Package: squid
Version: 2.7.STABLE3-1
Severity: normal
The problem has been fixed in 2.7.STABLE5, the original patch is located here:
http://www.squid-cache.org/Versions/v2/2.7/changesets/12378.patch
See also:
http://www.squid-cache.org/Versions/v2/2.7/changesets/SQUID_2_7_STABLE5.html
Would be great if the patch could be included in lenny as the official Squid3
hasn't this patch implemented yet too. So all squid versions in lenny are
stream incompatible...
Mathias Tauber
-- System Information:
Debian Release: 5.0
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages squid depends on:
ii adduser 3.110 add and remove users and groups
ii debconf [debconf-2.0] 1.5.24 Debian configuration management sy
ii libc6 2.7-18 GNU C Library: Shared libraries
ii libcomerr2 1.41.3-1 common error description library
ii libdb4.6 4.6.21-11 Berkeley v4.6 Database Libraries [
ii libkrb53 1.6.dfsg.4~beta1-5 MIT Kerberos runtime libraries
ii libldap-2.4-2 2.4.11-1 OpenLDAP libraries
ii libpam0g 1.0.1-5 Pluggable Authentication Modules l
ii logrotate 3.7.1-5 Log rotation utility
ii lsb-base 3.2-20 Linux Standard Base 3.2 init scrip
ii netbase 4.34 Basic TCP/IP networking system
ii squid-common 2.7.STABLE3-1 Internet object cache (WWW proxy c
squid recommends no packages.
Versions of packages squid suggests:
pn logcheck-database <none> (no description available)
pn resolvconf <none> (no description available)
pn smbclient <none> (no description available)
pn squid-cgi <none> (no description available)
pn squidclient <none> (no description available)
pn winbind <none> (no description available)
-- debconf information excluded
---------------------
PatchSet 12378
Date: 2008/09/25 02:33:37
Author: hno
Branch: SQUID_2_7
Tag: (none)
Log:
Bug #2394: add upgrade_http0.9 option making it possible to disable upgrade of
HTTP/0.9 responses
Apparently there is some applications which may get confused if HTTP/0.9
(aka headerless) responses gets upgraded to HTTP. This squid.conf option
makes it possible to disable the upgrade of such responses, leaving them
as-is without any HTTP header.
Members:
src/HttpHeader.c:1.99->1.99.2.1
src/cf.data.pre:1.450.2.27->1.450.2.28
src/client_side.c:1.754.2.22->1.754.2.23
src/enums.h:1.245.2.2->1.245.2.3
src/http.c:1.439.2.6->1.439.2.7
src/structs.h:1.538.2.15->1.538.2.16
Index: squid/src/HttpHeader.c
===================================================================
RCS file: /cvsroot/squid/squid/src/HttpHeader.c,v
retrieving revision 1.99
retrieving revision 1.99.2.1
diff -u -r1.99 -r1.99.2.1
--- squid/src/HttpHeader.c 21 Dec 2007 09:50:19 -0000 1.99
+++ squid/src/HttpHeader.c 25 Sep 2008 02:33:37 -0000 1.99.2.1
@@ -1,6 +1,6 @@
/*
- * $Id: HttpHeader.c,v 1.99 2007/12/21 09:50:19 adrian Exp $
+ * $Id: HttpHeader.c,v 1.99.2.1 2008/09/25 02:33:37 hno Exp $
*
* DEBUG: section 55 HTTP Header
* AUTHOR: Alex Rousskov
@@ -129,6 +129,7 @@
{"X-Forwarded-For", HDR_X_FORWARDED_FOR, ftStr},
{"X-Request-URI", HDR_X_REQUEST_URI, ftStr},
{"X-Squid-Error", HDR_X_SQUID_ERROR, ftStr},
+ {"X-HTTP09-First-Line", HDR_X_HTTP09_FIRST_LINE, ftStr},
{"Negotiate", HDR_NEGOTIATE, ftStr},
#if X_ACCELERATOR_VARY
{"X-Accelerator-Vary", HDR_X_ACCELERATOR_VARY, ftStr},
Index: squid/src/cf.data.pre
===================================================================
RCS file: /cvsroot/squid/squid/src/cf.data.pre,v
retrieving revision 1.450.2.27
retrieving revision 1.450.2.28
diff -u -r1.450.2.27 -r1.450.2.28
--- squid/src/cf.data.pre 25 Sep 2008 02:19:57 -0000 1.450.2.27
+++ squid/src/cf.data.pre 25 Sep 2008 02:33:37 -0000 1.450.2.28
@@ -1,6 +1,6 @@
#
-# $Id: cf.data.pre,v 1.450.2.27 2008/09/25 02:19:57 hno Exp $
+# $Id: cf.data.pre,v 1.450.2.28 2008/09/25 02:33:37 hno Exp $
#
# SQUID Web Proxy Cache http://www.squid-cache.org/
# ----------------------------------------------------------
@@ -3253,6 +3253,29 @@
broken_posts allow buggy_server
DOC_END
+NAME: upgrade_http0.9
+TYPE: acl_access
+DEFAULT: none
+LOC: Config.accessList.upgrade_http09
+DOC_START
+ This access list controls when HTTP/0.9 responses is upgraded
+ to our current HTTP version. The default is to always upgrade.
+
+ Some applications expect to be able to respond with non-HTTP
+ responses and clients gets confused if the response is upgraded.
+ For example SHOUTcast servers used for mp3 streaming.
+
+ To enable some flexibility in detection of such applications
+ the first line of the response is available in the internal header
+ X-HTTP09-First-Line for use in the rep_header acl.
+
+NOCOMMENT_START
+# Don't upgrade ShoutCast responses to HTTP
+acl shoutcast rep_header X-HTTP09-First-Line ^ICY\s[0-9]
+upgrade_http0.9 deny shoutcast
+NOCOMMENT_END
+DOC_END
+
NAME: via
IFDEF: HTTP_VIOLATIONS
COMMENT: on|off
Index: squid/src/client_side.c
===================================================================
RCS file: /cvsroot/squid/squid/src/client_side.c,v
retrieving revision 1.754.2.22
retrieving revision 1.754.2.23
diff -u -r1.754.2.22 -r1.754.2.23
--- squid/src/client_side.c 25 Sep 2008 02:28:57 -0000 1.754.2.22
+++ squid/src/client_side.c 25 Sep 2008 02:33:37 -0000 1.754.2.23
@@ -1,6 +1,6 @@
/*
- * $Id: client_side.c,v 1.754.2.22 2008/09/25 02:28:57 hno Exp $
+ * $Id: client_side.c,v 1.754.2.23 2008/09/25 02:33:37 hno Exp $
*
* DEBUG: section 33 Client-side Routines
* AUTHOR: Duane Wessels
@@ -1942,8 +1942,8 @@
LOCAL_ARRAY(char, bbuf, MAX_URL + 32);
String strVia = httpHeaderGetList(hdr, HDR_VIA);
snprintf(bbuf, MAX_URL + 32, "%d.%d %s",
- http->entry->mem_obj->reply->sline.version.major,
- http->entry->mem_obj->reply->sline.version.minor, ThisCache);
+ rep->sline.version.major,
+ rep->sline.version.minor, ThisCache);
strListAdd(&strVia, bbuf, ',');
httpHeaderDelById(hdr, HDR_VIA);
httpHeaderPutStr(hdr, HDR_VIA, strBuf(strVia));
@@ -2003,13 +2003,6 @@
/* try to grab the already-parsed header */
rep = httpReplyClone(orig_rep);
if (rep->pstate == psParsed) {
- if (http->conn->port->http11) {
- /* enforce 1.1 reply version */
- httpBuildVersion(&rep->sline.version, 1, 1);
- } else {
- /* enforce 1.0 reply version */
- httpBuildVersion(&rep->sline.version, 1, 0);
- }
/* do header conversions */
clientBuildReplyHeader(http, rep);
/* if we do ranges, change status to "Partial Content" */
@@ -3018,17 +3011,41 @@
{
HttpReply *rep = http->reply;
MemBuf mb;
+ int send_header = 1;
/* reset range iterator */
http->range_iter.pos = HttpHdrRangeInitPos;
if (http->request->method == METHOD_HEAD) {
/* do not forward body for HEAD replies */
http->flags.done_copying = 1;
}
+ if (http->http_ver.major < 1)
+ send_header = 0;
+ if (rep->sline.version.major < 1) {
+ if (send_header && Config.accessList.upgrade_http09) {
+ aclCheck_t *checklist =
clientAclChecklistCreate(Config.accessList.upgrade_http09, http);
+ checklist->reply = rep;
+ if (aclCheckFast(Config.accessList.upgrade_http09, checklist) != 1)
+ send_header = 0;
+ aclChecklistFree(checklist);
+ }
+ httpHeaderDelById(&rep->header, HDR_X_HTTP09_FIRST_LINE);
+ }
/* init mb; put status line and headers */
- if (http->http_ver.major >= 1)
+ if (send_header) {
+ if (http->conn->port->http11) {
+ /* enforce 1.1 reply version */
+ httpBuildVersion(&rep->sline.version, 1, 1);
+ } else {
+ /* enforce 1.0 reply version */
+ httpBuildVersion(&rep->sline.version, 1, 0);
+ }
mb = httpReplyPack(rep);
- else
+ } else {
+ debug(33, 2) ("HTTP/0.9 response, disable everything\n");
+ http->request->flags.chunked_response = 0;
+ http->request->flags.proxy_keepalive = 0;
memBufDefInit(&mb);
+ }
if (Config.onoff.log_mime_hdrs) {
http->al.headers.reply = xmalloc(mb.size + 1);
xstrncpy(http->al.headers.reply, mb.buf, mb.size);
Index: squid/src/enums.h
===================================================================
RCS file: /cvsroot/squid/squid/src/enums.h,v
retrieving revision 1.245.2.2
retrieving revision 1.245.2.3
diff -u -r1.245.2.2 -r1.245.2.3
--- squid/src/enums.h 27 May 2008 12:49:39 -0000 1.245.2.2
+++ squid/src/enums.h 25 Sep 2008 02:33:37 -0000 1.245.2.3
@@ -1,6 +1,6 @@
/*
- * $Id: enums.h,v 1.245.2.2 2008/05/27 12:49:39 hno Exp $
+ * $Id: enums.h,v 1.245.2.3 2008/09/25 02:33:37 hno Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
@@ -261,6 +261,7 @@
#endif
HDR_X_ERROR_URL, /* errormap, requested URL */
HDR_X_ERROR_STATUS, /* errormap, received HTTP status line
*/
+ HDR_X_HTTP09_FIRST_LINE, /* internal, first line of HTTP/0.9 response */
HDR_FRONT_END_HTTPS,
HDR_PROXY_SUPPORT,
HDR_KEEP_ALIVE,
Index: squid/src/http.c
===================================================================
RCS file: /cvsroot/squid/squid/src/http.c,v
retrieving revision 1.439.2.6
retrieving revision 1.439.2.7
diff -u -r1.439.2.6 -r1.439.2.7
--- squid/src/http.c 25 Jun 2008 22:14:02 -0000 1.439.2.6
+++ squid/src/http.c 25 Sep 2008 02:33:37 -0000 1.439.2.7
@@ -1,6 +1,6 @@
/*
- * $Id: http.c,v 1.439.2.6 2008/06/25 22:14:02 hno Exp $
+ * $Id: http.c,v 1.439.2.7 2008/09/25 02:33:37 hno Exp $
*
* DEBUG: section 11 Hypertext Transfer Protocol (HTTP)
* AUTHOR: Harvest Derived
@@ -432,6 +432,18 @@
hdr_len = httpState->reply_hdr.size;
if (hdr_len > 4 && strncmp(httpState->reply_hdr.buf, "HTTP/", 5)) {
debug(11, 3) ("httpProcessReplyHeader: Non-HTTP-compliant header:
'%s'\n", httpState->reply_hdr.buf);
+ {
+ char *t, *t2;
+ t = xstrdup(httpState->reply_hdr.buf);
+ t2 = strchr(t, '\n');
+ if (t2)
+ *t2 = '\0';
+ t2 = strchr(t, '\r');
+ if (t2)
+ *t2 = '\0';
+ httpHeaderPutStr(&reply->header, HDR_X_HTTP09_FIRST_LINE, t);
+ safe_free(t);
+ }
httpState->reply_hdr_state += 2;
httpState->chunk_size = -1; /* Terminated by EOF */
httpState->reply_hdr.size = old_size;
@@ -972,7 +984,6 @@
} else if (s == HTTP_INVALID_HEADER) {
MemBuf mb;
HttpReply *reply = entry->mem_obj->reply;
- httpReplyReset(reply);
httpBuildVersion(&reply->sline.version, 0, 9);
reply->sline.status = HTTP_OK;
httpHeaderPutTime(&reply->header, HDR_DATE, squid_curtime);
Index: squid/src/structs.h
===================================================================
RCS file: /cvsroot/squid/squid/src/structs.h,v
retrieving revision 1.538.2.15
retrieving revision 1.538.2.16
diff -u -r1.538.2.15 -r1.538.2.16
--- squid/src/structs.h 21 Jul 2008 20:18:50 -0000 1.538.2.15
+++ squid/src/structs.h 25 Sep 2008 02:33:37 -0000 1.538.2.16
@@ -1,6 +1,6 @@
/*
- * $Id: structs.h,v 1.538.2.15 2008/07/21 20:18:50 hno Exp $
+ * $Id: structs.h,v 1.538.2.16 2008/09/25 02:33:37 hno Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
@@ -737,6 +737,7 @@
#endif
acl_access *vary_encoding;
acl_access *auth_ip_shortcircuit;
+ acl_access *upgrade_http09;
} accessList;
acl_deny_info_list *denyInfoList;
struct _authConfig {
