Index: Makefile.am =================================================================== RCS file: /server/cvs-server/squid/squid/Makefile.am,v retrieving revision 1.3.2.8 diff -u -p -r1.3.2.8 Makefile.am --- Makefile.am 7 Jul 2002 18:01:20 -0000 1.3.2.8 +++ Makefile.am 29 Aug 2002 14:43:22 -0000 @@ -20,6 +20,7 @@ dist-hook: rm -f $(distdir)/$$subdir/autoconf.h; \ fi; \ done + ln -s doc/release-notes/release-2.5.html $(distdir)/ReleaseNotes.html EXTRA_DIST = \ ChangeLog \ Index: doc/Makefile.am =================================================================== RCS file: /server/cvs-server/squid/squid/doc/Makefile.am,v retrieving revision 1.1.2.2 diff -u -p -r1.1.2.2 Makefile.am --- doc/Makefile.am 20 Jul 2002 22:53:13 -0000 1.1.2.2 +++ doc/Makefile.am 29 Aug 2002 14:43:22 -0000 @@ -11,4 +11,5 @@ man_MANS = \ EXTRA_DIST = \ squid.8 \ - debug-sections.txt + debug-sections.txt \ + release-notes/release-2.5.html Index: doc/release-notes/release-2.5.sgml =================================================================== RCS file: doc/release-notes/release-2.5.sgml diff -N doc/release-notes/release-2.5.sgml --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ doc/release-notes/release-2.5.sgml 29 Aug 2002 14:43:22 -0000 @@ -0,0 +1,110 @@ + +
+Squid 2.5 release notes +Squid Developers +$Id: $ + + +This document contains the release notes for version 2.5 of Squid. +Squid is a WWW Cache application developed by the National Laboratory +for Applied Network Research and members of the Web Caching community. + + + +Key changes from squid 2.4: +

+ + Major rewrite of proxy authentication to support other schemes + than basic. First in the line is NTLM support but others can + easily be added (minimal digest is present). See the Programmers + Guide for the internals. + Thanks to the SAMBA team for some excellent collaboration on the + NTLM support! + (Robert Collins & Francesco Chemolli) + Optimized searching in proxy_auth and ident ACL types. Squid + should now handle large access lists a lot more efficiently. + (Francesco Chemolli) + Fixed forwarding/peer loop detection code (Brian Degenhardt) - + now a peer is ignored if it turns out to be us, rather than + committing suicide + Changed the internal URL code to obey appendDomain for + internal objects if it needs appending. This fixes weirdnesses + where a machine can think it is "foo.bar.com", and "foo" is + requested. + (Brian Degenhardt) + Added the use of Automake to create the Makefile.in's in the + squid source tree. This will allow libtool in the future, and + immediately allows better dependency tracking - with or + without gcc - as well as the dist-all and distcheck targets + for developers which respectively build a tar.gz and a tar.bz2 + distribution, and check that what will be distributed builds. + (Robert Collins) + Added TOS and source address selection based on ACLs, + written by Roger Venning. This allows administrators to set + the TOS precedence bits and/or the source IP from a set of + available IPs based upon some ACLs, generally to map different + users to different outgoing links and traffic profiles. + Added 'max-conn' option to 'cache_peer' + Added SSL gatewaying support, allowing Squid to act as a SSL + server in accelerator setups. + Many new authentication helpers. + no_cache now applies to cache hits as well as cache misses + the Gopher client in Squid has been significantly improved + Squid now sanity checks FTP data connections to ensure the + connection is from the requested server. Can be disabled if + needed by turning off the ftp_sanitycheck option. + external acl support. A mechanism where flexible ACL checks + can be driven by external helpers. See the external_acl_type + and acl external directives. + Countless other small things and fixes + HTML pages generated by Squid or CacheMgr as well as the + ERR documents now contain a doctype declaration so that + browsers know which HTML specification the document uses. + In addition to that they have a new look + (background-color, font) and are valid according to the HTML + standards at www.w3.org. + (Clemens Löser) + Login and password send to Basic auth helpers is now URL + escaped to allow for spaces and other "odd" characters in + logins and passwords + Proxy Authentication is no longer blindly forwarded to peer + caches if not used locally. If forwarding of proxy authentication + is desired then it must now be configured with the login=PASS + cache_peer option. + Responses with Vary: in the header are now cached by squid. + (Henrik Nordstrom). + + +Changes to squid.conf +

+http_portAllows ip address specification. +https_portThis is an option for use with SSL acceleration - it determines where squid listens for SSL requests. +ssl_unclean_shutdownThis is used to handle some bugs in browsers that don't fully support SSL. +tcp_incoming_addressThis has been removed - use the http_port line to specify ip address's. +cache_peerlogin= has been extended to allow pass through authentication, fixed password authentication and maximum connection limits. +hosts_fileDirects squid to read in a set of name-address associations upon startup and reconfiguration. +authenticate_program

authenticate_children

proxy_auth_realmRemoved. See auth_param. +auth_paramThis replaces the authenticate_program directive. It allows configuration of multiple authentication helpers, one for each of the supported authentication schemes. Such schemes include "NTLM", "Digest (from RFC 2617)", and "Basic". +authenticate_cache_garbage_intervalThis directive sets the garbage collection interval for the authentication cache. +external_acl_typeThis directive configures the new external ACL Helper interface. VERY useful for authenticating by group membership - i.e. from an LDAP server or NT domain. +request_body_max_sizeThe default for this is now 0 - unlimited. +reply_body_max_sizeNow multiple size limits are allowed based on ACL lists. +refresh_patternThe default is now blank - users must uncomment the suggested default to use it. This allows the use of a blank refresh pattern if desired. +request_timeoutRaised the default to 5 minutes. +persistent_request_timeout New directive - how long to wait after a reply is completed before closing the connection. +aclNew acl typesreferer_regex (match Referer headers), +max_user_ip (limit concurrent IP's a single user may use) +rep_mime_type (filter replies based on their content type). +external (use an external helper) +http_reply_accessLimit HTTP replies based on ACL's. This is complementary to http_access. +tcp_outgoing_tos

tcp_outgoing_ds

tcp_outgoing_dscpThese three directives allow marking of outbound connections at the IP level - i.e. for choosing routes based on the usercode. +tcp_outgoing_addressAllows mapping of requests onto specific outbound IP address's. +anonymize_headersRemoved. See header_access. +header_accessAllow granular filtering of HTTP headers. +header_replaceReplace specific headers with custom values. +pipeline_prefetchNow defaults to off for bandwidth management and access logging reasons. +vary_ignore_expireEnables a workaround for web servers that immediately expire Varied objects because they think squid is unable to handle Vary:. +sleep_after_forkGive the OS a small amount of time to accomodate the fork+exec used to launch helpers - if squid has a lot of virtual memory allocated the OS may run out of virtual memory during helper spawning otherwise. + +

+ Index: doc/release-notes/Makefile =================================================================== RCS file: doc/release-notes/Makefile diff -N doc/release-notes/Makefile --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ doc/release-notes/Makefile 29 Aug 2002 14:43:22 -0000 @@ -0,0 +1,26 @@ +DOC = release-2.5 + +all: $(DOC).html $(DOC).ps + +$(DOC).ps: $(DOC).sgml + linuxdoc -B latex -o ps $(DOC) + +#$(DOC).dvi: $(DOC).tex +# latex $(DOC).tex +# latex $(DOC).tex +# latex $(DOC).tex +# + +$(DOC).txt: $(DOC).sgml + linuxdoc -B txt --filter $(DOC) + +$(DOC).html: $(DOC).sgml + linuxdoc -B html --split=0 $(DOC) + +$(DOC).man: $(DOC).sgml + linuxdoc -B txt -m $(DOC) + +clean: + rm -f *.html + rm -f $(DOC).tex $(DOC).ps $(DOC).dvi $(DOC).aux $(DOC).log $(DOC).toc + rm -f $(DOC).txt $(DOC).man