&5)
+ (eval echo "\"\$as_me:13592: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&5
- echo "$as_me:13588: \$? = $ac_status" >&5
+ echo "$as_me:13596: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
@@ -13685,11 +13693,11 @@
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:13688: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:13696: $lt_compile\"" >&5)
(eval "$lt_compile" 2>out/conftest.err)
ac_status=$?
cat out/conftest.err >&5
- echo "$as_me:13692: \$? = $ac_status" >&5
+ echo "$as_me:13700: \$? = $ac_status" >&5
if (exit $ac_status) && test -s out/conftest2.$ac_objext
then
# The compiler can only warn and ignore the option if not recognized
@@ -15268,11 +15276,11 @@
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:15271: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:15279: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&5
- echo "$as_me:15275: \$? = $ac_status" >&5
+ echo "$as_me:15283: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
@@ -15372,11 +15380,11 @@
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:15375: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:15383: $lt_compile\"" >&5)
(eval "$lt_compile" 2>out/conftest.err)
ac_status=$?
cat out/conftest.err >&5
- echo "$as_me:15379: \$? = $ac_status" >&5
+ echo "$as_me:15387: \$? = $ac_status" >&5
if (exit $ac_status) && test -s out/conftest2.$ac_objext
then
# The compiler can only warn and ignore the option if not recognized
@@ -17587,11 +17595,11 @@
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:17590: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:17598: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&5
- echo "$as_me:17594: \$? = $ac_status" >&5
+ echo "$as_me:17602: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
@@ -17877,11 +17885,11 @@
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:17880: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:17888: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&5
- echo "$as_me:17884: \$? = $ac_status" >&5
+ echo "$as_me:17892: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
@@ -17981,11 +17989,11 @@
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:17984: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:17992: $lt_compile\"" >&5)
(eval "$lt_compile" 2>out/conftest.err)
ac_status=$?
cat out/conftest.err >&5
- echo "$as_me:17988: \$? = $ac_status" >&5
+ echo "$as_me:17996: \$? = $ac_status" >&5
if (exit $ac_status) && test -s out/conftest2.$ac_objext
then
# The compiler can only warn and ignore the option if not recognized
@@ -48801,6 +48809,13 @@
fi
fi
+use_translation="yes"
+# Check whether --enable-translation was given.
+if test "${enable_translation+set}" = set; then
+ enableval=$enable_translation;
+fi
+
+if test "$use_translation" = "yes" ; then
@@ -48896,6 +48911,10 @@
+else
+ PO2HTML="off"
+fi
+
use_errlocale=yes
# Check whether --enable-auto-locale was given.
@@ -48922,10 +48941,8 @@
#define USE_ERR_LOCALES 0
_ACEOF
- PO2HTML="off"
fi
-
XTRA_OBJS=''
if test "$ac_cv_lib_malloc_main" = "yes" ; then
if test -r /usr/lib/debug/malloc.o ; then
@@ -49676,7 +49693,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by Squid Web Proxy $as_me 3.1.0.9, which was
+This file was extended by Squid Web Proxy $as_me 3.1.0.10, which was
generated by GNU Autoconf 2.62. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -49729,7 +49746,7 @@
_ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_version="\\
-Squid Web Proxy config.status 3.1.0.9
+Squid Web Proxy config.status 3.1.0.10
configured by $0, generated by GNU Autoconf 2.62,
with options \\"`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\"
diff -u -r -N squid-3.1.0.9/configure.in squid-3.1.0.10/configure.in
--- squid-3.1.0.9/configure.in 2009-06-26 22:36:16.000000000 +1200
+++ squid-3.1.0.10/configure.in 2009-07-18 16:17:06.000000000 +1200
@@ -2,7 +2,7 @@
dnl
dnl $Id$
dnl
-AC_INIT(Squid Web Proxy, 3.1.0.9, http://www.squid-cache.org/bugs/, squid)
+AC_INIT(Squid Web Proxy, 3.1.0.10, http://www.squid-cache.org/bugs/, squid)
AC_PREREQ(2.52)
AM_CONFIG_HEADER(include/autoconf.h)
AC_CONFIG_AUX_DIR(cfgaux)
@@ -2616,17 +2616,17 @@
AC_DEFINE(USE_IPV6,1,[Enable support for IPv6 ])
use_v4mapped=yes
-dnl Check for Windows XP option
+dnl Check for forced split-stack mode
AC_MSG_CHECKING([for IPv6 split-stack requirement])
AC_ARG_WITH(ipv6-split-stack,
AC_HELP_STRING([--with-ipv6-split-stack],
- [Enable experimental split-stack support for Windows XP. Requires IPv6.]),
+ [Force-Enable experimental split-stack support for Windows XP and *BSD. Requires IPv6.]),
[ use_v4mapped="no"
AC_MSG_RESULT(yes)],
[ AC_MSG_RESULT(no) ])
-dnl Check for IPv6 Windows Vista option
-dnl Also useful for other OS with hybrid-stack defaults turned OFF
+dnl Check for IPv6 v4-mapping availability
+dnl Useful for other OS with hybrid-stack defaults turned OFF
dnl But only usable if it actually works...
if test "$use_v4mapped" = "yes" ; then
AC_MSG_CHECKING([for IPv6 v4-mapping ability])
@@ -3776,8 +3776,23 @@
fi
fi
+dnl Squid will usually attempt to translate when packaging or building from VCS
+use_translation="yes"
+AC_ARG_ENABLE(translation,
+ AC_HELP_STRING([--disable-translation],
+ [Prevent Squid generating localized error page templates and manuals.
+ Which is usually tried, but may not be needed.])
+[ if test "$enableval" = "no" ; then
+ use_translation=no
+ fi
+])
dnl Squid now has .po translation capability, given the right toolkit
-AX_WITH_PROG([PO2HTML],[po2html])
+if test "$use_translation" = "yes" ; then
+ AX_WITH_PROG([PO2HTML],[po2html])
+else
+ PO2HTML="off"
+fi
+AC_SUBST(PO2HTML)
dnl Squid now has limited locale handling ...
dnl on error pages
@@ -3797,10 +3812,7 @@
else
AC_MSG_WARN([Disabling Multi-Language Support])
AC_DEFINE(USE_ERR_LOCALES,0,[Use multi-language support on error pages])
- dnl So we don't want to even attempt translation if its forcibly disabled.
- PO2HTML="off"
fi
-AC_SUBST(PO2HTML)
dnl Need the debugging version of malloc if available
XTRA_OBJS=''
diff -u -r -N squid-3.1.0.9/errors/aliases squid-3.1.0.10/errors/aliases
--- squid-3.1.0.9/errors/aliases 2009-06-26 22:35:28.000000000 +1200
+++ squid-3.1.0.10/errors/aliases 2009-07-18 16:16:11.000000000 +1200
@@ -1,2 +1,33 @@
-en en-nz en-au en-gb en-uk en-ca
+ar ar-ae ar-bh ar-dz ar-eg ar-iq ar-jo ar-kw ar-lb ar-ly ar-ma ar-om ar-qa ar-sa ar-sy ar-tn ar-ye
+az az-az
+bg bg-bg
+cs cs-cz
+da da-dk
+de de-de
+el el-gr
+en en-au en-ca en-gb en-nz en-tt en-uk
+es es-es es-pe
+et et-ee
+fi fi-fi
+fr fr-fr
+he he-il
+hu hu-hu
+hy hy-am
+id id-id
+it it-it
+ja ja-jp
+ko ko-kr
+lt lt-lt
+lv lv-lv
+ms ms-my
+nl nl-nl
+pl pl-pl
+pt pt-pt
+ro ro-ro
ru ru-ru
+sk sk-sk
+sr sr-sp
+sv sv-se
+th th-th
+tr tr-tr
+uk uk-ua
diff -u -r -N squid-3.1.0.9/errors/alias-link.sh squid-3.1.0.10/errors/alias-link.sh
--- squid-3.1.0.9/errors/alias-link.sh 2009-06-26 22:35:28.000000000 +1200
+++ squid-3.1.0.10/errors/alias-link.sh 2009-07-18 16:16:11.000000000 +1200
@@ -28,6 +28,12 @@
if test "${base}" = "#" || test "${base}" = ""; then
continue;
fi
+ # ignore destination languages that do not exist. (no dead links)
+ if ! test -x ${DIR}/${base} ; then
+ echo "WARNING: ${base} translations do not exist. Nothing to do for: ${aliases}"
+ continue;
+ fi
+
# split aliases based on whitespace and create a symlink for each
# Remove and replace any pre-existing content/link
for alia in ${aliases}; do
diff -u -r -N squid-3.1.0.9/errors/Makefile.am squid-3.1.0.10/errors/Makefile.am
--- squid-3.1.0.9/errors/Makefile.am 2009-06-26 22:35:28.000000000 +1200
+++ squid-3.1.0.10/errors/Makefile.am 2009-07-18 16:16:11.000000000 +1200
@@ -5,25 +5,34 @@
errordir = $(datadir)/errors
-
##dist-hook eveything
DEFAULT_ERROR_DIR = $(errordir)
DEFAULT_STYLESHEET = $(sysconfdir)/errorpage.css
# List of automated translations possible:
-TRANSLATIONS=`ls -1 $(top_srcdir)/errors/*.po | grep -o -E "[a-z\-]+\.po" | sed s/.po//`
+TRANSLATIONPO=`ls -1 $(top_srcdir)/errors/*.po | grep -o -E "[a-z\-]+\.po" | sed s/.po//`
+TRANSLATIONDIR=`ls -1 $(srcdir) $(builddir) | sed -e 's%$(srcdir)/%%' -e 's%$(builddir)/%%' -e 's%.po%%' `
-install-data-local:
- for l in $(TRANSLATIONS) templates; do \
+install-data-local:
+ for l in $(TRANSLATIONDIR) ; do \
+ echo "Located $$l for install..."; \
if test -d $(srcdir)/$$l; then \
$(mkinstalldirs) $(DESTDIR)$(DEFAULT_ERROR_DIR)/$$l && \
for f in $(srcdir)/$$l/ERR_*; do \
echo "$(INSTALL_DATA) $$f $(DESTDIR)$(DEFAULT_ERROR_DIR)/$$l"; \
$(INSTALL_DATA) $$f $(DESTDIR)$(DEFAULT_ERROR_DIR)/$$l; \
done; \
+ fi ; \
+ if test -d $(builddir)/$$l; then \
+ $(mkinstalldirs) $(DESTDIR)$(DEFAULT_ERROR_DIR)/$$l && \
+ for f in $(builddir)/$$l/ERR_*; do \
+ echo "$(INSTALL_DATA) $$f $(DESTDIR)$(DEFAULT_ERROR_DIR)/$$l"; \
+ $(INSTALL_DATA) $$f $(DESTDIR)$(DEFAULT_ERROR_DIR)/$$l; \
+ done; \
fi \
done; \
+ $(INSTALL_DATA) $(srcdir)/TRANSLATORS $(DESTDIR)TRANSLATORS; \
$(INSTALL_DATA) $(srcdir)/errorpage.css $(DESTDIR)$(DEFAULT_STYLESHEET).default; \
if test -f $(DESTDIR)$(DEFAULT_STYLESHEET) ; then \
echo "$@ will not overwrite existing $(DESTDIR)$(DEFAULT_STYLESHEET)" ; \
@@ -35,9 +44,17 @@
uninstall-local:
- for l in $(TRANSLATIONS); do \
- if test -d $(srcdir)/errors/$$l; then \
- for f in $(srcdir)/errors/$$l/ERR_*; do \
+ for l in $(TRANSLATIONDIR) ; do \
+ echo "Located $$l for uninstall ..."; \
+ if test -d $(srcdir)/$$l; then \
+ for f in $(srcdir)/$$l/ERR_*; do \
+ if test -f $(DESTDIR)$(DEFAULT_ERROR_DIR)/$$l/`basename $$f`; then \
+ $(RM) $(DESTDIR)$(DEFAULT_ERROR_DIR)/$$l/`basename $$f`; \
+ fi; \
+ done; \
+ fi ; \
+ if test -d $(builddir)/$$l; then \
+ for f in $(builddir)/$$l/ERR_*; do \
if test -f $(DESTDIR)$(DEFAULT_ERROR_DIR)/$$l/`basename $$f`; then \
$(RM) $(DESTDIR)$(DEFAULT_ERROR_DIR)/$$l/`basename $$f`; \
fi; \
@@ -46,6 +63,7 @@
done;
@$(SHELL) $(top_srcdir)/scripts/remove-cfg.sh "$(RM)" $(DESTDIR)$(DEFAULT_STYLESHEET)
rm -f $(DESTDIR)$(DEFAULT_STYLESHEET).default
+ rm -f $(DESTDIR)TRANSLATORS
## Upgrade requires the new files to be pre-installed
upgrade: install
@@ -77,7 +95,7 @@
fi
dist-hook: translate
- for lang in $(TRANSLATIONS); do \
+ for lang in $(TRANSLATIONPO) templates; do \
if test -d $$lang ; then \
test -d $(distdir)/$$lang \
|| mkdir $(distdir)/$$lang \
@@ -86,7 +104,7 @@
|| exit 1; \
fi; \
done; \
- for f in aliases alias-link.sh alias-upgrade errorpage.css; do \
+ for f in aliases alias-link.sh alias-upgrade errorpage.css TRANSLATORS; do \
cp -p $(srcdir)/$$f $(distdir)/`basename $$f`; \
done;
@@ -96,7 +114,7 @@
exit 0; \
fi; \
if test "$(PO2HTML)" != "" && test "$(PO2HTML)" != "no" && test "$(PO2HTML)" != "off" && test -f $(top_srcdir)/errors/en.po; then \
- for lang in $(TRANSLATIONS); do \
+ for lang in $(TRANSLATIONPO); do \
test -d $(top_builddir)/errors/$$lang && $(RM) -r $(top_builddir)/errors/$$lang; \
mkdir $(top_builddir)/errors/$$lang || exit 1; \
echo -n "Translate '$$lang' ..."; \
diff -u -r -N squid-3.1.0.9/errors/Makefile.in squid-3.1.0.10/errors/Makefile.in
--- squid-3.1.0.9/errors/Makefile.in 2009-06-26 22:35:52.000000000 +1200
+++ squid-3.1.0.10/errors/Makefile.in 2009-07-18 16:16:41.000000000 +1200
@@ -226,7 +226,8 @@
DEFAULT_STYLESHEET = $(sysconfdir)/errorpage.css
# List of automated translations possible:
-TRANSLATIONS = `ls -1 $(top_srcdir)/errors/*.po | grep -o -E "[a-z\-]+\.po" | sed s/.po//`
+TRANSLATIONPO = `ls -1 $(top_srcdir)/errors/*.po | grep -o -E "[a-z\-]+\.po" | sed s/.po//`
+TRANSLATIONDIR = `ls -1 $(srcdir) $(builddir) | sed -e 's%$(srcdir)/%%' -e 's%$(builddir)/%%' -e 's%.po%%' `
all: all-am
.SUFFIXES:
@@ -398,16 +399,25 @@
ps ps-am uninstall uninstall-am uninstall-local
-install-data-local:
- for l in $(TRANSLATIONS) templates; do \
+install-data-local:
+ for l in $(TRANSLATIONDIR) ; do \
+ echo "Located $$l for install..."; \
if test -d $(srcdir)/$$l; then \
$(mkinstalldirs) $(DESTDIR)$(DEFAULT_ERROR_DIR)/$$l && \
for f in $(srcdir)/$$l/ERR_*; do \
echo "$(INSTALL_DATA) $$f $(DESTDIR)$(DEFAULT_ERROR_DIR)/$$l"; \
$(INSTALL_DATA) $$f $(DESTDIR)$(DEFAULT_ERROR_DIR)/$$l; \
done; \
+ fi ; \
+ if test -d $(builddir)/$$l; then \
+ $(mkinstalldirs) $(DESTDIR)$(DEFAULT_ERROR_DIR)/$$l && \
+ for f in $(builddir)/$$l/ERR_*; do \
+ echo "$(INSTALL_DATA) $$f $(DESTDIR)$(DEFAULT_ERROR_DIR)/$$l"; \
+ $(INSTALL_DATA) $$f $(DESTDIR)$(DEFAULT_ERROR_DIR)/$$l; \
+ done; \
fi \
done; \
+ $(INSTALL_DATA) $(srcdir)/TRANSLATORS $(DESTDIR)TRANSLATORS; \
$(INSTALL_DATA) $(srcdir)/errorpage.css $(DESTDIR)$(DEFAULT_STYLESHEET).default; \
if test -f $(DESTDIR)$(DEFAULT_STYLESHEET) ; then \
echo "$@ will not overwrite existing $(DESTDIR)$(DEFAULT_STYLESHEET)" ; \
@@ -418,9 +428,17 @@
$(SHELL) $(srcdir)/alias-link.sh "$(LN)" "$(RM)" "$(DESTDIR)$(DEFAULT_ERROR_DIR)" "$(srcdir)/aliases" || exit 1 ;
uninstall-local:
- for l in $(TRANSLATIONS); do \
- if test -d $(srcdir)/errors/$$l; then \
- for f in $(srcdir)/errors/$$l/ERR_*; do \
+ for l in $(TRANSLATIONDIR) ; do \
+ echo "Located $$l for uninstall ..."; \
+ if test -d $(srcdir)/$$l; then \
+ for f in $(srcdir)/$$l/ERR_*; do \
+ if test -f $(DESTDIR)$(DEFAULT_ERROR_DIR)/$$l/`basename $$f`; then \
+ $(RM) $(DESTDIR)$(DEFAULT_ERROR_DIR)/$$l/`basename $$f`; \
+ fi; \
+ done; \
+ fi ; \
+ if test -d $(builddir)/$$l; then \
+ for f in $(builddir)/$$l/ERR_*; do \
if test -f $(DESTDIR)$(DEFAULT_ERROR_DIR)/$$l/`basename $$f`; then \
$(RM) $(DESTDIR)$(DEFAULT_ERROR_DIR)/$$l/`basename $$f`; \
fi; \
@@ -429,6 +447,7 @@
done;
@$(SHELL) $(top_srcdir)/scripts/remove-cfg.sh "$(RM)" $(DESTDIR)$(DEFAULT_STYLESHEET)
rm -f $(DESTDIR)$(DEFAULT_STYLESHEET).default
+ rm -f $(DESTDIR)TRANSLATORS
upgrade: install
$(SHELL) $(srcdir)/alias-link.sh "$(LN)" "$(RM)" "$(DESTDIR)$(DEFAULT_ERROR_DIR)" "$(srcdir)/alias-upgrade" || exit 1 ;
@@ -459,7 +478,7 @@
fi
dist-hook: translate
- for lang in $(TRANSLATIONS); do \
+ for lang in $(TRANSLATIONPO) templates; do \
if test -d $$lang ; then \
test -d $(distdir)/$$lang \
|| mkdir $(distdir)/$$lang \
@@ -468,7 +487,7 @@
|| exit 1; \
fi; \
done; \
- for f in aliases alias-link.sh alias-upgrade errorpage.css; do \
+ for f in aliases alias-link.sh alias-upgrade errorpage.css TRANSLATORS; do \
cp -p $(srcdir)/$$f $(distdir)/`basename $$f`; \
done;
@@ -478,7 +497,7 @@
exit 0; \
fi; \
if test "$(PO2HTML)" != "" && test "$(PO2HTML)" != "no" && test "$(PO2HTML)" != "off" && test -f $(top_srcdir)/errors/en.po; then \
- for lang in $(TRANSLATIONS); do \
+ for lang in $(TRANSLATIONPO); do \
test -d $(top_builddir)/errors/$$lang && $(RM) -r $(top_builddir)/errors/$$lang; \
mkdir $(top_builddir)/errors/$$lang || exit 1; \
echo -n "Translate '$$lang' ..."; \
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_ACCESS_DENIED squid-3.1.0.10/errors/templates/ERR_ACCESS_DENIED
--- squid-3.1.0.9/errors/templates/ERR_ACCESS_DENIED 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_ACCESS_DENIED 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,37 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
The following error was encountered while trying to retrieve the URL: %U
+
+
+Access Denied.
+
+
+
Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.
+
+
Your cache administrator is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_CACHE_ACCESS_DENIED squid-3.1.0.10/errors/templates/ERR_CACHE_ACCESS_DENIED
--- squid-3.1.0.9/errors/templates/ERR_CACHE_ACCESS_DENIED 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_CACHE_ACCESS_DENIED 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,39 @@
+
+
+
+ERROR: Cache Access Denied
+
+
+
+
+
ERROR
+Cache Access Denied.
+
+
+
+
+
The following error was encountered while trying to retrieve the URL: %U
+
+
+Cache Access Denied.
+
+
+
Sorry, you are not currently allowed to request %U from this cache until you have authenticated yourself.
+
+
Please contact the cache administrator if you have difficulties authenticating yourself or change your default password.
+
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_CACHE_MGR_ACCESS_DENIED squid-3.1.0.10/errors/templates/ERR_CACHE_MGR_ACCESS_DENIED
--- squid-3.1.0.9/errors/templates/ERR_CACHE_MGR_ACCESS_DENIED 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_CACHE_MGR_ACCESS_DENIED 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,38 @@
+
+
+
+ERROR: Cache Manager Access Denied
+
+
+
+
ERROR
+Cache Manager Access Denied.
+
+
+
+
+
The following error was encountered while trying to retrieve the URL: %U
+
+
+Cache Manager Access Denied.
+
+
+
Sorry, you are not currently allowed to request %U from this cache manager until you have authenticated yourself.
+
+
Please contact the cache administrator if you have difficulties authenticating yourself or, if you are the administrator, read Squid documentation on cache manager interface and check cache log for more detailed error messages.
+
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_CANNOT_FORWARD squid-3.1.0.10/errors/templates/ERR_CANNOT_FORWARD
--- squid-3.1.0.9/errors/templates/ERR_CANNOT_FORWARD 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_CANNOT_FORWARD 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,39 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
The following error was encountered while trying to retrieve the URL: %U
+
+
+Unable to forward this request at this time.
+
+
+
This request could not be forwarded to the origin server or to any parent caches. The most likely cause for this error is that the cache administrator does not allow this cache to make direct connections to origin servers, and all configured parent caches are currently unreachable.
+
+
Your cache administrator is %w.
+
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_CONNECT_FAIL squid-3.1.0.10/errors/templates/ERR_CONNECT_FAIL
--- squid-3.1.0.9/errors/templates/ERR_CONNECT_FAIL 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_CONNECT_FAIL 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,40 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
The following error was encountered while trying to retrieve the URL: %U
+
+
+Connection to %I failed.
+
+
+
The system returned: %E
+
+
The remote host or network may be down. Please try the request again.
+
+
Your cache administrator is %w.
+
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_DNS_FAIL squid-3.1.0.10/errors/templates/ERR_DNS_FAIL
--- squid-3.1.0.9/errors/templates/ERR_DNS_FAIL 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_DNS_FAIL 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,42 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
The following error was encountered while trying to retrieve the URL: %U
+
+
+Unable to determine IP address from host name %H
+
+
+
The DNS server returned:
+
+%z
+
+
+
This means that the cache was not able to resolve the hostname presented in the URL. Check if the address is correct.
+
+
Your cache administrator is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_ESI squid-3.1.0.10/errors/templates/ERR_ESI
--- squid-3.1.0.9/errors/templates/ERR_ESI 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_ESI 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,42 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
The following error was encountered while trying to retrieve the URL: %U
+
+
+ESI Processing failed.
+
+
+
The ESI processor returned:
+
+%Z
+
+
+
This means that the surrogate was not able to process the ESI template. Please report this error to the webmaster.
+
+
Your webmaster is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_FORWARDING_DENIED squid-3.1.0.10/errors/templates/ERR_FORWARDING_DENIED
--- squid-3.1.0.9/errors/templates/ERR_FORWARDING_DENIED 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_FORWARDING_DENIED 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,38 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
The following error was encountered while trying to retrieve the URL: %U
+
+
+Forwarding Denied.
+
+
+
This cache will not forward your request because it is trying to enforce a sibling relationship. Perhaps the client at %i is a cache which has been misconfigured.
+
+
Your cache administrator is %w.
+
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_FTP_DISABLED squid-3.1.0.10/errors/templates/ERR_FTP_DISABLED
--- squid-3.1.0.9/errors/templates/ERR_FTP_DISABLED 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_FTP_DISABLED 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,38 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
The following error was encountered while trying to retrieve the URL: %U
+
+
+FTP is Disabled
+
+
+
This cache does not support FTP.
+
+
Your cache administrator is %w.
+
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_FTP_FAILURE squid-3.1.0.10/errors/templates/ERR_FTP_FAILURE
--- squid-3.1.0.9/errors/templates/ERR_FTP_FAILURE 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_FTP_FAILURE 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,42 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
An FTP protocol error occurred while trying to retrieve the URL: %U
+
+
Squid sent the following FTP command:
+
+%f
+
+
+
The server responded with:
+
+%F
+%g
+
+
+
Your cache administrator is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_FTP_FORBIDDEN squid-3.1.0.10/errors/templates/ERR_FTP_FORBIDDEN
--- squid-3.1.0.9/errors/templates/ERR_FTP_FORBIDDEN 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_FTP_FORBIDDEN 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,42 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
An FTP authentication failure occurred while trying to retrieve the URL: %U
+
+
Squid sent the following FTP command:
+
+%f
+
+
+
The server responded with:
+
+%F
+%g
+
+
+
Your cache administrator is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_FTP_LISTING squid-3.1.0.10/errors/templates/ERR_FTP_LISTING
--- squid-3.1.0.9/errors/templates/ERR_FTP_LISTING 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_FTP_LISTING 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,41 @@
+
+
+
+FTP Directory: %U
+
+
+
+
+
+
+
Directory Content:
+
+
+%z
+
+
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_FTP_NOT_FOUND squid-3.1.0.10/errors/templates/ERR_FTP_NOT_FOUND
--- squid-3.1.0.9/errors/templates/ERR_FTP_NOT_FOUND 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_FTP_NOT_FOUND 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,44 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
The following URL could not be retrieved: %U
+
+
Squid sent the following FTP command:
+
+%f
+
+
+
The server responded with:
+
+%F
+%g
+
+
+
This might be caused by an FTP URL with an absolute path (which does not comply with RFC 1738). If this is the cause, then the file can be found at %B.
+
+
Your cache administrator is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_FTP_PUT_CREATED squid-3.1.0.10/errors/templates/ERR_FTP_PUT_CREATED
--- squid-3.1.0.9/errors/templates/ERR_FTP_PUT_CREATED 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_FTP_PUT_CREATED 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,26 @@
+
+
+
+FTP PUT Successful: File Created
+
+
+
+
Operation successful
+File created
+
+
+
+
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_FTP_PUT_ERROR squid-3.1.0.10/errors/templates/ERR_FTP_PUT_ERROR
--- squid-3.1.0.9/errors/templates/ERR_FTP_PUT_ERROR 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_FTP_PUT_ERROR 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,43 @@
+
+
+
+ERROR: FTP upload failed
+
+
+
+
ERROR
+FTP PUT/upload failed
+
+
+
+
+
While trying to PUT the following URL: %U
+
+
Squid sent the following FTP command:
+
+%f
+
+
+
The server responded with:
+
+%F
+
+
+
This means that the FTP server may not have permission or space to store the file. Check the path, permissions, diskspace and try again.
+
+
Your cache administrator is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_FTP_PUT_MODIFIED squid-3.1.0.10/errors/templates/ERR_FTP_PUT_MODIFIED
--- squid-3.1.0.9/errors/templates/ERR_FTP_PUT_MODIFIED 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_FTP_PUT_MODIFIED 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,26 @@
+
+
+
+FTP PUT Successful: File Updated
+
+
+
+
Operation successful
+File updated
+
+
+
+
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_FTP_UNAVAILABLE squid-3.1.0.10/errors/templates/ERR_FTP_UNAVAILABLE
--- squid-3.1.0.9/errors/templates/ERR_FTP_UNAVAILABLE 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_FTP_UNAVAILABLE 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,43 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
The FTP server was too busy to retrieve the URL: %U
+
+
Squid sent the following FTP command:
+
+
+%f
+
+
+
The server responded with:
+
+%F
+%g
+
+
+
Your cache administrator is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_ICAP_FAILURE squid-3.1.0.10/errors/templates/ERR_ICAP_FAILURE
--- squid-3.1.0.9/errors/templates/ERR_ICAP_FAILURE 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_ICAP_FAILURE 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,44 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
The following error was encountered while trying to retrieve the URL: %U
+
+
+ICAP protocol error.
+
+
+
The system returned: %E
+
+
This means that some aspect of the ICAP communication failed.
+
+
Some possible problems are:
+
+
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_INVALID_REQ squid-3.1.0.10/errors/templates/ERR_INVALID_REQ
--- squid-3.1.0.9/errors/templates/ERR_INVALID_REQ 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_INVALID_REQ 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,45 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
Invalid Request error was encountered while trying to process the request:
+
+
+%R
+
+
+
Some possible problems are:
+
+Missing or unknown request method.
Missing URL.
Missing HTTP Identifier (HTTP/1.0).
Request is too large.
Content-Length missing for POST or PUT requests.
Illegal character in hostname; underscores are not allowed.
+
+
Your cache administrator is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_INVALID_RESP squid-3.1.0.10/errors/templates/ERR_INVALID_RESP
--- squid-3.1.0.9/errors/templates/ERR_INVALID_RESP 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_INVALID_RESP 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,39 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
Invalid Response error was encountered while trying to process the request:
+
+
+%R
+
+
+
The HTTP Response message received from the contacted server could not be understood or was otherwise malformed. Please contact the site operator.
+
+
Your cache administrator may be able to provide you with more details about the exact nature of the problem if needed.
+
+
Your cache administrator is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_INVALID_URL squid-3.1.0.10/errors/templates/ERR_INVALID_URL
--- squid-3.1.0.9/errors/templates/ERR_INVALID_URL 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_INVALID_URL 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,45 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
The following error was encountered while trying to retrieve the URL: %U
+
+
+Invalid URL
+
+
+
Some aspect of the requested URL is incorrect.
+
+
Some possible problems are:
+
+Missing or incorrect access protocol (should be http://
or similar)
Missing hostname
Illegal double-escape in the URL-Path
Illegal character in hostname; underscores are not allowed.
+
+
Your cache administrator is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_LIFETIME_EXP squid-3.1.0.10/errors/templates/ERR_LIFETIME_EXP
--- squid-3.1.0.9/errors/templates/ERR_LIFETIME_EXP 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_LIFETIME_EXP 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,37 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
The following error was encountered while trying to retrieve the URL: %U
+
+
+Connection Lifetime Expired
+
+
+
Squid has terminated the request because it has exceeded the maximum connection lifetime.
+
+
Your cache administrator is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_NO_RELAY squid-3.1.0.10/errors/templates/ERR_NO_RELAY
--- squid-3.1.0.9/errors/templates/ERR_NO_RELAY 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_NO_RELAY 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,37 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
The following error was encountered while trying to retrieve the URL: %U
+
+
+No Wais Relay
+
+
+
There is no WAIS Relay host defined for this Cache! Yell at the administrator.
+
+
Your cache administrator is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_ONLY_IF_CACHED_MISS squid-3.1.0.10/errors/templates/ERR_ONLY_IF_CACHED_MISS
--- squid-3.1.0.9/errors/templates/ERR_ONLY_IF_CACHED_MISS 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_ONLY_IF_CACHED_MISS 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,37 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
The following error was encountered while trying to retrieve the URL: %U
+
+
+Valid document was not found in the cache and only-if-cached
directive was specified.
+
+
+
You have issued a request with a only-if-cached
cache control directive. The document was not found in the cache, or it required revalidation prohibited by the only-if-cached
directive.
+
+
Your cache administrator is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_READ_ERROR squid-3.1.0.10/errors/templates/ERR_READ_ERROR
--- squid-3.1.0.9/errors/templates/ERR_READ_ERROR 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_READ_ERROR 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,39 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
The following error was encountered while trying to retrieve the URL: %U
+
+
+Read Error
+
+
+
The system returned: %E
+
+
An error condition occurred while reading data from the network. Please retry your request.
+
+
Your cache administrator is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_READ_TIMEOUT squid-3.1.0.10/errors/templates/ERR_READ_TIMEOUT
--- squid-3.1.0.9/errors/templates/ERR_READ_TIMEOUT 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_READ_TIMEOUT 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,39 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
The following error was encountered while trying to retrieve the URL: %U
+
+
+Read Timeout
+
+
+
The system returned: %E
+
+
A Timeout occurred while waiting to read data from the network. The network or server may be down or congested. Please retry your request.
+
+
Your cache administrator is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_SECURE_CONNECT_FAIL squid-3.1.0.10/errors/templates/ERR_SECURE_CONNECT_FAIL
--- squid-3.1.0.9/errors/templates/ERR_SECURE_CONNECT_FAIL 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_SECURE_CONNECT_FAIL 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,39 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
The following error was encountered while trying to retrieve the URL: %U
+
+
+Failed to establish a secure connection to %I
+
+
+
The system returned: %E
+
+
This proxy and the remote host failed to negotiate a mutually acceptable security settings for handling your request. It is possible that the remote host does not support secure connections, or the proxy is not satisfied with the host security credentials.
+
+
Your cache administrator is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_SHUTTING_DOWN squid-3.1.0.10/errors/templates/ERR_SHUTTING_DOWN
--- squid-3.1.0.9/errors/templates/ERR_SHUTTING_DOWN 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_SHUTTING_DOWN 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,33 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
The following error was encountered while trying to retrieve the URL: %U
+
+
This cache is in the process of shutting down and can not service your request at this time. Please retry your request again soon.
+
+
Your cache administrator is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_SOCKET_FAILURE squid-3.1.0.10/errors/templates/ERR_SOCKET_FAILURE
--- squid-3.1.0.9/errors/templates/ERR_SOCKET_FAILURE 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_SOCKET_FAILURE 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,39 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
The following error was encountered while trying to retrieve the URL: %U
+
+
+Socket Failure
+
+
+
The system returned: %E
+
+
Squid is unable to create a TCP socket, presumably due to excessive load. Please retry your request.
+
+
Your cache administrator is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_TOO_BIG squid-3.1.0.10/errors/templates/ERR_TOO_BIG
--- squid-3.1.0.9/errors/templates/ERR_TOO_BIG 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_TOO_BIG 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,39 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
The following error was encountered while trying to retrieve the URL: %U
+
+
+The request or reply is too large.
+
+
+
If you are making a POST or PUT request, then the item you are trying to upload is too large.
+
If you are making a GET request, then the item you are trying to download is too large.
+
These limits have been established by the Internet Service Provider who operates this cache. Please contact them directly if you feel this is an error.
+
+
Your cache administrator is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_UNSUP_HTTPVERSION squid-3.1.0.10/errors/templates/ERR_UNSUP_HTTPVERSION
--- squid-3.1.0.9/errors/templates/ERR_UNSUP_HTTPVERSION 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_UNSUP_HTTPVERSION 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,37 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+Unsupported HTTP version
+
+
+
+
+
The following error was encountered while trying to retrieve the URL: %U
+
+
+Unsupported HTTP version
+
+
+
This Squid does not accept the HTTP version you are attempting to use.
+
+
Your cache administrator is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_UNSUP_REQ squid-3.1.0.10/errors/templates/ERR_UNSUP_REQ
--- squid-3.1.0.9/errors/templates/ERR_UNSUP_REQ 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_UNSUP_REQ 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,37 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
The following error was encountered while trying to retrieve the URL: %U
+
+
+Unsupported Request Method and Protocol
+
+
+
Squid does not support all request methods for all access protocols. For example, you can not POST a Gopher request.
+
+
Your cache administrator is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_URN_RESOLVE squid-3.1.0.10/errors/templates/ERR_URN_RESOLVE
--- squid-3.1.0.9/errors/templates/ERR_URN_RESOLVE 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_URN_RESOLVE 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,37 @@
+
+
+
+ERROR: The requested URN not be retrieved
+
+
+
+
ERROR
+A URL for the requested URN could not be retrieved
+
+
+
+
+
The following error was encountered while trying to retrieve the URN: %U
+
+
+Cannot Resolve URN
+
+
+
Hey, don't expect too much from URNs on %T :)
+
+
Your cache administrator is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_WRITE_ERROR squid-3.1.0.10/errors/templates/ERR_WRITE_ERROR
--- squid-3.1.0.9/errors/templates/ERR_WRITE_ERROR 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_WRITE_ERROR 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,39 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
The following error was encountered while trying to retrieve the URL: %U
+
+
+Write Error
+
+
+
The system returned: %E
+
+
An error condition occurred while writing to the network. Please retry your request.
+
+
Your cache administrator is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/templates/ERR_ZERO_SIZE_OBJECT squid-3.1.0.10/errors/templates/ERR_ZERO_SIZE_OBJECT
--- squid-3.1.0.9/errors/templates/ERR_ZERO_SIZE_OBJECT 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/templates/ERR_ZERO_SIZE_OBJECT 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,37 @@
+
+
+
+ERROR: The requested URL could not be retrieved
+
+
+
+
ERROR
+The requested URL could not be retrieved
+
+
+
+
+
The following error was encountered while trying to retrieve the URL: %U
+
+
+Zero Sized Reply
+
+
+
Squid did not receive any data for this request.
+
+
Your cache administrator is %w.
+
+
+
+
diff -u -r -N squid-3.1.0.9/errors/TRANSLATORS squid-3.1.0.10/errors/TRANSLATORS
--- squid-3.1.0.9/errors/TRANSLATORS 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/errors/TRANSLATORS 2009-07-18 16:16:11.000000000 +1200
@@ -0,0 +1,93 @@
+Special thanks go to people who have volunteered their time, effort,
+and ideas to make Squid available as multi-langual software.
+
+ Adi Sudana
+ Aecio F. Neto
+ Alexandre Correa
+ Amos Jeffries
+ Bratislav Ilic
+ Christian Schmidt
+ Constantin Rack
+ Evgeni Gechev
+ Francesco Chemolli
+ Henrik Nordström
+ John 'Profic' Ustiuzhanin
+ Leandro Cesar Nardini Frasson
+ liuyongbing
+ Martin Perner
+ Mohsen Saeedi
+ M. Rodrigo Montiero
+ Olivier Wahrenberger
+ Ramdhani Fathurrohman
+ Rene Wijninga
+ Robert Forster
+ Takahiro Kambe
+
+via Rosetta Translation Project and Canonical Ltd.
+
+ Akmal Xushvaqov
+ Anon Sricharoenchai
+ Arnis Rukis
+ Brie A. Gordon
+ Daniel Nylander
+ d.s.div
+ Félix Gómez
+ FrenzY
+ Hasbinur
+ Iker Sagasti Markina
+ juancarlospaco
+ karlag
+ MaXer
+ Maxim S.
+ Mohamad Faizul bin Zulkifli
+ Ricardo Ichizo
+ smsoft
+ Tobias
+ zhuravlik
+
+Thanks also to all the original translators for their great
+work on the old squid translations.
+
+Armenian Arthur Tumanyan
+Azerbaijani Rauf Kuliyev
+Bulgarian Evgeny Gechev
+Bulgarian Svetlin Simeonov
+Catalan Jordi Bruguera
+Czech Jakub Nantl
+Czech Radek Malcic
+Danish Morten S. Nielsen
+Dutch Mark Visser
+Dutch Remco van Mook
+Dutch Bart Koelman
+Estonian Toomas Soome
+Finnish Panu H_llfors
+French Frank DENIS -Jedi/Sector One-
+German Bernd P. Ziller
+German Jens Frank
+German Anke S.
+Greek George Papamichelakis
+Hebrew "yoav"
+Hungarian Bertold Kolics
+Italian Alessio Bragadini
+Italian Marco Mesturino
+Japanese Makoto MATSUSHITA
+Korean Jaeyeon Jung
+Lithuanian "DVM"
+Polish Maciej Kozinski
+Portugese Pedro Lineu Orso
+Romanian Iusty Pop Daniel
+Russian Ilia Zadorozhko
+Russian Andrew L. Davydov
+Serbian Zoran Verovski
+Serbian Dragutin Cirkovic
+Simplify Chinese Wang DaQing
+Slovak Peter Hanecak
+Spanish Javier Puche
+Spanish Roberto Lumbreras
+Spanish Juan Nicolas Ruiz N.
+Spanish Sergio Rua
+Swedish Stefan M_nsby
+Traditional Chinese Erick C. Chang
+Turkish Tural KAPTAN
+Ukrainian
+Ukrainian Vitaliy Matytsyn
diff -u -r -N squid-3.1.0.9/helpers/external_acl/wbinfo_group/wbinfo_group.pl squid-3.1.0.10/helpers/external_acl/wbinfo_group/wbinfo_group.pl
--- squid-3.1.0.9/helpers/external_acl/wbinfo_group/wbinfo_group.pl 2009-06-26 22:35:31.000000000 +1200
+++ squid-3.1.0.10/helpers/external_acl/wbinfo_group/wbinfo_group.pl 2009-07-18 16:16:12.000000000 +1200
@@ -50,6 +50,8 @@
$groupGID = `wbinfo -Y "$groupSID"`;
chop $groupGID;
&debug( "User: -$user-\nGroup: -$group-\nSID: -$groupSID-\nGID: -$groupGID-");
+ return 'ERR' if($groupGID eq ""); # Verify if groupGID variable is empty.
+ return 'ERR' if(`wbinfo -r \Q$user\E` eq ""); # Verify if "wbinfo -r" command returns no value.
return 'OK' if(`wbinfo -r \Q$user\E` =~ /^$groupGID$/m);
return 'ERR';
}
diff -u -r -N squid-3.1.0.9/helpers/negotiate_auth/squid_kerb_auth/squid_kerb_auth.c squid-3.1.0.10/helpers/negotiate_auth/squid_kerb_auth/squid_kerb_auth.c
--- squid-3.1.0.9/helpers/negotiate_auth/squid_kerb_auth/squid_kerb_auth.c 2009-06-26 22:35:31.000000000 +1200
+++ squid-3.1.0.10/helpers/negotiate_auth/squid_kerb_auth/squid_kerb_auth.c 2009-07-18 16:16:12.000000000 +1200
@@ -208,6 +208,7 @@
{
char buf[MAX_AUTHTOKEN_LEN];
char *c;
+ char *user=NULL;
int length=0;
static int err=0;
int opt, debug=0, log=0;
@@ -508,11 +509,20 @@
if (check_gss_err(major_status,minor_status,"gss_display_name()",debug,log) )
goto cleanup;
- fprintf(stdout, "AF %s %s\n",token,(char *)output_token.value);
+ user=xmalloc(output_token.length+1);
+ if (user == NULL) {
+ if (debug)
+ fprintf(stderr, "%s| %s: Not enough memory\n", LogTime(), PROGRAM);
+ fprintf(stdout, "BH Not enough memory\n");
+ goto cleanup;
+ }
+ memcpy(user,output_token.value,output_token.length);
+ user[output_token.length]='\0';
+ fprintf(stdout, "AF %s %s\n",token,user);
if (debug)
- fprintf(stderr, "%s| %s: AF %s %s\n", LogTime(), PROGRAM, token,(char *)output_token.value);
+ fprintf(stderr, "%s| %s: AF %s %s\n", LogTime(), PROGRAM, token,user);
if (log)
- fprintf(stderr, "%s| %s: User %s authenticated\n", LogTime(), PROGRAM, (char *)output_token.value);
+ fprintf(stderr, "%s| %s: User %s authenticated\n", LogTime(), PROGRAM, user);
goto cleanup;
} else {
if (check_gss_err(major_status,minor_status,"gss_accept_sec_context()",debug,log) )
@@ -532,11 +542,20 @@
/*
* Return dummy token AA. May need an extra return tag then AF
*/
- fprintf(stdout, "AF %s %s\n","AA==",(char *)output_token.value);
+ user=xmalloc(output_token.length+1);
+ if (user == NULL) {
+ if (debug)
+ fprintf(stderr, "%s| %s: Not enough memory\n", LogTime(), PROGRAM);
+ fprintf(stdout, "BH Not enough memory\n");
+ goto cleanup;
+ }
+ memcpy(user,output_token.value,output_token.length);
+ user[output_token.length]='\0';
+ fprintf(stdout, "AF %s %s\n","AA==",user);
if (debug)
- fprintf(stderr, "%s| %s: AF %s %s\n", LogTime(), PROGRAM, "AA==", (char *)output_token.value);
+ fprintf(stderr, "%s| %s: AF %s %s\n", LogTime(), PROGRAM, "AA==", user);
if (log)
- fprintf(stderr, "%s| %s: User %s authenticated\n", LogTime(), PROGRAM, (char *)output_token.value);
+ fprintf(stderr, "%s| %s: User %s authenticated\n", LogTime(), PROGRAM, user);
cleanup:
gss_release_buffer(&minor_status, &input_token);
@@ -562,6 +581,10 @@
xfree(token);
token=NULL;
}
+ if (user) {
+ xfree(user);
+ user=NULL;
+ }
continue;
}
}
diff -u -r -N squid-3.1.0.9/helpers/ntlm_auth/smb_lm/smbval/rfcnb-priv.h squid-3.1.0.10/helpers/ntlm_auth/smb_lm/smbval/rfcnb-priv.h
--- squid-3.1.0.9/helpers/ntlm_auth/smb_lm/smbval/rfcnb-priv.h 2009-06-26 22:35:31.000000000 +1200
+++ squid-3.1.0.10/helpers/ntlm_auth/smb_lm/smbval/rfcnb-priv.h 2009-07-18 16:16:12.000000000 +1200
@@ -28,8 +28,6 @@
/* Defines we need */
-typedef unsigned short uint16;
-
#define GLOBAL extern
#include "rfcnb-error.h"
diff -u -r -N squid-3.1.0.9/helpers/ntlm_auth/smb_lm/smbval/rfcnb-util.c squid-3.1.0.10/helpers/ntlm_auth/smb_lm/smbval/rfcnb-util.c
--- squid-3.1.0.9/helpers/ntlm_auth/smb_lm/smbval/rfcnb-util.c 2009-06-26 22:35:31.000000000 +1200
+++ squid-3.1.0.10/helpers/ntlm_auth/smb_lm/smbval/rfcnb-util.c 2009-07-18 16:16:12.000000000 +1200
@@ -32,6 +32,13 @@
#include "rfcnb-io.h"
#include
+#ifndef uint16
+#ifdef u_int16_t
+typedef u_int16_t uint16;
+#else
+typedef unsigned short uint16;
+#endif
+#endif
extern void (*Prot_Print_Routine) (); /* Pointer to protocol print routine */
diff -u -r -N squid-3.1.0.9/include/version.h squid-3.1.0.10/include/version.h
--- squid-3.1.0.9/include/version.h 2009-06-26 22:36:16.000000000 +1200
+++ squid-3.1.0.10/include/version.h 2009-07-18 16:17:06.000000000 +1200
@@ -9,7 +9,7 @@
*/
#ifndef SQUID_RELEASE_TIME
-#define SQUID_RELEASE_TIME 1246012526
+#define SQUID_RELEASE_TIME 1247890568
#endif
#ifndef APP_SHORTNAME
diff -u -r -N squid-3.1.0.9/Makefile.am squid-3.1.0.10/Makefile.am
--- squid-3.1.0.9/Makefile.am 2009-06-26 22:35:27.000000000 +1200
+++ squid-3.1.0.10/Makefile.am 2009-07-18 16:16:09.000000000 +1200
@@ -40,6 +40,3 @@
install-pinger:
chown root $(DESTDIR)$(DEFAULT_PINGER)
chmod 4711 $(DESTDIR)$(DEFAULT_PINGER)
-
-all-am:
- @echo "Build Successful."
diff -u -r -N squid-3.1.0.9/Makefile.in squid-3.1.0.10/Makefile.in
--- squid-3.1.0.9/Makefile.in 2009-06-26 22:36:00.000000000 +1200
+++ squid-3.1.0.10/Makefile.in 2009-07-18 16:16:50.000000000 +1200
@@ -736,9 +736,6 @@
install-pinger:
chown root $(DESTDIR)$(DEFAULT_PINGER)
chmod 4711 $(DESTDIR)$(DEFAULT_PINGER)
-
-all-am:
- @echo "Build Successful."
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:
diff -u -r -N squid-3.1.0.9/src/acl/Gadgets.cc squid-3.1.0.10/src/acl/Gadgets.cc
--- squid-3.1.0.9/src/acl/Gadgets.cc 2009-06-26 22:35:36.000000000 +1200
+++ squid-3.1.0.10/src/acl/Gadgets.cc 2009-07-18 16:16:22.000000000 +1200
@@ -309,37 +309,3 @@
*list = NULL;
}
-
-/*
- * This function traverses all ACL elements referenced
- * by an access list (presumably 'http_access'). If
- * it finds a PURGE method ACL, then it returns TRUE,
- * otherwise FALSE.
- */
-/* XXX: refactor this more sensibly. perhaps have the parser detect it ? */
-int
-aclPurgeMethodInUse(acl_access * a)
-{
- ACLList *b;
-
- debugs(28, 6, "aclPurgeMethodInUse: invoked for '" << a->cfgline << "'");
-
- for (; a; a = a->next) {
- for (b = a->aclList; b; b = b->next) {
- ACLStrategised *tempAcl = dynamic_cast *>(b->_acl);
-
- if (!tempAcl) {
- debugs(28, 7, "aclPurgeMethodInUse: can't create tempAcl");
- continue;
- }
-
- if (tempAcl->match(METHOD_PURGE)) {
- debugs(28, 6, "aclPurgeMethodInUse: returning true");
- return true;
- }
- }
- }
-
- debugs(28, 6, "aclPurgeMethodInUse: returning false");
- return false;
-}
diff -u -r -N squid-3.1.0.9/src/acl/Gadgets.h squid-3.1.0.10/src/acl/Gadgets.h
--- squid-3.1.0.9/src/acl/Gadgets.h 2009-06-26 22:35:36.000000000 +1200
+++ squid-3.1.0.10/src/acl/Gadgets.h 2009-07-18 16:16:22.000000000 +1200
@@ -37,7 +37,5 @@
extern void aclCacheMatchFlush(dlink_list * cache);
/// \ingroup ACLAPI
extern void dump_acl_access(StoreEntry * entry, const char *name, acl_access * head);
-/// \ingroup ACLAPI
-int aclPurgeMethodInUse(acl_access * a);
#endif /* SQUID_ACL_GADGETS_H */
diff -u -r -N squid-3.1.0.9/src/acl/MethodData.cc squid-3.1.0.10/src/acl/MethodData.cc
--- squid-3.1.0.9/src/acl/MethodData.cc 2009-06-26 22:35:36.000000000 +1200
+++ squid-3.1.0.10/src/acl/MethodData.cc 2009-07-18 16:16:22.000000000 +1200
@@ -89,6 +89,10 @@
for (Tail = &values; *Tail; Tail = &((*Tail)->next));
while ((t = strtokFile())) {
+ if(strcmp(t, "PURGE") == 0) {
+ // we need to use PURGE, can't just blanket-deny it.
+ Config2.onoff.enable_purge = 1;
+ }
CbDataList *q = new CbDataList (HttpRequestMethod(t, NULL));
*(Tail) = q;
Tail = &q->next;
diff -u -r -N squid-3.1.0.9/src/adaptation/ecap/XactionRep.cc squid-3.1.0.10/src/adaptation/ecap/XactionRep.cc
--- squid-3.1.0.9/src/adaptation/ecap/XactionRep.cc 2009-06-26 22:35:37.000000000 +1200
+++ squid-3.1.0.10/src/adaptation/ecap/XactionRep.cc 2009-07-18 16:16:23.000000000 +1200
@@ -16,7 +16,8 @@
AsyncJob("Adaptation::Ecap::XactionRep"),
Adaptation::Initiate("Adaptation::Ecap::XactionRep", anInitiator, aService),
theVirginRep(virginHeader), theCauseRep(NULL),
- proxyingVb(opUndecided), proxyingAb(opUndecided), canAccessVb(false)
+ proxyingVb(opUndecided), proxyingAb(opUndecided), canAccessVb(false),
+ abProductionFinished(false), abProductionAtEnd(false)
{
if (virginCause)
theCauseRep = new MessageRep(virginCause);
@@ -275,15 +276,17 @@
void
Adaptation::Ecap::XactionRep::noteAbContentDone(bool atEnd)
{
- Must(proxyingAb == opOn);
- stopProducingFor(answer().body_pipe, atEnd);
- proxyingAb = opComplete;
+ Must(proxyingAb == opOn && !abProductionFinished);
+ abProductionFinished = true;
+ abProductionAtEnd = atEnd; // store until ready to stop producing ourselves
+ debugs(93,5, HERE << "adapted body production ended");
+ moveAbContent();
}
void
Adaptation::Ecap::XactionRep::noteAbContentAvailable()
{
- Must(proxyingAb == opOn);
+ Must(proxyingAb == opOn && !abProductionFinished);
moveAbContent();
}
@@ -374,9 +377,16 @@
{
Must(proxyingAb == opOn);
const libecap::Area c = theMaster->abContent(0, libecap::nsize);
- debugs(93,5, HERE << " up to " << c.size << " bytes");
- if (const size_t used = answer().body_pipe->putMoreData(c.start, c.size))
- theMaster->abContentShift(used);
+ debugs(93,5, HERE << "up to " << c.size << " bytes");
+ if (c.size == 0 && abProductionFinished) { // no ab now and in the future
+ stopProducingFor(answer().body_pipe, abProductionAtEnd);
+ proxyingAb = opComplete;
+ debugs(93,5, HERE << "last adapted body data retrieved");
+ } else
+ if (c.size > 0) {
+ if (const size_t used = answer().body_pipe->putMoreData(c.start, c.size))
+ theMaster->abContentShift(used);
+ }
}
const char *
diff -u -r -N squid-3.1.0.9/src/adaptation/ecap/XactionRep.h squid-3.1.0.10/src/adaptation/ecap/XactionRep.h
--- squid-3.1.0.9/src/adaptation/ecap/XactionRep.h 2009-06-26 22:35:37.000000000 +1200
+++ squid-3.1.0.10/src/adaptation/ecap/XactionRep.h 2009-07-18 16:16:23.000000000 +1200
@@ -93,6 +93,8 @@
OperationState proxyingVb; // delivering virgin body from core to adapter
OperationState proxyingAb; // delivering adapted body from adapter to core
bool canAccessVb; // virgin BodyPipe content is accessible
+ bool abProductionFinished; // whether adapter has finished producing ab
+ bool abProductionAtEnd; // whether adapter produced a complete ab
CBDATA_CLASS2(XactionRep);
};
diff -u -r -N squid-3.1.0.9/src/cache_cf.cc squid-3.1.0.10/src/cache_cf.cc
--- squid-3.1.0.9/src/cache_cf.cc 2009-06-26 22:35:37.000000000 +1200
+++ squid-3.1.0.10/src/cache_cf.cc 2009-07-18 16:16:24.000000000 +1200
@@ -620,8 +620,10 @@
#endif
- if (aclPurgeMethodInUse(Config.accessList.http))
- Config2.onoff.enable_purge = 1;
+ // we have reconfigured and in the process disabled any need for PURGE.
+ // turn it off now.
+ if(Config2.onoff.enable_purge == 2)
+ Config2.onoff.enable_purge = 0;
Config2.onoff.mangle_request_headers = httpReqHdrManglersConfigured();
@@ -2990,6 +2992,8 @@
s->accel = 1;
} else if (strcmp(token, "accel") == 0) {
s->accel = 1;
+ } else if (strcmp(token, "allow-direct") == 0) {
+ s->allow_direct = 1;
} else if (strcmp(token, "no-connection-auth") == 0) {
s->connection_auth_disabled = true;
} else if (strcmp(token, "connection-auth=off") == 0) {
diff -u -r -N squid-3.1.0.9/src/cf.data.pre squid-3.1.0.10/src/cf.data.pre
--- squid-3.1.0.9/src/cf.data.pre 2009-06-26 22:35:37.000000000 +1200
+++ squid-3.1.0.10/src/cf.data.pre 2009-07-18 16:16:24.000000000 +1200
@@ -1,6 +1,3 @@
-
-#
-# $Id$
#
# SQUID Web Proxy Cache http://www.squid-cache.org/
# ----------------------------------------------------------
@@ -106,8 +103,8 @@
proxy as the client then thinks it is talking to an origin server and
not the proxy. This is a limitation of bending the TCP/IP protocol to
transparently intercepting port 80, not a limitation in Squid.
- Ports flagged 'transparent', 'intercept', or 'tproxy' have authentication
- disabled.
+ Ports flagged 'transparent', 'intercept', or 'tproxy' have
+ authentication disabled.
=== Parameters for the basic scheme follow. ===
@@ -116,7 +113,8 @@
reads a line containing "username password" and replies "OK" or
"ERR" in an endless loop. "ERR" responses may optionally be followed
by a error description available as %m in the returned error page.
- If you use an authenticator, make sure you have 1 acl of type proxy_auth.
+ If you use an authenticator, make sure you have 1 acl of type
+ proxy_auth.
By default, the basic authentication scheme is not used unless a
program is specified.
@@ -283,9 +281,9 @@
the Microsoft Internet Explorer or Mozilla Firefox browsers.
Its main purpose is to exchange credentials with the Squid proxy
using the Kerberos mechanisms.
- If you use a Negotiate authenticator, make sure you have at least one acl
- of type proxy_auth active. By default, the negotiate authenticator_program
- is not used.
+ If you use a Negotiate authenticator, make sure you have at least
+ one acl of type proxy_auth active. By default, the negotiate
+ authenticator_program is not used.
The only supported program for this role is the ntlm_auth
program distributed as part of Samba, version 4 or later.
@@ -493,33 +491,47 @@
By default, regular expressions are CASE-SENSITIVE. To make
them case-insensitive, use the -i option.
+ Some acl types require suspending the current request in order
+ to access some external data source.
+ Those which do are marked with the tag [slow], those which
+ don't are marked as [fast].
+ See http://wiki.squid-cache.org/SquidFaq/SquidAcl
+ for further information
***** ACL TYPES AVAILABLE *****
- acl aclname src ip-address/netmask ... # clients IP address
- acl aclname src addr1-addr2/netmask ... # range of addresses
- acl aclname dst ip-address/netmask ... # URL host's IP address
- acl aclname myip ip-address/netmask ... # local socket IP address
+ acl aclname src ip-address/netmask ... # clients IP address [fast]
+ acl aclname src addr1-addr2/netmask ... # range of addresses [fast]
+ acl aclname dst ip-address/netmask ... # URL host's IP address [slow]
+ acl aclname myip ip-address/netmask ... # local socket IP address [fast]
acl aclname arp mac-address ... (xx:xx:xx:xx:xx:xx notation)
# The arp ACL requires the special configure option --enable-arp-acl.
# Furthermore, the ARP ACL code is not portable to all operating systems.
- # It works on Linux, Solaris, Windows, FreeBSD, and some other *BSD variants.
+ # It works on Linux, Solaris, Windows, FreeBSD, and some
+ # other *BSD variants.
+ # [fast]
#
# NOTE: Squid can only determine the MAC address for clients that are on
- # the same subnet. If the client is on a different subnet, then Squid cannot
- # find out its MAC address.
+ # the same subnet. If the client is on a different subnet,
+ # then Squid cannot find out its MAC address.
- acl aclname srcdomain .foo.com ... # reverse lookup, from client IP
- acl aclname dstdomain .foo.com ... # Destination server from URL
- acl aclname srcdom_regex [-i] \.foo\.com ... # regex matching client name
- acl aclname dstdom_regex [-i] \.foo\.com ... # regex matching server
+ acl aclname srcdomain .foo.com ...
+ # reverse lookup, from client IP [slow]
+ acl aclname dstdomain .foo.com ...
+ # Destination server from URL [slow]
+ acl aclname srcdom_regex [-i] \.foo\.com ...
+ # regex matching client name [slow]
+ acl aclname dstdom_regex [-i] \.foo\.com ...
+ # regex matching server [slow]
+ #
# For dstdomain and dstdom_regex a reverse lookup is tried if a IP
# based URL is used and no match is found. The name "none" is used
# if the reverse lookup fails.
acl aclname src_as number ...
acl aclname dst_as number ...
+ # [fast]
# Except for access control, AS numbers can be used for
# routing of requests to specific caches. Here's an
# example for routing all requests for AS#1241 and only
@@ -529,10 +541,12 @@
# cache_peer_access mycache_mydomain.net deny all
acl aclname peername myPeer ...
+ # [fast]
# match against a named cache_peer entry
# set unique name= on cache_peer lines for reliable use.
acl aclname time [day-abbrevs] [h1:m1-h2:m2]
+ # [fast]
# day-abbrevs:
# S - Sunday
# M - Monday
@@ -543,37 +557,46 @@
# A - Saturday
# h1:m1 must be less than h2:m2
- acl aclname url_regex [-i] ^http:// ... # regex matching on whole URL
- acl aclname urlpath_regex [-i] \.gif$ ... # regex matching on URL path
+ acl aclname url_regex [-i] ^http:// ...
+ # regex matching on whole URL [fast]
+ acl aclname urlpath_regex [-i] \.gif$ ...
+ # regex matching on URL path [fast]
+
+ acl aclname port 80 70 21 0-1024... # destination TCP port [fast]
+ # ranges are alloed
+ acl aclname myport 3128 ... # local socket TCP port [fast]
+ acl aclname myportname 3128 ... # http(s)_port name [fast]
+
+ acl aclname proto HTTP FTP ... # request protocol [fast]
+
+ acl aclname method GET POST ... # HTTP request method [fast]
- acl aclname port 80 70 21 ...
- acl aclname port 0-1024 ... # ranges allowed
- acl aclname myport 3128 ... # (local socket TCP port)
- acl aclname myportname 3128 ... # http(s)_port name
-
- acl aclname proto HTTP FTP ...
-
- acl aclname method GET POST ...
-
- acl aclname http_status 200 301 500- 400-403 ... # status code in reply
+ acl aclname http_status 200 301 500- 400-403 ...
+ # status code in reply [fast]
acl aclname browser [-i] regexp ...
- # pattern match on User-Agent header (see also req_header below)
+ # pattern match on User-Agent header (see also req_header below) [fast]
acl aclname referer_regex [-i] regexp ...
- # pattern match on Referer header
+ # pattern match on Referer header [fast]
# Referer is highly unreliable, so use with care
acl aclname ident username ...
acl aclname ident_regex [-i] pattern ...
- # string match on ident output.
+ # string match on ident output [slow]
# use REQUIRED to accept any non-null ident.
acl aclname proxy_auth [-i] username ...
acl aclname proxy_auth_regex [-i] pattern ...
- # list of valid usernames
+ # perform http authentication challenge to the client and match against
+ # supplied credentials [slow]
+ #
+ # takes a list of allowed usernames.
# use REQUIRED to accept any valid username.
#
+ # Will use proxy authentication in forward-proxy scenarios, and plain
+ # http authenticaiton in reverse-proxy scenarios
+ #
# NOTE: when a Proxy-Authentication header is sent but it is not
# needed during ACL checking the username is NOT logged
# in access.log.
@@ -587,19 +610,19 @@
# to respond to proxy authentication.
acl aclname snmp_community string ...
- # A community string to limit access to your SNMP Agent
+ # A community string to limit access to your SNMP Agent [fast]
# Example:
#
# acl snmppublic snmp_community public
acl aclname maxconn number
# This will be matched when the client's IP address has
- # more than HTTP connections established.
+ # more than HTTP connections established. [fast]
acl aclname max_user_ip [-s] number
# This will be matched when the user attempts to log in from more
# than different ip addresses. The authenticate_ip_ttl
- # parameter controls the timeout on the ip entries.
+ # parameter controls the timeout on the ip entries. [fast]
# If -s is specified the limit is strict, denying browsing
# from any further IP addresses until the ttl has expired. Without
# -s Squid will just annoy the user by "randomly" denying requests.
@@ -612,19 +635,19 @@
acl aclname req_mime_type [-i] mime-type ...
# regex match against the mime type of the request generated
# by the client. Can be used to detect file upload or some
- # types HTTP tunneling requests.
+ # types HTTP tunneling requests [fast]
# NOTE: This does NOT match the reply. You cannot use this
# to match the returned file type.
acl aclname req_header header-name [-i] any\.regex\.here
# regex match against any of the known request headers. May be
# thought of as a superset of "browser", "referer" and "mime-type"
- # ACLs.
+ # ACL [fast]
acl aclname rep_mime_type [-i] mime-type ...
# regex match against the mime type of the reply received by
# squid. Can be used to detect file download or some
- # types HTTP tunneling requests.
+ # types HTTP tunneling requests. [fast]
# NOTE: This has no effect in http_access rules. It only has
# effect in rules that affect the reply data stream such as
# http_reply_access.
@@ -632,27 +655,27 @@
acl aclname rep_header header-name [-i] any\.regex\.here
# regex match against any of the known reply headers. May be
# thought of as a superset of "browser", "referer" and "mime-type"
- # ACLs.
+ # ACLs [fast]
acl aclname external class_name [arguments...]
# external ACL lookup via a helper class defined by the
- # external_acl_type directive.
+ # external_acl_type directive [slow]
acl aclname user_cert attribute values...
# match against attributes in a user SSL certificate
- # attribute is one of DN/C/O/CN/L/ST
+ # attribute is one of DN/C/O/CN/L/ST [fast]
acl aclname ca_cert attribute values...
# match against attributes a users issuing CA SSL certificate
- # attribute is one of DN/C/O/CN/L/ST
+ # attribute is one of DN/C/O/CN/L/ST [fast]
acl aclname ext_user username ...
acl aclname ext_user_regex [-i] pattern ...
- # string match on username returned by external acl helper
+ # string match on username returned by external acl helper [slow]
# use REQUIRED to accept any non-null user name.
- #
+
acl aclname tag tagvalue ...
- # string match on tag returned by external acl helper
+ # string match on tag returned by external acl helper [slow]
Examples:
acl macaddress arp 09:00:2b:23:45:67
@@ -722,6 +745,9 @@
delay_pool_uses_indirect_client and log_uses_indirect_client
options.
+ This clause only supports fast acl types.
+ See http://wiki.squid-cache.org/SquidFaq/SquidAcl for details.
+
SECURITY CONSIDERATIONS:
Any host for which we follow the X-Forwarded-For header
@@ -798,6 +824,9 @@
good idea to have an "deny all" or "allow all" entry at the end
of your access lists to avoid potential confusion.
+ This clause supports both fast and slow acl types.
+ See http://wiki.squid-cache.org/SquidFaq/SquidAcl for details.
+
NOCOMMENT_START
#Recommended minimum configuration:
#
@@ -820,6 +849,7 @@
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
http_access allow localnet
+http_access allow localhost
# And finally deny all other access to this proxy
http_access deny all
@@ -841,6 +871,9 @@
If none of the access lines cause a match the opposite of the
last line will apply. Thus it is good practice to end the rules
with an "allow all" or "deny all" entry.
+
+ This clause supports both fast and slow acl types.
+ See http://wiki.squid-cache.org/SquidFaq/SquidAcl for details.
DOC_END
NAME: icp_access
@@ -856,6 +889,8 @@
See http_access for details
+ This clause only supports fast acl types.
+ See http://wiki.squid-cache.org/SquidFaq/SquidAcl for details.
NOCOMMENT_START
#Allow ICP queries from local networks only
#icp_access allow localnet
@@ -881,6 +916,8 @@
deny all traffic. This default may cause problems with peers
using the htcp or htcp-oldsquid options.
+ This clause only supports fast acl types.
+ See http://wiki.squid-cache.org/SquidFaq/SquidAcl for details.
NOCOMMENT_START
#Allow HTCP queries from local networks only
#htcp_access allow localnet
@@ -902,6 +939,8 @@
See http_access for details
+ This clause only supports fast acl types.
+ See http://wiki.squid-cache.org/SquidFaq/SquidAcl for details.
#Allow HTCP CLR requests from trusted peers
acl htcp_clr_peer src 172.16.1.2
htcp_clr_access allow htcp_clr_peer
@@ -924,6 +963,9 @@
By default, allow all clients who passed the http_access rules
to fetch MISSES from us.
+
+ This clause only supports fast acl types.
+ See http://wiki.squid-cache.org/SquidFaq/SquidAcl for details.
DOC_END
NAME: ident_lookup_access
@@ -950,6 +992,9 @@
Only src type ACL checks are fully supported. A srcdomain
ACL might work at times, but it will not always provide
the correct result.
+
+ This clause only supports fast acl types.
+ See http://wiki.squid-cache.org/SquidFaq/SquidAcl for details.
DOC_END
NAME: reply_body_max_size
@@ -1038,6 +1083,10 @@
accel Accelerator mode. Also needs at least one of
vhost / vport / defaultsite.
+ allow-direct Allow direct forwarding in accelerator mode. Normally
+ accelerated requests are denied direct forwarding as if
+ never_direct was used.
+
defaultsite=domainname
What to use for the Host: header if it is not present
in a request. Determines what site (not origin server)
@@ -1056,9 +1105,9 @@
protocol= Protocol to reconstruct accelerated requests with.
Defaults to http.
- connection-auth[=on|off]
- use connection-auth=off to tell Squid to prevent
- forwarding Microsoft connection oriented authentication
+ connection-auth[=on|off]
+ use connection-auth=off to tell Squid to prevent
+ forwarding Microsoft connection oriented authentication
(NTLM, Negotiate and Kerberos)
disable-pmtu-discovery=
@@ -1077,7 +1126,7 @@
sporadically hang or never complete requests set
disable-pmtu-discovery option to 'transparent'.
- sslBump Intercept each CONNECT request matching ssl_bump ACL,
+ sslBump Intercept each CONNECT request matching ssl_bump ACL,
establish secure connection with the client and with
the server, decrypt HTTP messages as they pass through
Squid, and treat them as unencrypted HTTP messages,
@@ -1345,7 +1394,8 @@
IPv6 Magic:
- Squid is built with a capability of bridging the IPv4 and IPv6 internets.
+ Squid is built with a capability of bridging the IPv4 and IPv6
+ internets.
tcp_outgoing_address as exampled above breaks this bridging by forcing
all outbound traffic through a certain IPv4 which may be on the wrong
side of the IPv4/IPv6 boundary.
@@ -1369,6 +1419,12 @@
If peers are used the peername ACL are needed to select outgoing
address which can link to the peer.
+ 'dst ipv6' is a slow ACL. It will only work here if 'dst' is used
+ previously in the http_access rules to locate the destination IP.
+ Some more magic may be needed for that:
+ http_access allow to_ipv6 !all
+ (meaning, allow if to IPv6 but not from anywhere ;)
+
DOC_END
COMMENT_START
@@ -1476,6 +1532,8 @@
See also: http_port sslBump
+ This clause only supports fast acl types.
+ See http://wiki.squid-cache.org/SquidFaq/SquidAcl for details.
NOCOMMENT_START
# Example: Bump all requests except those originating from localhost and
# those going to webax.com or example.com sites.
@@ -1519,9 +1577,9 @@
sslproxy_cert_error allow BrokenServersAtTrustedIP
sslproxy_cert_error deny all
- This option must use fast ACL expressions only. Expressions that use
- external lookups or communication result in unpredictable behavior or
- crashes.
+ This clause only supports fast acl types.
+ See http://wiki.squid-cache.org/SquidFaq/SquidAcl for details.
+ Using slow acl types may result in server crashes
Without this option, all server certificate validation errors
terminate the transaction. Bypassing validation errors is dangerous
@@ -1623,7 +1681,7 @@
sslcipher=...
ssloptions=...
front-end-https[=on|auto]
- connection-auth[=on|off|auto]
+ connection-auth[=on|off|auto]
use 'proxy-only' to specify objects fetched
from this cache should not be saved locally.
@@ -1676,11 +1734,11 @@
distributed among the parents based on the CARP load
balancing hash function based on their weight.
- use 'userhash' to load-balance amongst a set of parents
- based on the client proxy_auth or ident username.
+ use 'userhash' to load-balance amongst a set of parents
+ based on the client proxy_auth or ident username.
- use 'sourcehash' to load-balance amongst a set of parents
- based on the client source ip.
+ use 'sourcehash' to load-balance amongst a set of parents
+ based on the client source ip.
'multicast-responder' indicates the named peer
is a member of a multicast group. ICP queries will
@@ -1850,12 +1908,12 @@
on this header. If set to auto the header will
only be added if the request is forwarded as a https://
URL.
-
- use connection-auth=off to tell Squid that this peer does
- not support Microsoft connection oriented authentication,
- and any such challenges received from there should be
- ignored. Default is auto to automatically determine the
- status of the peer.
+
+ use connection-auth=off to tell Squid that this peer does
+ not support Microsoft connection oriented authentication,
+ and any such challenges received from there should be
+ ignored. Default is auto to automatically determine the
+ status of the peer.
DOC_END
NAME: cache_peer_domain cache_host_domain
@@ -2395,6 +2453,9 @@
This options allows you to control which requests gets logged
to access.log (see access_log directive). Requests denied for
logging will also not be accounted for in performance counters.
+
+ This clause only supports fast acl types.
+ See http://wiki.squid-cache.org/SquidFaq/SquidAcl for details.
DOC_END
NAME: cache_store_log
@@ -2721,7 +2782,8 @@
translator, as the EPRT command will never be used and therefore,
translation of the data portion of the segments will never be needed.
- When a client only expects to do two-way FTP transfers this may be useful.
+ When a client only expects to do two-way FTP transfers this may be
+ useful.
If squid finds that it must do a three-way FTP transfer after issuing
an EPSV ALL command, the FTP session will fail.
@@ -2739,8 +2801,9 @@
FTP Protocol extensions permit the use of a special "EPSV" command.
NATs may be able to put the connection on a "fast path" through the
- translator using EPSV, as the EPRT command will never be used and therefore,
- translation of the data portion of the segments will never be needed.
+ translator using EPSV, as the EPRT command will never be used
+ and therefore, translation of the data portion of the segments
+ will never be needed.
Turning this OFF will prevent EPSV being attempted.
WARNING: Doing so will convert Squid back to the old behavior with all
@@ -2818,7 +2881,8 @@
IFDEF: USE_ICMP
DOC_START
Control whether the pinger is active at run-time.
- Enables turning ICMP pinger on and off with a simple squid -k reconfigure.
+ Enables turning ICMP pinger on and off with a simple
+ squid -k reconfigure.
DOC_END
@@ -2902,6 +2966,9 @@
If defined, this access list specifies which requests are
sent to the redirector processes. By default all requests
are sent.
+
+ This clause supports both fast and slow acl types.
+ See http://wiki.squid-cache.org/SquidFaq/SquidAcl for details.
DOC_END
NAME: url_rewrite_bypass redirector_bypass
@@ -2938,6 +3005,9 @@
matching the ACL should be allowed or denied into the cache.
Default is to allow all to be cached.
+
+ This clause supports both fast and slow acl types.
+ See http://wiki.squid-cache.org/SquidFaq/SquidAcl for details.
DOC_END
NAME: refresh_pattern
@@ -3172,11 +3242,16 @@
from making Squid fetch the whole object up to that point before
sending anything to the client.
+ A value of 0 causes Squid to never fetch more than the
+ client requested. (default)
+
A value of -1 causes Squid to always fetch the object from the
beginning so it may cache the result. (2.0 style)
- A value of 0 causes Squid to never fetch more than the
- client requested. (default)
+ NP: Using -1 here will override any quick_abort settings that may
+ otherwise apply to the range request. The range request will
+ be fully fetched from start to finish regardless of the client
+ actions. This affects bandwidth usage.
DOC_END
NAME: minimum_expiry_time
@@ -3279,6 +3354,9 @@
forbidden by the BNF, an HTTP/1.1 client must not preface or follow
a request with an extra CRLF.
+ This clause only supports fast acl types.
+ See http://wiki.squid-cache.org/SquidFaq/SquidAcl for details.
+
Example:
acl buggy_server url_regex ^http://....
broken_posts allow buggy_server
@@ -3940,12 +4018,12 @@
delay pools, one of class 2 and one of class 3, the settings above
and here would be:
-Example:
- delay_pools 4 # 4 delay pools
- delay_class 1 2 # pool 1 is a class 2 pool
- delay_class 2 3 # pool 2 is a class 3 pool
- delay_class 3 4 # pool 3 is a class 4 pool
- delay_class 4 5 # pool 4 is a class 5 pool
+ Example:
+ delay_pools 4 # 4 delay pools
+ delay_class 1 2 # pool 1 is a class 2 pool
+ delay_class 2 3 # pool 2 is a class 3 pool
+ delay_class 3 4 # pool 3 is a class 4 pool
+ delay_class 4 5 # pool 4 is a class 5 pool
The delay pool classes are:
@@ -3954,13 +4032,13 @@
class 2 Everything is limited by a single aggregate
bucket as well as an "individual" bucket chosen
- from bits 25 through 32 of the IP address.
+ from bits 25 through 32 of the IPv4 address.
class 3 Everything is limited by a single aggregate
bucket as well as a "network" bucket chosen
from bits 17 through 24 of the IP address and a
"individual" bucket chosen from bits 17 through
- 32 of the IP address.
+ 32 of the IPv4 address.
class 4 Everything in a class 3 delay pool, with an
additional limit on a per user basis. This
@@ -3975,6 +4053,9 @@
-> bits 25 through 32 are "d"
-> bits 17 through 24 are "c"
-> bits 17 through 32 are "c * 256 + d"
+
+ NOTE-2: Due to the use of bitmasks in class 2,3,4 pools they only apply to
+ IPv4 traffic. Class 1 and 5 pools may be used with IPv6 traffic.
DOC_END
NAME: delay_access
@@ -4459,6 +4540,8 @@
snmp_access allow|deny [!]aclname ...
+ This clause only supports fast acl types.
+ See http://wiki.squid-cache.org/SquidFaq/SquidAcl for details.
Example:
snmp_access allow snmppublic localhost
snmp_access deny all
@@ -5072,10 +5155,10 @@
NOTE: This directive is not related to caching. The replies
is cached as usual even if you use always_direct. To not cache
- the replies see no_cache.
+ the replies see the 'cache' directive.
- This option replaces some v1.1 options such as local_domain
- and local_ip.
+ This clause supports both fast and slow acl types.
+ See http://wiki.squid-cache.org/SquidFaq/SquidAcl for details.
DOC_END
NAME: never_direct
@@ -5106,8 +5189,8 @@
always_direct allow local-intranet
never_direct allow all
- This option replaces some v1.1 options such as inside_firewall
- and firewall_ip.
+ This clause supports both fast and slow acl types.
+ See http://wiki.squid-cache.org/SquidFaq/SquidAcl for details.
DOC_END
COMMENT_START
diff -u -r -N squid-3.1.0.9/src/client_side.cc squid-3.1.0.10/src/client_side.cc
--- squid-3.1.0.9/src/client_side.cc 2009-06-26 22:35:37.000000000 +1200
+++ squid-3.1.0.10/src/client_side.cc 2009-07-18 16:16:24.000000000 +1200
@@ -2275,6 +2275,7 @@
}
request->flags.accelerated = http->flags.accel;
+ request->flags.no_direct = request->flags.accelerated ? !conn->port->allow_direct : 0;
/** \par
* If transparent or interception mode is working clone the transparent and interception flags
diff -u -r -N squid-3.1.0.9/src/client_side_reply.cc squid-3.1.0.10/src/client_side_reply.cc
--- squid-3.1.0.9/src/client_side_reply.cc 2009-06-26 22:35:37.000000000 +1200
+++ squid-3.1.0.10/src/client_side_reply.cc 2009-07-18 16:16:24.000000000 +1200
@@ -86,8 +86,9 @@
clientReplyContext::clientReplyContext(ClientHttpRequest *clientContext) : http (cbdataReference(clientContext)), old_entry (NULL), old_sc(NULL), deleting(false)
{}
-/* create an error in the store awaiting the client side to read it. */
-/* This may be better placed in the clientStream logic, but it has not been
+/** Create an error in the store awaiting the client side to read it.
+ *
+ * This may be better placed in the clientStream logic, but it has not been
* relocated there yet
*/
void
@@ -649,10 +650,9 @@
return;
}
- /**
- * Deny loops when running in accelerator/transproxy mode.
- */
- if (http->flags.accel && r->flags.loopdetect) {
+ /// Deny loops for accelerator and interceptor. TODO: deny in all modes?
+ if (r->flags.loopdetect &&
+ (http->flags.accel || http->flags.intercepted)) {
http->al.http.code = HTTP_FORBIDDEN;
err = clientBuildError(ERR_ACCESS_DENIED, HTTP_FORBIDDEN, NULL, http->getConn()->peer, http->request);
createStoreEntry(r->method, request_flags());
@@ -1199,10 +1199,12 @@
return result;
}
-/*
- * filters out unwanted entries from original reply header
- * adds extra entries if we have more info than origin server
- * adds Squid specific entries
+/**
+ * Generate the reply headers sent to client.
+ *
+ * Filters out unwanted entries and hop-by-hop from original reply header
+ * then adds extra entries if we have more info than origin server
+ * then adds Squid specific entries
*/
void
clientReplyContext::buildReplyHeader()
@@ -1228,6 +1230,7 @@
// if (request->range)
// clientBuildRangeHeader(http, reply);
+
/*
* Add a estimated Age header on cache hits.
*/
@@ -1249,11 +1252,14 @@
* the objects age, so a Age: 0 header does not add any useful
* information to the reply in any case.
*/
-
+#if DEAD_CODE
+ // XXX: realy useless? or is there a bug now that this is detatched from the below if-sequence ?
+ // looks like this pre-if was supposed to be the browser workaround...
if (NULL == http->storeEntry())
(void) 0;
else if (http->storeEntry()->timestamp < 0)
(void) 0;
+#endif
if (EBIT_TEST(http->storeEntry()->flags, ENTRY_SPECIAL)) {
hdr->delById(HDR_DATE);
@@ -1278,7 +1284,24 @@
hdr->putStr(HDR_WARNING, tempbuf);
}
}
+ }
+ /* RFC 2616: Section 14.18
+ *
+ * Add a Date: header if missing.
+ * We have access to a clock therefore are required to amend any shortcoming in servers.
+ *
+ * NP: done after Age: to prevent ENTRY_SPECIAL double-handling this header.
+ */
+ if ( !hdr->has(HDR_DATE) ) {
+ if (!http->storeEntry())
+ hdr->insertTime(HDR_DATE, squid_curtime);
+ else if (http->storeEntry()->timestamp > 0)
+ hdr->insertTime(HDR_DATE, http->storeEntry()->timestamp);
+ else {
+ debugs(88,1,"WARNING: An error inside Squid has caused an HTTP reply without Date:. Please report this");
+ /* TODO: dump something useful about the problem */
+ }
}
/* Filter unproxyable authentication types */
diff -u -r -N squid-3.1.0.9/src/comm_epoll.cc squid-3.1.0.10/src/comm_epoll.cc
--- squid-3.1.0.9/src/comm_epoll.cc 2009-06-26 22:35:38.000000000 +1200
+++ squid-3.1.0.10/src/comm_epoll.cc 2009-07-18 16:16:24.000000000 +1200
@@ -232,7 +232,7 @@
commIncomingStats(StoreEntry * sentry)
{
StatCounters *f = &statCounter;
- storeAppendPrintf(sentry, "Total number of epoll(2) loops: %d\n", statCounter.select_loops);
+ storeAppendPrintf(sentry, "Total number of epoll(2) loops: %ld\n", statCounter.select_loops);
storeAppendPrintf(sentry, "Histogram of returned filedescriptors\n");
statHistDump(&f->select_fds_hist, sentry, statHistIntDumper);
}
@@ -265,7 +265,7 @@
for (;;) {
num = epoll_wait(kdpfd, pevents, SQUID_MAXFD, msec);
- statCounter.select_loops++;
+ ++statCounter.select_loops;
if (num >= 0)
break;
diff -u -r -N squid-3.1.0.9/src/comm_kqueue.cc squid-3.1.0.10/src/comm_kqueue.cc
--- squid-3.1.0.9/src/comm_kqueue.cc 2009-06-26 22:35:38.000000000 +1200
+++ squid-3.1.0.10/src/comm_kqueue.cc 2009-07-18 16:16:24.000000000 +1200
@@ -260,7 +260,7 @@
for (;;) {
num = kevent(kq, kqlst, kqoff, ke, KE_LENGTH, &poll_time);
- statCounter.select_loops++;
+ ++statCounter.select_loops;
kqoff = 0;
if (num >= 0)
diff -u -r -N squid-3.1.0.9/src/comm_poll.cc squid-3.1.0.10/src/comm_poll.cc
--- squid-3.1.0.9/src/comm_poll.cc 2009-06-26 22:35:38.000000000 +1200
+++ squid-3.1.0.10/src/comm_poll.cc 2009-07-18 16:16:25.000000000 +1200
@@ -408,9 +408,9 @@
for (;;) {
PROF_start(comm_poll_normal);
- statCounter.syscalls.selects++;
+ ++statCounter.syscalls.selects;
num = poll(pfds, nfds, msec);
- statCounter.select_loops++;
+ ++statCounter.select_loops;
PROF_stop(comm_poll_normal);
if (num >= 0 || npending >= 0)
diff -u -r -N squid-3.1.0.9/src/comm_select.cc squid-3.1.0.10/src/comm_select.cc
--- squid-3.1.0.9/src/comm_select.cc 2009-06-26 22:35:38.000000000 +1200
+++ squid-3.1.0.10/src/comm_select.cc 2009-07-18 16:16:25.000000000 +1200
@@ -441,7 +441,7 @@
poll_time.tv_usec = (msec % 1000) * 1000;
statCounter.syscalls.selects++;
num = select(maxfd, &readfds, &writefds, NULL, &poll_time);
- statCounter.select_loops++;
+ ++statCounter.select_loops;
if (num >= 0 || pending > 0)
break;
diff -u -r -N squid-3.1.0.9/src/comm_select_win32.cc squid-3.1.0.10/src/comm_select_win32.cc
--- squid-3.1.0.9/src/comm_select_win32.cc 2009-06-26 22:35:38.000000000 +1200
+++ squid-3.1.0.10/src/comm_select_win32.cc 2009-07-18 16:16:25.000000000 +1200
@@ -439,9 +439,9 @@
for (;;) {
poll_time.tv_sec = msec / 1000;
poll_time.tv_usec = (msec % 1000) * 1000;
- statCounter.syscalls.selects++;
+ ++statCounter.syscalls.selects;
num = select(maxfd, &readfds, &writefds, &errfds, &poll_time);
- statCounter.select_loops++;
+ ++statCounter.select_loops;
if (num >= 0 || pending > 0)
break;
diff -u -r -N squid-3.1.0.9/src/delay_pools.cc squid-3.1.0.10/src/delay_pools.cc
--- squid-3.1.0.9/src/delay_pools.cc 2009-06-26 22:35:38.000000000 +1200
+++ squid-3.1.0.10/src/delay_pools.cc 2009-07-18 16:16:25.000000000 +1200
@@ -159,7 +159,7 @@
virtual char const *label() const = 0;
- virtual unsigned int makeKey (IpAddress &src_addr) const = 0;
+ virtual unsigned int makeKey(IpAddress &src_addr) const = 0;
DelaySpec spec;
@@ -186,13 +186,11 @@
public:
void *operator new(size_t);
- void operator delete (void *);
+ void operator delete(void *);
protected:
virtual char const *label() const {return "Individual";}
-
- virtual unsigned int makeKey (IpAddress &src_addr) const;
-
+ virtual unsigned int makeKey(IpAddress &src_addr) const;
};
/// \ingroup DelayPoolsInternal
@@ -205,7 +203,6 @@
protected:
virtual char const *label() const {return "Network";}
-
virtual unsigned int makeKey (IpAddress &src_addr) const;
};
@@ -293,10 +290,10 @@
}
void
-CommonPool::operator delete (void *address)
+CommonPool::operator delete(void *address)
{
- DelayPools::MemoryUsed -= sizeof (CommonPool);
- ::operator delete (address);
+ DelayPools::MemoryUsed -= sizeof(CommonPool);
+ ::operator delete(address);
}
CommonPool *
@@ -322,7 +319,6 @@
temp->push_back (new Aggregate);
temp->push_back(new IndividualPool);
}
-
break;
case 3:
@@ -334,7 +330,6 @@
temp->push_back (new ClassCNetPool);
temp->push_back (new ClassCHostPool);
}
-
break;
case 4:
@@ -347,7 +342,6 @@
temp->push_back (new ClassCHostPool);
temp->push_back (new DelayUser);
}
-
break;
case 5:
@@ -504,7 +498,6 @@
}
DelayIdComposite::Pointer
-
Aggregate::id(CompositeSelectionDetails &details)
{
if (rate()->restore_bps != -1)
@@ -800,7 +793,7 @@
VectorMap::findKeyIndex (Key const key) const
{
for (unsigned int index = 0; index < size(); ++index) {
- assert (indexUsed (index));
+ assert(indexUsed(index));
if (key_map[index] == key)
return index;
@@ -811,20 +804,23 @@
}
DelayIdComposite::Pointer
-
VectorPool::id(CompositeSelectionDetails &details)
{
if (rate()->restore_bps == -1)
return new NullDelayId;
- unsigned int key = makeKey (details.src_addr);
+ /* non-IPv4 are not able to provide IPv4-bitmask for this pool type key. */
+ if ( !details.src_addr.IsIPv4() )
+ return new NullDelayId;
- if (keyAllocated (key))
- return new Id (this, buckets.findKeyIndex(key));
+ unsigned int key = makeKey(details.src_addr);
+
+ if (keyAllocated(key))
+ return new Id(this, buckets.findKeyIndex(key));
unsigned char const resultIndex = buckets.insert(key);
- buckets.values[resultIndex].init (*rate());
+ buckets.values[resultIndex].init(*rate());
return new Id(this, resultIndex);
}
@@ -837,13 +833,13 @@
}
void
-VectorPool::Id::operator delete (void *address)
+VectorPool::Id::operator delete(void *address)
{
DelayPools::MemoryUsed -= sizeof (Id);
::operator delete (address);
}
-VectorPool::Id::Id (VectorPool::Pointer aPool, int anIndex) : theVector (aPool), theIndex (anIndex)
+VectorPool::Id::Id(VectorPool::Pointer aPool, int anIndex) : theVector (aPool), theIndex (anIndex)
{}
int
@@ -861,11 +857,10 @@
unsigned int
IndividualPool::makeKey (IpAddress &src_addr) const
{
- /* FIXME INET6 : IPv6 requires a 64-128 bit result from this function */
+ /* IPv4 required for this pool */
if ( !src_addr.IsIPv4() )
return 1;
- /* Temporary bypass for IPv4-only */
struct in_addr host;
src_addr.GetInAddr(host);
return (ntohl(host.s_addr) & 0xff);
@@ -888,11 +883,10 @@
unsigned int
ClassCNetPool::makeKey (IpAddress &src_addr) const
{
- /* FIXME INET6 : IPv6 requires a 64-128 bit result from this function */
+ /* IPv4 required for this pool */
if ( !src_addr.IsIPv4() )
return 1;
- /* Temporary bypass for IPv4-only */
struct in_addr net;
src_addr.GetInAddr(net);
return ( (ntohl(net.s_addr) >> 8) & 0xff);
@@ -962,7 +956,7 @@
unsigned char
ClassCHostPool::makeHostKey (IpAddress &src_addr) const
{
- /* FIXME INET6 : IPv6 requires a 64-128 bit result from this function */
+ /* IPv4 required for this pool */
if ( !src_addr.IsIPv4() )
return 1;
@@ -975,23 +969,25 @@
unsigned int
ClassCHostPool::makeKey (IpAddress &src_addr) const
{
- /* FIXME INET6 : IPv6 requires a 64-128 bit result from this function */
+ /* IPv4 required for this pool */
if ( !src_addr.IsIPv4() )
return 1;
- /* Temporary bypass for IPv4-only */
struct in_addr net;
src_addr.GetInAddr(net);
return ( (ntohl(net.s_addr) >> 8) & 0xff);
}
DelayIdComposite::Pointer
-
ClassCHostPool::id(CompositeSelectionDetails &details)
{
if (rate()->restore_bps == -1)
return new NullDelayId;
+ /* non-IPv4 are not able to provide IPv4-bitmask for this pool type key. */
+ if ( !details.src_addr.IsIPv4() )
+ return new NullDelayId;
+
unsigned int key = makeKey (details.src_addr);
unsigned char host = makeHostKey (details.src_addr);
diff -u -r -N squid-3.1.0.9/src/DelaySpec.cc squid-3.1.0.10/src/DelaySpec.cc
--- squid-3.1.0.9/src/DelaySpec.cc 2009-06-26 22:35:33.000000000 +1200
+++ squid-3.1.0.10/src/DelaySpec.cc 2009-07-18 16:16:16.000000000 +1200
@@ -57,35 +57,32 @@
}
storeAppendPrintf(sentry, "\t%s:\n", label);
- storeAppendPrintf(sentry, "\t\tMax: %d\n", max_bytes);
+ storeAppendPrintf(sentry, "\t\tMax: %"PRId64"\n", max_bytes);
storeAppendPrintf(sentry, "\t\tRestore: %d\n", restore_bps);
}
void
DelaySpec::dump (StoreEntry *entry) const
{
- storeAppendPrintf(entry, " %d/%d", restore_bps, max_bytes);
+ storeAppendPrintf(entry, " %d/%"PRId64"", restore_bps, max_bytes);
}
void
DelaySpec::parse()
{
- int i;
+ int r;
char *token;
token = strtok(NULL, "/");
if (token == NULL)
self_destruct();
- if (sscanf(token, "%d", &i) != 1)
+ if (sscanf(token, "%d", &r) != 1)
self_destruct();
- restore_bps = i;
+ restore_bps = r;
- i = GetInteger();
-
- max_bytes = i;
+ max_bytes = GetInteger64();
}
#endif
-
diff -u -r -N squid-3.1.0.9/src/DelaySpec.h squid-3.1.0.10/src/DelaySpec.h
--- squid-3.1.0.9/src/DelaySpec.h 2009-06-26 22:35:33.000000000 +1200
+++ squid-3.1.0.10/src/DelaySpec.h 2009-07-18 16:16:16.000000000 +1200
@@ -32,6 +32,9 @@
#ifndef SQUID_DELAYSPEC_H
#define SQUID_DELAYSPEC_H
+/* for int64_t definition */
+#include "config.h"
+
class StoreEntry;
/// \ingroup DelyPoolsAPI
@@ -44,7 +47,7 @@
void dump(StoreEntry *) const;
void parse();
int restore_bps;
- int max_bytes;
+ int64_t max_bytes;
};
#endif /* SQUID_DELAYSPEC_H */
diff -u -r -N squid-3.1.0.9/src/DelayUser.cc squid-3.1.0.10/src/DelayUser.cc
--- squid-3.1.0.9/src/DelayUser.cc 2009-06-26 22:35:33.000000000 +1200
+++ squid-3.1.0.10/src/DelayUser.cc 2009-07-18 16:16:16.000000000 +1200
@@ -77,6 +77,10 @@
int
DelayUserCmp(DelayUserBucket::Pointer const &left, DelayUserBucket::Pointer const &right)
{
+ /* Verify for re-currance of Bug 2127. either of these missing will crash strcasecmp() */
+ assert(left->authUser->username() != NULL);
+ assert(right->authUser->username() != NULL);
+
/* for rate limiting, case insensitive */
return strcasecmp(left->authUser->username(), right->authUser->username());
}
@@ -147,9 +151,10 @@
DelayIdComposite::Pointer
DelayUser::id(CompositePoolNode::CompositeSelectionDetails &details)
{
- if (!details.user)
+ if (!details.user || !details.user->user() || !details.user->user()->username())
return new NullDelayId;
+ debugs(77, 3, HERE << "Adding a slow-down for User '" << details.user->user()->username() << "'");
return new Id(this, details.user->user());
}
diff -u -r -N squid-3.1.0.9/src/esi/Esi.cc squid-3.1.0.10/src/esi/Esi.cc
--- squid-3.1.0.9/src/esi/Esi.cc 2009-06-26 22:35:38.000000000 +1200
+++ squid-3.1.0.10/src/esi/Esi.cc 2009-07-18 16:16:25.000000000 +1200
@@ -1028,10 +1028,19 @@
assert (xstrncpy (pos, attr[i], sizeof(localbuf) + (pos - localbuf)));
pos += strlen (pos);
*pos++ = '=';
- *pos++ = '\'';
- assert (xstrncpy (pos, attr[i + 1], sizeof(localbuf) + (pos - localbuf)));
+ *pos++ = '\"';
+ const char *chPtr = attr[i + 1];
+ char ch;
+ while ((ch = *chPtr++) != '\0') {
+ if (ch == '\"') {
+ assert( xstrncpy(pos, """, sizeof(localbuf) + (pos-localbuf)) );
+ pos += 6;
+ } else {
+ *(pos++) = ch;
+ }
+ }
pos += strlen (pos);
- *pos++ = '\'';
+ *pos++ = '\"';
}
*pos++ = '>';
diff -u -r -N squid-3.1.0.9/src/forward.cc squid-3.1.0.10/src/forward.cc
--- squid-3.1.0.9/src/forward.cc 2009-06-26 22:35:38.000000000 +1200
+++ squid-3.1.0.10/src/forward.cc 2009-07-18 16:16:26.000000000 +1200
@@ -812,10 +812,12 @@
if (pinned_connection->pinnedAuth())
request->flags.auth = 1;
comm_add_close_handler(fd, fwdServerClosedWrapper, this);
+ updateHierarchyInfo();
connectDone(fd, COMM_OK, 0);
return;
}
/* Failure. Fall back on next path */
+ debugs(17,2,HERE << " Pinned connection " << pinned_connection << " not valid. Releasing.");
request->releasePinnedConnection();
servers = fs->next;
fwdServerFree(fs);
@@ -851,7 +853,6 @@
#if URL_CHECKSUM_DEBUG
entry->mem_obj->checkUrlChecksum();
-
#endif
outgoing = getOutgoingAddr(request, fs->_peer);
@@ -1260,9 +1261,6 @@
It does not matter from a functional perspective if it gets called a few
times more than what is really needed, but calling it too often may
obviously hurt performance.
-
-\todo Current code looks fine, even if using !fs->_peer as condition
-instead of HIER_DIRECT would be clearer.
*/
// updates HierarchyLogEntry, guessing nextHop and its format
void
diff -u -r -N squid-3.1.0.9/src/ftp.cc squid-3.1.0.10/src/ftp.cc
--- squid-3.1.0.9/src/ftp.cc 2009-06-26 22:35:38.000000000 +1200
+++ squid-3.1.0.10/src/ftp.cc 2009-07-18 16:16:26.000000000 +1200
@@ -93,13 +93,21 @@
/// \ingroup ServerProtocolFTPInternal
struct _ftp_flags {
+
+ /* passive mode */
+ bool pasv_supported; ///< PASV command is allowed
+ bool epsv_all_sent; ///< EPSV ALL has been used. Must abort on failures.
+ bool pasv_only;
+
+ /* authentication */
+ bool authenticated; ///< authentication success
+ bool tried_auth_anonymous; ///< auth has tried to use anonymous credentials already.
+ bool tried_auth_nopass; ///< auth tried username with no password already.
+
+ /* other */
bool isdir;
- bool pasv_supported;
- bool epsv_all_sent;
bool skip_whitespace;
bool rest_supported;
- bool pasv_only;
- bool authenticated;
bool http_header_sent;
bool tried_nlst;
bool need_base_href;
@@ -1432,6 +1440,9 @@
*
* Special Case: A username-only may be provided in the URL and password in the HTTP headers.
*
+ * TODO: we might be able to do something about locating username from other sources:
+ * ie, external ACL user=* tag or ident lookup
+ *
\retval 1 if we have everything needed to complete this request.
\retval 0 if something is missing.
*/
@@ -1464,10 +1475,16 @@
/* Setup default FTP password settings */
/* this has to be done last so that we can have a no-password case above. */
if (!password[0]) {
- if (strcmp(user, "anonymous") == 0)
+ if (strcmp(user, "anonymous") == 0 && !flags.tried_auth_anonymous) {
xstrncpy(password, Config.Ftp.anon_user, MAX_URL);
- else
+ flags.tried_auth_anonymous=1;
+ return 1;
+ }
+ else if (!flags.tried_auth_nopass) {
xstrncpy(password, null_string, MAX_URL);
+ flags.tried_auth_nopass=1;
+ return 1;
+ }
}
return 0; /* different username */
diff -u -r -N squid-3.1.0.9/src/helper.cc squid-3.1.0.10/src/helper.cc
--- squid-3.1.0.9/src/helper.cc 2009-06-26 22:35:38.000000000 +1200
+++ squid-3.1.0.10/src/helper.cc 2009-07-18 16:16:27.000000000 +1200
@@ -103,7 +103,7 @@
shortname = xstrdup(progname);
/* dont ever start more than hlp->n_to_start processes. */
- int need_new = hlp->n_to_start - hlp->n_running;
+ int need_new = hlp->n_to_start - hlp->n_active;
debugs(84, 1, "helperOpenServers: Starting " << need_new << "/" << hlp->n_to_start << " '" << shortname << "' processes");
@@ -209,7 +209,8 @@
shortname = xstrdup(progname);
/* dont ever start more than hlp->n_to_start processes. */
- int need_new = hlp->n_to_start - hlp->n_running;
+ /* n_active are the helpers which have not been shut down. */
+ int need_new = hlp->n_to_start - hlp->n_active;
debugs(84, 1, "helperOpenServers: Starting " << need_new << "/" << hlp->n_to_start << " '" << shortname << "' processes");
@@ -545,8 +546,8 @@
storeAppendPrintf(sentry, "program: %s\n",
hlp->cmdline->key);
- storeAppendPrintf(sentry, "number running: %d of %d\n",
- hlp->n_running, hlp->n_to_start);
+ storeAppendPrintf(sentry, "number active: %d of %d (%d shutting down)\n",
+ hlp->n_active, hlp->n_to_start, (hlp->n_running - hlp->n_active) );
storeAppendPrintf(sentry, "requests sent: %d\n",
hlp->stats.requests);
storeAppendPrintf(sentry, "replies received: %d\n",
@@ -587,7 +588,7 @@
storeAppendPrintf(sentry, " B = BUSY\n");
storeAppendPrintf(sentry, " W = WRITING\n");
storeAppendPrintf(sentry, " C = CLOSING\n");
- storeAppendPrintf(sentry, " S = SHUTDOWN\n");
+ storeAppendPrintf(sentry, " S = SHUTDOWN PENDING\n");
}
void
@@ -598,8 +599,8 @@
storeAppendPrintf(sentry, "program: %s\n",
hlp->cmdline->key);
- storeAppendPrintf(sentry, "number running: %d of %d\n",
- hlp->n_running, hlp->n_to_start);
+ storeAppendPrintf(sentry, "number active: %d of %d (%d shutting down)\n",
+ hlp->n_active, hlp->n_to_start, (hlp->n_running - hlp->n_active) );
storeAppendPrintf(sentry, "requests sent: %d\n",
hlp->stats.requests);
storeAppendPrintf(sentry, "replies received: %d\n",
@@ -644,7 +645,7 @@
storeAppendPrintf(sentry, " B = BUSY\n");
storeAppendPrintf(sentry, " C = CLOSING\n");
storeAppendPrintf(sentry, " R = RESERVED or DEFERRED\n");
- storeAppendPrintf(sentry, " S = SHUTDOWN\n");
+ storeAppendPrintf(sentry, " S = SHUTDOWN PENDING\n");
storeAppendPrintf(sentry, " P = PLACEHOLDER\n");
}
@@ -671,7 +672,6 @@
hlp->n_active--;
assert(hlp->n_active >= 0);
-
srv->flags.shutdown = 1; /* request it to shut itself down */
if (srv->flags.closing) {
diff -u -r -N squid-3.1.0.9/src/helper.h squid-3.1.0.10/src/helper.h
--- squid-3.1.0.9/src/helper.h 2009-06-26 22:35:38.000000000 +1200
+++ squid-3.1.0.10/src/helper.h 2009-07-18 16:16:27.000000000 +1200
@@ -58,9 +58,9 @@
dlink_list servers;
dlink_list queue;
const char *id_name;
- int n_to_start;
- int n_running;
- int n_active;
+ int n_to_start; ///< Configuration setting of how many helper children should be running
+ int n_running; ///< Total helper children objects currently existing
+ int n_active; ///< Count of helper children active (not shutting down)
int ipc_type;
IpAddress addr;
unsigned int concurrency;
@@ -80,9 +80,9 @@
dlink_list servers;
dlink_list queue;
const char *id_name;
- int n_to_start;
- int n_running;
- int n_active;
+ int n_to_start; ///< Configuration setting of how many helper children should be running
+ int n_running; ///< Total helper children objects currently existing
+ int n_active; ///< Count of helper children active (not shutting down)
int ipc_type;
IpAddress addr;
MemAllocator *datapool;
diff -u -r -N squid-3.1.0.9/src/http.cc squid-3.1.0.10/src/http.cc
--- squid-3.1.0.9/src/http.cc 2009-06-26 22:35:38.000000000 +1200
+++ squid-3.1.0.10/src/http.cc 2009-07-18 16:16:27.000000000 +1200
@@ -76,7 +76,8 @@
HttpHeader * hdr_out, const int we_do_ranges, const http_state_flags);
HttpStateData::HttpStateData(FwdState *theFwdState) : AsyncJob("HttpStateData"), ServerStateData(theFwdState),
- lastChunk(0), header_bytes_read(0), reply_bytes_read(0), httpChunkDecoder(NULL)
+ lastChunk(0), header_bytes_read(0), reply_bytes_read(0),
+ body_bytes_truncated(0), httpChunkDecoder(NULL)
{
debugs(11,5,HERE << "HttpStateData " << this << " created");
ignoreCacheControl = false;
@@ -976,6 +977,9 @@
if (body_bytes_read < vrep->content_length)
return INCOMPLETE_MSG;
+
+ if (body_bytes_truncated > 0) // already read more than needed
+ return COMPLETE_NONPERSISTENT_MSG; // disable pconns
}
/** \par
@@ -1160,6 +1164,33 @@
return false; // quit on error
}
+/** truncate what we read if we read too much so that writeReplyBody()
+ writes no more than what we should have read */
+void
+HttpStateData::truncateVirginBody()
+{
+ assert(flags.headers_parsed);
+
+ HttpReply *vrep = virginReply();
+ int64_t clen = -1;
+ if (!vrep->expectingBody(request->method, clen) || clen < 0)
+ return; // no body or a body of unknown size, including chunked
+
+ const int64_t body_bytes_read = reply_bytes_read - header_bytes_read;
+ if (body_bytes_read - body_bytes_truncated <= clen)
+ return; // we did not read too much or already took care of the extras
+
+ if (const int64_t extras = body_bytes_read - body_bytes_truncated - clen) {
+ // server sent more that the advertised content length
+ debugs(11,5, HERE << "body_bytes_read=" << body_bytes_read <<
+ " clen=" << clen << '/' << vrep->content_length <<
+ " body_bytes_truncated=" << body_bytes_truncated << '+' << extras);
+
+ readBuf->truncate(extras);
+ body_bytes_truncated += extras;
+ }
+}
+
/**
* Call this when there is data from the origin server
* which should be sent to either StoreEntry, or to ICAP...
@@ -1167,6 +1198,7 @@
void
HttpStateData::writeReplyBody()
{
+ truncateVirginBody(); // if needed
const char *data = readBuf->content();
int len = readBuf->contentSize();
addVirginReplyBody(data, len);
@@ -1217,6 +1249,7 @@
}
#if USE_ADAPTATION
+ debugs(11,5, HERE << "adaptationAccessCheckPending=" << adaptationAccessCheckPending);
if (adaptationAccessCheckPending)
return;
@@ -1419,7 +1452,6 @@
LOCAL_ARRAY(char, ntoabuf, MAX_IPSTRLEN);
const HttpHeader *hdr_in = &orig_request->header;
const HttpHeaderEntry *e = NULL;
- String strFwd;
HttpHeaderPos pos = HttpHeaderInitPos;
assert (hdr_out->owner == hoRequest);
@@ -1469,24 +1501,35 @@
}
#endif
- strFwd = hdr_in->getList(HDR_X_FORWARDED_FOR);
-
/** \pre Handle X-Forwarded-For */
if (strcmp(opt_forwarded_for, "delete") != 0) {
+
+ String strFwd = hdr_in->getList(HDR_X_FORWARDED_FOR);
+
+ if (strFwd.size() > 65536/2) {
+ // There is probably a forwarding loop with Via detection disabled.
+ // If we do nothing, String will assert on overflow soon.
+ // TODO: Terminate all transactions with huge XFF?
+ strFwd = "error";
+
+ static int warnedCount = 0;
+ if (warnedCount++ < 100) {
+ const char *url = entry ? entry->url() : urlCanonical(orig_request);
+ debugs(11, 1, "Warning: likely forwarding loop with " << url);
+ }
+ }
+
if (strcmp(opt_forwarded_for, "on") == 0) {
/** If set to ON - append client IP or 'unknown'. */
- strFwd = hdr_in->getList(HDR_X_FORWARDED_FOR);
if ( orig_request->client_addr.IsNoAddr() )
strListAdd(&strFwd, "unknown", ',');
else
strListAdd(&strFwd, orig_request->client_addr.NtoA(ntoabuf, MAX_IPSTRLEN), ',');
} else if (strcmp(opt_forwarded_for, "off") == 0) {
/** If set to OFF - append 'unknown'. */
- strFwd = hdr_in->getList(HDR_X_FORWARDED_FOR);
strListAdd(&strFwd, "unknown", ',');
} else if (strcmp(opt_forwarded_for, "transparent") == 0) {
/** If set to TRANSPARENT - pass through unchanged. */
- strFwd = hdr_in->getList(HDR_X_FORWARDED_FOR);
} else if (strcmp(opt_forwarded_for, "truncate") == 0) {
/** If set to TRUNCATE - drop existing list and replace with client IP or 'unknown'. */
if ( orig_request->client_addr.IsNoAddr() )
@@ -1498,7 +1541,6 @@
hdr_out->putStr(HDR_X_FORWARDED_FOR, strFwd.termedBuf());
}
/** If set to DELETE - do not copy through. */
- strFwd.clean();
/* append Host if not there already */
if (!hdr_out->has(HDR_HOST)) {
diff -u -r -N squid-3.1.0.9/src/http.h squid-3.1.0.10/src/http.h
--- squid-3.1.0.9/src/http.h 2009-06-26 22:35:38.000000000 +1200
+++ squid-3.1.0.10/src/http.h 2009-07-18 16:16:27.000000000 +1200
@@ -71,6 +71,7 @@
size_t read_sz;
int header_bytes_read; // to find end of response,
int reply_bytes_read; // without relying on StoreEntry
+ int body_bytes_truncated; // positive when we read more than we wanted
MemBuf *readBuf;
bool ignoreCacheControl;
bool surrogateNoStore;
@@ -93,6 +94,7 @@
void checkDateSkew(HttpReply *);
bool continueAfterParsingHeader();
+ void truncateVirginBody();
virtual void haveParsedReplyHeaders();
virtual void closeServer(); // end communication with the server
diff -u -r -N squid-3.1.0.9/src/ip/IpAddress.h squid-3.1.0.10/src/ip/IpAddress.h
--- squid-3.1.0.9/src/ip/IpAddress.h 2009-06-26 22:35:38.000000000 +1200
+++ squid-3.1.0.10/src/ip/IpAddress.h 2009-07-18 16:16:27.000000000 +1200
@@ -73,7 +73,7 @@
* UPDATE: OpenBSD 4.3 has the same.
* UPDATE: MacOSX has the same.
*/
-#if USE_IPV6 && ( defined(_SQUID_FREEBSD_) || defined(_SQUID_OPENBSD_) || defined(_SQUID_APPLE_))
+#if USE_IPV6 && ( defined(_SQUID_FREEBSD_) || defined(_SQUID_OPENBSD_) || defined(_SQUID_APPLE_) || defined(_SQUID_NETBSD_))
//#define s6_addr8 __u6_addr.__u6_addr8
//#define s6_addr16 __u6_addr.__u6_addr16
#define s6_addr32 __u6_addr.__u6_addr32
diff -u -r -N squid-3.1.0.9/src/main.cc squid-3.1.0.10/src/main.cc
--- squid-3.1.0.9/src/main.cc 2009-06-26 22:35:39.000000000 +1200
+++ squid-3.1.0.10/src/main.cc 2009-07-18 16:16:27.000000000 +1200
@@ -709,7 +709,13 @@
errorClean();
enter_suid(); /* root to read config file */
+
+ // we may have disabled the need for PURGE
+ if(Config2.onoff.enable_purge)
+ Config2.onoff.enable_purge = 2;
+
parseConfigFile(ConfigFile);
+
setUmask(Config.umask);
Mem::Report();
setEffectiveUser();
diff -u -r -N squid-3.1.0.9/src/MemBuf.cc squid-3.1.0.10/src/MemBuf.cc
--- squid-3.1.0.9/src/MemBuf.cc 2009-06-26 22:35:33.000000000 +1200
+++ squid-3.1.0.10/src/MemBuf.cc 2009-07-18 16:16:18.000000000 +1200
@@ -226,6 +226,15 @@
PROF_stop(MemBuf_consume);
}
+// removes last tailSize bytes
+void MemBuf::truncate(mb_size_t tailSize)
+{
+ const mb_size_t cSize = contentSize();
+ assert(0 <= tailSize && tailSize <= cSize);
+ assert(!stolen); /* not frozen */
+ size -= tailSize;
+}
+
/**
* calls memcpy, appends exactly size bytes,
* extends buffer or creates buffer if needed.
diff -u -r -N squid-3.1.0.9/src/MemBuf.h squid-3.1.0.10/src/MemBuf.h
--- squid-3.1.0.9/src/MemBuf.h 2009-06-26 22:35:33.000000000 +1200
+++ squid-3.1.0.10/src/MemBuf.h 2009-07-18 16:16:18.000000000 +1200
@@ -85,6 +85,7 @@
void consume(mb_size_t sz); // removes sz bytes, moving content left
void append(const char *c, mb_size_t sz); // grows if needed and possible
void appended(mb_size_t sz); // updates content size after external append
+ void truncate(mb_size_t sz); // removes sz last bytes
void terminate(); // zero-terminates the buffer w/o increasing contentSize
diff -u -r -N squid-3.1.0.9/src/Parsing.cc squid-3.1.0.10/src/Parsing.cc
--- squid-3.1.0.9/src/Parsing.cc 2009-06-26 22:35:34.000000000 +1200
+++ squid-3.1.0.10/src/Parsing.cc 2009-07-18 16:16:18.000000000 +1200
@@ -80,6 +80,20 @@
return port;
}
+int64_t
+GetInteger64(void)
+{
+ char *token = strtok(NULL, w_space);
+ int i;
+
+ if (token == NULL)
+ self_destruct();
+
+ i = strtoll(token, NULL, 10);
+
+ return i;
+}
+
int
GetInteger(void)
{
diff -u -r -N squid-3.1.0.9/src/Parsing.h squid-3.1.0.10/src/Parsing.h
--- squid-3.1.0.9/src/Parsing.h 2009-06-26 22:35:34.000000000 +1200
+++ squid-3.1.0.10/src/Parsing.h 2009-07-18 16:16:18.000000000 +1200
@@ -42,7 +42,18 @@
extern int xatoi(const char *token);
extern long xatol(const char *token);
extern unsigned short xatos(const char *token);
+
+/**
+ * Parse a 64-bit integer value.
+ */
+extern int64_t GetInteger64(void);
+
+/**
+ * Parses an integer value.
+ * Uses a method that obeys hexadecimal 0xN syntax needed for certain bitmasks.
+ */
extern int GetInteger(void);
+
extern u_short GetShort(void);
// on success, returns true and sets *p (if any) to the end of the integer
diff -u -r -N squid-3.1.0.9/src/peer_select.cc squid-3.1.0.10/src/peer_select.cc
--- squid-3.1.0.9/src/peer_select.cc 2009-06-26 22:35:39.000000000 +1200
+++ squid-3.1.0.10/src/peer_select.cc 2009-07-18 16:16:27.000000000 +1200
@@ -315,7 +315,7 @@
} else if (ps->never_direct > 0) {
/** if always_direct says NO, do that. */
ps->direct = DIRECT_NO;
- } else if (request->flags.accelerated) {
+ } else if (request->flags.no_direct) {
/** if we are accelerating, direct is not an option. */
ps->direct = DIRECT_NO;
} else if (request->flags.loopdetect) {
diff -u -r -N squid-3.1.0.9/src/ProtoPort.h squid-3.1.0.10/src/ProtoPort.h
--- squid-3.1.0.9/src/ProtoPort.h 2009-06-26 22:35:34.000000000 +1200
+++ squid-3.1.0.10/src/ProtoPort.h 2009-07-18 16:16:18.000000000 +1200
@@ -21,6 +21,7 @@
unsigned int intercepted:1; /**< intercepting proxy port */
unsigned int spoof_client_ip:1; /**< spoof client ip if possible */
unsigned int accel:1; /**< HTTP accelerator */
+ unsigned int allow_direct:1; /**< Allow direct forwarding in accelerator mode */
unsigned int vhost:1; /**< uses host header */
unsigned int sslBump:1; /**< intercepts CONNECT requests */
diff -u -r -N squid-3.1.0.9/src/Server.cc squid-3.1.0.10/src/Server.cc
--- squid-3.1.0.9/src/Server.cc 2009-06-26 22:35:36.000000000 +1200
+++ squid-3.1.0.10/src/Server.cc 2009-07-18 16:16:18.000000000 +1200
@@ -820,6 +820,7 @@
adaptationAccessCheckPending = Adaptation::AccessCheck::Start(
Adaptation::methodRespmod, Adaptation::pointPreCache,
request, virginReply(), adaptationAclCheckDoneWrapper, this);
+ debugs(11,5, HERE << "adaptationAccessCheckPending=" << adaptationAccessCheckPending);
if (adaptationAccessCheckPending)
return;
#endif
diff -u -r -N squid-3.1.0.9/src/stat.cc squid-3.1.0.10/src/stat.cc
--- squid-3.1.0.9/src/stat.cc 2009-06-26 22:35:39.000000000 +1200
+++ squid-3.1.0.10/src/stat.cc 2009-07-18 16:16:27.000000000 +1200
@@ -514,7 +514,7 @@
storeAppendPrintf(sentry, "\tAverage ICP messages per minute since start:\t%.1f\n",
(statCounter.icp.pkts_sent + statCounter.icp.pkts_recv) / (runtime / 60.0));
- storeAppendPrintf(sentry, "\tSelect loop called: %d times, %0.3f ms avg\n",
+ storeAppendPrintf(sentry, "\tSelect loop called: %ld times, %0.3f ms avg\n",
statCounter.select_loops, 1000.0 * runtime / statCounter.select_loops);
storeAppendPrintf(sentry, "Cache information for %s:\n",APP_SHORTNAME);
@@ -1367,7 +1367,7 @@
f->unlink.requests);
storeAppendPrintf(sentry, "page_faults = %d\n",
f->page_faults);
- storeAppendPrintf(sentry, "select_loops = %d\n",
+ storeAppendPrintf(sentry, "select_loops = %ld\n",
f->select_loops);
storeAppendPrintf(sentry, "cpu_time = %f\n",
f->cputime);
diff -u -r -N squid-3.1.0.9/src/store_client.cc squid-3.1.0.10/src/store_client.cc
--- squid-3.1.0.9/src/store_client.cc 2009-06-26 22:35:39.000000000 +1200
+++ squid-3.1.0.10/src/store_client.cc 2009-07-18 16:16:27.000000000 +1200
@@ -769,6 +769,12 @@
return 0;
}
+ if ( Config.rangeOffsetLimit < 0 && mem->request && mem->request->range ) {
+ /* Don't abort if the admin has configured range_ofset -1 to download fully for caching. */
+ debugs(90, 3, "CheckQuickAbort2: NO admin configured range replies to full-download");
+ return 0;
+ }
+
if (curlen > expectlen) {
debugs(90, 3, "CheckQuickAbort2: YES bad content length");
return 1;
diff -u -r -N squid-3.1.0.9/src/String.cc squid-3.1.0.10/src/String.cc
--- squid-3.1.0.9/src/String.cc 2009-06-26 22:35:36.000000000 +1200
+++ squid-3.1.0.10/src/String.cc 2009-07-18 16:16:22.000000000 +1200
@@ -193,6 +193,7 @@
} else {
// Create a temporary string and absorb it later.
String snew;
+ assert(len_ + len < 65536); // otherwise snew.len_ overflows below
snew.len_ = len_ + len;
snew.allocBuffer(snew.len_ + 1);
diff -u -r -N squid-3.1.0.9/src/structs.h squid-3.1.0.10/src/structs.h
--- squid-3.1.0.9/src/structs.h 2009-06-26 22:35:39.000000000 +1200
+++ squid-3.1.0.10/src/structs.h 2009-07-18 16:16:27.000000000 +1200
@@ -1027,6 +1027,7 @@
unsigned int connection_proxy_auth:1; /** Request wants connection oriented auth */
unsigned int pinned:1; /* Request sent on a pinned connection */
unsigned int auth_sent:1; /* Authentication forwarded */
+ unsigned int no_direct:1; /* Deny direct forwarding unless overriden by always_direct. Used in accelerator mode */
// When adding new flags, please update cloneAdaptationImmune() as needed.
@@ -1190,7 +1191,7 @@
int times_used;
} netdb;
int page_faults;
- int select_loops;
+ unsigned long int select_loops;
int select_fds;
double select_time;
double cputime;
diff -u -r -N squid-3.1.0.9/src/TextException.cc squid-3.1.0.10/src/TextException.cc
--- squid-3.1.0.9/src/TextException.cc 2009-06-26 22:35:36.000000000 +1200
+++ squid-3.1.0.10/src/TextException.cc 2009-07-18 16:16:22.000000000 +1200
@@ -1,13 +1,36 @@
#include "squid.h"
#include "TextException.h"
+TextException::TextException()
+{
+ message=NULL;
+ theFileName=NULL;
+ theLineNo=0;
+}
+
+TextException::TextException(const TextException& right) :
+ message((right.message?xstrdup(right.message):NULL)), theFileName(right.theFileName), theLineNo(right.theLineNo)
+{
+}
+
TextException::TextException(const char *aMsg, const char *aFileName, int aLineNo):
message(xstrdup(aMsg)), theFileName(aFileName), theLineNo(aLineNo)
{}
TextException::~TextException() throw()
{
- xfree(message);
+ if(message) xfree(message);
+}
+
+TextException& TextException::operator=(const TextException &right)
+{
+ if(this==&right) return *this;
+ if(message) xfree(message);
+ message=(right.message?xstrdup(right.message):NULL);
+ theFileName=right.theFileName;
+ theLineNo=right.theLineNo;
+
+ return *this;
}
const char *TextException::what() const throw()
diff -u -r -N squid-3.1.0.9/src/TextException.h squid-3.1.0.10/src/TextException.h
--- squid-3.1.0.9/src/TextException.h 2009-06-26 22:35:36.000000000 +1200
+++ squid-3.1.0.10/src/TextException.h 2009-07-18 16:16:22.000000000 +1200
@@ -13,11 +13,15 @@
{
public:
+ TextException();
TextException(const char *aMessage, const char *aFileName = 0, int aLineNo = -1);
+ TextException(const TextException& right);
virtual ~TextException() throw();
virtual const char *what() const throw();
+ TextException& operator=(const TextException &right);
+
public:
char *message; // read-only
diff -u -r -N squid-3.1.0.9/src/wccp2.cc squid-3.1.0.10/src/wccp2.cc
--- squid-3.1.0.9/src/wccp2.cc 2009-06-26 22:35:39.000000000 +1200
+++ squid-3.1.0.10/src/wccp2.cc 2009-07-18 16:16:28.000000000 +1200
@@ -200,8 +200,7 @@
struct wccp2_cache_identity_info_t {
struct in_addr addr;
uint16_t hash_revision;
- char bits[2];
-// uint16_t bits;
+ uint16_t bits;
//#define WCCP2_HASH_ASSIGNMENT_DATA 0x0
/* 5.7.2 Hash Assignment Data Element */
@@ -241,7 +240,7 @@
struct in_addr addr;
uint16_t hash_revision;
uint16_t bits;
-#define WCCP2_MASK_ASSIGNMENT_DATA (0x1 <<14)
+#define WCCP2_MASK_ASSIGNMENT_DATA (0x2)
/* Sect 5.7.2 Mask Assignment Data Element
*
@@ -796,7 +795,7 @@
wccp2_mask_identity_info.cache_identity_type = htons(WCCP2_WC_ID_INFO);
wccp2_mask_identity_info.cache_identity_length = htons(sizeof(wccp2_mask_identity_info.cache_identity));
memset(&wccp2_mask_identity_info.cache_identity.addr, '\0', sizeof(struct in_addr));
- wccp2_mask_identity_info.cache_identity.bits = WCCP2_MASK_ASSIGNMENT_DATA; // num1 = htonl(2);
+ wccp2_mask_identity_info.cache_identity.bits = htons(WCCP2_MASK_ASSIGNMENT_DATA);
wccp2_mask_identity_info.cache_identity.mask_element_count = htonl(1);
service_flags = ntohl(service_list_ptr->service_info->service_flags);
diff -u -r -N squid-3.1.0.9/tools/Makefile.am squid-3.1.0.10/tools/Makefile.am
--- squid-3.1.0.9/tools/Makefile.am 2009-06-26 22:35:40.000000000 +1200
+++ squid-3.1.0.10/tools/Makefile.am 2009-07-18 16:16:28.000000000 +1200
@@ -20,6 +20,9 @@
libexec_PROGRAMS = \
cachemgr$(CGIEXT)
+man_MANS = \
+ squidclient.1
+
DEFAULT_CACHEMGR_CONFIG = $(sysconfdir)/cachemgr.conf
squidclient_SOURCES = squidclient.cc
@@ -33,7 +36,8 @@
$(XTRA_LIBS)
EXTRA_DIST = \
- cachemgr.conf
+ cachemgr.conf \
+ squidclient.1
$(OBJS): $(top_srcdir)/include/version.h ../include/autoconf.h
diff -u -r -N squid-3.1.0.9/tools/Makefile.in squid-3.1.0.10/tools/Makefile.in
--- squid-3.1.0.9/tools/Makefile.in 2009-06-26 22:36:00.000000000 +1200
+++ squid-3.1.0.10/tools/Makefile.in 2009-07-18 16:16:50.000000000 +1200
@@ -53,7 +53,8 @@
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/include/autoconf.h
CONFIG_CLEAN_FILES =
-am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(libexecdir)"
+am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(libexecdir)" \
+ "$(DESTDIR)$(man1dir)"
binPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
PROGRAMS = $(bin_PROGRAMS) $(libexec_PROGRAMS)
@@ -93,6 +94,9 @@
install-pdf-recursive install-ps-recursive install-recursive \
installcheck-recursive installdirs-recursive pdf-recursive \
ps-recursive uninstall-recursive
+man1dir = $(mandir)/man1
+NROFF = nroff
+MANS = $(man_MANS)
RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \
distclean-recursive maintainer-clean-recursive
ETAGS = etags
@@ -279,6 +283,9 @@
-I$(top_builddir)/include @SQUID_CPPUNIT_INC@ -I$(srcdir)
AUTOMAKE_OPTIONS = subdir-objects
SUBDIRS =
+man_MANS = \
+ squidclient.1
+
DEFAULT_CACHEMGR_CONFIG = $(sysconfdir)/cachemgr.conf
squidclient_SOURCES = squidclient.cc
cachemgr__CGIEXT__SOURCES = cachemgr.cc
@@ -290,7 +297,8 @@
$(XTRA_LIBS)
EXTRA_DIST = \
- cachemgr.conf
+ cachemgr.conf \
+ squidclient.1
DISTCLEANFILES =
all: all-recursive
@@ -448,6 +456,51 @@
clean-libtool:
-rm -rf .libs _libs
+install-man1: $(man1_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man1dir)" || $(MKDIR_P) "$(DESTDIR)$(man1dir)"
+ @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.1*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 1*) ;; \
+ *) ext='1' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst"; \
+ done
+uninstall-man1:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man1_MANS) $(dist_man1_MANS) $(nodist_man1_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.1*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 1*) ;; \
+ *) ext='1' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man1dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man1dir)/$$inst"; \
+ done
# This directory's subdirectories are mostly independent; you can cd
# into them and run `make' without going through this Makefile.
@@ -699,10 +752,10 @@
$(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS)
$(MAKE) $(AM_MAKEFLAGS) check-TESTS
check: check-recursive
-all-am: Makefile $(PROGRAMS)
+all-am: Makefile $(PROGRAMS) $(MANS)
installdirs: installdirs-recursive
installdirs-am:
- for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(libexecdir)"; do \
+ for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(man1dir)"; do \
test -z "$$dir" || $(MKDIR_P) "$$dir"; \
done
install: install-recursive
@@ -752,7 +805,7 @@
info-am:
-install-data-am: install-data-local
+install-data-am: install-data-local install-man
install-dvi: install-dvi-recursive
@@ -762,7 +815,7 @@
install-info: install-info-recursive
-install-man:
+install-man: install-man1
install-pdf: install-pdf-recursive
@@ -789,7 +842,9 @@
ps-am:
uninstall-am: uninstall-binPROGRAMS uninstall-libexecPROGRAMS \
- uninstall-local
+ uninstall-local uninstall-man
+
+uninstall-man: uninstall-man1
.MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \
install-strip
@@ -804,14 +859,14 @@
install-data-am install-data-local install-dvi install-dvi-am \
install-exec install-exec-am install-html install-html-am \
install-info install-info-am install-libexecPROGRAMS \
- install-man install-pdf install-pdf-am install-ps \
+ install-man install-man1 install-pdf install-pdf-am install-ps \
install-ps-am install-strip installcheck installcheck-am \
installdirs installdirs-am maintainer-clean \
maintainer-clean-generic mostlyclean mostlyclean-compile \
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
tags tags-recursive uninstall uninstall-am \
uninstall-binPROGRAMS uninstall-libexecPROGRAMS \
- uninstall-local
+ uninstall-local uninstall-man uninstall-man1
$(OBJS): $(top_srcdir)/include/version.h $(top_builddir)/include/autoconf.h
diff -u -r -N squid-3.1.0.9/tools/squidclient.1 squid-3.1.0.10/tools/squidclient.1
--- squid-3.1.0.9/tools/squidclient.1 1970-01-01 12:00:00.000000000 +1200
+++ squid-3.1.0.10/tools/squidclient.1 2009-07-18 16:16:28.000000000 +1200
@@ -0,0 +1,109 @@
+.TH squidclient 1 "Squid Web Client Tool"
+.SH NAME
+squidclient -- a simple HTTP web client
+.SH SYNOPSIS
+.B squidclient
+.RB [ \-arsv ]
+.RB [ \-g
+.IR count ]
+.RB [ \-h
+.IR remote\-host ]
+.RB [ \-H
+.IR 'string' ]
+.RB [ \-i
+.IR IMS ]
+.RB [ \-I
+.IR ping\-interval ]
+.RB [ \-j
+.IR 'Host\-header' ]
+.RB [ \-l
+.IR local\-host ]
+.RB [ \-m
+.IR method ]
+.RB [ \-p
+.IR port ]
+.RB [ \-P
+.IR file ]
+.RB [ \-t
+.IR count ]
+.RB [ \-T
+.IR timeout ]
+.RB [ \-u
+.IR proxy-user ]
+.RB [ \-U
+.IR www-user ]
+.RB [ \-V
+.IR version ]
+.RB [ \-w
+.IR proxy-password ]
+.RB [ \-W
+.IR www-password ]
+.B url
+.SH DESCRIPTION
+.B squidclient
+is a tool providing a command line interface for retrieving URLs.
+Designed for testing any HTTP 0.9, 1.0, or 1.1 web server or proxy.
+This tool can be combined scripts to perform any basic HTTP operation.
+Some additional features for access to the
+.B Squid
+proxy object cache and management information are provided.
+.SH OPTIONS
+.IP "\-a"
+Do NOT include Accept: header.
+.IP "\-g \fIcount\fP"
+Ping mode, perform
+.I count
+iterations (0 to loop until interrupted).
+.IP "\-h \fIhost\fP"
+Retrieve URL from cache on hostname. Default is localhost.
+.IP "\-H \fI'string'\fP"
+Extra headers to send. Use '\\n' for new lines.
+.IP "\-i \fItime\fP"
+If-Modified-Since time (in Epoch seconds).
+.IP "-I \fIinterval\fP"
+Ping interval in seconds (default 1 second).
+.IP "\-j \fIhosthdr\fP"
+Host header content
+.IP "\-l \fIhost\fP"
+Specify a local IP address to bind to. Default is none.
+.IP "\-m \fImethod\fP"
+Request method, default is GET. Squid also supports a non-standard method
+called \fBPURGE\fP. You can use that to purge a specific URL from the cache.
+You need to have \fIpurge\fP access setup in squid.conf similar to
+\fImanager\fP access. Here is an example:
+.nf
+ acl purge method PURGE
+ http_access deny purge !localhost
+.fi
+.IP "\-p \fIport\fP"
+Port number of cache. Default is 3128.
+.IP "\-P \fIfile"
+PUT request. Using the named file.
+.IP "\-r"
+Force cache to reload URL.
+.IP "\-s"
+Silent. Do not print data to stdout.
+.IP "\-t \fIcount\fP"
+Trace count cache-hops
+.IP "\-T \fItimeout\fP"
+Timeout value (seconds) for read/write operations.
+.IP "\-u \fIuser\fP"
+Proxy authentication username
+.IP "\-U \fIuser\fP"
+WWW authentication username
+.IP "\-v"
+Verbose. Print outgoing message to stderr.
+.IP "\-w \fIpassword\fP"
+Proxy authentication password
+.IP "\-W \fIpassword\fP"
+WWW authentication password
+.IP "\-V \fIversion\fP"
+HTTP Version. Use '-' for HTTP/0.9 omitted case
+.SH SEE ALSO
+.BR cachemgr.cgi "(8), "
+.BR squid "(8)"
+.SH AUTHOR
+Derived from Harvest. Further developed by by numerous individuals from
+the internet community. Development is led by Duane Wessels of the
+National Laboratory for Applied Network Research and funded by
+the National Science Foundation.
diff -u -r -N squid-3.1.0.9/tools/squidclient.cc squid-3.1.0.10/tools/squidclient.cc
--- squid-3.1.0.9/tools/squidclient.cc 2009-06-26 22:35:40.000000000 +1200
+++ squid-3.1.0.10/tools/squidclient.cc 2009-07-18 16:16:28.000000000 +1200
@@ -132,29 +132,32 @@
{
fprintf(stderr,
"Version: %s\n"
- "Usage: %s [-arsv] [-i IMS] [-h remote host] [-l local host] [-p port] [-m method] [-t count] [-I ping-interval] [-H 'strings'] [-T timeout] [-j 'hostheader'] [-V version] url\n"
+ "Usage: %s [-arsv] [-g count] [-h remote host] [-H 'string'] [-i IMS] [-I ping-interval] [-j 'Host-header']"
+ "[-l local-host] [-m method] [-p port] [-P file] [-t count] [-T timeout] [-u proxy-user] [-U www-user] "
+ "[-V version] [-w proxy-password] [-W www-password] url\n"
+ "\n"
"Options:\n"
- " -P file PUT request.\n"
" -a Do NOT include Accept: header.\n"
- " -r Force cache to reload URL.\n"
- " -s Silent. Do not print data to stdout.\n"
- " -v Verbose. Print outgoing message to stderr.\n"
- " -i IMS If-Modified-Since time (in Epoch seconds).\n"
+ " -g count Ping mode, perform \"count\" iterations (0 to loop until interrupted).\n"
" -h host Retrieve URL from cache on hostname. Default is localhost.\n"
- " -l host Specify a local IP address to bind to. Default is none.\n"
+ " -H 'string' Extra headers to send. Use '\\n' for new lines.\n"
+ " -i IMS If-Modified-Since time (in Epoch seconds).\n"
+ " -I interval Ping interval in seconds (default 1 second).\n"
" -j hosthdr Host header content\n"
- " -p port Port number of cache. Default is %d.\n"
+ " -l host Specify a local IP address to bind to. Default is none.\n"
" -m method Request method, default is GET.\n"
+ " -p port Port number of cache. Default is %d.\n"
+ " -P file PUT request. Using the named file\n"
+ " -r Force cache to reload URL.\n"
+ " -s Silent. Do not print data to stdout.\n"
" -t count Trace count cache-hops\n"
- " -g count Ping mode, \"count\" iterations (0 to loop until interrupted).\n"
- " -I interval Ping interval in seconds (default 1 second).\n"
- " -H 'string' Extra headers to send. Use '\\n' for new lines.\n"
" -T timeout Timeout value (seconds) for read/write operations.\n"
" -u user Proxy authentication username\n"
- " -w password Proxy authentication password\n"
" -U user WWW authentication username\n"
- " -W password WWW authentication password\n"
+ " -v Verbose. Print outgoing message to stderr.\n"
" -V version HTTP Version. Use '-' for HTTP/0.9 omitted case\n",
+ " -w password Proxy authentication password\n"
+ " -W password WWW authentication password\n"
VERSION, progname, CACHE_HTTP_PORT);
exit(1);
}
