This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, master has been updated via 3aa4579f8f7fddc46e60faf22f19228bf358d759 (commit) via 6ec860b8d2f538fc28c8b56e45d82b1bd88514d3 (commit) via 595c6470dd2a3b6ad91169a405349cda3f00bd31 (commit) via c4791488a2c1e22a48baede5d7332a2467568a16 (commit) via 5bb906f7a96c946a5bfcca744ec19caef4b74825 (commit) via d3790c6a0b1f9b52339604f5c4a95ebf4b7b3cd8 (commit) via b76d0433be26c005f159aebf1fb19c579e8bd329 (commit) via fdff464161be76c8361919f1bd546a66ce6c889d (commit) via 77090f6d13263ee4810d34a8bca5b01f97f5f9b1 (commit) via b9863c8845e12d86ffbb9a0ea0172e8b0f110d50 (commit) via ab2eb13784502983254c70bfb915e3b9fd945bca (commit) via a0410549418a4dd2d6ae1f71728da1eae7a928a3 (commit) via 5f7487f6762c0ea4b34369f2f70f5b4866a08cab (commit) via 051884986df3abc648f62832488578e4dee058f8 (commit) via d41fe99f74689075967f027f37ff9a2d7a09339b (commit) via c8e9a7a85e67ae513ec830a3b73e4b7a6a027504 (commit) via 0effbb3569624f42550310689aaf94d726cd9d0e (commit) via 3dcf1822e66ebcf1b58ee3e2f58a437efef9cb23 (commit) via d57f8d886f382d8aa8bd28cbf993c42ff742a03d (commit) via a51ce2defaee61912bb810449d5932fc2b95ae8a (commit) via 391e3390efc1be31a8be976d0235980f3e13101a (commit) via 68fac98a5b3bf78c8e4b11c7febe68c3cbc0776d (commit) via 0c55ec5a49770d5972c62c99499fbd6eef88ded3 (commit) via 455f261b15e6b3d08c08679b2fc5fffe39ff8061 (commit) via c60ad61a14b948c759041cdbbc400e6522e0a69d (commit) via fa9c7bd04731b107233b22d7a744196397a718f6 (commit) via 3fdddd37ab29bc7d157acb2d7bb368e15ed5c996 (commit) via 38b95ad5d998ae21bb53f09836f648f05c426751 (commit) via 7fe22fdc0cd9e30e8be46a16e0f7a24667c4df41 (commit) via 1d7d4460d6757a3c744d33c789daccb87594bfd7 (commit) via 05e7808cd6191465f9123ffee4374894ce5f7b4f (commit) via 853a95b21534f537a65f68c47541c81c1650f8b5 (commit) from fe6f676b3542b78b4013b8d438f4bd2026c7c9f0 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 3aa4579f8f7fddc46e60faf22f19228bf358d759 Merge: fe6f676 6ec860b Author: Arne Fitzenreiter arne_f@ipfire.org Date: Sat Sep 23 10:38:18 2017 +0200
Merge remote-tracking branch 'origin/next'
-----------------------------------------------------------------------
Summary of changes: config/httpd/httpd.conf | 4 +- config/httpd/loadmodule.conf | 10 +- config/httpd/server-tuning.conf | 7 +- config/httpd/ssl-global.conf | 5 - config/httpd/vhosts.d/ipfire-interface-ssl.conf | 21 +- config/httpd/vhosts.d/ipfire-interface.conf | 19 +- config/httpd/vhosts.d/nagios.conf | 14 +- config/httpd/vhosts.d/openmailadmin.conf | 3 +- config/icinga/icinga.conf | 6 - config/nagiosql/nagios.conf | 17 +- config/owncloud/owncloud.conf | 3 +- config/php/php.ini | 2 +- config/phpSANE/phpSANE.conf | 3 +- config/rootfiles/common/apache2 | 601 ++++++++++---- config/rootfiles/common/apr | 57 ++ config/rootfiles/common/aprutil | 47 ++ config/rootfiles/common/gnutls | 2 +- config/rootfiles/common/php | 7 +- config/rootfiles/common/strongswan | 1 + config/rootfiles/common/unbound | 2 +- config/rootfiles/core/{113 => 114}/exclude | 0 .../{oldcore/44 => core/114}/filelists/apache2 | 0 config/rootfiles/core/114/filelists/apr | 1 + config/rootfiles/core/114/filelists/aprutil | 1 + config/rootfiles/core/{113 => 114}/filelists/files | 1 - .../rootfiles/core/{113 => 114}/filelists/gnutls | 0 .../{oldcore/107 => core/114}/filelists/hdparm | 0 .../{113 => 114}/filelists/i586/strongswan-padlock | 0 config/rootfiles/core/{113 => 114}/filelists/squid | 0 .../core/{113 => 114}/filelists/strongswan | 0 .../rootfiles/core/{113 => 114}/filelists/unbound | 0 config/rootfiles/core/{113 => 114}/meta | 0 .../rootfiles/{oldcore/53 => core/114}/update.sh | 112 ++- config/rootfiles/{core => oldcore}/113/exclude | 0 .../113/filelists/armv5tel/util-linux | 0 .../{core => oldcore}/113/filelists/files | 0 .../{core => oldcore}/113/filelists/gnutls | 0 .../rootfiles/{core => oldcore}/113/filelists/grep | 0 .../113/filelists/i586/openssl-sse2 | 0 .../113/filelists/i586/strongswan-padlock | 0 .../113/filelists/i586/util-linux | 0 .../{core => oldcore}/113/filelists/libgcrypt | 0 .../{core => oldcore}/113/filelists/logrotate | 0 .../{core => oldcore}/113/filelists/mdadm | 0 .../{core => oldcore}/113/filelists/openssl | 0 .../{core => oldcore}/113/filelists/openvpn | 0 .../rootfiles/{core => oldcore}/113/filelists/pcre | 0 .../{core => oldcore}/113/filelists/squid | 0 .../{core => oldcore}/113/filelists/strongswan | 0 .../{core => oldcore}/113/filelists/unbound | 0 .../113/filelists/x86_64/util-linux | 0 config/rootfiles/{core => oldcore}/113/meta | 0 config/rootfiles/{core => oldcore}/113/update.sh | 0 html/cgi-bin/wlanap.cgi | 4 +- langs/de/cgi-bin/de.pl | 265 ++++--- langs/en/cgi-bin/en.pl | 3 +- lfs/apache2 | 27 +- lfs/{libassuan => apr} | 24 +- lfs/{w_scan => aprutil} | 26 +- lfs/cacti | 2 +- lfs/gnutls | 4 +- lfs/hdparm | 6 +- lfs/hostapd | 2 +- lfs/icinga | 2 +- lfs/nagios | 2 +- lfs/openmailadmin | 2 +- lfs/owncloud | 2 +- lfs/phpSANE | 2 +- lfs/squid | 20 +- lfs/strongswan | 4 +- lfs/tcpdump | 6 +- lfs/unbound | 4 +- make.sh | 6 +- src/initscripts/system/unbound | 27 +- src/patches/apache-2.4.27-CVE-2017-9798-fix.patch | 15 + src/patches/apache-2.4.27-PR61382-fix.patch | 783 ++++++++++++++++++ ...=> squid-3.5.27-fix-max-file-descriptors.patch} | 0 src/patches/squid/squid-3.5-14169.patch | 881 --------------------- src/patches/squid/squid-3.5-14170.patch | 85 -- src/patches/squid/squid-3.5-14171.patch | 45 -- src/patches/squid/squid-3.5-14172.patch | 40 - src/patches/squid/squid-3.5-14173.patch | 254 ------ src/patches/squid/squid-3.5-14174.patch | 274 ------- src/patches/squid/squid-3.5-14175.patch | 34 - src/patches/squid/squid-3.5-14176.patch | 42 - src/patches/squid/squid-3.5-14177.patch | 52 -- src/patches/squid/squid-3.5-14178.patch | 36 - src/patches/squid/squid-3.5-14179.patch | 105 --- src/patches/squid/squid-3.5-14180.patch | 448 ----------- src/patches/squid/squid-3.5-14181.patch | 30 - src/patches/squid/squid-3.5-14182.patch | 35 - src/setup/passwords.c | 2 +- 92 files changed, 1650 insertions(+), 2897 deletions(-) create mode 100644 config/rootfiles/common/apr create mode 100644 config/rootfiles/common/aprutil copy config/rootfiles/core/{113 => 114}/exclude (100%) copy config/rootfiles/{oldcore/44 => core/114}/filelists/apache2 (100%) create mode 120000 config/rootfiles/core/114/filelists/apr create mode 120000 config/rootfiles/core/114/filelists/aprutil copy config/rootfiles/core/{113 => 114}/filelists/files (77%) copy config/rootfiles/core/{113 => 114}/filelists/gnutls (100%) copy config/rootfiles/{oldcore/107 => core/114}/filelists/hdparm (100%) copy config/rootfiles/core/{113 => 114}/filelists/i586/strongswan-padlock (100%) copy config/rootfiles/core/{113 => 114}/filelists/squid (100%) copy config/rootfiles/core/{113 => 114}/filelists/strongswan (100%) copy config/rootfiles/core/{113 => 114}/filelists/unbound (100%) copy config/rootfiles/core/{113 => 114}/meta (100%) copy config/rootfiles/{oldcore/53 => core/114}/update.sh (60%) rename config/rootfiles/{core => oldcore}/113/exclude (100%) rename config/rootfiles/{core => oldcore}/113/filelists/armv5tel/util-linux (100%) rename config/rootfiles/{core => oldcore}/113/filelists/files (100%) rename config/rootfiles/{core => oldcore}/113/filelists/gnutls (100%) rename config/rootfiles/{core => oldcore}/113/filelists/grep (100%) rename config/rootfiles/{core => oldcore}/113/filelists/i586/openssl-sse2 (100%) rename config/rootfiles/{core => oldcore}/113/filelists/i586/strongswan-padlock (100%) rename config/rootfiles/{core => oldcore}/113/filelists/i586/util-linux (100%) rename config/rootfiles/{core => oldcore}/113/filelists/libgcrypt (100%) rename config/rootfiles/{core => oldcore}/113/filelists/logrotate (100%) rename config/rootfiles/{core => oldcore}/113/filelists/mdadm (100%) rename config/rootfiles/{core => oldcore}/113/filelists/openssl (100%) rename config/rootfiles/{core => oldcore}/113/filelists/openvpn (100%) rename config/rootfiles/{core => oldcore}/113/filelists/pcre (100%) rename config/rootfiles/{core => oldcore}/113/filelists/squid (100%) rename config/rootfiles/{core => oldcore}/113/filelists/strongswan (100%) rename config/rootfiles/{core => oldcore}/113/filelists/unbound (100%) rename config/rootfiles/{core => oldcore}/113/filelists/x86_64/util-linux (100%) rename config/rootfiles/{core => oldcore}/113/meta (100%) rename config/rootfiles/{core => oldcore}/113/update.sh (100%) copy lfs/{libassuan => apr} (90%) copy lfs/{w_scan => aprutil} (88%) create mode 100644 src/patches/apache-2.4.27-CVE-2017-9798-fix.patch create mode 100644 src/patches/apache-2.4.27-PR61382-fix.patch rename src/patches/{squid-3.5.26-fix-max-file-descriptors.patch => squid-3.5.27-fix-max-file-descriptors.patch} (100%) delete mode 100644 src/patches/squid/squid-3.5-14169.patch delete mode 100644 src/patches/squid/squid-3.5-14170.patch delete mode 100644 src/patches/squid/squid-3.5-14171.patch delete mode 100644 src/patches/squid/squid-3.5-14172.patch delete mode 100644 src/patches/squid/squid-3.5-14173.patch delete mode 100644 src/patches/squid/squid-3.5-14174.patch delete mode 100644 src/patches/squid/squid-3.5-14175.patch delete mode 100644 src/patches/squid/squid-3.5-14176.patch delete mode 100644 src/patches/squid/squid-3.5-14177.patch delete mode 100644 src/patches/squid/squid-3.5-14178.patch delete mode 100644 src/patches/squid/squid-3.5-14179.patch delete mode 100644 src/patches/squid/squid-3.5-14180.patch delete mode 100644 src/patches/squid/squid-3.5-14181.patch delete mode 100644 src/patches/squid/squid-3.5-14182.patch
Difference in files: diff --git a/config/httpd/httpd.conf b/config/httpd/httpd.conf index 9c1fb2b..14dcc73 100644 --- a/config/httpd/httpd.conf +++ b/config/httpd/httpd.conf @@ -65,7 +65,6 @@ Include /etc/httpd/conf/global.conf
# associate MIME types with filename extensions TypesConfig /etc/mime.types -DefaultType text/plain
# global (server-wide) SSL configuration, that is not specific to # any virtual host @@ -80,8 +79,7 @@ Include /etc/httpd/conf/ssl-global.conf AccessFileName .htaccess # and never show them <Files ~ "^.ht"> - Order allow,deny - Deny from all + Require all denied </Files>
# List of resources to look for when the client requests a directory diff --git a/config/httpd/loadmodule.conf b/config/httpd/loadmodule.conf index e30f79b..249221e 100644 --- a/config/httpd/loadmodule.conf +++ b/config/httpd/loadmodule.conf @@ -1,8 +1,11 @@ LoadModule authn_file_module /usr/lib/apache/mod_authn_file.so +LoadModule unixd_module /usr/lib/apache/mod_unixd.so #LoadModule authn_dbm_module /usr/lib/apache/mod_authn_dbm.so #LoadModule authn_anon_module /usr/lib/apache/mod_authn_anon.so #LoadModule authn_dbd_module /usr/lib/apache/mod_authn_dbd.so #LoadModule authn_default_module /usr/lib/apache/mod_authn_default.so +LoadModule authn_core_module /usr/lib/apache/mod_authn_core.so +LoadModule authz_core_module /usr/lib/apache/mod_authz_core.so LoadModule authz_host_module /usr/lib/apache/mod_authz_host.so #LoadModule authz_groupfile_module /usr/lib/apache/mod_authz_groupfile.so LoadModule authz_user_module /usr/lib/apache/mod_authz_user.so @@ -10,7 +13,7 @@ LoadModule authz_user_module /usr/lib/apache/mod_authz_user.so #LoadModule authz_owner_module /usr/lib/apache/mod_authz_owner.so #LoadModule authz_default_module /usr/lib/apache/mod_authz_default.so LoadModule auth_basic_module /usr/lib/apache/mod_auth_basic.so -LoadModule auth_digest_module /usr/lib/apache/mod_auth_digest.so +#LoadModule auth_digest_module /usr/lib/apache/mod_auth_digest.so #LoadModule dbd_module /usr/lib/apache/mod_dbd.so #LoadModule dumpio_module /usr/lib/apache/mod_dumpio.so #LoadModule ext_filter_module /usr/lib/apache/mod_ext_filter.so @@ -33,10 +36,10 @@ LoadModule setenvif_module /usr/lib/apache/mod_setenvif.so LoadModule mime_module /usr/lib/apache/mod_mime.so #LoadModule dav_module /usr/lib/apache/mod_dav.so #LoadModule status_module /usr/lib/apache/mod_status.so -LoadModule autoindex_module /usr/lib/apache/mod_autoindex.so +#LoadModule autoindex_module /usr/lib/apache/mod_autoindex.so #LoadModule asis_module /usr/lib/apache/mod_asis.so #LoadModule info_module /usr/lib/apache/mod_info.so -LoadModule cgi_module /usr/lib/apache/mod_cgi.so +LoadModule cgid_module /usr/lib/apache/mod_cgid.so #LoadModule dav_fs_module /usr/lib/apache/mod_dav_fs.so #LoadModule vhost_alias_module /usr/lib/apache/mod_vhost_alias.so #LoadModule negotiation_module /usr/lib/apache/mod_negotiation.so @@ -47,5 +50,6 @@ LoadModule dir_module /usr/lib/apache/mod_dir.so #LoadModule userdir_module /usr/lib/apache/mod_userdir.so LoadModule alias_module /usr/lib/apache/mod_alias.so LoadModule rewrite_module /usr/lib/apache/mod_rewrite.so +LoadModule socache_shmcb_module /usr/lib/apache/mod_socache_shmcb.so LoadModule ssl_module /usr/lib/apache/mod_ssl.so LoadModule php5_module /usr/lib/apache/libphp5.so diff --git a/config/httpd/server-tuning.conf b/config/httpd/server-tuning.conf index 9041018..5642a1e 100644 --- a/config/httpd/server-tuning.conf +++ b/config/httpd/server-tuning.conf @@ -17,10 +17,11 @@ MaxKeepAliveRequests 100 # KeepAliveTimeout 15
-MinSpareServers 1 -MaxSpareServers 10 +MinSpareThreads 1 +MaxSpareThreads 20 StartServers 2 -MaxClients 256 +MaxRequestWorkers 256 +ThreadsPerChild 16
# # The following directives modify normal HTTP response behavior to diff --git a/config/httpd/ssl-global.conf b/config/httpd/ssl-global.conf index 9cf4f81..154815c 100644 --- a/config/httpd/ssl-global.conf +++ b/config/httpd/ssl-global.conf @@ -39,11 +39,6 @@ SSLSessionCache shmcb:/var/log/httpd/ssl_scache(512000) SSLSessionCacheTimeout 900
- # Semaphore: - # Configure the path to the mutual exclusion semaphore the - # SSL engine uses internally for inter-process synchronization. - SSLMutex file:/var/log/httpd/ssl_mutex - # Pseudo Random Number Generator (PRNG): # Configure one or more sources to seed the PRNG of the # SSL library. The seed data should be of good random quality. diff --git a/config/httpd/vhosts.d/ipfire-interface-ssl.conf b/config/httpd/vhosts.d/ipfire-interface-ssl.conf index daac757..6f35396 100644 --- a/config/httpd/vhosts.d/ipfire-interface-ssl.conf +++ b/config/httpd/vhosts.d/ipfire-interface-ssl.conf @@ -17,8 +17,7 @@ <Directory /srv/web/ipfire/html> Options ExecCGI AllowOverride None - Order allow,deny - Allow from all + Require all granted </Directory> <DirectoryMatch "/srv/web/ipfire/html/(graphs|sgraph)"> AuthName "IPFire - Restricted" @@ -34,17 +33,11 @@ AuthType Basic AuthUserFile /var/ipfire/auth/users Require user admin - <Files chpasswd.cgi> - Satisfy Any - Allow from All + <Files chpasswd.cgi> + Require all granted </Files> <Files webaccess.cgi> - Satisfy Any - Allow from All - </Files> - <Files credits.cgi> - Satisfy Any - Allow from All + Require all granted </Files> <Files dial.cgi> Require user admin @@ -75,16 +68,14 @@ <Directory /var/updatecache> Options ExecCGI AllowOverride None - Order deny,allow - Allow from all + Require all granted </Directory>
Alias /repository/ /var/urlrepo/ <Directory /var/urlrepo> Options ExecCGI AllowOverride None - Order deny,allow - Allow from all + Require all granted </Directory>
Alias /proxy-reports/ /var/log/sarg/ diff --git a/config/httpd/vhosts.d/ipfire-interface.conf b/config/httpd/vhosts.d/ipfire-interface.conf index 8783c63..619f90f 100644 --- a/config/httpd/vhosts.d/ipfire-interface.conf +++ b/config/httpd/vhosts.d/ipfire-interface.conf @@ -9,8 +9,7 @@ <Directory /srv/web/ipfire/html> Options ExecCGI AllowOverride None - Order allow,deny - Allow from all + Require all granted </Directory> <DirectoryMatch "/srv/web/ipfire/html/(graphs|sgraph)"> AuthName "IPFire - Restricted" @@ -27,16 +26,10 @@ AuthUserFile /var/ipfire/auth/users Require user admin <Files chpasswd.cgi> - Satisfy Any - Allow from All + Require all granted </Files> <Files webaccess.cgi> - Satisfy Any - Allow from All - </Files> - <Files credits.cgi> - Satisfy Any - Allow from All + Require all granted </Files> <Files dial.cgi> Require user admin @@ -54,15 +47,13 @@ <Directory /var/updatecache> Options ExecCGI AllowOverride None - Order deny,allow - Allow from all + Require all granted </Directory> Alias /repository/ /var/urlrepo/ <Directory /var/urlrepo> Options ExecCGI AllowOverride None - Order deny,allow - Allow from all + Require all granted </Directory> Alias /wpad.dat /srv/web/ipfire/html/proxy.pac </VirtualHost> diff --git a/config/httpd/vhosts.d/nagios.conf b/config/httpd/vhosts.d/nagios.conf index 78bcd3b..8a320d7 100644 --- a/config/httpd/vhosts.d/nagios.conf +++ b/config/httpd/vhosts.d/nagios.conf @@ -16,11 +16,8 @@ ScriptAlias /nagios/cgi-bin "/usr/share/nagios/cgi-bin" # SSLRequireSSL Options ExecCGI AllowOverride None - Order allow,deny - Allow from all -# Order deny,allow -# Deny from all -# Allow from 127.0.0.1 +# Require all granted +# Require ip 127.0.0.1 AuthName "Nagios Access" AuthType Basic AuthUserFile /etc/nagios/htpasswd.users @@ -33,11 +30,8 @@ Alias /nagios "/usr/share/nagios" # SSLRequireSSL Options None AllowOverride None - Order allow,deny - Allow from all -# Order deny,allow -# Deny from all -# Allow from 127.0.0.1 +# Require all granted +# Require ip 127.0.0.1 AuthName "Nagios Access" AuthType Basic AuthUserFile /etc/nagios/htpasswd.users diff --git a/config/httpd/vhosts.d/openmailadmin.conf b/config/httpd/vhosts.d/openmailadmin.conf index 6e7aaef..e91be39 100644 --- a/config/httpd/vhosts.d/openmailadmin.conf +++ b/config/httpd/vhosts.d/openmailadmin.conf @@ -9,8 +9,7 @@ Listen 1001 <Directory /srv/web/openmailadmin> Options +FollowSymlinks AllowOverride None - Order allow,deny - Allow from all + Require all granted </Directory> </VirtualHost> diff --git a/config/icinga/icinga.conf b/config/icinga/icinga.conf index 3771812..6060b1b 100644 --- a/config/icinga/icinga.conf +++ b/config/icinga/icinga.conf @@ -15,9 +15,6 @@ Listen 1010 AuthType Basic AuthUserFile /etc/icinga/htpasswd.users
- Order allow,deny - Allow from all - Require valid-user </Directory>
@@ -29,9 +26,6 @@ Listen 1010 AuthType Basic AuthUserFile /etc/icinga/htpasswd.users
- Order allow,deny - Allow from all - Require valid-user </Directory> </VirtualHost> diff --git a/config/nagiosql/nagios.conf b/config/nagiosql/nagios.conf index 6161d4d..3805d38 100644 --- a/config/nagiosql/nagios.conf +++ b/config/nagiosql/nagios.conf @@ -16,11 +16,8 @@ ScriptAlias /nagios/cgi-bin "/usr/share/nagios/cgi-bin" # SSLRequireSSL Options ExecCGI AllowOverride None - Order allow,deny - Allow from all -# Order deny,allow -# Deny from all -# Allow from 127.0.0.1 +# Require all granted +# Require ip 127.0.0.1 AuthName "Nagios Access" AuthType Basic AuthUserFile /etc/nagios/htpasswd.users @@ -33,11 +30,8 @@ Alias /nagios "/usr/share/nagios" # SSLRequireSSL Options None AllowOverride None - Order allow,deny - Allow from all -# Order deny,allow -# Deny from all -# Allow from 127.0.0.1 +# Require all granted +# Require ip 127.0.0.1 AuthName "Nagios Access" AuthType Basic AuthUserFile /etc/nagios/htpasswd.users @@ -50,8 +44,7 @@ Alias /nagiosql "/usr/share/nagiosql" include /etc/httpd/conf/conf.d/php*.conf Options None AllowOverride None - Order allow,deny - Allow from all + Require all granted </Directory>
</VirtualHost> diff --git a/config/owncloud/owncloud.conf b/config/owncloud/owncloud.conf index 08f58c3..d4332ec 100644 --- a/config/owncloud/owncloud.conf +++ b/config/owncloud/owncloud.conf @@ -15,7 +15,6 @@ Listen 1011 <Directory /srv/web/owncloud> Options Indexes FollowSymlinks MultiViews AllowOverride ALL - Order allow,deny - Allow from all + Require all granted </Directory> </VirtualHost> diff --git a/config/php/php.ini b/config/php/php.ini index 6e82094..2e73507 100644 --- a/config/php/php.ini +++ b/config/php/php.ini @@ -533,7 +533,7 @@ doc_root = user_dir =
; Directory in which the loadable extensions (modules) reside. -extension_dir = "/usr/lib/php/extensions/no-debug-non-zts-20090626/" +extension_dir = "/usr/lib/php/extensions/no-debug-zts-20090626/"
; Whether or not to enable the dl() function. The dl() function does NOT work ; properly in multithreaded servers, such as IIS or Zeus, and is automatically diff --git a/config/phpSANE/phpSANE.conf b/config/phpSANE/phpSANE.conf index 06824e1..3956019 100644 --- a/config/phpSANE/phpSANE.conf +++ b/config/phpSANE/phpSANE.conf @@ -9,8 +9,7 @@ Listen 1003 <Directory /srv/web/phpSANE> Options None AllowOverride None - Order allow,deny - Allow from all + Require all granted </Directory> </VirtualHost> diff --git a/config/rootfiles/common/apache2 b/config/rootfiles/common/apache2 index 7e33a15..233301a 100644 --- a/config/rootfiles/common/apache2 +++ b/config/rootfiles/common/apache2 @@ -15,6 +15,7 @@ etc/httpd/conf/default-server.conf #etc/httpd/conf/extra/httpd-ssl.conf #etc/httpd/conf/extra/httpd-userdir.conf #etc/httpd/conf/extra/httpd-vhosts.conf +#etc/httpd/conf/extra/proxy-html.conf etc/httpd/conf/global.conf etc/httpd/conf/hostname.conf etc/httpd/conf/httpd.conf @@ -36,6 +37,7 @@ etc/httpd/conf/mod_log_config.conf #etc/httpd/conf/original/extra/httpd-ssl.conf #etc/httpd/conf/original/extra/httpd-userdir.conf #etc/httpd/conf/original/extra/httpd-vhosts.conf +#etc/httpd/conf/original/extra/proxy-html.conf #etc/httpd/conf/original/httpd.conf etc/httpd/conf/server-tuning.conf etc/httpd/conf/ssl-global.conf @@ -47,8 +49,21 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #etc/httpd/conf/vhosts.d/openmailadmin.conf #srv/web #srv/web/ipfire +#srv/web/ipfire/manual/howto/access.html.es +#srv/web/ipfire/manual/howto/auth.html.es +#srv/web/ipfire/manual/howto/cgi.html.es +#srv/web/ipfire/manual/howto/htaccess.html.es +#srv/web/ipfire/manual/howto/http2.html.es +#srv/web/ipfire/manual/howto/http2.html.fr +#srv/web/ipfire/manual/howto/index.html.es +#srv/web/ipfire/manual/howto/public_html.html.es +#srv/web/ipfire/manual/mod/directive-dict.html.es +#srv/web/ipfire/manual/mod/mod_brotli.html +#srv/web/ipfire/manual/mod/mod_brotli.html.en #srv/web/ipfire/cgi-bin #srv/web/ipfire/cgi-bin/printenv +#srv/web/ipfire/cgi-bin/printenv.vbs +#srv/web/ipfire/cgi-bin/printenv.wsf #srv/web/ipfire/cgi-bin/test-cgi #srv/web/ipfire/error #srv/web/ipfire/error/HTTP_BAD_GATEWAY.html.var @@ -87,9 +102,9 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/icons/alert.red.png #srv/web/ipfire/icons/apache_pb.gif #srv/web/ipfire/icons/apache_pb.png +#srv/web/ipfire/icons/apache_pb.svg #srv/web/ipfire/icons/apache_pb2.gif #srv/web/ipfire/icons/apache_pb2.png -#srv/web/ipfire/icons/apache_pb2_ani.gif #srv/web/ipfire/icons/back.gif #srv/web/ipfire/icons/back.png #srv/web/ipfire/icons/ball.gray.gif @@ -168,6 +183,23 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/icons/link.png #srv/web/ipfire/icons/movie.gif #srv/web/ipfire/icons/movie.png +#srv/web/ipfire/icons/odf6odb.png +#srv/web/ipfire/icons/odf6odc.png +#srv/web/ipfire/icons/odf6odf.png +#srv/web/ipfire/icons/odf6odg.png +#srv/web/ipfire/icons/odf6odi.png +#srv/web/ipfire/icons/odf6odm.png +#srv/web/ipfire/icons/odf6odp.png +#srv/web/ipfire/icons/odf6ods.png +#srv/web/ipfire/icons/odf6odt.png +#srv/web/ipfire/icons/odf6otc.png +#srv/web/ipfire/icons/odf6otf.png +#srv/web/ipfire/icons/odf6otg.png +#srv/web/ipfire/icons/odf6oth.png +#srv/web/ipfire/icons/odf6oti.png +#srv/web/ipfire/icons/odf6otp.png +#srv/web/ipfire/icons/odf6ots.png +#srv/web/ipfire/icons/odf6ott.png #srv/web/ipfire/icons/p.gif #srv/web/ipfire/icons/p.png #srv/web/ipfire/icons/patch.gif @@ -227,12 +259,12 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/icons/small/compressed.png #srv/web/ipfire/icons/small/continued.gif #srv/web/ipfire/icons/small/continued.png -#srv/web/ipfire/icons/small/dir.gif -#srv/web/ipfire/icons/small/dir.png -#srv/web/ipfire/icons/small/dir2.gif -#srv/web/ipfire/icons/small/dir2.png #srv/web/ipfire/icons/small/doc.gif #srv/web/ipfire/icons/small/doc.png +#srv/web/ipfire/icons/small/folder.gif +#srv/web/ipfire/icons/small/folder.png +#srv/web/ipfire/icons/small/folder2.gif +#srv/web/ipfire/icons/small/folder2.png #srv/web/ipfire/icons/small/forward.gif #srv/web/ipfire/icons/small/forward.png #srv/web/ipfire/icons/small/generic.gif @@ -279,6 +311,7 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/icons/sphere1.png #srv/web/ipfire/icons/sphere2.gif #srv/web/ipfire/icons/sphere2.png +#srv/web/ipfire/icons/svg.png #srv/web/ipfire/icons/tar.gif #srv/web/ipfire/icons/tar.png #srv/web/ipfire/icons/tex.gif @@ -299,7 +332,9 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/icons/world1.png #srv/web/ipfire/icons/world2.gif #srv/web/ipfire/icons/world2.png +#srv/web/ipfire/icons/xml.png #srv/web/ipfire/manual +#srv/web/ipfire/manual/BUILDING #srv/web/ipfire/manual/LICENSE #srv/web/ipfire/manual/bind.html #srv/web/ipfire/manual/bind.html.de @@ -329,6 +364,7 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/custom-error.html #srv/web/ipfire/manual/custom-error.html.en #srv/web/ipfire/manual/custom-error.html.es +#srv/web/ipfire/manual/custom-error.html.fr #srv/web/ipfire/manual/custom-error.html.ja.utf8 #srv/web/ipfire/manual/custom-error.html.ko.euc-kr #srv/web/ipfire/manual/custom-error.html.tr.utf8 @@ -347,31 +383,45 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/developer/index.html #srv/web/ipfire/manual/developer/index.html.en #srv/web/ipfire/manual/developer/index.html.zh-cn.utf8 +#srv/web/ipfire/manual/developer/modguide.html +#srv/web/ipfire/manual/developer/modguide.html.en #srv/web/ipfire/manual/developer/modules.html #srv/web/ipfire/manual/developer/modules.html.en #srv/web/ipfire/manual/developer/modules.html.ja.utf8 +#srv/web/ipfire/manual/developer/new_api_2_4.html +#srv/web/ipfire/manual/developer/new_api_2_4.html.en +#srv/web/ipfire/manual/developer/output-filters.html +#srv/web/ipfire/manual/developer/output-filters.html.en #srv/web/ipfire/manual/developer/request.html #srv/web/ipfire/manual/developer/request.html.en #srv/web/ipfire/manual/developer/thread_safety.html #srv/web/ipfire/manual/developer/thread_safety.html.en #srv/web/ipfire/manual/dns-caveats.html #srv/web/ipfire/manual/dns-caveats.html.en +#srv/web/ipfire/manual/dns-caveats.html.fr #srv/web/ipfire/manual/dns-caveats.html.ja.utf8 #srv/web/ipfire/manual/dns-caveats.html.ko.euc-kr #srv/web/ipfire/manual/dns-caveats.html.tr.utf8 #srv/web/ipfire/manual/dso.html #srv/web/ipfire/manual/dso.html.en +#srv/web/ipfire/manual/dso.html.fr #srv/web/ipfire/manual/dso.html.ja.utf8 #srv/web/ipfire/manual/dso.html.ko.euc-kr #srv/web/ipfire/manual/dso.html.tr.utf8 #srv/web/ipfire/manual/env.html #srv/web/ipfire/manual/env.html.en +#srv/web/ipfire/manual/env.html.fr #srv/web/ipfire/manual/env.html.ja.utf8 #srv/web/ipfire/manual/env.html.ko.euc-kr #srv/web/ipfire/manual/env.html.tr.utf8 +#srv/web/ipfire/manual/expr.html +#srv/web/ipfire/manual/expr.html.en +#srv/web/ipfire/manual/expr.html.fr #srv/web/ipfire/manual/faq #srv/web/ipfire/manual/faq/index.html #srv/web/ipfire/manual/faq/index.html.en +#srv/web/ipfire/manual/faq/index.html.es +#srv/web/ipfire/manual/faq/index.html.fr #srv/web/ipfire/manual/faq/index.html.tr.utf8 #srv/web/ipfire/manual/faq/index.html.zh-cn.utf8 #srv/web/ipfire/manual/filter.html @@ -381,6 +431,9 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/filter.html.ja.utf8 #srv/web/ipfire/manual/filter.html.ko.euc-kr #srv/web/ipfire/manual/filter.html.tr.utf8 +#srv/web/ipfire/manual/getting-started.html +#srv/web/ipfire/manual/getting-started.html.en +#srv/web/ipfire/manual/getting-started.html.fr #srv/web/ipfire/manual/glossary.html #srv/web/ipfire/manual/glossary.html.de #srv/web/ipfire/manual/glossary.html.en @@ -395,12 +448,12 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/handler.html.fr #srv/web/ipfire/manual/handler.html.ja.utf8 #srv/web/ipfire/manual/handler.html.ko.euc-kr -#srv/web/ipfire/manual/handler.html.ru.koi8-r #srv/web/ipfire/manual/handler.html.tr.utf8 #srv/web/ipfire/manual/handler.html.zh-cn.utf8 #srv/web/ipfire/manual/howto #srv/web/ipfire/manual/howto/access.html #srv/web/ipfire/manual/howto/access.html.en +#srv/web/ipfire/manual/howto/access.html.fr #srv/web/ipfire/manual/howto/auth.html #srv/web/ipfire/manual/howto/auth.html.en #srv/web/ipfire/manual/howto/auth.html.fr @@ -409,6 +462,7 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/howto/auth.html.tr.utf8 #srv/web/ipfire/manual/howto/cgi.html #srv/web/ipfire/manual/howto/cgi.html.en +#srv/web/ipfire/manual/howto/cgi.html.fr #srv/web/ipfire/manual/howto/cgi.html.ja.utf8 #srv/web/ipfire/manual/howto/cgi.html.ko.euc-kr #srv/web/ipfire/manual/howto/htaccess.html @@ -417,22 +471,35 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/howto/htaccess.html.ja.utf8 #srv/web/ipfire/manual/howto/htaccess.html.ko.euc-kr #srv/web/ipfire/manual/howto/htaccess.html.pt-br +#srv/web/ipfire/manual/howto/http2.html +#srv/web/ipfire/manual/howto/http2.html.en #srv/web/ipfire/manual/howto/index.html #srv/web/ipfire/manual/howto/index.html.en +#srv/web/ipfire/manual/howto/index.html.fr #srv/web/ipfire/manual/howto/index.html.ja.utf8 #srv/web/ipfire/manual/howto/index.html.ko.euc-kr #srv/web/ipfire/manual/howto/index.html.zh-cn.utf8 #srv/web/ipfire/manual/howto/public_html.html #srv/web/ipfire/manual/howto/public_html.html.en +#srv/web/ipfire/manual/howto/public_html.html.fr #srv/web/ipfire/manual/howto/public_html.html.ja.utf8 #srv/web/ipfire/manual/howto/public_html.html.ko.euc-kr #srv/web/ipfire/manual/howto/public_html.html.tr.utf8 +#srv/web/ipfire/manual/howto/reverse_proxy.html +#srv/web/ipfire/manual/howto/reverse_proxy.html.en #srv/web/ipfire/manual/howto/ssi.html #srv/web/ipfire/manual/howto/ssi.html.en +#srv/web/ipfire/manual/howto/ssi.html.fr #srv/web/ipfire/manual/howto/ssi.html.ja.utf8 #srv/web/ipfire/manual/howto/ssi.html.ko.euc-kr #srv/web/ipfire/manual/images #srv/web/ipfire/manual/images/apache_header.gif +#srv/web/ipfire/manual/images/bal-man-b.png +#srv/web/ipfire/manual/images/bal-man-w.png +#srv/web/ipfire/manual/images/bal-man.png +#srv/web/ipfire/manual/images/build_a_mod_2.png +#srv/web/ipfire/manual/images/build_a_mod_3.png +#srv/web/ipfire/manual/images/build_a_mod_4.png #srv/web/ipfire/manual/images/caching_fig1.gif #srv/web/ipfire/manual/images/caching_fig1.png #srv/web/ipfire/manual/images/caching_fig1.tr.png @@ -456,7 +523,9 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/images/mod_rewrite_fig2.gif #srv/web/ipfire/manual/images/mod_rewrite_fig2.png #srv/web/ipfire/manual/images/pixel.gif +#srv/web/ipfire/manual/images/reverse-proxy-arch.png #srv/web/ipfire/manual/images/rewrite_backreferences.png +#srv/web/ipfire/manual/images/rewrite_process_uri.png #srv/web/ipfire/manual/images/rewrite_rule_flow.png #srv/web/ipfire/manual/images/right.gif #srv/web/ipfire/manual/images/ssl_intro_fig1.gif @@ -470,6 +539,7 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/images/syntax_rewriterule.png #srv/web/ipfire/manual/images/up.gif #srv/web/ipfire/manual/index.html +#srv/web/ipfire/manual/index.html.da #srv/web/ipfire/manual/index.html.de #srv/web/ipfire/manual/index.html.en #srv/web/ipfire/manual/index.html.es @@ -494,7 +564,6 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/invoking.html.fr #srv/web/ipfire/manual/invoking.html.ja.utf8 #srv/web/ipfire/manual/invoking.html.ko.euc-kr -#srv/web/ipfire/manual/invoking.html.ru.koi8-r #srv/web/ipfire/manual/invoking.html.tr.utf8 #srv/web/ipfire/manual/license.html #srv/web/ipfire/manual/license.html.en @@ -507,39 +576,38 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/misc #srv/web/ipfire/manual/misc/index.html #srv/web/ipfire/manual/misc/index.html.en +#srv/web/ipfire/manual/misc/index.html.fr #srv/web/ipfire/manual/misc/index.html.ko.euc-kr #srv/web/ipfire/manual/misc/index.html.tr.utf8 #srv/web/ipfire/manual/misc/index.html.zh-cn.utf8 #srv/web/ipfire/manual/misc/password_encryptions.html #srv/web/ipfire/manual/misc/password_encryptions.html.en +#srv/web/ipfire/manual/misc/password_encryptions.html.fr #srv/web/ipfire/manual/misc/perf-tuning.html #srv/web/ipfire/manual/misc/perf-tuning.html.en +#srv/web/ipfire/manual/misc/perf-tuning.html.fr #srv/web/ipfire/manual/misc/perf-tuning.html.ko.euc-kr #srv/web/ipfire/manual/misc/perf-tuning.html.tr.utf8 #srv/web/ipfire/manual/misc/relevant_standards.html #srv/web/ipfire/manual/misc/relevant_standards.html.en +#srv/web/ipfire/manual/misc/relevant_standards.html.fr #srv/web/ipfire/manual/misc/relevant_standards.html.ko.euc-kr -#srv/web/ipfire/manual/misc/rewriteguide.html -#srv/web/ipfire/manual/misc/rewriteguide.html.en -#srv/web/ipfire/manual/misc/rewriteguide.html.ko.euc-kr #srv/web/ipfire/manual/misc/security_tips.html #srv/web/ipfire/manual/misc/security_tips.html.en +#srv/web/ipfire/manual/misc/security_tips.html.fr #srv/web/ipfire/manual/misc/security_tips.html.ko.euc-kr #srv/web/ipfire/manual/misc/security_tips.html.tr.utf8 #srv/web/ipfire/manual/mod -#srv/web/ipfire/manual/mod/beos.html -#srv/web/ipfire/manual/mod/beos.html.de -#srv/web/ipfire/manual/mod/beos.html.en -#srv/web/ipfire/manual/mod/beos.html.es -#srv/web/ipfire/manual/mod/beos.html.ko.euc-kr #srv/web/ipfire/manual/mod/core.html #srv/web/ipfire/manual/mod/core.html.de #srv/web/ipfire/manual/mod/core.html.en +#srv/web/ipfire/manual/mod/core.html.es #srv/web/ipfire/manual/mod/core.html.fr #srv/web/ipfire/manual/mod/core.html.ja.utf8 #srv/web/ipfire/manual/mod/core.html.tr.utf8 #srv/web/ipfire/manual/mod/directive-dict.html #srv/web/ipfire/manual/mod/directive-dict.html.en +#srv/web/ipfire/manual/mod/directive-dict.html.fr #srv/web/ipfire/manual/mod/directive-dict.html.ja.utf8 #srv/web/ipfire/manual/mod/directive-dict.html.ko.euc-kr #srv/web/ipfire/manual/mod/directive-dict.html.tr.utf8 @@ -547,33 +615,45 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/mod/directives.html.de #srv/web/ipfire/manual/mod/directives.html.en #srv/web/ipfire/manual/mod/directives.html.es +#srv/web/ipfire/manual/mod/directives.html.fr #srv/web/ipfire/manual/mod/directives.html.ja.utf8 #srv/web/ipfire/manual/mod/directives.html.ko.euc-kr -#srv/web/ipfire/manual/mod/directives.html.ru.koi8-r #srv/web/ipfire/manual/mod/directives.html.tr.utf8 #srv/web/ipfire/manual/mod/directives.html.zh-cn.utf8 #srv/web/ipfire/manual/mod/event.html #srv/web/ipfire/manual/mod/event.html.en +#srv/web/ipfire/manual/mod/event.html.fr #srv/web/ipfire/manual/mod/index.html #srv/web/ipfire/manual/mod/index.html.de #srv/web/ipfire/manual/mod/index.html.en #srv/web/ipfire/manual/mod/index.html.es +#srv/web/ipfire/manual/mod/index.html.fr #srv/web/ipfire/manual/mod/index.html.ja.utf8 #srv/web/ipfire/manual/mod/index.html.ko.euc-kr #srv/web/ipfire/manual/mod/index.html.tr.utf8 #srv/web/ipfire/manual/mod/index.html.zh-cn.utf8 +#srv/web/ipfire/manual/mod/mod_access_compat.html +#srv/web/ipfire/manual/mod/mod_access_compat.html.en +#srv/web/ipfire/manual/mod/mod_access_compat.html.fr +#srv/web/ipfire/manual/mod/mod_access_compat.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_actions.html #srv/web/ipfire/manual/mod/mod_actions.html.de #srv/web/ipfire/manual/mod/mod_actions.html.en +#srv/web/ipfire/manual/mod/mod_actions.html.fr #srv/web/ipfire/manual/mod/mod_actions.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_actions.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_alias.html #srv/web/ipfire/manual/mod/mod_alias.html.en +#srv/web/ipfire/manual/mod/mod_alias.html.fr #srv/web/ipfire/manual/mod/mod_alias.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_alias.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_alias.html.tr.utf8 +#srv/web/ipfire/manual/mod/mod_allowmethods.html +#srv/web/ipfire/manual/mod/mod_allowmethods.html.en +#srv/web/ipfire/manual/mod/mod_allowmethods.html.fr #srv/web/ipfire/manual/mod/mod_asis.html #srv/web/ipfire/manual/mod/mod_asis.html.en +#srv/web/ipfire/manual/mod/mod_asis.html.fr #srv/web/ipfire/manual/mod/mod_asis.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_asis.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_auth_basic.html @@ -585,53 +665,64 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/mod/mod_auth_digest.html.en #srv/web/ipfire/manual/mod/mod_auth_digest.html.fr #srv/web/ipfire/manual/mod/mod_auth_digest.html.ko.euc-kr -#srv/web/ipfire/manual/mod/mod_authn_alias.html -#srv/web/ipfire/manual/mod/mod_authn_alias.html.en -#srv/web/ipfire/manual/mod/mod_authn_alias.html.fr +#srv/web/ipfire/manual/mod/mod_auth_form.html +#srv/web/ipfire/manual/mod/mod_auth_form.html.en +#srv/web/ipfire/manual/mod/mod_auth_form.html.fr #srv/web/ipfire/manual/mod/mod_authn_anon.html #srv/web/ipfire/manual/mod/mod_authn_anon.html.en +#srv/web/ipfire/manual/mod/mod_authn_anon.html.fr #srv/web/ipfire/manual/mod/mod_authn_anon.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_authn_anon.html.ko.euc-kr +#srv/web/ipfire/manual/mod/mod_authn_core.html +#srv/web/ipfire/manual/mod/mod_authn_core.html.en +#srv/web/ipfire/manual/mod/mod_authn_core.html.fr #srv/web/ipfire/manual/mod/mod_authn_dbd.html #srv/web/ipfire/manual/mod/mod_authn_dbd.html.en +#srv/web/ipfire/manual/mod/mod_authn_dbd.html.fr #srv/web/ipfire/manual/mod/mod_authn_dbm.html #srv/web/ipfire/manual/mod/mod_authn_dbm.html.en +#srv/web/ipfire/manual/mod/mod_authn_dbm.html.fr #srv/web/ipfire/manual/mod/mod_authn_dbm.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_authn_dbm.html.ko.euc-kr -#srv/web/ipfire/manual/mod/mod_authn_default.html -#srv/web/ipfire/manual/mod/mod_authn_default.html.en -#srv/web/ipfire/manual/mod/mod_authn_default.html.ja.utf8 -#srv/web/ipfire/manual/mod/mod_authn_default.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_authn_file.html #srv/web/ipfire/manual/mod/mod_authn_file.html.en #srv/web/ipfire/manual/mod/mod_authn_file.html.fr #srv/web/ipfire/manual/mod/mod_authn_file.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_authn_file.html.ko.euc-kr +#srv/web/ipfire/manual/mod/mod_authn_socache.html +#srv/web/ipfire/manual/mod/mod_authn_socache.html.en +#srv/web/ipfire/manual/mod/mod_authn_socache.html.fr +#srv/web/ipfire/manual/mod/mod_authnz_fcgi.html +#srv/web/ipfire/manual/mod/mod_authnz_fcgi.html.en #srv/web/ipfire/manual/mod/mod_authnz_ldap.html #srv/web/ipfire/manual/mod/mod_authnz_ldap.html.en #srv/web/ipfire/manual/mod/mod_authnz_ldap.html.fr +#srv/web/ipfire/manual/mod/mod_authz_core.html +#srv/web/ipfire/manual/mod/mod_authz_core.html.en +#srv/web/ipfire/manual/mod/mod_authz_core.html.fr +#srv/web/ipfire/manual/mod/mod_authz_dbd.html +#srv/web/ipfire/manual/mod/mod_authz_dbd.html.en +#srv/web/ipfire/manual/mod/mod_authz_dbd.html.fr #srv/web/ipfire/manual/mod/mod_authz_dbm.html #srv/web/ipfire/manual/mod/mod_authz_dbm.html.en +#srv/web/ipfire/manual/mod/mod_authz_dbm.html.fr #srv/web/ipfire/manual/mod/mod_authz_dbm.html.ko.euc-kr -#srv/web/ipfire/manual/mod/mod_authz_default.html -#srv/web/ipfire/manual/mod/mod_authz_default.html.en -#srv/web/ipfire/manual/mod/mod_authz_default.html.ja.utf8 -#srv/web/ipfire/manual/mod/mod_authz_default.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_authz_groupfile.html #srv/web/ipfire/manual/mod/mod_authz_groupfile.html.en +#srv/web/ipfire/manual/mod/mod_authz_groupfile.html.fr #srv/web/ipfire/manual/mod/mod_authz_groupfile.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_authz_groupfile.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_authz_host.html #srv/web/ipfire/manual/mod/mod_authz_host.html.en #srv/web/ipfire/manual/mod/mod_authz_host.html.fr -#srv/web/ipfire/manual/mod/mod_authz_host.html.ja.utf8 -#srv/web/ipfire/manual/mod/mod_authz_host.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_authz_owner.html #srv/web/ipfire/manual/mod/mod_authz_owner.html.en +#srv/web/ipfire/manual/mod/mod_authz_owner.html.fr #srv/web/ipfire/manual/mod/mod_authz_owner.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_authz_owner.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_authz_user.html #srv/web/ipfire/manual/mod/mod_authz_user.html.en +#srv/web/ipfire/manual/mod/mod_authz_user.html.fr #srv/web/ipfire/manual/mod/mod_authz_user.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_authz_user.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_autoindex.html @@ -640,180 +731,327 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/mod/mod_autoindex.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_autoindex.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_autoindex.html.tr.utf8 +#srv/web/ipfire/manual/mod/mod_buffer.html +#srv/web/ipfire/manual/mod/mod_buffer.html.en +#srv/web/ipfire/manual/mod/mod_buffer.html.fr #srv/web/ipfire/manual/mod/mod_cache.html #srv/web/ipfire/manual/mod/mod_cache.html.en +#srv/web/ipfire/manual/mod/mod_cache.html.fr #srv/web/ipfire/manual/mod/mod_cache.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_cache.html.ko.euc-kr +#srv/web/ipfire/manual/mod/mod_cache_disk.html +#srv/web/ipfire/manual/mod/mod_cache_disk.html.en +#srv/web/ipfire/manual/mod/mod_cache_disk.html.fr +#srv/web/ipfire/manual/mod/mod_cache_disk.html.ja.utf8 +#srv/web/ipfire/manual/mod/mod_cache_disk.html.ko.euc-kr +#srv/web/ipfire/manual/mod/mod_cache_socache.html +#srv/web/ipfire/manual/mod/mod_cache_socache.html.en +#srv/web/ipfire/manual/mod/mod_cache_socache.html.fr #srv/web/ipfire/manual/mod/mod_cern_meta.html #srv/web/ipfire/manual/mod/mod_cern_meta.html.en +#srv/web/ipfire/manual/mod/mod_cern_meta.html.fr #srv/web/ipfire/manual/mod/mod_cern_meta.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_cgi.html #srv/web/ipfire/manual/mod/mod_cgi.html.en +#srv/web/ipfire/manual/mod/mod_cgi.html.fr #srv/web/ipfire/manual/mod/mod_cgi.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_cgi.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_cgid.html #srv/web/ipfire/manual/mod/mod_cgid.html.en +#srv/web/ipfire/manual/mod/mod_cgid.html.fr #srv/web/ipfire/manual/mod/mod_cgid.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_cgid.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_charset_lite.html #srv/web/ipfire/manual/mod/mod_charset_lite.html.en +#srv/web/ipfire/manual/mod/mod_charset_lite.html.fr #srv/web/ipfire/manual/mod/mod_charset_lite.html.ko.euc-kr +#srv/web/ipfire/manual/mod/mod_data.html +#srv/web/ipfire/manual/mod/mod_data.html.en +#srv/web/ipfire/manual/mod/mod_data.html.fr #srv/web/ipfire/manual/mod/mod_dav.html #srv/web/ipfire/manual/mod/mod_dav.html.en +#srv/web/ipfire/manual/mod/mod_dav.html.fr #srv/web/ipfire/manual/mod/mod_dav.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_dav.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_dav_fs.html #srv/web/ipfire/manual/mod/mod_dav_fs.html.en +#srv/web/ipfire/manual/mod/mod_dav_fs.html.fr #srv/web/ipfire/manual/mod/mod_dav_fs.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_dav_fs.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_dav_lock.html #srv/web/ipfire/manual/mod/mod_dav_lock.html.en +#srv/web/ipfire/manual/mod/mod_dav_lock.html.fr #srv/web/ipfire/manual/mod/mod_dav_lock.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_dbd.html #srv/web/ipfire/manual/mod/mod_dbd.html.en +#srv/web/ipfire/manual/mod/mod_dbd.html.fr #srv/web/ipfire/manual/mod/mod_deflate.html #srv/web/ipfire/manual/mod/mod_deflate.html.en +#srv/web/ipfire/manual/mod/mod_deflate.html.fr #srv/web/ipfire/manual/mod/mod_deflate.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_deflate.html.ko.euc-kr +#srv/web/ipfire/manual/mod/mod_dialup.html +#srv/web/ipfire/manual/mod/mod_dialup.html.en +#srv/web/ipfire/manual/mod/mod_dialup.html.fr #srv/web/ipfire/manual/mod/mod_dir.html #srv/web/ipfire/manual/mod/mod_dir.html.en +#srv/web/ipfire/manual/mod/mod_dir.html.fr #srv/web/ipfire/manual/mod/mod_dir.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_dir.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_dir.html.tr.utf8 -#srv/web/ipfire/manual/mod/mod_disk_cache.html -#srv/web/ipfire/manual/mod/mod_disk_cache.html.en -#srv/web/ipfire/manual/mod/mod_disk_cache.html.ja.utf8 -#srv/web/ipfire/manual/mod/mod_disk_cache.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_dumpio.html #srv/web/ipfire/manual/mod/mod_dumpio.html.en +#srv/web/ipfire/manual/mod/mod_dumpio.html.fr #srv/web/ipfire/manual/mod/mod_dumpio.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_echo.html #srv/web/ipfire/manual/mod/mod_echo.html.en +#srv/web/ipfire/manual/mod/mod_echo.html.fr #srv/web/ipfire/manual/mod/mod_echo.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_echo.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_env.html #srv/web/ipfire/manual/mod/mod_env.html.en +#srv/web/ipfire/manual/mod/mod_env.html.fr #srv/web/ipfire/manual/mod/mod_env.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_env.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_env.html.tr.utf8 -#srv/web/ipfire/manual/mod/mod_example.html -#srv/web/ipfire/manual/mod/mod_example.html.en -#srv/web/ipfire/manual/mod/mod_example.html.ko.euc-kr +#srv/web/ipfire/manual/mod/mod_example_hooks.html +#srv/web/ipfire/manual/mod/mod_example_hooks.html.en +#srv/web/ipfire/manual/mod/mod_example_hooks.html.fr +#srv/web/ipfire/manual/mod/mod_example_hooks.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_expires.html #srv/web/ipfire/manual/mod/mod_expires.html.en +#srv/web/ipfire/manual/mod/mod_expires.html.fr #srv/web/ipfire/manual/mod/mod_expires.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_expires.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_ext_filter.html #srv/web/ipfire/manual/mod/mod_ext_filter.html.en +#srv/web/ipfire/manual/mod/mod_ext_filter.html.fr #srv/web/ipfire/manual/mod/mod_ext_filter.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_ext_filter.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_file_cache.html #srv/web/ipfire/manual/mod/mod_file_cache.html.en +#srv/web/ipfire/manual/mod/mod_file_cache.html.fr #srv/web/ipfire/manual/mod/mod_file_cache.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_filter.html #srv/web/ipfire/manual/mod/mod_filter.html.en +#srv/web/ipfire/manual/mod/mod_filter.html.fr #srv/web/ipfire/manual/mod/mod_headers.html #srv/web/ipfire/manual/mod/mod_headers.html.en +#srv/web/ipfire/manual/mod/mod_headers.html.fr #srv/web/ipfire/manual/mod/mod_headers.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_headers.html.ko.euc-kr +#srv/web/ipfire/manual/mod/mod_heartbeat.html +#srv/web/ipfire/manual/mod/mod_heartbeat.html.en +#srv/web/ipfire/manual/mod/mod_heartbeat.html.fr +#srv/web/ipfire/manual/mod/mod_heartmonitor.html +#srv/web/ipfire/manual/mod/mod_heartmonitor.html.en +#srv/web/ipfire/manual/mod/mod_heartmonitor.html.fr +#srv/web/ipfire/manual/mod/mod_http2.html +#srv/web/ipfire/manual/mod/mod_http2.html.en #srv/web/ipfire/manual/mod/mod_ident.html #srv/web/ipfire/manual/mod/mod_ident.html.en +#srv/web/ipfire/manual/mod/mod_ident.html.fr #srv/web/ipfire/manual/mod/mod_ident.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_ident.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_imagemap.html #srv/web/ipfire/manual/mod/mod_imagemap.html.en +#srv/web/ipfire/manual/mod/mod_imagemap.html.fr #srv/web/ipfire/manual/mod/mod_imagemap.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_include.html #srv/web/ipfire/manual/mod/mod_include.html.en +#srv/web/ipfire/manual/mod/mod_include.html.fr #srv/web/ipfire/manual/mod/mod_include.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_info.html #srv/web/ipfire/manual/mod/mod_info.html.en +#srv/web/ipfire/manual/mod/mod_info.html.fr #srv/web/ipfire/manual/mod/mod_info.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_info.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_isapi.html #srv/web/ipfire/manual/mod/mod_isapi.html.en +#srv/web/ipfire/manual/mod/mod_isapi.html.fr #srv/web/ipfire/manual/mod/mod_isapi.html.ko.euc-kr +#srv/web/ipfire/manual/mod/mod_lbmethod_bybusyness.html +#srv/web/ipfire/manual/mod/mod_lbmethod_bybusyness.html.en +#srv/web/ipfire/manual/mod/mod_lbmethod_bybusyness.html.fr +#srv/web/ipfire/manual/mod/mod_lbmethod_byrequests.html +#srv/web/ipfire/manual/mod/mod_lbmethod_byrequests.html.en +#srv/web/ipfire/manual/mod/mod_lbmethod_byrequests.html.fr +#srv/web/ipfire/manual/mod/mod_lbmethod_bytraffic.html +#srv/web/ipfire/manual/mod/mod_lbmethod_bytraffic.html.en +#srv/web/ipfire/manual/mod/mod_lbmethod_bytraffic.html.fr +#srv/web/ipfire/manual/mod/mod_lbmethod_heartbeat.html +#srv/web/ipfire/manual/mod/mod_lbmethod_heartbeat.html.en +#srv/web/ipfire/manual/mod/mod_lbmethod_heartbeat.html.fr #srv/web/ipfire/manual/mod/mod_ldap.html #srv/web/ipfire/manual/mod/mod_ldap.html.en +#srv/web/ipfire/manual/mod/mod_ldap.html.fr #srv/web/ipfire/manual/mod/mod_log_config.html #srv/web/ipfire/manual/mod/mod_log_config.html.en +#srv/web/ipfire/manual/mod/mod_log_config.html.fr #srv/web/ipfire/manual/mod/mod_log_config.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_log_config.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_log_config.html.tr.utf8 +#srv/web/ipfire/manual/mod/mod_log_debug.html +#srv/web/ipfire/manual/mod/mod_log_debug.html.en +#srv/web/ipfire/manual/mod/mod_log_debug.html.fr #srv/web/ipfire/manual/mod/mod_log_forensic.html #srv/web/ipfire/manual/mod/mod_log_forensic.html.en +#srv/web/ipfire/manual/mod/mod_log_forensic.html.fr #srv/web/ipfire/manual/mod/mod_log_forensic.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_log_forensic.html.tr.utf8 #srv/web/ipfire/manual/mod/mod_logio.html #srv/web/ipfire/manual/mod/mod_logio.html.en +#srv/web/ipfire/manual/mod/mod_logio.html.fr #srv/web/ipfire/manual/mod/mod_logio.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_logio.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_logio.html.tr.utf8 -#srv/web/ipfire/manual/mod/mod_mem_cache.html -#srv/web/ipfire/manual/mod/mod_mem_cache.html.en -#srv/web/ipfire/manual/mod/mod_mem_cache.html.ja.utf8 -#srv/web/ipfire/manual/mod/mod_mem_cache.html.ko.euc-kr +#srv/web/ipfire/manual/mod/mod_lua.html +#srv/web/ipfire/manual/mod/mod_lua.html.en +#srv/web/ipfire/manual/mod/mod_lua.html.fr +#srv/web/ipfire/manual/mod/mod_macro.html +#srv/web/ipfire/manual/mod/mod_macro.html.en +#srv/web/ipfire/manual/mod/mod_macro.html.fr #srv/web/ipfire/manual/mod/mod_mime.html #srv/web/ipfire/manual/mod/mod_mime.html.en +#srv/web/ipfire/manual/mod/mod_mime.html.fr #srv/web/ipfire/manual/mod/mod_mime.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_mime_magic.html #srv/web/ipfire/manual/mod/mod_mime_magic.html.en +#srv/web/ipfire/manual/mod/mod_mime_magic.html.fr #srv/web/ipfire/manual/mod/mod_negotiation.html #srv/web/ipfire/manual/mod/mod_negotiation.html.en +#srv/web/ipfire/manual/mod/mod_negotiation.html.fr #srv/web/ipfire/manual/mod/mod_negotiation.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_nw_ssl.html #srv/web/ipfire/manual/mod/mod_nw_ssl.html.en +#srv/web/ipfire/manual/mod/mod_nw_ssl.html.fr +#srv/web/ipfire/manual/mod/mod_privileges.html +#srv/web/ipfire/manual/mod/mod_privileges.html.en +#srv/web/ipfire/manual/mod/mod_privileges.html.fr #srv/web/ipfire/manual/mod/mod_proxy.html #srv/web/ipfire/manual/mod/mod_proxy.html.en #srv/web/ipfire/manual/mod/mod_proxy.html.fr #srv/web/ipfire/manual/mod/mod_proxy.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_proxy_ajp.html #srv/web/ipfire/manual/mod/mod_proxy_ajp.html.en +#srv/web/ipfire/manual/mod/mod_proxy_ajp.html.fr #srv/web/ipfire/manual/mod/mod_proxy_ajp.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_proxy_balancer.html #srv/web/ipfire/manual/mod/mod_proxy_balancer.html.en +#srv/web/ipfire/manual/mod/mod_proxy_balancer.html.fr #srv/web/ipfire/manual/mod/mod_proxy_balancer.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_proxy_connect.html #srv/web/ipfire/manual/mod/mod_proxy_connect.html.en +#srv/web/ipfire/manual/mod/mod_proxy_connect.html.fr #srv/web/ipfire/manual/mod/mod_proxy_connect.html.ja.utf8 +#srv/web/ipfire/manual/mod/mod_proxy_express.html +#srv/web/ipfire/manual/mod/mod_proxy_express.html.en +#srv/web/ipfire/manual/mod/mod_proxy_express.html.fr +#srv/web/ipfire/manual/mod/mod_proxy_fcgi.html +#srv/web/ipfire/manual/mod/mod_proxy_fcgi.html.en +#srv/web/ipfire/manual/mod/mod_proxy_fcgi.html.fr +#srv/web/ipfire/manual/mod/mod_proxy_fdpass.html +#srv/web/ipfire/manual/mod/mod_proxy_fdpass.html.en +#srv/web/ipfire/manual/mod/mod_proxy_fdpass.html.fr #srv/web/ipfire/manual/mod/mod_proxy_ftp.html #srv/web/ipfire/manual/mod/mod_proxy_ftp.html.en -#srv/web/ipfire/manual/mod/mod_proxy_ftp.html.ja.utf8 +#srv/web/ipfire/manual/mod/mod_proxy_ftp.html.fr +#srv/web/ipfire/manual/mod/mod_proxy_hcheck.html +#srv/web/ipfire/manual/mod/mod_proxy_hcheck.html.en +#srv/web/ipfire/manual/mod/mod_proxy_html.html +#srv/web/ipfire/manual/mod/mod_proxy_html.html.en +#srv/web/ipfire/manual/mod/mod_proxy_html.html.fr #srv/web/ipfire/manual/mod/mod_proxy_http.html #srv/web/ipfire/manual/mod/mod_proxy_http.html.en #srv/web/ipfire/manual/mod/mod_proxy_http.html.fr -#srv/web/ipfire/manual/mod/mod_proxy_http.html.ja.utf8 +#srv/web/ipfire/manual/mod/mod_proxy_http2.html +#srv/web/ipfire/manual/mod/mod_proxy_http2.html.en #srv/web/ipfire/manual/mod/mod_proxy_scgi.html #srv/web/ipfire/manual/mod/mod_proxy_scgi.html.en -#srv/web/ipfire/manual/mod/mod_proxy_scgi.html.ja.utf8 +#srv/web/ipfire/manual/mod/mod_proxy_scgi.html.fr +#srv/web/ipfire/manual/mod/mod_proxy_wstunnel.html +#srv/web/ipfire/manual/mod/mod_proxy_wstunnel.html.en +#srv/web/ipfire/manual/mod/mod_ratelimit.html +#srv/web/ipfire/manual/mod/mod_ratelimit.html.en +#srv/web/ipfire/manual/mod/mod_ratelimit.html.fr +#srv/web/ipfire/manual/mod/mod_reflector.html +#srv/web/ipfire/manual/mod/mod_reflector.html.en +#srv/web/ipfire/manual/mod/mod_reflector.html.fr +#srv/web/ipfire/manual/mod/mod_remoteip.html +#srv/web/ipfire/manual/mod/mod_remoteip.html.en +#srv/web/ipfire/manual/mod/mod_remoteip.html.fr #srv/web/ipfire/manual/mod/mod_reqtimeout.html #srv/web/ipfire/manual/mod/mod_reqtimeout.html.en +#srv/web/ipfire/manual/mod/mod_reqtimeout.html.fr +#srv/web/ipfire/manual/mod/mod_request.html +#srv/web/ipfire/manual/mod/mod_request.html.en +#srv/web/ipfire/manual/mod/mod_request.html.fr +#srv/web/ipfire/manual/mod/mod_request.html.tr.utf8 #srv/web/ipfire/manual/mod/mod_rewrite.html #srv/web/ipfire/manual/mod/mod_rewrite.html.en #srv/web/ipfire/manual/mod/mod_rewrite.html.fr +#srv/web/ipfire/manual/mod/mod_sed.html +#srv/web/ipfire/manual/mod/mod_sed.html.en +#srv/web/ipfire/manual/mod/mod_sed.html.fr +#srv/web/ipfire/manual/mod/mod_session.html +#srv/web/ipfire/manual/mod/mod_session.html.en +#srv/web/ipfire/manual/mod/mod_session.html.fr +#srv/web/ipfire/manual/mod/mod_session_cookie.html +#srv/web/ipfire/manual/mod/mod_session_cookie.html.en +#srv/web/ipfire/manual/mod/mod_session_cookie.html.fr +#srv/web/ipfire/manual/mod/mod_session_crypto.html +#srv/web/ipfire/manual/mod/mod_session_crypto.html.en +#srv/web/ipfire/manual/mod/mod_session_crypto.html.fr +#srv/web/ipfire/manual/mod/mod_session_dbd.html +#srv/web/ipfire/manual/mod/mod_session_dbd.html.en +#srv/web/ipfire/manual/mod/mod_session_dbd.html.fr #srv/web/ipfire/manual/mod/mod_setenvif.html #srv/web/ipfire/manual/mod/mod_setenvif.html.en +#srv/web/ipfire/manual/mod/mod_setenvif.html.fr #srv/web/ipfire/manual/mod/mod_setenvif.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_setenvif.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_setenvif.html.tr.utf8 +#srv/web/ipfire/manual/mod/mod_slotmem_plain.html +#srv/web/ipfire/manual/mod/mod_slotmem_plain.html.en +#srv/web/ipfire/manual/mod/mod_slotmem_plain.html.fr +#srv/web/ipfire/manual/mod/mod_slotmem_shm.html +#srv/web/ipfire/manual/mod/mod_slotmem_shm.html.en +#srv/web/ipfire/manual/mod/mod_slotmem_shm.html.fr #srv/web/ipfire/manual/mod/mod_so.html #srv/web/ipfire/manual/mod/mod_so.html.en +#srv/web/ipfire/manual/mod/mod_so.html.fr #srv/web/ipfire/manual/mod/mod_so.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_so.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_so.html.tr.utf8 +#srv/web/ipfire/manual/mod/mod_socache_dbm.html +#srv/web/ipfire/manual/mod/mod_socache_dbm.html.en +#srv/web/ipfire/manual/mod/mod_socache_dbm.html.fr +#srv/web/ipfire/manual/mod/mod_socache_dc.html +#srv/web/ipfire/manual/mod/mod_socache_dc.html.en +#srv/web/ipfire/manual/mod/mod_socache_dc.html.fr +#srv/web/ipfire/manual/mod/mod_socache_memcache.html +#srv/web/ipfire/manual/mod/mod_socache_memcache.html.en +#srv/web/ipfire/manual/mod/mod_socache_memcache.html.fr +#srv/web/ipfire/manual/mod/mod_socache_shmcb.html +#srv/web/ipfire/manual/mod/mod_socache_shmcb.html.en +#srv/web/ipfire/manual/mod/mod_socache_shmcb.html.fr #srv/web/ipfire/manual/mod/mod_speling.html #srv/web/ipfire/manual/mod/mod_speling.html.en +#srv/web/ipfire/manual/mod/mod_speling.html.fr #srv/web/ipfire/manual/mod/mod_speling.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_speling.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_ssl.html #srv/web/ipfire/manual/mod/mod_ssl.html.en +#srv/web/ipfire/manual/mod/mod_ssl.html.fr #srv/web/ipfire/manual/mod/mod_status.html #srv/web/ipfire/manual/mod/mod_status.html.en +#srv/web/ipfire/manual/mod/mod_status.html.fr #srv/web/ipfire/manual/mod/mod_status.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_status.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_status.html.tr.utf8 #srv/web/ipfire/manual/mod/mod_substitute.html #srv/web/ipfire/manual/mod/mod_substitute.html.en +#srv/web/ipfire/manual/mod/mod_substitute.html.fr #srv/web/ipfire/manual/mod/mod_suexec.html #srv/web/ipfire/manual/mod/mod_suexec.html.en #srv/web/ipfire/manual/mod/mod_suexec.html.fr @@ -822,57 +1060,77 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/mod/mod_suexec.html.tr.utf8 #srv/web/ipfire/manual/mod/mod_unique_id.html #srv/web/ipfire/manual/mod/mod_unique_id.html.en +#srv/web/ipfire/manual/mod/mod_unique_id.html.fr #srv/web/ipfire/manual/mod/mod_unique_id.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_unique_id.html.ko.euc-kr +#srv/web/ipfire/manual/mod/mod_unixd.html +#srv/web/ipfire/manual/mod/mod_unixd.html.en +#srv/web/ipfire/manual/mod/mod_unixd.html.fr +#srv/web/ipfire/manual/mod/mod_unixd.html.tr.utf8 #srv/web/ipfire/manual/mod/mod_userdir.html #srv/web/ipfire/manual/mod/mod_userdir.html.en +#srv/web/ipfire/manual/mod/mod_userdir.html.fr #srv/web/ipfire/manual/mod/mod_userdir.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_userdir.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_userdir.html.tr.utf8 #srv/web/ipfire/manual/mod/mod_usertrack.html #srv/web/ipfire/manual/mod/mod_usertrack.html.en +#srv/web/ipfire/manual/mod/mod_usertrack.html.fr #srv/web/ipfire/manual/mod/mod_version.html #srv/web/ipfire/manual/mod/mod_version.html.en #srv/web/ipfire/manual/mod/mod_version.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_version.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_vhost_alias.html #srv/web/ipfire/manual/mod/mod_vhost_alias.html.en +#srv/web/ipfire/manual/mod/mod_vhost_alias.html.fr #srv/web/ipfire/manual/mod/mod_vhost_alias.html.tr.utf8 +#srv/web/ipfire/manual/mod/mod_watchdog.html +#srv/web/ipfire/manual/mod/mod_watchdog.html.en +#srv/web/ipfire/manual/mod/mod_xml2enc.html +#srv/web/ipfire/manual/mod/mod_xml2enc.html.en +#srv/web/ipfire/manual/mod/mod_xml2enc.html.fr #srv/web/ipfire/manual/mod/module-dict.html #srv/web/ipfire/manual/mod/module-dict.html.en +#srv/web/ipfire/manual/mod/module-dict.html.fr #srv/web/ipfire/manual/mod/module-dict.html.ja.utf8 #srv/web/ipfire/manual/mod/module-dict.html.ko.euc-kr #srv/web/ipfire/manual/mod/module-dict.html.tr.utf8 #srv/web/ipfire/manual/mod/mpm_common.html #srv/web/ipfire/manual/mod/mpm_common.html.de #srv/web/ipfire/manual/mod/mpm_common.html.en +#srv/web/ipfire/manual/mod/mpm_common.html.fr #srv/web/ipfire/manual/mod/mpm_common.html.ja.utf8 #srv/web/ipfire/manual/mod/mpm_common.html.tr.utf8 #srv/web/ipfire/manual/mod/mpm_netware.html #srv/web/ipfire/manual/mod/mpm_netware.html.en +#srv/web/ipfire/manual/mod/mpm_netware.html.fr #srv/web/ipfire/manual/mod/mpm_winnt.html #srv/web/ipfire/manual/mod/mpm_winnt.html.de #srv/web/ipfire/manual/mod/mpm_winnt.html.en +#srv/web/ipfire/manual/mod/mpm_winnt.html.fr #srv/web/ipfire/manual/mod/mpm_winnt.html.ja.utf8 #srv/web/ipfire/manual/mod/mpmt_os2.html #srv/web/ipfire/manual/mod/mpmt_os2.html.en +#srv/web/ipfire/manual/mod/mpmt_os2.html.fr #srv/web/ipfire/manual/mod/prefork.html #srv/web/ipfire/manual/mod/prefork.html.de #srv/web/ipfire/manual/mod/prefork.html.en +#srv/web/ipfire/manual/mod/prefork.html.fr #srv/web/ipfire/manual/mod/prefork.html.ja.utf8 #srv/web/ipfire/manual/mod/prefork.html.tr.utf8 #srv/web/ipfire/manual/mod/quickreference.html #srv/web/ipfire/manual/mod/quickreference.html.de #srv/web/ipfire/manual/mod/quickreference.html.en #srv/web/ipfire/manual/mod/quickreference.html.es +#srv/web/ipfire/manual/mod/quickreference.html.fr #srv/web/ipfire/manual/mod/quickreference.html.ja.utf8 #srv/web/ipfire/manual/mod/quickreference.html.ko.euc-kr -#srv/web/ipfire/manual/mod/quickreference.html.ru.koi8-r #srv/web/ipfire/manual/mod/quickreference.html.tr.utf8 #srv/web/ipfire/manual/mod/quickreference.html.zh-cn.utf8 #srv/web/ipfire/manual/mod/worker.html #srv/web/ipfire/manual/mod/worker.html.de #srv/web/ipfire/manual/mod/worker.html.en +#srv/web/ipfire/manual/mod/worker.html.fr #srv/web/ipfire/manual/mod/worker.html.ja.utf8 #srv/web/ipfire/manual/mod/worker.html.tr.utf8 #srv/web/ipfire/manual/mpm.html @@ -896,93 +1154,124 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/new_features_2_2.html #srv/web/ipfire/manual/new_features_2_2.html.en #srv/web/ipfire/manual/new_features_2_2.html.fr -#srv/web/ipfire/manual/new_features_2_2.html.ja.utf8 #srv/web/ipfire/manual/new_features_2_2.html.ko.euc-kr #srv/web/ipfire/manual/new_features_2_2.html.pt-br #srv/web/ipfire/manual/new_features_2_2.html.tr.utf8 +#srv/web/ipfire/manual/new_features_2_4.html +#srv/web/ipfire/manual/new_features_2_4.html.en +#srv/web/ipfire/manual/new_features_2_4.html.fr +#srv/web/ipfire/manual/new_features_2_4.html.tr.utf8 #srv/web/ipfire/manual/platform #srv/web/ipfire/manual/platform/ebcdic.html #srv/web/ipfire/manual/platform/ebcdic.html.en #srv/web/ipfire/manual/platform/ebcdic.html.ko.euc-kr #srv/web/ipfire/manual/platform/index.html #srv/web/ipfire/manual/platform/index.html.en +#srv/web/ipfire/manual/platform/index.html.fr #srv/web/ipfire/manual/platform/index.html.ko.euc-kr #srv/web/ipfire/manual/platform/index.html.zh-cn.utf8 #srv/web/ipfire/manual/platform/netware.html #srv/web/ipfire/manual/platform/netware.html.en +#srv/web/ipfire/manual/platform/netware.html.fr #srv/web/ipfire/manual/platform/netware.html.ko.euc-kr #srv/web/ipfire/manual/platform/perf-hp.html #srv/web/ipfire/manual/platform/perf-hp.html.en +#srv/web/ipfire/manual/platform/perf-hp.html.fr #srv/web/ipfire/manual/platform/perf-hp.html.ko.euc-kr +#srv/web/ipfire/manual/platform/rpm.html +#srv/web/ipfire/manual/platform/rpm.html.en #srv/web/ipfire/manual/platform/win_compiling.html #srv/web/ipfire/manual/platform/win_compiling.html.en +#srv/web/ipfire/manual/platform/win_compiling.html.fr #srv/web/ipfire/manual/platform/win_compiling.html.ko.euc-kr #srv/web/ipfire/manual/platform/windows.html #srv/web/ipfire/manual/platform/windows.html.en +#srv/web/ipfire/manual/platform/windows.html.fr #srv/web/ipfire/manual/platform/windows.html.ko.euc-kr #srv/web/ipfire/manual/programs #srv/web/ipfire/manual/programs/ab.html #srv/web/ipfire/manual/programs/ab.html.en +#srv/web/ipfire/manual/programs/ab.html.fr #srv/web/ipfire/manual/programs/ab.html.ko.euc-kr #srv/web/ipfire/manual/programs/ab.html.tr.utf8 #srv/web/ipfire/manual/programs/apachectl.html #srv/web/ipfire/manual/programs/apachectl.html.en +#srv/web/ipfire/manual/programs/apachectl.html.fr #srv/web/ipfire/manual/programs/apachectl.html.ko.euc-kr #srv/web/ipfire/manual/programs/apachectl.html.tr.utf8 #srv/web/ipfire/manual/programs/apxs.html #srv/web/ipfire/manual/programs/apxs.html.en +#srv/web/ipfire/manual/programs/apxs.html.fr #srv/web/ipfire/manual/programs/apxs.html.ko.euc-kr #srv/web/ipfire/manual/programs/apxs.html.tr.utf8 #srv/web/ipfire/manual/programs/configure.html #srv/web/ipfire/manual/programs/configure.html.en +#srv/web/ipfire/manual/programs/configure.html.fr #srv/web/ipfire/manual/programs/configure.html.ko.euc-kr #srv/web/ipfire/manual/programs/configure.html.tr.utf8 #srv/web/ipfire/manual/programs/dbmmanage.html #srv/web/ipfire/manual/programs/dbmmanage.html.en +#srv/web/ipfire/manual/programs/dbmmanage.html.fr #srv/web/ipfire/manual/programs/dbmmanage.html.ko.euc-kr #srv/web/ipfire/manual/programs/dbmmanage.html.tr.utf8 +#srv/web/ipfire/manual/programs/fcgistarter.html +#srv/web/ipfire/manual/programs/fcgistarter.html.en +#srv/web/ipfire/manual/programs/fcgistarter.html.fr +#srv/web/ipfire/manual/programs/fcgistarter.html.tr.utf8 #srv/web/ipfire/manual/programs/htcacheclean.html #srv/web/ipfire/manual/programs/htcacheclean.html.en +#srv/web/ipfire/manual/programs/htcacheclean.html.fr #srv/web/ipfire/manual/programs/htcacheclean.html.ko.euc-kr #srv/web/ipfire/manual/programs/htcacheclean.html.tr.utf8 #srv/web/ipfire/manual/programs/htdbm.html #srv/web/ipfire/manual/programs/htdbm.html.en +#srv/web/ipfire/manual/programs/htdbm.html.fr #srv/web/ipfire/manual/programs/htdbm.html.tr.utf8 #srv/web/ipfire/manual/programs/htdigest.html #srv/web/ipfire/manual/programs/htdigest.html.en +#srv/web/ipfire/manual/programs/htdigest.html.fr #srv/web/ipfire/manual/programs/htdigest.html.ko.euc-kr #srv/web/ipfire/manual/programs/htdigest.html.tr.utf8 #srv/web/ipfire/manual/programs/htpasswd.html #srv/web/ipfire/manual/programs/htpasswd.html.en +#srv/web/ipfire/manual/programs/htpasswd.html.fr #srv/web/ipfire/manual/programs/htpasswd.html.ko.euc-kr #srv/web/ipfire/manual/programs/htpasswd.html.tr.utf8 #srv/web/ipfire/manual/programs/httpd.html #srv/web/ipfire/manual/programs/httpd.html.en +#srv/web/ipfire/manual/programs/httpd.html.fr #srv/web/ipfire/manual/programs/httpd.html.ko.euc-kr #srv/web/ipfire/manual/programs/httpd.html.tr.utf8 #srv/web/ipfire/manual/programs/httxt2dbm.html #srv/web/ipfire/manual/programs/httxt2dbm.html.en +#srv/web/ipfire/manual/programs/httxt2dbm.html.fr #srv/web/ipfire/manual/programs/httxt2dbm.html.tr.utf8 #srv/web/ipfire/manual/programs/index.html #srv/web/ipfire/manual/programs/index.html.en #srv/web/ipfire/manual/programs/index.html.es -#srv/web/ipfire/manual/programs/index.html.ja.utf8 +#srv/web/ipfire/manual/programs/index.html.fr #srv/web/ipfire/manual/programs/index.html.ko.euc-kr -#srv/web/ipfire/manual/programs/index.html.ru.koi8-r #srv/web/ipfire/manual/programs/index.html.tr.utf8 #srv/web/ipfire/manual/programs/index.html.zh-cn.utf8 +#srv/web/ipfire/manual/programs/log_server_status.html +#srv/web/ipfire/manual/programs/log_server_status.html.en #srv/web/ipfire/manual/programs/logresolve.html #srv/web/ipfire/manual/programs/logresolve.html.en +#srv/web/ipfire/manual/programs/logresolve.html.fr #srv/web/ipfire/manual/programs/logresolve.html.ko.euc-kr #srv/web/ipfire/manual/programs/logresolve.html.tr.utf8 #srv/web/ipfire/manual/programs/other.html #srv/web/ipfire/manual/programs/other.html.en +#srv/web/ipfire/manual/programs/other.html.fr #srv/web/ipfire/manual/programs/other.html.ko.euc-kr #srv/web/ipfire/manual/programs/other.html.tr.utf8 #srv/web/ipfire/manual/programs/rotatelogs.html #srv/web/ipfire/manual/programs/rotatelogs.html.en +#srv/web/ipfire/manual/programs/rotatelogs.html.fr #srv/web/ipfire/manual/programs/rotatelogs.html.ko.euc-kr #srv/web/ipfire/manual/programs/rotatelogs.html.tr.utf8 +#srv/web/ipfire/manual/programs/split-logfile.html +#srv/web/ipfire/manual/programs/split-logfile.html.en #srv/web/ipfire/manual/programs/suexec.html #srv/web/ipfire/manual/programs/suexec.html.en #srv/web/ipfire/manual/programs/suexec.html.ko.euc-kr @@ -990,15 +1279,19 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/rewrite #srv/web/ipfire/manual/rewrite/access.html #srv/web/ipfire/manual/rewrite/access.html.en +#srv/web/ipfire/manual/rewrite/access.html.fr #srv/web/ipfire/manual/rewrite/advanced.html #srv/web/ipfire/manual/rewrite/advanced.html.en +#srv/web/ipfire/manual/rewrite/advanced.html.fr #srv/web/ipfire/manual/rewrite/avoid.html #srv/web/ipfire/manual/rewrite/avoid.html.en +#srv/web/ipfire/manual/rewrite/avoid.html.fr #srv/web/ipfire/manual/rewrite/flags.html #srv/web/ipfire/manual/rewrite/flags.html.en #srv/web/ipfire/manual/rewrite/flags.html.fr #srv/web/ipfire/manual/rewrite/htaccess.html #srv/web/ipfire/manual/rewrite/htaccess.html.en +#srv/web/ipfire/manual/rewrite/htaccess.html.fr #srv/web/ipfire/manual/rewrite/index.html #srv/web/ipfire/manual/rewrite/index.html.en #srv/web/ipfire/manual/rewrite/index.html.fr @@ -1009,15 +1302,19 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/rewrite/intro.html.fr #srv/web/ipfire/manual/rewrite/proxy.html #srv/web/ipfire/manual/rewrite/proxy.html.en +#srv/web/ipfire/manual/rewrite/proxy.html.fr #srv/web/ipfire/manual/rewrite/remapping.html #srv/web/ipfire/manual/rewrite/remapping.html.en +#srv/web/ipfire/manual/rewrite/remapping.html.fr #srv/web/ipfire/manual/rewrite/rewritemap.html #srv/web/ipfire/manual/rewrite/rewritemap.html.en +#srv/web/ipfire/manual/rewrite/rewritemap.html.fr #srv/web/ipfire/manual/rewrite/tech.html #srv/web/ipfire/manual/rewrite/tech.html.en #srv/web/ipfire/manual/rewrite/tech.html.fr #srv/web/ipfire/manual/rewrite/vhosts.html #srv/web/ipfire/manual/rewrite/vhosts.html.en +#srv/web/ipfire/manual/rewrite/vhosts.html.fr #srv/web/ipfire/manual/sections.html #srv/web/ipfire/manual/sections.html.en #srv/web/ipfire/manual/sections.html.fr @@ -1026,6 +1323,7 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/sections.html.tr.utf8 #srv/web/ipfire/manual/server-wide.html #srv/web/ipfire/manual/server-wide.html.en +#srv/web/ipfire/manual/server-wide.html.fr #srv/web/ipfire/manual/server-wide.html.ja.utf8 #srv/web/ipfire/manual/server-wide.html.ko.euc-kr #srv/web/ipfire/manual/server-wide.html.tr.utf8 @@ -1033,24 +1331,33 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/sitemap.html.de #srv/web/ipfire/manual/sitemap.html.en #srv/web/ipfire/manual/sitemap.html.es +#srv/web/ipfire/manual/sitemap.html.fr #srv/web/ipfire/manual/sitemap.html.ja.utf8 #srv/web/ipfire/manual/sitemap.html.ko.euc-kr #srv/web/ipfire/manual/sitemap.html.tr.utf8 #srv/web/ipfire/manual/sitemap.html.zh-cn.utf8 +#srv/web/ipfire/manual/socache.html +#srv/web/ipfire/manual/socache.html.en +#srv/web/ipfire/manual/socache.html.fr #srv/web/ipfire/manual/ssl #srv/web/ipfire/manual/ssl/index.html #srv/web/ipfire/manual/ssl/index.html.en +#srv/web/ipfire/manual/ssl/index.html.fr #srv/web/ipfire/manual/ssl/index.html.ja.utf8 #srv/web/ipfire/manual/ssl/index.html.tr.utf8 #srv/web/ipfire/manual/ssl/index.html.zh-cn.utf8 #srv/web/ipfire/manual/ssl/ssl_compat.html #srv/web/ipfire/manual/ssl/ssl_compat.html.en +#srv/web/ipfire/manual/ssl/ssl_compat.html.fr #srv/web/ipfire/manual/ssl/ssl_faq.html #srv/web/ipfire/manual/ssl/ssl_faq.html.en +#srv/web/ipfire/manual/ssl/ssl_faq.html.fr #srv/web/ipfire/manual/ssl/ssl_howto.html #srv/web/ipfire/manual/ssl/ssl_howto.html.en +#srv/web/ipfire/manual/ssl/ssl_howto.html.fr #srv/web/ipfire/manual/ssl/ssl_intro.html #srv/web/ipfire/manual/ssl/ssl_intro.html.en +#srv/web/ipfire/manual/ssl/ssl_intro.html.fr #srv/web/ipfire/manual/ssl/ssl_intro.html.ja.utf8 #srv/web/ipfire/manual/stopping.html #srv/web/ipfire/manual/stopping.html.de @@ -1093,12 +1400,11 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/suexec.html.ko.euc-kr #srv/web/ipfire/manual/suexec.html.tr.utf8 #srv/web/ipfire/manual/upgrading.html -#srv/web/ipfire/manual/upgrading.html.de #srv/web/ipfire/manual/upgrading.html.en #srv/web/ipfire/manual/upgrading.html.fr -#srv/web/ipfire/manual/upgrading.html.ja.utf8 #srv/web/ipfire/manual/urlmapping.html #srv/web/ipfire/manual/urlmapping.html.en +#srv/web/ipfire/manual/urlmapping.html.fr #srv/web/ipfire/manual/urlmapping.html.ja.utf8 #srv/web/ipfire/manual/urlmapping.html.ko.euc-kr #srv/web/ipfire/manual/urlmapping.html.tr.utf8 @@ -1126,7 +1432,6 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/vhosts/index.html.fr #srv/web/ipfire/manual/vhosts/index.html.ja.utf8 #srv/web/ipfire/manual/vhosts/index.html.ko.euc-kr -#srv/web/ipfire/manual/vhosts/index.html.ru.koi8-r #srv/web/ipfire/manual/vhosts/index.html.tr.utf8 #srv/web/ipfire/manual/vhosts/index.html.zh-cn.utf8 #srv/web/ipfire/manual/vhosts/ip-based.html @@ -1137,6 +1442,7 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/vhosts/ip-based.html.tr.utf8 #srv/web/ipfire/manual/vhosts/mass.html #srv/web/ipfire/manual/vhosts/mass.html.en +#srv/web/ipfire/manual/vhosts/mass.html.fr #srv/web/ipfire/manual/vhosts/mass.html.ko.euc-kr #srv/web/ipfire/manual/vhosts/mass.html.tr.utf8 #srv/web/ipfire/manual/vhosts/name-based.html @@ -1146,13 +1452,21 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/vhosts/name-based.html.ja.utf8 #srv/web/ipfire/manual/vhosts/name-based.html.ko.euc-kr #srv/web/ipfire/manual/vhosts/name-based.html.tr.utf8 -#usr/bin/apr-1-config -#usr/bin/apu-1-config +#usr/bin/ab +#usr/bin/apxs +#usr/bin/dbmmanage +#usr/bin/htdbm +#usr/bin/htdigest +usr/bin/htpasswd +#usr/bin/httxt2dbm +#usr/bin/logresolve #usr/include/apache #usr/include/apache/ap_compat.h #usr/include/apache/ap_config.h #usr/include/apache/ap_config_auto.h #usr/include/apache/ap_config_layout.h +#usr/include/apache/ap_expr.h +#usr/include/apache/ap_hooks.h #usr/include/apache/ap_listen.h #usr/include/apache/ap_mmn.h #usr/include/apache/ap_mpm.h @@ -1160,77 +1474,11 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #usr/include/apache/ap_regex.h #usr/include/apache/ap_regkey.h #usr/include/apache/ap_release.h -#usr/include/apache/apr.h -#usr/include/apache/apr_allocator.h -#usr/include/apache/apr_anylock.h -#usr/include/apache/apr_atomic.h -#usr/include/apache/apr_base64.h -#usr/include/apache/apr_buckets.h -#usr/include/apache/apr_crypto.h -#usr/include/apache/apr_date.h -#usr/include/apache/apr_dbd.h -#usr/include/apache/apr_dbm.h -#usr/include/apache/apr_dso.h -#usr/include/apache/apr_env.h -#usr/include/apache/apr_errno.h -#usr/include/apache/apr_escape.h -#usr/include/apache/apr_file_info.h -#usr/include/apache/apr_file_io.h -#usr/include/apache/apr_fnmatch.h -#usr/include/apache/apr_general.h -#usr/include/apache/apr_getopt.h -#usr/include/apache/apr_global_mutex.h -#usr/include/apache/apr_hash.h -#usr/include/apache/apr_hooks.h -#usr/include/apache/apr_inherit.h -#usr/include/apache/apr_ldap.h -#usr/include/apache/apr_ldap_init.h -#usr/include/apache/apr_ldap_option.h -#usr/include/apache/apr_ldap_rebind.h -#usr/include/apache/apr_ldap_url.h -#usr/include/apache/apr_lib.h -#usr/include/apache/apr_md4.h -#usr/include/apache/apr_md5.h -#usr/include/apache/apr_memcache.h -#usr/include/apache/apr_mmap.h -#usr/include/apache/apr_network_io.h -#usr/include/apache/apr_optional.h -#usr/include/apache/apr_optional_hooks.h -#usr/include/apache/apr_poll.h -#usr/include/apache/apr_pools.h -#usr/include/apache/apr_portable.h -#usr/include/apache/apr_proc_mutex.h -#usr/include/apache/apr_queue.h -#usr/include/apache/apr_random.h -#usr/include/apache/apr_reslist.h -#usr/include/apache/apr_ring.h -#usr/include/apache/apr_rmm.h -#usr/include/apache/apr_sdbm.h -#usr/include/apache/apr_sha1.h -#usr/include/apache/apr_shm.h -#usr/include/apache/apr_signal.h -#usr/include/apache/apr_skiplist.h -#usr/include/apache/apr_strings.h -#usr/include/apache/apr_strmatch.h -#usr/include/apache/apr_support.h -#usr/include/apache/apr_tables.h -#usr/include/apache/apr_thread_cond.h -#usr/include/apache/apr_thread_mutex.h -#usr/include/apache/apr_thread_pool.h -#usr/include/apache/apr_thread_proc.h -#usr/include/apache/apr_thread_rwlock.h -#usr/include/apache/apr_time.h -#usr/include/apache/apr_uri.h -#usr/include/apache/apr_user.h -#usr/include/apache/apr_uuid.h -#usr/include/apache/apr_version.h -#usr/include/apache/apr_want.h -#usr/include/apache/apr_xlate.h -#usr/include/apache/apr_xml.h -#usr/include/apache/apu.h -#usr/include/apache/apu_errno.h -#usr/include/apache/apu_version.h -#usr/include/apache/apu_want.h +#usr/include/apache/ap_slotmem.h +#usr/include/apache/ap_socache.h +#usr/include/apache/apache_noprobes.h +#usr/include/apache/cache_common.h +#usr/include/apache/heartbeat.h #usr/include/apache/http_config.h #usr/include/apache/http_connection.h #usr/include/apache/http_core.h @@ -1241,6 +1489,7 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #usr/include/apache/http_vhost.h #usr/include/apache/httpd.h #usr/include/apache/mod_auth.h +#usr/include/apache/mod_cache.h #usr/include/apache/mod_cgi.h #usr/include/apache/mod_core.h #usr/include/apache/mod_dav.h @@ -1248,77 +1497,102 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #usr/include/apache/mod_include.h #usr/include/apache/mod_log_config.h #usr/include/apache/mod_proxy.h +#usr/include/apache/mod_request.h #usr/include/apache/mod_rewrite.h +#usr/include/apache/mod_session.h +#usr/include/apache/mod_so.h #usr/include/apache/mod_ssl.h +#usr/include/apache/mod_ssl_openssl.h #usr/include/apache/mod_status.h -#usr/include/apache/mpm.h +#usr/include/apache/mod_unixd.h +#usr/include/apache/mod_watchdog.h +#usr/include/apache/mod_xml2enc.h #usr/include/apache/mpm_common.h -#usr/include/apache/mpm_default.h #usr/include/apache/os.h #usr/include/apache/scoreboard.h #usr/include/apache/unixd.h #usr/include/apache/util_cfgtree.h #usr/include/apache/util_charset.h +#usr/include/apache/util_cookies.h #usr/include/apache/util_ebcdic.h +#usr/include/apache/util_fcgi.h #usr/include/apache/util_filter.h #usr/include/apache/util_ldap.h #usr/include/apache/util_md5.h +#usr/include/apache/util_mutex.h #usr/include/apache/util_script.h #usr/include/apache/util_time.h +#usr/include/apache/util_varbuf.h #usr/include/apache/util_xml.h #usr/lib/apache #usr/lib/apache/build -#usr/lib/apache/build/apr_rules.mk #usr/lib/apache/build/config.nice #usr/lib/apache/build/config_vars.mk #usr/lib/apache/build/instdso.sh #usr/lib/apache/build/library.mk -#usr/lib/apache/build/libtool #usr/lib/apache/build/ltlib.mk -#usr/lib/apache/build/make_exports.awk -#usr/lib/apache/build/make_var_export.awk #usr/lib/apache/build/mkdir.sh #usr/lib/apache/build/program.mk #usr/lib/apache/build/rules.mk #usr/lib/apache/build/special.mk #usr/lib/apache/httpd.exp +#usr/lib/apache/mod_access_compat.so usr/lib/apache/mod_actions.so usr/lib/apache/mod_alias.so +usr/lib/apache/mod_allowmethods.so usr/lib/apache/mod_asis.so usr/lib/apache/mod_auth_basic.so usr/lib/apache/mod_auth_digest.so +usr/lib/apache/mod_auth_form.so usr/lib/apache/mod_authn_anon.so +usr/lib/apache/mod_authn_core.so usr/lib/apache/mod_authn_dbd.so usr/lib/apache/mod_authn_dbm.so -usr/lib/apache/mod_authn_default.so usr/lib/apache/mod_authn_file.so +usr/lib/apache/mod_authn_socache.so +usr/lib/apache/mod_authz_core.so +usr/lib/apache/mod_authz_dbd.so usr/lib/apache/mod_authz_dbm.so -usr/lib/apache/mod_authz_default.so usr/lib/apache/mod_authz_groupfile.so usr/lib/apache/mod_authz_host.so usr/lib/apache/mod_authz_owner.so usr/lib/apache/mod_authz_user.so usr/lib/apache/mod_autoindex.so -usr/lib/apache/mod_cern_meta.so -usr/lib/apache/mod_cgi.so +usr/lib/apache/mod_buffer.so +usr/lib/apache/mod_cache.so +usr/lib/apache/mod_cache_disk.so +usr/lib/apache/mod_cache_socache.so +usr/lib/apache/mod_cgid.so +usr/lib/apache/mod_charset_lite.so +usr/lib/apache/mod_data.so usr/lib/apache/mod_dav.so usr/lib/apache/mod_dav_fs.so +usr/lib/apache/mod_dav_lock.so usr/lib/apache/mod_dbd.so usr/lib/apache/mod_deflate.so +usr/lib/apache/mod_dialup.so usr/lib/apache/mod_dir.so usr/lib/apache/mod_dumpio.so +usr/lib/apache/mod_echo.so usr/lib/apache/mod_env.so usr/lib/apache/mod_expires.so usr/lib/apache/mod_ext_filter.so +usr/lib/apache/mod_file_cache.so usr/lib/apache/mod_filter.so usr/lib/apache/mod_headers.so -usr/lib/apache/mod_ident.so -usr/lib/apache/mod_imagemap.so +usr/lib/apache/mod_heartbeat.so +usr/lib/apache/mod_heartmonitor.so usr/lib/apache/mod_include.so usr/lib/apache/mod_info.so +usr/lib/apache/mod_lbmethod_bybusyness.so +usr/lib/apache/mod_lbmethod_byrequests.so +usr/lib/apache/mod_lbmethod_bytraffic.so +usr/lib/apache/mod_lbmethod_heartbeat.so usr/lib/apache/mod_log_config.so +usr/lib/apache/mod_log_debug.so usr/lib/apache/mod_log_forensic.so usr/lib/apache/mod_logio.so +usr/lib/apache/mod_macro.so usr/lib/apache/mod_mime.so usr/lib/apache/mod_mime_magic.so usr/lib/apache/mod_negotiation.so @@ -1326,66 +1600,65 @@ usr/lib/apache/mod_proxy.so usr/lib/apache/mod_proxy_ajp.so usr/lib/apache/mod_proxy_balancer.so usr/lib/apache/mod_proxy_connect.so +usr/lib/apache/mod_proxy_express.so +usr/lib/apache/mod_proxy_fcgi.so +usr/lib/apache/mod_proxy_fdpass.so usr/lib/apache/mod_proxy_ftp.so +usr/lib/apache/mod_proxy_hcheck.so +usr/lib/apache/mod_proxy_html.so usr/lib/apache/mod_proxy_http.so usr/lib/apache/mod_proxy_scgi.so +usr/lib/apache/mod_proxy_wstunnel.so +usr/lib/apache/mod_ratelimit.so +usr/lib/apache/mod_reflector.so +usr/lib/apache/mod_remoteip.so usr/lib/apache/mod_reqtimeout.so +usr/lib/apache/mod_request.so usr/lib/apache/mod_rewrite.so +usr/lib/apache/mod_sed.so +usr/lib/apache/mod_session.so +usr/lib/apache/mod_session_cookie.so +usr/lib/apache/mod_session_crypto.so +usr/lib/apache/mod_session_dbd.so usr/lib/apache/mod_setenvif.so +usr/lib/apache/mod_slotmem_plain.so +usr/lib/apache/mod_slotmem_shm.so +usr/lib/apache/mod_socache_dbm.so +usr/lib/apache/mod_socache_memcache.so +usr/lib/apache/mod_socache_shmcb.so usr/lib/apache/mod_speling.so usr/lib/apache/mod_ssl.so usr/lib/apache/mod_status.so usr/lib/apache/mod_substitute.so usr/lib/apache/mod_unique_id.so +usr/lib/apache/mod_unixd.so usr/lib/apache/mod_userdir.so usr/lib/apache/mod_usertrack.so usr/lib/apache/mod_version.so usr/lib/apache/mod_vhost_alias.so -#usr/lib/apr-util-1 -usr/lib/apr-util-1/apr_dbd_sqlite3-1.so -#usr/lib/apr-util-1/apr_dbd_sqlite3.a -#usr/lib/apr-util-1/apr_dbd_sqlite3.la -usr/lib/apr-util-1/apr_dbd_sqlite3.so -#usr/lib/apr.exp -#usr/lib/aprutil.exp -#usr/lib/libapr-1.a -#usr/lib/libapr-1.la -usr/lib/libapr-1.so -usr/lib/libapr-1.so.0 -usr/lib/libapr-1.so.0.5.1 -#usr/lib/libaprutil-1.a -#usr/lib/libaprutil-1.la -usr/lib/libaprutil-1.so -usr/lib/libaprutil-1.so.0 -usr/lib/libaprutil-1.so.0.5.3 -#usr/lib/pkgconfig/apr-1.pc -#usr/lib/pkgconfig/apr-util-1.pc +usr/lib/apache/mod_watchdog.so +usr/lib/apache/mod_xml2enc.so #usr/sbin/ab usr/sbin/apachectl -#usr/sbin/apxs #usr/sbin/checkgid -#usr/sbin/dbmmanage #usr/sbin/envvars #usr/sbin/envvars-std +usr/sbin/fcgistarter #usr/sbin/htcacheclean -#usr/sbin/htdbm -#usr/sbin/htdigest -usr/sbin/htpasswd usr/sbin/httpd -#usr/sbin/httxt2dbm -#usr/sbin/logresolve #usr/sbin/rotatelogs +#usr/share/man/man1/ab.1 +#usr/share/man/man1/apxs.1 #usr/share/man/man1/dbmmanage.1 #usr/share/man/man1/htdbm.1 #usr/share/man/man1/htdigest.1 #usr/share/man/man1/htpasswd.1 #usr/share/man/man1/httxt2dbm.1 -#usr/share/man/man8/ab.8 +#usr/share/man/man1/logresolve.1 #usr/share/man/man8/apachectl.8 -#usr/share/man/man8/apxs.8 +#usr/share/man/man8/fcgistarter.8 #usr/share/man/man8/htcacheclean.8 #usr/share/man/man8/httpd.8 -#usr/share/man/man8/logresolve.8 #usr/share/man/man8/rotatelogs.8 #usr/share/man/man8/suexec.8 var/log/httpd diff --git a/config/rootfiles/common/apr b/config/rootfiles/common/apr new file mode 100644 index 0000000..c71ee01 --- /dev/null +++ b/config/rootfiles/common/apr @@ -0,0 +1,57 @@ +usr/bin/apr-1-config +#usr/include/apr-1 +#usr/include/apr-1/apr.h +#usr/include/apr-1/apr_allocator.h +#usr/include/apr-1/apr_atomic.h +#usr/include/apr-1/apr_cstr.h +#usr/include/apr-1/apr_dso.h +#usr/include/apr-1/apr_env.h +#usr/include/apr-1/apr_errno.h +#usr/include/apr-1/apr_escape.h +#usr/include/apr-1/apr_file_info.h +#usr/include/apr-1/apr_file_io.h +#usr/include/apr-1/apr_fnmatch.h +#usr/include/apr-1/apr_general.h +#usr/include/apr-1/apr_getopt.h +#usr/include/apr-1/apr_global_mutex.h +#usr/include/apr-1/apr_hash.h +#usr/include/apr-1/apr_inherit.h +#usr/include/apr-1/apr_lib.h +#usr/include/apr-1/apr_mmap.h +#usr/include/apr-1/apr_network_io.h +#usr/include/apr-1/apr_perms_set.h +#usr/include/apr-1/apr_poll.h +#usr/include/apr-1/apr_pools.h +#usr/include/apr-1/apr_portable.h +#usr/include/apr-1/apr_proc_mutex.h +#usr/include/apr-1/apr_random.h +#usr/include/apr-1/apr_ring.h +#usr/include/apr-1/apr_shm.h +#usr/include/apr-1/apr_signal.h +#usr/include/apr-1/apr_skiplist.h +#usr/include/apr-1/apr_strings.h +#usr/include/apr-1/apr_support.h +#usr/include/apr-1/apr_tables.h +#usr/include/apr-1/apr_thread_cond.h +#usr/include/apr-1/apr_thread_mutex.h +#usr/include/apr-1/apr_thread_proc.h +#usr/include/apr-1/apr_thread_rwlock.h +#usr/include/apr-1/apr_time.h +#usr/include/apr-1/apr_user.h +#usr/include/apr-1/apr_version.h +#usr/include/apr-1/apr_want.h +#usr/lib/apr.exp +#usr/lib/libapr-1.la +#usr/lib/libapr-1.so +usr/lib/libapr-1.so.0 +usr/lib/libapr-1.so.0.6.2 +#usr/lib/pkgconfig/apr-1.pc +#usr/share/apr-1 +#usr/share/apr-1/build +#usr/share/apr-1/build/apr_common.m4 +#usr/share/apr-1/build/apr_rules.mk +#usr/share/apr-1/build/find_apr.m4 +#usr/share/apr-1/build/libtool +#usr/share/apr-1/build/make_exports.awk +#usr/share/apr-1/build/make_var_export.awk +#usr/share/apr-1/build/mkdir.sh diff --git a/config/rootfiles/common/aprutil b/config/rootfiles/common/aprutil new file mode 100644 index 0000000..e9cf3e0 --- /dev/null +++ b/config/rootfiles/common/aprutil @@ -0,0 +1,47 @@ +usr/bin/apu-1-config +#usr/include/apr-1/apr_anylock.h +#usr/include/apr-1/apr_base64.h +#usr/include/apr-1/apr_buckets.h +#usr/include/apr-1/apr_crypto.h +#usr/include/apr-1/apr_date.h +#usr/include/apr-1/apr_dbd.h +#usr/include/apr-1/apr_dbm.h +#usr/include/apr-1/apr_hooks.h +#usr/include/apr-1/apr_ldap.h +#usr/include/apr-1/apr_ldap_init.h +#usr/include/apr-1/apr_ldap_option.h +#usr/include/apr-1/apr_ldap_rebind.h +#usr/include/apr-1/apr_ldap_url.h +#usr/include/apr-1/apr_md4.h +#usr/include/apr-1/apr_md5.h +#usr/include/apr-1/apr_memcache.h +#usr/include/apr-1/apr_optional.h +#usr/include/apr-1/apr_optional_hooks.h +#usr/include/apr-1/apr_queue.h +#usr/include/apr-1/apr_redis.h +#usr/include/apr-1/apr_reslist.h +#usr/include/apr-1/apr_rmm.h +#usr/include/apr-1/apr_sdbm.h +#usr/include/apr-1/apr_sha1.h +#usr/include/apr-1/apr_siphash.h +#usr/include/apr-1/apr_strmatch.h +#usr/include/apr-1/apr_thread_pool.h +#usr/include/apr-1/apr_uri.h +#usr/include/apr-1/apr_uuid.h +#usr/include/apr-1/apr_xlate.h +#usr/include/apr-1/apr_xml.h +#usr/include/apr-1/apu.h +#usr/include/apr-1/apu_errno.h +#usr/include/apr-1/apu_version.h +#usr/include/apr-1/apu_want.h +#usr/include/apr-1/expat.h +#usr/lib/apr-util-1 +usr/lib/apr-util-1/apr_crypto_openssl-1.so +#usr/lib/apr-util-1/apr_crypto_openssl.la +usr/lib/apr-util-1/apr_crypto_openssl.so +#usr/lib/aprutil.exp +#usr/lib/libaprutil-1.la +#usr/lib/libaprutil-1.so +usr/lib/libaprutil-1.so.0 +usr/lib/libaprutil-1.so.0.6.0 +#usr/lib/pkgconfig/apr-util-1.pc diff --git a/config/rootfiles/common/gnutls b/config/rootfiles/common/gnutls index 13d97c6..8231c75 100644 --- a/config/rootfiles/common/gnutls +++ b/config/rootfiles/common/gnutls @@ -33,7 +33,7 @@ usr/lib/libgnutls-dane.so.0.4.1 #usr/lib/libgnutls.la #usr/lib/libgnutls.so usr/lib/libgnutls.so.30 -usr/lib/libgnutls.so.30.14.6 +usr/lib/libgnutls.so.30.14.7 #usr/lib/libgnutlsxx.la #usr/lib/libgnutlsxx.so usr/lib/libgnutlsxx.so.28 diff --git a/config/rootfiles/common/php b/config/rootfiles/common/php index 23031e9..fa073de 100644 --- a/config/rootfiles/common/php +++ b/config/rootfiles/common/php @@ -522,9 +522,9 @@ usr/lib/php/XML/Util.php usr/lib/php/doc/XML_Util/examples/example.php usr/lib/php/doc/XML_Util/examples/example2.php #usr/lib/php/extensions -#usr/lib/php/extensions/no-debug-non-zts-20090626 -usr/lib/php/extensions/no-debug-non-zts-20090626/dba.so -usr/lib/php/extensions/no-debug-non-zts-20090626/idn.so +#usr/lib/php/extensions/no-debug-zts-20090626 +usr/lib/php/extensions/no-debug-zts-20090626/dba.so +usr/lib/php/extensions/no-debug-zts-20090626/idn.so #usr/lib/php/pearcmd.php #usr/lib/php/peclcmd.php #usr/lib/php/test @@ -557,4 +557,3 @@ usr/lib/php/extensions/no-debug-non-zts-20090626/idn.so #usr/man/man1/php-config.1 #usr/man/man1/php.1 #usr/man/man1/phpize.1 -etc/httpd/conf/conf.d/php5.conf diff --git a/config/rootfiles/common/strongswan b/config/rootfiles/common/strongswan index fbc5786..21a6655 100644 --- a/config/rootfiles/common/strongswan +++ b/config/rootfiles/common/strongswan @@ -71,6 +71,7 @@ etc/strongswan.d/starter.conf etc/strongswan.d/swanctl.conf #etc/swanctl etc/swanctl/bliss +etc/swanctl/conf.d etc/swanctl/ecdsa etc/swanctl/pkcs12 etc/swanctl/pkcs8 diff --git a/config/rootfiles/common/unbound b/config/rootfiles/common/unbound index 5d33140..6d153f2 100644 --- a/config/rootfiles/common/unbound +++ b/config/rootfiles/common/unbound @@ -11,7 +11,7 @@ etc/unbound/unbound.conf #usr/lib/libunbound.la #usr/lib/libunbound.so usr/lib/libunbound.so.2 -usr/lib/libunbound.so.2.5.3 +usr/lib/libunbound.so.2.5.5 usr/sbin/unbound usr/sbin/unbound-anchor usr/sbin/unbound-checkconf diff --git a/config/rootfiles/core/113/exclude b/config/rootfiles/core/114/exclude similarity index 100% rename from config/rootfiles/core/113/exclude rename to config/rootfiles/core/114/exclude diff --git a/config/rootfiles/core/114/filelists/apache2 b/config/rootfiles/core/114/filelists/apache2 new file mode 120000 index 0000000..eef95ef --- /dev/null +++ b/config/rootfiles/core/114/filelists/apache2 @@ -0,0 +1 @@ +../../../common/apache2 \ No newline at end of file diff --git a/config/rootfiles/core/114/filelists/apr b/config/rootfiles/core/114/filelists/apr new file mode 120000 index 0000000..87dd197 --- /dev/null +++ b/config/rootfiles/core/114/filelists/apr @@ -0,0 +1 @@ +../../../common/apr \ No newline at end of file diff --git a/config/rootfiles/core/114/filelists/aprutil b/config/rootfiles/core/114/filelists/aprutil new file mode 120000 index 0000000..999f9f8 --- /dev/null +++ b/config/rootfiles/core/114/filelists/aprutil @@ -0,0 +1 @@ +../../../common/aprutil \ No newline at end of file diff --git a/config/rootfiles/core/114/filelists/files b/config/rootfiles/core/114/filelists/files new file mode 100644 index 0000000..ca8087f --- /dev/null +++ b/config/rootfiles/core/114/filelists/files @@ -0,0 +1,4 @@ +etc/system-release +etc/issue +etc/rc.d/init.d/unbound +var/ipfire/langs diff --git a/config/rootfiles/core/113/filelists/gnutls b/config/rootfiles/core/114/filelists/gnutls similarity index 100% rename from config/rootfiles/core/113/filelists/gnutls rename to config/rootfiles/core/114/filelists/gnutls diff --git a/config/rootfiles/core/114/filelists/hdparm b/config/rootfiles/core/114/filelists/hdparm new file mode 120000 index 0000000..b644751 --- /dev/null +++ b/config/rootfiles/core/114/filelists/hdparm @@ -0,0 +1 @@ +../../../common/hdparm \ No newline at end of file diff --git a/config/rootfiles/core/113/filelists/i586/strongswan-padlock b/config/rootfiles/core/114/filelists/i586/strongswan-padlock similarity index 100% rename from config/rootfiles/core/113/filelists/i586/strongswan-padlock rename to config/rootfiles/core/114/filelists/i586/strongswan-padlock diff --git a/config/rootfiles/core/113/filelists/squid b/config/rootfiles/core/114/filelists/squid similarity index 100% rename from config/rootfiles/core/113/filelists/squid rename to config/rootfiles/core/114/filelists/squid diff --git a/config/rootfiles/core/113/filelists/strongswan b/config/rootfiles/core/114/filelists/strongswan similarity index 100% rename from config/rootfiles/core/113/filelists/strongswan rename to config/rootfiles/core/114/filelists/strongswan diff --git a/config/rootfiles/core/113/filelists/unbound b/config/rootfiles/core/114/filelists/unbound similarity index 100% rename from config/rootfiles/core/113/filelists/unbound rename to config/rootfiles/core/114/filelists/unbound diff --git a/config/rootfiles/core/113/meta b/config/rootfiles/core/114/meta similarity index 100% rename from config/rootfiles/core/113/meta rename to config/rootfiles/core/114/meta diff --git a/config/rootfiles/core/114/update.sh b/config/rootfiles/core/114/update.sh new file mode 100644 index 0000000..ac59cc9 --- /dev/null +++ b/config/rootfiles/core/114/update.sh @@ -0,0 +1,108 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 3 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2017 IPFire-Team info@ipfire.org. # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +/usr/local/bin/backupctrl exclude >/dev/null 2>&1 + +core=114 + +# Remove old core updates from pakfire cache to save space... +for (( i=1; i<=$core; i++ )); do + rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire +done + +# Stop services +ipsec stop +/etc/init.d/squid stop +/etc/init.d/unbound stop +/etc/init.d/apache stop + +# Remove old apache configuration files of add-ons +# These will be reinstalled by the updated packages +# as soon as the core update is finished. +rm -f \ + /etc/httpd/conf/vhosts.d/cacti.conf \ + /etc/httpd/conf/vhosts.d/icinga.conf \ + /etc/httpd/conf/vhosts.d/nagios.conf \ + /etc/httpd/conf/vhosts.d/openmailadmin.conf \ + /etc/httpd/conf/vhosts.d/owncloud.conf \ + /etc/httpd/conf/vhosts.d/phpSANE.conf + +# Extract files +extract_files + +# update linker config +ldconfig + +# Remove some files +rm -f /usr/sbin/htpasswd + +# Update Language cache +/usr/local/bin/update-lang-cache + +# Start services +/etc/init.d/unbound start +/etc/init.d/apache start +/etc/init.d/squid start + +if grep -q "ENABLED=on" /var/ipfire/vpn/settings; then + ipsec start +fi + +# +# After pakfire has ended run it again and update all addons +# this is needed for apache update. +# +echo '#!/bin/bash' > /tmp/pak_update +echo 'while [ "$(ps -A | grep " update.sh")" != "" ]; do' >> /tmp/pak_update +echo ' sleep 1' >> /tmp/pak_update +echo 'done' >> /tmp/pak_update +echo 'while [ "$(ps -A | grep " pakfire")" != "" ]; do' >> /tmp/pak_update +echo ' sleep 1' >> /tmp/pak_update +echo 'done' >> /tmp/pak_update +echo '/opt/pakfire/pakfire update -y --force' >> /tmp/pak_update +echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update +echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update +echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update +echo 'touch /var/run/need_reboot ' >> /tmp/pak_update +# +killall -KILL pak_update +chmod +x /tmp/pak_update +/tmp/pak_update & + +# This update need a reboot... +touch /var/run/need_reboot + +# Finish +/etc/init.d/fireinfo start +sendprofile + +# Update grub config to display new core version +if [ -e /boot/grub/grub.cfg ]; then + grub-mkconfig -o /boot/grub/grub.cfg +fi + +sync + +# Don't report the exitcode last command +exit 0 diff --git a/config/rootfiles/oldcore/113/exclude b/config/rootfiles/oldcore/113/exclude new file mode 100644 index 0000000..d6fd053 --- /dev/null +++ b/config/rootfiles/oldcore/113/exclude @@ -0,0 +1,30 @@ +boot/config.txt +boot/grub/grub.cfg +boot/grub/grubenv +etc/alternatives +etc/collectd.custom +etc/default/grub +etc/ipsec.conf +etc/ipsec.secrets +etc/ipsec.user.conf +etc/ipsec.user.secrets +etc/localtime +etc/shadow +etc/snort/snort.conf +etc/ssh/ssh_config +etc/ssh/sshd_config +etc/ssl/openssl.cnf +etc/sudoers +etc/sysconfig/firewall.local +etc/sysconfig/rc.local +etc/udev/rules.d/30-persistent-network.rules +srv/web/ipfire/html/proxy.pac +var/ipfire/dma +var/ipfire/time +var/ipfire/ovpn +var/lib/alternatives +var/log/cache +var/log/dhcpcd.log +var/log/messages +var/state/dhcp/dhcpd.leases +var/updatecache diff --git a/config/rootfiles/core/113/filelists/armv5tel/util-linux b/config/rootfiles/oldcore/113/filelists/armv5tel/util-linux similarity index 100% rename from config/rootfiles/core/113/filelists/armv5tel/util-linux rename to config/rootfiles/oldcore/113/filelists/armv5tel/util-linux diff --git a/config/rootfiles/core/113/filelists/files b/config/rootfiles/oldcore/113/filelists/files similarity index 100% rename from config/rootfiles/core/113/filelists/files rename to config/rootfiles/oldcore/113/filelists/files diff --git a/config/rootfiles/oldcore/113/filelists/gnutls b/config/rootfiles/oldcore/113/filelists/gnutls new file mode 120000 index 0000000..8dbe60b --- /dev/null +++ b/config/rootfiles/oldcore/113/filelists/gnutls @@ -0,0 +1 @@ +../../../common/gnutls \ No newline at end of file diff --git a/config/rootfiles/core/113/filelists/grep b/config/rootfiles/oldcore/113/filelists/grep similarity index 100% rename from config/rootfiles/core/113/filelists/grep rename to config/rootfiles/oldcore/113/filelists/grep diff --git a/config/rootfiles/core/113/filelists/i586/openssl-sse2 b/config/rootfiles/oldcore/113/filelists/i586/openssl-sse2 similarity index 100% rename from config/rootfiles/core/113/filelists/i586/openssl-sse2 rename to config/rootfiles/oldcore/113/filelists/i586/openssl-sse2 diff --git a/config/rootfiles/oldcore/113/filelists/i586/strongswan-padlock b/config/rootfiles/oldcore/113/filelists/i586/strongswan-padlock new file mode 120000 index 0000000..2412824 --- /dev/null +++ b/config/rootfiles/oldcore/113/filelists/i586/strongswan-padlock @@ -0,0 +1 @@ +../../../../common/i586/strongswan-padlock \ No newline at end of file diff --git a/config/rootfiles/core/113/filelists/i586/util-linux b/config/rootfiles/oldcore/113/filelists/i586/util-linux similarity index 100% rename from config/rootfiles/core/113/filelists/i586/util-linux rename to config/rootfiles/oldcore/113/filelists/i586/util-linux diff --git a/config/rootfiles/core/113/filelists/libgcrypt b/config/rootfiles/oldcore/113/filelists/libgcrypt similarity index 100% rename from config/rootfiles/core/113/filelists/libgcrypt rename to config/rootfiles/oldcore/113/filelists/libgcrypt diff --git a/config/rootfiles/core/113/filelists/logrotate b/config/rootfiles/oldcore/113/filelists/logrotate similarity index 100% rename from config/rootfiles/core/113/filelists/logrotate rename to config/rootfiles/oldcore/113/filelists/logrotate diff --git a/config/rootfiles/core/113/filelists/mdadm b/config/rootfiles/oldcore/113/filelists/mdadm similarity index 100% rename from config/rootfiles/core/113/filelists/mdadm rename to config/rootfiles/oldcore/113/filelists/mdadm diff --git a/config/rootfiles/core/113/filelists/openssl b/config/rootfiles/oldcore/113/filelists/openssl similarity index 100% rename from config/rootfiles/core/113/filelists/openssl rename to config/rootfiles/oldcore/113/filelists/openssl diff --git a/config/rootfiles/core/113/filelists/openvpn b/config/rootfiles/oldcore/113/filelists/openvpn similarity index 100% rename from config/rootfiles/core/113/filelists/openvpn rename to config/rootfiles/oldcore/113/filelists/openvpn diff --git a/config/rootfiles/core/113/filelists/pcre b/config/rootfiles/oldcore/113/filelists/pcre similarity index 100% rename from config/rootfiles/core/113/filelists/pcre rename to config/rootfiles/oldcore/113/filelists/pcre diff --git a/config/rootfiles/oldcore/113/filelists/squid b/config/rootfiles/oldcore/113/filelists/squid new file mode 120000 index 0000000..2dc8372 --- /dev/null +++ b/config/rootfiles/oldcore/113/filelists/squid @@ -0,0 +1 @@ +../../../common/squid \ No newline at end of file diff --git a/config/rootfiles/oldcore/113/filelists/strongswan b/config/rootfiles/oldcore/113/filelists/strongswan new file mode 120000 index 0000000..90c727e --- /dev/null +++ b/config/rootfiles/oldcore/113/filelists/strongswan @@ -0,0 +1 @@ +../../../common/strongswan \ No newline at end of file diff --git a/config/rootfiles/oldcore/113/filelists/unbound b/config/rootfiles/oldcore/113/filelists/unbound new file mode 120000 index 0000000..66adf09 --- /dev/null +++ b/config/rootfiles/oldcore/113/filelists/unbound @@ -0,0 +1 @@ +../../../common/unbound \ No newline at end of file diff --git a/config/rootfiles/core/113/filelists/x86_64/util-linux b/config/rootfiles/oldcore/113/filelists/x86_64/util-linux similarity index 100% rename from config/rootfiles/core/113/filelists/x86_64/util-linux rename to config/rootfiles/oldcore/113/filelists/x86_64/util-linux diff --git a/config/rootfiles/oldcore/113/meta b/config/rootfiles/oldcore/113/meta new file mode 100644 index 0000000..d547fa8 --- /dev/null +++ b/config/rootfiles/oldcore/113/meta @@ -0,0 +1 @@ +DEPS="" diff --git a/config/rootfiles/core/113/update.sh b/config/rootfiles/oldcore/113/update.sh similarity index 100% rename from config/rootfiles/core/113/update.sh rename to config/rootfiles/oldcore/113/update.sh diff --git a/html/cgi-bin/wlanap.cgi b/html/cgi-bin/wlanap.cgi index 844c395..bb40021 100644 --- a/html/cgi-bin/wlanap.cgi +++ b/html/cgi-bin/wlanap.cgi @@ -154,7 +154,7 @@ if ( $wlanapsettings{'ACTION'} eq "$Lang::tr{'save'}" ){ $memory=0; }
-&Header::openpage('', 1, '', ''); +&Header::openpage($Lang::tr{'wlanap configuration'}, 1, '', ''); &Header::openbigbox('100%', 'left', '', $errormessage);
if ( $errormessage ){ @@ -323,7 +323,7 @@ if ( $wlan_card_status ne '' ){ print "<tr><td class='base'>$Lang::tr{'wlanap wlan card'} ($wlanapsettings{'DRIVER'})</td>"; print $wlan_card_status eq 'up' ? $status_started : $status_stopped; print"<td colspan='4'></td></tr>"; - print "<tr><td class='base' bgcolor='$color{'color22'}'>$Lang::tr{'wlanap access point'}</td>"; + print "<tr><td class='base' bgcolor='$color{'color22'}'>$Lang::tr{'wlanap'}</td>"; print $wlan_ap_status eq 'up' ? $status_started : $status_stopped; if ( ($memory != 0) && (@pid[0] ne "///") ){ print "<td bgcolor='$color{'color22'}' align='center'>@pid[0]</td>"; diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index b0cb96d..7bc1c49 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -15,10 +15,10 @@ 'ConnSched change profile title' => 'Wechsle zu Profil:', 'ConnSched days' => 'Tage:', 'ConnSched dial' => 'Verbinden', -'ConnSched down' => 'Runter', +'ConnSched down' => 'Herunter', 'ConnSched hangup' => 'Trennen', 'ConnSched ipsecstart' => 'IPsec (neu)starten', -'ConnSched ipsecstop' => 'IPsec stop', +'ConnSched ipsecstop' => 'IPsec stoppen', 'ConnSched reboot' => 'Neustarten', 'ConnSched reconnect' => 'Neu verbinden', 'ConnSched scheduled actions' => 'Geplante Aktionen', @@ -26,12 +26,12 @@ 'ConnSched select profile' => 'Wähle Profil', 'ConnSched shutdown' => 'Herunterfahren', 'ConnSched time' => 'Zeit:', -'ConnSched up' => 'Hoch', +'ConnSched up' => 'Herauf', 'ConnSched weekdays' => 'Wochentage:', 'Edit an existing route' => 'Eine existierende Route editieren', 'Enter TOS' => 'Aktivieren oder deaktivieren Sie die TOS-Bits <br /> und klicken Sie danach auf <i>Speichern</i>.', 'Existing Files' => 'Dateien in der Datenbank', -'HDD temperature' => 'HDD-Temperatur', +'HDD temperature' => 'Festplatten-Temperatur', 'Level7 Protocol' => 'Level7-Protokoll', 'Level7 Rule' => 'Level7-Regel', 'Level7 rule' => 'Level7-Regel', @@ -248,7 +248,7 @@ 'advproxy errmsg no browser' => 'Mindestens ein Browser oder Client muss für den Web-Zugriff zugelassen sein', 'advproxy errmsg no password' => 'Passwort kann nicht leer sein', 'advproxy errmsg no username' => 'Benutzername darf nicht leer sein', -'advproxy errmsg non-transparent proxy required' => 'Web Proxy muss für die Authentifizierung im Nicht-transparenten Modus laufen', +'advproxy errmsg non-transparent proxy required' => 'Web Proxy muss für die Authentifizierung im nicht-transparenten Modus laufen', 'advproxy errmsg ntlm domain' => 'Windows-Domänenname erforderlich', 'advproxy errmsg ntlm pdc' => 'Hostname der Primary Domain Controllers erforderlich', 'advproxy errmsg password incorrect' => 'Falsches Passwort', @@ -264,8 +264,8 @@ 'advproxy error design' => 'Design der Fehlermeldungen', 'advproxy error language' => 'Sprache der Fehlermeldungen', 'advproxy fake referer' => 'Gefälschter Referer für externe Web-Sites', -'advproxy fake useragent' => 'Gefälschter Useragent für externe Web-Sites', -'advproxy friday' => 'Fre', +'advproxy fake useragent' => 'Gefälschter User-Agent für externe Web-Sites', +'advproxy friday' => 'Fr', 'advproxy from' => 'Von', 'advproxy group access control' => 'Gruppenbasierte Zugriffskontrolle', 'advproxy group required' => 'Erforderliche Gruppe', @@ -274,7 +274,7 @@ 'advproxy log enabled' => 'Protokoll aktiviert', 'advproxy log query' => 'Protokolliere Query Terms', 'advproxy log settings' => 'Protokolleinstellungen', -'advproxy log useragent' => 'Protokolliere Useragents', +'advproxy log useragent' => 'Protokolliere User-Agents', 'advproxy max download size' => 'Max. Größe von Downloads (KB)', 'advproxy max size' => 'Max. Objektgröße (KB)', 'advproxy max upload size' => 'Max. Größe von Uploads (KB)', @@ -282,7 +282,7 @@ 'advproxy min size' => 'Min. Objektgröße (KB)', 'advproxy mode allow' => 'Zulassen', 'advproxy mode deny' => 'Verweigern', -'advproxy monday' => 'Mon', +'advproxy monday' => 'Mo', 'advproxy network based access' => 'Netzwerkbasierte Zugriffskontrolle', 'advproxy no cache sites' => 'Diese Domains nicht zwischenspeichern (eine pro Zeile)', 'advproxy no clients defined' => 'Keine Clients definiert', @@ -300,7 +300,7 @@ 'advproxy ram cache size' => 'Cachegröße im Arbeitsspeicher (MB)', 'advproxy redirector children' => 'Anzahl der Filterprozesse', 'advproxy reset' => 'Zurücksetzen', -'advproxy saturday' => 'Sam', +'advproxy saturday' => 'Sa', 'advproxy save and restart' => 'Speichern und Neustart', 'advproxy squid version' => 'Squid Cache Version', 'advproxy squidclamav' => 'SquidClamav', @@ -308,21 +308,21 @@ 'advproxy ssl ports' => 'Zulässige SSL-Ports (einer pro Zeile)', 'advproxy standard' => 'Standard', 'advproxy standard ports' => 'Zulässige Standard-Ports (einer pro Zeile)', -'advproxy sunday' => 'Son', +'advproxy sunday' => 'So', 'advproxy supervisor password' => 'Supervisor-Passwort', -'advproxy suppress version' => 'Unterdrücke Versions-Informationen', +'advproxy suppress version' => 'Unterdrücke Versionsinformationen', 'advproxy throttle binary' => 'Binärdateien', 'advproxy throttle dskimg' => 'CD-Images', 'advproxy throttle mmedia' => 'Multimedia', 'advproxy throttling per host on' => 'Begrenzung pro Host auf', 'advproxy throttling total on' => 'Begrenzung insgesamt auf', 'advproxy throttling unlimited' => 'unbegrenzt', -'advproxy thursday' => 'Don', +'advproxy thursday' => 'Do', 'advproxy time restrictions' => 'Zeitbeschränkungen', 'advproxy to' => 'Bis', 'advproxy transfer limits' => 'Transfergrenzen', 'advproxy transparent on' => 'Transparent auf', -'advproxy tuesday' => 'Die', +'advproxy tuesday' => 'Di', 'advproxy unknown' => 'Unbekannt', 'advproxy unrestricted ip clients' => 'Uneingeschränkte IP-Adressen (eine pro Zeile)', 'advproxy unrestricted mac clients' => 'Uneingeschränkte MAC-Adressen (eine pro Zeile)', @@ -337,7 +337,7 @@ 'advproxy via forwarding' => 'Proxy-Adresse weiterleiten', 'advproxy visible hostname' => 'Sichtbarer Hostname', 'advproxy web browser' => 'Web-Browser', -'advproxy wednesday' => 'Mit', +'advproxy wednesday' => 'Mi', 'again' => 'Wiederholung:', 'age second' => 'Sekunde', 'age seconds' => 'Sekunden', @@ -359,7 +359,7 @@ 'alt dialup' => 'Einwahl', 'alt home' => 'Startseite', 'alt information' => 'Information', -'alt logs' => 'Logs', +'alt logs' => 'Protokolle', 'alt ovpn' => 'OpenVPN', 'alt proxy' => 'Proxy', 'alt services' => 'Dienste', @@ -766,12 +766,12 @@ 'dnsforward entries' => 'Aktuelle Einträge', 'dnsforward forward_server' => 'DNS-Server', 'dnsforward zone' => 'Zone', -'dnssec aware' => 'DNSSEC-aware', -'dnssec disabled warning' => 'WARNING: DNSSEC wurde deaktiviert', +'dnssec aware' => 'DNSSEC-Informationen verfügbar, aber nicht validierend', +'dnssec disabled warning' => 'WARNUNG: DNSSEC wurde deaktiviert', 'dnssec information' => 'DNSSEC-Informationen', 'dnssec not supported' => 'DNSSEC wird nicht unterstützt', 'dnssec validating' => 'DNSSEC-validierend', -'do not log this port list' => 'Verwerfe diese Port-Liste kurz bevor sie protokolliert werden (reduziert Protokollgröße)', +'do not log this port list' => 'Verwerfe diese Port-Liste, kurz bevor sie protokolliert werden (reduziert Protokollgröße)', 'dod' => 'Dial-on-Demand-Modus', 'dod for dns' => 'Dial-on-Demand für DNS:', 'dod not compatible with ddns' => 'Dial-on-Demand ist nicht kompatibel mit dynamischen DNS-Diensten', @@ -805,15 +805,15 @@ 'drop action' => 'Standardverhalten der (Forward) Firewall in Modus "Blocked"', 'drop action1' => 'Standardverhalten der (Outgoing) Firewall in Modus "Blocked"', 'drop action2' => 'Standardverhalten der (Input) Firewall', -'drop forward' => 'Verworfene (Forward) Firewall-Pakete loggen', -'drop input' => 'Verworfene Input Pakete loggen', -'drop newnotsyn' => 'Verworfene New Not Syn Pakete loggen', -'drop outgoing' => 'Verworfene (Outgoing) Firewall-Pakete loggen', -'drop portscan' => 'Verworfene Portscan Pakete loggen', -'drop proxy' => 'Alle Pakete verwerfen die nicht direkt an den Proxy gerichtet sind', -'drop samba' => 'Alle Microsoft Pakete verwerfen, Ports 135,137,138,139,445,1025', -'drop wirelessforward' => 'Verworfene Wireless Forward Pakete loggen', -'drop wirelessinput' => 'Verworfene Wireless Input Pakete loggen', +'drop forward' => 'Verworfene (Forward) Firewall-Pakete protokollieren', +'drop input' => 'Verworfene Input Pakete protokollieren', +'drop newnotsyn' => 'Verworfene New Not Syn Pakete protokollieren', +'drop outgoing' => 'Verworfene (Outgoing) Firewall-Pakete protokollieren', +'drop portscan' => 'Verworfene Portscan Pakete protokollieren', +'drop proxy' => 'Alle Pakete verwerfen, die nicht direkt an den Proxy gerichtet sind', +'drop samba' => 'Alle Microsoft Pakete verwerfen (Ports 135,137,138,139,445,1025)', +'drop wirelessforward' => 'Verworfene Wireless Forward Pakete protokollieren', +'drop wirelessinput' => 'Verworfene Wireless Input Pakete protokollieren', 'dst port' => 'Ziel-Port', 'dstprt range overlaps' => 'Der Zielportbereich überlappt mit einem bereits definierten Port.', 'dstprt within existing' => 'Der Zielport liegt innerhalb eines bereits definierten Portbereichs.', @@ -843,7 +843,7 @@ 'eg' => 'z.B.:', 'email config' => 'Konfiguration', 'email empty field' => 'Leeres Feld', -'email error' => 'ERROR: Testmail konnte nicht versendet werden', +'email error' => 'FEHLER: Test-E-Mail konnte nicht versendet werden', 'email invalid' => 'Ungültiges Feld', 'email invalid mailfqdn' => 'Ungültiger FQDN für Mailserver', 'email invalid mailip' => 'Ungültige IP-Adresse für Mailserver', @@ -854,15 +854,15 @@ 'email mailrcpt' => 'E-Mail-Empfänger', 'email mailsender' => 'E-Mail-Absender', 'email mailuser' => 'Benutzername', -'email server can not be empty' => 'Email-Server darf nicht leer sein', +'email server can not be empty' => 'E-Mail-Server darf nicht leer sein', 'email settings' => 'Mailversand', -'email subject' => 'IPFire Testmail', -'email success' => 'Testmail erfolgreich versendet', +'email subject' => 'IPFire Test-E-Mail', +'email success' => 'Test-E-Mail erfolgreich versendet', 'email testmail' => 'Testnachricht senden', 'email text' => 'Testnachricht vom IPFire Mailversand.', 'email tls' => 'TLS aktivieren', 'email usemail' => 'Mailversand aktivieren', -'emailreportlevel' => 'Email-Reportlevel', +'emailreportlevel' => 'E-Mail-Reportlevel', 'empty' => 'Dieses Feld kann leer bleiben', 'empty profile' => 'Unbenannt', 'enable ignore filter' => '"Ignorieren"-Filter ein', @@ -899,7 +899,7 @@ 'esp keylife should be between 1 and 24 hours' => 'ESP Schlüssel-Lebensdauer sollte zwischen 1 und 24 Stunden betragen.', 'every' => 'Alle', 'exampel' => 'Beispiel', -'exclude logfiles' => 'ohne Logdateien', +'exclude logfiles' => 'ohne Protokolldateien', 'excluding buffers and cache' => '-/+ Puffer/Zwischenspeicher', 'expected' => 'Erwartet', 'expertoptions' => 'Expertenoptionen', @@ -908,9 +908,9 @@ 'exportkey' => 'PSK exportieren', 'external access' => 'Externer Zugang', 'external access configuration' => 'Einstellungen für externen Zugang', -'external access rule added' => 'Regel für externen Zugang hinzugefügt; Starte Zugangskontroller neu', -'external access rule changed' => 'External access Regel geändert; Der access controller wird neu gestartet.', -'external access rule removed' => ' Regel für externen Zugang entfernt; Starte Zugangskontroller neu', +'external access rule added' => 'Regel für externen Zugang hinzugefügt; starte Zugangskontroller neu', +'external access rule changed' => 'External access Regel geändert; der access controller wird neu gestartet.', +'external access rule removed' => ' Regel für externen Zugang entfernt; starte Zugangskontroller neu', 'external aliases configuration' => 'Externe Alias-Konfiguration', 'extrahd' => 'ExtraHD', 'extrahd because there is already a device mounted' => ' mounten, weil bereits ein Gerät gemountet ist', @@ -957,10 +957,10 @@ 'firewall log country' => 'Firewall-Protokoll (Land)', 'firewall log ip' => 'Firewall-Protokoll (IP)', 'firewall log port' => 'Firewall-Protokoll (Port)', -'firewall logs' => 'Firewall-Logdateien', -'firewall logs country' => 'Fw-Logdiagramme (Land)', -'firewall logs ip' => 'Fw-Logdiagramme (IP)', -'firewall logs port' => 'Fw-Logdiagramme (Port)', +'firewall logs' => 'Firewall-Protokolldateien', +'firewall logs country' => 'Fw-Protokolldiagramme (Land)', +'firewall logs ip' => 'Fw-Protokolldiagramme (IP)', +'firewall logs port' => 'Fw-Protokolldiagramme (Port)', 'firewall rules' => 'Firewallregeln', 'firewallhits' => 'Firewalltreffer', 'firmware' => 'Firmware', @@ -984,14 +984,14 @@ 'fritzdsl help' => 'Um eines der folgenden Fritz!DSL Modems (Fritz!Card DSL=fcdsl / Fritz!CardDSL SL=fcdslsl / Fritz!Card DSL V2.0=fcdsl2 / Fritz!Card DSL USB=fcdslusb / Fritz!Card DSL USB SL=fcdslslusb) nutzen zu können, müssen Sie ein Paket auf Ihre IPFire-Box laden. Bitte laden Sie den tarball entsprechend Ihrer Version von der IPFire-Webseite herunter und laden Sie dann die gesamte <b>fcdsl-(ihre_version).tgz</b> mit dem folgenden Formular hoch.', 'fritzdsl upload' => 'Fritz!DSL-Treiber hochladen', 'from' => 'Von', -'from email adr' => 'Von Email Adresse', -'from email pw' => 'Von Email Passwort', -'from email server' => 'Von Email Server', -'from email user' => 'Von Email Benutzer', -'from warn email bad' => 'Von Email Adresse ist nicht gültig', +'from email adr' => 'Von E-Mail-Adresse', +'from email pw' => 'Von E-Mail-Passwort', +'from email server' => 'Von E-Mail-Server', +'from email user' => 'Von E-Mail-Benutzer', +'from warn email bad' => 'Von E-Mail-Adresse ist nicht gültig', 'fw blue' => 'Firewalloptionen für das Blaue Interface', -'fw default drop' => 'Firewall Policy', -'fw logging' => 'Firewall-Logging', +'fw default drop' => 'Firewall Richtlinie', +'fw logging' => 'Firewall-Protokollierung', 'fw settings' => 'Firewall-Einstellungen', 'fw settings color' => 'Farben in Regeltabelle anzeigen', 'fw settings dropdown' => 'Alle Netzwerke auf Regelerstellungsseite anzeigen', @@ -1037,8 +1037,8 @@ 'fwdfw external port nat' => 'Externer Port (NAT)', 'fwdfw final_rule' => 'Letzte Regel: ', 'fwdfw from' => 'Von:', -'fwdfw hint ip1' => 'Die zuletzt erzeugte Regel mag eventuell niemals zutreffen, da sich Quelle und Ziel überlappen.', -'fwdfw hint ip2' => 'Bitte überprüfen Sie, ob diese Regel Sinn macht: ', +'fwdfw hint ip1' => 'Die zuletzt erzeugte Regel könnte eventuell niemals zutreffen, da sich Quelle und Ziel überlappen.', +'fwdfw hint ip2' => 'Bitte überprüfen Sie, ob diese Regel Sinn ergibt: ', 'fwdfw hint mac' => 'Sie nutzen MAC-Adressen in der Zielgruppe. Diese werden bei der Regelerstellung übersprungen.', 'fwdfw iface' => 'Interface', 'fwdfw ipsec network' => 'IPsec-Netzwerke:', @@ -1183,7 +1183,7 @@ 'fwhost stdnet' => 'Standard-Netzwerke:', 'fwhost type' => 'Typ', 'fwhost used' => 'Genutzt', -'fwhost welcome' => 'Hier können einzelne Hosts, Netzwerke oder Dienste zu Gruppen zusammengefasst werden, was das erstellen von Firewallregeln einfacher und schneller macht.', +'fwhost welcome' => 'Hier können einzelne Hosts, Netzwerke oder Dienste zu Gruppen zusammengefasst werden, was das Erstellen von Firewallregeln einfacher und schneller macht.', 'fwhost wo subnet' => '(Ohne Subnetz)', 'gateway' => 'Gateway', 'gateway ip' => 'Gateway-IP', @@ -1228,7 +1228,7 @@ 'hangup' => 'Trennen', 'hangup string' => 'Auflegen:', 'harddisk temperature' => 'Festplattentemperatur', -'harddisk temperature graphs' => 'HDD-Diagramme', +'harddisk temperature graphs' => 'Festplatten-Diagramme', 'hardware graphs' => 'Hardware-Diagramme', 'hardware support' => 'Hardware-Unterstützung', 'hdd temperature in' => 'Festplattentemperatur in', @@ -1261,8 +1261,8 @@ 'idle' => 'Leerlauf', 'idle timeout' => 'Leerlauf-Wartezeit in min (0 zum Deaktivieren):', 'idle timeout not set' => 'Leerlauf-Wartezeit nicht angegeben.', -'ids log viewer' => 'Ansicht IDS-Log', -'ids logs' => 'IDS-Logdateien', +'ids log viewer' => 'Ansicht IDS-Protokoll', +'ids logs' => 'IDS-Protokolldateien', 'ids preprocessor' => 'IDS-Präprozessor', 'ids rules license' => 'Um Sourcefire VRT Zertifizierte Regeln zu nutzen, müssen Sie sich unter', 'ids rules license1' => ' registrieren.', @@ -1282,7 +1282,7 @@ 'imsi' => 'IMSI', 'in' => 'Ein', 'inactive' => 'inaktiv', -'include logfiles' => 'mit Logdateien', +'include logfiles' => 'mit Protokolldateien', 'incoming' => 'eingehend', 'incoming compression in bytes per second' => 'Eingehende Kompression', 'incoming firewall access' => 'Eingehender Firewallzugang', @@ -1303,7 +1303,7 @@ 'internet' => 'INTERNET', 'intrusion detection' => 'Einbruchdetektierung', 'intrusion detection system' => 'Intrusion Detection System', -'intrusion detection system log viewer' => 'Betrachter der IDS-Logfiles', +'intrusion detection system log viewer' => 'Betrachter der IDS-Protokolldateien', 'intrusion detection system rules' => 'Intrusion Detection System Regeln', 'intrusion detection system2' => 'Intrusion Detection System:', 'invalid broadcast ip' => 'Ungültige Broadcast-IP', @@ -1327,12 +1327,12 @@ 'invalid input for dhcp wins' => 'Ungültige Eingabe für DHCP WINS', 'invalid input for dpd delay' => 'Ungültige Eingabe für DPD-Verzögerung', 'invalid input for dpd timeout' => 'Ungültige Eingabe für DPD-Zeitüberschreitung', -'invalid input for e-mail address' => 'Ungültige Eingabe für die E-mail Adresse', +'invalid input for e-mail address' => 'Ungültige Eingabe für die E-Mail-Adresse', 'invalid input for esp keylife' => 'Ungültige Eingabe für ESP Schlüssel-Lebensdauer', 'invalid input for hostname' => 'Ungültige Eingabe für Hostname', 'invalid input for ike lifetime' => 'Ungültige Eingabe für IKE Lebensdauer', 'invalid input for keepalive 1' => 'Ungültige Eingabe für Keepalive ping', -'invalid input for keepalive 1:2' => 'Ungültige Eingabe für Keepalive mindestens ein Verhältnis von 1:2', +'invalid input for keepalive 1:2' => 'Ungültige Eingabe für Keepalive (mindestens ein Verhältnis von 1:2)', 'invalid input for keepalive 2' => 'Ungültige Eingabe für Keepalive ping-restart', 'invalid input for max clients' => 'Ungültige Eingabe für Max Clients', 'invalid input for name' => 'Ungültige Eingabe für vollen Namen des Benutzers oder des System Hostnamens', @@ -1346,7 +1346,7 @@ 'invalid key' => 'Ungültiger Schlüssel.', 'invalid loaded file' => 'Ungültige geladene Datei', 'invalid local-remote id' => 'Local-Id und Remote-Id dürfen nicht gleich sein, und müssen einem "@"-Zeichen beginnen. Dies sind leftid und rightid in der StrongSwan-Terminologie.', -'invalid logserver address' => 'Ungültige syslogd server Adresse', +'invalid logserver address' => 'Ungültige syslogd-Server-Adresse', 'invalid mac address' => 'Ungültige MAC-Adresse', 'invalid max lease time' => 'Ungültige max. Haltezeit.', 'invalid maximum incoming size' => 'Ungültige max. ankommende Größe.', @@ -1357,7 +1357,7 @@ 'invalid mtu input' => 'Ungültige MTU', 'invalid netmask' => 'Ungültige Netzwerkmaske', 'invalid port' => 'Ungültiger Port. Bitte gültige Portnummer eingeben.', -'invalid port list' => 'Portlisten-Syntax lautet: port[,port]... wobei port in /etc/services vorkommt oder Nummer', +'invalid port list' => 'Portlisten-Syntax lautet: port[,port]... wobei port in /etc/services enthalten ist, alternativ Portnummer', 'invalid primary dns' => 'Ungültiger primärer DNS.', 'invalid primary ntp' => 'Ungültiger primärer NTP.', 'invalid secondary dns' => 'Ungültiger sekundärer DNS.', @@ -1367,13 +1367,13 @@ 'invalid time period' => 'Unzulässiger Zeitabschnitt.', 'invalid uplink speed' => 'Ungültige Uplink-Geschwindigkeit.', 'invalid upstream proxy username or password setting' => 'Ungültige/r Remote-Proxy-Benutzername oder Passwort-Einstellung', -'invalid users' => 'Liste mit Benutzern denen der Zugriff untersagt ist', +'invalid users' => 'Liste mit Benutzern, denen der Zugriff untersagt ist', 'invalid vpi vpci' => 'Ungültige VPI/VPCI-Einstellungen', 'invalid wins address' => 'Ungültige WINS Server Addresse.', 'invert' => 'Invertieren', 'ip address' => 'IP-Adresse', 'ip address in use' => 'IP-Adresse bereits vergeben', -'ip address outside subnets' => 'IP-Adresse ausserhalb der(s) lokalen Subnetze(s)', +'ip address outside subnets' => 'IP-Adresse außerhalb der(s) lokalen Subnetze(s)', 'ip alias added' => 'Externer IP-Alias hinzugefügt', 'ip alias changed' => 'Externer IP-Alias geändert', 'ip alias removed' => 'Externer IP-Alias entfernt', @@ -1386,7 +1386,7 @@ 'ipinfo' => 'IP-Info', 'ipsec' => 'IPsec', 'ipsec network' => 'IPsec-Netzwerke', -'ipsec no connections' => 'Keine aktiven IPsec Verbindungen', +'ipsec no connections' => 'Keine aktiven IPsec-Verbindungen', 'iptable rules' => 'IPTable-Regeln', 'iptmangles' => 'IPTable Mangles', 'iptnats' => 'IPTable Network Address Translation', @@ -1419,7 +1419,7 @@ 'lifetime' => 'Lebensdauer:', 'line' => 'Leitung', 'linkq' => 'Antwortzeit', -'load printer' => 'Load Printer', +'load printer' => 'Lade Drucker', 'loaded modules' => 'Geladene Module:', 'local hard disk' => 'Festplatte', 'local master' => 'Local Master', @@ -1430,23 +1430,23 @@ 'localkey' => 'Localkey', 'localkeyfile' => 'Localkeyfile', 'log' => 'Protokoll', -'log enabled' => 'Log aktiviert', -'log level' => 'Log Level', +'log enabled' => 'Protokoll aktiviert', +'log level' => 'Protokollierungslevel', 'log lines per page' => 'Zeilen pro Seite', 'log server address' => 'Syslog Server', -'log settings' => 'Logdatei-Einstellungen', -'log summaries' => 'Log Übersicht', -'log summary' => 'Log Zusammenfassung', +'log settings' => 'Protokolldatei-Einstellungen', +'log summaries' => 'Protokollübersicht', +'log summary' => 'Protokollzusammenfassung', 'log var messages' => 'Einstellungen für /var/log/messages', -'log view' => 'Log Anzeige', +'log view' => 'Protokollanzeige', 'log viewer' => 'Protokollansicht', -'log viewing options' => 'Log Ansichts-Optionen', -'log-options' => 'Logfile Optionen', +'log viewing options' => 'Protokollansichtsoptionen', +'log-options' => 'Protokolldateioptionen', 'loged in at' => 'Angemeldet seit', -'logging' => 'Logging', +'logging' => 'Protokollierung', 'logging server' => 'Protokollierungs-Server', 'loginlogout' => 'Login/Logout', -'logs' => 'Logdateien', +'logs' => 'Protokolldateien', 'lookup failed' => 'Reverse Lookup gescheitert', 'loosedirectorychecking' => 'Loose directorychecking', 'low' => 'Niedrig', @@ -1499,7 +1499,7 @@ 'masquerading enabled' => 'NAT eingeschaltet', 'max bandwith' => 'Maximale Bandbreite', 'max incoming size' => 'Max. eingehende Größe (kB):', -'max lease time' => 'Max. Haltezeit in min:', +'max lease time' => 'Max. Haltezeit in min.:', 'max outgoing size' => 'Max. abgehende Größe (kB):', 'max reliability' => 'Maximale Zuverlässigkeit', 'max renewal time' => 'Maximale Aktualisierungszeit', @@ -1511,15 +1511,15 @@ 'maximum retries' => 'Maximale Wiederholversuche:', 'may' => 'Mai', 'mbmon display' => 'Anzeigen', -'mbmon fan' => 'Fan Speed', -'mbmon fan in' => 'Fan Speed in', +'mbmon fan' => 'Lüftergeschwindigkeit', +'mbmon fan in' => 'Lüftergeschwindigkeit in', 'mbmon graphs' => 'mbmon-Diagramme', 'mbmon label' => 'Label', 'mbmon settings' => 'mbmongraph Einstellungen', -'mbmon temp' => 'Temperature', -'mbmon temp in' => 'Temperature in', +'mbmon temp' => 'Temperatur', +'mbmon temp in' => 'Temperatur in', 'mbmon value' => 'Wert', -'mbmon volt' => 'Voltage', +'mbmon volt' => 'Spannung', 'meaning' => 'Bedeutung', 'media' => 'Laufwerke', 'media information' => 'Laufwerksinformationen', @@ -1528,7 +1528,7 @@ 'memory information' => 'Speicherinformationen', 'memory usage per' => 'Speichernutzung pro', 'messages' => 'Meldungen', -'messages logging' => 'Logeinstellungen für /var/log/messages', +'messages logging' => 'Protokolleinstellungen für /var/log/messages', 'method' => 'Methode:', 'min costs' => 'Minimale Kosten', 'min delay' => 'Minimale Verzögerung', @@ -1637,7 +1637,7 @@ 'no fritzdsl driver' => 'Kein Fritz!DSL-Treiber vorhanden. Bitte hochladen.', 'no hardware random number generator' => 'Dieses System hat keine Entropiequelle.', 'no information available' => 'Keine Informationen verfügbar.', -'no log selected' => 'kein Log ausgewählt', +'no log selected' => 'kein Protokoll ausgewählt', 'no modem selected' => 'Kein Modem ausgewählt', 'no set selected' => 'Es wurde kein Satz ausgewählt', 'no time limit' => 'unbregenzte Zeit', @@ -1681,7 +1681,7 @@ 'openvpn disabled' => 'DEAKTIVIERT', 'openvpn enabled' => 'AKTIVIERT', 'openvpn fragment allowed with udp' => '"fragment" kann nur in Kombination mit dem UDP-Protokoll genutzt werden.', -'openvpn log' => 'OpenVPN Log', +'openvpn log' => 'OpenVPN Protokoll', 'openvpn mssfix allowed with udp' => '"mssfix" kann nur in Kombination mit dem UDP-Protokoll genutzt werden.', 'openvpn network' => 'OpenVPN-Netzwerke', 'openvpn prefix local subnet' => 'Die Prefix-Notation wird nicht unterstützt. Bitte geben Sie eine Subnetzmaske beim lokalen Subnetz ein wie z.B. 255.255.255.0.', @@ -1693,8 +1693,8 @@ 'optional data' => '3. Optionale Einstellungen', 'options' => 'Optionen', 'options fw' => 'Firewalloptionen', -'optionsfw portlist hint' => 'Die Liste der Ports muss durch ein Komma getrennt werden (z.B. 137,138). Sie können maximal bis zu 15 Ports pro Protokoll angeben.', -'optionsfw warning' => 'Verändern dieser Optionen bedingt einen Neustart der Firewall', +'optionsfw portlist hint' => 'Die Liste der Ports muss durch Kommata getrennt werden (z.B. 137,138). Sie können maximal bis zu 15 Ports pro Protokoll angeben.', +'optionsfw warning' => 'Verändern dieser Optionen erfordert einen Neustart der Firewall', 'or' => 'oder', 'orange' => 'ORANGE', 'organization cant be empty' => 'Organisation darf nicht leer sein.', @@ -1718,10 +1718,10 @@ 'outgoing firewall edit ip group' => 'IP Adressgruppen bearbeiten', 'outgoing firewall edit mac group' => 'MAC Adressgruppen bearbeiten', 'outgoing firewall group error' => 'Eine Gruppe mit dem selben Namen existiert bereits.', -'outgoing firewall groups' => 'Firewall Gruppen', +'outgoing firewall groups' => 'Firewallgruppen', 'outgoing firewall ip groups' => 'Ausgehende Firewall IP Adressgruppen', 'outgoing firewall mac groups' => 'Ausgehende Firewall MAC Adressgruppen', -'outgoing firewall mode0' => 'In diesem Modus ist es allen Rechnern im Netzwerk uneingeschränkt möglich Verbindungen ins Internet aufzubauen.', +'outgoing firewall mode0' => 'In diesem Modus ist es allen Rechnern im Netzwerk uneingeschränkt möglich, Verbindungen ins Internet aufzubauen.', 'outgoing firewall mode1' => 'In diesem Modus werden nur Verbindungen nach den oben definierten Regeln zugelassen.', 'outgoing firewall mode2' => 'In diesem Modus werden sämtliche Verbindungen erlaubt, bis auf die oben definierten Block-Regeln.', 'outgoing firewall outgoing firewall reserved groupname' => 'Bitte einen anderen Gruppennamen verwenden, dieser ist ein reserviertes Wort.', @@ -1753,7 +1753,7 @@ 'ovpn generating the root and host certificates' => 'Die Erzeugung der Root- und Host-Zertifikate kann lange Zeit dauern.', 'ovpn ha' => 'Hash-Algorithmus', 'ovpn hmac' => 'HMAC-Optionen', -'ovpn log' => 'OVPN-Log', +'ovpn log' => 'OVPN-Protokoll', 'ovpn mgmt in root range' => 'Ein Port von 1024 oder höher ist erforderlich.', 'ovpn mtu-disc' => 'Path MTU Discovery', 'ovpn mtu-disc and mtu not 1500' => 'Path MTU Discovery benötigt eine MTU von 1500.', @@ -1767,7 +1767,7 @@ 'ovpn on orange' => 'OpenVPN auf ORANGE:', 'ovpn on red' => 'OpenVPN auf ROT:', 'ovpn port in root range' => 'Ein Port von 1024 oder höher ist erforderlich.', -'ovpn reneg sec' => 'Session Key Lifetime', +'ovpn reneg sec' => 'Sitzungsschlüssellebensdauer', 'ovpn routes push' => 'Routen (eine pro Zeile) z.b. 192.168.10.0/255.255.255.0 192.168.20.0/24', 'ovpn routes push options' => 'Route push Optionen', 'ovpn server status' => 'OpenVPN-Server-Status', @@ -1788,8 +1788,8 @@ 'ovpn_processprioN' => 'Normal', 'ovpn_processprioVD' => 'Sehr Tief', 'ovpn_processprioVH' => 'Sehr Hoch', -'ovpnstatus log' => 'OVPN-Status-Log', -'ovpnsys log' => 'OVPN-System-Log', +'ovpnstatus log' => 'OVPN-Status-Protokoll', +'ovpnsys log' => 'OVPN-System-Protokoll', 'p2p block' => 'P2P-Netzwerke', 'p2p block save notice' => 'Bitte lesen Sie die Firewallregeln neu ein, damit die Änderungen aktiv werden.', 'package failed to install' => 'Programmpaket konnte nicht installiert werden.', @@ -1798,10 +1798,10 @@ 'pakfire ago' => 'her.', 'pakfire available addons' => 'Verfügbare Addons:', 'pakfire configuration' => 'Pakfire Konfiguration', -'pakfire core update auto' => 'Core und Addon Updates automatisch installieren:', +'pakfire core update auto' => 'Core- und Addon-Updates automatisch installieren:', 'pakfire core update level' => 'Core-Update-Level', 'pakfire health check' => 'Mirrors auf Erreichbarkeit prüfen (Ping):', -'pakfire install description' => 'Wählen Sie ein oder mehrere Pakete zur Installation aus und drücken Sie auf das plus Symbol.', +'pakfire install description' => 'Wählen Sie ein oder mehrere Pakete zur Installation aus und drücken Sie auf das plus-Symbol.', 'pakfire install package' => 'Sie möchten folgende Pakete installieren: ', 'pakfire installed addons' => 'Installierte Addons:', 'pakfire last core list update' => 'Letztes Corelisten Update ist', @@ -1811,7 +1811,7 @@ 'pakfire possible dependency' => ' Möglicherweise haben diese Pakete Abhängigkeiten, d.h. andere Pakete müssen zusätzlich installiert werden. Dazu sehen Sie unten eine Liste.', 'pakfire register' => 'Registrierung am Pakfire-Server:', 'pakfire system state' => 'System Status', -'pakfire uninstall description' => 'Wählen Sie ein oder mehrere Pakete zur Deinstallation aus und drücken Sie auf das minus Symbol.', +'pakfire uninstall description' => 'Wählen Sie ein oder mehrere Pakete zur Deinstallation aus und drücken Sie auf das minus-Symbol.', 'pakfire uninstall package' => 'Sie möchten folgende Pakete deinstallieren: ', 'pakfire update daily' => 'Täglich nach Updates suchen:', 'pakfire updates' => 'Zur Verfügung stehende Updates:', @@ -1882,8 +1882,8 @@ 'proxy cachemgr' => 'Cachemanager aktivieren', 'proxy errmsg filedescriptors' => 'Ungültiger Anzahl Filedescriptoren', 'proxy filedescriptors' => 'Anzahl Filedescriptoren', -'proxy log viewer' => 'Ansicht Proxy-Log', -'proxy logs' => 'Proxy-Logdateien', +'proxy log viewer' => 'Ansicht Proxy-Protokoll', +'proxy logs' => 'Proxy-Protokolldateien', 'proxy no proxy extend' => 'oder geben Sie eine Liste von Zielen an, welche nicht über den Proxy angesprochen werden sollen', 'proxy no proxy local' => 'Lokalen Proxy auf blauen/grünen Netzwerken verhindern', 'proxy port' => 'Proxy-Port', @@ -1928,10 +1928,10 @@ 'remote access' => 'Fernwartung', 'remote announce' => 'Remote Announce', 'remote browse sync' => 'Remote Browse Sync', -'remote host/ip' => 'Remote Host/IP', -'remote logging' => 'Remote logging', -'remote subnet' => 'Remote Subnetz:', -'remote subnet is invalid' => 'Remote Subnetz ist ungültig.', +'remote host/ip' => 'Entfernte(r) Host/IP', +'remote logging' => 'Entfernte Protokollierung', +'remote subnet' => 'Entferntes Subnetz:', +'remote subnet is invalid' => 'Entferntes Subnetz ist ungültig.', 'removable device advice' => 'Stecken Sie ein Gerät an, aktualisieren Sie und binden Sie es vor der Benutzung ein. Melden Sie das Gerät vorm Entfernen ab.', 'remove' => 'Löschen', 'remove ca certificate' => 'CA-Zertifikat entfernen', @@ -1947,7 +1947,7 @@ 'reset' => 'Zurücksetzen', 'reset shares' => 'Freigaben zurücksetzen', 'resetglobals' => 'Globale Einstellungen zurücksetzen', -'resetpolicy' => 'Policy zurücksetzen', +'resetpolicy' => 'Richtlinie zurücksetzen', 'resetshares' => 'Shares zurücksetzen?', 'resetting the vpn configuration will remove the root ca, the host certificate and all certificate based connections' => 'Das Löschen des X509 wird die Root-CA, die Host-Zertifikate und alle zertifikatsbasierten Verbindungen entfernen.', 'restart' => 'Neustart', @@ -1995,7 +1995,7 @@ 'select source net' => 'Auswahl Quell-Netz', 'selecttraffic' => 'Trafficübersicht auswählen:', 'send cr' => 'ISP verlangt Zeilenrücklaufzeichen:', -'send email notification' => 'Aktiviert, Email Benachrichtigung senden', +'send email notification' => 'Aktiviert, E-Mail Benachrichtigung senden', 'send test mail' => 'Sende Testemail', 'september' => 'September', 'serial' => 'serielle', @@ -2119,7 +2119,7 @@ 'stop ovpn server' => 'Stoppe OpenVPN-Server', 'stopped' => 'ANGEHALTEN', 'subject' => 'Betreff', -'subject test' => 'Testemail', +'subject test' => 'Test-E-Mail', 'subject warn' => 'Warnung - Warnlevel erreicht', 'subnet' => 'Subnet', 'subnet is invalid' => 'Netzmaske ist ungültig', @@ -2135,16 +2135,16 @@ 'system has hwrng' => 'Dieses System hat einen Hardware-Zufallszahlengenerator.', 'system has rdrand' => 'Dieses System unterstützt Intel(R) RDRAND.', 'system information' => 'Systeminformationen', -'system log viewer' => 'Betrachter der System-Logdateien', -'system logs' => 'System-Logdateien', +'system log viewer' => 'Betrachter der Systemprotokolldateien', +'system logs' => 'Systemprotokolldateien', 'system status information' => 'System-Statusinformationen', 'ta key' => 'TLS-Authentifizierungsschlüssel', 'telephone not set' => 'Telefonnummer nicht angegeben.', 'template' => 'Vorlage', 'template warning' => 'Zur Einrichtung von QoS stehen Ihnen 2 Möglichkeiten zur Auswahl. Entweder Sie wählen speichern und erstellen Klassen und Regeln nach Ihren Wünschen, oder Sie wählen Vorlage, dann werden die Klassen und Regeln durch ein Template generiert.', 'test' => 'test', -'test email could not be sent' => 'Könnte Testemail nicht senden', -'test email was sent' => 'Testemail wurde erfolgreich versand', +'test email could not be sent' => 'Könnte Test-E-Mail nicht senden', +'test email was sent' => 'Test-E-Mail wurde erfolgreich versand', 'the following update was successfully installed' => 'Das folgende Update wurde erfolgreich installiert', 'the statistics were last updated at' => 'Die Statistik wurde zuletzt aktualisiert am', 'theme' => 'Style', @@ -2194,10 +2194,10 @@ 'tor connected relays' => 'Verbundene Relays', 'tor contact info' => 'Kontaktinformationen', 'tor daemon' => 'Daemon', -'tor directory port' => 'Directory-Port', +'tor directory port' => 'Verzeichnis-Port', 'tor enabled' => 'Tor einschalten', 'tor errmsg invalid accounting limit' => 'Ungültiges Accounting-Limit', -'tor errmsg invalid directory port' => 'Ungültiger Directory-Port', +'tor errmsg invalid directory port' => 'Ungültiger Verzeichnis-Port', 'tor errmsg invalid ip or mask' => 'Ungültiges IP-Subnetz', 'tor errmsg invalid relay address' => 'Ungültige Relay-Adresse', 'tor errmsg invalid relay name' => 'Ungültiger Relay-Nickname', @@ -2211,12 +2211,12 @@ 'tor relay enabled' => 'Tor-Relay einschalten', 'tor relay external address' => 'Externe Relay-Adresse', 'tor relay fingerprint' => 'Relay-Fingerabdruck', -'tor relay mode' => 'Relay-Modues', +'tor relay mode' => 'Relay-Modus', 'tor relay mode bridge' => 'Bridge', 'tor relay mode exit' => 'Exit-Node', 'tor relay mode private bridge' => 'private Bridge', 'tor relay mode relay' => 'Nur Relay', -'tor relay nickname' => 'Relay-Nickname', +'tor relay nickname' => 'Relay-Spitzname', 'tor relay port' => 'Relay-Port', 'tor service' => 'Tor-Service', 'tor socks port' => 'SOCKS-Port', @@ -2226,7 +2226,7 @@ 'tor traffic read written' => 'Gesamter Traffic (empfangen/gesendet)', 'tor use exit nodes' => 'Nur diese Exit-Nodes benutzen (eins pro Zeile)', 'total connection time' => 'Verbindungszeit', -'total hits for log section' => 'Gesamte Treffer für Log Sektion', +'total hits for log section' => 'Gesamte Treffer für Protokollsektion', 'traffic back' => 'Zurück', 'traffic calc time' => 'Berechnungszeitpunkt', 'traffic calc time bad' => 'Berechnungsintervall ist nicht gültig', @@ -2364,7 +2364,7 @@ 'upload a certificate request' => 'Eine Zertifikatsanfrage hochladen:', 'upload ca certificate' => 'CA-Zertifikat hochladen', 'upload dh key' => 'Diffie-Hellman-Parameter hochladen', -'upload file' => 'Datei zum hochladen', +'upload file' => 'Datei zum Hochladen', 'upload new ruleset' => 'Neuen Regelsatz hochladen', 'upload p12 file' => 'PKCS12-Datei hochladen', 'upload static key' => 'Statischen Schlüssel hochladen', @@ -2466,7 +2466,7 @@ 'urlfilter filesize' => 'Größe', 'urlfilter filter settings' => 'URL-Filter Einstellungen', 'urlfilter fri' => 'F', -'urlfilter friday' => 'Fre', +'urlfilter friday' => 'Fr', 'urlfilter from' => 'Von', 'urlfilter hourly' => 'stündlich', 'urlfilter import blacklist' => 'Blacklist importieren', @@ -2480,10 +2480,10 @@ 'urlfilter invalid user error' => 'Ungültiger Benutzername', 'urlfilter load blacklist' => 'Blacklist laden', 'urlfilter local file redirection' => 'Lokale Dateiumleitung', -'urlfilter log' => 'Urlfilter Log', +'urlfilter log' => 'URL-Filter Protokoll', 'urlfilter log summary' => 'Gesamtanzahl der URL-Filter-Treffer für', -'urlfilter log viewer' => 'Ansicht URL-Filter-Log', -'urlfilter logs' => 'URL-Filter-Logdateien', +'urlfilter log viewer' => 'Ansicht URL-Filter-Protokoll', +'urlfilter logs' => 'URL-Filter-Protokolldateien', 'urlfilter maintenance' => 'URL-Filter Wartung', 'urlfilter manage local file repository' => 'Lokale Dateiablage verwalten', 'urlfilter manage repository' => 'Ablage verwalten', @@ -2491,7 +2491,7 @@ 'urlfilter mode allow' => 'erlauben', 'urlfilter mode block' => 'sperren', 'urlfilter mon' => 'M', -'urlfilter monday' => 'Mon', +'urlfilter monday' => 'Mo', 'urlfilter monthly' => 'monatlich', 'urlfilter msg text 1' => 'Nachricht Zeile 1', 'urlfilter msg text 2' => 'Nachricht Zeile 2', @@ -2519,7 +2519,7 @@ 'urlfilter restore text' => 'Um eine vorher gesicherte Konfiguration wieder herzustellen, kann hier eine .tar.gz-Sicherungsdatei hochgeladen werden', 'urlfilter safesearch' => 'Aktiviere SafeSearch', 'urlfilter sat' => 'S', -'urlfilter saturday' => 'Sam', +'urlfilter saturday' => 'Sa', 'urlfilter save and restart' => 'Speichern und Neustart', 'urlfilter save schedule' => 'Updateeinstellungen speichern', 'urlfilter select blacklist' => 'Vorhandene Blacklist auswählen', @@ -2535,10 +2535,10 @@ 'urlfilter src' => 'Quelle', 'urlfilter src error' => 'Quelle darf nicht leer sein', 'urlfilter sun' => 'S', -'urlfilter sunday' => 'Son', +'urlfilter sunday' => 'So', 'urlfilter tar error' => 'Konnte die Dateien nicht aus dem Archiv extrahieren', 'urlfilter thu' => 'D', -'urlfilter thursday' => 'Don', +'urlfilter thursday' => 'Do', 'urlfilter time' => 'Zeit', 'urlfilter time quota' => 'Zeitkontingent', 'urlfilter time space' => 'Zeitraum', @@ -2546,7 +2546,7 @@ 'urlfilter timespace error' => 'Fehler bei der Angabe des Zeitraumes', 'urlfilter to' => 'Bis', 'urlfilter tue' => 'D', -'urlfilter tuesday' => 'Die', +'urlfilter tuesday' => 'Di', 'urlfilter unfiltered clients' => 'Ungefilterte IP-Adressen', 'urlfilter update information' => 'Eine aktualisierte Version steht zum Download bereit. Besuchen Sie <a href="http://www.urlfilter.net" target="_blank">http://www.urlfilter.net</a> für weitere Informationen.', 'urlfilter update notification' => 'Update-Benachrichtigung!', @@ -2570,7 +2570,7 @@ 'urlfilter username log' => 'Protokolliere Benutzername', 'urlfilter web proxy service required' => 'Um den URL-Filter zu verwenden, muss der Web-Proxy-Dienst aktiviert sein', 'urlfilter wed' => 'M', -'urlfilter wednesday' => 'Mit', +'urlfilter wednesday' => 'Mi', 'urlfilter weekday error' => 'Es muss mindestens ein Tag ausgewählt werden', 'urlfilter weekly' => 'wöchentlich', 'urlfilter whitelist always allowed' => 'Erlaube angepasste Whitelist für gesperrte Clients', @@ -2585,18 +2585,18 @@ 'used memory' => 'Genutzter Speicher', 'used swap' => 'Genutzter Swap', 'user' => 'Benutzer', -'user log' => 'Benutzer Log', -'user proxy logs' => 'Benutzer Proxy Log', +'user log' => 'Benutzerprotokoll', +'user proxy logs' => 'Benutzer Proxy Protokoll', 'username' => 'Benutzername:', 'username not set' => 'Benutzername nicht angegeben.', 'users department' => 'Abteilung des Benutzers', -'users email' => 'E-mail-Adresse des Benutzers', +'users email' => 'E-Mail-Adresse des Benutzers', 'users fullname or system hostname' => 'Voller Name oder System-Hostname des Benutzers', 'valid root certificate already exists' => 'Ein gültiges Root-Zertifikat existiert bereits.', 'valid till' => 'Gültig bis', 'vci number' => 'VCI-Nummer:', 'vendor' => 'Hersteller', -'view log' => 'Log anzeigen', +'view log' => 'Protokoll anzeigen', 'virtual address' => 'Virtuelle Addresse', 'virtual private networking' => 'Virtuelles Privates Netzwerk', 'visible in browselist' => 'Sichtbar in der Verzeichnisliste', @@ -2612,7 +2612,7 @@ 'vpn auth-dn' => 'Peer wird identifiziert durch entweder ein IPV4_ADDR, FQDN, USER_FQDN oder DER_ASN1_DN string in Remote ID Feld', 'vpn broken' => 'Gebrochen', 'vpn connecting' => 'VERBINDUNGSAUFBAU', -'vpn delayed start' => 'Verzögerung bevor VPN gestartet wird (Sekunden)', +'vpn delayed start' => 'Verzögerung, bevor VPN gestartet wird (in Sekunden)', 'vpn delayed start help' => 'Falls notwendig, kann diese Verzögerung dazu verwendet werden, um Dynamic-DNS-Updates ordnungsgemäß anzuwenden. 60 ist ein gängiger Wert, wenn ROT (RED) eine dynamische IP Adresse ist.', 'vpn incompatible use of defaultroute' => 'Hostname=%defaultroute nicht zulässig', 'vpn keyexchange' => 'Schlüsseltausch', @@ -2623,12 +2623,12 @@ 'vpn on blue' => 'VPN auf BLAU', 'vpn on green' => 'VPN auf GRÜN', 'vpn on orange' => 'VPN auf ORANGE', -'vpn on-demand' => 'ON DEMAND', +'vpn on-demand' => 'BEI BEDARF', 'vpn payload compression' => 'Datennutzlast-Kompression aushandeln', 'vpn red name' => 'Öffentliche IP oder FQDN für das rote Interface oder <%defaultroute>', 'vpn remote id' => 'Remote ID', 'vpn start action' => 'Startaktion', -'vpn start action route' => 'On Demand', +'vpn start action route' => 'Bei Bedarf', 'vpn start action start' => 'Immer An', 'vpn statistic n2n' => 'OpenVPN-Netz-zu-Netz-Statistik', 'vpn statistic rw' => 'OpenVPN-Roadwarrior-Statistik', @@ -2703,8 +2703,9 @@ 'wlan client wpa mode ccmp tkip' => 'CCMP-TKIP', 'wlan client wpa mode tkip tkip' => 'TKIP-TKIP', 'wlan clients' => 'WLAN-Clients', -'wlanap access point' => 'Access Point', +'wlanap' => 'Access Point', 'wlanap channel' => 'Kanal', +'wlanap configuration' => 'Access Point Konfiguration', 'wlanap country' => 'Ländercode', 'wlanap debugging' => 'Debugging', 'wlanap del interface' => 'Ausgewähltes Interface zurücksetzen?', @@ -2735,7 +2736,7 @@ 'yes' => 'Ja', 'you can only define one roadwarrior connection when using pre-shared key authentication' => 'Sie können nur eine Roadwarrior-Verbindung definieren, wenn die Pre-shared-Schlüsselauthentifizierung verwendet wird.<br/>Entweder haben Sie bereits eine Roadwarrior-Verbindung mit Pre-shared-Schlüsselauthentifizierung, oder Sie versuchen gerade, eine hinzuzufügen.', 'your department' => 'Ihre Abteilung', -'your e-mail' => 'Ihre E-mail Adresse', +'your e-mail' => 'Ihre E-Mail-Adresse', );
#EOF diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index b3aee5a..ab1f401 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -2748,8 +2748,9 @@ 'wlan client wpa mode ccmp tkip' => 'CCMP-TKIP', 'wlan client wpa mode tkip tkip' => 'TKIP-TKIP', 'wlan clients' => 'Wireless clients', -'wlanap access point' => 'Access Point', +'wlanap' => 'Access Point', 'wlanap channel' => 'Channel', +'wlanap configuration' => 'Access Point Configuration', 'wlanap country' => 'Country Code', 'wlanap debugging' => 'Debugging', 'wlanap del interface' => 'Remove selected interface?', diff --git a/lfs/apache2 b/lfs/apache2 index 57c3447..b7a7416 100644 --- a/lfs/apache2 +++ b/lfs/apache2 @@ -25,27 +25,27 @@
include Config
-VER = 2.2.29 +VER = 2.4.27
THISAPP = httpd-$(VER) DL_FILE = $(THISAPP).tar.bz2 DL_FROM = $(URL_IPFIRE) + DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
+DEPS = "aprutil pcre" + ############################################################################### # Top-level Rules ###############################################################################
-objects = $(DL_FILE) \ - httpd-2.2.2-config-1.patch +objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE) -httpd-2.2.2-config-1.patch = $(DL_FROM)/httpd-2.2.2-config-1.patch
-$(DL_FILE)_MD5 = 579342fdeaa7b8b68d17fee91f8fab6e -httpd-2.2.2-config-1.patch_MD5 = e02a3ec5925eb9e111400b9aa229f822 +$(DL_FILE)_MD5 = 97b6bbfa83c866dbe20ef317e3afd108
install : $(TARGET)
@@ -75,8 +75,8 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np1 -i $(DIR_DL)/httpd-2.2.2-config-1.patch - + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/apache-2.4.27-PR61382-fix.patch + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/apache-2.4.27-CVE-2017-9798-fix.patch ### Add IPFire's layout, too echo "# IPFire layout" >> $(DIR_APP)/config.layout echo "<Layout IPFire>" >> $(DIR_APP)/config.layout @@ -103,14 +103,15 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) echo "</Layout>" >> $(DIR_APP)/config.layout
cd $(DIR_APP) && ./configure --enable-layout=IPFire \ - --enable-ssl --enable-mods-shared=all --enable-proxy + --enable-ssl --enable-mods-shared=all --enable-proxy --with-mpm=event cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install chown -v root:root /usr/lib/apache/httpd.exp \ - /usr/sbin/{apxs,apachectl,dbmmanage,envvars{,-std}} \ - /usr/share/man/man1/{dbmmanage,ht{dbm,digest,passwd,txt2dbm}}.1 \ - /usr/share/man/man8/{ab,apachectl,apxs,htcacheclean,httpd}.8 \ - /usr/share/man/man8/{logresolve,rotatelogs,suexec}.8 + /usr/bin/{apxs,dbmmanage} \ + /usr/sbin/apachectl \ + /usr/share/man/man1/{ab,apxs,dbmmanage,ht{dbm,digest,passwd,txt2dbm},logresolve}.1 \ + /usr/share/man/man8/{apachectl,htcacheclean,httpd}.8 \ + /usr/share/man/man8/{rotatelogs,suexec}.8
# Install apache config cp -rf $(DIR_CONF)/httpd/* /etc/httpd/conf diff --git a/lfs/apr b/lfs/apr new file mode 100644 index 0000000..6f667cf --- /dev/null +++ b/lfs/apr @@ -0,0 +1,82 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007-2014 IPFire Team info@ipfire.org # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see http://www.gnu.org/licenses/. # +# # +############################################################################### + + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 1.6.2 + +THISAPP = apr-$(VER) +DL_FILE = $(THISAPP).tar.bz2 +DL_FROM = http://archive.apache.org/dist/apr +DIR_APP = $(DIR_SRC)/$(THISAPP) + +TARGET = $(DIR_INFO)/$(THISAPP) + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = e81a851967c79b5ce9bfbc909e4bf735 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) + + cd $(DIR_APP) && ./configure --prefix=/usr \ + --disable-static --with-installbuilddir=/usr/share/apr-1/build + cd $(DIR_APP) && make $(MAKETUNING) + cd $(DIR_APP) && make install + + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/lfs/aprutil b/lfs/aprutil new file mode 100644 index 0000000..c2f8084 --- /dev/null +++ b/lfs/aprutil @@ -0,0 +1,84 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007-2014 IPFire Team info@ipfire.org # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see http://www.gnu.org/licenses/. # +# # +############################################################################### + + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 1.6.0 + +THISAPP = apr-util-$(VER) +DL_FILE = $(THISAPP).tar.bz2 +DL_FROM = http://archive.apache.org/dist/apr +DIR_APP = $(DIR_SRC)/$(THISAPP) + +TARGET = $(DIR_INFO)/$(THISAPP) + +DEPS = "apr" + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = 069a9a980776acab05212c5f37ef8368 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) + + cd $(DIR_APP) && ./configure --prefix=/usr \ + --with-apr=/usr --with-gdbm=/usr --with-openssl=/usr --with-crypto --with-expat=/usr + cd $(DIR_APP) && make $(MAKETUNING) + cd $(DIR_APP) && make install + + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/lfs/cacti b/lfs/cacti index f44e7b4..d0e967d 100644 --- a/lfs/cacti +++ b/lfs/cacti @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = cacti -PAK_VER = 5 +PAK_VER = 6
DEPS = "netsnmpd mysql"
diff --git a/lfs/gnutls b/lfs/gnutls index 86e7fb2..360594f 100644 --- a/lfs/gnutls +++ b/lfs/gnutls @@ -24,7 +24,7 @@
include Config
-VER = 3.5.14 +VER = 3.5.15
THISAPP = gnutls-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 1e84b57a472b5f3b01f2c1b7a3a2bcbe +$(DL_FILE)_MD5 = bcdcbc65c50a7499617ad9f4d0058de9
install : $(TARGET)
diff --git a/lfs/hdparm b/lfs/hdparm index 6c7dc4d..c26131e 100644 --- a/lfs/hdparm +++ b/lfs/hdparm @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2015 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2017 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 9.50 +VER = 9.52
THISAPP = hdparm-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = d380062ad6c4b40076736efbb640f1f5 +$(DL_FILE)_MD5 = 410539d0bf3cc247181594581edbfb53
install : $(TARGET)
diff --git a/lfs/hostapd b/lfs/hostapd index d94c0e7..11b4d1c 100644 --- a/lfs/hostapd +++ b/lfs/hostapd @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = hostapd -PAK_VER = 38 +PAK_VER = 39
DEPS = ""
diff --git a/lfs/icinga b/lfs/icinga index ab562f2..5d8d5a1 100644 --- a/lfs/icinga +++ b/lfs/icinga @@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = icinga -PAK_VER = 1 +PAK_VER = 2
DEPS = ""
diff --git a/lfs/nagios b/lfs/nagios index 1a88989..5ff1499 100644 --- a/lfs/nagios +++ b/lfs/nagios @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = nagios -PAK_VER = 2 +PAK_VER = 3
DEPS = "traceroute"
diff --git a/lfs/openmailadmin b/lfs/openmailadmin index 147595d..1980be7 100644 --- a/lfs/openmailadmin +++ b/lfs/openmailadmin @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = openmailadmin -PAK_VER = 1 +PAK_VER = 2
DEPS = "cyrus-imapd postfix mysql"
diff --git a/lfs/owncloud b/lfs/owncloud index e021a4c..c13e296 100644 --- a/lfs/owncloud +++ b/lfs/owncloud @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = owncloud -PAK_VER = 6 +PAK_VER = 7
DEPS = ""
diff --git a/lfs/phpSANE b/lfs/phpSANE index 5dad01d..6a605f1 100644 --- a/lfs/phpSANE +++ b/lfs/phpSANE @@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = phpSANE -PAK_VER = 1 +PAK_VER = 2
DEPS = "sane netpbm"
diff --git a/lfs/squid b/lfs/squid index 8440cf8..08583d0 100644 --- a/lfs/squid +++ b/lfs/squid @@ -24,7 +24,7 @@
include Config
-VER = 3.5.26 +VER = 3.5.27
THISAPP = squid-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 510e2c84773879c00d0e7ced997864d9 +$(DL_FILE)_MD5 = 39ef8199675d48a314b540f92c00c545
install : $(TARGET)
@@ -70,21 +70,7 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar xaf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14169.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14170.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14171.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14172.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14173.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14174.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14175.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14176.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14177.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14178.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14179.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14180.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14181.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14182.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.5.26-fix-max-file-descriptors.patch + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.5.27-fix-max-file-descriptors.patch
cd $(DIR_APP) && autoreconf -vfi cd $(DIR_APP)/libltdl && autoreconf -vfi diff --git a/lfs/strongswan b/lfs/strongswan index 85c4f2b..600c012 100644 --- a/lfs/strongswan +++ b/lfs/strongswan @@ -24,7 +24,7 @@
include Config
-VER = 5.5.3 +VER = 5.6.0
THISAPP = strongswan-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -48,7 +48,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 4afffe3c219bb2e04f09510905af836b +$(DL_FILE)_MD5 = befb5e827d02433fea6669c20e11530a
install : $(TARGET)
diff --git a/lfs/tcpdump b/lfs/tcpdump index 42536f1..acf752c 100644 --- a/lfs/tcpdump +++ b/lfs/tcpdump @@ -24,7 +24,7 @@
include Config
-VER = 4.9.0 +VER = 4.9.2
THISAPP = tcpdump-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = tcpdump -PAK_VER = 8 +PAK_VER = 9
DEPS = ""
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 2b83364eef53b63ca3181b4eb56dab0c +$(DL_FILE)_MD5 = 9bbc1ee33dab61302411b02dd0515576
install : $(TARGET)
diff --git a/lfs/unbound b/lfs/unbound index 5046f45..39ad0de 100644 --- a/lfs/unbound +++ b/lfs/unbound @@ -24,7 +24,7 @@
include Config
-VER = 1.6.4 +VER = 1.6.6
THISAPP = unbound-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = ab6f7c07610907f1d87191c9ac2db87a +$(DL_FILE)_MD5 = f2cc56bd88c9634fe18334d2421205f1
install : $(TARGET)
diff --git a/make.sh b/make.sh index f79f627..73b7b38 100755 --- a/make.sh +++ b/make.sh @@ -25,8 +25,8 @@ NAME="IPFire" # Software name SNAME="ipfire" # Short name VERSION="2.19" # Version number -CORE="113" # Core Level (Filename) -PAKFIRE_CORE="113" # Core Level (PAKFIRE) +CORE="114" # Core Level (Filename) +PAKFIRE_CORE="114" # Core Level (PAKFIRE) GIT_BRANCH=`git rev-parse --abbrev-ref HEAD` # Git Branch SLOGAN="www.ipfire.org" # Software slogan CONFIG_ROOT=/var/ipfire # Configuration rootdir @@ -497,6 +497,8 @@ buildipfire() { lfsmake2 libevent2 lfsmake2 libevent2-compat lfsmake2 expat + lfsmake2 apr + lfsmake2 aprutil lfsmake2 unbound lfsmake2 gnutls lfsmake2 bind diff --git a/src/initscripts/system/unbound b/src/initscripts/system/unbound index 3002f48..e5554d7 100644 --- a/src/initscripts/system/unbound +++ b/src/initscripts/system/unbound @@ -454,6 +454,18 @@ disable_dnssec() { unbound-control -q set_option val-permissive-mode: yes }
+fix_time_if_dns_fail() { + # If DNS still not work try to init ntp with + # hardcoded ntp.ipfire.org (81.3.27.46) + if [ -e /var/ipfire/red/active ]; then + host 0.ipfire.pool.ntp.org > /dev/null 2>&1 + if [ "${?}" != "0" ]; then + boot_mesg "DNS still not work ... init time with ntp.ipfire.org at 81.3.27.46 ..." + loadproc /usr/local/bin/settime 81.3.27.46 + fi + fi +} + case "$1" in start) # Print a nicer messagen when unbound is already running @@ -485,15 +497,7 @@ case "$1" in # Update hosts update_hosts
- # If DNS still not work try to init ntp with - # hardcoded ntp.ipfire.org (81.3.27.46) - if [ -e /var/ipfire/red/active ]; then - host 0.ipfire.pool.ntp.org > /dev/null 2>&1 - if [ "${?}" != "0" ]; then - boot_mesg "DNS still not work ... init time with ntp.ipfire.org at 81.3.27.46 ..." - loadproc /usr/local/bin/settime 81.3.27.46 - fi - fi + fix_time_if_dns_fail ;;
stop) @@ -518,6 +522,11 @@ case "$1" in fi
update_forwarders + + unbound-control flush_negative > /dev/null + unbound-control flush_bogus > /dev/null + + fix_time_if_dns_fail ;;
test-name-server) diff --git a/src/patches/apache-2.4.27-CVE-2017-9798-fix.patch b/src/patches/apache-2.4.27-CVE-2017-9798-fix.patch new file mode 100644 index 0000000..eb82c8b --- /dev/null +++ b/src/patches/apache-2.4.27-CVE-2017-9798-fix.patch @@ -0,0 +1,15 @@ +--- server/core.c 2017/08/16 16:50:29 1805223 ++++ server/core.c 2017/09/08 13:13:11 1807754 +@@ -2262,6 +2262,12 @@ + /* method has not been registered yet, but resource restriction + * is always checked before method handling, so register it. + */ ++ if (cmd->pool == cmd->temp_pool) { ++ /* In .htaccess, we can't globally register new methods. */ ++ return apr_psprintf(cmd->pool, "Could not register method '%s' " ++ "for %s from .htaccess configuration", ++ method, cmd->cmd->name); ++ } + methnum = ap_method_register(cmd->pool, + apr_pstrdup(cmd->pool, method)); + } diff --git a/src/patches/apache-2.4.27-PR61382-fix.patch b/src/patches/apache-2.4.27-PR61382-fix.patch new file mode 100644 index 0000000..128621a --- /dev/null +++ b/src/patches/apache-2.4.27-PR61382-fix.patch @@ -0,0 +1,783 @@ +Index: modules/http2/h2_bucket_beam.c +=================================================================== +--- modules/http2/h2_bucket_beam.c (revision 1804645) ++++ modules/http2/h2_bucket_beam.c (working copy) +@@ -287,7 +287,7 @@ + /* do not count */ + } + else if (APR_BUCKET_IS_FILE(b)) { +- /* if unread, has no real mem footprint. how to test? */ ++ /* if unread, has no real mem footprint. */ + } + else { + len += b->length; +@@ -316,32 +316,80 @@ + return APR_SIZE_MAX; + } + +-static apr_status_t wait_cond(h2_bucket_beam *beam, apr_thread_mutex_t *lock) ++static int buffer_is_empty(h2_bucket_beam *beam) + { +- if (beam->timeout > 0) { +- return apr_thread_cond_timedwait(beam->cond, lock, beam->timeout); ++ return ((!beam->recv_buffer || APR_BRIGADE_EMPTY(beam->recv_buffer)) ++ && H2_BLIST_EMPTY(&beam->send_list)); ++} ++ ++static apr_status_t wait_empty(h2_bucket_beam *beam, apr_read_type_e block, ++ apr_thread_mutex_t *lock) ++{ ++ apr_status_t rv = APR_SUCCESS; ++ ++ while (!buffer_is_empty(beam) && APR_SUCCESS == rv) { ++ if (APR_BLOCK_READ != block || !lock) { ++ rv = APR_EAGAIN; ++ } ++ else if (beam->timeout > 0) { ++ rv = apr_thread_cond_timedwait(beam->change, lock, beam->timeout); ++ } ++ else { ++ rv = apr_thread_cond_wait(beam->change, lock); ++ } + } +- else { +- return apr_thread_cond_wait(beam->cond, lock); ++ return rv; ++} ++ ++static apr_status_t wait_not_empty(h2_bucket_beam *beam, apr_read_type_e block, ++ apr_thread_mutex_t *lock) ++{ ++ apr_status_t rv = APR_SUCCESS; ++ ++ while (buffer_is_empty(beam) && APR_SUCCESS == rv) { ++ if (beam->aborted) { ++ rv = APR_ECONNABORTED; ++ } ++ else if (beam->closed) { ++ rv = APR_EOF; ++ } ++ else if (APR_BLOCK_READ != block || !lock) { ++ rv = APR_EAGAIN; ++ } ++ else if (beam->timeout > 0) { ++ rv = apr_thread_cond_timedwait(beam->change, lock, beam->timeout); ++ } ++ else { ++ rv = apr_thread_cond_wait(beam->change, lock); ++ } + } ++ return rv; + } + +-static apr_status_t r_wait_space(h2_bucket_beam *beam, apr_read_type_e block, +- h2_beam_lock *pbl, apr_size_t *premain) ++static apr_status_t wait_not_full(h2_bucket_beam *beam, apr_read_type_e block, ++ apr_size_t *pspace_left, h2_beam_lock *bl) + { +- *premain = calc_space_left(beam); +- while (!beam->aborted && *premain <= 0 +- && (block == APR_BLOCK_READ) && pbl->mutex) { +- apr_status_t status; +- report_prod_io(beam, 1, pbl); +- status = wait_cond(beam, pbl->mutex); +- if (APR_STATUS_IS_TIMEUP(status)) { +- return status; ++ apr_status_t rv = APR_SUCCESS; ++ apr_size_t left; ++ ++ while (0 == (left = calc_space_left(beam)) && APR_SUCCESS == rv) { ++ if (beam->aborted) { ++ rv = APR_ECONNABORTED; + } +- r_purge_sent(beam); +- *premain = calc_space_left(beam); ++ else if (block != APR_BLOCK_READ || !bl->mutex) { ++ rv = APR_EAGAIN; ++ } ++ else { ++ if (beam->timeout > 0) { ++ rv = apr_thread_cond_timedwait(beam->change, bl->mutex, beam->timeout); ++ } ++ else { ++ rv = apr_thread_cond_wait(beam->change, bl->mutex); ++ } ++ } + } +- return beam->aborted? APR_ECONNABORTED : APR_SUCCESS; ++ *pspace_left = left; ++ return rv; + } + + static void h2_beam_emitted(h2_bucket_beam *beam, h2_beam_proxy *proxy) +@@ -404,8 +452,8 @@ + if (!bl.mutex) { + r_purge_sent(beam); + } +- else if (beam->cond) { +- apr_thread_cond_broadcast(beam->cond); ++ else { ++ apr_thread_cond_broadcast(beam->change); + } + leave_yellow(beam, &bl); + } +@@ -425,9 +473,7 @@ + { + if (!beam->closed) { + beam->closed = 1; +- if (beam->cond) { +- apr_thread_cond_broadcast(beam->cond); +- } ++ apr_thread_cond_broadcast(beam->change); + } + return APR_SUCCESS; + } +@@ -582,7 +628,7 @@ + apr_interval_time_t timeout) + { + h2_bucket_beam *beam; +- apr_status_t status = APR_SUCCESS; ++ apr_status_t rv = APR_SUCCESS; + + beam = apr_pcalloc(pool, sizeof(*beam)); + if (!beam) { +@@ -601,16 +647,15 @@ + beam->max_buf_size = max_buf_size; + beam->timeout = timeout; + +- status = apr_thread_mutex_create(&beam->lock, APR_THREAD_MUTEX_DEFAULT, +- pool); +- if (status == APR_SUCCESS) { +- status = apr_thread_cond_create(&beam->cond, pool); +- if (status == APR_SUCCESS) { ++ rv = apr_thread_mutex_create(&beam->lock, APR_THREAD_MUTEX_DEFAULT, pool); ++ if (APR_SUCCESS == rv) { ++ rv = apr_thread_cond_create(&beam->change, pool); ++ if (APR_SUCCESS == rv) { + apr_pool_pre_cleanup_register(pool, beam, beam_cleanup); + *pbeam = beam; + } + } +- return status; ++ return rv; + } + + void h2_beam_buffer_size_set(h2_bucket_beam *beam, apr_size_t buffer_size) +@@ -691,9 +736,7 @@ + h2_blist_cleanup(&beam->send_list); + report_consumption(beam, &bl); + } +- if (beam->cond) { +- apr_thread_cond_broadcast(beam->cond); +- } ++ apr_thread_cond_broadcast(beam->change); + leave_yellow(beam, &bl); + } + } +@@ -730,18 +773,7 @@ + h2_beam_lock bl; + + if ((status = enter_yellow(beam, &bl)) == APR_SUCCESS) { +- while (status == APR_SUCCESS +- && !H2_BLIST_EMPTY(&beam->send_list) +- && !H2_BPROXY_LIST_EMPTY(&beam->proxies)) { +- if (block == APR_NONBLOCK_READ || !bl.mutex) { +- status = APR_EAGAIN; +- break; +- } +- if (beam->cond) { +- apr_thread_cond_broadcast(beam->cond); +- } +- status = wait_cond(beam, bl.mutex); +- } ++ status = wait_empty(beam, block, bl.mutex); + leave_yellow(beam, &bl); + } + return status; +@@ -761,13 +793,18 @@ + static apr_status_t append_bucket(h2_bucket_beam *beam, + apr_bucket *b, + apr_read_type_e block, ++ apr_size_t *pspace_left, + h2_beam_lock *pbl) + { + const char *data; + apr_size_t len; +- apr_size_t space_left = 0; + apr_status_t status; ++ int can_beam, check_len; + ++ if (beam->aborted) { ++ return APR_ECONNABORTED; ++ } ++ + if (APR_BUCKET_IS_METADATA(b)) { + if (APR_BUCKET_IS_EOS(b)) { + beam->closed = 1; +@@ -777,11 +814,31 @@ + return APR_SUCCESS; + } + else if (APR_BUCKET_IS_FILE(b)) { +- /* file bucket lengths do not really count */ ++ /* For file buckets the problem is their internal readpool that ++ * is used on the first read to allocate buffer/mmap. ++ * Since setting aside a file bucket will de-register the ++ * file cleanup function from the previous pool, we need to ++ * call that only from the sender thread. ++ * ++ * Currently, we do not handle file bucket with refcount > 1 as ++ * the beam is then not in complete control of the file's lifetime. ++ * Which results in the bug that a file get closed by the receiver ++ * while the sender or the beam still have buckets using it. ++ * ++ * Additionally, we allow callbacks to prevent beaming file ++ * handles across. The use case for this is to limit the number ++ * of open file handles and rather use a less efficient beam ++ * transport. */ ++ apr_bucket_file *bf = b->data; ++ apr_file_t *fd = bf->fd; ++ can_beam = (bf->refcount.refcount == 1); ++ if (can_beam && beam->can_beam_fn) { ++ can_beam = beam->can_beam_fn(beam->can_beam_ctx, beam, fd); ++ } ++ check_len = !can_beam; + } + else { +- space_left = calc_space_left(beam); +- if (space_left > 0 && b->length == ((apr_size_t)-1)) { ++ if (b->length == ((apr_size_t)-1)) { + const char *data; + status = apr_bucket_read(b, &data, &len, APR_BLOCK_READ); + if (status != APR_SUCCESS) { +@@ -788,19 +845,15 @@ + return status; + } + } +- +- if (space_left <= 0) { +- status = r_wait_space(beam, block, pbl, &space_left); +- if (status != APR_SUCCESS) { +- return status; +- } +- if (space_left <= 0) { +- return APR_EAGAIN; +- } ++ check_len = 1; ++ } ++ ++ if (check_len) { ++ if (b->length > *pspace_left) { ++ apr_bucket_split(b, *pspace_left); + } +- /* space available, maybe need bucket split */ ++ *pspace_left -= b->length; + } +- + + /* The fundamental problem is that reading a sender bucket from + * a receiver thread is a total NO GO, because the bucket might use +@@ -830,32 +883,8 @@ + apr_bucket_heap_make(b, data, len, NULL); + } + } +- else if (APR_BUCKET_IS_FILE(b)) { +- /* For file buckets the problem is their internal readpool that +- * is used on the first read to allocate buffer/mmap. +- * Since setting aside a file bucket will de-register the +- * file cleanup function from the previous pool, we need to +- * call that only from the sender thread. +- * +- * Currently, we do not handle file bucket with refcount > 1 as +- * the beam is then not in complete control of the file's lifetime. +- * Which results in the bug that a file get closed by the receiver +- * while the sender or the beam still have buckets using it. +- * +- * Additionally, we allow callbacks to prevent beaming file +- * handles across. The use case for this is to limit the number +- * of open file handles and rather use a less efficient beam +- * transport. */ +- apr_bucket_file *bf = b->data; +- apr_file_t *fd = bf->fd; +- int can_beam = (bf->refcount.refcount == 1); +- if (can_beam && beam->can_beam_fn) { +- can_beam = beam->can_beam_fn(beam->can_beam_ctx, beam, fd); +- } +- if (can_beam) { +- status = apr_bucket_setaside(b, beam->send_pool); +- } +- /* else: enter ENOTIMPL case below */ ++ else if (APR_BUCKET_IS_FILE(b) && can_beam) { ++ status = apr_bucket_setaside(b, beam->send_pool); + } + + if (status == APR_ENOTIMPL) { +@@ -865,12 +894,6 @@ + * a counter example). + * We do the read while in the sender thread, so that the bucket may + * use pools/allocators safely. */ +- if (space_left < APR_BUCKET_BUFF_SIZE) { +- space_left = APR_BUCKET_BUFF_SIZE; +- } +- if (space_left < b->length) { +- apr_bucket_split(b, space_left); +- } + status = apr_bucket_read(b, &data, &len, APR_BLOCK_READ); + if (status == APR_SUCCESS) { + status = apr_bucket_setaside(b, beam->send_pool); +@@ -884,7 +907,7 @@ + APR_BUCKET_REMOVE(b); + H2_BLIST_INSERT_TAIL(&beam->send_list, b); + beam->sent_bytes += b->length; +- ++ + return APR_SUCCESS; + } + +@@ -904,7 +927,8 @@ + apr_read_type_e block) + { + apr_bucket *b; +- apr_status_t status = APR_SUCCESS; ++ apr_status_t rv = APR_SUCCESS; ++ apr_size_t space_left = 0; + h2_beam_lock bl; + + /* Called from the sender thread to add buckets to the beam */ +@@ -914,23 +938,31 @@ + + if (beam->aborted) { + move_to_hold(beam, sender_bb); +- status = APR_ECONNABORTED; ++ rv = APR_ECONNABORTED; + } + else if (sender_bb) { +- int force_report = !APR_BRIGADE_EMPTY(sender_bb); +- while (!APR_BRIGADE_EMPTY(sender_bb) && status == APR_SUCCESS) { ++ int force_report = !APR_BRIGADE_EMPTY(sender_bb); ++ ++ space_left = calc_space_left(beam); ++ while (!APR_BRIGADE_EMPTY(sender_bb) && APR_SUCCESS == rv) { ++ if (space_left <= 0) { ++ report_prod_io(beam, force_report, &bl); ++ rv = wait_not_full(beam, block, &space_left, &bl); ++ if (APR_SUCCESS != rv) { ++ break; ++ } ++ } + b = APR_BRIGADE_FIRST(sender_bb); +- status = append_bucket(beam, b, block, &bl); ++ rv = append_bucket(beam, b, block, &space_left, &bl); + } ++ + report_prod_io(beam, force_report, &bl); +- if (beam->cond) { +- apr_thread_cond_broadcast(beam->cond); +- } ++ apr_thread_cond_broadcast(beam->change); + } + report_consumption(beam, &bl); + leave_yellow(beam, &bl); + } +- return status; ++ return rv; + } + + apr_status_t h2_beam_receive(h2_bucket_beam *beam, +@@ -942,11 +974,16 @@ + apr_bucket *bsender, *brecv, *ng; + int transferred = 0; + apr_status_t status = APR_SUCCESS; +- apr_off_t remain = readbytes; ++ apr_off_t remain; + int transferred_buckets = 0; + + /* Called from the receiver thread to take buckets from the beam */ + if (enter_yellow(beam, &bl) == APR_SUCCESS) { ++ if (readbytes <= 0) { ++ readbytes = APR_SIZE_MAX; ++ } ++ remain = readbytes; ++ + transfer: + if (beam->aborted) { + recv_buffer_cleanup(beam, &bl); +@@ -955,11 +992,12 @@ + } + + /* transfer enough buckets from our receiver brigade, if we have one */ +- while (beam->recv_buffer +- && !APR_BRIGADE_EMPTY(beam->recv_buffer) +- && (readbytes <= 0 || remain >= 0)) { ++ while (remain >= 0 ++ && beam->recv_buffer ++ && !APR_BRIGADE_EMPTY(beam->recv_buffer)) { ++ + brecv = APR_BRIGADE_FIRST(beam->recv_buffer); +- if (readbytes > 0 && brecv->length > 0 && remain <= 0) { ++ if (brecv->length > 0 && remain <= 0) { + break; + } + APR_BUCKET_REMOVE(brecv); +@@ -970,11 +1008,11 @@ + + /* transfer from our sender brigade, transforming sender buckets to + * receiver ones until we have enough */ +- while (!H2_BLIST_EMPTY(&beam->send_list) && (readbytes <= 0 || remain >= 0)) { +- bsender = H2_BLIST_FIRST(&beam->send_list); ++ while (remain >= 0 && !H2_BLIST_EMPTY(&beam->send_list)) { ++ + brecv = NULL; +- +- if (readbytes > 0 && bsender->length > 0 && remain <= 0) { ++ bsender = H2_BLIST_FIRST(&beam->send_list); ++ if (bsender->length > 0 && remain <= 0) { + break; + } + +@@ -1020,11 +1058,12 @@ + * been handed out. See also PR 59348 */ + apr_bucket_file_enable_mmap(ng, 0); + #endif +- remain -= bsender->length; +- ++transferred; + APR_BUCKET_REMOVE(bsender); + H2_BLIST_INSERT_TAIL(&beam->hold_list, bsender); ++ ++ remain -= bsender->length; + ++transferred; ++ ++transferred_buckets; + continue; + } + else { +@@ -1041,6 +1080,7 @@ + * receiver bucket references it any more. */ + APR_BUCKET_REMOVE(bsender); + H2_BLIST_INSERT_TAIL(&beam->hold_list, bsender); ++ + beam->received_bytes += bsender->length; + ++transferred_buckets; + +@@ -1063,8 +1103,8 @@ + } + } + +- if (readbytes > 0 && remain < 0) { +- /* too much, put some back */ ++ if (remain < 0) { ++ /* too much, put some back into out recv_buffer */ + remain = readbytes; + for (brecv = APR_BRIGADE_FIRST(bb); + brecv != APR_BRIGADE_SENTINEL(bb); +@@ -1081,15 +1121,7 @@ + } + } + +- if (transferred_buckets > 0) { +- if (beam->cons_ev_cb) { +- beam->cons_ev_cb(beam->cons_ctx, beam); +- } +- } +- +- if (beam->closed +- && (!beam->recv_buffer || APR_BRIGADE_EMPTY(beam->recv_buffer)) +- && H2_BLIST_EMPTY(&beam->send_list)) { ++ if (beam->closed && buffer_is_empty(beam)) { + /* beam is closed and we have nothing more to receive */ + if (!beam->close_sent) { + apr_bucket *b = apr_bucket_eos_create(bb->bucket_alloc); +@@ -1100,28 +1132,23 @@ + } + } + ++ if (transferred_buckets > 0) { ++ if (beam->cons_ev_cb) { ++ beam->cons_ev_cb(beam->cons_ctx, beam); ++ } ++ } ++ + if (transferred) { +- if (beam->cond) { +- apr_thread_cond_broadcast(beam->cond); +- } ++ apr_thread_cond_broadcast(beam->change); + status = APR_SUCCESS; + } +- else if (beam->closed) { +- status = APR_EOF; +- } +- else if (block == APR_BLOCK_READ && bl.mutex && beam->cond) { +- status = wait_cond(beam, bl.mutex); ++ else { ++ status = wait_not_empty(beam, block, bl.mutex); + if (status != APR_SUCCESS) { + goto leave; + } + goto transfer; + } +- else { +- if (beam->cond) { +- apr_thread_cond_broadcast(beam->cond); +- } +- status = APR_EAGAIN; +- } + leave: + leave_yellow(beam, &bl); + } +Index: modules/http2/h2_bucket_beam.h +=================================================================== +--- modules/http2/h2_bucket_beam.h (revision 1804645) ++++ modules/http2/h2_bucket_beam.h (working copy) +@@ -190,7 +190,7 @@ + unsigned int tx_mem_limits : 1; /* only memory size counts on transfers */ + + struct apr_thread_mutex_t *lock; +- struct apr_thread_cond_t *cond; ++ struct apr_thread_cond_t *change; + void *m_ctx; + h2_beam_mutex_enter *m_enter; + +Index: modules/http2/h2_stream.c +=================================================================== +--- modules/http2/h2_stream.c (revision 1804645) ++++ modules/http2/h2_stream.c (working copy) +@@ -774,20 +774,20 @@ + return NULL; + } + +-static apr_status_t add_data(h2_stream *stream, apr_off_t requested, +- apr_off_t *plen, int *peos, int *complete, +- h2_headers **pheaders) ++static apr_status_t add_buffered_data(h2_stream *stream, apr_off_t requested, ++ apr_off_t *plen, int *peos, int *is_all, ++ h2_headers **pheaders) + { + apr_bucket *b, *e; + + *peos = 0; + *plen = 0; +- *complete = 0; ++ *is_all = 0; + if (pheaders) { + *pheaders = NULL; + } + +- H2_STREAM_OUT_LOG(APLOG_TRACE2, stream, "add_data"); ++ H2_STREAM_OUT_LOG(APLOG_TRACE2, stream, "add_buffered_data"); + b = APR_BRIGADE_FIRST(stream->out_buffer); + while (b != APR_BRIGADE_SENTINEL(stream->out_buffer)) { + e = APR_BUCKET_NEXT(b); +@@ -833,7 +833,7 @@ + } + b = e; + } +- *complete = 1; ++ *is_all = 1; + return APR_SUCCESS; + } + +@@ -865,7 +865,7 @@ + requested = (*plen > 0)? H2MIN(*plen, max_chunk) : max_chunk; + + /* count the buffered data until eos or a headers bucket */ +- status = add_data(stream, requested, plen, peos, &complete, pheaders); ++ status = add_buffered_data(stream, requested, plen, peos, &complete, pheaders); + + if (status == APR_EAGAIN) { + /* TODO: ugly, someone needs to retrieve the response first */ +@@ -882,29 +882,39 @@ + return APR_SUCCESS; + } + ++ /* If there we do not have enough buffered data to satisfy the requested ++ * length *and* we counted the _complete_ buffer (and did not stop in the middle ++ * because of meta data there), lets see if we can read more from the ++ * output beam */ + missing = H2MIN(requested, stream->max_mem) - *plen; + if (complete && !*peos && missing > 0) { ++ apr_status_t rv = APR_EOF; ++ + if (stream->output) { + H2_STREAM_OUT_LOG(APLOG_TRACE2, stream, "pre"); +- status = h2_beam_receive(stream->output, stream->out_buffer, +- APR_NONBLOCK_READ, +- stream->max_mem - *plen); ++ rv = h2_beam_receive(stream->output, stream->out_buffer, ++ APR_NONBLOCK_READ, stream->max_mem - *plen); + H2_STREAM_OUT_LOG(APLOG_TRACE2, stream, "post"); + } +- else { +- status = APR_EOF; ++ ++ if (rv == APR_SUCCESS) { ++ /* count the buffer again, now that we have read output */ ++ status = add_buffered_data(stream, requested, plen, peos, &complete, pheaders); + } +- +- if (APR_STATUS_IS_EOF(status)) { ++ else if (APR_STATUS_IS_EOF(rv)) { + apr_bucket *eos = apr_bucket_eos_create(c->bucket_alloc); + APR_BRIGADE_INSERT_TAIL(stream->out_buffer, eos); + *peos = 1; +- status = APR_SUCCESS; + } +- else if (status == APR_SUCCESS) { +- /* do it again, now that we have gotten more */ +- status = add_data(stream, requested, plen, peos, &complete, pheaders); ++ else if (APR_STATUS_IS_EAGAIN(rv)) { ++ /* we set this is the status of this call only if there ++ * is no buffered data, see check below */ + } ++ else { ++ /* real error reading. Give this back directly, even though ++ * we may have something buffered. */ ++ status = rv; ++ } + } + + if (status == APR_SUCCESS) { +Index: modules/http2/h2_task.c +=================================================================== +--- modules/http2/h2_task.c (revision 1804645) ++++ modules/http2/h2_task.c (working copy) +@@ -129,7 +129,7 @@ + apr_bucket_brigade* bb) + { + apr_bucket *b; +- apr_status_t status = APR_SUCCESS; ++ apr_status_t rv = APR_SUCCESS; + int flush = 0, blocking; + + if (task->frozen) { +@@ -148,17 +148,16 @@ + return APR_SUCCESS; + } + ++send: + /* we send block once we opened the output, so someone is there + * reading it *and* the task is not assigned to a h2_req_engine */ + blocking = (!task->assigned && task->output.opened); +- if (!task->output.opened) { +- for (b = APR_BRIGADE_FIRST(bb); +- b != APR_BRIGADE_SENTINEL(bb); +- b = APR_BUCKET_NEXT(b)) { +- if (APR_BUCKET_IS_FLUSH(b)) { +- flush = 1; +- break; +- } ++ for (b = APR_BRIGADE_FIRST(bb); ++ b != APR_BRIGADE_SENTINEL(bb); ++ b = APR_BUCKET_NEXT(b)) { ++ if (APR_BUCKET_IS_FLUSH(b) || APR_BUCKET_IS_EOS(b) || AP_BUCKET_IS_EOR(b)) { ++ flush = 1; ++ break; + } + } + +@@ -166,32 +165,48 @@ + /* still have data buffered from previous attempt. + * setaside and append new data and try to pass the complete data */ + if (!APR_BRIGADE_EMPTY(bb)) { +- status = ap_save_brigade(f, &task->output.bb, &bb, task->pool); ++ if (APR_SUCCESS != (rv = ap_save_brigade(f, &task->output.bb, &bb, task->pool))) { ++ goto out; ++ } + } +- if (status == APR_SUCCESS) { +- status = send_out(task, task->output.bb, blocking); +- } ++ rv = send_out(task, task->output.bb, blocking); + } + else { +- /* no data buffered here, try to pass the brigade directly */ +- status = send_out(task, bb, blocking); +- if (status == APR_SUCCESS && !APR_BRIGADE_EMPTY(bb)) { +- /* could not write all, buffer the rest */ +- ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, task->c, APLOGNO(03405) +- "h2_slave_out(%s): saving brigade", +- task->id); +- status = ap_save_brigade(f, &task->output.bb, &bb, task->pool); +- flush = 1; ++ /* no data buffered previously, pass brigade directly */ ++ rv = send_out(task, bb, blocking); ++ ++ if (APR_SUCCESS == rv && !APR_BRIGADE_EMPTY(bb)) { ++ /* output refused to buffer it all, time to open? */ ++ if (!task->output.opened && APR_SUCCESS == (rv = open_output(task))) { ++ /* Make another attempt to send the data. With the output open, ++ * the call might be blocking and send all data, so we do not need ++ * to save the brigade */ ++ goto send; ++ } ++ else if (blocking && flush) { ++ /* Need to keep on doing this. */ ++ goto send; ++ } ++ ++ if (APR_SUCCESS == rv) { ++ /* could not write all, buffer the rest */ ++ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, rv, task->c, APLOGNO(03405) ++ "h2_slave_out(%s): saving brigade", task->id); ++ ap_assert(NULL); ++ rv = ap_save_brigade(f, &task->output.bb, &bb, task->pool); ++ flush = 1; ++ } + } + } + +- if (status == APR_SUCCESS && !task->output.opened && flush) { ++ if (APR_SUCCESS == rv && !task->output.opened && flush) { + /* got a flush or could not write all, time to tell someone to read */ +- status = open_output(task); ++ rv = open_output(task); + } +- ap_log_cerror(APLOG_MARK, APLOG_TRACE2, status, task->c, ++out: ++ ap_log_cerror(APLOG_MARK, APLOG_TRACE2, rv, task->c, + "h2_slave_out(%s): slave_out leave", task->id); +- return status; ++ return rv; + } + + static apr_status_t output_finish(h2_task *task) +Index: modules/http2/h2_version.h +=================================================================== +--- modules/http2/h2_version.h (revision 1804645) ++++ modules/http2/h2_version.h (working copy) +@@ -26,7 +26,7 @@ + * @macro + * Version number of the http2 module as c string + */ +-#define MOD_HTTP2_VERSION "1.10.7" ++#define MOD_HTTP2_VERSION "1.10.10" + + /** + * @macro +@@ -34,7 +34,7 @@ + * release. This is a 24 bit number with 8 bits for major number, 8 bits + * for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203. + */ +-#define MOD_HTTP2_VERSION_NUM 0x010a06 ++#define MOD_HTTP2_VERSION_NUM 0x010a0a + + + #endif /* mod_h2_h2_version_h */ +Index: modules/http2 +=================================================================== +--- modules/http2 (revision 1804645) ++++ modules/http2 (working copy) + +Property changes on: modules/http2 +___________________________________________________________________ +Modified: svn:mergeinfo +## -0,0 +0,1 ## + Merged /httpd/httpd/trunk/modules/http2:r1803420,1803454,1804090 +Index: . +=================================================================== +--- . (revision 1804645) ++++ . (working copy) + +Property changes on: . +___________________________________________________________________ +Modified: svn:mergeinfo +## -0,0 +0,1 ## + Merged /httpd/httpd/trunk:r1803420,1803454,1804090 diff --git a/src/patches/squid-3.5.26-fix-max-file-descriptors.patch b/src/patches/squid-3.5.27-fix-max-file-descriptors.patch similarity index 100% rename from src/patches/squid-3.5.26-fix-max-file-descriptors.patch rename to src/patches/squid-3.5.27-fix-max-file-descriptors.patch diff --git a/src/patches/squid/squid-3.5-14169.patch b/src/patches/squid/squid-3.5-14169.patch deleted file mode 100644 index 464ce53..0000000 --- a/src/patches/squid/squid-3.5-14169.patch +++ /dev/null @@ -1,881 +0,0 @@ ------------------------------------------------------------- -revno: 14169 -revision-id: squid3@treenet.co.nz-20170614213720-3qmiohlx4zr2jnqq -parent: squid3@treenet.co.nz-20170601134753-6u64sl2rzmbfs67l -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=2833 -author: Eduard Bagdasaryan eduard.bagdasaryan@measurement-factory.com -committer: Amos Jeffries squid3@treenet.co.nz -branch nick: 3.5 -timestamp: Thu 2017-06-15 09:37:20 +1200 -message: - Bug 2833 pt2: Collapse internal revalidation requests (SMP-unaware caches), again. - - The security fix in v5 r14979 had a negative effect on collapsed - forwarding. All "private" entries were considered automatically - non-shareable among collapsed clients. However this is not true: there - are many situations when collapsed forwarding should work despite of - "private" entry status: 304/5xx responses are good examples of that. - This patch fixes that by means of a new StoreEntry::shareableWhenPrivate - flag. - - The suggested fix is not complete: To cover all possible situations, we - need to decide whether StoreEntry::shareableWhenPrivate is true or not - for all contexts where StoreEntry::setPrivateKey() is used. This patch - fixes only few important cases inside http.cc, making CF (as well - collapsed revalidation) work for some [non-cacheable] response status - codes, including 3xx, 5xx and some others. - - The original support for internal revalidation requests collapsing - was in trink r14755 and referred to Squid bugs 2833, 4311, and 4471. ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20170614213720-3qmiohlx4zr2jnqq -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: 9e248e2e9d2f1defe1070eb808177df978fb4146 -# timestamp: 2017-06-14 21:51:05 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20170601134753-\ -# 6u64sl2rzmbfs67l -# -# Begin patch -=== modified file 'src/HttpHdrCc.cc' ---- src/HttpHdrCc.cc 2017-01-01 00:16:45 +0000 -+++ src/HttpHdrCc.cc 2017-06-14 21:37:20 +0000 -@@ -262,8 +262,8 @@ - case CC_PUBLIC: - break; - case CC_PRIVATE: -- if (Private().size()) -- packerPrintf(p, "="" SQUIDSTRINGPH """, SQUIDSTRINGPRINT(Private())); -+ if (private_.size()) -+ packerPrintf(p, "="" SQUIDSTRINGPH """, SQUIDSTRINGPRINT(private_)); - break; - - case CC_NO_CACHE: - -=== modified file 'src/MemStore.cc' ---- src/MemStore.cc 2017-01-01 00:16:45 +0000 -+++ src/MemStore.cc 2017-06-14 21:37:20 +0000 -@@ -299,7 +299,7 @@ - e.ping_status = PING_NONE; - - EBIT_CLR(e.flags, RELEASE_REQUEST); -- EBIT_CLR(e.flags, KEY_PRIVATE); -+ e.clearPrivate(); - EBIT_SET(e.flags, ENTRY_VALIDATED); - - MemObject::MemCache &mc = e.mem_obj->memCache; - -=== modified file 'src/Store.h' ---- src/Store.h 2017-01-01 00:16:45 +0000 -+++ src/Store.h 2017-06-14 21:37:20 +0000 -@@ -95,15 +95,19 @@ - void abort(); - void unlink(); - void makePublic(const KeyScope keyScope = ksDefault); -- void makePrivate(); -+ void makePrivate(const bool shareable); -+ /// A low-level method just resetting "private key" flags. -+ /// To avoid key inconsistency please use forcePublicKey() -+ /// or similar instead. -+ void clearPrivate(); - void setPublicKey(const KeyScope keyScope = ksDefault); - /// Resets existing public key to a public key with default scope, - /// releasing the old default-scope entry (if any). - /// Does nothing if the existing public key already has default scope. - void clearPublicKeyScope(); -- void setPrivateKey(); -+ void setPrivateKey(const bool shareable); - void expireNow(); -- void releaseRequest(); -+ void releaseRequest(const bool shareable = false); - void negativeCache(); - void cacheNegatively(); /** \todo argh, why both? */ - void invokeHandlers(); -@@ -230,7 +234,13 @@ - /// update last reference timestamp and related Store metadata - void touch(); - -- virtual void release(); -+ virtual void release(const bool shareable = false); -+ -+ /// May the caller commit to treating this [previously locked] -+ /// entry as a cache hit? -+ bool mayStartHitting() const { -+ return !EBIT_TEST(flags, KEY_PRIVATE) || shareableWhenPrivate; -+ } - - #if USE_ADAPTATION - /// call back producer when more buffer space is available -@@ -252,6 +262,13 @@ - - unsigned short lock_count; /* Assume < 65536! */ - -+ /// Nobody can find/lock KEY_PRIVATE entries, but some transactions -+ /// (e.g., collapsed requests) find/lock a public entry before it becomes -+ /// private. May such transactions start using the now-private entry -+ /// they previously locked? This member should not affect transactions -+ /// that already started reading from the entry. -+ bool shareableWhenPrivate; -+ - #if USE_ADAPTATION - /// producer callback registered with deferProducer - AsyncCall::Pointer deferredProducer; -@@ -259,6 +276,8 @@ - - bool validLength() const; - bool hasOneOfEtags(const String &reqETags, const bool allowWeakMatch) const; -+ -+ friend std::ostream &operator <<(std::ostream &os, const StoreEntry &e); - }; - - std::ostream &operator <<(std::ostream &os, const StoreEntry &e); - -=== modified file 'src/client_side_reply.cc' ---- src/client_side_reply.cc 2017-05-29 13:15:55 +0000 -+++ src/client_side_reply.cc 2017-06-14 21:37:20 +0000 -@@ -396,8 +396,8 @@ - if (result.flags.error && !EBIT_TEST(http->storeEntry()->flags, ENTRY_ABORTED)) - return; - -- if (collapsedRevalidation == crSlave && EBIT_TEST(http->storeEntry()->flags, KEY_PRIVATE)) { -- debugs(88, 3, "CF slave hit private " << *http->storeEntry() << ". MISS"); -+ if (collapsedRevalidation == crSlave && !http->storeEntry()->mayStartHitting()) { -+ debugs(88, 3, "CF slave hit private non-shareable " << *http->storeEntry() << ". MISS"); - // restore context to meet processMiss() expectations - restoreState(); - http->logType = LOG_TCP_MISS; -@@ -530,7 +530,7 @@ - // The previously identified hit suddenly became unsharable! - // This is common for collapsed forwarding slaves but might also - // happen to regular hits because we are called asynchronously. -- if (EBIT_TEST(e->flags, KEY_PRIVATE)) { -+ if (!e->mayStartHitting()) { - debugs(88, 3, "unsharable " << *e << ". MISS"); - http->logType = LOG_TCP_MISS; - processMiss(); - -=== modified file 'src/fs/rock/RockSwapDir.cc' ---- src/fs/rock/RockSwapDir.cc 2017-01-01 00:16:45 +0000 -+++ src/fs/rock/RockSwapDir.cc 2017-06-14 21:37:20 +0000 -@@ -149,7 +149,7 @@ - e.ping_status = PING_NONE; - - EBIT_CLR(e.flags, RELEASE_REQUEST); -- EBIT_CLR(e.flags, KEY_PRIVATE); -+ e.clearPrivate(); - EBIT_SET(e.flags, ENTRY_VALIDATED); - - e.swap_dirn = index; - -=== modified file 'src/fs/ufs/UFSSwapDir.cc' ---- src/fs/ufs/UFSSwapDir.cc 2017-01-01 00:16:45 +0000 -+++ src/fs/ufs/UFSSwapDir.cc 2017-06-14 21:37:20 +0000 -@@ -809,7 +809,7 @@ - e->refcount = refcount; - e->flags = newFlags; - EBIT_CLR(e->flags, RELEASE_REQUEST); -- EBIT_CLR(e->flags, KEY_PRIVATE); -+ e->clearPrivate(); - e->ping_status = PING_NONE; - EBIT_CLR(e->flags, ENTRY_VALIDATED); - mapBitSet(e->swap_filen); - -=== modified file 'src/http.cc' ---- src/http.cc 2017-01-01 00:16:45 +0000 -+++ src/http.cc 2017-06-14 21:37:20 +0000 -@@ -290,7 +290,9 @@ - (Config.onoff.surrogate_is_remote - && sctusable->noStoreRemote())) { - surrogateNoStore = true; -- entry->makePrivate(); -+ // Be conservative for now and make it non-shareable because -+ // there is no enough information here to make the decision. -+ entry->makePrivate(false); - } - - /* The HttpHeader logic cannot tell if the header it's parsing is a reply to an -@@ -315,12 +317,13 @@ - } - } - --int --HttpStateData::cacheableReply() -+HttpStateData::ReuseDecision::Answers -+HttpStateData::reusableReply(HttpStateData::ReuseDecision &decision) - { - HttpReply const *rep = finalReply(); - HttpHeader const *hdr = &rep->header; - const char *v; -+ - #if USE_HTTP_VIOLATIONS - - const RefreshPattern *R = NULL; -@@ -337,24 +340,19 @@ - #define REFRESH_OVERRIDE(flag) 0 - #endif - -- if (EBIT_TEST(entry->flags, RELEASE_REQUEST)) { -- debugs(22, 3, "NO because " << *entry << " has been released."); -- return 0; -- } -+ if (EBIT_TEST(entry->flags, RELEASE_REQUEST)) -+ return decision.make(ReuseDecision::reuseNot, "the entry has been released"); - - // RFC 7234 section 4: a cache MUST use the most recent response - // (as determined by the Date header field) -- if (sawDateGoBack) { -- debugs(22, 3, "NO because " << *entry << " has an older date header."); -- return 0; -- } -+ // TODO: whether such responses could be shareable? -+ if (sawDateGoBack) -+ return decision.make(ReuseDecision::reuseNot, "the response has an older date header"); - - // Check for Surrogate/1.0 protocol conditions - // NP: reverse-proxy traffic our parent server has instructed us never to cache -- if (surrogateNoStore) { -- debugs(22, 3, HERE << "NO because Surrogate-Control:no-store"); -- return 0; -- } -+ if (surrogateNoStore) -+ return decision.make(ReuseDecision::reuseNot, "Surrogate-Control:no-store"); - - // RFC 2616: HTTP/1.1 Cache-Control conditions - if (!ignoreCacheControl) { -@@ -363,11 +361,10 @@ - // for now we are not reliably doing that so we waste CPU re-checking request CC - - // RFC 2616 section 14.9.2 - MUST NOT cache any response with request CC:no-store -- if (request && request->cache_control && request->cache_control->noStore() && -- !REFRESH_OVERRIDE(ignore_no_store)) { -- debugs(22, 3, HERE << "NO because client request Cache-Control:no-store"); -- return 0; -- } -+ if (request && request->cache_control && request->cache_control->hasNoStore() && -+ !REFRESH_OVERRIDE(ignore_no_store)) -+ return decision.make(ReuseDecision::reuseNot, -+ "client request Cache-Control:no-store"); - - // NP: request CC:no-cache only means cache READ is forbidden. STORE is permitted. - if (rep->cache_control && rep->cache_control->hasNoCache() && rep->cache_control->noCache().size() > 0) { -@@ -376,19 +373,18 @@ - * successfully (ie, must revalidate AND these headers are prohibited on stale replies). - * That is a bit tricky for squid right now so we avoid caching entirely. - */ -- debugs(22, 3, HERE << "NO because server reply Cache-Control:no-cache has parameters"); -- return 0; -+ return decision.make(ReuseDecision::reuseNot, -+ "server reply Cache-Control:no-cache has parameters"); - } - - // NP: request CC:private is undefined. We ignore. - // NP: other request CC flags are limiters on HIT/MISS. We don't care about here. - - // RFC 2616 section 14.9.2 - MUST NOT cache any response with CC:no-store -- if (rep->cache_control && rep->cache_control->noStore() && -- !REFRESH_OVERRIDE(ignore_no_store)) { -- debugs(22, 3, HERE << "NO because server reply Cache-Control:no-store"); -- return 0; -- } -+ if (rep->cache_control && rep->cache_control->hasNoStore() && -+ !REFRESH_OVERRIDE(ignore_no_store)) -+ return decision.make(ReuseDecision::reuseNot, -+ "server reply Cache-Control:no-store"); - - // RFC 2616 section 14.9.1 - MUST NOT cache any response with CC:private in a shared cache like Squid. - // CC:private overrides CC:public when both are present in a response. -@@ -401,27 +397,25 @@ - * successfully (ie, must revalidate AND these headers are prohibited on stale replies). - * That is a bit tricky for squid right now so we avoid caching entirely. - */ -- debugs(22, 3, HERE << "NO because server reply Cache-Control:private"); -- return 0; -+ return decision.make(ReuseDecision::reuseNot, -+ "server reply Cache-Control:private"); - } - } - - // RFC 2068, sec 14.9.4 - MUST NOT cache any response with Authentication UNLESS certain CC controls are present - // allow HTTP violations to IGNORE those controls (ie re-block caching Auth) - if (request && (request->flags.auth || request->flags.authSent) && !REFRESH_OVERRIDE(ignore_auth)) { -- if (!rep->cache_control) { -- debugs(22, 3, HERE << "NO because Authenticated and server reply missing Cache-Control"); -- return 0; -- } -+ if (!rep->cache_control) -+ return decision.make(ReuseDecision::reuseNot, -+ "authenticated and server reply missing Cache-Control"); - -- if (ignoreCacheControl) { -- debugs(22, 3, HERE << "NO because Authenticated and ignoring Cache-Control"); -- return 0; -- } -+ if (ignoreCacheControl) -+ return decision.make(ReuseDecision::reuseNot, -+ "authenticated and ignoring Cache-Control"); - - bool mayStore = false; - // HTTPbis pt6 section 3.2: a response CC:public is present -- if (rep->cache_control->Public()) { -+ if (rep->cache_control->hasPublic()) { - debugs(22, 3, HERE << "Authenticated but server reply Cache-Control:public"); - mayStore = true; - -@@ -441,15 +435,13 @@ - #endif - - // HTTPbis pt6 section 3.2: a response CC:s-maxage is present -- } else if (rep->cache_control->sMaxAge()) { -+ } else if (rep->cache_control->hasSMaxAge()) { - debugs(22, 3, HERE << "Authenticated but server reply Cache-Control:s-maxage"); - mayStore = true; - } - -- if (!mayStore) { -- debugs(22, 3, HERE << "NO because Authenticated transaction"); -- return 0; -- } -+ if (!mayStore) -+ return decision.make(ReuseDecision::reuseNot, "authenticated transaction"); - - // NP: response CC:no-cache is equivalent to CC:must-revalidate,max-age=0. We MAY cache, and do so. - // NP: other request CC flags are limiters on HIT/MISS/REFRESH. We don't care about here. -@@ -460,12 +452,26 @@ - * probably should not be cachable - */ - if ((v = hdr->getStr(HDR_CONTENT_TYPE))) -- if (!strncasecmp(v, "multipart/x-mixed-replace", 25)) { -- debugs(22, 3, HERE << "NO because Content-Type:multipart/x-mixed-replace"); -- return 0; -- } -+ if (!strncasecmp(v, "multipart/x-mixed-replace", 25)) -+ return decision.make(ReuseDecision::reuseNot, "Content-Type:multipart/x-mixed-replace"); -+ -+ // TODO: if possible, provide more specific message for each status code -+ static const char *shareableError = "shareable error status code"; -+ static const char *nonShareableError = "non-shareable error status code"; -+ ReuseDecision::Answers statusAnswer = ReuseDecision::reuseNot; -+ const char *statusReason = nonShareableError; - - switch (rep->sline.status()) { -+ -+ /* There are several situations when a non-cacheable response may be -+ * still shareable (e.g., among collapsed clients). We assume that these -+ * are 3xx and 5xx responses, indicating server problems and some of -+ * 4xx responses, common for all clients with a given cache key (e.g., -+ * 404 Not Found or 414 URI Too Long). On the other hand, we should not -+ * share non-cacheable client-specific errors, such as 400 Bad Request -+ * or 406 Not Acceptable. -+ */ -+ - /* Responses that are cacheable */ - - case Http::scOkay: -@@ -482,112 +488,90 @@ - * Don't cache objects that need to be refreshed on next request, - * unless we know how to refresh it. - */ -+ if (refreshIsCachable(entry) || REFRESH_OVERRIDE(store_stale)) -+ decision.make(ReuseDecision::cachePositively, "refresh check returned cacheable"); -+ else -+ decision.make(ReuseDecision::doNotCacheButShare, "refresh check returned non-cacheable"); - -- if (!refreshIsCachable(entry) && !REFRESH_OVERRIDE(store_stale)) { -- debugs(22, 3, "NO because refreshIsCachable() returned non-cacheable.."); -- return 0; -- } else { -- debugs(22, 3, HERE << "YES because HTTP status " << rep->sline.status()); -- return 1; -- } -- /* NOTREACHED */ - break; - - /* Responses that only are cacheable if the server says so */ - - case Http::scFound: - case Http::scTemporaryRedirect: -- if (rep->date <= 0) { -- debugs(22, 3, HERE << "NO because HTTP status " << rep->sline.status() << " and Date missing/invalid"); -- return 0; -- } -- if (rep->expires > rep->date) { -- debugs(22, 3, HERE << "YES because HTTP status " << rep->sline.status() << " and Expires > Date"); -- return 1; -- } else { -- debugs(22, 3, HERE << "NO because HTTP status " << rep->sline.status() << " and Expires <= Date"); -- return 0; -- } -- /* NOTREACHED */ -+ -+ if (rep->date <= 0) -+ decision.make(ReuseDecision::doNotCacheButShare, "Date is missing/invalid"); -+ else if (rep->expires > rep->date) -+ decision.make(ReuseDecision::cachePositively, "Expires > Date"); -+ else -+ decision.make(ReuseDecision::doNotCacheButShare, "Expires <= Date"); - break; - -- /* Errors can be negatively cached */ -- -+ /* These responses can be negatively cached. Most can also be shared. */ - case Http::scNoContent: -- - case Http::scUseProxy: -- -- case Http::scBadRequest: -- - case Http::scForbidden: -- - case Http::scNotFound: -- - case Http::scMethodNotAllowed: -- - case Http::scUriTooLong: -- - case Http::scInternalServerError: -- - case Http::scNotImplemented: -- - case Http::scBadGateway: -- - case Http::scServiceUnavailable: -- - case Http::scGatewayTimeout: - case Http::scMisdirectedRequest: -- -- debugs(22, 3, "MAYBE because HTTP status " << rep->sline.status()); -- return -1; -- -- /* NOTREACHED */ -+ statusAnswer = ReuseDecision::doNotCacheButShare; -+ statusReason = shareableError; -+ // fall through to the actual decision making below -+ -+ case Http::scBadRequest: // no sharing; perhaps the server did not like something specific to this request -+ -+#if USE_HTTP_VIOLATIONS -+ if (Config.negativeTtl > 0) -+ decision.make(ReuseDecision::cacheNegatively, "Config.negativeTtl > 0"); -+ else -+#endif -+ decision.make(statusAnswer, statusReason); - break; - -- /* Some responses can never be cached */ -- -- case Http::scPartialContent: /* Not yet supported */ -- -+ /* these responses can never be cached, some -+ of them can be shared though */ - case Http::scSeeOther: -- - case Http::scNotModified: -- - case Http::scUnauthorized: -- - case Http::scProxyAuthenticationRequired: -- -- case Http::scInvalidHeader: /* Squid header parsing error */ -- -- case Http::scHeaderTooLarge: -- - case Http::scPaymentRequired: -+ case Http::scInsufficientStorage: -+ // TODO: use more specific reason for non-error status codes -+ decision.make(ReuseDecision::doNotCacheButShare, shareableError); -+ break; -+ -+ case Http::scPartialContent: /* Not yet supported. TODO: make shareable for suitable ranges */ - case Http::scNotAcceptable: -- case Http::scRequestTimeout: -- case Http::scConflict: -+ case Http::scRequestTimeout: // TODO: is this shareable? -+ case Http::scConflict: // TODO: is this shareable? - case Http::scLengthRequired: - case Http::scPreconditionFailed: - case Http::scPayloadTooLarge: - case Http::scUnsupportedMediaType: - case Http::scUnprocessableEntity: -- case Http::scLocked: -+ case Http::scLocked: // TODO: is this shareable? - case Http::scFailedDependency: -- case Http::scInsufficientStorage: - case Http::scRequestedRangeNotSatisfied: - case Http::scExpectationFailed: -- -- debugs(22, 3, HERE << "NO because HTTP status " << rep->sline.status()); -- return 0; -- -+ case Http::scInvalidHeader: /* Squid header parsing error */ -+ case Http::scHeaderTooLarge: -+ decision.make(ReuseDecision::reuseNot, nonShareableError); -+ break; - default: - /* RFC 2616 section 6.1.1: an unrecognized response MUST NOT be cached. */ -- debugs (11, 3, HERE << "NO because unknown HTTP status code " << rep->sline.status()); -- return 0; - -- /* NOTREACHED */ -+ decision.make(ReuseDecision::reuseNot, "unknown status code"); - break; - } - -- /* NOTREACHED */ -+ return decision.answer; - } - - /// assemble a variant key (vary-mark) from the given Vary header and HTTP request -@@ -898,11 +882,12 @@ - - Ctx ctx = ctx_enter(entry->mem_obj->urlXXX()); - HttpReply *rep = finalReply(); -+ const Http::StatusCode statusCode = rep->sline.status(); - - entry->timestampsSet(); - - /* Check if object is cacheable or not based on reply code */ -- debugs(11, 3, "HTTP CODE: " << rep->sline.status()); -+ debugs(11, 3, "HTTP CODE: " << statusCode); - - if (const StoreEntry *oldEntry = findPreviouslyCachedEntry(entry)) - sawDateGoBack = rep->olderThan(oldEntry->getReply()); -@@ -919,7 +904,9 @@ - const SBuf vary(httpMakeVaryMark(request, rep)); - - if (vary.isEmpty()) { -- entry->makePrivate(); -+ // TODO: check whether such responses are shareable. -+ // Do not share for now. -+ entry->makePrivate(false); - if (!fwd->reforwardableStatus(rep->sline.status())) - EBIT_CLR(entry->flags, ENTRY_FWD_HDR_WAIT); - varyFailure = true; -@@ -942,30 +929,31 @@ - if (!fwd->reforwardableStatus(rep->sline.status())) - EBIT_CLR(entry->flags, ENTRY_FWD_HDR_WAIT); - -- switch (cacheableReply()) { -- -- case 1: -+ ReuseDecision decision(entry, statusCode); -+ -+ switch (reusableReply(decision)) { -+ -+ case ReuseDecision::reuseNot: -+ entry->makePrivate(false); -+ break; -+ -+ case ReuseDecision::cachePositively: - entry->makePublic(); - break; - -- case 0: -- entry->makePrivate(); -+ case ReuseDecision::cacheNegatively: -+ entry->cacheNegatively(); - break; - -- case -1: -- --#if USE_HTTP_VIOLATIONS -- if (Config.negativeTtl > 0) -- entry->cacheNegatively(); -- else --#endif -- entry->makePrivate(); -+ case ReuseDecision::doNotCacheButShare: -+ entry->makePrivate(true); - break; - - default: - assert(0); - break; - } -+ debugs(11, 3, "decided: " << decision); - } - - if (!ignoreCacheControl) { -@@ -2429,3 +2417,29 @@ - mustStop(reason); - } - -+HttpStateData::ReuseDecision::ReuseDecision(const StoreEntry *e, const Http::StatusCode code) -+ : answer(HttpStateData::ReuseDecision::reuseNot), reason(nullptr), entry(e), statusCode(code) {} -+ -+HttpStateData::ReuseDecision::Answers -+HttpStateData::ReuseDecision::make(const HttpStateData::ReuseDecision::Answers ans, const char *why) -+{ -+ answer = ans; -+ reason = why; -+ return answer; -+} -+ -+std::ostream &operator <<(std::ostream &os, const HttpStateData::ReuseDecision &d) -+{ -+ static const char *ReuseMessages[] = { -+ "do not cache and do not share", // reuseNot -+ "cache positively and share", // cachePositively -+ "cache negatively and share", // cacheNegatively -+ "do not cache but share" // doNotCacheButShare -+ }; -+ -+ assert(d.answer >= HttpStateData::ReuseDecision::reuseNot && -+ d.answer <= HttpStateData::ReuseDecision::doNotCacheButShare); -+ return os << ReuseMessages[d.answer] << " because " << d.reason << -+ "; HTTP status " << d.statusCode << " " << *(d.entry); -+} -+ - -=== modified file 'src/http.h' ---- src/http.h 2017-01-01 00:16:45 +0000 -+++ src/http.h 2017-06-14 21:37:20 +0000 -@@ -22,6 +22,23 @@ - { - - public: -+ -+ /// assists in making and relaying entry caching/sharing decision -+ class ReuseDecision -+ { -+ public: -+ enum Answers { reuseNot = 0, cachePositively, cacheNegatively, doNotCacheButShare }; -+ -+ ReuseDecision(const StoreEntry *e, const Http::StatusCode code); -+ /// stores the corresponding decision -+ Answers make(const Answers ans, const char *why); -+ -+ Answers answer; ///< the decision id -+ const char *reason; ///< the decision reason -+ const StoreEntry *entry; ///< entry for debugging -+ const Http::StatusCode statusCode; ///< HTTP status for debugging -+ }; -+ - HttpStateData(FwdState *); - ~HttpStateData(); - -@@ -39,8 +56,8 @@ - void readReply(const CommIoCbParams &io); - virtual void maybeReadVirginBody(); // read response data from the network - -- // Determine whether the response is a cacheable representation -- int cacheableReply(); -+ // Checks whether the response is cacheable/shareable. -+ ReuseDecision::Answers reusableReply(ReuseDecision &decision); - - CachePeer *_peer; /* CachePeer request made to */ - int eof; /* reached end-of-object? */ -@@ -119,6 +136,8 @@ - CBDATA_CLASS2(HttpStateData); - }; - -+std::ostream &operator <<(std::ostream &os, const HttpStateData::ReuseDecision &d); -+ - int httpCachable(const HttpRequestMethod&); - void httpStart(FwdState *); - SBuf httpMakeVaryMark(HttpRequest * request, HttpReply const * reply); - -=== modified file 'src/store.cc' ---- src/store.cc 2017-01-01 00:16:45 +0000 -+++ src/store.cc 2017-06-14 21:37:20 +0000 -@@ -171,11 +171,18 @@ - } - - void --StoreEntry::makePrivate() -+StoreEntry::makePrivate(const bool shareable) - { - /* This object should never be cached at all */ - expireNow(); -- releaseRequest(); /* delete object when not used */ -+ releaseRequest(shareable); /* delete object when not used */ -+} -+ -+void -+StoreEntry::clearPrivate() -+{ -+ EBIT_CLR(flags, KEY_PRIVATE); -+ shareableWhenPrivate = false; - } - - void -@@ -365,7 +372,8 @@ - ping_status(PING_NONE), - store_status(STORE_PENDING), - swap_status(SWAPOUT_NONE), -- lock_count(0) -+ lock_count(0), -+ shareableWhenPrivate(false) - { - debugs(20, 5, "StoreEntry constructed, this=" << this); - } -@@ -504,14 +512,14 @@ - } - - void --StoreEntry::releaseRequest() -+StoreEntry::releaseRequest(const bool shareable) - { - if (EBIT_TEST(flags, RELEASE_REQUEST)) - return; - - setReleaseFlag(); // makes validToSend() false, preventing future hits - -- setPrivateKey(); -+ setPrivateKey(shareable); - } - - int -@@ -623,12 +631,16 @@ - * concept'. - */ - void --StoreEntry::setPrivateKey() -+StoreEntry::setPrivateKey(const bool shareable) - { - const cache_key *newkey; - -- if (key && EBIT_TEST(flags, KEY_PRIVATE)) -- return; /* is already private */ -+ if (key && EBIT_TEST(flags, KEY_PRIVATE)) { -+ // The entry is already private, but it may be still shareable. -+ if (!shareable) -+ shareableWhenPrivate = false; -+ return; -+ } - - if (key) { - setReleaseFlag(); // will markForUnlink(); all caches/workers will know -@@ -649,6 +661,7 @@ - - assert(hash_lookup(store_table, newkey) == NULL); - EBIT_SET(flags, KEY_PRIVATE); -+ shareableWhenPrivate = shareable; - hashInsert(newkey); - } - -@@ -705,14 +718,17 @@ - if (StoreEntry *e2 = (StoreEntry *)hash_lookup(store_table, newkey)) { - assert(e2 != this); - debugs(20, 3, "Making old " << *e2 << " private."); -- e2->setPrivateKey(); -- e2->release(); -+ -+ // TODO: check whether there is any sense in keeping old entry -+ // shareable here. Leaving it non-shareable for now. -+ e2->setPrivateKey(false); -+ e2->release(false); - } - - if (key) - hashDelete(); - -- EBIT_CLR(flags, KEY_PRIVATE); -+ clearPrivate(); - - hashInsert(newkey); - -@@ -830,7 +846,7 @@ - e->lock("storeCreateEntry"); - - if (neighbors_do_private_keys || !flags.hierarchical) -- e->setPrivateKey(); -+ e->setPrivateKey(false); - else - e->setPublicKey(); - -@@ -1264,7 +1280,7 @@ - - /* release an object from a cache */ - void --StoreEntry::release() -+StoreEntry::release(const bool shareable) - { - PROF_start(storeRelease); - debugs(20, 3, "releasing " << *this << ' ' << getMD5Text()); -@@ -1274,7 +1290,7 @@ - if (locked()) { - expireNow(); - debugs(20, 3, "storeRelease: Only setting RELEASE_REQUEST bit"); -- releaseRequest(); -+ releaseRequest(shareable); - PROF_stop(storeRelease); - return; - } -@@ -1282,7 +1298,7 @@ - Store::Root().memoryUnlink(*this); - - if (StoreController::store_dirs_rebuilding && swap_filen > -1) { -- setPrivateKey(); -+ setPrivateKey(shareable); - - if (swap_filen > -1) { - // lock the entry until rebuilding is done -@@ -2181,7 +2197,11 @@ - if (EBIT_TEST(e.flags, REFRESH_REQUEST)) os << 'F'; - if (EBIT_TEST(e.flags, ENTRY_REVALIDATE_STALE)) os << 'E'; - if (EBIT_TEST(e.flags, ENTRY_DISPATCHED)) os << 'D'; -- if (EBIT_TEST(e.flags, KEY_PRIVATE)) os << 'I'; -+ if (EBIT_TEST(e.flags, KEY_PRIVATE)) { -+ os << 'I'; -+ if (e.shareableWhenPrivate) -+ os << 'H'; -+ } - if (EBIT_TEST(e.flags, ENTRY_FWD_HDR_WAIT)) os << 'W'; - if (EBIT_TEST(e.flags, ENTRY_NEGCACHED)) os << 'N'; - if (EBIT_TEST(e.flags, ENTRY_VALIDATED)) os << 'V'; - -=== modified file 'src/tests/stub_store.cc' ---- src/tests/stub_store.cc 2017-01-01 00:16:45 +0000 -+++ src/tests/stub_store.cc 2017-06-14 21:37:20 +0000 -@@ -43,11 +43,11 @@ - void StoreEntry::abort() STUB - void StoreEntry::unlink() STUB - void StoreEntry::makePublic(const KeyScope keyScope) STUB --void StoreEntry::makePrivate() STUB -+void StoreEntry::makePrivate(const bool shareable) STUB - void StoreEntry::setPublicKey(const KeyScope keyScope) STUB --void StoreEntry::setPrivateKey() STUB -+void StoreEntry::setPrivateKey(const bool shareable) STUB - void StoreEntry::expireNow() STUB --void StoreEntry::releaseRequest() STUB -+void StoreEntry::releaseRequest(const bool shareable) STUB - void StoreEntry::negativeCache() STUB - void StoreEntry::cacheNegatively() STUB - void StoreEntry::purgeMem() STUB -@@ -99,7 +99,7 @@ - int64_t StoreEntry::contentLen() const STUB_RETVAL(0) - void StoreEntry::lock(const char *) STUB - void StoreEntry::touch() STUB --void StoreEntry::release() STUB -+void StoreEntry::release(const bool shareable) STUB - - NullStoreEntry *NullStoreEntry::getInstance() STUB_RETVAL(NULL) - const char *NullStoreEntry::getMD5Text() const STUB_RETVAL(NULL) - -=== modified file 'src/tests/testStoreController.cc' ---- src/tests/testStoreController.cc 2017-01-01 00:16:45 +0000 -+++ src/tests/testStoreController.cc 2017-06-14 21:37:20 +0000 -@@ -116,7 +116,7 @@ - e->lastModified(squid_curtime); - e->refcount = 1; - EBIT_CLR(e->flags, RELEASE_REQUEST); -- EBIT_CLR(e->flags, KEY_PRIVATE); -+ e->clearPrivate(); - e->ping_status = PING_NONE; - EBIT_CLR(e->flags, ENTRY_VALIDATED); - e->hashInsert((const cache_key *)name.termedBuf()); /* do it after we clear KEY_PRIVATE */ - -=== modified file 'src/tests/testStoreHashIndex.cc' ---- src/tests/testStoreHashIndex.cc 2017-01-01 00:16:45 +0000 -+++ src/tests/testStoreHashIndex.cc 2017-06-14 21:37:20 +0000 -@@ -97,7 +97,7 @@ - e->lastModified(squid_curtime); - e->refcount = 1; - EBIT_CLR(e->flags, RELEASE_REQUEST); -- EBIT_CLR(e->flags, KEY_PRIVATE); -+ e->clearPrivate(); - e->ping_status = PING_NONE; - EBIT_CLR(e->flags, ENTRY_VALIDATED); - e->hashInsert((const cache_key *)name.termedBuf()); /* do it after we clear KEY_PRIVATE */ - diff --git a/src/patches/squid/squid-3.5-14170.patch b/src/patches/squid/squid-3.5-14170.patch deleted file mode 100644 index cea0f13..0000000 --- a/src/patches/squid/squid-3.5-14170.patch +++ /dev/null @@ -1,85 +0,0 @@ ------------------------------------------------------------- -revno: 14170 -revision-id: squid3@treenet.co.nz-20170614215906-ly36sobvlr2pt0u6 -parent: squid3@treenet.co.nz-20170614213720-3qmiohlx4zr2jnqq -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=2833 -author: Eduard Bagdasaryan eduard.bagdasaryan@measurement-factory.com -committer: Amos Jeffries squid3@treenet.co.nz -branch nick: 3.5 -timestamp: Thu 2017-06-15 09:59:06 +1200 -message: - Bug 2833 pt3: Do not respond with HTTP/304 to unconditional requests - - ... after internal revalidation. The original unconditional HttpRequest - was still marked (and processed) as conditional after internal - revalidation because the original (clear) Last-Modified and ETag values - were not restored (cleared) after the internal revalidation abused them. - - TODO: Isolate the code converting the request into conditional one _and_ - the code that undoes that conversion, to keep both actions in sync. ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20170614215906-ly36sobvlr2pt0u6 -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: 0991e2d39b3bcebcf18cba3db0e3b57aabf23b8b -# timestamp: 2017-06-14 22:22:43 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20170614213720-\ -# 3qmiohlx4zr2jnqq -# -# Begin patch -=== modified file 'src/client_side_reply.cc' ---- src/client_side_reply.cc 2017-06-14 21:37:20 +0000 -+++ src/client_side_reply.cc 2017-06-14 21:59:06 +0000 -@@ -72,8 +72,8 @@ - HTTPMSGUNLOCK(reply); - } - --clientReplyContext::clientReplyContext(ClientHttpRequest *clientContext) : http (cbdataReference(clientContext)), old_entry (NULL), old_sc(NULL), deleting(false), -- collapsedRevalidation(crNone) -+clientReplyContext::clientReplyContext(ClientHttpRequest *clientContext) : http (cbdataReference(clientContext)), old_entry (NULL), -+ old_sc(NULL), old_lastmod(-1), deleting(false), collapsedRevalidation(crNone) - {} - - /** Create an error in the store awaiting the client side to read it. -@@ -185,6 +185,8 @@ - debugs(88, 3, "clientReplyContext::saveState: saving store context"); - old_entry = http->storeEntry(); - old_sc = sc; -+ old_lastmod = http->request->lastmod; -+ old_etag = http->request->etag; - old_reqsize = reqsize; - tempBuffer.offset = reqofs; - /* Prevent accessing the now saved entries */ -@@ -204,9 +206,13 @@ - sc = old_sc; - reqsize = old_reqsize; - reqofs = tempBuffer.offset; -+ http->request->lastmod = old_lastmod; -+ http->request->etag = old_etag; - /* Prevent accessed the old saved entries */ - old_entry = NULL; - old_sc = NULL; -+ old_lastmod = -1; -+ old_etag.clean(); - old_reqsize = 0; - tempBuffer.offset = 0; - } - -=== modified file 'src/client_side_reply.h' ---- src/client_side_reply.h 2017-01-01 00:16:45 +0000 -+++ src/client_side_reply.h 2017-06-14 21:59:06 +0000 -@@ -130,7 +130,11 @@ - void sendNotModifiedOrPreconditionFailedError(); - - StoreEntry *old_entry; -- store_client *old_sc; /* ... for entry to be validated */ -+ /* ... for entry to be validated */ -+ store_client *old_sc; -+ time_t old_lastmod; -+ String old_etag; -+ - bool deleting; - - typedef enum { - diff --git a/src/patches/squid/squid-3.5-14171.patch b/src/patches/squid/squid-3.5-14171.patch deleted file mode 100644 index f357045..0000000 --- a/src/patches/squid/squid-3.5-14171.patch +++ /dev/null @@ -1,45 +0,0 @@ ------------------------------------------------------------- -revno: 14171 -revision-id: squidadm@squid-cache.org-20170615001633-wgrl5w8isv15o7gg -parent: squid3@treenet.co.nz-20170614215906-ly36sobvlr2pt0u6 -committer: Source Maintenance squidadm@squid-cache.org -branch nick: 3.5 -timestamp: Thu 2017-06-15 00:16:33 +0000 -message: - SourceFormat Enforcement ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squidadm@squid-cache.org-20170615001633-\ -# wgrl5w8isv15o7gg -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: 237182ac5eed6aca7e9aca295a90057f3a8cf10b -# timestamp: 2017-06-15 00:51:05 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20170614215906-\ -# ly36sobvlr2pt0u6 -# -# Begin patch -=== modified file 'src/http.cc' ---- src/http.cc 2017-06-14 21:37:20 +0000 -+++ src/http.cc 2017-06-15 00:16:33 +0000 -@@ -523,7 +523,7 @@ - case Http::scMisdirectedRequest: - statusAnswer = ReuseDecision::doNotCacheButShare; - statusReason = shareableError; -- // fall through to the actual decision making below -+ // fall through to the actual decision making below - - case Http::scBadRequest: // no sharing; perhaps the server did not like something specific to this request - -@@ -2438,8 +2438,8 @@ - }; - - assert(d.answer >= HttpStateData::ReuseDecision::reuseNot && -- d.answer <= HttpStateData::ReuseDecision::doNotCacheButShare); -+ d.answer <= HttpStateData::ReuseDecision::doNotCacheButShare); - return os << ReuseMessages[d.answer] << " because " << d.reason << -- "; HTTP status " << d.statusCode << " " << *(d.entry); -+ "; HTTP status " << d.statusCode << " " << *(d.entry); - } - - diff --git a/src/patches/squid/squid-3.5-14172.patch b/src/patches/squid/squid-3.5-14172.patch deleted file mode 100644 index aa73327..0000000 --- a/src/patches/squid/squid-3.5-14172.patch +++ /dev/null @@ -1,40 +0,0 @@ ------------------------------------------------------------- -revno: 14172 -revision-id: squid3@treenet.co.nz-20170621195439-l63xfsad58ghhhfu -parent: squidadm@squid-cache.org-20170615001633-wgrl5w8isv15o7gg -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4671 -committer: Amos Jeffries squid3@treenet.co.nz -branch nick: 3.5 -timestamp: Thu 2017-06-22 07:54:39 +1200 -message: - Bug 4671 pt2: GCC 7: raise FTP Gateway CTRL channel buffer to 16KB - - Fixes - error: %s directive output may be truncated writing up to 8191 bytes - into a region of size 1019 - note: snprintf output between 8 and 8199 bytes into a destination of - size 1024 ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20170621195439-l63xfsad58ghhhfu -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: eeb32b45efe5504eebeaae89088d4a81d807807c -# timestamp: 2017-06-21 20:50:58 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squidadm@squid-cache.org-20170615001633-\ -# wgrl5w8isv15o7gg -# -# Begin patch -=== modified file 'src/clients/FtpGateway.cc' ---- src/clients/FtpGateway.cc 2017-05-29 04:37:41 +0000 -+++ src/clients/FtpGateway.cc 2017-06-21 19:54:39 +0000 -@@ -192,7 +192,7 @@ - - #define FTP_LOGIN_NOT_ESCAPED 0 - --#define CTRL_BUFLEN 1024 -+#define CTRL_BUFLEN 16*1024 - static char cbuf[CTRL_BUFLEN]; - - /* - diff --git a/src/patches/squid/squid-3.5-14173.patch b/src/patches/squid/squid-3.5-14173.patch deleted file mode 100644 index 6841202..0000000 --- a/src/patches/squid/squid-3.5-14173.patch +++ /dev/null @@ -1,254 +0,0 @@ ------------------------------------------------------------- -revno: 14173 -revision-id: squid3@treenet.co.nz-20170621201248-ezpvykg0b307ix61 -parent: squid3@treenet.co.nz-20170621195439-l63xfsad58ghhhfu -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4671 -author: Alex Rousskov rousskov@measurement-factory.com -committer: Amos Jeffries squid3@treenet.co.nz -branch nick: 3.5 -timestamp: Thu 2017-06-22 08:12:48 +1200 -message: - Replace new/delete operators using modern C++ rules. - - This change was motivated by "Mismatched free()/delete/delete[]" errors - reported by valgrind and mused about in Squid source code. - - I speculate that the old new/delete replacement code was the result of - slow accumulation of working hacks to accomodate various environments, - as compiler support for the feature evolved. The cumulative result does - not actually work well (see the above paragraph), and the replacement - functions had the following visible coding problems according to [1,2]: - - a) Declared with non-standard profiles that included throw specifiers. - b) Declared inline. C++ says that the results of inline declarations - have unspecified effects. In Squid, they probably necessitated - complex compiler-specific "extern inline" workarounds. - c) Defined in the header file. C++ says that defining replacements "in - any source file" is enough and that multiple replacements per - program (which is what a header file definition produces) result in - "undefined behavior". - d) Declared inconsistently (only 2 out of 4 flavors). Declaring one base - flavor should be sufficient, but if we declare more, we should - declare all of them. - - [1] http://en.cppreference.com/w/cpp/memory/new/operator_new - [2] http://en.cppreference.com/w/cpp/memory/new/operator_delete - - The replacements were not provided to clang (trunk r13219), but there - was no explanation why. This patch does not change that exclusion. - - I have no idea whether any of the old hacks are still necessary in some - cases. However, I suspect that either we do not care much if the - replacements are not enabled on some poorly supported platforms OR we - can disable them (or make them work) using much simpler hacks for the - platforms we do care about. ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20170621201248-ezpvykg0b307ix61 -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: 4f15c23326e4e4fe2ca2a6c7a13333e01677a0b0 -# timestamp: 2017-06-21 20:51:02 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20170621195439-\ -# l63xfsad58ghhhfu -# -# Begin patch -=== modified file 'compat/os/macosx.h' ---- compat/os/macosx.h 2017-01-01 00:16:45 +0000 -+++ compat/os/macosx.h 2017-06-21 20:12:48 +0000 -@@ -28,11 +28,6 @@ - - #include "compat/cmsg.h" - --// MacOS GCC 4.0.1 and 4.2.1 supply __GNUC_GNU_INLINE__ but do not actually define __attribute__((gnu_inline)) --#if defined(__cplusplus) && !defined(_SQUID_EXTERNNEW_) --#define _SQUID_EXTERNNEW_ extern inline --#endif -- - #endif /* _SQUID_APPLE_ */ - #endif /* SQUID_OS_MACOSX_H */ - - -=== modified file 'compat/os/sgi.h' ---- compat/os/sgi.h 2017-01-01 00:16:45 +0000 -+++ compat/os/sgi.h 2017-06-21 20:12:48 +0000 -@@ -25,15 +25,6 @@ - #define _ABI_SOURCE - #endif /* USE_ASYNC_IO */ - --#if defined(__cplusplus) && !defined(_SQUID_EXTERNNEW_) && !defined(_GNUC_) --/* -- * The gcc compiler treats extern inline functions as being extern, -- * while the SGI MIPSpro compilers treat them as inline. To get equivalent -- * behavior, remove the inline keyword. -- */ --#define _SQUID_EXTERNNEW_ extern --#endif -- - #endif /* _SQUID_SGI_ */ - #endif /* SQUID_OS_SGI_H */ - - -=== modified file 'compat/os/solaris.h' ---- compat/os/solaris.h 2017-01-01 00:16:45 +0000 -+++ compat/os/solaris.h 2017-06-21 20:12:48 +0000 -@@ -59,13 +59,6 @@ - #endif - - /* -- * SunPro CC handles extern inline as inline, PLUS extern symbols. -- */ --#if !defined(_SQUID_EXTERNNEW_) && defined(__SUNPRO_CC) --#define _SQUID_EXTERNNEW_ extern --#endif -- --/* - * SunStudio CC does not define C++ portability API __FUNCTION__ - */ - #if defined(__SUNPRO_CC) && !defined(__FUNCTION__) - -=== removed file 'include/SquidNew.h' ---- include/SquidNew.h 2017-01-01 00:16:45 +0000 -+++ include/SquidNew.h 1970-01-01 00:00:00 +0000 -@@ -1,41 +0,0 @@ --/* -- * Copyright (C) 1996-2017 The Squid Software Foundation and contributors -- * -- * Squid software is distributed under GPLv2+ license and includes -- * contributions from numerous individuals and organizations. -- * Please see the COPYING and CONTRIBUTORS files for details. -- */ -- --#ifndef SQUID_NEW_H --#define SQUID_NEW_H -- --#if !defined(__SUNPRO_CC) && !defined(__clang__) --/* Any code using libstdc++ must have externally resolvable overloads -- * for void * operator new - which means in the .o for the binary, -- * or in a shared library. static libs don't propogate the symbol -- * so, look in the translation unit containing main() in squid -- * for the extern version in squid -- */ --#include <new> -- --_SQUID_EXTERNNEW_ void *operator new(size_t size) throw (std::bad_alloc) --{ -- return xmalloc(size); --} --_SQUID_EXTERNNEW_ void operator delete (void *address) throw() --{ -- xfree(address); --} --_SQUID_EXTERNNEW_ void *operator new[] (size_t size) throw (std::bad_alloc) --{ -- return xmalloc(size); --} --_SQUID_EXTERNNEW_ void operator delete[] (void *address) throw() --{ -- xfree(address); --} -- --#endif /* !__SUNPRO_CC && !__clang__*/ -- --#endif /* SQUID_NEW_H */ -- - -=== modified file 'include/util.h' ---- include/util.h 2017-01-01 00:16:45 +0000 -+++ include/util.h 2017-06-21 20:12:48 +0000 -@@ -19,23 +19,6 @@ - SQUIDCEXTERN int tvSubUsec(struct timeval, struct timeval); - SQUIDCEXTERN double tvSubDsec(struct timeval, struct timeval); - SQUIDCEXTERN void Tolower(char *); --#if defined(__cplusplus) --/* -- * Any code using libstdc++ must have externally resolvable overloads -- * for void * operator new - which means in the .o for the binary, -- * or in a shared library. static libs don't propogate the symbol -- * so, look in the translation unit containing main() in squid -- * for the extern version in squid -- */ --#if !defined(_SQUID_EXTERNNEW_) --#if defined(__GNUC_STDC_INLINE__) || defined(__GNUC_GNU_INLINE__) --#define _SQUID_EXTERNNEW_ extern inline __attribute__((gnu_inline)) --#else --#define _SQUID_EXTERNNEW_ extern inline --#endif --#endif --#include "SquidNew.h" --#endif - - SQUIDCEXTERN time_t parse_iso3307_time(const char *buf); - - -=== modified file 'src/SquidNew.cc' ---- src/SquidNew.cc 2017-01-01 00:16:45 +0000 -+++ src/SquidNew.cc 2017-06-21 20:12:48 +0000 -@@ -8,29 +8,45 @@ - - /* DEBUG: none Memory Allocation */ - --#define _SQUID_EXTERNNEW_ -- - #include "squid.h" - --#ifdef __SUNPRO_CC -+#if !defined(__clang__) - - #include <new> --void *operator new(size_t size) throw (std::bad_alloc) --{ -- return xmalloc(size); --} --void operator delete (void *address) throw() --{ -- xfree (address); --} --void *operator new[] (size_t size) throw (std::bad_alloc) --{ -- return xmalloc(size); --} --void operator delete[] (void *address) throw() --{ -- xfree (address); --} -- --#endif /* __SUNPRO_CC */ -+ -+void *operator new(size_t size) -+{ -+ return xmalloc(size); -+} -+void operator delete(void *address) -+{ -+ xfree(address); -+} -+void *operator new[](size_t size) -+{ -+ return xmalloc(size); -+} -+void operator delete[](void *address) -+{ -+ xfree(address); -+} -+ -+void *operator new(size_t size, const std::nothrow_t &tag) -+{ -+ return xmalloc(size); -+} -+void operator delete(void *address, const std::nothrow_t &tag) -+{ -+ xfree(address); -+} -+void *operator new[](size_t size, const std::nothrow_t &tag) -+{ -+ return xmalloc(size); -+} -+void operator delete[](void *address, const std::nothrow_t &tag) -+{ -+ xfree(address); -+} -+ -+#endif /* !defined(__clang__) */ - - diff --git a/src/patches/squid/squid-3.5-14174.patch b/src/patches/squid/squid-3.5-14174.patch deleted file mode 100644 index 7427eb3..0000000 --- a/src/patches/squid/squid-3.5-14174.patch +++ /dev/null @@ -1,274 +0,0 @@ ------------------------------------------------------------- -revno: 14174 -revision-id: squid3@treenet.co.nz-20170622153146-nxo8vl6a9r8z03v4 -parent: squid3@treenet.co.nz-20170621201248-ezpvykg0b307ix61 -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4671 -committer: Amos Jeffries squid3@treenet.co.nz -branch nick: 3.5 -timestamp: Fri 2017-06-23 03:31:46 +1200 -message: - Bug 4671 pt3: various GCC 7 compile errors - - Also, remove limit on FTP realm strings - - Convert ftpRealm() from generating char* to SBuf. This fixes issues identified - by GCC 7 where the realm string may be longer than the available buffer and - gets truncated. - The size of the buffer was making the occurance rather rare, but it is still - possible. ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20170622153146-nxo8vl6a9r8z03v4 -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: b54e1a339544443ed9b34a094717b2781c746c76 -# timestamp: 2017-06-22 15:50:59 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20170621201248-\ -# ezpvykg0b307ix61 -# -# Begin patch -=== modified file 'src/DiskIO/DiskThreads/aiops.cc' ---- src/DiskIO/DiskThreads/aiops.cc 2017-01-01 00:16:45 +0000 -+++ src/DiskIO/DiskThreads/aiops.cc 2017-06-22 15:31:46 +0000 -@@ -290,7 +290,7 @@ - /* Create threads and get them to sit in their wait loop */ - squidaio_thread_pool = memPoolCreate("aio_thread", sizeof(squidaio_thread_t)); - -- assert(NUMTHREADS); -+ assert(NUMTHREADS != 0); - - for (i = 0; i < NUMTHREADS; ++i) { - threadp = (squidaio_thread_t *)squidaio_thread_pool->alloc(); - -=== modified file 'src/clients/FtpGateway.cc' ---- src/clients/FtpGateway.cc 2017-06-21 19:54:39 +0000 -+++ src/clients/FtpGateway.cc 2017-06-22 15:31:46 +0000 -@@ -153,8 +153,8 @@ - virtual void timeout(const CommTimeoutCbParams &io); - void ftpAcceptDataConnection(const CommAcceptCbParams &io); - -- static HttpReply *ftpAuthRequired(HttpRequest * request, const char *realm); -- const char *ftpRealm(void); -+ static HttpReply *ftpAuthRequired(HttpRequest * request, SBuf &realm); -+ SBuf ftpRealm(); - void loginFailed(void); - - virtual void haveParsedReplyHeaders(); -@@ -1189,7 +1189,8 @@ - { - if (!checkAuth(&request->header)) { - /* create appropriate reply */ -- HttpReply *reply = ftpAuthRequired(request, ftpRealm()); -+ SBuf realm(ftpRealm()); // local copy so SBuf wont disappear too early -+ HttpReply *reply = ftpAuthRequired(request, realm); - entry->replaceHttpReply(reply); - serverComplete(); - return; -@@ -1290,7 +1291,9 @@ - - #if HAVE_AUTH_MODULE_BASIC - /* add Authenticate header */ -- newrep->header.putAuth("Basic", ftpRealm()); -+ // XXX: performance regression. c_str() may reallocate -+ SBuf realm(ftpRealm()); // local copy so SBuf wont disappear too early -+ newrep->header.putAuth("Basic", realm.c_str()); - #endif - - // add it to the store entry for response.... -@@ -1298,18 +1301,19 @@ - serverComplete(); - } - --const char * -+SBuf - Ftp::Gateway::ftpRealm() - { -- static char realm[8192]; -+ SBuf realm; - - /* This request is not fully authenticated */ -- if (!request) { -- snprintf(realm, 8192, "FTP %s unknown", user); -- } else if (request->port == 21) { -- snprintf(realm, 8192, "FTP %s %s", user, request->GetHost()); -- } else { -- snprintf(realm, 8192, "FTP %s %s port %d", user, request->GetHost(), request->port); -+ realm.appendf("FTP %s ", user); -+ if (!request) -+ realm.append("unknown", 7); -+ else { -+ realm.append(request->GetHost()); -+ if (request->port != 21) -+ realm.appendf(" port %d", request->port); - } - return realm; - } -@@ -2673,13 +2677,14 @@ - } - - HttpReply * --Ftp::Gateway::ftpAuthRequired(HttpRequest * request, const char *realm) -+Ftp::Gateway::ftpAuthRequired(HttpRequest * request, SBuf &realm) - { - ErrorState err(ERR_CACHE_ACCESS_DENIED, Http::scUnauthorized, request); - HttpReply *newrep = err.BuildHttpReply(); - #if HAVE_AUTH_MODULE_BASIC - /* add Authenticate header */ -- newrep->header.putAuth("Basic", realm); -+ // XXX: performance regression. c_str() may reallocate -+ newrep->header.putAuth("Basic", realm.c_str()); - #endif - return newrep; - } - -=== modified file 'src/fde.cc' ---- src/fde.cc 2017-01-01 00:16:45 +0000 -+++ src/fde.cc 2017-06-22 15:31:46 +0000 -@@ -85,15 +85,15 @@ - char const * - fde::remoteAddr() const - { -- LOCAL_ARRAY(char, buf, MAX_IPSTRLEN ); -+ static char buf[MAX_IPSTRLEN+7]; // 7 = length of ':port' strings - - if (type != FD_SOCKET) - return null_string; - - if ( *ipaddr ) -- snprintf( buf, MAX_IPSTRLEN, "%s:%d", ipaddr, (int)remote_port); -+ snprintf(buf, sizeof(buf), "%s:%u", ipaddr, remote_port); - else -- local_addr.toUrl(buf,MAX_IPSTRLEN); // toHostStr does not include port. -+ local_addr.toUrl(buf, sizeof(buf)); // toHostStr does not include port. - - return buf; - } - -=== modified file 'src/fs/ufs/RebuildState.cc' ---- src/fs/ufs/RebuildState.cc 2017-01-01 00:16:45 +0000 -+++ src/fs/ufs/RebuildState.cc 2017-06-22 15:31:46 +0000 -@@ -444,7 +444,7 @@ - } - - if (0 == in_dir) { /* we need to read in a new directory */ -- snprintf(fullpath, MAXPATHLEN, "%s/%02X/%02X", -+ snprintf(fullpath, sizeof(fullpath), "%s/%02X/%02X", - sd->path, - curlvl1, curlvl2); - -@@ -489,7 +489,7 @@ - continue; - } - -- snprintf(fullfilename, MAXPATHLEN, "%s/%s", -+ snprintf(fullfilename, sizeof(fullfilename), "%s/%s", - fullpath, entry->d_name); - debugs(47, 3, HERE << "Opening " << fullfilename); - fd = file_open(fullfilename, O_RDONLY | O_BINARY); - -=== modified file 'src/fs/ufs/RebuildState.h' ---- src/fs/ufs/RebuildState.h 2017-01-01 00:16:45 +0000 -+++ src/fs/ufs/RebuildState.h 2017-06-22 15:31:46 +0000 -@@ -54,7 +54,7 @@ - dirent_t *entry; - DIR *td; - char fullpath[MAXPATHLEN]; -- char fullfilename[MAXPATHLEN]; -+ char fullfilename[MAXPATHLEN*2]; - - StoreRebuildData counts; - - -=== modified file 'src/gopher.cc' ---- src/gopher.cc 2017-01-01 00:16:45 +0000 -+++ src/gopher.cc 2017-06-22 15:31:46 +0000 -@@ -820,7 +820,7 @@ - * This will be called when request write is complete. Schedule read of reply. - */ - static void --gopherSendComplete(const Comm::ConnectionPointer &conn, char *buf, size_t size, Comm::Flag errflag, int xerrno, void *data) -+gopherSendComplete(const Comm::ConnectionPointer &conn, char *, size_t size, Comm::Flag errflag, int xerrno, void *data) - { - GopherStateData *gopherState = (GopherStateData *) data; - StoreEntry *entry = gopherState->entry; -@@ -840,10 +840,6 @@ - err->url = xstrdup(entry->url()); - gopherState->fwd->fail(err); - gopherState->serverConn->close(); -- -- if (buf) -- memFree(buf, MEM_4K_BUF); /* Allocated by gopherSendRequest. */ -- - return; - } - -@@ -885,9 +881,6 @@ - AsyncCall::Pointer call = commCbCall(5,5, "gopherReadReply", - CommIoCbPtrFun(gopherReadReply, gopherState)); - entry->delayAwareRead(conn, gopherState->replybuf, BUFSIZ, call); -- -- if (buf) -- memFree(buf, MEM_4K_BUF); /* Allocated by gopherSendRequest. */ - } - - /** -@@ -898,32 +891,31 @@ - gopherSendRequest(int fd, void *data) - { - GopherStateData *gopherState = (GopherStateData *)data; -- char *buf = (char *)memAllocate(MEM_4K_BUF); -+ MemBuf mb; -+ mb.init(); - - if (gopherState->type_id == GOPHER_CSO) { - const char *t = strchr(gopherState->request, '?'); - -- if (t != NULL) -+ if (t) - ++t; /* skip the ? */ - else - t = ""; - -- snprintf(buf, 4096, "query %s\r\nquit\r\n", t); -- } else if (gopherState->type_id == GOPHER_INDEX) { -- char *t = strchr(gopherState->request, '?'); -- -- if (t != NULL) -- *t = '\t'; -- -- snprintf(buf, 4096, "%s\r\n", gopherState->request); -+ mb.Printf("query %s\r\nquit", t); - } else { -- snprintf(buf, 4096, "%s\r\n", gopherState->request); -+ if (gopherState->type_id == GOPHER_INDEX) { -+ if (char *t = strchr(gopherState->request, '?')) -+ *t = '\t'; -+ } -+ mb.append(gopherState->request, strlen(gopherState->request)); - } -+ mb.append("\r\n", 2); - -- debugs(10, 5, HERE << gopherState->serverConn); -+ debugs(10, 5, gopherState->serverConn); - AsyncCall::Pointer call = commCbCall(5,5, "gopherSendComplete", - CommIoCbPtrFun(gopherSendComplete, gopherState)); -- Comm::Write(gopherState->serverConn, buf, strlen(buf), call, NULL); -+ Comm::Write(gopherState->serverConn, &mb, call); - - gopherState->entry->makePublic(); - } - -=== modified file 'src/icmp/Makefile.am' ---- src/icmp/Makefile.am 2017-01-01 00:16:45 +0000 -+++ src/icmp/Makefile.am 2017-06-22 15:31:46 +0000 -@@ -59,7 +59,8 @@ - pinger_LDFLAGS = $(LIBADD_DL) - pinger_LDADD=\ - libicmp-core.la \ -- ../ip/libip.la \ -+ $(top_builddir)/src/ip/libip.la \ -+ $(top_builddir)/src/base/libbase.la \ - $(COMPAT_LIB) \ - $(XTRA_LIBS) - - diff --git a/src/patches/squid/squid-3.5-14175.patch b/src/patches/squid/squid-3.5-14175.patch deleted file mode 100644 index a2a8a5d..0000000 --- a/src/patches/squid/squid-3.5-14175.patch +++ /dev/null @@ -1,34 +0,0 @@ ------------------------------------------------------------- -revno: 14175 -revision-id: squid3@treenet.co.nz-20170629125627-socq6szqysvm9ifa -parent: squid3@treenet.co.nz-20170622153146-nxo8vl6a9r8z03v4 -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4112 -author: Sven Eisenberg sven.eisenberg@lairdtech.com -committer: Amos Jeffries squid3@treenet.co.nz -branch nick: 3.5 -timestamp: Fri 2017-06-30 00:56:27 +1200 -message: - Bug 4112: ssl_engine does not accept cryptodev ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20170629125627-socq6szqysvm9ifa -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: c74e6941e5b6df8e36d26dd5c02389ae2955bc21 -# timestamp: 2017-06-29 13:51:04 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20170622153146-\ -# nxo8vl6a9r8z03v4 -# -# Begin patch -=== modified file 'src/ssl/support.cc' ---- src/ssl/support.cc 2017-01-27 16:14:19 +0000 -+++ src/ssl/support.cc 2017-06-29 12:56:27 +0000 -@@ -737,6 +737,7 @@ - - #if HAVE_OPENSSL_ENGINE_H - if (Config.SSL.ssl_engine) { -+ ENGINE_load_builtin_engines(); - ENGINE *e; - if (!(e = ENGINE_by_id(Config.SSL.ssl_engine))) - fatalf("Unable to find SSL engine '%s'\n", Config.SSL.ssl_engine); - diff --git a/src/patches/squid/squid-3.5-14176.patch b/src/patches/squid/squid-3.5-14176.patch deleted file mode 100644 index 63141e3..0000000 --- a/src/patches/squid/squid-3.5-14176.patch +++ /dev/null @@ -1,42 +0,0 @@ ------------------------------------------------------------- -revno: 14176 -revision-id: squid3@treenet.co.nz-20170701073514-uzowexcysowqostf -parent: squid3@treenet.co.nz-20170629125627-socq6szqysvm9ifa -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4687 -author: Lubos Uhliarik luhliari@redhat.com -committer: Amos Jeffries squid3@treenet.co.nz -branch nick: 3.5 -timestamp: Sat 2017-07-01 19:35:14 +1200 -message: - Bug 4687: Wrong names of components in man page, section SEE ALSO ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20170701073514-uzowexcysowqostf -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: 9099c98de3cb8fc125dd9952373de42c079b0ccc -# timestamp: 2017-07-01 07:45:05 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20170629125627-\ -# socq6szqysvm9ifa -# -# Begin patch -=== modified file 'src/squid.8.in' ---- src/squid.8.in 2017-01-01 00:16:45 +0000 -+++ src/squid.8.in 2017-07-01 07:35:14 +0000 -@@ -265,11 +265,11 @@ - .SH SEE ALSO - .if !'po4a'hide' .B cachemgr.cgi "(8), " - .if !'po4a'hide' .B squidclient "(1), " --.if !'po4a'hide' .B pam_auth "(8), " --.if !'po4a'hide' .B squid_ldap_auth "(8), " --.if !'po4a'hide' .B squid_ldap_group "(8), " -+.if !'po4a'hide' .B basic_pam_auth "(8), " -+.if !'po4a'hide' .B basic_ldap_auth "(8), " -+.if !'po4a'hide' .B ext_ldap_group_acl "(8), " - .if !'po4a'hide' .B ext_session_acl "(8), " --.if !'po4a'hide' .B squid_unix_group "(8), " -+.if !'po4a'hide' .B ext_unix_group_acl "(8), " - .br - The Squid FAQ wiki - .if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq - diff --git a/src/patches/squid/squid-3.5-14177.patch b/src/patches/squid/squid-3.5-14177.patch deleted file mode 100644 index c9920ad..0000000 --- a/src/patches/squid/squid-3.5-14177.patch +++ /dev/null @@ -1,52 +0,0 @@ ------------------------------------------------------------- -revno: 14177 -revision-id: squid3@treenet.co.nz-20170701073754-4x1i6p5s1gzk73co -parent: squid3@treenet.co.nz-20170701073514-uzowexcysowqostf -committer: Amos Jeffries squid3@treenet.co.nz -branch nick: 3.5 -timestamp: Sat 2017-07-01 19:37:54 +1200 -message: - basic_ncsa_auth: fix hash listing wrap in man(8) page - - '*' list bullet points must be indented with whitespace. - If they are not the list is treated as a single wrapped paragraph. ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20170701073754-4x1i6p5s1gzk73co -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: ffd783ab19a438c56affcdc6c1d106fa00403f4f -# timestamp: 2017-07-01 07:45:09 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20170701073514-\ -# uzowexcysowqostf -# -# Begin patch -=== modified file 'helpers/basic_auth/NCSA/basic_ncsa_auth.8' ---- helpers/basic_auth/NCSA/basic_ncsa_auth.8 2017-01-01 00:16:45 +0000 -+++ helpers/basic_auth/NCSA/basic_ncsa_auth.8 2017-07-01 07:37:54 +0000 -@@ -18,15 +18,15 @@ - .PP - This authenticator accepts: - .BR --* Blowfish - for passwords 72 characters or less in length --.BR --* SHA256 - with salting and magic strings --.BR --* SHA512 - with salting and magic strings --.BR --* MD5 - with optional salt and magic strings --.BR --* DES - for passwords 8 characters or less in length -+ * Blowfish - for passwords 72 characters or less in length. -+.BR -+ * SHA256 - with salting and magic strings. -+.BR -+ * SHA512 - with salting and magic strings. -+.BR -+ * MD5 - with optional salt and magic strings. -+.BR -+ * DES - for passwords 8 characters or less in length. - . - NOTE: Blowfish and SHA algorithms require system-specific support. - . - diff --git a/src/patches/squid/squid-3.5-14178.patch b/src/patches/squid/squid-3.5-14178.patch deleted file mode 100644 index 1a95150..0000000 --- a/src/patches/squid/squid-3.5-14178.patch +++ /dev/null @@ -1,36 +0,0 @@ ------------------------------------------------------------- -revno: 14178 -revision-id: squid3@treenet.co.nz-20170701081116-xekwolj1wdkeaxqv -parent: squid3@treenet.co.nz-20170701073754-4x1i6p5s1gzk73co -author: Alex Rousskov rousskov@measurement-factory.com -committer: Amos Jeffries squid3@treenet.co.nz -branch nick: 3.5 -timestamp: Sat 2017-07-01 20:11:16 +1200 -message: - Fix message packing error handling in mgr and snmp SMP Forwarders. - - A missing "return" resulted in Forwarders sending garbage (or worse) to - Coordinator. ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20170701081116-xekwolj1wdkeaxqv -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: a593abc992a79d4539dede76b4f63e013f96d33a -# timestamp: 2017-07-01 08:51:30 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20170701073754-\ -# 4x1i6p5s1gzk73co -# -# Begin patch -=== modified file 'src/ipc/Forwarder.cc' ---- src/ipc/Forwarder.cc 2017-01-01 00:16:45 +0000 -+++ src/ipc/Forwarder.cc 2017-07-01 08:11:16 +0000 -@@ -62,6 +62,7 @@ - // assume the pack() call failed because the message did not fit - // TODO: add a more specific exception? - handleError(); -+ return; - } - - SendMessage(Ipc::Port::CoordinatorAddr(), message); - diff --git a/src/patches/squid/squid-3.5-14179.patch b/src/patches/squid/squid-3.5-14179.patch deleted file mode 100644 index 112bdb0..0000000 --- a/src/patches/squid/squid-3.5-14179.patch +++ /dev/null @@ -1,105 +0,0 @@ ------------------------------------------------------------- -revno: 14179 -revision-id: squid3@treenet.co.nz-20170701095916-wknqmneq2w0mxt6a -parent: squid3@treenet.co.nz-20170701081116-xekwolj1wdkeaxqv -author: Alex Rousskov rousskov@measurement-factory.com -committer: Amos Jeffries squid3@treenet.co.nz -branch nick: 3.5 -timestamp: Sat 2017-07-01 21:59:16 +1200 -message: - Fix mgr query handoff from the original recipient to Coordinator. - - This bug has already been fixed once, in trunk r11164.1.61, but that fix - was accidentally undone shortly after, during significant cross-branch - merging activity combined with the Forwarder class split. The final - merge importing the associated code (trunk r11730) was buggy. - - The bug (explained in r11164.1.61) leads to a race condition between - - * Store notifying Server classes about the entry completion (which might - trigger a bogus error message sent to the cache manager client while - Coordinator sends its own valid response on the same connection!) and - - * post-cleanup() connection closure handlers of Server classes silently - closing everything (and leaving Coordinator the only responding - process on that shared connection). - - The bug probably was not noticed for so long because, evidently, the - latter actions tend to win in the current code. ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20170701095916-wknqmneq2w0mxt6a -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: c7e89c80468c7f388f7e09ad2d68a245789db50d -# timestamp: 2017-07-01 10:51:12 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20170701081116-\ -# xekwolj1wdkeaxqv -# -# Begin patch -=== modified file 'src/ipc/Forwarder.h' ---- src/ipc/Forwarder.h 2017-01-01 00:16:45 +0000 -+++ src/ipc/Forwarder.h 2017-07-01 09:59:16 +0000 -@@ -47,12 +47,14 @@ - virtual void handleError(); - virtual void handleTimeout(); - virtual void handleException(const std::exception& e); -- virtual void handleRemoteAck(); - - private: - static void RequestTimedOut(void* param); - void requestTimedOut(); - void removeTimeoutEvent(); -+ -+ void handleRemoteAck(); -+ - static AsyncCall::Pointer DequeueRequest(unsigned int requestId); - - protected: - -=== modified file 'src/mgr/Forwarder.cc' ---- src/mgr/Forwarder.cc 2017-01-01 00:16:45 +0000 -+++ src/mgr/Forwarder.cc 2017-07-01 09:59:16 +0000 -@@ -102,17 +102,6 @@ - mustStop("commClosed"); - } - --/// called when Coordinator starts processing the request --void --Mgr::Forwarder::handleRemoteAck() --{ -- Ipc::Forwarder::handleRemoteAck(); -- -- Must(entry != NULL); -- EBIT_CLR(entry->flags, ENTRY_FWD_HDR_WAIT); -- entry->complete(); --} -- - /// send error page - void - Mgr::Forwarder::sendError(ErrorState *error) - -=== modified file 'src/mgr/Forwarder.h' ---- src/mgr/Forwarder.h 2017-01-01 00:16:45 +0000 -+++ src/mgr/Forwarder.h 2017-07-01 09:59:16 +0000 -@@ -40,7 +40,6 @@ - virtual void handleError(); - virtual void handleTimeout(); - virtual void handleException(const std::exception& e); -- virtual void handleRemoteAck(); - - private: - void noteCommClosed(const CommCloseCbParams& params); - -=== modified file 'src/tests/stub_libmgr.cc' ---- src/tests/stub_libmgr.cc 2017-01-01 00:16:45 +0000 -+++ src/tests/stub_libmgr.cc 2017-07-01 09:59:16 +0000 -@@ -100,7 +100,6 @@ - void Mgr::Forwarder::handleError() STUB - void Mgr::Forwarder::handleTimeout() STUB - void Mgr::Forwarder::handleException(const std::exception& e) STUB --void Mgr::Forwarder::handleRemoteAck() STUB - - #include "mgr/FunAction.h" - Mgr::Action::Pointer Mgr::FunAction::Create(const CommandPointer &cmd, OBJH *aHandler) STUB_RETVAL(dummyAction) - diff --git a/src/patches/squid/squid-3.5-14180.patch b/src/patches/squid/squid-3.5-14180.patch deleted file mode 100644 index 01d11cd..0000000 --- a/src/patches/squid/squid-3.5-14180.patch +++ /dev/null @@ -1,448 +0,0 @@ ------------------------------------------------------------- -revno: 14180 -revision-id: squid3@treenet.co.nz-20170701120848-q2xznzfvxb4kwvb6 -parent: squid3@treenet.co.nz-20170701095916-wknqmneq2w0mxt6a -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4464 -author: Christos Tsantilas chtsanti@users.sourceforge.net -committer: Amos Jeffries squid3@treenet.co.nz -branch nick: 3.5 -timestamp: Sun 2017-07-02 00:08:48 +1200 -message: - Bug 4464: Reduce "!Comm::MonitorsRead(serverConnection->fd)" assertions. - - * Protect Squid Client classes from new requests that compete with - ongoing pinned connection use and - * resume dealing with new requests when those Client classes are done - using the pinned connection. - - Replaced primary ConnStateData::pinConnection() calls with a pair of - pinBusyConnection() and notePinnedConnectionBecameIdle() calls, - depending on the pinned connection state ("busy" or "idle"). - - Removed pinConnection() parameters that were not longer used or could be computed from the remaining parameters. - - Removed ConnStateData::httpsPeeked() code "hiding" the originating - request and connection peer details while entering the first "idle" - state. The old (trunk r11880.1.6) bump-server-first code used a pair of - NULLs because "Intercepted connections do not have requests at the - connection pinning stage", but that limitation no longer applicable - because Squid always fakes (when intercepting) or parses (a CONNECT) - request now, even during SslBump step1. - - The added XXX and TODOs are not directly related to this fix. They - were added to document problems discovered while working on this fix. - - In v3.5 code, the same problems manifest as Read.cc - "fd_table[conn->fd].halfClosedReader != NULL" assertions. - - This is a Measurement Factory project ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20170701120848-q2xznzfvxb4kwvb6 -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: e4f432eed8a845431d4bbbf023de04d682adeaff -# timestamp: 2017-07-01 12:32:26 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20170701095916-\ -# wknqmneq2w0mxt6a -# -# Begin patch -=== modified file 'src/FwdState.cc' ---- src/FwdState.cc 2017-01-01 00:16:45 +0000 -+++ src/FwdState.cc 2017-07-01 12:08:48 +0000 -@@ -246,7 +246,7 @@ - #if USE_OPENSSL - if (request->flags.sslPeek && request->clientConnectionManager.valid()) { - CallJobHere1(17, 4, request->clientConnectionManager, ConnStateData, -- ConnStateData::httpsPeeked, Comm::ConnectionPointer(NULL)); -+ ConnStateData::httpsPeeked, ConnStateData::PinnedIdleContext(Comm::ConnectionPointer(nullptr), request)); - } - #endif - } else { -@@ -952,7 +952,7 @@ - #if USE_OPENSSL - if (request->flags.sslPeek) { - CallJobHere1(17, 4, request->clientConnectionManager, ConnStateData, -- ConnStateData::httpsPeeked, serverConnection()); -+ ConnStateData::httpsPeeked, ConnStateData::PinnedIdleContext(serverConnection(), request)); - unregister(serverConn); // async call owns it now - complete(); // destroys us - return; - -=== modified file 'src/base/RefCount.h' ---- src/base/RefCount.h 2017-01-01 00:16:45 +0000 -+++ src/base/RefCount.h 2017-07-01 12:08:48 +0000 -@@ -54,9 +54,7 @@ - - C & operator * () const {return *const_cast<C *>(p_); } - -- C const * getRaw() const {return p_; } -- -- C * getRaw() {return const_cast<C *>(p_); } -+ C * getRaw() const { return const_cast<C *>(p_); } - - bool operator == (const RefCount& p) const { - return p.p_ == p_; - -=== modified file 'src/client_side.cc' ---- src/client_side.cc 2017-05-29 13:15:55 +0000 -+++ src/client_side.cc 2017-07-01 12:08:48 +0000 -@@ -836,6 +836,7 @@ - assert(areAllContextsForThisConnection()); - freeAllContexts(); - -+ // XXX: Closing pinned conn is too harsh: The Client may want to continue! - unpinConnection(true); - - if (Comm::IsConnOpen(clientConnection)) -@@ -1559,6 +1560,13 @@ - - debugs(33, 3, HERE << "ConnnStateData(" << conn->clientConnection << "), Context(" << clientConnection << ")"); - connIsFinished(); -+ conn->kick(); -+} -+ -+void -+ConnStateData::kick() -+{ -+ ConnStateData * conn = this; // XXX: Remove this diff minimization hack - - if (conn->pinning.pinned && !Comm::IsConnOpen(conn->pinning.serverConnection)) { - debugs(33, 2, HERE << conn->clientConnection << " Connection was pinned but server side gone. Terminating client connection"); -@@ -3240,6 +3248,13 @@ - if (in.buf.isEmpty()) - break; - -+ // Prohibit concurrent requests when using a pinned to-server connection -+ // because our Client classes do not support request pipelining. -+ if (pinning.pinned && !pinning.readHandler) { -+ debugs(33, 3, clientConnection << " waits for busy " << pinning.serverConnection); -+ break; -+ } -+ - /* Limit the number of concurrent requests */ - if (concurrentRequestQueueFilled()) - break; -@@ -4434,22 +4449,19 @@ - } - - void --ConnStateData::httpsPeeked(Comm::ConnectionPointer serverConnection) -+ConnStateData::httpsPeeked(PinnedIdleContext pic) - { - Must(sslServerBump != NULL); -+ Must(sslServerBump->request == pic.request); -+ Must(currentobject == NULL || currentobject->http == NULL || currentobject->http->request == pic.request.getRaw()); - -- if (Comm::IsConnOpen(serverConnection)) { -- pinConnection(serverConnection, NULL, NULL, false); -+ if (Comm::IsConnOpen(pic.connection)) { -+ notePinnedConnectionBecameIdle(pic); - - debugs(33, 5, HERE << "bumped HTTPS server: " << sslConnectHostOrIp); -- } else { -+ } else - debugs(33, 5, HERE << "Error while bumping: " << sslConnectHostOrIp); - -- // copy error detail from bump-server-first request to CONNECT request -- if (currentobject != NULL && currentobject->http != NULL && currentobject->http->request) -- currentobject->http->request->detailError(sslServerBump->request->errType, sslServerBump->request->errDetail); -- } -- - getSslContextStart(); - } - -@@ -4952,19 +4964,35 @@ - } - - void --ConnStateData::pinConnection(const Comm::ConnectionPointer &pinServer, HttpRequest *request, CachePeer *aPeer, bool auth, bool monitor) --{ -- if (!Comm::IsConnOpen(pinning.serverConnection) || -- pinning.serverConnection->fd != pinServer->fd) -- pinNewConnection(pinServer, request, aPeer, auth); -- -- if (monitor) -- startPinnedConnectionMonitoring(); --} -- --void --ConnStateData::pinNewConnection(const Comm::ConnectionPointer &pinServer, HttpRequest *request, CachePeer *aPeer, bool auth) --{ -+ConnStateData::pinBusyConnection(const Comm::ConnectionPointer &pinServer, const HttpRequest::Pointer &request) -+{ -+ pinConnection(pinServer, request); -+} -+ -+void -+ConnStateData::notePinnedConnectionBecameIdle(PinnedIdleContext pic) -+{ -+ Must(pic.connection != NULL); -+ Must(pic.request != NULL); -+ pinConnection(pic.connection, pic.request); -+ -+ // monitor pinned server connection for remote-end closures. -+ startPinnedConnectionMonitoring(); -+ -+ if (!currentobject) -+ kick(); // in case clientParseRequests() was blocked by a busy pic.connection -+} -+ -+/// Forward future client requests using the given server connection. -+void -+ConnStateData::pinConnection(const Comm::ConnectionPointer &pinServer, const HttpRequest::Pointer &request) -+{ -+ if (Comm::IsConnOpen(pinning.serverConnection) && -+ pinning.serverConnection->fd == pinServer->fd) { -+ debugs(33, 3, "already pinned" << pinServer); -+ return; -+ } -+ - unpinConnection(true); // closes pinned connection, if any, and resets fields - - pinning.serverConnection = pinServer; -@@ -4973,23 +5001,21 @@ - - Must(pinning.serverConnection != NULL); - -- // when pinning an SSL bumped connection, the request may be NULL - const char *pinnedHost = "[unknown]"; -- if (request) { -+ if (request != NULL) { - pinning.host = xstrdup(request->GetHost()); - pinning.port = request->port; - pinnedHost = pinning.host; -+ pinning.auth = request->flags.connectionAuth; - } else { - pinning.port = pinServer->remote.port(); - } - pinning.pinned = true; -- if (aPeer) -- pinning.peer = cbdataReference(aPeer); -- pinning.auth = auth; -+ pinning.peer = cbdataReference(pinServer->getPeer()); - char stmp[MAX_IPSTRLEN]; - char desc[FD_DESC_SZ]; - snprintf(desc, FD_DESC_SZ, "%s pinned connection for %s (%d)", -- (auth || !aPeer) ? pinnedHost : aPeer->name, -+ (pinning.auth || !pinning.peer) ? pinnedHost : pinning.peer->name, - clientConnection->remote.toUrl(stmp,MAX_IPSTRLEN), - clientConnection->fd); - fd_note(pinning.serverConnection->fd, desc); -@@ -5164,3 +5190,8 @@ - * connection has gone away */ - } - -+std::ostream & -+operator <<(std::ostream &os, const ConnStateData::PinnedIdleContext &pic) -+{ -+ return os << pic.connection << ", request=" << pic.request; -+} - -=== modified file 'src/client_side.h' ---- src/client_side.h 2017-01-01 00:16:45 +0000 -+++ src/client_side.h 2017-07-01 12:08:48 +0000 -@@ -26,6 +26,8 @@ - #include "ssl/support.h" - #endif - -+#include <iosfwd> -+ - class ConnStateData; - class ClientHttpRequest; - class clientStreamNode; -@@ -188,6 +190,11 @@ - /// Traffic parsing - bool clientParseRequests(); - void readNextRequest(); -+ -+ // In v3.5, usually called via ClientSocketContext::keepaliveNextRequest(). -+ /// try to make progress on a transaction or read more I/O -+ void kick(); -+ - ClientSocketContext::Pointer getCurrentContext() const; - void addContextToQueue(ClientSocketContext * context); - int getConcurrentRequestCount() const; -@@ -287,9 +294,21 @@ - bool handleReadData(); - bool handleRequestBodyData(); - -- /// Forward future client requests using the given server connection. -- /// Optionally, monitor pinned server connection for remote-end closures. -- void pinConnection(const Comm::ConnectionPointer &pinServerConn, HttpRequest *request, CachePeer *peer, bool auth, bool monitor = true); -+ /// parameters for the async notePinnedConnectionBecameIdle() call -+ class PinnedIdleContext -+ { -+ public: -+ PinnedIdleContext(const Comm::ConnectionPointer &conn, const HttpRequest::Pointer &req): connection(conn), request(req) {} -+ -+ Comm::ConnectionPointer connection; ///< to-server connection to be pinned -+ HttpRequest::Pointer request; ///< to-server request that initiated serverConnection -+ }; -+ -+ /// Called when a pinned connection becomes available for forwarding the next request. -+ void notePinnedConnectionBecameIdle(PinnedIdleContext pic); -+ /// Forward future client requests using the given to-server connection. -+ /// The connection is still being used by the current client request. -+ void pinBusyConnection(const Comm::ConnectionPointer &pinServerConn, const HttpRequest::Pointer &request); - /// Undo pinConnection() and, optionally, close the pinned connection. - void unpinConnection(const bool andClose); - /// Returns validated pinnned server connection (and stops its monitoring). -@@ -345,7 +364,7 @@ - /// generated - void doPeekAndSpliceStep(); - /// called by FwdState when it is done bumping the server -- void httpsPeeked(Comm::ConnectionPointer serverConnection); -+ void httpsPeeked(PinnedIdleContext pic); - - /// Start to create dynamic SSL_CTX for host or uses static port SSL context. - void getSslContextStart(); -@@ -449,7 +468,7 @@ - void clientAfterReadingRequests(); - bool concurrentRequestQueueFilled() const; - -- void pinNewConnection(const Comm::ConnectionPointer &pinServer, HttpRequest *request, CachePeer *aPeer, bool auth); -+ void pinConnection(const Comm::ConnectionPointer &pinServerConn, const HttpRequest::Pointer &request); - - /* PROXY protocol functionality */ - bool proxyProtocolValidateClient(); -@@ -516,5 +535,7 @@ - void clientProcessRequest(ConnStateData *conn, HttpParser *hp, ClientSocketContext *context, const HttpRequestMethod& method, Http::ProtocolVersion http_ver); - void clientPostHttpsAccept(ConnStateData *connState); - -+std::ostream &operator <<(std::ostream &os, const ConnStateData::PinnedIdleContext &pic); -+ - #endif /* SQUID_CLIENTSIDE_H */ - - -=== modified file 'src/clients/FtpRelay.cc' ---- src/clients/FtpRelay.cc 2017-01-01 00:16:45 +0000 -+++ src/clients/FtpRelay.cc 2017-07-01 12:08:48 +0000 -@@ -210,9 +210,10 @@ - mgr->unpinConnection(false); - ctrl.close(); - } else { -- mgr->pinConnection(ctrl.conn, fwd->request, -- ctrl.conn->getPeer(), -- fwd->request->flags.connectionAuth); -+ CallJobHere1(9, 4, mgr, -+ ConnStateData, -+ notePinnedConnectionBecameIdle, -+ ConnStateData::PinnedIdleContext(ctrl.conn, fwd->request)); - ctrl.forget(); - } - } - -=== modified file 'src/http.cc' ---- src/http.cc 2017-06-15 00:16:33 +0000 -+++ src/http.cc 2017-07-01 12:08:48 +0000 -@@ -1383,9 +1383,6 @@ - void - HttpStateData::processReplyBody() - { -- Ip::Address client_addr; -- bool ispinned = false; -- - if (!flags.headers_parsed) { - flags.do_next_read = true; - maybeReadVirginBody(); -@@ -1435,35 +1432,49 @@ - } - break; - -- case COMPLETE_PERSISTENT_MSG: -+ case COMPLETE_PERSISTENT_MSG: { - debugs(11, 5, "processReplyBody: COMPLETE_PERSISTENT_MSG from " << serverConnection); -- /* yes we have to clear all these! */ -+ -+ // TODO: Remove serverConnectionSaved but preserve exception safety. -+ - commUnsetConnTimeout(serverConnection); - flags.do_next_read = false; - - comm_remove_close_handler(serverConnection->fd, closeHandler); - closeHandler = NULL; -- fwd->unregister(serverConnection); - -+ Ip::Address client_addr; // XXX: Remove as unused. Why was it added? - if (request->flags.spoofClientIp) - client_addr = request->client_addr; - -+ Comm::ConnectionPointer serverConnectionSaved = serverConnection; -+ fwd->unregister(serverConnection); -+ serverConnection = nullptr; -+ -+ bool ispinned = false; // TODO: Rename to isOrShouldBePinned - if (request->flags.pinned) { - ispinned = true; - } else if (request->flags.connectionAuth && request->flags.authSent) { - ispinned = true; - } - -- if (ispinned && request->clientConnectionManager.valid()) { -- request->clientConnectionManager->pinConnection(serverConnection, request, _peer, -- (request->flags.connectionAuth)); -+ if (ispinned) { -+ if (request->clientConnectionManager.valid()) { -+ CallJobHere1(11, 4, request->clientConnectionManager, -+ ConnStateData, -+ notePinnedConnectionBecameIdle, -+ ConnStateData::PinnedIdleContext(serverConnectionSaved, request)); -+ } else { -+ // must not pool/share ispinned connections, even orphaned ones -+ serverConnectionSaved->close(); -+ } - } else { -- fwd->pconnPush(serverConnection, request->GetHost()); -+ fwd->pconnPush(serverConnectionSaved, request->GetHost()); - } - -- serverConnection = NULL; - serverComplete(); - return; -+ } - - case COMPLETE_NONPERSISTENT_MSG: - debugs(11, 5, "processReplyBody: COMPLETE_NONPERSISTENT_MSG from " << serverConnection); - -=== modified file 'src/servers/FtpServer.cc' ---- src/servers/FtpServer.cc 2017-02-26 11:09:42 +0000 -+++ src/servers/FtpServer.cc 2017-07-01 12:08:48 +0000 -@@ -301,12 +301,8 @@ - Must(http != NULL); - HttpRequest *const request = http->request; - Must(request != NULL); -- -- // this is not an idle connection, so we do not want I/O monitoring -- const bool monitor = false; -- - // make FTP peer connection exclusive to our request -- pinConnection(conn, request, conn->getPeer(), false, monitor); -+ pinBusyConnection(conn, request); - } - - void - -=== modified file 'src/tests/stub_client_side.cc' ---- src/tests/stub_client_side.cc 2017-01-01 00:16:45 +0000 -+++ src/tests/stub_client_side.cc 2017-07-01 12:08:48 +0000 -@@ -60,7 +60,8 @@ - void ConnStateData::noteBodyConsumerAborted(BodyPipe::Pointer) STUB - bool ConnStateData::handleReadData() STUB_RETVAL(false) - bool ConnStateData::handleRequestBodyData() STUB_RETVAL(false) --void ConnStateData::pinConnection(const Comm::ConnectionPointer &pinServerConn, HttpRequest *request, CachePeer *peer, bool auth, bool monitor) STUB -+void ConnStateData::pinBusyConnection(const Comm::ConnectionPointer &, const HttpRequest::Pointer &) STUB -+void ConnStateData::notePinnedConnectionBecameIdle(PinnedIdleContext) STUB - void ConnStateData::unpinConnection(const bool andClose) STUB - const Comm::ConnectionPointer ConnStateData::validatePinnedConnection(HttpRequest *request, const CachePeer *peer) STUB_RETVAL(NULL) - void ConnStateData::clientPinnedConnectionClosed(const CommCloseCbParams &io) STUB -@@ -70,7 +71,7 @@ - void ConnStateData::swanSong() STUB - void ConnStateData::quitAfterError(HttpRequest *request) STUB - #if USE_OPENSSL --void ConnStateData::httpsPeeked(Comm::ConnectionPointer serverConnection) STUB -+void ConnStateData::httpsPeeked(PinnedIdleContext) STUB - void ConnStateData::getSslContextStart() STUB - void ConnStateData::getSslContextDone(SSL_CTX * sslContext, bool isNew) STUB - void ConnStateData::sslCrtdHandleReplyWrapper(void *data, const Helper::Reply &reply) STUB - diff --git a/src/patches/squid/squid-3.5-14181.patch b/src/patches/squid/squid-3.5-14181.patch deleted file mode 100644 index 4516d60..0000000 --- a/src/patches/squid/squid-3.5-14181.patch +++ /dev/null @@ -1,30 +0,0 @@ ------------------------------------------------------------- -revno: 14181 -revision-id: squidadm@squid-cache.org-20170701121615-ktx76udds2mzmc6c -parent: squid3@treenet.co.nz-20170701120848-q2xznzfvxb4kwvb6 -committer: Source Maintenance squidadm@squid-cache.org -branch nick: 3.5 -timestamp: Sat 2017-07-01 12:16:15 +0000 -message: - SourceFormat Enforcement ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squidadm@squid-cache.org-20170701121615-\ -# ktx76udds2mzmc6c -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: d7942d1260def31f62ccc820a44bb769381beae2 -# timestamp: 2017-07-01 12:32:29 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20170701120848-\ -# q2xznzfvxb4kwvb6 -# -# Begin patch -=== modified file 'src/client_side.cc' ---- src/client_side.cc 2017-07-01 12:08:48 +0000 -+++ src/client_side.cc 2017-07-01 12:16:15 +0000 -@@ -5195,3 +5195,4 @@ - { - return os << pic.connection << ", request=" << pic.request; - } -+ - diff --git a/src/patches/squid/squid-3.5-14182.patch b/src/patches/squid/squid-3.5-14182.patch deleted file mode 100644 index 3354881..0000000 --- a/src/patches/squid/squid-3.5-14182.patch +++ /dev/null @@ -1,35 +0,0 @@ ------------------------------------------------------------- -revno: 14182 -revision-id: squid3@treenet.co.nz-20170701232253-3beaysa03xf5c67p -parent: squidadm@squid-cache.org-20170701121615-ktx76udds2mzmc6c -committer: Amos Jeffries squid3@treenet.co.nz -branch nick: 3.5 -timestamp: Sun 2017-07-02 11:22:53 +1200 -message: - Fix build on FreeBSD after rev.14180 - - RefCount<> does not support assignment from nullptr with C++03 ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20170701232253-3beaysa03xf5c67p -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: d5ecf68c60c022783f69311e9049e546be8fa1a0 -# timestamp: 2017-07-01 23:50:58 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squidadm@squid-cache.org-20170701121615-\ -# ktx76udds2mzmc6c -# -# Begin patch -=== modified file 'src/http.cc' ---- src/http.cc 2017-07-01 12:08:48 +0000 -+++ src/http.cc 2017-07-01 23:22:53 +0000 -@@ -1449,7 +1449,7 @@ - - Comm::ConnectionPointer serverConnectionSaved = serverConnection; - fwd->unregister(serverConnection); -- serverConnection = nullptr; -+ serverConnection = NULL; - - bool ispinned = false; // TODO: Rename to isOrShouldBePinned - if (request->flags.pinned) { - diff --git a/src/setup/passwords.c b/src/setup/passwords.c index e7b4b52..6242577 100644 --- a/src/setup/passwords.c +++ b/src/setup/passwords.c @@ -56,7 +56,7 @@ int handleadminpassword(void) return 0; snprintf(commandstring, STRING_SIZE, - "/usr/sbin/htpasswd -c -m -b " CONFIG_ROOT "/auth/users admin '%s'", password); + "/usr/bin/htpasswd -c -B -C 7 -b " CONFIG_ROOT "/auth/users admin '%s'", password); sprintf(message, _("Setting %s 'admin' user password..."), NAME); if (runhiddencommandwithstatus(commandstring, _("Setting password"), message, NULL)) { sprintf(message, _("Problem setting %s 'admin' user password."), NAME);
hooks/post-receive -- IPFire 2.x development tree