kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
91609 commits 166 branches 0 tags 1.5 GiB
Commit graph

227 commits

Author SHA1 Message Date
joerg
d868ab2791 Comment out an unused function, which takes FILE (!) as parameter, 
breaking the build on DragonFly.
 2005-12-30 14:37:38 +00:00
jlam
dc9594e09d Remove USE_PKGINSTALL from pkgsrc now that mk/install/pkginstall.mk 
automatically detects whether we want the pkginstall machinery to be
used by the package Makefile.
 2005-12-29 06:21:30 +00:00
taca
3df9b5e52f - Sort PKG_SUPPORTED_OPTIONS. 
- Fix configure's artument to meet "arp-acl" PKG_OPTION.
- Make "aufs" PKG_OPTION really work which noted by PR pkg/32314 from
  Wolfgang Stukenbrock.
 2005-12-23 15:37:41 +00:00
rillig
579e977969 Ran "pkglint --autofix", which corrected some of the quoting issues in 
CONFIGURE_ARGS.
 2005-12-05 23:55:01 +00:00
taca
ea24b4f961 - Add "carp" and "unlinkd" option which are enabled on default. 
"unlinkd" option is propsed from Dave Sainty by private mail.
- Change "perl:run" to "perl" in USE_TOOLS since perl is used at build time.
- Quiet pkglint; changing make macro in double quotation into :Q modifier.

Bump PKGREVISION.
 2005-12-05 14:06:03 +00:00
taca
5b3c9817ff Use official patch instead of temporary one. 
2005-10-26 20:31 (Minor) fails to compile with undefined reference to setenv

Bump PKGREVISION.
 2005-10-31 09:53:41 +00:00
taca
2787a2cbc1 Add a patch to compile on SunOS from squid's bugzilla. 
Bump PKGREVISION.
 2005-10-25 14:05:22 +00:00
taca
81c518753b Update squid package to 2.5.12 (squid-2.5.STABLE12). 
Changes to squid-2.5.STABLE12 (22 Oct 2005)

	- [Major] Error introduced in 2.5.STABLE11 causing truncated responses
	  when using delay pools (Bug #1405)
	- [Cosmetic] Document that tcp_outgoing_* works badly in combination
	  with server_persistent_connections (Bug #454)
	- [Cosmetic] Add additinal tracing to squid_ldap_auth making
	  diagnostics easier on squid_ldap_auth configuration errors
	  (Bug #1395)
	- [Minor] $HOME not set when started as root (Bug #1401)
	- [Minor] httpd_accel_single_host breaks in combination with
	  server_persistent_connections (Bug #1402)
	- [Cosmetic] Setting CACHE_HTTP_PORT to configure was only partially
	  implemented, effectively ignored. (Bug #1403)
	- [Minor] CNAME based DNS addresses could get cached for longer
	  than intended (Bug #1404)
	- [Minor] Incorrect handling of squid-internal-dynamic/netdb exchanges
	  in transparently intercepting proxies (Bug #1410).
	- [Minor] Cache revalidations on HEAD requests causing poor cache
	  hit ratio (Bug #1411).
	- [Minor] Not possible to send 302 redirects via a redirector in
	  response to CONNECT requests (bug #1412)
	- [Minor] Incorrect handling of Set-Cookie on cache refreshes (Bug
	  #1419)
	- [Major] Segmentation fault crash in rfc1738_do_escape (Bug #1426)
	- [Minor] Delay pools class 3 fails on clients in network 255
	  (Bug #1431)
 2005-10-23 22:32:32 +00:00
taca
d4cdc85e5f Update squid package to 2.5.11 (2.5.STABLE11 + official 6 patches). 
o pkgsrc changes: change DIST_SUBDIR to ${PKGNAME_NOREV} only (stop
  using time stamp) since squid's patches are provided with revision
  if updated.


o official patches:

* 2005-09-28 21:52 (Minor) CNAME adresses remembered with wrong TTL
* 2005-09-28 21:16 (Cosmetic) Defining CACHE_HTTP_PORT does not set
				the default http_port
* 2005-09-28 21:07 (Minor) httpd_accel_single_host breaks in combination
				with server_persistent_connections
* 2005-09-28 21:07 (Cosmetic) More tracing in test mode of squid_ldap_auth
* 2005-09-28 21:07 (Cosmetic) Document that tcp_outgoing_xxx works badly
			in combination with server_persistent_connections
* 2005-09-27 22:29 (Major) Truncated responses when using delay pools


o changes from 2.5.10; most of them are already included in squid 2.5.10nb5
  package

Changes to squid-2.5.STABLE11 (22 Sep 2005)

	- [Minor] Workaround for servers sending double content-length headers
	  (Bug #1305)
	- [Cosmetic] Updated Spanish error messages by Nicolas Ruiz
	- [Cosmetic] Date header corrected on internal objects (icons etc)
	  (Bug #1275)
	- [Minor] squid -k fails in combination with chroot after patch for
	  bug 1157 (Bug #1307)
	- [Cosmetic] Segmentation fault if compiled with
	  --enable-ipf-transparent but denied access to the NAT device.
	  (Bug #1313)
	- [Minor] httpd_accel_signle_host incompatible with redireection
	  (Bug #1314)
	- [Minor] squid -k reconfigure internal corruption if the type of
	  a cache_dir is changed (Bug #1308)
	- [Minor] SNMP GETNEXT fails if the given OID is outside the Squid MIB
	  (Bug #1317)
	- [Minor] Title in FTP listings somewhat messed up after previous
	  patch for bug 1220 (Bug #1220)
	- [Minor] FTP listings uses "BASE HREF" much more than it needs to,
	  confusing authentication. (Bug #1204)
	- [Minor] winfo_group.pl only looked for the first group if multiple
	  groups were defined in the same acl. (Bug #1333)
	- [Cosmetic] Compiler warnings on some 64-bit platforms (Bug #1316)
	- [Cosmetic] Removed some debug output from wb_ntlm_atuh (Bug #518)
	- [Cosmetic] The new --with-build-environment=... option doesn't work
	- [Cosmetic] New 'mail_program' configuration option in squid.conf
	- [Minor] Fails to compile with ip-filter and ARP support on Solaris
	  x86 (Bug #199)
	- [Major] Segmentation fault in sslConnectTimeout (Bug #1355)
	- [Medium] assertion failed in StatHist.c:93  (Bug #1325)
	- [Minor] More chroot_dir and squid -k reconfigure issues (Bug #1331)
	- [Cosmetic] Invalid URLs in error messages when failing to connect
	  to peer, and a few other inconsistent error messages (Bug #1342)
	- [Cosmetic] Fails to compile with glibc -D_FORTIFY_SOURCE=2
	  (Bug #1344)
	- [Minor] Some odd FTP servers respond with 250 where 226 is expected
	  (Bug #1348)
	- [Cosmetic] Greek translation of error messages (Bug #1351)
	- [Major] Assertion failed store_status == STORE_PENDING (Bug #1368)
	- [Minor] squid_ldap_auth -U does not work (Bug #1370)
	- [Minor] SNMP cacheClientTable fails on "long" IP addresses
	  (Bug #1375)
	- [Minor] Solaris Sparc + IP-Filter compile error (Bug #1374)
	- [Minor] E-mail sent when cache dies is blocked from many antispam
	  rules (Bug #1380)
	- [Minor] LDAP helpers does not work with TLS (-Z option) (Bug #1389)
	- [Cosmetic] Incorrect store dir selection debug message on objects
	  larger than 2Gigabyte (Bug #1343)
	- [Cosmetic] header_id enum misused as an signed integer (Bug #1343)
	- [Cosmetic] Allow leaving core dumps when started as root (Bug #1335)
	- [Medium] Clients could bypass delay_pool settings by faking a cache
	  hit request (Bug #500)
	- [Minor] IP-Filter 4.X support (Bug #1378)
	- [Medium] Odd results on pipelined CONNECT requests
	- [Major] Squid crashing with "FATAL: Incorrect scheme in auth header"
	  when using NTLM authentication.
	- [Cosmetic] Odd results when pipeline_prefetch is combined with NTLM
	  authentication (bug #1396)
	- [Minor] invalid host was processed as IP 255.255.255.255 in dst acl
	  (Bug #1394)
	- [Cosmetic] New --with-maxfd=N configure option to override build
	  time filedescriptor limit test
	- [Minor] Added support for Windows code name "Longhorn" on Cygwin.
 2005-10-09 14:47:55 +00:00
taca
181781b587 Update squid package to squid-2.5.10nb5. 
Three new official patches are added.

o 2005-09-19 15:50 (Cosmetic) --with-maxfd=N configure option to override
			      max filedescriptors test
o 2005-09-16 21:58 (Minor) invalid host is processed as IP 255.255.255.255
			   in dst acl
o 2005-09-16 21:49 (Cosmetic) Odd results when pipeline_prefetch is combined
			      with NTLM authentication

One official patch was updated.

o 2005-09-20 12:29 (Major) FATAL: Incorrect scheme in auth header
 2005-09-21 15:06:07 +00:00
taca
4188f4fdb0 The latest official patch updated to make NTLM authentication work again. 
Bump PKGREVISION.
 2005-09-16 14:19:00 +00:00
taca
3a41160487 Update squid package to 2.5.10nb3. 
- pkgsrc update:

o s/SQUID_BACKEND/SQUID_BACKENDS/ as suggested by pkglint.
o Fix leaving ${PREFIX}/etc/squid/msntauth.conf.default out of PLIST.
o IP Filter related patches are incorporated to squid.


- Add/update official patches:

o 2005-09-15 11:15 (Major) FATAL: Incorrect scheme in auth header
o 2005-09-15 09:56 (Medium) Odd results on pipelined CONNECT requests
o 2005-09-13 23:59 (Minor) Transparent proxy problem with IP Filter
o 2005-09-11 01:53 (Medium) Clients bypassing delay pools by faking a cache
  hit
o 2005-09-11 01:42 (Cosmetic) Allow leaving core dumps on Linux
o 2005-09-11 01:21 (Cosmetic) enums can not be assumed to be signed ints
o 2005-09-11 01:21 (Cosmetic) Incorrect store dir selection debug message on
  objects >2G
o 2005-09-11 00:57 (Minor) LDAP helpers does not work with TLS (-Z option)
 2005-09-15 15:40:47 +00:00
taca
5ed8b5eb1e Update squid package to 2.5.10nb2. 
- pkgsrc changes: check IP filter's header file <ipl.h> as well as
		  <netinet/ipl.h>.

- Apply recent official patches including a security fix for DoS noted by
  http://secunia.com/advisories/16674/

* 2005-09-03 09:41 (Minor) E-mail sent when cache dies is blocked from many
			   antispam rules
* 2005-09-03 09:41 (Minor) Solaris 10 SPARC transparent proxy build problem
			   with ipfilter
* 2005-09-01 22:57 (Minor) snmo cacheClientTable fails on "long" IP addresses
* 2005-09-01 22:49 (Minor) squid_ldap_auth -U does not work
* 2005-09-01 22:44 (Major) assertion failed:
			   store.c:523: "e->store_status == STORE_PENDING"
* 2005-09-01 22:39 (Cosmetic) Greek translation of error messages
* 2005-09-01 22:31 (Minor) Some odd FTP servers respond with 250
			   where 226 is expected
* 2005-09-01 22:26 (Cosmetic) Fails to compile with glibc -D_FORTIFY_SOURCE=2
* 2005-09-01 22:18 (Cosmetic) Odd URLs when failing to forward request via
			      parent and several error messages inconsistent
			      in reported request details
* 2005-09-01 22:09 (Minor) More chroot_dir and squid -k reconfigure issues
* 2005-09-01 21:56 (Medium) assertion failed:
	StatHist.c:93: ((int) floor (0.99L + statHistVal(H, 0) - min)) == 0
* 2005-09-01 20:27 (Major) Segmentation fault in sslConnectTimeout
* 2005-08-19 09:31 (Minor) sync redeclarations when support for ARP acls
* 2005-08-14 17:05 (Cosmetic) New 'mail_program' configuration option in
			      squid.conf
 2005-09-04 05:07:05 +00:00
rillig
7a95adad42 The real user name in PKG_USERS does not need to be escaped with double 
backslashes anymore. A single backslash is enough. Changed the
definition in all affected packages. For those that are not caught, an
additional check is placed into bsd.pkginstall.mk.
 2005-08-23 11:48:47 +00:00
taca
6f17a6aa86 - Add missing optional installed files. 
- Slightly simplify installation of example configurations.
- Add official patches.

* 2005-07-11 00:46 (Cosmetic) The new --with-build-environment=...
				option doesn't work
* 2005-07-09 08:58 (Cosmetic) Allow wb_ntlm_auth to run more silent
* 2005-07-03 08:24 (Cosmetic) "make all" gives many warnings
* 2005-06-29 20:36 (Minor) wbinfo_group.pl only looks into the first
				group specified
* 2005-06-21 22:28 (Minor) FTP listings uses "BASE HREF" much more than
				it needs to,
* 2005-06-22 10:46 (Cosmetic) Title in FTP listings somewhat messed up
* 2005-06-19 21:03 (Minor) SNMP GETNEXT fails if the given OID is
				outside the Squid MIB
* 2005-06-19 09:39 (Minor) squid -k reconfigure internal corruption
				if the type of a cache_dir is changed
* 2005-06-13 22:55 (Minor) httpd_accel_signle_host incompatible
				with redireection
* 2005-06-30 08:49 (Minor) Core dump with --enable-ipf-transparent
				if access to NAT device not granted
* 2005-06-27 21:24 (Minor) squid -k fails in combination with chroot
				after patch for bug 1157
* 2005-06-09 08:01 (Minor) Squid internal icons served up with slightly
				incorrect HTTP headers
* 2005-06-06 21:38 (Cosmetic) Updated Spanish error messages

Bump PKGREVISION.
 2005-08-09 15:48:29 +00:00
jlam
e26a9ed756 Drop support for TOOLS_DEPMETHOD.<tool>. The new way to specify a 
run-time dependency (DEPENDS) on a tool is to append a ":run" modifier
to the tool name, e.g.,

	USE_TOOLS+=	perl:run

Tools without modifiers or with an explicit ":build" modifier will
cause build dependencies (BUILD_DEPENDS) on those tools to be added.
This makes the notation a bit more compact.
 2005-07-15 20:14:02 +00:00
taca
723d67dc4e - Fix build problem with IP Filter prior to 4.0; NetBSD 1.6.2. 
- Avoid use of ":ts" modifier of make(1) since NetBSD 1.6.2's make(1)
  dosen't support it.  It might be fix "diskd" PKG_OPTION problem, too.
- Remove extra "--enable-async-io" configure option.

No PKGREVISION change.
 2005-06-07 14:19:10 +00:00
taca
46585ebaaf Add ipf-transparent to PKG_SUGGESTED_OPTIONS only if it is included in 
PKG_SUPPORTED_OPTIONS.  Noted by OBATA Akio with private mail.
 2005-06-06 01:51:13 +00:00
taca
cf4dc39b61 Update squid package to 2.5.10 
* squid 2.5.STABLE10 + official + one official patch.

    - 2005-05-25 23:01 (Cosmetic) Double content-length often harmless

  Other fixes are already done by official patches for squid 2.5.STABLE9.

* Add missing cachemgr.cgi.8 to PLIST.
* Introduce options.mk which may need to be brushed more.
* Drop support for diskd on Darwin since diskd needs System V msg function
  which dosen't supported on Darwin.
* Real fix for transparent proxy with IP Filter, fix PR pkg/30085.
 2005-06-05 14:20:25 +00:00
jlam
48781afdbb For packages that use GNU configure, don't bother adding "TOOL" 
variables into CONFIGURE_ENV if the new tools framework already takes
care of adding them automatically.
 2005-05-22 05:35:32 +00:00
taca
ff7d20926e Update squid package to 2.5.9nb11. 
Apply 9 official fixes including security improvement in DNS lookup.

I still disable transparent_port.patch because it needs a missing header
file of IP Filter.  NetBSD current and 3.0_BETA already fixed this problem
but still netbsd-2/2-0 branches.  I will apply it after netbsd-2/2-0
branches fix this problem.  (And this fix needs to update squid package
to 2.5.STABLE10 which is RC3 now.)

* 2005-05-10 23:11 (Cosmetic)
		Extended documentation of the always_direct directive

* 2005-05-10 22:33 (Medium)
		assertion failed: store_client.c:343:
		"storeSwapOutObjectBytesOnDisk(mem) > sc->copy_offset"

* 2005-05-11 19:19 (Security issue)
		DNS lookups unreliable on untrusted networks

* 2005-05-09 01:51 (Minor)
		Allow dstdomain and dstdom_regex to match IP based hosts

* 2005-05-08 14:01 (Cosmetic) Minor arp ACL improvements

* 2005-05-04 18:09 (Minor)
		SNMP Agent updates to support SNMP Version 2 and bulk requests

* 2005-05-01 10:58 (Cosmetic) Cosmetic change to DISKD statistics

* 2005-04-30 12:58 (Medium)
		Poor hot object cache hit ratio and sporadic assertion
		failed: store_swapin.c: e->mem_status == NOT_IN_MEMORY

* 2005-04-25 16:36 (Cosmetic) Minor aufs improvements
 2005-05-12 16:09:48 +00:00
reed
ee8be9d0c1 RCD_SCRIPTS_EXAMPLEDIR is no longer customizable. 
And always is defined as share/examples/rc.d
which was the default before.

This rc.d scripts are not automatically added to PLISTs now also.
So add to each corresponding PLIST as required.

This was discussed on tech-pkg in late January and late April.

Todo: remove the RCD_SCRIPTS_EXAMPLEDIR uses in MESSAGES and elsewhere
and remove the RCD_SCRIPTS_EXAMPLEDIR itself.
 2005-05-02 20:33:57 +00:00
taca
805f8ace86 Disable squid-2.5.STABLE9-transparent_port.patch since it is broken with 
IP Filter 4.1 and later.  (It has no problem on IP Filter 3.x, but it is
difficult apply it conditionally with IP Filter's version.)

This apparently fix PR pkg/30085.  But note, Squid's transparent proxy
with IP Filter dosen't work.  It is worked without IP Filter's NAT process.
So, web acceess through squid may fail for HTTP 1.0 client which dosen't
send Host header.

Bump PKGREVISION (squid-2.5.9nb10).
 2005-05-01 23:17:49 +00:00
taca
433471a6b1 squid package maintainous. 
- Fix bad PID directory of squid binary introduced by previous pkgsrc.
- Update DIST_SUBDIR through DIST_STAMP since some of patch files
  are updated.
- Fix error in doc/Makefile with nbmake.
- Newer patch (aufs improvement) aren't included now.

Bump PKGREVISION.
 2005-04-26 16:19:43 +00:00
taca
e57babd9e7 Add new four official patches. 
o 2005-04-23 01:38 (Minor Security)
	Fix for CVE-1999-0710: cachemgr malicouse use
o 2005-04-22 20:48 (Cosmetic) PID file check fails when chrooting
o 2005-04-24 16:35 (Minor)
	Make the use of the %m error page to return auth info messages
o 2005-04-22 20:21 (Minor)
	Unrecognized cache-control directives are silently dropped

pkgsrc change.

- remove aufs from store I/O backend until it controlled by options.mk
  frame work.
- remove patch-cd; it is covered by squid-2.5.STABLE9-transparent_port.patch.

Bump PKGREVISION.
 2005-04-25 15:39:13 +00:00
taca
be324c7a54 Update squid package to squid-2.5.9nb7. 
o 2005-04-21 10:31 (Cosmetic)
	Correctly read DOS/Windows formatted config files with CRLF as
	line terminator
o 2005-04-20 21:55 (Minor) Unable to run "squid -k" when hostname cannot
	be determined
o 2005-04-20 21:55 (Minor) fix transparent proxying when squid listens
	on NATed non-80 port
o 2005-04-21 10:46 (Cosmetic) Missing newlines in debug statements
o 2005-04-20 21:36 (Cosmetic) Error template substitution for
	authenitcated user name

Because of update of squid-2.5.STABLE9-2GB.patch, DIST_SUBDIR updated again.
 2005-04-21 15:49:53 +00:00
taca
e487b00f22 Two of offcial patches are updated. 
- squid-2.5.STABLE9-LDAP_SUN_SDK.patch
	- squid-2.5.STABLE9-2GB.patch

Bump PKGREVISION.
 2005-04-20 00:55:41 +00:00
taca
b1f706bfa8 Update squid package to 2.5.9nb5. 
* Add one more offcial patch:

    - 2005-04-05 23:05 (Cosmetic) should syslog to daemon facility not local4

* One patch updated, so update DIST_SUBDIR through DIST_STAMP change.

* Add aufs to --enable-storeio configuration.

TODO:	use <bsd.options.mk> frame work and allow to use
	--enable-pf-transparent which is mutual exclusive parameter
	with --enable-ipf-transparent.
 2005-04-19 15:14:31 +00:00
tv
f816d81489 Remove USE_BUILDLINK3 and NO_BUILDLINK; these are no longer used. 2005-04-11 21:44:48 +00:00
tron
4d3ec6dc8a "squid-2.5.STABLE9-2GB.patch" was updated again. Update checksum, 
use different sub directory and bump package revision.
 2005-04-04 14:16:08 +00:00
taca
b0cd9a46c1 Oops, I forgot the update of DIST_STAMP just before. 2005-04-04 01:35:22 +00:00
taca
5e298c11b5 One of official patch has been updated. 
* 2005-04-04 00:19 (Medium)
	Fails to process requests for files larger than 2GB in size

Since the name of the patch file is the same as before, DIST_SUBDIR has
been udpated via DIST_STAMP.

Bump PKGREVISION.
 2005-04-04 01:12:37 +00:00
taca
8e27bc7b0c Update squid packate to 2.5.9nb2. 
Add these official patches:

* 2005-03-30 22:51 (Cosmetic)
	external acls requiring authentication does not request new
	credentials on access denials like proxy_auth does.
* 2005-03-29 09:52 (Cosmetic)
	New cachemgr pending_objects and client_objects actions
* 2005-03-26 23:53 (Minor) rename() related cleanup
* 2005-03-30 22:51 (Medium)
	Fails to process requests for files larger than 2GB in size
* 2005-03-19 23:57 (Cosmetic)
	aufs warning about open event filedescriptors on shutdown
* 2005-03-19 01:35 (Minor) --disable-hostname-checks not working
* 2005-03-19 01:11 (Cosmetic) LDAP helpers fails to compile with SUN LDAP SDK
* 2005-03-21 20:44 (Minor)
	CONNECT requests truncated if client side disconnects first
	assertion failed: comm.c:430: "ntohs(address->sin_port) != 0"
* 2005-03-19 00:25 (Minor)
	Basic authentication fails with very long logins or password
* 2005-03-29 08:45 (Minor) Several minor aufs issues
* 2005-03-09 15:46 (Cosmetic)
	Extend relaxed_header_parser to work around "excess data from"
	errors from many major web servers.
* 2005-03-09 15:46 (Cosmetic)
	Duplicate content-length headers logged as conflicting with
	relaxed_header_parser off
* 2005-03-09 15:46 (Cosmetic)
	Defer digest fetch if the peer is not allowed to be used
* 2005-03-10 23:38 (Minor) Incorrect use of ctype functions
* 2005-03-15 04:27 (Minor) compile warnings due to pid_t not being an int
* 2005-03-09 15:46 (Minor)
	bzero is a non-standard function not available on all platforms
* 2005-03-09 15:46 (Cosmetic)
	Check several squid.conf directives for int overflows
* 2005-03-09 15:46 (Cosmetic) Clarify delay_access function
* 2005-03-09 15:46 (Minor)
	reload_into_ims fails to revalidate negatively cached entries
* 2005-03-09 15:46 (Minor) Handle odd date formats
 2005-03-31 16:44:25 +00:00
taca
b47fbffcd6 Update squid to 2.5.9nb1. 
* 2005-03-04 22:48 (Cosmetic Security)
	Unexpected access control results on configuration errors

* 2005-03-04 11:55 (Minor)
	Links in FTP listings without / fails due to missing BASE HREF

* 2005-03-04 11:55 (Minor)
	Fails to parse the EPLF FTP directory format

* 2005-03-03 02:26 (Minor Security)
	Race condition related to Set-Cookie header
 2005-03-06 13:30:48 +00:00
taca
14037da5c4 Update squid package to 2.5.9 (2.5.STABLE9). 
There is no runtime change from 2.5.8nb3.

- Fix for a wrong configure warning on Solaris 9 x86 when enabling ARP
  ACl support: The effective host type is i386-pc-solaris2.9.

- Documentation update for squid 2.5.STALBE9.
 2005-03-01 11:16:57 +00:00
taca
cddccd1596 Update squid to 2.5.8nb3, adding recent five official patches. 
* 2005-02-23 00:11 (Medium) Should not automatically retry request on 403
			    and other server errors
* 2005-02-21 17:02 (Minor) fqdn lookups with spaces may confuse redirectors
* 2005-02-21 03:38 (Cosmetic) Display FTP URLs in decoded format to allow for
			      sane display of national characters etc
* 2005-02-21 02:58 (Minor) Peer related memory leaks on "squid -k reconfigure"
* 2005-02-21 01:38 (Cosmetic) Doesn't work specifying the AR variable to
			      configure
 2005-02-28 16:59:08 +00:00
wiz
809ad6f2f7 Add RMD160 checksums. 2005-02-24 14:08:26 +00:00
taca
9cf6de13f5 Update to squid-2.5.8nb2; 
Add new two patches:

* 2005-02-20 19:11 (Cosmetic) GCC4 warnings
* 2005-02-20 10:47 (Minor) Relax header parsing slightly again to work
				around broken web servers

Reflect update of one patch:

* 2005-02-20 11:03 (Cosmetic) Cross-platform format fixes

Update DIST_SUBDIR.
 2005-02-21 00:05:32 +00:00
taca
c4ef7f320a Update squid package to 2.5.8nb1. 
Apply four official fixes.

* 2005-02-15 02:14 (Cosmetic) FTP URL cleanups
* 2005-02-15 01:07 (Cosmetic) Allow high characters in generated FTP and
				Gopher directory listings
* 2005-02-15 00:03 (Cosmetic) Cross-platform format fixes
* 2005-02-13 05:58 (Major) Assertion failure on certain odd DNS responses

Fixes PR pkg/29412 from Mike M. Volokhov.
 2005-02-17 15:04:12 +00:00
taca
109951ed95 Update squid package to 2.5.8 (squid-2.5.STABLE8). 
Most of these changes are already included in previous squid-2.5.7nb12.
But last one is really new one.


Changes to squid-2.5.STABLE8 (11 Feb 2005)

	- [Minor] 100% CPU usage on half-closed PUT/POST requests (Bug #354,
	  #1096)
	- [Cosmetic] Document -v (protocol version) option to LDAP helpers
	- [Minor] The new req_header and resp_header acls segfaults
	  immediately on parse of squid.conf (Bug #961)
	- [Minor] Failure to shut down busy helpers on -k rotate/reconfigure
	  (Bug #1118)
	- [Minor] Don't use O_NONBLOCK on disk files. (Bug #1102)
	- [Minor] Squid fails to close TCP connection after blank HTTP
	  response (Bug #1116)
	- [Minor security] Random error messages in response to malformed
	  host name (Bug #1143)
	- [Minor] PURGE should not be able to delete internal objects
	  (Bug #1112)
	- [Minor] httpd_accel_port 0 (virtual) not working correctly (Bug
	  #1121)
	- [Minor] cachemgr vm_objects segfault (Bug #1149)
	- [Minor security] Confusing results on empty acl declarations (Bug
	  #1166)
	- [Minor] Don't close all "other" filedescriptors on startup (Bug
	  #1177)
	- [Minor] fakeauth_auth memory leak and NULL pointer access (Bug
	  #1183)
	- [Security] buffer overflow bug in gopherToHTML() (Bug #1189)
	- [Medium security] Denial of service with forged WCCP messages
	  (Bug #1190)
	- [Minor] DNS related memory leak on certain malformed DNS responses
	  (Bug #1197)
	- [Minor] Internal DNS sometimes truncates host names in reverse
	  (PTR) lookups (Bug #1136)
	- [Minor Security] Add sanity checks on LDAP user names (Bug #1187)
	- [Security] Harden Squid agains HTTP request smuggling attacks
	- [Minor] Icon URLs fails in non-anonymous FTP directory listings is
	  short_icon_urls is on (Bug #1203)
	- [Security] Harden Squid agains HTTP response splitting attacks
	  (Bug #1200)
	- [Medium security] Buffer overflow in WCCP recvfrom() call
	  (Bug #1217)
	- [Security] Properly handle oversized reply headers (Bug #1216)
	- [Minor] LDAP helpers search fixed to properly ask for no attributes
	- [Minor] A sporadic segmentation fault when using ntlm authentication
	  fixed (Bug #1127)
	- [Major] Segmentation fault on failed PUT/POST requests (Bug #1224)
	- [Medium] Persistent connection mismatch on failed PUT/POST request
	  (Bug #1122)
	- [Minor] WCCP easily disturbed by forged packets (Bug #1225)
	- [Minor] Password management in ftp:// gatewaying improved (Bug #1226)
	- [Major] HTTP reply data corruption in certain situations involving
	  reply headers split over multiple packets (Bug #1233)
 2005-02-11 14:47:18 +00:00
taca
ca3d590109 Update squid package to 2.5.7nb12. 
Adding several official patches which fix security and critical problem.

o 2005-02-06 00:57 (Cosmetic)
	Improve password handling in FTP gatewaying of ftp://user@host URLs

o 2005-02-04 11:41 (Minor) WCCP easily disturbed by forged packets

o 2005-02-04 00:33 (Medium)
	Persistent connection trouble on failed PUT/POST requests

o 2005-02-04 00:12 (Major) Segmentation fault on failed PUT/POST request

o 2005-02-03 23:27 (Minor)
	Sporadic segmentation fault when using ntlm authentication

o 2005-02-03 23:17 (Minor)
	LDAP helpers sends slightly malformed search requests

o 2005-01-31 22:50 (Security issue)
	Correct handling of oversized reply headers
 2005-02-06 08:08:02 +00:00
taca
72cd6c1b07 Fix file name of a patch file which squid people fix its typo. 
Noted by salo@ first and PR pkg/29181 later.
 2005-02-01 10:22:20 +00:00
taca
dc4e9e21cc Update squid package to squid-2.5.7nb11. 
squid-2.5.STABLE7-response_splitting.patch was updated, so update distinfo
and DIST_SUBDIR.  It seems that a patch to one more file was added.

* 2005-01-31 01:50 (Security issue)
	Strengthen Squid from HTTP response splitting cache pollution attack
 2005-02-01 01:31:10 +00:00
taca
b455b041c9 Apply a new official patch which contains security problem. 
* 2005-01-28 23:16 (Security issue) Buffer overflow in WCCP recvfrom() call

Bump PKG_REVISION and now squid-2.5.7nb10.
 2005-01-29 00:51:42 +00:00
taca
5dfe4d616c Update new and disabled official patches. The new patch includes 
security fix.

o 2005-01-21 12:10 (Minor)
	Disable Path-MTU discovery on intercepted requests

o 2005-01-21 12:43 (Security issue)
	Strengthen Squid from HTTP response splitting cache pollution attack

Bump package revision.
 2005-01-26 15:29:03 +00:00
taca
6007cf9a8d Update new official patched. 
o  2005-01-21 12:43 (Security issue)
	Strengthen Squid from HTTP response splitting cache pollution attack

o  2005-01-21 12:10 (Minor)
	Icons fails to load on non-anonymous FTP when using
	short_icons_url directive

o  2005-01-21 12:10 (Minor)
	FTP data connection fails on some FTP servers when requesting
	directory without a trailing slash

One patch has problem to apply and hold to apply

o  2005-01-21 12:10 (Minor) Disable Path-MTU discovery on intercepted requests

Bump package revision.
 2005-01-21 13:41:26 +00:00
taca
584c57086d Apply three official patch including a minor security problem. 
o 2005-01-17 04:29 (Minor Secuity issue) Sanity check usernames in squid_ldap_auth
o 2005-01-17 02:52 (Minor) FQDN names truncated on compressed DNS responses
o 2005-01-17 02:52 (Minor) Internal DNS memory leak on malformed responses

Bump package revision; squid-2.5.7nb7.
 2005-01-19 14:56:55 +00:00
kim
a58ea33315 Record SQUID_USER and SQUID_GROUP in BUILD_DEFS. 2005-01-19 00:19:27 +00:00
taca
c6d8a087ba Set PKG_USERS and PKG_GROUPS with SQUID_USER and SQUID_GROUP. 
Now squid's user and group are handled by bsd.pkg.install.mk properly.

Thanks much to Volker Wiegand at t-online dot de noted this problem
by private mail.

Bump PKGREVISION.
 2005-01-16 15:46:25 +00:00
taca
74a98f4028 Add three official fixes. 
o 2005-01-12 17:21 (Security issue) Denial of service with forged WCCP messages
o 2005-01-12 17:19 (Security issue) buffer overflow bug in gopherToHTML()
o 2005-01-08 03:13 (Medium) fakeauth_auth memory leak and NULL pointer access

Bump package revision.
 2005-01-13 16:19:10 +00:00