--------------------- PatchSet 6566 Date: 2005/03/29 03:38:16 Author: swsf Branch: epoll-2_5 Tag: (none) Log: More merges with s2_5 branch Members: ChangeLog:1.12.6.80->1.12.6.80.2.1 configure.in:1.42.2.59.4.2->1.42.2.59.4.3 doc/release-notes/release-2.5.html:1.1.2.36->1.1.2.36.2.1 doc/release-notes/release-2.5.sgml:1.1.2.47->1.1.2.47.2.1 helpers/basic_auth/LDAP/Makefile.am:1.1.2.2->1.1.2.2.28.1 helpers/basic_auth/LDAP/squid_ldap_auth.c:1.1.2.18->1.1.2.18.4.1 helpers/external_acl/ldap_group/ChangeLog:1.1.2.4->1.1.2.4.10.1 helpers/external_acl/ldap_group/Makefile.am:1.1.6.4->1.1.6.4.24.1 helpers/external_acl/ldap_group/squid_ldap_group.c:1.1.2.15->1.1.2.15.4.1 Index: squid/ChangeLog =================================================================== RCS file: /cvsroot/squid-sf//squid/ChangeLog,v retrieving revision 1.12.6.80 retrieving revision 1.12.6.80.2.1 diff -u -r1.12.6.80 -r1.12.6.80.2.1 --- squid/ChangeLog 25 Feb 2005 03:14:13 -0000 1.12.6.80 +++ squid/ChangeLog 29 Mar 2005 03:38:16 -0000 1.12.6.80.2.1 @@ -1,3 +1,36 @@ +Changes to squid-2.5.STABLE10 (not yet released) + + - [Minor Security] Fix race condition in relation to old Netscape + Set-Cookie specifications + - [Minor] Fails to parse D.J. Bernstein's FTP EPLF ftp listing + format and PASV resposes (Bug #1252) + - [Minor] BASE HREF missing on ftp directory URLs without / + (Bug #1253) + - [Minor security] confusing http_access results on configuration + error (Bug #1255) + - [Cosmetic] More robust Date parser (Bug #321) + - [Minor] reload_with_ims fails to refresh negatively cached objects + (Bug #1159) + - [Cosmetic] delay_access description clarification (Bug #1245) + - [Cosmetic] Check for integer overflow in size specifications in + squid.conf (Bug #1247) + - [Cosmetic] bzero is a non-standard function not available on all + platforms (Bug #1256) + - [Cosmetic] Compiler warnings if pid_t is not an int (Bug #1257) + - [Cosmetic] Incorrect use of ctype functions (Bug #1259) + - [Cosmetic] Peer digest fetch initiated even if peer not allowed + to be used for the request (Bug #1261) + - [Minor] Duplicate content-length headers logged incorrectly or + not cleaned up properly (Bug #1262) + - [Cosmetic] Extend relaxed_header_parser to work around "excess + data from" errors from many major web servers. (Bug #1265) + - [Minor] Add HTTP headers to a netdb error messages + - [Minor] Multiple minor aufs issues (Bug #671) + - [Minor] Basic authentication fails with very long logins or + password (Bug #1171) + - [Minor] CONNECT requests truncated if client side disconnects first + (Bug #1269) + Changes to squid-2.5.STABLE9 (24 Feb 2005) - [Medium] Don't retry requests on 403 errors (Bug #1210) Index: squid/configure.in =================================================================== RCS file: /cvsroot/squid-sf//squid/configure.in,v retrieving revision 1.42.2.59.4.2 retrieving revision 1.42.2.59.4.3 diff -u -r1.42.2.59.4.2 -r1.42.2.59.4.3 --- squid/configure.in 29 Mar 2005 02:26:42 -0000 1.42.2.59.4.2 +++ squid/configure.in 29 Mar 2005 03:38:16 -0000 1.42.2.59.4.3 @@ -3,7 +3,7 @@ dnl dnl Duane Wessels, wessels@nlanr.net, February 1996 (autoconf v2.9) dnl -dnl $Id: configure.in,v 1.42.2.59.4.2 2005/03/29 02:26:42 swsf Exp $ +dnl $Id: configure.in,v 1.42.2.59.4.3 2005/03/29 03:38:16 swsf Exp $ dnl dnl dnl @@ -11,7 +11,7 @@ AC_CONFIG_AUX_DIR(cfgaux) AM_INIT_AUTOMAKE(squid, 2.5.STABLE9-CVS) AM_CONFIG_HEADER(include/autoconf.h) -AC_REVISION($Revision: 1.42.2.59.4.2 $)dnl +AC_REVISION($Revision: 1.42.2.59.4.3 $)dnl AC_PREFIX_DEFAULT(/usr/local/squid) AM_MAINTAINER_MODE @@ -893,8 +893,7 @@ ]) dnl Disable hostname checks -enable_hostname_checks=1 -AC_ARG_ENABLE(hostname_checks, +AC_ARG_ENABLE(hostname-checks, [ --disable-hostname-checks Squid by default rejects any host names with odd characters in their name to conform with @@ -904,13 +903,13 @@ Squid does not reject such host names.. This may be required to participate in testbeds for international domain names.], -[ if test "$enableval" = "no"; then - echo "Disabling hostname sanity checks" - enable_hostname_checks=0 - fi -]) -if test "$enable_hostname_checks" = 1; then + [], + [enable_hostname_checks=yes]) +if test "$enable_hostname_checks" = "yes"; then + echo "Hostname sanity checks enabled" AC_DEFINE(CHECK_HOSTNAMES, 1, [Enable hostname sanity checks]) +else + echo "Disabling hostname sanity checks" fi dnl Enable underscore in hostnames @@ -1688,6 +1687,10 @@ ;; esac +dnl LDAP helpers need to know if -llber is needed or not +AC_CHECK_LIB(lber, main, [LIB_LBER="-llber"]) +AC_SUBST(LIB_LBER) + dnl System-specific library modifications dnl case "$host" in Index: squid/doc/release-notes/release-2.5.html =================================================================== RCS file: /cvsroot/squid-sf//squid/doc/release-notes/Attic/release-2.5.html,v retrieving revision 1.1.2.36 retrieving revision 1.1.2.36.2.1 diff -u -r1.1.2.36 -r1.1.2.36.2.1 --- squid/doc/release-notes/release-2.5.html 25 Feb 2005 03:14:14 -0000 1.1.2.36 +++ squid/doc/release-notes/release-2.5.html 29 Mar 2005 03:38:18 -0000 1.1.2.36.2.1 @@ -7,7 +7,7 @@

Squid 2.5 release notes

-

Squid Developers

$Id: release-2.5.html,v 1.1.2.36 2005/02/25 03:14:14 squidadm Exp $ +

Squid Developers

$Id: release-2.5.html,v 1.1.2.36.2.1 2005/03/29 03:38:18 swsf Exp $
This document contains the release notes for version 2.5 of Squid. Squid is a WWW Cache application developed by the National Laboratory @@ -395,5 +395,19 @@

+

12. Key changes squid-2.5.STABLE9 to 2.5.STABLE10:

+ +

+

+

+ Index: squid/doc/release-notes/release-2.5.sgml =================================================================== RCS file: /cvsroot/squid-sf//squid/doc/release-notes/Attic/release-2.5.sgml,v retrieving revision 1.1.2.47 retrieving revision 1.1.2.47.2.1 diff -u -r1.1.2.47 -r1.1.2.47.2.1 --- squid/doc/release-notes/release-2.5.sgml 25 Feb 2005 03:14:14 -0000 1.1.2.47 +++ squid/doc/release-notes/release-2.5.sgml 29 Mar 2005 03:38:18 -0000 1.1.2.47.2.1 @@ -2,7 +2,7 @@
Squid 2.5 release notes Squid Developers -$Id: release-2.5.sgml,v 1.1.2.47 2005/02/25 03:14:14 squidadm Exp $ +$Id: release-2.5.sgml,v 1.1.2.47.2.1 2005/03/29 03:38:18 swsf Exp $ This document contains the release notes for version 2.5 of Squid. @@ -359,5 +359,19 @@ name="ChangeLog"> file for details. +Key changes squid-2.5.STABLE9 to 2.5.STABLE10: + +

+ + Fixed a Set-Cookie race condition causing inconsistent cache + behaviour + Abort on misconfigured http_access rules to prevent unexpected + results from partial configuration + a number of other minor and cosmetic bugfixes. See the list of and the file for details. + +

Index: squid/helpers/basic_auth/LDAP/Makefile.am =================================================================== RCS file: /cvsroot/squid-sf//squid/helpers/basic_auth/LDAP/Makefile.am,v retrieving revision 1.1.2.2 retrieving revision 1.1.2.2.28.1 diff -u -r1.1.2.2 -r1.1.2.2.28.1 --- squid/helpers/basic_auth/LDAP/Makefile.am 12 Aug 2002 01:51:02 -0000 1.1.2.2 +++ squid/helpers/basic_auth/LDAP/Makefile.am 29 Mar 2005 03:38:18 -0000 1.1.2.2.28.1 @@ -1,7 +1,7 @@ # # Makefile for the Squid LDAP authentication helper # -# $Id: Makefile.am,v 1.1.2.2 2002/08/12 01:51:02 squidadm Exp $ +# $Id: Makefile.am,v 1.1.2.2.28.1 2005/03/29 03:38:18 swsf Exp $ # # Uncomment and customize the following to suit your needs: # @@ -11,5 +11,5 @@ EXTRA_DIST = squid_ldap_auth.8 squid_ldap_auth_SOURCES = squid_ldap_auth.c -LDADD = -L$(top_builddir)/lib -lmiscutil -lldap -llber $(XTRA_LIBS) +LDADD = -L$(top_builddir)/lib -lmiscutil -lldap $(LIB_LBER) $(XTRA_LIBS) INCLUDES = -I$(top_srcdir)/include Index: squid/helpers/basic_auth/LDAP/squid_ldap_auth.c =================================================================== RCS file: /cvsroot/squid-sf//squid/helpers/basic_auth/LDAP/squid_ldap_auth.c,v retrieving revision 1.1.2.18 retrieving revision 1.1.2.18.4.1 diff -u -r1.1.2.18 -r1.1.2.18.4.1 --- squid/helpers/basic_auth/LDAP/squid_ldap_auth.c 20 Feb 2005 19:41:59 -0000 1.1.2.18 +++ squid/helpers/basic_auth/LDAP/squid_ldap_auth.c 29 Mar 2005 03:38:18 -0000 1.1.2.18.4.1 @@ -252,15 +252,24 @@ if (version == -1) { version = LDAP_VERSION2; } - if (ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version) - != LDAP_OPT_SUCCESS) { + if (ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version) != LDAP_SUCCESS) { fprintf(stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n", version); exit(1); } - if (use_tls && (version == LDAP_VERSION3) && (ldap_start_tls_s(ld, NULL, NULL) != LDAP_SUCCESS)) { - fprintf(stderr, "Could not Activate TLS connection\n"); + if (use_tls) { +#ifdef LDAP_OPT_X_TLS + if (version == LDAP_VERSION3 && ldap_start_tls_s(ld, NULL, NULL) != LDAP_SUCCESS) { + fprintf(stderr, "Could not Activate TLS connection\n"); + exit(1); + } else { + fprintf(stderr, "TLS requires LDAP version 3\n"); + exit(1); + } +#else + fprintf(stderr, "TLS not supported with your LDAP library\n"); exit(1); +#endif } #endif squid_ldap_set_timelimit(ld, timelimit); Index: squid/helpers/external_acl/ldap_group/ChangeLog =================================================================== RCS file: /cvsroot/squid-sf//squid/helpers/external_acl/ldap_group/ChangeLog,v retrieving revision 1.1.2.4 retrieving revision 1.1.2.4.10.1 diff -u -r1.1.2.4 -r1.1.2.4.10.1 --- squid/helpers/external_acl/ldap_group/ChangeLog 8 Nov 2004 03:15:07 -0000 1.1.2.4 +++ squid/helpers/external_acl/ldap_group/ChangeLog 29 Mar 2005 03:38:18 -0000 1.1.2.4.10.1 @@ -1,3 +1,22 @@ +Version 2.17-2.5 + +2005-03-19 Henrik Nordstrom + + Bug #1258: LDAP helpers fails to compile with SUN LDAP SDK + +2005-02-05 Henrik Nordstrom + + Define LDAP_NO_ATTRS if not defined in LDAP API headers + +2005-02-04 Henrik Nordstrom + + Fix LDAP helpers to send a proper NO_ATTR search when looking + for the user DN + +2005-01-30 Oliver Hookins + + LDAP helper documentation updates + Version 2.16-2.5 2004-10-21 Henrik Nordstrom Index: squid/helpers/external_acl/ldap_group/Makefile.am =================================================================== RCS file: /cvsroot/squid-sf//squid/helpers/external_acl/ldap_group/Makefile.am,v retrieving revision 1.1.6.4 retrieving revision 1.1.6.4.24.1 diff -u -r1.1.6.4 -r1.1.6.4.24.1 --- squid/helpers/external_acl/ldap_group/Makefile.am 12 Dec 2002 03:15:07 -0000 1.1.6.4 +++ squid/helpers/external_acl/ldap_group/Makefile.am 29 Mar 2005 03:38:18 -0000 1.1.6.4.24.1 @@ -1,7 +1,7 @@ # # Makefile for the Squid LDAP authentication helper # -# $Id: Makefile.am,v 1.1.6.4 2002/12/12 03:15:07 squidadm Exp $ +# $Id: Makefile.am,v 1.1.6.4.24.1 2005/03/29 03:38:18 swsf Exp $ # # Uncomment and customize the following to suit your needs: # @@ -11,4 +11,4 @@ EXTRA_DIST = squid_ldap_group.8 squid_ldap_group_SOURCES = squid_ldap_group.c -LDADD = -lldap -llber $(XTRA_LIBS) +LDADD = -lldap $(LIB_LBER) $(XTRA_LIBS) Index: squid/helpers/external_acl/ldap_group/squid_ldap_group.c =================================================================== RCS file: /cvsroot/squid-sf//squid/helpers/external_acl/ldap_group/squid_ldap_group.c,v retrieving revision 1.1.2.15 retrieving revision 1.1.2.15.4.1 diff -u -r1.1.2.15 -r1.1.2.15.4.1 --- squid/helpers/external_acl/ldap_group/squid_ldap_group.c 6 Feb 2005 03:15:00 -0000 1.1.2.15 +++ squid/helpers/external_acl/ldap_group/squid_ldap_group.c 29 Mar 2005 03:38:18 -0000 1.1.2.15.4.1 @@ -44,6 +44,7 @@ #endif #define PROGRAM_NAME "squid_ldap_group" +#define VERSION "2.17-2.5" /* Globals */ @@ -401,6 +402,7 @@ ldapServer = "localhost"; if (!basedn || !searchfilter) { + fprintf(stderr, "\n" PROGRAM_NAME " version " VERSION "\n\n"); fprintf(stderr, "Usage: " PROGRAM_NAME " -b basedn -f filter [options] ldap_server_name\n\n"); fprintf(stderr, "\t-b basedn (REQUIRED)\tbase dn under where to search for groups\n"); fprintf(stderr, "\t-f filter (REQUIRED)\tgroup search filter pattern. %%v = user,\n\t\t\t\t%%a = group\n"); @@ -488,19 +490,28 @@ if (version == -1) { version = LDAP_VERSION2; } - if (ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version) - != LDAP_OPT_SUCCESS) { + if (ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version) != LDAP_SUCCESS) { fprintf(stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n", version); ldap_unbind(ld); ld = NULL; break; } - if (use_tls && (version == LDAP_VERSION3) && (ldap_start_tls_s(ld, NULL, NULL) != LDAP_SUCCESS)) { - fprintf(stderr, "Could not Activate TLS connection\n"); - ldap_unbind(ld); - ld = NULL; - break; + if (use_tls) { +#ifdef LDAP_OPT_X_TLS + if (version == LDAP_VERSION3 && ldap_start_tls_s(ld, NULL, NULL) != LDAP_SUCCESS) { + fprintf(stderr, "Could not Activate TLS connection\n"); + ldap_unbind(ld); + ld = NULL; + break; + } else { + fprintf(stderr, "TLS requires LDAP version 3\n"); + exit(1); + } +#else + fprintf(stderr, "TLS not supported with your LDAP library\n"); + exit(1); +#endif } #endif squid_ldap_set_timelimit(ld, timelimit);