diff -ruN squid-2.6.STABLE16/ChangeLog squid-2.6.STABLE17/ChangeLog
--- squid-2.6.STABLE16/ChangeLog Wed Sep 5 16:06:14 2007
+++ squid-2.6.STABLE17/ChangeLog Mon Nov 26 06:36:10 2007
@@ -1,3 +1,42 @@
+Changes to squid-2.6.STABLE17 (26 Nov 2007)
+
+ - Fix compile error with old GCC 2.x or other ANSI-C compilers before
+ C99
+ - Mention the login= cache_peer option in release notes
+ - Fix bad cache_peer example in squid.conf
+ - Bug #2086: Fix a compile-time memory corruption error causing cf_gen
+ to fail
+ - Bug #2048: Clarify high_memory_warning usage
+ - Reject DNS responses which result in no data
+ - Fix version number in configuration manual
+ - Move cache and request/reply_header_max_size to their proper
+ sections
+ - Bug #2088: sbrk statistics broken when process size >2GB
+ - Move logopen() much earlier to have fatal startup errors sent to the
+ proper syslog facility
+ - Fix HTTP/0.9 responses
+ - Correct bad example config for tos_outgoing_tos
+ - Fix grammar in description of mail_program squid.conf option
+ - Ignore Content-Length in chunked responses instead of rejecting the
+ response as invalid
+ - Documented that http_port no longer have a default
+ - Cleanup of cache digest documentation
+ - Make aufs store rebuilding back off a little if I/O load too high
+ - Bug #2100: Respect DNS ttl=0
+ - Update udp_(incoming|outgoing)_address documentation to reflect
+ current bahaviour.
+ - Update HTCP documentation
+ - Document the overlapping helper request format
+ - Change priority of proxy auth and extacl provided username in
+ login=*:pass
+ - pack header entries on cache updates
+ - Make squid_db_auth reopen the database connection on each query by
+ default
+ - Improve helper debug ouput, including the channel number
+ - Update cachePeerEntry MIB description to mention what is used as
+ index key
+ - Import squid_radius_auth for authenticating to RADIUS
+
Changes to squid-2.6.STABLE16 (5 Sep 2007)
- Test for sys/capability.h linux include file to avoid failing on
diff -ruN squid-2.6.STABLE16/RELEASENOTES.html squid-2.6.STABLE17/RELEASENOTES.html
--- squid-2.6.STABLE16/RELEASENOTES.html Wed Sep 5 16:26:15 2007
+++ squid-2.6.STABLE17/RELEASENOTES.html Mon Nov 26 06:40:06 2007
@@ -2,12 +2,12 @@
- Squid 2.6.STABLE16 release notes
+ Squid 2.6.STABLE17 release notes
-Squid 2.6.STABLE16 release notes
+Squid 2.6.STABLE17 release notes
-Squid Developers
$Id: release-2.6.html,v 1.44.2.13 2007/09/05 22:25:23 hno Exp $
+Squid Developers
$Id: release-2.6.html,v 1.44.2.15 2007/11/26 13:34:35 hno Exp $
This document contains the release notes for version 2.6 of Squid.
Squid is a WWW Cache application developed by the Web Caching community.
@@ -75,6 +75,9 @@
+
+
+
@@ -153,7 +156,7 @@
-- http_port
Now takes a list of options in addition to the port address, specifying the purpose of this http_port. Default is plain Internet proxy as usual.
+- http_port
Now takes a list of options in addition to the port address, specifying the purpose of this http_port. Default is plain Internet proxy as usual. Also there is no longer a default port and you must include a http_port directive in your squid.conf if you want Squid to listen for http requests.
- httpd_accel_* for transparent proxy
Now implemented by the "transparent" http_port option
- httpd_accel_* for accelerator mode
Now implemented by other options and the http_port accel option. See individual directives below.
- httpd_accel_host
Replaced by defaultsite http_port option and cache_peer originserver option.
@@ -207,6 +210,7 @@
- check_hostnames
Control if Squid should check the sanity of host names before trying to look them up in DNS
- allow_underscores
Control if _ is to be considered a valid character in hostnames or not
- cache_peer carp-load-factor
Option removed. CARP now uses the weight parameter instead.
+- cache_peer login=
Controls how Squid forwards login information to peer caches and servers.
@@ -737,6 +741,21 @@
linux systems missing libcap
More squid.conf reordering to get the dependencies between options
sorted proper
+See also the list of
+squid-2.6.STABLE16 changes and the
+ChangeLog file for details.
+
+
+
+
+
+
+
+- A temporary memory leak fixed on cache updates
+- New squid_radius_auth RADIUS authentication helper
+- Documentation cleanups
+- Code cleanups and portability fixes
+- Several minor bugfixes
- See also the list of
squid-2.6.STABLE16 changes and the
ChangeLog file for details.
diff -ruN squid-2.6.STABLE16/configure squid-2.6.STABLE17/configure
--- squid-2.6.STABLE16/configure Wed Sep 5 16:25:42 2007
+++ squid-2.6.STABLE17/configure Mon Nov 26 06:39:31 2007
@@ -1,7 +1,7 @@
#! /bin/sh
-# From configure.in Revision: 1.416.2.20 .
+# From configure.in Revision: 1.416.2.22 .
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.61 for Squid Web Proxy 2.6.STABLE16.
+# Generated by GNU Autoconf 2.61 for Squid Web Proxy 2.6.STABLE17.
#
# Report bugs to .
#
@@ -575,8 +575,8 @@
# Identity of this package.
PACKAGE_NAME='Squid Web Proxy'
PACKAGE_TARNAME='squid'
-PACKAGE_VERSION='2.6.STABLE16'
-PACKAGE_STRING='Squid Web Proxy 2.6.STABLE16'
+PACKAGE_VERSION='2.6.STABLE17'
+PACKAGE_STRING='Squid Web Proxy 2.6.STABLE17'
PACKAGE_BUGREPORT='http://www.squid-cache.org/bugs/'
ac_default_prefix=/usr/local/squid
@@ -1314,7 +1314,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures Squid Web Proxy 2.6.STABLE16 to adapt to many kinds of systems.
+\`configure' configures Squid Web Proxy 2.6.STABLE17 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1384,7 +1384,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of Squid Web Proxy 2.6.STABLE16:";;
+ short | recursive ) echo "Configuration of Squid Web Proxy 2.6.STABLE17:";;
esac
cat <<\_ACEOF
@@ -1662,7 +1662,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-Squid Web Proxy configure 2.6.STABLE16
+Squid Web Proxy configure 2.6.STABLE17
generated by GNU Autoconf 2.61
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
@@ -1676,7 +1676,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by Squid Web Proxy $as_me 2.6.STABLE16, which was
+It was created by Squid Web Proxy $as_me 2.6.STABLE17, which was
generated by GNU Autoconf 2.61. Invocation command line was
$ $0 $@
@@ -2349,7 +2349,7 @@
# Define the identity of the package.
PACKAGE='squid'
- VERSION='2.6.STABLE16'
+ VERSION='2.6.STABLE17'
cat >>confdefs.h <<_ACEOF
@@ -26605,7 +26605,7 @@
-ac_config_files="$ac_config_files Makefile lib/Makefile scripts/Makefile scripts/RunCache src/Makefile src/fs/Makefile src/repl/Makefile src/auth/Makefile contrib/Makefile snmplib/Makefile icons/Makefile errors/Makefile doc/Makefile helpers/Makefile helpers/basic_auth/Makefile helpers/basic_auth/LDAP/Makefile helpers/basic_auth/MSNT/Makefile helpers/basic_auth/NCSA/Makefile helpers/basic_auth/PAM/Makefile helpers/basic_auth/SMB/Makefile helpers/basic_auth/YP/Makefile helpers/basic_auth/getpwnam/Makefile helpers/basic_auth/mswin_sspi/Makefile helpers/basic_auth/multi-domain-NTLM/Makefile helpers/basic_auth/SASL/Makefile helpers/basic_auth/POP3/Makefile helpers/basic_auth/DB/Makefile helpers/digest_auth/Makefile helpers/digest_auth/password/Makefile helpers/digest_auth/ldap/Makefile helpers/digest_auth/eDirectory/Makefile helpers/ntlm_auth/Makefile helpers/ntlm_auth/fakeauth/Makefile helpers/ntlm_auth/mswin_sspi/Makefile helpers/ntlm_auth/no_check/Makefile helpers/ntlm_auth/SMB/Makefile helpers/ntlm_auth/SMB/smbval/Makefile helpers/negotiate_auth/Makefile helpers/negotiate_auth/mswin_sspi/Makefile helpers/negotiate_auth/squid_kerb_auth/Makefile helpers/external_acl/Makefile helpers/external_acl/ip_user/Makefile helpers/external_acl/ldap_group/Makefile helpers/external_acl/mswin_lm_group/Makefile helpers/external_acl/session/Makefile helpers/external_acl/unix_group/Makefile helpers/external_acl/wbinfo_group/Makefile tools/Makefile"
+ac_config_files="$ac_config_files Makefile lib/Makefile scripts/Makefile scripts/RunCache src/Makefile src/fs/Makefile src/repl/Makefile src/auth/Makefile contrib/Makefile snmplib/Makefile icons/Makefile errors/Makefile doc/Makefile helpers/Makefile helpers/basic_auth/Makefile helpers/basic_auth/LDAP/Makefile helpers/basic_auth/MSNT/Makefile helpers/basic_auth/NCSA/Makefile helpers/basic_auth/PAM/Makefile helpers/basic_auth/SMB/Makefile helpers/basic_auth/YP/Makefile helpers/basic_auth/getpwnam/Makefile helpers/basic_auth/mswin_sspi/Makefile helpers/basic_auth/multi-domain-NTLM/Makefile helpers/basic_auth/SASL/Makefile helpers/basic_auth/POP3/Makefile helpers/basic_auth/DB/Makefile helpers/basic_auth/squid_radius_auth/Makefile helpers/digest_auth/Makefile helpers/digest_auth/password/Makefile helpers/digest_auth/ldap/Makefile helpers/digest_auth/eDirectory/Makefile helpers/ntlm_auth/Makefile helpers/ntlm_auth/fakeauth/Makefile helpers/ntlm_auth/mswin_sspi/Makefile helpers/ntlm_auth/no_check/Makefile helpers/ntlm_auth/SMB/Makefile helpers/ntlm_auth/SMB/smbval/Makefile helpers/negotiate_auth/Makefile helpers/negotiate_auth/mswin_sspi/Makefile helpers/negotiate_auth/squid_kerb_auth/Makefile helpers/external_acl/Makefile helpers/external_acl/ip_user/Makefile helpers/external_acl/ldap_group/Makefile helpers/external_acl/mswin_lm_group/Makefile helpers/external_acl/session/Makefile helpers/external_acl/unix_group/Makefile helpers/external_acl/wbinfo_group/Makefile tools/Makefile"
cat >confcache <<\_ACEOF
# This file is a shell script that caches the results of configure
@@ -27276,7 +27276,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by Squid Web Proxy $as_me 2.6.STABLE16, which was
+This file was extended by Squid Web Proxy $as_me 2.6.STABLE17, which was
generated by GNU Autoconf 2.61. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -27329,7 +27329,7 @@
_ACEOF
cat >>$CONFIG_STATUS <<_ACEOF
ac_cs_version="\\
-Squid Web Proxy config.status 2.6.STABLE16
+Squid Web Proxy config.status 2.6.STABLE17
configured by $0, generated by GNU Autoconf 2.61,
with options \\"`echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\"
@@ -27471,6 +27471,7 @@
"helpers/basic_auth/SASL/Makefile") CONFIG_FILES="$CONFIG_FILES helpers/basic_auth/SASL/Makefile" ;;
"helpers/basic_auth/POP3/Makefile") CONFIG_FILES="$CONFIG_FILES helpers/basic_auth/POP3/Makefile" ;;
"helpers/basic_auth/DB/Makefile") CONFIG_FILES="$CONFIG_FILES helpers/basic_auth/DB/Makefile" ;;
+ "helpers/basic_auth/squid_radius_auth/Makefile") CONFIG_FILES="$CONFIG_FILES helpers/basic_auth/squid_radius_auth/Makefile" ;;
"helpers/digest_auth/Makefile") CONFIG_FILES="$CONFIG_FILES helpers/digest_auth/Makefile" ;;
"helpers/digest_auth/password/Makefile") CONFIG_FILES="$CONFIG_FILES helpers/digest_auth/password/Makefile" ;;
"helpers/digest_auth/ldap/Makefile") CONFIG_FILES="$CONFIG_FILES helpers/digest_auth/ldap/Makefile" ;;
diff -ruN squid-2.6.STABLE16/configure.in squid-2.6.STABLE17/configure.in
--- squid-2.6.STABLE16/configure.in Wed Sep 5 16:25:42 2007
+++ squid-2.6.STABLE17/configure.in Mon Nov 26 06:39:31 2007
@@ -1,16 +1,16 @@
dnl
dnl Configuration input file for Squid
dnl
-dnl $Id: configure.in,v 1.416.2.20 2007/09/05 22:06:14 hno Exp $
+dnl $Id: configure.in,v 1.416.2.22 2007/11/26 13:34:35 hno Exp $
dnl
dnl
dnl
-AC_INIT(Squid Web Proxy, 2.6.STABLE16, http://www.squid-cache.org/bugs/, squid)
+AC_INIT(Squid Web Proxy, 2.6.STABLE17, http://www.squid-cache.org/bugs/, squid)
AC_PREREQ(2.52)
AM_CONFIG_HEADER(include/autoconf.h)
AC_CONFIG_AUX_DIR(cfgaux)
AM_INIT_AUTOMAKE
-AC_REVISION($Revision: 1.416.2.20 $)dnl
+AC_REVISION($Revision: 1.416.2.22 $)dnl
AC_PREFIX_DEFAULT(/usr/local/squid)
AM_MAINTAINER_MODE
@@ -3193,6 +3193,7 @@
helpers/basic_auth/SASL/Makefile \
helpers/basic_auth/POP3/Makefile \
helpers/basic_auth/DB/Makefile \
+ helpers/basic_auth/squid_radius_auth/Makefile \
helpers/digest_auth/Makefile \
helpers/digest_auth/password/Makefile \
helpers/digest_auth/ldap/Makefile \
diff -ruN squid-2.6.STABLE16/helpers/basic_auth/DB/squid_db_auth.in squid-2.6.STABLE17/helpers/basic_auth/DB/squid_db_auth.in
--- squid-2.6.STABLE16/helpers/basic_auth/DB/squid_db_auth.in Fri Aug 31 07:47:03 2007
+++ squid-2.6.STABLE17/helpers/basic_auth/DB/squid_db_auth.in Mon Nov 26 04:06:52 2007
@@ -21,6 +21,7 @@
my $db_passwdcol = "password";
my $db_cond = "enabled = 1";
my $plaintext = 0;
+my $persist = 0;
=pod
@@ -66,6 +67,10 @@
Database contains plain-text passwords
+=item B<--persist>
+
+Keep a persistent database connection open between queries.
+
=back
=cut
@@ -79,13 +84,30 @@
'passwdcol=s' => \$db_passwdcol,
'cond=s' => \$db_cond,
'plaintext' => \$plaintext,
+ 'persist' => \$persist,
);
-my $dbh = DBI->connect($dsn, $db_user, $db_passwd) || die ("Could not connect to $dsn\n");
+my ($_dbh, $_sth);
-my ($sth) = $dbh->prepare("SELECT $db_passwdcol FROM $db_table WHERE $db_usercol = ?" . ($db_cond ne "" ? " AND $db_cond" : "")) || die;
+sub close_db()
+{
+ return if !defined($_dbh);
+ $_dbh->disconnect();
+ undef $_dbh;
+ undef $_sth;
+}
-my $status;
+sub open_db()
+{
+ return $_sth if defined $_sth;
+ $_dbh = DBI->connect($dsn, $db_user, $db_passwd);
+ if (!defined $_dbh) {
+ warn ("Could not connect to $dsn\n");
+ return undef;
+ }
+ $_sth = $_dbh->prepare("SELECT $db_passwdcol FROM $db_table WHERE $db_usercol = ?" . ($db_cond ne "" ? " AND $db_cond" : "")) || die;
+ return $_sth;
+}
sub check_password($$)
{
@@ -97,20 +119,34 @@
return 0;
}
+
+sub query_db($) {
+ my ($user) = @_;
+ my ($sth) = open_db() || return undef;
+ if (!$sth->execute($user)) {
+ close_db();
+ open_db() || return undef;
+ $sth->execute($user) || return undef;;
+ }
+ return $sth;
+}
+my $status;
+
while (<>) {
my ($user, $password) = split;
$status = "ERR";
$user =~ s/%(..)/pack("H*", $1)/ge;
$password =~ s/%(..)/pack("H*", $1)/ge;
- $status = "ERR internal error";
- $sth->execute($user) || next;
+ $status = "ERR database error";
+ my $sth = query_db($user) || next;
$status = "ERR unknown login";
- my ($row) = $sth->fetchrow_arrayref() || next;
+ my $row = $sth->fetchrow_arrayref() || next;
$status = "ERR login failure";
next if (!check_password($password, @$row[0]));
$status = "OK";
} continue {
+ close_db() if (!$persist);
print $status . "\n";
}
diff -ruN squid-2.6.STABLE16/helpers/basic_auth/Makefile.am squid-2.6.STABLE17/helpers/basic_auth/Makefile.am
--- squid-2.6.STABLE16/helpers/basic_auth/Makefile.am Mon Jun 25 17:37:09 2007
+++ squid-2.6.STABLE17/helpers/basic_auth/Makefile.am Mon Nov 26 04:18:47 2007
@@ -1,7 +1,7 @@
# Makefile for storage modules in the Squid Object Cache server
#
-# $Id: Makefile.am,v 1.6.2.2 2007/06/25 23:37:09 hno Exp $
+# $Id: Makefile.am,v 1.6.2.3 2007/11/26 11:18:47 adrian Exp $
#
-DIST_SUBDIRS = getpwnam LDAP MSNT multi-domain-NTLM NCSA PAM SMB YP SASL mswin_sspi POP3 DB
+DIST_SUBDIRS = getpwnam LDAP MSNT multi-domain-NTLM NCSA PAM SMB YP SASL mswin_sspi POP3 DB squid_radius_auth
SUBDIRS = @BASIC_AUTH_HELPERS@
diff -ruN squid-2.6.STABLE16/helpers/basic_auth/Makefile.in squid-2.6.STABLE17/helpers/basic_auth/Makefile.in
--- squid-2.6.STABLE16/helpers/basic_auth/Makefile.in Sun Aug 12 06:40:47 2007
+++ squid-2.6.STABLE17/helpers/basic_auth/Makefile.in Mon Nov 26 04:23:17 2007
@@ -16,7 +16,7 @@
# Makefile for storage modules in the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.39.2.4 2007/08/12 12:40:47 hno Exp $
+# $Id: Makefile.in,v 1.39.2.5 2007/11/26 11:23:17 hno Exp $
#
srcdir = @srcdir@
top_srcdir = @top_srcdir@
@@ -246,7 +246,7 @@
sharedstatedir = @sharedstatedir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
-DIST_SUBDIRS = getpwnam LDAP MSNT multi-domain-NTLM NCSA PAM SMB YP SASL mswin_sspi POP3 DB
+DIST_SUBDIRS = getpwnam LDAP MSNT multi-domain-NTLM NCSA PAM SMB YP SASL mswin_sspi POP3 DB squid_radius_auth
SUBDIRS = @BASIC_AUTH_HELPERS@
all: all-recursive
diff -ruN squid-2.6.STABLE16/helpers/basic_auth/squid_radius_auth/Makefile.am squid-2.6.STABLE17/helpers/basic_auth/squid_radius_auth/Makefile.am
--- squid-2.6.STABLE16/helpers/basic_auth/squid_radius_auth/Makefile.am Wed Dec 31 17:00:00 1969
+++ squid-2.6.STABLE17/helpers/basic_auth/squid_radius_auth/Makefile.am Mon Nov 26 04:18:47 2007
@@ -0,0 +1,18 @@
+#
+# Makefile for the Squid LDAP authentication helper
+#
+# $Id: Makefile.am,v 1.2.2.1 2007/11/26 11:18:47 adrian Exp $
+#
+# Uncomment and customize the following to suit your needs:
+#
+
+libexec_PROGRAMS = squid_radius_auth
+man_MANS = squid_radius_auth.8
+EXTRA_DIST = squid_radius_auth.8
+squid_radius_auth_SOURCES = \
+ squid_rad_auth.c \
+ radius.h \
+ util.c util.h
+
+LDADD = -L$(top_builddir)/lib -lmiscutil $(SSLLIB) $(XTRA_LIBS)
+INCLUDES = -I$(top_srcdir)/include
diff -ruN squid-2.6.STABLE16/helpers/basic_auth/squid_radius_auth/Makefile.in squid-2.6.STABLE17/helpers/basic_auth/squid_radius_auth/Makefile.in
--- squid-2.6.STABLE16/helpers/basic_auth/squid_radius_auth/Makefile.in Wed Dec 31 17:00:00 1969
+++ squid-2.6.STABLE17/helpers/basic_auth/squid_radius_auth/Makefile.in Mon Nov 26 04:23:19 2007
@@ -0,0 +1,577 @@
+# Makefile.in generated by automake 1.9.6 from Makefile.am.
+# @configure_input@
+
+# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
+# 2003, 2004, 2005 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+@SET_MAKE@
+
+#
+# Makefile for the Squid LDAP authentication helper
+#
+# $Id: Makefile.in,v 1.6.2.2 2007/11/26 11:23:19 hno Exp $
+#
+# Uncomment and customize the following to suit your needs:
+#
+
+srcdir = @srcdir@
+top_srcdir = @top_srcdir@
+VPATH = @srcdir@
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+top_builddir = ../../..
+am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
+INSTALL = @INSTALL@
+install_sh_DATA = $(install_sh) -c -m 644
+install_sh_PROGRAM = $(install_sh) -c
+install_sh_SCRIPT = $(install_sh) -c
+INSTALL_HEADER = $(INSTALL_DATA)
+transform = $(program_transform_name)
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+build_triplet = @build@
+host_triplet = @host@
+libexec_PROGRAMS = squid_radius_auth$(EXEEXT)
+subdir = helpers/basic_auth/squid_radius_auth
+DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in
+ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
+am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \
+ $(top_srcdir)/configure.in
+am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
+ $(ACLOCAL_M4)
+mkinstalldirs = $(install_sh) -d
+CONFIG_HEADER = $(top_builddir)/include/autoconf.h
+CONFIG_CLEAN_FILES =
+am__installdirs = "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(man8dir)"
+libexecPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
+PROGRAMS = $(libexec_PROGRAMS)
+am_squid_radius_auth_OBJECTS = squid_rad_auth.$(OBJEXT) util.$(OBJEXT)
+squid_radius_auth_OBJECTS = $(am_squid_radius_auth_OBJECTS)
+squid_radius_auth_LDADD = $(LDADD)
+am__DEPENDENCIES_1 =
+squid_radius_auth_DEPENDENCIES = $(am__DEPENDENCIES_1) \
+ $(am__DEPENDENCIES_1)
+DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir)/include
+depcomp = $(SHELL) $(top_srcdir)/cfgaux/depcomp
+am__depfiles_maybe = depfiles
+COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
+ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CCLD = $(CC)
+LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
+SOURCES = $(squid_radius_auth_SOURCES)
+DIST_SOURCES = $(squid_radius_auth_SOURCES)
+man8dir = $(mandir)/man8
+NROFF = nroff
+MANS = $(man_MANS)
+ETAGS = etags
+CTAGS = ctags
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ACLOCAL = @ACLOCAL@
+ALLOCA = @ALLOCA@
+AMDEP_FALSE = @AMDEP_FALSE@
+AMDEP_TRUE = @AMDEP_TRUE@
+AMTAR = @AMTAR@
+AR = @AR@
+AR_R = @AR_R@
+AUTH_LIBS = @AUTH_LIBS@
+AUTH_MODULES = @AUTH_MODULES@
+AUTH_OBJS = @AUTH_OBJS@
+AUTOCONF = @AUTOCONF@
+AUTOHEADER = @AUTOHEADER@
+AUTOMAKE = @AUTOMAKE@
+AWK = @AWK@
+BASIC_AUTH_HELPERS = @BASIC_AUTH_HELPERS@
+CACHE_HTTP_PORT = @CACHE_HTTP_PORT@
+CACHE_ICP_PORT = @CACHE_ICP_PORT@
+CC = @CC@
+CCDEPMODE = @CCDEPMODE@
+CFLAGS = @CFLAGS@
+CGIEXT = @CGIEXT@
+CPP = @CPP@
+CPPFLAGS = @CPPFLAGS@
+CRYPTLIB = @CRYPTLIB@
+CYGPATH_W = @CYGPATH_W@
+DEFS = @DEFS@
+DEPDIR = @DEPDIR@
+DIGEST_AUTH_HELPERS = @DIGEST_AUTH_HELPERS@
+ECHO_C = @ECHO_C@
+ECHO_N = @ECHO_N@
+ECHO_T = @ECHO_T@
+EGREP = @EGREP@
+ENABLE_HTCP_FALSE = @ENABLE_HTCP_FALSE@
+ENABLE_HTCP_TRUE = @ENABLE_HTCP_TRUE@
+ENABLE_MINGW32SPECIFIC_FALSE = @ENABLE_MINGW32SPECIFIC_FALSE@
+ENABLE_MINGW32SPECIFIC_TRUE = @ENABLE_MINGW32SPECIFIC_TRUE@
+ENABLE_PINGER_FALSE = @ENABLE_PINGER_FALSE@
+ENABLE_PINGER_TRUE = @ENABLE_PINGER_TRUE@
+ENABLE_SSL_FALSE = @ENABLE_SSL_FALSE@
+ENABLE_SSL_TRUE = @ENABLE_SSL_TRUE@
+ENABLE_UNLINKD_FALSE = @ENABLE_UNLINKD_FALSE@
+ENABLE_UNLINKD_TRUE = @ENABLE_UNLINKD_TRUE@
+ENABLE_WIN32SPECIFIC_FALSE = @ENABLE_WIN32SPECIFIC_FALSE@
+ENABLE_WIN32SPECIFIC_TRUE = @ENABLE_WIN32SPECIFIC_TRUE@
+ERR_DEFAULT_LANGUAGE = @ERR_DEFAULT_LANGUAGE@
+ERR_LANGUAGES = @ERR_LANGUAGES@
+EXEEXT = @EXEEXT@
+EXTERNAL_ACL_HELPERS = @EXTERNAL_ACL_HELPERS@
+FALSE = @FALSE@
+GREP = @GREP@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+LDFLAGS = @LDFLAGS@
+LIBDLMALLOC = @LIBDLMALLOC@
+LIBOBJS = @LIBOBJS@
+LIBREGEX = @LIBREGEX@
+LIBS = @LIBS@
+LIBSASL = @LIBSASL@
+LIB_DB = @LIB_DB@
+LIB_EPOLL = @LIB_EPOLL@
+LIB_LBER = @LIB_LBER@
+LIB_LDAP = @LIB_LDAP@
+LIB_MALLOC = @LIB_MALLOC@
+LN = @LN@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+MAINT = @MAINT@
+MAINTAINER_MODE_FALSE = @MAINTAINER_MODE_FALSE@
+MAINTAINER_MODE_TRUE = @MAINTAINER_MODE_TRUE@
+MAKEINFO = @MAKEINFO@
+MAKE_LEAKFINDER_FALSE = @MAKE_LEAKFINDER_FALSE@
+MAKE_LEAKFINDER_TRUE = @MAKE_LEAKFINDER_TRUE@
+MKDIR = @MKDIR@
+MV = @MV@
+NEED_COSSDUMP_FALSE = @NEED_COSSDUMP_FALSE@
+NEED_COSSDUMP_TRUE = @NEED_COSSDUMP_TRUE@
+NEED_DISKD_FALSE = @NEED_DISKD_FALSE@
+NEED_DISKD_TRUE = @NEED_DISKD_TRUE@
+NEED_OWN_MD5_FALSE = @NEED_OWN_MD5_FALSE@
+NEED_OWN_MD5_TRUE = @NEED_OWN_MD5_TRUE@
+NEED_OWN_SNPRINTF_FALSE = @NEED_OWN_SNPRINTF_FALSE@
+NEED_OWN_SNPRINTF_TRUE = @NEED_OWN_SNPRINTF_TRUE@
+NEED_OWN_STRSEP_FALSE = @NEED_OWN_STRSEP_FALSE@
+NEED_OWN_STRSEP_TRUE = @NEED_OWN_STRSEP_TRUE@
+NEGOTIATE_AUTH_HELPERS = @NEGOTIATE_AUTH_HELPERS@
+NTLM_AUTH_HELPERS = @NTLM_AUTH_HELPERS@
+OBJEXT = @OBJEXT@
+OPT_DEFAULT_HOSTS = @OPT_DEFAULT_HOSTS@
+PACKAGE = @PACKAGE@
+PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
+PACKAGE_NAME = @PACKAGE_NAME@
+PACKAGE_STRING = @PACKAGE_STRING@
+PACKAGE_TARNAME = @PACKAGE_TARNAME@
+PACKAGE_VERSION = @PACKAGE_VERSION@
+PATH_SEPARATOR = @PATH_SEPARATOR@
+PERL = @PERL@
+PKGCONFIG = @PKGCONFIG@
+RANLIB = @RANLIB@
+REGEXLIB = @REGEXLIB@
+REPL_LIBS = @REPL_LIBS@
+REPL_OBJS = @REPL_OBJS@
+REPL_POLICIES = @REPL_POLICIES@
+RM = @RM@
+SET_MAKE = @SET_MAKE@
+SH = @SH@
+SHELL = @SHELL@
+SNMPLIB = @SNMPLIB@
+SSLLIB = @SSLLIB@
+STORE_LIBS = @STORE_LIBS@
+STORE_MODULES = @STORE_MODULES@
+STORE_OBJS = @STORE_OBJS@
+STRIP = @STRIP@
+TRUE = @TRUE@
+USE_AIOPS_WIN32_FALSE = @USE_AIOPS_WIN32_FALSE@
+USE_AIOPS_WIN32_TRUE = @USE_AIOPS_WIN32_TRUE@
+USE_DELAY_POOLS_FALSE = @USE_DELAY_POOLS_FALSE@
+USE_DELAY_POOLS_TRUE = @USE_DELAY_POOLS_TRUE@
+USE_DEVPOLL_FALSE = @USE_DEVPOLL_FALSE@
+USE_DEVPOLL_TRUE = @USE_DEVPOLL_TRUE@
+USE_DNSSERVER_FALSE = @USE_DNSSERVER_FALSE@
+USE_DNSSERVER_TRUE = @USE_DNSSERVER_TRUE@
+USE_EPOLL_FALSE = @USE_EPOLL_FALSE@
+USE_EPOLL_TRUE = @USE_EPOLL_TRUE@
+USE_KQUEUE_FALSE = @USE_KQUEUE_FALSE@
+USE_KQUEUE_TRUE = @USE_KQUEUE_TRUE@
+USE_POLL_FALSE = @USE_POLL_FALSE@
+USE_POLL_TRUE = @USE_POLL_TRUE@
+USE_SELECT_FALSE = @USE_SELECT_FALSE@
+USE_SELECT_SIMPLE_FALSE = @USE_SELECT_SIMPLE_FALSE@
+USE_SELECT_SIMPLE_TRUE = @USE_SELECT_SIMPLE_TRUE@
+USE_SELECT_TRUE = @USE_SELECT_TRUE@
+USE_SELECT_WIN32_FALSE = @USE_SELECT_WIN32_FALSE@
+USE_SELECT_WIN32_TRUE = @USE_SELECT_WIN32_TRUE@
+USE_SNMP_FALSE = @USE_SNMP_FALSE@
+USE_SNMP_TRUE = @USE_SNMP_TRUE@
+VERSION = @VERSION@
+WIN32_PSAPI = @WIN32_PSAPI@
+XTRA_LIBS = @XTRA_LIBS@
+XTRA_OBJS = @XTRA_OBJS@
+ac_ct_CC = @ac_ct_CC@
+am__fastdepCC_FALSE = @am__fastdepCC_FALSE@
+am__fastdepCC_TRUE = @am__fastdepCC_TRUE@
+am__include = @am__include@
+am__leading_dot = @am__leading_dot@
+am__quote = @am__quote@
+am__tar = @am__tar@
+am__untar = @am__untar@
+bindir = @bindir@
+build = @build@
+build_alias = @build_alias@
+build_cpu = @build_cpu@
+build_os = @build_os@
+build_vendor = @build_vendor@
+datadir = @datadir@
+datarootdir = @datarootdir@
+docdir = @docdir@
+dvidir = @dvidir@
+exec_prefix = @exec_prefix@
+host = @host@
+host_alias = @host_alias@
+host_cpu = @host_cpu@
+host_os = @host_os@
+host_vendor = @host_vendor@
+htmldir = @htmldir@
+includedir = @includedir@
+infodir = @infodir@
+install_sh = @install_sh@
+libdir = @libdir@
+libexecdir = @libexecdir@
+localedir = @localedir@
+localstatedir = @localstatedir@
+makesnmplib = @makesnmplib@
+mandir = @mandir@
+mkdir_p = @mkdir_p@
+oldincludedir = @oldincludedir@
+pdfdir = @pdfdir@
+prefix = @prefix@
+program_transform_name = @program_transform_name@
+psdir = @psdir@
+sbindir = @sbindir@
+sharedstatedir = @sharedstatedir@
+sysconfdir = @sysconfdir@
+target_alias = @target_alias@
+man_MANS = squid_radius_auth.8
+EXTRA_DIST = squid_radius_auth.8
+squid_radius_auth_SOURCES = \
+ squid_rad_auth.c \
+ radius.h \
+ util.c util.h
+
+LDADD = -L$(top_builddir)/lib -lmiscutil $(SSLLIB) $(XTRA_LIBS)
+INCLUDES = -I$(top_srcdir)/include
+all: all-am
+
+.SUFFIXES:
+.SUFFIXES: .c .o .obj
+$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps)
+ @for dep in $?; do \
+ case '$(am__configure_deps)' in \
+ *$$dep*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \
+ && exit 0; \
+ exit 1;; \
+ esac; \
+ done; \
+ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign helpers/basic_auth/squid_radius_auth/Makefile'; \
+ cd $(top_srcdir) && \
+ $(AUTOMAKE) --foreign helpers/basic_auth/squid_radius_auth/Makefile
+.PRECIOUS: Makefile
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ @case '$?' in \
+ *config.status*) \
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
+ *) \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ esac;
+
+$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+
+$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps)
+ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
+install-libexecPROGRAMS: $(libexec_PROGRAMS)
+ @$(NORMAL_INSTALL)
+ test -z "$(libexecdir)" || $(mkdir_p) "$(DESTDIR)$(libexecdir)"
+ @list='$(libexec_PROGRAMS)'; for p in $$list; do \
+ p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \
+ if test -f $$p \
+ ; then \
+ f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \
+ echo " $(INSTALL_PROGRAM_ENV) $(libexecPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(libexecdir)/$$f'"; \
+ $(INSTALL_PROGRAM_ENV) $(libexecPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(libexecdir)/$$f" || exit 1; \
+ else :; fi; \
+ done
+
+uninstall-libexecPROGRAMS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(libexec_PROGRAMS)'; for p in $$list; do \
+ f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \
+ echo " rm -f '$(DESTDIR)$(libexecdir)/$$f'"; \
+ rm -f "$(DESTDIR)$(libexecdir)/$$f"; \
+ done
+
+clean-libexecPROGRAMS:
+ -test -z "$(libexec_PROGRAMS)" || rm -f $(libexec_PROGRAMS)
+squid_radius_auth$(EXEEXT): $(squid_radius_auth_OBJECTS) $(squid_radius_auth_DEPENDENCIES)
+ @rm -f squid_radius_auth$(EXEEXT)
+ $(LINK) $(squid_radius_auth_LDFLAGS) $(squid_radius_auth_OBJECTS) $(squid_radius_auth_LDADD) $(LIBS)
+
+mostlyclean-compile:
+ -rm -f *.$(OBJEXT)
+
+distclean-compile:
+ -rm -f *.tab.c
+
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/squid_rad_auth.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/util.Po@am__quote@
+
+.c.o:
+@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ $<; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c $<
+
+.c.obj:
+@am__fastdepCC_TRUE@ if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -c -o $@ `$(CYGPATH_W) '$<'`; \
+@am__fastdepCC_TRUE@ then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'`
+uninstall-info-am:
+install-man8: $(man8_MANS) $(man_MANS)
+ @$(NORMAL_INSTALL)
+ test -z "$(man8dir)" || $(mkdir_p) "$(DESTDIR)$(man8dir)"
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \
+ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+uninstall-man8:
+ @$(NORMAL_UNINSTALL)
+ @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \
+ l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \
+ for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ case "$$ext" in \
+ 8*) ;; \
+ *) ext='8' ;; \
+ esac; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \
+ rm -f "$(DESTDIR)$(man8dir)/$$inst"; \
+ done
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique
+tags: TAGS
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \
+ test -n "$$unique" || unique=$$empty_fix; \
+ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \
+ $$tags $$unique; \
+ fi
+ctags: CTAGS
+CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(CTAGS_ARGS)$$tags$$unique" \
+ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \
+ $$tags $$unique
+
+GTAGS:
+ here=`$(am__cd) $(top_builddir) && pwd` \
+ && cd $(top_srcdir) \
+ && gtags -i $(GTAGS_ARGS) $$here
+
+distclean-tags:
+ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
+
+distdir: $(DISTFILES)
+ @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \
+ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \
+ list='$(DISTFILES)'; for file in $$list; do \
+ case $$file in \
+ $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \
+ $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \
+ esac; \
+ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
+ dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \
+ if test "$$dir" != "$$file" && test "$$dir" != "."; then \
+ dir="/$$dir"; \
+ $(mkdir_p) "$(distdir)$$dir"; \
+ else \
+ dir=''; \
+ fi; \
+ if test -d $$d/$$file; then \
+ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
+ cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \
+ fi; \
+ cp -pR $$d/$$file $(distdir)$$dir || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+check-am: all-am
+check: check-am
+all-am: Makefile $(PROGRAMS) $(MANS)
+installdirs:
+ for dir in "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(man8dir)"; do \
+ test -z "$$dir" || $(mkdir_p) "$$dir"; \
+ done
+install: install-am
+install-exec: install-exec-am
+install-data: install-data-am
+uninstall: uninstall-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+
+installcheck: installcheck-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
+ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
+ `test -z '$(STRIP)' || \
+ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
+
+maintainer-clean-generic:
+ @echo "This command is intended for maintainers to use"
+ @echo "it deletes files that may require special tools to rebuild."
+clean: clean-am
+
+clean-am: clean-generic clean-libexecPROGRAMS mostlyclean-am
+
+distclean: distclean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+distclean-am: clean-am distclean-compile distclean-generic \
+ distclean-tags
+
+dvi: dvi-am
+
+dvi-am:
+
+html: html-am
+
+info: info-am
+
+info-am:
+
+install-data-am: install-man
+
+install-exec-am: install-libexecPROGRAMS
+
+install-info: install-info-am
+
+install-man: install-man8
+
+installcheck-am:
+
+maintainer-clean: maintainer-clean-am
+ -rm -rf ./$(DEPDIR)
+ -rm -f Makefile
+maintainer-clean-am: distclean-am maintainer-clean-generic
+
+mostlyclean: mostlyclean-am
+
+mostlyclean-am: mostlyclean-compile mostlyclean-generic
+
+pdf: pdf-am
+
+pdf-am:
+
+ps: ps-am
+
+ps-am:
+
+uninstall-am: uninstall-info-am uninstall-libexecPROGRAMS \
+ uninstall-man
+
+uninstall-man: uninstall-man8
+
+.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \
+ clean-libexecPROGRAMS ctags distclean distclean-compile \
+ distclean-generic distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-exec install-exec-am install-info \
+ install-info-am install-libexecPROGRAMS install-man \
+ install-man8 install-strip installcheck installcheck-am \
+ installdirs maintainer-clean maintainer-clean-generic \
+ mostlyclean mostlyclean-compile mostlyclean-generic pdf pdf-am \
+ ps ps-am tags uninstall uninstall-am uninstall-info-am \
+ uninstall-libexecPROGRAMS uninstall-man uninstall-man8
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff -ruN squid-2.6.STABLE16/helpers/basic_auth/squid_radius_auth/README squid-2.6.STABLE17/helpers/basic_auth/squid_radius_auth/README
--- squid-2.6.STABLE16/helpers/basic_auth/squid_radius_auth/README Wed Dec 31 17:00:00 1969
+++ squid-2.6.STABLE17/helpers/basic_auth/squid_radius_auth/README Mon Nov 26 04:18:47 2007
@@ -0,0 +1,72 @@
+Squid_radius_auth V1.09
+
+This kit is loosely based on radtest from the Cistron-radiusd which
+again is based on Livingston sources. See COPYRIGHT for details.
+
+This authenticator is specifically made for Squid-2.5 and later.
+
+Installation:
+
+Copy the correct makefile to Makefile
+ Makefile.default = Most OS:es.
+ Makefile.solaris = SunOS5 (Solaris)
+
+cp Makefile.default Makefile
+make clean
+make install
+
+or if you want the helper installed elsewhere than /usr/local/squid
+(the default installation path of Squid-2.5) use something like:
+
+make CONFDIR=/etc PREFIX=/usr BINDIR='${PREFIX}/libexec/squid' install
+
+Complete list of make options for tweakin the installation paths:
+
+ PREFIX Top level installation directory (/usr/local/squid)
+ BINDIR Where the binary is installed (PREFIX/libexec)
+ CONFDIR Where the configuration file is installed (PREFIX/etc)
+ MANDIR Where the manpage is installed (PREFIX/man/man8)
+ MANEXT Manpage extension (.8)
+ DESTDIR Root prefix for packaging
+
+
+Configuration:
+
+The RADIUS authenticator is configured using a small configuration file.
+
+The configuration file should look like this:
+# squid_rad_auth configuration file
+# MvS: 28-10-1998
+server suncone.cistron.nl
+secret testje
+
+An example can be found in etc/squid_rad_auth.conf
+
+
+/etc/services:
+
+Modify /etc/services and add:
+radius 1812/udp
+
+Adding this is not mandatory because it used the default port 1812 anyway.
+
+Note: Some old RADIUS servers uses the unofficial port 1645, and you may
+need to override the service port used either by editing /etc/services
+or by specifying the port using the -p command line option or the port
+tag in squid_rad_auth.conf
+
+
+Test it:
+
+Start squid_rad_auth and type a username and a username. The authenticator
+returns OK if the radiusd accepted your password. In any other case you'll
+get ERR.
+
+
+Squid:
+
+Add the authenticator to squid.conf. See the instructions from squid for
+help.
+
+Marc van Selm
+Henrik Nordstrom
diff -ruN squid-2.6.STABLE16/helpers/basic_auth/squid_radius_auth/radius.h squid-2.6.STABLE17/helpers/basic_auth/squid_radius_auth/radius.h
--- squid-2.6.STABLE16/helpers/basic_auth/squid_radius_auth/radius.h Wed Dec 31 17:00:00 1969
+++ squid-2.6.STABLE17/helpers/basic_auth/squid_radius_auth/radius.h Mon Nov 26 04:18:47 2007
@@ -0,0 +1,196 @@
+/*
+ *
+ * RADIUS
+ * Remote Authentication Dial In User Service
+ *
+ *
+ * Livingston Enterprises, Inc.
+ * 6920 Koll Center Parkway
+ * Pleasanton, CA 94566
+ *
+ * Copyright 1992 Livingston Enterprises, Inc.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose and without fee is hereby granted, provided that this
+ * copyright and permission notice appear on all copies and supporting
+ * documentation, the name of Livingston Enterprises, Inc. not be used
+ * in advertising or publicity pertaining to distribution of the
+ * program without specific prior permission, and notice be given
+ * in supporting documentation that copying and distribution is by
+ * permission of Livingston Enterprises, Inc.
+ *
+ * Livingston Enterprises, Inc. makes no representations about
+ * the suitability of this software for any purpose. It is
+ * provided "as is" without express or implied warranty.
+ *
+ */
+
+/*
+ * @(#)radius.h 2.0 03-Aug-1996
+ */
+
+#define AUTH_VECTOR_LEN 16
+#define AUTH_PASS_LEN 16
+#define AUTH_STRING_LEN 128 /* maximum of 254 */
+
+
+typedef struct pw_auth_hdr {
+ u_char code;
+ u_char id;
+ u_short length;
+ u_char vector[AUTH_VECTOR_LEN];
+ u_char data[2];
+} AUTH_HDR;
+
+#define AUTH_HDR_LEN 20
+#define CHAP_VALUE_LENGTH 16
+
+#define PW_AUTH_UDP_PORT 1812
+#define PW_ACCT_UDP_PORT 1813
+
+#define VENDORPEC_USR 429
+
+#define PW_TYPE_STRING 0
+#define PW_TYPE_INTEGER 1
+#define PW_TYPE_IPADDR 2
+#define PW_TYPE_DATE 3
+
+
+#define PW_AUTHENTICATION_REQUEST 1
+#define PW_AUTHENTICATION_ACK 2
+#define PW_AUTHENTICATION_REJECT 3
+#define PW_ACCOUNTING_REQUEST 4
+#define PW_ACCOUNTING_RESPONSE 5
+#define PW_ACCOUNTING_STATUS 6
+#define PW_PASSWORD_REQUEST 7
+#define PW_PASSWORD_ACK 8
+#define PW_PASSWORD_REJECT 9
+#define PW_ACCOUNTING_MESSAGE 10
+#define PW_ACCESS_CHALLENGE 11
+
+#define PW_USER_NAME 1
+#define PW_PASSWORD 2
+#define PW_CHAP_PASSWORD 3
+#define PW_NAS_IP_ADDRESS 4
+#define PW_NAS_PORT_ID 5
+#define PW_SERVICE_TYPE 6
+#define PW_FRAMED_PROTOCOL 7
+#define PW_FRAMED_IP_ADDRESS 8
+#define PW_FRAMED_IP_NETMASK 9
+#define PW_FRAMED_ROUTING 10
+#define PW_FILTER_ID 11
+#define PW_FRAMED_MTU 12
+#define PW_FRAMED_COMPRESSION 13
+#define PW_LOGIN_IP_HOST 14
+#define PW_LOGIN_SERVICE 15
+#define PW_LOGIN_TCP_PORT 16
+#define PW_OLD_PASSWORD 17
+#define PW_REPLY_MESSAGE 18
+#define PW_CALLBACK_NUMBER 19
+#define PW_CALLBACK_ID 20
+#define PW_EXPIRATION 21
+#define PW_FRAMED_ROUTE 22
+#define PW_FRAMED_IPXNET 23
+#define PW_STATE 24
+#define PW_CLASS 25
+#define PW_VENDOR_SPECIFIC 26
+#define PW_SESSION_TIMEOUT 27
+#define PW_IDLE_TIMEOUT 28
+#define PW_CALLED_STATION_ID 30
+#define PW_CALLING_STATION_ID 31
+#define PW_NAS_ID 32
+#define PW_PROXY_STATE 33
+
+#define PW_ACCT_STATUS_TYPE 40
+#define PW_ACCT_DELAY_TIME 41
+#define PW_ACCT_INPUT_OCTETS 42
+#define PW_ACCT_OUTPUT_OCTETS 43
+#define PW_ACCT_SESSION_ID 44
+#define PW_ACCT_AUTHENTIC 45
+#define PW_ACCT_SESSION_TIME 46
+#define PW_ACCT_INPUT_PACKETS 47
+#define PW_ACCT_OUTPUT_PACKETS 48
+
+#define PW_CHAP_CHALLENGE 60
+#define PW_NAS_PORT_TYPE 61
+#define PW_PORT_LIMIT 62
+#define PW_CONNECT_INFO 77
+
+#define PW_HUNTGROUP_NAME 221
+#define PW_AUTHTYPE 1000
+#define PW_PREFIX 1003
+#define PW_SUFFIX 1004
+#define PW_GROUP 1005
+#define PW_CRYPT_PASSWORD 1006
+#define PW_CONNECT_RATE 1007
+#define PW_USER_CATEGORY 1029
+#define PW_GROUP_NAME 1030
+#define PW_SIMULTANEOUS_USE 1034
+#define PW_STRIP_USERNAME 1035
+#define PW_FALL_THROUGH 1036
+#define PW_ADD_PORT_TO_IP_ADDRESS 1037
+#define PW_EXEC_PROGRAM 1038
+#define PW_EXEC_PROGRAM_WAIT 1039
+#define PW_HINT 1040
+#define PAM_AUTH_ATTR 1041
+#define PW_LOGIN_TIME 1042
+
+/*
+ * INTEGER TRANSLATIONS
+ */
+
+/* USER TYPES */
+
+#define PW_LOGIN_USER 1
+#define PW_FRAMED_USER 2
+#define PW_DIALBACK_LOGIN_USER 3
+#define PW_DIALBACK_FRAMED_USER 4
+
+/* FRAMED PROTOCOLS */
+
+#define PW_PPP 1
+#define PW_SLIP 2
+
+/* FRAMED ROUTING VALUES */
+
+#define PW_NONE 0
+#define PW_BROADCAST 1
+#define PW_LISTEN 2
+#define PW_BROADCAST_LISTEN 3
+
+/* FRAMED COMPRESSION TYPES */
+
+#define PW_VAN_JACOBSEN_TCP_IP 1
+
+/* LOGIN SERVICES */
+
+#define PW_TELNET 0
+#define PW_RLOGIN 1
+#define PW_TCP_CLEAR 2
+#define PW_PORTMASTER 3
+
+/* AUTHENTICATION LEVEL */
+
+#define PW_AUTHTYPE_LOCAL 0
+#define PW_AUTHTYPE_SYSTEM 1
+#define PW_AUTHTYPE_SECURID 2
+#define PW_AUTHTYPE_CRYPT 3
+#define PW_AUTHTYPE_REJECT 4
+#define PW_AUTHTYPE_PAM 253
+#define PW_AUTHTYPE_ACCEPT 254
+
+/* PORT TYPES */
+#define PW_NAS_PORT_ASYNC 0
+#define PW_NAS_PORT_SYNC 1
+#define PW_NAS_PORT_ISDN 2
+#define PW_NAS_PORT_ISDN_V120 3
+#define PW_NAS_PORT_ISDN_V110 4
+
+/* STATUS TYPES */
+
+#define PW_STATUS_START 1
+#define PW_STATUS_STOP 2
+#define PW_STATUS_ALIVE 3
+#define PW_STATUS_ACCOUNTING_ON 7
+#define PW_STATUS_ACCOUNTING_OFF 8
+
diff -ruN squid-2.6.STABLE16/helpers/basic_auth/squid_radius_auth/squid_rad_auth.c squid-2.6.STABLE17/helpers/basic_auth/squid_radius_auth/squid_rad_auth.c
--- squid-2.6.STABLE16/helpers/basic_auth/squid_radius_auth/squid_rad_auth.c Wed Dec 31 17:00:00 1969
+++ squid-2.6.STABLE17/helpers/basic_auth/squid_radius_auth/squid_rad_auth.c Mon Nov 26 04:18:47 2007
@@ -0,0 +1,575 @@
+/*
+ * RADIUS
+ * Remote Authentication Dial In User Service
+ *
+ *
+ * Livingston Enterprises, Inc.
+ * 6920 Koll Center Parkway
+ * Pleasanton, CA 94566
+ *
+ * Copyright 1992 Livingston Enterprises, Inc.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose and without fee is hereby granted, provided that this
+ * copyright and permission notice appear on all copies and supporting
+ * documentation, the name of Livingston Enterprises, Inc. not be used
+ * in advertising or publicity pertaining to distribution of the
+ * program without specific prior permission, and notice be given
+ * in supporting documentation that copying and distribution is by
+ * permission of Livingston Enterprises, Inc.
+ *
+ * Livingston Enterprises, Inc. makes no representations about
+ * the suitability of this software for any purpose. It is
+ * provided "as is" without express or implied warranty.
+ *
+ * The new parts of the code is Copyright (C) 1998 R.M. van Selm
+ * with modifications
+ * Copyright (C) 2004 Henrik Nordstrom
+ * Copyright (C) 2006 Henrik Nordstrom
+ */
+
+/* Squid_rad_auth is a RADIUS authenticator for Squid-2.5 and later.
+ * The authenticator reads a line with a user and password combination.
+ * If access is granted OK is returned. Else ERR.
+ *
+ * Squid_rad_auth-1.0 is based on modules from the Cistron-radiusd-1.5.4.
+ *
+ * Currently you should only start 1 authentificator at a time because the
+ * the ID's of the different programs can start to conflict. I'm not sure it
+ * would help anyway. I think the RADIUS server is close by and I don't think
+ * it will handle requests in parallel anyway (correct me if I'm wrong here)
+ *
+ * Marc van Selm
+ * with contributions from
+ * Henrik Nordstrom
+ * and many others
+ */
+
+#include "config.h"
+
+#if HAVE_SYS_TYPES_H
+#include
+#endif
+#if HAVE_SYS_SOCKET_H
+#include
+#endif
+#if HAVE_NETINET_IN_H
+#include
+#endif
+#if HAVE_SYS_TIME_H
+#include
+#endif
+#if HAVE_UNISTD_H
+#include
+#endif
+#if HAVE_FCNTL_H
+#include
+#endif
+
+#if HAVE_CTYPE_H
+#include
+#endif
+#if HAVE_STDIO_H
+#include
+#endif
+#if HAVE_UNISTD_H
+#include
+#endif
+#if HAVE_NETDB_H
+#include
+#endif
+#if HAVE_PWD_H
+#include
+#endif
+#if HAVE_STDLIB_H
+#include
+#endif
+#if HAVE_TIME_H
+#include
+#endif
+#if HAVE_STRING_H
+#include
+#endif
+
+#include "md5.h"
+#include "radius.h"
+#include "util.h"
+
+#define MAXPWNAM 254
+#define MAXPASS 254
+#define MAXLINE 254
+
+
+static int i_send_buffer[2048];
+static int i_recv_buffer[2048];
+static char *send_buffer = (char *) i_send_buffer;
+static char *recv_buffer = (char *) i_recv_buffer;
+static int sockfd;
+static int request_id;
+static char vector[AUTH_VECTOR_LEN];
+static char secretkey[MAXPASS + 1] = "";
+static char server[MAXLINE] = "";
+static char identifier[MAXLINE] = "";
+static char svc_name[MAXLINE] = "radius";
+static int nasport = 111;
+static int nasporttype = 0;
+static u_int32_t nas_ipaddr;
+static u_int32_t auth_ipaddr;
+static int retries = 30;
+
+char *progname = "squid_rad_auth";
+int debug_flag = 0;
+
+/*
+ * Diff two timeval, b - a
+ */
+static int
+timeval_diff(const struct timeval *a, const struct timeval *b)
+{
+ return (b->tv_sec - a->tv_sec) * 1000000 + (b->tv_usec - a->tv_usec);
+}
+
+/*
+ * Time since a timeval
+ */
+static int
+time_since(const struct timeval *when)
+{
+ struct timeval now;
+ gettimeofday(&now, NULL);
+ return timeval_diff(when, &now);
+}
+
+/*
+ * MD5 digest
+ */
+static void
+md5_calc(uint8_t out[16], void *in, size_t len)
+{
+ MD5_CTX ctx;
+ MD5Init(&ctx);
+ MD5Update(&ctx, in, len);
+ MD5Final(out, &ctx);
+}
+
+/*
+ * Receive and verify the result.
+ */
+static int
+result_recv(u_int32_t host, u_short udp_port, char *buffer, int length)
+{
+ AUTH_HDR *auth;
+ int totallen;
+ unsigned char reply_digest[AUTH_VECTOR_LEN];
+ unsigned char calc_digest[AUTH_VECTOR_LEN];
+ int secretlen;
+ /* VALUE_PAIR *req; */
+
+ auth = (AUTH_HDR *) buffer;
+ totallen = ntohs(auth->length);
+
+ if (totallen != length) {
+ fprintf(stderr,
+ "Squid_rad_auth: Received invalid reply length from server (want %d/ got %d)\n",
+ totallen, length);
+ return -1;
+ }
+
+ if (auth->id != request_id) {
+ /* Duplicate response of an earlier query, ignore */
+ return -1;
+ }
+
+ /* Verify the reply digest */
+ memcpy(reply_digest, auth->vector, AUTH_VECTOR_LEN);
+ memcpy(auth->vector, vector, AUTH_VECTOR_LEN);
+ secretlen = strlen(secretkey);
+ memcpy(buffer + length, secretkey, secretlen);
+ md5_calc(calc_digest, (unsigned char *) auth, length + secretlen);
+
+ if (memcmp(reply_digest, calc_digest, AUTH_VECTOR_LEN) != 0) {
+ fprintf(stderr, "Warning: Received invalid reply digest from server\n");
+ return -1;
+ }
+
+ if (auth->code != PW_AUTHENTICATION_ACK)
+ return 1;
+
+ return 0;
+}
+
+
+/*
+ * Generate a random vector.
+ */
+static void
+random_vector(char *vector)
+{
+ int randno;
+ int i;
+
+ srand((time(0) ^ rand()) + rand());
+ for (i = 0; i < AUTH_VECTOR_LEN;) {
+ randno = rand();
+ memcpy(vector, &randno, sizeof(int));
+ vector += sizeof(int);
+ i += sizeof(int);
+ }
+}
+
+/* read the config file
+ * The format should be something like:
+ * # squid_rad_auth configuration file
+ * # MvS: 28-10-1998
+ * server suncone.cistron.nl
+ * secret testje
+ */
+static int
+rad_auth_config(const char *cfname)
+{
+ FILE *cf;
+ char line[MAXLINE];
+ int srv = 0, crt = 0;
+
+ if ((cf = fopen(cfname, "r")) == NULL) {
+ perror(cfname);
+ return -1;
+ }
+ while (fgets(line, MAXLINE, cf) != NULL) {
+ if (!memcmp(line, "server", 6))
+ srv = sscanf(line, "server %s", server);
+ if (!memcmp(line, "secret", 6))
+ crt = sscanf(line, "secret %s", secretkey);
+ if (!memcmp(line, "identifier", 10))
+ sscanf(line, "identifier %s", identifier);
+ if (!memcmp(line, "service", 7))
+ sscanf(line, "service %s", svc_name);
+ if (!memcmp(line, "port", 4))
+ sscanf(line, "port %s", svc_name);
+ }
+ if (srv && crt)
+ return 0;
+ return -1;
+}
+
+static void
+urldecode(char *dst, const char *src, int size)
+{
+ char tmp[3];
+ tmp[2] = '\0';
+ while (*src && size > 1) {
+ if (*src == '%' && src[1] != '\0' && src[2] != '\0') {
+ src++;
+ tmp[0] = *src++;
+ tmp[1] = *src++;
+ *dst++ = strtol(tmp, NULL, 16);
+ } else {
+ *dst++ = *src++;
+ }
+ size--;
+ }
+ *dst++ = '\0';
+}
+
+static int
+authenticate(int sockfd, const char *username, const char *passwd)
+{
+ AUTH_HDR *auth;
+ u_short total_length;
+ u_char *ptr;
+ int length;
+ char passbuf[MAXPASS];
+ u_char md5buf[256];
+ int secretlen;
+ u_char cbc[AUTH_VECTOR_LEN];
+ int i, j;
+ u_int32_t ui;
+ struct sockaddr_in saremote;
+ fd_set readfds;
+ socklen_t salen;
+ int retry = retries;
+
+ /*
+ * Build an authentication request
+ */
+ auth = (AUTH_HDR *) send_buffer;
+ auth->code = PW_AUTHENTICATION_REQUEST;
+ auth->id = ++request_id;
+ random_vector(vector);
+ memcpy(auth->vector, vector, AUTH_VECTOR_LEN);
+ total_length = AUTH_HDR_LEN;
+ ptr = auth->data;
+
+ /*
+ * User Name
+ */
+ *ptr++ = PW_USER_NAME;
+ length = strlen(username);
+ if (length > MAXPWNAM) {
+ length = MAXPWNAM;
+ }
+ *ptr++ = length + 2;
+ memcpy(ptr, username, length);
+ ptr += length;
+ total_length += length + 2;
+
+ /*
+ * Password
+ */
+ length = strlen(passwd);
+ if (length > MAXPASS) {
+ length = MAXPASS;
+ }
+ memset(passbuf, 0, MAXPASS);
+ memcpy(passbuf, passwd, length);
+
+ /*
+ * Length is rounded up to multiple of 16,
+ * and the password is encoded in blocks of 16
+ * with cipher block chaining
+ */
+ length = ((length / AUTH_VECTOR_LEN) + 1) * AUTH_VECTOR_LEN;
+
+ *ptr++ = PW_PASSWORD;
+ *ptr++ = length + 2;
+
+ secretlen = strlen(secretkey);
+ /* Set up the Cipher block chain */
+ memcpy(cbc, auth->vector, AUTH_VECTOR_LEN);
+ for (j = 0; j < length; j += AUTH_VECTOR_LEN) {
+ /* Calculate the MD5 Digest */
+ strcpy((char *)md5buf, secretkey);
+ memcpy(md5buf + secretlen, cbc, AUTH_VECTOR_LEN);
+ md5_calc(cbc, md5buf, secretlen + AUTH_VECTOR_LEN);
+
+ /* Xor the password into the MD5 digest */
+ for (i = 0; i < AUTH_VECTOR_LEN; i++) {
+ *ptr++ = (cbc[i] ^= passbuf[j + i]);
+ }
+ }
+ total_length += length + 2;
+
+ *ptr++ = PW_NAS_PORT_ID;
+ *ptr++ = 6;
+
+ ui = htonl(nasport);
+ memcpy(ptr, &ui, 4);
+ ptr += 4;
+ total_length += 6;
+
+ *ptr++ = PW_NAS_PORT_TYPE;
+ *ptr++ = 6;
+
+ ui = htonl(nasporttype);
+ memcpy(ptr, &ui, 4);
+ ptr += 4;
+ total_length += 6;
+
+ if (*identifier) {
+ int len = strlen(identifier);
+ *ptr++ = PW_NAS_ID;
+ *ptr++ = len + 2;
+ memcpy(ptr, identifier, len);
+ ptr += len;
+ } else {
+ *ptr++ = PW_NAS_IP_ADDRESS;
+ *ptr++ = 6;
+
+ ui = htonl(nas_ipaddr);
+ memcpy(ptr, &ui, 4);
+ ptr += 4;
+ total_length += 6;
+ }
+
+ /* Klaus Weidner changed this
+ * from htonl to htons. It might have caused
+ * you trouble or not. That depends on the byte
+ * order of your system.
+ * The symptom was that the radius server
+ * ignored the requests, because they had zero
+ * length according to the data header.
+ */
+ auth->length = htons(total_length);
+
+ while(retry--) {
+ int time_spent;
+ struct timeval sent;
+ /*
+ * Send the request we've built.
+ */
+ gettimeofday(&sent, NULL);
+ send(sockfd, (char *) auth, total_length, 0);
+ while ((time_spent = time_since(&sent)) < 1000000) {
+ struct timeval tv;
+ int rc, len;
+ if (!time_spent) {
+ tv.tv_sec = 1;
+ tv.tv_usec = 0;
+ } else {
+ tv.tv_sec = 0;
+ tv.tv_usec = 1000000 - time_spent;
+ }
+ FD_ZERO(&readfds);
+ FD_SET(sockfd, &readfds);
+ if (select(sockfd + 1, &readfds, NULL, NULL, &tv) == 0) /* Select timeout */
+ break;
+ salen = sizeof(saremote);
+ len = recvfrom(sockfd, recv_buffer, sizeof(i_recv_buffer),
+ 0, (struct sockaddr *) &saremote, &salen);
+
+ if (len < 0)
+ continue;
+
+ rc = result_recv(saremote.sin_addr.s_addr, saremote.sin_port, recv_buffer, len);
+ if (rc == 0)
+ return 1;
+ if (rc == 1)
+ return 0;
+ }
+ }
+
+ fprintf(stderr, "%s: No response from RADIUS server\n", progname);
+
+ return 0;
+}
+
+int
+main(int argc, char **argv)
+{
+ struct sockaddr_in salocal;
+ struct sockaddr_in saremote;
+ struct servent *svp;
+ u_short svc_port;
+ char username[MAXPWNAM];
+ char passwd[MAXPASS];
+ char *ptr;
+ char authstring[MAXLINE];
+ const char *cfname = NULL;
+ int err = 0;
+ socklen_t salen;
+ int c;
+
+ while ((c = getopt(argc, argv, "h:p:f:w:i:t:")) != -1) {
+ switch(c) {
+ case 'f':
+ cfname = optarg;
+ break;
+ case 'h':
+ strcpy(server, optarg);
+ break;
+ case 'p':
+ strcpy(svc_name, optarg);
+ break;
+ case 'w':
+ strcpy(secretkey, optarg);
+ break;
+ case 'i':
+ strcpy(identifier, optarg);
+ break;
+ case 't':
+ retries = atoi(optarg);
+ break;
+ }
+ }
+ /* make standard output line buffered */
+ if (setvbuf(stdout, NULL, _IOLBF, 0) != 0)
+ return 1;
+
+ if (cfname) {
+ if (rad_auth_config(cfname) < 0) {
+ fprintf(stderr, "%s: can't open configuration file '%s'.\n", argv[0], cfname);
+ exit(1);
+ }
+ }
+
+ if (!*server) {
+ fprintf(stderr, "%s: Server not specified\n", argv[0]);
+ exit(1);
+ }
+
+ if (!*secretkey) {
+ fprintf(stderr, "%s: Shared secret not specified\n", argv[0]);
+ exit(1);
+ }
+
+ /*
+ * Open a connection to the server.
+ */
+ svp = getservbyname(svc_name, "udp");
+ if (svp != NULL)
+ svc_port = ntohs((u_short) svp->s_port);
+ else
+ svc_port = atoi(svc_name);
+ if (svc_port == 0)
+ svc_port = PW_AUTH_UDP_PORT;
+
+ /* Get the IP address of the authentication server */
+ if ((auth_ipaddr = get_ipaddr(server)) == 0) {
+ fprintf(stderr, "Couldn't find host %s\n", server);
+ exit(1);
+ }
+ sockfd = socket(AF_INET, SOCK_DGRAM, 0);
+ if (sockfd < 0) {
+ perror("socket");
+ exit(1);
+ }
+ memset(&saremote, 0, sizeof(saremote));
+ saremote.sin_family = AF_INET;
+ saremote.sin_addr.s_addr = htonl(auth_ipaddr);
+ saremote.sin_port = htons(svc_port);
+
+ if (connect(sockfd, (struct sockaddr *) &saremote, sizeof(saremote)) < 0) {
+ perror("connect");
+ exit(1);
+ }
+ salen = sizeof(salocal);
+ if (getsockname(sockfd, (struct sockaddr *) &salocal, &salen) < 0) {
+ perror("getsockname");
+ exit(1);
+ }
+#ifdef O_NONBLOCK
+ fcntl(sockfd, F_SETFL, fcntl(sockfd, F_GETFL, 0) | O_NONBLOCK);
+#endif
+ nas_ipaddr = ntohl(salocal.sin_addr.s_addr);
+ while (fgets(authstring, MAXLINE, stdin) != NULL) {
+ char *end;
+ /* protect me form to long lines */
+ if ((end = strchr(authstring, '\n')) == NULL) {
+ err = 1;
+ continue;
+ }
+ if (err) {
+ printf("ERR\n");
+ err = 0;
+ continue;
+ }
+ if (strlen(authstring) > MAXLINE) {
+ printf("ERR\n");
+ continue;
+ }
+ /* Strip off the trailing newline */
+ *end = '\0';
+
+ /* Parse out the username and password */
+ ptr = authstring;
+ while (isspace(*ptr))
+ ptr++;
+ if ((end = strchr(ptr, ' ')) == NULL) {
+ printf("ERR\n"); /* No password */
+ continue;
+ }
+ *end = '\0';
+ urldecode(username, ptr, MAXPWNAM);
+ ptr = end + 1;
+ while (isspace(*ptr))
+ ptr++;
+ urldecode(passwd, ptr, MAXPASS);
+
+ if (authenticate(sockfd, username, passwd))
+ printf("OK\n");
+ else
+ printf("ERR\n");
+ }
+ close(sockfd);
+ exit(1);
+}
diff -ruN squid-2.6.STABLE16/helpers/basic_auth/squid_radius_auth/squid_radius_auth.8 squid-2.6.STABLE17/helpers/basic_auth/squid_radius_auth/squid_radius_auth.8
--- squid-2.6.STABLE16/helpers/basic_auth/squid_radius_auth/squid_radius_auth.8 Wed Dec 31 17:00:00 1969
+++ squid-2.6.STABLE17/helpers/basic_auth/squid_radius_auth/squid_radius_auth.8 Mon Nov 26 04:18:47 2007
@@ -0,0 +1,88 @@
+.TH squid_radius_auth 8 "7 August 2004" "Squid RADIUS Auth"
+.
+.SH NAME
+squid_radius_auth - Squid RADIUS authentication helper
+.
+.SH SYNOPSIS
+.B squid_radius_auth
+-f configfile
+.br
+.B squid_radius_auth
+-h "server" [-p port] [-i identifier] -w secret
+.
+.SH DESCRIPTION
+This helper allows Squid to connect to a RADIUS server to
+validate the user name and password of Basic HTTP authentication.
+.
+.TP
+.BI "-f " "configfile "
+Specifies the path to a configuration file. See the CONFIGURATION section
+for details.
+.
+.TP
+.BI "-h " server
+Alternative method of specifying the server to connect to
+.
+.TP
+.BI "-p " port
+Specify another server port where the RADIUS server listens for requests
+if different from the default RADIUS port. Normally not specified.
+.
+.TP
+.BI "-i " identifier
+Unique identifier identifying this Squid proxy to the RADIUS server.
+If not specified the IP address is used as to identify the proxy.
+.TP
+.BI "-w " secret
+Alternative method of specifying the shared secret. Using the
+configuration file is generally more secure and recommended.
+.
+.TP
+.BI "-t " timeout
+RADIUS request timeout. Default 10 seconds.
+.
+.SH CONFIGURATION
+The configuration specifies how the helper connects to RADIUS.
+The file contains a list of directives (one per line). Lines
+beginning with a # is ignored.
+.
+.TP
+.BI "server " radiusserver
+specifies the name or address of the RADIUS server to connect to.
+.
+.TP
+.BI "secret " somesecretstring
+specifies the shared RADIUS secret.
+.
+.TP
+.BI "identifier " nameofserver
+specifies what the proxy should identify itsels as to the RADIUS server.
+This directive is optional.
+.
+.TP
+.BI "port " portnumber
+Specifies the port number or service name where the helper should connect.
+.SH AUTHOR
+This manual page was written by
+.I Henrik Nordstrom
+.P
+squid_radius_auth is written by
+.I Marc van Selm
+with contributions from
+.I Henrik Nordstrom
+and many others
+.
+.SH QUESTIONS
+Any questions on usage can be sent to
+.IR "Squid Users " ,
+or to your favorite RADIUS list/friend if the question is more related to
+RADIUS than Squid.
+.
+.SH REPORTING BUGS
+Report bugs or bug-fixes to
+.I Squid Bugs
+or ideas for new improvements to
+.I Squid Developers
+.
+.SH "SEE ALSO"
+.BR RFC2058 " - Remote Authentication Dial In User Service (RADIUS)"
diff -ruN squid-2.6.STABLE16/helpers/basic_auth/squid_radius_auth/util.c squid-2.6.STABLE17/helpers/basic_auth/squid_radius_auth/util.c
--- squid-2.6.STABLE16/helpers/basic_auth/squid_radius_auth/util.c Wed Dec 31 17:00:00 1969
+++ squid-2.6.STABLE17/helpers/basic_auth/squid_radius_auth/util.c Mon Nov 26 04:18:47 2007
@@ -0,0 +1,177 @@
+/*
+ *
+ * RADIUS
+ * Remote Authentication Dial In User Service
+ *
+ *
+ * Livingston Enterprises, Inc.
+ * 6920 Koll Center Parkway
+ * Pleasanton, CA 94566
+ *
+ * Copyright 1992 Livingston Enterprises, Inc.
+ * Copyright 1997 Cistron Internet Services B.V.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose and without fee is hereby granted, provided that this
+ * copyright and permission notice appear on all copies and supporting
+ * documentation, the name of Livingston Enterprises, Inc. not be used
+ * in advertising or publicity pertaining to distribution of the
+ * program without specific prior permission, and notice be given
+ * in supporting documentation that copying and distribution is by
+ * permission of Livingston Enterprises, Inc.
+ *
+ * Livingston Enterprises, Inc. makes no representations about
+ * the suitability of this software for any purpose. It is
+ * provided "as is" without express or implied warranty.
+ *
+ */
+
+/*
+ * util.c Miscellanous generic functions.
+ *
+ */
+
+char util_sccsid[] =
+"@(#)util.c 1.5 Copyright 1992 Livingston Enterprises Inc\n"
+" 2.1 Copyright 1997 Cistron Internet Services B.V.";
+
+#include "config.h"
+
+#if HAVE_SYS_TYES_H
+#include
+#endif
+#if HAVE_SYS_SOCKET_H
+#include
+#endif
+#if HAVE_SYS_TIME_H
+#include
+#endif
+#if HAVE_NETINET_IN_H
+#include
+#endif
+
+#if HAVE_STDIO_H
+#include
+#endif
+#if HAVE_STDLIB_H
+#include
+#endif
+#if HAVE_NETDB_H
+#include
+#endif
+#if HAVE_PWD_H
+#include
+#endif
+#if HAVE_TIME_H
+#include
+#endif
+#if HAVE_CTYPE_H
+#include
+#endif
+#if HAVE_SIGNAL_H
+#include
+#endif
+
+#include "md5.h"
+#include "util.h"
+
+/*
+ * Check for valid IP address in standard dot notation.
+ */
+static int good_ipaddr(char *addr)
+{
+ int dot_count;
+ int digit_count;
+
+ dot_count = 0;
+ digit_count = 0;
+ while(*addr != '\0' && *addr != ' ') {
+ if(*addr == '.') {
+ dot_count++;
+ digit_count = 0;
+ }
+ else if(!isdigit(*addr)) {
+ dot_count = 5;
+ }
+ else {
+ digit_count++;
+ if(digit_count > 3) {
+ dot_count = 5;
+ }
+ }
+ addr++;
+ }
+ if(dot_count != 3) {
+ return(-1);
+ }
+ else {
+ return(0);
+ }
+}
+
+/*
+ * Return an IP address in host long notation from
+ * one supplied in standard dot notation.
+ */
+static u_int32_t ipstr2long(char *ip_str)
+{
+ char buf[6];
+ char *ptr;
+ int i;
+ int count;
+ u_int32_t ipaddr;
+ int cur_byte;
+
+ ipaddr = (u_int32_t)0;
+ for(i = 0;i < 4;i++) {
+ ptr = buf;
+ count = 0;
+ *ptr = '\0';
+ while(*ip_str != '.' && *ip_str != '\0' && count < 4) {
+ if(!isdigit(*ip_str)) {
+ return((u_int32_t)0);
+ }
+ *ptr++ = *ip_str++;
+ count++;
+ }
+ if(count >= 4 || count == 0) {
+ return((u_int32_t)0);
+ }
+ *ptr = '\0';
+ cur_byte = atoi(buf);
+ if(cur_byte < 0 || cur_byte > 255) {
+ return((u_int32_t)0);
+ }
+ ip_str++;
+ ipaddr = ipaddr << 8 | (u_int32_t)cur_byte;
+ }
+ return(ipaddr);
+}
+
+/*
+ * Return an IP address in host long notation from a host
+ * name or address in dot notation.
+ */
+u_int32_t get_ipaddr(char *host)
+{
+ struct hostent *hp;
+
+ if(good_ipaddr(host) == 0) {
+ return(ipstr2long(host));
+ }
+ else if((hp = gethostbyname(host)) == (struct hostent *)NULL) {
+ return((u_int32_t)0);
+ }
+ return(ntohl(*(u_int32_t *)hp->h_addr));
+}
+
+
+void md5_calc(unsigned char *output, unsigned char *input, unsigned int inlen)
+{
+ MD5_CTX context;
+
+ MD5Init(&context);
+ MD5Update(&context, input, inlen);
+ MD5Final(output, &context);
+}
+
diff -ruN squid-2.6.STABLE16/helpers/basic_auth/squid_radius_auth/util.h squid-2.6.STABLE17/helpers/basic_auth/squid_radius_auth/util.h
--- squid-2.6.STABLE16/helpers/basic_auth/squid_radius_auth/util.h Wed Dec 31 17:00:00 1969
+++ squid-2.6.STABLE17/helpers/basic_auth/squid_radius_auth/util.h Mon Nov 26 04:18:47 2007
@@ -0,0 +1,2 @@
+/* util.c */
+u_int32_t get_ipaddr (char *);
diff -ruN squid-2.6.STABLE16/include/Array.h squid-2.6.STABLE17/include/Array.h
--- squid-2.6.STABLE16/include/Array.h Sun Oct 23 09:20:49 2005
+++ squid-2.6.STABLE17/include/Array.h Mon Nov 26 04:06:12 2007
@@ -1,5 +1,5 @@
/*
- * $Id: Array.h,v 1.7 2005/10/23 15:20:49 hno Exp $
+ * $Id: Array.h,v 1.7.2.1 2007/11/26 11:06:12 adrian Exp $
*
* AUTHOR: Alex Rousskov
*
@@ -50,6 +50,8 @@
extern void arrayAppend(Array * s, void *obj);
extern void arrayInsert(Array * s, void *obj, int position);
extern void arrayPreAppend(Array * s, int app_count);
+extern void arrayShrink(Array *a, int new_count);
+
#endif /* SQUID_ARRAY_H */
diff -ruN squid-2.6.STABLE16/include/version.h squid-2.6.STABLE17/include/version.h
--- squid-2.6.STABLE16/include/version.h Wed Sep 5 16:25:42 2007
+++ squid-2.6.STABLE17/include/version.h Mon Nov 26 06:39:31 2007
@@ -9,5 +9,5 @@
*/
#ifndef SQUID_RELEASE_TIME
-#define SQUID_RELEASE_TIME 1189031137
+#define SQUID_RELEASE_TIME 1196084366
#endif
diff -ruN squid-2.6.STABLE16/lib/Array.c squid-2.6.STABLE17/lib/Array.c
--- squid-2.6.STABLE16/lib/Array.c Sun Oct 23 09:20:49 2005
+++ squid-2.6.STABLE17/lib/Array.c Mon Nov 26 04:06:12 2007
@@ -1,5 +1,5 @@
/*
- * $Id: Array.c,v 1.8 2005/10/23 15:20:49 hno Exp $
+ * $Id: Array.c,v 1.8.2.1 2007/11/26 11:06:12 adrian Exp $
*
* AUTHOR: Alex Rousskov
*
@@ -137,4 +137,12 @@
xmalloc(a->capacity * sizeof(void *));
/* reset, just in case */
memset(a->items + a->count, 0, (a->capacity - a->count) * sizeof(void *));
+}
+
+void
+arrayShrink(Array *a, int new_count)
+{
+ assert(new_count < a->capacity);
+ assert(new_count >= 0);
+ a->count = new_count;
}
diff -ruN squid-2.6.STABLE16/src/HttpHeader.c squid-2.6.STABLE17/src/HttpHeader.c
--- squid-2.6.STABLE16/src/HttpHeader.c Mon Feb 26 15:41:46 2007
+++ squid-2.6.STABLE17/src/HttpHeader.c Mon Nov 26 04:06:13 2007
@@ -1,6 +1,6 @@
/*
- * $Id: HttpHeader.c,v 1.91.2.2 2007/02/26 22:41:46 hno Exp $
+ * $Id: HttpHeader.c,v 1.91.2.3 2007/11/26 11:06:13 adrian Exp $
*
* DEBUG: section 55 HTTP Header
* AUTHOR: Alex Rousskov
@@ -380,12 +380,34 @@
}
}
+static void
+httpHeaderRepack(HttpHeader * hdr)
+{
+ HttpHeaderPos dp = HttpHeaderInitPos;
+ HttpHeaderPos pos = HttpHeaderInitPos;
+
+ /* XXX breaks layering for now! ie, getting grubby fingers in without httpHeaderEntryGet() */
+ dp = 0;
+ pos = 0;
+ while (dp < hdr->entries.count) {
+ for (; dp < hdr->entries.count && hdr->entries.items[dp] == NULL; dp++);
+ assert(dp < hdr->entries.count);
+ hdr->entries.items[pos] = hdr->entries.items[dp];
+ if (dp != pos)
+ hdr->entries.items[dp] = NULL;
+ pos++;
+ dp++;
+ }
+ arrayShrink(&hdr->entries, pos);
+}
+
/* use fresh entries to replace old ones */
void
httpHeaderUpdate(HttpHeader * old, const HttpHeader * fresh, const HttpHeaderMask * denied_mask)
{
const HttpHeaderEntry *e;
HttpHeaderPos pos = HttpHeaderInitPos;
+
assert(old && fresh);
assert(old != fresh);
debug(55, 7) ("updating hdr: %p <- %p\n", old, fresh);
@@ -400,6 +422,9 @@
httpHeaderDelByName(old, strBuf(e->name));
httpHeaderAddEntry(old, httpHeaderEntryClone(e));
}
+
+ /* And now, repack the array to "fill in the holes" */
+ httpHeaderRepack(old);
}
/* just handy in parsing: resets and returns false */
diff -ruN squid-2.6.STABLE16/src/cf.data.pre squid-2.6.STABLE17/src/cf.data.pre
--- squid-2.6.STABLE16/src/cf.data.pre Wed Sep 5 15:50:15 2007
+++ squid-2.6.STABLE17/src/cf.data.pre Mon Nov 26 04:03:45 2007
@@ -1,6 +1,6 @@
#
-# $Id: cf.data.pre,v 1.382.2.14 2007/09/05 21:50:15 hno Exp $
+# $Id: cf.data.pre,v 1.382.2.26 2007/11/26 11:03:45 adrian Exp $
#
# SQUID Web Proxy Cache http://www.squid-cache.org/
# ----------------------------------------------------------
@@ -758,6 +758,10 @@
See http_access for details
+ NOTE: The default if no htcp_access lines are present is to
+ deny all traffic. This default may cause problems with peers
+ using the htcp or htcp-oldsquid options.
+
#Allow HTCP queries from everyone
htcp_access allow all
DOC_END
@@ -831,19 +835,6 @@
the correct result.
DOC_END
-NAME: reply_header_max_size
-COMMENT: (KB)
-TYPE: b_size_t
-DEFAULT: 20 KB
-LOC: Config.maxReplyHeaderSize
-DOC_START
- This specifies the maximum size for HTTP headers in a reply.
- Reply headers are usually relatively small (about 512 bytes).
- Placing a limit on the reply header size will catch certain
- bugs (for example with persistent connections) and possibly
- buffer-overflow or denial-of-service attacks.
-DOC_END
-
NAME: reply_body_max_size
COMMENT: bytes allow|deny acl acl...
TYPE: body_size_t
@@ -1161,7 +1152,7 @@
acl normal_service_net src 10.0.0.0/255.255.255.0
acl good_service_net src 10.0.1.0/255.255.255.0
- tcp_outgoing_tos 0x00 normal_service_net 0x00
+ tcp_outgoing_tos 0x00 normal_service_net
tcp_outgoing_tos 0x20 good_service_net
TOS/DSCP values really only have local significance - so you should
@@ -1502,8 +1493,12 @@
use 'htcp' to send HTCP, instead of ICP, queries
to the neighbor. You probably also want to
set the "icp port" to 4827 instead of 3130.
+ You must also allow this Squid htcp_access and
+ http_access in the peer Squid configuration.
use 'htcp-oldsquid' to send HTCP to old Squid versions
+ You must also allow this Squid htcp_access and
+ http_access in the peer Squid configuration.
'originserver' causes this parent peer to be contacted as
a origin server. Meant to be used in accelerator setups.
@@ -1670,7 +1665,7 @@
applies for hostnames which do not match domains listed here.
EXAMPLE:
- cache_peer parent cache.foo.org 3128 3130
+ cache_peer cache.foo.org parent 3128 3130
neighbor_type_domain cache.foo.org sibling .com .net
neighbor_type_domain cache.foo.org sibling .au .de
DOC_END
@@ -1713,26 +1708,6 @@
NOCOMMENT_END
DOC_END
-NAME: cache no_cache
-TYPE: acl_access
-DEFAULT: none
-LOC: Config.accessList.noCache
-DOC_START
- A list of ACL elements which, if matched, cause the request to
- not be satisfied from the cache and the reply to not be cached.
- In other words, use this to force certain objects to never be cached.
-
- You must use the word 'DENY' to indicate the ACL names which should
- NOT be cached.
-
- Default is to allow all to be cached
-NOCOMMENT_START
-#We recommend you to use the following two lines.
-acl QUERY urlpath_regex cgi-bin \?
-cache deny QUERY
-NOCOMMENT_END
-DOC_END
-
COMMENT_START
MEMORY CACHE OPTIONS
-----------------------------------------------------------------------------
@@ -2545,7 +2520,7 @@
It can also return a "urlgroup" that can subsequently be matched
in cache_peer_access and similar ACL driven rules. An urlgroup is
- returned by prefixing the returned url with "!urlgroup!"
+ returned by prefixing the returned URL with "!urlgroup!".
By default, a URL rewriter is not used.
DOC_END
@@ -2569,6 +2544,12 @@
The number of requests each redirector helper can handle in
parallel. Defaults to 0 which indicates the redirector
is a old-style single threaded redirector.
+
+ When this directive is set to a value >= 1 then the protocol
+ used to communicate with the helper is modified to include
+ a request ID in front of the request/response. The request
+ ID from the request must be echoed back with the response
+ to that request.
DOC_END
NAME: url_rewrite_host_header redirect_rewrites_host_header
@@ -2667,31 +2648,24 @@
-----------------------------------------------------------------------------
COMMENT_END
-NAME: request_header_max_size
-COMMENT: (KB)
-TYPE: b_size_t
-DEFAULT: 20 KB
-LOC: Config.maxRequestHeaderSize
+NAME: cache no_cache
+TYPE: acl_access
+DEFAULT: none
+LOC: Config.accessList.noCache
DOC_START
- This specifies the maximum size for HTTP headers in a request.
- Request headers are usually relatively small (about 512 bytes).
- Placing a limit on the request header size will catch certain
- bugs (for example with persistent connections) and possibly
- buffer-overflow or denial-of-service attacks.
-DOC_END
+ A list of ACL elements which, if matched, cause the request to
+ not be satisfied from the cache and the reply to not be cached.
+ In other words, use this to force certain objects to never be cached.
-NAME: request_body_max_size
-COMMENT: (KB)
-TYPE: b_size_t
-DEFAULT: 0 KB
-LOC: Config.maxRequestBodySize
-DOC_START
- This specifies the maximum size for an HTTP request body.
- In other words, the maximum size of a PUT/POST request.
- A user who attempts to send a request with a body larger
- than this limit receives an "Invalid Request" error message.
- If you set this parameter to a zero (the default), there will
- be no limit imposed.
+ You must use the word 'DENY' to indicate the ACL names which should
+ NOT be cached.
+
+ Default is to allow all to be cached
+NOCOMMENT_START
+#We recommend you to use the following two lines.
+acl QUERY urlpath_regex cgi-bin \?
+cache deny QUERY
+NOCOMMENT_END
DOC_END
NAME: refresh_pattern
@@ -2939,6 +2913,46 @@
-----------------------------------------------------------------------------
COMMENT_END
+NAME: request_header_max_size
+COMMENT: (KB)
+TYPE: b_size_t
+DEFAULT: 20 KB
+LOC: Config.maxRequestHeaderSize
+DOC_START
+ This specifies the maximum size for HTTP headers in a request.
+ Request headers are usually relatively small (about 512 bytes).
+ Placing a limit on the request header size will catch certain
+ bugs (for example with persistent connections) and possibly
+ buffer-overflow or denial-of-service attacks.
+DOC_END
+
+NAME: reply_header_max_size
+COMMENT: (KB)
+TYPE: b_size_t
+DEFAULT: 20 KB
+LOC: Config.maxReplyHeaderSize
+DOC_START
+ This specifies the maximum size for HTTP headers in a reply.
+ Reply headers are usually relatively small (about 512 bytes).
+ Placing a limit on the reply header size will catch certain
+ bugs (for example with persistent connections) and possibly
+ buffer-overflow or denial-of-service attacks.
+DOC_END
+
+NAME: request_body_max_size
+COMMENT: (KB)
+TYPE: b_size_t
+DEFAULT: 0 KB
+LOC: Config.maxRequestBodySize
+DOC_START
+ This specifies the maximum size for an HTTP request body.
+ In other words, the maximum size of a PUT/POST request.
+ A user who attempts to send a request with a body larger
+ than this limit receives an "Invalid Request" error message.
+ If you set this parameter to a zero (the default), there will
+ be no limit imposed.
+DOC_END
+
NAME: broken_posts
TYPE: acl_access
DEFAULT: none
@@ -3366,9 +3380,10 @@
LOC: Config.EmailProgram
DOC_START
Email program used to send mail if the cache dies.
- The default is "mail". The specified program must complain
+ The default is "mail". The specified program must comply
with the standard Unix mail syntax:
- mail_program recipient < mailfile
+ mail-program recipient < mailfile
+
Optional command line options can be specified.
DOC_END
@@ -3951,8 +3966,7 @@
DEFAULT: on
DOC_START
This controls whether the server will generate a Cache Digest
- of its contents. By default, Cache Digest generation is
- enabled if Squid is compiled with USE_CACHE_DIGESTS defined.
+ of its contents.
DOC_END
NAME: digest_bits_per_entry
@@ -3973,7 +3987,7 @@
LOC: Config.digest.rebuild_period
DEFAULT: 1 hour
DOC_START
- This is the number of seconds between Cache Digest rebuilds.
+ This is the wait time between Cache Digest rebuilds.
DOC_END
NAME: digest_rewrite_period
@@ -3983,8 +3997,7 @@
LOC: Config.digest.rewrite_period
DEFAULT: 1 hour
DOC_START
- This is the number of seconds between Cache Digest writes to
- disk.
+ This is the wait time between Cache Digest writes to disk.
DOC_END
NAME: digest_swapout_chunk_size
@@ -4117,31 +4130,46 @@
TYPE: address
LOC:Config.Addrs.udp_incoming
DEFAULT: 0.0.0.0
-DOC_NONE
+DOC_START
+ udp_incoming_address is used for UDP packets received from other
+ caches.
+
+ The default behavior is to not bind to any specific address.
+
+ Only change this if you want to have all UDP queries received on
+ a specific interface/address.
+
+ NOTE: udp_incoming_address is used by the ICP, HTCP, and DNS
+ modules. Altering it will affect all of them in the same manner.
+
+ see also; udp_outgoing_address
+
+ NOTE, udp_incoming_address and udp_outgoing_address can not
+ have the same value since they both use the same port.
+DOC_END
NAME: udp_outgoing_address
TYPE: address
LOC: Config.Addrs.udp_outgoing
DEFAULT: 255.255.255.255
DOC_START
- udp_incoming_address is used for the ICP socket receiving packets
- from other caches.
- udp_outgoing_address is used for ICP packets sent out to other
+ udp_outgoing_address is used for UDP packets sent out to other
caches.
The default behavior is to not bind to any specific address.
- A udp_incoming_address value of 0.0.0.0 indicates Squid
- should listen for UDP messages on all available interfaces.
-
- If udp_outgoing_address is set to 255.255.255.255 (the default)
- it will use the same socket as udp_incoming_address. Only
- change this if you want to have ICP queries sent using another
- address than where this Squid listens for ICP queries from other
+ Instead it will use the same socket as udp_incoming_address.
+ Only change this if you want to have UDP queries sent using another
+ address than where this Squid listens for UDP queries from other
caches.
+ NOTE: udp_outgoing_address is used by the ICP, HTCP, and DNS
+ modules. Altering it will affect all of them in the same manner.
+
+ see also; udp_incoming_address
+
NOTE, udp_incoming_address and udp_outgoing_address can not
- have the same value since they both use port 3130.
+ have the same value since they both use the same port.
DOC_END
NAME: icp_hit_stale
@@ -5179,10 +5207,10 @@
NAME: high_memory_warning
TYPE: b_size_t
LOC: Config.warnings.high_memory
-DEFAULT: 0
+DEFAULT: 0 KB
DOC_START
If the memory usage (as determined by mallinfo) exceeds
- value, Squid prints a WARNING with debug level 0 to get
+ this amount, Squid prints a WARNING with debug level 0 to get
the administrators attention.
DOC_END
diff -ruN squid-2.6.STABLE16/src/cf_gen.c squid-2.6.STABLE17/src/cf_gen.c
--- squid-2.6.STABLE16/src/cf_gen.c Wed Sep 5 15:50:15 2007
+++ squid-2.6.STABLE17/src/cf_gen.c Mon Sep 17 14:24:15 2007
@@ -1,6 +1,6 @@
/*
- * $Id: cf_gen.c,v 1.50.2.1 2007/09/05 21:50:15 hno Exp $
+ * $Id: cf_gen.c,v 1.50.2.3 2007/09/17 20:24:15 hno Exp $
*
* DEBUG: none Generate squid.conf.default and cf_parser.h
* AUTHOR: Max Okumoto
@@ -177,12 +177,13 @@
while ((NULL != fgets(buff, MAX_LINE, fp))) {
const char *type = strtok(buff, WS);
const char *dep;
+ Type *t;
if (!type || type[0] == '#')
continue;
- Type *t = (Type *) xcalloc(1, sizeof(*t));
+ t = (Type *) xcalloc(1, sizeof(*t));
t->name = xstrdup(type);
while ((dep = strtok(NULL, WS)) != NULL) {
- TypeDep *d = (TypeDep *) xcalloc(1, sizeof(*dep));
+ TypeDep *d = (TypeDep *) xcalloc(1, sizeof(*d));
d->name = xstrdup(dep);
d->next = t->depend;
t->depend = d;
diff -ruN squid-2.6.STABLE16/src/debug.c squid-2.6.STABLE17/src/debug.c
--- squid-2.6.STABLE16/src/debug.c Sat Sep 9 06:45:06 2006
+++ squid-2.6.STABLE17/src/debug.c Mon Oct 1 19:03:53 2007
@@ -1,6 +1,6 @@
/*
- * $Id: debug.c,v 1.93 2006/09/09 12:45:06 serassio Exp $
+ * $Id: debug.c,v 1.93.2.1 2007/10/02 01:03:53 hno Exp $
*
* DEBUG: section 0 Debug Routines
* AUTHOR: Harvest Derived
@@ -40,9 +40,6 @@
static const char *debugLogTime(time_t);
static void ctx_print(void);
#if HAVE_SYSLOG
-#ifdef LOG_LOCAL4
-static int syslog_facility = 0;
-#endif
static void _db_print_syslog(const char *format, va_list args);
#endif
static void _db_print_stderr(const char *format, va_list args);
@@ -186,7 +183,7 @@
tmpbuf[0] = '\0';
vsnprintf(tmpbuf, BUFSIZ, format, args);
tmpbuf[BUFSIZ - 1] = '\0';
- syslog(_db_level == 0 ? LOG_WARNING : LOG_NOTICE, "%s", tmpbuf);
+ syslog((_db_level == 0 ? LOG_WARNING : LOG_NOTICE) | syslog_facility, "%s", tmpbuf);
}
#endif /* HAVE_SYSLOG */
@@ -401,12 +398,6 @@
xfree(p);
}
debugOpenLog(logfile);
-
-#if HAVE_SYSLOG && defined(LOG_LOCAL4)
- if (opt_syslog_enable)
- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, syslog_facility);
-#endif /* HAVE_SYSLOG */
-
}
void
diff -ruN squid-2.6.STABLE16/src/fqdncache.c squid-2.6.STABLE17/src/fqdncache.c
--- squid-2.6.STABLE16/src/fqdncache.c Mon May 29 18:56:11 2006
+++ squid-2.6.STABLE17/src/fqdncache.c Mon Nov 26 03:59:09 2007
@@ -1,6 +1,6 @@
/*
- * $Id: fqdncache.c,v 1.156 2006/05/30 00:56:11 hno Exp $
+ * $Id: fqdncache.c,v 1.156.2.2 2007/11/26 10:59:09 adrian Exp $
*
* DEBUG: section 35 FQDN Cache
* AUTHOR: Harvest Derived
@@ -211,7 +211,7 @@
f->handlerData = NULL;
if (cbdataValid(handlerData)) {
dns_error_message = f->error_message;
- handler(f->flags.negcached ? NULL : f->names[0], handlerData);
+ handler(f->name_count ? f->names[0] : NULL, handlerData);
}
cbdataUnlock(handlerData);
fqdncacheUnlockEntry(f);
@@ -316,7 +316,7 @@
f->error_message = xstrdup("No PTR record");
return f;
}
- if (ttl == 0 || ttl > Config.positiveDnsTtl)
+ if (ttl > Config.positiveDnsTtl)
ttl = Config.positiveDnsTtl;
if (ttl < Config.negativeDnsTtl)
ttl = Config.negativeDnsTtl;
diff -ruN squid-2.6.STABLE16/src/fs/aufs/aiops.c squid-2.6.STABLE17/src/fs/aufs/aiops.c
--- squid-2.6.STABLE16/src/fs/aufs/aiops.c Sat Sep 23 04:16:40 2006
+++ squid-2.6.STABLE17/src/fs/aufs/aiops.c Mon Nov 26 03:46:16 2007
@@ -1,5 +1,5 @@
/*
- * $Id: aiops.c,v 1.31 2006/09/23 10:16:40 serassio Exp $
+ * $Id: aiops.c,v 1.31.2.1 2007/11/26 10:46:16 adrian Exp $
*
* DEBUG: section 43 AIOPS
* AUTHOR: Stewart Forster
@@ -322,7 +322,7 @@
/* Create threads and get them to sit in their wait loop */
squidaio_thread_pool = memPoolCreate("aio_thread", sizeof(squidaio_thread_t));
if (squidaio_nthreads == 0) {
- int j = 16;
+ int j = THREAD_FACTOR;
for (i = 0; i < n_asyncufs_dirs; i++) {
squidaio_nthreads += j;
j = j * 2 / 3;
@@ -338,7 +338,7 @@
#endif
}
if (squidaio_nthreads == 0)
- squidaio_nthreads = 16;
+ squidaio_nthreads = THREAD_FACTOR;
squidaio_magic1 = squidaio_nthreads * MAGIC1_FACTOR;
squidaio_magic2 = squidaio_nthreads * MAGIC2_FACTOR;
for (i = 0; i < squidaio_nthreads; i++) {
diff -ruN squid-2.6.STABLE16/src/fs/aufs/aiops_win32.c squid-2.6.STABLE17/src/fs/aufs/aiops_win32.c
--- squid-2.6.STABLE16/src/fs/aufs/aiops_win32.c Sat Sep 23 04:16:40 2006
+++ squid-2.6.STABLE17/src/fs/aufs/aiops_win32.c Mon Nov 26 03:46:16 2007
@@ -1,5 +1,5 @@
/*
- * $Id: aiops_win32.c,v 1.3 2006/09/23 10:16:40 serassio Exp $
+ * $Id: aiops_win32.c,v 1.3.2.1 2007/11/26 10:46:16 adrian Exp $
*
* DEBUG: section 43 Windows AIOPS
* AUTHOR: Stewart Forster
@@ -322,7 +322,7 @@
/* Create threads and get them to sit in their wait loop */
squidaio_thread_pool = memPoolCreate("aio_thread", sizeof(squidaio_thread_t));
if (squidaio_nthreads == 0) {
- int j = 16;
+ int j = THREAD_FACTOR;
for (i = 0; i < n_asyncufs_dirs; i++) {
squidaio_nthreads += j;
j = j * 2 / 3;
@@ -338,7 +338,7 @@
#endif
}
if (squidaio_nthreads == 0)
- squidaio_nthreads = 16;
+ squidaio_nthreads = THREAD_FACTOR;
squidaio_magic1 = squidaio_nthreads * MAGIC1_FACTOR;
squidaio_magic2 = squidaio_nthreads * MAGIC2_FACTOR;
for (i = 0; i < squidaio_nthreads; i++) {
diff -ruN squid-2.6.STABLE16/src/fs/aufs/store_dir_aufs.c squid-2.6.STABLE17/src/fs/aufs/store_dir_aufs.c
--- squid-2.6.STABLE16/src/fs/aufs/store_dir_aufs.c Sat Mar 3 06:34:51 2007
+++ squid-2.6.STABLE17/src/fs/aufs/store_dir_aufs.c Mon Nov 26 03:57:37 2007
@@ -1,6 +1,6 @@
/*
- * $Id: store_dir_aufs.c,v 1.67.2.1 2007/03/03 13:34:51 hno Exp $
+ * $Id: store_dir_aufs.c,v 1.67.2.2 2007/11/26 10:57:37 adrian Exp $
*
* DEBUG: section 47 Store Directory Routines
* AUTHOR: Duane Wessels
@@ -1551,6 +1551,8 @@
break; /* no more objects */
removed++;
storeRelease(e);
+ if (aioQueueSize() > MAGIC2)
+ break;
}
walker->Done(walker);
debug(47, (removed ? 2 : 3)) ("storeAufsDirMaintain: %s removed %d/%d f=%.03f max_scan=%d\n",
diff -ruN squid-2.6.STABLE16/src/globals.h squid-2.6.STABLE17/src/globals.h
--- squid-2.6.STABLE16/src/globals.h Thu Jan 18 17:19:26 2007
+++ squid-2.6.STABLE17/src/globals.h Mon Oct 1 19:03:53 2007
@@ -1,6 +1,6 @@
/*
- * $Id: globals.h,v 1.123 2007/01/19 00:19:26 hno Exp $
+ * $Id: globals.h,v 1.123.2.1 2007/10/02 01:03:53 hno Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
@@ -178,5 +178,8 @@
#endif
extern int opt_parse_cfg_only; /* 0 */
extern int n_coss_dirs; /* 0 */
+#ifdef LOG_LOCAL4
+extern int syslog_facility; /* LOG_LOCAL4 */
+#endif
#endif /* SQUID_GLOBALS_H */
diff -ruN squid-2.6.STABLE16/src/helper.c squid-2.6.STABLE17/src/helper.c
--- squid-2.6.STABLE16/src/helper.c Sat Jun 2 18:40:32 2007
+++ squid-2.6.STABLE17/src/helper.c Mon Nov 26 04:07:27 2007
@@ -1,6 +1,6 @@
/*
- * $Id: helper.c,v 1.62.2.3 2007/06/03 00:40:32 hno Exp $
+ * $Id: helper.c,v 1.62.2.4 2007/11/26 11:07:27 adrian Exp $
*
* DEBUG: section 84 Helper process maintenance
* AUTHOR: Harvest Derived?
@@ -1026,7 +1026,7 @@
{
helper *hlp = srv->parent;
helper_request **ptr = NULL;
- int slot;
+ int slot = -1;
if (!cbdataValid(r->data)) {
debug(84, 1) ("helperDispatch: invalid callback data\n");
helperRequestFree(r);
@@ -1057,8 +1057,8 @@
helperDispatch_done, /* Handler */
srv);
}
- debug(84, 5) ("helperDispatch: Request sent to %s #%d, %d bytes\n",
- hlp->id_name, srv->index + 1, (int) strlen(r->buf));
+ debug(84, 5) ("helperDispatch: Request sent to %s #%d[%d], %d bytes\n",
+ hlp->id_name, srv->index + 1, slot, (int) strlen(r->buf));
srv->stats.uses++;
hlp->stats.requests++;
}
diff -ruN squid-2.6.STABLE16/src/http.c squid-2.6.STABLE17/src/http.c
--- squid-2.6.STABLE16/src/http.c Sat Jul 21 15:05:55 2007
+++ squid-2.6.STABLE17/src/http.c Mon Nov 26 04:04:30 2007
@@ -1,6 +1,6 @@
/*
- * $Id: http.c,v 1.419.2.8 2007/07/21 21:05:55 hno Exp $
+ * $Id: http.c,v 1.419.2.11 2007/11/26 11:04:30 adrian Exp $
*
* DEBUG: section 11 Hypertext Transfer Protocol (HTTP)
* AUTHOR: Harvest Derived
@@ -432,7 +432,7 @@
debug(11, 3) ("httpProcessReplyHeader: Non-HTTP-compliant header: '%s'\n", httpState->reply_hdr.buf);
httpState->reply_hdr_state += 2;
httpState->chunk_size = -1; /* Terminated by EOF */
- memBufClean(&httpState->reply_hdr);
+ httpState->reply_hdr.size = old_size;
httpBuildVersion(&reply->sline.version, 0, 9);
reply->sline.status = HTTP_INVALID_HEADER;
ctx_exit(ctx);
@@ -506,8 +506,8 @@
stringClean(&tr);
if (httpState->flags.chunked && reply->content_length >= 0) {
/* Can't have a content-length in chunked encoding */
- reply->sline.status = HTTP_INVALID_HEADER;
- return done;
+ reply->content_length = -1;
+ httpHeaderDelById(&reply->header, HDR_CONTENT_LENGTH);
}
}
if (!httpState->flags.chunked) {
@@ -956,6 +956,8 @@
httpHeaderPutTime(&reply->header, HDR_DATE, squid_curtime);
mb = httpReplyPack(reply);
storeAppend(entry, mb.buf, mb.size);
+ storeAppend(entry, httpState->reply_hdr.buf, httpState->reply_hdr.size);
+ memBufClean(&httpState->reply_hdr);
httpReplyReset(reply);
httpReplyParse(reply, mb.buf, mb.size);
memBufClean(&mb);
@@ -1254,10 +1256,10 @@
/* Special mode, to pass the username to the upstream cache */
char loginbuf[256];
const char *username = "-";
- if (orig_request->auth_user_request)
- username = authenticateUserRequestUsername(orig_request->auth_user_request);
- else if (orig_request->extacl_user)
+ if (orig_request->extacl_user)
username = orig_request->extacl_user;
+ else if (orig_request->auth_user_request)
+ username = authenticateUserRequestUsername(orig_request->auth_user_request);
snprintf(loginbuf, sizeof(loginbuf), "%s%s", username, orig_request->peer_login + 1);
httpHeaderPutStrf(hdr_out, HDR_PROXY_AUTHORIZATION, "Basic %s",
base64_encode(loginbuf));
diff -ruN squid-2.6.STABLE16/src/ipcache.c squid-2.6.STABLE17/src/ipcache.c
--- squid-2.6.STABLE16/src/ipcache.c Fri Aug 31 07:46:25 2007
+++ squid-2.6.STABLE17/src/ipcache.c Mon Nov 26 03:59:09 2007
@@ -1,6 +1,6 @@
/*
- * $Id: ipcache.c,v 1.245.2.1 2007/08/31 13:46:25 hno Exp $
+ * $Id: ipcache.c,v 1.245.2.3 2007/11/26 10:59:09 adrian Exp $
*
* DEBUG: section 14 IP Cache
* AUTHOR: Harvest Derived
@@ -223,7 +223,7 @@
i->handlerData = NULL;
if (cbdataValid(handlerData)) {
dns_error_message = i->error_message;
- handler(i->flags.negcached ? NULL : &i->addrs, handlerData);
+ handler(i->addrs.count ? &i->addrs : NULL, handlerData);
}
cbdataUnlock(handlerData);
ipcacheUnlockEntry(i);
@@ -369,7 +369,7 @@
i->addrs.count = (unsigned char) na;
else
i->addrs.count = 255;
- if (ttl == 0 || ttl > Config.positiveDnsTtl)
+ if (ttl > Config.positiveDnsTtl)
ttl = Config.positiveDnsTtl;
if (ttl < Config.negativeDnsTtl)
ttl = Config.negativeDnsTtl;
diff -ruN squid-2.6.STABLE16/src/main.c squid-2.6.STABLE17/src/main.c
--- squid-2.6.STABLE16/src/main.c Fri Aug 31 07:52:10 2007
+++ squid-2.6.STABLE17/src/main.c Mon Nov 26 03:47:23 2007
@@ -1,6 +1,6 @@
/*
- * $Id: main.c,v 1.393.2.4 2007/08/31 13:52:10 hno Exp $
+ * $Id: main.c,v 1.393.2.6 2007/11/26 10:47:23 adrian Exp $
*
* DEBUG: section 1 Startup and Main Loop
* AUTHOR: Harvest Derived
@@ -710,6 +710,10 @@
#endif
mainParseOptions(argc, argv);
+#if HAVE_SYSLOG && defined(LOG_LOCAL4)
+ openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, syslog_facility);
+#endif
+
#if defined(USE_WIN32_SERVICE) && defined(_SQUID_WIN32_)
if (opt_install_service) {
WIN32_InstallService();
@@ -972,14 +976,12 @@
int nullfd;
if (*(argv[0]) == '(')
return;
- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
if ((pid = fork()) < 0)
syslog(LOG_ALERT, "fork failed: %s", xstrerror());
else if (pid > 0)
exit(0);
if (setsid() < 0)
syslog(LOG_ALERT, "setsid failed: %s", xstrerror());
- closelog();
#ifdef TIOCNOTTY
if ((i = open("/dev/tty", O_RDWR | O_TEXT)) >= 0) {
ioctl(i, TIOCNOTTY, NULL);
@@ -1008,7 +1010,6 @@
mainStartScript(argv[0]);
if ((pid = fork()) == 0) {
/* child */
- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
prog = xstrdup(argv[0]);
argv[0] = xstrdup("(squid)");
execvp(prog, argv);
@@ -1016,7 +1017,6 @@
exit(1);
}
/* parent */
- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
syslog(LOG_NOTICE, "Squid Parent: child process %d started", pid);
time(&start);
squid_signal(SIGINT, SIG_IGN, SA_RESTART);
diff -ruN squid-2.6.STABLE16/src/mib.txt squid-2.6.STABLE17/src/mib.txt
--- squid-2.6.STABLE16/src/mib.txt Fri Aug 31 08:08:52 2007
+++ squid-2.6.STABLE17/src/mib.txt Mon Nov 26 04:08:30 2007
@@ -2,7 +2,7 @@
SQUID-MIB DEFINITIONS ::= BEGIN
--
--- $Id: mib.txt,v 1.30.2.1 2007/08/31 14:08:52 hno Exp $
+-- $Id: mib.txt,v 1.30.2.2 2007/11/26 11:08:30 adrian Exp $
--
IMPORTS
@@ -715,7 +715,7 @@
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
- " An entry in cachePeerTable "
+ " cache_peer indexed by IP address "
INDEX { cachePeerAddr }
::= { cachePeerTable 1 }
@@ -724,7 +724,7 @@
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
- " An entry in cachePeerTable "
+ " cache_peer indexed by position in squid.conf "
INDEX { cachePeerIndex }
::= { cachePeerTable 2 }
diff -ruN squid-2.6.STABLE16/src/stat.c squid-2.6.STABLE17/src/stat.c
--- squid-2.6.STABLE16/src/stat.c Wed Nov 1 13:58:52 2006
+++ squid-2.6.STABLE17/src/stat.c Fri Sep 21 08:48:37 2007
@@ -1,6 +1,6 @@
/*
- * $Id: stat.c,v 1.377 2006/11/01 20:58:52 wessels Exp $
+ * $Id: stat.c,v 1.377.2.1 2007/09/21 14:48:37 hno Exp $
*
* DEBUG: section 18 Cache Manager Statistics
* AUTHOR: Harvest Derived
@@ -598,8 +598,8 @@
storeAppendPrintf(sentry, "\tCPU Usage, 60 minute avg:\t%.2f%%\n",
statCPUUsage(60));
#if HAVE_SBRK
- storeAppendPrintf(sentry, "\tProcess Data Segment Size via sbrk(): %d KB\n",
- (int) (((char *) sbrk(0) - (char *) sbrk_start) >> 10));
+ storeAppendPrintf(sentry, "\tProcess Data Segment Size via sbrk(): %lu KB\n",
+ (unsigned long) (((char *) sbrk(0) - (char *) sbrk_start) >> 10));
#endif
storeAppendPrintf(sentry, "\tMaximum Resident Size: %d KB\n",
rusage_maxrss(&rusage));