lp:~yadi/squid/warnings
- Get this branch:
- bzr branch lp:~yadi/squid/warnings
Branch merges
Related source package recipes
Branch information
Recent revisions
- 13930. By Amos Jeffries
-
Remove -Wuninitialized from CFLAGS
GCC requires -O for this flag to be accepted. We want to allow users to
be able to select their own optimization level, so its not possible. - 13928. By Christos Tsantilas
-
sslproxy_options in peek-and-splice mode
Problem description:
- Squid sslproxy_options deny the use of TLSv1_2 SSL protocol:
sslproxy_options NO_TLSv1_2
- Squid uses peek mode for bumped connections.
- Web client sends an TLSv1_2 hello message and squid in peek mode, forwards
the client hello message to server
- Web server respond with an TLSv1_2 hello message
- Squid while parsing server hello message aborts with an error because
sslproxy_options deny the use ot TLSv1_2 protocol. This patch fixes squid to ignore sslproxy_options when peek or stare bumping
mode selected on bumpStep2 bumping step.
The sslproxy_options applied if bump (server-first or client-first) mode
selected on bumpStep1 or bumpStep2 bumping step.
Also applied for "GET https://..." requests.This is a Measurement Factory project
- 13927. By Amos Jeffries
-
Fix memory leaks in cachemgr.cgi URL parser
Detected by Coverity Scan. Issue 1256164
- 13925. By Amos Jeffries
-
HTTP/1.1: Remove refresh_pattern ignore-auth violation
The original intent for this option was to improve caching. However
HTTP/1.1 permits caching of authenticated messages under conditions
which Squid does check for and obey already.The legacy popularity of this option from old Squid without the HTTP/1.1
compliant behaviour is now just forming a security and privacy abuse. - 13924. By Amos Jeffries
-
Parser-NG: HTTP request-line parser replacement
Converts the request-line parse method from a char* string parser to
using ::Parser::Tokenizer based processing.* The characters for each token are now limited to the RFC 7230
compliant values. The URI is taken as a whole token and characters which
are valid in only one sub-token segment are accepted regardless of their
position. In relaxed parse that is extended beyond the valid URI
characters to include the whitespace characters.* Whitespace tolerance is extended to include "binary" whitespace VTAB,
HTAB, CR and FF characters specified in RFC 7230.* The Squid specific tolerance for whitespace prefix to method is
removed. RFC 2730 clarifies that tolerance before request-line is
specfifically and only for whole empty lines (sequences of CRLF or LF).* The unit tests are extended to check strict and relaxed parse within
the new characterset limits. Drip-feed incremental test updated to check
both parser modes explicitly.* ::Parser:Tokenizer is extended with methods to skip or retrieve a
token at the suffix of the stored buffer. This is used by the whitespace
tolerant parse to process the URL and HTTP-version tokens from the line
"backwards" from the LF position.CoAdvisor and Polygraph show no differences. Which is expected since
coadvisor does not test RFC 7230 edge cases (yet), and polygraph is not
stressing incremental parse capabilities. - 13922. By Eldar Akchurin <email address hidden>
-
Bug 4073: Cygwin compile errors
Remove the definition of _SQUID_WINDOWS_ for Cygwin builds. The blend
of win32 and Linux environments is sufficiently different to have major
build issues. We have a precedent in kFreeBSD blend of BSD and Linux to
consider Cygwin a blend and first-class OS.Also, temporarily disable the Win32-specific libraries and objects until
they can be properly tested.Fix some small remaining compile errors after the above.
Cygwin Windows build is sponsored by Diladele B.V.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:~squid/squid/trunk
