Squid

View Bazaar branches
Get this repository:
git clone https://git.launchpad.net/squid

Squid has 4 active reviews.

Branches

Name Last Modified Last Commit
auto 2019-09-14 14:54:57 UTC 21 hours ago
Fixed on_unsupported_protocol tunnel action (#461)

Author: Christos Tsantilas
Author Date: 2019-09-08 13:20:59 UTC

Fixed on_unsupported_protocol tunnel action (#461)

Instead of tunneling traffic, a matching on_unsupported_protocol
"tunnel" action resulted in a Squid error response sent to the client
(or, where an error response was not possible, in a connection closure).
The following three cases were fixed:

    * port: http_port (real CONNECT)
    * ssl_bump action: client-first or step1 bump
    * handling phase: parsing TLS client handshake
    * expected data: TLS Client Hello

    * port: http_port (real CONNECT)
    * ssl_bump action: client-first or step1 bump
    * handling phase: parsing the first bumped HTTP request
    * expected data: HTTP request header

    * port: https_port (fake CONNECT)
    * ssl_bump action: any action except terminate
    * handling phase: parsing TLS client handshake
    * expected data: TLS Client Hello

Also, when on_unsupported_protocol was configured, Squid wasted RAM and
CPU cycles to buffer client HTTP requests beyond the point of no return
(i.e., roughly, beyond the first HTTP request on a connection or in a
tunnel), when on_unsupported_protocol settings no longer apply.

Client handshake accumulation is now driven by preservingClientData_. We
set that data member when the connection is accepted (because we may
decide to start preserving bytes right away) and reset it whenever that
decision may change, including when switching to a new protocol inside
CONNECT tunnel and confirming the expected/supported protocol by
successfully parsing its handshake.

Squid does not stop handshake preservation when on_unsupported_protocol
gets disabled during reconfiguration, but Squid will not tunnel
preserved bytes if that happens (and will not tunnel a partial handshake
if on_unsupported_protocol configuration keeps changing).

Also changed how IPv6-based certificates are generated. Their CN field
value is no longer surrounded by [square brackets]. This change was done
to improve Squid code that had to be modified to fix
on_unsupported_protocol. It affects certificate cache key so old
IPv6-based certificates will never be found (and will eventually be
purged) while new ones will be generated and cached instead. We believe
these IPv6-based certificates are rare and untrusted by browsers so the
change in their CN should not have a significant affect on users.

This is a Measurement Factory project.
master 2019-09-14 12:30:42 UTC 2019-09-14
Add %master_xaction logformat code (#471)

Author: eduard-bagdasaryan
Author Date: 2019-09-13 00:56:20 UTC

Add %master_xaction logformat code (#471)

Currently, knowing master transaction ID can be very helpful in triage,
especially when dealing with flash crowds on busy proxies. Upcoming
changes will also tie many current "anonymous" level-0/1 messages to
logged transactions via this ID.
v3.5 2019-09-08 23:50:23 UTC 2019-09-08
Ignore malformed Host header in intercept and reverse proxy mode (#456)

Author: Amos Jeffries
Author Date: 2019-08-13 13:50:06 UTC

Ignore malformed Host header in intercept and reverse proxy mode (#456)
v4 2019-09-08 13:18:04 UTC 2019-09-08
Supply ALE for note ACL (#463)

Author: eduard-bagdasaryan
Author Date: 2019-09-05 05:46:59 UTC

Supply ALE for note ACL (#463)

The following cache.log WARNING is a symptom of this bug:

    ACL is used in context without an ALE state. Assuming mismatch.

Commit cb36505 already covered many (but not all) similar cases.
mingw-fixes 2018-10-21 13:06:33 UTC 2018-10-21
Mingw build fixes

Author: Francesco Chemolli
Author Date: 2018-10-21 13:06:33 UTC

Mingw build fixes

There are type errors and data access errors in windows-specific bits of
code.
v3.1 2016-12-17 13:56:49 UTC 2016-12-17
Bug 4169: HIT marked as MISS when If-None-Match does not match

Author: Garri Djavadyan
Author Date: 2016-12-17 13:56:49 UTC

Bug 4169: HIT marked as MISS when If-None-Match does not match
v3.2 2016-12-17 12:59:41 UTC 2016-12-17
Bug 4169: HIT marked as MISS when If-None-Match does not match

Author: Garri Djavadyan
Author Date: 2016-12-17 12:59:41 UTC

Bug 4169: HIT marked as MISS when If-None-Match does not match
v3.3 2016-12-17 10:04:42 UTC 2016-12-17
Bug 4169: HIT marked as MISS when If-None-Match does not match

Author: Garri Djavadyan
Author Date: 2016-12-17 10:04:42 UTC

Bug 4169: HIT marked as MISS when If-None-Match does not match
v3.4 2016-12-17 06:37:44 UTC 2016-12-17
Do not override user defined -std option

Author: Amos Jeffries
Author Date: 2016-12-17 06:37:44 UTC

Do not override user defined -std option
v3.0 2015-04-23 13:02:10 UTC 2015-04-23
Docs: Update CONTRIBUTORS

Author: Source Maintenance
Author Date: 2015-04-23 13:02:10 UTC

Docs: Update CONTRIBUTORS
mswin 2012-08-08 08:16:36 UTC 2012-08-08
merged from trunk

Author: Amos Jeffries
Author Date: 2012-08-08 08:16:36 UTC

merged from trunk
SQUID_NT_3_0 2008-03-02 23:54:50 UTC 2008-03-02
Windows port: Add reconfigure action to cachemgr.

Author: serassio <>
Author Date: 2008-03-02 23:54:50 UTC

Windows port: Add reconfigure action to cachemgr.
cbdatahistory 2002-10-24 20:53:10 UTC 2002-10-24
cbdata debug history

Author: robertc <>
Author Date: 2002-10-24 20:53:10 UTC

cbdata debug history
113 of 13 results FirstPreviousNextLast

Other repositories

Name Last Modified
lp:squid 2 hours ago
11 of 1 result FirstPreviousNextLast
You can't create new repositories for Squid.