tor 2009-07-16 klockan 16:54 +1000 skrev Robert Collins:
I thought we put a unique id on the stateful helper protocol _way_ back.
Sigh :(
No, I couldn't when I implemented the concurent request protocol so it
only got done for stateless helpers. iirc I got stuck in trying to
unwind some of the
ons 2009-07-15 klockan 04:26 + skrev Ian Hickson:
On Tue, 14 Jul 2009, Alex Rousskov wrote:
WebSocket made the handshake bytes look like something Squid thinks it
understands. That is the whole point of the argument. You are sending an
HTTP-looking message that is not really an
ons 2009-07-15 klockan 07:34 + skrev Ian Hickson:
On Wed, 15 Jul 2009, Mark Nottingham wrote:
Upgrade is hop-by-hop, so it's pretty limiting.
Do man-in-the-middle proxies count as a hop for the purposes of HTTP?
When used as a surrogate it does.
The transparently interceping case is
tor 2009-07-16 klockan 01:44 + skrev Ian Hickson:
So Squid when used as a man-in-the-middle proxy will allow arbitrary
traffic through port 80 if it isn't HTTP traffic?
No, but support for tunneling WebSockets can be added, but not when it
looks and feels like a HTTP message.
This
ons 2009-07-15 klockan 07:18 + skrev Ian Hickson:
The reason we have a very strict handshake is because we don't want it to
be possible to trick a non-WebSocket-aware server into accepting a
connection (or similarly, having the client be tricked by the script into
accepting a
ons 2009-07-15 klockan 18:39 +1200 skrev Amos Jeffries:
Byte 5 through to the first of: two CRLF or one NULL byte. Specified as
step 1 through 11 by the looks of it.
Correctly operating:
* MUST remove the Upgrade: WebSocket\r\n bytes.
Yes/No depending on the context. If a normal forward
tor 2009-07-16 klockan 23:11 +1200 skrev Amos Jeffries:
The faux-request begins with: GET /path-bytes HTTP/1.1
It also contains Connection: Upgrade.
Only when not talking to a proxy. If a proxy is configured CONNECT is
used for setting up a tunnel first. See 3.1 Handshake, step 3.
For peers
tor 2009-07-16 klockan 23:15 +1200 skrev Amos Jeffries:
Right, following up on that I had a hunch and discovered that n_active
is already performing this duty. The bug is therefore in my earlier fix
using n_running as a base instead of n_active.
How does this new attached patch look to
mån 2009-07-13 klockan 18:51 -0600 skrev Alex Rousskov:
does not allow is not the same as does not specify. Those who think
that what is not forbidden is allowed, say that GET requests may have a
body... It would be nice for 2616bis to clarify that (one way or
another), but they are probably
tor 2009-07-02 klockan 17:59 -0700 skrev Jason Duell:
1) I have a quick question about the limitations that you put by
default on the CONNECT method. squid.conf contains
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
So squid by default only allows CONNECT to
tis 2009-07-14 klockan 23:35 +0200 skrev Henrik Nordstrom:
For what it's worth neither 81 or 815 is registered with IANA, and the
web-sockets draft you referenced has expired.
Correction, the draft is not expired as it was recently resubmitted to
IETF, but very much a work in progress
ons 2009-07-08 klockan 07:00 + skrev Ian Hickson:
Well, the client is a WebSocket client, so it can always generate the
exact byte sequence specified in the spec almost by definition. The server
side is restrictive, but should be implementable without too much trouble
so long as there
lör 2009-07-11 klockan 20:08 +1200 skrev Amos Jeffries:
It's most visible in rotate because Squid is intended to keep running
with a hot-swap of its logs. Previously the sequence was causing two
full sets of helpers to be started, and a period of overlap before the
async closure of the old
ons 2009-07-15 klockan 00:51 + skrev Ian Hickson:
Right -- and those things will prevent the connection, exactly as
intended. The idea is to make sure that if there is anything in between
that _isn't_ WebSocket-aware, the connection be dropped before the author
has any chance of sending
Hi Markus
i just saw this change which copies the user string a temporary buffer
only to \0 terminate it before printf
http://www.squid-cache.org/Versions/v3/3.0/changesets/b9061.patch
While entirely fine it's a little more complex than it need to be.
Instead of copying the unterminated
ons 2009-07-08 klockan 15:16 +1200 skrev Amos Jeffries:
CONNECT to port-80 by default is IMO not an option. It pretty much
defeats all the other HTTP-level security measures.
For what it's worth, RFC2817 Upgrading to TLS Within HTTP/1.1 requires
CONNECT to be accepted to port 80.
Not that I
ons 2009-07-08 klockan 00:34 +0300 skrev Tsantilas Christos:
Hi all,
Alex ask me to separate chunked request patch from icap access
logging patch as requested by Amos.
This is the chunked request patch developed by Alex.
From reading the patch there is a couple of problems:
a) Nothing
mån 2009-07-13 klockan 08:14 -0600 skrev Alex Rousskov:
Have you shared your opinion on the practicality of that MUST with the
2616bis folks? It looks like the specs should be adjusted if others
agree with the client knows better point of view in the proxy context.
This would certainly
fre 2009-07-03 klockan 23:48 +0900 skrev Mikio Kishi:
I guess it could be extended to respond with an SSL level error
notification in these cases, but not sure it's worth the effort.
Right. I think that just comm_close() is simple...
Closing is a lot simpler indeed, and needs to be done in
fre 2009-07-03 klockan 00:27 +1200 skrev Amos Jeffries:
Henrik,
do you know what change(s) need to be made or ported make this work?
http://www.squid-cache.org/bugs/show_bug.cgi?id=2624
Ugh.. that's a rather bad one..
Don't think there is anything that needs to be ported. Smells unique
ons 2009-07-01 klockan 16:45 -0400 skrev Jason Noble:
As mentioned in my previous e-mail, we are working to implement caching
of anonymous/authenticated versions of pages in a Zope/Plone
environment.
Ah..
As you probably know by now HTTP cache model isn't really designed for
that.. content
tis 2009-06-02 klockan 22:21 +1200 skrev Amos Jeffries:
AFAICT the config.test are only used on windows builds so it is indeed
likely not to have been built in a long time.
config.test is for any build specifying to build helpers of a specific
kind without specifying which ones. It then
fre 2009-06-26 klockan 12:05 -0600 skrev Alex Rousskov:
TODO: simply truncating read content would not work for pipelined
responses. We should preserve extra content for the next transaction on
a pconn.
Correct, and is a major reason NOT to do pipelining as it then becomes
impossible to
tor 2009-06-18 klockan 10:20 +1000 skrev Mark Nottingham:
because the request method is POST. However, the request headers don't
have Transfer-Encoding...
What am I missing? I know Bijayant is using Squid-3, but I'm observing
the same behaviour in my build of 2...
I don't. POST without
fre 2009-06-26 klockan 13:00 -0600 skrev Alex Rousskov:
It looks like you are working on a useful feature, but can you
explain in more detail what your patch does? Why is the feature called
SslConnect? Is it specific to tproxy environments or can it work with
any transparent Squid? Does
lör 2009-06-27 klockan 08:39 -0600 skrev Alex Rousskov:
Do you think this change should go in?
A strong + from me.
For what it's worth Squid-2 was fixed long ago. But it took quite some
iterations before all cases were covered.. When this condition is
detected it not only discards excess data
fre 2009-06-12 klockan 13:02 -0400 skrev Jason Noble:
I recently ran into a bug on Squid 2.7 regarding cached content with
ETags. Currently, if all cached entries for a URL include ETags, and a
request is received for said URL with no If-None-Match header, Squid
will serve a cached entry.
fre 2009-06-26 klockan 11:05 -0600 skrev Alex Rousskov:
On 06/16/2009 09:57 PM, Mark Nottingham wrote:
Thanks. Anybody else have a second to look?
Please s/fwdStartFoo/fwdContinue/ and document what it is. Since this is
Squid2 you do not have to do it, of course.
Your cbdata and request
sön 2009-06-28 klockan 14:18 -0600 skrev Alex Rousskov:
Ok, but can you tell what the patch does? Forwards raw SSL connections
to the next hop, as if Squid was a TCP proxy?
Yes.
Something else?
Not really. But supports both forwarded mode and standalone (connecting
direct, or via a parent
mån 2009-06-22 klockan 12:03 +0700 skrev johan firdianto:
I already add refresh pattern
refresh_pattern -i x 999888 100% 99 ignore-no-cache
ignore-reload override-expire override-lastmod reload-into-ims
this could help to force cache the object ?
Squid never caches POST responses.
mån 2009-06-22 klockan 19:46 +0700 skrev johan firdianto:
yes, absolutely.
In a file sharing sites, in order to download a file they use POST method.
after i analyze their uri of POST is unique enough. So whatever next
request post method, as long as uri of post method is same and
different
tor 2009-04-23 klockan 13:22 +1000 skrev Mark Nottingham:
OK. Henrik?
FWIW, I think this is the right way to do it -- a flag saying that
monitoring should be direct is backwards-compatible, easy for users to
understand, and addresses the use case.
Almost. The flag should make the
mån 2009-03-16 klockan 19:57 -0600 skrev Alex Rousskov:
libtool uses -whole-archive when adding a convenience library to a
shared library but does not use that option when adding a convenience
library to an executable.
It has to, as there is no dependencies to be resolved when building a
sön 2009-03-15 klockan 21:07 +1300 skrev Amos Jeffries:
Um, IMO these helper redefinitions we do not need.
There are conceptual problems still with not being able to simply go to
helper directory and 'make install' as long as they need libcompat from
a higher level directory.
Always been
tis 2009-02-24 klockan 14:38 +1300 skrev Amos Jeffries:
#define HERE __FILE__(__LINE__) __FUNCTION__:
__func__ is the standardized name, at least in C (C99).
+#ifdef __PRETTY_FUNCTION__
+#define MYNAME __PRETTY_FUNCTION__
+#else
+#define MYNAME __FUNCTION__
+#endif
That should not
ons 2009-02-25 klockan 12:10 +1100 skrev Mark Nottingham:
What am I missing? The most straightforward way that I can see to do
this is to add an identifier to clientHttpRequest and pass that to
debug where available...
That is what ctx_enter is about... There is not a single location
fre 2009-02-13 klockan 21:00 +0900 skrev Chris Goughnour:
I would like to squid as a reverse proxy, but the ability to purge
multiple objects from the cache based on wildcards is important to me.
Is there any interest in a patch for maintaining a list of cached
objects and allowing purging of
tis 2009-02-17 klockan 16:38 +0100 skrev Malik Cherif:
Hello,
I have one question regarding STABLE6 version, do you know when this one
will be available to download on squid-cache.org official website please ?
2.7.STABLE6 has been available for download quite some time, even before
the
mån 2009-02-16 klockan 14:27 +0100 skrev Steinar H. Gunderson:
I've reported dumps of these several times already. I'm not entirely sure
what more information you need.
Not sure either.
What I do know however is that valgrind traces in general gets very
unreliable unless Squid is built with
lör 2009-02-14 klockan 11:35 +0100 skrev Steinar H. Gunderson:
On Fri, Feb 13, 2009 at 09:20:24AM -0700, Alex Rousskov wrote:
Was --enable-valgrind used last time you reconfigured and rebuilt
Squid from scratch?
Yes. It didn't actually appear to do much, though.
In squid-3 it's
tor 2009-02-12 klockan 17:19 +0100 skrev Kinkie:
It would IMHO make sense to:
1. introduce StringNg::size_type, which should be a _signed_ 32-bit integer
2. introduce a static const StringNg::npos = -1 to be used in place of
std::string::npos
Or use size_t in the API while using a smaler type
fre 2009-02-13 klockan 10:25 -0700 skrev Alex Rousskov:
Your recollection is correct. I think it is even documented on the
Squid3 submission instructions wiki page.
Indeed it is.
http://wiki.squid-cache.org/MergeProcedure#head-3c69e15b207172e0eeb128fef209554218c60eda
A little more
ons 2009-02-11 klockan 19:06 -0700 skrev Alex Rousskov:
Is it possible that indirectly lost is not really lost?
Yes, as this is a trace at shutdown, and our module shutdown methods is
not very great.
Also not sure if this Squid was built with valgrind support or not. If
not then valgrind leak
allow out-of-tree builds and separate .opts files.
logfile creation moved to test-builds.sh, where it's used.
--verbose mode for showing the actual output while tests is running
test-build.sh generally cleaned up a bit with less duplicated code
# Bazaar merge directive format 2 (Bazaar 0.90)
ons 2009-02-11 klockan 14:56 +1300 skrev Amos Jeffries:
WHY:
* it's a security breach.
Why?
* it's the source of many permissions annoyances.
Yes.
* the setting is still widely recommended in online how-to's
Yes, and often for the wrong reasons.
* current Squid-3+ are perfectly
tor 2009-02-12 klockan 08:25 +1100 skrev Robert Collins:
On Wed, 2009-02-11 at 23:20 +0200, Tsantilas Christos wrote:
May I ask, about the votes, which is the procedure? Who is giving access
to bundlebuggy? Or it is something I do not need it?
I can add users, but I don't consider myself
tor 2009-02-12 klockan 12:30 +1300 skrev Amos Jeffries:
Overriding the underlying OS, which admin may understand, with behavior
they may not. Can cause them to enact less secure workarounds; I have
seen squid effective-user'd to the root UID not long ago.
cache_effective_user root is not
hnordstrom has voted approve.
Status is now: Semi-approved
Comment:
Fully agreed.
For details, see:
http://bundlebuggy.aaronbentley.com/project/squid/request/%3C1219614172.9762.2.camel%40loki.home.kinkie.it%3E
Project: Squid
hnordstrom has voted approve.
Status is now: Approved
Comment:
Looks fine, even if I don't really like the resulting code style here..
should preferably be rearranged so that all the HTTP_VIOLATIONS code is
in one block for clarity, but that may be done separately.
For details, see:
hnordstrom has voted approve.
Status is now: Approved
Comment:
Looks fine from what I can tell by reading the patch.
To answer one of the questions in the patch:
+char buckets[32]; /* Draft indicates 8x 32-bit buckets. ?? */
It's a bitmask. Does not matter if it's defined as 8x32bit or
hnordstrom has voted approve.
Status is now: Semi-approved
For details, see:
http://bundlebuggy.aaronbentley.com/project/squid/request/%3C49759168.2080600%40treenet.co.nz%3E
Project: Squid
hnordstrom has voted abstain.
Status is now: Waiting
Comment:
No opinion on this one.
For details, see:
http://bundlebuggy.aaronbentley.com/project/squid/request/%3C4976E2A2.6010004%40treenet.co.nz%3E
Project: Squid
Was seen on info@, forwarded to squid-dev@ in case it's still relevant.
Vidarebefordrat meddelande
Från: chudy fernandez chudy_fernan...@yahoo.com
Till: adr...@squid-cache.org
Ämne: diff file for 302 loop bug when using storeurl
Datum: Wed, 5 Nov 2008 08:04:48 -0800 (PST)
tor 2009-02-05 klockan 15:13 +0100 skrev Kinkie:
while working on string-fix I stumbled upon urn support code.
There's quite a lot of it, but.. is anyone actually using it?
URNs are a very nice idea, but it never really took off, and AFAIK
it's not being used anymore.
As far as I know
tor 2009-02-05 klockan 12:08 +0100 skrev Kinkie:
Hi all,
here's a re-take of the string-fix initial merge.
Compared to the retired first attempt it:
- fixes the issues Tsantilas Christos found out about
- implements String::find
- some more users analyzed and fixed.
For what's
fre 2009-02-06 klockan 10:07 +1100 skrev Mark Nottingham:
If I have a peer and it has collapsed_forwarding on, at what point
will it return an ICP_HIT to me? E.g.,
1) As soon as there's an outstanding (therefore collapsed) request for
it?
2) As soon as there's a cacheable response
fre 2009-01-30 klockan 08:09 -0700 skrev Alex Rousskov:
On 01/29/2009 04:10 PM, Henrik Nordstrom wrote:
Note: HTTP isn't really designed for content transforming proxies, and
many things gets a little shaky in such environment. gzip/deflate by
proxies is really intended to be done
tor 2009-01-29 klockan 23:27 +0100 skrev Constantin Rack:
(b) Concerning the ETag and If-* headers, I am open to your comments.
How should we deal with them? Simply adding a GZ suffix to the ETag,
if available?
Either delete ETag + Content-Location on any transformed entity, or make
a
Hi,
how does the gzip module handle the ETag and it's reladed
If-None-Match/If-Match/If-Range headers?
Regards
Henrik
ons 2009-01-28 klockan 20:26 +0200 skrev Tsantilas Christos:
My question is which is the normal procedure about applying such
patches? Should I open a bug report about possible bug? I am just
applying the patch and you are deciding if it should be applied to
squid*-* branches?
Apply it to
tis 2009-01-27 klockan 17:36 +0530 skrev sameer shinde:
Whenever I visit squid-cache.org site. I always have a doubt is,
why there are multiple stable version available for production release?
What i mean is, when there is 3.0 stable release is available for production,
then still why 2.7 is
lör 2009-01-24 klockan 19:16 +0200 skrev Tsantilas Christos:
I am trying to commit on squid3 trunk but I am getting the folllowing
error:
bzr: ERROR: Cannot lock
LockDir(chroot-141862124:///bzr/squid3/trunk/.bzr/branch/lock):
Permission denied:
Yet another answer to the IRC meeting
It was me that proposed read I/O buffers is created by the I/O layer who
feeds it to the upper layers. There is several reasons to this
- Amount needed not known until available, other than an upper bound.
- It's uncertain when the data will be available,
I am in the same field as Adrian on this. Do not implement consume
operation where data is actually moved.
When reading from network, part of a memory area is consumed. When it's
full a new area is allocated and the old is forgotten (will get
deallocated when the refcounts held by String:s to
fre 2009-01-16 klockan 12:53 -0500 skrev Adrian Chadd:
So far, so good. It turns out doing this as an intermediary step
worked out better than trying to replace the String code in its
entirety with replacement code which doesn't assume NUL terminated
strings.
Just a thought, but is there
tis 2009-01-20 klockan 18:48 +0100 skrev Guido Serassio:
At 13.12 20/01/2009, Henrik Nordstrom wrote:
bzr has been upgraded to 1.11 on squid-cache.org. This release reporedly
includes support for case-insensitive filesystems (i.e. Windows).
Any news on the line ending side ?
There seems
My opinions on the subject:
Buffer operates on octets and nothing but octets, where each octet is a
8-bit unsigned integer.
String is encoding aware, decomposing those octets into characters.
But I don't see why we would ever need to support UCS-2 or other
multi-byte encodings. As far as the
ons 2009-01-21 klockan 09:37 -0700 skrev Alex Rousskov:
You do not propose a class dedicated to I/O buffers. I think we would
benefit from having such a class, but we can add it later, possibly as a
part of vectorizing work. Do you want the low-level I/O code to use
Buffer, for now?
bzr has been upgraded to 1.11 on squid-cache.org. This release reporedly
includes support for case-insensitive filesystems (i.e. Windows).
Regards
Henrik
tor 2008-12-18 klockan 10:27 -0500 skrev Adrian Chadd:
The changes can be viewed at
http://bazaar.launchpad.net/~adrian-squid-cache/squid/adrian_src_reorganise/
.
I'll post again when I've finished the debug code shuffle so I can
figure out the right way to submit the change request.
bzr
What is the current status of 3.0.STABLE11?
3.0.STABLE10 has already hit several major distributions, mostly without
that critical bugfix.
FreeBSD ports, Fedora 9 10, possibly others..
Regards
Henrik
Most likely
Squid FAQ: Some sites load extremely slowly or not at all
http://wiki.squid-cache.org/SquidFaq/SystemWeirdnesses#head-4920199b311ce7d20b9a0d85723fd5d0dfc9bc84
See also the related knowledgebase article
http://wiki.squid-cache.org/KnowledgeBase/BrokenWindowSize
Regards
Henrik
tis
ons 2008-12-17 klockan 16:12 -0500 skrev Adrian Chadd:
So is there any reason whatsoever that it can't be committed to
Squid-2.HEAD as-is, and at least backported (but not committed to
start with) to squid-2.7?
I am a bit uneasy about adding features known to be flawed in design.
Once the
tor 2008-12-11 klockan 13:41 -0700 skrev Alex Rousskov:
Ah, I see. We already have a visible host name option for that and it
accepts non-FQDNs, right?
Right.
I agree that this requirement is rather
idealistic, but I would like to hear why Kinkie would prefer to keep it.
What are we
tor 2008-12-11 klockan 11:08 +0100 skrev Guido Serassio:
Hi,
On Sourceforge, squid 3 .gif files in the icons folder are missing.
The problem is in devel.sync, where .gif are filtered. I have already
updated the website version of devel.sync, but this is not the running copy.
Seems to be
bzr on squid-cache.org has been updated to 1.10.
Regards
Henrik
tor 2008-12-11 klockan 11:45 +0100 skrev Guido Serassio:
Using cvsview I can see the files marked dead without a cvs revision.
Probably the missing merge is coming from the old .cvsignore file,
that I have changed AFTER the cvsmerge instead of BEFORE
Or more likely there was a silent
src/ depends on ../test-suite/ somehow, making distclean race with
itself and make crashing as the dependencies db in ../test-suite has
been removed when distclean runs in src..
Regards
Henrik
fixed, together with a bunch of other dist/clean/distclean issues.
ons 2008-12-10 klockan 19:43 +0100 skrev Henrik Nordstrom:
src/ depends on ../test-suite/ somehow, making distclean race with
itself and make crashing as the dependencies db in ../test-suite has
been removed when distclean runs
tis 2008-12-09 klockan 15:55 +1300 skrev Amos Jeffries:
I believe this is due to the commit you made an hour before reporting this
(at 2.11am) which added squid_kerb_auth/Makefile to the list of files
generated by squid/configure.
That makefile should only be created/altered by
tis 2008-12-09 klockan 23:39 +1300 skrev Amos Jeffries:
I'm thinking it maybe was a mistake to shortcut the configure timing by
making the sub-configure optional.
Probably is.
What I have seen other projects do is instead to make the sub-configure
build set up the build as a nop unless the
tis 2008-12-09 klockan 19:07 +0100 skrev András Mikó:
It is: how does squid-cache handle authenticators, which exits in
middle of running?
- will they be restarted, or
- just left alone killed.
the request is automatically retried on the next available helper.
If 50% of the configured
Squid has since forever insisted on the local server name to be a fully
qualified hostname. However, in most cases this does not really matter
and is a big headache for less experienced admins.
Is there really any reason to keep this as a strict requirement, or
should we downgrade it to just a
ons 2008-12-03 klockan 00:26 -0200 skrev Lucas Brasilino:
Since when there's a POST request without 'Content-Length' header
rises an error, I was
playing around (just for fun) to add this header to request before the
request headers gets processed. I've tried to add
a code like:
That's the
After analyzing a large cache with significantly declining hit ratio
over the last months I have came to the conclusion that the removal of
cache deny QUERY can have a very negative impact on hit ratio, this due
to a number of flash video sites (youtube, google, various porno sites
etc) who
mån 2008-12-01 klockan 09:40 -0500 skrev Adrian Chadd:
Hm, thats kind of interesting actually. Whats it displacing from the
cache? Is the drop of hit ratio due to the removal of other cachable
large objects, or other cachable small objects? Is it -just- flash
video thats exhibiting this
mån 2008-12-01 klockan 11:00 -0500 skrev Tres Seaver:
Having a single recommended config seems dubious: I for one never
run squid as a forward proxy, for instance. We should probably split
apart the default / recommended forward and reverse configurations
(which are just starting points,
Isn't the real question who called FwdState::complete()? It's only meant
to be called when all data has been placed into the entry, not before..
tis 2008-12-02 klockan 00:56 +1300 skrev Amos Jeffries:
revno: 9386
committer: Amos
tis 2008-12-02 klockan 12:35 +1300 skrev Amos Jeffries:
A global blockade is a little harsh when it's only a few offenders.
If we can locate a pattern to match just these sites while any dialog is
going on I'd be happy to support a reversal for just them. That would keep
most of the main
lör 2008-11-29 klockan 01:40 +1300 skrev Amos Jeffries:
Question then to the more informed, is it better to make StoreIOBuffer
accept a ssize_t or revert the patch?
Generally size_t should be used. ssize_t only exists to support return
values 0 as errors..
The reason for having it in the
fre 2008-11-28 klockan 11:46 +1100 skrev Mark Nottingham:
From http://www.squid-cache.org/Versions/v2/2.7/cfgman/
cache_peer.html:
use 'htcp' to send HTCP, instead of ICP, queries to the neighbor.
You probably also want to set the icp port to 4827 instead of
3130. You must also allow
On tor, 2008-11-27 at 14:21 +1100, Mark Nottingham wrote:
I've been playing around with associating specific requests with the
debug output they generate, with a simple patch to _db_print along
these lines:
if (Config.Log.accesslogs Config.Log.accesslogs-logfile) {
seqnum =
fre 2008-11-28 klockan 10:34 +1100 skrev Mark Nottingham:
Agreed. How would you pass it into debug()? It looks like _db_print
already takes variable length args,
By adding it to the context already used by _db_print.. i.e. by
extending ctx_enter to take the sequence number in addition to
On sön, 2008-11-23 at 19:31 +0100, Philipp wrote:
I would like to bump requests to sites with invalid certificates only.
Sites that have valid SSL certificates should not be bumped (bump decision
based on valitidy of the SSL cert).
That is somewhat hard to accomplish due to the way ssl
[moved to squid-dev without cc to original poster]
On tis, 2008-11-18 at 23:25 +1300, Amos Jeffries wrote:
Henrik Nordstrom wrote:
On tis, 2008-11-18 at 21:14 +1300, Amos Jeffries wrote:
Do you have the same 64/32 bit settings and --with-large-files on both
builds?
Didn't we make
On mån, 2008-11-10 at 19:48 +0100, Luigi Gangitano wrote:
is older than the others, may I ask what scheme is planned for the 3.1
release? The first stable version will be 3.1.0 or 3.1.1 or 3.1.STABLE1?
3.1.0.x
3.1.1
3.1.2
etc..
then next cycle
3.2.0.X
3.2.1
3.2.2
We got tired of the over
On mån, 2008-11-10 at 14:54 +0100, Willi Herzig wrote:
is there any support of squid to validate DNS queries using DNSSEC (DNS
Security Extensions)? Or is it planned?
Not at this time. But if the local resolver daemon supports DNSSEC then
if I am not mistaken Squid should be able to take
There is a Fedora user request for proper support of odd netmasks in IP
acls: https://bugzilla.redhat.com/show_bug.cgi?id=470709
Quote from Fedora bug report:
Any valid network mask should be usable, especially as there
appears to be an increasing tendency for very large
squid-cache.org bzr updated to 1.9, bzrtools 1.9.1
signature.asc
Description: This is a digitally signed message part
On tor, 2008-11-06 at 14:57 +1300, Amos Jeffries wrote:
Most of the credit goes to you though Henrik for seeing the need and
actioning it.
The need has been seen for quite some time. I tried to nudge the Visolve
team into this direction when they started their effort..
That stylesheet
201 - 300 of 2137 matches
Mail list logo
