57ca53564b
This includes security problem with SNMP support which enabled by default. <http://www.idefense.com/application/poi/display?id=152&type=vulnerabilities> * pkgsrc changes: - Don't use PKGNAME within DIST_SUBDIR. Instead, date based DIST_STAMP. This change prevent extra DIST_SUBDIR change asked by kim@. - Remove setproctitle(3) hack for dnsserver helper program since use of dnsserver itself is problematic with huge size of squid process. * Changes to squid-2.5.STABLE7 (11 Oct 2004) - [Medium] No objects cached in ufs cache_dir type in some configurations. Issue introduced in 2.5.STABLE6 by the patch for Bug #676. (Bug #1011) - [Minor] LDAP helpers update to correct LDAP connection management and add support for literal password compare instead of binding - [Minor] A large number of queued DNS lookups for the same domain (Bug #852) - [Cosmetic] request_header_max_size configuration partly ignored (Bug #899) - [Minor] Partial hit results in TCP_HIT, not TCP_MISS. (Bug #1001) - Bug #1012: [Cosmetic] HEAD requests may return stale information (Bug #1012) - [Cosmetic] Warn if cache_dir ufs can not create files. (Bug #918) - [Minor] case insensitive authentication (Bug #431) - [Cosmetic] Add delay pools information to active_requests. (Bug #882) - [Minor] Apparent memory leak in client_db (Bug #833) - [Minor] NTLM authentication truncated causing failures. (Bug #1016) - [Cosmetic] Grammatical corrections in squid.conf.default - [Cosmetic] Unknown %X errorpage codes incorrectly quoted. (Bug #1030) - [Medium] Segfaults and other strange crashes when using heap policies. (Bug #1009) - [Minor] Supplementary group memberships not set (Bug #1021) - [Cosmetic] ERR_TOO_BIG Portugese translation - [Minor] external_acl does not handle newlines (Bug #1038) - [Major] NTLM authentication denial of service when using msnt_auth or fake_auth (Bug #1045) - [Medium] Memory leaks when using NTLM authentication without challenge reuse. (Bug #994) - [Minor] Temporary NTLM memory leak with challenge reuse enabled (Bug #910) - [Minor] assertion failed: "n_ufs_dirs <= Config.cacheSwap.n_configured". (Bug #1053) - [Minor] Segfault in authenticateDigestHandleReply. (Bug #1031) - [Minor] acl time fails to parse multiple time specifications (Bug #1060) - [Minor] cachemgr config dumps mixed up Range and Request-Range headers in http_header_access & replace directives. (Bug #1056) - [Minor] Content-Disposition added as a well known header (Bug #961) - [Cosmetic] Don't warn about arp acls not being supported on FreeBSD (Bug #1074) - [Cosmetic] Limit internal send/receive buffer sizes (Bug #1075) - [Medium] New acl types to match arbitrary HTTP headers. In addition the http_header_access & replace directivess now support arbitrary headers and not only the well known ones. (Bug #961) - [Cosmetic] ncsa_auth now accepts Window formatted password files (Bug #1078) - [Cosmetic] Support the --program-prefix/suffix options or other configure program name transforms (Bug #1019) - [Minor] Fix race condition in CONNECT and also handle aborts of CONNECT requests in a more graceful manner. (Bug #859) - [Minor] New balance_on_multiple_ip directive to work around certain broken load balancers and optimized ipcache on reload requests (Bug #1058) - [Medium] New reply_header_max_size directive (Bug #874) - [Minor] Suspected instability on aborted PUT/POST requests (Bug #1089) - [Security] SNMP Denial of Service fix (CAN-2004-0918)
90 lines
2.3 KiB
Text
90 lines
2.3 KiB
Text
$NetBSD: patch-ag,v 1.17 2004/10/13 15:35:55 taca Exp $
|
|
|
|
--- configure.orig 2004-10-12 05:27:03.000000000 +0900
|
|
+++ configure
|
|
@@ -2219,7 +2219,7 @@ if test "${enable_snmp+set}" = set; then
|
|
#define SQUID_SNMP 1
|
|
EOF
|
|
|
|
- SNMPLIB='-L../snmplib -lsnmp'
|
|
+ SNMPLIB='../snmplib/libsnmp.a'
|
|
|
|
|
|
if true; then
|
|
@@ -3957,6 +3957,7 @@ for ac_hdr in \
|
|
libc.h \
|
|
limits.h \
|
|
linux/netfilter_ipv4.h \
|
|
+ machine/byte_swap.h \
|
|
malloc.h \
|
|
math.h \
|
|
memory.h \
|
|
@@ -6202,43 +6203,38 @@ fi
|
|
echo "$ac_t""$ac_cv_type_mode_t" 1>&6
|
|
if test $ac_cv_type_mode_t = no; then
|
|
cat >> confdefs.h <<\EOF
|
|
-#define mode_t u_short
|
|
+#define mode_t unsigned short
|
|
EOF
|
|
|
|
fi
|
|
|
|
-echo $ac_n "checking for fd_mask""... $ac_c" 1>&6
|
|
-echo "configure:6212: checking for fd_mask" >&5
|
|
-if eval "test \"`echo '$''{'ac_cv_type_fd_mask'+set}'`\" = set"; then
|
|
+echo $ac_n "checking for fd_set""... $ac_c" 1>&6
|
|
+echo "configure:6031: checking for fd_set" >&5
|
|
+if eval "test \"`echo '$''{'ac_cv_have_fd_mask'+set}'`\" = set"; then
|
|
echo $ac_n "(cached) $ac_c" 1>&6
|
|
else
|
|
cat > conftest.$ac_ext <<EOF
|
|
#line 6217 "configure"
|
|
#include "confdefs.h"
|
|
#include <sys/types.h>
|
|
-#if STDC_HEADERS
|
|
-#include <stdlib.h>
|
|
-#include <stddef.h>
|
|
-#endif
|
|
+#include <sys/time.h>
|
|
+#include <sys/unistd.h>
|
|
+int main() {
|
|
+fd_mask fds;
|
|
+; return 0; }
|
|
EOF
|
|
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
|
|
- egrep "(^|[^a-zA-Z_0-9])fd_mask[^a-zA-Z_0-9]" >/dev/null 2>&1; then
|
|
+if { (eval echo configure:5983: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
|
|
rm -rf conftest*
|
|
- ac_cv_type_fd_mask=yes
|
|
+ ac_cv_have_fd_mask=yes
|
|
else
|
|
+ echo "configure: failed program was:" >&5
|
|
rm -rf conftest*
|
|
- ac_cv_type_fd_mask=no
|
|
+ ac_cv_have_fd_mask=no
|
|
fi
|
|
rm -f conftest*
|
|
|
|
fi
|
|
-echo "$ac_t""$ac_cv_type_fd_mask" 1>&6
|
|
-if test $ac_cv_type_fd_mask = no; then
|
|
- cat >> confdefs.h <<\EOF
|
|
-#define fd_mask int
|
|
-EOF
|
|
-
|
|
-fi
|
|
+echo "$ac_t""$ac_cv_have_fd_mask" 1>&6
|
|
|
|
|
|
echo $ac_n "checking size of off_t""... $ac_c" 1>&6
|
|
@@ -7516,8 +7512,8 @@ if test "$GCC" = "yes"; then
|
|
GCCVER=`$CC -v 2>&1 | awk '$2 == "version" {print $3}'`
|
|
case "$GCCVER" in
|
|
2.95.[123])
|
|
- echo "Removing -O for gcc on $host with GCC $GCCVER"
|
|
- CFLAGS="`echo $CFLAGS | sed -e 's/-O[0-9]*//'`"
|
|
+ echo "Making -O\[2-9\] to -O for gcc on $host with GCC $GCCVER"
|
|
+ CFLAGS="`echo $CFLAGS | sed -e 's/-O[0-9]*/-O/'`"
|
|
;;
|
|
esac
|
|
fi
|