From 657376c61fe21fee96f2bb3d1310d63fefc2f17a Mon Sep 17 00:00:00 2001 From: cvs2git Date: Mon, 17 Oct 2005 06:35:05 +0000 Subject: [PATCH] This commit was manufactured by cvs2git to create branch 'RA-branch'. Cherrypick from master 2005-09-05 08:58:51 UTC hawk '6577071c711c2b03b7540813d6fd9bcb squid-2.5.STABLE10-64bit_cleanup.patch': squid-2.5.STABLE10-64bit_cleanup.patch -> 1.1 squid-2.5.STABLE10-FORTIFY_SOURCE.patch -> 1.1 squid-2.5.STABLE10-Greek.patch -> 1.1 squid-2.5.STABLE10-STORE_PENDING.patch -> 1.1 squid-2.5.STABLE10-Solaris_IPFilter.patch -> 1.1 squid-2.5.STABLE10-arp_ipfilter-2.patch -> 1.1 squid-2.5.STABLE10-buildenv.patch -> 1.1 squid-2.5.STABLE10-cacheClientTable.patch -> 1.1 squid-2.5.STABLE10-cache_dir_change.patch -> 1.1 squid-2.5.STABLE10-chroot-2.patch -> 1.1 squid-2.5.STABLE10-chroot_dir.patch -> 1.1 squid-2.5.STABLE10-content_length.patch -> 1.1 squid-2.5.STABLE10-errmsg.patch -> 1.1 squid-2.5.STABLE10-ftp_250.patch -> 1.1 squid-2.5.STABLE10-ftp_basehref.patch -> 1.1 squid-2.5.STABLE10-ftp_title-2.patch -> 1.1 squid-2.5.STABLE10-internal_date.patch -> 1.1 squid-2.5.STABLE10-ldap_auth-U.patch -> 1.1 squid-2.5.STABLE10-mail_from.patch -> 1.1 squid-2.5.STABLE10-mail_program.patch -> 1.1 squid-2.5.STABLE10-redirect_flags.patch -> 1.1 squid-2.5.STABLE10-snmp_getnext.patch -> 1.1 squid-2.5.STABLE10-spanish.patch -> 1.1 squid-2.5.STABLE10-sslConnectTimeout.patch -> 1.1 squid-2.5.STABLE10-statHistAssert.patch -> 1.1 squid-2.5.STABLE10-transparent-2.patch -> 1.1 squid-2.5.STABLE10-wb_ntlm_auth_silent.patch -> 1.1 squid-2.5.STABLE10-wbinfo_groups.patch -> 1.1 squid-2.5.STABLE4-apache-like-combined-log.patch -> 1.1 squid-2.5.STABLE5-CONNECT_timeout.patch -> 1.1 squid-2.5.STABLE5-cache_swap_log.patch -> 1.1 squid-2.5.STABLE5-deny_info.patch -> 1.1 squid-2.5.STABLE5-digest_ERR.patch -> 1.1 squid-2.5.STABLE5-digest_blank.patch -> 1.1 squid-2.5.STABLE5-helper_warning.patch -> 1.1 squid-2.5.STABLE5-ldap.patch -> 1.1 squid-2.5.STABLE5-lin22_poll.patch -> 1.1 squid-2.5.STABLE5-ntlm_assert.patch -> 1.1 squid-2.5.STABLE5-ntlm_warning.patch -> 1.1 squid-2.5.STABLE5-pkgconfig.patch -> 1.1 squid-2.5.STABLE5-post_assert.patch -> 1.1 squid-2.5.STABLE5-proxy_abuse.patch -> 1.1 squid-2.5.STABLE5-range_offset_limit.patch -> 1.1 squid-2.5.STABLE5-rfc1035NameUnpack.patch -> 1.1 squid-2.5.STABLE5-spelling.patch -> 1.1 squid-2.5.STABLE5-turkish_ERR_DNS_FAIL.patch -> 1.1 squid-2.5.STABLE5-vary.patch -> 1.1 squid-2.5.STABLE5-vary_negatively.patch -> 1.1 squid-2.5.STABLE5-version.patch -> 1.1 squid-2.5.STABLE6-client_db_gc.patch -> 1.1 squid-2.5.STABLE6-digest_crash.patch -> 1.1 squid-2.5.STABLE6-heap_segfault.patch -> 1.1 squid-2.5.STABLE6-ntlm_challengereuse_leak.patch -> 1.1 squid-2.5.STABLE6-ntlm_fetch_string.patch -> 1.1 squid-2.5.STABLE6-ntlm_noreuse_leak.patch -> 1.1 squid-2.5.STABLE6-ufs_create_error.patch -> 1.1 squid-2.5.STABLE6-ufs_no_valid_dir.patch -> 1.1 squid-2.5.STABLE7-blank_response.patch -> 1.1 squid-2.5.STABLE7-cachemgr_vmobjects.patch -> 1.1 squid-2.5.STABLE7-dns_memleak.patch -> 1.1 squid-2.5.STABLE7-dothost.patch -> 1.1 squid-2.5.STABLE7-empty_acls.patch -> 1.1 squid-2.5.STABLE7-gopher_html_parsing.patch -> 1.1 squid-2.5.STABLE7-half_closed_POST.patch -> 1.1 squid-2.5.STABLE7-header_parsing.patch -> 1.1 squid-2.5.STABLE7-ldap_spaces.patch -> 1.1 squid-2.5.STABLE7-non_blocking_disk.patch -> 1.1 squid-2.5.STABLE7-ntlm_segfault.patch -> 1.1 squid-2.5.STABLE7-oversize_reply_headers.patch -> 1.1 squid-2.5.STABLE7-post.patch -> 1.1 squid-2.5.STABLE7-response_splitting.patch -> 1.1 squid-2.5.STABLE7-wccp_buffer_overflow.patch -> 1.1 squid-2.5.STABLE7-wccp_denial_of_service.patch -> 1.1 squid-2.5.STABLE7_req_resp_header.patch -> 1.1 squid-2.5.STABLE9-acl_error.patch -> 1.1 squid-2.5.STABLE9-bzero.patch -> 1.1 squid-2.5.STABLE9-config_overflow.patch -> 1.1 squid-2.5.STABLE9-ctype.patch -> 1.1 squid-2.5.STABLE9-date.patch -> 1.1 squid-2.5.STABLE9-defer_digest_fetch.patch -> 1.1 squid-2.5.STABLE9-dup_content_length.patch -> 1.1 squid-2.5.STABLE9-excess_data.patch -> 1.1 squid-2.5.STABLE9-ftp_EPLF.patch -> 1.1 squid-2.5.STABLE9-ftp_base_href.patch -> 1.1 squid-2.5.STABLE9-pid_t.patch -> 1.1 squid-2.5.STABLE9-reload_into_ims.patch -> 1.1 squid-2.5.STABLE9-setcookie.patch -> 1.1 squid-align.patch -> 1.1 squid-empty-referer.patch -> 1.1 squid-fhs.patch -> 1.9 squid-libnsl_fixes.patch -> 1.2 squid-libntlmssp.patch -> 1.1 squid-location.patch -> 1.3 squid-more_FD-new.patch -> 1.2 squid-nolibs.patch -> 1.1 squid.conf.patch -> 1.6 Cherrypick from master 2005-10-17 06:35:05 UTC hawk 'f6ad18183bb3df2da1c5e6287b7162ea squid-2.5.STABLE11.accel_single_host_pconn.patch': squid-2.5.STABLE11-CACHE_HTTP_PORT.patch -> 1.1 squid-2.5.STABLE11-CNAME.patch -> 1.1 squid-2.5.STABLE11-delaypools_truncated.patch -> 1.1 squid-2.5.STABLE11-ldap_auth.patch -> 1.1 squid-2.5.STABLE11-tcp_outgoing_xxx.patch -> 1.1 squid-2.5.STABLE11.accel_single_host_pconn.patch -> 1.1 squid.sysconfig -> 1.7 squid_hit_miss_mark.patch -> 1.2 Cherrypick from master 2005-02-11 13:04:36 UTC Jakub Bogusz '- fixes CAN-2005-0097': squid-2.5.STABLE7-fakeauth_auth.patch -> 1.1 Cherrypick from unlabeled-1.35.2 2004-08-24 10:38:12 UTC hawk '- typo': squid.init -> 1.35.2.3 --- squid-2.5.STABLE10-64bit_cleanup.patch | 796 +++++++++++ squid-2.5.STABLE10-FORTIFY_SOURCE.patch | 93 ++ squid-2.5.STABLE10-Greek.patch | 987 +++++++++++++ squid-2.5.STABLE10-STORE_PENDING.patch | 294 ++++ squid-2.5.STABLE10-Solaris_IPFilter.patch | 49 + squid-2.5.STABLE10-arp_ipfilter-2.patch | 27 + squid-2.5.STABLE10-buildenv.patch | 122 ++ squid-2.5.STABLE10-cacheClientTable.patch | 21 + squid-2.5.STABLE10-cache_dir_change.patch | 79 ++ squid-2.5.STABLE10-chroot-2.patch | 120 ++ squid-2.5.STABLE10-chroot_dir.patch | 21 + squid-2.5.STABLE10-content_length.patch | 41 + squid-2.5.STABLE10-errmsg.patch | 561 ++++++++ squid-2.5.STABLE10-ftp_250.patch | 55 + squid-2.5.STABLE10-ftp_basehref.patch | 229 +++ squid-2.5.STABLE10-ftp_title-2.patch | 115 ++ squid-2.5.STABLE10-internal_date.patch | 221 +++ squid-2.5.STABLE10-ldap_auth-U.patch | 37 + squid-2.5.STABLE10-mail_from.patch | 63 + squid-2.5.STABLE10-mail_program.patch | 61 + squid-2.5.STABLE10-redirect_flags.patch | 24 + squid-2.5.STABLE10-snmp_getnext.patch | 25 + squid-2.5.STABLE10-spanish.patch | 470 +++++++ squid-2.5.STABLE10-sslConnectTimeout.patch | 15 + squid-2.5.STABLE10-statHistAssert.patch | 21 + squid-2.5.STABLE10-transparent-2.patch | 115 ++ squid-2.5.STABLE10-wb_ntlm_auth_silent.patch | 66 + squid-2.5.STABLE10-wbinfo_groups.patch | 39 + squid-2.5.STABLE11-CACHE_HTTP_PORT.patch | 132 ++ squid-2.5.STABLE11-CNAME.patch | 104 ++ squid-2.5.STABLE11-delaypools_truncated.patch | 26 + squid-2.5.STABLE11-ldap_auth.patch | 172 +++ squid-2.5.STABLE11-tcp_outgoing_xxx.patch | 32 + ...2.5.STABLE11.accel_single_host_pconn.patch | 24 + ...2.5.STABLE4-apache-like-combined-log.patch | 73 + squid-2.5.STABLE5-CONNECT_timeout.patch | 90 ++ squid-2.5.STABLE5-cache_swap_log.patch | 35 + squid-2.5.STABLE5-deny_info.patch | 27 + squid-2.5.STABLE5-digest_ERR.patch | 23 + squid-2.5.STABLE5-digest_blank.patch | 131 ++ squid-2.5.STABLE5-helper_warning.patch | 70 + squid-2.5.STABLE5-ldap.patch | 205 +++ squid-2.5.STABLE5-lin22_poll.patch | 52 + squid-2.5.STABLE5-ntlm_assert.patch | 14 + squid-2.5.STABLE5-ntlm_warning.patch | 21 + squid-2.5.STABLE5-pkgconfig.patch | 117 ++ squid-2.5.STABLE5-post_assert.patch | 101 ++ squid-2.5.STABLE5-proxy_abuse.patch | 23 + squid-2.5.STABLE5-range_offset_limit.patch | 17 + squid-2.5.STABLE5-rfc1035NameUnpack.patch | 21 + squid-2.5.STABLE5-spelling.patch | 84 ++ squid-2.5.STABLE5-turkish_ERR_DNS_FAIL.patch | 21 + squid-2.5.STABLE5-vary.patch | 20 + squid-2.5.STABLE5-vary_negatively.patch | 78 ++ squid-2.5.STABLE5-version.patch | 19 + squid-2.5.STABLE6-client_db_gc.patch | 140 ++ squid-2.5.STABLE6-digest_crash.patch | 38 + squid-2.5.STABLE6-heap_segfault.patch | 24 + ...2.5.STABLE6-ntlm_challengereuse_leak.patch | 319 +++++ squid-2.5.STABLE6-ntlm_fetch_string.patch | 42 + squid-2.5.STABLE6-ntlm_noreuse_leak.patch | 90 ++ squid-2.5.STABLE6-ufs_create_error.patch | 21 + squid-2.5.STABLE6-ufs_no_valid_dir.patch | 14 + squid-2.5.STABLE7-blank_response.patch | 23 + squid-2.5.STABLE7-cachemgr_vmobjects.patch | 179 +++ squid-2.5.STABLE7-dns_memleak.patch | 28 + squid-2.5.STABLE7-dothost.patch | 72 + squid-2.5.STABLE7-empty_acls.patch | 133 ++ squid-2.5.STABLE7-fakeauth_auth.patch | 324 +++++ squid-2.5.STABLE7-gopher_html_parsing.patch | 18 + squid-2.5.STABLE7-half_closed_POST.patch | 28 + squid-2.5.STABLE7-header_parsing.patch | 1230 +++++++++++++++++ squid-2.5.STABLE7-ldap_spaces.patch | 75 + squid-2.5.STABLE7-non_blocking_disk.patch | 14 + squid-2.5.STABLE7-ntlm_segfault.patch | 48 + ...d-2.5.STABLE7-oversize_reply_headers.patch | 89 ++ squid-2.5.STABLE7-post.patch | 92 ++ squid-2.5.STABLE7-response_splitting.patch | 284 ++++ squid-2.5.STABLE7-wccp_buffer_overflow.patch | 21 + ...d-2.5.STABLE7-wccp_denial_of_service.patch | 56 + squid-2.5.STABLE7_req_resp_header.patch | 56 + squid-2.5.STABLE9-acl_error.patch | 272 ++++ squid-2.5.STABLE9-bzero.patch | 274 ++++ squid-2.5.STABLE9-config_overflow.patch | 21 + squid-2.5.STABLE9-ctype.patch | 170 +++ squid-2.5.STABLE9-date.patch | 236 ++++ squid-2.5.STABLE9-defer_digest_fetch.patch | 28 + squid-2.5.STABLE9-dup_content_length.patch | 40 + squid-2.5.STABLE9-excess_data.patch | 40 + squid-2.5.STABLE9-ftp_EPLF.patch | 114 ++ squid-2.5.STABLE9-ftp_base_href.patch | 24 + squid-2.5.STABLE9-pid_t.patch | 105 ++ squid-2.5.STABLE9-reload_into_ims.patch | 25 + squid-2.5.STABLE9-setcookie.patch | 146 ++ squid-align.patch | 30 + squid-empty-referer.patch | 20 + squid-fhs.patch | 19 + squid-libnsl_fixes.patch | 32 + squid-libntlmssp.patch | 72 + squid-location.patch | 39 + squid-more_FD-new.patch | 11 + squid-nolibs.patch | 22 + squid.conf.patch | 39 + squid.init | 130 ++ squid.sysconfig | 12 + squid_hit_miss_mark.patch | 68 + 106 files changed, 11946 insertions(+) create mode 100644 squid-2.5.STABLE10-64bit_cleanup.patch create mode 100644 squid-2.5.STABLE10-FORTIFY_SOURCE.patch create mode 100644 squid-2.5.STABLE10-Greek.patch create mode 100644 squid-2.5.STABLE10-STORE_PENDING.patch create mode 100644 squid-2.5.STABLE10-Solaris_IPFilter.patch create mode 100644 squid-2.5.STABLE10-arp_ipfilter-2.patch create mode 100644 squid-2.5.STABLE10-buildenv.patch create mode 100644 squid-2.5.STABLE10-cacheClientTable.patch create mode 100644 squid-2.5.STABLE10-cache_dir_change.patch create mode 100644 squid-2.5.STABLE10-chroot-2.patch create mode 100644 squid-2.5.STABLE10-chroot_dir.patch create mode 100644 squid-2.5.STABLE10-content_length.patch create mode 100644 squid-2.5.STABLE10-errmsg.patch create mode 100644 squid-2.5.STABLE10-ftp_250.patch create mode 100644 squid-2.5.STABLE10-ftp_basehref.patch create mode 100644 squid-2.5.STABLE10-ftp_title-2.patch create mode 100644 squid-2.5.STABLE10-internal_date.patch create mode 100644 squid-2.5.STABLE10-ldap_auth-U.patch create mode 100644 squid-2.5.STABLE10-mail_from.patch create mode 100644 squid-2.5.STABLE10-mail_program.patch create mode 100644 squid-2.5.STABLE10-redirect_flags.patch create mode 100644 squid-2.5.STABLE10-snmp_getnext.patch create mode 100644 squid-2.5.STABLE10-spanish.patch create mode 100644 squid-2.5.STABLE10-sslConnectTimeout.patch create mode 100644 squid-2.5.STABLE10-statHistAssert.patch create mode 100644 squid-2.5.STABLE10-transparent-2.patch create mode 100644 squid-2.5.STABLE10-wb_ntlm_auth_silent.patch create mode 100644 squid-2.5.STABLE10-wbinfo_groups.patch create mode 100644 squid-2.5.STABLE11-CACHE_HTTP_PORT.patch create mode 100644 squid-2.5.STABLE11-CNAME.patch create mode 100644 squid-2.5.STABLE11-delaypools_truncated.patch create mode 100644 squid-2.5.STABLE11-ldap_auth.patch create mode 100644 squid-2.5.STABLE11-tcp_outgoing_xxx.patch create mode 100644 squid-2.5.STABLE11.accel_single_host_pconn.patch create mode 100644 squid-2.5.STABLE4-apache-like-combined-log.patch create mode 100644 squid-2.5.STABLE5-CONNECT_timeout.patch create mode 100644 squid-2.5.STABLE5-cache_swap_log.patch create mode 100644 squid-2.5.STABLE5-deny_info.patch create mode 100644 squid-2.5.STABLE5-digest_ERR.patch create mode 100644 squid-2.5.STABLE5-digest_blank.patch create mode 100644 squid-2.5.STABLE5-helper_warning.patch create mode 100644 squid-2.5.STABLE5-ldap.patch create mode 100644 squid-2.5.STABLE5-lin22_poll.patch create mode 100644 squid-2.5.STABLE5-ntlm_assert.patch create mode 100644 squid-2.5.STABLE5-ntlm_warning.patch create mode 100644 squid-2.5.STABLE5-pkgconfig.patch create mode 100644 squid-2.5.STABLE5-post_assert.patch create mode 100644 squid-2.5.STABLE5-proxy_abuse.patch create mode 100644 squid-2.5.STABLE5-range_offset_limit.patch create mode 100644 squid-2.5.STABLE5-rfc1035NameUnpack.patch create mode 100644 squid-2.5.STABLE5-spelling.patch create mode 100644 squid-2.5.STABLE5-turkish_ERR_DNS_FAIL.patch create mode 100644 squid-2.5.STABLE5-vary.patch create mode 100644 squid-2.5.STABLE5-vary_negatively.patch create mode 100644 squid-2.5.STABLE5-version.patch create mode 100644 squid-2.5.STABLE6-client_db_gc.patch create mode 100644 squid-2.5.STABLE6-digest_crash.patch create mode 100644 squid-2.5.STABLE6-heap_segfault.patch create mode 100644 squid-2.5.STABLE6-ntlm_challengereuse_leak.patch create mode 100644 squid-2.5.STABLE6-ntlm_fetch_string.patch create mode 100644 squid-2.5.STABLE6-ntlm_noreuse_leak.patch create mode 100644 squid-2.5.STABLE6-ufs_create_error.patch create mode 100644 squid-2.5.STABLE6-ufs_no_valid_dir.patch create mode 100644 squid-2.5.STABLE7-blank_response.patch create mode 100644 squid-2.5.STABLE7-cachemgr_vmobjects.patch create mode 100644 squid-2.5.STABLE7-dns_memleak.patch create mode 100644 squid-2.5.STABLE7-dothost.patch create mode 100644 squid-2.5.STABLE7-empty_acls.patch create mode 100644 squid-2.5.STABLE7-fakeauth_auth.patch create mode 100644 squid-2.5.STABLE7-gopher_html_parsing.patch create mode 100644 squid-2.5.STABLE7-half_closed_POST.patch create mode 100644 squid-2.5.STABLE7-header_parsing.patch create mode 100644 squid-2.5.STABLE7-ldap_spaces.patch create mode 100644 squid-2.5.STABLE7-non_blocking_disk.patch create mode 100644 squid-2.5.STABLE7-ntlm_segfault.patch create mode 100644 squid-2.5.STABLE7-oversize_reply_headers.patch create mode 100644 squid-2.5.STABLE7-post.patch create mode 100644 squid-2.5.STABLE7-response_splitting.patch create mode 100644 squid-2.5.STABLE7-wccp_buffer_overflow.patch create mode 100644 squid-2.5.STABLE7-wccp_denial_of_service.patch create mode 100644 squid-2.5.STABLE7_req_resp_header.patch create mode 100644 squid-2.5.STABLE9-acl_error.patch create mode 100644 squid-2.5.STABLE9-bzero.patch create mode 100644 squid-2.5.STABLE9-config_overflow.patch create mode 100644 squid-2.5.STABLE9-ctype.patch create mode 100644 squid-2.5.STABLE9-date.patch create mode 100644 squid-2.5.STABLE9-defer_digest_fetch.patch create mode 100644 squid-2.5.STABLE9-dup_content_length.patch create mode 100644 squid-2.5.STABLE9-excess_data.patch create mode 100644 squid-2.5.STABLE9-ftp_EPLF.patch create mode 100644 squid-2.5.STABLE9-ftp_base_href.patch create mode 100644 squid-2.5.STABLE9-pid_t.patch create mode 100644 squid-2.5.STABLE9-reload_into_ims.patch create mode 100644 squid-2.5.STABLE9-setcookie.patch create mode 100644 squid-align.patch create mode 100644 squid-empty-referer.patch create mode 100644 squid-fhs.patch create mode 100644 squid-libnsl_fixes.patch create mode 100644 squid-libntlmssp.patch create mode 100644 squid-location.patch create mode 100644 squid-more_FD-new.patch create mode 100644 squid-nolibs.patch create mode 100644 squid.conf.patch create mode 100644 squid.init create mode 100644 squid.sysconfig create mode 100644 squid_hit_miss_mark.patch diff --git a/squid-2.5.STABLE10-64bit_cleanup.patch b/squid-2.5.STABLE10-64bit_cleanup.patch new file mode 100644 index 0000000..e254ca3 --- /dev/null +++ b/squid-2.5.STABLE10-64bit_cleanup.patch @@ -0,0 +1,796 @@ +Index: squid/helpers/basic_auth/MSNT/smblib.c +diff -c squid/helpers/basic_auth/MSNT/smblib.c:1.1.2.3 squid/helpers/basic_auth/MSNT/smblib.c:1.1.2.4 +*** squid/helpers/basic_auth/MSNT/smblib.c:1.1.2.3 Wed Mar 9 07:28:32 2005 +--- squid/helpers/basic_auth/MSNT/smblib.c Thu Jun 30 12:50:55 2005 +*************** +*** 127,138 **** + * service we are going to call, sine some servers want it in uppercase */ + + for (i = 0; i < strlen(server); i++) +! called[i] = toupper(server[i]); + + called[strlen(server)] = 0; /* Make it a string */ + + for (i = 0; i < strlen(con->myname); i++) +! calling[i] = toupper(con->myname[i]); + + calling[strlen(con->myname)] = 0; /* Make it a string */ + +--- 127,138 ---- + * service we are going to call, sine some servers want it in uppercase */ + + for (i = 0; i < strlen(server); i++) +! called[i] = xtoupper(server[i]); + + called[strlen(server)] = 0; /* Make it a string */ + + for (i = 0; i < strlen(con->myname); i++) +! calling[i] = xtoupper(con->myname[i]); + + calling[strlen(con->myname)] = 0; /* Make it a string */ + +*************** +*** 229,240 **** + * service we are going to call, sine some servers want it in uppercase */ + + for (i = 0; i < strlen(host); i++) +! called[i] = toupper(host[i]); + + called[strlen(host)] = 0; /* Make it a string */ + + for (i = 0; i < strlen(con->myname); i++) +! calling[i] = toupper(con->myname[i]); + + calling[strlen(con->myname)] = 0; /* Make it a string */ + +--- 229,240 ---- + * service we are going to call, sine some servers want it in uppercase */ + + for (i = 0; i < strlen(host); i++) +! called[i] = xtoupper(host[i]); + + called[strlen(host)] = 0; /* Make it a string */ + + for (i = 0; i < strlen(con->myname); i++) +! calling[i] = xtoupper(con->myname[i]); + + calling[strlen(con->myname)] = 0; /* Make it a string */ + +Index: squid/helpers/basic_auth/MSNT/smblib.h +diff -c squid/helpers/basic_auth/MSNT/smblib.h:1.1.2.1 squid/helpers/basic_auth/MSNT/smblib.h:1.1.2.2 +*** squid/helpers/basic_auth/MSNT/smblib.h:1.1.2.1 Wed Jun 26 13:11:17 2002 +--- squid/helpers/basic_auth/MSNT/smblib.h Thu Jun 30 12:50:55 2005 +*************** +*** 23,28 **** +--- 23,29 ---- + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + ++ #include "util.h" + #include "std-defines.h" + #include "smblib-common.h" + +Index: squid/helpers/external_acl/winbind_group/wb_check_group.c +diff -c squid/helpers/external_acl/winbind_group/wb_check_group.c:1.2.2.11 squid/helpers/external_acl/winbind_group/wb_check_group.c:1.2.2.12 +*** squid/helpers/external_acl/winbind_group/wb_check_group.c:1.2.2.11 Fri Mar 25 19:50:50 2005 +--- squid/helpers/external_acl/winbind_group/wb_check_group.c Thu Jun 30 12:50:55 2005 +*************** +*** 127,133 **** + + static int strCaseCmp (const char *s1, const char *s2) + { +! while (*s1 && toupper (*s1) == toupper (*s2)) s1++, s2++; + return *s1 - *s2; + } + +--- 127,133 ---- + + static int strCaseCmp (const char *s1, const char *s2) + { +! while (*s1 && xtoupper (*s1) == xtoupper (*s2)) s1++, s2++; + return *s1 - *s2; + } + +Index: squid/helpers/ntlm_auth/SMB/ntlm_auth.c +diff -c squid/helpers/ntlm_auth/SMB/ntlm_auth.c:1.12.2.2 squid/helpers/ntlm_auth/SMB/ntlm_auth.c:1.12.2.3 +*** squid/helpers/ntlm_auth/SMB/ntlm_auth.c:1.12.2.2 Wed Mar 9 07:30:37 2005 +--- squid/helpers/ntlm_auth/SMB/ntlm_auth.c Thu Jun 30 12:50:55 2005 +*************** +*** 81,87 **** + { + char *p = string, c; + while ((c = *p)) { +! *p = toupper(c); + p++; + } + } +--- 81,87 ---- + { + char *p = string, c; + while ((c = *p)) { +! *p = xtoupper(c); + p++; + } + } +*************** +*** 92,98 **** + { + char *p = string, c; + while ((c = *p)) { +! *p = tolower(c); + p++; + } + } +--- 92,98 ---- + { + char *p = string, c; + while ((c = *p)) { +! *p = xtolower(c); + p++; + } + } +Index: squid/helpers/ntlm_auth/SMB/smbval/smbencrypt.c +diff -c squid/helpers/ntlm_auth/SMB/smbval/smbencrypt.c:1.3.2.2 squid/helpers/ntlm_auth/SMB/smbval/smbencrypt.c:1.3.2.3 +*** squid/helpers/ntlm_auth/SMB/smbval/smbencrypt.c:1.3.2.2 Wed Mar 9 07:33:01 2005 +--- squid/helpers/ntlm_auth/SMB/smbval/smbencrypt.c Thu Jun 30 12:50:55 2005 +*************** +*** 200,206 **** + * #endif *//* KANJI_WIN95_COMPATIBILITY */ + { + if (islower((int)(unsigned char)*s)) +! *s = toupper(*s); + s++; + } + } +--- 200,206 ---- + * #endif *//* KANJI_WIN95_COMPATIBILITY */ + { + if (islower((int)(unsigned char)*s)) +! *s = xtoupper(*s); + s++; + } + } +Index: squid/helpers/ntlm_auth/SMB/smbval/smblib.c +diff -c squid/helpers/ntlm_auth/SMB/smbval/smblib.c:1.3.2.2 squid/helpers/ntlm_auth/SMB/smbval/smblib.c:1.3.2.3 +*** squid/helpers/ntlm_auth/SMB/smbval/smblib.c:1.3.2.2 Wed Mar 9 07:28:32 2005 +--- squid/helpers/ntlm_auth/SMB/smbval/smblib.c Thu Jun 30 12:50:55 2005 +*************** +*** 170,181 **** + * service we are going to call, sine some servers want it in uppercase */ + + for (i = 0; i < strlen(server); i++) +! called[i] = toupper(server[i]); + + called[strlen(server)] = 0; /* Make it a string */ + + for (i = 0; i < strlen(con->myname); i++) +! calling[i] = toupper(con->myname[i]); + + calling[strlen(con->myname)] = 0; /* Make it a string */ + +--- 170,181 ---- + * service we are going to call, sine some servers want it in uppercase */ + + for (i = 0; i < strlen(server); i++) +! called[i] = xtoupper(server[i]); + + called[strlen(server)] = 0; /* Make it a string */ + + for (i = 0; i < strlen(con->myname); i++) +! calling[i] = xtoupper(con->myname[i]); + + calling[strlen(con->myname)] = 0; /* Make it a string */ + +*************** +*** 271,282 **** + * service we are going to call, sine some servers want it in uppercase */ + + for (i = 0; i < strlen(host); i++) +! called[i] = toupper(host[i]); + + called[strlen(host)] = 0; /* Make it a string */ + + for (i = 0; i < strlen(con->myname); i++) +! calling[i] = toupper(con->myname[i]); + + calling[strlen(con->myname)] = 0; /* Make it a string */ + +--- 271,282 ---- + * service we are going to call, sine some servers want it in uppercase */ + + for (i = 0; i < strlen(host); i++) +! called[i] = xtoupper(host[i]); + + called[strlen(host)] = 0; /* Make it a string */ + + for (i = 0; i < strlen(con->myname); i++) +! calling[i] = xtoupper(con->myname[i]); + + calling[strlen(con->myname)] = 0; /* Make it a string */ + +Index: squid/helpers/ntlm_auth/SMB/smbval/std-includes.h +diff -c squid/helpers/ntlm_auth/SMB/smbval/std-includes.h:1.2 squid/helpers/ntlm_auth/SMB/smbval/std-includes.h:1.2.2.1 +*** squid/helpers/ntlm_auth/SMB/smbval/std-includes.h:1.2 Fri Mar 9 17:55:38 2001 +--- squid/helpers/ntlm_auth/SMB/smbval/std-includes.h Thu Jun 30 12:50:55 2005 +*************** +*** 25,30 **** +--- 25,31 ---- + + /* the types are provided by squid's configure preocess */ + #include "squid_types.h" ++ #include "util.h" + #define BOOL int16_t + #define int16 int16_t + +Index: squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c +diff -c squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c:1.3.2.8 squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c:1.3.2.9 +*** squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c:1.3.2.8 Wed Mar 9 07:33:01 2005 +--- squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c Thu Jun 30 12:50:55 2005 +*************** +*** 57,63 **** + char *p = string; + char c; + while ((c = *p)) { +! *p = tolower(c); + p++; + } + } +--- 57,63 ---- + char *p = string; + char c; + while ((c = *p)) { +! *p = xtolower(c); + p++; + } + } +Index: squid/helpers/ntlm_auth/winbind/wb_ntlm_auth.c +diff -c squid/helpers/ntlm_auth/winbind/wb_ntlm_auth.c:1.1.2.8 squid/helpers/ntlm_auth/winbind/wb_ntlm_auth.c:1.1.2.9 +*** squid/helpers/ntlm_auth/winbind/wb_ntlm_auth.c:1.1.2.8 Sun Feb 20 12:07:45 2005 +--- squid/helpers/ntlm_auth/winbind/wb_ntlm_auth.c Thu Jun 30 12:50:56 2005 +*************** +*** 87,93 **** + { + char *p = string, c; + while ((c = *p)) { +! *p = tolower(c); + p++; + } + } +--- 87,93 ---- + { + char *p = string, c; + while ((c = *p)) { +! *p = xtolower(c); + p++; + } + } +*************** +*** 97,103 **** + { + char *p = string, c; + while ((c = *p)) { +! *p = toupper(c); + p++; + } + } +--- 97,103 ---- + { + char *p = string, c; + while ((c = *p)) { +! *p = xtoupper(c); + p++; + } + } +Index: squid/lib/Array.c +diff -c squid/lib/Array.c:1.7.2.1 squid/lib/Array.c:1.7.2.2 +*** squid/lib/Array.c:1.7.2.1 Thu Jun 9 01:51:46 2005 +--- squid/lib/Array.c Thu Jun 30 12:50:56 2005 +*************** +*** 65,78 **** + void + arrayInit(Array * a) + { +! assert(a); + memset(a, 0, sizeof(Array)); + } + + void + arrayClean(Array * a) + { +! assert(a); + /* could also warn if some objects are left */ + xfree(a->items); + a->items = NULL; +--- 65,78 ---- + void + arrayInit(Array * a) + { +! assert(a != NULL); + memset(a, 0, sizeof(Array)); + } + + void + arrayClean(Array * a) + { +! assert(a != NULL); + /* could also warn if some objects are left */ + xfree(a->items); + a->items = NULL; +*************** +*** 81,87 **** + void + arrayDestroy(Array * a) + { +! assert(a); + arrayClean(a); + xfree(a); + } +--- 81,87 ---- + void + arrayDestroy(Array * a) + { +! assert(a != NULL); + arrayClean(a); + xfree(a); + } +*************** +*** 89,95 **** + void + arrayAppend(Array * a, void *obj) + { +! assert(a); + if (a->count >= a->capacity) + arrayGrow(a, a->count + 1); + a->items[a->count++] = obj; +--- 89,95 ---- + void + arrayAppend(Array * a, void *obj) + { +! assert(a != NULL); + if (a->count >= a->capacity) + arrayGrow(a, a->count + 1); + a->items[a->count++] = obj; +*************** +*** 97,103 **** + + void arrayInsert(Array *a, void *obj, int position) + { +! assert(a); + if (a->count >= a->capacity) + arrayGrow(a, a->count + 1); + if (position > a->count) +--- 97,103 ---- + + void arrayInsert(Array *a, void *obj, int position) + { +! assert(a != NULL); + if (a->count >= a->capacity) + arrayGrow(a, a->count + 1); + if (position > a->count) +*************** +*** 112,118 **** + void + arrayPreAppend(Array * a, int app_count) + { +! assert(a); + if (a->count + app_count > a->capacity) + arrayGrow(a, a->count + app_count); + } +--- 112,118 ---- + void + arrayPreAppend(Array * a, int app_count) + { +! assert(a != NULL); + if (a->count + app_count > a->capacity) + arrayGrow(a, a->count + app_count); + } +Index: squid/lib/Stack.c +diff -c squid/lib/Stack.c:1.11 squid/lib/Stack.c:1.11.2.1 +*** squid/lib/Stack.c:1.11 Thu Jan 11 17:37:12 2001 +--- squid/lib/Stack.c Thu Jun 30 12:50:56 2005 +*************** +*** 50,62 **** + void * + stackPop(Stack * s) + { +! assert(s); + return s->count ? s->items[--s->count] : NULL; + } + + void * + stackTop(Stack * s) + { +! assert(s); + return s->count ? s->items[s->count - 1] : NULL; + } +--- 50,62 ---- + void * + stackPop(Stack * s) + { +! assert(s != NULL); + return s->count ? s->items[--s->count] : NULL; + } + + void * + stackTop(Stack * s) + { +! assert(s != NULL); + return s->count ? s->items[s->count - 1] : NULL; + } +Index: squid/lib/hash.c +diff -c squid/lib/hash.c:1.12 squid/lib/hash.c:1.12.2.1 +*** squid/lib/hash.c:1.12 Wed Mar 7 10:57:37 2001 +--- squid/lib/hash.c Thu Jun 30 12:50:56 2005 +*************** +*** 239,245 **** + void + hash_last(hash_table * hid) + { +! assert(hid); + hid->next = NULL; + hid->current_slot = 0; + } +--- 239,245 ---- + void + hash_last(hash_table * hid) + { +! assert(hid != NULL); + hid->next = NULL; + hid->current_slot = 0; + } +*************** +*** 307,313 **** + void + hashFreeMemory(hash_table * hid) + { +! assert(hid); + if (hid->buckets) + xfree(hid->buckets); + xfree(hid); +--- 307,313 ---- + void + hashFreeMemory(hash_table * hid) + { +! assert(hid != NULL); + if (hid->buckets) + xfree(hid->buckets); + xfree(hid); +Index: squid/lib/heap.c +diff -c squid/lib/heap.c:1.8 squid/lib/heap.c:1.8.2.1 +*** squid/lib/heap.c:1.8 Wed Feb 7 11:56:50 2001 +--- squid/lib/heap.c Thu Jun 30 12:50:56 2005 +*************** +*** 122,128 **** + delete_heap(heap * hp) + { + int i; +! assert(hp); + for (i = 0; i < hp->last; i++) { + xfree(hp->nodes[i]); + } +--- 122,128 ---- + delete_heap(heap * hp) + { + int i; +! assert(hp != NULL); + for (i = 0; i < hp->last; i++) { + xfree(hp->nodes[i]); + } +Index: squid/lib/rfc1123.c +diff -c squid/lib/rfc1123.c:1.29.2.2 squid/lib/rfc1123.c:1.29.2.3 +*** squid/lib/rfc1123.c:1.29.2.2 Wed Mar 9 07:51:39 2005 +--- squid/lib/rfc1123.c Sun Jul 3 02:18:38 2005 +*************** +*** 230,236 **** + #elif defined(_SQUID_AIX_) + #elif defined(_SQUID_CYGWIN_) + #else +! extern time_t timezone; + #endif + /* + * The following assumes a fixed DST offset of 1 hour, +--- 230,236 ---- + #elif defined(_SQUID_AIX_) + #elif defined(_SQUID_CYGWIN_) + #else +! extern long timezone; + #endif + /* + * The following assumes a fixed DST offset of 1 hour, +Index: squid/lib/util.c +diff -c squid/lib/util.c:1.83.2.2 squid/lib/util.c:1.83.2.3 +*** squid/lib/util.c:1.83.2.2 Sun Aug 11 19:22:37 2002 +--- squid/lib/util.c Thu Jun 30 12:50:56 2005 +*************** +*** 608,614 **** + xstrndup(const char *s, size_t n) + { + size_t sz; +! assert(s); + assert(n); + sz = strlen(s) + 1; + if (sz > n) +--- 608,614 ---- + xstrndup(const char *s, size_t n) + { + size_t sz; +! assert(s != NULL); + assert(n); + sz = strlen(s) + 1; + if (sz > n) +Index: squid/snmplib/mib.c +diff -c squid/snmplib/mib.c:1.22.2.1 squid/snmplib/mib.c:1.22.2.2 +*** squid/snmplib/mib.c:1.22.2.1 Wed Mar 9 07:33:02 2005 +--- squid/snmplib/mib.c Thu Jun 30 12:50:56 2005 +*************** +*** 128,138 **** + + while (*s1 && *s2) { + if (xisupper(*s1)) +! c1 = tolower(*s1); + else + c1 = *s1; + if (xisupper(*s2)) +! c2 = tolower(*s2); + else + c2 = *s2; + if (c1 != c2) +--- 128,138 ---- + + while (*s1 && *s2) { + if (xisupper(*s1)) +! c1 = xtolower(*s1); + else + c1 = *s1; + if (xisupper(*s2)) +! c2 = xtolower(*s2); + else + c2 = *s2; + if (c1 != c2) +Index: squid/snmplib/parse.c +diff -c squid/snmplib/parse.c:1.26.2.1 squid/snmplib/parse.c:1.26.2.2 +*** squid/snmplib/parse.c:1.26.2.1 Wed Mar 9 07:33:02 2005 +--- squid/snmplib/parse.c Thu Jun 30 12:50:56 2005 +*************** +*** 135,141 **** + #define WRITEONLY 20 + #undef NOACCESS + #define NOACCESS 21 +! #define STATUS 22 + #define MANDATORY 23 + #define OPTIONAL 24 + #define OBSOLETE 25 +--- 135,141 ---- + #define WRITEONLY 20 + #undef NOACCESS + #define NOACCESS 21 +! #define SNMP_STATUS 22 + #define MANDATORY 23 + #define OPTIONAL 24 + #define OBSOLETE 25 +*************** +*** 193,199 **** + {"read-only", sizeof("read-only") - 1, READONLY}, + {"ACCESS", sizeof("ACCESS") - 1, ACCESS}, + {"MAX-ACCESS", sizeof("MAX-ACCESS") - 1, ACCESS}, +! {"STATUS", sizeof("STATUS") - 1, STATUS}, + {"SYNTAX", sizeof("SYNTAX") - 1, SYNTAX}, + {"OBJECT-TYPE", sizeof("OBJECT-TYPE") - 1, OBJTYPE}, + {"{", sizeof("{") - 1, LEFTBRACKET}, +--- 193,199 ---- + {"read-only", sizeof("read-only") - 1, READONLY}, + {"ACCESS", sizeof("ACCESS") - 1, ACCESS}, + {"MAX-ACCESS", sizeof("MAX-ACCESS") - 1, ACCESS}, +! {"STATUS", sizeof("STATUS") - 1, SNMP_STATUS}, + {"SYNTAX", sizeof("SYNTAX") - 1, SYNTAX}, + {"OBJECT-TYPE", sizeof("OBJECT-TYPE") - 1, OBJTYPE}, + {"{", sizeof("{") - 1, LEFTBRACKET}, +*************** +*** 867,873 **** + return 0; + } + type = get_token(fp, token); +! if (type != STATUS) { + print_error("Should be STATUS", token, nexttype); + free_node(np); + return 0; +--- 867,873 ---- + return 0; + } + type = get_token(fp, token); +! if (type != SNMP_STATUS) { + print_error("Should be STATUS", token, nexttype); + free_node(np); + return 0; +Index: squid/src/cf_gen.c +diff -c squid/src/cf_gen.c:1.43.2.2 squid/src/cf_gen.c:1.43.2.3 +*** squid/src/cf_gen.c:1.43.2.2 Thu Aug 22 06:28:15 2002 +--- squid/src/cf_gen.c Thu Jun 30 12:50:56 2005 +*************** +*** 403,409 **** + "\tconfig_lineno = 0;\n" + ); + for (entry = head; entry != NULL; entry = entry->next) { +! assert(entry->name); + assert(entry != entry->next); + + if (!strcmp(entry->name, "comment")) +--- 403,409 ---- + "\tconfig_lineno = 0;\n" + ); + for (entry = head; entry != NULL; entry = entry->next) { +! assert(entry->name != NULL); + assert(entry != entry->next); + + if (!strcmp(entry->name, "comment")) +*************** +*** 418,424 **** + rc |= 1; + continue; + } +! assert(entry->default_value); + if (entry->ifdef) + fprintf(fp, "#if %s\n", entry->ifdef); + if (strcmp(entry->default_value, "none") == 0) { +--- 418,424 ---- + rc |= 1; + continue; + } +! assert(entry->default_value != NULL); + if (entry->ifdef) + fprintf(fp, "#if %s\n", entry->ifdef); + if (strcmp(entry->default_value, "none") == 0) { +*************** +*** 447,454 **** + "{\n" + ); + for (entry = head; entry != NULL; entry = entry->next) { +! assert(entry->name); +! assert(entry->loc); + if (entry->default_if_none == NULL) + continue; + if (entry->ifdef) +--- 447,454 ---- + "{\n" + ); + for (entry = head; entry != NULL; entry = entry->next) { +! assert(entry->name != NULL); +! assert(entry->loc != NULL); + if (entry->default_if_none == NULL) + continue; + if (entry->ifdef) +*************** +*** 498,504 **** + alias = entry->alias; + next_alias: + fprintf(fp, "\telse if (!strcmp(token, \"%s\"))\n", name); +! assert(entry->loc); + if (strcmp(entry->loc, "none") == 0) { + fprintf(fp, + "\t\tparse_%s();\n", +--- 498,504 ---- + alias = entry->alias; + next_alias: + fprintf(fp, "\telse if (!strcmp(token, \"%s\"))\n", name); +! assert(entry->loc != NULL); + if (strcmp(entry->loc, "none") == 0) { + fprintf(fp, + "\t\tparse_%s();\n", +*************** +*** 538,544 **** + "{\n" + ); + for (entry = head; entry != NULL; entry = entry->next) { +! assert(entry->loc); + if (strcmp(entry->loc, "none") == 0) + continue; + if (strcmp(entry->name, "comment") == 0) +--- 538,544 ---- + "{\n" + ); + for (entry = head; entry != NULL; entry = entry->next) { +! assert(entry->loc != NULL); + if (strcmp(entry->loc, "none") == 0) + continue; + if (strcmp(entry->name, "comment") == 0) +*************** +*** 565,571 **** + "{\n" + ); + for (entry = head; entry != NULL; entry = entry->next) { +! assert(entry->loc); + if (strcmp(entry->loc, "none") == 0) + continue; + if (strcmp(entry->name, "comment") == 0) +--- 565,571 ---- + "{\n" + ); + for (entry = head; entry != NULL; entry = entry->next) { +! assert(entry->loc != NULL); + if (strcmp(entry->loc, "none") == 0) + continue; + if (strcmp(entry->name, "comment") == 0) +*************** +*** 588,594 **** + if (!name) + return 1; + for (i = 0; strcmp(defines[i].name, name) != 0; i++) { +! assert(defines[i].name); + } + return defines[i].defined; + } +--- 588,594 ---- + if (!name) + return 1; + for (i = 0; strcmp(defines[i].name, name) != 0; i++) { +! assert(defines[i].name != NULL); + } + return defines[i].defined; + } +*************** +*** 597,605 **** + available_if(char *name) + { + int i = 0; +! assert(name); + for (i = 0; strcmp(defines[i].name, name) != 0; i++) { +! assert(defines[i].name); + } + return defines[i].enable; + } +--- 597,605 ---- + available_if(char *name) + { + int i = 0; +! assert(name != NULL); + for (i = 0; strcmp(defines[i].name, name) != 0; i++) { +! assert(defines[i].name != NULL); + } + return defines[i].enable; + } +Index: squid/src/net_db.c +diff -c squid/src/net_db.c:1.158.2.9 squid/src/net_db.c:1.158.2.10 +*** squid/src/net_db.c:1.158.2.9 Fri Mar 25 19:50:53 2005 +--- squid/src/net_db.c Thu Jun 30 12:50:56 2005 +*************** +*** 556,562 **** + if (0 == ex->used) { + /* skip reply headers */ + if ((hdr_sz = headersEnd(p, size))) { +! debug(38, 5) ("netdbExchangeHandleReply: hdr_sz = %d\n", hdr_sz); + rep = ex->e->mem_obj->reply; + if (0 == rep->sline.status) + httpReplyParse(rep, buf, hdr_sz); +--- 556,562 ---- + if (0 == ex->used) { + /* skip reply headers */ + if ((hdr_sz = headersEnd(p, size))) { +! debug(38, 5) ("netdbExchangeHandleReply: hdr_sz = %ld\n", (long int) hdr_sz); + rep = ex->e->mem_obj->reply; + if (0 == rep->sline.status) + httpReplyParse(rep, buf, hdr_sz); +*************** +*** 574,584 **** + size = 0; + } + } +! debug(38, 5) ("netdbExchangeHandleReply: start parsing loop, size = %d\n", +! size); + while (size >= rec_sz) { +! debug(38, 5) ("netdbExchangeHandleReply: in parsing loop, size = %d\n", +! size); + addr.s_addr = any_addr.s_addr; + hops = rtt = 0.0; + for (o = 0; o < rec_sz;) { +--- 574,584 ---- + size = 0; + } + } +! debug(38, 5) ("netdbExchangeHandleReply: start parsing loop, size = %ld\n", +! (long int) size); + while (size >= rec_sz) { +! debug(38, 5) ("netdbExchangeHandleReply: in parsing loop, size = %ld\n", +! (long int) size); + addr.s_addr = any_addr.s_addr; + hops = rtt = 0.0; + for (o = 0; o < rec_sz;) { diff --git a/squid-2.5.STABLE10-FORTIFY_SOURCE.patch b/squid-2.5.STABLE10-FORTIFY_SOURCE.patch new file mode 100644 index 0000000..e2c4110 --- /dev/null +++ b/squid-2.5.STABLE10-FORTIFY_SOURCE.patch @@ -0,0 +1,93 @@ +Index: squid/src/Packer.c +diff -c squid/src/Packer.c:1.13.2.1 squid/src/Packer.c:1.13.2.2 +*** squid/src/Packer.c:1.13.2.1 Fri Mar 25 19:50:51 2005 +--- squid/src/Packer.c Thu Sep 1 16:22:23 2005 +*************** +*** 108,114 **** + { + assert(p && e); + p->append = (append_f) store_append; +! p->vprintf = (vprintf_f) store_vprintf; + p->real_handle = e; + } + +--- 108,114 ---- + { + assert(p && e); + p->append = (append_f) store_append; +! p->packer_vprintf = (vprintf_f) store_vprintf; + p->real_handle = e; + } + +*************** +*** 118,124 **** + { + assert(p && mb); + p->append = (append_f) memBuf_append; +! p->vprintf = (vprintf_f) memBuf_vprintf; + p->real_handle = mb; + } + +--- 118,124 ---- + { + assert(p && mb); + p->append = (append_f) memBuf_append; +! p->packer_vprintf = (vprintf_f) memBuf_vprintf; + p->real_handle = mb; + } + +*************** +*** 129,135 **** + assert(p); + /* it is not really necessary to do this, but, just in case... */ + p->append = NULL; +! p->vprintf = NULL; + p->real_handle = NULL; + } + +--- 129,135 ---- + assert(p); + /* it is not really necessary to do this, but, just in case... */ + p->append = NULL; +! p->packer_vprintf = NULL; + p->real_handle = NULL; + } + +*************** +*** 161,167 **** + fmt = va_arg(args, char *); + #endif + assert(p); +! assert(p->real_handle && p->vprintf); +! p->vprintf(p->real_handle, fmt, args); + va_end(args); + } +--- 161,167 ---- + fmt = va_arg(args, char *); + #endif + assert(p); +! assert(p->real_handle && p->packer_vprintf); +! p->packer_vprintf(p->real_handle, fmt, args); + va_end(args); + } +Index: squid/src/structs.h +diff -c squid/src/structs.h:1.408.2.46 squid/src/structs.h:1.408.2.47 +*** squid/src/structs.h:1.408.2.46 Thu Sep 1 15:58:50 2005 +--- squid/src/structs.h Thu Sep 1 16:22:23 2005 +*************** +*** 839,845 **** + struct _Packer { + /* protected, use interface functions instead */ + append_f append; +! vprintf_f vprintf; + void *real_handle; /* first parameter to real append and vprintf */ + }; + +--- 839,845 ---- + struct _Packer { + /* protected, use interface functions instead */ + append_f append; +! vprintf_f packer_vprintf; + void *real_handle; /* first parameter to real append and vprintf */ + }; + diff --git a/squid-2.5.STABLE10-Greek.patch b/squid-2.5.STABLE10-Greek.patch new file mode 100644 index 0000000..bbe442e --- /dev/null +++ b/squid-2.5.STABLE10-Greek.patch @@ -0,0 +1,987 @@ +Index: squid/errors/Makefile.am +diff -c squid/errors/Makefile.am:1.5.2.7 squid/errors/Makefile.am:1.5.2.8 +*** squid/errors/Makefile.am:1.5.2.7 Mon Dec 1 03:12:28 2003 +--- squid/errors/Makefile.am Thu Sep 1 16:37:29 2005 +*************** +*** 22,27 **** +--- 22,28 ---- + Finnish \ + French \ + German \ ++ Greek \ + Hebrew \ + Hungarian \ + Italian \ +Index: squid/errors/Makefile.in +diff -c squid/errors/Makefile.in:1.15.2.17 squid/errors/Makefile.in:1.15.2.18 +*** squid/errors/Makefile.in:1.15.2.17 Fri Mar 18 17:55:41 2005 +--- squid/errors/Makefile.in Thu Sep 1 16:37:29 2005 +*************** +*** 135,140 **** +--- 135,141 ---- + Finnish \ + French \ + German \ ++ Greek \ + Hebrew \ + Hungarian \ + Italian \ +Index: squid/errors/Greek/ERR_ACCESS_DENIED +diff -c /dev/null squid/errors/Greek/ERR_ACCESS_DENIED:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_ACCESS_DENIED Thu Sep 1 16:37:29 2005 +*************** +*** 0 **** +--- 1,25 ---- ++ ++ ++ ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç ++ ++ ++

ÓÖÁËÌÁ

++

Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç

++
++

++ Óôç ðñïóðÜèåéá ðñüóâáóçò óôç äéåýèõíóç: ++ %U ++

++ ÐñïÝêõøå ôï áêüëïõèï óöÜëìá: ++

    ++
  • ++ ++ Áðáãïñåýåôáé ç Ðñüóâáóç. ++ ++

    ++ Ïé ñõèìßóåéò ôïõ ìç÷áíéóìïý ðñüóâáóçò áðïôñÝðïõí ôçí ++ ïëïêëÞñùóç ôçò áéôÞóåùò óáò. ÅðéêïéíùíÞóôå ìå ôïí ðáñï÷Ýá ++ õðçñåóéþí, áí íïìßæåôå üôé áõôü äåí ðñÝðåé íá óõìâáßíåé. ++

++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. ++ +Index: squid/errors/Greek/ERR_CACHE_ACCESS_DENIED +diff -c /dev/null squid/errors/Greek/ERR_CACHE_ACCESS_DENIED:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_CACHE_ACCESS_DENIED Thu Sep 1 16:37:29 2005 +*************** +*** 0 **** +--- 1,34 ---- ++ ++ ++ ÓÖÁËÌÁ: Áðáãïñåýåôáé ç Ðñüóâáóç óôï ÌåóïëáâçôÞ ++ ++ ++ ++

ÓÖÁËÌÁ

++

Ç Ðñüóâáóç óôï ÌåóïëáâçôÞ Áðáãïñåýåôáé

++
++

++ Óôç ðñïóðÜèåéá ðñüóâáóçò óôç äéåýèõíóç: ++ %U ++

++ ÐñïÝêõøå ôï áêüëïõèï óöÜëìá: ++

    ++
  • ++ ++ Áðáãïñåýåôáé ç Ðñüóâáóç óôï ÌåóïëáâçôÞ. ++ ++
++

++ ++

ËõðÜìáé áëëÜ äåí óáò åðéôñÝðåôáé ç ðñüóâáóç óôç óåëßäá: ++ 

    %U
++ áðü áõôüí ôïí ìåóïëáâçôÞ, ìÝ÷ñé íá ðéóôïðïéÞóåôå ôïí åáõôü óáò. ++

++ ++

++ Èá ðñÝðåé íá ÷ñçóéìïðïéåßôå öõëëïìåôñçôÞ Netscape ÝêäïóÞò ôïõëÜ÷éóôïí 2.0, ôïí ++ Microsoft Internet Explorer 3.0 Þ ïðïéïíäÞðïôå öõëëïìåôñçôÞ óõìâáôü ìå HTTP/1.1. ++ ÅðéêïéíùíÞóôå ìå ôïí äéá÷åéñéóôÞ ôïõ ìåóïëáâçôÞ óáò ++ áí áíôéìåôùðßæåôå äõóêïëßá íá ðéóôïðïéÞóåôå ôïí ëïãáñéáóìü óáò Þ íá ++ áëëÜîôå ôïí êùäéêü óáò. ++

+Index: squid/errors/Greek/ERR_CACHE_MGR_ACCESS_DENIED +diff -c /dev/null squid/errors/Greek/ERR_CACHE_MGR_ACCESS_DENIED:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_CACHE_MGR_ACCESS_DENIED Thu Sep 1 16:37:29 2005 +*************** +*** 0 **** +--- 1,34 ---- ++ ++ ++ ÓÖÁËÌÁ: Áðáãïñåýåôáé ç Ðñüóâáóç óôç Äéá÷åßñéóç ++ ++ ++ ++

ÓÖÁËÌÁ

++

Áðáãïñåýåôáé ç Ðñüóâáóç óôç Äéá÷åßñéóç ôïõ ÌåóïëáâçôÞ

++
++

++ Óôç ðñïóðÜèåéá ðñüóâáóçò óôç äéåýèõíóç: ++ %U ++

++ ÐñïÝêõøå ôï áêüëïõèï óöÜëìá: ++

    ++
  • ++ ++ Áðáãïñåýåôáé ç Ðñüóâáóç óôç Äéá÷åßñéóç ôïõ ÌåóïëáâçôÞ. ++ ++
++

++ ++

ËõðÜìáé áëëÜ äåí óáò åðéôñÝðåôáé Þ ðñüóâáóç óôï: ++ 

    %U
++ ìÝ÷ñé íá ðéóôïðïéÞóåôå ôïí ëïãáñéáóìü óáò. ++

++ ++

Èá ðñÝðåé íá ÷ñçóéìïðïéåßôå öõëëïìåôñçôÞ Netscape Ýêäïóçò ôïõëÜ÷éóôïí 2.0, ôïí ++ Microsoft Internet Explorer 3.0 Þ ïðïéïíäÞðïôå öõëëïìåôñçôÞ óõìâáôü ìå HTTP/1.1. ++ ÅðéêïéíùíÞóôå ìå ôïí äéá÷åéñéóôÞ ôïõ ìåóïëáâçôÞ óáò ++ áí áíôéìåôùðßæåôå äõóêïëßá íá ðéóôïðïéÞóåôå ôïí ëïãáñéáóìü óáò Þ ++ áí åßóôå ï äéá÷åéñéóôÞò, äéáâÜóôå ôçí ôåêìçñßùóç ôïõ Squid ++ ó÷åôéêÜ ìå ôç äéá÷åßñéóç ôïõ êáé êïéôÜîôå ôá çìåñïëüãéá ôïõ ðñïãñÜììáôïò ++ ãéá ðéï ëåðôïìåñåßò áíáöïñÝò óöÜëìáôïò.

+Index: squid/errors/Greek/ERR_CANNOT_FORWARD +diff -c /dev/null squid/errors/Greek/ERR_CANNOT_FORWARD:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_CANNOT_FORWARD Thu Sep 1 16:37:29 2005 +*************** +*** 0 **** +--- 1,29 ---- ++ ++ ++ ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç ++ ++ ++

ÓÖÁËÌÁ

++

Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç

++
++

++ Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç: ++ %U ++

++ ÐñïÝêõøå ôï áêüëïõèï óöÜëìá: ++

    ++
  • ++ ++ Áäýíáôç ç ðñïþèçóç ôçò áéôÞóåùò óáò áõôÞ ôç óôéãìÞ. ++ ++
++ ++

++ Ôï áßôçìá óáò äåí Þôáí äõíáôü íá ðñïùèçèåß óôïí áñ÷éêü åîõðçñåôçôÞ ++ áëëÜ êáé ïýôå óå êÜðïéï ãïíéêü ìåóïëáâçôÞ. Ç ðéï ðéèáíÝò áéôßåò åßíáé: ++

    ++
  • Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ äåí åðéôñÝðåé íá ãßíïíôáé áð åõèåßáò ++ óõíäÝóåéò óôïõò áñ÷éêïýò åîõðçñåôçôÝò, êáé ++
  • ¼ëïé ïé äéáèÝóéìïé ãïíéêïß ìåóïëáâçôÝò, äåí åßíáé äéáèÝóéìïé. ++
++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. +Index: squid/errors/Greek/ERR_CONNECT_FAIL +diff -c /dev/null squid/errors/Greek/ERR_CONNECT_FAIL:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_CONNECT_FAIL Thu Sep 1 16:37:29 2005 +*************** +*** 0 **** +--- 1,27 ---- ++ ++ ++ ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç ++ ++ ++

ÓÖÁËÌÁ

++

ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç

++
++

++ ÊáôÜ ôçí ðñïóðÜèåéá ðñüóâáóçò óôç äéåýèõíóç: ++ %U ++

++ ÐñïÝêõøå ôï áêüëïõèï óöÜëìá: ++

    ++
  • ++ ++ Áðïôõ÷ßá óýíäåóçò ++ ++
++ ++

++ Ôï óýóôçìá åíçìÝñùóå üôé: ++ 

    %E
++ ++

++ Ï áðïìáêñõóìÝíïò õðïëïãéóôÞò (Þ äßêôõï) ìÜëëïí äåí ëåéôïõñãåß. ÄïêéìÜóôå áñãüôåñá. ++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. +Index: squid/errors/Greek/ERR_DNS_FAIL +diff -c /dev/null squid/errors/Greek/ERR_DNS_FAIL:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_DNS_FAIL Thu Sep 1 16:37:29 2005 +*************** +*** 0 **** +--- 1,30 ---- ++ ++ ++ ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç ++ ++ ++

Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç

++
++

++ ÊáôÜ ôçí ðñïóðÜèåéá ðñüóâáóçò óôç äéåýèõíóç: ++ %U ++

++ ÐñïÝêõøå ôï áêüëïõèï óöÜëìá: ++

++ Äåí Þôáí äõíáôüí íá åîáêñéâùèåß ç äéåýèõíóç IP ãéá ôï üíïìá ++ %H ++
++ ++

++ Ï åîõðçñåôçôÞò ïíïìÜôùí åíçìÝñùóå üôé: ++

++ %z ++
++ ++

++ Áõôü óçìáßíåé üôé: ++ 

++  Ï ìåóïëáâçôÞò äåí ìðüñåóå íá åîáêñéâþóåé ôçí äéåýèõíóç ðïõ ðëçêôñïëïãÞóáôå. 
++  ÅëÝãîôå áí ç äéåýèõíóç åßíáé óùóôÞ. 
++
++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. +Index: squid/errors/Greek/ERR_FORWARDING_DENIED +diff -c /dev/null squid/errors/Greek/ERR_FORWARDING_DENIED:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_FORWARDING_DENIED Thu Sep 1 16:37:29 2005 +*************** +*** 0 **** +--- 1,25 ---- ++ ++ ++ ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç ++ ++ ++

ÓÖÁËÌÁ

++

Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç

++
++

++ ÊáôÜ ôçí ðñïóðÜèåéá ðñüóâáóçò óôç äéåýèõíóç: ++ %U ++

++ ÐñïÝêõøå ôï áêüëïõèï óöÜëìá: ++

    ++
  • ++ ++ Áðáãïñåýåôáé ç ðñïþèçóç. ++ ++
++ ++

++ Ï ìåóïëáâçôÞò äåí èá ðñïùèÞóåé ôï áßôçìá óáò ãéáôß ðñïóðáèåß íá ++ åðéâÜëåé ìéá óõããåíéêÞ ó÷Ýóç. ºóùò ï ðåëÜôçò óôï %i åßíáé Ýíáò ìåóïëáâçôÞò ++ ï ïðïßïò äåí åßíáé óùóôÜ ñõèìéóìÝíïò. ++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. +Index: squid/errors/Greek/ERR_FTP_DISABLED +diff -c /dev/null squid/errors/Greek/ERR_FTP_DISABLED:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_FTP_DISABLED Thu Sep 1 16:37:30 2005 +*************** +*** 0 **** +--- 1,23 ---- ++ ++ ++ ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç ++ ++ ++

ÓÖÁËÌÁ

++

Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç

++
++

++ ÊáôÜ ôçí ðñïóðÜèåéá ðñüóâáóçò óôç äéåýèõíóç: ++ %U ++

++ ÐñïÝêõøå ôï áêüëïõèï óöÜëìá: ++

    ++
  • ++ ++ Ôï ðñùôüêïëëï FTP åßíáé áðåíåñãïðïéçìÝíï ++ ++
++ ++

++ Áõôüò ï ìåóïëáâçôÞò äåí õðïóôçñßæåé FTP. ++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. +Index: squid/errors/Greek/ERR_FTP_FAILURE +diff -c /dev/null squid/errors/Greek/ERR_FTP_FAILURE:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_FTP_FAILURE Thu Sep 1 16:37:30 2005 +*************** +*** 0 **** +--- 1,19 ---- ++ ++ ++ ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç ++ ++ ++

ÓÖÁËÌÁ

++

Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç

++
++

++ ÊáôÜ ôçí ðñïóðÜèåéá ðñüóâáóçò óôç äéåýèõíóç ++ ÐñïÝêõøå óöÜëìá óôï ðñùôüêïëëï FTP: ++ %U ++

++ Ôï Squid Ýóôåéëå ôç áêüëïõèç åíôïëÞ FTP: ++ 

%f
++ êáé Ýëáâå ôçí áêüëïõèç áðÜíôçóç ++ 
%F
++ 
%g
++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. +Index: squid/errors/Greek/ERR_FTP_FORBIDDEN +diff -c /dev/null squid/errors/Greek/ERR_FTP_FORBIDDEN:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_FTP_FORBIDDEN Thu Sep 1 16:37:30 2005 +*************** +*** 0 **** +--- 1,19 ---- ++ ++ ++ ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç ++ ++ ++

ÓÖÁËÌÁ

++

Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç

++
++

++ ÊáôÜ ôçí ðñïóðÜèåéá ðñüóâáóçò óôç äéåýèõíóç ++ ÐñïÝêõøå óöÜëìá åîáêñßâùóçò FTP: ++ %U ++

++ Ôï Squid Ýóôåéëå ôç áêüëïõèç åíôïëÞ FTP: ++ 

%f
++ êáé Ýëáâå ôçí áêüëïõèç áðÜíôçóç ++ 
%F
++ 
%g
++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. +Index: squid/errors/Greek/ERR_FTP_NOT_FOUND +diff -c /dev/null squid/errors/Greek/ERR_FTP_NOT_FOUND:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_FTP_NOT_FOUND Thu Sep 1 16:37:30 2005 +*************** +*** 0 **** +--- 1,22 ---- ++ ++ ++ ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç ++ ++ ++

ÓÖÁËÌÁ

++

Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç

++
++

++ Ç áêüëïõèç äéåýèõíóç äåí âñÝèçêå: ++ %U ++

++ Ôï Squid Ýóôåéëå ôç áêüëïõèç åíôïëÞ FTP: ++ 

%f
++ êáé Ýëáâå ôçí áêüëïõèç áðÜíôçóç ++ 
%F
++ 
%g
++

++ Áõôü ìðïñåß íá óõìâáßíåé áðü ìéá äéåýèõíóç FTP ìå áðüëõôÞ äéáäñïìÞ (ôï ïðïßï ++ äåí åßíáé óýìöùíï ìå ôï RFC 1738). Áí áõôÞ åßíáé ç áéôßá, ôï áñ÷åßï èá ôï ++ âñåßôå óôï %B. ++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. +Index: squid/errors/Greek/ERR_FTP_PUT_CREATED +diff -c /dev/null squid/errors/Greek/ERR_FTP_PUT_CREATED:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_FTP_PUT_CREATED Thu Sep 1 16:37:30 2005 +*************** +*** 0 **** +--- 1,8 ---- ++ ++ ++ Ç åíôïëÞ FTP PUT Þôáí åðéôõ÷Þò: Ôï áñ÷åßï äçìéïõñãÞèçêå ++ ++ ++

Ç ëåéôïõñãßá ïëïêëçñþèçêå ìå åðéôõ÷ßá

++

Ôï áñ÷åßï äçìéïõñãÞèçêå

++
+Index: squid/errors/Greek/ERR_FTP_PUT_ERROR +diff -c /dev/null squid/errors/Greek/ERR_FTP_PUT_ERROR:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_FTP_PUT_ERROR Thu Sep 1 16:37:30 2005 +*************** +*** 0 **** +--- 1,26 ---- ++ ++ ++ ÓÖÁËÌÁ: Ç ìåôáöüñôùóç FTP áðÝôõ÷å ++ ++ ++

ÓÖÁËÌÁ

++

Ç åíôïëÞ FTP PUT/upload áðÝôõ÷å

++
++

++ Êáôá ôç äéÜñêåéá ìåôáöüñôùóçò óôç äéåýèõíóç: ++ %U ++

++ Ôï Squid Ýóôåéëå ôç áêüëïõèç åíôïëÞ FTP: ++ 


++         %f
++
++ êáé Ýëáâå ôçí áêüëïõèç áðÜíôçóç ++ 

++         %F
++
++

++ Áõôü óçìáßíåé üôé: ++ 

++ ÅëÝãîôå ôç äéáäñïìÞ, ôá äéêáéþìáôá, ôïí åëåýèåñï ÷þñï êáé îáíáäïêéìÜóôå.
++
++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. +Index: squid/errors/Greek/ERR_FTP_PUT_MODIFIED +diff -c /dev/null squid/errors/Greek/ERR_FTP_PUT_MODIFIED:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_FTP_PUT_MODIFIED Thu Sep 1 16:37:30 2005 +*************** +*** 0 **** +--- 1,8 ---- ++ ++ ++ Ç åíôïëÞ FTP PUT Þôáí åðéôõ÷Þò Ôï áñ÷åßï áíáíåþèçêå ++ ++ ++

Ç ëåéôïõñãßá ïëïêëçñþèçêå ìå åðéôõ÷ßá

++

Ôï áñ÷åßï áíáíåþèçêå

++
+Index: squid/errors/Greek/ERR_FTP_UNAVAILABLE +diff -c /dev/null squid/errors/Greek/ERR_FTP_UNAVAILABLE:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_FTP_UNAVAILABLE Thu Sep 1 16:37:30 2005 +*************** +*** 0 **** +--- 1,18 ---- ++ ++ ++ ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç ++ ++ ++

ÓÖÁËÌÁ

++

Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç

++
++

++ Ï åîõðçñåôçôÞò FTP Þôáí ðïëý áðáó÷ïëçìÝíïò êáôÜ ôçí áíÜêôçóç ôïõ: ++ %U ++

++ Ôï Squid Ýóôåéëå ôç áêüëïõèç åíôïëÞ FTP: ++ 

%f
++ êáé Ýëáâå ôçí áêüëïõèç áðÜíôçóç ++ 
%F
++ 
%g
++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. +Index: squid/errors/Greek/ERR_INVALID_REQ +diff -c /dev/null squid/errors/Greek/ERR_INVALID_REQ:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_INVALID_REQ Thu Sep 1 16:37:30 2005 +*************** +*** 0 **** +--- 1,33 ---- ++ ++ ++ ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç ++ ++ ++

ÓÖÁËÌÁ

++

Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç

++
++

++ ÊáôÜ ôç ðñïóðÜèåéá åðåîåñãáóßáò ôçò áßôçóçò: ++ 

++ %R
++
++

++ ÐñïÝêõøå ôï áêüëïõèï óöÜëìá: ++

    ++
  • ++ ++ ¶êõñç Áßôçóç ++ ++
++ ++

++ ÊÜðïéï óçìåßï ôçò áßôçóçò HTTP åßíáé Üêõñï. ÐéèáíÜ ðñïâëÞìáôá: ++

    ++
  • ÅëëéðÞò Þ Üãíùóôç ìÝèïäïò áßôçóçò ++
  • ÅëëéðÞò Äéåýèõíóç (URL) ++
  • ÅëëéðÝò áíáãíùñéóôéêü HTTP (HTTP/1.0) ++
  • Ç áßôçóç åßíáé õðåñìåãÝèçò ++
  • ¸ëåéðåò Ðåñéå÷üìåíï- ÌÞêïò ãéá ôéò áéôÞóåéò POST Þ PUT ++
  • ¶êõñïé ÷áñáêôÞñåò óôï üíïìá õðïëïãéóôÞ, ïé õðïãåãñáììÝíåò äåí åðéôñÝðïíôáé ++
++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. +Index: squid/errors/Greek/ERR_INVALID_RESP +diff -c /dev/null squid/errors/Greek/ERR_INVALID_RESP:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_INVALID_RESP Thu Sep 1 16:37:30 2005 +*************** +*** 0 **** +--- 1,29 ---- ++ ++ ++ ERROR: The requested URL could not be retrieved ++ ++ ++

ERROR

++

The requested URL could not be retrieved

++
++

++ While trying to process the request: ++ 

++ %R
++
++

++ The following error was encountered: ++

    ++
  • ++ ++ Invalid Response ++ ++
++ ++

++ The HTTP Response message received from the contacted server ++ could not be understood or was otherwise malformed. Please contact ++ the site operator. Your cache administrator may be able to provide ++ you with more details about the exact nature of the problem if needed. ++ ++

Your cache administrator is %w. +Index: squid/errors/Greek/ERR_INVALID_URL +diff -c /dev/null squid/errors/Greek/ERR_INVALID_URL:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_INVALID_URL Thu Sep 1 16:37:30 2005 +*************** +*** 0 **** +--- 1,30 ---- ++ ++ ++ ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç ++ ++ ++

ÓÖÁËÌÁ

++

Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç

++
++

++ ÊáôÜ ôçí ðñïóðÜèåéá ðñüóâáóçò óôç äéåýèõíóç: ++ %U ++

++ ÐñïÝêõøå ôï áêüëïõèï óöÜëìá: ++

    ++
  • ++ ++ ËáíèáóìÝíç Äéåýèõíóç ++ ++
++ ++

++ ÕðÜñ÷åé ðñüâëçìá ìå ôçí áéôïýìåíç äéåýèõíóç. ÐéèáíÝò áéôßåò: ++ Some aspect of the requested URL is incorrect. Possible problems: ++

    ++
  • ÅëëéðÝò Þ ëáíèáóìÝíï ðñùôüêïëëï ðñüóâáóçò (èá ðñÝðåé íá åßíáé `http://'' Þ ðáñüìïéï) ++
  • ÅëëéðÝò üíïìá õðïëïãéóôÞ ++
  • ËáíèáóìÝíïé ÷áñáêôÞñåò äéáöõãÞò óôç äéåýèõíóç ++
  • ËáíèáóìÝíïé ÷áñáêôÞñåò óôï üíïìá õðïëïãéóôÞ ' ïé õðïãñáììßóåéò äåí åðéôñÝðïíôáé ++
++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. +Index: squid/errors/Greek/ERR_LIFETIME_EXP +diff -c /dev/null squid/errors/Greek/ERR_LIFETIME_EXP:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_LIFETIME_EXP Thu Sep 1 16:37:30 2005 +*************** +*** 0 **** +--- 1,24 ---- ++ ++ ++ ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç ++ ++ ++

ÓÖÁËÌÁ

++

Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç

++
++

++ ÊáôÜ ôçí ðñïóðÜèåéá ðñüóâáóçò óôç äéåýèõíóç: ++ %U ++

++ ÐñïÝêõøå ôï áêüëïõèï óöÜëìá: ++

    ++
  • ++ ++ ¸ëçîå ï ×ñüíïò ÓýíäåóÞò ++ ++
++ ++

++ Ôï Squid ôåñìÜôéóå ôçí áßôçóç åðåéäÞ îåðÝñáóå ôïí ìÝãéóôï ÷ñüíï ++ óýíäåóçò. ++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. +Index: squid/errors/Greek/ERR_NO_RELAY +diff -c /dev/null squid/errors/Greek/ERR_NO_RELAY:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_NO_RELAY Thu Sep 1 16:37:30 2005 +*************** +*** 0 **** +--- 1,23 ---- ++ ++ ++ ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç ++ ++ ++

ÓÖÁËÌÁ

++

Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç

++
++

++ Óôç ðñïóðÜèåéá ðñüóâáóçò óôç äéåýèõíóç: ++ %U ++

++ ÐñïÝêõøå ôï áêüëïõèï óöÜëìá: ++

    ++
  • ++ ++ Äåí õðÜñ÷åé Wais Relay ++ ++
++ ++

++ Äåí Ý÷åé êáèïñéóôåß õðïëïãéóôÞò WAIS Relay ãéá áõôü ôï ìåóïëáâçôÞ! Ðáñáðïíåèåßôå óôïí Äéá÷åéñéóôÞ. ++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. +Index: squid/errors/Greek/ERR_ONLY_IF_CACHED_MISS +diff -c /dev/null squid/errors/Greek/ERR_ONLY_IF_CACHED_MISS:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_ONLY_IF_CACHED_MISS Thu Sep 1 16:37:30 2005 +*************** +*** 0 **** +--- 1,28 ---- ++ ++ ++ ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç ++ ++ ++

ÓÖÁËÌÁ

++

Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç

++
++

++ Óôç ðñïóðÜèåéá ðñüóâáóçò óôç äéåýèõíóç: ++ %U ++

++ ÐñïÝêõøå ôï áêüëïõèï óöÜëìá: ++

    ++
  • ++ ++ Äåí âñÝèçêå Ýãêõñï áíôßãñáöï óôçí ìíÞìç êáé Ý÷åé êáèïñéóôåß ç åðéëïãÞ ++ only-if-cached. ++ ++
++ ++

++ ++ ÆçôÞóáôå ìéá óåëßäá ìå åíåñãïðïéçìÝíç ôçí åðéëïãÞ only-if-cached. ++ Äåí âñÝèçêå áíôßãñáöï óôç ìíÞìç, Þ Þôáí áðáñáßôçôç ç åðáíáöüñôùóÞ ++ ôïõ ðïõ áðáãïñåýåôáé áðü ôçí åðéëïãÞ only-if-cached. ++ ++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. +Index: squid/errors/Greek/ERR_READ_ERROR +diff -c /dev/null squid/errors/Greek/ERR_READ_ERROR:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_READ_ERROR Thu Sep 1 16:37:30 2005 +*************** +*** 0 **** +--- 1,28 ---- ++ ++ ++ ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç ++ ++ ++

ÓÖÁËÌÁ

++

Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç

++
++

++ Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç: ++ %U ++

++ ÐñïÝêõøå ôï áêüëïõèï óöÜëìá: ++

    ++
  • ++ ++ ÓöÜëìá ÁíÜãíùóçò ++ ++
++ ++

++ Ôï óýóôçìá åðÝóôñåøå: ++ 

    %E
++ ++

++ ÐñïÝêõøå óöÜëìá êáôÜ ôçí áíÜãíùóç äåäïìÝíùí áðü ôï äßêôõï. Ðáñáêáëþ ++ îáíáäïêéìÜóôå ôï áßôçìá óáò. ++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. +Index: squid/errors/Greek/ERR_READ_TIMEOUT +diff -c /dev/null squid/errors/Greek/ERR_READ_TIMEOUT:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_READ_TIMEOUT Thu Sep 1 16:37:30 2005 +*************** +*** 0 **** +--- 1,28 ---- ++ ++ ++ ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç ++ ++ ++

ÓÖÁËÌÁ

++

Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç

++
++

++ Óôç ðñïóðÜèåéá ðñüóâáóçò óôç äéåýèõíóç: ++ %U ++

++ Óôç ðñïóðÜèåéá ðñüóâáóçò óôç äéåýèõíóç: ++

    ++
  • ++ ++ ÔÝëïò ×ñüíïõ ÁíÜãíùóçò ++ ++
++ ++

++ Ôï óýóôçìá åðÝóôñåøå: ++ 

    %E
++ ++

++ ÐñïÝêõøå ÷ñïíéêü üñéï êáôÜ ôçí áíÜãíùóç äåäïìÝíùí áðü ôï äßêôõï. Ôï äßêôõï ++ Þ ï åîõðçñåôçôÞò äåí ëåéôïõñãåß Þ õðïëåéôïõñãåß. Ðáñáêáëþ îáíáäïêéìÜóôå. ++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. +Index: squid/errors/Greek/ERR_SHUTTING_DOWN +diff -c /dev/null squid/errors/Greek/ERR_SHUTTING_DOWN:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_SHUTTING_DOWN Thu Sep 1 16:37:30 2005 +*************** +*** 0 **** +--- 1,17 ---- ++ ++ ++ ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç ++ ++ ++

ÓÖÁËÌÁ

++

Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç

++
++

++ Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç: ++ %U ++

++ ÐñïÝêõøå ôï áêüëïõèï óöÜëìá: ++

++ Ôï óýóôçìá åßíáé óå äéáäéêáóßá ôåñìáôéóìïý êáé äåí ìðïñåß íá åîõðçñåôÞóåé ++ ôï áßôçìá óáò áõôÞ ôç óôéãìÞ. Ðáñáêáëþ äïêéìÜóôå îáíÜ óå ëßãï. ++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. +Index: squid/errors/Greek/ERR_SOCKET_FAILURE +diff -c /dev/null squid/errors/Greek/ERR_SOCKET_FAILURE:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_SOCKET_FAILURE Thu Sep 1 16:37:30 2005 +*************** +*** 0 **** +--- 1,28 ---- ++ ++ ++ ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç ++ ++ ++

ÓÖÁËÌÁ

++

Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç

++
++

++ Óôç ðñïóðÜèåéá ðñüóâáóçò óôç äéåýèõíóç: ++ %U ++

++ ÐñïÝêõøå ôï áêüëïõèï óöÜëìá: ++

    ++
  • ++ ++ ÓöÜëìá Óýíäåóçò ++ ++
++ ++

++ Ôï óýóôçìá åðÝóôñåøå: ++ 

    %E
++ ++

++ Ôï Squid äåí ìðïñåß íá äçìéïõñãÞóåé óýíäåóç TCP, õðïèåôéêÜ ëüãù öüñôïõ. ++ Ðáñáêáëþ îáíáäïêéìÜóôå. ++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. +Index: squid/errors/Greek/ERR_TOO_BIG +diff -c /dev/null squid/errors/Greek/ERR_TOO_BIG:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_TOO_BIG Thu Sep 1 16:37:30 2005 +*************** +*** 0 **** +--- 1,27 ---- ++ ++ ++ ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç ++ ++ ++

ÓÖÁËÌÁ

++

ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç

++
++

++ Óôç ðñïóðÜèåéá ðñüóâáóçò óôç äéåýèõíóç: ++ %U ++

++ ÐñïÝêõøå ôï áêüëïõèï óöÜëìá: ++

    ++
  • ++ ++ Ôï áßôçìá Þ ç áðÜíôçóç åßíáé õðåñìåãÝèç ++ ++

    ++ Áí êÜíåôå ìéá áßôçóç POST Þ PUT, ôüôå ôï óþìá (áõôü ðïõ ðñïóðáèåßôå ++ íá áíåâÜóåôå) åßíáé ðïëý ìåãÜëï. Áí êÜíåôå ìéá áßôçóç GET, ôüôå ++ ôï óþìá (áõôü ðïõ ðñïóðáèåßôå íá êáôåâÜóåôå) åßíáé ðïëý ìåãÜëï. ++ Ôá üñéá áõôÜ êáèïñßæïíôáé áðü ôïí Ðáñï÷Ýá Õðçñåóéþí Äéáäéêôýïõ ðïõ ++ ëåéôïõñãåß áõôÞ ôçí õðçñåóßá. Ðáñáêáëþ åðéêïéíùíÞóôå ìáæß ôïõò áí ++ íïìßæåôå ïôé áõôü åßíáé ëÜèïò. ++

++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. +Index: squid/errors/Greek/ERR_UNSUP_REQ +diff -c /dev/null squid/errors/Greek/ERR_UNSUP_REQ:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_UNSUP_REQ Thu Sep 1 16:37:30 2005 +*************** +*** 0 **** +--- 1,24 ---- ++ ++ ++ ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç ++ ++ ++

ÓÖÁËÌÁ

++

Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç

++
++

++ Óôç ðñïóðÜèåéá ðñüóâáóçò óôç äéåýèõíóç: ++ %U ++

++ ÐñïÝêõøå ôï áêüëïõèï óöÜëìá: ++

    ++
  • ++ ++ Ìç õðïóôçñéæüìåíç ìÝèïäïò áßôçóçò êáé ðñùôüêïëëï ++ ++
++ ++

++ Ôï Squid äåí õðïóôçñßæåé üëåò ôéò ìåèüäïõò áéôÞóåùí ãéá üëá ôá ðñùôüêïëëá ++ ðñüóâáóçò. Ãéá ðáñÜäåéãìá, ôï POST ãéá Gopher äåí õðïóôçñßæåôáé. ++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. +Index: squid/errors/Greek/ERR_URN_RESOLVE +diff -c /dev/null squid/errors/Greek/ERR_URN_RESOLVE:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_URN_RESOLVE Thu Sep 1 16:37:30 2005 +*************** +*** 0 **** +--- 1,23 ---- ++ ++ ++ ÓÖÁËÌÁ: Äåí âñÝèçêå äéåýèõíóç ãéá ôï æçôïýìåíï üíïìá ++ ++ ++

ÓÖÁËÌÁ

++

Äåí âñÝèçêå äéåýèõíóç ãéá ôï æçôïýìåíï üíïìá

++
++

++ ÊáôÜ ôç äéÜñêåéá åýñåóçò ôïõ ïíüìáôïò (URN): ++ %U ++

++ ÐñïÝêõøå ôï áêüëïõèï óöÜëìá: ++

    ++
  • ++ ++ Áäýíáôç ç åýñåóç ôïõ ïíüìáôïò ++ ++
++ ++

++ Ìåôáîý ìáò, ìçí ðåñéìÝíåôå êáé ðïëëÜ áðü URNs óôï %T :) ++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. +Index: squid/errors/Greek/ERR_WRITE_ERROR +diff -c /dev/null squid/errors/Greek/ERR_WRITE_ERROR:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_WRITE_ERROR Thu Sep 1 16:37:30 2005 +*************** +*** 0 **** +--- 1,28 ---- ++ ++ ++ ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç ++ ++ ++

ÓÖÁËÌÁ

++

Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç

++
++

++ Óôç ðñïóðÜèåéá ðñüóâáóçò óôç äéåýèõíóç: ++ %U ++

++ ÐñïÝêõøå ôï áêüëïõèï óöÜëìá: ++

    ++
  • ++ ++ ÓöÜëìá ÅããñáöÞò ++ ++
++ ++

++ Ôï óýóôçìá åðÝóôñåøå: ++ 

    %E
++ ++

++ ÐñïÝêõøå óöÜëìá êáôÜ ôçí åããñáöÞ óôï äßêôõï. Ðáñáêáëþ äïêéìÜóôå îáíÜ ++ ôï áßôçìá óáò. ++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. +Index: squid/errors/Greek/ERR_ZERO_SIZE_OBJECT +diff -c /dev/null squid/errors/Greek/ERR_ZERO_SIZE_OBJECT:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/ERR_ZERO_SIZE_OBJECT Thu Sep 1 16:37:30 2005 +*************** +*** 0 **** +--- 1,23 ---- ++ ++ ++ ÓÖÁËÌÁ: Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç ++ ++ ++

ÓÖÁËÌÁ

++

Áäýíáôç ç ðñüóâáóç óôçí áéôïýìåíç äéåýèõíóç

++
++

++ Óôç ðñïóðÜèåéá ðñüóâáóçò óôç äéåýèõíóç: ++ %U ++

++ ÐñïÝêõøå ôï áêüëïõèï óöÜëìá: ++

    ++
  • ++ ++ ÁðÜíôçóç Ìçäåíéêïý ÌåãÝèïõò ++ ++
++ ++

++ Ôï Squid äåí Ýëáâå äåäïìÝíá ãéá áõôü ôï áßôçìá. ++

Ï äéá÷åéñéóôÞò ôïõ ìåóïëáâçôÞ óáò åßíáé ï %w. +Index: squid/errors/Greek/README +diff -c /dev/null squid/errors/Greek/README:1.1.2.1 +*** /dev/null Thu Sep 1 16:39:57 2005 +--- squid/errors/Greek/README Thu Sep 1 16:37:30 2005 +*************** +*** 0 **** +--- 1,2 ---- ++ Thank you to George Papamichelakis ++ for creating these error pages in Greek! diff --git a/squid-2.5.STABLE10-STORE_PENDING.patch b/squid-2.5.STABLE10-STORE_PENDING.patch new file mode 100644 index 0000000..3a8fa95 --- /dev/null +++ b/squid-2.5.STABLE10-STORE_PENDING.patch @@ -0,0 +1,294 @@ +Index: squid/src/cache_manager.c +diff -c squid/src/cache_manager.c:1.26.2.1 squid/src/cache_manager.c:1.26.2.2 +*** squid/src/cache_manager.c:1.26.2.1 Thu Sep 1 16:14:45 2005 +--- squid/src/cache_manager.c Thu Sep 1 16:42:03 2005 +*************** +*** 251,258 **** + /* retrieve object requested */ + a = cachemgrFindAction(mgr->action); + assert(a != NULL); +! if (a->flags.atomic) +! storeBuffer(entry); + { + http_version_t version; + HttpReply *rep = entry->mem_obj->reply; +--- 251,257 ---- + /* retrieve object requested */ + a = cachemgrFindAction(mgr->action); + assert(a != NULL); +! storeBuffer(entry); + { + http_version_t version; + HttpReply *rep = entry->mem_obj->reply; +*************** +*** 270,279 **** + httpReplySwapOut(rep, entry); + } + a->handler(entry); +! if (a->flags.atomic) { +! storeBufferFlush(entry); + storeComplete(entry); +- } + cachemgrStateFree(mgr); + } + +--- 269,277 ---- + httpReplySwapOut(rep, entry); + } + a->handler(entry); +! storeBufferFlush(entry); +! if (a->flags.atomic) + storeComplete(entry); + cachemgrStateFree(mgr); + } + +Index: squid/src/ftp.c +diff -c squid/src/ftp.c:1.316.2.30 squid/src/ftp.c:1.316.2.31 +*** squid/src/ftp.c:1.316.2.30 Thu Sep 1 16:28:29 2005 +--- squid/src/ftp.c Thu Sep 1 16:42:03 2005 +*************** +*** 369,375 **** + char *dirup; + int i, j, k; + const char *title = strBuf(ftpState->title_url); +- storeBuffer(e); + storeAppendPrintf(e, "\n"); + storeAppendPrintf(e, "\n", + version_string); +--- 369,374 ---- +*************** +*** 429,435 **** + storeAppendPrintf(e, "

\n");
+      dirup = ftpHtmlifyListEntry("", ftpState);
+      storeAppend(e, dirup, strlen(dirup));
+-     storeBufferFlush(e);
+      ftpState->flags.html_header_sent = 1;
+  }
+  
+--- 428,433 ----
+***************
+*** 437,443 ****
+  ftpListingFinish(FtpStateData * ftpState)
+  {
+      StoreEntry *e = ftpState->entry;
+-     storeBuffer(e);
+      storeAppendPrintf(e, "
\n"); + if (ftpState->flags.listformat_unknown && !ftpState->flags.tried_nlst) { + storeAppendPrintf(e, "[As plain directory]\n", +--- 435,440 ---- +*************** +*** 453,459 **** + getMyHostname(), + full_appname_string); + storeAppendPrintf(e, "\n"); +- storeBufferFlush(e); + } + + static const char *Month[] = +--- 450,455 ---- +*************** +*** 869,875 **** + debug(9, 3) ("ftpParseListing: %d bytes to play with\n", (int) len); + line = memAllocate(MEM_4K_BUF); + end++; +! storeBuffer(e); + s = sbuf; + s += strspn(s, crlf); + for (; s < end; s += strcspn(s, crlf), s += strspn(s, crlf)) { +--- 865,871 ---- + debug(9, 3) ("ftpParseListing: %d bytes to play with\n", (int) len); + line = memAllocate(MEM_4K_BUF); + end++; +! storeBuffer(e); /* released when done processing current data payload */ + s = sbuf; + s += strspn(s, crlf); + for (; s < end; s += strcspn(s, crlf), s += strspn(s, crlf)) { +*************** +*** 887,893 **** + assert(t != NULL); + storeAppend(e, t, strlen(t)); + } +- storeBufferFlush(e); + assert(usable <= len); + if (usable < len) { + /* must copy partial line to beginning of buf */ +--- 883,888 ---- +*************** +*** 992,997 **** +--- 987,993 ---- + storeAppend(entry, ftpState->data.buf, len); + ftpState->data.offset = 0; + } ++ storeBufferFlush(entry); + commSetSelect(fd, + COMM_SELECT_READ, + ftpDataRead, +*************** +*** 2544,2550 **** + else + err->ftp.reply = xstrdup(""); + errorAppendEntry(ftpState->entry, err); +- storeBufferFlush(ftpState->entry); + ftpSendQuit(ftpState); + } + +--- 2540,2545 ---- +*************** +*** 2565,2570 **** +--- 2560,2566 ---- + ftpState->flags.http_header_sent = 1; + assert(e->mem_obj->inmem_hi == 0); + EBIT_CLR(e->flags, ENTRY_FWD_HDR_WAIT); ++ storeBuffer(e); /* released when done processing current data payload */ + filename = (t = strRChr(urlpath, '/')) ? t + 1 : strBuf(urlpath); + if (ftpState->flags.isdir) { + mime_type = "text/html"; +*************** +*** 2583,2589 **** + break; + } + } +- storeBuffer(e); + httpReplyReset(reply); + /* set standard stuff */ + if (ftpState->restarted_offset) { +--- 2579,2584 ---- +*************** +*** 2605,2611 **** + if (mime_enc) + httpHeaderPutStr(&reply->header, HDR_CONTENT_ENCODING, mime_enc); + httpReplySwapOut(reply, e); +- storeBufferFlush(e); + reply->hdr_sz = e->mem_obj->inmem_hi; + storeTimestampsSet(e); + if (ftpState->flags.authenticated) { +--- 2600,2605 ---- +Index: squid/src/gopher.c +diff -c squid/src/gopher.c:1.162.2.9 squid/src/gopher.c:1.162.2.10 +*** squid/src/gopher.c:1.162.2.9 Thu Sep 1 16:14:45 2005 +--- squid/src/gopher.c Thu Sep 1 16:42:03 2005 +*************** +*** 721,749 **** + * OK. We successfully reach remote site. Start MIME typing + * stuff. Do it anyway even though request is not HTML type. + */ + gopherMimeCreate(gopherState); + switch (gopherState->type_id) { + case GOPHER_DIRECTORY: + /* we got to convert it first */ +- storeBuffer(entry); + gopherState->conversion = HTML_DIR; + gopherState->HTML_header_added = 0; + break; + case GOPHER_INDEX: + /* we got to convert it first */ +- storeBuffer(entry); + gopherState->conversion = HTML_INDEX_RESULT; + gopherState->HTML_header_added = 0; + break; + case GOPHER_CSO: + /* we got to convert it first */ +- storeBuffer(entry); + gopherState->conversion = HTML_CSO_RESULT; + gopherState->cso_recno = 0; + gopherState->HTML_header_added = 0; + break; + default: + gopherState->conversion = NORMAL; + } + /* Schedule read reply. */ + commSetSelect(fd, COMM_SELECT_READ, gopherReadReply, gopherState, 0); +--- 721,748 ---- + * OK. We successfully reach remote site. Start MIME typing + * stuff. Do it anyway even though request is not HTML type. + */ ++ storeBuffer(entry); + gopherMimeCreate(gopherState); + switch (gopherState->type_id) { + case GOPHER_DIRECTORY: + /* we got to convert it first */ + gopherState->conversion = HTML_DIR; + gopherState->HTML_header_added = 0; + break; + case GOPHER_INDEX: + /* we got to convert it first */ + gopherState->conversion = HTML_INDEX_RESULT; + gopherState->HTML_header_added = 0; + break; + case GOPHER_CSO: + /* we got to convert it first */ + gopherState->conversion = HTML_CSO_RESULT; + gopherState->cso_recno = 0; + gopherState->HTML_header_added = 0; + break; + default: + gopherState->conversion = NORMAL; ++ storeBufferFlush(entry); + } + /* Schedule read reply. */ + commSetSelect(fd, COMM_SELECT_READ, gopherReadReply, gopherState, 0); +Index: squid/src/store.c +diff -c squid/src/store.c:1.544.2.8 squid/src/store.c:1.544.2.9 +*** squid/src/store.c:1.544.2.8 Fri Mar 25 19:50:53 2005 +--- squid/src/store.c Thu Sep 1 16:42:03 2005 +*************** +*** 1232,1240 **** + void + storeBufferFlush(StoreEntry * e) + { +! EBIT_CLR(e->flags, DELAY_SENDING); +! InvokeHandlers(e); +! storeSwapOut(e); + } + + squid_off_t +--- 1232,1242 ---- + void + storeBufferFlush(StoreEntry * e) + { +! if (EBIT_TEST(e->flags, DELAY_SENDING)) { +! EBIT_CLR(e->flags, DELAY_SENDING); +! InvokeHandlers(e); +! storeSwapOut(e); +! } + } + + squid_off_t +Index: squid/src/whois.c +diff -c squid/src/whois.c:1.16.2.1 squid/src/whois.c:1.16.2.2 +*** squid/src/whois.c:1.16.2.1 Thu Sep 1 16:14:45 2005 +--- squid/src/whois.c Thu Sep 1 16:42:03 2005 +*************** +*** 97,108 **** + debug(75, 3) ("whoisReadReply: FD %d read %d bytes\n", fd, len); + debug(75, 5) ("{%s}\n", buf); + if (len > 0) { +! if (0 == mem->inmem_hi) +! mem->reply->sline.status = HTTP_OK; + fd_bytes(fd, len, FD_READ); + kb_incr(&statCounter.server.all.kbytes_in, len); + kb_incr(&statCounter.server.http.kbytes_in, len); + storeAppend(entry, buf, len); + commSetSelect(fd, COMM_SELECT_READ, whoisReadReply, p, Config.Timeout.read); + } else if (len < 0) { + debug(50, 2) ("whoisReadReply: FD %d: read failure: %s.\n", +--- 97,115 ---- + debug(75, 3) ("whoisReadReply: FD %d read %d bytes\n", fd, len); + debug(75, 5) ("{%s}\n", buf); + if (len > 0) { +! if (0 == mem->inmem_hi) { +! http_reply *reply = mem->reply; +! http_version_t version; +! storeBuffer(entry); +! httpBuildVersion(&version, 1, 0); +! httpReplySetHeaders(reply, version, HTTP_OK, "Gatewaying", "text/plain", -1, -1, -2); +! httpReplySwapOut(reply, entry); +! } + fd_bytes(fd, len, FD_READ); + kb_incr(&statCounter.server.all.kbytes_in, len); + kb_incr(&statCounter.server.http.kbytes_in, len); + storeAppend(entry, buf, len); ++ storeBufferFlush(entry); + commSetSelect(fd, COMM_SELECT_READ, whoisReadReply, p, Config.Timeout.read); + } else if (len < 0) { + debug(50, 2) ("whoisReadReply: FD %d: read failure: %s.\n", diff --git a/squid-2.5.STABLE10-Solaris_IPFilter.patch b/squid-2.5.STABLE10-Solaris_IPFilter.patch new file mode 100644 index 0000000..19c7a6e --- /dev/null +++ b/squid-2.5.STABLE10-Solaris_IPFilter.patch @@ -0,0 +1,49 @@ +Index: squid/configure.in +diff -c squid/configure.in:1.251.2.94 squid/configure.in:1.251.2.95 +*** squid/configure.in:1.251.2.94 Thu Aug 4 05:38:33 2005 +--- squid/configure.in Sat Sep 3 02:20:40 2005 +*************** +*** 822,827 **** +--- 822,843 ---- + CFLAGS="`getconf ${buildmodel}_CFLAGS` $CFLAGS" + LIBS="`getconf ${buildmodel}_LIBS` $LIBS" + LDFLAGS="`getconf ${buildmodel}_LDFLAGS` $LDFLAGS" ++ dnl ++ dnl On Solaris getconf returns for CFLAGS -Xa and -Usun options, but: ++ dnl -Xa is supported only by Sun cc, so we need to remove it when using gcc ++ dnl The 'sun' define is needed by ipfilter includes, so we must remove -Usun ++ case "$host" in ++ *-solaris*) ++ if test "$GCC" = "yes"; then ++ echo "Removing -Xa for gcc on $host" ++ CFLAGS="`echo $CFLAGS | sed -e 's/-Xa//'`" ++ fi ++ echo "Removing -Usun for gcc on $host" ++ CFLAGS="`echo $CFLAGS | sed -e 's/-Usun//'`" ++ ;; ++ *) ++ ;; ++ esac + fi + + AM_CONDITIONAL(MAKE_LEAKFINDER, false) +*************** +*** 1934,1939 **** +--- 1950,1966 ---- + echo "WARNING: Cannot find necessary IP-Filter header files" + echo " Transparent Proxy support WILL NOT be enabled" + sleep 10 ++ elif test "$IPF_TRANSPARENT" = "yes" ; then ++ dnl On Solaris Ipfilter includes expect that SOLARIS2 is defined with the ++ dnl Solaris minor version (8, 9, 10, ...) ++ case "$host" in ++ *-solaris*) ++ solrev=`uname -r | sh -c 'IFS=. read j n x; echo $n'` ++ CFLAGS="-DSOLARIS2=$solrev $CFLAGS" ++ ;; ++ *) ++ ;; ++ esac + fi + + dnl PF support requires a header file. diff --git a/squid-2.5.STABLE10-arp_ipfilter-2.patch b/squid-2.5.STABLE10-arp_ipfilter-2.patch new file mode 100644 index 0000000..0363045 --- /dev/null +++ b/squid-2.5.STABLE10-arp_ipfilter-2.patch @@ -0,0 +1,27 @@ +Index: squid/src/client_side.c +diff -c squid/src/client_side.c:1.561.2.80 squid/src/client_side.c:1.561.2.82 +*** squid/src/client_side.c:1.561.2.80 Thu Jun 30 02:38:00 2005 +--- squid/src/client_side.c Fri Aug 19 03:17:55 2005 +*************** +*** 41,46 **** +--- 41,60 ---- + #endif + #include + #include ++ /* SG - 14 Aug 2005 ++ * Workaround needed to allow the build of both ipfilter and ARP acl ++ * support on Solaris x86. ++ * ++ * Some defines, like ++ * #define free + ++ * are used in squid.h to block misuse of standard malloc routines ++ * where the Squid versions should be used. This pollutes the C/C++ ++ * token namespace crashing any structures or classes having members ++ * of the same names. ++ */ ++ #ifdef _SQUID_SOLARIS_ ++ #undef free ++ #endif + #if HAVE_IP_FIL_COMPAT_H + #include + #elif HAVE_NETINET_IP_FIL_COMPAT_H diff --git a/squid-2.5.STABLE10-buildenv.patch b/squid-2.5.STABLE10-buildenv.patch new file mode 100644 index 0000000..6410a65 --- /dev/null +++ b/squid-2.5.STABLE10-buildenv.patch @@ -0,0 +1,122 @@ +Index: squid/configure.in +diff -c squid/configure.in:1.251.2.92 squid/configure.in:1.251.2.93 +*** squid/configure.in:1.251.2.92 Mon May 16 16:38:57 2005 +--- squid/configure.in Sun Jul 10 18:39:22 2005 +*************** +*** 786,801 **** + XBS5_LP64_OFF64 64 bits (legacy) + XBS5_LPBIG_OFFBIG large pointers and files (legacy) + default The default for your OS], +! [ case "$enableval" in + yes|no) + echo "--with-build-environment expects a build environment string as used by getconf" + exit 1 + ;; +- _*) +- buildmodel="$enableval" +- ;; + *) +! buildmodel="_$enableval" + ;; + esac + ]) +--- 786,798 ---- + XBS5_LP64_OFF64 64 bits (legacy) + XBS5_LPBIG_OFFBIG large pointers and files (legacy) + default The default for your OS], +! [ case "$withval" in + yes|no) + echo "--with-build-environment expects a build environment string as used by getconf" + exit 1 + ;; + *) +! buildmodel="$withval" + ;; + esac + ]) +*************** +*** 813,820 **** + CFLAGS="-D_FILE_OFFSET_BITS=64 $CFLAGS" + fi + fi +! if test -n "$buildmodel" && test "$buildmodel" != "_default"; then + echo "Using $buildmodel build environment" + CFLAGS="`getconf ${buildmodel}_CFLAGS` $CFLAGS" + LIBS="`getconf ${buildmodel}_LIBS` $LIBS" + LDFLAGS="`getconf ${buildmodel}_LDFLAGS` $LDFLAGS" +--- 810,823 ---- + CFLAGS="-D_FILE_OFFSET_BITS=64 $CFLAGS" + fi + fi +! if test -n "$buildmodel" && test "$buildmodel" != "default"; then + echo "Using $buildmodel build environment" ++ if test "`getconf _$buildmodel 2>/dev/null || true`" = 1 || test "`getconf $buildmodel 2>/dev/null || true`" ; then ++ : # All fine ++ else ++ echo "ERROR: Build environment $buildmodel not known to getconf." ++ exit 1 ++ fi + CFLAGS="`getconf ${buildmodel}_CFLAGS` $CFLAGS" + LIBS="`getconf ${buildmodel}_LIBS` $LIBS" + LDFLAGS="`getconf ${buildmodel}_LDFLAGS` $LDFLAGS" +Index: squid/configure +diff -c squid/configure:1.248.2.94 squid/configure:1.248.2.95 +*** squid/configure:1.248.2.94 Mon May 16 16:39:29 2005 +--- squid/configure Sun Jul 10 18:40:15 2005 +*************** +*** 2637,2652 **** + # Check whether --with-build-environment or --without-build-environment was given. + if test "${with_build_environment+set}" = set; then + withval="$with_build_environment" +! case "$enableval" in + yes|no) + echo "--with-build-environment expects a build environment string as used by getconf" + exit 1 + ;; +- _*) +- buildmodel="$enableval" +- ;; + *) +! buildmodel="_$enableval" + ;; + esac + +--- 2637,2649 ---- + # Check whether --with-build-environment or --without-build-environment was given. + if test "${with_build_environment+set}" = set; then + withval="$with_build_environment" +! case "$withval" in + yes|no) + echo "--with-build-environment expects a build environment string as used by getconf" + exit 1 + ;; + *) +! buildmodel="$withval" + ;; + esac + +*************** +*** 2666,2673 **** + CFLAGS="-D_FILE_OFFSET_BITS=64 $CFLAGS" + fi + fi +! if test -n "$buildmodel" && test "$buildmodel" != "_default"; then + echo "Using $buildmodel build environment" + CFLAGS="`getconf ${buildmodel}_CFLAGS` $CFLAGS" + LIBS="`getconf ${buildmodel}_LIBS` $LIBS" + LDFLAGS="`getconf ${buildmodel}_LDFLAGS` $LDFLAGS" +--- 2663,2676 ---- + CFLAGS="-D_FILE_OFFSET_BITS=64 $CFLAGS" + fi + fi +! if test -n "$buildmodel" && test "$buildmodel" != "default"; then + echo "Using $buildmodel build environment" ++ if test "`getconf _$buildmodel 2>/dev/null || true`" = 1 || test "`getconf $buildmodel 2>/dev/null || true`" ; then ++ : # All fine ++ else ++ echo "ERROR: Build environment $buildmodel not known to getconf." ++ exit 1 ++ fi + CFLAGS="`getconf ${buildmodel}_CFLAGS` $CFLAGS" + LIBS="`getconf ${buildmodel}_LIBS` $LIBS" + LDFLAGS="`getconf ${buildmodel}_LDFLAGS` $LDFLAGS" diff --git a/squid-2.5.STABLE10-cacheClientTable.patch b/squid-2.5.STABLE10-cacheClientTable.patch new file mode 100644 index 0000000..28526b7 --- /dev/null +++ b/squid-2.5.STABLE10-cacheClientTable.patch @@ -0,0 +1,21 @@ +Index: squid/src/client_db.c +diff -c squid/src/client_db.c:1.53.2.5 squid/src/client_db.c:1.53.2.6 +*** squid/src/client_db.c:1.53.2.5 Fri Mar 25 19:50:52 2005 +--- squid/src/client_db.c Thu Sep 1 16:54:41 2005 +*************** +*** 328,334 **** + snmp_meshCtblFn(variable_list * Var, snint * ErrP) + { + variable_list *Answer = NULL; +! static char key[15]; + ClientInfo *c = NULL; + int aggr = 0; + log_type l; +--- 328,334 ---- + snmp_meshCtblFn(variable_list * Var, snint * ErrP) + { + variable_list *Answer = NULL; +! static char key[16]; + ClientInfo *c = NULL; + int aggr = 0; + log_type l; diff --git a/squid-2.5.STABLE10-cache_dir_change.patch b/squid-2.5.STABLE10-cache_dir_change.patch new file mode 100644 index 0000000..8fe8e5c --- /dev/null +++ b/squid-2.5.STABLE10-cache_dir_change.patch @@ -0,0 +1,79 @@ +Index: squid/src/cache_cf.c +diff -c squid/src/cache_cf.c:1.396.2.27 squid/src/cache_cf.c:1.396.2.28 +*** squid/src/cache_cf.c:1.396.2.27 Mon Jun 13 16:26:21 2005 +--- squid/src/cache_cf.c Sun Jun 19 03:36:33 2005 +*************** +*** 1300,1344 **** + if ((path_str = strtok(NULL, w_space)) == NULL) + self_destruct(); + +! /* +! * This bit of code is a little strange. +! * See, if we find a path and type match for a given line, then +! * as long as we're reconfiguring, we can just call its reconfigure +! * function. No harm there. +! * +! * Trouble is, if we find a path match, but not a type match, we have +! * a dilemma - we could gracefully shut down the fs, kill it, and +! * create a new one of a new type in its place, BUT at this stage the +! * fs is meant to be the *NEW* one, and so things go very strange. :-) +! * +! * So, we'll assume the person isn't going to change the fs type for now, +! * and XXX later on we will make sure that its picked up. +! * +! * (moving around cache_dir lines will be looked at later in a little +! * more sane detail..) +! */ + + for (i = 0; i < swap->n_configured; i++) { +! if (0 == strcasecmp(path_str, swap->swapDirs[i].path)) { +! /* This is a little weird, you'll appreciate it later */ +! fs = find_fstype(type_str); +! if (fs < 0) { +! fatalf("Unknown cache_dir type '%s'\n", type_str); +! } + sd = swap->swapDirs + i; + storefs_list[fs].reconfigurefunc(sd, i, path_str); + update_maxobjsize(); + return; + } + } + + assert(swap->n_configured < 63); /* 7 bits, signed */ + +- fs = find_fstype(type_str); +- if (fs < 0) { +- /* If we get here, we didn't find a matching cache_dir type */ +- fatalf("Unknown cache_dir type '%s'\n", type_str); +- } + allocate_new_swapdir(swap); + sd = swap->swapDirs + swap->n_configured; + sd->type = storefs_list[fs].typestr; +--- 1300,1326 ---- + if ((path_str = strtok(NULL, w_space)) == NULL) + self_destruct(); + +! fs = find_fstype(type_str); +! if (fs < 0) +! self_destruct(); + ++ /* reconfigure existing dir */ + for (i = 0; i < swap->n_configured; i++) { +! if ((strcasecmp(path_str, swap->swapDirs[i].path) == 0)) { + sd = swap->swapDirs + i; ++ if (sd->type != storefs_list[fs].typestr) { ++ debug(3, 0) ("ERROR: Can't change type of existing cache_dir %s %s to %s. Restart required\n", sd->type, sd->path, type_str); ++ return; ++ } + storefs_list[fs].reconfigurefunc(sd, i, path_str); + update_maxobjsize(); + return; + } + } + ++ /* new cache_dir */ + assert(swap->n_configured < 63); /* 7 bits, signed */ + + allocate_new_swapdir(swap); + sd = swap->swapDirs + swap->n_configured; + sd->type = storefs_list[fs].typestr; diff --git a/squid-2.5.STABLE10-chroot-2.patch b/squid-2.5.STABLE10-chroot-2.patch new file mode 100644 index 0000000..40f772a --- /dev/null +++ b/squid-2.5.STABLE10-chroot-2.patch @@ -0,0 +1,120 @@ +Index: squid/src/cache_cf.c +diff -c squid/src/cache_cf.c:1.396.2.26 squid/src/cache_cf.c:1.396.2.27 +*** squid/src/cache_cf.c:1.396.2.26 Fri May 6 16:33:53 2005 +--- squid/src/cache_cf.c Mon Jun 13 16:26:21 2005 +*************** +*** 299,306 **** + } + fclose(fp); + defaults_if_none(); + if (opt_send_signal == -1) { +- configDoConfigure(); + cachemgrRegister("config", + "Current Squid Configuration", + dump_config, +--- 299,306 ---- + } + fclose(fp); + defaults_if_none(); ++ configDoConfigure(); + if (opt_send_signal == -1) { + cachemgrRegister("config", + "Current Squid Configuration", + dump_config, +*************** +*** 2567,2574 **** + snprintf(pathbuf, BUFSIZ, "%s/%s", Config.chroot_dir, path); + path = pathbuf; + } +! if (stat(path, &sb) < 0) +! fatalf("%s %s: %s", name, path, xstrerror()); + } + + char * +--- 2567,2578 ---- + snprintf(pathbuf, BUFSIZ, "%s/%s", Config.chroot_dir, path); + path = pathbuf; + } +! if (stat(path, &sb) < 0) { +! if (opt_send_signal == -1 || opt_send_signal == SIGHUP) +! fatalf("%s %s: %s", name, path, xstrerror()); +! else +! fprintf(stderr, "WARNING: %s %s: %s\n", name, path, xstrerror()); +! } + } + + char * +Index: squid/src/globals.h +diff -c squid/src/globals.h:1.108.2.6 squid/src/globals.h:1.108.2.7 +*** squid/src/globals.h:1.108.2.6 Wed Apr 20 15:52:26 2005 +--- squid/src/globals.h Mon Jun 13 16:26:21 2005 +*************** +*** 166,170 **** +--- 166,171 ---- + extern void *sbrk_start; /* 0 */ + #endif + extern int opt_send_signal; /* -1 */ ++ extern int opt_no_daemon; /* 0 */ + + #endif /* SQUID_GLOBALS_H */ +Index: squid/src/main.c +diff -c squid/src/main.c:1.345.2.25 squid/src/main.c:1.345.2.27 +*** squid/src/main.c:1.345.2.25 Wed Apr 20 15:52:26 2005 +--- squid/src/main.c Mon Jun 27 15:24:28 2005 +*************** +*** 38,44 **** + /* for error reporting from xmalloc and friends */ + extern void (*failure_notify) (const char *); + +- static int opt_no_daemon = 0; + static int opt_parse_cfg_only = 0; + static char *opt_syslog_facility = NULL; + static int httpPortNumOverride = 1; +--- 38,43 ---- +*************** +*** 684,691 **** + /* send signal to running copy and exit */ + if (opt_send_signal != -1) { + /* chroot if configured to run inside chroot */ +! if (Config.chroot_dir && chroot(Config.chroot_dir)) { +! fatal("failed to chroot"); + } + sendSignal(); + /* NOTREACHED */ +--- 683,694 ---- + /* send signal to running copy and exit */ + if (opt_send_signal != -1) { + /* chroot if configured to run inside chroot */ +! if (Config.chroot_dir) { +! if (chroot(Config.chroot_dir)) +! fatal("failed to chroot"); +! no_suid(); +! } else { +! leave_suid(); + } + sendSignal(); + /* NOTREACHED */ +Index: squid/src/tools.c +diff -c squid/src/tools.c:1.213.2.15 squid/src/tools.c:1.213.2.16 +*** squid/src/tools.c:1.213.2.15 Fri Apr 22 14:45:12 2005 +--- squid/src/tools.c Mon Jun 13 16:26:22 2005 +*************** +*** 491,497 **** + if (strchr(host, '.')) + return host; + } +! fatal("Could not determine fully qualified hostname. Please set 'visible_hostname'\n"); + return NULL; /* keep compiler happy */ + } + +--- 491,500 ---- + if (strchr(host, '.')) + return host; + } +! if (opt_send_signal == -1) +! fatal("Could not determine fully qualified hostname. Please set 'visible_hostname'\n"); +! else +! return ("localhost"); + return NULL; /* keep compiler happy */ + } + diff --git a/squid-2.5.STABLE10-chroot_dir.patch b/squid-2.5.STABLE10-chroot_dir.patch new file mode 100644 index 0000000..623522a --- /dev/null +++ b/squid-2.5.STABLE10-chroot_dir.patch @@ -0,0 +1,21 @@ +Index: squid/src/cache_cf.c +diff -c squid/src/cache_cf.c:1.396.2.28 squid/src/cache_cf.c:1.396.2.29 +*** squid/src/cache_cf.c:1.396.2.28 Sun Jun 19 03:36:33 2005 +--- squid/src/cache_cf.c Thu Sep 1 16:04:51 2005 +*************** +*** 2545,2551 **** + struct stat sb; + char pathbuf[BUFSIZ]; + assert(path != NULL); +! if (Config.chroot_dir) { + snprintf(pathbuf, BUFSIZ, "%s/%s", Config.chroot_dir, path); + path = pathbuf; + } +--- 2545,2551 ---- + struct stat sb; + char pathbuf[BUFSIZ]; + assert(path != NULL); +! if (Config.chroot_dir && (geteuid() == 0)) { + snprintf(pathbuf, BUFSIZ, "%s/%s", Config.chroot_dir, path); + path = pathbuf; + } diff --git a/squid-2.5.STABLE10-content_length.patch b/squid-2.5.STABLE10-content_length.patch new file mode 100644 index 0000000..50d16e1 --- /dev/null +++ b/squid-2.5.STABLE10-content_length.patch @@ -0,0 +1,41 @@ +Index: squid/src/HttpHeader.c +diff -c squid/src/HttpHeader.c:1.74.2.28 squid/src/HttpHeader.c:1.74.2.29 +*** squid/src/HttpHeader.c:1.74.2.28 Fri May 6 15:32:09 2005 +--- squid/src/HttpHeader.c Wed May 25 16:57:33 2005 +*************** +*** 475,483 **** + } + if (e->id == HDR_CONTENT_LENGTH && (e2 = httpHeaderFindEntry(hdr, e->id)) != NULL) { + if (strCmp(e->value, strBuf(e2->value)) != 0) { +! debug(55, 1) ("WARNING: found two conflicting content-length headers in {%s}\n", getStringPrefix(header_start, header_end)); +! httpHeaderEntryDestroy(e); +! return httpHeaderReset(hdr); + } else { + debug(55, Config.onoff.relaxed_header_parser <= 0 ? 1 : 2) + ("NOTICE: found double content-length header\n"); +--- 475,499 ---- + } + if (e->id == HDR_CONTENT_LENGTH && (e2 = httpHeaderFindEntry(hdr, e->id)) != NULL) { + if (strCmp(e->value, strBuf(e2->value)) != 0) { +! squid_off_t l1, l2; +! debug(55, Config.onoff.relaxed_header_parser <= 0 ? 1 : 2) ("WARNING: found two conflicting content-length headers in {%s}\n", getStringPrefix(header_start, header_end)); +! if (!Config.onoff.relaxed_header_parser) { +! httpHeaderEntryDestroy(e); +! return httpHeaderReset(hdr); +! } +! if (!httpHeaderParseSize(strBuf(e->value), &l1)) { +! debug(55, 1) ("WARNING: Unparseable content-length '%s'\n", strBuf(e->value)); +! httpHeaderEntryDestroy(e); +! continue; +! } else if (!httpHeaderParseSize(strBuf(e2->value), &l2)) { +! debug(55, 1) ("WARNING: Unparseable content-length '%s'\n", strBuf(e2->value)); +! httpHeaderDelById(hdr, e2->id); +! } else if (l1 > l2) { +! httpHeaderDelById(hdr, e2->id); +! } else { +! httpHeaderEntryDestroy(e); +! continue; +! } + } else { + debug(55, Config.onoff.relaxed_header_parser <= 0 ? 1 : 2) + ("NOTICE: found double content-length header\n"); diff --git a/squid-2.5.STABLE10-errmsg.patch b/squid-2.5.STABLE10-errmsg.patch new file mode 100644 index 0000000..57a957b --- /dev/null +++ b/squid-2.5.STABLE10-errmsg.patch @@ -0,0 +1,561 @@ +Index: squid/src/cache_manager.c +diff -c squid/src/cache_manager.c:1.26 squid/src/cache_manager.c:1.26.2.1 +*** squid/src/cache_manager.c:1.26 Fri Feb 23 13:59:50 2001 +--- squid/src/cache_manager.c Thu Sep 1 16:14:45 2005 +*************** +*** 201,206 **** +--- 201,207 ---- + if ((mgr = cachemgrParseUrl(storeUrl(entry))) == NULL) { + err = errorCon(ERR_INVALID_URL, HTTP_NOT_FOUND); + err->url = xstrdup(storeUrl(entry)); ++ err->request = requestLink(request); + errorAppendEntry(entry, err); + entry->expires = squid_curtime; + return; +Index: squid/src/forward.c +diff -c squid/src/forward.c:1.82.2.15 squid/src/forward.c:1.82.2.16 +*** squid/src/forward.c:1.82.2.15 Fri Mar 25 19:50:53 2005 +--- squid/src/forward.c Thu Sep 1 16:14:45 2005 +*************** +*** 236,242 **** + request->host); + err = errorCon(ERR_DNS_FAIL, HTTP_SERVICE_UNAVAILABLE); + err->dnsserver_msg = xstrdup(dns_error_message); +- err->request = requestLink(request); + fwdFail(fwdState, err); + comm_close(server_fd); + } else if (status != COMM_OK) { +--- 236,241 ---- +*************** +*** 250,256 **** + err->host = xstrdup(request->host); + err->port = request->port; + } +- err->request = requestLink(request); + fwdFail(fwdState, err); + if (fs->peer) + peerConnectFailed(fs->peer); +--- 249,254 ---- +*************** +*** 282,288 **** + assert(fd == fwdState->server_fd); + if (entry->mem_obj->inmem_hi == 0) { + err = errorCon(ERR_CONNECT_FAIL, HTTP_GATEWAY_TIMEOUT); +- err->request = requestLink(fwdState->request); + err->xerrno = ETIMEDOUT; + fwdFail(fwdState, err); + /* +--- 280,285 ---- +*************** +*** 420,426 **** + debug(50, 4) ("fwdConnectStart: %s\n", xstrerror()); + err = errorCon(ERR_SOCKET_FAILURE, HTTP_INTERNAL_SERVER_ERROR); + err->xerrno = errno; +- err->request = requestLink(fwdState->request); + fwdFail(fwdState, err); + fwdStateFree(fwdState); + return; +--- 417,422 ---- +*************** +*** 466,472 **** + ErrorState *err; + debug(17, 3) ("fwdStartFail: %s\n", storeUrl(fwdState->entry)); + err = errorCon(ERR_CANNOT_FORWARD, HTTP_SERVICE_UNAVAILABLE); +- err->request = requestLink(fwdState->request); + err->xerrno = errno; + fwdFail(fwdState, err); + fwdStateFree(fwdState); +--- 462,467 ---- +*************** +*** 525,531 **** + debug(17, 1) ("fwdDispatch: Cannot retrieve '%s'\n", + storeUrl(entry)); + err = errorCon(ERR_UNSUP_REQ, HTTP_BAD_REQUEST); +- err->request = requestLink(request); + fwdFail(fwdState, err); + /* + * Force a persistent connection to be closed because +--- 520,525 ---- +*************** +*** 710,716 **** + void + fwdFail(FwdState * fwdState, ErrorState * errorState) + { +- assert(EBIT_TEST(fwdState->entry->flags, ENTRY_FWD_HDR_WAIT)); + debug(17, 3) ("fwdFail: %s \"%s\"\n\t%s\n", + err_type_str[errorState->type], + httpStatusString(errorState->http_status), +--- 704,709 ---- +*************** +*** 718,723 **** +--- 711,718 ---- + if (fwdState->err) + errorStateFree(fwdState->err); + fwdState->err = errorState; ++ if (!errorState->request) ++ errorState->request = requestLink(fwdState->request); + } + + /* +Index: squid/src/ftp.c +diff -c squid/src/ftp.c:1.316.2.28 squid/src/ftp.c:1.316.2.29 +*** squid/src/ftp.c:1.316.2.28 Wed Jun 22 04:42:34 2005 +--- squid/src/ftp.c Thu Sep 1 16:14:45 2005 +*************** +*** 2491,2497 **** + if (err == NULL) + err = errorCon(ERR_FTP_FAILURE, HTTP_BAD_GATEWAY); + err->xerrno = errno; +- err->request = requestLink(ftpState->request); + err->ftp.server_msg = ftpState->ctrl.message; + ftpState->ctrl.message = NULL; + if (ftpState->old_request) +--- 2491,2496 ---- +Index: squid/src/gopher.c +diff -c squid/src/gopher.c:1.162.2.8 squid/src/gopher.c:1.162.2.9 +*** squid/src/gopher.c:1.162.2.8 Tue Jan 11 23:04:01 2005 +--- squid/src/gopher.c Thu Sep 1 16:14:45 2005 +*************** +*** 603,614 **** + GopherStateData *gopherState = data; + StoreEntry *entry = gopherState->entry; + debug(10, 4) ("gopherTimeout: FD %d: '%s'\n", fd, storeUrl(entry)); +! if (entry->store_status == STORE_PENDING) { +! if (entry->mem_obj->inmem_hi == 0) { +! fwdFail(gopherState->fwdState, +! errorCon(ERR_READ_TIMEOUT, HTTP_GATEWAY_TIMEOUT)); +! } +! } + comm_close(fd); + } + +--- 603,610 ---- + GopherStateData *gopherState = data; + StoreEntry *entry = gopherState->entry; + debug(10, 4) ("gopherTimeout: FD %d: '%s'\n", fd, storeUrl(entry)); +! fwdFail(gopherState->fwdState, +! errorCon(ERR_READ_TIMEOUT, HTTP_GATEWAY_TIMEOUT)); + comm_close(fd); + } + +*************** +*** 660,681 **** + debug(50, 1) ("gopherReadReply: error reading: %s\n", xstrerror()); + if (ignoreErrno(errno)) { + commSetSelect(fd, COMM_SELECT_READ, gopherReadReply, data, 0); +! } else if (entry->mem_obj->inmem_hi == 0) { + ErrorState *err; + err = errorCon(ERR_READ_ERROR, HTTP_INTERNAL_SERVER_ERROR); + err->xerrno = errno; +! err->url = xstrdup(storeUrl(entry)); +! errorAppendEntry(entry, err); +! comm_close(fd); +! } else { + comm_close(fd); + } + } else if (len == 0 && entry->mem_obj->inmem_hi == 0) { +! ErrorState *err; +! err = errorCon(ERR_ZERO_SIZE_OBJECT, HTTP_SERVICE_UNAVAILABLE); +! err->xerrno = errno; +! err->url = xstrdup(gopherState->request); +! errorAppendEntry(entry, err); + comm_close(fd); + } else if (len == 0) { + /* Connection closed; retrieval done. */ +--- 656,670 ---- + debug(50, 1) ("gopherReadReply: error reading: %s\n", xstrerror()); + if (ignoreErrno(errno)) { + commSetSelect(fd, COMM_SELECT_READ, gopherReadReply, data, 0); +! } else { + ErrorState *err; + err = errorCon(ERR_READ_ERROR, HTTP_INTERNAL_SERVER_ERROR); + err->xerrno = errno; +! fwdFail(gopherState->fwdState, err); + comm_close(fd); + } + } else if (len == 0 && entry->mem_obj->inmem_hi == 0) { +! fwdFail(gopherState->fwdState, errorCon(ERR_ZERO_SIZE_OBJECT, HTTP_SERVICE_UNAVAILABLE)); + comm_close(fd); + } else if (len == 0) { + /* Connection closed; retrieval done. */ +*************** +*** 717,728 **** + } + if (errflag) { + ErrorState *err; +! err = errorCon(ERR_CONNECT_FAIL, HTTP_SERVICE_UNAVAILABLE); + err->xerrno = errno; + err->host = xstrdup(gopherState->req->host); + err->port = gopherState->req->port; + err->url = xstrdup(storeUrl(entry)); +! errorAppendEntry(entry, err); + comm_close(fd); + if (buf) + memFree(buf, MEM_4K_BUF); /* Allocated by gopherSendRequest. */ +--- 706,717 ---- + } + if (errflag) { + ErrorState *err; +! err = errorCon(ERR_WRITE_ERROR, HTTP_BAD_GATEWAY); + err->xerrno = errno; + err->host = xstrdup(gopherState->req->host); + err->port = gopherState->req->port; + err->url = xstrdup(storeUrl(entry)); +! fwdFail(gopherState->fwdState, err); + comm_close(fd); + if (buf) + memFree(buf, MEM_4K_BUF); /* Allocated by gopherSendRequest. */ +*************** +*** 815,830 **** + /* Parse url. */ + gopher_request_parse(fwdState->request, + &gopherState->type_id, gopherState->request); +- #if OLD_PARSE_ERROR_CODE +- if (...) { +- ErrorState *err; +- err = errorCon(ERR_INVALID_URL, HTTP_BAD_REQUEST); +- err->url = xstrdup(storeUrl(entry)); +- errorAppendEntry(entry, err); +- gopherStateFree(-1, gopherState); +- return; +- } +- #endif + comm_add_close_handler(fd, gopherStateFree, gopherState); + if (((gopherState->type_id == GOPHER_INDEX) || (gopherState->type_id == GOPHER_CSO)) + && (strchr(gopherState->request, '?') == NULL)) { +--- 804,809 ---- +Index: squid/src/http.c +diff -c squid/src/http.c:1.384.2.30 squid/src/http.c:1.384.2.31 +*** squid/src/http.c:1.384.2.30 Fri Mar 25 19:50:53 2005 +--- squid/src/http.c Thu Sep 1 16:14:45 2005 +*************** +*** 99,108 **** + StoreEntry *entry = httpState->entry; + debug(11, 4) ("httpTimeout: FD %d: '%s'\n", fd, storeUrl(entry)); + if (entry->store_status == STORE_PENDING) { +! if (entry->mem_obj->inmem_hi == 0) { +! fwdFail(httpState->fwd, +! errorCon(ERR_READ_TIMEOUT, HTTP_GATEWAY_TIMEOUT)); +! } + } + comm_close(fd); + } +--- 99,106 ---- + StoreEntry *entry = httpState->entry; + debug(11, 4) ("httpTimeout: FD %d: '%s'\n", fd, storeUrl(entry)); + if (entry->store_status == STORE_PENDING) { +! fwdFail(httpState->fwd, +! errorCon(ERR_READ_TIMEOUT, HTTP_GATEWAY_TIMEOUT)); + } + comm_close(fd); + } +*************** +*** 616,637 **** + fd, xstrerror()); + if (ignoreErrno(errno)) { + commSetSelect(fd, COMM_SELECT_READ, httpReadReply, httpState, 0); +! } else if (entry->mem_obj->inmem_hi == 0) { + ErrorState *err; + err = errorCon(ERR_READ_ERROR, HTTP_BAD_GATEWAY); +- err->request = requestLink((request_t *) request); + err->xerrno = errno; + fwdFail(httpState->fwd, err); + comm_close(fd); +- } else { +- comm_close(fd); + } + } else if (len == 0 && entry->mem_obj->inmem_hi == 0) { +! ErrorState *err; +! err = errorCon(ERR_ZERO_SIZE_OBJECT, HTTP_BAD_GATEWAY); +! err->xerrno = errno; +! err->request = requestLink((request_t *) request); +! fwdFail(httpState->fwd, err); + httpState->eof = 1; + comm_close(fd); + } else if (len == 0) { +--- 614,628 ---- + fd, xstrerror()); + if (ignoreErrno(errno)) { + commSetSelect(fd, COMM_SELECT_READ, httpReadReply, httpState, 0); +! } else { + ErrorState *err; + err = errorCon(ERR_READ_ERROR, HTTP_BAD_GATEWAY); + err->xerrno = errno; + fwdFail(httpState->fwd, err); + comm_close(fd); + } + } else if (len == 0 && entry->mem_obj->inmem_hi == 0) { +! fwdFail(httpState->fwd, errorCon(ERR_ZERO_SIZE_OBJECT, HTTP_BAD_GATEWAY)); + httpState->eof = 1; + comm_close(fd); + } else if (len == 0) { +*************** +*** 646,663 **** + */ + httpProcessReplyHeader(httpState, buf, len); + if (entry->mem_obj->reply->sline.status == HTTP_HEADER_TOO_LARGE) { +- ErrorState *err; + storeEntryReset(entry); +! err = errorCon(ERR_TOO_BIG, HTTP_BAD_GATEWAY); +! err->request = requestLink((request_t *) request); +! fwdFail(httpState->fwd, err); + httpState->fwd->flags.dont_retry = 1; + } else if (entry->mem_obj->reply->sline.status == HTTP_INVALID_HEADER && !(entry->mem_obj->reply->sline.version.major == 0 && entry->mem_obj->reply->sline.version.minor == 9)) { +- ErrorState *err; + storeEntryReset(entry); +! err = errorCon(ERR_INVALID_RESP, HTTP_BAD_GATEWAY); +! err->request = requestLink((request_t *) request); +! fwdFail(httpState->fwd, err); + httpState->fwd->flags.dont_retry = 1; + } else { + fwdComplete(httpState->fwd); +--- 637,648 ---- + */ + httpProcessReplyHeader(httpState, buf, len); + if (entry->mem_obj->reply->sline.status == HTTP_HEADER_TOO_LARGE) { + storeEntryReset(entry); +! fwdFail(httpState->fwd, errorCon(ERR_TOO_BIG, HTTP_BAD_GATEWAY)); + httpState->fwd->flags.dont_retry = 1; + } else if (entry->mem_obj->reply->sline.status == HTTP_INVALID_HEADER && !(entry->mem_obj->reply->sline.version.major == 0 && entry->mem_obj->reply->sline.version.minor == 9)) { + storeEntryReset(entry); +! fwdFail(httpState->fwd, errorCon(ERR_INVALID_RESP, HTTP_BAD_GATEWAY)); + httpState->fwd->flags.dont_retry = 1; + } else { + fwdComplete(httpState->fwd); +*************** +*** 670,691 **** + if (httpState->reply_hdr_state == 2) { + http_status s = entry->mem_obj->reply->sline.status; + if (s == HTTP_HEADER_TOO_LARGE) { +- ErrorState *err; + debug(11, 1) ("WARNING: %s:%d: HTTP header too large\n", __FILE__, __LINE__); + storeEntryReset(entry); +! err = errorCon(ERR_TOO_BIG, HTTP_BAD_GATEWAY); +! err->request = requestLink((request_t *) request); +! fwdFail(httpState->fwd, err); + httpState->fwd->flags.dont_retry = 1; + comm_close(fd); + return; + } + if (s == HTTP_INVALID_HEADER && !(entry->mem_obj->reply->sline.version.major == 0 && entry->mem_obj->reply->sline.version.minor == 9)) { +- ErrorState *err; + storeEntryReset(entry); +! err = errorCon(ERR_INVALID_RESP, HTTP_BAD_GATEWAY); +! err->request = requestLink((request_t *) request); +! fwdFail(httpState->fwd, err); + httpState->fwd->flags.dont_retry = 1; + comm_close(fd); + return; +--- 655,670 ---- + if (httpState->reply_hdr_state == 2) { + http_status s = entry->mem_obj->reply->sline.status; + if (s == HTTP_HEADER_TOO_LARGE) { + debug(11, 1) ("WARNING: %s:%d: HTTP header too large\n", __FILE__, __LINE__); + storeEntryReset(entry); +! fwdFail(httpState->fwd, errorCon(ERR_TOO_BIG, HTTP_BAD_GATEWAY)); + httpState->fwd->flags.dont_retry = 1; + comm_close(fd); + return; + } + if (s == HTTP_INVALID_HEADER && !(entry->mem_obj->reply->sline.version.major == 0 && entry->mem_obj->reply->sline.version.minor == 9)) { + storeEntryReset(entry); +! fwdFail(httpState->fwd, errorCon(ERR_INVALID_RESP, HTTP_BAD_GATEWAY)); + httpState->fwd->flags.dont_retry = 1; + comm_close(fd); + return; +*************** +*** 804,810 **** + { + HttpStateData *httpState = data; + StoreEntry *entry = httpState->entry; +- ErrorState *err; + debug(11, 5) ("httpSendComplete: FD %d: size %d: errflag %d.\n", + fd, (int) size, errflag); + #if URL_CHECKSUM_DEBUG +--- 783,788 ---- +*************** +*** 818,829 **** + if (errflag == COMM_ERR_CLOSING) + return; + if (errflag) { +! if (entry->mem_obj->inmem_hi == 0) { +! err = errorCon(ERR_WRITE_ERROR, HTTP_BAD_GATEWAY); +! err->xerrno = errno; +! err->request = requestLink(httpState->orig_request); +! errorAppendEntry(entry, err); +! } + comm_close(fd); + return; + } else { +--- 796,805 ---- + if (errflag == COMM_ERR_CLOSING) + return; + if (errflag) { +! ErrorState *err; +! err = errorCon(ERR_WRITE_ERROR, HTTP_BAD_GATEWAY); +! err->xerrno = errno; +! fwdFail(httpState->fwd, err); + comm_close(fd); + return; + } else { +*************** +*** 1264,1270 **** + { + HttpStateData *httpState = data; + StoreEntry *entry = httpState->entry; +- ErrorState *err; + debug(11, 5) ("httpSendRequestEntry: FD %d: size %d: errflag %d.\n", + fd, (int) size, errflag); + if (size > 0) { +--- 1240,1245 ---- +*************** +*** 1275,1286 **** + if (errflag == COMM_ERR_CLOSING) + return; + if (errflag) { +! if (entry->mem_obj->inmem_hi == 0) { +! err = errorCon(ERR_WRITE_ERROR, HTTP_BAD_GATEWAY); +! err->xerrno = errno; +! err->request = requestLink(httpState->orig_request); +! errorAppendEntry(entry, err); +! } + comm_close(fd); + return; + } +--- 1250,1259 ---- + if (errflag == COMM_ERR_CLOSING) + return; + if (errflag) { +! ErrorState *err; +! err = errorCon(ERR_WRITE_ERROR, HTTP_BAD_GATEWAY); +! err->xerrno = errno; +! fwdFail(httpState->fwd, err); + comm_close(fd); + return; + } +Index: squid/src/urn.c +diff -c squid/src/urn.c:1.68.2.3 squid/src/urn.c:1.68.2.4 +*** squid/src/urn.c:1.68.2.3 Sun Sep 1 06:38:04 2002 +--- squid/src/urn.c Thu Sep 1 16:14:45 2005 +*************** +*** 132,137 **** +--- 132,138 ---- + debug(52, 3) ("urnStart: Bad uri-res URL %s\n", urlres); + err = errorCon(ERR_URN_RESOLVE, HTTP_NOT_FOUND); + err->url = xstrdup(urlres); ++ err->request = requestLink(r); + errorAppendEntry(e, err); + return; + } +Index: squid/src/wais.c +diff -c squid/src/wais.c:1.138 squid/src/wais.c:1.138.2.1 +*** squid/src/wais.c:1.138 Wed Oct 24 02:19:09 2001 +--- squid/src/wais.c Thu Sep 1 16:14:45 2005 +*************** +*** 70,79 **** + StoreEntry *entry = waisState->entry; + debug(24, 4) ("waisTimeout: FD %d: '%s'\n", fd, storeUrl(entry)); + if (entry->store_status == STORE_PENDING) { +! if (entry->mem_obj->inmem_hi == 0) { +! fwdFail(waisState->fwd, +! errorCon(ERR_READ_TIMEOUT, HTTP_GATEWAY_TIMEOUT)); +! } + } + comm_close(fd); + } +--- 70,77 ---- + StoreEntry *entry = waisState->entry; + debug(24, 4) ("waisTimeout: FD %d: '%s'\n", fd, storeUrl(entry)); + if (entry->store_status == STORE_PENDING) { +! fwdFail(waisState->fwd, +! errorCon(ERR_READ_TIMEOUT, HTTP_GATEWAY_TIMEOUT)); + } + comm_close(fd); + } +*************** +*** 130,149 **** + waisReadReply, waisState, 0); + } else { + ErrorState *err; +- EBIT_CLR(entry->flags, ENTRY_CACHABLE); +- storeReleaseRequest(entry); + err = errorCon(ERR_READ_ERROR, HTTP_INTERNAL_SERVER_ERROR); + err->xerrno = errno; +! err->request = requestLink(waisState->request); +! errorAppendEntry(entry, err); + comm_close(fd); + } + } else if (len == 0 && entry->mem_obj->inmem_hi == 0) { +! ErrorState *err; +! err = errorCon(ERR_ZERO_SIZE_OBJECT, HTTP_SERVICE_UNAVAILABLE); +! err->xerrno = errno; +! err->request = requestLink(waisState->request); +! errorAppendEntry(entry, err); + comm_close(fd); + } else if (len == 0) { + /* Connection closed; retrieval done. */ +--- 128,140 ---- + waisReadReply, waisState, 0); + } else { + ErrorState *err; + err = errorCon(ERR_READ_ERROR, HTTP_INTERNAL_SERVER_ERROR); + err->xerrno = errno; +! fwdFail(waisState->fwd, err); + comm_close(fd); + } + } else if (len == 0 && entry->mem_obj->inmem_hi == 0) { +! fwdFail(waisState->fwd, errorCon(ERR_ZERO_SIZE_OBJECT, HTTP_SERVICE_UNAVAILABLE)); + comm_close(fd); + } else if (len == 0) { + /* Connection closed; retrieval done. */ +*************** +*** 179,186 **** + ErrorState *err; + err = errorCon(ERR_WRITE_ERROR, HTTP_SERVICE_UNAVAILABLE); + err->xerrno = errno; +! err->request = requestLink(waisState->request); +! errorAppendEntry(entry, err); + comm_close(fd); + } else { + /* Schedule read reply. */ +--- 170,176 ---- + ErrorState *err; + err = errorCon(ERR_WRITE_ERROR, HTTP_SERVICE_UNAVAILABLE); + err->xerrno = errno; +! fwdFail(waisState->fwd, err); + comm_close(fd); + } else { + /* Schedule read reply. */ +Index: squid/src/whois.c +diff -c squid/src/whois.c:1.16 squid/src/whois.c:1.16.2.1 +*** squid/src/whois.c:1.16 Fri Apr 13 18:03:24 2001 +--- squid/src/whois.c Thu Sep 1 16:14:45 2005 +*************** +*** 109,122 **** + fd, xstrerror()); + if (ignoreErrno(errno)) { + commSetSelect(fd, COMM_SELECT_READ, whoisReadReply, p, Config.Timeout.read); +! } else if (mem->inmem_hi == 0) { + ErrorState *err; + err = errorCon(ERR_READ_ERROR, HTTP_INTERNAL_SERVER_ERROR); + err->xerrno = errno; + fwdFail(p->fwd, err); + comm_close(fd); +- } else { +- comm_close(fd); + } + } else { + fwdComplete(p->fwd); +--- 109,120 ---- + fd, xstrerror()); + if (ignoreErrno(errno)) { + commSetSelect(fd, COMM_SELECT_READ, whoisReadReply, p, Config.Timeout.read); +! } else { + ErrorState *err; + err = errorCon(ERR_READ_ERROR, HTTP_INTERNAL_SERVER_ERROR); + err->xerrno = errno; + fwdFail(p->fwd, err); + comm_close(fd); + } + } else { + fwdComplete(p->fwd); diff --git a/squid-2.5.STABLE10-ftp_250.patch b/squid-2.5.STABLE10-ftp_250.patch new file mode 100644 index 0000000..4799958 --- /dev/null +++ b/squid-2.5.STABLE10-ftp_250.patch @@ -0,0 +1,55 @@ +Index: squid/src/ftp.c +diff -c squid/src/ftp.c:1.316.2.29 squid/src/ftp.c:1.316.2.30 +*** squid/src/ftp.c:1.316.2.29 Thu Sep 1 16:14:45 2005 +--- squid/src/ftp.c Thu Sep 1 16:28:29 2005 +*************** +*** 2279,2285 **** + { + int code = ftpState->ctrl.replycode; + debug(9, 3) ("This is ftpReadTransferDone\n"); +! if (code == 226) { + /* Connection closed; retrieval done. */ + if (ftpState->flags.html_header_sent) + ftpListingFinish(ftpState); +--- 2279,2285 ---- + { + int code = ftpState->ctrl.replycode; + debug(9, 3) ("This is ftpReadTransferDone\n"); +! if (code == 226 || code == 250) { + /* Connection closed; retrieval done. */ + if (ftpState->flags.html_header_sent) + ftpListingFinish(ftpState); +*************** +*** 2345,2351 **** + { + int code = ftpState->ctrl.replycode; + debug(9, 3) ("This is ftpWriteTransferDone\n"); +! if (code != 226) { + debug(9, 1) ("ftpReadTransferDone: Got code %d after sending data\n", + code); + ftpFailed(ftpState, ERR_FTP_PUT_ERROR); +--- 2345,2351 ---- + { + int code = ftpState->ctrl.replycode; + debug(9, 3) ("This is ftpWriteTransferDone\n"); +! if (!(code == 226 || code == 250)) { + debug(9, 1) ("ftpReadTransferDone: Got code %d after sending data\n", + code); + ftpFailed(ftpState, ERR_FTP_PUT_ERROR); +*************** +*** 2521,2527 **** + storeUrl(ftpState->entry), code); + if (cbdataValid(ftpState)) + debug(9, 5) ("ftpSendReply: ftpState (%p) is valid!\n", ftpState); +! if (code == 226) { + err_code = (ftpState->mdtm > 0) ? ERR_FTP_PUT_MODIFIED : ERR_FTP_PUT_CREATED; + http_code = (ftpState->mdtm > 0) ? HTTP_ACCEPTED : HTTP_CREATED; + } else if (code == 227) { +--- 2521,2527 ---- + storeUrl(ftpState->entry), code); + if (cbdataValid(ftpState)) + debug(9, 5) ("ftpSendReply: ftpState (%p) is valid!\n", ftpState); +! if (code == 226 || code == 250) { + err_code = (ftpState->mdtm > 0) ? ERR_FTP_PUT_MODIFIED : ERR_FTP_PUT_CREATED; + http_code = (ftpState->mdtm > 0) ? HTTP_ACCEPTED : HTTP_CREATED; + } else if (code == 227) { diff --git a/squid-2.5.STABLE10-ftp_basehref.patch b/squid-2.5.STABLE10-ftp_basehref.patch new file mode 100644 index 0000000..1825fdb --- /dev/null +++ b/squid-2.5.STABLE10-ftp_basehref.patch @@ -0,0 +1,229 @@ +Index: squid/src/ftp.c +diff -c squid/src/ftp.c:1.316.2.26 squid/src/ftp.c:1.316.2.27 +*** squid/src/ftp.c:1.316.2.26 Tue Jun 21 16:18:19 2005 +--- squid/src/ftp.c Tue Jun 21 16:21:31 2005 +*************** +*** 69,74 **** +--- 69,75 ---- + unsigned int http_header_sent:1; + unsigned int tried_nlst:1; + unsigned int use_base:1; ++ unsigned int dir_slash:1; + unsigned int root_dir:1; + unsigned int no_dotdot:1; + unsigned int html_header_sent:1; +*************** +*** 87,92 **** +--- 88,94 ---- + int password_url; + char *reply_hdr; + int reply_hdr_state; ++ String clean_url; + String title_url; + String base_href; + int conn_att; +*************** +*** 96,101 **** +--- 98,104 ---- + squid_off_t size; + wordlist *pathcomps; + char *filepath; ++ char *dirpath; + squid_off_t restart_offset; + squid_off_t restarted_offset; + int rest_att; +*************** +*** 437,445 **** + storeBuffer(e); + storeAppendPrintf(e, "\n"); + if (ftpState->flags.listformat_unknown && !ftpState->flags.tried_nlst) { +! storeAppendPrintf(e, "[As plain directory]\n"); + } else if (ftpState->typecode == 'D') { +! const char *path = ftpState->filepath ? ftpState->filepath : "."; + storeAppendPrintf(e, "[As extended directory]\n", html_quote(path)); + } + storeAppendPrintf(e, "
\n"); +--- 440,449 ---- + storeBuffer(e); + storeAppendPrintf(e, "\n"); + if (ftpState->flags.listformat_unknown && !ftpState->flags.tried_nlst) { +! storeAppendPrintf(e, "[As plain directory]\n", +! ftpState->flags.dir_slash ? rfc1738_escape_part(ftpState->filepath) : "."); + } else if (ftpState->typecode == 'D') { +! const char *path = ftpState->flags.dir_slash ? ftpState->filepath : "."; + storeAppendPrintf(e, "[As extended directory]\n", html_quote(path)); + } + storeAppendPrintf(e, "
\n"); +*************** +*** 681,686 **** +--- 685,691 ---- + LOCAL_ARRAY(char, download, 2048 + 40); + LOCAL_ARRAY(char, link, 2048 + 40); + LOCAL_ARRAY(char, html, 8192); ++ LOCAL_ARRAY(char, prefix, 2048); + size_t width = Config.Ftp.list_width; + ftpListParts *parts; + *icon = *href = *text = *size = *chdir = *view = *download = *link = *html = '\0'; +*************** +*** 688,693 **** +--- 693,702 ---- + snprintf(html, 8192, "%s\n", line); + return html; + } ++ if (ftpState->flags.dir_slash) ++ snprintf(prefix, sizeof(prefix), "%s/", rfc1738_escape_part(ftpState->dirpath)); ++ else ++ prefix[0] = '\0'; + /* Handle builtin */ + if (strcmp(line, "") == 0) { + /* {icon} {text} {link} */ +*************** +*** 696,702 **** + "[DIRUP]"); + if (!ftpState->flags.no_dotdot && !ftpState->flags.root_dir) { + /* Normal directory */ +! strcpy(href, "../"); + strcpy(text, "Parent Directory"); + } else if (!ftpState->flags.no_dotdot && ftpState->flags.root_dir) { + /* "Top level" directory */ +--- 705,714 ---- + "[DIRUP]"); + if (!ftpState->flags.no_dotdot && !ftpState->flags.root_dir) { + /* Normal directory */ +! if (!ftpState->flags.dir_slash) +! strcpy(href, "../"); +! else +! strcpy(href, "./"); + strcpy(text, "Parent Directory"); + } else if (!ftpState->flags.no_dotdot && ftpState->flags.root_dir) { + /* "Top level" directory */ +*************** +*** 710,716 **** + strcpy(href, "%2e%2e/"); + strcpy(text, "Parent Directory"); + snprintf(link, 2048, "(%s)", +! "../", + "Back"); + } else { /* NO_DOTDOT && ROOT_DIR */ + /* "UNIX Root" directory */ +--- 722,728 ---- + strcpy(href, "%2e%2e/"); + strcpy(text, "Parent Directory"); + snprintf(link, 2048, "(%s)", +! !ftpState->flags.dir_slash ? "../" : "./", + "Back"); + } else { /* NO_DOTDOT && ROOT_DIR */ + /* "UNIX Root" directory */ +*************** +*** 758,765 **** + /* sometimes there is an 'l' flag, but no "->" link */ + if (parts->link) { + char *link2 = xstrdup(html_quote(rfc1738_escape(parts->link))); +! snprintf(link, 2048, " -> %s", +! link2, + html_quote(parts->link)); + safe_free(link2); + } +--- 770,777 ---- + /* sometimes there is an 'l' flag, but no "->" link */ + if (parts->link) { + char *link2 = xstrdup(html_quote(rfc1738_escape(parts->link))); +! snprintf(link, 2048, " -> %s", +! *link2 != '/' ? prefix : "", link2, + html_quote(parts->link)); + safe_free(link2); + } +*************** +*** 799,825 **** + } + if (parts->type != 'd') { + if (mimeGetViewOption(parts->name)) { +! snprintf(view, 2048, " ", +! href, mimeGetIconURL("internal-view")); + } + if (mimeGetDownloadOption(parts->name)) { +! snprintf(download, 2048, " ", +! href, mimeGetIconURL("internal-download")); + } + } + /* {icon} {text} . . . {date}{size}{chdir}{view}{download}{link}\n */ + if (parts->type != '\0') { +! snprintf(html, 8192, "%s %s%s " + "%s%8s%s%s%s%s\n", +! href, icon, href, html_quote(text), dots_fill(strlen(text)), + parts->date, size, chdir, view, download, link); + } else { + /* Plain listing. {icon} {text} ... {chdir}{view}{download} */ +! snprintf(html, 8192, "%s %s%s " + "%s%s%s%s\n", +! href, icon, href, html_quote(text), dots_fill(strlen(text)), + chdir, view, download, link); + } + ftpListPartsFree(&parts); +--- 811,837 ---- + } + if (parts->type != 'd') { + if (mimeGetViewOption(parts->name)) { +! snprintf(view, 2048, " ", +! prefix, href, mimeGetIconURL("internal-view")); + } + if (mimeGetDownloadOption(parts->name)) { +! snprintf(download, 2048, " ", +! prefix, href, mimeGetIconURL("internal-download")); + } + } + /* {icon} {text} . . . {date}{size}{chdir}{view}{download}{link}\n */ + if (parts->type != '\0') { +! snprintf(html, 8192, "%s %s%s " + "%s%8s%s%s%s%s\n", +! prefix, href, icon, prefix, href, html_quote(text), dots_fill(strlen(text)), + parts->date, size, chdir, view, download, link); + } else { + /* Plain listing. {icon} {text} ... {chdir}{view}{download} */ +! snprintf(html, 8192, "%s %s%s " + "%s%s%s%s\n", +! prefix, href, icon, prefix, href, html_quote(text), dots_fill(strlen(text)), + chdir, view, download, link); + } + ftpListPartsFree(&parts); +*************** +*** 1557,1563 **** + debug(9, 4) ("ftpTraverseDirectory %s\n", + ftpState->filepath ? ftpState->filepath : ""); + +! safe_free(ftpState->filepath); + /* Done? */ + if (ftpState->pathcomps == NULL) { + debug(9, 3) ("the final component was a directory\n"); +--- 1569,1578 ---- + debug(9, 4) ("ftpTraverseDirectory %s\n", + ftpState->filepath ? ftpState->filepath : ""); + +! safe_free(ftpState->dirpath); +! ftpState->dirpath = ftpState->filepath; +! ftpState->filepath = NULL; +! + /* Done? */ + if (ftpState->pathcomps == NULL) { + debug(9, 3) ("the final component was a directory\n"); +*************** +*** 1662,1668 **** + debug(9, 3) ("Directory path did not end in /\n"); + strCat(ftpState->title_url, "/"); + ftpState->flags.isdir = 1; +! ftpState->flags.use_base = 1; + } + ftpSendPasv(ftpState); + } +--- 1677,1683 ---- + debug(9, 3) ("Directory path did not end in /\n"); + strCat(ftpState->title_url, "/"); + ftpState->flags.isdir = 1; +! ftpState->flags.dir_slash = 1; + } + ftpSendPasv(ftpState); + } diff --git a/squid-2.5.STABLE10-ftp_title-2.patch b/squid-2.5.STABLE10-ftp_title-2.patch new file mode 100644 index 0000000..c25b7dd --- /dev/null +++ b/squid-2.5.STABLE10-ftp_title-2.patch @@ -0,0 +1,115 @@ +Index: squid/src/ftp.c +diff -c squid/src/ftp.c:1.316.2.25 squid/src/ftp.c:1.316.2.28 +*** squid/src/ftp.c:1.316.2.25 Fri Mar 25 19:50:53 2005 +--- squid/src/ftp.c Wed Jun 22 04:42:34 2005 +*************** +*** 365,379 **** + wordlist *w; + char *dirup; + int i, j, k; +! char *title; + storeBuffer(e); + storeAppendPrintf(e, "\n"); + storeAppendPrintf(e, "\n", + version_string); + storeAppendPrintf(e, "\n", mkrfc1123(squid_curtime)); + storeAppendPrintf(e, "\n"); +! storeAppendPrintf(e, "FTP Directory: %s\n", +! html_quote(strBuf(ftpState->title_url))); + storeAppendPrintf(e, "\n"); + storeAppendPrintf(e, "\n"); + if (ftpState->flags.use_base) +--- 365,383 ---- + wordlist *w; + char *dirup; + int i, j, k; +! const char *title = strBuf(ftpState->title_url); + storeBuffer(e); + storeAppendPrintf(e, "\n"); + storeAppendPrintf(e, "\n", + version_string); + storeAppendPrintf(e, "\n", mkrfc1123(squid_curtime)); + storeAppendPrintf(e, "\n"); +! { +! char *t = xstrdup(title); +! rfc1738_unescape(t); +! storeAppendPrintf(e, "FTP Directory: %s\n", html_quote(t)); +! xfree(t); +! } + storeAppendPrintf(e, "\n"); + storeAppendPrintf(e, "\n"); + if (ftpState->flags.use_base) +*************** +*** 392,418 **** + storeAppendPrintf(e, "FTP Directory: "); + /* "ftp://" == 6 characters */ + assert(strLen(ftpState->title_url) >= 6); +! title = html_quote(strBuf(ftpState->title_url)); + for (i = 6, j = 0; title[i]; j = i) { + storeAppendPrintf(e, ""); +- for (k = j; k < i - 1; k++) +- storeAppendPrintf(e, "%c", title[k]); +- if (strBuf(ftpState->title_url)[k] != '/') +- storeAppendPrintf(e, "%c", title[k++]); +- storeAppendPrintf(e, ""); +- if (k < i) +- storeAppendPrintf(e, "%c", title[k++]); + if (i == j) { + /* Error guard, or "assert" */ + storeAppendPrintf(e, "ERROR: Failed to parse URL: %s\n", +! html_quote(strBuf(ftpState->title_url))); +! debug(9, 0) ("Failed to parse URL: %s\n", strBuf(ftpState->title_url)); + break; + } + } +--- 396,424 ---- + storeAppendPrintf(e, "FTP Directory: "); + /* "ftp://" == 6 characters */ + assert(strLen(ftpState->title_url) >= 6); +! k = 6 + strcspn(&title[6], "/"); + for (i = 6, j = 0; title[i]; j = i) { + storeAppendPrintf(e, " j) { ++ char *url = xstrdup(title); ++ url[i] = '\0'; ++ storeAppendPrintf(e, "%s", html_quote(url + k)); ++ storeAppendPrintf(e, "/"); ++ storeAppendPrintf(e, "\">"); ++ rfc1738_unescape(url + j); ++ storeAppendPrintf(e, "%s", html_quote(url + j)); ++ safe_free(url); ++ storeAppendPrintf(e, ""); ++ } ++ storeAppendPrintf(e, "/"); + if (title[i] == '/') + i++; + if (i == j) { + /* Error guard, or "assert" */ + storeAppendPrintf(e, "ERROR: Failed to parse URL: %s\n", +! html_quote(title)); +! debug(9, 0) ("Failed to parse URL: %s\n", title); + break; + } + } +*************** +*** 1059,1070 **** + strCat(ftpState->title_url, xitoa(request->port)); + } + strCat(ftpState->title_url, strBuf(request->urlpath)); +- { +- char *t = xstrdup(strBuf(ftpState->title_url)); +- rfc1738_unescape(t); +- stringReset(&ftpState->title_url, t); +- xfree(t); +- } + + stringReset(&ftpState->base_href, "ftp://"); + if (strcmp(ftpState->user, "anonymous")) { +--- 1065,1070 ---- diff --git a/squid-2.5.STABLE10-internal_date.patch b/squid-2.5.STABLE10-internal_date.patch new file mode 100644 index 0000000..5ab2c06 --- /dev/null +++ b/squid-2.5.STABLE10-internal_date.patch @@ -0,0 +1,221 @@ +Index: squid/include/Array.h +diff -c squid/include/Array.h:1.6 squid/include/Array.h:1.6.2.1 +*** squid/include/Array.h:1.6 Mon Oct 8 10:18:31 2001 +--- squid/include/Array.h Thu Jun 9 01:51:46 2005 +*************** +*** 48,53 **** +--- 48,54 ---- + extern void arrayClean(Array * s); + extern void arrayDestroy(Array * s); + extern void arrayAppend(Array * s, void *obj); ++ extern void arrayInsert(Array * s, void *obj, int position); + extern void arrayPreAppend(Array * s, int app_count); + + +Index: squid/lib/Array.c +diff -c squid/lib/Array.c:1.7 squid/lib/Array.c:1.7.2.1 +*** squid/lib/Array.c:1.7 Wed Feb 7 11:56:50 2001 +--- squid/lib/Array.c Thu Jun 9 01:51:46 2005 +*************** +*** 95,100 **** +--- 95,113 ---- + a->items[a->count++] = obj; + } + ++ void arrayInsert(Array *a, void *obj, int position) ++ { ++ assert(a); ++ if (a->count >= a->capacity) ++ arrayGrow(a, a->count + 1); ++ if (position > a->count) ++ position = a->count; ++ if (position < a->count) ++ memmove(&a->items[position + 1], &a->items[position], (a->count - position) * sizeof(void *)); ++ a->items[position] = obj; ++ a->count++; ++ } ++ + /* if you are going to append a known and large number of items, call this first */ + void + arrayPreAppend(Array * a, int app_count) +Index: squid/src/HttpHeader.c +diff -c squid/src/HttpHeader.c:1.74.2.29 squid/src/HttpHeader.c:1.74.2.30 +*** squid/src/HttpHeader.c:1.74.2.29 Wed May 25 16:57:33 2005 +--- squid/src/HttpHeader.c Thu Jun 9 01:51:46 2005 +*************** +*** 680,685 **** +--- 680,705 ---- + hdr->len += strLen(e->name) + 2 + strLen(e->value) + 2; + } + ++ /* inserts an entry at the given position; ++ * does not call httpHeaderEntryClone() so one should not reuse "*e" ++ */ ++ void ++ httpHeaderInsertEntry(HttpHeader * hdr, HttpHeaderEntry * e, int pos) ++ { ++ assert(hdr && e); ++ assert_eid(e->id); ++ ++ debug(55, 7) ("%p adding entry: %d at %d\n", ++ hdr, e->id, hdr->entries.count); ++ if (CBIT_TEST(hdr->mask, e->id)) ++ Headers[e->id].stat.repCount++; ++ else ++ CBIT_SET(hdr->mask, e->id); ++ arrayInsert(&hdr->entries, e, pos); ++ /* increment header length, allow for ": " and crlf */ ++ hdr->len += strLen(e->name) + 2 + strLen(e->value) + 2; ++ } ++ + /* return a list of entries with the same id separated by ',' and ws */ + String + httpHeaderGetList(const HttpHeader * hdr, http_hdr_type id) +*************** +*** 850,855 **** +--- 870,884 ---- + } + + void ++ httpHeaderInsertTime(HttpHeader * hdr, int pos, http_hdr_type id, time_t htime) ++ { ++ assert_eid(id); ++ assert(Headers[id].type == ftDate_1123); /* must be of an appropriate type */ ++ assert(htime >= 0); ++ httpHeaderInsertEntry(hdr, httpHeaderEntryCreate(id, NULL, mkrfc1123(htime)), pos); ++ } ++ ++ void + httpHeaderPutStr(HttpHeader * hdr, http_hdr_type id, const char *str) + { + assert_eid(id); +Index: squid/src/cf.data.pre +diff -c squid/src/cf.data.pre:1.245.2.94 squid/src/cf.data.pre:1.245.2.95 +*** squid/src/cf.data.pre:1.245.2.94 Tue May 10 17:08:40 2005 +--- squid/src/cf.data.pre Thu Jun 9 01:51:46 2005 +*************** +*** 3241,3246 **** +--- 3241,3260 ---- + @DEFAULT_ICON_DIR@ + DOC_END + ++ NAME: global_internal_static ++ TYPE: onoff ++ LOC: Config.onoff.global_internal_static ++ DEFAULT: on ++ DOC_START ++ This directive controls is Squid should intercept all requests for ++ /squid-internal-static/ no matter which host the URL is requesting ++ (default on setting), or if nothing special should be done for ++ such URLs (off setting). The purpose of this directive is to make ++ icons etc work better in complex cache hierarchies where it may ++ not always be possible for all corners in the cache mesh to reach ++ the server generating a directory listing. ++ DOC_END ++ + NAME: short_icon_urls + TYPE: onoff + LOC: Config.icons.use_short_names +Index: squid/src/client_side.c +diff -c squid/src/client_side.c:1.561.2.76 squid/src/client_side.c:1.561.2.77 +*** squid/src/client_side.c:1.561.2.76 Wed Apr 20 15:46:06 2005 +--- squid/src/client_side.c Thu Jun 9 01:51:47 2005 +*************** +*** 1404,1410 **** + (void) 0; + else if (http->entry->timestamp < 0) + (void) 0; +! else if (http->entry->timestamp < squid_curtime) + httpHeaderPutInt(hdr, HDR_AGE, + squid_curtime - http->entry->timestamp); + } +--- 1404,1413 ---- + (void) 0; + else if (http->entry->timestamp < 0) + (void) 0; +! if (EBIT_TEST(http->entry->flags, ENTRY_SPECIAL)) { +! httpHeaderDelById(hdr, HDR_DATE); +! httpHeaderInsertTime(hdr, 0, HDR_DATE, squid_curtime); +! } else if (http->entry->timestamp < squid_curtime) + httpHeaderPutInt(hdr, HDR_AGE, + squid_curtime - http->entry->timestamp); + } +*************** +*** 2719,2729 **** + *t = '\0'; + #endif + +! /* handle internal objects */ +! if (internalCheck(url)) { + /* prepend our name & port */ + http->uri = xstrdup(internalLocalUri(NULL, url)); +- http->flags.internal = 1; + http->flags.accel = 1; + } + /* see if we running in Config2.Accel.on, if so got to convert it to URL */ +--- 2722,2731 ---- + *t = '\0'; + #endif + +! /* handle direct internal objects */ +! if (!Config2.Accel.on && internalCheck(url)) { + /* prepend our name & port */ + http->uri = xstrdup(internalLocalUri(NULL, url)); + http->flags.accel = 1; + } + /* see if we running in Config2.Accel.on, if so got to convert it to URL */ +*************** +*** 3099,3105 **** + if (internalHostnameIs(request->host) && + request->port == ntohs(Config.Sockaddr.http->s.sin_port)) { + http->flags.internal = 1; +! } else if (internalStaticCheck(strBuf(request->urlpath))) { + xstrncpy(request->host, internalHostname(), SQUIDHOSTNAMELEN); + request->port = ntohs(Config.Sockaddr.http->s.sin_port); + http->flags.internal = 1; +--- 3101,3107 ---- + if (internalHostnameIs(request->host) && + request->port == ntohs(Config.Sockaddr.http->s.sin_port)) { + http->flags.internal = 1; +! } else if (Config.onoff.global_internal_static && internalStaticCheck(strBuf(request->urlpath))) { + xstrncpy(request->host, internalHostname(), SQUIDHOSTNAMELEN); + request->port = ntohs(Config.Sockaddr.http->s.sin_port); + http->flags.internal = 1; +Index: squid/src/protos.h +diff -c squid/src/protos.h:1.420.2.35 squid/src/protos.h:1.420.2.36 +*** squid/src/protos.h:1.420.2.35 Wed May 18 09:28:32 2005 +--- squid/src/protos.h Thu Jun 9 01:51:47 2005 +*************** +*** 424,429 **** +--- 424,430 ---- + extern void httpHeaderPutInt(HttpHeader * hdr, http_hdr_type type, int number); + extern void httpHeaderPutSize(HttpHeader * hdr, http_hdr_type type, squid_off_t number); + extern void httpHeaderPutTime(HttpHeader * hdr, http_hdr_type type, time_t htime); ++ extern void httpHeaderInsertTime(HttpHeader * hdr, int pos, http_hdr_type type, time_t htime); + extern void httpHeaderPutStr(HttpHeader * hdr, http_hdr_type type, const char *str); + extern void httpHeaderPutAuth(HttpHeader * hdr, const char *auth_scheme, const char *realm); + extern void httpHeaderPutCc(HttpHeader * hdr, const HttpHdrCc * cc); +*************** +*** 453,458 **** +--- 454,460 ---- + extern HttpHeaderEntry *httpHeaderGetEntry(const HttpHeader * hdr, HttpHeaderPos * pos); + extern HttpHeaderEntry *httpHeaderFindEntry(const HttpHeader * hdr, http_hdr_type id); + extern void httpHeaderAddEntry(HttpHeader * hdr, HttpHeaderEntry * e); ++ extern void httpHeaderInsertEntry(HttpHeader * hdr, HttpHeaderEntry * e, int pos); + extern HttpHeaderEntry *httpHeaderEntryClone(const HttpHeaderEntry * e); + extern void httpHeaderEntryPackInto(const HttpHeaderEntry * e, Packer * p); + /* store report about current header usage and other stats */ +Index: squid/src/structs.h +diff -c squid/src/structs.h:1.408.2.43 squid/src/structs.h:1.408.2.44 +*** squid/src/structs.h:1.408.2.43 Wed May 4 12:03:47 2005 +--- squid/src/structs.h Thu Jun 9 01:51:47 2005 +*************** +*** 609,614 **** +--- 609,615 ---- + int relaxed_header_parser; + int accel_uses_host_header; + int accel_no_pmtu_disc; ++ int global_internal_static; + } onoff; + acl *aclList; + struct { diff --git a/squid-2.5.STABLE10-ldap_auth-U.patch b/squid-2.5.STABLE10-ldap_auth-U.patch new file mode 100644 index 0000000..d19c834 --- /dev/null +++ b/squid-2.5.STABLE10-ldap_auth-U.patch @@ -0,0 +1,37 @@ +Index: squid/helpers/basic_auth/LDAP/squid_ldap_auth.c +diff -c squid/helpers/basic_auth/LDAP/squid_ldap_auth.c:1.21.2.21 squid/helpers/basic_auth/LDAP/squid_ldap_auth.c:1.21.2.22 +*** squid/helpers/basic_auth/LDAP/squid_ldap_auth.c:1.21.2.21 Fri Apr 22 14:29:29 2005 +--- squid/helpers/basic_auth/LDAP/squid_ldap_auth.c Thu Sep 1 16:47:19 2005 +*************** +*** 672,685 **** + } + + if (debug) +! fprintf(stderr, "attempting to bind to user '%s'\n", dn); + if (!bind_ld && !bind_once) + bind_ld = persistent_ld; + if (!bind_ld) + bind_ld = open_ldap_connection(ldapServer, port); +! if (passwdattr && ldap_compare_s(bind_ld, dn, passwdattr, password) != LDAP_COMPARE_TRUE) +! ret = 1; +! else if (ldap_simple_bind_s(bind_ld, dn, password) != LDAP_SUCCESS) + ret = 1; + if (bind_ld != persistent_ld) { + ldap_unbind(bind_ld); +--- 672,687 ---- + } + + if (debug) +! fprintf(stderr, "attempting to authenticate user '%s'\n", dn); + if (!bind_ld && !bind_once) + bind_ld = persistent_ld; + if (!bind_ld) + bind_ld = open_ldap_connection(ldapServer, port); +! if (passwdattr) { +! if (ldap_compare_s(bind_ld, dn, passwdattr, password) != LDAP_COMPARE_TRUE) { +! ret = 1; +! } +! } else if (ldap_simple_bind_s(bind_ld, dn, password) != LDAP_SUCCESS) + ret = 1; + if (bind_ld != persistent_ld) { + ldap_unbind(bind_ld); diff --git a/squid-2.5.STABLE10-mail_from.patch b/squid-2.5.STABLE10-mail_from.patch new file mode 100644 index 0000000..a579c93 --- /dev/null +++ b/squid-2.5.STABLE10-mail_from.patch @@ -0,0 +1,63 @@ +Index: squid/src/cf.data.pre +diff -c squid/src/cf.data.pre:1.245.2.96 squid/src/cf.data.pre:1.245.2.97 +*** squid/src/cf.data.pre:1.245.2.96 Sun Aug 14 10:28:07 2005 +--- squid/src/cf.data.pre Sat Sep 3 03:14:43 2005 +*************** +*** 2444,2449 **** +--- 2444,2461 ---- + DOC_END + + ++ NAME: mail_from ++ TYPE: string ++ DEFAULT: none ++ LOC: Config.EmailFrom ++ DOC_START ++ From: email-address for mail sent when the cache dies. ++ The default is to use 'appname@unique_hostname'. ++ Default appname value is "squid", can be changed into ++ src/globals.h before building squid. ++ DOC_END ++ ++ + NAME: mail_program + TYPE: eol + DEFAULT: mail +Index: squid/src/structs.h +diff -c squid/src/structs.h:1.408.2.47 squid/src/structs.h:1.408.2.48 +*** squid/src/structs.h:1.408.2.47 Thu Sep 1 16:22:23 2005 +--- squid/src/structs.h Sat Sep 3 03:14:43 2005 +*************** +*** 480,485 **** +--- 480,486 ---- + int rotateNumber; + } Log; + char *adminEmail; ++ char *EmailFrom; + char *EmailProgram; + char *effectiveUser; + char *effectiveGroup; +Index: squid/src/tools.c +diff -c squid/src/tools.c:1.213.2.17 squid/src/tools.c:1.213.2.18 +*** squid/src/tools.c:1.213.2.17 Sun Aug 14 10:28:07 2005 +--- squid/src/tools.c Sat Sep 3 03:14:43 2005 +*************** +*** 106,112 **** + if ((fp = fopen(filename, "w")) == NULL) + return; + #endif +! fprintf(fp, "From: %s\n", appname); + fprintf(fp, "To: %s\n", Config.adminEmail); + fprintf(fp, "Subject: %s\n", dead_msg()); + fclose(fp); +--- 106,115 ---- + if ((fp = fopen(filename, "w")) == NULL) + return; + #endif +! if (Config.EmailFrom) +! fprintf(fp, "From: %s\n", Config.EmailFrom); +! else +! fprintf(fp, "From: %s@%s\n", appname, uniqueHostname()); + fprintf(fp, "To: %s\n", Config.adminEmail); + fprintf(fp, "Subject: %s\n", dead_msg()); + fclose(fp); diff --git a/squid-2.5.STABLE10-mail_program.patch b/squid-2.5.STABLE10-mail_program.patch new file mode 100644 index 0000000..392efd0 --- /dev/null +++ b/squid-2.5.STABLE10-mail_program.patch @@ -0,0 +1,61 @@ +Index: squid/src/cf.data.pre +diff -c squid/src/cf.data.pre:1.245.2.95 squid/src/cf.data.pre:1.245.2.96 +*** squid/src/cf.data.pre:1.245.2.95 Thu Jun 9 01:51:46 2005 +--- squid/src/cf.data.pre Sun Aug 14 10:28:07 2005 +*************** +*** 2444,2449 **** +--- 2444,2462 ---- + DOC_END + + ++ NAME: mail_program ++ TYPE: eol ++ DEFAULT: mail ++ LOC: Config.EmailProgram ++ DOC_START ++ Email program used to send mail if the cache dies. ++ The default is "mail". The specified program must complain ++ with the standard Unix mail syntax: ++ mail_program recipient < mailfile ++ Optional command line options can be specified. ++ DOC_END ++ ++ + NAME: cache_effective_user + TYPE: string + DEFAULT: nobody +Index: squid/src/structs.h +diff -c squid/src/structs.h:1.408.2.44 squid/src/structs.h:1.408.2.45 +*** squid/src/structs.h:1.408.2.44 Thu Jun 9 01:51:47 2005 +--- squid/src/structs.h Sun Aug 14 10:28:07 2005 +*************** +*** 480,485 **** +--- 480,486 ---- + int rotateNumber; + } Log; + char *adminEmail; ++ char *EmailProgram; + char *effectiveUser; + char *effectiveGroup; + struct { +Index: squid/src/tools.c +diff -c squid/src/tools.c:1.213.2.16 squid/src/tools.c:1.213.2.17 +*** squid/src/tools.c:1.213.2.16 Mon Jun 13 16:26:22 2005 +--- squid/src/tools.c Sun Aug 14 10:28:07 2005 +*************** +*** 110,116 **** + fprintf(fp, "To: %s\n", Config.adminEmail); + fprintf(fp, "Subject: %s\n", dead_msg()); + fclose(fp); +! snprintf(command, 256, "mail %s < %s", Config.adminEmail, filename); + system(command); /* XXX should avoid system(3) */ + unlink(filename); + } +--- 110,116 ---- + fprintf(fp, "To: %s\n", Config.adminEmail); + fprintf(fp, "Subject: %s\n", dead_msg()); + fclose(fp); +! snprintf(command, 256, "%s %s < %s", Config.EmailProgram, Config.adminEmail, filename); + system(command); /* XXX should avoid system(3) */ + unlink(filename); + } diff --git a/squid-2.5.STABLE10-redirect_flags.patch b/squid-2.5.STABLE10-redirect_flags.patch new file mode 100644 index 0000000..4fdfdf8 --- /dev/null +++ b/squid-2.5.STABLE10-redirect_flags.patch @@ -0,0 +1,24 @@ +Index: squid/src/client_side.c +diff -c squid/src/client_side.c:1.561.2.78 squid/src/client_side.c:1.561.2.79 +*** squid/src/client_side.c:1.561.2.78 Mon Jun 13 16:32:33 2005 +--- squid/src/client_side.c Mon Jun 13 16:41:35 2005 +*************** +*** 357,362 **** +--- 357,363 ---- + new_request->client_addr = old_request->client_addr; + new_request->my_addr = old_request->my_addr; + new_request->my_port = old_request->my_port; ++ new_request->flags = old_request->flags; + new_request->flags.redirected = 1; + if (old_request->auth_user_request) { + new_request->auth_user_request = old_request->auth_user_request; +*************** +*** 369,375 **** + old_request->body_reader_data = NULL; + } + new_request->content_length = old_request->content_length; +- new_request->flags.proxy_keepalive = old_request->flags.proxy_keepalive; + requestUnlink(old_request); + http->request = requestLink(new_request); + } +--- 370,375 ---- diff --git a/squid-2.5.STABLE10-snmp_getnext.patch b/squid-2.5.STABLE10-snmp_getnext.patch new file mode 100644 index 0000000..eb30760 --- /dev/null +++ b/squid-2.5.STABLE10-snmp_getnext.patch @@ -0,0 +1,25 @@ +Index: squid/src/snmp_core.c +diff -c squid/src/snmp_core.c:1.51.2.5 squid/src/snmp_core.c:1.51.2.6 +*** squid/src/snmp_core.c:1.51.2.5 Wed May 4 12:03:47 2005 +--- squid/src/snmp_core.c Sun Jun 19 15:01:21 2005 +*************** +*** 660,666 **** + if (Current[count] == mibTreeEntry->name[count]) { + count++; + while ((mibTreeEntry) && (count < CurrentLen) && (!mibTreeEntry->parsefunction)) { +! mibTreeEntry = snmpTreeEntry(Current[count], count, mibTreeEntry); + count++; + } + debug(49, 5) ("snmpTreeNext: Recursed down to requested object\n"); +--- 660,670 ---- + if (Current[count] == mibTreeEntry->name[count]) { + count++; + while ((mibTreeEntry) && (count < CurrentLen) && (!mibTreeEntry->parsefunction)) { +! mib_tree_entry *nextmibTreeEntry = snmpTreeEntry(Current[count], count, mibTreeEntry); +! if (!nextmibTreeEntry) +! break; +! else +! mibTreeEntry = nextmibTreeEntry; + count++; + } + debug(49, 5) ("snmpTreeNext: Recursed down to requested object\n"); diff --git a/squid-2.5.STABLE10-spanish.patch b/squid-2.5.STABLE10-spanish.patch new file mode 100644 index 0000000..a8e4e28 --- /dev/null +++ b/squid-2.5.STABLE10-spanish.patch @@ -0,0 +1,470 @@ +Index: squid/errors/Spanish//ERR_CACHE_ACCESS_DENIED +diff -c squid/errors/Spanish//ERR_CACHE_ACCESS_DENIED:1.3.2.3 squid/errors/Spanish//ERR_CACHE_ACCESS_DENIED:1.3.2.4 +*** squid/errors/Spanish//ERR_CACHE_ACCESS_DENIED:1.3.2.3 Wed Aug 28 15:08:14 2002 +--- squid/errors/Spanish//ERR_CACHE_ACCESS_DENIED Mon Jun 6 15:35:43 2005 +*************** +*** 1,11 **** + + +! ERROR: Acceso Denegado al Cache + + + +

ERROR

+!

Acceso Denegado al Cache

+
+

+ Mientras se intentaba traer el URL: +--- 1,11 ---- + + +! ERROR: Acceso Denegado al Caché + + + +

ERROR

+!

Acceso Denegado al Caché

+
+

+ Mientras se intentaba traer el URL: +*************** +*** 15,34 **** +

    +
  • + +! Acceso denegado al cache. + +
+ +

+ Disculpe, Ud. no está autorizado a acceder a: + 

    %U
+! desde este cache hasta que se haya autenticado. + + +

+! Ud. necesita utilizar Netscape version 2.0 o superior, o Microsoft Internet +! Explorer 3.0, o un navegador que cumpla con HTTP/1.1 para que funcione. +! Por favor contacte al administrador del cache si + tiene dificultad para autenticarse o + cambie su password. +

+--- 15,34 ---- +
    +
  • + +! Acceso denegado al caché. + +
+ +

+ Disculpe, Ud. no está autorizado a acceder a: + 

    %U
+! desde este caché hasta que se haya autenticado. + + +

+! Ud. necesita utilizar Netscape versión 2.0 o superior, o Microsoft +! Internet Explorer 3.0, o un navegador que cumpla con HTTP/1.1 para que funcione. +! Por favor contacte al administrador del caché si + tiene dificultad para autenticarse o + cambie su password. +

+Index: squid/errors/Spanish//ERR_CACHE_MGR_ACCESS_DENIED +diff -c squid/errors/Spanish//ERR_CACHE_MGR_ACCESS_DENIED:1.2.4.3 squid/errors/Spanish//ERR_CACHE_MGR_ACCESS_DENIED:1.2.4.4 +*** squid/errors/Spanish//ERR_CACHE_MGR_ACCESS_DENIED:1.2.4.3 Wed Aug 28 15:08:14 2002 +--- squid/errors/Spanish//ERR_CACHE_MGR_ACCESS_DENIED Mon Jun 6 15:35:43 2005 +*************** +*** 1,6 **** + + +! ERROR: Acceso Denegado al Cache Manager + + + +--- 1,6 ---- + + +! ERROR: Acceso Denegado al Caché Manager + + + +*************** +*** 21,33 **** + +

Disculpe, Ud. no está autorizado a acceder a: + 

    %U
+! desde este cache hasta que se haya autenticado. + +

+! Ud. necesita utilizar Netscape version 2.0 o superior, o Microsoft Internet +! Explorer 3.0, o un navegador que cumpla con HTTP/1.1 para que funcione. +! Por favor contacte al administrador del cache si + tiene dificultad para autenticarse, o si Ud. es el administrador, + lea la documentación de Squid sobre interfaz del cache manager y +! chequee en el log de cache mensajes de error más detallados. +

+--- 21,33 ---- + +

Disculpe, Ud. no está autorizado a acceder a: + 

    %U
+! desde este caché hasta que se haya autenticado. + +

+! Ud. necesita utilizar Netscape versión 2.0 o superior, o Microsoft +! Internet Explorer 3.0, o un navegador que cumpla con HTTP/1.1 para que funcione. +! Por favor contacte al administrador del caché si + tiene dificultad para autenticarse, o si Ud. es el administrador, + lea la documentación de Squid sobre interfaz del cache manager y +! chequee en el log de caché mensajes de error más detallados. +

+Index: squid/errors/Spanish//ERR_CANNOT_FORWARD +diff -c squid/errors/Spanish//ERR_CANNOT_FORWARD:1.3.4.3 squid/errors/Spanish//ERR_CANNOT_FORWARD:1.3.4.4 +*** squid/errors/Spanish//ERR_CANNOT_FORWARD:1.3.4.3 Wed Aug 28 15:08:14 2002 +--- squid/errors/Spanish//ERR_CANNOT_FORWARD Mon Jun 6 15:35:43 2005 +*************** +*** 19,31 **** + + +

+! La petición no ha podido ser enviada al servidor origen o a alguna +! de las cachés padres. Las razones más probables de que haya + ocurrido este error son: +

    +!
  • El administrador de la caché no permite que esta + caché realice conexiones directas a los servidores + origen, y +!
  • Todas las cachés configuradas como padres son inalcanzables + en este momento. +
+--- 19,31 ---- + + +

+! La petición no ha podido ser enviada al servidor origen o a alguno +! de los cachés padres. Las razones más probables de que haya + ocurrido este error son: +

    +!
  • El administrador de lo caché no permite que este + caché realice conexiones directas a los servidores + origen, y +!
  • Todos los cachés configurados como padres son inalcanzables + en este momento. +
+Index: squid/errors/Spanish//ERR_DNS_FAIL +diff -c squid/errors/Spanish//ERR_DNS_FAIL:1.3.4.3 squid/errors/Spanish//ERR_DNS_FAIL:1.3.4.4 +*** squid/errors/Spanish//ERR_DNS_FAIL:1.3.4.3 Wed Aug 28 15:08:14 2002 +--- squid/errors/Spanish//ERR_DNS_FAIL Mon Jun 6 15:35:43 2005 +*************** +*** 12,18 **** + Ha ocurrido el siguiente problema: +
+ Incapaz de determinar la dirección IP a partir +! del nombre de la máquina: + %H +
+ +--- 12,18 ---- + Ha ocurrido el siguiente problema: +
+ Incapaz de determinar la dirección IP a partir +! del nombre de la máquina: + %H +
+ +*************** +*** 25,31 **** +

+ Esto significa que: + 

+!  La caché no ha sido capaz de resolver el nombre de máquina
+   presente en la URL.
+   Compruebe que la dirección sea correcta.
+
+--- 25,31 ---- +

+ Esto significa que: + 

+!  El caché no ha sido capaz de resolver el nombre de máquina
+   presente en la URL.
+   Compruebe que la dirección sea correcta.
+
+Index: squid/errors/Spanish//ERR_FORWARDING_DENIED +diff -c squid/errors/Spanish//ERR_FORWARDING_DENIED:1.3.4.3 squid/errors/Spanish//ERR_FORWARDING_DENIED:1.3.4.4 +*** squid/errors/Spanish//ERR_FORWARDING_DENIED:1.3.4.3 Wed Aug 28 15:08:14 2002 +--- squid/errors/Spanish//ERR_FORWARDING_DENIED Mon Jun 6 15:35:43 2005 +*************** +*** 19,25 **** + + +

+! Esta caché no permite reenviar su petición porque trata de + obligar a mantener una relación de hermandad. +! Quizás el cliente en %i es una caché que ha sido mal configurada. +

+--- 19,25 ---- + + +

+! Este caché no permite reenviar su petición porque trata de + obligar a mantener una relación de hermandad. +! Quizás el cliente en %i es un caché que ha sido mal configurado. +

+Index: squid/errors/Spanish//ERR_FTP_DISABLED +diff -c squid/errors/Spanish//ERR_FTP_DISABLED:1.3.4.3 squid/errors/Spanish//ERR_FTP_DISABLED:1.3.4.4 +*** squid/errors/Spanish//ERR_FTP_DISABLED:1.3.4.3 Wed Aug 28 15:08:14 2002 +--- squid/errors/Spanish//ERR_FTP_DISABLED Mon Jun 6 15:35:43 2005 +*************** +*** 19,23 **** + + +

+! Esta caché no proporciona servicio caché para el protocolo FTP. +

+--- 19,23 ---- + + +

+! Este caché no proporciona servicio caché para el protocolo FTP. +

+Index: squid/errors/Spanish//ERR_FTP_NOT_FOUND +diff -c squid/errors/Spanish//ERR_FTP_NOT_FOUND:1.3.4.3 squid/errors/Spanish//ERR_FTP_NOT_FOUND:1.3.4.4 +*** squid/errors/Spanish//ERR_FTP_NOT_FOUND:1.3.4.3 Wed Aug 28 15:08:14 2002 +--- squid/errors/Spanish//ERR_FTP_NOT_FOUND Mon Jun 6 15:35:43 2005 +*************** +*** 17,23 **** + 
%g
+

+ Esto puede ser causado por un URL FTP con un camino absoluto (y por +! lo tanto no cumple con RFC 1738). Si este es la causa, entonces el + archivo puede ser obtenido en %B. +

+ +--- 17,23 ---- + 
%g
+

+ Esto puede ser causado por un URL FTP con un camino absoluto (y por +! lo tanto no cumple con RFC 1738). Si esta es la causa, entonces el + archivo puede ser obtenido en %B. +

+ +Index: squid/errors/Spanish//ERR_INVALID_REQ +diff -c squid/errors/Spanish//ERR_INVALID_REQ:1.3.4.3 squid/errors/Spanish//ERR_INVALID_REQ:1.3.4.4 +*** squid/errors/Spanish//ERR_INVALID_REQ:1.3.4.3 Wed Aug 28 15:08:14 2002 +--- squid/errors/Spanish//ERR_INVALID_REQ Mon Jun 6 15:35:43 2005 +*************** +*** 7,13 **** +

El URL solicitado no se ha podido conseguir

+
+

+! Mientras se intentaba procesar la petición: + 

+  %R
+
+--- 7,13 ---- +

El URL solicitado no se ha podido conseguir

+
+

+! Mientras se intentaba procesar la petición: + 

+  %R
+
+Index: squid/errors/Spanish//ERR_INVALID_RESP +diff -c squid/errors/Spanish//ERR_INVALID_RESP:1.1.2.1 squid/errors/Spanish//ERR_INVALID_RESP:1.1.2.2 +*** squid/errors/Spanish//ERR_INVALID_RESP:1.1.2.1 Mon Jan 17 15:13:04 2005 +--- squid/errors/Spanish//ERR_INVALID_RESP Mon Jun 6 15:35:43 2005 +*************** +*** 1,29 **** + + +! ERROR: The requested URL could not be retrieved + + +

ERROR

+!

The requested URL could not be retrieved

+
+

+! While trying to process the request: + 

+  %R
+
+

+! The following error was encountered: +

    +
  • + +! Invalid Response + +
+ +

+! The HTTP Response message received from the contacted server +! could not be understood or was otherwise malformed. Please contact +! the site operator. Your cache administrator may be able to provide +! you with more details about the exact nature of the problem if needed. +! +!

Your cache administrator is %w. +--- 1,30 ---- + + +! ERROR: El URL solicitado no se ha podido conseguir + + +

ERROR

+!

El URL solicitado no se ha podido conseguir

+
+

+! Mientras se intentaba procesar la petición: + 

+  %R
+
+

+! Ha ocurrido el siguiente problema: +

    +
  • + +! Respuesta no válida. + +
+ +

+! El mensaje de Respuesta HTTP recibido del servidor contactado +! no pudo ser entendido o tenía alguna malformación. +! Por favor contacte al operador del sitio web. Quizas su +! administrador del caché pueda darle a Ud. más +! detalles acerca de la naturaleza exacta del problema en caso +! de ser necesario. +!

Su administrador del caché es %w. +Index: squid/errors/Spanish//ERR_INVALID_URL +diff -c squid/errors/Spanish//ERR_INVALID_URL:1.3.4.3 squid/errors/Spanish//ERR_INVALID_URL:1.3.4.4 +*** squid/errors/Spanish//ERR_INVALID_URL:1.3.4.3 Wed Aug 28 15:08:14 2002 +--- squid/errors/Spanish//ERR_INVALID_URL Mon Jun 6 15:35:43 2005 +*************** +*** 14,20 **** +

    +
  • + +! URL incorrecta. + +
+ +--- 14,20 ---- +
    +
  • + +! URL incorrecto. + +
+ +Index: squid/errors/Spanish//ERR_NO_RELAY +diff -c squid/errors/Spanish//ERR_NO_RELAY:1.3.4.3 squid/errors/Spanish//ERR_NO_RELAY:1.3.4.4 +*** squid/errors/Spanish//ERR_NO_RELAY:1.3.4.3 Wed Aug 28 15:08:14 2002 +--- squid/errors/Spanish//ERR_NO_RELAY Mon Jun 6 15:35:43 2005 +*************** +*** 19,23 **** + + +

+! Esta caché no tiene definido ninguna pasarela para el protocolo WAIS !! +! ¡Gríteselo al administrador de la caché ! +--- 19,24 ---- + + +

+! Este caché no tiene definido ninguna pasarela para el protocolo WAIS !! +! ¡Grítele al administrador del caché ! +!

Su administrador del caché es %w. +--- 24,27 ---- + directamente si cree que esto es un error. + +

+! Su administrador del caché es %w. +Index: squid/errors/Spanish//ERR_UNSUP_REQ +diff -c squid/errors/Spanish//ERR_UNSUP_REQ:1.3.4.3 squid/errors/Spanish//ERR_UNSUP_REQ:1.3.4.4 +*** squid/errors/Spanish//ERR_UNSUP_REQ:1.3.4.3 Wed Aug 28 15:08:14 2002 +--- squid/errors/Spanish//ERR_UNSUP_REQ Mon Jun 6 15:35:43 2005 +*************** +*** 14,20 **** +

    +
  • + +! Método de la petición y protocolo no soportados + +
+ +--- 14,20 ---- +
    +
  • + +! Método de la petición y protocolo no soportados. + +
+ diff --git a/squid-2.5.STABLE10-sslConnectTimeout.patch b/squid-2.5.STABLE10-sslConnectTimeout.patch new file mode 100644 index 0000000..b876421 --- /dev/null +++ b/squid-2.5.STABLE10-sslConnectTimeout.patch @@ -0,0 +1,15 @@ +Index: squid/src/ssl.c +diff -c squid/src/ssl.c:1.118.2.11 squid/src/ssl.c:1.118.2.12 +*** squid/src/ssl.c:1.118.2.11 Sun Apr 17 18:54:30 2005 +--- squid/src/ssl.c Thu Sep 1 14:24:27 2005 +*************** +*** 106,111 **** +--- 106,113 ---- + sslState->client.fd = -1; + if (sslState->server.fd == -1) + sslStateFree(sslState); ++ else if (!sslState->connected) ++ comm_close(sslState->server.fd); + } + + static void diff --git a/squid-2.5.STABLE10-statHistAssert.patch b/squid-2.5.STABLE10-statHistAssert.patch new file mode 100644 index 0000000..cfc4ce6 --- /dev/null +++ b/squid-2.5.STABLE10-statHistAssert.patch @@ -0,0 +1,21 @@ +Index: squid/src/StatHist.c +diff -c squid/src/StatHist.c:1.26 squid/src/StatHist.c:1.26.2.1 +*** squid/src/StatHist.c:1.26 Wed Oct 24 02:19:08 2001 +--- squid/src/StatHist.c Thu Sep 1 15:52:23 2005 +*************** +*** 90,96 **** + /* a max value should go into the last bin */ + assert(statHistBin(H, max) == H->capacity - 1); + /* it is hard to test val_out, here is a crude test */ +! assert(((int) floor(0.99L + statHistVal(H, 0) - min)) == 0); + } + + void +--- 90,96 ---- + /* a max value should go into the last bin */ + assert(statHistBin(H, max) == H->capacity - 1); + /* it is hard to test val_out, here is a crude test */ +! assert(((int) floor(0.99 + statHistVal(H, 0) - min)) == 0); + } + + void diff --git a/squid-2.5.STABLE10-transparent-2.patch b/squid-2.5.STABLE10-transparent-2.patch new file mode 100644 index 0000000..3a5fd10 --- /dev/null +++ b/squid-2.5.STABLE10-transparent-2.patch @@ -0,0 +1,115 @@ +Index: squid/src/client_side.c +diff -c squid/src/client_side.c:1.561.2.77 squid/src/client_side.c:1.561.2.80 +*** squid/src/client_side.c:1.561.2.77 Thu Jun 9 01:51:47 2005 +--- squid/src/client_side.c Thu Jun 30 02:38:00 2005 +@@ -2733,6 +2733,7 @@ + int vport; + if (vhost_mode) { + #if IPF_TRANSPARENT ++ static time_t last_reported = 0; + natLookup.nl_inport = http->conn->me.sin_port; + natLookup.nl_outport = http->conn->peer.sin_port; + natLookup.nl_inip = http->conn->me.sin_addr; +@@ -2751,12 +2752,10 @@ + errno = save_errno; + } + if (natfd < 0) { +- debug(50, 1) ("parseHttpRequest: NAT open failed: %s\n", +- xstrerror()); +- dlinkDelete(&http->active, &ClientActiveRequests); +- xfree(http->uri); +- cbdataFree(http); +- xfree(inbuf); ++ if (squid_curtime - last_reported > 60) { ++ debug(50, 1) ("parseHttpRequest: NAT open failed: %s\n", xstrerror()); ++ last_reported = squid_curtime; ++ } + } else { + /* + * IP-Filter changed the type for SIOCGNATL between +@@ -2773,48 +2772,59 @@ + } + if (x < 0) { + if (errno != ESRCH) { +- debug(50, 1) ("parseHttpRequest: NAT lookup failed: ioctl(SIOCGNATL)\n"); ++ if (squid_curtime - last_reported > 60) { ++ debug(50, 1) ("parseHttpRequest: NAT lookup failed: ioctl(SIOCGNATL): %s\n", xstrerror()); ++ last_reported = squid_curtime; ++ } + close(natfd); + natfd = -1; +- dlinkDelete(&http->active, &ClientActiveRequests); +- xfree(http->uri); +- cbdataFree(http); +- xfree(inbuf); + } + } else { + conn->me.sin_port = natLookup.nl_realport; +- http->conn->me.sin_addr = natLookup.nl_realip; ++ conn->me.sin_addr = natLookup.nl_realip; + } + } + #elif PF_TRANSPARENT ++ static time_t last_reported = 0; + if (pffd < 0) + pffd = open("/dev/pf", O_RDWR); + if (pffd < 0) { +- debug(50, 1) ("parseHttpRequest: PF open failed: %s\n", +- xstrerror()); +- return parseHttpRequestAbort(conn, "error:pf-open-failed"); +- } +- memset(&nl, 0, sizeof(struct pfioc_natlook)); +- nl.saddr.v4.s_addr = http->conn->peer.sin_addr.s_addr; +- nl.sport = http->conn->peer.sin_port; +- nl.daddr.v4.s_addr = http->conn->me.sin_addr.s_addr; +- nl.dport = http->conn->me.sin_port; +- nl.af = AF_INET; +- nl.proto = IPPROTO_TCP; +- nl.direction = PF_OUT; +- if (ioctl(pffd, DIOCNATLOOK, &nl)) { +- if (errno != ENOENT) { +- debug(50, 1) ("parseHttpRequest: PF lookup failed: ioctl(DIOCNATLOOK)\n"); +- close(pffd); +- pffd = -1; ++ if (squid_curtime - last_reported > 60) { ++ debug(50, 1) ("parseHttpRequest: PF open failed: %s\n", xstrerror()); ++ last_reported = squid_curtime; + } + } else { +- conn->me.sin_port = nl.rdport; +- http->conn->me.sin_addr = nl.rdaddr.v4; ++ memset(&nl, 0, sizeof(struct pfioc_natlook)); ++ nl.saddr.v4.s_addr = http->conn->peer.sin_addr.s_addr; ++ nl.sport = http->conn->peer.sin_port; ++ nl.daddr.v4.s_addr = http->conn->me.sin_addr.s_addr; ++ nl.dport = http->conn->me.sin_port; ++ nl.af = AF_INET; ++ nl.proto = IPPROTO_TCP; ++ nl.direction = PF_OUT; ++ if (ioctl(pffd, DIOCNATLOOK, &nl)) { ++ if (errno != ENOENT) { ++ if (squid_curtime - last_reported > 60) { ++ debug(50, 1) ("parseHttpRequest: PF lookup failed: ioctl(DIOCNATLOOK): %s\n", xstrerror()); ++ last_reported = squid_curtime; ++ } ++ close(pffd); ++ pffd = -1; ++ } ++ } else { ++ conn->me.sin_port = nl.rdport; ++ conn->me.sin_addr = nl.rdaddr.v4; ++ } + } + #elif LINUX_NETFILTER ++ static time_t last_reported = 0; + /* If the call fails the address structure will be unchanged */ +- getsockopt(conn->fd, SOL_IP, SO_ORIGINAL_DST, &conn->me, &sock_sz); ++ if (getsockopt(conn->fd, SOL_IP, SO_ORIGINAL_DST, &conn->me, &sock_sz) != 0) { ++ if (squid_curtime - last_reported > 60) { ++ debug(50, 1) ("parseHttpRequest: NF getsockopt(SO_ORIGINAL_DST) failed: %s\n", xstrerror()); ++ last_reported = squid_curtime; ++ } ++ } + #endif + } + if (vport_mode) diff --git a/squid-2.5.STABLE10-wb_ntlm_auth_silent.patch b/squid-2.5.STABLE10-wb_ntlm_auth_silent.patch new file mode 100644 index 0000000..da1e4d2 --- /dev/null +++ b/squid-2.5.STABLE10-wb_ntlm_auth_silent.patch @@ -0,0 +1,66 @@ +Index: squid/helpers/ntlm_auth/winbind/wb_ntlm_auth.c +diff -c squid/helpers/ntlm_auth/winbind/wb_ntlm_auth.c:1.1.2.9 squid/helpers/ntlm_auth/winbind/wb_ntlm_auth.c:1.1.2.10 +*** squid/helpers/ntlm_auth/winbind/wb_ntlm_auth.c:1.1.2.9 Thu Jun 30 12:50:56 2005 +--- squid/helpers/ntlm_auth/winbind/wb_ntlm_auth.c Sat Jul 9 02:42:49 2005 +*************** +*** 117,138 **** + if (have_urandom == DONTKNOW) { + int result = 0; + struct stat st; + result = stat(ENTROPY_SOURCE, &st); + if (result != 0 || !(S_ISCHR(st.st_mode) || S_ISBLK(st.st_mode))) { + debug("Entropy source " ENTROPY_SOURCE " is unavailable\n"); + have_urandom = NO; +! } +! if ((urandom_file = fopen(ENTROPY_SOURCE, "r")) == NULL) { +! unsigned int seed; +! struct timeval t; + warn("Can't open entropy source " ENTROPY_SOURCE "\n"); + have_urandom = NO; +! gettimeofday(&t, NULL); +! seed = squid_random() * getpid() * t.tv_sec * t.tv_usec; +! squid_srandom(seed); +! } else { + have_urandom = YES; +- } + } + } + +--- 117,136 ---- + if (have_urandom == DONTKNOW) { + int result = 0; + struct stat st; ++ unsigned int seed; ++ struct timeval t; ++ gettimeofday(&t, NULL); ++ seed = squid_random() * getpid() * t.tv_sec * t.tv_usec; ++ squid_srandom(seed); + result = stat(ENTROPY_SOURCE, &st); + if (result != 0 || !(S_ISCHR(st.st_mode) || S_ISBLK(st.st_mode))) { + debug("Entropy source " ENTROPY_SOURCE " is unavailable\n"); + have_urandom = NO; +! } else if ((urandom_file = fopen(ENTROPY_SOURCE, "r")) == NULL) { + warn("Can't open entropy source " ENTROPY_SOURCE "\n"); + have_urandom = NO; +! } else + have_urandom = YES; + } + } + +*************** +*** 349,355 **** + domain = strdup(response.data.domain_name); + uc(domain); + +! warn("target domain is %s\n", domain); + return domain; + } + +--- 347,353 ---- + domain = strdup(response.data.domain_name); + uc(domain); + +! debug("target domain is %s\n", domain); + return domain; + } + diff --git a/squid-2.5.STABLE10-wbinfo_groups.patch b/squid-2.5.STABLE10-wbinfo_groups.patch new file mode 100644 index 0000000..38f16b5 --- /dev/null +++ b/squid-2.5.STABLE10-wbinfo_groups.patch @@ -0,0 +1,39 @@ +Index: squid/helpers/external_acl/wbinfo_group/wbinfo_group.pl +diff -c squid/helpers/external_acl/wbinfo_group/wbinfo_group.pl:1.1.2.2 squid/helpers/external_acl/wbinfo_group/wbinfo_group.pl:1.1.2.3 +*** squid/helpers/external_acl/wbinfo_group/wbinfo_group.pl:1.1.2.2 Tue Feb 17 15:37:51 2004 +--- squid/helpers/external_acl/wbinfo_group/wbinfo_group.pl Wed Jun 29 14:34:14 2005 +*************** +*** 15,20 **** +--- 15,23 ---- + # 2002-07-05 Jerry Murdock + # Initial release + # ++ # 2005-06-28 Arno Streuli ++ # Add multi group check ++ + + # external_acl uses shell style lines in it's protocol + require 'shellwords.pl'; +*************** +*** 47,54 **** + while () { + chop; + &debug ("Got $_ from squid"); +! ($user, $group) = &shellwords; +! $ans = &check($user, $group); + &debug ("Sending $ans to squid"); + print "$ans\n"; + } +--- 50,61 ---- + while () { + chop; + &debug ("Got $_ from squid"); +! ($user, @groups) = &shellwords; +! # test for each group squid send in it's request +! foreach $group (@groups) { +! $ans = &check($user, $group); +! last if $ans eq "OK"; +! } + &debug ("Sending $ans to squid"); + print "$ans\n"; + } diff --git a/squid-2.5.STABLE11-CACHE_HTTP_PORT.patch b/squid-2.5.STABLE11-CACHE_HTTP_PORT.patch new file mode 100644 index 0000000..370e131 --- /dev/null +++ b/squid-2.5.STABLE11-CACHE_HTTP_PORT.patch @@ -0,0 +1,132 @@ +Index: squid/configure.in +diff -c squid/configure.in:1.251.2.101 squid/configure.in:1.251.2.102 +*** squid/configure.in:1.251.2.101 Thu Sep 22 02:15:05 2005 +--- squid/configure.in Wed Sep 28 14:50:25 2005 +*************** +*** 68,74 **** +--- 68,76 ---- + + dnl Substitutions + AC_DEFINE_UNQUOTED(CACHE_HTTP_PORT, $CACHE_HTTP_PORT) ++ AC_SUBST(CACHE_HTTP_PORT) + AC_DEFINE_UNQUOTED(CACHE_ICP_PORT, $CACHE_ICP_PORT) ++ AC_SUBST(CACHE_ICP_PORT) + + AC_DEFINE_UNQUOTED(CONFIG_HOST_TYPE, "$host") + +Index: squid/src/Makefile.am +diff -c squid/src/Makefile.am:1.16.2.11 squid/src/Makefile.am:1.16.2.12 +*** squid/src/Makefile.am:1.16.2.11 Fri Apr 22 19:32:27 2005 +--- squid/src/Makefile.am Wed Sep 28 14:50:25 2005 +*************** +*** 272,277 **** +--- 272,279 ---- + cachemgr.conf \ + mime.conf.default + ++ DEFAULT_HTTP_PORT = @CACHE_HTTP_PORT@ ++ DEFAULT_ICP_PORT = @CACHE_ICP_PORT@ + DEFAULT_PREFIX = $(prefix) + DEFAULT_CONFIG_FILE = $(sysconfdir)/squid.conf + DEFAULT_CACHEMGR_CONFIG = $(sysconfdir)/cachemgr.conf +*************** +*** 325,330 **** +--- 327,334 ---- + ## depend on the Makefile. + cf.data: cf.data.pre Makefile + sed "\ ++ s%@DEFAULT_HTTP_PORT@%$(DEFAULT_HTTP_PORT)%g;\ ++ s%@DEFAULT_ICP_PORT@%$(DEFAULT_ICP_PORT)%g;\ + s%@DEFAULT_MIME_TABLE@%$(DEFAULT_MIME_TABLE)%g;\ + s%@DEFAULT_DNSSERVER@%$(DEFAULT_DNSSERVER)%g;\ + s%@DEFAULT_UNLINKD@%$(DEFAULT_UNLINKD)%g;\ +Index: squid/src/cf.data.pre +diff -c squid/src/cf.data.pre:1.245.2.100 squid/src/cf.data.pre:1.245.2.101 +*** squid/src/cf.data.pre:1.245.2.100 Wed Sep 28 06:29:45 2005 +--- squid/src/cf.data.pre Wed Sep 28 14:50:25 2005 +*************** +*** 56,62 **** + NAME: http_port ascii_port + TYPE: sockaddr_in_list + DEFAULT: none +! DEFAULT_IF_NONE: 3128 + LOC: Config.Sockaddr.http + DOC_START + Usage: port +--- 56,62 ---- + NAME: http_port ascii_port + TYPE: sockaddr_in_list + DEFAULT: none +! DEFAULT_IF_NONE: @DEFAULT_HTTP_PORT@ + LOC: Config.Sockaddr.http + DOC_START + Usage: port +*************** +*** 145,151 **** + + NAME: icp_port udp_port + TYPE: ushort +! DEFAULT: 3130 + LOC: Config.Port.icp + DOC_START + The port number where Squid sends and receives ICP queries to +--- 145,151 ---- + + NAME: icp_port udp_port + TYPE: ushort +! DEFAULT: @DEFAULT_ICP_PORT@ + LOC: Config.Port.icp + DOC_START + The port number where Squid sends and receives ICP queries to +Index: squid/configure +diff -c squid/configure:1.248.2.103 squid/configure:1.248.2.104 +*** squid/configure:1.248.2.103 Thu Sep 22 02:15:26 2005 +--- squid/configure Wed Sep 28 14:57:13 2005 +*************** +*** 9055,9060 **** +--- 9057,9064 ---- + s%@CGIEXT@%$CGIEXT%g + s%@ENABLE_WIN32SPECIFIC_TRUE@%$ENABLE_WIN32SPECIFIC_TRUE%g + s%@ENABLE_WIN32SPECIFIC_FALSE@%$ENABLE_WIN32SPECIFIC_FALSE%g ++ s%@CACHE_HTTP_PORT@%$CACHE_HTTP_PORT%g ++ s%@CACHE_ICP_PORT@%$CACHE_ICP_PORT%g + s%@LIBDLMALLOC@%$LIBDLMALLOC%g + s%@LIB_MALLOC@%$LIB_MALLOC%g + s%@STORE_OBJS@%$STORE_OBJS%g +Index: squid/src/Makefile.in +diff -c squid/src/Makefile.in:1.225.2.24 squid/src/Makefile.in:1.225.2.25 +*** squid/src/Makefile.in:1.225.2.24 Sat Apr 23 18:12:08 2005 +--- squid/src/Makefile.in Wed Sep 28 14:57:21 2005 +*************** +*** 73,78 **** +--- 73,80 ---- + AUTH_OBJS = @AUTH_OBJS@ + AWK = @AWK@ + BASIC_AUTH_HELPERS = @BASIC_AUTH_HELPERS@ ++ CACHE_HTTP_PORT = @CACHE_HTTP_PORT@ ++ CACHE_ICP_PORT = @CACHE_ICP_PORT@ + CC = @CC@ + CGIEXT = @CGIEXT@ + CPP = @CPP@ +*************** +*** 375,380 **** +--- 377,384 ---- + mime.conf.default + + ++ DEFAULT_HTTP_PORT = @CACHE_HTTP_PORT@ ++ DEFAULT_ICP_PORT = @CACHE_ICP_PORT@ + DEFAULT_PREFIX = $(prefix) + DEFAULT_CONFIG_FILE = $(sysconfdir)/squid.conf + DEFAULT_CACHEMGR_CONFIG = $(sysconfdir)/cachemgr.conf +*************** +*** 1144,1149 **** +--- 1148,1155 ---- + + cf.data: cf.data.pre Makefile + sed "\ ++ s%@DEFAULT_HTTP_PORT@%$(DEFAULT_HTTP_PORT)%g;\ ++ s%@DEFAULT_ICP_PORT@%$(DEFAULT_ICP_PORT)%g;\ + s%@DEFAULT_MIME_TABLE@%$(DEFAULT_MIME_TABLE)%g;\ + s%@DEFAULT_DNSSERVER@%$(DEFAULT_DNSSERVER)%g;\ + s%@DEFAULT_UNLINKD@%$(DEFAULT_UNLINKD)%g;\ diff --git a/squid-2.5.STABLE11-CNAME.patch b/squid-2.5.STABLE11-CNAME.patch new file mode 100644 index 0000000..dee2a1b --- /dev/null +++ b/squid-2.5.STABLE11-CNAME.patch @@ -0,0 +1,104 @@ +Index: squid/include/rfc1035.h +diff -c squid/include/rfc1035.h:1.6.2.2 squid/include/rfc1035.h:1.6.2.3 +*** squid/include/rfc1035.h:1.6.2.2 Tue May 10 05:48:20 2005 +--- squid/include/rfc1035.h Wed Sep 28 15:47:58 2005 +*************** +*** 100,105 **** +--- 100,106 ---- + extern const char *rfc1035_error_message; + + #define RFC1035_TYPE_A 1 ++ #define RFC1035_TYPE_CNAME 5 + #define RFC1035_TYPE_PTR 12 + #define RFC1035_CLASS_IN 1 + +Index: squid/src/fqdncache.c +diff -c squid/src/fqdncache.c:1.149.2.7 squid/src/fqdncache.c:1.149.2.8 +*** squid/src/fqdncache.c:1.149.2.7 Mon Feb 21 09:59:45 2005 +--- squid/src/fqdncache.c Wed Sep 28 15:47:58 2005 +*************** +*** 299,317 **** + debug(35, 3) ("fqdncacheParse: %d answers for '%s'\n", nr, name); + assert(answers); + for (k = 0; k < nr; k++) { +- if (answers[k].type != RFC1035_TYPE_PTR) +- continue; + if (answers[k].class != RFC1035_CLASS_IN) + continue; +! if (!answers[k].rdata[0]) { +! debug(35, 2) ("fqdncacheParse: blank PTR record for '%s'\n", name); +! continue; +! } +! if (strchr(answers[k].rdata, ' ')) { +! debug(35, 2) ("fqdncacheParse: invalid PTR record '%s' for '%s'\n", answers[k].rdata, name); + continue; +- } +- f->names[f->name_count++] = xstrdup(answers[k].rdata); + if (ttl == 0 || answers[k].ttl < ttl) + ttl = answers[k].ttl; + if (f->name_count >= FQDN_MAX_NAMES) +--- 299,318 ---- + debug(35, 3) ("fqdncacheParse: %d answers for '%s'\n", nr, name); + assert(answers); + for (k = 0; k < nr; k++) { + if (answers[k].class != RFC1035_CLASS_IN) + continue; +! if (answers[k].type == RFC1035_TYPE_PTR) { +! if (!answers[k].rdata[0]) { +! debug(35, 2) ("fqdncacheParse: blank PTR record for '%s'\n", name); +! continue; +! } +! if (strchr(answers[k].rdata, ' ')) { +! debug(35, 2) ("fqdncacheParse: invalid PTR record '%s' for '%s'\n", answers[k].rdata, name); +! continue; +! } +! f->names[f->name_count++] = xstrdup(answers[k].rdata); +! } else if (answers[k].type != RFC1035_TYPE_CNAME) + continue; + if (ttl == 0 || answers[k].ttl < ttl) + ttl = answers[k].ttl; + if (f->name_count >= FQDN_MAX_NAMES) +Index: squid/src/ipcache.c +diff -c squid/src/ipcache.c:1.236.2.6 squid/src/ipcache.c:1.236.2.7 +*** squid/src/ipcache.c:1.236.2.6 Sat Feb 12 22:53:56 2005 +--- squid/src/ipcache.c Wed Sep 28 15:47:58 2005 +*************** +*** 353,370 **** + i->addrs.in_addrs = xcalloc(na, sizeof(struct in_addr)); + i->addrs.bad_mask = xcalloc(na, sizeof(unsigned char)); + for (j = 0, k = 0; k < nr; k++) { +- if (answers[k].type != RFC1035_TYPE_A) +- continue; + if (answers[k].class != RFC1035_CLASS_IN) + continue; +! if (answers[k].rdlength != 4) + continue; + if (ttl == 0 || ttl > answers[k].ttl) + ttl = answers[k].ttl; +- xmemcpy(&i->addrs.in_addrs[j++], answers[k].rdata, 4); +- debug(14, 3) ("ipcacheParse: #%d %s\n", +- j - 1, +- inet_ntoa(i->addrs.in_addrs[j - 1])); + } + i->addrs.count = (unsigned char) na; + if (ttl == 0 || ttl > Config.positiveDnsTtl) +--- 353,371 ---- + i->addrs.in_addrs = xcalloc(na, sizeof(struct in_addr)); + i->addrs.bad_mask = xcalloc(na, sizeof(unsigned char)); + for (j = 0, k = 0; k < nr; k++) { + if (answers[k].class != RFC1035_CLASS_IN) + continue; +! if (answers[k].type == RFC1035_TYPE_A) { +! if (answers[k].rdlength != 4) +! continue; +! xmemcpy(&i->addrs.in_addrs[j++], answers[k].rdata, 4); +! debug(14, 3) ("ipcacheParse: #%d %s\n", +! j - 1, +! inet_ntoa(i->addrs.in_addrs[j - 1])); +! } else if (answers[k].type != RFC1035_TYPE_CNAME) + continue; + if (ttl == 0 || ttl > answers[k].ttl) + ttl = answers[k].ttl; + } + i->addrs.count = (unsigned char) na; + if (ttl == 0 || ttl > Config.positiveDnsTtl) diff --git a/squid-2.5.STABLE11-delaypools_truncated.patch b/squid-2.5.STABLE11-delaypools_truncated.patch new file mode 100644 index 0000000..ba19188 --- /dev/null +++ b/squid-2.5.STABLE11-delaypools_truncated.patch @@ -0,0 +1,26 @@ +Index: squid/src/delay_pools.c +diff -c squid/src/delay_pools.c:1.19.2.9 squid/src/delay_pools.c:1.19.2.10 +*** squid/src/delay_pools.c:1.19.2.9 Sat Sep 10 19:49:53 2005 +--- squid/src/delay_pools.c Tue Sep 27 16:25:30 2005 +*************** +*** 676,683 **** + d = sc->delay_id; + } + } +! if (jmax >= 0 && jmax < (int) *read_sz) + *read_sz = (size_t) jmax; + return d; + } + +--- 676,686 ---- + d = sc->delay_id; + } + } +! if (jmax >= 0 && jmax < (int) *read_sz) { +! if (jmax == 0) +! jmax = 1; + *read_sz = (size_t) jmax; ++ } + return d; + } + diff --git a/squid-2.5.STABLE11-ldap_auth.patch b/squid-2.5.STABLE11-ldap_auth.patch new file mode 100644 index 0000000..1938405 --- /dev/null +++ b/squid-2.5.STABLE11-ldap_auth.patch @@ -0,0 +1,172 @@ +Index: squid/helpers/basic_auth/LDAP/squid_ldap_auth.8 +diff -c squid/helpers/basic_auth/LDAP/squid_ldap_auth.8:1.7.2.9 squid/helpers/basic_auth/LDAP/squid_ldap_auth.8:1.7.2.10 +*** squid/helpers/basic_auth/LDAP/squid_ldap_auth.8:1.7.2.9 Sun Jan 30 12:28:56 2005 +--- squid/helpers/basic_auth/LDAP/squid_ldap_auth.8 Wed Sep 28 12:33:42 2005 +*************** +*** 199,205 **** + a user DN and password to log in as to perform the searches, as in the + following complex Active Directory example + .IP +! squid_ldap_auth -p -R -b "dc=your,dc=domain" -D "cn=squid,cn=users,dc=your,dc=domain" -w "secretsquidpassword" -f "(&(userPrincipalName=%s)(objectClass=Person))" activedirectoryserver + . + .SH NOTES + . +--- 199,205 ---- + a user DN and password to log in as to perform the searches, as in the + following complex Active Directory example + .IP +! squid_ldap_auth -P -R -b "dc=your,dc=domain" -D "cn=squid,cn=users,dc=your,dc=domain" -w "secretsquidpassword" -f "(&(userPrincipalName=%s)(objectClass=Person))" activedirectoryserver + . + .SH NOTES + . +Index: squid/helpers/basic_auth/LDAP/squid_ldap_auth.c +diff -c squid/helpers/basic_auth/LDAP/squid_ldap_auth.c:1.21.2.23 squid/helpers/basic_auth/LDAP/squid_ldap_auth.c:1.21.2.24 +*** squid/helpers/basic_auth/LDAP/squid_ldap_auth.c:1.21.2.23 Sat Sep 10 18:53:23 2005 +--- squid/helpers/basic_auth/LDAP/squid_ldap_auth.c Wed Sep 28 12:33:42 2005 +*************** +*** 187,193 **** + else + ld->ld_options &= ~LDAP_OPT_REFERRALS; + } +! static void + squid_ldap_set_timelimit(LDAP * ld, int timelimit) + { + ld->ld_timelimit = timelimit; +--- 187,193 ---- + else + ld->ld_options &= ~LDAP_OPT_REFERRALS; + } +! static void + squid_ldap_set_timelimit(LDAP * ld, int timelimit) + { + ld->ld_timelimit = timelimit; +*************** +*** 259,265 **** + } + if (use_tls) { + #ifdef LDAP_OPT_X_TLS +! if (version != LDAP_VERSION3) { + fprintf(stderr, "TLS requires LDAP version 3\n"); + exit(1); + } else if (ldap_start_tls_s(ld, NULL, NULL) != LDAP_SUCCESS) { +--- 259,265 ---- + } + if (use_tls) { + #ifdef LDAP_OPT_X_TLS +! if (version != LDAP_VERSION3) { + fprintf(stderr, "TLS requires LDAP version 3\n"); + exit(1); + } else if (ldap_start_tls_s(ld, NULL, NULL) != LDAP_SUCCESS) { +*************** +*** 282,293 **** + static int + validUsername(const char *user) + { +! const unsigned char *p = (const unsigned char *)user; + + /* Leading whitespace? */ + if (isspace(p[0])) + return 0; +! while(p[0] && p[1]) { + if (isspace(p[0])) { + /* More than one consequitive space? */ + if (isspace(p[1])) +--- 282,293 ---- + static int + validUsername(const char *user) + { +! const unsigned char *p = (const unsigned char *) user; + + /* Leading whitespace? */ + if (isspace(p[0])) + return 0; +! while (p[0] && p[1]) { + if (isspace(p[0])) { + /* More than one consequitive space? */ + if (isspace(p[1])) +*************** +*** 581,597 **** +--- 581,603 ---- + return n; + } + ++ /* Check the userid & password. ++ * Return 0 on success, 1 on failure ++ */ + static int + checkLDAP(LDAP * persistent_ld, const char *userid, const char *password, const char *ldapServer, int port) + { + char dn[256]; + int ret = 0; + LDAP *bind_ld = NULL; ++ int rc; + + if (!*password) { + /* LDAP can't bind with a blank password. Seen as "anonymous" + * and always granted access + */ ++ if (debug) ++ fprintf(stderr, "Blank password given\n"); + return 1; + } + if (searchfilter) { +*************** +*** 599,607 **** + char escaped_login[256]; + LDAPMessage *res = NULL; + LDAPMessage *entry; +! char *searchattr[] = {LDAP_NO_ATTRS, NULL}; + char *userdn; +- int rc; + LDAP *search_ld = persistent_ld; + + if (!search_ld) +--- 605,613 ---- + char escaped_login[256]; + LDAPMessage *res = NULL; + LDAPMessage *entry; +! char *searchattr[] = +! {LDAP_NO_ATTRS, NULL}; + char *userdn; + LDAP *search_ld = persistent_ld; + + if (!search_ld) +*************** +*** 625,630 **** +--- 631,638 ---- + /* Everything is fine. This is expected when referrals + * are disabled. + */ ++ if (debug) ++ fprintf(stderr, "noreferrals && rc == LDAP_PARTIAL_RESULTS\n"); + } else { + fprintf(stderr, PROGRAM_NAME ": WARNING, LDAP search error '%s'\n", ldap_err2string(rc)); + #if defined(NETSCAPE_SSL) +*************** +*** 639,644 **** +--- 647,654 ---- + } + entry = ldap_first_entry(search_ld, res); + if (!entry) { ++ if (debug) ++ fprintf(stderr, "Ldap search returned nothing\n"); + ret = 1; + goto search_done; + } +*************** +*** 690,696 **** + return ret; + } + +! int + readSecret(const char *filename) + { + char buf[BUFSIZ]; +--- 700,706 ---- + return ret; + } + +! int + readSecret(const char *filename) + { + char buf[BUFSIZ]; diff --git a/squid-2.5.STABLE11-tcp_outgoing_xxx.patch b/squid-2.5.STABLE11-tcp_outgoing_xxx.patch new file mode 100644 index 0000000..40149c5 --- /dev/null +++ b/squid-2.5.STABLE11-tcp_outgoing_xxx.patch @@ -0,0 +1,32 @@ +Index: squid/src/cf.data.pre +diff -c squid/src/cf.data.pre:1.245.2.99 squid/src/cf.data.pre:1.245.2.100 +*** squid/src/cf.data.pre:1.245.2.99 Tue Sep 13 07:44:35 2005 +--- squid/src/cf.data.pre Wed Sep 28 06:29:45 2005 +*************** +*** 2359,2364 **** +--- 2359,2369 ---- + + Processing proceeds in the order specified, and stops at first fully + matching line. ++ ++ Note: The use of this directive using client dependent ACLs is ++ incompatible with the use of server side persistent connetions. To ++ ensure correct results it is best to set server_persisten_connections ++ to off when using this directive in such configurations. + DOC_END + + NAME: tcp_outgoing_address +*************** +*** 2385,2390 **** +--- 2390,2400 ---- + + Processing proceeds in the order specified, and stops at first fully + matching line. ++ ++ Note: The use of this directive using client dependent ACLs is ++ incompatible with the use of server side persistent connetions. To ++ ensure correct results it is best to set server_persisten_connections ++ to off when using this directive in such configurations. + DOC_END + + NAME: reply_header_max_size diff --git a/squid-2.5.STABLE11.accel_single_host_pconn.patch b/squid-2.5.STABLE11.accel_single_host_pconn.patch new file mode 100644 index 0000000..7b7fcf1 --- /dev/null +++ b/squid-2.5.STABLE11.accel_single_host_pconn.patch @@ -0,0 +1,24 @@ +Index: squid/src/http.c +diff -c squid/src/http.c:1.384.2.32 squid/src/http.c:1.384.2.33 +*** squid/src/http.c:1.384.2.32 Sat Sep 10 19:49:54 2005 +--- squid/src/http.c Wed Sep 28 14:48:19 2005 +*************** +*** 738,744 **** + #endif + comm_remove_close_handler(fd, httpStateFree, httpState); + fwdUnregister(fd, httpState->fwd); +! pconnPush(fd, request->host, request->port); + fwdComplete(httpState->fwd); + httpState->fd = -1; + httpStateFree(fd, httpState); +--- 738,747 ---- + #endif + comm_remove_close_handler(fd, httpStateFree, httpState); + fwdUnregister(fd, httpState->fwd); +! if (request->flags.accelerated && Config.Accel.single_host && Config.Accel.host) +! pconnPush(fd, Config.Accel.host, Config.Accel.port); +! else +! pconnPush(fd, request->host, request->port); + fwdComplete(httpState->fwd); + httpState->fd = -1; + httpStateFree(fd, httpState); diff --git a/squid-2.5.STABLE4-apache-like-combined-log.patch b/squid-2.5.STABLE4-apache-like-combined-log.patch new file mode 100644 index 0000000..503e5f2 --- /dev/null +++ b/squid-2.5.STABLE4-apache-like-combined-log.patch @@ -0,0 +1,73 @@ +diff -Nur squid-2.5.STABLE4.orig/src/access_log.c squid-2.5.STABLE4/src/access_log.c +--- squid-2.5.STABLE4.orig/src/access_log.c 2003-07-28 10:59:28.000000000 +0200 ++++ squid-2.5.STABLE4/src/access_log.c 2004-01-24 19:52:12.000000000 +0100 +@@ -268,24 +268,32 @@ + { + const char *client = NULL; + char *user1 = NULL, *user2 = NULL; ++ request_t * request = al->request; ++ const HttpHeader *req_hdr = &request->header; ++ + if (Config.onoff.log_fqdn) + client = fqdncache_gethostbyaddr(al->cache.caddr, 0); + if (client == NULL) + client = inet_ntoa(al->cache.caddr); + user1 = accessLogFormatName(al->cache.authuser); + user2 = accessLogFormatName(al->cache.rfc931); +- logfilePrintf(logfile, "%s %s %s [%s] \"%s %s HTTP/%d.%d\" %d %ld %s:%s", ++ ++ logfilePrintf(logfile, "%s %s %s [%s] \"%s %s HTTP/%d.%d\" %d %ld \"%s\" \"%s\"", + client, +- user2 ? user2 : dash_str, +- user1 ? user1 : dash_str, +- mkhttpdlogtime(&squid_curtime), +- al->private.method_str, +- al->url, +- al->http.version.major, al->http.version.minor, +- al->http.code, +- (long int) al->cache.size, +- log_tags[al->cache.code], +- hier_strings[al->hier.code]); ++ user2 ? user2 : dash_str, ++ user1 ? user1 : dash_str, ++ mkhttpdlogtime(&squid_curtime), ++ al->private.method_str, ++ (al->http_uri ? al->http_uri : al->url), ++ al->http.version.major, al->http.version.minor, ++ al->http.code, ++ (long int) al->cache.size, ++ httpHeaderHas( req_hdr, HDR_REFERER ) ? ++ httpHeaderGetStr( req_hdr, HDR_REFERER ) : ++ dash_str, // Referer if we have it, else dash_str. ++ httpHeaderHas( req_hdr, HDR_USER_AGENT ) ? ++ httpHeaderGetStr( req_hdr, HDR_USER_AGENT ) : ++ dash_str ); // User-Agent if we have it, else dash_str. + safe_free(user1); + safe_free(user2); + } +diff -Nur squid-2.5.STABLE4.orig/src/client_side.c squid-2.5.STABLE4/src/client_side.c +--- squid-2.5.STABLE4.orig/src/client_side.c 2004-01-24 19:11:23.000000000 +0100 ++++ squid-2.5.STABLE4/src/client_side.c 2004-01-24 19:58:22.000000000 +0100 +@@ -845,7 +845,9 @@ + http->al.http.method = request->method; + http->al.http.version = request->http_ver; + http->al.headers.request = xstrdup(mb.buf); +- http->al.hier = request->hier; ++ http->al.hier = request->hier; /* apache-like combined-log */ ++ http->al.request = request; /* apache-like combined-log */ ++ http->al.http_uri = http->uri; /* apache-like combined-log */ + if (request->auth_user_request) { + if (authenticateUserRequestUsername(request->auth_user_request)) + http->al.cache.authuser = xstrdup(authenticateUserRequestUsername(request->auth_user_request)); +diff -Nur squid-2.5.STABLE4.orig/src/structs.h squid-2.5.STABLE4/src/structs.h +--- squid-2.5.STABLE4.orig/src/structs.h 2004-01-24 19:11:23.000000000 +0100 ++++ squid-2.5.STABLE4/src/structs.h 2004-01-24 19:59:56.000000000 +0100 +@@ -1045,6 +1045,8 @@ + struct { + const char *method_str; + } private; ++ request_t *request; /* apache-like combined-log */ ++ char *http_uri; /* apache-like combined-log */ + HierarchyLogEntry hier; + }; + diff --git a/squid-2.5.STABLE5-CONNECT_timeout.patch b/squid-2.5.STABLE5-CONNECT_timeout.patch new file mode 100644 index 0000000..e5f64a3 --- /dev/null +++ b/squid-2.5.STABLE5-CONNECT_timeout.patch @@ -0,0 +1,90 @@ +Index: squid/src/ssl.c +diff -c squid/src/ssl.c:1.118.2.4 squid/src/ssl.c:1.118.2.5 +*** squid/src/ssl.c:1.118.2.4 Wed Aug 6 07:49:02 2003 +--- squid/src/ssl.c Mon Mar 29 02:59:44 2004 +*************** +*** 218,224 **** + if (!ignoreErrno(errno)) + comm_close(fd); + } else if (len == 0) { +! comm_close(sslState->server.fd); + } + if (cbdataValid(sslState)) + sslSetSelect(sslState); +--- 218,224 ---- + if (!ignoreErrno(errno)) + comm_close(fd); + } else if (len == 0) { +! comm_close(fd); + } + if (cbdataValid(sslState)) + sslSetSelect(sslState); +*************** +*** 376,385 **** +--- 376,388 ---- + { + SslStateData *sslState = data; + assert(sslState != NULL); ++ /* temporary lock to save our own feets (comm_close -> sslClientClosed -> Free) */ ++ cbdataLock(sslState); + if (sslState->client.fd > -1) + comm_close(sslState->client.fd); + if (sslState->server.fd > -1) + comm_close(sslState->server.fd); ++ cbdataUnlock(sslState); + } + + +*************** +*** 432,437 **** +--- 435,467 ---- + } + } + ++ static void ++ sslConnectTimeout(int fd, void *data) ++ { ++ SslStateData *sslState = data; ++ request_t *request = sslState->request; ++ ErrorState *err = NULL; ++ if (sslState->servers->peer) ++ hierarchyNote(&sslState->request->hier, sslState->servers->code, ++ sslState->servers->peer->host); ++ else if (Config.onoff.log_ip_on_direct) ++ hierarchyNote(&sslState->request->hier, sslState->servers->code, ++ fd_table[sslState->server.fd].ipaddr); ++ else ++ hierarchyNote(&sslState->request->hier, sslState->servers->code, ++ sslState->host); ++ comm_close(fd); ++ err = errorCon(ERR_CONNECT_FAIL, HTTP_SERVICE_UNAVAILABLE); ++ *sslState->status_ptr = HTTP_SERVICE_UNAVAILABLE; ++ err->xerrno = ETIMEDOUT; ++ err->host = xstrdup(sslState->host); ++ err->port = sslState->port; ++ err->request = requestLink(request); ++ err->callback = sslErrorComplete; ++ err->callback_data = sslState; ++ errorSend(sslState->client.fd, err); ++ } ++ + CBDATA_TYPE(SslStateData); + void + sslStart(clientHttpRequest * http, size_t * size_ptr, int *status_ptr) +*************** +*** 526,532 **** + sslState); + commSetTimeout(sslState->server.fd, + Config.Timeout.connect, +! sslTimeout, + sslState); + peerSelect(request, + NULL, +--- 556,562 ---- + sslState); + commSetTimeout(sslState->server.fd, + Config.Timeout.connect, +! sslConnectTimeout, + sslState); + peerSelect(request, + NULL, diff --git a/squid-2.5.STABLE5-cache_swap_log.patch b/squid-2.5.STABLE5-cache_swap_log.patch new file mode 100644 index 0000000..f8ccdfd --- /dev/null +++ b/squid-2.5.STABLE5-cache_swap_log.patch @@ -0,0 +1,35 @@ +Index: squid/src/cf.data.pre +diff -c squid/src/cf.data.pre:1.245.2.61 squid/src/cf.data.pre:1.245.2.62 +*** squid/src/cf.data.pre:1.245.2.61 Tue Feb 10 14:01:21 2004 +--- squid/src/cf.data.pre Sat Apr 3 06:51:17 2004 +*************** +*** 862,875 **** + DOC_END + + +! NAME: cache_swap_log + TYPE: string + LOC: Config.Log.swap + DEFAULT: none + DOC_START +! Location for the cache "swap.log." This log file holds the +! metadata of objects saved on disk. It is used to rebuild the +! cache during startup. Normally this file resides in each + 'cache_dir' directory, but you may specify an alternate + pathname here. Note you must give a full filename, not just + a directory. Since this is the index for the whole object +--- 862,875 ---- + DOC_END + + +! NAME: cache_swap_log cache_swap_state + TYPE: string + LOC: Config.Log.swap + DEFAULT: none + DOC_START +! Location for the cache "swap.state" file. This log file holds +! the metadata of objects saved on disk. It is used to rebuild +! the cache during startup. Normally this file resides in each + 'cache_dir' directory, but you may specify an alternate + pathname here. Note you must give a full filename, not just + a directory. Since this is the index for the whole object diff --git a/squid-2.5.STABLE5-deny_info.patch b/squid-2.5.STABLE5-deny_info.patch new file mode 100644 index 0000000..565312f --- /dev/null +++ b/squid-2.5.STABLE5-deny_info.patch @@ -0,0 +1,27 @@ +Index: squid/src/errorpage.c +diff -c squid/src/errorpage.c:1.167.2.9 squid/src/errorpage.c:1.167.2.10 +*** squid/src/errorpage.c:1.167.2.9 Thu Nov 6 09:13:03 2003 +--- squid/src/errorpage.c Mon Mar 29 02:41:36 2004 +*************** +*** 606,614 **** + httpBuildVersion(&version, 1, 0); + if (strchr(name, ':')) { + /* Redirection */ +- char *quoted_url = rfc1738_escape_part(errorConvert('u', err)); + httpReplySetHeaders(rep, version, HTTP_MOVED_TEMPORARILY, NULL, "text/html", 0, 0, squid_curtime); +! httpHeaderPutStrf(&rep->header, HDR_LOCATION, name, quoted_url); + httpHeaderPutStrf(&rep->header, HDR_X_SQUID_ERROR, "%d %s\n", err->http_status, "Access Denied"); + } else { + MemBuf content = errorBuildContent(err); +--- 606,616 ---- + httpBuildVersion(&version, 1, 0); + if (strchr(name, ':')) { + /* Redirection */ + httpReplySetHeaders(rep, version, HTTP_MOVED_TEMPORARILY, NULL, "text/html", 0, 0, squid_curtime); +! if (err->request) { +! char *quoted_url = rfc1738_escape_part(urlCanonical(err->request)); +! httpHeaderPutStrf(&rep->header, HDR_LOCATION, name, quoted_url); +! } + httpHeaderPutStrf(&rep->header, HDR_X_SQUID_ERROR, "%d %s\n", err->http_status, "Access Denied"); + } else { + MemBuf content = errorBuildContent(err); diff --git a/squid-2.5.STABLE5-digest_ERR.patch b/squid-2.5.STABLE5-digest_ERR.patch new file mode 100644 index 0000000..c7c5277 --- /dev/null +++ b/squid-2.5.STABLE5-digest_ERR.patch @@ -0,0 +1,23 @@ +Index: squid/src/cf.data.pre +diff -c squid/src/cf.data.pre:1.245.2.63 squid/src/cf.data.pre:1.245.2.64 +*** squid/src/cf.data.pre:1.245.2.63 Mon Apr 5 11:24:59 2004 +--- squid/src/cf.data.pre Sun Apr 11 14:27:57 2004 +*************** +*** 1342,1349 **** + "program" cmdline + Specify the command for the external authenticator. Such a program + reads a line containing "username":"realm" and replies with the +! appropriate H(A1) value base64 encoded. See rfc 2616 for the +! definition of H(A1). + + By default, the digest authentication scheme is not used unless a + program is specified. +--- 1342,1349 ---- + "program" cmdline + Specify the command for the external authenticator. Such a program + reads a line containing "username":"realm" and replies with the +! appropriate H(A1) value base64 encoded or ERR if the user (or his H(A1) +! hash) does not exists. See rfc 2616 for the definition of H(A1). + + By default, the digest authentication scheme is not used unless a + program is specified. diff --git a/squid-2.5.STABLE5-digest_blank.patch b/squid-2.5.STABLE5-digest_blank.patch new file mode 100644 index 0000000..3af0b9a --- /dev/null +++ b/squid-2.5.STABLE5-digest_blank.patch @@ -0,0 +1,131 @@ +Index: squid/include/config.h +diff -c squid/include/config.h:1.4 squid/include/config.h:1.4.2.1 +*** squid/include/config.h:1.4 Tue Nov 13 14:27:47 2001 +--- squid/include/config.h Sat Apr 17 19:29:51 2004 +*************** +*** 163,168 **** +--- 163,169 ---- + #define xisascii(x) isascii((unsigned char)x) + #define xislower(x) islower((unsigned char)x) + #define xisalpha(x) isalpha((unsigned char)x) ++ #define xisgraph(x) isgraph((unsigned char)x) + + #if HAVE_RANDOM + #define squid_random random +Index: squid/src/authenticate.c +diff -c squid/src/authenticate.c:1.36.2.14 squid/src/authenticate.c:1.36.2.15 +*** squid/src/authenticate.c:1.36.2.14 Wed Feb 18 11:51:16 2004 +--- squid/src/authenticate.c Sat Apr 17 19:29:51 2004 +*************** +*** 94,100 **** + /* we're configured to use this scheme - but is it active ? */ + if ((i = authenticateAuthSchemeId(proxy_auth)) != -1) { + authscheme_list[i].decodeauth(auth_user_request, proxy_auth); +! auth_user_request->auth_user->auth_module = i + 1; + return; + } + } +--- 94,104 ---- + /* we're configured to use this scheme - but is it active ? */ + if ((i = authenticateAuthSchemeId(proxy_auth)) != -1) { + authscheme_list[i].decodeauth(auth_user_request, proxy_auth); +! if (auth_user_request->auth_user) { +! auth_user_request->auth_user->auth_module = i + 1; +! } else { +! debug(29, 1) ("authenticateDecodeAuth: Invalid proxy-auth header, '%s'\n", proxy_auth); +! } + return; + } + } +Index: squid/src/auth/basic/auth_basic.c +diff -c squid/src/auth/basic/auth_basic.c:1.14.2.5 squid/src/auth/basic/auth_basic.c:1.14.2.6 +*** squid/src/auth/basic/auth_basic.c:1.14.2.5 Wed Feb 18 10:50:51 2004 +--- squid/src/auth/basic/auth_basic.c Sat Apr 17 19:29:52 2004 +*************** +*** 421,427 **** + + /* decode the username */ + /* trim BASIC from string */ +! while (!xisspace(*proxy_auth)) + proxy_auth++; + + local_basic.passwd = NULL; +--- 421,427 ---- + + /* decode the username */ + /* trim BASIC from string */ +! while (xisgraph(*proxy_auth)) + proxy_auth++; + + local_basic.passwd = NULL; +Index: squid/src/auth/digest/auth_digest.c +diff -c squid/src/auth/digest/auth_digest.c:1.10.2.11 squid/src/auth/digest/auth_digest.c:1.10.2.12 +*** squid/src/auth/digest/auth_digest.c:1.10.2.11 Thu Feb 19 05:28:01 2004 +--- squid/src/auth/digest/auth_digest.c Sat Apr 17 19:29:52 2004 +*************** +*** 764,770 **** + authenticateDigestDirection(auth_user_request_t * auth_user_request) + { + digest_request_h *digest_request = auth_user_request->scheme_data; +! /* null auth_user is checked for by authenticateDirection */ + switch (digest_request->flags.credentials_ok) { + case 0: /* not checked */ + return -1; +--- 764,771 ---- + authenticateDigestDirection(auth_user_request_t * auth_user_request) + { + digest_request_h *digest_request = auth_user_request->scheme_data; +! if (!digest_request) +! return -2; + switch (digest_request->flags.credentials_ok) { + case 0: /* not checked */ + return -1; +*************** +*** 790,795 **** +--- 791,798 ---- + if (!auth_user_request) + return; + digest_request = auth_user_request->scheme_data; ++ if (!digest_request) ++ return; + /* don't add to authentication error pages */ + if ((!accel && rep->sline.status == HTTP_PROXY_AUTHENTICATION_REQUIRED) + || (accel && rep->sline.status == HTTP_UNAUTHORIZED)) +*************** +*** 1136,1142 **** + digest_request = authDigestRequestNew(); + + /* trim DIGEST from string */ +! while (!xisspace(*proxy_auth)) + proxy_auth++; + + /* Trim leading whitespace before decoding */ +--- 1139,1145 ---- + digest_request = authDigestRequestNew(); + + /* trim DIGEST from string */ +! while (xisgraph(*proxy_auth)) + proxy_auth++; + + /* Trim leading whitespace before decoding */ +Index: squid/src/auth/ntlm/auth_ntlm.c +diff -c squid/src/auth/ntlm/auth_ntlm.c:1.17.2.11 squid/src/auth/ntlm/auth_ntlm.c:1.17.2.12 +*** squid/src/auth/ntlm/auth_ntlm.c:1.17.2.11 Tue Apr 6 08:06:32 2004 +--- squid/src/auth/ntlm/auth_ntlm.c Sat Apr 17 19:29:52 2004 +*************** +*** 671,677 **** + fatal("Invalid authenticate state for NTLMStart"); + } + +! while (!xisspace(*sent_string)) /*trim NTLM */ + sent_string++; + + while (xisspace(*sent_string)) /*trim leading spaces */ +--- 671,677 ---- + fatal("Invalid authenticate state for NTLMStart"); + } + +! while (xisgraph(*sent_string)) /*trim NTLM */ + sent_string++; + + while (xisspace(*sent_string)) /*trim leading spaces */ diff --git a/squid-2.5.STABLE5-helper_warning.patch b/squid-2.5.STABLE5-helper_warning.patch new file mode 100644 index 0000000..79fcb68 --- /dev/null +++ b/squid-2.5.STABLE5-helper_warning.patch @@ -0,0 +1,70 @@ +Index: squid/src/helper.c +diff -c squid/src/helper.c:1.34.2.15 squid/src/helper.c:1.34.2.16 +*** squid/src/helper.c:1.34.2.15 Mon Feb 9 02:03:49 2004 +--- squid/src/helper.c Thu Mar 11 08:26:30 2004 +*************** +*** 743,761 **** + hlp->stats.queue_size++; + if (hlp->stats.queue_size < hlp->n_running) + return; +! if (hlp->stats.queue_size < hlp->n_running) +! return; + if (squid_curtime - hlp->last_queue_warn < 30) + return; + if (shutting_down || reconfiguring) + return; +- hlp->last_queue_warn = squid_curtime; + debug(84, 1) ("WARNING: All %s processes are busy.\n", hlp->id_name); + debug(84, 1) ("WARNING: up to %d pending requests queued\n", hlp->stats.max_queue_size); + if (hlp->stats.queue_size > hlp->n_running * 2) + fatalf("Too many queued %s requests (%d on %d)", hlp->id_name, hlp->stats.queue_size, hlp->n_running); +! if (hlp->stats.max_queue_size > 1) + debug(84, 1) ("Consider increasing the number of %s processes to at least %d in your config file.\n", hlp->id_name, hlp->n_running + hlp->stats.max_queue_size); + hlp->stats.max_queue_size = hlp->stats.queue_size; + } + +--- 743,761 ---- + hlp->stats.queue_size++; + if (hlp->stats.queue_size < hlp->n_running) + return; +! if (hlp->stats.queue_size > hlp->stats.max_queue_size) +! hlp->stats.max_queue_size = hlp->stats.queue_size; + if (squid_curtime - hlp->last_queue_warn < 30) + return; + if (shutting_down || reconfiguring) + return; + debug(84, 1) ("WARNING: All %s processes are busy.\n", hlp->id_name); + debug(84, 1) ("WARNING: up to %d pending requests queued\n", hlp->stats.max_queue_size); + if (hlp->stats.queue_size > hlp->n_running * 2) + fatalf("Too many queued %s requests (%d on %d)", hlp->id_name, hlp->stats.queue_size, hlp->n_running); +! if (squid_curtime - hlp->last_queue_warn < 300) + debug(84, 1) ("Consider increasing the number of %s processes to at least %d in your config file.\n", hlp->id_name, hlp->n_running + hlp->stats.max_queue_size); ++ hlp->last_queue_warn = squid_curtime; + hlp->stats.max_queue_size = hlp->stats.queue_size; + } + +*************** +*** 775,785 **** + return; + if (shutting_down || reconfiguring) + return; +- hlp->last_queue_warn = squid_curtime; + debug(84, 1) ("WARNING: All %s processes are busy.\n", hlp->id_name); + debug(84, 1) ("WARNING: up to %d pending requests queued\n", hlp->stats.max_queue_size); +! if (hlp->stats.max_queue_size > 1) + debug(84, 1) ("Consider increasing the number of %s processes to at least %d in your config file.\n", hlp->id_name, hlp->n_running + hlp->stats.max_queue_size); + hlp->stats.max_queue_size = hlp->stats.queue_size; + } + +--- 775,785 ---- + return; + if (shutting_down || reconfiguring) + return; + debug(84, 1) ("WARNING: All %s processes are busy.\n", hlp->id_name); + debug(84, 1) ("WARNING: up to %d pending requests queued\n", hlp->stats.max_queue_size); +! if (squid_curtime - hlp->last_queue_warn < 300) + debug(84, 1) ("Consider increasing the number of %s processes to at least %d in your config file.\n", hlp->id_name, hlp->n_running + hlp->stats.max_queue_size); ++ hlp->last_queue_warn = squid_curtime; + hlp->stats.max_queue_size = hlp->stats.queue_size; + } + diff --git a/squid-2.5.STABLE5-ldap.patch b/squid-2.5.STABLE5-ldap.patch new file mode 100644 index 0000000..3ec55cc --- /dev/null +++ b/squid-2.5.STABLE5-ldap.patch @@ -0,0 +1,205 @@ +Index: squid/helpers/basic_auth/LDAP/squid_ldap_auth.8 +diff -c squid/helpers/basic_auth/LDAP/squid_ldap_auth.8:1.7.2.4 squid/helpers/basic_auth/LDAP/squid_ldap_auth.8:1.7.2.5 +*** squid/helpers/basic_auth/LDAP/squid_ldap_auth.8:1.7.2.4 Wed Feb 18 09:15:52 2004 +--- squid/helpers/basic_auth/LDAP/squid_ldap_auth.8 Tue Mar 2 02:13:29 2004 +*************** +*** 132,137 **** +--- 132,143 ---- + .BI -t search_timeout + Specify time limit on LDAP search operations + . ++ .TP ++ .BU -d ++ Debug mode where each step taken will get reported in detail. ++ Useful for understanding what goes wrong if the results is ++ not what is expected. ++ . + .SH EXAMPLES + For directories using the RFC2307 layout with a single domain, all + you need to specify is usually the base DN under where your users +Index: squid/helpers/basic_auth/LDAP/squid_ldap_auth.c +diff -c squid/helpers/basic_auth/LDAP/squid_ldap_auth.c:1.21.2.8 squid/helpers/basic_auth/LDAP/squid_ldap_auth.c:1.21.2.10 +*** squid/helpers/basic_auth/LDAP/squid_ldap_auth.c:1.21.2.8 Mon Jan 5 06:12:11 2004 +--- squid/helpers/basic_auth/LDAP/squid_ldap_auth.c Thu Mar 4 02:37:38 2004 +*************** +*** 30,35 **** +--- 30,39 ---- + * or (at your option) any later version. + * + * Changes: ++ * 2004-03-01: Henrik Nordstrom ++ * - corrected building of search filters to escape ++ * unsafe input ++ * - -d option for "debug" like squid_ldap_group + * 2004-01-05: Henrik Nordstrom + * - Corrected TLS mode + * 2003-03-01: David J N Begley +*************** +*** 95,100 **** +--- 99,105 ---- + #endif + static int connect_timeout = 0; + static int timelimit = LDAP_NO_LIMIT; ++ static int debug = 0; + + /* Added for TLS support and version 3 */ + static int use_tls = 0; +*************** +*** 208,213 **** +--- 213,219 ---- + case 'R': + case 'z': + case 'Z': ++ case 'd': + break; + default: + if (strlen(argv[1]) > 2) { +*************** +*** 333,338 **** +--- 339,347 ---- + use_tls = 1; + break; + #endif ++ case 'd': ++ debug++; ++ break; + default: + fprintf(stderr, PROGRAM_NAME ": ERROR: Unknown command line option '%c'\n", option); + exit(1); +*************** +*** 478,483 **** +--- 487,520 ---- + } + + static int ++ ldap_escape_value(char *escaped, int size, const char *src) ++ { ++ int n = 0; ++ while (size > 4 && *src) { ++ switch(*src) { ++ case '*': ++ case '(': ++ case ')': ++ case '\\': ++ n += 3; ++ size -= 3; ++ if (size > 0) { ++ *escaped++ = '\\'; ++ snprintf(escaped, 3, "%02x", (unsigned char)*src++); ++ escaped+=2; ++ } ++ break; ++ default: ++ *escaped++ = *src++; ++ n++; ++ size--; ++ } ++ } ++ *escaped = '\0'; ++ return n; ++ } ++ ++ static int + checkLDAP(LDAP * ld, const char *userid, const char *password) + { + char dn[256]; +*************** +*** 490,495 **** +--- 527,533 ---- + } + if (searchfilter) { + char filter[256]; ++ char escaped_login[256]; + LDAPMessage *res = NULL; + LDAPMessage *entry; + char *searchattr[] = +*************** +*** 497,502 **** +--- 535,541 ---- + char *userdn; + int rc; + ++ ldap_escape_value(escaped_login, sizeof(escaped_login), userid); + if (binddn) { + rc = ldap_simple_bind_s(ld, binddn, bindpasswd); + if (rc != LDAP_SUCCESS) { +*************** +*** 504,510 **** + return 1; + } + } +! snprintf(filter, sizeof(filter), searchfilter, userid, userid, userid, userid, userid, userid, userid, userid, userid, userid, userid, userid, userid, userid, userid); + rc = ldap_search_s(ld, basedn, searchscope, filter, searchattr, 1, &res); + if (rc != LDAP_SUCCESS) { + if (noreferrals && rc == LDAP_PARTIAL_RESULTS) { +--- 543,551 ---- + return 1; + } + } +! snprintf(filter, sizeof(filter), searchfilter, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login, escaped_login); +! if (debug) +! fprintf(stderr, "user filter '%s', searchbase '%s'\n", filter, basedn); + rc = ldap_search_s(ld, basedn, searchscope, filter, searchattr, 1, &res); + if (rc != LDAP_SUCCESS) { + if (noreferrals && rc == LDAP_PARTIAL_RESULTS) { +*************** +*** 541,546 **** +--- 582,589 ---- + snprintf(dn, sizeof(dn), "%s=%s,%s", userattr, userid, basedn); + } + ++ if (debug) ++ fprintf(stderr, "attempting to bind to user '%s'\n", dn); + if (ldap_simple_bind_s(ld, dn, password) != LDAP_SUCCESS) + return 1; + +Index: squid/helpers/external_acl/ldap_group/squid_ldap_group.8 +diff -c squid/helpers/external_acl/ldap_group/squid_ldap_group.8:1.1.2.3 squid/helpers/external_acl/ldap_group/squid_ldap_group.8:1.1.2.4 +*** squid/helpers/external_acl/ldap_group/squid_ldap_group.8:1.1.2.3 Wed Nov 19 17:41:37 2003 +--- squid/helpers/external_acl/ldap_group/squid_ldap_group.8 Tue Mar 2 02:13:29 2004 +*************** +*** 138,143 **** +--- 138,149 ---- + .BI -S + Strip NT domain name component from user names (/ or \\ separated) + . ++ .TP ++ .BU -d ++ Debug mode where each step taken will get reported in detail. ++ Useful for understanding what goes wrong if the results is ++ not what is expected. ++ + .SH SQUID CONFIGURATION + . + This helper is intended to be used as a external_acl_type helper from +Index: squid/helpers/external_acl/ldap_group/squid_ldap_group.c +diff -c squid/helpers/external_acl/ldap_group/squid_ldap_group.c:1.2.2.16 squid/helpers/external_acl/ldap_group/squid_ldap_group.c:1.2.2.17 +*** squid/helpers/external_acl/ldap_group/squid_ldap_group.c:1.2.2.16 Mon Feb 9 10:04:56 2004 +--- squid/helpers/external_acl/ldap_group/squid_ldap_group.c Tue Mar 2 02:13:29 2004 +*************** +*** 229,234 **** +--- 229,235 ---- + case 'R': + case 'z': + case 'Z': ++ case 'd': + case 'g': + case 'S': + break; +*************** +*** 558,564 **** + size -= 3; + if (size > 0) { + *escaped++ = '\\'; +! snprintf(escaped, 3, "%02x", (int)*src++); + escaped+=2; + } + break; +--- 559,565 ---- + size -= 3; + if (size > 0) { + *escaped++ = '\\'; +! snprintf(escaped, 3, "%02x", (unsigned char)*src++); + escaped+=2; + } + break; diff --git a/squid-2.5.STABLE5-lin22_poll.patch b/squid-2.5.STABLE5-lin22_poll.patch new file mode 100644 index 0000000..261a3ad --- /dev/null +++ b/squid-2.5.STABLE5-lin22_poll.patch @@ -0,0 +1,52 @@ +Index: squid/configure.in +diff -c squid/configure.in:1.251.2.51 squid/configure.in:1.251.2.52 +*** squid/configure.in:1.251.2.51 Sun Feb 29 15:28:17 2004 +--- squid/configure.in Tue Mar 2 11:58:27 2004 +*************** +*** 1644,1652 **** + # Henrik Nordstrom (hno@squid-cache.org) 19980817 + # poll is problematic on Linux. We disable it + # by default until Linux gets it right. + rev=`uname -r | awk -F. '{printf "%03d%03d",$1,$2}'` +! if test $rev -lt 002002; then +! echo "disabling poll for $host < 2.2..." + ac_cv_func_poll='no' + fi + ;; +--- 1644,1653 ---- + # Henrik Nordstrom (hno@squid-cache.org) 19980817 + # poll is problematic on Linux. We disable it + # by default until Linux gets it right. ++ # See also bug #932 + rev=`uname -r | awk -F. '{printf "%03d%03d",$1,$2}'` +! if test $rev -lt 002004; then +! echo "disabling poll for $host < 2.4..." + ac_cv_func_poll='no' + fi + ;; +Index: squid/configure +diff -c squid/configure:1.248.2.53 squid/configure:1.248.2.54 +*** squid/configure:1.248.2.53 Sun Feb 29 15:28:40 2004 +--- squid/configure Tue Mar 2 18:11:26 2004 +*************** +*** 7367,7375 **** + # Henrik Nordstrom (hno@squid-cache.org) 19980817 + # poll is problematic on Linux. We disable it + # by default until Linux gets it right. + rev=`uname -r | awk -F. '{printf "%03d%03d",$1,$2}'` +! if test $rev -lt 002002; then +! echo "disabling poll for $host < 2.2..." + ac_cv_func_poll='no' + fi + ;; +--- 7367,7376 ---- + # Henrik Nordstrom (hno@squid-cache.org) 19980817 + # poll is problematic on Linux. We disable it + # by default until Linux gets it right. ++ # See also bug #932 + rev=`uname -r | awk -F. '{printf "%03d%03d",$1,$2}'` +! if test $rev -lt 002004; then +! echo "disabling poll for $host < 2.4..." + ac_cv_func_poll='no' + fi + ;; diff --git a/squid-2.5.STABLE5-ntlm_assert.patch b/squid-2.5.STABLE5-ntlm_assert.patch new file mode 100644 index 0000000..6b45ec5 --- /dev/null +++ b/squid-2.5.STABLE5-ntlm_assert.patch @@ -0,0 +1,14 @@ +Index: squid/src/auth/ntlm/auth_ntlm.c +diff -c squid/src/auth/ntlm/auth_ntlm.c:1.17.2.9 squid/src/auth/ntlm/auth_ntlm.c:1.17.2.10 +*** squid/src/auth/ntlm/auth_ntlm.c:1.17.2.9 Tue Feb 24 10:11:52 2004 +--- squid/src/auth/ntlm/auth_ntlm.c Mon Mar 1 16:50:54 2004 +*************** +*** 481,487 **** + debug(29, 2) ("AuthenticateNTLMHandleReply: invalid callback data. Releasing helper '%p'.\n", srv); + cbdataUnlock(r->data); + authenticateStateFree(r); +- helperStatefulReleaseServer(srv); + return; + } + if (!reply) { +--- 481,486 ---- diff --git a/squid-2.5.STABLE5-ntlm_warning.patch b/squid-2.5.STABLE5-ntlm_warning.patch new file mode 100644 index 0000000..24c6351 --- /dev/null +++ b/squid-2.5.STABLE5-ntlm_warning.patch @@ -0,0 +1,21 @@ +Index: squid/src/auth/ntlm/auth_ntlm.c +diff -c squid/src/auth/ntlm/auth_ntlm.c:1.17.2.10 squid/src/auth/ntlm/auth_ntlm.c:1.17.2.11 +*** squid/src/auth/ntlm/auth_ntlm.c:1.17.2.10 Mon Mar 1 16:50:54 2004 +--- squid/src/auth/ntlm/auth_ntlm.c Tue Apr 6 08:06:32 2004 +*************** +*** 656,662 **** + assert(ntlm_request); + assert(handler); + assert(data); +! assert(auth_user->auth_type = AUTH_NTLM); + debug(29, 9) ("authenticateNTLMStart: auth state '%d'\n", ntlm_request->auth_state); + switch (ntlm_request->auth_state) { + case AUTHENTICATE_STATE_NEGOTIATE: +--- 656,662 ---- + assert(ntlm_request); + assert(handler); + assert(data); +! assert(auth_user->auth_type == AUTH_NTLM); + debug(29, 9) ("authenticateNTLMStart: auth state '%d'\n", ntlm_request->auth_state); + switch (ntlm_request->auth_state) { + case AUTHENTICATE_STATE_NEGOTIATE: diff --git a/squid-2.5.STABLE5-pkgconfig.patch b/squid-2.5.STABLE5-pkgconfig.patch new file mode 100644 index 0000000..2c96ea1 --- /dev/null +++ b/squid-2.5.STABLE5-pkgconfig.patch @@ -0,0 +1,117 @@ +Index: squid/configure.in +diff -c squid/configure.in:1.251.2.52 squid/configure.in:1.251.2.53 +*** squid/configure.in:1.251.2.52 Tue Mar 2 11:58:27 2004 +--- squid/configure.in Sat Mar 6 08:14:05 2004 +*************** +*** 32,37 **** +--- 32,40 ---- + REGEXLIB='' # -lregex + LIBREGEX='' # libregex.a + ++ dnl Check for pkg-config ++ AC_PATH_PROG(PKGCONFIG, pkg-config, /usr/bin/false) ++ + dnl find out the exe extension for this platform. If it's not empty, use it for CGI's as well. + AC_EXEEXT + AC_OBJEXT +*************** +*** 594,604 **** + if test -z "$SSLLIB"; then + SSLLIB="-lcrypto" # for MD5 routines + fi +! dnl This is a workaround for RedHat 9 brain damage.. +! if test -d /usr/kerberos/include && test -z "$SSLLIBDIR" && test -f /usr/include/openssl/kssl.h; then +! echo "OpenSSL depends on Kerberos" +! SSLLIBDIR="/usr/kerberos/lib" +! CPPFLAGS="$CPPFLAGS -I/usr/kerberos/include" + fi + fi + if test -n "$SSLLIBDIR"; then +--- 597,605 ---- + if test -z "$SSLLIB"; then + SSLLIB="-lcrypto" # for MD5 routines + fi +! if $PKGCONFIG --exists openssl; then +! SSLLIB="`$PKGCONFIG --libs openssl`" +! CPPFLAGS="`$PKGCONFIG --cflags openssl` $CPPFLAGS" + fi + fi + if test -n "$SSLLIBDIR"; then +Index: squid/configure +diff -c squid/configure:1.248.2.54 squid/configure:1.248.2.55 +*** squid/configure:1.248.2.54 Tue Mar 2 18:11:26 2004 +--- squid/configure Sat Mar 6 18:11:26 2004 +*************** +*** 1515,1520 **** + REGEXLIB='' # -lregex + LIBREGEX='' # libregex.a + + echo $ac_n "checking for Cygwin environment""... $ac_c" 1>&6 + echo "configure:1515: checking for Cygwin environment" >&5 + if eval "test \"`echo '$''{'ac_cv_cygwin'+set}'`\" = set"; then +--- 1515,1557 ---- + REGEXLIB='' # -lregex + LIBREGEX='' # libregex.a + ++ # Extract the first word of "pkg-config", so it can be a program name with args. ++ set dummy pkg-config; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++ echo "configure:1517: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_path_PKGCONFIG'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ case "$PKGCONFIG" in ++ /*) ++ ac_cv_path_PKGCONFIG="$PKGCONFIG" # Let the user override the test with a path. ++ ;; ++ ?:/*) ++ ac_cv_path_PKGCONFIG="$PKGCONFIG" # Let the user override the test with a dos path. ++ ;; ++ *) ++ IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" ++ ac_dummy="$PATH" ++ for ac_dir in $ac_dummy; do ++ test -z "$ac_dir" && ac_dir=. ++ if test -f $ac_dir/$ac_word; then ++ ac_cv_path_PKGCONFIG="$ac_dir/$ac_word" ++ break ++ fi ++ done ++ IFS="$ac_save_ifs" ++ test -z "$ac_cv_path_PKGCONFIG" && ac_cv_path_PKGCONFIG="/usr/bin/false" ++ ;; ++ esac ++ fi ++ PKGCONFIG="$ac_cv_path_PKGCONFIG" ++ if test -n "$PKGCONFIG"; then ++ echo "$ac_t""$PKGCONFIG" 1>&6 ++ else ++ echo "$ac_t""no" 1>&6 ++ fi ++ ++ + echo $ac_n "checking for Cygwin environment""... $ac_c" 1>&6 + echo "configure:1515: checking for Cygwin environment" >&5 + if eval "test \"`echo '$''{'ac_cv_cygwin'+set}'`\" = set"; then +*************** +*** 2365,2374 **** + if test -z "$SSLLIB"; then + SSLLIB="-lcrypto" # for MD5 routines + fi +! if test -d /usr/kerberos/include && test -z "$SSLLIBDIR" && test -f /usr/include/openssl/kssl.h; then +! echo "OpenSSL depends on Kerberos" +! SSLLIBDIR="/usr/kerberos/lib" +! CPPFLAGS="$CPPFLAGS -I/usr/kerberos/include" + fi + fi + if test -n "$SSLLIBDIR"; then +--- 2402,2410 ---- + if test -z "$SSLLIB"; then + SSLLIB="-lcrypto" # for MD5 routines + fi +! if $PKGCONFIG --exists openssl; then +! SSLLIB="`$PKGCONFIG --libs openssl`" +! CPPFLAGS="`$PKGCONFIG --cflags openssl` $CPPFLAGS" + fi + fi + if test -n "$SSLLIBDIR"; then diff --git a/squid-2.5.STABLE5-post_assert.patch b/squid-2.5.STABLE5-post_assert.patch new file mode 100644 index 0000000..d005857 --- /dev/null +++ b/squid-2.5.STABLE5-post_assert.patch @@ -0,0 +1,101 @@ +Index: squid/src/http.c +diff -c squid/src/http.c:1.384.2.13 squid/src/http.c:1.384.2.14 +*** squid/src/http.c:1.384.2.13 Fri Mar 19 01:56:55 2004 +--- squid/src/http.c Sun Apr 18 17:43:30 2004 +*************** +*** 715,724 **** + if (errflag == COMM_ERR_CLOSING) + return; + if (errflag) { +! err = errorCon(ERR_WRITE_ERROR, HTTP_INTERNAL_SERVER_ERROR); +! err->xerrno = errno; +! err->request = requestLink(httpState->orig_request); +! errorAppendEntry(entry, err); + comm_close(fd); + return; + } else { +--- 715,726 ---- + if (errflag == COMM_ERR_CLOSING) + return; + if (errflag) { +! if (entry->mem_obj->inmem_hi == 0) { +! err = errorCon(ERR_WRITE_ERROR, HTTP_INTERNAL_SERVER_ERROR); +! err->xerrno = errno; +! err->request = requestLink(httpState->orig_request); +! errorAppendEntry(entry, err); +! } + comm_close(fd); + return; + } else { +*************** +*** 1110,1115 **** +--- 1112,1126 ---- + } + + static void ++ httpRequestBodyHandler2(void *data) ++ { ++ HttpStateData *httpState = (HttpStateData *) data; ++ char *buf = httpState->body_buf; ++ httpState->body_buf = NULL; ++ comm_write(httpState->fd, buf, httpState->body_buf_sz, httpSendRequestEntry, data, memFree8K); ++ } ++ ++ static void + httpRequestBodyHandler(char *buf, ssize_t size, void *data) + { + HttpStateData *httpState = (HttpStateData *) data; +*************** +*** 1125,1130 **** +--- 1136,1147 ---- + comm_close(httpState->fd); + return; + } ++ httpState->body_buf = buf; ++ httpState->body_buf_sz = size; ++ /* Give response some time to propagate before sending rest ++ * of request in case of error */ ++ eventAdd("POST delay on response", httpRequestBodyHandler2, httpState, 2.0, 1); ++ return; + } + comm_write(httpState->fd, buf, size, httpSendRequestEntry, data, memFree8K); + } else if (size == 0) { +*************** +*** 1154,1163 **** + if (errflag == COMM_ERR_CLOSING) + return; + if (errflag) { +! err = errorCon(ERR_WRITE_ERROR, HTTP_INTERNAL_SERVER_ERROR); +! err->xerrno = errno; +! err->request = requestLink(httpState->orig_request); +! errorAppendEntry(entry, err); + comm_close(fd); + return; + } +--- 1171,1182 ---- + if (errflag == COMM_ERR_CLOSING) + return; + if (errflag) { +! if (entry->mem_obj->inmem_hi == 0) { +! err = errorCon(ERR_WRITE_ERROR, HTTP_INTERNAL_SERVER_ERROR); +! err->xerrno = errno; +! err->request = requestLink(httpState->orig_request); +! errorAppendEntry(entry, err); +! } + comm_close(fd); + return; + } +Index: squid/src/structs.h +diff -c squid/src/structs.h:1.408.2.23 squid/src/structs.h:1.408.2.24 +*** squid/src/structs.h:1.408.2.23 Wed Feb 4 10:42:28 2004 +--- squid/src/structs.h Sun Apr 18 17:43:30 2004 +*************** +*** 986,991 **** +--- 986,992 ---- + http_state_flags flags; + FwdState *fwd; + char *body_buf; ++ int body_buf_sz; + }; + + struct _icpUdpData { diff --git a/squid-2.5.STABLE5-proxy_abuse.patch b/squid-2.5.STABLE5-proxy_abuse.patch new file mode 100644 index 0000000..05ddd46 --- /dev/null +++ b/squid-2.5.STABLE5-proxy_abuse.patch @@ -0,0 +1,23 @@ +Index: squid/src/http.c +diff -c squid/src/http.c:1.384.2.15 squid/src/http.c:1.384.2.16 +*** squid/src/http.c:1.384.2.15 Sat Apr 24 08:07:08 2004 +--- squid/src/http.c Tue Jun 8 04:54:07 2004 +*************** +*** 65,71 **** + if (httpState == NULL) + return; + if (httpState->body_buf) { +! clientAbortBody(httpState->orig_request); + if (httpState->body_buf) { + memFree(httpState->body_buf, MEM_8K_BUF); + httpState->body_buf = NULL; +--- 65,73 ---- + if (httpState == NULL) + return; + if (httpState->body_buf) { +! if (httpState->orig_request->body_connection) { +! clientAbortBody(httpState->orig_request); +! } + if (httpState->body_buf) { + memFree(httpState->body_buf, MEM_8K_BUF); + httpState->body_buf = NULL; diff --git a/squid-2.5.STABLE5-range_offset_limit.patch b/squid-2.5.STABLE5-range_offset_limit.patch new file mode 100644 index 0000000..1afb8f2 --- /dev/null +++ b/squid-2.5.STABLE5-range_offset_limit.patch @@ -0,0 +1,17 @@ +Index: squid/src/cache_cf.c +diff -c squid/src/cache_cf.c:1.396.2.16 squid/src/cache_cf.c:1.396.2.17 +*** squid/src/cache_cf.c:1.396.2.16 Sat Dec 6 10:19:36 2003 +--- squid/src/cache_cf.c Thu Apr 29 17:56:50 2004 +*************** +*** 502,507 **** +--- 502,511 ---- + self_destruct(); + if ((token = strtok(NULL, w_space)) == NULL) + self_destruct(); ++ if (strcmp(token, "none") == 0 || strcmp(token, "-1") == 0) { ++ *bptr = (size_t) - 1; ++ return; ++ } + d = atof(token); + m = u; /* default to 'units' if none specified */ + if (0.0 == d) diff --git a/squid-2.5.STABLE5-rfc1035NameUnpack.patch b/squid-2.5.STABLE5-rfc1035NameUnpack.patch new file mode 100644 index 0000000..5235862 --- /dev/null +++ b/squid-2.5.STABLE5-rfc1035NameUnpack.patch @@ -0,0 +1,21 @@ +Index: squid/lib/rfc1035.c +diff -c squid/lib/rfc1035.c:1.22.2.4 squid/lib/rfc1035.c:1.22.2.5 +*** squid/lib/rfc1035.c:1.22.2.4 Fri Apr 25 06:09:57 2003 +--- squid/lib/rfc1035.c Sun Apr 11 03:14:52 2004 +*************** +*** 337,343 **** + break; + if (len > (ns - no - 1)) /* label won't fit */ + return 1; +! if ((*off) + len > sz) /* message is too short */ + return 1; + memcpy(name + no, buf + (*off), len); + (*off) += len; +--- 337,343 ---- + break; + if (len > (ns - no - 1)) /* label won't fit */ + return 1; +! if ((*off) + len >= sz) /* message is too short */ + return 1; + memcpy(name + no, buf + (*off), len); + (*off) += len; diff --git a/squid-2.5.STABLE5-spelling.patch b/squid-2.5.STABLE5-spelling.patch new file mode 100644 index 0000000..7d823c0 --- /dev/null +++ b/squid-2.5.STABLE5-spelling.patch @@ -0,0 +1,84 @@ +Index: squid/configure.in +diff -c squid/configure.in:1.251.2.53 squid/configure.in:1.251.2.54 +*** squid/configure.in:1.251.2.53 Sat Mar 6 08:14:05 2004 +--- squid/configure.in Mon Apr 5 11:19:46 2004 +*************** +*** 65,71 **** + CACHE_ICP_PORT="3130" + fi + +! dnl Subsitutions + AC_DEFINE_UNQUOTED(CACHE_HTTP_PORT, $CACHE_HTTP_PORT) + AC_DEFINE_UNQUOTED(CACHE_ICP_PORT, $CACHE_ICP_PORT) + +--- 65,71 ---- + CACHE_ICP_PORT="3130" + fi + +! dnl Substitutions + AC_DEFINE_UNQUOTED(CACHE_HTTP_PORT, $CACHE_HTTP_PORT) + AC_DEFINE_UNQUOTED(CACHE_ICP_PORT, $CACHE_ICP_PORT) + +*************** +*** 371,380 **** + AC_SUBST(STORE_MODULES) + AC_SUBST(STORE_MODULE_SUBDIRS) + +! dnl --enable-heap-replacement compability option + AC_ARG_ENABLE(heap-replacement, + [ --enable-heap-replacement +! Backwards compability option. Please use the + new --enable-removal-policies directive instead.], + [ if test "$enableval" = "yes" ; then + echo "--enable-heap-replacement is obsolete. please use the new" +--- 371,380 ---- + AC_SUBST(STORE_MODULES) + AC_SUBST(STORE_MODULE_SUBDIRS) + +! dnl --enable-heap-replacement compatibility option + AC_ARG_ENABLE(heap-replacement, + [ --enable-heap-replacement +! Backwards compatibility option. Please use the + new --enable-removal-policies directive instead.], + [ if test "$enableval" = "yes" ; then + echo "--enable-heap-replacement is obsolete. please use the new" +*************** +*** 870,876 **** + BASIC_AUTH_HELPERS="" + AC_ARG_ENABLE(auth-modules, + [ --enable-auth-modules=\"list of helpers\" +! Backwards compability alias for + --enable-basic-auth-helpers], + [ echo "--enable-auth-modules is obsolete. Please use the new" + echo "option --enable-basic-auth-helpers" +--- 870,876 ---- + BASIC_AUTH_HELPERS="" + AC_ARG_ENABLE(auth-modules, + [ --enable-auth-modules=\"list of helpers\" +! Backwards compatibility alias for + --enable-basic-auth-helpers], + [ echo "--enable-auth-modules is obsolete. Please use the new" + echo "option --enable-basic-auth-helpers" +Index: squid/src/cf.data.pre +diff -c squid/src/cf.data.pre:1.245.2.62 squid/src/cf.data.pre:1.245.2.63 +*** squid/src/cf.data.pre:1.245.2.62 Sat Apr 3 06:51:17 2004 +--- squid/src/cf.data.pre Mon Apr 5 11:24:59 2004 +*************** +*** 2548,2555 **** + DOC_START + If you are running Squid as an accelerator and have a single backend + server then set this to on. This causes Squid to forward the request +! to this server irregardles of what any redirectors or Host headers +! says. + + Leave this at off if you have multiple backend servers, and use a + redirector (or host table or private DNS) to map the requests to the +--- 2548,2555 ---- + DOC_START + If you are running Squid as an accelerator and have a single backend + server then set this to on. This causes Squid to forward the request +! to this server, regardles of what any redirectors or Host headers +! say. + + Leave this at off if you have multiple backend servers, and use a + redirector (or host table or private DNS) to map the requests to the diff --git a/squid-2.5.STABLE5-turkish_ERR_DNS_FAIL.patch b/squid-2.5.STABLE5-turkish_ERR_DNS_FAIL.patch new file mode 100644 index 0000000..bbcd2ed --- /dev/null +++ b/squid-2.5.STABLE5-turkish_ERR_DNS_FAIL.patch @@ -0,0 +1,21 @@ +Index: squid/errors/Turkish/ERR_DNS_FAIL +diff -c squid/errors/Turkish/ERR_DNS_FAIL:1.2.12.2 squid/errors/Turkish/ERR_DNS_FAIL:1.2.12.3 +*** squid/errors/Turkish/ERR_DNS_FAIL:1.2.12.2 Mon Aug 26 19:17:35 2002 +--- squid/errors/Turkish/ERR_DNS_FAIL Thu Apr 15 05:50:35 2004 +*************** +*** 13,19 **** + adresine ulaþýrken aþaðýdaki hata oluþtu: +

+

+! %H isimli sunucuya ayit herhangi bir IP adresi bulunamadý. +
+ +

+--- 13,19 ---- + adresine ulaþýrken aþaðýdaki hata oluþtu: +

+

+! %H isimli sunucuya ait herhangi bir IP adresi bulunamadý. +
+ +

diff --git a/squid-2.5.STABLE5-vary.patch b/squid-2.5.STABLE5-vary.patch new file mode 100644 index 0000000..e7e52a4 --- /dev/null +++ b/squid-2.5.STABLE5-vary.patch @@ -0,0 +1,20 @@ +Index: squid/src/http.c +diff -c squid/src/http.c:1.384.2.12 squid/src/http.c:1.384.2.13 +*** squid/src/http.c:1.384.2.12 Fri Jan 30 16:09:12 2004 +--- squid/src/http.c Fri Mar 19 01:56:55 2004 +*************** +*** 348,353 **** +--- 348,360 ---- + char *name = xmalloc(ilen + 1); + xstrncpy(name, item, ilen + 1); + Tolower(name); ++ if (strcmp(name, "*") == 0) { ++ /* Can not handle "Vary: *" withtout ETag support */ ++ safe_free(name); ++ stringClean(&vary); ++ stringClean(&vstr); ++ break; ++ } + strListAdd(&vstr, name, ','); + hdr = httpHeaderGetByName(&request->header, name); + safe_free(name); diff --git a/squid-2.5.STABLE5-vary_negatively.patch b/squid-2.5.STABLE5-vary_negatively.patch new file mode 100644 index 0000000..f00edfc --- /dev/null +++ b/squid-2.5.STABLE5-vary_negatively.patch @@ -0,0 +1,78 @@ +Index: squid/src/http.c +diff -c squid/src/http.c:1.384.2.14 squid/src/http.c:1.384.2.15 +*** squid/src/http.c:1.384.2.14 Sun Apr 18 17:43:30 2004 +--- squid/src/http.c Sat Apr 24 08:07:08 2004 +*************** +*** 442,476 **** + debug(11, 3) ("httpProcessReplyHeader: HTTP CODE: %d\n", reply->sline.status); + if (neighbors_do_private_keys) + httpMaybeRemovePublic(entry, reply->sline.status); +! switch (httpCachableReply(httpState)) { +! case 1: +! if (httpHeaderHas(&reply->header, HDR_VARY) + #if X_ACCELERATOR_VARY +! || httpHeaderHas(&reply->header, HDR_X_ACCELERATOR_VARY) + #endif +! ) { +! const char *vary = httpMakeVaryMark(httpState->orig_request, reply); +! if (vary) { +! entry->mem_obj->vary_headers = xstrdup(vary); +! /* Kill the old base object if a change in variance is detected */ +! httpMakePublic(entry); +! } else { +! httpMakePrivate(entry); +! } +! } else { +! httpMakePublic(entry); + } + break; + case 0: + httpMakePrivate(entry); + break; + case -1: +! httpCacheNegatively(entry); + break; + default: + assert(0); + break; + } + if (reply->cache_control) { + if (EBIT_TEST(reply->cache_control->mask, CC_PROXY_REVALIDATE)) + EBIT_SET(entry->flags, ENTRY_REVALIDATE); +--- 442,477 ---- + debug(11, 3) ("httpProcessReplyHeader: HTTP CODE: %d\n", reply->sline.status); + if (neighbors_do_private_keys) + httpMaybeRemovePublic(entry, reply->sline.status); +! if (httpHeaderHas(&reply->header, HDR_VARY) + #if X_ACCELERATOR_VARY +! || httpHeaderHas(&reply->header, HDR_X_ACCELERATOR_VARY) + #endif +! ) { +! const char *vary = httpMakeVaryMark(httpState->orig_request, reply); +! if (!vary) { +! httpMakePrivate(entry); +! goto no_cache; + } ++ entry->mem_obj->vary_headers = xstrdup(vary); ++ } ++ switch (httpCachableReply(httpState)) { ++ case 1: ++ httpMakePublic(entry); + break; + case 0: + httpMakePrivate(entry); + break; + case -1: +! if (Config.negativeTtl > 0) +! httpCacheNegatively(entry); +! else +! httpMakePrivate(entry); + break; + default: + assert(0); + break; + } ++ no_cache: + if (reply->cache_control) { + if (EBIT_TEST(reply->cache_control->mask, CC_PROXY_REVALIDATE)) + EBIT_SET(entry->flags, ENTRY_REVALIDATE); diff --git a/squid-2.5.STABLE5-version.patch b/squid-2.5.STABLE5-version.patch new file mode 100644 index 0000000..666f722 --- /dev/null +++ b/squid-2.5.STABLE5-version.patch @@ -0,0 +1,19 @@ +*** squid-2.5.STABLE5/configure.in Fri Mar 19 02:14:24 2004 +--- squid-2.5/configure.in Fri Mar 19 02:14:39 2004 +*************** +*** 9,15 **** + dnl + AC_INIT(src/main.c) + AC_CONFIG_AUX_DIR(cfgaux) +! AM_INIT_AUTOMAKE(squid, 2.5.STABLE5-CVS) + AM_CONFIG_HEADER(include/autoconf.h) + AC_REVISION($Revision$)dnl + AC_PREFIX_DEFAULT(/usr/local/squid) +--- 9,15 ---- + dnl + AC_INIT(src/main.c) + AC_CONFIG_AUX_DIR(cfgaux) +! AM_INIT_AUTOMAKE(squid, 2.5.STABLE5) + AM_CONFIG_HEADER(include/autoconf.h) + AC_REVISION($Revision$)dnl + AC_PREFIX_DEFAULT(/usr/local/squid) diff --git a/squid-2.5.STABLE6-client_db_gc.patch b/squid-2.5.STABLE6-client_db_gc.patch new file mode 100644 index 0000000..6c73f54 --- /dev/null +++ b/squid-2.5.STABLE6-client_db_gc.patch @@ -0,0 +1,140 @@ +Index: squid/src/client_db.c +diff -c squid/src/client_db.c:1.53 squid/src/client_db.c:1.53.2.1 +*** squid/src/client_db.c:1.53 Fri Feb 23 13:59:50 2001 +--- squid/src/client_db.c Sat Jul 17 16:37:30 2004 +*************** +*** 38,43 **** +--- 38,51 ---- + static hash_table *client_table = NULL; + static ClientInfo *clientdbAdd(struct in_addr addr); + static FREE clientdbFreeItem; ++ static void clientdbStartGC(void); ++ ++ static int max_clients = 32; ++ static int cleanup_running = 0; ++ static int cleanup_scheduled = 0; ++ static int cleanup_removed; ++ ++ #define CLIENT_DB_HASH_SIZE 467 + + static ClientInfo * + clientdbAdd(struct in_addr addr) +*************** +*** 48,53 **** +--- 56,63 ---- + c->addr = addr; + hash_join(client_table, &c->hash); + statCounter.client_http.clients++; ++ if ((statCounter.client_http.clients > max_clients) && !cleanup_running) ++ clientdbStartGC(); + return c; + } + +*************** +*** 56,62 **** + { + if (client_table) + return; +! client_table = hash_create((HASHCMP *) strcmp, 467, hash_string); + cachemgrRegister("client_list", + "Cache Client List", + clientdbDump, +--- 66,72 ---- + { + if (client_table) + return; +! client_table = hash_create((HASHCMP *) strcmp, CLIENT_DB_HASH_SIZE, hash_string); + cachemgrRegister("client_list", + "Cache Client List", + clientdbDump, +*************** +*** 89,94 **** +--- 99,105 ---- + if (LOG_UDP_HIT == ltype) + kb_incr(&c->Icp.hit_kbytes_out, size); + } ++ c->last_seen = squid_curtime; + } + + /* +*************** +*** 226,231 **** +--- 237,300 ---- + client_table = NULL; + } + ++ static void ++ clientdbScheduledGC(void *unused) ++ { ++ cleanup_scheduled = 0; ++ clientdbStartGC(); ++ } ++ ++ static void ++ clientdbGC(void *unused) ++ { ++ static int bucket = 0; ++ hash_link *link_next; ++ ++ link_next = hash_get_bucket(client_table, bucket++); ++ while (link_next != NULL) { ++ ClientInfo *c = (ClientInfo *) link_next; ++ int age = squid_curtime - c->last_seen; ++ link_next = link_next->next; ++ if (c->n_established) ++ continue; ++ ++ if (age < 24 * 3600 && c->Http.n_requests > 100) ++ continue; ++ if (age < 4 * 3600 && (c->Http.n_requests > 10 || c->Icp.n_requests > 10)) ++ continue; ++ if (age < 5 * 60 && (c->Http.n_requests > 1 || c->Icp.n_requests > 1)) ++ continue; ++ if (age < 60) ++ continue; ++ hash_remove_link(client_table, &c->hash); ++ clientdbFreeItem(c); ++ statCounter.client_http.clients--; ++ cleanup_removed++; ++ } ++ ++ if (bucket < CLIENT_DB_HASH_SIZE) ++ eventAdd("client_db garbage collector", clientdbGC, NULL, 0.15, 0); ++ else { ++ bucket = 0; ++ cleanup_running = 0; ++ max_clients = statCounter.client_http.clients * 3 / 2; ++ if (!cleanup_scheduled) { ++ cleanup_scheduled = 1; ++ eventAdd("client_db garbage collector", clientdbScheduledGC, NULL, 6 * 3600, 0); ++ } ++ debug(49, 1) ("clientdbGC: Removed %d entries\n", cleanup_removed); ++ } ++ } ++ ++ static void ++ clientdbStartGC(void) ++ { ++ max_clients = statCounter.client_http.clients; ++ cleanup_running = 1; ++ cleanup_removed = 0; ++ clientdbGC(NULL); ++ } ++ + #if SQUID_SNMP + struct in_addr * + client_entry(struct in_addr *current) +Index: squid/src/structs.h +diff -c squid/src/structs.h:1.408.2.24 squid/src/structs.h:1.408.2.25 +*** squid/src/structs.h:1.408.2.24 Sun Apr 18 17:43:30 2004 +--- squid/src/structs.h Sat Jul 17 16:37:30 2004 +*************** +*** 1940,1945 **** +--- 1940,1946 ---- + int n_denied; + } cutoff; + int n_established; /* number of current established connections */ ++ time_t last_seen; + }; + + struct _CacheDigest { diff --git a/squid-2.5.STABLE6-digest_crash.patch b/squid-2.5.STABLE6-digest_crash.patch new file mode 100644 index 0000000..d06a930 --- /dev/null +++ b/squid-2.5.STABLE6-digest_crash.patch @@ -0,0 +1,38 @@ +Index: squid/src/auth/digest/auth_digest.c +diff -c squid/src/auth/digest/auth_digest.c:1.10.2.12 squid/src/auth/digest/auth_digest.c:1.10.2.13 +*** squid/src/auth/digest/auth_digest.c:1.10.2.12 Sat Apr 17 19:29:52 2004 +--- squid/src/auth/digest/auth_digest.c Sat Aug 28 16:31:15 2004 +*************** +*** 893,899 **** + if (reply) { + if ((t = strchr(reply, ' '))) + *t = '\0'; +! if (*reply == '\0') + reply = NULL; + } + assert(r->auth_user_request != NULL); +--- 893,899 ---- + if (reply) { + if ((t = strchr(reply, ' '))) + *t = '\0'; +! if (*reply == '\0' || *reply == '\n') + reply = NULL; + } + assert(r->auth_user_request != NULL); +*************** +*** 903,909 **** + digest_user = auth_user_request->auth_user->scheme_data; + if (reply && (strncasecmp(reply, "ERR", 3) == 0)) + digest_request->flags.credentials_ok = 3; +! else { + CvtBin(reply, digest_user->HA1); + digest_user->HA1created = 1; + } +--- 903,909 ---- + digest_user = auth_user_request->auth_user->scheme_data; + if (reply && (strncasecmp(reply, "ERR", 3) == 0)) + digest_request->flags.credentials_ok = 3; +! else if (reply) { + CvtBin(reply, digest_user->HA1); + digest_user->HA1created = 1; + } diff --git a/squid-2.5.STABLE6-heap_segfault.patch b/squid-2.5.STABLE6-heap_segfault.patch new file mode 100644 index 0000000..fa3faa6 --- /dev/null +++ b/squid-2.5.STABLE6-heap_segfault.patch @@ -0,0 +1,24 @@ +Index: squid/src/repl/heap/store_repl_heap.c +diff -c squid/src/repl/heap/store_repl_heap.c:1.8.2.1 squid/src/repl/heap/store_repl_heap.c:1.8.2.2 +*** squid/src/repl/heap/store_repl_heap.c:1.8.2.1 Sun Jul 21 18:07:17 2002 +--- squid/src/repl/heap/store_repl_heap.c Thu Aug 5 14:23:01 2004 +*************** +*** 191,196 **** +--- 191,197 ---- + age = heap_peepminkey(heap->heap); + entry = heap_extractmin(heap->heap); + if (storeEntryLocked(entry)) { ++ storeLockObject(entry); + linklistPush(&heap_walker->locked_entries, entry); + goto try_again; + } +*************** +*** 220,225 **** +--- 221,227 ---- + while ((entry = linklistShift(&heap_walker->locked_entries))) { + heap_node *node = heap_insert(heap->heap, entry); + SET_POLICY_NODE(entry, node); ++ storeUnlockObject(entry); + } + safe_free(walker->_data); + cbdataFree(walker); diff --git a/squid-2.5.STABLE6-ntlm_challengereuse_leak.patch b/squid-2.5.STABLE6-ntlm_challengereuse_leak.patch new file mode 100644 index 0000000..c0f539f --- /dev/null +++ b/squid-2.5.STABLE6-ntlm_challengereuse_leak.patch @@ -0,0 +1,319 @@ +Index: squid/src/auth/ntlm/auth_ntlm.c +diff -c squid/src/auth/ntlm/auth_ntlm.c:1.17.2.12 squid/src/auth/ntlm/auth_ntlm.c:1.17.2.13 +*** squid/src/auth/ntlm/auth_ntlm.c:1.17.2.12 Sat Apr 17 19:29:52 2004 +--- squid/src/auth/ntlm/auth_ntlm.c Sat Jul 17 10:05:53 2004 +*************** +*** 87,95 **** + static MemPool *ntlm_helper_state_pool = NULL; + static MemPool *ntlm_user_pool = NULL; + static MemPool *ntlm_request_pool = NULL; + static auth_ntlm_config *ntlmConfig = NULL; + +! static hash_table *proxy_auth_cache = NULL; + + /* + * +--- 87,96 ---- + static MemPool *ntlm_helper_state_pool = NULL; + static MemPool *ntlm_user_pool = NULL; + static MemPool *ntlm_request_pool = NULL; ++ static MemPool *ntlm_challenge_pool = NULL; + static auth_ntlm_config *ntlmConfig = NULL; + +! static hash_table *ntlm_challenge_cache = NULL; + + /* + * +*************** +*** 249,257 **** + if (ntlmauthenticators == NULL) + ntlmauthenticators = helperStatefulCreate("ntlmauthenticator"); + if (ntlmConfig->challengeuses) { +! if (!proxy_auth_cache) +! proxy_auth_cache = hash_create((HASHCMP *) strcmp, 7921, hash_string); +! assert(proxy_auth_cache); + } + ntlmauthenticators->cmdline = ntlmConfig->authenticate; + ntlmauthenticators->n_to_start = ntlmConfig->authenticateChildren; +--- 250,259 ---- + if (ntlmauthenticators == NULL) + ntlmauthenticators = helperStatefulCreate("ntlmauthenticator"); + if (ntlmConfig->challengeuses) { +! if (!ntlm_challenge_cache) +! ntlm_challenge_cache = hash_create((HASHCMP *) strcmp, 7921, hash_string); +! if (!ntlm_challenge_pool) +! ntlm_challenge_pool = memPoolCreate("NTLM Challenge Cache", sizeof(ntlm_challenge_hash_pointer)); + } + ntlmauthenticators->cmdline = ntlmConfig->authenticate; + ntlmauthenticators->n_to_start = ntlmConfig->authenticateChildren; +*************** +*** 393,420 **** + auth_user_request->scheme_data = NULL; + } + + static void + authenticateNTLMFreeUser(auth_user_t * auth_user) + { +- dlink_node *link, *tmplink; + ntlm_user_t *ntlm_user = auth_user->scheme_data; +- auth_user_hash_pointer *proxy_auth_hash; + + debug(29, 5) ("authenticateNTLMFreeUser: Clearing NTLM scheme data\n"); + if (ntlm_user->username) + xfree(ntlm_user->username); + /* were they linked in by one or more proxy-authenticate headers */ +! link = ntlm_user->proxy_auth_list.head; +! while (link) { +! debug(29, 9) ("authenticateFreeProxyAuthUser: removing proxy_auth hash entry '%p'\n", link->data); +! proxy_auth_hash = link->data; +! tmplink = link; +! link = link->next; +! dlinkDelete(tmplink, &ntlm_user->proxy_auth_list); +! hash_remove_link(proxy_auth_cache, (hash_link *) proxy_auth_hash); +! /* free the key (usually the proxy_auth header) */ +! xfree(proxy_auth_hash->key); +! memFree(proxy_auth_hash, MEM_AUTH_USER_HASH); + } + memPoolFree(ntlm_user_pool, ntlm_user); + auth_user->scheme_data = NULL; +--- 395,413 ---- + auth_user_request->scheme_data = NULL; + } + ++ static void authenticateNTLMChallengeCacheRemoveLink(ntlm_challenge_hash_pointer * challenge_hash); ++ + static void + authenticateNTLMFreeUser(auth_user_t * auth_user) + { + ntlm_user_t *ntlm_user = auth_user->scheme_data; + + debug(29, 5) ("authenticateNTLMFreeUser: Clearing NTLM scheme data\n"); + if (ntlm_user->username) + xfree(ntlm_user->username); + /* were they linked in by one or more proxy-authenticate headers */ +! while (ntlm_user->challenge_list.head) { +! authenticateNTLMChallengeCacheRemoveLink(ntlm_user->challenge_list.head->data); + } + memPoolFree(ntlm_user_pool, ntlm_user); + auth_user->scheme_data = NULL; +*************** +*** 792,797 **** +--- 785,793 ---- + statedata->renewed = 0; + xfree(statedata->challenge); + statedata->challenge = NULL; ++ while (statedata->user_list.head) { ++ authenticateNTLMChallengeCacheRemoveLink(statedata->user_list.head->data); ++ } + } + } + +*************** +*** 880,903 **** + * Check for this and if found ignore the new link + */ + static void +! authenticateProxyAuthCacheAddLink(const char *key, auth_user_t * auth_user) + { +! auth_user_hash_pointer *proxy_auth_hash; +! dlink_node *node; + ntlm_user_t *ntlm_user; + ntlm_user = auth_user->scheme_data; +- node = ntlm_user->proxy_auth_list.head; + /* prevent duplicates */ +! while (node) { +! if (!strcmp(key, ((auth_user_hash_pointer *) node->data)->key)) +! return; +! node = node->next; +! } +! proxy_auth_hash = memAllocate(MEM_AUTH_USER_HASH); +! proxy_auth_hash->key = xstrdup(key); +! proxy_auth_hash->auth_user = auth_user; +! dlinkAddTail(proxy_auth_hash, &proxy_auth_hash->link, &ntlm_user->proxy_auth_list); +! hash_join(proxy_auth_cache, (hash_link *) proxy_auth_hash); + } + + +--- 876,909 ---- + * Check for this and if found ignore the new link + */ + static void +! authenticateNTLMChallengeCacheAddLink(const char *key, auth_user_t * auth_user, helper_stateful_server * auth_server) + { +! ntlm_challenge_hash_pointer *challenge_hash; + ntlm_user_t *ntlm_user; ++ ntlm_helper_state_t *helperstate = helperStatefulServerGetData(auth_server); + ntlm_user = auth_user->scheme_data; + /* prevent duplicates */ +! if (hash_lookup(ntlm_challenge_cache, key)) +! return; +! challenge_hash = memPoolAlloc(ntlm_challenge_pool); +! challenge_hash->key = xstrdup(key); +! challenge_hash->user.auth_user = auth_user; +! dlinkAddTail(challenge_hash, &challenge_hash->user.link, &ntlm_user->challenge_list); +! challenge_hash->challenge.authserver = auth_server; +! dlinkAddTail(challenge_hash, &challenge_hash->challenge.link, &helperstate->user_list); +! hash_join(ntlm_challenge_cache, (hash_link *) challenge_hash); +! } +! +! static void +! authenticateNTLMChallengeCacheRemoveLink(ntlm_challenge_hash_pointer * challenge_hash) +! { +! ntlm_user_t *ntlm_user = challenge_hash->user.auth_user->scheme_data; +! ntlm_helper_state_t *helperstate = helperStatefulServerGetData(challenge_hash->challenge.authserver); +! hash_remove_link(ntlm_challenge_cache, (hash_link *) challenge_hash); +! dlinkDelete(&challenge_hash->user.link, &ntlm_user->challenge_list); +! dlinkDelete(&challenge_hash->challenge.link, &helperstate->user_list); +! xfree(challenge_hash->key); +! memPoolFree(ntlm_challenge_pool, challenge_hash); + } + + +*************** +*** 915,921 **** + authenticateNTLMAuthenticateUser(auth_user_request_t * auth_user_request, request_t * request, ConnStateData * conn, http_hdr_type type) + { + const char *proxy_auth; +! auth_user_hash_pointer *usernamehash, *proxy_auth_hash = NULL; + auth_user_t *auth_user; + ntlm_request_t *ntlm_request; + ntlm_user_t *ntlm_user; +--- 921,928 ---- + authenticateNTLMAuthenticateUser(auth_user_request_t * auth_user_request, request_t * request, ConnStateData * conn, http_hdr_type type) + { + const char *proxy_auth; +! auth_user_hash_pointer *usernamehash; +! ntlm_challenge_hash_pointer *challenge_hash = NULL; + auth_user_t *auth_user; + ntlm_request_t *ntlm_request; + ntlm_user_t *ntlm_user; +*************** +*** 982,990 **** + ntlm_request->authchallenge); + /* see if we already know this user's authenticate */ + debug(29, 9) ("aclMatchProxyAuth: cache lookup with key '%s'\n", ntlmhash); +! assert(proxy_auth_cache != NULL); +! proxy_auth_hash = hash_lookup(proxy_auth_cache, ntlmhash); +! if (!proxy_auth_hash) { /* not in the hash table */ + debug(29, 4) ("authenticateNTLMAuthenticateUser: proxy-auth cache miss.\n"); + ntlm_request->auth_state = AUTHENTICATE_STATE_RESPONSE; + /* verify with the ntlm helper */ +--- 989,997 ---- + ntlm_request->authchallenge); + /* see if we already know this user's authenticate */ + debug(29, 9) ("aclMatchProxyAuth: cache lookup with key '%s'\n", ntlmhash); +! assert(ntlm_challenge_cache != NULL); +! challenge_hash = hash_lookup(ntlm_challenge_cache, ntlmhash); +! if (!challenge_hash) { /* not in the hash table */ + debug(29, 4) ("authenticateNTLMAuthenticateUser: proxy-auth cache miss.\n"); + ntlm_request->auth_state = AUTHENTICATE_STATE_RESPONSE; + /* verify with the ntlm helper */ +*************** +*** 993,1000 **** + /* throw away the temporary entry */ + ntlm_request->authserver_deferred = 0; + authenticateNTLMReleaseServer(ntlm_request); +! authenticateAuthUserMerge(auth_user, proxy_auth_hash->auth_user); +! auth_user = proxy_auth_hash->auth_user; + auth_user_request->auth_user = auth_user; + ntlm_request->auth_state = AUTHENTICATE_STATE_DONE; + /* we found one */ +--- 1000,1007 ---- + /* throw away the temporary entry */ + ntlm_request->authserver_deferred = 0; + authenticateNTLMReleaseServer(ntlm_request); +! authenticateAuthUserMerge(auth_user, challenge_hash->user.auth_user); +! auth_user = challenge_hash->user.auth_user; + auth_user_request->auth_user = auth_user; + ntlm_request->auth_state = AUTHENTICATE_STATE_DONE; + /* we found one */ +*************** +*** 1026,1035 **** + usernamehash = usernamehash->next; + } + if (usernamehash) { +- /* +- * add another link from the new proxy_auth to the +- * auth_user structure and update the information */ +- assert(proxy_auth_hash == NULL); + /* we can't seamlessly recheck the username due to the + * challenge nature of the protocol. Just free the + * temporary auth_user */ +--- 1033,1038 ---- +*************** +*** 1045,1051 **** + snprintf(ntlmhash, sizeof(ntlmhash) - 1, "%s%s", + ntlm_request->ntlmauthenticate, + ntlm_request->authchallenge); +! authenticateProxyAuthCacheAddLink(ntlmhash, auth_user); + } + /* set these to now because this is either a new login from an + * existing user or a new user */ +--- 1048,1054 ---- + snprintf(ntlmhash, sizeof(ntlmhash) - 1, "%s%s", + ntlm_request->ntlmauthenticate, + ntlm_request->authchallenge); +! authenticateNTLMChallengeCacheAddLink(ntlmhash, auth_user, ntlm_request->authserver); + } + /* set these to now because this is either a new login from an + * existing user or a new user */ +Index: squid/src/auth/ntlm/auth_ntlm.h +diff -c squid/src/auth/ntlm/auth_ntlm.h:1.7.2.1 squid/src/auth/ntlm/auth_ntlm.h:1.7.2.2 +*** squid/src/auth/ntlm/auth_ntlm.h:1.7.2.1 Wed Feb 4 10:42:36 2004 +--- squid/src/auth/ntlm/auth_ntlm.h Sat Jul 17 10:05:53 2004 +*************** +*** 27,35 **** + struct _ntlm_user { + /* what username did this connection get? */ + char *username; +! dlink_list proxy_auth_list; + }; + + struct _ntlm_request { + /* what negotiate string did the client use? */ + char *ntlmnegotiate; +--- 27,50 ---- + struct _ntlm_user { + /* what username did this connection get? */ + char *username; +! dlink_list challenge_list; + }; + ++ struct _ntlm_challenge_hash_pointer { ++ /* first two items must be same as hash_link */ ++ char *key; ++ auth_user_hash_pointer *next; ++ struct { ++ auth_user_t *auth_user; ++ dlink_node link; /* other hash entries that point to the same auth_user */ ++ } user; ++ struct { ++ helper_stateful_server *authserver; ++ dlink_node link; /* other hash entries that point to the same challenge */ ++ } challenge; ++ }; ++ ++ + struct _ntlm_request { + /* what negotiate string did the client use? */ + char *ntlmnegotiate; +*************** +*** 52,57 **** +--- 67,73 ---- + int starve; /* 0= normal operation. 1=don't hand out any more challenges */ + int challengeuses; /* the number of times this challenge has been issued */ + time_t renewed; ++ dlink_list user_list; /* ntlm_challenge_hash_pointer list referring to this challenge */ + }; + + /* configuration runtime data */ +*************** +*** 67,72 **** +--- 83,89 ---- + typedef struct _ntlm_request ntlm_request_t; + typedef struct _ntlm_helper_state_t ntlm_helper_state_t; + typedef struct _auth_ntlm_config auth_ntlm_config; ++ typedef struct _ntlm_challenge_hash_pointer ntlm_challenge_hash_pointer; + + extern MemPool *ntlm_helper_state_pool; + extern MemPool *ntlm_user_pool; diff --git a/squid-2.5.STABLE6-ntlm_fetch_string.patch b/squid-2.5.STABLE6-ntlm_fetch_string.patch new file mode 100644 index 0000000..79aa1ca --- /dev/null +++ b/squid-2.5.STABLE6-ntlm_fetch_string.patch @@ -0,0 +1,42 @@ +Index: squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c +diff -c squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c:1.3 squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c:1.3.2.1 +*** squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c:1.3 Wed Aug 29 08:57:38 2001 +--- squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c Fri Aug 20 02:09:58 2004 +*************** +*** 150,156 **** + o = WSWAP(str->offset); + + /* Sanity checks. XXX values arbitrarialy chosen */ +! if (l <= 0 || l >= 32 || o >= 256) { + fprintf(stderr, "ntlmGetString: insane: l:%d o:%d\n", l, o); + return (NULL); + } +--- 150,156 ---- + o = WSWAP(str->offset); + + /* Sanity checks. XXX values arbitrarialy chosen */ +! if (l <= 0 || o <= 0 || l >= 32 || o >= 256) { + fprintf(stderr, "ntlmGetString: insane: l:%d o:%d\n", l, o); + return (NULL); + } +Index: squid/lib/ntlmauth.c +diff -c squid/lib/ntlmauth.c:1.5.2.2 squid/lib/ntlmauth.c:1.5.2.3 +*** squid/lib/ntlmauth.c:1.5.2.2 Sun Jul 21 20:06:31 2002 +--- squid/lib/ntlmauth.c Fri Aug 20 02:09:58 2004 +*************** +*** 84,90 **** + o = WSWAP(str->offset); + /* debug("fetch_string(plength=%d,l=%d,o=%d)\n",length,l,o); */ + +! if (l < 0 || l > MAX_FIELD_LENGTH || o + l > length || o == 0) { + /* debug("ntlmssp: insane data (l: %d, o: %d)\n", l,o); */ + return rv; + } +--- 84,90 ---- + o = WSWAP(str->offset); + /* debug("fetch_string(plength=%d,l=%d,o=%d)\n",length,l,o); */ + +! if (l < 0 || o <= 0 || l > MAX_FIELD_LENGTH || o + l > length) { + /* debug("ntlmssp: insane data (l: %d, o: %d)\n", l,o); */ + return rv; + } diff --git a/squid-2.5.STABLE6-ntlm_noreuse_leak.patch b/squid-2.5.STABLE6-ntlm_noreuse_leak.patch new file mode 100644 index 0000000..f65f53d --- /dev/null +++ b/squid-2.5.STABLE6-ntlm_noreuse_leak.patch @@ -0,0 +1,90 @@ +Index: squid/src/auth/ntlm/auth_ntlm.c +diff -c squid/src/auth/ntlm/auth_ntlm.c:1.17.2.13 squid/src/auth/ntlm/auth_ntlm.c:1.17.2.14 +*** squid/src/auth/ntlm/auth_ntlm.c:1.17.2.13 Sat Jul 17 10:05:53 2004 +--- squid/src/auth/ntlm/auth_ntlm.c Sat Jul 17 10:09:53 2004 +*************** +*** 92,97 **** +--- 92,98 ---- + + static hash_table *ntlm_challenge_cache = NULL; + ++ static void authenticateNTLMReleaseServer(ntlm_request_t * ntlm_request); + /* + * + * Private Functions +*************** +*** 381,388 **** + xfree(ntlm_request->ntlmauthenticate); + if (ntlm_request->authserver != NULL) { + debug(29, 9) ("authenticateNTLMRequestFree: releasing server '%p'\n", ntlm_request->authserver); +! helperStatefulReleaseServer(ntlm_request->authserver); +! ntlm_request->authserver = NULL; + } + memPoolFree(ntlm_request_pool, ntlm_request); + } +--- 382,388 ---- + xfree(ntlm_request->ntlmauthenticate); + if (ntlm_request->authserver != NULL) { + debug(29, 9) ("authenticateNTLMRequestFree: releasing server '%p'\n", ntlm_request->authserver); +! authenticateNTLMReleaseServer(ntlm_request); + } + memPoolFree(ntlm_request_pool, ntlm_request); + } +*************** +*** 420,425 **** +--- 420,429 ---- + helper_stateful_server *server = ntlm_request->authserver; + debug(29, 9) ("authenticateNTLMReleaseServer: releasing server '%p'\n", server); + ntlm_request->authserver = NULL; ++ if (!ntlmConfig->challengeuses) { ++ ntlm_helper_state_t *helperstate = helperStatefulServerGetData(server); ++ helperstate->starve = 1; ++ } + helperStatefulReleaseServer(server); + } + +*************** +*** 429,435 **** + { + helper_stateful_server *server = ntlm_request->authserver; + ntlm_helper_state_t *helperstate = helperStatefulServerGetData(server); +! debug(29, 9) ("authenticateNTLMReleaseServer: releasing server '%p'\n", server); + ntlm_request->authserver = NULL; + helperstate->starve = 1; + helperStatefulReleaseServer(server); +--- 433,439 ---- + { + helper_stateful_server *server = ntlm_request->authserver; + ntlm_helper_state_t *helperstate = helperStatefulServerGetData(server); +! debug(29, 9) ("authenticateNTLMResetServer: releasing server '%p'\n", server); + ntlm_request->authserver = NULL; + helperstate->starve = 1; + helperStatefulReleaseServer(server); +*************** +*** 692,698 **** + while ((server != NULL) && authenticateNTLMChangeChallenge_p(helperstate)) { + /* flag this helper for challenge changing */ + helperstate->starve = 1; +! helperStatefulReset(server); + /* Get another server */ + server = helperStatefulGetServer(ntlmauthenticators); + helperstate = server ? helperStatefulServerGetData(server) : NULL; +--- 696,702 ---- + while ((server != NULL) && authenticateNTLMChangeChallenge_p(helperstate)) { + /* flag this helper for challenge changing */ + helperstate->starve = 1; +! helperStatefulReleaseServer(server); + /* Get another server */ + server = helperStatefulGetServer(ntlmauthenticators); + helperstate = server ? helperStatefulServerGetData(server) : NULL; +*************** +*** 727,732 **** +--- 731,738 ---- + helperStatefulSubmit(ntlmauthenticators, buf, authenticateNTLMHandleReply, r, ntlm_request->authserver); + } + } else { ++ if (!ntlmConfig->challengeuses) ++ debug(29, 0) ("authenticateNTLMStart: Reused challenge in server %p even if challenge reuse is disabled!", server); + /* (server != NULL and we have a valid challenge) */ + /* TODO: turn the below into a function and call from here and handlereply */ + /* increment the challenge uses */ diff --git a/squid-2.5.STABLE6-ufs_create_error.patch b/squid-2.5.STABLE6-ufs_create_error.patch new file mode 100644 index 0000000..e483587 --- /dev/null +++ b/squid-2.5.STABLE6-ufs_create_error.patch @@ -0,0 +1,21 @@ +Index: squid/src/fs/ufs/store_io_ufs.c +diff -c squid/src/fs/ufs/store_io_ufs.c:1.9.2.2 squid/src/fs/ufs/store_io_ufs.c:1.9.2.4 +*** squid/src/fs/ufs/store_io_ufs.c:1.9.2.2 Mon May 31 16:03:31 2004 +--- squid/src/fs/ufs/store_io_ufs.c Sat Jul 17 13:44:20 2004 +*************** +*** 108,114 **** + debug(79, 3) ("storeUfsCreate: fileno %08X\n", filn); + fd = file_open(path, mode); + if (fd < 0) { +! debug(79, 3) ("storeUfsCreate: got failure (%d)\n", errno); + return NULL; + } + debug(79, 3) ("storeUfsCreate: opened FD %d\n", fd); +--- 108,114 ---- + debug(79, 3) ("storeUfsCreate: fileno %08X\n", filn); + fd = file_open(path, mode); + if (fd < 0) { +! debug(79, 1) ("storeUfsCreate: Failed to create %s (%s)\n", path, xstrerror()); + return NULL; + } + debug(79, 3) ("storeUfsCreate: opened FD %d\n", fd); diff --git a/squid-2.5.STABLE6-ufs_no_valid_dir.patch b/squid-2.5.STABLE6-ufs_no_valid_dir.patch new file mode 100644 index 0000000..e273819 --- /dev/null +++ b/squid-2.5.STABLE6-ufs_no_valid_dir.patch @@ -0,0 +1,14 @@ +Index: squid/src/fs/ufs/store_dir_ufs.c +diff -c squid/src/fs/ufs/store_dir_ufs.c:1.39.2.8 squid/src/fs/ufs/store_dir_ufs.c:1.39.2.9 +*** squid/src/fs/ufs/store_dir_ufs.c:1.39.2.8 Mon May 31 16:03:31 2004 +--- squid/src/fs/ufs/store_dir_ufs.c Wed Jul 14 10:26:12 2004 +*************** +*** 1636,1641 **** +--- 1636,1642 ---- + ufsinfo->swaplog_fd = -1; + ufsinfo->map = NULL; /* Debugging purposes */ + ufsinfo->suggest = 0; ++ ufsinfo->open_files = 0; + sd->init = storeUfsDirInit; + sd->newfs = storeUfsDirNewfs; + sd->dump = storeUfsDirDump; diff --git a/squid-2.5.STABLE7-blank_response.patch b/squid-2.5.STABLE7-blank_response.patch new file mode 100644 index 0000000..1fd2919 --- /dev/null +++ b/squid-2.5.STABLE7-blank_response.patch @@ -0,0 +1,23 @@ +Index: squid/src/HttpReply.c +diff -c squid/src/HttpReply.c:1.49.2.2 squid/src/HttpReply.c:1.49.2.3 +*** squid/src/HttpReply.c:1.49.2.2 Tue Oct 5 15:31:25 2004 +--- squid/src/HttpReply.c Sun Nov 7 08:26:59 2004 +*************** +*** 452,458 **** + int + httpReplyBodySize(method_t method, HttpReply * reply) + { +! if (METHOD_HEAD == method) + return 0; + else if (reply->sline.status == HTTP_OK) + (void) 0; /* common case, continue */ +--- 452,460 ---- + int + httpReplyBodySize(method_t method, HttpReply * reply) + { +! if (reply->sline.version.major < 1) +! return -1; +! else if (METHOD_HEAD == method) + return 0; + else if (reply->sline.status == HTTP_OK) + (void) 0; /* common case, continue */ diff --git a/squid-2.5.STABLE7-cachemgr_vmobjects.patch b/squid-2.5.STABLE7-cachemgr_vmobjects.patch new file mode 100644 index 0000000..1072484 --- /dev/null +++ b/squid-2.5.STABLE7-cachemgr_vmobjects.patch @@ -0,0 +1,179 @@ +Index: squid/src/stat.c +diff -c squid/src/stat.c:1.351.2.10 squid/src/stat.c:1.351.2.11 +*** squid/src/stat.c:1.351.2.10 Sat Jul 17 14:09:23 2004 +--- squid/src/stat.c Tue Dec 7 18:00:56 2004 +*************** +*** 58,64 **** + static void statCountersClean(StatCounters *); + static void statCountersCopy(StatCounters * dest, const StatCounters * orig); + static double statMedianSvc(int, int); +! static void statStoreEntry(StoreEntry * s, StoreEntry * e); + static double statCPUUsage(int minutes); + static OBJH stat_io_get; + static OBJH stat_objects_get; +--- 58,64 ---- + static void statCountersClean(StatCounters *); + static void statCountersCopy(StatCounters * dest, const StatCounters * orig); + static double statMedianSvc(int, int); +! static void statStoreEntry(MemBuf * mb, StoreEntry * e); + static double statCPUUsage(int minutes); + static OBJH stat_io_get; + static OBJH stat_objects_get; +*************** +*** 254,308 **** + } + + static void +! statStoreEntry(StoreEntry * s, StoreEntry * e) + { + MemObject *mem = e->mem_obj; + int i; + struct _store_client *sc; + dlink_node *node; +! storeAppendPrintf(s, "KEY %s\n", storeKeyText(e->hash.key)); + if (mem) +! storeAppendPrintf(s, "\t%s %s\n", + RequestMethodStr[mem->method], mem->log_url); +! storeAppendPrintf(s, "\t%s\n", describeStatuses(e)); +! storeAppendPrintf(s, "\t%s\n", storeEntryFlags(e)); +! storeAppendPrintf(s, "\t%s\n", describeTimestamps(e)); +! storeAppendPrintf(s, "\t%d locks, %d clients, %d refs\n", + (int) e->lock_count, + storePendingNClients(e), + (int) e->refcount); +! storeAppendPrintf(s, "\tSwap Dir %d, File %#08X\n", + e->swap_dirn, e->swap_filen); + if (mem != NULL) { +! storeAppendPrintf(s, "\tinmem_lo: %d\n", (int) mem->inmem_lo); +! storeAppendPrintf(s, "\tinmem_hi: %d\n", (int) mem->inmem_hi); +! storeAppendPrintf(s, "\tswapout: %d bytes queued\n", + (int) mem->swapout.queue_offset); + if (mem->swapout.sio) +! storeAppendPrintf(s, "\tswapout: %d bytes written\n", + (int) storeOffset(mem->swapout.sio)); + for (i = 0, node = mem->clients.head; node; node = node->next, i++) { + sc = (store_client *) node->data; + if (sc->callback_data == NULL) + continue; +! storeAppendPrintf(s, "\tClient #%d, %p\n", i, sc->callback_data); +! storeAppendPrintf(s, "\t\tcopy_offset: %d\n", + (int) sc->copy_offset); +! storeAppendPrintf(s, "\t\tseen_offset: %d\n", + (int) sc->seen_offset); +! storeAppendPrintf(s, "\t\tcopy_size: %d\n", + (int) sc->copy_size); +! storeAppendPrintf(s, "\t\tflags:"); + if (sc->flags.disk_io_pending) +! storeAppendPrintf(s, " disk_io_pending"); + if (sc->flags.store_copying) +! storeAppendPrintf(s, " store_copying"); + if (sc->flags.copy_event_pending) +! storeAppendPrintf(s, " copy_event_pending"); +! storeAppendPrintf(s, "\n"); + } + } +! storeAppendPrintf(s, "\n"); + } + + /* process objects list */ +--- 254,308 ---- + } + + static void +! statStoreEntry(MemBuf * mb, StoreEntry * e) + { + MemObject *mem = e->mem_obj; + int i; + struct _store_client *sc; + dlink_node *node; +! memBufPrintf(mb, "KEY %s\n", storeKeyText(e->hash.key)); + if (mem) +! memBufPrintf(mb, "\t%s %s\n", + RequestMethodStr[mem->method], mem->log_url); +! memBufPrintf(mb, "\t%s\n", describeStatuses(e)); +! memBufPrintf(mb, "\t%s\n", storeEntryFlags(e)); +! memBufPrintf(mb, "\t%s\n", describeTimestamps(e)); +! memBufPrintf(mb, "\t%d locks, %d clients, %d refs\n", + (int) e->lock_count, + storePendingNClients(e), + (int) e->refcount); +! memBufPrintf(mb, "\tSwap Dir %d, File %#08X\n", + e->swap_dirn, e->swap_filen); + if (mem != NULL) { +! memBufPrintf(mb, "\tinmem_lo: %d\n", (int) mem->inmem_lo); +! memBufPrintf(mb, "\tinmem_hi: %d\n", (int) mem->inmem_hi); +! memBufPrintf(mb, "\tswapout: %d bytes queued\n", + (int) mem->swapout.queue_offset); + if (mem->swapout.sio) +! memBufPrintf(mb, "\tswapout: %d bytes written\n", + (int) storeOffset(mem->swapout.sio)); + for (i = 0, node = mem->clients.head; node; node = node->next, i++) { + sc = (store_client *) node->data; + if (sc->callback_data == NULL) + continue; +! memBufPrintf(mb, "\tClient #%d, %p\n", i, sc->callback_data); +! memBufPrintf(mb, "\t\tcopy_offset: %d\n", + (int) sc->copy_offset); +! memBufPrintf(mb, "\t\tseen_offset: %d\n", + (int) sc->seen_offset); +! memBufPrintf(mb, "\t\tcopy_size: %d\n", + (int) sc->copy_size); +! memBufPrintf(mb, "\t\tflags:"); + if (sc->flags.disk_io_pending) +! memBufPrintf(mb, " disk_io_pending"); + if (sc->flags.store_copying) +! memBufPrintf(mb, " store_copying"); + if (sc->flags.copy_event_pending) +! memBufPrintf(mb, " copy_event_pending"); +! memBufPrintf(mb, "\n"); + } + } +! memBufPrintf(mb, "\n"); + } + + /* process objects list */ +*************** +*** 326,344 **** + eventAdd("statObjects", statObjects, state, 0.1, 1); + return; + } +- storeBuffer(state->sentry); + debug(49, 3) ("statObjects: Bucket #%d\n", state->bucket); + link_next = hash_get_bucket(store_table, state->bucket); +! while (NULL != (link_ptr = link_next)) { +! link_next = link_ptr->next; +! e = (StoreEntry *) link_ptr; +! if (state->filter && 0 == state->filter(e)) +! continue; +! statStoreEntry(state->sentry, e); + } + state->bucket++; + eventAdd("statObjects", statObjects, state, 0.0, 1); +- storeBufferFlush(state->sentry); + } + + static void +--- 326,348 ---- + eventAdd("statObjects", statObjects, state, 0.1, 1); + return; + } + debug(49, 3) ("statObjects: Bucket #%d\n", state->bucket); + link_next = hash_get_bucket(store_table, state->bucket); +! if (link_next) { +! MemBuf mb; +! memBufDefInit(&mb); +! while (NULL != (link_ptr = link_next)) { +! link_next = link_ptr->next; +! e = (StoreEntry *) link_ptr; +! if (state->filter && 0 == state->filter(e)) +! continue; +! statStoreEntry(&mb, e); +! } +! storeAppend(state->sentry, mb.buf, mb.size); +! memBufClean(&mb); + } + state->bucket++; + eventAdd("statObjects", statObjects, state, 0.0, 1); + } + + static void diff --git a/squid-2.5.STABLE7-dns_memleak.patch b/squid-2.5.STABLE7-dns_memleak.patch new file mode 100644 index 0000000..9cc6f0d --- /dev/null +++ b/squid-2.5.STABLE7-dns_memleak.patch @@ -0,0 +1,28 @@ +Index: squid/lib/rfc1035.c +diff -c squid/lib/rfc1035.c:1.22.2.5 squid/lib/rfc1035.c:1.22.2.6 +*** squid/lib/rfc1035.c:1.22.2.5 Sun Apr 11 03:14:52 2004 +--- squid/lib/rfc1035.c Sun Jan 16 19:00:30 2005 +*************** +*** 554,564 **** + return -rfc1035_unpack_error; + } + } +! i = (int) hdr.ancount; +! if (i == 0) + return 0; +! recs = calloc(i, sizeof(*recs)); +! while (i--) { + if (off >= sz) { /* corrupt packet */ + RFC1035_UNPACK_DEBUG; + break; +--- 554,563 ---- + return -rfc1035_unpack_error; + } + } +! if (hdr.ancount == 0) + return 0; +! recs = calloc((int)hdr.ancount, sizeof(*recs)); +! for (i = 0; i < (int)hdr.ancount; i++) { + if (off >= sz) { /* corrupt packet */ + RFC1035_UNPACK_DEBUG; + break; diff --git a/squid-2.5.STABLE7-dothost.patch b/squid-2.5.STABLE7-dothost.patch new file mode 100644 index 0000000..1335b03 --- /dev/null +++ b/squid-2.5.STABLE7-dothost.patch @@ -0,0 +1,72 @@ +Index: squid/src/fqdncache.c +diff -c squid/src/fqdncache.c:1.149.2.4 squid/src/fqdncache.c:1.149.2.5 +*** squid/src/fqdncache.c:1.149.2.4 Sat Dec 6 10:19:37 2003 +--- squid/src/fqdncache.c Tue Dec 7 16:40:57 2004 +*************** +*** 359,364 **** +--- 359,365 ---- + FqdncacheStats.requests++; + if (name == NULL || name[0] == '\0') { + debug(35, 4) ("fqdncache_nbgethostbyaddr: Invalid name!\n"); ++ dns_error_message = "Invalid hostname"; + handler(NULL, handlerData); + return; + } +*************** +*** 444,451 **** +--- 445,454 ---- + } else { + FqdncacheStats.hits++; + f->lastref = squid_curtime; ++ dns_error_message = f->error_message; + return f->names[0]; + } ++ dns_error_message = NULL; + /* check if it's already a FQDN address in text form. */ + if (!safe_inet_addr(name, &ip)) + return name; +Index: squid/src/ipcache.c +diff -c squid/src/ipcache.c:1.236.2.4 squid/src/ipcache.c:1.236.2.5 +*** squid/src/ipcache.c:1.236.2.4 Mon Sep 27 12:17:39 2004 +--- squid/src/ipcache.c Tue Dec 7 16:40:57 2004 +*************** +*** 406,415 **** +--- 406,417 ---- + IpcacheStats.requests++; + if (name == NULL || name[0] == '\0') { + debug(14, 4) ("ipcache_nbgethostbyname: Invalid name!\n"); ++ dns_error_message = "Invalid hostname"; + handler(NULL, handlerData); + return; + } + if ((addrs = ipcacheCheckNumeric(name))) { ++ dns_error_message = NULL; + handler(addrs, handlerData); + return; + } +*************** +*** 502,511 **** + } else { + IpcacheStats.hits++; + i->lastref = squid_curtime; + return &i->addrs; + } +! if ((addrs = ipcacheCheckNumeric(name))) + return addrs; + IpcacheStats.misses++; + if (flags & IP_LOOKUP_IF_MISS) + ipcache_nbgethostbyname(name, dummy_handler, NULL); +--- 504,516 ---- + } else { + IpcacheStats.hits++; + i->lastref = squid_curtime; ++ dns_error_message = i->error_message; + return &i->addrs; + } +! dns_error_message = NULL; +! if ((addrs = ipcacheCheckNumeric(name))) { + return addrs; ++ } + IpcacheStats.misses++; + if (flags & IP_LOOKUP_IF_MISS) + ipcache_nbgethostbyname(name, dummy_handler, NULL); diff --git a/squid-2.5.STABLE7-empty_acls.patch b/squid-2.5.STABLE7-empty_acls.patch new file mode 100644 index 0000000..a939f5b --- /dev/null +++ b/squid-2.5.STABLE7-empty_acls.patch @@ -0,0 +1,133 @@ +Index: squid/src/acl.c +diff -c squid/src/acl.c:1.270.2.30 squid/src/acl.c:1.270.2.31 +*** squid/src/acl.c:1.270.2.30 Wed Oct 20 17:18:36 2004 +--- squid/src/acl.c Tue Dec 21 10:45:10 2004 +*************** +*** 557,567 **** + } else { + /* assume its time-of-day spec */ + if (sscanf(t, "%d:%d-%d:%d", &h1, &m1, &h2, &m2) < 4) { +! debug(28, 0) ("%s line %d: %s\n", + cfg_filename, config_lineno, config_input_line); +- debug(28, 0) ("aclParseTimeSpec: IGNORING Bad time range\n"); +- memFree(q, MEM_ACL_TIME_DATA); +- return; + } + q = memAllocate(MEM_ACL_TIME_DATA); + q->start = h1 * 60 + m1; +--- 557,565 ---- + } else { + /* assume its time-of-day spec */ + if (sscanf(t, "%d:%d-%d:%d", &h1, &m1, &h2, &m2) < 4) { +! fatalf("aclParseTimeSpec: ERROR: Bad time range in" +! "%s line %d: %s\n", + cfg_filename, config_lineno, config_input_line); + } + q = memAllocate(MEM_ACL_TIME_DATA); + q->start = h1 * 60 + m1; +*************** +*** 569,579 **** + q->weekbits = weekbits; + weekbits = 0; + if (q->start > q->stop) { +! debug(28, 0) ("%s line %d: %s\n", + cfg_filename, config_lineno, config_input_line); +- debug(28, 0) ("aclParseTimeSpec: IGNORING Reversed time range\n"); +- memFree(q, MEM_ACL_TIME_DATA); +- return; + } + if (q->weekbits == 0) + q->weekbits = ACL_ALLWEEK; +--- 567,575 ---- + q->weekbits = weekbits; + weekbits = 0; + if (q->start > q->stop) { +! fatalf("aclParseTimeSpec: ERROR: Reversed time range in" +! "%s line %d: %s\n", + cfg_filename, config_lineno, config_input_line); + } + if (q->weekbits == 0) + q->weekbits = ACL_ALLWEEK; +*************** +*** 891,912 **** + break; + case ACL_PROXY_AUTH: + if (authenticateSchemeCount() == 0) { +! debug(28, 0) ("aclParseAclLine: IGNORING: Proxy Auth ACL '%s' \ +! because no authentication schemes were compiled.\n", A->cfgline); + } else if (authenticateActiveSchemeCount() == 0) { +! debug(28, 0) ("aclParseAclLine: IGNORING: Proxy Auth ACL '%s' \ +! because no authentication schemes are fully configured.\n", A->cfgline); + } else { + aclParseUserList(&A->data); + } + break; + case ACL_PROXY_AUTH_REGEX: + if (authenticateSchemeCount() == 0) { +! debug(28, 0) ("aclParseAclLine: IGNORING: Proxy Auth ACL '%s' \ +! because no authentication schemes were compiled.\n", A->cfgline); + } else if (authenticateActiveSchemeCount() == 0) { +! debug(28, 0) ("aclParseAclLine: IGNORING: Proxy Auth ACL '%s' \ +! because no authentication schemes are fully configured.\n", A->cfgline); + } else { + aclParseRegexList(&A->data); + } +--- 887,908 ---- + break; + case ACL_PROXY_AUTH: + if (authenticateSchemeCount() == 0) { +! fatalf("Invalid Proxy Auth ACL '%s' " +! "because no authentication schemes were compiled.\n", A->cfgline); + } else if (authenticateActiveSchemeCount() == 0) { +! fatalf("Invalid Proxy Auth ACL '%s' " +! "because no authentication schemes are fully configured.\n", A->cfgline); + } else { + aclParseUserList(&A->data); + } + break; + case ACL_PROXY_AUTH_REGEX: + if (authenticateSchemeCount() == 0) { +! fatalf("Invalid Proxy Auth ACL '%s' " +! "because no authentication schemes were compiled.\n", A->cfgline); + } else if (authenticateActiveSchemeCount() == 0) { +! fatalf("Invalid Proxy Auth ACL '%s' " +! "because no authentication schemes are fully configured.\n", A->cfgline); + } else { + aclParseRegexList(&A->data); + } +*************** +*** 936,945 **** + if (!new_acl) + return; + if (A->data == NULL) { +! debug(28, 0) ("aclParseAclLine: IGNORING invalid ACL: %s\n", + A->cfgline); +- memFree(A, MEM_ACL); +- return; + } + /* append */ + while (*head) +--- 932,939 ---- + if (!new_acl) + return; + if (A->data == NULL) { +! debug(28, 0) ("aclParseAclLine: WARNING: empty ACL: %s\n", + A->cfgline); + } + /* append */ + while (*head) +Index: squid/lib/splay.c +diff -c squid/lib/splay.c:1.12.4.1 squid/lib/splay.c:1.12.4.2 +*** squid/lib/splay.c:1.12.4.1 Thu Jan 15 00:38:35 2004 +--- squid/lib/splay.c Tue Dec 21 10:45:10 2004 +*************** +*** 104,109 **** +--- 104,111 ---- + void + splay_destroy(splayNode * top, SPLAYFREE * free_func) + { ++ if (!top) ++ return; + if (top->left) + splay_destroy(top->left, free_func); + if (top->right) diff --git a/squid-2.5.STABLE7-fakeauth_auth.patch b/squid-2.5.STABLE7-fakeauth_auth.patch new file mode 100644 index 0000000..1f9836a --- /dev/null +++ b/squid-2.5.STABLE7-fakeauth_auth.patch @@ -0,0 +1,324 @@ +Index: squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c +diff -c squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c:1.3.2.1 squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c:1.3.2.7 +*** squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c:1.3.2.1 Fri Aug 20 02:09:58 2004 +--- squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c Fri Jan 7 14:12:27 2005 +*************** +*** 38,47 **** + #if HAVE_PWD_H + #include + #endif +! +! +! #define ERR "ERR\n" +! #define OK "OK\n" + + #if 0 + #define NTLM_STATIC_CHALLENGE "deadbeef" +--- 38,46 ---- + #if HAVE_PWD_H + #include + #endif +! #if HAVE_ASSERT_H +! #include +! #endif + + #if 0 + #define NTLM_STATIC_CHALLENGE "deadbeef" +*************** +*** 55,61 **** + static void + lc(char *string) + { +! char *p = string, c; + while ((c = *p)) { + *p = tolower(c); + p++; +--- 54,61 ---- + static void + lc(char *string) + { +! char *p = string; +! char c; + while ((c = *p)) { + *p = tolower(c); + p++; +*************** +*** 65,71 **** + + /* + * Generates a challenge request. The randomness of the 8 byte +! * challenge strings can be guarenteed to be poor at best. + */ + void + ntlmMakeChallenge(struct ntlm_challenge *chal) +--- 65,71 ---- + + /* + * Generates a challenge request. The randomness of the 8 byte +! * challenge strings can be guaranteed to be poor at best. + */ + void + ntlmMakeChallenge(struct ntlm_challenge *chal) +*************** +*** 89,95 **** + if (authenticate_ntlm_domain != NULL) + while (authenticate_ntlm_domain[i++]); + +- + chal->target.offset = WSWAP(48); + chal->target.maxlen = SSWAP(i); + chal->target.len = chal->target.maxlen; +--- 89,94 ---- +*************** +*** 110,116 **** + } + + /* +! * Check the vailidity of a request header. Return -1 on error. + */ + int + ntlmCheckHeader(ntlmhdr * hdr, int type) +--- 109,115 ---- + } + + /* +! * Check the validity of a request header. Return -1 on error. + */ + int + ntlmCheckHeader(ntlmhdr * hdr, int type) +*************** +*** 127,135 **** + return 0; + + if (WSWAP(hdr->type) != type) { +! /* don't report this error - it's ok as we do a if() around this function */ +! // fprintf(stderr, "ntlmCheckHeader: type is %d, wanted %d\n", +! // WSWAP(hdr->type), type); + return (-1); + } + return (0); +--- 126,133 ---- + return 0; + + if (WSWAP(hdr->type) != type) { +! /* don't report this error - it's ok as we do a if() around this function */ +! /* fprintf(stderr, "ntlmCheckHeader: type is %d, wanted %d\n", WSWAP(hdr->type), type); */ + return (-1); + } + return (0); +*************** +*** 142,150 **** + ntlmGetString(ntlmhdr * hdr, strhdr * str, int flags) + { + static char buf[512]; +! u_short *s, c; +! char *d, *sc; +! int l, o; + + l = SSWAP(str->len); + o = WSWAP(str->offset); +--- 140,151 ---- + ntlmGetString(ntlmhdr * hdr, strhdr * str, int flags) + { + static char buf[512]; +! u_short *s; +! u_short c; +! char *d; +! char *sc; +! int l; +! int o; + + l = SSWAP(str->len); + o = WSWAP(str->offset); +*************** +*** 195,256 **** + int + ntlmDecodeAuth(struct ntlm_authenticate *auth, char *buf, size_t size) + { +! char *p, *origbuf; + int s; + +! if (!buf) { + return 1; +- } + origbuf = buf; +! if (ntlmCheckHeader(&auth->hdr, NTLM_AUTHENTICATE)) { + +- fprintf(stderr, "ntlmDecodeAuth: header check fails\n"); +- return -1; +- } +- /* only on when you need to debug +- * fprintf(stderr,"ntlmDecodeAuth: size of %d\n", size); +- * fprintf(stderr,"ntlmDecodeAuth: flg %08x\n", auth->flags); +- * fprintf(stderr,"ntlmDecodeAuth: usr o(%d) l(%d)\n", auth->user.offset, auth->user.len); +- */ + if ((p = ntlmGetString(&auth->hdr, &auth->domain, 2)) == NULL) + p = authenticate_ntlm_domain; +! // fprintf(stderr,"ntlmDecodeAuth: Domain '%s'.\n",p); + if ((s = strlen(p) + 1) >= size) + return 1; + strcpy(buf, p); +! // fprintf(stdout,"ntlmDecodeAuth: Domain '%s'.\n",buf); + + size -= s; + buf += (s - 1); + *buf++ = '\\'; /* Using \ is more consistent with MS-proxy */ + + p = ntlmGetString(&auth->hdr, &auth->user, 2); + if ((s = strlen(p) + 1) >= size) + return 1; + while (*p) +! *buf++ = (*p++); //tolower + + *buf++ = '\0'; + size -= s; +! // fprintf(stderr, "ntlmDecodeAuth: user: %s%s\n",origbuf, p); +! + + return 0; + } + + + int +! main() + { + char buf[256]; +! char user[256], *p, *cleartext; + struct ntlm_challenge chal; + int len; + char *data = NULL; + + setbuf(stdout, NULL); + while (fgets(buf, 256, stdin) != NULL) { +! user[0] = '\0'; /*no usercode */ + + if ((p = strchr(buf, '\n')) != NULL) + *p = '\0'; /* strip \n */ +--- 196,265 ---- + int + ntlmDecodeAuth(struct ntlm_authenticate *auth, char *buf, size_t size) + { +! char *p; +! char *origbuf; + int s; + +! if (!buf) + return 1; + origbuf = buf; +! assert (0 == ntlmCheckHeader(&auth->hdr, NTLM_AUTHENTICATE)); +! +! #if DEBUG_FAKEAUTH +! fprintf(stderr,"ntlmDecodeAuth: size of %d\n", size); +! fprintf(stderr,"ntlmDecodeAuth: flg %08x\n", auth->flags); +! fprintf(stderr,"ntlmDecodeAuth: usr o(%d) l(%d)\n", auth->user.offset, +! auth->user.len); +! #endif + + if ((p = ntlmGetString(&auth->hdr, &auth->domain, 2)) == NULL) + p = authenticate_ntlm_domain; +! #if DEBUG_FAKEAUTH +! fprintf(stderr,"ntlmDecodeAuth: Domain '%s'.\n",p); +! #endif + if ((s = strlen(p) + 1) >= size) + return 1; + strcpy(buf, p); +! #if DEBUG_FAKEAUTH +! fprintf(stdout,"ntlmDecodeAuth: Domain '%s'.\n",buf); +! #endif + + size -= s; + buf += (s - 1); + *buf++ = '\\'; /* Using \ is more consistent with MS-proxy */ + + p = ntlmGetString(&auth->hdr, &auth->user, 2); ++ if (NULL == p) ++ return 1; + if ((s = strlen(p) + 1) >= size) + return 1; + while (*p) +! *buf++ = (*p++); /* tolower */ + + *buf++ = '\0'; + size -= s; +! #if DEBUG_FAKEAUTH +! fprintf(stderr, "ntlmDecodeAuth: user: %s%s\n",origbuf, p); +! #endif + + return 0; + } + + + int +! main(int argc, char *argv[]) + { + char buf[256]; +! char user[256]; +! char *p; +! char *cleartext = NULL; + struct ntlm_challenge chal; + int len; + char *data = NULL; + + setbuf(stdout, NULL); + while (fgets(buf, 256, stdin) != NULL) { +! memset(user, '\0', sizeof(user)); /* no usercode */ + + if ((p = strchr(buf, '\n')) != NULL) + *p = '\0'; /* strip \n */ +*************** +*** 270,280 **** + printf("AF %s\n", user); + } else { + lc(user); +! printf("NA invalid credentials%s\n", user); + } + } else { + lc(user); +! printf("BH wrong packet type!%s\n", user); + } + } + #endif +--- 279,289 ---- + printf("AF %s\n", user); + } else { + lc(user); +! printf("NA invalid credentials, user=%s\n", user); + } + } else { + lc(user); +! printf("BH wrong packet type! user=%s\n", user); + } + } + #endif +*************** +*** 291,300 **** + SSWAP(chal.target.maxlen); + data = (char *) base64_encode_bin((char *) &chal, len); + printf("CH %s\n", data); +! } else if (!ntlmCheckHeader +! ((struct ntlmhdr *) cleartext, NTLM_AUTHENTICATE)) { +! if (!ntlmDecodeAuth +! ((struct ntlm_authenticate *) cleartext, user, 256)) { + lc(user); + printf("OK %s\n", user); + } else { +--- 300,307 ---- + SSWAP(chal.target.maxlen); + data = (char *) base64_encode_bin((char *) &chal, len); + printf("CH %s\n", data); +! } else if (!ntlmCheckHeader ((struct ntlmhdr *) cleartext, NTLM_AUTHENTICATE)) { +! if (!ntlmDecodeAuth ((struct ntlm_authenticate *) cleartext, user, 256)) { + lc(user); + printf("OK %s\n", user); + } else { +*************** +*** 307,312 **** +--- 314,321 ---- + } + } + #endif /*v2 */ ++ free(cleartext); ++ cleartext = NULL; + } + exit(0); + } diff --git a/squid-2.5.STABLE7-gopher_html_parsing.patch b/squid-2.5.STABLE7-gopher_html_parsing.patch new file mode 100644 index 0000000..d637ce9 --- /dev/null +++ b/squid-2.5.STABLE7-gopher_html_parsing.patch @@ -0,0 +1,18 @@ +Index: squid/src/gopher.c +diff -c squid/src/gopher.c:1.162.2.7 squid/src/gopher.c:1.162.2.8 +*** squid/src/gopher.c:1.162.2.7 Sat Nov 29 01:38:36 2003 +--- squid/src/gopher.c Tue Jan 11 23:04:01 2005 +*************** +*** 342,347 **** +--- 342,352 ---- + if (gopherState->len != 0) { + /* there is something left from last tx. */ + xstrncpy(line, gopherState->buf, gopherState->len + 1); ++ if (gopherState->len + len > TEMP_BUF_SIZE) { ++ debug(10, 1) ("GopherHTML: Buffer overflow. Lost some data on URL: %s\n", ++ storeUrl(entry)); ++ len = TEMP_BUF_SIZE - gopherState->len; ++ } + lpos = (char *) memccpy(line + gopherState->len, inbuf, '\n', len); + if (lpos) + *lpos = '\0'; diff --git a/squid-2.5.STABLE7-half_closed_POST.patch b/squid-2.5.STABLE7-half_closed_POST.patch new file mode 100644 index 0000000..977a1f5 --- /dev/null +++ b/squid-2.5.STABLE7-half_closed_POST.patch @@ -0,0 +1,28 @@ +Index: squid/src/client_side.c +diff -c squid/src/client_side.c:1.561.2.60 squid/src/client_side.c:1.561.2.61 +*** squid/src/client_side.c:1.561.2.60 Tue Oct 5 16:34:42 2004 +--- squid/src/client_side.c Thu Oct 14 16:41:48 2004 +*************** +*** 2882,2891 **** + } + + static int +! clientReadDefer(int fdnotused, void *data) + { + ConnStateData *conn = data; +! if (conn->body.size_left) + return conn->in.offset >= conn->in.size - 1; + else + return conn->defer.until > squid_curtime; +--- 2882,2892 ---- + } + + static int +! clientReadDefer(int fd, void *data) + { ++ fde *F = &fd_table[fd]; + ConnStateData *conn = data; +! if (conn->body.size_left && !F->flags.socket_eof) + return conn->in.offset >= conn->in.size - 1; + else + return conn->defer.until > squid_curtime; diff --git a/squid-2.5.STABLE7-header_parsing.patch b/squid-2.5.STABLE7-header_parsing.patch new file mode 100644 index 0000000..07e0c80 --- /dev/null +++ b/squid-2.5.STABLE7-header_parsing.patch @@ -0,0 +1,1230 @@ +Index: squid/src/HttpHeader.c +diff -c squid/src/HttpHeader.c:1.74.2.9 squid/src/HttpHeader.c:1.74.2.22 +*** squid/src/HttpHeader.c:1.74.2.9 Wed Sep 1 07:55:47 2004 +--- squid/src/HttpHeader.c Fri Jan 21 18:15:48 2005 +*************** +*** 404,443 **** + int + httpHeaderParse(HttpHeader * hdr, const char *header_start, const char *header_end) + { +! const char *field_start = header_start; +! HttpHeaderEntry *e; + + assert(hdr); + assert(header_start && header_end); + debug(55, 7) ("parsing hdr: (%p)\n%s\n", hdr, getStringPrefix(header_start, header_end)); + HttpHeaderStats[hdr->owner].parsedCount++; +! /* commonn format headers are ":[ws]" lines delimited by */ +! while (field_start < header_end) { + const char *field_end; +- const char *field_ptr = field_start; + do { +! field_end = field_ptr = field_ptr + strcspn(field_ptr, "\r\n"); +! /* skip CRLF */ +! if (*field_ptr == '\r') +! field_ptr++; +! if (*field_ptr == '\n') +! field_ptr++; + } +- while (*field_ptr == ' ' || *field_ptr == '\t'); +- if (!*field_end || field_end > header_end) +- return httpHeaderReset(hdr); /* missing */ + e = httpHeaderEntryParseCreate(field_start, field_end); +! if (e != NULL) +! httpHeaderAddEntry(hdr, e); +! else +! debug(55, 2) ("warning: ignoring unparseable http header field near '%s'\n", +! getStringPrefix(field_start, field_end)); +! field_start = field_end; +! /* skip CRLF */ +! if (*field_start == '\r') +! field_start++; +! if (*field_start == '\n') +! field_start++; + } + return 1; /* even if no fields where found, it is a valid header */ + } +--- 404,481 ---- + int + httpHeaderParse(HttpHeader * hdr, const char *header_start, const char *header_end) + { +! const char *field_ptr = header_start; +! HttpHeaderEntry *e, *e2; + + assert(hdr); + assert(header_start && header_end); + debug(55, 7) ("parsing hdr: (%p)\n%s\n", hdr, getStringPrefix(header_start, header_end)); + HttpHeaderStats[hdr->owner].parsedCount++; +! if (memchr(header_start, '\0', header_end - header_start)) { +! debug(55, 1) ("WARNING: HTTP header contains NULL characters {%s}\n", +! getStringPrefix(header_start, header_end)); +! return httpHeaderReset(hdr); +! } +! /* common format headers are ":[ws]" lines delimited by . +! * continuation lines start with a (single) space or tab */ +! while (field_ptr < header_end) { +! const char *field_start = field_ptr; + const char *field_end; + do { +! const char *this_line = field_ptr; +! field_ptr = memchr(field_ptr, '\n', header_end - field_ptr); +! if (!field_ptr) +! return httpHeaderReset(hdr); /* missing */ +! field_end = field_ptr; +! field_ptr++; /* Move to next line */ +! if (field_end > this_line && field_end[-1] == '\r') { +! field_end--; /* Ignore CR LF */ +! /* Ignore CR CR LF in relaxed mode */ +! if (Config.onoff.relaxed_header_parser && field_end > this_line + 1 && field_end[-1] == '\r') +! field_end--; +! } +! /* Barf on stray CR characters */ +! if (memchr(this_line, '\r', field_end - this_line)) { +! debug(55, 1) ("WARNING: suspicious CR characters in HTTP header near {%s}\n", +! getStringPrefix(field_start, header_end)); +! return httpHeaderReset(hdr); +! } +! if (this_line + 1 == field_end && this_line > field_start) { +! debug(55, 1) ("WARNING: Blank continuation line in HTTP header near {%s}\n", +! getStringPrefix(field_start, header_end)); +! return httpHeaderReset(hdr); +! } +! } while (field_ptr < header_end && (*field_ptr == ' ' || *field_ptr == '\t')); +! if (field_start == field_end) { +! if (field_ptr < header_end) { +! debug(55, 1) ("WARNING: unparseable HTTP header field near {%s}\n", +! getStringPrefix(field_start, header_end)); +! return httpHeaderReset(hdr); +! } +! break; /* terminating blank line */ + } + e = httpHeaderEntryParseCreate(field_start, field_end); +! if (NULL == e) { +! debug(55, 1) ("WARNING: unparseable HTTP header field near {%s}\n", +! getStringPrefix(field_start, header_end)); +! return httpHeaderReset(hdr); +! } +! if (e->id == HDR_CONTENT_LENGTH && (e2 = httpHeaderFindEntry(hdr, e->id)) != NULL) { +! if (strCmp(e->value, strBuf(e2->value)) != 0) { +! debug(55, 1) ("WARNING: found two conflicting content-length headers\n"); +! httpHeaderEntryDestroy(e); +! return httpHeaderReset(hdr); +! } else { +! debug(55, 2) ("NOTICE: found double content-length header\n"); +! } +! } +! if (e->id == HDR_OTHER && stringHasWhitespace(strBuf(e->name))) { +! debug(55, 1) ("WARNING: found whitespace in HTTP header name {%s}\n", getStringPrefix(field_start, field_end)); +! httpHeaderEntryDestroy(e); +! if (!Config.onoff.relaxed_header_parser) +! return httpHeaderReset(hdr); +! } +! httpHeaderAddEntry(hdr, e); + } + return 1; /* even if no fields where found, it is a valid header */ + } +*************** +*** 1048,1055 **** + HttpHeaderEntry *e; + int id; + /* note: name_start == field_start */ +! const char *name_end = strchr(field_start, ':'); +! const int name_len = name_end ? name_end - field_start : 0; + const char *value_start = field_start + name_len + 1; /* skip ':' */ + /* note: value_end == field_end */ + +--- 1086,1093 ---- + HttpHeaderEntry *e; + int id; + /* note: name_start == field_start */ +! const char *name_end = memchr(field_start, ':', field_end - field_start); +! int name_len = name_end ? name_end - field_start : 0; + const char *value_start = field_start + name_len + 1; /* skip ':' */ + /* note: value_end == field_end */ + +*************** +*** 1063,1068 **** +--- 1101,1113 ---- + debug(55, 1) ("WARNING: ignoring header name of %d bytes\n", name_len); + return NULL; + } ++ if (Config.onoff.relaxed_header_parser && xisspace(field_start[name_len - 1])) { ++ debug(55, 1) ("NOTICE: Whitespace after header name in '%s'\n", getStringPrefix(field_start, field_end)); ++ while (name_len > 0 && xisspace(field_start[name_len - 1])) ++ name_len--; ++ if (!name_len) ++ return NULL; ++ } + /* now we know we can parse it */ + e = memAllocate(MEM_HTTP_HDR_ENTRY); + debug(55, 9) ("creating entry %p: near '%s'\n", e, getStringPrefix(field_start, field_end)); +*************** +*** 1080,1085 **** +--- 1125,1132 ---- + /* trim field value */ + while (value_start < field_end && xisspace(*value_start)) + value_start++; ++ while (value_start < field_end && xisspace(field_end[-1])) ++ field_end--; + if (field_end - value_start > 65536) { + /* String has a 64K limit */ + debug(55, 1) ("WARNING: ignoring '%s' header of %d bytes\n", +Index: squid/src/client_side.c +diff -c squid/src/client_side.c:1.561.2.62 squid/src/client_side.c:1.561.2.63 +*** squid/src/client_side.c:1.561.2.62 Tue Nov 16 14:14:12 2004 +--- squid/src/client_side.c Tue Nov 16 14:21:55 2004 +*************** +*** 3057,3069 **** + errorAppendEntry(http->entry, err); + safe_free(prefix); + break; +! } else { +! /* compile headers */ +! /* we should skip request line! */ +! if (!httpRequestParseHeader(request, prefix + req_line_sz)) +! debug(33, 1) ("Failed to parse request headers: %s\n%s\n", +! http->uri, prefix); +! /* continue anyway? */ + } + request->flags.accelerated = http->flags.accel; + if (!http->flags.internal) { +--- 3057,3077 ---- + errorAppendEntry(http->entry, err); + safe_free(prefix); + break; +! } +! /* compile headers */ +! /* we should skip request line! */ +! if (!httpRequestParseHeader(request, prefix + req_line_sz)) { +! debug(33, 1) ("Failed to parse request headers: %s\n%s\n", +! http->uri, prefix); +! err = errorCon(ERR_INVALID_URL, HTTP_BAD_REQUEST); +! err->src_addr = conn->peer.sin_addr; +! err->url = xstrdup(http->uri); +! http->al.http.code = err->http_status; +! http->log_type = LOG_TCP_DENIED; +! http->entry = clientCreateStoreEntry(http, method, null_request_flags); +! errorAppendEntry(http->entry, err); +! safe_free(prefix); +! break; + } + request->flags.accelerated = http->flags.accel; + if (!http->flags.internal) { +Index: squid/src/http.c +diff -c squid/src/http.c:1.384.2.19 squid/src/http.c:1.384.2.23 +*** squid/src/http.c:1.384.2.19 Thu Oct 7 12:43:44 2004 +--- squid/src/http.c Thu Jan 20 16:27:07 2005 +*************** +*** 416,421 **** +--- 416,422 ---- + debug(11, 3) ("httpProcessReplyHeader: Non-HTTP-compliant header: '%s'\n", httpState->reply_hdr.buf); + httpState->reply_hdr_state += 2; + memBufClean(&httpState->reply_hdr); ++ httpBuildVersion(&reply->sline.version, 0, 9); + reply->sline.status = HTTP_INVALID_HEADER; + return; + } +*************** +*** 449,454 **** +--- 450,460 ---- + /* Parse headers into reply structure */ + /* what happens if we fail to parse here? */ + httpReplyParse(reply, httpState->reply_hdr.buf, hdr_size); ++ if (reply->sline.status >= HTTP_INVALID_HEADER) { ++ debug(11, 3) ("httpProcessReplyHeader: Non-HTTP-compliant header: '%s'\n", httpState->reply_hdr.buf); ++ memBufClean(&httpState->reply_hdr); ++ return; ++ } + storeTimestampsSet(entry); + /* Check if object is cacheable or not based on reply code */ + debug(11, 3) ("httpProcessReplyHeader: HTTP CODE: %d\n", reply->sline.status); +*************** +*** 662,667 **** +--- 668,680 ---- + err->request = requestLink((request_t *) request); + fwdFail(httpState->fwd, err); + httpState->fwd->flags.dont_retry = 1; ++ } else if (entry->mem_obj->reply->sline.status == HTTP_INVALID_HEADER && !(entry->mem_obj->reply->sline.version.major == 0 && entry->mem_obj->reply->sline.version.minor == 9)) { ++ ErrorState *err; ++ storeEntryReset(entry); ++ err = errorCon(ERR_INVALID_RESP, HTTP_BAD_GATEWAY); ++ err->request = requestLink((request_t *) request); ++ fwdFail(httpState->fwd, err); ++ httpState->fwd->flags.dont_retry = 1; + } else { + fwdComplete(httpState->fwd); + } +*************** +*** 670,687 **** + } else { + if (httpState->reply_hdr_state < 2) { + httpProcessReplyHeader(httpState, buf, len); +- if (entry->mem_obj->reply->sline.status == HTTP_HEADER_TOO_LARGE) { +- ErrorState *err; +- storeEntryReset(entry); +- err = errorCon(ERR_TOO_BIG, HTTP_BAD_GATEWAY); +- err->request = requestLink((request_t *) request); +- fwdFail(httpState->fwd, err); +- httpState->fwd->flags.dont_retry = 1; +- comm_close(fd); +- return; +- } + if (httpState->reply_hdr_state == 2) { + http_status s = entry->mem_obj->reply->sline.status; + #if WIP_FWD_LOG + fwdStatus(httpState->fwd, s); + #endif +--- 683,711 ---- + } else { + if (httpState->reply_hdr_state < 2) { + httpProcessReplyHeader(httpState, buf, len); + if (httpState->reply_hdr_state == 2) { + http_status s = entry->mem_obj->reply->sline.status; ++ if (s == HTTP_HEADER_TOO_LARGE) { ++ ErrorState *err; ++ debug(11, 1) ("WARNING: %s:%d: HTTP header too large\n", __FILE__, __LINE__); ++ storeEntryReset(entry); ++ err = errorCon(ERR_TOO_BIG, HTTP_BAD_GATEWAY); ++ err->request = requestLink((request_t *) request); ++ fwdFail(httpState->fwd, err); ++ httpState->fwd->flags.dont_retry = 1; ++ comm_close(fd); ++ return; ++ } ++ if (s == HTTP_INVALID_HEADER && !(entry->mem_obj->reply->sline.version.major == 0 && entry->mem_obj->reply->sline.version.minor == 9)) { ++ ErrorState *err; ++ storeEntryReset(entry); ++ err = errorCon(ERR_INVALID_RESP, HTTP_BAD_GATEWAY); ++ err->request = requestLink((request_t *) request); ++ fwdFail(httpState->fwd, err); ++ httpState->fwd->flags.dont_retry = 1; ++ comm_close(fd); ++ return; ++ } + #if WIP_FWD_LOG + fwdStatus(httpState->fwd, s); + #endif +Index: squid/src/cf.data.pre +diff -c squid/src/cf.data.pre:1.245.2.77 squid/src/cf.data.pre:1.245.2.80 +*** squid/src/cf.data.pre:1.245.2.77 Fri Oct 8 11:41:10 2004 +--- squid/src/cf.data.pre Tue Jan 4 21:17:46 2005 +*************** +*** 4017,4020 **** +--- 4017,4036 ---- + until all the child processes have been started. + DOC_END + ++ NAME: relaxed_header_parser ++ COMMENT: on|off ++ TYPE: onoff ++ LOC: Config.onoff.relaxed_header_parser ++ DEFAULT: on ++ DOC_START ++ Set this to off if you want Squid to be strict about ++ the HTTP protocol syntax and reject non-compliant requests ++ or responses. ++ ++ In the default "on" setting Squid accepts certain forms ++ of non-compliant HTTP messages where it is unambigous ++ what the sending application indended even if the message ++ is not correctly formatted. The messages is then normalized ++ to the correct form when forwarded by Squid. ++ DOC_END + EOF +Index: squid/src/structs.h +diff -c squid/src/structs.h:1.408.2.31 squid/src/structs.h:1.408.2.33 +*** squid/src/structs.h:1.408.2.31 Sat Nov 6 08:24:51 2004 +--- squid/src/structs.h Tue Jan 4 02:50:17 2005 +*************** +*** 606,611 **** +--- 606,612 ---- + int request_entities; + int detect_broken_server_pconns; + int balance_on_multiple_ip; ++ int relaxed_header_parser; + } onoff; + acl *aclList; + struct { +Index: squid/src/enums.h +diff -c squid/src/enums.h:1.203.2.13 squid/src/enums.h:1.203.2.14 +*** squid/src/enums.h:1.203.2.13 Tue Oct 5 15:31:26 2004 +--- squid/src/enums.h Mon Jan 17 15:13:04 2005 +*************** +*** 93,98 **** +--- 93,99 ---- + ERR_ONLY_IF_CACHED_MISS, /* failure to satisfy only-if-cached request */ + ERR_TOO_BIG, + TCP_RESET, ++ ERR_INVALID_RESP, + ERR_MAX + } err_type; + +Index: squid/src/mime.c +diff -c squid/src/mime.c:1.102.2.3 squid/src/mime.c:1.102.2.4 +*** squid/src/mime.c:1.102.2.3 Sun Dec 14 06:33:47 2003 +--- squid/src/mime.c Fri Jan 21 17:56:14 2005 +*************** +*** 118,124 **** + headersEnd(const char *mime, size_t l) + { + size_t e = 0; +! int state = 0; + while (e < l && state < 3) { + switch (state) { + case 0: +--- 118,124 ---- + headersEnd(const char *mime, size_t l) + { + size_t e = 0; +! int state = 1; + while (e < l && state < 3) { + switch (state) { + case 0: +*************** +*** 134,142 **** + state = 0; + break; + case 2: +! if ('\r' == mime[e]) /* ignore repeated CR */ +! (void) 0; +! else if ('\n' == mime[e]) + state = 3; + else + state = 0; +--- 134,140 ---- + state = 0; + break; + case 2: +! if ('\n' == mime[e]) + state = 3; + else + state = 0; +Index: squid/errors/Bulgarian/ERR_INVALID_RESP +diff -c /dev/null squid/errors/Bulgarian/ERR_INVALID_RESP:1.1.2.1 +*** /dev/null Mon Jan 24 07:29:25 2005 +--- squid/errors/Bulgarian/ERR_INVALID_RESP Mon Jan 17 15:13:00 2005 +*************** +*** 0 **** +--- 1,29 ---- ++ ++ ++ ERROR: The requested URL could not be retrieved ++ ++ ++

ERROR

++

The requested URL could not be retrieved

++
++

++ While trying to process the request: ++ 

++ %R
++
++

++ The following error was encountered: ++

    ++
  • ++ ++ Invalid Response ++ ++
++ ++

++ The HTTP Response message received from the contacted server ++ could not be understood or was otherwise malformed. Please contact ++ the site operator. Your cache administrator may be able to provide ++ you with more details about the exact nature of the problem if needed. ++ ++

Your cache administrator is %w. +Index: squid/errors/Catalan/ERR_INVALID_RESP +diff -c /dev/null squid/errors/Catalan/ERR_INVALID_RESP:1.1.2.1 +*** /dev/null Mon Jan 24 07:29:25 2005 +--- squid/errors/Catalan/ERR_INVALID_RESP Mon Jan 17 15:13:00 2005 +*************** +*** 0 **** +--- 1,29 ---- ++ ++ ++ ERROR: The requested URL could not be retrieved ++ ++ ++

ERROR

++

The requested URL could not be retrieved

++
++

++ While trying to process the request: ++ 

++ %R
++
++

++ The following error was encountered: ++

    ++
  • ++ ++ Invalid Response ++ ++
++ ++

++ The HTTP Response message received from the contacted server ++ could not be understood or was otherwise malformed. Please contact ++ the site operator. Your cache administrator may be able to provide ++ you with more details about the exact nature of the problem if needed. ++ ++

Your cache administrator is %w. +Index: squid/errors/Czech/ERR_INVALID_RESP +diff -c /dev/null squid/errors/Czech/ERR_INVALID_RESP:1.1.2.1 +*** /dev/null Mon Jan 24 07:29:25 2005 +--- squid/errors/Czech/ERR_INVALID_RESP Mon Jan 17 15:13:00 2005 +*************** +*** 0 **** +--- 1,29 ---- ++ ++ ++ ERROR: The requested URL could not be retrieved ++ ++ ++

ERROR

++

The requested URL could not be retrieved

++
++

++ While trying to process the request: ++ 

++ %R
++
++

++ The following error was encountered: ++

    ++
  • ++ ++ Invalid Response ++ ++
++ ++

++ The HTTP Response message received from the contacted server ++ could not be understood or was otherwise malformed. Please contact ++ the site operator. Your cache administrator may be able to provide ++ you with more details about the exact nature of the problem if needed. ++ ++

Your cache administrator is %w. +Index: squid/errors/Danish/ERR_INVALID_RESP +diff -c /dev/null squid/errors/Danish/ERR_INVALID_RESP:1.1.2.1 +*** /dev/null Mon Jan 24 07:29:25 2005 +--- squid/errors/Danish/ERR_INVALID_RESP Mon Jan 17 15:13:00 2005 +*************** +*** 0 **** +--- 1,29 ---- ++ ++ ++ ERROR: The requested URL could not be retrieved ++ ++ ++

ERROR

++

The requested URL could not be retrieved

++
++

++ While trying to process the request: ++ 

++ %R
++
++

++ The following error was encountered: ++

    ++
  • ++ ++ Invalid Response ++ ++
++ ++

++ The HTTP Response message received from the contacted server ++ could not be understood or was otherwise malformed. Please contact ++ the site operator. Your cache administrator may be able to provide ++ you with more details about the exact nature of the problem if needed. ++ ++

Your cache administrator is %w. +Index: squid/errors/Dutch/ERR_INVALID_RESP +diff -c /dev/null squid/errors/Dutch/ERR_INVALID_RESP:1.1.2.1 +*** /dev/null Mon Jan 24 07:29:25 2005 +--- squid/errors/Dutch/ERR_INVALID_RESP Mon Jan 17 15:13:00 2005 +*************** +*** 0 **** +--- 1,29 ---- ++ ++ ++ ERROR: The requested URL could not be retrieved ++ ++ ++

ERROR

++

The requested URL could not be retrieved

++
++

++ While trying to process the request: ++ 

++ %R
++
++

++ The following error was encountered: ++

    ++
  • ++ ++ Invalid Response ++ ++
++ ++

++ The HTTP Response message received from the contacted server ++ could not be understood or was otherwise malformed. Please contact ++ the site operator. Your cache administrator may be able to provide ++ you with more details about the exact nature of the problem if needed. ++ ++

Your cache administrator is %w. +Index: squid/errors/English/ERR_INVALID_RESP +diff -c /dev/null squid/errors/English/ERR_INVALID_RESP:1.1.2.1 +*** /dev/null Mon Jan 24 07:29:25 2005 +--- squid/errors/English/ERR_INVALID_RESP Mon Jan 17 15:13:00 2005 +*************** +*** 0 **** +--- 1,29 ---- ++ ++ ++ ERROR: The requested URL could not be retrieved ++ ++ ++

ERROR

++

The requested URL could not be retrieved

++
++

++ While trying to process the request: ++ 

++ %R
++
++

++ The following error was encountered: ++

    ++
  • ++ ++ Invalid Response ++ ++
++ ++

++ The HTTP Response message received from the contacted server ++ could not be understood or was otherwise malformed. Please contact ++ the site operator. Your cache administrator may be able to provide ++ you with more details about the exact nature of the problem if needed. ++ ++

Your cache administrator is %w. +Index: squid/errors/Estonian/ERR_INVALID_RESP +diff -c /dev/null squid/errors/Estonian/ERR_INVALID_RESP:1.1.2.1 +*** /dev/null Mon Jan 24 07:29:25 2005 +--- squid/errors/Estonian/ERR_INVALID_RESP Mon Jan 17 15:13:00 2005 +*************** +*** 0 **** +--- 1,29 ---- ++ ++ ++ ERROR: The requested URL could not be retrieved ++ ++ ++

ERROR

++

The requested URL could not be retrieved

++
++

++ While trying to process the request: ++ 

++ %R
++
++

++ The following error was encountered: ++

    ++
  • ++ ++ Invalid Response ++ ++
++ ++

++ The HTTP Response message received from the contacted server ++ could not be understood or was otherwise malformed. Please contact ++ the site operator. Your cache administrator may be able to provide ++ you with more details about the exact nature of the problem if needed. ++ ++

Your cache administrator is %w. +Index: squid/errors/Finnish/ERR_INVALID_RESP +diff -c /dev/null squid/errors/Finnish/ERR_INVALID_RESP:1.1.2.1 +*** /dev/null Mon Jan 24 07:29:25 2005 +--- squid/errors/Finnish/ERR_INVALID_RESP Mon Jan 17 15:13:00 2005 +*************** +*** 0 **** +--- 1,29 ---- ++ ++ ++ ERROR: The requested URL could not be retrieved ++ ++ ++

ERROR

++

The requested URL could not be retrieved

++
++

++ While trying to process the request: ++ 

++ %R
++
++

++ The following error was encountered: ++

    ++
  • ++ ++ Invalid Response ++ ++
++ ++

++ The HTTP Response message received from the contacted server ++ could not be understood or was otherwise malformed. Please contact ++ the site operator. Your cache administrator may be able to provide ++ you with more details about the exact nature of the problem if needed. ++ ++

Your cache administrator is %w. +Index: squid/errors/French/ERR_INVALID_RESP +diff -c /dev/null squid/errors/French/ERR_INVALID_RESP:1.1.2.1 +*** /dev/null Mon Jan 24 07:29:25 2005 +--- squid/errors/French/ERR_INVALID_RESP Mon Jan 17 15:13:00 2005 +*************** +*** 0 **** +--- 1,29 ---- ++ ++ ++ ERROR: The requested URL could not be retrieved ++ ++ ++

ERROR

++

The requested URL could not be retrieved

++
++

++ While trying to process the request: ++ 

++ %R
++
++

++ The following error was encountered: ++

    ++
  • ++ ++ Invalid Response ++ ++
++ ++

++ The HTTP Response message received from the contacted server ++ could not be understood or was otherwise malformed. Please contact ++ the site operator. Your cache administrator may be able to provide ++ you with more details about the exact nature of the problem if needed. ++ ++

Your cache administrator is %w. +Index: squid/errors/German/ERR_INVALID_RESP +diff -c /dev/null squid/errors/German/ERR_INVALID_RESP:1.1.2.1 +*** /dev/null Mon Jan 24 07:29:25 2005 +--- squid/errors/German/ERR_INVALID_RESP Mon Jan 17 15:13:00 2005 +*************** +*** 0 **** +--- 1,29 ---- ++ ++ ++ ERROR: The requested URL could not be retrieved ++ ++ ++

ERROR

++

The requested URL could not be retrieved

++
++

++ While trying to process the request: ++ 

++ %R
++
++

++ The following error was encountered: ++

    ++
  • ++ ++ Invalid Response ++ ++
++ ++

++ The HTTP Response message received from the contacted server ++ could not be understood or was otherwise malformed. Please contact ++ the site operator. Your cache administrator may be able to provide ++ you with more details about the exact nature of the problem if needed. ++ ++

Your cache administrator is %w. +Index: squid/errors/Hebrew/ERR_INVALID_RESP +diff -c /dev/null squid/errors/Hebrew/ERR_INVALID_RESP:1.1.2.1 +*** /dev/null Mon Jan 24 07:29:25 2005 +--- squid/errors/Hebrew/ERR_INVALID_RESP Mon Jan 17 15:13:01 2005 +*************** +*** 0 **** +--- 1,29 ---- ++ ++ ++ ERROR: The requested URL could not be retrieved ++ ++ ++

ERROR

++

The requested URL could not be retrieved

++
++

++ While trying to process the request: ++ 

++ %R
++
++

++ The following error was encountered: ++

    ++
  • ++ ++ Invalid Response ++ ++
++ ++

++ The HTTP Response message received from the contacted server ++ could not be understood or was otherwise malformed. Please contact ++ the site operator. Your cache administrator may be able to provide ++ you with more details about the exact nature of the problem if needed. ++ ++

Your cache administrator is %w. +Index: squid/errors/Hungarian/ERR_INVALID_RESP +diff -c /dev/null squid/errors/Hungarian/ERR_INVALID_RESP:1.1.2.1 +*** /dev/null Mon Jan 24 07:29:25 2005 +--- squid/errors/Hungarian/ERR_INVALID_RESP Mon Jan 17 15:13:01 2005 +*************** +*** 0 **** +--- 1,29 ---- ++ ++ ++ ERROR: The requested URL could not be retrieved ++ ++ ++

ERROR

++

The requested URL could not be retrieved

++
++

++ While trying to process the request: ++ 

++ %R
++
++

++ The following error was encountered: ++

    ++
  • ++ ++ Invalid Response ++ ++
++ ++

++ The HTTP Response message received from the contacted server ++ could not be understood or was otherwise malformed. Please contact ++ the site operator. Your cache administrator may be able to provide ++ you with more details about the exact nature of the problem if needed. ++ ++

Your cache administrator is %w. +Index: squid/errors/Italian/ERR_INVALID_RESP +diff -c /dev/null squid/errors/Italian/ERR_INVALID_RESP:1.1.2.2 +*** /dev/null Mon Jan 24 07:29:25 2005 +--- squid/errors/Italian/ERR_INVALID_RESP Mon Jan 24 06:22:24 2005 +*************** +*** 0 **** +--- 1,29 ---- ++ ++ ++ ERRORE: La URL richiesta non può essere recuperata ++ ++ ++

ERRORE

++

La URL richiesta non può essere recuperata

++
++

++ Mentre si elaborava la richiesta: ++ 

++ %R
++
++

++ È avvenuto il seguente errore: ++

    ++
  • ++ ++ Risposta non valida ++ ++
++ ++

++ Il messaggio contenente la risposta HTTP ricevuto dal server che si sta ++ contattando non può essere interpretato od è stato in qualche modo alterato. ++ Si prega di contattare un operatore del sito. Se necessario, l'amministratore della vostra ++ cache potrà fornirvi maggiori dettagli sull'esatta natura del problema. ++ ++

L'amministratore della vostra cache è %w. +Index: squid/errors/Japanese/ERR_INVALID_RESP +diff -c /dev/null squid/errors/Japanese/ERR_INVALID_RESP:1.1.2.1 +*** /dev/null Mon Jan 24 07:29:25 2005 +--- squid/errors/Japanese/ERR_INVALID_RESP Mon Jan 17 15:13:02 2005 +*************** +*** 0 **** +--- 1,29 ---- ++ ++ ++ ERROR: The requested URL could not be retrieved ++ ++ ++

ERROR

++

The requested URL could not be retrieved

++
++

++ While trying to process the request: ++ 

++ %R
++
++

++ The following error was encountered: ++

    ++
  • ++ ++ Invalid Response ++ ++
++ ++

++ The HTTP Response message received from the contacted server ++ could not be understood or was otherwise malformed. Please contact ++ the site operator. Your cache administrator may be able to provide ++ you with more details about the exact nature of the problem if needed. ++ ++

Your cache administrator is %w. +Index: squid/errors/Russian-1251/ERR_INVALID_RESP +diff -c /dev/null squid/errors/Russian-1251/ERR_INVALID_RESP:1.1.2.1 +*** /dev/null Mon Jan 24 07:29:25 2005 +--- squid/errors/Russian-1251/ERR_INVALID_RESP Mon Jan 17 15:13:03 2005 +*************** +*** 0 **** +--- 1,29 ---- ++ ++ ++ ERROR: The requested URL could not be retrieved ++ ++ ++

ERROR

++

The requested URL could not be retrieved

++
++

++ While trying to process the request: ++ 

++ %R
++
++

++ The following error was encountered: ++

    ++
  • ++ ++ Invalid Response ++ ++
++ ++

++ The HTTP Response message received from the contacted server ++ could not be understood or was otherwise malformed. Please contact ++ the site operator. Your cache administrator may be able to provide ++ you with more details about the exact nature of the problem if needed. ++ ++

Your cache administrator is %w. +Index: squid/errors/Russian-koi8-r/ERR_INVALID_RESP +diff -c /dev/null squid/errors/Russian-koi8-r/ERR_INVALID_RESP:1.1.2.1 +*** /dev/null Mon Jan 24 07:29:25 2005 +--- squid/errors/Russian-koi8-r/ERR_INVALID_RESP Mon Jan 17 15:13:03 2005 +*************** +*** 0 **** +--- 1,29 ---- ++ ++ ++ ERROR: The requested URL could not be retrieved ++ ++ ++

ERROR

++

The requested URL could not be retrieved

++
++

++ While trying to process the request: ++ 

++ %R
++
++

++ The following error was encountered: ++

    ++
  • ++ ++ Invalid Response ++ ++
++ ++

++ The HTTP Response message received from the contacted server ++ could not be understood or was otherwise malformed. Please contact ++ the site operator. Your cache administrator may be able to provide ++ you with more details about the exact nature of the problem if needed. ++ ++

Your cache administrator is %w. +Index: squid/errors/Serbian/ERR_INVALID_RESP +diff -c /dev/null squid/errors/Serbian/ERR_INVALID_RESP:1.1.2.1 +*** /dev/null Mon Jan 24 07:29:25 2005 +--- squid/errors/Serbian/ERR_INVALID_RESP Mon Jan 17 15:13:03 2005 +*************** +*** 0 **** +--- 1,29 ---- ++ ++ ++ ERROR: The requested URL could not be retrieved ++ ++ ++

ERROR

++

The requested URL could not be retrieved

++
++

++ While trying to process the request: ++ 

++ %R
++
++

++ The following error was encountered: ++

    ++
  • ++ ++ Invalid Response ++ ++
++ ++

++ The HTTP Response message received from the contacted server ++ could not be understood or was otherwise malformed. Please contact ++ the site operator. Your cache administrator may be able to provide ++ you with more details about the exact nature of the problem if needed. ++ ++

Your cache administrator is %w. +Index: squid/errors/Simplify_Chinese/ERR_INVALID_RESP +diff -c /dev/null squid/errors/Simplify_Chinese/ERR_INVALID_RESP:1.1.2.1 +*** /dev/null Mon Jan 24 07:29:25 2005 +--- squid/errors/Simplify_Chinese/ERR_INVALID_RESP Mon Jan 17 15:13:04 2005 +*************** +*** 0 **** +--- 1,29 ---- ++ ++ ++ ERROR: The requested URL could not be retrieved ++ ++ ++

ERROR

++

The requested URL could not be retrieved

++
++

++ While trying to process the request: ++ 

++ %R
++
++

++ The following error was encountered: ++

    ++
  • ++ ++ Invalid Response ++ ++
++ ++

++ The HTTP Response message received from the contacted server ++ could not be understood or was otherwise malformed. Please contact ++ the site operator. Your cache administrator may be able to provide ++ you with more details about the exact nature of the problem if needed. ++ ++

Your cache administrator is %w. +Index: squid/errors/Slovak/ERR_INVALID_RESP +diff -c /dev/null squid/errors/Slovak/ERR_INVALID_RESP:1.1.2.1 +*** /dev/null Mon Jan 24 07:29:25 2005 +--- squid/errors/Slovak/ERR_INVALID_RESP Mon Jan 17 15:13:04 2005 +*************** +*** 0 **** +--- 1,29 ---- ++ ++ ++ ERROR: The requested URL could not be retrieved ++ ++ ++

ERROR

++

The requested URL could not be retrieved

++
++

++ While trying to process the request: ++ 

++ %R
++
++

++ The following error was encountered: ++

    ++
  • ++ ++ Invalid Response ++ ++
++ ++

++ The HTTP Response message received from the contacted server ++ could not be understood or was otherwise malformed. Please contact ++ the site operator. Your cache administrator may be able to provide ++ you with more details about the exact nature of the problem if needed. ++ ++

Your cache administrator is %w. +Index: squid/errors/Spanish/ERR_INVALID_RESP +diff -c /dev/null squid/errors/Spanish/ERR_INVALID_RESP:1.1.2.1 +*** /dev/null Mon Jan 24 07:29:25 2005 +--- squid/errors/Spanish/ERR_INVALID_RESP Mon Jan 17 15:13:04 2005 +*************** +*** 0 **** +--- 1,29 ---- ++ ++ ++ ERROR: The requested URL could not be retrieved ++ ++ ++

ERROR

++

The requested URL could not be retrieved

++
++

++ While trying to process the request: ++ 

++ %R
++
++

++ The following error was encountered: ++

    ++
  • ++ ++ Invalid Response ++ ++
++ ++

++ The HTTP Response message received from the contacted server ++ could not be understood or was otherwise malformed. Please contact ++ the site operator. Your cache administrator may be able to provide ++ you with more details about the exact nature of the problem if needed. ++ ++

Your cache administrator is %w. +Index: squid/errors/Swedish/ERR_INVALID_RESP +diff -c /dev/null squid/errors/Swedish/ERR_INVALID_RESP:1.1.2.2 +*** /dev/null Mon Jan 24 07:29:25 2005 +--- squid/errors/Swedish/ERR_INVALID_RESP Mon Jan 24 07:28:59 2005 +*************** +*** 0 **** +--- 1,30 ---- ++ ++ ++ Fel: Begärd URL kunde inte hämtas ++ ++ ++

FEL

++

Begärd URL kunde inte hämtas

++
++

++ Vid försöket att hämta URL: ++ %U ++

++ Mottogs följande fel: ++

    ++
  • ++ ++ Felaktigt svarsmeddelande ++ ++
++ ++

++ HTTP svarsmeddelandet ifrån den kontaktade servern är felaktigt och ++ kunde inte tolkas. Vänligen kontakta den ansvariga för webbservern ifråga. ++ Din cacheserver administratör man eventuellt ge dig mera information om ++ det specifika problemet med denna sida. ++

++ ++

Din cacheserver administratör är %w. ++

++ +Index: squid/errors/Traditional_Chinese/ERR_INVALID_RESP +diff -c /dev/null squid/errors/Traditional_Chinese/ERR_INVALID_RESP:1.1.2.1 +*** /dev/null Mon Jan 24 07:29:25 2005 +--- squid/errors/Traditional_Chinese/ERR_INVALID_RESP Mon Jan 17 15:13:04 2005 +*************** +*** 0 **** +--- 1,29 ---- ++ ++ ++ ERROR: The requested URL could not be retrieved ++ ++ ++

ERROR

++

The requested URL could not be retrieved

++
++

++ While trying to process the request: ++ 

++ %R
++
++

++ The following error was encountered: ++

    ++
  • ++ ++ Invalid Response ++ ++
++ ++

++ The HTTP Response message received from the contacted server ++ could not be understood or was otherwise malformed. Please contact ++ the site operator. Your cache administrator may be able to provide ++ you with more details about the exact nature of the problem if needed. ++ ++

Your cache administrator is %w. +Index: squid/errors/Turkish/ERR_INVALID_RESP +diff -c /dev/null squid/errors/Turkish/ERR_INVALID_RESP:1.1.2.1 +*** /dev/null Mon Jan 24 07:29:25 2005 +--- squid/errors/Turkish/ERR_INVALID_RESP Mon Jan 17 15:13:04 2005 +*************** +*** 0 **** +--- 1,29 ---- ++ ++ ++ ERROR: The requested URL could not be retrieved ++ ++ ++

ERROR

++

The requested URL could not be retrieved

++
++

++ While trying to process the request: ++ 

++ %R
++
++

++ The following error was encountered: ++

    ++
  • ++ ++ Invalid Response ++ ++
++ ++

++ The HTTP Response message received from the contacted server ++ could not be understood or was otherwise malformed. Please contact ++ the site operator. Your cache administrator may be able to provide ++ you with more details about the exact nature of the problem if needed. ++ ++

Your cache administrator is %w. diff --git a/squid-2.5.STABLE7-ldap_spaces.patch b/squid-2.5.STABLE7-ldap_spaces.patch new file mode 100644 index 0000000..7e965b2 --- /dev/null +++ b/squid-2.5.STABLE7-ldap_spaces.patch @@ -0,0 +1,75 @@ +Index: squid/helpers/basic_auth/LDAP/squid_ldap_auth.c +diff -c squid/helpers/basic_auth/LDAP/squid_ldap_auth.c:1.21.2.14 squid/helpers/basic_auth/LDAP/squid_ldap_auth.c:1.21.2.15 +*** squid/helpers/basic_auth/LDAP/squid_ldap_auth.c:1.21.2.14 Tue Aug 10 03:39:29 2004 +--- squid/helpers/basic_auth/LDAP/squid_ldap_auth.c Sun Jan 16 21:24:14 2005 +*************** +*** 30,35 **** +--- 30,39 ---- + * or (at your option) any later version. + * + * Changes: ++ * 2005-01-07: Henrik Nordstrom ++ * - Added some sanity checks on login names to avoid ++ * users bypassing equality checks by exploring the ++ * overly helpful match capabilities of LDAP + * 2004-07-17: Henrik Nordstrom + * - Corrected non-persistent mode to only issue one + * ldap_bind per connection. +*************** +*** 83,88 **** +--- 87,93 ---- + #include + #include + #include ++ #include + + #include "util.h" + +*************** +*** 261,266 **** +--- 266,297 ---- + return ld; + } + ++ /* Make a sanity check on the username to reject oddly typed names */ ++ static int ++ validUsername(const char *user) ++ { ++ const unsigned char *p = user; ++ ++ /* Leading whitespace? */ ++ if (isspace(p[0])) ++ return 0; ++ while(p[0] && p[1]) { ++ if (isspace(p[0])) { ++ /* More than one consequitive space? */ ++ if (isspace(p[1])) ++ return 0; ++ /* or odd space type character used? */ ++ if (p[0] != ' ') ++ return 0; ++ } ++ p++; ++ } ++ /* Trailing whitespace? */ ++ if (isspace(p[0])) ++ return 0; ++ return 1; ++ } ++ + int + main(int argc, char **argv) + { +*************** +*** 481,486 **** +--- 512,521 ---- + } + rfc1738_unescape(user); + rfc1738_unescape(passwd); ++ if (!validUsername(user)) { ++ printf("ERR\n"); ++ continue; ++ } + tryagain = (ld != NULL); + recover: + if (ld == NULL && persistent) diff --git a/squid-2.5.STABLE7-non_blocking_disk.patch b/squid-2.5.STABLE7-non_blocking_disk.patch new file mode 100644 index 0000000..cf4ca44 --- /dev/null +++ b/squid-2.5.STABLE7-non_blocking_disk.patch @@ -0,0 +1,14 @@ +Index: squid/src/disk.c +diff -c squid/src/disk.c:1.157.2.1 squid/src/disk.c:1.157.2.2 +*** squid/src/disk.c:1.157.2.1 Thu Aug 8 14:17:39 2002 +--- squid/src/disk.c Sat Nov 6 14:37:12 2004 +*************** +*** 62,68 **** + int fd; + if (FILE_MODE(mode) == O_WRONLY) + mode |= O_APPEND; +- mode |= SQUID_NONBLOCK; + errno = 0; + fd = open(path, mode, 0644); + statCounter.syscalls.disk.opens++; +--- 62,67 ---- diff --git a/squid-2.5.STABLE7-ntlm_segfault.patch b/squid-2.5.STABLE7-ntlm_segfault.patch new file mode 100644 index 0000000..60661cd --- /dev/null +++ b/squid-2.5.STABLE7-ntlm_segfault.patch @@ -0,0 +1,48 @@ +Index: squid/src/auth/ntlm/auth_ntlm.c +diff -c squid/src/auth/ntlm/auth_ntlm.c:1.17.2.20 squid/src/auth/ntlm/auth_ntlm.c:1.17.2.21 +*** squid/src/auth/ntlm/auth_ntlm.c:1.17.2.20 Tue Dec 7 16:52:42 2004 +--- squid/src/auth/ntlm/auth_ntlm.c Thu Feb 3 16:22:12 2005 +*************** +*** 492,497 **** +--- 492,501 ---- + auth_user_request = r->auth_user_request; + ntlm_request = auth_user_request->scheme_data; + assert(ntlm_request != NULL); ++ if (!ntlm_request->authserver) ++ ntlm_request->authserver = srv; ++ else ++ assert(ntlm_request->authserver == srv); + + /* seperate out the useful data */ + if (strncasecmp(reply, "TT ", 3) == 0) { +*************** +*** 507,513 **** + /* and we satisfy the request that happended on the refresh boundary */ + /* note this code is now in two places FIXME */ + assert(ntlm_request->auth_state == AUTHENTICATE_STATE_NEGOTIATE); +- ntlm_request->authserver = srv; + ntlm_request->authchallenge = xstrdup(reply); + helperstate->challengeuses = 1; + } else if (strncasecmp(reply, "AF ", 3) == 0) { +--- 511,516 ---- +*************** +*** 537,543 **** + /* we only expect LD when finishing the handshake */ + assert(ntlm_request->auth_state == AUTHENTICATE_STATE_RESPONSE); + ntlm_user->username = xstrdup(reply); +- helperstate = helperStatefulServerGetData(ntlm_request->authserver); + /* BH code: mark helper as broken */ + authenticateNTLMResetServer(ntlm_request); + debug(29, 4) ("authenticateNTLMHandleReply: Error validating user via NTLM. Error returned '%s'\n", reply); +--- 540,545 ---- +*************** +*** 561,568 **** + ntlm_user = auth_user->scheme_data; + ntlm_request = auth_user_request->scheme_data; + assert((ntlm_user != NULL) && (ntlm_request != NULL)); +- assert(!ntlm_request->authserver || ntlm_request->authserver == srv); +- helperstate = helperStatefulServerGetData(ntlm_request->authserver); + authenticateNTLMResetServer(ntlm_request); + if (ntlm_request->auth_state == AUTHENTICATE_STATE_NEGOTIATE) { + /* The helper broke on YR. It automatically +--- 563,568 ---- diff --git a/squid-2.5.STABLE7-oversize_reply_headers.patch b/squid-2.5.STABLE7-oversize_reply_headers.patch new file mode 100644 index 0000000..7e4b870 --- /dev/null +++ b/squid-2.5.STABLE7-oversize_reply_headers.patch @@ -0,0 +1,89 @@ +Index: squid/src/http.c +diff -c squid/src/http.c:1.384.2.25 squid/src/http.c:1.384.2.26 +*** squid/src/http.c:1.384.2.25 Fri Jan 21 05:39:37 2005 +--- squid/src/http.c Mon Jan 31 15:44:18 2005 +*************** +*** 401,407 **** + size_t hdr_len; + size_t hdr_size = headersEnd(buf, size); + HttpReply *reply = entry->mem_obj->reply; +! Ctx ctx; + debug(11, 3) ("httpProcessReplyHeader: key '%s'\n", + storeKeyText(entry->hash.key)); + if (memBufIsNull(&httpState->reply_hdr)) +--- 401,407 ---- + size_t hdr_len; + size_t hdr_size = headersEnd(buf, size); + HttpReply *reply = entry->mem_obj->reply; +! Ctx ctx = ctx_enter(entry->mem_obj->url); + debug(11, 3) ("httpProcessReplyHeader: key '%s'\n", + storeKeyText(entry->hash.key)); + if (memBufIsNull(&httpState->reply_hdr)) +*************** +*** 418,423 **** +--- 418,424 ---- + memBufClean(&httpState->reply_hdr); + httpBuildVersion(&reply->sline.version, 0, 9); + reply->sline.status = HTTP_INVALID_HEADER; ++ ctx_exit(ctx); + return; + } + if (hdr_size != hdr_len) +*************** +*** 429,449 **** + if (!memBufIsNull(&httpState->reply_hdr)) + memBufClean(&httpState->reply_hdr); + reply->sline.status = HTTP_HEADER_TOO_LARGE; + return; + } + /* headers can be incomplete only if object still arriving */ + if (!hdr_size) { + if (httpState->eof) + hdr_size = hdr_len; +! else + return; /* headers not complete */ + } + /* Cut away any excess body data (only needed for debug?) */ + memBufAppend(&httpState->reply_hdr, "\0", 1); + httpState->reply_hdr.buf[hdr_size] = '\0'; + httpState->reply_hdr_state++; + assert(httpState->reply_hdr_state == 1); +- ctx = ctx_enter(entry->mem_obj->url); + httpState->reply_hdr_state++; + debug(11, 9) ("GOT HTTP REPLY HDR:\n---------\n%s\n----------\n", + httpState->reply_hdr.buf); +--- 430,453 ---- + if (!memBufIsNull(&httpState->reply_hdr)) + memBufClean(&httpState->reply_hdr); + reply->sline.status = HTTP_HEADER_TOO_LARGE; ++ httpState->reply_hdr_state += 2; ++ ctx_exit(ctx); + return; + } + /* headers can be incomplete only if object still arriving */ + if (!hdr_size) { + if (httpState->eof) + hdr_size = hdr_len; +! else { +! ctx_exit(ctx); + return; /* headers not complete */ ++ } + } + /* Cut away any excess body data (only needed for debug?) */ + memBufAppend(&httpState->reply_hdr, "\0", 1); + httpState->reply_hdr.buf[hdr_size] = '\0'; + httpState->reply_hdr_state++; + assert(httpState->reply_hdr_state == 1); + httpState->reply_hdr_state++; + debug(11, 9) ("GOT HTTP REPLY HDR:\n---------\n%s\n----------\n", + httpState->reply_hdr.buf); +*************** +*** 453,458 **** +--- 457,463 ---- + if (reply->sline.status >= HTTP_INVALID_HEADER) { + debug(11, 3) ("httpProcessReplyHeader: Non-HTTP-compliant header: '%s'\n", httpState->reply_hdr.buf); + memBufClean(&httpState->reply_hdr); ++ ctx_exit(ctx); + return; + } + storeTimestampsSet(entry); diff --git a/squid-2.5.STABLE7-post.patch b/squid-2.5.STABLE7-post.patch new file mode 100644 index 0000000..a8a4ad2 --- /dev/null +++ b/squid-2.5.STABLE7-post.patch @@ -0,0 +1,92 @@ +Index: squid/src/client_side.c +diff -c squid/src/client_side.c:1.561.2.69 squid/src/client_side.c:1.561.2.70 +*** squid/src/client_side.c:1.561.2.69 Fri Jan 21 04:53:42 2005 +--- squid/src/client_side.c Thu Feb 3 17:10:09 2005 +*************** +*** 933,941 **** + authenticateAuthUserRequestUnlock(connState->auth_user_request); + connState->auth_user_request = NULL; + authenticateOnCloseConnection(connState); +! if (connState->in.size == CLIENT_REQ_BUF_SZ) + memFree(connState->in.buf, MEM_CLIENT_REQ_BUF); +! else + safe_free(connState->in.buf); + /* XXX account connState->in.buf */ + pconnHistCount(0, connState->nrequests); +--- 933,942 ---- + authenticateAuthUserRequestUnlock(connState->auth_user_request); + connState->auth_user_request = NULL; + authenticateOnCloseConnection(connState); +! if (connState->in.size == CLIENT_REQ_BUF_SZ) { + memFree(connState->in.buf, MEM_CLIENT_REQ_BUF); +! connState->in.buf = NULL; +! } else + safe_free(connState->in.buf); + /* XXX account connState->in.buf */ + pconnHistCount(0, connState->nrequests); +*************** +*** 3003,3011 **** + } + /* Continue to process previously read data */ + } + /* Process request body if any */ +! if (conn->in.offset > 0 && conn->body.callback != NULL) + clientProcessBody(conn); + /* Process next request */ + while (conn->in.offset > 0 && conn->body.size_left == 0) { + int nrequests; +--- 3004,3018 ---- + } + /* Continue to process previously read data */ + } ++ cbdataLock(conn); /* clientProcessBody might pull the connection under our feets */ + /* Process request body if any */ +! if (conn->in.offset > 0 && conn->body.callback != NULL) { + clientProcessBody(conn); ++ if (!cbdataValid(conn)) { ++ cbdataUnlock(conn); ++ return; ++ } ++ } + /* Process next request */ + while (conn->in.offset > 0 && conn->body.size_left == 0) { + int nrequests; +*************** +*** 3175,3181 **** + break; + } else { + clientAccessCheck(http); +- continue; /* while offset > 0 && body.size_left == 0 */ + } + } else if (parser_return_code == 0) { + /* +--- 3182,3187 ---- +*************** +*** 3195,3205 **** + *H = http; + http->entry = clientCreateStoreEntry(http, METHOD_NONE, null_request_flags); + errorAppendEntry(http->entry, err); +- return; + } + break; + } + } /* while offset > 0 && conn->body.size_left == 0 */ + /* Check if a half-closed connection was aborted in the middle */ + if (F->flags.socket_eof) { + if (conn->in.offset != conn->body.size_left) { /* != 0 when no request body */ +--- 3201,3215 ---- + *H = http; + http->entry = clientCreateStoreEntry(http, METHOD_NONE, null_request_flags); + errorAppendEntry(http->entry, err); + } + break; + } ++ if (!cbdataValid(conn)) { ++ cbdataUnlock(conn); ++ return; ++ } + } /* while offset > 0 && conn->body.size_left == 0 */ ++ cbdataUnlock(conn); + /* Check if a half-closed connection was aborted in the middle */ + if (F->flags.socket_eof) { + if (conn->in.offset != conn->body.size_left) { /* != 0 when no request body */ diff --git a/squid-2.5.STABLE7-response_splitting.patch b/squid-2.5.STABLE7-response_splitting.patch new file mode 100644 index 0000000..edac14d --- /dev/null +++ b/squid-2.5.STABLE7-response_splitting.patch @@ -0,0 +1,284 @@ +Index: squid/src/http.c +diff -c squid/src/http.c:1.384.2.23 squid/src/http.c:1.384.2.25 +*** squid/src/http.c:1.384.2.23 Thu Jan 20 16:27:07 2005 +--- squid/src/http.c Fri Jan 21 05:39:37 2005 +*************** +*** 529,568 **** + HttpReply *reply = mem->reply; + int clen; + debug(11, 3) ("httpPconnTransferDone: FD %d\n", httpState->fd); +- /* +- * If we didn't send a keep-alive request header, then this +- * can not be a persistent connection. +- */ +- if (!httpState->flags.keepalive) +- return 0; +- /* +- * What does the reply have to say about keep-alive? +- */ +- /* +- * XXX BUG? +- * If the origin server (HTTP/1.0) does not send a keep-alive +- * header, but keeps the connection open anyway, what happens? +- * We'll return here and http.c waits for an EOF before changing +- * store_status to STORE_OK. Combine this with ENTRY_FWD_HDR_WAIT +- * and an error status code, and we might have to wait until +- * the server times out the socket. +- */ +- if (!reply->keep_alive) +- return 0; + debug(11, 5) ("httpPconnTransferDone: content_length=%d\n", + reply->content_length); + /* If we haven't seen the end of reply headers, we are not done */ + if (httpState->reply_hdr_state < 2) + return 0; + clen = httpReplyBodySize(httpState->request->method, reply); +- /* If there is no message body, we can be persistent */ +- if (0 == clen) +- return 1; + /* If the body size is unknown we must wait for EOF */ + if (clen < 0) + return 0; + /* If the body size is known, we must wait until we've gotten all of it. */ +! if (mem->inmem_hi < reply->content_length + reply->hdr_sz) + return 0; + /* We got it all */ + return 1; +--- 529,551 ---- + HttpReply *reply = mem->reply; + int clen; + debug(11, 3) ("httpPconnTransferDone: FD %d\n", httpState->fd); + debug(11, 5) ("httpPconnTransferDone: content_length=%d\n", + reply->content_length); + /* If we haven't seen the end of reply headers, we are not done */ + if (httpState->reply_hdr_state < 2) + return 0; + clen = httpReplyBodySize(httpState->request->method, reply); + /* If the body size is unknown we must wait for EOF */ + if (clen < 0) + return 0; ++ /* Barf if we got more than we asked for */ ++ if (mem->inmem_hi > clen + reply->hdr_sz) ++ return -1; ++ /* If there is no message body, we can be persistent */ ++ if (0 == clen) ++ return 1; + /* If the body size is known, we must wait until we've gotten all of it. */ +! if (mem->inmem_hi < clen + reply->hdr_sz) + return 0; + /* We got it all */ + return 1; +*************** +*** 724,745 **** + * in that case, the server FD should already be closed. + * there's nothing for us to do. + */ +! (void) 0; +! } else if (httpPconnTransferDone(httpState)) { +! /* yes we have to clear all these! */ +! commSetDefer(fd, NULL, NULL); +! commSetTimeout(fd, -1, NULL, NULL); +! commSetSelect(fd, COMM_SELECT_READ, NULL, NULL, 0); + #if DELAY_POOLS +! delayClearNoDelay(fd); + #endif +! comm_remove_close_handler(fd, httpStateFree, httpState); +! fwdUnregister(fd, httpState->fwd); +! pconnPush(fd, request->host, request->port); +! fwdComplete(httpState->fwd); +! httpState->fd = -1; +! httpStateFree(fd, httpState); +! } else { + /* Wait for more data or EOF condition */ + if (httpState->flags.keepalive_broken) { + commSetTimeout(fd, 10, NULL, NULL); +--- 707,766 ---- + * in that case, the server FD should already be closed. + * there's nothing for us to do. + */ +! return; +! } +! switch (httpPconnTransferDone(httpState)) { +! case 1: +! { +! int keep_alive = 1; +! /* +! * If we didn't send a keep-alive request header, then this +! * can not be a persistent connection. +! */ +! if (!httpState->flags.keepalive) +! keep_alive = 0; +! /* +! * What does the reply have to say about keep-alive? +! */ +! if (!entry->mem_obj->reply->keep_alive) +! keep_alive = 0; +! /* +! * Verify that the connection is clean +! */ +! if (len == read_sz) { +! statCounter.syscalls.sock.reads++; +! len = FD_READ_METHOD(fd, buf, SQUID_TCP_SO_RCVBUF); +! if ((len < 0 && !ignoreErrno(errno)) || len == 0) { +! keep_alive = 0; +! } else if (len > 0) { +! debug(11, 1) ("httpReadReply: Excess data from \"%s %s\"\n", +! RequestMethodStr[httpState->orig_request->method], +! storeUrl(entry)); +! storeAppend(entry, buf, len); +! keep_alive = 0; +! } +! } +! if (keep_alive) { +! /* yes we have to clear all these! */ +! commSetDefer(fd, NULL, NULL); +! commSetTimeout(fd, -1, NULL, NULL); +! commSetSelect(fd, COMM_SELECT_READ, NULL, NULL, 0); + #if DELAY_POOLS +! delayClearNoDelay(fd); + #endif +! comm_remove_close_handler(fd, httpStateFree, httpState); +! fwdUnregister(fd, httpState->fwd); +! pconnPush(fd, request->host, request->port); +! fwdComplete(httpState->fwd); +! httpState->fd = -1; +! httpStateFree(fd, httpState); +! } else { +! fwdComplete(httpState->fwd); +! comm_close(fd); +! } +! } +! return; +! case 0: + /* Wait for more data or EOF condition */ + if (httpState->flags.keepalive_broken) { + commSetTimeout(fd, 10, NULL, NULL); +*************** +*** 747,752 **** +--- 768,785 ---- + commSetTimeout(fd, Config.Timeout.read, NULL, NULL); + } + commSetSelect(fd, COMM_SELECT_READ, httpReadReply, httpState, 0); ++ return; ++ case -1: ++ /* Server is nasty on us. Shut down */ ++ debug(11, 1) ("httpReadReply: Excess data from \"%s %s\"\n", ++ RequestMethodStr[httpState->orig_request->method], ++ storeUrl(entry)); ++ fwdComplete(httpState->fwd); ++ comm_close(fd); ++ return; ++ default: ++ fatal("Unexpected httpPconnTransferDone() status\n"); ++ break; + } + } + } +Index: squid/src/store.c +diff -c squid/src/store.c:1.544.2.6 squid/src/store.c:1.544.2.7 +*** squid/src/store.c:1.544.2.6 Mon May 31 15:28:30 2004 +--- squid/src/store.c Fri Jan 21 04:57:38 2005 +*************** +*** 940,945 **** +--- 940,946 ---- + storeEntryValidLength(const StoreEntry * e) + { + int diff; ++ int clen; + const HttpReply *reply; + assert(e->mem_obj != NULL); + reply = e->mem_obj->reply; +*************** +*** 948,978 **** + objectLen(e)); + debug(20, 5) ("storeEntryValidLength: hdr_sz = %d\n", + reply->hdr_sz); + debug(20, 5) ("storeEntryValidLength: content_length = %d\n", +! reply->content_length); +! if (reply->content_length < 0) { + debug(20, 5) ("storeEntryValidLength: Unspecified content length: %s\n", + storeKeyText(e->hash.key)); + return 1; + } +! if (reply->hdr_sz == 0) { +! debug(20, 5) ("storeEntryValidLength: Zero header size: %s\n", +! storeKeyText(e->hash.key)); +! return 1; +! } +! if (e->mem_obj->method == METHOD_HEAD) { +! debug(20, 5) ("storeEntryValidLength: HEAD request: %s\n", +! storeKeyText(e->hash.key)); +! return 1; +! } +! if (reply->sline.status == HTTP_NOT_MODIFIED) +! return 1; +! if (reply->sline.status == HTTP_NO_CONTENT) +! return 1; +! diff = reply->hdr_sz + reply->content_length - objectLen(e); + if (diff == 0) + return 1; +! debug(20, 3) ("storeEntryValidLength: %d bytes too %s; '%s'\n", + diff < 0 ? -diff : diff, + diff < 0 ? "big" : "small", + storeKeyText(e->hash.key)); +--- 949,966 ---- + objectLen(e)); + debug(20, 5) ("storeEntryValidLength: hdr_sz = %d\n", + reply->hdr_sz); ++ clen = httpReplyBodySize(e->mem_obj->method, reply); + debug(20, 5) ("storeEntryValidLength: content_length = %d\n", +! clen); +! if (clen < 0) { + debug(20, 5) ("storeEntryValidLength: Unspecified content length: %s\n", + storeKeyText(e->hash.key)); + return 1; + } +! diff = reply->hdr_sz + clen - objectLen(e); + if (diff == 0) + return 1; +! debug(20, 2) ("storeEntryValidLength: %d bytes too %s; '%s'\n", + diff < 0 ? -diff : diff, + diff < 0 ? "big" : "small", + storeKeyText(e->hash.key)); +Index: squid/src/HttpReply.c +diff -c squid/src/HttpReply.c:1.49.2.3 squid/src/HttpReply.c:1.49.2.4 +*** squid/src/HttpReply.c:1.49.2.3 Sun Nov 7 08:26:59 2004 +--- squid/src/HttpReply.c Fri Jan 21 05:22:59 2005 +*************** +*** 450,456 **** + * Returns the body size of a HTTP response + */ + int +! httpReplyBodySize(method_t method, HttpReply * reply) + { + if (reply->sline.version.major < 1) + return -1; +--- 450,456 ---- + * Returns the body size of a HTTP response + */ + int +! httpReplyBodySize(method_t method, const HttpReply * reply) + { + if (reply->sline.version.major < 1) + return -1; +Index: squid/src/protos.h +diff -c squid/src/protos.h:1.420.2.25 squid/src/protos.h:1.420.2.26 +*** squid/src/protos.h:1.420.2.25 Tue Oct 5 16:34:42 2004 +--- squid/src/protos.h Fri Jan 21 05:22:59 2005 +*************** +*** 504,510 **** + extern time_t httpReplyExpires(const HttpReply * rep); + extern int httpReplyHasCc(const HttpReply * rep, http_hdr_cc_type type); + extern void httpRedirectReply(HttpReply *, http_status, const char *); +! extern int httpReplyBodySize(method_t, HttpReply *); + + /* Http Request */ + extern request_t *requestCreate(method_t, protocol_t, const char *urlpath); +--- 504,510 ---- + extern time_t httpReplyExpires(const HttpReply * rep); + extern int httpReplyHasCc(const HttpReply * rep, http_hdr_cc_type type); + extern void httpRedirectReply(HttpReply *, http_status, const char *); +! extern int httpReplyBodySize(method_t, const HttpReply *); + + /* Http Request */ + extern request_t *requestCreate(method_t, protocol_t, const char *urlpath); diff --git a/squid-2.5.STABLE7-wccp_buffer_overflow.patch b/squid-2.5.STABLE7-wccp_buffer_overflow.patch new file mode 100644 index 0000000..b5a5acb --- /dev/null +++ b/squid-2.5.STABLE7-wccp_buffer_overflow.patch @@ -0,0 +1,21 @@ +Index: squid/src/wccp.c +diff -c squid/src/wccp.c:1.19.2.6 squid/src/wccp.c:1.19.2.7 +*** squid/src/wccp.c:1.19.2.6 Tue Jan 11 23:07:12 2005 +--- squid/src/wccp.c Fri Jan 28 15:50:19 2005 +*************** +*** 225,231 **** + + len = recvfrom(sock, + (void *) &wccp_i_see_you, +! WCCP_RESPONSE_SIZE, + 0, + (struct sockaddr *) &from, + &from_len); +--- 225,231 ---- + + len = recvfrom(sock, + (void *) &wccp_i_see_you, +! sizeof(wccp_i_see_you), + 0, + (struct sockaddr *) &from, + &from_len); diff --git a/squid-2.5.STABLE7-wccp_denial_of_service.patch b/squid-2.5.STABLE7-wccp_denial_of_service.patch new file mode 100644 index 0000000..27eecc9 --- /dev/null +++ b/squid-2.5.STABLE7-wccp_denial_of_service.patch @@ -0,0 +1,56 @@ +Index: squid/src/wccp.c +diff -c squid/src/wccp.c:1.19.2.5 squid/src/wccp.c:1.19.2.6 +*** squid/src/wccp.c:1.19.2.5 Thu Oct 24 12:51:14 2002 +--- squid/src/wccp.c Tue Jan 11 23:07:12 2005 +*************** +*** 245,250 **** +--- 245,260 ---- + return; + if (ntohl(wccp_i_see_you.type) != WCCP_I_SEE_YOU) + return; ++ if (ntohl(wccp_i_see_you.number) > WCCP_ACTIVE_CACHES) { ++ debug(80, 1) ("Ignoring WCCP_I_SEE_YOU from %s with number of caches set to %d\n", ++ inet_ntoa(from.sin_addr), (int) ntohl(wccp_i_see_you.number)); ++ return; ++ } ++ if (ntohl(wccp_i_see_you.number) <= 0) { ++ debug(80, 1) ("Ignoring WCCP_I_SEE_YOU from %s with non-positive number of caches\n", ++ inet_ntoa(from.sin_addr)); ++ return; ++ } + if ((0 == change) && (number_caches == ntohl(wccp_i_see_you.number))) { + if (last_assign_buckets_change == wccp_i_see_you.change) { + /* +*************** +*** 274,280 **** +--- 284,294 ---- + wccpLowestIP(void) + { + int loop; ++ /* ++ * We sanity checked wccp_i_see_you.number back in wccpHandleUdp() ++ */ + for (loop = 0; loop < ntohl(wccp_i_see_you.number); loop++) { ++ assert(loop < WCCP_ACTIVE_CACHES); + if (wccp_i_see_you.wccp_cache_entry[loop].ip_addr.s_addr < local_ip.s_addr) + return 0; + } +*************** +*** 311,318 **** + + debug(80, 6) ("wccpAssignBuckets: Called\n"); + number_caches = ntohl(wccp_i_see_you.number); +! if (number_caches > WCCP_ACTIVE_CACHES) +! number_caches = WCCP_ACTIVE_CACHES; + wab_len = sizeof(struct wccp_assign_bucket_t); + cache_len = WCCP_CACHE_LEN * number_caches; + +--- 325,332 ---- + + debug(80, 6) ("wccpAssignBuckets: Called\n"); + number_caches = ntohl(wccp_i_see_you.number); +! assert(number_caches > 0); +! assert(number_caches <= WCCP_ACTIVE_CACHES); + wab_len = sizeof(struct wccp_assign_bucket_t); + cache_len = WCCP_CACHE_LEN * number_caches; + diff --git a/squid-2.5.STABLE7_req_resp_header.patch b/squid-2.5.STABLE7_req_resp_header.patch new file mode 100644 index 0000000..2dd14cb --- /dev/null +++ b/squid-2.5.STABLE7_req_resp_header.patch @@ -0,0 +1,56 @@ +Index: squid/src/acl.c +diff -c squid/src/acl.c:1.270.2.29 squid/src/acl.c:1.270.2.30 +*** squid/src/acl.c:1.270.2.29 Sat Sep 25 05:56:16 2004 +--- squid/src/acl.c Wed Oct 20 17:18:36 2004 +*************** +*** 643,649 **** + q = xcalloc(1, sizeof(acl_hdr_data)); + q->hdr_name = xstrdup(t); + q->hdr_id = httpHeaderIdByNameDef(t, strlen(t)); +! aclParseRegexList(q->reglist); + if (!q->reglist) { + debug(28, 0) ("%s line %d: %s\n", cfg_filename, config_lineno, config_input_line); + debug(28, 0) ("aclParseHeader: No pattern defined '%s'\n", t); +--- 643,649 ---- + q = xcalloc(1, sizeof(acl_hdr_data)); + q->hdr_name = xstrdup(t); + q->hdr_id = httpHeaderIdByNameDef(t, strlen(t)); +! aclParseRegexList(&q->reglist); + if (!q->reglist) { + debug(28, 0) ("%s line %d: %s\n", cfg_filename, config_lineno, config_input_line); + debug(28, 0) ("aclParseHeader: No pattern defined '%s'\n", t); +*************** +*** 693,705 **** + aclDumpHeader(acl_hdr_data * hd) + { + wordlist *W = NULL; +! relist *data = hd->reglist; +! wordlistAdd(&W, httpHeaderNameById(hd->hdr_id)); +! while (data != NULL) { +! wordlistAdd(&W, data->pattern); +! data = data->next; + } +! return aclDumpRegexList(hd->reglist); + } + + #if SQUID_SNMP +--- 693,711 ---- + aclDumpHeader(acl_hdr_data * hd) + { + wordlist *W = NULL; +! while (hd) { +! MemBuf mb; +! relist *data; +! memBufDefInit(&mb); +! memBufPrintf(&mb, "%s", hd->hdr_name); +! for (data = hd->reglist; data; data = data->next) { +! memBufPrintf(&mb, " %s", data->pattern); +! } +! wordlistAdd(&W, mb.buf); +! memBufClean(&mb); +! hd = hd->next; + } +! return W; + } + + #if SQUID_SNMP diff --git a/squid-2.5.STABLE9-acl_error.patch b/squid-2.5.STABLE9-acl_error.patch new file mode 100644 index 0000000..d95b349 --- /dev/null +++ b/squid-2.5.STABLE9-acl_error.patch @@ -0,0 +1,272 @@ +Index: squid/src/acl.c +diff -c squid/src/acl.c:1.270.2.34 squid/src/acl.c:1.270.2.35 +*** squid/src/acl.c:1.270.2.34 Sun Feb 20 12:07:45 2005 +--- squid/src/acl.c Fri Mar 4 09:22:16 2005 +*************** +*** 361,367 **** + case 4: /* a dotted quad */ + if (!safe_inet_addr(asc, addr)) { + debug(28, 0) ("decode_addr: unsafe IP address: '%s'\n", asc); +! fatal("decode_addr: unsafe IP address"); + } + break; + case 1: /* a significant bits value for a mask */ +--- 361,367 ---- + case 4: /* a dotted quad */ + if (!safe_inet_addr(asc, addr)) { + debug(28, 0) ("decode_addr: unsafe IP address: '%s'\n", asc); +! self_destruct(); + } + break; + case 1: /* a significant bits value for a mask */ +*************** +*** 557,565 **** + } else { + /* assume its time-of-day spec */ + if (sscanf(t, "%d:%d-%d:%d", &h1, &m1, &h2, &m2) < 4) { +! fatalf("aclParseTimeSpec: ERROR: Bad time range in" + "%s line %d: %s\n", + cfg_filename, config_lineno, config_input_line); + } + q = memAllocate(MEM_ACL_TIME_DATA); + q->start = h1 * 60 + m1; +--- 557,566 ---- + } else { + /* assume its time-of-day spec */ + if (sscanf(t, "%d:%d-%d:%d", &h1, &m1, &h2, &m2) < 4) { +! debug(28, 0) ("aclParseTimeSpec: ERROR: Bad time range in" + "%s line %d: %s\n", + cfg_filename, config_lineno, config_input_line); ++ self_destruct(); + } + q = memAllocate(MEM_ACL_TIME_DATA); + q->start = h1 * 60 + m1; +*************** +*** 567,575 **** + q->weekbits = weekbits; + weekbits = 0; + if (q->start > q->stop) { +! fatalf("aclParseTimeSpec: ERROR: Reversed time range in" + "%s line %d: %s\n", + cfg_filename, config_lineno, config_input_line); + } + if (q->weekbits == 0) + q->weekbits = ACL_ALLWEEK; +--- 568,577 ---- + q->weekbits = weekbits; + weekbits = 0; + if (q->start > q->stop) { +! debug(28, 0) ("aclParseTimeSpec: ERROR: Reversed time range in" + "%s line %d: %s\n", + cfg_filename, config_lineno, config_input_line); ++ self_destruct(); + } + if (q->weekbits == 0) + q->weekbits = ACL_ALLWEEK; +*************** +*** 787,809 **** + + /* snarf the ACL name */ + if ((t = strtok(NULL, w_space)) == NULL) { +- debug(28, 0) ("%s line %d: %s\n", +- cfg_filename, config_lineno, config_input_line); + debug(28, 0) ("aclParseAclLine: missing ACL name.\n"); +! return; + } + xstrncpy(aclname, t, ACL_NAME_SZ); + /* snarf the ACL type */ + if ((t = strtok(NULL, w_space)) == NULL) { +- debug(28, 0) ("%s line %d: %s\n", +- cfg_filename, config_lineno, config_input_line); + debug(28, 0) ("aclParseAclLine: missing ACL type.\n"); + return; + } + if ((acltype = aclStrToType(t)) == ACL_NONE) { +- debug(28, 0) ("%s line %d: %s\n", +- cfg_filename, config_lineno, config_input_line); + debug(28, 0) ("aclParseAclLine: Invalid ACL type '%s'\n", t); + return; + } + if ((A = aclFindByName(aclname)) == NULL) { +--- 789,807 ---- + + /* snarf the ACL name */ + if ((t = strtok(NULL, w_space)) == NULL) { + debug(28, 0) ("aclParseAclLine: missing ACL name.\n"); +! self_destruct(); + } + xstrncpy(aclname, t, ACL_NAME_SZ); + /* snarf the ACL type */ + if ((t = strtok(NULL, w_space)) == NULL) { + debug(28, 0) ("aclParseAclLine: missing ACL type.\n"); ++ self_destruct(); + return; + } + if ((acltype = aclStrToType(t)) == ACL_NONE) { + debug(28, 0) ("aclParseAclLine: Invalid ACL type '%s'\n", t); ++ self_destruct(); + return; + } + if ((A = aclFindByName(aclname)) == NULL) { +*************** +*** 815,821 **** + new_acl = 1; + } else { + if (acltype != A->type) { +! debug(28, 0) ("aclParseAclLine: ACL '%s' already exists with different type, skipping.\n", A->name); + return; + } + debug(28, 3) ("aclParseAclLine: Appending to '%s'\n", aclname); +--- 813,820 ---- + new_acl = 1; + } else { + if (acltype != A->type) { +! debug(28, 0) ("aclParseAclLine: ACL '%s' already exists with different type.\n", A->name); +! self_destruct(); + return; + } + debug(28, 3) ("aclParseAclLine: Appending to '%s'\n", aclname); +*************** +*** 887,908 **** + break; + case ACL_PROXY_AUTH: + if (authenticateSchemeCount() == 0) { +! fatalf("Invalid Proxy Auth ACL '%s' " + "because no authentication schemes were compiled.\n", A->cfgline); + } else if (authenticateActiveSchemeCount() == 0) { +! fatalf("Invalid Proxy Auth ACL '%s' " + "because no authentication schemes are fully configured.\n", A->cfgline); + } else { + aclParseUserList(&A->data); + } + break; + case ACL_PROXY_AUTH_REGEX: + if (authenticateSchemeCount() == 0) { +! fatalf("Invalid Proxy Auth ACL '%s' " + "because no authentication schemes were compiled.\n", A->cfgline); + } else if (authenticateActiveSchemeCount() == 0) { +! fatalf("Invalid Proxy Auth ACL '%s' " + "because no authentication schemes are fully configured.\n", A->cfgline); + } else { + aclParseRegexList(&A->data); + } +--- 886,911 ---- + break; + case ACL_PROXY_AUTH: + if (authenticateSchemeCount() == 0) { +! debug(28, 0) ("Invalid Proxy Auth ACL '%s' " + "because no authentication schemes were compiled.\n", A->cfgline); ++ self_destruct(); + } else if (authenticateActiveSchemeCount() == 0) { +! debug(28, 0) ("Invalid Proxy Auth ACL '%s' " + "because no authentication schemes are fully configured.\n", A->cfgline); ++ self_destruct(); + } else { + aclParseUserList(&A->data); + } + break; + case ACL_PROXY_AUTH_REGEX: + if (authenticateSchemeCount() == 0) { +! debug(28, 0) ("Invalid Proxy Auth ACL '%s' " + "because no authentication schemes were compiled.\n", A->cfgline); ++ self_destruct(); + } else if (authenticateActiveSchemeCount() == 0) { +! debug(28, 0) ("Invalid Proxy Auth ACL '%s' " + "because no authentication schemes are fully configured.\n", A->cfgline); ++ self_destruct(); + } else { + aclParseRegexList(&A->data); + } +*************** +*** 1091,1099 **** + debug(28, 3) ("aclParseAccessLine: looking for ACL name '%s'\n", t); + a = aclFindByName(t); + if (a == NULL) { +! debug(28, 0) ("%s line %d: %s\n", +! cfg_filename, config_lineno, config_input_line); +! debug(28, 0) ("aclParseAccessLine: ACL name '%s' not found.\n", t); + memFree(L, MEM_ACL_LIST); + continue; + } +--- 1094,1101 ---- + debug(28, 3) ("aclParseAccessLine: looking for ACL name '%s'\n", t); + a = aclFindByName(t); + if (a == NULL) { +! debug(28, 0) ("ACL name '%s' not defined!\n", t); +! self_destruct(); + memFree(L, MEM_ACL_LIST); + continue; + } +*************** +*** 1329,1335 **** + debug(28, 5) ("aclParseUserMaxIP: Max IP address's %d\n", (int) (*acldata)->max); + return; + error: +! fatal("aclParseUserMaxIP: Malformed ACL %d\n"); + } + + void +--- 1331,1337 ---- + debug(28, 5) ("aclParseUserMaxIP: Max IP address's %d\n", (int) (*acldata)->max); + return; + error: +! self_destruct(); + } + + void +Index: squid/src/cache_cf.c +diff -c squid/src/cache_cf.c:1.396.2.20 squid/src/cache_cf.c:1.396.2.21 +*** squid/src/cache_cf.c:1.396.2.20 Sun Feb 20 19:55:04 2005 +--- squid/src/cache_cf.c Fri Mar 4 09:22:16 2005 +*************** +*** 110,115 **** +--- 110,116 ---- + void + self_destruct(void) + { ++ shutting_down = 1; + fatalf("Bungled %s line %d: %s", + cfg_filename, config_lineno, config_input_line); + } +Index: squid/src/tools.c +diff -c squid/src/tools.c:1.213.2.11 squid/src/tools.c:1.213.2.12 +*** squid/src/tools.c:1.213.2.11 Sun Feb 13 14:19:44 2005 +--- squid/src/tools.c Fri Mar 4 09:22:16 2005 +*************** +*** 341,348 **** + fprintf(debug_log, "Squid Cache (Version %s): Terminated abnormally.\n", + version_string); + fflush(debug_log); +! PrintRusage(); +! dumpMallocStats(); + } + + /* fatal */ +--- 341,350 ---- + fprintf(debug_log, "Squid Cache (Version %s): Terminated abnormally.\n", + version_string); + fflush(debug_log); +! if (!shutting_down) { +! PrintRusage(); +! dumpMallocStats(); +! } + } + + /* fatal */ +*************** +*** 357,363 **** + storeDirWriteCleanLogs(0); + fatal_common(message); + if (shutting_down) +! exit(0); + else + abort(); + } +--- 359,365 ---- + storeDirWriteCleanLogs(0); + fatal_common(message); + if (shutting_down) +! exit(1); + else + abort(); + } diff --git a/squid-2.5.STABLE9-bzero.patch b/squid-2.5.STABLE9-bzero.patch new file mode 100644 index 0000000..3c1f282 --- /dev/null +++ b/squid-2.5.STABLE9-bzero.patch @@ -0,0 +1,274 @@ +Index: squid/helpers/basic_auth/MSNT/rfcnb-util.c +diff -c squid/helpers/basic_auth/MSNT/rfcnb-util.c:1.1.2.1 squid/helpers/basic_auth/MSNT/rfcnb-util.c:1.1.2.2 +*** squid/helpers/basic_auth/MSNT/rfcnb-util.c:1.1.2.1 Wed Jun 26 13:11:16 2002 +--- squid/helpers/basic_auth/MSNT/rfcnb-util.c Wed Mar 9 07:28:32 2005 +*************** +*** 410,416 **** + RFCNB_saved_errno = errno; + return (RFCNBE_Bad); + } +! bzero((char *) &Socket, sizeof(Socket)); + memcpy((char *) &Socket.sin_addr, (char *) &Dest_IP, sizeof(Dest_IP)); + + Socket.sin_port = htons(port); +--- 410,416 ---- + RFCNB_saved_errno = errno; + return (RFCNBE_Bad); + } +! memset((char *) &Socket, 0, sizeof(Socket)); + memcpy((char *) &Socket.sin_addr, (char *) &Dest_IP, sizeof(Dest_IP)); + + Socket.sin_port = htons(port); +Index: squid/helpers/basic_auth/MSNT/smbencrypt.c +diff -c squid/helpers/basic_auth/MSNT/smbencrypt.c:1.1.2.2 squid/helpers/basic_auth/MSNT/smbencrypt.c:1.1.2.3 +*** squid/helpers/basic_auth/MSNT/smbencrypt.c:1.1.2.2 Wed Jun 26 13:11:17 2002 +--- squid/helpers/basic_auth/MSNT/smbencrypt.c Wed Mar 9 07:28:32 2005 +*************** +*** 158,164 **** + E_P16((uchar *) passwd, (uchar *) p16); + + /* clear out local copy of user's password (just being paranoid). */ +! bzero(passwd, sizeof(passwd)); + } + + /**************************************************************************** +--- 158,164 ---- + E_P16((uchar *) passwd, (uchar *) p16); + + /* clear out local copy of user's password (just being paranoid). */ +! memset(passwd, 0, sizeof(passwd)); + } + + /**************************************************************************** +Index: squid/helpers/basic_auth/MSNT/smblib-util.c +diff -c squid/helpers/basic_auth/MSNT/smblib-util.c:1.1.2.2 squid/helpers/basic_auth/MSNT/smblib-util.c:1.1.2.3 +*** squid/helpers/basic_auth/MSNT/smblib-util.c:1.1.2.2 Wed Jun 26 13:11:17 2002 +--- squid/helpers/basic_auth/MSNT/smblib-util.c Wed Mar 9 07:28:32 2005 +*************** +*** 146,152 **** + } + /* Now plug in the bits we need */ + +! bzero(SMB_Hdr(pkt), SMB_negp_len); + SIVAL(SMB_Hdr(pkt), SMB_hdr_idf_offset, SMB_DEF_IDF); /* Plunk in IDF */ + *(SMB_Hdr(pkt) + SMB_hdr_com_offset) = SMBnegprot; + SSVAL(SMB_Hdr(pkt), SMB_hdr_pid_offset, Con_Handle->pid); +--- 146,152 ---- + } + /* Now plug in the bits we need */ + +! memset(SMB_Hdr(pkt), 0, SMB_negp_len); + SIVAL(SMB_Hdr(pkt), SMB_hdr_idf_offset, SMB_DEF_IDF); /* Plunk in IDF */ + *(SMB_Hdr(pkt) + SMB_hdr_com_offset) = SMBnegprot; + SSVAL(SMB_Hdr(pkt), SMB_hdr_pid_offset, Con_Handle->pid); +*************** +*** 397,403 **** + + /* Now plug in the values ... */ + +! bzero(SMB_Hdr(pkt), SMB_tcon_len); + SIVAL(SMB_Hdr(pkt), SMB_hdr_idf_offset, SMB_DEF_IDF); /* Plunk in IDF */ + *(SMB_Hdr(pkt) + SMB_hdr_com_offset) = SMBtcon; + SSVAL(SMB_Hdr(pkt), SMB_hdr_pid_offset, Con_Handle->pid); +--- 397,403 ---- + + /* Now plug in the values ... */ + +! memset(SMB_Hdr(pkt), 0, SMB_tcon_len); + SIVAL(SMB_Hdr(pkt), SMB_hdr_idf_offset, SMB_DEF_IDF); /* Plunk in IDF */ + *(SMB_Hdr(pkt) + SMB_hdr_com_offset) = SMBtcon; + SSVAL(SMB_Hdr(pkt), SMB_hdr_pid_offset, Con_Handle->pid); +Index: squid/helpers/basic_auth/MSNT/smblib.c +diff -c squid/helpers/basic_auth/MSNT/smblib.c:1.1.2.2 squid/helpers/basic_auth/MSNT/smblib.c:1.1.2.3 +*** squid/helpers/basic_auth/MSNT/smblib.c:1.1.2.2 Wed Jun 26 13:11:17 2002 +--- squid/helpers/basic_auth/MSNT/smblib.c Wed Mar 9 07:28:32 2005 +*************** +*** 330,336 **** + return (SMBlibE_BAD); /* Should handle the error */ + + } +! bzero(SMB_Hdr(pkt), SMB_ssetpLM_len); + SIVAL(SMB_Hdr(pkt), SMB_hdr_idf_offset, SMB_DEF_IDF); /* Plunk in IDF */ + *(SMB_Hdr(pkt) + SMB_hdr_com_offset) = SMBsesssetupX; + SSVAL(SMB_Hdr(pkt), SMB_hdr_pid_offset, Con_Handle->pid); +--- 330,336 ---- + return (SMBlibE_BAD); /* Should handle the error */ + + } +! memset(SMB_Hdr(pkt), 0, SMB_ssetpLM_len); + SIVAL(SMB_Hdr(pkt), SMB_hdr_idf_offset, SMB_DEF_IDF); /* Plunk in IDF */ + *(SMB_Hdr(pkt) + SMB_hdr_com_offset) = SMBsesssetupX; + SSVAL(SMB_Hdr(pkt), SMB_hdr_pid_offset, Con_Handle->pid); +*************** +*** 393,399 **** + return (-1); /* Should handle the error */ + + } +! bzero(SMB_Hdr(pkt), SMB_ssetpNTLM_len); + SIVAL(SMB_Hdr(pkt), SMB_hdr_idf_offset, SMB_DEF_IDF); /* Plunk in IDF */ + *(SMB_Hdr(pkt) + SMB_hdr_com_offset) = SMBsesssetupX; + SSVAL(SMB_Hdr(pkt), SMB_hdr_pid_offset, Con_Handle->pid); +--- 393,399 ---- + return (-1); /* Should handle the error */ + + } +! memset(SMB_Hdr(pkt), 0, SMB_ssetpNTLM_len); + SIVAL(SMB_Hdr(pkt), SMB_hdr_idf_offset, SMB_DEF_IDF); /* Plunk in IDF */ + *(SMB_Hdr(pkt) + SMB_hdr_com_offset) = SMBsesssetupX; + SSVAL(SMB_Hdr(pkt), SMB_hdr_pid_offset, Con_Handle->pid); +Index: squid/helpers/ntlm_auth/SMB/smbval/rfcnb-util.c +diff -c squid/helpers/ntlm_auth/SMB/smbval/rfcnb-util.c:1.1.2.1 squid/helpers/ntlm_auth/SMB/smbval/rfcnb-util.c:1.1.2.2 +*** squid/helpers/ntlm_auth/SMB/smbval/rfcnb-util.c:1.1.2.1 Tue Feb 17 16:09:56 2004 +--- squid/helpers/ntlm_auth/SMB/smbval/rfcnb-util.c Wed Mar 9 07:28:32 2005 +*************** +*** 384,390 **** + RFCNB_saved_errno = errno; + return (RFCNBE_Bad); + } +! bzero((char *) &Socket, sizeof(Socket)); + memcpy((char *) &Socket.sin_addr, (char *) &Dest_IP, sizeof(Dest_IP)); + + Socket.sin_port = htons(port); +--- 384,390 ---- + RFCNB_saved_errno = errno; + return (RFCNBE_Bad); + } +! memset((char *) &Socket, 0, sizeof(Socket)); + memcpy((char *) &Socket.sin_addr, (char *) &Dest_IP, sizeof(Dest_IP)); + + Socket.sin_port = htons(port); +Index: squid/helpers/ntlm_auth/SMB/smbval/smbencrypt.c +diff -c squid/helpers/ntlm_auth/SMB/smbval/smbencrypt.c:1.3 squid/helpers/ntlm_auth/SMB/smbval/smbencrypt.c:1.3.2.1 +*** squid/helpers/ntlm_auth/SMB/smbval/smbencrypt.c:1.3 Wed Aug 29 08:57:37 2001 +--- squid/helpers/ntlm_auth/SMB/smbval/smbencrypt.c Wed Mar 9 07:28:32 2005 +*************** +*** 149,155 **** + E_P16((uchar *) passwd, (uchar *) p16); + + /* clear out local copy of user's password (just being paranoid). */ +! bzero(passwd, sizeof(passwd)); + } + + /**************************************************************************** +--- 149,155 ---- + E_P16((uchar *) passwd, (uchar *) p16); + + /* clear out local copy of user's password (just being paranoid). */ +! memset(passwd, 0, sizeof(passwd)); + } + + /**************************************************************************** +Index: squid/helpers/ntlm_auth/SMB/smbval/smblib-util.c +diff -c squid/helpers/ntlm_auth/SMB/smbval/smblib-util.c:1.1.2.1 squid/helpers/ntlm_auth/SMB/smbval/smblib-util.c:1.1.2.2 +*** squid/helpers/ntlm_auth/SMB/smbval/smblib-util.c:1.1.2.1 Tue Feb 17 16:09:56 2004 +--- squid/helpers/ntlm_auth/SMB/smbval/smblib-util.c Wed Mar 9 07:28:32 2005 +*************** +*** 269,275 **** + } + /* Now plug in the bits we need */ + +! bzero(SMB_Hdr(pkt), SMB_negp_len); + SIVAL(SMB_Hdr(pkt), SMB_hdr_idf_offset, SMB_DEF_IDF); /* Plunk in IDF */ + *(SMB_Hdr(pkt) + SMB_hdr_com_offset) = SMBnegprot; + SSVAL(SMB_Hdr(pkt), SMB_hdr_pid_offset, Con_Handle->pid); +--- 269,275 ---- + } + /* Now plug in the bits we need */ + +! memset(SMB_Hdr(pkt), 0, SMB_negp_len); + SIVAL(SMB_Hdr(pkt), SMB_hdr_idf_offset, SMB_DEF_IDF); /* Plunk in IDF */ + *(SMB_Hdr(pkt) + SMB_hdr_com_offset) = SMBnegprot; + SSVAL(SMB_Hdr(pkt), SMB_hdr_pid_offset, Con_Handle->pid); +*************** +*** 520,526 **** + + /* Now plug in the values ... */ + +! bzero(SMB_Hdr(pkt), SMB_tcon_len); + SIVAL(SMB_Hdr(pkt), SMB_hdr_idf_offset, SMB_DEF_IDF); /* Plunk in IDF */ + *(SMB_Hdr(pkt) + SMB_hdr_com_offset) = SMBtcon; + SSVAL(SMB_Hdr(pkt), SMB_hdr_pid_offset, Con_Handle->pid); +--- 520,526 ---- + + /* Now plug in the values ... */ + +! memset(SMB_Hdr(pkt), 0, SMB_tcon_len); + SIVAL(SMB_Hdr(pkt), SMB_hdr_idf_offset, SMB_DEF_IDF); /* Plunk in IDF */ + *(SMB_Hdr(pkt) + SMB_hdr_com_offset) = SMBtcon; + SSVAL(SMB_Hdr(pkt), SMB_hdr_pid_offset, Con_Handle->pid); +*************** +*** 637,643 **** + } + /* Now plug in the values ... */ + +! bzero(SMB_Hdr(pkt), SMB_tdis_len); + SIVAL(SMB_Hdr(pkt), SMB_hdr_idf_offset, SMB_DEF_IDF); /* Plunk in IDF */ + *(SMB_Hdr(pkt) + SMB_hdr_com_offset) = SMBtdis; + SSVAL(SMB_Hdr(pkt), SMB_hdr_pid_offset, Tree_Handle->con->pid); +--- 637,643 ---- + } + /* Now plug in the values ... */ + +! memset(SMB_Hdr(pkt), 0, SMB_tdis_len); + SIVAL(SMB_Hdr(pkt), SMB_hdr_idf_offset, SMB_DEF_IDF); /* Plunk in IDF */ + *(SMB_Hdr(pkt) + SMB_hdr_com_offset) = SMBtdis; + SSVAL(SMB_Hdr(pkt), SMB_hdr_pid_offset, Tree_Handle->con->pid); +Index: squid/helpers/ntlm_auth/SMB/smbval/smblib.c +diff -c squid/helpers/ntlm_auth/SMB/smbval/smblib.c:1.3.2.1 squid/helpers/ntlm_auth/SMB/smbval/smblib.c:1.3.2.2 +*** squid/helpers/ntlm_auth/SMB/smbval/smblib.c:1.3.2.1 Tue Feb 17 16:09:56 2004 +--- squid/helpers/ntlm_auth/SMB/smbval/smblib.c Wed Mar 9 07:28:32 2005 +*************** +*** 374,380 **** + fprintf(stderr, "SMB_Logon_server: Couldn't allocate packet\n"); + return (SMBlibE_BAD); /* Should handle the error */ + } +! bzero(SMB_Hdr(pkt), SMB_ssetpLM_len); + SIVAL(SMB_Hdr(pkt), SMB_hdr_idf_offset, SMB_DEF_IDF); /* Plunk in IDF */ + *(SMB_Hdr(pkt) + SMB_hdr_com_offset) = SMBsesssetupX; + SSVAL(SMB_Hdr(pkt), SMB_hdr_pid_offset, Con_Handle->pid); +--- 374,380 ---- + fprintf(stderr, "SMB_Logon_server: Couldn't allocate packet\n"); + return (SMBlibE_BAD); /* Should handle the error */ + } +! memset(SMB_Hdr(pkt), 0, SMB_ssetpLM_len); + SIVAL(SMB_Hdr(pkt), SMB_hdr_idf_offset, SMB_DEF_IDF); /* Plunk in IDF */ + *(SMB_Hdr(pkt) + SMB_hdr_com_offset) = SMBsesssetupX; + SSVAL(SMB_Hdr(pkt), SMB_hdr_pid_offset, Con_Handle->pid); +*************** +*** 437,443 **** + fprintf(stderr, "SMB_Logon_server: Couldn't allocate packet\n"); + return (-1); /* Should handle the error */ + } +! bzero(SMB_Hdr(pkt), SMB_ssetpNTLM_len); + SIVAL(SMB_Hdr(pkt), SMB_hdr_idf_offset, SMB_DEF_IDF); /* Plunk in IDF */ + *(SMB_Hdr(pkt) + SMB_hdr_com_offset) = SMBsesssetupX; + SSVAL(SMB_Hdr(pkt), SMB_hdr_pid_offset, Con_Handle->pid); +--- 437,443 ---- + fprintf(stderr, "SMB_Logon_server: Couldn't allocate packet\n"); + return (-1); /* Should handle the error */ + } +! memset(SMB_Hdr(pkt), 0, SMB_ssetpNTLM_len); + SIVAL(SMB_Hdr(pkt), SMB_hdr_idf_offset, SMB_DEF_IDF); /* Plunk in IDF */ + *(SMB_Hdr(pkt) + SMB_hdr_com_offset) = SMBsesssetupX; + SSVAL(SMB_Hdr(pkt), SMB_hdr_pid_offset, Con_Handle->pid); +Index: squid/src/fs/coss/async_io.c +diff -c squid/src/fs/coss/async_io.c:1.7.2.4 squid/src/fs/coss/async_io.c:1.7.2.5 +*** squid/src/fs/coss/async_io.c:1.7.2.4 Tue Jul 29 15:44:47 2003 +--- squid/src/fs/coss/async_io.c Wed Mar 9 07:28:32 2005 +*************** +*** 197,203 **** + type = aqe->aq_e_type; + + /* Free slot */ +! bzero(aqe, sizeof(async_queue_entry_t)); + aqe->aq_e_state = AQ_ENTRY_FREE; + q->aq_numpending--; + +--- 197,203 ---- + type = aqe->aq_e_type; + + /* Free slot */ +! memset(aqe, 0, sizeof(async_queue_entry_t)); + aqe->aq_e_state = AQ_ENTRY_FREE; + q->aq_numpending--; + diff --git a/squid-2.5.STABLE9-config_overflow.patch b/squid-2.5.STABLE9-config_overflow.patch new file mode 100644 index 0000000..420c630 --- /dev/null +++ b/squid-2.5.STABLE9-config_overflow.patch @@ -0,0 +1,21 @@ +Index: squid/src/cache_cf.c +diff -c squid/src/cache_cf.c:1.396.2.21 squid/src/cache_cf.c:1.396.2.22 +*** squid/src/cache_cf.c:1.396.2.21 Fri Mar 4 09:22:16 2005 +--- squid/src/cache_cf.c Wed Mar 9 07:25:49 2005 +*************** +*** 517,523 **** + else if ((m = parseBytesUnits(token)) == 0) + self_destruct(); + *bptr = m * d / u; +! if ((double) *bptr != m * d / u) + self_destruct(); + } + +--- 517,523 ---- + else if ((m = parseBytesUnits(token)) == 0) + self_destruct(); + *bptr = m * d / u; +! if ((double) *bptr * 2 != m * d / u * 2) + self_destruct(); + } + diff --git a/squid-2.5.STABLE9-ctype.patch b/squid-2.5.STABLE9-ctype.patch new file mode 100644 index 0000000..1c495f5 --- /dev/null +++ b/squid-2.5.STABLE9-ctype.patch @@ -0,0 +1,170 @@ +Index: squid/helpers/basic_auth/MSNT/smbencrypt.c +diff -c squid/helpers/basic_auth/MSNT/smbencrypt.c:1.1.2.3 squid/helpers/basic_auth/MSNT/smbencrypt.c:1.1.2.4 +*** squid/helpers/basic_auth/MSNT/smbencrypt.c:1.1.2.3 Wed Mar 9 07:28:32 2005 +--- squid/helpers/basic_auth/MSNT/smbencrypt.c Wed Mar 9 07:33:01 2005 +*************** +*** 194,209 **** + } else if (is_kana(*s)) { + s++; + } else { +! if (islower(*s)) +! *s = toupper(*s); + s++; + } + } else + #endif /* KANJI_WIN95_COMPATIBILITY */ + #endif /* UNUSED_CODE */ + { +! if (islower(*s)) +! *s = toupper(*s); + s++; + } + } +--- 194,209 ---- + } else if (is_kana(*s)) { + s++; + } else { +! if (islower((int)(unsigned char)*s)) +! *s = toupper((int)(unsigned char)*s); + s++; + } + } else + #endif /* KANJI_WIN95_COMPATIBILITY */ + #endif /* UNUSED_CODE */ + { +! if (islower((int)(unsigned char)*s)) +! *s = toupper((int)(unsigned char)*s); + s++; + } + } +Index: squid/helpers/ntlm_auth/SMB/smbval/smbencrypt.c +diff -c squid/helpers/ntlm_auth/SMB/smbval/smbencrypt.c:1.3.2.1 squid/helpers/ntlm_auth/SMB/smbval/smbencrypt.c:1.3.2.2 +*** squid/helpers/ntlm_auth/SMB/smbval/smbencrypt.c:1.3.2.1 Wed Mar 9 07:28:32 2005 +--- squid/helpers/ntlm_auth/SMB/smbval/smbencrypt.c Wed Mar 9 07:33:01 2005 +*************** +*** 199,205 **** + * else + * #endif *//* KANJI_WIN95_COMPATIBILITY */ + { +! if (islower(*s)) + *s = toupper(*s); + s++; + } +--- 199,205 ---- + * else + * #endif *//* KANJI_WIN95_COMPATIBILITY */ + { +! if (islower((int)(unsigned char)*s)) + *s = toupper(*s); + s++; + } +Index: squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c +diff -c squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c:1.3.2.7 squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c:1.3.2.8 +*** squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c:1.3.2.7 Fri Jan 7 14:12:27 2005 +--- squid/helpers/ntlm_auth/fakeauth/fakeauth_auth.c Wed Mar 9 07:33:01 2005 +*************** +*** 177,183 **** + d = buf; + + for (; l; l--) { +! if (*sc == '\0' || !isprint(*sc)) { + fprintf(stderr, "ntlmGetString: bad ascii: %04x\n", *sc); + return (NULL); + } +--- 177,183 ---- + d = buf; + + for (; l; l--) { +! if (*sc == '\0' || !isprint((int)(unsigned char)*sc)) { + fprintf(stderr, "ntlmGetString: bad ascii: %04x\n", *sc); + return (NULL); + } +Index: squid/include/config.h +diff -c squid/include/config.h:1.4.2.2 squid/include/config.h:1.4.2.4 +*** squid/include/config.h:1.4.2.2 Sun Feb 20 04:02:56 2005 +--- squid/include/config.h Thu Mar 10 16:37:50 2005 +*************** +*** 162,167 **** +--- 162,168 ---- + #define xisdigit(x) isdigit((unsigned char)x) + #define xisascii(x) isascii((unsigned char)x) + #define xislower(x) islower((unsigned char)x) ++ #define xisupper(x) isupper((unsigned char)x) + #define xisalpha(x) isalpha((unsigned char)x) + #define xisalnum(x) isalnum((unsigned char)x) + #define xisgraph(x) isgraph((unsigned char)x) +Index: squid/snmplib/mib.c +diff -c squid/snmplib/mib.c:1.22 squid/snmplib/mib.c:1.22.2.1 +*** squid/snmplib/mib.c:1.22 Wed Nov 28 01:01:46 2001 +--- squid/snmplib/mib.c Wed Mar 9 07:33:02 2005 +*************** +*** 127,137 **** + char c1, c2; + + while (*s1 && *s2) { +! if (isupper(*s1)) + c1 = tolower(*s1); + else + c1 = *s1; +! if (isupper(*s2)) + c2 = tolower(*s2); + else + c2 = *s2; +--- 127,137 ---- + char c1, c2; + + while (*s1 && *s2) { +! if (xisupper(*s1)) + c1 = tolower(*s1); + else + c1 = *s1; +! if (xisupper(*s2)) + c2 = tolower(*s2); + else + c2 = *s2; +*************** +*** 163,173 **** + (*input == '.')) + return (0); + +! if (isdigit(*input)) { + /* + * Read the number, then try to find it in the subtree. + */ +! while (isdigit(*input)) { + subid *= 10; + subid += *input++ - '0'; + } +--- 163,173 ---- + (*input == '.')) + return (0); + +! if (xisdigit(*input)) { + /* + * Read the number, then try to find it in the subtree. + */ +! while (xisdigit(*input)) { + subid *= 10; + subid += *input++ - '0'; + } +Index: squid/snmplib/parse.c +diff -c squid/snmplib/parse.c:1.26 squid/snmplib/parse.c:1.26.2.1 +*** squid/snmplib/parse.c:1.26 Wed Oct 17 13:05:37 2001 +--- squid/snmplib/parse.c Wed Mar 9 07:33:02 2005 +*************** +*** 540,546 **** + return get_token(fp, token); + } + for (cp = token; *cp; cp++) +! if (!isdigit(*cp)) + return LABEL; + return NUMBER; + } else { +--- 540,546 ---- + return get_token(fp, token); + } + for (cp = token; *cp; cp++) +! if (!xisdigit(*cp)) + return LABEL; + return NUMBER; + } else { diff --git a/squid-2.5.STABLE9-date.patch b/squid-2.5.STABLE9-date.patch new file mode 100644 index 0000000..506a07e --- /dev/null +++ b/squid-2.5.STABLE9-date.patch @@ -0,0 +1,236 @@ +Index: squid/lib/rfc1123.c +diff -c squid/lib/rfc1123.c:1.29 squid/lib/rfc1123.c:1.29.2.2 +*** squid/lib/rfc1123.c:1.29 Wed Oct 17 13:46:43 2001 +--- squid/lib/rfc1123.c Wed Mar 9 07:51:39 2005 +*************** +*** 103,109 **** + for (i = 0; i < 12; i++) + if (!strncmp(month_names[i], month, 3)) + return i; +! return 0; + } + + static int +--- 103,109 ---- + for (i = 0; i < 12; i++) + if (!strncmp(month_names[i], month, 3)) + return i; +! return -1; + } + + static int +*************** +*** 125,229 **** + } + + static struct tm * +! parse_date1(const char *str) + { +- /* Thursday, 10-Jun-93 01:29:59 GMT */ +- const char *s; + static struct tm tm; +! assert(NULL != str); +! memset(&tm, '\0', sizeof(struct tm)); +! s = strchr(str, ','); +! if (NULL == s) +! return NULL; +! s++; +! while (*s == ' ') +! s++; +! /* backup if month is only one digit */ +! if (xisdigit(*s) && !xisdigit(*(s + 1))) +! s--; +! if (!strchr(s, '-')) +! return NULL; +! if ((int) strlen(s) < 18) + return NULL; +! memset(&tm, '\0', sizeof(tm)); +! tm.tm_mday = make_num(s); +! tm.tm_mon = make_month(s + 3); +! tm.tm_year = make_num(s + 7); +! /* +! * Y2K: Arjan de Vet +! * if tm.tm_year < 70, assume it's after the year 2000. +! */ +! if (tm.tm_year < 70) + tm.tm_year += 100; +! tm.tm_hour = make_num(s + 10); +! tm.tm_min = make_num(s + 13); +! tm.tm_sec = make_num(s + 16); + return tmSaneValues(&tm) ? &tm : NULL; + } + + static struct tm * +! parse_date2(const char *str) + { +! /* Thu, 10 Jan 1993 01:29:59 GMT */ +! const char *s; +! static struct tm tm; +! assert(NULL != str); +! memset(&tm, '\0', sizeof(struct tm)); +! s = strchr(str, ','); +! if (NULL == s) +! return NULL; +! s++; +! while (*s == ' ') +! s++; +! /* backup if month is only one digit */ +! if (xisdigit(*s) && !xisdigit(*(s + 1))) +! s--; +! if (strchr(s, '-')) +! return NULL; +! if ((int) strlen(s) < 20) +! return NULL; +! memset(&tm, '\0', sizeof(tm)); +! tm.tm_mday = make_num(s); +! tm.tm_mon = make_month(s + 3); +! tm.tm_year = (100 * make_num(s + 7) - 1900) + make_num(s + 9); +! tm.tm_hour = make_num(s + 12); +! tm.tm_min = make_num(s + 15); +! tm.tm_sec = make_num(s + 18); +! return tmSaneValues(&tm) ? &tm : NULL; +! } + +! static struct tm * +! parse_date3(const char *str) +! { +! /* Wed Jun 9 01:29:59 1993 GMT */ +! static struct tm tm; +! char *s; +! static char buf[128]; +! while (*str && *str == ' ') +! str++; +! xstrncpy(buf, str, 128); +! if (NULL == (s = strtok(buf, w_space))) +! return NULL; +! if (NULL == (s = strtok(NULL, w_space))) +! return NULL; +! tm.tm_mon = make_month(s); +! if (NULL == (s = strtok(NULL, w_space))) +! return NULL; +! tm.tm_mday = atoi(s); +! if (NULL == (s = strtok(NULL, ":"))) +! return NULL; +! tm.tm_hour = atoi(s); +! if (NULL == (s = strtok(NULL, ":"))) +! return NULL; +! tm.tm_min = atoi(s); +! if (NULL == (s = strtok(NULL, w_space))) +! return NULL; +! tm.tm_sec = atoi(s); +! if (NULL == (s = strtok(NULL, w_space))) +! return NULL; +! /* Y2K fix, richard.kettlewell@kewill.com */ +! tm.tm_year = atoi(s) - 1900; +! return tmSaneValues(&tm) ? &tm : NULL; + } + + time_t +--- 125,204 ---- + } + + static struct tm * +! parse_date_elements(const char *day, const char *month, const char *year, +! const char *time, const char *zone) + { + static struct tm tm; +! char *t; +! memset(&tm, 0, sizeof(tm)); +! +! if (!day || !month || !year || !time) + return NULL; +! tm.tm_mday = atoi(day); +! tm.tm_mon = make_month(month); +! if (tm.tm_mon < 0) +! return NULL; +! tm.tm_year = atoi(year); +! if (strlen(year) == 4) +! tm.tm_year -= 1900; +! else if (tm.tm_year < 70) + tm.tm_year += 100; +! else if (tm.tm_year > 19000) +! tm.tm_year -= 19000; +! tm.tm_hour = make_num(time); +! t = strchr(time, ':'); +! if (!t) +! return NULL; +! t++; +! tm.tm_min = atoi(t); +! t = strchr(t, ':'); +! if (t) +! tm.tm_sec = atoi(t + 1); + return tmSaneValues(&tm) ? &tm : NULL; + } + + static struct tm * +! parse_date(const char *str) + { +! struct tm *tm; +! char *tmp = xstrdup(str); +! char *t; +! char *wday = NULL; +! char *day = NULL; +! char *month = NULL; +! char *year = NULL; +! char *time = NULL; +! char *zone = NULL; +! +! for (t = strtok(tmp, ", "); t; t = strtok(NULL, ", ")) { +! if (xisdigit(*t)) { +! if (!day) { +! day = t; +! t = strchr(t, '-'); +! if (t) { +! *t++ = '\0'; +! month = t; +! t = strchr(t, '-'); +! if (!t) +! return NULL; +! *t++ = '\0'; +! year = t; +! } +! } else if (strchr(t, ':')) +! time = t; +! else if (!year) +! year = t; +! } else if (!wday) +! wday = t; +! else if (!month) +! month = t; +! else if (!zone) +! zone = t; +! } +! tm = parse_date_elements(day, month, year, time, zone); + +! xfree(tmp); +! return tm; + } + + time_t +*************** +*** 233,247 **** + time_t t; + if (NULL == str) + return -1; +! tm = parse_date1(str); +! if (NULL == tm) { +! tm = parse_date2(str); +! if (NULL == tm) { +! tm = parse_date3(str); +! if (NULL == tm) +! return -1; +! } +! } + tm->tm_isdst = -1; + #ifdef HAVE_TIMEGM + t = timegm(tm); +--- 208,216 ---- + time_t t; + if (NULL == str) + return -1; +! tm = parse_date(str); +! if (!tm) +! return -1; + tm->tm_isdst = -1; + #ifdef HAVE_TIMEGM + t = timegm(tm); diff --git a/squid-2.5.STABLE9-defer_digest_fetch.patch b/squid-2.5.STABLE9-defer_digest_fetch.patch new file mode 100644 index 0000000..4dd6c63 --- /dev/null +++ b/squid-2.5.STABLE9-defer_digest_fetch.patch @@ -0,0 +1,28 @@ +Index: squid/src/neighbors.c +diff -c squid/src/neighbors.c:1.299.2.5 squid/src/neighbors.c:1.299.2.6 +*** squid/src/neighbors.c:1.299.2.5 Sun Feb 20 19:55:04 2005 +--- squid/src/neighbors.c Wed Mar 9 07:34:24 2005 +*************** +*** 589,594 **** +--- 589,597 ---- + if (!p->digest) { + debug(15, 5) ("peerDigestLookup: gone!\n"); + return LOOKUP_NONE; ++ } else if (!peerHTTPOkay(p, request)) { ++ debug(15, 5) ("peerDigestLookup: !peerHTTPOkay\n"); ++ return LOOKUP_NONE; + } else if (!p->digest->flags.needed) { + debug(15, 5) ("peerDigestLookup: note need\n"); + peerDigestNeeded(p->digest); +*************** +*** 597,605 **** + debug(15, 5) ("peerDigestLookup: !ready && %srequested\n", + p->digest->flags.requested ? "" : "!"); + return LOOKUP_NONE; +- } else if (!peerHTTPOkay(p, request)) { +- debug(15, 5) ("peerDigestLookup: !peerHTTPOkay\n"); +- return LOOKUP_NONE; + } + debug(15, 5) ("peerDigestLookup: OK to lookup peer %s\n", p->host); + assert(p->digest->cd); +--- 600,605 ---- diff --git a/squid-2.5.STABLE9-dup_content_length.patch b/squid-2.5.STABLE9-dup_content_length.patch new file mode 100644 index 0000000..2070ae3 --- /dev/null +++ b/squid-2.5.STABLE9-dup_content_length.patch @@ -0,0 +1,40 @@ +Index: squid/src/HttpHeader.c +diff -c squid/src/HttpHeader.c:1.74.2.25 squid/src/HttpHeader.c:1.74.2.26 +*** squid/src/HttpHeader.c:1.74.2.25 Sun Feb 20 03:32:41 2005 +--- squid/src/HttpHeader.c Wed Mar 9 07:37:50 2005 +*************** +*** 474,486 **** + return httpHeaderReset(hdr); + } + if (e->id == HDR_CONTENT_LENGTH && (e2 = httpHeaderFindEntry(hdr, e->id)) != NULL) { +! if (!Config.onoff.relaxed_header_parser || strCmp(e->value, strBuf(e2->value)) != 0) { + debug(55, 1) ("WARNING: found two conflicting content-length headers in {%s}\n", getStringPrefix(header_start, header_end)); + httpHeaderEntryDestroy(e); + return httpHeaderReset(hdr); + } else { + debug(55, Config.onoff.relaxed_header_parser <= 0 ? 1 : 2) + ("NOTICE: found double content-length header\n"); + } + } + if (e->id == HDR_OTHER && stringHasWhitespace(strBuf(e->name))) { +--- 474,493 ---- + return httpHeaderReset(hdr); + } + if (e->id == HDR_CONTENT_LENGTH && (e2 = httpHeaderFindEntry(hdr, e->id)) != NULL) { +! if (strCmp(e->value, strBuf(e2->value)) != 0) { + debug(55, 1) ("WARNING: found two conflicting content-length headers in {%s}\n", getStringPrefix(header_start, header_end)); + httpHeaderEntryDestroy(e); + return httpHeaderReset(hdr); + } else { + debug(55, Config.onoff.relaxed_header_parser <= 0 ? 1 : 2) + ("NOTICE: found double content-length header\n"); ++ if (Config.onoff.relaxed_header_parser) { ++ httpHeaderEntryDestroy(e); ++ continue; ++ } else { ++ httpHeaderEntryDestroy(e); ++ return httpHeaderReset(hdr); ++ } + } + } + if (e->id == HDR_OTHER && stringHasWhitespace(strBuf(e->name))) { diff --git a/squid-2.5.STABLE9-excess_data.patch b/squid-2.5.STABLE9-excess_data.patch new file mode 100644 index 0000000..77d1f91 --- /dev/null +++ b/squid-2.5.STABLE9-excess_data.patch @@ -0,0 +1,40 @@ +Index: squid/src/http.c +diff -c squid/src/http.c:1.384.2.28 squid/src/http.c:1.384.2.29 +*** squid/src/http.c:1.384.2.28 Fri Feb 11 03:52:59 2005 +--- squid/src/http.c Wed Mar 9 07:40:04 2005 +*************** +*** 744,750 **** + if ((len < 0 && !ignoreErrno(errno)) || len == 0) { + keep_alive = 0; + } else if (len > 0) { +! debug(11, 1) ("httpReadReply: Excess data from \"%s %s\"\n", + RequestMethodStr[httpState->orig_request->method], + storeUrl(entry)); + storeAppend(entry, buf, len); +--- 744,751 ---- + if ((len < 0 && !ignoreErrno(errno)) || len == 0) { + keep_alive = 0; + } else if (len > 0) { +! debug(11, Config.onoff.relaxed_header_parser <= 0 || keep_alive ? 1 : 2) +! ("httpReadReply: Excess data from \"%s %s\"\n", + RequestMethodStr[httpState->orig_request->method], + storeUrl(entry)); + storeAppend(entry, buf, len); +*************** +*** 782,788 **** + return; + case -1: + /* Server is nasty on us. Shut down */ +! debug(11, 1) ("httpReadReply: Excess data from \"%s %s\"\n", + RequestMethodStr[httpState->orig_request->method], + storeUrl(entry)); + fwdComplete(httpState->fwd); +--- 783,790 ---- + return; + case -1: + /* Server is nasty on us. Shut down */ +! debug(11, Config.onoff.relaxed_header_parser <= 0 || entry->mem_obj->reply->keep_alive ? 1 : 2) +! ("httpReadReply: Excess data from \"%s %s\"\n", + RequestMethodStr[httpState->orig_request->method], + storeUrl(entry)); + fwdComplete(httpState->fwd); diff --git a/squid-2.5.STABLE9-ftp_EPLF.patch b/squid-2.5.STABLE9-ftp_EPLF.patch new file mode 100644 index 0000000..ed82065 --- /dev/null +++ b/squid-2.5.STABLE9-ftp_EPLF.patch @@ -0,0 +1,114 @@ +Index: squid/src/ftp.c +diff -c squid/src/ftp.c:1.316.2.21 squid/src/ftp.c:1.316.2.22 +*** squid/src/ftp.c:1.316.2.21 Sun Feb 20 20:35:08 2005 +--- squid/src/ftp.c Fri Mar 4 04:19:53 2005 +*************** +*** 595,601 **** + p->type = 0; + while (ct && *ct) { + time_t t; +! int l = strcspn(ct + 1, ","); + char *tmp; + if (l < 1) + goto blank; +--- 595,601 ---- + p->type = 0; + while (ct && *ct) { + time_t t; +! int l = strcspn(ct, ","); + char *tmp; + if (l < 1) + goto blank; +*************** +*** 608,614 **** + break; + case 'm': + t = (time_t) strtol(ct + 1, &tmp, 0); +! if (*tmp || (tmp == ct + 1)) + break; /* not a valid integer */ + p->date = xstrdup(ctime(&t)); + *(strstr(p->date, "\n")) = '\0'; +--- 608,614 ---- + break; + case 'm': + t = (time_t) strtol(ct + 1, &tmp, 0); +! if (tmp != ct + l) + break; /* not a valid integer */ + p->date = xstrdup(ctime(&t)); + *(strstr(p->date, "\n")) = '\0'; +*************** +*** 1800,1815 **** + /* 227 Entering Passive Mode (h1,h2,h3,h4,p1,p2). */ + /* ANSI sez [^0-9] is undefined, it breaks on Watcom cc */ + debug(9, 5) ("scanning: %s\n", ftpState->ctrl.last_reply); +! buf = strstr(ftpState->ctrl.last_reply, "("); +! if (!buf) { +! debug(9, 1) ("Unsafe PASV reply from %s: '%s'\n", fd_table[ftpState->ctrl.fd].ipaddr, ftpState->ctrl.last_reply); +! ftpSendPort(ftpState); +! return; +! } +! buf++; /* skip ( */ + n = sscanf(buf, "%d,%d,%d,%d,%d,%d", &h1, &h2, &h3, &h4, &p1, &p2); + if (n != 6 || p1 < 0 || p2 < 0 || p1 > 255 || p2 > 255) { +! debug(9, 1) ("Unsafe PASV reply from %s: %s\n", fd_table[ftpState->ctrl.fd].ipaddr, ftpState->ctrl.last_reply); + ftpSendPort(ftpState); + return; + } +--- 1800,1809 ---- + /* 227 Entering Passive Mode (h1,h2,h3,h4,p1,p2). */ + /* ANSI sez [^0-9] is undefined, it breaks on Watcom cc */ + debug(9, 5) ("scanning: %s\n", ftpState->ctrl.last_reply); +! buf = ftpState->ctrl.last_reply + strcspn(ftpState->ctrl.last_reply, "0123456789"); + n = sscanf(buf, "%d,%d,%d,%d,%d,%d", &h1, &h2, &h3, &h4, &p1, &p2); + if (n != 6 || p1 < 0 || p2 < 0 || p1 > 255 || p2 > 255) { +! debug(9, 1) ("Odd PASV reply from %s: %s\n", fd_table[ftpState->ctrl.fd].ipaddr, ftpState->ctrl.last_reply); + ftpSendPort(ftpState); + return; + } +*************** +*** 1826,1848 **** + return; + } + if (Config.Ftp.sanitycheck) { +- if (strcmp(fd_table[ftpState->ctrl.fd].ipaddr, ipaddr) != 0) { +- debug(9, 1) ("Unsafe PASV reply from %s: %s\n", fd_table[ftpState->ctrl.fd].ipaddr, ftpState->ctrl.last_reply); +- ftpSendPort(ftpState); +- return; +- } + if (port < 1024) { + debug(9, 1) ("Unsafe PASV reply from %s: %s\n", fd_table[ftpState->ctrl.fd].ipaddr, ftpState->ctrl.last_reply); + ftpSendPort(ftpState); + return; + } + } +- debug(9, 5) ("ftpReadPasv: connecting to %s, port %d\n", ipaddr, port); + ftpState->data.port = port; +! ftpState->data.host = xstrdup(ipaddr); + safe_free(ftpState->ctrl.last_command); + safe_free(ftpState->ctrl.last_reply); + ftpState->ctrl.last_command = xstrdup("Connect to server data port"); + commConnectStart(fd, ipaddr, port, ftpPasvCallback, ftpState); + } + +--- 1820,1840 ---- + return; + } + if (Config.Ftp.sanitycheck) { + if (port < 1024) { + debug(9, 1) ("Unsafe PASV reply from %s: %s\n", fd_table[ftpState->ctrl.fd].ipaddr, ftpState->ctrl.last_reply); + ftpSendPort(ftpState); + return; + } + } + ftpState->data.port = port; +! if (Config.Ftp.sanitycheck) +! ftpState->data.host = xstrdup(fd_table[ftpState->ctrl.fd].ipaddr); +! else +! ftpState->data.host = xstrdup(ipaddr); + safe_free(ftpState->ctrl.last_command); + safe_free(ftpState->ctrl.last_reply); + ftpState->ctrl.last_command = xstrdup("Connect to server data port"); ++ debug(9, 5) ("ftpReadPasv: connecting to %s, port %d\n", ftpState->data.host, ftpState->data.port); + commConnectStart(fd, ipaddr, port, ftpPasvCallback, ftpState); + } + diff --git a/squid-2.5.STABLE9-ftp_base_href.patch b/squid-2.5.STABLE9-ftp_base_href.patch new file mode 100644 index 0000000..b30ebf9 --- /dev/null +++ b/squid-2.5.STABLE9-ftp_base_href.patch @@ -0,0 +1,24 @@ +Index: squid/src/ftp.c +diff -c squid/src/ftp.c:1.316.2.22 squid/src/ftp.c:1.316.2.23 +*** squid/src/ftp.c:1.316.2.22 Fri Mar 4 04:19:53 2005 +--- squid/src/ftp.c Fri Mar 4 04:53:55 2005 +*************** +*** 1648,1653 **** +--- 1648,1654 ---- + debug(9, 3) ("Directory path did not end in /\n"); + strCat(ftpState->title_url, "/"); + ftpState->flags.isdir = 1; ++ ftpState->flags.use_base = 1; + } + ftpSendPasv(ftpState); + } +*************** +*** 2123,2129 **** + ftpSendList(FtpStateData * ftpState) + { + if (ftpState->filepath) { +- ftpState->flags.use_base = 1; + snprintf(cbuf, 1024, "LIST %s\r\n", ftpState->filepath); + } else { + snprintf(cbuf, 1024, "LIST\r\n"); +--- 2124,2129 ---- diff --git a/squid-2.5.STABLE9-pid_t.patch b/squid-2.5.STABLE9-pid_t.patch new file mode 100644 index 0000000..35d8d4e --- /dev/null +++ b/squid-2.5.STABLE9-pid_t.patch @@ -0,0 +1,105 @@ +Index: squid/helpers/basic_auth/winbind/wbntlm.h +diff -c squid/helpers/basic_auth/winbind/wbntlm.h:1.1.2.3 squid/helpers/basic_auth/winbind/wbntlm.h:1.1.2.4 +*** squid/helpers/basic_auth/winbind/wbntlm.h:1.1.2.3 Sun Feb 20 12:07:44 2005 +--- squid/helpers/basic_auth/winbind/wbntlm.h Wed Mar 9 07:30:37 2005 +*************** +*** 48,54 **** + #endif + + #ifdef __GNUC__ /* this is really a gcc-ism */ +! #define warn(X...) fprintf(stderr,"%s[%d](%s:%d): ", myname, mypid, \ + ((__foo=strrchr(__FILE__,'/'))==NULL?__FILE__:__foo+1),\ + __LINE__);\ + fprintf(stderr,X) +--- 48,54 ---- + #endif + + #ifdef __GNUC__ /* this is really a gcc-ism */ +! #define warn(X...) fprintf(stderr,"%s[%ld](%s:%d): ", myname, (long)mypid, \ + ((__foo=strrchr(__FILE__,'/'))==NULL?__FILE__:__foo+1),\ + __LINE__);\ + fprintf(stderr,X) +Index: squid/helpers/external_acl/winbind_group/wbntlm.h +diff -c squid/helpers/external_acl/winbind_group/wbntlm.h:1.2.2.2 squid/helpers/external_acl/winbind_group/wbntlm.h:1.2.2.3 +*** squid/helpers/external_acl/winbind_group/wbntlm.h:1.2.2.2 Sun May 11 06:51:49 2003 +--- squid/helpers/external_acl/winbind_group/wbntlm.h Wed Mar 9 07:30:37 2005 +*************** +*** 50,56 **** + #endif + + #ifdef __GNUC__ /* this is really a gcc-ism */ +! #define warn(X...) fprintf(stderr,"%s[%d](%s:%d): ", myname, mypid, \ + ((__foo=strrchr(__FILE__,'/'))==NULL?__FILE__:__foo+1),\ + __LINE__);\ + fprintf(stderr,X) +--- 50,56 ---- + #endif + + #ifdef __GNUC__ /* this is really a gcc-ism */ +! #define warn(X...) fprintf(stderr,"%s[%ld](%s:%d): ", myname, (long)mypid, \ + ((__foo=strrchr(__FILE__,'/'))==NULL?__FILE__:__foo+1),\ + __LINE__);\ + fprintf(stderr,X) +Index: squid/helpers/ntlm_auth/SMB/ntlm.h +diff -c squid/helpers/ntlm_auth/SMB/ntlm.h:1.7.2.1 squid/helpers/ntlm_auth/SMB/ntlm.h:1.7.2.2 +*** squid/helpers/ntlm_auth/SMB/ntlm.h:1.7.2.1 Sun Feb 20 12:07:44 2005 +--- squid/helpers/ntlm_auth/SMB/ntlm.h Wed Mar 9 07:30:37 2005 +*************** +*** 53,59 **** + static const char *__foo; + extern char debug_enabled; + #define debug(X...) if (debug_enabled) { \ +! fprintf(stderr,"ntlm-auth[%d](%s:%d): ", getpid(), \ + ((__foo=strrchr(__FILE__,'/'))==NULL?__FILE__:__foo+1),\ + __LINE__);\ + fprintf(stderr,X); } +--- 53,59 ---- + static const char *__foo; + extern char debug_enabled; + #define debug(X...) if (debug_enabled) { \ +! fprintf(stderr,"ntlm-auth[%ld](%s:%d): ", (long)getpid(), \ + ((__foo=strrchr(__FILE__,'/'))==NULL?__FILE__:__foo+1),\ + __LINE__);\ + fprintf(stderr,X); } +Index: squid/helpers/ntlm_auth/SMB/ntlm_auth.c +diff -c squid/helpers/ntlm_auth/SMB/ntlm_auth.c:1.12.2.1 squid/helpers/ntlm_auth/SMB/ntlm_auth.c:1.12.2.2 +*** squid/helpers/ntlm_auth/SMB/ntlm_auth.c:1.12.2.1 Mon Jul 22 05:20:44 2002 +--- squid/helpers/ntlm_auth/SMB/ntlm_auth.c Wed Mar 9 07:30:37 2005 +*************** +*** 327,333 **** + alarm(0); + signal(SIGALRM, SIG_DFL); + if (got_timeout != 0) { +! fprintf(stderr, "ntlm-auth[%d]: Timeout during authentication.\n", getpid()); + SEND("BH Timeout during authentication"); + got_timeout = 0; + return; +--- 327,333 ---- + alarm(0); + signal(SIGALRM, SIG_DFL); + if (got_timeout != 0) { +! fprintf(stderr, "ntlm-auth[%ld]: Timeout during authentication.\n", (long)getpid()); + SEND("BH Timeout during authentication"); + got_timeout = 0; + return; +Index: squid/helpers/ntlm_auth/winbind/wbntlm.h +diff -c squid/helpers/ntlm_auth/winbind/wbntlm.h:1.1.2.2 squid/helpers/ntlm_auth/winbind/wbntlm.h:1.1.2.3 +*** squid/helpers/ntlm_auth/winbind/wbntlm.h:1.1.2.2 Sun Feb 20 12:07:45 2005 +--- squid/helpers/ntlm_auth/winbind/wbntlm.h Wed Mar 9 07:30:38 2005 +*************** +*** 48,54 **** + #endif + + #if defined(__GNUC__) || defined(__ICC) /* this is really a gcc-ism */ +! #define warn(X...) fprintf(stderr,"%s[%d](%s:%d): ", myname, mypid, \ + ((__foo=strrchr(__FILE__,'/'))==NULL?__FILE__:__foo+1),\ + __LINE__);\ + fprintf(stderr,X) +--- 48,54 ---- + #endif + + #if defined(__GNUC__) || defined(__ICC) /* this is really a gcc-ism */ +! #define warn(X...) fprintf(stderr,"%s[%ld](%s:%d): ", myname, (long)mypid, \ + ((__foo=strrchr(__FILE__,'/'))==NULL?__FILE__:__foo+1),\ + __LINE__);\ + fprintf(stderr,X) diff --git a/squid-2.5.STABLE9-reload_into_ims.patch b/squid-2.5.STABLE9-reload_into_ims.patch new file mode 100644 index 0000000..788d7b1 --- /dev/null +++ b/squid-2.5.STABLE9-reload_into_ims.patch @@ -0,0 +1,25 @@ +Index: squid/src/client_side.c +diff -c squid/src/client_side.c:1.561.2.73 squid/src/client_side.c:1.561.2.74 +*** squid/src/client_side.c:1.561.2.73 Mon Mar 7 06:31:35 2005 +--- squid/src/client_side.c Wed Mar 9 07:09:03 2005 +*************** +*** 1593,1599 **** + return; + } + http->flags.hit = 1; +! if (checkNegativeHit(e)) { + http->log_type = LOG_TCP_NEGATIVE_HIT; + clientSendMoreData(data, buf, size); + } else if (!Config.onoff.offline && refreshCheckHTTP(e, r) && !http->flags.internal) { +--- 1593,1603 ---- + return; + } + http->flags.hit = 1; +! if (checkNegativeHit(e) +! #if HTTP_VIOLATIONS +! && !r->flags.nocache_hack +! #endif +! ) { + http->log_type = LOG_TCP_NEGATIVE_HIT; + clientSendMoreData(data, buf, size); + } else if (!Config.onoff.offline && refreshCheckHTTP(e, r) && !http->flags.internal) { diff --git a/squid-2.5.STABLE9-setcookie.patch b/squid-2.5.STABLE9-setcookie.patch new file mode 100644 index 0000000..48758fe --- /dev/null +++ b/squid-2.5.STABLE9-setcookie.patch @@ -0,0 +1,146 @@ +Index: squid/src/client_side.c +diff -c squid/src/client_side.c:1.561.2.71 squid/src/client_side.c:1.561.2.72 +*** squid/src/client_side.c:1.561.2.71 Sun Feb 20 12:07:45 2005 +--- squid/src/client_side.c Wed Mar 2 19:18:29 2005 +*************** +*** 572,577 **** +--- 572,578 ---- + } + } else { + /* the client can handle this reply, whatever it is */ ++ http->flags.hit = 0; + http->log_type = LOG_TCP_REFRESH_MISS; + if (HTTP_NOT_MODIFIED == mem->reply->sline.status) { + httpReplyUpdateOnNotModified(http->old_entry->mem_obj->reply, +*************** +*** 1265,1271 **** + HttpHeader *hdr = rep ? &rep->header : 0; + const char *range_err = NULL; + request_t *request = http->request; +- int is_hit = isTcpHit(http->log_type); + assert(request->range); + /* check if we still want to do ranges */ + if (!rep) +--- 1266,1271 ---- +*************** +*** 1286,1292 **** + range_err = "too complex range header"; + else if (!request->flags.cachable) /* from we_do_ranges in http.c */ + range_err = "non-cachable request"; +! else if (!is_hit && httpHdrRangeOffsetLimit(http->request->range)) + range_err = "range outside range_offset_limit"; + /* get rid of our range specs on error */ + if (range_err) { +--- 1286,1292 ---- + range_err = "too complex range header"; + else if (!request->flags.cachable) /* from we_do_ranges in http.c */ + range_err = "non-cachable request"; +! else if (!http->flags.hit && httpHdrRangeOffsetLimit(http->request->range)) + range_err = "range outside range_offset_limit"; + /* get rid of our range specs on error */ + if (range_err) { +*************** +*** 1343,1349 **** + clientBuildReplyHeader(clientHttpRequest * http, HttpReply * rep) + { + HttpHeader *hdr = &rep->header; +- int is_hit = isTcpHit(http->log_type); + request_t *request = http->request; + #if DONT_FILTER_THESE + /* but you might want to if you run Squid as an HTTP accelerator */ +--- 1343,1348 ---- +*************** +*** 1354,1360 **** + /* here: Keep-Alive is a field-name, not a connection directive! */ + httpHeaderDelByName(hdr, "Keep-Alive"); + /* remove Set-Cookie if a hit */ +! if (is_hit) + httpHeaderDelById(hdr, HDR_SET_COOKIE); + /* handle Connection header */ + if (httpHeaderHas(hdr, HDR_CONNECTION)) { +--- 1353,1359 ---- + /* here: Keep-Alive is a field-name, not a connection directive! */ + httpHeaderDelByName(hdr, "Keep-Alive"); + /* remove Set-Cookie if a hit */ +! if (http->flags.hit) + httpHeaderDelById(hdr, HDR_SET_COOKIE); + /* handle Connection header */ + if (httpHeaderHas(hdr, HDR_CONNECTION)) { +*************** +*** 1383,1389 **** + /* + * Add a estimated Age header on cache hits. + */ +! if (is_hit) { + /* + * Remove any existing Age header sent by upstream caches + * (note that the existing header is passed along unmodified +--- 1382,1388 ---- + /* + * Add a estimated Age header on cache hits. + */ +! if (http->flags.hit) { + /* + * Remove any existing Age header sent by upstream caches + * (note that the existing header is passed along unmodified +*************** +*** 1431,1437 **** + authenticateFixHeader(rep, request->auth_user_request, request, http->flags.accel, 0); + /* Append X-Cache */ + httpHeaderPutStrf(hdr, HDR_X_CACHE, "%s from %s", +! is_hit ? "HIT" : "MISS", getMyHostname()); + #if USE_CACHE_DIGESTS + /* Append X-Cache-Lookup: -- temporary hack, to be removed @?@ @?@ */ + httpHeaderPutStrf(hdr, HDR_X_CACHE_LOOKUP, "%s from %s:%d", +--- 1430,1436 ---- + authenticateFixHeader(rep, request->auth_user_request, request, http->flags.accel, 0); + /* Append X-Cache */ + httpHeaderPutStrf(hdr, HDR_X_CACHE, "%s from %s", +! http->flags.hit ? "HIT" : "MISS", getMyHostname()); + #if USE_CACHE_DIGESTS + /* Append X-Cache-Lookup: -- temporary hack, to be removed @?@ @?@ */ + httpHeaderPutStrf(hdr, HDR_X_CACHE_LOOKUP, "%s from %s:%d", +*************** +*** 1505,1510 **** +--- 1504,1510 ---- + MemObject *mem; + request_t *r = http->request; + debug(33, 3) ("clientCacheHit: %s, %d bytes\n", http->uri, (int) size); ++ http->flags.hit = 0; + if (http->entry == NULL) { + memFree(buf, MEM_CLIENT_SOCK_BUF); + debug(33, 3) ("clientCacheHit: request aborted\n"); +*************** +*** 1592,1597 **** +--- 1592,1598 ---- + clientPurgeRequest(http); + return; + } ++ http->flags.hit = 1; + if (checkNegativeHit(e)) { + http->log_type = LOG_TCP_NEGATIVE_HIT; + clientSendMoreData(data, buf, size); +*************** +*** 2276,2281 **** +--- 2277,2283 ---- + char *url = http->uri; + request_t *r = http->request; + ErrorState *err = NULL; ++ http->flags.hit = 0; + debug(33, 4) ("clientProcessOnlyIfCachedMiss: '%s %s'\n", + RequestMethodStr[r->method], url); + http->al.http.code = HTTP_GATEWAY_TIMEOUT; +Index: squid/src/structs.h +diff -c squid/src/structs.h:1.408.2.37 squid/src/structs.h:1.408.2.38 +*** squid/src/structs.h:1.408.2.37 Tue Feb 22 17:06:35 2005 +--- squid/src/structs.h Wed Mar 2 19:18:29 2005 +*************** +*** 1099,1104 **** +--- 1099,1105 ---- + unsigned int internal:1; + unsigned int done_copying:1; + unsigned int purging:1; ++ unsigned int hit:1; + } flags; + struct { + http_status status; diff --git a/squid-align.patch b/squid-align.patch new file mode 100644 index 0000000..4e4a6c7 --- /dev/null +++ b/squid-align.patch @@ -0,0 +1,30 @@ +--- squid-2.5.STABLE8/src/pinger.c.orig 2003-12-23 01:55:57.000000000 +0100 ++++ squid-2.5.STABLE8/src/pinger.c 2005-03-04 23:13:15.000000000 +0100 +@@ -169,7 +169,7 @@ + icmp->icmp_seq = (u_short) icmp_pkts_sent++; + echo = (icmpEchoData *) (icmp + 1); + echo->opcode = (unsigned char) opcode; +- echo->tv = current_time; ++ memcpy(&(echo->tv), ¤t_time, sizeof(struct timeval)); /* misaligned on archs with 64-bit time_t */ + icmp_pktsize += sizeof(struct timeval) + sizeof(char); + if (payload) { + if (len > MAX_PAYLOAD) +@@ -204,7 +204,7 @@ + struct iphdr *ip = NULL; + struct icmphdr *icmp = NULL; + static char *pkt = NULL; +- struct timeval now; ++ struct timeval now, pkttv; + icmpEchoData *echo; + static pingerReplyData preply; + +@@ -242,7 +242,8 @@ + preply.from = from.sin_addr; + preply.opcode = echo->opcode; + preply.hops = ipHops(ip->ip_ttl); +- preply.rtt = tvSubMsec(echo->tv, now); ++ memcpy(&pkttv, &(echo->tv), sizeof(struct timeval)); /* possibly misaligned */ ++ preply.rtt = tvSubMsec(pkttv, now); + preply.psize = n - iphdrlen - (sizeof(icmpEchoData) - MAX_PKT_SZ); + pingerSendtoSquid(&preply); + pingerLog(icmp, from.sin_addr, preply.rtt, preply.hops); diff --git a/squid-empty-referer.patch b/squid-empty-referer.patch new file mode 100644 index 0000000..a7608b4 --- /dev/null +++ b/squid-empty-referer.patch @@ -0,0 +1,20 @@ +diff -Nur squid-2.5.STABLE3.orig/src/client_side.c squid-2.5.STABLE3/src/client_side.c +--- squid-2.5.STABLE3.orig/src/client_side.c Mon Sep 8 15:44:34 2003 ++++ squid-2.5.STABLE3/src/client_side.c Mon Sep 8 17:00:06 2003 +@@ -988,11 +988,16 @@ + #if USE_USERAGENT_LOG + if ((str = httpHeaderGetStr(req_hdr, HDR_USER_AGENT))) + logUserAgent(fqdnFromAddr(http->conn->log_addr), str); ++ else ++ logUserAgent(fqdnFromAddr(http->conn->log_addr), "-"); + #endif + #if USE_REFERER_LOG + if ((str = httpHeaderGetStr(req_hdr, HDR_REFERER))) + logReferer(fqdnFromAddr(http->conn->log_addr), str, + http->log_uri); ++ else ++ logReferer(fqdnFromAddr(http->conn->log_addr), "-", ++ http->log_uri); + #endif + #if FORW_VIA_DB + if (httpHeaderHas(req_hdr, HDR_X_FORWARDED_FOR)) { diff --git a/squid-fhs.patch b/squid-fhs.patch new file mode 100644 index 0000000..5a36f86 --- /dev/null +++ b/squid-fhs.patch @@ -0,0 +1,19 @@ +diff -ur squid-2.5.STABLE7.orig/src/Makefile.am squid-2.5.STABLE7/src/Makefile.am +--- squid-2.5.STABLE7.orig/src/Makefile.am 2004-09-25 23:37:35.000000000 +0200 ++++ squid-2.5.STABLE7/src/Makefile.am 2004-10-12 11:34:16.900258376 +0200 +@@ -274,12 +274,12 @@ + DEFAULT_CONFIG_FILE = $(sysconfdir)/squid.conf + DEFAULT_MIME_TABLE = $(sysconfdir)/mime.conf + DEFAULT_DNSSERVER = $(libexecdir)/`echo dnsserver | sed '$(transform);s/$$/$(EXEEXT)/'` +-DEFAULT_LOG_PREFIX = $(localstatedir)/logs ++DEFAULT_LOG_PREFIX = $(localstatedir)/log/squid + DEFAULT_CACHE_LOG = $(DEFAULT_LOG_PREFIX)/cache.log + DEFAULT_ACCESS_LOG = $(DEFAULT_LOG_PREFIX)/access.log + DEFAULT_STORE_LOG = $(DEFAULT_LOG_PREFIX)/store.log +-DEFAULT_PID_FILE = $(DEFAULT_LOG_PREFIX)/squid.pid +-DEFAULT_SWAP_DIR = $(localstatedir)/cache ++DEFAULT_PID_FILE = /var/run/squid.pid ++DEFAULT_SWAP_DIR = $(localstatedir)/cache/squid + DEFAULT_PINGER = $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'` + DEFAULT_UNLINKD = $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'` + DEFAULT_DISKD = $(libexecdir)/`echo diskd | sed '$(transform);s/$$/$(EXEEXT)/'` diff --git a/squid-libnsl_fixes.patch b/squid-libnsl_fixes.patch new file mode 100644 index 0000000..423c51a --- /dev/null +++ b/squid-libnsl_fixes.patch @@ -0,0 +1,32 @@ +--- squid-2.4.STABLE2/configure.in~ Fri Oct 12 18:34:14 2001 ++++ squid-2.4.STABLE2/configure.in Fri Oct 12 19:17:42 2001 +@@ -16,6 +16,7 @@ + AC_CANONICAL_HOST + + CRYPTLIB='' ++NSLLIB='' + REGEXLIB='' # -lregex + LIBREGEX='' # libregex.a + +@@ -1006,8 +1007,10 @@ + fi + + dnl Check for needed libraries +-AC_CHECK_LIB(nsl, main) +-AC_CHECK_LIB(socket, main) ++AC_CHECK_FUNC(gethostbyname, [], AC_CHECK_LIB(nsl, gethostbyname)) ++AC_CHECK_LIB(nsl, yp_match, NSLLIB="-lnsl") ++AC_SUBST(NSLLIB) ++AC_SEARCH_LIBS(socket, socket) + + if test "x$ac_cv_enabled_dlmalloc" = "xyes" ; then + echo "skipping libmalloc check (--enable-dlmalloc specified)" +--- squid-2.5.STABLE7/helpers/basic_auth/YP/Makefile.am.orig 2002-08-12 03:13:45.000000000 +0200 ++++ squid-2.5.STABLE7/helpers/basic_auth/YP/Makefile.am 2004-10-23 16:34:34.132980809 +0200 +@@ -7,5 +7,5 @@ + + libexec_PROGRAMS = yp_auth + yp_auth_SOURCES = yp_auth.c nis_support.h nis_support.c +-LDADD = -L$(top_builddir)/lib -lmiscutil $(CRYPTLIB) $(XTRA_LIBS) ++LDADD = -L$(top_builddir)/lib -lmiscutil $(CRYPTLIB) $(NSLLIB) $(XTRA_LIBS) + INCLUDES = -I$(top_srcdir)/include diff --git a/squid-libntlmssp.patch b/squid-libntlmssp.patch new file mode 100644 index 0000000..fc34cc3 --- /dev/null +++ b/squid-libntlmssp.patch @@ -0,0 +1,72 @@ +--- squid-2.5.STABLE5/helpers/ntlm_auth/SMB/libntlmssp.c.orig 2001-11-30 10:50:28.000000000 +0100 ++++ squid-2.5.STABLE5/helpers/ntlm_auth/SMB/libntlmssp.c 2004-06-10 18:51:30.985180312 +0200 +@@ -161,7 +161,10 @@ + #define min(A,B) (A MAX_DOMAIN_LEN) { ++ debug("Domain string exceeds %d bytes, rejecting\n", MAX_DOMAIN_LEN); ++ ntlm_errno = NTLM_LOGON_ERROR; ++ return NULL; ++ } + memcpy(domain, tmp.str, tmp.l); +- user = domain + tmp.l; ++ user = domain + tmp.l + 1; + *user++ = '\0'; + + /* debug("fetching user name\n"); */ +@@ -226,20 +234,30 @@ + ntlm_errno = NTLM_LOGON_ERROR; + return NULL; + } ++ if (tmp.l > MAX_USERNAME_LEN) { ++ debug("Username string exceeds %d bytes, rejecting\n", MAX_USERNAME_LEN); ++ ntlm_errno = NTLM_LOGON_ERROR; ++ return NULL; ++ } + memcpy(user, tmp.str, tmp.l); + *(user + tmp.l) = '\0'; + + +- /* Authenticating against the NT response doesn't seem to work... */ ++ /* Authenticating against the NT response doesn't seem to work... */ + tmp = ntlm_fetch_string((char *) auth, auth_length, &auth->lmresponse); + if (tmp.str == NULL || tmp.l == 0) { + fprintf(stderr, "No auth at all. Returning no-auth\n"); + ntlm_errno = NTLM_LOGON_ERROR; + return NULL; + } +- ++ if (tmp.l > MAX_PASSWD_LEN) { ++ debug("Password string exceeds %d bytes, rejecting\n", MAX_PASSWD_LEN); ++ ntlm_errno = NTLM_LOGON_ERROR; ++ return NULL; ++ } ++ + memcpy(pass, tmp.str, tmp.l); +- pass[25] = '\0'; ++ pass[min(MAX_PASSWD_LEN,tmp.l)] = '\0'; + + #if 1 + debug ("Empty LM pass detection: user: '%s', ours:'%s', his: '%s'" diff --git a/squid-location.patch b/squid-location.patch new file mode 100644 index 0000000..1075bc0 --- /dev/null +++ b/squid-location.patch @@ -0,0 +1,39 @@ +diff -urN squid-2.5.STABLE4.org/QUICKSTART squid-2.5.STABLE4/QUICKSTART +--- squid-2.5.STABLE4.org/QUICKSTART 2003-10-26 14:34:44.000000000 +0100 ++++ squid-2.5.STABLE4/QUICKSTART 2003-10-26 14:35:42.000000000 +0100 +@@ -12,10 +12,9 @@ + INSTALL in the same directory), you have to configure the squid.conf + file. This is the list of the values you *need* to change, because no + sensible defaults could be defined. Do not touch the other variables +-for now. We assume you have installed Squid in the default location: +-/usr/local/squid ++for now. + +-Uncomment and edit the following lines in /usr/local/squid/etc/squid.conf: ++Uncomment and edit the following lines in /etc/squid/squid.conf: + + ============================================================================== + +@@ -26,7 +25,7 @@ + always ask permission before adding a parent cache. See also the + never_direct/always_direct directives. + +-cache_dir /usr/local/squid/var/cache 100 16 256 ++cache_dir /var/cache/squid 100 16 256 + + Add here (first number, here 100) the amount of hard disk space + (in megabytes) to devote to caching. +@@ -69,10 +68,10 @@ + After editing squid.conf to your liking, run Squid from the command + line TWICE: + +- % /usr/local/squid/sbin/squid -z +- % /usr/local/squid/sbin/squid ++ % /usr/sbin/squid -z ++ % /usr/sbin/squid + +-Check in the cache.log (/usr/local/squid/var/logs/cache.log) that ++Check in the cache.log (/var/log/squid/cache.log) that + everything is all right. + + Once Squid created all its files (it can take several minutes on some diff --git a/squid-more_FD-new.patch b/squid-more_FD-new.patch new file mode 100644 index 0000000..ea0cbdf --- /dev/null +++ b/squid-more_FD-new.patch @@ -0,0 +1,11 @@ +--- ./configure.in.org Tue Sep 2 10:17:16 2003 ++++ ./configure.in Tue Sep 2 10:23:08 2003 +@@ -1947,7 +1947,7 @@ + exit(0); + } + ], +-SQUID_MAXFD=`cat conftestval`, ++SQUID_MAXFD=8192, + SQUID_MAXFD=256, + SQUID_MAXFD=256) + AC_MSG_RESULT($SQUID_MAXFD) diff --git a/squid-nolibs.patch b/squid-nolibs.patch new file mode 100644 index 0000000..aae4abb --- /dev/null +++ b/squid-nolibs.patch @@ -0,0 +1,22 @@ +--- squid-2.5.STABLE7/configure.in.orig 2004-10-22 21:15:07.080978000 +0200 ++++ squid-2.5.STABLE7/configure.in 2004-10-22 22:07:51.424648102 +0200 +@@ -1520,15 +1520,15 @@ + + AC_CHECK_LIB(bsd, main) + AC_CHECK_LIB(regex, main, [REGEXLIB="-lregex"]) +-AC_CHECK_LIB(bind, gethostbyname) +-if test $ac_cv_lib_bind_gethostbyname = "no" ; then ++AC_CHECK_FUNC(gethostbyname,,[AC_CHECK_LIB(bind, gethostbyname)]) ++if test "$ac_cv_lib_bind_gethostbyname" != "yes" ; then + case "$host" in + i386-*-freebsd*) + echo "skipping libresolv checks for $host" + ;; + *) +- AC_CHECK_LIB(resolv, inet_aton, AC_CHECK_LIB(44bsd, inet_aton)) +- AC_CHECK_LIB(resolv, main) ++ AC_CHECK_FUNC(inet_aton, [], [AC_CHECK_LIB(resolv, inet_aton, AC_CHECK_LIB(44bsd, inet_aton))]) ++ dnl AC_CHECK_LIB(resolv, main) + ;; + esac + fi diff --git a/squid.conf.patch b/squid.conf.patch new file mode 100644 index 0000000..8ed32ac --- /dev/null +++ b/squid.conf.patch @@ -0,0 +1,39 @@ +--- squid.conf.default 2004-08-24 11:51:14.723512904 +0200 ++++ squid.conf 2004-08-24 11:51:29.986192624 +0200 +@@ -688,8 +688,12 @@ + # Note that for coss, max-size must be less than COSS_MEMBUF_SZ + # (hard coded at 1 MB). + # ++# NOTE: Remeber to initialize cache directories: ++# squid -z -F ++# + #Default: + # cache_dir ufs /var/cache/squid 100 16 256 ++cache_dir diskd /var/cache/squid 100 16 256 + + # TAG: cache_access_log + # Logs the client request activity. Contains an entry for +@@ -2025,6 +2030,8 @@ + # + #Default: + # cache_effective_user nobody ++cache_effective_user squid ++cache_effective_group squid + + # TAG: visible_hostname + # If you want to present a special hostname in error messages, etc, +@@ -2200,8 +2207,14 @@ + # in the habit of using 'squid -k rotate' instead of 'kill -USR1 + # '. + # ++# Default value for logfile_rotate is 10, but PLD uses 'logrotate', ++# which is more configurable, to perform this task. Setting this ++# value to '0' disables built-in log rotation and allows 'logrotate' ++# to do it's job. ++# + #Default: + # logfile_rotate 10 ++logfile_rotate 0 + + # TAG: append_domain + # Appends local domain name to hostnames without any dots in diff --git a/squid.init b/squid.init new file mode 100644 index 0000000..c04d1ab --- /dev/null +++ b/squid.init @@ -0,0 +1,130 @@ +#!/bin/sh +# +# squid This shell script takes care of starting and stopping +# Squid Internet Object Cache +# +# chkconfig: 345 90 25 +# +# description: Squid - Internet Object Cache. Internet object caching is \ +# a way to store requested Internet objects (i.e., data \ +# available via the HTTP, FTP, and gopher protocols) on a \ +# system closer to the requesting site than to the source. \ +# Web browsers can then use the local Squid cache as a proxy \ +# HTTP server, reducing access time as well as bandwidth \ +# consumption. +# description(es): Squid - Cache de Objetos de Internet. Cache de objetos \ +# es una manera de almacenar objetos Internet (i.e. Datos \ +# disponibles vía protocolos HTTP, FTP y gopher) en un \ +# sistema más próximo al site solicitador que el sistema \ +# original en internet. Navegadores www pueden usar el \ +# cache squid local como un servidor proxy HTTP, reduciendo \ +# tanto el tiempo de acceso así como el consumo de banda de \ +# comunicación. +# description(pt_BR): Squid - Cache de Objetos da Internet. Cache de objetos \ +# é uma maneira de armazenar objetos Internet (i.e. dados \ +# disponíveis via protocolos HTTP, FTP e gopher) em um \ +# sistema mais próximo ao site requisitante do que o sistema \ +# original na internet. Navegadores www podem usar o cache \ +# squid local como um servidor proxy HTTP, reduzindo o tempo \ +# de acesso bem como o consumo de banda de comunicação. +# +# pidfile: /var/run/squid.pid +# config: /etc/squid/squid.conf + + +# Source function library +. /etc/rc.d/init.d/functions + +# Get network config +. /etc/sysconfig/network + +# Get service config +[ -f /etc/sysconfig/squid ] && . /etc/sysconfig/squid + +# Check that networking is up. +if is_yes "${NETWORKING}"; then + if [ ! -f /var/lock/subsys/network -a "$1" != stop -a "$1" != status -a "$1" != init ]; then + msg_network_down Squid + exit 1 + fi +else + exit 0 +fi + +# Sanity check +[ -f /etc/squid/squid.conf ] || exit 0 + +RETVAL=0 +# See how we were called. +case "$1" in + start) + # Check if the service is already running? + if [ ! -f /var/lock/subsys/squid ]; then + msg_starting Squid + daemon $SERVICE_RUN_NICE_LEVEL squid $SQUID_OPTS + RETVAL=$? + [ $RETVAL -eq 0 ] && touch /var/lock/subsys/squid + else + msg_already_running Squid + fi + ;; + stop) + if [ -f /var/lock/subsys/squid ]; then + # Stop daemons. + msg_stopping Squid + if [ -f /var/run/squid.pid ]; then + PID="`cat /var/run/squid.pid`" + if [ -z "$PID" ]; then + PID=0 + fi + else + PID=0 + fi + killproc squid + RETVAL=$? + if [ ! $PID -eq 0 ]; then + show "Waiting for Squid to stop" + busy + while ps -U squid -o user | grep -q ^squid + do + sleep 1 + done + ok + fi + rm -f /var/lock/subsys/squid >/dev/null 2>&1 + else + msg_not_running Squid + fi + ;; + restart) + $0 stop + $0 start + exit $? + ;; + reload|force-reload) + if [ -f /var/lock/subsys/squid ]; then + msg_reloading Squid + busy + squid -k reconfigure + RETVAL=$? + [ $RETVAL -ne 0 ] && RETVAL=7 + [ $RETVAL -eq 0 ] && ok || fail + else + msg_not_running Squid >&2 + exit 7 + fi + ;; + status) + status squid + exit $? + ;; + init) + nls "Initializing %s" squid + squid -z + ;; + *) + msg_usage "$0 {start|stop|init|restart|reload|force-reload|status}" + exit 3 +esac + +exit $RETVAL diff --git a/squid.sysconfig b/squid.sysconfig new file mode 100644 index 0000000..9233b58 --- /dev/null +++ b/squid.sysconfig @@ -0,0 +1,12 @@ +# Squid startup configuration file + +# Try to define nice-level for running squid +SERVICE_RUN_NICE_LEVEL="+5" + +# default squid options +# -D disables initial dns checks. If you most likely will not to have an +# internet connection when you start squid, uncomment this +#SQUID_OPTS="-D" + +# maximum time (in seconds) to wait for squid to stop +SQUID_SHUTDOWN_TIMEOUT="60" diff --git a/squid_hit_miss_mark.patch b/squid_hit_miss_mark.patch new file mode 100644 index 0000000..3fcb38e --- /dev/null +++ b/squid_hit_miss_mark.patch @@ -0,0 +1,68 @@ +diff -ur squid-2.5.STABLE11.orig/src/client_side.c squid-2.5.STABLE11/src/client_side.c +--- squid-2.5.STABLE11.orig/src/client_side.c 2005-09-15 11:53:28.000000000 +0200 ++++ squid-2.5.STABLE11/src/client_side.c 2005-09-26 13:41:06.749747464 +0200 +@@ -2072,6 +2072,9 @@ + /* Avoid copying to MemBuf for non-range requests */ + /* Note, if we're here, then 'rep' is known to be NULL */ + http->out.offset += body_size; ++ { int tos=isTcpHit(http->log_type) ? 0 : 8; ++ setsockopt(fd,SOL_IP,IP_TOS,&tos,4); ++ } + comm_write(fd, buf, size, clientWriteBodyComplete, http, NULL); + /* NULL because clientWriteBodyComplete frees it */ + return; +@@ -2129,6 +2132,9 @@ + if (!http->request->range && http->request->method == METHOD_GET) + assert(check_size == size); + /* write */ ++ { int tos=isTcpHit(http->log_type) ? 0 : 8; ++ setsockopt(fd,SOL_IP,IP_TOS,&tos,4); ++ } + comm_write_mbuf(fd, mb, clientWriteComplete, http); + /* if we don't do it, who will? */ + memFree(buf, MEM_CLIENT_SOCK_BUF); +diff -ur squid-2.5.STABLE11.orig/src/defines.h squid-2.5.STABLE11/src/defines.h +--- squid-2.5.STABLE11.orig/src/defines.h 2005-03-26 03:50:52.000000000 +0100 ++++ squid-2.5.STABLE11/src/defines.h 2005-09-26 13:41:06.752747008 +0200 +@@ -41,6 +41,8 @@ + #define FALSE 0 + #endif + ++#define SQUID_TCP_RCVBUF SQUID_TCP_SO_RCVBUF ++ + #define ACL_NAME_SZ 32 + #define BROWSERNAMELEN 128 + +diff -ur squid-2.5.STABLE11.orig/src/ftp.c squid-2.5.STABLE11/src/ftp.c +--- squid-2.5.STABLE11.orig/src/ftp.c 2005-09-11 03:49:53.000000000 +0200 ++++ squid-2.5.STABLE11/src/ftp.c 2005-09-26 13:41:06.756746400 +0200 +@@ -1151,8 +1151,8 @@ + ftpState->ctrl.freefunc = memFree4K; + ftpState->ctrl.size = 4096; + ftpState->ctrl.offset = 0; +- ftpState->data.buf = xmalloc(SQUID_TCP_SO_RCVBUF); +- ftpState->data.size = SQUID_TCP_SO_RCVBUF; ++ ftpState->data.buf = xmalloc(SQUID_TCP_RCVBUF < SQUID_TCP_SO_RCVBUF ? SQUID_TCP_RCVBUF : SQUID_TCP_SO_RCVBUF); ++ ftpState->data.size = (SQUID_TCP_RCVBUF < SQUID_TCP_SO_RCVBUF ? SQUID_TCP_RCVBUF : SQUID_TCP_SO_RCVBUF); + ftpState->data.freefunc = xfree; + ftpScheduleReadControlReply(ftpState, 0); + } +diff -ur squid-2.5.STABLE11.orig/src/http.c squid-2.5.STABLE11/src/http.c +--- squid-2.5.STABLE11.orig/src/http.c 2005-09-11 03:49:54.000000000 +0200 ++++ squid-2.5.STABLE11/src/http.c 2005-09-26 13:43:12.138685448 +0200 +@@ -557,13 +557,13 @@ + httpReadReply(int fd, void *data) + { + HttpStateData *httpState = data; +- LOCAL_ARRAY(char, buf, SQUID_TCP_SO_RCVBUF); ++ LOCAL_ARRAY(char, buf, SQUID_TCP_RCVBUF < SQUID_TCP_SO_RCVBUF ? SQUID_TCP_RCVBUF : SQUID_TCP_SO_RCVBUF); + StoreEntry *entry = httpState->entry; + const request_t *request = httpState->request; + int len; + int bin; + int clen; +- size_t read_sz = SQUID_TCP_SO_RCVBUF; ++ size_t read_sz = (SQUID_TCP_RCVBUF < SQUID_TCP_SO_RCVBUF ? SQUID_TCP_RCVBUF : SQUID_TCP_SO_RCVBUF); + #if DELAY_POOLS + delay_id delay_id; + #endif -- 2.44.0