summaryrefslogtreecommitdiff
path: root/www/squid/patches
AgeCommit message (Collapse)AuthorFilesLines
2005-10-31Use official patch instead of temporary one.taca1-22/+0
2005-10-26 20:31 (Minor) fails to compile with undefined reference to setenv Bump PKGREVISION.
2005-10-25Add a patch to compile on SunOS from squid's bugzilla.taca1-0/+22
Bump PKGREVISION.
2005-10-23Update squid package to 2.5.12 (squid-2.5.STABLE12).taca1-16/+25
Changes to squid-2.5.STABLE12 (22 Oct 2005) - [Major] Error introduced in 2.5.STABLE11 causing truncated responses when using delay pools (Bug #1405) - [Cosmetic] Document that tcp_outgoing_* works badly in combination with server_persistent_connections (Bug #454) - [Cosmetic] Add additinal tracing to squid_ldap_auth making diagnostics easier on squid_ldap_auth configuration errors (Bug #1395) - [Minor] $HOME not set when started as root (Bug #1401) - [Minor] httpd_accel_single_host breaks in combination with server_persistent_connections (Bug #1402) - [Cosmetic] Setting CACHE_HTTP_PORT to configure was only partially implemented, effectively ignored. (Bug #1403) - [Minor] CNAME based DNS addresses could get cached for longer than intended (Bug #1404) - [Minor] Incorrect handling of squid-internal-dynamic/netdb exchanges in transparently intercepting proxies (Bug #1410). - [Minor] Cache revalidations on HEAD requests causing poor cache hit ratio (Bug #1411). - [Minor] Not possible to send 302 redirects via a redirector in response to CONNECT requests (bug #1412) - [Minor] Incorrect handling of Set-Cookie on cache refreshes (Bug #1419) - [Major] Segmentation fault crash in rfc1738_do_escape (Bug #1426) - [Minor] Delay pools class 3 fails on clients in network 255 (Bug #1431)
2005-10-09Update squid package to 2.5.11 (2.5.STABLE11 + official 6 patches).taca1-14/+14
o pkgsrc changes: change DIST_SUBDIR to ${PKGNAME_NOREV} only (stop using time stamp) since squid's patches are provided with revision if updated. o official patches: * 2005-09-28 21:52 (Minor) CNAME adresses remembered with wrong TTL * 2005-09-28 21:16 (Cosmetic) Defining CACHE_HTTP_PORT does not set the default http_port * 2005-09-28 21:07 (Minor) httpd_accel_single_host breaks in combination with server_persistent_connections * 2005-09-28 21:07 (Cosmetic) More tracing in test mode of squid_ldap_auth * 2005-09-28 21:07 (Cosmetic) Document that tcp_outgoing_xxx works badly in combination with server_persistent_connections * 2005-09-27 22:29 (Major) Truncated responses when using delay pools o changes from 2.5.10; most of them are already included in squid 2.5.10nb5 package Changes to squid-2.5.STABLE11 (22 Sep 2005) - [Minor] Workaround for servers sending double content-length headers (Bug #1305) - [Cosmetic] Updated Spanish error messages by Nicolas Ruiz - [Cosmetic] Date header corrected on internal objects (icons etc) (Bug #1275) - [Minor] squid -k fails in combination with chroot after patch for bug 1157 (Bug #1307) - [Cosmetic] Segmentation fault if compiled with --enable-ipf-transparent but denied access to the NAT device. (Bug #1313) - [Minor] httpd_accel_signle_host incompatible with redireection (Bug #1314) - [Minor] squid -k reconfigure internal corruption if the type of a cache_dir is changed (Bug #1308) - [Minor] SNMP GETNEXT fails if the given OID is outside the Squid MIB (Bug #1317) - [Minor] Title in FTP listings somewhat messed up after previous patch for bug 1220 (Bug #1220) - [Minor] FTP listings uses "BASE HREF" much more than it needs to, confusing authentication. (Bug #1204) - [Minor] winfo_group.pl only looked for the first group if multiple groups were defined in the same acl. (Bug #1333) - [Cosmetic] Compiler warnings on some 64-bit platforms (Bug #1316) - [Cosmetic] Removed some debug output from wb_ntlm_atuh (Bug #518) - [Cosmetic] The new --with-build-environment=... option doesn't work - [Cosmetic] New 'mail_program' configuration option in squid.conf - [Minor] Fails to compile with ip-filter and ARP support on Solaris x86 (Bug #199) - [Major] Segmentation fault in sslConnectTimeout (Bug #1355) - [Medium] assertion failed in StatHist.c:93 (Bug #1325) - [Minor] More chroot_dir and squid -k reconfigure issues (Bug #1331) - [Cosmetic] Invalid URLs in error messages when failing to connect to peer, and a few other inconsistent error messages (Bug #1342) - [Cosmetic] Fails to compile with glibc -D_FORTIFY_SOURCE=2 (Bug #1344) - [Minor] Some odd FTP servers respond with 250 where 226 is expected (Bug #1348) - [Cosmetic] Greek translation of error messages (Bug #1351) - [Major] Assertion failed store_status == STORE_PENDING (Bug #1368) - [Minor] squid_ldap_auth -U does not work (Bug #1370) - [Minor] SNMP cacheClientTable fails on "long" IP addresses (Bug #1375) - [Minor] Solaris Sparc + IP-Filter compile error (Bug #1374) - [Minor] E-mail sent when cache dies is blocked from many antispam rules (Bug #1380) - [Minor] LDAP helpers does not work with TLS (-Z option) (Bug #1389) - [Cosmetic] Incorrect store dir selection debug message on objects larger than 2Gigabyte (Bug #1343) - [Cosmetic] header_id enum misused as an signed integer (Bug #1343) - [Cosmetic] Allow leaving core dumps when started as root (Bug #1335) - [Medium] Clients could bypass delay_pool settings by faking a cache hit request (Bug #500) - [Minor] IP-Filter 4.X support (Bug #1378) - [Medium] Odd results on pipelined CONNECT requests - [Major] Squid crashing with "FATAL: Incorrect scheme in auth header" when using NTLM authentication. - [Cosmetic] Odd results when pipeline_prefetch is combined with NTLM authentication (bug #1396) - [Minor] invalid host was processed as IP 255.255.255.255 in dst acl (Bug #1394) - [Cosmetic] New --with-maxfd=N configure option to override build time filedescriptor limit test - [Minor] Added support for Windows code name "Longhorn" on Cygwin.
2005-09-15Update squid package to 2.5.10nb3.taca5-129/+19
- pkgsrc update: o s/SQUID_BACKEND/SQUID_BACKENDS/ as suggested by pkglint. o Fix leaving ${PREFIX}/etc/squid/msntauth.conf.default out of PLIST. o IP Filter related patches are incorporated to squid. - Add/update official patches: o 2005-09-15 11:15 (Major) FATAL: Incorrect scheme in auth header o 2005-09-15 09:56 (Medium) Odd results on pipelined CONNECT requests o 2005-09-13 23:59 (Minor) Transparent proxy problem with IP Filter o 2005-09-11 01:53 (Medium) Clients bypassing delay pools by faking a cache hit o 2005-09-11 01:42 (Cosmetic) Allow leaving core dumps on Linux o 2005-09-11 01:21 (Cosmetic) enums can not be assumed to be signed ints o 2005-09-11 01:21 (Cosmetic) Incorrect store dir selection debug message on objects >2G o 2005-09-11 00:57 (Minor) LDAP helpers does not work with TLS (-Z option)
2005-09-04Update squid package to 2.5.10nb2.taca4-26/+46
- pkgsrc changes: check IP filter's header file <ipl.h> as well as <netinet/ipl.h>. - Apply recent official patches including a security fix for DoS noted by http://secunia.com/advisories/16674/ * 2005-09-03 09:41 (Minor) E-mail sent when cache dies is blocked from many antispam rules * 2005-09-03 09:41 (Minor) Solaris 10 SPARC transparent proxy build problem with ipfilter * 2005-09-01 22:57 (Minor) snmo cacheClientTable fails on "long" IP addresses * 2005-09-01 22:49 (Minor) squid_ldap_auth -U does not work * 2005-09-01 22:44 (Major) assertion failed: store.c:523: "e->store_status == STORE_PENDING" * 2005-09-01 22:39 (Cosmetic) Greek translation of error messages * 2005-09-01 22:31 (Minor) Some odd FTP servers respond with 250 where 226 is expected * 2005-09-01 22:26 (Cosmetic) Fails to compile with glibc -D_FORTIFY_SOURCE=2 * 2005-09-01 22:18 (Cosmetic) Odd URLs when failing to forward request via parent and several error messages inconsistent in reported request details * 2005-09-01 22:09 (Minor) More chroot_dir and squid -k reconfigure issues * 2005-09-01 21:56 (Medium) assertion failed: StatHist.c:93: ((int) floor (0.99L + statHistVal(H, 0) - min)) == 0 * 2005-09-01 20:27 (Major) Segmentation fault in sslConnectTimeout * 2005-08-19 09:31 (Minor) sync redeclarations when support for ARP acls * 2005-08-14 17:05 (Cosmetic) New 'mail_program' configuration option in squid.conf
2005-08-09- Add missing optional installed files.taca3-24/+31
- Slightly simplify installation of example configurations. - Add official patches. * 2005-07-11 00:46 (Cosmetic) The new --with-build-environment=... option doesn't work * 2005-07-09 08:58 (Cosmetic) Allow wb_ntlm_auth to run more silent * 2005-07-03 08:24 (Cosmetic) "make all" gives many warnings * 2005-06-29 20:36 (Minor) wbinfo_group.pl only looks into the first group specified * 2005-06-21 22:28 (Minor) FTP listings uses "BASE HREF" much more than it needs to, * 2005-06-22 10:46 (Cosmetic) Title in FTP listings somewhat messed up * 2005-06-19 21:03 (Minor) SNMP GETNEXT fails if the given OID is outside the Squid MIB * 2005-06-19 09:39 (Minor) squid -k reconfigure internal corruption if the type of a cache_dir is changed * 2005-06-13 22:55 (Minor) httpd_accel_signle_host incompatible with redireection * 2005-06-30 08:49 (Minor) Core dump with --enable-ipf-transparent if access to NAT device not granted * 2005-06-27 21:24 (Minor) squid -k fails in combination with chroot after patch for bug 1157 * 2005-06-09 08:01 (Minor) Squid internal icons served up with slightly incorrect HTTP headers * 2005-06-06 21:38 (Cosmetic) Updated Spanish error messages Bump PKGREVISION.
2005-06-07- Fix build problem with IP Filter prior to 4.0; NetBSD 1.6.2.taca4-19/+47
- Avoid use of ":ts" modifier of make(1) since NetBSD 1.6.2's make(1) dosen't support it. It might be fix "diskd" PKG_OPTION problem, too. - Remove extra "--enable-async-io" configure option. No PKGREVISION change.
2005-06-05Update squid package to 2.5.10taca6-97/+67
* squid 2.5.STABLE10 + official + one official patch. - 2005-05-25 23:01 (Cosmetic) Double content-length often harmless Other fixes are already done by official patches for squid 2.5.STABLE9. * Add missing cachemgr.cgi.8 to PLIST. * Introduce options.mk which may need to be brushed more. * Drop support for diskd on Darwin since diskd needs System V msg function which dosen't supported on Darwin. * Real fix for transparent proxy with IP Filter, fix PR pkg/30085.
2005-05-01Disable squid-2.5.STABLE9-transparent_port.patch since it is broken withtaca1-0/+13
IP Filter 4.1 and later. (It has no problem on IP Filter 3.x, but it is difficult apply it conditionally with IP Filter's version.) This apparently fix PR pkg/30085. But note, Squid's transparent proxy with IP Filter dosen't work. It is worked without IP Filter's NAT process. So, web acceess through squid may fail for HTTP 1.0 client which dosen't send Host header. Bump PKGREVISION (squid-2.5.9nb10).
2005-04-26squid package maintainous.taca1-0/+28
- Fix bad PID directory of squid binary introduced by previous pkgsrc. - Update DIST_SUBDIR through DIST_STAMP since some of patch files are updated. - Fix error in doc/Makefile with nbmake. - Newer patch (aufs improvement) aren't included now. Bump PKGREVISION.
2005-04-25Add new four official patches.taca2-22/+14
o 2005-04-23 01:38 (Minor Security) Fix for CVE-1999-0710: cachemgr malicouse use o 2005-04-22 20:48 (Cosmetic) PID file check fails when chrooting o 2005-04-24 16:35 (Minor) Make the use of the %m error page to return auth info messages o 2005-04-22 20:21 (Minor) Unrecognized cache-control directives are silently dropped pkgsrc change. - remove aufs from store I/O backend until it controlled by options.mk frame work. - remove patch-cd; it is covered by squid-2.5.STABLE9-transparent_port.patch. Bump PKGREVISION.
2005-03-31Update squid packate to 2.5.9nb2.taca1-3/+3
Add these official patches: * 2005-03-30 22:51 (Cosmetic) external acls requiring authentication does not request new credentials on access denials like proxy_auth does. * 2005-03-29 09:52 (Cosmetic) New cachemgr pending_objects and client_objects actions * 2005-03-26 23:53 (Minor) rename() related cleanup * 2005-03-30 22:51 (Medium) Fails to process requests for files larger than 2GB in size * 2005-03-19 23:57 (Cosmetic) aufs warning about open event filedescriptors on shutdown * 2005-03-19 01:35 (Minor) --disable-hostname-checks not working * 2005-03-19 01:11 (Cosmetic) LDAP helpers fails to compile with SUN LDAP SDK * 2005-03-21 20:44 (Minor) CONNECT requests truncated if client side disconnects first assertion failed: comm.c:430: "ntohs(address->sin_port) != 0" * 2005-03-19 00:25 (Minor) Basic authentication fails with very long logins or password * 2005-03-29 08:45 (Minor) Several minor aufs issues * 2005-03-09 15:46 (Cosmetic) Extend relaxed_header_parser to work around "excess data from" errors from many major web servers. * 2005-03-09 15:46 (Cosmetic) Duplicate content-length headers logged as conflicting with relaxed_header_parser off * 2005-03-09 15:46 (Cosmetic) Defer digest fetch if the peer is not allowed to be used * 2005-03-10 23:38 (Minor) Incorrect use of ctype functions * 2005-03-15 04:27 (Minor) compile warnings due to pid_t not being an int * 2005-03-09 15:46 (Minor) bzero is a non-standard function not available on all platforms * 2005-03-09 15:46 (Cosmetic) Check several squid.conf directives for int overflows * 2005-03-09 15:46 (Cosmetic) Clarify delay_access function * 2005-03-09 15:46 (Minor) reload_into_ims fails to revalidate negatively cached entries * 2005-03-09 15:46 (Minor) Handle odd date formats
2005-02-11Update squid package to 2.5.8 (squid-2.5.STABLE8).taca2-6/+6
Most of these changes are already included in previous squid-2.5.7nb12. But last one is really new one. Changes to squid-2.5.STABLE8 (11 Feb 2005) - [Minor] 100% CPU usage on half-closed PUT/POST requests (Bug #354, #1096) - [Cosmetic] Document -v (protocol version) option to LDAP helpers - [Minor] The new req_header and resp_header acls segfaults immediately on parse of squid.conf (Bug #961) - [Minor] Failure to shut down busy helpers on -k rotate/reconfigure (Bug #1118) - [Minor] Don't use O_NONBLOCK on disk files. (Bug #1102) - [Minor] Squid fails to close TCP connection after blank HTTP response (Bug #1116) - [Minor security] Random error messages in response to malformed host name (Bug #1143) - [Minor] PURGE should not be able to delete internal objects (Bug #1112) - [Minor] httpd_accel_port 0 (virtual) not working correctly (Bug #1121) - [Minor] cachemgr vm_objects segfault (Bug #1149) - [Minor security] Confusing results on empty acl declarations (Bug #1166) - [Minor] Don't close all "other" filedescriptors on startup (Bug #1177) - [Minor] fakeauth_auth memory leak and NULL pointer access (Bug #1183) - [Security] buffer overflow bug in gopherToHTML() (Bug #1189) - [Medium security] Denial of service with forged WCCP messages (Bug #1190) - [Minor] DNS related memory leak on certain malformed DNS responses (Bug #1197) - [Minor] Internal DNS sometimes truncates host names in reverse (PTR) lookups (Bug #1136) - [Minor Security] Add sanity checks on LDAP user names (Bug #1187) - [Security] Harden Squid agains HTTP request smuggling attacks - [Minor] Icon URLs fails in non-anonymous FTP directory listings is short_icon_urls is on (Bug #1203) - [Security] Harden Squid agains HTTP response splitting attacks (Bug #1200) - [Medium security] Buffer overflow in WCCP recvfrom() call (Bug #1217) - [Security] Properly handle oversized reply headers (Bug #1216) - [Minor] LDAP helpers search fixed to properly ask for no attributes - [Minor] A sporadic segmentation fault when using ntlm authentication fixed (Bug #1127) - [Major] Segmentation fault on failed PUT/POST requests (Bug #1224) - [Medium] Persistent connection mismatch on failed PUT/POST request (Bug #1122) - [Minor] WCCP easily disturbed by forged packets (Bug #1225) - [Minor] Password management in ftp:// gatewaying improved (Bug #1226) - [Major] HTTP reply data corruption in certain situations involving reply headers split over multiple packets (Bug #1233)
2004-12-14Update squid package to 2.5.7nb2.taca1-4/+5
* Apply official three patches. - 2004-12-08 01:03 (Minor) cachemgr vm_objects segfault - 2004-12-08 00:47 (Minor) httpd_accel_port 0 (virtual) not working correctly - 2004-12-07 23:45 (Cosmetic / Minor Security issue) Random error messages in response to malformed host name * use VARBASE for data directory. * better handling data directory and user and group for squid with bsd.pkg.install.mk.
2004-10-13Update squid package to 2.5.7.taca4-116/+18
This includes security problem with SNMP support which enabled by default. <http://www.idefense.com/application/poi/display?id=152&type=vulnerabilities> * pkgsrc changes: - Don't use PKGNAME within DIST_SUBDIR. Instead, date based DIST_STAMP. This change prevent extra DIST_SUBDIR change asked by kim@. - Remove setproctitle(3) hack for dnsserver helper program since use of dnsserver itself is problematic with huge size of squid process. * Changes to squid-2.5.STABLE7 (11 Oct 2004) - [Medium] No objects cached in ufs cache_dir type in some configurations. Issue introduced in 2.5.STABLE6 by the patch for Bug #676. (Bug #1011) - [Minor] LDAP helpers update to correct LDAP connection management and add support for literal password compare instead of binding - [Minor] A large number of queued DNS lookups for the same domain (Bug #852) - [Cosmetic] request_header_max_size configuration partly ignored (Bug #899) - [Minor] Partial hit results in TCP_HIT, not TCP_MISS. (Bug #1001) - Bug #1012: [Cosmetic] HEAD requests may return stale information (Bug #1012) - [Cosmetic] Warn if cache_dir ufs can not create files. (Bug #918) - [Minor] case insensitive authentication (Bug #431) - [Cosmetic] Add delay pools information to active_requests. (Bug #882) - [Minor] Apparent memory leak in client_db (Bug #833) - [Minor] NTLM authentication truncated causing failures. (Bug #1016) - [Cosmetic] Grammatical corrections in squid.conf.default - [Cosmetic] Unknown %X errorpage codes incorrectly quoted. (Bug #1030) - [Medium] Segfaults and other strange crashes when using heap policies. (Bug #1009) - [Minor] Supplementary group memberships not set (Bug #1021) - [Cosmetic] ERR_TOO_BIG Portugese translation - [Minor] external_acl does not handle newlines (Bug #1038) - [Major] NTLM authentication denial of service when using msnt_auth or fake_auth (Bug #1045) - [Medium] Memory leaks when using NTLM authentication without challenge reuse. (Bug #994) - [Minor] Temporary NTLM memory leak with challenge reuse enabled (Bug #910) - [Minor] assertion failed: "n_ufs_dirs <= Config.cacheSwap.n_configured". (Bug #1053) - [Minor] Segfault in authenticateDigestHandleReply. (Bug #1031) - [Minor] acl time fails to parse multiple time specifications (Bug #1060) - [Minor] cachemgr config dumps mixed up Range and Request-Range headers in http_header_access & replace directives. (Bug #1056) - [Minor] Content-Disposition added as a well known header (Bug #961) - [Cosmetic] Don't warn about arp acls not being supported on FreeBSD (Bug #1074) - [Cosmetic] Limit internal send/receive buffer sizes (Bug #1075) - [Medium] New acl types to match arbitrary HTTP headers. In addition the http_header_access & replace directivess now support arbitrary headers and not only the well known ones. (Bug #961) - [Cosmetic] ncsa_auth now accepts Window formatted password files (Bug #1078) - [Cosmetic] Support the --program-prefix/suffix options or other configure program name transforms (Bug #1019) - [Minor] Fix race condition in CONNECT and also handle aborts of CONNECT requests in a more graceful manner. (Bug #859) - [Minor] New balance_on_multiple_ip directive to work around certain broken load balancers and optimized ipcache on reload requests (Bug #1058) - [Medium] New reply_header_max_size directive (Bug #874) - [Minor] Suspected instability on aborted PUT/POST requests (Bug #1089) - [Security] SNMP Denial of Service fix (CAN-2004-0918)
2004-10-03- Enable --enable-arp-acl configure option on FreeBSD, Linux and SunOS.taca1-5/+5
- Add 9 official patches. Bump package revision, squid-2.5.6nb3. * 2004-09-30 09:28 (Minor) CARP ignores cache_peer_domain/cache_peer_access * 2004-09-27 18:23 (Minor) balance_on_multiple_ip squid.conf directive * 2004-09-27 18:10 (Minor) Race window and poor responsiveness to aborted CONNECT requests * 2004-09-25 21:42 (Cosmetic) Support the --program-prefix and other program name transforms * 2004-09-25 21:08 (Cosmetic) Document the caseinsensitive basic auth option * 2004-09-25 20:57 (Cosmetic) ncsa_auth is sensitive on line ending format * 2004-09-25 12:00 (Medium) Add support for arbitrary headers acess controls * 2004-09-26 21:22 (Minor) Limit internal send/receive buffers * 2004-09-25 09:55 (Cosmetic) arp acls is supported on FreeBSD these days..
2004-08-22Update squid package to 2.5.6 (squid 2.5.STALBE6 + official patches).taca12-64/+66
Squid 2.5.STABLE5 to 2.5.STABLE6: * Several "Assertion error" bugs fixed * Several "Segmentation fault" bugs fixes * Corrects a security issue in the old ntlm_auth NTLM helper used in transparent NTLM authentication to a NT domain without using samba. * Processing of Vary: * and Vary on error messages corrected * a large number of minor and cosmetic bugfixes. See the list of squid-2.5.STABLE5 patches and the ChangeLog file for details. 2.5.STABLE56 official patches: * 2004-08-20 08:18 (Major) NTLM authentication denial of service * 2004-08-14 21:07 (Minor) external_acl does not handle newlines * 2004-08-09 14:03 (Minor) Supplementary group memberships not set * 2004-08-05 20:33 (Medium) Segfaults and other strange crashes when using heap policies * 2004-08-06 11:05 (Cosmetic) Unknown %X errorpage codes incorrectly quoted * 2004-08-17 12:22 (Cosmetic) Grammatical corrections in squid.conf.default * 2004-07-27 21:52 (Minor) NTLM authentication truncated * 2004-07-17 22:43 (Minor) Memory leak in client_db * 2004-07-17 20:11 (Cosmetic) Add delay pools information to active_requests * 2004-07-17 19:57 (Minor) case insensitive authentication * 2004-07-17 19:48 (Cosmetic) Warn if cache_dir ufs can not create files * 2004-07-17 16:33 (Cosmetic) HEAD requests may return stale information * 2004-07-17 16:33 (Minor) Partial hit results in TCP_HIT, not TCP_MISS * 2004-07-17 16:33 (Cosmetic) request_header_max_size configuration option doesn't work correctly * 2004-07-29 13:29 (Minor) A large number of queued DNS lookups for the same domain * 2004-08-10 09:40 (Minor) LDAP helpers update * 2004-07-14 16:29 (Medium) storeCreate: no valid swapdirs for this object
2004-06-07Oops, I replaced patch-ad with patch-ae by mistake, restored patch-ad.taca1-10/+10
2004-06-06latest offcial patch has updated:taca5-37/+37
Bug #753: va_copy required Bug #995: segfault on long URLs (bug in previous patch to Bug #753) And reduce offset from pkgsrc's patches. Bump package revision.
2004-03-30Make this build on NetBSD-2.0A with ipfilter-4.1.1agc1-0/+14
2003-05-25update squid pacakge to 2.5.3 (squid-2.5.STABLE3).taca1-11/+11
Changes to squid-2.5.STABLE3 (25 May 2003): - Bug #573: Occational false negatives in external acl lookups - Bug #577: assertion failed: cbdata.c:224: "c->y == c" when external_acl helpers crashes - Bug #590: Squid may hang or behave oddly on shutdown while requests is being processed. - Bug #590: external acl lookups does not deal well with queue overload - cache_effective_user documentation update - cache_peer documentation update for htcp and carp - Bug #600: The example header_access paranoid setting is missing WWW-Authenticate - Bug #605: Segmentation fault in idnsGrokReply() on certain platforms - Fixes to build properly on AIX 5 - Bug #574: wb_group updated to version 1.1 to make group names case insensitive and correct a segfault issue in the helper - SNMP mib updates to make cacheNumObjCount, cacheCurrentUnlinkRequests, cacheCurrentSwapSize and cacheClients correctly report as gauges (was reporting as counters). - Woraround for --enable-ssl Kerberos issue on RedHat 9 - Bug #579: Close and repopen log files on "squid -k reconfigure" - Bug #598: squid_ldap_auth could segfault if LDAP server is unavailable - Bug #609,#612: msntauth helper fixes in dealing with large or non-existing allow/deny user files. - Bug #620: acl ident REQUIRED matches even if the ident lookup fails - Bug #432: reply_body_max_size fails with ident or proxy_auth acls and also fails to block large objects where the content-length is not known - Bug #606: Basic auth looping and gets stuck at high CPU usage when multiple proxy_auth ACLs combined in one line and login fails. - squid_ldap_auth updated with support for TLS and SSL - Bug #623: segfault if using negated external acls in certain configurations involving other acls later on the same http_access line. - Bug #622: wb_group helper update to version 1.2 to ass support for Domain-Qualified groups refering to groups in a specific domain - Bug #596: logic error in poll() error management - Bug #597: logic errors in error management - Bug #591: segmentation fault in authentication on "squid -k debug" - Bug #587: smb_auth fails on complex logins involving domain names or other odd characters - Bug #558, #587: smb_auth.pl fails on complex logins involving domain names or other odd characters - Bug #643: external_acl fails with ttl=0 due to a change introduced by the patch for Bug #553 in 2.5.STABLE2. - Bug #630: minor issues in digest authantication causing random authentication failures and incompability with many mainstream browser digest implementations due to browser qop bugs. To deal with those broken browser nonce_stricness now defaults to off, and two new digest options have been added (check_nonce_count and post_workaround) to allow workarounds to other quite bad browser bugs if needed. - Bug #644: digest authentication fails on requests with one or more comma in the requested URL - Bug #648: deny_info TCP_RESET not working. The fix for this also adds the ability to send redirects.
2003-03-25Update squid package to 2.5.2.taca2-29/+24
pkgsrc change: install some supplemental documents. Changes to squid-2.5.STABLE2 (Mars 17, 2003): - Contrib files added back to the distribution - Several compiler warnings fixed when using --disable-ident or --disable-http-violations - authentication can now be used in most access controls, but must in most cases first be enforced in http_access to force the user to authenticate. - cleanups in the developer bootstrap.sh process when preparing the sources. - several squid.conf.default documentation updated to correctly refer to the current names when refering to other directives - authenticate_ip_ttl documentation updates - several assertion faults and segmentation violations corrected - the RunCache/RunAccel and squid.rc scripts updated to refer to the squid binary in sbin rather than the old bin location. - squid_ldap_auth command line processing fixes when specifying the LDAP server last on the line instead of -h option - aufs data corruption bugfix - aufs performance improvement for low traffic systems - aufs stability improvements - external_acl corrected to properly deal with quoted strings - WCCPv1 bugfix to make sure the router accepts the hash assignments - "Total accounted memory" now correctly reported in cachemgr - several small memory leaks (mostly reconfigure related) - new squid.conf option to allow GET/HEAD requests with a request entity - "make uninstall" no longer removes squid.conf - cachemgr.cgi now uses POST to avoid having the cachemgr password logged in the web server logs - authentication schemes which are known to not be proxyable are now filtered out from forwarded server replies to avoid that the clients tries to use such schemes when we know for a fact it won't work - spelling corrections in various error messages - now possible to define acl values with spaces in them by using the "include file" feature - squid_ldap_group updated to 2.10 to fix compilation issues with recent (and older) OpenLDAP libraries and to make the helper deal correctly with true LDAP groups by first looking up the user DN. - Some internal code cleanups - now verifies that programs etc exists iside the chroot directory when using chroot_dir. No longer neccesary to set up a split view environment where the same paths works both inside the chroot and outside just to convince Squid that the files is actually there.. - improved memory usage reporting - --disable-hostname-checks configure option - no longer ignores double dots in host names. Any hostname with double dots is now rejected as invalid. - log_mime_hdrs no longer logs garbage if very long headers are seen. - 'select_fds_hist' object added to cachemgr 'histogram' output - pid file now unlinked when squid has really shut down, not immediately when the shutdown request is received. This allows the pid file to be monitored to determine when Squid has shut down properly - correct authentication scheme setups on some platforms or compilers - several squid.conf.default documentation updates to remove references to renamed or replaced directives by changing them to their current names. - the SSL reverse proxy support updated to allow building with OpenSSL 0.9.7 and and later. - Corrected a minor performance problem while processing HEAD replies from various broken web servers not sending a correct HTTP reply - time acls can now specify multiple times in the same acl name, like most other acl types. - winbind helpers updated to match Samba-2.2.7a and should work with Samba-2.2.6 or later (required). For compability with older Samba versions A new configure option --with-samba-sources=... has been added to allow you to specify which Samba version the helpers should be built for if different than the above versions. - Squid MIB definition syntax correction to work better with newer (and older) SNMP tools. - Fixed access.log format when logging "error:invalid-HTTP-ident" on requests where parsing the HTTP identifier (HTTP/1.0) failed. - "make distclean" no longer removes the icons, this avoids the dependency on "uudecode" to rebuild Squid after "make distclean" - User name returned by external acl lookups (external_acl_type) is now available as "ident" in later acl checks in addition to the logging in access.log. - Incorrect behaviour of Digest authentication partly corrected - it will not handle sessions, but will always enforce password correctness.. (patch submitted by Sean Burford). - Issue with persistent connections and PUT/POST request corrected
2003-03-02Update squid package to squid-2.5.1nb4.taca1-3/+3
- include more official squid patches. o Make external_acl user names available as IDENT in later acl processing o digest authentication security issue o external_acl Assertion failed: auth_user_request != NULL o make install fails to install icons after make distclean o "error: invalid HTTP-ident" breaks log processing
2003-02-19Remove patches/patch-cd since squid-2.5.STABLE1-mib.patch's content is fixed.taca1-11/+0
2003-02-16- Add more official patches, last one is applied as patches/patch-cdtaca2-13/+11
since it is broken (reported to squid-bugs@squid-cache.org.) - use DIST_SUBDIR. - bump PKG_REVISION.
2003-02-16- Add more official patches, last one is applied as patches/patch-cdtaca1-13/+4
since it is broken (reported to squid-bugs@squid-cache.org.) - use DIST_SUBDIR. - bump PKG_REVISION. These patches fixes those problem. See <http://www.squid-cache.org/Versions/v2/2.5/bugs/> in detail. o Squid MIB definition syntax error o winbind helpers fail to work with Samba 2.2.6 or later o CONNECT data corruption if client pipelines data before 200 OK reply o time acls only accept a single time o Client performance issue with HEAD requests to certain servers o --with-ssl fails to compile with OpenSSL 0.9.7 or later o Slow filedescriptor leak for /etc/hosts o Warn if cachemgr_passwd is specified more than once for the same action o assertion failed: forward.c:96: "fwdState->err" on shutdown o Compilation fails if incorrect --with-auth-threads=NN option is given o squid.conf documentation still refers to authenticate_program o authenticateAuthenticate: no connection data, cannot process authentication o delay_pools example does not match text o cachemgr helper stats cleanup o Segmentation fault after ftpDataWriteCallback o Issues with auth scheme configurations o Removed Cachable stats "no.non_get" o unclear documentation of http_reply_body_max_size o The pid file was removed too early in the shutdown process o select loops statistics incorrect when using select() o Added select filedescriptor histogram output to cachemgr o Duplicate assignment of sc->copy_offset o mem_pool_free_calls should be printed as a unsigned integer o Internal cleanup of peer selection accounting o log_mime_hdrs can show garbage in the access log on overly long request headers o Improved memory usage statistics via sbrk o Hostname cleanups performed by Squid o cachemgr failure_ratio is a ratio, not percentage o offline_toggle cachemgr documentation o squid_ldap_group update to version 2.10 o Documentation update to remove stale reference to Squid-1.1 release notes o further safeguards for aufs compilation problems when not using --enable-pthreads o chroot_dir complains about all paths in squid.conf o Segfault when using -S in combination with cache_dir coss/null o Stale cached data miss in offline_mode o Sometimes crashes while rebuilding dirty cache directories o RunCache/RunAccel scripts still looks for squid in bin o poor performance when using aufs o squid_ldap_group link failure o assertion failed: comm.c:646: "F->flags.open"
2002-12-01src/fs/diskd: only include sys/msg.h if we have it.grant3-0/+51
fixes build on (at least) Darwin 6.2.
2002-10-25Fix error in make install; extra "; \" were exists.taca1-3/+3
It cause error on Solaris. (Why NetBSD's make was OK?)
2002-10-13Update squid to 2.5.1 with several patches fromtaca13-1083/+250
http://www.squid-cache.org/Versions/v2/2.5/bugs/. Now try to install more authentication modules, but those modules should be handled by proper frame work (Curretly, SASL modules aren't handled). Changes to squid-2.5 (): - Major rewrite of proxy authentication to support other schemes than basic. First in the line is NTLM support but others can easily be added (minimal digest is present). See Programmers Guide. (Robert Collins & Francesco Chemolli) - Reworked how request bodies are passed down to the protocols. Now all client side processing is inside client_side.c, and the pass and pump modules is no longer used. - Optimized searching in proxy_auth and ident ACL types. Squid should now handle large access lists a lot more efficiently. (Francesco Chemolli) - Fixed forwarding/peer loop detection code (Brian Degenhardt) - now a peer is ignored if it turns out to be us, rather than committing suicide - Changed the internal URL code to obey appendDomain for internal objects if it needs appending. This fixes weirdnesses where a machine can think it is "foo.bar.com", and "foo" is requested. (Brian Degenhardt) - Added the use of Automake to create the Makefile.in's in the squid source tree. This will allow libtool in the future, and immediately allows better dependency tracking - with or without gcc - as well as the dist-all and distcheck targets for developers which respectively build a tar.gz and a tar.bz2 distribution, and check that what will be distributed builds. - Added TOS and source address selection based on ACLs, written by Roger Venning. This allows administrators to set the TOS precedence bits and/or the source IP from a set of available IPs based upon some ACLs, generally to map different users to different outgoing links and traffic profiles. - Added 'max-conn' option to 'cache_peer' - Added SSL gatewaying support, allowing Squid to act as a SSL server in accelerator setups. - SASL authentication helper by Ian Castle - msntauth updated to v2.0.3 - no_cache now applies to cache hits as well as cache misses - the Gopher client in Squid has been significantly improved - Squid now sanity checks FTP data connections to ensure the connection is from the requested server. Can be disabled if needed by turning off the ftp_sanitycheck option. - external acl support. A mechanism where flexible ACL checks can be driven by external helpers. See the external_acl_type and acl external directives. - Countless other small things and fixes - HTML pages generated by Squid or CacheMgr as well as the ERR documents now contain a doctype declaration so that browsers know which HTML specification the document uses. In addition to that they have a new look (background-color, font) and are valid according to the HTML standards at www.w3.org. (Clemens Löser) - Login and password send to Basic auth helpers is now URL escaped to allow for spaces and other "odd" characters in logins and passwords - Proxy Authentication is no longer blindly forwarded to peer caches if not used locally. If forwarding of proxy authentication is desired then it must now be configured with the login=PASS cache_peer option. - Responses with Vary: in the header are now cached by squid. (Henrik Nordstrom). - Removed unused 'siteselect_timeout' directive.
2002-03-23Fix for PKG_SYSCONFDIR -- the compiled-in paths should now be correct.kim1-12/+4
2002-03-22Change "squid" package to honor "PKG_SYSCONFDIR" completely. This fixestron1-4/+4
PR pkg/15775 by Kimmo Suominen.
2002-03-03Include HAVE_SETPROCTITLE in autoconf.h.in. Thought setproctitle() istaca1-0/+14
already checked in configure script, but it is need to define/undef in a generated header file. Bump to squid 2.4.4nb1.
2002-02-24Fix build problems on systems without setproctitle(3).veego3-18/+858
Check setproctitle in the configure script and remove the define in patch-ba.
2002-02-18Update squid to squid-2.4.3nb1.taca2-20/+101
- replace a hack adding fd_mask definition in autoconf.h with re-writing configure script. It cause to run configure twice and result "no fd_mask". - Incorporate three official patches from http://www.squid-cache.org/Versions/v2/2.4/bugs/. o SNMP memory leaks synopsis The SNMP implementation in Squid had several memory leaks possibly causing an denial of service. workaround Disable the SNMP port if enabled by using "snmp_port 0" in squid.conf. Or if you only use SNMP for MRTG data collection running on the same host then use "snmp_incoming_address 127.0.0.1" to limit reachability of the SNMP port to only localhost or some other trusted network. o Coredump on certain ftp:// style URL's synopsis If certain constructed ftp:// style URL's are received then squid crashes, causing a denial of service and maybe even remote execution of code. workaround Deny forwarding of non-anonymous FTP URLs by inserting the following rules at the top of squid.conf, prior to any http_access allow lines. acl non_anonymous_ftp url_regex -i ftp://[^/@]*@ http_access deny non_anonymous_ftp o "htcp_port 0" fails to disable the HTCP port synopsis "htcp_port 0" fails to completely disable the HTCP port as documented in squid.conf, instead HTCP will be listening on a random port number.
2001-12-12Update squid to 2.4.3 (squid-2.4.STABLE3), referring to tech-pkg's mailtaca5-13/+92
from "Ciarcinski, Adam \(ISS Brussels\)" <ACiarcinski@iss.net>. From ChangeLog: Changes to Squid-2.4.STABLE3 (Nov 28, 2001): - Fixed bug #255: core dump on SSL/CONNECT if access denied by miss_access - Fixed bug #246: corrupt on-disk meta information preventing rebuilds of lost swap.state files - Fixed bug #243: squid_ldap_auth now supports spaces in passwords - Fixed a coredump when creating FTP directories - Fixed a compile time problem with statHistDump prototype mistmatch, reported by some compilers - Fixed a potential coredump situation on snmpwalk in certain configurations - Fixed bug #229: filedescriptor leakage in the "aufs" cache_dir store implementation - Serbian error message translations I added following changes, too. o honor PKG_SYSCONFDIR keep SQUID_SYSCONFDIR effective. o Add --disable-internal-dns. This made external dnsserver available. External dnsserver could be disabled with configuration file. o Enable optimization with "-O". o Fix a problem to access nat device when transparent proxy enabled. This fix will be contained in squid 2.5 release. o setproctitle() hack for external dnsserver from daemonnews's article.
2001-11-23Fix problems caused by recent changes: the example configuration files gettron1-4/+12
installed into "etc/squid" (and are not moved arround after installation). The message of the install script matches the actual layout again and is adapted to changes to "SQUID_SYSCONFDIR".
2001-07-29- Apply some of the changes suggested by Greg A. Woods in PR 13427 andtron1-20/+17
include his improved "rc.d" script. - Use the same directory structure as in the Apache package. The configuration files are now in "${PREFIX}/etc/squid" and won't be removed during deinstallation. - Remove unnecessary configuration variables "SQUID_HTTP_PORT" and "SQUID_ICP_PORT". These values can perfectly be adjusted by editing the configuration file and supporting all these variables would make the package too complex. - Bump the version number to 2.4.1nb1.
2001-05-01o remove whitespace from Makefilewennmach1-0/+2
o add $NetBSD$ RCS tag to patch-ab o regen distinfo
2001-04-14Update "squid" package to version 2.4STABLE1. Changes since 2.3STABLE4:tron6-88/+58
- Fixed a bug in and cleaned up class 2/3 delay pools incrementing. - Fixed a coredump bug when using external dnsservers that become overloaded. - Fixed some NULL pointer bugs for NULL storage system when reconfiguring. - Fixed a bug with useragent logging that caused Squid to think the logfile never got opened. - Fixed a compiling bug with --disable-unlinkd. - Changed src/squid.h to always use O_NONBLOCK on Solaris if it is defined. - Fixed a bug with signed/unsigned bitfield flag variables that caused problems on Solaris. - Fixed a bug in clientBuildReplyHeader() that could add an Age: header with a negative value, causing an assertion later. - Fixed an SNMP reporting bug. cacheCurrentResFileDescrCnt was returning the number of FDs in use, rather than the number of reserved FDs. - Added the 'pipeline_prefetch' configuration option. - cache_dir syntax changed to use options instead of many arguments. This means that the max_objsize argument now is an optional option, and that the syntax for how to specify the diskd magics is slightly different. - Various fixes for CYGWIN - Upgraded MSNT auth module to version 2.0. - Fixed potential problems with HTML by making sure all HTML output is properly encoded. - Fixed a memory initialization problem with resource records in lib/rfc1035.c. - Rewrote date parsing in lib/rfc1123.c and made it a little more lenient. - Added Cache-control: max-stale support. - Fixed 'range_offset_limit' again. The problem this time is that client_side.c wouldn't set the we_dont_do_ranges flag for normal cache misses. It was only being set for requests that might have been hits, but we decided to change to a miss. - Added the Authenticate-Info and Proxy-Authenticate-Info headers from RFC 2617. - HTTP header lines longer than 64K could cause an assertion. Now they get ignored. - Fixed an IP address scanning bug that caused "123.foo.com" to be interpreted as an IP address. - Converted many structure allocations to use mem pools. - Changed proxy authentication to strip leading whitespace from usernames after decoding. - Prevented NULL pointer access in aclMatchAcl(). Some ACL types require checklist->request_t, but it won't be available in some cases (like snmp_access). Warn the admin that the ACL can't be checked and that we're denying it. - Allow zero-size disk caches. - The actual filesystem blocksize is now used to account for space overheads when calculating on-disk cache size. - Made the maximum memory cache object size configurable. - Added 'minimum_direct_rtt' configuration option. - Added 'ie_refresh' configuration option, which is a hack to turn IMS requests into no-cache requests. - Added Linux netfilter support for intercepted connections. - Fixed a bug with clientAccessCheck() that allowed proxy requests in accel mode. - Fixed a bug with 301/302 replies from redirectors. Now we force them to be cache misses. - Accommodated changes to the IP-Filter ioctl() interface for intercepted connections. - Fixed handling of client lifetime timeouts. - Fixed a buffer overflow bug with internal DNS replies by truncating received packets to 512 bytes, as per RFC 1035. - Added "forward.log" support, but its work in progress. - Rewrote much of the IP and FQDN cache implementation. This change gets rid of pending hits. - Changed peerWouldBePinged() to return false if our ICP/HTCP port is zero (i.e. disabled). - Changed src/net_db.c to use src/logfile.c routines, rather than stdio, because of solaris stdio filedescriptor limits. - Made netdbReloadState() more robust in case of corrupted data. - Rewrote some freshness/staleness functions in src/refresh.c, partially inspired to support cache-control max-stale. - Fixed status code logging for SSL/CONNECT requests. - Added a hack to subtract cache digest network traffic from statistics so that byte hit ratio stays positive and more closely reflects what people expect it to be. - Fixed a bug with storeCheckTooSmall() that caused internal icons and cache digests to always be released. - Added statfs(2) support for displaying actual filesystem usage in the cache manager 'storedir' output. - Changed status reporting for storage rebuilding. Now it prints percentage complete instead of number of entries parsed. - Use mkstemp() rather than problem-prone tempnam(). - Changed urlParse() to condense multiple dots in hostnames. - Major rewrite of async-io (src/fs/aufs) to make it behave a bit more sane with substantially less overhead. Some tuning work still remains to make it perform optimal. See the start of store_asyncufs.h for all the knobs. - Fixed storage FS modules to use individual swap space high/low values rather than the global ones. - Fixed storage FS bugs with calling file_map_bit_reset() before checking the bit value. Calling with an invalid value caused memory corruption in random places. - Prevent NULL pointer access in store_repl_lru.c for entries that exist in the hash but not the LRU list. - Added --enable-auth-modules=... configure option - Improved ICP dead peer detection to also work when the workload is low - Improved TCP dead peer detection and recovery - Squid is now a bit more persistent in trying to find a alive parent when never_direct is used. - nonhierarchical_direct squid.conf directive to make non-ICP peer selection behave a bit more like ICP selection with respect to hierarchy. - Bugfix where netdb selection could override never_direct - ICP timeout selection now prefers to use parents only when calculating the dynamic timeout to compensate for common RTT differences between parents and siblings. - No longer starts to swap out objects which are known to be above the maximum allowed size. - allow-miss cache_peer option disabling the use of "only-if-cached". Meant to be used in conjunction with icp_hit_stale. - Delay pools tuned to allow large initial pool values - cachemgr filesystem space information changed to show useable space rather than raw space, and platform support somewhat extended. - Logs destination IP in the hierarchy log tag when going direct. (can be disabled by turning log_ip_on_direct off) - Async-IO on linux now makes proper use of mutexes. This fixes some odd pthread segfaults on SMP Linux machines, at a slight performance penalty. - %s can now be used in cache_swap_log and will be substituded with the last path component of cache_dir. - no_cache is now a full ACL check without, allowing most ACL types to be used. - The CONNECT method now obeys miss_access requirements - proxy_auth_regex and ident_regex ACL types - Fixed a StoreEntry memory leak during "dirty" rebuild - Helper processes no longer hold unrelated filedescriptors open - Helpers are now restarted when the logs are rotated - Negatively cached DNS entries are now purged on "reload". - PURGE now also purges the DNS cache - HEAD on FTP objects no longer retreives the whole object - More cleanups of the dstdomain ACL type - Squid no longer tries to do Range internally if it is not supported by the origin server. Doing so could cause bandwidth spikes and/or negative hit ratio. - httpd_accel_single_host squid.conf directive - "round-robin" cache_peer counters are reset every 5 minutes to compensate previously dead peers - DNS retransmit parameters - Show all FTP server messages - squid.conf.default now indicates if a directive isn't enabled in the installed binary, and what configure option to use for enabling it - Fixed a temporary memory leak on persistent POSTs - Fixed a temporary memory leak when the server response headers includes NULL characters - authenticate_ip_ttl_is_strict squid.conf option - req_mime_type ACL type - A reworked storage system that supports storage directories in a more modular fashion. The object replacement and IO is now responsibility of the storage directory, and not of the storage manager. - Fixed a bogous MD5 mismatch warning sometimes seen when using aufs or diskd stores - Added --enable-stacktraces configure option to set PRINT_STACK_TRACE, and extended support for this to Linux/GNU libc. - Disabled the "request timeout" error message sent if the user agent did not provide a request in a timely manner after opening the connection. Now the connection is silently closed. The error message was confusing user agents utilizing persistent connections. - Fixed configure --enable descriptions to match the arg names. - Eliminated compile warnings from auth_modules/MSNT code. - Require first character of hostnames to be alphanumeric. - Made ARP ACL work for Solaris. - Removed storeClientListSearch(). - Added counters to track diskd operation success and failures. - Fixed range_offset_limit. - Added code to retry ServFail replies for internal DNS lookups. - Added referer header logging (Jens-S. Voeckler). - Added "multi-domain-NTLM" authentication module, a Perl script from Thomas Jarosch. - Added configurable warning messages for high memory usage, high response time, and high page faults. - Made store dir selection algorithm configurable. - Added support for admin-definable extension methods, up to 20. - Added 'maximum_object_size_in_memory' as a configuration option - this defines the watermark where objects transit from being true hot objects to being in-transit objects in memory. It currently defaults to 8 KB. - Change to the fqdn code which changes how pending DNS requests are treated as private and only become public once they are completed. This can add extra load on DNS servers but prevents all the pending clients blocking if one of the queries got stuck. (Duane Wessels) - Converted more code to use MemPools, from Andres Kroonmaa. - Added more CYGWIN patches from Robert Collins. - Added Logfile module. - Added DISKD stats via cachemgr. - Added squid.conf options for DISKD magic constants.
2000-11-02fix path to patched filesjdolecek3-9/+9
2000-11-02add log_mime_hdrs_list directive - this directive specifies list ofjdolecek3-0/+102
headers to log into access log when log_mime_hdrs is on the change will be sent to Squid maintainers for possible future inclusion shortly
2000-10-15Update squid from 2.3stable3 to 2.3stable4:veego1-7/+9
Important Changes: - offline_toggle You can now toggle the 'offline_mode' option from the cache manager. - minimum_object_size Added the 'minimum_object_size' option. Files smaller than this size are not cached. - passive_ftp If your firewall doesn't allow passive FTP transfers, you can tell Squid to use PORT instead by turning the 'passive_ftp' option off. - wccp_version Some Cisco IOS versions expect to receive WCCP packets with version set to three. The 'wccp_version' option allows you to change it, from the default value of four.
2000-05-19Update "squid" package to version 2.3 STABLE 3. Changes since 2.3 STABLE 2:tron2-74/+0
- You can now toggle the 'offline_mode' option from the cache manager. - Added the 'minimum_object_size' option. Files smaller than this size are not cached. - If your firewall doesn't allow passive FTP transfers, you can tell Squid to use PORT instead by turning the 'passive_ftp' option off. - Some Cisco IOS versions expect to receive WCCP packets with version set to three. The 'wccp_version' option allows you to change it, from the default value of four.
2000-03-06Corrections for japanese error templates supplied by Takahiro Kambetron2-0/+74
in PR pkg/9534.
1999-11-12Do the metadata rebuild as last step of logfile rotation so that programstron1-0/+16
waiting don't have to wait very long until they can safely access the logfiles. This fixes the third part of PR pkg/8764 by Luke Mewburn.
1999-11-12Update "squid" package to version 2.2STABLE5. Changes since 2.2STABLE4:tron1-3/+12
- Changed configure to look for IP-Filter header files in both /usr/include and /usr/include/netinet. - Fixed an ACL subdomain comparison bug (aclDomainCompare). - Fixed an ACL host <=> domain comparison bug (aclHostDomainCompare). - Fixed a "xstrdup: tried to dup a NULL pointer!" bug caused by illegal hostname characters when certain ACL types are in use. - Fixed res_init() bug in dnsserver. We used to call res_init(), and then clear the RES_INIT bit in _res.options. This caused res_init() to be called again as soon as we use gethostbyname(), and this second initialization wipes out our changing the nameservers. The fix is just to NOT set _res.options to RES_DEFAULT after calling res_init(). - Changed FTP to close data sockets as soon as the transfer ends, rather than waiting for the reply message on the control socket (Alexander V. Lukyanov). - Fixed some buffering problems between Squid and the unlinkd process. By using file_write(), unlink requests were being buffered and experiencing long delays under heavy load. Now use use good ol' write() instead. Also added some feedback from unlinkd to squid so we can track the unlink request queue. If the queue becomes too large, we block a little and wait for some acks from unlinkd. This fixes the first part of PR pkg/8764 by Luke Mewburn.
1999-11-12defuzzrh2-9/+9
1999-05-02Update "squid" package to version 2.2s2 (squid-2.2.STABLE2).tron1-5/+5
1998-12-06Sync with "squid-current" package.tron8-113/+235
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-28 17:33:22 +0000