The Squid HTTP Proxy team is very pleased to announce the
availability of the Squid-3.2.0.9 beta release!
This release includes major changes to the TCP handling layer of Squid.
As a result of the low level and wide impact of this change this beta is
less stable than previous releases.
The daily snapshot already includes several important behaviour fixes
and is recommended for testing instead of the version marker bundle.
With your assistance tracking down the new bugs we hope this can be a
very short lived instability.
We have traded this step down to gain:
* Support split-stack IPv6 to servers
This is expected to resolved most if not all outstanding IPv6 issues
on OpenBSD, NetBSD, MacOSX and other systems with redacted TCP stack
capabilities. Failure recovery in the event of broken external services
is greatly enhanced, although further improvement is possible.
* Support persistent connections with tcp_outgoing_address
Persistent connections are now expected to be picked reliably despite
any forced outgoing IP. This also resolves all issues around
tcp_outgoing_address ACL not having access to the destination IP for use
in the dst ACL.
* Optimize persistent connection handling
* Optimize FTP data connection handling
* Optimize TCP failure recovery
This release is expected to pool and re-use connections more
efficiently than ever before. Resolving several outstanding issues with
unnecessarily high connection counts to peers, resolving FTP data
connection failures and much faster TCP connection retry stages.
A new directive connect_retries is added to limit the absolute number
of routing paths to attempt on each requests before presenting an error
page to the user.
Also added some HTTP/1.1 support fixes and extra logformat tags for
display of the HTTP request line received from the client and sent to
the server.
As usual this release contains all the fixes passed on to 3.1 series
alongside its own changes. There are several important bugs fixed
amongst those changes:
* A small security vulnerability in the ssl-bump certificate
validation. This only affects those choosing to bypass certificate failures.
* Several squid.conf parsing segmentation faults fixed.
See the ChangeLog for the list of other minor changes in this release.
All users interested in 3.2 features are encouraged to assist testing
this release.
Please refer to the release notes at
http://www.squid-cache.org/Versions/v3/3.2/RELEASENOTES.html
when you are ready to make the switch to Squid-3.2
Upgrade tip:
"squid -k parse" is starting to display even more useful hints about
squid.conf changes.
This new release can be downloaded from our HTTP or FTP servers
http://www.squid-cache.org/Versions/v3/3.2/
ftp://ftp.squid-cache.org/pub/squid/
ftp://ftp.squid-cache.org/pub/archive/3.2/
or the mirrors. For a list of mirror sites see
http://www.squid-cache.org/Download/http-mirrors.dyn
http://www.squid-cache.org/Download/mirrors.dyn
If you encounter any issues with this release please file a bug report.
http://bugs.squid-cache.org/
Amos Jeffries
