Tsantilas Christos | 1 Sep 18:49 2014
Picon
Picon

[PATCH] pconn_lifetime

Hi all,

This patch add a new configuration option the 'pconn_lifetime' to allow 
users set the desired maximum lifetime of a persistent connection.

When set, Squid will close a now-idle persistent connection that 
exceeded configured lifetime instead of moving the connection into the 
idle connection pool (or equivalent). No effect on ongoing/active 
transactions. Connection lifetime is the time period from the connection 
acceptance or opening time until "now".

This limit is useful in environments with long-lived connections where 
Squid configuration or environmental factors change during a single 
connection lifetime. If unrestricted, some connections may last for 
hours and even days, ignoring those changes that should have affected 
their behavior or their existence.

This is a Measurement Factory project

noc | 29 Aug 18:12 2014

Build failed in Jenkins: 3.HEAD-amd64-centos-6 #461

See <http://build.squid-cache.org/job/3.HEAD-amd64-centos-6/461/changes>

Changes:

[Amos Jeffries] Boilerplate: update authorship contributions by Markus Moeller

With permission.

./helpers/negotiate_auth/kerberos/COPYRIGHT
- remove, since it duplicates the Squid top level COPYRIGHT file.

./lib/base64.c
- removing the inaccurate line "AUTHOR: Markus Moeller", since other
authors (myself at least) have adjusted that code as well.

./src/peer_proxy_negotiate_auth.h
- removing the line: "AUTHOR: Markus Moeller (markus_moeller at
compuserve.com)"

./src/peer_proxy_negotiate_auth.cc
- removing the "Hosted at" line as inaccurate, the file is hosted in
Squid repository, launchpad and elsewhere.

- replacing the license blurb with Squid Software Foundation blurb
(remains GPLv2+).

------------------------------------------
[...truncated 1686 lines...]
	    mkdir -p ../errors/$lang; \
	    echo -n "Translate '$lang' ..."; \
(Continue reading)

noc | 29 Aug 17:54 2014

Build failed in Jenkins: 3.HEAD-amd64-centos-7 #54

See <http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/54/changes>

Changes:

[Amos Jeffries] Boilerplate: update authorship contributions by Markus Moeller

With permission.

./helpers/negotiate_auth/kerberos/COPYRIGHT
- remove, since it duplicates the Squid top level COPYRIGHT file.

./lib/base64.c
- removing the inaccurate line "AUTHOR: Markus Moeller", since other
authors (myself at least) have adjusted that code as well.

./src/peer_proxy_negotiate_auth.h
- removing the line: "AUTHOR: Markus Moeller (markus_moeller at
compuserve.com)"

./src/peer_proxy_negotiate_auth.cc
- removing the "Hosted at" line as inaccurate, the file is hosted in
Squid repository, launchpad and elsewhere.

- replacing the license blurb with Squid Software Foundation blurb
(remains GPLv2+).

------------------------------------------
[...truncated 1710 lines...]
	page=`basename $f`; \
	off `off --help | grep -o "\-\-notidy"` --progress=none -i ../.././test-suite/../errors/$lang.po -t
(Continue reading)

noc | 29 Aug 17:42 2014

Build failed in Jenkins: 3.HEAD-amd64-OpenBSD-5.4 #161

See <http://build.squid-cache.org/job/3.HEAD-amd64-OpenBSD-5.4/161/changes>

Changes:

[Amos Jeffries] Boilerplate: update authorship contributions by Markus Moeller

With permission.


./helpers/negotiate_auth/kerberos/COPYRIGHT
- remove, since it duplicates the Squid top level COPYRIGHT file.

./lib/base64.c
- removing the inaccurate line "AUTHOR: Markus Moeller", since other
authors (myself at least) have adjusted that code as well.

./src/peer_proxy_negotiate_auth.h
- removing the line: "AUTHOR: Markus Moeller (markus_moeller at
compuserve.com)"

./src/peer_proxy_negotiate_auth.cc
- removing the "Hosted at" line as inaccurate, the file is hosted in
Squid repository, launchpad and elsewhere.

- replacing the license blurb with Squid Software Foundation blurb
(remains GPLv2+).

[Amos Jeffries] Boilerplate: update copyright blurbs for Basic authentication helpers

* added Squid Software Foundation blurbs
(Continue reading)

noc | 29 Aug 17:39 2014

Build failed in Jenkins: 3.HEAD-amd64-fedora-19 #322

See <http://build.squid-cache.org/job/3.HEAD-amd64-fedora-19/322/changes>

Changes:

[Amos Jeffries] Boilerplate: update authorship contributions by Markus Moeller

With permission.

./helpers/negotiate_auth/kerberos/COPYRIGHT
- remove, since it duplicates the Squid top level COPYRIGHT file.

./lib/base64.c
- removing the inaccurate line "AUTHOR: Markus Moeller", since other
authors (myself at least) have adjusted that code as well.

./src/peer_proxy_negotiate_auth.h
- removing the line: "AUTHOR: Markus Moeller (markus_moeller at
compuserve.com)"

./src/peer_proxy_negotiate_auth.cc
- removing the "Hosted at" line as inaccurate, the file is hosted in
Squid repository, launchpad and elsewhere.

- replacing the license blurb with Squid Software Foundation blurb
(remains GPLv2+).

[Amos Jeffries] Boilerplate: update copyright blurbs for Basic authentication helpers

* added Squid Software Foundation blurbs

(Continue reading)

noc | 29 Aug 10:02 2014

Build failed in Jenkins: 3.HEAD-amd64-centos-7 #51

See <http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/51/changes>

Changes:

[Christos Tsantilas] Close active pconns after their *_port goes away on reconfigure.

This change reduces what may be perceived as reconfigure memory leaks
related to *_port options. Before this change, a single persistent
connection could continue to receive new requests (and tie no longer
globally accessible PortCfg-related structures) for hours.

TODO: Close already idle pconns as well.

------------------------------------------
[...truncated 64570 lines...]
make[3]: Entering directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/mgr'>
make[3]: Nothing to be done for `uninstall'.
make[3]: Leaving directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/mgr'>
Making uninstall in snmp
make[3]: Entering directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/snmp'>
make[3]: Nothing to be done for `uninstall'.
make[3]: Leaving directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/snmp'>
Making uninstall in adaptation
make[3]: Entering directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/adaptation'>
Making uninstall in icap
make[4]: Entering directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/adaptation/icap'>
make[4]: Nothing to be done for `uninstall'.
make[4]: Leaving directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/adaptation/icap'>
make[4]: Entering directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/adaptation'>
make[4]: Nothing to be done for `uninstall-am'.
(Continue reading)

noc | 29 Aug 03:58 2014

Build failed in Jenkins: 3.HEAD-amd64-centos-7 #49

See <http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/49/changes>

Changes:

[Automatic source maintenance] SourceFormat Enforcement

------------------------------------------
[...truncated 65981 lines...]
make[3]: Nothing to be done for `uninstall'.
make[3]: Leaving directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/mgr'>
Making uninstall in snmp
make[3]: Entering directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/snmp'>
make[3]: Nothing to be done for `uninstall'.
make[3]: Leaving directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/snmp'>
Making uninstall in adaptation
make[3]: Entering directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/adaptation'>
Making uninstall in icap
make[4]: Entering directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/adaptation/icap'>
make[4]: Nothing to be done for `uninstall'.
make[4]: Leaving directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/adaptation/icap'>
make[4]: Entering directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/adaptation'>
make[4]: Nothing to be done for `uninstall-am'.
make[4]: Leaving directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/adaptation'>
make[3]: Leaving directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/adaptation'>
Making uninstall in esi
make[3]: Entering directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/esi'>
make[3]: Nothing to be done for `uninstall'.
make[3]: Leaving directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/esi'>
make[3]: Entering directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src'>
 ( cd
(Continue reading)

noc | 27 Aug 17:18 2014

Build failed in Jenkins: 3.HEAD-amd64-centos-7-clang #21

See <http://build.squid-cache.org/job/3.HEAD-amd64-centos-7-clang/21/changes>

Changes:

[Amos Jeffries] Prep for 3.4.7 and 3.3.13

------------------------------------------
[...truncated 64794 lines...]
make[3]: Entering directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7-clang/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/mgr'>
make[3]: Nothing to be done for `uninstall'.
make[3]: Leaving directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7-clang/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/mgr'>
Making uninstall in snmp
make[3]: Entering directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7-clang/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/snmp'>
make[3]: Nothing to be done for `uninstall'.
make[3]: Leaving directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7-clang/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/snmp'>
Making uninstall in adaptation
make[3]: Entering directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7-clang/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/adaptation'>
Making uninstall in icap
make[4]: Entering directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7-clang/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/adaptation/icap'>
make[4]: Nothing to be done for `uninstall'.
make[4]: Leaving directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7-clang/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/adaptation/icap'>
make[4]: Entering directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7-clang/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/adaptation'>
make[4]: Nothing to be done for `uninstall-am'.
make[4]: Leaving directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7-clang/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/adaptation'>
make[3]: Leaving directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7-clang/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/adaptation'>
Making uninstall in esi
make[3]: Entering directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7-clang/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/esi'>
make[3]: Nothing to be done for `uninstall'.
make[3]: Leaving directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7-clang/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src/esi'>
make[3]: Entering directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7-clang/ws/btlayer-05-nodeps-esi/squid-3.HEAD-BZR/_build/src'>
(Continue reading)

Tsantilas Christos | 27 Aug 13:08 2014
Picon
Picon

[PATCH] %<tt (total server time) is not computed in some cases

Hi all,

The total server time is not computed in some cases, for example for 
CONNECT requests. An other example case is when server-first bumping 
mode is used and squid connects to SSL peer, but connection terminated 
before the SSL handshake completes.

The attached patch is trying to fix these cases.

This is a Measurement Factory project
noc | 27 Aug 11:00 2014

Build failed in Jenkins: 3.HEAD-amd64-centos-7 #40

See <http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/40/changes>

Changes:

[Christos Tsantilas] SSL Peek and Splice

The goal of this patch is to make SSL bumping decision after the origin server
name is known.

Peek and Splice peeks at the SSL client Hello message and SNI info if any
(bumping step 1), sends identical or a similar Hello message to the SSL server
and peeks at the SSL server Hello message (bumping step 2), and finally
decides to proceed with splicing or bumping the connection (bumping step 3).

After the step 1 bumping step completes the SNI information is available and
after the step 2 bumping step completes the server certificate is available.

The ssl_bump access list evaluated on every bumping step to select the bumping
mode to use. The new acl "at_step" can be used to match the current bumping
step.

In most cases:
- if the user select "peek" bumping mode at step2 then at step3 can select
one of the "splice" or "terminate" modes.
- If the user select "stare" bumping mode at step2 then at step 3 can select
one of the "bump" or "terminate" modes.

If the squid built with the SQUID_USE_OPENSSL_HELLO_OVERWRITE_HACK and the
client uses openSSL library similar to the library used by squid then bumping
is possible after "peek" bumping mode selection and "splice" after "stare"
(Continue reading)

noc | 26 Aug 06:40 2014

Build failed in Jenkins: 3.HEAD-amd64-centos-7 #36

See <http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/36/changes>

Changes:

[Amos Jeffries] Boilerplate: update copyright blurbs on lib/libTrie

* add Squid Software Foundation blurb

* merged AUTHORS file content to CONTRIBUTORS.

* removed duplicate COPYING file. Squid main COPYING is newer and the
library is no longer a standalone object.

* remvoed empty NEWS, README, Changelog files

* removed obsolete INSTALL file.
- It documents the previously removed libTrie/configure.ac script.

------------------------------------------
[...truncated 11099 lines...]
make[3]: Leaving directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/ident'>
Making uninstall in log
make[3]: Entering directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/log'>
make[3]: Nothing to be done for `uninstall'.
make[3]: Leaving directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/log'>
Making uninstall in ipc
make[3]: Entering directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/ipc'>
make[3]: Nothing to be done for `uninstall'.
make[3]: Leaving directory `<http://build.squid-cache.org/job/3.HEAD-amd64-centos-7/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/ipc'>
Making uninstall in mgr
(Continue reading)


Gmane