Hello community, here is the log from the commit of package squid3 for openSUSE:Factory checked in at 2012-02-20 16:18:41 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/squid3 (Old) and /work/SRC/openSUSE:Factory/.squid3.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "squid3", Maintainer is "[email protected]" Changes: -------- --- /work/SRC/openSUSE:Factory/squid3/squid3.changes 2012-02-14 19:08:53.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.squid3.new/squid3.changes 2012-02-20 16:18:46.000000000 +0100 @@ -1,0 +2,30 @@ +Fri Feb 17 16:01:23 UTC 2012 - [email protected] + +- some cleanup + * rebase patches (p0), remove version from patch_names +- add Source signature file +- add FSF patch (incorrect-fsf-address) +- add rpmlintrc file + * macro-in-comment + * no-manual-page-for-binary + +------------------------------------------------------------------- +Wed Feb 15 20:50:59 UTC 2012 - [email protected] + +- update to 3.1.19 + - Regression Bug 3441: part 2: Prevent further cache size corruption of swap.state + - Bug 3473: erase last uses of obsolete auth_user_hash_pointer + - Bug 3470: GCC 4.7 + - Bug 3442: assertion failed: external_acl.cc:908: ch->auth_user_request != NULL + - Bug 3441: part 1: Minimize cache size corruption by malformed swap.state + - Bug 3440: compile error in Adaptation + - Bug 3420: Request body consumption races and !theConsumer exception + - Bug 3370: external ACL sometimes skipping + - Bug 3085: Crash when parsing esi:include + - HTTP/1.1: do not add 110 and 111 Warnings to revalidated responses + - Fix SSL library dependency fixes +- remove obsolete upstream patches + * squid-3.1-10415 - ..421 +- add squid source signature file + +------------------------------------------------------------------- Old: ---- squid-3.1-10415.patch squid-3.1-10416.patch squid-3.1-10417.patch squid-3.1-10418.patch squid-3.1-10419.patch squid-3.1-10420.patch squid-3.1-10421.patch squid-3.1.12-config.patch squid-3.1.12.3-nobuilddates.patch squid-3.1.12.3-swapdir.patch squid-3.1.18.tar.bz2 New: ---- rpmlintrc squid-3.1.19.tar.bz2 squid-3.1.19.tar.bz2.asc squid-FSF.patch squid-config.patch squid-nobuilddates.patch squid-swapdir.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ squid3.spec ++++++ --- /var/tmp/diff_new_pack.vuvIoL/_old 2012-02-20 16:18:49.000000000 +0100 +++ /var/tmp/diff_new_pack.vuvIoL/_new 2012-02-20 16:18:49.000000000 +0100 @@ -23,12 +23,11 @@ Summary: Squid Version 3 WWW Proxy Server License: GPL-2.0+ Group: Productivity/Networking/Web/Proxy -Version: 3.1.18 +Version: 3.1.19 Release: 0 Url: http://www.squid-cache.org/Versions/v3 Source0: http://www.squid-cache.org/Versions/v3/3.1/squid-%{version}.tar.bz2 -#%define squid_ldapauth_version 1.3 -#Source1: squid_ldapauth-%{squid_ldapauth_version}.tar.bz2 +Source1: squid-%{version}.tar.bz2.asc Source2: RELEASENOTES.html Source3: squid.init Source4: squid.sysconfig @@ -47,26 +46,30 @@ # or just visit: http://www.squid-cache.org/Versions/v3/3.0/changesets/ # # Bug #3440: compile error in Adaptation -Patch0: http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10415.patch +#atch0: http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10415.patch # Portability: SSL library dependency fixes -Patch1: http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10416.patch +#atch1: http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10416.patch # Polish: debug messages on swap.state rename failure -Patch2: http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10417.patch +#atch2: http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10417.patch # Bug #3442: assertion failed: external_acl.cc:908: ch->auth_user_request != NULL -Patch3: http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10418.patch +#atch3: http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10418.patch # Bug #3085: Crash when parsing esi:include -Patch4: http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10419.patch +#atch4: http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10419.patch # Bug #3473: erase last uses of obsolete auth_user_hash_pointer -Patch5: http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10420.patch +#atch5: http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10420.patch # Bug #3420: Request body consumption races and !theConsumer exception. -Patch6: http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10421.patch +#atch6: http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10421.patch # +# do not show some rpmlint warnings +Source99: rpmlintrc # some useful defaults for squid -Patch100: squid-3.1.12-config.patch +Patch100: squid-config.patch # FIX SWAPDIR - make it a configure option -Patch101: squid-3.1.12.3-swapdir.patch +Patch101: squid-swapdir.patch # make build compare happy - remove build dates -Patch102: squid-3.1.12.3-nobuilddates.patch +Patch102: squid-nobuilddates.patch +# FIX-FOR-UPSTREAM: rpmlint - incorrect-fsf-address +Patch200: squid-FSF.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: %fillup_prereq @@ -139,21 +142,16 @@ %setup -q -n squid-%{version} cp %{SOURCE10} . # upstream patches after RELEASE -%patch0 -p0 -%patch1 -p0 -%patch2 -p0 -%patch3 -p0 -%patch4 -p0 -%patch5 -p0 -%patch6 -p0 +# ##### other patches -%patch100 -p1 +%patch100 %if 0%{?suse_version} > 1010 -%patch101 -p1 +%patch101 %endif perl -p -i -e 's|/usr/local/bin/perl|/usr/bin/perl|' `find -name "*.pl"` chmod a-x CREDITS -%patch102 -p1 +%patch102 +%patch200 %build %if 0%{?suse_version} > 1010 ++++++ RELEASENOTES.html ++++++ --- /var/tmp/diff_new_pack.vuvIoL/_old 2012-02-20 16:18:49.000000000 +0100 +++ /var/tmp/diff_new_pack.vuvIoL/_new 2012-02-20 16:18:49.000000000 +0100 @@ -2,10 +2,10 @@ <HTML> <HEAD> <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.66"> - <TITLE>Squid 3.1.18 release notes</TITLE> + <TITLE>Squid 3.1.19 release notes</TITLE> </HEAD> <BODY> -<H1>Squid 3.1.18 release notes</H1> +<H1>Squid 3.1.19 release notes</H1> <H2>Squid Developers</H2> <HR> @@ -71,7 +71,7 @@ <HR> <H2><A NAME="s1">1.</A> <A HREF="#toc1">Notice</A></H2> -<P>The Squid Team are pleased to announce the release of Squid-3.1.18</P> +<P>The Squid Team are pleased to announce the release of Squid-3.1.19</P> <P>This new release is available for download from <A HREF="http://www.squid-cache.org/Versions/v3/3.1/";>http://www.squid-cache.org/Versions/v3/3.1/</A> or the <A HREF="http://www.squid-cache.org/Mirrors/http-mirrors.html";>mirrors</A>.</P> @@ -126,7 +126,7 @@ <LI>eCAP Adaptation Module support</LI> <LI>ICAP Bypass and Retry enhancements</LI> <LI>ICY streaming protocol support</LI> -<LI>Dynamic SSL Certificate Generation (3.1.12.1 and later)</LI> +<LI>Dynamic SSL Certificate Generation (3.1.13 and later)</LI> </UL> </P> <P>Most user-facing changes are reflected in squid.conf (see below).</P> @@ -1280,12 +1280,13 @@ <DT><B>external_acl_type</B><DD> <P>New options 'ipv4' and 'ipv6' are added to set the IPv4/v6 protocol between Squid and its helpers. -Please be aware of some limits to these options. These options only affect the transport protocol used -to send data to and from the helpers. IPv6 enabled Squid will still send %SRC addresses in IPv4 or IPv6 +Please be aware of some limits to these options. These options only affet the transport protocol used +to send data to and from the helpers. Squid in IPv6-mode may still send %SRC addresses in IPv4 or IPv6 format, so all helpers will need to be checked and converted to cope with such information cleanly. <PRE> - ipv4 / ipv6 IP transport used to communicate to this helper over localhost. - For compatability with systems lacking IPv6 support in the system kernel the default is 'ipv4'. + ipv4 / ipv6 IP-mode used to communicate to this helper. + For compatability with older configurations and helpers + the default is 'ipv4'. </PRE> </P> ++++++ rpmlintrc ++++++ addFilter("macro-in-comment") addFilter("no-manual-page-for-binary") ++++++ squid-3.1.18.tar.bz2 -> squid-3.1.19.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.1.18/ChangeLog new/squid-3.1.19/ChangeLog --- old/squid-3.1.18/ChangeLog 2011-12-03 07:18:46.000000000 +0100 +++ new/squid-3.1.19/ChangeLog 2012-02-05 12:51:32.000000000 +0100 @@ -1,3 +1,17 @@ +Changes to squid-3.1.19 (06 Feb 2011): + + - Regression Bug 3441: part 2: Prevent further cache size corruption of swap.state + - Bug 3473: erase last uses of obsolete auth_user_hash_pointer + - Bug 3470: GCC 4.7 + - Bug 3442: assertion failed: external_acl.cc:908: ch->auth_user_request != NULL + - Bug 3441: part 1: Minimize cache size corruption by malformed swap.state + - Bug 3440: compile error in Adaptation + - Bug 3420: Request body consumption races and !theConsumer exception + - Bug 3370: external ACL sometimes skipping + - Bug 3085: Crash when parsing esi:include + - HTTP/1.1: do not add 110 and 111 Warnings to revalidated responses + - Fix SSL library dependency fixes + Changes to squid-3.1.18 (03 Dec 2011): - Regression: compile error in FTP diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.1.18/RELEASENOTES.html new/squid-3.1.19/RELEASENOTES.html --- old/squid-3.1.18/RELEASENOTES.html 2011-12-03 08:05:31.000000000 +0100 +++ new/squid-3.1.19/RELEASENOTES.html 2012-02-05 14:18:34.000000000 +0100 @@ -2,10 +2,10 @@ <HTML> <HEAD> <META NAME="GENERATOR" CONTENT="LinuxDoc-Tools 0.9.66"> - <TITLE>Squid 3.1.18 release notes</TITLE> + <TITLE>Squid 3.1.19 release notes</TITLE> </HEAD> <BODY> -<H1>Squid 3.1.18 release notes</H1> +<H1>Squid 3.1.19 release notes</H1> <H2>Squid Developers</H2> <HR> @@ -71,7 +71,7 @@ <HR> <H2><A NAME="s1">1.</A> <A HREF="#toc1">Notice</A></H2> -<P>The Squid Team are pleased to announce the release of Squid-3.1.18</P> +<P>The Squid Team are pleased to announce the release of Squid-3.1.19</P> <P>This new release is available for download from <A HREF="http://www.squid-cache.org/Versions/v3/3.1/";>http://www.squid-cache.org/Versions/v3/3.1/</A> or the <A HREF="http://www.squid-cache.org/Mirrors/http-mirrors.html";>mirrors</A>.</P> @@ -126,7 +126,7 @@ <LI>eCAP Adaptation Module support</LI> <LI>ICAP Bypass and Retry enhancements</LI> <LI>ICY streaming protocol support</LI> -<LI>Dynamic SSL Certificate Generation (3.1.12.1 and later)</LI> +<LI>Dynamic SSL Certificate Generation (3.1.13 and later)</LI> </UL> </P> <P>Most user-facing changes are reflected in squid.conf (see below).</P> @@ -1280,12 +1280,13 @@ <DT><B>external_acl_type</B><DD> <P>New options 'ipv4' and 'ipv6' are added to set the IPv4/v6 protocol between Squid and its helpers. -Please be aware of some limits to these options. These options only affect the transport protocol used -to send data to and from the helpers. IPv6 enabled Squid will still send %SRC addresses in IPv4 or IPv6 +Please be aware of some limits to these options. These options only affet the transport protocol used +to send data to and from the helpers. Squid in IPv6-mode may still send %SRC addresses in IPv4 or IPv6 format, so all helpers will need to be checked and converted to cope with such information cleanly. <PRE> - ipv4 / ipv6 IP transport used to communicate to this helper over localhost. - For compatability with systems lacking IPv6 support in the system kernel the default is 'ipv4'. + ipv4 / ipv6 IP-mode used to communicate to this helper. + For compatability with older configurations and helpers + the default is 'ipv4'. </PRE> </P> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.1.18/configure new/squid-3.1.19/configure --- old/squid-3.1.18/configure 2011-12-03 07:21:25.000000000 +0100 +++ new/squid-3.1.19/configure 2012-02-05 12:56:56.000000000 +0100 @@ -1,7 +1,7 @@ #! /bin/sh # From configure.ac Revision. # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for Squid Web Proxy 3.1.18. +# Generated by GNU Autoconf 2.68 for Squid Web Proxy 3.1.19. # # Report bugs to <http://www.squid-cache.org/bugs/>. # @@ -575,8 +575,8 @@ # Identity of this package. PACKAGE_NAME='Squid Web Proxy' PACKAGE_TARNAME='squid' -PACKAGE_VERSION='3.1.18' -PACKAGE_STRING='Squid Web Proxy 3.1.18' +PACKAGE_VERSION='3.1.19' +PACKAGE_STRING='Squid Web Proxy 3.1.19' PACKAGE_BUGREPORT='http://www.squid-cache.org/bugs/' PACKAGE_URL='' @@ -1540,7 +1540,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures Squid Web Proxy 3.1.18 to adapt to many kinds of systems. +\`configure' configures Squid Web Proxy 3.1.19 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1610,7 +1610,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of Squid Web Proxy 3.1.18:";; + short | recursive ) echo "Configuration of Squid Web Proxy 3.1.19:";; esac cat <<\_ACEOF @@ -1941,7 +1941,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -Squid Web Proxy configure 3.1.18 +Squid Web Proxy configure 3.1.19 generated by GNU Autoconf 2.68 Copyright (C) 2010 Free Software Foundation, Inc. @@ -2952,7 +2952,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by Squid Web Proxy $as_me 3.1.18, which was +It was created by Squid Web Proxy $as_me 3.1.19, which was generated by GNU Autoconf 2.68. Invocation command line was $ $0 $@ @@ -3771,7 +3771,7 @@ # Define the identity of the package. PACKAGE='squid' - VERSION='3.1.18' + VERSION='3.1.19' cat >>confdefs.h <<_ACEOF @@ -28231,7 +28231,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by Squid Web Proxy $as_me 3.1.18, which was +This file was extended by Squid Web Proxy $as_me 3.1.19, which was generated by GNU Autoconf 2.68. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -28297,7 +28297,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -Squid Web Proxy config.status 3.1.18 +Squid Web Proxy config.status 3.1.19 configured by $0, generated by GNU Autoconf 2.68, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.1.18/configure.ac new/squid-3.1.19/configure.ac --- old/squid-3.1.18/configure.ac 2011-12-03 07:21:24.000000000 +0100 +++ new/squid-3.1.19/configure.ac 2012-02-05 12:56:55.000000000 +0100 @@ -2,7 +2,7 @@ dnl dnl $Id$ dnl -AC_INIT([Squid Web Proxy],[3.1.18],[http://www.squid-cache.org/bugs/],[squid]) +AC_INIT([Squid Web Proxy],[3.1.19],[http://www.squid-cache.org/bugs/],[squid]) AC_PREREQ(2.61) AC_CONFIG_HEADERS([include/autoconf.h]) AC_CONFIG_AUX_DIR(cfgaux) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.1.18/include/version.h new/squid-3.1.19/include/version.h --- old/squid-3.1.18/include/version.h 2011-12-03 07:21:25.000000000 +0100 +++ new/squid-3.1.19/include/version.h 2012-02-05 12:56:56.000000000 +0100 @@ -9,7 +9,7 @@ */ #ifndef SQUID_RELEASE_TIME -#define SQUID_RELEASE_TIME 1322893123 +#define SQUID_RELEASE_TIME 1328442684 #endif #ifndef APP_SHORTNAME diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.1.18/src/Makefile.am new/squid-3.1.19/src/Makefile.am --- old/squid-3.1.18/src/Makefile.am 2011-12-03 07:18:46.000000000 +0100 +++ new/squid-3.1.19/src/Makefile.am 2012-02-05 12:51:32.000000000 +0100 @@ -531,8 +531,8 @@ $(SNMPLIB) \ ${ADAPTATION_LIBS} \ $(ESI_LIBS) \ - $(SSLLIB) \ $(SSL_LIBS) \ + $(SSLLIB) \ -lmiscutil \ $(EPOLL_LIBS) \ $(MINGW_LIBS) \ @@ -1203,8 +1203,8 @@ -L../lib -lmiscutil \ $(SQUID_CPPUNIT_LIBS) \ $(SQUID_CPPUNIT_LA) \ - $(SSLLIB) \ $(SSL_LIBS) \ + $(SSLLIB) \ $(XTRA_LIBS) tests_testCacheManager_LDFLAGS = $(LIBADD_DL) tests_testCacheManager_DEPENDENCIES = $(top_builddir)/lib/libmiscutil.a \ @@ -1379,8 +1379,8 @@ -L../lib -lmiscutil \ $(SQUID_CPPUNIT_LIBS) \ $(SQUID_CPPUNIT_LA) \ - $(SSLLIB) \ $(SSL_LIBS) \ + $(SSLLIB) \ $(XTRA_LIBS) tests_testEvent_LDFLAGS = $(LIBADD_DL) tests_testEvent_DEPENDENCIES = $(top_builddir)/lib/libmiscutil.a \ @@ -1530,8 +1530,8 @@ -L../lib -lmiscutil \ $(SQUID_CPPUNIT_LIBS) \ $(SQUID_CPPUNIT_LA) \ - $(SSLLIB) \ $(SSL_LIBS) \ + $(SSLLIB) \ $(XTRA_LIBS) tests_testEventLoop_LDFLAGS = $(LIBADD_DL) tests_testEventLoop_DEPENDENCIES = $(top_builddir)/lib/libmiscutil.a \ @@ -1676,8 +1676,8 @@ -L../lib -lmiscutil \ $(SQUID_CPPUNIT_LIBS) \ $(SQUID_CPPUNIT_LA) \ - $(SSLLIB) \ $(SSL_LIBS) \ + $(SSLLIB) \ $(XTRA_LIBS) tests_test_http_range_LDFLAGS = $(LIBADD_DL) tests_test_http_range_DEPENDENCIES = \ @@ -1827,8 +1827,8 @@ -L../lib -lmiscutil \ $(SQUID_CPPUNIT_LIBS) \ $(SQUID_CPPUNIT_LA) \ - $(SSLLIB) \ $(SSL_LIBS) \ + $(SSLLIB) \ $(XTRA_LIBS) tests_testHttpRequest_LDFLAGS = $(LIBADD_DL) tests_testHttpRequest_DEPENDENCIES = $(top_builddir)/lib/libmiscutil.a \ @@ -2262,8 +2262,8 @@ -L../lib -lmiscutil \ $(SQUID_CPPUNIT_LIBS) \ $(SQUID_CPPUNIT_LA) \ - $(SSLLIB) \ $(SSL_LIBS) \ + $(SSLLIB) \ $(XTRA_LIBS) tests_testURL_LDFLAGS = $(LIBADD_DL) tests_testURL_DEPENDENCIES = $(top_builddir)/lib/libmiscutil.a \ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.1.18/src/Makefile.in new/squid-3.1.19/src/Makefile.in --- old/squid-3.1.18/src/Makefile.in 2011-12-03 07:20:35.000000000 +0100 +++ new/squid-3.1.19/src/Makefile.in 2012-02-05 12:55:16.000000000 +0100 @@ -1890,7 +1890,7 @@ ../compat/libcompat.la -L../lib $(XTRA_OBJS) $(DISK_LINKOBJS) \ $(REPL_OBJS) $(DISK_LIBS) $(DISK_OS_LIBS) $(CRYPTLIB) \ $(REGEXLIB) $(SNMPLIB) ${ADAPTATION_LIBS} $(ESI_LIBS) \ - $(SSLLIB) $(SSL_LIBS) -lmiscutil $(EPOLL_LIBS) $(MINGW_LIBS) \ + $(SSL_LIBS) $(SSLLIB) -lmiscutil $(EPOLL_LIBS) $(MINGW_LIBS) \ $(XTRA_LIBS) $(am__append_6) squid_DEPENDENCIES = $(top_builddir)/lib/libmiscutil.a \ $(DISK_LIBS) \ @@ -2397,8 +2397,8 @@ -L../lib -lmiscutil \ $(SQUID_CPPUNIT_LIBS) \ $(SQUID_CPPUNIT_LA) \ - $(SSLLIB) \ $(SSL_LIBS) \ + $(SSLLIB) \ $(XTRA_LIBS) tests_testCacheManager_LDFLAGS = $(LIBADD_DL) @@ -2577,8 +2577,8 @@ -L../lib -lmiscutil \ $(SQUID_CPPUNIT_LIBS) \ $(SQUID_CPPUNIT_LA) \ - $(SSLLIB) \ $(SSL_LIBS) \ + $(SSLLIB) \ $(XTRA_LIBS) tests_testEvent_LDFLAGS = $(LIBADD_DL) @@ -2730,8 +2730,8 @@ -L../lib -lmiscutil \ $(SQUID_CPPUNIT_LIBS) \ $(SQUID_CPPUNIT_LA) \ - $(SSLLIB) \ $(SSL_LIBS) \ + $(SSLLIB) \ $(XTRA_LIBS) tests_testEventLoop_LDFLAGS = $(LIBADD_DL) @@ -2879,8 +2879,8 @@ -L../lib -lmiscutil \ $(SQUID_CPPUNIT_LIBS) \ $(SQUID_CPPUNIT_LA) \ - $(SSLLIB) \ $(SSL_LIBS) \ + $(SSLLIB) \ $(XTRA_LIBS) tests_test_http_range_LDFLAGS = $(LIBADD_DL) @@ -3031,8 +3031,8 @@ -L../lib -lmiscutil \ $(SQUID_CPPUNIT_LIBS) \ $(SQUID_CPPUNIT_LA) \ - $(SSLLIB) \ $(SSL_LIBS) \ + $(SSLLIB) \ $(XTRA_LIBS) tests_testHttpRequest_LDFLAGS = $(LIBADD_DL) @@ -3477,8 +3477,8 @@ -L../lib -lmiscutil \ $(SQUID_CPPUNIT_LIBS) \ $(SQUID_CPPUNIT_LA) \ - $(SSLLIB) \ $(SSL_LIBS) \ + $(SSLLIB) \ $(XTRA_LIBS) tests_testURL_LDFLAGS = $(LIBADD_DL) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.1.18/src/Store.h new/squid-3.1.19/src/Store.h --- old/squid-3.1.18/src/Store.h 2011-12-03 07:18:46.000000000 +0100 +++ new/squid-3.1.19/src/Store.h 2012-02-05 12:51:32.000000000 +0100 @@ -191,7 +191,7 @@ #if USE_ADAPTATION /// call back producer when more buffer space is available - void deferProducer(const AsyncCall::Pointer &producer); + void deferProducer(AsyncCall::Pointer &producer); /// calls back producer registered with deferProducer void kickProducer(); #endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.1.18/src/StoreEntryStream.h new/squid-3.1.19/src/StoreEntryStream.h --- old/squid-3.1.18/src/StoreEntryStream.h 2011-12-03 07:18:46.000000000 +0100 +++ new/squid-3.1.19/src/StoreEntryStream.h 2012-02-05 12:51:32.000000000 +0100 @@ -70,7 +70,10 @@ return traits_type::eof(); if (aChar != traits_type::eof()) { - char chars[1] = {aChar}; + // NP: cast because GCC promotes int_type to 32-bit type + // std::basic_streambuf<char>::int_type {aka int} + // despite the definition with 8-bit type value. + char chars[1] = {char(aChar)}; if (aChar != traits_type::eof()) theEntry->append(chars, 1); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.1.18/src/StoreSwapLogData.cc new/squid-3.1.19/src/StoreSwapLogData.cc --- old/squid-3.1.18/src/StoreSwapLogData.cc 2011-12-03 07:18:46.000000000 +0100 +++ new/squid-3.1.19/src/StoreSwapLogData.cc 2012-02-05 12:51:32.000000000 +0100 @@ -39,6 +39,24 @@ memset (key, '\0', sizeof(key)); } +bool +StoreSwapLogData::sane() const +{ + // TODO: These checks are rather weak. A corrupted swap.state may still + // cause havoc (e.g., cur_size may become astronomical). Add checksums? + + const time_t minTime = -2; // -1 is common; expires sometimes uses -2 + + // Check what we safely can; for some fields any value might be valid + return SWAP_LOG_NOP < op && op < SWAP_LOG_MAX && + swap_filen >= 0 && + timestamp >= minTime && + lastref >= minTime && + expires >= minTime && + lastmod >= minTime && + swap_file_sz > 0; // because swap headers ought to consume space +} + StoreSwapLogHeader::StoreSwapLogHeader():op(SWAP_LOG_VERSION), version(1) { record_size = sizeof(StoreSwapLogData); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.1.18/src/StoreSwapLogData.h new/squid-3.1.19/src/StoreSwapLogData.h --- old/squid-3.1.18/src/StoreSwapLogData.h 2011-12-03 07:18:46.000000000 +0100 +++ new/squid-3.1.19/src/StoreSwapLogData.h 2012-02-05 12:51:32.000000000 +0100 @@ -86,6 +86,9 @@ MEMPROXY_CLASS(StoreSwapLogData); StoreSwapLogData(); + /// consistency self-check: whether the data appears to make sense + bool sane() const; + /** * Either SWAP_LOG_ADD when an object is added to the disk storage, * or SWAP_LOG_DEL when an object is deleted. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.1.18/src/auth/digest/auth_digest.cc new/squid-3.1.19/src/auth/digest/auth_digest.cc --- old/squid-3.1.18/src/auth/digest/auth_digest.cc 2011-12-03 07:18:46.000000000 +0100 +++ new/squid-3.1.19/src/auth/digest/auth_digest.cc 2012-02-05 12:51:32.000000000 +0100 @@ -490,10 +490,10 @@ AuthUser *auth_user; debugs(29, 9, HERE << "Looking for user '" << username << "'"); - if (username && (usernamehash = static_cast < auth_user_hash_pointer * >(hash_lookup(proxy_auth_username_cache, username)))) { + if (username && (usernamehash = static_cast < AuthUserHashPointer * >(hash_lookup(proxy_auth_username_cache, username)))) { while ((usernamehash->user()->auth_type != AUTH_DIGEST) && (usernamehash->next)) - usernamehash = static_cast < auth_user_hash_pointer * >(usernamehash->next); + usernamehash = static_cast < AuthUserHashPointer * >(usernamehash->next); auth_user = NULL; @@ -515,7 +515,7 @@ AuthUser *auth_user; hash_first(proxy_auth_username_cache); - while ((usernamehash = ((auth_user_hash_pointer *) hash_next(proxy_auth_username_cache)))) { + while ((usernamehash = ((AuthUserHashPointer *) hash_next(proxy_auth_username_cache)))) { auth_user = usernamehash->user(); if (strcmp(auth_user->config->type(), "digest") == 0) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.1.18/src/auth/ntlm/auth_ntlm.cc new/squid-3.1.19/src/auth/ntlm/auth_ntlm.cc --- old/squid-3.1.18/src/auth/ntlm/auth_ntlm.cc 2011-12-03 07:18:46.000000000 +0100 +++ new/squid-3.1.19/src/auth/ntlm/auth_ntlm.cc 2012-02-05 12:51:32.000000000 +0100 @@ -393,7 +393,7 @@ debugs(29, 4, "AuthNTLMUserRequest::authenticate: authenticated user " << ntlm_user->username()); /* see if this is an existing user with a different proxy_auth * string */ - auth_user_hash_pointer *usernamehash = static_cast<AuthUserHashPointer *>(hash_lookup(proxy_auth_username_cache, ntlm_user->username())); + AuthUserHashPointer *usernamehash = static_cast<AuthUserHashPointer *>(hash_lookup(proxy_auth_username_cache, ntlm_user->username())); AuthUser *local_auth_user = ntlm_request->user(); while (usernamehash && (usernamehash->user()->auth_type != AUTH_NTLM || strcmp(usernamehash->user()->username(), ntlm_user->username()) != 0)) usernamehash = static_cast<AuthUserHashPointer *>(usernamehash->next); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.1.18/src/client_side.cc new/squid-3.1.19/src/client_side.cc --- old/squid-3.1.18/src/client_side.cc 2011-12-03 07:18:46.000000000 +0100 +++ new/squid-3.1.19/src/client_side.cc 2012-02-05 12:51:32.000000000 +0100 @@ -1390,6 +1390,7 @@ */ } +/// called when we have successfully finished writing the response void ClientSocketContext::keepaliveNextRequest() { @@ -1406,6 +1407,26 @@ } /** \par + * We are done with the response, and we are either still receiving request + * body (early response!) or have already stopped receiving anything. + * + * If we are still receiving, then clientParseRequest() below will fail. + * (XXX: but then we will call readNextRequest() which may succeed and + * execute a smuggled request as we are not done with the current request). + * + * If we stopped because we got everything, then try the next request. + * + * If we stopped receiving because of an error, then close now to avoid + * getting stuck and to prevent accidental request smuggling. + */ + + if (const char *reason = conn->stoppedReceiving()) { + debugs(33, 3, HERE << "closing for earlier request error: " << reason); + comm_close(conn->fd); + return; + } + + /** \par * Attempt to parse a request from the request buffer. * If we've been fed a pipelined request it may already * be in our read buffer. @@ -1634,44 +1655,36 @@ comm_close(fd()); } -/** Called to initiate (and possibly complete) closing of the context. - * The underlying socket may be already closed */ +/// called when we encounter a response-related error void ClientSocketContext::initiateClose(const char *reason) { - debugs(33, 5, HERE << "initiateClose: closing for " << reason); + http->getConn()->stopSending(reason); // closes ASAP +} - if (http != NULL) { - ConnStateData * conn = http->getConn(); +void +ConnStateData::stopSending(const char *error) +{ + debugs(33, 4, HERE << "sending error (FD " << fd << "): " << error << + "; old receiving error: " << + (stoppedReceiving() ? stoppedReceiving_ : "none")); - if (conn != NULL) { - if (const int64_t expecting = conn->bodySizeLeft()) { - debugs(33, 5, HERE << "ClientSocketContext::initiateClose: " << - "closing, but first " << conn << " needs to read " << - expecting << " request body bytes with " << - conn->in.notYetUsed << " notYetUsed"); - - if (conn->closing()) { - debugs(33, 2, HERE << "avoiding double-closing " << conn); - return; - } - - /* - * XXX We assume the reply fits in the TCP transmit - * window. If not the connection may stall while sending - * the reply (before reaching here) if the client does not - * try to read the response while sending the request body. - * As of yet we have not received any complaints indicating - * this may be an issue. - */ - conn->startClosing(reason); + if (const char *oldError = stoppedSending()) { + debugs(33, 3, HERE << "already stopped sending: " << oldError); + return; // nothing has changed as far as this connection is concerned + } - return; - } + stoppedSending_ = error; + + if (!stoppedReceiving()) { + if (const int64_t expecting = bodySizeLeft()) { + debugs(33, 5, HERE << "must still read " << expecting << + " request body bytes with " << in.notYetUsed << " unused"); + return; // wait for the request receiver to finish reading } } - doClose(); + comm_close(fd); } void @@ -2928,16 +2941,11 @@ if (!bodyPipe) { debugs(33,5, HERE << "produced entire request body for FD " << fd); - if (closing()) { + if (const char *reason = stoppedSending()) { /* we've finished reading like good clients, * now do the close that initiateClose initiated. - * - * XXX: do we have to close? why not check keepalive et. - * - * XXX: To support chunked requests safely, we need to handle - * the case of an endless request. This if-statement does not, - * because mayNeedMoreData is true if request size is not known. */ + debugs(33, 3, HERE << "closing for earlier sending error: " << reason); comm_close(fd); return false; } @@ -2952,7 +2960,7 @@ return; // too late to read more body - if (!isOpen() || closing()) + if (!isOpen() || stoppedReceiving()) return; readSomeData(); @@ -2961,8 +2969,11 @@ void ConnStateData::noteBodyConsumerAborted(BodyPipe::Pointer ) { - if (!closing()) - startClosing("body consumer aborted"); + // request reader may get stuck waiting for space if nobody consumes body + if (bodyPipe != NULL) + bodyPipe->enableAutoConsumption(); + + stopReceiving("virgin request body consumer aborted"); // closes ASAP } /** general lifetime handler for HTTP requests */ @@ -3755,7 +3766,9 @@ CBDATA_CLASS_INIT(ConnStateData); -ConnStateData::ConnStateData() :AsyncJob("ConnStateData"), transparent_ (false), closing_ (false), switchedToHttps_(false) +ConnStateData::ConnStateData() :AsyncJob("ConnStateData"), transparent_ (false), + switchedToHttps_(false), + stoppedSending_(NULL), stoppedReceiving_(NULL) { pinning.fd = -1; pinning.pinned = false; @@ -3798,33 +3811,24 @@ return bodyPipe; } -bool -ConnStateData::closing() const -{ - return closing_; -} - -/** - * Called by ClientSocketContext to give the connection a chance to read - * the entire body before closing the socket. - */ void -ConnStateData::startClosing(const char *reason) +ConnStateData::stopReceiving(const char *error) { - debugs(33, 5, HERE << "startClosing " << this << " for " << reason); - assert(!closing()); - closing_ = true; + debugs(33, 4, HERE << "receiving error (FD " << fd << "): " << error << + "; old sending error: " << + (stoppedSending() ? stoppedSending_ : "none")); - assert(bodyPipe != NULL); - assert(bodySizeLeft() > 0); + if (const char *oldError = stoppedReceiving()) { + debugs(33, 3, HERE << "already stopped receiving: " << oldError); + return; // nothing has changed as far as this connection is concerned + } - // We do not have to abort the body pipeline because we are going to - // read the entire body anyway. - // Perhaps an ICAP server wants to log the complete request. - - // If a consumer abort have caused this closing, we may get stuck - // as nobody is consuming our data. Allow auto-consumption. - bodyPipe->enableAutoConsumption(); + stoppedReceiving_ = error; + + if (const char *sendError = stoppedSending()) { + debugs(33, 3, HERE << "closing because also stopped sending: " << sendError); + comm_close(fd); + } } void diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.1.18/src/client_side.h new/squid-3.1.19/src/client_side.h --- old/squid-3.1.18/src/client_side.h 2011-12-03 07:18:46.000000000 +0100 +++ new/squid-3.1.19/src/client_side.h 2012-02-05 12:51:32.000000000 +0100 @@ -214,8 +214,15 @@ bool reading() const; void stopReading(); ///< cancels comm_read if it is scheduled - bool closing() const; - void startClosing(const char *reason); + /// true if we stopped receiving the request + const char *stoppedReceiving() const { return stoppedReceiving_; } + /// true if we stopped sending the response + const char *stoppedSending() const { return stoppedSending_; } + /// note request receiving error and close as soon as we write the response + void stopReceiving(const char *error); + /// note response sending error and close as soon as we read the request + void stopSending(const char *error); + void expectNoForwarding(); ///< cleans up virgin request [body] forwarding state BodyPipe::Pointer expectRequestBody(int64_t size); @@ -293,9 +300,14 @@ private: CBDATA_CLASS2(ConnStateData); bool transparent_; - bool closing_; bool switchedToHttps_; + + /// the reason why we no longer write the response or nil + const char *stoppedSending_; + /// the reason why we no longer read the request or nil + const char *stoppedReceiving_; + String sslHostName; ///< Host name for SSL certificate generation AsyncCall::Pointer reader; ///< set when we are reading BodyPipe::Pointer bodyPipe; // set when we are reading request body diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.1.18/src/client_side_reply.cc new/squid-3.1.19/src/client_side_reply.cc --- old/squid-3.1.18/src/client_side_reply.cc 2011-12-03 07:18:46.000000000 +0100 +++ new/squid-3.1.19/src/client_side_reply.cc 2012-02-05 12:51:32.000000000 +0100 @@ -359,6 +359,7 @@ // origin replied 304 if (status == HTTP_NOT_MODIFIED) { http->logType = LOG_TCP_REFRESH_UNMODIFIED; + http->request->flags.stale_if_hit = 0; // old_entry is no longer stale // update headers on existing entry old_rep->updateOnNotModified(http->storeEntry()->getReply()); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.1.18/src/client_side_request.cc new/squid-3.1.19/src/client_side_request.cc --- old/squid-3.1.18/src/client_side_request.cc 2011-12-03 07:18:46.000000000 +0100 +++ new/squid-3.1.19/src/client_side_request.cc 2012-02-05 12:51:32.000000000 +0100 @@ -873,18 +873,22 @@ request->flags.auth = 1; ConnStateData *http_conn = http->getConn(); - assert(http_conn); - request->flags.connection_auth_disabled = http_conn->port->connection_auth_disabled; - if (!request->flags.connection_auth_disabled) { - if (http_conn->pinning.fd != -1) { - if (http_conn->pinning.auth) { - request->flags.connection_auth = 1; - request->flags.auth = 1; - } else { - request->flags.connection_proxy_auth = 1; + if (http_conn) { + request->flags.connection_auth_disabled = http_conn->port->connection_auth_disabled; + if (!request->flags.connection_auth_disabled) { + if (http_conn->pinning.fd != -1) { + if (http_conn->pinning.auth) { + request->flags.connection_auth = 1; + request->flags.auth = 1; + } else { + request->flags.connection_proxy_auth = 1; + } + request->setPinnedConnection(http_conn); } - request->setPinnedConnection(http_conn); } + } else { + // internal requests and ESI don't have client conn. + request->flags.connection_auth_disabled = 1; } /* check if connection auth is used, and flag as candidate for pinning diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.1.18/src/external_acl.cc new/squid-3.1.19/src/external_acl.cc --- old/squid-3.1.18/src/external_acl.cc 2011-12-03 07:18:46.000000000 +0100 +++ new/squid-3.1.19/src/external_acl.cc 2012-02-05 12:51:32.000000000 +0100 @@ -681,6 +681,27 @@ safe_free (class_); } +static void +copyResultsFromEntry(HttpRequest *req, external_acl_entry *entry) +{ + if (req) { + if (entry->user.size()) + req->extacl_user = entry->user; + + if (entry->password.size()) + req->extacl_passwd = entry->password; + + if (!req->tag.size()) + req->tag = entry->tag; + + if (entry->log.size()) + req->extacl_log = entry->log; + + if (entry->message.size()) + req->extacl_message = entry->message; + } +} + static int aclMatchExternal(external_acl_data *acl, ACLFilledChecklist *ch) { @@ -762,24 +783,7 @@ external_acl_message = entry->message.termedBuf(); debugs(82, 2, "aclMatchExternal: " << acl->def->name << " = " << result); - - if (ch->request) { - if (entry->user.size()) - ch->request->extacl_user = entry->user; - - if (entry->password.size()) - ch->request->extacl_passwd = entry->password; - - if (!ch->request->tag.size()) - ch->request->tag = entry->tag; - - if (entry->log.size()) - ch->request->extacl_log = entry->log; - - if (entry->message.size()) - ch->request->extacl_message = entry->message; - } - + copyResultsFromEntry(ch->request, entry); return result; } @@ -838,8 +842,13 @@ switch (format->type) { case _external_acl_format::EXT_ACL_LOGIN: - assert (ch->auth_user_request); - str = ch->auth_user_request->username(); + // if this ACL line was the cause of credentials fetch + // they may not already be in the checklist + if (ch->auth_user_request == NULL && ch->request) + ch->auth_user_request = ch->request->auth_user_request; + + if (ch->auth_user_request != NULL) + str = ch->auth_user_request->username(); break; #if USE_IDENT @@ -1348,7 +1357,7 @@ (long unsigned int) entry->date << ", result=" << entry->result << ", user=" << entry->user << " tag=" << entry->tag << " log=" << entry->log << " }"); - + copyResultsFromEntry(ch->request, entry); } callback(callback_data, entry); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.1.18/src/fs/ufs/store_dir_ufs.cc new/squid-3.1.19/src/fs/ufs/store_dir_ufs.cc --- old/squid-3.1.18/src/fs/ufs/store_dir_ufs.cc 2011-12-03 07:18:46.000000000 +0100 +++ new/squid-3.1.19/src/fs/ufs/store_dir_ufs.cc 2012-02-05 12:51:32.000000000 +0100 @@ -733,14 +733,15 @@ file_close(swaplog_fd); if (xrename(new_path, swaplog_path) < 0) { - fatal("commonUfsDirCloseTmpSwapLog: rename failed"); + debugs(50, DBG_IMPORTANT, "ERROR: " << swaplog_path << ": " << xstrerror()); + fatalf("Failed to rename log file %s to %s.new", swaplog_path, swaplog_path); } fd = file_open(swaplog_path, O_WRONLY | O_CREAT | O_BINARY); if (fd < 0) { - debugs(50, 1, "" << swaplog_path << ": " << xstrerror()); - fatal("commonUfsDirCloseTmpSwapLog: Failed to open swap log."); + debugs(50, DBG_IMPORTANT, "ERROR: " << swaplog_path << ": " << xstrerror()); + fatalf("Failed to open swap log %s", swaplog_path); } safe_free(swaplog_path); @@ -749,13 +750,6 @@ debugs(47, 3, "Cache Dir #" << index << " log opened on FD " << fd); } -static void -FreeHeader(void *address) -{ - StoreSwapLogHeader *anObject = static_cast <StoreSwapLogHeader *>(address); - delete anObject; -} - FILE * UFSSwapDir::openTmpSwapLog(int *clean_flag, int *zero_flag) { @@ -794,9 +788,16 @@ swaplog_fd = fd; { - StoreSwapLogHeader *header = new StoreSwapLogHeader; - file_write(swaplog_fd, -1, header, sizeof(*header), - NULL, NULL, FreeHeader); + const StoreSwapLogHeader header; + MemBuf buf; + buf.init(header.record_size, header.record_size); + buf.append(reinterpret_cast<const char*>(&header), sizeof(header)); + // Pad to keep in sync with UFSSwapDir::writeCleanStart(). + // TODO: When MemBuf::spaceSize() is fixed not to subtract one, + // memset() space() with zeroes and use spaceSize() below. + buf.appended(static_cast<size_t>(header.record_size) - sizeof(header)); + file_write(swaplog_fd, -1, buf.content(), buf.contentSize(), + NULL, NULL, buf.freeFunc()); } /* open a read-only stream of the old log */ @@ -882,6 +883,7 @@ state->outbuf_offset = 0; /*copy the header */ xmemcpy(state->outbuf, &header, sizeof(StoreSwapLogHeader)); + // Leave a gap to keep in sync with UFSSwapDir::openTmpSwapLog(). state->outbuf_offset += header.record_size; state->walker = repl->WalkInit(repl); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.1.18/src/fs/ufs/ufscommon.cc new/squid-3.1.19/src/fs/ufs/ufscommon.cc --- old/squid-3.1.18/src/fs/ufs/ufscommon.cc 2011-12-03 07:18:46.000000000 +0100 +++ new/squid-3.1.19/src/fs/ufs/ufscommon.cc 2012-02-05 12:51:32.000000000 +0100 @@ -604,11 +604,10 @@ n_read++; - if (swapData.op <= SWAP_LOG_NOP) - continue; - - if (swapData.op >= SWAP_LOG_MAX) + if (!swapData.sane()) { + counts.invalid++; continue; + } /* * BC: during 2.4 development, we changed the way swap file diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.1.18/src/ssl_support.cc new/squid-3.1.19/src/ssl_support.cc --- old/squid-3.1.18/src/ssl_support.cc 2011-12-03 07:18:46.000000000 +0100 +++ new/squid-3.1.19/src/ssl_support.cc 2012-02-05 12:51:32.000000000 +0100 @@ -355,7 +355,7 @@ #endif #ifdef SSL_OP_ALL { - "ALL", SSL_OP_ALL + "ALL", (long)SSL_OP_ALL }, #endif #ifdef SSL_OP_SINGLE_DH_USE diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.1.18/src/store.cc new/squid-3.1.19/src/store.cc --- old/squid-3.1.18/src/store.cc 2011-12-03 07:18:46.000000000 +0100 +++ new/squid-3.1.19/src/store.cc 2012-02-05 12:51:32.000000000 +0100 @@ -368,7 +368,7 @@ #if USE_ADAPTATION void -StoreEntry::deferProducer(const AsyncCall::Pointer &producer) +StoreEntry::deferProducer(AsyncCall::Pointer &producer) { if (!deferredProducer) deferredProducer = producer; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/squid-3.1.18/src/typedefs.h new/squid-3.1.19/src/typedefs.h --- old/squid-3.1.18/src/typedefs.h 2011-12-03 07:18:46.000000000 +0100 +++ new/squid-3.1.19/src/typedefs.h 2012-02-05 12:51:32.000000000 +0100 @@ -49,11 +49,6 @@ //UNUSED typedef struct _acl_deny_info_list acl_deny_info_list; //UNUSED typedef class AuthUser auth_user_t; - -/// \ingroup AuthAPI -/// \deprecated Use AuthUserHashPointer instead. -typedef struct AuthUserHashPointer auth_user_hash_pointer; - /// \ingroup AuthAPI /// \deprecated Use AuthUserIP instead. typedef struct AuthUserIP auth_user_ip_t; ++++++ squid-3.1.19.tar.bz2.asc ++++++ File: squid-3.1.19.tar.bz2 Date: Sun Feb 5 13:21:35 UTC 2012 Size: 2509837 MD5 : 9b6ffaf96bee8f05f0085bc6361d7c94 SHA1: fae2ef3d8a994297efe62d504d09e4c79b34db04 Key : 0xFF5CF463 <[email protected]> fingerprint = EA31 CC5E 9488 E516 8D2D CC5E B268 E706 FF5C F463 keyring = http://www.squid-cache.org/pgp.asc keyserver = subkeys.pgp.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAABAgAGBQJPLoNyAAoJELJo5wb/XPRjPnoIAJJooSBK44JE8+lYmj2XNjMg 8exLxnjWsBxg1XiA4lPw9dVx7MJy6LDyytbO0gFh/WTJyLgSSRlZrbq2LBcSqFUj eCYAG1r5wcmARV1kRCu3iT8c6JA471q+xD/QIheA30z3QmUze6x8+eNVWrrhHlRF jq5cFXCSglvv6jL2fs8N39sGsanfduT2F0+Kb4HGRsxG99zaagdURrtbdltkxcln 8lJO8TiSntj5cwJYmXrdbDut1R/c2dtU6miaMLPK01EoxN9Nw+UumYwY0BFw/WFH kvII+28hVBeR/h8CP3US6Zs/wvYlEwfoqQTG4zSjfCjifFmrqHW9YG9GFDpW/B4= =Mt1A -----END PGP SIGNATURE----- ++++++ squid-FSF.patch ++++++ Index: COPYING =================================================================== --- COPYING.orig +++ COPYING @@ -1,8 +1,8 @@ GNU GENERAL PUBLIC LICENSE Version 2, June 1991 - Copyright (C) 1989, 1991 Free Software Foundation, Inc. - 59 Temple Place, Suite 330, Boston, MA 02111, USA + Copyright (C) 1989, 1991 Free Software Foundation, + 51 Franklin Street, Suite 500, Boston, MA 02110-1335, USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Index: COPYRIGHT =================================================================== --- COPYRIGHT.orig +++ COPYRIGHT @@ -18,8 +18,8 @@ You should have received a copy of the G with this program; if not, write to: The Free Software Foundation - 59 Temple Place - Suite 330 - Boston, MA 02111, USA + 51 Franklin Street + Suite 500 + Boston, MA 02110-1335, USA Or contact [email protected] Index: README =================================================================== --- README.orig +++ README @@ -14,7 +14,7 @@ SQUID Web Proxy Cache http://www. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. + Foundation, 51 Franklin Street, Suite 500, Boston, MA 02110-1335, USA. Squid is derived from the ``cached'' software from the ARPA-funded Harvest research project. Squid includes software copyrighted Index: helpers/basic_auth/SMB/smb_auth.sh =================================================================== --- helpers/basic_auth/SMB/smb_auth.sh.orig +++ helpers/basic_auth/SMB/smb_auth.sh @@ -15,7 +15,7 @@ # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software -# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +# Foundation, 51 Franklin Street, Suite 500, Boston, MA 02110-1335, USA read DOMAINNAME read PASSTHROUGH Index: helpers/basic_auth/POP3/pop3.pl =================================================================== --- helpers/basic_auth/POP3/pop3.pl.orig +++ helpers/basic_auth/POP3/pop3.pl @@ -15,7 +15,7 @@ # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. +# Foundation, 51 Franklin Street, Suite 500, Boston, MA 02110-1335, USA. # # Change log: # 2006-12-10 henrik Initial revision ++++++ squid-config.patch ++++++ Index: src/cf.data.pre =================================================================== --- src/cf.data.pre.orig +++ src/cf.data.pre @@ -925,6 +925,8 @@ http_access deny CONNECT !SSL_ports # Adapt localnet in the ACL section to list your (internal) IP networks # from where browsing should be allowed http_access allow localnet + +# Allow localhost always proxy functionality http_access allow localhost # And finally deny all other access to this proxy @@ -2358,6 +2360,10 @@ DOC_START Instead, if you want Squid to use the entire disk drive, subtract 20% and use that value. + Note on 'Mbytes': You need to consider the available RAM on the + machine versus the approx. 10MB RAM per 1GB of files which the + cache_dir index will consume. + 'L1' is the number of first-level subdirectories which will be created under the 'Directory'. The default is 16. @@ -2433,7 +2439,7 @@ DOC_START NOCOMMENT_START # Uncomment and adjust the following to add a disk cache directory. -#cache_dir ufs @DEFAULT_SWAP_DIR@ 100 16 256 +#cache_dir aufs @DEFAULT_SWAP_DIR@ 100 16 256 NOCOMMENT_END DOC_END @@ -2845,7 +2851,7 @@ DOC_END NAME: logfile_rotate TYPE: int -DEFAULT: 10 +DEFAULT: 0 LOC: Config.Log.rotateNumber DOC_START Specifies the number of logfile rotations to make when you ++++++ squid-nobuilddates.patch ++++++ Index: helpers/basic_auth/mswin_sspi/mswin_auth.c =================================================================== --- helpers/basic_auth/mswin_sspi/mswin_auth.c.orig +++ helpers/basic_auth/mswin_sspi/mswin_auth.c @@ -118,7 +118,7 @@ main(int argc, char **argv) my_program_name = argv[0]; process_options(argc, argv); - debug("%s build " __DATE__ ", " __TIME__ " starting up...\n", my_program_name); + debug("%s starting up...\n", my_program_name); if (LoadSecurityDll(SSP_BASIC, NTLM_PACKAGE_NAME) == NULL) { fprintf(stderr, "FATAL, can't initialize SSPI, exiting.\n"); Index: helpers/external_acl/mswin_ad_group/mswin_check_ad_group.c =================================================================== --- helpers/external_acl/mswin_ad_group/mswin_check_ad_group.c.orig +++ helpers/external_acl/mswin_ad_group/mswin_check_ad_group.c @@ -430,8 +430,7 @@ main(int argc, char *argv[]) if (!DefaultDomain) DefaultDomain = xstrdup(machinedomain); } - debug("External ACL win32 group helper build " __DATE__ ", " __TIME__ - " starting up...\n"); + debug("External ACL win32 group helper starting up...\n"); if (use_global) debug("Domain Global group mode enabled using '%s' as default domain.\n", DefaultDomain); if (use_case_insensitive_compare) Index: helpers/external_acl/mswin_lm_group/win32_check_group.c =================================================================== --- helpers/external_acl/mswin_lm_group/win32_check_group.c.orig +++ helpers/external_acl/mswin_lm_group/win32_check_group.c @@ -546,8 +546,7 @@ main(int argc, char *argv[]) if (!DefaultDomain) DefaultDomain = xstrdup(machinedomain); } - debug("External ACL win32 group helper build " __DATE__ ", " __TIME__ - " starting up...\n"); + debug("External ACL win32 group helper starting up...\n"); if (use_global) debug("Domain Global group mode enabled using '%s' as default domain.\n", DefaultDomain); if (use_case_insensitive_compare) Index: helpers/negotiate_auth/mswin_sspi/negotiate_auth.c =================================================================== --- helpers/negotiate_auth/mswin_sspi/negotiate_auth.c.orig +++ helpers/negotiate_auth/mswin_sspi/negotiate_auth.c @@ -299,7 +299,7 @@ main(int argc, char *argv[]) process_options(argc, argv); - debug("%s build " __DATE__ ", " __TIME__ " starting up...\n", my_program_name); + debug("%s starting up...\n", my_program_name); if (LoadSecurityDll(SSP_NTLM, NEGOTIATE_PACKAGE_NAME) == NULL) { fprintf(stderr, "FATAL, can't initialize SSPI, exiting.\n"); Index: helpers/ntlm_auth/fakeauth/fakeauth_auth.c =================================================================== --- helpers/ntlm_auth/fakeauth/fakeauth_auth.c.orig +++ helpers/ntlm_auth/fakeauth/fakeauth_auth.c @@ -387,7 +387,7 @@ main(int argc, char *argv[]) process_options(argc, argv); - debug("%s build " __DATE__ ", " __TIME__ " starting up...\n", my_program_name); + debug("%s starting up...\n", my_program_name); while (fgets(buf, BUFFER_SIZE, stdin) != NULL) { user[0] = '\0'; /*no usercode */ Index: helpers/ntlm_auth/mswin_sspi/ntlm_auth.c =================================================================== --- helpers/ntlm_auth/mswin_sspi/ntlm_auth.c.orig +++ helpers/ntlm_auth/mswin_sspi/ntlm_auth.c @@ -381,7 +381,7 @@ main(int argc, char *argv[]) process_options(argc, argv); - debug("%s build " __DATE__ ", " __TIME__ " starting up...\n", my_program_name); + debug("%s starting up...\n", my_program_name); if (LoadSecurityDll(SSP_NTLM, NTLM_PACKAGE_NAME) == NULL) { fprintf(stderr, "FATAL, can't initialize SSPI, exiting.\n"); Index: helpers/ntlm_auth/smb_lm/ntlm_smb_lm_auth.c =================================================================== --- helpers/ntlm_auth/smb_lm/ntlm_smb_lm_auth.c.orig +++ helpers/ntlm_auth/smb_lm/ntlm_smb_lm_auth.c @@ -461,7 +461,7 @@ manage_request() int main(int argc, char *argv[]) { - debug("ntlm_auth build " __DATE__ ", " __TIME__ " starting up...\n"); + debug("ntlm_auth build starting up...\n"); my_program_name = argv[0]; process_options(argc, argv); ++++++ squid-swapdir.patch ++++++ Index: configure.ac =================================================================== --- configure.ac.orig +++ configure.ac @@ -204,6 +204,21 @@ AC_ARG_WITH(logdir, ) AC_SUBST(DEFAULT_LOG_DIR) +DEFAULT_SWAPDIR="$localstatedir/cache" +AC_ARG_WITH(swapdir, + AS_HELP_STRING([--with-swapdir=PATH],[Default location for squid SWAP files. default: $DEFAULT_SWAPDIR]), + [ case $withval in + yes|no) + AC_MSG_ERROR( --with-swapdir requires a directory PATH. --with-swapdir=PATH ) + ;; + *) + DEFAULT_SWAPDIR="$withval" + ;; + esac + ] +) +AC_SUBST(DEFAULT_SWAPDIR) + DEFAULT_PIDFILE="$localstatedir/run/squid.pid" AC_ARG_WITH(pidfile, AS_HELP_STRING([--with-pidfile=PATH],[Default location for squid PID file. default: PREFIX/var/run/squid.pid]), Index: src/Makefile.am =================================================================== --- src/Makefile.am.orig +++ src/Makefile.am @@ -729,7 +729,7 @@ DEFAULT_ACCESS_LOG = $(DEFAULT_LOG_ DEFAULT_STORE_LOG = $(DEFAULT_LOG_PREFIX)/store.log DEFAULT_PID_FILE = $(DEFAULT_PIDFILE) DEFAULT_NETDB_FILE = $(DEFAULT_LOG_PREFIX)/netdb.state -DEFAULT_SWAP_DIR = $(localstatedir)/cache +DEFAULT_SWAP_DIR = $(DEFAULT_SWAPDIR) DEFAULT_SSL_DB_DIR = $(localstatedir)/lib/ssl_db DEFAULT_PINGER = $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'` DEFAULT_UNLINKD = $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'` Index: src/Makefile.in =================================================================== --- src/Makefile.in.orig +++ src/Makefile.in @@ -2054,7 +2054,7 @@ DEFAULT_ACCESS_LOG = $(DEFAULT_LOG_PREFI DEFAULT_STORE_LOG = $(DEFAULT_LOG_PREFIX)/store.log DEFAULT_PID_FILE = $(DEFAULT_PIDFILE) DEFAULT_NETDB_FILE = $(DEFAULT_LOG_PREFIX)/netdb.state -DEFAULT_SWAP_DIR = $(localstatedir)/cache +DEFAULT_SWAP_DIR = $(DEFAULT_SWAPDIR) DEFAULT_SSL_DB_DIR = $(localstatedir)/lib/ssl_db DEFAULT_PINGER = $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'` DEFAULT_UNLINKD = $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'` ++++++ unsquid.pl ++++++ --- /var/tmp/diff_new_pack.vuvIoL/_old 2012-02-20 16:18:50.000000000 +0100 +++ /var/tmp/diff_new_pack.vuvIoL/_new 2012-02-20 16:18:50.000000000 +0100 @@ -15,7 +15,7 @@ # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +# Foundation, 51 Franklin Street, Suite 500, Boston, MA 02110-1335, USA # # $Id: unsquid,v 1.4 2000/03/11 17:31:06 avatar Exp $ -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
