diff -ruN squid-2.5.STABLE7-RC1/ChangeLog squid-2.5.STABLE7-RC2/ChangeLog
--- squid-2.5.STABLE7-RC1/ChangeLog Sat Sep 25 05:56:15 2004
+++ squid-2.5.STABLE7-RC2/ChangeLog Mon Sep 27 12:44:40 2004
@@ -25,8 +25,10 @@
- [Medium] Segfaults and other strange crashes when using heap
policies. (Bug #1009)
- [Minor] Supplementary group memberships not set (Bug #1021)
+ - [Cosmetic] ERR_TOO_BIG Portugese translation
- [Minor] external_acl does not handle newlines (Bug #1038)
- - [Major] NTLM authentication denial of service (Bug #1045)
+ - [Major] NTLM authentication denial of service when using msnt_auth
+ or fake_auth (Bug #1045)
- [Medium] Memory leaks when using NTLM authentication without
challenge reuse. (Bug #994)
- [Minor] Temporary NTLM memory leak with challenge reuse enabled
@@ -39,9 +41,22 @@
- [Minor] cachemgr config dumps mixed up Range and Request-Range
headers in http_header_access & replace directives. (Bug #1056)
- [Minor] Content-Disposition added as a well known header (Bug #961)
+ - [Cosmetic] Don't warn about arp acls not being supported on FreeBSD
+ (Bug #1074)
+ - [Cosmetic] Limit internal send/receive buffer sizes (Bug #1075)
- [Medium] New acl types to match arbitrary HTTP headers. In addition
the http_header_access & replace directivess now support arbitrary
headers and not only the well known ones. (Bug #961)
+ [2.5.STABLE7-RC1]
+ - [Cosmetic] ncsa_auth now accepts Window formatted password files
+ (Bug #1078)
+ - [Cosmetic] Support the --program-prefix/suffix options or other
+ configure program name transforms (Bug #1019)
+ - [Minor] Fix race condition in CONNECT and also handle aborts of
+ CONNECT requests in a more graceful manner. (Bug #859)
+ - [Minor] New balance_on_multiple_ip directive to work around certain
+ broken load balancers and optimized ipcache on reload requests
+
Changes to squid-2.5.STABLE6 (9 Jul 2004)
diff -ruN squid-2.5.STABLE7-RC1/Makefile.am squid-2.5.STABLE7-RC2/Makefile.am
--- squid-2.5.STABLE7-RC1/Makefile.am Tue Feb 11 19:02:00 2003
+++ squid-2.5.STABLE7-RC2/Makefile.am Sat Sep 25 15:37:35 2004
@@ -1,6 +1,6 @@
## Process this file with automake to produce Makefile.in
#
-# $Id: Makefile.am,v 1.3.2.14 2003/02/12 02:02:00 hno Exp $
+# $Id: Makefile.am,v 1.3.2.15 2004/09/25 21:37:35 hno Exp $
#
AUTOMAKE_OPTIONS = dist-bzip2 subdir-objects 1.5
@@ -8,7 +8,7 @@
SUBDIRS = lib @makesnmplib@ scripts src icons errors doc helpers
DISTCLEANFILES = include/stamp-h include/stamp-h[0-9]*
-DEFAULT_PINGER = $(libexecdir)/pinger$(EXEEXT)
+DEFAULT_PINGER = $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'`
dist-hook:
@ for subdir in include include/samba/nsswitch; do \
diff -ruN squid-2.5.STABLE7-RC1/Makefile.in squid-2.5.STABLE7-RC2/Makefile.in
--- squid-2.5.STABLE7-RC1/Makefile.in Sat Jul 10 06:11:39 2004
+++ squid-2.5.STABLE7-RC2/Makefile.in Sat Sep 25 15:37:58 2004
@@ -14,7 +14,7 @@
@SET_MAKE@
#
-# $Id: Makefile.in,v 1.6.2.22 2004/07/10 12:11:39 hno Exp $
+# $Id: Makefile.in,v 1.6.2.23 2004/09/25 21:37:58 hno Exp $
#
SHELL = @SHELL@
@@ -123,7 +123,7 @@
SUBDIRS = lib @makesnmplib@ scripts src icons errors doc helpers
DISTCLEANFILES = include/stamp-h include/stamp-h[0-9]*
-DEFAULT_PINGER = $(libexecdir)/pinger$(EXEEXT)
+DEFAULT_PINGER = $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'`
EXTRA_DIST = \
ChangeLog \
diff -ruN squid-2.5.STABLE7-RC1/RELEASENOTES.html squid-2.5.STABLE7-RC2/RELEASENOTES.html
--- squid-2.5.STABLE7-RC1/RELEASENOTES.html Sat Sep 25 09:11:25 2004
+++ squid-2.5.STABLE7-RC2/RELEASENOTES.html Mon Sep 27 13:16:11 2004
@@ -1,13 +1,13 @@
-
+
Squid 2.5 release notes
Squid 2.5 release notes
-Squid Developers
$Id: release-2.5.html,v 1.1.2.35 2004/09/25 15:10:25 hno Exp $
+Squid Developers
$Id: release-2.5.html,v 1.1.2.36 2004/09/27 18:44:40 hno Exp $
This document contains the release notes for version 2.5 of Squid.
Squid is a WWW Cache application developed by the National Laboratory
@@ -132,6 +132,7 @@
minimum_retry_timeoutThis has been removed - it is not referenced anywhere in the source code.
short_icon_urlsNew directive to enable an alternative way of referring to icons in FTP directory listings etc.
acl urlloginNew acl type to match the login component of Internet style URLs (protocol://user:password@host/path/to/file)
+balance_on_multiple_ipNew directive to make it possible to disable the automatic round-robin load balancing on multiple IP addresses normally done by Squid.
@@ -311,6 +312,7 @@
not only the well known headers known by Squid
new acl types req_hdr and resp_hdr to match arbitrary HTTP headers,
useful to block certain malware/spyware etc.
+new balance_on_multiple_ip squid.conf directive
a number of other minor and cosmetic bugfixes. See the list of
squid-2.5.STABLE6 patches and the
ChangeLog file for details.
diff -ruN squid-2.5.STABLE7-RC1/configure squid-2.5.STABLE7-RC2/configure
--- squid-2.5.STABLE7-RC1/configure Sat Sep 25 09:11:17 2004
+++ squid-2.5.STABLE7-RC2/configure Mon Sep 27 13:15:58 2004
@@ -1000,7 +1000,7 @@
# Define the identity of the package.
PACKAGE=squid
-VERSION=2.5.STABLE7-RC1
+VERSION=2.5.STABLE7-RC2
cat >> confdefs.h <&6
echo "configure:1057: checking whether to enable maintainer-specific portions of Makefiles" >&5
# Check whether --enable-maintainer-mode or --disable-maintainer-mode was given.
diff -ruN squid-2.5.STABLE7-RC1/configure.in squid-2.5.STABLE7-RC2/configure.in
--- squid-2.5.STABLE7-RC1/configure.in Sat Sep 25 09:11:17 2004
+++ squid-2.5.STABLE7-RC2/configure.in Mon Sep 27 13:15:58 2004
@@ -3,15 +3,15 @@
dnl
dnl Duane Wessels, wessels@nlanr.net, February 1996 (autoconf v2.9)
dnl
-dnl $Id: configure.in,v 1.251.2.64 2004/09/25 15:03:09 hno Exp $
+dnl $Id: configure.in,v 1.251.2.66 2004/09/27 19:14:57 hno Exp $
dnl
dnl
dnl
AC_INIT(src/main.c)
AC_CONFIG_AUX_DIR(cfgaux)
-AM_INIT_AUTOMAKE(squid, 2.5.STABLE7-RC1)
+AM_INIT_AUTOMAKE(squid, 2.5.STABLE7-RC2)
AM_CONFIG_HEADER(include/autoconf.h)
-AC_REVISION($Revision: 1.251.2.64 $)dnl
+AC_REVISION($Revision: 1.251.2.66 $)dnl
AC_PREFIX_DEFAULT(/usr/local/squid)
AM_MAINTAINER_MODE
diff -ruN squid-2.5.STABLE7-RC1/helpers/basic_auth/NCSA/ncsa_auth.c squid-2.5.STABLE7-RC2/helpers/basic_auth/NCSA/ncsa_auth.c
--- squid-2.5.STABLE7-RC1/helpers/basic_auth/NCSA/ncsa_auth.c Wed Aug 20 06:35:51 2003
+++ squid-2.5.STABLE7-RC2/helpers/basic_auth/NCSA/ncsa_auth.c Sat Sep 25 14:53:17 2004
@@ -88,8 +88,8 @@
if ((buf[0] == '#') || (buf[0] == ' ') || (buf[0] == '\t') ||
(buf[0] == '\n'))
continue;
- user = strtok(buf, ":\n");
- passwd = strtok(NULL, ":\n");
+ user = strtok(buf, ":\n\r");
+ passwd = strtok(NULL, ":\n\r");
if ((strlen(user) > 0) && passwd) {
u = xmalloc(sizeof(*u));
u->user = xstrdup(user);
diff -ruN squid-2.5.STABLE7-RC1/include/version.h squid-2.5.STABLE7-RC2/include/version.h
--- squid-2.5.STABLE7-RC1/include/version.h Sat Sep 25 09:11:17 2004
+++ squid-2.5.STABLE7-RC2/include/version.h Mon Sep 27 13:15:58 2004
@@ -9,5 +9,5 @@
*/
#ifndef SQUID_RELEASE_TIME
-#define SQUID_RELEASE_TIME 1096125074
+#define SQUID_RELEASE_TIME 1096312556
#endif
diff -ruN squid-2.5.STABLE7-RC1/src/Makefile.am squid-2.5.STABLE7-RC2/src/Makefile.am
--- squid-2.5.STABLE7-RC1/src/Makefile.am Sun Nov 10 08:30:03 2002
+++ squid-2.5.STABLE7-RC2/src/Makefile.am Sat Sep 25 15:37:35 2004
@@ -1,7 +1,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.am,v 1.16.2.9 2002/11/10 15:30:03 hno Exp $
+# $Id: Makefile.am,v 1.16.2.10 2004/09/25 21:37:35 hno Exp $
#
# Uncomment and customize the following to suit your needs:
#
@@ -273,16 +273,16 @@
DEFAULT_PREFIX = $(prefix)
DEFAULT_CONFIG_FILE = $(sysconfdir)/squid.conf
DEFAULT_MIME_TABLE = $(sysconfdir)/mime.conf
-DEFAULT_DNSSERVER = $(libexecdir)/dnsserver$(EXEEXT)
+DEFAULT_DNSSERVER = $(libexecdir)/`echo dnsserver | sed '$(transform);s/$$/$(EXEEXT)/'`
DEFAULT_LOG_PREFIX = $(localstatedir)/logs
DEFAULT_CACHE_LOG = $(DEFAULT_LOG_PREFIX)/cache.log
DEFAULT_ACCESS_LOG = $(DEFAULT_LOG_PREFIX)/access.log
DEFAULT_STORE_LOG = $(DEFAULT_LOG_PREFIX)/store.log
DEFAULT_PID_FILE = $(DEFAULT_LOG_PREFIX)/squid.pid
DEFAULT_SWAP_DIR = $(localstatedir)/cache
-DEFAULT_PINGER = $(libexecdir)/pinger$(EXEEXT)
-DEFAULT_UNLINKD = $(libexecdir)/unlinkd$(EXEEXT)
-DEFAULT_DISKD = $(libexecdir)/diskd$(EXEEXT)
+DEFAULT_PINGER = $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'`
+DEFAULT_UNLINKD = $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'`
+DEFAULT_DISKD = $(libexecdir)/`echo diskd | sed '$(transform);s/$$/$(EXEEXT)/'`
DEFAULT_ICON_DIR = $(datadir)/icons
DEFAULT_ERROR_DIR = $(datadir)/errors/@ERR_DEFAULT_LANGUAGE@
DEFAULT_MIB_PATH = $(datadir)/mib.txt
diff -ruN squid-2.5.STABLE7-RC1/src/Makefile.in squid-2.5.STABLE7-RC2/src/Makefile.in
--- squid-2.5.STABLE7-RC1/src/Makefile.in Wed Sep 1 04:30:29 2004
+++ squid-2.5.STABLE7-RC2/src/Makefile.in Sat Sep 25 15:37:59 2004
@@ -16,7 +16,7 @@
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.225.2.19 2004/09/01 10:30:29 hno Exp $
+# $Id: Makefile.in,v 1.225.2.20 2004/09/25 21:37:59 hno Exp $
#
# Uncomment and customize the following to suit your needs:
#
@@ -375,16 +375,16 @@
DEFAULT_PREFIX = $(prefix)
DEFAULT_CONFIG_FILE = $(sysconfdir)/squid.conf
DEFAULT_MIME_TABLE = $(sysconfdir)/mime.conf
-DEFAULT_DNSSERVER = $(libexecdir)/dnsserver$(EXEEXT)
+DEFAULT_DNSSERVER = $(libexecdir)/`echo dnsserver | sed '$(transform);s/$$/$(EXEEXT)/'`
DEFAULT_LOG_PREFIX = $(localstatedir)/logs
DEFAULT_CACHE_LOG = $(DEFAULT_LOG_PREFIX)/cache.log
DEFAULT_ACCESS_LOG = $(DEFAULT_LOG_PREFIX)/access.log
DEFAULT_STORE_LOG = $(DEFAULT_LOG_PREFIX)/store.log
DEFAULT_PID_FILE = $(DEFAULT_LOG_PREFIX)/squid.pid
DEFAULT_SWAP_DIR = $(localstatedir)/cache
-DEFAULT_PINGER = $(libexecdir)/pinger$(EXEEXT)
-DEFAULT_UNLINKD = $(libexecdir)/unlinkd$(EXEEXT)
-DEFAULT_DISKD = $(libexecdir)/diskd$(EXEEXT)
+DEFAULT_PINGER = $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'`
+DEFAULT_UNLINKD = $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'`
+DEFAULT_DISKD = $(libexecdir)/`echo diskd | sed '$(transform);s/$$/$(EXEEXT)/'`
DEFAULT_ICON_DIR = $(datadir)/icons
DEFAULT_ERROR_DIR = $(datadir)/errors/@ERR_DEFAULT_LANGUAGE@
DEFAULT_MIB_PATH = $(datadir)/mib.txt
diff -ruN squid-2.5.STABLE7-RC1/src/auth/basic/auth_basic.c squid-2.5.STABLE7-RC2/src/auth/basic/auth_basic.c
--- squid-2.5.STABLE7-RC1/src/auth/basic/auth_basic.c Sat Jul 17 13:53:25 2004
+++ squid-2.5.STABLE7-RC2/src/auth/basic/auth_basic.c Sat Sep 25 15:03:49 2004
@@ -1,5 +1,5 @@
/*
- * $Id: auth_basic.c,v 1.14.2.7 2004/07/17 19:53:25 hno Exp $
+ * $Id: auth_basic.c,v 1.14.2.8 2004/09/25 21:03:49 hno Exp $
*
* DEBUG: section 29 Authenticator
* AUTHOR: Duane Wessels
@@ -309,10 +309,11 @@
storeAppendPrintf(entry, " %s", list->key);
list = list->next;
}
- storeAppendPrintf(entry, "\n%s %s realm %s\n%s %s children %d\n%s %s credentialsttl %d seconds\n",
+ storeAppendPrintf(entry, "\n%s %s realm %s\n%s %s children %d\n%s %s credentialsttl %d seconds\n%s %s casesensitive %s\n",
name, "basic", config->basicAuthRealm,
name, "basic", config->authenticateChildren,
- name, "basic", (int) config->credentialsTTL);
+ name, "basic", (int) config->credentialsTTL,
+ name, "basic", config->casesensitive ? "on" : "off");
}
diff -ruN squid-2.5.STABLE7-RC1/src/cf.data.pre squid-2.5.STABLE7-RC2/src/cf.data.pre
--- squid-2.5.STABLE7-RC1/src/cf.data.pre Sat Sep 25 05:56:16 2004
+++ squid-2.5.STABLE7-RC2/src/cf.data.pre Mon Sep 27 12:17:38 2004
@@ -1,6 +1,6 @@
#
-# $Id: cf.data.pre,v 1.245.2.73 2004/09/25 11:56:16 hno Exp $
+# $Id: cf.data.pre,v 1.245.2.75 2004/09/27 18:17:38 hno Exp $
#
#
# SQUID Web Proxy Cache http://www.squid-cache.org/
@@ -1491,6 +1491,7 @@
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
+auth_param basic casesensitive off
NOCOMMENT_END
DOC_END
@@ -3847,6 +3848,19 @@
By enabling this directive Squid attempts to detect such
broken replies and automatically assume the reply is finished
after 10 seconds timeout.
+DOC_END
+
+NAME: balance_on_multiple_ip
+TYPE: onoff
+LOC: Config.onoff.balance_on_multiple_ip
+DEFAULT: on
+DOC_START
+ Some load balancing servers based on round robin DNS have been
+ found not to preserve user session state across requests
+ to different IP addresses.
+
+ By default Squid rotates IP's per request. By disabling
+ this directive only connection failure trigers rotation.
DOC_END
NAME: pipeline_prefetch
diff -ruN squid-2.5.STABLE7-RC1/src/client_side.c squid-2.5.STABLE7-RC2/src/client_side.c
--- squid-2.5.STABLE7-RC1/src/client_side.c Sat Jul 17 10:15:31 2004
+++ squid-2.5.STABLE7-RC2/src/client_side.c Mon Sep 27 12:17:38 2004
@@ -1,6 +1,6 @@
/*
- * $Id: client_side.c,v 1.561.2.58 2004/07/17 16:15:31 hno Exp $
+ * $Id: client_side.c,v 1.561.2.59 2004/09/27 18:17:38 hno Exp $
*
* DEBUG: section 33 Client-side Routines
* AUTHOR: Duane Wessels
@@ -2325,13 +2325,23 @@
e = http->entry = storeGetPublicByRequest(r);
else
e = http->entry = NULL;
- /* Release negatively cached IP-cache entries on reload */
- if (r->flags.nocache)
+ /* Release IP-cache entries on reload */
+ if (r->flags.nocache) {
+#if USE_DNSSERVERS
ipcacheInvalidate(r->host);
+#else
+ ipcacheInvalidateNegative(r->host);
+#endif /* USE_DNSSERVERS */
+ }
#if HTTP_VIOLATIONS
- else if (r->flags.nocache_hack)
+ else if (r->flags.nocache_hack) {
+#if USE_DNSSERVERS
ipcacheInvalidate(r->host);
-#endif
+#else
+ ipcacheInvalidateNegative(r->host);
+#endif /* USE_DNSSERVERS */
+ }
+#endif /* HTTP_VIOLATIONS */
#if USE_CACHE_DIGESTS
http->lookup_type = e ? "HIT" : "MISS";
#endif
diff -ruN squid-2.5.STABLE7-RC1/src/comm.c squid-2.5.STABLE7-RC2/src/comm.c
--- squid-2.5.STABLE7-RC1/src/comm.c Sat Nov 29 11:52:59 2003
+++ squid-2.5.STABLE7-RC2/src/comm.c Mon Sep 27 12:17:39 2004
@@ -1,6 +1,6 @@
/*
- * $Id: comm.c,v 1.324.2.3 2003/11/29 18:52:59 hno Exp $
+ * $Id: comm.c,v 1.324.2.4 2004/09/27 18:17:39 hno Exp $
*
* DEBUG: section 5 Socket Functions
* AUTHOR: Harvest Derived
@@ -290,7 +290,8 @@
}
assert(ia->cur < ia->count);
cs->in_addr = ia->in_addrs[ia->cur];
- ipcacheCycleAddr(cs->host, NULL);
+ if (Config.onoff.balance_on_multiple_ip)
+ ipcacheCycleAddr(cs->host, NULL);
cs->addrcount = ia->count;
cs->connstart = squid_curtime;
commConnectHandle(cs->fd, cs);
diff -ruN squid-2.5.STABLE7-RC1/src/ipcache.c squid-2.5.STABLE7-RC2/src/ipcache.c
--- squid-2.5.STABLE7-RC1/src/ipcache.c Thu Feb 12 02:32:09 2004
+++ squid-2.5.STABLE7-RC2/src/ipcache.c Mon Sep 27 12:17:39 2004
@@ -1,6 +1,6 @@
/*
- * $Id: ipcache.c,v 1.236.2.3 2004/02/12 09:32:09 hno Exp $
+ * $Id: ipcache.c,v 1.236.2.4 2004/09/27 18:17:39 hno Exp $
*
* DEBUG: section 14 IP Cache
* AUTHOR: Harvest Derived
@@ -116,6 +116,7 @@
static void
ipcacheRelease(ipcache_entry * i)
{
+ debug(14, 3) ("ipcacheRelease: Releasing entry for '%s'\n", (const char *) i->hash.key);
hash_remove_link(ip_table, (hash_link *) i);
dlinkDelete(&i->lru, &lru_list);
ipcacheFreeEntry(i);
@@ -332,7 +333,7 @@
return i;
}
assert(answers);
- for (j = 0, k = 0; k < nr; k++) {
+ for (k = 0; k < nr; k++) {
if (answers[k].type != RFC1035_TYPE_A)
continue;
if (answers[k].class != RFC1035_CLASS_IN)
@@ -582,6 +583,20 @@
*/
}
+void
+ipcacheInvalidateNegative(const char *name)
+{
+ ipcache_entry *i;
+ if ((i = ipcache_get(name)) == NULL)
+ return;
+ if (i->flags.negcached)
+ i->expires = squid_curtime;
+ /*
+ * NOTE, don't call ipcacheRelease here becuase we might be here due
+ * to a thread started from a callback.
+ */
+}
+
ipcache_addrs *
ipcacheCheckNumeric(const char *name)
{
@@ -669,6 +684,7 @@
if (!ia->bad_mask[k]) {
ia->bad_mask[k] = TRUE;
ia->badcount++;
+ i->expires = XMIN(squid_curtime + XMAX(60, Config.negativeDnsTtl), i->expires);
debug(14, 2) ("ipcacheMarkBadAddr: %s [%s]\n", name, inet_ntoa(addr));
}
ipcacheCycleAddr(name, ia);
diff -ruN squid-2.5.STABLE7-RC1/src/protos.h squid-2.5.STABLE7-RC2/src/protos.h
--- squid-2.5.STABLE7-RC1/src/protos.h Wed Feb 4 10:42:28 2004
+++ squid-2.5.STABLE7-RC2/src/protos.h Mon Sep 27 12:17:39 2004
@@ -1,6 +1,6 @@
/*
- * $Id: protos.h,v 1.420.2.22 2004/02/04 17:42:28 hno Exp $
+ * $Id: protos.h,v 1.420.2.23 2004/09/27 18:17:39 hno Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
@@ -585,10 +585,9 @@
extern EVH ipcache_purgelru;
extern const ipcache_addrs *ipcache_gethostbyname(const char *, int flags);
extern void ipcacheInvalidate(const char *);
-extern void ipcacheReleaseInvalid(const char *);
+extern void ipcacheInvalidateNegative(const char *);
extern void ipcache_init(void);
extern void stat_ipcache_get(StoreEntry *);
-extern int ipcacheQueueDrain(void);
extern void ipcacheCycleAddr(const char *name, ipcache_addrs *);
extern void ipcacheMarkBadAddr(const char *name, struct in_addr);
extern void ipcacheMarkGoodAddr(const char *name, struct in_addr);
diff -ruN squid-2.5.STABLE7-RC1/src/ssl.c squid-2.5.STABLE7-RC2/src/ssl.c
--- squid-2.5.STABLE7-RC1/src/ssl.c Mon Jun 7 15:20:34 2004
+++ squid-2.5.STABLE7-RC2/src/ssl.c Mon Sep 27 12:07:30 2004
@@ -1,6 +1,6 @@
/*
- * $Id: ssl.c,v 1.118.2.6 2004/06/07 21:20:34 hno Exp $
+ * $Id: ssl.c,v 1.118.2.7 2004/09/27 18:07:30 hno Exp $
*
* DEBUG: section 26 Secure Sockets Layer Proxy
* AUTHOR: Duane Wessels
@@ -51,6 +51,7 @@
#if DELAY_POOLS
delay_id delay_id;
#endif
+ int connected;
} SslStateData;
static const char *const conn_established = "HTTP/1.0 200 Connection established\r\n\r\n";
@@ -91,7 +92,9 @@
debug(26, 3) ("sslClientClosed: FD %d\n", fd);
assert(fd == sslState->client.fd);
sslState->client.fd = -1;
- if (sslState->server.fd == -1)
+ if (sslState->server.fd != -1)
+ comm_close(sslState->server.fd);
+ else
sslStateFree(sslState);
}
@@ -152,7 +155,9 @@
} else if (sslState->client.len == 0) {
comm_close(sslState->server.fd);
}
- if (sslState->server.fd > -1) {
+ if (!sslState->connected) {
+ /* Not yet connected. wait.. */
+ } else if (sslState->server.fd > -1) {
if (sslState->client.len > 0) {
commSetSelect(sslState->server.fd,
COMM_SELECT_WRITE,
@@ -354,13 +359,7 @@
{
SslStateData *sslState = data;
debug(26, 3) ("sslTimeout: FD %d\n", fd);
- /* temporary lock to save our own feets (comm_close -> sslClientClosed -> Free) */
- cbdataLock(sslState);
- if (sslState->client.fd > -1)
- comm_close(sslState->client.fd);
- if (sslState->server.fd > -1)
- comm_close(sslState->server.fd);
- cbdataUnlock(sslState);
+ comm_close(sslState->client.fd);
}
static void
@@ -379,13 +378,7 @@
{
SslStateData *sslState = data;
assert(sslState != NULL);
- /* temporary lock to save our own feets (comm_close -> sslClientClosed -> Free) */
- cbdataLock(sslState);
- if (sslState->client.fd > -1)
- comm_close(sslState->client.fd);
- if (sslState->server.fd > -1)
- comm_close(sslState->server.fd);
- cbdataUnlock(sslState);
+ comm_close(sslState->client.fd);
}
@@ -424,6 +417,7 @@
err->callback_data = sslState;
errorSend(sslState->client.fd, err);
} else {
+ sslState->connected = 1;
if (sslState->servers->peer)
sslProxyConnected(sslState->server.fd, sslState);
else
@@ -557,19 +551,11 @@
Config.Timeout.lifetime,
sslTimeout,
sslState);
- commSetTimeout(sslState->server.fd,
- Config.Timeout.connect,
- sslConnectTimeout,
- sslState);
+ sslSetSelect(sslState);
peerSelect(request,
NULL,
sslPeerSelectComplete,
sslState);
- /*
- * Disable the client read handler until peer selection is complete
- * Take control away from client_side.c.
- */
- commSetSelect(sslState->client.fd, COMM_SELECT_READ, NULL, NULL, 0);
}
static void
@@ -599,10 +585,6 @@
debug(26, 3) ("sslProxyConnected: Sending {%s}\n", sslState->client.buf);
sslState->client.len = mb.size;
memBufClean(&mb);
- commSetTimeout(sslState->server.fd,
- Config.Timeout.read,
- sslTimeout,
- sslState);
sslSetSelect(sslState);
}
@@ -647,6 +629,10 @@
sslState->delay_id = 0;
}
#endif
+ commSetTimeout(sslState->server.fd,
+ Config.Timeout.connect,
+ sslConnectTimeout,
+ sslState);
commConnectStart(sslState->server.fd,
sslState->host,
sslState->port,
diff -ruN squid-2.5.STABLE7-RC1/src/structs.h squid-2.5.STABLE7-RC2/src/structs.h
--- squid-2.5.STABLE7-RC1/src/structs.h Sat Sep 25 05:56:16 2004
+++ squid-2.5.STABLE7-RC2/src/structs.h Mon Sep 27 12:17:39 2004
@@ -1,6 +1,6 @@
/*
- * $Id: structs.h,v 1.408.2.26 2004/09/25 11:56:16 hno Exp $
+ * $Id: structs.h,v 1.408.2.27 2004/09/27 18:17:39 hno Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
@@ -604,6 +604,7 @@
int pipeline_prefetch;
int request_entities;
int detect_broken_server_pconns;
+ int balance_on_multiple_ip;
} onoff;
acl *aclList;
struct {