Hello community,
here is the log from the commit of package squid
checked in at Fri Feb 2 15:53:15 CET 2007.
--------
--- squid/squid.changes 2007-01-22 18:17:45.000000000 +0100
+++ /mounts/work_src_done/STABLE/squid/squid.changes 2007-01-31 21:14:18.859653000 +0100
@@ -1,0 +2,17 @@
+Wed Jan 31 21:11:28 CET 2007 - kssingvo@suse.de
+
+- upgrade to 2.6.STABLE9 with this fixes:
+ * Date parsing error causing objects to get unexpectedly cached.
+ Problem introduced in 2.6.STABLE6.
+ * authenticateNTLMFixErrorHeader: state 4. NTLM & Negotiate
+ instability introduced in 2.6.STABLE6.
+ * Primitive support for HTTP/1.1 chunked encoding, working around
+ broken servers sending chunked encoding in response to HTTP/1.0
+ requests.
+ * STALE: Entry's timestamp greater than check time. Clock going
+ backwards?
+ * Don't update object timestamps on a failed revalidation.
+ * If-Modified-Since broken in 2.6.STABLE8
+ * diskd bug in storeDiskdIOCallback()
+
+-------------------------------------------------------------------
Old:
----
squid-2.6.STABLE7-RELEASENOTES.html
squid-2.6.STABLE7.tar.bz2
New:
----
squid-2.6.STABLE9-RELEASENOTES.html
squid-2.6.STABLE9.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ squid.spec ++++++
--- /var/tmp/diff_new_pack.GK7279/_old 2007-02-02 15:47:35.000000000 +0100
+++ /var/tmp/diff_new_pack.GK7279/_new 2007-02-02 15:47:35.000000000 +0100
@@ -1,5 +1,5 @@
#
-# spec file for package squid (Version 2.6.STABLE7)
+# spec file for package squid (Version 2.6.STABLE9)
#
# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine
@@ -16,8 +16,8 @@
BuildRequires: valgrind
%endif
Summary: Squid WWW proxy server
-Version: 2.6.STABLE7
-Release: 2
+Version: 2.6.STABLE9
+Release: 1
License: GNU General Public License (GPL)
URL: http://www.squid-cache.org
Group: Productivity/Networking/Web/Proxy
@@ -405,6 +405,20 @@
%doc README.ip_user
%changelog -n squid
+* Wed Jan 31 2007 - kssingvo@suse.de
+- upgrade to 2.6.STABLE9 with this fixes:
+ * Date parsing error causing objects to get unexpectedly cached.
+ Problem introduced in 2.6.STABLE6.
+ * authenticateNTLMFixErrorHeader: state 4. NTLM & Negotiate
+ instability introduced in 2.6.STABLE6.
+ * Primitive support for HTTP/1.1 chunked encoding, working around
+ broken servers sending chunked encoding in response to HTTP/1.0
+ requests.
+ * STALE: Entry's timestamp greater than check time. Clock going
+ backwards?
+ * Don't update object timestamps on a failed revalidation.
+ * If-Modified-Since broken in 2.6.STABLE8
+ * diskd bug in storeDiskdIOCallback()
* Mon Jan 22 2007 - kssingvo@suse.de
- reinjected SAMBAPREFIX into specfile (bugzilla#236317)
* Thu Jan 18 2007 - kssingvo@suse.de
++++++ squid-2.6.STABLE7.tar.bz2 -> squid-2.6.STABLE9.tar.bz2 ++++++
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.6.STABLE7/ChangeLog new/squid-2.6.STABLE9/ChangeLog
--- old/squid-2.6.STABLE7/ChangeLog 2007-01-13 17:19:58.000000000 +0100
+++ new/squid-2.6.STABLE9/ChangeLog 2007-01-24 03:06:04.000000000 +0100
@@ -1,3 +1,27 @@
+Changes to squid-2.6.STABLE9 (Jan 24 2007)
+
+ - Bug #1878: If-Modified-Since broken in 2.6.STABLE8
+ - Bug #1877 diskd bug in storeDiskdIOCallback()
+
+Changes to squid-2.6.STABLE8 (Jan 21 2007)
+
+ - Bug #1873: authenticateNTLMFixErrorHeader: state 4.
+ - Document the https_port vhost option, useful in combination with
+ a wildcard certificate
+ - Document the existence of connection pinning / forwarding of NTLM
+ auth and a few other features overlooked in the release notes.
+ - Spelling correction of the ssl cache_peer option
+ - Add back the optional "accel" http_port option. Makes accelerator
+ mode configurations easier to read.
+ - Bug #1872: Date parsing error causing objects to get unexpectedly
+ cached.
+ - Cleanup to have the access.log tags autogenerated from enums.h
+ - Bug #1783: STALE: Entry's timestamp greater than check time. Clock
+ going backwards?
+ - Don't update object timestamps on a failed revalidation.
+ - Fix how ftp://user@host URLs is rendered when Squid is built with
+ leak checking enabled
+
Changes to squid-2.6.STABLE7 (Jan 13 2007)
- Windows port: Fix intermittent build error using Visual Studio
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.6.STABLE7/configure new/squid-2.6.STABLE9/configure
--- old/squid-2.6.STABLE7/configure 2007-01-13 17:22:10.000000000 +0100
+++ new/squid-2.6.STABLE9/configure 2007-01-24 03:07:43.000000000 +0100
@@ -1,7 +1,7 @@
#! /bin/sh
-# From configure.in Revision: 1.416 .
+# From configure.in Revision: 1.416.2.2 .
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.59 for Squid Web Proxy 2.6.STABLE7.
+# Generated by GNU Autoconf 2.59 for Squid Web Proxy 2.6.STABLE9.
#
# Report bugs to http://www.squid-cache.org/bugs/.
#
@@ -270,8 +270,8 @@
# Identity of this package.
PACKAGE_NAME='Squid Web Proxy'
PACKAGE_TARNAME='squid'
-PACKAGE_VERSION='2.6.STABLE7'
-PACKAGE_STRING='Squid Web Proxy 2.6.STABLE7'
+PACKAGE_VERSION='2.6.STABLE9'
+PACKAGE_STRING='Squid Web Proxy 2.6.STABLE9'
PACKAGE_BUGREPORT='http://www.squid-cache.org/bugs/'
ac_default_prefix=/usr/local/squid
@@ -781,7 +781,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures Squid Web Proxy 2.6.STABLE7 to adapt to many kinds of systems.
+\`configure' configures Squid Web Proxy 2.6.STABLE9 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -847,7 +847,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of Squid Web Proxy 2.6.STABLE7:";;
+ short | recursive ) echo "Configuration of Squid Web Proxy 2.6.STABLE9:";;
esac
cat <<\_ACEOF
@@ -1158,7 +1158,7 @@
test -n "$ac_init_help" && exit 0
if $ac_init_version; then
cat <<\_ACEOF
-Squid Web Proxy configure 2.6.STABLE7
+Squid Web Proxy configure 2.6.STABLE9
generated by GNU Autoconf 2.59
Copyright (C) 2003 Free Software Foundation, Inc.
@@ -1172,7 +1172,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by Squid Web Proxy $as_me 2.6.STABLE7, which was
+It was created by Squid Web Proxy $as_me 2.6.STABLE9, which was
generated by GNU Autoconf 2.59. Invocation command line was
$ $0 $@
@@ -1818,7 +1818,7 @@
# Define the identity of the package.
PACKAGE='squid'
- VERSION='2.6.STABLE7'
+ VERSION='2.6.STABLE9'
cat >>confdefs.h <<_ACEOF
@@ -18494,7 +18494,7 @@
} >&5
cat >&5 <<_CSEOF
-This file was extended by Squid Web Proxy $as_me 2.6.STABLE7, which was
+This file was extended by Squid Web Proxy $as_me 2.6.STABLE9, which was
generated by GNU Autoconf 2.59. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -18557,7 +18557,7 @@
cat >>$CONFIG_STATUS <<_ACEOF
ac_cs_version="\\
-Squid Web Proxy config.status 2.6.STABLE7
+Squid Web Proxy config.status 2.6.STABLE9
configured by $0, generated by GNU Autoconf 2.59,
with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\"
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.6.STABLE7/configure.in new/squid-2.6.STABLE9/configure.in
--- old/squid-2.6.STABLE7/configure.in 2007-01-13 17:22:10.000000000 +0100
+++ new/squid-2.6.STABLE9/configure.in 2007-01-24 03:07:43.000000000 +0100
@@ -1,16 +1,16 @@
dnl
dnl Configuration input file for Squid
dnl
-dnl $Id: configure.in,v 1.416 2007/01/13 16:11:40 hno Exp $
+dnl $Id: configure.in,v 1.416.2.2 2007/01/24 02:06:04 hno Exp $
dnl
dnl
dnl
-AC_INIT(Squid Web Proxy, 2.6.STABLE7, http://www.squid-cache.org/bugs/, squid)
+AC_INIT(Squid Web Proxy, 2.6.STABLE9, http://www.squid-cache.org/bugs/, squid)
AC_PREREQ(2.52)
AM_CONFIG_HEADER(include/autoconf.h)
AC_CONFIG_AUX_DIR(cfgaux)
AM_INIT_AUTOMAKE
-AC_REVISION($Revision: 1.416 $)dnl
+AC_REVISION($Revision: 1.416.2.2 $)dnl
AC_PREFIX_DEFAULT(/usr/local/squid)
AM_MAINTAINER_MODE
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.6.STABLE7/include/version.h new/squid-2.6.STABLE9/include/version.h
--- old/squid-2.6.STABLE7/include/version.h 2007-01-13 17:22:10.000000000 +0100
+++ new/squid-2.6.STABLE9/include/version.h 2007-01-24 03:07:43.000000000 +0100
@@ -9,5 +9,5 @@
*/
#ifndef SQUID_RELEASE_TIME
-#define SQUID_RELEASE_TIME 1168705326
+#define SQUID_RELEASE_TIME 1169604460
#endif
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.6.STABLE7/lib/rfc1123.c new/squid-2.6.STABLE9/lib/rfc1123.c
--- old/squid-2.6.STABLE7/lib/rfc1123.c 2006-11-29 16:54:58.000000000 +0100
+++ new/squid-2.6.STABLE9/lib/rfc1123.c 2007-01-19 00:25:41.000000000 +0100
@@ -1,6 +1,6 @@
/*
- * $Id: rfc1123.c,v 1.36 2006/11/29 15:54:58 hno Exp $
+ * $Id: rfc1123.c,v 1.37 2007/01/18 23:25:41 hno Exp $
*
* DEBUG:
* AUTHOR: Harvest Derived
@@ -119,7 +119,7 @@
return 0;
if (tm->tm_mon < 0 || tm->tm_mon > 11)
return 0;
- return mktime(tm) != -1;
+ return 1;
}
static struct tm *
@@ -219,14 +219,14 @@
t = timegm(tm);
#elif HAVE_TM_GMTOFF
t = mktime(tm);
- {
+ if (t != -1) {
struct tm *local = localtime(&t);
t += local->tm_gmtoff;
}
#else
/* some systems do not have tm_gmtoff so we fake it */
t = mktime(tm);
- {
+ if (t != -1) {
time_t dst = 0;
#if defined (_TIMEZONE)
#elif defined (_timezone)
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.6.STABLE7/RELEASENOTES.html new/squid-2.6.STABLE9/RELEASENOTES.html
--- old/squid-2.6.STABLE7/RELEASENOTES.html 2007-01-13 17:22:42.000000000 +0100
+++ new/squid-2.6.STABLE9/RELEASENOTES.html 2007-01-24 03:08:14.000000000 +0100
@@ -2,12 +2,12 @@
<HTML>
<HEAD>
<META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.21">
- <TITLE>Squid 2.6.STABLE7 release notes</TITLE>
+ <TITLE>Squid 2.6.STABLE8 release notes</TITLE>
</HEAD>
<BODY>
-<H1>Squid 2.6.STABLE7 release notes</H1>
+<H1>Squid 2.6.STABLE8 release notes</H1>
-<H2>Squid Developers</H2>$Id: release-2.6.html,v 1.40 2007/01/13 16:19:58 hno Exp $
+<H2>Squid Developers</H2>$Id: release-2.6.html,v 1.44.2.2 2007/01/24 02:06:05 hno Exp $
<HR>
<EM>This document contains the release notes for version 2.6 of Squid.
Squid is a WWW Cache application developed by the Web Caching community.</EM>
@@ -48,6 +48,12 @@
<P>
<H2><A NAME="toc12">12.</A> <A HREF="#s12">Key changes squid-2.6.STABLE6 to 2.6.STABLE7</A></H2>
+<P>
+<H2><A NAME="toc13">13.</A> <A HREF="#s13">Key changes squid-2.6.STABLE7 to 2.6.STABLE8</A></H2>
+
+<P>
+<H2><A NAME="toc14">14.</A> <A HREF="#s14">Key changes squid-2.6.STABLE8 to 2.6.STABLE9</A></H2>
+
<HR>
<H2><A NAME="s1">1.</A> <A HREF="#toc1">Key changes from squid 2.5</A></H2>
@@ -108,6 +114,17 @@
</LI>
<LI>HTCP significantly cleaned up and added support for the CLR operation to purge contents from the cache</LI>
<LI>Support for parsing X-Forwarded-For headers allowing access controls to be based on the real client IP even if behind secondary proxies</LI>
+<LI>Support for proxying of Microsoft Integrated Login (NTLM & Negotiate) connection oriented authentication schemes, enabling access to servers or proxies using such authentication methods.</LI>
+<LI>Support for the Linux TPROXY patch allowing Squid to masquerade using the clients original IP address</LI>
+<LI>urlgroups, tagging URLs for redirection and access controls, and divides the cache allowing different users to get different results for the same URL.</LI>
+<LI>Optional automatic monotoring of cache peers and configured origin servers</LI>
+<LI>SSL client support, allowing both http->https gatewaying and SSL encrypted peers (both origin servers and proxies).</LI>
+<LI>Full ETag/Vary based caching, allowing efficient caching of server driven content negotiation.</LI>
+<LI>Customizable access log format</LI>
+<LI>Selective access logging, and ability to log to more than access log possibly in different formats</LI>
+<LI>New more efficient helper protocol allowing for multiple concurrent lookups to the same helper</LI>
+<LI>Ability to rewrite Location headers (redirects sent by servers)</LI>
+<LI></LI>
</UL>
</P>
@@ -117,6 +134,7 @@
<DL>
<DT><B>http_port</B><DD><P>Now takes a list of options in addition to the port address, specifying the purpose of this http_port. Default is plain Internet proxy as usual.</P>
<DT><B>httpd_accel_* for transparent proxy</B><DD><P>Now implemented by the "transparent" http_port option</P>
+<DT><B>httpd_accel_* for accelerator mode</B><DD><P>Nov implemented by other options. See individual directives below.</P>
<DT><B>httpd_accel_host</B><DD><P>Replaced by defaultsite http_port option and cache_peer originserver option.</P>
<DT><B>httpd_accel_port</B><DD><P>No longer needed. Server port defined by the cache_peer port.</P>
<DT><B>httpd_accel_uses_host_header</B><DD><P>Replaced by vhost http_port option</P>
@@ -146,7 +164,7 @@
<DT><B>auth_param negotiate</B><DD><P>New Negotiate authentication scheme, the "next generation" scheme in the family of Microsoft authentication.</P>
<DT><B>external_acl_type</B><DD><P>Many new format options %SRCPORT, %MYADDR, %MYPORT, %PATH, %USER_CERT, %ACL, %DATA and a few variants. Helper protocol defaults to the simpler "3.0" protocol, and there is support for a highly efficient protocol via the concurrency= option if supported by the helper.</P>
<DT><B>refresh_pattern</B><DD><P>Several new HTTP override/ignore options</P>
-<DT><B>read_ahead_gap</B><DD><P>New directive to set the response buffer size. </P>
+<DT><B>read_ahead_gap</B><DD><P>New directive to set the response buffer size.</P>
<DT><B>collapsed_forwarding</B><DD><P>New directive to enable an alternative optimized forwarding path when there is very many concurrent requests for the same URL.</P>
<DT><B>refresh_stale_hit</B><DD><P>New directive similar to collapsed_forwarding and activates an alternative optimized request processing when there is very many concurrent requests for the same recently expired URL.</P>
<DT><B>acl urlgroup</B><DD><P>New acl class</P>
@@ -165,7 +183,8 @@
<DT><B>minimum_expiry_time</B><DD><P>tune the magic 60 seconds limit of what is considered cachable when the object doesn't have any cache validators. (2.6.STABLE2)</P>
<DT><B>wccp2_rebuild_wait</B><DD><P>make Squid delay registering with a WCCP router until store rebuild have finished. Default on. (2.6.STABLE2)</P>
<DT><B>wccp2_weight</B><DD><P>Cache server load weigth in the cluster. (2.6.STABLE4)</P>
-
+<DT><B>check_hostnames</B><DD><P>Control if Squid should check the sanity of host names before trying to look them up in DNS</P>
+<DT><B>allow_underscores</B><DD><P>Control if _ is to be considered a valid character in hostnames or not</P>
</DL>
</P>
@@ -184,7 +203,6 @@
<P>
<UL>
<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=1420">#1420</a>: 302 responses with an Expires header is always cached</LI>
-<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=1584">#1584</a>: WCCPv2 unable to register with more than one router on Linux</LI>
<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=1059">#1059</a>: mime.conf and referenced icons must be within chroot</LI>
<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=692">#692</a>: tcp_outgoing_address using an ident ACL does not work</LI>
<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=581">#581</a>: acl max_user_ip and multiple authentication schemes</LI>
@@ -557,5 +575,34 @@
<A HREF="ChangeLog">ChangeLog</A> file for details.</LI>
</UL>
</P>
+
+<H2><A NAME="s13">13.</A> <A HREF="#toc13">Key changes squid-2.6.STABLE7 to 2.6.STABLE8</A></H2>
+
+<P>
+<UL>
+<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=1872">#1872</a>: Date parsing error causing objects to get unexpectedly cached. Problem introduced in 2.6.STABLE6.</LI>
+<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=1873">#1873</a>: authenticateNTLMFixErrorHeader: state 4. NTLM &
+Negotiate instability introduced in 2.6.STABLE6.</LI>
+<LI>Primitive support for HTTP/1.1 chunked encoding, working around broken servers sending chunked encoding in response to HTTP/1.0 requests.</LI>
+<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=1783">#1783</a>: STALE: Entry's timestamp greater than check time. Clock going backwards?</LI>
+<LI>Don't update object timestamps on a failed revalidation.</LI>
+<LI>a number of other minor and cosmetic bugfixes. See the list of
+<A HREF="http://www.squid-cache.org/Versions/v2/2.6/changesets/SQUID_2_6_STABLE8.html">squid-2.6.STABLE8 changes</A> and the
+<A HREF="ChangeLog">ChangeLog</A> file for details.</LI>
+</UL>
+</P>
+
+<H2><A NAME="s14">14.</A> <A HREF="#toc14">Key changes squid-2.6.STABLE8 to 2.6.STABLE9</A></H2>
+
+<P>
+<UL>
+<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=1878">#1878</a>: If-Modified-Since broken in 2.6.STABLE8</LI>
+<LI>Bug <a href="http://www.squid-cache.org/bugs/show_bug.cgi?id=1877">#1877</a> diskd bug in storeDiskdIOCallback()</LI>
+<LI>See the list of
+<A HREF="http://www.squid-cache.org/Versions/v2/2.6/changesets/SQUID_2_6_STABLE9.html">squid-2.6.STABLE9 changes</A> and the
+<A HREF="ChangeLog">ChangeLog</A> file for details.</LI>
+</UL>
+</P>
+
</BODY>
</HTML>
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.6.STABLE7/src/access_log.c new/squid-2.6.STABLE9/src/access_log.c
--- old/squid-2.6.STABLE7/src/access_log.c 2006-11-04 16:39:26.000000000 +0100
+++ new/squid-2.6.STABLE9/src/access_log.c 2007-01-19 01:19:26.000000000 +0100
@@ -1,6 +1,6 @@
/*
- * $Id: access_log.c,v 1.94 2006/11/04 15:39:26 hno Exp $
+ * $Id: access_log.c,v 1.95 2007/01/19 00:19:26 hno Exp $
*
* DEBUG: section 46 Access Log
* AUTHOR: Duane Wessels
@@ -46,33 +46,6 @@
static void mcast_encode(unsigned int *, size_t, const unsigned int *);
#endif
-const char *log_tags[] =
-{
- "NONE",
- "TCP_HIT",
- "TCP_MISS",
- "TCP_REFRESH_HIT",
- "TCP_REF_FAIL_HIT",
- "TCP_REFRESH_MISS",
- "TCP_CLIENT_REFRESH_MISS",
- "TCP_IMS_HIT",
- "TCP_SWAPFAIL_MISS",
- "TCP_NEGATIVE_HIT",
- "TCP_MEM_HIT",
- "TCP_DENIED",
- "TCP_OFFLINE_HIT",
-#if LOG_TCP_REDIRECTS
- "TCP_REDIRECT",
-#endif
- "UDP_HIT",
- "UDP_MISS",
- "UDP_DENIED",
- "UDP_INVALID",
- "UDP_MISS_NOFETCH",
- "ICP_QUERY",
- "LOG_TYPE_MAX"
-};
-
#if FORW_VIA_DB
typedef struct {
hash_link hash;
@@ -1233,7 +1206,6 @@
accessLogInit(void)
{
customlog *log;
- assert(sizeof(log_tags) == (LOG_TYPE_MAX + 1) * sizeof(char *));
for (log = Config.Log.accesslogs; log; log = log->next) {
if (log->type == CLF_NONE)
continue;
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.6.STABLE7/src/auth/negotiate/auth_negotiate.c new/squid-2.6.STABLE9/src/auth/negotiate/auth_negotiate.c
--- old/squid-2.6.STABLE7/src/auth/negotiate/auth_negotiate.c 2007-01-03 13:17:29.000000000 +0100
+++ new/squid-2.6.STABLE9/src/auth/negotiate/auth_negotiate.c 2007-01-20 22:13:28.000000000 +0100
@@ -1,6 +1,6 @@
/*
- * $Id: auth_negotiate.c,v 1.6 2007/01/03 12:17:29 hno Exp $
+ * $Id: auth_negotiate.c,v 1.7 2007/01/20 21:13:28 hno Exp $
*
* DEBUG: section 29 Negotiate Authenticator
* AUTHOR: Robert Collins
@@ -340,6 +340,7 @@
request->flags.must_keepalive = 1;
break;
case AUTHENTICATE_STATE_FINISHED:
+ case AUTHENTICATE_STATE_DONE:
/* Special case when authentication finished, but not allowed by ACL */
if (negotiate_request->server_blob) {
debug(29, 9) ("authenticateNegotiateFixErrorHeader: Sending type:%d header: 'Negotiate %s'\n", type, negotiate_request->server_blob);
@@ -347,6 +348,7 @@
safe_free(negotiate_request->server_blob);
} else {
debug(29, 9) ("authenticateNegotiateFixErrorHeader: Connection authenticated\n");
+ httpHeaderPutStrf(&rep->header, type, "Negotiate");
}
break;
default:
@@ -369,7 +371,7 @@
type = accel ? HDR_WWW_AUTHENTICATE : HDR_PROXY_AUTHENTICATE;
- debug(29, 9) ("authenticateNegotiateFixErrorHeader: Sending type:%d header: 'Negotiate %s'\n", type, negotiate_request->server_blob);
+ debug(29, 9) ("authenticateNegotiateAddHeader: Sending type:%d header: 'Negotiate %s'\n", type, negotiate_request->server_blob);
httpHeaderPutStrf(&rep->header, type, "Negotiate %s", negotiate_request->server_blob);
safe_free(negotiate_request->server_blob);
}
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.6.STABLE7/src/auth/ntlm/auth_ntlm.c new/squid-2.6.STABLE9/src/auth/ntlm/auth_ntlm.c
--- old/squid-2.6.STABLE7/src/auth/ntlm/auth_ntlm.c 2007-01-03 13:17:30.000000000 +0100
+++ new/squid-2.6.STABLE9/src/auth/ntlm/auth_ntlm.c 2007-01-20 22:13:28.000000000 +0100
@@ -1,6 +1,6 @@
/*
- * $Id: auth_ntlm.c,v 1.36 2007/01/03 12:17:30 hno Exp $
+ * $Id: auth_ntlm.c,v 1.37 2007/01/20 21:13:28 hno Exp $
*
* DEBUG: section 29 NTLM Authenticator
* AUTHOR: Robert Collins
@@ -333,6 +333,7 @@
request->flags.must_keepalive = 1;
break;
case AUTHENTICATE_STATE_FINISHED:
+ case AUTHENTICATE_STATE_DONE:
/* Special case when authentication finished, but not allowed by ACL */
debug(29, 9) ("authenticateNTLMFixErrorHeader: Sending type:%d header: 'NTLM'\n", type);
httpHeaderPutStrf(&rep->header, type, "NTLM");
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.6.STABLE7/src/cache_cf.c new/squid-2.6.STABLE9/src/cache_cf.c
--- old/squid-2.6.STABLE7/src/cache_cf.c 2007-01-09 11:24:41.000000000 +0100
+++ new/squid-2.6.STABLE9/src/cache_cf.c 2007-01-19 00:19:14.000000000 +0100
@@ -1,6 +1,6 @@
/*
- * $Id: cache_cf.c,v 1.462 2007/01/09 10:24:41 hno Exp $
+ * $Id: cache_cf.c,v 1.463 2007/01/18 23:19:14 hno Exp $
*
* DEBUG: section 3 Configuration File Parsing
* AUTHOR: Harvest Derived
@@ -2738,6 +2738,8 @@
} else if (strncmp(token, "vport=", 6) == 0) {
s->vport = xatos(token + 6);
s->accel = 1;
+ } else if (strcmp(token, "accel") == 0) {
+ s->accel = 1;
} else if (strcmp(token, "no-connection-auth") == 0) {
s->no_connection_auth = 1;
} else if (strncmp(token, "urlgroup=", 9) == 0) {
@@ -2752,10 +2754,19 @@
} else {
self_destruct();
}
+}
+
+static void
+verify_http_port_options(http_port_list * s)
+{
if (s->accel && s->transparent) {
debug(28, 0) ("Can't be both a transparent proxy and web server accelerator on the same port\n");
self_destruct();
}
+ if (s->accel && !s->vhost && !s->defaultsite && !s->vport) {
+ debug(28, 0) ("Accelerator mode requires at least one of vhost/vport/defaultsite\n");
+ self_destruct();
+ }
}
static void
@@ -2790,6 +2801,7 @@
while ((token = strtok(NULL, w_space))) {
parse_http_port_option(s, token);
}
+ verify_http_port_options(s);
while (*head)
head = &(*head)->next;
*head = s;
@@ -2802,14 +2814,22 @@
n,
inet_ntoa(s->s.sin_addr),
ntohs(s->s.sin_port));
- if (s->defaultsite)
- storeAppendPrintf(e, " defaultsite=%s", s->defaultsite);
if (s->transparent)
storeAppendPrintf(e, " transparent");
+ if (s->accel)
+ storeAppendPrintf(e, " accel");
+ if (s->defaultsite)
+ storeAppendPrintf(e, " defaultsite=%s", s->defaultsite);
if (s->vhost)
storeAppendPrintf(e, " vhost");
- if (s->vport)
+ if (s->vport == ntohs(s->s.sin_port))
storeAppendPrintf(e, " vport");
+ else if (s->vport)
+ storeAppendPrintf(e, " vport=%d", s->vport);
+ if (s->urlgroup)
+ storeAppendPrintf(e, " urlgroup=%s", s->urlgroup);
+ if (s->protocol)
+ storeAppendPrintf(e, " protocol=%s", s->protocol);
if (s->no_connection_auth)
storeAppendPrintf(e, " no-connection-auth");
#if LINUX_TPROXY
@@ -2914,6 +2934,7 @@
parse_http_port_option(&s->http, token);
}
}
+ verify_http_port_options(&s->http);
while (*head)
head = (https_port_list **) (void *) (&(*head)->http.next);
s->sslContext = sslCreateServerContext(s->cert, s->key, s->version, s->cipher, s->options, s->sslflags, s->clientca, s->cafile, s->capath, s->crlfile, s->dhfile, s->sslcontext);
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.6.STABLE7/src/cf.data.pre new/squid-2.6.STABLE9/src/cf.data.pre
--- old/squid-2.6.STABLE7/src/cf.data.pre 2007-01-13 17:06:42.000000000 +0100
+++ new/squid-2.6.STABLE9/src/cf.data.pre 2007-01-19 23:03:03.000000000 +0100
@@ -1,6 +1,6 @@
#
-# $Id: cf.data.pre,v 1.380 2007/01/13 16:06:42 hno Exp $
+# $Id: cf.data.pre,v 1.382 2007/01/19 22:03:03 hno Exp $
#
#
# SQUID Web Proxy Cache http://www.squid-cache.org/
@@ -83,23 +83,37 @@
You may specify multiple socket addresses on multiple lines.
options are:
+
transparent Support for transparent interception of
outgoing requests without browser settings
+
+ accel Accelerator mode. Also needs at least one
+ of vhost/vport/defaultsite.
+
+ defaultsite= Main web site name for accelerators. Implies
+ accel.
+
vhost Accelerator using the Host header for
- virtual domain support.
- vport Accelerator with IP based virtual host support
+ virtual domain support. Implies accel.
+
+ vport Accelerator with IP based virtual host support.
+ Implies accel.
+
vport= As above, but uses specified port number
- rather than the http_port number.
- defaultsite= Main web site name for accelerators.
+ rather than the http_port number. Implies accel.
+
urlgroup= Default urlgroup to mark requests
with (see also acl urlgroup and
url_rewrite_program)
+
protocol= Protocol to reconstruct accelerated
requests with. Defaults to http.
+
no-connection-auth
Prevent forwarding of Microsoft
connection oriented authentication
(NTLM, Negotiate and Kerberos)
+
tproxy Support Linux TPROXY for spoofing
outgoing connections using the client
IP address.
@@ -135,8 +149,16 @@
Options:
+ accel Accelerator mode. Also needs at least one of
+ defaultsite or vhost.
+
defaultsite= The name of the https site presented on
- this port.
+ this port. Implies accel.
+
+ vhost Domain based virtual host support. Useful
+ in combination with a wildcard certificate or
+ other certificates valid for more than one domain.
+ Implies accel.
urlgroup= Default urlgroup to mark requests with (see
also acl urlgroup and url_rewrite_program)
@@ -596,7 +618,7 @@
is not feasible.
use 'ssl' to indicate that connections to this peer should
- bs SSL/TLS encrypted.
+ be SSL/TLS encrypted.
use 'sslcert=/path/to/ssl/certificate' to specify a client
SSL certificate to use when connecting to this peer.
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.6.STABLE7/src/client_side.c new/squid-2.6.STABLE9/src/client_side.c
--- old/squid-2.6.STABLE7/src/client_side.c 2007-01-06 18:22:45.000000000 +0100
+++ new/squid-2.6.STABLE9/src/client_side.c 2007-01-24 02:38:16.000000000 +0100
@@ -1,6 +1,6 @@
/*
- * $Id: client_side.c,v 1.690 2007/01/06 17:22:45 hno Exp $
+ * $Id: client_side.c,v 1.693.2.2 2007/01/24 01:38:16 hno Exp $
*
* DEBUG: section 33 Client-side Routines
* AUTHOR: Duane Wessels
@@ -983,12 +983,14 @@
oldentry->mem_obj->request = requestLink(mem->request);
unlink_request = 1;
}
- /* Don't memcpy() the whole reply structure here. For example,
- * www.thegist.com (Netscape/1.13) returns a content-length for
- * 304's which seems to be the length of the 304 HEADERS!!! and
- * not the body they refer to. */
- httpReplyUpdateOnNotModified(oldentry->mem_obj->reply, mem->reply);
- storeTimestampsSet(oldentry);
+ if (mem->reply->sline.status == HTTP_NOT_MODIFIED) {
+ /* Don't memcpy() the whole reply structure here. For example,
+ * www.thegist.com (Netscape/1.13) returns a content-length for
+ * 304's which seems to be the length of the 304 HEADERS!!! and
+ * not the body they refer to. */
+ httpReplyUpdateOnNotModified(oldentry->mem_obj->reply, mem->reply);
+ storeTimestampsSet(oldentry);
+ }
storeClientUnregister(http->sc, entry, http);
http->sc = http->old_sc;
storeUnlockObject(entry);
@@ -1663,6 +1665,8 @@
/* this should be a bitmap for better optimization */
if (code == LOG_TCP_HIT)
return 1;
+ if (code == LOG_TCP_STALE_HIT)
+ return 1;
if (code == LOG_TCP_IMS_HIT)
return 1;
if (code == LOG_TCP_REFRESH_FAIL_HIT)
@@ -2058,6 +2062,7 @@
MemObject *mem;
request_t *r = http->request;
int is_modified = -1;
+ int stale;
debug(33, 3) ("clientCacheHit: %s, %d bytes\n", http->uri, (int) size);
http->flags.hit = 0;
if (http->entry == NULL) {
@@ -2171,10 +2176,6 @@
}
return;
}
- if (Config.refresh_stale_window > 0 && e->mem_obj && e->mem_obj->refresh_timestamp + Config.refresh_stale_window > squid_curtime && !refreshCheckHTTPStale(e, r)) {
- debug(33, 2) ("clientProcessHit: refresh_stale HIT\n");
- goto hit;
- }
if (httpHeaderHas(&r->header, HDR_IF_MATCH)) {
String req_etags;
const char *rep_etag = httpHeaderGetStr(&e->mem_obj->reply->header, HDR_ETAG);
@@ -2192,14 +2193,74 @@
stringClean(&req_etags);
if (!has_etag) {
/* The entity tags does not match. This cannot be a
- * hit for this object. Qyery the origin.
+ * hit for this object. Query the origin.
*/
http->log_type = LOG_TCP_MISS;
clientProcessMiss(http);
return;
}
}
- if (!Config.onoff.offline && refreshCheckHTTP(e, r) && !http->flags.internal) {
+ if (httpHeaderHas(&r->header, HDR_IF_NONE_MATCH)) {
+ String req_etags;
+ const char *rep_etag = httpHeaderGetStr(&e->mem_obj->reply->header, HDR_ETAG);
+ int has_etag;
+ if (mem->reply->sline.status != HTTP_OK) {
+ debug(33, 4) ("clientCacheHit: Reply code %d != 200\n",
+ mem->reply->sline.status);
+ http->log_type = LOG_TCP_MISS;
+ clientProcessMiss(http);
+ return;
+ }
+ if (rep_etag) {
+ req_etags = httpHeaderGetList(&http->request->header, HDR_IF_NONE_MATCH);
+ has_etag = strListIsMember(&req_etags, rep_etag, ',');
+ stringClean(&req_etags);
+ if (has_etag) {
+ debug(33, 4) ("clientCacheHit: If-None-Match matches\n");
+ if (is_modified == -1)
+ is_modified = 0;
+ } else {
+ debug(33, 4) ("clientCacheHit: If-None-Match mismatch\n");
+ is_modified = 1;
+ }
+ }
+ }
+ if (r->flags.ims) {
+ /*
+ * Handle If-Modified-Since requests from the client
+ */
+ if (mem->reply->sline.status != HTTP_OK) {
+ debug(33, 4) ("clientCacheHit: Reply code %d != 200\n",
+ mem->reply->sline.status);
+ http->log_type = LOG_TCP_MISS;
+ clientProcessMiss(http);
+ return;
+ }
+ if (modifiedSince(e, http->request)) {
+ debug(33, 4) ("clientCacheHit: If-Modified-Since modified\n");
+ is_modified = 1;
+ } else {
+ debug(33, 4) ("clientCacheHit: If-Modified-Since not modified\n");
+ if (is_modified == -1)
+ is_modified = 0;
+ }
+ }
+ stale = refreshCheckHTTPStale(e, r);
+ if (stale == 0) {
+ debug(33, 2) ("clientProcessHit: HIT\n");
+ } else if (stale == -1 && Config.refresh_stale_window > 0 && e->mem_obj->refresh_timestamp + Config.refresh_stale_window > squid_curtime) {
+ debug(33, 2) ("clientProcessHit: refresh_stale HIT\n");
+ http->log_type = LOG_TCP_STALE_HIT;
+ stale = 0;
+ } else if (stale && http->flags.internal) {
+ debug(33, 2) ("clientProcessHit: internal HIT\n");
+ stale = 0;
+ } else if (stale && Config.onoff.offline) {
+ debug(33, 2) ("clientProcessHit: offline HIT\n");
+ http->log_type = LOG_TCP_OFFLINE_HIT;
+ stale = 0;
+ }
+ if (stale) {
debug(33, 5) ("clientCacheHit: in refreshCheck() block\n");
/*
* We hold a stale copy; it needs to be validated
@@ -2229,69 +2290,11 @@
*/
http->log_type = LOG_TCP_CLIENT_REFRESH_MISS;
clientProcessMiss(http);
- } else if (r->protocol == PROTO_HTTP) {
- /*
- * Object needs to be revalidated
- * XXX This could apply to FTP as well, if Last-Modified is known.
- */
- http->log_type = LOG_TCP_REFRESH_MISS;
- clientProcessExpired(http);
} else {
- /*
- * We don't know how to re-validate other protocols. Handle
- * them as if the object has expired.
- */
- http->log_type = LOG_TCP_MISS;
- clientProcessMiss(http);
+ clientProcessExpired(http);
}
return;
}
- hit:
- if (httpHeaderHas(&r->header, HDR_IF_NONE_MATCH)) {
- String req_etags;
- const char *rep_etag = httpHeaderGetStr(&e->mem_obj->reply->header, HDR_ETAG);
- int has_etag;
- if (mem->reply->sline.status != HTTP_OK) {
- debug(33, 4) ("clientCacheHit: Reply code %d != 200\n",
- mem->reply->sline.status);
- http->log_type = LOG_TCP_MISS;
- clientProcessMiss(http);
- return;
- }
- if (!rep_etag) {
- /* The cached object does not have a entity tag, but the client
- * obviously thinks there should be one... Query the origin to
- * be on the safe side.
- */
- http->log_type = LOG_TCP_MISS;
- clientProcessMiss(http);
- return;
- }
- req_etags = httpHeaderGetList(&http->request->header, HDR_IF_NONE_MATCH);
- has_etag = strListIsMember(&req_etags, rep_etag, ',');
- stringClean(&req_etags);
- if (has_etag) {
- http->log_type = LOG_TCP_IMS_HIT;
- is_modified = 0;
- }
- }
- if (is_modified != 0 && r->flags.ims) {
- /*
- * Handle If-Modified-Since requests from the client
- */
- if (mem->reply->sline.status != HTTP_OK) {
- debug(33, 4) ("clientCacheHit: Reply code %d != 200\n",
- mem->reply->sline.status);
- http->log_type = LOG_TCP_MISS;
- clientProcessMiss(http);
- return;
- } else if (modifiedSince(e, http->request)) {
- http->log_type = LOG_TCP_IMS_HIT;
- clientSendMoreHeaderData(data, buf, size);
- return;
- }
- is_modified = 0;
- }
if (is_modified == 0) {
time_t timestamp = e->timestamp;
MemBuf mb = httpPacked304Reply(e->mem_obj->reply);
@@ -2317,10 +2320,8 @@
*/
if (e->store_status != STORE_OK)
http->log_type = LOG_TCP_MISS;
- else if (e->mem_status == IN_MEMORY)
+ else if (http->log_type == LOG_TCP_HIT && e->mem_status == IN_MEMORY)
http->log_type = LOG_TCP_MEM_HIT;
- else if (Config.onoff.offline)
- http->log_type = LOG_TCP_OFFLINE_HIT;
clientSendMoreHeaderData(data, buf, size);
}
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.6.STABLE7/src/enums.h new/squid-2.6.STABLE9/src/enums.h
--- old/squid-2.6.STABLE7/src/enums.h 2006-09-30 23:10:48.000000000 +0200
+++ new/squid-2.6.STABLE9/src/enums.h 2007-01-21 11:26:44.000000000 +0100
@@ -1,6 +1,6 @@
/*
- * $Id: enums.h,v 1.235 2006/09/30 21:10:48 hno Exp $
+ * $Id: enums.h,v 1.237.2.1 2007/01/21 10:26:44 hno Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
@@ -51,6 +51,7 @@
#if LOG_TCP_REDIRECTS
LOG_TCP_REDIRECT,
#endif
+ LOG_TCP_STALE_HIT,
LOG_UDP_HIT,
LOG_UDP_MISS,
LOG_UDP_DENIED,
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.6.STABLE7/src/errorpage.c new/squid-2.6.STABLE9/src/errorpage.c
--- old/squid-2.6.STABLE7/src/errorpage.c 2006-11-07 03:59:27.000000000 +0100
+++ new/squid-2.6.STABLE9/src/errorpage.c 2007-01-19 01:21:01.000000000 +0100
@@ -1,6 +1,6 @@
/*
- * $Id: errorpage.c,v 1.189 2006/11/07 02:59:27 hno Exp $
+ * $Id: errorpage.c,v 1.190 2007/01/19 00:21:01 hno Exp $
*
* DEBUG: section 4 Error Generation
* AUTHOR: Duane Wessels
@@ -324,10 +324,10 @@
authenticateFixHeader(rep, err->auth_user_request, err->request, 0, 1);
httpReplySwapOut(rep, entry);
EBIT_CLR(entry->flags, ENTRY_FWD_HDR_WAIT);
- storeBufferFlush(entry);
- storeComplete(entry);
storeNegativeCache(entry);
storeReleaseRequest(entry);
+ storeBufferFlush(entry);
+ storeComplete(entry);
storeUnlockObject(entry);
errorStateFree(err);
}
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.6.STABLE7/src/forward.c new/squid-2.6.STABLE9/src/forward.c
--- old/squid-2.6.STABLE7/src/forward.c 2007-01-06 18:22:45.000000000 +0100
+++ new/squid-2.6.STABLE9/src/forward.c 2007-01-19 01:21:01.000000000 +0100
@@ -1,6 +1,6 @@
/*
- * $Id: forward.c,v 1.119 2007/01/06 17:22:45 hno Exp $
+ * $Id: forward.c,v 1.120 2007/01/19 00:21:01 hno Exp $
*
* DEBUG: section 17 Request Forwarding
* AUTHOR: Duane Wessels
@@ -106,8 +106,8 @@
fwdState->err = NULL;
} else {
EBIT_CLR(e->flags, ENTRY_FWD_HDR_WAIT);
- storeComplete(e);
storeReleaseRequest(e);
+ storeComplete(e);
}
}
if (EBIT_TEST(e->flags, ENTRY_DEFER_READ))
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.6.STABLE7/src/fs/diskd/store_io_diskd.c new/squid-2.6.STABLE9/src/fs/diskd/store_io_diskd.c
--- old/squid-2.6.STABLE7/src/fs/diskd/store_io_diskd.c 2006-11-05 22:14:36.000000000 +0100
+++ new/squid-2.6.STABLE9/src/fs/diskd/store_io_diskd.c 2007-01-24 02:54:48.000000000 +0100
@@ -1,6 +1,6 @@
/*
- * $Id: store_io_diskd.c,v 1.33 2006/11/05 21:14:36 hno Exp $
+ * $Id: store_io_diskd.c,v 1.33.2.1 2007/01/24 01:54:48 hno Exp $
*
* DEBUG: section 79 Squid-side DISKD I/O functions.
* AUTHOR: Duane Wessels
@@ -468,11 +468,11 @@
static void
storeDiskdIOCallback(storeIOState * sio, int errflag)
{
- int valid = cbdataValid(sio->callback_data);
- debug(79, 3) ("storeDiskdIOCallback: errflag=%d\n", errflag);
- cbdataUnlock(sio->callback_data);
- if (valid)
- sio->callback(sio->callback_data, errflag, sio);
+ void *p = sio->callback_data;
+ debug(79, 3) ("storeUfsIOCallback: errflag=%d\n", errflag);
+ if (cbdataValid(p))
+ sio->callback(p, errflag, sio);
+ cbdataUnlock(p);
cbdataFree(sio);
}
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.6.STABLE7/src/ftp.c new/squid-2.6.STABLE9/src/ftp.c
--- old/squid-2.6.STABLE7/src/ftp.c 2007-01-01 22:38:39.000000000 +0100
+++ new/squid-2.6.STABLE9/src/ftp.c 2007-01-19 01:52:49.000000000 +0100
@@ -1,6 +1,6 @@
/*
- * $Id: ftp.c,v 1.341 2007/01/01 21:38:39 hno Exp $
+ * $Id: ftp.c,v 1.342 2007/01/19 00:52:49 hno Exp $
*
* DEBUG: section 9 File Transfer Protocol (FTP)
* AUTHOR: Harvest Derived
@@ -2624,7 +2624,7 @@
ftpUrlWith2f(const request_t * request)
{
LOCAL_ARRAY(char, buf, MAX_URL);
- LOCAL_ARRAY(char, loginbuf, MAX_LOGIN_SZ + 1);
+ LOCAL_ARRAY(char, loginbuf, MAX_LOGIN_SZ + 2);
LOCAL_ARRAY(char, portbuf, 32);
char *t;
portbuf[0] = '\0';
@@ -2634,7 +2634,7 @@
snprintf(portbuf, 32, ":%d", request->port);
loginbuf[0] = '\0';
if ((int) strlen(request->login) > 0) {
- xstrncpy(loginbuf, request->login, sizeof(loginbuf) - 2);
+ xstrncpy(loginbuf, request->login, MAX_LOGIN_SZ);
if ((t = strchr(loginbuf, ':')))
*t = '\0';
strcat(loginbuf, "@");
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.6.STABLE7/src/globals.h new/squid-2.6.STABLE9/src/globals.h
--- old/squid-2.6.STABLE7/src/globals.h 2006-09-25 21:31:34.000000000 +0200
+++ new/squid-2.6.STABLE9/src/globals.h 2007-01-19 01:19:26.000000000 +0100
@@ -1,6 +1,6 @@
/*
- * $Id: globals.h,v 1.122 2006/09/25 19:31:34 serassio Exp $
+ * $Id: globals.h,v 1.123 2007/01/19 00:19:26 hno Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
@@ -120,10 +120,10 @@
extern unsigned long store_mem_size; /* 0 */
extern time_t hit_only_mode_until; /* 0 */
extern StatCounters statCounter;
-extern char *err_type_str[];
-extern char *icp_opcode_str[];
-extern char *swap_log_op_str[];
-extern char *lookup_t_str[];
+extern const char *err_type_str[];
+extern const char *icp_opcode_str[];
+extern const char *swap_log_op_str[];
+extern const char *lookup_t_str[];
extern double request_failure_ratio; /* 0.0 */
extern double current_dtime;
extern int store_hash_buckets; /* 0 */
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.6.STABLE7/src/http.c new/squid-2.6.STABLE9/src/http.c
--- old/squid-2.6.STABLE7/src/http.c 2006-10-23 23:34:17.000000000 +0200
+++ new/squid-2.6.STABLE9/src/http.c 2007-01-21 11:26:44.000000000 +0100
@@ -1,6 +1,6 @@
/*
- * $Id: http.c,v 1.418 2006/10/23 21:34:17 hno Exp $
+ * $Id: http.c,v 1.419.2.2 2007/01/21 10:26:44 hno Exp $
*
* DEBUG: section 11 Hypertext Transfer Protocol (HTTP)
* AUTHOR: Harvest Derived
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.6.STABLE7/src/HttpHeader.c new/squid-2.6.STABLE9/src/HttpHeader.c
--- old/squid-2.6.STABLE7/src/HttpHeader.c 2006-11-29 06:31:48.000000000 +0100
+++ new/squid-2.6.STABLE9/src/HttpHeader.c 2007-01-21 11:26:44.000000000 +0100
@@ -1,6 +1,6 @@
/*
- * $Id: HttpHeader.c,v 1.90 2006/11/29 05:31:48 adrian Exp $
+ * $Id: HttpHeader.c,v 1.91.2.1 2007/01/21 10:26:44 hno Exp $
*
* DEBUG: section 55 HTTP Header
* AUTHOR: Alex Rousskov
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.6.STABLE7/src/mk-string-arrays.pl new/squid-2.6.STABLE9/src/mk-string-arrays.pl
--- old/squid-2.6.STABLE7/src/mk-string-arrays.pl 1998-04-08 01:31:51.000000000 +0200
+++ new/squid-2.6.STABLE9/src/mk-string-arrays.pl 2007-01-19 01:19:26.000000000 +0100
@@ -1,5 +1,5 @@
#******************************************************************************
-# $Id: mk-string-arrays.pl,v 1.4 1998/04/07 23:31:51 rousskov Exp $
+# $Id: mk-string-arrays.pl,v 1.5 2007/01/19 00:19:26 hno Exp $
#
# File: mk-strs.pl
#
@@ -16,6 +16,9 @@
$pat{'icp_opcode'} = "icp_opcode_str";
$pat{'swap_log_op'} = "swap_log_op_str";
$pat{'lookup_t'} = "lookup_t_str";
+$pat{'log_type'} = "log_tags";
+
+print "#include \"squid.h\"\n";
$state = 0; # start state
while (<>) {
@@ -35,19 +38,27 @@
print "const char *$pat{$t}\[\] = \n";
print "{\n";
for ($i = 0; $i < $count; $i++) {
- printf "\t\"%s\"%s\n",
- $ea[$i],
- $i == $count - 1 ? '' : ',';
+ if ($ea[$i] =~ /^#/) {
+ print $ea[$i];
+ } else {
+ printf "\t\"%s\"%s\n",
+ $ea[$i],
+ $i == $count - 1 ? '' : ',';
+ }
}
print "};\n";
print "\n";
}
$state = 0;
+ } elsif (/^#/) {
+ $ea[$count++] = $_;
} else {
($e) = split(' ', $_);
$e =~ s/,//;
- $ea[$count] = $e;
- $count++;
+ $e =~ s/^LOG_TAG_//;
+ $e =~ s/^LOG_//;
+ $e =~ s/^REFRESH_FAIL_HIT$/REF_FAIL_HIT/;
+ $ea[$count++] = $e;
}
next;
}
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.6.STABLE7/src/neighbors.c new/squid-2.6.STABLE9/src/neighbors.c
--- old/squid-2.6.STABLE7/src/neighbors.c 2006-12-10 06:18:47.000000000 +0100
+++ new/squid-2.6.STABLE9/src/neighbors.c 2007-01-19 01:19:26.000000000 +0100
@@ -1,6 +1,6 @@
/*
- * $Id: neighbors.c,v 1.312 2006/12/10 05:18:47 hno Exp $
+ * $Id: neighbors.c,v 1.313 2007/01/19 00:19:26 hno Exp $
*
* DEBUG: section 15 Neighbor Routines
* AUTHOR: Harvest Derived
@@ -799,7 +799,7 @@
StoreEntry *entry;
MemObject *mem = NULL;
peer_t ntype = PEER_NONE;
- char *opcode_d;
+ const char *opcode_d;
icp_opcode opcode = (icp_opcode) header->opcode;
debug(15, 6) ("neighborsUdpAck: opcode %d '%s'\n",
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.6.STABLE7/src/refresh.c new/squid-2.6.STABLE9/src/refresh.c
--- old/squid-2.6.STABLE7/src/refresh.c 2006-08-18 23:06:04.000000000 +0200
+++ new/squid-2.6.STABLE9/src/refresh.c 2007-01-19 01:21:01.000000000 +0100
@@ -1,6 +1,6 @@
/*
- * $Id: refresh.c,v 1.62 2006/08/18 21:06:04 hno Exp $
+ * $Id: refresh.c,v 1.63 2007/01/19 00:21:01 hno Exp $
*
* DEBUG: section 22 Refresh Calculation
* AUTHOR: Harvest Derived
@@ -80,6 +80,7 @@
STALE_EXPIRES,
STALE_MAX_RULE,
STALE_LMFACTOR_RULE,
+ STALE_WITHIN_DELTA,
STALE_DEFAULT = 299
};
@@ -220,7 +221,7 @@
const refresh_t *R;
const char *uri = NULL;
time_t age = 0;
- time_t check_time = squid_curtime + delta;
+ time_t check_time = squid_curtime;
int staleness;
stale_flags sf;
if (entry->mem_obj)
@@ -230,6 +231,8 @@
debug(22, 3) ("refreshCheck: '%s'\n", uri ? uri : "<none>");
+ if (delta > 0)
+ check_time += delta;
if (check_time > entry->timestamp)
age = check_time - entry->timestamp;
R = uri ? refreshLimits(uri) : refreshUncompiledPattern(".");
@@ -280,7 +283,7 @@
return STALE_EXCEEDS_REQUEST_MAX_AGE_VALUE;
}
}
- if (EBIT_TEST(cc->mask, CC_MAX_STALE) && staleness > -1) {
+ if (EBIT_TEST(cc->mask, CC_MAX_STALE) && staleness >= 0) {
if (cc->max_stale < 0) {
/* max-stale directive without a value */
debug(22, 3) ("refreshCheck: NO: max-stale wildcard\n");
@@ -292,7 +295,7 @@
}
}
}
- if (-1 == staleness) {
+ if (staleness < 0) {
if (sf.expires)
return FRESH_EXPIRES;
assert(!sf.max);
@@ -305,6 +308,9 @@
* At this point the response is stale, unless one of
* the override options kicks in.
*/
+ if (delta < 0 && staleness + delta < 0) {
+ return STALE_WITHIN_DELTA;
+ }
if (sf.expires) {
#if HTTP_VIOLATIONS
if (R->flags.override_expire && age < R->min) {
@@ -375,6 +381,8 @@
refreshCheckHTTPStale(const StoreEntry * entry, request_t * request)
{
int reason = refreshCheck(entry, request, -Config.refresh_stale_window);
+ if (reason == STALE_WITHIN_DELTA)
+ return -1;
return (reason < 200) ? 0 : 1;
}
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/squid-2.6.STABLE7/src/store.c new/squid-2.6.STABLE9/src/store.c
--- old/squid-2.6.STABLE7/src/store.c 2006-12-10 06:55:17.000000000 +0100
+++ new/squid-2.6.STABLE9/src/store.c 2007-01-19 01:21:01.000000000 +0100
@@ -1,6 +1,6 @@
/*
- * $Id: store.c,v 1.569 2006/12/10 05:55:17 hno Exp $
+ * $Id: store.c,v 1.570 2007/01/19 00:21:01 hno Exp $
*
* DEBUG: section 20 Storage Manager
* AUTHOR: Harvest Derived
@@ -1308,6 +1308,7 @@
if (e->mem_obj->request)
e->mem_obj->request->hier.store_complete_stop = current_time;
#endif
+ e->mem_obj->refresh_timestamp = e->timestamp;
/*
* We used to call InvokeHandlers, then storeSwapOut. However,
* Madhukar Reddy