Author: eduard-bagdasaryan
Author Date: 2024-07-17 12:58:08 UTC

Remove peerDigestFetchStop() and peerDigestFetchAbort() wrappers (#1869)

These wrappers were left in recent commit f036532 to reduce noise. Now
we always call finishAndDeleteFetch() directly (instead of sometimes
going through those wrappers). The new function name helps reduce the
number of use-after-free bugs in this code.

Author: Alex Rousskov
Author Date: 2024-07-10 10:30:33 UTC

Recover after failing to open a TCP connection to DNS server (#1861)

    ERROR: Failed to connect to nameserver 127.0.0.1 using TCP.

After failing to establish a TCP connection to a DNS server, all DNS
queries that needed a TCP connection to that DNS server would timeout
because the nsvc object representing TCP connectivity got stuck in a
"queuing new queries but too busy to send any right now" state. Such
timeouts typically lead to HTTP 503 ERR_DNS_FAIL responses. This bug was
introduced when Comm closure handler registration was moved/delayed in
2010 commit cfd66529.

With this change, the affected nsvc object is destroyed, and Squid
attempts to open another TCP connection to the DNS server (when needed).
The original query is typically retried (subject to dns_timeout and
dns_retransmit_interval idiosyncrasies).

XXX: This fix increases the surface of reconfiguration and shutdown
problems documented in nsvc class destructor XXX.

Author: eduard-bagdasaryan
Author Date: 2024-07-16 05:45:49 UTC

Fix a use-after-free bug in peerDigestFetchReply() (#1865)

The problem occurred when handling an HTTP 304 cache digest response.

Also removed effectively unused DIGEST_READ_DONE enum value.

Author: Francesco Chemolli
Author Date: 2024-06-02 14:41:16 UTC

Bug 5378: type mismatch in libTrie (#1830)

TrieNode::add() incorrectly computed an offset of an internal data
structure, resulting in out-of-bounds memory accesses that could cause
corruption or crashes.

This bug was discovered and detailed by Joshua Rogers at
https://megamansec.github.io/Squid-Security-Audit/esi-underflow.html
where it was filed as "Buffer Underflow in ESI".

Author: Francesco Chemolli
Author Date: 2024-02-13 11:10:12 UTC

include header across the board

Author: Andreas Weigel
Author Date: 2023-11-14 15:17:09 UTC

FTP: Ignore credentials with a NUL-prefixed username (#1557)

    FATAL: FTP login parsing destroyed username info

This bug was discovered and detailed by Joshua Rogers at
https://megamansec.github.io/Squid-Security-Audit/ftp-fatal.html
where it was filed as "FTP Authentication Crash".

Author: SquidAdm
Author Date: 2023-10-11 08:52:08 UTC

typo fix

Author: Amos Jeffries
Author Date: 2022-08-09 23:34:54 UTC

Bug 3193 pt2: NTLM decoder truncating strings (#1114)

The initial bug fix overlooked large 'offset' causing integer
wrap to extract a too-short length string.

Improve debugs and checks sequence to clarify cases and ensure
that all are handled correctly.

Author: Armin Wolfermann
Author Date: 2020-02-04 20:15:00 UTC

fix security patch

Author: Francesco Chemolli
Author Date: 2018-10-21 13:06:33 UTC

Mingw build fixes

There are type errors and data access errors in windows-specific bits of
code.

Author: Garri Djavadyan
Author Date: 2016-12-17 13:56:49 UTC

Bug 4169: HIT marked as MISS when If-None-Match does not match

Author: Garri Djavadyan
Author Date: 2016-12-17 12:59:41 UTC

Bug 4169: HIT marked as MISS when If-None-Match does not match

Author: Garri Djavadyan
Author Date: 2016-12-17 10:04:42 UTC

Bug 4169: HIT marked as MISS when If-None-Match does not match

Author: Amos Jeffries
Author Date: 2016-12-17 06:37:44 UTC

Do not override user defined -std option

Author: Source Maintenance
Author Date: 2015-04-23 13:02:10 UTC

Docs: Update CONTRIBUTORS

Author: Amos Jeffries
Author Date: 2012-08-08 08:16:36 UTC

merged from trunk

Author: serassio <>
Author Date: 2008-03-02 23:54:50 UTC

Windows port: Add reconfigure action to cachemgr.

Author: robertc <>
Author Date: 2002-10-24 20:53:10 UTC

cbdata debug history