diff -ruN squid-2.6.STABLE6/ChangeLog squid-2.6.STABLE7/ChangeLog
--- squid-2.6.STABLE6/ChangeLog Mon Dec 11 16:20:13 2006
+++ squid-2.6.STABLE7/ChangeLog Sat Jan 13 09:19:58 2007
@@ -1,3 +1,24 @@
+Changes to squid-2.6.STABLE7 (Jan 13 2007)
+
+ - Windows port: Fix intermittent build error using Visual Studio
+ - Add missing tproxy info from the dump of http port configuration
+ - Bug #1853: Support for ARP ACL on NetBSD
+ - clientNatLookup(): fix wrong function name in debug messages
+ - Convert ncsa_auth man page from DOS to Unix text format.
+ - Bug #1858: digest_ldap_auth had some remains of old hash format
+ - Correct the select_loops counter when using select(). Was counted twice
+ - Clarify the http_port vhost option a bit
+ - Fix cache-control: max-stale without value or bad value
+ - Bug #1857: Segmentation fault on certain types of ftp:// requests
+ - Bug #1848: external_acl crashes with an infinite loop under high load
+ - Bug #1792: max_user_ip not working with NTLM authentication
+ - Bug #1865: deny_info redirection with authentication related acls
+ - Small example on how to use the squid_session helper
+ - Bug #1863: cache_peer monitorurl, monitorsize and monitorinterval not working properly
+ - Clarify the transparent http_port option a bit more
+ - Bug #1828: squid.conf docutemtation error for proxy_auth digest
+ - Bug #1867: squid.pid isn't removed on shutdown
+
Changes to squid-2.6.STABLE6 (Dec 12 2006)
- Bug #1817: Assertion failure assert(buflen >= copy_sz) in htcp.c htcpBuildAuth()
diff -ruN squid-2.6.STABLE6/RELEASENOTES.html squid-2.6.STABLE7/RELEASENOTES.html
--- squid-2.6.STABLE6/RELEASENOTES.html Mon Dec 11 16:21:04 2006
+++ squid-2.6.STABLE7/RELEASENOTES.html Sat Jan 13 09:22:42 2007
@@ -2,12 +2,12 @@
- Squid 2.6 release notes
+ Squid 2.6.STABLE7 release notes
-Squid 2.6 release notes
+Squid 2.6.STABLE7 release notes
-Squid Developers
$Id: release-2.6.html,v 1.39 2006/12/11 00:57:40 hno Exp $
+Squid Developers
$Id: release-2.6.html,v 1.40 2007/01/13 16:19:58 hno Exp $
This document contains the release notes for version 2.6 of Squid.
Squid is a WWW Cache application developed by the Web Caching community.
@@ -45,6 +45,9 @@
+
+
+
@@ -143,7 +146,7 @@
auth_param negotiateNew Negotiate authentication scheme, the "next generation" scheme in the family of Microsoft authentication.
external_acl_typeMany new format options %SRCPORT, %MYADDR, %MYPORT, %PATH, %USER_CERT, %ACL, %DATA and a few variants. Helper protocol defaults to the simpler "3.0" protocol, and there is support for a highly efficient protocol via the concurrency= option if supported by the helper.
refresh_patternSeveral new HTTP override/ignore options
-read_ahead_gapNew directive to set the response buffer size.
+read_ahead_gapNew directive to set the response buffer size.
collapsed_forwardingNew directive to enable an alternative optimized forwarding path when there is very many concurrent requests for the same URL.
refresh_stale_hitNew directive similar to collapsed_forwarding and activates an alternative optimized request processing when there is very many concurrent requests for the same recently expired URL.
acl urlgroupNew acl class
@@ -537,6 +540,20 @@
Bug #1641: assertion failed: stmem.c:149: "size > 0" while processing certain Vary objects
a number of other minor and cosmetic bugfixes. See the list of
squid-2.6.STABLE6 changes and the
+ChangeLog file for details.
+
+
+
+
+
+
+
+- Bug #1857: Segmentation fault on certain types of ftp:// requests
+- Bug #1848: external_acl crashes with an infinite loop under high load
+- Bug #1867: squid.pid isn't removed on shutdown
+- Bug #1792: max_user_ip not working with ntlm_auth
+- a number of other minor and cosmetic bugfixes. See the list of
+squid-2.6.STABLE7 changes and the
ChangeLog file for details.
diff -ruN squid-2.6.STABLE6/configure squid-2.6.STABLE7/configure
--- squid-2.6.STABLE6/configure Mon Dec 11 16:20:32 2006
+++ squid-2.6.STABLE7/configure Sat Jan 13 09:22:10 2007
@@ -1,7 +1,7 @@
#! /bin/sh
-# From configure.in Revision: 1.414 .
+# From configure.in Revision: 1.416 .
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.59 for Squid Web Proxy 2.6.STABLE6.
+# Generated by GNU Autoconf 2.59 for Squid Web Proxy 2.6.STABLE7.
#
# Report bugs to .
#
@@ -270,8 +270,8 @@
# Identity of this package.
PACKAGE_NAME='Squid Web Proxy'
PACKAGE_TARNAME='squid'
-PACKAGE_VERSION='2.6.STABLE6'
-PACKAGE_STRING='Squid Web Proxy 2.6.STABLE6'
+PACKAGE_VERSION='2.6.STABLE7'
+PACKAGE_STRING='Squid Web Proxy 2.6.STABLE7'
PACKAGE_BUGREPORT='http://www.squid-cache.org/bugs/'
ac_default_prefix=/usr/local/squid
@@ -781,7 +781,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures Squid Web Proxy 2.6.STABLE6 to adapt to many kinds of systems.
+\`configure' configures Squid Web Proxy 2.6.STABLE7 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -847,7 +847,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of Squid Web Proxy 2.6.STABLE6:";;
+ short | recursive ) echo "Configuration of Squid Web Proxy 2.6.STABLE7:";;
esac
cat <<\_ACEOF
@@ -1158,7 +1158,7 @@
test -n "$ac_init_help" && exit 0
if $ac_init_version; then
cat <<\_ACEOF
-Squid Web Proxy configure 2.6.STABLE6
+Squid Web Proxy configure 2.6.STABLE7
generated by GNU Autoconf 2.59
Copyright (C) 2003 Free Software Foundation, Inc.
@@ -1172,7 +1172,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by Squid Web Proxy $as_me 2.6.STABLE6, which was
+It was created by Squid Web Proxy $as_me 2.6.STABLE7, which was
generated by GNU Autoconf 2.59. Invocation command line was
$ $0 $@
@@ -1818,7 +1818,7 @@
# Define the identity of the package.
PACKAGE='squid'
- VERSION='2.6.STABLE6'
+ VERSION='2.6.STABLE7'
cat >>confdefs.h <<_ACEOF
@@ -4139,6 +4139,8 @@
;;
*-freebsd*)
;;
+ *-netbsd*)
+ ;;
*-openbsd*)
;;
*-cygwin*)
@@ -18492,7 +18494,7 @@
} >&5
cat >&5 <<_CSEOF
-This file was extended by Squid Web Proxy $as_me 2.6.STABLE6, which was
+This file was extended by Squid Web Proxy $as_me 2.6.STABLE7, which was
generated by GNU Autoconf 2.59. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -18555,7 +18557,7 @@
cat >>$CONFIG_STATUS <<_ACEOF
ac_cs_version="\\
-Squid Web Proxy config.status 2.6.STABLE6
+Squid Web Proxy config.status 2.6.STABLE7
configured by $0, generated by GNU Autoconf 2.59,
with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\"
diff -ruN squid-2.6.STABLE6/configure.in squid-2.6.STABLE7/configure.in
--- squid-2.6.STABLE6/configure.in Mon Dec 11 16:20:32 2006
+++ squid-2.6.STABLE7/configure.in Sat Jan 13 09:22:10 2007
@@ -1,16 +1,16 @@
dnl
dnl Configuration input file for Squid
dnl
-dnl $Id: configure.in,v 1.414 2006/12/11 23:16:58 hno Exp $
+dnl $Id: configure.in,v 1.416 2007/01/13 16:11:40 hno Exp $
dnl
dnl
dnl
-AC_INIT(Squid Web Proxy, 2.6.STABLE6, http://www.squid-cache.org/bugs/, squid)
+AC_INIT(Squid Web Proxy, 2.6.STABLE7, http://www.squid-cache.org/bugs/, squid)
AC_PREREQ(2.52)
AM_CONFIG_HEADER(include/autoconf.h)
AC_CONFIG_AUX_DIR(cfgaux)
AM_INIT_AUTOMAKE
-AC_REVISION($Revision: 1.414 $)dnl
+AC_REVISION($Revision: 1.416 $)dnl
AC_PREFIX_DEFAULT(/usr/local/squid)
AM_MAINTAINER_MODE
@@ -654,6 +654,8 @@
*-solaris*)
;;
*-freebsd*)
+ ;;
+ *-netbsd*)
;;
*-openbsd*)
;;
diff -ruN squid-2.6.STABLE6/helpers/basic_auth/NCSA/ncsa_auth.8 squid-2.6.STABLE7/helpers/basic_auth/NCSA/ncsa_auth.8
--- squid-2.6.STABLE6/helpers/basic_auth/NCSA/ncsa_auth.8 Thu Jun 22 19:03:58 2006
+++ squid-2.6.STABLE7/helpers/basic_auth/NCSA/ncsa_auth.8 Wed Dec 27 07:12:17 2006
@@ -1,38 +1,38 @@
-.\" This file is distributed in the hope that it will be useful,
-.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
-.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
-.\" the GNU General Public License for more details.
-.\"
-.\" You should have received a copy of the GNU General Public License
-.\" along with this file; if not, write to the Free Software
-.\" Foundation, Inc., 59 Temple Place, Suite 330, Boston,
-.\" MA 02111-1307 USA
-.\"
-.\" HISTORY:
-.\" 2006-05-16, created by Rodrigo Rubira Branco
-.TH ncsa_auth 8 "May 16, 2006" "Squid NCSA Auth helper"
-.SH NAME
-ncsa_auth \- NCSA httpd-style password file authentication helper for Squid
-\fB
-.SH SYNOPSIS
-.nf
-.fam C
-\fBncsa_auth\fP \fIpasswdfile\fP
-.fam T
-.fi
-.SH DESCRIPTION
-\fBncsa_auth\fP allows Squid to read and authenticate user and password information from an NCSA/Apache httpd-style password file when using basic HTTP authentication.
-.PP
-The only parameter is the password file. It must have permissions to be read by the user that Squid is running as (cache_effective_user in squid.conf).
-.PP
-This password file can be manipulated using htpasswd.
-.SH OPTIONS
-Only specify the password file name.
-.SH EXAMPLE
-\fBncsa_auth\fP /etc/squid/squid.pass
-.SH SECURITY
-\fBncsa_auth\fP must have access to the password file to be executed.
-.SH SEE ALSO
-\fBhtpasswd\fP(1), \fBsquid\fP(8)
-.SH AUTHOR
-Manpage written by Rodrigo Rubira Branco
+.\" This file is distributed in the hope that it will be useful,
+.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
+.\" the GNU General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU General Public License
+.\" along with this file; if not, write to the Free Software
+.\" Foundation, Inc., 59 Temple Place, Suite 330, Boston,
+.\" MA 02111-1307 USA
+.\"
+.\" HISTORY:
+.\" 2006-05-16, created by Rodrigo Rubira Branco
+.TH ncsa_auth 8 "May 16, 2006" "Squid NCSA Auth helper"
+.SH NAME
+ncsa_auth \- NCSA httpd-style password file authentication helper for Squid
+\fB
+.SH SYNOPSIS
+.nf
+.fam C
+\fBncsa_auth\fP \fIpasswdfile\fP
+.fam T
+.fi
+.SH DESCRIPTION
+\fBncsa_auth\fP allows Squid to read and authenticate user and password information from an NCSA/Apache httpd-style password file when using basic HTTP authentication.
+.PP
+The only parameter is the password file. It must have permissions to be read by the user that Squid is running as (cache_effective_user in squid.conf).
+.PP
+This password file can be manipulated using htpasswd.
+.SH OPTIONS
+Only specify the password file name.
+.SH EXAMPLE
+\fBncsa_auth\fP /etc/squid/squid.pass
+.SH SECURITY
+\fBncsa_auth\fP must have access to the password file to be executed.
+.SH SEE ALSO
+\fBhtpasswd\fP(1), \fBsquid\fP(8)
+.SH AUTHOR
+Manpage written by Rodrigo Rubira Branco
diff -ruN squid-2.6.STABLE6/helpers/digest_auth/ldap/ldap_backend.c squid-2.6.STABLE7/helpers/digest_auth/ldap/ldap_backend.c
--- squid-2.6.STABLE6/helpers/digest_auth/ldap/ldap_backend.c Wed Jun 21 14:51:42 2006
+++ squid-2.6.STABLE7/helpers/digest_auth/ldap/ldap_backend.c Wed Dec 27 11:26:39 2006
@@ -650,7 +650,7 @@
password = getpassword(requestData->user, requestData->realm);
if (password != NULL) {
if (encrpass)
- xstrncpy(requestData->HHA1, &password[6], sizeof(requestData->HHA1));
+ xstrncpy(requestData->HHA1, password, sizeof(requestData->HHA1));
else {
HASH HA1;
DigestCalcHA1("md5", requestData->user, requestData->realm, password, NULL, NULL, HA1, requestData->HHA1);
diff -ruN squid-2.6.STABLE6/helpers/external_acl/session/squid_session.8 squid-2.6.STABLE7/helpers/external_acl/session/squid_session.8
--- squid-2.6.STABLE6/helpers/external_acl/session/squid_session.8 Mon May 22 14:43:38 2006
+++ squid-2.6.STABLE7/helpers/external_acl/session/squid_session.8 Sat Jan 6 10:28:35 2007
@@ -31,6 +31,19 @@
Without this flag the helper automatically starts the session after
the first request.
.
+.SH EXAMPLE
+.P
+Configuration example using the default automatic mode
+.IP
+external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN /usr/local/squid/libexec/squid_session
+.IP
+acl session external session
+.IP
+http_access deny !session
+.IP
+deny_info http://your.server/bannerpage?url=%s session
+.P
+Then set up http://your.server/bannerpage to display a session startup page and then redirect the user back to the requested URL given in the url query parameter.
.SH AUTHOR
This helper and documentation was written by
.I Henrik Nordstrom
diff -ruN squid-2.6.STABLE6/include/version.h squid-2.6.STABLE7/include/version.h
--- squid-2.6.STABLE6/include/version.h Mon Dec 11 16:20:32 2006
+++ squid-2.6.STABLE7/include/version.h Sat Jan 13 09:22:10 2007
@@ -9,5 +9,5 @@
*/
#ifndef SQUID_RELEASE_TIME
-#define SQUID_RELEASE_TIME 1165879230
+#define SQUID_RELEASE_TIME 1168705326
#endif
diff -ruN squid-2.6.STABLE6/lib/rfc2617.c squid-2.6.STABLE7/lib/rfc2617.c
--- squid-2.6.STABLE6/lib/rfc2617.c Tue May 17 10:56:36 2005
+++ squid-2.6.STABLE7/lib/rfc2617.c Sat Jan 13 09:06:42 2007
@@ -13,7 +13,7 @@
/*
- * $Id: rfc2617.c,v 1.7 2005/05/17 16:56:36 hno Exp $
+ * $Id: rfc2617.c,v 1.8 2007/01/13 16:06:42 hno Exp $
*
* DEBUG:
* AUTHOR: RFC 2617 & Robert Collins
@@ -83,14 +83,20 @@
j = Hex[i];
if (('0' <= j) && (j <= '9'))
n = j - '0';
- else
+ else if (('a' <= j) && (j <= 'f'))
n = j - 'a' + 10;
+ else if (('A' <= j) && (j <= 'F'))
+ n = j - 'A' + 10;
+ else
+ continue;
if (i % 2 == 0)
Bin[i / 2] = n << 4;
else
Bin[i / 2] |= n;
}
- Bin[HASHLEN] = '\0';
+ for (; i <= HASHHEXLEN; i++) {
+ Bin[i] = '\0';
+ }
}
diff -ruN squid-2.6.STABLE6/src/HttpHdrCc.c squid-2.6.STABLE7/src/HttpHdrCc.c
--- squid-2.6.STABLE6/src/HttpHdrCc.c Tue May 17 10:56:37 2005
+++ squid-2.6.STABLE7/src/HttpHdrCc.c Sun Dec 31 07:52:51 2006
@@ -1,6 +1,6 @@
/*
- * $Id: HttpHdrCc.c,v 1.23 2005/05/17 16:56:37 hno Exp $
+ * $Id: HttpHdrCc.c,v 1.24 2006/12/31 14:52:51 hno Exp $
*
* DEBUG: section 65 HTTP Cache Control Header
* AUTHOR: Alex Rousskov
@@ -145,9 +145,13 @@
}
break;
case CC_MAX_STALE:
- if (!p || !httpHeaderParseInt(p, &cc->max_stale)) {
- debug(65, 2) ("cc: max-stale directive is valid without value\n");
+ if (!p) {
+ debug(65, 3) ("cc: max-stale directive is valid without value\n");
cc->max_stale = -1;
+ } else if (!httpHeaderParseInt(p, &cc->max_stale)) {
+ debug(65, 2) ("cc: invalid max-stale specs near '%s'\n", item);
+ cc->max_stale = -1;
+ EBIT_CLR(cc->mask, type);
}
break;
case CC_OTHER:
@@ -204,7 +208,7 @@
if (flag == CC_S_MAXAGE)
packerPrintf(p, "=%d", (int) cc->s_maxage);
- if (flag == CC_MAX_STALE)
+ if (flag == CC_MAX_STALE && cc->max_stale > 0)
packerPrintf(p, "=%d", (int) cc->max_stale);
pcount++;
diff -ruN squid-2.6.STABLE6/src/acl.c squid-2.6.STABLE7/src/acl.c
--- squid-2.6.STABLE6/src/acl.c Mon Oct 16 14:11:41 2006
+++ squid-2.6.STABLE7/src/acl.c Sat Jan 6 10:22:45 2007
@@ -1,6 +1,6 @@
/*
- * $Id: acl.c,v 1.316 2006/10/16 20:11:41 serassio Exp $
+ * $Id: acl.c,v 1.318 2007/01/06 17:22:45 hno Exp $
*
* DEBUG: section 28 Access Control
* AUTHOR: Duane Wessels
@@ -1128,24 +1128,18 @@
/* does name lookup, returns page_id */
err_type
-aclGetDenyInfoPage(acl_deny_info_list ** head, const char *name)
+aclGetDenyInfoPage(acl_deny_info_list ** head, const char *name, int redirect_allowed)
{
acl_deny_info_list *A = NULL;
- acl_name_list *L = NULL;
- A = *head;
- if (NULL == *head) /* empty list */
- return ERR_NONE;
- while (A) {
- L = A->acl_list;
- if (NULL == L) /* empty list should never happen, but in case */
+ for (A = *head; A; A = A->next) {
+ acl_name_list *L = NULL;
+ if (!redirect_allowed && strchr(A->err_page_name, ':'))
continue;
- while (L) {
+ for (L = A->acl_list; L; L = L->next) {
if (!strcmp(name, L->name))
return A->err_page_id;
- L = L->next;
}
- A = A->next;
}
return ERR_NONE;
}
@@ -3083,7 +3077,7 @@
* token namespace crashing any structures or classes having members
* of the same names.
*/
-#ifdef _SQUID_OPENBSD_
+#if defined(_SQUID_NETBSD_) || defined(_SQUID_OPENBSD_)
#undef free
#endif
#include
@@ -3096,7 +3090,7 @@
#include
#endif
#include
-#if defined(_SQUID_FREEBSD_) || defined(_SQUID_OPENBSD_)
+#if defined(_SQUID_FREEBSD_) || defined(_SQUID_NETBSD_) || defined(_SQUID_OPENBSD_)
#include
#endif
#if HAVE_NETINET_IF_ETHER_H
@@ -3318,7 +3312,7 @@
inet_ntoa(c), splayLastResult ? "NOT found" : "found");
return (0 == splayLastResult);
}
-#elif defined(_SQUID_FREEBSD_) || defined(_SQUID_OPENBSD_)
+#elif defined(_SQUID_FREEBSD_) || defined(_SQUID_NETBSD_) || defined(_SQUID_OPENBSD_)
struct arpreq arpReq;
struct sockaddr_in ipAddr;
@@ -3475,7 +3469,7 @@
return (d1[4] > d2[4]) ? 1 : -1;
if (d1[5] != d2[5])
return (d1[5] > d2[5]) ? 1 : -1;
-#elif defined(_SQUID_FREEBSD_) || defined(_SQUID_OPENBSD_)
+#elif defined(_SQUID_FREEBSD_) || defined(_SQUID_OPENBSD_) || defined(_SQUID_NETBSD_)
const unsigned char *d1 = a;
const unsigned char *d2 = b;
if (d1[0] != d2[0])
diff -ruN squid-2.6.STABLE6/src/auth/negotiate/auth_negotiate.c squid-2.6.STABLE7/src/auth/negotiate/auth_negotiate.c
--- squid-2.6.STABLE6/src/auth/negotiate/auth_negotiate.c Sun Jul 30 17:27:04 2006
+++ squid-2.6.STABLE7/src/auth/negotiate/auth_negotiate.c Wed Jan 3 05:17:29 2007
@@ -1,6 +1,6 @@
/*
- * $Id: auth_negotiate.c,v 1.5 2006/07/30 23:27:04 hno Exp $
+ * $Id: auth_negotiate.c,v 1.6 2007/01/03 12:17:29 hno Exp $
*
* DEBUG: section 29 Negotiate Authenticator
* AUTHOR: Robert Collins
@@ -651,7 +651,7 @@
authNegotiateAuthenticated(auth_user_request_t * auth_user_request)
{
negotiate_request_t *negotiate_request = auth_user_request->scheme_data;
- if (negotiate_request->auth_state == AUTHENTICATE_STATE_FINISHED)
+ if (negotiate_request->auth_state == AUTHENTICATE_STATE_DONE)
return 1;
debug(29, 9) ("User not fully authenticated.\n");
return 0;
diff -ruN squid-2.6.STABLE6/src/auth/ntlm/auth_ntlm.c squid-2.6.STABLE7/src/auth/ntlm/auth_ntlm.c
--- squid-2.6.STABLE6/src/auth/ntlm/auth_ntlm.c Sun Jul 30 17:27:04 2006
+++ squid-2.6.STABLE7/src/auth/ntlm/auth_ntlm.c Wed Jan 3 05:17:30 2007
@@ -1,6 +1,6 @@
/*
- * $Id: auth_ntlm.c,v 1.35 2006/07/30 23:27:04 hno Exp $
+ * $Id: auth_ntlm.c,v 1.36 2007/01/03 12:17:30 hno Exp $
*
* DEBUG: section 29 NTLM Authenticator
* AUTHOR: Robert Collins
@@ -427,7 +427,7 @@
auth_user = auth_user_request->auth_user;
assert(auth_user != NULL);
- assert(auth_user->auth_type == AUTH_NEGOTIATE);
+ assert(auth_user->auth_type == AUTH_NTLM);
ntlm_user = auth_user_request->auth_user->scheme_data;
if (ntlm_request->authserver == NULL)
@@ -508,7 +508,7 @@
assert(ntlm_request);
assert(handler);
assert(data);
- assert(auth_user->auth_type == AUTH_NEGOTIATE);
+ assert(auth_user->auth_type == AUTH_NTLM);
debug(29, 9) ("authenticateNTLMStart: auth state '%d'\n", ntlm_request->auth_state);
sent_string = ntlm_request->client_blob;
@@ -581,7 +581,7 @@
dlink_node *node;
assert(auth_user_request->auth_user == NULL);
auth_user_request->auth_user = authenticateAuthUserNew("ntlm");
- auth_user_request->auth_user->auth_type = AUTH_NEGOTIATE;
+ auth_user_request->auth_user->auth_type = AUTH_NTLM;
auth_user_request->auth_user->scheme_data = memPoolAlloc(ntlm_user_pool);
auth_user_request->scheme_data = memPoolAlloc(ntlm_request_pool);
memset(auth_user_request->scheme_data, '\0', sizeof(ntlm_request_t));
@@ -607,7 +607,7 @@
authNTLMAuthenticated(auth_user_request_t * auth_user_request)
{
ntlm_request_t *ntlm_request = auth_user_request->scheme_data;
- if (ntlm_request->auth_state == AUTHENTICATE_STATE_FINISHED)
+ if (ntlm_request->auth_state == AUTHENTICATE_STATE_DONE)
return 1;
debug(29, 9) ("User not fully authenticated.\n");
return 0;
@@ -624,7 +624,7 @@
auth_user = auth_user_request->auth_user;
assert(auth_user);
- assert(auth_user->auth_type == AUTH_NEGOTIATE);
+ assert(auth_user->auth_type == AUTH_NTLM);
assert(auth_user->scheme_data != NULL);
assert(auth_user_request->scheme_data != NULL);
ntlm_user = auth_user->scheme_data;
@@ -661,7 +661,7 @@
ntlm_request->auth_state = AUTHENTICATE_STATE_INITIAL;
safe_free(ntlm_request->client_blob);
ntlm_request->client_blob = xstrdup(blob);
- conn->auth_type = AUTH_NEGOTIATE;
+ conn->auth_type = AUTH_NTLM;
conn->auth_user_request = auth_user_request;
ntlm_request->conn = conn;
/* and lock for the connection duration */
diff -ruN squid-2.6.STABLE6/src/authenticate.c squid-2.6.STABLE7/src/authenticate.c
--- squid-2.6.STABLE6/src/authenticate.c Fri Sep 22 02:48:38 2006
+++ squid-2.6.STABLE7/src/authenticate.c Mon Jan 1 15:44:58 2007
@@ -1,6 +1,6 @@
/*
- * $Id: authenticate.c,v 1.50 2006/09/22 08:48:38 hno Exp $
+ * $Id: authenticate.c,v 1.51 2007/01/01 22:44:58 hno Exp $
*
* DEBUG: section 29 Authenticator
* AUTHOR: Duane Wessels
@@ -247,10 +247,21 @@
return NULL;
}
+static inline void
+authenticateAuthUserRemoveIpEntry(auth_user_t * auth_user, auth_user_ip_t * ipdata)
+{
+ /* remove the node */
+ dlinkDelete(&ipdata->node, &auth_user->ip_list);
+ cbdataFree(ipdata);
+ /* catch incipient underflow */
+ assert(auth_user->ipcount);
+ auth_user->ipcount--;
+}
+
static void
authenticateAuthUserRequestSetIp(auth_user_request_t * auth_user_request, struct in_addr ipaddr)
{
- auth_user_ip_t *ipdata, *tempnode;
+ auth_user_ip_t *ipdata, *next;
auth_user_t *auth_user;
char *ip1;
int found = 0;
@@ -258,14 +269,14 @@
if (!auth_user_request->auth_user)
return;
auth_user = auth_user_request->auth_user;
- ipdata = (auth_user_ip_t *) auth_user->ip_list.head;
+ next = (auth_user_ip_t *) auth_user->ip_list.head;
/*
* we walk the entire list to prevent the first item in the list
* preventing old entries being flushed and locking a user out after
* a timeout+reconfigure
*/
- while (ipdata) {
- tempnode = (auth_user_ip_t *) ipdata->node.next;
+ while ((ipdata = next) != NULL) {
+ next = (auth_user_ip_t *) ipdata->node.next;
/* walk the ip list */
if (ipdata->ipaddr.s_addr == ipaddr.s_addr) {
/* This ip has already been seen. */
@@ -274,13 +285,8 @@
ipdata->ip_expiretime = squid_curtime;
} else if (ipdata->ip_expiretime + Config.authenticateIpTTL < squid_curtime) {
/* This IP has expired - remove from the seen list */
- dlinkDelete(&ipdata->node, &auth_user->ip_list);
- cbdataFree(ipdata);
- /* catch incipient underflow */
- assert(auth_user->ipcount);
- auth_user->ipcount--;
+ authenticateAuthUserRemoveIpEntry(auth_user, ipdata);
}
- ipdata = tempnode;
}
if (found)
@@ -310,12 +316,7 @@
while (ipdata) {
/* walk the ip list */
if (ipdata->ipaddr.s_addr == ipaddr.s_addr) {
- /* remove the node */
- dlinkDelete(&ipdata->node, &auth_user->ip_list);
- cbdataFree(ipdata);
- /* catch incipient underflow */
- assert(auth_user->ipcount);
- auth_user->ipcount--;
+ authenticateAuthUserRemoveIpEntry(auth_user, ipdata);
return;
}
ipdata = (auth_user_ip_t *) ipdata->node.next;
@@ -326,19 +327,13 @@
static void
authenticateAuthUserClearIp(auth_user_t * auth_user)
{
- auth_user_ip_t *ipdata, *tempnode;
+ auth_user_ip_t *ipdata, *next;
if (!auth_user)
return;
- ipdata = (auth_user_ip_t *) auth_user->ip_list.head;
- while (ipdata) {
- tempnode = (auth_user_ip_t *) ipdata->node.next;
- /* walk the ip list */
- dlinkDelete(&ipdata->node, &auth_user->ip_list);
- cbdataFree(ipdata);
- /* catch incipient underflow */
- assert(auth_user->ipcount);
- auth_user->ipcount--;
- ipdata = tempnode;
+ next = (auth_user_ip_t *) auth_user->ip_list.head;
+ while ((ipdata = next) != NULL) {
+ next = (auth_user_ip_t *) ipdata->node.next;
+ authenticateAuthUserRemoveIpEntry(auth_user, ipdata);
}
/* integrity check */
assert(auth_user->ipcount == 0);
@@ -618,7 +613,7 @@
*auth_user_request = t;
authenticateAuthUserRequestLock(*auth_user_request);
}
- if (!request->auth_user_request) {
+ if (!request->auth_user_request && t->lastReply == AUTH_AUTHENTICATED) {
request->auth_user_request = t;
authenticateAuthUserRequestLock(request->auth_user_request);
}
@@ -798,7 +793,7 @@
if ((auth_user_request != NULL) && (auth_user_request->auth_user->auth_module > 0)
&& (authscheme_list[auth_user_request->auth_user->auth_module - 1].AddHeader))
authscheme_list[auth_user_request->auth_user->auth_module - 1].AddHeader(auth_user_request, rep, accelerated);
- if (auth_user_request != NULL)
+ if (auth_user_request != NULL && auth_user_request->lastReply != AUTH_AUTHENTICATED)
auth_user_request->lastReply = AUTH_ACL_CANNOT_AUTHENTICATE;
}
diff -ruN squid-2.6.STABLE6/src/cache_cf.c squid-2.6.STABLE7/src/cache_cf.c
--- squid-2.6.STABLE6/src/cache_cf.c Sat Dec 9 22:33:25 2006
+++ squid-2.6.STABLE7/src/cache_cf.c Tue Jan 9 03:24:41 2007
@@ -1,6 +1,6 @@
/*
- * $Id: cache_cf.c,v 1.459 2006/12/10 05:33:25 hno Exp $
+ * $Id: cache_cf.c,v 1.462 2007/01/09 10:24:41 hno Exp $
*
* DEBUG: section 3 Configuration File Parsing
* AUTHOR: Harvest Derived
@@ -1598,6 +1598,7 @@
p->weight = 1;
p->stats.logged_state = PEER_ALIVE;
p->monitor.state = PEER_ALIVE;
+ p->monitor.interval = 300;
if ((token = strtok(NULL, w_space)) == NULL)
self_destruct();
p->host = xstrdup(token);
@@ -1680,18 +1681,23 @@
if (token[5])
p->name = xstrdup(token + 5);
} else if (!strncasecmp(token, "monitorurl=", 11)) {
+ char *url = token + 11;
safe_free(p->monitor.url);
- if (token[11])
- p->monitor.url = xstrdup(token + 11);
+ if (*url == '/') {
+ int size = strlen("http://") + strlen(p->host) + 16 + strlen(url);
+ p->monitor.url = xmalloc(size);
+ snprintf(p->monitor.url, size, "http://%s:%d%s", p->host, p->http_port, url);
+ } else {
+ p->monitor.url = xstrdup(url);
+ }
} else if (!strncasecmp(token, "monitorsize=", 12)) {
+ char *token2 = strchr(token + 12, ',');
+ if (!token2)
+ token2 = strchr(token + 12, '-');
+ if (token2)
+ *token2++ = '\0';
p->monitor.min = xatoi(token + 12);
- p->monitor.max = -1;
- if (strchr(token + 12, ','))
- token = strchr(token + 12, ',');
- else
- token = strchr(token + 12, '-');
- if (token)
- p->monitor.max = xatoi(token + 1);
+ p->monitor.max = token2 ? xatoi(token2) : -1;
} else if (!strncasecmp(token, "monitorinterval=", 16)) {
p->monitor.interval = xatoi(token + 16);
} else if (!strncasecmp(token, "monitortimeout=", 15)) {
@@ -2806,6 +2812,10 @@
storeAppendPrintf(e, " vport");
if (s->no_connection_auth)
storeAppendPrintf(e, " no-connection-auth");
+#if LINUX_TPROXY
+ if (s->tproxy)
+ storeAppendPrintf(e, " tproxy");
+#endif
}
static void
dump_http_port_list(StoreEntry * e, const char *n, const http_port_list * s)
diff -ruN squid-2.6.STABLE6/src/cf.data.pre squid-2.6.STABLE7/src/cf.data.pre
--- squid-2.6.STABLE6/src/cf.data.pre Tue Nov 28 16:51:52 2006
+++ squid-2.6.STABLE7/src/cf.data.pre Sat Jan 13 09:06:42 2007
@@ -1,6 +1,6 @@
#
-# $Id: cf.data.pre,v 1.377 2006/11/28 23:51:52 hno Exp $
+# $Id: cf.data.pre,v 1.380 2007/01/13 16:06:42 hno Exp $
#
#
# SQUID Web Proxy Cache http://www.squid-cache.org/
@@ -83,9 +83,11 @@
You may specify multiple socket addresses on multiple lines.
options are:
- transparent Support for transparent proxies
- vhost Accelerator using Host directive
- vport Accelerator with IP virtual host support
+ transparent Support for transparent interception of
+ outgoing requests without browser settings
+ vhost Accelerator using the Host header for
+ virtual domain support.
+ vport Accelerator with IP based virtual host support
vport= As above, but uses specified port number
rather than the http_port number.
defaultsite= Main web site name for accelerators.
@@ -1915,7 +1917,7 @@
"program" cmdline
Specify the command for the external authenticator. Such a program
reads a line containing "username":"realm" and replies with the
- appropriate H(A1) value base64 encoded or ERR if the user (or his H(A1)
+ appropriate H(A1) value hex encoded or ERR if the user (or his H(A1)
hash) does not exists. See RFC 2616 for the definition of H(A1).
"ERR" responses may optionally be followed by a error description
available as %m in the returned error page.
diff -ruN squid-2.6.STABLE6/src/client_side.c squid-2.6.STABLE7/src/client_side.c
--- squid-2.6.STABLE6/src/client_side.c Sun Dec 10 16:53:44 2006
+++ squid-2.6.STABLE7/src/client_side.c Sat Jan 6 10:22:45 2007
@@ -1,6 +1,6 @@
/*
- * $Id: client_side.c,v 1.688 2006/12/10 23:53:44 hno Exp $
+ * $Id: client_side.c,v 1.690 2007/01/06 17:22:45 hno Exp $
*
* DEBUG: section 33 Client-side Routines
* AUTHOR: Duane Wessels
@@ -436,7 +436,7 @@
* clobbered in the clientCreateStoreEntry() call
* just below. Pedro Ribeiro
*/
- page_id = aclGetDenyInfoPage(&Config.denyInfoList, AclMatchedName);
+ page_id = aclGetDenyInfoPage(&Config.denyInfoList, AclMatchedName, answer != ACCESS_REQ_PROXY_AUTH);
http->log_type = LOG_TCP_DENIED;
http->entry = clientCreateStoreEntry(http, http->request->method,
null_request_flags);
@@ -485,22 +485,24 @@
if (answer == ACCESS_ALLOWED) {
clientCheckNoCache(http);
} else {
+ int require_auth = (answer == ACCESS_REQ_PROXY_AUTH || aclIsProxyAuth(AclMatchedName));
debug(33, 5) ("Access Denied: %s\n", http->uri);
debug(33, 5) ("AclMatchedName = %s\n",
AclMatchedName ? AclMatchedName : "");
- debug(33, 5) ("Proxy Auth Message = %s\n",
- proxy_auth_msg ? proxy_auth_msg : "");
+ if (require_auth)
+ debug(33, 5) ("Proxy Auth Message = %s\n",
+ proxy_auth_msg ? proxy_auth_msg : "");
/*
* NOTE: get page_id here, based on AclMatchedName because
* if USE_DELAY_POOLS is enabled, then AclMatchedName gets
* clobbered in the clientCreateStoreEntry() call
* just below. Pedro Ribeiro
*/
- page_id = aclGetDenyInfoPage(&Config.denyInfoList, AclMatchedName);
+ page_id = aclGetDenyInfoPage(&Config.denyInfoList, AclMatchedName, answer != ACCESS_REQ_PROXY_AUTH);
http->log_type = LOG_TCP_DENIED;
http->entry = clientCreateStoreEntry(http, http->request->method,
null_request_flags);
- if (answer == ACCESS_REQ_PROXY_AUTH || aclIsProxyAuth(AclMatchedName)) {
+ if (require_auth) {
if (!http->flags.accel) {
/* Proxy authorisation needed */
status = HTTP_PROXY_AUTHENTICATION_REQUIRED;
@@ -2800,7 +2802,7 @@
if (answer != ACCESS_ALLOWED) {
ErrorState *err;
err_type page_id;
- page_id = aclGetDenyInfoPage(&Config.denyInfoList, AclMatchedName);
+ page_id = aclGetDenyInfoPage(&Config.denyInfoList, AclMatchedName, 1);
if (page_id == ERR_NONE)
page_id = ERR_ACCESS_DENIED;
err = errorCon(page_id, HTTP_FORBIDDEN, http->orig_request);
@@ -4368,7 +4370,7 @@
}
if (natfd < 0) {
if (squid_curtime - last_reported > 60) {
- debug(50, 1) ("parseHttpRequest: NAT open failed: %s\n",
+ debug(50, 1) ("clientNatLookup: NAT open failed: %s\n",
xstrerror());
last_reported = squid_curtime;
}
@@ -4394,7 +4396,7 @@
if (x < 0) {
if (errno != ESRCH) {
if (squid_curtime - last_reported > 60) {
- debug(50, 1) ("parseHttpRequest: NAT lookup failed: ioctl(SIOCGNATL)\n");
+ debug(50, 1) ("clientNatLookup: NAT lookup failed: ioctl(SIOCGNATL)\n");
last_reported = squid_curtime;
}
close(natfd);
@@ -4421,12 +4423,12 @@
/* If the call fails the address structure will be unchanged */
if (getsockopt(conn->fd, SOL_IP, SO_ORIGINAL_DST, &conn->me, &sock_sz) != 0) {
if (squid_curtime - last_reported > 60) {
- debug(50, 1) ("parseHttpRequest: NF getsockopt(SO_ORIGINAL_DST) failed: %s\n", xstrerror());
+ debug(50, 1) ("clientNatLookup: NF getsockopt(SO_ORIGINAL_DST) failed: %s\n", xstrerror());
last_reported = squid_curtime;
}
return -1;
}
- debug(33, 5) ("parseHttpRequest: addr = %s", inet_ntoa(conn->me.sin_addr));
+ debug(33, 5) ("clientNatLookup: addr = %s", inet_ntoa(conn->me.sin_addr));
if (orig_addr.s_addr != conn->me.sin_addr.s_addr)
return 0;
else
@@ -4445,7 +4447,7 @@
commSetCloseOnExec(pffd);
}
if (pffd < 0) {
- debug(50, 1) ("parseHttpRequest: PF open failed: %s\n",
+ debug(50, 1) ("clientNatLookup: PF open failed: %s\n",
xstrerror());
return -1;
}
@@ -4460,7 +4462,7 @@
if (ioctl(pffd, DIOCNATLOOK, &nl)) {
if (errno != ENOENT) {
if (squid_curtime - last_reported > 60) {
- debug(50, 1) ("parseHttpRequest: PF lookup failed: ioctl(DIOCNATLOOK)\n");
+ debug(50, 1) ("clientNatLookup: PF lookup failed: ioctl(DIOCNATLOOK)\n");
last_reported = squid_curtime;
}
close(pffd);
diff -ruN squid-2.6.STABLE6/src/comm_select.c squid-2.6.STABLE7/src/comm_select.c
--- squid-2.6.STABLE6/src/comm_select.c Sun Oct 29 17:04:52 2006
+++ squid-2.6.STABLE7/src/comm_select.c Thu Dec 28 15:11:26 2006
@@ -1,6 +1,6 @@
/*
- * $Id: comm_select.c,v 1.79 2006/10/30 00:04:52 hno Exp $
+ * $Id: comm_select.c,v 1.80 2006/12/28 22:11:26 hno Exp $
*
* DEBUG: section 5 Socket Functions
*
@@ -135,7 +135,6 @@
tv.tv_usec = (msec % 1000) * 1000;
statCounter.syscalls.selects++;
num = select(Biggest_FD + 1, current_readfds, current_writefds, current_errfds, &tv);
- statCounter.select_loops++;
if (num < 0) {
getCurrentTime();
diff -ruN squid-2.6.STABLE6/src/comm_select_simple.c squid-2.6.STABLE7/src/comm_select_simple.c
--- squid-2.6.STABLE6/src/comm_select_simple.c Fri Nov 3 05:30:40 2006
+++ squid-2.6.STABLE7/src/comm_select_simple.c Thu Dec 28 15:11:26 2006
@@ -1,6 +1,6 @@
/*
- * $Id: comm_select_simple.c,v 1.2 2006/11/03 12:30:40 hno Exp $
+ * $Id: comm_select_simple.c,v 1.3 2006/12/28 22:11:26 hno Exp $
*
* DEBUG: section 5 Socket Functions
*
@@ -113,7 +113,6 @@
tv.tv_usec = (msec % 1000) * 1000;
statCounter.syscalls.selects++;
num = select(Biggest_FD + 1, &readfds, &writefds, &errfds, &tv);
- statCounter.select_loops++;
if (num < 0) {
getCurrentTime();
diff -ruN squid-2.6.STABLE6/src/comm_select_win32.c squid-2.6.STABLE7/src/comm_select_win32.c
--- squid-2.6.STABLE6/src/comm_select_win32.c Sat Oct 28 11:08:16 2006
+++ squid-2.6.STABLE7/src/comm_select_win32.c Thu Dec 28 15:11:26 2006
@@ -1,6 +1,6 @@
/*
- * $Id: comm_select_win32.c,v 1.6 2006/10/28 17:08:16 serassio Exp $
+ * $Id: comm_select_win32.c,v 1.7 2006/12/28 22:11:26 hno Exp $
*
* DEBUG: section 5 Socket Functions
*
@@ -110,7 +110,6 @@
tv.tv_usec = (msec % 1000) * 1000;
statCounter.syscalls.selects++;
num = select(Biggest_FD + 1, &readfds, &writefds, &errfds, &tv);
- statCounter.select_loops++;
if (num < 0) {
getCurrentTime();
diff -ruN squid-2.6.STABLE6/src/dns_internal.c squid-2.6.STABLE7/src/dns_internal.c
--- squid-2.6.STABLE6/src/dns_internal.c Mon Sep 18 17:11:13 2006
+++ squid-2.6.STABLE7/src/dns_internal.c Sun Dec 17 03:51:44 2006
@@ -1,6 +1,6 @@
/*
- * $Id: dns_internal.c,v 1.60 2006/09/18 23:11:13 hno Exp $
+ * $Id: dns_internal.c,v 1.61 2006/12/17 10:51:44 serassio Exp $
*
* DEBUG: section 78 DNS lookups; interacts with lib/rfc1035.c
* AUTHOR: Duane Wessels
@@ -39,8 +39,7 @@
* #ifndef to exclude the internal DNS code from compile process when
* using External DNS process.
*/
-#ifndef USE_DNSSERVERS
-#include "config.h"
+#if !USE_DNSSERVERS
#if HAVE_ARPA_NAMESER_H
#include
diff -ruN squid-2.6.STABLE6/src/external_acl.c squid-2.6.STABLE7/src/external_acl.c
--- squid-2.6.STABLE6/src/external_acl.c Sun Jul 30 20:04:55 2006
+++ squid-2.6.STABLE7/src/external_acl.c Mon Jan 1 16:32:13 2007
@@ -1,6 +1,6 @@
/*
- * $Id: external_acl.c,v 1.28 2006/07/31 02:04:55 hno Exp $
+ * $Id: external_acl.c,v 1.29 2007/01/01 23:32:13 hno Exp $
*
* DEBUG: section 82 External ACL
* AUTHOR: Henrik Nordstrom, MARA Systems AB
@@ -491,6 +491,12 @@
cbdataFree(*dataptr);
}
+static inline int
+externalAclOverload(external_acl * def)
+{
+ return def->helper->stats.queue_size > def->helper->n_running;
+}
+
int
aclMatchExternal(void *data, aclCheck_t * ch)
{
@@ -543,7 +549,7 @@
}
if (lookup_needed) {
debug(82, 2) ("aclMatchExternal: %s(\"%s\") = lookup needed\n", acl->def->name, key);
- if (acl->def->helper->stats.queue_size <= acl->def->helper->n_running) {
+ if (!externalAclOverload(acl->def)) {
ch->state[ACL_EXTERNAL] = ACL_LOOKUP_NEEDED;
return -1;
} else {
@@ -1067,7 +1073,7 @@
oldstate->queue = state;
} else {
/* Check for queue overload */
- if (def->helper->stats.queue_size >= def->helper->n_running) {
+ if (externalAclOverload(def)) {
debug(82, 1) ("externalAclLookup: '%s' queue overload\n", def->name);
cbdataFree(state);
callback(callback_data, entry);
diff -ruN squid-2.6.STABLE6/src/forward.c squid-2.6.STABLE7/src/forward.c
--- squid-2.6.STABLE6/src/forward.c Sat Dec 9 22:22:41 2006
+++ squid-2.6.STABLE7/src/forward.c Sat Jan 6 10:22:45 2007
@@ -1,6 +1,6 @@
/*
- * $Id: forward.c,v 1.118 2006/12/10 05:22:41 hno Exp $
+ * $Id: forward.c,v 1.119 2007/01/06 17:22:45 hno Exp $
*
* DEBUG: section 17 Request Forwarding
* AUTHOR: Duane Wessels
@@ -823,7 +823,7 @@
answer = aclCheckFast(Config.accessList.miss, &ch);
if (answer == 0) {
err_type page_id;
- page_id = aclGetDenyInfoPage(&Config.denyInfoList, AclMatchedName);
+ page_id = aclGetDenyInfoPage(&Config.denyInfoList, AclMatchedName, 1);
if (page_id == ERR_NONE)
page_id = ERR_FORWARDING_DENIED;
err = errorCon(page_id, HTTP_FORBIDDEN, r);
diff -ruN squid-2.6.STABLE6/src/ftp.c squid-2.6.STABLE7/src/ftp.c
--- squid-2.6.STABLE6/src/ftp.c Mon Sep 18 17:03:36 2006
+++ squid-2.6.STABLE7/src/ftp.c Mon Jan 1 14:38:39 2007
@@ -1,6 +1,6 @@
/*
- * $Id: ftp.c,v 1.340 2006/09/18 23:03:36 hno Exp $
+ * $Id: ftp.c,v 1.341 2007/01/01 21:38:39 hno Exp $
*
* DEBUG: section 9 File Transfer Protocol (FTP)
* AUTHOR: Harvest Derived
@@ -434,7 +434,7 @@
ftpState->flags.dir_slash ? rfc1738_escape_part(ftpState->old_filepath) : ".");
} else if (ftpState->typecode == 'D') {
const char *path = ftpState->flags.dir_slash ? ftpState->filepath : ".";
- storeAppendPrintf(e, "[As extended directory]\n", html_quote(path));
+ storeAppendPrintf(e, "[As extended directory]\n", rfc1738_escape_part(path));
}
storeAppendPrintf(e, "
\n");
storeAppendPrintf(e, "\n");
@@ -682,8 +682,8 @@
snprintf(html, 8192, "%s\n", line);
return html;
}
- if (ftpState->flags.dir_slash)
- snprintf(prefix, sizeof(prefix), "%s/", rfc1738_escape_part(ftpState->dirpath));
+ if (ftpState->flags.dir_slash && ftpState->dirpath && ftpState->typecode != 'D')
+ snprintf(prefix, 2048, "%s/", rfc1738_escape_part(ftpState->dirpath));
else
prefix[0] = '\0';
/* Handle builtin */
diff -ruN squid-2.6.STABLE6/src/main.c squid-2.6.STABLE7/src/main.c
--- squid-2.6.STABLE6/src/main.c Mon Oct 23 05:22:21 2006
+++ squid-2.6.STABLE7/src/main.c Sat Jan 13 09:10:14 2007
@@ -1,6 +1,6 @@
/*
- * $Id: main.c,v 1.392 2006/10/23 11:22:21 hno Exp $
+ * $Id: main.c,v 1.393 2007/01/13 16:10:14 hno Exp $
*
* DEBUG: section 1 Startup and Main Loop
* AUTHOR: Harvest Derived
@@ -1114,6 +1114,11 @@
#endif
storeDirSync(); /* Flush log close */
storeFsDone();
+ if (Config.pidFilename && strcmp(Config.pidFilename, "none") != 0) {
+ enter_suid();
+ safeunlink(Config.pidFilename, 0);
+ leave_suid();
+ }
#if LEAK_CHECK_MODE
configFreeMemory();
storeFreeMemory();
@@ -1147,11 +1152,6 @@
#if MEM_GEN_TRACE
log_trace_done();
#endif
- if (Config.pidFilename && strcmp(Config.pidFilename, "none") != 0) {
- enter_suid();
- safeunlink(Config.pidFilename, 0);
- leave_suid();
- }
debug(1, 1) ("Squid Cache (Version %s): Exiting normally.\n",
version_string);
if (debug_log)
diff -ruN squid-2.6.STABLE6/src/peer_monitor.c squid-2.6.STABLE7/src/peer_monitor.c
--- squid-2.6.STABLE6/src/peer_monitor.c Mon Jun 5 16:47:01 2006
+++ squid-2.6.STABLE7/src/peer_monitor.c Tue Jan 9 03:24:41 2007
@@ -1,6 +1,6 @@
/*
- * $Id: peer_monitor.c,v 1.2 2006/06/05 22:47:01 hno Exp $
+ * $Id: peer_monitor.c,v 1.3 2007/01/09 10:24:41 hno Exp $
*
* DEBUG: section ?? Peer monitoring
* AUTHOR: Henrik Nordstrom
@@ -52,7 +52,6 @@
char *buf;
} running;
char name[40];
- char url[80];
};
CBDATA_TYPE(PeerMonitor);
@@ -127,13 +126,18 @@
peerMonitorRequest(void *data)
{
PeerMonitor *pm = data;
- char *url = pm->url;
+ char *url;
request_t *req;
if (!cbdataValid(pm->peer)) {
cbdataFree(pm);
return;
}
+ url = pm->peer->monitor.url;
+ if (!url) {
+ cbdataFree(pm);
+ return;
+ }
req = urlParse(METHOD_GET, url);
if (!req) {
debug(DBG, 1) ("peerMonitorRequest: Failed to parse URL '%s' for cache_peer %s\n", url, pm->peer->name);
@@ -217,12 +221,6 @@
pm->peer = peer;
peer->monitor.data = pm;
cbdataLock(pm->peer);
- if (*url == '/') {
- snprintf(pm->url, sizeof(pm->url), "http://%s:%d%s",
- pm->peer->host, pm->peer->http_port, url);
- } else {
- xstrncpy(pm->url, url, sizeof(pm->url));
- }
peerMonitorRequest(pm);
}
diff -ruN squid-2.6.STABLE6/src/protos.h squid-2.6.STABLE7/src/protos.h
--- squid-2.6.STABLE6/src/protos.h Mon Oct 23 05:22:21 2006
+++ squid-2.6.STABLE7/src/protos.h Sat Jan 6 10:22:45 2007
@@ -1,6 +1,6 @@
/*
- * $Id: protos.h,v 1.519 2006/10/23 11:22:21 hno Exp $
+ * $Id: protos.h,v 1.520 2007/01/06 17:22:45 hno Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
@@ -67,7 +67,7 @@
extern void aclParseAclList(acl_list **);
extern void aclParseAclLine(acl **);
extern int aclIsProxyAuth(const char *name);
-extern err_type aclGetDenyInfoPage(acl_deny_info_list ** head, const char *name);
+extern err_type aclGetDenyInfoPage(acl_deny_info_list ** head, const char *name, int redirect_allowed);
extern void aclParseDenyInfoLine(struct _acl_deny_info_list **);
extern void aclDestroyDenyInfoList(struct _acl_deny_info_list **);
extern void aclDestroyRegexList(struct _relist *data);