Re: [squid-dev] [PATCH] OSX transparent-proxy using pfctl

On 09/29/2016 01:12 PM, Shively, Gregory wrote: > Sometimes these mailing lists make me think like I'm talking to one > person :-). Glad we all sound coherent to you :-)! > ERROR: files left in build directory after distclean: > ./src/cf_gen.dSYM/Contents/Info.plist >

Re: [squid-dev] [PATCH] Faster SBuf::append

On 10/06/2016 10:57 AM, Amos Jeffries wrote: > Please add a check to the unit test testSBuf::testAppendSBuf() > to guarantee that the (*this = S) assignment code path updates the store > reference count rather than doing a bit-wise copy of the SBuf. I support that addition but do not have the

[squid-dev] Bug 4527: Missing MemObject::storeId value

On 10/05/2016 11:17 AM, Amos Jeffries wrote: > ideally also a fix for the missing storeId() bug that has shown up in > 3.5 - if there is anything like a solution in the works for that. I > expect it was the Last-Modified backports. Do you expect it was v3.5 r14090 (the Last-Modified backport)?

[squid-dev] [PATCH] Faster SBuf::append

Hello, The attached optimization patch was inspired be reviewing the following code: > Parser::parse(const SBuf ) ... > if (preservedData_.isEmpty()) > preservedData_ = aBuf; // avoid needless memory allocation > else > preservedData_.append(aBuf); Supporting this kind of

Re: [squid-dev] [RFC] dns_wait_for_all

On 09/14/2016 07:26 PM, Amos Jeffries wrote: > On 15/09/2016 8:15 a.m., Alex Rousskov wrote: >> Any better ideas or objections to adding dns_wait_for_all? > In principle okay. However, I was intending to redesign the object we > store DNS RR results in to achieve this is a

Re: [squid-dev] [RFC] dns_wait_for_all

On 09/20/2016 04:41 AM, Amos Jeffries wrote: > On 16/09/2016 3:35 a.m., Alex Rousskov wrote: >> On 09/15/2016 03:50 AM, Amos Jeffries wrote: >>> The serverDestinations not changing (yet). >> I am pretty sure we have to change that field to implement >> dns_wait_f

Re: [squid-dev] FYI: trunk ContextPtr changes

On 09/18/2016 08:04 PM, Amos Jeffries wrote: > I have split the work into batches to prevent it being one huge hairy > change diff that nobody can read. AFAICT, the correct way to achieve your goals is to merge a branch containing those "batches" as commits. That way, you get a single top-level

[squid-dev] [PATCH] Bug 3819: "fd >= 0" assertion in file_write() during reconfiguration

Hello, The attached trunk patch fixes bug 3819 in our tests. Please note that the underlying problem may lead to other assertions, including "NumberOfUFSDirs" in UFSSwapDir and "fd >= 0" in file_close(). Since trunk r9181.3.1, reconfiguration is done in at least two steps: First,

Re: [squid-dev] [PATCH] Bug 3819: "fd >= 0" assertion in file_write() during reconfiguration

On 09/20/2016 04:10 AM, Amos Jeffries wrote: > On 20/09/2016 9:52 a.m., Alex Rousskov wrote: >> The attached trunk patch fixes bug 3819 in our tests. > +1. Thank you. Committed with one additional fix to trunk (r14815 and r14816). The bug report has a v3.5 patch providing the sa

Re: [squid-dev] [PATCH] Bug 3819: "fd >= 0" assertion in file_write() during reconfiguration

On 09/20/2016 11:58 AM, Alex Rousskov wrote: > On 09/20/2016 04:10 AM, Amos Jeffries wrote: >> On 20/09/2016 9:52 a.m., Alex Rousskov wrote: >>> The attached trunk patch fixes bug 3819 in our tests. > >> +1. Thank you. > > Committed with one additiona

Re: [squid-dev] [PATCH] Older response must not update

On 08/25/2016 08:18 AM, Eduard Bagdasaryan wrote: > 2016-08-24 18:20 GMT+03:00 Amos Jeffries : > >> in src/LogTags.cc: >> * instead of adding new enum entry please extend LogTags with a new bool >> flag and the c_str() to append the "IGNORED" when that flag is true. > Added

Re: [squid-dev] [PATCH] Incorrect processing of long URIs

On 08/25/2016 10:26 AM, Amos Jeffries wrote: > About > the only further optimization we can do there is make the > "CharacterSet::SP" that it outputs in the sensitive path be a local > static *within* DelimiterCharacters() itself and return a reference to > that instead of constructing a new

Re: [squid-dev] [PATCH] Revalidate without Last-Modified

On 08/25/2016 04:04 AM, Eduard Bagdasaryan wrote: > Therefore, we could use the timestamp if Last-Modified is unavailable. I do not understand why the patch hides the lastmod field behind a basic getter. If we assert that a timestamp-based last modification value should be used in many cases,

Re: [squid-dev] [PATCH] Incorrect processing of long URIs

On 08/25/2016 10:26 AM, Amos Jeffries wrote: > 2016-08-23 17:50 GMT+03:00 Alex Rousskov: >> I wonder whether we should make this variable static to avoid repeated >> function calls on a performance-sensitive code path. > The output of DelimiterCharacters() cannot be stored i

Re: [squid-dev] [PATCH] Revalidate without Last-Modified

On 08/27/2016 08:33 AM, Amos Jeffries wrote: > If the response Squid would emit to the client proxy would contain a > synthesized Last-Modified header - then the same synthetic value should > be sent in HTCP. I agree with that decision logic. > I think Squid should be emitting a synthetic L-M

Re: [squid-dev] [PATCH] Revalidate without Last-Modified

On 08/27/2016 05:22 AM, Eduard Bagdasaryan wrote: > 2016-08-25 18:52 GMT+03:00 Alex Rousskov > <rouss...@measurement-factory.com>: > >> 3. Sending an HTCP message to another service. >> >> > -hdr.putTime(Http::HdrType::LAST_MODIFIED, e->lastmod);

Re: [squid-dev] [PATCH] Older response must not update

On 08/27/2016 08:23 AM, Amos Jeffries wrote: > On 26/08/2016 5:05 a.m., Alex Rousskov wrote: >> I recommend renaming and re-documenting that subclass: >> >> /// Things that may happen to a transaction while it is being >> /// processed according to its LOG_* cat

Re: [squid-dev] [PATCH] Incorrect processing of long URIs

On 08/23/2016 03:26 AM, Eduard Bagdasaryan wrote: > 2016-08-23 3:08 GMT+03:00 Alex Rousskov: >> I do not understand why you decided to use maxMethodLength in >> parseRequestFirstLine(). AFAICT, parseMethodField() already does >> everything we need: It logs an error message and

Re: [squid-dev] [PATCH] Incorrect processing of long URIs

On 08/24/2016 08:30 AM, Amos Jeffries wrote: > On 25/08/2016 12:36 a.m., Eduard Bagdasaryan wrote: >> 2016-08-23 18:01 GMT+03:00 Alex Rousskov: >> >>> invalid request-line: missing delimiter before "HTTP/1" >> >> In order to generate "where&quo

Re: [squid-dev] [PATCH] Incorrect processing of long URIs

On 08/24/2016 06:36 AM, Eduard Bagdasaryan wrote: > 2016-08-23 18:01 GMT+03:00 Alex Rousskov > <rouss...@measurement-factory.com>: > >> invalid request-line: missing delimiter before "HTTP/1" > > In order to generate "where" with such detalization

Re: [squid-dev] [PATCH] Older response must not update

On 08/24/2016 09:20 AM, Amos Jeffries wrote: > in src/HttpReply.h: > * please use doxygen syntax "\returns" instead of "returns" in the > comment text. No objection, but please note that the "returns..." phrase in isolation does not fully describe what the method returns in this case. Only the

Re: [squid-dev] [PATCH] OSX transparent-proxy using pfctl

On 09/30/2016 09:04 AM, Shively, Gregory wrote: > How about I get rid of the loop all together All other factors being equal, a single statement is better than a loop with a similar statement inside. > - I should be > only getting one line from pfctl, and if the parsing fails -I should >

Re: [squid-dev] [PATCH] polish Config2 using C++11 features

On 09/30/2016 09:38 AM, Amos Jeffries wrote: > We now seem to have had several patches successfully use members > declared with default values and/or with the "*this = Foo();" shortcut > for a reset/clear method. The *this assignment works for pre-C++11 v3.5 as well. The default values will not

Re: [squid-dev] [PATCH] OSX transparent-proxy using pfctl

On 09/30/2016 10:37 AM, Amos Jeffries wrote: > Please make sure that your code debugs() dumps the full pfctl line(s) > received at level DBG_DATA, and (only) on errors the relevant bit at a > higher level like 2 or 3 - the other functions debug output can give This approach is outdated because

Re: [squid-dev] [RFC] Support concurrent SBuf::c_str() calls

On 09/29/2016 09:19 PM, Amos Jeffries wrote: > On 30/09/2016 5:03 a.m., Alex Rousskov wrote: >> Should we remove the increment to make concurrent c_str() calls safe? > The reason it exists remember is to prevent other SBuf sharing that > storage MemBuf from thinking they can append

Re: [squid-dev] [PATCH] polish Config2 using C++11 features

On 09/30/2016 10:58 AM, Amos Jeffries wrote: > On 1/10/2016 5:09 a.m., Alex Rousskov wrote: >> On 09/30/2016 09:38 AM, Amos Jeffries wrote: >>> So I think we can start using these to replace old C-style >>> initialization and clear() functions. >> Agreed. I wonde

Re: [squid-dev] [RFC] Support concurrent SBuf::c_str() calls

On 10/02/2016 11:51 PM, Amos Jeffries wrote: > On 3/10/2016 1:03 p.m., Alex Rousskov wrote: >> On 10/02/2016 03:25 PM, Kinkie wrote: >>> On Fri, Sep 30, 2016 at 6:03 PM, Alex Rousskov >>>> Overall, I know of three primary ways to implement c_str(): >>>> &g

Re: [squid-dev] [RFC] Support concurrent SBuf::c_str() calls

On 10/02/2016 03:25 PM, Kinkie wrote: > On Fri, Sep 30, 2016 at 6:03 PM, Alex Rousskov > <rouss...@measurement-factory.com> wrote: >> On 09/29/2016 09:19 PM, Amos Jeffries wrote: >>> On 30/09/2016 5:03 a.m., Alex Rousskov wrote: >>>> Should we remove the inc

Re: [squid-dev] [PATCH] OSX transparent-proxy using pfctl

On 09/29/2016 03:48 PM, Shively, Gregory wrote: >>> I wasn't sure if I should handle it or let it flow up, since if it was >>> in an overflow state I would doubt I could handle this packet, but >>> maybe the next connection would be successful. >> I recommend temporary adding an exception with

Re: [squid-dev] [PATCH] cleanup removal of needless get()

On 09/30/2016 11:05 PM, Amos Jeffries wrote: > The SSL code in particular contains a lot of calls to the get() on > various Pointer objects from the general code. > > Now that C++11 gives our Pointer better boolean operators, and > dereference oerators have been added. A bunch of these calls are

Re: [squid-dev] [PATCH] polish Config2 using C++11 features

On 09/30/2016 10:55 PM, Amos Jeffries wrote: > On 1/10/2016 6:10 a.m., Alex Rousskov wrote: >> On 09/30/2016 10:58 AM, Amos Jeffries wrote: >>> On 1/10/2016 5:09 a.m., Alex Rousskov wrote: >>>> On 09/30/2016 09:38 AM, Amos Jeffries wrote: >>>>> So I th

Re: [squid-dev] [PATCH] Refactor wordlist to SBufList in acl/RegexData

On 10/26/2016 05:18 PM, Kinkie wrote: >>> the attached patch refactors the use of wordlist to SBufList in >>> acl/RegexData.cc > -while (wl != NULL) { > +for (SBuf i : sl) { If possible, please avoid creating new SBufs by declaring "i" to be a constant reference to SBuf. It is probably

Re: [squid-dev] [RFC] support Cache-Control:immutable

On 10/26/2016 05:45 PM, Amos Jeffries wrote: > This new cache control extension being proposed by Mozilla looks like it > will be quite useful to us as well as browsers. > > > > I would like to jump in this early and make Squid-4 be one of

Re: [squid-dev] [PATCH] Support tunneling of bumped non-HTTP traffic. Other SslBump fixes.

On 10/28/2016 07:54 AM, Christos Tsantilas wrote: > On 10/28/2016 01:11 PM, Amos Jeffries wrote: >> On 21/10/2016 3:55 a.m., Christos Tsantilas wrote: >>> Support tunneling of bumped non-HTTP traffic. Other SslBump fixes. >> Are any of these additional fixes able to be easily broken out into >>

Re: [squid-dev] [PATCH] Faster SBuf::append

On 11/04/2016 08:22 AM, Amos Jeffries wrote: > On 7/10/2016 6:20 a.m., Alex Rousskov wrote: >> On 10/06/2016 10:57 AM, Amos Jeffries wrote: >> >>> Please add a check to the unit test testSBuf::testAppendSBuf() >>> to guarantee that the (*this = S) assig

Re: [squid-dev] [PATCH] Extend SBufContainerJoin to have prefix and suffix arguments

On 11/06/2016 01:15 AM, Kinkie wrote: >>> +dest.reserveSpace(prefix.length() + totalContainerSize + >>> suffix.length()); >> >> Please note that v4 still allocates memory according to my last >> experiment. See JoinContainerIntoSBuf3() which mimics your patch v4. You >> may claim that the

Re: [squid-dev] [PATCH] ssl::server_name ACL badly broken since inception (trunk r14008).

On 10/28/2016 02:39 AM, Christos Tsantilas wrote: > I am attaching the squid-3.5 version of the patch. Amos, will you commit this fix to the v3.5 branch? Thank you, Alex. > On 10/27/2016 12:46 AM, Amos Jeffries wrote: >> On 21/10/2016 5:18 a.m., Christos Tsantilas wrote: >>> >>> The

Re: [squid-dev] [PATCH] ICAP trailer support

On 11/09/2016 08:16 AM, Amos Jeffries wrote: > On 9/11/2016 3:05 a.m., Eduard Bagdasaryan wrote: >> Also simplified and fixed headers isolating code while dealing with >> empty (i.e. zero header fields) headers. Old httpMsgIsolateHeaders() >> tried to re-implement header end detection/processing

[squid-dev] [PATCH] Fixed v3.5 bare eCAP build

Hi Amos, The attached patch is for v3.5. Trunk has the same fix in r14884. TODO: Adjust automated build tests to test bare eCAP configuration (i.e., eCAP without ICAP). HTH, Alex. Fixed v3.5 r14082 build with eCAP but without ICAP support. That is, when ./configured with --enable-ecap

Re: [squid-dev] Template methods inside normal classes

On 10/18/2016 09:52 AM, Christos Tsantilas wrote: > Is it valid to use template methods inside normal classes for squid? Yes (until we learn that some compilers choke on them). IIRC, I even had some patches that use them but perhaps they have not been posted or committed yet. Needless to say,

Re: [squid-dev] Squid 3.5.23: crash in Comm::DoSelect

On 10/18/2016 03:44 AM, oleg gv wrote: > nfds=284, so loop ends on 283 and pfds[283] is buggy > I/o module is src/comm/ModPoll.cc, method Comm::DoSelect(int msec) > On stack we see that pfds[SQUID_MAXFD=256], so is less than nfds in loop. > May be malloc nfds? If your maxfd is bigger than

Re: [squid-dev] [PATCH] Support tunneling of bumped non-HTTP traffic. Other SslBump fixes.

On 10/17/2016 10:56 PM, Amos Jeffries wrote: > On 18/10/2016 7:54 a.m., Christos Tsantilas wrote: >> On 10/17/2016 05:42 PM, Alex Rousskov wrote: >>> On 10/17/2016 01:57 AM, Christos Tsantilas wrote: >>>> On 10/14/2016 02:30 PM, Marcus Kool wrote: >>>>&

Re: [squid-dev] [PATCH] Support tunneling of bumped non-HTTP traffic. Other SslBump fixes.

On 10/19/2016 08:49 AM, Christos Tsantilas wrote: > I am attaching a new patch. I would like to discuss two issues: * Logging of scheme-less URLs > This is defines a new proto the PROTO_TCP, and for this prints the url > in the form host:port. The PROTO_TCP name sounds bad because we may want

Re: [squid-dev] [PATCH] Rework acl/RegexData optimization to use SBufList

On 11/13/2016 11:02 PM, Amos Jeffries wrote: > On 14/11/2016 6:36 p.m., Alex Rousskov wrote: >> On 11/13/2016 10:15 PM, Amos Jeffries wrote: >> >>> I think we should accumulate into two SBufList instead, one for -i and >>> one for +i instead of switching bac

Re: [squid-dev] [RFC] simplifying ssl_bump complexity

On 11/19/2016 07:06 PM, Amos Jeffries wrote: > On 20/11/2016 12:08 p.m., Marcus Kool wrote: >> The current ssl bump steps allow problematic configs where Squid >> bumps or stares in one step and to splice in an other step, >> which can be resolved (made impossible) in a new configuration syntax.

Re: [squid-dev] [RFC] simplifying ssl_bump complexity

On 11/19/2016 03:07 AM, Amos Jeffries wrote: > I propose going back to the older config style where each step has its > own directive name which self-documents what it does. IIRC, SslBump has never used step-specific directives: First implementations applied all ssl_bump actions during step1 and

Re: [squid-dev] [RFC] simplifying ssl_bump complexity

On 11/28/2016 06:30 AM, Marcus Kool wrote: > On 11/27/2016 11:20 PM, Alex Rousskov wrote: >> It would be nice to prohibit truly impossible actions at the syntax >> level, but I suspect that the only way to make that possible is to focus >> on final actions [instead of steps]

Re: [squid-dev] g++ 4.8.x and std::regex problems

On 11/25/2016 06:39 AM, Amos Jeffries wrote: > On 25/11/2016 11:50 p.m., Christos Tsantilas wrote: >> I have problems to run latest squid-5. The reason looks that it is the >> r14954, which removes old GnuRegex and uses the std::regex API. >> >> The std::regex supported from gcc-4.9 and latest

Re: [squid-dev] g++ 4.8.x and std::regex problems

On 11/28/2016 07:29 PM, Amos Jeffries wrote: > GCC 4.8 is not capable of building correctly operating Squid-4 You have said that before, but in all such cases that I remember, the reality was actually different. I do not know if something has changed in v4 within the past month or so [but any

Re: [squid-dev] [PATCH] auth_schemes directive

On 11/19/2016 02:15 AM, Amos Jeffries wrote: > On 19/11/2016 12:56 p.m., Eduard Bagdasaryan wrote: >> This patch introduces a new 'auth_schemes' squid.conf directive. >> >> This directive may be used to customize authentication >> schemes presence and order in Squid's HTTP 401 (Unauthorized) and

Re: [squid-dev] [PATCH] Extend SBufContainerJoin to have prefix and suffix arguments

On 11/11/2016 01:30 AM, Kinkie wrote: > On Fri, Nov 11, 2016 at 5:02 AM, Amos Jeffries wrote: >> On 11/11/2016 9:28 a.m., Kinkie wrote: >>> >>> v4 attached. >>> >> >> Does it have to take begin() and end() iterators explicitly? >> can we not have it take the container

Re: [squid-dev] [PATCH] Rework acl/RegexData optimization to use SBufList

On 11/13/2016 10:15 PM, Amos Jeffries wrote: > I think we should accumulate into two SBufList instead, one for -i and > one for +i instead of switching back and forth with potentially lots of > little patterns. Would not forcing regexes into two different groups change the regex evaluation order

Re: [squid-dev] [PATCH] Rework acl/RegexData optimization to use SBufList

On 11/13/2016 05:11 PM, Kinkie wrote: > the attached patch moves away from hand-rolling a c-string onto > joining a SBufList for optimizing regexes in RegexData.cc. > You can find attached as a test case the output of squidclient > mgr:config taken on trunk and on the submitted code. It is

Re: [squid-dev] Squid 3.5.23: crash in Comm::DoSelect

values to 1024, hope it helps to > fix bug in squid. Yes, keeping all limits in sync may work around the bug. Alex. > 2016-10-18 17:48 GMT+03:00 Alex Rousskov: > > On 10/18/2016 03:44 AM, oleg gv wrote: > > > nfds=284, so loop ends on 283 and pfds[283] is buggy > &

Re: [squid-dev] [PATCH] Extend SBufContainerJoin to have prefix and suffix arguments

On 11/01/2016 02:02 PM, Kinkie wrote: > the attached patch extends SBufContainerJoin to have prefix and > suffix arguments. This can support a use-case which I found in the > current ACLRegexData work I'm following, where we need to transform > {"foo", "bar", "gazonk"} > into >

Re: [squid-dev] [PATCH] Extend SBufContainerJoin to have prefix and suffix arguments

On 11/03/2016 03:19 PM, Kinkie wrote: > On Tue, Nov 1, 2016 at 8:47 PM, Alex Rousskov wrote: >> On 11/01/2016 02:02 PM, Kinkie wrote: >>> the attached patch extends SBufContainerJoin to have prefix and >>> suffix arguments. >> I recommend reworking this by

Re: [squid-dev] [PATCH] Extend SBufContainerJoin to have prefix and suffix arguments

On 11/04/2016 01:12 AM, Kinkie wrote: > On Thu, Nov 3, 2016 at 10:55 PM, Alex Rousskov > <rouss...@measurement-factory.com> wrote: >> On 11/03/2016 03:19 PM, Kinkie wrote: >>> On Tue, Nov 1, 2016 at 8:47 PM, Alex Rousskov wrote: >>>> On 11/01/2016 02:02 PM, K

Re: [squid-dev] bzr -> git?

On 10/16/2016 06:36 PM, Kinkie wrote: > I'm currently trying to use recent advancements in Jenkins to > improve our QA via gated commits to trunk. > This raises (again) the issue of bazaar versus git. Remaining on > bazaar is getting more and more painful, as tools such as jenkins > focus on

Re: [squid-dev] Fix If-None-Match processing and related bug 4169

On 11/29/2016 02:23 PM, Amos Jeffries wrote: > On 30/11/2016 1:47 a.m., Garri Djavadyan wrote: >> On Tue, 2016-11-29 at 14:51 +0500, Garri Djavadyan wrote: >>> Hello, >>> >>> Please review the attached patch prepared for r14958, it fixes the >>> If- >>> None-Match processing (incorrect logging

Re: [squid-dev] [RFC] simplifying ssl_bump complexity

On 11/28/2016 03:26 PM, Marcus Kool wrote: > The comment was about the fact that determination if data from a client > is a syntactically valid ClientHello message should be quick Unfortunately, it is not a fact. In simple cases, you are right (which is why Squid v4 already uses a two-stage

Re: [squid-dev] g++ 4.8.x and std::regex problems

On 11/29/2016 11:22 AM, Amos Jeffries wrote: > On 29/11/2016 4:40 p.m., Alex Rousskov wrote: >> On 11/28/2016 07:29 PM, Amos Jeffries wrote: >>> GCC 4.8 is not capable of building correctly operating Squid-4 >> >> You have said that before, but in all such cases t

[squid-dev] Broken SSL build

Hello, Jenkins has been complaining for a while about SSL-related compilation problems such as > http://build.squid-cache.org/job/5-matrix/compiler=gcc,label=d-debian-unstable/ > ../../../../src/ssl/support.cc:473:96: error: invalid conversion from 'int > (*)(CRYPTO_EX_DATA*,

Re: [squid-dev] Broken SSL build

d. Thank you. I will ignore these build failures until bug 4599 is closed. Alex. > On 08/12/2016 08:07 μμ, Alex Rousskov wrote: >> Hello, >> >> Jenkins has been complaining for a while about SSL-related >> compilation problems such as >> >>> http://build

Re: [squid-dev] [PATCH] auth_schemes directive

On 12/08/2016 09:38 PM, Amos Jeffries wrote: >> Custom actions patch applied as squid-5-14971. > PS, also applied for 4.0.17 Which v4 revision? I do not see it after bzr update of that branch and and it does not seem to be present at https://code.launchpad.net/~squid/squid/4 Thank you, Alex.

Re: [squid-dev] [PATCH] auth_schemes directive

On 12/08/2016 09:37 PM, Amos Jeffries wrote: > On 9/12/2016 5:03 p.m., Alex Rousskov wrote: >> On 12/08/2016 06:39 PM, Amos Jeffries wrote: >>> On 6/12/2016 10:57 a.m., Eduard Bagdasaryan wrote: >>>> Attached two patches for v5 after splitting. >>> Thank you

Re: [squid-dev] [PATCH] auth_schemes directive

On 12/08/2016 06:39 PM, Amos Jeffries wrote: > On 6/12/2016 10:57 a.m., Eduard Bagdasaryan wrote: >> >> Attached two patches for v5 after splitting. Please apply >> SQUID-242-refactor-custom-acl-actions-cfg-t1.patch first. >> > > Thank you. Custom actions patch applied as squid-5-14971. If there

Re: [squid-dev] [PATCH] SSLv2 records force SslBump bumping despite a matching step2 peek rule.

On 01/12/2017 02:28 PM, Christos Tsantilas wrote: > On 12/01/2017 06:48 μμ, Alex Rousskov wrote: >> On 01/12/2017 08:35 AM, Christos Tsantilas wrote: >>> The patch fixes Squid to peeks (or stares) at the origin server as >>> configured, even if it does not recognize th

Re: [squid-dev] [PATCH] remove USE_CHUNKEDMEMPOOLS

On 01/11/2017 08:29 AM, Amos Jeffries wrote: > On 1/01/2017 6:37 p.m., Amos Jeffries wrote: >> The USE_CHUNKEDMEMPOOLS build-time setting is not very useful and adds >> extra complexity to the build system. Even when set it does not always >> enable chunked pools. The environment variable MEMPOOLS

Re: [squid-dev] [PATCH] SSLv2 records force SslBump bumping despite a matching step2 peek rule.

On 01/12/2017 08:35 AM, Christos Tsantilas wrote: > The patch fixes Squid to peeks (or stares) at the origin server as > configured, even if it does not recognize the client TLS > record/message. s/to peeks (or stares)/to peek (or stare)/ I agree that this is the right thing to do, but I have

Re: [squid-dev] [PATCH] auth_schemes directive

On 11/30/2016 12:06 AM, Alex Rousskov wrote: > Perhaps there is a way to keep the per-scheme access list advantage > without opening the 403 Pandora box and preserving the whole-list > visualization provided by auth_schemes? > > For example, we could support

[squid-dev] Automake bug workaround

Hello, Squid build produces lots of warnings in modern build environments such as Ubuntu 16.04: > make > /dev/null > /usr/bin/ar: `u' modifier ignored since `D' is the default (see `U') > /usr/bin/ar: `u' modifier ignored since `D' is the default (see `U') ... > /usr/bin/ar: `u' modifier

Re: [squid-dev] [PATCH] auth_schemes directive

On 11/29/2016 03:50 PM, Amos Jeffries wrote: > On 28/11/2016 3:34 p.m., Alex Rousskov wrote: >> Or being able to control the order of schemes presented to the user. > Any HTTP client implementation which was coded to be properly compliant > with RFC 2616 and 2617 *will not* ob

Re: [squid-dev] Fix If-None-Match processing and related bug 4169

On 12/04/2016 08:57 PM, Amos Jeffries wrote: > On 5/12/2016 4:05 p.m., Alex Rousskov wrote: >> All these >> conditional headers have the same overall logic: If the answer to the >> "If" question asked by the header field name is "yes", then the header &g

Re: [squid-dev] Fix If-None-Match processing and related bug 4169

On 11/30/2016 08:12 AM, Garri Djavadyan wrote: > I've attached fixed version. > +// If-None-Match did not match; treat as an unconditional hit > +return false; Actually, in this case, If-None-Match matched (i.e., "no one matched" is true). And this is exactly why we can ignore

Re: [squid-dev] Fix If-None-Match processing and related bug 4169

On 11/30/2016 04:44 AM, Garri Djavadyan wrote: > * If-Modified-Since header is ignored if If-None-Match header exists > (RFC7232 compliance) > if (r.header.has(Http::HdrType::IF_NONE_MATCH)) { > +if (e->hasIfNoneMatchEtag(r)) { > +// RFC 7232: If-None-Match recipient

Re: [squid-dev] [PATCH] ServerBump class cleanup

On 11/30/2016 06:34 AM, Amos Jeffries wrote: > This patch is a general cleanup of coding styles and current code > requirements for the ServerBump class. > -void attachServerSSL(SSL *); ///< Sets the server SSL object > +void attachServerSession(const Security::SessionPointer &); ///<

Re: [squid-dev] g++ 4.8.x and std::regex problems

On 11/29/2016 12:46 PM, Amos Jeffries wrote: > It was not just to delay to v5 To avoid similar disasters in the future, please note that any "decision" to "delay until vX" is essentially invalid when there is no consensus regarding vX branching: A promise to delay something until the moment

Re: [squid-dev] [PATCH] auth_schemes directive

On 12/01/2016 11:53 PM, Amos Jeffries wrote: > Not sure if you intended to but you have just done a good CHI test. I do not know what you mean by "CHI test". Googling did not help. > Your wording/layout of that directive has clearly collided with some > other config grammar that user is more

Re: [squid-dev] [PATCH] remove String.cci

On 01/04/2017 07:42 PM, Amos Jeffries wrote: > This patch removes String.cci file, moving the simple methods inline to > the SquidString.h and more complicated others to String.cc. Thank you for doing this long-overdue cleanup. > +/// throws when size() > INT_MAX > +int psize() const {

Re: [squid-dev] [PATCH] remove HttpHdrCc.cci

On 01/05/2017 09:36 PM, Amos Jeffries wrote: > On 2017-01-06 04:34, Alex Rousskov wrote: >> On 01/05/2017 06:22 AM, Amos Jeffries wrote: >>> This patch removes HttpHdrCc.cci file, moving the simple methods inline >>> to the HttpHdrCc.h and more complicated setter to Http

Re: [squid-dev] [PATCH] remove --disable-inline and related macros

On 01/07/2017 07:33 PM, Amos Jeffries wrote: > This now just depends on the client_side_request_cci_remove_mk1.patch > submitted earlier. > > With the .cci files gone there is no longer any use of the SQUID_INLINE > macro. Which in turn removes the need for _USE_INLINE_ macro and then > the

Re: [squid-dev] [PATCH] remove ip/Qos.cci

On 01/07/2017 04:46 AM, Amos Jeffries wrote: > This patch removes ip/Qos.cci file moving its content to ip/QosConfig.cc. > > Also, move the stub file to src/tests/stub_libip.cc and update to use > tests/STUB.h interface. > +bool > +Ip::Qos::Config::isHitTosActive() const > +{ > +return

Re: [squid-dev] RFC Sourcelayout for clientStreams

On 01/09/2017 12:21 AM, Amos Jeffries wrote: > I've been looking at the clientStreams objects and moving them to a > library for the SourceLayout project. > > What I would like feedback on before I go and make a namespace and > library up is whether we want to retain the term "Client Streams" as

Re: [squid-dev] [PATCH] refactor Auth::Config

On 12/20/2016 11:05 AM, Amos Jeffries wrote: > +class Config > +{ > +public: > +/// set of auth_params directives > +Auth::ConfigVector schemes; > + > +/// set of auth_schemes directives > +std::vector schemeLists; > + > +/// the ACL list for auth_schemes directives > +

Re: [squid-dev] [PATCH] initial GnuTLS support for encrypted server connections

On 01/14/2017 10:16 AM, Amos Jeffries wrote: > The Security::SessionPointer is converted to std::shared_ptr. This is > required because GnuTLS does not expose the locking like OpenSSL. Since > we store the SessionPointer to fd_table[].ssl we can always access it > from there one way or another

Re: [squid-dev] [PATCH] VIA creation code duplication

On 03/22/2017 07:20 AM, Amos Jeffries wrote: > On 17/03/2017 6:17 a.m., Alex Rousskov wrote: >> On 03/16/2017 05:15 AM, Amos Jeffries wrote: >> >> >>> Any objections to applying this with this added: >>> >>> // XXX: putStr() still has String

Re: [squid-dev] [RFC] Do not use idle dead peers

On 03/21/2017 10:27 PM, Amos Jeffries wrote: > On 22/03/2017 10:27 a.m., Alex Rousskov wrote: >> This Request For Comments proposes to remove a subtle Squid >> (mis)feature. If you happen to use the corresponding feature, please >> speak up to protect it! If nobody defends

Re: [squid-dev] [PATCH] Fix ext_session_acl to handle - when no argument is passed

On 03/22/2017 06:44 AM, Amos Jeffries wrote: > This is a side effect of the change to using logformat tokens. The > %DATA field is always present now. My understanding is that, after the logformat changes, Squid started appending "-" to the helper query when an external ACL has no parameters.

Re: [squid-dev] [PATCH] Fix ext_session_acl to handle - when no argument is passed

On 03/22/2017 07:53 PM, Amos Jeffries wrote: > This helpers' passive mode does not need to care what the input is, so > long as it is consistent. I do not recommend ignoring input format in hope that ignored input is consistent/acceptable/compatible/etc. However, I am not going to object to any

Re: [squid-dev] on_unsupported_protocol rewrite to support tcp connection relay

On 03/24/2017 04:54 AM, 钱国正 wrote: > I want to know what's the > pinning.serverConnection mean? and what it is used for? Before we dive into low-level details, please allow me to ask an important high-level question. Your answer may render those low-level detail irrelevant: > I want to rewrite

Re: [squid-dev] Rock store stopped accessing discs

On 03/17/2017 09:48 AM, Heiler Bemerguy wrote: > Sadly the same thing occurred again. It seems the hole is deeper lol.. Most likely, it is the same hole. However, the more we panic and jump to conclusions, the deeper that hole below us may look... > I couldn't find any previous messages that

Re: [squid-dev] [PATCH] Honor peer timeouts when forwarding CONNECTs

On 03/16/2017 01:15 AM, Amos Jeffries wrote: > * "start" is an action name and we use it (almost?) exclusively for Job > initiation. By comparison "started" means/implies more clearly a state > or time point. The Tunnel member stores a time point. > - IMO both are bad, but "started" is better

Re: [squid-dev] [PATCH] VIA creation code duplication

On 03/16/2017 05:15 AM, Amos Jeffries wrote: > Any objections to applying this with this added: > > // XXX: putStr() still has String 64KB limits > Must(strVia.length() < 64*1024); No objections from me if you replace the magic constant with a new inlined String::MaxSizeXXX() method. The

Re: [squid-dev] Fwd: [PATCH] for loops modernization

On 03/16/2017 11:00 AM, khaled belhout wrote: > but we need to annotate the some functions with [[noreturn]] attribute like : I do not think such annotations belong to the source code. If we add various annotations for various tools, the code readability and maintainability will suffer. AFAIK,

Re: [squid-dev] [PATCH] Fix broken build for ufsdump

On 03/16/2017 01:43 AM, Amos Jeffries wrote: > On 6/03/2017 3:54 p.m., Alex Rousskov wrote: >> On 03/05/2017 12:28 PM, Eduard Bagdasaryan wrote: >>> ufsdump build is broken now [...] >>> This patch fixes this, however I am not sure that >>> does it in a best po

Re: [squid-dev] Support forward unknown protocol using http port which redirected to squid

On 03/17/2017 01:06 AM, 钱国正 wrote: > I am using squid as a transparent proxy in Router, > redirecting data which destination port is 80 to squid, > and it work fine for a long time, just days before, I found there is one > case that will not make the mobile app not work. > > The case is the

Re: [squid-dev] To make squid works in snap world.

On 03/17/2017 02:05 AM, Gary Wang wrote: > I made another change to keep new DEFAULT_IPC_PREFIX > consistent in src/ipc/Port.cc file. >Could you guys help review the MP? >https://code.launchpad.net/~gary-wzl77/squid/ipc_prefix/+merge/318714 I can only repeat what I have already

Re: [squid-dev] Rock store stopped accessing discs

On 03/14/2017 10:43 AM, Heiler Bemerguy wrote: > Em 07/03/2017 20:26, Alex Rousskov escreveu: >> How can a disker response get stuck? Most likely, something unusual >> happened ~13 days ago. This could be a Squid bug and/or a kid restart. > root@proxy:~# ps auxw |grep squid

Re: [squid-dev] Fwd: [PATCH] for loops modernization

On 03/15/2017 08:17 AM, Amos Jeffries wrote: > That said, there are points in the lifecycle which are more friendly to > bg changes. The next one I expect these C++11 changes can even have a > chance is after 3.5 ceases to be a supported version. I agree, especially if "supported" includes "we

Re: [squid-dev] Fwd: [PATCH] for loops modernization

acement noise. In summary: I still do not think these changes are desirable (even in their polished variant), but if others overrule me on that, my comments about the quality of the current changes still apply. Thank you, Alex. > 2017-03-13 14:45 GMT+01:00 Alex Rousskov <rouss...@measur

<    1   2   3   4   5   6   7   8   >