* [PATCH] squid 3.4.14: latest patches, sorted options
@ 2016-04-26 16:50 Matthias Fischer
2016-04-26 21:19 ` Michael Tremer
0 siblings, 1 reply; 2+ messages in thread
From: Matthias Fischer @ 2016-04-26 16:50 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 18861 bytes --]
The 'configure'-options were sorted (kind of) to get a better overview.
Added latest patches from upstream.
Changed '--enable-async-io=8' to '--enable-async-io=16' because of
http://www.squid-cache.org/mail-archive/squid-users/200705/0768.html :
"The default number of threads is dependent on the number of aufs
cache_dir lines, based on a reasonable estimate of how the code behaves."
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
---
lfs/squid | 28 ++--
src/patches/squid-3.4-13233.patch | 274 ++++++++++++++++++++++++++++++++++++++
src/patches/squid-3.4-13234.patch | 33 +++++
src/patches/squid-3.4-13235.patch | 97 ++++++++++++++
4 files changed, 420 insertions(+), 12 deletions(-)
create mode 100644 src/patches/squid-3.4-13233.patch
create mode 100644 src/patches/squid-3.4-13234.patch
create mode 100644 src/patches/squid-3.4-13235.patch
diff --git a/lfs/squid b/lfs/squid
index 7e41c16..6725a6e 100644
--- a/lfs/squid
+++ b/lfs/squid
@@ -75,6 +75,10 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13230.patch
cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13231.patch
cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13232.patch
+ cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13233.patch
+ cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13234.patch
+ cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13235.patch
+
cd $(DIR_APP) && autoreconf -vfi
cd $(DIR_APP)/libltdl && autoreconf -vfi
@@ -85,11 +89,15 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
--mandir=/usr/share/man \
--libexecdir=/usr/lib/squid \
--localstatedir=/var \
- --disable-ipv6 \
--disable-ssl \
- --enable-poll \
--disable-icmp \
--disable-wccp \
+ --disable-wccpv2 \
+ --disable-kqueue \
+ --disable-esi \
+ --disable-arch-native \
+ --disable-ipv6 \
+ --enable-poll \
--enable-ident-lookups \
--enable-storeio="aufs,diskd,ufs" \
--enable-underscores \
@@ -107,26 +115,22 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
--enable-url-rewrite-helpers \
--enable-build-info \
--enable-eui \
- --with-pthreads \
- --with-dl \
- --with-filedescriptors=$$(( 16384 * 64 )) \
- --with-large-files \
- --with-aio \
- --enable-async-io=8 \
+ --enable-async-io=16 \
--enable-unlinkd \
--enable-internal-dns \
--enable-epoll \
- --disable-kqueue \
--enable-select \
--enable-cache-digests \
--enable-forw-via-db \
--enable-htcp \
--enable-kill-parent-hack \
- --disable-wccpv2 \
--enable-icap-client \
- --disable-esi \
--enable-zph-qos \
- --disable-arch-native
+ --with-pthreads \
+ --with-dl \
+ --with-filedescriptors=$$(( 16384 * 64 )) \
+ --with-large-files \
+ --with-aio
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
diff --git a/src/patches/squid-3.4-13233.patch b/src/patches/squid-3.4-13233.patch
new file mode 100644
index 0000000..d657838
--- /dev/null
+++ b/src/patches/squid-3.4-13233.patch
@@ -0,0 +1,274 @@
+------------------------------------------------------------
+revno: 13233
+revision-id: squid3(a)treenet.co.nz-20160420063907-hcnf4qmcg5hbjc11
+parent: squid3(a)treenet.co.nz-20160330141410-t6p2dhzr8ri36fap
+committer: Amos Jeffries <squid3(a)treenet.co.nz>
+branch nick: 3.4
+timestamp: Wed 2016-04-20 18:39:07 +1200
+message:
+ cachemgr.cgi: use dynamic MemBuf for internal content generation
+
+ Using a fixed size buffer limits how big content lines can be. Modern
+ HTTP is fast reaching the point where such limits are problematic.
+ Also fixes incorrect uses of snprintf() by removing them.
+------------------------------------------------------------
+# Bazaar merge directive format 2 (Bazaar 0.90)
+# revision_id: squid3(a)treenet.co.nz-20160420063907-hcnf4qmcg5hbjc11
+# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
+# testament_sha1: 161e86814f6f14d74557a3fa169b37b6601c08a1
+# timestamp: 2016-04-20 06:50:57 +0000
+# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
+# base_revision_id: squid3(a)treenet.co.nz-20160330141410-\
+# t6p2dhzr8ri36fap
+#
+# Begin patch
+=== modified file 'src/tests/stub_cbdata.cc'
+--- src/tests/stub_cbdata.cc 2012-11-01 10:31:28 +0000
++++ src/tests/stub_cbdata.cc 2016-04-20 06:39:07 +0000
+@@ -5,7 +5,13 @@
+ #include "tests/STUB.h"
+
+ void cbdataRegisterWithCacheManager(void) STUB
+-
++void *cbdataInternalAlloc(cbdata_type type, const char *, int sz) {
++ return xcalloc(1, sz);
++}
++void *cbdataInternalFree(void *p, const char *, int) {
++ xfree(p);
++ return nullptr;
++}
+ #if USE_CBDATA_DEBUG
+ void *cbdataInternalAllocDbg(cbdata_type type, const char *, int) STUB_RETVAL(NULL)
+ void *cbdataInternalFreeDbg(void *p, const char *, int) STUB_RETVAL(NULL)
+
+=== modified file 'src/tests/stub_mem.cc'
+--- src/tests/stub_mem.cc 2012-08-29 07:29:35 +0000
++++ src/tests/stub_mem.cc 2016-04-20 06:39:07 +0000
+@@ -5,7 +5,7 @@
+ #include "squid.h"
+
+ #define STUB_API "stub_mem.cc"
+-#include "STUB.h"
++#include "tests/STUB.h"
+ #include "Mem.h"
+
+ void
+
+=== modified file 'tools/Makefile.am'
+--- tools/Makefile.am 2014-04-06 04:37:08 +0000
++++ tools/Makefile.am 2016-04-20 06:39:07 +0000
+@@ -35,15 +35,24 @@
+ stub_debug.cc: $(top_srcdir)/src/tests/stub_debug.cc
+ cp $(top_srcdir)/src/tests/stub_debug.cc .
+
++MemBuf.cc: $(top_srcdir)/src/MemBuf.cc
++ cp $(top_srcdir)/src/MemBuf.cc $@
++
+ time.cc: $(top_srcdir)/src/time.cc
+ cp $(top_srcdir)/src/time.cc .
+
++stub_cbdata.cc: $(top_srcdir)/src/tests/stub_cbdata.cc
++ cp $(top_srcdir)/src/tests/stub_cbdata.cc $@
++
++stub_mem.cc: $(top_srcdir)/src/tests/stub_mem.cc
++ cp $(top_srcdir)/src/tests/stub_mem.cc $@
++
+ # stock tools for unit tests - library independent versions of dlink_list
+ # etc.
+ # globals.cc is needed by test_tools.cc.
+ # Neither of these should be disted from here.
+ TESTSOURCES= test_tools.cc
+-CLEANFILES += test_tools.cc stub_debug.cc time.cc
++CLEANFILES += test_tools.cc MemBuf.cc stub_debug.cc time.cc stub_cbdata.cc stub_mem.cc
+
+ ## ##### helper-mux #####
+
+@@ -74,7 +83,10 @@
+ libexec_PROGRAMS = cachemgr$(CGIEXT)
+
+ cachemgr__CGIEXT__SOURCES = cachemgr.cc \
++ MemBuf.cc \
++ stub_cbdata.cc \
+ stub_debug.cc \
++ stub_mem.cc \
+ test_tools.cc \
+ time.cc
+
+
+=== modified file 'tools/cachemgr.cc'
+--- tools/cachemgr.cc 2015-01-09 10:32:57 +0000
++++ tools/cachemgr.cc 2016-04-20 06:39:07 +0000
+@@ -35,6 +35,7 @@
+ #include "getfullhostname.h"
+ #include "html_quote.h"
+ #include "ip/Address.h"
++#include "MemBuf.h"
+ #include "rfc1123.h"
+ #include "rfc1738.h"
+ #include "util.h"
+@@ -460,8 +461,8 @@
+ return url;
+ }
+
+-static const char *
+-munge_menu_line(const char *buf, cachemgr_request * req)
++static void
++munge_menu_line(MemBuf &out, const char *buf, cachemgr_request * req)
+ {
+ char *x;
+ const char *a;
+@@ -469,15 +470,14 @@
+ const char *p;
+ char *a_url;
+ char *buf_copy;
+- static char html[2 * 1024];
+-
+- if (strlen(buf) < 1)
+- return buf;
+-
+- if (*buf != ' ')
+- return buf;
+-
+- buf_copy = x = xstrdup(buf);
++
++ const char bufLen = strlen(buf);
++ if (bufLen < 1 || *buf != ' ') {
++ out.append(buf, bufLen);
++ return;
++ }
++
++ buf_copy = x = xstrndup(buf, bufLen);
+
+ a = xstrtok(&x, '\t');
+
+@@ -489,59 +489,56 @@
+
+ /* no reason to give a url for a disabled action */
+ if (!strcmp(p, "disabled"))
+- snprintf(html, sizeof(html), "<LI type=\"circle\">%s (disabled)<A HREF=\"%s\">.</A>\n", d, a_url);
++ out.Printf("<LI type=\"circle\">%s (disabled)<A HREF=\"%s\">.</A>\n", d, a_url);
+ else
+ /* disable a hidden action (requires a password, but password is not in squid.conf) */
+ if (!strcmp(p, "hidden"))
+- snprintf(html, sizeof(html), "<LI type=\"circle\">%s (hidden)<A HREF=\"%s\">.</A>\n", d, a_url);
++ out.Printf("<LI type=\"circle\">%s (hidden)<A HREF=\"%s\">.</A>\n", d, a_url);
+ else
+ /* disable link if authentication is required and we have no password */
+ if (!strcmp(p, "protected") && !req->passwd)
+- snprintf(html, sizeof(html), "<LI type=\"circle\">%s (requires <a href=\"%s\">authentication</a>)<A HREF=\"%s\">.</A>\n",
+- d, menu_url(req, "authenticate"), a_url);
++ out.Printf("<LI type=\"circle\">%s (requires <a href=\"%s\">authentication</a>)<A HREF=\"%s\">.</A>\n",
++ d, menu_url(req, "authenticate"), a_url);
+ else
+ /* highlight protected but probably available entries */
+ if (!strcmp(p, "protected"))
+- snprintf(html, sizeof(html), "<LI type=\"square\"><A HREF=\"%s\"><font color=\"#FF0000\">%s</font></A>\n",
+- a_url, d);
++ out.Printf("<LI type=\"square\"><A HREF=\"%s\"><font color=\"#FF0000\">%s</font></A>\n",
++ a_url, d);
+
+ /* public entry or unknown type of protection */
+ else
+- snprintf(html, sizeof(html), "<LI type=\"disk\"><A HREF=\"%s\">%s</A>\n", a_url, d);
++ out.Printf("<LI type=\"disk\"><A HREF=\"%s\">%s</A>\n", a_url, d);
+
+ xfree(a_url);
+
+ xfree(buf_copy);
+-
+- return html;
+ }
+
+-static const char *
+-munge_other_line(const char *buf, cachemgr_request * req)
++static void
++munge_other_line(MemBuf &out, const char *buf, cachemgr_request *)
+ {
+ static const char *ttags[] = {"td", "th"};
+
+- static char html[4096];
+ static int table_line_num = 0;
+ static int next_is_header = 0;
+ int is_header = 0;
+ const char *ttag;
+ char *buf_copy;
+ char *x, *p;
+- int l = 0;
+ /* does it look like a table? */
+
+ if (!strchr(buf, '\t') || *buf == '\t') {
+ /* nope, just text */
+- snprintf(html, sizeof(html), "%s%s",
+- table_line_num ? "</table>\n<pre>" : "", html_quote(buf));
++ if (table_line_num)
++ out.append("</table>\n<pre>", 14);
++ out.Printf("%s", html_quote(buf));
+ table_line_num = 0;
+- return html;
++ return;
+ }
+
+ /* start html table */
+ if (!table_line_num) {
+- l += snprintf(html + l, sizeof(html) - l, "</pre><table cellpadding=\"2\" cellspacing=\"1\">\n");
++ out.append("</pre><table cellpadding=\"2\" cellspacing=\"1\">\n", 46);
+ next_is_header = 0;
+ }
+
+@@ -551,7 +548,7 @@
+ ttag = ttags[is_header];
+
+ /* record starts */
+- l += snprintf(html + l, sizeof(html) - l, "<tr>");
++ out.append("<tr>", 4);
+
+ /* substitute '\t' */
+ buf_copy = x = xstrdup(buf);
+@@ -568,18 +565,17 @@
+ ++x;
+ }
+
+- l += snprintf(html + l, sizeof(html) - l, "<%s colspan=\"%d\" align=\"%s\">%s</%s>",
+- ttag, column_span,
+- is_header ? "center" : is_number(cell) ? "right" : "left",
+- html_quote(cell), ttag);
++ out.Printf("<%s colspan=\"%d\" align=\"%s\">%s</%s>",
++ ttag, column_span,
++ is_header ? "center" : is_number(cell) ? "right" : "left",
++ html_quote(cell), ttag);
+ }
+
+ xfree(buf_copy);
+ /* record ends */
+- snprintf(html + l, sizeof(html) - l, "</tr>\n");
++ out.append("</tr>\n", 6);
+ next_is_header = is_header && strstr(buf, "\t\t");
+ ++table_line_num;
+- return html;
+ }
+
+ static const char *
+@@ -736,14 +732,18 @@
+ /* yes, fall through, we do not want to loose the first line */
+
+ case isBody:
++ {
+ /* interpret [and reformat] cache response */
+-
++ MemBuf out;
++ out.init();
+ if (parse_menu)
+- fputs(munge_menu_line(buf, req), stdout);
++ munge_menu_line(out, buf, req);
+ else
+- fputs(munge_other_line(buf, req), stdout);
++ munge_other_line(out, buf, req);
+
+- break;
++ fputs(out.buf, stdout);
++ }
++ break;
+
+ case isForward:
+ /* forward: no modifications allowed */
+
diff --git a/src/patches/squid-3.4-13234.patch b/src/patches/squid-3.4-13234.patch
new file mode 100644
index 0000000..6f701fa
--- /dev/null
+++ b/src/patches/squid-3.4-13234.patch
@@ -0,0 +1,33 @@
+------------------------------------------------------------
+revno: 13234
+revision-id: squid3(a)treenet.co.nz-20160420101437-36eofkldxfku61kj
+parent: squid3(a)treenet.co.nz-20160420063907-hcnf4qmcg5hbjc11
+committer: Amos Jeffries <squid3(a)treenet.co.nz>
+branch nick: 3.4
+timestamp: Wed 2016-04-20 22:14:37 +1200
+message:
+ nullptr is a C++11 feature
+------------------------------------------------------------
+# Bazaar merge directive format 2 (Bazaar 0.90)
+# revision_id: squid3(a)treenet.co.nz-20160420101437-36eofkldxfku61kj
+# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
+# testament_sha1: 0f9f2a5b29a7ef02befe2a4e2e6357ef4bcffbce
+# timestamp: 2016-04-20 10:51:03 +0000
+# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
+# base_revision_id: squid3(a)treenet.co.nz-20160420063907-\
+# hcnf4qmcg5hbjc11
+#
+# Begin patch
+=== modified file 'src/tests/stub_cbdata.cc'
+--- src/tests/stub_cbdata.cc 2016-04-20 06:39:07 +0000
++++ src/tests/stub_cbdata.cc 2016-04-20 10:14:37 +0000
+@@ -10,7 +10,7 @@
+ }
+ void *cbdataInternalFree(void *p, const char *, int) {
+ xfree(p);
+- return nullptr;
++ return NULL;
+ }
+ #if USE_CBDATA_DEBUG
+ void *cbdataInternalAllocDbg(cbdata_type type, const char *, int) STUB_RETVAL(NULL)
+
diff --git a/src/patches/squid-3.4-13235.patch b/src/patches/squid-3.4-13235.patch
new file mode 100644
index 0000000..e380225
--- /dev/null
+++ b/src/patches/squid-3.4-13235.patch
@@ -0,0 +1,97 @@
+------------------------------------------------------------
+revno: 13235
+revision-id: squid3(a)treenet.co.nz-20160420111514-4hpxglbn9k15l5sa
+parent: squid3(a)treenet.co.nz-20160420101437-36eofkldxfku61kj
+committer: Amos Jeffries <squid3(a)treenet.co.nz>
+branch nick: 3.4
+timestamp: Wed 2016-04-20 23:15:14 +1200
+message:
+ Fix several ESI element construction issues
+
+ * Do not wrap active logic in assert().
+
+ * Fix localbuf array bounds checking.
+
+ * Add Must() conditions to verify array writes will succeed
+------------------------------------------------------------
+# Bazaar merge directive format 2 (Bazaar 0.90)
+# revision_id: squid3(a)treenet.co.nz-20160420111514-4hpxglbn9k15l5sa
+# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
+# testament_sha1: e95687b13c98667ab09966e7f94d511ca3e6ad96
+# timestamp: 2016-04-20 11:18:22 +0000
+# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
+# base_revision_id: squid3(a)treenet.co.nz-20160420101437-\
+# 36eofkldxfku61kj
+#
+# Begin patch
+=== modified file 'src/esi/Esi.cc'
+--- src/esi/Esi.cc 2013-06-27 15:58:46 +0000
++++ src/esi/Esi.cc 2016-04-20 11:15:14 +0000
+@@ -991,7 +991,7 @@
+ ESIElement::Pointer element;
+ int specifiedattcount = attrCount * 2;
+ char *position;
+- assert (ellen < sizeof (localbuf)); /* prevent unexpected overruns. */
++ Must(ellen < sizeof(localbuf)); /* prevent unexpected overruns. */
+
+ debugs(86, 5, "ESIContext::Start: element '" << el << "' with " << specifiedattcount << " tags");
+
+@@ -1005,15 +1005,17 @@
+ /* Spit out elements we aren't interested in */
+ localbuf[0] = '<';
+ localbuf[1] = '\0';
+- assert (xstrncpy (&localbuf[1], el, sizeof(localbuf) - 2));
++ xstrncpy(&localbuf[1], el, sizeof(localbuf) - 2);
+ position = localbuf + strlen (localbuf);
+
+ for (i = 0; i < specifiedattcount && attr[i]; i += 2) {
++ Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 1);
+ *position = ' ';
+ ++position;
+ /* TODO: handle thisNode gracefully */
+- assert (xstrncpy (position, attr[i], sizeof(localbuf) + (position - localbuf)));
++ xstrncpy(position, attr[i], sizeof(localbuf) - (position - localbuf));
+ position += strlen (position);
++ Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 2);
+ *position = '=';
+ ++position;
+ *position = '\"';
+@@ -1022,18 +1024,21 @@
+ char ch;
+ while ((ch = *chPtr++) != '\0') {
+ if (ch == '\"') {
+- assert( xstrncpy(position, """, sizeof(localbuf) + (position-localbuf)) );
++ Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 6);
++ xstrncpy(position, """, sizeof(localbuf) - (position-localbuf));
+ position += 6;
+ } else {
++ Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 1);
+ *position = ch;
+ ++position;
+ }
+ }
+- position += strlen (position);
++ Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 1);
+ *position = '\"';
+ ++position;
+ }
+
++ Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) - 2);
+ *position = '>';
+ ++position;
+ *position = '\0';
+@@ -1119,11 +1124,11 @@
+ switch (ESIElement::IdentifyElement (el)) {
+
+ case ESIElement::ESI_ELEMENT_NONE:
+- assert (ellen < sizeof (localbuf)); /* prevent unexpected overruns. */
++ Must(ellen < sizeof(localbuf) - 3); /* prevent unexpected overruns. */
+ /* Add elements we aren't interested in */
+ localbuf[0] = '<';
+ localbuf[1] = '/';
+- assert (xstrncpy (&localbuf[2], el, sizeof(localbuf) - 3));
++ xstrncpy(&localbuf[2], el, sizeof(localbuf) - 3);
+ position = localbuf + strlen (localbuf);
+ *position = '>';
+ ++position;
+
--
2.8.1
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH] squid 3.4.14: latest patches, sorted options
2016-04-26 16:50 [PATCH] squid 3.4.14: latest patches, sorted options Matthias Fischer
@ 2016-04-26 21:19 ` Michael Tremer
0 siblings, 0 replies; 2+ messages in thread
From: Michael Tremer @ 2016-04-26 21:19 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 22150 bytes --]
Hi,
I will merge this this time, but please do these things in several commits in
the future.
Best,
-Michael
On Tue, 2016-04-26 at 18:50 +0200, Matthias Fischer wrote:
> The 'configure'-options were sorted (kind of) to get a better overview.
>
> Added latest patches from upstream.
>
> Changed '--enable-async-io=8' to '--enable-async-io=16' because of
> http://www.squid-cache.org/mail-archive/squid-users/200705/0768.html :
>
> "The default number of threads is dependent on the number of aufs
> cache_dir lines, based on a reasonable estimate of how the code behaves."
>
> Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
> ---
> lfs/squid | 28 ++--
> src/patches/squid-3.4-13233.patch | 274
> ++++++++++++++++++++++++++++++++++++++
> src/patches/squid-3.4-13234.patch | 33 +++++
> src/patches/squid-3.4-13235.patch | 97 ++++++++++++++
> 4 files changed, 420 insertions(+), 12 deletions(-)
> create mode 100644 src/patches/squid-3.4-13233.patch
> create mode 100644 src/patches/squid-3.4-13234.patch
> create mode 100644 src/patches/squid-3.4-13235.patch
>
> diff --git a/lfs/squid b/lfs/squid
> index 7e41c16..6725a6e 100644
> --- a/lfs/squid
> +++ b/lfs/squid
> @@ -75,6 +75,10 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-
> 13230.patch
> cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-
> 13231.patch
> cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-
> 13232.patch
> + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-
> 13233.patch
> + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-
> 13234.patch
> + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-
> 13235.patch
> +
> cd $(DIR_APP) && autoreconf -vfi
> cd $(DIR_APP)/libltdl && autoreconf -vfi
>
> @@ -85,11 +89,15 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> --mandir=/usr/share/man \
> --libexecdir=/usr/lib/squid \
> --localstatedir=/var \
> - --disable-ipv6 \
> --disable-ssl \
> - --enable-poll \
> --disable-icmp \
> --disable-wccp \
> + --disable-wccpv2 \
> + --disable-kqueue \
> + --disable-esi \
> + --disable-arch-native \
> + --disable-ipv6 \
> + --enable-poll \
> --enable-ident-lookups \
> --enable-storeio="aufs,diskd,ufs" \
> --enable-underscores \
> @@ -107,26 +115,22 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> --enable-url-rewrite-helpers \
> --enable-build-info \
> --enable-eui \
> - --with-pthreads \
> - --with-dl \
> - --with-filedescriptors=$$(( 16384 * 64 )) \
> - --with-large-files \
> - --with-aio \
> - --enable-async-io=8 \
> + --enable-async-io=16 \
> --enable-unlinkd \
> --enable-internal-dns \
> --enable-epoll \
> - --disable-kqueue \
> --enable-select \
> --enable-cache-digests \
> --enable-forw-via-db \
> --enable-htcp \
> --enable-kill-parent-hack \
> - --disable-wccpv2 \
> --enable-icap-client \
> - --disable-esi \
> --enable-zph-qos \
> - --disable-arch-native
> + --with-pthreads \
> + --with-dl \
> + --with-filedescriptors=$$(( 16384 * 64 )) \
> + --with-large-files \
> + --with-aio
>
> cd $(DIR_APP) && make $(MAKETUNING)
> cd $(DIR_APP) && make install
> diff --git a/src/patches/squid-3.4-13233.patch b/src/patches/squid-3.4-
> 13233.patch
> new file mode 100644
> index 0000000..d657838
> --- /dev/null
> +++ b/src/patches/squid-3.4-13233.patch
> @@ -0,0 +1,274 @@
> +------------------------------------------------------------
> +revno: 13233
> +revision-id: squid3(a)treenet.co.nz-20160420063907-hcnf4qmcg5hbjc11
> +parent: squid3(a)treenet.co.nz-20160330141410-t6p2dhzr8ri36fap
> +committer: Amos Jeffries <squid3(a)treenet.co.nz>
> +branch nick: 3.4
> +timestamp: Wed 2016-04-20 18:39:07 +1200
> +message:
> + cachemgr.cgi: use dynamic MemBuf for internal content generation
> +
> + Using a fixed size buffer limits how big content lines can be. Modern
> + HTTP is fast reaching the point where such limits are problematic.
> + Also fixes incorrect uses of snprintf() by removing them.
> +------------------------------------------------------------
> +# Bazaar merge directive format 2 (Bazaar 0.90)
> +# revision_id: squid3(a)treenet.co.nz-20160420063907-hcnf4qmcg5hbjc11
> +# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
> +# testament_sha1: 161e86814f6f14d74557a3fa169b37b6601c08a1
> +# timestamp: 2016-04-20 06:50:57 +0000
> +# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
> +# base_revision_id: squid3(a)treenet.co.nz-20160330141410-\
> +# t6p2dhzr8ri36fap
> +#
> +# Begin patch
> +=== modified file 'src/tests/stub_cbdata.cc'
> +--- src/tests/stub_cbdata.cc 2012-11-01 10:31:28 +0000
> ++++ src/tests/stub_cbdata.cc 2016-04-20 06:39:07 +0000
> +@@ -5,7 +5,13 @@
> + #include "tests/STUB.h"
> +
> + void cbdataRegisterWithCacheManager(void) STUB
> +-
> ++void *cbdataInternalAlloc(cbdata_type type, const char *, int sz) {
> ++ return xcalloc(1, sz);
> ++}
> ++void *cbdataInternalFree(void *p, const char *, int) {
> ++ xfree(p);
> ++ return nullptr;
> ++}
> + #if USE_CBDATA_DEBUG
> + void *cbdataInternalAllocDbg(cbdata_type type, const char *, int)
> STUB_RETVAL(NULL)
> + void *cbdataInternalFreeDbg(void *p, const char *, int) STUB_RETVAL(NULL)
> +
> +=== modified file 'src/tests/stub_mem.cc'
> +--- src/tests/stub_mem.cc 2012-08-29 07:29:35 +0000
> ++++ src/tests/stub_mem.cc 2016-04-20 06:39:07 +0000
> +@@ -5,7 +5,7 @@
> + #include "squid.h"
> +
> + #define STUB_API "stub_mem.cc"
> +-#include "STUB.h"
> ++#include "tests/STUB.h"
> + #include "Mem.h"
> +
> + void
> +
> +=== modified file 'tools/Makefile.am'
> +--- tools/Makefile.am 2014-04-06 04:37:08 +0000
> ++++ tools/Makefile.am 2016-04-20 06:39:07 +0000
> +@@ -35,15 +35,24 @@
> + stub_debug.cc: $(top_srcdir)/src/tests/stub_debug.cc
> + cp $(top_srcdir)/src/tests/stub_debug.cc .
> +
> ++MemBuf.cc: $(top_srcdir)/src/MemBuf.cc
> ++ cp $(top_srcdir)/src/MemBuf.cc $@
> ++
> + time.cc: $(top_srcdir)/src/time.cc
> + cp $(top_srcdir)/src/time.cc .
> +
> ++stub_cbdata.cc: $(top_srcdir)/src/tests/stub_cbdata.cc
> ++ cp $(top_srcdir)/src/tests/stub_cbdata.cc $@
> ++
> ++stub_mem.cc: $(top_srcdir)/src/tests/stub_mem.cc
> ++ cp $(top_srcdir)/src/tests/stub_mem.cc $@
> ++
> + # stock tools for unit tests - library independent versions of dlink_list
> + # etc.
> + # globals.cc is needed by test_tools.cc.
> + # Neither of these should be disted from here.
> + TESTSOURCES= test_tools.cc
> +-CLEANFILES += test_tools.cc stub_debug.cc time.cc
> ++CLEANFILES += test_tools.cc MemBuf.cc stub_debug.cc time.cc stub_cbdata.cc
> stub_mem.cc
> +
> + ## ##### helper-mux #####
> +
> +@@ -74,7 +83,10 @@
> + libexec_PROGRAMS = cachemgr$(CGIEXT)
> +
> + cachemgr__CGIEXT__SOURCES = cachemgr.cc \
> ++ MemBuf.cc \
> ++ stub_cbdata.cc \
> + stub_debug.cc \
> ++ stub_mem.cc \
> + test_tools.cc \
> + time.cc
> +
> +
> +=== modified file 'tools/cachemgr.cc'
> +--- tools/cachemgr.cc 2015-01-09 10:32:57 +0000
> ++++ tools/cachemgr.cc 2016-04-20 06:39:07 +0000
> +@@ -35,6 +35,7 @@
> + #include "getfullhostname.h"
> + #include "html_quote.h"
> + #include "ip/Address.h"
> ++#include "MemBuf.h"
> + #include "rfc1123.h"
> + #include "rfc1738.h"
> + #include "util.h"
> +@@ -460,8 +461,8 @@
> + return url;
> + }
> +
> +-static const char *
> +-munge_menu_line(const char *buf, cachemgr_request * req)
> ++static void
> ++munge_menu_line(MemBuf &out, const char *buf, cachemgr_request * req)
> + {
> + char *x;
> + const char *a;
> +@@ -469,15 +470,14 @@
> + const char *p;
> + char *a_url;
> + char *buf_copy;
> +- static char html[2 * 1024];
> +-
> +- if (strlen(buf) < 1)
> +- return buf;
> +-
> +- if (*buf != ' ')
> +- return buf;
> +-
> +- buf_copy = x = xstrdup(buf);
> ++
> ++ const char bufLen = strlen(buf);
> ++ if (bufLen < 1 || *buf != ' ') {
> ++ out.append(buf, bufLen);
> ++ return;
> ++ }
> ++
> ++ buf_copy = x = xstrndup(buf, bufLen);
> +
> + a = xstrtok(&x, '\t');
> +
> +@@ -489,59 +489,56 @@
> +
> + /* no reason to give a url for a disabled action */
> + if (!strcmp(p, "disabled"))
> +- snprintf(html, sizeof(html), "<LI type=\"circle\">%s (disabled)<A
> HREF=\"%s\">.</A>\n", d, a_url);
> ++ out.Printf("<LI type=\"circle\">%s (disabled)<A
> HREF=\"%s\">.</A>\n", d, a_url);
> + else
> + /* disable a hidden action (requires a password, but password is not
> in squid.conf) */
> + if (!strcmp(p, "hidden"))
> +- snprintf(html, sizeof(html), "<LI type=\"circle\">%s (hidden)<A
> HREF=\"%s\">.</A>\n", d, a_url);
> ++ out.Printf("<LI type=\"circle\">%s (hidden)<A
> HREF=\"%s\">.</A>\n", d, a_url);
> + else
> + /* disable link if authentication is required and we have no
> password */
> + if (!strcmp(p, "protected") && !req->passwd)
> +- snprintf(html, sizeof(html), "<LI type=\"circle\">%s
> (requires <a href=\"%s\">authentication</a>)<A HREF=\"%s\">.</A>\n",
> +- d, menu_url(req, "authenticate"), a_url);
> ++ out.Printf("<LI type=\"circle\">%s (requires <a
> href=\"%s\">authentication</a>)<A HREF=\"%s\">.</A>\n",
> ++ d, menu_url(req, "authenticate"), a_url);
> + else
> + /* highlight protected but probably available entries */
> + if (!strcmp(p, "protected"))
> +- snprintf(html, sizeof(html), "<LI type=\"square\"><A
> HREF=\"%s\"><font color=\"#FF0000\">%s</font></A>\n",
> +- a_url, d);
> ++ out.Printf("<LI type=\"square\"><A HREF=\"%s\"><font
> color=\"#FF0000\">%s</font></A>\n",
> ++ a_url, d);
> +
> + /* public entry or unknown type of protection */
> + else
> +- snprintf(html, sizeof(html), "<LI type=\"disk\"><A
> HREF=\"%s\">%s</A>\n", a_url, d);
> ++ out.Printf("<LI type=\"disk\"><A HREF=\"%s\">%s</A>\n",
> a_url, d);
> +
> + xfree(a_url);
> +
> + xfree(buf_copy);
> +-
> +- return html;
> + }
> +
> +-static const char *
> +-munge_other_line(const char *buf, cachemgr_request * req)
> ++static void
> ++munge_other_line(MemBuf &out, const char *buf, cachemgr_request *)
> + {
> + static const char *ttags[] = {"td", "th"};
> +
> +- static char html[4096];
> + static int table_line_num = 0;
> + static int next_is_header = 0;
> + int is_header = 0;
> + const char *ttag;
> + char *buf_copy;
> + char *x, *p;
> +- int l = 0;
> + /* does it look like a table? */
> +
> + if (!strchr(buf, '\t') || *buf == '\t') {
> + /* nope, just text */
> +- snprintf(html, sizeof(html), "%s%s",
> +- table_line_num ? "</table>\n<pre>" : "", html_quote(buf));
> ++ if (table_line_num)
> ++ out.append("</table>\n<pre>", 14);
> ++ out.Printf("%s", html_quote(buf));
> + table_line_num = 0;
> +- return html;
> ++ return;
> + }
> +
> + /* start html table */
> + if (!table_line_num) {
> +- l += snprintf(html + l, sizeof(html) - l, "</pre><table
> cellpadding=\"2\" cellspacing=\"1\">\n");
> ++ out.append("</pre><table cellpadding=\"2\" cellspacing=\"1\">\n",
> 46);
> + next_is_header = 0;
> + }
> +
> +@@ -551,7 +548,7 @@
> + ttag = ttags[is_header];
> +
> + /* record starts */
> +- l += snprintf(html + l, sizeof(html) - l, "<tr>");
> ++ out.append("<tr>", 4);
> +
> + /* substitute '\t' */
> + buf_copy = x = xstrdup(buf);
> +@@ -568,18 +565,17 @@
> + ++x;
> + }
> +
> +- l += snprintf(html + l, sizeof(html) - l, "<%s colspan=\"%d\"
> align=\"%s\">%s</%s>",
> +- ttag, column_span,
> +- is_header ? "center" : is_number(cell) ? "right" :
> "left",
> +- html_quote(cell), ttag);
> ++ out.Printf("<%s colspan=\"%d\" align=\"%s\">%s</%s>",
> ++ ttag, column_span,
> ++ is_header ? "center" : is_number(cell) ? "right" :
> "left",
> ++ html_quote(cell), ttag);
> + }
> +
> + xfree(buf_copy);
> + /* record ends */
> +- snprintf(html + l, sizeof(html) - l, "</tr>\n");
> ++ out.append("</tr>\n", 6);
> + next_is_header = is_header && strstr(buf, "\t\t");
> + ++table_line_num;
> +- return html;
> + }
> +
> + static const char *
> +@@ -736,14 +732,18 @@
> + /* yes, fall through, we do not want to loose the first line */
> +
> + case isBody:
> ++ {
> + /* interpret [and reformat] cache response */
> +-
> ++ MemBuf out;
> ++ out.init();
> + if (parse_menu)
> +- fputs(munge_menu_line(buf, req), stdout);
> ++ munge_menu_line(out, buf, req);
> + else
> +- fputs(munge_other_line(buf, req), stdout);
> ++ munge_other_line(out, buf, req);
> +
> +- break;
> ++ fputs(out.buf, stdout);
> ++ }
> ++ break;
> +
> + case isForward:
> + /* forward: no modifications allowed */
> +
> diff --git a/src/patches/squid-3.4-13234.patch b/src/patches/squid-3.4-
> 13234.patch
> new file mode 100644
> index 0000000..6f701fa
> --- /dev/null
> +++ b/src/patches/squid-3.4-13234.patch
> @@ -0,0 +1,33 @@
> +------------------------------------------------------------
> +revno: 13234
> +revision-id: squid3(a)treenet.co.nz-20160420101437-36eofkldxfku61kj
> +parent: squid3(a)treenet.co.nz-20160420063907-hcnf4qmcg5hbjc11
> +committer: Amos Jeffries <squid3(a)treenet.co.nz>
> +branch nick: 3.4
> +timestamp: Wed 2016-04-20 22:14:37 +1200
> +message:
> + nullptr is a C++11 feature
> +------------------------------------------------------------
> +# Bazaar merge directive format 2 (Bazaar 0.90)
> +# revision_id: squid3(a)treenet.co.nz-20160420101437-36eofkldxfku61kj
> +# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
> +# testament_sha1: 0f9f2a5b29a7ef02befe2a4e2e6357ef4bcffbce
> +# timestamp: 2016-04-20 10:51:03 +0000
> +# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
> +# base_revision_id: squid3(a)treenet.co.nz-20160420063907-\
> +# hcnf4qmcg5hbjc11
> +#
> +# Begin patch
> +=== modified file 'src/tests/stub_cbdata.cc'
> +--- src/tests/stub_cbdata.cc 2016-04-20 06:39:07 +0000
> ++++ src/tests/stub_cbdata.cc 2016-04-20 10:14:37 +0000
> +@@ -10,7 +10,7 @@
> + }
> + void *cbdataInternalFree(void *p, const char *, int) {
> + xfree(p);
> +- return nullptr;
> ++ return NULL;
> + }
> + #if USE_CBDATA_DEBUG
> + void *cbdataInternalAllocDbg(cbdata_type type, const char *, int)
> STUB_RETVAL(NULL)
> +
> diff --git a/src/patches/squid-3.4-13235.patch b/src/patches/squid-3.4-
> 13235.patch
> new file mode 100644
> index 0000000..e380225
> --- /dev/null
> +++ b/src/patches/squid-3.4-13235.patch
> @@ -0,0 +1,97 @@
> +------------------------------------------------------------
> +revno: 13235
> +revision-id: squid3(a)treenet.co.nz-20160420111514-4hpxglbn9k15l5sa
> +parent: squid3(a)treenet.co.nz-20160420101437-36eofkldxfku61kj
> +committer: Amos Jeffries <squid3(a)treenet.co.nz>
> +branch nick: 3.4
> +timestamp: Wed 2016-04-20 23:15:14 +1200
> +message:
> + Fix several ESI element construction issues
> +
> + * Do not wrap active logic in assert().
> +
> + * Fix localbuf array bounds checking.
> +
> + * Add Must() conditions to verify array writes will succeed
> +------------------------------------------------------------
> +# Bazaar merge directive format 2 (Bazaar 0.90)
> +# revision_id: squid3(a)treenet.co.nz-20160420111514-4hpxglbn9k15l5sa
> +# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
> +# testament_sha1: e95687b13c98667ab09966e7f94d511ca3e6ad96
> +# timestamp: 2016-04-20 11:18:22 +0000
> +# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
> +# base_revision_id: squid3(a)treenet.co.nz-20160420101437-\
> +# 36eofkldxfku61kj
> +#
> +# Begin patch
> +=== modified file 'src/esi/Esi.cc'
> +--- src/esi/Esi.cc 2013-06-27 15:58:46 +0000
> ++++ src/esi/Esi.cc 2016-04-20 11:15:14 +0000
> +@@ -991,7 +991,7 @@
> + ESIElement::Pointer element;
> + int specifiedattcount = attrCount * 2;
> + char *position;
> +- assert (ellen < sizeof (localbuf)); /* prevent unexpected overruns. */
> ++ Must(ellen < sizeof(localbuf)); /* prevent unexpected overruns. */
> +
> + debugs(86, 5, "ESIContext::Start: element '" << el << "' with " <<
> specifiedattcount << " tags");
> +
> +@@ -1005,15 +1005,17 @@
> + /* Spit out elements we aren't interested in */
> + localbuf[0] = '<';
> + localbuf[1] = '\0';
> +- assert (xstrncpy (&localbuf[1], el, sizeof(localbuf) - 2));
> ++ xstrncpy(&localbuf[1], el, sizeof(localbuf) - 2);
> + position = localbuf + strlen (localbuf);
> +
> + for (i = 0; i < specifiedattcount && attr[i]; i += 2) {
> ++ Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf)
> - 1);
> + *position = ' ';
> + ++position;
> + /* TODO: handle thisNode gracefully */
> +- assert (xstrncpy (position, attr[i], sizeof(localbuf) +
> (position - localbuf)));
> ++ xstrncpy(position, attr[i], sizeof(localbuf) - (position -
> localbuf));
> + position += strlen (position);
> ++ Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf)
> - 2);
> + *position = '=';
> + ++position;
> + *position = '\"';
> +@@ -1022,18 +1024,21 @@
> + char ch;
> + while ((ch = *chPtr++) != '\0') {
> + if (ch == '\"') {
> +- assert( xstrncpy(position, """, sizeof(localbuf) +
> (position-localbuf)) );
> ++ Must(static_cast<size_t>(position - localbuf) <
> sizeof(localbuf) - 6);
> ++ xstrncpy(position, """, sizeof(localbuf) -
> (position-localbuf));
> + position += 6;
> + } else {
> ++ Must(static_cast<size_t>(position - localbuf) <
> sizeof(localbuf) - 1);
> + *position = ch;
> + ++position;
> + }
> + }
> +- position += strlen (position);
> ++ Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf)
> - 1);
> + *position = '\"';
> + ++position;
> + }
> +
> ++ Must(static_cast<size_t>(position - localbuf) < sizeof(localbuf) -
> 2);
> + *position = '>';
> + ++position;
> + *position = '\0';
> +@@ -1119,11 +1124,11 @@
> + switch (ESIElement::IdentifyElement (el)) {
> +
> + case ESIElement::ESI_ELEMENT_NONE:
> +- assert (ellen < sizeof (localbuf)); /* prevent unexpected overruns.
> */
> ++ Must(ellen < sizeof(localbuf) - 3); /* prevent unexpected overruns.
> */
> + /* Add elements we aren't interested in */
> + localbuf[0] = '<';
> + localbuf[1] = '/';
> +- assert (xstrncpy (&localbuf[2], el, sizeof(localbuf) - 3));
> ++ xstrncpy(&localbuf[2], el, sizeof(localbuf) - 3);
> + position = localbuf + strlen (localbuf);
> + *position = '>';
> + ++position;
> +
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-04-26 21:19 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-04-26 16:50 [PATCH] squid 3.4.14: latest patches, sorted options Matthias Fischer
2016-04-26 21:19 ` Michael Tremer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox