Hi,
The *DRAFT* ARC case for Squid 2.6-STABLE16 is attached.
(This is mostly same as the earlier stable15 ARC document)
please do review.
I am also posting a link to this discussion on sfwnv-discuss
The same is also available in the wiki.
http://wikis.sun.com/display/WebStack/SquidARC
The ARC case one-pager assumes all components previously mentioned in
http://wikis.sun.com/display/WebStack/SquidDistributions [Tested]
to be present.
These libraries are distributed along with OpenSolaris, (so I assume
that I will not need ARC cases for them.)
libcrypto SUNWopenssl-libraries OpenSSL Libraries
libssl SUNWopenssl-libraries OpenSSL Libraries
libcrypto_extra SUNWcry
libcryptoutil SUNWcsl Core Solaris (./libexec/squid_kerb_auth)
libldap SUNWcsl Core Solaris (./libexec/squid_ldap_group)
libuutil SUNWcslr Core Solaris Libraries
libnspr4 SUNWpr Netscape Portable Runtime (./libexec/squid_ldap_group)
libplc4 SUNWpr Netscape Portable Runtime (./libexec/squid_ldap_group)
libplds4 SUNWpr Netscape Portable Runtime (./libexec/squid_ldap_group)
libnss3 SUNWtls Network Security Services (./libexec/squid_ldap_group)
libsoftokn3 SUNWtls Network Security Services (./libexec/squid_ldap_group)
libssl3 SUNWtls Network Security Services (./libexec/squid_ldap_group)
mech_krb5 SUNWkrbu Kerberos version 5 support (Usr)
(./libexec/squid_kerb_auth)
These I still need to find (or submit) ARC cases.
libsasl2 SMCsasl (./libexec/sasl_auth)
libdb-4 SMCdb BerkeleyDB4.2 (./libexec/squid_session)
rahul
--
1. e4 _
-------------- next part --------------
Including Squid 2.6.STABLE16 with Solaris - DRAFT
04 September 2007
1. Summary and motivation
1.1. Introduction
This FastTrack proposes the integration of Squid Cache 2.6.STABLE16[1]
as a component in sfw stack.
From the Squid HomePage [2], "Squid is a fully-featured HTTP/1.0 proxy
which is almost (but not quite - we're getting there!) HTTP/1.1. Squid
offers a rich access control, authorization and logging environment to
develop web proxy and content serving applications."
This FastTrack proposes the integration of the most recent stable
release of Squid 2.6 (STABLE16),
This case seeks Minor Release Binding.
2. Technical issues
2.1. Key objects
/etc/squid/squid.conf.default
/etc/squid/mime.conf.default
/etc/squid/msntauth.conf.default
/etc/cachemgr.conf
/usr/squid/sbin/squid
/usr/squid/bin/squidclient
/usr/squid/bin/RunCache
/usr/squid/bin/RunAccel
/usr/squid/bin/squidclient
/usr/squid/bin/cossdump
/usr/squid/libexec/diskd-daemon
/usr/squid/libexec/pinger
/usr/squid/libexec/unlinkd
/usr/squid/libexec/squid_db_auth
/usr/squid/libexec/squid_kerb_auth
/usr/squid/libexec/squid_ldap_auth
/usr/squid/libexec/ncsa_auth
/usr/squid/libexec/yp_auth
/usr/squid/libexec/pam_auth
/usr/squid/libexec/getpwname_auth
/usr/squid/libexec/msnt_auth
/usr/squid/libexec/pop3.pl
/usr/squid/libexec/sasl_auth
/usr/squid/libexec/smb_auth.pl
/usr/squid/libexec/smb_auth
/usr/squid/libexec/smb_auth.sh
/usr/squid/libexec/ntlm_auth
/usr/squid/libexec/fakeauth_auth
/usr/squid/libexec/digest_ldap_auth
/usr/squid/libexec/digest_pw_check
/usr/squid/libexec/ip_user_chec
/usr/squid/libexec/squid_unix_group
/usr/squid/libexec/squid_ldap_group
/usr/squid/libexec/wbinfo_group.pl
/usr/squid/libexec/cachemgr.cgi
/usr/squid/share/mib.txt
/usr/squid/share/icons/
/usr/squid/share/errors/
/usr/squid/man/man8/
2.2. Versioning
The Squid follows a simple development model. The development and
stable versions coexist. There are three tags used to indicate the
state of a version. STABLE, PRE and DEVEL.[3]
DEVEL is the version that undergoes active development and addition
of features. When it matures it is tagged PRE as beta after which it
is tagged STABLE when the release approaches stability.
There are two active versions in existence now. Squid 2.6.STABLE16 and
Squid-3.0.PRE6. This case deals with Squid 2.6.STABLE16 alone.
( Referred to by Squid in the rest of this document)
2.3 Modules
The modules are compiled statically into Squid, thus each release of
Squid needs to recompile the modules that it supports.
2.4 Directory Naming and Structure
The proposed directory layout for Squid is
/usr/squid/
/bin
/sbin
/libexec
/share
/man/man8
/etc/squid/
/squid.conf.default
/mime.conf.default
/msntauth.conf.default
/cachemgr.conf
The detailed directory and file layout for Squid is provided in
Addendum 1.
3. Core Modules
These are the proposed (statically linked) modules enabled by initial
integration.
Asynchronous IO
CARP - Cache Array Routing Protocol
HTCP - Hyper Text Caching Protocol
Cache-Digests
WCCP Versions 1 and 2
Large cache and log file support
Delay pools
Arp Access control lists
SSL support
SNMP support
Forward via Database
Store IO with DISKD, UFS, AUFS and COSS (Different modes of Cache IO)
Authentication scheme with the following supported.
Basic with:
DB,NCSA,YP,LDAP,PAM,getpwnam,MSNT,POP3,
SASL,multi-domain-NTLM,SMB
NTLM with:
SMB,fakeauth
Digest with:
ldap, password
Negotiate with:
kerberose
Acl helpers :
ip_user,unix_group,ldap_group,session,wbinfo_group
4. Squid Documentation.
Squid comes with generic documentation in man page format for squid.8
cachemgr.cgi.8, squid_db_auth.8, ncsa_auth.9, squid_ldap_auth.8,
pam_auth.8, squid_unix_group.8 and squid_ldap_group.8. These will be
placed in the /usr/squid/man/man8 directory as done by the canonical
distribution.
5. Squid Internationalization
Internationalization of error messages is provided by squid and the
localized error messages are provided in /usr/squid/share/errors
directory for each supported language.
6. Packaging and Delivery
We propose to package squid under SUNWsquid. Multiple versions
coexisting on the same machine is not anticipated since this is not
a development platform, and general usage pattern is to have a single
instance.
7. Squid Interfaces
7.1. Interface Stability
The Squid project has not changed the configuration file format from
the time it started. It is a plain text file with space separated key
and values. However, newer configuration keys and values have been
added in the releases.
Squid does not support loadable modules. Thus binary compatibility is
not relevant for Squid.
7.2. Imported Interfaces
Squid imports interfaces from
Basic security library (libbsm)
C library (libv)
Encryption/decryption library (libcrypt)
Dynamic linking library (libdl)
String pattern-matching library (libgen)
C math library (libm)
Message Digest library (libmd)
Multiple precision library (libmp)
Network services library (libnsl)
PAM (Pluggable Authentication Module) library (libpam)
POSIX threads library (libpthread)
Resolver library (libresolv)
POSIX.1b Realtime Extensions library (librt)
Simple authentication and security layer library (libsasl)
Service configuration facility library (libscf)
Security attributes database library (libsecdb)
Sockets library (libsocket)
Threads library (libthread)
Solaris Trusted Extensions library (libtsol)
SUNWcsl Core Solaris (libcryptoutil,libldap,libuutil)
SUNWpr Netscape Portable Runtime (libnspr4,libplc4,libplds4)
SUNWtls Network Security Services (libnss3,libsoftokn3,libssl3)
SUNWkrbu Kerberos version 5 support (mech_krb5)
SUNWopenssl-libraries OpenSSL Libraries (libcrypto,libssl)
SUNWcry (libcrypto_extra) (SUNWOpenssl
links to it.)
In addition, the following external Interfaces is imported:
SMCdb (BerkeleyDB4.2 libdb-4)
SMCsasl (SASL2 libsasl2)
7.3. Exported Interfaces
NAME STABILITY NOTES
/usr/squid/sbin/squid Uncommitted Executable location
/usr/squid/bin/squidclient Uncommitted Executable location
/usr/squid/bin/RunCache Uncommitted Squid Watchdog
Script
/usr/squid/bin/RunAccel Uncommitted Squid Watchdog
Script
/usr/squid/bin/cossdump Uncommitted Executable location
/usr/squid/libexec/unlinkd Uncommitted Executable location
/usr/squid/libexec/cachemgr.cgi Uncommitted Executable script
location
/usr/squid/libexec/diskd-daemon Uncommitted Executable location
/usr/squid/libexec/pinger Uncommitted Executable location
/usr/squid/libexec/unlinkd Uncommitted Executable location
/usr/squid/libexec/squid_db_auth Uncommitted Executable script
location
/usr/squid/libexec/ncsa_auth Uncommitted Executable location
/usr/squid/libexec/yp_auth Uncommitted Executable location
/usr/squid/libexec/squid_ldap_auth Uncommitted Executable location
/usr/squid/libexec/pam_auth Uncommitted Executable location
/usr/squid/libexec/getpwname_auth Uncommitted Executable location
/usr/squid/libexec/msnt_auth Uncommitted Executable location
/usr/squid/libexec/pop3.pl Uncommitted Executable script
location
/usr/squid/libexec/smb_auth.pl Uncommitted Executable script
location
/usr/squid/libexec/smb_auth Uncommitted Executable location
/usr/squid/libexec/smb_auth.sh Uncommitted Executable script
location
/usr/squid/libexec/ntlm_auth Uncommitted Executable location
/usr/squid/libexec/fakeauth_auth Uncommitted Executable location
/usr/squid/libexec/digest_ldap_auth Uncommitted Executable location
/usr/squid/libexec/digest_pw_auth Uncommitted Executable location
/usr/squid/libexec/ip_user_check Uncommitted Executable location
/usr/squid/libexec/squid_unix_group Uncommitted Executable location
/usr/squid/libexec/squid_ldap_group Uncommitted Executable location
/usr/squid/libexec/wbinfo_group.pl Uncommitted Executable script
location
/usr/squid/libexec/cachemgr.cgi Uncommitted Executable script
location
/usr/squid/libexec/sasl_auth Uncommitted Executable location
/usr/squid/libexec/no_check.pl Uncommitted Executable script
location
/usr/squid/libexec/squid_kerb_auth Uncommitted Executable location
/usr/squid/libexec/squid_session Uncommitted Executable location
/etc/squid/squid.conf.default Uncommitted Squid Configuration
/etc/squid/mime.conf.default Uncommitted Additional
Configuration
/etc/squid/msntauth.conf Uncommitted Additional
Configuration
/etc/squid/cachemgr.conf Uncommitted Additional
Configuration
/usr/squid/man/man8/squid.8 Uncommitted Manual Page
/usr/squid/man/man8/cachemgr.cgi.8 Uncommitted Manual Page
/usr/squid/man/man8/squid_db_auth.8 Uncommitted Manual Page
/usr/squid/man/man8/ncsa_auth.8 Uncommitted Manual Page
/usr/squid/man/man8/squid_ldap_auth.8 Uncommitted Manual Page
/usr/squid/man/man8/pam_auth.8 Uncommitted Manual Page
/usr/squid/man/man8/squid_unix_group.8 Uncommitted Manual Page
/usr/squid/man/man8/squid_ldap_group.8 Uncommitted Manual Page
/usr/squid/man/man8/squid_session.8 Uncommitted Manual Page
svc:/network/http:squid committed FMRI
/var/svc/manifest/network/http-squid.xml Project Private SMF Manifest
8. References
[1] http://www.squid-cache.org/Versions/
[2] http://www.squid-cache.org/
[3] http://www.squid-cache.org/Versions/
================================================================
Addendum 1: Squid Integration Directory and File Structure.
1. The following files are included in the Squid integration:
/usr/squid
bin
RunCache
squidclient
cossdump
libexec
diskd-daemon
pinger
unlinkd
squid_db_auth
ncsa_auth
yp_auth
squid_ldap_auth
pam_auth
getpwname_auth
msnt_auth
pop3.pl
smb_auth.pl
smb_auth
smb_auth.sh
ntlm_auth
fakeauth_auth
digest_ldap_auth
digest_pw_auth
ip_user_check
squid_unix_group
squid_ldap_group
wbinfo_group.pl
cachemgr.cgi
sasl_auth
no_check.pl
squid_kerb_auth
squid_session
sbin
squid
etc
squid.conf.default
mime.conf.default
msntauth.conf.default
cachemgr.conf
share
mib.txt
icons
anthony-binhex.gif
anthony-bomb.gif
anthony-box.gif
anthony-box2.gif
anthony-c.gif
anthony-compressed.gif
anthony-dir.gif
anthony-dirup.gif
anthony-dvi.gif
anthony-f.gif
anthony-image.gif
anthony-image2.gif
anthony-layout.gif
anthony-link.gif
anthony-movie.gif
anthony-pdf.gif
anthony-portal.gif
anthony-ps.gif
anthony-quill.gif
anthony-script.gif
anthony-sound.gif
anthony-tar.gif
anthony-tex.gif
anthony-text.gif
anthony-unknown.gif
anthony-xbm.gif
anthony-xpm.gif
errors
Armenian
Azerbaijani
Bulgarian
Catalan
Czech
Danish
Dutch
English
Estonian
Finnish
French
German
Greek
Hebrew
Hungarian
Italian
Japanese
Korean
Lithuanian
Polish
Portuguese
Romanian
Russian-1251
Russian-koi8-r
Serbian
Simplify_Chinese
Slovak
Spanish
Swedish
Traditional_Chinese
Turkish
man
man8
squid.8
cachemgr.cgi.8
squid_db_auth.8
ncsa_auth.8
squid_ldap_auth.8
pam_auth.8
squid_unix_group.8
squid_ldap_group.8
squid_session.8
Under each language directories the following files reside
ERR_ACCESS_DENIED
ERR_CACHE_ACCESS_DENIED
ERR_CACHE_MGR_ACCESS_DENIED
ERR_CANNOT_FORWARD
ERR_CONNECT_FAIL
ERR_DNS_FAIL
ERR_FORWARDING_DENIED
ERR_FTP_DISABLED
ERR_FTP_FAILURE
ERR_FTP_FORBIDDEN
ERR_FTP_NOT_FOUND
ERR_FTP_PUT_CREATED
ERR_FTP_PUT_ERROR
ERR_FTP_PUT_MODIFIED
ERR_FTP_UNAVAILABLE
ERR_INVALID_REQ
ERR_INVALID_RESP
ERR_INVALID_URL
ERR_LIFETIME_EXP
ERR_NO_RELAY
ERR_ONLY_IF_CACHED_MISS
ERR_READ_ERROR
ERR_READ_TIMEOUT
ERR_SHUTTING_DOWN
ERR_SOCKET_FAILURE
ERR_TOO_BIG
ERR_UNSUP_REQ
ERR_URN_RESOLVE
ERR_WRITE_ERROR
ERR_ZERO_SIZE_OBJECT
