diff options
Diffstat (limited to 'net-www/squid/files/squid-2.4.6-debian.diff')
-rw-r--r-- | net-www/squid/files/squid-2.4.6-debian.diff | 413 |
1 files changed, 413 insertions, 0 deletions
diff --git a/net-www/squid/files/squid-2.4.6-debian.diff b/net-www/squid/files/squid-2.4.6-debian.diff new file mode 100644 index 000000000000..b6ae92586746 --- /dev/null +++ b/net-www/squid/files/squid-2.4.6-debian.diff @@ -0,0 +1,413 @@ +These patches are borrowed from Debian's squid-2.4.4 patch. Here's +the README file describing them: +--- + +Upstream patches against the release, that will be integrated into +the next stable release (http://www.squid-cache.org/Versions/v2/2.4/bugs/) + +[currently none] + +Debian specific patches: +All patches that were in the debian squid-2.2.5 and squid-2.3.4 have been +applied to squid-2.4.3 as well, if they hadn't been integrated yet. + +cf.data.debian.patch Debian specific squid.conf patches +dfl-error-dir.patch Default error dir is under /usr/lib/squid for Debian +linux-increase-fds.patch + A hack to squid.h so that FD_SETSIZE can be + redefined on Linux for more open filedescriptors. +no_append_domain_localhost.patch + Don't apply "append_domain" setting to "localhost" + in unqualified URLs. +pipeline-shutup.patch Lower priority of some debug msgs of pipelining code +smb_auth.patch Read password with '-r' so backslashes work + Patch awk regexp to read correct field from nmblookup +syslog.patch Log to daemon.log instead of local4.log +unlinkd.patch Only run unlinkd for diskd and ufs storage methods +debug.c.patch Fix debug output corruption (and crash) when + debug_options is set to 11,3 +webdav-search.patch Reckognize SEARCH webdav method - the Exchange 2000 + web frontend uses it (sigh). +pam-auth-reload.patch Make PAM reload time configurable on command line + +--- squid-2.4.4.orig/auth_modules/PAM/pam_auth.c ++++ squid-2.4.4/auth_modules/PAM/pam_auth.c +@@ -42,6 +42,7 @@ + #include <stdio.h> + #include <assert.h> + #include <stdlib.h> ++#include <unistd.h> + #include <string.h> + #include <signal.h> + #include <time.h> +@@ -56,8 +57,8 @@ + #define SQUID_PAM_SERVICE "squid" + #endif + +-/* How often to reinitialize PAM, in seconds. Undefined = never, 0=always */ +-/* #define PAM_CONNECTION_TTL 60 */ ++/* How often to reinitialize PAM, in seconds. -1 = never, 0=always */ ++#define PAM_CONNECTION_TTL -1 + + static int reset_pam = 1; /* Set to one if it is time to reset PAM processing */ + +@@ -111,6 +112,13 @@ + } + + int ++usage(void) ++{ ++ fprintf(stderr, "Usage: pam_auth [-r seconds]\n"); ++ exit(1); ++} ++ ++int + main(int argc, char *argv[]) + { + pam_handle_t *pamh = NULL; +@@ -119,6 +127,18 @@ + /* char *password; */ + char buf[BUFSIZE]; + time_t pamh_created = 0; ++ int c, pam_connection_ttl = PAM_CONNECTION_TTL; ++ extern char *optarg; ++ extern int optind; ++ ++ while ((c = getopt(argc, argv, "r:")) != EOF) switch (c) { ++ case 'r': ++ pam_connection_ttl = atoi(optarg); ++ break; ++ default: ++ usage(); ++ } ++ if (optind < argc) usage(); + + signal(SIGHUP, signal_received); + +@@ -142,10 +162,10 @@ + } + *password++ = '\0'; + conv.appdata_ptr = (char *) password; /* from buf above. not allocated */ +-#ifdef PAM_CONNECTION_TTL +- if (pamh_created + PAM_CONNECTION_TTL >= time(NULL)) ++ if (pam_connection_ttl >= 0 && ++ pamh_created + pam_connection_ttl <= time(NULL)) + reset_pam = 1; +-#endif ++ + if (reset_pam && pamh) { + /* Close previous PAM connection */ + retval = pam_end(pamh, retval); +--- squid-2.4.4.orig/auth_modules/SMB/Makefile.in ++++ squid-2.4.4/auth_modules/SMB/Makefile.in +@@ -11,7 +11,8 @@ + # by using the --prefix option when configuring Samba, you need to change + # SAMBAPREFIX accordingly. + +-SAMBAPREFIX=/usr/local/samba ++#SAMBAPREFIX=/usr/local/samba ++SAMBAPREFIX=/usr + + prefix = @prefix@ + exec_prefix = @exec_prefix@ +--- squid-2.4.4.orig/auth_modules/SMB/smb_auth.sh ++++ squid-2.4.4/auth_modules/SMB/smb_auth.sh +@@ -24,7 +24,7 @@ + read AUTHSHARE + read AUTHFILE + read SMBUSER +-read SMBPASS ++read -r SMBPASS + + # Find domain controller + echo "Domain name: $DOMAINNAME" +@@ -47,7 +47,7 @@ + addropt="" + fi + echo "Query address options: $addropt" +-dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+ / { print $1 ; exit }'` ++dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+\..+ / { print $1 ; exit }'` + echo "Domain controller IP address: $dcip" + [ -n "$dcip" ] || exit 1 + +--- squid-2.4.4.orig/src/cf.data.pre ++++ squid-2.4.4/src/cf.data.pre +@@ -98,12 +98,12 @@ + NAME: htcp_port + IFDEF: USE_HTCP + TYPE: ushort +-DEFAULT: 4827 ++DEFAULT: 0 + LOC: Config.Port.htcp + DOC_START + The port number where Squid sends and receives HTCP queries to +- and from neighbor caches. Default is 4827. To disable use +- "0". ++ and from neighbor caches. To turn it on you want to set it 4827. ++ By default it is set to "0" (disabled). + + To enable this option, you must use --enable-htcp with the + configure script. +@@ -1294,7 +1294,7 @@ + 'Max' is an upper limit on how long objects without an explicit + expiry time will be considered fresh. + +- options: overrsde-expire ++ options: override-expire + override-lastmod + reload-into-ims + ignore-reload +@@ -1730,6 +1730,8 @@ + acl Safe_ports port 488 # gss-http + acl Safe_ports port 591 # filemaker + acl Safe_ports port 777 # multiling http ++acl Safe_ports port 901 # SWAT ++acl purge method PURGE + acl CONNECT method CONNECT + NOCOMMENT_END + DOC_END +@@ -1763,6 +1765,9 @@ + # Only allow cachemgr access from localhost + http_access allow manager localhost + http_access deny manager ++# Only allow purge requests from localhost ++http_access allow purge localhost ++http_access deny purge + # Deny requests to unknown ports + http_access deny !Safe_ports + # Deny CONNECT to other than SSL ports +@@ -1890,19 +1895,19 @@ + + NAME: cache_effective_user + TYPE: string +-DEFAULT: nobody ++DEFAULT: squid + LOC: Config.effectiveUser + DOC_NONE + + NAME: cache_effective_group + TYPE: string +-DEFAULT: nogroup ++DEFAULT: squid + LOC: Config.effectiveGroup + DOC_START + + If the cache is run as root, it will change its effective/real + UID/GID to the UID/GID specified below. The default is to +- change to UID to nobody and GID to nogroup. ++ change to UID to squid and GID to squid. + + If Squid is not started as root, the default is to keep the + current UID/GID. Note that if Squid is not started as root then +@@ -2657,12 +2665,15 @@ + NAME: snmp_port + TYPE: ushort + LOC: Config.Port.snmp +-DEFAULT: 3401 ++DEFAULT: 0 + IFDEF: SQUID_SNMP + DOC_START + Squid can now serve statistics and status information via SNMP. + By default it listens to port 3401 on the machine. If you don't + wish to use SNMP, set this to "0". ++ ++ Note: on Gentoo Linux, the default is zero - you need to ++ set it to 3401 to enable it. + + NOTE: SNMP support requires use the --enable-snmp configure + command line option. +--- squid-2.4.4.orig/src/client_side.c ++++ squid-2.4.4/src/client_side.c +@@ -1702,7 +1702,7 @@ + fd, storeUrl(entry), (int) http->out.offset); + if (conn->chr != http) { + /* there is another object in progress, defer this one */ +- debug(33, 1) ("clientSendMoreData: Deferring %s\n", storeUrl(entry)); ++ debug(33, 2) ("clientSendMoreData: Deferring %s\n", storeUrl(entry)); + memFree(buf, MEM_CLIENT_SOCK_BUF); + return; + } else if (entry && EBIT_TEST(entry->flags, ENTRY_ABORTED)) { +@@ -1876,7 +1876,7 @@ + * execution will resume after the operation completes. + */ + } else { +- debug(33, 1) ("clientKeepaliveNextRequest: FD %d Sending next\n", ++ debug(33, 2) ("clientKeepaliveNextRequest: FD %d Sending next\n", + conn->fd); + assert(entry); + if (0 == storeClientCopyPending(http->sc, entry, http)) { +--- squid-2.4.4.orig/src/debug.c ++++ squid-2.4.4/src/debug.c +@@ -74,6 +74,9 @@ + #else + format = va_arg(args1, const char *); + #endif ++ /* give a chance to context-based debugging to print current context */ ++ if (debug_log && !Ctx_Lock) ++ ctx_print(); + snprintf(f, BUFSIZ, "%s| %s", + debugLogTime(squid_curtime), + format); +@@ -94,9 +97,6 @@ + { + if (debug_log == NULL) + return; +- /* give a chance to context-based debugging to print current context */ +- if (!Ctx_Lock) +- ctx_print(); + vfprintf(debug_log, format, args); + if (!Config.onoff.buffered_logs) + fflush(debug_log); +@@ -201,9 +201,9 @@ + } + debugOpenLog(logfile); + +-#if HAVE_SYSLOG && defined(LOG_LOCAL4) ++#if HAVE_SYSLOG + if (opt_syslog_enable) +- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON); + #endif /* HAVE_SYSLOG */ + + } +--- squid-2.4.4.orig/src/defines.h ++++ squid-2.4.4/src/defines.h +@@ -219,7 +219,7 @@ + #define N_COUNT_HOUR_HIST (86400 * 3) / (60 * COUNT_INTERVAL) + + /* were to look for errors if config path fails */ +-#define DEFAULT_SQUID_ERROR_DIR "/usr/local/squid/etc/errors" ++#define DEFAULT_SQUID_ERROR_DIR "/usr/lib/squid/errors/English" + + /* gb_type operations */ + #define gb_flush_limit (0x3FFFFFFF) +--- squid-2.4.4.orig/src/enums.h ++++ squid-2.4.4/src/enums.h +@@ -393,6 +393,7 @@ + METHOD_EXT17, + METHOD_EXT18, + METHOD_EXT19, ++ METHOD_SEARCH, /* Exchange 2000 web frontend */ + METHOD_ENUM_END + }; + typedef unsigned int method_t; +--- squid-2.4.4.orig/src/main.c ++++ squid-2.4.4/src/main.c +@@ -83,7 +83,7 @@ + usage(void) + { + fprintf(stderr, +- "Usage: %s [-dhsvzCDFNRVYX] [-f config-file] [-[au] port] [-k signal]\n" ++ "Usage: %s [-hsvzCDFNRSVXY] [-d level] [-f file] [-[au] port] [-k signal]\n" + " -a port Specify HTTP port number (default: %d).\n" + " -d level Write debugging to stderr also.\n" + " -f file Use given config-file instead of\n" +@@ -320,6 +320,21 @@ + asnFreeMemory(); + } + ++#if USE_UNLINKD ++static int ++needUnlinkd(void) ++{ ++ int i; ++ int r = 0; ++ for (i = 0; i < Config.cacheSwap.n_configured; i++) { ++ if (strcmp(Config.cacheSwap.swapDirs[i].type, "ufs") == 0 || ++ strcmp(Config.cacheSwap.swapDirs[i].type, "diskd") == 0) ++ r++; ++ } ++ return r; ++} ++#endif ++ + static void + mainReconfigure(void) + { +@@ -344,6 +359,9 @@ + #endif + redirectShutdown(); + authenticateShutdown(); ++#if USE_UNLINKD ++ unlinkdClose(); ++#endif + storeDirCloseSwapLogs(); + errorClean(); + mimeFreeMemory(); +@@ -362,6 +380,9 @@ + #if USE_WCCP + wccpInit(); + #endif ++#if USE_UNLINKD ++ if (needUnlinkd()) unlinkdInit(); ++#endif + serverConnectionsOpen(); + if (theOutIcpConnection >= 0) { + if (!Config2.Accel.on || Config.onoff.accel_with_proxy) +@@ -507,7 +528,7 @@ + + if (!configured_once) { + #if USE_UNLINKD +- unlinkdInit(); ++ if (needUnlinkd()) unlinkdInit(); + #endif + urlInitialize(); + cachemgrInit(); +@@ -835,7 +856,7 @@ + int nullfd; + if (*(argv[0]) == '(') + return; +- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON); + if ((pid = fork()) < 0) + syslog(LOG_ALERT, "fork failed: %s", xstrerror()); + else if (pid > 0) +--- squid-2.4.4.orig/src/squid.h ++++ squid-2.4.4/src/squid.h +@@ -45,10 +45,24 @@ + */ + #define CHANGE_FD_SETSIZE 1 + +-/* Cannot increase FD_SETSIZE on Linux */ ++/* ++ * Cannot increase FD_SETSIZE on Linux, but we can increase __FD_SETSIZE ++ * with glibc 2.2 (or later? remains to be seen). We do this by including ++ * bits/types.h which defines __FD_SETSIZE first, then we redefine ++ * FD_SETSIZE. Ofcourse a user program may NEVER include bits/whatever.h ++ * directly, so this is a dirty hack! ++ */ + #if defined(_SQUID_LINUX_) +-#undef CHANGE_FD_SETSIZE +-#define CHANGE_FD_SETSIZE 0 ++# undef CHANGE_FD_SETSIZE ++# define CHANGE_FD_SETSIZE 0 ++# include <features.h> ++# if (__GLIBC__ > 2) || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 2) ++# if SQUID_MAXFD > DEFAULT_FD_SETSIZE ++# include <bits/types.h> ++# undef __FD_SETSIZE ++# define __FD_SETSIZE SQUID_MAXFD ++# endif ++# endif + #endif + + /* +--- squid-2.4.4.orig/src/url.c ++++ squid-2.4.4/src/url.c +@@ -77,6 +77,7 @@ + "%EXT17", + "%EXT18", + "%EXT19", ++ "SEARCH", /* Exchange 2000 web frontend */ + "ERROR" + }; + +@@ -308,7 +309,7 @@ + /* remove duplicate dots */ + while ((t = strstr(host, ".."))) + xmemmove(t, t + 1, strlen(t)); +- if (Config.appendDomain && !strchr(host, '.')) ++ if (Config.appendDomain && !strchr(host, '.') && strcasecmp(host, "localhost") != 0) + strncat(host, Config.appendDomain, SQUIDHOSTNAMELEN); + if (port == 0) { + debug(23, 3) ("urlParse: Invalid port == 0\n"); |