summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'net-www/squid/files/squid-2.4.6-debian.diff')
-rw-r--r--net-www/squid/files/squid-2.4.6-debian.diff413
1 files changed, 413 insertions, 0 deletions
diff --git a/net-www/squid/files/squid-2.4.6-debian.diff b/net-www/squid/files/squid-2.4.6-debian.diff
new file mode 100644
index 000000000000..b6ae92586746
--- /dev/null
+++ b/net-www/squid/files/squid-2.4.6-debian.diff
@@ -0,0 +1,413 @@
+These patches are borrowed from Debian's squid-2.4.4 patch. Here's
+the README file describing them:
+---
+
+Upstream patches against the release, that will be integrated into
+the next stable release (http://www.squid-cache.org/Versions/v2/2.4/bugs/)
+
+[currently none]
+
+Debian specific patches:
+All patches that were in the debian squid-2.2.5 and squid-2.3.4 have been
+applied to squid-2.4.3 as well, if they hadn't been integrated yet.
+
+cf.data.debian.patch Debian specific squid.conf patches
+dfl-error-dir.patch Default error dir is under /usr/lib/squid for Debian
+linux-increase-fds.patch
+ A hack to squid.h so that FD_SETSIZE can be
+ redefined on Linux for more open filedescriptors.
+no_append_domain_localhost.patch
+ Don't apply "append_domain" setting to "localhost"
+ in unqualified URLs.
+pipeline-shutup.patch Lower priority of some debug msgs of pipelining code
+smb_auth.patch Read password with '-r' so backslashes work
+ Patch awk regexp to read correct field from nmblookup
+syslog.patch Log to daemon.log instead of local4.log
+unlinkd.patch Only run unlinkd for diskd and ufs storage methods
+debug.c.patch Fix debug output corruption (and crash) when
+ debug_options is set to 11,3
+webdav-search.patch Reckognize SEARCH webdav method - the Exchange 2000
+ web frontend uses it (sigh).
+pam-auth-reload.patch Make PAM reload time configurable on command line
+
+--- squid-2.4.4.orig/auth_modules/PAM/pam_auth.c
++++ squid-2.4.4/auth_modules/PAM/pam_auth.c
+@@ -42,6 +42,7 @@
+ #include <stdio.h>
+ #include <assert.h>
+ #include <stdlib.h>
++#include <unistd.h>
+ #include <string.h>
+ #include <signal.h>
+ #include <time.h>
+@@ -56,8 +57,8 @@
+ #define SQUID_PAM_SERVICE "squid"
+ #endif
+
+-/* How often to reinitialize PAM, in seconds. Undefined = never, 0=always */
+-/* #define PAM_CONNECTION_TTL 60 */
++/* How often to reinitialize PAM, in seconds. -1 = never, 0=always */
++#define PAM_CONNECTION_TTL -1
+
+ static int reset_pam = 1; /* Set to one if it is time to reset PAM processing */
+
+@@ -111,6 +112,13 @@
+ }
+
+ int
++usage(void)
++{
++ fprintf(stderr, "Usage: pam_auth [-r seconds]\n");
++ exit(1);
++}
++
++int
+ main(int argc, char *argv[])
+ {
+ pam_handle_t *pamh = NULL;
+@@ -119,6 +127,18 @@
+ /* char *password; */
+ char buf[BUFSIZE];
+ time_t pamh_created = 0;
++ int c, pam_connection_ttl = PAM_CONNECTION_TTL;
++ extern char *optarg;
++ extern int optind;
++
++ while ((c = getopt(argc, argv, "r:")) != EOF) switch (c) {
++ case 'r':
++ pam_connection_ttl = atoi(optarg);
++ break;
++ default:
++ usage();
++ }
++ if (optind < argc) usage();
+
+ signal(SIGHUP, signal_received);
+
+@@ -142,10 +162,10 @@
+ }
+ *password++ = '\0';
+ conv.appdata_ptr = (char *) password; /* from buf above. not allocated */
+-#ifdef PAM_CONNECTION_TTL
+- if (pamh_created + PAM_CONNECTION_TTL >= time(NULL))
++ if (pam_connection_ttl >= 0 &&
++ pamh_created + pam_connection_ttl <= time(NULL))
+ reset_pam = 1;
+-#endif
++
+ if (reset_pam && pamh) {
+ /* Close previous PAM connection */
+ retval = pam_end(pamh, retval);
+--- squid-2.4.4.orig/auth_modules/SMB/Makefile.in
++++ squid-2.4.4/auth_modules/SMB/Makefile.in
+@@ -11,7 +11,8 @@
+ # by using the --prefix option when configuring Samba, you need to change
+ # SAMBAPREFIX accordingly.
+
+-SAMBAPREFIX=/usr/local/samba
++#SAMBAPREFIX=/usr/local/samba
++SAMBAPREFIX=/usr
+
+ prefix = @prefix@
+ exec_prefix = @exec_prefix@
+--- squid-2.4.4.orig/auth_modules/SMB/smb_auth.sh
++++ squid-2.4.4/auth_modules/SMB/smb_auth.sh
+@@ -24,7 +24,7 @@
+ read AUTHSHARE
+ read AUTHFILE
+ read SMBUSER
+-read SMBPASS
++read -r SMBPASS
+
+ # Find domain controller
+ echo "Domain name: $DOMAINNAME"
+@@ -47,7 +47,7 @@
+ addropt=""
+ fi
+ echo "Query address options: $addropt"
+-dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+ / { print $1 ; exit }'`
++dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+\..+ / { print $1 ; exit }'`
+ echo "Domain controller IP address: $dcip"
+ [ -n "$dcip" ] || exit 1
+
+--- squid-2.4.4.orig/src/cf.data.pre
++++ squid-2.4.4/src/cf.data.pre
+@@ -98,12 +98,12 @@
+ NAME: htcp_port
+ IFDEF: USE_HTCP
+ TYPE: ushort
+-DEFAULT: 4827
++DEFAULT: 0
+ LOC: Config.Port.htcp
+ DOC_START
+ The port number where Squid sends and receives HTCP queries to
+- and from neighbor caches. Default is 4827. To disable use
+- "0".
++ and from neighbor caches. To turn it on you want to set it 4827.
++ By default it is set to "0" (disabled).
+
+ To enable this option, you must use --enable-htcp with the
+ configure script.
+@@ -1294,7 +1294,7 @@
+ 'Max' is an upper limit on how long objects without an explicit
+ expiry time will be considered fresh.
+
+- options: overrsde-expire
++ options: override-expire
+ override-lastmod
+ reload-into-ims
+ ignore-reload
+@@ -1730,6 +1730,8 @@
+ acl Safe_ports port 488 # gss-http
+ acl Safe_ports port 591 # filemaker
+ acl Safe_ports port 777 # multiling http
++acl Safe_ports port 901 # SWAT
++acl purge method PURGE
+ acl CONNECT method CONNECT
+ NOCOMMENT_END
+ DOC_END
+@@ -1763,6 +1765,9 @@
+ # Only allow cachemgr access from localhost
+ http_access allow manager localhost
+ http_access deny manager
++# Only allow purge requests from localhost
++http_access allow purge localhost
++http_access deny purge
+ # Deny requests to unknown ports
+ http_access deny !Safe_ports
+ # Deny CONNECT to other than SSL ports
+@@ -1890,19 +1895,19 @@
+
+ NAME: cache_effective_user
+ TYPE: string
+-DEFAULT: nobody
++DEFAULT: squid
+ LOC: Config.effectiveUser
+ DOC_NONE
+
+ NAME: cache_effective_group
+ TYPE: string
+-DEFAULT: nogroup
++DEFAULT: squid
+ LOC: Config.effectiveGroup
+ DOC_START
+
+ If the cache is run as root, it will change its effective/real
+ UID/GID to the UID/GID specified below. The default is to
+- change to UID to nobody and GID to nogroup.
++ change to UID to squid and GID to squid.
+
+ If Squid is not started as root, the default is to keep the
+ current UID/GID. Note that if Squid is not started as root then
+@@ -2657,12 +2665,15 @@
+ NAME: snmp_port
+ TYPE: ushort
+ LOC: Config.Port.snmp
+-DEFAULT: 3401
++DEFAULT: 0
+ IFDEF: SQUID_SNMP
+ DOC_START
+ Squid can now serve statistics and status information via SNMP.
+ By default it listens to port 3401 on the machine. If you don't
+ wish to use SNMP, set this to "0".
++
++ Note: on Gentoo Linux, the default is zero - you need to
++ set it to 3401 to enable it.
+
+ NOTE: SNMP support requires use the --enable-snmp configure
+ command line option.
+--- squid-2.4.4.orig/src/client_side.c
++++ squid-2.4.4/src/client_side.c
+@@ -1702,7 +1702,7 @@
+ fd, storeUrl(entry), (int) http->out.offset);
+ if (conn->chr != http) {
+ /* there is another object in progress, defer this one */
+- debug(33, 1) ("clientSendMoreData: Deferring %s\n", storeUrl(entry));
++ debug(33, 2) ("clientSendMoreData: Deferring %s\n", storeUrl(entry));
+ memFree(buf, MEM_CLIENT_SOCK_BUF);
+ return;
+ } else if (entry && EBIT_TEST(entry->flags, ENTRY_ABORTED)) {
+@@ -1876,7 +1876,7 @@
+ * execution will resume after the operation completes.
+ */
+ } else {
+- debug(33, 1) ("clientKeepaliveNextRequest: FD %d Sending next\n",
++ debug(33, 2) ("clientKeepaliveNextRequest: FD %d Sending next\n",
+ conn->fd);
+ assert(entry);
+ if (0 == storeClientCopyPending(http->sc, entry, http)) {
+--- squid-2.4.4.orig/src/debug.c
++++ squid-2.4.4/src/debug.c
+@@ -74,6 +74,9 @@
+ #else
+ format = va_arg(args1, const char *);
+ #endif
++ /* give a chance to context-based debugging to print current context */
++ if (debug_log && !Ctx_Lock)
++ ctx_print();
+ snprintf(f, BUFSIZ, "%s| %s",
+ debugLogTime(squid_curtime),
+ format);
+@@ -94,9 +97,6 @@
+ {
+ if (debug_log == NULL)
+ return;
+- /* give a chance to context-based debugging to print current context */
+- if (!Ctx_Lock)
+- ctx_print();
+ vfprintf(debug_log, format, args);
+ if (!Config.onoff.buffered_logs)
+ fflush(debug_log);
+@@ -201,9 +201,9 @@
+ }
+ debugOpenLog(logfile);
+
+-#if HAVE_SYSLOG && defined(LOG_LOCAL4)
++#if HAVE_SYSLOG
+ if (opt_syslog_enable)
+- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++ openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON);
+ #endif /* HAVE_SYSLOG */
+
+ }
+--- squid-2.4.4.orig/src/defines.h
++++ squid-2.4.4/src/defines.h
+@@ -219,7 +219,7 @@
+ #define N_COUNT_HOUR_HIST (86400 * 3) / (60 * COUNT_INTERVAL)
+
+ /* were to look for errors if config path fails */
+-#define DEFAULT_SQUID_ERROR_DIR "/usr/local/squid/etc/errors"
++#define DEFAULT_SQUID_ERROR_DIR "/usr/lib/squid/errors/English"
+
+ /* gb_type operations */
+ #define gb_flush_limit (0x3FFFFFFF)
+--- squid-2.4.4.orig/src/enums.h
++++ squid-2.4.4/src/enums.h
+@@ -393,6 +393,7 @@
+ METHOD_EXT17,
+ METHOD_EXT18,
+ METHOD_EXT19,
++ METHOD_SEARCH, /* Exchange 2000 web frontend */
+ METHOD_ENUM_END
+ };
+ typedef unsigned int method_t;
+--- squid-2.4.4.orig/src/main.c
++++ squid-2.4.4/src/main.c
+@@ -83,7 +83,7 @@
+ usage(void)
+ {
+ fprintf(stderr,
+- "Usage: %s [-dhsvzCDFNRVYX] [-f config-file] [-[au] port] [-k signal]\n"
++ "Usage: %s [-hsvzCDFNRSVXY] [-d level] [-f file] [-[au] port] [-k signal]\n"
+ " -a port Specify HTTP port number (default: %d).\n"
+ " -d level Write debugging to stderr also.\n"
+ " -f file Use given config-file instead of\n"
+@@ -320,6 +320,21 @@
+ asnFreeMemory();
+ }
+
++#if USE_UNLINKD
++static int
++needUnlinkd(void)
++{
++ int i;
++ int r = 0;
++ for (i = 0; i < Config.cacheSwap.n_configured; i++) {
++ if (strcmp(Config.cacheSwap.swapDirs[i].type, "ufs") == 0 ||
++ strcmp(Config.cacheSwap.swapDirs[i].type, "diskd") == 0)
++ r++;
++ }
++ return r;
++}
++#endif
++
+ static void
+ mainReconfigure(void)
+ {
+@@ -344,6 +359,9 @@
+ #endif
+ redirectShutdown();
+ authenticateShutdown();
++#if USE_UNLINKD
++ unlinkdClose();
++#endif
+ storeDirCloseSwapLogs();
+ errorClean();
+ mimeFreeMemory();
+@@ -362,6 +380,9 @@
+ #if USE_WCCP
+ wccpInit();
+ #endif
++#if USE_UNLINKD
++ if (needUnlinkd()) unlinkdInit();
++#endif
+ serverConnectionsOpen();
+ if (theOutIcpConnection >= 0) {
+ if (!Config2.Accel.on || Config.onoff.accel_with_proxy)
+@@ -507,7 +528,7 @@
+
+ if (!configured_once) {
+ #if USE_UNLINKD
+- unlinkdInit();
++ if (needUnlinkd()) unlinkdInit();
+ #endif
+ urlInitialize();
+ cachemgrInit();
+@@ -835,7 +856,7 @@
+ int nullfd;
+ if (*(argv[0]) == '(')
+ return;
+- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++ openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON);
+ if ((pid = fork()) < 0)
+ syslog(LOG_ALERT, "fork failed: %s", xstrerror());
+ else if (pid > 0)
+--- squid-2.4.4.orig/src/squid.h
++++ squid-2.4.4/src/squid.h
+@@ -45,10 +45,24 @@
+ */
+ #define CHANGE_FD_SETSIZE 1
+
+-/* Cannot increase FD_SETSIZE on Linux */
++/*
++ * Cannot increase FD_SETSIZE on Linux, but we can increase __FD_SETSIZE
++ * with glibc 2.2 (or later? remains to be seen). We do this by including
++ * bits/types.h which defines __FD_SETSIZE first, then we redefine
++ * FD_SETSIZE. Ofcourse a user program may NEVER include bits/whatever.h
++ * directly, so this is a dirty hack!
++ */
+ #if defined(_SQUID_LINUX_)
+-#undef CHANGE_FD_SETSIZE
+-#define CHANGE_FD_SETSIZE 0
++# undef CHANGE_FD_SETSIZE
++# define CHANGE_FD_SETSIZE 0
++# include <features.h>
++# if (__GLIBC__ > 2) || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 2)
++# if SQUID_MAXFD > DEFAULT_FD_SETSIZE
++# include <bits/types.h>
++# undef __FD_SETSIZE
++# define __FD_SETSIZE SQUID_MAXFD
++# endif
++# endif
+ #endif
+
+ /*
+--- squid-2.4.4.orig/src/url.c
++++ squid-2.4.4/src/url.c
+@@ -77,6 +77,7 @@
+ "%EXT17",
+ "%EXT18",
+ "%EXT19",
++ "SEARCH", /* Exchange 2000 web frontend */
+ "ERROR"
+ };
+
+@@ -308,7 +309,7 @@
+ /* remove duplicate dots */
+ while ((t = strstr(host, "..")))
+ xmemmove(t, t + 1, strlen(t));
+- if (Config.appendDomain && !strchr(host, '.'))
++ if (Config.appendDomain && !strchr(host, '.') && strcasecmp(host, "localhost") != 0)
+ strncat(host, Config.appendDomain, SQUIDHOSTNAMELEN);
+ if (port == 0) {
+ debug(23, 3) ("urlParse: Invalid port == 0\n");