diff --git a/config/httpd/httpd.conf b/config/httpd/httpd.conf index 9c1fb2b10..14dcc735c 100644 --- a/config/httpd/httpd.conf +++ b/config/httpd/httpd.conf @@ -65,7 +65,6 @@ Include /etc/httpd/conf/global.conf # associate MIME types with filename extensions TypesConfig /etc/mime.types -DefaultType text/plain # global (server-wide) SSL configuration, that is not specific to # any virtual host @@ -80,8 +79,7 @@ Include /etc/httpd/conf/ssl-global.conf AccessFileName .htaccess # and never show them - Order allow,deny - Deny from all + Require all denied # List of resources to look for when the client requests a directory diff --git a/config/httpd/loadmodule.conf b/config/httpd/loadmodule.conf index e30f79b28..249221e8c 100644 --- a/config/httpd/loadmodule.conf +++ b/config/httpd/loadmodule.conf @@ -1,8 +1,11 @@ LoadModule authn_file_module /usr/lib/apache/mod_authn_file.so +LoadModule unixd_module /usr/lib/apache/mod_unixd.so #LoadModule authn_dbm_module /usr/lib/apache/mod_authn_dbm.so #LoadModule authn_anon_module /usr/lib/apache/mod_authn_anon.so #LoadModule authn_dbd_module /usr/lib/apache/mod_authn_dbd.so #LoadModule authn_default_module /usr/lib/apache/mod_authn_default.so +LoadModule authn_core_module /usr/lib/apache/mod_authn_core.so +LoadModule authz_core_module /usr/lib/apache/mod_authz_core.so LoadModule authz_host_module /usr/lib/apache/mod_authz_host.so #LoadModule authz_groupfile_module /usr/lib/apache/mod_authz_groupfile.so LoadModule authz_user_module /usr/lib/apache/mod_authz_user.so @@ -10,7 +13,7 @@ LoadModule authz_user_module /usr/lib/apache/mod_authz_user.so #LoadModule authz_owner_module /usr/lib/apache/mod_authz_owner.so #LoadModule authz_default_module /usr/lib/apache/mod_authz_default.so LoadModule auth_basic_module /usr/lib/apache/mod_auth_basic.so -LoadModule auth_digest_module /usr/lib/apache/mod_auth_digest.so +#LoadModule auth_digest_module /usr/lib/apache/mod_auth_digest.so #LoadModule dbd_module /usr/lib/apache/mod_dbd.so #LoadModule dumpio_module /usr/lib/apache/mod_dumpio.so #LoadModule ext_filter_module /usr/lib/apache/mod_ext_filter.so @@ -33,10 +36,10 @@ LoadModule setenvif_module /usr/lib/apache/mod_setenvif.so LoadModule mime_module /usr/lib/apache/mod_mime.so #LoadModule dav_module /usr/lib/apache/mod_dav.so #LoadModule status_module /usr/lib/apache/mod_status.so -LoadModule autoindex_module /usr/lib/apache/mod_autoindex.so +#LoadModule autoindex_module /usr/lib/apache/mod_autoindex.so #LoadModule asis_module /usr/lib/apache/mod_asis.so #LoadModule info_module /usr/lib/apache/mod_info.so -LoadModule cgi_module /usr/lib/apache/mod_cgi.so +LoadModule cgid_module /usr/lib/apache/mod_cgid.so #LoadModule dav_fs_module /usr/lib/apache/mod_dav_fs.so #LoadModule vhost_alias_module /usr/lib/apache/mod_vhost_alias.so #LoadModule negotiation_module /usr/lib/apache/mod_negotiation.so @@ -47,5 +50,6 @@ LoadModule dir_module /usr/lib/apache/mod_dir.so #LoadModule userdir_module /usr/lib/apache/mod_userdir.so LoadModule alias_module /usr/lib/apache/mod_alias.so LoadModule rewrite_module /usr/lib/apache/mod_rewrite.so +LoadModule socache_shmcb_module /usr/lib/apache/mod_socache_shmcb.so LoadModule ssl_module /usr/lib/apache/mod_ssl.so LoadModule php5_module /usr/lib/apache/libphp5.so diff --git a/config/httpd/server-tuning.conf b/config/httpd/server-tuning.conf index 90410186d..5642a1e44 100644 --- a/config/httpd/server-tuning.conf +++ b/config/httpd/server-tuning.conf @@ -17,10 +17,11 @@ MaxKeepAliveRequests 100 # KeepAliveTimeout 15 -MinSpareServers 1 -MaxSpareServers 10 +MinSpareThreads 1 +MaxSpareThreads 20 StartServers 2 -MaxClients 256 +MaxRequestWorkers 256 +ThreadsPerChild 16 # # The following directives modify normal HTTP response behavior to diff --git a/config/httpd/ssl-global.conf b/config/httpd/ssl-global.conf index 9cf4f8150..154815cea 100644 --- a/config/httpd/ssl-global.conf +++ b/config/httpd/ssl-global.conf @@ -39,11 +39,6 @@ SSLSessionCache shmcb:/var/log/httpd/ssl_scache(512000) SSLSessionCacheTimeout 900 - # Semaphore: - # Configure the path to the mutual exclusion semaphore the - # SSL engine uses internally for inter-process synchronization. - SSLMutex file:/var/log/httpd/ssl_mutex - # Pseudo Random Number Generator (PRNG): # Configure one or more sources to seed the PRNG of the # SSL library. The seed data should be of good random quality. diff --git a/config/httpd/vhosts.d/ipfire-interface-ssl.conf b/config/httpd/vhosts.d/ipfire-interface-ssl.conf index daac75742..6f353962e 100644 --- a/config/httpd/vhosts.d/ipfire-interface-ssl.conf +++ b/config/httpd/vhosts.d/ipfire-interface-ssl.conf @@ -17,8 +17,7 @@ Options ExecCGI AllowOverride None - Order allow,deny - Allow from all + Require all granted AuthName "IPFire - Restricted" @@ -34,17 +33,11 @@ AuthType Basic AuthUserFile /var/ipfire/auth/users Require user admin - - Satisfy Any - Allow from All + + Require all granted - Satisfy Any - Allow from All - - - Satisfy Any - Allow from All + Require all granted Require user admin @@ -75,16 +68,14 @@ Options ExecCGI AllowOverride None - Order deny,allow - Allow from all + Require all granted Alias /repository/ /var/urlrepo/ Options ExecCGI AllowOverride None - Order deny,allow - Allow from all + Require all granted Alias /proxy-reports/ /var/log/sarg/ diff --git a/config/httpd/vhosts.d/ipfire-interface.conf b/config/httpd/vhosts.d/ipfire-interface.conf index 8783c632b..619f90fcc 100644 --- a/config/httpd/vhosts.d/ipfire-interface.conf +++ b/config/httpd/vhosts.d/ipfire-interface.conf @@ -9,8 +9,7 @@ Options ExecCGI AllowOverride None - Order allow,deny - Allow from all + Require all granted AuthName "IPFire - Restricted" @@ -27,16 +26,10 @@ AuthUserFile /var/ipfire/auth/users Require user admin - Satisfy Any - Allow from All + Require all granted - Satisfy Any - Allow from All - - - Satisfy Any - Allow from All + Require all granted Require user admin @@ -54,15 +47,13 @@ Options ExecCGI AllowOverride None - Order deny,allow - Allow from all + Require all granted Alias /repository/ /var/urlrepo/ Options ExecCGI AllowOverride None - Order deny,allow - Allow from all + Require all granted Alias /wpad.dat /srv/web/ipfire/html/proxy.pac diff --git a/config/httpd/vhosts.d/nagios.conf b/config/httpd/vhosts.d/nagios.conf index 78bcd3b00..8a320d793 100644 --- a/config/httpd/vhosts.d/nagios.conf +++ b/config/httpd/vhosts.d/nagios.conf @@ -16,11 +16,8 @@ ScriptAlias /nagios/cgi-bin "/usr/share/nagios/cgi-bin" # SSLRequireSSL Options ExecCGI AllowOverride None - Order allow,deny - Allow from all -# Order deny,allow -# Deny from all -# Allow from 127.0.0.1 +# Require all granted +# Require ip 127.0.0.1 AuthName "Nagios Access" AuthType Basic AuthUserFile /etc/nagios/htpasswd.users @@ -33,11 +30,8 @@ Alias /nagios "/usr/share/nagios" # SSLRequireSSL Options None AllowOverride None - Order allow,deny - Allow from all -# Order deny,allow -# Deny from all -# Allow from 127.0.0.1 +# Require all granted +# Require ip 127.0.0.1 AuthName "Nagios Access" AuthType Basic AuthUserFile /etc/nagios/htpasswd.users diff --git a/config/httpd/vhosts.d/openmailadmin.conf b/config/httpd/vhosts.d/openmailadmin.conf index 6e7aaef40..e91be3978 100644 --- a/config/httpd/vhosts.d/openmailadmin.conf +++ b/config/httpd/vhosts.d/openmailadmin.conf @@ -9,8 +9,7 @@ Listen 1001 Options +FollowSymlinks AllowOverride None - Order allow,deny - Allow from all + Require all granted diff --git a/config/icinga/icinga.conf b/config/icinga/icinga.conf index 3771812d1..6060b1b01 100644 --- a/config/icinga/icinga.conf +++ b/config/icinga/icinga.conf @@ -15,9 +15,6 @@ Listen 1010 AuthType Basic AuthUserFile /etc/icinga/htpasswd.users - Order allow,deny - Allow from all - Require valid-user @@ -29,9 +26,6 @@ Listen 1010 AuthType Basic AuthUserFile /etc/icinga/htpasswd.users - Order allow,deny - Allow from all - Require valid-user diff --git a/config/nagiosql/nagios.conf b/config/nagiosql/nagios.conf index 6161d4d20..3805d382a 100644 --- a/config/nagiosql/nagios.conf +++ b/config/nagiosql/nagios.conf @@ -16,11 +16,8 @@ ScriptAlias /nagios/cgi-bin "/usr/share/nagios/cgi-bin" # SSLRequireSSL Options ExecCGI AllowOverride None - Order allow,deny - Allow from all -# Order deny,allow -# Deny from all -# Allow from 127.0.0.1 +# Require all granted +# Require ip 127.0.0.1 AuthName "Nagios Access" AuthType Basic AuthUserFile /etc/nagios/htpasswd.users @@ -33,11 +30,8 @@ Alias /nagios "/usr/share/nagios" # SSLRequireSSL Options None AllowOverride None - Order allow,deny - Allow from all -# Order deny,allow -# Deny from all -# Allow from 127.0.0.1 +# Require all granted +# Require ip 127.0.0.1 AuthName "Nagios Access" AuthType Basic AuthUserFile /etc/nagios/htpasswd.users @@ -50,8 +44,7 @@ Alias /nagiosql "/usr/share/nagiosql" include /etc/httpd/conf/conf.d/php*.conf Options None AllowOverride None - Order allow,deny - Allow from all + Require all granted diff --git a/config/owncloud/owncloud.conf b/config/owncloud/owncloud.conf index 08f58c36c..d4332ec55 100644 --- a/config/owncloud/owncloud.conf +++ b/config/owncloud/owncloud.conf @@ -15,7 +15,6 @@ Listen 1011 Options Indexes FollowSymlinks MultiViews AllowOverride ALL - Order allow,deny - Allow from all + Require all granted diff --git a/config/php/php.ini b/config/php/php.ini index 6e8209496..2e73507d4 100644 --- a/config/php/php.ini +++ b/config/php/php.ini @@ -533,7 +533,7 @@ doc_root = user_dir = ; Directory in which the loadable extensions (modules) reside. -extension_dir = "/usr/lib/php/extensions/no-debug-non-zts-20090626/" +extension_dir = "/usr/lib/php/extensions/no-debug-zts-20090626/" ; Whether or not to enable the dl() function. The dl() function does NOT work ; properly in multithreaded servers, such as IIS or Zeus, and is automatically diff --git a/config/phpSANE/phpSANE.conf b/config/phpSANE/phpSANE.conf index 06824e1bb..3956019ef 100644 --- a/config/phpSANE/phpSANE.conf +++ b/config/phpSANE/phpSANE.conf @@ -9,8 +9,7 @@ Listen 1003 Options None AllowOverride None - Order allow,deny - Allow from all + Require all granted diff --git a/config/rootfiles/common/apache2 b/config/rootfiles/common/apache2 index 7e33a155e..233301a71 100644 --- a/config/rootfiles/common/apache2 +++ b/config/rootfiles/common/apache2 @@ -15,6 +15,7 @@ etc/httpd/conf/default-server.conf #etc/httpd/conf/extra/httpd-ssl.conf #etc/httpd/conf/extra/httpd-userdir.conf #etc/httpd/conf/extra/httpd-vhosts.conf +#etc/httpd/conf/extra/proxy-html.conf etc/httpd/conf/global.conf etc/httpd/conf/hostname.conf etc/httpd/conf/httpd.conf @@ -36,6 +37,7 @@ etc/httpd/conf/mod_log_config.conf #etc/httpd/conf/original/extra/httpd-ssl.conf #etc/httpd/conf/original/extra/httpd-userdir.conf #etc/httpd/conf/original/extra/httpd-vhosts.conf +#etc/httpd/conf/original/extra/proxy-html.conf #etc/httpd/conf/original/httpd.conf etc/httpd/conf/server-tuning.conf etc/httpd/conf/ssl-global.conf @@ -47,8 +49,21 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #etc/httpd/conf/vhosts.d/openmailadmin.conf #srv/web #srv/web/ipfire +#srv/web/ipfire/manual/howto/access.html.es +#srv/web/ipfire/manual/howto/auth.html.es +#srv/web/ipfire/manual/howto/cgi.html.es +#srv/web/ipfire/manual/howto/htaccess.html.es +#srv/web/ipfire/manual/howto/http2.html.es +#srv/web/ipfire/manual/howto/http2.html.fr +#srv/web/ipfire/manual/howto/index.html.es +#srv/web/ipfire/manual/howto/public_html.html.es +#srv/web/ipfire/manual/mod/directive-dict.html.es +#srv/web/ipfire/manual/mod/mod_brotli.html +#srv/web/ipfire/manual/mod/mod_brotli.html.en #srv/web/ipfire/cgi-bin #srv/web/ipfire/cgi-bin/printenv +#srv/web/ipfire/cgi-bin/printenv.vbs +#srv/web/ipfire/cgi-bin/printenv.wsf #srv/web/ipfire/cgi-bin/test-cgi #srv/web/ipfire/error #srv/web/ipfire/error/HTTP_BAD_GATEWAY.html.var @@ -87,9 +102,9 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/icons/alert.red.png #srv/web/ipfire/icons/apache_pb.gif #srv/web/ipfire/icons/apache_pb.png +#srv/web/ipfire/icons/apache_pb.svg #srv/web/ipfire/icons/apache_pb2.gif #srv/web/ipfire/icons/apache_pb2.png -#srv/web/ipfire/icons/apache_pb2_ani.gif #srv/web/ipfire/icons/back.gif #srv/web/ipfire/icons/back.png #srv/web/ipfire/icons/ball.gray.gif @@ -168,6 +183,23 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/icons/link.png #srv/web/ipfire/icons/movie.gif #srv/web/ipfire/icons/movie.png +#srv/web/ipfire/icons/odf6odb.png +#srv/web/ipfire/icons/odf6odc.png +#srv/web/ipfire/icons/odf6odf.png +#srv/web/ipfire/icons/odf6odg.png +#srv/web/ipfire/icons/odf6odi.png +#srv/web/ipfire/icons/odf6odm.png +#srv/web/ipfire/icons/odf6odp.png +#srv/web/ipfire/icons/odf6ods.png +#srv/web/ipfire/icons/odf6odt.png +#srv/web/ipfire/icons/odf6otc.png +#srv/web/ipfire/icons/odf6otf.png +#srv/web/ipfire/icons/odf6otg.png +#srv/web/ipfire/icons/odf6oth.png +#srv/web/ipfire/icons/odf6oti.png +#srv/web/ipfire/icons/odf6otp.png +#srv/web/ipfire/icons/odf6ots.png +#srv/web/ipfire/icons/odf6ott.png #srv/web/ipfire/icons/p.gif #srv/web/ipfire/icons/p.png #srv/web/ipfire/icons/patch.gif @@ -227,12 +259,12 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/icons/small/compressed.png #srv/web/ipfire/icons/small/continued.gif #srv/web/ipfire/icons/small/continued.png -#srv/web/ipfire/icons/small/dir.gif -#srv/web/ipfire/icons/small/dir.png -#srv/web/ipfire/icons/small/dir2.gif -#srv/web/ipfire/icons/small/dir2.png #srv/web/ipfire/icons/small/doc.gif #srv/web/ipfire/icons/small/doc.png +#srv/web/ipfire/icons/small/folder.gif +#srv/web/ipfire/icons/small/folder.png +#srv/web/ipfire/icons/small/folder2.gif +#srv/web/ipfire/icons/small/folder2.png #srv/web/ipfire/icons/small/forward.gif #srv/web/ipfire/icons/small/forward.png #srv/web/ipfire/icons/small/generic.gif @@ -279,6 +311,7 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/icons/sphere1.png #srv/web/ipfire/icons/sphere2.gif #srv/web/ipfire/icons/sphere2.png +#srv/web/ipfire/icons/svg.png #srv/web/ipfire/icons/tar.gif #srv/web/ipfire/icons/tar.png #srv/web/ipfire/icons/tex.gif @@ -299,7 +332,9 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/icons/world1.png #srv/web/ipfire/icons/world2.gif #srv/web/ipfire/icons/world2.png +#srv/web/ipfire/icons/xml.png #srv/web/ipfire/manual +#srv/web/ipfire/manual/BUILDING #srv/web/ipfire/manual/LICENSE #srv/web/ipfire/manual/bind.html #srv/web/ipfire/manual/bind.html.de @@ -329,6 +364,7 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/custom-error.html #srv/web/ipfire/manual/custom-error.html.en #srv/web/ipfire/manual/custom-error.html.es +#srv/web/ipfire/manual/custom-error.html.fr #srv/web/ipfire/manual/custom-error.html.ja.utf8 #srv/web/ipfire/manual/custom-error.html.ko.euc-kr #srv/web/ipfire/manual/custom-error.html.tr.utf8 @@ -347,31 +383,45 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/developer/index.html #srv/web/ipfire/manual/developer/index.html.en #srv/web/ipfire/manual/developer/index.html.zh-cn.utf8 +#srv/web/ipfire/manual/developer/modguide.html +#srv/web/ipfire/manual/developer/modguide.html.en #srv/web/ipfire/manual/developer/modules.html #srv/web/ipfire/manual/developer/modules.html.en #srv/web/ipfire/manual/developer/modules.html.ja.utf8 +#srv/web/ipfire/manual/developer/new_api_2_4.html +#srv/web/ipfire/manual/developer/new_api_2_4.html.en +#srv/web/ipfire/manual/developer/output-filters.html +#srv/web/ipfire/manual/developer/output-filters.html.en #srv/web/ipfire/manual/developer/request.html #srv/web/ipfire/manual/developer/request.html.en #srv/web/ipfire/manual/developer/thread_safety.html #srv/web/ipfire/manual/developer/thread_safety.html.en #srv/web/ipfire/manual/dns-caveats.html #srv/web/ipfire/manual/dns-caveats.html.en +#srv/web/ipfire/manual/dns-caveats.html.fr #srv/web/ipfire/manual/dns-caveats.html.ja.utf8 #srv/web/ipfire/manual/dns-caveats.html.ko.euc-kr #srv/web/ipfire/manual/dns-caveats.html.tr.utf8 #srv/web/ipfire/manual/dso.html #srv/web/ipfire/manual/dso.html.en +#srv/web/ipfire/manual/dso.html.fr #srv/web/ipfire/manual/dso.html.ja.utf8 #srv/web/ipfire/manual/dso.html.ko.euc-kr #srv/web/ipfire/manual/dso.html.tr.utf8 #srv/web/ipfire/manual/env.html #srv/web/ipfire/manual/env.html.en +#srv/web/ipfire/manual/env.html.fr #srv/web/ipfire/manual/env.html.ja.utf8 #srv/web/ipfire/manual/env.html.ko.euc-kr #srv/web/ipfire/manual/env.html.tr.utf8 +#srv/web/ipfire/manual/expr.html +#srv/web/ipfire/manual/expr.html.en +#srv/web/ipfire/manual/expr.html.fr #srv/web/ipfire/manual/faq #srv/web/ipfire/manual/faq/index.html #srv/web/ipfire/manual/faq/index.html.en +#srv/web/ipfire/manual/faq/index.html.es +#srv/web/ipfire/manual/faq/index.html.fr #srv/web/ipfire/manual/faq/index.html.tr.utf8 #srv/web/ipfire/manual/faq/index.html.zh-cn.utf8 #srv/web/ipfire/manual/filter.html @@ -381,6 +431,9 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/filter.html.ja.utf8 #srv/web/ipfire/manual/filter.html.ko.euc-kr #srv/web/ipfire/manual/filter.html.tr.utf8 +#srv/web/ipfire/manual/getting-started.html +#srv/web/ipfire/manual/getting-started.html.en +#srv/web/ipfire/manual/getting-started.html.fr #srv/web/ipfire/manual/glossary.html #srv/web/ipfire/manual/glossary.html.de #srv/web/ipfire/manual/glossary.html.en @@ -395,12 +448,12 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/handler.html.fr #srv/web/ipfire/manual/handler.html.ja.utf8 #srv/web/ipfire/manual/handler.html.ko.euc-kr -#srv/web/ipfire/manual/handler.html.ru.koi8-r #srv/web/ipfire/manual/handler.html.tr.utf8 #srv/web/ipfire/manual/handler.html.zh-cn.utf8 #srv/web/ipfire/manual/howto #srv/web/ipfire/manual/howto/access.html #srv/web/ipfire/manual/howto/access.html.en +#srv/web/ipfire/manual/howto/access.html.fr #srv/web/ipfire/manual/howto/auth.html #srv/web/ipfire/manual/howto/auth.html.en #srv/web/ipfire/manual/howto/auth.html.fr @@ -409,6 +462,7 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/howto/auth.html.tr.utf8 #srv/web/ipfire/manual/howto/cgi.html #srv/web/ipfire/manual/howto/cgi.html.en +#srv/web/ipfire/manual/howto/cgi.html.fr #srv/web/ipfire/manual/howto/cgi.html.ja.utf8 #srv/web/ipfire/manual/howto/cgi.html.ko.euc-kr #srv/web/ipfire/manual/howto/htaccess.html @@ -417,22 +471,35 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/howto/htaccess.html.ja.utf8 #srv/web/ipfire/manual/howto/htaccess.html.ko.euc-kr #srv/web/ipfire/manual/howto/htaccess.html.pt-br +#srv/web/ipfire/manual/howto/http2.html +#srv/web/ipfire/manual/howto/http2.html.en #srv/web/ipfire/manual/howto/index.html #srv/web/ipfire/manual/howto/index.html.en +#srv/web/ipfire/manual/howto/index.html.fr #srv/web/ipfire/manual/howto/index.html.ja.utf8 #srv/web/ipfire/manual/howto/index.html.ko.euc-kr #srv/web/ipfire/manual/howto/index.html.zh-cn.utf8 #srv/web/ipfire/manual/howto/public_html.html #srv/web/ipfire/manual/howto/public_html.html.en +#srv/web/ipfire/manual/howto/public_html.html.fr #srv/web/ipfire/manual/howto/public_html.html.ja.utf8 #srv/web/ipfire/manual/howto/public_html.html.ko.euc-kr #srv/web/ipfire/manual/howto/public_html.html.tr.utf8 +#srv/web/ipfire/manual/howto/reverse_proxy.html +#srv/web/ipfire/manual/howto/reverse_proxy.html.en #srv/web/ipfire/manual/howto/ssi.html #srv/web/ipfire/manual/howto/ssi.html.en +#srv/web/ipfire/manual/howto/ssi.html.fr #srv/web/ipfire/manual/howto/ssi.html.ja.utf8 #srv/web/ipfire/manual/howto/ssi.html.ko.euc-kr #srv/web/ipfire/manual/images #srv/web/ipfire/manual/images/apache_header.gif +#srv/web/ipfire/manual/images/bal-man-b.png +#srv/web/ipfire/manual/images/bal-man-w.png +#srv/web/ipfire/manual/images/bal-man.png +#srv/web/ipfire/manual/images/build_a_mod_2.png +#srv/web/ipfire/manual/images/build_a_mod_3.png +#srv/web/ipfire/manual/images/build_a_mod_4.png #srv/web/ipfire/manual/images/caching_fig1.gif #srv/web/ipfire/manual/images/caching_fig1.png #srv/web/ipfire/manual/images/caching_fig1.tr.png @@ -456,7 +523,9 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/images/mod_rewrite_fig2.gif #srv/web/ipfire/manual/images/mod_rewrite_fig2.png #srv/web/ipfire/manual/images/pixel.gif +#srv/web/ipfire/manual/images/reverse-proxy-arch.png #srv/web/ipfire/manual/images/rewrite_backreferences.png +#srv/web/ipfire/manual/images/rewrite_process_uri.png #srv/web/ipfire/manual/images/rewrite_rule_flow.png #srv/web/ipfire/manual/images/right.gif #srv/web/ipfire/manual/images/ssl_intro_fig1.gif @@ -470,6 +539,7 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/images/syntax_rewriterule.png #srv/web/ipfire/manual/images/up.gif #srv/web/ipfire/manual/index.html +#srv/web/ipfire/manual/index.html.da #srv/web/ipfire/manual/index.html.de #srv/web/ipfire/manual/index.html.en #srv/web/ipfire/manual/index.html.es @@ -494,7 +564,6 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/invoking.html.fr #srv/web/ipfire/manual/invoking.html.ja.utf8 #srv/web/ipfire/manual/invoking.html.ko.euc-kr -#srv/web/ipfire/manual/invoking.html.ru.koi8-r #srv/web/ipfire/manual/invoking.html.tr.utf8 #srv/web/ipfire/manual/license.html #srv/web/ipfire/manual/license.html.en @@ -507,39 +576,38 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/misc #srv/web/ipfire/manual/misc/index.html #srv/web/ipfire/manual/misc/index.html.en +#srv/web/ipfire/manual/misc/index.html.fr #srv/web/ipfire/manual/misc/index.html.ko.euc-kr #srv/web/ipfire/manual/misc/index.html.tr.utf8 #srv/web/ipfire/manual/misc/index.html.zh-cn.utf8 #srv/web/ipfire/manual/misc/password_encryptions.html #srv/web/ipfire/manual/misc/password_encryptions.html.en +#srv/web/ipfire/manual/misc/password_encryptions.html.fr #srv/web/ipfire/manual/misc/perf-tuning.html #srv/web/ipfire/manual/misc/perf-tuning.html.en +#srv/web/ipfire/manual/misc/perf-tuning.html.fr #srv/web/ipfire/manual/misc/perf-tuning.html.ko.euc-kr #srv/web/ipfire/manual/misc/perf-tuning.html.tr.utf8 #srv/web/ipfire/manual/misc/relevant_standards.html #srv/web/ipfire/manual/misc/relevant_standards.html.en +#srv/web/ipfire/manual/misc/relevant_standards.html.fr #srv/web/ipfire/manual/misc/relevant_standards.html.ko.euc-kr -#srv/web/ipfire/manual/misc/rewriteguide.html -#srv/web/ipfire/manual/misc/rewriteguide.html.en -#srv/web/ipfire/manual/misc/rewriteguide.html.ko.euc-kr #srv/web/ipfire/manual/misc/security_tips.html #srv/web/ipfire/manual/misc/security_tips.html.en +#srv/web/ipfire/manual/misc/security_tips.html.fr #srv/web/ipfire/manual/misc/security_tips.html.ko.euc-kr #srv/web/ipfire/manual/misc/security_tips.html.tr.utf8 #srv/web/ipfire/manual/mod -#srv/web/ipfire/manual/mod/beos.html -#srv/web/ipfire/manual/mod/beos.html.de -#srv/web/ipfire/manual/mod/beos.html.en -#srv/web/ipfire/manual/mod/beos.html.es -#srv/web/ipfire/manual/mod/beos.html.ko.euc-kr #srv/web/ipfire/manual/mod/core.html #srv/web/ipfire/manual/mod/core.html.de #srv/web/ipfire/manual/mod/core.html.en +#srv/web/ipfire/manual/mod/core.html.es #srv/web/ipfire/manual/mod/core.html.fr #srv/web/ipfire/manual/mod/core.html.ja.utf8 #srv/web/ipfire/manual/mod/core.html.tr.utf8 #srv/web/ipfire/manual/mod/directive-dict.html #srv/web/ipfire/manual/mod/directive-dict.html.en +#srv/web/ipfire/manual/mod/directive-dict.html.fr #srv/web/ipfire/manual/mod/directive-dict.html.ja.utf8 #srv/web/ipfire/manual/mod/directive-dict.html.ko.euc-kr #srv/web/ipfire/manual/mod/directive-dict.html.tr.utf8 @@ -547,33 +615,45 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/mod/directives.html.de #srv/web/ipfire/manual/mod/directives.html.en #srv/web/ipfire/manual/mod/directives.html.es +#srv/web/ipfire/manual/mod/directives.html.fr #srv/web/ipfire/manual/mod/directives.html.ja.utf8 #srv/web/ipfire/manual/mod/directives.html.ko.euc-kr -#srv/web/ipfire/manual/mod/directives.html.ru.koi8-r #srv/web/ipfire/manual/mod/directives.html.tr.utf8 #srv/web/ipfire/manual/mod/directives.html.zh-cn.utf8 #srv/web/ipfire/manual/mod/event.html #srv/web/ipfire/manual/mod/event.html.en +#srv/web/ipfire/manual/mod/event.html.fr #srv/web/ipfire/manual/mod/index.html #srv/web/ipfire/manual/mod/index.html.de #srv/web/ipfire/manual/mod/index.html.en #srv/web/ipfire/manual/mod/index.html.es +#srv/web/ipfire/manual/mod/index.html.fr #srv/web/ipfire/manual/mod/index.html.ja.utf8 #srv/web/ipfire/manual/mod/index.html.ko.euc-kr #srv/web/ipfire/manual/mod/index.html.tr.utf8 #srv/web/ipfire/manual/mod/index.html.zh-cn.utf8 +#srv/web/ipfire/manual/mod/mod_access_compat.html +#srv/web/ipfire/manual/mod/mod_access_compat.html.en +#srv/web/ipfire/manual/mod/mod_access_compat.html.fr +#srv/web/ipfire/manual/mod/mod_access_compat.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_actions.html #srv/web/ipfire/manual/mod/mod_actions.html.de #srv/web/ipfire/manual/mod/mod_actions.html.en +#srv/web/ipfire/manual/mod/mod_actions.html.fr #srv/web/ipfire/manual/mod/mod_actions.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_actions.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_alias.html #srv/web/ipfire/manual/mod/mod_alias.html.en +#srv/web/ipfire/manual/mod/mod_alias.html.fr #srv/web/ipfire/manual/mod/mod_alias.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_alias.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_alias.html.tr.utf8 +#srv/web/ipfire/manual/mod/mod_allowmethods.html +#srv/web/ipfire/manual/mod/mod_allowmethods.html.en +#srv/web/ipfire/manual/mod/mod_allowmethods.html.fr #srv/web/ipfire/manual/mod/mod_asis.html #srv/web/ipfire/manual/mod/mod_asis.html.en +#srv/web/ipfire/manual/mod/mod_asis.html.fr #srv/web/ipfire/manual/mod/mod_asis.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_asis.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_auth_basic.html @@ -585,53 +665,64 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/mod/mod_auth_digest.html.en #srv/web/ipfire/manual/mod/mod_auth_digest.html.fr #srv/web/ipfire/manual/mod/mod_auth_digest.html.ko.euc-kr -#srv/web/ipfire/manual/mod/mod_authn_alias.html -#srv/web/ipfire/manual/mod/mod_authn_alias.html.en -#srv/web/ipfire/manual/mod/mod_authn_alias.html.fr +#srv/web/ipfire/manual/mod/mod_auth_form.html +#srv/web/ipfire/manual/mod/mod_auth_form.html.en +#srv/web/ipfire/manual/mod/mod_auth_form.html.fr #srv/web/ipfire/manual/mod/mod_authn_anon.html #srv/web/ipfire/manual/mod/mod_authn_anon.html.en +#srv/web/ipfire/manual/mod/mod_authn_anon.html.fr #srv/web/ipfire/manual/mod/mod_authn_anon.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_authn_anon.html.ko.euc-kr +#srv/web/ipfire/manual/mod/mod_authn_core.html +#srv/web/ipfire/manual/mod/mod_authn_core.html.en +#srv/web/ipfire/manual/mod/mod_authn_core.html.fr #srv/web/ipfire/manual/mod/mod_authn_dbd.html #srv/web/ipfire/manual/mod/mod_authn_dbd.html.en +#srv/web/ipfire/manual/mod/mod_authn_dbd.html.fr #srv/web/ipfire/manual/mod/mod_authn_dbm.html #srv/web/ipfire/manual/mod/mod_authn_dbm.html.en +#srv/web/ipfire/manual/mod/mod_authn_dbm.html.fr #srv/web/ipfire/manual/mod/mod_authn_dbm.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_authn_dbm.html.ko.euc-kr -#srv/web/ipfire/manual/mod/mod_authn_default.html -#srv/web/ipfire/manual/mod/mod_authn_default.html.en -#srv/web/ipfire/manual/mod/mod_authn_default.html.ja.utf8 -#srv/web/ipfire/manual/mod/mod_authn_default.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_authn_file.html #srv/web/ipfire/manual/mod/mod_authn_file.html.en #srv/web/ipfire/manual/mod/mod_authn_file.html.fr #srv/web/ipfire/manual/mod/mod_authn_file.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_authn_file.html.ko.euc-kr +#srv/web/ipfire/manual/mod/mod_authn_socache.html +#srv/web/ipfire/manual/mod/mod_authn_socache.html.en +#srv/web/ipfire/manual/mod/mod_authn_socache.html.fr +#srv/web/ipfire/manual/mod/mod_authnz_fcgi.html +#srv/web/ipfire/manual/mod/mod_authnz_fcgi.html.en #srv/web/ipfire/manual/mod/mod_authnz_ldap.html #srv/web/ipfire/manual/mod/mod_authnz_ldap.html.en #srv/web/ipfire/manual/mod/mod_authnz_ldap.html.fr +#srv/web/ipfire/manual/mod/mod_authz_core.html +#srv/web/ipfire/manual/mod/mod_authz_core.html.en +#srv/web/ipfire/manual/mod/mod_authz_core.html.fr +#srv/web/ipfire/manual/mod/mod_authz_dbd.html +#srv/web/ipfire/manual/mod/mod_authz_dbd.html.en +#srv/web/ipfire/manual/mod/mod_authz_dbd.html.fr #srv/web/ipfire/manual/mod/mod_authz_dbm.html #srv/web/ipfire/manual/mod/mod_authz_dbm.html.en +#srv/web/ipfire/manual/mod/mod_authz_dbm.html.fr #srv/web/ipfire/manual/mod/mod_authz_dbm.html.ko.euc-kr -#srv/web/ipfire/manual/mod/mod_authz_default.html -#srv/web/ipfire/manual/mod/mod_authz_default.html.en -#srv/web/ipfire/manual/mod/mod_authz_default.html.ja.utf8 -#srv/web/ipfire/manual/mod/mod_authz_default.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_authz_groupfile.html #srv/web/ipfire/manual/mod/mod_authz_groupfile.html.en +#srv/web/ipfire/manual/mod/mod_authz_groupfile.html.fr #srv/web/ipfire/manual/mod/mod_authz_groupfile.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_authz_groupfile.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_authz_host.html #srv/web/ipfire/manual/mod/mod_authz_host.html.en #srv/web/ipfire/manual/mod/mod_authz_host.html.fr -#srv/web/ipfire/manual/mod/mod_authz_host.html.ja.utf8 -#srv/web/ipfire/manual/mod/mod_authz_host.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_authz_owner.html #srv/web/ipfire/manual/mod/mod_authz_owner.html.en +#srv/web/ipfire/manual/mod/mod_authz_owner.html.fr #srv/web/ipfire/manual/mod/mod_authz_owner.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_authz_owner.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_authz_user.html #srv/web/ipfire/manual/mod/mod_authz_user.html.en +#srv/web/ipfire/manual/mod/mod_authz_user.html.fr #srv/web/ipfire/manual/mod/mod_authz_user.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_authz_user.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_autoindex.html @@ -640,180 +731,327 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/mod/mod_autoindex.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_autoindex.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_autoindex.html.tr.utf8 +#srv/web/ipfire/manual/mod/mod_buffer.html +#srv/web/ipfire/manual/mod/mod_buffer.html.en +#srv/web/ipfire/manual/mod/mod_buffer.html.fr #srv/web/ipfire/manual/mod/mod_cache.html #srv/web/ipfire/manual/mod/mod_cache.html.en +#srv/web/ipfire/manual/mod/mod_cache.html.fr #srv/web/ipfire/manual/mod/mod_cache.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_cache.html.ko.euc-kr +#srv/web/ipfire/manual/mod/mod_cache_disk.html +#srv/web/ipfire/manual/mod/mod_cache_disk.html.en +#srv/web/ipfire/manual/mod/mod_cache_disk.html.fr +#srv/web/ipfire/manual/mod/mod_cache_disk.html.ja.utf8 +#srv/web/ipfire/manual/mod/mod_cache_disk.html.ko.euc-kr +#srv/web/ipfire/manual/mod/mod_cache_socache.html +#srv/web/ipfire/manual/mod/mod_cache_socache.html.en +#srv/web/ipfire/manual/mod/mod_cache_socache.html.fr #srv/web/ipfire/manual/mod/mod_cern_meta.html #srv/web/ipfire/manual/mod/mod_cern_meta.html.en +#srv/web/ipfire/manual/mod/mod_cern_meta.html.fr #srv/web/ipfire/manual/mod/mod_cern_meta.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_cgi.html #srv/web/ipfire/manual/mod/mod_cgi.html.en +#srv/web/ipfire/manual/mod/mod_cgi.html.fr #srv/web/ipfire/manual/mod/mod_cgi.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_cgi.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_cgid.html #srv/web/ipfire/manual/mod/mod_cgid.html.en +#srv/web/ipfire/manual/mod/mod_cgid.html.fr #srv/web/ipfire/manual/mod/mod_cgid.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_cgid.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_charset_lite.html #srv/web/ipfire/manual/mod/mod_charset_lite.html.en +#srv/web/ipfire/manual/mod/mod_charset_lite.html.fr #srv/web/ipfire/manual/mod/mod_charset_lite.html.ko.euc-kr +#srv/web/ipfire/manual/mod/mod_data.html +#srv/web/ipfire/manual/mod/mod_data.html.en +#srv/web/ipfire/manual/mod/mod_data.html.fr #srv/web/ipfire/manual/mod/mod_dav.html #srv/web/ipfire/manual/mod/mod_dav.html.en +#srv/web/ipfire/manual/mod/mod_dav.html.fr #srv/web/ipfire/manual/mod/mod_dav.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_dav.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_dav_fs.html #srv/web/ipfire/manual/mod/mod_dav_fs.html.en +#srv/web/ipfire/manual/mod/mod_dav_fs.html.fr #srv/web/ipfire/manual/mod/mod_dav_fs.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_dav_fs.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_dav_lock.html #srv/web/ipfire/manual/mod/mod_dav_lock.html.en +#srv/web/ipfire/manual/mod/mod_dav_lock.html.fr #srv/web/ipfire/manual/mod/mod_dav_lock.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_dbd.html #srv/web/ipfire/manual/mod/mod_dbd.html.en +#srv/web/ipfire/manual/mod/mod_dbd.html.fr #srv/web/ipfire/manual/mod/mod_deflate.html #srv/web/ipfire/manual/mod/mod_deflate.html.en +#srv/web/ipfire/manual/mod/mod_deflate.html.fr #srv/web/ipfire/manual/mod/mod_deflate.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_deflate.html.ko.euc-kr +#srv/web/ipfire/manual/mod/mod_dialup.html +#srv/web/ipfire/manual/mod/mod_dialup.html.en +#srv/web/ipfire/manual/mod/mod_dialup.html.fr #srv/web/ipfire/manual/mod/mod_dir.html #srv/web/ipfire/manual/mod/mod_dir.html.en +#srv/web/ipfire/manual/mod/mod_dir.html.fr #srv/web/ipfire/manual/mod/mod_dir.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_dir.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_dir.html.tr.utf8 -#srv/web/ipfire/manual/mod/mod_disk_cache.html -#srv/web/ipfire/manual/mod/mod_disk_cache.html.en -#srv/web/ipfire/manual/mod/mod_disk_cache.html.ja.utf8 -#srv/web/ipfire/manual/mod/mod_disk_cache.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_dumpio.html #srv/web/ipfire/manual/mod/mod_dumpio.html.en +#srv/web/ipfire/manual/mod/mod_dumpio.html.fr #srv/web/ipfire/manual/mod/mod_dumpio.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_echo.html #srv/web/ipfire/manual/mod/mod_echo.html.en +#srv/web/ipfire/manual/mod/mod_echo.html.fr #srv/web/ipfire/manual/mod/mod_echo.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_echo.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_env.html #srv/web/ipfire/manual/mod/mod_env.html.en +#srv/web/ipfire/manual/mod/mod_env.html.fr #srv/web/ipfire/manual/mod/mod_env.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_env.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_env.html.tr.utf8 -#srv/web/ipfire/manual/mod/mod_example.html -#srv/web/ipfire/manual/mod/mod_example.html.en -#srv/web/ipfire/manual/mod/mod_example.html.ko.euc-kr +#srv/web/ipfire/manual/mod/mod_example_hooks.html +#srv/web/ipfire/manual/mod/mod_example_hooks.html.en +#srv/web/ipfire/manual/mod/mod_example_hooks.html.fr +#srv/web/ipfire/manual/mod/mod_example_hooks.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_expires.html #srv/web/ipfire/manual/mod/mod_expires.html.en +#srv/web/ipfire/manual/mod/mod_expires.html.fr #srv/web/ipfire/manual/mod/mod_expires.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_expires.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_ext_filter.html #srv/web/ipfire/manual/mod/mod_ext_filter.html.en +#srv/web/ipfire/manual/mod/mod_ext_filter.html.fr #srv/web/ipfire/manual/mod/mod_ext_filter.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_ext_filter.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_file_cache.html #srv/web/ipfire/manual/mod/mod_file_cache.html.en +#srv/web/ipfire/manual/mod/mod_file_cache.html.fr #srv/web/ipfire/manual/mod/mod_file_cache.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_filter.html #srv/web/ipfire/manual/mod/mod_filter.html.en +#srv/web/ipfire/manual/mod/mod_filter.html.fr #srv/web/ipfire/manual/mod/mod_headers.html #srv/web/ipfire/manual/mod/mod_headers.html.en +#srv/web/ipfire/manual/mod/mod_headers.html.fr #srv/web/ipfire/manual/mod/mod_headers.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_headers.html.ko.euc-kr +#srv/web/ipfire/manual/mod/mod_heartbeat.html +#srv/web/ipfire/manual/mod/mod_heartbeat.html.en +#srv/web/ipfire/manual/mod/mod_heartbeat.html.fr +#srv/web/ipfire/manual/mod/mod_heartmonitor.html +#srv/web/ipfire/manual/mod/mod_heartmonitor.html.en +#srv/web/ipfire/manual/mod/mod_heartmonitor.html.fr +#srv/web/ipfire/manual/mod/mod_http2.html +#srv/web/ipfire/manual/mod/mod_http2.html.en #srv/web/ipfire/manual/mod/mod_ident.html #srv/web/ipfire/manual/mod/mod_ident.html.en +#srv/web/ipfire/manual/mod/mod_ident.html.fr #srv/web/ipfire/manual/mod/mod_ident.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_ident.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_imagemap.html #srv/web/ipfire/manual/mod/mod_imagemap.html.en +#srv/web/ipfire/manual/mod/mod_imagemap.html.fr #srv/web/ipfire/manual/mod/mod_imagemap.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_include.html #srv/web/ipfire/manual/mod/mod_include.html.en +#srv/web/ipfire/manual/mod/mod_include.html.fr #srv/web/ipfire/manual/mod/mod_include.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_info.html #srv/web/ipfire/manual/mod/mod_info.html.en +#srv/web/ipfire/manual/mod/mod_info.html.fr #srv/web/ipfire/manual/mod/mod_info.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_info.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_isapi.html #srv/web/ipfire/manual/mod/mod_isapi.html.en +#srv/web/ipfire/manual/mod/mod_isapi.html.fr #srv/web/ipfire/manual/mod/mod_isapi.html.ko.euc-kr +#srv/web/ipfire/manual/mod/mod_lbmethod_bybusyness.html +#srv/web/ipfire/manual/mod/mod_lbmethod_bybusyness.html.en +#srv/web/ipfire/manual/mod/mod_lbmethod_bybusyness.html.fr +#srv/web/ipfire/manual/mod/mod_lbmethod_byrequests.html +#srv/web/ipfire/manual/mod/mod_lbmethod_byrequests.html.en +#srv/web/ipfire/manual/mod/mod_lbmethod_byrequests.html.fr +#srv/web/ipfire/manual/mod/mod_lbmethod_bytraffic.html +#srv/web/ipfire/manual/mod/mod_lbmethod_bytraffic.html.en +#srv/web/ipfire/manual/mod/mod_lbmethod_bytraffic.html.fr +#srv/web/ipfire/manual/mod/mod_lbmethod_heartbeat.html +#srv/web/ipfire/manual/mod/mod_lbmethod_heartbeat.html.en +#srv/web/ipfire/manual/mod/mod_lbmethod_heartbeat.html.fr #srv/web/ipfire/manual/mod/mod_ldap.html #srv/web/ipfire/manual/mod/mod_ldap.html.en +#srv/web/ipfire/manual/mod/mod_ldap.html.fr #srv/web/ipfire/manual/mod/mod_log_config.html #srv/web/ipfire/manual/mod/mod_log_config.html.en +#srv/web/ipfire/manual/mod/mod_log_config.html.fr #srv/web/ipfire/manual/mod/mod_log_config.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_log_config.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_log_config.html.tr.utf8 +#srv/web/ipfire/manual/mod/mod_log_debug.html +#srv/web/ipfire/manual/mod/mod_log_debug.html.en +#srv/web/ipfire/manual/mod/mod_log_debug.html.fr #srv/web/ipfire/manual/mod/mod_log_forensic.html #srv/web/ipfire/manual/mod/mod_log_forensic.html.en +#srv/web/ipfire/manual/mod/mod_log_forensic.html.fr #srv/web/ipfire/manual/mod/mod_log_forensic.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_log_forensic.html.tr.utf8 #srv/web/ipfire/manual/mod/mod_logio.html #srv/web/ipfire/manual/mod/mod_logio.html.en +#srv/web/ipfire/manual/mod/mod_logio.html.fr #srv/web/ipfire/manual/mod/mod_logio.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_logio.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_logio.html.tr.utf8 -#srv/web/ipfire/manual/mod/mod_mem_cache.html -#srv/web/ipfire/manual/mod/mod_mem_cache.html.en -#srv/web/ipfire/manual/mod/mod_mem_cache.html.ja.utf8 -#srv/web/ipfire/manual/mod/mod_mem_cache.html.ko.euc-kr +#srv/web/ipfire/manual/mod/mod_lua.html +#srv/web/ipfire/manual/mod/mod_lua.html.en +#srv/web/ipfire/manual/mod/mod_lua.html.fr +#srv/web/ipfire/manual/mod/mod_macro.html +#srv/web/ipfire/manual/mod/mod_macro.html.en +#srv/web/ipfire/manual/mod/mod_macro.html.fr #srv/web/ipfire/manual/mod/mod_mime.html #srv/web/ipfire/manual/mod/mod_mime.html.en +#srv/web/ipfire/manual/mod/mod_mime.html.fr #srv/web/ipfire/manual/mod/mod_mime.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_mime_magic.html #srv/web/ipfire/manual/mod/mod_mime_magic.html.en +#srv/web/ipfire/manual/mod/mod_mime_magic.html.fr #srv/web/ipfire/manual/mod/mod_negotiation.html #srv/web/ipfire/manual/mod/mod_negotiation.html.en +#srv/web/ipfire/manual/mod/mod_negotiation.html.fr #srv/web/ipfire/manual/mod/mod_negotiation.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_nw_ssl.html #srv/web/ipfire/manual/mod/mod_nw_ssl.html.en +#srv/web/ipfire/manual/mod/mod_nw_ssl.html.fr +#srv/web/ipfire/manual/mod/mod_privileges.html +#srv/web/ipfire/manual/mod/mod_privileges.html.en +#srv/web/ipfire/manual/mod/mod_privileges.html.fr #srv/web/ipfire/manual/mod/mod_proxy.html #srv/web/ipfire/manual/mod/mod_proxy.html.en #srv/web/ipfire/manual/mod/mod_proxy.html.fr #srv/web/ipfire/manual/mod/mod_proxy.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_proxy_ajp.html #srv/web/ipfire/manual/mod/mod_proxy_ajp.html.en +#srv/web/ipfire/manual/mod/mod_proxy_ajp.html.fr #srv/web/ipfire/manual/mod/mod_proxy_ajp.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_proxy_balancer.html #srv/web/ipfire/manual/mod/mod_proxy_balancer.html.en +#srv/web/ipfire/manual/mod/mod_proxy_balancer.html.fr #srv/web/ipfire/manual/mod/mod_proxy_balancer.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_proxy_connect.html #srv/web/ipfire/manual/mod/mod_proxy_connect.html.en +#srv/web/ipfire/manual/mod/mod_proxy_connect.html.fr #srv/web/ipfire/manual/mod/mod_proxy_connect.html.ja.utf8 +#srv/web/ipfire/manual/mod/mod_proxy_express.html +#srv/web/ipfire/manual/mod/mod_proxy_express.html.en +#srv/web/ipfire/manual/mod/mod_proxy_express.html.fr +#srv/web/ipfire/manual/mod/mod_proxy_fcgi.html +#srv/web/ipfire/manual/mod/mod_proxy_fcgi.html.en +#srv/web/ipfire/manual/mod/mod_proxy_fcgi.html.fr +#srv/web/ipfire/manual/mod/mod_proxy_fdpass.html +#srv/web/ipfire/manual/mod/mod_proxy_fdpass.html.en +#srv/web/ipfire/manual/mod/mod_proxy_fdpass.html.fr #srv/web/ipfire/manual/mod/mod_proxy_ftp.html #srv/web/ipfire/manual/mod/mod_proxy_ftp.html.en -#srv/web/ipfire/manual/mod/mod_proxy_ftp.html.ja.utf8 +#srv/web/ipfire/manual/mod/mod_proxy_ftp.html.fr +#srv/web/ipfire/manual/mod/mod_proxy_hcheck.html +#srv/web/ipfire/manual/mod/mod_proxy_hcheck.html.en +#srv/web/ipfire/manual/mod/mod_proxy_html.html +#srv/web/ipfire/manual/mod/mod_proxy_html.html.en +#srv/web/ipfire/manual/mod/mod_proxy_html.html.fr #srv/web/ipfire/manual/mod/mod_proxy_http.html #srv/web/ipfire/manual/mod/mod_proxy_http.html.en #srv/web/ipfire/manual/mod/mod_proxy_http.html.fr -#srv/web/ipfire/manual/mod/mod_proxy_http.html.ja.utf8 +#srv/web/ipfire/manual/mod/mod_proxy_http2.html +#srv/web/ipfire/manual/mod/mod_proxy_http2.html.en #srv/web/ipfire/manual/mod/mod_proxy_scgi.html #srv/web/ipfire/manual/mod/mod_proxy_scgi.html.en -#srv/web/ipfire/manual/mod/mod_proxy_scgi.html.ja.utf8 +#srv/web/ipfire/manual/mod/mod_proxy_scgi.html.fr +#srv/web/ipfire/manual/mod/mod_proxy_wstunnel.html +#srv/web/ipfire/manual/mod/mod_proxy_wstunnel.html.en +#srv/web/ipfire/manual/mod/mod_ratelimit.html +#srv/web/ipfire/manual/mod/mod_ratelimit.html.en +#srv/web/ipfire/manual/mod/mod_ratelimit.html.fr +#srv/web/ipfire/manual/mod/mod_reflector.html +#srv/web/ipfire/manual/mod/mod_reflector.html.en +#srv/web/ipfire/manual/mod/mod_reflector.html.fr +#srv/web/ipfire/manual/mod/mod_remoteip.html +#srv/web/ipfire/manual/mod/mod_remoteip.html.en +#srv/web/ipfire/manual/mod/mod_remoteip.html.fr #srv/web/ipfire/manual/mod/mod_reqtimeout.html #srv/web/ipfire/manual/mod/mod_reqtimeout.html.en +#srv/web/ipfire/manual/mod/mod_reqtimeout.html.fr +#srv/web/ipfire/manual/mod/mod_request.html +#srv/web/ipfire/manual/mod/mod_request.html.en +#srv/web/ipfire/manual/mod/mod_request.html.fr +#srv/web/ipfire/manual/mod/mod_request.html.tr.utf8 #srv/web/ipfire/manual/mod/mod_rewrite.html #srv/web/ipfire/manual/mod/mod_rewrite.html.en #srv/web/ipfire/manual/mod/mod_rewrite.html.fr +#srv/web/ipfire/manual/mod/mod_sed.html +#srv/web/ipfire/manual/mod/mod_sed.html.en +#srv/web/ipfire/manual/mod/mod_sed.html.fr +#srv/web/ipfire/manual/mod/mod_session.html +#srv/web/ipfire/manual/mod/mod_session.html.en +#srv/web/ipfire/manual/mod/mod_session.html.fr +#srv/web/ipfire/manual/mod/mod_session_cookie.html +#srv/web/ipfire/manual/mod/mod_session_cookie.html.en +#srv/web/ipfire/manual/mod/mod_session_cookie.html.fr +#srv/web/ipfire/manual/mod/mod_session_crypto.html +#srv/web/ipfire/manual/mod/mod_session_crypto.html.en +#srv/web/ipfire/manual/mod/mod_session_crypto.html.fr +#srv/web/ipfire/manual/mod/mod_session_dbd.html +#srv/web/ipfire/manual/mod/mod_session_dbd.html.en +#srv/web/ipfire/manual/mod/mod_session_dbd.html.fr #srv/web/ipfire/manual/mod/mod_setenvif.html #srv/web/ipfire/manual/mod/mod_setenvif.html.en +#srv/web/ipfire/manual/mod/mod_setenvif.html.fr #srv/web/ipfire/manual/mod/mod_setenvif.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_setenvif.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_setenvif.html.tr.utf8 +#srv/web/ipfire/manual/mod/mod_slotmem_plain.html +#srv/web/ipfire/manual/mod/mod_slotmem_plain.html.en +#srv/web/ipfire/manual/mod/mod_slotmem_plain.html.fr +#srv/web/ipfire/manual/mod/mod_slotmem_shm.html +#srv/web/ipfire/manual/mod/mod_slotmem_shm.html.en +#srv/web/ipfire/manual/mod/mod_slotmem_shm.html.fr #srv/web/ipfire/manual/mod/mod_so.html #srv/web/ipfire/manual/mod/mod_so.html.en +#srv/web/ipfire/manual/mod/mod_so.html.fr #srv/web/ipfire/manual/mod/mod_so.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_so.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_so.html.tr.utf8 +#srv/web/ipfire/manual/mod/mod_socache_dbm.html +#srv/web/ipfire/manual/mod/mod_socache_dbm.html.en +#srv/web/ipfire/manual/mod/mod_socache_dbm.html.fr +#srv/web/ipfire/manual/mod/mod_socache_dc.html +#srv/web/ipfire/manual/mod/mod_socache_dc.html.en +#srv/web/ipfire/manual/mod/mod_socache_dc.html.fr +#srv/web/ipfire/manual/mod/mod_socache_memcache.html +#srv/web/ipfire/manual/mod/mod_socache_memcache.html.en +#srv/web/ipfire/manual/mod/mod_socache_memcache.html.fr +#srv/web/ipfire/manual/mod/mod_socache_shmcb.html +#srv/web/ipfire/manual/mod/mod_socache_shmcb.html.en +#srv/web/ipfire/manual/mod/mod_socache_shmcb.html.fr #srv/web/ipfire/manual/mod/mod_speling.html #srv/web/ipfire/manual/mod/mod_speling.html.en +#srv/web/ipfire/manual/mod/mod_speling.html.fr #srv/web/ipfire/manual/mod/mod_speling.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_speling.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_ssl.html #srv/web/ipfire/manual/mod/mod_ssl.html.en +#srv/web/ipfire/manual/mod/mod_ssl.html.fr #srv/web/ipfire/manual/mod/mod_status.html #srv/web/ipfire/manual/mod/mod_status.html.en +#srv/web/ipfire/manual/mod/mod_status.html.fr #srv/web/ipfire/manual/mod/mod_status.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_status.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_status.html.tr.utf8 #srv/web/ipfire/manual/mod/mod_substitute.html #srv/web/ipfire/manual/mod/mod_substitute.html.en +#srv/web/ipfire/manual/mod/mod_substitute.html.fr #srv/web/ipfire/manual/mod/mod_suexec.html #srv/web/ipfire/manual/mod/mod_suexec.html.en #srv/web/ipfire/manual/mod/mod_suexec.html.fr @@ -822,57 +1060,77 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/mod/mod_suexec.html.tr.utf8 #srv/web/ipfire/manual/mod/mod_unique_id.html #srv/web/ipfire/manual/mod/mod_unique_id.html.en +#srv/web/ipfire/manual/mod/mod_unique_id.html.fr #srv/web/ipfire/manual/mod/mod_unique_id.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_unique_id.html.ko.euc-kr +#srv/web/ipfire/manual/mod/mod_unixd.html +#srv/web/ipfire/manual/mod/mod_unixd.html.en +#srv/web/ipfire/manual/mod/mod_unixd.html.fr +#srv/web/ipfire/manual/mod/mod_unixd.html.tr.utf8 #srv/web/ipfire/manual/mod/mod_userdir.html #srv/web/ipfire/manual/mod/mod_userdir.html.en +#srv/web/ipfire/manual/mod/mod_userdir.html.fr #srv/web/ipfire/manual/mod/mod_userdir.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_userdir.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_userdir.html.tr.utf8 #srv/web/ipfire/manual/mod/mod_usertrack.html #srv/web/ipfire/manual/mod/mod_usertrack.html.en +#srv/web/ipfire/manual/mod/mod_usertrack.html.fr #srv/web/ipfire/manual/mod/mod_version.html #srv/web/ipfire/manual/mod/mod_version.html.en #srv/web/ipfire/manual/mod/mod_version.html.ja.utf8 #srv/web/ipfire/manual/mod/mod_version.html.ko.euc-kr #srv/web/ipfire/manual/mod/mod_vhost_alias.html #srv/web/ipfire/manual/mod/mod_vhost_alias.html.en +#srv/web/ipfire/manual/mod/mod_vhost_alias.html.fr #srv/web/ipfire/manual/mod/mod_vhost_alias.html.tr.utf8 +#srv/web/ipfire/manual/mod/mod_watchdog.html +#srv/web/ipfire/manual/mod/mod_watchdog.html.en +#srv/web/ipfire/manual/mod/mod_xml2enc.html +#srv/web/ipfire/manual/mod/mod_xml2enc.html.en +#srv/web/ipfire/manual/mod/mod_xml2enc.html.fr #srv/web/ipfire/manual/mod/module-dict.html #srv/web/ipfire/manual/mod/module-dict.html.en +#srv/web/ipfire/manual/mod/module-dict.html.fr #srv/web/ipfire/manual/mod/module-dict.html.ja.utf8 #srv/web/ipfire/manual/mod/module-dict.html.ko.euc-kr #srv/web/ipfire/manual/mod/module-dict.html.tr.utf8 #srv/web/ipfire/manual/mod/mpm_common.html #srv/web/ipfire/manual/mod/mpm_common.html.de #srv/web/ipfire/manual/mod/mpm_common.html.en +#srv/web/ipfire/manual/mod/mpm_common.html.fr #srv/web/ipfire/manual/mod/mpm_common.html.ja.utf8 #srv/web/ipfire/manual/mod/mpm_common.html.tr.utf8 #srv/web/ipfire/manual/mod/mpm_netware.html #srv/web/ipfire/manual/mod/mpm_netware.html.en +#srv/web/ipfire/manual/mod/mpm_netware.html.fr #srv/web/ipfire/manual/mod/mpm_winnt.html #srv/web/ipfire/manual/mod/mpm_winnt.html.de #srv/web/ipfire/manual/mod/mpm_winnt.html.en +#srv/web/ipfire/manual/mod/mpm_winnt.html.fr #srv/web/ipfire/manual/mod/mpm_winnt.html.ja.utf8 #srv/web/ipfire/manual/mod/mpmt_os2.html #srv/web/ipfire/manual/mod/mpmt_os2.html.en +#srv/web/ipfire/manual/mod/mpmt_os2.html.fr #srv/web/ipfire/manual/mod/prefork.html #srv/web/ipfire/manual/mod/prefork.html.de #srv/web/ipfire/manual/mod/prefork.html.en +#srv/web/ipfire/manual/mod/prefork.html.fr #srv/web/ipfire/manual/mod/prefork.html.ja.utf8 #srv/web/ipfire/manual/mod/prefork.html.tr.utf8 #srv/web/ipfire/manual/mod/quickreference.html #srv/web/ipfire/manual/mod/quickreference.html.de #srv/web/ipfire/manual/mod/quickreference.html.en #srv/web/ipfire/manual/mod/quickreference.html.es +#srv/web/ipfire/manual/mod/quickreference.html.fr #srv/web/ipfire/manual/mod/quickreference.html.ja.utf8 #srv/web/ipfire/manual/mod/quickreference.html.ko.euc-kr -#srv/web/ipfire/manual/mod/quickreference.html.ru.koi8-r #srv/web/ipfire/manual/mod/quickreference.html.tr.utf8 #srv/web/ipfire/manual/mod/quickreference.html.zh-cn.utf8 #srv/web/ipfire/manual/mod/worker.html #srv/web/ipfire/manual/mod/worker.html.de #srv/web/ipfire/manual/mod/worker.html.en +#srv/web/ipfire/manual/mod/worker.html.fr #srv/web/ipfire/manual/mod/worker.html.ja.utf8 #srv/web/ipfire/manual/mod/worker.html.tr.utf8 #srv/web/ipfire/manual/mpm.html @@ -896,93 +1154,124 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/new_features_2_2.html #srv/web/ipfire/manual/new_features_2_2.html.en #srv/web/ipfire/manual/new_features_2_2.html.fr -#srv/web/ipfire/manual/new_features_2_2.html.ja.utf8 #srv/web/ipfire/manual/new_features_2_2.html.ko.euc-kr #srv/web/ipfire/manual/new_features_2_2.html.pt-br #srv/web/ipfire/manual/new_features_2_2.html.tr.utf8 +#srv/web/ipfire/manual/new_features_2_4.html +#srv/web/ipfire/manual/new_features_2_4.html.en +#srv/web/ipfire/manual/new_features_2_4.html.fr +#srv/web/ipfire/manual/new_features_2_4.html.tr.utf8 #srv/web/ipfire/manual/platform #srv/web/ipfire/manual/platform/ebcdic.html #srv/web/ipfire/manual/platform/ebcdic.html.en #srv/web/ipfire/manual/platform/ebcdic.html.ko.euc-kr #srv/web/ipfire/manual/platform/index.html #srv/web/ipfire/manual/platform/index.html.en +#srv/web/ipfire/manual/platform/index.html.fr #srv/web/ipfire/manual/platform/index.html.ko.euc-kr #srv/web/ipfire/manual/platform/index.html.zh-cn.utf8 #srv/web/ipfire/manual/platform/netware.html #srv/web/ipfire/manual/platform/netware.html.en +#srv/web/ipfire/manual/platform/netware.html.fr #srv/web/ipfire/manual/platform/netware.html.ko.euc-kr #srv/web/ipfire/manual/platform/perf-hp.html #srv/web/ipfire/manual/platform/perf-hp.html.en +#srv/web/ipfire/manual/platform/perf-hp.html.fr #srv/web/ipfire/manual/platform/perf-hp.html.ko.euc-kr +#srv/web/ipfire/manual/platform/rpm.html +#srv/web/ipfire/manual/platform/rpm.html.en #srv/web/ipfire/manual/platform/win_compiling.html #srv/web/ipfire/manual/platform/win_compiling.html.en +#srv/web/ipfire/manual/platform/win_compiling.html.fr #srv/web/ipfire/manual/platform/win_compiling.html.ko.euc-kr #srv/web/ipfire/manual/platform/windows.html #srv/web/ipfire/manual/platform/windows.html.en +#srv/web/ipfire/manual/platform/windows.html.fr #srv/web/ipfire/manual/platform/windows.html.ko.euc-kr #srv/web/ipfire/manual/programs #srv/web/ipfire/manual/programs/ab.html #srv/web/ipfire/manual/programs/ab.html.en +#srv/web/ipfire/manual/programs/ab.html.fr #srv/web/ipfire/manual/programs/ab.html.ko.euc-kr #srv/web/ipfire/manual/programs/ab.html.tr.utf8 #srv/web/ipfire/manual/programs/apachectl.html #srv/web/ipfire/manual/programs/apachectl.html.en +#srv/web/ipfire/manual/programs/apachectl.html.fr #srv/web/ipfire/manual/programs/apachectl.html.ko.euc-kr #srv/web/ipfire/manual/programs/apachectl.html.tr.utf8 #srv/web/ipfire/manual/programs/apxs.html #srv/web/ipfire/manual/programs/apxs.html.en +#srv/web/ipfire/manual/programs/apxs.html.fr #srv/web/ipfire/manual/programs/apxs.html.ko.euc-kr #srv/web/ipfire/manual/programs/apxs.html.tr.utf8 #srv/web/ipfire/manual/programs/configure.html #srv/web/ipfire/manual/programs/configure.html.en +#srv/web/ipfire/manual/programs/configure.html.fr #srv/web/ipfire/manual/programs/configure.html.ko.euc-kr #srv/web/ipfire/manual/programs/configure.html.tr.utf8 #srv/web/ipfire/manual/programs/dbmmanage.html #srv/web/ipfire/manual/programs/dbmmanage.html.en +#srv/web/ipfire/manual/programs/dbmmanage.html.fr #srv/web/ipfire/manual/programs/dbmmanage.html.ko.euc-kr #srv/web/ipfire/manual/programs/dbmmanage.html.tr.utf8 +#srv/web/ipfire/manual/programs/fcgistarter.html +#srv/web/ipfire/manual/programs/fcgistarter.html.en +#srv/web/ipfire/manual/programs/fcgistarter.html.fr +#srv/web/ipfire/manual/programs/fcgistarter.html.tr.utf8 #srv/web/ipfire/manual/programs/htcacheclean.html #srv/web/ipfire/manual/programs/htcacheclean.html.en +#srv/web/ipfire/manual/programs/htcacheclean.html.fr #srv/web/ipfire/manual/programs/htcacheclean.html.ko.euc-kr #srv/web/ipfire/manual/programs/htcacheclean.html.tr.utf8 #srv/web/ipfire/manual/programs/htdbm.html #srv/web/ipfire/manual/programs/htdbm.html.en +#srv/web/ipfire/manual/programs/htdbm.html.fr #srv/web/ipfire/manual/programs/htdbm.html.tr.utf8 #srv/web/ipfire/manual/programs/htdigest.html #srv/web/ipfire/manual/programs/htdigest.html.en +#srv/web/ipfire/manual/programs/htdigest.html.fr #srv/web/ipfire/manual/programs/htdigest.html.ko.euc-kr #srv/web/ipfire/manual/programs/htdigest.html.tr.utf8 #srv/web/ipfire/manual/programs/htpasswd.html #srv/web/ipfire/manual/programs/htpasswd.html.en +#srv/web/ipfire/manual/programs/htpasswd.html.fr #srv/web/ipfire/manual/programs/htpasswd.html.ko.euc-kr #srv/web/ipfire/manual/programs/htpasswd.html.tr.utf8 #srv/web/ipfire/manual/programs/httpd.html #srv/web/ipfire/manual/programs/httpd.html.en +#srv/web/ipfire/manual/programs/httpd.html.fr #srv/web/ipfire/manual/programs/httpd.html.ko.euc-kr #srv/web/ipfire/manual/programs/httpd.html.tr.utf8 #srv/web/ipfire/manual/programs/httxt2dbm.html #srv/web/ipfire/manual/programs/httxt2dbm.html.en +#srv/web/ipfire/manual/programs/httxt2dbm.html.fr #srv/web/ipfire/manual/programs/httxt2dbm.html.tr.utf8 #srv/web/ipfire/manual/programs/index.html #srv/web/ipfire/manual/programs/index.html.en #srv/web/ipfire/manual/programs/index.html.es -#srv/web/ipfire/manual/programs/index.html.ja.utf8 +#srv/web/ipfire/manual/programs/index.html.fr #srv/web/ipfire/manual/programs/index.html.ko.euc-kr -#srv/web/ipfire/manual/programs/index.html.ru.koi8-r #srv/web/ipfire/manual/programs/index.html.tr.utf8 #srv/web/ipfire/manual/programs/index.html.zh-cn.utf8 +#srv/web/ipfire/manual/programs/log_server_status.html +#srv/web/ipfire/manual/programs/log_server_status.html.en #srv/web/ipfire/manual/programs/logresolve.html #srv/web/ipfire/manual/programs/logresolve.html.en +#srv/web/ipfire/manual/programs/logresolve.html.fr #srv/web/ipfire/manual/programs/logresolve.html.ko.euc-kr #srv/web/ipfire/manual/programs/logresolve.html.tr.utf8 #srv/web/ipfire/manual/programs/other.html #srv/web/ipfire/manual/programs/other.html.en +#srv/web/ipfire/manual/programs/other.html.fr #srv/web/ipfire/manual/programs/other.html.ko.euc-kr #srv/web/ipfire/manual/programs/other.html.tr.utf8 #srv/web/ipfire/manual/programs/rotatelogs.html #srv/web/ipfire/manual/programs/rotatelogs.html.en +#srv/web/ipfire/manual/programs/rotatelogs.html.fr #srv/web/ipfire/manual/programs/rotatelogs.html.ko.euc-kr #srv/web/ipfire/manual/programs/rotatelogs.html.tr.utf8 +#srv/web/ipfire/manual/programs/split-logfile.html +#srv/web/ipfire/manual/programs/split-logfile.html.en #srv/web/ipfire/manual/programs/suexec.html #srv/web/ipfire/manual/programs/suexec.html.en #srv/web/ipfire/manual/programs/suexec.html.ko.euc-kr @@ -990,15 +1279,19 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/rewrite #srv/web/ipfire/manual/rewrite/access.html #srv/web/ipfire/manual/rewrite/access.html.en +#srv/web/ipfire/manual/rewrite/access.html.fr #srv/web/ipfire/manual/rewrite/advanced.html #srv/web/ipfire/manual/rewrite/advanced.html.en +#srv/web/ipfire/manual/rewrite/advanced.html.fr #srv/web/ipfire/manual/rewrite/avoid.html #srv/web/ipfire/manual/rewrite/avoid.html.en +#srv/web/ipfire/manual/rewrite/avoid.html.fr #srv/web/ipfire/manual/rewrite/flags.html #srv/web/ipfire/manual/rewrite/flags.html.en #srv/web/ipfire/manual/rewrite/flags.html.fr #srv/web/ipfire/manual/rewrite/htaccess.html #srv/web/ipfire/manual/rewrite/htaccess.html.en +#srv/web/ipfire/manual/rewrite/htaccess.html.fr #srv/web/ipfire/manual/rewrite/index.html #srv/web/ipfire/manual/rewrite/index.html.en #srv/web/ipfire/manual/rewrite/index.html.fr @@ -1009,15 +1302,19 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/rewrite/intro.html.fr #srv/web/ipfire/manual/rewrite/proxy.html #srv/web/ipfire/manual/rewrite/proxy.html.en +#srv/web/ipfire/manual/rewrite/proxy.html.fr #srv/web/ipfire/manual/rewrite/remapping.html #srv/web/ipfire/manual/rewrite/remapping.html.en +#srv/web/ipfire/manual/rewrite/remapping.html.fr #srv/web/ipfire/manual/rewrite/rewritemap.html #srv/web/ipfire/manual/rewrite/rewritemap.html.en +#srv/web/ipfire/manual/rewrite/rewritemap.html.fr #srv/web/ipfire/manual/rewrite/tech.html #srv/web/ipfire/manual/rewrite/tech.html.en #srv/web/ipfire/manual/rewrite/tech.html.fr #srv/web/ipfire/manual/rewrite/vhosts.html #srv/web/ipfire/manual/rewrite/vhosts.html.en +#srv/web/ipfire/manual/rewrite/vhosts.html.fr #srv/web/ipfire/manual/sections.html #srv/web/ipfire/manual/sections.html.en #srv/web/ipfire/manual/sections.html.fr @@ -1026,6 +1323,7 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/sections.html.tr.utf8 #srv/web/ipfire/manual/server-wide.html #srv/web/ipfire/manual/server-wide.html.en +#srv/web/ipfire/manual/server-wide.html.fr #srv/web/ipfire/manual/server-wide.html.ja.utf8 #srv/web/ipfire/manual/server-wide.html.ko.euc-kr #srv/web/ipfire/manual/server-wide.html.tr.utf8 @@ -1033,24 +1331,33 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/sitemap.html.de #srv/web/ipfire/manual/sitemap.html.en #srv/web/ipfire/manual/sitemap.html.es +#srv/web/ipfire/manual/sitemap.html.fr #srv/web/ipfire/manual/sitemap.html.ja.utf8 #srv/web/ipfire/manual/sitemap.html.ko.euc-kr #srv/web/ipfire/manual/sitemap.html.tr.utf8 #srv/web/ipfire/manual/sitemap.html.zh-cn.utf8 +#srv/web/ipfire/manual/socache.html +#srv/web/ipfire/manual/socache.html.en +#srv/web/ipfire/manual/socache.html.fr #srv/web/ipfire/manual/ssl #srv/web/ipfire/manual/ssl/index.html #srv/web/ipfire/manual/ssl/index.html.en +#srv/web/ipfire/manual/ssl/index.html.fr #srv/web/ipfire/manual/ssl/index.html.ja.utf8 #srv/web/ipfire/manual/ssl/index.html.tr.utf8 #srv/web/ipfire/manual/ssl/index.html.zh-cn.utf8 #srv/web/ipfire/manual/ssl/ssl_compat.html #srv/web/ipfire/manual/ssl/ssl_compat.html.en +#srv/web/ipfire/manual/ssl/ssl_compat.html.fr #srv/web/ipfire/manual/ssl/ssl_faq.html #srv/web/ipfire/manual/ssl/ssl_faq.html.en +#srv/web/ipfire/manual/ssl/ssl_faq.html.fr #srv/web/ipfire/manual/ssl/ssl_howto.html #srv/web/ipfire/manual/ssl/ssl_howto.html.en +#srv/web/ipfire/manual/ssl/ssl_howto.html.fr #srv/web/ipfire/manual/ssl/ssl_intro.html #srv/web/ipfire/manual/ssl/ssl_intro.html.en +#srv/web/ipfire/manual/ssl/ssl_intro.html.fr #srv/web/ipfire/manual/ssl/ssl_intro.html.ja.utf8 #srv/web/ipfire/manual/stopping.html #srv/web/ipfire/manual/stopping.html.de @@ -1093,12 +1400,11 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/suexec.html.ko.euc-kr #srv/web/ipfire/manual/suexec.html.tr.utf8 #srv/web/ipfire/manual/upgrading.html -#srv/web/ipfire/manual/upgrading.html.de #srv/web/ipfire/manual/upgrading.html.en #srv/web/ipfire/manual/upgrading.html.fr -#srv/web/ipfire/manual/upgrading.html.ja.utf8 #srv/web/ipfire/manual/urlmapping.html #srv/web/ipfire/manual/urlmapping.html.en +#srv/web/ipfire/manual/urlmapping.html.fr #srv/web/ipfire/manual/urlmapping.html.ja.utf8 #srv/web/ipfire/manual/urlmapping.html.ko.euc-kr #srv/web/ipfire/manual/urlmapping.html.tr.utf8 @@ -1126,7 +1432,6 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/vhosts/index.html.fr #srv/web/ipfire/manual/vhosts/index.html.ja.utf8 #srv/web/ipfire/manual/vhosts/index.html.ko.euc-kr -#srv/web/ipfire/manual/vhosts/index.html.ru.koi8-r #srv/web/ipfire/manual/vhosts/index.html.tr.utf8 #srv/web/ipfire/manual/vhosts/index.html.zh-cn.utf8 #srv/web/ipfire/manual/vhosts/ip-based.html @@ -1137,6 +1442,7 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/vhosts/ip-based.html.tr.utf8 #srv/web/ipfire/manual/vhosts/mass.html #srv/web/ipfire/manual/vhosts/mass.html.en +#srv/web/ipfire/manual/vhosts/mass.html.fr #srv/web/ipfire/manual/vhosts/mass.html.ko.euc-kr #srv/web/ipfire/manual/vhosts/mass.html.tr.utf8 #srv/web/ipfire/manual/vhosts/name-based.html @@ -1146,13 +1452,21 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #srv/web/ipfire/manual/vhosts/name-based.html.ja.utf8 #srv/web/ipfire/manual/vhosts/name-based.html.ko.euc-kr #srv/web/ipfire/manual/vhosts/name-based.html.tr.utf8 -#usr/bin/apr-1-config -#usr/bin/apu-1-config +#usr/bin/ab +#usr/bin/apxs +#usr/bin/dbmmanage +#usr/bin/htdbm +#usr/bin/htdigest +usr/bin/htpasswd +#usr/bin/httxt2dbm +#usr/bin/logresolve #usr/include/apache #usr/include/apache/ap_compat.h #usr/include/apache/ap_config.h #usr/include/apache/ap_config_auto.h #usr/include/apache/ap_config_layout.h +#usr/include/apache/ap_expr.h +#usr/include/apache/ap_hooks.h #usr/include/apache/ap_listen.h #usr/include/apache/ap_mmn.h #usr/include/apache/ap_mpm.h @@ -1160,77 +1474,11 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #usr/include/apache/ap_regex.h #usr/include/apache/ap_regkey.h #usr/include/apache/ap_release.h -#usr/include/apache/apr.h -#usr/include/apache/apr_allocator.h -#usr/include/apache/apr_anylock.h -#usr/include/apache/apr_atomic.h -#usr/include/apache/apr_base64.h -#usr/include/apache/apr_buckets.h -#usr/include/apache/apr_crypto.h -#usr/include/apache/apr_date.h -#usr/include/apache/apr_dbd.h -#usr/include/apache/apr_dbm.h -#usr/include/apache/apr_dso.h -#usr/include/apache/apr_env.h -#usr/include/apache/apr_errno.h -#usr/include/apache/apr_escape.h -#usr/include/apache/apr_file_info.h -#usr/include/apache/apr_file_io.h -#usr/include/apache/apr_fnmatch.h -#usr/include/apache/apr_general.h -#usr/include/apache/apr_getopt.h -#usr/include/apache/apr_global_mutex.h -#usr/include/apache/apr_hash.h -#usr/include/apache/apr_hooks.h -#usr/include/apache/apr_inherit.h -#usr/include/apache/apr_ldap.h -#usr/include/apache/apr_ldap_init.h -#usr/include/apache/apr_ldap_option.h -#usr/include/apache/apr_ldap_rebind.h -#usr/include/apache/apr_ldap_url.h -#usr/include/apache/apr_lib.h -#usr/include/apache/apr_md4.h -#usr/include/apache/apr_md5.h -#usr/include/apache/apr_memcache.h -#usr/include/apache/apr_mmap.h -#usr/include/apache/apr_network_io.h -#usr/include/apache/apr_optional.h -#usr/include/apache/apr_optional_hooks.h -#usr/include/apache/apr_poll.h -#usr/include/apache/apr_pools.h -#usr/include/apache/apr_portable.h -#usr/include/apache/apr_proc_mutex.h -#usr/include/apache/apr_queue.h -#usr/include/apache/apr_random.h -#usr/include/apache/apr_reslist.h -#usr/include/apache/apr_ring.h -#usr/include/apache/apr_rmm.h -#usr/include/apache/apr_sdbm.h -#usr/include/apache/apr_sha1.h -#usr/include/apache/apr_shm.h -#usr/include/apache/apr_signal.h -#usr/include/apache/apr_skiplist.h -#usr/include/apache/apr_strings.h -#usr/include/apache/apr_strmatch.h -#usr/include/apache/apr_support.h -#usr/include/apache/apr_tables.h -#usr/include/apache/apr_thread_cond.h -#usr/include/apache/apr_thread_mutex.h -#usr/include/apache/apr_thread_pool.h -#usr/include/apache/apr_thread_proc.h -#usr/include/apache/apr_thread_rwlock.h -#usr/include/apache/apr_time.h -#usr/include/apache/apr_uri.h -#usr/include/apache/apr_user.h -#usr/include/apache/apr_uuid.h -#usr/include/apache/apr_version.h -#usr/include/apache/apr_want.h -#usr/include/apache/apr_xlate.h -#usr/include/apache/apr_xml.h -#usr/include/apache/apu.h -#usr/include/apache/apu_errno.h -#usr/include/apache/apu_version.h -#usr/include/apache/apu_want.h +#usr/include/apache/ap_slotmem.h +#usr/include/apache/ap_socache.h +#usr/include/apache/apache_noprobes.h +#usr/include/apache/cache_common.h +#usr/include/apache/heartbeat.h #usr/include/apache/http_config.h #usr/include/apache/http_connection.h #usr/include/apache/http_core.h @@ -1241,6 +1489,7 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #usr/include/apache/http_vhost.h #usr/include/apache/httpd.h #usr/include/apache/mod_auth.h +#usr/include/apache/mod_cache.h #usr/include/apache/mod_cgi.h #usr/include/apache/mod_core.h #usr/include/apache/mod_dav.h @@ -1248,77 +1497,102 @@ etc/httpd/conf/vhosts.d/ipfire-interface.conf #usr/include/apache/mod_include.h #usr/include/apache/mod_log_config.h #usr/include/apache/mod_proxy.h +#usr/include/apache/mod_request.h #usr/include/apache/mod_rewrite.h +#usr/include/apache/mod_session.h +#usr/include/apache/mod_so.h #usr/include/apache/mod_ssl.h +#usr/include/apache/mod_ssl_openssl.h #usr/include/apache/mod_status.h -#usr/include/apache/mpm.h +#usr/include/apache/mod_unixd.h +#usr/include/apache/mod_watchdog.h +#usr/include/apache/mod_xml2enc.h #usr/include/apache/mpm_common.h -#usr/include/apache/mpm_default.h #usr/include/apache/os.h #usr/include/apache/scoreboard.h #usr/include/apache/unixd.h #usr/include/apache/util_cfgtree.h #usr/include/apache/util_charset.h +#usr/include/apache/util_cookies.h #usr/include/apache/util_ebcdic.h +#usr/include/apache/util_fcgi.h #usr/include/apache/util_filter.h #usr/include/apache/util_ldap.h #usr/include/apache/util_md5.h +#usr/include/apache/util_mutex.h #usr/include/apache/util_script.h #usr/include/apache/util_time.h +#usr/include/apache/util_varbuf.h #usr/include/apache/util_xml.h #usr/lib/apache #usr/lib/apache/build -#usr/lib/apache/build/apr_rules.mk #usr/lib/apache/build/config.nice #usr/lib/apache/build/config_vars.mk #usr/lib/apache/build/instdso.sh #usr/lib/apache/build/library.mk -#usr/lib/apache/build/libtool #usr/lib/apache/build/ltlib.mk -#usr/lib/apache/build/make_exports.awk -#usr/lib/apache/build/make_var_export.awk #usr/lib/apache/build/mkdir.sh #usr/lib/apache/build/program.mk #usr/lib/apache/build/rules.mk #usr/lib/apache/build/special.mk #usr/lib/apache/httpd.exp +#usr/lib/apache/mod_access_compat.so usr/lib/apache/mod_actions.so usr/lib/apache/mod_alias.so +usr/lib/apache/mod_allowmethods.so usr/lib/apache/mod_asis.so usr/lib/apache/mod_auth_basic.so usr/lib/apache/mod_auth_digest.so +usr/lib/apache/mod_auth_form.so usr/lib/apache/mod_authn_anon.so +usr/lib/apache/mod_authn_core.so usr/lib/apache/mod_authn_dbd.so usr/lib/apache/mod_authn_dbm.so -usr/lib/apache/mod_authn_default.so usr/lib/apache/mod_authn_file.so +usr/lib/apache/mod_authn_socache.so +usr/lib/apache/mod_authz_core.so +usr/lib/apache/mod_authz_dbd.so usr/lib/apache/mod_authz_dbm.so -usr/lib/apache/mod_authz_default.so usr/lib/apache/mod_authz_groupfile.so usr/lib/apache/mod_authz_host.so usr/lib/apache/mod_authz_owner.so usr/lib/apache/mod_authz_user.so usr/lib/apache/mod_autoindex.so -usr/lib/apache/mod_cern_meta.so -usr/lib/apache/mod_cgi.so +usr/lib/apache/mod_buffer.so +usr/lib/apache/mod_cache.so +usr/lib/apache/mod_cache_disk.so +usr/lib/apache/mod_cache_socache.so +usr/lib/apache/mod_cgid.so +usr/lib/apache/mod_charset_lite.so +usr/lib/apache/mod_data.so usr/lib/apache/mod_dav.so usr/lib/apache/mod_dav_fs.so +usr/lib/apache/mod_dav_lock.so usr/lib/apache/mod_dbd.so usr/lib/apache/mod_deflate.so +usr/lib/apache/mod_dialup.so usr/lib/apache/mod_dir.so usr/lib/apache/mod_dumpio.so +usr/lib/apache/mod_echo.so usr/lib/apache/mod_env.so usr/lib/apache/mod_expires.so usr/lib/apache/mod_ext_filter.so +usr/lib/apache/mod_file_cache.so usr/lib/apache/mod_filter.so usr/lib/apache/mod_headers.so -usr/lib/apache/mod_ident.so -usr/lib/apache/mod_imagemap.so +usr/lib/apache/mod_heartbeat.so +usr/lib/apache/mod_heartmonitor.so usr/lib/apache/mod_include.so usr/lib/apache/mod_info.so +usr/lib/apache/mod_lbmethod_bybusyness.so +usr/lib/apache/mod_lbmethod_byrequests.so +usr/lib/apache/mod_lbmethod_bytraffic.so +usr/lib/apache/mod_lbmethod_heartbeat.so usr/lib/apache/mod_log_config.so +usr/lib/apache/mod_log_debug.so usr/lib/apache/mod_log_forensic.so usr/lib/apache/mod_logio.so +usr/lib/apache/mod_macro.so usr/lib/apache/mod_mime.so usr/lib/apache/mod_mime_magic.so usr/lib/apache/mod_negotiation.so @@ -1326,66 +1600,65 @@ usr/lib/apache/mod_proxy.so usr/lib/apache/mod_proxy_ajp.so usr/lib/apache/mod_proxy_balancer.so usr/lib/apache/mod_proxy_connect.so +usr/lib/apache/mod_proxy_express.so +usr/lib/apache/mod_proxy_fcgi.so +usr/lib/apache/mod_proxy_fdpass.so usr/lib/apache/mod_proxy_ftp.so +usr/lib/apache/mod_proxy_hcheck.so +usr/lib/apache/mod_proxy_html.so usr/lib/apache/mod_proxy_http.so usr/lib/apache/mod_proxy_scgi.so +usr/lib/apache/mod_proxy_wstunnel.so +usr/lib/apache/mod_ratelimit.so +usr/lib/apache/mod_reflector.so +usr/lib/apache/mod_remoteip.so usr/lib/apache/mod_reqtimeout.so +usr/lib/apache/mod_request.so usr/lib/apache/mod_rewrite.so +usr/lib/apache/mod_sed.so +usr/lib/apache/mod_session.so +usr/lib/apache/mod_session_cookie.so +usr/lib/apache/mod_session_crypto.so +usr/lib/apache/mod_session_dbd.so usr/lib/apache/mod_setenvif.so +usr/lib/apache/mod_slotmem_plain.so +usr/lib/apache/mod_slotmem_shm.so +usr/lib/apache/mod_socache_dbm.so +usr/lib/apache/mod_socache_memcache.so +usr/lib/apache/mod_socache_shmcb.so usr/lib/apache/mod_speling.so usr/lib/apache/mod_ssl.so usr/lib/apache/mod_status.so usr/lib/apache/mod_substitute.so usr/lib/apache/mod_unique_id.so +usr/lib/apache/mod_unixd.so usr/lib/apache/mod_userdir.so usr/lib/apache/mod_usertrack.so usr/lib/apache/mod_version.so usr/lib/apache/mod_vhost_alias.so -#usr/lib/apr-util-1 -usr/lib/apr-util-1/apr_dbd_sqlite3-1.so -#usr/lib/apr-util-1/apr_dbd_sqlite3.a -#usr/lib/apr-util-1/apr_dbd_sqlite3.la -usr/lib/apr-util-1/apr_dbd_sqlite3.so -#usr/lib/apr.exp -#usr/lib/aprutil.exp -#usr/lib/libapr-1.a -#usr/lib/libapr-1.la -usr/lib/libapr-1.so -usr/lib/libapr-1.so.0 -usr/lib/libapr-1.so.0.5.1 -#usr/lib/libaprutil-1.a -#usr/lib/libaprutil-1.la -usr/lib/libaprutil-1.so -usr/lib/libaprutil-1.so.0 -usr/lib/libaprutil-1.so.0.5.3 -#usr/lib/pkgconfig/apr-1.pc -#usr/lib/pkgconfig/apr-util-1.pc +usr/lib/apache/mod_watchdog.so +usr/lib/apache/mod_xml2enc.so #usr/sbin/ab usr/sbin/apachectl -#usr/sbin/apxs #usr/sbin/checkgid -#usr/sbin/dbmmanage #usr/sbin/envvars #usr/sbin/envvars-std +usr/sbin/fcgistarter #usr/sbin/htcacheclean -#usr/sbin/htdbm -#usr/sbin/htdigest -usr/sbin/htpasswd usr/sbin/httpd -#usr/sbin/httxt2dbm -#usr/sbin/logresolve #usr/sbin/rotatelogs +#usr/share/man/man1/ab.1 +#usr/share/man/man1/apxs.1 #usr/share/man/man1/dbmmanage.1 #usr/share/man/man1/htdbm.1 #usr/share/man/man1/htdigest.1 #usr/share/man/man1/htpasswd.1 #usr/share/man/man1/httxt2dbm.1 -#usr/share/man/man8/ab.8 +#usr/share/man/man1/logresolve.1 #usr/share/man/man8/apachectl.8 -#usr/share/man/man8/apxs.8 +#usr/share/man/man8/fcgistarter.8 #usr/share/man/man8/htcacheclean.8 #usr/share/man/man8/httpd.8 -#usr/share/man/man8/logresolve.8 #usr/share/man/man8/rotatelogs.8 #usr/share/man/man8/suexec.8 var/log/httpd diff --git a/config/rootfiles/common/apr b/config/rootfiles/common/apr new file mode 100644 index 000000000..c71ee01cc --- /dev/null +++ b/config/rootfiles/common/apr @@ -0,0 +1,57 @@ +usr/bin/apr-1-config +#usr/include/apr-1 +#usr/include/apr-1/apr.h +#usr/include/apr-1/apr_allocator.h +#usr/include/apr-1/apr_atomic.h +#usr/include/apr-1/apr_cstr.h +#usr/include/apr-1/apr_dso.h +#usr/include/apr-1/apr_env.h +#usr/include/apr-1/apr_errno.h +#usr/include/apr-1/apr_escape.h +#usr/include/apr-1/apr_file_info.h +#usr/include/apr-1/apr_file_io.h +#usr/include/apr-1/apr_fnmatch.h +#usr/include/apr-1/apr_general.h +#usr/include/apr-1/apr_getopt.h +#usr/include/apr-1/apr_global_mutex.h +#usr/include/apr-1/apr_hash.h +#usr/include/apr-1/apr_inherit.h +#usr/include/apr-1/apr_lib.h +#usr/include/apr-1/apr_mmap.h +#usr/include/apr-1/apr_network_io.h +#usr/include/apr-1/apr_perms_set.h +#usr/include/apr-1/apr_poll.h +#usr/include/apr-1/apr_pools.h +#usr/include/apr-1/apr_portable.h +#usr/include/apr-1/apr_proc_mutex.h +#usr/include/apr-1/apr_random.h +#usr/include/apr-1/apr_ring.h +#usr/include/apr-1/apr_shm.h +#usr/include/apr-1/apr_signal.h +#usr/include/apr-1/apr_skiplist.h +#usr/include/apr-1/apr_strings.h +#usr/include/apr-1/apr_support.h +#usr/include/apr-1/apr_tables.h +#usr/include/apr-1/apr_thread_cond.h +#usr/include/apr-1/apr_thread_mutex.h +#usr/include/apr-1/apr_thread_proc.h +#usr/include/apr-1/apr_thread_rwlock.h +#usr/include/apr-1/apr_time.h +#usr/include/apr-1/apr_user.h +#usr/include/apr-1/apr_version.h +#usr/include/apr-1/apr_want.h +#usr/lib/apr.exp +#usr/lib/libapr-1.la +#usr/lib/libapr-1.so +usr/lib/libapr-1.so.0 +usr/lib/libapr-1.so.0.6.2 +#usr/lib/pkgconfig/apr-1.pc +#usr/share/apr-1 +#usr/share/apr-1/build +#usr/share/apr-1/build/apr_common.m4 +#usr/share/apr-1/build/apr_rules.mk +#usr/share/apr-1/build/find_apr.m4 +#usr/share/apr-1/build/libtool +#usr/share/apr-1/build/make_exports.awk +#usr/share/apr-1/build/make_var_export.awk +#usr/share/apr-1/build/mkdir.sh diff --git a/config/rootfiles/common/aprutil b/config/rootfiles/common/aprutil new file mode 100644 index 000000000..e9cf3e0da --- /dev/null +++ b/config/rootfiles/common/aprutil @@ -0,0 +1,47 @@ +usr/bin/apu-1-config +#usr/include/apr-1/apr_anylock.h +#usr/include/apr-1/apr_base64.h +#usr/include/apr-1/apr_buckets.h +#usr/include/apr-1/apr_crypto.h +#usr/include/apr-1/apr_date.h +#usr/include/apr-1/apr_dbd.h +#usr/include/apr-1/apr_dbm.h +#usr/include/apr-1/apr_hooks.h +#usr/include/apr-1/apr_ldap.h +#usr/include/apr-1/apr_ldap_init.h +#usr/include/apr-1/apr_ldap_option.h +#usr/include/apr-1/apr_ldap_rebind.h +#usr/include/apr-1/apr_ldap_url.h +#usr/include/apr-1/apr_md4.h +#usr/include/apr-1/apr_md5.h +#usr/include/apr-1/apr_memcache.h +#usr/include/apr-1/apr_optional.h +#usr/include/apr-1/apr_optional_hooks.h +#usr/include/apr-1/apr_queue.h +#usr/include/apr-1/apr_redis.h +#usr/include/apr-1/apr_reslist.h +#usr/include/apr-1/apr_rmm.h +#usr/include/apr-1/apr_sdbm.h +#usr/include/apr-1/apr_sha1.h +#usr/include/apr-1/apr_siphash.h +#usr/include/apr-1/apr_strmatch.h +#usr/include/apr-1/apr_thread_pool.h +#usr/include/apr-1/apr_uri.h +#usr/include/apr-1/apr_uuid.h +#usr/include/apr-1/apr_xlate.h +#usr/include/apr-1/apr_xml.h +#usr/include/apr-1/apu.h +#usr/include/apr-1/apu_errno.h +#usr/include/apr-1/apu_version.h +#usr/include/apr-1/apu_want.h +#usr/include/apr-1/expat.h +#usr/lib/apr-util-1 +usr/lib/apr-util-1/apr_crypto_openssl-1.so +#usr/lib/apr-util-1/apr_crypto_openssl.la +usr/lib/apr-util-1/apr_crypto_openssl.so +#usr/lib/aprutil.exp +#usr/lib/libaprutil-1.la +#usr/lib/libaprutil-1.so +usr/lib/libaprutil-1.so.0 +usr/lib/libaprutil-1.so.0.6.0 +#usr/lib/pkgconfig/apr-util-1.pc diff --git a/config/rootfiles/common/gnutls b/config/rootfiles/common/gnutls index 13d97c6bd..8231c7588 100644 --- a/config/rootfiles/common/gnutls +++ b/config/rootfiles/common/gnutls @@ -33,7 +33,7 @@ usr/lib/libgnutls-dane.so.0.4.1 #usr/lib/libgnutls.la #usr/lib/libgnutls.so usr/lib/libgnutls.so.30 -usr/lib/libgnutls.so.30.14.6 +usr/lib/libgnutls.so.30.14.7 #usr/lib/libgnutlsxx.la #usr/lib/libgnutlsxx.so usr/lib/libgnutlsxx.so.28 diff --git a/config/rootfiles/common/php b/config/rootfiles/common/php index 23031e96b..fa073de9d 100644 --- a/config/rootfiles/common/php +++ b/config/rootfiles/common/php @@ -522,9 +522,9 @@ usr/lib/php/XML/Util.php usr/lib/php/doc/XML_Util/examples/example.php usr/lib/php/doc/XML_Util/examples/example2.php #usr/lib/php/extensions -#usr/lib/php/extensions/no-debug-non-zts-20090626 -usr/lib/php/extensions/no-debug-non-zts-20090626/dba.so -usr/lib/php/extensions/no-debug-non-zts-20090626/idn.so +#usr/lib/php/extensions/no-debug-zts-20090626 +usr/lib/php/extensions/no-debug-zts-20090626/dba.so +usr/lib/php/extensions/no-debug-zts-20090626/idn.so #usr/lib/php/pearcmd.php #usr/lib/php/peclcmd.php #usr/lib/php/test @@ -557,4 +557,3 @@ usr/lib/php/extensions/no-debug-non-zts-20090626/idn.so #usr/man/man1/php-config.1 #usr/man/man1/php.1 #usr/man/man1/phpize.1 -etc/httpd/conf/conf.d/php5.conf diff --git a/config/rootfiles/common/strongswan b/config/rootfiles/common/strongswan index fbc57866a..21a665538 100644 --- a/config/rootfiles/common/strongswan +++ b/config/rootfiles/common/strongswan @@ -71,6 +71,7 @@ etc/strongswan.d/starter.conf etc/strongswan.d/swanctl.conf #etc/swanctl etc/swanctl/bliss +etc/swanctl/conf.d etc/swanctl/ecdsa etc/swanctl/pkcs12 etc/swanctl/pkcs8 diff --git a/config/rootfiles/common/unbound b/config/rootfiles/common/unbound index 5d33140c8..6d153f265 100644 --- a/config/rootfiles/common/unbound +++ b/config/rootfiles/common/unbound @@ -11,7 +11,7 @@ etc/unbound/unbound.conf #usr/lib/libunbound.la #usr/lib/libunbound.so usr/lib/libunbound.so.2 -usr/lib/libunbound.so.2.5.3 +usr/lib/libunbound.so.2.5.5 usr/sbin/unbound usr/sbin/unbound-anchor usr/sbin/unbound-checkconf diff --git a/config/rootfiles/core/113/exclude b/config/rootfiles/core/114/exclude similarity index 100% rename from config/rootfiles/core/113/exclude rename to config/rootfiles/core/114/exclude diff --git a/config/rootfiles/core/114/filelists/apache2 b/config/rootfiles/core/114/filelists/apache2 new file mode 120000 index 000000000..eef95efa7 --- /dev/null +++ b/config/rootfiles/core/114/filelists/apache2 @@ -0,0 +1 @@ +../../../common/apache2 \ No newline at end of file diff --git a/config/rootfiles/core/114/filelists/apr b/config/rootfiles/core/114/filelists/apr new file mode 120000 index 000000000..87dd1974f --- /dev/null +++ b/config/rootfiles/core/114/filelists/apr @@ -0,0 +1 @@ +../../../common/apr \ No newline at end of file diff --git a/config/rootfiles/core/114/filelists/aprutil b/config/rootfiles/core/114/filelists/aprutil new file mode 120000 index 000000000..999f9f84b --- /dev/null +++ b/config/rootfiles/core/114/filelists/aprutil @@ -0,0 +1 @@ +../../../common/aprutil \ No newline at end of file diff --git a/config/rootfiles/core/114/filelists/files b/config/rootfiles/core/114/filelists/files new file mode 100644 index 000000000..ca8087f3e --- /dev/null +++ b/config/rootfiles/core/114/filelists/files @@ -0,0 +1,4 @@ +etc/system-release +etc/issue +etc/rc.d/init.d/unbound +var/ipfire/langs diff --git a/config/rootfiles/core/113/filelists/gnutls b/config/rootfiles/core/114/filelists/gnutls similarity index 100% rename from config/rootfiles/core/113/filelists/gnutls rename to config/rootfiles/core/114/filelists/gnutls diff --git a/config/rootfiles/core/114/filelists/hdparm b/config/rootfiles/core/114/filelists/hdparm new file mode 120000 index 000000000..b6447518a --- /dev/null +++ b/config/rootfiles/core/114/filelists/hdparm @@ -0,0 +1 @@ +../../../common/hdparm \ No newline at end of file diff --git a/config/rootfiles/core/113/filelists/i586/strongswan-padlock b/config/rootfiles/core/114/filelists/i586/strongswan-padlock similarity index 100% rename from config/rootfiles/core/113/filelists/i586/strongswan-padlock rename to config/rootfiles/core/114/filelists/i586/strongswan-padlock diff --git a/config/rootfiles/core/113/filelists/squid b/config/rootfiles/core/114/filelists/squid similarity index 100% rename from config/rootfiles/core/113/filelists/squid rename to config/rootfiles/core/114/filelists/squid diff --git a/config/rootfiles/core/113/filelists/strongswan b/config/rootfiles/core/114/filelists/strongswan similarity index 100% rename from config/rootfiles/core/113/filelists/strongswan rename to config/rootfiles/core/114/filelists/strongswan diff --git a/config/rootfiles/core/113/filelists/unbound b/config/rootfiles/core/114/filelists/unbound similarity index 100% rename from config/rootfiles/core/113/filelists/unbound rename to config/rootfiles/core/114/filelists/unbound diff --git a/config/rootfiles/core/113/meta b/config/rootfiles/core/114/meta similarity index 100% rename from config/rootfiles/core/113/meta rename to config/rootfiles/core/114/meta diff --git a/config/rootfiles/core/114/update.sh b/config/rootfiles/core/114/update.sh new file mode 100644 index 000000000..ac59cc9c6 --- /dev/null +++ b/config/rootfiles/core/114/update.sh @@ -0,0 +1,108 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 3 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2017 IPFire-Team . # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +/usr/local/bin/backupctrl exclude >/dev/null 2>&1 + +core=114 + +# Remove old core updates from pakfire cache to save space... +for (( i=1; i<=$core; i++ )); do + rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire +done + +# Stop services +ipsec stop +/etc/init.d/squid stop +/etc/init.d/unbound stop +/etc/init.d/apache stop + +# Remove old apache configuration files of add-ons +# These will be reinstalled by the updated packages +# as soon as the core update is finished. +rm -f \ + /etc/httpd/conf/vhosts.d/cacti.conf \ + /etc/httpd/conf/vhosts.d/icinga.conf \ + /etc/httpd/conf/vhosts.d/nagios.conf \ + /etc/httpd/conf/vhosts.d/openmailadmin.conf \ + /etc/httpd/conf/vhosts.d/owncloud.conf \ + /etc/httpd/conf/vhosts.d/phpSANE.conf + +# Extract files +extract_files + +# update linker config +ldconfig + +# Remove some files +rm -f /usr/sbin/htpasswd + +# Update Language cache +/usr/local/bin/update-lang-cache + +# Start services +/etc/init.d/unbound start +/etc/init.d/apache start +/etc/init.d/squid start + +if grep -q "ENABLED=on" /var/ipfire/vpn/settings; then + ipsec start +fi + +# +# After pakfire has ended run it again and update all addons +# this is needed for apache update. +# +echo '#!/bin/bash' > /tmp/pak_update +echo 'while [ "$(ps -A | grep " update.sh")" != "" ]; do' >> /tmp/pak_update +echo ' sleep 1' >> /tmp/pak_update +echo 'done' >> /tmp/pak_update +echo 'while [ "$(ps -A | grep " pakfire")" != "" ]; do' >> /tmp/pak_update +echo ' sleep 1' >> /tmp/pak_update +echo 'done' >> /tmp/pak_update +echo '/opt/pakfire/pakfire update -y --force' >> /tmp/pak_update +echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update +echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update +echo '/opt/pakfire/pakfire upgrade -y' >> /tmp/pak_update +echo 'touch /var/run/need_reboot ' >> /tmp/pak_update +# +killall -KILL pak_update +chmod +x /tmp/pak_update +/tmp/pak_update & + +# This update need a reboot... +touch /var/run/need_reboot + +# Finish +/etc/init.d/fireinfo start +sendprofile + +# Update grub config to display new core version +if [ -e /boot/grub/grub.cfg ]; then + grub-mkconfig -o /boot/grub/grub.cfg +fi + +sync + +# Don't report the exitcode last command +exit 0 diff --git a/config/rootfiles/oldcore/113/exclude b/config/rootfiles/oldcore/113/exclude new file mode 100644 index 000000000..d6fd053b6 --- /dev/null +++ b/config/rootfiles/oldcore/113/exclude @@ -0,0 +1,30 @@ +boot/config.txt +boot/grub/grub.cfg +boot/grub/grubenv +etc/alternatives +etc/collectd.custom +etc/default/grub +etc/ipsec.conf +etc/ipsec.secrets +etc/ipsec.user.conf +etc/ipsec.user.secrets +etc/localtime +etc/shadow +etc/snort/snort.conf +etc/ssh/ssh_config +etc/ssh/sshd_config +etc/ssl/openssl.cnf +etc/sudoers +etc/sysconfig/firewall.local +etc/sysconfig/rc.local +etc/udev/rules.d/30-persistent-network.rules +srv/web/ipfire/html/proxy.pac +var/ipfire/dma +var/ipfire/time +var/ipfire/ovpn +var/lib/alternatives +var/log/cache +var/log/dhcpcd.log +var/log/messages +var/state/dhcp/dhcpd.leases +var/updatecache diff --git a/config/rootfiles/core/113/filelists/armv5tel/util-linux b/config/rootfiles/oldcore/113/filelists/armv5tel/util-linux similarity index 100% rename from config/rootfiles/core/113/filelists/armv5tel/util-linux rename to config/rootfiles/oldcore/113/filelists/armv5tel/util-linux diff --git a/config/rootfiles/core/113/filelists/files b/config/rootfiles/oldcore/113/filelists/files similarity index 100% rename from config/rootfiles/core/113/filelists/files rename to config/rootfiles/oldcore/113/filelists/files diff --git a/config/rootfiles/oldcore/113/filelists/gnutls b/config/rootfiles/oldcore/113/filelists/gnutls new file mode 120000 index 000000000..8dbe60bc3 --- /dev/null +++ b/config/rootfiles/oldcore/113/filelists/gnutls @@ -0,0 +1 @@ +../../../common/gnutls \ No newline at end of file diff --git a/config/rootfiles/core/113/filelists/grep b/config/rootfiles/oldcore/113/filelists/grep similarity index 100% rename from config/rootfiles/core/113/filelists/grep rename to config/rootfiles/oldcore/113/filelists/grep diff --git a/config/rootfiles/core/113/filelists/i586/openssl-sse2 b/config/rootfiles/oldcore/113/filelists/i586/openssl-sse2 similarity index 100% rename from config/rootfiles/core/113/filelists/i586/openssl-sse2 rename to config/rootfiles/oldcore/113/filelists/i586/openssl-sse2 diff --git a/config/rootfiles/oldcore/113/filelists/i586/strongswan-padlock b/config/rootfiles/oldcore/113/filelists/i586/strongswan-padlock new file mode 120000 index 000000000..2412824fb --- /dev/null +++ b/config/rootfiles/oldcore/113/filelists/i586/strongswan-padlock @@ -0,0 +1 @@ +../../../../common/i586/strongswan-padlock \ No newline at end of file diff --git a/config/rootfiles/core/113/filelists/i586/util-linux b/config/rootfiles/oldcore/113/filelists/i586/util-linux similarity index 100% rename from config/rootfiles/core/113/filelists/i586/util-linux rename to config/rootfiles/oldcore/113/filelists/i586/util-linux diff --git a/config/rootfiles/core/113/filelists/libgcrypt b/config/rootfiles/oldcore/113/filelists/libgcrypt similarity index 100% rename from config/rootfiles/core/113/filelists/libgcrypt rename to config/rootfiles/oldcore/113/filelists/libgcrypt diff --git a/config/rootfiles/core/113/filelists/logrotate b/config/rootfiles/oldcore/113/filelists/logrotate similarity index 100% rename from config/rootfiles/core/113/filelists/logrotate rename to config/rootfiles/oldcore/113/filelists/logrotate diff --git a/config/rootfiles/core/113/filelists/mdadm b/config/rootfiles/oldcore/113/filelists/mdadm similarity index 100% rename from config/rootfiles/core/113/filelists/mdadm rename to config/rootfiles/oldcore/113/filelists/mdadm diff --git a/config/rootfiles/core/113/filelists/openssl b/config/rootfiles/oldcore/113/filelists/openssl similarity index 100% rename from config/rootfiles/core/113/filelists/openssl rename to config/rootfiles/oldcore/113/filelists/openssl diff --git a/config/rootfiles/core/113/filelists/openvpn b/config/rootfiles/oldcore/113/filelists/openvpn similarity index 100% rename from config/rootfiles/core/113/filelists/openvpn rename to config/rootfiles/oldcore/113/filelists/openvpn diff --git a/config/rootfiles/core/113/filelists/pcre b/config/rootfiles/oldcore/113/filelists/pcre similarity index 100% rename from config/rootfiles/core/113/filelists/pcre rename to config/rootfiles/oldcore/113/filelists/pcre diff --git a/config/rootfiles/oldcore/113/filelists/squid b/config/rootfiles/oldcore/113/filelists/squid new file mode 120000 index 000000000..2dc8372a0 --- /dev/null +++ b/config/rootfiles/oldcore/113/filelists/squid @@ -0,0 +1 @@ +../../../common/squid \ No newline at end of file diff --git a/config/rootfiles/oldcore/113/filelists/strongswan b/config/rootfiles/oldcore/113/filelists/strongswan new file mode 120000 index 000000000..90c727e26 --- /dev/null +++ b/config/rootfiles/oldcore/113/filelists/strongswan @@ -0,0 +1 @@ +../../../common/strongswan \ No newline at end of file diff --git a/config/rootfiles/oldcore/113/filelists/unbound b/config/rootfiles/oldcore/113/filelists/unbound new file mode 120000 index 000000000..66adf0924 --- /dev/null +++ b/config/rootfiles/oldcore/113/filelists/unbound @@ -0,0 +1 @@ +../../../common/unbound \ No newline at end of file diff --git a/config/rootfiles/core/113/filelists/x86_64/util-linux b/config/rootfiles/oldcore/113/filelists/x86_64/util-linux similarity index 100% rename from config/rootfiles/core/113/filelists/x86_64/util-linux rename to config/rootfiles/oldcore/113/filelists/x86_64/util-linux diff --git a/config/rootfiles/oldcore/113/meta b/config/rootfiles/oldcore/113/meta new file mode 100644 index 000000000..d547fa86f --- /dev/null +++ b/config/rootfiles/oldcore/113/meta @@ -0,0 +1 @@ +DEPS="" diff --git a/config/rootfiles/core/113/update.sh b/config/rootfiles/oldcore/113/update.sh similarity index 100% rename from config/rootfiles/core/113/update.sh rename to config/rootfiles/oldcore/113/update.sh diff --git a/html/cgi-bin/wlanap.cgi b/html/cgi-bin/wlanap.cgi index 844c395e2..bb40021cf 100644 --- a/html/cgi-bin/wlanap.cgi +++ b/html/cgi-bin/wlanap.cgi @@ -154,7 +154,7 @@ if ( $wlanapsettings{'ACTION'} eq "$Lang::tr{'save'}" ){ $memory=0; } -&Header::openpage('', 1, '', ''); +&Header::openpage($Lang::tr{'wlanap configuration'}, 1, '', ''); &Header::openbigbox('100%', 'left', '', $errormessage); if ( $errormessage ){ @@ -323,7 +323,7 @@ if ( $wlan_card_status ne '' ){ print "$Lang::tr{'wlanap wlan card'} ($wlanapsettings{'DRIVER'})"; print $wlan_card_status eq 'up' ? $status_started : $status_stopped; print""; - print "$Lang::tr{'wlanap access point'}"; + print "$Lang::tr{'wlanap'}"; print $wlan_ap_status eq 'up' ? $status_started : $status_stopped; if ( ($memory != 0) && (@pid[0] ne "///") ){ print "@pid[0]"; diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index b0cb96df2..7bc1c495d 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -15,10 +15,10 @@ 'ConnSched change profile title' => 'Wechsle zu Profil:', 'ConnSched days' => 'Tage:', 'ConnSched dial' => 'Verbinden', -'ConnSched down' => 'Runter', +'ConnSched down' => 'Herunter', 'ConnSched hangup' => 'Trennen', 'ConnSched ipsecstart' => 'IPsec (neu)starten', -'ConnSched ipsecstop' => 'IPsec stop', +'ConnSched ipsecstop' => 'IPsec stoppen', 'ConnSched reboot' => 'Neustarten', 'ConnSched reconnect' => 'Neu verbinden', 'ConnSched scheduled actions' => 'Geplante Aktionen', @@ -26,12 +26,12 @@ 'ConnSched select profile' => 'Wähle Profil', 'ConnSched shutdown' => 'Herunterfahren', 'ConnSched time' => 'Zeit:', -'ConnSched up' => 'Hoch', +'ConnSched up' => 'Herauf', 'ConnSched weekdays' => 'Wochentage:', 'Edit an existing route' => 'Eine existierende Route editieren', 'Enter TOS' => 'Aktivieren oder deaktivieren Sie die TOS-Bits
und klicken Sie danach auf Speichern.', 'Existing Files' => 'Dateien in der Datenbank', -'HDD temperature' => 'HDD-Temperatur', +'HDD temperature' => 'Festplatten-Temperatur', 'Level7 Protocol' => 'Level7-Protokoll', 'Level7 Rule' => 'Level7-Regel', 'Level7 rule' => 'Level7-Regel', @@ -248,7 +248,7 @@ 'advproxy errmsg no browser' => 'Mindestens ein Browser oder Client muss für den Web-Zugriff zugelassen sein', 'advproxy errmsg no password' => 'Passwort kann nicht leer sein', 'advproxy errmsg no username' => 'Benutzername darf nicht leer sein', -'advproxy errmsg non-transparent proxy required' => 'Web Proxy muss für die Authentifizierung im Nicht-transparenten Modus laufen', +'advproxy errmsg non-transparent proxy required' => 'Web Proxy muss für die Authentifizierung im nicht-transparenten Modus laufen', 'advproxy errmsg ntlm domain' => 'Windows-Domänenname erforderlich', 'advproxy errmsg ntlm pdc' => 'Hostname der Primary Domain Controllers erforderlich', 'advproxy errmsg password incorrect' => 'Falsches Passwort', @@ -264,8 +264,8 @@ 'advproxy error design' => 'Design der Fehlermeldungen', 'advproxy error language' => 'Sprache der Fehlermeldungen', 'advproxy fake referer' => 'Gefälschter Referer für externe Web-Sites', -'advproxy fake useragent' => 'Gefälschter Useragent für externe Web-Sites', -'advproxy friday' => 'Fre', +'advproxy fake useragent' => 'Gefälschter User-Agent für externe Web-Sites', +'advproxy friday' => 'Fr', 'advproxy from' => 'Von', 'advproxy group access control' => 'Gruppenbasierte Zugriffskontrolle', 'advproxy group required' => 'Erforderliche Gruppe', @@ -274,7 +274,7 @@ 'advproxy log enabled' => 'Protokoll aktiviert', 'advproxy log query' => 'Protokolliere Query Terms', 'advproxy log settings' => 'Protokolleinstellungen', -'advproxy log useragent' => 'Protokolliere Useragents', +'advproxy log useragent' => 'Protokolliere User-Agents', 'advproxy max download size' => 'Max. Größe von Downloads (KB)', 'advproxy max size' => 'Max. Objektgröße (KB)', 'advproxy max upload size' => 'Max. Größe von Uploads (KB)', @@ -282,7 +282,7 @@ 'advproxy min size' => 'Min. Objektgröße (KB)', 'advproxy mode allow' => 'Zulassen', 'advproxy mode deny' => 'Verweigern', -'advproxy monday' => 'Mon', +'advproxy monday' => 'Mo', 'advproxy network based access' => 'Netzwerkbasierte Zugriffskontrolle', 'advproxy no cache sites' => 'Diese Domains nicht zwischenspeichern (eine pro Zeile)', 'advproxy no clients defined' => 'Keine Clients definiert', @@ -300,7 +300,7 @@ 'advproxy ram cache size' => 'Cachegröße im Arbeitsspeicher (MB)', 'advproxy redirector children' => 'Anzahl der Filterprozesse', 'advproxy reset' => 'Zurücksetzen', -'advproxy saturday' => 'Sam', +'advproxy saturday' => 'Sa', 'advproxy save and restart' => 'Speichern und Neustart', 'advproxy squid version' => 'Squid Cache Version', 'advproxy squidclamav' => 'SquidClamav', @@ -308,21 +308,21 @@ 'advproxy ssl ports' => 'Zulässige SSL-Ports (einer pro Zeile)', 'advproxy standard' => 'Standard', 'advproxy standard ports' => 'Zulässige Standard-Ports (einer pro Zeile)', -'advproxy sunday' => 'Son', +'advproxy sunday' => 'So', 'advproxy supervisor password' => 'Supervisor-Passwort', -'advproxy suppress version' => 'Unterdrücke Versions-Informationen', +'advproxy suppress version' => 'Unterdrücke Versionsinformationen', 'advproxy throttle binary' => 'Binärdateien', 'advproxy throttle dskimg' => 'CD-Images', 'advproxy throttle mmedia' => 'Multimedia', 'advproxy throttling per host on' => 'Begrenzung pro Host auf', 'advproxy throttling total on' => 'Begrenzung insgesamt auf', 'advproxy throttling unlimited' => 'unbegrenzt', -'advproxy thursday' => 'Don', +'advproxy thursday' => 'Do', 'advproxy time restrictions' => 'Zeitbeschränkungen', 'advproxy to' => 'Bis', 'advproxy transfer limits' => 'Transfergrenzen', 'advproxy transparent on' => 'Transparent auf', -'advproxy tuesday' => 'Die', +'advproxy tuesday' => 'Di', 'advproxy unknown' => 'Unbekannt', 'advproxy unrestricted ip clients' => 'Uneingeschränkte IP-Adressen (eine pro Zeile)', 'advproxy unrestricted mac clients' => 'Uneingeschränkte MAC-Adressen (eine pro Zeile)', @@ -337,7 +337,7 @@ 'advproxy via forwarding' => 'Proxy-Adresse weiterleiten', 'advproxy visible hostname' => 'Sichtbarer Hostname', 'advproxy web browser' => 'Web-Browser', -'advproxy wednesday' => 'Mit', +'advproxy wednesday' => 'Mi', 'again' => 'Wiederholung:', 'age second' => 'Sekunde', 'age seconds' => 'Sekunden', @@ -359,7 +359,7 @@ 'alt dialup' => 'Einwahl', 'alt home' => 'Startseite', 'alt information' => 'Information', -'alt logs' => 'Logs', +'alt logs' => 'Protokolle', 'alt ovpn' => 'OpenVPN', 'alt proxy' => 'Proxy', 'alt services' => 'Dienste', @@ -766,12 +766,12 @@ 'dnsforward entries' => 'Aktuelle Einträge', 'dnsforward forward_server' => 'DNS-Server', 'dnsforward zone' => 'Zone', -'dnssec aware' => 'DNSSEC-aware', -'dnssec disabled warning' => 'WARNING: DNSSEC wurde deaktiviert', +'dnssec aware' => 'DNSSEC-Informationen verfügbar, aber nicht validierend', +'dnssec disabled warning' => 'WARNUNG: DNSSEC wurde deaktiviert', 'dnssec information' => 'DNSSEC-Informationen', 'dnssec not supported' => 'DNSSEC wird nicht unterstützt', 'dnssec validating' => 'DNSSEC-validierend', -'do not log this port list' => 'Verwerfe diese Port-Liste kurz bevor sie protokolliert werden (reduziert Protokollgröße)', +'do not log this port list' => 'Verwerfe diese Port-Liste, kurz bevor sie protokolliert werden (reduziert Protokollgröße)', 'dod' => 'Dial-on-Demand-Modus', 'dod for dns' => 'Dial-on-Demand für DNS:', 'dod not compatible with ddns' => 'Dial-on-Demand ist nicht kompatibel mit dynamischen DNS-Diensten', @@ -805,15 +805,15 @@ 'drop action' => 'Standardverhalten der (Forward) Firewall in Modus "Blocked"', 'drop action1' => 'Standardverhalten der (Outgoing) Firewall in Modus "Blocked"', 'drop action2' => 'Standardverhalten der (Input) Firewall', -'drop forward' => 'Verworfene (Forward) Firewall-Pakete loggen', -'drop input' => 'Verworfene Input Pakete loggen', -'drop newnotsyn' => 'Verworfene New Not Syn Pakete loggen', -'drop outgoing' => 'Verworfene (Outgoing) Firewall-Pakete loggen', -'drop portscan' => 'Verworfene Portscan Pakete loggen', -'drop proxy' => 'Alle Pakete verwerfen die nicht direkt an den Proxy gerichtet sind', -'drop samba' => 'Alle Microsoft Pakete verwerfen, Ports 135,137,138,139,445,1025', -'drop wirelessforward' => 'Verworfene Wireless Forward Pakete loggen', -'drop wirelessinput' => 'Verworfene Wireless Input Pakete loggen', +'drop forward' => 'Verworfene (Forward) Firewall-Pakete protokollieren', +'drop input' => 'Verworfene Input Pakete protokollieren', +'drop newnotsyn' => 'Verworfene New Not Syn Pakete protokollieren', +'drop outgoing' => 'Verworfene (Outgoing) Firewall-Pakete protokollieren', +'drop portscan' => 'Verworfene Portscan Pakete protokollieren', +'drop proxy' => 'Alle Pakete verwerfen, die nicht direkt an den Proxy gerichtet sind', +'drop samba' => 'Alle Microsoft Pakete verwerfen (Ports 135,137,138,139,445,1025)', +'drop wirelessforward' => 'Verworfene Wireless Forward Pakete protokollieren', +'drop wirelessinput' => 'Verworfene Wireless Input Pakete protokollieren', 'dst port' => 'Ziel-Port', 'dstprt range overlaps' => 'Der Zielportbereich überlappt mit einem bereits definierten Port.', 'dstprt within existing' => 'Der Zielport liegt innerhalb eines bereits definierten Portbereichs.', @@ -843,7 +843,7 @@ 'eg' => 'z.B.:', 'email config' => 'Konfiguration', 'email empty field' => 'Leeres Feld', -'email error' => 'ERROR: Testmail konnte nicht versendet werden', +'email error' => 'FEHLER: Test-E-Mail konnte nicht versendet werden', 'email invalid' => 'Ungültiges Feld', 'email invalid mailfqdn' => 'Ungültiger FQDN für Mailserver', 'email invalid mailip' => 'Ungültige IP-Adresse für Mailserver', @@ -854,15 +854,15 @@ 'email mailrcpt' => 'E-Mail-Empfänger', 'email mailsender' => 'E-Mail-Absender', 'email mailuser' => 'Benutzername', -'email server can not be empty' => 'Email-Server darf nicht leer sein', +'email server can not be empty' => 'E-Mail-Server darf nicht leer sein', 'email settings' => 'Mailversand', -'email subject' => 'IPFire Testmail', -'email success' => 'Testmail erfolgreich versendet', +'email subject' => 'IPFire Test-E-Mail', +'email success' => 'Test-E-Mail erfolgreich versendet', 'email testmail' => 'Testnachricht senden', 'email text' => 'Testnachricht vom IPFire Mailversand.', 'email tls' => 'TLS aktivieren', 'email usemail' => 'Mailversand aktivieren', -'emailreportlevel' => 'Email-Reportlevel', +'emailreportlevel' => 'E-Mail-Reportlevel', 'empty' => 'Dieses Feld kann leer bleiben', 'empty profile' => 'Unbenannt', 'enable ignore filter' => '"Ignorieren"-Filter ein', @@ -899,7 +899,7 @@ 'esp keylife should be between 1 and 24 hours' => 'ESP Schlüssel-Lebensdauer sollte zwischen 1 und 24 Stunden betragen.', 'every' => 'Alle', 'exampel' => 'Beispiel', -'exclude logfiles' => 'ohne Logdateien', +'exclude logfiles' => 'ohne Protokolldateien', 'excluding buffers and cache' => '-/+ Puffer/Zwischenspeicher', 'expected' => 'Erwartet', 'expertoptions' => 'Expertenoptionen', @@ -908,9 +908,9 @@ 'exportkey' => 'PSK exportieren', 'external access' => 'Externer Zugang', 'external access configuration' => 'Einstellungen für externen Zugang', -'external access rule added' => 'Regel für externen Zugang hinzugefügt; Starte Zugangskontroller neu', -'external access rule changed' => 'External access Regel geändert; Der access controller wird neu gestartet.', -'external access rule removed' => ' Regel für externen Zugang entfernt; Starte Zugangskontroller neu', +'external access rule added' => 'Regel für externen Zugang hinzugefügt; starte Zugangskontroller neu', +'external access rule changed' => 'External access Regel geändert; der access controller wird neu gestartet.', +'external access rule removed' => ' Regel für externen Zugang entfernt; starte Zugangskontroller neu', 'external aliases configuration' => 'Externe Alias-Konfiguration', 'extrahd' => 'ExtraHD', 'extrahd because there is already a device mounted' => ' mounten, weil bereits ein Gerät gemountet ist', @@ -957,10 +957,10 @@ 'firewall log country' => 'Firewall-Protokoll (Land)', 'firewall log ip' => 'Firewall-Protokoll (IP)', 'firewall log port' => 'Firewall-Protokoll (Port)', -'firewall logs' => 'Firewall-Logdateien', -'firewall logs country' => 'Fw-Logdiagramme (Land)', -'firewall logs ip' => 'Fw-Logdiagramme (IP)', -'firewall logs port' => 'Fw-Logdiagramme (Port)', +'firewall logs' => 'Firewall-Protokolldateien', +'firewall logs country' => 'Fw-Protokolldiagramme (Land)', +'firewall logs ip' => 'Fw-Protokolldiagramme (IP)', +'firewall logs port' => 'Fw-Protokolldiagramme (Port)', 'firewall rules' => 'Firewallregeln', 'firewallhits' => 'Firewalltreffer', 'firmware' => 'Firmware', @@ -984,14 +984,14 @@ 'fritzdsl help' => 'Um eines der folgenden Fritz!DSL Modems (Fritz!Card DSL=fcdsl / Fritz!CardDSL SL=fcdslsl / Fritz!Card DSL V2.0=fcdsl2 / Fritz!Card DSL USB=fcdslusb / Fritz!Card DSL USB SL=fcdslslusb) nutzen zu können, müssen Sie ein Paket auf Ihre IPFire-Box laden. Bitte laden Sie den tarball entsprechend Ihrer Version von der IPFire-Webseite herunter und laden Sie dann die gesamte fcdsl-(ihre_version).tgz mit dem folgenden Formular hoch.', 'fritzdsl upload' => 'Fritz!DSL-Treiber hochladen', 'from' => 'Von', -'from email adr' => 'Von Email Adresse', -'from email pw' => 'Von Email Passwort', -'from email server' => 'Von Email Server', -'from email user' => 'Von Email Benutzer', -'from warn email bad' => 'Von Email Adresse ist nicht gültig', +'from email adr' => 'Von E-Mail-Adresse', +'from email pw' => 'Von E-Mail-Passwort', +'from email server' => 'Von E-Mail-Server', +'from email user' => 'Von E-Mail-Benutzer', +'from warn email bad' => 'Von E-Mail-Adresse ist nicht gültig', 'fw blue' => 'Firewalloptionen für das Blaue Interface', -'fw default drop' => 'Firewall Policy', -'fw logging' => 'Firewall-Logging', +'fw default drop' => 'Firewall Richtlinie', +'fw logging' => 'Firewall-Protokollierung', 'fw settings' => 'Firewall-Einstellungen', 'fw settings color' => 'Farben in Regeltabelle anzeigen', 'fw settings dropdown' => 'Alle Netzwerke auf Regelerstellungsseite anzeigen', @@ -1037,8 +1037,8 @@ 'fwdfw external port nat' => 'Externer Port (NAT)', 'fwdfw final_rule' => 'Letzte Regel: ', 'fwdfw from' => 'Von:', -'fwdfw hint ip1' => 'Die zuletzt erzeugte Regel mag eventuell niemals zutreffen, da sich Quelle und Ziel überlappen.', -'fwdfw hint ip2' => 'Bitte überprüfen Sie, ob diese Regel Sinn macht: ', +'fwdfw hint ip1' => 'Die zuletzt erzeugte Regel könnte eventuell niemals zutreffen, da sich Quelle und Ziel überlappen.', +'fwdfw hint ip2' => 'Bitte überprüfen Sie, ob diese Regel Sinn ergibt: ', 'fwdfw hint mac' => 'Sie nutzen MAC-Adressen in der Zielgruppe. Diese werden bei der Regelerstellung übersprungen.', 'fwdfw iface' => 'Interface', 'fwdfw ipsec network' => 'IPsec-Netzwerke:', @@ -1183,7 +1183,7 @@ 'fwhost stdnet' => 'Standard-Netzwerke:', 'fwhost type' => 'Typ', 'fwhost used' => 'Genutzt', -'fwhost welcome' => 'Hier können einzelne Hosts, Netzwerke oder Dienste zu Gruppen zusammengefasst werden, was das erstellen von Firewallregeln einfacher und schneller macht.', +'fwhost welcome' => 'Hier können einzelne Hosts, Netzwerke oder Dienste zu Gruppen zusammengefasst werden, was das Erstellen von Firewallregeln einfacher und schneller macht.', 'fwhost wo subnet' => '(Ohne Subnetz)', 'gateway' => 'Gateway', 'gateway ip' => 'Gateway-IP', @@ -1228,7 +1228,7 @@ 'hangup' => 'Trennen', 'hangup string' => 'Auflegen:', 'harddisk temperature' => 'Festplattentemperatur', -'harddisk temperature graphs' => 'HDD-Diagramme', +'harddisk temperature graphs' => 'Festplatten-Diagramme', 'hardware graphs' => 'Hardware-Diagramme', 'hardware support' => 'Hardware-Unterstützung', 'hdd temperature in' => 'Festplattentemperatur in', @@ -1261,8 +1261,8 @@ 'idle' => 'Leerlauf', 'idle timeout' => 'Leerlauf-Wartezeit in min (0 zum Deaktivieren):', 'idle timeout not set' => 'Leerlauf-Wartezeit nicht angegeben.', -'ids log viewer' => 'Ansicht IDS-Log', -'ids logs' => 'IDS-Logdateien', +'ids log viewer' => 'Ansicht IDS-Protokoll', +'ids logs' => 'IDS-Protokolldateien', 'ids preprocessor' => 'IDS-Präprozessor', 'ids rules license' => 'Um Sourcefire VRT Zertifizierte Regeln zu nutzen, müssen Sie sich unter', 'ids rules license1' => ' registrieren.', @@ -1282,7 +1282,7 @@ 'imsi' => 'IMSI', 'in' => 'Ein', 'inactive' => 'inaktiv', -'include logfiles' => 'mit Logdateien', +'include logfiles' => 'mit Protokolldateien', 'incoming' => 'eingehend', 'incoming compression in bytes per second' => 'Eingehende Kompression', 'incoming firewall access' => 'Eingehender Firewallzugang', @@ -1303,7 +1303,7 @@ 'internet' => 'INTERNET', 'intrusion detection' => 'Einbruchdetektierung', 'intrusion detection system' => 'Intrusion Detection System', -'intrusion detection system log viewer' => 'Betrachter der IDS-Logfiles', +'intrusion detection system log viewer' => 'Betrachter der IDS-Protokolldateien', 'intrusion detection system rules' => 'Intrusion Detection System Regeln', 'intrusion detection system2' => 'Intrusion Detection System:', 'invalid broadcast ip' => 'Ungültige Broadcast-IP', @@ -1327,12 +1327,12 @@ 'invalid input for dhcp wins' => 'Ungültige Eingabe für DHCP WINS', 'invalid input for dpd delay' => 'Ungültige Eingabe für DPD-Verzögerung', 'invalid input for dpd timeout' => 'Ungültige Eingabe für DPD-Zeitüberschreitung', -'invalid input for e-mail address' => 'Ungültige Eingabe für die E-mail Adresse', +'invalid input for e-mail address' => 'Ungültige Eingabe für die E-Mail-Adresse', 'invalid input for esp keylife' => 'Ungültige Eingabe für ESP Schlüssel-Lebensdauer', 'invalid input for hostname' => 'Ungültige Eingabe für Hostname', 'invalid input for ike lifetime' => 'Ungültige Eingabe für IKE Lebensdauer', 'invalid input for keepalive 1' => 'Ungültige Eingabe für Keepalive ping', -'invalid input for keepalive 1:2' => 'Ungültige Eingabe für Keepalive mindestens ein Verhältnis von 1:2', +'invalid input for keepalive 1:2' => 'Ungültige Eingabe für Keepalive (mindestens ein Verhältnis von 1:2)', 'invalid input for keepalive 2' => 'Ungültige Eingabe für Keepalive ping-restart', 'invalid input for max clients' => 'Ungültige Eingabe für Max Clients', 'invalid input for name' => 'Ungültige Eingabe für vollen Namen des Benutzers oder des System Hostnamens', @@ -1346,7 +1346,7 @@ 'invalid key' => 'Ungültiger Schlüssel.', 'invalid loaded file' => 'Ungültige geladene Datei', 'invalid local-remote id' => 'Local-Id und Remote-Id dürfen nicht gleich sein, und müssen einem "@"-Zeichen beginnen. Dies sind leftid und rightid in der StrongSwan-Terminologie.', -'invalid logserver address' => 'Ungültige syslogd server Adresse', +'invalid logserver address' => 'Ungültige syslogd-Server-Adresse', 'invalid mac address' => 'Ungültige MAC-Adresse', 'invalid max lease time' => 'Ungültige max. Haltezeit.', 'invalid maximum incoming size' => 'Ungültige max. ankommende Größe.', @@ -1357,7 +1357,7 @@ 'invalid mtu input' => 'Ungültige MTU', 'invalid netmask' => 'Ungültige Netzwerkmaske', 'invalid port' => 'Ungültiger Port. Bitte gültige Portnummer eingeben.', -'invalid port list' => 'Portlisten-Syntax lautet: port[,port]... wobei port in /etc/services vorkommt oder Nummer', +'invalid port list' => 'Portlisten-Syntax lautet: port[,port]... wobei port in /etc/services enthalten ist, alternativ Portnummer', 'invalid primary dns' => 'Ungültiger primärer DNS.', 'invalid primary ntp' => 'Ungültiger primärer NTP.', 'invalid secondary dns' => 'Ungültiger sekundärer DNS.', @@ -1367,13 +1367,13 @@ 'invalid time period' => 'Unzulässiger Zeitabschnitt.', 'invalid uplink speed' => 'Ungültige Uplink-Geschwindigkeit.', 'invalid upstream proxy username or password setting' => 'Ungültige/r Remote-Proxy-Benutzername oder Passwort-Einstellung', -'invalid users' => 'Liste mit Benutzern denen der Zugriff untersagt ist', +'invalid users' => 'Liste mit Benutzern, denen der Zugriff untersagt ist', 'invalid vpi vpci' => 'Ungültige VPI/VPCI-Einstellungen', 'invalid wins address' => 'Ungültige WINS Server Addresse.', 'invert' => 'Invertieren', 'ip address' => 'IP-Adresse', 'ip address in use' => 'IP-Adresse bereits vergeben', -'ip address outside subnets' => 'IP-Adresse ausserhalb der(s) lokalen Subnetze(s)', +'ip address outside subnets' => 'IP-Adresse außerhalb der(s) lokalen Subnetze(s)', 'ip alias added' => 'Externer IP-Alias hinzugefügt', 'ip alias changed' => 'Externer IP-Alias geändert', 'ip alias removed' => 'Externer IP-Alias entfernt', @@ -1386,7 +1386,7 @@ 'ipinfo' => 'IP-Info', 'ipsec' => 'IPsec', 'ipsec network' => 'IPsec-Netzwerke', -'ipsec no connections' => 'Keine aktiven IPsec Verbindungen', +'ipsec no connections' => 'Keine aktiven IPsec-Verbindungen', 'iptable rules' => 'IPTable-Regeln', 'iptmangles' => 'IPTable Mangles', 'iptnats' => 'IPTable Network Address Translation', @@ -1419,7 +1419,7 @@ 'lifetime' => 'Lebensdauer:', 'line' => 'Leitung', 'linkq' => 'Antwortzeit', -'load printer' => 'Load Printer', +'load printer' => 'Lade Drucker', 'loaded modules' => 'Geladene Module:', 'local hard disk' => 'Festplatte', 'local master' => 'Local Master', @@ -1430,23 +1430,23 @@ 'localkey' => 'Localkey', 'localkeyfile' => 'Localkeyfile', 'log' => 'Protokoll', -'log enabled' => 'Log aktiviert', -'log level' => 'Log Level', +'log enabled' => 'Protokoll aktiviert', +'log level' => 'Protokollierungslevel', 'log lines per page' => 'Zeilen pro Seite', 'log server address' => 'Syslog Server', -'log settings' => 'Logdatei-Einstellungen', -'log summaries' => 'Log Übersicht', -'log summary' => 'Log Zusammenfassung', +'log settings' => 'Protokolldatei-Einstellungen', +'log summaries' => 'Protokollübersicht', +'log summary' => 'Protokollzusammenfassung', 'log var messages' => 'Einstellungen für /var/log/messages', -'log view' => 'Log Anzeige', +'log view' => 'Protokollanzeige', 'log viewer' => 'Protokollansicht', -'log viewing options' => 'Log Ansichts-Optionen', -'log-options' => 'Logfile Optionen', +'log viewing options' => 'Protokollansichtsoptionen', +'log-options' => 'Protokolldateioptionen', 'loged in at' => 'Angemeldet seit', -'logging' => 'Logging', +'logging' => 'Protokollierung', 'logging server' => 'Protokollierungs-Server', 'loginlogout' => 'Login/Logout', -'logs' => 'Logdateien', +'logs' => 'Protokolldateien', 'lookup failed' => 'Reverse Lookup gescheitert', 'loosedirectorychecking' => 'Loose directorychecking', 'low' => 'Niedrig', @@ -1499,7 +1499,7 @@ 'masquerading enabled' => 'NAT eingeschaltet', 'max bandwith' => 'Maximale Bandbreite', 'max incoming size' => 'Max. eingehende Größe (kB):', -'max lease time' => 'Max. Haltezeit in min:', +'max lease time' => 'Max. Haltezeit in min.:', 'max outgoing size' => 'Max. abgehende Größe (kB):', 'max reliability' => 'Maximale Zuverlässigkeit', 'max renewal time' => 'Maximale Aktualisierungszeit', @@ -1511,15 +1511,15 @@ 'maximum retries' => 'Maximale Wiederholversuche:', 'may' => 'Mai', 'mbmon display' => 'Anzeigen', -'mbmon fan' => 'Fan Speed', -'mbmon fan in' => 'Fan Speed in', +'mbmon fan' => 'Lüftergeschwindigkeit', +'mbmon fan in' => 'Lüftergeschwindigkeit in', 'mbmon graphs' => 'mbmon-Diagramme', 'mbmon label' => 'Label', 'mbmon settings' => 'mbmongraph Einstellungen', -'mbmon temp' => 'Temperature', -'mbmon temp in' => 'Temperature in', +'mbmon temp' => 'Temperatur', +'mbmon temp in' => 'Temperatur in', 'mbmon value' => 'Wert', -'mbmon volt' => 'Voltage', +'mbmon volt' => 'Spannung', 'meaning' => 'Bedeutung', 'media' => 'Laufwerke', 'media information' => 'Laufwerksinformationen', @@ -1528,7 +1528,7 @@ 'memory information' => 'Speicherinformationen', 'memory usage per' => 'Speichernutzung pro', 'messages' => 'Meldungen', -'messages logging' => 'Logeinstellungen für /var/log/messages', +'messages logging' => 'Protokolleinstellungen für /var/log/messages', 'method' => 'Methode:', 'min costs' => 'Minimale Kosten', 'min delay' => 'Minimale Verzögerung', @@ -1637,7 +1637,7 @@ 'no fritzdsl driver' => 'Kein Fritz!DSL-Treiber vorhanden. Bitte hochladen.', 'no hardware random number generator' => 'Dieses System hat keine Entropiequelle.', 'no information available' => 'Keine Informationen verfügbar.', -'no log selected' => 'kein Log ausgewählt', +'no log selected' => 'kein Protokoll ausgewählt', 'no modem selected' => 'Kein Modem ausgewählt', 'no set selected' => 'Es wurde kein Satz ausgewählt', 'no time limit' => 'unbregenzte Zeit', @@ -1681,7 +1681,7 @@ 'openvpn disabled' => 'DEAKTIVIERT', 'openvpn enabled' => 'AKTIVIERT', 'openvpn fragment allowed with udp' => '"fragment" kann nur in Kombination mit dem UDP-Protokoll genutzt werden.', -'openvpn log' => 'OpenVPN Log', +'openvpn log' => 'OpenVPN Protokoll', 'openvpn mssfix allowed with udp' => '"mssfix" kann nur in Kombination mit dem UDP-Protokoll genutzt werden.', 'openvpn network' => 'OpenVPN-Netzwerke', 'openvpn prefix local subnet' => 'Die Prefix-Notation wird nicht unterstützt. Bitte geben Sie eine Subnetzmaske beim lokalen Subnetz ein wie z.B. 255.255.255.0.', @@ -1693,8 +1693,8 @@ 'optional data' => '3. Optionale Einstellungen', 'options' => 'Optionen', 'options fw' => 'Firewalloptionen', -'optionsfw portlist hint' => 'Die Liste der Ports muss durch ein Komma getrennt werden (z.B. 137,138). Sie können maximal bis zu 15 Ports pro Protokoll angeben.', -'optionsfw warning' => 'Verändern dieser Optionen bedingt einen Neustart der Firewall', +'optionsfw portlist hint' => 'Die Liste der Ports muss durch Kommata getrennt werden (z.B. 137,138). Sie können maximal bis zu 15 Ports pro Protokoll angeben.', +'optionsfw warning' => 'Verändern dieser Optionen erfordert einen Neustart der Firewall', 'or' => 'oder', 'orange' => 'ORANGE', 'organization cant be empty' => 'Organisation darf nicht leer sein.', @@ -1718,10 +1718,10 @@ 'outgoing firewall edit ip group' => 'IP Adressgruppen bearbeiten', 'outgoing firewall edit mac group' => 'MAC Adressgruppen bearbeiten', 'outgoing firewall group error' => 'Eine Gruppe mit dem selben Namen existiert bereits.', -'outgoing firewall groups' => 'Firewall Gruppen', +'outgoing firewall groups' => 'Firewallgruppen', 'outgoing firewall ip groups' => 'Ausgehende Firewall IP Adressgruppen', 'outgoing firewall mac groups' => 'Ausgehende Firewall MAC Adressgruppen', -'outgoing firewall mode0' => 'In diesem Modus ist es allen Rechnern im Netzwerk uneingeschränkt möglich Verbindungen ins Internet aufzubauen.', +'outgoing firewall mode0' => 'In diesem Modus ist es allen Rechnern im Netzwerk uneingeschränkt möglich, Verbindungen ins Internet aufzubauen.', 'outgoing firewall mode1' => 'In diesem Modus werden nur Verbindungen nach den oben definierten Regeln zugelassen.', 'outgoing firewall mode2' => 'In diesem Modus werden sämtliche Verbindungen erlaubt, bis auf die oben definierten Block-Regeln.', 'outgoing firewall outgoing firewall reserved groupname' => 'Bitte einen anderen Gruppennamen verwenden, dieser ist ein reserviertes Wort.', @@ -1753,7 +1753,7 @@ 'ovpn generating the root and host certificates' => 'Die Erzeugung der Root- und Host-Zertifikate kann lange Zeit dauern.', 'ovpn ha' => 'Hash-Algorithmus', 'ovpn hmac' => 'HMAC-Optionen', -'ovpn log' => 'OVPN-Log', +'ovpn log' => 'OVPN-Protokoll', 'ovpn mgmt in root range' => 'Ein Port von 1024 oder höher ist erforderlich.', 'ovpn mtu-disc' => 'Path MTU Discovery', 'ovpn mtu-disc and mtu not 1500' => 'Path MTU Discovery benötigt eine MTU von 1500.', @@ -1767,7 +1767,7 @@ 'ovpn on orange' => 'OpenVPN auf ORANGE:', 'ovpn on red' => 'OpenVPN auf ROT:', 'ovpn port in root range' => 'Ein Port von 1024 oder höher ist erforderlich.', -'ovpn reneg sec' => 'Session Key Lifetime', +'ovpn reneg sec' => 'Sitzungsschlüssellebensdauer', 'ovpn routes push' => 'Routen (eine pro Zeile) z.b. 192.168.10.0/255.255.255.0 192.168.20.0/24', 'ovpn routes push options' => 'Route push Optionen', 'ovpn server status' => 'OpenVPN-Server-Status', @@ -1788,8 +1788,8 @@ 'ovpn_processprioN' => 'Normal', 'ovpn_processprioVD' => 'Sehr Tief', 'ovpn_processprioVH' => 'Sehr Hoch', -'ovpnstatus log' => 'OVPN-Status-Log', -'ovpnsys log' => 'OVPN-System-Log', +'ovpnstatus log' => 'OVPN-Status-Protokoll', +'ovpnsys log' => 'OVPN-System-Protokoll', 'p2p block' => 'P2P-Netzwerke', 'p2p block save notice' => 'Bitte lesen Sie die Firewallregeln neu ein, damit die Änderungen aktiv werden.', 'package failed to install' => 'Programmpaket konnte nicht installiert werden.', @@ -1798,10 +1798,10 @@ 'pakfire ago' => 'her.', 'pakfire available addons' => 'Verfügbare Addons:', 'pakfire configuration' => 'Pakfire Konfiguration', -'pakfire core update auto' => 'Core und Addon Updates automatisch installieren:', +'pakfire core update auto' => 'Core- und Addon-Updates automatisch installieren:', 'pakfire core update level' => 'Core-Update-Level', 'pakfire health check' => 'Mirrors auf Erreichbarkeit prüfen (Ping):', -'pakfire install description' => 'Wählen Sie ein oder mehrere Pakete zur Installation aus und drücken Sie auf das plus Symbol.', +'pakfire install description' => 'Wählen Sie ein oder mehrere Pakete zur Installation aus und drücken Sie auf das plus-Symbol.', 'pakfire install package' => 'Sie möchten folgende Pakete installieren: ', 'pakfire installed addons' => 'Installierte Addons:', 'pakfire last core list update' => 'Letztes Corelisten Update ist', @@ -1811,7 +1811,7 @@ 'pakfire possible dependency' => ' Möglicherweise haben diese Pakete Abhängigkeiten, d.h. andere Pakete müssen zusätzlich installiert werden. Dazu sehen Sie unten eine Liste.', 'pakfire register' => 'Registrierung am Pakfire-Server:', 'pakfire system state' => 'System Status', -'pakfire uninstall description' => 'Wählen Sie ein oder mehrere Pakete zur Deinstallation aus und drücken Sie auf das minus Symbol.', +'pakfire uninstall description' => 'Wählen Sie ein oder mehrere Pakete zur Deinstallation aus und drücken Sie auf das minus-Symbol.', 'pakfire uninstall package' => 'Sie möchten folgende Pakete deinstallieren: ', 'pakfire update daily' => 'Täglich nach Updates suchen:', 'pakfire updates' => 'Zur Verfügung stehende Updates:', @@ -1882,8 +1882,8 @@ 'proxy cachemgr' => 'Cachemanager aktivieren', 'proxy errmsg filedescriptors' => 'Ungültiger Anzahl Filedescriptoren', 'proxy filedescriptors' => 'Anzahl Filedescriptoren', -'proxy log viewer' => 'Ansicht Proxy-Log', -'proxy logs' => 'Proxy-Logdateien', +'proxy log viewer' => 'Ansicht Proxy-Protokoll', +'proxy logs' => 'Proxy-Protokolldateien', 'proxy no proxy extend' => 'oder geben Sie eine Liste von Zielen an, welche nicht über den Proxy angesprochen werden sollen', 'proxy no proxy local' => 'Lokalen Proxy auf blauen/grünen Netzwerken verhindern', 'proxy port' => 'Proxy-Port', @@ -1928,10 +1928,10 @@ 'remote access' => 'Fernwartung', 'remote announce' => 'Remote Announce', 'remote browse sync' => 'Remote Browse Sync', -'remote host/ip' => 'Remote Host/IP', -'remote logging' => 'Remote logging', -'remote subnet' => 'Remote Subnetz:', -'remote subnet is invalid' => 'Remote Subnetz ist ungültig.', +'remote host/ip' => 'Entfernte(r) Host/IP', +'remote logging' => 'Entfernte Protokollierung', +'remote subnet' => 'Entferntes Subnetz:', +'remote subnet is invalid' => 'Entferntes Subnetz ist ungültig.', 'removable device advice' => 'Stecken Sie ein Gerät an, aktualisieren Sie und binden Sie es vor der Benutzung ein. Melden Sie das Gerät vorm Entfernen ab.', 'remove' => 'Löschen', 'remove ca certificate' => 'CA-Zertifikat entfernen', @@ -1947,7 +1947,7 @@ 'reset' => 'Zurücksetzen', 'reset shares' => 'Freigaben zurücksetzen', 'resetglobals' => 'Globale Einstellungen zurücksetzen', -'resetpolicy' => 'Policy zurücksetzen', +'resetpolicy' => 'Richtlinie zurücksetzen', 'resetshares' => 'Shares zurücksetzen?', 'resetting the vpn configuration will remove the root ca, the host certificate and all certificate based connections' => 'Das Löschen des X509 wird die Root-CA, die Host-Zertifikate und alle zertifikatsbasierten Verbindungen entfernen.', 'restart' => 'Neustart', @@ -1995,7 +1995,7 @@ 'select source net' => 'Auswahl Quell-Netz', 'selecttraffic' => 'Trafficübersicht auswählen:', 'send cr' => 'ISP verlangt Zeilenrücklaufzeichen:', -'send email notification' => 'Aktiviert, Email Benachrichtigung senden', +'send email notification' => 'Aktiviert, E-Mail Benachrichtigung senden', 'send test mail' => 'Sende Testemail', 'september' => 'September', 'serial' => 'serielle', @@ -2119,7 +2119,7 @@ 'stop ovpn server' => 'Stoppe OpenVPN-Server', 'stopped' => 'ANGEHALTEN', 'subject' => 'Betreff', -'subject test' => 'Testemail', +'subject test' => 'Test-E-Mail', 'subject warn' => 'Warnung - Warnlevel erreicht', 'subnet' => 'Subnet', 'subnet is invalid' => 'Netzmaske ist ungültig', @@ -2135,16 +2135,16 @@ 'system has hwrng' => 'Dieses System hat einen Hardware-Zufallszahlengenerator.', 'system has rdrand' => 'Dieses System unterstützt Intel(R) RDRAND.', 'system information' => 'Systeminformationen', -'system log viewer' => 'Betrachter der System-Logdateien', -'system logs' => 'System-Logdateien', +'system log viewer' => 'Betrachter der Systemprotokolldateien', +'system logs' => 'Systemprotokolldateien', 'system status information' => 'System-Statusinformationen', 'ta key' => 'TLS-Authentifizierungsschlüssel', 'telephone not set' => 'Telefonnummer nicht angegeben.', 'template' => 'Vorlage', 'template warning' => 'Zur Einrichtung von QoS stehen Ihnen 2 Möglichkeiten zur Auswahl. Entweder Sie wählen speichern und erstellen Klassen und Regeln nach Ihren Wünschen, oder Sie wählen Vorlage, dann werden die Klassen und Regeln durch ein Template generiert.', 'test' => 'test', -'test email could not be sent' => 'Könnte Testemail nicht senden', -'test email was sent' => 'Testemail wurde erfolgreich versand', +'test email could not be sent' => 'Könnte Test-E-Mail nicht senden', +'test email was sent' => 'Test-E-Mail wurde erfolgreich versand', 'the following update was successfully installed' => 'Das folgende Update wurde erfolgreich installiert', 'the statistics were last updated at' => 'Die Statistik wurde zuletzt aktualisiert am', 'theme' => 'Style', @@ -2194,10 +2194,10 @@ 'tor connected relays' => 'Verbundene Relays', 'tor contact info' => 'Kontaktinformationen', 'tor daemon' => 'Daemon', -'tor directory port' => 'Directory-Port', +'tor directory port' => 'Verzeichnis-Port', 'tor enabled' => 'Tor einschalten', 'tor errmsg invalid accounting limit' => 'Ungültiges Accounting-Limit', -'tor errmsg invalid directory port' => 'Ungültiger Directory-Port', +'tor errmsg invalid directory port' => 'Ungültiger Verzeichnis-Port', 'tor errmsg invalid ip or mask' => 'Ungültiges IP-Subnetz', 'tor errmsg invalid relay address' => 'Ungültige Relay-Adresse', 'tor errmsg invalid relay name' => 'Ungültiger Relay-Nickname', @@ -2211,12 +2211,12 @@ 'tor relay enabled' => 'Tor-Relay einschalten', 'tor relay external address' => 'Externe Relay-Adresse', 'tor relay fingerprint' => 'Relay-Fingerabdruck', -'tor relay mode' => 'Relay-Modues', +'tor relay mode' => 'Relay-Modus', 'tor relay mode bridge' => 'Bridge', 'tor relay mode exit' => 'Exit-Node', 'tor relay mode private bridge' => 'private Bridge', 'tor relay mode relay' => 'Nur Relay', -'tor relay nickname' => 'Relay-Nickname', +'tor relay nickname' => 'Relay-Spitzname', 'tor relay port' => 'Relay-Port', 'tor service' => 'Tor-Service', 'tor socks port' => 'SOCKS-Port', @@ -2226,7 +2226,7 @@ 'tor traffic read written' => 'Gesamter Traffic (empfangen/gesendet)', 'tor use exit nodes' => 'Nur diese Exit-Nodes benutzen (eins pro Zeile)', 'total connection time' => 'Verbindungszeit', -'total hits for log section' => 'Gesamte Treffer für Log Sektion', +'total hits for log section' => 'Gesamte Treffer für Protokollsektion', 'traffic back' => 'Zurück', 'traffic calc time' => 'Berechnungszeitpunkt', 'traffic calc time bad' => 'Berechnungsintervall ist nicht gültig', @@ -2364,7 +2364,7 @@ 'upload a certificate request' => 'Eine Zertifikatsanfrage hochladen:', 'upload ca certificate' => 'CA-Zertifikat hochladen', 'upload dh key' => 'Diffie-Hellman-Parameter hochladen', -'upload file' => 'Datei zum hochladen', +'upload file' => 'Datei zum Hochladen', 'upload new ruleset' => 'Neuen Regelsatz hochladen', 'upload p12 file' => 'PKCS12-Datei hochladen', 'upload static key' => 'Statischen Schlüssel hochladen', @@ -2466,7 +2466,7 @@ 'urlfilter filesize' => 'Größe', 'urlfilter filter settings' => 'URL-Filter Einstellungen', 'urlfilter fri' => 'F', -'urlfilter friday' => 'Fre', +'urlfilter friday' => 'Fr', 'urlfilter from' => 'Von', 'urlfilter hourly' => 'stündlich', 'urlfilter import blacklist' => 'Blacklist importieren', @@ -2480,10 +2480,10 @@ 'urlfilter invalid user error' => 'Ungültiger Benutzername', 'urlfilter load blacklist' => 'Blacklist laden', 'urlfilter local file redirection' => 'Lokale Dateiumleitung', -'urlfilter log' => 'Urlfilter Log', +'urlfilter log' => 'URL-Filter Protokoll', 'urlfilter log summary' => 'Gesamtanzahl der URL-Filter-Treffer für', -'urlfilter log viewer' => 'Ansicht URL-Filter-Log', -'urlfilter logs' => 'URL-Filter-Logdateien', +'urlfilter log viewer' => 'Ansicht URL-Filter-Protokoll', +'urlfilter logs' => 'URL-Filter-Protokolldateien', 'urlfilter maintenance' => 'URL-Filter Wartung', 'urlfilter manage local file repository' => 'Lokale Dateiablage verwalten', 'urlfilter manage repository' => 'Ablage verwalten', @@ -2491,7 +2491,7 @@ 'urlfilter mode allow' => 'erlauben', 'urlfilter mode block' => 'sperren', 'urlfilter mon' => 'M', -'urlfilter monday' => 'Mon', +'urlfilter monday' => 'Mo', 'urlfilter monthly' => 'monatlich', 'urlfilter msg text 1' => 'Nachricht Zeile 1', 'urlfilter msg text 2' => 'Nachricht Zeile 2', @@ -2519,7 +2519,7 @@ 'urlfilter restore text' => 'Um eine vorher gesicherte Konfiguration wieder herzustellen, kann hier eine .tar.gz-Sicherungsdatei hochgeladen werden', 'urlfilter safesearch' => 'Aktiviere SafeSearch', 'urlfilter sat' => 'S', -'urlfilter saturday' => 'Sam', +'urlfilter saturday' => 'Sa', 'urlfilter save and restart' => 'Speichern und Neustart', 'urlfilter save schedule' => 'Updateeinstellungen speichern', 'urlfilter select blacklist' => 'Vorhandene Blacklist auswählen', @@ -2535,10 +2535,10 @@ 'urlfilter src' => 'Quelle', 'urlfilter src error' => 'Quelle darf nicht leer sein', 'urlfilter sun' => 'S', -'urlfilter sunday' => 'Son', +'urlfilter sunday' => 'So', 'urlfilter tar error' => 'Konnte die Dateien nicht aus dem Archiv extrahieren', 'urlfilter thu' => 'D', -'urlfilter thursday' => 'Don', +'urlfilter thursday' => 'Do', 'urlfilter time' => 'Zeit', 'urlfilter time quota' => 'Zeitkontingent', 'urlfilter time space' => 'Zeitraum', @@ -2546,7 +2546,7 @@ 'urlfilter timespace error' => 'Fehler bei der Angabe des Zeitraumes', 'urlfilter to' => 'Bis', 'urlfilter tue' => 'D', -'urlfilter tuesday' => 'Die', +'urlfilter tuesday' => 'Di', 'urlfilter unfiltered clients' => 'Ungefilterte IP-Adressen', 'urlfilter update information' => 'Eine aktualisierte Version steht zum Download bereit. Besuchen Sie http://www.urlfilter.net für weitere Informationen.', 'urlfilter update notification' => 'Update-Benachrichtigung!', @@ -2570,7 +2570,7 @@ 'urlfilter username log' => 'Protokolliere Benutzername', 'urlfilter web proxy service required' => 'Um den URL-Filter zu verwenden, muss der Web-Proxy-Dienst aktiviert sein', 'urlfilter wed' => 'M', -'urlfilter wednesday' => 'Mit', +'urlfilter wednesday' => 'Mi', 'urlfilter weekday error' => 'Es muss mindestens ein Tag ausgewählt werden', 'urlfilter weekly' => 'wöchentlich', 'urlfilter whitelist always allowed' => 'Erlaube angepasste Whitelist für gesperrte Clients', @@ -2585,18 +2585,18 @@ 'used memory' => 'Genutzter Speicher', 'used swap' => 'Genutzter Swap', 'user' => 'Benutzer', -'user log' => 'Benutzer Log', -'user proxy logs' => 'Benutzer Proxy Log', +'user log' => 'Benutzerprotokoll', +'user proxy logs' => 'Benutzer Proxy Protokoll', 'username' => 'Benutzername:', 'username not set' => 'Benutzername nicht angegeben.', 'users department' => 'Abteilung des Benutzers', -'users email' => 'E-mail-Adresse des Benutzers', +'users email' => 'E-Mail-Adresse des Benutzers', 'users fullname or system hostname' => 'Voller Name oder System-Hostname des Benutzers', 'valid root certificate already exists' => 'Ein gültiges Root-Zertifikat existiert bereits.', 'valid till' => 'Gültig bis', 'vci number' => 'VCI-Nummer:', 'vendor' => 'Hersteller', -'view log' => 'Log anzeigen', +'view log' => 'Protokoll anzeigen', 'virtual address' => 'Virtuelle Addresse', 'virtual private networking' => 'Virtuelles Privates Netzwerk', 'visible in browselist' => 'Sichtbar in der Verzeichnisliste', @@ -2612,7 +2612,7 @@ 'vpn auth-dn' => 'Peer wird identifiziert durch entweder ein IPV4_ADDR, FQDN, USER_FQDN oder DER_ASN1_DN string in Remote ID Feld', 'vpn broken' => 'Gebrochen', 'vpn connecting' => 'VERBINDUNGSAUFBAU', -'vpn delayed start' => 'Verzögerung bevor VPN gestartet wird (Sekunden)', +'vpn delayed start' => 'Verzögerung, bevor VPN gestartet wird (in Sekunden)', 'vpn delayed start help' => 'Falls notwendig, kann diese Verzögerung dazu verwendet werden, um Dynamic-DNS-Updates ordnungsgemäß anzuwenden. 60 ist ein gängiger Wert, wenn ROT (RED) eine dynamische IP Adresse ist.', 'vpn incompatible use of defaultroute' => 'Hostname=%defaultroute nicht zulässig', 'vpn keyexchange' => 'Schlüsseltausch', @@ -2623,12 +2623,12 @@ 'vpn on blue' => 'VPN auf BLAU', 'vpn on green' => 'VPN auf GRÜN', 'vpn on orange' => 'VPN auf ORANGE', -'vpn on-demand' => 'ON DEMAND', +'vpn on-demand' => 'BEI BEDARF', 'vpn payload compression' => 'Datennutzlast-Kompression aushandeln', 'vpn red name' => 'Öffentliche IP oder FQDN für das rote Interface oder <%defaultroute>', 'vpn remote id' => 'Remote ID', 'vpn start action' => 'Startaktion', -'vpn start action route' => 'On Demand', +'vpn start action route' => 'Bei Bedarf', 'vpn start action start' => 'Immer An', 'vpn statistic n2n' => 'OpenVPN-Netz-zu-Netz-Statistik', 'vpn statistic rw' => 'OpenVPN-Roadwarrior-Statistik', @@ -2703,8 +2703,9 @@ 'wlan client wpa mode ccmp tkip' => 'CCMP-TKIP', 'wlan client wpa mode tkip tkip' => 'TKIP-TKIP', 'wlan clients' => 'WLAN-Clients', -'wlanap access point' => 'Access Point', +'wlanap' => 'Access Point', 'wlanap channel' => 'Kanal', +'wlanap configuration' => 'Access Point Konfiguration', 'wlanap country' => 'Ländercode', 'wlanap debugging' => 'Debugging', 'wlanap del interface' => 'Ausgewähltes Interface zurücksetzen?', @@ -2735,7 +2736,7 @@ 'yes' => 'Ja', 'you can only define one roadwarrior connection when using pre-shared key authentication' => 'Sie können nur eine Roadwarrior-Verbindung definieren, wenn die Pre-shared-Schlüsselauthentifizierung verwendet wird.
Entweder haben Sie bereits eine Roadwarrior-Verbindung mit Pre-shared-Schlüsselauthentifizierung, oder Sie versuchen gerade, eine hinzuzufügen.', 'your department' => 'Ihre Abteilung', -'your e-mail' => 'Ihre E-mail Adresse', +'your e-mail' => 'Ihre E-Mail-Adresse', ); #EOF diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index b3aee5a2b..ab1f40180 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -2748,8 +2748,9 @@ 'wlan client wpa mode ccmp tkip' => 'CCMP-TKIP', 'wlan client wpa mode tkip tkip' => 'TKIP-TKIP', 'wlan clients' => 'Wireless clients', -'wlanap access point' => 'Access Point', +'wlanap' => 'Access Point', 'wlanap channel' => 'Channel', +'wlanap configuration' => 'Access Point Configuration', 'wlanap country' => 'Country Code', 'wlanap debugging' => 'Debugging', 'wlanap del interface' => 'Remove selected interface?', diff --git a/lfs/apache2 b/lfs/apache2 index 57c344718..b7a741614 100644 --- a/lfs/apache2 +++ b/lfs/apache2 @@ -25,27 +25,27 @@ include Config -VER = 2.2.29 +VER = 2.4.27 THISAPP = httpd-$(VER) DL_FILE = $(THISAPP).tar.bz2 DL_FROM = $(URL_IPFIRE) + DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) +DEPS = "aprutil pcre" + ############################################################################### # Top-level Rules ############################################################################### -objects = $(DL_FILE) \ - httpd-2.2.2-config-1.patch +objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -httpd-2.2.2-config-1.patch = $(DL_FROM)/httpd-2.2.2-config-1.patch -$(DL_FILE)_MD5 = 579342fdeaa7b8b68d17fee91f8fab6e -httpd-2.2.2-config-1.patch_MD5 = e02a3ec5925eb9e111400b9aa229f822 +$(DL_FILE)_MD5 = 97b6bbfa83c866dbe20ef317e3afd108 install : $(TARGET) @@ -75,8 +75,8 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np1 -i $(DIR_DL)/httpd-2.2.2-config-1.patch - + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/apache-2.4.27-PR61382-fix.patch + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/apache-2.4.27-CVE-2017-9798-fix.patch ### Add IPFire's layout, too echo "# IPFire layout" >> $(DIR_APP)/config.layout echo "" >> $(DIR_APP)/config.layout @@ -103,14 +103,15 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) echo "" >> $(DIR_APP)/config.layout cd $(DIR_APP) && ./configure --enable-layout=IPFire \ - --enable-ssl --enable-mods-shared=all --enable-proxy + --enable-ssl --enable-mods-shared=all --enable-proxy --with-mpm=event cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install chown -v root:root /usr/lib/apache/httpd.exp \ - /usr/sbin/{apxs,apachectl,dbmmanage,envvars{,-std}} \ - /usr/share/man/man1/{dbmmanage,ht{dbm,digest,passwd,txt2dbm}}.1 \ - /usr/share/man/man8/{ab,apachectl,apxs,htcacheclean,httpd}.8 \ - /usr/share/man/man8/{logresolve,rotatelogs,suexec}.8 + /usr/bin/{apxs,dbmmanage} \ + /usr/sbin/apachectl \ + /usr/share/man/man1/{ab,apxs,dbmmanage,ht{dbm,digest,passwd,txt2dbm},logresolve}.1 \ + /usr/share/man/man8/{apachectl,htcacheclean,httpd}.8 \ + /usr/share/man/man8/{rotatelogs,suexec}.8 # Install apache config cp -rf $(DIR_CONF)/httpd/* /etc/httpd/conf diff --git a/lfs/apr b/lfs/apr new file mode 100644 index 000000000..6f667cffc --- /dev/null +++ b/lfs/apr @@ -0,0 +1,82 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007-2014 IPFire Team # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 1.6.2 + +THISAPP = apr-$(VER) +DL_FILE = $(THISAPP).tar.bz2 +DL_FROM = http://archive.apache.org/dist/apr +DIR_APP = $(DIR_SRC)/$(THISAPP) + +TARGET = $(DIR_INFO)/$(THISAPP) + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = e81a851967c79b5ce9bfbc909e4bf735 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) + + cd $(DIR_APP) && ./configure --prefix=/usr \ + --disable-static --with-installbuilddir=/usr/share/apr-1/build + cd $(DIR_APP) && make $(MAKETUNING) + cd $(DIR_APP) && make install + + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/lfs/aprutil b/lfs/aprutil new file mode 100644 index 000000000..c2f808422 --- /dev/null +++ b/lfs/aprutil @@ -0,0 +1,84 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007-2014 IPFire Team # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 1.6.0 + +THISAPP = apr-util-$(VER) +DL_FILE = $(THISAPP).tar.bz2 +DL_FROM = http://archive.apache.org/dist/apr +DIR_APP = $(DIR_SRC)/$(THISAPP) + +TARGET = $(DIR_INFO)/$(THISAPP) + +DEPS = "apr" + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = 069a9a980776acab05212c5f37ef8368 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) + + cd $(DIR_APP) && ./configure --prefix=/usr \ + --with-apr=/usr --with-gdbm=/usr --with-openssl=/usr --with-crypto --with-expat=/usr + cd $(DIR_APP) && make $(MAKETUNING) + cd $(DIR_APP) && make install + + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/lfs/cacti b/lfs/cacti index f44e7b40e..d0e967d22 100644 --- a/lfs/cacti +++ b/lfs/cacti @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = cacti -PAK_VER = 5 +PAK_VER = 6 DEPS = "netsnmpd mysql" diff --git a/lfs/gnutls b/lfs/gnutls index 86e7fb2c7..360594fe6 100644 --- a/lfs/gnutls +++ b/lfs/gnutls @@ -24,7 +24,7 @@ include Config -VER = 3.5.14 +VER = 3.5.15 THISAPP = gnutls-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 1e84b57a472b5f3b01f2c1b7a3a2bcbe +$(DL_FILE)_MD5 = bcdcbc65c50a7499617ad9f4d0058de9 install : $(TARGET) diff --git a/lfs/hdparm b/lfs/hdparm index 6c7dc4de6..c26131eaa 100644 --- a/lfs/hdparm +++ b/lfs/hdparm @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2015 IPFire Team # +# Copyright (C) 2007-2017 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@ include Config -VER = 9.50 +VER = 9.52 THISAPP = hdparm-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = d380062ad6c4b40076736efbb640f1f5 +$(DL_FILE)_MD5 = 410539d0bf3cc247181594581edbfb53 install : $(TARGET) diff --git a/lfs/hostapd b/lfs/hostapd index d94c0e752..11b4d1cdf 100644 --- a/lfs/hostapd +++ b/lfs/hostapd @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = hostapd -PAK_VER = 38 +PAK_VER = 39 DEPS = "" diff --git a/lfs/icinga b/lfs/icinga index ab562f24c..5d8d5a16f 100644 --- a/lfs/icinga +++ b/lfs/icinga @@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = icinga -PAK_VER = 1 +PAK_VER = 2 DEPS = "" diff --git a/lfs/nagios b/lfs/nagios index 1a88989d7..5ff1499a8 100644 --- a/lfs/nagios +++ b/lfs/nagios @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = nagios -PAK_VER = 2 +PAK_VER = 3 DEPS = "traceroute" diff --git a/lfs/openmailadmin b/lfs/openmailadmin index 147595d16..1980be70c 100644 --- a/lfs/openmailadmin +++ b/lfs/openmailadmin @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = openmailadmin -PAK_VER = 1 +PAK_VER = 2 DEPS = "cyrus-imapd postfix mysql" diff --git a/lfs/owncloud b/lfs/owncloud index e021a4c63..c13e29678 100644 --- a/lfs/owncloud +++ b/lfs/owncloud @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = owncloud -PAK_VER = 6 +PAK_VER = 7 DEPS = "" diff --git a/lfs/phpSANE b/lfs/phpSANE index 5dad01d84..6a605f1fa 100644 --- a/lfs/phpSANE +++ b/lfs/phpSANE @@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = phpSANE -PAK_VER = 1 +PAK_VER = 2 DEPS = "sane netpbm" diff --git a/lfs/squid b/lfs/squid index 8440cf85b..08583d0b9 100644 --- a/lfs/squid +++ b/lfs/squid @@ -24,7 +24,7 @@ include Config -VER = 3.5.26 +VER = 3.5.27 THISAPP = squid-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 510e2c84773879c00d0e7ced997864d9 +$(DL_FILE)_MD5 = 39ef8199675d48a314b540f92c00c545 install : $(TARGET) @@ -70,21 +70,7 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar xaf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14169.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14170.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14171.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14172.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14173.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14174.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14175.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14176.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14177.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14178.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14179.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14180.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14181.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14182.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.5.26-fix-max-file-descriptors.patch + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.5.27-fix-max-file-descriptors.patch cd $(DIR_APP) && autoreconf -vfi cd $(DIR_APP)/libltdl && autoreconf -vfi diff --git a/lfs/strongswan b/lfs/strongswan index 85c4f2b85..600c012dc 100644 --- a/lfs/strongswan +++ b/lfs/strongswan @@ -24,7 +24,7 @@ include Config -VER = 5.5.3 +VER = 5.6.0 THISAPP = strongswan-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -48,7 +48,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 4afffe3c219bb2e04f09510905af836b +$(DL_FILE)_MD5 = befb5e827d02433fea6669c20e11530a install : $(TARGET) diff --git a/lfs/tcpdump b/lfs/tcpdump index 42536f16a..acf752ce2 100644 --- a/lfs/tcpdump +++ b/lfs/tcpdump @@ -24,7 +24,7 @@ include Config -VER = 4.9.0 +VER = 4.9.2 THISAPP = tcpdump-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = tcpdump -PAK_VER = 8 +PAK_VER = 9 DEPS = "" @@ -44,7 +44,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 2b83364eef53b63ca3181b4eb56dab0c +$(DL_FILE)_MD5 = 9bbc1ee33dab61302411b02dd0515576 install : $(TARGET) diff --git a/lfs/unbound b/lfs/unbound index 5046f45f3..39ad0def7 100644 --- a/lfs/unbound +++ b/lfs/unbound @@ -24,7 +24,7 @@ include Config -VER = 1.6.4 +VER = 1.6.6 THISAPP = unbound-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = ab6f7c07610907f1d87191c9ac2db87a +$(DL_FILE)_MD5 = f2cc56bd88c9634fe18334d2421205f1 install : $(TARGET) diff --git a/make.sh b/make.sh index f79f6276a..73b7b380b 100755 --- a/make.sh +++ b/make.sh @@ -25,8 +25,8 @@ NAME="IPFire" # Software name SNAME="ipfire" # Short name VERSION="2.19" # Version number -CORE="113" # Core Level (Filename) -PAKFIRE_CORE="113" # Core Level (PAKFIRE) +CORE="114" # Core Level (Filename) +PAKFIRE_CORE="114" # Core Level (PAKFIRE) GIT_BRANCH=`git rev-parse --abbrev-ref HEAD` # Git Branch SLOGAN="www.ipfire.org" # Software slogan CONFIG_ROOT=/var/ipfire # Configuration rootdir @@ -497,6 +497,8 @@ buildipfire() { lfsmake2 libevent2 lfsmake2 libevent2-compat lfsmake2 expat + lfsmake2 apr + lfsmake2 aprutil lfsmake2 unbound lfsmake2 gnutls lfsmake2 bind diff --git a/src/initscripts/system/unbound b/src/initscripts/system/unbound index 3002f4800..e5554d725 100644 --- a/src/initscripts/system/unbound +++ b/src/initscripts/system/unbound @@ -454,6 +454,18 @@ disable_dnssec() { unbound-control -q set_option val-permissive-mode: yes } +fix_time_if_dns_fail() { + # If DNS still not work try to init ntp with + # hardcoded ntp.ipfire.org (81.3.27.46) + if [ -e /var/ipfire/red/active ]; then + host 0.ipfire.pool.ntp.org > /dev/null 2>&1 + if [ "${?}" != "0" ]; then + boot_mesg "DNS still not work ... init time with ntp.ipfire.org at 81.3.27.46 ..." + loadproc /usr/local/bin/settime 81.3.27.46 + fi + fi +} + case "$1" in start) # Print a nicer messagen when unbound is already running @@ -485,15 +497,7 @@ case "$1" in # Update hosts update_hosts - # If DNS still not work try to init ntp with - # hardcoded ntp.ipfire.org (81.3.27.46) - if [ -e /var/ipfire/red/active ]; then - host 0.ipfire.pool.ntp.org > /dev/null 2>&1 - if [ "${?}" != "0" ]; then - boot_mesg "DNS still not work ... init time with ntp.ipfire.org at 81.3.27.46 ..." - loadproc /usr/local/bin/settime 81.3.27.46 - fi - fi + fix_time_if_dns_fail ;; stop) @@ -518,6 +522,11 @@ case "$1" in fi update_forwarders + + unbound-control flush_negative > /dev/null + unbound-control flush_bogus > /dev/null + + fix_time_if_dns_fail ;; test-name-server) diff --git a/src/patches/apache-2.4.27-CVE-2017-9798-fix.patch b/src/patches/apache-2.4.27-CVE-2017-9798-fix.patch new file mode 100644 index 000000000..eb82c8bcd --- /dev/null +++ b/src/patches/apache-2.4.27-CVE-2017-9798-fix.patch @@ -0,0 +1,15 @@ +--- server/core.c 2017/08/16 16:50:29 1805223 ++++ server/core.c 2017/09/08 13:13:11 1807754 +@@ -2262,6 +2262,12 @@ + /* method has not been registered yet, but resource restriction + * is always checked before method handling, so register it. + */ ++ if (cmd->pool == cmd->temp_pool) { ++ /* In .htaccess, we can't globally register new methods. */ ++ return apr_psprintf(cmd->pool, "Could not register method '%s' " ++ "for %s from .htaccess configuration", ++ method, cmd->cmd->name); ++ } + methnum = ap_method_register(cmd->pool, + apr_pstrdup(cmd->pool, method)); + } diff --git a/src/patches/apache-2.4.27-PR61382-fix.patch b/src/patches/apache-2.4.27-PR61382-fix.patch new file mode 100644 index 000000000..128621a05 --- /dev/null +++ b/src/patches/apache-2.4.27-PR61382-fix.patch @@ -0,0 +1,783 @@ +Index: modules/http2/h2_bucket_beam.c +=================================================================== +--- modules/http2/h2_bucket_beam.c (revision 1804645) ++++ modules/http2/h2_bucket_beam.c (working copy) +@@ -287,7 +287,7 @@ + /* do not count */ + } + else if (APR_BUCKET_IS_FILE(b)) { +- /* if unread, has no real mem footprint. how to test? */ ++ /* if unread, has no real mem footprint. */ + } + else { + len += b->length; +@@ -316,32 +316,80 @@ + return APR_SIZE_MAX; + } + +-static apr_status_t wait_cond(h2_bucket_beam *beam, apr_thread_mutex_t *lock) ++static int buffer_is_empty(h2_bucket_beam *beam) + { +- if (beam->timeout > 0) { +- return apr_thread_cond_timedwait(beam->cond, lock, beam->timeout); ++ return ((!beam->recv_buffer || APR_BRIGADE_EMPTY(beam->recv_buffer)) ++ && H2_BLIST_EMPTY(&beam->send_list)); ++} ++ ++static apr_status_t wait_empty(h2_bucket_beam *beam, apr_read_type_e block, ++ apr_thread_mutex_t *lock) ++{ ++ apr_status_t rv = APR_SUCCESS; ++ ++ while (!buffer_is_empty(beam) && APR_SUCCESS == rv) { ++ if (APR_BLOCK_READ != block || !lock) { ++ rv = APR_EAGAIN; ++ } ++ else if (beam->timeout > 0) { ++ rv = apr_thread_cond_timedwait(beam->change, lock, beam->timeout); ++ } ++ else { ++ rv = apr_thread_cond_wait(beam->change, lock); ++ } + } +- else { +- return apr_thread_cond_wait(beam->cond, lock); ++ return rv; ++} ++ ++static apr_status_t wait_not_empty(h2_bucket_beam *beam, apr_read_type_e block, ++ apr_thread_mutex_t *lock) ++{ ++ apr_status_t rv = APR_SUCCESS; ++ ++ while (buffer_is_empty(beam) && APR_SUCCESS == rv) { ++ if (beam->aborted) { ++ rv = APR_ECONNABORTED; ++ } ++ else if (beam->closed) { ++ rv = APR_EOF; ++ } ++ else if (APR_BLOCK_READ != block || !lock) { ++ rv = APR_EAGAIN; ++ } ++ else if (beam->timeout > 0) { ++ rv = apr_thread_cond_timedwait(beam->change, lock, beam->timeout); ++ } ++ else { ++ rv = apr_thread_cond_wait(beam->change, lock); ++ } + } ++ return rv; + } + +-static apr_status_t r_wait_space(h2_bucket_beam *beam, apr_read_type_e block, +- h2_beam_lock *pbl, apr_size_t *premain) ++static apr_status_t wait_not_full(h2_bucket_beam *beam, apr_read_type_e block, ++ apr_size_t *pspace_left, h2_beam_lock *bl) + { +- *premain = calc_space_left(beam); +- while (!beam->aborted && *premain <= 0 +- && (block == APR_BLOCK_READ) && pbl->mutex) { +- apr_status_t status; +- report_prod_io(beam, 1, pbl); +- status = wait_cond(beam, pbl->mutex); +- if (APR_STATUS_IS_TIMEUP(status)) { +- return status; ++ apr_status_t rv = APR_SUCCESS; ++ apr_size_t left; ++ ++ while (0 == (left = calc_space_left(beam)) && APR_SUCCESS == rv) { ++ if (beam->aborted) { ++ rv = APR_ECONNABORTED; + } +- r_purge_sent(beam); +- *premain = calc_space_left(beam); ++ else if (block != APR_BLOCK_READ || !bl->mutex) { ++ rv = APR_EAGAIN; ++ } ++ else { ++ if (beam->timeout > 0) { ++ rv = apr_thread_cond_timedwait(beam->change, bl->mutex, beam->timeout); ++ } ++ else { ++ rv = apr_thread_cond_wait(beam->change, bl->mutex); ++ } ++ } + } +- return beam->aborted? APR_ECONNABORTED : APR_SUCCESS; ++ *pspace_left = left; ++ return rv; + } + + static void h2_beam_emitted(h2_bucket_beam *beam, h2_beam_proxy *proxy) +@@ -404,8 +452,8 @@ + if (!bl.mutex) { + r_purge_sent(beam); + } +- else if (beam->cond) { +- apr_thread_cond_broadcast(beam->cond); ++ else { ++ apr_thread_cond_broadcast(beam->change); + } + leave_yellow(beam, &bl); + } +@@ -425,9 +473,7 @@ + { + if (!beam->closed) { + beam->closed = 1; +- if (beam->cond) { +- apr_thread_cond_broadcast(beam->cond); +- } ++ apr_thread_cond_broadcast(beam->change); + } + return APR_SUCCESS; + } +@@ -582,7 +628,7 @@ + apr_interval_time_t timeout) + { + h2_bucket_beam *beam; +- apr_status_t status = APR_SUCCESS; ++ apr_status_t rv = APR_SUCCESS; + + beam = apr_pcalloc(pool, sizeof(*beam)); + if (!beam) { +@@ -601,16 +647,15 @@ + beam->max_buf_size = max_buf_size; + beam->timeout = timeout; + +- status = apr_thread_mutex_create(&beam->lock, APR_THREAD_MUTEX_DEFAULT, +- pool); +- if (status == APR_SUCCESS) { +- status = apr_thread_cond_create(&beam->cond, pool); +- if (status == APR_SUCCESS) { ++ rv = apr_thread_mutex_create(&beam->lock, APR_THREAD_MUTEX_DEFAULT, pool); ++ if (APR_SUCCESS == rv) { ++ rv = apr_thread_cond_create(&beam->change, pool); ++ if (APR_SUCCESS == rv) { + apr_pool_pre_cleanup_register(pool, beam, beam_cleanup); + *pbeam = beam; + } + } +- return status; ++ return rv; + } + + void h2_beam_buffer_size_set(h2_bucket_beam *beam, apr_size_t buffer_size) +@@ -691,9 +736,7 @@ + h2_blist_cleanup(&beam->send_list); + report_consumption(beam, &bl); + } +- if (beam->cond) { +- apr_thread_cond_broadcast(beam->cond); +- } ++ apr_thread_cond_broadcast(beam->change); + leave_yellow(beam, &bl); + } + } +@@ -730,18 +773,7 @@ + h2_beam_lock bl; + + if ((status = enter_yellow(beam, &bl)) == APR_SUCCESS) { +- while (status == APR_SUCCESS +- && !H2_BLIST_EMPTY(&beam->send_list) +- && !H2_BPROXY_LIST_EMPTY(&beam->proxies)) { +- if (block == APR_NONBLOCK_READ || !bl.mutex) { +- status = APR_EAGAIN; +- break; +- } +- if (beam->cond) { +- apr_thread_cond_broadcast(beam->cond); +- } +- status = wait_cond(beam, bl.mutex); +- } ++ status = wait_empty(beam, block, bl.mutex); + leave_yellow(beam, &bl); + } + return status; +@@ -761,13 +793,18 @@ + static apr_status_t append_bucket(h2_bucket_beam *beam, + apr_bucket *b, + apr_read_type_e block, ++ apr_size_t *pspace_left, + h2_beam_lock *pbl) + { + const char *data; + apr_size_t len; +- apr_size_t space_left = 0; + apr_status_t status; ++ int can_beam, check_len; + ++ if (beam->aborted) { ++ return APR_ECONNABORTED; ++ } ++ + if (APR_BUCKET_IS_METADATA(b)) { + if (APR_BUCKET_IS_EOS(b)) { + beam->closed = 1; +@@ -777,11 +814,31 @@ + return APR_SUCCESS; + } + else if (APR_BUCKET_IS_FILE(b)) { +- /* file bucket lengths do not really count */ ++ /* For file buckets the problem is their internal readpool that ++ * is used on the first read to allocate buffer/mmap. ++ * Since setting aside a file bucket will de-register the ++ * file cleanup function from the previous pool, we need to ++ * call that only from the sender thread. ++ * ++ * Currently, we do not handle file bucket with refcount > 1 as ++ * the beam is then not in complete control of the file's lifetime. ++ * Which results in the bug that a file get closed by the receiver ++ * while the sender or the beam still have buckets using it. ++ * ++ * Additionally, we allow callbacks to prevent beaming file ++ * handles across. The use case for this is to limit the number ++ * of open file handles and rather use a less efficient beam ++ * transport. */ ++ apr_bucket_file *bf = b->data; ++ apr_file_t *fd = bf->fd; ++ can_beam = (bf->refcount.refcount == 1); ++ if (can_beam && beam->can_beam_fn) { ++ can_beam = beam->can_beam_fn(beam->can_beam_ctx, beam, fd); ++ } ++ check_len = !can_beam; + } + else { +- space_left = calc_space_left(beam); +- if (space_left > 0 && b->length == ((apr_size_t)-1)) { ++ if (b->length == ((apr_size_t)-1)) { + const char *data; + status = apr_bucket_read(b, &data, &len, APR_BLOCK_READ); + if (status != APR_SUCCESS) { +@@ -788,19 +845,15 @@ + return status; + } + } +- +- if (space_left <= 0) { +- status = r_wait_space(beam, block, pbl, &space_left); +- if (status != APR_SUCCESS) { +- return status; +- } +- if (space_left <= 0) { +- return APR_EAGAIN; +- } ++ check_len = 1; ++ } ++ ++ if (check_len) { ++ if (b->length > *pspace_left) { ++ apr_bucket_split(b, *pspace_left); + } +- /* space available, maybe need bucket split */ ++ *pspace_left -= b->length; + } +- + + /* The fundamental problem is that reading a sender bucket from + * a receiver thread is a total NO GO, because the bucket might use +@@ -830,32 +883,8 @@ + apr_bucket_heap_make(b, data, len, NULL); + } + } +- else if (APR_BUCKET_IS_FILE(b)) { +- /* For file buckets the problem is their internal readpool that +- * is used on the first read to allocate buffer/mmap. +- * Since setting aside a file bucket will de-register the +- * file cleanup function from the previous pool, we need to +- * call that only from the sender thread. +- * +- * Currently, we do not handle file bucket with refcount > 1 as +- * the beam is then not in complete control of the file's lifetime. +- * Which results in the bug that a file get closed by the receiver +- * while the sender or the beam still have buckets using it. +- * +- * Additionally, we allow callbacks to prevent beaming file +- * handles across. The use case for this is to limit the number +- * of open file handles and rather use a less efficient beam +- * transport. */ +- apr_bucket_file *bf = b->data; +- apr_file_t *fd = bf->fd; +- int can_beam = (bf->refcount.refcount == 1); +- if (can_beam && beam->can_beam_fn) { +- can_beam = beam->can_beam_fn(beam->can_beam_ctx, beam, fd); +- } +- if (can_beam) { +- status = apr_bucket_setaside(b, beam->send_pool); +- } +- /* else: enter ENOTIMPL case below */ ++ else if (APR_BUCKET_IS_FILE(b) && can_beam) { ++ status = apr_bucket_setaside(b, beam->send_pool); + } + + if (status == APR_ENOTIMPL) { +@@ -865,12 +894,6 @@ + * a counter example). + * We do the read while in the sender thread, so that the bucket may + * use pools/allocators safely. */ +- if (space_left < APR_BUCKET_BUFF_SIZE) { +- space_left = APR_BUCKET_BUFF_SIZE; +- } +- if (space_left < b->length) { +- apr_bucket_split(b, space_left); +- } + status = apr_bucket_read(b, &data, &len, APR_BLOCK_READ); + if (status == APR_SUCCESS) { + status = apr_bucket_setaside(b, beam->send_pool); +@@ -884,7 +907,7 @@ + APR_BUCKET_REMOVE(b); + H2_BLIST_INSERT_TAIL(&beam->send_list, b); + beam->sent_bytes += b->length; +- ++ + return APR_SUCCESS; + } + +@@ -904,7 +927,8 @@ + apr_read_type_e block) + { + apr_bucket *b; +- apr_status_t status = APR_SUCCESS; ++ apr_status_t rv = APR_SUCCESS; ++ apr_size_t space_left = 0; + h2_beam_lock bl; + + /* Called from the sender thread to add buckets to the beam */ +@@ -914,23 +938,31 @@ + + if (beam->aborted) { + move_to_hold(beam, sender_bb); +- status = APR_ECONNABORTED; ++ rv = APR_ECONNABORTED; + } + else if (sender_bb) { +- int force_report = !APR_BRIGADE_EMPTY(sender_bb); +- while (!APR_BRIGADE_EMPTY(sender_bb) && status == APR_SUCCESS) { ++ int force_report = !APR_BRIGADE_EMPTY(sender_bb); ++ ++ space_left = calc_space_left(beam); ++ while (!APR_BRIGADE_EMPTY(sender_bb) && APR_SUCCESS == rv) { ++ if (space_left <= 0) { ++ report_prod_io(beam, force_report, &bl); ++ rv = wait_not_full(beam, block, &space_left, &bl); ++ if (APR_SUCCESS != rv) { ++ break; ++ } ++ } + b = APR_BRIGADE_FIRST(sender_bb); +- status = append_bucket(beam, b, block, &bl); ++ rv = append_bucket(beam, b, block, &space_left, &bl); + } ++ + report_prod_io(beam, force_report, &bl); +- if (beam->cond) { +- apr_thread_cond_broadcast(beam->cond); +- } ++ apr_thread_cond_broadcast(beam->change); + } + report_consumption(beam, &bl); + leave_yellow(beam, &bl); + } +- return status; ++ return rv; + } + + apr_status_t h2_beam_receive(h2_bucket_beam *beam, +@@ -942,11 +974,16 @@ + apr_bucket *bsender, *brecv, *ng; + int transferred = 0; + apr_status_t status = APR_SUCCESS; +- apr_off_t remain = readbytes; ++ apr_off_t remain; + int transferred_buckets = 0; + + /* Called from the receiver thread to take buckets from the beam */ + if (enter_yellow(beam, &bl) == APR_SUCCESS) { ++ if (readbytes <= 0) { ++ readbytes = APR_SIZE_MAX; ++ } ++ remain = readbytes; ++ + transfer: + if (beam->aborted) { + recv_buffer_cleanup(beam, &bl); +@@ -955,11 +992,12 @@ + } + + /* transfer enough buckets from our receiver brigade, if we have one */ +- while (beam->recv_buffer +- && !APR_BRIGADE_EMPTY(beam->recv_buffer) +- && (readbytes <= 0 || remain >= 0)) { ++ while (remain >= 0 ++ && beam->recv_buffer ++ && !APR_BRIGADE_EMPTY(beam->recv_buffer)) { ++ + brecv = APR_BRIGADE_FIRST(beam->recv_buffer); +- if (readbytes > 0 && brecv->length > 0 && remain <= 0) { ++ if (brecv->length > 0 && remain <= 0) { + break; + } + APR_BUCKET_REMOVE(brecv); +@@ -970,11 +1008,11 @@ + + /* transfer from our sender brigade, transforming sender buckets to + * receiver ones until we have enough */ +- while (!H2_BLIST_EMPTY(&beam->send_list) && (readbytes <= 0 || remain >= 0)) { +- bsender = H2_BLIST_FIRST(&beam->send_list); ++ while (remain >= 0 && !H2_BLIST_EMPTY(&beam->send_list)) { ++ + brecv = NULL; +- +- if (readbytes > 0 && bsender->length > 0 && remain <= 0) { ++ bsender = H2_BLIST_FIRST(&beam->send_list); ++ if (bsender->length > 0 && remain <= 0) { + break; + } + +@@ -1020,11 +1058,12 @@ + * been handed out. See also PR 59348 */ + apr_bucket_file_enable_mmap(ng, 0); + #endif +- remain -= bsender->length; +- ++transferred; + APR_BUCKET_REMOVE(bsender); + H2_BLIST_INSERT_TAIL(&beam->hold_list, bsender); ++ ++ remain -= bsender->length; + ++transferred; ++ ++transferred_buckets; + continue; + } + else { +@@ -1041,6 +1080,7 @@ + * receiver bucket references it any more. */ + APR_BUCKET_REMOVE(bsender); + H2_BLIST_INSERT_TAIL(&beam->hold_list, bsender); ++ + beam->received_bytes += bsender->length; + ++transferred_buckets; + +@@ -1063,8 +1103,8 @@ + } + } + +- if (readbytes > 0 && remain < 0) { +- /* too much, put some back */ ++ if (remain < 0) { ++ /* too much, put some back into out recv_buffer */ + remain = readbytes; + for (brecv = APR_BRIGADE_FIRST(bb); + brecv != APR_BRIGADE_SENTINEL(bb); +@@ -1081,15 +1121,7 @@ + } + } + +- if (transferred_buckets > 0) { +- if (beam->cons_ev_cb) { +- beam->cons_ev_cb(beam->cons_ctx, beam); +- } +- } +- +- if (beam->closed +- && (!beam->recv_buffer || APR_BRIGADE_EMPTY(beam->recv_buffer)) +- && H2_BLIST_EMPTY(&beam->send_list)) { ++ if (beam->closed && buffer_is_empty(beam)) { + /* beam is closed and we have nothing more to receive */ + if (!beam->close_sent) { + apr_bucket *b = apr_bucket_eos_create(bb->bucket_alloc); +@@ -1100,28 +1132,23 @@ + } + } + ++ if (transferred_buckets > 0) { ++ if (beam->cons_ev_cb) { ++ beam->cons_ev_cb(beam->cons_ctx, beam); ++ } ++ } ++ + if (transferred) { +- if (beam->cond) { +- apr_thread_cond_broadcast(beam->cond); +- } ++ apr_thread_cond_broadcast(beam->change); + status = APR_SUCCESS; + } +- else if (beam->closed) { +- status = APR_EOF; +- } +- else if (block == APR_BLOCK_READ && bl.mutex && beam->cond) { +- status = wait_cond(beam, bl.mutex); ++ else { ++ status = wait_not_empty(beam, block, bl.mutex); + if (status != APR_SUCCESS) { + goto leave; + } + goto transfer; + } +- else { +- if (beam->cond) { +- apr_thread_cond_broadcast(beam->cond); +- } +- status = APR_EAGAIN; +- } + leave: + leave_yellow(beam, &bl); + } +Index: modules/http2/h2_bucket_beam.h +=================================================================== +--- modules/http2/h2_bucket_beam.h (revision 1804645) ++++ modules/http2/h2_bucket_beam.h (working copy) +@@ -190,7 +190,7 @@ + unsigned int tx_mem_limits : 1; /* only memory size counts on transfers */ + + struct apr_thread_mutex_t *lock; +- struct apr_thread_cond_t *cond; ++ struct apr_thread_cond_t *change; + void *m_ctx; + h2_beam_mutex_enter *m_enter; + +Index: modules/http2/h2_stream.c +=================================================================== +--- modules/http2/h2_stream.c (revision 1804645) ++++ modules/http2/h2_stream.c (working copy) +@@ -774,20 +774,20 @@ + return NULL; + } + +-static apr_status_t add_data(h2_stream *stream, apr_off_t requested, +- apr_off_t *plen, int *peos, int *complete, +- h2_headers **pheaders) ++static apr_status_t add_buffered_data(h2_stream *stream, apr_off_t requested, ++ apr_off_t *plen, int *peos, int *is_all, ++ h2_headers **pheaders) + { + apr_bucket *b, *e; + + *peos = 0; + *plen = 0; +- *complete = 0; ++ *is_all = 0; + if (pheaders) { + *pheaders = NULL; + } + +- H2_STREAM_OUT_LOG(APLOG_TRACE2, stream, "add_data"); ++ H2_STREAM_OUT_LOG(APLOG_TRACE2, stream, "add_buffered_data"); + b = APR_BRIGADE_FIRST(stream->out_buffer); + while (b != APR_BRIGADE_SENTINEL(stream->out_buffer)) { + e = APR_BUCKET_NEXT(b); +@@ -833,7 +833,7 @@ + } + b = e; + } +- *complete = 1; ++ *is_all = 1; + return APR_SUCCESS; + } + +@@ -865,7 +865,7 @@ + requested = (*plen > 0)? H2MIN(*plen, max_chunk) : max_chunk; + + /* count the buffered data until eos or a headers bucket */ +- status = add_data(stream, requested, plen, peos, &complete, pheaders); ++ status = add_buffered_data(stream, requested, plen, peos, &complete, pheaders); + + if (status == APR_EAGAIN) { + /* TODO: ugly, someone needs to retrieve the response first */ +@@ -882,29 +882,39 @@ + return APR_SUCCESS; + } + ++ /* If there we do not have enough buffered data to satisfy the requested ++ * length *and* we counted the _complete_ buffer (and did not stop in the middle ++ * because of meta data there), lets see if we can read more from the ++ * output beam */ + missing = H2MIN(requested, stream->max_mem) - *plen; + if (complete && !*peos && missing > 0) { ++ apr_status_t rv = APR_EOF; ++ + if (stream->output) { + H2_STREAM_OUT_LOG(APLOG_TRACE2, stream, "pre"); +- status = h2_beam_receive(stream->output, stream->out_buffer, +- APR_NONBLOCK_READ, +- stream->max_mem - *plen); ++ rv = h2_beam_receive(stream->output, stream->out_buffer, ++ APR_NONBLOCK_READ, stream->max_mem - *plen); + H2_STREAM_OUT_LOG(APLOG_TRACE2, stream, "post"); + } +- else { +- status = APR_EOF; ++ ++ if (rv == APR_SUCCESS) { ++ /* count the buffer again, now that we have read output */ ++ status = add_buffered_data(stream, requested, plen, peos, &complete, pheaders); + } +- +- if (APR_STATUS_IS_EOF(status)) { ++ else if (APR_STATUS_IS_EOF(rv)) { + apr_bucket *eos = apr_bucket_eos_create(c->bucket_alloc); + APR_BRIGADE_INSERT_TAIL(stream->out_buffer, eos); + *peos = 1; +- status = APR_SUCCESS; + } +- else if (status == APR_SUCCESS) { +- /* do it again, now that we have gotten more */ +- status = add_data(stream, requested, plen, peos, &complete, pheaders); ++ else if (APR_STATUS_IS_EAGAIN(rv)) { ++ /* we set this is the status of this call only if there ++ * is no buffered data, see check below */ + } ++ else { ++ /* real error reading. Give this back directly, even though ++ * we may have something buffered. */ ++ status = rv; ++ } + } + + if (status == APR_SUCCESS) { +Index: modules/http2/h2_task.c +=================================================================== +--- modules/http2/h2_task.c (revision 1804645) ++++ modules/http2/h2_task.c (working copy) +@@ -129,7 +129,7 @@ + apr_bucket_brigade* bb) + { + apr_bucket *b; +- apr_status_t status = APR_SUCCESS; ++ apr_status_t rv = APR_SUCCESS; + int flush = 0, blocking; + + if (task->frozen) { +@@ -148,17 +148,16 @@ + return APR_SUCCESS; + } + ++send: + /* we send block once we opened the output, so someone is there + * reading it *and* the task is not assigned to a h2_req_engine */ + blocking = (!task->assigned && task->output.opened); +- if (!task->output.opened) { +- for (b = APR_BRIGADE_FIRST(bb); +- b != APR_BRIGADE_SENTINEL(bb); +- b = APR_BUCKET_NEXT(b)) { +- if (APR_BUCKET_IS_FLUSH(b)) { +- flush = 1; +- break; +- } ++ for (b = APR_BRIGADE_FIRST(bb); ++ b != APR_BRIGADE_SENTINEL(bb); ++ b = APR_BUCKET_NEXT(b)) { ++ if (APR_BUCKET_IS_FLUSH(b) || APR_BUCKET_IS_EOS(b) || AP_BUCKET_IS_EOR(b)) { ++ flush = 1; ++ break; + } + } + +@@ -166,32 +165,48 @@ + /* still have data buffered from previous attempt. + * setaside and append new data and try to pass the complete data */ + if (!APR_BRIGADE_EMPTY(bb)) { +- status = ap_save_brigade(f, &task->output.bb, &bb, task->pool); ++ if (APR_SUCCESS != (rv = ap_save_brigade(f, &task->output.bb, &bb, task->pool))) { ++ goto out; ++ } + } +- if (status == APR_SUCCESS) { +- status = send_out(task, task->output.bb, blocking); +- } ++ rv = send_out(task, task->output.bb, blocking); + } + else { +- /* no data buffered here, try to pass the brigade directly */ +- status = send_out(task, bb, blocking); +- if (status == APR_SUCCESS && !APR_BRIGADE_EMPTY(bb)) { +- /* could not write all, buffer the rest */ +- ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, task->c, APLOGNO(03405) +- "h2_slave_out(%s): saving brigade", +- task->id); +- status = ap_save_brigade(f, &task->output.bb, &bb, task->pool); +- flush = 1; ++ /* no data buffered previously, pass brigade directly */ ++ rv = send_out(task, bb, blocking); ++ ++ if (APR_SUCCESS == rv && !APR_BRIGADE_EMPTY(bb)) { ++ /* output refused to buffer it all, time to open? */ ++ if (!task->output.opened && APR_SUCCESS == (rv = open_output(task))) { ++ /* Make another attempt to send the data. With the output open, ++ * the call might be blocking and send all data, so we do not need ++ * to save the brigade */ ++ goto send; ++ } ++ else if (blocking && flush) { ++ /* Need to keep on doing this. */ ++ goto send; ++ } ++ ++ if (APR_SUCCESS == rv) { ++ /* could not write all, buffer the rest */ ++ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, rv, task->c, APLOGNO(03405) ++ "h2_slave_out(%s): saving brigade", task->id); ++ ap_assert(NULL); ++ rv = ap_save_brigade(f, &task->output.bb, &bb, task->pool); ++ flush = 1; ++ } + } + } + +- if (status == APR_SUCCESS && !task->output.opened && flush) { ++ if (APR_SUCCESS == rv && !task->output.opened && flush) { + /* got a flush or could not write all, time to tell someone to read */ +- status = open_output(task); ++ rv = open_output(task); + } +- ap_log_cerror(APLOG_MARK, APLOG_TRACE2, status, task->c, ++out: ++ ap_log_cerror(APLOG_MARK, APLOG_TRACE2, rv, task->c, + "h2_slave_out(%s): slave_out leave", task->id); +- return status; ++ return rv; + } + + static apr_status_t output_finish(h2_task *task) +Index: modules/http2/h2_version.h +=================================================================== +--- modules/http2/h2_version.h (revision 1804645) ++++ modules/http2/h2_version.h (working copy) +@@ -26,7 +26,7 @@ + * @macro + * Version number of the http2 module as c string + */ +-#define MOD_HTTP2_VERSION "1.10.7" ++#define MOD_HTTP2_VERSION "1.10.10" + + /** + * @macro +@@ -34,7 +34,7 @@ + * release. This is a 24 bit number with 8 bits for major number, 8 bits + * for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203. + */ +-#define MOD_HTTP2_VERSION_NUM 0x010a06 ++#define MOD_HTTP2_VERSION_NUM 0x010a0a + + + #endif /* mod_h2_h2_version_h */ +Index: modules/http2 +=================================================================== +--- modules/http2 (revision 1804645) ++++ modules/http2 (working copy) + +Property changes on: modules/http2 +___________________________________________________________________ +Modified: svn:mergeinfo +## -0,0 +0,1 ## + Merged /httpd/httpd/trunk/modules/http2:r1803420,1803454,1804090 +Index: . +=================================================================== +--- . (revision 1804645) ++++ . (working copy) + +Property changes on: . +___________________________________________________________________ +Modified: svn:mergeinfo +## -0,0 +0,1 ## + Merged /httpd/httpd/trunk:r1803420,1803454,1804090 diff --git a/src/patches/squid-3.5.26-fix-max-file-descriptors.patch b/src/patches/squid-3.5.27-fix-max-file-descriptors.patch similarity index 100% rename from src/patches/squid-3.5.26-fix-max-file-descriptors.patch rename to src/patches/squid-3.5.27-fix-max-file-descriptors.patch diff --git a/src/patches/squid/squid-3.5-14169.patch b/src/patches/squid/squid-3.5-14169.patch deleted file mode 100644 index 464ce5368..000000000 --- a/src/patches/squid/squid-3.5-14169.patch +++ /dev/null @@ -1,881 +0,0 @@ ------------------------------------------------------------- -revno: 14169 -revision-id: squid3@treenet.co.nz-20170614213720-3qmiohlx4zr2jnqq -parent: squid3@treenet.co.nz-20170601134753-6u64sl2rzmbfs67l -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=2833 -author: Eduard Bagdasaryan -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Thu 2017-06-15 09:37:20 +1200 -message: - Bug 2833 pt2: Collapse internal revalidation requests (SMP-unaware caches), again. - - The security fix in v5 r14979 had a negative effect on collapsed - forwarding. All "private" entries were considered automatically - non-shareable among collapsed clients. However this is not true: there - are many situations when collapsed forwarding should work despite of - "private" entry status: 304/5xx responses are good examples of that. - This patch fixes that by means of a new StoreEntry::shareableWhenPrivate - flag. - - The suggested fix is not complete: To cover all possible situations, we - need to decide whether StoreEntry::shareableWhenPrivate is true or not - for all contexts where StoreEntry::setPrivateKey() is used. This patch - fixes only few important cases inside http.cc, making CF (as well - collapsed revalidation) work for some [non-cacheable] response status - codes, including 3xx, 5xx and some others. - - The original support for internal revalidation requests collapsing - was in trink r14755 and referred to Squid bugs 2833, 4311, and 4471. ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20170614213720-3qmiohlx4zr2jnqq -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: 9e248e2e9d2f1defe1070eb808177df978fb4146 -# timestamp: 2017-06-14 21:51:05 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20170601134753-\ -# 6u64sl2rzmbfs67l -# -# Begin patch -=== modified file 'src/HttpHdrCc.cc' ---- src/HttpHdrCc.cc 2017-01-01 00:16:45 +0000 -+++ src/HttpHdrCc.cc 2017-06-14 21:37:20 +0000 -@@ -262,8 +262,8 @@ - case CC_PUBLIC: - break; - case CC_PRIVATE: -- if (Private().size()) -- packerPrintf(p, "=\"" SQUIDSTRINGPH "\"", SQUIDSTRINGPRINT(Private())); -+ if (private_.size()) -+ packerPrintf(p, "=\"" SQUIDSTRINGPH "\"", SQUIDSTRINGPRINT(private_)); - break; - - case CC_NO_CACHE: - -=== modified file 'src/MemStore.cc' ---- src/MemStore.cc 2017-01-01 00:16:45 +0000 -+++ src/MemStore.cc 2017-06-14 21:37:20 +0000 -@@ -299,7 +299,7 @@ - e.ping_status = PING_NONE; - - EBIT_CLR(e.flags, RELEASE_REQUEST); -- EBIT_CLR(e.flags, KEY_PRIVATE); -+ e.clearPrivate(); - EBIT_SET(e.flags, ENTRY_VALIDATED); - - MemObject::MemCache &mc = e.mem_obj->memCache; - -=== modified file 'src/Store.h' ---- src/Store.h 2017-01-01 00:16:45 +0000 -+++ src/Store.h 2017-06-14 21:37:20 +0000 -@@ -95,15 +95,19 @@ - void abort(); - void unlink(); - void makePublic(const KeyScope keyScope = ksDefault); -- void makePrivate(); -+ void makePrivate(const bool shareable); -+ /// A low-level method just resetting "private key" flags. -+ /// To avoid key inconsistency please use forcePublicKey() -+ /// or similar instead. -+ void clearPrivate(); - void setPublicKey(const KeyScope keyScope = ksDefault); - /// Resets existing public key to a public key with default scope, - /// releasing the old default-scope entry (if any). - /// Does nothing if the existing public key already has default scope. - void clearPublicKeyScope(); -- void setPrivateKey(); -+ void setPrivateKey(const bool shareable); - void expireNow(); -- void releaseRequest(); -+ void releaseRequest(const bool shareable = false); - void negativeCache(); - void cacheNegatively(); /** \todo argh, why both? */ - void invokeHandlers(); -@@ -230,7 +234,13 @@ - /// update last reference timestamp and related Store metadata - void touch(); - -- virtual void release(); -+ virtual void release(const bool shareable = false); -+ -+ /// May the caller commit to treating this [previously locked] -+ /// entry as a cache hit? -+ bool mayStartHitting() const { -+ return !EBIT_TEST(flags, KEY_PRIVATE) || shareableWhenPrivate; -+ } - - #if USE_ADAPTATION - /// call back producer when more buffer space is available -@@ -252,6 +262,13 @@ - - unsigned short lock_count; /* Assume < 65536! */ - -+ /// Nobody can find/lock KEY_PRIVATE entries, but some transactions -+ /// (e.g., collapsed requests) find/lock a public entry before it becomes -+ /// private. May such transactions start using the now-private entry -+ /// they previously locked? This member should not affect transactions -+ /// that already started reading from the entry. -+ bool shareableWhenPrivate; -+ - #if USE_ADAPTATION - /// producer callback registered with deferProducer - AsyncCall::Pointer deferredProducer; -@@ -259,6 +276,8 @@ - - bool validLength() const; - bool hasOneOfEtags(const String &reqETags, const bool allowWeakMatch) const; -+ -+ friend std::ostream &operator <<(std::ostream &os, const StoreEntry &e); - }; - - std::ostream &operator <<(std::ostream &os, const StoreEntry &e); - -=== modified file 'src/client_side_reply.cc' ---- src/client_side_reply.cc 2017-05-29 13:15:55 +0000 -+++ src/client_side_reply.cc 2017-06-14 21:37:20 +0000 -@@ -396,8 +396,8 @@ - if (result.flags.error && !EBIT_TEST(http->storeEntry()->flags, ENTRY_ABORTED)) - return; - -- if (collapsedRevalidation == crSlave && EBIT_TEST(http->storeEntry()->flags, KEY_PRIVATE)) { -- debugs(88, 3, "CF slave hit private " << *http->storeEntry() << ". MISS"); -+ if (collapsedRevalidation == crSlave && !http->storeEntry()->mayStartHitting()) { -+ debugs(88, 3, "CF slave hit private non-shareable " << *http->storeEntry() << ". MISS"); - // restore context to meet processMiss() expectations - restoreState(); - http->logType = LOG_TCP_MISS; -@@ -530,7 +530,7 @@ - // The previously identified hit suddenly became unsharable! - // This is common for collapsed forwarding slaves but might also - // happen to regular hits because we are called asynchronously. -- if (EBIT_TEST(e->flags, KEY_PRIVATE)) { -+ if (!e->mayStartHitting()) { - debugs(88, 3, "unsharable " << *e << ". MISS"); - http->logType = LOG_TCP_MISS; - processMiss(); - -=== modified file 'src/fs/rock/RockSwapDir.cc' ---- src/fs/rock/RockSwapDir.cc 2017-01-01 00:16:45 +0000 -+++ src/fs/rock/RockSwapDir.cc 2017-06-14 21:37:20 +0000 -@@ -149,7 +149,7 @@ - e.ping_status = PING_NONE; - - EBIT_CLR(e.flags, RELEASE_REQUEST); -- EBIT_CLR(e.flags, KEY_PRIVATE); -+ e.clearPrivate(); - EBIT_SET(e.flags, ENTRY_VALIDATED); - - e.swap_dirn = index; - -=== modified file 'src/fs/ufs/UFSSwapDir.cc' ---- src/fs/ufs/UFSSwapDir.cc 2017-01-01 00:16:45 +0000 -+++ src/fs/ufs/UFSSwapDir.cc 2017-06-14 21:37:20 +0000 -@@ -809,7 +809,7 @@ - e->refcount = refcount; - e->flags = newFlags; - EBIT_CLR(e->flags, RELEASE_REQUEST); -- EBIT_CLR(e->flags, KEY_PRIVATE); -+ e->clearPrivate(); - e->ping_status = PING_NONE; - EBIT_CLR(e->flags, ENTRY_VALIDATED); - mapBitSet(e->swap_filen); - -=== modified file 'src/http.cc' ---- src/http.cc 2017-01-01 00:16:45 +0000 -+++ src/http.cc 2017-06-14 21:37:20 +0000 -@@ -290,7 +290,9 @@ - (Config.onoff.surrogate_is_remote - && sctusable->noStoreRemote())) { - surrogateNoStore = true; -- entry->makePrivate(); -+ // Be conservative for now and make it non-shareable because -+ // there is no enough information here to make the decision. -+ entry->makePrivate(false); - } - - /* The HttpHeader logic cannot tell if the header it's parsing is a reply to an -@@ -315,12 +317,13 @@ - } - } - --int --HttpStateData::cacheableReply() -+HttpStateData::ReuseDecision::Answers -+HttpStateData::reusableReply(HttpStateData::ReuseDecision &decision) - { - HttpReply const *rep = finalReply(); - HttpHeader const *hdr = &rep->header; - const char *v; -+ - #if USE_HTTP_VIOLATIONS - - const RefreshPattern *R = NULL; -@@ -337,24 +340,19 @@ - #define REFRESH_OVERRIDE(flag) 0 - #endif - -- if (EBIT_TEST(entry->flags, RELEASE_REQUEST)) { -- debugs(22, 3, "NO because " << *entry << " has been released."); -- return 0; -- } -+ if (EBIT_TEST(entry->flags, RELEASE_REQUEST)) -+ return decision.make(ReuseDecision::reuseNot, "the entry has been released"); - - // RFC 7234 section 4: a cache MUST use the most recent response - // (as determined by the Date header field) -- if (sawDateGoBack) { -- debugs(22, 3, "NO because " << *entry << " has an older date header."); -- return 0; -- } -+ // TODO: whether such responses could be shareable? -+ if (sawDateGoBack) -+ return decision.make(ReuseDecision::reuseNot, "the response has an older date header"); - - // Check for Surrogate/1.0 protocol conditions - // NP: reverse-proxy traffic our parent server has instructed us never to cache -- if (surrogateNoStore) { -- debugs(22, 3, HERE << "NO because Surrogate-Control:no-store"); -- return 0; -- } -+ if (surrogateNoStore) -+ return decision.make(ReuseDecision::reuseNot, "Surrogate-Control:no-store"); - - // RFC 2616: HTTP/1.1 Cache-Control conditions - if (!ignoreCacheControl) { -@@ -363,11 +361,10 @@ - // for now we are not reliably doing that so we waste CPU re-checking request CC - - // RFC 2616 section 14.9.2 - MUST NOT cache any response with request CC:no-store -- if (request && request->cache_control && request->cache_control->noStore() && -- !REFRESH_OVERRIDE(ignore_no_store)) { -- debugs(22, 3, HERE << "NO because client request Cache-Control:no-store"); -- return 0; -- } -+ if (request && request->cache_control && request->cache_control->hasNoStore() && -+ !REFRESH_OVERRIDE(ignore_no_store)) -+ return decision.make(ReuseDecision::reuseNot, -+ "client request Cache-Control:no-store"); - - // NP: request CC:no-cache only means cache READ is forbidden. STORE is permitted. - if (rep->cache_control && rep->cache_control->hasNoCache() && rep->cache_control->noCache().size() > 0) { -@@ -376,19 +373,18 @@ - * successfully (ie, must revalidate AND these headers are prohibited on stale replies). - * That is a bit tricky for squid right now so we avoid caching entirely. - */ -- debugs(22, 3, HERE << "NO because server reply Cache-Control:no-cache has parameters"); -- return 0; -+ return decision.make(ReuseDecision::reuseNot, -+ "server reply Cache-Control:no-cache has parameters"); - } - - // NP: request CC:private is undefined. We ignore. - // NP: other request CC flags are limiters on HIT/MISS. We don't care about here. - - // RFC 2616 section 14.9.2 - MUST NOT cache any response with CC:no-store -- if (rep->cache_control && rep->cache_control->noStore() && -- !REFRESH_OVERRIDE(ignore_no_store)) { -- debugs(22, 3, HERE << "NO because server reply Cache-Control:no-store"); -- return 0; -- } -+ if (rep->cache_control && rep->cache_control->hasNoStore() && -+ !REFRESH_OVERRIDE(ignore_no_store)) -+ return decision.make(ReuseDecision::reuseNot, -+ "server reply Cache-Control:no-store"); - - // RFC 2616 section 14.9.1 - MUST NOT cache any response with CC:private in a shared cache like Squid. - // CC:private overrides CC:public when both are present in a response. -@@ -401,27 +397,25 @@ - * successfully (ie, must revalidate AND these headers are prohibited on stale replies). - * That is a bit tricky for squid right now so we avoid caching entirely. - */ -- debugs(22, 3, HERE << "NO because server reply Cache-Control:private"); -- return 0; -+ return decision.make(ReuseDecision::reuseNot, -+ "server reply Cache-Control:private"); - } - } - - // RFC 2068, sec 14.9.4 - MUST NOT cache any response with Authentication UNLESS certain CC controls are present - // allow HTTP violations to IGNORE those controls (ie re-block caching Auth) - if (request && (request->flags.auth || request->flags.authSent) && !REFRESH_OVERRIDE(ignore_auth)) { -- if (!rep->cache_control) { -- debugs(22, 3, HERE << "NO because Authenticated and server reply missing Cache-Control"); -- return 0; -- } -+ if (!rep->cache_control) -+ return decision.make(ReuseDecision::reuseNot, -+ "authenticated and server reply missing Cache-Control"); - -- if (ignoreCacheControl) { -- debugs(22, 3, HERE << "NO because Authenticated and ignoring Cache-Control"); -- return 0; -- } -+ if (ignoreCacheControl) -+ return decision.make(ReuseDecision::reuseNot, -+ "authenticated and ignoring Cache-Control"); - - bool mayStore = false; - // HTTPbis pt6 section 3.2: a response CC:public is present -- if (rep->cache_control->Public()) { -+ if (rep->cache_control->hasPublic()) { - debugs(22, 3, HERE << "Authenticated but server reply Cache-Control:public"); - mayStore = true; - -@@ -441,15 +435,13 @@ - #endif - - // HTTPbis pt6 section 3.2: a response CC:s-maxage is present -- } else if (rep->cache_control->sMaxAge()) { -+ } else if (rep->cache_control->hasSMaxAge()) { - debugs(22, 3, HERE << "Authenticated but server reply Cache-Control:s-maxage"); - mayStore = true; - } - -- if (!mayStore) { -- debugs(22, 3, HERE << "NO because Authenticated transaction"); -- return 0; -- } -+ if (!mayStore) -+ return decision.make(ReuseDecision::reuseNot, "authenticated transaction"); - - // NP: response CC:no-cache is equivalent to CC:must-revalidate,max-age=0. We MAY cache, and do so. - // NP: other request CC flags are limiters on HIT/MISS/REFRESH. We don't care about here. -@@ -460,12 +452,26 @@ - * probably should not be cachable - */ - if ((v = hdr->getStr(HDR_CONTENT_TYPE))) -- if (!strncasecmp(v, "multipart/x-mixed-replace", 25)) { -- debugs(22, 3, HERE << "NO because Content-Type:multipart/x-mixed-replace"); -- return 0; -- } -+ if (!strncasecmp(v, "multipart/x-mixed-replace", 25)) -+ return decision.make(ReuseDecision::reuseNot, "Content-Type:multipart/x-mixed-replace"); -+ -+ // TODO: if possible, provide more specific message for each status code -+ static const char *shareableError = "shareable error status code"; -+ static const char *nonShareableError = "non-shareable error status code"; -+ ReuseDecision::Answers statusAnswer = ReuseDecision::reuseNot; -+ const char *statusReason = nonShareableError; - - switch (rep->sline.status()) { -+ -+ /* There are several situations when a non-cacheable response may be -+ * still shareable (e.g., among collapsed clients). We assume that these -+ * are 3xx and 5xx responses, indicating server problems and some of -+ * 4xx responses, common for all clients with a given cache key (e.g., -+ * 404 Not Found or 414 URI Too Long). On the other hand, we should not -+ * share non-cacheable client-specific errors, such as 400 Bad Request -+ * or 406 Not Acceptable. -+ */ -+ - /* Responses that are cacheable */ - - case Http::scOkay: -@@ -482,112 +488,90 @@ - * Don't cache objects that need to be refreshed on next request, - * unless we know how to refresh it. - */ -+ if (refreshIsCachable(entry) || REFRESH_OVERRIDE(store_stale)) -+ decision.make(ReuseDecision::cachePositively, "refresh check returned cacheable"); -+ else -+ decision.make(ReuseDecision::doNotCacheButShare, "refresh check returned non-cacheable"); - -- if (!refreshIsCachable(entry) && !REFRESH_OVERRIDE(store_stale)) { -- debugs(22, 3, "NO because refreshIsCachable() returned non-cacheable.."); -- return 0; -- } else { -- debugs(22, 3, HERE << "YES because HTTP status " << rep->sline.status()); -- return 1; -- } -- /* NOTREACHED */ - break; - - /* Responses that only are cacheable if the server says so */ - - case Http::scFound: - case Http::scTemporaryRedirect: -- if (rep->date <= 0) { -- debugs(22, 3, HERE << "NO because HTTP status " << rep->sline.status() << " and Date missing/invalid"); -- return 0; -- } -- if (rep->expires > rep->date) { -- debugs(22, 3, HERE << "YES because HTTP status " << rep->sline.status() << " and Expires > Date"); -- return 1; -- } else { -- debugs(22, 3, HERE << "NO because HTTP status " << rep->sline.status() << " and Expires <= Date"); -- return 0; -- } -- /* NOTREACHED */ -+ -+ if (rep->date <= 0) -+ decision.make(ReuseDecision::doNotCacheButShare, "Date is missing/invalid"); -+ else if (rep->expires > rep->date) -+ decision.make(ReuseDecision::cachePositively, "Expires > Date"); -+ else -+ decision.make(ReuseDecision::doNotCacheButShare, "Expires <= Date"); - break; - -- /* Errors can be negatively cached */ -- -+ /* These responses can be negatively cached. Most can also be shared. */ - case Http::scNoContent: -- - case Http::scUseProxy: -- -- case Http::scBadRequest: -- - case Http::scForbidden: -- - case Http::scNotFound: -- - case Http::scMethodNotAllowed: -- - case Http::scUriTooLong: -- - case Http::scInternalServerError: -- - case Http::scNotImplemented: -- - case Http::scBadGateway: -- - case Http::scServiceUnavailable: -- - case Http::scGatewayTimeout: - case Http::scMisdirectedRequest: -- -- debugs(22, 3, "MAYBE because HTTP status " << rep->sline.status()); -- return -1; -- -- /* NOTREACHED */ -+ statusAnswer = ReuseDecision::doNotCacheButShare; -+ statusReason = shareableError; -+ // fall through to the actual decision making below -+ -+ case Http::scBadRequest: // no sharing; perhaps the server did not like something specific to this request -+ -+#if USE_HTTP_VIOLATIONS -+ if (Config.negativeTtl > 0) -+ decision.make(ReuseDecision::cacheNegatively, "Config.negativeTtl > 0"); -+ else -+#endif -+ decision.make(statusAnswer, statusReason); - break; - -- /* Some responses can never be cached */ -- -- case Http::scPartialContent: /* Not yet supported */ -- -+ /* these responses can never be cached, some -+ of them can be shared though */ - case Http::scSeeOther: -- - case Http::scNotModified: -- - case Http::scUnauthorized: -- - case Http::scProxyAuthenticationRequired: -- -- case Http::scInvalidHeader: /* Squid header parsing error */ -- -- case Http::scHeaderTooLarge: -- - case Http::scPaymentRequired: -+ case Http::scInsufficientStorage: -+ // TODO: use more specific reason for non-error status codes -+ decision.make(ReuseDecision::doNotCacheButShare, shareableError); -+ break; -+ -+ case Http::scPartialContent: /* Not yet supported. TODO: make shareable for suitable ranges */ - case Http::scNotAcceptable: -- case Http::scRequestTimeout: -- case Http::scConflict: -+ case Http::scRequestTimeout: // TODO: is this shareable? -+ case Http::scConflict: // TODO: is this shareable? - case Http::scLengthRequired: - case Http::scPreconditionFailed: - case Http::scPayloadTooLarge: - case Http::scUnsupportedMediaType: - case Http::scUnprocessableEntity: -- case Http::scLocked: -+ case Http::scLocked: // TODO: is this shareable? - case Http::scFailedDependency: -- case Http::scInsufficientStorage: - case Http::scRequestedRangeNotSatisfied: - case Http::scExpectationFailed: -- -- debugs(22, 3, HERE << "NO because HTTP status " << rep->sline.status()); -- return 0; -- -+ case Http::scInvalidHeader: /* Squid header parsing error */ -+ case Http::scHeaderTooLarge: -+ decision.make(ReuseDecision::reuseNot, nonShareableError); -+ break; - default: - /* RFC 2616 section 6.1.1: an unrecognized response MUST NOT be cached. */ -- debugs (11, 3, HERE << "NO because unknown HTTP status code " << rep->sline.status()); -- return 0; - -- /* NOTREACHED */ -+ decision.make(ReuseDecision::reuseNot, "unknown status code"); - break; - } - -- /* NOTREACHED */ -+ return decision.answer; - } - - /// assemble a variant key (vary-mark) from the given Vary header and HTTP request -@@ -898,11 +882,12 @@ - - Ctx ctx = ctx_enter(entry->mem_obj->urlXXX()); - HttpReply *rep = finalReply(); -+ const Http::StatusCode statusCode = rep->sline.status(); - - entry->timestampsSet(); - - /* Check if object is cacheable or not based on reply code */ -- debugs(11, 3, "HTTP CODE: " << rep->sline.status()); -+ debugs(11, 3, "HTTP CODE: " << statusCode); - - if (const StoreEntry *oldEntry = findPreviouslyCachedEntry(entry)) - sawDateGoBack = rep->olderThan(oldEntry->getReply()); -@@ -919,7 +904,9 @@ - const SBuf vary(httpMakeVaryMark(request, rep)); - - if (vary.isEmpty()) { -- entry->makePrivate(); -+ // TODO: check whether such responses are shareable. -+ // Do not share for now. -+ entry->makePrivate(false); - if (!fwd->reforwardableStatus(rep->sline.status())) - EBIT_CLR(entry->flags, ENTRY_FWD_HDR_WAIT); - varyFailure = true; -@@ -942,30 +929,31 @@ - if (!fwd->reforwardableStatus(rep->sline.status())) - EBIT_CLR(entry->flags, ENTRY_FWD_HDR_WAIT); - -- switch (cacheableReply()) { -- -- case 1: -+ ReuseDecision decision(entry, statusCode); -+ -+ switch (reusableReply(decision)) { -+ -+ case ReuseDecision::reuseNot: -+ entry->makePrivate(false); -+ break; -+ -+ case ReuseDecision::cachePositively: - entry->makePublic(); - break; - -- case 0: -- entry->makePrivate(); -+ case ReuseDecision::cacheNegatively: -+ entry->cacheNegatively(); - break; - -- case -1: -- --#if USE_HTTP_VIOLATIONS -- if (Config.negativeTtl > 0) -- entry->cacheNegatively(); -- else --#endif -- entry->makePrivate(); -+ case ReuseDecision::doNotCacheButShare: -+ entry->makePrivate(true); - break; - - default: - assert(0); - break; - } -+ debugs(11, 3, "decided: " << decision); - } - - if (!ignoreCacheControl) { -@@ -2429,3 +2417,29 @@ - mustStop(reason); - } - -+HttpStateData::ReuseDecision::ReuseDecision(const StoreEntry *e, const Http::StatusCode code) -+ : answer(HttpStateData::ReuseDecision::reuseNot), reason(nullptr), entry(e), statusCode(code) {} -+ -+HttpStateData::ReuseDecision::Answers -+HttpStateData::ReuseDecision::make(const HttpStateData::ReuseDecision::Answers ans, const char *why) -+{ -+ answer = ans; -+ reason = why; -+ return answer; -+} -+ -+std::ostream &operator <<(std::ostream &os, const HttpStateData::ReuseDecision &d) -+{ -+ static const char *ReuseMessages[] = { -+ "do not cache and do not share", // reuseNot -+ "cache positively and share", // cachePositively -+ "cache negatively and share", // cacheNegatively -+ "do not cache but share" // doNotCacheButShare -+ }; -+ -+ assert(d.answer >= HttpStateData::ReuseDecision::reuseNot && -+ d.answer <= HttpStateData::ReuseDecision::doNotCacheButShare); -+ return os << ReuseMessages[d.answer] << " because " << d.reason << -+ "; HTTP status " << d.statusCode << " " << *(d.entry); -+} -+ - -=== modified file 'src/http.h' ---- src/http.h 2017-01-01 00:16:45 +0000 -+++ src/http.h 2017-06-14 21:37:20 +0000 -@@ -22,6 +22,23 @@ - { - - public: -+ -+ /// assists in making and relaying entry caching/sharing decision -+ class ReuseDecision -+ { -+ public: -+ enum Answers { reuseNot = 0, cachePositively, cacheNegatively, doNotCacheButShare }; -+ -+ ReuseDecision(const StoreEntry *e, const Http::StatusCode code); -+ /// stores the corresponding decision -+ Answers make(const Answers ans, const char *why); -+ -+ Answers answer; ///< the decision id -+ const char *reason; ///< the decision reason -+ const StoreEntry *entry; ///< entry for debugging -+ const Http::StatusCode statusCode; ///< HTTP status for debugging -+ }; -+ - HttpStateData(FwdState *); - ~HttpStateData(); - -@@ -39,8 +56,8 @@ - void readReply(const CommIoCbParams &io); - virtual void maybeReadVirginBody(); // read response data from the network - -- // Determine whether the response is a cacheable representation -- int cacheableReply(); -+ // Checks whether the response is cacheable/shareable. -+ ReuseDecision::Answers reusableReply(ReuseDecision &decision); - - CachePeer *_peer; /* CachePeer request made to */ - int eof; /* reached end-of-object? */ -@@ -119,6 +136,8 @@ - CBDATA_CLASS2(HttpStateData); - }; - -+std::ostream &operator <<(std::ostream &os, const HttpStateData::ReuseDecision &d); -+ - int httpCachable(const HttpRequestMethod&); - void httpStart(FwdState *); - SBuf httpMakeVaryMark(HttpRequest * request, HttpReply const * reply); - -=== modified file 'src/store.cc' ---- src/store.cc 2017-01-01 00:16:45 +0000 -+++ src/store.cc 2017-06-14 21:37:20 +0000 -@@ -171,11 +171,18 @@ - } - - void --StoreEntry::makePrivate() -+StoreEntry::makePrivate(const bool shareable) - { - /* This object should never be cached at all */ - expireNow(); -- releaseRequest(); /* delete object when not used */ -+ releaseRequest(shareable); /* delete object when not used */ -+} -+ -+void -+StoreEntry::clearPrivate() -+{ -+ EBIT_CLR(flags, KEY_PRIVATE); -+ shareableWhenPrivate = false; - } - - void -@@ -365,7 +372,8 @@ - ping_status(PING_NONE), - store_status(STORE_PENDING), - swap_status(SWAPOUT_NONE), -- lock_count(0) -+ lock_count(0), -+ shareableWhenPrivate(false) - { - debugs(20, 5, "StoreEntry constructed, this=" << this); - } -@@ -504,14 +512,14 @@ - } - - void --StoreEntry::releaseRequest() -+StoreEntry::releaseRequest(const bool shareable) - { - if (EBIT_TEST(flags, RELEASE_REQUEST)) - return; - - setReleaseFlag(); // makes validToSend() false, preventing future hits - -- setPrivateKey(); -+ setPrivateKey(shareable); - } - - int -@@ -623,12 +631,16 @@ - * concept'. - */ - void --StoreEntry::setPrivateKey() -+StoreEntry::setPrivateKey(const bool shareable) - { - const cache_key *newkey; - -- if (key && EBIT_TEST(flags, KEY_PRIVATE)) -- return; /* is already private */ -+ if (key && EBIT_TEST(flags, KEY_PRIVATE)) { -+ // The entry is already private, but it may be still shareable. -+ if (!shareable) -+ shareableWhenPrivate = false; -+ return; -+ } - - if (key) { - setReleaseFlag(); // will markForUnlink(); all caches/workers will know -@@ -649,6 +661,7 @@ - - assert(hash_lookup(store_table, newkey) == NULL); - EBIT_SET(flags, KEY_PRIVATE); -+ shareableWhenPrivate = shareable; - hashInsert(newkey); - } - -@@ -705,14 +718,17 @@ - if (StoreEntry *e2 = (StoreEntry *)hash_lookup(store_table, newkey)) { - assert(e2 != this); - debugs(20, 3, "Making old " << *e2 << " private."); -- e2->setPrivateKey(); -- e2->release(); -+ -+ // TODO: check whether there is any sense in keeping old entry -+ // shareable here. Leaving it non-shareable for now. -+ e2->setPrivateKey(false); -+ e2->release(false); - } - - if (key) - hashDelete(); - -- EBIT_CLR(flags, KEY_PRIVATE); -+ clearPrivate(); - - hashInsert(newkey); - -@@ -830,7 +846,7 @@ - e->lock("storeCreateEntry"); - - if (neighbors_do_private_keys || !flags.hierarchical) -- e->setPrivateKey(); -+ e->setPrivateKey(false); - else - e->setPublicKey(); - -@@ -1264,7 +1280,7 @@ - - /* release an object from a cache */ - void --StoreEntry::release() -+StoreEntry::release(const bool shareable) - { - PROF_start(storeRelease); - debugs(20, 3, "releasing " << *this << ' ' << getMD5Text()); -@@ -1274,7 +1290,7 @@ - if (locked()) { - expireNow(); - debugs(20, 3, "storeRelease: Only setting RELEASE_REQUEST bit"); -- releaseRequest(); -+ releaseRequest(shareable); - PROF_stop(storeRelease); - return; - } -@@ -1282,7 +1298,7 @@ - Store::Root().memoryUnlink(*this); - - if (StoreController::store_dirs_rebuilding && swap_filen > -1) { -- setPrivateKey(); -+ setPrivateKey(shareable); - - if (swap_filen > -1) { - // lock the entry until rebuilding is done -@@ -2181,7 +2197,11 @@ - if (EBIT_TEST(e.flags, REFRESH_REQUEST)) os << 'F'; - if (EBIT_TEST(e.flags, ENTRY_REVALIDATE_STALE)) os << 'E'; - if (EBIT_TEST(e.flags, ENTRY_DISPATCHED)) os << 'D'; -- if (EBIT_TEST(e.flags, KEY_PRIVATE)) os << 'I'; -+ if (EBIT_TEST(e.flags, KEY_PRIVATE)) { -+ os << 'I'; -+ if (e.shareableWhenPrivate) -+ os << 'H'; -+ } - if (EBIT_TEST(e.flags, ENTRY_FWD_HDR_WAIT)) os << 'W'; - if (EBIT_TEST(e.flags, ENTRY_NEGCACHED)) os << 'N'; - if (EBIT_TEST(e.flags, ENTRY_VALIDATED)) os << 'V'; - -=== modified file 'src/tests/stub_store.cc' ---- src/tests/stub_store.cc 2017-01-01 00:16:45 +0000 -+++ src/tests/stub_store.cc 2017-06-14 21:37:20 +0000 -@@ -43,11 +43,11 @@ - void StoreEntry::abort() STUB - void StoreEntry::unlink() STUB - void StoreEntry::makePublic(const KeyScope keyScope) STUB --void StoreEntry::makePrivate() STUB -+void StoreEntry::makePrivate(const bool shareable) STUB - void StoreEntry::setPublicKey(const KeyScope keyScope) STUB --void StoreEntry::setPrivateKey() STUB -+void StoreEntry::setPrivateKey(const bool shareable) STUB - void StoreEntry::expireNow() STUB --void StoreEntry::releaseRequest() STUB -+void StoreEntry::releaseRequest(const bool shareable) STUB - void StoreEntry::negativeCache() STUB - void StoreEntry::cacheNegatively() STUB - void StoreEntry::purgeMem() STUB -@@ -99,7 +99,7 @@ - int64_t StoreEntry::contentLen() const STUB_RETVAL(0) - void StoreEntry::lock(const char *) STUB - void StoreEntry::touch() STUB --void StoreEntry::release() STUB -+void StoreEntry::release(const bool shareable) STUB - - NullStoreEntry *NullStoreEntry::getInstance() STUB_RETVAL(NULL) - const char *NullStoreEntry::getMD5Text() const STUB_RETVAL(NULL) - -=== modified file 'src/tests/testStoreController.cc' ---- src/tests/testStoreController.cc 2017-01-01 00:16:45 +0000 -+++ src/tests/testStoreController.cc 2017-06-14 21:37:20 +0000 -@@ -116,7 +116,7 @@ - e->lastModified(squid_curtime); - e->refcount = 1; - EBIT_CLR(e->flags, RELEASE_REQUEST); -- EBIT_CLR(e->flags, KEY_PRIVATE); -+ e->clearPrivate(); - e->ping_status = PING_NONE; - EBIT_CLR(e->flags, ENTRY_VALIDATED); - e->hashInsert((const cache_key *)name.termedBuf()); /* do it after we clear KEY_PRIVATE */ - -=== modified file 'src/tests/testStoreHashIndex.cc' ---- src/tests/testStoreHashIndex.cc 2017-01-01 00:16:45 +0000 -+++ src/tests/testStoreHashIndex.cc 2017-06-14 21:37:20 +0000 -@@ -97,7 +97,7 @@ - e->lastModified(squid_curtime); - e->refcount = 1; - EBIT_CLR(e->flags, RELEASE_REQUEST); -- EBIT_CLR(e->flags, KEY_PRIVATE); -+ e->clearPrivate(); - e->ping_status = PING_NONE; - EBIT_CLR(e->flags, ENTRY_VALIDATED); - e->hashInsert((const cache_key *)name.termedBuf()); /* do it after we clear KEY_PRIVATE */ - diff --git a/src/patches/squid/squid-3.5-14170.patch b/src/patches/squid/squid-3.5-14170.patch deleted file mode 100644 index cea0f1363..000000000 --- a/src/patches/squid/squid-3.5-14170.patch +++ /dev/null @@ -1,85 +0,0 @@ ------------------------------------------------------------- -revno: 14170 -revision-id: squid3@treenet.co.nz-20170614215906-ly36sobvlr2pt0u6 -parent: squid3@treenet.co.nz-20170614213720-3qmiohlx4zr2jnqq -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=2833 -author: Eduard Bagdasaryan -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Thu 2017-06-15 09:59:06 +1200 -message: - Bug 2833 pt3: Do not respond with HTTP/304 to unconditional requests - - ... after internal revalidation. The original unconditional HttpRequest - was still marked (and processed) as conditional after internal - revalidation because the original (clear) Last-Modified and ETag values - were not restored (cleared) after the internal revalidation abused them. - - TODO: Isolate the code converting the request into conditional one _and_ - the code that undoes that conversion, to keep both actions in sync. ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20170614215906-ly36sobvlr2pt0u6 -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: 0991e2d39b3bcebcf18cba3db0e3b57aabf23b8b -# timestamp: 2017-06-14 22:22:43 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20170614213720-\ -# 3qmiohlx4zr2jnqq -# -# Begin patch -=== modified file 'src/client_side_reply.cc' ---- src/client_side_reply.cc 2017-06-14 21:37:20 +0000 -+++ src/client_side_reply.cc 2017-06-14 21:59:06 +0000 -@@ -72,8 +72,8 @@ - HTTPMSGUNLOCK(reply); - } - --clientReplyContext::clientReplyContext(ClientHttpRequest *clientContext) : http (cbdataReference(clientContext)), old_entry (NULL), old_sc(NULL), deleting(false), -- collapsedRevalidation(crNone) -+clientReplyContext::clientReplyContext(ClientHttpRequest *clientContext) : http (cbdataReference(clientContext)), old_entry (NULL), -+ old_sc(NULL), old_lastmod(-1), deleting(false), collapsedRevalidation(crNone) - {} - - /** Create an error in the store awaiting the client side to read it. -@@ -185,6 +185,8 @@ - debugs(88, 3, "clientReplyContext::saveState: saving store context"); - old_entry = http->storeEntry(); - old_sc = sc; -+ old_lastmod = http->request->lastmod; -+ old_etag = http->request->etag; - old_reqsize = reqsize; - tempBuffer.offset = reqofs; - /* Prevent accessing the now saved entries */ -@@ -204,9 +206,13 @@ - sc = old_sc; - reqsize = old_reqsize; - reqofs = tempBuffer.offset; -+ http->request->lastmod = old_lastmod; -+ http->request->etag = old_etag; - /* Prevent accessed the old saved entries */ - old_entry = NULL; - old_sc = NULL; -+ old_lastmod = -1; -+ old_etag.clean(); - old_reqsize = 0; - tempBuffer.offset = 0; - } - -=== modified file 'src/client_side_reply.h' ---- src/client_side_reply.h 2017-01-01 00:16:45 +0000 -+++ src/client_side_reply.h 2017-06-14 21:59:06 +0000 -@@ -130,7 +130,11 @@ - void sendNotModifiedOrPreconditionFailedError(); - - StoreEntry *old_entry; -- store_client *old_sc; /* ... for entry to be validated */ -+ /* ... for entry to be validated */ -+ store_client *old_sc; -+ time_t old_lastmod; -+ String old_etag; -+ - bool deleting; - - typedef enum { - diff --git a/src/patches/squid/squid-3.5-14171.patch b/src/patches/squid/squid-3.5-14171.patch deleted file mode 100644 index f357045b2..000000000 --- a/src/patches/squid/squid-3.5-14171.patch +++ /dev/null @@ -1,45 +0,0 @@ ------------------------------------------------------------- -revno: 14171 -revision-id: squidadm@squid-cache.org-20170615001633-wgrl5w8isv15o7gg -parent: squid3@treenet.co.nz-20170614215906-ly36sobvlr2pt0u6 -committer: Source Maintenance -branch nick: 3.5 -timestamp: Thu 2017-06-15 00:16:33 +0000 -message: - SourceFormat Enforcement ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squidadm@squid-cache.org-20170615001633-\ -# wgrl5w8isv15o7gg -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: 237182ac5eed6aca7e9aca295a90057f3a8cf10b -# timestamp: 2017-06-15 00:51:05 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20170614215906-\ -# ly36sobvlr2pt0u6 -# -# Begin patch -=== modified file 'src/http.cc' ---- src/http.cc 2017-06-14 21:37:20 +0000 -+++ src/http.cc 2017-06-15 00:16:33 +0000 -@@ -523,7 +523,7 @@ - case Http::scMisdirectedRequest: - statusAnswer = ReuseDecision::doNotCacheButShare; - statusReason = shareableError; -- // fall through to the actual decision making below -+ // fall through to the actual decision making below - - case Http::scBadRequest: // no sharing; perhaps the server did not like something specific to this request - -@@ -2438,8 +2438,8 @@ - }; - - assert(d.answer >= HttpStateData::ReuseDecision::reuseNot && -- d.answer <= HttpStateData::ReuseDecision::doNotCacheButShare); -+ d.answer <= HttpStateData::ReuseDecision::doNotCacheButShare); - return os << ReuseMessages[d.answer] << " because " << d.reason << -- "; HTTP status " << d.statusCode << " " << *(d.entry); -+ "; HTTP status " << d.statusCode << " " << *(d.entry); - } - - diff --git a/src/patches/squid/squid-3.5-14172.patch b/src/patches/squid/squid-3.5-14172.patch deleted file mode 100644 index aa7332765..000000000 --- a/src/patches/squid/squid-3.5-14172.patch +++ /dev/null @@ -1,40 +0,0 @@ ------------------------------------------------------------- -revno: 14172 -revision-id: squid3@treenet.co.nz-20170621195439-l63xfsad58ghhhfu -parent: squidadm@squid-cache.org-20170615001633-wgrl5w8isv15o7gg -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4671 -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Thu 2017-06-22 07:54:39 +1200 -message: - Bug 4671 pt2: GCC 7: raise FTP Gateway CTRL channel buffer to 16KB - - Fixes - error: %s directive output may be truncated writing up to 8191 bytes - into a region of size 1019 - note: snprintf output between 8 and 8199 bytes into a destination of - size 1024 ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20170621195439-l63xfsad58ghhhfu -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: eeb32b45efe5504eebeaae89088d4a81d807807c -# timestamp: 2017-06-21 20:50:58 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squidadm@squid-cache.org-20170615001633-\ -# wgrl5w8isv15o7gg -# -# Begin patch -=== modified file 'src/clients/FtpGateway.cc' ---- src/clients/FtpGateway.cc 2017-05-29 04:37:41 +0000 -+++ src/clients/FtpGateway.cc 2017-06-21 19:54:39 +0000 -@@ -192,7 +192,7 @@ - - #define FTP_LOGIN_NOT_ESCAPED 0 - --#define CTRL_BUFLEN 1024 -+#define CTRL_BUFLEN 16*1024 - static char cbuf[CTRL_BUFLEN]; - - /* - diff --git a/src/patches/squid/squid-3.5-14173.patch b/src/patches/squid/squid-3.5-14173.patch deleted file mode 100644 index 6841202ac..000000000 --- a/src/patches/squid/squid-3.5-14173.patch +++ /dev/null @@ -1,254 +0,0 @@ ------------------------------------------------------------- -revno: 14173 -revision-id: squid3@treenet.co.nz-20170621201248-ezpvykg0b307ix61 -parent: squid3@treenet.co.nz-20170621195439-l63xfsad58ghhhfu -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4671 -author: Alex Rousskov -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Thu 2017-06-22 08:12:48 +1200 -message: - Replace new/delete operators using modern C++ rules. - - This change was motivated by "Mismatched free()/delete/delete[]" errors - reported by valgrind and mused about in Squid source code. - - I speculate that the old new/delete replacement code was the result of - slow accumulation of working hacks to accomodate various environments, - as compiler support for the feature evolved. The cumulative result does - not actually work well (see the above paragraph), and the replacement - functions had the following visible coding problems according to [1,2]: - - a) Declared with non-standard profiles that included throw specifiers. - b) Declared inline. C++ says that the results of inline declarations - have unspecified effects. In Squid, they probably necessitated - complex compiler-specific "extern inline" workarounds. - c) Defined in the header file. C++ says that defining replacements "in - any source file" is enough and that multiple replacements per - program (which is what a header file definition produces) result in - "undefined behavior". - d) Declared inconsistently (only 2 out of 4 flavors). Declaring one base - flavor should be sufficient, but if we declare more, we should - declare all of them. - - [1] http://en.cppreference.com/w/cpp/memory/new/operator_new - [2] http://en.cppreference.com/w/cpp/memory/new/operator_delete - - The replacements were not provided to clang (trunk r13219), but there - was no explanation why. This patch does not change that exclusion. - - I have no idea whether any of the old hacks are still necessary in some - cases. However, I suspect that either we do not care much if the - replacements are not enabled on some poorly supported platforms OR we - can disable them (or make them work) using much simpler hacks for the - platforms we do care about. ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20170621201248-ezpvykg0b307ix61 -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: 4f15c23326e4e4fe2ca2a6c7a13333e01677a0b0 -# timestamp: 2017-06-21 20:51:02 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20170621195439-\ -# l63xfsad58ghhhfu -# -# Begin patch -=== modified file 'compat/os/macosx.h' ---- compat/os/macosx.h 2017-01-01 00:16:45 +0000 -+++ compat/os/macosx.h 2017-06-21 20:12:48 +0000 -@@ -28,11 +28,6 @@ - - #include "compat/cmsg.h" - --// MacOS GCC 4.0.1 and 4.2.1 supply __GNUC_GNU_INLINE__ but do not actually define __attribute__((gnu_inline)) --#if defined(__cplusplus) && !defined(_SQUID_EXTERNNEW_) --#define _SQUID_EXTERNNEW_ extern inline --#endif -- - #endif /* _SQUID_APPLE_ */ - #endif /* SQUID_OS_MACOSX_H */ - - -=== modified file 'compat/os/sgi.h' ---- compat/os/sgi.h 2017-01-01 00:16:45 +0000 -+++ compat/os/sgi.h 2017-06-21 20:12:48 +0000 -@@ -25,15 +25,6 @@ - #define _ABI_SOURCE - #endif /* USE_ASYNC_IO */ - --#if defined(__cplusplus) && !defined(_SQUID_EXTERNNEW_) && !defined(_GNUC_) --/* -- * The gcc compiler treats extern inline functions as being extern, -- * while the SGI MIPSpro compilers treat them as inline. To get equivalent -- * behavior, remove the inline keyword. -- */ --#define _SQUID_EXTERNNEW_ extern --#endif -- - #endif /* _SQUID_SGI_ */ - #endif /* SQUID_OS_SGI_H */ - - -=== modified file 'compat/os/solaris.h' ---- compat/os/solaris.h 2017-01-01 00:16:45 +0000 -+++ compat/os/solaris.h 2017-06-21 20:12:48 +0000 -@@ -59,13 +59,6 @@ - #endif - - /* -- * SunPro CC handles extern inline as inline, PLUS extern symbols. -- */ --#if !defined(_SQUID_EXTERNNEW_) && defined(__SUNPRO_CC) --#define _SQUID_EXTERNNEW_ extern --#endif -- --/* - * SunStudio CC does not define C++ portability API __FUNCTION__ - */ - #if defined(__SUNPRO_CC) && !defined(__FUNCTION__) - -=== removed file 'include/SquidNew.h' ---- include/SquidNew.h 2017-01-01 00:16:45 +0000 -+++ include/SquidNew.h 1970-01-01 00:00:00 +0000 -@@ -1,41 +0,0 @@ --/* -- * Copyright (C) 1996-2017 The Squid Software Foundation and contributors -- * -- * Squid software is distributed under GPLv2+ license and includes -- * contributions from numerous individuals and organizations. -- * Please see the COPYING and CONTRIBUTORS files for details. -- */ -- --#ifndef SQUID_NEW_H --#define SQUID_NEW_H -- --#if !defined(__SUNPRO_CC) && !defined(__clang__) --/* Any code using libstdc++ must have externally resolvable overloads -- * for void * operator new - which means in the .o for the binary, -- * or in a shared library. static libs don't propogate the symbol -- * so, look in the translation unit containing main() in squid -- * for the extern version in squid -- */ --#include -- --_SQUID_EXTERNNEW_ void *operator new(size_t size) throw (std::bad_alloc) --{ -- return xmalloc(size); --} --_SQUID_EXTERNNEW_ void operator delete (void *address) throw() --{ -- xfree(address); --} --_SQUID_EXTERNNEW_ void *operator new[] (size_t size) throw (std::bad_alloc) --{ -- return xmalloc(size); --} --_SQUID_EXTERNNEW_ void operator delete[] (void *address) throw() --{ -- xfree(address); --} -- --#endif /* !__SUNPRO_CC && !__clang__*/ -- --#endif /* SQUID_NEW_H */ -- - -=== modified file 'include/util.h' ---- include/util.h 2017-01-01 00:16:45 +0000 -+++ include/util.h 2017-06-21 20:12:48 +0000 -@@ -19,23 +19,6 @@ - SQUIDCEXTERN int tvSubUsec(struct timeval, struct timeval); - SQUIDCEXTERN double tvSubDsec(struct timeval, struct timeval); - SQUIDCEXTERN void Tolower(char *); --#if defined(__cplusplus) --/* -- * Any code using libstdc++ must have externally resolvable overloads -- * for void * operator new - which means in the .o for the binary, -- * or in a shared library. static libs don't propogate the symbol -- * so, look in the translation unit containing main() in squid -- * for the extern version in squid -- */ --#if !defined(_SQUID_EXTERNNEW_) --#if defined(__GNUC_STDC_INLINE__) || defined(__GNUC_GNU_INLINE__) --#define _SQUID_EXTERNNEW_ extern inline __attribute__((gnu_inline)) --#else --#define _SQUID_EXTERNNEW_ extern inline --#endif --#endif --#include "SquidNew.h" --#endif - - SQUIDCEXTERN time_t parse_iso3307_time(const char *buf); - - -=== modified file 'src/SquidNew.cc' ---- src/SquidNew.cc 2017-01-01 00:16:45 +0000 -+++ src/SquidNew.cc 2017-06-21 20:12:48 +0000 -@@ -8,29 +8,45 @@ - - /* DEBUG: none Memory Allocation */ - --#define _SQUID_EXTERNNEW_ -- - #include "squid.h" - --#ifdef __SUNPRO_CC -+#if !defined(__clang__) - - #include --void *operator new(size_t size) throw (std::bad_alloc) --{ -- return xmalloc(size); --} --void operator delete (void *address) throw() --{ -- xfree (address); --} --void *operator new[] (size_t size) throw (std::bad_alloc) --{ -- return xmalloc(size); --} --void operator delete[] (void *address) throw() --{ -- xfree (address); --} -- --#endif /* __SUNPRO_CC */ -+ -+void *operator new(size_t size) -+{ -+ return xmalloc(size); -+} -+void operator delete(void *address) -+{ -+ xfree(address); -+} -+void *operator new[](size_t size) -+{ -+ return xmalloc(size); -+} -+void operator delete[](void *address) -+{ -+ xfree(address); -+} -+ -+void *operator new(size_t size, const std::nothrow_t &tag) -+{ -+ return xmalloc(size); -+} -+void operator delete(void *address, const std::nothrow_t &tag) -+{ -+ xfree(address); -+} -+void *operator new[](size_t size, const std::nothrow_t &tag) -+{ -+ return xmalloc(size); -+} -+void operator delete[](void *address, const std::nothrow_t &tag) -+{ -+ xfree(address); -+} -+ -+#endif /* !defined(__clang__) */ - - diff --git a/src/patches/squid/squid-3.5-14174.patch b/src/patches/squid/squid-3.5-14174.patch deleted file mode 100644 index 7427eb38d..000000000 --- a/src/patches/squid/squid-3.5-14174.patch +++ /dev/null @@ -1,274 +0,0 @@ ------------------------------------------------------------- -revno: 14174 -revision-id: squid3@treenet.co.nz-20170622153146-nxo8vl6a9r8z03v4 -parent: squid3@treenet.co.nz-20170621201248-ezpvykg0b307ix61 -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4671 -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Fri 2017-06-23 03:31:46 +1200 -message: - Bug 4671 pt3: various GCC 7 compile errors - - Also, remove limit on FTP realm strings - - Convert ftpRealm() from generating char* to SBuf. This fixes issues identified - by GCC 7 where the realm string may be longer than the available buffer and - gets truncated. - The size of the buffer was making the occurance rather rare, but it is still - possible. ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20170622153146-nxo8vl6a9r8z03v4 -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: b54e1a339544443ed9b34a094717b2781c746c76 -# timestamp: 2017-06-22 15:50:59 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20170621201248-\ -# ezpvykg0b307ix61 -# -# Begin patch -=== modified file 'src/DiskIO/DiskThreads/aiops.cc' ---- src/DiskIO/DiskThreads/aiops.cc 2017-01-01 00:16:45 +0000 -+++ src/DiskIO/DiskThreads/aiops.cc 2017-06-22 15:31:46 +0000 -@@ -290,7 +290,7 @@ - /* Create threads and get them to sit in their wait loop */ - squidaio_thread_pool = memPoolCreate("aio_thread", sizeof(squidaio_thread_t)); - -- assert(NUMTHREADS); -+ assert(NUMTHREADS != 0); - - for (i = 0; i < NUMTHREADS; ++i) { - threadp = (squidaio_thread_t *)squidaio_thread_pool->alloc(); - -=== modified file 'src/clients/FtpGateway.cc' ---- src/clients/FtpGateway.cc 2017-06-21 19:54:39 +0000 -+++ src/clients/FtpGateway.cc 2017-06-22 15:31:46 +0000 -@@ -153,8 +153,8 @@ - virtual void timeout(const CommTimeoutCbParams &io); - void ftpAcceptDataConnection(const CommAcceptCbParams &io); - -- static HttpReply *ftpAuthRequired(HttpRequest * request, const char *realm); -- const char *ftpRealm(void); -+ static HttpReply *ftpAuthRequired(HttpRequest * request, SBuf &realm); -+ SBuf ftpRealm(); - void loginFailed(void); - - virtual void haveParsedReplyHeaders(); -@@ -1189,7 +1189,8 @@ - { - if (!checkAuth(&request->header)) { - /* create appropriate reply */ -- HttpReply *reply = ftpAuthRequired(request, ftpRealm()); -+ SBuf realm(ftpRealm()); // local copy so SBuf wont disappear too early -+ HttpReply *reply = ftpAuthRequired(request, realm); - entry->replaceHttpReply(reply); - serverComplete(); - return; -@@ -1290,7 +1291,9 @@ - - #if HAVE_AUTH_MODULE_BASIC - /* add Authenticate header */ -- newrep->header.putAuth("Basic", ftpRealm()); -+ // XXX: performance regression. c_str() may reallocate -+ SBuf realm(ftpRealm()); // local copy so SBuf wont disappear too early -+ newrep->header.putAuth("Basic", realm.c_str()); - #endif - - // add it to the store entry for response.... -@@ -1298,18 +1301,19 @@ - serverComplete(); - } - --const char * -+SBuf - Ftp::Gateway::ftpRealm() - { -- static char realm[8192]; -+ SBuf realm; - - /* This request is not fully authenticated */ -- if (!request) { -- snprintf(realm, 8192, "FTP %s unknown", user); -- } else if (request->port == 21) { -- snprintf(realm, 8192, "FTP %s %s", user, request->GetHost()); -- } else { -- snprintf(realm, 8192, "FTP %s %s port %d", user, request->GetHost(), request->port); -+ realm.appendf("FTP %s ", user); -+ if (!request) -+ realm.append("unknown", 7); -+ else { -+ realm.append(request->GetHost()); -+ if (request->port != 21) -+ realm.appendf(" port %d", request->port); - } - return realm; - } -@@ -2673,13 +2677,14 @@ - } - - HttpReply * --Ftp::Gateway::ftpAuthRequired(HttpRequest * request, const char *realm) -+Ftp::Gateway::ftpAuthRequired(HttpRequest * request, SBuf &realm) - { - ErrorState err(ERR_CACHE_ACCESS_DENIED, Http::scUnauthorized, request); - HttpReply *newrep = err.BuildHttpReply(); - #if HAVE_AUTH_MODULE_BASIC - /* add Authenticate header */ -- newrep->header.putAuth("Basic", realm); -+ // XXX: performance regression. c_str() may reallocate -+ newrep->header.putAuth("Basic", realm.c_str()); - #endif - return newrep; - } - -=== modified file 'src/fde.cc' ---- src/fde.cc 2017-01-01 00:16:45 +0000 -+++ src/fde.cc 2017-06-22 15:31:46 +0000 -@@ -85,15 +85,15 @@ - char const * - fde::remoteAddr() const - { -- LOCAL_ARRAY(char, buf, MAX_IPSTRLEN ); -+ static char buf[MAX_IPSTRLEN+7]; // 7 = length of ':port' strings - - if (type != FD_SOCKET) - return null_string; - - if ( *ipaddr ) -- snprintf( buf, MAX_IPSTRLEN, "%s:%d", ipaddr, (int)remote_port); -+ snprintf(buf, sizeof(buf), "%s:%u", ipaddr, remote_port); - else -- local_addr.toUrl(buf,MAX_IPSTRLEN); // toHostStr does not include port. -+ local_addr.toUrl(buf, sizeof(buf)); // toHostStr does not include port. - - return buf; - } - -=== modified file 'src/fs/ufs/RebuildState.cc' ---- src/fs/ufs/RebuildState.cc 2017-01-01 00:16:45 +0000 -+++ src/fs/ufs/RebuildState.cc 2017-06-22 15:31:46 +0000 -@@ -444,7 +444,7 @@ - } - - if (0 == in_dir) { /* we need to read in a new directory */ -- snprintf(fullpath, MAXPATHLEN, "%s/%02X/%02X", -+ snprintf(fullpath, sizeof(fullpath), "%s/%02X/%02X", - sd->path, - curlvl1, curlvl2); - -@@ -489,7 +489,7 @@ - continue; - } - -- snprintf(fullfilename, MAXPATHLEN, "%s/%s", -+ snprintf(fullfilename, sizeof(fullfilename), "%s/%s", - fullpath, entry->d_name); - debugs(47, 3, HERE << "Opening " << fullfilename); - fd = file_open(fullfilename, O_RDONLY | O_BINARY); - -=== modified file 'src/fs/ufs/RebuildState.h' ---- src/fs/ufs/RebuildState.h 2017-01-01 00:16:45 +0000 -+++ src/fs/ufs/RebuildState.h 2017-06-22 15:31:46 +0000 -@@ -54,7 +54,7 @@ - dirent_t *entry; - DIR *td; - char fullpath[MAXPATHLEN]; -- char fullfilename[MAXPATHLEN]; -+ char fullfilename[MAXPATHLEN*2]; - - StoreRebuildData counts; - - -=== modified file 'src/gopher.cc' ---- src/gopher.cc 2017-01-01 00:16:45 +0000 -+++ src/gopher.cc 2017-06-22 15:31:46 +0000 -@@ -820,7 +820,7 @@ - * This will be called when request write is complete. Schedule read of reply. - */ - static void --gopherSendComplete(const Comm::ConnectionPointer &conn, char *buf, size_t size, Comm::Flag errflag, int xerrno, void *data) -+gopherSendComplete(const Comm::ConnectionPointer &conn, char *, size_t size, Comm::Flag errflag, int xerrno, void *data) - { - GopherStateData *gopherState = (GopherStateData *) data; - StoreEntry *entry = gopherState->entry; -@@ -840,10 +840,6 @@ - err->url = xstrdup(entry->url()); - gopherState->fwd->fail(err); - gopherState->serverConn->close(); -- -- if (buf) -- memFree(buf, MEM_4K_BUF); /* Allocated by gopherSendRequest. */ -- - return; - } - -@@ -885,9 +881,6 @@ - AsyncCall::Pointer call = commCbCall(5,5, "gopherReadReply", - CommIoCbPtrFun(gopherReadReply, gopherState)); - entry->delayAwareRead(conn, gopherState->replybuf, BUFSIZ, call); -- -- if (buf) -- memFree(buf, MEM_4K_BUF); /* Allocated by gopherSendRequest. */ - } - - /** -@@ -898,32 +891,31 @@ - gopherSendRequest(int fd, void *data) - { - GopherStateData *gopherState = (GopherStateData *)data; -- char *buf = (char *)memAllocate(MEM_4K_BUF); -+ MemBuf mb; -+ mb.init(); - - if (gopherState->type_id == GOPHER_CSO) { - const char *t = strchr(gopherState->request, '?'); - -- if (t != NULL) -+ if (t) - ++t; /* skip the ? */ - else - t = ""; - -- snprintf(buf, 4096, "query %s\r\nquit\r\n", t); -- } else if (gopherState->type_id == GOPHER_INDEX) { -- char *t = strchr(gopherState->request, '?'); -- -- if (t != NULL) -- *t = '\t'; -- -- snprintf(buf, 4096, "%s\r\n", gopherState->request); -+ mb.Printf("query %s\r\nquit", t); - } else { -- snprintf(buf, 4096, "%s\r\n", gopherState->request); -+ if (gopherState->type_id == GOPHER_INDEX) { -+ if (char *t = strchr(gopherState->request, '?')) -+ *t = '\t'; -+ } -+ mb.append(gopherState->request, strlen(gopherState->request)); - } -+ mb.append("\r\n", 2); - -- debugs(10, 5, HERE << gopherState->serverConn); -+ debugs(10, 5, gopherState->serverConn); - AsyncCall::Pointer call = commCbCall(5,5, "gopherSendComplete", - CommIoCbPtrFun(gopherSendComplete, gopherState)); -- Comm::Write(gopherState->serverConn, buf, strlen(buf), call, NULL); -+ Comm::Write(gopherState->serverConn, &mb, call); - - gopherState->entry->makePublic(); - } - -=== modified file 'src/icmp/Makefile.am' ---- src/icmp/Makefile.am 2017-01-01 00:16:45 +0000 -+++ src/icmp/Makefile.am 2017-06-22 15:31:46 +0000 -@@ -59,7 +59,8 @@ - pinger_LDFLAGS = $(LIBADD_DL) - pinger_LDADD=\ - libicmp-core.la \ -- ../ip/libip.la \ -+ $(top_builddir)/src/ip/libip.la \ -+ $(top_builddir)/src/base/libbase.la \ - $(COMPAT_LIB) \ - $(XTRA_LIBS) - - diff --git a/src/patches/squid/squid-3.5-14175.patch b/src/patches/squid/squid-3.5-14175.patch deleted file mode 100644 index a2a8a5d07..000000000 --- a/src/patches/squid/squid-3.5-14175.patch +++ /dev/null @@ -1,34 +0,0 @@ ------------------------------------------------------------- -revno: 14175 -revision-id: squid3@treenet.co.nz-20170629125627-socq6szqysvm9ifa -parent: squid3@treenet.co.nz-20170622153146-nxo8vl6a9r8z03v4 -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4112 -author: Sven Eisenberg -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Fri 2017-06-30 00:56:27 +1200 -message: - Bug 4112: ssl_engine does not accept cryptodev ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20170629125627-socq6szqysvm9ifa -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: c74e6941e5b6df8e36d26dd5c02389ae2955bc21 -# timestamp: 2017-06-29 13:51:04 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20170622153146-\ -# nxo8vl6a9r8z03v4 -# -# Begin patch -=== modified file 'src/ssl/support.cc' ---- src/ssl/support.cc 2017-01-27 16:14:19 +0000 -+++ src/ssl/support.cc 2017-06-29 12:56:27 +0000 -@@ -737,6 +737,7 @@ - - #if HAVE_OPENSSL_ENGINE_H - if (Config.SSL.ssl_engine) { -+ ENGINE_load_builtin_engines(); - ENGINE *e; - if (!(e = ENGINE_by_id(Config.SSL.ssl_engine))) - fatalf("Unable to find SSL engine '%s'\n", Config.SSL.ssl_engine); - diff --git a/src/patches/squid/squid-3.5-14176.patch b/src/patches/squid/squid-3.5-14176.patch deleted file mode 100644 index 63141e388..000000000 --- a/src/patches/squid/squid-3.5-14176.patch +++ /dev/null @@ -1,42 +0,0 @@ ------------------------------------------------------------- -revno: 14176 -revision-id: squid3@treenet.co.nz-20170701073514-uzowexcysowqostf -parent: squid3@treenet.co.nz-20170629125627-socq6szqysvm9ifa -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4687 -author: Lubos Uhliarik -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Sat 2017-07-01 19:35:14 +1200 -message: - Bug 4687: Wrong names of components in man page, section SEE ALSO ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20170701073514-uzowexcysowqostf -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: 9099c98de3cb8fc125dd9952373de42c079b0ccc -# timestamp: 2017-07-01 07:45:05 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20170629125627-\ -# socq6szqysvm9ifa -# -# Begin patch -=== modified file 'src/squid.8.in' ---- src/squid.8.in 2017-01-01 00:16:45 +0000 -+++ src/squid.8.in 2017-07-01 07:35:14 +0000 -@@ -265,11 +265,11 @@ - .SH SEE ALSO - .if !'po4a'hide' .B cachemgr.cgi "(8), " - .if !'po4a'hide' .B squidclient "(1), " --.if !'po4a'hide' .B pam_auth "(8), " --.if !'po4a'hide' .B squid_ldap_auth "(8), " --.if !'po4a'hide' .B squid_ldap_group "(8), " -+.if !'po4a'hide' .B basic_pam_auth "(8), " -+.if !'po4a'hide' .B basic_ldap_auth "(8), " -+.if !'po4a'hide' .B ext_ldap_group_acl "(8), " - .if !'po4a'hide' .B ext_session_acl "(8), " --.if !'po4a'hide' .B squid_unix_group "(8), " -+.if !'po4a'hide' .B ext_unix_group_acl "(8), " - .br - The Squid FAQ wiki - .if !'po4a'hide' http://wiki.squid-cache.org/SquidFaq - diff --git a/src/patches/squid/squid-3.5-14177.patch b/src/patches/squid/squid-3.5-14177.patch deleted file mode 100644 index c9920adaf..000000000 --- a/src/patches/squid/squid-3.5-14177.patch +++ /dev/null @@ -1,52 +0,0 @@ ------------------------------------------------------------- -revno: 14177 -revision-id: squid3@treenet.co.nz-20170701073754-4x1i6p5s1gzk73co -parent: squid3@treenet.co.nz-20170701073514-uzowexcysowqostf -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Sat 2017-07-01 19:37:54 +1200 -message: - basic_ncsa_auth: fix hash listing wrap in man(8) page - - '*' list bullet points must be indented with whitespace. - If they are not the list is treated as a single wrapped paragraph. ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20170701073754-4x1i6p5s1gzk73co -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: ffd783ab19a438c56affcdc6c1d106fa00403f4f -# timestamp: 2017-07-01 07:45:09 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20170701073514-\ -# uzowexcysowqostf -# -# Begin patch -=== modified file 'helpers/basic_auth/NCSA/basic_ncsa_auth.8' ---- helpers/basic_auth/NCSA/basic_ncsa_auth.8 2017-01-01 00:16:45 +0000 -+++ helpers/basic_auth/NCSA/basic_ncsa_auth.8 2017-07-01 07:37:54 +0000 -@@ -18,15 +18,15 @@ - .PP - This authenticator accepts: - .BR --* Blowfish - for passwords 72 characters or less in length --.BR --* SHA256 - with salting and magic strings --.BR --* SHA512 - with salting and magic strings --.BR --* MD5 - with optional salt and magic strings --.BR --* DES - for passwords 8 characters or less in length -+ * Blowfish \- for passwords 72 characters or less in length. -+.BR -+ * SHA256 \- with salting and magic strings. -+.BR -+ * SHA512 \- with salting and magic strings. -+.BR -+ * MD5 \- with optional salt and magic strings. -+.BR -+ * DES \- for passwords 8 characters or less in length. - . - NOTE: Blowfish and SHA algorithms require system-specific support. - . - diff --git a/src/patches/squid/squid-3.5-14178.patch b/src/patches/squid/squid-3.5-14178.patch deleted file mode 100644 index 1a95150d3..000000000 --- a/src/patches/squid/squid-3.5-14178.patch +++ /dev/null @@ -1,36 +0,0 @@ ------------------------------------------------------------- -revno: 14178 -revision-id: squid3@treenet.co.nz-20170701081116-xekwolj1wdkeaxqv -parent: squid3@treenet.co.nz-20170701073754-4x1i6p5s1gzk73co -author: Alex Rousskov -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Sat 2017-07-01 20:11:16 +1200 -message: - Fix message packing error handling in mgr and snmp SMP Forwarders. - - A missing "return" resulted in Forwarders sending garbage (or worse) to - Coordinator. ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20170701081116-xekwolj1wdkeaxqv -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: a593abc992a79d4539dede76b4f63e013f96d33a -# timestamp: 2017-07-01 08:51:30 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20170701073754-\ -# 4x1i6p5s1gzk73co -# -# Begin patch -=== modified file 'src/ipc/Forwarder.cc' ---- src/ipc/Forwarder.cc 2017-01-01 00:16:45 +0000 -+++ src/ipc/Forwarder.cc 2017-07-01 08:11:16 +0000 -@@ -62,6 +62,7 @@ - // assume the pack() call failed because the message did not fit - // TODO: add a more specific exception? - handleError(); -+ return; - } - - SendMessage(Ipc::Port::CoordinatorAddr(), message); - diff --git a/src/patches/squid/squid-3.5-14179.patch b/src/patches/squid/squid-3.5-14179.patch deleted file mode 100644 index 112bdb093..000000000 --- a/src/patches/squid/squid-3.5-14179.patch +++ /dev/null @@ -1,105 +0,0 @@ ------------------------------------------------------------- -revno: 14179 -revision-id: squid3@treenet.co.nz-20170701095916-wknqmneq2w0mxt6a -parent: squid3@treenet.co.nz-20170701081116-xekwolj1wdkeaxqv -author: Alex Rousskov -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Sat 2017-07-01 21:59:16 +1200 -message: - Fix mgr query handoff from the original recipient to Coordinator. - - This bug has already been fixed once, in trunk r11164.1.61, but that fix - was accidentally undone shortly after, during significant cross-branch - merging activity combined with the Forwarder class split. The final - merge importing the associated code (trunk r11730) was buggy. - - The bug (explained in r11164.1.61) leads to a race condition between - - * Store notifying Server classes about the entry completion (which might - trigger a bogus error message sent to the cache manager client while - Coordinator sends its own valid response on the same connection!) and - - * post-cleanup() connection closure handlers of Server classes silently - closing everything (and leaving Coordinator the only responding - process on that shared connection). - - The bug probably was not noticed for so long because, evidently, the - latter actions tend to win in the current code. ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20170701095916-wknqmneq2w0mxt6a -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: c7e89c80468c7f388f7e09ad2d68a245789db50d -# timestamp: 2017-07-01 10:51:12 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20170701081116-\ -# xekwolj1wdkeaxqv -# -# Begin patch -=== modified file 'src/ipc/Forwarder.h' ---- src/ipc/Forwarder.h 2017-01-01 00:16:45 +0000 -+++ src/ipc/Forwarder.h 2017-07-01 09:59:16 +0000 -@@ -47,12 +47,14 @@ - virtual void handleError(); - virtual void handleTimeout(); - virtual void handleException(const std::exception& e); -- virtual void handleRemoteAck(); - - private: - static void RequestTimedOut(void* param); - void requestTimedOut(); - void removeTimeoutEvent(); -+ -+ void handleRemoteAck(); -+ - static AsyncCall::Pointer DequeueRequest(unsigned int requestId); - - protected: - -=== modified file 'src/mgr/Forwarder.cc' ---- src/mgr/Forwarder.cc 2017-01-01 00:16:45 +0000 -+++ src/mgr/Forwarder.cc 2017-07-01 09:59:16 +0000 -@@ -102,17 +102,6 @@ - mustStop("commClosed"); - } - --/// called when Coordinator starts processing the request --void --Mgr::Forwarder::handleRemoteAck() --{ -- Ipc::Forwarder::handleRemoteAck(); -- -- Must(entry != NULL); -- EBIT_CLR(entry->flags, ENTRY_FWD_HDR_WAIT); -- entry->complete(); --} -- - /// send error page - void - Mgr::Forwarder::sendError(ErrorState *error) - -=== modified file 'src/mgr/Forwarder.h' ---- src/mgr/Forwarder.h 2017-01-01 00:16:45 +0000 -+++ src/mgr/Forwarder.h 2017-07-01 09:59:16 +0000 -@@ -40,7 +40,6 @@ - virtual void handleError(); - virtual void handleTimeout(); - virtual void handleException(const std::exception& e); -- virtual void handleRemoteAck(); - - private: - void noteCommClosed(const CommCloseCbParams& params); - -=== modified file 'src/tests/stub_libmgr.cc' ---- src/tests/stub_libmgr.cc 2017-01-01 00:16:45 +0000 -+++ src/tests/stub_libmgr.cc 2017-07-01 09:59:16 +0000 -@@ -100,7 +100,6 @@ - void Mgr::Forwarder::handleError() STUB - void Mgr::Forwarder::handleTimeout() STUB - void Mgr::Forwarder::handleException(const std::exception& e) STUB --void Mgr::Forwarder::handleRemoteAck() STUB - - #include "mgr/FunAction.h" - Mgr::Action::Pointer Mgr::FunAction::Create(const CommandPointer &cmd, OBJH *aHandler) STUB_RETVAL(dummyAction) - diff --git a/src/patches/squid/squid-3.5-14180.patch b/src/patches/squid/squid-3.5-14180.patch deleted file mode 100644 index 01d11cd03..000000000 --- a/src/patches/squid/squid-3.5-14180.patch +++ /dev/null @@ -1,448 +0,0 @@ ------------------------------------------------------------- -revno: 14180 -revision-id: squid3@treenet.co.nz-20170701120848-q2xznzfvxb4kwvb6 -parent: squid3@treenet.co.nz-20170701095916-wknqmneq2w0mxt6a -fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4464 -author: Christos Tsantilas -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Sun 2017-07-02 00:08:48 +1200 -message: - Bug 4464: Reduce "!Comm::MonitorsRead(serverConnection->fd)" assertions. - - * Protect Squid Client classes from new requests that compete with - ongoing pinned connection use and - * resume dealing with new requests when those Client classes are done - using the pinned connection. - - Replaced primary ConnStateData::pinConnection() calls with a pair of - pinBusyConnection() and notePinnedConnectionBecameIdle() calls, - depending on the pinned connection state ("busy" or "idle"). - - Removed pinConnection() parameters that were not longer used or could be computed from the remaining parameters. - - Removed ConnStateData::httpsPeeked() code "hiding" the originating - request and connection peer details while entering the first "idle" - state. The old (trunk r11880.1.6) bump-server-first code used a pair of - NULLs because "Intercepted connections do not have requests at the - connection pinning stage", but that limitation no longer applicable - because Squid always fakes (when intercepting) or parses (a CONNECT) - request now, even during SslBump step1. - - The added XXX and TODOs are not directly related to this fix. They - were added to document problems discovered while working on this fix. - - In v3.5 code, the same problems manifest as Read.cc - "fd_table[conn->fd].halfClosedReader != NULL" assertions. - - This is a Measurement Factory project ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20170701120848-q2xznzfvxb4kwvb6 -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: e4f432eed8a845431d4bbbf023de04d682adeaff -# timestamp: 2017-07-01 12:32:26 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20170701095916-\ -# wknqmneq2w0mxt6a -# -# Begin patch -=== modified file 'src/FwdState.cc' ---- src/FwdState.cc 2017-01-01 00:16:45 +0000 -+++ src/FwdState.cc 2017-07-01 12:08:48 +0000 -@@ -246,7 +246,7 @@ - #if USE_OPENSSL - if (request->flags.sslPeek && request->clientConnectionManager.valid()) { - CallJobHere1(17, 4, request->clientConnectionManager, ConnStateData, -- ConnStateData::httpsPeeked, Comm::ConnectionPointer(NULL)); -+ ConnStateData::httpsPeeked, ConnStateData::PinnedIdleContext(Comm::ConnectionPointer(nullptr), request)); - } - #endif - } else { -@@ -952,7 +952,7 @@ - #if USE_OPENSSL - if (request->flags.sslPeek) { - CallJobHere1(17, 4, request->clientConnectionManager, ConnStateData, -- ConnStateData::httpsPeeked, serverConnection()); -+ ConnStateData::httpsPeeked, ConnStateData::PinnedIdleContext(serverConnection(), request)); - unregister(serverConn); // async call owns it now - complete(); // destroys us - return; - -=== modified file 'src/base/RefCount.h' ---- src/base/RefCount.h 2017-01-01 00:16:45 +0000 -+++ src/base/RefCount.h 2017-07-01 12:08:48 +0000 -@@ -54,9 +54,7 @@ - - C & operator * () const {return *const_cast(p_); } - -- C const * getRaw() const {return p_; } -- -- C * getRaw() {return const_cast(p_); } -+ C * getRaw() const { return const_cast(p_); } - - bool operator == (const RefCount& p) const { - return p.p_ == p_; - -=== modified file 'src/client_side.cc' ---- src/client_side.cc 2017-05-29 13:15:55 +0000 -+++ src/client_side.cc 2017-07-01 12:08:48 +0000 -@@ -836,6 +836,7 @@ - assert(areAllContextsForThisConnection()); - freeAllContexts(); - -+ // XXX: Closing pinned conn is too harsh: The Client may want to continue! - unpinConnection(true); - - if (Comm::IsConnOpen(clientConnection)) -@@ -1559,6 +1560,13 @@ - - debugs(33, 3, HERE << "ConnnStateData(" << conn->clientConnection << "), Context(" << clientConnection << ")"); - connIsFinished(); -+ conn->kick(); -+} -+ -+void -+ConnStateData::kick() -+{ -+ ConnStateData * conn = this; // XXX: Remove this diff minimization hack - - if (conn->pinning.pinned && !Comm::IsConnOpen(conn->pinning.serverConnection)) { - debugs(33, 2, HERE << conn->clientConnection << " Connection was pinned but server side gone. Terminating client connection"); -@@ -3240,6 +3248,13 @@ - if (in.buf.isEmpty()) - break; - -+ // Prohibit concurrent requests when using a pinned to-server connection -+ // because our Client classes do not support request pipelining. -+ if (pinning.pinned && !pinning.readHandler) { -+ debugs(33, 3, clientConnection << " waits for busy " << pinning.serverConnection); -+ break; -+ } -+ - /* Limit the number of concurrent requests */ - if (concurrentRequestQueueFilled()) - break; -@@ -4434,22 +4449,19 @@ - } - - void --ConnStateData::httpsPeeked(Comm::ConnectionPointer serverConnection) -+ConnStateData::httpsPeeked(PinnedIdleContext pic) - { - Must(sslServerBump != NULL); -+ Must(sslServerBump->request == pic.request); -+ Must(currentobject == NULL || currentobject->http == NULL || currentobject->http->request == pic.request.getRaw()); - -- if (Comm::IsConnOpen(serverConnection)) { -- pinConnection(serverConnection, NULL, NULL, false); -+ if (Comm::IsConnOpen(pic.connection)) { -+ notePinnedConnectionBecameIdle(pic); - - debugs(33, 5, HERE << "bumped HTTPS server: " << sslConnectHostOrIp); -- } else { -+ } else - debugs(33, 5, HERE << "Error while bumping: " << sslConnectHostOrIp); - -- // copy error detail from bump-server-first request to CONNECT request -- if (currentobject != NULL && currentobject->http != NULL && currentobject->http->request) -- currentobject->http->request->detailError(sslServerBump->request->errType, sslServerBump->request->errDetail); -- } -- - getSslContextStart(); - } - -@@ -4952,19 +4964,35 @@ - } - - void --ConnStateData::pinConnection(const Comm::ConnectionPointer &pinServer, HttpRequest *request, CachePeer *aPeer, bool auth, bool monitor) --{ -- if (!Comm::IsConnOpen(pinning.serverConnection) || -- pinning.serverConnection->fd != pinServer->fd) -- pinNewConnection(pinServer, request, aPeer, auth); -- -- if (monitor) -- startPinnedConnectionMonitoring(); --} -- --void --ConnStateData::pinNewConnection(const Comm::ConnectionPointer &pinServer, HttpRequest *request, CachePeer *aPeer, bool auth) --{ -+ConnStateData::pinBusyConnection(const Comm::ConnectionPointer &pinServer, const HttpRequest::Pointer &request) -+{ -+ pinConnection(pinServer, request); -+} -+ -+void -+ConnStateData::notePinnedConnectionBecameIdle(PinnedIdleContext pic) -+{ -+ Must(pic.connection != NULL); -+ Must(pic.request != NULL); -+ pinConnection(pic.connection, pic.request); -+ -+ // monitor pinned server connection for remote-end closures. -+ startPinnedConnectionMonitoring(); -+ -+ if (!currentobject) -+ kick(); // in case clientParseRequests() was blocked by a busy pic.connection -+} -+ -+/// Forward future client requests using the given server connection. -+void -+ConnStateData::pinConnection(const Comm::ConnectionPointer &pinServer, const HttpRequest::Pointer &request) -+{ -+ if (Comm::IsConnOpen(pinning.serverConnection) && -+ pinning.serverConnection->fd == pinServer->fd) { -+ debugs(33, 3, "already pinned" << pinServer); -+ return; -+ } -+ - unpinConnection(true); // closes pinned connection, if any, and resets fields - - pinning.serverConnection = pinServer; -@@ -4973,23 +5001,21 @@ - - Must(pinning.serverConnection != NULL); - -- // when pinning an SSL bumped connection, the request may be NULL - const char *pinnedHost = "[unknown]"; -- if (request) { -+ if (request != NULL) { - pinning.host = xstrdup(request->GetHost()); - pinning.port = request->port; - pinnedHost = pinning.host; -+ pinning.auth = request->flags.connectionAuth; - } else { - pinning.port = pinServer->remote.port(); - } - pinning.pinned = true; -- if (aPeer) -- pinning.peer = cbdataReference(aPeer); -- pinning.auth = auth; -+ pinning.peer = cbdataReference(pinServer->getPeer()); - char stmp[MAX_IPSTRLEN]; - char desc[FD_DESC_SZ]; - snprintf(desc, FD_DESC_SZ, "%s pinned connection for %s (%d)", -- (auth || !aPeer) ? pinnedHost : aPeer->name, -+ (pinning.auth || !pinning.peer) ? pinnedHost : pinning.peer->name, - clientConnection->remote.toUrl(stmp,MAX_IPSTRLEN), - clientConnection->fd); - fd_note(pinning.serverConnection->fd, desc); -@@ -5164,3 +5190,8 @@ - * connection has gone away */ - } - -+std::ostream & -+operator <<(std::ostream &os, const ConnStateData::PinnedIdleContext &pic) -+{ -+ return os << pic.connection << ", request=" << pic.request; -+} - -=== modified file 'src/client_side.h' ---- src/client_side.h 2017-01-01 00:16:45 +0000 -+++ src/client_side.h 2017-07-01 12:08:48 +0000 -@@ -26,6 +26,8 @@ - #include "ssl/support.h" - #endif - -+#include -+ - class ConnStateData; - class ClientHttpRequest; - class clientStreamNode; -@@ -188,6 +190,11 @@ - /// Traffic parsing - bool clientParseRequests(); - void readNextRequest(); -+ -+ // In v3.5, usually called via ClientSocketContext::keepaliveNextRequest(). -+ /// try to make progress on a transaction or read more I/O -+ void kick(); -+ - ClientSocketContext::Pointer getCurrentContext() const; - void addContextToQueue(ClientSocketContext * context); - int getConcurrentRequestCount() const; -@@ -287,9 +294,21 @@ - bool handleReadData(); - bool handleRequestBodyData(); - -- /// Forward future client requests using the given server connection. -- /// Optionally, monitor pinned server connection for remote-end closures. -- void pinConnection(const Comm::ConnectionPointer &pinServerConn, HttpRequest *request, CachePeer *peer, bool auth, bool monitor = true); -+ /// parameters for the async notePinnedConnectionBecameIdle() call -+ class PinnedIdleContext -+ { -+ public: -+ PinnedIdleContext(const Comm::ConnectionPointer &conn, const HttpRequest::Pointer &req): connection(conn), request(req) {} -+ -+ Comm::ConnectionPointer connection; ///< to-server connection to be pinned -+ HttpRequest::Pointer request; ///< to-server request that initiated serverConnection -+ }; -+ -+ /// Called when a pinned connection becomes available for forwarding the next request. -+ void notePinnedConnectionBecameIdle(PinnedIdleContext pic); -+ /// Forward future client requests using the given to-server connection. -+ /// The connection is still being used by the current client request. -+ void pinBusyConnection(const Comm::ConnectionPointer &pinServerConn, const HttpRequest::Pointer &request); - /// Undo pinConnection() and, optionally, close the pinned connection. - void unpinConnection(const bool andClose); - /// Returns validated pinnned server connection (and stops its monitoring). -@@ -345,7 +364,7 @@ - /// generated - void doPeekAndSpliceStep(); - /// called by FwdState when it is done bumping the server -- void httpsPeeked(Comm::ConnectionPointer serverConnection); -+ void httpsPeeked(PinnedIdleContext pic); - - /// Start to create dynamic SSL_CTX for host or uses static port SSL context. - void getSslContextStart(); -@@ -449,7 +468,7 @@ - void clientAfterReadingRequests(); - bool concurrentRequestQueueFilled() const; - -- void pinNewConnection(const Comm::ConnectionPointer &pinServer, HttpRequest *request, CachePeer *aPeer, bool auth); -+ void pinConnection(const Comm::ConnectionPointer &pinServerConn, const HttpRequest::Pointer &request); - - /* PROXY protocol functionality */ - bool proxyProtocolValidateClient(); -@@ -516,5 +535,7 @@ - void clientProcessRequest(ConnStateData *conn, HttpParser *hp, ClientSocketContext *context, const HttpRequestMethod& method, Http::ProtocolVersion http_ver); - void clientPostHttpsAccept(ConnStateData *connState); - -+std::ostream &operator <<(std::ostream &os, const ConnStateData::PinnedIdleContext &pic); -+ - #endif /* SQUID_CLIENTSIDE_H */ - - -=== modified file 'src/clients/FtpRelay.cc' ---- src/clients/FtpRelay.cc 2017-01-01 00:16:45 +0000 -+++ src/clients/FtpRelay.cc 2017-07-01 12:08:48 +0000 -@@ -210,9 +210,10 @@ - mgr->unpinConnection(false); - ctrl.close(); - } else { -- mgr->pinConnection(ctrl.conn, fwd->request, -- ctrl.conn->getPeer(), -- fwd->request->flags.connectionAuth); -+ CallJobHere1(9, 4, mgr, -+ ConnStateData, -+ notePinnedConnectionBecameIdle, -+ ConnStateData::PinnedIdleContext(ctrl.conn, fwd->request)); - ctrl.forget(); - } - } - -=== modified file 'src/http.cc' ---- src/http.cc 2017-06-15 00:16:33 +0000 -+++ src/http.cc 2017-07-01 12:08:48 +0000 -@@ -1383,9 +1383,6 @@ - void - HttpStateData::processReplyBody() - { -- Ip::Address client_addr; -- bool ispinned = false; -- - if (!flags.headers_parsed) { - flags.do_next_read = true; - maybeReadVirginBody(); -@@ -1435,35 +1432,49 @@ - } - break; - -- case COMPLETE_PERSISTENT_MSG: -+ case COMPLETE_PERSISTENT_MSG: { - debugs(11, 5, "processReplyBody: COMPLETE_PERSISTENT_MSG from " << serverConnection); -- /* yes we have to clear all these! */ -+ -+ // TODO: Remove serverConnectionSaved but preserve exception safety. -+ - commUnsetConnTimeout(serverConnection); - flags.do_next_read = false; - - comm_remove_close_handler(serverConnection->fd, closeHandler); - closeHandler = NULL; -- fwd->unregister(serverConnection); - -+ Ip::Address client_addr; // XXX: Remove as unused. Why was it added? - if (request->flags.spoofClientIp) - client_addr = request->client_addr; - -+ Comm::ConnectionPointer serverConnectionSaved = serverConnection; -+ fwd->unregister(serverConnection); -+ serverConnection = nullptr; -+ -+ bool ispinned = false; // TODO: Rename to isOrShouldBePinned - if (request->flags.pinned) { - ispinned = true; - } else if (request->flags.connectionAuth && request->flags.authSent) { - ispinned = true; - } - -- if (ispinned && request->clientConnectionManager.valid()) { -- request->clientConnectionManager->pinConnection(serverConnection, request, _peer, -- (request->flags.connectionAuth)); -+ if (ispinned) { -+ if (request->clientConnectionManager.valid()) { -+ CallJobHere1(11, 4, request->clientConnectionManager, -+ ConnStateData, -+ notePinnedConnectionBecameIdle, -+ ConnStateData::PinnedIdleContext(serverConnectionSaved, request)); -+ } else { -+ // must not pool/share ispinned connections, even orphaned ones -+ serverConnectionSaved->close(); -+ } - } else { -- fwd->pconnPush(serverConnection, request->GetHost()); -+ fwd->pconnPush(serverConnectionSaved, request->GetHost()); - } - -- serverConnection = NULL; - serverComplete(); - return; -+ } - - case COMPLETE_NONPERSISTENT_MSG: - debugs(11, 5, "processReplyBody: COMPLETE_NONPERSISTENT_MSG from " << serverConnection); - -=== modified file 'src/servers/FtpServer.cc' ---- src/servers/FtpServer.cc 2017-02-26 11:09:42 +0000 -+++ src/servers/FtpServer.cc 2017-07-01 12:08:48 +0000 -@@ -301,12 +301,8 @@ - Must(http != NULL); - HttpRequest *const request = http->request; - Must(request != NULL); -- -- // this is not an idle connection, so we do not want I/O monitoring -- const bool monitor = false; -- - // make FTP peer connection exclusive to our request -- pinConnection(conn, request, conn->getPeer(), false, monitor); -+ pinBusyConnection(conn, request); - } - - void - -=== modified file 'src/tests/stub_client_side.cc' ---- src/tests/stub_client_side.cc 2017-01-01 00:16:45 +0000 -+++ src/tests/stub_client_side.cc 2017-07-01 12:08:48 +0000 -@@ -60,7 +60,8 @@ - void ConnStateData::noteBodyConsumerAborted(BodyPipe::Pointer) STUB - bool ConnStateData::handleReadData() STUB_RETVAL(false) - bool ConnStateData::handleRequestBodyData() STUB_RETVAL(false) --void ConnStateData::pinConnection(const Comm::ConnectionPointer &pinServerConn, HttpRequest *request, CachePeer *peer, bool auth, bool monitor) STUB -+void ConnStateData::pinBusyConnection(const Comm::ConnectionPointer &, const HttpRequest::Pointer &) STUB -+void ConnStateData::notePinnedConnectionBecameIdle(PinnedIdleContext) STUB - void ConnStateData::unpinConnection(const bool andClose) STUB - const Comm::ConnectionPointer ConnStateData::validatePinnedConnection(HttpRequest *request, const CachePeer *peer) STUB_RETVAL(NULL) - void ConnStateData::clientPinnedConnectionClosed(const CommCloseCbParams &io) STUB -@@ -70,7 +71,7 @@ - void ConnStateData::swanSong() STUB - void ConnStateData::quitAfterError(HttpRequest *request) STUB - #if USE_OPENSSL --void ConnStateData::httpsPeeked(Comm::ConnectionPointer serverConnection) STUB -+void ConnStateData::httpsPeeked(PinnedIdleContext) STUB - void ConnStateData::getSslContextStart() STUB - void ConnStateData::getSslContextDone(SSL_CTX * sslContext, bool isNew) STUB - void ConnStateData::sslCrtdHandleReplyWrapper(void *data, const Helper::Reply &reply) STUB - diff --git a/src/patches/squid/squid-3.5-14181.patch b/src/patches/squid/squid-3.5-14181.patch deleted file mode 100644 index 4516d6033..000000000 --- a/src/patches/squid/squid-3.5-14181.patch +++ /dev/null @@ -1,30 +0,0 @@ ------------------------------------------------------------- -revno: 14181 -revision-id: squidadm@squid-cache.org-20170701121615-ktx76udds2mzmc6c -parent: squid3@treenet.co.nz-20170701120848-q2xznzfvxb4kwvb6 -committer: Source Maintenance -branch nick: 3.5 -timestamp: Sat 2017-07-01 12:16:15 +0000 -message: - SourceFormat Enforcement ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squidadm@squid-cache.org-20170701121615-\ -# ktx76udds2mzmc6c -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: d7942d1260def31f62ccc820a44bb769381beae2 -# timestamp: 2017-07-01 12:32:29 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20170701120848-\ -# q2xznzfvxb4kwvb6 -# -# Begin patch -=== modified file 'src/client_side.cc' ---- src/client_side.cc 2017-07-01 12:08:48 +0000 -+++ src/client_side.cc 2017-07-01 12:16:15 +0000 -@@ -5195,3 +5195,4 @@ - { - return os << pic.connection << ", request=" << pic.request; - } -+ - diff --git a/src/patches/squid/squid-3.5-14182.patch b/src/patches/squid/squid-3.5-14182.patch deleted file mode 100644 index 335488107..000000000 --- a/src/patches/squid/squid-3.5-14182.patch +++ /dev/null @@ -1,35 +0,0 @@ ------------------------------------------------------------- -revno: 14182 -revision-id: squid3@treenet.co.nz-20170701232253-3beaysa03xf5c67p -parent: squidadm@squid-cache.org-20170701121615-ktx76udds2mzmc6c -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Sun 2017-07-02 11:22:53 +1200 -message: - Fix build on FreeBSD after rev.14180 - - RefCount<> does not support assignment from nullptr with C++03 ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20170701232253-3beaysa03xf5c67p -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: d5ecf68c60c022783f69311e9049e546be8fa1a0 -# timestamp: 2017-07-01 23:50:58 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squidadm@squid-cache.org-20170701121615-\ -# ktx76udds2mzmc6c -# -# Begin patch -=== modified file 'src/http.cc' ---- src/http.cc 2017-07-01 12:08:48 +0000 -+++ src/http.cc 2017-07-01 23:22:53 +0000 -@@ -1449,7 +1449,7 @@ - - Comm::ConnectionPointer serverConnectionSaved = serverConnection; - fwd->unregister(serverConnection); -- serverConnection = nullptr; -+ serverConnection = NULL; - - bool ispinned = false; // TODO: Rename to isOrShouldBePinned - if (request->flags.pinned) { - diff --git a/src/setup/passwords.c b/src/setup/passwords.c index e7b4b5231..6242577af 100644 --- a/src/setup/passwords.c +++ b/src/setup/passwords.c @@ -56,7 +56,7 @@ int handleadminpassword(void) return 0; snprintf(commandstring, STRING_SIZE, - "/usr/sbin/htpasswd -c -m -b " CONFIG_ROOT "/auth/users admin '%s'", password); + "/usr/bin/htpasswd -c -B -C 7 -b " CONFIG_ROOT "/auth/users admin '%s'", password); sprintf(message, _("Setting %s 'admin' user password..."), NAME); if (runhiddencommandwithstatus(commandstring, _("Setting password"), message, NULL)) { sprintf(message, _("Problem setting %s 'admin' user password."), NAME);