1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-23 04:23:08 +00:00
Commit Graph

157 Commits

Author SHA1 Message Date
Sergey Matveychuk
e550e8984f Implement vendor patches for the following issues:
- try to prevent crashes of the digest helper (squid bug #1031)
- correct parsing of the acl_time directive when multiple time specifications
  are given (squid bug #1060)
- correct "cachemgr config" output for http_header_* directives
  (squid bug #1056)
- recognize the Content-Disposition header to be able to specify
  http_header_access directives using it (squid bug #961)

See <http://www.squid-cache.org/Versions/v2/2.5/bugs/> for further
information.

Reimplement the rcNG support. See UPDATING for details.

PR:		ports/71260
Submitted by:	maintainer
2004-09-02 06:44:14 +00:00
Sergey Matveychuk
e2f6b0ca88 Integrate vendor patches for the following issues:
- close a memory leak when NTLM authentication without challenge reuse
  is used (squid bug #994)
- close a temporary memory leak when NTLM challenge response reuse is
  enabled (squid bug #910)
- when performing log rotation with 'squid -k rotate' do not crash if a
  swap state file or a cache directory is unwriteable (squid bug #1053)

See <http://www.squid-cache.org/Versions/v2/2.5/bugs/> for further
information.

PR:		ports/71082
Submitted by:	maintainer
2004-08-28 20:51:36 +00:00
Kirill Ponomarev
8028c80a5a Fix grammatical and whitespace errors in squid.conf.default.
Set supplementary group membership correctly when running squid
as a non-root user and do not ignore the squid_group setting
when starting squid as root (squid bug #1021)

Enable the external_acl helper protocol to handle newlines
in the embedded data (squid bug #1038)

PR:		ports/70767
Submitted by:	maintainer
2004-08-21 12:28:56 +00:00
Sergey Matveychuk
eb5501ee79 * Integrate a vendor patch for a possible DOS against the NTLM
authentication helpers, see squid bug #1045.
* Bump PORTREVISION.

PR:		ports/70707
Submitted by:	maintainer
2004-08-20 13:54:30 +00:00
Kirill Ponomarev
3d6d174755 The ldap_helpers patch has been updated again; see squid bug
#1032 for details.

PR:		ports/70312
Submitted by:	maintainer
2004-08-11 19:18:07 +00:00
Kirill Ponomarev
a94913b8f8 Integrate new vendor patches:
- fix a problem in the heap policy code that could cause memory
  corruption when a {cache,memory}_replacement_policy other
  than the default "lru" was used (squid bug #1009)
- correct quoting of unknown % escape codes when generating
  error pages (squid bug #1030)

PR:		ports/70110
Submitted by:	maintainer
2004-08-07 19:28:16 +00:00
Edwin Groothuis
97f84449ec [Maintainer] www/squid: chase re-issued patch, unbreak fetching
The concurrent_dns_lookups patch was reissued, update distinfo accordingly.

    See <http://www.squid-cache.org/bugs/show_bug.cgi?id=852> for
    further information.

PR:		ports/69764
Submitted by:	Thomas-Martin Seck <tmseck@netcologne.de>
2004-07-29 23:08:51 +00:00
Kirill Ponomarev
b3013326ca - integrate a new version of the LDAP update patch, the
problems with the previous version are hopefully fixed (squid bug #1018)
- integrate a new NTLM authentication patch to address a problem with
  truncating NTLM authentication blobs (squid bug #1016)
- remove two patches which were withdrawn (see squid bugs #910
  and 994)

PR:		ports/69719
Submitted by:	maintainer
2004-07-28 18:56:48 +00:00
Ying-Chieh Liao
e4fe598071 Fix a bug that disallowed explicit unsetting of the squid_flags variable.
PR:		69670
Submitted by:	maintainer
2004-07-28 02:10:54 +00:00
Pav Lucistnik
06a88a1bdc - Tweaks to RC script
- Fix dynamic plist generation to not include files that happen to be
  in target directories. This prevents their removal on deinstallation
  or upgrade.

PR:		ports/69552, ports/69266
Submitted by:	Thomas-Martin Seck <tmseck@netcologne.de> (maintainer)
2004-07-25 16:30:43 +00:00
Sergey Matveychuk
3f9f552737 Remove ldap_helpers.patch
PR:		ports/69487 (partially)
Submitted by:	maintainer
2004-07-24 16:03:45 +00:00
Oliver Eikemeier
6ec189f5ab Remove squid-2.5.STABLE6-ldap_helpers.patch until it is fixed.
cf <http://www.squid-cache.org/bugs/show_bug.cgi?id=1018>

Do not bump PORTREVISION, since
a) ldap is not in the default configuration
b) we hope to have that fixed soon

PR:		69465
Submitted by:	Thomas-Martin Seck <tmseck@netcologne.de> (maintainer)
2004-07-23 12:25:45 +00:00
Kirill Ponomarev
3d889bf8d3 The ldap_helpers patch has been rerolled (a missing return
statement was inserted).

PR:		ports/69408
Submitted by:	maintainer
2004-07-22 06:09:05 +00:00
Kirill Ponomarev
8de79efa92 Integrate the following vendor patches as published on
http://www.squid-cache.org/Versions/v2/2.5/bugs/:

- fix a memory leak in client_db (squid bug #833)
- add delay pools information to cachemgr's active_requests
  page
- make basic authentication operate case insensitive by
  default, case sensitive operation can be enabled via
  squid.conf
- log if cache files cannot be created for some reason
- make sure that a HTTP HEAD request does not return stale data
- correctly log partial hits as TCP_MISS instead of TCP_HIT
- fix memory leaks within the NTLM authentication helper
- handle the request_header_max_size directive correctly
- avoid creating a large number of queued DNS lookups for the
  same domain in case of DNS problems
- update LDAP helper

PR:		ports/69307
Submitted by:	maintainer
2004-07-19 21:25:38 +00:00
Kirill Ponomarev
3868dabf56 Update to 2.5-STABLE6
PR:		ports/69060
Submitted by:	maintainer
2004-07-14 18:33:12 +00:00
Kirill Ponomarev
fb0a5a294e Fix the patch that simulates the autotools bootstrap for the
follow-xff-patchset (thanks to Michael Ranner for spotting the
problem and testing the fix). While at it, wordsmith the
comments in the patch.

Use the official patch for the NTLM auth helper vulnerability,
see <http://www.squid-cache.org/Versions/v2/2.5/bugs/> for
details.

Build install the SMB basic authentication helpers by default

PR:		ports/68448
Submitted by:	maintainer
2004-06-28 16:56:04 +00:00
Kirill Ponomarev
172c7ee0d0 Correct the patch for the NTLM helper vulnerability according
to <http://www.squid-cache.org/bugs/show_bug.cgi?id=998>

Apply some cleanups:
 + prefer PATCHDIR over FILEDIR when referring patches
 + remove unnecessary quotes
 + move all substitution tasks to the post-patch target
 + use "${FALSE}" instead of "exit 1" to generate error 1 from a shell

Bump PORTREVISION

PR:		ports/68078
Submitted by:	maintainer
2004-06-18 11:49:44 +00:00
Kirill Ponomarev
6aec40e423 - Support systems where pf(4) must be installed from ports (see
ports/67724, submitted by Michal F. Hanula)
- Change ": foo=${foo:=bar}" into "foo=${foo:-bar}" to make the
  shell scripts easier to read and understand
- Correct credits for the recently published NTLM auth
  vulnerability and fix a nearby braino, too
- Bump PORTREVISION

PR:		ports/67797
Submitted by:	maintainer
2004-06-10 15:40:44 +00:00
Dag-Erling Smørgrav
2f575987b5 Add a couple of patches, including one for a buffer overflow in the NTLM
authentication helper.

PR:		ports/67764
Submitted by:	maintainer
2004-06-09 20:34:00 +00:00
Kirill Ponomarev
4a4309dcf3 - correct report of available cache memory for cache sizes >2GB
in cache.log (squid bug #570)
- correct the least-load store directory selection algorithm
  for the cache directories using the "ufs" storage scheme (squid bug #676)
- correct the type of the cacheCurrentUnlinkRequests SNMP variable
  (squid bug #946)
- include client IP addresses in debug output (squid bug #948)
- correct the HTML doctype for autogenerated FTP directory listings
  (squid bug #969)
- if no resolv.conf is present the dns_servers variable now defaults
  to 127.0.0.1 (squid bug #991)
- update the documentation of the MSNT basic authentication helper
  (squid bug #717)

PR:		ports/67495
Submitted by:	maintainer
2004-06-02 18:10:02 +00:00
Kirill Ponomarev
0a23fefe70 - Add new vendor patches:
+ clarify the meaning of the ERR keyword in digest authentication
  + correct a spelling error in the Turkish ERR_DNS_FAIL error page
    (squid bug #950)
  + fix a problem regarding negatively cached 404 replies with VARY: header
    (squid bug #616)
  + correct a parsing bug which rejected a 'range_offset_limit -1 KB'
    statement in squid.conf (squid bug #968)
- Bump PORTREVISION

PR:		ports/66139
Submitted by:	maintainer
2004-05-01 20:48:47 +00:00
Kirill Ponomarev
8f8d2bdf2a - Fix plist
- Bump PORTREVISION
- Clean up pkg-deinstall:
  + remove an unnecessary variable
  + replace rmdir -p with two distinct rmdir calls since we
    do not want to delete $PKG_PREFIX too if it happens to be empty

PR:		ports/65918
Submitted by:	maintainer
2004-04-28 19:49:18 +00:00
Kirill Ponomarev
f73dbe174b - Add a vendor patch to fix an assertion failure that could
occur in certain rare conditions involving aborted POST/PUT
  requests (squid bug #943)
- Bump PORTREVISION

PR:		ports/65776
Submitted by:	maintainer
2004-04-19 19:47:43 +00:00
Kirill Ponomarev
58564acf47 - integrate a vendor patch to fix a segfault that occured when
submitting a blank username in digest authentication (squid bug #954)
  and bump PORTREVISION
- follow Duane Wessel's squid book and use "storage scheme"
  instead of "store type"
- remove trailing whitespace
- no longer hardcode the path of the nologin binary in
  pkg-install and re-wrap pw(8)'s arguments for better readability

PR:		ports/65723
Submitted by:	maintainer
2004-04-18 17:04:26 +00:00
Kirill Ponomarev
88d0e9c804 - Integrate a vendor patch that fixes an assertion caused by
truncated DNS replies (squid bug #962)
- Bump PORTREVISION

PR:		ports/65458
Submitted by:	maintainer
2004-04-12 13:27:46 +00:00
Kirill Ponomarev
9a0e35fd7d - Integrate two new vendor patches, please see
<http://www.squid-cache.org/Versions/v2/2.5/bugs/> for details
- Correct OpenSSL support and, while at it, clean up CFLAGS and
  LDFLAGS handling (thanks to dinoex for lots of helpful advice!).
- better be safe than sorry and pass PTHREAD_CFLAGS through in
  case we are compiling with threads
- try to remove the errorpages directory silently since user
  defined directories might legitimately be present
- clean up shell scripting:
  + do not use too many variables
  + use /bin/sh's features instead of external commands

PR:		ports/65356
Submitted by:	maintainer
2004-04-09 18:54:13 +00:00
Pav Lucistnik
5f969ee8e0 - Integrate four new vendor patches applicable to FreeBSD, see
http://www.squid-cache.org/Versions/v2/2.5/bugs/ for details
- Fix OPTIONS parser to handle a default-to-on option correctly
  when either the portoptions file does not exist and/or is not read
  (i.e. the PACKAGE_BUILDING and BATCH cases)
- use IGNORE instead of .error to abort
- use ${ID} consistently
- inform the user of squid.sh's rcNG-ness when /etc/rc.subr is present
  at installation time
- bump PORTREVISION

PR:		ports/64946
Submitted by:	Thomas-Martin Seck <tmseck@netcologne.de> (maintainer)
2004-04-01 14:12:37 +00:00
Sergei Kolobov
a0c6cf9fc4 - update to squid-2.5.STABLE5, including two vendor patches issued so far
- provide more OPTIONS, including (untested) support for pf(4)
- integrate the follow-XFF-patch from devel.squid-cache.org (submitted by
  Michael Ranner), this should improve interaction with dansguardian
- use id 100 for the squid pseudo user instead of choosing the first free
  id greater than 3127, a behaviour introduced with PORTVERSION 2.5.4_6.
  Provide a 'changeuser' target to make migration from a high id to id 100
  possible (requested by Kris Kennaway)
- don't let the port CONFLICT with itself (criticized by Oliver Eikemeier)
- provide rcNG support in squid.sh only on systems with /etc/rc.subr

PR:		ports/64061
Submitted by:	Thomas-Martin Seck (maintainer)
2004-03-17 07:06:46 +00:00
Oliver Eikemeier
5db9646726 - Integrate a new set of vendor patches, see
http://www.squid-cache.org/Versions/v2/2.5/bugs/ for details
- Remove two local patches in favour of the respective vendor patches
- Bump PORTREVISION

PR:		63030
Submitted by:	Thomas-Martin Seck <tmseck@netcologne.de>
Obtained from:	http://www.squid-cache.org/Versions/v2/2.5/bugs/
2004-02-23 16:41:51 +00:00
Sergei Kolobov
429f7b8550 - integrate a new patch from squid-cache.org, see
http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE4-ftp_telnet
  for details
- integrate a patch by Glen Gibb to enable ARP based ACLs and make this an
  OPTION; see also http://www.squid-cache.org/bugs/show_bug.cgi?id=909
  for his original bug report
- integrate additional vendor patches
- make --enable-underscores an OPTION
- set a tighter ACL on libexec/pinger
- use $SQUID_USER and $SQUID_GROUP in pkg-install
- wordsmith comments
- bump PORTREVISION

PR:		ports/62442
Submitted by:	maintainer

- Fix checksum for updated errorpages patch

PR:		ports/62923
Submitted by:	Michal Pasternak <dotz@irc.pl>
Approved by:	maintainer
2004-02-17 11:07:18 +00:00
Sergei Kolobov
f7a539c509 - Update distinfo for the http_workarounds patch (again)
Please see http://www.squid-cache.org/bugs/show_bug.cgi?id=890 for details.
  Bump PORTREVISION
- Update to use new ports collection features:
  + USE_SIZE
  + use PORTDOCS and PLIST_FILES and extend the dynamic package list creation
    to include squid's icon files, too
  + move file and directory cleanup on deinstallation to pkg-deinstall
  + get rid of pkg-plist
  + use OPTIONS for the most commonly used options,
    leave SQUID_CONFIGURE_OPTIONS for more obscure options
- document known non-working features
- use lowercase for local variables
- other minor cleanups

PR:		ports/62222
Submitted by:	maintainer
2004-02-02 15:28:16 +00:00
Ying-Chieh Liao
8685074508 The http_workarounds.patch has been updated, update distinfo accordingly.
PR:		61595
Submitted by:	maintainer
2004-01-20 01:45:36 +00:00
Ying-Chieh Liao
8cbabeb774 - integrate another patch from squid-cache.org, see
http://www.squid-cache.org/Versions/v2/2.5/bugs/ for details
- cleanup dynamic plist generation:
  sort files, replace needlessly complex ex-scripting with a ${REINPLACE_CMD}
  one-liner
- integrate a patch to make the SMB-NTLM helper compile on 5.x and hook this
  helper up to the build (thanks to Stefano Tagliaferri for reporting the bug
  and testing the patch)
- bump PORTREVISION

PR:		61543
Submitted by:	maintainer
2004-01-19 03:03:11 +00:00
Sergei Kolobov
07a7de4337 - configure squid to run under a dedicated "squid" user by default; make use
of SQUID_{UID,GID} which other squid-related ports already implemented.
  The user/group will be created on the fly if they do not already exist.
- introduce WITH_SQUID_LDAP_AUTH to pull in the necessary bits to compile and
  use the ldap_auth helper
- install some more authentication helper applications by default
- install helper applications to ${PREFIX}/libexec/squid instead of
  ${PREFIX}/libexec, add notes about it in pkg-install and pkg-descr
- cleanup the pre-installation tasks and move them from Makefile and pkg-plist
  into the pkg-install script; make 'make install' and 'pkg_add' actually do
  the same thing
- introduce a pkg-deinstall script
- make squid.sh rcNG compatible (when either /etc/rc_subr or
  ${PREFIX}/etc/rc_subr is present, the first one will be used, otherwise the
  script will work as a "rc classic" script so no additional dependency on
  the rc_subr port should be needed)
- some Makefile cleanups:
  + the squid installation procedure now correctly strips binaries, so there
    is no need to do this manually anymore
  + generate those parts of pkg-plist dynamically that may be affected by user
    set tunables (currently the localized error pages and helper applications)
  + document the available configuration options in a slightly different style
  + remove some obsolete variable declarations and comments
  + honor NOPORTDOCS
- add CONFLICTS
- add another vendor patch, see
  http://www.squid-cache.org/bugs/show_bug.cgi?id=890 for a thorough
  explanation of what has been fixed.
- since we can no longer take the presence of Lithuanian error pages for
  granted, wrap the workaround for the errorpages.patch with '.if exists()'
- bump PORTREVISION

PR:		61315
Submitted by:	maintainer
2004-01-16 21:18:20 +00:00
Sergei Kolobov
be4fbdeab5 - Integrate another patch for the LDAP authentication helper
(see <http://www.squid-cache.org/Versions/v2/2.5/bugs/> for details)
- Correct MASTER_SITES:
  + fix URL for Melbourne University's ftp server
  + replace unreachable ftp mirror at Loughborough University with
    the one at LEO.org, Munich
- Bump PORTREVISION

PR:		61128
Submitted by:	maintainer
2004-01-09 17:19:32 +00:00
Sergei Kolobov
f34fe178a0 - Integrate a new patch issued by the squid development team
to correct the behaviour of the LDAP authentication helper wrt TLS,
  see <http://www.squid-cache.org/Versions/v2/2.5/bugs/> for details
- Reinstate the errorpages.patch and work around its partial brokenness
  by installing some Lithuanian error pages manually.
- Bump PORTREVISION

PR:		60950
Submitted by:	maintainer
2004-01-06 08:12:54 +00:00
Will Andrews
f86c3e7f09 Change maintainer to Thomas-Martin Seck.
Approved by:	adrian
2004-01-05 09:54:57 +00:00
Edwin Groothuis
a8f032a31d More patches for squid, to keep up to date with the squid distribution.
Submitted by:	Thomas-Martin Seck <tmseck@netcologne.de> (privately)
Approved by:	maintainer timeout (still)
2004-01-02 00:28:12 +00:00
Edwin Groothuis
0c807e28a4 Add more patch files for www/squid
PR:		ports/59091 (based on)
Submitted by:	Thomas-Martin Seck <tmseck@netcologne.de>
2003-12-30 09:22:31 +00:00
Edwin Groothuis
6596ca7372 Uncomment the lines I needed to test the port. Mea Culpa.
*grabs pointy hat*
2003-12-28 11:03:28 +00:00
Edwin Groothuis
23f0a346aa [PATCH] www/squid: update to 2.5-STABLE4 (+ vendor patches)
[...]
- Add 2.5-STABLE4 vendor patches
  - cache.log message on "squid -k reconfigure" confusing
  - digest auth never detects password changes
  - login with space confuses redirector helpers
  - FQDNcache discards negative responses when using internal DNS
  - Full details at http://www.squid-cache.org/Versions/v2/2.5/bugs/#STABLE4
[...]

PR:		ports/58090
Submitted by:	Jonathan Noack <noackj@concordiacrusaders.org>
Approved by: 	MAINTAINER TIMEOUT
2003-12-28 09:58:21 +00:00
Edwin Groothuis
888ac61430 [PATCH] www/squid: update to 2.5 STABLE 4
- Update to 2.5-STABLE4
	- plist is correct -- see ports/56392 for details on extra files

PR:		ports/56926
Submitted by:	Jonathan Noack <noackj@concordiacrusaders.org>
Approved by:	MAINTAINER TIMEOUT
2003-12-28 09:46:35 +00:00
Jun Kuriyama
6133b977dd o Allow to use $SQUID_CONFIGURE_ARGS in /etc/make.conf for additional
$CONFIGURE_ARGS.

No response from:	maintainer
2003-12-13 13:35:48 +00:00
Adrian Chadd
3104a509c0 .. add the missing file.
PR:		ports/54153
2003-07-27 08:45:40 +00:00
Adrian Chadd
30ebff3f31 Massive upgrade to 2.5-stable3. Thanks!
PR:		ports/54153
Submitted by:	Jon Noack <noackjr@alumni.rice.edu>
2003-07-27 08:45:11 +00:00
Adrian Chadd
f1257b0a60 Bring the squid-2.5 port up to 2.5.STABLE2.
Expect another few commits soon to improve features :)
2003-04-09 08:31:30 +00:00
Alexander Leidinger
9cabafdc76 Add vendor patches:
- fixes for some security issues
 - fixes for Samba 2.2.6 or later
 - fixes for OpenSSL 0.9.7 or later
 - performance fixes
 - reliability fixes
 - stability fixes
 - documentation fixes
 - fixes/improvements for OpenLDAP 2.1.x or later
 - ...

Have a look at http://www.squid-cache.org/Versions/v2/2.5/bugs/ for a
more detailed description.

Maintainer timeout after:	~3 months
Submitted by:	marius@alchemy.franken.de
Approved by:	kris
2003-03-09 10:59:07 +00:00
Ade Lovett
7e52725f2a Clear moonlight beckons.
Requiem mors pacem pkg-comment,
And be calm ports tree.

E Nomini Patri, E Fili, E Spiritu Sancti.
2003-03-07 06:14:21 +00:00
Adrian Chadd
2314294cfd Grab the patch against squid24 from a PR..
PR:		42747
2003-01-31 09:02:49 +00:00
Sean Chittenden
c3076efeb3 Document the configure argument for reverse SSL proxies. 2003-01-02 20:21:40 +00:00