Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
tag: varnish-3.0.2
Commits on Oct 26, 2011
  1. Build without rst2man and rst2html

    Tollef Fog Heen authored
Commits on Oct 24, 2011
  1. Make it possible to disable checks for rst2man and rst2html

    Tollef Fog Heen authored
Commits on Oct 21, 2011
  1. Update version numbers

    Tollef Fog Heen authored
  2. Document 3.0.2 changes

    Tollef Fog Heen authored
  3. Update parameters for 3.0.2

    Tollef Fog Heen authored
Commits on Oct 18, 2011
  1. Kristian Lyngstøl

    Formally remove error from vcl_deliver VCC

    KristianLyng authored Tollef Fog Heen committed
    Note that error wasn't actually working in vcl_deliver, and this just puts
    VCC in line with the rest of Varnish. Syntax errors are better than assert
    errors.
    
    Re #1027
    
    I'll leave it for later discussion to see if we close #1027, which is
    technically a feature request now, though a request for a feature we used
    to have (not sure how well it worked).
  2. Kristian Lyngstøl

    Ensure ban lurker sleeps 1.0s on failure

    KristianLyng authored Tollef Fog Heen committed
    As per documentation, the ban lurker sleeps ban_lurker_sleep when it is
    successful, but on failure it should only sleep 1.0s. No point hammering
    the ban list every 0.01s if bans aren't even used.
    
    Fixes #1030
    
    Conflicts:
    
    	bin/varnishd/cache_ban.c
  3. Kristian Lyngstøl

    Ensure obj->response is set sensibly for errors

    KristianLyng authored Tollef Fog Heen committed
    The http_PutProtocol() and http_PutResponse() would in the case of
    workspace overflow leave the headers as NULL and log a
    SLT_LostHeader. This would make Varnish assert correctly later when
    writing to the wire, as these are mandated by HTTP.
    
    This commit changes them to set the fields to static strings instead
    ("HTTP/1.1" and "Lost Response") when failing to write them to the
    workspace. This leaves enough information to complete the protocol in the
    case of overflow.
    
    The patch also increases the synthetic object's workspace from static
    1024 to param->http_resp_size. This leaves more (and configurable)
    room for manipulating the headers of the synthetic object in
    vcl_error.
    
    This whole thing has been a collaboration between Martin and myself. I'll
    leave it a mystery who wrote what line of code, which part of the comment
    and contributed what to the test-case.
    
    In all fairness, it's not a prefect solution, but a far step closer to one.
    So it sort of, kinda, more or less, for now, until we get a better
    solution:
    
    Fixes: #1031
    
    Conflicts:
    
    	bin/varnishd/cache_http.c
  4. bsdphk

    Even more strange error returns on Solaris

    bsdphk authored Tollef Fog Heen committed
  5. ingvarha

    Just small typofixes

    ingvarha authored Tollef Fog Heen committed
  6. Solaris: Test for SO_{RCV,SND}TIMEO needs NET_LIBS

    Nils Goroll authored Tollef Fog Heen committed
  7. bsdphk

    Adjustments to solaris sandbox.

    bsdphk authored Tollef Fog Heen committed
    Submitted by:	Nils Goroll
  8. bsdphk

    Work around a Solaris bug.

    bsdphk authored Tollef Fog Heen committed
    Submitted by:	Nils Goroll
  9. scoof

    Update docs for 3.0

    scoof authored Tollef Fog Heen committed
    Fixes #1032
  10. Grammar

    Tollef Fog Heen authored
  11. Per Buer

    strange wording. typo

    perbu authored Tollef Fog Heen committed
  12. bsdphk

    Solaris sandbox changes.

    bsdphk authored Tollef Fog Heen committed
    Submitted by:	Nils Goroll
    
    Conflicts:
    
    	bin/varnishd/mgt_sandbox_solaris.c
  13. bsdphk

    Add mising ;'s

    bsdphk authored Tollef Fog Heen committed
  14. bsdphk

    Split solaris sandboxing out to a separate source file, and apply

    bsdphk authored Tollef Fog Heen committed
    patch received from Nils Goroll <nils.goroll@uplex.de>
    
    - [e0ee2a2] adds the file_read
      privilege needed for onnv_140 and newer (see #912), but we also need
      the file_write privilege for stevedore access.
    
    - If available, keep sys_resource in the permitted/limited set to
      allow cache_waiter_ports to raise the process.max-port-events
      resource control (feature to be added later).
    
    - When starting varnish with euid 0 on Solaris, privilege seperation
      prohibited preserving additional privileges (in excess of the basic
      set) in the child, because, for a non privilege aware process,
      setuid() resets the effective, inheritable and permitted sets to the
      basic set.
    
      To achieve interoperability between solaris privileges and
      setuid()/setgid(), we now make the varnish child privilege aware
      before calling setuid() by trying to add all privileges we will need
      plus proc_setid.
    
    - On solaris, check for proc_setid rather than checking the euid as a
      prerequisite for changing the uid/gid and only change the uid/gid if
      we need to (for a privilege aware process, [ers]uid 0 loose their
      magic powers).
    
      Note that setuid() will always set SNOCD on Solaris, which will
      prevent core dumps from being written, unless setuid core dumps are
      explicitly enabled using coreadm(1M).
    
      To avoid setuid() (and the SNOCD flag, consequently), start varnish
      as the user you intend to run the child as, but with additional
      privileges, e.g. using
    
      ppriv -e -s A=basic,net_privaddr,sys_resource varnishd ...
    
    - setppriv(PRIV_SET, ...) failed when the privileges to be applied
      were not available in the permitted set.
    
      We change the logic to only clear the privileges which are not
      needed by inverting the sets and removing all unneeded privileges
      using setppriv(PRIV_OFF, ...).
    
      So the child might end up with less privileges than given initially,
  15. Add short segment on VMs / OpenVZ

    Lasse Karstensen authored Tollef Fog Heen committed
  16. scoof

    Smartypants is bad for code. People couldn't copy/paste from the refe…

    scoof authored Tollef Fog Heen committed
    …rence pages
  17. scoof

    Add default values for some fields when logging imcomplete records.

    scoof authored Tollef Fog Heen committed
    Allow %r format to log incomplete records too.
    Update docs to reflect new defaults
    
    Fixes #1028
  18. bsdphk

    Sense of exit-code test was wrong.

    bsdphk authored Tollef Fog Heen committed
Commits on Oct 6, 2011
  1. Update version number to 3.0.2-rc1 in configure.ac

    Tollef Fog Heen authored
  2. Only build vsc2rst if we have rst2man, fixes build failure

    Tollef Fog Heen authored
  3. Update changes for 3.0.2 rc 1

    Tollef Fog Heen authored
  4. scoof

    Fix docs for req.esi

    scoof authored Tollef Fog Heen committed
  5. Drop debugging message about which host/port we have connected to

    Tollef Fog Heen authored
    Fixes: #1024
Commits on Oct 4, 2011
  1. bsdphk

    Try harder to fix solaris IOV_MAX related issue.

    bsdphk authored Tollef Fog Heen committed
  2. bsdphk

    Try harder to make v00036 deterministic

    bsdphk authored Tollef Fog Heen committed
  3. bsdphk

    This test is much to brittle due to dependence on random timing.

    bsdphk authored Tollef Fog Heen committed
    Tighten it up with use of semaphores and collapse s1/s2/s3 using
    "accept" keyword.
  4. scoof

    Format all code examples

    scoof authored Tollef Fog Heen committed
Commits on Sep 22, 2011
  1. Mark argc, argv as unused in vsc2rst

    Tollef Fog Heen authored
  2. Add varnish-counters(7) man page

    Tollef Fog Heen authored
Something went wrong with that request. Please try again.