./www/squid3, Post-Harvest_cached WWW proxy cache and accelerator

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 3.5.24nb1, Package name: squid-3.5.24nb1, Maintainer: pkgsrc-users

Squid is a fully-featured HTTP/1.0 proxy with partial HTTP/1.1 support
The 3.1 series brings many new features and upgrades to the basic
networking protocols. A short list of the major new features is:

* Connection Pinning (for NTLM Auth Passthrough)
* Native IPv6
* Quality of Service (QoS) Flow support
* Native Memory Cache
* SSL Bump (for HTTPS Filtering and Adaptation)
* TProxy v4.1+ support
* eCAP Adaptation Module support
* Error Page Localization
* Follow X-Forwarded-For support
* X-Forwarded-For options extended (truncate, delete, transparent)
* Peer-Name ACL
* Reply headers to external ACL.
* ICAP and eCAP Logging
* ICAP Service Sets and Chains
* ICY (SHOUTcast) streaming protocol support
* HTTP/1.1 support on connections to web servers and peers.
(with plans to make this full support within the 3.1 series)


Required to run:
[lang/perl5] [devel/libltdl]

Required to build:
[pkgtools/cwrappers]

Package options: inet6, snmp, squid-backend-diskd, squid-carp, squid-ipf, squid-pam-helper, squid-unlinkd, ssl

Master sites: (Expand)

SHA1: f203637783301a4b86e554b6dd226de721762ae5
RMD160: 2e6549e1a954313ddf6e9a2b204e6d707bf5aae9
Filesize: 2271.898 KB

Version history: (Expand)


CVS history: (Expand)


   2017-03-18 22:26:31 by Adam Ciarcinski | Files touched by this commit (2)
Log message:
Let 'purge' find correct config file by default.
   2017-02-10 09:41:25 by Stephen Borrill | Files touched by this commit (3)
Log message:
Enable build of ssl_crtd if ssl option selected. This is required for dynamic
certificate generation when using SSL Bump.
http://wiki.squid-cache.org/ConfigExamp … mpExplicit
   2017-01-30 15:17:33 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
Changes 3.5.24:
* SSLv2 records force SslBump bumping despite a matching step2 peek rule.
* Mitigate DoS attacks that use client-initiated SSL/TLS renegotiation.
* Detect HTTP header ACL issue
* Fix some spelling mistakes
* Update External ACL helpers error handling and caching
* Fix "Source and destination overlap in memcpy" Valgrind errors
* Reduce crashes due to unexpected ClientHttpRequest termination.
* Bug 3940 pt2: Make 'cache deny' do what is documented
   2017-01-19 19:52:30 by Alistair G. Crooks | Files touched by this commit (352)
Log message:
Convert all occurrences (353 by my count) of

	MASTER_SITES= 	site1 \
			site2

style continuation lines to be simple repeated

	MASTER_SITES+= site1
	MASTER_SITES+= site2

lines. As previewed on tech-pkg. With thanks to rillig for fixing pkglint
accordingly.
   2016-12-18 04:18:57 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
Update squid to 3.5.23, including security fixes.

Changes to squid-3.5.23 (16 Dec 2016):

	- Bug 4627: fix generate-host-certificates and dynamic_cert_mem_cache_size docs
	- Bug 4620: NetBSD build error with --enable-ipf-transparent
	- Bug 4567: Strange IPv6 shown in access.log
	- Bug 4406: SIGSEV in TunnelStateData::handleConnectResponse() during \ 
reconfigure and restart
	- Bug 4174 partial: fix Write.cc:41 "!ccb->active()" assertion.
	- Bug 4169: HIT marked as MISS when If-None-Match does not match
	- Bug 4007: Hang on DNS query with dead-end CNAME
	- Bug 4004 partial: Fix segfault via Ftp::Client::readControlReply
	- Bug 3940 partial: hostHeaderVerify failures MISS when they should be HIT
	- Bug 3533: Cache still valid after HTTP/1.1 303 See Other
	- Bug 3379: Combination of If-Match and a Cache Hit result in TCP Connection Failure
	- Bug 3290: authenticate_ttl not working for digest authentication
	- Bug 2258: bypassing cache but not destroying cache entry
	- HTTP/1.1: make Vary:* objects cacheable
	- HTTP/1.1: Add registered codes entry for new 103 (Early Hints) status code
	- Support IPv6 NAT with PF for NetBSD and FreeBSD
	- TLS: Make key= before cert= an error instead of quietly hiding the issue
	- ... and some debug updates
	- ... and some build fixes
	- ... and several documentation updates
   2016-10-16 17:58:15 by Takahiro Kambe | Files touched by this commit (2)
Log message:
Fix build problem with squid-ipf PKG_OPTIONS.
   2016-10-10 11:01:40 by Adam Ciarcinski | Files touched by this commit (4)
Log message:
Changes 3.5.22:
* HTTP: MUST ignore a [revalidation] response with an older Date header.
* Optimized/simplified buffering: Appending nothing is always possible.
* Hide OpenSSL tricks from Valgrind far-reaching initialization errors.
* Avoid segfaults when debugging section 4 at level 9.
* Bug 4302 pt2: IPFilter v5 transparent interception
* Bug 4594: build failure with clang 3.9
* Bug 4471: revalidation doesn't work when expired cached object lacks Last-Modified.
* Bug 2833: Collapse internal revalidation requests (SMP-unaware caches)
* Bug 3819: "fd >= 0" assertion in file_write() during reconfiguration
* Do not leak url_rewrite_extras and store_id_extras on reconfigure/shutdown.
* Do reset $HOME if needed after r13435. Minimize putenv() memory leaks.
* Bug 4228: ./configure bug/typo in r14394.
* Fix potential ICAP null pointer dereference after rev.14082
* Fix logged request size (%http::>st) and other size-related %codes.
   2016-09-11 19:41:18 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
Update squid to 3.5.21.

Changes to squid-3.5.21 (08 Sep 2016):

	- Bug 4563: duplicate code in httpMakeVaryMark
	- Bug 4542: authentication credentials IP TTL updated incorrectly
	- Bug 4534: assertion failure in xcalloc when using many cache_dir
	- Bug 4428: mal-formed Cache-Control:stale-if-error header
	- Bug 3025: Proxy-Authenticate problem using ICAP server
	- Fix segfault via Ftp::Client::readControlReply()
	- Fix SSL-Bump failure results in SEGFAULT
	- HTTP/1.1: MUST always revalidate Cache-Control:no-cache responses
	- HTTP/1.1: do not allow Proxy-Connection to override Connection header
	- SSL: CN wildcard must only match a single domain component [fragment]