Introducing Myself

2012-03-03 Thread Fred Maranhão 
Hi,

My name is Fred Maranhão. I'm starting to work with squid and I'm
interested in translate the software to brazilian portuguese (pt_BR).

Fred

Re: Introducing Myself

2012-03-03 Thread Amos Jeffries 

On 3/03/2012 5:20 p.m., Fred Maranhão wrote:

Hi,

My name is Fred Maranhão. I'm starting to work with squid and I'm
interested in translate the software to brazilian portuguese (pt_BR).

Fred


Hi Fred,
 Thank you very much for the interest.

The wiki page http://wiki.squid-cache.org/Translations/Basics covers the 
initial detais you need to know. Including how to register with our 
Pootle system which controls the translation process.


Brazillian Portuguese already has a translation moderator. I've emailed 
him now to find out how he wishes to go forward with this and will get 
back to you about where we go from there. Meanwhile feel free to signup 
to Pootle and start adding change suggestions to Pootle.


Amos

Re: range request cache

2012-03-03 Thread Henrik Nordström 
lör 2012-03-03 klockan 04:23 +1300 skrev Amos Jeffries:
> On 3/03/2012 4:00 a.m., Zhu, Shan wrote:
> > Very good suggestions. If the ambiguity can be solved, I should go ahead 
> > and give a try. Merging two ranges look genuine but it will change the 
> > cache store and requires extra work. Say, if we have multiple ranges which 
> > cross each other, we will need to move the cache store if we want to merge 
> > them.
> > Do we have any document to look at for the programs and APIs? If not, can 
> > any of you give me some hint on which source code programs to work on? 
> > Thanks!
> 
> You can find the code doxygen documentatino here:
>   http://www.squid-cache.org/Doc/code/
> 
> The code is not very well documented yet. Please help improve that as 
> you change things ;)

And keep asking questions both here and in the irc channel.

REgards
Henrik

RE: range request cache

2012-03-03 Thread Henrik Nordström 
fre 2012-03-02 klockan 10:00 -0500 skrev Zhu, Shan:
> Very good suggestions. If the ambiguity can be solved, I should go
> ahead and give a try. Merging two ranges look genuine but it will
> change the cache store and requires extra work. Say, if we have
> multiple ranges which cross each other, we will need to move the cache
> store if we want to merge them.

Any form of update to stored contents currently requires a new object to
be written.

Regards
Henrik

Build failed in Jenkins: 3.2-matrix » obsd-48-x64 #220

2012-03-03 Thread noc 
See 


Changes:

[Amos Jeffries] Translations: Sync with 3.HEAD

[Amos Jeffries] Bug 3503: DNS PTR queries timeout due to wrong QIDs.

Supply query ID (rather than zero) to rfc3596BuildPTRQuery*() calls.

This code was broken since trunk r11015 "Fixed DNS query leaks and increased
defense against DNS cache poisoning" dated 2010-11-03.

[Amos Jeffries] Regression: snmp/udp address directives not resolving hostname

[Amos Jeffries] Better helper-to-Squid buffer size management.

The minimum buffer size is reduced from 8KB to 4KB after a squid-dev
discussion to prevent wasting of "several hundred KB of unused permanent
memory on some installations".

We now increase the buffer if we cannot parse the helper response message.

The maximum buffer size is now 32KB. This should be enough for all known
helper responses.

We now warn if the read buffer reaches its capacity and kill the offending
helper explicitly. An increase in maximum buffer capacity to 32KB should make
such events rare.

Motivation: ssl_crtd helper may produce responses exceeding 9907 bytes in size
(and possibly much larger if multiple chained certificates need to be returned
to Squid). The old helper.cc code would fill the read buffer completely,
schedule a read for zero bytes, receive zero bytes, declare an EOF condition,
and close the stream (which kills ssl_crtd).  Due to insufficient information
logged, the observable symptoms were pretty much the same as if ssl_crtd
closed the stream first, indicating a ssl_crtd bug.

[Amos Jeffries] Bug 3502: client timeout uses server-side read_timeout, not 
request_timeout

Also adjusts request_timeout description in squid.conf to clarify that
request_timeout applies to receiving complete HTTP request headers and not
just the first header byte or body. We reset the connection timeout to
clientLifetimeTimeout after parsing request headers.

https_port was correctly using Config.Timeout.request already.

[Amos Jeffries] Bug 3497: Bad ssl_crtd db size file causes infinite loop

The db size file may become empty when Squid runs out of disk space. Ignoring
db size reading errors led to bogus db sizes used as looping condition. This
fix honors reading errors and also terminates the loop when no more
certificates can be removed. Both errors and removal failure are fatal to
ssl_crtd.

A positive side-effect of this fix is one less call to the relatively
expensive file-reading size()/readSize() methods under normal conditions.

I also removed "minimum db size" check because it did not seem to be in sync
with other ssl_crtd parameters such as fs block size and because its overall
purpose was unclear. The check was also removed by the original bug reporter.

TODO: Remaining problems include: ssl_crtd should not exit just because it
cannot write something to disk. A proper reporting/debugging API is missing.

[Amos Jeffries] Log '-' on requests with no Referer or User-Agent headers

This data is actually meaningful for the analysis of client behaviour.

squid-dev have agreed that it is worth removing the old log behaviour of
omitting these entries.

[Amos Jeffries] Fix IPv6 site-local IP detection

RFC 4193 the site-local allocated range is fc00::/7.

Squid has been using IN6_IS_ADDR_SITELOCAL() but it turns out Linux and
OpenBSD at least still define that to test for the long obsolete fec0::/10.

[Amos Jeffries] Bug 3490: Crash writing Apache Common and Referer/Username logs

[Amos Jeffries] Bug 3381: 32-bit overflow assertion in StatHist

- StatHist refactoring
- StatCounters untangling from global symbol table
- Added StatHist unit tests, and moved algorithm consistency checks there.
- Expanded storage for histograms to 64-bit unsigned. (bug 3381)
- Inlined StatHist constructor, destructor and assignment operator.
- added protection against self-assignment
- Implemented stubs for StatHist.cc and mem.cc

--
[...truncated 5973 lines...]
Making uninstall in POP3
 ( cd 
'/tmp/am-dc-17491/
 && rm -f basic_pop3_auth )
Making uninstall in RADIUS
 ( cd 
'/tmp/am-dc-17491/
 && rm -f basic_radius_auth )
 ( cd 
'/tmp/am-dc-17491/
 && rm -f basic_radius_auth.8 )
Making uninstall in SMB
 ( cd 
'/tmp/am-dc-17491/
 && rm -f basic_smb_auth )
 ( cd 
'/tmp/am-dc-17491/
 && rm -f basic_smb_auth.sh )
Making uninstall

Build failed in Jenkins: 3.2-matrix » obsd-49-x86 #220

2012-03-03 Thread noc 
See 


Changes:

[Amos Jeffries] Translations: Sync with 3.HEAD

[Amos Jeffries] Bug 3503: DNS PTR queries timeout due to wrong QIDs.

Supply query ID (rather than zero) to rfc3596BuildPTRQuery*() calls.

This code was broken since trunk r11015 "Fixed DNS query leaks and increased
defense against DNS cache poisoning" dated 2010-11-03.

[Amos Jeffries] Regression: snmp/udp address directives not resolving hostname

[Amos Jeffries] Better helper-to-Squid buffer size management.

The minimum buffer size is reduced from 8KB to 4KB after a squid-dev
discussion to prevent wasting of "several hundred KB of unused permanent
memory on some installations".

We now increase the buffer if we cannot parse the helper response message.

The maximum buffer size is now 32KB. This should be enough for all known
helper responses.

We now warn if the read buffer reaches its capacity and kill the offending
helper explicitly. An increase in maximum buffer capacity to 32KB should make
such events rare.

Motivation: ssl_crtd helper may produce responses exceeding 9907 bytes in size
(and possibly much larger if multiple chained certificates need to be returned
to Squid). The old helper.cc code would fill the read buffer completely,
schedule a read for zero bytes, receive zero bytes, declare an EOF condition,
and close the stream (which kills ssl_crtd).  Due to insufficient information
logged, the observable symptoms were pretty much the same as if ssl_crtd
closed the stream first, indicating a ssl_crtd bug.

[Amos Jeffries] Bug 3502: client timeout uses server-side read_timeout, not 
request_timeout

Also adjusts request_timeout description in squid.conf to clarify that
request_timeout applies to receiving complete HTTP request headers and not
just the first header byte or body. We reset the connection timeout to
clientLifetimeTimeout after parsing request headers.

https_port was correctly using Config.Timeout.request already.

[Amos Jeffries] Bug 3497: Bad ssl_crtd db size file causes infinite loop

The db size file may become empty when Squid runs out of disk space. Ignoring
db size reading errors led to bogus db sizes used as looping condition. This
fix honors reading errors and also terminates the loop when no more
certificates can be removed. Both errors and removal failure are fatal to
ssl_crtd.

A positive side-effect of this fix is one less call to the relatively
expensive file-reading size()/readSize() methods under normal conditions.

I also removed "minimum db size" check because it did not seem to be in sync
with other ssl_crtd parameters such as fs block size and because its overall
purpose was unclear. The check was also removed by the original bug reporter.

TODO: Remaining problems include: ssl_crtd should not exit just because it
cannot write something to disk. A proper reporting/debugging API is missing.

[Amos Jeffries] Log '-' on requests with no Referer or User-Agent headers

This data is actually meaningful for the analysis of client behaviour.

squid-dev have agreed that it is worth removing the old log behaviour of
omitting these entries.

[Amos Jeffries] Fix IPv6 site-local IP detection

RFC 4193 the site-local allocated range is fc00::/7.

Squid has been using IN6_IS_ADDR_SITELOCAL() but it turns out Linux and
OpenBSD at least still define that to test for the long obsolete fec0::/10.

[Amos Jeffries] Bug 3490: Crash writing Apache Common and Referer/Username logs

[Amos Jeffries] Bug 3381: 32-bit overflow assertion in StatHist

- StatHist refactoring
- StatCounters untangling from global symbol table
- Added StatHist unit tests, and moved algorithm consistency checks there.
- Expanded storage for histograms to 64-bit unsigned. (bug 3381)
- Inlined StatHist constructor, destructor and assignment operator.
- added protection against self-assignment
- Implemented stubs for StatHist.cc and mem.cc

--
[...truncated 15035 lines...]
checking for OpenLDAP... no
checking for Sun LDAP SDK... no
checking for Mozilla LDAP SDK... no
checking for LDAP_REBINDPROC_CALLBACK... no
checking for LDAP_REBIND_PROC... no
checking for LDAP_REBIND_FUNCTION... no
checking for LDAP_SCOPE_DEFAULT... no
checking for struct ldap_url_desc.lud_scheme... no
checking for ldapssl_client_init in -lldap... no
checking for ldap_url_desc2str in -lldap... no
checking for ldap_url_parse in -lldap... no
checking for ldap_start_tls_s in -lldap... no
checking whether dbopen is declared... yes
checking if dbopen needs -ldb... ../configure: 
dbopen_libdb_krb5-config=krb5-config: not found
no
checking for backtrace_symbols_fd... no
checking for bcopy... yes
checking for bswap_16... no
checking for bswap_32... no
checking for bswap16... no
checking for bswap32... no
checking for fchmod... yes
checking for getdtablesize... yes
checking for getpagesize... yes
checking for getpass... yes
checking for getrlimit... yes
checking for getrusag