Squid

lp:~measurement-factory/squid/bag4

Created by Alex Rousskov and last modified
Get this branch:
bzr branch lp:~measurement-factory/squid/bag4
Members of Measurement Factory can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Measurement Factory
Project:
Squid
Status:
Development

Recent revisions

11565. By Alex Rousskov

Fixed storing SSL session data in the shared cache.

i2d_SSL_SESSION() increments buffer pointer passed to it, so we cannot use
that pointer to retrieve buffer contents that i2d_SSL_SESSION() created.

And if the above increment did not happen (perhaps the increment is OpenSSL
version dependent?), our Ipc::MemMapSlot::set() was copying session data
pointed by "block" into Slot::p data member while "block" was already pointing
to p, violating memcpy() "no overlap" prerequisite.

11564. By Alex Rousskov

Make it possible to match empty header field values using req_header and rep_header.

trunk r12488
empty-header-t2.patch

11563. By Alex Rousskov

Retrieve client connection information for ACL checks from the related HttpRequest object

trunk r12308

11562. By Christos Tsantilas

changes to make "make check" work again

11561. By Christos Tsantilas

Add support for caching SSL context of regular connections on https_port

The static SSL contexts which used for regular SSL connections created
before the cache is enabled.
This patch add code to set the session callback functions which are
responsible for retrieving/storing sessions in cache, for static SSL contexts
during sessions cache initialization.

11560. By Christos Tsantilas

SMP SSL session cache implementation

This is the SSL session cache patch for squid-3.2.0.17

This patch includes the trunk patch revno:12317 with the title:
  "Bug fix: TLS/SSL Options does not apply to the dynamically generated certificates"

11559. By Alex Rousskov

Initial support for "values with spaces" in ACL directives.

Needs more work to support escape sequences, macros, and include files, but
can be disabled using "configuration_includes_quoted_values off" in squid.conf.

Needs documentation.

11558. By Alex Rousskov

Support establishing TCP tunnels with SSL cache_peers.

Needs more polishing:

  * Some common error handling paths are not yet tested.

  * Forward.cc code is currently duplicated in the new Ssl::PeerConnector. The
    duplicated code should be removed from forward.cc in favor of the common
    Ssl::PeerConnector.

  * New Ssl::PeerConnector files must be added to Makefile.am.

  * Better callback/notification API(?) and comments polishing.

Against v3.2 (r11661).

connect-to-ssl-peer-v3p2-take2.patch

11557. By Alex Rousskov

Supply client connection and IDENT information to peer_cache_access ACL check.

Among other things, this enables SSL client certificate ACL checks (user_cert
and ca_cert) when making peering decisions.

client-cert-to-peer_cache_access-v1.patch

11556. By Alex Rousskov

Log client SSL certificate "issuer" and "subject" fields
using %ssl::>cert_issuer and %ssl::>cert_subject logformat codes.

log-client-ssl-cert-v3-for3p2p0p17p.patch

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:~squid/squid/trunk
This branch contains Public information 
Everyone can see this information.