[squid-users] bugfix and patches for 2.5.STABLE6

From: Przemek Czerkas <[email protected]>
Date: Sat, 28 Aug 2004 01:51:58 +0200

pc-bugfix1-2.5.STABLE6.diff: fixes almost 6 years old bug in enums.h
(someone double me, please :-)

pc-patch1-2.5.STABLE6.diff: (based on patch by David S. Madole
http://www.omdev.com/squid/squid-2.2.STABLE4.ignore-no-cache.patch )
adds more options to refresh-pattern configuration:
- 'ignore-no-cache' ignores any "Pragma: no-cache" and "Cache-control:
     no-cache" headers received from a server
- 'ignore-private' ignores any "Cache-control: private" headers
     received from a server
- 'ignore-auth' caches responses to requests with authorization
     irrespective of "Cache-control" headers received from a server

pc-patch2-2.5.STABLE6.diff: modifies ipcache.c so squid works with
buggy http load balancers based on round robin dns (nonpreserving user
session across different servers in cluster).

regards
Przemek Czerkas

Index: src/enums.h
===================================================================
RCS file: /squid/squid/src/enums.h,v
retrieving revision 1.203.2.10
diff -u -r1.203.2.10 enums.h
--- src/enums.h 4 Feb 2004 17:42:28 -0000 1.203.2.10
+++ src/enums.h 27 Aug 2004 21:22:38 -0000
@@ -217,8 +217,8 @@
     HDR_PROXY_CONNECTION,
     HDR_PUBLIC,
     HDR_RANGE,
- HDR_REQUEST_RANGE, /* some clients use this, sigh */
     HDR_REFERER,
+ HDR_REQUEST_RANGE, /* some clients use this, sigh */
     HDR_RETRY_AFTER,
     HDR_SERVER,
     HDR_SET_COOKIE,

Index: src/cache_cf.c
===================================================================
RCS file: /squid/squid/src/cache_cf.c,v
retrieving revision 1.396.2.17
diff -u -r1.396.2.17 cache_cf.c
--- src/cache_cf.c 29 Apr 2004 23:56:50 -0000 1.396.2.17
+++ src/cache_cf.c 27 Aug 2004 21:22:38 -0000
@@ -1809,6 +1809,12 @@
             storeAppendPrintf(entry, " reload-into-ims");
         if (head->flags.ignore_reload)
             storeAppendPrintf(entry, " ignore-reload");
+ if (head->flags.ignore_no_cache)
+ storeAppendPrintf(entry, " ignore-no-cache");
+ if (head->flags.ignore_private)
+ storeAppendPrintf(entry, " ignore-private");
+ if (head->flags.ignore_auth)
+ storeAppendPrintf(entry, " ignore-auth");
 #endif
         storeAppendPrintf(entry, "\n");
         head = head->next;
@@ -1828,6 +1834,9 @@
     int override_lastmod = 0;
     int reload_into_ims = 0;
     int ignore_reload = 0;
+ int ignore_no_cache = 0;
+ int ignore_private = 0;
+ int ignore_auth = 0;
 #endif
     int i;
     refresh_t *t;
@@ -1859,6 +1868,12 @@
             override_expire = 1;
         else if (!strcmp(token, "override-lastmod"))
             override_lastmod = 1;
+ else if (!strcmp(token, "ignore-no-cache"))
+ ignore_no_cache = 1;
+ else if (!strcmp(token, "ignore-private"))
+ ignore_private = 1;
+ else if (!strcmp(token, "ignore-auth"))
+ ignore_auth = 1;
         else if (!strcmp(token, "reload-into-ims")) {
             reload_into_ims = 1;
             refresh_nocache_hack = 1;
@@ -1900,6 +1915,12 @@
         t->flags.reload_into_ims = 1;
     if (ignore_reload)
         t->flags.ignore_reload = 1;
+ if (ignore_no_cache)
+ t->flags.ignore_no_cache = 1;
+ if (ignore_private)
+ t->flags.ignore_private = 1;
+ if (ignore_auth)
+ t->flags.ignore_auth = 1;
 #endif
     t->next = NULL;
     while (*head)
Index: src/cf.data.pre
===================================================================
RCS file: /squid/squid/src/cf.data.pre,v
retrieving revision 1.245.2.66
diff -u -r1.245.2.66 cf.data.pre
--- src/cf.data.pre 30 Apr 2004 20:40:39 -0000 1.245.2.66
+++ src/cf.data.pre 27 Aug 2004 21:22:38 -0000
@@ -1665,6 +1665,9 @@
                  override-lastmod
                  reload-into-ims
                  ignore-reload
+ ignore-no-cache
+ ignore-private
+ ignore-auth
 
                 override-expire enforces min age even if the server
                 sent a Expires: header. Doing this VIOLATES the HTTP
@@ -1684,6 +1687,23 @@
                 this feature could make you liable for problems which
                 it causes.
                 
+ ignore-no-cache ignores any ``Pragma: no-cache'' and
+ ``Cache-control: no-cache'' headers received from a server.
+ The HTTP RFC never allows the use of this (Pragma) header
+ from a server, only a client, though plenty of servers
+ send it anyway.
+
+ ignore-private ignores any ``Cache-control: private''
+ headers received from a server. Doing this VIOLATES
+ the HTTP standard. Enabling this feature could make you
+ liable for problems which it causes.
+
+ ignore-auth caches responses to requests with authorization,
+ irrespective of ``Cache-control'' headers received from
+ a server. Doing this VIOLATES the HTTP standard. Enabling
+ this feature could make you liable for problems which
+ it causes.
+
         Basically a cached object is:
 
                 FRESH if expires < now, else STALE
Index: src/http.c
===================================================================
RCS file: /squid/squid/src/http.c,v
retrieving revision 1.384.2.16
diff -u -r1.384.2.16 http.c
--- src/http.c 8 Jun 2004 10:54:07 -0000 1.384.2.16
+++ src/http.c 27 Aug 2004 21:22:38 -0000
@@ -229,10 +229,14 @@
     HttpHeader *hdr = &rep->header;
     const int cc_mask = (rep->cache_control) ? rep->cache_control->mask : 0;
     const char *v;
- if (EBIT_TEST(cc_mask, CC_PRIVATE))
- return 0;
- if (EBIT_TEST(cc_mask, CC_NO_CACHE))
- return 0;
+ if (EBIT_TEST(cc_mask, CC_PRIVATE)) {
+ const refresh_t *R = refreshLimits(httpState->entry->mem_obj->url);
+ if (R && !R->flags.ignore_private) return 0;
+ }
+ if (EBIT_TEST(cc_mask, CC_NO_CACHE)) {
+ const refresh_t *R = refreshLimits(httpState->entry->mem_obj->url);
+ if (R && !R->flags.ignore_no_cache) return 0;
+ }
     if (EBIT_TEST(cc_mask, CC_NO_STORE))
         return 0;
     if (httpState->request->flags.auth) {
@@ -241,8 +245,10 @@
          * only if a Cache-Control: public reply header is present.
          * RFC 2068, sec 14.9.4
          */
- if (!EBIT_TEST(cc_mask, CC_PUBLIC))
- return 0;
+ if (!EBIT_TEST(cc_mask, CC_PUBLIC)) {
+ const refresh_t *R = refreshLimits(httpState->entry->mem_obj->url);
+ if (R && !R->flags.ignore_auth) return 0;
+ }
     }
     /* Pragma: no-cache in _replies_ is not documented in HTTP,
      * but servers like "Active Imaging Webcast/2.0" sure do use it */
@@ -250,8 +256,10 @@
         String s = httpHeaderGetList(hdr, HDR_PRAGMA);
         const int no_cache = strListIsMember(&s, "no-cache", ',');
         stringClean(&s);
- if (no_cache)
- return 0;
+ if (no_cache) {
+ const refresh_t *R = refreshLimits(httpState->entry->mem_obj->url);
+ if (R && !R->flags.ignore_no_cache) return 0;
+ }
     }
     /*
      * The "multipart/x-mixed-replace" content type is used for
Index: src/protos.h
===================================================================
RCS file: /squid/squid/src/protos.h,v
retrieving revision 1.420.2.22
diff -u -r1.420.2.22 protos.h
--- src/protos.h 4 Feb 2004 17:42:28 -0000 1.420.2.22
+++ src/protos.h 27 Aug 2004 21:22:38 -0000
@@ -784,6 +784,7 @@
 extern int refreshCheckDigest(const StoreEntry *, time_t delta);
 extern time_t getMaxAge(const char *url);
 extern void refreshInit(void);
+extern const refresh_t *refreshLimits(const char *url);
 
 extern void serverConnectionsClose(void);
 extern void shut_down(int);
Index: src/refresh.c
===================================================================
RCS file: /squid/squid/src/refresh.c,v
retrieving revision 1.56.2.1
diff -u -r1.56.2.1 refresh.c
--- src/refresh.c 18 Jul 2002 09:22:17 -0000 1.56.2.1
+++ src/refresh.c 27 Aug 2004 21:22:38 -0000
@@ -99,14 +99,13 @@
 #define REFRESH_DEFAULT_PCT 0.20
 #define REFRESH_DEFAULT_MAX (time_t)259200
 
-static const refresh_t *refreshLimits(const char *);
 static const refresh_t *refreshUncompiledPattern(const char *);
 static OBJH refreshStats;
 static int refreshStaleness(const StoreEntry *, time_t, time_t, const refresh_t *, stale_flags *);
 
 static refresh_t DefaultRefresh;
 
-static const refresh_t *
+const refresh_t *
 refreshLimits(const char *url)
 {
     const refresh_t *R;
Index: src/structs.h
===================================================================
RCS file: /squid/squid/src/structs.h,v
retrieving revision 1.408.2.24
diff -u -r1.408.2.24 structs.h
--- src/structs.h 18 Apr 2004 23:43:30 -0000 1.408.2.24
+++ src/structs.h 27 Aug 2004 21:22:38 -0000
@@ -1690,6 +1690,9 @@
         unsigned int override_lastmod:1;
         unsigned int reload_into_ims:1;
         unsigned int ignore_reload:1;
+ unsigned int ignore_no_cache:1;
+ unsigned int ignore_private:1;
+ unsigned int ignore_auth:1;
 #endif
     } flags;
 };

Index: src/ipcache.c
===================================================================
RCS file: /squid/squid/src/ipcache.c,v
retrieving revision 1.236.2.3
diff -u -r1.236.2.3 ipcache.c
--- src/ipcache.c 12 Feb 2004 09:32:09 -0000 1.236.2.3
+++ src/ipcache.c 27 Aug 2004 21:22:38 -0000
@@ -313,6 +313,8 @@
     int j;
     int na = 0;
     int ttl = 0;
+ int l = 0;
+ struct in_addr high_addr,tmp_addr;
     const char *name = (const char *) i->hash.key;
     i->expires = squid_curtime + Config.negativeDnsTtl;
     i->flags.negcached = 1;
@@ -332,11 +334,19 @@
         return i;
     }
     assert(answers);
- for (j = 0, k = 0; k < nr; k++) {
+ high_addr.s_addr = 0;
+ tmp_addr.s_addr = 0;
+ for (k = 0; k < nr; k++) {
         if (answers[k].type != RFC1035_TYPE_A)
             continue;
         if (answers[k].class != RFC1035_CLASS_IN)
             continue;
+ xmemcpy(&tmp_addr, answers[k].rdata, 4);
+ if (tmp_addr.s_addr > high_addr.s_addr) {
+ high_addr.s_addr = tmp_addr.s_addr;
+ l = k;
+ debug(14, 3) ("l: #%d\n",l);
+ }
         na++;
     }
     if (na == 0) {
@@ -344,6 +354,15 @@
         i->error_message = xstrdup("No Address records");
         return i;
     }
+ for (k = 0; k < nr; k++) {
+ if (answers[k].type != RFC1035_TYPE_A)
+ continue;
+ if (answers[k].class != RFC1035_CLASS_IN)
+ continue;
+ if (k != l)
+ answers[k].type = 0;
+ }
+ na = 1;
     i->flags.negcached = 0;
     i->addrs.in_addrs = xcalloc(na, sizeof(struct in_addr));
     i->addrs.bad_mask = xcalloc(na, sizeof(unsigned char));
@@ -367,6 +386,13 @@
         ttl = Config.negativeDnsTtl;
     i->expires = squid_curtime + ttl;
     assert(j == na);
+ for (k = 0; k < nr; k++) {
+ if (answers[k].type != RFC1035_TYPE_A)
+ continue;
+ if (answers[k].class != RFC1035_CLASS_IN)
+ continue;
+ answers[k].type = RFC1035_TYPE_A;
+ }
     return i;
 }
 #endif
Received on Fri Aug 27 2004 - 17:54:17 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Sep 01 2004 - 12:00:03 MDT