Squid

lp:~measurement-factory/squid/bag5

Created by Alex Rousskov on 2013-03-21 and last modified on 2014-03-13

Get this branch:: bzr branch lp:~measurement-factory/squid/bag5

Members of Measurement Factory can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Measurement Factory

Project:: Squid

Status:: Development

Recent revisions

12746. By Alex Rousskov on 2014-03-13

Avoid assertions on Range requests that trigger Squid-generated errors.

Same as trunk r13306.

12745. By Alex Rousskov on 2014-03-13

cache_peer standby=N support, including ssl peers.

Merged from peer-idle-pool branch r12748.

12744. By Alex Rousskov on 2014-01-20

Added SSL_OP_NO_TICKET configuration option to disable TLS session tickets
and, hence, allow the use of Squid's SMP-shared SSL session cache.

TLS session tickets do not always work as intended. For example, we suspect
that a TLS ticket generated by one SMP worker cannot be used by another worker
to resume an SSL session because the two workers may use different r.n.g. to
encrypt/decrypt the ticket. And if TLS tickets are sent but not used, the
session resumption using Squid's shared session cache does not happen.

More work is needed to fully understand why session resumption using TLS
session tickets does not always work (and make it work if possible).

12743. By Alex Rousskov on 2014-01-20

Set cap_net_admin capability when Squid sets TOS/Diffserv packet values.

In capabilities-capable environments (e.g., Linux with libcap), CAP_NET_ADMIN
capability is required to honor clientside_tos and tcp_outgoing_tos
directives. The code was setting that capability when Netfilter marks or
tproxy was enabled, but missed the clientside_tos and tcp_outgoing_tos cases.

12742. By Alex Rousskov on 2013-11-07

Replace blocking sleep(3) and close UDS socket on failures
as the first step towards improving kid registration.

Same as trunk r13116.

12741. By Alex Rousskov on 2013-08-30

Merged from shared-ssl-sessions r12733
to fix shm segment name for the shared SSL shared session cache.

12740. By Alex Rousskov on 2013-08-16

Merged from collapsed-fwd (r12587) to get initial Collapsed Forwarding
support and Large Rock/Store fixes.

12739. By Alex Rousskov on 2013-08-16

Merged from trunk r12948.

12738. By Alex Rousskov on 2013-05-15

Supply client connection info, including SSL certificate, to tunnel code
generating a CONNECT request.

This is necessary for, among other things, request_header_add macros (e.g.,
%ssl::>cert_subject) to work for CONNECT requests.

TODO: Find a better way to store this information in ALE when it becomes
available and then share that ALE with the tunnel.cc code.

12737. By Alex Rousskov on 2013-03-23

merged from connect2ssl (r12735) to get build fixes.

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:~squid/squid/trunk

This branch contains Public information

Everyone can see this information.

Subscribers

Measurement Factory