Gentoo Archives: gentoo-commits

From: "Alin Nastac
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo-x86 commit in net-proxy/squid/files: squid-2.6.16-gentoo.patch digest-squid-2.6.16 squid-2.6.16-qos.patch squid-2.6.16-ToS_Hit_ToS_Preserve.patch
Date: Sat, 08 Sep 2007 07:34:56
Message-Id: E1ITujd-00036P-7J@stork.gentoo.org
1 mrness 07/09/08 07:28:05
2
3 Added: squid-2.6.16-gentoo.patch digest-squid-2.6.16
4 squid-2.6.16-qos.patch
5 squid-2.6.16-ToS_Hit_ToS_Preserve.patch
6 Log:
7 Version bump (#191456).
8 (Portage version: 2.1.2.12)
9
10 Revision Changes Path
11 1.1 net-proxy/squid/files/squid-2.6.16-gentoo.patch
12
13 file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-proxy/squid/files/squid-2.6.16-gentoo.patch?rev=1.1&view=markup
14 plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-proxy/squid/files/squid-2.6.16-gentoo.patch?rev=1.1&content-type=text/plain
15
16 Index: squid-2.6.16-gentoo.patch
17 ===================================================================
18 diff -Nru squid-2.6.STABLE16.orig/helpers/basic_auth/MSNT/confload.c squid-2.6.STABLE16/helpers/basic_auth/MSNT/confload.c
19 --- squid-2.6.STABLE16.orig/helpers/basic_auth/MSNT/confload.c 2002-06-26 22:09:48.000000000 +0300
20 +++ squid-2.6.STABLE16/helpers/basic_auth/MSNT/confload.c 2007-09-08 08:04:09.000000000 +0300
21 @@ -24,7 +24,7 @@
22
23 /* Path to configuration file */
24 #ifndef SYSCONFDIR
25 -#define SYSCONFDIR "/usr/local/squid/etc"
26 +#define SYSCONFDIR "/etc/squid"
27 #endif
28 #define CONFIGFILE SYSCONFDIR "/msntauth.conf"
29
30 diff -Nru squid-2.6.STABLE16.orig/helpers/basic_auth/MSNT/msntauth.conf.default squid-2.6.STABLE16/helpers/basic_auth/MSNT/msntauth.conf.default
31 --- squid-2.6.STABLE16.orig/helpers/basic_auth/MSNT/msntauth.conf.default 2002-06-26 21:44:28.000000000 +0300
32 +++ squid-2.6.STABLE16/helpers/basic_auth/MSNT/msntauth.conf.default 2007-09-08 08:04:09.000000000 +0300
33 @@ -8,6 +8,6 @@
34 server other_PDC other_BDC otherdomain
35
36 # Denied and allowed users. Comment these if not needed.
37 -#denyusers /usr/local/squid/etc/msntauth.denyusers
38 -#allowusers /usr/local/squid/etc/msntauth.allowusers
39 +#denyusers /etc/squid/msntauth.denyusers
40 +#allowusers /etc/squid/msntauth.allowusers
41
42 diff -Nru squid-2.6.STABLE16.orig/helpers/basic_auth/SMB/Makefile.am squid-2.6.STABLE16/helpers/basic_auth/SMB/Makefile.am
43 --- squid-2.6.STABLE16.orig/helpers/basic_auth/SMB/Makefile.am 2005-05-17 19:56:26.000000000 +0300
44 +++ squid-2.6.STABLE16/helpers/basic_auth/SMB/Makefile.am 2007-09-08 08:04:09.000000000 +0300
45 @@ -14,7 +14,7 @@
46 ## FIXME: autoconf should test for the samba path.
47
48 SMB_AUTH_HELPER = smb_auth.sh
49 -SAMBAPREFIX=/usr/local/samba
50 +SAMBAPREFIX=/usr
51 SMB_AUTH_HELPER_PATH = $(libexecdir)/$(SMB_AUTH_HELPER)
52
53 libexec_SCRIPTS = $(SMB_AUTH_HELPER)
54 diff -Nru squid-2.6.STABLE16.orig/helpers/basic_auth/SMB/smb_auth.sh squid-2.6.STABLE16/helpers/basic_auth/SMB/smb_auth.sh
55 --- squid-2.6.STABLE16.orig/helpers/basic_auth/SMB/smb_auth.sh 2001-01-08 01:36:46.000000000 +0200
56 +++ squid-2.6.STABLE16/helpers/basic_auth/SMB/smb_auth.sh 2007-09-08 08:04:09.000000000 +0300
57 @@ -24,7 +24,7 @@
58 read AUTHSHARE
59 read AUTHFILE
60 read SMBUSER
61 -read SMBPASS
62 +read -r SMBPASS
63
64 # Find domain controller
65 echo "Domain name: $DOMAINNAME"
66 @@ -47,7 +47,7 @@
67 addropt=""
68 fi
69 echo "Query address options: $addropt"
70 -dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+ / { print $1 ; exit }'`
71 +dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+\..+ / { print $1 ; exit }'`
72 echo "Domain controller IP address: $dcip"
73 [ -n "$dcip" ] || exit 1
74
75 diff -Nru squid-2.6.STABLE16.orig/helpers/external_acl/session/squid_session.8 squid-2.6.STABLE16/helpers/external_acl/session/squid_session.8
76 --- squid-2.6.STABLE16.orig/helpers/external_acl/session/squid_session.8 2007-01-06 19:28:35.000000000 +0200
77 +++ squid-2.6.STABLE16/helpers/external_acl/session/squid_session.8 2007-09-08 08:25:28.000000000 +0300
78 @@ -35,7 +35,7 @@
79 .P
80 Configuration example using the default automatic mode
81 .IP
82 -external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN /usr/local/squid/libexec/squid_session
83 +external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN /usr/libexec/squid/squid_session
84 .IP
85 acl session external session
86 .IP
87 diff -Nru squid-2.6.STABLE16.orig/helpers/external_acl/unix_group/squid_unix_group.8 squid-2.6.STABLE16/helpers/external_acl/unix_group/squid_unix_group.8
88 --- squid-2.6.STABLE16.orig/helpers/external_acl/unix_group/squid_unix_group.8 2006-05-14 18:07:24.000000000 +0300
89 +++ squid-2.6.STABLE16/helpers/external_acl/unix_group/squid_unix_group.8 2007-09-08 08:25:45.000000000 +0300
90 @@ -27,7 +27,7 @@
91 This squid.conf example defines two Squid acls. usergroup1 matches users in group1, and usergroup2
92 matches users in group2 or group3
93 .IP
94 -external_acl_type unix_group %LOGIN /usr/local/squid/libexec/squid_unix_group -p
95 +external_acl_type unix_group %LOGIN /usr/libexec/squid/squid_unix_group -p
96 .IP
97 acl usergroup1 external unix_group group1
98 .IP
99 diff -Nru squid-2.6.STABLE16.orig/src/access_log.c squid-2.6.STABLE16/src/access_log.c
100 --- squid-2.6.STABLE16.orig/src/access_log.c 2007-06-03 03:40:32.000000000 +0300
101 +++ squid-2.6.STABLE16/src/access_log.c 2007-09-08 08:04:28.000000000 +0300
102 @@ -1225,7 +1225,7 @@
103 LogfileStatus = LOG_ENABLE;
104 }
105 #if HEADERS_LOG
106 - headerslog = logfileOpen("/usr/local/squid/logs/headers.log", MAX_URL << 1, 0);
107 + headerslog = logfileOpen("/var/log/squid/headers.log", MAX_URL << 1, 0);
108 assert(NULL != headerslog);
109 #endif
110 #if FORW_VIA_DB
111 diff -Nru squid-2.6.STABLE16.orig/src/cf.data.pre squid-2.6.STABLE16/src/cf.data.pre
112 --- squid-2.6.STABLE16.orig/src/cf.data.pre 2007-09-06 00:50:15.000000000 +0300
113 +++ squid-2.6.STABLE16/src/cf.data.pre 2007-09-08 08:19:51.000000000 +0300
114 @@ -640,6 +640,8 @@
115 acl Safe_ports port 488 # gss-http
116 acl Safe_ports port 591 # filemaker
117 acl Safe_ports port 777 # multiling http
118 +acl Safe_ports port 901 # SWAT
119 +acl purge method PURGE
120 acl CONNECT method CONNECT
121 NOCOMMENT_END
122 DOC_END
123 @@ -673,6 +675,9 @@
124 # Only allow cachemgr access from localhost
125 http_access allow manager localhost
126 http_access deny manager
127 +# Only allow purge requests from localhost
128 +http_access allow purge localhost
129 +http_access deny purge
130 # Deny requests to unknown ports
131 http_access deny !Safe_ports
132 # Deny CONNECT to other than SSL ports
133 @@ -691,6 +696,9 @@
134 #acl our_networks src 192.168.1.0/24 192.168.2.0/24
135 #http_access allow our_networks
136
137 +# Allow the localhost to have access by default
138 +http_access allow localhost
139 +
140 # And finally deny all other access to this proxy
141 http_access deny all
142 NOCOMMENT_END
143 @@ -3342,11 +3350,11 @@
144
145 NAME: cache_mgr
146 TYPE: string
147 -DEFAULT: webmaster
148 +DEFAULT: root
149 LOC: Config.adminEmail
150 DOC_START
151 Email-address of local cache manager who will receive
152 - mail if the cache dies. The default is "webmaster".
153 + mail if the cache dies. The default is "root".
154 DOC_END
155
156 NAME: mail_from
157 @@ -3374,12 +3382,12 @@
158
159 NAME: cache_effective_user
160 TYPE: string
161 -DEFAULT: nobody
162 +DEFAULT: squid
163 LOC: Config.effectiveUser
164 DOC_START
165 If you start Squid as root, it will change its effective/real
166 UID/GID to the user specified below. The default is to change
167 - to UID to nobody. If you define cache_effective_user, but not
168 + to UID to squid. If you define cache_effective_user, but not
169 cache_effective_group, Squid sets the GID to the effective
170 user's default group ID (taken from the password file) and
171 supplementary group list from the from groups membership of
172 @@ -4018,12 +4026,12 @@
173 NAME: snmp_port
174 TYPE: ushort
175 LOC: Config.Port.snmp
176 -DEFAULT: 3401
177 +DEFAULT: 0
178 IFDEF: SQUID_SNMP
179 DOC_START
180 Squid can now serve statistics and status information via SNMP.
181 - By default it listens to port 3401 on the machine. If you don't
182 - wish to use SNMP, set this to "0".
183 + By default snmp_port is disabled. If you wish to use SNMP,
184 + set this to "3401" (or any other number you like).
185 DOC_END
186
187 NAME: snmp_access
188 @@ -4094,12 +4102,12 @@
189 NAME: htcp_port
190 IFDEF: USE_HTCP
191 TYPE: ushort
192 -DEFAULT: 4827
193 +DEFAULT: 0
194 LOC: Config.Port.htcp
195 DOC_START
196 The port number where Squid sends and receives HTCP queries to
197 - and from neighbor caches. Default is 4827. To disable use
198 - "0".
199 + and from neighbor caches. To turn it on you want to set it to
200 + 4827. By default it is set to "0" (disabled).
201 DOC_END
202
203 NAME: log_icp_queries
204 @@ -4936,6 +4944,9 @@
205 If you disable this, it will appear as
206
207 X-Forwarded-For: unknown
208 +NOCOMMENT_START
209 +forwarded_for off
210 +NOCOMMENT_END
211 DOC_END
212
213 NAME: cachemgr_passwd
214 diff -Nru squid-2.6.STABLE16.orig/src/client_side.c squid-2.6.STABLE16/src/client_side.c
215 --- squid-2.6.STABLE16.orig/src/client_side.c 2007-09-03 16:13:36.000000000 +0300
216 +++ squid-2.6.STABLE16/src/client_side.c 2007-09-08 08:04:36.000000000 +0300
217 @@ -4597,14 +4597,7 @@
218 debug(83, 2) ("clientNegotiateSSL: Session %p reused on FD %d (%s:%d)\n", SSL_get_session(ssl), fd, fd_table[fd].ipaddr, (int) fd_table[fd].remote_port);
219 } else {
220 if (do_debug(83, 4)) {
221 - /* Write out the SSL session details.. actually the call below, but
222 - * OpenSSL headers do strange typecasts confusing GCC.. */
223 - /* PEM_write_SSL_SESSION(debug_log, SSL_get_session(ssl)); */
224 -#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x00908000L
225 - PEM_ASN1_write((i2d_of_void *) i2d_SSL_SESSION, PEM_STRING_SSL_SESSION, debug_log, (char *) SSL_get_session(ssl), NULL, NULL, 0, NULL, NULL);
226 -#else
227 PEM_ASN1_write(i2d_SSL_SESSION, PEM_STRING_SSL_SESSION, debug_log, (char *) SSL_get_session(ssl), NULL, NULL, 0, NULL, NULL);
228 -#endif
229 /* Note: This does not automatically fflush the log file.. */
230 }
231 debug(83, 2) ("clientNegotiateSSL: New session %p on FD %d (%s:%d)\n", SSL_get_session(ssl), fd, fd_table[fd].ipaddr, (int) fd_table[fd].remote_port);
232 diff -Nru squid-2.6.STABLE16.orig/src/defines.h squid-2.6.STABLE16/src/defines.h
233 --- squid-2.6.STABLE16.orig/src/defines.h 2007-02-04 00:58:20.000000000 +0200
234 +++ squid-2.6.STABLE16/src/defines.h 2007-09-08 08:04:36.000000000 +0300
235 @@ -259,7 +259,7 @@
236
237 /* were to look for errors if config path fails */
238 #ifndef DEFAULT_SQUID_ERROR_DIR
239 -#define DEFAULT_SQUID_ERROR_DIR "/usr/local/squid/etc/errors"
240 +#define DEFAULT_SQUID_ERROR_DIR "/usr/share/squid/errors/English"
241 #endif
242
243 /* gb_type operations */
244 diff -Nru squid-2.6.STABLE16.orig/src/main.c squid-2.6.STABLE16/src/main.c
245 --- squid-2.6.STABLE16.orig/src/main.c 2007-08-31 16:52:10.000000000 +0300
246 +++ squid-2.6.STABLE16/src/main.c 2007-09-08 08:04:43.000000000 +0300
247 @@ -372,6 +372,22 @@
248 asnFreeMemory();
249 }
250
251 +#if USE_UNLINKD
252 +static int
253 +needUnlinkd(void)
254 +{
255 + int i;
256 + int r = 0;
257 + for (i = 0; i < Config.cacheSwap.n_configured; i++) {
258 + if (strcmp(Config.cacheSwap.swapDirs[i].type, "ufs") == 0 ||
259 + strcmp(Config.cacheSwap.swapDirs[i].type, "aufs") == 0 ||
260 + strcmp(Config.cacheSwap.swapDirs[i].type, "diskd") == 0)
261 + r++;
262 + }
263 + return r;
264 +}
265 +#endif
266 +
267 static void
268 mainReconfigure(void)
269 {
270 @@ -395,6 +411,7 @@
271 locationRewriteShutdown();
272 authenticateShutdown();
273 externalAclShutdown();
274 + unlinkdClose();
275 storeDirCloseSwapLogs();
276 storeLogClose();
277 accessLogClose();
278 @@ -430,6 +447,9 @@
279 #if USE_WCCPv2
280 wccp2Init();
281 #endif
282 +#if USE_UNLINKD
283 + if (needUnlinkd()) unlinkdInit();
284 +#endif
285 serverConnectionsOpen();
286 neighbors_init();
287 storeDirOpenSwapLogs();
288 @@ -593,7 +613,7 @@
289
290 if (!configured_once) {
291 #if USE_UNLINKD
292 - unlinkdInit();
293 + if (needUnlinkd()) unlinkdInit();
294 #endif
295 urlInitialize();
296 cachemgrInit();
297 @@ -972,7 +992,7 @@
298 int nullfd;
299 if (*(argv[0]) == '(')
300 return;
301 - openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
302 + openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON);
303 if ((pid = fork()) < 0)
304 syslog(LOG_ALERT, "fork failed: %s", xstrerror());
305 else if (pid > 0)
306 @@ -1008,7 +1028,7 @@
307 mainStartScript(argv[0]);
308 if ((pid = fork()) == 0) {
309 /* child */
310 - openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
311 + openlog(appname, LOG_PID | LOG_NDELAY, LOG_LOCAL4);
312 prog = xstrdup(argv[0]);
313 argv[0] = xstrdup("(squid)");
314 execvp(prog, argv);
315 @@ -1016,7 +1036,7 @@
316 exit(1);
317 }
318 /* parent */
319 - openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
320 + openlog(appname, LOG_PID | LOG_NDELAY, LOG_LOCAL4);
321 syslog(LOG_NOTICE, "Squid Parent: child process %d started", pid);
322 time(&start);
323 squid_signal(SIGINT, SIG_IGN, SA_RESTART);
324 diff -Nru squid-2.6.STABLE16.orig/src/Makefile.am squid-2.6.STABLE16/src/Makefile.am
325 --- squid-2.6.STABLE16.orig/src/Makefile.am 2007-09-06 00:50:15.000000000 +0300
326 +++ squid-2.6.STABLE16/src/Makefile.am 2007-09-08 08:04:43.000000000 +0300
327 @@ -325,12 +325,12 @@
328 DEFAULT_CONFIG_FILE = $(sysconfdir)/squid.conf
329 DEFAULT_MIME_TABLE = $(sysconfdir)/mime.conf
330 DEFAULT_DNSSERVER = $(libexecdir)/`echo dnsserver | sed '$(transform);s/$$/$(EXEEXT)/'`
331 -DEFAULT_LOG_PREFIX = $(localstatedir)/logs
332 +DEFAULT_LOG_PREFIX = $(localstatedir)/log/squid
333 DEFAULT_CACHE_LOG = $(DEFAULT_LOG_PREFIX)/cache.log
334 DEFAULT_ACCESS_LOG = $(DEFAULT_LOG_PREFIX)/access.log
335 DEFAULT_STORE_LOG = $(DEFAULT_LOG_PREFIX)/store.log
336 -DEFAULT_PID_FILE = $(DEFAULT_LOG_PREFIX)/squid.pid
337 -DEFAULT_SWAP_DIR = $(localstatedir)/cache
338 +DEFAULT_PID_FILE = $(localstatedir)/run/squid.pid
339 +DEFAULT_SWAP_DIR = $(localstatedir)/cache/squid
340 DEFAULT_PINGER = $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'`
341 DEFAULT_UNLINKD = $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'`
342 DEFAULT_DISKD = $(libexecdir)/`echo diskd-daemon | sed '$(transform);s/$$/$(EXEEXT)/'`
343
344
345
346 1.1 net-proxy/squid/files/digest-squid-2.6.16
347
348 file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-proxy/squid/files/digest-squid-2.6.16?rev=1.1&view=markup
349 plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-proxy/squid/files/digest-squid-2.6.16?rev=1.1&content-type=text/plain
350
351 Index: digest-squid-2.6.16
352 ===================================================================
353 MD5 5d910fd30ce8d28916a09410d584e9f3 squid-2.6.STABLE16.tar.gz 1710035
354 RMD160 a6a1de36baf28c36916e09a713ca30d33a10054a squid-2.6.STABLE16.tar.gz 1710035
355 SHA256 0326bd0bb36d9f19349b5e103f94f675bd4ead225766645035b7bec7452fe72f squid-2.6.STABLE16.tar.gz 1710035
356
357
358
359 1.1 net-proxy/squid/files/squid-2.6.16-qos.patch
360
361 file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-proxy/squid/files/squid-2.6.16-qos.patch?rev=1.1&view=markup
362 plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-proxy/squid/files/squid-2.6.16-qos.patch?rev=1.1&content-type=text/plain
363
364 Index: squid-2.6.16-qos.patch
365 ===================================================================
366 diff -Nru squid-2.6.STABLE16.orig/src/cache_cf.c squid-2.6.STABLE16/src/cache_cf.c
367 --- squid-2.6.STABLE16.orig/src/cache_cf.c 2007-08-31 16:49:54.000000000 +0300
368 +++ squid-2.6.STABLE16/src/cache_cf.c 2007-09-08 09:25:35.000000000 +0300
369 @@ -891,6 +891,65 @@
370 }
371 }
372
373 +CBDATA_TYPE(acl_priority);
374 +
375 +static void
376 +dump_acl_priority(StoreEntry * entry, const char *name, acl_priority * head)
377 +{
378 + acl_priority *l;
379 + for (l = head; l; l = l->next) {
380 + if (l->priority > 0)
381 + storeAppendPrintf(entry, "%s %04X:%04X", name,
382 + l->priority >> 16, l->priority & 0xFFFF);
383 + else
384 + storeAppendPrintf(entry, "%s none", name);
385 + dump_acl_list(entry, l->acl_list);
386 + storeAppendPrintf(entry, "\n");
387 + }
388 +}
389 +
390 +static void
391 +freed_acl_priority(void *data)
392 +{
393 + acl_priority *l = data;
394 + aclDestroyAclList(&l->acl_list);
395 +}
396 +
397 +static void
398 +parse_acl_priority(acl_priority ** head)
399 +{
400 + acl_priority *l;
401 + acl_priority **tail = head; /* sane name below */
402 + unsigned long priority, t1, t2;
403 + char junk;
404 + char *token = strtok(NULL, w_space);
405 + if (!token)
406 + self_destruct();
407 + if (sscanf(token, "%x:%x%c", &t1, &t2, &junk) != 2)
408 + self_destruct();
409 + if (t1 < 0 || t1 > 0xFFFF || t2 < 0 || t2 > 0xFFFF)
410 + self_destruct();
411 + priority = t1 << 16 | t2;
412 + CBDATA_INIT_TYPE_FREECB(acl_priority, freed_acl_priority);
413 + l = cbdataAlloc(acl_priority);
414 + l->priority = priority;
415 + aclParseAclList(&l->acl_list);
416 + while (*tail)
417 + tail = &(*tail)->next;
418 + *tail = l;
419 +}
420 +
421 +static void
422 +free_acl_priority(acl_priority ** head)
423 +{
424 + while (*head) {
425 + acl_priority *l = *head;
426 + *head = l->next;
427 + l->next = NULL;
428 + cbdataFree(l);
429 + }
430 +}
431 +
432 #if DELAY_POOLS
433
434 /* do nothing - free_delay_pool_count is the magic free function.
435 diff -Nru squid-2.6.STABLE16.orig/src/cf.data.depend squid-2.6.STABLE16/src/cf.data.depend
436 --- squid-2.6.STABLE16.orig/src/cf.data.depend 2007-09-06 00:50:15.000000000 +0300
437 +++ squid-2.6.STABLE16/src/cf.data.depend 2007-09-08 09:25:54.000000000 +0300
438 @@ -5,6 +5,7 @@
439 acl_address acl
440 acl_b_size_t acl
441 acl_tos acl
442 +acl_priority acl
443 address
444 authparam
445 b_int64_t
446 diff -Nru squid-2.6.STABLE16.orig/src/cf.data.pre squid-2.6.STABLE16/src/cf.data.pre
447 --- squid-2.6.STABLE16.orig/src/cf.data.pre 2007-09-08 09:25:07.000000000 +0300
448 +++ squid-2.6.STABLE16/src/cf.data.pre 2007-09-08 09:25:35.000000000 +0300
449 @@ -1248,6 +1248,27 @@
450 Default: 255 (TOS from server is not changed).
451 DOC_END
452
453 +NAME: tcp_outgoing_priority
454 +TYPE: acl_priority
455 +DEFAULT: none
456 +LOC: Config.accessList.outgoing_priority
457 +DOC_START
458 + Allows you to select the priority of the outgoing connection,
459 + based on the username or source address making the request. The
460 + priority can be used by Linux QoS Qdiscs for classification.
461 +
462 + tcp_outgoing_priority priority [!]aclname ...
463 +
464 + Example where requests from special_service_net are assigned
465 + priority 10:100
466 +
467 + acl special_service_net src 10.0.0.0/255.255.255.0
468 + tcp_outgoing_priority 10:100 special_service_net
469 +
470 + Processing proceeds in the order specified, and stops at first fully
471 + matching line.
472 +DOC_END
473 +
474 NAME: tcp_outgoing_address
475 TYPE: acl_address
476 DEFAULT: none
477 diff -Nru squid-2.6.STABLE16.orig/src/comm.c squid-2.6.STABLE16/src/comm.c
478 --- squid-2.6.STABLE16.orig/src/comm.c 2007-04-17 12:39:56.000000000 +0300
479 +++ squid-2.6.STABLE16/src/comm.c 2007-09-08 09:25:35.000000000 +0300
480 @@ -162,7 +162,7 @@
481 int flags,
482 const char *note)
483 {
484 - return comm_openex(sock_type, proto, addr, port, flags, 0, note);
485 + return comm_openex(sock_type, proto, addr, port, flags, 0, 0, note);
486 }
487
488
489 @@ -175,10 +175,12 @@
490 u_short port,
491 int flags,
492 unsigned char TOS,
493 + unsigned long PRIORITY,
494 const char *note)
495 {
496 int new_socket;
497 int tos = 0;
498 + unsigned long priority = 0;
499 fde *F = NULL;
500
501 /* Create socket for accepting new connections. */
502 @@ -209,12 +211,25 @@
503 debug(5, 0) ("comm_open: setsockopt(IP_TOS) not supported on this platform\n");
504 #endif
505 }
506 + if (PRIORITY) {
507 +#ifdef SO_PRIORITY
508 + priority = PRIORITY;
509 + enter_suid();
510 + if (setsockopt(new_socket, SOL_SOCKET, SO_PRIORITY, (char *) &priority, sizeof(unsigned long)) < 0)
511 + debug(50, 1) ("comm_open: setsockopt(SO_PRIORITY) on FD %d: %s\n",
512 + new_socket, xstrerror());
513 + leave_suid();
514 +#else
515 + debug(50, 0) ("comm_open: setsockopt(SO_PRIORITY) not supported on this platform\n");
516 +#endif
517 + }
518 /* update fdstat */
519 debug(5, 5) ("comm_open: FD %d is a new socket\n", new_socket);
520 fd_open(new_socket, FD_SOCKET, note);
521 F = &fd_table[new_socket];
522 F->local_addr = addr;
523 F->tos = tos;
524 + F->priority = priority;
525 if (!(flags & COMM_NOCLOEXEC))
526 commSetCloseOnExec(new_socket);
527 if ((flags & COMM_REUSEADDR))
528 @@ -382,6 +397,15 @@
529 debug(5, 1) ("commResetFD: setsockopt(IP_TOS) on FD %d: %s\n", cs->fd, xstrerror());
530 }
531 #endif
532 +#ifdef SO_PRIORITY
533 + if (F->priority) {
534 + unsigned long priority = F->priority;
535 + enter_suid();
536 + if (setsockopt(cs->fd, SOL_SOCKET, SO_PRIORITY, (char *)&priority, sizeof(unsigned long)) < 0)
537 + debug(50, 1) ("commResetFD: setsockopt(SO_PRIORITY) on FD %d: %s\n", cs->fd, xstrerror());
538 + leave_suid();
539 + }
540 +#endif
541 if (F->flags.close_on_exec)
542 commSetCloseOnExec(cs->fd);
543 if (F->flags.nonblocking)
544 diff -Nru squid-2.6.STABLE16.orig/src/forward.c squid-2.6.STABLE16/src/forward.c
545 --- squid-2.6.STABLE16.orig/src/forward.c 2007-09-06 00:28:34.000000000 +0300
546 +++ squid-2.6.STABLE16/src/forward.c 2007-09-08 09:25:35.000000000 +0300
547 @@ -418,6 +418,17 @@
548 return 0;
549 }
550
551 +static unsigned long
552 +aclMapPriority(acl_priority * head, aclCheck_t * ch)
553 +{
554 + acl_priority *l;
555 + for (l = head; l; l = l->next) {
556 + if (aclMatchAclList(l->acl_list, ch))
557 + return l->priority;
558 + }
559 + return 0;
560 +}
561 +
562 struct in_addr
563 getOutgoingAddr(request_t * request)
564 {
565 @@ -446,6 +457,20 @@
566 return aclMapTOS(Config.accessList.outgoing_tos, &ch);
567 }
568
569 +unsigned long
570 +getOutgoingPriority(request_t * request)
571 +{
572 + aclCheck_t ch;
573 + memset(&ch, '\0', sizeof(aclCheck_t));
574 + if (request) {
575 + ch.src_addr = request->client_addr;
576 + ch.my_addr = request->my_addr;
577 + ch.my_port = request->my_port;
578 + ch.request = request;
579 + }
580 + return aclMapPriority(Config.accessList.outgoing_priority, &ch);
581 +}
582 +
583 static void
584 fwdConnectStart(void *data)
585 {
586 @@ -462,6 +487,7 @@
587 int ftimeout = Config.Timeout.forward - (squid_curtime - fwdState->start);
588 struct in_addr outgoing;
589 unsigned short tos;
590 + unsigned long priority;
591 #if LINUX_TPROXY
592 struct in_tproxy itp;
593 #endif
594 @@ -547,15 +573,17 @@
595 #endif
596 outgoing = getOutgoingAddr(fwdState->request);
597 tos = getOutgoingTOS(fwdState->request);
598 + priority = getOutgoingPriority(fwdState->request);
599
600 - debug(17, 3) ("fwdConnectStart: got addr %s, tos %d\n",
601 - inet_ntoa(outgoing), tos);
602 + debug(17, 3) ("fwdConnectStart: got addr %s, tos %d, priority %lu\n",
603 + inet_ntoa(outgoing), tos, priority);
604 fd = comm_openex(SOCK_STREAM,
605 IPPROTO_TCP,
606 outgoing,
607 0,
608 COMM_NONBLOCKING,
609 tos,
610 + priority,
611 url);
612 if (fd < 0) {
613 debug(50, 4) ("fwdConnectStart: %s\n", xstrerror());
614 diff -Nru squid-2.6.STABLE16.orig/src/protos.h squid-2.6.STABLE16/src/protos.h
615 --- squid-2.6.STABLE16.orig/src/protos.h 2007-07-15 12:52:17.000000000 +0300
616 +++ squid-2.6.STABLE16/src/protos.h 2007-09-08 09:25:35.000000000 +0300
617 @@ -160,7 +160,7 @@
618 extern void comm_init(void);
619 extern int comm_listen(int sock);
620 extern int comm_open(int, int, struct in_addr, u_short port, int, const char *note);
621 -extern int comm_openex(int, int, struct in_addr, u_short, int, unsigned char TOS, const char *);
622 +extern int comm_openex(int, int, struct in_addr, u_short, int, unsigned char TOS, unsigned long PRIORITY, const char *);
623 extern u_short comm_local_port(int fd);
624
625 extern void commDeferFD(int fd);
626 @@ -735,6 +735,7 @@
627 #endif
628 struct in_addr getOutgoingAddr(request_t * request);
629 unsigned long getOutgoingTOS(request_t * request);
630 +unsigned long getOutgoingPriority(request_t * request);
631
632 extern void urnStart(request_t *, StoreEntry *);
633
634 diff -Nru squid-2.6.STABLE16.orig/src/ssl.c squid-2.6.STABLE16/src/ssl.c
635 --- squid-2.6.STABLE16.orig/src/ssl.c 2007-02-03 23:53:38.000000000 +0200
636 +++ squid-2.6.STABLE16/src/ssl.c 2007-09-08 09:25:35.000000000 +0300
637 @@ -524,6 +524,7 @@
638 0,
639 COMM_NONBLOCKING,
640 getOutgoingTOS(request),
641 ++ getOutgoingPriority(request),
642 url);
643 if (sock == COMM_ERROR) {
644 debug(26, 4) ("sslStart: Failed because we're out of sockets.\n");
645 diff -Nru squid-2.6.STABLE16.orig/src/structs.h squid-2.6.STABLE16/src/structs.h
646 --- squid-2.6.STABLE16.orig/src/structs.h 2007-09-08 09:25:07.000000000 +0300
647 +++ squid-2.6.STABLE16/src/structs.h 2007-09-08 09:25:35.000000000 +0300
648 @@ -296,6 +296,12 @@
649 int tos;
650 };
651
652 +struct _acl_priority {
653 + acl_priority *next;
654 + acl_list *acl_list;
655 + unsigned long priority;
656 +};
657 +
658 struct _aclCheck_t {
659 const acl_access *access_list;
660 struct in_addr src_addr;
661 @@ -705,6 +711,7 @@
662 acl_access *reply;
663 acl_address *outgoing_address;
664 acl_tos *outgoing_tos;
665 + acl_priority *outgoing_priority;
666 #if USE_HTCP
667 acl_access *htcp;
668 acl_access *htcp_clr;
669 @@ -876,6 +883,7 @@
670 u_short remote_port;
671 struct in_addr local_addr;
672 unsigned char tos;
673 + unsigned long priority;
674 char ipaddr[16]; /* dotted decimal address of peer */
675 char desc[FD_DESC_SZ];
676 struct {
677 diff -Nru squid-2.6.STABLE16.orig/src/typedefs.h squid-2.6.STABLE16/src/typedefs.h
678 --- squid-2.6.STABLE16.orig/src/typedefs.h 2006-09-02 17:08:42.000000000 +0300
679 +++ squid-2.6.STABLE16/src/typedefs.h 2007-09-08 09:25:35.000000000 +0300
680 @@ -102,6 +102,7 @@
681 typedef struct _acl_access acl_access;
682 typedef struct _acl_address acl_address;
683 typedef struct _acl_tos acl_tos;
684 +typedef struct _acl_priority acl_priority;
685 typedef struct _aclCheck_t aclCheck_t;
686 typedef struct _wordlist wordlist;
687 typedef struct _intlist intlist;
688
689
690
691 1.1 net-proxy/squid/files/squid-2.6.16-ToS_Hit_ToS_Preserve.patch
692
693 file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-proxy/squid/files/squid-2.6.16-ToS_Hit_ToS_Preserve.patch?rev=1.1&view=markup
694 plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-proxy/squid/files/squid-2.6.16-ToS_Hit_ToS_Preserve.patch?rev=1.1&content-type=text/plain
695
696 Index: squid-2.6.16-ToS_Hit_ToS_Preserve.patch
697 ===================================================================
698 diff -Nru squid-2.6.STABLE16.orig/src/cf.data.pre squid-2.6.STABLE16/src/cf.data.pre
699 --- squid-2.6.STABLE16.orig/src/cf.data.pre 2007-09-08 08:27:44.000000000 +0300
700 +++ squid-2.6.STABLE16/src/cf.data.pre 2007-09-08 08:30:18.000000000 +0300
701 @@ -1190,6 +1190,64 @@
702 to off when using this directive in such configurations.
703 DOC_END
704
705 +NAME: zph_tos_local
706 +TYPE: int
707 +DEFAULT: 0
708 +LOC: Config.zph_tos_local
709 +DOC_START
710 + Allows you to select a TOS/Diffserv value to mark local hits. Read above
711 + (tcp_outgoing_tos) for details/requirements about TOS.
712 + Default: 0 (disabled).
713 +DOC_END
714 +
715 +NAME: zph_tos_peer
716 +TYPE: int
717 +DEFAULT: 0
718 +LOC: Config.zph_tos_peer
719 +DOC_START
720 + Allows you to select a TOS/Diffserv value to mark peer hits. Read above
721 + (tcp_outgoing_tos) for details/requirements about TOS.
722 + Default: 0 (disabled).
723 +DOC_END
724 +
725 +NAME: zph_tos_parent
726 +COMMENT: on|off
727 +TYPE: onoff
728 +LOC: Config.onoff.zph_tos_parent
729 +DEFAULT: on
730 +DOC_START
731 + Set this to off if you want only sibling hits to be marked.
732 + If set to on (default), parent hits are being marked too.
733 +DOC_END
734 +
735 +NAME: zph_preserve_miss_tos
736 +COMMENT: on|off
737 +TYPE: onoff
738 +LOC: Config.onoff.zph_preserve_miss_tos
739 +DEFAULT: on
740 +DOC_START
741 + If set to on (default), any HTTP response towards clients will
742 + have the TOS value of the response comming from the remote
743 + server masked with the value of zph_preserve_miss_tos_mask.
744 + For this to work correctly, you will need to patch your linux
745 + kernel with the TOS preserving ZPH patch.
746 + Has no effect under FreeBSD, works only under linux ZPH patched
747 + kernels.
748 +DOC_END
749 +
750 +NAME: zph_preserve_miss_tos_mask
751 +TYPE: int
752 +DEFAULT: 255
753 +LOC: Config.zph_preserve_miss_tos_mask
754 +DOC_START
755 + Allows you to mask certain bits in the TOS received from the
756 + remote server, before copying the value to the TOS send towards
757 + clients.
758 + See zph_preserve_miss_tos for details.
759 +
760 + Default: 255 (TOS from server is not changed).
761 +DOC_END
762 +
763 NAME: tcp_outgoing_address
764 TYPE: acl_address
765 DEFAULT: none
766 diff -Nru squid-2.6.STABLE16.orig/src/client_side.c squid-2.6.STABLE16/src/client_side.c
767 --- squid-2.6.STABLE16.orig/src/client_side.c 2007-09-08 08:27:44.000000000 +0300
768 +++ squid-2.6.STABLE16/src/client_side.c 2007-09-08 08:30:18.000000000 +0300
769 @@ -2632,6 +2632,55 @@
770 return;
771 }
772 assert(http->out.offset == 0);
773 +
774 + if ( Config.zph_tos_local || Config.zph_tos_peer ||
775 + (Config.onoff.zph_preserve_miss_tos && Config.zph_preserve_miss_tos_mask) )
776 + {
777 + int need_change = 0;
778 + int hit = 0;
779 + int tos = 0;
780 + int tos_old = 0;
781 + int tos_len = sizeof(tos_old);
782 + int res;
783 +
784 + if (Config.zph_tos_local && isTcpHit(http->log_type)) { /* local hit */
785 + hit = 1;
786 + tos = Config.zph_tos_local;
787 + } else if (Config.zph_tos_peer &&
788 + (http->request->hier.code == SIBLING_HIT || /* sibling hit */
789 + (Config.onoff.zph_tos_parent &&
790 + http->request->hier.code == PARENT_HIT))) { /* parent hit */
791 + hit = 1;
792 + tos = Config.zph_tos_peer;
793 + }
794 + if (http->request->flags.proxy_keepalive) {
795 + if (getsockopt(fd, IPPROTO_IP, IP_TOS, &tos_old, &tos_len) < 0) {
796 + debug(33, 1) ("ZPH: getsockopt(IP_TOS) on FD %d: %s\n", fd, xstrerror());
797 + } else if (hit && tos_old != tos) { /* HIT: 1-st request, or previous was MISS, */
798 + need_change = 1; /* or local/parent hit change */
799 + } else if (!hit && (tos_old || /* MISS: previous was HIT */
800 + Config.onoff.zph_preserve_miss_tos)) { /* TOS copying is on */
801 +#if defined(_SQUID_LINUX_)
802 + if ( Config.onoff.zph_preserve_miss_tos ) {
803 + tos = (entry->mem_obj != NULL) ?
804 + (entry->mem_obj->recvTOS & Config.zph_preserve_miss_tos_mask):0;
805 + } else tos = 0;
806 +#else
807 + tos = 0;
808 +#endif
809 + need_change = 1;
810 + }
811 + } else if (hit) { /* no keepalive */
812 + need_change = 1;
813 + }
814 + if (need_change) {
815 + if (!hit) enter_suid(); /* Setting TOS bit6-7 is privilleged */
816 + res = setsockopt(fd, IPPROTO_IP, IP_TOS, &tos, sizeof(tos));
817 + if (!hit) leave_suid(); /* Setting bit5-7 is privilleged */
818 + if ( res < 0)
819 + debug(33, 1) ("ZPH: setsockopt(IP_TOS) on FD %d: %s\n", fd, xstrerror());
820 + }
821 + }
822 rep = http->reply = clientBuildReply(http, buf, size);
823 if (!rep) {
824 /* Forward as HTTP/0.9 body with no reply */
825 diff -Nru squid-2.6.STABLE16.orig/src/http.c squid-2.6.STABLE16/src/http.c
826 --- squid-2.6.STABLE16.orig/src/http.c 2007-07-22 00:05:55.000000000 +0300
827 +++ squid-2.6.STABLE16/src/http.c 2007-09-08 08:30:18.000000000 +0300
828 @@ -1391,6 +1391,53 @@
829 peer *p = httpState->peer;
830 CWCB *sendHeaderDone;
831 int fd = httpState->fd;
832 +
833 +#if defined(_SQUID_LINUX_)
834 +/* ZPH patch starts here (M.Stavrev 25-05-2005)
835 + * Retrieve connection peer's TOS value (which its SYN_ACK TCP segment
836 + * was encapsulated into an IP packet)
837 + */
838 + int tos, tos_len;
839 + if ( entry && entry->mem_obj ) { // Is this check necessary ? Seems not, but
840 + // have no time to investigate further.
841 + entry->mem_obj->recvTOS = 0;
842 + tos = 1;
843 + tos_len = sizeof(tos);
844 + if ( setsockopt(fd,SOL_IP, IP_RECVTOS, &tos, tos_len) == 0 ) {
845 + unsigned char buf[128];
846 + int len = 128;
847 + if (getsockopt(fd, SOL_IP, IP_PKTOPTIONS, buf, &len) == 0)
848 + {
849 + /* Parse the PKTOPTIONS structure to locate the TOS data message
850 + * prepared in the kernel by the ZPH incoming TCP TOS preserving
851 + * patch. In 99,99% the TOS should be located at buf[12], but
852 + * let's do it the right way.
853 + */
854 + unsigned char * p = buf;
855 + while ( p-buf < len ) {
856 + struct cmsghdr * o = (struct cmsghdr*)p;
857 + if ( o->cmsg_len <= 0 || o->cmsg_len > 52 )
858 + break;
859 + if ( o->cmsg_level == SOL_IP && o->cmsg_type == IP_TOS ) {
860 + entry->mem_obj->recvTOS = (unsigned char)(*(int*)
861 + (p + sizeof(struct cmsghdr)));
862 + debug(11, 5) ("ZPH: Incomming TOS=%d on FD %d\n",
863 + entry->mem_obj->recvTOS, fd );
864 + break;
865 + }
866 + p += o->cmsg_len;
867 + }
868 + } else {
869 + debug(11, 5) ("ZPH: getsockopt(IP_PKTOPTIONS) on FD %d: %s\n",
870 + fd, xstrerror());
871 + }
872 + } else {
873 + debug(11, 5) ("ZPH: setsockopt(IP_RECVTOS) on FD %d: %s\n",
874 + fd, xstrerror());
875 + }
876 + }
877 +/* ZPH patch ends here */
878 +#endif
879
880 debug(11, 5) ("httpSendRequest: FD %d: httpState %p.\n", fd, httpState);
881
882 diff -Nru squid-2.6.STABLE16.orig/src/structs.h squid-2.6.STABLE16/src/structs.h
883 --- squid-2.6.STABLE16.orig/src/structs.h 2007-09-06 00:28:34.000000000 +0300
884 +++ squid-2.6.STABLE16/src/structs.h 2007-09-08 08:30:18.000000000 +0300
885 @@ -669,6 +669,8 @@
886 int relaxed_header_parser;
887 int accel_no_pmtu_disc;
888 int global_internal_static;
889 + int zph_tos_parent;
890 + int zph_preserve_miss_tos;
891 int httpd_suppress_version_string;
892 int via;
893 int check_hostnames;
894 @@ -793,6 +795,9 @@
895 int sleep_after_fork; /* microseconds */
896 time_t minimum_expiry_time; /* seconds */
897 external_acl *externalAclHelperList;
898 + int zph_tos_local;
899 + int zph_tos_peer;
900 + int zph_preserve_miss_tos_mask;
901 errormap *errorMapList;
902 #if USE_SSL
903 struct {
904 @@ -1724,6 +1729,9 @@
905 const char *vary_encoding;
906 StoreEntry *ims_entry;
907 time_t refresh_timestamp;
908 +#if defined(_SQUID_LINUX_)
909 + unsigned char recvTOS; /* ZPH patch - stores remote server's TOS */
910 +#endif
911 };
912
913 struct _StoreEntry {
914
915
916
917 --
918 gentoo-commits@g.o mailing list