From mboxrd@z Thu Jan 1 00:00:00 1970 From: Matthias Fischer To: development@lists.ipfire.org Subject: [PATCH] squid: Update to 3.5.26 Date: Fri, 02 Jun 2017 23:41:15 +0200 Message-ID: <20170602214115.11289-1-matthias.fischer@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============5331728201202964950==" List-Id: --===============5331728201202964950== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Signed-off-by: Matthias Fischer --- lfs/squid | 19 +-- ...=3D> squid-3.5.26-fix-max-file-descriptors.patch} | 0 src/patches/squid/squid-3.5-14155.patch | 46 ------ src/patches/squid/squid-3.5-14156.patch | 44 ----- src/patches/squid/squid-3.5-14157.patch | 34 ---- src/patches/squid/squid-3.5-14158.patch | 46 ------ src/patches/squid/squid-3.5-14159.patch | 35 ---- src/patches/squid/squid-3.5-14160.patch | 39 ----- src/patches/squid/squid-3.5-14161.patch | 52 ------ src/patches/squid/squid-3.5-14162.patch | 133 --------------- src/patches/squid/squid-3.5-14163.patch | 103 ------------ src/patches/squid/squid-3.5-14164.patch | 103 ------------ src/patches/squid/squid-3.5-14165.patch | 51 ------ src/patches/squid/squid-3.5-14166.patch | 47 ------ src/patches/squid/squid-3.5-14167.patch | 181 -------------------= -- 15 files changed, 3 insertions(+), 930 deletions(-) rename src/patches/{squid-3.5.25-fix-max-file-descriptors.patch =3D> squid-3= .5.26-fix-max-file-descriptors.patch} (100%) delete mode 100644 src/patches/squid/squid-3.5-14155.patch delete mode 100644 src/patches/squid/squid-3.5-14156.patch delete mode 100644 src/patches/squid/squid-3.5-14157.patch delete mode 100644 src/patches/squid/squid-3.5-14158.patch delete mode 100644 src/patches/squid/squid-3.5-14159.patch delete mode 100644 src/patches/squid/squid-3.5-14160.patch delete mode 100644 src/patches/squid/squid-3.5-14161.patch delete mode 100644 src/patches/squid/squid-3.5-14162.patch delete mode 100644 src/patches/squid/squid-3.5-14163.patch delete mode 100644 src/patches/squid/squid-3.5-14164.patch delete mode 100644 src/patches/squid/squid-3.5-14165.patch delete mode 100644 src/patches/squid/squid-3.5-14166.patch delete mode 100644 src/patches/squid/squid-3.5-14167.patch diff --git a/lfs/squid b/lfs/squid index 49db48a65..22659ed84 100644 --- a/lfs/squid +++ b/lfs/squid @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 3.5.25 +VER =3D 3.5.26 =20 THISAPP =3D squid-$(VER) DL_FILE =3D $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D 6b7dd7b42b1adacf08f3155640ea2782 +$(DL_FILE)_MD5 =3D 510e2c84773879c00d0e7ced997864d9 =20 install : $(TARGET) =20 @@ -70,20 +70,7 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar xaf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14155= .patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14156= .patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14157= .patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14158= .patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14159= .patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14160= .patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14161= .patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14162= .patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14163= .patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14164= .patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14165= .patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14166= .patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14167= .patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.5.25-fix-max-= file-descriptors.patch + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.5.26-fix-max-= file-descriptors.patch =20 cd $(DIR_APP) && autoreconf -vfi cd $(DIR_APP)/libltdl && autoreconf -vfi diff --git a/src/patches/squid-3.5.25-fix-max-file-descriptors.patch b/src/pa= tches/squid-3.5.26-fix-max-file-descriptors.patch similarity index 100% rename from src/patches/squid-3.5.25-fix-max-file-descriptors.patch rename to src/patches/squid-3.5.26-fix-max-file-descriptors.patch diff --git a/src/patches/squid/squid-3.5-14155.patch b/src/patches/squid/squi= d-3.5-14155.patch deleted file mode 100644 index d110289f7..000000000 --- a/src/patches/squid/squid-3.5-14155.patch +++ /dev/null @@ -1,46 +0,0 @@ ------------------------------------------------------------- -revno: 14155 -revision-id: squid3(a)treenet.co.nz-20170504061416-ks61dfut8wyml2qu -parent: squid3(a)treenet.co.nz-20170402121452-ox6d8ttzlmbov3xm -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=3D4682 -author: Christos Tsantilas -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Thu 2017-05-04 18:14:16 +1200 -message: - Bug 4682: Fix ssl_bump "bump" action documentation - =20 - Fixes squid documentation to correctly describe the squid behavior when t= he - "bump" action is selected on step SslBump1. In this case squid selects - the client-first bumping mode. - =20 - This is a Measurement Factory project ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3(a)treenet.co.nz-20170504061416-ks61dfut8wyml2qu -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: f3b4861a085e069948da25398782237609037c5f -# timestamp: 2017-05-04 06:16:54 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3(a)treenet.co.nz-20170402121452-\ -# ox6d8ttzlmbov3xm -#=20 -# Begin patch -=3D=3D=3D modified file 'src/cf.data.pre' ---- src/cf.data.pre 2017-03-31 23:38:31 +0000 -+++ src/cf.data.pre 2017-05-04 06:14:16 +0000 -@@ -2669,8 +2669,11 @@ - This is the default action. -=20 - bump -- Establish a secure connection with the server and, using a -- mimicked server certificate, with the client. -+ When used on step SslBump1, establishes a secure connection -+ with the client first, then connect to the server. -+ When used on step SslBump2 or SslBump3, establishes a secure -+ connection with the server and, using a mimicked server -+ certificate, with the client. -=20 - peek - Receive client (step SslBump1) or server (step SslBump2) - diff --git a/src/patches/squid/squid-3.5-14156.patch b/src/patches/squid/squi= d-3.5-14156.patch deleted file mode 100644 index 59e58a5d7..000000000 --- a/src/patches/squid/squid-3.5-14156.patch +++ /dev/null @@ -1,44 +0,0 @@ ------------------------------------------------------------- -revno: 14156 -revision-id: squid3(a)treenet.co.nz-20170508110920-73gma737u4x6ce87 -parent: squid3(a)treenet.co.nz-20170504061416-ks61dfut8wyml2qu -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=3D4695 -author: Lubos Uhliarik -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Mon 2017-05-08 23:09:20 +1200 -message: - Bug 4695: squidpurge: GCC 7 build errors ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3(a)treenet.co.nz-20170508110920-73gma737u4x6ce87 -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: a0f0c573b5be3d81cf0f8e65ae52bf27bd08dba5 -# timestamp: 2017-05-08 11:51:08 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3(a)treenet.co.nz-20170504061416-\ -# ks61dfut8wyml2qu -#=20 -# Begin patch -=3D=3D=3D modified file 'tools/purge/purge.cc' ---- tools/purge/purge.cc 2017-01-01 00:16:45 +0000 -+++ tools/purge/purge.cc 2017-05-08 11:09:20 +0000 -@@ -272,7 +272,7 @@ - snprintf( md5, sizeof(md5), "%-32s", "(no_md5_data_available)" ); - } -=20 -- char timeb[64]; -+ char timeb[256]; - if ( meta && (findings =3D meta->search( STORE_META_STD )) ) { - StoreMetaStd temp; - // make data aligned, avoid SIGBUS on RISC machines (ARGH!) -@@ -283,7 +283,7 @@ - } else if ( meta && (findings =3D meta->search( STORE_META_STD_LFS )) )= { - StoreMetaStdLFS temp; - // make data aligned, avoid SIGBUS on RISC machines (ARGH!) -- memcpy( &temp, findings->data, sizeof(StoreMetaStd) ); -+ memcpy( &temp, findings->data, sizeof(StoreMetaStdLFS) ); - snprintf( timeb, sizeof(timeb), "%08lx %08lx %08lx %08lx %04x %5hu = ", - (unsigned long)temp.timestamp, (unsigned long)temp.lastre= f, - (unsigned long)temp.expires, (unsigned long)temp.lastmod,= temp.flags, temp.refcount ); - diff --git a/src/patches/squid/squid-3.5-14157.patch b/src/patches/squid/squi= d-3.5-14157.patch deleted file mode 100644 index 39d298c7d..000000000 --- a/src/patches/squid/squid-3.5-14157.patch +++ /dev/null @@ -1,34 +0,0 @@ ------------------------------------------------------------- -revno: 14157 -revision-id: squid3(a)treenet.co.nz-20170529042116-kp9naxxmdsqicpjv -parent: squid3(a)treenet.co.nz-20170508110920-73gma737u4x6ce87 -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=3D4589 -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Mon 2017-05-29 16:21:16 +1200 -message: - Bug 4589: ssl_crtd: returning zero on failure ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3(a)treenet.co.nz-20170529042116-kp9naxxmdsqicpjv -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: ad29dd184416dc47dee80234c541185cca166bb3 -# timestamp: 2017-05-29 04:39:57 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3(a)treenet.co.nz-20170508110920-\ -# 73gma737u4x6ce87 -#=20 -# Begin patch -=3D=3D=3D modified file 'src/ssl/ssl_crtd.cc' ---- src/ssl/ssl_crtd.cc 2017-01-01 00:16:45 +0000 -+++ src/ssl/ssl_crtd.cc 2017-05-29 04:21:16 +0000 -@@ -350,7 +350,7 @@ - } - } catch (std::runtime_error & error) { - std::cerr << argv[0] << ": " << error.what() << std::endl; -- return 0; -+ return -1; - } - return 0; - } - diff --git a/src/patches/squid/squid-3.5-14158.patch b/src/patches/squid/squi= d-3.5-14158.patch deleted file mode 100644 index f0ed0f0d6..000000000 --- a/src/patches/squid/squid-3.5-14158.patch +++ /dev/null @@ -1,46 +0,0 @@ ------------------------------------------------------------- -revno: 14158 -revision-id: squid3(a)treenet.co.nz-20170529043611-1hyb93ivtu5wrdwg -parent: squid3(a)treenet.co.nz-20170529042116-kp9naxxmdsqicpjv -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=3D3102 -author: Martin von Gagern -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Mon 2017-05-29 16:36:11 +1200 -message: - Bug 3102: FTP directory listing drops fist character of file names ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3(a)treenet.co.nz-20170529043611-1hyb93ivtu5wrdwg -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: 60a5f01fc9c9967c55c651c31546cb1067325705 -# timestamp: 2017-05-29 04:39:59 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3(a)treenet.co.nz-20170529042116-\ -# kp9naxxmdsqicpjv -#=20 -# Begin patch -=3D=3D=3D modified file 'src/clients/FtpGateway.cc' ---- src/clients/FtpGateway.cc 2017-02-26 08:50:09 +0000 -+++ src/clients/FtpGateway.cc 2017-05-29 04:36:11 +0000 -@@ -626,10 +626,17 @@ - while (strchr(w_space, *copyFrom)) - ++copyFrom; - } else { -- /* XXX assumes a single space between date and filename -+ /* Handle the following four formats: -+ * "MMM DD YYYY Name" -+ * "MMM DD YYYYName" -+ * "MMM DD YYYY Name" -+ * "MMM DD YYYY Name" -+ * Assuming a single space between date and filename - * suggested by: Nathan.Bailey(a)cc.monash.edu.au and - * Mike Battersby */ -- copyFrom +=3D strlen(tbuf) + 1; -+ copyFrom +=3D strlen(tbuf); -+ if (strchr(w_space, *copyFrom)) -+ ++copyFrom; - } -=20 - p->name =3D xstrdup(copyFrom); - diff --git a/src/patches/squid/squid-3.5-14159.patch b/src/patches/squid/squi= d-3.5-14159.patch deleted file mode 100644 index a50f470c7..000000000 --- a/src/patches/squid/squid-3.5-14159.patch +++ /dev/null @@ -1,35 +0,0 @@ ------------------------------------------------------------- -revno: 14159 -revision-id: squid3(a)treenet.co.nz-20170529043741-9chwfs5onxuip52x -parent: squid3(a)treenet.co.nz-20170529043611-1hyb93ivtu5wrdwg -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=3D3772 -author: Rainer Tammer -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Mon 2017-05-29 16:37:41 +1200 -message: - Bug 3772: message from FTP server gets mangled ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3(a)treenet.co.nz-20170529043741-9chwfs5onxuip52x -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: 800db5dab62d996440fd6fccd35e9f1f34f2f0e1 -# timestamp: 2017-05-29 04:40:02 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3(a)treenet.co.nz-20170529043611-\ -# 1hyb93ivtu5wrdwg -#=20 -# Begin patch -=3D=3D=3D modified file 'src/clients/FtpGateway.cc' ---- src/clients/FtpGateway.cc 2017-05-29 04:36:11 +0000 -+++ src/clients/FtpGateway.cc 2017-05-29 04:37:41 +0000 -@@ -1541,7 +1541,7 @@ - /* Reset cwd_message to only include the last message */ - ftpState->cwd_message.reset(""); - for (wordlist *w =3D ftpState->ctrl.message; w; w =3D w->next) { -- ftpState->cwd_message.append(' '); -+ ftpState->cwd_message.append('\n'); - ftpState->cwd_message.append(w->key); - } - ftpState->ctrl.message =3D NULL; - diff --git a/src/patches/squid/squid-3.5-14160.patch b/src/patches/squid/squi= d-3.5-14160.patch deleted file mode 100644 index 9f5122c5a..000000000 --- a/src/patches/squid/squid-3.5-14160.patch +++ /dev/null @@ -1,39 +0,0 @@ ------------------------------------------------------------- -revno: 14160 -revision-id: squid3(a)treenet.co.nz-20170529043852-zkf91gxhaqdj0rkn -parent: squid3(a)treenet.co.nz-20170529043741-9chwfs5onxuip52x -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Mon 2017-05-29 16:38:52 +1200 -message: - Add OpenSSL library details to -v output - =20 - This is partially to meet the OpenSSL copyright requirement that binaries - mention when they are using the library, and partially for admin to see - which library their Squid is using when multiple are present in the system. ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3(a)treenet.co.nz-20170529043852-zkf91gxhaqdj0rkn -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: c401fe3de5518102ac6a3a4dc7b121ac415c05d4 -# timestamp: 2017-05-29 04:40:04 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3(a)treenet.co.nz-20170529043741-\ -# 9chwfs5onxuip52x -#=20 -# Begin patch -=3D=3D=3D modified file 'src/main.cc' ---- src/main.cc 2017-02-26 08:52:45 +0000 -+++ src/main.cc 2017-05-29 04:38:52 +0000 -@@ -563,6 +563,10 @@ - printf("Service Name: " SQUIDSBUFPH "\n", SQUIDSBUFPRINT(servic= e_name)); - if (strlen(SQUID_BUILD_INFO)) - printf("%s\n",SQUID_BUILD_INFO); -+#if USE_OPENSSL -+ printf("\nThis binary uses %s. ", SSLeay_version(SSLEAY_VERSION= )); -+ printf("For legal restrictions on distribution see https://www.= openssl.org/source/license.html\n\n"); -+#endif - printf( "configure options: %s\n", SQUID_CONFIGURE_OPTIONS); -=20 - #if USE_WIN32_SERVICE - diff --git a/src/patches/squid/squid-3.5-14161.patch b/src/patches/squid/squi= d-3.5-14161.patch deleted file mode 100644 index d3aaa2d35..000000000 --- a/src/patches/squid/squid-3.5-14161.patch +++ /dev/null @@ -1,52 +0,0 @@ ------------------------------------------------------------- -revno: 14161 -revision-id: squid3(a)treenet.co.nz-20170529053359-xtbuev2zwmdfj9mp -parent: squid3(a)treenet.co.nz-20170529043852-zkf91gxhaqdj0rkn -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=3D4682 -author: Christos Tsantilas -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Mon 2017-05-29 17:33:59 +1200 -message: - Bug 4653: %st lies about tunneled traffic volumes - =20 - Squid-5 and squid-4 does not count the "HTTP/1.1 200 Connection Establishe= d" - header size for %http.get()) { -+ http->out.headers_sz +=3D len; -+ http->out.size +=3D len; -+ } -+ - tunnelStartShoveling(tunnelState); - } -=20 - diff --git a/src/patches/squid/squid-3.5-14162.patch b/src/patches/squid/squi= d-3.5-14162.patch deleted file mode 100644 index 140aea732..000000000 --- a/src/patches/squid/squid-3.5-14162.patch +++ /dev/null @@ -1,133 +0,0 @@ ------------------------------------------------------------- -revno: 14162 -revision-id: squid3(a)treenet.co.nz-20170529055234-790hfbazjwy0fmk4 -parent: squid3(a)treenet.co.nz-20170529053359-xtbuev2zwmdfj9mp -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=3D4711 -author: Christos Tsantilas -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Mon 2017-05-29 17:52:34 +1200 -message: - Bug 4711: SubjectAlternativeNames is missing in some generated certificates - =20 - Squid may generate certificates which have a Common Name, but do not have - a subjectAltName extension. For example when squid generated certificates - do not mimic an origin certificate or when the certificate adaptation - algorithm sslproxy_cert_adapt/setCommonName is used. - =20 - This is causes problems to some browsers, which validates a certificate us= ing - the SubjectAlternativeNames but ignore the CommonName field. - =20 - This patch fixes squid to always add a SubjectAlternativeNames extension in - generated certificates which do not mimic an origin certificate. - =20 - Squid still will not add a subjectAltName extension when mimicking an orig= in - server certificate, even if that origin server certificate does not include - the subjectAltName extension. Such origin server may have problems when - talking directly to browsers, and patched Squid is not trying to fix those - problems. - =20 - This is a Measurement Factory project ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3(a)treenet.co.nz-20170529055234-790hfbazjwy0fmk4 -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: e3162152cf590c8126eb3d189ea1ab90ba9a5c37 -# timestamp: 2017-05-29 05:54:13 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3(a)treenet.co.nz-20170529053359-\ -# xtbuev2zwmdfj9mp -#=20 -# Begin patch -=3D=3D=3D modified file 'src/ssl/gadgets.cc' ---- src/ssl/gadgets.cc 2017-01-01 00:16:45 +0000 -+++ src/ssl/gadgets.cc 2017-05-29 05:52:34 +0000 -@@ -339,7 +339,40 @@ - return added; - } -=20 --static bool buildCertificate(Ssl::X509_Pointer & cert, Ssl::CertificateProp= erties const &properties) -+/// Adds a new subjectAltName extension contining Subject CN or returns fal= se -+/// expects the caller to check for the existing subjectAltName extension -+static bool -+addAltNameWithSubjectCn(Ssl::X509_Pointer &cert) -+{ -+ X509_NAME *name =3D X509_get_subject_name(cert.get()); -+ if (!name) -+ return false; -+ -+ const int loc =3D X509_NAME_get_index_by_NID(name, NID_commonName, -1); -+ if (loc < 0) -+ return false; -+ -+ ASN1_STRING *cn_data =3D X509_NAME_ENTRY_get_data(X509_NAME_get_entry(n= ame, loc)); -+ if (!cn_data) -+ return false; -+ -+ char dnsName[1024]; // DNS names are limited to 256 characters -+ const int res =3D snprintf(dnsName, sizeof(dnsName), "DNS:%*s", cn_data= ->length, cn_data->data); -+ if (res <=3D 0 || res >=3D static_cast(sizeof(dnsName))) -+ return false; -+ -+ X509_EXTENSION *ext =3D X509V3_EXT_conf_nid(NULL, NULL, NID_subject_alt= _name, dnsName); -+ if (!ext) -+ return false; -+ -+ const bool result =3D X509_add_ext(cert.get(), ext, -1); -+ -+ X509_EXTENSION_free(ext); -+ return result; -+} -+ -+static bool -+buildCertificate(Ssl::X509_Pointer & cert, Ssl::CertificateProperties const= &properties) - { - // not an Ssl::X509_NAME_Pointer because X509_REQ_get_subject_name() - // returns a pointer to the existing subject name. Nothing to clean her= e. -@@ -387,6 +420,8 @@ - } else if (!X509_gmtime_adj(X509_get_notAfter(cert.get()), 60*60*24*356= *3)) - return false; -=20 -+ int addedExtensions =3D 0; -+ bool useCommonNameAsAltName =3D true; - // mimic the alias and possibly subjectAltName - if (properties.mimicCert.get()) { - unsigned char *alStr; -@@ -396,26 +431,29 @@ - X509_alias_set1(cert.get(), alStr, alLen); - } -=20 -- int addedExtensions =3D 0; -- - // Mimic subjectAltName unless we used a configured CN: browsers re= ject - // certificates with CN unrelated to subjectAltNames. - if (!properties.setCommonName) { -- int pos=3DX509_get_ext_by_NID (properties.mimicCert.get(), OBJ_= sn2nid("subjectAltName"), -1); -+ int pos =3D X509_get_ext_by_NID(properties.mimicCert.get(), NID= _subject_alt_name, -1); - X509_EXTENSION *ext=3DX509_get_ext(properties.mimicCert.get(), = pos); - if (ext) { - if (X509_add_ext(cert.get(), ext, -1)) - ++addedExtensions; - } -+ // We want to mimic the server-sent subjectAltName, not enhance= it. -+ useCommonNameAsAltName =3D false; - } -=20 - addedExtensions +=3D mimicExtensions(cert, properties.mimicCert); -- -- // According to RFC 5280, using extensions requires v3 certificate. -- if (addedExtensions) -- X509_set_version(cert.get(), 2); // value 2 means v3 - } -=20 -+ if (useCommonNameAsAltName && addAltNameWithSubjectCn(cert)) -+ ++addedExtensions; -+ -+ // According to RFC 5280, using extensions requires v3 certificate. -+ if (addedExtensions) -+ X509_set_version(cert.get(), 2); // value 2 means v3 -+ - return true; - } -=20 - diff --git a/src/patches/squid/squid-3.5-14163.patch b/src/patches/squid/squi= d-3.5-14163.patch deleted file mode 100644 index d4e27b7eb..000000000 --- a/src/patches/squid/squid-3.5-14163.patch +++ /dev/null @@ -1,103 +0,0 @@ ------------------------------------------------------------- -revno: 14163 -revision-id: squid3(a)treenet.co.nz-20170529062945-gf7u7dukaumjof74 -parent: squid3(a)treenet.co.nz-20170529055234-790hfbazjwy0fmk4 -author: Ingo Schwarze, Francesco Chemolli -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Mon 2017-05-29 18:29:45 +1200 -message: - Docs: Improve formatting of several manual pages ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3(a)treenet.co.nz-20170529062945-gf7u7dukaumjof74 -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: b417bbc7ffb2351fb670e7baa721b9d9b8315024 -# timestamp: 2017-05-29 06:33:51 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3(a)treenet.co.nz-20170529055234-\ -# 790hfbazjwy0fmk4 -#=20 -# Begin patch -=3D=3D=3D modified file 'helpers/basic_auth/LDAP/basic_ldap_auth.8' ---- helpers/basic_auth/LDAP/basic_ldap_auth.8 2017-03-31 23:47:47 +0000 -+++ helpers/basic_auth/LDAP/basic_ldap_auth.8 2017-05-29 06:29:45 +0000 -@@ -5,9 +5,9 @@ - . - .SH SYNOPSIS - .if !'po4a'hide' .B basic_ldap_auth --.if !'po4a'hide' .B \-b\ \" -+.if !'po4a'hide' .B \-b\ \(dq - base DN --.if !'po4a'hide' .B \"\ [\-u -+.if !'po4a'hide' .B \(dq\ [\-u - attribute - .if !'po4a'hide' .B ]\ [ - options -@@ -20,11 +20,11 @@ - .if !'po4a'hide' .B ]... - .br - .if !'po4a'hide' .B basic_ldap_auth --.if !'po4a'hide' .B \-b\ \" -+.if !'po4a'hide' .B \-b\ \(dq - base DN --.if !'po4a'hide' .B \"\ \-f\ \" -+.if !'po4a'hide' .B \(dq\ \-f\ \(dq - LDAP search filter --.if !'po4a'hide' .B \"\ [ -+.if !'po4a'hide' .B \(dq\ [ - options - .if !'po4a'hide' .B ]\ [ - LDAP server name -@@ -74,7 +74,7 @@ - The search filter can contain up to 15 occurrences of - .B %s - which will be replaced by the username, as in --.B "\"uid\=3D%s\"" -+.B "\(dquid\=3D%s\(dq" - for RFC2037 directories. For a detailed description of LDAP search - filter syntax see RFC2254. - .br - -=3D=3D=3D modified file 'helpers/basic_auth/RADIUS/basic_radius_auth.8' ---- helpers/basic_auth/RADIUS/basic_radius_auth.8 2017-01-01 00:16:45 +0000 -+++ helpers/basic_auth/RADIUS/basic_radius_auth.8 2017-05-29 06:29:45 +0000 -@@ -9,9 +9,9 @@ - config file - .br - .if !'po4a'hide' .B basic_radius_auth --.if !'po4a'hide' .B "\-h \"" -+.if !'po4a'hide' .B "\-h \(dq" - server name --.if !'po4a'hide' .B "\" [\-p " -+.if !'po4a'hide' .B "\(dq [\-p " - port - .if !'po4a'hide' .B "] [\-i " - identifier - -=3D=3D=3D modified file 'helpers/external_acl/file_userip/ext_file_userip_ac= l.8' ---- helpers/external_acl/file_userip/ext_file_userip_acl.8 2017-01-01 00:16:= 45 +0000 -+++ helpers/external_acl/file_userip/ext_file_userip_acl.8 2017-05-29 06:29:= 45 +0000 -@@ -68,7 +68,7 @@ - .B ALL=20 - and=20 - .B NONE=20 --, which mean \"any user on this IP address may authenticate\" or \"no user = on this IP address may authenticate\". -+, which mean \(dqany user on this IP address may authenticate\(dq or \(dqno= user on this IP address may authenticate\(dq. - . - .SH AUTHOR - This program was written by - -=3D=3D=3D modified file 'tools/squidclient/squidclient.1' ---- tools/squidclient/squidclient.1 2017-01-01 00:16:45 +0000 -+++ tools/squidclient/squidclient.1 2017-05-29 06:29:45 +0000 -@@ -86,7 +86,7 @@ - .if !'po4a'hide' .TP - .if !'po4a'hide' .B "\-H 'string'" - Extra headers to send. Use --.B '\\n' -+.B '\en' - for new lines. - . - .if !'po4a'hide' .TP - diff --git a/src/patches/squid/squid-3.5-14164.patch b/src/patches/squid/squi= d-3.5-14164.patch deleted file mode 100644 index 9e64909c3..000000000 --- a/src/patches/squid/squid-3.5-14164.patch +++ /dev/null @@ -1,103 +0,0 @@ ------------------------------------------------------------- -revno: 14164 -revision-id: squid3(a)treenet.co.nz-20170529063645-qmu68scq9go0wbqr -parent: squid3(a)treenet.co.nz-20170529062945-gf7u7dukaumjof74 -author: Alex Rousskov -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Mon 2017-05-29 18:36:45 +1200 -message: - Fix xstrndup() documentation, callers. Disclosed implementation bugs. - =20 - xstrndup() does not work like strndup(3), and some callers got confused: - =20 - 1. When n is the str length or less, standard strndup(str,n) copies all - n bytes but our xstrndup(str,n) drops the last one. Thus, all callers - must add one to the desired result length when calling xstrndup(). - Most already do, but it is often hard to see due to low code quality - (e.g., one must remember that MAX_URL is not the maximum URL length). - =20 - 2. xstrndup() also assumes that the source string is 0-terminated. This - dangerous assumption does not contradict many official strndup(3) - descriptions, but that lack of contradiction is actually a recently - fixed POSIX documentation bug (i.e., correct implementations must not - assume 0-termination): http://austingroupbugs.net/view.php?id=3D1019 - =20 - The OutOfBoundsException bug led to truncated exception messages. - =20 - The ESI bug led to truncated 'literal strings', but I do not know what - that means in terms of user impact. That ESI fix is untested. - =20 - cachemgr.cc bug was masked by the fact that the buffer ends with \n - that is unused and stripped by the custom xstrtok() implementation. - =20 - TODO. Fix xstrndup() implementation (and rename the function so that - fixed callers do not misbehave if carelessly ported to older Squids). ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3(a)treenet.co.nz-20170529063645-qmu68scq9go0wbqr -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: 7321050a4405a155a8fe02f7125e446b9516dd51 -# timestamp: 2017-05-29 06:51:18 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3(a)treenet.co.nz-20170529062945-\ -# gf7u7dukaumjof74 -#=20 -# Begin patch -=3D=3D=3D modified file 'compat/xstring.h' ---- compat/xstring.h 2017-01-01 00:16:45 +0000 -+++ compat/xstring.h 2017-05-29 06:36:45 +0000 -@@ -41,7 +41,10 @@ - char *xstrncpy(char *dst, const char *src, size_t n); -=20 - /** -- * xstrndup() - same as strndup(3). Used for portability. -+ * xstrndup() - Somewhat similar(XXX) to strndup(3): Allocates up to n byte= s, -+ * while strndup(3) copies up to n bytes and allocates up to n+1 bytes -+ * to fit the terminating character. Assumes s is 0-terminated (another XXX= ). -+ * - * Never returns NULL; fatal on error. - * - * Sets errno to EINVAL if a NULL pointer or negative - -=3D=3D=3D modified file 'src/SBufExceptions.cc' ---- src/SBufExceptions.cc 2017-01-01 00:16:45 +0000 -+++ src/SBufExceptions.cc 2017-05-29 06:36:45 +0000 -@@ -25,9 +25,7 @@ - explanatoryText.appendf(" in file %s", aFileName); - explanatoryText.appendf(" while accessing position %d in a SBuf long %d= ", - pos, throwingBuf.length()); -- // we can safely alias c_str as both are local to the object -- // and will not further manipulated. -- message =3D xstrndup(explanatoryText.c_str(),explanatoryText.length()); -+ message =3D xstrdup(explanatoryText.c_str()); - } -=20 - OutOfBoundsException::~OutOfBoundsException() throw() - -=3D=3D=3D modified file 'src/esi/Expression.cc' ---- src/esi/Expression.cc 2017-01-01 00:16:45 +0000 -+++ src/esi/Expression.cc 2017-05-29 06:36:45 +0000 -@@ -743,7 +743,7 @@ - /* Special case for zero length strings */ -=20 - if (t - s - 1) -- rv.value.string =3D xstrndup(s + 1, t - s - 1); -+ rv.value.string =3D xstrndup(s + 1, t - (s + 1) + 1); - else - rv.value.string =3D static_cast(xcalloc(1,1)); -=20 - -=3D=3D=3D modified file 'tools/cachemgr.cc' ---- tools/cachemgr.cc 2017-01-01 00:16:45 +0000 -+++ tools/cachemgr.cc 2017-05-29 06:36:45 +0000 -@@ -440,7 +440,7 @@ - return; - } -=20 -- buf_copy =3D x =3D xstrndup(buf, bufLen); -+ buf_copy =3D x =3D xstrndup(buf, bufLen+1); -=20 - a =3D xstrtok(&x, '\t'); -=20 - diff --git a/src/patches/squid/squid-3.5-14165.patch b/src/patches/squid/squi= d-3.5-14165.patch deleted file mode 100644 index 317cd8dd3..000000000 --- a/src/patches/squid/squid-3.5-14165.patch +++ /dev/null @@ -1,51 +0,0 @@ ------------------------------------------------------------- -revno: 14165 -revision-id: squid3(a)treenet.co.nz-20170529071037-o91o8xvaqata5y2b -parent: squid3(a)treenet.co.nz-20170529063645-qmu68scq9go0wbqr -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=3D4682 -author: Christos Tsantilas -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Mon 2017-05-29 19:10:37 +1200 -message: - Bug 4682: ignoring http_access deny when client-first bumping mode is used - =20 - Squid fails to identify HTTP requests which are tunneled inside an already - established client-first bumped tunnel, and this is results in ignoring - http_access denied for these requests. - =20 - This is a Measurement Factory project ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3(a)treenet.co.nz-20170529071037-o91o8xvaqata5y2b -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: f77b81826612d7248fb774ef1ea00747cd04d479 -# timestamp: 2017-05-29 07:51:03 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3(a)treenet.co.nz-20170529063645-\ -# qmu68scq9go0wbqr -#=20 -# Begin patch -=3D=3D=3D modified file 'src/client_side_request.cc' ---- src/client_side_request.cc 2017-03-30 13:31:22 +0000 -+++ src/client_side_request.cc 2017-05-29 07:10:37 +0000 -@@ -1424,7 +1424,17 @@ - if (bumpMode !=3D Ssl::bumpEnd) { - debugs(85, 5, HERE << "SslBump already decided (" << bumpMode << - "), " << "ignoring ssl_bump for " << http->getConn()); -- if (!http->getConn()->serverBump()) -+ -+ // We need the following "if" for transparently bumped TLS connecti= on, -+ // because in this case we are running ssl_bump access list before -+ // the doCallouts runs. It can be removed after the bug #4340 fixed. -+ // We do not want to proceed to bumping steps: -+ // - if the TLS connection with the client is already established -+ // because we are accepting normal HTTP requests on TLS port, -+ // or because of the client-first bumping mode -+ // - When the bumping is already started -+ if (!http->getConn()->switchedToHttps() && -+ !http->getConn()->serverBump()) - http->sslBumpNeed(bumpMode); // for processRequest() to bump if= needed and not already bumped - http->al->ssl.bumpMode =3D bumpMode; // inherited from bumped conne= ction - return false; - diff --git a/src/patches/squid/squid-3.5-14166.patch b/src/patches/squid/squi= d-3.5-14166.patch deleted file mode 100644 index 54aad51b1..000000000 --- a/src/patches/squid/squid-3.5-14166.patch +++ /dev/null @@ -1,47 +0,0 @@ ------------------------------------------------------------- -revno: 14166 -revision-id: squid3(a)treenet.co.nz-20170529125748-qt7yhdloygl4xosg -parent: squid3(a)treenet.co.nz-20170529071037-o91o8xvaqata5y2b -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Tue 2017-05-30 00:57:48 +1200 -message: - Revert r14161 - =20 - Wrong patch and commit message. ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3(a)treenet.co.nz-20170529125748-qt7yhdloygl4xosg -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: ddecde537486c58df04564f3818b8ad9929dd186 -# timestamp: 2017-05-29 13:51:06 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3(a)treenet.co.nz-20170529071037-\ -# o91o8xvaqata5y2b -#=20 -# Begin patch -=3D=3D=3D modified file 'src/tunnel.cc' ---- src/tunnel.cc 2017-05-29 05:33:59 +0000 -+++ src/tunnel.cc 2017-05-29 12:57:48 +0000 -@@ -836,7 +836,7 @@ - * Call the tunnelStartShoveling to start the blind pump. - */ - static void --tunnelConnectedWriteDone(const Comm::ConnectionPointer &conn, char *, size_= t len, Comm::Flag flag, int, void *data) -+tunnelConnectedWriteDone(const Comm::ConnectionPointer &conn, char *buf, si= ze_t size, Comm::Flag flag, int xerrno, void *data) - { - TunnelStateData *tunnelState =3D (TunnelStateData *)data; - debugs(26, 3, HERE << conn << ", flag=3D" << flag); -@@ -848,11 +848,6 @@ - return; - } -=20 -- if (ClientHttpRequest *http =3D tunnelState->http.get()) { -- http->out.headers_sz +=3D len; -- http->out.size +=3D len; -- } -- - tunnelStartShoveling(tunnelState); - } -=20 - diff --git a/src/patches/squid/squid-3.5-14167.patch b/src/patches/squid/squi= d-3.5-14167.patch deleted file mode 100644 index 39c9fd51e..000000000 --- a/src/patches/squid/squid-3.5-14167.patch +++ /dev/null @@ -1,181 +0,0 @@ ------------------------------------------------------------- -revno: 14167 -revision-id: squid3(a)treenet.co.nz-20170529131555-kut221f3geb3aczf -parent: squid3(a)treenet.co.nz-20170529125748-qt7yhdloygl4xosg -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=3D4653 -author: Christos Tsantilas -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Tue 2017-05-30 01:15:55 +1200 -message: - Bug 4653: %st lies about tunneled traffic volumes - =20 - Squid-3.5 counts only the "CONNECT ..." header size for %>st and does not - count the "HTTP/1.1 200" response header for the %in.buf.append(rbuf.content(), rbuf.contentSize()); - ClientHttpRequest *http =3D context->http; -- tunnelStart(http, &http->out.size, &http->al->http.code, http->= al); -+ tunnelStart(http); - } - } - } - -=3D=3D=3D modified file 'src/client_side_reply.cc' ---- src/client_side_reply.cc 2017-01-01 00:16:45 +0000 -+++ src/client_side_reply.cc 2017-05-29 13:15:55 +0000 -@@ -1179,7 +1179,7 @@ - if (curReply->content_length < 0) - return 0; -=20 -- int64_t expectedLength =3D curReply->content_length + http->out.headers= _sz; -+ uint64_t expectedLength =3D curReply->content_length + http->out.header= s_sz; -=20 - if (http->out.size < expectedLength) - return 0; - -=3D=3D=3D modified file 'src/client_side_request.cc' ---- src/client_side_request.cc 2017-05-29 07:10:37 +0000 -+++ src/client_side_request.cc 2017-05-29 13:15:55 +0000 -@@ -1522,7 +1522,7 @@ - } - #endif - getConn()->stopReading(); // tunnels read for themselves -- tunnelStart(this, &out.size, &al->http.code, al); -+ tunnelStart(this); - return; - } -=20 - -=3D=3D=3D modified file 'src/client_side_request.h' ---- src/client_side_request.h 2017-01-23 02:05:46 +0000 -+++ src/client_side_request.h 2017-05-29 13:15:55 +0000 -@@ -73,7 +73,7 @@ -=20 - struct { - int64_t offset; -- int64_t size; -+ uint64_t size; - size_t headers_sz; - } out; -=20 -@@ -182,7 +182,7 @@ - void clientAccessCheck(ClientHttpRequest *); -=20 - /* ones that should be elsewhere */ --void tunnelStart(ClientHttpRequest *, int64_t *, int *, const AccessLogEntr= y::Pointer &al); -+void tunnelStart(ClientHttpRequest *); -=20 - #if _USE_INLINE_ - #include "client_side_request.cci" - -=3D=3D=3D modified file 'src/tests/stub_tunnel.cc' ---- src/tests/stub_tunnel.cc 2017-01-01 00:16:45 +0000 -+++ src/tests/stub_tunnel.cc 2017-05-29 13:15:55 +0000 -@@ -14,7 +14,7 @@ - #include "FwdState.h" - class ClientHttpRequest; -=20 --void tunnelStart(ClientHttpRequest *, int64_t *, int *, const AccessLogEntr= yPointer &al) STUB -+void tunnelStart(ClientHttpRequest *) STUB -=20 - void switchToTunnel(HttpRequest *request, Comm::ConnectionPointer &clientCo= nn, Comm::ConnectionPointer &srvConn) STUB -=20 - -=3D=3D=3D modified file 'src/tunnel.cc' ---- src/tunnel.cc 2017-05-29 12:57:48 +0000 -+++ src/tunnel.cc 2017-05-29 13:15:55 +0000 -@@ -139,7 +139,7 @@ - int len; - char *buf; - AsyncCall::Pointer writer; ///< pending Comm::Write callback -- int64_t *size_ptr; /* pointer to size in an ConnStateData for = logging */ -+ uint64_t *size_ptr; /* pointer to size in an ConnStateData for= logging */ -=20 - Comm::ConnectionPointer conn; ///< The currently connected conne= ction. - uint8_t delayedLoops; ///< how many times a read on this connection= has been postponed. -@@ -848,6 +848,11 @@ - return; - } -=20 -+ if (ClientHttpRequest *http =3D tunnelState->http.get()) { -+ http->out.headers_sz +=3D size; -+ http->out.size +=3D size; -+ } -+ - tunnelStartShoveling(tunnelState); - } -=20 -@@ -995,7 +1000,7 @@ - } -=20 - void --tunnelStart(ClientHttpRequest * http, int64_t * size_ptr, int *status_ptr, = const AccessLogEntryPointer &al) -+tunnelStart(ClientHttpRequest * http) - { - debugs(26, 3, HERE); - /* Create state structure. */ -@@ -1021,7 +1026,7 @@ - if (ch.fastCheck() =3D=3D ACCESS_DENIED) { - debugs(26, 4, HERE << "MISS access forbidden."); - err =3D new ErrorState(ERR_FORWARDING_DENIED, Http::scForbidden= , request); -- *status_ptr =3D Http::scForbidden; -+ http->al->http.code =3D Http::scForbidden; - errorSend(http->getConn()->clientConnection, err); - return; - } -@@ -1037,12 +1042,13 @@ - #endif - tunnelState->url =3D xstrdup(url); - tunnelState->request =3D request; -- tunnelState->server.size_ptr =3D size_ptr; -- tunnelState->status_ptr =3D status_ptr; -+ tunnelState->server.size_ptr =3D &http->out.size; -+ tunnelState->client.size_ptr =3D &http->al->http.clientRequestSz.payloa= dData; -+ tunnelState->status_ptr =3D &http->al->http.code; - tunnelState->logTag_ptr =3D &http->logType; - tunnelState->client.conn =3D http->getConn()->clientConnection; - tunnelState->http =3D http; -- tunnelState->al =3D al; -+ tunnelState->al =3D http->al ; - tunnelState->started =3D squid_curtime; -=20 - comm_add_close_handler(tunnelState->client.conn->fd, -@@ -1053,7 +1059,7 @@ - CommTimeoutCbPtrFun(tunnelTimeout, tun= nelState)); - commSetConnTimeout(tunnelState->client.conn, Config.Timeout.lifetime, t= imeoutCall); -=20 -- peerSelect(&(tunnelState->serverDestinations), request, al, -+ peerSelect(&(tunnelState->serverDestinations), request, tunnelState->al, - NULL, - tunnelPeerSelectComplete, - tunnelState); -@@ -1226,6 +1232,10 @@ - if (context !=3D NULL && context->http !=3D NULL) { - tunnelState->logTag_ptr =3D &context->http->logType; - tunnelState->server.size_ptr =3D &context->http->out.size; -+ if (context->http->al !=3D NULL) { -+ tunnelState->al =3D context->http->al; -+ tunnelState->client.size_ptr =3D &context->http->al->http.c= lientRequestSz.payloadData; -+ } -=20 - #if USE_DELAY_POOLS - /* no point using the delayIsNoDelay stuff since tunnel is nice= and simple */ - --=20 2.13.0 --===============5331728201202964950==--