
- * If the count goes to zero, then it can become S_HELPER_FREE.
- *
- * If the state is S_HELPER_RESERVED, then it should always
- * become S_HELPER_FREE.
*/
void
helperStatefulReleaseServer(helper_stateful_server * srv)
{
debugs(84, 3, HERE << "srv-" << srv->index << " flags.reserved = " << srv->flags.reserved);
- if (srv->flags.reserved == S_HELPER_FREE)
+ if (!srv->flags.reserved)
return;
srv->stats.releases++;
+ srv->flags.reserved = 0;
- if (srv->flags.reserved == S_HELPER_DEFERRED) {
- assert(srv->deferred_requests);
- srv->deferred_requests--;
- if (srv->deferred_requests) {
- debugs(0,0,HERE << "helperStatefulReleaseServer srv->deferred_requests=" << srv->deferred_requests);
- return;
- }
- if (srv->queue.head) {
- debugs(0,0,HERE << "helperStatefulReleaseServer srv->queue.head not NULL");
- return;
- }
- }
-
- srv->flags.reserved = S_HELPER_FREE;
if (srv->parent->OnEmptyQueue != NULL && srv->data)
srv->parent->OnEmptyQueue(srv->data);
- helperStatefulServerKickQueue(srv);
+ helperStatefulServerDone(srv);
}
void *
@@ -604,12 +458,11 @@
storeAppendPrintf(sentry, "avg service time: %d msec\n",
hlp->stats.avg_svc_time);
storeAppendPrintf(sentry, "\n");
- storeAppendPrintf(sentry, "%7s\t%7s\t%7s\t%11s\t%20s\t%s\t%7s\t%7s\t%7s\n",
+ storeAppendPrintf(sentry, "%7s\t%7s\t%7s\t%11s\t%6s\t%7s\t%7s\t%7s\n",
"#",
"FD",
"PID",
"# Requests",
- "# Deferred Requests",
"Flags",
"Time",
"Offset",
@@ -617,17 +470,15 @@
for (dlink_node *link = hlp->servers.head; link; link = link->next) {
helper_stateful_server *srv = (helper_stateful_server *)link->data;
- double tt = 0.001 * tvSubMsec(srv->dispatch_time,
- srv->flags.busy ? current_time : srv->answer_time);
- storeAppendPrintf(sentry, "%7d\t%7d\t%7d\t%11d\t%20d\t%c%c%c%c%c\t%7.3f\t%7d\t%s\n",
+ double tt = 0.001 * tvSubMsec(srv->dispatch_time, srv->flags.busy ? current_time : srv->answer_time);
+ storeAppendPrintf(sentry, "%7d\t%7d\t%7d\t%11d\t%c%c%c%c%c\t%7.3f\t%7d\t%s\n",
srv->index + 1,
srv->rfd,
srv->pid,
srv->stats.uses,
- (int) srv->deferred_requests,
srv->flags.busy ? 'B' : ' ',
srv->flags.closing ? 'C' : ' ',
- srv->flags.reserved == S_HELPER_RESERVED ? 'R' : (srv->flags.reserved == S_HELPER_DEFERRED ? 'D' : ' '),
+ srv->flags.reserved ? 'R' : ' ',
srv->flags.shutdown ? 'S' : ' ',
srv->request ? (srv->request->placeholder ? 'P' : ' ') : ' ',
tt < 0.0 ? 0.0 : tt,
@@ -638,7 +489,7 @@
storeAppendPrintf(sentry, "\nFlags key:\n\n");
storeAppendPrintf(sentry, " B = BUSY\n");
storeAppendPrintf(sentry, " C = CLOSING\n");
- storeAppendPrintf(sentry, " R = RESERVED or DEFERRED\n");
+ storeAppendPrintf(sentry, " R = RESERVED\n");
storeAppendPrintf(sentry, " S = SHUTDOWN PENDING\n");
storeAppendPrintf(sentry, " P = PLACEHOLDER\n");
}
@@ -746,14 +597,14 @@
continue;
}
- if (srv->flags.reserved != S_HELPER_FREE) {
- debugs(84, 3, "helperStatefulShutdown: " << hlp->id_name << " #" << srv->index + 1 << " is RESERVED.");
- continue;
- }
-
- if (srv->deferred_requests) {
- debugs(84, 3, "helperStatefulShutdown: " << hlp->id_name << " #" << srv->index + 1 << " has DEFERRED requests.");
- continue;
+ if (srv->flags.reserved) {
+ if (shutting_down) {
+ debugs(84, 3, "helperStatefulShutdown: " << hlp->id_name << " #" << srv->index + 1 << " is RESERVED. Closing anyway.");
+ }
+ else {
+ debugs(84, 3, "helperStatefulShutdown: " << hlp->id_name << " #" << srv->index + 1 << " is RESERVED. Not Shutting Down Yet.");
+ continue;
+ }
}
srv->flags.closing = 1;
@@ -1140,6 +991,7 @@
if ((t = strchr(srv->rbuf, '\n'))) {
/* end of reply found */
+ int called = 1;
debugs(84, 3, "helperStatefulHandleRead: end of reply found");
if (t > srv->rbuf && t[-1] == '\r')
@@ -1148,58 +1000,10 @@
*t = '\0';
if (r && cbdataReferenceValid(r->data)) {
- switch ((r->callback(r->data, srv, srv->rbuf))) { /*if non-zero reserve helper */
-
- case S_HELPER_UNKNOWN:
- fatal("helperStatefulHandleRead: either a non-state aware callback was give to the stateful helper routines, or an uninitialised callback response was received.\n");
- break;
-
- case S_HELPER_RELEASE: /* helper finished with */
-
- if (!srv->deferred_requests && !srv->queue.head) {
- srv->flags.reserved = S_HELPER_FREE;
-
- if ((srv->parent->OnEmptyQueue != NULL) && (srv->data))
- srv->parent->OnEmptyQueue(srv->data);
-
- debugs(84, 5, "StatefulHandleRead: releasing " << hlp->id_name << " #" << srv->index + 1);
- } else {
- srv->flags.reserved = S_HELPER_DEFERRED;
- debugs(84, 5, "StatefulHandleRead: outstanding deferred requests on " <<
- hlp->id_name << " #" << srv->index + 1 <<
- ". reserving for deferred requests.");
- }
-
- break;
-
- case S_HELPER_RESERVE: /* 'pin' this helper for the caller */
-
- if (!srv->queue.head) {
- assert(srv->deferred_requests == 0);
- srv->flags.reserved = S_HELPER_RESERVED;
- debugs(84, 5, "StatefulHandleRead: reserving " << hlp->id_name << " #" << srv->index + 1);
- } else {
- fatal("StatefulHandleRead: Callback routine attempted to reserve a stateful helper with deferred requests. This can lead to deadlock.\n");
- }
-
- break;
-
- case S_HELPER_DEFER:
- /* the helper is still needed, but can
- * be used for other requests in the meantime.
- */
- srv->flags.reserved = S_HELPER_DEFERRED;
- srv->deferred_requests++;
- srv->stats.deferbycb++;
- debugs(84, 5, "StatefulHandleRead: reserving " << hlp->id_name << " #" << srv->index + 1 << " for deferred requests.");
- break;
-
- default:
- fatal("helperStatefulHandleRead: unknown stateful helper callback result.\n");
- }
-
+ r->callback(r->data, srv, srv->rbuf);
} else {
debugs(84, 1, "StatefulHandleRead: no callback data registered");
+ called = 0;
}
srv->flags.busy = 0;
@@ -1213,7 +1017,10 @@
tvSubMsec(srv->dispatch_time, current_time),
hlp->stats.replies, REDIRECT_AV_FACTOR);
- helperStatefulServerKickQueue(srv);
+ if (called)
+ helperStatefulServerDone(srv);
+ else
+ helperStatefulReleaseServer(srv);
}
if (srv->rfd != -1)
@@ -1278,31 +1085,6 @@
}
-static void
-StatefulServerEnqueue(helper_stateful_server * srv, helper_stateful_request * r)
-{
- dlink_node *link = (dlink_node *)memAllocate(MEM_DLINK_NODE);
- dlinkAddTail(r, link, &srv->queue);
- /* TODO: warning if the queue on this server is more than X
- * We don't check the queue size at the moment, because
- * requests hitting here are deferrable
- */
- /* hlp->stats.queue_size++;
- * if (hlp->stats.queue_size < hlp->n_running)
- * return;
- * if (squid_curtime - hlp->last_queue_warn < 600)
- * return;
- * if (shutting_down || reconfiguring)
- * return;
- * hlp->last_queue_warn = squid_curtime;
- * debugs(84, 0, "WARNING: All " << hlp->id_name << " processes are busy.");
- * debugs(84, 0, "WARNING: " << hlp->stats.queue_size << " pending requests queued");
- * if (hlp->stats.queue_size > hlp->n_running * 2)
- * fatalf("Too many queued %s requests", hlp->id_name);
- * debugs(84, 1, "Consider increasing the number of " << hlp->id_name << " processes in your config file." ); */
-}
-
-
static helper_request *
Dequeue(helper * hlp)
{
@@ -1320,21 +1102,6 @@
}
static helper_stateful_request *
-StatefulServerDequeue(helper_stateful_server * srv)
-{
- dlink_node *link;
- helper_stateful_request *r = NULL;
-
- if ((link = srv->queue.head)) {
- r = (helper_stateful_request *)link->data;
- dlinkDelete(link, &srv->queue);
- memFree(link, MEM_DLINK_NODE);
- }
-
- return r;
-}
-
-static helper_stateful_request *
StatefulDequeue(statefulhelper * hlp)
{
dlink_node *link;
@@ -1407,7 +1174,7 @@
if (srv->flags.busy)
continue;
- if (srv->flags.reserved == S_HELPER_RESERVED)
+ if (srv->flags.reserved)
continue;
if (srv->flags.shutdown)
@@ -1520,6 +1287,7 @@
if (!cbdataReferenceValid(r->data)) {
debugs(84, 1, "helperStatefulDispatch: invalid callback data");
helperStatefulRequestFree(r);
+ helperStatefulReleaseServer(srv);
return;
}
@@ -1527,7 +1295,7 @@
if (r->placeholder == 1) {
/* a callback is needed before this request can _use_ a helper. */
- /* we don't care about releasing/deferring this helper. The request NEVER
+ /* we don't care about releasing this helper. The request NEVER
* gets to the helper. So we throw away the return code */
r->callback(r->data, srv, NULL);
/* throw away the placeholder */
@@ -1536,12 +1304,13 @@
* request to the helper which is why we test for the request*/
if (srv->request == NULL)
- helperStatefulServerKickQueue(srv);
+ helperStatefulServerDone(srv);
return;
}
srv->flags.busy = 1;
+ srv->flags.reserved = 1;
srv->request = r;
srv->dispatch_time = current_time;
comm_write(srv->wfd,
@@ -1579,18 +1348,11 @@
}
static void
-helperStatefulServerKickQueue(helper_stateful_server * srv)
+helperStatefulServerDone(helper_stateful_server * srv)
{
- helper_stateful_request *r;
-
- if ((r = StatefulServerDequeue(srv))) {
- helperStatefulDispatch(srv, r);
- return;
- }
-
if (!srv->flags.shutdown) {
helperStatefulKickQueue(srv->parent);
- } else if (!srv->flags.closing && srv->flags.reserved == S_HELPER_FREE && !srv->flags.busy) {
+ } else if (!srv->flags.closing && !srv->flags.reserved && !srv->flags.busy) {
int wfd = srv->wfd;
srv->wfd = -1;
if (srv->rfd == wfd)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.0.STABLE18/src/helper.h new/squid-3.0.STABLE19/src/helper.h
--- old/squid-3.0.STABLE18/src/helper.h 2009-08-04 13:57:49.000000000 +0200
+++ new/squid-3.0.STABLE19/src/helper.h 2009-09-06 13:29:38.000000000 +0200
@@ -53,7 +53,7 @@
typedef struct _helper_stateful_flags helper_stateful_flags;
-typedef stateful_helper_callback_t HLPSCB(void *, void *lastserver, char *buf);
+typedef void HLPSCB(void *, void *lastserver, char *buf);
struct _helper
{
@@ -171,37 +171,24 @@
struct timeval answer_time;
dlink_node link;
- dlink_list queue;
statefulhelper *parent;
helper_stateful_request *request;
struct _helper_stateful_flags
{
-
-unsigned int busy:
- 1;
-
-unsigned int closing:
- 1;
-
-unsigned int shutdown:
- 1;
- stateful_helper_reserve_t reserved;
- }
-
- flags;
+ unsigned int busy:1;
+ unsigned int closing:1;
+ unsigned int shutdown:1;
+ unsigned int reserved:1;
+ } flags;
struct
{
int uses;
int submits;
int releases;
- int deferbyfunc;
- int deferbycb;
- }
+ } stats;
- stats;
- int deferred_requests; /* current number of deferred requests */
void *data; /* State data used by the calling routines */
void *hIpc;
};
@@ -227,7 +214,7 @@
MEMPROXY_CLASS(helper_stateful_request);
char *buf;
HLPSCB *callback;
- int placeholder; /* if 1, this is a dummy request waiting for a stateful helper to become available for deferred requests.*/
+ int placeholder; /* if 1, this is a dummy request waiting for a stateful helper to become available */
void *data;
};
@@ -246,10 +233,8 @@
SQUIDCEXTERN statefulhelper *helperStatefulCreate(const char *);
SQUIDCEXTERN void helperFree(helper *);
SQUIDCEXTERN void helperStatefulFree(statefulhelper *);
-SQUIDCEXTERN void helperStatefulReset(helper_stateful_server * srv);
SQUIDCEXTERN void helperStatefulReleaseServer(helper_stateful_server * srv);
SQUIDCEXTERN void *helperStatefulServerGetData(helper_stateful_server * srv);
-SQUIDCEXTERN helper_stateful_server *helperStatefulDefer(statefulhelper *);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.0.STABLE18/src/HttpHeaderTools.cc new/squid-3.0.STABLE19/src/HttpHeaderTools.cc
--- old/squid-3.0.STABLE18/src/HttpHeaderTools.cc 2009-08-04 13:57:48.000000000 +0200
+++ new/squid-3.0.STABLE19/src/HttpHeaderTools.cc 2009-09-06 13:29:36.000000000 +0200
@@ -246,10 +246,16 @@
strListGetItem(const String * str, char del, const char **item, int *ilen, const char **pos)
{
size_t len;
- static char delim[3][8] = {
- "\"?,",
- "\"\\",
- " ?,\t\r\n"
+
+ /* ',' is always enabled as field delimiter as this is required for
+ * processing merged header values properly, even if Cookie normally
+ * uses ';' as delimiter.
+ */
+ static char delim[3][8] =
+ {
+ "\"?,",
+ "\"\\",
+ " ?,\t\r\n"
};
int quoted = 0;
assert(str && item && pos);
@@ -264,7 +270,7 @@
return 0;
}
- /* skip leading ws and delimiters */
+ /* skip leading whitespace and delimiters */
*pos += strspn(*pos, delim[2]);
*item = *pos; /* remember item's start */
@@ -272,20 +278,15 @@
/* find next delimiter */
do {
*pos += strcspn(*pos, delim[quoted]);
-
- if (**pos == del)
- break;
-
if (**pos == '"') {
quoted = !quoted;
*pos += 1;
- }
-
- if (quoted && **pos == '\\') {
+ } else if (quoted && **pos == '\\') {
*pos += 1;
-
if (**pos)
*pos += 1;
+ } else {
+ break; /* Delimiter found, marking the end of this value */
}
} while (**pos);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.0.STABLE18/src/HttpReply.cc new/squid-3.0.STABLE19/src/HttpReply.cc
--- old/squid-3.0.STABLE18/src/HttpReply.cc 2009-08-04 13:57:48.000000000 +0200
+++ new/squid-3.0.STABLE19/src/HttpReply.cc 2009-09-06 13:29:36.000000000 +0200
@@ -476,7 +476,7 @@
// skip arbitrary number of spaces...
while (pos <= buf->contentSize() && (char)*(buf->content()+pos) == ' ') ++pos;
- if (!xisdigit(*(buf->content()+pos))) {
+ if (pos < buf->contentSize() && !xisdigit(*(buf->content()+pos))) {
debugs(58, 3, "HttpReply::sanityCheckStartLine: missing or invalid status number in '" << buf->content() << "'");
*error = HTTP_INVALID_HEADER;
return false;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.0.STABLE18/src/store_dir.cc new/squid-3.0.STABLE19/src/store_dir.cc
--- old/squid-3.0.STABLE18/src/store_dir.cc 2009-08-04 13:57:50.000000000 +0200
+++ new/squid-3.0.STABLE19/src/store_dir.cc 2009-09-06 13:29:38.000000000 +0200
@@ -189,6 +189,10 @@
int load;
RefCount<SwapDir> sd;
+ ssize_t objsize = e->objectLen();
+ if (objsize != -1)
+ objsize += e->mem_obj->swap_hdr_sz;
+
for (i = 0; i <= Config.cacheSwap.n_configured; i++) {
if (++dirn >= Config.cacheSwap.n_configured)
dirn = 0;
@@ -201,7 +205,7 @@
if (sd->cur_size > sd->max_size)
continue;
- if (!sd->objectSizeIsAcceptable(e->objectLen()))
+ if (!sd->objectSizeIsAcceptable(objsize))
continue;
/* check for error or overload condition */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.0.STABLE18/src/StoreHashIndex.h new/squid-3.0.STABLE19/src/StoreHashIndex.h
--- old/squid-3.0.STABLE18/src/StoreHashIndex.h 2009-08-04 13:57:48.000000000 +0200
+++ new/squid-3.0.STABLE19/src/StoreHashIndex.h 2009-09-06 13:29:36.000000000 +0200
@@ -110,13 +110,15 @@
RefCount<StoreHashIndex> sd;
private:
- CBDATA_CLASS2(StoreSearchHashIndex);
void copyBucket();
void (*callback)(void *cbdata);
void *cbdata;
bool _done;
int bucket;
Vector entries;
+
+ // keep this last. it plays with private/public
+ CBDATA_CLASS2(StoreSearchHashIndex);
};
#endif /* SQUID_STOREHASHINDEX_H */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.0.STABLE18/src/store_swapout.cc new/squid-3.0.STABLE19/src/store_swapout.cc
--- old/squid-3.0.STABLE18/src/store_swapout.cc 2009-08-04 13:57:50.000000000 +0200
+++ new/squid-3.0.STABLE19/src/store_swapout.cc 2009-09-06 13:29:38.000000000 +0200
@@ -63,6 +63,15 @@
/* If we start swapping out objects with OutOfBand Metadata,
* then this code needs changing
*/
+
+ /* TODO: make some sort of data,size refcounted immutable buffer
+ * and stop fooling ourselves with "const char*" buffers.
+ */
+
+ // Create metadata now, possibly in vain: storeCreate needs swap_hdr_sz.
+ const char *buf = e->getSerialisedMetaData ();
+ assert(buf);
+
/* Create the swap file */
generic_cbdata *c = new generic_cbdata(e);
sio = storeCreate(e, storeSwapOutFileNotify, storeSwapOutFileClosed, c);
@@ -70,6 +79,7 @@
if (sio == NULL) {
e->swap_status = SWAPOUT_NONE;
delete c;
+ xfree((char*)buf);
storeLog(STORE_LOG_SWAPOUTFAIL, e);
return;
}
@@ -87,16 +97,6 @@
e->swap_dirn = mem->swapout.sio->swap_dirn;
/* write out the swap metadata */
- /* TODO: make some sort of data,size refcounted immutable buffer
- * for use by this sort of function.
- */
- char const *buf = e->getSerialisedMetaData ();
-
- /* If we start swapping out with out of band metadata, this assert
- * will catch it - this code needs to be adjusted if that happens
- */
- assert (buf);
-
storeIOWrite(mem->swapout.sio, buf, mem->swap_hdr_sz, 0, xfree);
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.0.STABLE18/test-suite/MemPoolTest.cc new/squid-3.0.STABLE19/test-suite/MemPoolTest.cc
--- old/squid-3.0.STABLE18/test-suite/MemPoolTest.cc 2009-08-04 13:57:50.000000000 +0200
+++ new/squid-3.0.STABLE19/test-suite/MemPoolTest.cc 2009-09-06 13:29:39.000000000 +0200
@@ -33,6 +33,9 @@
*/
#include "squid.h"
+
+#if !DISABLE_POOLS
+
#include "MemPool.h"
#include <iostream>
@@ -74,11 +77,15 @@
delete Pool;
}
+#endif /* DISABLE_POOLS */
+
int
main (int argc, char **argv)
{
+#if !DISABLE_POOLS
MemPoolTest aTest;
aTest.run();
+#endif
return 0;
}
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org