Thanks. This was super quick. Even before the official release announcement landed in my inbox :) On Sat, 2016-09-10 at 14:35 +0200, Matthias Fischer wrote: > For details, see: > http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID_3_5_21.html > > Best, > Matthias > > Signed-off-by: Matthias Fischer > --- >  lfs/squid                                          |  15 +- >  ...=> squid-3.5.21-fix-max-file-descriptors.patch} |   0 >  src/patches/squid/squid-3.5-14067.patch            | 381 -------------------- > - >  src/patches/squid/squid-3.5-14068.patch            |  35 -- >  src/patches/squid/squid-3.5-14069.patch            |  30 -- >  src/patches/squid/squid-3.5-14070.patch            |  44 --- >  src/patches/squid/squid-3.5-14071.patch            |  70 ---- >  src/patches/squid/squid-3.5-14072.patch            |  33 -- >  src/patches/squid/squid-3.5-14073.patch            | 151 -------- >  src/patches/squid/squid-3.5-14074.patch            |  55 --- >  src/patches/squid/squid-3.5-14075.patch            |  38 -- >  11 files changed, 3 insertions(+), 849 deletions(-) >  rename src/patches/{squid-3.5.20-fix-max-file-descriptors.patch => squid- > 3.5.21-fix-max-file-descriptors.patch} (100%) >  delete mode 100644 src/patches/squid/squid-3.5-14067.patch >  delete mode 100644 src/patches/squid/squid-3.5-14068.patch >  delete mode 100644 src/patches/squid/squid-3.5-14069.patch >  delete mode 100644 src/patches/squid/squid-3.5-14070.patch >  delete mode 100644 src/patches/squid/squid-3.5-14071.patch >  delete mode 100644 src/patches/squid/squid-3.5-14072.patch >  delete mode 100644 src/patches/squid/squid-3.5-14073.patch >  delete mode 100644 src/patches/squid/squid-3.5-14074.patch >  delete mode 100644 src/patches/squid/squid-3.5-14075.patch > > diff --git a/lfs/squid b/lfs/squid > index 2d9c596..ae8e1e9 100644 > --- a/lfs/squid > +++ b/lfs/squid > @@ -24,7 +24,7 @@ >   >  include Config >   > -VER        = 3.5.20 > +VER        = 3.5.21 >   >  THISAPP    = squid-$(VER) >  DL_FILE    = $(THISAPP).tar.xz > @@ -40,7 +40,7 @@ objects = $(DL_FILE) >   >  $(DL_FILE) = $(DL_FROM)/$(DL_FILE) >   > -$(DL_FILE)_MD5 = 48fb18679a30606de98882528beab3a7 > +$(DL_FILE)_MD5 = e6745a6e4ac0b48b7283861f64a40ae5 >   >  install : $(TARGET) >   > @@ -70,16 +70,7 @@ $(subst %,%_MD5,$(objects)) : >  $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) >   @$(PREBUILD) >   @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar xaf $(DIR_DL)/$(DL_FILE) > - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid- > 3.5-14067.patch > - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid- > 3.5-14068.patch > - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid- > 3.5-14069.patch > - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid- > 3.5-14070.patch > - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid- > 3.5-14071.patch > - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid- > 3.5-14072.patch > - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid- > 3.5-14073.patch > - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid- > 3.5-14074.patch > - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid- > 3.5-14075.patch > - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.5.20- > fix-max-file-descriptors.patch > + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.5.21- > fix-max-file-descriptors.patch >   >   cd $(DIR_APP) && autoreconf -vfi >   cd $(DIR_APP)/libltdl && autoreconf -vfi > diff --git a/src/patches/squid-3.5.20-fix-max-file-descriptors.patch > b/src/patches/squid-3.5.21-fix-max-file-descriptors.patch > similarity index 100% > rename from src/patches/squid-3.5.20-fix-max-file-descriptors.patch > rename to src/patches/squid-3.5.21-fix-max-file-descriptors.patch > diff --git a/src/patches/squid/squid-3.5-14067.patch > b/src/patches/squid/squid-3.5-14067.patch > deleted file mode 100644 > index 8d9cb21..0000000 > --- a/src/patches/squid/squid-3.5-14067.patch > +++ /dev/null > @@ -1,381 +0,0 @@ > ------------------------------------------------------------- > -revno: 14067 > -revision-id: squid3(a)treenet.co.nz-20160723071620-1wzqpbyi1rk5w6vg > -parent: squid3(a)treenet.co.nz-20160701113616-vpjak1pq4uecadd2 > -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4534 > -committer: Amos Jeffries > -branch nick: 3.5 > -timestamp: Sat 2016-07-23 19:16:20 +1200 > -message: > -  Bug 4534: assertion failure in xcalloc when using many cache_dir > ------------------------------------------------------------- > -# Bazaar merge directive format 2 (Bazaar 0.90) > -# revision_id: squid3(a)treenet.co.nz-20160723071620-1wzqpbyi1rk5w6vg > -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 > -# testament_sha1: fcd663f0fd4a24d505f81eb94ef95d627a4ca363 > -# timestamp: 2016-07-23 07:24:01 +0000 > -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 > -# base_revision_id: squid3(a)treenet.co.nz-20160701113616-\ > -#   vpjak1pq4uecadd2 > -#  > -# Begin patch > -=== modified file 'src/CacheDigest.cc' > ---- src/CacheDigest.cc 2016-01-01 00:14:27 +0000 > -+++ src/CacheDigest.cc 2016-07-23 07:16:20 +0000 > -@@ -35,12 +35,12 @@ > - static uint32_t hashed_keys[4]; > -  > - static void > --cacheDigestInit(CacheDigest * cd, int capacity, int bpe) > -+cacheDigestInit(CacheDigest * cd, uint64_t capacity, uint8_t bpe) > - { > --    const size_t mask_size = cacheDigestCalcMaskSize(capacity, bpe); > -+    const uint32_t mask_size = cacheDigestCalcMaskSize(capacity, bpe); > -     assert(cd); > -     assert(capacity > 0 && bpe > 0); > --    assert(mask_size > 0); > -+    assert(mask_size != 0); > -     cd->capacity = capacity; > -     cd->bits_per_entry = bpe; > -     cd->mask_size = mask_size; > -@@ -50,7 +50,7 @@ > - } > -  > - CacheDigest * > --cacheDigestCreate(int capacity, int bpe) > -+cacheDigestCreate(uint64_t capacity, uint8_t bpe) > - { > -     CacheDigest *cd = (CacheDigest *)memAllocate(MEM_CACHE_DIGEST); > -     assert(SQUID_MD5_DIGEST_LENGTH == 16);  /* our hash functions rely on 16 > byte keys */ > -@@ -97,7 +97,7 @@ > -  > - /* changes mask size, resets bits to 0, preserves "cd" pointer */ > - void > --cacheDigestChangeCap(CacheDigest * cd, int new_cap) > -+cacheDigestChangeCap(CacheDigest * cd, uint64_t new_cap) > - { > -     assert(cd); > -     cacheDigestClean(cd); > -@@ -278,12 +278,12 @@ > -     storeAppendPrintf(e, "%s digest: size: %d bytes\n", > -                       label ? label : "", stats.bit_count / 8 > -                      ); > --    storeAppendPrintf(e, "\t entries: count: %d capacity: %d util: %d%%\n", > -+    storeAppendPrintf(e, "\t entries: count: %" PRIu64 " capacity: %" PRIu64 > " util: %d%%\n", > -                       cd->count, > -                       cd->capacity, > -                       xpercentInt(cd->count, cd->capacity) > -                      ); > --    storeAppendPrintf(e, "\t deletion attempts: %d\n", > -+    storeAppendPrintf(e, "\t deletion attempts: %" PRIu64 "\n", > -                       cd->del_count > -                      ); > -     storeAppendPrintf(e, "\t bits: per entry: %d on: %d capacity: %d util: > %d%%\n", > -@@ -297,16 +297,18 @@ > -                      ); > - } > -  > --size_t > --cacheDigestCalcMaskSize(int cap, int bpe) > -+uint32_t > -+cacheDigestCalcMaskSize(uint64_t cap, uint8_t bpe) > - { > --    return (size_t) (cap * bpe + 7) / 8; > -+    uint64_t bitCount = (cap * bpe) + 7; > -+    assert(bitCount < INT_MAX); // dont 31-bit overflow later > -+    return static_cast(bitCount / 8); > - } > -  > - static void > - cacheDigestHashKey(const CacheDigest * cd, const cache_key * key) > - { > --    const unsigned int bit_count = cd->mask_size * 8; > -+    const uint32_t bit_count = cd->mask_size * 8; > -     unsigned int tmp_keys[4]; > -     /* we must memcpy to ensure alignment */ > -     memcpy(tmp_keys, key, sizeof(tmp_keys)); > - > -=== modified file 'src/CacheDigest.h' > ---- src/CacheDigest.h 2016-01-01 00:14:27 +0000 > -+++ src/CacheDigest.h 2016-07-23 07:16:20 +0000 > -@@ -22,23 +22,23 @@ > - { > - public: > -     /* public, read-only */ > --    char *mask;         /* bit mask */ > --    int mask_size;      /* mask size in bytes */ > --    int capacity;       /* expected maximum for .count, not a hard limit */ > --    int bits_per_entry;     /* number of bits allocated for each entry from > capacity */ > --    int count;          /* number of digested entries */ > --    int del_count;      /* number of deletions performed so far */ > -+    uint64_t count;          /* number of digested entries */ > -+    uint64_t del_count;      /* number of deletions performed so far */ > -+    uint64_t capacity;       /* expected maximum for .count, not a hard > limit */ > -+    char *mask;              /* bit mask */ > -+    uint32_t mask_size;      /* mask size in bytes */ > -+    int8_t bits_per_entry;   /* number of bits allocated for each entry from > capacity */ > - }; > -  > --CacheDigest *cacheDigestCreate(int capacity, int bpe); > -+CacheDigest *cacheDigestCreate(uint64_t capacity, uint8_t bpe); > - void cacheDigestDestroy(CacheDigest * cd); > - CacheDigest *cacheDigestClone(const CacheDigest * cd); > - void cacheDigestClear(CacheDigest * cd); > --void cacheDigestChangeCap(CacheDigest * cd, int new_cap); > -+void cacheDigestChangeCap(CacheDigest * cd, uint64_t new_cap); > - int cacheDigestTest(const CacheDigest * cd, const cache_key * key); > - void cacheDigestAdd(CacheDigest * cd, const cache_key * key); > - void cacheDigestDel(CacheDigest * cd, const cache_key * key); > --size_t cacheDigestCalcMaskSize(int cap, int bpe); > -+uint32_t cacheDigestCalcMaskSize(uint64_t cap, uint8_t bpe); > - int cacheDigestBitUtil(const CacheDigest * cd); > - void cacheDigestGuessStatsUpdate(CacheDigestGuessStats * stats, int > real_hit, int guess_hit); > - void cacheDigestGuessStatsReport(const CacheDigestGuessStats * stats, > StoreEntry * sentry, const char *label); > - > -=== modified file 'src/PeerDigest.h' > ---- src/PeerDigest.h 2016-01-01 00:14:27 +0000 > -+++ src/PeerDigest.h 2016-07-23 07:16:20 +0000 > -@@ -52,7 +52,7 @@ > -     store_client *old_sc; > -     HttpRequest *request; > -     int offset; > --    int mask_offset; > -+    uint32_t mask_offset; > -     time_t start_time; > -     time_t resp_time; > -     time_t expires; > - > -=== modified file 'src/peer_digest.cc' > ---- src/peer_digest.cc 2016-01-01 00:14:27 +0000 > -+++ src/peer_digest.cc 2016-07-23 07:16:20 +0000 > -@@ -754,7 +754,7 @@ > -     if (!reason && !size) { > -         if (!pd->cd) > -             reason = "null digest?!"; > --        else if (fetch->mask_offset != (int)pd->cd->mask_size) > -+        else if (fetch->mask_offset != pd->cd->mask_size) > -             reason = "premature end of digest?!"; > -         else if (!peerDigestUseful(pd)) > -             reason = "useless digest"; > - > -=== modified file 'src/store_digest.cc' > ---- src/store_digest.cc 2016-01-01 00:14:27 +0000 > -+++ src/store_digest.cc 2016-07-23 07:16:20 +0000 > -@@ -76,36 +76,63 @@ > - static void storeDigestRewriteFinish(StoreEntry * e); > - static EVH storeDigestSwapOutStep; > - static void storeDigestCBlockSwapOut(StoreEntry * e); > --static int storeDigestCalcCap(void); > --static int storeDigestResize(void); > - static void storeDigestAdd(const StoreEntry *); > -  > -+/// calculates digest capacity > -+static uint64_t > -+storeDigestCalcCap() > -+{ > -+    /* > -+     * To-Do: Bloom proved that the optimal filter utilization is 50% (half > of > -+     * the bits are off). However, we do not have a formula to calculate the > -+     * number of _entries_ we want to pre-allocate for. > -+     */ > -+    const uint64_t hi_cap = Store::Root().maxSize() / > Config.Store.avgObjectSize; > -+    const uint64_t lo_cap = 1 + Store::Root().currentSize() / > Config.Store.avgObjectSize; > -+    const uint64_t e_count = StoreEntry::inUseCount(); > -+    uint64_t cap = e_count ? e_count : hi_cap; > -+    debugs(71, 2, "have: " << e_count << ", want " << cap << > -+           " entries; limits: [" << lo_cap << ", " << hi_cap << "]"); > -+ > -+    if (cap < lo_cap) > -+        cap = lo_cap; > -+ > -+    /* do not enforce hi_cap limit, average-based estimation may be wrong > -+     *if (cap > hi_cap) > -+     *  cap = hi_cap; > -+     */ > -+ > -+    // Bug 4534: we still have to set an upper-limit at some reasonable > value though. > -+    // this matches cacheDigestCalcMaskSize doing (cap*bpe)+7 < INT_MAX > -+    const uint64_t absolute_max = (INT_MAX -8) / > Config.digest.bits_per_entry; > -+    if (cap > absolute_max) { > -+        static time_t last_loud = 0; > -+        if (last_loud < squid_curtime - 86400) { > -+            debugs(71, DBG_IMPORTANT, "WARNING: Cache Digest cannot store " > << cap << " entries. Limiting to " << absolute_max); > -+            last_loud = squid_curtime; > -+        } else { > -+            debugs(71, 3, "WARNING: Cache Digest cannot store " << cap << " > entries. Limiting to " << absolute_max); > -+        } > -+        cap = absolute_max; > -+    } > -+ > -+    return cap; > -+} > - #endif /* USE_CACHE_DIGESTS */ > -  > --static void > --storeDigestRegisterWithCacheManager(void) > -+void > -+storeDigestInit(void) > - { > -     Mgr::RegisterAction("store_digest", "Store Digest", storeDigestReport, > 0, 1); > --} > -- > --/* > -- * PUBLIC FUNCTIONS > -- */ > -- > --void > --storeDigestInit(void) > --{ > --    storeDigestRegisterWithCacheManager(); > -  > - #if USE_CACHE_DIGESTS > --    const int cap = storeDigestCalcCap(); > -- > -     if (!Config.onoff.digest_generation) { > -         store_digest = NULL; > -         debugs(71, 3, "Local cache digest generation disabled"); > -         return; > -     } > -  > -+    const uint64_t cap = storeDigestCalcCap(); > -     store_digest = cacheDigestCreate(cap, Config.digest.bits_per_entry); > -     debugs(71, DBG_IMPORTANT, "Local cache digest enabled; rebuild/rewrite > every " << > -            (int) Config.digest.rebuild_period << "/" << > -@@ -290,6 +317,31 @@ > -     storeDigestRebuildResume(); > - } > -  > -+/// \returns true if we actually resized the digest > -+static bool > -+storeDigestResize() > -+{ > -+    const uint64_t cap = storeDigestCalcCap(); > -+    assert(store_digest); > -+    uint64_t diff; > -+    if (cap > store_digest->capacity) > -+        diff = cap - store_digest->capacity; > -+    else > -+        diff = store_digest->capacity - cap; > -+    debugs(71, 2, store_digest->capacity << " -> " << cap << "; change: " << > -+           diff << " (" << xpercentInt(diff, store_digest->capacity) << "%)" > ); > -+    /* avoid minor adjustments */ > -+ > -+    if (diff <= store_digest->capacity / 10) { > -+        debugs(71, 2, "small change, will not resize."); > -+        return false; > -+    } else { > -+        debugs(71, 2, "big change, resizing."); > -+        cacheDigestChangeCap(store_digest, cap); > -+    } > -+    return true; > -+} > -+ > - /* called be Rewrite to push Rebuild forward */ > - static void > - storeDigestRebuildResume(void) > -@@ -439,7 +491,7 @@ > -     assert(e); > -     /* _add_ check that nothing bad happened while we were waiting @?@ @?@ > */ > -  > --    if (sd_state.rewrite_offset + chunk_size > store_digest->mask_size) > -+    if (static_cast(sd_state.rewrite_offset + chunk_size) > > store_digest->mask_size) > -         chunk_size = store_digest->mask_size - sd_state.rewrite_offset; > -  > -     e->append(store_digest->mask + sd_state.rewrite_offset, chunk_size); > -@@ -451,7 +503,7 @@ > -     sd_state.rewrite_offset += chunk_size; > -  > -     /* are we done ? */ > --    if (sd_state.rewrite_offset >= store_digest->mask_size) > -+    if (static_cast(sd_state.rewrite_offset) >= store_digest- > >mask_size) > -         storeDigestRewriteFinish(e); > -     else > -         eventAdd("storeDigestSwapOutStep", storeDigestSwapOutStep, data, > 0.0, 1, false); > -@@ -467,60 +519,10 @@ > -     sd_state.cblock.count = htonl(store_digest->count); > -     sd_state.cblock.del_count = htonl(store_digest->del_count); > -     sd_state.cblock.mask_size = htonl(store_digest->mask_size); > --    sd_state.cblock.bits_per_entry = (unsigned char) > --                                     Config.digest.bits_per_entry; > -+    sd_state.cblock.bits_per_entry = Config.digest.bits_per_entry; > -     sd_state.cblock.hash_func_count = (unsigned char) > CacheDigestHashFuncCount; > -     e->append((char *) &sd_state.cblock, sizeof(sd_state.cblock)); > - } > -  > --/* calculates digest capacity */ > --static int > --storeDigestCalcCap(void) > --{ > --    /* > --     * To-Do: Bloom proved that the optimal filter utilization is 50% (half > of > --     * the bits are off). However, we do not have a formula to calculate the > --     * number of _entries_ we want to pre-allocate for. > --     */ > --    const int hi_cap = Store::Root().maxSize() / Config.Store.avgObjectSize; > --    const int lo_cap = 1 + Store::Root().currentSize() / > Config.Store.avgObjectSize; > --    const int e_count = StoreEntry::inUseCount(); > --    int cap = e_count ? e_count :hi_cap; > --    debugs(71, 2, "storeDigestCalcCap: have: " << e_count << ", want " << > cap << > --           " entries; limits: [" << lo_cap << ", " << hi_cap << "]"); > -- > --    if (cap < lo_cap) > --        cap = lo_cap; > -- > --    /* do not enforce hi_cap limit, average-based estimation may be wrong > --     *if (cap > hi_cap) > --     *  cap = hi_cap; > --     */ > --    return cap; > --} > -- > --/* returns true if we actually resized the digest */ > --static int > --storeDigestResize(void) > --{ > --    const int cap = storeDigestCalcCap(); > --    int diff; > --    assert(store_digest); > --    diff = abs(cap - store_digest->capacity); > --    debugs(71, 2, "storeDigestResize: " << > --           store_digest->capacity << " -> " << cap << "; change: " << > --           diff << " (" << xpercentInt(diff, store_digest->capacity) << "%)" > ); > --    /* avoid minor adjustments */ > -- > --    if (diff <= store_digest->capacity / 10) { > --        debugs(71, 2, "storeDigestResize: small change, will not resize."); > --        return 0; > --    } else { > --        debugs(71, 2, "storeDigestResize: big change, resizing."); > --        cacheDigestChangeCap(store_digest, cap); > --        return 1; > --    } > --} > -- > - #endif /* USE_CACHE_DIGESTS */ > -  > - > -=== modified file 'src/tests/stub_CacheDigest.cc' > ---- src/tests/stub_CacheDigest.cc 2016-01-01 00:14:27 +0000 > -+++ src/tests/stub_CacheDigest.cc 2016-07-23 07:16:20 +0000 > -@@ -16,11 +16,11 @@ > - class CacheDigestGuessStats; > - class StoreEntry; > -  > --CacheDigest * cacheDigestCreate(int, int) STUB_RETVAL(NULL) > -+CacheDigest * cacheDigestCreate(uint64_t, uint8_t) STUB_RETVAL(NULL) > - void cacheDigestDestroy(CacheDigest *) STUB > - CacheDigest * cacheDigestClone(const CacheDigest *) STUB_RETVAL(NULL) > - void cacheDigestClear(CacheDigest * ) STUB > --void cacheDigestChangeCap(CacheDigest *,int) STUB > -+void cacheDigestChangeCap(CacheDigest *,uint64_t) STUB > - int cacheDigestTest(const CacheDigest *, const cache_key *) STUB_RETVAL(1) > - void cacheDigestAdd(CacheDigest *, const cache_key *) STUB > - void cacheDigestDel(CacheDigest *, const cache_key *) STUB > -@@ -28,5 +28,4 @@ > - void cacheDigestGuessStatsUpdate(CacheDigestGuessStats *, int, int) STUB > - void cacheDigestGuessStatsReport(const CacheDigestGuessStats *, StoreEntry > *, const char *) STUB > - void cacheDigestReport(CacheDigest *, const char *, StoreEntry *) STUB > --size_t cacheDigestCalcMaskSize(int, int) STUB_RETVAL(1) > -- > -+uint32_t cacheDigestCalcMaskSize(uint64_t, uint8_t) STUB_RETVAL(1) > - > diff --git a/src/patches/squid/squid-3.5-14068.patch > b/src/patches/squid/squid-3.5-14068.patch > deleted file mode 100644 > index 4766e00..0000000 > --- a/src/patches/squid/squid-3.5-14068.patch > +++ /dev/null > @@ -1,35 +0,0 @@ > ------------------------------------------------------------- > -revno: 14068 > -revision-id: squid3(a)treenet.co.nz-20160723071930-cemledcltg8pkc28 > -parent: squid3(a)treenet.co.nz-20160723071620-1wzqpbyi1rk5w6vg > -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4542 > -author: Anonymous > -committer: Amos Jeffries > -branch nick: 3.5 > -timestamp: Sat 2016-07-23 19:19:30 +1200 > -message: > -  Bug #4542: authentication credentials IP TTL updated incorrectly > ------------------------------------------------------------- > -# Bazaar merge directive format 2 (Bazaar 0.90) > -# revision_id: squid3(a)treenet.co.nz-20160723071930-cemledcltg8pkc28 > -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 > -# testament_sha1: ee0c6aab5414532d9554ef338cce049263902fd8 > -# timestamp: 2016-07-23 07:24:05 +0000 > -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 > -# base_revision_id: squid3(a)treenet.co.nz-20160723071620-\ > -#   1wzqpbyi1rk5w6vg > -#  > -# Begin patch > -=== modified file 'src/auth/User.cc' > ---- src/auth/User.cc 2016-01-01 00:14:27 +0000 > -+++ src/auth/User.cc 2016-07-23 07:19:30 +0000 > -@@ -284,7 +284,7 @@ > -             /* This ip has already been seen. */ > -             found = 1; > -             /* update IP ttl */ > --            ipdata->ip_expiretime = squid_curtime; > -+            ipdata->ip_expiretime = squid_curtime + > ::Config.authenticateIpTTL; > -         } else if (ipdata->ip_expiretime <= squid_curtime) { > -             /* This IP has expired - remove from the seen list */ > -             dlinkDelete(&ipdata->node, &ip_list); > - > diff --git a/src/patches/squid/squid-3.5-14069.patch > b/src/patches/squid/squid-3.5-14069.patch > deleted file mode 100644 > index 15ca37a..0000000 > --- a/src/patches/squid/squid-3.5-14069.patch > +++ /dev/null > @@ -1,30 +0,0 @@ > ------------------------------------------------------------- > -revno: 14069 > -revision-id: squidadm(a)squid-cache.org-20160723121351-iuc8hwstrqd0l1dv > -parent: squid3(a)treenet.co.nz-20160723071930-cemledcltg8pkc28 > -committer: Source Maintenance > -branch nick: 3.5 > -timestamp: Sat 2016-07-23 12:13:51 +0000 > -message: > -  SourceFormat Enforcement > ------------------------------------------------------------- > -# Bazaar merge directive format 2 (Bazaar 0.90) > -# revision_id: squidadm(a)squid-cache.org-20160723121351-\ > -#   iuc8hwstrqd0l1dv > -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 > -# testament_sha1: c9e37a723686ae2ee489ba7ec2e981ae153bda28 > -# timestamp: 2016-07-23 12:50:56 +0000 > -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 > -# base_revision_id: squid3(a)treenet.co.nz-20160723071930-\ > -#   cemledcltg8pkc28 > -#  > -# Begin patch > -=== modified file 'src/tests/stub_CacheDigest.cc' > ---- src/tests/stub_CacheDigest.cc 2016-07-23 07:16:20 +0000 > -+++ src/tests/stub_CacheDigest.cc 2016-07-23 12:13:51 +0000 > -@@ -29,3 +29,4 @@ > - void cacheDigestGuessStatsReport(const CacheDigestGuessStats *, StoreEntry > *, const char *) STUB > - void cacheDigestReport(CacheDigest *, const char *, StoreEntry *) STUB > - uint32_t cacheDigestCalcMaskSize(uint64_t, uint8_t) STUB_RETVAL(1) > -+ > - > diff --git a/src/patches/squid/squid-3.5-14070.patch > b/src/patches/squid/squid-3.5-14070.patch > deleted file mode 100644 > index 5fcc39f..0000000 > --- a/src/patches/squid/squid-3.5-14070.patch > +++ /dev/null > @@ -1,44 +0,0 @@ > ------------------------------------------------------------- > -revno: 14070 > -revision-id: squid3(a)treenet.co.nz-20160805145933-0cpyy47o8955lamx > -parent: squidadm(a)squid-cache.org-20160723121351-iuc8hwstrqd0l1dv > -author: Christos Tsantilas > -committer: Amos Jeffries > -branch nick: 3.5 > -timestamp: Sat 2016-08-06 02:59:33 +1200 > -message: > -  Squid segfault via Ftp::Client::readControlReply(). > -   > -  Ftp::Client::scheduleReadControlReply(), which may called from the > -  asynchronous start() or readControlReply()/handleControlReply() > -  handlers, does not check whether the control connection is still usable > -  before using it. > -   > -  This is a Measurement Factory project. > ------------------------------------------------------------- > -# Bazaar merge directive format 2 (Bazaar 0.90) > -# revision_id: squid3(a)treenet.co.nz-20160805145933-0cpyy47o8955lamx > -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 > -# testament_sha1: 1c21ce821f9cbc22b3e8ff2b1029f7084b5f0643 > -# timestamp: 2016-08-05 15:00:22 +0000 > -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 > -# base_revision_id: squidadm(a)squid-cache.org-20160723121351-\ > -#   iuc8hwstrqd0l1dv > -#  > -# Begin patch > -=== modified file 'src/clients/FtpClient.cc' > ---- src/clients/FtpClient.cc 2016-02-19 23:15:41 +0000 > -+++ src/clients/FtpClient.cc 2016-08-05 14:59:33 +0000 > -@@ -314,6 +314,11 @@ > -         /* We've already read some reply data */ > -         handleControlReply(); > -     } else { > -+ > -+        if (!Comm::IsConnOpen(ctrl.conn)) { > -+            debugs(9, 3, "cannot read without ctrl " << ctrl.conn); > -+            return; > -+        } > -         /* > -          * Cancel the timeout on the Data socket (if any) and > -          * establish one on the control socket. > - > diff --git a/src/patches/squid/squid-3.5-14071.patch > b/src/patches/squid/squid-3.5-14071.patch > deleted file mode 100644 > index 6b353ea..0000000 > --- a/src/patches/squid/squid-3.5-14071.patch > +++ /dev/null > @@ -1,70 +0,0 @@ > ------------------------------------------------------------- > -revno: 14071 > -revision-id: squid3(a)treenet.co.nz-20160817025501-e66sjxm0bfy3ksn3 > -parent: squid3(a)treenet.co.nz-20160805145933-0cpyy47o8955lamx > -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4428 > -committer: Amos Jeffries > -branch nick: 3.5 > -timestamp: Wed 2016-08-17 14:55:01 +1200 > -message: > -  Bug 4428: mal-formed Cache-Control:stale-if-error header > ------------------------------------------------------------- > -# Bazaar merge directive format 2 (Bazaar 0.90) > -# revision_id: squid3(a)treenet.co.nz-20160817025501-e66sjxm0bfy3ksn3 > -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 > -# testament_sha1: b3b3ef13c45062a97bd5cc88c934019fe4af7a3c > -# timestamp: 2016-08-17 02:55:20 +0000 > -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 > -# base_revision_id: squid3(a)treenet.co.nz-20160805145933-\ > -#   0cpyy47o8955lamx > -#  > -# Begin patch > -=== modified file 'src/HttpHdrCc.cc' > ---- src/HttpHdrCc.cc 2016-01-01 00:14:27 +0000 > -+++ src/HttpHdrCc.cc 2016-08-17 02:55:01 +0000 > -@@ -257,6 +257,27 @@ > -  > -             /* for all options having values, "=value" after the name */ > -             switch (flag) { > -+            case CC_BADHDR: > -+                break; > -+            case CC_PUBLIC: > -+                break; > -+            case CC_PRIVATE: > -+                if (Private().size()) > -+                    packerPrintf(p, "=\"" SQUIDSTRINGPH "\"", > SQUIDSTRINGPRINT(Private())); > -+                break; > -+ > -+            case CC_NO_CACHE: > -+                if (noCache().size()) > -+                    packerPrintf(p, "=\"" SQUIDSTRINGPH "\"", > SQUIDSTRINGPRINT(noCache())); > -+                break; > -+            case CC_NO_STORE: > -+                break; > -+            case CC_NO_TRANSFORM: > -+                break; > -+            case CC_MUST_REVALIDATE: > -+                break; > -+            case CC_PROXY_REVALIDATE: > -+                break; > -             case CC_MAX_AGE: > -                 packerPrintf(p, "=%d", (int) maxAge()); > -                 break; > -@@ -272,8 +293,14 @@ > -             case CC_MIN_FRESH: > -                 packerPrintf(p, "=%d", (int) minFresh()); > -                 break; > --            default: > --                /* do nothing, directive was already printed */ > -+            case CC_ONLY_IF_CACHED: > -+                break; > -+            case CC_STALE_IF_ERROR: > -+                packerPrintf(p, "=%d", staleIfError()); > -+                break; > -+            case CC_OTHER: > -+            case CC_ENUM_END: > -+                // done below after the loop > -                 break; > -             } > -  > - > diff --git a/src/patches/squid/squid-3.5-14072.patch > b/src/patches/squid/squid-3.5-14072.patch > deleted file mode 100644 > index 228e773..0000000 > --- a/src/patches/squid/squid-3.5-14072.patch > +++ /dev/null > @@ -1,33 +0,0 @@ > ------------------------------------------------------------- > -revno: 14072 > -revision-id: squid3(a)treenet.co.nz-20160817025828-s4102klt2ei25tsm > -parent: squid3(a)treenet.co.nz-20160817025501-e66sjxm0bfy3ksn3 > -committer: Amos Jeffries > -branch nick: 3.5 > -timestamp: Wed 2016-08-17 14:58:28 +1200 > -message: > -  Fix SSL-Bump failure results in SEGFAULT > ------------------------------------------------------------- > -# Bazaar merge directive format 2 (Bazaar 0.90) > -# revision_id: squid3(a)treenet.co.nz-20160817025828-s4102klt2ei25tsm > -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 > -# testament_sha1: 73877d276fba41282aeb5973207d02851d5eb784 > -# timestamp: 2016-08-17 03:50:56 +0000 > -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 > -# base_revision_id: squid3(a)treenet.co.nz-20160817025501-\ > -#   e66sjxm0bfy3ksn3 > -#  > -# Begin patch > -=== modified file 'src/client_side_request.cc' > ---- src/client_side_request.cc 2016-05-06 08:24:29 +0000 > -+++ src/client_side_request.cc 2016-08-17 02:58:28 +0000 > -@@ -1811,7 +1811,7 @@ > -             repContext->setReplyToStoreEntry(e, "immediate SslBump error"); > -             errorAppendEntry(e, calloutContext->error); > -             calloutContext->error = NULL; > --            if (calloutContext->readNextRequest) > -+            if (calloutContext->readNextRequest && getConn()) > -                 getConn()->flags.readMore = true; // resume any pipeline > reads. > -             node = (clientStreamNode *)client_stream.tail->data; > -             clientStreamRead(node, this, node->readBuffer); > - > diff --git a/src/patches/squid/squid-3.5-14073.patch > b/src/patches/squid/squid-3.5-14073.patch > deleted file mode 100644 > index b7915a4..0000000 > --- a/src/patches/squid/squid-3.5-14073.patch > +++ /dev/null > @@ -1,151 +0,0 @@ > ------------------------------------------------------------- > -revno: 14073 > -revision-id: squid3(a)treenet.co.nz-20160817051037-p0kaj2iw2u4u8iqj > -parent: squid3(a)treenet.co.nz-20160817025828-s4102klt2ei25tsm > -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4563 > -committer: Amos Jeffries > -branch nick: 3.5 > -timestamp: Wed 2016-08-17 17:10:37 +1200 > -message: > -  Bug 4563: duplicate code in httpMakeVaryMark > ------------------------------------------------------------- > -# Bazaar merge directive format 2 (Bazaar 0.90) > -# revision_id: squid3(a)treenet.co.nz-20160817051037-p0kaj2iw2u4u8iqj > -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 > -# testament_sha1: bba9a17715b8759e9d70db2c75f70f3c6152ae8a > -# timestamp: 2016-08-17 05:50:53 +0000 > -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 > -# base_revision_id: squid3(a)treenet.co.nz-20160817025828-\ > -#   s4102klt2ei25tsm > -#  > -# Begin patch > -=== modified file 'src/http.cc' > ---- src/http.cc 2016-04-01 06:15:31 +0000 > -+++ src/http.cc 2016-08-17 05:10:37 +0000 > -@@ -572,6 +572,38 @@ > -     /* NOTREACHED */ > - } > -  > -+/// assemble a variant key (vary-mark) from the given Vary header and HTTP > request > -+static void > -+assembleVaryKey(String &vary, SBuf &vstr, const HttpRequest &request) > -+{ > -+    static const SBuf asterisk("*"); > -+    const char *pos = nullptr; > -+    const char *item = nullptr; > -+    int ilen = 0; > -+ > -+    while (strListGetItem(&vary, ',', &item, &ilen, &pos)) { > -+        SBuf name(item, ilen); > -+        if (name == asterisk) { > -+            vstr.clear(); > -+            break; > -+        } > -+        name.toLower(); > -+        if (!vstr.isEmpty()) > -+            vstr.append(", ", 2); > -+        vstr.append(name); > -+        String hdr(request.header.getByName(name.c_str())); > -+        const char *value = hdr.termedBuf(); > -+        if (value) { > -+            value = rfc1738_escape_part(value); > -+            vstr.append("=\"", 2); > -+            vstr.append(value); > -+            vstr.append("\"", 1); > -+        } > -+ > -+        hdr.clean(); > -+    } > -+} > -+ > - /* > -  * For Vary, store the relevant request headers as > -  * virtual headers in the reply > -@@ -580,81 +612,16 @@ > - SBuf > - httpMakeVaryMark(HttpRequest * request, HttpReply const * reply) > - { > --    String vary, hdr; > --    const char *pos = NULL; > --    const char *item; > --    const char *value; > --    int ilen; > -     SBuf vstr; > --    static const SBuf asterisk("*"); > -+    String vary; > -  > -     vary = reply->header.getList(HDR_VARY); > -- > --    while (strListGetItem(&vary, ',', &item, &ilen, &pos)) { > --        char *name = (char *)xmalloc(ilen + 1); > --        xstrncpy(name, item, ilen + 1); > --        Tolower(name); > -- > --        if (strcmp(name, "*") == 0) { > --            /* Can not handle "Vary: *" withtout ETag support */ > --            safe_free(name); > --            vstr.clear(); > --            break; > --        } > -- > --        if (!vstr.isEmpty()) > --            vstr.append(", ", 2); > --        vstr.append(name); > --        hdr = request->header.getByName(name); > --        safe_free(name); > --        value = hdr.termedBuf(); > -- > --        if (value) { > --            value = rfc1738_escape_part(value); > --            vstr.append("=\"", 2); > --            vstr.append(value); > --            vstr.append("\"", 1); > --        } > -- > --        hdr.clean(); > --    } > -- > -+    assembleVaryKey(vary, vstr, *request); > -+ > -+#if X_ACCELERATOR_VARY > -     vary.clean(); > --#if X_ACCELERATOR_VARY > -- > --    pos = NULL; > -     vary = reply->header.getList(HDR_X_ACCELERATOR_VARY); > -- > --    while (strListGetItem(&vary, ',', &item, &ilen, &pos)) { > --        char *name = (char *)xmalloc(ilen + 1); > --        xstrncpy(name, item, ilen + 1); > --        Tolower(name); > -- > --        if (strcmp(name, "*") == 0) { > --            /* Can not handle "Vary: *" withtout ETag support */ > --            safe_free(name); > --            vstr.clear(); > --            break; > --        } > -- > --        if (!vstr.isEmpty()) > --            vstr.append(", ", 2); > --        vstr.append(name); > --        hdr = request->header.getByName(name); > --        safe_free(name); > --        value = hdr.termedBuf(); > -- > --        if (value) { > --            value = rfc1738_escape_part(value); > --            vstr.append("=\"", 2); > --            vstr.append(value); > --            vstr.append("\"", 1); > --        } > -- > --        hdr.clean(); > --    } > -- > --    vary.clean(); > -+    assembleVaryKey(vary, vstr, *request); > - #endif > -  > -     debugs(11, 3, vstr); > - > diff --git a/src/patches/squid/squid-3.5-14074.patch > b/src/patches/squid/squid-3.5-14074.patch > deleted file mode 100644 > index dbafbf0..0000000 > --- a/src/patches/squid/squid-3.5-14074.patch > +++ /dev/null > @@ -1,55 +0,0 @@ > ------------------------------------------------------------- > -revno: 14074 > -revision-id: squid3(a)treenet.co.nz-20160817054829-rl7q49ysi40sj01i > -parent: squid3(a)treenet.co.nz-20160817051037-p0kaj2iw2u4u8iqj > -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=3025 > -author: mkishi > -committer: Amos Jeffries > -branch nick: 3.5 > -timestamp: Wed 2016-08-17 17:48:29 +1200 > -message: > -  Bug 3025: Proxy-Authenticate problem using ICAP server > ------------------------------------------------------------- > -# Bazaar merge directive format 2 (Bazaar 0.90) > -# revision_id: squid3(a)treenet.co.nz-20160817054829-rl7q49ysi40sj01i > -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 > -# testament_sha1: f4eb1b35dc72bba74a398070900a0951257e547e > -# timestamp: 2016-08-17 05:50:56 +0000 > -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 > -# base_revision_id: squid3(a)treenet.co.nz-20160817051037-\ > -#   p0kaj2iw2u4u8iqj > -#  > -# Begin patch > -=== modified file 'src/client_side_reply.cc' > ---- src/client_side_reply.cc 2016-04-01 06:15:31 +0000 > -+++ src/client_side_reply.cc 2016-08-17 05:48:29 +0000 > -@@ -1305,8 +1305,14 @@ > -  > -     // if there is not configured a peer proxy with login=PASS or > login=PASSTHRU option enabled > -     // remove the Proxy-Authenticate header > --    if ( !request->peer_login || (strcmp(request->peer_login,"PASS") != 0 && > strcmp(request->peer_login,"PASSTHRU") != 0)) > --        reply->header.delById(HDR_PROXY_AUTHENTICATE); > -+    if ( !request->peer_login || (strcmp(request->peer_login,"PASS") != 0 && > strcmp(request->peer_login,"PASSTHRU") != 0)) { > -+#if USE_ADAPTATION > -+        // but allow adaptation services to authenticate clients > -+        // via request satisfaction > -+        if (!http->requestSatisfactionMode()) > -+#endif > -+            reply->header.delById(HDR_PROXY_AUTHENTICATE); > -+    } > -  > -     reply->header.removeHopByHopEntries(); > -  > - > -=== modified file 'src/client_side_request.h' > ---- src/client_side_request.h 2016-01-01 00:14:27 +0000 > -+++ src/client_side_request.h 2016-08-17 05:48:29 +0000 > -@@ -140,6 +140,7 @@ > -  > - public: > -     void startAdaptation(const Adaptation::ServiceGroupPointer &g); > -+    bool requestSatisfactionMode() const { return request_satisfaction_mode; > } > -  > -     // private but exposed for ClientRequestContext > -     void handleAdaptationFailure(int errDetail, bool bypassable = false); > - > diff --git a/src/patches/squid/squid-3.5-14075.patch > b/src/patches/squid/squid-3.5-14075.patch > deleted file mode 100644 > index 8c0b5a3..0000000 > --- a/src/patches/squid/squid-3.5-14075.patch > +++ /dev/null > @@ -1,38 +0,0 @@ > ------------------------------------------------------------- > -revno: 14075 > -revision-id: squid3(a)treenet.co.nz-20160817133413-vdmm0d6kvo8bfszk > -parent: squid3(a)treenet.co.nz-20160817054829-rl7q49ysi40sj01i > -committer: Amos Jeffries > -branch nick: 3.5 > -timestamp: Thu 2016-08-18 01:34:13 +1200 > -message: > -  Fix logic error in rev.13930 > -   > -   Using !=0 on both string compares means any login= value will permit > -   40x responses through. Only PASS and PASSTHRU should be doing that. > -   > -   Detected by Coverity Scan. Issue 1364711 > ------------------------------------------------------------- > -# Bazaar merge directive format 2 (Bazaar 0.90) > -# revision_id: squid3(a)treenet.co.nz-20160817133413-vdmm0d6kvo8bfszk > -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 > -# testament_sha1: 31f0c4e0f435e0aa994ffe8937e4d4c58fed37f5 > -# timestamp: 2016-08-17 13:34:59 +0000 > -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 > -# base_revision_id: squid3(a)treenet.co.nz-20160817054829-\ > -#   rl7q49ysi40sj01i > -#  > -# Begin patch > -=== modified file 'src/tunnel.cc' > ---- src/tunnel.cc 2016-01-01 00:14:27 +0000 > -+++ src/tunnel.cc 2016-08-17 13:34:13 +0000 > -@@ -476,7 +476,7 @@ > -  > -     // we need to relay the 401/407 responses when login=PASS(THRU) > -     const char *pwd = server.conn->getPeer()->login; > --    const bool relay = pwd && (strcmp(pwd, "PASS") != 0 || strcmp(pwd, > "PASSTHRU") != 0) && > -+    const bool relay = pwd && (strcmp(pwd, "PASS") == 0 || strcmp(pwd, > "PASSTHRU") == 0) && > -                        (*status_ptr == Http::scProxyAuthenticationRequired > || > -                         *status_ptr == Http::scUnauthorized); > -  > -