lp:~measurement-factory/squid/bag5
- Get this branch:
- bzr branch lp:~measurement-factory/squid/bag5
Branch merges
Branch information
Recent revisions
- 12746. By Alex Rousskov
-
Avoid assertions on Range requests that trigger Squid-generated errors.
Same as trunk r13306.
- 12745. By Alex Rousskov
-
cache_peer standby=N support, including ssl peers.
Merged from peer-idle-pool branch r12748.
- 12744. By Alex Rousskov
-
Added SSL_OP_NO_TICKET configuration option to disable TLS session tickets
and, hence, allow the use of Squid's SMP-shared SSL session cache.TLS session tickets do not always work as intended. For example, we suspect
that a TLS ticket generated by one SMP worker cannot be used by another worker
to resume an SSL session because the two workers may use different r.n.g. to
encrypt/decrypt the ticket. And if TLS tickets are sent but not used, the
session resumption using Squid's shared session cache does not happen.More work is needed to fully understand why session resumption using TLS
session tickets does not always work (and make it work if possible). - 12743. By Alex Rousskov
-
Set cap_net_admin capability when Squid sets TOS/Diffserv packet values.
In capabilities-
capable environments (e.g., Linux with libcap), CAP_NET_ADMIN
capability is required to honor clientside_tos and tcp_outgoing_tos
directives. The code was setting that capability when Netfilter marks or
tproxy was enabled, but missed the clientside_tos and tcp_outgoing_tos cases. - 12742. By Alex Rousskov
-
Replace blocking sleep(3) and close UDS socket on failures
as the first step towards improving kid registration.Same as trunk r13116.
- 12741. By Alex Rousskov
-
Merged from shared-ssl-sessions r12733
to fix shm segment name for the shared SSL shared session cache. - 12740. By Alex Rousskov
-
Merged from collapsed-fwd (r12587) to get initial Collapsed Forwarding
support and Large Rock/Store fixes. - 12738. By Alex Rousskov
-
Supply client connection info, including SSL certificate, to tunnel code
generating a CONNECT request.This is necessary for, among other things, request_header_add macros (e.g.,
%ssl::>cert_subject) to work for CONNECT requests. TODO: Find a better way to store this information in ALE when it becomes
available and then share that ALE with the tunnel.cc code.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:~squid/squid/trunk