* Non-maintainer upload by the LTS Security Team.
* CVE-2022-47185, CVE-2023-33934: Improper input validation
[dgit import unpatched trafficserver 8.1.7-0+deb10u2]
--- /dev/null
--- /dev/null
++trafficserver for Debian
++------------------------
++
++Here are some configuration hints related to Traffic Server. Unless you already
++noted, configuration files are located in /etc/trafficserver. Traffic Server
++has some uncommon behaviour here: Please note, those files are generated auto-
++matically and some may not even be intended to be edited manually. Moreover it
++will rotate and synchronize configuration files if you run a cluster. Hence be
++careful when editing them, chances are Traffic Server WILL OVERWRITE them. This
++is especially true for comments which are not kept when using `traffic_line'
++(as explained below).
++
++* To get a general idea about traffic server and its architecture, read [4]. It
++ is crucial to understand the internal architecture before trying to start.
++
++* The main configuration file is `records.config'. You may either edit the main
++ configuration file by hand, but it is suggested to use the `traffic_line'
++ command instead. More on editing configuration files can be found on [1]. The
++ `traffic_line' command is used like this:
++
++ traffic_line -s proxy.config.proxy_name -v www.example.com
++
++ You might need to tell Traffic Server about your changes. If it is already
++ running use `traffic_line -x' to inform it about your changes. Please note
++ that you must restart your `traffic_server' daemon for some changes.
++
++* If you used Squid before you might find [2] helpful which lists Traffic Serv-
++ er configuration directives along their Squid equivalent. Use this as resour-
++ ce to understand Traffic Server.
++
++* To help you to get started, I am going to introduce you very briefly to Traf-
++ fic Server. Note, lines starting with `#' are remarks:
++
++ Open `records.config'.
++
++ # Configure the cluster interface
++ CONFIG proxy.config.cluster.ethernet_interface STRING eth0
++
++
++ # You may also want to bind your proxy server to a specific IP:
++ # Please note the security warning below as well
++ CONFIG proxy.local.incoming_ip_to_bind 1.2.3.4
++
++ # Next configure the listening port for incoming connections
++ CONFIG proxy.config.http.server_port INT 80
++
++ # Now tell Traffic Server how much Memory it is allowed to consume
++ # Set this value to -1 for best results which will instruct Traffic Server
++ # to consume roughly 1 MB for each GB of your disk backend storage size
++ # for memory caching. If you can afford it, go on and trash as much as
++ # you want and put here any positive value indicating the memory cache
++ # in bytes.
++ CONFIG proxy.config.cache.ram_cache.size LLONG 131072 # (128 MB)
++
++ Next edit `storage.config'. Debian ships with a default configuration poin-
++ ting to a cache file in `/var/cache/trafficserver' sized 256MB. This is fair-
++ ly ok for testing, otherwise feel free to change (value is in KB):
++
++ /var/cache/trafficserver 262144
++
++ Finally open `remap.config' where you need to tell Traffic Server about
++ your origin server(s):
++
++ map http://www.example.com/ http://www.example.com:8080/
++ # ---------------------- ----------------------------
++ # ^- This is your client This is your origin -^
++ # Host: header that server.
++ # is to be mappend
++
++* For a more comprehensive documentation about Traffic Server and its configu-
++ ration directives consult [3].
++
++ Yet the documentation on the web page can not be considered up to date for some
++ parts. Feel free to ask for help on the Apache Traffic Server mailing list:
++
++ E-Mail <users@trafficserver.apache.org>
++ URL: <http://mail-archives.apache.org/mod_mbox/trafficserver-users/>
++
++ More information may be found on either resource among those:
++ Project Website: <http://trafficserver.apache.org/>
++ IRC: #traffic-server on irc.freenode.net.
++ Project Wiki: https://cwiki.apache.org/TS/traffic-server.html
++
++* Traffic Server can basically act in two modes: As forward proxy and as a rever-
++ se proxy. Traffic Servers primary purpose is to act as reverse proxy (e.g.
++ different to Squid). Nonetheless you can Traffic Server still instruct to act
++ as forward proxy as well. If you know what you are doing, you need to set
++
++ CONFIG proxy.config.url_remap.remap_required INT 0
++
++ for that purpose.
++
++
++[1] https://docs.trafficserver.apache.org/en/latest/admin-guide/configuring-traffic-server.en.html
++[2] https://cwiki.apache.org/confluence/display/TS/SquidConfigTranslation
++[3] https://docs.trafficserver.apache.org/en/latest/admin-guide/files/records.config.en.html
++[4] https://docs.trafficserver.apache.org/en/latest/admin-guide/introduction.en.html
++
++ -- Arno Töll <debian@toell.net> Wed, 21 Mar 2012 14:10:21 +0100
--- /dev/null
--- /dev/null
++trafficserver (6.0.0-3) unstable; urgency=medium
++
++ If you are using 32-bits package, please not that upstream has
++ discontinued 32-bit support.
++ 32-bits Debian package will still be built, but is subject to removal
++ whenever 32-bit fails.
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Mon, 14 Dec 2015 10:29:12 +0100
++
++trafficserver (3.0.0-1) unstable; urgency=low
++
++ If you are upgrading from v2.1.8 or earlier to ATS 3.0 you need to migrate
++ to the new `records.config' configuration file. If possible, let Debian
++ overwrite your `records.config' configuration file.
++
++ Moreover you should clear all caches after upgrading (e.g. do "traffic_server
++ -Cclear").
++
++ The host.db data abse isn't required anymore. Therefore you can delete
++ `/etc/trafficserver/internal/hostdb.config' and `/var/cache/trafficserver/
++ host.db'.
++
++ -- Arno Töll <debian@toell.net> Wed, 15 Jun 2011 16:23:13 +0200
--- /dev/null
--- /dev/null
++trafficserver for Debian
++------------------------
++
++* ATS 8.0.0 comes with slight changes in config files.
++ Following ones has been removed:
++ - /etc/trafficserver/vaddrs.config
++ - /etc/trafficserver/metrics.config
++ - /etc/trafficserver/logging.config
++ - /etc/trafficserver/log_hosts.config
++ - /etc/trafficserver/congestion.config
++ - /etc/trafficserver/cluster.config
++ - /etc/trafficserver/body_factory/default/congestion#retryAfter
++
++* New config files have been added and now use yaml format.
++ More files will be migrated in the future:
++ - /etc/trafficserver/logging.yaml
++ - /etc/trafficserver/ssl_server_name.yaml
++
++* gzip pluging has been renamed into compress.
++ Existing configuration won't be updated
++
++* traffic_cop has been removed. Now, init and systemd files use traffic_manager
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Fri, 21 Sep 2018 09:04:07 +0200
++
++* If you are using 32-bits package, please note that upstream has
++ discontinued 32-bit support.
++ 32-bits Debian package will still be built, but is subject to removal
++ whenever 32-bit fails.
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Mon, 14 Dec 2015 10:29:12 +0100
++
++* Please read the CONFIGURATION.Debian file to get started with Traffic Server.
++
++* Currently Apache Traffic Server lacks man pages of binaries shipped along the
++ package. That's a known problem which is being worked on. Please read the
++ upstream documentation on the website instead.
++
++* If you read upstream's documentation about Traffic Server you will sometimes
++ find references to a program `/usr/bin/trafficserver`. Debian does not ship
++ this script. This is intentional. Use Debian's /etc/init.d/trafficserver
++ script instead.
++
++ -- Arno Töll <debian@toell.net> Tue, 31 Dec 2011 13:54:18 +0100
--- /dev/null
--- /dev/null
++Trafficserver-plugin-conf-remap for Debian
++-----------------------------------------
++
++* The conf_remap plug-in allows you to override configuration directives
++ dependent on actual remapping rules.
++* This plug-in replaces older legacy functionality which allowed to achieve a
++ similar behaviour previously by configuring remap rules for example with
++ switches like "@pristine_host_hdr=1" in your remap configuration.
++* If you want to achieve this behaviour now, configure a remap rule like this:
++
++ map http://cdn.example.com/ http://some-server.example.com \
++ @plugin=conf_remap.so @pparam=/etc/trafficserver/cdn.conf
++
++ where cdn.conf would look like records.config, e.g.
++
++ CONFIG proxy.config.url_remap.pristine_host_hdr INT 1
++
++ Doing this, you will override your global default configuration on a per map-
++ ping rule.
++
++* You may want to look on
++ <https://cwiki.apache.org/confluence/display/TS/conf_remap+Plug-In>
++ for a full list of options which are allowed to be overridden and perhaps
++ some updated information.
++
++ -- Arno Toell <debian@toell.net> Tue, 12 Jan 2011 19:30:18 +0100
--- /dev/null
--- /dev/null
++#! /usr/bin/perl
++
++use strict;
++
++our @config_lines;
++our %defaults = (
++ "proxy.config.alarm_email" => "trafficserver",
++ "proxy.config.admin.user_id" => "trafficserver",
++ "proxy.config.log.max_space_mb_for_logs" => 2000,
++);
++
++die("Usage: $0 <file name>") unless $#ARGV == 0;
++
++open(F, "+<", $ARGV[0]) || die("Cannot open $ARGV[0]: $!");
++while(my $line = <F>)
++{
++ if ($line =~ /^CONFIG/)
++ {
++ foreach my $pattern (keys %defaults)
++ {
++ $line =~ s/(?<=CONFIG $pattern)(\s+[A-Z]+)\s+.+$/$1 $defaults{$pattern}/;
++ }
++ }
++ push(@config_lines, $line);
++}
++seek(F, 0, 0);
++foreach my $line (@config_lines)
++{
++ print F $line;
++}
++print F "CONFIG proxy.config.admin.user_id STRING trafficserver\n";
++close(F);
--- /dev/null
--- /dev/null
++trafficserver (8.1.7-0+deb10u2) buster-security; urgency=medium
++
++ * Non-maintainer upload by the LTS Security Team.
++ * CVE-2022-47185, CVE-2023-33934: Improper input validation
++
++ -- Adrian Bunk <bunk@debian.org> Sat, 30 Sep 2023 17:35:12 +0300
++
++trafficserver (8.1.7-0+deb10u1) buster-security; urgency=medium
++
++ * Non-maintainer upload by the LTS Security Team.
++ * New upstream release.
++ - CVE-2022-47184: The TRACE method can be used to disclose
++ network information.
++ - CVE-2023-30631: Configuration option to block the PUSH method
++ in ATS didn't work.
++ - CVE-2023-33933: s3_auth plugin problem with hash calculation.
++
++ -- Adrian Bunk <bunk@debian.org> Thu, 29 Jun 2023 18:41:23 +0300
++
++trafficserver (8.1.6+ds-1~deb10u1) buster-security; urgency=high
++
++ * Non-maintainer upload by the LTS team.
++ * Backport upstream version 8.1.6 to Buster.
++ * Fix CVE-2022-31778, CVE-2022-31779, CVE-2022-32749, CVE-2022-37392.
++ Several vulnerabilities were discovered in Apache Traffic Server, a reverse
++ and forward proxy server, which could result in HTTP request smuggling,
++ cache poisoning or information disclosure.
++
++ -- Markus Koschany <apo@debian.org> Wed, 05 Apr 2023 22:24:05 +0200
++
++trafficserver (8.1.6+ds-1~deb11u1) bullseye-security; urgency=high
++
++ * Update d/u/signing-key for 8.1.x serie
++ * New upstream version 8.1.6+ds
++ * Multiple CVE fixes for 8.1.x
++ + CVE-2022-32749: Improper Check for Unusual or Exceptional Conditions vulnerability
++ + CVE-2022-37392: Improper Check for Unusual or Exceptional Conditions vulnerability
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Wed, 04 Jan 2023 09:22:58 +0100
++
++trafficserver (8.1.5+ds-1~deb11u1) bullseye-security; urgency=high
++
++ * Update d/watch to stick to 8.1.X serie
++ * Update upstream gpg keys
++ * UPdate d/salsa-ci.yaml
++ * New upstream version 8.1.5+ds
++ * Patches refresh for 8.1.5
++ * Update experimental plugins list
++ * Multiple CVE fixes for 8.1.x
++ + CVE-2021-37150: Protocol vs scheme mismatch
++ + CVE-2022-25763: Improper input validation on HTTP/2 headers
++ + CVE-2022-28129: Insufficient Validation of HTTP/1.x Headers
++ + CVE-2022-31778: Transfer-Encoding not treated as hop-by-hop
++ + CVE-2022-31779: Improper HTTP/2 scheme and method validation
++ + CVE-2022-31780: HTTP/2 framing vulnerabilities
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Fri, 12 Aug 2022 09:16:08 +0200
++
++trafficserver (8.1.1+ds-1.1+deb11u1) bullseye-security; urgency=high
++
++ * Multiple CVE fixes for 8.1.x
++ + CVE-2021-37147: Improper input validation vulnerability
++ + CVE-2021-37148: Improper input validation vulnerability
++ + CVE-2021-37149: Improper Input Validation vulnerability
++ + CVE-2021-38161: Improper Authentication vulnerability in TLS origin verification
++ + CVE-2021-44040: Improper Input Validation vulnerability in request line parsing
++ + CVE-2021-44759: Improper Authentication vulnerability in TLS origin validation
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Sat, 21 May 2022 19:28:31 +0200
++
++trafficserver (8.1.1+ds-1.1) unstable; urgency=medium
++
++ * Non-maintainer upload.
++ * Address CVE-2021-27577, CVE-2021-32565, CVE-2021-32566, CVE-2021-32567 and
++ CVE-2021-35474.
++ - CVE-2021-27577: Incorrect handling of url fragment leads to cache
++ poisoning
++ - CVE-2021-32565: HTTP Request Smuggling, content length with invalid
++ charters
++ - CVE-2021-32566: Specific sequence of HTTP/2 frames can cause ATS to
++ crash
++ - CVE-2021-32567: Reading HTTP/2 frames too many times
++ - CVE-2021-35474: Dynamic stack buffer overflow in cachekey plugin
++ (Closes: #990303)
++
++ -- Salvatore Bonaccorso <carnil@debian.org> Thu, 15 Jul 2021 21:48:17 +0200
++
++trafficserver (8.1.1+ds-1) unstable; urgency=medium
++
++ * New upstream version 8.1.0+ds
++ * Update d/watch
++ * Update d/upstream/signing-key.asc
++ * New upstream version 8.1.1+ds
++ * Update Debian Standards-Version
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Sun, 06 Dec 2020 16:26:39 +0100
++
++trafficserver (8.1.1+ds-1) unstable; urgency=medium
++
++ * New upstream version 8.1.0+ds
++ * Update d/watch
++ * Update d/upstream/signing-key.asc
++ * New upstream version 8.1.1+ds
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Sun, 06 Dec 2020 15:43:35 +0100
++
++trafficserver (8.1.0+ds-2) unstable; urgency=medium
++
++ * Remove autopkgtest (Closes: #974683)
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Sun, 22 Nov 2020 18:24:18 +0100
++
++trafficserver (8.1.0+ds-1) unstable; urgency=medium
++
++ * Remove lintian-overrides for trafficserver-experimental-plugins
++ * Fix Salsa CI
++ * Update d/upstream/signing-key.asc
++ * New upstream version 8.1.0+ds
++ * d/patches refresh for 8.1.0
++ * Update experimental plugins list
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Tue, 01 Sep 2020 19:55:21 +0200
++
++trafficserver (8.0.8+ds-3) UNRELEASED; urgency=low
++
++ * Fix day-of-week for changelog entry 2.1.5-unstable-1.
++
++ -- Debian Janitor <janitor@jelmer.uk> Sat, 22 Aug 2020 17:48:33 -0000
++
++trafficserver (8.0.8+ds-2) unstable; urgency=medium
++
++ * Backport upstream patch to fix FTBFS with Sphinx >= 3.0 (Closes: #963664)
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Wed, 29 Jul 2020 08:40:43 +0200
++
++trafficserver (8.0.8+ds-1) unstable; urgency=medium
++
++ * New upstream version 8.0.8+ds
++ * Includes fix for CVE-2020-9494 (Closes: #963629)
++ * Update debhelper-compat version in d/control
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Thu, 25 Jun 2020 10:01:51 +0200
++
++trafficserver (8.0.7+ds-1) unstable; urgency=medium
++
++ * New upstream version 8.0.7+ds
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Thu, 16 Apr 2020 18:32:04 +0200
++
++trafficserver (8.0.6+ds-1) unstable; urgency=medium
++
++ * Update d/watch after upstream changes
++ * Update d/gbp.conf
++ * Update d/gbp.conf
++ * New upstream version 8.0.6+ds
++ * Patches refresh for 8.0.6
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Tue, 03 Mar 2020 09:06:18 +0100
++
++trafficserver (8.0.5+ds-3) unstable; urgency=medium
++
++ * Bump Standards-Version
++ * Add patch for Python 3.8 compatibility (Closes: #950245)
++ * Update build & test dependencies for Python 3.8
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Mon, 03 Feb 2020 11:45:17 +0100
++
++trafficserver (8.0.5+ds-2) unstable; urgency=medium
++
++ * Bump Debian Policy version
++ * Remove Build-Depends against python2 modules (Closes: #943248)
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Wed, 23 Oct 2019 10:07:42 +0200
++
++trafficserver (8.0.5+ds-1) unstable; urgency=medium
++
++ * New upstream release
++ - Changes introduced with 8.0.4 include fixes for CVE-2019-9512,
++ CVE-2019-9514, and CVE-2019-9515. (Closes: #934887)
++ - 8.0.5 fixes CVE-2019-9518 (Closes: #935314)
++
++ -- Emanuele Rocca <ema@debian.org> Sat, 24 Aug 2019 09:00:22 +0200
++
++trafficserver (8.0.3+ds-4) unstable; urgency=medium
++
++ * Fix lintian warning 'skip-systemd-native-flag-missing-pre-depends'
++ * Use debhelper-compat instead of debian/compat
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Fri, 02 Aug 2019 09:07:31 +0200
++
++trafficserver (8.0.3+ds-3) unstable; urgency=medium
++
++ * Run upstream testsuite with autopkgtest.
++ * Enable CI tests on salsa (see debian/salsa-ci.yml).
++ * Set debhelper compatibility level to 12.
++ * Add myself to the Uploaders field.
++ * Set Standards-Version to 4.4.0.
++
++ -- Emanuele Rocca <ema@debian.org> Wed, 31 Jul 2019 11:11:59 +0200
++
++trafficserver (8.0.3+ds-2) unstable; urgency=medium
++
++ * Fix hardeing updating 0015-as-needed-fix.patch from Ubuntu
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Tue, 26 Mar 2019 08:44:17 +0100
++
++trafficserver (8.0.3+ds-1) unstable; urgency=medium
++
++ * Use secure URI in Homepage field.
++ * Re-export upstream signing key without extra signatures.
++ * Drop unnecessary dependency on dh-autoconf.
++ * New upstream version 8.0.3+ds
++ * Patches update for 8.0.3
++ * Add as-needed patch from Ubuntu
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Mon, 25 Mar 2019 10:29:35 +0100
++
++trafficserver (8.0.2+ds-1) unstable; urgency=medium
++
++ * Disable testing build in d/gitlab-ci.yml
++ * Update d/copyright to remove unneeded files when importing upstream release
++ * Update upstream GPG keys list
++ * New upstream version 8.0.2+ds
++ * Patches refresh for 8.0.2
++ * Update patch. Add dep3 headers
++ * Update d/control. Mark trafficserver-dev architecture all
++ * Remove signature from upstream keys. Fix lintian info
++ * Move dpkg-maintscript-helper commands to d/trafficserver.maintscript
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Wed, 30 Jan 2019 14:45:09 +0100
++
++trafficserver (8.0.1-4) unstable; urgency=medium
++
++ * Add patch and update d/control, d/rules to use system provided yaml-cpp
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Fri, 11 Jan 2019 19:07:28 +0100
++
++trafficserver (8.0.1-3) unstable; urgency=medium
++
++ * Add missed experimental plugin certifier
++ * Add man pages paths to d/not-installed to avoid too verbose dh_missing list.
++ Manpages are compressed before being install. Non-compressed version is in
++ turn erroneously detected as not installed.
++ * Update patch which has been merged upstream
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Mon, 07 Jan 2019 15:24:38 +0100
++
++trafficserver (8.0.1-2) unstable; urgency=medium
++
++ * Update Standards Version in d/control. No other changes needed
++ * Update trafficserver-experimental-plugins package descriptions
++ in d/control to fix lintian warnings
++ * Add patch 0012-fix-spelling-checks to fix spellings. Forwarded upstream
++ * Update patch 0006-fix-doc-build to include missing manpages
++ * Remove d/trafficserver.lintian-overrides
++ * Add patch 0013-fix-perl-interpreter-path. Fix lintian error which used
++ to be overridden in d/trafficserver.lintian-overrides
++ * Update d/trafficserver-dev.lintian-overrides
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Thu, 03 Jan 2019 10:52:44 +0100
++
++trafficserver (8.0.1-1) unstable; urgency=medium
++
++ * New upstream version 8.0.1
++ * Patches refresh for 8.0.1
++ * Removed patches which have been merged upstream:
++ - 0002-add-mips64-support
++ - 0004-fix_arm_build
++ - 0005-fix_build_kfreebsd
++ - 0007-fix-uri_signing
++ - 0010-fix-32bits-build
++ - 0012-fix-traffic_via
++ * Fix lintian warning public-upstream-key-not-minimal
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Mon, 03 Dec 2018 14:15:07 +0100
++
++trafficserver (8.0.0-4) unstable; urgency=medium
++
++ [ Emanuele Rocca ]
++ * Update descriptions in d/control
++
++ [ Jean Baptiste Favre ]
++ * Update patch to fix kfreebsd FTBFS
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Mon, 05 Nov 2018 10:13:03 +0100
++
++trafficserver (8.0.0-3) unstable; urgency=medium
++
++ * Remove webptransform experimental plugin
++ * Update patch to fix kfreebsd FTBFS
++ * Update d/copyright to fix lintian error
++ * Update d/rules to fix FTBFS for mips & mipsel archs
++ * Update d/rules to spare call to dpkg-parsechangelog
++ * Update d/copyright after 8.0.0 file moves
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Fri, 02 Nov 2018 14:24:38 +0100
++
++trafficserver (8.0.0-2) unstable; urgency=medium
++
++ * Add a patch to fix FTBFS with MySQL 8 (LP: #1795362)
++ * Update 0009-fix-mysql-8-build.patch which has been merged upstream
++ * Bump Standards-Version in d/control
++ * Add patch to fix 32bits arm & mips arch build
++ * Backport upstream patch to fix segmentation fault
++ * Backport upstream patch to fix traffic_via
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Wed, 17 Oct 2018 20:40:51 +0200
++
++trafficserver (8.0.0-1) unstable; urgency=medium
++
++ [ Aron Xu ]
++ * Remove .vscode directory
++ * systemd: After=network-online.target
++
++ [ Jean Baptiste Favre ]
++ * Update d/changelog for 8.0.0
++ * Update init and service file after traffic_cop removal
++ * Update d/README.Debian to reflect configuration changes
++ * Add d/gitlab-ci.yml to use Salsa CI
++ * Update d/control
++ * Add build-deps against graphviz, python3-sphinxcontrib.plantuml
++ and plantuml to build documentation & manpages
++ * Add build-deps against libcrypto++-dev, libjansson-dev, libcjose-dev to
++ build uri_signing plugin
++ * Update Breaks to manage plugins transition from experimental to stable
++ * Update postinst maintainer script, add postrm & preinst scripts to remove
++ obsolete config files
++ - /etc/trafficserver/vaddrs.config,
++ - /etc/trafficserver/metrics.config,
++ - /etc/trafficserver/logging.config,
++ - /etc/trafficserver/log_hosts.config,
++ - /etc/trafficserver/congestion.config,
++ - /etc/trafficserver/cluster.config,
++ - /etc/trafficserver/body_factory/default/congestion#retryAfter
++ * Update d/trafficserver and d/trafficserver-experimental-plugins install
++ files
++ - Stable plugin gzip renamed to compress
++ - Promoted stable plugins:
++ - cachekey,
++ - cache_promote,
++ - escalate,
++ - test_cppapi,
++ - tslua
++ - Added new experimental plugins:
++ - access_control,
++ - fq_pacing,
++ - prefetch,
++ - server_push_preload,
++ - system_stats,
++ - tls_bridge,
++ - traffic_dump,
++ - uri_signing
++ - Remove deprecated plugins collapsed_connection, epic
++ * Remove obsolete config option --enable-system-luajit from d/rules
++ * Add --with-build-version option to d/rule to have a deterministic
++ build-version
++ * Update d/copyright to remove .vscode during import at repack stage
++ * Update patches for 8.0.0
++ - Refresh patches for 8.0.0
++ - Removed patches:
++ - 0004-force-use-luajit-system*, updated upstream
++ - 0005-fix_documentation_build_option, updated upstream
++ - 0008-fix_build_lua, updated upstream
++ - 0009-fix-doc-python3, update upstream
++ - 0010-Remove-custom-memory-barriers-from-header_rewrite-an patches,
++ updated upstream
++ - Renamed remaining patches:
++ - 0006-fix_arm_build -> 0004-fix_arm_build,
++ - 0007-fix_build_kfreebsd -> 0005-fix_build_kfreebsd,
++ - 0009-fix-doc-git -> 0006-fix-doc-build
++ - Add patch to fix uri_signing experimental plugin build
++ - Add patch to fix check-unused-dependencies
++ * New upstream version 8.0.0
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Sat, 06 Oct 2018 12:43:13 +0200
++
++trafficserver (7.1.4+ds-1) unstable; urgency=medium
++
++ [ Aron Xu ]
++ * Use libunwind for mips*
++
++ [ Jean Baptiste Favre ]
++ * Update Debian standards version
++ * New upstream version 7.1.4+ds
++ * Patches refresh for 7.1.4
++ * Add lintian override for trafficserver package
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Mon, 06 Aug 2018 10:56:14 +0200
++
++trafficserver (7.1.3+ds-4) unstable; urgency=medium
++
++ * Fix FTBS on armel (Closes: #902112)
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Fri, 22 Jun 2018 17:13:53 +0200
++
++trafficserver (7.1.3+ds-3) unstable; urgency=medium
++
++ * Add systemd tmpfile support (LP: #1756207)
++ * Update Build-Depends (Closes: #887503)
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Wed, 13 Jun 2018 22:39:58 +0200
++
++trafficserver (7.1.3+ds-2) unstable; urgency=medium
++
++ * Update build-deps to libncurses6
++ * Update patch to fix arm* builds
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Fri, 18 May 2018 17:25:22 +0200
++
++trafficserver (7.1.3+ds-1) unstable; urgency=medium
++
++ * Update Vcs URLs. Replace alioth with salsa
++ * Add patch to make documentation build with python3. Fix lintian warning
++ * New upstream version 7.1.3+ds
++ * Update d/gbp.conf
++ * Patches refresh for 7.1.3
++ * Add a patch to fix doc build outside of git repository
++ * Update standards version
++ * Remove chown command from postinst script. Fix lintian warning
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Tue, 24 Apr 2018 10:17:21 +0200
++
++trafficserver (7.1.2+ds-3) unstable; urgency=medium
++
++ * Add upstream changelog file to trafficserver package
++ * Add systemd units file
++ * Fix documentation. Update links
++ * Update d/rules to remove examples binary files from package
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Fri, 16 Feb 2018 15:05:07 +0100
++
++trafficserver (7.1.2+ds-2) unstable; urgency=medium
++
++ * Drop patch for lua source code removal (Handled with repack)
++ * Drop patch for documentation build (merged upstream)
++ * Add a patch to make man pages being built
++ * Update d/compat
++ * Fix lintian warnings
++ * Update d/rule to fix lintian warning.
++ * Disable auto_test (again)
++ * Install CHANGELOG file in /usr/share/doc
++ * Enable documentation built (if not, man pages aren't either)
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Thu, 25 Jan 2018 23:38:51 +0100
++
++trafficserver (7.1.2+ds-1) unstable; urgency=medium
++
++ * New upstream version 7.1.2+ds
++ * Update d/patches for 7.1.2+ds
++ * Update build dependencies
++ * Update compilation flags
++ * Enable experimental plugin cache_key_genid
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Tue, 16 Jan 2018 18:18:40 +0100
++
++trafficserver (7.1.1-1) unstable; urgency=medium
++
++ * Fix trafficserver-dev dependencies. (Closes: #877457)
++ * Fix d/gbp.conf. Remove duplicate filter option
++ * Update standards version in d/control
++ * Fix debian-rules-sets-dpkg-architecture-variable lintian warning
++ * Fix debian-watch-uses-insecure-uri lintian info
++ * Update d/patches
++ * Update d/rules to reflect healthcheck being managed as a stable plugin
++ * Add a patch to fix kfreebsd build
++ * Add a patch to fix arm build
++ * New upstream version 7.1.0
++ * Remove broken 0008-fix_build_armel patch
++ * Patches refresh for 7.1.0
++ * Add new patch to fix build with luajit 2.1 (Closes: #873328)
++ * Update experimental modules list
++ * Update Debian Standards-Version & d/compat
++ * Update Vcs-* fields to use secure communication
++ * Lintian fix for d/NEWS
++ * Add new build option to use system luajit
++ * Update build dependencies (Closes: #859750)
++ * Fix lintian warning in d/copyright
++ * New upstream version 7.1.1
++ * Patches refresh for 7.1.1
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Tue, 02 Jan 2018 13:30:43 +0100
++
++trafficserver (7.0.0-5) unstable; urgency=medium
++
++ * Add patch to fix arm* build. (Closes: #857389)
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Wed, 22 Mar 2017 09:31:14 +0100
++
++trafficserver (7.0.0-4) unstable; urgency=medium
++
++ * Add Conflicts for file overwrites (Closes: #850775)
++
++ -- Aron Xu <aron@debian.org> Wed, 11 Jan 2017 14:49:15 +0800
++
++trafficserver (7.0.0-3) unstable; urgency=medium
++
++ * Fix documentation build for docutils >= 0.13 (Closes: #848800)
++ * Update LuaJIT patches serie to fallback using Lua if LuaJIT not found
++ * Update luajit patch.
++ - Remove hardcoded value
++ - Add luajit dynamic detection
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Wed, 04 Jan 2017 15:13:43 +0100
++
++trafficserver (7.0.0-2) unstable; urgency=medium
++
++ * Add patches to use system luajit and not the internal one any more
++ * Update d/rules to remove luajit exception.
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Fri, 25 Nov 2016 17:51:25 +0100
++
++trafficserver (7.0.0-1) unstable; urgency=medium
++
++ [ Arno Töll ]
++ * Remove myself as maintainer. Thanks to Aron and Jean Baptiste for stepping
++ in on my place and keeping the package up to date. It makes the confident
++ the package is in good hands now.
++
++ [ Jean Baptiste Favre ]
++ * New upstream release 7.0.0
++ * Patches refresh for 7.0.0
++ * Update plugins list
++ * Update build dependencies
++ * Add pkgconfig .pc file in trafficserver-dev package
++ * Enable experimental plugins webp_transform
++ * Enable traffic_top build (Closes: #836126)
++ * Remove Linux AIO support (Closes: #803661, #836124)
++ * Fix FTBFS for mips64el (Closes: #830856)
++ * Add patch to make the build reproductible (Closes: #833176)
++
++ [ Aron Xu ]
++ * Set myself as Maintainer at the moment
++ * Build-Depends on default-libmysqlclient-dev
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Wed, 16 Nov 2016 09:48:10 +0100
++
++trafficserver (6.2.0-1) unstable; urgency=medium
++
++ * Add upstream gpg keys for uscan pgpsigurlmangle option
++ * Imported Upstream version 6.2.0
++ * Patch refresh for 6.2.0
++ * Update trafficserver manpages list
++ * Update trafficserver install list
++ * Update trafficserver-experimental-plugins install list
++ * Update build dependencies (Add libmariadbclient-dev in experimental)
++ * Bump standards version
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Sat, 23 Jul 2016 19:15:58 +0200
++
++trafficserver (6.1.1-1) unstable; urgency=medium
++
++ * Imported Upstream version 6.1.1
++ * Update d/watch for gpg signature check
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Sat, 06 Feb 2016 10:37:41 +0100
++
++trafficserver (6.1.0-1) unstable; urgency=medium
++
++ * New upstream release
++ * Use -mcx16 on x86 platforms only (Closes: #805124)
++
++ -- Aron Xu <aron@debian.org> Tue, 02 Feb 2016 12:18:10 +0800
++
++trafficserver (6.0.0-3) unstable; urgency=medium
++
++ * Update d/NEWS & d/README.Debian with 32-bit upstream support drop
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Mon, 14 Dec 2015 10:48:20 +0100
++
++trafficserver (6.0.0-2) unstable; urgency=medium
++
++ * Re-enable 32-bit builds
++ * Add some optional build dependencies
++ * Use -O3 by default
++
++ -- Aron Xu <aron@debian.org> Sat, 31 Oct 2015 03:05:20 +0800
++
++trafficserver (6.0.0-1) unstable; urgency=medium
++
++ [ Aron Xu ]
++ * Avoid possible-missing-colon-in-closes
++
++ [ Jean Baptiste Favre ]
++ * Imported Upstream version 6.0.0
++ * Update experimental plugins list
++ - Remove channel_stats
++ - Add cache promote cache_promote.so
++ - Add cache ranage request cache_range_requests.so
++ - Add mp4 streaming media mp4.so
++ - Add Stream editor stream_editor.so
++
++ -- Aron Xu <aron@debian.org> Sat, 10 Oct 2015 11:19:19 +0200
++
++trafficserver (5.3.1-1) unstable; urgency=medium
++
++ [ Arno Töll ]
++ * Add proxy.config.admin.user_id setting
++
++ [ Aron Xu ]
++ * Add myself back to Uploaders
++ * Use dh compat 9
++
++ [ Jean Baptiste Favre ]
++ * Imported Upstream version 5.3.1
++ * Removed patch for TS-3632 (merged upstream)
++ * Upstream changes allow ftbfs with GCC-5 (Closes: #778148)
++
++ -- Jean Baptiste Favre <debian@jbfavre.org> Sat, 04 Jul 2015 23:20:49 +0200
++
++trafficserver (5.3.0-2) unstable; urgency=medium
++
++ * Avoid installing tslua.so on archs built without LuaJIT
++ (Closes: #770353)
++
++ -- Aron Xu <aron@debian.org> Thu, 11 Jun 2015 15:28:39 +0800
++
++trafficserver (5.3.0-1) unstable; urgency=medium
++
++ * Imported Upstream version 5.3.0
++ - CVE-2014-10022: remote DoS
++ * Remove fix_TS3316_i386_build patch
++ * Fix traffic_wccp build, missing OpenSSL symbol
++ * Add experimental plugin generator
++ * Format patch for TS-3632
++ * Update Uploader field in d/control
++
++ -- Jean Baptiste Favre <jbfavre@debian.org> Wed, 03 Jun 2015 20:06:13 +0200
++
++trafficserver (5.2.0-2) unstable; urgency=medium
++
++ * Disable LuaJIT for arm64
++
++ -- Aron Xu <aron@debian.org> Sat, 28 Feb 2015 23:51:00 +0800
++
++trafficserver (5.2.0-1) unstable; urgency=medium
++
++ [ Jean Baptiste Favre ]
++ * New upstream release.
++ * Add support for following experimental modules:
++ - epic
++ - header_normalize
++ - mysql_remap
++ - ssl_cert_loader
++ - sslheaders
++ * Remove missing file related to removed traffic_shell
++ * Backport patch for TS-3316 to solve i386 build issue
++ * Fix misconfigured call to dh_makeshlibs (used system dir instead
++ of temporary build one)
++
++ [ Aron Xu ]
++ * Enable all hardening features.
++ * Update copyright file.
++
++ -- Aron Xu <aron@debian.org> Thu, 12 Feb 2015 22:22:44 +0100
++
++trafficserver (5.1.1-1) unstable; urgency=medium
++
++ * New upstream release. This release includes fixes for these security
++ related vulnerabilities:
++ - CVE-2014-3566: Do not enable SSL3 by default
++ - CVE-2014-3624: Ensure remap requests are properly tunneled using CONNECT
++ requests to avoid an open relay
++ * Add support for ppc64el, patch merged upstream (Closes: #754134, #754808)
++ * Fix "ftbfs on kfreebsd" by conditionally building healthchecks.so on Linux
++ only. Patch supplied by Steven Chamberlain, thanks (Closes: #767287)
++
++ -- Arno Töll <arno@debian.org> Sun, 02 Nov 2014 12:40:44 -1100
++
++trafficserver (5.1.0-1) unstable; urgency=medium
++
++ * New upstream release
++ * Bump standards version to 3.9.6 (no changes needed)
++
++ [Jean Baptiste Favre]
++ * Add a debug package with debug symbols for those who need it.
++ * Split out experimental trafficserver plugins into a separate package so
++ that users are aware of their experimental character before using them.
++ * Add a libhwloc b-d so that ATS has a better idea about the underlying
++ hardware it runs at to improve the runtime performance
++
++ -- Arno Töll <arno@debian.org> Wed, 08 Oct 2014 23:50:49 -1100
++
++trafficserver (5.0.1-1) unstable; urgency=medium
++
++ * New upstream release including a fix for CVE-2014-3525 that allowed
++ attackers by special crafted packets to obtain privileges for services bound
++ to localhost
++
++ -- Arno Töll <arno@debian.org> Wed, 23 Jul 2014 04:43:00 -1100
++
++trafficserver (5.0.0-1) unstable; urgency=medium
++
++ * Acknowledge previous NMUs, thanks to Anibal Monsalve Salazar for
++ coordination.
++ * New upstream version. Patch changes:
++ + drop 0001-TS-1821.patch: released upstream in 5.0.0
++ + drop 0001-TS-2454-Fix-undefined-reference-to-__sync_fetch_and_.patch:
++ released upstream in 4.2
++ + drop add-mips-support.patch: released upstream in 5.0.0
++ + drop pthread_setname_np.patch: This was a Debian specific issue which is
++ being worked around in eglibc's commit r5460.
++ * Add "support for mips64": merged upstream (Closes: #750807)
++ * Build with dh-autoreconf to avoid build time issues with Automake 1.13
++ which is not in Debian yet.
++
++ -- Arno Töll <arno@debian.org> Sun, 06 Jul 2014 00:20:59 -1100
++
++trafficserver (4.1.2-1.2) unstable; urgency=medium
++
++ * Non-maintainer upload.
++ * Add missing prototype for pthread_setname_np()
++ Add pthread_setname_np.patch
++ Patch by Petr Salinger
++ Closes: #743584
++
++ -- Anibal Monsalve Salazar <anibal@debian.org> Fri, 04 Apr 2014 08:59:48 +0100
++
++trafficserver (4.1.2-1.1) unstable; urgency=medium
++
++ * Non-maintainer upload.
++ * Fix undefined reference to `__sync_fetch_and_sub_8' on ARM 32bit
++ Add 0001-TS-2454-Fix-undefined-reference-to-__sync_fetch_and_.patch
++ from https://issues.apache.org/jira/browse/TS-2454
++ Patch by Yunkai Zhang
++ * Add support for MIPS
++ Add add-mips-support.patch
++ Submitted: https://issues.apache.org/jira/browse/TS-2687
++ Merged: https://git-wip-us.apache.org/repos/asf?p=trafficserver.git;h=2f81790
++ Patch by Dejan Latinovic
++ Closes: 743395
++ * Build-depend on libboost-dev
++ Patch by Dejan Latinovic
++ Closes: #737510
++
++ -- Anibal Monsalve Salazar <anibal@debian.org> Thu, 03 Apr 2014 04:18:23 +0100
++
++trafficserver (4.1.2-1) unstable; urgency=medium
++
++ * Merge the experimental branch of trafficserver to unstable
++ * New upstram release (Closes: #711530, #733377)
++ + Refresh 0001-TS-1821.patch until it is fixed upstream
++ + Don't run autoreconf anymore, we do not need it anymore
++ + build depend on libaio-dev to support AIO on Linux systems
++ * Push standards version
++
++ -- Arno Töll <arno@debian.org> Wed, 29 Jan 2014 03:01:12 -1100
++
++trafficserver (3.3.2-1) experimental; urgency=low
++
++ [ Arno Töll ]
++ * Drop --with-arg-max from configure
++ * Update changelog in view of the new upstream version
++
++ [ Aron Xu ]
++ * Imported Upstream version 3.3.2
++ * Drop patch for enabling experimental plugins
++ * Add liblua5.1-dev and liboost1.53-dev to B-D
++ * Try on all archs for experimental builds
++ * Permit parallel building
++ * Fix typo in dep5 copyright file
++ * Do not install staticly linked library
++ * Enable Linux native AIO support for linux-any
++ * Enable reclaimable freelist
++
++ -- Aron Xu <aron@debian.org> Thu, 09 May 2013 01:00:04 +0800
++
++trafficserver (3.3.0+git20121208-0exp1) experimental; urgency=low
++
++ * Upstream git snapshot.
++ * Enable most of experimental plugins, install related libraries.
++ * Run dh_autoreconf.
++ * Make dh_auto_test errors non-fatal.
++
++ -- Aron Xu <aron@debian.org> Thu, 06 Dec 2012 23:32:25 +0800
++
++trafficserver (3.3.0-1) experimental; urgency=low
++
++ * Upload upstream development release to experimental.
++
++ -- Aron Xu <aron@debian.org> Thu, 29 Nov 2012 22:13:55 +0800
++
++trafficserver (3.2.5-1) unstable; urgency=low
++
++ * New upstream release
++ + Fix FTBFS on ARM (Closes: #691179)
++ + Fix FTBS with gcc 4.8 (Closes: #701427)
++ * Promote trafficserver to depend for trafficserver-dev to fix a broken
++ library symlink. The library is not required for all users, but those who
++ need it don't need to install it manually anymore (Closes: #715134)
++
++ -- Arno Töll <arno@debian.org> Sun, 21 Jul 2013 11:55:38 +0200
++
++trafficserver (3.2.4-1) unstable; urgency=low
++
++ * New upstream release
++ + Delete upstream's .gitignore file in our source tree
++ * Switch packaging repository to Git.
++ + Add gbp.conf file for those using git-buildpackage
++ * Fix "Upgrade fails if purging of cache fails" by not dying in a fire when
++ the postinst fails to purge the cache (Closes: #687698)
++ * Drop --with-arg-max from ./configure, it's not needed anymore.
++
++ -- Arno Töll <arno@debian.org> Tue, 29 Jan 2013 23:54:44 +0100
++
++trafficserver (3.2.0-1) unstable; urgency=low
++
++ * New upstream release
++ + If you are using SSL or HTTP filtering, please update your configuration.
++ proxy.config.http.quick_filter.mask and
++ proxy.config.ssl.server.cert.filename is not recognized anymore. Please
++ use ip_allow.config and ssl_multicert.config respectively instead.
++ There is no automated migration for this in Debian, as this affects your
++ site-specific configuration files.
++ + See https://cwiki.apache.org/confluence/display/TS/Upgrading+to+3.2 for
++ full upgrade instructions.
++ * Upstream decided to ship more plug-ins with the trafficserver core
++ distribution. These are all bundled into the main package now. Therefore,
++ the trafficserver-plugin-conf-remap package is not provided anymore.
++ * Update the default configuration file to ship with more moderate values
++ for the log configuration.
++ * Now do start ATS by default for fresh installations. The default
++ out-of-the box configuration is much more secure than past defaults.
++ * Purge the host and data cache on upgrades
++ * Let's welcome Aron Xu to the Uploaders of Trafficserver. Hi Aron! :)
++
++ -- Arno Töll <arno@debian.org> Fri, 14 Sep 2012 22:56:29 +0200
++
++trafficserver (3.0.5-1) unstable; urgency=low
++
++ * New upstream release.
++ * No kudos for the previous hostile NMU, but include the changelog to denote
++ this upload does not introduce a regression.
++ * Update my maintainer address
++ * Make the init script look much better when using fancy outputs.
++ * Fix "status" output of the init script
++ * Remove "DM-Upload-Allowed". I don't need that flag anymore.
++
++
++ -- Arno Töll <arno@debian.org> Sat, 09 Jun 2012 18:48:23 +0200
++
++trafficserver (3.0.4-1.1) unstable; urgency=low
++
++ * Non maintainer upload
++ * Fix build failure with GCC 4.7. Closes: #667396.
++
++ -- Matthias Klose <doko@debian.org> Wed, 30 May 2012 04:40:28 +0000
++
++trafficserver (3.0.4-1) unstable; urgency=high
++
++ * New upstream release
++ + Fix CVE-2012-0256: A request with a very large Host header caused ATS to
++ crash.
++ * Setting urgency to high because of security updates
++ * Push standards to 3.9.3 - no further changes
++ * Stilistic adaptions in debian/copyright, but not content changes
++ * Remove cluster interface warning from README.Configuration. ATS now binds on
++ lo by default
++
++ -- Arno Töll <debian@toell.net> Wed, 21 Mar 2012 12:34:35 +0100
++
++trafficserver (3.0.2-1) unstable; urgency=low
++
++ * New upstream release
++ + Includes former Debian specific patch which makes sure the upstream
++ configure script does not override any -O flags passed by the user
++ anymore.
++ * Adapt to dpkg 1.16.1 API changes regarding build flags. This enables
++ hardening build flags. This means, trafficserver is now being built with
++ -fstack-protector and other security related build flags.
++ * Add dpkg-dev (>= 1.16.1~) to build-depends to make sure our buildflags are
++ properly supported. That's guaranteed for Testing, but might be helpful to
++ know for backporters.
++ * Fix several issues in the DEP-5 syntax. Unfortunately there is no way to
++ express that a file is subject to different license agreements so far.
++ * Do not install the upstream changelog twice anymore
++ * Finally run regression checks again, now as build failures are sorted out.
++
++ -- Arno Töll <debian@toell.net> Sun, 11 Dec 2011 00:45:45 +0100
++
++trafficserver (3.0.1-2) unstable; urgency=low
++
++ * Fix "please add armhf to the arch list" - add armhf to the list of supported
++ architectures. Thanks Konstantinos Margaritis for the hint (Closes: #636338)
++ * Remove IA64 from the list of supported architectures. The upgrade to the gcc
++ 4.6 toolchain disclosed portability issues with it, which caused the resul-
++ ting binary package to produce no-op code in some functions.
++
++ -- Arno Töll <debian@toell.net> Tue, 02 Aug 2011 22:58:37 +0200
++
++trafficserver (3.0.1-1) unstable; urgency=low
++
++ * New upstream release. Fixes several important issues which caused
++ `traffic_cop' and `traffic_server' to crash.
++ * Fix "FTBFS with ld --as-needed" re-order libraries upon linkage, patch
++ committed upstream. Thanks Ilya Barygin (Closes: #632546)
++ * Fix "trafficserver: Getting rid of unneeded *.la / emptying
++ dependency_libs", remove *.la files from the installation target completely
++ (Closes: #633192)
++ * Set "DM-Upload-Allowed: yes" in agreement with Asheesh Laroia
++ <paulproteus{at}debian.org>
++
++ -- Arno Töll <debian@toell.net> Mon, 01 Aug 2011 19:29:58 +0200
++
++trafficserver (3.0.0-1) unstable; urgency=low
++
++ * New upstream release. Major changes (since 2.1.9):
++ + `traffic_server' won't crash anymore when using non-existent plugin in
++ remap rule
++ + Don't cache HTTP 401, 303 and 407 error responses anymore, when negative
++ caching is enabled.
++ * Re-enable kfreebsd support, it was accidentally not available in
++ 2.1.9-unstable-1 because of non installable dependencies, as libcap-dev is
++ installable (and required) on Linux only
++ * debian/rules:
++ + Simplify dh_auto_configure flags (upstream incorporated our build layout)
++ + Enable WCCP (Web Cache Communication Protocol; Linux only)
++ * debian/control:
++ + Add flex and bison to build dependencies, both are required for WCCP
++ (Linux only)
++
++ -- Arno Töll <debian@toell.net> Wed, 15 Jun 2011 15:56:29 +0200
++
++trafficserver (2.1.9-unstable-1) unstable; urgency=low
++
++ * New upstream release. Major features (since 2.1.8):
++ + Bring back support for $DESTDIR and "make check" which makes Debian
++ patches obsolete
++ + Allow larger working sets than 512G
++ + Disable cluster autodiscovery when cluster mode is disabled
++ + Cleanup `records.config'
++ + Disable SSLv2 by default
++ * debian/control: Add build dependency to libcap-dev, because when running
++ traffic_server standalone, it is unable to bind restricted ports otherwise
++ (Upstream: TS-804)
++ * debian/rules:
++ + Remove override for dh_clean, but put options to debian/source/options
++ instead
++ + Remove DH_OPTIONS (unused anyway)
++ * Source package: Minor change to improving package quality and usability
++ (i.e. grammar, verbosity of comments)
++ * Make the init script more robust
++ * Base the origin of the package source on the untouched upstream tarball,
++ instead of the versioned SVN branch.
++ * Bring back IA64 support, this time actually working (upstream merged my
++ patch TS-783)
++ * Remove patch `build-quirks.patch'. Changes have been committed upstream
++ by now.
++
++ -- Arno Töll <debian@toell.net> Tue, 31 May 2011 21:56:12 +0200
++
++trafficserver (2.1.8-unstable-1) unstable; urgency=low
++
++ * New upstream release. Major features (since 2.1.5):
++ + Many bug fixes (none reported in Debian's BTS)
++ + Set source address for origin Servers
++ + Major API changes for the SDK
++ + Provide traffic_logstats
++ + traffic_shell does not hang anymore on any command
++ * Fix "FTBFS on architectures not supported upstream": (Closes: #622800)
++ + Don't execute regression checks for now (fixes x86)
++ + Upstream merges a Debian patch originally for 2.1.7 which enables
++ kFreeBSD support (originally provided by myself)
++ + Restrict Architectures (drop S390, IA64, MIPS[EL], PPC, SPARC)
++ * Remove ts-ui-disable-conf.patch (applied upstream)
++ * Update `build-quirks.patch' to make TS handle $DESTDIR correctly
++ (upstream: TS-759)
++ * Remove .deps from SDK binary package examples (they were incidentally
++ included before).
++ * Fix permissions for /var/cache/trafficserver in postinst
++ * Bump standards to 3.9.2, depend on debhelper 8.0, adapt VCS links
++ * Simplify debian/rules
++
++ -- Arno Töll <debian@toell.net> Thu, 05 May 2011 21:49:52 +0200
++
++trafficserver (2.1.5-unstable-1) unstable; urgency=low
++
++ * Initial release (Closes: #609285)
++ * Added some configuration and informational hints
++ * New upstream release. Major features:
++ + Better AMD64 support
++ + Override configuration per transaction
++ + IPv6
++ + Support ARM architectures
++ + SDK-API changes
++ * Differences to upstream version:
++ + Ship some documentation. Well, really a few hints
++ + Split source into three packages (core, plug-in, SDK)
++ + Ship our own init script
++
++ -- Arno Toell <debian@toell.net> Thu, 13 Jan 2011 11:49:18 +0100
--- /dev/null
--- /dev/null
++Source: trafficserver
++Section: web
++Priority: optional
++Maintainer: Jean Baptiste Favre <debian@jbfavre.org>
++Uploaders: Aron Xu <aron@debian.org>, Emanuele Rocca <ema@debian.org>
++Build-Depends: debhelper-compat (= 12), libssl-dev, tcl-dev, libexpat1-dev,
++ libpcre3-dev, libtool, libcap-dev [linux-any], graphviz,
++ bison [linux-any], flex [linux-any], dpkg-dev (>= 1.16.1~), pkg-config, libgeoip-dev,
++ libluajit-5.1-dev, libboost-dev, libhwloc-dev, default-libmysqlclient-dev,
++ python3-distro, python3-sphinx, plantuml, python3-sphinxcontrib.plantuml,
++ libxml2-dev, libncurses-dev, libcurl4-openssl-dev,
++ libkyotocabinet-dev, libmemcached-dev, libbrotli-dev,
++ libcrypto++-dev, libjansson-dev, libcjose-dev, libyaml-cpp-dev (>= 0.6.2~),
++ libunwind-dev [i386 amd64 ppc64el armhf arm64 mipsel mips64el mips]
++Standards-Version: 4.5.1
++Homepage: https://trafficserver.apache.org/
++Vcs-Git: https://salsa.debian.org/debian/trafficserver.git
++Vcs-Browser: https://salsa.debian.org/debian/trafficserver
++
++Package: trafficserver
++Architecture: any
++Depends: ${shlibs:Depends}, ${misc:Depends}, lsb-base (>= 3.2-14), adduser,
++ ${perl:Depends}
++Pre-Depends: ${misc:Pre-Depends}
++Provides: trafficserver-plugin-conf-remap
++Replaces: trafficserver-plugin-conf-remap (<< 3.2~),
++ trafficserver-experimental-plugins (<< 8.0.0~)
++Suggests: trafficserver-experimental-plugins (= ${binary:Version})
++Breaks: trafficserver-plugin-conf-remap (<< 3.2~),
++ trafficserver-experimental-plugins (<< 8.0.0~)
++Description: fast, scalable and extensible HTTP/1.1 and HTTP/2.0 caching proxy server
++ This package provides the Apache Traffic Server, a fast, scalable reverse
++ proxy server which may operate as forward proxy as well. Apache Traffic Server
++ supports:
++ .
++ * Caching: improve response time while reducing server load and bandwidth
++ needs by caching and reusing frequently-requested web pages, images, and
++ web service calls.
++ * Proxying: add keep-alive, filter or anonymize content requests, or add
++ load balancing by adding a proxy layer.
++ * Scaling: handle 10s of thousands of requests per second on modern SMP
++ hardware.
++ * Extensions: use the API to do anything from modifying HTTP headers to
++ handling ESI requests to writing your own cache algorithm.
++
++Package: trafficserver-experimental-plugins
++Architecture: any
++Depends: ${shlibs:Depends}, ${misc:Depends}
++Pre-Depends: trafficserver (= ${binary:Version})
++Breaks: trafficserver (<< 8.0.0~)
++Description: experimental plugins for Apache Traffic Server
++ This package provides the Apache Traffic Server plugins marked as
++ experimental.
++ .
++ Please note that these plugins can be removed without priori notice, or
++ promoted as stable plugin. In the last case, they'll be moved from
++ trafficserver-experimental-plugins to trafficserver package.
++
++Package: trafficserver-dev
++Architecture: any
++Depends: ${misc:Depends}, trafficserver (= ${binary:Version})
++Description: Apache Traffic Server Software Developers Kit (SDK)
++ This package provides the Apache Traffic Server Software Developers Kit, which
++ consists of: a collection of development header and bindings for the C
++ programming language, the tsxs linking helper and examples to write your own
++ plug-ins for the Apache Traffic Server.
--- /dev/null
--- /dev/null
++Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
++Upstream-Name: Traffic Server
++Upstream-Contact: dev@trafficserver.apache.org
++Source: http://trafficserver.apache.org/
++Files-Excluded:
++ .vscode
++ lib/yamlcpp
++Comment:
++ The upstream repository provides libraries which are also available
++ in Debian. Because we'll use libraries packaged in Debian, we don't
++ need embedded ones.
++
++Files: *
++Copyright: 2010 - 2011 The Apache Software Foundation
++ 2009 Yahoo! Inc.
++License: Apache-2.0
++
++Files: debian/*
++Copyright: 2011 Arno Töll
++License: Apache-2.0
++Comment: Packaging for Debian was done by Arno Toell, and I hereby grant
++ distribution of it under the same terms as Apache Traffic Server itself.
++
++License: Apache-2.0
++ Licensed under the Apache License, Version 2.0 (the "License");
++ you may not use this file except in compliance with the License.
++ You may obtain a copy of the License at
++ .
++ http://www.apache.org/licenses/LICENSE-2.0
++ .
++ Unless required by applicable law or agreed to in writing, software
++ distributed under the License is distributed on an "AS IS" BASIS,
++ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++ See the License for the specific language governing permissions and
++ limitations under the License.
++ .
++ On Debian systems, the full text of the e Apache License, Version 2.0
++ can be found in the file `/usr/share/common-licenses/Apache-2.0'.
++
++Files: include/tscore/ink_rand.*
++Copyright: 1997 - 2002, Makoto Matsumoto and Takuji Nishimura
++License: BSD-3-clause
++
++Files: include/tscore/ink_resolver.h src/tscore/ink_res_init.cc src/tscore/ink_res_mkquery.cc
++Copyright: 1983, 1987, 1989 The Regents of the University of California
++License: BSD-3-clause
++
++License: BSD-3-clause
++ For the University of California part:
++ .
++ Redistribution and use in source and binary forms, with or without
++ modification, are permitted provided that the following conditions
++ are met:
++ 1. Redistributions of source code must retain the above copyright
++ notice, this list of conditions and the following disclaimer.
++ 2. Redistributions in binary form must reproduce the above copyright
++ notice, this list of conditions and the following disclaimer in the
++ documentation and/or other materials provided with the distribution.
++ 3. Neither the name of the University nor the names of its contributors
++ may be used to endorse or promote products derived from this software
++ without specific prior written permission.
++ .
++ THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
++ ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
++ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
++ ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
++ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
++ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
++ OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
++ LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
++ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
++ SUCH DAMAGE.
++ .
++ For the Internet Systems Consortium, Inc. part:
++ See Apache-2.0
++ .
++ For the Digital Equipment Corporation part:
++ Permission to use, copy, modify, and distribute this software for any
++ purpose with or without fee is hereby granted, provided that the above
++ copyright notice and this permission notice appear in all copies, and that
++ the name of Digital Equipment Corporation not be used in advertising or
++ publicity pertaining to distribution of the document or software without
++ specific, written prior permission.
++ .
++ THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL
++ WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES
++ OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT
++ CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
++ DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
++ PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
++ ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
++ SOFTWARE.
++
++Files: src/tscore/ink_string.cc
++Comment: For the strlcat, strlcpy in inktomi++/ink_string.cc
++Copyright: 1998 Todd C. Miller <Todd.Miller@courtesan.com>
++License: ISC
++ Permission to use, copy, modify, and distribute this software for any
++ purpose with or without fee is hereby granted, provided that the above
++ copyright notice and this permission notice appear in all copies.
++ .
++ THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
++ WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
++ MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
++ ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
++ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
++ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
++ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
++
++Files: include/tscore/fastlz.h src/tscore/fastlz.c
++Copyright: 2005-2007 Ariya Hidayat (ariya@kde.org)
++License: Expat
++ Permission is hereby granted, free of charge, to any person obtaining a copy
++ of this software and associated documentation files (the "Software"), to deal
++ in the Software without restriction, including without limitation the rights
++ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
++ copies of the Software, and to permit persons to whom the Software is
++ furnished to do so, subject to the following conditions:
++ .
++ The above copyright notice and this permission notice shall be included in
++ all copies or substantial portions of the Software.
++ .
++ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
++ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
++ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
++ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
++ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
++ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
++ THE SOFTWARE.
--- /dev/null
--- /dev/null
++LAYOUT
++NOTICE
++STATUS
++REVIEWERS
++README
++README-EC2
++debian/README.Debian
++debian/CONFIGURATION.Debian
++debian/README.conf-remap.Debian
--- /dev/null
--- /dev/null
++[DEFAULT]
++pristine-tar = True
++builder=dpkg-buildpackage -i\.git -I.git
++#cleaner=true
++
++[import-orig]
++filter = [
++ '.gitignore',
++ '.git',
++ '.vscode',
++ '.clang-analyzer',
++ '.clang-format',
++ '.clang-tidy',
++ '.editorconfig',
++ 'emacs-style',
++ '.vimrc',
++ 'Vagrantfile' ]
++merge = True
--- /dev/null
--- /dev/null
++usr/man/man3
++usr/share/man
--- /dev/null
--- /dev/null
++From a776ab7f0ac3ff8aa9f1e3316fea8cb155c6013a Mon Sep 17 00:00:00 2001
++From: Brian Neradt <brian.neradt@gmail.com>
++Date: Tue, 1 Aug 2023 13:51:44 -0500
++Subject: Correctly handle encoding for cache hash generation (#10128)
++
++Since origins may treat URL encoded or unencoded paths, query
++parameters, or fragments differently, we should cache them separately.
++This updates our URL cache hashing logic to not unencode these
++components of a URI.
++---
++ proxy/hdrs/URL.cc | 10 +++
++ proxy/hdrs/unit_tests/test_URL.cc | 101 ++++++++++++++++++++++++++++++
++ 2 files changed, 111 insertions(+)
++
++diff --git a/proxy/hdrs/URL.cc b/proxy/hdrs/URL.cc
++index 9edf1a43c..e38df3379 100644
++--- a/proxy/hdrs/URL.cc
+++++ b/proxy/hdrs/URL.cc
++@@ -1776,6 +1776,16 @@ url_CryptoHash_get_general(const URLImpl *url, CryptoContext &ctx, CryptoHash &h
++ while (t < ends[i]) {
++ if ((i == 0) || (i == 6)) { // scheme and host
++ unescape_str_tolower(p, e, t, ends[i], s);
+++ } else if (i == 8 || i == 10 || i == 12) { // path, params, query
+++ // Don't unescape the parts of the URI that are processed by the
+++ // origin since it may behave differently based upon whether these are
+++ // escaped or not. Therefore differently encoded strings should be
+++ // cached separately via differentiated hashes.
+++ int path_len = ends[i] - t;
+++ int min_len = std::min(path_len, static_cast<int>(e - p));
+++ memcpy(p, t, min_len);
+++ p += min_len;
+++ t += min_len;
++ } else {
++ unescape_str(p, e, t, ends[i], s);
++ }
++diff --git a/proxy/hdrs/unit_tests/test_URL.cc b/proxy/hdrs/unit_tests/test_URL.cc
++index b022d068e..44f621c76 100644
++--- a/proxy/hdrs/unit_tests/test_URL.cc
+++++ b/proxy/hdrs/unit_tests/test_URL.cc
++@@ -44,3 +44,104 @@ TEST_CASE("Validate Scheme", "[proxy][validscheme]")
++ }
++ }
++ }
+++
+++struct get_hash_test_case {
+++ const std::string description;
+++ const std::string uri_1;
+++ const std::string uri_2;
+++ const bool has_equal_hash;
+++};
+++
+++constexpr bool HAS_EQUAL_HASH = true;
+++
+++// clang-format off
+++std::vector<get_hash_test_case> get_hash_test_cases = {
+++ {
+++ "No encoding: equal hashes",
+++ "http://one.example.com/a/path?name=value#some=value?with_question#fragment",
+++ "http://one.example.com/a/path?name=value#some=value?with_question#fragment",
+++ HAS_EQUAL_HASH,
+++ },
+++ {
+++ "Scheme encoded: equal hashes",
+++ "http%3C://one.example.com/a/path?name=value#some=value?with_question#fragment",
+++ "http<://one.example.com/a/path?name=value#some=value?with_question#fragment",
+++ HAS_EQUAL_HASH,
+++ },
+++ {
+++ "Host encoded: equal hashes",
+++ "http://one%2Eexample.com/a/path?name=value#some=value?with_question#fragment",
+++ "http://one.example.com/a/path?name=value#some=value?with_question#fragment",
+++ HAS_EQUAL_HASH,
+++ },
+++ {
+++ "Path encoded: differing hashes",
+++ "http://one.example.com/a%2Fpath?name=value#some=value?with_question#fragment",
+++ "http://one.example.com/a/path?name=value#some=value?with_question#fragment",
+++ !HAS_EQUAL_HASH,
+++ },
+++ {
+++ "Query = encoded: differing hashes",
+++ "http://one.example.com/a/path?name%3Dvalue#some=value?with_question#fragment",
+++ "http://one.example.com/a/path?name=value#some=value?with_question#fragment",
+++ !HAS_EQUAL_HASH,
+++ },
+++ {
+++ "Query internal encoded: differing hashes",
+++ "http://one.example.com/a/path?name=valu%5D#some=value?with_question#fragment",
+++ "http://one.example.com/a/path?name=valu]#some=value?with_question#fragment",
+++ !HAS_EQUAL_HASH,
+++ },
+++ {
+++ "Fragment encoded: fragment is not part of the hash",
+++ "http://one.example.com/a/path?name=value#some=value?with_question#frag%7Dent",
+++ "http://one.example.com/a/path?name=value#some=value?with_question/frag}ent",
+++ HAS_EQUAL_HASH,
+++ },
+++ {
+++ "Username encoded: equal hashes",
+++ "mysql://my%7Eser:mypassword@localhost/mydatabase",
+++ "mysql://my~ser:mypassword@localhost/mydatabase",
+++ HAS_EQUAL_HASH,
+++ },
+++ {
+++ "Password encoded: equal hashes",
+++ "mysql://myuser:mypa%24sword@localhost/mydatabase",
+++ "mysql://myuser:mypa$sword@localhost/mydatabase",
+++ HAS_EQUAL_HASH,
+++ },
+++};
+++
+++/** Return the hash related to a URI.
+++ *
+++ * @param[in] uri The URI to hash.
+++ * @return The hash of the URI.
+++ */
+++CryptoHash
+++get_hash(const std::string &uri)
+++{
+++ URL url;
+++ HdrHeap *heap = new_HdrHeap();
+++ url.create(heap);
+++ url.parse(uri.c_str(), uri.length());
+++ CryptoHash hash;
+++ url.hash_get(&hash);
+++ heap->destroy();
+++ return hash;
+++}
+++
+++TEST_CASE("UrlHashGet", "[url][hash_get]")
+++{
+++ for (auto const &test_case : get_hash_test_cases) {
+++ std::string description = test_case.description + ": " + test_case.uri_1 + " vs " + test_case.uri_2;
+++ SECTION(description) {
+++ CryptoHash hash1 = get_hash(test_case.uri_1);
+++ CryptoHash hash2 = get_hash(test_case.uri_2);
+++ if (test_case.has_equal_hash) {
+++ CHECK(hash1 == hash2);
+++ } else {
+++ CHECK(hash1 != hash2);
+++ }
+++ }
+++ }
+++}
++--
++2.30.2
++
--- /dev/null
--- /dev/null
++From: Aron Xu <aron@debian.org>
++Date: Tue, 2 Feb 2016 12:17:24 +0800
++Subject: Use -mcx16 on x86 platforms only
++
++---
++ configure.ac | 3 +++
++ 1 file changed, 3 insertions(+)
++
++--- a/configure.ac
+++++ b/configure.ac
++@@ -1490,12 +1490,15 @@ CFLAGS="${__saved_CFLAGS}"
++ AC_LANG_POP
++ AC_SUBST(has_128bit_cas)
++
+++case "$host_cpu" in
+++ amd64|x86_64|i*86)
++ AS_IF([test "x$has_128bit_cas" = "x1"], [
++ AS_IF([test "x$ax_cv_c_compiler_vendor" != "xintel"], [
++ TS_ADDTO(AM_CFLAGS, [-mcx16])
++ TS_ADDTO(AM_CXXFLAGS, [-mcx16])
++ ])
++ ])
+++esac
++
++ # Check for POSIX capabilities library.
++ # If we don't find it, disable checking for header.
--- /dev/null
--- /dev/null
++From 1e99c5fc368fb42ee36da8a4c222664a29880d57 Mon Sep 17 00:00:00 2001
++From: Zhengxi Li <lzx404243@hotmail.com>
++Date: Tue, 1 Aug 2023 17:25:42 -0400
++Subject: 8.1.x: Fix a crash triggered by invalid range header (#10134)
++
++Co-authored-by: Katsutoshi Ikenoya <kikenoya@yahoo-corp.jp>
++---
++ proxy/http/HttpTransact.cc | 2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++diff --git a/proxy/http/HttpTransact.cc b/proxy/http/HttpTransact.cc
++index c5a37a3b2..c1d0cba06 100644
++--- a/proxy/http/HttpTransact.cc
+++++ b/proxy/http/HttpTransact.cc
++@@ -2820,7 +2820,7 @@ HttpTransact::build_response_from_cache(State *s, HTTPWarningCode warning_code)
++ // this late.
++ TxnDebug("http_seq", "[HttpTransact::HandleCacheOpenReadHit] Out-of-order Range request - tunneling");
++ s->cache_info.action = CACHE_DO_NO_ACTION;
++- if (s->force_dns) {
+++ if (s->force_dns || s->dns_info.lookup_success) {
++ HandleCacheOpenReadMiss(s); // DNS is already completed no need of doing DNS
++ } else {
++ CallOSDNSLookup(s);
++--
++2.30.2
++
--- /dev/null
--- /dev/null
++From 273bed72f34163cd32c6c0a1b6cbdc016bfc1597 Mon Sep 17 00:00:00 2001
++From: Bryan Call <bcall@apache.org>
++Date: Tue, 1 Aug 2023 14:52:34 -0700
++Subject: Remove duplicate slashes at the beginning of the incoming URL
++ (#10133)
++
++---
++ proxy/hdrs/URL.cc | 8 +
++ proxy/hdrs/unit_tests/test_URL.cc | 389 ++++++++++++++++++++++++++++++
++ 2 files changed, 397 insertions(+)
++
++diff --git a/proxy/hdrs/URL.cc b/proxy/hdrs/URL.cc
++index e38df3379..9977ad6a5 100644
++--- a/proxy/hdrs/URL.cc
+++++ b/proxy/hdrs/URL.cc
++@@ -1473,6 +1473,10 @@ done:
++ if (!path_end) {
++ path_end = cur;
++ }
+++ // Remove all preceding slashes
+++ while (path_start < path_end && *path_start == '/') {
+++ ++path_start;
+++ }
++ url_path_set(heap, url, path_start, path_end - path_start, copy_strings);
++ }
++ if (params_start) {
++@@ -1553,6 +1557,10 @@ url_parse_http_no_path_component_breakdown(HdrHeap *heap, URLImpl *url, const ch
++
++ // path is anything that's left.
++ if (cur < end) {
+++ // Remove all preceding slashes
+++ while (cur < end && *cur == '/') {
+++ cur++;
+++ }
++ url_path_set(heap, url, cur, end - cur, copy_strings);
++ cur = end;
++ }
++diff --git a/proxy/hdrs/unit_tests/test_URL.cc b/proxy/hdrs/unit_tests/test_URL.cc
++index 44f621c76..d5fc7f471 100644
++--- a/proxy/hdrs/unit_tests/test_URL.cc
+++++ b/proxy/hdrs/unit_tests/test_URL.cc
++@@ -145,3 +145,392 @@ TEST_CASE("UrlHashGet", "[url][hash_get]")
++ }
++ }
++ }
+++
+++struct url_parse_test_case {
+++ const std::string input_uri;
+++ const std::string expected_printed_url;
+++ const bool verify_host_characters;
+++ const std::string expected_printed_url_regex;
+++ const bool is_valid;
+++ const bool is_valid_regex;
+++};
+++
+++constexpr bool IS_VALID = true;
+++constexpr bool VERIFY_HOST_CHARACTERS = true;
+++
+++// clang-format off
+++std::vector<url_parse_test_case> url_parse_test_cases = {
+++ {
+++ "///dir////index.html",
+++ "/dir////index.html",
+++ VERIFY_HOST_CHARACTERS,
+++ "/dir////index.html",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ "/index.html",
+++ "/index.html",
+++ VERIFY_HOST_CHARACTERS,
+++ "/index.html",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ "//index.html",
+++ "/index.html",
+++ VERIFY_HOST_CHARACTERS,
+++ "/index.html",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ // The following scheme-only URI is technically valid per the spec, but we
+++ // have historically returned this as invalid and I'm not comfortable
+++ // changing it in case something depends upon this behavior. Besides, a
+++ // scheme-only URI is probably not helpful to us nor something likely
+++ // Traffic Server will see.
+++ "http://",
+++ "",
+++ VERIFY_HOST_CHARACTERS,
+++ "",
+++ !IS_VALID,
+++ !IS_VALID
+++ },
+++ {
+++ "https:///",
+++ "https:///",
+++ VERIFY_HOST_CHARACTERS,
+++ "https:///",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ // RFC 3986 section-3: When authority is not present, the path cannot begin
+++ // with two slash characters ("//"). We have historically allowed this,
+++ // however, and will continue to do so.
+++ "https:////",
+++ "https:///",
+++ VERIFY_HOST_CHARACTERS,
+++ "https:///",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ // By convention, our url_print() function adds a path of '/' at the end of
+++ // URLs that have no path, query, or fragment after the authority.
+++ "mailto:Test.User@example.com",
+++ "mailto:Test.User@example.com/",
+++ VERIFY_HOST_CHARACTERS,
+++ "mailto:Test.User@example.com/",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ "mailto:Test.User@example.com:25",
+++ "mailto:Test.User@example.com:25/",
+++ VERIFY_HOST_CHARACTERS,
+++ "mailto:Test.User@example.com:25/",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ "https://www.example.com",
+++ "https://www.example.com/",
+++ VERIFY_HOST_CHARACTERS,
+++ "https://www.example.com/",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ "https://www.example.com/",
+++ "https://www.example.com/",
+++ VERIFY_HOST_CHARACTERS,
+++ "https://www.example.com/",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ "https://www.example.com//",
+++ "https://www.example.com/",
+++ VERIFY_HOST_CHARACTERS,
+++ "https://www.example.com/",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ "https://127.0.0.1",
+++ "https://127.0.0.1/",
+++ VERIFY_HOST_CHARACTERS,
+++ "https://127.0.0.1/",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ "https://[::1]",
+++ "https://[::1]/",
+++ VERIFY_HOST_CHARACTERS,
+++ "https://[::1]/",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ "https://127.0.0.1/",
+++ "https://127.0.0.1/",
+++ VERIFY_HOST_CHARACTERS,
+++ "https://127.0.0.1/",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ "https://www.example.com:8888",
+++ "https://www.example.com:8888/",
+++ VERIFY_HOST_CHARACTERS,
+++ "https://www.example.com:8888/",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ "https://www.example.com:8888/",
+++ "https://www.example.com:8888/",
+++ VERIFY_HOST_CHARACTERS,
+++ "https://www.example.com:8888/",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ "https://www.example.com/a/path",
+++ "https://www.example.com/a/path",
+++ VERIFY_HOST_CHARACTERS,
+++ "https://www.example.com/a/path",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ "https://www.example.com//a/path",
+++ "https://www.example.com/a/path",
+++ VERIFY_HOST_CHARACTERS,
+++ "https://www.example.com/a/path",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++
+++ // Technically a trailing '?' with an empty query string is valid, but we
+++ // drop the '?'. The parse_regex, however, makes no distinction between
+++ // query, fragment, and path components so it does not cut it out.
+++ {
+++ "https://www.example.com/a/path?",
+++ "https://www.example.com/a/path",
+++ VERIFY_HOST_CHARACTERS,
+++ "https://www.example.com/a/path?",
+++ IS_VALID,
+++ IS_VALID},
+++ {
+++ "https://www.example.com/a/path?name=value",
+++ "https://www.example.com/a/path?name=value",
+++ VERIFY_HOST_CHARACTERS,
+++ "https://www.example.com/a/path?name=value",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ "https://www.example.com/a/path?name=/a/path/value",
+++ "https://www.example.com/a/path?name=/a/path/value",
+++ VERIFY_HOST_CHARACTERS,
+++ "https://www.example.com/a/path?name=/a/path/value",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ "https://www.example.com/a/path?name=/a/path/value;some=other_value",
+++ "https://www.example.com/a/path?name=/a/path/value;some=other_value",
+++ VERIFY_HOST_CHARACTERS,
+++ "https://www.example.com/a/path?name=/a/path/value;some=other_value",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ "https://www.example.com/a/path?name=/a/path/value;some=other_value/",
+++ "https://www.example.com/a/path?name=/a/path/value;some=other_value/",
+++ VERIFY_HOST_CHARACTERS,
+++ "https://www.example.com/a/path?name=/a/path/value;some=other_value/",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++
+++ // XXX - Tests didn't pass before this change, so commenting out for now.
+++ // Again, URL::parse drops a final '?'.
+++ // {
+++ // "https://www.example.com?",
+++ // "https://www.example.com",
+++ // VERIFY_HOST_CHARACTERS,
+++ // "https://www.example.com?/",
+++ // IS_VALID,
+++ // IS_VALID
+++ // },
+++ // {
+++ // "https://www.example.com?name=value",
+++ // "https://www.example.com?name=value",
+++ // VERIFY_HOST_CHARACTERS,
+++ // "https://www.example.com?name=value/",
+++ // IS_VALID,
+++ // IS_VALID
+++ // },
+++ // {
+++ // "https://www.example.com?name=value/",
+++ // "https://www.example.com?name=value/",
+++ // VERIFY_HOST_CHARACTERS,
+++ // "https://www.example.com?name=value/",
+++ // IS_VALID,
+++ // IS_VALID
+++ // },
+++
+++ // URL::parse also drops the final '#'.
+++ // {
+++ // "https://www.example.com#",
+++ // "https://www.example.com",
+++ // VERIFY_HOST_CHARACTERS,
+++ // "https://www.example.com#/",
+++ // IS_VALID,
+++ // IS_VALID
+++ // },
+++ // {
+++ // "https://www.example.com#some=value",
+++ // "https://www.example.com#some=value",
+++ // VERIFY_HOST_CHARACTERS,
+++ // "https://www.example.com#some=value/",
+++ // IS_VALID,
+++ // IS_VALID
+++ // },
+++ {
+++ "https://www.example.com/a/path#",
+++ "https://www.example.com/a/path",
+++ VERIFY_HOST_CHARACTERS,
+++ "https://www.example.com/a/path#",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ "https://www.example.com/a/path#some=value",
+++ "https://www.example.com/a/path#some=value",
+++ VERIFY_HOST_CHARACTERS,
+++ "https://www.example.com/a/path#some=value",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ // Note that this final '?' is not for a query parameter but is a part of
+++ // the fragment.
+++ "https://www.example.com/a/path#some=value?",
+++ "https://www.example.com/a/path#some=value?",
+++ VERIFY_HOST_CHARACTERS,
+++ "https://www.example.com/a/path#some=value?",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ "https://www.example.com/a/path#some=value?with_question",
+++ "https://www.example.com/a/path#some=value?with_question",
+++ VERIFY_HOST_CHARACTERS,
+++ "https://www.example.com/a/path#some=value?with_question",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ "https://www.example.com/a/path?name=value?_with_question#some=value?with_question/",
+++ "https://www.example.com/a/path?name=value?_with_question#some=value?with_question/",
+++ VERIFY_HOST_CHARACTERS,
+++ "https://www.example.com/a/path?name=value?_with_question#some=value?with_question/",
+++ IS_VALID,
+++ IS_VALID
+++ },
+++
+++ // The following are some examples of strings we expect from regex_map in
+++ // remap.config. The "From" portion, which are regular expressions, are
+++ // often not parsible by URL::parse but are by URL::parse_regex, which is the
+++ // purpose of its existence.
+++ {
+++ R"(http://(.*)?reactivate\.mail\.yahoo\.com/)",
+++ "",
+++ VERIFY_HOST_CHARACTERS,
+++ R"(http://(.*)?reactivate\.mail\.yahoo\.com/)",
+++ !IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ // The following is an example of a "To" URL in a regex_map line. We'll
+++ // first verify that the '$' is flagged as invalid for a host in this case.
+++ "http://$1reactivate.real.mail.yahoo.com/",
+++ "http://$1reactivate.real.mail.yahoo.com/",
+++ VERIFY_HOST_CHARACTERS,
+++ "http://$1reactivate.real.mail.yahoo.com/",
+++ !IS_VALID,
+++ IS_VALID
+++ },
+++ {
+++ // Same as above, but this time we pass in !VERIFY_HOST_CHARACTERS. This is
+++ // how RemapConfig will call this parse() function.
+++ "http://$1reactivate.real.mail.yahoo.com/",
+++ "http://$1reactivate.real.mail.yahoo.com/",
+++ !VERIFY_HOST_CHARACTERS,
+++ "http://$1reactivate.real.mail.yahoo.com/",
+++ IS_VALID,
+++ IS_VALID
+++ }
+++};
+++// clang-format on
+++
+++constexpr bool URL_PARSE = true;
+++constexpr bool URL_PARSE_REGEX = false;
+++
+++/** Test the specified url.parse function.
+++ *
+++ * URL::parse and URL::parse_regex should behave the same. This function
+++ * performs the same behavior for each.
+++ *
+++ * @param[in] test_case The test case specification to run.
+++ *
+++ * @param[in] parse_function Whether to run parse() or
+++ * parse_regex().
+++ */
+++void
+++test_parse(url_parse_test_case const &test_case, bool parse_function)
+++{
+++ URL url;
+++ HdrHeap *heap = new_HdrHeap();
+++ url.create(heap);
+++ ParseResult result = PARSE_RESULT_OK;
+++ if (test_case.verify_host_characters) {
+++ result = url.parse(test_case.input_uri.c_str(), test_case.input_uri.size());
+++ } else {
+++ heap->destroy();
+++ return;
+++ //result = url.parse_no_host_check(test_case.input_uri.c_str(), test_case.input_uri.size());
+++ }
+++ bool expected_is_valid = test_case.is_valid;
+++
+++ if (expected_is_valid && result != PARSE_RESULT_DONE) {
+++ std::printf("Parse URI: \"%s\", expected it to be valid but it was parsed invalid (%d)\n", test_case.input_uri.c_str(), result);
+++ CHECK(false);
+++ } else if (!expected_is_valid && result != PARSE_RESULT_ERROR) {
+++ std::printf("Parse URI: \"%s\", expected it to be invalid but it was parsed valid (%d)\n", test_case.input_uri.c_str(), result);
+++ CHECK(false);
+++ }
+++ if (result == PARSE_RESULT_DONE) {
+++ char buf[1024];
+++ int index = 0;
+++ int offset = 0;
+++ url.print(buf, sizeof(buf), &index, &offset);
+++ std::string printed_url{buf, static_cast<size_t>(index)};
+++ CHECK(test_case.expected_printed_url == printed_url);
+++ CHECK(test_case.expected_printed_url.size() == printed_url.size());
+++ }
+++ heap->destroy();
+++}
+++
+++TEST_CASE("UrlParse", "[proxy][parseurl]")
+++{
+++ for (auto const &test_case : url_parse_test_cases) {
+++ test_parse(test_case, URL_PARSE);
+++ }
+++}
++--
++2.30.2
++
--- /dev/null
--- /dev/null
++Description: make the build reproducible
++Author: Reiner Herrmann <reiner@reiner-h.de>
++Origin: other, https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833176
++Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
++Last-Update: 2016-11-18
++---
++This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
++--- a/configure.ac
+++++ b/configure.ac
++@@ -144,9 +144,9 @@ AC_ARG_WITH([build-number],
++ #
++ # Build environment
++ #
++-build_person="`id -nu | sed -e 's/\\\\/\\\\\\\\/g'`"
++-build_group="`id -ng | sed -e 's/\\\\/\\\\\\\\/g'`"
++-build_machine="`uname -n | sed -e 's/\\\\/\\\\\\\\/g'`"
+++build_person="root"
+++build_group="root"
+++build_machine="localhost"
++ AC_SUBST([build_machine])
++ AC_SUBST([build_person])
++ AC_SUBST([build_group])
--- /dev/null
--- /dev/null
++Description: Make documentation build works outside of git repository
++ Current documentation build requires git and curl to get some stuff from the internet
++ This patch aims to delete those dependencies, forcing git branch to master,
++ and using Debian provided plantuml instead of downloading it from apache mirror
++Author: Jean Baptiste Favre <debian@jbfavre.org>
++Origin: other
++Last-Update: 2019-01-03
++---
++This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
++--- a/doc/ext/traffic-server.py
+++++ b/doc/ext/traffic-server.py
++@@ -380,7 +380,7 @@ with open('../configure.ac', 'r') as f:
++ autoconf_version = '.'.join(match.group(1).split('.', 2)[:2] + ['x'])
++
++ # get the current branch the local repository is on
++-git_branch = subprocess.check_output(['git', 'rev-parse', '--abbrev-ref', 'HEAD'])
+++git_branch = "master"
++
++
++ def make_github_link(name, rawtext, text, lineno, inliner, options={}, content=[]):
++--- a/doc/Makefile.am
+++++ b/doc/Makefile.am
++@@ -61,7 +61,7 @@ I18NSPHINXOPTS = $(SPHINXOPTS)
++ # The PAPER setting variables requires recursive make variable expansion, which automake
++ # detects as non-portable. We bounce this through a shell script and do the expansion there.
++ SBUILD = PAPEROPT_a4="$(PAPEROPT_a4)" PAPEROPT_letter="$(PAPEROPT_letter)" PAPER="$(PAPER)" \
++- PLANTUML_JAR="$(shell ext/plantuml_fetch.sh | tail -1)" \
+++ PLANTUML_JAR="/usr/share/plantuml/plantuml.jar" \
++ $(srcdir)/sbuild $(SPHINXBUILD) \
++ -c $(srcdir) \
++ $(ALLSPHINXOPTS)
++--- a/doc/uml/Makefile.am
+++++ b/doc/uml/Makefile.am
++@@ -18,7 +18,7 @@
++
++ if BUILD_DOCS
++ images := $(patsubst %.uml,images/%.svg,$(wildcard *.uml))
++-PLANTUML_JAR := $(shell ../ext/plantuml_fetch.sh | tail -1)
+++PLANTUML_JAR := /usr/share/plantuml/plantuml.jar
++
++ all-am: jar-check $(images)
++ endif
++@@ -39,7 +39,7 @@ latex: all-am
++ man: all-am
++
++ images/%.svg : %.uml
++- $(JAVA) -jar $(PLANTUML_JAR) -o images -tsvg $<
+++ $(JAVA) -jar $(PLANTUML_JAR) -graphvizdot /usr/bin/dot -o images -tsvg $<
++
++ clean-local:
++ rm -f images/*.svg
--- /dev/null
--- /dev/null
++Description: Force python3 usage, add libfakeroot-sysv to blacklist
++Author: Jean Baptiste Favre <debian@jbfavre.org>
++Origin: other
++Last-Update: 2018-09-24
++---
++This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
++--- a/tools/check-unused-dependencies
+++++ b/tools/check-unused-dependencies
++@@ -54,7 +54,8 @@ def get_dependencies(program):
++ 'libgcc_s.so.',
++ 'libm.so.', # Why does Libtool call ld with -lm?
++ 'libpthread.so.', # Because we add -lpthread to LIBS
++- 'librt.so.' # clang + asan pulls this in
+++ 'librt.so.', # clang + asan pulls this in
+++ 'libfakeroot-sysv.so'
++ ])):
++ continue
++
--- /dev/null
--- /dev/null
++Description: Fix build issue with MySQL 8
++ The my_bool type is no longer used in MySQL source code.
++ Any third-party code that used this type to represent C
++ boolean variables should use the bool or int C type instead.
++Author: Jean Baptiste Favre <debian@jbfavre.org>
++Origin: other, https://bugs.launchpad.net/ubuntu/+source/trafficserver/+bug/1795362
++Forwarded: https://github.com/apache/trafficserver/pull/4360
++Applied-Upstream: https://github.com/apache/trafficserver/commit/05b30527974416768515506f69da338652c23260
++Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
++Last-Update: 2018-10-06
++---
++This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
++--- a/plugins/experimental/mysql_remap/mysql_remap.cc
+++++ b/plugins/experimental/mysql_remap/mysql_remap.cc
++@@ -187,7 +187,7 @@ TSPluginInit(int argc, const char *argv[
++ my_data *data = (my_data *)malloc(1 * sizeof(my_data));
++
++ TSPluginRegistrationInfo info;
++- my_bool reconnect = 1;
+++ bool reconnect = 1;
++
++ info.plugin_name = const_cast<char *>(PLUGIN_NAME);
++ info.vendor_name = const_cast<char *>("Apache Software Foundation");
--- /dev/null
--- /dev/null
++Description: Fix Segmentation fault in ShowCache::handleCacheEvent
++Author: zhang <15535135608@163.com>
++Origin: upstream
++Bug: https://github.com/apache/trafficserver/issues/4328
++Applied-Upstream: https://github.com/apache/trafficserver/commit/616eb10bfc35599a2c93ff30879d584a05ddf83e
++Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
++Last-Update: 2018-10-17
++---
++This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
++--- a/iocore/cache/CachePages.cc
+++++ b/iocore/cache/CachePages.cc
++@@ -337,6 +337,13 @@ ShowCache::handleCacheEvent(int event, E
++ CacheHTTPInfoVector *vec = &(cache_vc->vector);
++ int alt_count = vec->count();
++ if (alt_count) {
+++ // check cache_vc->first_buf is NULL, response cache lookup busy.
+++ if (cache_vc->first_buf == nullptr) {
+++ cache_vc->do_io_close(-1);
+++ CHECK_SHOW(show("<H3>Cache Lookup Busy, please try again</H3>\n"));
+++ return complete(event, e);
+++ }
+++
++ Doc *d = (Doc *)(cache_vc->first_buf->data());
++ time_t t;
++ char tmpstr[4096];
--- /dev/null
--- /dev/null
++Description: Fix various speeling issues
++Author: Jean Baptiste Favre <debian@jbfavre.org>
++Forwarded: https://github.com/apache/trafficserver/pull/4750
++Applied-Upstream: https://github.com/apache/trafficserver/commit/af0ad4a1880a21743e98331855bb78e15d5406ef
++Last-Update: 2019-01-03
++---
++This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
++--- a/doc/admin-guide/files/ip_allow.config.en.rst
+++++ b/doc/admin-guide/files/ip_allow.config.en.rst
++@@ -55,7 +55,7 @@ range with the lower and upper values eq
++ The value of ``method`` is a string which must consist of either HTTP method names separated by the
++ character '|' or the keyword literal ``ALL``. This keyword may omitted in which case it is treated
++ as if it were ``method=ALL``. Methods can also be specified by having multiple instances of the
++-``method`` keyword, each specifiying a single method. E.g., ``method=GET|HEAD`` is the same as
+++``method`` keyword, each specifying a single method. E.g., ``method=GET|HEAD`` is the same as
++ ``method=GET method=HEAD``. The method names are not validated which means non-standard method names
++ can be specified.
++
++@@ -104,7 +104,7 @@ If the entire subnet were to be denied,
++
++ src_ip=123.45.6.0/24 action=ip_deny
++
++-The following example allows to any upstream servers::
+++The following example allows one to any upstream servers::
++
++ dest_ip=0.0.0.0-255.255.255.255 action=ip_allow
++
++--- a/doc/admin-guide/files/parent.config.en.rst
+++++ b/doc/admin-guide/files/parent.config.en.rst
++@@ -210,7 +210,7 @@ The following list shows the possible ac
++ - ``simple_retry`` - If the parent origin server returns a 404 response on a request
++ a new parent is selected and the request is retried. The number of retries is controlled
++ by ``max_simple_retries`` which is set to 1 by default.
++- - ``unavailable_server_retry`` - If the parent returns a 503 response or if the reponse matches
+++ - ``unavailable_server_retry`` - If the parent returns a 503 response or if the response matches
++ a list of http 5xx responses defined in ``unavailable_server_retry_responses``, the currently selected
++ parent is marked down and a new parent is selected to retry the request. The number of
++ retries is controlled by ``max_unavailable_server_retries`` which is set to 1 by default.
++@@ -228,7 +228,7 @@ The following list shows the possible ac
++
++ ``max_simple_retries``
++ By default the value for ``max_simple_retries`` is 1. It may be set to any value in the range 1 to 5.
++- If ``parent_retry`` is set to ``simple_retry`` or ``both`` a 404 reponse
+++ If ``parent_retry`` is set to ``simple_retry`` or ``both`` a 404 response
++ from a parent origin server will cause the request to be retried using a new parent at most 1 to 5
++ times as configured by ``max_simple_retries``.
++
++@@ -236,7 +236,7 @@ The following list shows the possible ac
++
++ ``max_unavailable_server_retries``
++ By default the value for ``max_unavailable_server_retries`` is 1. It may be set to any value in the range 1 to 5.
++- If ``parent_retry`` is set to ``unavailable_server_retries`` or ``both`` a 503 reponse
+++ If ``parent_retry`` is set to ``unavailable_server_retries`` or ``both`` a 503 response
++ by default or any http 5xx response listed in the list ``unavailable_server_retry_responses`` from a parent origin server will
++ cause the request to be retried using a new parent after first marking the current parent down. The request
++ will be retried at most 1 to 5 times as configured by ``max_unavailable_server_retries``.
++--- a/doc/admin-guide/files/records.config.en.rst
+++++ b/doc/admin-guide/files/records.config.en.rst
++@@ -833,7 +833,7 @@ mptcp
++ ===== ======================================================================
++ Value Description
++ ===== ======================================================================
++- ``0`` |TS| will buffer the request until the post body has been recieved and
+++ ``0`` |TS| will buffer the request until the post body has been received and
++ then send the request to the origin server.
++ ``1`` Immediately return a ``100 Continue`` from |TS| without waiting for
++ the post body.
++@@ -1653,7 +1653,7 @@ Proxy User Variables
++ connection=full Full user agent connection :ref:`protocol tags <protocol_tags>`
++ ================== ===============================================================
++
++- Each paramater in the list must be separated by ``|`` or ``:``. For example, ``for|by=uuid|proto`` is
+++ Each parameter in the list must be separated by ``|`` or ``:``. For example, ``for|by=uuid|proto`` is
++ a valid value for this variable. Note that the ``connection`` parameter is a non-standard extension to
++ RFC 7239. Also note that, while Traffic Server allows multiple ``by`` parameters for the same proxy, this
++ is prohibited by RFC 7239. Currently, for the ``host`` parameter to provide the original host from the
++@@ -1681,7 +1681,7 @@ Proxy User Variables
++ information.
++ See :ts:cv:`proxy.config.http.server_ports` for information on how to enable Proxy Protocol on a port.
++
++- See :ref:`proxy-protocol` for more discussion on how |TS| tranforms the `Forwarded: header.
+++ See :ref:`proxy-protocol` for more discussion on how |TS| transforms the `Forwarded: header.
++
++ .. ts:cv:: CONFIG proxy.config.http.normalize_ae INT 1
++ :reloadable:
++@@ -2387,7 +2387,7 @@ DNS
++
++ .. ts:cv:: CONFIG proxy.config.dns.resolv_conf STRING /etc/resolv.conf
++
++- Allows to specify which ``resolv.conf`` file to use for finding resolvers. While the format of this file must be the same as the
+++ Allows one to specify which ``resolv.conf`` file to use for finding resolvers. While the format of this file must be the same as the
++ standard ``resolv.conf`` file, this option allows an administrator to manage the set of resolvers in an external configuration file,
++ without affecting how the rest of the operating system uses DNS.
++
++@@ -2654,7 +2654,7 @@ HostDB
++ Set the frequency (in seconds) to sync hostdb to disk.
++
++ Note: hostdb is syncd to disk on a per-partition basis (of which there are 64).
++- This means that the minumum time to sync all data to disk is :ts:cv:`proxy.config.cache.hostdb.sync_frequency` * 64
+++ This means that the minimum time to sync all data to disk is :ts:cv:`proxy.config.cache.hostdb.sync_frequency` * 64
++
++ Logging Configuration
++ =====================
++@@ -2988,7 +2988,7 @@ Diagnostic Logging Configuration
++
++ .. ts:cv:: CONFIG proxy.config.diags.debug.tags STRING http|dns
++
++- Each |TS| `diag` and `debug` level message is annotated with a subsytem tag. This configuration
+++ Each |TS| `diag` and `debug` level message is annotated with a subsystem tag. This configuration
++ contains an anchored regular expression that filters the messages based on the tag. The
++ expressions are prefix matched which creates an implicit ``.*`` at the end. Therefore the default
++ value ``http|dns`` will match tags such as ``http``, ``http_hdrs``, ``dns``, and ``dns_recv``.
++@@ -2996,7 +2996,7 @@ Diagnostic Logging Configuration
++ Some commonly used debug tags are:
++
++ ============ =====================================================
++- Tag Subsytem usage
+++ Tag Subsystem usage
++ ============ =====================================================
++ dns DNS query resolution
++ http_hdrs Logs the headers for HTTP requests and responses
++@@ -3152,7 +3152,7 @@ SSL Termination
++ .. ts:cv:: CONFIG proxy.config.ssl.client.groups_list STRING <See notes under proxy.config.ssl.server.groups_list.>
++
++ Configures the list of supported groups provided by OpenSSL which
++- |TS| will use for the "key_share" and "supported groups" extention
+++ |TS| will use for the "key_share" and "supported groups" extension
++ of TLSv1.3 connections. The value is a colon separated list of
++ group NIDs or names, for example "P-521:P-384:P-256". For
++ instructions, see "Groups" section of `TLS1.3 - OpenSSLWiki <https://wiki.openssl.org/index.php/TLS1.3#Groups>`_.
++@@ -3295,7 +3295,7 @@ SSL Termination
++ ``0`` Disables the session cache entirely.
++ ``1`` Enables the session cache using OpenSSL's implementation.
++ ``2`` Default. Enables the session cache using |TS|'s implementation. This
++- implentation should perform much better than the OpenSSL
+++ implementation should perform much better than the OpenSSL
++ implementation.
++ ===== ======================================================================
++
++--- a/doc/admin-guide/files/remap.config.en.rst
+++++ b/doc/admin-guide/files/remap.config.en.rst
++@@ -415,7 +415,7 @@ Acl Filters
++
++ Acl filters can be created to control access of specific remap lines. The markup
++ is very similar to that of :file:`ip_allow.config`, with slight changes to
++-accomodate remap markup
+++accommodate remap markup
++
++ Examples
++ --------
++--- a/doc/admin-guide/files/storage.config.en.rst
+++++ b/doc/admin-guide/files/storage.config.en.rst
++@@ -92,7 +92,7 @@ which will effectively clear most of the
++ reboot causes the path names to change.
++
++ The :arg:`id` option can be used to create a fixed string that an administrator can use to keep the
++-assignment table consistent by maintaing the mapping from physical device to base string even in the presence of hardware changes and failures.
+++assignment table consistent by maintaining the mapping from physical device to base string even in the presence of hardware changes and failures.
++
++ Examples
++ ========
++--- a/doc/appendices/command-line/traffic_ctl.en.rst
+++++ b/doc/appendices/command-line/traffic_ctl.en.rst
++@@ -255,7 +255,7 @@ traffic_ctl host
++ .. program:: traffic_ctl host
++ .. option:: status HOSTNAME [HOSTNAME ...]
++
++- Get the current status of the hosts used in parent.config as a next hop in a multi-tiered cache heirarchy. The value 0 or 1 is returned indicating that the host is marked as down '0' or marked as up '1'. If a host is marked as down, it will not be used as the next hop parent, another host marked as up will be chosen.
+++ Get the current status of the hosts used in parent.config as a next hop in a multi-tiered cache hierarchy. The value 0 or 1 is returned indicating that the host is marked as down '0' or marked as up '1'. If a host is marked as down, it will not be used as the next hop parent, another host marked as up will be chosen.
++
++ .. program:: traffic_ctl host
++ .. option:: down --time seconds --reason 'active|local|manual' HOSTNAME [HOSTNAME ...]
++--- a/doc/developer-guide/api/functions/TSCacheRemove.en.rst
+++++ b/doc/developer-guide/api/functions/TSCacheRemove.en.rst
++@@ -41,4 +41,4 @@ the cache calls :arg:`contp` back with t
++ In both of these callbacks, the user (:arg:`contp`) does not have to do
++ anything. The user does not get any vconnection from the cache, since
++ no data needs to be transferred. When the cache calls :arg:`contp` back with
++-:data:`TS_EVENT_CACHE_REMOVE`, the remove has already been commited.
+++:data:`TS_EVENT_CACHE_REMOVE`, the remove has already been committed.
++--- a/doc/developer-guide/api/functions/TSContSchedule.en.rst
+++++ b/doc/developer-guide/api/functions/TSContSchedule.en.rst
++@@ -32,7 +32,7 @@ Description
++ ===========
++
++ Schedules :arg:`contp` to run :arg:`delay` milliseconds in the future. This is approximate. The delay
++-will be at least :arg:`delay` but possibly more. Resultions finer than roughly 5 milliseconds will
+++will be at least :arg:`delay` but possibly more. Resolutions finer than roughly 5 milliseconds will
++ not be effective. :arg:`contp` is required to have a mutex, which is provided to
++ :func:`TSContCreate`.
++
++--- a/doc/developer-guide/api/functions/TSHttpConnectWithPluginId.en.rst
+++++ b/doc/developer-guide/api/functions/TSHttpConnectWithPluginId.en.rst
++@@ -79,7 +79,7 @@ virtual connection.
++
++ The combination of :arg:`tag` and :arg:`id` is intended to enable correlation
++ in log post processing. The :arg:`tag` identifies the connection as related
++-to the plugin and the :arg:`id` can be used in conjuction with plugin
+++to the plugin and the :arg:`id` can be used in conjunction with plugin
++ generated logs to correlate the log records.
++
++ Notes
++--- a/doc/developer-guide/api/functions/TSHttpOverridableConfig.en.rst
+++++ b/doc/developer-guide/api/functions/TSHttpOverridableConfig.en.rst
++@@ -43,7 +43,7 @@ Description
++
++ Some of the values that are set in :file:`records.config` can be changed for a
++ specific transaction. It is important to note that these functions change the
++-configuration values stored for the transation, which is not quite the same as
+++configuration values stored for the transaction, which is not quite the same as
++ changing the actual operating values of the transaction. The critical effect is
++ the value must be changed before it is used by the transaction - after that,
++ changes will not have any effect.
++--- a/doc/developer-guide/api/functions/TSHttpTxnErrorBodySet.en.rst
+++++ b/doc/developer-guide/api/functions/TSHttpTxnErrorBodySet.en.rst
++@@ -36,4 +36,4 @@ Description
++ Note that both string arguments must be allocated with :c:func:`TSmalloc` or
++ :c:func:`TSstrdup`. The :arg:`mimetype` is optional, and if not provided it
++ defaults to :literal:`text/html`. Sending an empty string would prevent setting
++-a content type header (but that is not adviced).
+++a content type header (but that is not advised).
++--- a/doc/developer-guide/api/functions/TSHttpTxnMilestoneGet.en.rst
+++++ b/doc/developer-guide/api/functions/TSHttpTxnMilestoneGet.en.rst
++@@ -138,7 +138,7 @@ is successful.
++
++ .. macro:: TS_MILESTONE_LAST_ENTRY
++
++- A psuedo index which is set to be one more than the last valid index. This is useful for looping over the data.
+++ A pseudo index which is set to be one more than the last valid index. This is useful for looping over the data.
++
++
++ * The server connect times predate the transmission of the :literal:`SYN`
++--- a/doc/developer-guide/api/functions/TSHttpTxnServerIntercept.en.rst
+++++ b/doc/developer-guide/api/functions/TSHttpTxnServerIntercept.en.rst
++@@ -53,7 +53,7 @@ The response from the plugin is cached s
++ caching rules. Should the plugin wish the response not be cached, the plugin
++ must use appropriate HTTP response headers to prevent caching. The primary
++ purpose of :func:`TSHttpTxnServerIntercept` is allow plugins to provide gateways
++-to other protocols or to allow to plugin to its own transport for the next hop
+++to other protocols or to allow one to plugin to its own transport for the next hop
++ to the server. :func:`TSHttpTxnServerIntercept` overrides parent cache
++ configuration.
++
++--- a/doc/developer-guide/api/functions/TSIOBufferReader.en.rst
+++++ b/doc/developer-guide/api/functions/TSIOBufferReader.en.rst
++@@ -59,7 +59,7 @@ has two very important consequences --
++ * Conversely keeping a reader around unused will pin the buffer data in memory. This can be useful or harmful.
++
++ A buffer has a fixed amount of possible readers (currently 5) which is determined at compile
++-time. Reader allocation is fast and cheap until this maxium is reached at which point it fails.
+++time. Reader allocation is fast and cheap until this maximum is reached at which point it fails.
++
++ :func:`TSIOBufferReaderAlloc` allocates a reader for the IO buffer :arg:`bufp`. This should only be
++ called on a newly allocated buffer. If not the location of the reader in the buffer will be
++--- a/doc/developer-guide/api/functions/TSSslContext.en.rst
+++++ b/doc/developer-guide/api/functions/TSSslContext.en.rst
++@@ -36,11 +36,11 @@ Description
++ ===========
++
++ :func:`TSSslContextFindByName` searches for a SSL server context
++-created from :file:`ssl_multicert.config`, matching against the
+++created from :file:`ssl_multicert.config`, matchingg against the
++ server :arg:`name`.
++
++ :func:`TSSslContextFindByAddr` searches for a SSL server context
++-created from :file:`ssl_multicert.config` matchin against the server
+++created from :file:`ssl_multicert.config` matching against the server
++ :arg:`address`.
++
++
++--- a/doc/developer-guide/api/functions/TSSslSession.en.rst
+++++ b/doc/developer-guide/api/functions/TSSslSession.en.rst
++@@ -46,7 +46,7 @@ The functions also work with the :type:`
++
++ These functions perform the appropriate locking on the session cache to avoid errors.
++
++-The :func:`TSSslSessionGet` and :func:`TSSslSessionGetBuffer` functions retreive the :type:`TSSslSession` object that is identifed by the
+++The :func:`TSSslSessionGet` and :func:`TSSslSessionGetBuffer` functions retrieve the :type:`TSSslSession` object that is identifed by the
++ :type:`TSSslSessionID` object. If there is no matching sesion object, :func:`TSSslSessionGet` returns NULL and :func:`TSSslSessionGetBuffer`
++ returns 0.
++
++--- a/doc/developer-guide/api/functions/TSStat.en.rst
+++++ b/doc/developer-guide/api/functions/TSStat.en.rst
++@@ -46,9 +46,9 @@ Description
++
++ A plugin statistic is created by :func:`TSStatCreate`. The :arg:`name` must be globally unique and
++ should follow the standard dotted tag form. To avoid collisions and for easy of use the first tag
++-should be the plugin name or something easily derived from it. Currently only integers are suppored
+++should be the plugin name or something easily derived from it. Currently only integers are supported
++ therefore :arg:`type` must be :macro:`TS_RECORDDATATYPE_INT`. The return value is the index of the
++-statistic. In general thsi should work but if it doesn't it will :code:`assert`. In particular,
+++statistic. In general this should work but if it doesn't it will :code:`assert`. In particular,
++ creating the same statistic twice will fail in this way, which can happen if statistics are created
++ as part of or based on configuration files and |TS| is reloaded.
++
++--- a/doc/developer-guide/api/functions/TSVConnReenable.en.rst
+++++ b/doc/developer-guide/api/functions/TSVConnReenable.en.rst
++@@ -32,7 +32,7 @@ Description
++ ===========
++
++ Reenable the SSL connection :arg:`svc`. If a plugin hook is called, ATS
++-processing on that connnection will not resume until this is invoked for that
+++processing on that connection will not resume until this is invoked for that
++ connection.
++
++ If the server is running OpenSSL 1.0.1 with the appropraite patch installed or
++--- a/doc/developer-guide/api/functions/TSfwrite.en.rst
+++++ b/doc/developer-guide/api/functions/TSfwrite.en.rst
++@@ -44,4 +44,4 @@ The behavior is undefined if length is g
++ Return Value
++ ============
++
++-Returns the number of bytes actually written, or -1 if an error occured.
+++Returns the number of bytes actually written, or -1 if an error occurred.
++--- a/iocore/cache/CacheHosting.cc
+++++ b/iocore/cache/CacheHosting.cc
++@@ -715,7 +715,7 @@ ConfigVolumes::BuildListFromString(char
++ // added by YTS Team, yamsat for bug id 59632
++ total += size;
++ if (size > 100 || total > 100) {
++- err = "Total volume size added upto more than 100 percent, No volumes created";
+++ err = "Total volume size added up to more than 100 percent, No volumes created";
++ break;
++ }
++ // ends here
++--- a/iocore/eventsystem/IOBuffer.cc
+++++ b/iocore/eventsystem/IOBuffer.cc
++@@ -182,7 +182,7 @@ MIOBuffer::puts(char *s, int64_t len)
++ }
++ if (!*pb || *pb == '\n') {
++ int64_t n = (int64_t)(pb - s);
++- memcpy(end(), s, n + 1); // Upto and including '\n'
+++ memcpy(end(), s, n + 1); // Up to and including '\n'
++ end()[n + 1] = 0;
++ fill(n + 1);
++ return n + 1;
++--- a/plugins/esi/lib/EsiProcessor.cc
+++++ b/plugins/esi/lib/EsiProcessor.cc
++@@ -305,7 +305,7 @@ EsiProcessor::process(const char *&data,
++
++ /* FAILURE CACHE */
++ FailureData *data = static_cast<FailureData *>(pthread_getspecific(threadKey));
++- _debugLog("plugin_esi_failureInfo", "[%s]Fetched data related to thread specfic %p", __FUNCTION__, data);
+++ _debugLog("plugin_esi_failureInfo", "[%s]Fetched data related to thread specific %p", __FUNCTION__, data);
++
++ for (iter = try_iter->attempt_nodes.begin(); iter != try_iter->attempt_nodes.end(); ++iter) {
++ if ((iter->type == DocNode::TYPE_INCLUDE) || iter->type == DocNode::TYPE_SPECIAL_INCLUDE) {
++@@ -342,7 +342,7 @@ EsiProcessor::process(const char *&data,
++ }
++ }
++ if (attempt_succeeded) {
++- _debugLog(_debug_tag, "[%s] attempt section succeded; using attempt section", __FUNCTION__);
+++ _debugLog(_debug_tag, "[%s] attempt section succeeded; using attempt section", __FUNCTION__);
++ _node_list.splice(try_iter->pos, try_iter->attempt_nodes);
++ } else {
++ _debugLog(_debug_tag, "[%s] attempt section errored; trying except section", __FUNCTION__);
++@@ -436,7 +436,7 @@ EsiProcessor::flush(string &data, int &o
++
++ /* FAILURE CACHE */
++ FailureData *fdata = static_cast<FailureData *>(pthread_getspecific(threadKey));
++- _debugLog("plugin_esi_failureInfo", "[%s]Fetched data related to thread specfic %p", __FUNCTION__, fdata);
+++ _debugLog("plugin_esi_failureInfo", "[%s]Fetched data related to thread specific %p", __FUNCTION__, fdata);
++
++ for (iter = try_iter->attempt_nodes.begin(); iter != try_iter->attempt_nodes.end(); ++iter) {
++ if ((iter->type == DocNode::TYPE_INCLUDE) || iter->type == DocNode::TYPE_SPECIAL_INCLUDE) {
++@@ -473,7 +473,7 @@ EsiProcessor::flush(string &data, int &o
++ }
++ }
++ if (attempt_succeeded) {
++- _debugLog(_debug_tag, "[%s] attempt section succeded; using attempt section", __FUNCTION__);
+++ _debugLog(_debug_tag, "[%s] attempt section succeeded; using attempt section", __FUNCTION__);
++ _n_prescanned_nodes = _n_prescanned_nodes + try_iter->attempt_nodes.size();
++ _node_list.splice(try_iter->pos, try_iter->attempt_nodes);
++ } else {
++--- a/plugins/esi/lib/Variables.cc
+++++ b/plugins/esi/lib/Variables.cc
++@@ -437,18 +437,18 @@ Variables::_parseDictVariable(const std:
++ for (int i = 0; i < (var_size - 1); ++i) {
++ if (variable[i] == '{') {
++ if (paranth_index != -1) {
++- _debugLog(_debug_tag, "[%s] Cannot have multiple paranthesis in dict variable [%.*s]", __FUNCTION__, var_size, var_ptr);
+++ _debugLog(_debug_tag, "[%s] Cannot have multiple parenthesis in dict variable [%.*s]", __FUNCTION__, var_size, var_ptr);
++ return false;
++ }
++ paranth_index = i;
++ }
++ if (variable[i] == '}') {
++- _debugLog(_debug_tag, "[%s] Cannot have multiple paranthesis in dict variable [%.*s]", __FUNCTION__, var_size, var_ptr);
+++ _debugLog(_debug_tag, "[%s] Cannot have multiple parenthesis in dict variable [%.*s]", __FUNCTION__, var_size, var_ptr);
++ return false;
++ }
++ }
++ if (paranth_index == -1) {
++- _debugLog(_debug_tag, "[%s] Could not find opening paranthesis in variable [%.*s]", __FUNCTION__, var_size, var_ptr);
+++ _debugLog(_debug_tag, "[%s] Could not find opening parenthesis in variable [%.*s]", __FUNCTION__, var_size, var_ptr);
++ return false;
++ }
++ if (paranth_index == 0) {
++--- a/plugins/experimental/collapsed_forwarding/collapsed_forwarding.cc
+++++ b/plugins/experimental/collapsed_forwarding/collapsed_forwarding.cc
++@@ -353,7 +353,7 @@ TSRemapInit(TSRemapInterface * /* api_in
++ TSError("Cannot initialize %s as both global and remap plugin", DEBUG_TAG);
++ return TS_ERROR;
++ } else {
++- TSDebug(DEBUG_TAG, "plugin is succesfully initialized for remap");
+++ TSDebug(DEBUG_TAG, "plugin is successfully initialized for remap");
++ return TS_SUCCESS;
++ }
++ }
++--- a/plugins/experimental/fq_pacing/fq_pacing.c
+++++ b/plugins/experimental/fq_pacing/fq_pacing.c
++@@ -118,7 +118,7 @@ TSRemapInit(TSRemapInterface *api_info,
++ return TS_ERROR;
++ }
++
++- TSDebug(PLUGIN_NAME, "plugin is succesfully initialized");
+++ TSDebug(PLUGIN_NAME, "plugin is successfully initialized");
++ return TS_SUCCESS;
++ }
++
++--- a/plugins/experimental/header_normalize/header_normalize.cc
+++++ b/plugins/experimental/header_normalize/header_normalize.cc
++@@ -158,7 +158,7 @@ TSRemapInit(TSRemapInterface *api_info,
++ return TS_ERROR;
++ }
++ buildHdrMap();
++- TSDebug(PLUGIN_NAME, "plugin is succesfully initialized");
+++ TSDebug(PLUGIN_NAME, "plugin is successfully initialized");
++ return TS_SUCCESS;
++ }
++
++--- a/plugins/experimental/prefetch/plugin.cc
+++++ b/plugins/experimental/prefetch/plugin.cc
++@@ -202,7 +202,7 @@ evaluate(const String &v)
++ } else {
++ stmt.assign(v);
++ }
++- PrefetchDebug("statement: '%s', formating length: %zu", stmt.c_str(), len);
+++ PrefetchDebug("statement: '%s', formatting length: %zu", stmt.c_str(), len);
++
++ int result = 0;
++ pos = stmt.find_first_of("+-");
++--- a/plugins/experimental/url_sig/url_sig.c
+++++ b/plugins/experimental/url_sig/url_sig.c
++@@ -98,7 +98,7 @@ TSRemapInit(TSRemapInterface *api_info,
++ return TS_ERROR;
++ }
++
++- TSDebug(PLUGIN_NAME, "plugin is succesfully initialized");
+++ TSDebug(PLUGIN_NAME, "plugin is successfully initialized");
++ return TS_SUCCESS;
++ }
++
++--- a/plugins/generator/generator.cc
+++++ b/plugins/generator/generator.cc
++@@ -609,7 +609,7 @@ GeneratorTxnHook(TSCont contp, TSEvent e
++ TSReleaseAssert(TSHttpTxnCacheLookupStatusGet(arg.txn, &status) == TS_SUCCESS);
++ if (status != TS_CACHE_LOOKUP_HIT_FRESH) {
++ // This transaction is going to be a cache miss, so intercept it.
++- VDEBUG("intercepting orgin server request for txn=%p", arg.txn);
+++ VDEBUG("intercepting origin server request for txn=%p", arg.txn);
++ TSHttpTxnServerIntercept(TSContCreate(GeneratorInterceptionHook, TSMutexCreate()), arg.txn);
++ }
++
++--- a/plugins/header_rewrite/header_rewrite.cc
+++++ b/plugins/header_rewrite/header_rewrite.cc
++@@ -345,7 +345,7 @@ TSPluginInit(int argc, const char *argv[
++ // just appended to the configurations.
++ TSDebug(PLUGIN_NAME, "Loading global configuration file %s", argv[i]);
++ if (conf->parse_config(argv[i], TS_HTTP_READ_RESPONSE_HDR_HOOK)) {
++- TSDebug(PLUGIN_NAME, "Succesfully loaded global config file %s", argv[i]);
+++ TSDebug(PLUGIN_NAME, "Successfully loaded global config file %s", argv[i]);
++ got_config = true;
++ } else {
++ TSError("[header_rewrite] failed to parse configuration file %s", argv[i]);
++@@ -416,7 +416,7 @@ TSRemapNewInstance(int argc, char *argv[
++ delete conf;
++ return TS_ERROR;
++ } else {
++- TSDebug(PLUGIN_NAME, "Succesfully loaded remap config file %s", argv[i]);
+++ TSDebug(PLUGIN_NAME, "Successfully loaded remap config file %s", argv[i]);
++ }
++ }
++
++--- a/plugins/s3_auth/s3_auth.cc
+++++ b/plugins/s3_auth/s3_auth.cc
++@@ -869,7 +869,7 @@ event_handler(TSCont cont, TSEvent event
++ }
++
++ if (TS_HTTP_STATUS_OK == status) {
++- TSDebug(PLUGIN_NAME, "Succesfully signed the AWS S3 URL");
+++ TSDebug(PLUGIN_NAME, "Successfully signed the AWS S3 URL");
++ } else {
++ TSDebug(PLUGIN_NAME, "Failed to sign the AWS S3 URL, status = %d", status);
++ TSHttpTxnStatusSet(txnp, status);
++--- a/src/traffic_cache_tool/CacheTool.cc
+++++ b/src/traffic_cache_tool/CacheTool.cc
++@@ -869,7 +869,7 @@ Span::updateHeader()
++ zret.push(0, errno, "Failed to update span - ", strerror(errno));
++ }
++ } else {
++- std::cout << "Writing not enabled, no updates perfomed" << std::endl;
+++ std::cout << "Writing not enabled, no updates performed" << std::endl;
++ }
++ return zret;
++ }
++--- a/src/traffic_crashlog/traffic_crashlog.cc
+++++ b/src/traffic_crashlog/traffic_crashlog.cc
++@@ -198,7 +198,7 @@ main(int /* argc ATS_UNUSED */, const ch
++ mgmterr = TSInit(nullptr, (TSInitOptionT)(TS_MGMT_OPT_NO_EVENTS | TS_MGMT_OPT_NO_SOCK_TESTS));
++ if (mgmterr != TS_ERR_OKAY) {
++ char *msg = TSGetErrorMessage(mgmterr);
++- Warning("failed to intialize management API: %s", msg);
+++ Warning("failed to initialize management API: %s", msg);
++ TSfree(msg);
++ }
++
++--- a/src/traffic_logstats/logstats.cc
+++++ b/src/traffic_logstats/logstats.cc
++@@ -1839,7 +1839,7 @@ process_file(int in_fd, off_t offset, un
++ unsigned second_read_size = sizeof(LogBufferHeader) - first_read_size;
++ nread = read(in_fd, &buffer[first_read_size], second_read_size);
++ if (!nread || EOF == nread) {
++- Debug("logstats", "Second read of header failed (attemped %d bytes at offset %d, got nothing), errno=%d.", second_read_size,
+++ Debug("logstats", "Second read of header failed (attempted %d bytes at offset %d, got nothing), errno=%d.", second_read_size,
++ first_read_size, errno);
++ return 1;
++ }
++--- a/src/traffic_manager/traffic_manager.cc
+++++ b/src/traffic_manager/traffic_manager.cc
++@@ -142,7 +142,7 @@ rotateLogs()
++ if (kill(tspid, SIGUSR2) != 0) {
++ mgmt_log("Could not send SIGUSR2 to TS: %s", strerror(errno));
++ } else {
++- mgmt_log("Succesfully sent SIGUSR2 to TS!");
+++ mgmt_log("Successfully sent SIGUSR2 to TS!");
++ }
++ }
++ }
++--- a/src/traffic_server/CoreUtils.h
+++++ b/src/traffic_server/CoreUtils.h
++@@ -44,7 +44,7 @@
++ #define PC_REGNUM 12 /* Contains program counter EIP */
++ #define FP_REGNUM 5 /* Virtual frame pointer EBP */
++ #define NO_OF_ARGS \
++- 10 /* The argument depth upto which we would be looking into \
+++ 10 /* The argument depth up to which we would be looking into \
++ the stack */
++
++ // contains local and in registers, frame pointer, and stack base
++@@ -63,7 +63,7 @@ struct core_stack_state {
++ #include <assert.h>
++
++ #define NO_OF_ARGS \
++- 10 /* The argument depth upto which we would be looking into \
+++ 10 /* The argument depth up to which we would be looking into \
++ the stack */
++
++ // contains local and in registers, frame pointer, and stack base
++--- a/src/traffic_server/InkAPITest.cc
+++++ b/src/traffic_server/InkAPITest.cc
++@@ -4243,7 +4243,7 @@ REGRESSION_TEST(SDK_API_TSHttpHdr)(Regre
++ SDK_RPRINT(test, "TSHttpHdrUrlSet&Get", "TestCase1", TC_FAIL, "TSHttpHdrUrlSet returns TS_ERROR");
++ } else {
++ if (TSHttpHdrUrlGet(bufp1, hdr_loc1, &url_loc_Get) != TS_SUCCESS) {
++- SDK_RPRINT(test, "TSHttpHdrUrlSet&Get", "TestCase1", TC_FAIL, "TSHttpHdrUrlGet retuns TS_ERROR");
+++ SDK_RPRINT(test, "TSHttpHdrUrlSet&Get", "TestCase1", TC_FAIL, "TSHttpHdrUrlGet returns TS_ERROR");
++ } else {
++ if (url_loc == url_loc_Get) {
++ SDK_RPRINT(test, "TSHttpHdrUrlSet&Get", "TestCase1", TC_PASS, "ok");
++--- a/src/tscore/ArgParser.cc
+++++ b/src/tscore/ArgParser.cc
++@@ -154,7 +154,7 @@ ArgParser::parse(const char **argv)
++ };
++ // if there is anything left, then output usage
++ if (!args.empty()) {
++- std::string msg = "Unkown command, option or args:";
+++ std::string msg = "Unknown command, option or args:";
++ for (auto it : args) {
++ msg = msg + " '" + it + "'";
++ }
++--- a/iocore/net/Socks.cc
+++++ b/iocore/net/Socks.cc
++@@ -694,7 +694,7 @@ socks5PasswdAuthHandler(int event, unsig
++ // NEC thinks it is 5 RFC seems to indicate 1.
++ switch (p[1]) {
++ case 0:
++- Debug("Socks", "Username/Passwd succeded");
+++ Debug("Socks", "Username/Passwd succeeded");
++ *h_ptr = nullptr;
++ break;
++
++--- a/iocore/net/UnixUDPNet.cc
+++++ b/iocore/net/UnixUDPNet.cc
++@@ -628,7 +628,7 @@ UDPNetProcessor::CreateUDPSocket(int *re
++ }
++
++ if (safe_getsockname(fd, &local_addr.sa, &local_addr_len) < 0) {
++- Debug("udpnet", "CreateUdpsocket: getsockname didnt' work");
+++ Debug("udpnet", "CreateUdpsocket: getsockname didn't work");
++ goto HardError;
++ }
++ }
++--- a/mgmt/Rollback.cc
+++++ b/mgmt/Rollback.cc
++@@ -133,7 +133,7 @@ Rollback::Rollback(const char *fileName_
++ mgmt_log("[RollBack::Rollback] Automatic Rollback to prior version failed for %s : %s\n", fileName, strerror(errno));
++ needZeroLength = true;
++ } else {
++- mgmt_log("[RollBack::Rollback] Automatic Rollback to version succeded for %s\n", fileName, strerror(errno));
+++ mgmt_log("[RollBack::Rollback] Automatic Rollback to version succeeded for %s\n", fileName, strerror(errno));
++ needZeroLength = false;
++ highestSeen--;
++ // Since we've made the highestVersion active
++--- a/proxy/logging/LogBuffer.cc
+++++ b/proxy/logging/LogBuffer.cc
++@@ -270,7 +270,7 @@ LogBuffer::checkout_write(size_t *write_
++ }
++
++ if (switch_state(old_s, new_s)) {
++- // we succeded in setting the new state
+++ // we succeeded in setting the new state
++ break;
++ }
++ }
++--- a/proxy/logging/LogObject.cc
+++++ b/proxy/logging/LogObject.cc
++@@ -421,7 +421,7 @@ LogObject::_checkout_write(size_t *write
++
++ switch (result_code) {
++ case LogBuffer::LB_OK:
++- // checkout succeded
+++ // checkout succeeded
++ retry = false;
++ break;
++
++--- a/doc/admin-guide/plugins/header_rewrite.en.rst
+++++ b/doc/admin-guide/plugins/header_rewrite.en.rst
++@@ -330,7 +330,7 @@ The data that can be checked is ::
++ %{INBOUND:REMOTE-PORT} The client port for the connection.
++ %{INBOUND:TLS} The TLS protocol if the connection is over TLS, otherwise the empty string.
++ %{INBOUND:H2} The string "h2" if the connection is HTTP/2, otherwise the empty string.
++- %{INBOUND:IPV4} The string "ipv4" if the connection is IPv4, otherwise the emtpy string.
+++ %{INBOUND:IPV4} The string "ipv4" if the connection is IPv4, otherwise the empty string.
++ %{INBOUND:IPV6} The string "ipv6" if the connection is IPv6, otherwise the empty string.
++ %{INBOUND:IP-FAMILY} The IP family, either "ipv4" or "ipv6".
++ %{INBOUND:STACK} The full protocol stack separated by ','.
++@@ -854,7 +854,7 @@ Variable Description
++ %<INBOUND:TLS> The TLS protocol for the inbound connection if it is over TLS, otherwise the
++ empty string.
++ %<INBOUND:H2> The string "h2" if the inbound connection is HTTP/2, otherwise the empty string.
++-%<INBOUND:IPV4> The string "ipv4" if the inbound connection is IPv4, otherwise the emtpy string.
+++%<INBOUND:IPV4> The string "ipv4" if the inbound connection is IPv4, otherwise the empty string.
++ %<INBOUND:IPV6> The string "ipv6" if the inbound connection is IPv6, otherwise the empty string.
++ %<INBOUND:IP-FAMILY> The IP family of the inbound connection (either "ipv4" or "ipv6").
++ %<INBOUND:STACK> The full protocol stack of the inbound connection separated by ','.
++--- a/iocore/dns/SplitDNS.cc
+++++ b/iocore/dns/SplitDNS.cc
++@@ -339,7 +339,7 @@ SplitDNSRecord::ProcessDNSHosts(char *va
++ if (tmp - current > (MAXDNAME - 1)) {
++ return "DNS server name (ip) is too long";
++ } else if (tmp - current == 0) {
++- return "server string is emtpy";
+++ return "server string is empty";
++ }
++ *tmp = 0;
++ }
++--- a/lib/records/RecHttp.cc
+++++ b/lib/records/RecHttp.cc
++@@ -435,7 +435,7 @@ HttpProxyPort::processOptions(const char
++ if (in_ip_set_p && m_family != m_inbound_ip.family()) {
++ std::string_view iname{ats_ip_family_name(m_inbound_ip.family())};
++ std::string_view fname{ats_ip_family_name(m_family)};
++- Warning("Invalid port descriptor '%s' - the inbound adddress family [%.*s] is not the same type as the explicit family value "
+++ Warning("Invalid port descriptor '%s' - the inbound address family [%.*s] is not the same type as the explicit family value "
++ "[%.*s]",
++ opts, static_cast<int>(iname.size()), iname.data(), static_cast<int>(fname.size()), fname.data());
++ zret = false;
++--- a/proxy/ParentSelection.cc
+++++ b/proxy/ParentSelection.cc
++@@ -517,7 +517,7 @@ ParentRecord::ProcessParents(char *val,
++ errPtr = "Parent hostname is too long";
++ goto MERROR;
++ } else if (tmp - current == 0) {
++- errPtr = "Parent string is emtpy";
+++ errPtr = "Parent string is empty";
++ goto MERROR;
++ }
++ // Update the pRecords
++--- a/src/tscore/HostLookup.cc
+++++ b/src/tscore/HostLookup.cc
++@@ -50,7 +50,7 @@ domaincmp(const char *hostname, const ch
++ const char *host_cur = hostname + strlen(hostname);
++ const char *domain_cur = domain + strlen(domain);
++
++- // Check to see if were passed emtpy stings for either
+++ // Check to see if were passed empty stings for either
++ // argument. Empty strings do not match anything
++ //
++ if (domain_cur == domain || host_cur == hostname) {
++@@ -380,7 +380,7 @@ charIndex::Insert(const char *match_data
++
++ // Check to see if are at the level we supposed be at
++ if (*(match_data + 1) == '\0') {
++- // The slot should always be emtpy, no duplicate
+++ // The slot should always be empty, no duplicate
++ // keys are allowed
++ ink_assert(cur->branch_array[index] == nullptr);
++ cur->branch_array[index] = toInsert;
++--- a/build/pkg.m4
+++++ b/build/pkg.m4
++@@ -53,7 +53,7 @@ fi[]dnl
++ # to PKG_CHECK_MODULES(), but does not set variables or print errors.
++ #
++ # Please remember that m4 expands AC_REQUIRE([PKG_PROG_PKG_CONFIG])
++-# only at the first occurence in configure.ac, so if the first place
+++# only at the first occurrence in configure.ac, so if the first place
++ # it's called might be skipped (such as if it is within an "if", you
++ # have to call PKG_CHECK_EXISTS manually
++ # --------------------------------------------------------------
++--- a/include/tscpp/util/TextView.h
+++++ b/include/tscpp/util/TextView.h
++@@ -264,7 +264,7 @@ public:
++ self_type prefix(size_t n) const;
++ /// Convenience overload to avoid ambiguity for literal numbers.
++ self_type prefix(int n) const;
++- /** Get the prefix delimited by the first occurence of the character @a c.
+++ /** Get the prefix delimited by the first occurrence of the character @a c.
++
++ If @a c is not found the entire view is returned.
++ The delimiter character is not included in the returned view.
++@@ -272,7 +272,7 @@ public:
++ @return A view of the prefix.
++ */
++ self_type prefix(char c) const;
++- /** Get the prefix delimited by the first occurence of a character in @a delimiters.
+++ /** Get the prefix delimited by the first occurrence of a character in @a delimiters.
++
++ If no such character is found the entire view is returned.
++ The delimiter character is not included in the returned view.
++--- a/iocore/cache/CacheVol.cc
+++++ b/iocore/cache/CacheVol.cc
++@@ -400,7 +400,7 @@ CacheVC::scanOpenWrite(int /* event ATS_
++ // get volume lock
++ if (writer_lock_retry > SCAN_WRITER_LOCK_MAX_RETRY) {
++ int r = _action.continuation->handleEvent(CACHE_EVENT_SCAN_OPERATION_BLOCKED, nullptr);
++- Debug("cache_scan", "still havent got the writer lock, asking user..");
+++ Debug("cache_scan", "still haven't got the writer lock, asking user..");
++ switch (r) {
++ case CACHE_SCAN_RESULT_RETRY:
++ writer_lock_retry = 0;
++--- a/iocore/eventsystem/I_IOBuffer.h
+++++ b/iocore/eventsystem/I_IOBuffer.h
++@@ -680,7 +680,7 @@ public:
++ /**
++ Perform a memchr() across the list of IOBufferBlocks. Returns the
++ offset from the current start point of the reader to the first
++- occurence of character 'c' in the buffer.
+++ occurrence of character 'c' in the buffer.
++
++ @param c character to look for.
++ @param len number of characters to check. If len exceeds the number
++--- a/iocore/net/OCSPStapling.cc
+++++ b/iocore/net/OCSPStapling.cc
++@@ -99,7 +99,7 @@ stapling_get_issuer(SSL_CTX *ssl_ctx, X5
++
++ #ifdef SSL_CTX_select_current_cert
++ if (!SSL_CTX_select_current_cert(ssl_ctx, x)) {
++- Warning("OCSP: could not select current certifcate chain %p", x);
+++ Warning("OCSP: could not select current certificate chain %p", x);
++ }
++ #endif
++
++--- a/mgmt/Alarms.cc
+++++ b/mgmt/Alarms.cc
++@@ -297,7 +297,7 @@ Alarms::signalAlarm(alarm_t a, const cha
++ (*(func))(a, ip, desc);
++ }
++
++- /* Priority 2 alarms get signalled if they are the first unsolved occurence. */
+++ /* Priority 2 alarms get signalled if they are the first unsolved occurrence. */
++ if (priority == 2 && !ip) {
++ execAlarmBin(desc);
++ }
++--- a/proxy/http/HttpSessionManager.cc
+++++ b/proxy/http/HttpSessionManager.cc
++@@ -204,7 +204,7 @@ ServerSessionPool::eventHandler(int even
++ if (connection_count_below_min) {
++ Debug("http_ss",
++ "[%" PRId64 "] [session_bucket] session received io notice [%s], "
++- "reseting timeout to maintain minimum number of connections",
+++ "resetting timeout to maintain minimum number of connections",
++ s->con_id, HttpDebugNames::get_event_name(event));
++ s->get_netvc()->set_inactivity_timeout(s->get_netvc()->get_inactivity_timeout());
++ s->get_netvc()->set_active_timeout(s->get_netvc()->get_active_timeout());
++--- a/plugins/lua/ts_lua_transform.c
+++++ b/plugins/lua/ts_lua_transform.c
++@@ -89,7 +89,7 @@ ts_lua_transform_handler(TSCont contp, t
++ empty_input = 0;
++ if (!TSVIOBufferGet(input_vio)) {
++ if (transform_ctx->output.vio) {
++- TSDebug(TS_LUA_DEBUG_TAG, "[%s] reenabling ouput VIO after input VIO does not exist", __FUNCTION__);
+++ TSDebug(TS_LUA_DEBUG_TAG, "[%s] reenabling output VIO after input VIO does not exist", __FUNCTION__);
++ TSVIONBytesSet(transform_ctx->output.vio, transform_ctx->total);
++ TSVIOReenable(transform_ctx->output.vio);
++ return 0;
++--- a/proxy/hdrs/HdrHeap.cc
+++++ b/proxy/hdrs/HdrHeap.cc
++@@ -965,7 +965,7 @@ HdrHeap::unmarshal(int buf_length, int o
++ // Nothing to do
++ break;
++ default:
++- fprintf(stderr, "WARNING: Unmarshal failed due to unknow obj type %d after %d bytes", (int)obj->m_type,
+++ fprintf(stderr, "WARNING: Unmarshal failed due to unknown obj type %d after %d bytes", (int)obj->m_type,
++ (int)(obj_data - (char *)this));
++ dump_heap(unmarshal_size);
++ return -1;
--- /dev/null
--- /dev/null
++Description: Fix Perl interpreter path
++Author: Jean Baptiste Favre <debian@jbfavre.org>
++Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
++Last-Update: 2019-01-03
++---
++This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
++--- a/tools/tspush
+++++ b/tools/tspush
++@@ -1,4 +1,4 @@
++-#!/usr/bin/env perl
+++#!/usr/bin/perl
++
++ #
++ # Licensed to the Apache Software Foundation (ASF) under one
--- /dev/null
--- /dev/null
++Description: Update compilation chain after embedded libyamlcpp removal
++Author: Jean Baptiste Favre <debian@jbfavre.org>
++Origin: other
++Reviewed-by: Jean Baptiste Favre <debian@jbfavre.org>
++Last-Update: 2019-01-30
++---
++This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
++--- a/CMakeLists.txt
+++++ b/CMakeLists.txt
++@@ -41,7 +41,6 @@ include_directories(lib
++ proxy/shared
++ lib/records
++ include/wccp
++- lib/yamlcpp/include
++ iocore/eventsystem
++ iocore/net
++ iocore/dns
++--- a/configure.ac
+++++ b/configure.ac
++@@ -2076,7 +2076,6 @@ AC_CONFIG_FILES([
++ include/tscore/ink_config.h
++ lib/tsconfig/Makefile
++ src/wccp/Makefile
++- lib/yamlcpp/Makefile
++ mgmt/Makefile
++ mgmt/api/Makefile
++ mgmt/api/include/Makefile
++--- a/lib/Makefile.am
+++++ b/lib/Makefile.am
++@@ -25,12 +25,6 @@ endif
++ # to prevent Clang Analyzer warning
++ LOCAL =
++
++-if BUILD_YAML_CPP
++-LOCAL += yamlcpp
++-endif
++-
++ all-local: $(LOCAL)
++- $(MAKE) -C yamlcpp
++
++ clean-local:
++- $(MAKE) -C yamlcpp clean
--- /dev/null
--- /dev/null
++Description: Fix test for python 3.8
++Author: Matthias Klose <doko@ubuntu.com>
++Reviewed-by: Jean Baptiste Favre <jbfavre@debian.org>
++Last-Update: 2020-02-03
++---
++This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
++--- a/tests/bootstrap.py
+++++ b/tests/bootstrap.py
++@@ -94,7 +94,8 @@ def command_output(cmd_str):
++
++
++ def get_distro():
++- return linux_distribution()
+++ import distro
+++ return distro.linux_distribution()
++
++
++ def distro_version():
--- /dev/null
--- /dev/null
++0001-Use-mcx16-on-x86-platforms-only.patch
++0003-reproductible-build.patch
++0006-fix-doc-build.patch
++0008-fix-python-check-unused-dependencies.patch
++0009-fix-mysql-8-build.patch
++0011-fix-segfault.patch
++0012-fix-spelling-checks.patch
++0013-fix-perl-interpreter-path.patch
++0014-use_system_yaml-cpp.patch
++0016-fix_python_3.8.patch
++0001-Correctly-handle-encoding-for-cache-hash-generation-.patch
++0002-8.1.x-Fix-a-crash-triggered-by-invalid-range-header-.patch
++0003-Remove-duplicate-slashes-at-the-beginning-of-the-inc.patch
--- /dev/null
--- /dev/null
++#!/usr/bin/make -f
++# -*- makefile -*-
++
++# Uncomment this to turn on verbose mode.
++#export DH_VERBOSE=1
++
++export DEB_BUILD_MAINT_OPTIONS = hardening=+all
++export DEB_CFLAGS_MAINT_APPEND = -O3
++export DEB_CXXFLAGS_MAINT_APPEND = -O3
++# mips & mipsel need explicit libatomic link
++ifeq ($(DEB_HOST_ARCH),$(filter $(DEB_HOST_ARCH),mips mipsel))
++ export DEB_LDFLAGS_MAINT_APPEND += -latomic
++endif
++
++# Get build architecture. ./configure is different on Linux
++include /usr/share/dpkg/architecture.mk
++# Get rid f dpkg-parsechangelog
++include /usr/share/dpkg/pkg-info.mk
++
++configure_flags = \
++ --enable-layout=Debian \
++ --sysconfdir=/etc/trafficserver --libdir=/usr/lib/trafficserver \
++ --libexecdir=/usr/lib/trafficserver/modules \
++ --with-user=root --with-group=root --disable-silent-rules \
++ --enable-experimental-plugins --enable-32bit-build \
++ --enable-mime-sanity-check --enable-docs \
++ --with-build-version=$(DEB_VERSION) \
++ --with-yaml-cpp=/usr \
++ $(shell dpkg-buildflags --export=configure)
++
++ifeq ($(DEB_HOST_ARCH_OS),linux)
++ configure_flags += --enable-wccp
++endif
++
++%:
++ dh $@
++
++override_dh_auto_configure:
++ dh_auto_configure -- $(configure_flags)
++
++override_dh_auto_install:
++ dh_auto_install -- INSTALLDIRS=vendor
++ rm -f debian/tmp/usr/bin/trafficserver # We install our own
++ # Satisfy §10.2 (http://wiki.debian.org/ReleaseGoals/LAFileRemoval)
++ rm -f debian/tmp/usr/lib/trafficserver/lib*.la
++ rm -f debian/tmp/usr/lib/trafficserver/modules/*.la
++ rm -f debian/tmp/usr/lib/trafficserver/lib*.a
++ifneq ($(DEB_HOST_ARCH_OS),linux)
++ # Remove Linux-specific plugin
++ sed -i '/\/healthchecks\.so$$/d' \
++ debian/trafficserver.install
++endif
++
++override_dh_install:
++ dh_install
++ dh_missing --list-missing
++ ./debian/change_config.pl debian/trafficserver/etc/trafficserver/records.config
++ # Lintian fixes
++ mkdir -p debian/trafficserver/usr/share/doc/trafficserver
++ cat CHANGELOG-* >> debian/trafficserver/usr/share/doc/trafficserver/changelog
++ #rm debian/trafficserver-dev/usr/share/doc/trafficserver-dev/examples/ssl-preaccept/ssl_preaccept.config
++ #(cd debian/trafficserver-dev/usr/share/doc/trafficserver-dev/examples/ssl-preaccept/; \
++ #ln -s ssl_preaccept.config ssl_sni.config)
++
++override_dh_fixperms:
++ dh_fixperms -Xvar/lib/trafficserver \
++ -Xvar/log/trafficserver \
++ -Xvar/cache/trafficserver \
++ -Xvar/run/trafficserver
++ # Fix lintian warning
++ chmod -x debian/trafficserver-dev/usr/share/doc/trafficserver-dev/examples/remap_header_add/build.txt
++
++override_dh_installexamples:
++ dh_installexamples -XMakefile -X.libs -X.dirstamp -X.deps -X.la -X.lo
++
++override_dh_makeshlibs:
++ dh_makeshlibs -Xdebian/tmp/usr/lib/trafficserver
++
++override_dh_auto_test:
++ -dh_auto_test
--- /dev/null
--- /dev/null
++---
++include:
++ - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/salsa-ci.yml
++ - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/pipeline-jobs.yml
++
++variables:
++ RELEASE: 'stable'
++ SALSA_CI_DISABLE_APTLY: 1
++ SALSA_CI_DISABLE_BUILD_PACKAGE_I386: 1
++
++reprotest:
++ allow_failure: true
--- /dev/null
--- /dev/null
++3.0 (quilt)
--- /dev/null
--- /dev/null
++--extend-diff-ignore='examples/|diags.log|lib/perl/'
--- /dev/null
--- /dev/null
++example/*
--- /dev/null
--- /dev/null
++debian/tmp/usr/include/*
++debian/tmp/usr/bin/tsxs
++debian/tmp/usr/lib/trafficserver/lib*.so
++debian/tmp/usr/lib/trafficserver/pkgconfig/trafficserver.pc
--- /dev/null
--- /dev/null
++debian/tmp/usr/share/man/man1/tsxs.1
++debian/tmp/usr/share/man/man3/*
--- /dev/null
--- /dev/null
++usr/lib/trafficserver/modules/access_control.so
++usr/lib/trafficserver/modules/acme.so
++usr/lib/trafficserver/modules/balancer.so
++usr/lib/trafficserver/modules/buffer_upload.so
++usr/lib/trafficserver/modules/cache_fill.so
++usr/lib/trafficserver/modules/cache_key_genid.so
++usr/lib/trafficserver/modules/cache_range_requests.so
++usr/lib/trafficserver/modules/certifier.so
++usr/lib/trafficserver/modules/collapsed_forwarding.so
++usr/lib/trafficserver/modules/custom_redirect.so
++usr/lib/trafficserver/modules/fq_pacing.so
++usr/lib/trafficserver/modules/geoip_acl.so
++usr/lib/trafficserver/modules/header_freq.so
++usr/lib/trafficserver/modules/header_normalize.so
++usr/lib/trafficserver/modules/hipes.so
++usr/lib/trafficserver/modules/hook-trace.so
++usr/lib/trafficserver/modules/inliner.so
++usr/lib/trafficserver/modules/tsmemcache.so
++usr/lib/trafficserver/modules/memcached_remap.so
++usr/lib/trafficserver/modules/metalink.so
++usr/lib/trafficserver/modules/money_trace.so
++usr/lib/trafficserver/modules/mp4.so
++usr/lib/trafficserver/modules/multiplexer.so
++usr/lib/trafficserver/modules/mysql_remap.so
++usr/lib/trafficserver/modules/prefetch.so
++usr/lib/trafficserver/modules/remap_purge.so
++usr/lib/trafficserver/modules/remap_stats.so
++usr/lib/trafficserver/modules/server_push_preload.so
++usr/lib/trafficserver/modules/slice.so
++usr/lib/trafficserver/modules/ssl_cert_loader.so
++usr/lib/trafficserver/modules/sslheaders.so
++usr/lib/trafficserver/modules/stale_while_revalidate.so
++usr/lib/trafficserver/modules/stream_editor.so
++usr/lib/trafficserver/modules/system_stats.so
++usr/lib/trafficserver/modules/tls_bridge.so
++usr/lib/trafficserver/modules/traffic_dump.so
++usr/lib/trafficserver/modules/uri_signing.so
++usr/lib/trafficserver/modules/url_sig.so
--- /dev/null
--- /dev/null
++## Defaults for trafficserver initscript
++## sourced by /etc/init.d/trafficserver
++## installed at /etc/default/trafficserver by the maintainer scripts
++
++##
++## This is a POSIX shell fragment
++##
++
++## Variable: RUNDIR
++## Default: /var/run/trafficserver
++## Description: Set this to the directory where runtime data is stored. The
++## default value should work fine for almost all users.
++# RUNDIR=/var/run/trafficserver
++
++
++## Configuration for `traffic_manager'.
++## Meaning of variables is analogous to traffic_cop above, but for the
++## `traffic_manager' binary.
++
++TM_START=yes
++# TM_DAEMON_ARGS=""
++# TM_PIDFILE=$RUNDIR/manager.lock
++
++##
++## NOTICE:
++## Typically you do not want to configure anything below. Note, generally Traffic
++## Server is started through `traffic_cop' which is a watchdog to control any local
++## Traffic Server instances. It starts both, traffic_manager and traffic_server, as
++## does it monitor these processes. While it is generally not advised, you can
++## choose to manage both processes yourself. In such cases do not set TC_START to
++## "yes" and enable any service you want below.
++##
++## Choose either alternative, but do not mix up both.
++
++## Configuration for `traffic_server'.
++## Meaning of variables is analogous to traffic_cop above, but for the
++## `traffic_server' binary.
++
++# TS_START=no
++# TS_DAEMON_ARGS=""
++# TS_PIDFILE=$RUNDIR/server.lock
--- /dev/null
--- /dev/null
++/var/cache/trafficserver
++/var/log/trafficserver
--- /dev/null
--- /dev/null
++plugins/experimental/cacheurl/*.example
++plugins/experimental/mysql_remap/sample.ini
--- /dev/null
--- /dev/null
++#! /bin/sh
++
++### BEGIN INIT INFO
++# Provides: trafficserver
++# Required-Start: $remote_fs $syslog
++# Required-Stop: $remote_fs $syslog
++# Default-Start: 2 3 4 5
++# Default-Stop: 0 1 6
++# Short-Description: init script for the Apache Traffic Server
++# Description: Apache Traffic Server is fast, scalable and extensible
++# HTTP/1.1 compliant caching proxy server.
++### END INIT INFO
++
++# Author: Arno Töll <debian@toell.net>
++#
++# This init script is derived from the source package's version shipped
++# along the source tarball as rc/trafficserver. Therefore it is a derivative
++# work and licensed as follows:
++#
++#
++# Licensed to the Apache Software Foundation (ASF) under one or more
++# contributor license agreements. See the NOTICE file distributed with
++# this work for additional information regarding copyright ownership.
++# The ASF licenses this file to You under the Apache License, Version 2.0
++# (the "License"); you may not use this file except in compliance with
++# the License. You may obtain a copy of the License at
++#
++# http://www.apache.org/licenses/LICENSE-2.0
++#
++# Unless required by applicable law or agreed to in writing, software
++# distributed under the License is distributed on an "AS IS" BASIS,
++# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++# See the License for the specific language governing permissions and
++# limitations under the License.
++
++PATH=/sbin:/usr/sbin:/bin:/usr/bin
++DESC="Apache Traffic Server"
++NAME=trafficserver
++SCRIPTNAME=/etc/init.d/$NAME
++
++
++# Please do not touch TS_ROOT and TS_BASE. Traffic Server uses them
++# They are used to determine location of ATS components on the file
++# system.
++# According to DPM § 9.9 a program must not depend on the existance of
++# environment variables to work properly. Please report any errors if
++# you experience such a problem, for me it seems to work just fine with-
++# out
++ESED=/usr/bin/sed
++test -x $ESED || ESED=sed
++TS_PREFIX="/usr"
++TS_ROOT=${TS_ROOT:-$TS_PREFIX}
++
++# TS_BASE is offset inside the file system from where the layout starts
++# For standard installations TS_BASE will be empty
++eval TS_BASE="`echo $TS_ROOT | ${ESED} -e 's;/usr$;;'`"
++
++# Set some safe defaults. So not change values here, override them in
++# in /etc/default/trafficserver instead.
++# See there for a documentation as well
++
++RUNDIR=${RUNDIR:-$TS_BASE/var/run/trafficserver}
++
++TM_START=${TM_START:-no}
++TM_NAME=${TM_NAME:-traffic_manager}
++TM_DAEMON=${TM_DAEMON:-$TS_BASE/usr/bin/traffic_manager}
++TM_DAEMON_ARGS=""
++TM_PIDFILE=${TM_PIDFILE:-$RUNDIR/manager.lock}
++
++TS_START=${TS_START:-no}
++TS_NAME=${TS_NAME:-traffic_server}
++TS_DAEMON=${TS_DAEMON:-$TS_BASE/usr/bin/traffic_server}
++TS_DAEMON_ARGS=""
++TS_PIDFILE=${TS_PIDFILE:-$RUNDIR/server.lock}
++
++# Exit if the package is not installed
++[ -x "$TM_DAEMON" ] || exit 0
++
++
++# Read configuration variable file if it is present
++[ -r /etc/default/$NAME ] && . /etc/default/$NAME
++
++# Load the VERBOSE setting and other rcS variables
++. /lib/init/vars.sh
++
++# Define LSB log_* functions.
++. /lib/lsb/init-functions
++
++# Check permissions of /etc/trafficserver.
++# Traffic Server needs write permissions, so warn the user if we suppose it
++# wouldn't.
++# The sysadmin is welcome to change the user ID that ATS uses. However to do that
++# in a clean and supported way, the administrator should overwrite the `stat override'
++# Debian installs by default in Trafficserver's postinst maintainer script.
++# Print a warning only.
++# Since this can't be safely determined by this script print a warning only, but
++# don't fail.
++CONF_DIR='/etc/trafficserver'
++USER=$(dpkg-statoverride --list "$CONF_DIR" | awk '{print $1}')
++OWNER=$(env stat -c '%U' "$CONF_DIR")
++if [ -d "$CONF_DIR" ] && [ ! "x$OWNER" = "x$USER" ] ; then
++ log_warning_msg "Configuration directory '$CONF_DIR' is not owned by user '$USER'. " \
++ "However Traffic Server needs write permissions to it."
++fi
++
++
++# Make sure $RUNDIR exists as the underlying file system
++# may be volatile (see § 9.3.2 from DPM)
++install -d -o trafficserver -g trafficserver -m 0755 "$RUNDIR"
++
++
++# A helper function, its purpose is to start a daemon.
++# Arguments are interpreted in order as follows:
++# 1) The executable path
++# 2) A string containing optional daemon arguments
++# 3) A (valid) path containing the PID file for the daemon
++# Returns:
++# 0 if daemon has been started
++# 1 if daemon was already running
++# 2 if daemon could not be started
++start_cmd()
++{
++ # Args
++ DAEMON=$1
++ DAEMON_ARGS=$2
++ PID=$3
++
++ #echo "\n\n"
++ #echo "d:" $DAEMON
++ #echo "da:" $DAEMON_ARGS
++ #echo "pid:" $PID
++
++ start-stop-daemon --start --quiet --pidfile $PID --exec $DAEMON --test > /dev/null \
++ || return 1
++ start-stop-daemon --start --quiet --background --pidfile $PID --exec $DAEMON -- \
++ $DAEMON_ARGS \
++ || return 2
++
++ return 0
++}
++
++
++# A helper function, its purpose is to stop a daemon.
++# Arguments are interpreted in order as follows:
++# 1) The daemon name (i.e. the binary name)
++# 2) The executable path
++# 3) A (valid) path containing the PID file for the daemon
++# Returns:
++# 0 if daemon has been stopped
++# 1 if daemon was already stopped
++# 2 if daemon could not be stopped
++# Another value if a failure occurred
++stop_cmd()
++{
++ NAME=$1
++ DAEMON=$2
++ PID=$3
++
++ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PID --name $NAME
++ RETVAL="$?"
++ [ "$RETVAL" = 2 ] && return 2
++
++ start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
++ [ "$?" = 2 ] && return 2
++
++ # Many daemons don't delete their pidfiles when they exit.
++ rm -f $PID
++ return "$RETVAL"
++}
++
++# The start function
++# This function does everything required to bring up the service
++# at boot time.
++# It does not accept any arguments
++do_start() {
++ if [ "x$TM_START" != "xno" ]; then
++ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $TM_NAME"
++ start_cmd "$TM_DAEMON" "$TM_DAEMON_ARGS" "$TM_PIDFILE"
++ case "$?" in
++ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
++ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
++ esac
++ fi
++
++ if [ "x$TS_START" != "xno" ]; then
++ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $TS_NAME"
++ start_cmd "$TS_DAEMON" "$TS_DAEMON_ARGS" "$TS_PIDFILE"
++ case "$?" in
++ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
++ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
++ esac
++ fi
++}
++
++
++# The stop function
++# This function does everything required to stop the service.
++# It does not accept any arguments
++do_stop() {
++ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $TM_NAME"
++ stop_cmd "$TM_NAME" "$TM_DAEMON" "$TM_PIDFILE"
++ case "$?" in
++ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
++ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
++ esac
++
++ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $TS_NAME"
++ stop_cmd "$TS_NAME" "$TS_DAEMON" "$TS_PIDFILE"
++ case "$?" in
++ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
++ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
++ esac
++}
++
++case "$1" in
++ start)
++ if [ "x$TM_START" = "xno" ] && [ "x$TS_START" = "xno" ]; then
++ [ "$VERBOSE" != no ] && log_warning_msg "Not starting $DESC"
++ else
++ do_start
++ fi
++ ;;
++ stop)
++ do_stop
++ ;;
++ status)
++ if [ "x$TM_START" != "xno" ] ; then
++ status_of_proc "$TM_DAEMON" "$TM_NAME" -p "$TM_PIDFILE" && exit 0 || exit $?
++ else
++ status_of_proc "$TS_DAEMON" "$TS_NAME" -p "$TS_PIDFILE" || exit $?
++ fi
++ ;;
++ restart|force-reload)
++ log_daemon_msg "Restarting $DESC" "$NAME\n"
++ do_stop
++ case "$?" in
++ 0|1)
++ do_start
++ case "$?" in
++ 0) log_end_msg 0 ;;
++ 1) log_end_msg 1 ;; # Old process is still running
++ *) log_end_msg 1 ;; # Failed to start
++ esac
++ ;;
++ *)
++ # Failed to stop
++ log_end_msg 1
++ ;;
++ esac
++ ;;
++ *)
++ echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
++ exit 3
++ ;;
++esac
++
++:
--- /dev/null
--- /dev/null
++usr/bin/traffic_*
++usr/bin/tspush
++etc/trafficserver/*
++usr/lib/trafficserver/lib*.so.*
++usr/lib/trafficserver/modules/authproxy.so
++usr/lib/trafficserver/modules/background_fetch.so
++usr/lib/trafficserver/modules/cachekey.so
++usr/lib/trafficserver/modules/cache_promote.so
++usr/lib/trafficserver/modules/combo_handler.so
++usr/lib/trafficserver/modules/compress.so
++usr/lib/trafficserver/modules/conf_remap.so
++usr/lib/trafficserver/modules/escalate.so
++usr/lib/trafficserver/modules/esi.so
++usr/lib/trafficserver/modules/generator.so
++usr/lib/trafficserver/modules/header_rewrite.so
++usr/lib/trafficserver/modules/healthchecks.so
++usr/lib/trafficserver/modules/libloader.so
++usr/lib/trafficserver/modules/regex_remap.so
++usr/lib/trafficserver/modules/regex_revalidate.so
++usr/lib/trafficserver/modules/s3_auth.so
++usr/lib/trafficserver/modules/stats_over_http.so
++usr/lib/trafficserver/modules/tcpinfo.so
++usr/lib/trafficserver/modules/test_cppapi.so
++usr/lib/trafficserver/modules/tslua.so
++usr/lib/trafficserver/modules/xdebug.so
++usr/lib/perl5/* usr/share/perl5/
--- /dev/null
--- /dev/null
++rm_conffile /etc/trafficserver/vaddrs.config 8.0.0~ trafficserver
++rm_conffile /etc/trafficserver/metrics.config 8.0.0~ trafficserver
++rm_conffile /etc/trafficserver/logging.config 8.0.0~ trafficserver
++rm_conffile /etc/trafficserver/log_hosts.config 8.0.0~ trafficserver
++rm_conffile /etc/trafficserver/congestion.config 8.0.0~ trafficserver
++rm_conffile /etc/trafficserver/cluster.config 8.0.0~ trafficserver
++rm_conffile /etc/trafficserver/body_factory/default/congestion#retryAfter 8.0.0~ trafficserver
++rm_conffile /etc/trafficserver/icp.config 8.0.0~ trafficserver
++rm_conffile /etc/trafficserver/snapshosts 8.0.0~ trafficserver
--- /dev/null
--- /dev/null
++debian/tmp/usr/share/man/man1/traffic_*
++debian/tmp/usr/share/man/man1/tspush.1
++debian/tmp/usr/share/man/man8/traffic_*
++debian/tmp/usr/share/man/man5/*
--- /dev/null
--- /dev/null
++#! /bin/sh
++# postinst script for trafficserver
++#
++# see: dh_installdeb(1)
++#
++# Copyright 2011 Arno Toell <debian@toell.net>
++#
++# Licensed under the Apache License, Version 2.0 (the "License");
++# you may not use this file except in compliance with the License.
++# You may obtain a copy of the License at
++#
++# http://www.apache.org/licenses/LICENSE-2.0
++#
++# Unless required by applicable law or agreed to in writing, software
++# distributed under the License is distributed on an "AS IS" BASIS,
++# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++# See the License for the specific language governing permissions and
++# limitations under the License.
++
++
++set -e
++
++USER='trafficserver'
++GROUP='trafficserver'
++USER_HOME='/var/run/trafficserver'
++OWNER=$(env stat -c '%U' /etc/trafficserver)
++OWNER_CACHE_DIR=$(env stat -c '%U' /var/cache/trafficserver)
++
++# summary of how this script can be called:
++# * <postinst> `configure' <most-recently-configured-version>
++# * <old-postinst> `abort-upgrade' <new version>
++# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
++# <new-version>
++# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
++# <failed-install-package> <version> `removing'
++# <conflicting-package> <version>
++# for details, see /usr/share/doc/packaging-manual/
++#
++# quoting from the policy:
++# Any necessary prompting should almost always be confined to the
++# post-installation script, and should be protected with a conditional
++# so that unnecessary prompting doesn't happen if a package's
++# installation fails and the `postinst' is called with `abort-upgrade',
++# `abort-remove' or `abort-deconfigure'.
++
++case "$1" in
++configure)
++
++ if ! getent passwd -- "$USER" >/dev/null 2>&1 ; then
++ adduser --home "$USER_HOME" \
++ --group \
++ --system \
++ --disabled-password \
++ --no-create-home \
++ --gecos "Debian Traffic Server user" \
++ $USER
++ fi
++
++ if [ -d /etc/trafficserver ] && [ "x$OWNER" = "xroot" ] ; then
++ # Ok, I admit I am lazy. I don't check every permission
++ # the user may have changed. If he didn't for /etc I can
++ # safely assume he neither has for other directories (I
++ # hope, since /etc requires write permissions by ATS).
++ echo 'Fixing permissions ...'
++
++ if ! dpkg-statoverride --list /etc/trafficserver >/dev/null 2>&1; then
++ dpkg-statoverride --update --add "$USER" "$GROUP" 0755 /etc/trafficserver
++ fi
++
++ if ! dpkg-statoverride --list /var/log/trafficserver >/dev/null 2>&1; then
++ dpkg-statoverride --update --add "$USER" adm 0750 /var/log/trafficserver
++ fi
++
++ if [ -d /var/cache/trafficserver ] && [ "x$OWNER_CACHE_DIR" = "xroot" ] ; then
++ if ! dpkg-statoverride --list /var/cache/trafficserver >/dev/null 2>&1; then
++ dpkg-statoverride --update --add "$USER" adm 0750 /var/cache/trafficserver
++ fi
++ fi
++ fi
++
++ if [ -n "$2" ] && dpkg --compare-versions "$2" 'le' '3.2~' ; then
++ RET=0
++ invoke-rc.d trafficserver status > /dev/null 2>&1 || RET=$?
++ # 0 => ATS is running
++ # 4 => Status is unknown
++ # 1,2,3 => ATS is not running
++
++ # using /bin/echo to make sure -e is supported
++ ECHO=`which echo`
++ if [ "$RET" -gt 0 ] && [ "$RET" -ne 4 ] && [ -f /var/cache/trafficserver/host.db ] ; then
++ echo "Purging TrafficServer cache upon upgrade."
++ RET=0
++ traffic_server -Cclear > /dev/null 2>&1 || RET=$?
++ if [ "$RET" -ne 0 ] ; then
++ $ECHO "======================================================================="
++ $ECHO -e "WARNING: Apache TrafficServer's cache couldn't be purged during the upgrade.\n" \
++ "Please inspect the situation manually and call 'traffic_server -Cclear'\n" \
++ "afterwards to purge the caches."
++ $ECHO "======================================================================="
++ fi
++ else
++ $ECHO "======================================================================="
++ $ECHO -e "WARNING: Apache TrafficServer is not running or its state couldn't be\n" \
++ "determined. Please inspect the situation manually and call\n" \
++ "'traffic_server -Cclear' afterwards to purge the caches.\n"
++ $ECHO "======================================================================="
++
++ fi
++ fi
++;;
++
++abort-upgrade|abort-remove|abort-deconfigure)
++
++;;
++
++*)
++echo "postinst called with unknown argument \`$1'" >&2
++exit 0
++;;
++esac
++
++# dh_installdeb will replace this with shell code automatically
++# generated by other debhelper scripts.
++
++#DEBHELPER#
++
++exit 0
--- /dev/null
--- /dev/null
++#
++# Licensed to the Apache Software Foundation (ASF) under one
++# or more contributor license agreements. See the NOTICE file
++# distributed with this work for additional information
++# regarding copyright ownership. The ASF licenses this file
++# to you under the Apache License, Version 2.0 (the
++# "License"); you may not use this file except in compliance
++# with the License. You may obtain a copy of the License at
++#
++# http://www.apache.org/licenses/LICENSE-2.0
++#
++# Unless required by applicable law or agreed to in writing, software
++# distributed under the License is distributed on an "AS IS" BASIS,
++# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++# See the License for the specific language governing permissions and
++# limitations under the License.
++#
++[Unit]
++Description=Apache Traffic Server is a fast, scalable and extensible caching proxy server.
++Documentation=man:traffic_server(8)
++After=network-online.target
++
++[Service]
++Type=simple
++EnvironmentFile=-/etc/default/trafficserver
++PIDFile=/run/trafficserver/manager.lock
++ExecStart=/usr/bin/traffic_manager $TM_DAEMON_ARGS
++ExecReload=/usr/bin/traffic_ctl config reload
++
++[Install]
++WantedBy=multi-user.target
--- /dev/null
--- /dev/null
++d /run/trafficserver 0755 trafficserver trafficserver
--- /dev/null
--- /dev/null
++-----BEGIN PGP PUBLIC KEY BLOCK-----
++
++mQINBErZOgoBEADImA8eQf03cOXh1UCuzNAg6paeNRBHJgSq2ly1lF47WgI1S0Kf
++7dHdr3HH3xpkM7d0m2Nm2tPsZzemYFAW1sixzXj5bnCCuCaeOHzI+4mM9Tu9AUQp
++ZqTiaW++tSenl+CzRWwDYFUG2s+r4/Fp0VNp/vHo1EqoO1cyauG/Jvo3VpbsKl2g
++XuNZfRRoDOscGU7kcSKj7wnxRCXm8IHMGsuobtOC5UsuQCggoxFfD0mc1ZKZT9dv
++WwcYG7sGHUUuEVkwHQr3ikjvItzZFgDU5Do5kv7q4OZ/N6wQhwT3lqXmpFX5fMK/
++1zMlrFjepl7OePgPf2qrYUGu9DVOcdT1ElMlY6BOHV+zkA7i/SBZUOvN93CGP8I4
++7Dp/DaQaCAs7mcGScu+07Nr14xKmfqo+oqL40UbaVNyEAqhqHlynKGKO6mYPkUOZ
++KST0R3AQCM6nTr8zsGqiJze2C+uEc4uBUXHsY4tgo9DO8ZcyaBj6G/TYuol4m2kF
++InxNHWFJ3tiO9dkM0O+YYae3UnH7mXBnKJNhTG/ek34LLLYCgXnOZ1cDKdtyd5Z8
++p+Ve73EM4pxJuC0J3UkPGBRxYzqkqx0tXDCAf1zYpTH486HJapxYuYyv94LQKhzp
++hEyXfm6zFufHWdcwe0bjovcTKARE8Q81eBi+N/3cUzNMQN+5bjiy3nQOBQARAQAB
++tDNMZWlmIEhlZHN0cm9tIChDT0RFIFNJR05JTkcgS0VZKSA8endvb3BAYXBhY2hl
++Lm9yZz6JAjcEEwECACECGwMCHgECF4AFAkrZO1gFCwkIBwMFFQoJCAsFFgIDAQAA
++CgkQUz3vFV17vFp8Ng/+NkQz+V+cCAirJg08XrZ+G508I8RxNsHAtZ4krPK958EJ
++Fxs2SBCX5V+edP4ng4pRdEg6zA17up40zlnn14FVBpdZ+bU0yd/DTiKaX5MpfPVN
++Gzw/t4gDoTntguDyw2JCUKhOu7B9zMDBSUT4KFeG91nIAjygB55c/d9OMwRXmoel
++vUL1/JVqLBJuZgTJ70jn4dUHz5VSuUsylvl/kRwceY3QyZrA+3LXVW8V++s36WzT
++QIXSAgfFdsw8Ry0C4OWWX5And0quB/E9l3zKpDvwH3FGrifM28aNd9We5c8QgxVd
++gKbSHc595zquLebhIj0c3peXRY15qmqq0fYGcMkpr+capY0KEsusxDg/M06srymq
++Tr5/BFE8Lqv/Qy+OebLRw0+B7b+ZvR0tMyv2L+drYgWvXtpCFKMCfqp1KWJYtolu
++bUcIZrCMzUlsCNT5zCjf396jMThucfRQ5PrgLtF8Jc+NDnlKzz8acClhdNwa4F3s
++dmS2C3PqRs9JWEhdXCvnuurnMQMsbujVeam8kQRFUcvCdl33cHP8JUy3cQ4uA8M+
++XanNDBHxDis5DDTgLLnDiWfGHL6FVSsH3OxsPCOA/go7uDw0ihiC7THJvh2L8051
++NPlGVDnCqbnFbzIVLbbXFSTpJQ5vbzOPRaKZLOTXvKEG9MmbtrxhXfpQr5zapIO5
++Ag0EStk6CgEQANMwI7QnPWQowMgfC365G1OlZeHWM1hwdPqpcJsI2KSIfCcCaKH8
++16bdNr/3p60rp3UIFCHSrX4CAxvYneEOG3pKYvzGf6GYI7g4NbLGu13cFOsBfz32
++1O5pmZPOH3FgDVvQBYCbC1cffWQiR2sp6U+O1rwAVk89+kxh6RfkPopPC4kkw18T
++UsiNLHPQsfQ/aNazLdg5vgGKoxHj0BIx7BSb6JgZu48czu3pm1hudWfyoDtZFVQm
++DWFFkzdhfvKO2pmMjG2IFrDdVLgxdKOO1WgsC+PSZesfkeOvN0qaFpFaHwIRVPYz
++l9gwo8z5LJQsCEKx3aMmbDfkDeL5nN8Khb2p7yyyxwdPVSxKpx7lGdmCscVWj874
++7bGg+1D+vAIBKBYpQz2bWQrHcMra6rTra656KIWXwRelztUrgkfE5AxxtsyNflmV
++3b7JsE3yAsXntjmAEOnZUeyGguNJR31oVn4W+oei7vGmFhzQZklGaKe0lo1BsbmM
++0HPVu/n5stVRjiqMvLHvZdfx/EbELkE572/NcxKH4XM3wm19FODcEJy8AXg2YlDk
++s/BD7nLGGEuefqMgZjFfoMWTkeIEHibIkJdmOUxqTXvG8SQw2S7QiGETbTezsEyq
++ZV9NN3yN/Rro0BkgsYq2jX1fPSYR9CHVrhVT8BESnvt4FwSTExyuePUbABEBAAGJ
++Ah8EGAECAAkFAkrZOgoCGwwACgkQUz3vFV17vFrnTQ/8DRkm/eyD9RH0QVmeClQm
++2TXqxvD95nMbAycmKnoe1+KBT26oNs+7XwUF4tfnZ8TCM8NgQ03TdeS2lczXERnm
++LUJc1iM3XFTBEi6n7BrbUadD1PFDf4G2zXGV+t7Ho+ukg03pNe5Y+VQnaF6ht51G
++HM8k3AWxYSgOlA11T+E+YBCiZzLA5GanflGRV0Vj+lZbp6gsCN/3IUxO0mfV/Jtv
++MRKTGvFAssZpqFwJJVDRJZgr+GUKff+Vef8+7wB78WYE93P3y0YPDo5+HrgMBej+
++izgVjMg0KToBzZoXKNWNywDvV3pZn0zL32wzKW10hgAesVyqNebznkBvHYk29BVU
++R4fTQ2DJ8PvXXnjWtfyOGc0lz6HpBlGXAgbOZZjRdJb9eBtjcALoUPAQyi4TyN7n
++dxzNtmssG3B+Xv08/VyGx00ClWLHTI+tFfwrfp4640uc3Yrg4CRZDhWLmxnDNc61
++FudI/6PjPfIo4FNWLgLMR3YRuVOij1/Wxos/XHVhuG4kBhkGfYyBmERLWdo/FAFc
++X/Pa2B5Sbw9bp/h+Pro0KrQinJv2mygGG/045S6WKobyYZMNFTAquOtFBqzN+xbB
++L/EeLJ3Vlj11vw1qRd6jjTdpC6rKtYNTnmTuHSC6HCWNZ49dE2HCfI+QhXvLvqpz
++ItxbCP1bTdT/tJjiNyoT8xY=
++=099s
++-----END PGP PUBLIC KEY BLOCK-----
++-----BEGIN PGP PUBLIC KEY BLOCK-----
++
++mQINBEtfajQBEADAmWqIJkt2MPjmZJ9RlymAAuOcvImB5E3cvpWFqVH8h5ycS3NA
++TTcvomSnILsiq+NM0h/J3Bd3cchCNA0uuXW1CIDY7mGrkPdXNxQVygYY2L/ubAE8
++Ed1u1ghzPUaMYtFf7QAk4WCpglBaL2frJmfS93AIYOAIuV0zw8+ce8uvVYSt7aAk
++Ww8JKnpW91nMZr3GBTibhthCmLcDWIyntR2gYyPX9NdAAViSfkmW8ea4dtbXfu8j
++nkr7DnbsQu+vl29nwLmI3h2jcgV6QkHu40breY5NbFSTVmyyBgM5yH3cVk7xVIGv
++1rt0Q9DvoftaSiWn3TcXcrnHnWVPTo1VM+kYHT9J9p6JSxZdrcAySR48YZvgDXTI
++BC2sNCtW/gHC4iNdxWvOYKDO7xv9fLweqiUNXi/BxcwcCapYN5xZEONFKVVRvd5X
++pcr0hxviNjkD/GkWTYEt3EqhnAGDOwQc60DtyuY1w82bhtIhCmNcnLAUEXYlJMXN
++iPy1owKuY0EBt3VO3KsI5RqZTGgvYHtB2XpnyRLutnwAsMQceUl3r3CMRoNagTGw
+++gfY18819b5dgMSYp1+Im0TtImMv/LOPjZY44Br24JisScaqQXc+DETEfafoIKsW
++BBj1gfz5GsuUxdlnZHwwIM4MwtWvoU8/OHp3zVlDJZFLNBReTimV1La0DQARAQAB
++tCBCcnlhbiBXLiBDYWxsIDxiY2FsbEBhcGFjaGUub3JnPokCOAQTAQIAIgUCS19q
++NAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQTRVBELhFCOyuyxAArYgT
++qrMxveqgKEEUrdnYF+hw1weoA5I4vJPUoAdsUr52WUZ2P8AnKxsESdGefA0XwG2v
++t6qyo0fFce04YZ5gYjg5au0sYndN84vwysjuo5PKBR4mt3Ij097gMnotRzFDReJD
++TB5Yk4oj0/jHMUkkS2dw3gM2DFfI2ILAaCRNbFapejwk4jCxt5JAGVEr+z8BEyOg
++NcwL0X5G1qci+OR9cv0AzfChxaKNwW/oGpW/h5gM4jBQuElMmCxqDcyAlIHLaGoM
++H73iGnD9U4bI05kvpIdqABQrfDoN1QyQkiqG640LnP4WVHycNDIyOeeQcDVenK5a
++IOm/4gnErOyzQkPS0v5J4jD4df2lvxXnoSvjLySCeA1um/HV/gF02NufyoMHDJFD
++QeEIjQu6KLYPNOT3dMeuioqtIsncylmAXiSqnwrP7zfp2RWRaWzAgP1SSZMzF/80
++a+6W5uQt8j2ok/z0NPCKQflS+oU4Gc5C+/KHUrdDCY5GcwwgFBv1i41jXdjh0nkz
++VzX/asUIO9ptW8TR7aIcS3lm847YV4isNvWlroeGhmVfIk8M8RqsDfq7HPLvqipI
++V2phFiUEiON8OgD0x8+2fTnveE/lY1jpjYUg73XOcHG6wna4D6ECTzlG3s4QtBrI
++gcUFY97nfHgt6sT/ix7jB746wVfKgRzRyCuCwxK5Ag0ES19qNAEQAL3rbob4n3jy
++cUhDIqg7bzReb4rfoS5JWKVCu169q8aGys2HJ4tCKtPE2ldwHKo55nTZsQQTbaLM
++WxznmGWxESV4OJKDDNXOhctISaiwOSNEj58QvDGmcmK38ZlrSsuoUNgpbnFfxlwx
++DBu0Nh5ocKiNJcBx5BwhrD9hzqaSW/HjQU52EUrLfT5gYnT25ZtmTIEzonbT1AGb
++vMWPQeNVHwUZmy7foFIp68Hw4Z54SWWB6wOs3sPg5PfptfrTe2TTCe1CfcUCCzAJ
++IEeNK8u2tYwK1u02pmYJ2nXxCo0op0bP4Bo40USbqI40qf37WAjGYIik31upNOU7
++Ku6vYopQMV8kB7i5HBuYzTvxjCz+dC8P2TuALwmMCpOdBQ5c+lT4gRr5kt0OlD1k
++IpL/vrlTFsmhILe5KbawfM2ZwM6KbJyX0er38XNK4HPpHiyaNrLS2bQSDgBU8PC5
++sOHKpOXq404owDybkOfiB0voCJm/e7RkOI6AyeokCobXzcO6ZrWmwiRwXz9K5EuK
++IfA8gWs5i3pK3X9cBMnjQ/uMSL0w7SY5khUAMFwECM73YW53E+hqaB7LG26ATjql
++esM3uhaVd3INNNp+haoHSsRUY7DZh2s/ghX5t/T/pkRzfNimVdejYOUxAHHX4x8S
++fcXsB1I9r81wolbUqaddHdZLYS4Z7ZBNABEBAAGJAh8EGAECAAkFAktfajQCGwwA
++CgkQTRVBELhFCOyNpw//fF6pKllSPv9yvNAMvt+Ly0hk6GwOCRYCMe9uQuk7EDTI
++idiG6DbzEKsqGIugvcyMrOGJxGDfSc+I8KgOhsuY31aWllSLyMo2fVFPECztPPFt
++7IovwXe1sSA5d278KG2Xi+2Z0W0XMnCqVLLoQoFqkVvbgaLKWrvgk93yozsYYcJd
++2iDIseyL3YzuqSNeLoXf0DWlMDX8oXtemlD87oWJWOnfHTVMLmGM45qAvmcDf96b
++ZiDjdo4Sn6LSu5Xn/fCNrZOtpTDXJPJ9fb9APz4n2tdTS4UrzCQdtYEaNxb5LeP7
++MySMOITpZ2xrmC3SzL67STXn4POTxXa8lnY1DCpGUL8uxYej8cXkPDSC9sX836vJ
++DbalYPHlgb5Fyn9pb+LoZWhUKxtfp6dp8N2kVKJ1yLlTwVdRFEicF5hqiMa6Curk
++TVIVb9VQxEzw9bnBmoi9k4XLJAHz35cFvLNjJVSt0naNqjpy6fxHllJ6I1s6dJe9
++jGfECEc1sw1vLjS4f+NIGTSjciuxWkOfZ3Ulw3RPuUbeMHMC6FEfv35M1dDRv3ec
++xIBKO0t7qvJ8Q6b/DzwW+IhqzLTK5bXEXVKS1zAJ3Iyd1QOmGOLdP/caoKV313J5
++YVz+bqtclFVJQ20cqAPhWEf7UNZTFCwa1CAKbPIGKYoDSCId4sqsNyRCmbRqY8A=
++=Ycol
++-----END PGP PUBLIC KEY BLOCK-----
++-----BEGIN PGP PUBLIC KEY BLOCK-----
++
++mQINBFzdpE8BEADy3x3MmpeoAZsjWXnnLnzYY01URK4APoFOMK4tem16SGie560N
++h0pq3jJxh/KPa5NkktymI5fKZK6JJkYvjfYw81+mPSWQevxDLi/kBNa1PbYBcQrM
++izHB5iVTI9b7nTm2+R+43T2zgR4IqID5SqElAHN+Wc/Nb3l/rGrbfJ13hM8aXvdh
++qfEGYY4oy8dGPeS3eG8tC/NZGsUo9Njv7tteH4wENinIcjoqYBe9LKpfM9pM2Koc
++75CYxsXqmXJAPoOELh1vVYByNnV/9v86WZ64/604SXIymF5RNyQKu++Oc21UFnfR
++slyuuN8jYl9ldbOwRpxy2F0cEofZUUUukTPdOsxdIMRwoHdj/bL8JIaeYm385E3B
++aNgJjBOAqpJe0Ltz+E3LwIVkhqZYqtzLKyNPHwAMqxjTaBi/wdmGZO5tZXsu5l/u
++6dQJA5CpwCH7Q2WGW6lk4w4RGQDlOzJs6kIVgGeN39g+h4zNHrHc6RNez568Tru5
++cOIj8U0zuAFqLJLMYnmbK00y5HQQCq36tsERw2ULEwVwxzYJ2NnkZnSzpO7yb7gK
++3l6WcRiAtuivYSkyyX4QFIDdqkzGlRO5Jszk1YJwwBonCRranZWLWLSoS3AfCmBC
++gCjdyH7ZpeE091jfDCcqVc/9TiRCP1Mmc7MbXu01xUtvtTnj60os3gEKUwARAQAB
++tDJFdmFuIFplbGtvd2l0eiAoQ29kZSBTaWduaW5nIEtleSkgPGV6ZUBhcGFjaGUu
++b3JnPokCUQQTAQgAOwIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBJZ2cTSC
+++SZ+MazRnUZjdm+26OTjBQJc3ahuAhkBAAoJEEZjdm+26OTjnDUP/i1YtzBFWNst
++mcpIk7+zL84TePVcSi8PVncDA/uAXa45TMBgZoCmuCTe3N+ys7Hfgdn8DJFcRTwZ
++ki7PPdCAA+6tlTXOnJnhegM4qpqEyxUMus8URSXsKQzYLU8+V4F7HuF5PlYLagco
++h5ixoCNGSjMPDqDXSJR23Naya0A49F4W6SorMNG2DkHnswvtLD52pTgwozC8xp9L
++pEQnQ0lf8LiwwCBhxNGe+WymGedH7pZsS2V+fEZ1CqD0jdcwlo86OKOIywTsmFGS
++Jcvo1DTBY6nRroIFZoe4WCTL5bDwzvzxfooJOdVXlSz4PaerYQn/B4uXx9fgK1BP
++WsMhl0jFLg1lR1ODcg9RYNx8mtBtnrGXIWglebe7FXIeR3N8+tX9Ln4Q37EI3mqo
++CSpLRzzv++lBteNmLY/Cq1mgI8eaq1j+s6QuFy1NkIaWnI7/gWcQG6nPX56d3uRh
++KJhWXmQ8ttIQc3x/HJJr01XzAA5dDn2KIoBf3TwlyN0TFQ2fGOBdhiNd26gQ24JK
++ZV8MVE2C8R0frTyUIlinIvkXg+/boc99Le1v/Red6fayIZUYnMKFFPVETUIOrctj
++V3r7LAjNyjtaQ7wByAoRg1X5nvLQfIqqU2Vc96mG5nKpxcypmMZIaXvNPQLffaQI
++f7BffHY6OVfAZoW93yPwQYmc9RgDjzWwtClFdmFuIFplbGtvd2l0eiA8ZXZhbi56
++ZWxrb3dpdHpAZ21haWwuY29tPokCTgQTAQgAOBYhBJZ2cTSC+SZ+MazRnUZjdm+2
++6OTjBQJc3ahuAhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEEZjdm+26OTj
++xnwQAIlgax1bVZNZlbrKlgVBovnZ5VFhKV+8IODzpqUl5iBSu0TMjh4S1BEI/Mpx
++SavvF9UUcFBiSHYaA8KVOUho380bZDoILBxDJT0KwSBVwwtrFWFvolHntJVDz+48
++C/P2/QJ7mH69hRk9/4fYGDyYmtXzPtXOI+u5hptKCUMKyamoN88PX6Tl3+fjEWiA
++Wa6CMJfd1zFedH33ZYJZPvXHBLpaqORh5431ufsFsa1KrfqPxvKJWuQCrPhmrlTJ
++XYzsqFnQkaxR0E4mxAfyHSr61fD9AYBXZXVlQVeBHCx9/sYfgJD1sSM66W+zcMXP
++l8HDpaTXzKYMWNM/WFh8HBFsEgdsOvhC0cAXCWPUyn5BJ6yVNBabiAgfbS12Uh1X
++L8DkdPOjkjwNH4sw6tTJeLirID6C0LoaAyAJFbVOTWX0w8xLUQpMbdiCfKEC0os8
++so0iV/LMeGv5zRQUeraCYRZf454notb+tNbDPGTyDK+/pByaM73saOBVyyJ2YD6Q
++3jBX9Jp1QVLM8E2XzsvUtd8x2aDWZ7xqJob3IX27/f9RLLrxP+3I0OZW8sOqbniY
++2n9luoo6FshMizOJj8A0yujzVUVsYaP1FJ6B8YMyPp6CsvL96Ev9Wsz6AmUtljM1
++VHbsNZiyA6SAJQqYyuiNTzj7NI3HWU8TF8eqMAGWZ7WeUNCHuQINBFzdpE8BEACz
++y/05ZQXEsmy3toh5Hg8TfV+XviFG4u0OUzeSvT687QkyCsMg3pV0XvJil4BbRr6R
++/2OCzbrJ9ltAkWTvuEjvGROizpg/dSGldiFFy/N9T8LITu2wivCduKr1aa4zemaV
++mkTMchuhJGra3kdqq8g7tdeLKJy4aJceSXXBa7nrhvUO2UMMh5xXee+eofxNAhFm
++MIaocxvCr0AQhoFAU8yBL7mgwRiH0Euy3vhb0TmDNi8j++cQ6alcdqTKxlwrMfTj
++4O5GTNhUXJWuYpGp9DI4D/rzzag4fxpwvuKkjhvphVy2WEJPCTYAdpP0XiNTyzWM
+++3L8rBigOE7TUZNo4S88fwrfT3dzoVUNlIkcEjVRuK6waMskN0FDFYuW7XjTTvm+
++LvLt7stbYk7utJnr20iP+osWgXXUVW4zLfHbcltPoLdXsDhmWzHNQw9Ze6HDnHdf
++yEi7qCP5x0zJ8KtqUAqBkJS61P9JVAmNy+FmP/fk0oVAH+dLr/+QNFs8M1W+hOVU
++81nC+1FA6zGypSuOhA1kR+xZNonkTnV9bdgf4bCWp/2JJTKrWFtrwl5vxx0fSy0f
++GmkAlcrDtlN0HqoHdyQQsyYSXWkfC9OYKKy2PR7Jj2W0OFudMedlHaaAE6PtKzYA
++Sv7CeRNaQYQWYM2yxHp3Edbt2S8CKZgy2Z+SnWGNoQARAQABiQI2BBgBCAAgFiEE
++lnZxNIL5Jn4xrNGdRmN2b7bo5OMFAlzdpE8CGwwACgkQRmN2b7bo5ONXBA//SxiD
++XR5gcSE/wasNgUCP7cjWj9+FzEqPNrRAvi3Lelurw6GIpEywi69tz/Upnnp1PLBG
++NHY01Is/W+z0J6/gM3lTE1AUFw1RaailcJ7K98UGCYo1Ap8ZUjGqXRy2klV8gH3R
++re+jId8ANEe97Aq+hDxcbgtozEzq11/D4de9wZKii876A8W07gsRurGNYWX9FW1e
++KCZnlU8cMMbuTHyaUlShm59uj28NrBovF4q/EIXkCl/ciiexjt88DTO4SRp/+Bxh
++Kn/PebwO/yKJ0S1Gn/UenbUTjkE7oP39UYiNXo4KgltYT0q5XrjQ18PDK8IT1zVg
++uM6vvysCjxf7VJPhCBjlSvqqm0jM2468Ivo1SaxIJV0T6ZxjdTSsOPsWk0EHQiQH
++fEk8Mscei2ghItkJkyK65JpQCwMC98U0OflsSQbfIl+aqLVHItdSUSDvyejEQ4pB
++xNww8IxgiVaN0b0TnJuKIl+bh29Ir0b/txiuEWwJ2TaDYGQz2Gm6CRk+lW0MDbJD
++X1v30SjnBw3Z5cja9byuSqjYcge1l/xlZqR45zCKVz/A4NcugwlIi3QgDgXq3wnI
++cwAzFvGSobuM+PXaHC78I/4sG3MFMnFDrqAo9tzxohqmgqh76dqG84yGTidfrs5K
++OOTn8EiyYEnUd8hRk6q79qcgwyB6tdpsym/X6XA=
++=L+Pn
++-----END PGP PUBLIC KEY BLOCK-----
++-----BEGIN PGP PUBLIC KEY BLOCK-----
++
++mQENBFrfXOQBCADWH9KDvX6DbxbXMMzgLEGVYKikpV7JnOKTMFGfw1wN2+y67f0u
++87QSddKMqhHwINEMt7uzx308xiJYACJHGlQWT900D+D8HS1jUc7tGnnrATzFSePM
++oNXJWDQmGYn1WKVY91mQraXKrbKuw2CjhXLfaLc9xKq0/8bjcv5hDu71xRtwe7Tp
++A+6kPtyWqMjCEgzNQpKSP0hgEpmQvWq+K9ztJqZDn9giaclwLMXICHLwuL9V2miF
++xZwI1v5xQPpngzIMY84vpinIVVhKtx75jkAJhJ9fDRQT/jQ1q+iyyaCGtZKhboRJ
++Hsr4b20wbTLgWPxJevRvTRzr1Cem/scmoJSfABEBAAG0K0V2YW4gWmVsa293aXR6
++IDxldmFuX3plbGtvd2l0ekBjb21jYXN0LmNvbT6JAU4EEwEIADgCGwMFCwkIBwIG
++FQoJCAsCBBYCAwECHgECF4AWIQRzFEqoOxCpewTB6YMVrWLpQBBOlgUCXGsuWQAK
++CRAVrWLpQBBOlm86B/4jKArv5ennU5xTnsNFLV9CPLHYbf8rd+a7Lnahi96RpqtK
++2YYGAYV/E6LvyHkFJm3nTGgbp27GSWKlPm5rGbEmtMSn8jk/RzlcEkU4DHWjuvqI
++Xf0Vz5lXMOwcNHyIJpeadwrrWVUBP9Oy1ZUtg9am4aE26/YUqAdOaXVZPaqNuKJx
++u7R8oXHr9PCKRs4/jb/XqeZmf84hgaoILSDKu/lTk6G1hKcHSreWVd+X5TR+ikOa
++6DlfvOZ9ZO+Btwm/UypxRxJfx2WHQK3D/qDnlf1EBXcDOdbWSlGphcl4NkNrs+AT
++3Go4y2acTJhu7Z5x6fW4A5oI0AlzcjzdVS79aM1juQINBFzdnvYBEADp9RpqKDC3
++otvOJpCG4P1XVNwiRkc2UsIgm1PvrqLVVK2/g5tJRthuonmFMC7YxH0Z1UYlgekD
++291hCV5X78o9ThBvVbL67gp+GECRQmpY1jxgrqloPtZ0r6PN5QeOrKZ8orqdh9Ys
++fX6zn+QNF6pyaE5Z0JMs3rXk6GLBilwQXRlFzRX3imi6fpmj+S9dIy5SQUvG0e5W
++wiNKCu+zlHzZqtBskQNCkDdXfmolMxJ1lEUxBu9kigau+zg/R4veoL0U02hwLh4l
++JjeEOOGXr+t3mosPQkNCthmb+CHmuLiovm35e6v9LzVuvR+pke/aQlxCJU3ulroq
++m2sjhwhLjnxlTFcCuc6NJ22O81nW9Sl9dA8ShyXay+FUpIrP0CY5NFMBxtRTUG1T
++1iAVL1yb1igvDM0EB5lDsd6f41HlGjUDKkL7skPiALTSzAuJsL1F/x+jZxB1mSeD
++Hs4ephSaDPaiUbDSefpeYLaQ+JFei8Z75OWA6kMjHIbFwB8G0BGk0jQfTwNXl4Zu
++iSNYzwWp9rByhX6oqQ/8ddW1IJ3oHJ9mzDl1JIX7L5UHYYtYzj5UIEl68l3Hb4Ko
++PAArzBgosLvrCnCkCTiWbRQnmmTIVPxHADsqMJbkFuLLL1wnOItC2eWu/+yd2vcV
++hhyqxGfPzrlHPuc0l3Cno6K7YEZE4KKlPQARAQABiQE2BBgBCAAgFiEEcxRKqDsQ
++qXsEwemDFa1i6UAQTpYFAlzdnvYCGwwACgkQFa1i6UAQTpb37AgAyDuEfcduK0dH
++0SjUoJqSJ6dOkwOuF0T+IKYi5ixDflOxJGDnZdOc8NeTCdylZxuE33DGWHyIk74w
++Ituq3bzogkarYrxQBBmH49aGROy5l7kERDWeWQEujCPsREsntK5wYTMyhSap6g+f
++pbe6xVMs+bVxBWusBSJcu/VYlJTqgd/3nP9DtFCPzBM791GJ1ghITrLaLvm2uvAa
++KPxRnXZ07d2CDvfhqGrBam9nGQJ75owfcHxhdQGV25ftJjfJbM04JfhcS4j20V+i
++DUxN7dqtHLuFd7d3btOZiuGI3EOBWxePbRPh2/Ip9mVqzGp5CVRU0pfx22o4DRIS
++tVtp6zI6yA==
++=x5Qr
++-----END PGP PUBLIC KEY BLOCK-----
--- /dev/null
--- /dev/null
++version=4
++opts="pgpsigurlmangle=s/$/.asc/,dversionmangle=s/\+ds\d*$//,repacksuffix=+ds,repack,compression=xz" \
++ https://downloads.apache.org/trafficserver/ \
++ trafficserver-(8\.1\.\d+)\.tar\.bz2 \
++ debian uupdate
projects / trafficserver.git / commitdiff