diff -ruN squid-2.6.STABLE20/ChangeLog squid-2.6.STABLE21/ChangeLog --- squid-2.6.STABLE20/ChangeLog 2008-04-25 21:49:06.000000000 +0200 +++ squid-2.6.STABLE21/ChangeLog 2008-06-27 23:37:35.000000000 +0200 @@ -1,3 +1,27 @@ +Changes to squid-2.6.STABLE21 (27 June 2008) + + - Bug #2350: Bugs in Linux kernel capabilities code + - Bug #2241: weights not applied properly in round-robin peer + selection + - Off by one error in DNS label decompression could cause valid DNS + messages to be rejected + - logformat docs contain extra whitespace + - Reject ridiculously large ASN.1 lengths + - Fix SNMP reporting of counters with a value > 0xFF80000 + - Correct spelling of WCCPv2 dst_port_hash to match the source + - Plug some "squid -k reconfigure" memory leaks. Mostly SSL related. + - Bug #1993: Memory leak in http_reply_access deny processing + - Bug #2122: In some situations collapsed_forwarding could leak + private information + - Bug #2376: Round-Robin becomes unbalanced when a peer dies and comes + back + - Bug #2387: The calculation of the number of hash buckets need to + account for the memory size, not only disk size + - Bug #2393: DNS requests retried indefinitely at full speed on failed + TCP connection + - Bug #2393: DNS retransmit queue could get hold up + - Correct socket syscalls statistics in commResetFD() + Changes to squid-2.6.STABLE20 (25 Apr 2008) - Bug #2263: Custom log formats fail to log file sizes >2GB properly diff -ruN squid-2.6.STABLE20/configure squid-2.6.STABLE21/configure --- squid-2.6.STABLE20/configure 2008-04-25 21:49:52.000000000 +0200 +++ squid-2.6.STABLE21/configure 2008-06-27 23:55:39.000000000 +0200 @@ -1,7 +1,7 @@ #! /bin/sh -# From configure.in Revision: 1.416.2.26 . +# From configure.in Revision: 1.416.2.27 . # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.61 for Squid Web Proxy 2.6.STABLE20. +# Generated by GNU Autoconf 2.61 for Squid Web Proxy 2.6.STABLE21. # # Report bugs to . # @@ -575,8 +575,8 @@ # Identity of this package. PACKAGE_NAME='Squid Web Proxy' PACKAGE_TARNAME='squid' -PACKAGE_VERSION='2.6.STABLE20' -PACKAGE_STRING='Squid Web Proxy 2.6.STABLE20' +PACKAGE_VERSION='2.6.STABLE21' +PACKAGE_STRING='Squid Web Proxy 2.6.STABLE21' PACKAGE_BUGREPORT='http://www.squid-cache.org/bugs/' ac_default_prefix=/usr/local/squid @@ -1314,7 +1314,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures Squid Web Proxy 2.6.STABLE20 to adapt to many kinds of systems. +\`configure' configures Squid Web Proxy 2.6.STABLE21 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1384,7 +1384,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of Squid Web Proxy 2.6.STABLE20:";; + short | recursive ) echo "Configuration of Squid Web Proxy 2.6.STABLE21:";; esac cat <<\_ACEOF @@ -1662,7 +1662,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -Squid Web Proxy configure 2.6.STABLE20 +Squid Web Proxy configure 2.6.STABLE21 generated by GNU Autoconf 2.61 Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, @@ -1676,7 +1676,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by Squid Web Proxy $as_me 2.6.STABLE20, which was +It was created by Squid Web Proxy $as_me 2.6.STABLE21, which was generated by GNU Autoconf 2.61. Invocation command line was $ $0 $@ @@ -2349,7 +2349,7 @@ # Define the identity of the package. PACKAGE='squid' - VERSION='2.6.STABLE20' + VERSION='2.6.STABLE21' cat >>confdefs.h <<_ACEOF @@ -27276,7 +27276,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by Squid Web Proxy $as_me 2.6.STABLE20, which was +This file was extended by Squid Web Proxy $as_me 2.6.STABLE21, which was generated by GNU Autoconf 2.61. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -27329,7 +27329,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF ac_cs_version="\\ -Squid Web Proxy config.status 2.6.STABLE20 +Squid Web Proxy config.status 2.6.STABLE21 configured by $0, generated by GNU Autoconf 2.61, with options \\"`echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\" diff -ruN squid-2.6.STABLE20/configure.in squid-2.6.STABLE21/configure.in --- squid-2.6.STABLE20/configure.in 2008-04-25 21:49:52.000000000 +0200 +++ squid-2.6.STABLE21/configure.in 2008-06-27 23:55:39.000000000 +0200 @@ -1,16 +1,16 @@ dnl dnl Configuration input file for Squid dnl -dnl $Id: configure.in,v 1.416.2.26 2008/04/22 15:17:28 hno Exp $ +dnl $Id: configure.in,v 1.416.2.27 2008/06/27 21:26:34 hno Exp $ dnl dnl dnl -AC_INIT(Squid Web Proxy, 2.6.STABLE20, http://www.squid-cache.org/bugs/, squid) +AC_INIT(Squid Web Proxy, 2.6.STABLE21, http://www.squid-cache.org/bugs/, squid) AC_PREREQ(2.52) AM_CONFIG_HEADER(include/autoconf.h) AC_CONFIG_AUX_DIR(cfgaux) AM_INIT_AUTOMAKE -AC_REVISION($Revision: 1.416.2.26 $)dnl +AC_REVISION($Revision: 1.416.2.27 $)dnl AC_PREFIX_DEFAULT(/usr/local/squid) AM_MAINTAINER_MODE diff -ruN squid-2.6.STABLE20/include/version.h squid-2.6.STABLE21/include/version.h --- squid-2.6.STABLE20/include/version.h 2008-04-25 21:49:52.000000000 +0200 +++ squid-2.6.STABLE21/include/version.h 2008-06-27 23:55:39.000000000 +0200 @@ -9,5 +9,5 @@ */ #ifndef SQUID_RELEASE_TIME -#define SQUID_RELEASE_TIME 1209152987 +#define SQUID_RELEASE_TIME 1214603735 #endif diff -ruN squid-2.6.STABLE20/lib/rfc1035.c squid-2.6.STABLE21/lib/rfc1035.c --- squid-2.6.STABLE20/lib/rfc1035.c 2005-05-17 18:56:36.000000000 +0200 +++ squid-2.6.STABLE21/lib/rfc1035.c 2008-06-27 23:03:08.000000000 +0200 @@ -1,6 +1,6 @@ /* - * $Id: rfc1035.c,v 1.29 2005/05/17 16:56:36 hno Exp $ + * $Id: rfc1035.c,v 1.29.2.1 2008/06/27 21:03:08 hno Exp $ * * Low level DNS protocol routines * AUTHOR: Duane Wessels @@ -298,7 +298,7 @@ s = ntohs(s); (*off) += sizeof(s); /* Sanity check */ - if ((*off) >= sz) + if ((*off) > sz) return 1; ptr = s & 0x3FFF; /* Make sure the pointer is inside this message */ diff -ruN squid-2.6.STABLE20/RELEASENOTES.html squid-2.6.STABLE21/RELEASENOTES.html --- squid-2.6.STABLE20/RELEASENOTES.html 2008-04-25 21:50:29.000000000 +0200 +++ squid-2.6.STABLE21/RELEASENOTES.html 2008-06-27 23:56:08.000000000 +0200 @@ -2,12 +2,12 @@ - Squid 2.6.STABLE19 release notes + Squid 2.6.STABLE21 release notes -

Squid 2.6.STABLE19 release notes

+

Squid 2.6.STABLE21 release notes

-

Squid Developers

$Id: release-2.6.html,v 1.44.2.20 2008/04/25 19:49:06 hno Exp $ +

Squid Developers

$Id: release-2.6.html,v 1.44.2.21 2008/06/27 21:26:34 hno Exp $
This document contains the release notes for version 2.6 of Squid. Squid is a WWW Cache application developed by the Web Caching community. @@ -87,6 +87,9 @@

25. Key changes squid-2.6.STABLE19 to 2.6.STABLE20

+

+

26. Key changes squid-2.6.STABLE20 to 2.6.STABLE21

+

1. Key changes from squid 2.5

@@ -381,7 +384,7 @@

-
Known Limitations:

+

Known Limitations

  • Squid features not operational:
      @@ -399,7 +402,7 @@

      -
      Building Squid on Windows:

      A reasonably recent release of +

      Building Squid on Windows

      A reasonably recent release of Cygwin or MinGW is needed.
      The usage of the Cygwin environment is very similar to other Unix/Linux environments, and -devel version of libraries must be installed.
      @@ -822,5 +825,21 @@

    +

    26. Key changes squid-2.6.STABLE20 to 2.6.STABLE21

    + +

    +

      +
    • Reject ridiculously large ASN.1 lengths (SNMP)
      • +
    • Fix SNMP reporting of counters with a value > 0xFF80000
      • +
    • Bug #1993: Memory leak in http_reply_access deny processing
      • +
    • Bug #2122: In some situations collapsed_forwarding could leak private information
      • +
    • Bug #2393: DNS requests retried indefinitely at full speed on failed TCP connection
      • +
    • Bug #2393: DNS retransmit queue could get hold up
      • +
    • See also the list of +squid-2.6.STABLE21 changes and the +ChangeLog file for details.
      • +
    +

    + diff -ruN squid-2.6.STABLE20/snmplib/asn1.c squid-2.6.STABLE21/snmplib/asn1.c --- squid-2.6.STABLE20/snmplib/asn1.c 2006-06-02 19:32:44.000000000 +0200 +++ squid-2.6.STABLE21/snmplib/asn1.c 2008-06-27 23:04:38.000000000 +0200 @@ -324,10 +324,10 @@ return (NULL); } integer = *intp; - mask = (u_int) 0xFF << (8 * (sizeof(int) - 1)); - /* mask is 0xFF000000 on a big-endian machine */ - if ((u_char) ((integer & mask) >> (8 * (sizeof(int) - 1))) & 0x80) { - /* if MSB is set */ + mask = (u_int) 0x80 << (8 * (sizeof(int) - 1)); + /* mask is 0x80000000 on a big-endian machine */ + if ((integer & mask) != 0) { + /* add a null byte if MSB is set, to prevent sign extension */ add_null_byte = 1; intsize++; } @@ -336,11 +336,11 @@ * this 2's complement integer. * There should be no sequence of 9 consecutive 1's or 0's at the * most significant end of the integer. + * The 1's case is taken care of above by adding a null byte. */ mask = (u_int) 0x1FF << ((8 * (sizeof(int) - 1)) - 1); /* mask is 0xFF800000 on a big-endian machine */ - while ((((integer & mask) == 0) - || ((integer & mask) == mask)) && intsize > 1) { + while (((integer & mask) == 0) && intsize > 1) { intsize--; integer <<= 8; } @@ -484,7 +484,7 @@ return (NULL); header_len = bufp - data; - if (header_len + asn_length > *datalength || (int) asn_length < 0) { + if (header_len + asn_length > *datalength || asn_length > (u_int)(2 << 18) ) { snmp_set_api_error(SNMPERR_ASN_DECODE); return (NULL); } diff -ruN squid-2.6.STABLE20/src/cache_cf.c squid-2.6.STABLE21/src/cache_cf.c --- squid-2.6.STABLE20/src/cache_cf.c 2007-08-31 15:49:54.000000000 +0200 +++ squid-2.6.STABLE21/src/cache_cf.c 2008-06-27 23:53:17.000000000 +0200 @@ -1,6 +1,6 @@ /* - * $Id: cache_cf.c,v 1.463.2.4 2007/08/31 13:49:54 hno Exp $ + * $Id: cache_cf.c,v 1.463.2.7 2008/06/27 21:53:17 hno Exp $ * * DEBUG: section 3 Configuration File Parsing * AUTHOR: Harvest Derived @@ -1809,7 +1809,7 @@ head = &(*head)->next; *head = p; Config.npeers++; - peerClearRR(p); + peerClearRRStart(); } static void @@ -2900,6 +2900,15 @@ free_generic_http_port_data(&s->http); safe_free(s->cert); safe_free(s->key); + safe_free(s->cipher); + safe_free(s->options); + safe_free(s->clientca); + safe_free(s->cafile); + safe_free(s->capath); + safe_free(s->crlfile); + safe_free(s->dhfile); + safe_free(s->sslflags); + safe_free(s->sslcontext); if (s->sslContext) SSL_CTX_free(s->sslContext); s->sslContext = NULL; diff -ruN squid-2.6.STABLE20/src/cf.data.pre squid-2.6.STABLE21/src/cf.data.pre --- squid-2.6.STABLE20/src/cf.data.pre 2008-04-21 04:56:24.000000000 +0200 +++ squid-2.6.STABLE21/src/cf.data.pre 2008-06-27 23:05:08.000000000 +0200 @@ -1,6 +1,6 @@ # -# $Id: cf.data.pre,v 1.382.2.30 2008/04/21 02:56:24 hno Exp $ +# $Id: cf.data.pre,v 1.382.2.32 2008/06/27 21:05:08 hno Exp $ # # SQUID Web Proxy Cache http://www.squid-cache.org/ # ---------------------------------------------------------- @@ -2116,8 +2116,10 @@ st Request+Reply size including HTTP headers % a literal % character -logformat squid %ts.%03tu %6tr %>a %Ss/%03Hs %a %Ss/%03Hs %h] [%a %Ss/%03Hs %a %Ss/%03Hs %h] [%a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %h" "%{User-Agent}>h" %Ss:%Sh DOC_END @@ -3862,7 +3864,7 @@ The relevant WCCPv2 flags: + src_ip_hash, dst_ip_hash - + source_port_hash, dest_port_hash + + source_port_hash, dst_port_hash + src_ip_alt_hash, dst_ip_alt_hash + src_port_alt_hash, dst_port_alt_hash + ports_source diff -ruN squid-2.6.STABLE20/src/client_side.c squid-2.6.STABLE21/src/client_side.c --- squid-2.6.STABLE20/src/client_side.c 2007-09-03 15:13:36.000000000 +0200 +++ squid-2.6.STABLE21/src/client_side.c 2008-06-27 23:06:39.000000000 +0200 @@ -1,6 +1,6 @@ /* - * $Id: client_side.c,v 1.693.2.20 2007/09/03 13:13:36 hno Exp $ + * $Id: client_side.c,v 1.693.2.22 2008/06/27 21:06:39 hno Exp $ * * DEBUG: section 33 Client-side Routines * AUTHOR: Duane Wessels @@ -816,6 +816,7 @@ entry = NULL; } if (entry) { + http->request->flags.collapsed = 1; /* Don't trust the store entry */ storeLockObject(entry); hit = 1; } else { @@ -1028,6 +1029,11 @@ } http->old_entry = NULL; /* done with old_entry */ http->old_sc = NULL; + if (http->request->flags.collapsed && !http->flags.hit && EBIT_TEST(entry->flags, RELEASE_REQUEST)) { + /* Collapsed request, but the entry is not good to be sent */ + clientProcessMiss(http); + return; + } assert(!EBIT_TEST(entry->flags, ENTRY_ABORTED)); if (recopy) { storeClientCopy(http->sc, entry, @@ -2318,6 +2324,13 @@ storeComplete(e); return; } + if (r->flags.collapsed && EBIT_TEST(e->flags, RELEASE_REQUEST)) { + /* collapsed_forwarding, but the joined request is not good + * to be cached.. + */ + clientProcessMiss(http); + return; + } /* * plain ol' cache hit */ @@ -2812,6 +2825,9 @@ err = errorCon(page_id, HTTP_FORBIDDEN, http->orig_request); storeClientUnregister(http->sc, http->entry, http); http->sc = NULL; + if (http->reply) + httpReplyDestroy(http->reply); + http->reply = NULL; storeUnlockObject(http->entry); http->log_type = LOG_TCP_DENIED; http->entry = clientCreateStoreEntry(http, http->request->method, @@ -3397,6 +3413,7 @@ debug(33, 4) ("clientProcessMiss: '%s %s'\n", RequestMethodStr[r->method], url); http->flags.hit = 0; + r->flags.collapsed = 0; /* * We might have a left-over StoreEntry from a failed cache hit * or IMS request. diff -ruN squid-2.6.STABLE20/src/comm.c squid-2.6.STABLE21/src/comm.c --- squid-2.6.STABLE20/src/comm.c 2007-04-17 11:39:56.000000000 +0200 +++ squid-2.6.STABLE21/src/comm.c 2008-06-27 23:11:59.000000000 +0200 @@ -1,6 +1,6 @@ /* - * $Id: comm.c,v 1.358.2.1 2007/04/17 09:39:56 hno Exp $ + * $Id: comm.c,v 1.358.2.2 2008/06/27 21:11:59 hno Exp $ * * DEBUG: section 5 Socket Functions * AUTHOR: Harvest Derived @@ -343,7 +343,6 @@ return 0; statCounter.syscalls.sock.sockets++; fd2 = socket(AF_INET, SOCK_STREAM, 0); - statCounter.syscalls.sock.sockets++; if (fd2 < 0) { debug(5, 0) ("commResetFD: socket: %s\n", xstrerror()); if (ENFILE == errno || EMFILE == errno) diff -ruN squid-2.6.STABLE20/src/dns_internal.c squid-2.6.STABLE21/src/dns_internal.c --- squid-2.6.STABLE20/src/dns_internal.c 2008-04-25 21:44:50.000000000 +0200 +++ squid-2.6.STABLE21/src/dns_internal.c 2008-06-27 23:11:33.000000000 +0200 @@ -1,6 +1,6 @@ /* - * $Id: dns_internal.c,v 1.61.2.3 2008/04/25 19:44:50 hno Exp $ + * $Id: dns_internal.c,v 1.61.2.5 2008/06/27 21:11:33 hno Exp $ * * DEBUG: section 78 DNS lookups; interacts with lib/rfc1035.c * AUTHOR: Duane Wessels @@ -98,6 +98,7 @@ int nsends; struct timeval start_t; struct timeval sent_t; + struct timeval queue_t; dlink_node lru; IDNSCB *callback; void *callback_data; @@ -605,7 +606,7 @@ q->buf, q->sz); q->nsends++; - q->sent_t = current_time; + q->queue_t = q->sent_t = current_time; if (x < 0) { debug(50, 1) ("idnsSendQuery: FD %d: sendto: %s\n", DnsSocket, xstrerror()); @@ -704,9 +705,8 @@ return; } if (n <= 0) { - debug(78, 2) ("idnsReadTcp: Short response for %s.\n", q->name); - dlinkDelete(&q->lru, &lru_list); - idnsSendQuery(q); + debug(78, 1) ("idnsReadTcp: Short response from nameserver %d for %s.\n", ns + 1, q->name); + idnsTcpCleanup(q); return; } fd_bytes(fd, n, FD_READ); @@ -733,8 +733,7 @@ if (errflag == COMM_ERR_CLOSING) return; if (errflag) { - dlinkDelete(&q->lru, &lru_list); - idnsSendQuery(q); + idnsTcpCleanup(q); return; } commSetSelect(q->tcp_socket, COMM_SELECT_READ, idnsReadTcp, q, 0); @@ -747,8 +746,9 @@ idns_query *q = data; short nsz; if (status != COMM_OK) { - dlinkDelete(&q->lru, &lru_list); - idnsSendQuery(q); + int ns = (q->nsends - 1) % nns; + debug(78, 1) ("idnsSendTcpQuery: Failed to connect to DNS server %d using TCP\n", ns + 1); + idnsTcpCleanup(q); return; } memBufInit(&buf, q->sz + 2, q->sz + 2); @@ -774,6 +774,7 @@ 0, COMM_NONBLOCKING, "DNS TCP Socket"); + q->queue_t = q->sent_t = current_time; dlinkAdd(q, &q->lru, &lru_list); commConnectStart(q->tcp_socket, inet_ntoa(nameservers[ns].S.sin_addr), @@ -837,7 +838,6 @@ return; } if (q->rcode == 3 && q->do_searchpath && q->attempt < MAX_ATTEMPT) { - assert(NULL == message->answer); strcpy(q->name, q->orig); if (q->domain < npc) { strcat(q->name, "."); @@ -934,16 +934,24 @@ dlink_node *p = NULL; idns_query *q; event_queued = 0; + if (0 == nns) + /* name servers went away; reconfiguring or shutting down */ + return; for (n = lru_list.tail; n; n = p) { - if (0 == nns) - /* name servers went away; reconfiguring or shutting down */ - break; + p = n->prev; q = n->data; - if (tvSubDsec(q->sent_t, current_time) < Config.Timeout.idns_retransmit * 1 << ((q->nsends - 1) / nns)) + /* Anything to process in the queue? */ + if (tvSubDsec(q->queue_t, current_time) < Config.Timeout.idns_retransmit) break; + /* Query timer expired? */ + if (tvSubDsec(q->sent_t, current_time) < Config.Timeout.idns_retransmit * 1 << ((q->nsends - 1) / nns)) { + dlinkDelete(&q->lru, &lru_list); + q->queue_t = current_time; + dlinkAdd(q, &q->lru, &lru_list); + continue; + } debug(78, 3) ("idnsCheckQueue: ID %#04x timeout\n", q->id); - p = n->prev; dlinkDelete(&q->lru, &lru_list); if (tvSubDsec(q->start_t, current_time) < Config.Timeout.idns_query) { idnsSendQuery(q); diff -ruN squid-2.6.STABLE20/src/neighbors.c squid-2.6.STABLE21/src/neighbors.c --- squid-2.6.STABLE20/src/neighbors.c 2008-04-21 04:56:24.000000000 +0200 +++ squid-2.6.STABLE21/src/neighbors.c 2008-06-27 23:53:17.000000000 +0200 @@ -1,6 +1,6 @@ /* - * $Id: neighbors.c,v 1.313.2.3 2008/04/21 02:56:24 hno Exp $ + * $Id: neighbors.c,v 1.313.2.7 2008/06/27 21:53:17 hno Exp $ * * DEBUG: section 15 Neighbor Routines * AUTHOR: Harvest Derived @@ -265,11 +265,16 @@ continue; if (!peerHTTPOkay(p, request)) continue; - if (p->weight == 1) { - if (q && q->rr_count < p->rr_count) - continue; - } else if (p->weight == 0 || (q && q->rr_count < (p->rr_count / p->weight))) { + if (p->weight == 0) continue; + + if (q) { + if (p->weight == q->weight) { + if (q->rr_count < p->rr_count) + continue; + } else if ((double) q->rr_count / q->weight < (double) p->rr_count / p->weight) { + continue; + } } q = p; } @@ -280,15 +285,30 @@ } /* This gets called every 5 minutes to clear the round-robin counter. */ +static void +peerClearRRLoop(void *data) +{ + peerClearRR(); + eventAdd("peerClearRR", peerClearRRLoop, data, 5 * 60.0, 0); +} + void -peerClearRR(void *data) +peerClearRRStart(void) { - peer *p = data; - p->rr_count -= p->rr_lastcount; - if (p->rr_count < 0) + static int event_added = 0; + if (!event_added) { + peerClearRRLoop(NULL); + } +} + +/* Actually clear the round-robin counter. */ +void +peerClearRR(void) +{ + peer *p = NULL; + for (p = Config.peers; p; p = p->next) { p->rr_count = 0; - p->rr_lastcount = p->rr_count; - eventAdd("peerClearRR", peerClearRR, p, 5 * 60.0, 0); + } } peer * @@ -692,6 +712,7 @@ debug(15, 1) ("Detected REVIVED %s: %s\n", neighborTypeStr(p), p->name); p->stats.logged_state = PEER_ALIVE; + peerClearRR(); } p->stats.last_reply = squid_curtime; p->stats.probe_start = 0; @@ -724,6 +745,7 @@ debug(15, 1) ("Detected REVIVED %s: %s\n", neighborTypeStr(p), p->name); p->stats.logged_state = PEER_ALIVE; + peerClearRR(); } p->stats.last_reply = squid_curtime; p->stats.probe_start = 0; @@ -975,12 +997,34 @@ safe_free(p->host); safe_free(p->name); safe_free(p->domain); + safe_free(p->login); #if USE_CACHE_DIGESTS if (p->digest) { PeerDigest *pd = p->digest; p->digest = NULL; cbdataUnlock(pd); } + safe_free(p->digest_url); +#endif + safe_free(p->monitor.url) +#if USE_SSL + safe_free(p->sslcert); + safe_free(p->sslkey); + safe_free(p->ssloptions); + safe_free(p->sslcipher); + safe_free(p->sslcafile); + safe_free(p->sslcapath); + safe_free(p->sslcrlfile); + safe_free(p->sslflags); + safe_free(p->ssldomain); + if (p->sslContext) { + SSL_CTX_free(p->sslContext); + p->sslContext = NULL; + } + if (p->sslSession) { + SSL_SESSION_free(p->sslSession); + p->sslSession = NULL; + } #endif } @@ -1086,6 +1130,7 @@ neighborTypeStr(p), p->name); peerMonitorNow(p); p->stats.logged_state = PEER_ALIVE; + peerClearRR(); if (!p->n_addresses) ipcache_nbgethostbyname(p->host, peerDNSConfigure, p); } diff -ruN squid-2.6.STABLE20/src/peer_monitor.c squid-2.6.STABLE21/src/peer_monitor.c --- squid-2.6.STABLE20/src/peer_monitor.c 2008-01-23 11:26:18.000000000 +0100 +++ squid-2.6.STABLE21/src/peer_monitor.c 2008-06-27 23:07:15.000000000 +0200 @@ -1,6 +1,6 @@ /* - * $Id: peer_monitor.c,v 1.3.2.2 2008/01/23 10:26:18 hno Exp $ + * $Id: peer_monitor.c,v 1.3.2.3 2008/06/27 21:07:15 hno Exp $ * * DEBUG: section ?? Peer monitoring * AUTHOR: Henrik Nordstrom @@ -213,6 +213,7 @@ case PEER_ALIVE: debug(DBG, 1) ("Detected REVIVED %s: %s\n", neighborTypeStr(p), p->name); + peerClearRR(); break; case PEER_DEAD: debug(DBG, 1) ("Detected DEAD %s: %s\n", diff -ruN squid-2.6.STABLE20/src/protos.h squid-2.6.STABLE21/src/protos.h --- squid-2.6.STABLE20/src/protos.h 2007-07-15 11:52:17.000000000 +0200 +++ squid-2.6.STABLE21/src/protos.h 2008-06-27 23:53:17.000000000 +0200 @@ -1,6 +1,6 @@ /* - * $Id: protos.h,v 1.520.2.3 2007/07/15 09:52:17 hno Exp $ + * $Id: protos.h,v 1.520.2.5 2008/06/27 21:53:17 hno Exp $ * * * SQUID Web Proxy Cache http://www.squid-cache.org/ @@ -668,7 +668,8 @@ extern peer *peerFindByNameAndPort(const char *, unsigned short); extern peer *getDefaultParent(request_t * request); extern peer *getRoundRobinParent(request_t * request); -EVH peerClearRR; +extern void peerClearRRStart(void); +extern void peerClearRR(void); extern peer *getAnyParent(request_t * request); extern lookup_t peerDigestLookup(peer * p, request_t * request); extern peer *neighborsDigestSelect(request_t * request); diff -ruN squid-2.6.STABLE20/src/store.c squid-2.6.STABLE21/src/store.c --- squid-2.6.STABLE20/src/store.c 2007-08-31 15:51:27.000000000 +0200 +++ squid-2.6.STABLE21/src/store.c 2008-06-27 23:10:39.000000000 +0200 @@ -1,6 +1,6 @@ /* - * $Id: store.c,v 1.570.2.4 2007/08/31 13:51:27 hno Exp $ + * $Id: store.c,v 1.570.2.5 2008/06/27 21:10:39 hno Exp $ * * DEBUG: section 20 Storage Manager * AUTHOR: Harvest Derived @@ -1556,9 +1556,9 @@ { long int i; /* Calculate size of hash table (maximum currently 64k buckets). */ - i = Config.Swap.maxSize / Config.Store.avgObjectSize; - debug(20, 1) ("Swap maxSize %lu KB, estimated %ld objects\n", - (unsigned long int) Config.Swap.maxSize, i); + i = (Config.Swap.maxSize + (Config.memMaxSize >> 10)) / Config.Store.avgObjectSize; + debug(20, 1) ("Swap maxSize %lu + %lu KB, estimated %ld objects\n", + (unsigned long int) Config.Swap.maxSize, (Config.memMaxSize >> 10), i); i /= Config.Store.objectsPerBucket; debug(20, 1) ("Target number of buckets: %ld\n", i); /* ideally the full scan period should be configurable, for the diff -ruN squid-2.6.STABLE20/src/structs.h squid-2.6.STABLE21/src/structs.h --- squid-2.6.STABLE20/src/structs.h 2008-04-21 04:56:24.000000000 +0200 +++ squid-2.6.STABLE21/src/structs.h 2008-06-27 23:07:15.000000000 +0200 @@ -1,6 +1,6 @@ /* - * $Id: structs.h,v 1.507.2.10 2008/04/21 02:56:24 hno Exp $ + * $Id: structs.h,v 1.507.2.11 2008/06/27 21:07:15 hno Exp $ * * * SQUID Web Proxy Cache http://www.squid-cache.org/ @@ -1465,7 +1465,6 @@ struct in_addr addresses[10]; int n_addresses; int rr_count; - int rr_lastcount; peer *next; int test_fd; #if USE_CARP diff -ruN squid-2.6.STABLE20/src/tools.c squid-2.6.STABLE21/src/tools.c --- squid-2.6.STABLE20/src/tools.c 2008-01-02 18:06:50.000000000 +0100 +++ squid-2.6.STABLE21/src/tools.c 2008-06-27 23:02:06.000000000 +0200 @@ -1,6 +1,6 @@ /* - * $Id: tools.c,v 1.250.2.4 2008/01/02 17:06:50 hno Exp $ + * $Id: tools.c,v 1.250.2.5 2008/06/27 21:02:06 hno Exp $ * * DEBUG: section 21 Misc Functions * AUTHOR: Harvest Derived @@ -1337,15 +1337,18 @@ restoreCapabilities(int keep) { #if defined(_SQUID_LINUX_) && HAVE_SYS_CAPABILITY_H - cap_user_header_t head = (cap_user_header_t) xcalloc(1, sizeof(cap_user_header_t)); - cap_user_data_t cap = (cap_user_data_t) xcalloc(1, sizeof(cap_user_data_t)); +#ifndef _LINUX_CAPABILITY_VERSION_1 +#define _LINUX_CAPABILITY_VERSION_1 _LINUX_CAPABILITY_VERSION +#endif + cap_user_header_t head = xcalloc(1, sizeof(*head)); + cap_user_data_t cap = xcalloc(1, sizeof(*cap)); - head->version = _LINUX_CAPABILITY_VERSION; + head->version = _LINUX_CAPABILITY_VERSION_1; if (capget(head, cap) != 0) { debug(50, 1) ("Can't get current capabilities\n"); goto nocap; } - if (head->version != _LINUX_CAPABILITY_VERSION) { + if (head->version != _LINUX_CAPABILITY_VERSION_1) { debug(50, 1) ("Invalid capability version %d (expected %d)\n", head->version, _LINUX_CAPABILITY_VERSION); goto nocap; }