# HG changeset patch # User holger # Date 1280924069 -7200 # Node ID eee42ea7ddfbdacbeabd67242a60f10912bf08b6 # Parent a3713bbcd1b6a33d3d482539cbe15eb45c5f47b1 sync 3.1.5 with bgo diff -r a3713bbcd1b6 -r eee42ea7ddfb net-proxy/squid/Manifest --- a/net-proxy/squid/Manifest Wed Jul 28 11:08:21 2010 +0200 +++ b/net-proxy/squid/Manifest Wed Aug 04 14:14:29 2010 +0200 @@ -1,6 +1,9 @@ -AUX squid-3.1.1-libmd5.patch 600 RMD160 9f2891d87ae97188dc0423ad43449894b068b8ed SHA1 e61a8192f9d3085e7409e4059e4b2444cebf9b36 SHA256 e04ee68b9efea75d4fcd93a9f367c8973ca71308b003d66406cd582eacc0fba8 -AUX squid-3.1.1-qafixes.patch 3074 RMD160 29bb996be1e1ec8bffe5243deac50aaf88e3b4ee SHA1 79985cfbb87be402162872dbc8c94d2ff3ea5e5d SHA256 d61836f4756a26dc679363557f2060b27d255b3273cf1387c6b866ed1115ab6d -AUX squid-3.1.5-gentoo.patch 12389 RMD160 e46b1177d4309640d048b4932cae68bb83f0527d SHA1 6c889899b1b0741dc3b2a505535d7f598580799f SHA256 23acbe5270fcc15b3e9c3af95dad6bbb0737e7a4077a8095be96ee42a1577cef +AUX squid-3.1.5-errorstate-leak-fix.patch 550 RMD160 744f601d60e688a3cea3225d97e40fa729ff31cf SHA1 30778922c3298c8ffd85dd330b4d3a2d704ac38b SHA256 7ba2ad09069ef5094f81b0f90498cfcba079611e28d64a2759a4586781ab112a +AUX squid-3.1.5-gentoo.patch 12352 RMD160 a1c948634e8dc44329a8765db0af47eefd9ed3c5 SHA1 6472faaadb7b43d577ce0349dd441b2a9a5b3d04 SHA256 0ad4e1e572561370728dab5e4e3733fa64ed9728000668b9e6fff1af6cb4cee9 +AUX squid-3.1.5-libmd5.patch 588 RMD160 8ae39b18976cfa9fa3512262e002ef7e8543c61e SHA1 6447f81ca6cdd85f2a9c0e76bb48d6e0eac9ed80 SHA256 a2380cff52f649dea0f37091deb5f714b9cc912e295351bd4e49f46c13110209 +AUX squid-3.1.5-qafixes.patch 3074 RMD160 91024dd4a450bf0180cc691ce9e1d2a427c37a0c SHA1 acb65b63b969707d0ce1d29c3a6a77dc56b4fcdf SHA256 8542a6bebeb431ec4f0ceef4114d048f3201e10a4f68d6df81f0720d10690b13 +AUX squid-3.1.5-range-leak-fix-1.patch 1542 RMD160 2cda5c77b99a28f54e02a699a64cf9646c6b9083 SHA1 81051e9032853b4d567e716502385fc3c9bfbc9c SHA256 f7707eefd886e2e5b665424bed9b70b75ef2afe77236745661d18dd6e360d167 +AUX squid-3.1.5-range-leak-fix-2.patch 793 RMD160 ed284b09329943acb24c83725bb5d9fe15cb817a SHA1 d2be8ea0b3fa5a41c86d030c011172fcd1bb2c85 SHA256 83854638092ece023d3eccc39e2c739a66e55a471e1312a49fb4b8a5983a8823 AUX squid.confd 540 RMD160 aa4ec5a6eebad1222667aff6b3180931cf566b13 SHA1 1c0c23b08bd0450eae14604c2b45ca67c7ac25c5 SHA256 aeef7060c50074b65c664fc106d7319ce380d25320ee2ee00f7d6021846b88ec AUX squid.cron 143 RMD160 0706a7ad04691b9a93a2897c319008440483ba11 SHA1 6138db0eccb7320e707b8d60c2970ef684e29336 SHA256 4c9e2afe5b0bba583ce896233ea1f9262beeb1b6cf51b4adb48d5f5c03933b2f AUX squid.initd 3315 RMD160 a6209a27770eb2aebdd533c946e790efec0de53b SHA1 08519fa20a7286cba9ea82e7b23dd8116ab7f77b SHA256 d3eac36c2fc313688e19cde7ace63783cd202315b23c0b2bd0219a4504cb2b35 @@ -8,4 +11,4 @@ AUX squid.logrotate 103 RMD160 e7e4a6bde48e2735632692a6e628955b270f30ad SHA1 6e8d42f6a1a3109f0a26ed30edc7d91c6816e23f SHA256 e5ddce1c9af851040affa15e1a59e89d8db0f2eea7c461320a1d3784578f4482 AUX squid.pam 315 RMD160 afb3f1cc36ba5ef0015c40040b6d5c18485ec828 SHA1 40933fabaaa2a9cb38d57c3acb77857082c82ae5 SHA256 68ef4282f9fb8506df710d0ae16e84e991e9b138c7f1d0af922682219c7a971f DIST squid-3.1.5.tar.gz 3226676 RMD160 b5153ae6cbce267e62537bcaa1694091b142c727 SHA1 94eaa4a1aa7483af64ca04b1715204cfb4a01ee8 SHA256 93e0e5e3a8fc7ac991d34b69bbfbb7c48540df44b1a606a89304d1742c8d1bf7 -EBUILD squid-3.1.5.ebuild 6831 RMD160 05442dfa607cc42bbf8fe8c085458fc4a1a5c6fd SHA1 b2653f21a239a8db552ac228a206ee8fcbef739c SHA256 7b1e88664d981be956249a00a24caf74e050f51b255fb5dc87560f75b9830662 +EBUILD squid-3.1.5.ebuild 6848 RMD160 af8daf348caa6d618fcaa9368abcbf1af00eafea SHA1 3a0ba070d66d0f50b028d900befc032b3e52decc SHA256 754f2a22bde73a836ce20d45b0c6deea4b752580c6252f9594320b549f3935c6 diff -r a3713bbcd1b6 -r eee42ea7ddfb net-proxy/squid/files/squid-3.1.1-libmd5.patch --- a/net-proxy/squid/files/squid-3.1.1-libmd5.patch Wed Jul 28 11:08:21 2010 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,16 +0,0 @@ -diff -Nru squid-3.1.0.15.orig/configure.in squid-3.1.0.15/configure.in ---- squid-3.1.0.15.orig/configure.in 2009-11-23 04:11:00.000000000 +0100 -+++ squid-3.1.0.15/configure.in 2009-11-29 09:44:37.000000000 +0100 -@@ -2802,7 +2802,11 @@ - dnl libcrypt (eg FreeBSD) - AC_CHECK_LIB(crypt, crypt, [CRYPTLIB="-lcrypt"]) - dnl Solaris10 provides MD5 natively through libmd5 --AC_CHECK_LIB(md5, MD5Init, [CRYPTLIB="$CRYPTLIB -lmd5"]) -+case "$host" in -+ *-solaris*) -+ AC_CHECK_LIB(md5, MD5Init, [CRYPTLIB="$CRYPTLIB -lmd5"]) -+ ;; -+esac - AC_SUBST(CRYPTLIB) - - dnl Check for libdl, used by auth_modules/PAM diff -r a3713bbcd1b6 -r eee42ea7ddfb net-proxy/squid/files/squid-3.1.1-qafixes.patch --- a/net-proxy/squid/files/squid-3.1.1-qafixes.patch Wed Jul 28 11:08:21 2010 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,57 +0,0 @@ -diff -Nru squid-3.1.1.orig/helpers/negotiate_auth/squid_kerb_auth/configure.in squid-3.1.1/helpers/negotiate_auth/squid_kerb_auth/configure.in ---- squid-3.1.3.orig/helpers/negotiate_auth/squid_kerb_auth/configure.in 2010-04-15 16:27:19.000000000 +0300 -+++ squid-3.1.3/helpers/negotiate_auth/squid_kerb_auth/configure.in 2010-04-15 18:08:18.000000000 +0300 -@@ -93,7 +94,7 @@ - else - ac_gssapi_libs=`krb5-config --libs gssapi 2>/dev/null` - if test "x$ac_gssapi_libs" != "x" ; then -- LDFLAGS="$LDFLAGS $ac_gssapi_libs" -+ LIBS="$LIBS $ac_gssapi_libs" - else - for lib in $ac_gss_libs; do - AC_CHECK_LIB($lib,main) -@@ -117,7 +118,7 @@ - fi - ac_gssapi_libs=`krb5-config --libs gssapi 2>/dev/null` - if test "x$ac_gssapi_libs" != "x" ; then -- LDFLAGS="$LDFLAGS $ac_gssapi_libs" -+ LIBS="$LIBS $ac_gssapi_libs" - else - for lib in $ac_gss_libs; do - AC_CHECK_LIB($lib,main) -@@ -171,7 +172,7 @@ - ac_libdir=`echo $ac_gssapi_libs | sed -e 's/.*-L//' | sed -e 's/ .*//'` - LDFLAGS="$LDFLAGS $w_flag$ac_libdir$w_flag_2" - fi -- LDFLAGS="$LDFLAGS $ac_gssapi_libs" -+ LIBS="$LIBS $ac_gssapi_libs" - else - for lib in $ac_gss_libs; do - AC_CHECK_LIB($lib,main) -@@ -200,7 +201,7 @@ - ac_libdir=`echo $ac_gssapi_libs | sed -e 's/.*-L//' | sed -e 's/ .*//'` - LDFLAGS="$LDFLAGS $w_flag$ac_libdir$w_flag_2" - fi -- LDFLAGS="$LDFLAGS $ac_gssapi_libs" -+ LIBS="$LIBS $ac_gssapi_libs" - else - for lib in $ac_gss_libs; do - AC_CHECK_LIB($lib,main) -diff -Nru squid-3.1.1.orig/src/forward.cc squid-3.1.1/src/forward.cc ---- squid-3.1.1.orig/src/forward.cc 2010-04-15 16:27:19.000000000 +0300 -+++ squid-3.1.3/src/forward.cc 2010-04-15 18:19:20.000000000 +0300 -@@ -999,8 +999,12 @@ - break; - - if (o->cmsg_level == SOL_IP && o->cmsg_type == IP_TOS) { -- int *tmp = (int*)CMSG_DATA(o); -- clientFde->upstreamTOS = (unsigned char)*tmp; -+ union { -+ unsigned char *pchar; -+ int *pint; -+ } data; -+ data.pchar = CMSG_DATA(o); -+ clientFde->upstreamTOS = (unsigned char)*data.pint; - break; - } - pbuf += CMSG_LEN(o->cmsg_len); diff -r a3713bbcd1b6 -r eee42ea7ddfb net-proxy/squid/files/squid-3.1.5-errorstate-leak-fix.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/net-proxy/squid/files/squid-3.1.5-errorstate-leak-fix.patch Wed Aug 04 14:14:29 2010 +0200 @@ -0,0 +1,14 @@ +--- src/forward.cc 2010-05-04 23:06:00 +0000 ++++ src/forward.cc 2010-05-27 00:09:40 +0000 +@@ -527,7 +527,10 @@ + + /* Ditch error page if it was created before. + * A new one will be created if there's another problem */ +- err = NULL; ++ if (err) { ++ errorStateFree(err); ++ err = NULL; ++ } + + /* use eventAdd to break potential call sequence loops and to slow things down a little */ + eventAdd("fwdConnectStart", fwdConnectStartWrapper, this, originserver ? 0.05 : 0.005, 0); diff -r a3713bbcd1b6 -r eee42ea7ddfb net-proxy/squid/files/squid-3.1.5-gentoo.patch --- a/net-proxy/squid/files/squid-3.1.5-gentoo.patch Wed Jul 28 11:08:21 2010 +0200 +++ b/net-proxy/squid/files/squid-3.1.5-gentoo.patch Wed Aug 04 14:14:29 2010 +0200 @@ -1,6 +1,6 @@ -diff -Nru squid-3.1.1.orig/acinclude.m4 squid-3.1.1/acinclude.m4 ---- squid-3.1.1.orig/acinclude.m4 2010-04-15 16:27:19.000000000 +0300 -+++ squid-3.1.1/acinclude.m4 2010-04-15 16:28:17.000000000 +0300 +diff -ruN squid-3.1.4.orig/acinclude.m4 squid-3.1.4/acinclude.m4 +--- squid-3.1.4.orig/acinclude.m4 2010-05-30 15:21:11.000000000 +0200 ++++ squid-3.1.4/acinclude.m4 2010-06-15 23:56:30.328286612 +0200 @@ -75,7 +75,7 @@ AC_MSG_CHECKING([whether compiler accepts -fhuge-objects]) AC_CACHE_VAL([ac_cv_test_checkforhugeobjects],[ @@ -10,9 +10,9 @@ res=$? rm -f conftest.* echo yes -diff -Nru squid-3.1.1.orig/configure.in squid-3.1.1/configure.in ---- squid-3.1.1.orig/configure.in 2010-04-15 16:27:19.000000000 +0300 -+++ squid-3.1.1/configure.in 2010-04-15 16:28:49.000000000 +0300 +diff -ruN squid-3.1.4.orig/configure.in squid-3.1.4/configure.in +--- squid-3.1.4.orig/configure.in 2010-05-30 15:21:49.000000000 +0200 ++++ squid-3.1.4/configure.in 2010-06-15 23:56:30.331286981 +0200 @@ -16,9 +16,9 @@ PRESET_LDFLAGS="$LDFLAGS" @@ -26,9 +26,9 @@ dnl Check for GNU cc AC_PROG_CC -diff -Nru squid-3.1.1.orig/helpers/basic_auth/MSNT/confload.c squid-3.1.1/helpers/basic_auth/MSNT/confload.c ---- squid-3.1.1.orig/helpers/basic_auth/MSNT/confload.c 2010-04-15 16:27:19.000000000 +0300 -+++ squid-3.1.1/helpers/basic_auth/MSNT/confload.c 2010-04-15 16:29:51.000000000 +0300 +diff -ruN squid-3.1.4.orig/helpers/basic_auth/MSNT/confload.c squid-3.1.4/helpers/basic_auth/MSNT/confload.c +--- squid-3.1.4.orig/helpers/basic_auth/MSNT/confload.c 2010-05-30 15:21:11.000000000 +0200 ++++ squid-3.1.4/helpers/basic_auth/MSNT/confload.c 2010-06-15 23:56:30.332287748 +0200 @@ -27,7 +27,7 @@ /* Path to configuration file */ @@ -38,9 +38,9 @@ #endif #define CONFIGFILE SYSCONFDIR "/msntauth.conf" -diff -Nru squid-3.1.1.orig/helpers/basic_auth/MSNT/msntauth.conf.default squid-3.1.1/helpers/basic_auth/MSNT/msntauth.conf.default ---- squid-3.1.1.orig/helpers/basic_auth/MSNT/msntauth.conf.default 2010-04-15 16:27:19.000000000 +0300 -+++ squid-3.1.1/helpers/basic_auth/MSNT/msntauth.conf.default 2010-04-15 16:30:39.000000000 +0300 +diff -ruN squid-3.1.4.orig/helpers/basic_auth/MSNT/msntauth.conf.default squid-3.1.4/helpers/basic_auth/MSNT/msntauth.conf.default +--- squid-3.1.4.orig/helpers/basic_auth/MSNT/msntauth.conf.default 2010-05-30 15:21:11.000000000 +0200 ++++ squid-3.1.4/helpers/basic_auth/MSNT/msntauth.conf.default 2010-06-15 23:56:30.333286558 +0200 @@ -8,6 +8,6 @@ server other_PDC other_BDC otherdomain @@ -50,9 +50,9 @@ +#denyusers /etc/squid/msntauth.denyusers +#allowusers /etc/squid/msntauth.allowusers -diff -Nru squid-3.1.1.orig/helpers/basic_auth/SMB/Makefile.am squid-3.1.1/helpers/basic_auth/SMB/Makefile.am ---- squid-3.1.1.orig/helpers/basic_auth/SMB/Makefile.am 2010-04-15 16:27:19.000000000 +0300 -+++ squid-3.1.1/helpers/basic_auth/SMB/Makefile.am 2010-04-15 16:31:23.000000000 +0300 +diff -ruN squid-3.1.4.orig/helpers/basic_auth/SMB/Makefile.am squid-3.1.4/helpers/basic_auth/SMB/Makefile.am +--- squid-3.1.4.orig/helpers/basic_auth/SMB/Makefile.am 2010-05-30 15:21:11.000000000 +0200 ++++ squid-3.1.4/helpers/basic_auth/SMB/Makefile.am 2010-06-15 23:56:30.333286558 +0200 @@ -16,7 +16,7 @@ ## FIXME: autoconf should test for the samba path. @@ -62,9 +62,9 @@ SMB_AUTH_HELPER_PATH = $(libexecdir)/$(SMB_AUTH_HELPER) libexec_SCRIPTS = $(SMB_AUTH_HELPER) -diff -Nru squid-3.1.1.orig/helpers/basic_auth/SMB/smb_auth.sh squid-3.1.1/helpers/basic_auth/SMB/smb_auth.sh ---- squid-3.1.1.orig/helpers/basic_auth/SMB/smb_auth.sh 2010-04-15 16:27:19.000000000 +0300 -+++ squid-3.1.1/helpers/basic_auth/SMB/smb_auth.sh 2010-04-15 16:32:48.000000000 +0300 +diff -ruN squid-3.1.4.orig/helpers/basic_auth/SMB/smb_auth.sh squid-3.1.4/helpers/basic_auth/SMB/smb_auth.sh +--- squid-3.1.4.orig/helpers/basic_auth/SMB/smb_auth.sh 2010-05-30 15:21:11.000000000 +0200 ++++ squid-3.1.4/helpers/basic_auth/SMB/smb_auth.sh 2010-06-15 23:56:30.334286833 +0200 @@ -24,7 +24,7 @@ read AUTHSHARE read AUTHFILE @@ -83,9 +83,9 @@ echo "Domain controller IP address: $dcip" [ -n "$dcip" ] || exit 1 -diff -Nru squid-3.1.1.orig/helpers/external_acl/session/squid_session.8 squid-3.1.1/helpers/external_acl/session/squid_session.8 ---- squid-3.1.1.orig/helpers/external_acl/session/squid_session.8 2010-04-15 16:27:19.000000000 +0300 -+++ squid-3.1.1/helpers/external_acl/session/squid_session.8 2010-04-15 16:33:36.000000000 +0300 +diff -ruN squid-3.1.4.orig/helpers/external_acl/session/squid_session.8 squid-3.1.4/helpers/external_acl/session/squid_session.8 +--- squid-3.1.4.orig/helpers/external_acl/session/squid_session.8 2010-05-30 15:21:11.000000000 +0200 ++++ squid-3.1.4/helpers/external_acl/session/squid_session.8 2010-06-15 23:56:30.334286833 +0200 @@ -35,7 +35,7 @@ .P Configuration example using the default automatic mode @@ -95,9 +95,9 @@ .IP acl session external session .IP -diff -Nru squid-3.1.1.orig/helpers/external_acl/unix_group/squid_unix_group.8 squid-3.1.1/helpers/external_acl/unix_group/squid_unix_group.8 ---- squid-3.1.1.orig/helpers/external_acl/unix_group/squid_unix_group.8 2010-04-15 16:27:19.000000000 +0300 -+++ squid-3.1.1/helpers/external_acl/unix_group/squid_unix_group.8 2010-04-15 16:34:17.000000000 +0300 +diff -ruN squid-3.1.4.orig/helpers/external_acl/unix_group/squid_unix_group.8 squid-3.1.4/helpers/external_acl/unix_group/squid_unix_group.8 +--- squid-3.1.4.orig/helpers/external_acl/unix_group/squid_unix_group.8 2010-05-30 15:21:12.000000000 +0200 ++++ squid-3.1.4/helpers/external_acl/unix_group/squid_unix_group.8 2010-06-15 23:56:30.335286619 +0200 @@ -27,7 +27,7 @@ This squid.conf example defines two Squid acls. usergroup1 matches users in group1, and usergroup2 matches users in group2 or group3 @@ -107,9 +107,9 @@ .IP acl usergroup1 external unix_group group1 .IP -diff -Nru squid-3.1.1.orig/helpers/negotiate_auth/squid_kerb_auth/configure.in squid-3.1.1/helpers/negotiate_auth/squid_kerb_auth/configure.in ---- squid-3.1.1.orig/helpers/negotiate_auth/squid_kerb_auth/configure.in 2010-04-15 16:27:19.000000000 +0300 -+++ squid-3.1.1/helpers/negotiate_auth/squid_kerb_auth/configure.in 2010-04-15 17:35:20.000000000 +0300 +diff -ruN squid-3.1.4.orig/helpers/negotiate_auth/squid_kerb_auth/configure.in squid-3.1.4/helpers/negotiate_auth/squid_kerb_auth/configure.in +--- squid-3.1.4.orig/helpers/negotiate_auth/squid_kerb_auth/configure.in 2010-05-30 15:21:11.000000000 +0200 ++++ squid-3.1.4/helpers/negotiate_auth/squid_kerb_auth/configure.in 2010-06-15 23:56:30.335286619 +0200 @@ -17,6 +17,7 @@ AC_INIT([squid_kerb_auth],[1.0.5],[markus_moeller@compuserve.com]) @@ -127,9 +127,9 @@ for ac_cv_my_cflag in $MY_CFLAGS; do echo "int main() { -diff -Nru squid-3.1.1.orig/lib/libTrie/acinclude.m4 squid-3.1.1/lib/libTrie/acinclude.m4 ---- squid-3.1.1.orig/lib/libTrie/acinclude.m4 2010-04-15 16:27:19.000000000 +0300 -+++ squid-3.1.1/lib/libTrie/acinclude.m4 2010-04-15 17:35:48.000000000 +0300 +diff -ruN squid-3.1.4.orig/lib/libTrie/acinclude.m4 squid-3.1.4/lib/libTrie/acinclude.m4 +--- squid-3.1.4.orig/lib/libTrie/acinclude.m4 2010-05-30 15:21:11.000000000 +0200 ++++ squid-3.1.4/lib/libTrie/acinclude.m4 2010-06-15 23:56:30.336287383 +0200 @@ -11,7 +11,7 @@ AC_MSG_CHECKING([whether compiler accepts -fhuge-objects]) AC_CACHE_VAL([ac_cv_test_checkforhugeobjects],[ @@ -139,9 +139,9 @@ res=$? rm -f conftest.* echo yes -diff -Nru squid-3.1.1.orig/lib/libTrie/configure.in squid-3.1.1/lib/libTrie/configure.in ---- squid-3.1.1.orig/lib/libTrie/configure.in 2010-04-15 16:27:19.000000000 +0300 -+++ squid-3.1.1/lib/libTrie/configure.in 2010-04-15 17:36:46.000000000 +0300 +diff -ruN squid-3.1.4.orig/lib/libTrie/configure.in squid-3.1.4/lib/libTrie/configure.in +--- squid-3.1.4.orig/lib/libTrie/configure.in 2010-05-30 15:21:11.000000000 +0200 ++++ squid-3.1.4/lib/libTrie/configure.in 2010-06-15 23:56:30.336287383 +0200 @@ -59,8 +59,8 @@ dnl set useful flags @@ -153,9 +153,95 @@ else TRIE_CFLAGS= TRIE_CXXFLAGS= -diff -Nru squid-3.1.1.orig/src/Makefile.am squid-3.1.1/src/Makefile.am ---- squid-3.1.1.orig/src/Makefile.am 2010-04-15 16:27:19.000000000 +0300 -+++ squid-3.1.1/src/Makefile.am 2010-04-15 17:44:39.000000000 +0300 +diff -ruN squid-3.1.4.orig/src/cf.data.pre squid-3.1.4/src/cf.data.pre +--- squid-3.1.4.orig/src/cf.data.pre 2010-05-30 15:21:11.000000000 +0200 ++++ squid-3.1.4/src/cf.data.pre 2010-06-15 23:56:30.344287666 +0200 +@@ -718,6 +718,7 @@ + acl Safe_ports port 488 # gss-http + acl Safe_ports port 591 # filemaker + acl Safe_ports port 777 # multiling http ++acl Safe_ports port 901 # SWAT + acl CONNECT method CONNECT + NOCOMMENT_END + DOC_END +@@ -866,6 +867,9 @@ + http_access allow localnet + http_access allow localhost + ++# Allow the localhost to have access by default ++http_access allow localhost ++ + # And finally deny all other access to this proxy + http_access deny all + NOCOMMENT_END +@@ -4036,11 +4040,11 @@ + + NAME: cache_mgr + TYPE: string +-DEFAULT: webmaster ++DEFAULT: root + LOC: Config.adminEmail + DOC_START + Email-address of local cache manager who will receive +- mail if the cache dies. The default is "webmaster." ++ mail if the cache dies. The default is "root". + DOC_END + + NAME: mail_from +@@ -6352,7 +6356,7 @@ + NAME: forwarded_for + COMMENT: on|off|transparent|truncate|delete + TYPE: string +-DEFAULT: on ++DEFAULT: delete + LOC: opt_forwarded_for + DOC_START + If set to "on", Squid will append your client's IP address +diff -ruN squid-3.1.4.orig/src/debug.cc squid-3.1.4/src/debug.cc +--- squid-3.1.4.orig/src/debug.cc 2010-05-30 15:21:11.000000000 +0200 ++++ squid-3.1.4/src/debug.cc 2010-06-15 23:56:30.345286478 +0200 +@@ -452,7 +452,7 @@ + #if HAVE_SYSLOG && defined(LOG_LOCAL4) + + if (Debug::log_syslog) +- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, syslog_facility); ++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, syslog_facility); + + #endif /* HAVE_SYSLOG */ + +diff -ruN squid-3.1.4.orig/src/main.cc squid-3.1.4/src/main.cc +--- squid-3.1.4.orig/src/main.cc 2010-05-30 15:21:11.000000000 +0200 ++++ squid-3.1.4/src/main.cc 2010-06-15 23:56:30.347286547 +0200 +@@ -1553,7 +1553,7 @@ + if (*(argv[0]) == '(') + return; + +- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4); + + if ((pid = fork()) < 0) + syslog(LOG_ALERT, "fork failed: %s", xstrerror()); +@@ -1597,7 +1597,7 @@ + + if ((pid = fork()) == 0) { + /* child */ +- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4); + prog = xstrdup(argv[0]); + argv[0] = xstrdup("(squid)"); + execvp(prog, argv); +@@ -1605,7 +1605,7 @@ + } + + /* parent */ +- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4); + + syslog(LOG_NOTICE, "Squid Parent: child process %d started", pid); + +diff -ruN squid-3.1.4.orig/src/Makefile.am squid-3.1.4/src/Makefile.am +--- squid-3.1.4.orig/src/Makefile.am 2010-05-30 15:21:11.000000000 +0200 ++++ squid-3.1.4/src/Makefile.am 2010-06-15 23:56:30.338286964 +0200 @@ -638,7 +638,6 @@ sysconf_DATA = \ @@ -193,90 +279,3 @@ $(mkinstalldirs) $(DESTDIR)$(DEFAULT_LOG_PREFIX); \ $(mkinstalldirs) $(DESTDIR)`dirname $(DEFAULT_PIDFILE)` - uninstall-local: squid.conf.default -diff -Nru squid-3.1.1.orig/src/cf.data.pre squid-3.1.1/src/cf.data.pre ---- squid-3.1.1.orig/src/cf.data.pre 2010-04-15 16:27:19.000000000 +0300 -+++ squid-3.1.1/src/cf.data.pre 2010-04-15 17:39:56.000000000 +0300 -@@ -718,6 +718,7 @@ - acl Safe_ports port 488 # gss-http - acl Safe_ports port 591 # filemaker - acl Safe_ports port 777 # multiling http -+acl Safe_ports port 901 # SWAT - acl CONNECT method CONNECT - NOCOMMENT_END - DOC_END -@@ -867,6 +868,9 @@ - http_access allow localnet - http_access allow localhost - -+# Allow the localhost to have access by default -+http_access allow localhost -+ - # And finally deny all other access to this proxy - http_access deny all - NOCOMMENT_END -@@ -4037,11 +4041,11 @@ - - NAME: cache_mgr - TYPE: string --DEFAULT: webmaster -+DEFAULT: root - LOC: Config.adminEmail - DOC_START - Email-address of local cache manager who will receive -- mail if the cache dies. The default is "webmaster." -+ mail if the cache dies. The default is "root". - DOC_END - - NAME: mail_from -@@ -6353,7 +6357,7 @@ - NAME: forwarded_for - COMMENT: on|off|transparent|truncate|delete - TYPE: string --DEFAULT: on -+DEFAULT: delete - LOC: opt_forwarded_for - DOC_START - If set to "on", Squid will append your client's IP address -diff -Nru squid-3.1.1.orig/src/debug.cc squid-3.1.1/src/debug.cc ---- squid-3.1.1.orig/src/debug.cc 2010-04-15 16:27:19.000000000 +0300 -+++ squid-3.1.1/src/debug.cc 2010-04-15 17:40:27.000000000 +0300 -@@ -452,7 +452,7 @@ - #if HAVE_SYSLOG && defined(LOG_LOCAL4) - - if (Debug::log_syslog) -- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, syslog_facility); -+ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, syslog_facility); - - #endif /* HAVE_SYSLOG */ - -diff -Nru squid-3.1.1.orig/src/main.cc squid-3.1.1/src/main.cc ---- squid-3.1.1.orig/src/main.cc 2010-04-15 16:27:19.000000000 +0300 -+++ squid-3.1.1/src/main.cc 2010-04-15 17:41:34.000000000 +0300 -@@ -1535,7 +1535,7 @@ - if (*(argv[0]) == '(') - return; - -- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); -+ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4); - - if ((pid = fork()) < 0) - syslog(LOG_ALERT, "fork failed: %s", xstrerror()); -@@ -1579,7 +1579,7 @@ - - if ((pid = fork()) == 0) { - /* child */ -- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); -+ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4); - prog = xstrdup(argv[0]); - argv[0] = xstrdup("(squid)"); - execvp(prog, argv); -@@ -1587,7 +1587,7 @@ - } - - /* parent */ -- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); -+ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4); - - syslog(LOG_NOTICE, "Squid Parent: child process %d started", pid); - diff -r a3713bbcd1b6 -r eee42ea7ddfb net-proxy/squid/files/squid-3.1.5-libmd5.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/net-proxy/squid/files/squid-3.1.5-libmd5.patch Wed Aug 04 14:14:29 2010 +0200 @@ -0,0 +1,16 @@ +diff -ruN squid-3.1.4.orig/configure.in squid-3.1.4/configure.in +--- squid-3.1.4.orig/configure.in 2010-05-30 15:21:49.000000000 +0200 ++++ squid-3.1.4/configure.in 2010-06-15 23:53:35.180163134 +0200 +@@ -2814,7 +2814,11 @@ + dnl libcrypt (eg FreeBSD) + AC_CHECK_LIB(crypt, crypt, [CRYPTLIB="-lcrypt"]) + dnl Solaris10 provides MD5 natively through libmd5 +-AC_CHECK_LIB(md5, MD5Init, [CRYPTLIB="$CRYPTLIB -lmd5"]) ++case "$host" in ++ *-solaris*) ++ AC_CHECK_LIB(md5, MD5Init, [CRYPTLIB="$CRYPTLIB -lmd5"]) ++ ;; ++esac + AC_SUBST(CRYPTLIB) + + dnl Check for libdl, used by auth_modules/PAM diff -r a3713bbcd1b6 -r eee42ea7ddfb net-proxy/squid/files/squid-3.1.5-qafixes.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/net-proxy/squid/files/squid-3.1.5-qafixes.patch Wed Aug 04 14:14:29 2010 +0200 @@ -0,0 +1,57 @@ +diff -ruN squid-3.1.4.orig/helpers/negotiate_auth/squid_kerb_auth/configure.in squid-3.1.4/helpers/negotiate_auth/squid_kerb_auth/configure.in +--- squid-3.1.4.orig/helpers/negotiate_auth/squid_kerb_auth/configure.in 2010-06-16 00:02:04.241287315 +0200 ++++ squid-3.1.4/helpers/negotiate_auth/squid_kerb_auth/configure.in 2010-06-16 00:00:08.296162082 +0200 +@@ -94,7 +94,7 @@ + else + ac_gssapi_libs=`krb5-config --libs gssapi 2>/dev/null` + if test "x$ac_gssapi_libs" != "x" ; then +- LDFLAGS="$LDFLAGS $ac_gssapi_libs" ++ LIBS="$LIBS $ac_gssapi_libs" + else + for lib in $ac_gss_libs; do + AC_CHECK_LIB($lib,main) +@@ -118,7 +118,7 @@ + fi + ac_gssapi_libs=`krb5-config --libs gssapi 2>/dev/null` + if test "x$ac_gssapi_libs" != "x" ; then +- LDFLAGS="$LDFLAGS $ac_gssapi_libs" ++ LIBS="$LIBS $ac_gssapi_libs" + else + for lib in $ac_gss_libs; do + AC_CHECK_LIB($lib,main) +@@ -172,7 +172,7 @@ + ac_libdir=`echo $ac_gssapi_libs | sed -e 's/.*-L//' | sed -e 's/ .*//'` + LDFLAGS="$LDFLAGS $w_flag$ac_libdir$w_flag_2" + fi +- LDFLAGS="$LDFLAGS $ac_gssapi_libs" ++ LIBS="$LIBS $ac_gssapi_libs" + else + for lib in $ac_gss_libs; do + AC_CHECK_LIB($lib,main) +@@ -201,7 +201,7 @@ + ac_libdir=`echo $ac_gssapi_libs | sed -e 's/.*-L//' | sed -e 's/ .*//'` + LDFLAGS="$LDFLAGS $w_flag$ac_libdir$w_flag_2" + fi +- LDFLAGS="$LDFLAGS $ac_gssapi_libs" ++ LIBS="$LIBS $ac_gssapi_libs" + else + for lib in $ac_gss_libs; do + AC_CHECK_LIB($lib,main) +diff -ruN squid-3.1.4.orig/src/forward.cc squid-3.1.4/src/forward.cc +--- squid-3.1.4.orig/src/forward.cc 2010-05-30 15:21:11.000000000 +0200 ++++ squid-3.1.4/src/forward.cc 2010-06-16 00:00:08.297162834 +0200 +@@ -999,8 +999,12 @@ + break; + + if (o->cmsg_level == SOL_IP && o->cmsg_type == IP_TOS) { +- int *tmp = (int*)CMSG_DATA(o); +- clientFde->upstreamTOS = (unsigned char)*tmp; ++ union { ++ unsigned char *pchar; ++ int *pint; ++ } data; ++ data.pchar = CMSG_DATA(o); ++ clientFde->upstreamTOS = (unsigned char)*data.pint; + break; + } + pbuf += CMSG_LEN(o->cmsg_len); diff -r a3713bbcd1b6 -r eee42ea7ddfb net-proxy/squid/files/squid-3.1.5-range-leak-fix-1.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/net-proxy/squid/files/squid-3.1.5-range-leak-fix-1.patch Wed Aug 04 14:14:29 2010 +0200 @@ -0,0 +1,45 @@ +http://bugs.squid-cache.org/attachment.cgi?id=2166&action=diff + +Backported to squid-3.1.5 by Kerin Millar + +diff -urp squid-3.1.5.orig/src/HttpReply.cc squid-3.1.5/src/HttpReply.cc +--- squid-3.1.5.orig/src/HttpReply.cc 2010-07-15 00:40:43.562561668 +0400 ++++ squid-3.1.5/src/HttpReply.cc 2010-07-15 00:51:09.046799333 +0400 +@@ -607,6 +607,7 @@ HttpReply * + HttpReply::clone() const + { + HttpReply *rep = new HttpReply(); ++ rep->sline = sline; // used in hdrCacheInit() call above + rep->header.append(&header); + rep->hdrCacheInit(); + rep->hdr_sz = hdr_sz; +@@ -615,8 +616,7 @@ HttpReply::clone() const + rep->body_pipe = body_pipe; + + rep->protocol = protocol; +- rep->sline = sline; +- rep->keep_alive = keep_alive; ++ // keep_alive is handled in HttpMsg::hdrCacheInit() + return rep; + } + +diff -urp squid-3.1.5.orig/src/HttpRequest.cc squid-3.1.5/src/HttpRequest.cc +--- squid-3.1.5.orig/src/HttpRequest.cc 2010-07-02 06:47:30.000000000 +0400 ++++ squid-3.1.5/src/HttpRequest.cc 2010-07-15 00:45:21.755798990 +0400 +@@ -188,7 +188,7 @@ HttpRequest::clone() const + // urlPath handled in ctor + copy->canonical = canonical ? xstrdup(canonical) : NULL; + +- copy->range = range ? new HttpHdrRange(*range) : NULL; ++ // range handled in hdrCacheInit() + copy->ims = ims; + copy->imslen = imslen; + copy->max_forwards = max_forwards; +@@ -358,6 +358,7 @@ HttpRequest::hdrCacheInit() + { + HttpMsg::hdrCacheInit(); + ++ assert(!range); + range = header.getRange(); + } + diff -r a3713bbcd1b6 -r eee42ea7ddfb net-proxy/squid/files/squid-3.1.5-range-leak-fix-2.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/net-proxy/squid/files/squid-3.1.5-range-leak-fix-2.patch Wed Aug 04 14:14:29 2010 +0200 @@ -0,0 +1,23 @@ +--- a/src/client_side_request.cc ++++ a/src/client_side_request.cc +@@ -830,6 +830,8 @@ clientInterpretRequestHeaders(ClientHttpRequest * http) + + /* ignore range header in non-GETs or non-HEADs */ + if (request->method == METHOD_GET || request->method == METHOD_HEAD) { ++ if (request->range) ++ delete request->range; + request->range = req_hdr->getRange(); + + if (request->range) { +@@ -854,7 +856,10 @@ clientInterpretRequestHeaders(ClientHttpRequest * http) + else { + req_hdr->delById(HDR_RANGE); + req_hdr->delById(HDR_REQUEST_RANGE); +- request->range = NULL; ++ if (request->range) { ++ delete request->range; ++ request->range = NULL; ++ } + } + + if (req_hdr->has(HDR_AUTHORIZATION)) diff -r a3713bbcd1b6 -r eee42ea7ddfb net-proxy/squid/squid-3.1.5.ebuild --- a/net-proxy/squid/squid-3.1.5.ebuild Wed Jul 28 11:08:21 2010 +0200 +++ b/net-proxy/squid/squid-3.1.5.ebuild Wed Aug 04 14:14:29 2010 +0200 @@ -1,10 +1,10 @@ -# Copyright 1999-2009 Gentoo Foundation +# Copyright 1999-2010 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/squid-3.1.0.15_beta-r1.ebuild,v 1.1 2009/11/29 08:53:09 mrness Exp $ +# $Header: $ -EAPI="2" +EAPI="3" -inherit eutils pam toolchain-funcs +inherit base eutils pam toolchain-funcs DESCRIPTION="A full-featured web proxy cache" HOMEPAGE="http://www.squid-cache.org/" @@ -19,6 +19,7 @@ zero-penalty-hit \ pf-transparent ipf-transparent kqueue \ elibc_uclibc kernel_linux +epoll" + RESTRICT=test COMMON_DEPEND="caps? ( >=sys-libs/libcap-2.16 ) @@ -32,20 +33,29 @@ !x86-fbsd? ( logrotate? ( app-admin/logrotate ) ) >=sys-libs/db-4 dev-lang/perl" + DEPEND="${COMMON_DEPEND} sys-devel/automake sys-devel/autoconf sys-devel/libtool test? ( dev-util/cppunit )" + RDEPEND="${COMMON_DEPEND} samba? ( net-fs/samba ) mysql? ( dev-perl/DBD-mysql ) postgres? ( dev-perl/DBD-Pg ) sqlite? ( dev-perl/DBD-SQLite )" -# S="${WORKDIR}/${P}" +PATCHES=( + "${FILESDIR}/${P}-gentoo.patch" + "${FILESDIR}/${P}-qafixes.patch" + "${FILESDIR}/${P}-libmd5.patch" + "${FILESDIR}/${P}-errorstate-leak-fix.patch" + "${FILESDIR}/${P}-range-leak-fix-1.patch" + "${FILESDIR}/${P}-range-leak-fix-2.patch" +) -pkg_setup() { +pkg_pretend() { if grep -qs '^[[:space:]]*cache_dir[[:space:]]\+coss' "${ROOT}"etc/squid/squid.conf; then eerror "coss store IO has been disabled by upstream due to stability issues!" eerror "If you want to install this version, switch the store type to something else" @@ -53,15 +63,17 @@ die "/etc/squid/squid.conf: cache_dir use a disabled store type" fi +} + +pkg_setup() { + [ ${EAPI} -lt 4 ] && pkg_pretend enewgroup squid 31 enewuser squid 31 -1 /var/cache/squid squid } src_prepare() { - epatch "${FILESDIR}"/${P}-gentoo.patch - epatch "${FILESDIR}"/${PN}-3.1.1-qafixes.patch - epatch "${FILESDIR}"/${PN}-3.1.1-libmd5.patch + base_src_prepare # eautoreconf breaks lib/libLtdl/libtool script ./bootstrap.sh || die "autoreconf failed" @@ -77,6 +89,7 @@ use sasl && basic_modules="SASL,${basic_modules}" use nis && ! use elibc_uclibc && basic_modules="YP,${basic_modules}" use radius && basic_modules="squid_radius_auth,${basic_modules}" + if use mysql || use postgres || use sqlite ; then basic_modules="DB,${basic_modules}" fi @@ -151,7 +164,7 @@ } src_install() { - emake DESTDIR="${D}" install || die "emake install failed" + base_src_install # need suid root for looking into /etc/shadow fowners root:squid /usr/libexec/squid/ncsa_auth @@ -172,6 +185,7 @@ newpamd "${FILESDIR}/squid.pam" squid newconfd "${FILESDIR}/squid.confd" squid + if use logrotate; then newinitd "${FILESDIR}/squid.initd-logrotate" squid insinto /etc/logrotate.d @@ -188,17 +202,17 @@ } pkg_postinst() { - echo ewarn "Squid authentication helpers have been installed suid root." - ewarn "This allows shadow based authentication (see bug #52977 for more)." - echo + ewarn "This allows for shadow based authentication (see bug #52977 for more)." + ewarn ewarn "Be careful what type of cache_dir you select!" - ewarn " 'diskd' is optimized for high levels of traffic, but it might seem slow" - ewarn "when there isn't sufficient traffic to keep squid reasonably busy." - ewarn " If your traffic level is low to moderate, use 'aufs' or 'ufs'." - echo + ewarn "'diskd' is optimized for high levels of traffic, but it might seem slow" + ewarn "where there isn't sufficient traffic to keep squid reasonably busy." + ewarn "If your traffic level is low to moderate, use 'aufs' or 'ufs'." + ewarn ewarn "Squid can be configured to run in transparent mode like this:" ewarn " ${HILITE}http_port internal-addr:3128 transparent${NORMAL}" + if use zero-penalty-hit; then echo ewarn "In order for zph_preserve_miss_tos to work, you will have to alter your kernel"