Squid

lp:squid/v4

Created by Robert Collins on 2007-12-29 and last modified on 2018-09-11

This branch may be out of date, because Launchpad has not been able to access it since 2021-05-20.

This was the development branch for the squid 4.x releases.

Squid Project has migrated to git VCS system. see https://github.com/squid-cache/squid for latest updates.

Get this branch:: bzr branch lp:squid/v4

Branch merges

3 branches proposed for merging into this one.

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: squid

Project:: Squid

Status:: Abandoned

Location:: http://bzr.squid-cache.org/bzr/squid3/4

Last mirrored:: 2021-05-20

Next mirror:: Disabled

Updating branch...

Launchpad is processing new changes to this branch which will be available in a few minutes. Reload to see the changes.

Recent revisions

15081. By Amos Jeffries on 2017-07-02

4.0.21

15080. By Christos Tsantilas on 2017-07-01

Bug 4464: Reduce "!Comm::MonitorsRead(serverConnection->fd)" assertions.

* Protect Squid Client classes from new requests that compete with
ongoing pinned connection use and
* resume dealing with new requests when those Client classes are done
using the pinned connection.

Replaced primary ConnStateData::pinConnection() calls with a pair of
pinBusyConnection() and notePinnedConnectionBecameIdle() calls,
depending on the pinned connection state ("busy" or "idle").

Removed pinConnection() parameters that were not longer used or could be computed from the remaining parameters.

Removed ConnStateData::httpsPeeked() code "hiding" the originating
request and connection peer details while entering the first "idle"
state. The old (trunk r11880.1.6) bump-server-first code used a pair of
NULLs because "Intercepted connections do not have requests at the
connection pinning stage", but that limitation no longer applicable
because Squid always fakes (when intercepting) or parses (a CONNECT)
request now, even during SslBump step1.

The added XXX and TODOs are not directly related to this fix. They
were added to document problems discovered while working on this fix.

In v3.5 code, the same problems manifest as Read.cc
"fd_table[conn->fd].halfClosedReader != NULL" assertions.

This is a Measurement Factory project

15079. By Amos Jeffries on 2017-07-01

Add various missing copyright blurbs

15078. By Amos Jeffries on 2017-07-01

ext_file_userip_acl: merge 'deny all' example into example.conf file

15077. By Amos Jeffries on 2017-06-30

Bug 1961 partial: move urlParse() and urlParseFinish() into class URL

* Move the urlParseFinish() logic into a class URL method and remove its
dependency on HttpRequest objects.

* Remove unnecessary urnParse() function.

* rename local variables in urlParse() to avoid symbol
clashes with class URL members and methods.

* move HttpRequest method assignment out to the single caller
which actually needed it. Others all passed in the method
which was already set on the HttpRequest object passed.

* removed now needless HttpRequest parameter of urlParse()

* rename urlParse as a class URL method

* make URL::parseFinish() private

* remove unnecessary CONNECT_PORT define

* add RFC documentation for 'CONNECT' URI handling

* fixed two XXX in URL-rewrite handling doing unnecessary
HttpRequest object creation and destruction cycles on
invalid URL-rewrite helper output.

15076. By Alex Rousskov on 2017-06-30

Minimize direct comparisons with ACCESS_ALLOWED and ACCESS_DENIED.

No functionality changes expected.

Added allow_t API to avoid direct comparisons with ACCESS_ALLOWED and
ACCESS_DENIED. Developers using direct comparisons eventually mishandle
exceptional ACCESS_DUNNO and ACCESS_AUTH_REQUIRED cases where neither
"allow" nor "deny" rule matched. The new API cannot fully prevent such
bugs, but should either led the developer to the right choice (usually
.allowed()) or alert the reviewer about an unusual choice (i.e.,
denied()).

The vast majority of checks use allowed(), but we could not eliminate
the remaining denied() cases ("miss_access" and "cache" directives) for
backward compatibility reasons -- previously "working" deployments may
suddenly start blocking cache misses and/or stop caching:
http://lists.squid-cache.org/pipermail/squid-dev/2017-May/008576.html

15075. By Alex Rousskov on 2017-06-30

Fix mgr query handoff from the original recipient to Coordinator.

This bug has already been fixed once, in trunk r11164.1.61, but that fix
was accidentally undone shortly after, during significant cross-branch
merging activity combined with the Forwarder class split. The final
merge importing the associated code (trunk r11730) was buggy.

The bug (explained in r11164.1.61) leads to a race condition between

* Store notifying Server classes about the entry completion (which might
trigger a bogus error message sent to the cache manager client while
Coordinator sends its own valid response on the same connection!) and

* post-cleanup() connection closure handlers of Server classes silently
closing everything (and leaving Coordinator the only responding
process on that shared connection).

The bug probably was not noticed for so long because, evidently, the
latter actions tend to win in the current code.

15074. By Alex Rousskov on 2017-06-29

Fix message packing error handling in mgr and snmp SMP Forwarders.

A missing "return" resulted in Forwarders sending garbage (or worse) to
Coordinator.

15073. By Simon Deziel on 2017-06-29

Add a basic apparmour profile

From Ubuntu, with some non-squid software references removed

15072. By Emmanuel Fusté on 2017-06-29

Fix typo in rev.14987

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:~squid/squid/5

This branch contains Public information

Everyone can see this information.

Subscribers

Delyan Raychev

Yoshinori Sano