Squid

lp:~gary-wzl77/squid/ipc_prefix

Created by Gary.Wang on 2017-03-02 and last modified on 2017-03-17

Get this branch:: bzr branch lp:~gary-wzl77/squid/ipc_prefix

Only Gary.Wang can upload to this branch. If you are Gary.Wang please log in for upload directions.

Branch merges

No branches dependent on this one.

Ready for review for merging into lp:squid/3.5

Alex Rousskov: Needs Information on 2017-03-02

Amos Jeffries: Needs Information on 2017-03-02

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Gary.Wang

Project:: Squid

Status:: Development

Recent revisions

14150. By Gary.Wang on 2017-03-17

To keep it consistent, change src/ipc/Port.cc to honor the new DEFAULT_IPC_PREFIX.

14149. By Gary.Wang on 2017-03-02

Added new configure option --with-ipcprefix to enable to customize
share memory object namespace prefix in compile time.
This's the minimal change to squid to make it work in strict confinement of snap world.

14148. By Alexander Gozman <email address hidden> on 2017-02-26

Native FTP relay: NAT and TPROXY interception fixes

14147. By Amos Jeffries on 2017-02-26

ext_kerberos_ldap_group_acl: fix unused value warnings

Detected by Coverity Scan. Issues 1364748 and 1364749.

14146. By Amos Jeffries on 2017-02-26

Check that -k argument is provided before trying to use it.

Detected by Coverity Scan. Issue 1364726.

14145. By Amos Jeffries on 2017-02-26

Fix missing CRLF on FTP timeout ABORT commands

14144. By Alex Rousskov on 2017-02-26

Fix crash when configuring with invalid delay_parameters restore value.

... like none/none. Introduced in rev which fixed another, much
bigger delay_parameters parsing bug.

TODO: Reject all invalid input, including restore/max of "-/100".

TODO: Fix misleading/wrong associated error messages. For example:
ERROR: invalid delay rate 'none/none'. Expecting restore/max or 'none'
ERROR: restore rate in '1/none' is not a number.

14143. By Christos Tsantilas on 2017-02-25

Fix regression in CONNECT authentication after rev.14142

14142. By Christos Tsantilas on 2017-02-08

Bump SSL client on [more] errors encountered before ssl_bump evaluation

... such as ERR_ACCESS_DENIED with HTTP/403 Forbidden triggered by an
http_access deny rule match.

The old code allowed ssl_bump step1 rules to be evaluated in the
presence of an error. An ssl_bump splicing decision would then trigger
the useless "send the error to the client now" processing logic instead
of going down the "to serve an error, bump the client first" path.

Furthermore, the ssl_bump evaluation result itself could be surprising
to the admin because ssl_bump (and most other) rules are not meant to be
evaluated for a transaction in an error state. This complicated triage.

Also polished an important comment to clarify that we want to bump on
error if (and only if) the SslBump feature is applicable to the failed
transaction (i.e., if the ssl_bump rules would have been evaluated if
there were no prior errors). The old comment could have been
misinterpreted that ssl_bump rules must be evaluated to allow an
"ssl_bump splice" match to hide the error.

This is a Measurement Factory project.

14141. By Amos Jeffries on 2017-01-28

3.5.24

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:~squid/squid/5

This branch contains Public information

Everyone can see this information.

Subscribers

Gary.Wang