[squid-dev] test
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sorry for the noise, please ignroe. Just testing to see if my mailer is receiving squid mail again after RBL issues. Amos -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBAgAGBQJUrQqJAAoJELJo5wb/XPRj1HYIAIP7Ru3FRPDZ4eT4XY59DJCb MhaeBOo1A4TixbQT23KKv7TjzzKZu2bl9We7x3BywPwkxl4ZgLv+gWCUHcYYI/UX D0XT/EEkXa6pNdQJqhnK3jOoxQknMnTtcELuWuNoFkl2jdjaiBlTeir9yhxGSGj6 qcwUyQiAtHa7unNpZUx0/nNHN1Rr2tIwOqFYSqqFbxmB5O0La+EINyPRjl72SfVJ UnZfyXf44253HgLY3MdNA5LhCz89KEQJzyfF65TT82TM122XOVECj4zQLudIYTtN safrogMK6K18LpMP9D035cTk0yc2qKAL1X7GRh3mYEfeQaR9PXXIBXeuNjX95SM= =+2Og -END PGP SIGNATURE- ___ squid-dev mailing list squid-dev@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-dev
Re: [squid-dev] Fwd: Heads up: cachemgr output in trunk
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 7/01/2015 10:44 p.m., Kinkie wrote: Hi, something is looking weird with cachemgr output (and has been for a while, at least before rev 13809. 1. ACLs are not newline-separated acl CONNECT method CONNECT acl Safe_ports port 80 21 443 70 210 1025-65535 280 488 591 777 acl SSL_ports port 443 acl localnet src 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 acl arpacl arp 00:26:18:7d:ac:a0 00:26:18:7d:ac:aa 00:26:18:7d:ac:af 01:26:18:7d:ac:af acl to_localhost dst ::1 0.0.0.0 127.0.0.0/8 acl localhost src ::1 127.0.0.1 acl manager url_regex - -i (^cache_object://) +i (^https?://[^/]+/squid-internal-mgr/) acl all src ::/0 follow_x_forwarded_for deny all Incorrect dump() code for acl directive. The child object storing the list values does not output \n characters as it is usually dumping content as a child of some other object. The acl dumper needs to append \n. 2. http_access and http_port lines (oddly, not the first line) have an extra heading white space http_access allow arpacl http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access allow localnet http_access deny all http_port [::]:3128 name=3128 connection-auth=on I think this whitespace is an artifact of some dumper wrongly assuming line-wrapping. But I've not spotted exactly where. 3. spurious characters before host_verify_strict `583{FF^?host_verify_strict on There are also a couple of unexpected newlines in my sample output, but everything else looks OK. Does anyone know about where this may be originating from? Amos -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBAgAGBQJUrQxBAAoJELJo5wb/XPRjf08H/Alx8bqoCXGLtZ58ZeSjaOuo fXr2MNVAZj+whywaKlUhfhzY40x7aKCKOmz8JHovQNmjggyJNmiKOMgzp9X6aHDD 8+cVjIwQ9YKD+mJgFzlu0qtUhfU1ntYPx3LhEAlxbnyiTPUcl7BiZXnaMntkHZZu 5Q/VUFnkOdvy3bHHejgq1WLTRoTPWsvdb7+sWD4KdssOVeL6X1Grb5tyJLZUeZGn IUt+6KWGdaT8EzVbrQDHrE9b6LzrCHM7oovoBcWwwFWfRJMOCxcQbfFTWMTeQ/Yd qUgieRTdrJ2WpFLLKLW3s5QjXelwBR/hrCUr/13MNSdluipskREgAGWi7MmblvY= =j8NI -END PGP SIGNATURE- ___ squid-dev mailing list squid-dev@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-dev
[squid-dev] [RFC] remove-splay branch
Hi all, following the recent discussions on Splay, I've started working on replacing it wherever it makes sense (almost everywhere) with std::set or std::map or std::unordered_map Among the expected benefits are clearer memory management responsibilities, performance, more compact and standard code. So far I've converted src/acl/Arp* and src/acl/Eui64*; before moving on to other users I'd like to get some feedback that I am on the correct path. Feature-branch is at lp;~squid/squid/remove-splay ; I'm attaching the current delta snapshot. Thanks -- Kinkie replace-splay-rfc1.patch Description: Binary data ___ squid-dev mailing list squid-dev@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-dev
[squid-dev] Build failed in Jenkins: 3.HEAD-amd64-centos-6-clang #419
See http://build.squid-cache.org/job/3.HEAD-amd64-centos-6-clang/419/changes Changes: [Amos Jeffries] Fix assertions inserting duplicate values into a splay ... loading ACLs with duplicate values is quite common. -- [...truncated 3768 lines...] sed -e 's,[@]PERL[@],/usr/bin/perl,g' ../../../../helpers/basic_auth/DB/basic_db_auth.pl.in basic_db_auth || (/bin/rm -f -f basic_db_auth ; exit 1) pod2man basic_db_auth basic_db_auth.8 make[4]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-amd64-centos-6-clang/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/helpers/basic_auth/DB' Making all in LDAP make[4]: Entering directory `http://build.squid-cache.org/job/3.HEAD-amd64-centos-6-clang/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/helpers/basic_auth/LDAP' ccache clang++ -DHAVE_CONFIG_H -I../../../.. -I../../../../include -I../../../../lib -I../../../../src -I../../../include -Werror -Qunused-arguments -Wno-deprecated-register -D_REENTRANT -g -O2 -std=c++11 -MT basic_ldap_auth.o -MD -MP -MF .deps/basic_ldap_auth.Tpo -c -o basic_ldap_auth.o ../../../../helpers/basic_auth/LDAP/basic_ldap_auth.cc mv -f .deps/basic_ldap_auth.Tpo .deps/basic_ldap_auth.Po /bin/sh ../../../libtool --tag=CXX --mode=link ccache clang++ -Werror -Qunused-arguments -Wno-deprecated-register -D_REENTRANT -g -O2 -std=c++11 -g -o basic_ldap_auth basic_ldap_auth.o ../../../lib/libmiscencoding.la ../../../compat/libcompat-squid.la -lldap -llber libtool: link: ccache clang++ -Werror -Qunused-arguments -Wno-deprecated-register -D_REENTRANT -g -O2 -std=c++11 -g -o basic_ldap_auth basic_ldap_auth.o ../../../lib/.libs/libmiscencoding.a ../../../compat/.libs/libcompat-squid.a -lldap -llber make[4]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-amd64-centos-6-clang/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/helpers/basic_auth/LDAP' Making all in NCSA make[4]: Entering directory `http://build.squid-cache.org/job/3.HEAD-amd64-centos-6-clang/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/helpers/basic_auth/NCSA' ccache clang++ -DHAVE_CONFIG_H -I../../../.. -I../../../../include -I../../../../lib -I../../../../src -I../../../include -I../../../../helpers/basic_auth/NCSA -Werror -Qunused-arguments -Wno-deprecated-register -D_REENTRANT -g -O2 -std=c++11 -MT basic_ncsa_auth.o -MD -MP -MF .deps/basic_ncsa_auth.Tpo -c -o basic_ncsa_auth.o ../../../../helpers/basic_auth/NCSA/basic_ncsa_auth.cc ccache clang++ -DHAVE_CONFIG_H -I../../../.. -I../../../../include -I../../../../lib -I../../../../src -I../../../include -I../../../../helpers/basic_auth/NCSA -Werror -Qunused-arguments -Wno-deprecated-register -D_REENTRANT -g -O2 -std=c++11 -MT crypt_md5.o -MD -MP -MF .deps/crypt_md5.Tpo -c -o crypt_md5.o ../../../../helpers/basic_auth/NCSA/crypt_md5.cc mv -f .deps/crypt_md5.Tpo .deps/crypt_md5.Po mv -f .deps/basic_ncsa_auth.Tpo .deps/basic_ncsa_auth.Po /bin/sh ../../../libtool --tag=CXX --mode=link ccache clang++ -Werror -Qunused-arguments -Wno-deprecated-register -D_REENTRANT -g -O2 -std=c++11 -g -o basic_ncsa_auth basic_ncsa_auth.o crypt_md5.o ../../../lib/libmisccontainers.la ../../../lib/libmiscencoding.la ../../../compat/libcompat-squid.la -lnettle -lcrypt -lm -lnsl -lresolv -lcap -lrt -ldl -ldl libtool: link: ccache clang++ -Werror -Qunused-arguments -Wno-deprecated-register -D_REENTRANT -g -O2 -std=c++11 -g -o basic_ncsa_auth basic_ncsa_auth.o crypt_md5.o ../../../lib/.libs/libmisccontainers.a ../../../lib/.libs/libmiscencoding.a ../../../compat/.libs/libcompat-squid.a -lnettle -lcrypt -lm -lnsl -lresolv -lcap -lrt -ldl make[4]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-amd64-centos-6-clang/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/helpers/basic_auth/NCSA' Making all in NIS make[4]: Entering directory `http://build.squid-cache.org/job/3.HEAD-amd64-centos-6-clang/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/helpers/basic_auth/NIS' ccache clang++ -DHAVE_CONFIG_H -I../../../.. -I../../../../include -I../../../../lib -I../../../../src -I../../../include -I../../../../helpers/basic_auth/NIS -Werror -Qunused-arguments -Wno-deprecated-register -D_REENTRANT -g -O2 -std=c++11 -MT basic_nis_auth.o -MD -MP -MF .deps/basic_nis_auth.Tpo -c -o basic_nis_auth.o ../../../../helpers/basic_auth/NIS/basic_nis_auth.cc ccache clang++ -DHAVE_CONFIG_H -I../../../.. -I../../../../include -I../../../../lib -I../../../../src -I../../../include -I../../../../helpers/basic_auth/NIS -Werror -Qunused-arguments -Wno-deprecated-register -D_REENTRANT -g -O2 -std=c++11 -MT nis_support.o -MD -MP -MF .deps/nis_support.Tpo -c -o nis_support.o ../../../../helpers/basic_auth/NIS/nis_support.cc mv -f .deps/basic_nis_auth.Tpo .deps/basic_nis_auth.Po mv -f .deps/nis_support.Tpo .deps/nis_support.Po /bin/sh ../../../libtool --tag=CXX --mode=link ccache clang++ -Werror -Qunused-arguments -Wno-deprecated-register
[squid-dev] Build failed in Jenkins: anybranch-wholefarm-matrix ยป gcc,d-ubuntu-utopic #115
See http://build.squid-cache.org/job/anybranch-wholefarm-matrix/compiler=gcc,label=d-ubuntu-utopic/115/ -- [...truncated 57186 lines...] make[2]: Entering directory 'http://build.squid-cache.org/job/anybranch-wholefarm-matrix/compiler=gcc,label=d-ubuntu-utopic/ws/btlayer-05-nodeps-esi/squid-3.3.13-BZR/_build/src' Making uninstall in base make[3]: Entering directory 'http://build.squid-cache.org/job/anybranch-wholefarm-matrix/compiler=gcc,label=d-ubuntu-utopic/ws/btlayer-05-nodeps-esi/squid-3.3.13-BZR/_build/src/base' make[3]: Nothing to be done for 'uninstall'. make[3]: Leaving directory 'http://build.squid-cache.org/job/anybranch-wholefarm-matrix/compiler=gcc,label=d-ubuntu-utopic/ws/btlayer-05-nodeps-esi/squid-3.3.13-BZR/_build/src/base' Making uninstall in anyp make[3]: Entering directory 'http://build.squid-cache.org/job/anybranch-wholefarm-matrix/compiler=gcc,label=d-ubuntu-utopic/ws/btlayer-05-nodeps-esi/squid-3.3.13-BZR/_build/src/anyp' make[3]: Nothing to be done for 'uninstall'. make[3]: Leaving directory 'http://build.squid-cache.org/job/anybranch-wholefarm-matrix/compiler=gcc,label=d-ubuntu-utopic/ws/btlayer-05-nodeps-esi/squid-3.3.13-BZR/_build/src/anyp' Making uninstall in comm make[3]: Entering directory 'http://build.squid-cache.org/job/anybranch-wholefarm-matrix/compiler=gcc,label=d-ubuntu-utopic/ws/btlayer-05-nodeps-esi/squid-3.3.13-BZR/_build/src/comm' make[3]: Nothing to be done for 'uninstall'. make[3]: Leaving directory 'http://build.squid-cache.org/job/anybranch-wholefarm-matrix/compiler=gcc,label=d-ubuntu-utopic/ws/btlayer-05-nodeps-esi/squid-3.3.13-BZR/_build/src/comm' Making uninstall in eui make[3]: Entering directory 'http://build.squid-cache.org/job/anybranch-wholefarm-matrix/compiler=gcc,label=d-ubuntu-utopic/ws/btlayer-05-nodeps-esi/squid-3.3.13-BZR/_build/src/eui' make[3]: Nothing to be done for 'uninstall'. make[3]: Leaving directory 'http://build.squid-cache.org/job/anybranch-wholefarm-matrix/compiler=gcc,label=d-ubuntu-utopic/ws/btlayer-05-nodeps-esi/squid-3.3.13-BZR/_build/src/eui' Making uninstall in acl make[3]: Entering directory 'http://build.squid-cache.org/job/anybranch-wholefarm-matrix/compiler=gcc,label=d-ubuntu-utopic/ws/btlayer-05-nodeps-esi/squid-3.3.13-BZR/_build/src/acl' make[3]: Nothing to be done for 'uninstall'. make[3]: Leaving directory 'http://build.squid-cache.org/job/anybranch-wholefarm-matrix/compiler=gcc,label=d-ubuntu-utopic/ws/btlayer-05-nodeps-esi/squid-3.3.13-BZR/_build/src/acl' Making uninstall in format make[3]: Entering directory 'http://build.squid-cache.org/job/anybranch-wholefarm-matrix/compiler=gcc,label=d-ubuntu-utopic/ws/btlayer-05-nodeps-esi/squid-3.3.13-BZR/_build/src/format' make[3]: Nothing to be done for 'uninstall'. make[3]: Leaving directory 'http://build.squid-cache.org/job/anybranch-wholefarm-matrix/compiler=gcc,label=d-ubuntu-utopic/ws/btlayer-05-nodeps-esi/squid-3.3.13-BZR/_build/src/format' Making uninstall in fs make[3]: Entering directory 'http://build.squid-cache.org/job/anybranch-wholefarm-matrix/compiler=gcc,label=d-ubuntu-utopic/ws/btlayer-05-nodeps-esi/squid-3.3.13-BZR/_build/src/fs' make[3]: Nothing to be done for 'uninstall'. make[3]: Leaving directory 'http://build.squid-cache.org/job/anybranch-wholefarm-matrix/compiler=gcc,label=d-ubuntu-utopic/ws/btlayer-05-nodeps-esi/squid-3.3.13-BZR/_build/src/fs' Making uninstall in repl make[3]: Entering directory 'http://build.squid-cache.org/job/anybranch-wholefarm-matrix/compiler=gcc,label=d-ubuntu-utopic/ws/btlayer-05-nodeps-esi/squid-3.3.13-BZR/_build/src/repl' make[3]: Nothing to be done for 'uninstall'. make[3]: Leaving directory 'http://build.squid-cache.org/job/anybranch-wholefarm-matrix/compiler=gcc,label=d-ubuntu-utopic/ws/btlayer-05-nodeps-esi/squid-3.3.13-BZR/_build/src/repl' Making uninstall in auth make[3]: Entering directory 'http://build.squid-cache.org/job/anybranch-wholefarm-matrix/compiler=gcc,label=d-ubuntu-utopic/ws/btlayer-05-nodeps-esi/squid-3.3.13-BZR/_build/src/auth' Making uninstall in basic make[4]: Entering directory 'http://build.squid-cache.org/job/anybranch-wholefarm-matrix/compiler=gcc,label=d-ubuntu-utopic/ws/btlayer-05-nodeps-esi/squid-3.3.13-BZR/_build/src/auth/basic' make[4]: Nothing to be done for 'uninstall'. make[4]: Leaving directory 'http://build.squid-cache.org/job/anybranch-wholefarm-matrix/compiler=gcc,label=d-ubuntu-utopic/ws/btlayer-05-nodeps-esi/squid-3.3.13-BZR/_build/src/auth/basic' Making uninstall in ntlm make[4]: Entering directory 'http://build.squid-cache.org/job/anybranch-wholefarm-matrix/compiler=gcc,label=d-ubuntu-utopic/ws/btlayer-05-nodeps-esi/squid-3.3.13-BZR/_build/src/auth/ntlm' make[4]: Nothing to be done for 'uninstall'. make[4]: Leaving directory 'http://build.squid-cache.org/job/anybranch-wholefarm-matrix/compiler=gcc,label=d-ubuntu-utopic/ws/btlayer-05-nodeps-esi/squid-3.3.13-BZR/_build/src/auth/ntlm' Making uninstall in negotiate make[4]:
Re: [squid-dev] [PATCH] adapting 100-Continue / A Bug 4067 fix
On 01/01/2015 01:47 AM, Alex Rousskov wrote: On 11/09/2014 02:02 PM, Tsantilas Christos wrote: void Http::Server::processParsedRequest(ClientSocketContext *context) { +if (!buildHttpRequest(context)) +return; + +if (Config.accessList.forceRequestBodyContinuation) { +ClientHttpRequest *http = context-http; +HttpRequest *request = http-request; +ACLFilledChecklist bodyContinuationCheck(Config.accessList.forceRequestBodyContinuation, request, NULL); +if (bodyContinuationCheck.fastCheck() == ACCESS_ALLOWED) { +debugs(33, 5, Body Continuation forced); +request-forcedBodyContinuation = true; The HTTP code above sends 100-Continue responses to HTTP GET messages unless the admin is very careful with the ACLs. This can be reproduced trivially with force_request_body_continuation allow all We should not evaluate force_request_body_continuation if the request does not have a body IMO. The force_request_body_continuation documentation makes that option specific to upload requests. If you agree, please adjust the committed code accordingly. :-( I am attaching a patch which fixes this. The patch attached in both normal form and -b diff option to allow squid developers examine the proposed changes. In my patch I am moving the check for Expect: 100-Continue header from clientProcessRequest() (located in client_side.cc file), which checks for valid Expect header values, to Http::Server::processParsedRequest method to minimise the required checks. I believe this relocation is valid because this check is needed only for HTTP protocol. For FTP protocol the Expect header is generated by squid and is not possible to include not supported values. Alternately we can just check if Expect: 100-continue header exist inside Http::Server::processParsedRequest. The similar FTP check seems to be inside the upload-specific code and, hence, should not need additional do we expect a body? guards. Yep. Thank you, Alex. === modified file 'src/client_side.cc' --- src/client_side.cc 2015-01-01 08:57:18 + +++ src/client_side.cc 2015-01-07 11:28:41 + @@ -2605,23 +2605,6 @@ return; } -if (request-header.has(HDR_EXPECT)) { -const String expect = request-header.getList(HDR_EXPECT); -const bool supportedExpect = (expect.caseCmp(100-continue) == 0); -if (!supportedExpect) { -clientStreamNode *node = context-getClientReplyContext(); -clientReplyContext *repContext = dynamic_castclientReplyContext *(node-data.getRaw()); -assert (repContext); -conn-quitAfterError(request.getRaw()); -repContext-setReplyToError(ERR_INVALID_REQ, Http::scExpectationFailed, request-method, http-uri, -conn-clientConnection-remote, request.getRaw(), NULL, NULL); -assert(context-http-out.offset == 0); -context-pullData(); -clientProcessRequestFinished(conn, request); -return; -} -} - clientSetKeepaliveFlag(http); // Let tunneling code be fully responsible for CONNECT requests if (http-request-method == Http::METHOD_CONNECT) { === modified file 'src/servers/HttpServer.cc' --- src/servers/HttpServer.cc 2014-12-20 12:12:02 + +++ src/servers/HttpServer.cc 2015-01-07 11:18:41 + @@ -248,10 +248,29 @@ if (!buildHttpRequest(context)) return; -if (Config.accessList.forceRequestBodyContinuation) { ClientHttpRequest *http = context-http; -HttpRequest *request = http-request; -ACLFilledChecklist bodyContinuationCheck(Config.accessList.forceRequestBodyContinuation, request, NULL); +HttpRequest::Pointer request = http-request; + +if (request-header.has(HDR_EXPECT)) { +const String expect = request-header.getList(HDR_EXPECT); +const bool supportedExpect = (expect.caseCmp(100-continue) == 0); +if (!supportedExpect) { +clientStreamNode *node = context-getClientReplyContext(); +quitAfterError(request.getRaw()); +// setLogUri should called before repContext-setReplyToError +setLogUri(http, urlCanonicalClean(request.getRaw())); +clientReplyContext *repContext = dynamic_castclientReplyContext *(node-data.getRaw()); +assert (repContext); +repContext-setReplyToError(ERR_INVALID_REQ, Http::scExpectationFailed, request-method, http-uri, +clientConnection-remote, request.getRaw(), NULL, NULL); +assert(context-http-out.offset == 0); +context-pullData(); +clientProcessRequestFinished(this, request); +return; +} + +if (Config.accessList.forceRequestBodyContinuation) { +ACLFilledChecklist bodyContinuationCheck(Config.accessList.forceRequestBodyContinuation, request.getRaw(),