CPU for half closed PUT/POST requests (squid bugs #354, 1096).
See <http://www.squid-cache.org/Versions/v2/2.5/bugs/> for further
details.
- Adapt the follow_xff patch to changes in some of squid's data
structures and unbreak the WITH_SQUID_FOLLOW_XFF option.
- Bump PORTREVISION.
PR: ports/72840
Submitted by: Thomas-Martin Seck (maintainer)
the SNMP module
- Remove a patch that is now part of the distribution
- Miscellaneuous small fixes:
+ in squid.sh, make stop_command poll for the squid processes' exit in
the rcNG case too; this eliminates the need to do this in restart_command
+ make the information regarding rcNG'ness in pkg-install easier to read
+ install unstripped binaries if WITH_SQUID_STACKTRACES is defined
PR: ports/72581
Submitted by: Thomas-Martin Seck (maintainer)
- try to prevent crashes of the digest helper (squid bug #1031)
- correct parsing of the acl_time directive when multiple time specifications
are given (squid bug #1060)
- correct "cachemgr config" output for http_header_* directives
(squid bug #1056)
- recognize the Content-Disposition header to be able to specify
http_header_access directives using it (squid bug #961)
See <http://www.squid-cache.org/Versions/v2/2.5/bugs/> for further
information.
Reimplement the rcNG support. See UPDATING for details.
PR: ports/71260
Submitted by: maintainer
Set supplementary group membership correctly when running squid
as a non-root user and do not ignore the squid_group setting
when starting squid as root (squid bug #1021)
Enable the external_acl helper protocol to handle newlines
in the embedded data (squid bug #1038)
PR: ports/70767
Submitted by: maintainer
- Fix dynamic plist generation to not include files that happen to be
in target directories. This prevents their removal on deinstallation
or upgrade.
PR: ports/69552, ports/69266
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer)
follow-xff-patchset (thanks to Michael Ranner for spotting the
problem and testing the fix). While at it, wordsmith the
comments in the patch.
Use the official patch for the NTLM auth helper vulnerability,
see <http://www.squid-cache.org/Versions/v2/2.5/bugs/> for
details.
Build install the SMB basic authentication helpers by default
PR: ports/68448
Submitted by: maintainer
to <http://www.squid-cache.org/bugs/show_bug.cgi?id=998>
Apply some cleanups:
+ prefer PATCHDIR over FILEDIR when referring patches
+ remove unnecessary quotes
+ move all substitution tasks to the post-patch target
+ use "${FALSE}" instead of "exit 1" to generate error 1 from a shell
Bump PORTREVISION
PR: ports/68078
Submitted by: maintainer
ports/67724, submitted by Michal F. Hanula)
- Change ": foo=${foo:=bar}" into "foo=${foo:-bar}" to make the
shell scripts easier to read and understand
- Correct credits for the recently published NTLM auth
vulnerability and fix a nearby braino, too
- Bump PORTREVISION
PR: ports/67797
Submitted by: maintainer
<http://www.squid-cache.org/Versions/v2/2.5/bugs/> for details
- Correct OpenSSL support and, while at it, clean up CFLAGS and
LDFLAGS handling (thanks to dinoex for lots of helpful advice!).
- better be safe than sorry and pass PTHREAD_CFLAGS through in
case we are compiling with threads
- try to remove the errorpages directory silently since user
defined directories might legitimately be present
- clean up shell scripting:
+ do not use too many variables
+ use /bin/sh's features instead of external commands
PR: ports/65356
Submitted by: maintainer
- provide more OPTIONS, including (untested) support for pf(4)
- integrate the follow-XFF-patch from devel.squid-cache.org (submitted by
Michael Ranner), this should improve interaction with dansguardian
- use id 100 for the squid pseudo user instead of choosing the first free
id greater than 3127, a behaviour introduced with PORTVERSION 2.5.4_6.
Provide a 'changeuser' target to make migration from a high id to id 100
possible (requested by Kris Kennaway)
- don't let the port CONFLICT with itself (criticized by Oliver Eikemeier)
- provide rcNG support in squid.sh only on systems with /etc/rc.subr
PR: ports/64061
Submitted by: Thomas-Martin Seck (maintainer)
http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE4-ftp_telnet
for details
- integrate a patch by Glen Gibb to enable ARP based ACLs and make this an
OPTION; see also http://www.squid-cache.org/bugs/show_bug.cgi?id=909
for his original bug report
- integrate additional vendor patches
- make --enable-underscores an OPTION
- set a tighter ACL on libexec/pinger
- use $SQUID_USER and $SQUID_GROUP in pkg-install
- wordsmith comments
- bump PORTREVISION
PR: ports/62442
Submitted by: maintainer
- Fix checksum for updated errorpages patch
PR: ports/62923
Submitted by: Michal Pasternak <dotz@irc.pl>
Approved by: maintainer
http://www.squid-cache.org/Versions/v2/2.5/bugs/ for details
- cleanup dynamic plist generation:
sort files, replace needlessly complex ex-scripting with a ${REINPLACE_CMD}
one-liner
- integrate a patch to make the SMB-NTLM helper compile on 5.x and hook this
helper up to the build (thanks to Stefano Tagliaferri for reporting the bug
and testing the patch)
- bump PORTREVISION
PR: 61543
Submitted by: maintainer
of SQUID_{UID,GID} which other squid-related ports already implemented.
The user/group will be created on the fly if they do not already exist.
- introduce WITH_SQUID_LDAP_AUTH to pull in the necessary bits to compile and
use the ldap_auth helper
- install some more authentication helper applications by default
- install helper applications to ${PREFIX}/libexec/squid instead of
${PREFIX}/libexec, add notes about it in pkg-install and pkg-descr
- cleanup the pre-installation tasks and move them from Makefile and pkg-plist
into the pkg-install script; make 'make install' and 'pkg_add' actually do
the same thing
- introduce a pkg-deinstall script
- make squid.sh rcNG compatible (when either /etc/rc_subr or
${PREFIX}/etc/rc_subr is present, the first one will be used, otherwise the
script will work as a "rc classic" script so no additional dependency on
the rc_subr port should be needed)
- some Makefile cleanups:
+ the squid installation procedure now correctly strips binaries, so there
is no need to do this manually anymore
+ generate those parts of pkg-plist dynamically that may be affected by user
set tunables (currently the localized error pages and helper applications)
+ document the available configuration options in a slightly different style
+ remove some obsolete variable declarations and comments
+ honor NOPORTDOCS
- add CONFLICTS
- add another vendor patch, see
http://www.squid-cache.org/bugs/show_bug.cgi?id=890 for a thorough
explanation of what has been fixed.
- since we can no longer take the presence of Lithuanian error pages for
granted, wrap the workaround for the errorpages.patch with '.if exists()'
- bump PORTREVISION
PR: 61315
Submitted by: maintainer
This now means that 'stop' as an argument works correctly, and doesn't
end up having squid restarted.
I've added some sleep code to wait for squid to complete its shutdown,
but I have commented it out for the time being as I don't know whether
its good practice to have your machine sleep during shutdown.
I'll research it some more. :)
options `start' and `stop' now (unless I have forgotten any). This allows
us to call the scripts from /etc/rc.shutdown with the correct option.
The (42 or so) ports that already DTRT before are unchanged.
Note: the b14 -> b15 change will loose your cache unless you take
the steps on http://squid.nlanr.net/ to recover it.
Read the Changelog for details, this is a fairly large update.
