diff -r -u ./squid-3.0.STABLE1/ChangeLog ./squid-3.0.STABLE2/ChangeLog
--- ./squid-3.0.STABLE1/ChangeLog 2007-12-14 13:15:58.000000000 +1300
+++ ./squid-3.0.STABLE2/ChangeLog 2008-02-28 13:49:19.000000000 +1300
@@ -1,3 +1,18 @@
+Changes to squid-3.0.STABLE1 (1 Mar 2008):
+
+ - Add myportname ACL for matching the accepting port name (see release notes)
+ - Add include directive for squid.conf (see release notes)
+ - Add ability to strip kerberos realm from usernames during Auth
+ - License cleanup to comply with GPLv2 or later
+ - Updated Error Pages and Translations
+ - Updated configuration examples
+ - Updated valgrind support for valgrind-3.3.0
+ - Improved support for Windows and MacOS X Leopard
+ - Improved support for files larger than 2GB
+ - Improved support for CARP arrays and WCCPv2
+ - Improved cachmgr, SNMP, and log reporting
+ - ... and as usual Many bug fixes since STABLE 1
+
Changes to squid-3.0.STABLE1 (13 Dec 2007):
- Major rewrite translating the code to C++, originally based on
diff -r -u ./squid-3.0.STABLE1/configure ./squid-3.0.STABLE2/configure
--- ./squid-3.0.STABLE1/configure 2007-12-14 13:25:27.000000000 +1300
+++ ./squid-3.0.STABLE2/configure 2008-03-05 01:35:36.000000000 +1300
@@ -1,7 +1,7 @@
#! /bin/sh
-# From configure.in Revision.
+# From configure.in Revision: 1.488.2.3 .
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.61 for Squid Web Proxy 3.0.STABLE1.
+# Generated by GNU Autoconf 2.61 for Squid Web Proxy 3.0.STABLE2.
#
# Report bugs to .
#
@@ -729,8 +729,8 @@
# Identity of this package.
PACKAGE_NAME='Squid Web Proxy'
PACKAGE_TARNAME='squid'
-PACKAGE_VERSION='3.0.STABLE1'
-PACKAGE_STRING='Squid Web Proxy 3.0.STABLE1'
+PACKAGE_VERSION='3.0.STABLE2'
+PACKAGE_STRING='Squid Web Proxy 3.0.STABLE2'
PACKAGE_BUGREPORT='http://www.squid-cache.org/bugs/'
ac_unique_file="src/main.cc"
@@ -1507,7 +1507,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures Squid Web Proxy 3.0.STABLE1 to adapt to many kinds of systems.
+\`configure' configures Squid Web Proxy 3.0.STABLE2 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1577,7 +1577,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of Squid Web Proxy 3.0.STABLE1:";;
+ short | recursive ) echo "Configuration of Squid Web Proxy 3.0.STABLE2:";;
esac
cat <<\_ACEOF
@@ -1886,7 +1886,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-Squid Web Proxy configure 3.0.STABLE1
+Squid Web Proxy configure 3.0.STABLE2
generated by GNU Autoconf 2.61
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
@@ -1900,7 +1900,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by Squid Web Proxy $as_me 3.0.STABLE1, which was
+It was created by Squid Web Proxy $as_me 3.0.STABLE2, which was
generated by GNU Autoconf 2.61. Invocation command line was
$ $0 $@
@@ -2574,7 +2574,7 @@
# Define the identity of the package.
PACKAGE='squid'
- VERSION='3.0.STABLE1'
+ VERSION='3.0.STABLE2'
cat >>confdefs.h <<_ACEOF
@@ -24237,6 +24237,7 @@
+
for ac_header in \
arpa/inet.h \
arpa/nameser.h \
@@ -24249,6 +24250,7 @@
fcntl.h \
fnmatch.h \
getopt.h \
+ glob.h \
gnumalloc.h \
grp.h \
ip_compat.h \
@@ -42506,6 +42508,7 @@
+
for ac_func in \
backtrace_symbols_fd \
bcopy \
@@ -42521,6 +42524,7 @@
getrusage \
getspnam \
gettimeofday \
+ glob \
htobe16 \
htole16 \
kqueue\
@@ -45402,7 +45406,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by Squid Web Proxy $as_me 3.0.STABLE1, which was
+This file was extended by Squid Web Proxy $as_me 3.0.STABLE2, which was
generated by GNU Autoconf 2.61. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -45455,7 +45459,7 @@
_ACEOF
cat >>$CONFIG_STATUS <<_ACEOF
ac_cs_version="\\
-Squid Web Proxy config.status 3.0.STABLE1
+Squid Web Proxy config.status 3.0.STABLE2
configured by $0, generated by GNU Autoconf 2.61,
with options \\"`echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\"
diff -r -u ./squid-3.0.STABLE1/configure.in ./squid-3.0.STABLE2/configure.in
--- ./squid-3.0.STABLE1/configure.in 2007-12-14 13:25:27.000000000 +1300
+++ ./squid-3.0.STABLE2/configure.in 2008-03-05 01:35:36.000000000 +1300
@@ -1,17 +1,17 @@
dnl Configuration input file for Squid
dnl
-dnl $Id: configure.in,v 1.488.2.1 2007/12/13 22:01:30 wessels Exp $
+dnl $Id: configure.in,v 1.488.2.3 2008/03/04 12:17:04 amosjeffries Exp $
dnl
dnl
dnl
-AC_INIT(Squid Web Proxy, 3.0.STABLE1, http://www.squid-cache.org/bugs/, squid)
+AC_INIT(Squid Web Proxy, 3.0.STABLE2, http://www.squid-cache.org/bugs/, squid)
AC_PREREQ(2.52)
AM_CONFIG_HEADER(include/autoconf.h)
AC_CONFIG_AUX_DIR(cfgaux)
AC_CONFIG_SRCDIR([src/main.cc])
AM_INIT_AUTOMAKE([tar-ustar])
-AC_REVISION($Revision: 1.488.2.1 $)dnl
+AC_REVISION($Revision: 1.488.2.3 $)dnl
AC_PREFIX_DEFAULT(/usr/local/squid)
AM_MAINTAINER_MODE
@@ -1848,6 +1848,7 @@
fcntl.h \
fnmatch.h \
getopt.h \
+ glob.h \
gnumalloc.h \
grp.h \
ip_compat.h \
@@ -2493,6 +2494,7 @@
getrusage \
getspnam \
gettimeofday \
+ glob \
htobe16 \
htole16 \
kqueue\
diff -r -u ./squid-3.0.STABLE1/doc/Makefile.in ./squid-3.0.STABLE2/doc/Makefile.in
--- ./squid-3.0.STABLE1/doc/Makefile.in 2007-12-05 14:10:46.000000000 +1300
+++ ./squid-3.0.STABLE2/doc/Makefile.in 2008-03-05 01:31:18.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.88 2007/12/05 01:10:46 hno Exp $
+# $Id: Makefile.in,v 1.88.2.1 2008/03/04 12:31:18 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
diff -r -u ./squid-3.0.STABLE1/errors/Makefile.am ./squid-3.0.STABLE2/errors/Makefile.am
--- ./squid-3.0.STABLE1/errors/Makefile.am 2007-08-22 12:20:10.000000000 +1200
+++ ./squid-3.0.STABLE2/errors/Makefile.am 2008-02-27 23:55:13.000000000 +1300
@@ -1,6 +1,6 @@
## Process this file with automake to produce Makefile.in
#
-# $Id: Makefile.am,v 1.14 2007/08/22 00:20:10 hno Exp $
+# $Id: Makefile.am,v 1.14.2.1 2008/02/27 10:55:13 amosjeffries Exp $
#
errordir = $(datadir)/errors
@@ -42,7 +42,10 @@
Spanish \
Swedish \
Traditional_Chinese \
- Turkish
+ Turkish \
+ Ukrainian-1251 \
+ Ukrainian-koi8-u \
+ Ukrainian-utf8
install-data-local:
@for l in $(INSTALL_LANGUAGES); do \
diff -r -u ./squid-3.0.STABLE1/errors/Makefile.in ./squid-3.0.STABLE2/errors/Makefile.in
--- ./squid-3.0.STABLE1/errors/Makefile.in 2007-12-05 14:10:48.000000000 +1300
+++ ./squid-3.0.STABLE2/errors/Makefile.in 2008-03-05 01:31:19.000000000 +1300
@@ -15,7 +15,7 @@
@SET_MAKE@
#
-# $Id: Makefile.in,v 1.105 2007/12/05 01:10:48 hno Exp $
+# $Id: Makefile.in,v 1.105.2.2 2008/03/04 12:31:19 amosjeffries Exp $
#
srcdir = @srcdir@
top_srcdir = @top_srcdir@
@@ -303,7 +303,10 @@
Spanish \
Swedish \
Traditional_Chinese \
- Turkish
+ Turkish \
+ Ukrainian-1251 \
+ Ukrainian-koi8-u \
+ Ukrainian-utf8
all: all-am
diff -r -u ./squid-3.0.STABLE1/errors/Swedish/ERR_ESI ./squid-3.0.STABLE2/errors/Swedish/ERR_ESI
--- ./squid-3.0.STABLE1/errors/Swedish/ERR_ESI 2003-03-10 17:56:13.000000000 +1300
+++ ./squid-3.0.STABLE2/errors/Swedish/ERR_ESI 2008-02-25 16:40:24.000000000 +1300
@@ -1,29 +1,33 @@
-
-ERROR: The requested URL could not be retrieved
-
+
+FEL: Begärd URL kunde inte hämtas
+
-The requested URL could not be retrieved
+Begärd URL kunde inte hämtas
-While trying to retrieve the URL:
+Vid försöket att hämta URL:
%U
-The following error was encountered:
+Mottogs följande fel:
-ESI Processing failed.
+ESI bearbetning misslyckades.
+%H
+
-The ESI processor returned:
+ESI motorn returnerade:
-%Z
+%z
-This means that:
+Detta betyder att:
- The surrogate was not able to process the ESI template. Please report this error to the webmaster.
+ Surrogat servern kunde inte bearbeta ESI mallen.
+ Vänligen kontakta den ansvariga för webbservern ifråga.
-Your webmaster is %w.
-This page is in english because a translation has not been made. If you are able to, please create a translation and contact the squid project to get it included.
+
+Addressen till ansvarig administratör är %w.
+
Only in ./squid-3.0.STABLE2/errors: Ukrainian-1251
Only in ./squid-3.0.STABLE2/errors: Ukrainian-koi8-u
Only in ./squid-3.0.STABLE2/errors: Ukrainian-utf8
diff -r -u ./squid-3.0.STABLE1/helpers/basic_auth/DB/Makefile.in ./squid-3.0.STABLE2/helpers/basic_auth/DB/Makefile.in
--- ./squid-3.0.STABLE1/helpers/basic_auth/DB/Makefile.in 2007-12-05 14:10:52.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/basic_auth/DB/Makefile.in 2008-03-05 01:31:19.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.22 2007/12/05 01:10:52 hno Exp $
+# $Id: Makefile.in,v 1.22.2.1 2008/03/04 12:31:19 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
diff -r -u ./squid-3.0.STABLE1/helpers/basic_auth/getpwnam/Makefile.in ./squid-3.0.STABLE2/helpers/basic_auth/getpwnam/Makefile.in
--- ./squid-3.0.STABLE1/helpers/basic_auth/getpwnam/Makefile.in 2007-12-05 14:10:58.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/basic_auth/getpwnam/Makefile.in 2008-03-05 01:31:22.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.92 2007/12/05 01:10:58 hno Exp $
+# $Id: Makefile.in,v 1.92.2.1 2008/03/04 12:31:22 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
diff -r -u ./squid-3.0.STABLE1/helpers/basic_auth/LDAP/Makefile.in ./squid-3.0.STABLE2/helpers/basic_auth/LDAP/Makefile.in
--- ./squid-3.0.STABLE1/helpers/basic_auth/LDAP/Makefile.in 2007-12-05 14:10:53.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/basic_auth/LDAP/Makefile.in 2008-03-05 01:31:20.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid LDAP authentication helper
#
-# $Id: Makefile.in,v 1.94 2007/12/05 01:10:53 hno Exp $
+# $Id: Makefile.in,v 1.94.2.1 2008/03/04 12:31:20 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
diff -r -u ./squid-3.0.STABLE1/helpers/basic_auth/Makefile.in ./squid-3.0.STABLE2/helpers/basic_auth/Makefile.in
--- ./squid-3.0.STABLE1/helpers/basic_auth/Makefile.in 2007-12-05 14:10:51.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/basic_auth/Makefile.in 2008-03-05 01:31:19.000000000 +1300
@@ -16,7 +16,7 @@
# Makefile for storage modules in the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.95 2007/12/05 01:10:51 hno Exp $
+# $Id: Makefile.in,v 1.95.2.1 2008/03/04 12:31:19 amosjeffries Exp $
#
srcdir = @srcdir@
top_srcdir = @top_srcdir@
diff -r -u ./squid-3.0.STABLE1/helpers/basic_auth/MSNT/Makefile.in ./squid-3.0.STABLE2/helpers/basic_auth/MSNT/Makefile.in
--- ./squid-3.0.STABLE1/helpers/basic_auth/MSNT/Makefile.in 2007-12-05 14:10:53.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/basic_auth/MSNT/Makefile.in 2008-03-05 01:31:20.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.97 2007/12/05 01:10:53 hno Exp $
+# $Id: Makefile.in,v 1.97.2.1 2008/03/04 12:31:20 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
diff -r -u ./squid-3.0.STABLE1/helpers/basic_auth/mswin_sspi/Makefile.in ./squid-3.0.STABLE2/helpers/basic_auth/mswin_sspi/Makefile.in
--- ./squid-3.0.STABLE1/helpers/basic_auth/mswin_sspi/Makefile.in 2007-12-05 14:10:58.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/basic_auth/mswin_sspi/Makefile.in 2008-03-05 01:31:23.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.36 2007/12/05 01:10:58 hno Exp $
+# $Id: Makefile.in,v 1.36.2.1 2008/03/04 12:31:23 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
diff -r -u ./squid-3.0.STABLE1/helpers/basic_auth/multi-domain-NTLM/Makefile.in ./squid-3.0.STABLE2/helpers/basic_auth/multi-domain-NTLM/Makefile.in
--- ./squid-3.0.STABLE1/helpers/basic_auth/multi-domain-NTLM/Makefile.in 2007-12-05 14:10:58.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/basic_auth/multi-domain-NTLM/Makefile.in 2008-03-05 01:31:23.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.90 2007/12/05 01:10:58 hno Exp $
+# $Id: Makefile.in,v 1.90.2.1 2008/03/04 12:31:23 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
diff -r -u ./squid-3.0.STABLE1/helpers/basic_auth/NCSA/Makefile.in ./squid-3.0.STABLE2/helpers/basic_auth/NCSA/Makefile.in
--- ./squid-3.0.STABLE1/helpers/basic_auth/NCSA/Makefile.in 2007-12-05 14:10:55.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/basic_auth/NCSA/Makefile.in 2008-03-05 01:31:20.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.95 2007/12/05 01:10:55 hno Exp $
+# $Id: Makefile.in,v 1.95.2.1 2008/03/04 12:31:20 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
diff -r -u ./squid-3.0.STABLE1/helpers/basic_auth/PAM/Makefile.in ./squid-3.0.STABLE2/helpers/basic_auth/PAM/Makefile.in
--- ./squid-3.0.STABLE1/helpers/basic_auth/PAM/Makefile.in 2007-12-05 14:10:55.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/basic_auth/PAM/Makefile.in 2008-03-05 01:31:21.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid PAM authentication helper
#
-# $Id: Makefile.in,v 1.95 2007/12/05 01:10:55 hno Exp $
+# $Id: Makefile.in,v 1.95.2.1 2008/03/04 12:31:21 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
diff -r -u ./squid-3.0.STABLE1/helpers/basic_auth/POP3/Makefile.in ./squid-3.0.STABLE2/helpers/basic_auth/POP3/Makefile.in
--- ./squid-3.0.STABLE1/helpers/basic_auth/POP3/Makefile.in 2007-12-05 14:10:55.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/basic_auth/POP3/Makefile.in 2008-03-05 01:31:21.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.22 2007/12/05 01:10:55 hno Exp $
+# $Id: Makefile.in,v 1.22.2.1 2008/03/04 12:31:21 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
diff -r -u ./squid-3.0.STABLE1/helpers/basic_auth/SASL/Makefile.in ./squid-3.0.STABLE2/helpers/basic_auth/SASL/Makefile.in
--- ./squid-3.0.STABLE1/helpers/basic_auth/SASL/Makefile.in 2007-12-05 14:10:55.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/basic_auth/SASL/Makefile.in 2008-03-05 01:31:21.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid SASL authentication helper
#
-# $Id: Makefile.in,v 1.91 2007/12/05 01:10:55 hno Exp $
+# $Id: Makefile.in,v 1.91.2.1 2008/03/04 12:31:21 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
diff -r -u ./squid-3.0.STABLE1/helpers/basic_auth/SMB/Makefile.in ./squid-3.0.STABLE2/helpers/basic_auth/SMB/Makefile.in
--- ./squid-3.0.STABLE1/helpers/basic_auth/SMB/Makefile.in 2007-12-05 14:10:56.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/basic_auth/SMB/Makefile.in 2008-03-05 01:31:22.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.93 2007/12/05 01:10:56 hno Exp $
+# $Id: Makefile.in,v 1.93.2.1 2008/03/04 12:31:22 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
diff -r -u ./squid-3.0.STABLE1/helpers/basic_auth/squid_radius_auth/Makefile.in ./squid-3.0.STABLE2/helpers/basic_auth/squid_radius_auth/Makefile.in
--- ./squid-3.0.STABLE1/helpers/basic_auth/squid_radius_auth/Makefile.in 2007-12-05 14:10:59.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/basic_auth/squid_radius_auth/Makefile.in 2008-03-05 01:31:23.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid LDAP authentication helper
#
-# $Id: Makefile.in,v 1.20 2007/12/05 01:10:59 hno Exp $
+# $Id: Makefile.in,v 1.20.2.1 2008/03/04 12:31:23 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
diff -r -u ./squid-3.0.STABLE1/helpers/basic_auth/YP/Makefile.in ./squid-3.0.STABLE2/helpers/basic_auth/YP/Makefile.in
--- ./squid-3.0.STABLE1/helpers/basic_auth/YP/Makefile.in 2007-12-05 14:10:57.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/basic_auth/YP/Makefile.in 2008-03-05 01:31:22.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.94 2007/12/05 01:10:57 hno Exp $
+# $Id: Makefile.in,v 1.94.2.1 2008/03/04 12:31:22 amosjeffries Exp $
#
#
diff -r -u ./squid-3.0.STABLE1/helpers/digest_auth/eDirectory/edir_ldapext.c ./squid-3.0.STABLE2/helpers/digest_auth/eDirectory/edir_ldapext.c
--- ./squid-3.0.STABLE1/helpers/digest_auth/eDirectory/edir_ldapext.c 2007-08-13 20:56:36.000000000 +1200
+++ ./squid-3.0.STABLE2/helpers/digest_auth/eDirectory/edir_ldapext.c 2008-02-25 00:33:27.000000000 +1300
@@ -1,27 +1,31 @@
/*
- * Copyright (C) 2002-2004 Novell, Inc.
+ * NDS LDAP helper functions
+ * Copied From Samba-3.0.24 pdb_nds.c and trimmed down to the
+ * limited functionality needed to access the plain text password only
*
- * edir_ldapext.c LDAP extension for reading eDirectory universal password
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of version 2 of the GNU General Public License as published
- * by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
- * more details.
- *
- * You should have received a copy of the GNU General Public License along with
- * this program; if not, contact Novell, Inc.
+ * Original copyright & license follows:
*
- * To contact Novell about this file by physical or electronic mail, you may
- * find current contact information at www.novell.com.
- */
+ * Copyright (C) Vince Brimhall 2004-2005
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ *
+*/
#include "digest_common.h"
-#ifdef _SQUID_MSWIN_ /* Native Windows port and MinGW */
+#ifdef _SQUID_MSWIN_ /* Native Windows port and MinGW */
#define snprintf _snprintf
#include
@@ -43,282 +47,591 @@
#include
#endif
+#include
#include "edir_ldapext.h"
-/* NMAS error codes */
-#define NMAS_E_BASE (-1600)
+#define NMASLDAP_GET_LOGIN_CONFIG_REQUEST "2.16.840.1.113719.1.39.42.100.3"
+#define NMASLDAP_GET_LOGIN_CONFIG_RESPONSE "2.16.840.1.113719.1.39.42.100.4"
+#define NMASLDAP_SET_PASSWORD_REQUEST "2.16.840.1.113719.1.39.42.100.11"
+#define NMASLDAP_SET_PASSWORD_RESPONSE "2.16.840.1.113719.1.39.42.100.12"
+#define NMASLDAP_GET_PASSWORD_REQUEST "2.16.840.1.113719.1.39.42.100.13"
+#define NMASLDAP_GET_PASSWORD_RESPONSE "2.16.840.1.113719.1.39.42.100.14"
+
+#define NMAS_LDAP_EXT_VERSION 1
+
+#define SMB_MALLOC_ARRAY(type, nelem) calloc(sizeof(type), nelem)
+#define DEBUG(level, args)
+
+/**********************************************************************
+ Take the request BER value and input data items and BER encodes the
+ data into the BER value
+**********************************************************************/
+
+static int berEncodePasswordData(
+ struct berval **requestBV,
+ const char *objectDN,
+ const char *password,
+ const char *password2)
+{
+ int err = 0, rc=0;
+ BerElement *requestBer = NULL;
-#define NMAS_SUCCESS 0
-#define NMAS_E_SUCCESS NMAS_SUCCESS /* Alias */
-#define NMAS_OK NMAS_SUCCESS /* Alias */
-
-#define NMAS_E_FRAG_FAILURE (NMAS_E_BASE-31) /* -1631 0xFFFFF9A1 */
-#define NMAS_E_BUFFER_OVERFLOW (NMAS_E_BASE-33) /* -1633 0xFFFFF99F */
-#define NMAS_E_SYSTEM_RESOURCES (NMAS_E_BASE-34) /* -1634 0xFFFFF99E */
-#define NMAS_E_INSUFFICIENT_MEMORY (NMAS_E_BASE-35) /* -1635 0xFFFFF99D */
-#define NMAS_E_NOT_SUPPORTED (NMAS_E_BASE-36) /* -1636 0xFFFFF99C */
-#define NMAS_E_INVALID_PARAMETER (NMAS_E_BASE-43) /* -1643 0xFFFFF995 */
-#define NMAS_E_INVALID_VERSION (NMAS_E_BASE-52) /* -1652 0xFFFFF98C */
-
-/* OID of LDAP extenstion calls to read Universal Password */
-#define NMASLDAP_GET_PASSWORD_REQUEST "2.16.840.1.113719.1.39.42.100.13"
-#define NMASLDAP_GET_PASSWORD_RESPONSE "2.16.840.1.113719.1.39.42.100.14"
-
-#define NMAS_LDAP_EXT_VERSION 1
+ const char * utf8ObjPtr = NULL;
+ int utf8ObjSize = 0;
+ const char * utf8PwdPtr = NULL;
+ int utf8PwdSize = 0;
+ const char * utf8Pwd2Ptr = NULL;
+ int utf8Pwd2Size = 0;
+
+
+ /* Convert objectDN and tag strings from Unicode to UTF-8 */
+ utf8ObjSize = strlen(objectDN)+1;
+ utf8ObjPtr = objectDN;
+
+ if (password != NULL)
+ {
+ utf8PwdSize = strlen(password)+1;
+ utf8PwdPtr = password;
+ }
+ if (password2 != NULL)
+ {
+ utf8Pwd2Size = strlen(password2)+1;
+ utf8Pwd2Ptr = password2;
+ }
+ /* Allocate a BerElement for the request parameters. */
+ if((requestBer = ber_alloc()) == NULL)
+ {
+ err = LDAP_ENCODING_ERROR;
+ goto Cleanup;
+ }
-/* ------------------------------------------------------------------------
- * berEncodePasswordData
- * ==============================
- * RequestBer contents:
- * clientVersion INTEGER
- * targetObjectDN OCTET STRING
- * password1 OCTET STRING
- * password2 OCTET STRING
- *
- * Description:
- * This function takes the request BER value and input data items
- * and BER encodes the data into the BER value
- *
- * ------------------------------------------------------------------------ */
-int
-berEncodePasswordData(
- struct berval **requestBV,
- char *objectDN,
- char *password,
- char *password2)
+ if (password != NULL && password2 != NULL)
+ {
+ /* BER encode the NMAS Version, the objectDN, and the password */
+ rc = ber_printf(requestBer, "{iooo}", NMAS_LDAP_EXT_VERSION, utf8ObjPtr, utf8ObjSize, utf8PwdPtr, utf8PwdSize, utf8Pwd2Ptr, utf8Pwd2Size);
+ }
+ else if (password != NULL)
+ {
+ /* BER encode the NMAS Version, the objectDN, and the password */
+ rc = ber_printf(requestBer, "{ioo}", NMAS_LDAP_EXT_VERSION, utf8ObjPtr, utf8ObjSize, utf8PwdPtr, utf8PwdSize);
+ }
+ else
+ {
+ /* BER encode the NMAS Version and the objectDN */
+ rc = ber_printf(requestBer, "{io}", NMAS_LDAP_EXT_VERSION, utf8ObjPtr, utf8ObjSize);
+ }
+
+ if (rc < 0)
+ {
+ err = LDAP_ENCODING_ERROR;
+ goto Cleanup;
+ }
+ else
+ {
+ err = 0;
+ }
+
+ /* Convert the BER we just built to a berval that we'll send with the extended request. */
+ if(ber_flatten(requestBer, requestBV) == LBER_ERROR)
+ {
+ err = LDAP_ENCODING_ERROR;
+ goto Cleanup;
+ }
+
+Cleanup:
+
+ if(requestBer)
+ {
+ ber_free(requestBer, 1);
+ }
+
+ return err;
+}
+
+/**********************************************************************
+ Take the request BER value and input data items and BER encodes the
+ data into the BER value
+**********************************************************************/
+
+static int berEncodeLoginData(
+ struct berval **requestBV,
+ char *objectDN,
+ unsigned int methodIDLen,
+ unsigned int *methodID,
+ char *tag,
+ size_t putDataLen,
+ void *putData)
{
- int err = 0, rc = 0;
- BerElement *requestBer = NULL;
+ int err = 0;
+ BerElement *requestBer = NULL;
+
+ unsigned int i;
+ unsigned int elemCnt = methodIDLen / sizeof(unsigned int);
+
+ char *utf8ObjPtr=NULL;
+ int utf8ObjSize = 0;
+
+ char *utf8TagPtr = NULL;
+ int utf8TagSize = 0;
+
+ utf8ObjPtr = objectDN;
+ utf8ObjSize = strlen(utf8ObjPtr)+1;
+
+ utf8TagPtr = tag;
+ utf8TagSize = strlen(utf8TagPtr)+1;
+
+ /* Allocate a BerElement for the request parameters. */
+ if((requestBer = ber_alloc()) == NULL)
+ {
+ err = LDAP_ENCODING_ERROR;
+ goto Cleanup;
+ }
- char *utf8ObjPtr = NULL;
- int utf8ObjSize = 0;
- char *utf8PwdPtr = NULL;
- int utf8PwdSize = 0;
- char *utf8Pwd2Ptr = NULL;
- int utf8Pwd2Size = 0;
-
-
- utf8ObjSize = strlen(objectDN) + 1;
- utf8ObjPtr = objectDN;
-
- if (password != NULL) {
- utf8PwdSize = strlen(password) + 1;
- utf8PwdPtr = password;
- }
- if (password2 != NULL) {
- utf8Pwd2Size = strlen(password2) + 1;
- utf8Pwd2Ptr = password2;
- }
- /* Allocate a BerElement for the request parameters. */
- if ((requestBer = ber_alloc()) == NULL) {
- err = NMAS_E_FRAG_FAILURE;
- goto Cleanup;
- }
- if (password != NULL && password2 != NULL) {
- /* BER encode the NMAS Version, the objectDN, and the password */
- rc = ber_printf(requestBer, "{iooo}", NMAS_LDAP_EXT_VERSION, utf8ObjPtr, utf8ObjSize, utf8PwdPtr, utf8PwdSize, utf8Pwd2Ptr, utf8Pwd2Size);
- } else if (password != NULL) {
- /* BER encode the NMAS Version, the objectDN, and the password */
- rc = ber_printf(requestBer, "{ioo}", NMAS_LDAP_EXT_VERSION, utf8ObjPtr, utf8ObjSize, utf8PwdPtr, utf8PwdSize);
- } else {
/* BER encode the NMAS Version and the objectDN */
- rc = ber_printf(requestBer, "{io}", NMAS_LDAP_EXT_VERSION, utf8ObjPtr, utf8ObjSize);
- }
+ err = (ber_printf(requestBer, "{io", NMAS_LDAP_EXT_VERSION, utf8ObjPtr, utf8ObjSize) < 0) ? LDAP_ENCODING_ERROR : 0;
- if (rc < 0) {
- err = NMAS_E_FRAG_FAILURE;
- goto Cleanup;
- } else {
- err = 0;
- }
-
- /*
- * Convert the BER we just built to a berval that we'll send with the extended request.
- */
- if (ber_flatten(requestBer, requestBV) == LBER_ERROR) {
- err = NMAS_E_FRAG_FAILURE;
- goto Cleanup;
- }
- Cleanup:
-
- if (requestBer) {
- ber_free(requestBer, 1);
- }
- return err;
-} /* End of berEncodePasswordData */
-
-/* ------------------------------------------------------------------------
- * berDecodeLoginData()
- * ==============================
- * ResponseBer contents:
- * serverVersion INTEGER
- * error INTEGER
- * data OCTET STRING
- *
- * Description:
- * This function takes the reply BER Value and decodes the
- * NMAS server version and return code and if a non null retData
- * buffer was supplied, tries to decode the the return data and length
- *
- * ------------------------------------------------------------------------ */
-int
-berDecodeLoginData(
- struct berval *replyBV,
- int *serverVersion,
- size_t * retDataLen,
- void *retData)
+ /* BER encode the MethodID Length and value */
+ if (!err)
+ {
+ err = (ber_printf(requestBer, "{i{", methodIDLen) < 0) ? LDAP_ENCODING_ERROR : 0;
+ }
+
+ for (i = 0; !err && i < elemCnt; i++)
+ {
+ err = (ber_printf(requestBer, "i", methodID[i]) < 0) ? LDAP_ENCODING_ERROR : 0;
+ }
+
+ if (!err)
+ {
+ err = (ber_printf(requestBer, "}}", 0) < 0) ? LDAP_ENCODING_ERROR : 0;
+ }
+
+ if(putData)
+ {
+ /* BER Encode the the tag and data */
+ err = (ber_printf(requestBer, "oio}", utf8TagPtr, utf8TagSize, putDataLen, putData, putDataLen) < 0) ? LDAP_ENCODING_ERROR : 0;
+ }
+ else
+ {
+ /* BER Encode the the tag */
+ err = (ber_printf(requestBer, "o}", utf8TagPtr, utf8TagSize) < 0) ? LDAP_ENCODING_ERROR : 0;
+ }
+
+ if (err)
+ {
+ goto Cleanup;
+ }
+
+ /* Convert the BER we just built to a berval that we'll send with the extended request. */
+ if(ber_flatten(requestBer, requestBV) == LBER_ERROR)
+ {
+ err = LDAP_ENCODING_ERROR;
+ goto Cleanup;
+ }
+
+Cleanup:
+
+ if(requestBer)
+ {
+ ber_free(requestBer, 1);
+ }
+
+ return err;
+}
+
+/**********************************************************************
+ Takes the reply BER Value and decodes the NMAS server version and
+ return code and if a non null retData buffer was supplied, tries to
+ decode the the return data and length
+**********************************************************************/
+
+static int berDecodeLoginData(
+ struct berval *replyBV,
+ int *serverVersion,
+ size_t *retDataLen,
+ void *retData )
{
- int rc = 0, err = 0;
- BerElement *replyBer = NULL;
- char *retOctStr = NULL;
- size_t retOctStrLen = 0;
-
- if ((replyBer = ber_init(replyBV)) == NULL) {
- err = NMAS_E_SYSTEM_RESOURCES;
- goto Cleanup;
- }
- if (retData) {
- retOctStrLen = *retDataLen + 1;
- retOctStr = (char *) malloc(retOctStrLen);
- if (!retOctStr) {
- err = NMAS_E_SYSTEM_RESOURCES;
- goto Cleanup;
- }
- if ((rc = ber_scanf(replyBer, "{iis}", serverVersion, &err, retOctStr, &retOctStrLen)) != -1) {
- if (*retDataLen >= retOctStrLen) {
- memcpy(retData, retOctStr, retOctStrLen);
- } else if (!err) {
- err = NMAS_E_BUFFER_OVERFLOW;
- }
- *retDataLen = retOctStrLen;
- } else if (!err) {
- err = NMAS_E_FRAG_FAILURE;
- }
- } else {
- if ((rc = ber_scanf(replyBer, "{ii}", serverVersion, &err)) == -1) {
- if (!err) {
- err = NMAS_E_FRAG_FAILURE;
- }
- }
- }
-
- Cleanup:
-
- if (replyBer) {
- ber_free(replyBer, 1);
- }
- if (retOctStr != NULL) {
- memset(retOctStr, 0, retOctStrLen);
- free(retOctStr);
- }
- return err;
-} /* End of berDecodeLoginData */
-
-/* -----------------------------------------------------------------------
- * nmasldap_get_password()
- * ==============================
- *
- * Description:
- * This API attempts to get the universal password
- *
- * ------------------------------------------------------------------------ */
-int
-nmasldap_get_password(
- LDAP * ld,
- char *objectDN,
- size_t * pwdSize, // in bytes
- char *pwd)
+ int err = 0;
+ BerElement *replyBer = NULL;
+ char *retOctStr = NULL;
+ size_t retOctStrLen = 0;
+
+ if((replyBer = ber_init(replyBV)) == NULL)
+ {
+ err = LDAP_OPERATIONS_ERROR;
+ goto Cleanup;
+ }
+
+ if(retData)
+ {
+ retOctStrLen = *retDataLen + 1;
+ retOctStr = SMB_MALLOC_ARRAY(char, retOctStrLen);
+ if(!retOctStr)
+ {
+ err = LDAP_OPERATIONS_ERROR;
+ goto Cleanup;
+ }
+
+ if(ber_scanf(replyBer, "{iis}", serverVersion, &err, retOctStr, &retOctStrLen) != -1)
+ {
+ if (*retDataLen >= retOctStrLen)
+ {
+ memcpy(retData, retOctStr, retOctStrLen);
+ }
+ else if (!err)
+ {
+ err = LDAP_NO_MEMORY;
+ }
+
+ *retDataLen = retOctStrLen;
+ }
+ else if (!err)
+ {
+ err = LDAP_DECODING_ERROR;
+ }
+ }
+ else
+ {
+ if(ber_scanf(replyBer, "{ii}", serverVersion, &err) == -1)
+ {
+ if (!err)
+ {
+ err = LDAP_DECODING_ERROR;
+ }
+ }
+ }
+
+Cleanup:
+
+ if(replyBer)
+ {
+ ber_free(replyBer, 1);
+ }
+
+ if (retOctStr != NULL)
+ {
+ memset(retOctStr, 0, retOctStrLen);
+ free(retOctStr);
+ }
+
+ return err;
+}
+
+/**********************************************************************
+ Retrieves data in the login configuration of the specified object
+ that is tagged with the specified methodID and tag.
+**********************************************************************/
+
+static int getLoginConfig(
+ LDAP *ld,
+ char *objectDN,
+ unsigned int methodIDLen,
+ unsigned int *methodID,
+ char *tag,
+ size_t *dataLen,
+ void *data )
+{
+ int err = 0;
+ struct berval *requestBV = NULL;
+ char *replyOID = NULL;
+ struct berval *replyBV = NULL;
+ int serverVersion = 0;
+
+ /* Validate unicode parameters. */
+ if((strlen(objectDN) == 0) || ld == NULL)
+ {
+ return LDAP_NO_SUCH_ATTRIBUTE;
+ }
+
+ err = berEncodeLoginData(&requestBV, objectDN, methodIDLen, methodID, tag, 0, NULL);
+ if(err)
+ {
+ goto Cleanup;
+ }
+
+ /* Call the ldap_extended_operation (synchronously) */
+ if((err = ldap_extended_operation_s(ld, NMASLDAP_GET_LOGIN_CONFIG_REQUEST,
+ requestBV, NULL, NULL, &replyOID, &replyBV)))
+ {
+ goto Cleanup;
+ }
+
+ /* Make sure there is a return OID */
+ if(!replyOID)
+ {
+ err = LDAP_NOT_SUPPORTED;
+ goto Cleanup;
+ }
+
+ /* Is this what we were expecting to get back. */
+ if(strcmp(replyOID, NMASLDAP_GET_LOGIN_CONFIG_RESPONSE))
+ {
+ err = LDAP_NOT_SUPPORTED;
+ goto Cleanup;
+ }
+
+ /* Do we have a good returned berval? */
+ if(!replyBV)
+ {
+ /* No; returned berval means we experienced a rather drastic error. */
+ /* Return operations error. */
+ err = LDAP_OPERATIONS_ERROR;
+ goto Cleanup;
+ }
+
+ err = berDecodeLoginData(replyBV, &serverVersion, dataLen, data);
+
+ if(serverVersion != NMAS_LDAP_EXT_VERSION)
+ {
+ err = LDAP_OPERATIONS_ERROR;
+ goto Cleanup;
+ }
+
+Cleanup:
+
+ if(replyBV)
+ {
+ ber_bvfree(replyBV);
+ }
+
+ /* Free the return OID string if one was returned. */
+ if(replyOID)
+ {
+ ldap_memfree(replyOID);
+ }
+
+ /* Free memory allocated while building the request ber and berval. */
+ if(requestBV)
+ {
+ ber_bvfree(requestBV);
+ }
+
+ /* Return the appropriate error/success code. */
+ return err;
+}
+
+/**********************************************************************
+ Attempts to get the Simple Password
+**********************************************************************/
+
+static int nmasldap_get_simple_pwd(
+ LDAP *ld,
+ char *objectDN,
+ size_t pwdLen,
+ char *pwd )
{
- int err = 0;
+ int err = 0;
+ unsigned int methodID = 0;
+ unsigned int methodIDLen = sizeof(methodID);
+ char tag[] = {'P','A','S','S','W','O','R','D',' ','H','A','S','H',0};
+ char *pwdBuf=NULL;
+ size_t pwdBufLen, bufferLen;
+
+ bufferLen = pwdBufLen = pwdLen+2;
+ pwdBuf = SMB_MALLOC_ARRAY(char, pwdBufLen); /* digest and null */
+ if(pwdBuf == NULL)
+ {
+ return LDAP_NO_MEMORY;
+ }
- struct berval *requestBV = NULL;
- char *replyOID = NULL;
- struct berval *replyBV = NULL;
- int serverVersion;
- char *pwdBuf;
- size_t pwdBufLen, bufferLen;
+ err = getLoginConfig(ld, objectDN, methodIDLen, &methodID, tag, &pwdBufLen, pwdBuf);
+ if (err == 0)
+ {
+ if (pwdBufLen !=0)
+ {
+ pwdBuf[pwdBufLen] = 0; /* null terminate */
+
+ switch (pwdBuf[0])
+ {
+ case 1: /* cleartext password */
+ break;
+ case 2: /* SHA1 HASH */
+ case 3: /* MD5_ID */
+ case 4: /* UNIXCrypt_ID */
+ case 8: /* SSHA_ID */
+ default: /* Unknown digest */
+ err = LDAP_INAPPROPRIATE_AUTH; /* only return clear text */
+ break;
+ }
+
+ if (!err)
+ {
+ if (pwdLen >= pwdBufLen-1)
+ {
+ memcpy(pwd, &pwdBuf[1], pwdBufLen-1); /* skip digest tag and include null */
+ }
+ else
+ {
+ err = LDAP_NO_MEMORY;
+ }
+ }
+ }
+ }
-#ifdef NOT_N_PLAT_NLM
- int currentThreadGroupID;
-#endif
+ if (pwdBuf != NULL)
+ {
+ memset(pwdBuf, 0, bufferLen);
+ free(pwdBuf);
+ }
- /* Validate char parameters. */
- if (objectDN == NULL || (strlen(objectDN) == 0) || pwdSize == NULL || ld == NULL) {
- return NMAS_E_INVALID_PARAMETER;
- }
- bufferLen = pwdBufLen = *pwdSize;
- pwdBuf = (char *) malloc(pwdBufLen + 2);
- if (pwdBuf == NULL) {
- return NMAS_E_INSUFFICIENT_MEMORY;
- }
-#ifdef NOT_N_PLAT_NLM
- currentThreadGroupID = SetThreadGroupID(nmasLDAPThreadGroupID);
-#endif
+ return err;
+}
- err = berEncodePasswordData(&requestBV, objectDN, NULL, NULL);
- if (err) {
- goto Cleanup;
- }
- /* Call the ldap_extended_operation (synchronously) */
- if ((err = ldap_extended_operation_s(ld, NMASLDAP_GET_PASSWORD_REQUEST, requestBV, NULL, NULL, &replyOID, &replyBV))) {
- goto Cleanup;
- }
- /* Make sure there is a return OID */
- if (!replyOID) {
- err = NMAS_E_NOT_SUPPORTED;
- goto Cleanup;
- }
- /* Is this what we were expecting to get back. */
- if (strcmp(replyOID, NMASLDAP_GET_PASSWORD_RESPONSE)) {
- err = NMAS_E_NOT_SUPPORTED;
- goto Cleanup;
- }
- /* Do we have a good returned berval? */
- if (!replyBV) {
- /*
- * No; returned berval means we experienced a rather drastic error.
- * Return operations error.
- */
- err = NMAS_E_SYSTEM_RESOURCES;
- goto Cleanup;
- }
- err = berDecodeLoginData(replyBV, &serverVersion, &pwdBufLen, pwdBuf);
-
- if (serverVersion != NMAS_LDAP_EXT_VERSION) {
- err = NMAS_E_INVALID_VERSION;
- goto Cleanup;
- }
- if (!err && pwdBufLen != 0) {
- if (*pwdSize >= pwdBufLen + 1 && pwd != NULL) {
- memcpy(pwd, pwdBuf, pwdBufLen);
- pwd[pwdBufLen] = 0; /* add null termination */
- }
- *pwdSize = pwdBufLen; /* does not include null termination */
- }
- Cleanup:
-
- if (replyBV) {
- ber_bvfree(replyBV);
- }
- /* Free the return OID string if one was returned. */
- if (replyOID) {
- ldap_memfree(replyOID);
- }
- /* Free memory allocated while building the request ber and berval. */
- if (requestBV) {
- ber_bvfree(requestBV);
- }
- if (pwdBuf != NULL) {
- memset(pwdBuf, 0, bufferLen);
- free(pwdBuf);
- }
-#ifdef NOT_N_PLAT_NLM
- SetThreadGroupID(currentThreadGroupID);
-#endif
- /* Return the appropriate error/success code. */
- return err;
-} /* end of nmasldap_get_password */
+/**********************************************************************
+ Attempts to get the Universal Password
+**********************************************************************/
+
+static int nmasldap_get_password(
+ LDAP *ld,
+ char *objectDN,
+ size_t *pwdSize, /* in bytes */
+ unsigned char *pwd )
+{
+ int err = 0;
+
+ struct berval *requestBV = NULL;
+ char *replyOID = NULL;
+ struct berval *replyBV = NULL;
+ int serverVersion;
+ char *pwdBuf;
+ size_t pwdBufLen, bufferLen;
+
+ /* Validate char parameters. */
+ if(objectDN == NULL || (strlen(objectDN) == 0) || pwdSize == NULL || ld == NULL)
+ {
+ return LDAP_NO_SUCH_ATTRIBUTE;
+ }
+
+ bufferLen = pwdBufLen = *pwdSize;
+ pwdBuf = SMB_MALLOC_ARRAY(char, pwdBufLen+2);
+ if(pwdBuf == NULL)
+ {
+ return LDAP_NO_MEMORY;
+ }
+
+ err = berEncodePasswordData(&requestBV, objectDN, NULL, NULL);
+ if(err)
+ {
+ goto Cleanup;
+ }
+
+ /* Call the ldap_extended_operation (synchronously) */
+ if((err = ldap_extended_operation_s(ld, NMASLDAP_GET_PASSWORD_REQUEST, requestBV, NULL, NULL, &replyOID, &replyBV)))
+ {
+ goto Cleanup;
+ }
+
+ /* Make sure there is a return OID */
+ if(!replyOID)
+ {
+ err = LDAP_NOT_SUPPORTED;
+ goto Cleanup;
+ }
+
+ /* Is this what we were expecting to get back. */
+ if(strcmp(replyOID, NMASLDAP_GET_PASSWORD_RESPONSE))
+ {
+ err = LDAP_NOT_SUPPORTED;
+ goto Cleanup;
+ }
+
+ /* Do we have a good returned berval? */
+ if(!replyBV)
+ {
+ /* No; returned berval means we experienced a rather drastic error. */
+ /* Return operations error. */
+ err = LDAP_OPERATIONS_ERROR;
+ goto Cleanup;
+ }
+
+ err = berDecodeLoginData(replyBV, &serverVersion, &pwdBufLen, pwdBuf);
+
+ if(serverVersion != NMAS_LDAP_EXT_VERSION)
+ {
+ err = LDAP_OPERATIONS_ERROR;
+ goto Cleanup;
+ }
+
+ if (!err && pwdBufLen != 0)
+ {
+ if (*pwdSize >= pwdBufLen+1 && pwd != NULL)
+ {
+ memcpy(pwd, pwdBuf, pwdBufLen);
+ pwd[pwdBufLen] = 0; /* add null termination */
+ }
+ *pwdSize = pwdBufLen; /* does not include null termination */
+ }
+
+Cleanup:
+
+ if(replyBV)
+ {
+ ber_bvfree(replyBV);
+ }
+
+ /* Free the return OID string if one was returned. */
+ if(replyOID)
+ {
+ ldap_memfree(replyOID);
+ }
+
+ /* Free memory allocated while building the request ber and berval. */
+ if(requestBV)
+ {
+ ber_bvfree(requestBV);
+ }
+
+ if (pwdBuf != NULL)
+ {
+ memset(pwdBuf, 0, bufferLen);
+ free(pwdBuf);
+ }
+
+ /* Return the appropriate error/success code. */
+ return err;
+}
+
+/**********************************************************************
+ Get the user's password from NDS.
+ *********************************************************************/
+
+int nds_get_password(
+ LDAP *ld,
+ char *object_dn,
+ size_t *pwd_len,
+ char *pwd )
+{
+ int rc = -1;
+
+ rc = nmasldap_get_password(ld, object_dn, pwd_len, (unsigned char *)pwd);
+ if (rc == LDAP_SUCCESS) {
+#ifdef DEBUG_PASSWORD
+ DEBUG(100,("nmasldap_get_password returned %s for %s\n", pwd, object_dn));
+#endif
+ DEBUG(5, ("NDS Universal Password retrieved for %s\n", object_dn));
+ } else {
+ DEBUG(3, ("NDS Universal Password NOT retrieved for %s\n", object_dn));
+ }
+
+ if (rc != LDAP_SUCCESS) {
+ rc = nmasldap_get_simple_pwd(ld, object_dn, *pwd_len, pwd);
+ if (rc == LDAP_SUCCESS) {
+#ifdef DEBUG_PASSWORD
+ DEBUG(100,("nmasldap_get_simple_pwd returned %s for %s\n", pwd, object_dn));
+#endif
+ DEBUG(5, ("NDS Simple Password retrieved for %s\n", object_dn));
+ } else {
+ /* We couldn't get the password */
+ DEBUG(3, ("NDS Simple Password NOT retrieved for %s\n", object_dn));
+ return LDAP_INVALID_CREDENTIALS;
+ }
+ }
+
+ /* We got the password */
+ return LDAP_SUCCESS;
+}
+
diff -r -u ./squid-3.0.STABLE1/helpers/digest_auth/eDirectory/edir_ldapext.h ./squid-3.0.STABLE2/helpers/digest_auth/eDirectory/edir_ldapext.h
--- ./squid-3.0.STABLE1/helpers/digest_auth/eDirectory/edir_ldapext.h 2007-08-13 20:56:36.000000000 +1200
+++ ./squid-3.0.STABLE2/helpers/digest_auth/eDirectory/edir_ldapext.h 2008-02-25 00:32:43.000000000 +1300
@@ -1,14 +1 @@
-/*
- * edir_ldapext.h
- *
- * AUTHOR: Guy Antony Halse
- *
- * stubs for FreeRadius's edir_ldapext.h
- *
- */
-#define UNIVERSAL_PASS_LEN 256
-#define NMAS_SUCCESS 0
-
-extern int berEncodePasswordData(struct berval **requestBV, char *objectDN, char *password, char *password2);
-extern int berDecodeLoginData(struct berval *replyBV, int *serverVersion, size_t * retDataLen, void *retData);
-extern int nmasldap_get_password(LDAP * ld, char *objectDN, size_t * pwdSize, char *pwd);
+int nds_get_password(LDAP *ld, char *object_dn, size_t * pwd_len, char *pwd);
diff -r -u ./squid-3.0.STABLE1/helpers/digest_auth/eDirectory/ldap_backend.c ./squid-3.0.STABLE2/helpers/digest_auth/eDirectory/ldap_backend.c
--- ./squid-3.0.STABLE1/helpers/digest_auth/eDirectory/ldap_backend.c 2007-08-13 20:56:36.000000000 +1200
+++ ./squid-3.0.STABLE2/helpers/digest_auth/eDirectory/ldap_backend.c 2008-02-25 00:32:43.000000000 +1300
@@ -198,7 +198,7 @@
char filter[8192];
char searchbase[8192];
char *universal_password = NULL;
- size_t universal_password_len = UNIVERSAL_PASS_LEN;
+ size_t universal_password_len = 256;
int nmas_res = 0;
int rc = -1;
if (ld) {
@@ -262,8 +262,8 @@
values = malloc(sizeof(char *));
/* actually talk to NMAS to get a password */
- nmas_res = nmasldap_get_password(ld, ldap_get_dn(ld, entry), &universal_password_len, universal_password);
- if (nmas_res == NMAS_SUCCESS && universal_password) {
+ nmas_res = nds_get_password(ld, ldap_get_dn(ld, entry), &universal_password_len, universal_password);
+ if (nmas_res == LDAP_SUCCESS && universal_password) {
if (debug)
printf("NMAS returned value %s\n", universal_password);
values[0] = universal_password;
diff -r -u ./squid-3.0.STABLE1/helpers/digest_auth/eDirectory/Makefile.in ./squid-3.0.STABLE2/helpers/digest_auth/eDirectory/Makefile.in
--- ./squid-3.0.STABLE1/helpers/digest_auth/eDirectory/Makefile.in 2007-12-05 14:11:01.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/digest_auth/eDirectory/Makefile.in 2008-03-05 01:31:24.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.17 2007/12/05 01:11:01 hno Exp $
+# $Id: Makefile.in,v 1.17.2.1 2008/03/04 12:31:24 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
diff -r -u ./squid-3.0.STABLE1/helpers/digest_auth/ldap/Makefile.in ./squid-3.0.STABLE2/helpers/digest_auth/ldap/Makefile.in
--- ./squid-3.0.STABLE1/helpers/digest_auth/ldap/Makefile.in 2007-12-05 14:11:04.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/digest_auth/ldap/Makefile.in 2008-03-05 01:31:25.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.36 2007/12/05 01:11:04 hno Exp $
+# $Id: Makefile.in,v 1.36.2.1 2008/03/04 12:31:25 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
diff -r -u ./squid-3.0.STABLE1/helpers/digest_auth/Makefile.in ./squid-3.0.STABLE2/helpers/digest_auth/Makefile.in
--- ./squid-3.0.STABLE1/helpers/digest_auth/Makefile.in 2007-12-05 14:11:00.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/digest_auth/Makefile.in 2008-03-05 01:31:24.000000000 +1300
@@ -16,7 +16,7 @@
# Makefile for digest auth helpers in the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.91 2007/12/05 01:11:00 hno Exp $
+# $Id: Makefile.in,v 1.91.2.1 2008/03/04 12:31:24 amosjeffries Exp $
#
srcdir = @srcdir@
top_srcdir = @top_srcdir@
diff -r -u ./squid-3.0.STABLE1/helpers/digest_auth/password/Makefile.in ./squid-3.0.STABLE2/helpers/digest_auth/password/Makefile.in
--- ./squid-3.0.STABLE1/helpers/digest_auth/password/Makefile.in 2007-12-05 14:11:04.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/digest_auth/password/Makefile.in 2008-03-05 01:31:25.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.95 2007/12/05 01:11:04 hno Exp $
+# $Id: Makefile.in,v 1.95.2.1 2008/03/04 12:31:25 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
diff -r -u ./squid-3.0.STABLE1/helpers/external_acl/ip_user/Makefile.in ./squid-3.0.STABLE2/helpers/external_acl/ip_user/Makefile.in
--- ./squid-3.0.STABLE1/helpers/external_acl/ip_user/Makefile.in 2007-12-05 14:11:06.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/external_acl/ip_user/Makefile.in 2008-03-05 01:31:26.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the ip_user external_acl helper by Rodrigo Campos
#
-# $Id: Makefile.in,v 1.80 2007/12/05 01:11:06 hno Exp $
+# $Id: Makefile.in,v 1.80.2.1 2008/03/04 12:31:26 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
diff -r -u ./squid-3.0.STABLE1/helpers/external_acl/ldap_group/Makefile.in ./squid-3.0.STABLE2/helpers/external_acl/ldap_group/Makefile.in
--- ./squid-3.0.STABLE1/helpers/external_acl/ldap_group/Makefile.in 2007-12-05 14:11:08.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/external_acl/ldap_group/Makefile.in 2008-03-05 01:31:27.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid LDAP authentication helper
#
-# $Id: Makefile.in,v 1.82 2007/12/05 01:11:08 hno Exp $
+# $Id: Makefile.in,v 1.82.2.1 2008/03/04 12:31:27 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
diff -r -u ./squid-3.0.STABLE1/helpers/external_acl/ldap_group/squid_ldap_group.8 ./squid-3.0.STABLE2/helpers/external_acl/ldap_group/squid_ldap_group.8
--- ./squid-3.0.STABLE1/helpers/external_acl/ldap_group/squid_ldap_group.8 2005-03-23 11:12:30.000000000 +1200
+++ ./squid-3.0.STABLE2/helpers/external_acl/ldap_group/squid_ldap_group.8 2008-02-20 09:14:49.000000000 +1300
@@ -152,6 +152,10 @@
Strip NT domain name component from user names (/ or \\ separated)
.
.TP
+.BI -K
+Strip Kerberos Realm component from user names (@ separated)
+.
+.TP
.BI -d
Debug mode where each step taken will get reported in detail.
Useful for understanding what goes wrong if the results is
diff -r -u ./squid-3.0.STABLE1/helpers/external_acl/ldap_group/squid_ldap_group.c ./squid-3.0.STABLE2/helpers/external_acl/ldap_group/squid_ldap_group.c
--- ./squid-3.0.STABLE1/helpers/external_acl/ldap_group/squid_ldap_group.c 2007-07-19 15:36:12.000000000 +1200
+++ ./squid-3.0.STABLE2/helpers/external_acl/ldap_group/squid_ldap_group.c 2008-02-20 09:14:49.000000000 +1300
@@ -42,7 +42,7 @@
#include
#include
-#ifdef _SQUID_MSWIN_ /* Native Windows port and MinGW */
+#ifdef _SQUID_MSWIN_ /* Native Windows port and MinGW */
#define snprintf _snprintf
#include
@@ -55,15 +55,15 @@
#define LDAP_OPT_X_TLS 0x6000
#endif
/* Some tricks to allow dynamic bind with ldap_start_tls_s entry point at
- run time.
+ * run time.
*/
#undef ldap_start_tls_s
#if LDAP_UNICODE
#define LDAP_START_TLS_S "ldap_start_tls_sW"
-typedef WINLDAPAPI ULONG (LDAPAPI * PFldap_start_tls_s) (IN PLDAP, OUT PULONG, OUT LDAPMessage **, IN PLDAPControlW *, IN PLDAPControlW *);
+typedef WINLDAPAPI ULONG(LDAPAPI * PFldap_start_tls_s) (IN PLDAP, OUT PULONG, OUT LDAPMessage **, IN PLDAPControlW *, IN PLDAPControlW *);
#else
#define LDAP_START_TLS_S "ldap_start_tls_sA"
-typedef WINLDAPAPI ULONG (LDAPAPI * PFldap_start_tls_s) (IN PLDAP, OUT PULONG, OUT LDAPMessage **, IN PLDAPControlA *, IN PLDAPControlA *);
+typedef WINLDAPAPI ULONG(LDAPAPI * PFldap_start_tls_s) (IN PLDAP, OUT PULONG, OUT LDAPMessage **, IN PLDAPControlA *, IN PLDAPControlA *);
#endif /* LDAP_UNICODE */
PFldap_start_tls_s Win32_ldap_start_tls_s;
#define ldap_start_tls_s(l,s,c) Win32_ldap_start_tls_s(l,NULL,NULL,s,c)
@@ -121,31 +121,31 @@
#endif
#if defined(LDAP_API_VERSION) && LDAP_API_VERSION > 1823
-static int
+static int
squid_ldap_errno(LDAP * ld)
{
int err = 0;
ldap_get_option(ld, LDAP_OPT_ERROR_NUMBER, &err);
return err;
}
-static void
+static void
squid_ldap_set_aliasderef(LDAP * ld, int deref)
{
ldap_set_option(ld, LDAP_OPT_DEREF, &deref);
}
-static void
+static void
squid_ldap_set_referrals(LDAP * ld, int referrals)
{
int *value = referrals ? LDAP_OPT_ON : LDAP_OPT_OFF;
ldap_set_option(ld, LDAP_OPT_REFERRALS, value);
}
static void
-squid_ldap_set_timelimit(LDAP *ld, int timelimit)
+squid_ldap_set_timelimit(LDAP * ld, int timelimit)
{
ldap_set_option(ld, LDAP_OPT_TIMELIMIT, &timelimit);
}
static void
-squid_ldap_set_connect_timeout(LDAP *ld, int timelimit)
+squid_ldap_set_connect_timeout(LDAP * ld, int timelimit)
{
#if defined(LDAP_OPT_NETWORK_TIMEOUT)
struct timeval tv;
@@ -157,23 +157,24 @@
ldap_set_option(ld, LDAP_X_OPT_CONNECT_TIMEOUT, &timelimit);
#endif
}
-static void
+static void
squid_ldap_memfree(char *p)
{
ldap_memfree(p);
}
+
#else
-static int
+static int
squid_ldap_errno(LDAP * ld)
{
return ld->ld_errno;
}
-static void
+static void
squid_ldap_set_aliasderef(LDAP * ld, int deref)
{
ld->ld_deref = deref;
}
-static void
+static void
squid_ldap_set_referrals(LDAP * ld, int referrals)
{
if (referrals)
@@ -182,26 +183,27 @@
ld->ld_options &= ~LDAP_OPT_REFERRALS;
}
static void
-squid_ldap_set_timelimit(LDAP *ld, int timelimit)
+squid_ldap_set_timelimit(LDAP * ld, int timelimit)
{
ld->ld_timelimit = timelimit;
}
static void
-squid_ldap_set_connect_timeout(LDAP *ld, int timelimit)
+squid_ldap_set_connect_timeout(LDAP * ld, int timelimit)
{
fprintf(stderr, "Connect timeouts not supported in your LDAP library\n");
}
-static void
+static void
squid_ldap_memfree(char *p)
{
free(p);
}
+
#endif
#ifdef LDAP_API_FEATURE_X_OPENLDAP
- #if LDAP_VENDOR_VERSION > 194
- #define HAS_URI_SUPPORT 1
- #endif
+#if LDAP_VENDOR_VERSION > 194
+#define HAS_URI_SUPPORT 1
+#endif
#endif
int
@@ -215,6 +217,7 @@
int port = LDAP_PORT;
int use_extension_dn = 0;
int strip_nt_domain = 0;
+ int strip_kerberos_realm = 0;
int err = 0;
setbuf(stdout, NULL);
@@ -326,7 +329,7 @@
bindpasswd = value;
break;
case 'W':
- readSecret (value);
+ readSecret(value);
break;
case 'P':
persistent = !persistent;
@@ -370,6 +373,9 @@
case 'S':
strip_nt_domain = 1;
break;
+ case 'K':
+ strip_kerberos_realm = 1;
+ break;
default:
fprintf(stderr, PROGRAM_NAME " ERROR: Unknown command line option '%c'\n", option);
exit(1);
@@ -392,7 +398,7 @@
}
if (!ldapServer)
- ldapServer = (char *)"localhost";
+ ldapServer = (char *) "localhost";
if (!basedn || !searchfilter) {
fprintf(stderr, "\n" PROGRAM_NAME " version " PROGRAM_VERSION "\n\n");
@@ -424,24 +430,24 @@
#endif
fprintf(stderr, "\t-g\t\t\tfirst query parameter is base DN extension\n\t\t\t\tfor this query\n");
fprintf(stderr, "\t-S\t\t\tStrip NT domain from usernames\n");
+ fprintf(stderr, "\t-K\t\t\tStrip Kerberos realm from usernames\n");
fprintf(stderr, "\n");
fprintf(stderr, "\tIf you need to bind as a user to perform searches then use the\n\t-D binddn -w bindpasswd or -D binddn -W secretfile options\n\n");
exit(1);
}
-
/* On Windows ldap_start_tls_s is available starting from Windows XP,
- so we need to bind at run-time with the function entry point
+ * so we need to bind at run-time with the function entry point
*/
#ifdef _SQUID_MSWIN_
if (use_tls) {
- HMODULE WLDAP32Handle;
+ HMODULE WLDAP32Handle;
WLDAP32Handle = GetModuleHandle("wldap32");
- if ((Win32_ldap_start_tls_s = (PFldap_start_tls_s) GetProcAddress(WLDAP32Handle, LDAP_START_TLS_S)) == NULL) {
- fprintf( stderr, PROGRAM_NAME ": ERROR: TLS (-Z) not supported on this platform.\n");
+ if ((Win32_ldap_start_tls_s = (PFldap_start_tls_s) GetProcAddress(WLDAP32Handle, LDAP_START_TLS_S)) == NULL) {
+ fprintf(stderr, PROGRAM_NAME ": ERROR: TLS (-Z) not supported on this platform.\n");
exit(1);
- }
+ }
}
#endif
@@ -470,6 +476,12 @@
if (u && u[1])
user = u + 1;
}
+ if (strip_kerberos_realm) {
+ char *u = strchr(user, '@');
+ if (u != NULL) {
+ *u = '\0';
+ }
+ }
if (use_extension_dn) {
extension_dn = strtok(NULL, " \n");
if (!extension_dn) {
@@ -478,42 +490,40 @@
}
rfc1738_unescape(extension_dn);
}
-
while (!found && user && (group = strtok(NULL, " \n")) != NULL) {
rfc1738_unescape(group);
recover:
if (ld == NULL) {
#if HAS_URI_SUPPORT
- if (strstr(ldapServer, "://") != NULL) {
- rc = ldap_initialize( &ld, ldapServer );
- if( rc != LDAP_SUCCESS ) {
+ if (strstr(ldapServer, "://") != NULL) {
+ rc = ldap_initialize(&ld, ldapServer);
+ if (rc != LDAP_SUCCESS) {
fprintf(stderr, "\nUnable to connect to LDAPURI:%s\n", ldapServer);
break;
}
- } else
+ } else
#endif
#if NETSCAPE_SSL
if (sslpath) {
- if ( !sslinit && (ldapssl_client_init(sslpath, NULL) != LDAP_SUCCESS)) {
+ if (!sslinit && (ldapssl_client_init(sslpath, NULL) != LDAP_SUCCESS)) {
fprintf(stderr, "\nUnable to initialise SSL with cert path %s\n",
- sslpath);
+ sslpath);
exit(1);
} else {
sslinit++;
}
if ((ld = ldapssl_init(ldapServer, port, 1)) == NULL) {
fprintf(stderr, "\nUnable to connect to SSL LDAP server: %s port:%d\n",
- ldapServer, port);
+ ldapServer, port);
exit(1);
}
} else
#endif
if ((ld = ldap_init(ldapServer, port)) == NULL) {
- fprintf(stderr, "\nUnable to connect to LDAP server:%s port:%d\n",ldapServer, port);
+ fprintf(stderr, "\nUnable to connect to LDAP server:%s port:%d\n", ldapServer, port);
break;
}
-
if (connect_timeout)
squid_ldap_set_connect_timeout(ld, connect_timeout);
@@ -575,9 +585,9 @@
if (found)
printf("OK\n");
else {
-error:
+ error:
printf("ERR\n");
-}
+ }
if (ld != NULL) {
if (!persistent || (squid_ldap_errno(ld) != LDAP_SUCCESS && squid_ldap_errno(ld) != LDAP_INVALID_CREDENTIALS)) {
@@ -599,7 +609,7 @@
{
int n = 0;
while (size > 4 && *src) {
- switch(*src) {
+ switch (*src) {
case '*':
case '(':
case ')':
@@ -608,8 +618,8 @@
size -= 3;
if (size > 0) {
*escaped++ = '\\';
- snprintf(escaped, 3, "%02x", (unsigned char)*src++);
- escaped+=2;
+ snprintf(escaped, 3, "%02x", (unsigned char) *src++);
+ escaped += 2;
}
break;
default:
@@ -626,8 +636,8 @@
build_filter(char *filter, int size, const char *template, const char *user, const char *group)
{
int n;
- while(*template && size > 0) {
- switch(*template) {
+ while (*template && size > 0) {
+ switch (*template) {
case '%':
template++;
switch (*template) {
@@ -680,7 +690,8 @@
LDAPMessage *res = NULL;
LDAPMessage *entry;
int rc;
- char *searchattr[] = {(char *)LDAP_NO_ATTRS, NULL};
+ char *searchattr[] =
+ {(char *) LDAP_NO_ATTRS, NULL};
if (extension_dn && *extension_dn)
snprintf(searchbase, sizeof(searchbase), "%s,%s", extension_dn, basedn);
@@ -691,7 +702,6 @@
fprintf(stderr, PROGRAM_NAME " ERROR, Failed to construct LDAP search filter. filter=\"%s\", user=\"%s\", group=\"%s\"\n", filter, member, group);
return 1;
}
-
if (debug)
fprintf(stderr, "group filter '%s', searchbase '%s'\n", filter, searchbase);
@@ -723,7 +733,7 @@
}
static int
-searchLDAP(LDAP *ld, char *group, char *login, char *extension_dn)
+searchLDAP(LDAP * ld, char *group, char *login, char *extension_dn)
{
if (usersearchfilter) {
@@ -734,7 +744,8 @@
LDAPMessage *entry;
int rc;
char *userdn;
- char *searchattr[] = {(char *)LDAP_NO_ATTRS, NULL};
+ char *searchattr[] =
+ {(char *) LDAP_NO_ATTRS, NULL};
if (extension_dn && *extension_dn)
snprintf(searchbase, sizeof(searchbase), "%s,%s", extension_dn, userbasedn ? userbasedn : basedn);
else
@@ -785,33 +796,33 @@
}
-int readSecret(const char *filename)
+int
+readSecret(const char *filename)
{
- char buf[BUFSIZ];
- char *e=0;
- FILE *f;
-
- if(!(f=fopen(filename, "r"))) {
- fprintf(stderr, PROGRAM_NAME " ERROR: Can not read secret file %s\n", filename);
- return 1;
- }
+ char buf[BUFSIZ];
+ char *e = 0;
+ FILE *f;
- if( !fgets(buf, sizeof(buf)-1, f)) {
- fprintf(stderr, PROGRAM_NAME " ERROR: Secret file %s is empty\n", filename);
+ if (!(f = fopen(filename, "r"))) {
+ fprintf(stderr, PROGRAM_NAME " ERROR: Can not read secret file %s\n", filename);
+ return 1;
+ }
+ if (!fgets(buf, sizeof(buf) - 1, f)) {
+ fprintf(stderr, PROGRAM_NAME " ERROR: Secret file %s is empty\n", filename);
+ fclose(f);
+ return 1;
+ }
+ /* strip whitespaces on end */
+ if ((e = strrchr(buf, '\n')))
+ *e = 0;
+ if ((e = strrchr(buf, '\r')))
+ *e = 0;
+
+ bindpasswd = strdup(buf);
+ if (!bindpasswd) {
+ fprintf(stderr, PROGRAM_NAME " ERROR: can not allocate memory\n");
+ }
fclose(f);
- return 1;
- }
- /* strip whitespaces on end */
- if((e = strrchr(buf, '\n'))) *e = 0;
- if((e = strrchr(buf, '\r'))) *e = 0;
-
- bindpasswd = strdup(buf);
- if (!bindpasswd) {
- fprintf(stderr, PROGRAM_NAME " ERROR: can not allocate memory\n");
- }
-
- fclose(f);
-
- return 0;
+ return 0;
}
diff -r -u ./squid-3.0.STABLE1/helpers/external_acl/Makefile.in ./squid-3.0.STABLE2/helpers/external_acl/Makefile.in
--- ./squid-3.0.STABLE1/helpers/external_acl/Makefile.in 2007-12-05 14:11:06.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/external_acl/Makefile.in 2008-03-05 01:31:25.000000000 +1300
@@ -16,7 +16,7 @@
# Makefile for storage modules in the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.81 2007/12/05 01:11:06 hno Exp $
+# $Id: Makefile.in,v 1.81.2.1 2008/03/04 12:31:25 amosjeffries Exp $
#
srcdir = @srcdir@
top_srcdir = @top_srcdir@
diff -r -u ./squid-3.0.STABLE1/helpers/external_acl/mswin_lm_group/Makefile.in ./squid-3.0.STABLE2/helpers/external_acl/mswin_lm_group/Makefile.in
--- ./squid-3.0.STABLE1/helpers/external_acl/mswin_lm_group/Makefile.in 2007-12-05 14:11:08.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/external_acl/mswin_lm_group/Makefile.in 2008-03-05 01:31:27.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.36 2007/12/05 01:11:08 hno Exp $
+# $Id: Makefile.in,v 1.36.2.1 2008/03/04 12:31:27 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
diff -r -u ./squid-3.0.STABLE1/helpers/external_acl/session/Makefile.in ./squid-3.0.STABLE2/helpers/external_acl/session/Makefile.in
--- ./squid-3.0.STABLE1/helpers/external_acl/session/Makefile.in 2007-12-05 14:11:09.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/external_acl/session/Makefile.in 2008-03-05 01:31:27.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid LDAP authentication helper
#
-# $Id: Makefile.in,v 1.33 2007/12/05 01:11:09 hno Exp $
+# $Id: Makefile.in,v 1.33.2.1 2008/03/04 12:31:27 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
diff -r -u ./squid-3.0.STABLE1/helpers/external_acl/unix_group/Makefile.in ./squid-3.0.STABLE2/helpers/external_acl/unix_group/Makefile.in
--- ./squid-3.0.STABLE1/helpers/external_acl/unix_group/Makefile.in 2007-12-05 14:11:10.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/external_acl/unix_group/Makefile.in 2008-03-05 01:31:29.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid LDAP authentication helper
#
-# $Id: Makefile.in,v 1.80 2007/12/05 01:11:10 hno Exp $
+# $Id: Makefile.in,v 1.80.2.1 2008/03/04 12:31:29 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
diff -r -u ./squid-3.0.STABLE1/helpers/external_acl/wbinfo_group/Makefile.in ./squid-3.0.STABLE2/helpers/external_acl/wbinfo_group/Makefile.in
--- ./squid-3.0.STABLE1/helpers/external_acl/wbinfo_group/Makefile.in 2007-12-05 14:11:11.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/external_acl/wbinfo_group/Makefile.in 2008-03-05 01:31:29.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid LDAP authentication helper
#
-# $Id: Makefile.in,v 1.78 2007/12/05 01:11:11 hno Exp $
+# $Id: Makefile.in,v 1.78.2.1 2008/03/04 12:31:29 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
diff -r -u ./squid-3.0.STABLE1/helpers/negotiate_auth/Makefile.in ./squid-3.0.STABLE2/helpers/negotiate_auth/Makefile.in
--- ./squid-3.0.STABLE1/helpers/negotiate_auth/Makefile.in 2007-12-05 14:11:11.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/negotiate_auth/Makefile.in 2008-03-05 01:31:30.000000000 +1300
@@ -16,7 +16,7 @@
# Makefile for negotiate authentication helpers in the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.36 2007/12/05 01:11:11 hno Exp $
+# $Id: Makefile.in,v 1.36.2.1 2008/03/04 12:31:30 amosjeffries Exp $
#
srcdir = @srcdir@
top_srcdir = @top_srcdir@
diff -r -u ./squid-3.0.STABLE1/helpers/negotiate_auth/mswin_sspi/Makefile.in ./squid-3.0.STABLE2/helpers/negotiate_auth/mswin_sspi/Makefile.in
--- ./squid-3.0.STABLE1/helpers/negotiate_auth/mswin_sspi/Makefile.in 2007-12-05 14:11:12.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/negotiate_auth/mswin_sspi/Makefile.in 2008-03-05 01:31:30.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.35 2007/12/05 01:11:12 hno Exp $
+# $Id: Makefile.in,v 1.35.2.1 2008/03/04 12:31:30 amosjeffries Exp $
#
srcdir = @srcdir@
diff -r -u ./squid-3.0.STABLE1/helpers/negotiate_auth/squid_kerb_auth/Makefile.in ./squid-3.0.STABLE2/helpers/negotiate_auth/squid_kerb_auth/Makefile.in
--- ./squid-3.0.STABLE1/helpers/negotiate_auth/squid_kerb_auth/Makefile.in 2007-12-05 14:11:12.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/negotiate_auth/squid_kerb_auth/Makefile.in 2008-03-05 01:31:30.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.18 2007/12/05 01:11:12 hno Exp $
+# $Id: Makefile.in,v 1.18.2.1 2008/03/04 12:31:30 amosjeffries Exp $
#
srcdir = @srcdir@
diff -r -u ./squid-3.0.STABLE1/helpers/negotiate_auth/squid_kerb_auth/squid_kerb_auth.c ./squid-3.0.STABLE2/helpers/negotiate_auth/squid_kerb_auth/squid_kerb_auth.c
--- ./squid-3.0.STABLE1/helpers/negotiate_auth/squid_kerb_auth/squid_kerb_auth.c 2007-06-25 10:34:15.000000000 +1200
+++ ./squid-3.0.STABLE2/helpers/negotiate_auth/squid_kerb_auth/squid_kerb_auth.c 2008-02-25 08:23:09.000000000 +1300
@@ -37,6 +37,9 @@
#include "spnegohelp.h"
#endif
+#ifndef HOST_NAME_MAX
+#define HOST_NAME_MAX 256
+#endif
#ifndef MAXHOSTNAMELEN
#define MAXHOSTNAMELEN HOST_NAME_MAX
#endif
diff -r -u ./squid-3.0.STABLE1/helpers/ntlm_auth/fakeauth/fakeauth_auth.c ./squid-3.0.STABLE2/helpers/ntlm_auth/fakeauth/fakeauth_auth.c
--- ./squid-3.0.STABLE1/helpers/ntlm_auth/fakeauth/fakeauth_auth.c 2007-07-19 15:36:12.000000000 +1200
+++ ./squid-3.0.STABLE2/helpers/ntlm_auth/fakeauth/fakeauth_auth.c 2008-03-05 01:08:20.000000000 +1300
@@ -369,6 +369,7 @@
main(int argc, char *argv[])
{
char buf[BUFFER_SIZE];
+ int buflen = 0;
char user[256], *p, *decoded = NULL;
struct ntlm_challenge chal;
struct ntlm_negotiate *nego;
@@ -390,9 +391,10 @@
if ((p = strchr(buf, '\n')) != NULL)
*p = '\0'; /* strip \n */
- if (strlen(buf) > 3)
+ buflen = strlen(buf); /* keep this so we only scan the buffer for \0 once per loop */
+ if (buflen > 3)
decoded = base64_decode(buf + 3);
- if ((strlen(buf) > 3) && NTLM_packet_debug_enabled) {
+ if (buflen > 3 && NTLM_packet_debug_enabled) {
strncpy(helper_command, buf, 2);
helper_command[2] = '\0';
debug("Got '%s' from Squid with data:\n", helper_command);
@@ -401,7 +403,7 @@
debug("Got '%s' from Squid\n", buf);
if (strncasecmp(buf, "YR", 2) == 0) {
- if (strlen(buf) > 3) {
+ if(buflen > 3) {
nego = (struct ntlm_negotiate *) decoded;
ntlmMakeChallenge(&chal, nego->flags);
} else
diff -r -u ./squid-3.0.STABLE1/helpers/ntlm_auth/fakeauth/Makefile.in ./squid-3.0.STABLE2/helpers/ntlm_auth/fakeauth/Makefile.in
--- ./squid-3.0.STABLE1/helpers/ntlm_auth/fakeauth/Makefile.in 2007-12-05 14:11:14.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/ntlm_auth/fakeauth/Makefile.in 2008-03-05 01:31:31.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.89 2007/12/05 01:11:14 hno Exp $
+# $Id: Makefile.in,v 1.89.2.1 2008/03/04 12:31:31 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
diff -r -u ./squid-3.0.STABLE1/helpers/ntlm_auth/Makefile.in ./squid-3.0.STABLE2/helpers/ntlm_auth/Makefile.in
--- ./squid-3.0.STABLE1/helpers/ntlm_auth/Makefile.in 2007-12-05 14:11:12.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/ntlm_auth/Makefile.in 2008-03-05 01:31:31.000000000 +1300
@@ -16,7 +16,7 @@
# Makefile for storage modules in the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.92 2007/12/05 01:11:12 hno Exp $
+# $Id: Makefile.in,v 1.92.2.1 2008/03/04 12:31:31 amosjeffries Exp $
#
srcdir = @srcdir@
top_srcdir = @top_srcdir@
diff -r -u ./squid-3.0.STABLE1/helpers/ntlm_auth/mswin_sspi/Makefile.in ./squid-3.0.STABLE2/helpers/ntlm_auth/mswin_sspi/Makefile.in
--- ./squid-3.0.STABLE1/helpers/ntlm_auth/mswin_sspi/Makefile.in 2007-12-05 14:11:14.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/ntlm_auth/mswin_sspi/Makefile.in 2008-03-05 01:31:31.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.35 2007/12/05 01:11:14 hno Exp $
+# $Id: Makefile.in,v 1.35.2.1 2008/03/04 12:31:31 amosjeffries Exp $
#
srcdir = @srcdir@
diff -r -u ./squid-3.0.STABLE1/helpers/ntlm_auth/no_check/Makefile.in ./squid-3.0.STABLE2/helpers/ntlm_auth/no_check/Makefile.in
--- ./squid-3.0.STABLE1/helpers/ntlm_auth/no_check/Makefile.in 2007-12-05 14:11:15.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/ntlm_auth/no_check/Makefile.in 2008-03-05 01:31:32.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.91 2007/12/05 01:11:15 hno Exp $
+# $Id: Makefile.in,v 1.91.2.1 2008/03/04 12:31:32 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
diff -r -u ./squid-3.0.STABLE1/helpers/ntlm_auth/SMB/Makefile.in ./squid-3.0.STABLE2/helpers/ntlm_auth/SMB/Makefile.in
--- ./squid-3.0.STABLE1/helpers/ntlm_auth/SMB/Makefile.in 2007-12-05 14:11:12.000000000 +1300
+++ ./squid-3.0.STABLE2/helpers/ntlm_auth/SMB/Makefile.in 2008-03-05 01:31:31.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.92 2007/12/05 01:11:12 hno Exp $
+# $Id: Makefile.in,v 1.92.2.1 2008/03/04 12:31:31 amosjeffries Exp $
#
srcdir = @srcdir@
diff -r -u ./squid-3.0.STABLE1/icons/Makefile.in ./squid-3.0.STABLE2/icons/Makefile.in
--- ./squid-3.0.STABLE1/icons/Makefile.in 2007-12-05 14:11:15.000000000 +1300
+++ ./squid-3.0.STABLE2/icons/Makefile.in 2008-03-05 01:31:32.000000000 +1300
@@ -14,7 +14,7 @@
@SET_MAKE@
-# $Id: Makefile.in,v 1.105 2007/12/05 01:11:15 hno Exp $
+# $Id: Makefile.in,v 1.105.2.1 2008/03/04 12:31:32 amosjeffries Exp $
#
srcdir = @srcdir@
diff -r -u ./squid-3.0.STABLE1/include/autoconf.h.in ./squid-3.0.STABLE2/include/autoconf.h.in
--- ./squid-3.0.STABLE1/include/autoconf.h.in 2007-11-16 12:34:25.000000000 +1300
+++ ./squid-3.0.STABLE2/include/autoconf.h.in 2008-02-26 12:43:05.000000000 +1300
@@ -170,6 +170,12 @@
/* Define to 1 if you have the header file. */
#undef HAVE_GLIB_H
+/* Define to 1 if you have the `glob' function. */
+#undef HAVE_GLOB
+
+/* Define to 1 if you have the header file. */
+#undef HAVE_GLOB_H
+
/* Define to 1 if you have the header file. */
#undef HAVE_GNUMALLOC_H
diff -r -u ./squid-3.0.STABLE1/include/config.h ./squid-3.0.STABLE2/include/config.h
--- ./squid-3.0.STABLE1/include/config.h 2007-09-20 23:07:53.000000000 +1200
+++ ./squid-3.0.STABLE2/include/config.h 2008-02-25 16:41:38.000000000 +1300
@@ -1,5 +1,5 @@
/*
- * $Id: config.h,v 1.25 2007/09/20 11:07:53 amosjeffries Exp $
+ * $Id: config.h,v 1.25.2.1 2008/02/25 03:41:38 amosjeffries Exp $
*
* AUTHOR: Duane Wessels
*
@@ -440,12 +440,22 @@
*/
#if WITH_VALGRIND
#include
-#else
-#define VALGRIND_MAKE_NOACCESS(a,b) (0)
-#define VALGRIND_MAKE_WRITABLE(a,b) (0)
-#define VALGRIND_MAKE_READABLE(a,b) (0)
-#define VALGRIND_CHECK_WRITABLE(a,b) (0)
-#define VALGRIND_CHECK_READABLE(a,b) (0)
+#undef VALGRIND_MAKE_NOACCESS
+#undef VALGRIND_MAKE_WRITABLE
+#undef VALGRIND_MAKE_READABLE
+/* A little glue for older valgrind version prior to 3.2.0 */
+#ifndef VALGRIND_MAKE_MEM_NOACCESS
+#define VALGRIND_MAKE_MEM_NOACCESS VALGRIND_MAKE_NOACCESS
+#define VALGRIND_MAKE_MEM_UNDEFINED VALGRIND_MAKE_WRITABLE
+#define VALGRIND_MAKE_MEM_DEFINED VALGRIND_MAKE_READABLE
+#define VALGRIND_CHECK_MEM_IS_ADDRESSABLE VALGRIND_CHECK_WRITABLE
+#endif
+#else
+#define VALGRIND_MAKE_MEM_NOACCESS(a,b) (0)
+#define VALGRIND_MAKE_MEM_UNDEFINED(a,b) (0)
+#define VALGRIND_MAKE_MEM_DEFINED(a,b) (0)
+#define VALGRIND_CHECK_MEM_IS_ADDRESSABLE(a,b) (0)
+#define VALGRIND_CHECK_MEM_IS_DEFINED(a,b) (0)
#define VALGRIND_MALLOCLIKE_BLOCK(a,b,c,d)
#define VALGRIND_FREELIKE_BLOCK(a,b)
#define RUNNING_ON_VALGRIND 0
diff -r -u ./squid-3.0.STABLE1/include/version.h ./squid-3.0.STABLE2/include/version.h
--- ./squid-3.0.STABLE1/include/version.h 2007-12-14 13:25:27.000000000 +1300
+++ ./squid-3.0.STABLE2/include/version.h 2008-03-05 01:35:36.000000000 +1300
@@ -9,5 +9,5 @@
*/
#ifndef SQUID_RELEASE_TIME
-#define SQUID_RELEASE_TIME 1197591924
+#define SQUID_RELEASE_TIME 1204634131
#endif
diff -r -u ./squid-3.0.STABLE1/lib/libTrie/Makefile.in ./squid-3.0.STABLE2/lib/libTrie/Makefile.in
--- ./squid-3.0.STABLE1/lib/libTrie/Makefile.in 2007-11-12 14:11:32.000000000 +1300
+++ ./squid-3.0.STABLE2/lib/libTrie/Makefile.in 2008-03-05 01:31:32.000000000 +1300
@@ -15,7 +15,7 @@
@SET_MAKE@
#
-# $Id: Makefile.in,v 1.30 2007/11/12 01:11:32 hno Exp $
+# $Id: Makefile.in,v 1.30.2.1 2008/03/04 12:31:32 amosjeffries Exp $
#
srcdir = @srcdir@
top_srcdir = @top_srcdir@
diff -r -u ./squid-3.0.STABLE1/lib/Makefile.in ./squid-3.0.STABLE2/lib/Makefile.in
--- ./squid-3.0.STABLE1/lib/Makefile.in 2007-12-05 14:11:16.000000000 +1300
+++ ./squid-3.0.STABLE2/lib/Makefile.in 2008-03-05 01:31:32.000000000 +1300
@@ -15,7 +15,7 @@
@SET_MAKE@
#
-# $Id: Makefile.in,v 1.150 2007/12/05 01:11:16 hno Exp $
+# $Id: Makefile.in,v 1.150.2.1 2008/03/04 12:31:32 amosjeffries Exp $
#
srcdir = @srcdir@
diff -r -u ./squid-3.0.STABLE1/lib/MemPool.cc ./squid-3.0.STABLE2/lib/MemPool.cc
--- ./squid-3.0.STABLE1/lib/MemPool.cc 2007-11-14 12:25:33.000000000 +1300
+++ ./squid-3.0.STABLE2/lib/MemPool.cc 2008-02-25 16:41:39.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: MemPool.cc,v 1.10 2007/11/13 23:25:33 rousskov Exp $
+ * $Id: MemPool.cc,v 1.10.2.1 2008/02/25 03:41:39 amosjeffries Exp $
*
* DEBUG: section 63 Low Level Memory Pool Management
* AUTHOR: Alex Rousskov, Andres Kroonmaa, Robert Collins
@@ -211,7 +211,7 @@
for (int i = 1; i < pool->chunk_capacity; i++) {
*Free = (void *) ((char *) Free + pool->obj_size);
void **nextFree = (void **)*Free;
- (void) VALGRIND_MAKE_NOACCESS(Free, pool->obj_size);
+ (void) VALGRIND_MAKE_MEM_NOACCESS(Free, pool->obj_size);
Free = nextFree;
}
nextFreeChunk = pool->nextFreeChunk;
@@ -277,7 +277,7 @@
Free = (void **)obj;
*Free = freeCache;
freeCache = obj;
- (void) VALGRIND_MAKE_NOACCESS(obj, obj_size);
+ (void) VALGRIND_MAKE_MEM_NOACCESS(obj, obj_size);
}
/*
@@ -294,7 +294,7 @@
/* first, try cache */
if (freeCache) {
Free = (void **)freeCache;
- (void) VALGRIND_MAKE_READABLE(Free, obj_size);
+ (void) VALGRIND_MAKE_MEM_DEFINED(Free, obj_size);
freeCache = *Free;
*Free = NULL;
return Free;
@@ -317,7 +317,7 @@
/* last free in this chunk, so remove us from perchunk freelist chain */
nextFreeChunk = chunk->nextFreeChunk;
}
- (void) VALGRIND_MAKE_READABLE(Free, obj_size);
+ (void) VALGRIND_MAKE_MEM_DEFINED(Free, obj_size);
return Free;
}
@@ -557,7 +557,7 @@
MemImplementingAllocator::free(void *obj)
{
assert(obj != NULL);
- (void) VALGRIND_CHECK_WRITABLE(obj, obj_size);
+ (void) VALGRIND_CHECK_MEM_IS_ADDRESSABLE(obj, obj_size);
deallocate(obj);
++free_calls;
}
@@ -602,10 +602,10 @@
assert(splayLastResult == 0);
assert(chunk->inuse_count > 0);
chunk->inuse_count--;
- (void) VALGRIND_MAKE_READABLE(Free, sizeof(void *));
+ (void) VALGRIND_MAKE_MEM_DEFINED(Free, sizeof(void *));
freeCache = *(void **)Free; /* remove from global cache */
*(void **)Free = chunk->freeList; /* stuff into chunks freelist */
- (void) VALGRIND_MAKE_NOACCESS(Free, sizeof(void *));
+ (void) VALGRIND_MAKE_MEM_NOACCESS(Free, sizeof(void *));
chunk->freeList = Free;
chunk->lastref = squid_curtime;
}
diff -r -u ./squid-3.0.STABLE1/lib/rfc2617.c ./squid-3.0.STABLE2/lib/rfc2617.c
--- ./squid-3.0.STABLE1/lib/rfc2617.c 2007-11-16 05:47:34.000000000 +1300
+++ ./squid-3.0.STABLE2/lib/rfc2617.c 2008-02-25 16:38:11.000000000 +1300
@@ -13,7 +13,7 @@
/*
- * $Id: rfc2617.c,v 1.12 2007/11/15 16:47:34 wessels Exp $
+ * $Id: rfc2617.c,v 1.12.2.1 2008/02/25 03:38:11 amosjeffries Exp $
*
* DEBUG:
* AUTHOR: RFC 2617 & Robert Collins
@@ -94,7 +94,7 @@
else
Bin[i / 2] |= n;
}
- for (; i <= HASHHEXLEN; i++) {
+ for (i = i / 2; i < HASHLEN; i++) {
Bin[i] = '\0';
}
}
diff -r -u ./squid-3.0.STABLE1/Makefile.in ./squid-3.0.STABLE2/Makefile.in
--- ./squid-3.0.STABLE1/Makefile.in 2007-12-05 14:10:44.000000000 +1300
+++ ./squid-3.0.STABLE2/Makefile.in 2008-03-05 01:30:59.000000000 +1300
@@ -15,7 +15,7 @@
@SET_MAKE@
#
-# $Id: Makefile.in,v 1.114 2007/12/05 01:10:44 hno Exp $
+# $Id: Makefile.in,v 1.114.2.1 2008/03/04 12:30:59 amosjeffries Exp $
#
srcdir = @srcdir@
top_srcdir = @top_srcdir@
diff -r -u ./squid-3.0.STABLE1/QUICKSTART ./squid-3.0.STABLE2/QUICKSTART
--- ./squid-3.0.STABLE1/QUICKSTART 2003-07-18 23:10:32.000000000 +1200
+++ ./squid-3.0.STABLE2/QUICKSTART 2008-02-11 00:04:32.000000000 +1300
@@ -1,7 +1,7 @@
Squid QUICKSTART
-$Id: QUICKSTART,v 1.8 2003/07/18 11:10:32 hno Exp $
+$Id: QUICKSTART,v 1.8.4.1 2008/02/10 11:04:32 serassio Exp $
This document is intended only for people who want to get Squid running
quickly It is not a substitute for the real documentation. Squid has
@@ -26,7 +26,7 @@
always ask permission before adding a parent cache. See also the
never_direct/always_direct directives.
-cache_dir /usr/local/squid/var/cache 100 16 256
+cache_dir ufs /usr/local/squid/var/cache 100 16 256
Add here (first number, here 100) the amount of hard disk space
(in megabytes) to devote to caching.
diff -r -u ./squid-3.0.STABLE1/RELEASENOTES.html ./squid-3.0.STABLE2/RELEASENOTES.html
--- ./squid-3.0.STABLE1/RELEASENOTES.html 2007-12-14 13:26:29.000000000 +1300
+++ ./squid-3.0.STABLE2/RELEASENOTES.html 2008-03-05 01:36:40.000000000 +1300
@@ -2,12 +2,12 @@
- Squid 3.0.RC1 release notes
+ Squid 3.0.STABLE2 release notes
-Squid 3.0.RC1 release notes
+Squid 3.0.STABLE2 release notes
-Squid Developers
$Id: release-3.0.html,v 1.12 2007/11/18 17:23:01 serassio Exp $
+Squid Developers
$Id: release-3.0.html,v 1.12.2.2 2008/02/28 00:26:31 amosjeffries Exp $
This document contains the release notes for version 3.0 of Squid.
Squid is a WWW Cache application developed by the National Laboratory
@@ -15,21 +15,20 @@
-The Squid Team are pleased to announce the release of Squid-3.0.RC1 for pre-release testing.
+The Squid Team are pleased to announce the release of Squid-3.0.STABLE2.
This new release is available for download from
http://www.squid-cache.org/Versions/v3/3.0/ or the
mirrors.
-A large number of the show-stopper bugs have been fixed along with general improvements to the ICAP support.
-While this release is not deemed ready for production use, we believe it is ready for wider testing by the community.
+A large number of the show-stopper bugs have been fixed along with general improvements to the ICAP support and additional Languages.
We welcome feedback and bug reports. If you find a bug, please see
http://wiki.squid-cache.org/SquidFaq/TroubleShooting#head-7067fc0034ce967e67911becaabb8c95a34d576d for how to submit a report with a stack trace.
-Although this release is deemed good enough for testing in many setups, please note the existence of
+
Although this release is deemed good enough for use in many setups, please note the existence of
open bugs against Squid-3.0.
-
+
The 3.0 change history can be
viewed here.
@@ -92,7 +91,7 @@
Some of the features found in Squid-2.6 is not available in Squid-3.
-Some has been dropped as they are not needed. Some has not yet been forward-ported to Squid-3 and may appear in a later release.
+Some have been dropped as they are not needed. Some have not yet been forward-ported to Squid-3 and may appear in a later release.
- refresh_stale_hit option. Not yet ported.
@@ -117,8 +116,10 @@
The TCP_REFRESH_HIT and TCP_REFRESH_MISS log types have been replaced because they were misleading (all refreshes need to query the origin server, so they could never be hits). The following log types have been introduced to replace them:
-- TCP_REFRESH_UNMODIFIED
The requested object was cached but STALE. The IMS query for the object resulted in "304 not modified".
-- TCP_REFRESH_MODIFIED
The requested object was cached but STALE. The IMS query returned the new content.
+- TCP_REFRESH_UNMODIFIED
-
+
The requested object was cached but STALE. The IMS query for the object resulted in "304 not modified".
+ - TCP_REFRESH_MODIFIED
-
+
The requested object was cached but STALE. The IMS query returned the new content.
See
@@ -151,7 +152,8 @@
-- minimum_icp_query_timeout (msec)
+
- minimum_icp_query_timeout (msec)
-
+
Default: 5
@@ -165,7 +167,8 @@
- - background_ping_rate
+
- background_ping_rate
-
+
Default: 10 seconds
@@ -175,7 +178,8 @@
- - httpd_accel_surrogate_id
+
- httpd_accel_surrogate_id
-
+
Default: unset
@@ -187,7 +191,8 @@
- - http_accel_surrogate_remote on|off
+
- http_accel_surrogate_remote on|off
-
+
Default: off
@@ -197,7 +202,8 @@
- - esi_parser libxml2|expat|custom
+
- esi_parser libxml2|expat|custom
-
+
Default: custom
@@ -208,7 +214,8 @@
- - email_err_data on|off
+
- email_err_data on|off
-
+
Default: on
@@ -220,7 +227,8 @@
- - refresh_all_ims on|off
+
- refresh_all_ims on|off
-
+
Default: off
@@ -235,10 +243,13 @@
- - request_header_access
Replaces the header_access directive of Squid-2.6 and earlier, but applies to requests only.
-- reply_header_access
Replaces the header_access directive of Squid-2.6 and earlier, but applies to replies only.
+- request_header_access
-
+
Replaces the header_access directive of Squid-2.6 and earlier, but applies to requests only.
+ - reply_header_access
-
+
Replaces the header_access directive of Squid-2.6 and earlier, but applies to replies only.
- - icap_enable on|off
+
- icap_enable on|off
-
+
Default: off
@@ -246,7 +257,8 @@
- - icap_preview_enable on|off
+
- icap_preview_enable on|off
-
+
Default: off
@@ -255,7 +267,8 @@
- - icap_preview_size
+
- icap_preview_size
-
+
Default: -1
@@ -265,7 +278,8 @@
- - icap_default_options_ttl (seconds)
+
- icap_default_options_ttl (seconds)
-
+
Default: 60
@@ -274,7 +288,8 @@
- - icap_persistent_connections on|off
+
- icap_persistent_connections on|off
-
+
Default: on
@@ -283,7 +298,8 @@
- - icap_send_client_ip on|off
+
- icap_send_client_ip on|off
-
+
Default: off
@@ -291,7 +307,8 @@
- - icap_send_client_username on|off
+
- icap_send_client_username on|off
-
+
Default: off
@@ -300,7 +317,8 @@
- - icap_service
+
- icap_service
-
+
Default: none
@@ -324,7 +342,8 @@
- - icap_class
+
- icap_class
-
+
Default: none
@@ -339,7 +358,8 @@
- - icap_access
+
- icap_access
-
+
Default: none
@@ -363,7 +383,8 @@
- - accept_filter
+
- accept_filter
-
+
The name of an accept(2) filter to install on Squid's
listen socket(s). This feature is perhaps specific to
@@ -375,6 +396,31 @@
+
+ - include
-
+
New option to import entire secondary configuration files into squid.conf.
+
+ Squid will follow the files immediately and insert all their content
+ as if it was at that position in squid.conf. As per squid.conf some
+ options are order-specific within the config as a whole.
+
+ A few layers of include are allowed, but too many are confusing and
+ squid will enforce an include depth of 16 files.
+
+ Syntax:
+ include /path/to/file1 /path/to/file2
+
+
+
+
+ - acl myportname
-
+
New acl type myportname, matching the name of the http(s)_port where the request was accepted
+
+ acl aclname myportname 3128 ... # http(s)_port name
+
+
+
+
@@ -383,7 +429,8 @@
-- http_port
New options:
+
- http_port
-
+
New options:
disable-pmtu-discovery=
Control Path-MTU discovery usage:
@@ -409,13 +456,15 @@
- - https_port
Removed options:
+
- https_port
-
+
Removed options:
urlgroup=, not yet ported to Squid-3.
- - cache_peer
New options:
+
- cache_peer
-
+
New options:
basetime=n
@@ -455,7 +504,8 @@
- - cache_dir
Common options
+
- cache_dir
-
+
Common options
no-store, replaces the older read-only option
@@ -478,7 +528,8 @@
- - auth_param
Removed Basic auth option
+
- auth_param
-
+
Removed Basic auth option
blankpasswor, not yet ported to squid-3.
auth_param basic concurrency 0
@@ -492,7 +543,8 @@
- - external_acl_type
New format specifications:
+
- external_acl_type
-
+
New format specifications:
%URI Requested URI
@@ -516,7 +568,8 @@
- - refresh_pattern
New options:
+
- refresh_pattern
-
+
New options:
ignore-no-store
refresh-ims
@@ -533,7 +586,8 @@
- - acl
New types:
+
- acl
-
+
New types:
acl aclname http_status 200 301 500- 400-403 ... # status code in reply
@@ -550,14 +604,16 @@
- - short_icon_urls
New default:
+
- short_icon_urls
-
+
New default:
Default: on
(Old default: off)
- - delay_class
New delay classes:
+
- delay_class
-
+
New delay classes:
class 4 Everything in a class 3 delay pool, with an
additional limit on a per user basis. This
@@ -571,7 +627,8 @@
- - htcp_port
New default to require the feature to be enabled in squid.conf:
+
- htcp_port
-
+
New default to require the feature to be enabled in squid.conf:
Default: 0 (disabled)
(Old default: 4827)
@@ -579,7 +636,8 @@
- - icp_port
New default to require the feature to be enabled in squid.conf:
+
- icp_port
-
+
New default to require the feature to be enabled in squid.conf:
Default: 0 (disabled)
(Old default: 3130)
@@ -587,7 +645,8 @@
- - snmp_port
New default to require the feature to be enabled in squid.conf:
+
- snmp_port
-
+
New default to require the feature to be enabled in squid.conf:
Default: 0 (disabled)
(Old default: 3401)
@@ -595,7 +654,8 @@
- - logformat
New format tags:
+
- logformat
-
+
New format tags:
rp Request URL-Path excluding hostname
@@ -617,7 +677,8 @@
- - reply_body_max_size
Syntax changed:
+
- reply_body_max_size
-
+
Syntax changed:
reply_body_max_size size [acl acl...]
@@ -625,7 +686,8 @@
allow/deny no longer used.
-
- url_rewrite_program
No urlgroup support in either requests or responese
+- url_rewrite_program
-
+
No urlgroup support in either requests or responese
@@ -636,19 +698,32 @@
-- broken_vary_encoding
Not yet ported to Squid-3.
-- cache_vary
Not yet ported to Squid-3.
-- collapsed_forwarding
Not yet ported to Squid-3.
-- follow_x_forwarded_for
Not yet ported to Squid-3.
-- *_uses_indirect_client
Not yet ported to Squid-3.
-- error_map
Not yet ported to Squid-3.
-- header_access
This has been replaced by request_header_access and reply_header_access
-- http_access2
Not yet ported to Squid-3.
-- httpd_accel_no_pmtu_disc
Replaced by disable-pmtu-discovery http_port option
-- location_rewrite_*
Not yet ported to Squid-3.
-- refresh_stale_hit
Not yet ported to Squid-3.
-- umask
Not yet ported to Squid-3.
-- wais_relay_*
equivalent to cache_peer + cache_peer_access.
+- broken_vary_encoding
-
+
Not yet ported to Squid-3.
+ - cache_vary
-
+
Not yet ported to Squid-3.
+ - collapsed_forwarding
-
+
Not yet ported to Squid-3.
+ - follow_x_forwarded_for
-
+
Not yet ported to Squid-3.
+ - *_uses_indirect_client
-
+
Not yet ported to Squid-3.
+ - error_map
-
+
Not yet ported to Squid-3.
+ - header_access
-
+
This has been replaced by request_header_access and reply_header_access
+ - http_access2
-
+
Not yet ported to Squid-3.
+ - httpd_accel_no_pmtu_disc
-
+
Replaced by disable-pmtu-discovery http_port option
+ - location_rewrite_*
-
+
Not yet ported to Squid-3.
+ - refresh_stale_hit
-
+
Not yet ported to Squid-3.
+ - umask
-
+
Not yet ported to Squid-3.
+ - wais_relay_*
-
+
equivalent to cache_peer + cache_peer_access.
@@ -677,27 +752,33 @@
-- --enable-shared[=PKGS]
Build shared libraries. The default is to build without.
+- --enable-shared[=PKGS]
-
+
Build shared libraries. The default is to build without.
- - --enable-static[=PKGS]
Build static libraries. The default is on.
+- --enable-static[=PKGS]
-
+
Build static libraries. The default is on.
- - --enable-fast-install[=PKGS]
+
- --enable-fast-install[=PKGS]
-
+
Optimize for fast installation
default: yes
- - --disable-libtool-lock
Avoid locking (might break parallel builds)
+- --disable-libtool-lock
-
+
Avoid locking (might break parallel builds)
- - --disable-optimizations
Don't compile Squid with compiler optimizations enabled.
+
- --disable-optimizations
-
+
Don't compile Squid with compiler optimizations enabled.
Optimization is good for production builds, but not
good for debugging. During development, use
--disable-optimizations to reduce compilation times
and allow easier debugging. This option implicitly
also enables --disable-inline
- - --disable-inline
Don't compile trivial methods as inline. Squid
+
- --disable-inline
-
+
Don't compile trivial methods as inline. Squid
is coded with much of the code able to be inlined.
Inlining is good for production builds, but not
good for development. During development, use
@@ -707,15 +788,18 @@
--enable-inline to have squid make all trivial
methods inlinable by the compiler.
- - --enable-debug-cbdata
Provide some debug information in cbdata
+- --enable-debug-cbdata
-
+
Provide some debug information in cbdata
- - --enable-disk-io=\"list of modules\"
Build support for the list of disk I/O modules.
+
- --enable-disk-io=\"list of modules\"
-
+
Build support for the list of disk I/O modules.
The default is only to build the "Blocking" module.
See src/DiskIO for a list of available modules, or
Programmers Guide for details on how to build your
custom disk module.
- - --enable-esi
Enable ESI for accelerators. Requires libexpat.
+
- --enable-esi
-
+
Enable ESI for accelerators. Requires libexpat.
Enabling ESI will cause squid to follow the Edge
Acceleration Specification (www.esi.org). This
causes squid to IGNORE client Cache-Control headers.
@@ -723,23 +807,30 @@
proxy, ONLY use it in a squid configured for
webserver acceleration.
- - --enable-icap-client
Enable the ICAP client.
+- --enable-icap-client
-
+
Enable the ICAP client.
- - --disable-snmp
Disable SNMP monitoring support which is now built by default.
+- --disable-snmp
-
+
Disable SNMP monitoring support which is now built by default.
- - --disable-htcp
Disable HTCP protocol support which is now built by default.
+- --disable-htcp
-
+
Disable HTCP protocol support which is now built by default.
- - --enable-kqueue
Enable kqueue() support. Marked as experimental in 3.0.
+- --enable-kqueue
-
+
Enable kqueue() support. Marked as experimental in 3.0.
- - --enable-ipfw-transparent
Enable Transparent Proxy support for systems
+
- --enable-ipfw-transparent
-
+
Enable Transparent Proxy support for systems
using FreeBSD IPFW style redirection.
- - --disable-mempools
Disable memPools. Note that this option now simply sets the
+
- --disable-mempools
-
+
Disable memPools. Note that this option now simply sets the
default behaviour. Specific classes can override this at runtime, and
only lib/MemPool.c needs to be altered to change the squid-wide
default for all classes.
- - --enable-cpu-profiling
This option allows you to see which internal functions
+
- --enable-cpu-profiling
-
+
This option allows you to see which internal functions
in Squid are consuming how much CPU. Compiles in probes
that measure time spent in probed functions. Needs
source modifications to add new probes. This is meant
@@ -749,16 +840,21 @@
you shouldn't enable this, as overhead added, although
small, is still overhead. See lib/Profiler.c for more.
- - --with-gnu-ld
Assume the C compiler uses GNU ld. The default is to auto-detect.
+- --with-gnu-ld
-
+
Assume the C compiler uses GNU ld. The default is to auto-detect.
- - --with-pic
Try to use only PIC/non-PIC objects. The default is to use both.
+- --with-pic
-
+
Try to use only PIC/non-PIC objects. The default is to use both.
- - --with-tags[=TAGS]
Include additional configurations. The default is automatic.
+- --with-tags[=TAGS]
-
+
Include additional configurations. The default is automatic.
- - --with-default-user=USER
Sets the default System User account for squid permissions.
+
- --with-default-user=USER
-
+
Sets the default System User account for squid permissions.
The default is 'nobody' as in other releases of squid.
- - --with-cppunit-basedir=[PATH]
Path where the cppunit headers and libraries are found
+
- --with-cppunit-basedir=[PATH]
-
+
Path where the cppunit headers and libraries are found
for unit testing. The default is automatic detection.
NOTE: Since 3.0-PRE6 and 2.6STABLE14 squid no longer comes
bundled with CPPUnit. Compile-time validation will be disabled
@@ -770,33 +866,42 @@
-- --enable-carp
CARP support is now built by default.
---disable-carp can be used to buidl without it.
+- --enable-carp
-
+
CARP support is now built by default.
+--disable-carp can be used to build without it.
- - --enable-htcp
HTCP protocol support is now built by default.
+
- --enable-htcp
-
+
HTCP protocol support is now built by default.
Use --disable-htcp to build without it.
- - --enable-snmp
SNMP monitoring is now build by default.
+
- --enable-snmp
-
+
SNMP monitoring is now build by default.
Use --disable-snmp to build without it.
- - --enable-heap-replacement
Please use --enable-removal-policies directive instead.
+- --enable-heap-replacement
-
+
Please use --enable-removal-policies directive instead.
- - --with-maxfd=N
Replaced by --with-filedescriptors=N
+- --with-maxfd=N
-
+
Replaced by --with-filedescriptors=N
Override maximum number of filedescriptors. Useful
if you build as another user who is not privileged
to use the number of filedescriptors you want the
resulting binary to support
- - --enable-select
Deprecated.
+
- --enable-select
-
+
Deprecated.
Automatic checks will enable best I/O loop method available.
- - --enable-epoll
Deprecated.
+
- --enable-epoll
-
+
Deprecated.
Automatic checks will enable best I/O loop method available.
- - --enable-poll
Deprecated.
+
- --enable-poll
-
+
Deprecated.
Automatic checks will enable best I/O loop method available.
- - --enable-kqueue
kqueue support is marked Experimental in Squid 3.0. Known to have some issues under load.
+- --enable-kqueue
-
+
kqueue support is marked Experimental in Squid 3.0. Known to have some issues under load.
@@ -806,11 +911,14 @@
porting one of these from Squid-2 to Squid-3 is most welcome.
-- --enable-devpoll
Support for Solaris /dev/poll
+- --enable-devpoll
-
+
Support for Solaris /dev/poll
- - --enable-select-simple
Basic POSIX select() loop without any binary fd_set optimizations.
+- --enable-select-simple
-
+
Basic POSIX select() loop without any binary fd_set optimizations.
- - --enable-follow-x-forwarded-for
Support following the X-Forwarded-For HTTP header for determining the
+
- --enable-follow-x-forwarded-for
-
+
Support following the X-Forwarded-For HTTP header for determining the
client IP address
@@ -820,13 +928,20 @@
The following configure options have been removed.
-- --enable-dlmalloc
Most OS:es have good malloc implementations these days, and the version we used to ship with Squid was very very old..
-- --enable-mempool-debug
Debug option, not needed and therefore removed.
-- --enable-forward-log
Rarely used extra log file. Removed.
-- --enable-multicast-miss
Rarely used feature, and multicast ICP acheives almost the same result. Removed.
-- --enable-coss-aio-ops
Specific to the COSS implementation in Squid-2
-- --enable-large-cache-files
Now enabled by default. Configure option was redundant and therefore removed.
-- --enable-truncate
Known to cause race conditions where cache objects may get corrupted, and this for at most a marginal performance improvement. Removed.
+- --enable-dlmalloc
-
+
Most OS:es have good malloc implementations these days, and the version we used to ship with Squid was very very old..
+ - --enable-mempool-debug
-
+
Debug option, not needed and therefore removed.
+ - --enable-forward-log
-
+
Rarely used extra log file. Removed.
+ - --enable-multicast-miss
-
+
Rarely used feature, and multicast ICP acheives almost the same result. Removed.
+ - --enable-coss-aio-ops
-
+
Specific to the COSS implementation in Squid-2
+ - --enable-large-cache-files
-
+
Now enabled by default. Configure option was redundant and therefore removed.
+ - --enable-truncate
-
+
Known to cause race conditions where cache objects may get corrupted, and this for at most a marginal performance improvement. Removed.
diff -r -u ./squid-3.0.STABLE1/src/ACLCertificate.cc ./squid-3.0.STABLE2/src/ACLCertificate.cc
--- ./squid-3.0.STABLE1/src/ACLCertificate.cc 2003-03-04 14:40:25.000000000 +1300
+++ ./squid-3.0.STABLE2/src/ACLCertificate.cc 2008-02-10 23:43:09.000000000 +1300
@@ -1,5 +1,5 @@
/*
- * $Id: ACLCertificate.cc,v 1.2 2003/03/04 01:40:25 robertc Exp $
+ * $Id: ACLCertificate.cc,v 1.2.4.1 2008/02/10 10:43:09 serassio Exp $
*
* DEBUG: section 28 Access Control
* AUTHOR: Duane Wessels
@@ -35,6 +35,12 @@
*/
#include "squid.h"
+
+/* MS Visual Studio Projects are monolithic, so we need the following
+ * #if to exclude the SSL code from compile process when not needed.
+ */
+#if USE_SSL
+
#include "ACLCertificate.h"
#include "ACLChecklist.h"
#include "ACLCertificateData.h"
@@ -60,3 +66,5 @@
}
ACLCertificateStrategy ACLCertificateStrategy::Instance_;
+
+#endif /* USE_SSL */
diff -r -u ./squid-3.0.STABLE1/src/ACLChecklist.cc ./squid-3.0.STABLE2/src/ACLChecklist.cc
--- ./squid-3.0.STABLE1/src/ACLChecklist.cc 2007-09-01 17:56:37.000000000 +1200
+++ ./squid-3.0.STABLE2/src/ACLChecklist.cc 2008-02-27 23:41:16.000000000 +1300
@@ -1,5 +1,5 @@
/*
- * $Id: ACLChecklist.cc,v 1.42 2007/09/01 05:56:37 amosjeffries Exp $
+ * $Id: ACLChecklist.cc,v 1.42.2.1 2008/02/27 10:41:16 amosjeffries Exp $
*
* DEBUG: section 28 Access Control
* AUTHOR: Duane Wessels
@@ -394,12 +394,9 @@
HTTPMSGUNLOCK(reply);
- /*
- * DPW 2007-05-08
- * If this fails, then we'll need a backup UNLOCK call in the
- * destructor.
- */
- assert(auth_user_request == NULL);
+ // no auth_user_request in builds without any Authentication configured
+ if (auth_user_request)
+ AUTHUSERREQUESTUNLOCK(auth_user_request, "ACLChecklist destructor");
conn_ = NULL;
diff -r -u ./squid-3.0.STABLE1/src/ACLDestinationDomain.cc ./squid-3.0.STABLE2/src/ACLDestinationDomain.cc
--- ./squid-3.0.STABLE1/src/ACLDestinationDomain.cc 2007-11-03 17:49:53.000000000 +1300
+++ ./squid-3.0.STABLE2/src/ACLDestinationDomain.cc 2008-02-27 23:04:51.000000000 +1300
@@ -1,5 +1,5 @@
/*
- * $Id: ACLDestinationDomain.cc,v 1.15 2007/11/03 04:49:53 wessels Exp $
+ * $Id: ACLDestinationDomain.cc,v 1.15.2.1 2008/02/27 10:04:51 amosjeffries Exp $
*
* DEBUG: section 28 Access Control
* AUTHOR: Duane Wessels
@@ -76,6 +76,8 @@
int
ACLDestinationDomainStrategy::match (ACLData * &data, ACLChecklist *checklist)
{
+ assert(checklist != NULL && checklist->request != NULL);
+
const ipcache_addrs *ia = NULL;
const char *fqdn = NULL;
diff -r -u ./squid-3.0.STABLE1/src/ACLHTTPRepHeader.cc ./squid-3.0.STABLE2/src/ACLHTTPRepHeader.cc
--- ./squid-3.0.STABLE1/src/ACLHTTPRepHeader.cc 2006-06-15 07:18:24.000000000 +1200
+++ ./squid-3.0.STABLE2/src/ACLHTTPRepHeader.cc 2008-02-06 17:06:46.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: ACLHTTPRepHeader.cc,v 1.1 2006/06/14 19:18:24 serassio Exp $
+ * $Id: ACLHTTPRepHeader.cc,v 1.1.4.1 2008/02/06 04:06:46 amosjeffries Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
@@ -39,12 +39,6 @@
#include "ACLChecklist.h"
#include "HttpReply.h"
-/* explicit template instantiation required for some systems */
-
-template class ACLStrategised
-
-;
-
ACL::Prototype ACLHTTPRepHeader::RegistryProtoype(&ACLHTTPRepHeader::RegistryEntry_, "rep_header");
ACLStrategised ACLHTTPRepHeader::RegistryEntry_(new ACLHTTPHeaderData, ACLHTTPRepHeaderStrategy::Instance(), "rep_header");
diff -r -u ./squid-3.0.STABLE1/src/ACLHTTPReqHeader.cc ./squid-3.0.STABLE2/src/ACLHTTPReqHeader.cc
--- ./squid-3.0.STABLE1/src/ACLHTTPReqHeader.cc 2006-06-15 07:18:24.000000000 +1200
+++ ./squid-3.0.STABLE2/src/ACLHTTPReqHeader.cc 2008-02-06 17:06:46.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: ACLHTTPReqHeader.cc,v 1.1 2006/06/14 19:18:24 serassio Exp $
+ * $Id: ACLHTTPReqHeader.cc,v 1.1.4.1 2008/02/06 04:06:46 amosjeffries Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
@@ -39,12 +39,6 @@
#include "ACLChecklist.h"
#include "HttpRequest.h"
-/* explicit template instantiation required for some systems */
-
-template class ACLStrategised
-
-;
-
ACL::Prototype ACLHTTPReqHeader::RegistryProtoype(&ACLHTTPReqHeader::RegistryEntry_, "req_header");
ACLStrategised ACLHTTPReqHeader::RegistryEntry_(new ACLHTTPHeaderData, ACLHTTPReqHeaderStrategy::Instance(), "req_header");
Only in ./squid-3.0.STABLE2/src: ACLMyPortName.cc
Only in ./squid-3.0.STABLE2/src: ACLMyPortName.h
diff -r -u ./squid-3.0.STABLE1/src/ACLStrategised.cc ./squid-3.0.STABLE2/src/ACLStrategised.cc
--- ./squid-3.0.STABLE1/src/ACLStrategised.cc 2003-02-17 20:01:34.000000000 +1300
+++ ./squid-3.0.STABLE2/src/ACLStrategised.cc 2008-02-06 17:06:46.000000000 +1300
@@ -1,5 +1,5 @@
/*
- * $Id: ACLStrategised.cc,v 1.1 2003/02/17 07:01:34 robertc Exp $
+ * $Id: ACLStrategised.cc,v 1.1.4.1 2008/02/06 04:06:46 amosjeffries Exp $
*
* DEBUG: section 28 Access Control
* AUTHOR: Duane Wessels
@@ -41,3 +41,14 @@
#include "ACLRegexData.h"
#include "ACLDomainData.h"
+/*
+ * moved template instantiation into ACLStrategized.cc from
+ * ACLHTTPRepHeader.cc and ACLHTTPReqHeader.cc to compile on
+ * Mac OSX 10.5 Leopard, this corrects a duplicate symbol error
+ */
+
+/* explicit template instantiation required for some systems */
+
+template class ACLStrategised
+
+;
diff -r -u ./squid-3.0.STABLE1/src/asn.cc ./squid-3.0.STABLE2/src/asn.cc
--- ./squid-3.0.STABLE1/src/asn.cc 2007-09-21 23:41:52.000000000 +1200
+++ ./squid-3.0.STABLE2/src/asn.cc 2008-02-26 12:08:50.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: asn.cc,v 1.115 2007/09/21 11:41:52 amosjeffries Exp $
+ * $Id: asn.cc,v 1.115.2.1 2008/02/25 23:08:50 amosjeffries Exp $
*
* DEBUG: section 53 AS Number handling
* AUTHOR: Duane Wessels, Kostas Anagnostakis
@@ -89,7 +89,7 @@
store_client *sc;
HttpRequest *request;
int as_number;
- off_t offset;
+ int64_t offset;
int reqofs;
char reqbuf[AS_REQBUF_SZ];
bool dataRead;
@@ -299,7 +299,7 @@
*/
s = buf;
- while (s - buf < (off_t)(result.length + asState->reqofs) && *s != '\0') {
+ while ((size_t)(s - buf) < result.length + asState->reqofs && *s != '\0') {
while (*s && xisspace(*s))
s++;
diff -r -u ./squid-3.0.STABLE1/src/auth/digest/auth_digest.cc ./squid-3.0.STABLE2/src/auth/digest/auth_digest.cc
--- ./squid-3.0.STABLE1/src/auth/digest/auth_digest.cc 2007-08-28 00:50:45.000000000 +1200
+++ ./squid-3.0.STABLE2/src/auth/digest/auth_digest.cc 2008-02-25 16:39:02.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: auth_digest.cc,v 1.59 2007/08/27 12:50:45 hno Exp $
+ * $Id: auth_digest.cc,v 1.59.2.1 2008/02/25 03:39:02 amosjeffries Exp $
*
* DEBUG: section 29 Authenticator
* AUTHOR: Robert Collins
@@ -666,6 +666,7 @@
}
} else {
credentials(Failed);
+ digest_request->flags.invalid_password = 1;
digest_request->setDenyMessage("Incorrect password");
return;
}
@@ -673,7 +674,6 @@
/* check for stale nonce */
if (!authDigestNonceIsValid(digest_request->nonce, digest_request->nc)) {
debugs(29, 3, "authenticateDigestAuthenticateuser: user '" << digest_user->username() << "' validated OK but nonce stale");
- digest_request->flags.nonce_stale = 1;
credentials(Failed);
digest_request->setDenyMessage("Stale nonce");
return;
@@ -708,11 +708,8 @@
case Failed:
- if (flags.nonce_stale)
- /* nonce is stale, send new challenge */
- return 1;
-
- return -2;
+ /* send new challenge */
+ return 1;
}
return -2;
@@ -783,14 +780,14 @@
if (!authenticate)
return;
- int stale = 0;
+ int stale = 1;
if (auth_user_request) {
AuthDigestUserRequest *digest_request;
digest_request = dynamic_cast < AuthDigestUserRequest * >(auth_user_request);
assert (digest_request != NULL);
- stale = digest_request->flags.nonce_stale;
+ stale = !digest_request->flags.invalid_password;
}
/* on a 407 or 401 we always use a new nonce */
@@ -850,6 +847,7 @@
if (reply && (strncasecmp(reply, "ERR", 3) == 0)) {
digest_request->credentials(AuthDigestUserRequest::Failed);
+ digest_request->flags.invalid_password = 1;
if (t && *t)
digest_request->setDenyMessage(t);
@@ -1047,9 +1045,8 @@
/* setup the necessary info to log the username */
static AuthUserRequest *
-authDigestLogUsername(char *username)
+authDigestLogUsername(char *username, AuthDigestUserRequest *auth_user_request)
{
- AuthDigestUserRequest *auth_user_request = new AuthDigestUserRequest();
assert(auth_user_request != NULL);
/* log the username */
@@ -1228,7 +1225,7 @@
if (digest_request->cnonce && strlen(digest_request->nc) != 8) {
debugs(29, 4, "authenticateDigestDecode: nonce count length invalid");
delete digest_request;
- return authDigestLogUsername(username);
+ return authDigestLogUsername(username, digest_request);
}
/* now the nonce */
@@ -1237,8 +1234,7 @@
if (!nonce) {
/* we couldn't find a matching nonce! */
debugs(29, 4, "authenticateDigestDecode: Unexpected or invalid nonce received");
- delete digest_request;
- return authDigestLogUsername(username);
+ return authDigestLogUsername(username, digest_request);
}
digest_request->nonce = nonce;
@@ -1247,11 +1243,11 @@
/* check the qop is what we expected. Note that for compatability with
* RFC 2069 we should support a missing qop. Tough. */
- if (!digest_request->qop || strcmp(digest_request->qop, QOP_AUTH)) {
+ if (digest_request->qop && strcmp(digest_request->qop, QOP_AUTH) != 0) {
/* we received a qop option we didn't send */
debugs(29, 4, "authenticateDigestDecode: Invalid qop option received");
delete digest_request;
- return authDigestLogUsername(username);
+ return authDigestLogUsername(username, digest_request);
}
/* we can't check the URI just yet. We'll check it in the
@@ -1262,21 +1258,21 @@
if (!digest_request->response || strlen(digest_request->response) != 32) {
debugs(29, 4, "authenticateDigestDecode: Response length invalid");
delete digest_request;
- return authDigestLogUsername(username);
+ return authDigestLogUsername(username, digest_request);
}
/* do we have a username ? */
if (!username || username[0] == '\0') {
debugs(29, 4, "authenticateDigestDecode: Empty or not present username");
delete digest_request;
- return authDigestLogUsername(username);
+ return authDigestLogUsername(username, digest_request);
}
/* check that we're not being hacked / the username hasn't changed */
if (nonce->user && strcmp(username, nonce->user->username())) {
debugs(29, 4, "authenticateDigestDecode: Username for the nonce does not equal the username for the request");
delete digest_request;
- return authDigestLogUsername(username);
+ return authDigestLogUsername(username, digest_request);
}
/* if we got a qop, did we get a cnonce or did we get a cnonce wihtout a qop? */
@@ -1284,7 +1280,7 @@
|| (!digest_request->qop && digest_request->cnonce)) {
debugs(29, 4, "authenticateDigestDecode: qop without cnonce, or vice versa!");
delete digest_request;
- return authDigestLogUsername(username);
+ return authDigestLogUsername(username, digest_request);
}
/* check the algorithm is present and supported */
@@ -1294,7 +1290,7 @@
&& strcmp(digest_request->algorithm, "MD5-sess")) {
debugs(29, 4, "authenticateDigestDecode: invalid algorithm specified!");
delete digest_request;
- return authDigestLogUsername(username);
+ return authDigestLogUsername(username, digest_request);
}
/* the method we'll check at the authenticate step as well */
diff -r -u ./squid-3.0.STABLE1/src/auth/digest/auth_digest.h ./squid-3.0.STABLE2/src/auth/digest/auth_digest.h
--- ./squid-3.0.STABLE1/src/auth/digest/auth_digest.h 2007-05-09 19:36:29.000000000 +1200
+++ ./squid-3.0.STABLE2/src/auth/digest/auth_digest.h 2008-02-25 16:39:02.000000000 +1300
@@ -99,8 +99,7 @@
unsigned int authinfo_sent:
1;
-unsigned int nonce_stale:
- 1;
+ unsigned int invalid_password:1;
unsigned int helper_queried:
1;
diff -r -u ./squid-3.0.STABLE1/src/auth/Makefile.in ./squid-3.0.STABLE2/src/auth/Makefile.in
--- ./squid-3.0.STABLE1/src/auth/Makefile.in 2007-12-05 14:11:22.000000000 +1300
+++ ./squid-3.0.STABLE2/src/auth/Makefile.in 2008-03-05 01:31:33.000000000 +1300
@@ -312,7 +312,7 @@
# Makefile for authentication modules in the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.93 2007/12/05 01:11:22 hno Exp $
+# $Id: Makefile.in,v 1.93.2.1 2008/03/04 12:31:33 amosjeffries Exp $
#
AUTOMAKE_OPTIONS = subdir-objects
AM_CFLAGS = @SQUID_CFLAGS@
diff -r -u ./squid-3.0.STABLE1/src/cache_cf.cc ./squid-3.0.STABLE2/src/cache_cf.cc
--- ./squid-3.0.STABLE1/src/cache_cf.cc 2007-11-16 12:33:05.000000000 +1300
+++ ./squid-3.0.STABLE2/src/cache_cf.cc 2008-03-05 01:10:00.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: cache_cf.cc,v 1.528 2007/11/15 23:33:05 wessels Exp $
+ * $Id: cache_cf.cc,v 1.528.2.8 2008/03/04 12:10:00 amosjeffries Exp $
*
* DEBUG: section 3 Configuration File Parsing
* AUTHOR: Harvest Derived
@@ -46,6 +46,9 @@
#include "Parsing.h"
#include "MemBuf.h"
#include "wordlist.h"
+#if HAVE_GLOB_H
+#include
+#endif
#if SQUID_SNMP
#include "snmp.h"
@@ -151,6 +154,8 @@
static void parse_b_size_t(size_t * var);
static void parse_b_int64_t(int64_t * var);
+static int parseOneConfigFile(const char *file_name, unsigned int depth);
+
/*
* LegacyParser is a parser for legacy code that uses the global
* approach. This is static so that it is only exposed to cache_cf.
@@ -203,17 +208,53 @@
return s;
}
-int
-parseConfigFile(const char *file_name, CacheManager & manager)
+static int
+parseManyConfigFiles(char* files, int depth)
+{
+ int error_count = 0;
+ char* saveptr = NULL;
+#if HAVE_GLOB
+ char *path;
+ glob_t globbuf;
+ int i;
+ memset(&globbuf, 0, sizeof(globbuf));
+ for (path = strwordtok(files, &saveptr); path; path = strwordtok(NULL, &saveptr)) {
+ if (glob(path, globbuf.gl_pathc ? GLOB_APPEND : 0, NULL, &globbuf) != 0) {
+ fatalf("Unable to find configuration file: %s: %s",
+ path, xstrerror());
+ }
+ }
+ for (i = 0; i < (int)globbuf.gl_pathc; i++) {
+ error_count += parseOneConfigFile(globbuf.gl_pathv[i], depth);
+ }
+ globfree(&globbuf);
+#else
+ char* file = strwordtok(files, &saveptr);
+ while (file != NULL) {
+ error_count += parseOneConfigFile(file, depth);
+ file = strwordtok(NULL, &saveptr);
+ }
+#endif /* HAVE_GLOB */
+ return error_count;
+}
+
+static int
+parseOneConfigFile(const char *file_name, unsigned int depth)
{
FILE *fp = NULL;
+ const char *orig_cfg_filename = cfg_filename;
+ const int orig_config_lineno = config_lineno;
char *token = NULL;
char *tmp_line = NULL;
int tmp_line_len = 0;
int err_count = 0;
int is_pipe = 0;
- configFreeMemory();
- default_all();
+
+ debugs(3, 1, "Processing Configuration File: " << file_name << " (depth " << depth << ")");
+ if (depth > 16) {
+ fatalf("WARNING: can't include %s: includes are nested too deeply (>16)!\n", file_name);
+ return 1;
+ }
if (file_name[0] == '!' || file_name[0] == '|') {
fp = popen(file_name + 1, "r");
@@ -223,8 +264,7 @@
}
if (fp == NULL)
- fatalf("Unable to open configuration file: %s: %s",
- file_name, xstrerror());
+ fatalf("Unable to open configuration file: %s: %s", file_name, xstrerror());
#ifdef _SQUID_WIN32_
@@ -270,13 +310,6 @@
*token = '\0';
cfg_filename = new_file_name;
-
-#if PROBABLY_NOT_WANTED_HERE
-
- SetConfigFilename(cfg_filename, false);
-
-#endif
-
}
config_lineno = new_lineno;
@@ -306,11 +339,13 @@
debugs(3, 5, "Processing: '" << tmp_line << "'");
- if (!parse_line(tmp_line)) {
- debugs(3, 0, "parseConfigFile: '" << cfg_filename << "' line " <<
- config_lineno << " unrecognized: '" << config_input_line << "'");
- err_count++;
- }
+ /* Handle includes here */
+ if (tmp_line_len >= 9 && strncmp(tmp_line, "include", 7) == 0 && xisspace(tmp_line[7])) {
+ err_count += parseManyConfigFiles(tmp_line + 8, depth + 1);
+ } else if (!parse_line(tmp_line)) {
+ debugs(3, 0, HERE << cfg_filename << ":" << config_lineno << " unrecognized: '" << tmp_line << "'");
+ err_count++;
+ }
safe_free(tmp_line);
tmp_line_len = 0;
@@ -326,6 +361,23 @@
fclose(fp);
}
+ cfg_filename = orig_cfg_filename;
+ config_lineno = orig_config_lineno;
+
+ return err_count;
+}
+
+int
+parseConfigFile(const char *file_name, CacheManager & manager)
+{
+ int err_count = 0;
+
+ configFreeMemory();
+
+ default_all();
+
+ err_count = parseOneConfigFile(file_name, 0);
+
defaults_if_none();
/*
@@ -351,6 +403,7 @@
return err_count;
}
+
static void
configDoConfigure(void)
{
@@ -2364,18 +2417,6 @@
#define dump_eol dump_string
#define free_eol free_string
-void
-parse_debug(char *volatile *var)
-{
- parse_eol(var);
- safe_free(debug_options)
- debug_options = xstrdup(Config.debugOptions);
- Debug::parseOptions(Config.debugOptions);
-}
-
-#define dump_debug dump_string
-#define free_debug free_string
-
static void
dump_time_t(StoreEntry * entry, const char *name, time_t var)
{
@@ -2769,6 +2810,7 @@
char *t;
s->disable_pmtu_discovery = DISABLE_PMTU_OFF;
+ s->name = xstrdup(token);
if ((t = strchr(token, ':'))) {
/* host:port */
diff -r -u ./squid-3.0.STABLE1/src/carp.cc ./squid-3.0.STABLE2/src/carp.cc
--- ./squid-3.0.STABLE1/src/carp.cc 2007-04-29 10:26:37.000000000 +1200
+++ ./squid-3.0.STABLE2/src/carp.cc 2008-02-26 13:04:15.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: carp.cc,v 1.26 2007/04/28 22:26:37 hno Exp $
+ * $Id: carp.cc,v 1.26.4.1 2008/02/26 00:04:15 amosjeffries Exp $
*
* DEBUG: section 39 Cache Array Routing Protocol
* AUTHOR: Henrik Nordstrom
@@ -104,7 +104,7 @@
/* calculate this peers hash */
p->carp.hash = 0;
- for (t = p->host; *t != 0; t++)
+ for (t = p->name; *t != 0; t++)
p->carp.hash += ROTATE_LEFT(p->carp.hash, 19) + (unsigned int) *t;
p->carp.hash += p->carp.hash * 0x62531965;
@@ -189,7 +189,7 @@
combined_hash += combined_hash * 0x62531965;
combined_hash = ROTATE_LEFT(combined_hash, 21);
score = combined_hash * tp->carp.load_multiplier;
- debugs(39, 3, "carpSelectParent: " << tp->host << " combined_hash " << combined_hash <<
+ debugs(39, 3, "carpSelectParent: " << tp->name << " combined_hash " << combined_hash <<
" score " << std::setprecision(0) << score);
if ((score > high_score) && peerHTTPOkay(tp, request)) {
@@ -199,7 +199,7 @@
}
if (p)
- debugs(39, 2, "carpSelectParent: selected " << p->host);
+ debugs(39, 2, "carpSelectParent: selected " << p->name);
return p;
}
@@ -221,7 +221,7 @@
for (p = Config.peers; p; p = p->next) {
storeAppendPrintf(sentry, "%24s %10x %10f %10f %10f\n",
- p->host, p->carp.hash,
+ p->name, p->carp.hash,
p->carp.load_multiplier,
p->carp.load_factor,
sumfetches ? (double) p->stats.fetches / sumfetches : -1.0);
diff -r -u ./squid-3.0.STABLE1/src/cf.data.pre ./squid-3.0.STABLE2/src/cf.data.pre
--- ./squid-3.0.STABLE1/src/cf.data.pre 2007-11-16 12:33:05.000000000 +1300
+++ ./squid-3.0.STABLE2/src/cf.data.pre 2008-02-27 18:51:06.000000000 +1300
@@ -1,6 +1,6 @@
#
-# $Id: cf.data.pre,v 1.488 2007/11/15 23:33:05 wessels Exp $
+# $Id: cf.data.pre,v 1.488.2.5 2008/02/27 05:51:06 amosjeffries Exp $
#
# SQUID Web Proxy Cache http://www.squid-cache.org/
# ----------------------------------------------------------
@@ -48,6 +48,21 @@
COMMENT_END
COMMENT_START
+ Configuration options can be included using the "include" directive.
+ Include takes a list of files to include. Quoting and wildcards is
+ supported.
+
+ For example,
+
+ include /path/to/included/file/squid.acl.config
+
+ Includes can be nested up to a hard-coded depth of 16 levels.
+ This arbitrary restriction is to prevent recursive include references
+ from causing Squid entering an infinite loop whilst trying to load
+ configuration files.
+COMMENT_END
+
+COMMENT_START
OPTIONS FOR AUTHENTICATION
-----------------------------------------------------------------------------
COMMENT_END
@@ -488,6 +503,7 @@
acl aclname port 80 70 21 ...
acl aclname port 0-1024 ... # ranges allowed
acl aclname myport 3128 ... # (local socket TCP port)
+ acl aclname myportname 3128 ... # http(s)_port name
acl aclname proto HTTP FTP ...
acl aclname method GET POST ...
acl aclname browser [-i] regexp ...
@@ -920,6 +936,9 @@
sporadically hang or never complete requests set
disable-pmtu-discovery option to 'transparent'.
+ name= Specifies a internal name for the port. Defaults to
+ the port specification (port or addr:port)
+
If you run Squid on a dual-homed machine with an internal
and an external interface we recommend you to specify the
internal address:port in http_port. This way Squid will only be
@@ -1032,6 +1051,9 @@
vport=NN As above, but uses specified port number rather
than the https_port number. Implies accel.
+ name= Specifies a internal name for the port. Defaults to
+ the port specification (port or addr:port)
+
DOC_END
NAME: tcp_outgoing_tos tcp_outgoing_ds tcp_outgoing_dscp
@@ -1097,11 +1119,11 @@
source address 10.1.0.2 and the rest will be forwarded with
source address 10.1.0.3.
- acl normal_service_net src 10.0.0.0/255.255.255.0
- acl good_service_net src 10.0.1.0/255.255.255.0
- tcp_outgoing_address 10.0.0.1 normal_service_net
- tcp_outgoing_address 10.0.0.2 good_service_net
- tcp_outgoing_address 10.0.0.3
+ acl normal_service_net src 10.0.0.0/24
+ acl good_service_net src 10.0.2.0/24
+ tcp_outgoing_address 10.1.0.1 normal_service_net
+ tcp_outgoing_address 10.1.0.2 good_service_net
+ tcp_outgoing_address 10.1.0.3
Processing proceeds in the order specified, and stops at first fully
matching line.
@@ -2178,7 +2200,7 @@
DOC_END
NAME: debug_options
-TYPE: debug
+TYPE: eol
DEFAULT: ALL,1
LOC: Config.debugOptions
DOC_START
@@ -2451,19 +2473,14 @@
DEFAULT: none
LOC: Config.accessList.noCache
DOC_START
- A list of ACL elements which, if matched, cause the request to
+ A list of ACL elements which, if matched and denied, cause the request to
not be satisfied from the cache and the reply to not be cached.
In other words, use this to force certain objects to never be cached.
- You must use the word 'DENY' to indicate the ACL names which should
- NOT be cached.
+ You must use the words 'allow' or 'deny' to indicate whether items
+ matching the ACL should be allowed or denied into the cache.
Default is to allow all to be cached
-NOCOMMENT_START
-#We recommend you to use the following two lines.
-acl QUERY urlpath_regex cgi-bin \?
-cache deny QUERY
-NOCOMMENT_END
DOC_END
NAME: refresh_pattern
@@ -2564,6 +2581,7 @@
NOCOMMENT_START
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
+refresh_pattern (cgi-bin|\?) 0 0% 0
refresh_pattern . 0 20% 4320
NOCOMMENT_END
DOC_END
diff -r -u ./squid-3.0.STABLE1/src/client_side.h ./squid-3.0.STABLE2/src/client_side.h
--- ./squid-3.0.STABLE1/src/client_side.h 2007-10-31 17:52:16.000000000 +1300
+++ ./squid-3.0.STABLE2/src/client_side.h 2008-02-26 12:08:50.000000000 +1300
@@ -1,5 +1,5 @@
/*
- * $Id: client_side.h,v 1.26 2007/10/31 04:52:16 amosjeffries Exp $
+ * $Id: client_side.h,v 1.26.2.1 2008/02/25 23:08:50 amosjeffries Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
@@ -95,7 +95,7 @@
};
DeferredParams deferredparams;
- off_t writtenToSocket;
+ int64_t writtenToSocket;
void pullData();
int64_t getNextRangeOffset() const;
bool canPackMoreRanges() const;
diff -r -u ./squid-3.0.STABLE1/src/client_side_reply.cc ./squid-3.0.STABLE2/src/client_side_reply.cc
--- ./squid-3.0.STABLE1/src/client_side_reply.cc 2007-11-27 22:36:07.000000000 +1300
+++ ./squid-3.0.STABLE2/src/client_side_reply.cc 2008-02-27 18:59:29.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: client_side_reply.cc,v 1.144 2007/11/27 09:36:07 amosjeffries Exp $
+ * $Id: client_side_reply.cc,v 1.144.2.4 2008/02/27 05:59:29 amosjeffries Exp $
*
* DEBUG: section 88 Client-side Reply Routines
* AUTHOR: Robert Collins (Originally Duane Wessels in client_side.c)
@@ -1214,10 +1214,7 @@
if (is_hit)
hdr->delById(HDR_SET_COOKIE);
- /*
- * Be sure to obey the Connection header
- */
- reply->header.removeConnectionHeaderEntries();
+ reply->header.removeHopByHopEntries();
// if (request->range)
// clientBuildRangeHeader(http, reply);
@@ -1314,6 +1311,9 @@
#endif
+ /* Check whether we should send keep-alive */
+ // TODO: disable proxy_keepalive only once
+
if (reply->bodySize(request->method) < 0) {
debugs(88, 3, "clientBuildReplyHeader: can't keep-alive, unknown body size" );
request->flags.proxy_keepalive = 0;
@@ -1332,6 +1332,11 @@
if (!Config.onoff.client_pconns && !request->flags.must_keepalive)
request->flags.proxy_keepalive = 0;
+ if (request->flags.proxy_keepalive && shutting_down) {
+ debugs(88, 3, "clientBuildReplyHeader: Shutting down, don't keep-alive.");
+ request->flags.proxy_keepalive = 0;
+ }
+
/* Append VIA */
if (Config.onoff.via) {
LOCAL_ARRAY(char, bbuf, MAX_URL + 32);
@@ -1967,7 +1972,6 @@
}
buildReply(buf, reqofs);
- ssize_t body_size = reqofs;
if (reply) {
@@ -1990,33 +1994,6 @@
} else if (reqofs < HTTP_REQBUF_SZ && entry->store_status == STORE_PENDING) {
waitForMoreData();
return;
- } else if (http->request->method == METHOD_HEAD) {
- /*
- * If we are here, then store_status == STORE_OK and it
- * seems we have a HEAD repsponse which is missing the
- * empty end-of-headers line (home.mira.net, phttpd/0.99.72
- * does this). Because buildReply() fails we just
- * call this reply a body, set the done_copying flag and
- * continue...
- */
- /* RBC: Note that this is seriously broken, as we *need* the
- * metadata to allow further client modules to work. As such
- * webservers are seriously broken, this is probably not
- * going to get fixed.. perhapos we should remove it?
- */
- debugs(88, 0, "Broken head response - probably phttpd/0.99.72");
- http->flags.done_copying = 1;
- flags.complete = 1;
- /*
- * And as this is a malformed HTTP reply we cannot keep
- * the connection persistent
- */
- http->request->flags.proxy_keepalive = 0;
-
- assert(body_buf && body_size);
- StoreIOBuffer tempBuffer (body_size, 0 ,body_buf);
- clientStreamCallback((clientStreamNode *)http->client_stream.head->data,
- http, NULL, tempBuffer);
} else {
debugs(88, 0, "clientReplyContext::sendMoreData: Unable to parse reply headers within a single HTTP_REQBUF_SZ length buffer");
StoreIOBuffer tempBuffer;
diff -r -u ./squid-3.0.STABLE1/src/client_side_reply.h ./squid-3.0.STABLE2/src/client_side_reply.h
--- ./squid-3.0.STABLE1/src/client_side_reply.h 2007-05-09 19:36:24.000000000 +1200
+++ ./squid-3.0.STABLE2/src/client_side_reply.h 2008-02-26 12:08:50.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: client_side_reply.h,v 1.17 2007/05/09 07:36:24 wessels Exp $
+ * $Id: client_side_reply.h,v 1.17.4.1 2008/02/25 23:08:50 amosjeffries Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
@@ -98,7 +98,7 @@
StoreIOBuffer tempBuffer; /* For use in validating requests via IMS */
int old_reqsize; /* ... again, for the buffer */
size_t reqsize;
- off_t reqofs;
+ size_t reqofs;
char tempbuf[HTTP_REQBUF_SZ]; /* a temporary buffer if we need working storage */
#if USE_CACHE_DIGESTS
diff -r -u ./squid-3.0.STABLE1/src/client_side_request.h ./squid-3.0.STABLE2/src/client_side_request.h
--- ./squid-3.0.STABLE1/src/client_side_request.h 2007-08-14 05:20:51.000000000 +1200
+++ ./squid-3.0.STABLE2/src/client_side_request.h 2008-02-26 12:08:50.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: client_side_request.h,v 1.32 2007/08/13 17:20:51 hno Exp $
+ * $Id: client_side_request.h,v 1.32.2.1 2008/02/25 23:08:50 amosjeffries Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
@@ -183,7 +183,7 @@
BodyPipe::Pointer icapBodySource;
bool request_satisfaction_mode;
- off_t request_satisfaction_offset;
+ int64_t request_satisfaction_offset;
#endif
};
diff -r -u ./squid-3.0.STABLE1/src/comm.cc ./squid-3.0.STABLE2/src/comm.cc
--- ./squid-3.0.STABLE1/src/comm.cc 2007-10-31 17:52:16.000000000 +1300
+++ ./squid-3.0.STABLE2/src/comm.cc 2008-02-27 23:45:50.000000000 +1300
@@ -1,5 +1,5 @@
/*
- * $Id: comm.cc,v 1.438 2007/10/31 04:52:16 amosjeffries Exp $
+ * $Id: comm.cc,v 1.438.2.3 2008/02/27 10:45:50 amosjeffries Exp $
*
* DEBUG: section 5 Socket Functions
* AUTHOR: Harvest Derived
@@ -1103,6 +1103,7 @@
return 0;
}
+ commResetSelect(fd);
close(fd2);
fde *F = &fd_table[fd];
@@ -1252,6 +1253,13 @@
x = connect(sock, (struct sockaddr *) address, sizeof(*address));
+ // XXX: ICAP code refuses callbacks during a pending comm_ call
+ // Async calls development will fix this.
+ if (x == 0) {
+ x = -1;
+ errno = EINPROGRESS;
+ }
+
if (x < 0)
debugs(5, 9, "connect FD " << sock << ": " << xstrerror());
} else
@@ -1897,7 +1905,7 @@
/* A successful write, continue */
state->offset += len;
- if (state->offset < (off_t)state->size) {
+ if (state->offset < state->size) {
/* Not done, reinstall the write handler and write some more */
commSetSelect(fd,
COMM_SELECT_WRITE,
diff -r -u ./squid-3.0.STABLE1/src/comm_epoll.cc ./squid-3.0.STABLE2/src/comm_epoll.cc
--- ./squid-3.0.STABLE1/src/comm_epoll.cc 2007-07-20 01:33:18.000000000 +1200
+++ ./squid-3.0.STABLE2/src/comm_epoll.cc 2008-02-25 16:45:24.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: comm_epoll.cc,v 1.17 2007/07/19 13:33:18 hno Exp $
+ * $Id: comm_epoll.cc,v 1.17.2.1 2008/02/25 03:45:24 amosjeffries Exp $
*
* DEBUG: section 5 Socket Functions
*
@@ -203,6 +203,14 @@
F->timeout = squid_curtime + timeout;
}
+void
+commResetSelect(int fd)
+{
+ fde *F = &fd_table[fd];
+ F->epoll_state = 0;
+ commSetSelect(fd, 0, NULL, NULL, 0);
+}
+
static void commIncomingStats(StoreEntry * sentry);
diff -r -u ./squid-3.0.STABLE1/src/comm.h ./squid-3.0.STABLE2/src/comm.h
--- ./squid-3.0.STABLE1/src/comm.h 2007-09-26 01:24:59.000000000 +1200
+++ ./squid-3.0.STABLE2/src/comm.h 2008-02-25 16:45:24.000000000 +1300
@@ -57,6 +57,7 @@
SQUIDCEXTERN int comm_set_tos(int fd, int tos);
SQUIDCEXTERN void commSetSelect(int, unsigned int, PF *, void *, time_t);
+SQUIDCEXTERN void commResetSelect(int);
SQUIDCEXTERN int comm_udp_sendto(int, const struct sockaddr_in *, int, const void *, int);
extern void comm_write(int fd, const char *buf, int len, IOCB *callback, void *callback_data, FREE *func);
diff -r -u ./squid-3.0.STABLE1/src/comm_kqueue.cc ./squid-3.0.STABLE2/src/comm_kqueue.cc
--- ./squid-3.0.STABLE1/src/comm_kqueue.cc 2007-07-20 01:33:18.000000000 +1200
+++ ./squid-3.0.STABLE2/src/comm_kqueue.cc 2008-02-25 16:45:24.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: comm_kqueue.cc,v 1.17 2007/07/19 13:33:18 hno Exp $
+ * $Id: comm_kqueue.cc,v 1.17.2.1 2008/02/25 03:45:24 amosjeffries Exp $
*
* DEBUG: section 5 Socket Functions
*
@@ -210,6 +210,18 @@
}
+void
+commResetSelect(int fd)
+{
+ fde *F = &fd_table[fd];
+ if (F->read_handler) {
+ kq_update_events(fd, EVFILT_READ, (PF *)1);
+ }
+ if (F->write_handler) {
+ kq_update_events(fd, EVFILT_WRITE, (PF *)1);
+ }
+}
+
/*
* Check all connections for new connections and input data that is to be
* processed. Also check for connections with data queued and whether we can
diff -r -u ./squid-3.0.STABLE1/src/comm_poll.cc ./squid-3.0.STABLE2/src/comm_poll.cc
--- ./squid-3.0.STABLE1/src/comm_poll.cc 2007-09-02 01:09:59.000000000 +1200
+++ ./squid-3.0.STABLE2/src/comm_poll.cc 2008-02-25 16:45:24.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: comm_poll.cc,v 1.24 2007/09/01 13:09:59 hno Exp $
+ * $Id: comm_poll.cc,v 1.24.2.1 2008/02/25 03:45:24 amosjeffries Exp $
*
* DEBUG: section 5 Socket Functions
*
@@ -145,6 +145,11 @@
F->timeout = squid_curtime + timeout;
}
+void
+commResetSelect(int fd)
+{
+}
+
static int
fdIsIcp(int fd)
{
diff -r -u ./squid-3.0.STABLE1/src/comm_select.cc ./squid-3.0.STABLE2/src/comm_select.cc
--- ./squid-3.0.STABLE1/src/comm_select.cc 2007-06-11 00:13:31.000000000 +1200
+++ ./squid-3.0.STABLE2/src/comm_select.cc 2008-02-25 16:45:24.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: comm_select.cc,v 1.81 2007/06/10 12:13:31 hno Exp $
+ * $Id: comm_select.cc,v 1.81.4.1 2008/02/25 03:45:24 amosjeffries Exp $
*
* DEBUG: section 5 Socket Functions
*
@@ -156,6 +156,10 @@
F->timeout = squid_curtime + timeout;
}
+void
+commResetSelect(int fd)
+{
+}
static int
fdIsIcp(int fd)
diff -r -u ./squid-3.0.STABLE1/src/comm_select_win32.cc ./squid-3.0.STABLE2/src/comm_select_win32.cc
--- ./squid-3.0.STABLE1/src/comm_select_win32.cc 2007-05-01 04:56:09.000000000 +1200
+++ ./squid-3.0.STABLE2/src/comm_select_win32.cc 2008-02-25 16:45:24.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: comm_select_win32.cc,v 1.4 2007/04/30 16:56:09 wessels Exp $
+ * $Id: comm_select_win32.cc,v 1.4.4.3 2008/02/25 03:45:24 amosjeffries Exp $
*
* DEBUG: section 5 Socket Functions
*
@@ -156,6 +156,11 @@
F->timeout = squid_curtime + timeout;
}
+void
+commResetSelect(int fd)
+{
+}
+
static int
fdIsIcp(int fd)
@@ -191,36 +196,6 @@
return 0;
}
-#if DELAY_POOLS
-static int slowfdcnt = 0;
-static int slowfdarr[SQUID_MAXFD];
-
-static void
-commAddSlowFd(int fd)
-{
- assert(slowfdcnt < SQUID_MAXFD);
- slowfdarr[slowfdcnt++] = fd;
-}
-
-static int
-commGetSlowFd(void)
-{
- int whichfd, retfd;
-
- if (!slowfdcnt)
- return -1;
-
- whichfd = squid_random() % slowfdcnt;
-
- retfd = slowfdarr[whichfd];
-
- slowfdarr[whichfd] = slowfdarr[--slowfdcnt];
-
- return retfd;
-}
-
-#endif
-
static int
comm_check_incoming_select_handlers(int nfds, int *fds)
{
@@ -268,7 +243,7 @@
for (i = 0; i < nfds; i++) {
fd = fds[i];
- if (FD_ISSET(fd, &read_mask)) {
+ if (__WSAFDIsSet(fd_table[fd].win32.handle, &read_mask)) {
if ((hdl = fd_table[fd].read_handler) != NULL) {
fd_table[fd].read_handler = NULL;
commUpdateReadBits(fd, NULL);
@@ -278,7 +253,7 @@
}
}
- if (FD_ISSET(fd, &write_mask)) {
+ if (__WSAFDIsSet(fd_table[fd].win32.handle, &write_mask)) {
if ((hdl = fd_table[fd].write_handler) != NULL) {
fd_table[fd].write_handler = NULL;
commUpdateWriteBits(fd, NULL);
@@ -365,10 +340,6 @@
fd_set readfds;
fd_set pendingfds;
fd_set writefds;
-#if DELAY_POOLS
-
- fd_set slowfds;
-#endif
PF *hdl = NULL;
int fd;
@@ -394,10 +365,6 @@
double start;
getCurrentTime();
start = current_dtime;
-#if DELAY_POOLS
-
- FD_ZERO(&slowfds);
-#endif
if (commCheckICPIncoming)
comm_select_icp_incoming();
@@ -439,7 +406,7 @@
if (no_bits)
continue;
- if (FD_ISSET(fd, &readfds) && fd_table[fd].flags.read_pending) {
+ if (__WSAFDIsSet(fd_table[fd].win32.handle, &readfds) && fd_table[fd].flags.read_pending) {
FD_SET(fd, &pendingfds);
pending++;
}
@@ -450,11 +417,11 @@
/* Check each open socket for a handler. */
if (fd_table[i].read_handler) {
- assert(FD_ISSET(i, &readfds));
+ assert(__WSAFDIsSet(fd_table[i].win32.handle, readfds));
}
if (fd_table[i].write_handler) {
- assert(FD_ISSET(i, &writefds));
+ assert(__WSAFDIsSet(fd_table[i].win32.handle, writefds));
}
}
@@ -500,7 +467,7 @@
getCurrentTime();
- debugs(5, num ? 5 : 8, "comm_select: " << num << "+" << pending << " FDs ready\n");
+ debugs(5, num ? 5 : 8, "comm_select: " << num << "+" << pending << " FDs ready");
statHistCount(&statCounter.select_fds_hist, num);
@@ -538,7 +505,7 @@
debugs(5, 9, "FD " << fd << " bit set for reading");
- assert(FD_ISSET(fd, &readfds));
+ assert(__WSAFDIsSet(fd_table[fd].win32.handle, readfds));
#endif
@@ -562,16 +529,9 @@
if (NULL == (hdl = F->read_handler))
(void) 0;
-
-#if DELAY_POOLS
-
- else if (FD_ISSET(fd, &slowfds))
- commAddSlowFd(fd);
-
-#endif
-
else {
F->read_handler = NULL;
+ F->flags.read_pending = 0;
commUpdateReadBits(fd, NULL);
hdl(fd, F->read_data);
statCounter.select_fds++;
@@ -631,7 +591,7 @@
debugs(5, 9, "FD " << fd << " bit set for writing");
- assert(FD_ISSET(fd, &writefds));
+ assert(__WSAFDIsSet(fd_table[fd].win32.handle, writefds));
#endif
@@ -667,8 +627,6 @@
if (commCheckHTTPIncoming)
comm_select_http_incoming();
-
-
}
}
@@ -681,30 +639,6 @@
if (callhttp)
comm_select_http_incoming();
-#if DELAY_POOLS
-
- while ((fd = commGetSlowFd()) != -1) {
- F = &fd_table[fd];
- debugs(5, 6, "comm_select: slow FD " << fd << " selected for reading");
-
- if ((hdl = F->read_handler)) {
- F->read_handler = NULL;
- commUpdateReadBits(fd, NULL);
- hdl(fd, F->read_data);
- statCounter.select_fds++;
-
- if (commCheckICPIncoming)
- comm_select_icp_incoming();
-
- if (commCheckDNSIncoming)
- comm_select_dns_incoming();
-
- if (commCheckHTTPIncoming)
- comm_select_http_incoming();
- }
- }
-
-#endif
getCurrentTime();
statCounter.select_time += (current_dtime - start);
@@ -797,9 +731,9 @@
FD_ZERO(&write_x);
tv.tv_sec = tv.tv_usec = 0;
- if (FD_ISSET(fd, readfds))
+ if (__WSAFDIsSet(fd_table[fd].win32.handle, readfds))
FD_SET(fd, &read_x);
- else if (FD_ISSET(fd, writefds))
+ else if (__WSAFDIsSet(fd_table[fd].win32.handle, writefds))
FD_SET(fd, &write_x);
else
continue;
@@ -864,10 +798,10 @@
void
commUpdateReadBits(int fd, PF * handler)
{
- if (handler && !FD_ISSET(fd, &global_readfds)) {
+ if (handler && !__WSAFDIsSet(fd_table[fd].win32.handle, &global_readfds)) {
FD_SET(fd, &global_readfds);
nreadfds++;
- } else if (!handler && FD_ISSET(fd, &global_readfds)) {
+ } else if (!handler && __WSAFDIsSet(fd_table[fd].win32.handle, &global_readfds)) {
FD_CLR(fd, &global_readfds);
nreadfds--;
}
@@ -876,10 +810,10 @@
void
commUpdateWriteBits(int fd, PF * handler)
{
- if (handler && !FD_ISSET(fd, &global_writefds)) {
+ if (handler && !__WSAFDIsSet(fd_table[fd].win32.handle, &global_writefds)) {
FD_SET(fd, &global_writefds);
nwritefds++;
- } else if (!handler && FD_ISSET(fd, &global_writefds)) {
+ } else if (!handler && __WSAFDIsSet(fd_table[fd].win32.handle, &global_writefds)) {
FD_CLR(fd, &global_writefds);
nwritefds--;
}
diff -r -u ./squid-3.0.STABLE1/src/debug.cc ./squid-3.0.STABLE2/src/debug.cc
--- ./squid-3.0.STABLE1/src/debug.cc 2007-12-05 04:20:22.000000000 +1300
+++ ./squid-3.0.STABLE2/src/debug.cc 2008-02-25 16:01:01.000000000 +1300
@@ -1,5 +1,5 @@
/*
- * $Id: debug.cc,v 1.106 2007/12/04 15:20:22 rousskov Exp $
+ * $Id: debug.cc,v 1.106.2.1 2008/02/25 03:01:01 amosjeffries Exp $
*
* DEBUG: section 0 Debug Routines
* AUTHOR: Harvest Derived
@@ -445,7 +445,7 @@
}
for (i = 0; i < MAX_DEBUG_SECTIONS; i++)
- Debug::Levels[i] = -1;
+ Debug::Levels[i] = 0;
if (options) {
p = xstrdup(options);
diff -r -u ./squid-3.0.STABLE1/src/DelayId.cc ./squid-3.0.STABLE2/src/DelayId.cc
--- ./squid-3.0.STABLE1/src/DelayId.cc 2007-09-21 23:41:52.000000000 +1200
+++ ./squid-3.0.STABLE2/src/DelayId.cc 2008-02-10 23:43:09.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: DelayId.cc,v 1.23 2007/09/21 11:41:52 amosjeffries Exp $
+ * $Id: DelayId.cc,v 1.23.2.1 2008/02/10 10:43:09 serassio Exp $
*
* DEBUG: section 77 Delay Pools
* AUTHOR: Robert Collins
@@ -39,9 +39,11 @@
#include "config.h"
-#if !DELAY_POOLS
-#error DELAY_POOLS not enabled
-#endif
+/* MS Visual Studio Projects are monolithic, so we need the following
+ * #if to exclude the delay pools code from compile process when not needed.
+ */
+#if DELAY_POOLS
+
#include "squid.h"
#include "DelayId.h"
#include "client_side_request.h"
@@ -187,3 +189,5 @@
compositeId->delayRead(aRead);
}
+
+#endif /* DELAY_POOLS */
diff -r -u ./squid-3.0.STABLE1/src/dns_internal.cc ./squid-3.0.STABLE2/src/dns_internal.cc
--- ./squid-3.0.STABLE1/src/dns_internal.cc 2007-06-24 09:08:39.000000000 +1200
+++ ./squid-3.0.STABLE2/src/dns_internal.cc 2008-02-10 23:43:09.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: dns_internal.cc,v 1.101 2007/06/23 21:08:39 hno Exp $
+ * $Id: dns_internal.cc,v 1.101.4.1 2008/02/10 10:43:09 serassio Exp $
*
* DEBUG: section 78 DNS lookups; interacts with lib/rfc1035.c
* AUTHOR: Duane Wessels
@@ -51,7 +51,7 @@
#include
#endif
-/* MS VisualStudio Projects are monolithic, so we need the following
+/* MS Visual Studio Projects are monolithic, so we need the following
#ifndef to exclude the internal DNS code from compile process when
using external DNS process.
*/
diff -r -u ./squid-3.0.STABLE1/src/enums.h ./squid-3.0.STABLE2/src/enums.h
--- ./squid-3.0.STABLE1/src/enums.h 2007-08-14 05:20:51.000000000 +1200
+++ ./squid-3.0.STABLE2/src/enums.h 2008-02-25 00:29:55.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: enums.h,v 1.258 2007/08/13 17:20:51 hno Exp $
+ * $Id: enums.h,v 1.258.2.2 2008/02/24 11:29:55 amosjeffries Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
@@ -442,6 +442,8 @@
STORE_META_VARY_HEADERS, /* Stores Vary request headers */
STORE_META_STD_LFS, /* standard metadata in lfs format */
STORE_META_OBJSIZE, /* object size, not impleemented, squid26 compatibility */
+ STORE_META_STOREURL, /* the store url, if different to the normal URL */
+ STORE_META_VARY_ID, /* Unique ID linking variants */
STORE_META_END
};
diff -r -u ./squid-3.0.STABLE1/src/ESIAssign.cc ./squid-3.0.STABLE2/src/ESIAssign.cc
--- ./squid-3.0.STABLE1/src/ESIAssign.cc 2007-05-30 01:31:37.000000000 +1200
+++ ./squid-3.0.STABLE2/src/ESIAssign.cc 2008-02-10 23:43:09.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: ESIAssign.cc,v 1.6 2007/05/29 13:31:37 amosjeffries Exp $
+ * $Id: ESIAssign.cc,v 1.6.4.1 2008/02/10 10:43:09 serassio Exp $
*
* DEBUG: section 86 ESI processing
* AUTHOR: Robert Collins
@@ -34,6 +34,12 @@
*/
#include "squid.h"
+
+/* MS Visual Studio Projects are monolithic, so we need the following
+ * #if to exclude the ESI code from compile process when not needed.
+ */
+#if (USE_SQUID_ESI == 1)
+
#include "ESIAssign.h"
#include "ESIContext.h"
#include "ESISequence.h"
@@ -190,3 +196,5 @@
/* XXX: Implement evaluation of the expression */
ESISegment::ListAppend (state.getOutput(), expression.buf(), expression.size());
}
+
+#endif /* USE_SQUID_ESI == 1 */
diff -r -u ./squid-3.0.STABLE1/src/ESI.cc ./squid-3.0.STABLE2/src/ESI.cc
--- ./squid-3.0.STABLE1/src/ESI.cc 2007-08-28 00:50:42.000000000 +1200
+++ ./squid-3.0.STABLE2/src/ESI.cc 2008-02-26 12:08:50.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: ESI.cc,v 1.26 2007/08/27 12:50:42 hno Exp $
+ * $Id: ESI.cc,v 1.26.2.2 2008/02/25 23:08:50 amosjeffries Exp $
*
* DEBUG: section 86 ESI processing
* AUTHOR: Robert Collins
@@ -35,6 +35,12 @@
*/
#include "squid.h"
+
+/* MS Visual Studio Projects are monolithic, so we need the following
+ * #if to exclude the ESI code from compile process when not needed.
+ */
+#if (USE_SQUID_ESI == 1)
+
#include "ESI.h"
#include "clientStream.h"
#include "client_side_request.h"
@@ -1560,7 +1566,7 @@
assert (s);
buffer = new ESISegment;
ESISegment::Pointer local = buffer;
- off_t start = 0;
+ size_t start = 0;
int remainingCharacters = numberOfCharacters;
while (remainingCharacters > 0) {
@@ -2459,4 +2465,4 @@
return rv;
}
-
+#endif /* USE_SQUID_ESI == 1 */
diff -r -u ./squid-3.0.STABLE1/src/ESIContext.cc ./squid-3.0.STABLE2/src/ESIContext.cc
--- ./squid-3.0.STABLE1/src/ESIContext.cc 2007-04-29 10:26:37.000000000 +1200
+++ ./squid-3.0.STABLE2/src/ESIContext.cc 2008-02-10 23:43:09.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: ESIContext.cc,v 1.3 2007/04/28 22:26:37 hno Exp $
+ * $Id: ESIContext.cc,v 1.3.4.1 2008/02/10 10:43:09 serassio Exp $
*
* DEBUG: section 86 ESI processing
* AUTHOR: Robert Collins
@@ -34,6 +34,12 @@
*/
#include "squid.h"
+
+/* MS Visual Studio Projects are monolithic, so we need the following
+ * #if to exclude the ESI code from compile process when not needed.
+ */
+#if (USE_SQUID_ESI == 1)
+
#include "ESIContext.h"
#include "Store.h"
#include "client_side_request.h"
@@ -106,3 +112,5 @@
if (!errormessage)
errormessage = xstrdup (anError);
}
+
+#endif /* USE_SQUID_ESI == 1 */
diff -r -u ./squid-3.0.STABLE1/src/ESIContext.h ./squid-3.0.STABLE2/src/ESIContext.h
--- ./squid-3.0.STABLE1/src/ESIContext.h 2003-08-05 10:14:40.000000000 +1200
+++ ./squid-3.0.STABLE2/src/ESIContext.h 2008-02-26 12:07:29.000000000 +1300
@@ -1,5 +1,5 @@
/*
- * $Id: ESIContext.h,v 1.4 2003/08/04 22:14:40 robertc Exp $
+ * $Id: ESIContext.h,v 1.4.4.1 2008/02/25 23:07:29 amosjeffries Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
@@ -133,8 +133,8 @@
* for some reason
*/
size_t outbound_offset;
- off_t readpos; /* the logical position we are reading from */
- off_t pos; /* the logical position of outbound_offset in the data stream */
+ int64_t readpos; /* the logical position we are reading from */
+ int64_t pos; /* the logical position of outbound_offset in the data stream */
class ParserState
{
diff -r -u ./squid-3.0.STABLE1/src/ESIInclude.cc ./squid-3.0.STABLE2/src/ESIInclude.cc
--- ./squid-3.0.STABLE1/src/ESIInclude.cc 2007-08-28 00:50:42.000000000 +1200
+++ ./squid-3.0.STABLE2/src/ESIInclude.cc 2008-02-27 18:59:29.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: ESIInclude.cc,v 1.14 2007/08/27 12:50:42 hno Exp $
+ * $Id: ESIInclude.cc,v 1.14.2.2 2008/02/27 05:59:29 amosjeffries Exp $
*
* DEBUG: section 86 ESI processing
* AUTHOR: Robert Collins
@@ -35,6 +35,12 @@
*/
#include "squid.h"
+
+/* MS Visual Studio Projects are monolithic, so we need the following
+ * #if to exclude the ESI code from compile process when not needed.
+ */
+#if (USE_SQUID_ESI == 1)
+
#include "ESIInclude.h"
#include "ESIVarState.h"
#include "client_side_request.h"
@@ -314,7 +320,7 @@
ESIInclude::prepareRequestHeaders(HttpHeader &tempheaders, ESIVarState *vars)
{
tempheaders.update (&vars->header(), NULL);
- tempheaders.removeConnectionHeaderEntries();
+ tempheaders.removeHopByHopEntries();
}
@@ -591,3 +597,4 @@
}
}
+#endif /* USE_SQUID_ESI == 1 */
diff -r -u ./squid-3.0.STABLE1/src/ESISequence.cc ./squid-3.0.STABLE2/src/ESISequence.cc
--- ./squid-3.0.STABLE1/src/ESISequence.cc 2007-04-29 10:26:37.000000000 +1200
+++ ./squid-3.0.STABLE2/src/ESISequence.cc 2008-02-10 23:43:09.000000000 +1300
@@ -1,5 +1,5 @@
/*
- * $Id: ESISequence.cc,v 1.6 2007/04/28 22:26:37 hno Exp $
+ * $Id: ESISequence.cc,v 1.6.4.1 2008/02/10 10:43:09 serassio Exp $
*
* DEBUG: section 86 ESI processing
* AUTHOR: Robert Collins
@@ -34,6 +34,12 @@
*/
#include "squid.h"
+
+/* MS Visual Studio Projects are monolithic, so we need the following
+ * #if to exclude the ESI code from compile process when not needed.
+ */
+#if (USE_SQUID_ESI == 1)
+
#include "ESISequence.h"
#include "ESILiteral.h"
#include "ESIAttempt.h"
@@ -392,3 +398,4 @@
return result;
}
+#endif /* USE_SQUID_ESI == 1 */
diff -r -u ./squid-3.0.STABLE1/src/fd.cc ./squid-3.0.STABLE2/src/fd.cc
--- ./squid-3.0.STABLE1/src/fd.cc 2007-09-26 01:24:59.000000000 +1200
+++ ./squid-3.0.STABLE2/src/fd.cc 2008-03-03 02:34:06.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: fd.cc,v 1.59 2007/09/25 13:24:59 hno Exp $
+ * $Id: fd.cc,v 1.59.2.1 2008/03/02 13:34:06 serassio Exp $
*
* DEBUG: section 51 Filedescriptor Functions
* AUTHOR: Duane Wessels
@@ -113,9 +113,9 @@
socket_read_method(int fd, char *buf, int len)
{
int i;
- PROF_start(send);
+ PROF_start(recv);
i = recv(fd, (void *) buf, len, 0);
- PROF_stop(send);
+ PROF_stop(recv);
return i;
}
@@ -142,7 +142,11 @@
int
file_write_method(int fd, const char *buf, int len)
{
- return (_write(fd, buf, len));
+ int i;
+ PROF_start(write);
+ i = (_write(fd, buf, len));
+ PROF_stop(write);
+ return i;
}
#else
diff -r -u ./squid-3.0.STABLE1/src/forward.cc ./squid-3.0.STABLE2/src/forward.cc
--- ./squid-3.0.STABLE1/src/forward.cc 2007-07-22 04:32:03.000000000 +1200
+++ ./squid-3.0.STABLE2/src/forward.cc 2008-02-27 23:42:23.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: forward.cc,v 1.168 2007/07/21 16:32:03 hno Exp $
+ * $Id: forward.cc,v 1.168.2.2 2008/02/27 10:42:23 amosjeffries Exp $
*
* DEBUG: section 17 Request Forwarding
* AUTHOR: Duane Wessels
@@ -442,6 +442,9 @@
if (flags.dont_retry)
return false;
+ if (!checkRetriable())
+ return false;
+
if (request->bodyNibbled())
return false;
@@ -812,8 +815,12 @@
server_fd = fd;
n_tries++;
- if (!fs->_peer)
+ if (!fs->_peer) {
origin_tries++;
+ hierarchyNote(&request->hier, fs->code, request->host);
+ } else {
+ hierarchyNote(&request->hier, fs->code, fs->_peer->host);
+ }
comm_add_close_handler(fd, fwdServerClosedWrapper, this);
diff -r -u ./squid-3.0.STABLE1/src/fs/Makefile.in ./squid-3.0.STABLE2/src/fs/Makefile.in
--- ./squid-3.0.STABLE1/src/fs/Makefile.in 2007-12-05 14:11:23.000000000 +1300
+++ ./squid-3.0.STABLE2/src/fs/Makefile.in 2008-03-05 01:31:33.000000000 +1300
@@ -16,7 +16,7 @@
# Makefile for storage modules in the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.98 2007/12/05 01:11:23 hno Exp $
+# $Id: Makefile.in,v 1.98.2.1 2008/03/04 12:31:33 amosjeffries Exp $
#
srcdir = @srcdir@
diff -r -u ./squid-3.0.STABLE1/src/helper.h ./squid-3.0.STABLE2/src/helper.h
--- ./squid-3.0.STABLE1/src/helper.h 2007-05-08 06:38:40.000000000 +1200
+++ ./squid-3.0.STABLE2/src/helper.h 2008-02-26 12:08:51.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: helper.h,v 1.9 2007/05/07 18:38:40 wessels Exp $
+ * $Id: helper.h,v 1.9.4.1 2008/02/25 23:08:51 amosjeffries Exp $
*
* DEBUG: section 84 Helper process maintenance
* AUTHOR: Harvest Derived?
@@ -117,7 +117,7 @@
MemBuf *writebuf;
char *rbuf;
size_t rbuf_sz;
- off_t roffset;
+ size_t roffset;
struct timeval dispatch_time;
@@ -164,7 +164,7 @@
/* MemBuf writebuf; */
char *rbuf;
size_t rbuf_sz;
- off_t roffset;
+ size_t roffset;
struct timeval dispatch_time;
diff -r -u ./squid-3.0.STABLE1/src/HttpHeader.cc ./squid-3.0.STABLE2/src/HttpHeader.cc
--- ./squid-3.0.STABLE1/src/HttpHeader.cc 2007-11-27 02:09:55.000000000 +1300
+++ ./squid-3.0.STABLE2/src/HttpHeader.cc 2008-02-27 18:59:29.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: HttpHeader.cc,v 1.138 2007/11/26 13:09:55 hno Exp $
+ * $Id: HttpHeader.cc,v 1.138.2.1 2008/02/27 05:59:29 amosjeffries Exp $
*
* DEBUG: section 55 HTTP Header
* AUTHOR: Alex Rousskov
@@ -236,6 +236,12 @@
HDR_USER_AGENT, HDR_X_FORWARDED_FOR, HDR_SURROGATE_CAPABILITY
};
+static http_hdr_type HopByHopHeadersArr[] =
+ {
+ HDR_CONNECTION, HDR_KEEP_ALIVE, HDR_PROXY_AUTHENTICATE, HDR_PROXY_AUTHORIZATION,
+ HDR_TE, HDR_TRAILERS, HDR_TRANSFER_ENCODING, HDR_UPGRADE
+ };
+
/* header accounting */
static HttpHeaderStat HttpHeaderStats[] =
{
@@ -1763,6 +1769,18 @@
}
void
+HttpHeader::removeHopByHopEntries()
+{
+ removeConnectionHeaderEntries();
+
+ int count = countof(HopByHopHeadersArr);
+
+ for (int i=0; i entries; /* parsed fields in raw format */
HttpHeaderMask mask; /* bit set <=> entry present */
http_hdr_owner_type owner; /* request or reply */
int len; /* length when packed, not counting terminating '\0' */
+protected:
+ void removeConnectionHeaderEntries();
+
private:
HttpHeaderEntry *findLastEntry(http_hdr_type id) const;
// Make it non-copyable. Our destructor is a bit nasty...
diff -r -u ./squid-3.0.STABLE1/src/ICAP/ICAPModXact.cc ./squid-3.0.STABLE2/src/ICAP/ICAPModXact.cc
--- ./squid-3.0.STABLE1/src/ICAP/ICAPModXact.cc 2007-09-18 04:42:29.000000000 +1200
+++ ./squid-3.0.STABLE2/src/ICAP/ICAPModXact.cc 2008-02-27 18:59:30.000000000 +1300
@@ -34,7 +34,7 @@
ICAPModXact::State::State()
{
- memset(this, sizeof(*this), 0);
+ memset(this, 0, sizeof(*this));
}
ICAPModXact::ICAPModXact(ICAPInitiator *anInitiator, HttpMsg *virginHeader,
@@ -1085,6 +1085,16 @@
if (!TheICAPConfig.reuse_connections)
buf.Printf("Connection: close\r\n");
+ // we must forward "Proxy-Authenticate" and "Proxy-Authorization"
+ // as ICAP headers.
+ if (virgin.header->header.has(HDR_PROXY_AUTHENTICATE))
+ buf.Printf("Proxy-Authenticate: %s\r\n",
+ virgin.header->header.getByName("Proxy-Authenticate").buf());
+
+ if (virgin.header->header.has(HDR_PROXY_AUTHORIZATION))
+ buf.Printf("Proxy-Authorization: %s\r\n",
+ virgin.header->header.getByName("Proxy-Authorization").buf());
+
buf.Printf("Encapsulated: ");
MemBuf httpBuf;
@@ -1173,8 +1183,38 @@
// update ICAP header
icapBuf.Printf("%s=%d, ", section, (int) httpBuf.contentSize());
- // pack HTTP head
- packHead(httpBuf, head);
+ // begin cloning
+ HttpMsg *headClone = NULL;
+
+ if (const HttpRequest* old_request = dynamic_cast(head)) {
+ HttpRequest* new_request = new HttpRequest;
+ urlParse(old_request->method, old_request->canonical,new_request);
+ new_request->http_ver = old_request->http_ver;
+ inheritVirginProperties(*new_request, *old_request);
+ headClone = new_request;
+ }
+ else if (const HttpReply *old_reply = dynamic_cast(head)) {
+ HttpReply* new_reply = new HttpReply;
+ new_reply->sline = old_reply->sline;
+ headClone = new_reply;
+ }
+
+ Must(headClone);
+
+ HttpHeaderPos pos = HttpHeaderInitPos;
+ HttpHeaderEntry* p_head_entry = NULL;
+ while (NULL != (p_head_entry = head->header.getEntry(&pos)) )
+ headClone->header.addEntry(p_head_entry->clone());
+
+ // end cloning
+
+ // remove all hop-by-hop headers from the clone
+ headClone->header.removeHopByHopEntries();
+
+ // pack polished HTTP header
+ packHead(httpBuf, headClone);
+
+ delete headClone;
}
void ICAPModXact::packHead(MemBuf &httpBuf, const HttpMsg *head)
diff -r -u ./squid-3.0.STABLE1/src/ipc_win32.cc ./squid-3.0.STABLE2/src/ipc_win32.cc
--- ./squid-3.0.STABLE1/src/ipc_win32.cc 2007-05-01 04:56:09.000000000 +1200
+++ ./squid-3.0.STABLE2/src/ipc_win32.cc 2008-02-18 08:34:44.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: ipc_win32.cc,v 1.4 2007/04/30 16:56:09 wessels Exp $
+ * $Id: ipc_win32.cc,v 1.4.4.1 2008/02/17 19:34:44 serassio Exp $
*
* DEBUG: section 54 Windows Interprocess Communication
* AUTHOR: Andrey Shorin
@@ -411,7 +411,7 @@
debugs(54, 3, "ipcCreate: CHILD accepted new FD " << fd);
comm_close(crfd);
snprintf(buf1, 8191, "%s CHILD socket", prog);
- fd_open(fd, FD_SOCKET, buf1);
+ fdc_open(fd, FD_SOCKET, buf1);
fd_table[fd].flags.ipc = 1;
cwfd = crfd = fd;
} else if (type == IPC_UDP_SOCKET) {
diff -r -u ./squid-3.0.STABLE1/src/main.cc ./squid-3.0.STABLE2/src/main.cc
--- ./squid-3.0.STABLE1/src/main.cc 2007-12-02 21:23:56.000000000 +1300
+++ ./squid-3.0.STABLE2/src/main.cc 2008-02-26 13:15:55.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: main.cc,v 1.451 2007/12/02 08:23:56 amosjeffries Exp $
+ * $Id: main.cc,v 1.451.2.5 2008/02/26 00:15:55 amosjeffries Exp $
*
* DEBUG: section 1 Startup and Main Loop
* AUTHOR: Harvest Derived
@@ -62,10 +62,7 @@
#if USE_POLL
#include "comm_poll.h"
#endif
-#if USE_SELECT
-#include "comm_select.h"
-#endif
-#if USE_SELECT_WIN32
+#if defined(USE_SELECT) || defined(USE_SELECT_WIN32)
#include "comm_select.h"
#endif
#include "SquidTime.h"
@@ -635,6 +632,7 @@
errorClean();
enter_suid(); /* root to read config file */
parseConfigFile(ConfigFile, manager);
+ Mem::Report();
setEffectiveUser();
_db_init(Config.Log.log, Config.debugOptions);
ipcache_restart(); /* clear stuck entries */
@@ -826,6 +824,10 @@
if (WIN32_Socks_initialized)
debugs(1, 1, "Windows sockets initialized");
+ if (WIN32_OS_version > _WIN_OS_WINNT) {
+ WIN32_IpAddrChangeMonitorInit();
+ }
+
#endif
if (!configured_once)
@@ -925,7 +927,7 @@
commPollRegisterWithCacheManager(manager);
#endif
-#ifdef USE_SELECT
+#if defined(USE_SELECT) || defined(USE_SELECT_WIN32)
commSelectRegisterWithCacheManager(manager);
#endif
@@ -1077,7 +1079,7 @@
sbrk_start = sbrk(0);
#endif
- Debug::parseOptions("ALL,1");
+ Debug::parseOptions(NULL);
debug_log = stderr;
#if defined(SQUID_MAXFD_LIMIT)
@@ -1152,6 +1154,10 @@
mainParseOptions(argc, argv);
+ if (opt_parse_cfg_only) {
+ Debug::parseOptions("ALL,1");
+ }
+
#if USE_WIN32_SERVICE
if (opt_install_service)
@@ -1199,6 +1205,8 @@
parse_err = parseConfigFile(ConfigFile, manager);
+ Mem::Report();
+
if (opt_parse_cfg_only)
return parse_err;
diff -r -u ./squid-3.0.STABLE1/src/Makefile.am ./squid-3.0.STABLE2/src/Makefile.am
--- ./squid-3.0.STABLE1/src/Makefile.am 2007-10-31 17:52:15.000000000 +1300
+++ ./squid-3.0.STABLE2/src/Makefile.am 2008-02-27 18:51:04.000000000 +1300
@@ -1,7 +1,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.am,v 1.193 2007/10/31 04:52:15 amosjeffries Exp $
+# $Id: Makefile.am,v 1.193.2.1 2008/02/27 05:51:04 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
@@ -329,6 +329,8 @@
ACLMyIP.h \
ACLMyPort.cc \
ACLMyPort.h \
+ ACLMyPortName.cc \
+ ACLMyPortName.h \
ACLProtocol.cc \
ACLProtocol.h \
ACLProtocolData.cc \
diff -r -u ./squid-3.0.STABLE1/src/Makefile.in ./squid-3.0.STABLE2/src/Makefile.in
--- ./squid-3.0.STABLE1/src/Makefile.in 2007-12-05 14:11:21.000000000 +1300
+++ ./squid-3.0.STABLE2/src/Makefile.in 2008-03-05 01:31:33.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.447 2007/12/05 01:11:21 hno Exp $
+# $Id: Makefile.in,v 1.447.2.2 2008/03/04 12:31:33 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#
@@ -186,10 +186,10 @@
ACLMaxConnection.cc ACLMaxConnection.h ACLMaxUserIP.cc \
ACLMaxUserIP.h ACLMethod.cc ACLMethod.h ACLMethodData.cc \
ACLMethodData.h ACLMyIP.cc ACLMyIP.h ACLMyPort.cc ACLMyPort.h \
- ACLProtocol.cc ACLProtocol.h ACLProtocolData.cc \
- ACLProtocolData.h ACLProxyAuth.cc ACLProxyAuth.h ACLReferer.cc \
- ACLReferer.h ACLRegexData.cc ACLRegexData.h \
- ACLReplyHeaderStrategy.h ACLReplyMIMEType.cc \
+ ACLMyPortName.cc ACLMyPortName.h ACLProtocol.cc ACLProtocol.h \
+ ACLProtocolData.cc ACLProtocolData.h ACLProxyAuth.cc \
+ ACLProxyAuth.h ACLReferer.cc ACLReferer.h ACLRegexData.cc \
+ ACLRegexData.h ACLReplyHeaderStrategy.h ACLReplyMIMEType.cc \
ACLReplyMIMEType.h ACLHTTPRepHeader.cc ACLHTTPRepHeader.h \
ACLHTTPReqHeader.cc ACLHTTPReqHeader.h \
ACLRequestHeaderStrategy.h ACLRequestMIMEType.cc \
@@ -277,16 +277,16 @@
ACLIntRange.$(OBJEXT) ACLIP.$(OBJEXT) \
ACLMaxConnection.$(OBJEXT) ACLMaxUserIP.$(OBJEXT) \
ACLMethod.$(OBJEXT) ACLMethodData.$(OBJEXT) ACLMyIP.$(OBJEXT) \
- ACLMyPort.$(OBJEXT) ACLProtocol.$(OBJEXT) \
- ACLProtocolData.$(OBJEXT) ACLProxyAuth.$(OBJEXT) \
- ACLReferer.$(OBJEXT) ACLRegexData.$(OBJEXT) \
- ACLReplyMIMEType.$(OBJEXT) ACLHTTPRepHeader.$(OBJEXT) \
- ACLHTTPReqHeader.$(OBJEXT) ACLRequestMIMEType.$(OBJEXT) \
- ACLSourceDomain.$(OBJEXT) ACLSourceIP.$(OBJEXT) \
- ACLStrategised.$(OBJEXT) ACLStringData.$(OBJEXT) \
- ACLTime.$(OBJEXT) ACLTimeData.$(OBJEXT) ACLUrl.$(OBJEXT) \
- ACLUrlPath.$(OBJEXT) ACLUrlPort.$(OBJEXT) \
- ACLUserData.$(OBJEXT)
+ ACLMyPort.$(OBJEXT) ACLMyPortName.$(OBJEXT) \
+ ACLProtocol.$(OBJEXT) ACLProtocolData.$(OBJEXT) \
+ ACLProxyAuth.$(OBJEXT) ACLReferer.$(OBJEXT) \
+ ACLRegexData.$(OBJEXT) ACLReplyMIMEType.$(OBJEXT) \
+ ACLHTTPRepHeader.$(OBJEXT) ACLHTTPReqHeader.$(OBJEXT) \
+ ACLRequestMIMEType.$(OBJEXT) ACLSourceDomain.$(OBJEXT) \
+ ACLSourceIP.$(OBJEXT) ACLStrategised.$(OBJEXT) \
+ ACLStringData.$(OBJEXT) ACLTime.$(OBJEXT) \
+ ACLTimeData.$(OBJEXT) ACLUrl.$(OBJEXT) ACLUrlPath.$(OBJEXT) \
+ ACLUrlPort.$(OBJEXT) ACLUserData.$(OBJEXT)
am__objects_7 = comm_select.$(OBJEXT) comm_select_win32.$(OBJEXT) \
comm_poll.$(OBJEXT) comm_epoll.$(OBJEXT) comm_kqueue.$(OBJEXT)
am__objects_8 = delay_pools.$(OBJEXT) DelayId.$(OBJEXT) \
@@ -1968,6 +1968,8 @@
ACLMyIP.h \
ACLMyPort.cc \
ACLMyPort.h \
+ ACLMyPortName.cc \
+ ACLMyPortName.h \
ACLProtocol.cc \
ACLProtocol.h \
ACLProtocolData.cc \
@@ -4628,6 +4630,7 @@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ACLMethodData.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ACLMyIP.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ACLMyPort.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ACLMyPortName.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ACLProtocol.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ACLProtocolData.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ACLProxyAuth.Po@am__quote@
diff -r -u ./squid-3.0.STABLE1/src/mem.cc ./squid-3.0.STABLE2/src/mem.cc
--- ./squid-3.0.STABLE1/src/mem.cc 2007-11-16 05:47:35.000000000 +1300
+++ ./squid-3.0.STABLE2/src/mem.cc 2008-02-26 13:15:55.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: mem.cc,v 1.106 2007/11/15 16:47:35 wessels Exp $
+ * $Id: mem.cc,v 1.106.2.1 2008/02/26 00:15:55 amosjeffries Exp $
*
* DEBUG: section 13 High Level Memory Pool Management
* AUTHOR: Harvest Derived
@@ -382,8 +382,6 @@
* debug messages here at level 0 or 1 will always be printed
* on stderr.
*/
- debugs(13, 3, "Memory pools are '" << ((Config.onoff.mem_pools ? "on" : "off")) << "'; limit: "<<
- std::setprecision(3) << toMB(MemPools::GetInstance().idleLimit()) << " MB");
/* set all pointers to null */
memset(MemPools, '\0', sizeof(MemPools));
@@ -431,6 +429,15 @@
}
void
+Mem::Report()
+{
+ debugs(13, 3, "Memory pools are '" <<
+ (Config.onoff.mem_pools ? "on" : "off") << "'; limit: " <<
+ std::setprecision(3) << toMB(MemPools::GetInstance().idleLimit()) <<
+ " MB");
+}
+
+void
Mem::RegisterWithCacheManager(CacheManager & manager)
{
manager.registerAction("mem",
diff -r -u ./squid-3.0.STABLE1/src/Mem.h ./squid-3.0.STABLE2/src/Mem.h
--- ./squid-3.0.STABLE1/src/Mem.h 2006-05-29 12:15:01.000000000 +1200
+++ ./squid-3.0.STABLE2/src/Mem.h 2008-02-26 13:15:55.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: Mem.h,v 1.4 2006/05/29 00:15:01 robertc Exp $
+ * $Id: Mem.h,v 1.4.4.1 2008/02/26 00:15:55 amosjeffries Exp $
*
* DEBUG: section 13 High Level Memory Pool Management
* AUTHOR: Harvest Derived
@@ -47,6 +47,7 @@
public:
static void Init();
+ static void Report();
static void RegisterWithCacheManager(CacheManager & manager);
static void Stats(StoreEntry *);
static void CleanIdlePools(void *unused);
diff -r -u ./squid-3.0.STABLE1/src/mem_node.cc ./squid-3.0.STABLE2/src/mem_node.cc
--- ./squid-3.0.STABLE1/src/mem_node.cc 2007-08-14 05:20:51.000000000 +1200
+++ ./squid-3.0.STABLE2/src/mem_node.cc 2008-02-25 15:45:50.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: mem_node.cc,v 1.10 2007/08/13 17:20:51 hno Exp $
+ * $Id: mem_node.cc,v 1.10.2.1 2008/02/25 02:45:50 amosjeffries Exp $
*
* DEBUG: section 19 Store Memory Primitives
* AUTHOR: Robert Collins
@@ -38,7 +38,6 @@
static int makeMemNodeDataOffset();
-unsigned long mem_node::store_mem_size;
static int _mem_node_data_offset = makeMemNodeDataOffset();
/*
@@ -70,9 +69,7 @@
{}
mem_node::~mem_node()
-{
- store_mem_size -= nodeBuffer.length;
-}
+{}
size_t
mem_node::InUseCount()
@@ -80,6 +77,12 @@
return Pool().inUseCount();
}
+size_t
+mem_node::StoreMemSize()
+{
+ return InUseCount() * SM_PAGE_SIZE;
+}
+
int64_t
mem_node::start() const
{
diff -r -u ./squid-3.0.STABLE1/src/mem_node.h ./squid-3.0.STABLE2/src/mem_node.h
--- ./squid-3.0.STABLE1/src/mem_node.h 2007-08-14 05:20:51.000000000 +1200
+++ ./squid-3.0.STABLE2/src/mem_node.h 2008-02-25 15:45:50.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: mem_node.h,v 1.10 2007/08/13 17:20:51 hno Exp $
+ * $Id: mem_node.h,v 1.10.2.1 2008/02/25 02:45:50 amosjeffries Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
@@ -42,7 +42,7 @@
public:
static size_t InUseCount();
- static unsigned long store_mem_size; /* 0 */
+ static size_t StoreMemSize();
MEMPROXY_CLASS(mem_node);
mem_node(int64_t);
diff -r -u ./squid-3.0.STABLE1/src/neighbors.cc ./squid-3.0.STABLE2/src/neighbors.cc
--- ./squid-3.0.STABLE1/src/neighbors.cc 2007-11-14 12:25:34.000000000 +1300
+++ ./squid-3.0.STABLE2/src/neighbors.cc 2008-02-25 15:55:16.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: neighbors.cc,v 1.350 2007/11/13 23:25:34 rousskov Exp $
+ * $Id: neighbors.cc,v 1.350.2.1 2008/02/25 02:55:16 amosjeffries Exp $
*
* DEBUG: section 15 Neighbor Routines
* AUTHOR: Harvest Derived
@@ -239,9 +239,8 @@
if (squid_curtime - p->stats.last_query > Config.Timeout.deadPeer)
return 1;
- if (p->icp.port == echo_port)
- if (!neighborUp(p))
- return 0;
+ if (!neighborUp(p))
+ return 0;
return 1;
}
diff -r -u ./squid-3.0.STABLE1/src/net_db.cc ./squid-3.0.STABLE2/src/net_db.cc
--- ./squid-3.0.STABLE1/src/net_db.cc 2007-11-27 20:48:40.000000000 +1300
+++ ./squid-3.0.STABLE2/src/net_db.cc 2008-02-26 12:08:51.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: net_db.cc,v 1.198 2007/11/27 07:48:40 amosjeffries Exp $
+ * $Id: net_db.cc,v 1.198.2.1 2008/02/25 23:08:51 amosjeffries Exp $
*
* DEBUG: section 38 Network Measurement Database
* AUTHOR: Duane Wessels
@@ -72,7 +72,7 @@
StoreEntry *e;
store_client *sc;
HttpRequest *r;
- off_t used;
+ int64_t used;
size_t buf_sz;
char buf[NETDB_REQBUF_SZ];
int buf_ofs;
@@ -678,7 +678,7 @@
{
netdbExchangeState *ex = (netdbExchangeState *)data;
int rec_sz = 0;
- off_t o;
+ int o;
struct IN_ADDR addr;
double rtt;
diff -r -u ./squid-3.0.STABLE1/src/pconn.cc ./squid-3.0.STABLE2/src/pconn.cc
--- ./squid-3.0.STABLE1/src/pconn.cc 2007-05-30 01:31:40.000000000 +1200
+++ ./squid-3.0.STABLE2/src/pconn.cc 2008-02-25 01:06:41.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: pconn.cc,v 1.53 2007/05/29 13:31:40 amosjeffries Exp $
+ * $Id: pconn.cc,v 1.53.4.1 2008/02/24 12:06:41 amosjeffries Exp $
*
* DEBUG: section 48 Persistent Connections
* AUTHOR: Duane Wessels
@@ -139,7 +139,7 @@
{
assert(nfds);
- for (int i = 0; i< nfds; i++) {
+ for (int i=nfds-1; i>=0; i--) {
if (!comm_has_pending_read_callback(fds[i])) {
return fds[i];
}
@@ -284,7 +284,7 @@
if (list == NULL)
return -1;
- int fd = list->findUseableFD();
+ int fd = list->findUseableFD(); // search from the end. skip pending reads.
if (fd >= 0)
{
diff -r -u ./squid-3.0.STABLE1/src/pconn.h ./squid-3.0.STABLE2/src/pconn.h
--- ./squid-3.0.STABLE1/src/pconn.h 2007-05-12 01:20:57.000000000 +1200
+++ ./squid-3.0.STABLE2/src/pconn.h 2008-02-25 01:06:41.000000000 +1300
@@ -19,10 +19,10 @@
~IdleConnList();
int numIdle() { return nfds; }
- int findFDIndex(int fd);
+ int findFDIndex(int fd); ///< search from the end of array
void removeFD(int fd);
void push(int fd);
- int findUseableFD();
+ int findUseableFD(); ///< find first from the end not pending read fd.
void clearHandlers(int fd);
private:
diff -r -u ./squid-3.0.STABLE1/src/peer_digest.cc ./squid-3.0.STABLE2/src/peer_digest.cc
--- ./squid-3.0.STABLE1/src/peer_digest.cc 2007-08-28 00:50:43.000000000 +1200
+++ ./squid-3.0.STABLE2/src/peer_digest.cc 2008-02-26 12:08:51.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: peer_digest.cc,v 1.127 2007/08/27 12:50:43 hno Exp $
+ * $Id: peer_digest.cc,v 1.127.2.1 2008/02/25 23:08:51 amosjeffries Exp $
*
* DEBUG: section 72 Peer Digest Routines
* AUTHOR: Alex Rousskov
@@ -724,10 +724,10 @@
fetch->mask_offset += size;
- if (fetch->mask_offset >= (off_t)pd->cd->mask_size) {
+ if (fetch->mask_offset >= pd->cd->mask_size) {
debugs(72, 2, "peerDigestSwapInMask: Done! Got " <<
fetch->mask_offset << ", expected " << pd->cd->mask_size);
- assert(fetch->mask_offset == (off_t)pd->cd->mask_size);
+ assert(fetch->mask_offset == pd->cd->mask_size);
assert(peerDigestFetchedEnough(fetch, NULL, 0, "peerDigestSwapInMask"));
return -1; /* XXX! */
} else {
diff -r -u ./squid-3.0.STABLE1/src/protos.h ./squid-3.0.STABLE2/src/protos.h
--- ./squid-3.0.STABLE1/src/protos.h 2007-09-28 12:22:38.000000000 +1200
+++ ./squid-3.0.STABLE2/src/protos.h 2008-02-18 00:32:23.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: protos.h,v 1.550 2007/09/28 00:22:38 hno Exp $
+ * $Id: protos.h,v 1.550.2.1 2008/02/17 11:32:23 serassio Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
@@ -771,8 +771,8 @@
SQUIDCEXTERN int WIN32_getrusage(int, struct rusage *);
SQUIDCEXTERN void WIN32_ExceptionHandlerInit(void);
-SQUIDCEXTERN int Win32__WSAFDIsSet(int fd, fd_set* set
- );
+SQUIDCEXTERN int Win32__WSAFDIsSet(int fd, fd_set* set);
+SQUIDCEXTERN DWORD WIN32_IpAddrChangeMonitorInit();
#endif
diff -r -u ./squid-3.0.STABLE1/src/repl/Makefile.in ./squid-3.0.STABLE2/src/repl/Makefile.in
--- ./squid-3.0.STABLE1/src/repl/Makefile.in 2007-12-05 14:11:23.000000000 +1300
+++ ./squid-3.0.STABLE2/src/repl/Makefile.in 2008-03-05 01:31:34.000000000 +1300
@@ -16,7 +16,7 @@
# Makefile for storage modules in the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.92 2007/12/05 01:11:23 hno Exp $
+# $Id: Makefile.in,v 1.92.2.1 2008/03/04 12:31:34 amosjeffries Exp $
#
srcdir = @srcdir@
diff -r -u ./squid-3.0.STABLE1/src/Server.h ./squid-3.0.STABLE2/src/Server.h
--- ./squid-3.0.STABLE1/src/Server.h 2007-09-28 02:34:06.000000000 +1200
+++ ./squid-3.0.STABLE2/src/Server.h 2008-02-26 12:07:29.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: Server.h,v 1.10 2007/09/27 14:34:06 rousskov Exp $
+ * $Id: Server.h,v 1.10.2.1 2008/02/25 23:07:29 amosjeffries Exp $
*
* AUTHOR: Duane Wessels
*
@@ -163,7 +163,7 @@
size_t replyBodySpace(size_t space = 4096 * 10);
// These should be private
- off_t currentOffset; // Our current offset in the StoreEntry
+ int64_t currentOffset; // Our current offset in the StoreEntry
MemBuf *responseBodyBuffer; // Data temporarily buffered for ICAP
public: // should not be
diff -r -u ./squid-3.0.STABLE1/src/snmp_agent.cc ./squid-3.0.STABLE2/src/snmp_agent.cc
--- ./squid-3.0.STABLE1/src/snmp_agent.cc 2007-04-29 10:26:37.000000000 +1200
+++ ./squid-3.0.STABLE2/src/snmp_agent.cc 2008-02-25 15:45:50.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: snmp_agent.cc,v 1.96 2007/04/28 22:26:37 hno Exp $
+ * $Id: snmp_agent.cc,v 1.96.4.1 2008/02/25 02:45:50 amosjeffries Exp $
*
* DEBUG: section 49 SNMP Interface
* AUTHOR: Kostas Anagnostakis
@@ -57,7 +57,7 @@
case SYSVMSIZ:
Answer = snmp_var_new_integer(Var->name, Var->name_length,
- mem_node::store_mem_size >> 10,
+ mem_node::StoreMemSize() >> 10,
ASN_INTEGER);
break;
diff -r -u ./squid-3.0.STABLE1/src/snmp_core.cc ./squid-3.0.STABLE2/src/snmp_core.cc
--- ./squid-3.0.STABLE1/src/snmp_core.cc 2007-07-06 23:30:45.000000000 +1200
+++ ./squid-3.0.STABLE2/src/snmp_core.cc 2008-02-27 23:11:47.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: snmp_core.cc,v 1.79 2007/07/06 11:30:45 amosjeffries Exp $
+ * $Id: snmp_core.cc,v 1.79.4.1 2008/02/27 10:11:47 amosjeffries Exp $
*
* DEBUG: section 49 SNMP support
* AUTHOR: Glenn Chisholm
@@ -1106,7 +1106,7 @@
for (x = 0; x < Len; x++) {
snprintf(mbuf, sizeof(mbuf), ".%u", (unsigned int) Name[x]);
- strncat(objid, mbuf, sizeof(objid));
+ strncat(objid, mbuf, sizeof(objid) - strlen(objid) - 1);
}
debugs(49, lvl, " oid = " << objid);
diff -r -u ./squid-3.0.STABLE1/src/SquidString.h ./squid-3.0.STABLE2/src/SquidString.h
--- ./squid-3.0.STABLE1/src/SquidString.h 2007-11-05 12:59:51.000000000 +1300
+++ ./squid-3.0.STABLE2/src/SquidString.h 2008-02-27 23:47:59.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: SquidString.h,v 1.12 2007/11/04 23:59:51 amosjeffries Exp $
+ * $Id: SquidString.h,v 1.12.2.1 2008/02/27 10:47:59 amosjeffries Exp $
*
* DEBUG: section 67 String
* AUTHOR: Duane Wessels
@@ -36,6 +36,8 @@
#ifndef SQUID_STRING_H
#define SQUID_STRING_H
+#include "config.h"
+
/* forward decls */
class CacheManager;
diff -r -u ./squid-3.0.STABLE1/src/ssl_support.cc ./squid-3.0.STABLE2/src/ssl_support.cc
--- ./squid-3.0.STABLE1/src/ssl_support.cc 2007-04-29 10:26:37.000000000 +1200
+++ ./squid-3.0.STABLE2/src/ssl_support.cc 2008-02-10 23:43:09.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: ssl_support.cc,v 1.35 2007/04/28 22:26:37 hno Exp $
+ * $Id: ssl_support.cc,v 1.35.4.1 2008/02/10 10:43:09 serassio Exp $
*
* AUTHOR: Benno Rice
* DEBUG: section 83 SSL accelerator support
@@ -34,6 +34,12 @@
*/
#include "squid.h"
+
+/* MS Visual Studio Projects are monolithic, so we need the following
+ * #if to exclude the SSL code from compile process when not needed.
+ */
+#if USE_SSL
+
#include "fde.h"
static int
@@ -1058,3 +1064,5 @@
return str;
}
+
+#endif /* USE_SSL */
diff -r -u ./squid-3.0.STABLE1/src/stat.cc ./squid-3.0.STABLE2/src/stat.cc
--- ./squid-3.0.STABLE1/src/stat.cc 2007-09-21 08:22:20.000000000 +1200
+++ ./squid-3.0.STABLE2/src/stat.cc 2008-03-01 23:45:34.000000000 +1300
@@ -1,5 +1,5 @@
/*
- * $Id: stat.cc,v 1.410 2007/09/20 20:22:20 hno Exp $
+ * $Id: stat.cc,v 1.410.2.3 2008/03/01 10:45:34 amosjeffries Exp $
*
* DEBUG: section 18 Cache Manager Statistics
* AUTHOR: Harvest Derived
@@ -541,16 +541,16 @@
store_swap_size);
storeAppendPrintf(sentry, "\tStorage Swap capacity:\t%4.1f%% used, %4.1f%% free\n",
- dpercent((int) store_swap_size, (int) Store::Root().maxSize()),
- dpercent((int) (Store::Root().maxSize() - store_swap_size), (int) Store::Root().maxSize()));
+ dpercent(store_swap_size, Store::Root().maxSize()),
+ dpercent((Store::Root().maxSize() - store_swap_size), Store::Root().maxSize()));
-
- storeAppendPrintf(sentry, "\tStorage Mem size:\t%d KB\n",
- (int) (mem_node::store_mem_size >> 10));
+
+ storeAppendPrintf(sentry, "\tStorage Mem size:\t%lu KB\n",
+ (unsigned long)mem_node::StoreMemSize() >> 10);
storeAppendPrintf(sentry, "\tStorage Mem capacity:\t%4.1f%% used, %4.1f%% free\n",
dpercent(mem_node::InUseCount(), store_pages_max),
- dpercent(((double)store_pages_max - mem_node::InUseCount()), store_pages_max));
+ dpercent((store_pages_max - mem_node::InUseCount()), store_pages_max));
storeAppendPrintf(sentry, "\tMean Object Size:\t%0.2f KB\n",
n_disk_objects ? (double) store_swap_size / n_disk_objects : 0.0);
diff -r -u ./squid-3.0.STABLE1/src/stmem.cc ./squid-3.0.STABLE2/src/stmem.cc
--- ./squid-3.0.STABLE1/src/stmem.cc 2007-08-14 06:25:14.000000000 +1200
+++ ./squid-3.0.STABLE2/src/stmem.cc 2008-02-25 15:45:50.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: stmem.cc,v 1.92 2007/08/13 18:25:14 hno Exp $
+ * $Id: stmem.cc,v 1.92.2.1 2008/02/25 02:45:50 amosjeffries Exp $
*
* DEBUG: section 19 Store Memory Primitives
* AUTHOR: Harvest Derived
@@ -150,8 +150,6 @@
/* Adjust the ptr and len according to what was deposited in the page */
aNode->nodeBuffer.length += copyLen;
- mem_node::store_mem_size += copyLen;
-
return copyLen;
}
diff -r -u ./squid-3.0.STABLE1/src/store_client.cc ./squid-3.0.STABLE2/src/store_client.cc
--- ./squid-3.0.STABLE1/src/store_client.cc 2007-08-28 00:50:43.000000000 +1200
+++ ./squid-3.0.STABLE2/src/store_client.cc 2008-02-26 12:08:51.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: store_client.cc,v 1.159 2007/08/27 12:50:43 hno Exp $
+ * $Id: store_client.cc,v 1.159.2.1 2008/02/25 23:08:51 amosjeffries Exp $
*
* DEBUG: section 90 Storage Manager Client-Side Interface
* AUTHOR: Duane Wessels
@@ -698,14 +698,6 @@
return 1;
}
-#if UNUSED_CODE_20070420
-off_t
-storeLowestMemReaderOffset(const StoreEntry * entry)
-{
- return entry->mem_obj->lowestMemReaderOffset();
-}
-#endif
-
/* Call handlers waiting for data to be appended to E. */
void
StoreEntry::invokeHandlers()
diff -r -u ./squid-3.0.STABLE1/src/store_digest.cc ./squid-3.0.STABLE2/src/store_digest.cc
--- ./squid-3.0.STABLE1/src/store_digest.cc 2007-08-14 05:20:51.000000000 +1200
+++ ./squid-3.0.STABLE2/src/store_digest.cc 2008-02-26 12:08:51.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: store_digest.cc,v 1.76 2007/08/13 17:20:51 hno Exp $
+ * $Id: store_digest.cc,v 1.76.2.1 2008/02/25 23:08:51 amosjeffries Exp $
*
* DEBUG: section 71 Store Digest Manager
* AUTHOR: Alex Rousskov
@@ -466,7 +466,7 @@
assert(e);
/* _add_ check that nothing bad happened while we were waiting @?@ @?@ */
- if ((size_t)(sd_state.rewrite_offset + chunk_size) > store_digest->mask_size)
+ if (sd_state.rewrite_offset + chunk_size > store_digest->mask_size)
chunk_size = store_digest->mask_size - sd_state.rewrite_offset;
e->append(store_digest->mask + sd_state.rewrite_offset, chunk_size);
@@ -478,7 +478,7 @@
sd_state.rewrite_offset += chunk_size;
/* are we done ? */
- if ((size_t)sd_state.rewrite_offset >= store_digest->mask_size)
+ if (sd_state.rewrite_offset >= store_digest->mask_size)
storeDigestRewriteFinish(e);
else
eventAdd("storeDigestSwapOutStep", storeDigestSwapOutStep, data, 0.0, 1, false);
diff -r -u ./squid-3.0.STABLE1/src/Store.h ./squid-3.0.STABLE2/src/Store.h
--- ./squid-3.0.STABLE1/src/Store.h 2007-11-19 06:19:35.000000000 +1300
+++ ./squid-3.0.STABLE2/src/Store.h 2008-02-26 12:08:50.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: Store.h,v 1.40 2007/11/18 17:19:35 serassio Exp $
+ * $Id: Store.h,v 1.40.2.1 2008/02/25 23:08:50 amosjeffries Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
@@ -301,9 +301,6 @@
typedef RefCount StorePointer;
SQUIDCEXTERN size_t storeEntryInUse();
-#if UNUSED_CODE_20070420
-SQUIDCEXTERN off_t storeLowestMemReaderOffset(const StoreEntry * entry);
-#endif
SQUIDCEXTERN const char *storeEntryFlags(const StoreEntry *);
extern void storeEntryReplaceObject(StoreEntry *, HttpReply *);
diff -r -u ./squid-3.0.STABLE1/src/StoreMeta.cc ./squid-3.0.STABLE2/src/StoreMeta.cc
--- ./squid-3.0.STABLE1/src/StoreMeta.cc 2007-09-19 20:54:51.000000000 +1200
+++ ./squid-3.0.STABLE2/src/StoreMeta.cc 2008-02-25 00:29:55.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: StoreMeta.cc,v 1.6 2007/09/19 08:54:51 hno Exp $
+ * $Id: StoreMeta.cc,v 1.6.2.2 2008/02/24 11:29:55 amosjeffries Exp $
*
* DEBUG: section 20 Storage Manager Swapfile Metadata
* AUTHOR: Kostas Anagnostakis
@@ -48,12 +48,19 @@
StoreMeta::validType(char type)
{
/* VOID is reserved, and new types have to be added as classes */
-
- if (type <= STORE_META_VOID || type >= STORE_META_END) {
+ if (type <= STORE_META_VOID || type >= STORE_META_END + 10) {
debugs(20, 0, "storeSwapMetaUnpack: bad type (" << type << ")!");
return false;
}
+ /* Not yet implemented */
+ if (type >= STORE_META_END ||
+ type == STORE_META_STOREURL ||
+ type == STORE_META_VARY_ID) {
+ debugs(20, 3, "storeSwapMetaUnpack: Not yet implemented (" << type << ") in disk metadata");
+ return false;
+ }
+
/* Unused in any current squid code */
if (type == STORE_META_KEY_URL ||
type == STORE_META_KEY_SHA ||
diff -r -u ./squid-3.0.STABLE1/src/StoreMetaUnpacker.cc ./squid-3.0.STABLE2/src/StoreMetaUnpacker.cc
--- ./squid-3.0.STABLE1/src/StoreMetaUnpacker.cc 2007-05-01 04:56:09.000000000 +1200
+++ ./squid-3.0.STABLE2/src/StoreMetaUnpacker.cc 2008-02-26 12:08:50.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: StoreMetaUnpacker.cc,v 1.5 2007/04/30 16:56:09 wessels Exp $
+ * $Id: StoreMetaUnpacker.cc,v 1.5.4.2 2008/02/25 23:08:50 amosjeffries Exp $
*
* DEBUG: section 20 Storage Manager Swapfile Unpacker
* AUTHOR: Robert Collins
@@ -37,7 +37,7 @@
#include "StoreMetaUnpacker.h"
#include "StoreMeta.h"
-off_t const StoreMetaUnpacker::MinimumBufferLength = sizeof(char) + sizeof(int);
+int const StoreMetaUnpacker::MinimumBufferLength = sizeof(char) + sizeof(int);
bool
StoreMetaUnpacker::isBufferSane()
@@ -98,10 +98,8 @@
StoreMeta *newNode = StoreMeta::Factory(type, length, &buf[position]);
- if (!newNode)
- return false;
-
- tail = StoreMeta::Add (tail, newNode);
+ if (newNode)
+ tail = StoreMeta::Add (tail, newNode);
position += length;
diff -r -u ./squid-3.0.STABLE1/src/StoreMetaUnpacker.h ./squid-3.0.STABLE2/src/StoreMetaUnpacker.h
--- ./squid-3.0.STABLE1/src/StoreMetaUnpacker.h 2003-02-22 11:50:06.000000000 +1300
+++ ./squid-3.0.STABLE2/src/StoreMetaUnpacker.h 2008-02-26 12:08:50.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: StoreMetaUnpacker.h,v 1.2 2003/02/21 22:50:06 robertc Exp $
+ * $Id: StoreMetaUnpacker.h,v 1.2.4.1 2008/02/25 23:08:50 amosjeffries Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
@@ -45,7 +45,7 @@
bool isBufferSane();
private:
- static off_t const MinimumBufferLength;
+ static int const MinimumBufferLength;
void getBufferLength();
void getType();
@@ -57,7 +57,7 @@
char const * const buf;
ssize_t buflen;
int *hdr_len;
- off_t position;
+ int position;
char type;
int length;
StoreMeta **tail;
diff -r -u ./squid-3.0.STABLE1/src/store_swapmeta.cc ./squid-3.0.STABLE2/src/store_swapmeta.cc
--- ./squid-3.0.STABLE1/src/store_swapmeta.cc 2007-11-16 05:47:35.000000000 +1300
+++ ./squid-3.0.STABLE2/src/store_swapmeta.cc 2008-02-26 12:08:51.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: store_swapmeta.cc,v 1.27 2007/11/15 16:47:35 wessels Exp $
+ * $Id: store_swapmeta.cc,v 1.27.2.1 2008/02/25 23:08:51 amosjeffries Exp $
*
* DEBUG: section 20 Storage Manager Swapfile Metadata
* AUTHOR: Kostas Anagnostakis
@@ -110,7 +110,7 @@
{
int buflen = 0;
tlv *t;
- off_t j = 0;
+ int j = 0;
char *buf;
assert(length != NULL);
buflen++; /* STORE_META_OK */
diff -r -u ./squid-3.0.STABLE1/src/string_arrays.c ./squid-3.0.STABLE2/src/string_arrays.c
--- ./squid-3.0.STABLE1/src/string_arrays.c 2007-12-14 13:26:12.000000000 +1300
+++ ./squid-3.0.STABLE2/src/string_arrays.c 2008-03-05 01:36:22.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: enums.h,v 1.258 2007/08/13 17:20:51 hno Exp $
+ * $Id: enums.h,v 1.258.2.2 2008/02/24 11:29:55 amosjeffries Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
diff -r -u ./squid-3.0.STABLE1/src/String.cci ./squid-3.0.STABLE2/src/String.cci
--- ./squid-3.0.STABLE1/src/String.cci 2007-11-05 12:59:52.000000000 +1300
+++ ./squid-3.0.STABLE2/src/String.cci 2008-02-27 23:47:59.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: String.cci,v 1.10 2007/11/04 23:59:52 amosjeffries Exp $
+ * $Id: String.cci,v 1.10.2.1 2008/02/27 10:47:59 amosjeffries Exp $
*
* DEBUG: section 67 String
* AUTHOR: Duane Wessels
@@ -33,6 +33,8 @@
*
*/
+#include "assert.h"
+
String::String() : size_(0), len_(0), buf_ (NULL)
{
#if DEBUGSTRINGS
@@ -150,6 +152,8 @@
if(newLength < 0 || newLength > len_) return;
len_ = newLength;
+
+ if(len_ == 0 && buf_ == NULL) return; // buf_ may be NULL on zero-length strings.
buf_[newLength] = '\0';
}
diff -r -u ./squid-3.0.STABLE1/src/structs.h ./squid-3.0.STABLE2/src/structs.h
--- ./squid-3.0.STABLE1/src/structs.h 2007-12-02 21:23:56.000000000 +1300
+++ ./squid-3.0.STABLE2/src/structs.h 2008-02-26 12:08:51.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: structs.h,v 1.568 2007/12/02 08:23:56 amosjeffries Exp $
+ * $Id: structs.h,v 1.568.2.1 2008/02/25 23:08:51 amosjeffries Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
@@ -774,26 +774,12 @@
void *client_data;
};
-struct _dnsserver_t
-{
- int id;
- int inpipe;
- int outpipe;
- time_t answer;
- off_t offset;
- size_t size;
- char ip_inbuf[DNS_INBUF_SZ];
-
- struct timeval dispatch_time;
- void *data;
-};
-
struct _dwrite_q
{
off_t file_offset;
char *buf;
- int len;
- off_t buf_offset;
+ size_t len;
+ size_t buf_offset;
dwrite_q *next;
FREE *free_func;
};
@@ -1637,7 +1623,7 @@
{
/* public, read-only */
char *mask; /* bit mask */
- size_t mask_size; /* mask size in bytes */
+ int mask_size; /* mask size in bytes */
int capacity; /* expected maximum for .count, not a hard limit */
int bits_per_entry; /* number of bits allocated for each entry from capacity */
int count; /* number of digested entries */
@@ -1665,7 +1651,7 @@
char path[MAXPATHLEN];
char *buf;
size_t bufsz;
- off_t offset;
+ size_t offset;
struct
{
diff -r -u ./squid-3.0.STABLE1/src/tests/testUfs.cc ./squid-3.0.STABLE2/src/tests/testUfs.cc
--- ./squid-3.0.STABLE1/src/tests/testUfs.cc 2007-04-27 04:01:31.000000000 +1200
+++ ./squid-3.0.STABLE2/src/tests/testUfs.cc 2008-02-28 00:24:18.000000000 +1300
@@ -225,6 +225,11 @@
if (0 > system ("rm -rf " TESTDIR))
throw std::runtime_error("Failed to clean test work directory");
+ // This assertion may fail if previous test cases fail.
+ // Apparently, CPPUNIT_ASSERT* failure may prevent destructors of local
+ // objects such as "StorePointer aRoot" from being called.
+ CPPUNIT_ASSERT(!store_table); // or StoreHashIndex ctor will abort below
+
StorePointer aRoot (new StoreController);
Store::Root(aRoot);
SwapDirPointer aStore (new UFSSwapDir("ufs", "Blocking"));
diff -r -u ./squid-3.0.STABLE1/src/typedefs.h ./squid-3.0.STABLE2/src/typedefs.h
--- ./squid-3.0.STABLE1/src/typedefs.h 2007-05-09 19:45:58.000000000 +1200
+++ ./squid-3.0.STABLE2/src/typedefs.h 2008-02-26 12:08:51.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: typedefs.h,v 1.190 2007/05/09 07:45:58 wessels Exp $
+ * $Id: typedefs.h,v 1.190.4.1 2008/02/25 23:08:51 amosjeffries Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
@@ -98,8 +98,6 @@
typedef struct _dread_ctrl dread_ctrl;
-typedef struct _dnsserver_t dnsserver_t;
-
typedef struct _dwrite_q dwrite_q;
typedef struct _ETag ETag;
diff -r -u ./squid-3.0.STABLE1/src/wccp2.cc ./squid-3.0.STABLE2/src/wccp2.cc
--- ./squid-3.0.STABLE1/src/wccp2.cc 2007-11-16 05:47:35.000000000 +1300
+++ ./squid-3.0.STABLE2/src/wccp2.cc 2008-02-27 23:43:56.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: wccp2.cc,v 1.19 2007/11/15 16:47:35 wessels Exp $
+ * $Id: wccp2.cc,v 1.19.2.2 2008/02/27 10:43:56 amosjeffries Exp $
*
* DEBUG: section 80 WCCP Support
* AUTHOR: Steven Wilton
@@ -443,6 +443,7 @@
/* END WCCP V2 */
void wccp2_add_service_list(int service, int service_id, int service_priority,
int service_proto, int service_flags, int ports[], int security_type, char *password);
+static void wccp2SortCacheList(struct wccp2_cache_list_t *head);
/*
* The functions used during startup:
@@ -1476,6 +1477,8 @@
num_caches = 1;
}
+ wccp2SortCacheList(&router_list_ptr->cache_list_head);
+
router_list_ptr->num_caches = htonl(num_caches);
if ((found == 1) && (service_list_ptr->lowest_ip == 1)) {
@@ -1876,7 +1879,7 @@
/* Update the value according the the "correct" formula */
- for (value++; (value & 0x1741) != value; value++) {
+ for (; (value & 0x1741) != value; value++) {
assert(value <= 0x1741);
}
@@ -2375,6 +2378,41 @@
}
}
+/* Sort the cache list by doing a "selection sort" by IP address */
+static void
+wccp2SortCacheList(struct wccp2_cache_list_t *head)
+{
+ struct wccp2_cache_list_t tmp;
+ struct wccp2_cache_list_t *this_item;
+ struct wccp2_cache_list_t *find_item;
+ struct wccp2_cache_list_t *next_lowest;
+
+ /* Go through each position in the list one at a time */
+ for (this_item = head; this_item->next; this_item = this_item->next) {
+ /* Find the item with the lowest IP */
+ next_lowest = this_item;
+
+ for (find_item = this_item; find_item->next; find_item = find_item->next) {
+ if (find_item->cache_ip.s_addr < next_lowest->cache_ip.s_addr) {
+ next_lowest = find_item;
+ }
+ }
+ /* Swap if we need to */
+ if (next_lowest != this_item) {
+ /* First make a copy of the current item */
+ memcpy(&tmp, this_item, sizeof(struct wccp2_cache_list_t));
+
+ /* Next update the pointers to maintain the linked list */
+ tmp.next = next_lowest->next;
+ next_lowest->next = this_item->next;
+
+ /* Finally copy the updated items to their correct location */
+ memcpy(this_item, next_lowest, sizeof(struct wccp2_cache_list_t));
+ memcpy(next_lowest, &tmp, sizeof(struct wccp2_cache_list_t));
+ }
+ }
+}
+
void
free_wccp2_service_info(void *v)
{}
diff -r -u ./squid-3.0.STABLE1/src/WinSvc.cc ./squid-3.0.STABLE2/src/WinSvc.cc
--- ./squid-3.0.STABLE1/src/WinSvc.cc 2007-04-29 10:26:37.000000000 +1200
+++ ./squid-3.0.STABLE2/src/WinSvc.cc 2008-02-18 08:28:18.000000000 +1300
@@ -1,6 +1,6 @@
/*
- * $Id: WinSvc.cc,v 1.3 2007/04/28 22:26:37 hno Exp $
+ * $Id: WinSvc.cc,v 1.3.4.2 2008/02/17 19:28:18 serassio Exp $
*
* Windows support
* AUTHOR: Guido Serassio
@@ -69,6 +69,11 @@
#endif
static int Squid_Aborting = 0;
+static HANDLE NotifyAddrChange_thread = INVALID_HANDLE_VALUE;
+
+#undef NotifyAddrChange
+typedef DWORD(WINAPI * PFNotifyAddrChange) (OUT PHANDLE, IN LPOVERLAPPED);
+#define NOTIFYADDRCHANGE "NotifyAddrChange"
#if USE_WIN32_SERVICE
static SERVICE_STATUS svcStatus;
@@ -386,6 +391,17 @@
}
void
+WIN32_IpAddrChangeMonitorExit()
+{
+ DWORD status = ERROR_SUCCESS;
+
+ if (NotifyAddrChange_thread == INVALID_HANDLE_VALUE) {
+ TerminateThread(NotifyAddrChange_thread, status);
+ CloseHandle(NotifyAddrChange_thread);
+ }
+}
+
+void
WIN32_Exit()
{
#ifdef _SQUID_MSWIN_
@@ -406,12 +422,57 @@
DeleteCriticalSection(dbg_mutex);
WIN32_ExceptionHandlerCleanup();
+ WIN32_IpAddrChangeMonitorExit();
#endif
_exit(0);
}
+#ifdef _SQUID_MSWIN_
+static DWORD WINAPI
+WIN32_IpAddrChangeMonitor(LPVOID lpParam)
+{
+ DWORD Result;
+ HMODULE IPHLPAPIHandle;
+ PFNotifyAddrChange NotifyAddrChange;
+
+ if ((IPHLPAPIHandle = GetModuleHandle("IPHLPAPI")) == NULL)
+ IPHLPAPIHandle = LoadLibrary("IPHLPAPI");
+ NotifyAddrChange = (PFNotifyAddrChange) GetProcAddress(IPHLPAPIHandle, NOTIFYADDRCHANGE);
+
+ while (1) {
+ Result = NotifyAddrChange(NULL, NULL);
+ if (Result != NO_ERROR) {
+ debugs(1, 1, "NotifyAddrChange error " << Result);
+ return 1;
+ }
+ debugs(1, 1, "Notification of IP address change received, requesting Squid reconfiguration ...");
+ reconfigure(SIGHUP);
+ }
+ return 0;
+}
+
+DWORD
+WIN32_IpAddrChangeMonitorInit()
+{
+ DWORD status = ERROR_SUCCESS;
+ DWORD threadID = 0, ThrdParam = 0;
+
+ if (WIN32_run_mode == _WIN_SQUID_RUN_MODE_SERVICE) {
+ NotifyAddrChange_thread = CreateThread(NULL, 0, WIN32_IpAddrChangeMonitor,
+ &ThrdParam, 0, &threadID);
+ if (NotifyAddrChange_thread == NULL) {
+ status = GetLastError();
+ NotifyAddrChange_thread = INVALID_HANDLE_VALUE;
+ debugs(1, 1, "Failed to start IP monitor thread.");
+ } else
+ debugs(1, 2, "Starting IP monitor thread [" << threadID << "] ...");
+ }
+ return status;
+}
+#endif
+
int WIN32_Subsystem_Init(int * argc, char *** argv)
{
#if defined(_MSC_VER) /* Microsoft C Compiler ONLY */
@@ -878,7 +939,6 @@
freopen(stderr_path, "w", stderr);
setmode(fileno(stderr), O_TEXT);
WIN32_run_mode = _WIN_SQUID_RUN_MODE_SERVICE;
- opt_no_daemon = 1;
if (!(c=strchr(argv[1],':'))) {
fprintf(stderr, "Bad Service Parameter: %s\n", argv[1]);
diff -r -u ./squid-3.0.STABLE1/test-suite/Makefile.in ./squid-3.0.STABLE2/test-suite/Makefile.in
--- ./squid-3.0.STABLE1/test-suite/Makefile.in 2007-12-05 14:11:24.000000000 +1300
+++ ./squid-3.0.STABLE2/test-suite/Makefile.in 2008-03-05 01:31:35.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.89 2007/12/05 01:11:24 hno Exp $
+# $Id: Makefile.in,v 1.89.2.1 2008/03/04 12:31:35 amosjeffries Exp $
#
srcdir = @srcdir@
top_srcdir = @top_srcdir@
diff -r -u ./squid-3.0.STABLE1/tools/Makefile.in ./squid-3.0.STABLE2/tools/Makefile.in
--- ./squid-3.0.STABLE1/tools/Makefile.in 2007-12-05 14:11:25.000000000 +1300
+++ ./squid-3.0.STABLE2/tools/Makefile.in 2008-03-05 01:31:35.000000000 +1300
@@ -17,7 +17,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.28 2007/12/05 01:11:25 hno Exp $
+# $Id: Makefile.in,v 1.28.2.1 2008/03/04 12:31:35 amosjeffries Exp $
#
# Uncomment and customize the following to suit your needs:
#