1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-11 02:50:24 +00:00
Commit Graph

188 Commits

Author SHA1 Message Date
Jean-Yves Lefort
0561518b0c - Read cachemgr.conf rather than cachemgr.conf.default
- Add a missing %SUBDIR% in MASTER_SITES

PR:		ports/81319
Submitted by:	maintainer
2005-05-22 13:49:22 +00:00
Pav Lucistnik
33ad773d04 - Update Squid to 2.5.STABLE10
PR:		ports/81213
Submitted by:	Thomas-Martin Seck <tmseck@netcologne.de> (maintainer)
2005-05-19 14:17:01 +00:00
Volker Stolz
9cec7c9ea0 - update distinfo for the updated syslog patch
- remove local patch that is now incorporated into the corresponding
  vendor patch (with slightly different wording)

PR:		ports/80367
Submitted by:	maintainer
2005-04-27 07:31:36 +00:00
Yen-Ming Lee
6410f43979 - Update distinfo for the 2GB patch, this includes a fix for
squid bugs #1283, 1287 and 1288 (assertion failed in store_client.c:343).
  (already committed)

- Bump portrevision as a datapoint for this bugfix.

PR:		80163
Submitted by:	Thomas-Martin Seck <tmseck@netcologne.de> (maintainer)
2005-04-21 08:57:57 +00:00
Yen-Ming Lee
ce7cb9f97a - according web page, the patch file is rerolled at 2005-04-20 14:59 again
http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-2GB

Noticed by:	kris
2005-04-20 23:53:27 +00:00
Yen-Ming Lee
12dbf6e9c8 - the patch is repacked at 2005-04-18 00:57, after maintainer submit PR 80028
- diff is listed below:

--- /tmp/squid-2.5.STABLE9-2GB.patch	Mon Apr  4 17:09:16 2005
+++ /usr/ports/distfiles/squid2.5/squid-2.5.STABLE9-2GB.patch	Mon Apr 18 08:57:57 2005
@@ -3000,7 +3000,7 @@
       }
       /* there are some things we cannot do yet */
 Index: squid/src/protos.h
-diff -c squid/src/protos.h:1.420.2.28 squid/src/protos.h:1.420.2.32
+diff -c squid/src/protos.h:1.420.2.28 squid/src/protos.h:1.420.2.30
 *** squid/src/protos.h:1.420.2.28	Fri Mar 18 17:01:52 2005
 --- squid/src/protos.h	Sat Mar 26 10:36:01 2005
 ***************
@@ -3455,9 +3455,9 @@
 +
   #endif /* SQUID_H */
 Index: squid/src/ssl.c
-diff -c squid/src/ssl.c:1.118.2.9 squid/src/ssl.c:1.118.2.10
+diff -c squid/src/ssl.c:1.118.2.9 squid/src/ssl.c:1.118.2.11
 *** squid/src/ssl.c:1.118.2.9	Mon Mar 21 12:39:29 2005
---- squid/src/ssl.c	Fri Mar 25 19:50:53 2005
+--- squid/src/ssl.c	Sun Apr 17 18:54:30 2005
 ***************
 *** 46,52 ****
   	int len;
@@ -3482,7 +3482,7 @@
   	kb_incr(&statCounter.server.all.kbytes_out, len);
   	kb_incr(&statCounter.server.other.kbytes_out, len);
 + 	/* increment total object size */
-+ 	if (sslState->size_ptr)
++ 	if (sslState->size_ptr && sslState->client.fd != -1)
 + #if SIZEOF_SQUID_OFF_T <= 4
 + 	    if (*sslState->size_ptr < 0x7FFF0000)
 + #endif

Noticed by:	many people ...
2005-04-18 07:09:02 +00:00
Yen-Ming Lee
4e9c0a92b4 Integrate the following vendor patches as published on
<http://www.squid-cache.org/Versions/v2/2.5/bugs/>:

- Correct several minor aufs issues (squid bug #671)
- Basic authentification fails when login+password totalled to more than
  64 characters (squid bug #1171)
- Fix an assertion that could occur when traffic other than HTTPS was
  tunneled through squid via the CONNECT method (squid bug #1269)
- Make the --disable-hostname-check configuration option actually work
  (squid bug #1270)
- Fix aufs warning about open filedescriptors when the cache was shut down
  (squid bug #671)
- Allow squid to process requests for files larger than 2GB in size
  (squid bug #437)

  Introduce a new OPTION "WITH_SQUID_LARGEFILE", default to off to match
  squid's default behaviour.
  Rebuild squid with -DWITH_SQUID_LARGEFILE or run 'make config' and
  select this new option.

- Add two new cachemgr actions: "pending_objects" and "client_objects"
- Make external acls that require authentication request new credentials
  after access had been denied (squid bug #1278)
- Make squid use "daemon" instead of "local4" as syslog facility (squid bug
  #1227)

PR:		80028
Submitted by:	Thomas-Martin Seck <tmseck@netcologne.de> (maintainer)
2005-04-18 01:05:35 +00:00
Michael Johnson
a668257234 - Chase checksum of the updated pid_t patch
PR:		ports/78897
Submitted by:	maintainer
2005-03-15 22:50:50 +00:00
Michael Johnson
386223668b - Integrate the following vendor patches as published on
<http://www.squid-cache.org/Versions/v2/2.5/bugs/>:
  + Handle odd data formats (squid bug #321)
  + reload_into_ims fails to revalidate negatively cached entries
    (squid bug #1159)
  + Clarify delay_access function (squid bug #1245)
  + Check several squid.conf directives for int overflows (squid bug #1247)
  + Use memset(3) instead of bzero(3) (squid bug #1256)
  + Fix compile warnings due to pid_t not being an int (squid bug #1257)
  + Fix incorrect use of ctype functions (squid bug #1259)
  + Defer digest fetch if the peer is not allowed to be used (squid bug #1262)
  + Extend relaxed_header_parser to work around "excess data from" errors from
    many major web servers (squid bug #1265)

- Enable IPFilter based transparent proxying on all FreeBSD versions where
  IPFilter headers are part of the base system (i.e. RELENG_4 < 4.7-RELEASE,
  RELENG_5 and 6-CURRENT). Create a new OPTION WITH_SQUID_IPFILTER for this
  purpose. Thanks to sem@ for keeping track of this issue!

PR:		ports/78780
Submitted by:	Thomas-Martin Seck <tmseck@netcologne.de> (maintainer)
2005-03-13 19:32:53 +00:00
Pav Lucistnik
b7d8eb0728 Integrate the following vendor patches as published on
- correct a race condition related to the Set-Cookie header
- correct the FTP parser with regards to the EPLF format
  (squid bug #1252)
- correct FTP listing output when the URL was requested without a trailing
  slash (squid bug #1253)
- make ACL configuration errors fatal (squid bug #1255)

PR:		ports/78446
Submitted by:	Thomas-Martin Seck <tmseck@netcologne.de> (maintainer)
2005-03-08 23:27:46 +00:00
Pav Lucistnik
d31edd36f0 - Update to 2.5.STABLE9
PR:		ports/78079
Submitted by:	Thomas-Martin Seck <tmseck@netcologne.de> (maintainer)
2005-02-26 15:56:49 +00:00
Pav Lucistnik
30a5c8b165 * Vendor patches:
- fix some cross-platform build format warnings
- allow high characters in generated FTP and Gopher directory listings
  (squid bug #1220)
  - cleanup generation of FTP URLs
  - relax the newly introduced strict HTTP parser slightly to work around some
    more malformed HTTP responses (squid bug #1242)

PR:		ports/77779
Submitted by:	Thomas-Martin Seck <tmseck@netcologne.de> (maintainer)
2005-02-20 17:45:36 +00:00
Sergey Matveychuk
d87f4f9b49 - Update to 2.5-STABLE8
- Integrate a vendor patch from:
  http://www.squid-cache.org/Versions/v2/2.5/bugs/
  it fixes a major problem regarding the handling of invalid DNS responses

PR:		ports/77423
Submitted by:	maintainer
2005-02-13 17:21:02 +00:00
Pav Lucistnik
0cd2e54538 - Update header_parsing.patch
PR:		ports/77360
Submitted by:	Thomas-Martin Seck <tmseck@netcologne.de> (maintainer)
2005-02-10 23:15:08 +00:00
Jacques Vidrine
97fe67d617 Integrate the following vendor patch as published on
<http://www.squid-cache.org/Versions/v2/2.5/bugs/>:

 - Address HTTP protocol mismatch related to oversized reply headers and
   enhance cache.log on reply header parsing failures (squid bug #1216)
 - correct the search request generated by the LDAP authentication helper
 - fix a race within the NTLM authentication mechanism (squid bug #1127)
 - fix handling of failed PUT/POST requests (squid bug #1224)
 - fix problems with persistent server connections after failed PUT/POST
   requests (squid bug #1122)
 - improve handling of forged WCCP packets (squid bug #1225)

PR:		ports/76967
Submitted by:	Thomas-Martin Seck <tmseck@netcologne.de> (maintainer)
Security:	http://vuxml.freebsd.org/bfda39de-7467-11d9-9e1e-c296ac722cb3.html
2005-02-08 15:11:56 +00:00
Sergey Matveychuk
fd5003dd66 - Fix fetching.
* The response_splitting patch has been updated
    to correct a problem with cache digests.

PR:		ports/76889
Submitted by:	maintainer
2005-02-01 14:11:22 +00:00
Sergey Matveychuk
264e6d34e2 - Integrate a vendor patch against a buffer overflow in the WCCP handling,
see <http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-wccp_buffer_overflow>
  and <http://www.squid-cache.org/Advisories/SQUID-2005_3.txt>.

PR:		ports/76827
Submitted by:	maintainer
2005-01-29 21:49:20 +00:00
Kirill Ponomarev
3d4d28a80e Sync follow-XFF with the latest vendor patch.
PR:		ports/76801
Submitted by:	maintainer
2005-01-29 10:42:13 +00:00
Sergey Matveychuk
906ad4d94f - Integrate vendor patches as published on
<http://www.squid-cache.org/Versions/v2/2.5/bugs/>:
  + Reject malformed HTTP requests and responses that conflict with the HTTP
    specifications
    This issue is qualified as a security issue by the vendor.
  + PURGE is allowed to delete internal objects (squid bug #1112)
  + Disable Path-MTU discovery on intercepted requests (squid bug #1154)

  (VuXML vid=b4d94fa0-6e38-11d9-9e1e-c296ac722cb3)

- Clean up and correct package list generation. Now installed files
  and directories are visible via PLIST_FILES and PLIST_DIRS.
- Don't claim that squid related files or directories are still present
  after deinstallation when in fact they are not.
- Add "-g" to CFLAGS when WITH_SQUID_STACKTRACES is defined to make this
  option actually useful.

PR:		ports/76628
Submitted by:	maintainer
2005-01-26 17:56:25 +00:00
Edwin Groothuis
55e802ecd8 [Maintainer/security] www/squid: protect against HTTP resonse split
attack and other patches

    Integrate vendor patches as published on
    <http://www.squid-cache.org/Versions/v2/2.5/bugs/>:

    - FTP data connection fails on some FTP servers when requesting
      a directory without a trailing slash (squid bug #1194)

    - Icons fail to load on non-anonymous FTP when using the
      short_icons_url configuration directive (squid bug #1203)

    - Strengthen squid against HTTP response splitting cache pollution
      attacks (squid bug #1200), classified as security issue by
      the vendor

    Proposed VuXML information, entry date left to be filled in:

    (Note: I added only a publically accessible link to the Sanctum,
    Inc.  whitepaper, the squid bug tracker contains a deep link
    to the PDF itself; if we are allowed to publish it, it could
    instead be used as reference because Sanctum, Inc. wants you
    to register with them before you get access to their whitepapers.)

PR:		ports/76550
Submitted by:	Thomas-Martin Seck <tmseck@netcologne.de>
2005-01-22 09:31:33 +00:00
Edwin Groothuis
7d318011dd [Maintainer/Security] www/squid: integrate vendor patches
Integrate vendor patches as published on
	<http://www.squid-cache.org/Versions/v2/2.5/bugs/>:

	- Sanity check usernames in squid_ldap_auth (squid bug #1187),
	  classified as minor security issue by the vendor, see below for VuXML
	  information
	- FQDN names truncated on compressed DNS responses (squid bug #1136)
	- Internal DNS memory leak on malformed responses (squid bug #1197)

PR:		ports/76364
Submitted by:	Thomas-Martin Seck <tmseck@netcologne.de>
2005-01-19 10:58:40 +00:00
Simon L. B. Nielsen
8b446059f5 - Integrate vendor patches as published on
<http://www.squid-cache.org/Versions/v2/2.5/bugs/> for the following
  issues:
  + Prevent a possible denial of service attack via WCCP messages (squid bug
    #1190), classified as security issue by the vendor
  + Fix a buffer overflow in the Gopher to HTML conversion routine (squid bug
    #1189), classified as security issue by the vendor
  + Fix a null pointer access and plug memory leaks in the fake_auth NTLM
    helper (squid bug #1183) (this helper app is not installed by default by
    the port)
  + Stop closing open filedescriptors beyond stdin, stdout and stderr on
    startup (squid bug #1177)

- Unbreak the port on NO_NIS systems (thanks to "Alexander <freebsd AT
  nagilum.de>" for reporting this)

- Document the two security issues in VuXML.

PR:		ports/76173
Submitted by:	Thomas-Martin Seck <tmseck@netcologne.de> (maintainer)
Approved by:	erwin (mentor)
2005-01-12 22:37:29 +00:00
Kirill Ponomarev
82fd48012e Patch was rerolled because of some bug fixes.
Approved by:	maintainer
2004-12-29 08:59:49 +00:00
Kirill Ponomarev
a0c019c5c7 Handle empty ACL definitions properly.
PR:		ports/75403
Submitted by:	maintainer
2004-12-23 12:15:30 +00:00
Sergey Matveychuk
4c0635e2e4 Integrate the following vendor patches as published on
http://www.squid-cache.org/Versions/v2/2.5/bugs/:

- a malformed hostname can cause squid to return random data as error messages,
  possibly leaking internal information from former requests (squid bug #1143).
  (This is classified as a minor security issue by the squid developers, so
  maintainer cc'ed security-team@. See VuXML entry.)
- the "httpd_accel_port 0" directive does not work on its own (squid bug #1121)
- fix crashes occuring when using cachemgr's "vm_objects" operation (squid
  bug #1149)

PR:		ports/74859
Submitted by:	maintainer
2004-12-08 23:16:53 +00:00
Kirill Ponomarev
157aa64e02 - fix shutting down of helper applications on reconfigure or
logrotation (squid bug #1118)
- properly close the client TCP connection when a malformed blank
  HTTP response was received from the server (squid bug #1116)

PR:		ports/73913
Submitted by:	maintainer
2004-11-14 09:55:40 +00:00
Sergei Kolobov
18f920d66d - Integrate the following vendor patches:
- document the LDAP helpers' -v option
  - correct the implementation of the req_header and resp_header acls
    (the original implementation submitted in squid bug #961 was faulty)
    See <http://www.squid-cache.org/Versions/v2/2.5/bugs/> for further details.
- Bump PORTREVISION

PR:		ports/73154
Submitted by:	Thomas-Martin Seck (maintainer)
2004-10-27 08:48:52 +00:00
Sergei Kolobov
0d50bf886c - Integrate a vendor patch that prevents squid from consuming 100%
CPU for half closed PUT/POST requests (squid bugs #354, 1096).
  See <http://www.squid-cache.org/Versions/v2/2.5/bugs/> for further
  details.
- Adapt the follow_xff patch to changes in some of squid's data
  structures and unbreak the WITH_SQUID_FOLLOW_XFF option.
- Bump PORTREVISION.

PR:		ports/72840
Submitted by:	Thomas-Martin Seck (maintainer)
2004-10-18 21:50:20 +00:00
Sergei Kolobov
fddce0995a - Update to 2.5-STABLE7; this release fixes a security issue regarding
the SNMP module
- Remove a patch that is now part of the distribution
- Miscellaneuous small fixes:
  + in squid.sh, make stop_command poll for the squid processes' exit in
    the rcNG case too; this eliminates the need to do this in restart_command
  + make the information regarding rcNG'ness in pkg-install easier to read
  + install unstripped binaries if WITH_SQUID_STACKTRACES is defined

PR:		ports/72581
Submitted by:	Thomas-Martin Seck (maintainer)
2004-10-13 09:43:48 +00:00
Sergei Kolobov
e580a3f878 - Unbreak fetching squid again:
The recently updated client_db_gc patch has been reissued again;
  according to squid CVS to "finetune the client db garbage collection
  interval".  Update distinfo accordingly and bump PORTREVISION.

PR:		ports/72461 [1], ports/72463 [2]
Submitted by:	Sunpoet Po-Chuan Hsieh <sunpoet@sunpoet.net> [1],
		Thomas-Martin Seck (maintainer) [2]
Approved by:	portsmgr (krion)
2004-10-11 07:43:34 +00:00
Sergei Kolobov
3d01017637 - Unbreak fetching:
The client_db_gc patch contained a wrong debugging information
  and was thus reissued by the vendor.
  Update distinfo accordingly and bump PORTREVISION.

PR:		ports/72387
Submitted by:	Thomas-Martin Seck (maintainer)
Approved by:	portsmgr (krion)
2004-10-07 08:42:16 +00:00
Sergey Matveychuk
e550e8984f Implement vendor patches for the following issues:
- try to prevent crashes of the digest helper (squid bug #1031)
- correct parsing of the acl_time directive when multiple time specifications
  are given (squid bug #1060)
- correct "cachemgr config" output for http_header_* directives
  (squid bug #1056)
- recognize the Content-Disposition header to be able to specify
  http_header_access directives using it (squid bug #961)

See <http://www.squid-cache.org/Versions/v2/2.5/bugs/> for further
information.

Reimplement the rcNG support. See UPDATING for details.

PR:		ports/71260
Submitted by:	maintainer
2004-09-02 06:44:14 +00:00
Sergey Matveychuk
e2f6b0ca88 Integrate vendor patches for the following issues:
- close a memory leak when NTLM authentication without challenge reuse
  is used (squid bug #994)
- close a temporary memory leak when NTLM challenge response reuse is
  enabled (squid bug #910)
- when performing log rotation with 'squid -k rotate' do not crash if a
  swap state file or a cache directory is unwriteable (squid bug #1053)

See <http://www.squid-cache.org/Versions/v2/2.5/bugs/> for further
information.

PR:		ports/71082
Submitted by:	maintainer
2004-08-28 20:51:36 +00:00
Kirill Ponomarev
8028c80a5a Fix grammatical and whitespace errors in squid.conf.default.
Set supplementary group membership correctly when running squid
as a non-root user and do not ignore the squid_group setting
when starting squid as root (squid bug #1021)

Enable the external_acl helper protocol to handle newlines
in the embedded data (squid bug #1038)

PR:		ports/70767
Submitted by:	maintainer
2004-08-21 12:28:56 +00:00
Sergey Matveychuk
eb5501ee79 * Integrate a vendor patch for a possible DOS against the NTLM
authentication helpers, see squid bug #1045.
* Bump PORTREVISION.

PR:		ports/70707
Submitted by:	maintainer
2004-08-20 13:54:30 +00:00
Kirill Ponomarev
3d6d174755 The ldap_helpers patch has been updated again; see squid bug
#1032 for details.

PR:		ports/70312
Submitted by:	maintainer
2004-08-11 19:18:07 +00:00
Kirill Ponomarev
a94913b8f8 Integrate new vendor patches:
- fix a problem in the heap policy code that could cause memory
  corruption when a {cache,memory}_replacement_policy other
  than the default "lru" was used (squid bug #1009)
- correct quoting of unknown % escape codes when generating
  error pages (squid bug #1030)

PR:		ports/70110
Submitted by:	maintainer
2004-08-07 19:28:16 +00:00
Edwin Groothuis
97f84449ec [Maintainer] www/squid: chase re-issued patch, unbreak fetching
The concurrent_dns_lookups patch was reissued, update distinfo accordingly.

    See <http://www.squid-cache.org/bugs/show_bug.cgi?id=852> for
    further information.

PR:		ports/69764
Submitted by:	Thomas-Martin Seck <tmseck@netcologne.de>
2004-07-29 23:08:51 +00:00
Kirill Ponomarev
b3013326ca - integrate a new version of the LDAP update patch, the
problems with the previous version are hopefully fixed (squid bug #1018)
- integrate a new NTLM authentication patch to address a problem with
  truncating NTLM authentication blobs (squid bug #1016)
- remove two patches which were withdrawn (see squid bugs #910
  and 994)

PR:		ports/69719
Submitted by:	maintainer
2004-07-28 18:56:48 +00:00
Ying-Chieh Liao
e4fe598071 Fix a bug that disallowed explicit unsetting of the squid_flags variable.
PR:		69670
Submitted by:	maintainer
2004-07-28 02:10:54 +00:00
Pav Lucistnik
06a88a1bdc - Tweaks to RC script
- Fix dynamic plist generation to not include files that happen to be
  in target directories. This prevents their removal on deinstallation
  or upgrade.

PR:		ports/69552, ports/69266
Submitted by:	Thomas-Martin Seck <tmseck@netcologne.de> (maintainer)
2004-07-25 16:30:43 +00:00
Sergey Matveychuk
3f9f552737 Remove ldap_helpers.patch
PR:		ports/69487 (partially)
Submitted by:	maintainer
2004-07-24 16:03:45 +00:00
Oliver Eikemeier
6ec189f5ab Remove squid-2.5.STABLE6-ldap_helpers.patch until it is fixed.
cf <http://www.squid-cache.org/bugs/show_bug.cgi?id=1018>

Do not bump PORTREVISION, since
a) ldap is not in the default configuration
b) we hope to have that fixed soon

PR:		69465
Submitted by:	Thomas-Martin Seck <tmseck@netcologne.de> (maintainer)
2004-07-23 12:25:45 +00:00
Kirill Ponomarev
3d889bf8d3 The ldap_helpers patch has been rerolled (a missing return
statement was inserted).

PR:		ports/69408
Submitted by:	maintainer
2004-07-22 06:09:05 +00:00
Kirill Ponomarev
8de79efa92 Integrate the following vendor patches as published on
http://www.squid-cache.org/Versions/v2/2.5/bugs/:

- fix a memory leak in client_db (squid bug #833)
- add delay pools information to cachemgr's active_requests
  page
- make basic authentication operate case insensitive by
  default, case sensitive operation can be enabled via
  squid.conf
- log if cache files cannot be created for some reason
- make sure that a HTTP HEAD request does not return stale data
- correctly log partial hits as TCP_MISS instead of TCP_HIT
- fix memory leaks within the NTLM authentication helper
- handle the request_header_max_size directive correctly
- avoid creating a large number of queued DNS lookups for the
  same domain in case of DNS problems
- update LDAP helper

PR:		ports/69307
Submitted by:	maintainer
2004-07-19 21:25:38 +00:00
Kirill Ponomarev
3868dabf56 Update to 2.5-STABLE6
PR:		ports/69060
Submitted by:	maintainer
2004-07-14 18:33:12 +00:00
Kirill Ponomarev
fb0a5a294e Fix the patch that simulates the autotools bootstrap for the
follow-xff-patchset (thanks to Michael Ranner for spotting the
problem and testing the fix). While at it, wordsmith the
comments in the patch.

Use the official patch for the NTLM auth helper vulnerability,
see <http://www.squid-cache.org/Versions/v2/2.5/bugs/> for
details.

Build install the SMB basic authentication helpers by default

PR:		ports/68448
Submitted by:	maintainer
2004-06-28 16:56:04 +00:00
Kirill Ponomarev
172c7ee0d0 Correct the patch for the NTLM helper vulnerability according
to <http://www.squid-cache.org/bugs/show_bug.cgi?id=998>

Apply some cleanups:
 + prefer PATCHDIR over FILEDIR when referring patches
 + remove unnecessary quotes
 + move all substitution tasks to the post-patch target
 + use "${FALSE}" instead of "exit 1" to generate error 1 from a shell

Bump PORTREVISION

PR:		ports/68078
Submitted by:	maintainer
2004-06-18 11:49:44 +00:00
Kirill Ponomarev
6aec40e423 - Support systems where pf(4) must be installed from ports (see
ports/67724, submitted by Michal F. Hanula)
- Change ": foo=${foo:=bar}" into "foo=${foo:-bar}" to make the
  shell scripts easier to read and understand
- Correct credits for the recently published NTLM auth
  vulnerability and fix a nearby braino, too
- Bump PORTREVISION

PR:		ports/67797
Submitted by:	maintainer
2004-06-10 15:40:44 +00:00
Dag-Erling Smørgrav
2f575987b5 Add a couple of patches, including one for a buffer overflow in the NTLM
authentication helper.

PR:		ports/67764
Submitted by:	maintainer
2004-06-09 20:34:00 +00:00