Re: [squid-dev] [PATCH] Make Squid death due to overloaded helpers optional

On 9/08/2016 3:14 a.m., Eduard Bagdasaryan wrote: > This patch allows to configure Squid so that it reject overloaded helper > requests instead of [default] crashing. > > Added on-persistent-overload=action option to helpers. Helper overload > is defined as running with an overflowing queue.

Re: [squid-dev] [PATCH] Broken trunk rev14778

On 9/08/2016 6:01 a.m., Alex Rousskov wrote: > On 08/08/2016 04:43 AM, Amos Jeffries wrote: > >> r14778: Move static member Last into change() method to avoid >> initialization order >> errors when a caller uses a global InstanceId object before the library >>

[squid-dev] [PATCH] Ipc::MemMap::ttl removal

Coverity Scan latest checks are reporting that the ttl member of Ipc::MemMap is being left uninitialized. It sounds like something which would lead to major bugs. Except that it turns out, AFAICS, that this ttl member is never actually being used. Anyone have a reason not to simply drop it from

[squid-dev] [RFC] eCAP auto-enable

IMO, eCAP has pretty much stabilized. Any objections to auto-enabling it whenever available? That would also mean adding it as a builddependency on our farm nodes. So we can explicitly fail build if eCAP code is overlooked in changes like rev.14778. Amos

Re: [squid-dev] [PATCH] GnuTLS session redo

On 6/08/2016 9:41 a.m., Alex Rousskov wrote: > On 08/05/2016 02:13 PM, Amos Jeffries wrote: >> On 6/08/2016 6:37 a.m., Alex Rousskov wrote: >>> On 08/03/2016 11:57 PM, Amos Jeffries wrote: >>>> +Security::SetSessionResumeData(const Security::Session

Re: [squid-dev] Jenkins build is back to normal : trunk-full-matrix » clang,d-debian-unstable #207

On 7/08/2016 12:11 p.m., n...@squid-cache.org wrote: > See > > Hurrah! :-) Amos ___ squid-dev mailing list squid-dev@lists.squid-cache.org

Re: [squid-dev] [PATCH] GnuTLS session redo

On 6/08/2016 6:37 a.m., Alex Rousskov wrote: > On 08/03/2016 11:57 PM, Amos Jeffries wrote: >> +Security::SetSessionResumeData(const Security::SessionPointer , const >> Security::SessionStatePointer ) >> +{ >> +if (data) { >> +#if USE_OPENSSL >&g

Re: [squid-dev] Benchmarking Performance with reuseport

On 4/08/2016 8:48 a.m., Marcus Kool wrote: > https://www.nginx.com/blog/socket-sharding-nginx-release-1-9-1/ > is an interesting short article about using the SO_REUSEPORT socket > option which increased performance of nginx and had better balancing > of connections across sockets of workers. >

Re: [squid-dev] [PATCH] GnuTLS session redo

On 4/08/2016 5:57 p.m., Amos Jeffries wrote: > Attached is an updated version of the TLS session resume patch which was > previously reverted due to a crash issue. > > Trunk no longer needs the implicit conversion that turned out to be > behind that issue. However, I would st

[squid-dev] [PATCH] GnuTLS session redo

Attached is an updated version of the TLS session resume patch which was previously reverted due to a crash issue. Trunk no longer needs the implicit conversion that turned out to be behind that issue. However, I would still like to get this change tested by someone with OpenSSL to confirm that

Re: [squid-dev] [PATCH] Deletors for std::unique_ptr WAS: Re: Broken trunk after r14735

[ This is getign kidn fo personal, so I've taken it off-list, but if you want to stay public feel free to revert that ] On 31/07/2016 5:26 a.m., Alex Rousskov wrote: > On 07/30/2016 07:03 AM, Amos Jeffries wrote: >> On 30/07/2016 6:29 a.m., Alex Rousskov wrote: >>> On 07/29/2

Re: [squid-dev] [PATCH] Fetch missing certificates

On 28/07/2016 1:38 a.m., Amos Jeffries wrote: > On 28/07/2016 1:26 a.m., Christos Tsantilas wrote: >> On 07/27/2016 04:12 PM, Amos Jeffries wrote: >>> Ping. Can this be applied soon please? >> >> I delay applying this patch because of the "crash after r1473

Re: [squid-dev] [PATCH] Deletors for std::unique_ptr WAS: Re: Broken trunk after r14735

On 30/07/2016 6:29 a.m., Alex Rousskov wrote: > On 07/29/2016 09:27 AM, Amos Jeffries wrote: >>>> typedef std::unique_ptr<BIO, std::function<decltype(BIO_free)>> >>>> BIO_Pointer; > >> I got this config parsing crash replicated here and tried a d

[squid-dev] [PATCH] Deletors for std::unique_ptr WAS: Re: Broken trunk after r14735

On 26/07/2016 2:10 a.m., Alex Rousskov wrote: > On 07/24/2016 01:04 AM, Amos Jeffries wrote: > >> does replacing "BIO_free" with "BIO_vfree" in the ssl/gadgets.h >> definition of BIO_POinter fix this one? > > Same startup exception (quoted

Re: [squid-dev] [PATCH] Fetch missing certificates

On 28/07/2016 1:26 a.m., Christos Tsantilas wrote: > On 07/27/2016 04:12 PM, Amos Jeffries wrote: >> Ping. Can this be applied soon please? > > I delay applying this patch because of the "crash after r14735" issue > which does not allow me to run basic tests with the

Re: [squid-dev] [PATCH] Fetch missing certificates

Ping. Can this be applied soon please? Amos ___ squid-dev mailing list squid-dev@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-dev

Re: [squid-dev] [PATCH] Fix ssl use for kerberos_ldap_group

On 25/07/2016 12:35 a.m., Markus Moeller wrote: > Hi Amos, > >I fixed the free_path following your suggestion. > >I run also indent -br -ce -i4 -ci4 -l80 -nlp -npcs -npsl -d0 -sc -di0 > -psl over it as it is C based code. Is that the correct or is there > another tool to format the

Re: [squid-dev] Broken trunk after r14735

On 16/07/2016 7:02 a.m., Alex Rousskov wrote: > > * After r14735 (Replaced TidyPointer with std::unique_ptr), Squid cannot > start due to an "std::bad_function_call" exception. > ... > -- stack traces >> g++ (Ubuntu 4.8.2-19ubuntu1) 4.8.2 > > * bad_function_call exception

Re: [squid-dev] [PATCH] Collapse internal revalidation requests (SMP-unaware caches)

On 21/07/2016 9:20 p.m., Eduard Bagdasaryan wrote: > 2016-07-20 16:21 GMT+03:00 Amos Jeffries: >> Couple of things: >> >> * some of the new methods need to be adjusted to follow the Squid coding >> style. With return-type and opening '{' on different lines to the >&

Re: [squid-dev] [PATCH] Some failed transactions are not logged

Applied to trunk as rev.14752 with some stub additions so "make check" will build. Amos ___ squid-dev mailing list squid-dev@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-dev

Re: [squid-dev] [PATCH] Some failed transactions are not logged

On 21/07/2016 2:44 a.m., Eduard Bagdasaryan wrote: >> 2016-07-20 7:36 GMT+03:00 Amos Jeffries: >>On 20/07/2016 5:01 a.m., Alex Rousskov wrote: >>> On 07/19/2016 08:10 AM, Amos Jeffries wrote: >>>> On 20/07/2016 1:44 a.m., Eduard Bagdasaryan wrote: >>>&

Re: [squid-dev] [PATCH] Collapse internal revalidation requests (SMP-unaware caches)

On 21/07/2016 2:37 a.m., Eduard Bagdasaryan wrote: > 2016-07-20 16:21 GMT+03:00 Amos Jeffries: >> * smpAware() is documented as indicating whether CF is allowed. Yet the >> the new comment inside the loop of Store::Disks::smpAware() seems to be >> saying the opposite. &g

Re: [squid-dev] [PATCH] Fetch missing certificates

Downloader::CbDialer a CallDialer kid. > > > Please also see my comments bellow. > > On 07/14/2016 02:16 PM, Amos Jeffries wrote: >> >> - our coding style places documentation of class 'private' methods in >> the .cc file not the .h. > > ok, I fixed t

Re: [squid-dev] [PATCH] Collapse internal revalidation requests (SMP-unaware caches)

On 18/07/2016 2:05 a.m., Eduard Bagdasaryan wrote: > Hello, > > 2016-07-16 0:50 GMT+03:00 Eduard Bagdasaryan: >> The attachment contains trunk patch version(for r14742) and v3.5 port > (for r14066). > > Reattached patches because of a bugfix. > Couple of things: * some of the new methods need

[squid-dev] [RFC] [PREVIEW] LockingPointer round 3.

On 19/07/2016 7:14 p.m., Amos Jeffries wrote: > On 19/07/2016 6:58 a.m., Christos Tsantilas wrote: >> On 07/18/2016 08:32 PM, Alex Rousskov wrote: > > Dropping the non-locking constructor and forcing explicit resetFoo() is > probably for the best. Though it would not have help

Re: [squid-dev] [PATCH] Some failed transactions are not logged

On 20/07/2016 5:01 a.m., Alex Rousskov wrote: > On 07/19/2016 08:10 AM, Amos Jeffries wrote: >> On 20/07/2016 1:44 a.m., Eduard Bagdasaryan wrote: >>> 2016-07-19 16:17 GMT+03:00 Amos Jeffries: >>>> Is this patch going to include the new config option to prevent logg

Re: [squid-dev] [PATCH] Some failed transactions are not logged

On 20/07/2016 1:44 a.m., Eduard Bagdasaryan wrote: > 2016-07-19 16:17 GMT+03:00 Amos Jeffries: >> Is this patch going to include the new config option to prevent logging >> the new things? or do it in a followup? > > For now we are not planning to add this option(that is why

Re: [squid-dev] [PATCH] Some failed transactions are not logged

On 19/07/2016 11:56 p.m., Eduard Bagdasaryan wrote: > Addressed discussion concerns and refreshed the patch. > > 2016-07-19 8:13 GMT+03:00 Amos Jeffries: >> Is ftp_port traffic another one? > > IMO this is not a case because Ftp::Server (similarly to Http::One::Server

Re: [squid-dev] Broken trunk after r14735, r14726

On 18/07/2016 11:12 p.m., Christos Tsantilas wrote: > On 07/16/2016 03:56 PM, Amos Jeffries wrote: >> On 16/07/2016 7:02 a.m., Alex Rousskov wrote: >>> Hello, >>> >>> There are two more recent changes that broke trunk: >>> >>> * After r14

Re: [squid-dev] [PATCH] Some failed transactions are not logged

On 19/07/2016 2:52 a.m., Alex Rousskov wrote: > On 07/17/2016 03:34 AM, Amos Jeffries wrote: >> On 16/07/2016 2:40 a.m., Eduard Bagdasaryan wrote: >>> +// do not log connections that sent us no bytes (TODO: make >>> configurable) >>> +// do n

Re: [squid-dev] [RFC] reduce MISS on transients collision

On 18/07/2016 6:59 a.m., Alex Rousskov wrote: > On 07/17/2016 05:01 AM, Amos Jeffries wrote: >> I've just been looking at the Store::Controller::find() implementation >> and it struck me that if the transients lookup has an error the object >> will fail to HIT on any e

Re: [squid-dev] Broken trunk after r14735, r14726

On 17/07/2016 4:35 a.m., Alex Rousskov wrote: > On 07/16/2016 06:56 AM, Amos Jeffries wrote: >> On 16/07/2016 7:02 a.m., Alex Rousskov wrote: >>> * After r14726 (GnuTLS: support for TLS session resume): Squid segfaults >>> when attempting to connect to a Secure I

[squid-dev] [RFC] reduce MISS on transients collision

I've just been looking at the Store::Controller::find() implementation and it struck me that if the transients lookup has an error the object will fail to HIT on any existing cache entries. It seems to me that failure on any specific lookup should continue checking the alternative places. Alex;

Re: [squid-dev] [PATCH] Some failed transactions are not logged

On 16/07/2016 2:40 a.m., Eduard Bagdasaryan wrote: > Hello, > > There are situations when Squid logs nothing to access.log after an > [abnormal] transaction termination. Such "stealthy" transactions may be > a security risk and an accounting problem. > > ClientHttpRequest is responsible for

Re: [squid-dev] [PATCH] Fetch missing certificates

On 15/07/2016 3:07 a.m., Alex Rousskov wrote: > On 07/14/2016 05:16 AM, Amos Jeffries wrote: >> * the debugs lines indicating constructor and destructor have been run >> need to be symmetrical and name the object type. >> >> - They are there for the find-alive.

Re: [squid-dev] [PATCH] Fix ssl use for kerberos_ldap_group

On 3/07/2016 4:57 a.m., Markus Moeller wrote: > Hi Amos, > > Here is a small patch for cases SSL must be used to connect to an ldap > server. > Looks okay, except for two minor things. * some debug messages are missing a space between end of one sentence and the '(' starting the next. Search

Re: [squid-dev] [PATCH] Fetch missing certificates

Audit of patch #2; This is mostly polish, but there are a few logic issues still present. in the patch description / commit message: * s/independed /independent / * s/from net/from the network/ * s/an Downloader class/class Downloader/ * in newely added or altered documentation, comments

Re: [squid-dev] [RFC] annotate_transaction ACL

Okay, as the author you get to choose. Lets see how your approach works in reality (as opposed to our differing ideas of reality) and we can change later if need be. Amos ___ squid-dev mailing list squid-dev@lists.squid-cache.org

Re: [squid-dev] assertion failed: DestinationIp.cc:41: "checklist->conn() && checklist->conn()->clientConnection != NULL"

On 13/07/2016 5:50 p.m., Omid Kosari wrote: > Hello, > > squid crashes after following error > assertion failed: DestinationIp.cc:41: "checklist->conn() && > checklist->conn()->clientConnection != NULL" > > > From the error massage i guess that following config may cause the problem > >

Re: [squid-dev] HTTP meetup in Stockholm

On 12/07/2016 9:00 a.m., Kinkie wrote: > On Mon, Jul 11, 2016 at 9:05 PM, Alex Rousskov < > rouss...@measurement-factory.com> wrote: > >> On 07/10/2016 04:33 AM, Kinkie wrote: >>> at the end of the month I will attend the HTTP meetup in Stockholm. >>> Besides having a chance to see Henrik, I'd

Re: [squid-dev] [PATCH] Fetch missing certificates

On 12/07/2016 7:13 a.m., Alex Rousskov wrote: > On 07/11/2016 10:18 AM, Christos Tsantilas wrote: > > >> +debugs(33, 5, HERE); > >> +debugs(33 , 2, HERE); > >> +debugs(33, 6, HERE); > > s/HERE/this/ > Agreed on removing HERE. Not sure if 'this' is better though. There is a

Re: [squid-dev] [PATCH] TidyPointer removal

On 11/07/2016 10:20 a.m., Alex Rousskov wrote: > On 07/10/2016 02:02 AM, Amos Jeffries wrote: > >> * For the LockingPointer(T*) ctor and resetWithoutLocking() method >> the caller is responsible for: >> - doing a +1 lock itself, and >> - exactly once

Re: [squid-dev] [PATCH Bug 4534 and N-bit fixes for CacheDigest

On 10/07/2016 1:37 a.m., Amos Jeffries wrote: > This patch converts the CacheDigest members and method parameters to use > explicitly sized data types more appropriate for what details they hold. > > * 64-bit Digest capacity (entry count) > * 32-bit Mask Size (byte count) > * 8

Re: [squid-dev] [PATCH] TidyPointer removal

On 10/07/2016 2:38 p.m., Alex Rousskov wrote: > On 07/09/2016 07:10 AM, Amos Jeffries wrote: >> On 9/07/2016 11:18 a.m., Alex Rousskov wrote: >>> On 07/08/2016 12:44 AM, Amos Jeffries wrote: >>>> On 8/07/2016 11:24 a.m., Alex Rousskov wrote: >>>>&g

Re: [squid-dev] [RFC] annotate_transaction ACL

On 10/07/2016 7:14 a.m., Alex Rousskov wrote: > > B. Add general ACL options to be able to force any existing ACL to add > an annotation: > > acl myOldAcl dst --annotate foo=bar 127.0.0.1/32 > > Please let me know if you consider any of the above alternatives more > attractive (than adding

[squid-dev] [PATCH Bug 4534 and N-bit fixes for CacheDigest

This patch converts the CacheDigest members and method parameters to use explicitly sized data types more appropriate for what details they hold. * 64-bit Digest capacity (entry count) * 32-bit Mask Size (byte count) * 8-bit Bit count per entry Due to various store_digest.cc code still relying

Re: [squid-dev] [PATCH] TidyPointer removal

On 9/07/2016 11:18 a.m., Alex Rousskov wrote: > On 07/08/2016 12:44 AM, Amos Jeffries wrote: >> On 8/07/2016 11:24 a.m., Alex Rousskov wrote: >>>> >>>> +void resetWithoutLocking(T *t) { >>>> +unlock(); >>>> +raw

Re: [squid-dev] Care and feeding of ConnStateData

On 9/07/2016 6:19 a.m., Alex Rousskov wrote: > On 07/07/2016 04:16 PM, Amos Jeffries wrote: >> >> I certainly regret that you think anything at all of the current logic >> should be retained in ConnStateData. > > I do not think that. There are known/marked HTTP

Re: [squid-dev] [PATCH] avoid flooding cache.log with "uninitialized value" messages from ext_wbinfo_group_acl helper script

On 24/06/2016 5:28 a.m., Amos Jeffries wrote: > > This is a case if the test being broken. So ideally: > my $ans = "BH message=\"No groups configured for membership test\""; > Hi Veri, Have you had a chance to test this alternative initialization? If so

Re: [squid-dev] [PATCH] TidyPointer removal

On 8/07/2016 6:44 p.m., Amos Jeffries wrote: > On 8/07/2016 11:24 a.m., Alex Rousskov wrote: >> >>> typedef void* SessionPtr; >>> +CtoCpp1(xfree, SessionPtr); >> >> xfree() is already a C++ function and does not need wrapping, right? >> > > Hm

Re: [squid-dev] [PATCH] TidyPointer removal

On 8/07/2016 11:24 a.m., Alex Rousskov wrote: > On 07/07/2016 01:40 PM, Amos Jeffries wrote: >> On 4/07/2016 5:39 a.m., Alex Rousskov wrote: >>>> +/// Reset raw pointer - delete last one and save new one. >>>> +void reset(T *t) { >>>> +

Re: [squid-dev] Care and feeding of ConnStateData

On 8/07/2016 7:22 a.m., Alex Rousskov wrote: > On 07/06/2016 10:52 PM, Amos Jeffries wrote: >> On 7/07/2016 10:24 a.m., Alex Rousskov wrote: >>> Q1. What is ConnStateData (and related client_side.* code)? >>> >>> C1. ConnStateData is the code shar

Re: [squid-dev] [PATCH] TidyPointer removal

On 4/07/2016 5:39 a.m., Alex Rousskov wrote: > On 06/29/2016 05:45 AM, Amos Jeffries wrote: > >> /** >> + * A pointer that deletes the object it points to when the pointer's owner >> or >> + * context is gone. [...] >> */ > ... >> +explicit

Re: [squid-dev] Care and feeding of ConnStateData

On 7/07/2016 10:24 a.m., Alex Rousskov wrote: > Hello, > > Several committed, pending, and upcoming trunk changes revolve > around ConnStateData-related classes. Audit disagreements, unaudited > commits, and blocked changes in that area make progress painfully slow. > This email proposes

Re: [squid-dev] [PATCH] GnuTLS session resume

Applied as trunk rev.14726 Amos ___ squid-dev mailing list squid-dev@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-dev

Re: [squid-dev] [PATCH] TidyPointer removal

Attached patch completes everything except the LockingPointer parts, I think. Can it get some testing please while I continue on with that latter ? On 29/06/2016 1:03 p.m., Alex Rousskov wrote: > On 06/28/2016 08:52 AM, Amos Jeffries wrote: >> On 28/06/2016 7:36 a.m., Alex Rouss

Re: [squid-dev] [PATCH] TidyPointer removal

On 28/06/2016 7:36 a.m., Alex Rousskov wrote: > On 06/27/2016 04:35 AM, Amos Jeffries wrote: >> This splits TidyPointer and LockingPointer by removing the inheritence >> and copying the needed TidyPointer code into the LockingPointer as-is. > > Why start duplicating T

Re: [squid-dev] [PATCH] Update all stored headers on revalidation

On 25/06/2016 1:09 a.m., Eduard Bagdasaryan wrote: > Hello, > > According to RFC 7234 section 4.3.4. when a proxy receives 304 (Not > Modified) > response, it should update every header, except Warning headers (which need > special processing). Also RFC 7232 section 4.1. does not prohibit origin

Re: [squid-dev] [PATCH] avoid flooding cache.log with "uninitialized value" messages from ext_wbinfo_group_acl helper script

On 23/06/2016 8:01 p.m., Vieri wrote: > > I suspect it could be a misconfiguration too. > > # grep external /etc/squid/squid.custom.rules > external_acl_type nt_group ttl=0 children-max=10 %LOGIN > /usr/libexec/squid/ext_wbinfo_group_acl > acl allowed_groups external nt_group

Re: [squid-dev] [PATCH] LockingPointer API update

On 23/06/2016 4:58 a.m., Alex Rousskov wrote: > On 06/22/2016 05:29 AM, Amos Jeffries wrote: >> On 22/06/2016 10:42 p.m., Christos Tsantilas wrote: >>> On 06/22/2016 07:32 AM, Amos Jeffries wrote: >>>> 1) PeekingPeerConnector::handleServerCertificate() doing >

Re: [squid-dev] HTTP2 push related question.

On 22/06/2016 8:28 p.m., Eliezer Croitoru wrote: > I am having troubles in understanding the benefits of HTTP 2 push messages > and I am looking a starter point on how to look at the subject. > I am sure that there are applicable usage for it and I remember that xmpp > and many other protocols

Re: [squid-dev] [PATCH] avoid flooding cache.log with "uninitialized value" messages from ext_wbinfo_group_acl helper script

On 22/06/2016 7:22 p.m., Vieri wrote: > Hi, > > With default debug_options too many "uninitialized value" messages in /var/log/squid/cache.log; > Use of uninitialized value $ans in concatenation (.) or string at /usr/libexec/squid/ext_wbinfo_group_acl line 204, line 44. > Use of uninitialized

Re: [squid-dev] [PATCH] LockingPointer API update

On 22/06/2016 10:42 p.m., Christos Tsantilas wrote: > On 06/22/2016 07:32 AM, Amos Jeffries wrote: >> On 22/06/2016 1:02 p.m., Alex Rousskov wrote: >>> On 06/21/2016 04:00 AM, Amos Jeffries wrote: >> >> The two I saw were: >> >> 1) PeekingPeer

Re: [squid-dev] Dealing with RegisteredHeadersHash.gperf

On 22/06/2016 5:13 a.m., Eduard Bagdasaryan wrote: > Hello, > > In my current task I need to change some of header definitions, but it is > unclear how to do this correctly. My understanding is that I need to > modify http/RegisteredHeadersHash.gperf, and then run > "make gperf-files" to generate

[squid-dev] [PATCH] GnuTLS session resume

This patch shuffles session resume to libsecurity and implements it for GnuTLS. As-is it relies on the previous LockingPointer API patch redesign for a generic reset() method. Amos === modified file 'src/CachePeer.cc' --- src/CachePeer.cc2016-01-01 00:12:18 + +++ src/CachePeer.cc

Re: [squid-dev] [PATCH] LockingPointer API update

On 22/06/2016 1:02 p.m., Alex Rousskov wrote: > On 06/21/2016 04:00 AM, Amos Jeffries wrote: >> With GnuTLS support it is sometimes more useful to use a TidyPointer >> where a LockingPointer is used by OpenSSL. > > Are there examples of such code in Squid trunk already? I

[squid-dev] [PATCH] LockingPointer API update

With GnuTLS support it is sometimes more useful to use a TidyPointer where a LockingPointer is used by OpenSSL. This patch converts the LockingPointer resetAndLock() to a virtual reset() so callers can use the right one without needing to care which type of pointer they are handling. Doing this

Re: [squid-dev] [RFC] ICAP external acl services

On 20/06/2016 6:53 a.m., Eliezer Croitoru wrote: > Hey, > > > > Alex mentioned long ago the idea\option to add an ICAP service as an > external_acl helper. > I suspect you misunderstood him. The two things are very differently focused and the informational needs and limitations are equally

Re: [squid-dev] [PATCH] Do not hide important/critical messages

On 12/04/2016 2:59 a.m., Alex Rousskov wrote: > On 04/09/2016 10:42 PM, Amos Jeffries wrote: >> On 29/03/2016 12:44 p.m., Alex Rousskov wrote: >>> unpatched Squid console only says: >>> >>> 2016/03/27 14:19:48.297| SECURITY ALERT: By user agent: >>&

Re: [squid-dev] [PATCH] Better support for unknown URL schemes

On 16/03/2016 5:52 a.m., Alex Rousskov wrote: > On 03/15/2016 09:36 AM, Amos Jeffries wrote: >> Squid already contains AnyP::PROTO_UNKNOWN support for unknown protocols >> but currently does not preserve the actual string value received for them. >> >> This adds a tex

Re: [squid-dev] [PATCH] Fix maybeMakeSpaceAvailable() logic

I've applied the original patch as rev.14710 with just the stubs definition fix. Amos ___ squid-dev mailing list squid-dev@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-dev

Re: [squid-dev] [PATCH] cleanup cppunit detection and use

Applied to trunk as rev.14707. Amos ___ squid-dev mailing list squid-dev@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-dev

[squid-dev] [PATCH make ssl-bump implicit on HTTPS interception ports

Using an https_port with intercept or tproxy is pretty useless without ssl-bump being enabled. So auto-enable the 'ssl-bump' option on those ports instead of aborting with an error about ssl-bump being needed. The result of this should be that the intercepted traffic gets received by either the

Re: [squid-dev] [PATCH] cleanup cppunit detection and use

On 13/06/2016 8:06 a.m., Kinkie wrote: > HI! > have you had a chance to check if the new code works for all the systems > we care about? Jenkins shows all good so far. Amos ___ squid-dev mailing list squid-dev@lists.squid-cache.org

[squid-dev] [PATCH] cleanup cppunit detection and use

The cppunit-config tool has apparently been replaced by pkg-config .pc file years ago and is now in the process of being removed from some OS. Notably Fedora. Which means our present way of detecting it for use by "make check" will increasingly fail. This converts configure.ac to using the

Re: [squid-dev] [PATCH] TLS Authority Key Identifier certificate extension

On 8/06/2016 4:06 a.m., Christos Tsantilas wrote: > > This patch add support for mimicking TLS Authority Key Identifier > certificate extension in Squid generated TLS certificates: If the origin > server certificate has that extension, the generated certificate (via > the ssl_crtd daemon or

Re: [squid-dev] r14692 broke ./configure

On 10/06/2016 1:41 p.m., Amos Jeffries wrote: > On 10/06/2016 12:31 p.m., Alex Rousskov wrote: >> Hello, >> >> When running ./configure, I am getting the following error: >> >>> ./configure: line 33410: 0: command not found >> > > That line

Re: [squid-dev] [PATCH] Uninitialised errors during Squid startup

On 10/06/2016 1:36 a.m., Alex Rousskov wrote: > On 06/08/2016 10:27 PM, Amos Jeffries wrote: >> On 9/06/2016 12:52 a.m., Eduard Bagdasaryan wrote: >>> Hello, >>> >>> This patch fixes valgrind-discovered trunk errors. >>> >>> During start-up

Re: [squid-dev] [PATCH] Do not make bogus recvmsg calls

On 10/06/2016 12:20 p.m., Alex Rousskov wrote: > Hello, > > The attached simple patch prevents bogus recvmsg(2) calls when > closing file descriptors. Please see the patch preamble for details. > > A cleaner way to handle this problem may be to introduce a new > FD_FLUSH_METHOD() API that

Re: [squid-dev] r14692 broke ./configure

On 10/06/2016 12:31 p.m., Alex Rousskov wrote: > Hello, > > When running ./configure, I am getting the following error: > >> ./configure: line 33410: 0: command not found > That line number is in the middle of a long comment for my current trunk ./configure. Can you provide the line(s)

Re: [squid-dev] [RFC] client header mangling

On 10/06/2016 9:49 a.m., Eliezer Croitoru wrote: > I am trying to understand so bear with me couple seconds. > I have seen that there are pages\servers which doesn't state about the > User-Agent in the Vary response while still taking it into account. > > The caching side of the picture is

Re: [squid-dev] [PATCH] Uninitialised errors during Squid startup

On 9/06/2016 12:52 a.m., Eduard Bagdasaryan wrote: > Hello, > > This patch fixes valgrind-discovered trunk errors. > > During start-up, Valgrind reported many errors with a similar message: > "Use of uninitialised value of size 8...". These errors were caused by > HttpRequestMethod& parameter

[squid-dev] [RFC] client header mangling

I've been looking at ways to resolve the long Vary discussion going on in squid-users with a patch that we can accept into mainline. What they (joe and Yuri) have at present works, but only with extra request_header_replace config preventing integrity problems. One way to make useful progress

Re: [squid-dev] [PATCH] Use TCP_REFRESH_PENDING while waiting for IMS reply

On 1/06/2016 11:39 p.m., Amos Jeffries wrote: > On 1/06/2016 8:17 a.m., Eduard Bagdasaryan wrote: >> Hello, >> >> This patch marks refresh-waiting transactions with TCP_REFRESH_PENDING. >> >> Before this change, transactions initiating a refres

Re: [squid-dev] What to do with stale related software?

On 31/05/2016 4:37 p.m., Kinkie wrote: > Hi all, > I'm reviewing some 'related software' listings on the website, and > some links are stale. > What should we do with them? I recommend to do a cleanup; opinions? > If it has been a long time and the link still broken, or not popular software. I

Re: [squid-dev] [PATCH] Drop ie_refresh configuration option

On 26/05/2016 11:57 p.m., Kinkie wrote: > +1. > > On Thu, May 26, 2016 at 10:16 AM, Amos Jeffries wrote: >> This option was provided as a hack to workaround problems in MSIE 5.01 >> and older. >> >> Since those MSIE versions are long deprecated and no longer even

Re: [squid-dev] [PATCH] Replace new/delete operators using modern C++ rules

Applied as trunk rev.14688. Amos ___ squid-dev mailing list squid-dev@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-dev

[squid-dev] [PATCH] Drop ie_refresh configuration option

This option was provided as a hack to workaround problems in MSIE 5.01 and older. Since those MSIE versions are long deprecated and no longer even registering on the popularity charts for more than 5 years I think its time we removed this hack. Amos === modified file

[squid-dev] [PATCH] Deprecating SMB LanMan helpers

Bring the SMB LanMan helpers one step closer to removal by dropping them from the set of helpers which are auto-detected and built by default with Squid. They are still available for the minority using them. But need to be explicitly listed in the ./configure options to be built. Amos ===

Re: [squid-dev] [PATCH] bug 4485 fix

On 22/05/2016 9:47 a.m., Eduard Bagdasaryan wrote: > Hello, > > This patch fixes bug 4485 and adjusts related test cases > to fully check Parser::Tokenizer::int64() post-conditions. > Thank you. Applied as runk rev.14686. Amos ___ squid-dev mailing

Re: [squid-dev] Do not load icons one character at a time

On 22/05/2016 5:03 a.m., Alex Rousskov wrote: > On 05/21/2016 03:09 AM, Amos Jeffries wrote: >> On 21/05/2016 6:25 a.m., Alex Rousskov wrote: >>>> Since trunk r14100 (Bug 3875: bad mimeLoadIconFile error handling), each >>>> icon was read from disk and written

Re: [squid-dev] Do not load icons one character at a time

On 21/05/2016 6:25 a.m., Alex Rousskov wrote: > Hello, > >> revno: 14682 >> committer: Alex Rousskov >> branch nick: trunk >> timestamp: Fri 2016-05-20 12:16:19 -0600 >> message: >> Fixed icons loading speed. >> >> Since trunk r14100 (Bug 3875: bad

Re: [squid-dev] [PATCH] Replace new/delete operators using modern C++ rules

On 21/05/2016 8:11 a.m., Alex Rousskov wrote: > On 04/11/2016 09:16 AM, Alex Rousskov wrote: >> On 04/09/2016 10:50 PM, Amos Jeffries wrote: >> >>> In principle this is a great step forward, but I would like confirmation >>> about the portability side of thin

Re: [squid-dev] Bumping after peek and Splicing after stare

On 21/05/2016 3:15 a.m., Alex Rousskov wrote: > On 05/20/2016 05:12 AM, Christos Tsantilas wrote: >> On 05/20/2016 12:26 PM, Amos Jeffries wrote: >>> I would really like to see in the long >>> term is peeking always at clientHello. > >> This is what fast-s

Re: [squid-dev] [PATCH] Do not hide important/critical messages

On 20/05/2016 3:36 a.m., Eduard Bagdasaryan wrote: > Hello, > > 2016-05-19 16:54 GMT+03:00 Amos Jeffries <squ...@treenet.co.nz>: >> Thanks. But ... I just tried to apply this and got lots of rejects in >> Debugs.h and debug.cc on the latest trunk. > > Reworked

Re: [squid-dev] [PATCH] mime unfolding

On 20/05/2016 5:14 a.m., Alex Rousskov wrote: > On 05/19/2016 07:29 AM, Amos Jeffries wrote: >> On 19/05/2016 1:59 p.m., Alex Rousskov wrote: > > (A) > >>> while (!tk.atEnd()) { >>> const SBuf all = tk.remaining(); >>>

Re: [squid-dev] [PATCH] Do not hide important/critical messages

On 19/05/2016 10:01 p.m., Eduard Bagdasaryan wrote: > Hello, > > This is a trunk port for Alex's v3.5 reentrant debugging fix > . > Thanks. But ... I just tried to apply this and got lots of rejects in Debugs.h and

[squid-dev] [PATCH] shell un-escaping squidclient -H option

The squidclient -H parameter takes a string with some limited shellescaped characters. Currently just \n was expanded to the CRLF sequence. Other shell escaped characters were left untouched. However, to properly test headers containing weird CR, LF and HTAB positioning it needs to be able to

Re: [squid-dev] [PATCH] mime unfolding

On 19/05/2016 1:59 p.m., Alex Rousskov wrote: > On 05/14/2016 06:42 AM, Amos Jeffries wrote: > > >> One of the parsers you will find attached (MIME_UNFOLD_SLOW) is that >> loop expanded into functions so each if statement gets its own named >> function and so non-geni

Re: [squid-dev] [PATCH] Delete cbdata-protected data --with-valgrind-debug

On 18/05/2016 6:22 p.m., Alex Rousskov wrote: > Hello, > > Valgrind was correctly reporting every cbdata allocation in trunk as > leaking! AFAICT, these regressions were introduced by a combination of > trunk r13977 (Bug 4215: double-free in CBDATA) and trunk r13909 > (de-duplicate cbdata

<    1   2   3   4   5   6   7   8   9   10   >