diff -cr squid-1.0.beta2/ChangeLog squid-1.0.beta3/ChangeLog *** squid-1.0.beta2/ChangeLog Sun Apr 21 18:43:03 1996 --- squid-1.0.beta3/ChangeLog Wed Apr 24 08:29:52 1996 *************** *** 69,75 **** - Removed dual logging to stderr/cache.log. - Removed old IP access controls ('proxy_allow', etc.) ! Changes to 1.0.beta2 - Fixed /bin/csh "$#argv" leftover in RunCache. - Fixed ACL day-of-week bitmask bug. --- 69,75 ---- - Removed dual logging to stderr/cache.log. - Removed old IP access controls ('proxy_allow', etc.) ! Changes to 1.0.beta2: - Fixed /bin/csh "$#argv" leftover in RunCache. - Fixed ACL day-of-week bitmask bug. *************** *** 79,81 **** --- 79,99 ---- of the structure itself (for AIX). - Changed ftpget to fork before reading the request and make sure the entire request is read. + + Changes to 1.0.beta3: + + - Added ftpget '-C minport:maxport' option + - Fixed PROTO_MAX fencepost bug in stat_init(). + - Fixed Fixed CheckQuickAbort() coredump. + - Fixed disabling store.log and hierarchy.log when set to "none" + - Fixed numerous problems related to setuid(). + - Fixed 'check_cache.pl' to use new swaplog format (without "FILE"). + - Fixed ACL coredumps when checking NULL words. + - Changed pid_filename to be written and unlinked as root. + - Added "-i seconds" option to 'client' for testing IMS GET. + - Fixed a bug where an IMS request caused the valid object to + get ejected from the cache. + - Fixed continual DEAD_PARENT/REVIVE bug + - Fixed ERR_INVALID_URL bug for URLs with a password field. + - Added to Release-Notes info about converting 'cache/log' and + difference between stoplists and ttl_pattern. diff -cr squid-1.0.beta2/configure squid-1.0.beta3/configure *** squid-1.0.beta2/configure Sat Apr 20 12:57:37 1996 --- squid-1.0.beta3/configure Tue Apr 23 12:51:48 1996 *************** *** 1970,1981 **** regcomp \ regexec \ regfree \ setrlimit \ strdup \ strerror \ sysconf \ syslog \ ! timegm\ do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 --- 1970,1983 ---- regcomp \ regexec \ regfree \ + seteuid \ + setresuid \ setrlimit \ strdup \ strerror \ sysconf \ syslog \ ! timegm \ do echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 *************** *** 1983,1989 **** echo $ac_n "(cached) $ac_c" 1>&6 else cat > conftest.$ac_ext <&6 else cat > conftest.$ac_ext < log + + + Notes on stoplists vs. ttl_pattern + ============================================================================== + You can use the stoplists ('http_stop', etc) in the configuration file + to prevent objects from being cached. Using a 'ttl_pattern' with the + TTL to zero will also prevent objects from being saved. + + There is one important difference between these two methods however. + Squid nevery makes ICP queries for objects which match the stoplists. + Instead, the object will be fetched directly (unless on the other side + of a firewall). We recommend that you use the stoplist for cgi-bin + scripts and use the ttl_pattern rules to prevent caching of normal + objects. diff -cr squid-1.0.beta2/include/autoconf.h.in squid-1.0.beta3/include/autoconf.h.in *** squid-1.0.beta2/include/autoconf.h.in Sat Apr 20 12:57:37 1996 --- squid-1.0.beta3/include/autoconf.h.in Tue Apr 23 12:51:49 1996 *************** *** 55,60 **** --- 55,66 ---- /* Define if you have the regfree function. */ #undef HAVE_REGFREE + /* Define if you have the seteuid function. */ + #undef HAVE_SETEUID + + /* Define if you have the setresuid function. */ + #undef HAVE_SETRESUID + /* Define if you have the setrlimit function. */ #undef HAVE_SETRLIMIT diff -cr squid-1.0.beta2/include/version.h squid-1.0.beta3/include/version.h *** squid-1.0.beta2/include/version.h Thu Apr 18 13:47:48 1996 --- squid-1.0.beta3/include/version.h Mon Apr 22 14:23:28 1996 *************** *** 1,7 **** ! /* $Id: version.h,v 1.19.4.1 1996/04/18 20:47:48 wessels Exp $ * * SQUID_VERSION - String for version id of this distribution */ #ifndef SQUID_VERSION ! #define SQUID_VERSION "1.0.beta1" #endif --- 1,7 ---- ! /* $Id: version.h,v 1.19.4.2 1996/04/22 21:23:28 wessels Exp $ * * SQUID_VERSION - String for version id of this distribution */ #ifndef SQUID_VERSION ! #define SQUID_VERSION "1.0.beta3" #endif diff -cr squid-1.0.beta2/scripts/check_cache.pl squid-1.0.beta3/scripts/check_cache.pl *** squid-1.0.beta2/scripts/check_cache.pl Wed Feb 21 22:23:57 1996 --- squid-1.0.beta3/scripts/check_cache.pl Tue Apr 23 16:21:09 1996 *************** *** 7,13 **** # Version 1 did all this in memory, but the log file can be a # little on the large side... 8-( ! # $Id: check_cache.pl,v 1.1.1.1 1996/02/22 06:23:57 wessels Exp $ require "getopts.pl"; &Getopts("c:dl:rt:v"); --- 7,13 ---- # Version 1 did all this in memory, but the log file can be a # little on the large side... 8-( ! # $Id: check_cache.pl,v 1.1.1.1.2.1 1996/04/23 23:21:09 wessels Exp $ require "getopts.pl"; &Getopts("c:dl:rt:v"); *************** *** 22,28 **** chdir($tmpdir); # snarf filenames from Harvest log & sort em ! system("cut -f2 -d' ' $logfile >pl$$"); system("sort -T $tmpdir pl$$ >spl$$; rm pl$$"); # get list of files in cache & sort em --- 22,28 ---- chdir($tmpdir); # snarf filenames from Harvest log & sort em ! system("cut -f1 -d' ' $logfile >pl$$"); system("sort -T $tmpdir pl$$ >spl$$; rm pl$$"); # get list of files in cache & sort em diff -cr squid-1.0.beta2/src/acl.c squid-1.0.beta3/src/acl.c *** squid-1.0.beta2/src/acl.c Sat Apr 20 12:55:59 1996 --- squid-1.0.beta3/src/acl.c Tue Apr 23 16:22:05 1996 *************** *** 1,4 **** ! /* "$Id: acl.c,v 1.12.2.2 1996/04/20 19:55:59 wessels Exp $" */ /* * DEBUG: Section 28 acl --- 1,4 ---- ! /* "$Id: acl.c,v 1.12.2.3 1996/04/23 23:22:05 wessels Exp $" */ /* * DEBUG: Section 28 acl *************** *** 426,431 **** --- 426,433 ---- wordlist *data; char *word; { + if (word == NULL) + return 0; debug(28, 3, "aclMatchWord: checking '%s'\n", word); while (data) { debug(28, 3, "aclMatchWord: looking for '%s'\n", data->key); *************** *** 439,444 **** --- 441,448 ---- relist *data; char *word; { + if (word == NULL) + return 0; debug(28, 3, "aclMatchRegex: checking '%s'\n", word); while (data) { debug(28, 3, "aclMatchRegex: looking for '%s'\n", data->pattern); diff -cr squid-1.0.beta2/src/client.c squid-1.0.beta3/src/client.c *** squid-1.0.beta2/src/client.c Tue Mar 26 17:45:56 1996 --- squid-1.0.beta3/src/client.c Tue Apr 23 22:35:29 1996 *************** *** 1,5 **** ! /* $Id: client.c,v 1.4 1996/03/27 01:45:56 wessels Exp $ */ #include "squid.h" --- 1,5 ---- ! /* $Id: client.c,v 1.4.2.1 1996/04/24 05:35:29 wessels Exp $ */ #include "squid.h" *************** *** 33,38 **** --- 33,39 ---- int port, to_stdout, reload; char url[BUFSIZ], msg[BUFSIZ], buf[BUFSIZ], hostname[BUFSIZ]; extern char *optarg; + time_t ims = 0; /* set the defaults */ strcpy(hostname, "localhost"); *************** *** 46,52 **** strcpy(url, argv[argc - 1]); if (url[0] == '-') usage(argv[0]); ! while ((c = getopt(argc, argv, "fsrnp:c:h:?")) != -1) switch (c) { case 'h': /* host:arg */ case 'c': /* backward compat */ --- 47,53 ---- strcpy(url, argv[argc - 1]); if (url[0] == '-') usage(argv[0]); ! while ((c = getopt(argc, argv, "fsrnp:c:h:i:?")) != -1) switch (c) { case 'h': /* host:arg */ case 'c': /* backward compat */ *************** *** 65,70 **** --- 66,74 ---- if (port < 1) port = CACHE_HTTP_PORT; /* default */ break; + case 'i': /* IMS */ + ims = (time_t) atoi(optarg); + break; case '?': /* usage */ default: usage(argv[0]); *************** *** 88,98 **** exit(1); } /* Build the HTTP request */ if (reload) { ! sprintf(msg, "GET %s HTTP/1.0\r\nPragma: no-cache\r\nAccept: */*\r\n\r\n", url); ! } else { ! sprintf(msg, "GET %s HTTP/1.0\r\nAccept: */*\r\n\r\n", url); } /* Send the HTTP request */ bytesWritten = write(conn, msg, strlen(msg)); --- 92,110 ---- exit(1); } /* Build the HTTP request */ + sprintf(msg, "GET %s HTTP/1.0\r\n", url); if (reload) { ! sprintf(buf, "Pragma: no-cache\r\n"); ! strcat(msg, buf); } + sprintf(buf, "Accept: */*\r\n"); + strcat(msg, buf); + if (ims) { + sprintf(buf, "If-Modified-Since: %s\r\n", mkrfc850(&ims)); + strcat(msg, buf); + } + sprintf(buf, "\r\n"); + strcat(msg, buf); /* Send the HTTP request */ bytesWritten = write(conn, msg, strlen(msg)); diff -cr squid-1.0.beta2/src/comm.c squid-1.0.beta3/src/comm.c *** squid-1.0.beta2/src/comm.c Wed Apr 17 16:48:38 1996 --- squid-1.0.beta3/src/comm.c Thu Apr 18 11:03:43 1996 *************** *** 1,5 **** ! /* $Id: comm.c,v 1.30 1996/04/17 23:48:38 wessels Exp $ */ /* DEBUG: Section 5 comm: socket level functions */ --- 1,5 ---- ! /* $Id: comm.c,v 1.30.2.1 1996/04/18 18:03:43 wessels Exp $ */ /* DEBUG: Section 5 comm: socket level functions */ *************** *** 903,909 **** fd_set read_x; fd_set write_x; fd_set except_x; - int num; int maxfd = getMaxFD(); struct timeval tv; FD_ENTRY *f = NULL; --- 903,908 ---- *************** *** 910,954 **** debug(5, 0, "examine_select: Examining open file descriptors...\n"); for (fd = 0; fd < maxfd; fd++) { FD_ZERO(&read_x); FD_ZERO(&write_x); FD_ZERO(&except_x); tv.tv_sec = tv.tv_usec = 0; ! if ((FD_ISSET(fd, readfds)) || ! (FD_ISSET(fd, writefds)) || ! (FD_ISSET(fd, exceptfds))) { ! FD_SET(fd, &read_x); ! num = select(FD_SETSIZE, &read_x, &read_x, &read_x, &tv); ! if (num < 0) { ! f = &fd_table[fd]; ! debug(5, 0, "WARNING: FD %d has handlers, but it's invalid.\n", fd); ! debug(5, 0, "lifetm:%p tmout:%p read:%p write:%p expt:%p\n", ! f->lifetime_handler, ! f->timeout_handler, ! f->read_handler, ! f->write_handler, ! f->except_handler); ! if (f->close_handler) { ! debug(5, 0, "examine_select: Calling Close Handler\n"); ! f->close_handler(fd, f->close_data); ! } else if (f->lifetime_handler) { ! debug(5, 0, "examine_select: Calling Lifetime Handler\n"); ! f->lifetime_handler(fd, f->lifetime_data); ! } else if (f->timeout_handler) { ! debug(5, 0, "examine_select: Calling Timeout Handler\n"); ! f->timeout_handler(fd, f->timeout_data); ! } ! f->close_handler = 0; ! f->lifetime_handler = 0; ! f->timeout_handler = 0; ! f->read_handler = 0; ! f->write_handler = 0; ! f->except_handler = 0; ! FD_CLR(fd, readfds); ! FD_CLR(fd, writefds); ! FD_CLR(fd, exceptfds); ! } } } debug(5, 0, "examine_select: Finished examining open file descriptors.\n"); return 0; --- 909,961 ---- debug(5, 0, "examine_select: Examining open file descriptors...\n"); for (fd = 0; fd < maxfd; fd++) { + if (!FD_ISSET(fd, readfds) && !FD_ISSET(fd, writefds) && !FD_ISSET(fd, exceptfds)) + continue; FD_ZERO(&read_x); FD_ZERO(&write_x); FD_ZERO(&except_x); tv.tv_sec = tv.tv_usec = 0; ! FD_SET(fd, &read_x); ! if (select(FD_SETSIZE, &read_x, &read_x, &read_x, &tv) >= 0) ! continue; ! debug(5, 0, "examine_select: FD %d: select: %s\n", fd, ! xstrerror()); ! if (errno != EBADF) ! continue; ! f = &fd_table[fd]; ! debug(5, 0, "WARNING: FD %d has handlers, but it's invalid.\n", ! fd); ! debug(5, 0, "lifetm:%p tmout:%p read:%p write:%p expt:%p\n", ! f->lifetime_handler, ! f->timeout_handler, ! f->read_handler, ! f->write_handler, ! f->except_handler); ! if (f->close_handler) { ! debug(5, 0, "examine_select: Calling Close Handler\n"); ! f->close_handler(fd, f->close_data); ! } else if (f->lifetime_handler) { ! debug(5, 0, "examine_select: Calling Lifetime Handler\n"); ! f->lifetime_handler(fd, f->lifetime_data); ! } else if (f->timeout_handler) { ! debug(5, 0, "examine_select: Calling Timeout Handler\n"); ! f->timeout_handler(fd, f->timeout_data); ! } else if (f->read_handler) { ! debug(5, 0, "examine_select: Calling Read Handler\n"); ! f->read_handler(fd, f->read_data); ! } else if (f->write_handler) { ! debug(5, 0, "examine_select: Calling Write Handler\n"); ! f->write_handler(fd, f->write_data); } + f->close_handler = NULL; + f->lifetime_handler = NULL; + f->timeout_handler = NULL; + f->read_handler = NULL; + f->write_handler = NULL; + f->except_handler = NULL; + FD_CLR(fd, readfds); + FD_CLR(fd, writefds); + FD_CLR(fd, exceptfds); } debug(5, 0, "examine_select: Finished examining open file descriptors.\n"); return 0; diff -cr squid-1.0.beta2/src/ftp.c squid-1.0.beta3/src/ftp.c *** squid-1.0.beta2/src/ftp.c Sat Apr 20 15:52:36 1996 --- squid-1.0.beta3/src/ftp.c Tue Apr 23 22:52:49 1996 *************** *** 1,4 **** ! /* $Id: ftp.c,v 1.37.2.1 1996/04/20 22:52:36 wessels Exp $ */ /* * DEBUG: Section 9 ftp: FTP --- 1,4 ---- ! /* $Id: ftp.c,v 1.37.2.4 1996/04/24 05:52:49 wessels Exp $ */ /* * DEBUG: Section 9 ftp: FTP *************** *** 11,18 **** #define MAGIC_MARKER "\004\004\004" /* No doubt this should be more configurable */ #define MAGIC_MARKER_SZ 3 ! static char *ftpASCII = "A"; ! static char *ftpBinary = "I"; typedef struct _Ftpdata { StoreEntry *entry; --- 11,19 ---- #define MAGIC_MARKER "\004\004\004" /* No doubt this should be more configurable */ #define MAGIC_MARKER_SZ 3 ! static char ftpASCII[] = "A"; ! static char ftpBinary[] = "I"; ! static char localhost[] = "localhost"; typedef struct _Ftpdata { StoreEntry *entry; *************** *** 252,265 **** case 410: /* Gone */ /* These can be cached for a long time, make the key public */ entry->expires = squid_curtime + ttlSet(entry); ! if (!BIT_TEST(entry->flag, ENTRY_PRIVATE)) storeSetPublicKey(entry); break; case 401: /* Unauthorized */ case 407: /* Proxy Authentication Required */ /* These should never be cached at all */ ! if (BIT_TEST(entry->flag, ENTRY_PRIVATE)) ! storeSetPrivateKey(entry); storeExpireNow(entry); BIT_RESET(entry->flag, CACHABLE); storeReleaseRequest(entry); --- 253,266 ---- case 410: /* Gone */ /* These can be cached for a long time, make the key public */ entry->expires = squid_curtime + ttlSet(entry); ! if (BIT_TEST(entry->flag, CACHABLE)) storeSetPublicKey(entry); break; + case 304: /* Not Modified */ case 401: /* Unauthorized */ case 407: /* Proxy Authentication Required */ /* These should never be cached at all */ ! storeSetPrivateKey(entry); storeExpireNow(entry); BIT_RESET(entry->flag, CACHABLE); storeReleaseRequest(entry); *************** *** 267,273 **** default: /* These can be negative cached, make key public */ entry->expires = squid_curtime + getNegativeTTL(); ! if (!BIT_TEST(entry->flag, ENTRY_PRIVATE)) storeSetPublicKey(entry); break; } --- 268,274 ---- default: /* These can be negative cached, make key public */ entry->expires = squid_curtime + getNegativeTTL(); ! if (BIT_TEST(entry->flag, CACHABLE)) storeSetPublicKey(entry); break; } *************** *** 521,528 **** 30, ftpSendComplete, (void *) data); - if (!BIT_TEST(data->entry->flag, ENTRY_PRIVATE)) - storeSetPublicKey(data->entry); /* Make it public */ } void ftpConnInProgress(fd, data) --- 522,527 ---- *************** *** 533,539 **** debug(9, 5, "ftpConnInProgress: FD %d\n", fd); ! if (comm_connect(fd, "localhost", CACHE_FTP_PORT) != COMM_OK) switch (errno) { case EINPROGRESS: case EALREADY: --- 532,538 ---- debug(9, 5, "ftpConnInProgress: FD %d\n", fd); ! if (comm_connect(fd, localhost, CACHE_FTP_PORT) != COMM_OK) switch (errno) { case EINPROGRESS: case EALREADY: *************** *** 596,602 **** (void *) data); /* Now connect ... */ ! if ((status = comm_connect(data->ftp_fd, "localhost", CACHE_FTP_PORT))) { if (status != EINPROGRESS) { squid_error_entry(entry, ERR_CONNECT_FAIL, xstrerror()); comm_close(data->ftp_fd); --- 595,601 ---- (void *) data); /* Now connect ... */ ! if ((status = comm_connect(data->ftp_fd, localhost, CACHE_FTP_PORT))) { if (status != EINPROGRESS) { squid_error_entry(entry, ERR_CONNECT_FAIL, xstrerror()); comm_close(data->ftp_fd); *************** *** 653,658 **** --- 652,660 ---- return 0; } /* child */ + /* give up all extra priviligies */ + no_suid(); + /* set up stdin,stdout */ dup2(p[0], 0); dup2(fileno(debug_log), 2); close(p[0]); diff -cr squid-1.0.beta2/src/ftpget.c squid-1.0.beta3/src/ftpget.c *** squid-1.0.beta2/src/ftpget.c Sun Apr 21 18:48:34 1996 --- squid-1.0.beta3/src/ftpget.c Mon Apr 22 21:16:39 1996 *************** *** 1,4 **** ! /* $Id: ftpget.c,v 1.23.2.4 1996/04/22 01:48:34 wessels Exp $ */ /* * NOTES --- 1,4 ---- ! /* $Id: ftpget.c,v 1.23.2.5 1996/04/23 04:16:39 wessels Exp $ */ /* * NOTES *************** *** 218,223 **** --- 218,225 ---- char *o_iconsuffix = ""; /* URL suffix for icons */ int o_list_width = 32; /* size of filenames in directory list */ int o_list_wrap = 0; /* wrap long directory names ? */ + int o_conn_min = 0x4000; /* min. port number to use */ + int o_conn_max = 0x3fff + 0x4000; /* max. port number to use */ #define SMALLBUFSIZ 1024 #define MIDBUFSIZ 2048 *************** *** 1166,1174 **** } while (1) { #if defined(HAVE_LRAND48) ! port = (lrand48() & 0x3FFF) | 0x4000; #else ! port = (rand() & 0x3FFF) | 0x4000; #endif S.sin_port = htons(port); if (bind(sock, (struct sockaddr *) &S, sizeof(S)) >= 0) --- 1168,1176 ---- } while (1) { #if defined(HAVE_LRAND48) ! port = (lrand48() % (o_conn_max - o_conn_min)) + o_conn_min; #else ! port = (rand() % (o_conn_max - o_conn_min)) + o_conn_min; #endif S.sin_port = htons(port); if (bind(sock, (struct sockaddr *) &S, sizeof(S)) >= 0) *************** *** 2128,2133 **** --- 2130,2136 ---- fprintf(stderr, "\t-R DON'T get README file\n"); fprintf(stderr, "\t-w chars Filename width in directory listing\n"); fprintf(stderr, "\t-W Wrap long filenames\n"); + fprintf(stderr, "\t-C min:max Min and max port numbers to used for data\n"); fprintf(stderr, "\t-Ddbg Debug options\n"); fprintf(stderr, "\t-P port FTP Port number\n"); fprintf(stderr, "\t-v Version\n"); *************** *** 2270,2275 **** --- 2273,2289 ---- o_rest_ret = j; if (k) o_rest_del = k; + continue; + } else if (!strcmp(*argv, "-C")) { + if (--argc < 1) + usage(); + argv++; + j = k = 0; + sscanf(*argv, "%d:%d", &j, &k); + if (j) + o_conn_min = j; + if (k) + o_conn_max = k; continue; } else if (!strcmp(*argv, "-R")) { o_readme = 0; diff -cr squid-1.0.beta2/src/gopher.c squid-1.0.beta3/src/gopher.c *** squid-1.0.beta2/src/gopher.c Wed Apr 17 11:06:25 1996 --- squid-1.0.beta3/src/gopher.c Tue Apr 23 22:52:50 1996 *************** *** 1,4 **** ! /* $Id: gopher.c,v 1.28 1996/04/17 18:06:25 wessels Exp $ */ /* * DEBUG: Section 10 gopher: GOPHER --- 1,4 ---- ! /* $Id: gopher.c,v 1.28.2.1 1996/04/24 05:52:50 wessels Exp $ */ /* * DEBUG: Section 10 gopher: GOPHER *************** *** 840,846 **** 30, gopherSendComplete, (void *) data); ! if (!BIT_TEST(data->entry->flag, ENTRY_PRIVATE)) storeSetPublicKey(data->entry); /* Make it public */ } --- 840,846 ---- 30, gopherSendComplete, (void *) data); ! if (BIT_TEST(data->entry->flag, CACHABLE)) storeSetPublicKey(data->entry); /* Make it public */ } diff -cr squid-1.0.beta2/src/http.c squid-1.0.beta3/src/http.c *** squid-1.0.beta2/src/http.c Fri Apr 19 14:39:10 1996 --- squid-1.0.beta3/src/http.c Tue Apr 23 22:52:50 1996 *************** *** 1,4 **** ! /* $Id: http.c,v 1.56.2.1 1996/04/19 21:39:10 wessels Exp $ */ /* * DEBUG: Section 11 http: HTTP --- 1,4 ---- ! /* $Id: http.c,v 1.56.2.2 1996/04/24 05:52:50 wessels Exp $ */ /* * DEBUG: Section 11 http: HTTP *************** *** 200,214 **** case 410: /* Gone */ /* These can be cached for a long time, make the key public */ entry->expires = squid_curtime + ttlSet(entry); ! if (!BIT_TEST(entry->flag, ENTRY_PRIVATE)) storeSetPublicKey(entry); break; ! case 304: /* Not Modified -- just in case */ case 401: /* Unauthorized */ case 407: /* Proxy Authentication Required */ /* These should never be cached at all */ ! if (BIT_TEST(entry->flag, ENTRY_PRIVATE)) ! storeSetPrivateKey(entry); storeExpireNow(entry); BIT_RESET(entry->flag, CACHABLE); storeReleaseRequest(entry); --- 200,213 ---- case 410: /* Gone */ /* These can be cached for a long time, make the key public */ entry->expires = squid_curtime + ttlSet(entry); ! if (BIT_TEST(entry->flag, CACHABLE)) storeSetPublicKey(entry); break; ! case 304: /* Not Modified */ case 401: /* Unauthorized */ case 407: /* Proxy Authentication Required */ /* These should never be cached at all */ ! storeSetPrivateKey(entry); storeExpireNow(entry); BIT_RESET(entry->flag, CACHABLE); storeReleaseRequest(entry); *************** *** 216,222 **** default: /* These can be negative cached, make key public */ entry->expires = squid_curtime + getNegativeTTL(); ! if (!BIT_TEST(entry->flag, ENTRY_PRIVATE)) storeSetPublicKey(entry); break; } --- 215,221 ---- default: /* These can be negative cached, make key public */ entry->expires = squid_curtime + getNegativeTTL(); ! if (BIT_TEST(entry->flag, CACHABLE)) storeSetPublicKey(entry); break; } diff -cr squid-1.0.beta2/src/icp.c squid-1.0.beta3/src/icp.c *** squid-1.0.beta2/src/icp.c Sat Apr 20 13:11:10 1996 --- squid-1.0.beta3/src/icp.c Wed Apr 24 07:46:27 1996 *************** *** 1,6 **** ! /* $Id: icp.c,v 1.61.2.5 1996/04/20 20:11:10 wessels Exp $ */ /* * DEBUG: Section 12 icp: --- 1,6 ---- ! /* $Id: icp.c,v 1.61.2.11 1996/04/24 14:46:27 wessels Exp $ */ /* * DEBUG: Section 12 icp: *************** *** 81,87 **** /* Local functions */ static void icpHandleStore _PARAMS((int, StoreEntry *, icpStateData *)); static void icpHandleStoreComplete _PARAMS((int, char *, int, int, icpStateData *)); ! static int icpProcessMISS _PARAMS((int, icpStateData *, char *key)); static void CheckQuickAbort _PARAMS((icpStateData *)); static void icpRead _PARAMS((int, int, char *, int, int, int, complete_handler, void *)); --- 81,87 ---- /* Local functions */ static void icpHandleStore _PARAMS((int, StoreEntry *, icpStateData *)); static void icpHandleStoreComplete _PARAMS((int, char *, int, int, icpStateData *)); ! static int icpProcessMISS _PARAMS((int, icpStateData *)); static void CheckQuickAbort _PARAMS((icpStateData *)); static void icpRead _PARAMS((int, int, char *, int, int, int, complete_handler, void *)); *************** *** 134,161 **** return 0; /* XXX gack, all comm handlers return ints */ } ! int icpCachable(icpState) icpStateData *icpState; { char *request_hdr = icpState->request_hdr; - char *request = icpState->url; - request_t *req = icpState->request; - int method = req->method; char *t = NULL; ! ! if (mime_get_header(request_hdr, "If-Modified-Since")) { BIT_SET(icpState->flags, REQ_IMS); - return 0; - } if ((t = mime_get_header(request_hdr, "Pragma"))) { ! BIT_SET(icpState->flags, REQ_NOCACHE); ! if (strcasecmp(t, "no-cache")) ! return 0; } ! if (mime_get_header(request_hdr, "Authorization")) { BIT_SET(icpState->flags, REQ_AUTH); return 0; - } if (req->protocol == PROTO_HTTP) return httpCachable(request, method); if (req->protocol == PROTO_FTP) --- 134,162 ---- return 0; /* XXX gack, all comm handlers return ints */ } ! static void icpParseRequestHeaders(icpState) icpStateData *icpState; { char *request_hdr = icpState->request_hdr; char *t = NULL; ! if (mime_get_header(request_hdr, "If-Modified-Since")) BIT_SET(icpState->flags, REQ_IMS); if ((t = mime_get_header(request_hdr, "Pragma"))) { ! if (!strcasecmp(t, "no-cache")) ! BIT_SET(icpState->flags, REQ_NOCACHE); } ! if (mime_get_header(request_hdr, "Authorization")) BIT_SET(icpState->flags, REQ_AUTH); + } + + int icpCachable(icpState) + icpStateData *icpState; + { + char *request = icpState->url; + request_t *req = icpState->request; + int method = req->method; + if (BIT_TEST(icpState->flags, REQ_AUTH)) return 0; if (req->protocol == PROTO_HTTP) return httpCachable(request, method); if (req->protocol == PROTO_FTP) *************** *** 171,176 **** --- 172,203 ---- return 1; } + /* Return true if we can query our neighbors for this object */ + int icpHierarchical(icpState) + icpStateData *icpState; + { + char *request = icpState->url; + request_t *req = icpState->request; + int method = req->method; + if (BIT_TEST(icpState->flags, REQ_IMS)) + return 0; + if (BIT_TEST(icpState->flags, REQ_AUTH)) + return 0; + if (req->protocol == PROTO_HTTP) + return httpCachable(request, method); + if (req->protocol == PROTO_FTP) + return ftpCachable(request); + if (req->protocol == PROTO_GOPHER) + return gopherCachable(request); + if (req->protocol == PROTO_WAIS) + return 0; + if (method == METHOD_CONNECT) + return 0; + if (req->protocol == PROTO_CACHEOBJ) + return 0; + return 1; + } + /* Read from FD. */ int icpHandleRead(fd, rwsm) int fd; *************** *** 599,625 **** RequestMethodStr[usm->method], url); /* XXX we should not even look here for CONNECT etc */ pubkey = storeGeneratePublicKey(usm->url, usm->method); if ((entry = storeGet(pubkey)) == NULL) { /* This object isn't in the cache. We do not hold a lock yet */ usm->log_type = LOG_TCP_MISS; CacheInfo->proto_miss(CacheInfo, CacheInfo->proto_id(url)); ! icpProcessMISS(fd, usm, pubkey); return; } /* The object is in the cache, but is it valid? */ ! if (!storeEntryValidToSend(entry)) usm->log_type = LOG_TCP_EXPIRED; ! else if (BIT_TEST(usm->flags, REQ_NOCACHE)) usm->log_type = LOG_TCP_USER_REFRESH; ! else if (BIT_TEST(usm->flags, REQ_IMS)) usm->log_type = LOG_TCP_IFMODSINCE; ! else if ((lock = storeLockObject(entry)) < 0) usm->log_type = LOG_TCP_SWAPIN_FAIL; ! else usm->log_type = LOG_TCP_HIT; debug(12, 4, "icp_hit_or_miss: %s for '%s'\n", log_tags[usm->log_type], --- 626,674 ---- RequestMethodStr[usm->method], url); + if (icpCachable(usm)) + BIT_SET(usm->flags, REQ_CACHABLE); + if (icpHierarchical(usm)) + BIT_SET(usm->flags, REQ_HIERARCHICAL); + + debug(12, 5, "icp_hit_or_miss: REQ_NOCACHE = %s\n", + BIT_TEST(usm->flags, REQ_NOCACHE) ? "SET" : "NOT SET"); + debug(12, 5, "icp_hit_or_miss: REQ_CACHABLE = %s\n", + BIT_TEST(usm->flags, REQ_CACHABLE) ? "SET" : "NOT SET"); + debug(12, 5, "icp_hit_or_miss: REQ_HIERARCHICAL = %s\n", + BIT_TEST(usm->flags, REQ_HIERARCHICAL) ? "SET" : "NOT SET"); + /* XXX we should not even look here for CONNECT etc */ + /* XXX hmm, should we check for IFMODSINCE and USER_REFRESH before + * TCP_MISS? It is possible to get IMS header for objects + * not in the cache */ + pubkey = storeGeneratePublicKey(usm->url, usm->method); if ((entry = storeGet(pubkey)) == NULL) { /* This object isn't in the cache. We do not hold a lock yet */ usm->log_type = LOG_TCP_MISS; CacheInfo->proto_miss(CacheInfo, CacheInfo->proto_id(url)); ! icpProcessMISS(fd, usm); return; } /* The object is in the cache, but is it valid? */ ! if (!storeEntryValidToSend(entry)) { ! storeRelease(entry); usm->log_type = LOG_TCP_EXPIRED; ! } else if (BIT_TEST(usm->flags, REQ_NOCACHE)) { ! storeRelease(entry); usm->log_type = LOG_TCP_USER_REFRESH; ! } else if (BIT_TEST(usm->flags, REQ_IMS)) { ! /* no storeRelease() here because this request will always ! * start private (IMS clears HIERARCHICAL) */ usm->log_type = LOG_TCP_IFMODSINCE; ! } else if ((lock = storeLockObject(entry)) < 0) { ! storeRelease(entry); usm->log_type = LOG_TCP_SWAPIN_FAIL; ! } else { usm->log_type = LOG_TCP_HIT; + } debug(12, 4, "icp_hit_or_miss: %s for '%s'\n", log_tags[usm->log_type], *************** *** 644,650 **** break; default: CacheInfo->proto_miss(CacheInfo, CacheInfo->proto_id(url)); ! icpProcessMISS(fd, usm, pubkey); break; } } --- 693,699 ---- break; default: CacheInfo->proto_miss(CacheInfo, CacheInfo->proto_id(url)); ! icpProcessMISS(fd, usm); break; } } *************** *** 654,663 **** * The calling client should NOT hold a lock on object at this * time, as we're about to release any TCP_MISS version of the object. */ ! static int icpProcessMISS(fd, usm, key) int fd; icpStateData *usm; - char *key; { char *url = usm->url; char *request_hdr = usm->request_hdr; --- 703,711 ---- * The calling client should NOT hold a lock on object at this * time, as we're about to release any TCP_MISS version of the object. */ ! static int icpProcessMISS(fd, usm) int fd; icpStateData *usm; { char *url = usm->url; char *request_hdr = usm->request_hdr; *************** *** 667,672 **** --- 715,721 ---- RequestMethodStr[usm->method], url); debug(12, 10, "icpProcessMISS: request_hdr:\n%s\n", request_hdr); + #ifdef OLD_CODE if ((entry = storeGet(key))) { debug(12, 4, "icpProcessMISS: key '%s' already exists, moving.\n", key); /* get rid of the old entry */ *************** *** 679,684 **** --- 728,734 ---- storeRelease(entry); } } + #endif entry = storeCreateEntry(url, request_hdr, usm->flags, *************** *** 925,931 **** IcpOpcodeStr[header.opcode], inet_ntoa(from.sin_addr), url); ! if (header.reqnum) key = storeGeneratePrivateKey(url, METHOD_GET, header.reqnum); else key = storeGeneratePublicKey(url, METHOD_GET); --- 975,981 ---- IcpOpcodeStr[header.opcode], inet_ntoa(from.sin_addr), url); ! if (neighbors_do_private_keys && header.reqnum) key = storeGeneratePrivateKey(url, METHOD_GET, header.reqnum); else key = storeGeneratePublicKey(url, METHOD_GET); *************** *** 1245,1253 **** astm->log_type = LOG_TCP_DENIED; } else { /* The request is good, let's go... */ - if (icpCachable(astm)) - BIT_SET(astm->flags, REQ_PUBLIC); urlCanonical(astm->request, astm->url); sprintf(client_msg, "%16.16s %-4.4s %-40.40s", fd_note(fd, 0), RequestMethodStr[astm->method], --- 1295,1302 ---- astm->log_type = LOG_TCP_DENIED; } else { /* The request is good, let's go... */ urlCanonical(astm->request, astm->url); + icpParseRequestHeaders(astm); sprintf(client_msg, "%16.16s %-4.4s %-40.40s", fd_note(fd, 0), RequestMethodStr[astm->method], *************** *** 1421,1427 **** { if (!getQuickAbort()) return; ! if (BIT_TEST(astm->flags, REQ_PUBLIC)) return; if (astm->entry->lock_count != 1) return; --- 1470,1476 ---- { if (!getQuickAbort()) return; ! if (astm->entry == NULL) return; if (astm->entry->lock_count != 1) return; diff -cr squid-1.0.beta2/src/icp.h squid-1.0.beta3/src/icp.h *** squid-1.0.beta2/src/icp.h Fri Apr 19 14:38:11 1996 --- squid-1.0.beta3/src/icp.h Tue Apr 23 22:52:51 1996 *************** *** 1,4 **** ! /* $Id: icp.h,v 1.13.2.1 1996/04/19 21:38:11 wessels Exp $ */ #ifndef ICP_H #define ICP_H --- 1,4 ---- ! /* $Id: icp.h,v 1.13.2.2 1996/04/24 05:52:51 wessels Exp $ */ #ifndef ICP_H #define ICP_H *************** *** 40,47 **** #define REQ_NOCACHE 0x02 #define REQ_IMS 0x04 #define REQ_AUTH 0x08 ! #define REQ_PUBLIC 0x10 #define REQ_ACCEL 0x20 typedef struct wwd { struct sockaddr_in address; --- 40,48 ---- #define REQ_NOCACHE 0x02 #define REQ_IMS 0x04 #define REQ_AUTH 0x08 ! #define REQ_CACHABLE 0x10 #define REQ_ACCEL 0x20 + #define REQ_HIERARCHICAL 0x40 typedef struct wwd { struct sockaddr_in address; diff -cr squid-1.0.beta2/src/ipcache.c squid-1.0.beta3/src/ipcache.c *** squid-1.0.beta2/src/ipcache.c Wed Apr 17 16:48:23 1996 --- squid-1.0.beta3/src/ipcache.c Tue Apr 23 12:54:38 1996 *************** *** 1,4 **** ! /* $Id: ipcache.c,v 1.26 1996/04/17 23:48:23 wessels Exp $ */ /* * DEBUG: Section 14 ipcache: IP Cache --- 1,4 ---- ! /* $Id: ipcache.c,v 1.26.2.1 1996/04/23 19:54:38 wessels Exp $ */ /* * DEBUG: Section 14 ipcache: IP Cache *************** *** 159,164 **** --- 159,168 ---- } /* child */ + /* give up extra priviliges */ + no_suid(); + + /* setup filedescriptors */ dup2(cfd, 3); for (fd = getMaxFD(); fd > 3; fd--) { (void) close(fd); diff -cr squid-1.0.beta2/src/main.c squid-1.0.beta3/src/main.c *** squid-1.0.beta2/src/main.c Sat Apr 20 12:42:20 1996 --- squid-1.0.beta3/src/main.c Wed Apr 24 08:05:07 1996 *************** *** 1,4 **** ! /* $Id: main.c,v 1.44.4.2 1996/04/20 19:42:20 wessels Exp $ */ /* DEBUG: Section 1 main: startup and main loop */ --- 1,4 ---- ! /* $Id: main.c,v 1.44.4.6 1996/04/24 15:05:07 wessels Exp $ */ /* DEBUG: Section 1 main: startup and main loop */ *************** *** 107,112 **** --- 107,116 ---- void serverConnectionsOpen() { + /* Get our real priviliges */ + get_suid(); + + /* Open server ports */ theAsciiConnection = comm_open(COMM_NONBLOCKING, getAsciiPortNum(), 0, *************** *** 140,145 **** --- 144,151 ---- theUdpConnection); } } + /* And restore our priviliges to normal */ + check_suid(); } void serverConnectionsClose() *************** *** 212,217 **** --- 218,224 ---- if (first_time) { disk_init(); /* disk_init must go before ipcache_init() */ + writePidFile(); /* write PID file before setuid() */ } ipcache_init(); neighbors_init(); *************** *** 221,227 **** malloc_debug(0, malloc_debug_level); #endif ! /* do suid checking here */ check_suid(); if (first_time) { --- 228,234 ---- malloc_debug(0, malloc_debug_level); #endif ! /* do suid checking */ check_suid(); if (first_time) { *************** *** 231,237 **** stat_init(&CacheInfo, getAccessLogFile()); storeInit(); stmemInit(); - writePidFile(); if (getEffectiveUser()) { /* we were probably started as root, so cd to a swap --- 238,243 ---- *************** *** 330,336 **** break; case COMM_ERROR: errcount++; ! debug(1, 0, "Select loop Error. Retry. %d\n", errcount); if (errcount == 10) fatal_dump("Select Loop failed!"); break; --- 336,342 ---- break; case COMM_ERROR: errcount++; ! debug(1, 0, "Select loop Error. Retry %d\n", errcount); if (errcount == 10) fatal_dump("Select Loop failed!"); break; diff -cr squid-1.0.beta2/src/neighbors.c squid-1.0.beta3/src/neighbors.c *** squid-1.0.beta2/src/neighbors.c Tue Apr 16 11:29:40 1996 --- squid-1.0.beta3/src/neighbors.c Tue Apr 23 12:49:31 1996 *************** *** 1,4 **** ! /* $Id: neighbors.c,v 1.22 1996/04/16 18:29:40 wessels Exp $ */ /* TODO: * - change 'neighbor' to 'sibling' --- 1,4 ---- ! /* $Id: neighbors.c,v 1.22.2.1 1996/04/23 19:49:31 wessels Exp $ */ /* TODO: * - change 'neighbor' to 'sibling' *************** *** 233,254 **** static void neighborsOpenLog(fname) char *fname; { ! int log_fd; ! /* Close and reopen the log. It may have been renamed "manually" * before HUP'ing us. */ if (cache_hierarchy_log) { file_close(fileno(cache_hierarchy_log)); fclose(cache_hierarchy_log); } ! log_fd = file_open(fname, NULL, O_WRONLY | O_CREAT | O_APPEND); ! if (log_fd < 0) { ! debug(15, 0, "rotate_logs: %s: %s\n", fname, xstrerror()); ! debug(15, 1, "Hierachical logging is disabled.\n"); ! } else if ((cache_hierarchy_log = fdopen(log_fd, "a")) == NULL) { ! debug(15, 0, "rotate_logs: %s: %s\n", fname, xstrerror()); ! debug(15, 1, "Hierachical logging is disabled.\n"); } } void neighbors_open(fd) --- 233,257 ---- static void neighborsOpenLog(fname) char *fname; { ! int log_fd = -1; /* Close and reopen the log. It may have been renamed "manually" * before HUP'ing us. */ if (cache_hierarchy_log) { file_close(fileno(cache_hierarchy_log)); fclose(cache_hierarchy_log); + cache_hierarchy_log = NULL; } ! if (strcmp(fname, "none") != 0) { ! log_fd = file_open(fname, NULL, O_WRONLY | O_CREAT | O_APPEND); ! if (log_fd < 0) { ! debug(15, 0, "neighborsOpenLog: %s: %s\n", fname, xstrerror()); ! } else if ((cache_hierarchy_log = fdopen(log_fd, "a")) == NULL) { ! file_close(log_fd); ! debug(15, 0, "neighborsOpenLog: %s: %s\n", fname, xstrerror()); ! } } + if (log_fd < 0 || cache_hierarchy_log == NULL) + debug(15, 1, "Hierachical logging is disabled.\n"); } void neighbors_open(fd) diff -cr squid-1.0.beta2/src/proto.c squid-1.0.beta3/src/proto.c *** squid-1.0.beta2/src/proto.c Sat Apr 20 13:11:11 1996 --- squid-1.0.beta3/src/proto.c Tue Apr 23 22:52:52 1996 *************** *** 1,4 **** ! /* $Id: proto.c,v 1.27.2.2 1996/04/20 20:11:11 wessels Exp $ */ /* * DEBUG: Section 17 proto: --- 1,4 ---- ! /* $Id: proto.c,v 1.27.2.3 1996/04/24 05:52:52 wessels Exp $ */ /* * DEBUG: Section 17 proto: *************** *** 48,53 **** --- 48,54 ---- extern single_parent_bypass; extern char *dns_error_message; + #ifdef NOTUSED_CODE /* return 1 for cachable url * return 0 for uncachable url */ int proto_cachable(url, method) *************** *** 71,76 **** --- 72,78 ---- return 0; return 1; } + #endif /* called when DNS lookup is done by ipcache. */ int protoDispatchDNSHandle(unused1, unused2, data) *************** *** 133,140 **** safe_free(protoData); return 0; } ! if (!protoData->cachable && (e = getFirstParent(req->host))) { ! /* for uncachable objects we should not ping the hierarchy (because * icpHandleUdp() won't properly deal with the ICP replies). */ getFromCache(protoData->fd, entry, e, req); safe_free(protoData); --- 135,142 ---- safe_free(protoData); return 0; } ! if (!protoData->query_neighbors && (e = getFirstParent(req->host))) { ! /* for private objects we should not ping the hierarchy (because * icpHandleUdp() won't properly deal with the ICP replies). */ getFromCache(protoData->fd, entry, e, req); safe_free(protoData); *************** *** 207,213 **** data->request = entry->mem_obj->request = request; data->inside_firewall = matchInsideFirewall(request->host); ! data->cachable = proto_cachable(url, request->method); data->single_parent = getSingleParent(request->host, &n); data->n_edges = n; --- 209,215 ---- data->request = entry->mem_obj->request = request; data->inside_firewall = matchInsideFirewall(request->host); ! data->query_neighbors = BIT_TEST(entry->flag, HIERARCHICAL); data->single_parent = getSingleParent(request->host, &n); data->n_edges = n; *************** *** 214,220 **** debug(17, 2, "protoDispatch: inside_firewall = %d (%s)\n", data->inside_firewall, firewall_desc_str[data->inside_firewall]); ! debug(17, 2, "protoDispatch: cachable = %d\n", data->cachable); debug(17, 2, "protoDispatch: n_edges = %d\n", data->n_edges); debug(17, 2, "protoDispatch: single_parent = %s\n", data->single_parent ? data->single_parent->host : "N/A"); --- 216,222 ---- debug(17, 2, "protoDispatch: inside_firewall = %d (%s)\n", data->inside_firewall, firewall_desc_str[data->inside_firewall]); ! debug(17, 2, "protoDispatch: query_neighbors = %d\n", data->query_neighbors); debug(17, 2, "protoDispatch: n_edges = %d\n", data->n_edges); debug(17, 2, "protoDispatch: single_parent = %s\n", data->single_parent ? data->single_parent->host : "N/A"); *************** *** 226,232 **** data->source_ping = 0; data->direct_fetch = DIRECT_NO; protoDispatchDNSHandle(fd, (struct hostent *) NULL, data); ! } else if (matchLocalDomain(request->host) || !data->cachable) { /* will fetch from source */ data->direct_fetch = DIRECT_YES; ipcache_nbgethostbyname(request->host, --- 228,234 ---- data->source_ping = 0; data->direct_fetch = DIRECT_NO; protoDispatchDNSHandle(fd, (struct hostent *) NULL, data); ! } else if (matchLocalDomain(request->host) || !data->query_neighbors) { /* will fetch from source */ data->direct_fetch = DIRECT_YES; ipcache_nbgethostbyname(request->host, diff -cr squid-1.0.beta2/src/proto.h squid-1.0.beta3/src/proto.h *** squid-1.0.beta2/src/proto.h Tue Apr 16 11:29:20 1996 --- squid-1.0.beta3/src/proto.h Tue Apr 23 22:52:52 1996 *************** *** 1,4 **** ! /* $Id: proto.h,v 1.7 1996/04/16 18:29:20 wessels Exp $ */ #ifndef PROTO_H #define PROTO_H --- 1,4 ---- ! /* $Id: proto.h,v 1.7.2.1 1996/04/24 05:52:52 wessels Exp $ */ #ifndef PROTO_H #define PROTO_H *************** *** 163,169 **** int inside_firewall; int direct_fetch; int source_ping; ! int cachable; int n_edges; struct _edge *single_parent; } protodispatch_data; --- 163,169 ---- int inside_firewall; int direct_fetch; int source_ping; ! int query_neighbors; int n_edges; struct _edge *single_parent; } protodispatch_data; diff -cr squid-1.0.beta2/src/squid.conf.in squid-1.0.beta3/src/squid.conf.in *** squid-1.0.beta2/src/squid.conf.in Fri Apr 19 09:36:50 1996 --- squid-1.0.beta3/src/squid.conf.in Tue Apr 23 11:19:35 1996 *************** *** 1,6 **** # @configure_input@ # ! # $Id: squid.conf.in,v 1.18.4.1 1996/04/19 16:36:50 wessels Exp $ # # TAG: ascii_port --- 1,6 ---- # @configure_input@ # ! # $Id: squid.conf.in,v 1.18.4.2 1996/04/23 18:19:35 wessels Exp $ # # TAG: ascii_port *************** *** 364,373 **** # TAG: wais_relay # Relay WAIS request to host (1st arg) at port (2 arg). # Third argument is max object size. - # - # wais_relay is not supported by default. To use this feature - # add -DUSE_WAIS_RELAY to the DEFINES in src/server/Makefile - # #wais_relay localhost 8000 4 # TAG: request_size --- 364,369 ---- diff -cr squid-1.0.beta2/src/stat.c squid-1.0.beta3/src/stat.c *** squid-1.0.beta2/src/stat.c Sat Apr 20 13:24:42 1996 --- squid-1.0.beta3/src/stat.c Tue Apr 23 22:52:53 1996 *************** *** 1,4 **** ! /* $Id: stat.c,v 1.28.4.7 1996/04/20 20:24:42 wessels Exp $ */ /* * DEBUG: Section 18 stat --- 1,4 ---- ! /* $Id: stat.c,v 1.28.4.9 1996/04/24 05:52:53 wessels Exp $ */ /* * DEBUG: Section 18 stat *************** *** 168,174 **** obj_size = entry->mem_obj->e_current_len; tempbuf[0] = '\0'; sprintf(tempbuf, "{ %s %d %s %s %s %s %d %d %s %s }\n", ! entry->url, obj_size, elapsed_time(entry, (int) entry->timestamp, space), flags_describe(entry), --- 168,174 ---- obj_size = entry->mem_obj->e_current_len; tempbuf[0] = '\0'; sprintf(tempbuf, "{ %s %d %s %s %s %s %d %d %s %s }\n", ! entry->key, obj_size, elapsed_time(entry, (int) entry->timestamp, space), flags_describe(entry), *************** *** 997,1003 **** obj->proto_miss = proto_miss; obj->NotImplement = dummyhandler; ! for (i = 0; i < PROTO_MAX; i++) { switch (i) { case PROTO_HTTP: strcpy(obj->proto_stat_data[i].protoname, "HTTP"); --- 997,1003 ---- obj->proto_miss = proto_miss; obj->NotImplement = dummyhandler; ! for (i = 0; i <= PROTO_MAX; i++) { switch (i) { case PROTO_HTTP: strcpy(obj->proto_stat_data[i].protoname, "HTTP"); diff -cr squid-1.0.beta2/src/store.c squid-1.0.beta3/src/store.c *** squid-1.0.beta2/src/store.c Sun Apr 21 18:48:36 1996 --- squid-1.0.beta3/src/store.c Tue Apr 23 22:52:54 1996 *************** *** 1,5 **** ! /* $Id: store.c,v 1.61.4.4 1996/04/22 01:48:36 wessels Exp $ */ /* * DEBUG: Section 20 store --- 1,5 ---- ! /* $Id: store.c,v 1.61.4.7 1996/04/24 05:52:54 wessels Exp $ */ /* * DEBUG: Section 20 store *************** *** 616,631 **** m->mime_hdr = xstrdup(req_hdr); if (BIT_TEST(flags, REQ_NOCACHE)) BIT_SET(e->flag, REFRESH_REQUEST); ! if (BIT_TEST(flags, REQ_PUBLIC)) { BIT_SET(e->flag, CACHABLE); BIT_RESET(e->flag, RELEASE_REQUEST); - BIT_RESET(e->flag, ENTRY_PRIVATE); } else { BIT_RESET(e->flag, CACHABLE); storeReleaseRequest(e); - BIT_SET(e->flag, ENTRY_PRIVATE); } ! if (neighbors_do_private_keys || !BIT_TEST(flags, REQ_PUBLIC)) storeSetPrivateKey(e); else storeSetPublicKey(e); --- 616,633 ---- m->mime_hdr = xstrdup(req_hdr); if (BIT_TEST(flags, REQ_NOCACHE)) BIT_SET(e->flag, REFRESH_REQUEST); ! if (BIT_TEST(flags, REQ_CACHABLE)) { BIT_SET(e->flag, CACHABLE); BIT_RESET(e->flag, RELEASE_REQUEST); } else { BIT_RESET(e->flag, CACHABLE); storeReleaseRequest(e); } ! if (BIT_TEST(flags, REQ_HIERARCHICAL)) ! BIT_SET(e->flag, HIERARCHICAL); ! else ! BIT_RESET(e->flag, HIERARCHICAL); ! if (neighbors_do_private_keys || !BIT_TEST(flags, REQ_HIERARCHICAL)) storeSetPrivateKey(e); else storeSetPublicKey(e); *************** *** 679,685 **** e = new_StoreEntry(WITHOUT_MEMOBJ); e->url = xstrdup(url); - BIT_RESET(e->flag, ENTRY_PRIVATE); e->method = METHOD_GET; storeSetPublicKey(e); BIT_SET(e->flag, CACHABLE); --- 681,686 ---- *************** *** 1483,1491 **** StoreEntry *e; { ! if (BIT_TEST(e->flag, ENTRY_PRIVATE)) { ! debug(20, 2, "storeCheckSwapable: NO: private entry\n"); ! } else if (e->expires <= squid_curtime) { debug(20, 2, "storeCheckSwapable: NO: already expired\n"); } else if (e->method != METHOD_GET) { debug(20, 2, "storeCheckSwapable: NO: non-GET method\n"); --- 1484,1490 ---- StoreEntry *e; { ! if (e->expires <= squid_curtime) { debug(20, 2, "storeCheckSwapable: NO: already expired\n"); } else if (e->method != METHOD_GET) { debug(20, 2, "storeCheckSwapable: NO: non-GET method\n"); *************** *** 2439,2446 **** { int dir_created; wordlist *w = NULL; ! storelog_fd = file_open(getStoreLogFile(), NULL, O_WRONLY | O_APPEND | O_CREAT); for (w = getCacheDirs(); w; w = w->next) storeAddSwapDisk(w->key); --- 2438,2451 ---- { int dir_created; wordlist *w = NULL; + char *fname = NULL; ! if (strcmp((fname = getStoreLogFile()), "none") == 0) ! storelog_fd = -1; ! else ! storelog_fd = file_open(fname, NULL, O_WRONLY | O_APPEND | O_CREAT); ! if (storelog_fd < 0) ! debug(20, 1, "Store logging disabled\n"); for (w = getCacheDirs(); w; w = w->next) storeAddSwapDisk(w->key); *************** *** 2695,2703 **** --- 2700,2715 ---- static char from[MAXPATHLEN]; static char to[MAXPATHLEN]; + if (storelog_fd > -1) { + file_close(storelog_fd); + storelog_fd = -1; + } if ((fname = getStoreLogFile()) == NULL) return; + if (strcmp(fname, "none") == 0) + return; + debug(20, 1, "storeRotateLog: Rotating.\n"); /* Rotate numbers 0 through N up one */ *************** *** 2712,2718 **** sprintf(to, "%s.%d", fname, 0); rename(fname, to); } ! if (storelog_fd > -1) ! file_close(storelog_fd); ! storelog_fd = file_open(getStoreLogFile(), NULL, O_WRONLY | O_APPEND | O_CREAT); } --- 2724,2732 ---- sprintf(to, "%s.%d", fname, 0); rename(fname, to); } ! storelog_fd = file_open(fname, NULL, O_WRONLY | O_APPEND | O_CREAT); ! if (storelog_fd < 0) { ! debug(20, 0, "storeRotateLog: %s: %s\n", fname, xstrerror()); ! debug(20, 1, "Store logging disabled\n"); ! } } diff -cr squid-1.0.beta2/src/store.h squid-1.0.beta3/src/store.h *** squid-1.0.beta2/src/store.h Sat Apr 20 13:03:47 1996 --- squid-1.0.beta3/src/store.h Tue Apr 23 22:52:54 1996 *************** *** 1,5 **** ! /* $Id: store.h,v 1.26.2.1 1996/04/20 20:03:47 wessels Exp $ */ #ifndef _STORE_H_ #define _STORE_H_ --- 1,5 ---- ! /* $Id: store.h,v 1.26.2.2 1996/04/24 05:52:54 wessels Exp $ */ #ifndef _STORE_H_ #define _STORE_H_ *************** *** 17,23 **** * KEY_CHANGE If the key for this URL has been changed */ ! #define ENTRY_PRIVATE (1<<13) /* should this entry be private? */ #define KEY_PRIVATE (1<<12) /* is the key currently private? */ #define ENTRY_DISPATCHED (1<<11) #define ENTRY_HTML (1<<10) --- 17,23 ---- * KEY_CHANGE If the key for this URL has been changed */ ! #define HIERARCHICAL (1<<13) /* can we query neighbors? */ #define KEY_PRIVATE (1<<12) /* is the key currently private? */ #define ENTRY_DISPATCHED (1<<11) #define ENTRY_HTML (1<<10) diff -cr squid-1.0.beta2/src/tools.c squid-1.0.beta3/src/tools.c *** squid-1.0.beta2/src/tools.c Sat Apr 20 12:42:21 1996 --- squid-1.0.beta3/src/tools.c Tue Apr 23 16:22:57 1996 *************** *** 1,5 **** ! /* $Id: tools.c,v 1.40.2.4 1996/04/20 19:42:21 wessels Exp $ */ /* * DEBUG: Section 21 tools --- 1,5 ---- ! /* $Id: tools.c,v 1.40.2.8 1996/04/23 23:22:57 wessels Exp $ */ /* * DEBUG: Section 21 tools *************** *** 154,161 **** void normal_shutdown() { debug(21, 1, "Shutting down...\n"); ! if (getPidFilename()) safeunlink(getPidFilename(), 0); storeWriteCleanLog(); PrintRusage(NULL, debug_log); debug(21, 0, "Squid Cache (Version %s): Exiting normally.\n", --- 154,164 ---- void normal_shutdown() { debug(21, 1, "Shutting down...\n"); ! if (getPidFilename()) { ! get_suid(); safeunlink(getPidFilename(), 0); + check_suid(); + } storeWriteCleanLog(); PrintRusage(NULL, debug_log); debug(21, 0, "Squid Cache (Version %s): Exiting normally.\n", *************** *** 251,259 **** static int i = -1; if (i == -1) { ! #if defined(HAVE_SYSCONF) && defined(_SC_OPEN_MAX) i = sysconf(_SC_OPEN_MAX); /* prefered method */ ! #elif defined(HAVE_GETDTABLESIZE) i = getdtablesize(); /* the BSD way */ #elif defined(OPEN_MAX) i = OPEN_MAX; --- 254,262 ---- static int i = -1; if (i == -1) { ! #if HAVE_SYSCONF && defined(_SC_OPEN_MAX) i = sysconf(_SC_OPEN_MAX); /* prefered method */ ! #elif HAVE_GETDTABLESIZE i = getdtablesize(); /* the BSD way */ #elif defined(OPEN_MAX) i = OPEN_MAX; *************** *** 346,354 **** --- 349,385 ---- } else { setgid(pwd->pw_gid); } + #if HAVE_SETRESUID + setresuid(pwd->pw_uid, pwd->pw_uid, 0); + #elif HAVE_SETEUID + seteuid(pwd->pw_uid); + #else setuid(pwd->pw_uid); + #endif } + void get_suid() + { + #if HAVE_SETRESUID + setresuid(-1, 0, -1); + #else + setuid(0); + #endif + } + + void no_suid() + { + uid_t uid; + check_suid(); + uid = geteuid(); + #if HAVE_SETRESUID + setresuid(uid, uid, uid); + #else + setuid(0); + setuid(uid); + #endif + } + void writePidFile() { FILE *pid_fp = NULL; *************** *** 368,374 **** void setMaxFD() { ! #if defined(HAVE_SETRLIMIT) /* try to use as many file descriptors as possible */ /* System V uses RLIMIT_NOFILE and BSD uses RLIMIT_OFILE */ struct rlimit rl; --- 399,405 ---- void setMaxFD() { ! #if HAVE_SETRLIMIT /* try to use as many file descriptors as possible */ /* System V uses RLIMIT_NOFILE and BSD uses RLIMIT_OFILE */ struct rlimit rl; diff -cr squid-1.0.beta2/src/tools.h squid-1.0.beta3/src/tools.h *** squid-1.0.beta2/src/tools.h Mon Apr 15 22:05:33 1996 --- squid-1.0.beta3/src/tools.h Tue Apr 23 12:54:39 1996 *************** *** 1,5 **** ! /* $Id: tools.h,v 1.12 1996/04/16 05:05:33 wessels Exp $ */ extern char *getMyHostname _PARAMS((void)); extern int getMaxFD _PARAMS((void)); --- 1,5 ---- ! /* $Id: tools.h,v 1.12.2.1 1996/04/23 19:54:39 wessels Exp $ */ extern char *getMyHostname _PARAMS((void)); extern int getMaxFD _PARAMS((void)); *************** *** 11,16 **** --- 11,18 ---- extern void shut_down _PARAMS((int sig)); extern void sig_child _PARAMS((int sig)); extern void check_suid _PARAMS((void)); + extern void get_suid _PARAMS((void)); + extern void no_suid _PARAMS((void)); extern int daemonize _PARAMS((void)); extern void writePidFile _PARAMS((void)); extern void setMaxFD _PARAMS((void)); diff -cr squid-1.0.beta2/src/url.c squid-1.0.beta3/src/url.c *** squid-1.0.beta2/src/url.c Sat Apr 20 12:42:52 1996 --- squid-1.0.beta3/src/url.c Wed Apr 24 08:16:55 1996 *************** *** 1,4 **** ! /* $Id: url.c,v 1.19.2.3 1996/04/20 19:42:52 wessels Exp $ */ /* * DEBUG: Section 23 url --- 1,4 ---- ! /* $Id: url.c,v 1.19.2.4 1996/04/24 15:16:55 wessels Exp $ */ /* * DEBUG: Section 23 url *************** *** 180,186 **** return NULL; protocol = urlParseProtocol(proto); port = urlDefaultPort(protocol); ! if ((t = strchr(host, ':')) && *(t + 1) != '\0') { *t = '\0'; port = atoi(t + 1); } --- 180,186 ---- return NULL; protocol = urlParseProtocol(proto); port = urlDefaultPort(protocol); ! if ((t = strrchr(host, ':')) && *(t + 1) != '\0') { *t = '\0'; port = atoi(t + 1); } diff -cr squid-1.0.beta2/src/wais.c squid-1.0.beta3/src/wais.c *** squid-1.0.beta2/src/wais.c Fri Apr 19 09:37:19 1996 --- squid-1.0.beta3/src/wais.c Tue Apr 23 22:52:55 1996 *************** *** 1,4 **** ! /* $Id: wais.c,v 1.28.4.1 1996/04/19 16:37:19 wessels Exp $ */ /* * DEBUG: Section 24 wais --- 1,4 ---- ! /* $Id: wais.c,v 1.28.4.2 1996/04/24 05:52:55 wessels Exp $ */ /* * DEBUG: Section 24 wais *************** *** 219,225 **** 30, waisSendComplete, (void *) data); ! if (!BIT_TEST(data->entry->flag, ENTRY_PRIVATE)) storeSetPublicKey(data->entry); /* Make it public */ } --- 219,225 ---- 30, waisSendComplete, (void *) data); ! if (BIT_TEST(data->entry->flag, CACHABLE)) storeSetPublicKey(data->entry); /* Make it public */ }