Hello community, here is the log from the commit of package squid checked in at Tue Oct 28 18:19:12 CET 2008. -------- --- squid/squid.changes 2008-10-02 14:21:40.000000000 +0200 +++ /mounts/work_src_done/STABLE/squid/squid.changes 2008-10-27 18:04:46.129056000 +0100 @@ -1,0 +2,19 @@ +Mon Oct 27 18:04:31 CET 2008 - kssingvo@suse.de + +- update to 2.7.STABLE5, which is a bugfix version only: + * Don't set expires: now in generated error responses + * Old headers still returned after a cache validation + * swap.state permission issues if crashing during "squid -k + reconfigure" + * Limit stale-if-error to 500-504 responses + * Increase negotiate auth token buffer size + * add upgrade_http0.9 option making it possible to disable + upgrade of HTTP/0.9 responses + * assertion failed: sc->new_callback == NULL at store_client.c:190 + * Shut down store url rewrite helpers on squid -k reconfigure + * configuration file contains non-ASCII characters + For complete list of changes see: + http://www.squid-cache.org/Versions/v2/2.7/changesets/SQUID_2_7_STABLE5.html +- removed obsolete, already in upstream version patches + +------------------------------------------------------------------- calling whatdependson for head-i586 Old: ---- 12374.patch 12375.patch 12376.patch 12377.patch 12378.patch 12380.patch squid-2.7.STABLE4-RELEASENOTES.html squid-2.7.STABLE4.tar.bz2 New: ---- squid-2.7.STABLE5-RELEASENOTES.html squid-2.7.STABLE5.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ squid.spec ++++++ --- /var/tmp/diff_new_pack.v29459/_old 2008-10-28 18:18:39.000000000 +0100 +++ /var/tmp/diff_new_pack.v29459/_new 2008-10-28 18:18:39.000000000 +0100 @@ -1,5 +1,5 @@ # -# spec file for package squid (Version 2.7.STABLE4) +# spec file for package squid (Version 2.7.STABLE5) # # Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -25,8 +25,8 @@ BuildRequires: valgrind valgrind-devel %endif Summary: Squid WWW proxy server -Version: 2.7.STABLE4 -Release: 16 +Version: 2.7.STABLE5 +Release: 1 License: GPL v2 or later Url: http://www.squid-cache.org Group: Productivity/Networking/Web/Proxy @@ -53,12 +53,12 @@ Source12: http://www.squid-cache.org/WCCP-support/Linux/ip_wccp.c Source13: squid.sysconfig Patch0: squid-2.7.STABLE3-config.patch -Patch1: http://www.squid-cache.org/Versions/v2/2.7/changesets/12374.patch -Patch2: http://www.squid-cache.org/Versions/v2/2.7/changesets/12375.patch -Patch3: http://www.squid-cache.org/Versions/v2/2.7/changesets/12376.patch -Patch4: http://www.squid-cache.org/Versions/v2/2.7/changesets/12377.patch -Patch5: http://www.squid-cache.org/Versions/v2/2.7/changesets/12378.patch -Patch6: http://www.squid-cache.org/Versions/v2/2.7/changesets/12380.patch +# Patch1: http://www.squid-cache.org/Versions/v2/2.7/changesets/12374.patch +# Patch2: http://www.squid-cache.org/Versions/v2/2.7/changesets/12375.patch +# Patch3: http://www.squid-cache.org/Versions/v2/2.7/changesets/12376.patch +# Patch4: http://www.squid-cache.org/Versions/v2/2.7/changesets/12377.patch +# Patch5: http://www.squid-cache.org/Versions/v2/2.7/changesets/12378.patch +# Patch6: http://www.squid-cache.org/Versions/v2/2.7/changesets/12380.patch # Patch7: http://www.squid-cache.org/Versions/v2/2.7/changesets/ # Patch8: http://www.squid-cache.org/Versions/v2/2.7/changesets/ # Patch9: http://www.squid-cache.org/Versions/v2/2.7/changesets/ @@ -138,12 +138,12 @@ #mv msntauth-v2.0.3-squid.1 MSNT #) %patch0 -p1 -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch6 -p1 +# %patch1 -p1 +# %patch2 -p1 +# %patch3 -p1 +# %patch4 -p1 +# %patch5 -p1 +# %patch6 -p1 # %patch7 -p1 # %patch8 -p1 # %patch9 -p1 @@ -397,6 +397,22 @@ %doc README.ip_user %changelog +* Mon Oct 27 2008 kssingvo@suse.de +- update to 2.7.STABLE5, which is a bugfix version only: + * Don't set expires: now in generated error responses + * Old headers still returned after a cache validation + * swap.state permission issues if crashing during "squid -k + reconfigure" + * Limit stale-if-error to 500-504 responses + * Increase negotiate auth token buffer size + * add upgrade_http0.9 option making it possible to disable + upgrade of HTTP/0.9 responses + * assertion failed: sc->new_callback == NULL at store_client.c:190 + * Shut down store url rewrite helpers on squid -k reconfigure + * configuration file contains non-ASCII characters + For complete list of changes see: + http://www.squid-cache.org/Versions/v2/2.7/changesets/SQUID_2_7_STABLE5.html +- removed obsolete, already in upstream version patches * Thu Oct 02 2008 kssingvo@suse.de - bugfix if user is in many kerberos groups (12380.patch) * Thu Sep 25 2008 kssingvo@suse.de @@ -1328,7 +1344,7 @@ set to 4096 at buildtime by "ulimit -n 4096" in spec-file * Tue Dec 12 2000 ro@suse.de - use official tags for required-start -* Tue Dec 12 2000 bodammer@suse.de +* Mon Dec 11 2000 bodammer@suse.de - error in initscript fixed * Wed Dec 06 2000 bodammer@suse.de - Requires ldaplib added in specfile ++++++ squid-2.7.STABLE4-RELEASENOTES.html -> squid-2.7.STABLE5-RELEASENOTES.html ++++++ --- squid/squid-2.7.STABLE4-RELEASENOTES.html 2008-08-08 21:19:32.000000000 +0200 +++ /mounts/work_src_done/STABLE/squid/squid-2.7.STABLE5-RELEASENOTES.html 2008-10-17 18:56:00.000000000 +0200 @@ -2,12 +2,12 @@ <HTML> <HEAD> <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.21"> - <TITLE>Squid 2.7.STABLE4 release notes</TITLE> + <TITLE>Squid 2.7.STABLE5 release notes</TITLE> </HEAD> <BODY> -<H1>Squid 2.7.STABLE4 release notes</H1> +<H1>Squid 2.7.STABLE5 release notes</H1> -<H2>Squid Developers</H2>$Id: release.html,v 1.1.2.9 2008/08/08 19:19:32 hno Exp $ +<H2>Squid Developers</H2>$Id: release.html,v 1.1.2.10 2008/10/17 18:56:26 hno Exp $ <HR> <EM>This document contains the release notes for version 2.7 of Squid. Squid is a WWW Cache application developed by the Web Caching community.</EM> @@ -50,6 +50,9 @@ <P> <H2><A NAME="toc7">7.</A> <A HREF="#s7">Key changes in squid-2.7.STABLE4</A></H2> +<P> +<H2><A NAME="toc8">8.</A> <A HREF="#s8">Key changes in squid-2.7.STABLE5</A></H2> + <HR> <H2><A NAME="s1">1.</A> <A HREF="#toc1">Key changes from squid 2.6</A></H2> @@ -446,6 +449,28 @@ <LI>Make dns_nameserver work when using --disable-internal-dns on glibc based systems</LI> <LI>Handle aborted objects properly. The change in 2.7.STABLE3 triggered a number of issues.</LI> <LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=2406">#2406</a>: access.log logs rewritten URL and strip_query_terms ineffective</LI> +<LI>See also the list of +<A HREF="http://www.squid-cache.org/Versions/v2/2.7/changesets/SQUID_2_7_STABLE4.html">squid-2.7.STABLE4 changes</A> and the +<A HREF="ChangeLog.txt">ChangeLog</A> file for details.</LI> +</UL> +</P> + +<H2><A NAME="s8">8.</A> <A HREF="#toc8">Key changes in squid-2.7.STABLE5</A></H2> + +<P> +<UL> +<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=2441">#2441</a>: Shut down store url rewrite helpers on squid -k reconfigure</LI> +<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=2464">#2464</a>: assertion failed: sc->new_callback == NULL at store_client.c:190</LI> +<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=2394">#2394</a>: add upgrade_http0.9 option making it possible to disable upgrade of HTTP/0.9 responses</LI> +<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=2426">#2426</a>: Increase negotiate auth token buffer size</LI> +<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=2468">#2468</a>: Limit stale-if-error to 500-504 responses</LI> +<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=2477">#2477</a>: swap.state permission issues if crashing during "squid -k reconfigure"</LI> +<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=2430">#2430</a>: Old headers sometimes still returned after a cache validation</LI> +<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=2481">#2481</a>: Don't set expires: now in generated error responses</LI> +<LI>Windows port: Fix build error using latest MinGW runtime.</LI> +<LI>See also the list of +<A HREF="http://www.squid-cache.org/Versions/v2/2.7/changesets/SQUID_2_7_STABLE5.html">squid-2.7.STABLE5 changes</A> and the +<A HREF="ChangeLog.txt">ChangeLog</A> file for details.</LI> </UL> </P> ++++++ squid-2.7.STABLE4.tar.bz2 -> squid-2.7.STABLE5.tar.bz2 ++++++ diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.7.STABLE4/ChangeLog new/squid-2.7.STABLE5/ChangeLog --- old/squid-2.7.STABLE4/ChangeLog 2008-08-08 21:17:40.000000000 +0200 +++ new/squid-2.7.STABLE5/ChangeLog 2008-10-17 20:55:54.000000000 +0200 @@ -1,5 +1,24 @@ -Changes to squid-2.7.SATBLE4 (8 August 2008) +Changes to squid-2.7.STABLE5 (17 October 2008) + - Bug #2439: configuration file contains non-ASCII characters + - Bug #2441: Shut down store url rewrite helpers on squid -k + reconfigure + - foreground rebuild should do all of the rebuilding before Squid + accepts requests. + - Bug #2464: assertion failed: sc->new_callback == NULL at + store_client.c:190 + - Bug #2394: add upgrade_http0.9 option making it possible to disable + upgrade of HTTP/0.9 responses + - Bug #2426: Increase negotiate auth token buffer size + - Bug #2468: Limit stale-if-error to 500-504 responses + - Bug #2477: swap.state permission issues if crashing during "squid -k + reconfigure" + - Bug #2430: Old headers still returned after a cache validation if + the request triggering the cache validation was itself a + If-Modified-Since request. + - Bug #2481: Don't set expires: now in generated error responses + - Windows port: Fix build error using latest MinGW runtime. +Changes to squid-2.7.STABLE4 (8 August 2008) - Bug #2387: The calculation of the number of hash buckets need to account for the memory size, not only disk size - Bug #2393: DNS requests retried indefinitely at full speed on failed @@ -27,6 +46,7 @@ - Bug #2406: access.log logs rewritten URL and strip_query_terms ineffective - More changes to deal properly with aborted requests + - Bug #2427: squid_ldap_group -h reports the old % codes for -f Changes to squid-2.6.STABLE21 (27 June 2008) diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.7.STABLE4/configure new/squid-2.7.STABLE5/configure --- old/squid-2.7.STABLE4/configure 2008-08-08 21:21:03.000000000 +0200 +++ new/squid-2.7.STABLE5/configure 2008-10-17 21:01:04.000000000 +0200 @@ -1,7 +1,7 @@ #! /bin/sh -# From configure.in Revision: 1.430.2.14 . +# From configure.in Revision: 1.430.2.15 . # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.61 for Squid Web Proxy 2.7.STABLE4. +# Generated by GNU Autoconf 2.61 for Squid Web Proxy 2.7.STABLE5. # # Report bugs to <http://www.squid-cache.org/bugs/>. # @@ -575,8 +575,8 @@ # Identity of this package. PACKAGE_NAME='Squid Web Proxy' PACKAGE_TARNAME='squid' -PACKAGE_VERSION='2.7.STABLE4' -PACKAGE_STRING='Squid Web Proxy 2.7.STABLE4' +PACKAGE_VERSION='2.7.STABLE5' +PACKAGE_STRING='Squid Web Proxy 2.7.STABLE5' PACKAGE_BUGREPORT='http://www.squid-cache.org/bugs/' ac_default_prefix=/usr/local/squid @@ -1312,7 +1312,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures Squid Web Proxy 2.7.STABLE4 to adapt to many kinds of systems. +\`configure' configures Squid Web Proxy 2.7.STABLE5 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1382,7 +1382,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of Squid Web Proxy 2.7.STABLE4:";; + short | recursive ) echo "Configuration of Squid Web Proxy 2.7.STABLE5:";; esac cat <<\_ACEOF @@ -1663,7 +1663,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -Squid Web Proxy configure 2.7.STABLE4 +Squid Web Proxy configure 2.7.STABLE5 generated by GNU Autoconf 2.61 Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, @@ -1677,7 +1677,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by Squid Web Proxy $as_me 2.7.STABLE4, which was +It was created by Squid Web Proxy $as_me 2.7.STABLE5, which was generated by GNU Autoconf 2.61. Invocation command line was $ $0 $@ @@ -2350,7 +2350,7 @@ # Define the identity of the package. PACKAGE='squid' - VERSION='2.7.STABLE4' + VERSION='2.7.STABLE5' cat >>confdefs.h <<_ACEOF @@ -27798,7 +27798,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by Squid Web Proxy $as_me 2.7.STABLE4, which was +This file was extended by Squid Web Proxy $as_me 2.7.STABLE5, which was generated by GNU Autoconf 2.61. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -27851,7 +27851,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF ac_cs_version="\\ -Squid Web Proxy config.status 2.7.STABLE4 +Squid Web Proxy config.status 2.7.STABLE5 configured by $0, generated by GNU Autoconf 2.61, with options \\"`echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\" diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.7.STABLE4/configure.in new/squid-2.7.STABLE5/configure.in --- old/squid-2.7.STABLE4/configure.in 2008-08-08 21:21:03.000000000 +0200 +++ new/squid-2.7.STABLE5/configure.in 2008-10-17 21:01:04.000000000 +0200 @@ -1,16 +1,16 @@ dnl dnl Configuration input file for Squid dnl -dnl $Id: configure.in,v 1.430.2.14 2008/08/03 22:27:01 hno Exp $ +dnl $Id: configure.in,v 1.430.2.15 2008/10/17 18:55:54 hno Exp $ dnl dnl dnl -AC_INIT(Squid Web Proxy, 2.7.STABLE4, http://www.squid-cache.org/bugs/, squid) +AC_INIT(Squid Web Proxy, 2.7.STABLE5, http://www.squid-cache.org/bugs/, squid) AC_PREREQ(2.52) AM_CONFIG_HEADER(include/autoconf.h) AC_CONFIG_AUX_DIR(cfgaux) AM_INIT_AUTOMAKE -AC_REVISION($Revision: 1.430.2.14 $)dnl +AC_REVISION($Revision: 1.430.2.15 $)dnl AC_PREFIX_DEFAULT(/usr/local/squid) AM_MAINTAINER_MODE diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.7.STABLE4/helpers/negotiate_auth/squid_kerb_auth/squid_kerb_auth.c new/squid-2.7.STABLE5/helpers/negotiate_auth/squid_kerb_auth/squid_kerb_auth.c --- old/squid-2.7.STABLE4/helpers/negotiate_auth/squid_kerb_auth/squid_kerb_auth.c 2008-02-24 20:18:53.000000000 +0100 +++ new/squid-2.7.STABLE5/helpers/negotiate_auth/squid_kerb_auth/squid_kerb_auth.c 2008-09-29 00:44:36.000000000 +0200 @@ -43,6 +43,9 @@ #ifndef MAXHOSTNAMELEN #define MAXHOSTNAMELEN HOST_NAME_MAX #endif +#ifndef MAX_AUTHTOKEN_LEN +#define MAX_AUTHTOKEN_LEN 65535 +#endif #define PROGRAM "squid_kerb_auth" @@ -173,10 +176,9 @@ } - int main(int argc, char * const argv[]) { - char buf[6400]; + char buf[MAX_AUTHTOKEN_LEN]; char *c; int length=0; static int err=0; diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.7.STABLE4/include/sspwin32.h new/squid-2.7.STABLE5/include/sspwin32.h --- old/squid-2.7.STABLE4/include/sspwin32.h 2006-09-09 17:41:45.000000000 +0200 +++ new/squid-2.7.STABLE5/include/sspwin32.h 2008-10-13 18:33:32.000000000 +0200 @@ -1,6 +1,6 @@ /* - * $Id: sspwin32.h,v 1.2 2006/09/09 15:41:45 serassio Exp $ + * $Id: sspwin32.h,v 1.2.6.1 2008/10/13 16:33:32 hno Exp $ * * AUTHOR: Guido Serassio <serassio@squid-cache.org> * Based on previous work of Francesco Chemolli, Robert Collins and Andrew Doran @@ -46,6 +46,7 @@ #include <tchar.h> #endif #include <windows.h> +#include <ntsecapi.h> #include <security.h> #include <sspi.h> diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.7.STABLE4/include/version.h new/squid-2.7.STABLE5/include/version.h --- old/squid-2.7.STABLE4/include/version.h 2008-08-08 21:21:03.000000000 +0200 +++ new/squid-2.7.STABLE5/include/version.h 2008-10-17 21:01:04.000000000 +0200 @@ -9,5 +9,5 @@ */ #ifndef SQUID_RELEASE_TIME -#define SQUID_RELEASE_TIME 1218223259 +#define SQUID_RELEASE_TIME 1224270059 #endif diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.7.STABLE4/RELEASENOTES.html new/squid-2.7.STABLE5/RELEASENOTES.html --- old/squid-2.7.STABLE4/RELEASENOTES.html 2008-08-08 21:21:35.000000000 +0200 +++ new/squid-2.7.STABLE5/RELEASENOTES.html 2008-10-17 21:01:40.000000000 +0200 @@ -2,12 +2,12 @@ <HTML> <HEAD> <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.21"> - <TITLE>Squid 2.7.STABLE4 release notes</TITLE> + <TITLE>Squid 2.7.STABLE5 release notes</TITLE> </HEAD> <BODY> -<H1>Squid 2.7.STABLE4 release notes</H1> +<H1>Squid 2.7.STABLE5 release notes</H1> -<H2>Squid Developers</H2>$Id: release.html,v 1.1.2.9 2008/08/08 19:19:32 hno Exp $ +<H2>Squid Developers</H2>$Id: release.html,v 1.1.2.10 2008/10/17 18:56:26 hno Exp $ <HR> <EM>This document contains the release notes for version 2.7 of Squid. Squid is a WWW Cache application developed by the Web Caching community.</EM> @@ -50,6 +50,9 @@ <P> <H2><A NAME="toc7">7.</A> <A HREF="#s7">Key changes in squid-2.7.STABLE4</A></H2> +<P> +<H2><A NAME="toc8">8.</A> <A HREF="#s8">Key changes in squid-2.7.STABLE5</A></H2> + <HR> <H2><A NAME="s1">1.</A> <A HREF="#toc1">Key changes from squid 2.6</A></H2> @@ -446,6 +449,28 @@ <LI>Make dns_nameserver work when using --disable-internal-dns on glibc based systems</LI> <LI>Handle aborted objects properly. The change in 2.7.STABLE3 triggered a number of issues.</LI> <LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=2406">#2406</a>: access.log logs rewritten URL and strip_query_terms ineffective</LI> +<LI>See also the list of +<A HREF="http://www.squid-cache.org/Versions/v2/2.7/changesets/SQUID_2_7_STABLE4.html">squid-2.7.STABLE4 changes</A> and the +<A HREF="ChangeLog">ChangeLog</A> file for details.</LI> +</UL> +</P> + +<H2><A NAME="s8">8.</A> <A HREF="#toc8">Key changes in squid-2.7.STABLE5</A></H2> + +<P> +<UL> +<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=2441">#2441</a>: Shut down store url rewrite helpers on squid -k reconfigure</LI> +<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=2464">#2464</a>: assertion failed: sc->new_callback == NULL at store_client.c:190</LI> +<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=2394">#2394</a>: add upgrade_http0.9 option making it possible to disable upgrade of HTTP/0.9 responses</LI> +<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=2426">#2426</a>: Increase negotiate auth token buffer size</LI> +<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=2468">#2468</a>: Limit stale-if-error to 500-504 responses</LI> +<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=2477">#2477</a>: swap.state permission issues if crashing during "squid -k reconfigure"</LI> +<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=2430">#2430</a>: Old headers sometimes still returned after a cache validation</LI> +<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=2481">#2481</a>: Don't set expires: now in generated error responses</LI> +<LI>Windows port: Fix build error using latest MinGW runtime.</LI> +<LI>See also the list of +<A HREF="http://www.squid-cache.org/Versions/v2/2.7/changesets/SQUID_2_7_STABLE5.html">squid-2.7.STABLE5 changes</A> and the +<A HREF="ChangeLog">ChangeLog</A> file for details.</LI> </UL> </P> diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.7.STABLE4/src/auth/negotiate/auth_negotiate.c new/squid-2.7.STABLE5/src/auth/negotiate/auth_negotiate.c --- old/squid-2.7.STABLE4/src/auth/negotiate/auth_negotiate.c 2007-08-29 00:39:10.000000000 +0200 +++ new/squid-2.7.STABLE5/src/auth/negotiate/auth_negotiate.c 2008-09-29 00:44:36.000000000 +0200 @@ -1,6 +1,6 @@ /* - * $Id: auth_negotiate.c,v 1.12 2007/08/28 22:39:10 hno Exp $ + * $Id: auth_negotiate.c,v 1.12.2.1 2008/09/28 22:44:36 hno Exp $ * * DEBUG: section 29 Negotiate Authenticator * AUTHOR: Robert Collins @@ -41,6 +41,9 @@ #include "squid.h" #include "auth_negotiate.h" +// Maximum length (buffer size) for token strings. +#define MAX_AUTHTOKEN_LEN 32768 + extern AUTHSSETUP authSchemeSetup_negotiate; static void @@ -573,7 +576,7 @@ authenticateNegotiateStart(auth_user_request_t * auth_user_request, RH * handler, void *data) { authenticateStateData *r = NULL; - char buf[8192]; + char buf[MAX_AUTHTOKEN_LEN]; char *sent_string = NULL; negotiate_user_t *negotiate_user; negotiate_request_t *negotiate_request; @@ -606,9 +609,9 @@ r->auth_user_request = auth_user_request; authenticateAuthUserRequestLock(r->auth_user_request); if (negotiate_request->auth_state == AUTHENTICATE_STATE_INITIAL) { - snprintf(buf, 8192, "YR %s\n", sent_string); + snprintf(buf, MAX_AUTHTOKEN_LEN, "YR %s\n", sent_string); } else { - snprintf(buf, 8192, "KK %s\n", sent_string); + snprintf(buf, MAX_AUTHTOKEN_LEN, "KK %s\n", sent_string); } negotiate_request->waiting = 1; safe_free(negotiate_request->client_blob); diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.7.STABLE4/src/cf.data.pre new/squid-2.7.STABLE5/src/cf.data.pre --- old/squid-2.7.STABLE4/src/cf.data.pre 2008-07-10 11:47:28.000000000 +0200 +++ new/squid-2.7.STABLE5/src/cf.data.pre 2008-09-25 04:33:37.000000000 +0200 @@ -1,6 +1,6 @@ # -# $Id: cf.data.pre,v 1.450.2.26 2008/07/10 09:47:28 hno Exp $ +# $Id: cf.data.pre,v 1.450.2.28 2008/09/25 02:33:37 hno Exp $ # # SQUID Web Proxy Cache http://www.squid-cache.org/ # ---------------------------------------------------------- @@ -3253,6 +3253,29 @@ broken_posts allow buggy_server DOC_END +NAME: upgrade_http0.9 +TYPE: acl_access +DEFAULT: none +LOC: Config.accessList.upgrade_http09 +DOC_START + This access list controls when HTTP/0.9 responses is upgraded + to our current HTTP version. The default is to always upgrade. + + Some applications expect to be able to respond with non-HTTP + responses and clients gets confused if the response is upgraded. + For example SHOUTcast servers used for mp3 streaming. + + To enable some flexibility in detection of such applications + the first line of the response is available in the internal header + X-HTTP09-First-Line for use in the rep_header acl. + +NOCOMMENT_START +# Don't upgrade ShoutCast responses to HTTP +acl shoutcast rep_header X-HTTP09-First-Line ^ICY\s[0-9] +upgrade_http0.9 deny shoutcast +NOCOMMENT_END +DOC_END + NAME: via IFDEF: HTTP_VIOLATIONS COMMENT: on|off @@ -3538,7 +3561,7 @@ When using the concurrency option, the protocol is changed by introducing a query channel tag infront of the request/response. The query channel - tag is a number between 0 and concurrency−1. + tag is a number between 0 and concurrency-1. FORMAT specifications: @@ -3570,7 +3593,7 @@ present, the supplied value completely replaces the cached value. - In the event of a helper−related error (e.g., overload), Squid + In the event of a helper-related error (e.g., overload), Squid will always default to STALE. DOC_END diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.7.STABLE4/src/client_side.c new/squid-2.7.STABLE5/src/client_side.c --- old/squid-2.7.STABLE4/src/client_side.c 2008-07-21 22:43:27.000000000 +0200 +++ new/squid-2.7.STABLE5/src/client_side.c 2008-10-06 23:27:44.000000000 +0200 @@ -1,6 +1,6 @@ /* - * $Id: client_side.c,v 1.754.2.21 2008/07/21 20:43:27 hno Exp $ + * $Id: client_side.c,v 1.754.2.24 2008/10/06 21:27:44 hno Exp $ * * DEBUG: section 33 Client-side Routines * AUTHOR: Duane Wessels @@ -927,10 +927,11 @@ /* the client can handle this reply, whatever it is */ http->flags.hit = 0; http->log_type = LOG_TCP_REFRESH_MISS; - if (HTTP_NOT_MODIFIED == rep->sline.status) { + if (HTTP_NOT_MODIFIED == rep->sline.status && http->request->flags.cache_validation) { httpReplyUpdateOnNotModified(http->old_entry->mem_obj->reply, rep); storeTimestampsSet(http->old_entry); + storeUpdate(http->old_entry, http->request); if (!EBIT_TEST(http->old_entry->flags, REFRESH_FAILURE)) http->log_type = LOG_TCP_REFRESH_HIT; else @@ -953,6 +954,7 @@ if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) { /* Old object got aborted, not good */ clientProcessMiss(http); + return; } if (recopy) { storeClientCopyHeaders(http->sc, entry, @@ -1941,8 +1943,8 @@ LOCAL_ARRAY(char, bbuf, MAX_URL + 32); String strVia = httpHeaderGetList(hdr, HDR_VIA); snprintf(bbuf, MAX_URL + 32, "%d.%d %s", - http->entry->mem_obj->reply->sline.version.major, - http->entry->mem_obj->reply->sline.version.minor, ThisCache); + rep->sline.version.major, + rep->sline.version.minor, ThisCache); strListAdd(&strVia, bbuf, ','); httpHeaderDelById(hdr, HDR_VIA); httpHeaderPutStr(hdr, HDR_VIA, strBuf(strVia)); @@ -2002,13 +2004,6 @@ /* try to grab the already-parsed header */ rep = httpReplyClone(orig_rep); if (rep->pstate == psParsed) { - if (http->conn->port->http11) { - /* enforce 1.1 reply version */ - httpBuildVersion(&rep->sline.version, 1, 1); - } else { - /* enforce 1.0 reply version */ - httpBuildVersion(&rep->sline.version, 1, 0); - } /* do header conversions */ clientBuildReplyHeader(http, rep); /* if we do ranges, change status to "Partial Content" */ @@ -3017,17 +3012,41 @@ { HttpReply *rep = http->reply; MemBuf mb; + int send_header = 1; /* reset range iterator */ http->range_iter.pos = HttpHdrRangeInitPos; if (http->request->method == METHOD_HEAD) { /* do not forward body for HEAD replies */ http->flags.done_copying = 1; } + if (http->http_ver.major < 1) + send_header = 0; + if (rep->sline.version.major < 1) { + if (send_header && Config.accessList.upgrade_http09) { + aclCheck_t *checklist = clientAclChecklistCreate(Config.accessList.upgrade_http09, http); + checklist->reply = rep; + if (aclCheckFast(Config.accessList.upgrade_http09, checklist) != 1) + send_header = 0; + aclChecklistFree(checklist); + } + httpHeaderDelById(&rep->header, HDR_X_HTTP09_FIRST_LINE); + } /* init mb; put status line and headers */ - if (http->http_ver.major >= 1) + if (send_header) { + if (http->conn->port->http11) { + /* enforce 1.1 reply version */ + httpBuildVersion(&rep->sline.version, 1, 1); + } else { + /* enforce 1.0 reply version */ + httpBuildVersion(&rep->sline.version, 1, 0); + } mb = httpReplyPack(rep); - else + } else { + debug(33, 2) ("HTTP/0.9 response, disable everything\n"); + http->request->flags.chunked_response = 0; + http->request->flags.proxy_keepalive = 0; memBufDefInit(&mb); + } if (Config.onoff.log_mime_hdrs) { http->al.headers.reply = xmalloc(mb.size + 1); xstrncpy(http->al.headers.reply, mb.buf, mb.size); diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.7.STABLE4/src/enums.h new/squid-2.7.STABLE5/src/enums.h --- old/squid-2.7.STABLE4/src/enums.h 2008-05-27 14:49:39.000000000 +0200 +++ new/squid-2.7.STABLE5/src/enums.h 2008-09-25 04:33:37.000000000 +0200 @@ -1,6 +1,6 @@ /* - * $Id: enums.h,v 1.245.2.2 2008/05/27 12:49:39 hno Exp $ + * $Id: enums.h,v 1.245.2.3 2008/09/25 02:33:37 hno Exp $ * * * SQUID Web Proxy Cache http://www.squid-cache.org/ @@ -261,6 +261,7 @@ #endif HDR_X_ERROR_URL, /* errormap, requested URL */ HDR_X_ERROR_STATUS, /* errormap, received HTTP status line */ + HDR_X_HTTP09_FIRST_LINE, /* internal, first line of HTTP/0.9 response */ HDR_FRONT_END_HTTPS, HDR_PROXY_SUPPORT, HDR_KEEP_ALIVE, diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.7.STABLE4/src/errorpage.c new/squid-2.7.STABLE5/src/errorpage.c --- old/squid-2.7.STABLE4/src/errorpage.c 2007-11-21 16:06:13.000000000 +0100 +++ new/squid-2.7.STABLE5/src/errorpage.c 2008-10-13 18:32:35.000000000 +0200 @@ -1,6 +1,6 @@ /* - * $Id: errorpage.c,v 1.193 2007/11/21 15:06:13 hno Exp $ + * $Id: errorpage.c,v 1.193.2.1 2008/10/13 16:32:35 hno Exp $ * * DEBUG: section 4 Error Generation * AUTHOR: Duane Wessels @@ -628,7 +628,7 @@ /* no LMT for error pages; error pages expire immediately */ if (strchr(name, ':')) { /* Redirection */ - httpReplySetHeaders(rep, HTTP_MOVED_TEMPORARILY, NULL, "text/html", 0, -1, squid_curtime); + httpReplySetHeaders(rep, HTTP_MOVED_TEMPORARILY, NULL, "text/html", 0, -1, -1); if (err->request) { char *quoted_url = rfc1738_escape_part(urlCanonical(err->request)); httpHeaderPutStrf(&rep->header, HDR_LOCATION, name, quoted_url); @@ -636,7 +636,7 @@ httpHeaderPutStrf(&rep->header, HDR_X_SQUID_ERROR, "%d %s", err->http_status, "Access Denied"); } else { MemBuf content = errorBuildContent(err); - httpReplySetHeaders(rep, err->http_status, NULL, "text/html", content.size, -1, squid_curtime); + httpReplySetHeaders(rep, err->http_status, NULL, "text/html", content.size, -1, -1); /* * include some information for downstream caches. Implicit * replaceable content. This isn't quite sufficient. xerrno is not diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.7.STABLE4/src/http.c new/squid-2.7.STABLE5/src/http.c --- old/squid-2.7.STABLE4/src/http.c 2008-06-26 00:14:02.000000000 +0200 +++ new/squid-2.7.STABLE5/src/http.c 2008-09-25 04:33:37.000000000 +0200 @@ -1,6 +1,6 @@ /* - * $Id: http.c,v 1.439.2.6 2008/06/25 22:14:02 hno Exp $ + * $Id: http.c,v 1.439.2.7 2008/09/25 02:33:37 hno Exp $ * * DEBUG: section 11 Hypertext Transfer Protocol (HTTP) * AUTHOR: Harvest Derived @@ -432,6 +432,18 @@ hdr_len = httpState->reply_hdr.size; if (hdr_len > 4 && strncmp(httpState->reply_hdr.buf, "HTTP/", 5)) { debug(11, 3) ("httpProcessReplyHeader: Non-HTTP-compliant header: '%s'\n", httpState->reply_hdr.buf); + { + char *t, *t2; + t = xstrdup(httpState->reply_hdr.buf); + t2 = strchr(t, '\n'); + if (t2) + *t2 = '\0'; + t2 = strchr(t, '\r'); + if (t2) + *t2 = '\0'; + httpHeaderPutStr(&reply->header, HDR_X_HTTP09_FIRST_LINE, t); + safe_free(t); + } httpState->reply_hdr_state += 2; httpState->chunk_size = -1; /* Terminated by EOF */ httpState->reply_hdr.size = old_size; @@ -972,7 +984,6 @@ } else if (s == HTTP_INVALID_HEADER) { MemBuf mb; HttpReply *reply = entry->mem_obj->reply; - httpReplyReset(reply); httpBuildVersion(&reply->sline.version, 0, 9); reply->sline.status = HTTP_OK; httpHeaderPutTime(&reply->header, HDR_DATE, squid_curtime); diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.7.STABLE4/src/HttpHeader.c new/squid-2.7.STABLE5/src/HttpHeader.c --- old/squid-2.7.STABLE4/src/HttpHeader.c 2007-12-21 10:50:19.000000000 +0100 +++ new/squid-2.7.STABLE5/src/HttpHeader.c 2008-09-25 04:33:37.000000000 +0200 @@ -1,6 +1,6 @@ /* - * $Id: HttpHeader.c,v 1.99 2007/12/21 09:50:19 adrian Exp $ + * $Id: HttpHeader.c,v 1.99.2.1 2008/09/25 02:33:37 hno Exp $ * * DEBUG: section 55 HTTP Header * AUTHOR: Alex Rousskov @@ -129,6 +129,7 @@ {"X-Forwarded-For", HDR_X_FORWARDED_FOR, ftStr}, {"X-Request-URI", HDR_X_REQUEST_URI, ftStr}, {"X-Squid-Error", HDR_X_SQUID_ERROR, ftStr}, + {"X-HTTP09-First-Line", HDR_X_HTTP09_FIRST_LINE, ftStr}, {"Negotiate", HDR_NEGOTIATE, ftStr}, #if X_ACCELERATOR_VARY {"X-Accelerator-Vary", HDR_X_ACCELERATOR_VARY, ftStr}, diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.7.STABLE4/src/main.c new/squid-2.7.STABLE5/src/main.c --- old/squid-2.7.STABLE4/src/main.c 2008-05-27 01:14:30.000000000 +0200 +++ new/squid-2.7.STABLE5/src/main.c 2008-09-25 04:21:52.000000000 +0200 @@ -1,6 +1,6 @@ /* - * $Id: main.c,v 1.403.2.2 2008/05/26 23:14:30 hno Exp $ + * $Id: main.c,v 1.403.2.3 2008/09/25 02:21:52 hno Exp $ * * DEBUG: section 1 Startup and Main Loop * AUTHOR: Harvest Derived @@ -467,6 +467,7 @@ dnsShutdown(); #endif redirectShutdown(); + storeurlShutdown(); locationRewriteShutdown(); authenticateShutdown(); externalAclShutdown(); @@ -1105,6 +1106,7 @@ redirectShutdown(); externalAclShutdown(); refreshCheckShutdown(); + storeurlShutdown(); locationRewriteShutdown(); icpConnectionClose(); #if USE_HTCP diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.7.STABLE4/src/store.c new/squid-2.7.STABLE5/src/store.c --- old/squid-2.7.STABLE4/src/store.c 2008-07-18 02:44:02.000000000 +0200 +++ new/squid-2.7.STABLE5/src/store.c 2008-10-06 23:26:42.000000000 +0200 @@ -1,6 +1,6 @@ /* - * $Id: store.c,v 1.584.2.6 2008/07/18 00:44:02 hno Exp $ + * $Id: store.c,v 1.584.2.7 2008/10/06 21:26:42 hno Exp $ * * DEBUG: section 20 Storage Manager * AUTHOR: Harvest Derived @@ -1677,10 +1677,12 @@ { StoreEntry *oe = e->mem_obj->old_entry; time_t expires = e->expires; + http_status status = e->mem_obj->reply->sline.status; refresh_cc cc = refreshCC(e, e->mem_obj->request); if (expires == -1) expires = squid_curtime + cc.negative_ttl; - if (oe && !EBIT_TEST(oe->flags, KEY_PRIVATE) && !EBIT_TEST(oe->flags, ENTRY_REVALIDATE)) { + if (status && oe && !EBIT_TEST(oe->flags, KEY_PRIVATE) && !EBIT_TEST(oe->flags, ENTRY_REVALIDATE) && + 500 <= status && status <= 504) { HttpHdrCc *oldcc = oe->mem_obj->reply->cache_control; if (oldcc && EBIT_TEST(oldcc->mask, CC_STALE_IF_ERROR) && oldcc->stale_if_error >= 0) cc.max_stale = oldcc->stale_if_error; diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.7.STABLE4/src/store_rebuild.c new/squid-2.7.STABLE5/src/store_rebuild.c --- old/squid-2.7.STABLE4/src/store_rebuild.c 2007-09-02 01:09:32.000000000 +0200 +++ new/squid-2.7.STABLE5/src/store_rebuild.c 2008-10-06 23:25:45.000000000 +0200 @@ -1,6 +1,6 @@ /* - * $Id: store_rebuild.c,v 1.80 2007/09/01 23:09:32 hno Exp $ + * $Id: store_rebuild.c,v 1.80.2.2 2008/10/06 21:25:45 hno Exp $ * * DEBUG: section 20 Store Rebuild Routines * AUTHOR: Duane Wessels @@ -67,8 +67,10 @@ StoreEntry *e; hash_link *link_ptr = NULL; hash_link *link_next = NULL; + int limit = opt_foreground_rebuild ? 1 << 30 : 500; validnum_start = validnum; - while (validnum - validnum_start < 500) { + + while (validnum - validnum_start < limit) { if (++bucketnum >= store_hash_buckets) { debug(20, 1) (" Completed Validation Procedure\n"); debug(20, 1) (" Validated %d Entries\n", validnum); diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.7.STABLE4/src/structs.h new/squid-2.7.STABLE5/src/structs.h --- old/squid-2.7.STABLE4/src/structs.h 2008-07-21 22:18:50.000000000 +0200 +++ new/squid-2.7.STABLE5/src/structs.h 2008-09-25 04:33:37.000000000 +0200 @@ -1,6 +1,6 @@ /* - * $Id: structs.h,v 1.538.2.15 2008/07/21 20:18:50 hno Exp $ + * $Id: structs.h,v 1.538.2.16 2008/09/25 02:33:37 hno Exp $ * * * SQUID Web Proxy Cache http://www.squid-cache.org/ @@ -737,6 +737,7 @@ #endif acl_access *vary_encoding; acl_access *auth_ip_shortcircuit; + acl_access *upgrade_http09; } accessList; acl_deny_info_list *denyInfoList; struct _authConfig { diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.7.STABLE4/src/tools.c new/squid-2.7.STABLE5/src/tools.c --- old/squid-2.7.STABLE4/src/tools.c 2008-05-31 22:37:22.000000000 +0200 +++ new/squid-2.7.STABLE5/src/tools.c 2008-10-06 23:27:17.000000000 +0200 @@ -1,6 +1,6 @@ /* - * $Id: tools.c,v 1.260.2.4 2008/05/31 20:37:22 hno Exp $ + * $Id: tools.c,v 1.260.2.5 2008/10/06 21:27:17 hno Exp $ * * DEBUG: section 21 Misc Functions * AUTHOR: Harvest Derived @@ -396,6 +396,7 @@ void fatal(const char *message) { + leave_suid(); releaseServerSockets(); /* check for store_dirs_rebuilding because fatal() is often * used in early initialization phases, long before we ever @@ -444,6 +445,7 @@ void fatal_dump(const char *message) { + leave_suid(); failure_notify = NULL; releaseServerSockets(); if (message) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org