Hi, I will merge this this time, but please do these things in several commits in the future. Best, -Michael On Tue, 2016-04-26 at 18:50 +0200, Matthias Fischer wrote: > The 'configure'-options were sorted (kind of) to get a better overview. > > Added latest patches from upstream. > > Changed '--enable-async-io=8' to '--enable-async-io=16' because of > http://www.squid-cache.org/mail-archive/squid-users/200705/0768.html : > > "The default number of threads is dependent on the number of aufs > cache_dir lines, based on a reasonable estimate of how the code behaves." > > Signed-off-by: Matthias Fischer > --- >  lfs/squid                         |  28 ++-- >  src/patches/squid-3.4-13233.patch | 274 > ++++++++++++++++++++++++++++++++++++++ >  src/patches/squid-3.4-13234.patch |  33 +++++ >  src/patches/squid-3.4-13235.patch |  97 ++++++++++++++ >  4 files changed, 420 insertions(+), 12 deletions(-) >  create mode 100644 src/patches/squid-3.4-13233.patch >  create mode 100644 src/patches/squid-3.4-13234.patch >  create mode 100644 src/patches/squid-3.4-13235.patch > > diff --git a/lfs/squid b/lfs/squid > index 7e41c16..6725a6e 100644 > --- a/lfs/squid > +++ b/lfs/squid > @@ -75,6 +75,10 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) >   cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4- > 13230.patch >   cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4- > 13231.patch >   cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4- > 13232.patch > + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4- > 13233.patch > + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4- > 13234.patch > + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4- > 13235.patch > + >   cd $(DIR_APP) && autoreconf -vfi >   cd $(DIR_APP)/libltdl && autoreconf -vfi >   > @@ -85,11 +89,15 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) >   --mandir=/usr/share/man \ >   --libexecdir=/usr/lib/squid \ >   --localstatedir=/var \ > - --disable-ipv6 \ >   --disable-ssl \ > - --enable-poll \ >   --disable-icmp \ >   --disable-wccp \ > + --disable-wccpv2 \ > + --disable-kqueue \ > + --disable-esi \ > + --disable-arch-native \ > + --disable-ipv6 \ > + --enable-poll \ >   --enable-ident-lookups \ >   --enable-storeio="aufs,diskd,ufs" \ >   --enable-underscores \ > @@ -107,26 +115,22 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) >   --enable-url-rewrite-helpers \ >   --enable-build-info \ >   --enable-eui \ > - --with-pthreads \ > - --with-dl \ > - --with-filedescriptors=$$(( 16384 * 64 )) \ > - --with-large-files \ > - --with-aio \ > - --enable-async-io=8 \ > + --enable-async-io=16 \ >   --enable-unlinkd \ >   --enable-internal-dns \ >   --enable-epoll \ > - --disable-kqueue \ >   --enable-select \ >   --enable-cache-digests \ >   --enable-forw-via-db \ >   --enable-htcp \ >   --enable-kill-parent-hack \ > - --disable-wccpv2 \ >   --enable-icap-client \ > - --disable-esi \ >   --enable-zph-qos \ > - --disable-arch-native > + --with-pthreads \ > + --with-dl \ > + --with-filedescriptors=$$(( 16384 * 64 )) \ > + --with-large-files \ > + --with-aio >   >   cd $(DIR_APP) && make $(MAKETUNING) >   cd $(DIR_APP) && make install > diff --git a/src/patches/squid-3.4-13233.patch b/src/patches/squid-3.4- > 13233.patch > new file mode 100644 > index 0000000..d657838 > --- /dev/null > +++ b/src/patches/squid-3.4-13233.patch > @@ -0,0 +1,274 @@ > +------------------------------------------------------------ > +revno: 13233 > +revision-id: squid3(a)treenet.co.nz-20160420063907-hcnf4qmcg5hbjc11 > +parent: squid3(a)treenet.co.nz-20160330141410-t6p2dhzr8ri36fap > +committer: Amos Jeffries > +branch nick: 3.4 > +timestamp: Wed 2016-04-20 18:39:07 +1200 > +message: > +  cachemgr.cgi: use dynamic MemBuf for internal content generation > +   > +  Using a fixed size buffer limits how big content lines can be. Modern > +  HTTP is fast reaching the point where such limits are problematic. > +  Also fixes incorrect uses of snprintf() by removing them. > +------------------------------------------------------------ > +# Bazaar merge directive format 2 (Bazaar 0.90) > +# revision_id: squid3(a)treenet.co.nz-20160420063907-hcnf4qmcg5hbjc11 > +# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4 > +# testament_sha1: 161e86814f6f14d74557a3fa169b37b6601c08a1 > +# timestamp: 2016-04-20 06:50:57 +0000 > +# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4 > +# base_revision_id: squid3(a)treenet.co.nz-20160330141410-\ > +#   t6p2dhzr8ri36fap > +#  > +# Begin patch > +=== modified file 'src/tests/stub_cbdata.cc' > +--- src/tests/stub_cbdata.cc 2012-11-01 10:31:28 +0000 > ++++ src/tests/stub_cbdata.cc 2016-04-20 06:39:07 +0000 > +@@ -5,7 +5,13 @@ > + #include "tests/STUB.h" > +  > + void cbdataRegisterWithCacheManager(void) STUB > +- > ++void *cbdataInternalAlloc(cbdata_type type, const char *, int sz) { > ++    return xcalloc(1, sz); > ++} > ++void *cbdataInternalFree(void *p, const char *, int) { > ++    xfree(p); > ++    return nullptr; > ++} > + #if USE_CBDATA_DEBUG > + void *cbdataInternalAllocDbg(cbdata_type type, const char *, int) > STUB_RETVAL(NULL) > + void *cbdataInternalFreeDbg(void *p, const char *, int) STUB_RETVAL(NULL) > + > +=== modified file 'src/tests/stub_mem.cc' > +--- src/tests/stub_mem.cc 2012-08-29 07:29:35 +0000 > ++++ src/tests/stub_mem.cc 2016-04-20 06:39:07 +0000 > +@@ -5,7 +5,7 @@ > + #include "squid.h" > +  > + #define STUB_API "stub_mem.cc" > +-#include "STUB.h" > ++#include "tests/STUB.h" > + #include "Mem.h" > +  > + void > + > +=== modified file 'tools/Makefile.am' > +--- tools/Makefile.am 2014-04-06 04:37:08 +0000 > ++++ tools/Makefile.am 2016-04-20 06:39:07 +0000 > +@@ -35,15 +35,24 @@ > + stub_debug.cc: $(top_srcdir)/src/tests/stub_debug.cc > +  cp $(top_srcdir)/src/tests/stub_debug.cc . > +  > ++MemBuf.cc: $(top_srcdir)/src/MemBuf.cc > ++ cp $(top_srcdir)/src/MemBuf.cc $@ > ++ > + time.cc: $(top_srcdir)/src/time.cc > +  cp $(top_srcdir)/src/time.cc . > +  > ++stub_cbdata.cc: $(top_srcdir)/src/tests/stub_cbdata.cc > ++ cp $(top_srcdir)/src/tests/stub_cbdata.cc $@ > ++ > ++stub_mem.cc: $(top_srcdir)/src/tests/stub_mem.cc > ++ cp $(top_srcdir)/src/tests/stub_mem.cc $@ > ++ > + # stock tools for unit tests - library independent versions of dlink_list > + # etc. > + # globals.cc is needed by test_tools.cc. > + # Neither of these should be disted from here. > + TESTSOURCES= test_tools.cc > +-CLEANFILES += test_tools.cc stub_debug.cc time.cc > ++CLEANFILES += test_tools.cc MemBuf.cc stub_debug.cc time.cc stub_cbdata.cc > stub_mem.cc > +  > + ## ##### helper-mux ##### > +  > +@@ -74,7 +83,10 @@ > + libexec_PROGRAMS = cachemgr$(CGIEXT) > +  > + cachemgr__CGIEXT__SOURCES = cachemgr.cc \ > ++ MemBuf.cc \ > ++ stub_cbdata.cc \ > +  stub_debug.cc \ > ++ stub_mem.cc \ > +  test_tools.cc \ > +  time.cc > +  > + > +=== modified file 'tools/cachemgr.cc' > +--- tools/cachemgr.cc 2015-01-09 10:32:57 +0000 > ++++ tools/cachemgr.cc 2016-04-20 06:39:07 +0000 > +@@ -35,6 +35,7 @@ > + #include "getfullhostname.h" > + #include "html_quote.h" > + #include "ip/Address.h" > ++#include "MemBuf.h" > + #include "rfc1123.h" > + #include "rfc1738.h" > + #include "util.h" > +@@ -460,8 +461,8 @@ > +     return url; > + } > +  > +-static const char * > +-munge_menu_line(const char *buf, cachemgr_request * req) > ++static void > ++munge_menu_line(MemBuf &out, const char *buf, cachemgr_request * req) > + { > +     char *x; > +     const char *a; > +@@ -469,15 +470,14 @@ > +     const char *p; > +     char *a_url; > +     char *buf_copy; > +-    static char html[2 * 1024]; > +- > +-    if (strlen(buf) < 1) > +-        return buf; > +- > +-    if (*buf != ' ') > +-        return buf; > +- > +-    buf_copy = x = xstrdup(buf); > ++ > ++    const char bufLen = strlen(buf); > ++    if (bufLen < 1 || *buf != ' ') { > ++        out.append(buf, bufLen); > ++        return; > ++    } > ++ > ++    buf_copy = x = xstrndup(buf, bufLen); > +  > +     a = xstrtok(&x, '\t'); > +  > +@@ -489,59 +489,56 @@ > +  > +     /* no reason to give a url for a disabled action */ > +     if (!strcmp(p, "disabled")) > +-        snprintf(html, sizeof(html), "
  • %s (disabled) HREF=\"%s\">.\n", d, a_url); > ++        out.Printf("
  • %s (disabled) HREF=\"%s\">.\n", d, a_url); > +     else > +         /* disable a hidden action (requires a password, but password is not > in squid.conf) */ > +         if (!strcmp(p, "hidden")) > +-            snprintf(html, sizeof(html), "
  • %s (hidden) HREF=\"%s\">.\n", d, a_url); > ++            out.Printf("
  • %s (hidden) HREF=\"%s\">.\n", d, a_url); > +         else > +             /* disable link if authentication is required and we have no > password */ > +             if (!strcmp(p, "protected") && !req->passwd) > +-                snprintf(html, sizeof(html), "
  • %s > (requires authentication).\n", > +-                         d, menu_url(req, "authenticate"), a_url); > ++                out.Printf("
  • %s (requires href=\"%s\">authentication).\n", > ++                           d, menu_url(req, "authenticate"), a_url); > +             else > +                 /* highlight protected but probably available entries */ > +                 if (!strcmp(p, "protected")) > +-                    snprintf(html, sizeof(html), "
  • HREF=\"%s\">%s\n", > +-                             a_url, d); > ++                    out.Printf("
  • color=\"#FF0000\">%s\n", > ++                               a_url, d); > +  > +     /* public entry or unknown type of protection */ > +                 else > +-                    snprintf(html, sizeof(html), "
  • HREF=\"%s\">%s\n", a_url, d); > ++                    out.Printf("
  • %s\n", > a_url, d); > +  > +     xfree(a_url); > +  > +     xfree(buf_copy); > +- > +-    return html; > + } > +  > +-static const char * > +-munge_other_line(const char *buf, cachemgr_request * req) > ++static void > ++munge_other_line(MemBuf &out, const char *buf, cachemgr_request *) > + { > +     static const char *ttags[] = {"td", "th"}; > +  > +-    static char html[4096]; > +     static int table_line_num = 0; > +     static int next_is_header = 0; > +     int is_header = 0; > +     const char *ttag; > +     char *buf_copy; > +     char *x, *p; > +-    int l = 0; > +     /* does it look like a table? */ > +  > +     if (!strchr(buf, '\t') || *buf == '\t') { > +         /* nope, just text */ > +-        snprintf(html, sizeof(html), "%s%s", > +-                 table_line_num ? "\n
    " : "", html_quote(buf));
> ++        if (table_line_num)
> ++            out.append("\n
    ", 14);
> ++        out.Printf("%s", html_quote(buf));
> +         table_line_num = 0;
> +-        return html;
> ++        return;
> +     }
> + 
> +     /* start html table */
> +     if (!table_line_num) {
> +-        l += snprintf(html + l, sizeof(html) - l, "
     cellpadding=\"2\" cellspacing=\"1\">\n");
> ++        out.append("
    \n",
> 46);
> +         next_is_header = 0;
> +     }
> + 
> +@@ -551,7 +548,7 @@
> +     ttag = ttags[is_header];
> + 
> +     /* record starts */
> +-    l += snprintf(html + l, sizeof(html) - l, "");
> ++    out.append("", 4);
> + 
> +     /* substitute '\t' */
> +     buf_copy = x = xstrdup(buf);
> +@@ -568,18 +565,17 @@
> +             ++x;
> +         }
> + 
> +-        l += snprintf(html + l, sizeof(html) - l, "<%s colspan=\"%d\"
> align=\"%s\">%s",
> +-                      ttag, column_span,
> +-                      is_header ? "center" : is_number(cell) ? "right" :
> "left",
> +-                      html_quote(cell), ttag);
> ++        out.Printf("<%s colspan=\"%d\" align=\"%s\">%s",
> ++                   ttag, column_span,
> ++                   is_header ? "center" : is_number(cell) ? "right" :
> "left",
> ++                   html_quote(cell), ttag);
> +     }
> + 
> +     xfree(buf_copy);
> +     /* record ends */
> +-    snprintf(html + l, sizeof(html) - l, "\n");
> ++    out.append("\n", 6);
> +     next_is_header = is_header && strstr(buf, "\t\t");
> +     ++table_line_num;
> +-    return html;
> + }
> + 
> + static const char *
> +@@ -736,14 +732,18 @@
> +             /* yes, fall through, we do not want to loose the first line */
> + 
> +         case isBody:
> ++        {
> +             /* interpret [and reformat] cache response */
> +-
> ++            MemBuf out;
> ++            out.init();
> +             if (parse_menu)
> +-                fputs(munge_menu_line(buf, req), stdout);
> ++                munge_menu_line(out, buf, req);
> +             else
> +-                fputs(munge_other_line(buf, req), stdout);
> ++                munge_other_line(out, buf, req);
> + 
> +-            break;
> ++            fputs(out.buf, stdout);
> ++        }
> ++        break;
> + 
> +         case isForward:
> +             /* forward: no modifications allowed */
> +
> diff --git a/src/patches/squid-3.4-13234.patch b/src/patches/squid-3.4-
> 13234.patch
> new file mode 100644
> index 0000000..6f701fa
> --- /dev/null
> +++ b/src/patches/squid-3.4-13234.patch
> @@ -0,0 +1,33 @@
> +------------------------------------------------------------
> +revno: 13234
> +revision-id: squid3(a)treenet.co.nz-20160420101437-36eofkldxfku61kj
> +parent: squid3(a)treenet.co.nz-20160420063907-hcnf4qmcg5hbjc11
> +committer: Amos Jeffries 
> +branch nick: 3.4
> +timestamp: Wed 2016-04-20 22:14:37 +1200
> +message:
> +  nullptr is a C++11 feature
> +------------------------------------------------------------
> +# Bazaar merge directive format 2 (Bazaar 0.90)
> +# revision_id: squid3(a)treenet.co.nz-20160420101437-36eofkldxfku61kj
> +# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
> +# testament_sha1: 0f9f2a5b29a7ef02befe2a4e2e6357ef4bcffbce
> +# timestamp: 2016-04-20 10:51:03 +0000
> +# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
> +# base_revision_id: squid3(a)treenet.co.nz-20160420063907-\
> +#   hcnf4qmcg5hbjc11
> +# 
> +# Begin patch
> +=== modified file 'src/tests/stub_cbdata.cc'
> +--- src/tests/stub_cbdata.cc	2016-04-20 06:39:07 +0000
> ++++ src/tests/stub_cbdata.cc	2016-04-20 10:14:37 +0000
> +@@ -10,7 +10,7 @@
> + }
> + void *cbdataInternalFree(void *p, const char *, int) {
> +     xfree(p);
> +-    return nullptr;
> ++    return NULL;
> + }
> + #if USE_CBDATA_DEBUG
> + void *cbdataInternalAllocDbg(cbdata_type type, const char *, int)
> STUB_RETVAL(NULL)
> +
> diff --git a/src/patches/squid-3.4-13235.patch b/src/patches/squid-3.4-
> 13235.patch
> new file mode 100644
> index 0000000..e380225
> --- /dev/null
> +++ b/src/patches/squid-3.4-13235.patch
> @@ -0,0 +1,97 @@
> +------------------------------------------------------------
> +revno: 13235
> +revision-id: squid3(a)treenet.co.nz-20160420111514-4hpxglbn9k15l5sa
> +parent: squid3(a)treenet.co.nz-20160420101437-36eofkldxfku61kj
> +committer: Amos Jeffries 
> +branch nick: 3.4
> +timestamp: Wed 2016-04-20 23:15:14 +1200
> +message:
> +  Fix several ESI element construction issues
> +  
> +  * Do not wrap active logic in assert().
> +  
> +  * Fix localbuf array bounds checking.
> +  
> +  * Add Must() conditions to verify array writes will succeed
> +------------------------------------------------------------
> +# Bazaar merge directive format 2 (Bazaar 0.90)
> +# revision_id: squid3(a)treenet.co.nz-20160420111514-4hpxglbn9k15l5sa
> +# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
> +# testament_sha1: e95687b13c98667ab09966e7f94d511ca3e6ad96
> +# timestamp: 2016-04-20 11:18:22 +0000
> +# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
> +# base_revision_id: squid3(a)treenet.co.nz-20160420101437-\
> +#   36eofkldxfku61kj
> +# 
> +# Begin patch
> +=== modified file 'src/esi/Esi.cc'
> +--- src/esi/Esi.cc	2013-06-27 15:58:46 +0000
> ++++ src/esi/Esi.cc	2016-04-20 11:15:14 +0000
> +@@ -991,7 +991,7 @@
> +     ESIElement::Pointer element;
> +     int specifiedattcount = attrCount * 2;
> +     char *position;
> +-    assert (ellen < sizeof (localbuf)); /* prevent unexpected overruns. */
> ++    Must(ellen < sizeof(localbuf)); /* prevent unexpected overruns. */
> + 
> +     debugs(86, 5, "ESIContext::Start: element '" << el << "' with " <<
> specifiedattcount << " tags");
> + 
> +@@ -1005,15 +1005,17 @@
> +         /* Spit out elements we aren't interested in */
> +         localbuf[0] = '<';
> +         localbuf[1] = '\0';
> +-        assert (xstrncpy (&localbuf[1], el, sizeof(localbuf) - 2));
> ++        xstrncpy(&localbuf[1], el, sizeof(localbuf) - 2);
> +         position = localbuf + strlen (localbuf);
> + 
> +         for (i = 0; i < specifiedattcount && attr[i]; i += 2) {
> ++            Must(static_cast(position - localbuf) < sizeof(localbuf)
> - 1);
> +             *position = ' ';
> +             ++position;
> +             /* TODO: handle thisNode gracefully */
> +-            assert (xstrncpy (position, attr[i], sizeof(localbuf) +
> (position - localbuf)));
> ++            xstrncpy(position, attr[i], sizeof(localbuf) - (position -
> localbuf));
> +             position += strlen (position);
> ++            Must(static_cast(position - localbuf) < sizeof(localbuf)
> - 2);
> +             *position = '=';
> +             ++position;
> +             *position = '\"';
> +@@ -1022,18 +1024,21 @@
> +             char ch;
> +             while ((ch = *chPtr++) != '\0') {
> +                 if (ch == '\"') {
> +-                    assert( xstrncpy(position, """, sizeof(localbuf) +
> (position-localbuf)) );
> ++                    Must(static_cast(position - localbuf) <
> sizeof(localbuf) - 6);
> ++                    xstrncpy(position, """, sizeof(localbuf) -
> (position-localbuf));
> +                     position += 6;
> +                 } else {
> ++                    Must(static_cast(position - localbuf) <
> sizeof(localbuf) - 1);
> +                     *position = ch;
> +                     ++position;
> +                 }
> +             }
> +-            position += strlen (position);
> ++            Must(static_cast(position - localbuf) < sizeof(localbuf)
> - 1);
> +             *position = '\"';
> +             ++position;
> +         }
> + 
> ++        Must(static_cast(position - localbuf) < sizeof(localbuf) -
> 2);
> +         *position = '>';
> +         ++position;
> +         *position = '\0';
> +@@ -1119,11 +1124,11 @@
> +     switch (ESIElement::IdentifyElement (el)) {
> + 
> +     case ESIElement::ESI_ELEMENT_NONE:
> +-        assert (ellen < sizeof (localbuf)); /* prevent unexpected overruns.
> */
> ++        Must(ellen < sizeof(localbuf) - 3); /* prevent unexpected overruns.
> */
> +         /* Add elements we aren't interested in */
> +         localbuf[0] = '<';
> +         localbuf[1] = '/';
> +-        assert (xstrncpy (&localbuf[2], el, sizeof(localbuf) - 3));
> ++        xstrncpy(&localbuf[2], el, sizeof(localbuf) - 3);
> +         position = localbuf + strlen (localbuf);
> +         *position = '>';
> +         ++position;
> +