head 1.208; access; symbols pkgsrc-2013Q2:1.208.0.16 pkgsrc-2013Q2-base:1.208 pkgsrc-2012Q4:1.208.0.14 pkgsrc-2012Q4-base:1.208 pkgsrc-2011Q4:1.208.0.12 pkgsrc-2011Q4-base:1.208 pkgsrc-2011Q2:1.208.0.10 pkgsrc-2011Q2-base:1.208 pkgsrc-2009Q4:1.208.0.8 pkgsrc-2009Q4-base:1.208 pkgsrc-2008Q4:1.208.0.6 pkgsrc-2008Q4-base:1.208 pkgsrc-2008Q3:1.208.0.4 pkgsrc-2008Q3-base:1.208 cube-native-xorg:1.208.0.2 cube-native-xorg-base:1.208 pkgsrc-2008Q2:1.207.0.4 pkgsrc-2008Q2-base:1.207 cwrapper:1.207.0.2 pkgsrc-2008Q1:1.205.0.2 pkgsrc-2008Q1-base:1.205 pkgsrc-2007Q4:1.200.0.2 pkgsrc-2007Q4-base:1.200 pkgsrc-2007Q3:1.196.0.2 pkgsrc-2007Q3-base:1.196 pkgsrc-2007Q2:1.192.0.2 pkgsrc-2007Q2-base:1.192 pkgsrc-2007Q1:1.191.0.2 pkgsrc-2007Q1-base:1.191 pkgsrc-2006Q4:1.186.0.2 pkgsrc-2006Q4-base:1.186 pkgsrc-2006Q3:1.183.0.2 pkgsrc-2006Q3-base:1.183 pkgsrc-2006Q2:1.180.0.2 pkgsrc-2006Q2-base:1.180 pkgsrc-2006Q1:1.174.0.2 pkgsrc-2006Q1-base:1.174 pkgsrc-2005Q4:1.166.0.2 pkgsrc-2005Q4-base:1.166 pkgsrc-2005Q3:1.160.0.2 pkgsrc-2005Q3-base:1.160 pkgsrc-2005Q2:1.153.0.2 pkgsrc-2005Q2-base:1.153 pkgsrc-2005Q1:1.139.0.2 pkgsrc-2005Q1-base:1.139 pkgsrc-2004Q4:1.120.0.2 pkgsrc-2004Q4-base:1.120 pkgsrc-2004Q3:1.115.0.2 pkgsrc-2004Q3-base:1.115 pkgsrc-2004Q2:1.113.0.2 pkgsrc-2004Q2-base:1.113 pkgsrc-2004Q1:1.104.0.2 pkgsrc-2004Q1-base:1.104 pkgsrc-2003Q4:1.94.0.2 pkgsrc-2003Q4-base:1.94 netbsd-1-6-1:1.75.0.2 netbsd-1-6-1-base:1.75 netbsd-1-6:1.65.0.4 netbsd-1-6-RELEASE-base:1.65 pkgviews:1.64.0.2 pkgviews-base:1.64 buildlink2:1.63.0.2 buildlink2-base:1.63 netbsd-1-5-PATCH003:1.63 netbsd-1-5-PATCH001:1.46 netbsd-1-5-RELEASE:1.33 netbsd-1-4-PATCH003:1.33 netbsd-1-4-PATCH002:1.23 comdex-fall-1999:1.18 netbsd-1-4-PATCH001:1.14 netbsd-1-4-RELEASE:1.8 netbsd-1-3-PATCH003:1.3; locks; strict; comment @# @; 1.208 date 2008.09.12.14.59.52; author taca; state dead; branches; next 1.207; 1.207 date 2008.06.29.01.02.08; author taca; state Exp; branches; next 1.206; 1.206 date 2008.06.21.10.33.55; author taca; state Exp; branches; next 1.205; 1.205 date 2008.04.02.01.30.37; author taca; state Exp; branches 1.205.2.1; next 1.204; 1.204 date 2008.03.22.04.30.53; author taca; state Exp; branches; next 1.203; 1.203 date 2008.03.11.15.46.41; author taca; state Exp; branches; next 1.202; 1.202 date 2008.01.18.05.09.53; author tnn; state Exp; branches; next 1.201; 1.201 date 2008.01.12.06.20.45; author taca; state Exp; branches; next 1.200; 1.200 date 2007.12.20.03.17.14; author taca; state Exp; branches; next 1.199; 1.199 date 2007.12.02.14.47.07; author taca; state Exp; branches; next 1.198; 1.198 date 2007.12.02.11.46.11; author wiz; state Exp; branches; next 1.197; 1.197 date 2007.11.12.00.15.00; author wiz; state Exp; branches; next 1.196; 1.196 date 2007.09.07.10.39.35; author taca; state Exp; branches 1.196.2.1; next 1.195; 1.195 date 2007.08.13.13.04.11; author rillig; state Exp; branches; next 1.194; 1.194 date 2007.08.02.15.45.09; author taca; state Exp; branches; next 1.193; 1.193 date 2007.07.04.20.55.05; author jlam; state Exp; branches; next 1.192; 1.192 date 2007.05.13.16.45.44; author taca; state Exp; branches; next 1.191; 1.191 date 2007.03.21.05.25.01; author taca; state Exp; branches; next 1.190; 1.190 date 2007.03.17.15.14.27; author taca; state Exp; branches; next 1.189; 1.189 date 2007.03.04.11.32.59; author taca; state Exp; branches; next 1.188; 1.188 date 2007.01.28.05.39.23; author taca; state Exp; branches; next 1.187; 1.187 date 2007.01.14.04.12.12; author taca; state Exp; branches; next 1.186; 1.186 date 2006.12.12.14.46.56; author taca; state Exp; branches 1.186.2.1; next 1.185; 1.185 date 2006.12.04.21.50.53; author jdolecek; state Exp; branches; next 1.184; 1.184 date 2006.11.09.15.16.21; author taca; state Exp; branches; next 1.183; 1.183 date 2006.09.26.03.40.20; author taca; state Exp; branches 1.183.2.1; next 1.182; 1.182 date 2006.09.13.14.41.58; author taca; state Exp; branches; next 1.181; 1.181 date 2006.07.09.12.23.22; author taca; state Exp; branches; next 1.180; 1.180 date 2006.06.21.12.10.35; author taca; state Exp; branches; next 1.179; 1.179 date 2006.06.12.15.36.11; author taca; state Exp; branches; next 1.178; 1.178 date 2006.05.31.04.04.28; author taca; state Exp; branches; next 1.177; 1.177 date 2006.05.18.05.17.35; author taca; state Exp; branches; next 1.176; 1.176 date 2006.05.16.05.47.53; author taca; state Exp; branches; next 1.175; 1.175 date 2006.04.23.00.12.42; author jlam; state Exp; branches; next 1.174; 1.174 date 2006.03.12.12.12.19; author taca; state Exp; branches; next 1.173; 1.173 date 2006.03.11.13.15.59; author taca; state Exp; branches; next 1.172; 1.172 date 2006.03.11.10.41.03; author taca; state Exp; branches; next 1.171; 1.171 date 2006.03.05.04.21.20; author taca; state Exp; branches; next 1.170; 1.170 date 2006.03.04.13.40.07; author taca; state Exp; branches; next 1.169; 1.169 date 2006.02.26.15.03.53; author taca; state Exp; branches; next 1.168; 1.168 date 2006.02.13.15.07.17; author taca; state Exp; branches; next 1.167; 1.167 date 2005.12.29.06.22.24; author jlam; state Exp; branches; next 1.166; 1.166 date 2005.12.05.23.55.23; author rillig; state Exp; branches; next 1.165; 1.165 date 2005.12.05.14.06.03; author taca; state Exp; branches; next 1.164; 1.164 date 2005.10.31.09.53.41; author taca; state Exp; branches; next 1.163; 1.163 date 2005.10.25.14.05.22; author taca; state Exp; branches; next 1.162; 1.162 date 2005.10.23.22.32.32; author taca; state Exp; branches; next 1.161; 1.161 date 2005.10.09.14.47.55; author taca; state Exp; branches; next 1.160; 1.160 date 2005.09.21.15.06.07; author taca; state Exp; branches 1.160.2.1; next 1.159; 1.159 date 2005.09.16.14.19.00; author taca; state Exp; branches; next 1.158; 1.158 date 2005.09.15.15.40.47; author taca; state Exp; branches; next 1.157; 1.157 date 2005.09.04.05.07.05; author taca; state Exp; branches; next 1.156; 1.156 date 2005.08.23.11.48.51; author rillig; state Exp; branches; next 1.155; 1.155 date 2005.08.09.15.48.29; author taca; state Exp; branches; next 1.154; 1.154 date 2005.07.15.20.14.03; author jlam; state Exp; branches; next 1.153; 1.153 date 2005.06.07.14.19.10; author taca; state Exp; branches 1.153.2.1; next 1.152; 1.152 date 2005.06.05.14.20.25; author taca; state Exp; branches; next 1.151; 1.151 date 2005.05.22.05.35.33; author jlam; state Exp; branches; next 1.150; 1.150 date 2005.05.12.16.09.48; author taca; state Exp; branches; next 1.149; 1.149 date 2005.05.01.23.17.49; author taca; state Exp; branches; next 1.148; 1.148 date 2005.04.26.16.19.43; author taca; state Exp; branches; next 1.147; 1.147 date 2005.04.25.15.39.13; author taca; state Exp; branches; next 1.146; 1.146 date 2005.04.21.15.49.53; author taca; state Exp; branches; next 1.145; 1.145 date 2005.04.20.00.55.41; author taca; state Exp; branches; next 1.144; 1.144 date 2005.04.19.15.14.31; author taca; state Exp; branches; next 1.143; 1.143 date 2005.04.11.21.48.02; author tv; state Exp; branches; next 1.142; 1.142 date 2005.04.04.14.16.08; author tron; state Exp; branches; next 1.141; 1.141 date 2005.04.04.01.12.37; author taca; state Exp; branches; next 1.140; 1.140 date 2005.03.31.16.44.25; author taca; state Exp; branches; next 1.139; 1.139 date 2005.03.06.13.30.48; author taca; state Exp; branches 1.139.2.1; next 1.138; 1.138 date 2005.03.01.11.16.57; author taca; state Exp; branches; next 1.137; 1.137 date 2005.02.28.16.59.08; author taca; state Exp; branches; next 1.136; 1.136 date 2005.02.21.00.05.32; author taca; state Exp; branches; next 1.135; 1.135 date 2005.02.17.15.04.12; author taca; state Exp; branches; next 1.134; 1.134 date 2005.02.11.14.47.18; author taca; state Exp; branches; next 1.133; 1.133 date 2005.02.06.08.08.02; author taca; state Exp; branches; next 1.132; 1.132 date 2005.02.01.10.22.20; author taca; state Exp; branches; next 1.131; 1.131 date 2005.02.01.01.31.10; author taca; state Exp; branches; next 1.130; 1.130 date 2005.01.29.00.51.42; author taca; state Exp; branches; next 1.129; 1.129 date 2005.01.26.15.29.03; author taca; state Exp; branches; next 1.128; 1.128 date 2005.01.21.13.41.26; author taca; state Exp; branches; next 1.127; 1.127 date 2005.01.19.14.56.55; author taca; state Exp; branches; next 1.126; 1.126 date 2005.01.19.00.19.27; author kim; state Exp; branches; next 1.125; 1.125 date 2005.01.16.15.46.25; author taca; state Exp; branches; next 1.124; 1.124 date 2005.01.13.16.19.10; author taca; state Exp; branches; next 1.123; 1.123 date 2005.01.01.15.57.41; author taca; state Exp; branches; next 1.122; 1.122 date 2004.12.31.13.31.35; author taca; state Exp; branches; next 1.121; 1.121 date 2004.12.28.02.47.51; author reed; state Exp; branches; next 1.120; 1.120 date 2004.12.14.14.27.07; author taca; state Exp; branches 1.120.2.1; next 1.119; 1.119 date 2004.11.28.16.33.58; author taca; state Exp; branches; next 1.118; 1.118 date 2004.10.13.15.35.55; author taca; state Exp; branches; next 1.117; 1.117 date 2004.10.03.16.06.18; author taca; state Exp; branches; next 1.116; 1.116 date 2004.10.03.00.18.27; author tv; state Exp; branches; next 1.115; 1.115 date 2004.09.03.22.58.19; author taca; state Exp; branches 1.115.2.1; next 1.114; 1.114 date 2004.08.22.15.11.07; author taca; state Exp; branches; next 1.113; 1.113 date 2004.06.19.22.07.52; author taca; state Exp; branches; next 1.112; 1.112 date 2004.06.19.22.05.48; author taca; state Exp; branches; next 1.111; 1.111 date 2004.06.19.16.54.31; author taca; state Exp; branches; next 1.110; 1.110 date 2004.06.13.17.33.41; author kristerw; state Exp; branches; next 1.109; 1.109 date 2004.06.06.16.01.01; author taca; state Exp; branches; next 1.108; 1.108 date 2004.06.04.15.33.05; author taca; state Exp; branches; next 1.107; 1.107 date 2004.05.15.13.57.12; author heinz; state Exp; branches; next 1.106; 1.106 date 2004.05.06.14.44.53; author taca; state Exp; branches; next 1.105; 1.105 date 2004.04.26.03.35.04; author snj; state Exp; branches; next 1.104; 1.104 date 2004.03.26.02.27.58; author wiz; state Exp; branches; next 1.103; 1.103 date 2004.03.04.17.05.50; author taca; state Exp; branches; next 1.102; 1.102 date 2004.02.12.14.45.00; author taca; state Exp; branches; next 1.101; 1.101 date 2004.01.20.12.28.00; author agc; state Exp; branches; next 1.100; 1.100 date 2004.01.18.14.30.37; author taca; state Exp; branches; next 1.99; 1.99 date 2003.12.25.16.28.14; author taca; state Exp; branches; next 1.98; 1.98 date 2003.12.17.16.48.27; author taca; state Exp; branches; next 1.97; 1.97 date 2003.12.10.04.03.02; author taca; state Exp; branches; next 1.96; 1.96 date 2003.12.07.16.48.20; author taca; state Exp; branches; next 1.95; 1.95 date 2003.11.30.14.08.31; author taca; state Exp; branches; next 1.94; 1.94 date 2003.11.12.03.39.44; author jschauma; state Exp; branches; next 1.93; 1.93 date 2003.09.17.05.33.46; author taca; state Exp; branches; next 1.92; 1.92 date 2003.09.16.15.58.39; author taca; state Exp; branches; next 1.91; 1.91 date 2003.09.11.15.48.24; author taca; state Exp; branches; next 1.90; 1.90 date 2003.08.18.17.00.24; author taca; state Exp; branches; next 1.89; 1.89 date 2003.08.18.16.03.01; author taca; state Exp; branches; next 1.88; 1.88 date 2003.07.21.06.20.16; author taca; state Exp; branches; next 1.87; 1.87 date 2003.07.17.22.56.03; author grant; state Exp; branches; next 1.86; 1.86 date 2003.07.06.14.08.43; author taca; state Exp; branches; next 1.85; 1.85 date 2003.05.25.14.58.16; author taca; state Exp; branches; next 1.84; 1.84 date 2003.05.24.12.31.34; author taca; state Exp; branches; next 1.83; 1.83 date 2003.05.09.05.07.13; author taca; state Exp; branches; next 1.82; 1.82 date 2003.04.28.12.01.02; author taca; state Exp; branches; next 1.81; 1.81 date 2003.04.11.09.51.40; author taca; state Exp; branches; next 1.80; 1.80 date 2003.03.29.12.42.55; author jmmv; state Exp; branches; next 1.79; 1.79 date 2003.03.25.17.44.22; author taca; state Exp; branches; next 1.78; 1.78 date 2003.03.02.16.22.43; author taca; state Exp; branches; next 1.77; 1.77 date 2003.02.19.23.44.42; author taca; state Exp; branches; next 1.76; 1.76 date 2003.02.16.06.43.40; author taca; state Exp; branches; next 1.75; 1.75 date 2003.01.28.22.04.31; author jlam; state Exp; branches; next 1.74; 1.74 date 2002.12.02.03.09.01; author grant; state Exp; branches; next 1.73; 1.73 date 2002.11.25.14.46.14; author taca; state Exp; branches; next 1.72; 1.72 date 2002.11.25.07.17.25; author tron; state Exp; branches; next 1.71; 1.71 date 2002.11.24.11.01.17; author taca; state Exp; branches; next 1.70; 1.70 date 2002.11.12.16.07.17; author taca; state Exp; branches; next 1.69; 1.69 date 2002.10.13.16.43.20; author taca; state Exp; branches; next 1.68; 1.68 date 2002.09.19.09.04.32; author jlam; state Exp; branches; next 1.67; 1.67 date 2002.09.15.14.39.51; author grant; state Exp; branches; next 1.66; 1.66 date 2002.08.26.06.42.12; author grant; state Exp; branches; next 1.65; 1.65 date 2002.07.24.19.45.32; author jlam; state Exp; branches; next 1.64; 1.64 date 2002.07.04.06.11.44; author tron; state Exp; branches; next 1.63; 1.63 date 2002.03.22.14.59.01; author tron; state Exp; branches; next 1.62; 1.62 date 2002.03.20.16.27.21; author taca; state Exp; branches; next 1.61; 1.61 date 2002.03.03.15.44.47; author taca; state Exp; branches; next 1.60; 1.60 date 2002.02.22.10.07.38; author tron; state Exp; branches; next 1.59; 1.59 date 2002.02.18.17.00.38; author taca; state Exp; branches; next 1.58; 1.58 date 2002.02.10.19.26.56; author veego; state Exp; branches; next 1.57; 1.57 date 2001.12.12.17.06.18; author taca; state Exp; branches; next 1.56; 1.56 date 2001.11.23.10.22.53; author tron; state Exp; branches; next 1.55; 1.55 date 2001.11.17.23.47.24; author kim; state Exp; branches; next 1.54; 1.54 date 2001.11.06.07.22.13; author tron; state Exp; branches; next 1.53; 1.53 date 2001.11.06.03.05.14; author tron; state Exp; branches; next 1.52; 1.52 date 2001.10.09.19.01.49; author tron; state Exp; branches; next 1.51; 1.51 date 2001.09.18.16.24.57; author tron; state Exp; branches; next 1.50; 1.50 date 2001.07.30.07.32.13; author tron; state Exp; branches; next 1.49; 1.49 date 2001.07.30.07.30.11; author tron; state Exp; branches; next 1.48; 1.48 date 2001.07.29.16.47.01; author tron; state Exp; branches; next 1.47; 1.47 date 2001.07.29.16.41.18; author tron; state Exp; branches; next 1.46; 1.46 date 2001.05.01.18.07.48; author wennmach; state Exp; branches; next 1.45; 1.45 date 2001.04.30.03.46.34; author jlam; state Exp; branches; next 1.44; 1.44 date 2001.04.14.10.05.00; author tron; state Exp; branches; next 1.43; 1.43 date 2001.03.27.03.20.25; author hubertf; state Exp; branches; next 1.42; 1.42 date 2001.02.25.04.18.24; author hubertf; state Exp; branches; next 1.41; 1.41 date 2001.02.17.17.22.38; author wiz; state Exp; branches; next 1.40; 1.40 date 2001.01.26.04.56.13; author hubertf; state Exp; branches; next 1.39; 1.39 date 2000.12.16.09.45.18; author hubertf; state Exp; branches; next 1.38; 1.38 date 2000.12.13.16.03.39; author taca; state Exp; branches; next 1.37; 1.37 date 2000.11.28.01.09.17; author taca; state Exp; branches; next 1.36; 1.36 date 2000.11.27.14.39.49; author taca; state Exp; branches; next 1.35; 1.35 date 2000.11.02.10.31.38; author jdolecek; state Exp; branches; next 1.34; 1.34 date 2000.10.15.20.17.44; author veego; state Exp; branches; next 1.33; 1.33 date 2000.10.10.10.28.39; author tron; state Exp; branches; next 1.32; 1.32 date 2000.09.05.09.33.18; author jlam; state Exp; branches; next 1.31; 1.31 date 2000.09.03.13.42.22; author wiz; state Exp; branches; next 1.30; 1.30 date 2000.08.27.02.46.08; author jlam; state Exp; branches; next 1.29; 1.29 date 2000.05.19.07.18.55; author tron; state Exp; branches; next 1.28; 1.28 date 2000.05.03.15.14.53; author rh; state Exp; branches; next 1.27; 1.27 date 2000.03.21.10.09.51; author tron; state Exp; branches; next 1.26; 1.26 date 2000.03.07.20.05.22; author tron; state Exp; branches; next 1.25; 1.25 date 2000.03.07.18.59.47; author tron; state Exp; branches; next 1.24; 1.24 date 2000.03.06.18.52.06; author tron; state Exp; branches; next 1.23; 1.23 date 2000.02.27.23.11.12; author tron; state Exp; branches; next 1.22; 1.22 date 99.11.12.22.56.31; author tron; state Exp; branches; next 1.21; 1.21 date 99.11.12.22.20.49; author tron; state Exp; branches; next 1.20; 1.20 date 99.11.12.22.07.10; author tron; state Exp; branches; next 1.19; 1.19 date 99.11.12.16.25.30; author rh; state Exp; branches; next 1.18; 1.18 date 99.10.07.17.41.59; author tron; state Exp; branches; next 1.17; 1.17 date 99.09.28.20.40.05; author soren; state Exp; branches; next 1.16; 1.16 date 99.08.17.23.10.55; author tron; state Exp; branches; next 1.15; 1.15 date 99.08.02.12.14.00; author agc; state Exp; branches; next 1.14; 1.14 date 99.07.14.21.45.50; author tron; state Exp; branches; next 1.13; 1.13 date 99.06.03.16.42.35; author tron; state Exp; branches; next 1.12; 1.12 date 99.05.28.21.58.25; author tron; state Exp; branches; next 1.11; 1.11 date 99.05.12.16.17.34; author tron; state Exp; branches; next 1.10; 1.10 date 99.05.02.12.49.43; author tron; state Exp; branches; next 1.9; 1.9 date 99.05.02.00.48.31; author tron; state Exp; branches; next 1.8; 1.8 date 99.04.09.17.54.26; author bad; state Exp; branches; next 1.7; 1.7 date 99.03.08.10.53.57; author agc; state Exp; branches; next 1.6; 1.6 date 99.02.20.22.48.45; author hubertf; state Exp; branches; next 1.5; 1.5 date 99.01.29.19.26.37; author bad; state Exp; branches; next 1.4; 1.4 date 98.12.06.12.42.00; author tron; state Exp; branches; next 1.3; 1.3 date 98.08.20.15.17.31; author tsarna; state Exp; branches; next 1.2; 1.2 date 98.05.24.19.01.19; author tron; state Exp; branches; next 1.1; 1.1 date 98.05.23.21.27.20; author tron; state Exp; branches; next ; 1.205.2.1 date 2008.06.29.11.39.39; author rtr; state Exp; branches; next ; 1.196.2.1 date 2007.12.06.10.22.02; author ghen; state Exp; branches; next ; 1.186.2.1 date 2007.01.29.18.51.24; author ghen; state Exp; branches; next 1.186.2.2; 1.186.2.2 date 2007.03.22.08.36.18; author ghen; state Exp; branches; next ; 1.183.2.1 date 2006.11.10.12.18.52; author salo; state Exp; branches; next ; 1.160.2.1 date 2005.10.24.00.57.29; author seb; state Exp; branches; next 1.160.2.2; 1.160.2.2 date 2005.10.25.18.04.33; author salo; state Exp; branches; next 1.160.2.3; 1.160.2.3 date 2005.11.01.22.06.59; author salo; state Exp; branches; next ; 1.153.2.1 date 2005.09.10.11.16.41; author salo; state Exp; branches; next 1.153.2.2; 1.153.2.2 date 2005.09.15.16.35.32; author salo; state Exp; branches; next 1.153.2.3; 1.153.2.3 date 2005.09.16.15.06.30; author salo; state Exp; branches; next 1.153.2.4; 1.153.2.4 date 2005.09.22.17.36.31; author salo; state Exp; branches; next ; 1.139.2.1 date 2005.04.01.06.38.08; author salo; state Exp; branches; next 1.139.2.2; 1.139.2.2 date 2005.04.04.07.26.32; author salo; state Exp; branches; next 1.139.2.3; 1.139.2.3 date 2005.04.05.08.41.57; author salo; state Exp; branches; next 1.139.2.4; 1.139.2.4 date 2005.04.19.15.50.56; author salo; state Exp; branches; next 1.139.2.5; 1.139.2.5 date 2005.04.20.01.16.48; author salo; state Exp; branches; next 1.139.2.6; 1.139.2.6 date 2005.04.21.16.16.40; author salo; state Exp; branches; next 1.139.2.7; 1.139.2.7 date 2005.04.30.05.35.56; author salo; state Exp; branches; next 1.139.2.8; 1.139.2.8 date 2005.05.02.00.18.13; author salo; state Exp; branches; next 1.139.2.9; 1.139.2.9 date 2005.05.13.10.23.22; author salo; state Exp; branches; next ; 1.120.2.1 date 2005.01.05.11.18.52; author salo; state Exp; branches; next 1.120.2.2; 1.120.2.2 date 2005.01.15.06.39.25; author snj; state Exp; branches; next 1.120.2.3; 1.120.2.3 date 2005.01.21.14.37.07; author salo; state Exp; branches; next 1.120.2.4; 1.120.2.4 date 2005.01.27.04.58.58; author snj; state Exp; branches; next 1.120.2.5; 1.120.2.5 date 2005.01.29.06.59.25; author snj; state Exp; branches; next 1.120.2.6; 1.120.2.6 date 2005.02.01.10.40.44; author salo; state Exp; branches; next 1.120.2.7; 1.120.2.7 date 2005.02.07.05.45.47; author snj; state Exp; branches; next 1.120.2.8; 1.120.2.8 date 2005.02.11.23.30.56; author snj; state Exp; branches; next 1.120.2.9; 1.120.2.9 date 2005.02.17.15.37.00; author salo; state Exp; branches; next 1.120.2.10; 1.120.2.10 date 2005.02.21.00.29.40; author salo; state Exp; branches; next 1.120.2.11; 1.120.2.11 date 2005.03.01.12.46.14; author salo; state Exp; branches; next 1.120.2.12; 1.120.2.12 date 2005.03.07.14.05.27; author salo; state Exp; branches; next ; 1.115.2.1 date 2004.10.20.16.33.44; author agc; state Exp; branches; next ; desc @@ 1.208 log @Restructuring Squid package: * Now www/squid directory is common directory for squid packages. * package options clean up and all options are described. * LDAP helper support. (PR pkg/39386) * DESTDIR support. * Move some MESSAGE to documation directory. Next, I'll import squid26, squid27 and squid30 packages. @ text @# $NetBSD: Makefile,v 1.207 2008/06/29 01:02:08 taca Exp $ DISTNAME= squid-2.6.STABLE21 PKGNAME= ${DISTNAME:S/STABLE//} CATEGORIES= www MASTER_SITES= http://www.squid-cache.org/Versions/v2/2.6/ EXTRACT_SUFX= .tar.bz2 MAINTAINER= taca@@NetBSD.org HOMEPAGE= http://www.squid-cache.org/ COMMENT= Post-Harvest_cached WWW proxy cache and accelerator WRKSRC= ${WRKDIR}/${DISTNAME:S/-src//} DOCDIR= ${PREFIX}/share/doc/squid EXAMPLESDIR= ${PREFIX}/share/examples/squid DOCFILES= ChangeLog RELEASENOTES.html doc/debug-sections.txt USE_TOOLS+= perl GNU_CONFIGURE= yes CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR:Q} \ --localstatedir=${SQUID_DATADIR:Q} MAKE_ENV+= INSTALL_SCRIPT=${INSTALL_SCRIPT:Q} MAKE_ENV+= PKG_PREFIX=${PREFIX:Q} VARBASE=${VARBASE:Q} PLIST_SRC= ${WRKDIR}/PLIST RCD_SCRIPTS= squid CONF_FILES+= ${EXAMPLESDIR}/cachemgr.conf ${PKG_SYSCONFDIR}/cachemgr.conf CONF_FILES+= ${EXAMPLESDIR}/mime.conf ${PKG_SYSCONFDIR}/mime.conf CONF_FILES+= ${EXAMPLESDIR}/squid.conf ${PKG_SYSCONFDIR}/squid.conf CONF_FILES+= ${EXAMPLESDIR}/msntauth.conf ${PKG_SYSCONFDIR}/msntauth.conf OWN_DIRS= ${SQUID_DATADIR} OWN_DIRS_PERMS+= ${SQUID_DATADIR}/cache ${SQUID_USER} ${SQUID_GROUP} 0750 \ ${SQUID_DATADIR}/logs ${SQUID_USER} ${SQUID_GROUP} 0750 EXAMPLES_FILES= src/mime.conf.default src/squid.conf.default \ helpers/basic_auth/MSNT/msntauth.conf.default \ tools/cachemgr.conf .include "../../mk/bsd.prefs.mk" .include "Makefile.common" BUILD_DEFS+= LOGDIR VARBASE CONFIGURE_ARGS+= --enable-auth=basic,digest,ntlm \ --enable-cachemgr-hostname=localhost \ --enable-delay-pools \ --enable-removal-policies=lru,heap \ --enable-poll \ --enable-underscores \ --enable-storeio=${SQUID_BACKENDS:Q} \ --with-aio # # generic helpers # OPTIONAL_FILES+= bin/cossdump libexec/diskd-daemon libexec/dnsserver OPTIONAL_FILES+= libexec/pinger libexec/unlinkd # # basic auth helpers (except LDAP, multi-domain-NTLM and SASL) # OPTIONAL_FILES+= libexec/getpwname_auth libexec/msnt_auth libexec/ncsa_auth OPTIONAL_FILES+= libexec/pam_auth ${PKGMANDIR}/man8/ncsa_auth.8 OPTIONAL_FILES+= ${PKGMANDIR}/man8/pam_auth.8 OPTIONAL_FILES+= libexec/smb_auth libexec/yp_auth libexec/wb_auth # # digest auth helpers # OPTIONAL_FILES+= libexec/digest_pw_auth # # ntlm auth helpers (except no_check and winbind) # OPTIONAL_FILES+= libexec/fakeauth_auth libexec/ntlm_auth OPTIONAL_FILES+= libexec/wb_ntlmauth ${PKGMANDIR}/man8/squid_unix_group.8 # # external acl helpers (except ldap_group, wbinfo_group and winbind_group) # OPTIONAL_FILES+= libexec/ip_user_check libexec/squid_unix_group SUBST_CLASSES+= confs SUBST_STAGE.confs= pre-configure SUBST_FILES.confs= src/cf.data.pre SUBST_SED.confs= -e "s/@@USER@@/${SQUID_USER}/" SUBST_MESSAGE.confs= Fixing configuration files. CHECK_PORTABILITY_SKIP+= icons/icons.shar INSTALLATION_DIRS= bin libexec ${PKGMANDIR}/man8 sbin ${DOCDIR} \ ${EXAMPLESDIR} share/squid/errors share/squid/icons post-install: .for f in ${EXAMPLES_FILES} ${INSTALL_DATA} ${WRKSRC}/${f} ${EXAMPLESDIR}/`basename ${f} .default` .endfor ${CP} ${PKGDIR}/PLIST ${PLIST_SRC} cd ${WRKSRC}; \ for i in ${DOCFILES}; do \ ${INSTALL_DATA} $$i ${DOCDIR}; \ done ( \ for i in ${OPTIONAL_FILES}; do \ ${TEST} ! -r ${PREFIX}/$$i || ${ECHO} $$i; \ done; \ cd ${WRKSRC}/errors; \ for i in *; do \ ${TEST} -d $$i && \ (${LS} $$i/ERR_* | \ ${SED} -e 's@@^@@share/squid/errors/@@'; \ ${ECHO} "@@dirrm share/squid/errors/$$i"); \ done; \ ${ECHO} "@@dirrm share/squid/errors"; \ cd ${WRKSRC}/icons; \ ${LS} anthony-*.gif | \ ${SED} -e 's@@^@@share/squid/icons/@@'; \ ${ECHO} "@@dirrm share/squid/icons"; \ ${ECHO} "share/squid/mib.txt"; \ ${ECHO} "@@dirrm share/squid" \ ) >>${PLIST_SRC} .include "options.mk" .include "../../mk/bsd.pkg.mk" @ 1.207 log @Update www/squid package to 2.6.21 (2.6.STABLE21) which contains two security fixes: - Bug #1993: Memory leak in http_reply_access deny processing - Bug #2122: In some situations collapsed_forwarding could leak private information Changes to squid-2.6.STABLE21 (27 June 2008) - Bug #2350: Bugs in Linux kernel capabilities code - Bug #2241: weights not applied properly in round-robin peer selection - Off by one error in DNS label decompression could cause valid DNS messages to be rejected - logformat docs contain extra whitespace - Reject ridiculously large ASN.1 lengths - Fix SNMP reporting of counters with a value > 0xFF80000 - Correct spelling of WCCPv2 dst_port_hash to match the source - Plug some "squid -k reconfigure" memory leaks. Mostly SSL related. - Bug #1993: Memory leak in http_reply_access deny processing - Bug #2122: In some situations collapsed_forwarding could leak private information - Bug #2376: Round-Robin becomes unbalanced when a peer dies and comes back - Bug #2387: The calculation of the number of hash buckets need to account for the memory size, not only disk size - Bug #2393: DNS requests retried indefinitely at full speed on failed TCP connection - Bug #2393: DNS retransmit queue could get hold up - Correct socket syscalls statistics in commResetFD() @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.206 2008/06/21 10:33:55 taca Exp $ @ 1.206 log @Update squid package to 2.6.20 (2.6.STABLE20). It would be last 2.6 stable release. Changes to squid-2.6.STABLE20 (25 Apr 2008) - Bug #2263: Custom log formats fail to log file sizes >2GB properly on 32-bit platforms - Fix stripping NT domain in squid_ldap_group - Bug #2278: Cache-Control: max-stale=0 forwarded wrongly as max-stale (without delta) - Bug #2283: Fails to parse chunked encoding using chunk extensions - Bug #420: Deal properly with empty list HTTP header members - Windows Server 2008 support - Bug #1886: tcp_outgoing_address acl doesn't work with indirect source address (follow-x-forwarded-for) - Bug #2296: Stuck in 100% CPU when fetching an corrupt peer digest - Add support for the resolv.conf domain directive, and also automatically derived default domain - minimum_icp_query_timeout directive - Bug #2329: Range header ignored on HIT @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.205 2008/04/02 01:30:37 taca Exp $ d3 1 a3 1 DISTNAME= squid-2.6.STABLE20 @ 1.205 log @Update squid package to 2.6.19 (2.6.STABLE19). Changes to squid-2.6.STABLE19 (19 Mar 2008) - Fix tcp_outgoing_address example config to match its description - Bug #2198: assertion failed sc != NULL when using peer monitor function - Fix missing default disk store type into QUICKSTART example. - Bugzilla #761 : Handle recursive completion operations in diskd. - documentation bugfix for tcp_outgoing_tos directive - Sort cache list in wccpv2 to ensure a consistent hash allocation across all services - Updated Ukrainan error pages - Compile error in squid_kerb_auth under Mac OS X 10.5.2 - squid_radius_auth failed ro process more than 256 requests - Clarified description of 'cache_vary' directive - Make range_offset_limit 0 disable local range processing as documented, even if the first range starts at 0 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.204 2008/03/22 04:30:53 taca Exp $ d3 1 a3 1 DISTNAME= squid-2.6.STABLE19 @ 1.205.2.1 log @pullup ticket 2438 requested by taca squid: fixes security problems pkgsrc/www/squid/Makefile 1.206,1.207 pkgsrc/www/squid/distinfo 1.138,1.139 Module Name: pkgsrc Committed By: taca Date: Sat Jun 21 10:33:55 UTC 2008 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: Update squid package to 2.6.20 (2.6.STABLE20). It would be last 2.6 stable release. Changes to squid-2.6.STABLE20 (25 Apr 2008) - Bug #2263: Custom log formats fail to log file sizes >2GB properly on 32-bit platforms - Fix stripping NT domain in squid_ldap_group - Bug #2278: Cache-Control: max-stale=0 forwarded wrongly as max-stale (without delta) - Bug #2283: Fails to parse chunked encoding using chunk extensions - Bug #420: Deal properly with empty list HTTP header members - Windows Server 2008 support - Bug #1886: tcp_outgoing_address acl doesn't work with indirect source address (follow-x-forwarded-for) - Bug #2296: Stuck in 100% CPU when fetching an corrupt peer digest - Add support for the resolv.conf domain directive, and also automatically derived default domain - minimum_icp_query_timeout directive - Bug #2329: Range header ignored on HIT ------------------------------------------------------------------------ Module Name: pkgsrc Committed By: taca Date: Sun Jun 29 01:02:09 UTC 2008 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: Update www/squid package to 2.6.21 (2.6.STABLE21) which contains two security fixes: - Bug #1993: Memory leak in http_reply_access deny processing - Bug #2122: In some situations collapsed_forwarding could leak private information Changes to squid-2.6.STABLE21 (27 June 2008) - Bug #2350: Bugs in Linux kernel capabilities code - Bug #2241: weights not applied properly in round-robin peer selection - Off by one error in DNS label decompression could cause valid DNS messages to be rejected - logformat docs contain extra whitespace - Reject ridiculously large ASN.1 lengths - Fix SNMP reporting of counters with a value > 0xFF80000 - Correct spelling of WCCPv2 dst_port_hash to match the source - Plug some "squid -k reconfigure" memory leaks. Mostly SSL related. - Bug #1993: Memory leak in http_reply_access deny processing - Bug #2122: In some situations collapsed_forwarding could leak private information - Bug #2376: Round-Robin becomes unbalanced when a peer dies and comes back - Bug #2387: The calculation of the number of hash buckets need to account for the memory size, not only disk size - Bug #2393: DNS requests retried indefinitely at full speed on failed TCP connection - Bug #2393: DNS retransmit queue could get hold up - Correct socket syscalls statistics in commResetFD() @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.205 2008/04/02 01:30:37 taca Exp $ d3 1 a3 1 DISTNAME= squid-2.6.STABLE21 @ 1.204 log @- Honor PKGMANDIR. - Use INSTALLATION_DIRS. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.203 2008/03/11 15:46:41 taca Exp $ d3 1 a3 1 DISTNAME= squid-2.6.STABLE18 a4 1 PKGREVISION= 2 @ 1.203 log @Improve startup script: - Revive support for system without NetBSD style rc/rc.d. - Always pass command_args and squid_flags to squid command. This should fix the PR pkg/38036 by Wolfgang Stukenbrock. Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.202 2008/01/18 05:09:53 tnn Exp $ d45 1 a45 1 BUILD_DEFS+= VARBASE d65 2 a66 1 OPTIONAL_FILES+= libexec/pam_auth man/man8/ncsa_auth.8 man/man8/pam_auth.8 d76 1 a76 1 OPTIONAL_FILES+= libexec/wb_ntlmauth man/man8/squid_unix_group.8 d90 2 a91 4 pre-install: ${INSTALL_DATA_DIR} ${PREFIX}/share/squid ${INSTALL_DATA_DIR} ${PREFIX}/share/squid/errors ${INSTALL_DATA_DIR} ${PREFIX}/share/squid/icons a93 1 ${INSTALL_DATA_DIR} ${EXAMPLESDIR} a97 1 ${INSTALL_DATA_DIR} ${DOCDIR} @ 1.202 log @Per the process outlined in revbump(1), perform a recursive revbump on packages that are affected by the switch from the openssl 0.9.7 branch to the 0.9.8 branch. ok jlam@@ @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.201 2008/01/12 06:20:45 taca Exp $ d5 1 a5 1 PKGREVISION= 1 @ 1.201 log @Update squid package to 2.6.18 (2.6.STABLE18) Changes to squid-2.6.STABLE18 (10 Jan 2008) - Fix 2 assertion failures related to the fix for SQUID-2007:2 - GPL license cleanup to GPLv2 or later. One file in edir_digest_auth was GPLv2 only, now replaced with a GPLv2 or later licensed vesion. - Minor cleanups to make certain 64-bit platforms happier - Several Digest authentication bugs fixed wich was causing random authenitcation popups or failures. - --with-valgrind-debug updated for valgrind-3.3.0. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.200 2007/12/20 03:17:14 taca Exp $ d5 1 @ 1.200 log @- Rename DATADIR to SQUID_DATADIR. - Move some common parameter to Makefile.common; squid's user, group and data directory. - Add LOGDIR to Makefile.common. These changes have no functional change but make it possible for squidGuard package to share parameters. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.199 2007/12/02 14:47:07 taca Exp $ d3 1 a3 1 DISTNAME= squid-2.6.STABLE17 @ 1.199 log @Update squid package to 2.6.17 (2.6.STABLE17). Changes to squid-2.6.STABLE17 (26 Nov 2007) - Fix compile error with old GCC 2.x or other ANSI-C compilers before C99 - Mention the login= cache_peer option in release notes - Fix bad cache_peer example in squid.conf - Bug #2086: Fix a compile-time memory corruption error causing cf_gen to fail - Bug #2048: Clarify high_memory_warning usage - Reject DNS responses which result in no data - Fix version number in configuration manual - Move cache and request/reply_header_max_size to their proper sections - Bug #2088: sbrk statistics broken when process size >2GB - Move logopen() much earlier to have fatal startup errors sent to the proper syslog facility - Fix HTTP/0.9 responses - Correct bad example config for tos_outgoing_tos - Fix grammar in description of mail_program squid.conf option - Ignore Content-Length in chunked responses instead of rejecting the response as invalid - Documented that http_port no longer have a default - Cleanup of cache digest documentation - Make aufs store rebuilding back off a little if I/O load too high - Bug #2100: Respect DNS ttl=0 - Update udp_(incoming|outgoing)_address documentation to reflect current bahaviour. - Update HTCP documentation - Document the overlapping helper request format - Change priority of proxy auth and extacl provided username in login=*:pass - pack header entries on cache updates - Make squid_db_auth reopen the database connection on each query by default - Improve helper debug ouput, including the channel number - Update cachePeerEntry MIB description to mention what is used as index key - Import squid_radius_auth for authenticating to RADIUS @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.198 2007/12/02 11:46:11 wiz Exp $ a16 1 DATADIR= ${VARBASE}/squid d23 1 a23 1 --localstatedir=${DATADIR:Q} a29 8 PKG_GROUPS_VARS+= SQUID_GROUP PKG_USERS_VARS+= SQUID_USER PKG_GROUPS= ${SQUID_GROUP} PKG_USERS= ${SQUID_USER}:${SQUID_GROUP} PKG_GECOS.${SQUID_USER}= Squid Web-Cache pseudo-user d34 3 a36 3 OWN_DIRS= ${DATADIR} OWN_DIRS_PERMS+= ${DATADIR}/cache ${SQUID_USER} ${SQUID_GROUP} 0750 \ ${DATADIR}/logs ${SQUID_USER} ${SQUID_GROUP} 0750 d42 1 a43 4 PKG_SYSCONFSUBDIR?= squid SQUID_USER?= squid SQUID_GROUP?= squid @ 1.198 log @Remove Ex-MASTER_SITE. From Zafer Aydogan. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.197 2007/11/12 00:15:00 wiz Exp $ d3 1 a3 1 DISTNAME= squid-2.6.STABLE16 @ 1.197 log @Remove ftp.leo.org from MASTER_SITES, doesn't resolve. From Zafer Aydogan in PR 37341. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.196 2007/09/07 10:39:35 taca Exp $ d6 1 a6 2 MASTER_SITES= http://www.squid-cache.org/Versions/v2/2.6/ \ ftp://ftp1.au.squid-cache.org/pub/squid/squid-2/STABLE/ @ 1.196 log @Update squid to 2.6.16 (2.6.STABLE16). Changes to squid-2.6.STABLE16 (5 Sep 2007) - Test for sys/capability.h linux include file to avoid failing on linux systems missing libcap - Release private objects on cache rebuild - Segfault in clientBuildReplyHeader when http->entry == NULL - Bug #2072: digest_pw_auth fails when using plaintext passwords - Bug #2073: assertion failed: client_side.c:4175: "buf != NULL || !conn->body.request on POST - Adjust default pconn timeouts to avoid shutting down connection while child sends request - Bug #1980: cache_peer monitortimeout not working - Bug #1882: Parent responses are not cached if sibling returns 504 - More squid.conf reordering to get the dependencies between options sorted proper Changes to squid-2.6.STABLE15 (31 Aug 2007) - The select() I/O loop got broken by the /dev/poll addition (2.6.STABLE14) - Bug #2017: Fails to work around broken servers sending just the HTTP headers - Bug #2023: Compile error with old GCC 2.x or other ANSI-C compilers before C99 - squid.conf.default updated and reorganised in more sensible groups - correct and document the syslog access_log format - Armenian error pages translation - digest_ldap_helper usage help updated - Bug #1560: ftpSendPasv: getsockname(-1,..): (9) Bad file descriptor - Improve delay pools in low traffic environment by checking timeouts at a steady 1 second interval even when there is not much activity - Don't request authentication on transparently intercepted connections - Cleanup linux capabilities for tproxy - Bug #2003: 'via' config directive doesn't affect response headers - Bug #1902: Adds Numeric Hit and invalid request counters to IP Cache - Add missing $|=1 to squid_db_auth - Bug #2050: Persistent connection dropped if cache has no Content-Length - Verify the URL on memory cache hits - Bug #2057: NTLM stop work in messengers after upgrade to 2.6.STABLE14 - Bug #1972: Squid sets peers to down state when they are in fact working. - potential segmentation fault in storeLocateVary() - Bug #2066: chdir after chroot - Windows port: Fix compiler warnings when building Squid as application (not Windows service mode) - Spelling correction of received @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.195 2007/08/13 13:04:11 rillig Exp $ a6 1 ftp://ftp.leo.org/pub/comp/general/infosys/www/daemons/squid/squid-2/STABLE/ \ @ 1.196.2.1 log @Pullup ticket 2241 - requested by taca security update for squid - pkgsrc/www/squid/Makefile 1.197-1.199 - pkgsrc/www/squid/distinfo 1.135 - pkgsrc/www/squid/patches/patch-av removed Module Name: pkgsrc Committed By: wiz Date: Mon Nov 12 00:15:00 UTC 2007 Modified Files: pkgsrc/www/squid: Makefile Log Message: Remove ftp.leo.org from MASTER_SITES, doesn't resolve. From Zafer Aydogan in PR 37341. --- Module Name: pkgsrc Committed By: wiz Date: Sun Dec 2 11:46:11 UTC 2007 Modified Files: pkgsrc/www/squid: Makefile Log Message: Remove Ex-MASTER_SITE. From Zafer Aydogan. --- Module Name: pkgsrc Committed By: taca Date: Sun Dec 2 14:47:08 UTC 2007 Modified Files: pkgsrc/www/squid: Makefile distinfo Removed Files: pkgsrc/www/squid/patches: patch-av Log Message: Update squid package to 2.6.17 (2.6.STABLE17). Changes to squid-2.6.STABLE17 (26 Nov 2007) - Fix compile error with old GCC 2.x or other ANSI-C compilers before C99 - Mention the login= cache_peer option in release notes - Fix bad cache_peer example in squid.conf - Bug #2086: Fix a compile-time memory corruption error causing cf_gen to fail - Bug #2048: Clarify high_memory_warning usage - Reject DNS responses which result in no data - Fix version number in configuration manual - Move cache and request/reply_header_max_size to their proper sections - Bug #2088: sbrk statistics broken when process size >2GB - Move logopen() much earlier to have fatal startup errors sent to the proper syslog facility - Fix HTTP/0.9 responses - Correct bad example config for tos_outgoing_tos - Fix grammar in description of mail_program squid.conf option - Ignore Content-Length in chunked responses instead of rejecting the response as invalid - Documented that http_port no longer have a default - Cleanup of cache digest documentation - Make aufs store rebuilding back off a little if I/O load too high - Bug #2100: Respect DNS ttl=0 - Update udp_(incoming|outgoing)_address documentation to reflect current bahaviour. - Update HTCP documentation - Document the overlapping helper request format - Change priority of proxy auth and extacl provided username in login=*:pass - pack header entries on cache updates - Make squid_db_auth reopen the database connection on each query by default - Improve helper debug ouput, including the channel number - Update cachePeerEntry MIB description to mention what is used as index key - Import squid_radius_auth for authenticating to RADIUS @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.196 2007/09/07 10:39:35 taca Exp $ d3 1 a3 1 DISTNAME= squid-2.6.STABLE17 d6 3 a8 1 MASTER_SITES= http://www.squid-cache.org/Versions/v2/2.6/ @ 1.195 log @icons/icons.shar contains a "+=", which is detected by a to-be-added-soon portability check. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.194 2007/08/02 15:45:09 taca Exp $ d3 1 a3 1 DISTNAME= squid-2.6.STABLE14 @ 1.194 log @Update squid pacakge to 2.6.14 (2.6.STABLE14). pkgsrc chagnes o Add "coss" option which enable COSS (Cyclic Object storage system). Noted by Chris Ross on pkgsrc-users. Changes to squid-2.6.STABLE14 (15 Jul 2007) - squid.conf.default cleanup to have options in their proper sections. - documentation correction in the refresh_pattern ignore-auth option - URI-escaping not uses the recommended upper-case hex codes - refresh_pattern min-age 0 correted to really mean 0, and not 1 second - Always use xisxxxx() Squid defined macros instead of ctype functions. - Kerberos SPNEGO/Negotiate helper for the negotiate scheme - Database basic auth helper using Perl DBI to connect to most SQL DBs - Solaris /dev/poll network I/O support - configure fixes to make cross compilation somewhat easier - Removed incorrect -a reference from http_port documentation - Bug #1900: Double "squid -k shutdown" makes Squid restart again - Bug #1968: Squid hangs occasionally when using DNS search paths - Novell eDirectory digest auth helper (digest_edir_auth) - Bug #1130: min-size option for cache_dir - POP3 basic auth helper querying a POP3 server - Cosmetic squid_ldap_auth fixes from Squid-3 - Bug #1085: Add no-wrap to cache manager HTML tables - Automatically restart if number of available filedescriptors becomes alarmingly low, preventing a situation where Squid would otherwise permanently stop processing requests. - Bug #2010: snmp_core.cc:828: warning: array subscript is above array bounds - Deal better with forwarding loops @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.193 2007/07/04 20:55:05 jlam Exp $ d100 2 @ 1.193 log @Make it easier to build and install packages "unprivileged", where the owner of all installed files is a non-root user. This change affects most packages that require special users or groups by making them use the specified unprivileged user and group instead. (1) Add two new variables PKG_GROUPS_VARS and PKG_USERS_VARS to unprivileged.mk. These two variables are lists of other bmake variables that define package-specific users and groups. Packages that have user-settable variables for users and groups, e.g. apache and APACHE_{USER,GROUP}, courier-mta and COURIER_{USER,GROUP}, etc., should list these variables in PKG_USERS_VARS and PKG_GROUPS_VARS so that unprivileged.mk can know to set them to ${UNPRIVILEGED_USER} and ${UNPRIVILEGED_GROUP}. (2) Modify packages to use PKG_GROUPS_VARS and PKG_USERS_VARS. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.192 2007/05/13 16:45:44 taca Exp $ d3 1 a3 1 DISTNAME= squid-2.6.STABLE13 @ 1.192 log @Update squid pacakge to 2.6.13 (2.6.STABLE13). Changes to squid-2.6.STABLE13 (11 May 2007) - Make sure reply headers gets sent even if there is no body available yet, fixing RealMedia streaming over HTTP issues. - Undo an accidental name change of storeUnregisterAbort. - Kill an ancient malplaced storeUnregisterAbort call from ftp.c - Bug #1814: SSL memory leak on persistent SSL connections - Don't log ECONNREFUSED/ECONNABORTED accept failures in cache.log - Cosmetic fix: added missing newline in WCCPv2 configuration dump. - Ukrainan error messages - Convert various error pages from DOS to UNIX text format - Bug #1820: COSS assertion failure t->length == MD5_DIGEST_CHARS - Clarify the max-conn=n cache_peer option syntax slightly - Bug #1892: COSS segfault on shutdown - Windows port: fix undefined ECONNABORTED - Make refreshIsCachable handle ETag as a cache validator, not only last-modified - in_port_t is not portable, use unsigned short instead - Fix fs / auth / snmp dependencies - Portability: statfs() may reqire #include @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.191 2007/03/21 05:25:01 taca Exp $ d33 3 d58 1 a58 1 BUILD_DEFS+= SQUID_USER SQUID_GROUP VARBASE @ 1.191 log @Update squid package to 2.6.12. This fixes a DoS security problem. http://www.squid-cache.org/Advisories/SQUID-2007_1.txt Changes to squid-2.6.STABLE12 (Mar 20 2007) - Assertion error on TRACE @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.190 2007/03/17 15:14:27 taca Exp $ d3 1 a3 1 DISTNAME= squid-2.6.STABLE12 d63 2 a64 1 --enable-storeio=${SQUID_BACKENDS:Q} d109 1 a109 1 @@cd ${WRKSRC}; \ @ 1.190 log @Update squid to 2.6.11 (squid-2.6.STABLE11). Changes to squid-2.6.STABLE11 (Mar 17 2007) - Bug #1915: assertion failed: client_side.c:4055: "buf != NULL || !conn->body.request" - Handle garbage helper responses better in concurrent protocol format - Fix kqueue when overflowing the changes queue - Make sure the child worker process commits suicide if it could not start up - Don't log short responses at debug level 1 - Fix bswap16 & bwsap32 error on NetBSD - Fix collapsed_forwarding for non-GET requests @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.189 2007/03/04 11:32:59 taca Exp $ d3 1 a3 1 DISTNAME= squid-2.6.STABLE11 @ 1.189 log @Update www/squid to squid-2.6.10 (squid-2.6.STABLE10). Changes to squid-2.6.STABLE10 (Mar 4 2007) - Upgrade HTTP/0.9 responses to our HTTP version (HTTP/1.0) - various diskd bugfixes - In the access.log hierarchy field log the unique peer name instead of the host name - unlinkdClose() should be called after (not before) storeDirSync() - CLEAN_BUF_SZ was defined, but never used anywhere - logging HTTP-request size - Fix icmp pinger communication on FreeBSD and other not supporing large dgram AF_UNIX sockets - Release objects on swapin failure - Bug #1787: Objects stuck in cache if origin server clock in future - Bug #1420: 302 responses with an Expires header is always cached - Primitive support for HTTP/1.1 chunked encoding, working around broken servers - Clean up relations between TCP probing and DNS checks of peers with no known addresses. - Fix a minor HTML coding error in ftp directory listings with // in the path - Bug #1875, #1420. Cleanup of refresh logics when dealing with non-refreshable content - Negotiate authentication fixed again. Broken since STABLE7 by the patch for Bug #1792. - Bug #1892: COSS tries to shut down the same directory twice on exit - Bug #1908: store*DirRebuildFromSwapLog() ignores some SWAP_LOG_DEL entries - Added support for Subversion HTTP request methods MKACTIVITY, CHECKOUT and MERGE. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.188 2007/01/28 05:39:23 taca Exp $ d3 1 a3 1 DISTNAME= squid-2.6.STABLE10 @ 1.188 log @Update squid to 2.6.9 (2.6.STABLE9). I deleted DIST_SUBDIR for now. Changes to squid-2.6.STABLE9 (Jan 24 2007) - Bug #1878: If-Modified-Since broken in 2.6.STABLE8 - Bug #1877 diskd bug in storeDiskdIOCallback() Changes to squid-2.6.STABLE8 (Jan 21 2007) - Bug #1873: authenticateNTLMFixErrorHeader: state 4. - Document the https_port vhost option, useful in combination with a wildcard certificate - Document the existence of connection pinning / forwarding of NTLM auth and a few other features overlooked in the release notes. - Spelling correction of the ssl cache_peer option - Add back the optional "accel" http_port option. Makes accelerator mode configurations easier to read. - Bug #1872: Date parsing error causing objects to get unexpectedly cached. - Cleanup to have the access.log tags autogenerated from enums.h - Bug #1783: STALE: Entry's timestamp greater than check time. Clock going backwards? - Don't update object timestamps on a failed revalidation. - Fix how ftp://user@@host URLs is rendered when Squid is built with leak checking enabled @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.187 2007/01/14 04:12:12 taca Exp $ d3 1 a3 1 DISTNAME= squid-2.6.STABLE9 @ 1.187 log @Update squid package to 2.6.7 (2.6.STABLE7). o arp-acl is now supported on NetBSD contributed by Jaromir Dolecek . Changes to squid-2.6.STABLE7 (Jan 13 2007) - Windows port: Fix intermittent build error using Visual Studio - Add missing tproxy info from the dump of http port configuration - Bug #1853: Support for ARP ACL on NetBSD - clientNatLookup(): fix wrong function name in debug messages - Convert ncsa_auth man page from DOS to Unix text format. - Bug #1858: digest_ldap_auth had some remains of old hash format - Correct the select_loops counter when using select(). Was counted twice - Clarify the http_port vhost option a bit - Fix cache-control: max-stale without value or bad value - Bug #1857: Segmentation fault on certain types of ftp:// requests - Bug #1848: external_acl crashes with an infinite loop under high load - Bug #1792: max_user_ip not working with NTLM authentication - Bug #1865: deny_info redirection with authentication related acls - Small example on how to use the squid_session helper - Bug #1863: cache_peer monitorurl, monitorsize and monitorinterval not working properly - Clarify the transparent http_port option a bit more - Bug #1828: squid.conf docutemtation error for proxy_auth digest - Bug #1867: squid.pid isn't removed on shutdown @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.186 2006/12/12 14:46:56 taca Exp $ d3 1 a3 1 DISTNAME= squid-2.6.STABLE7 a4 1 #PKGREVISION= a15 1 DIST_SUBDIR= ${PKGNAME_NOREV} @ 1.186 log @Update squid package to 2.6.6 (squid-2.6.STABLE6). pkgsrc change: remove PATCHFILES which hasn't used recent days. Changes to squid-2.6.STABLE6 (Dec 12 2006) - Bug #1817: Assertion failure assert(buflen >= copy_sz) in htcp.c htcpBuildAuth() - Add client source port logformat tag >p - Cleanup of transparent & accelerator mode request parsing to untangle the firewall dependencies a bit - Bug #1799: Harmless 1 byte buffer overflow on long host names in /etc/hosts - automake no longer recommends mkinstalldirs. Removed. - Only use crypt() if it's available, allowing ncsa_auth to be built on platofms without crypt() support. - Windows port documentation updates - Bug #1818: Assertion failure assert(e->swap_dirn >= 0) in fs/coss/store_dir_coss.c storeCoss_DeleteStoreEntry - Bug #1117: assertion failed: aufs/store_dir_aufs.c:642: "rb->flags.need_to_validate" - Remove extra newline in redirect message sent by deny_info http://... aclname - Bug #1805: assertion failed: StatHist.c:195: "D[i] >= 0" - Clarify the external_acl_type helper format specification and some defaults - Add support for the weight= parameter to round-robin peers - Bug #1832: Error building squid-2.6.STABLE5 using --enable-truncate - Convert snmpDebugOid to use a temporary String object instead of strcat - Document that proxy_auth also accepts -i for case-insensitive operation - Remove malloc/free of temporary buffer in time parsing routines. - Reduce memory allocator pressure by not continually allocating client-side read buffers - Accept large dates >2^31 on 64-bit platformst. Seen for example in the Google logo. - Convert the connStateData->chr single link list to a normal dlink_list for clarity. - Bug #1584: Unable to register with multiple WCCP2 routers - Fix the WCCPv2 mask assignment code to not crash as the value assignments are built. - Bug #439: Multicast ICP peering is unstable and considers most peers dead - Bug #1801: NTLM authentication ends up in a loop if the server responds with a retriable error - Bug #1839: Cosmetic debug message cleanup in peerHandleHtcpReply. - Bug #1840: Disable digest and netdb queries to multicast peers - Bug #1641: assertion failed: stmem.c:149: "size > 0" while processing certain Vary objects - Fix build errors when using latest MinGW Windows environment @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.185 2006/12/04 21:50:53 jdolecek Exp $ d3 2 a4 2 DISTNAME= squid-2.6.STABLE6 PKGNAME= squid-2.6.6 @ 1.186.2.1 log @Pullup ticket 2005 - requested by taca security update for squid - pkgsrc/www/squid/Makefile 1.187-1.88 - pkgsrc/www/squid/distinfo 1.125-1.126 - pkgsrc/www/squid/patches/patch-bd removed Module Name: pkgsrc Committed By: taca Date: Sun Jan 14 04:12:12 UTC 2007 Modified Files: pkgsrc/www/squid: Makefile distinfo Removed Files: pkgsrc/www/squid/patches: patch-bd Log Message: Update squid package to 2.6.7 (2.6.STABLE7). o arp-acl is now supported on NetBSD contributed by Jaromir Dolecek . Changes to squid-2.6.STABLE7 (Jan 13 2007) - Windows port: Fix intermittent build error using Visual Studio - Add missing tproxy info from the dump of http port configuration - Bug #1853: Support for ARP ACL on NetBSD - clientNatLookup(): fix wrong function name in debug messages - Convert ncsa_auth man page from DOS to Unix text format. - Bug #1858: digest_ldap_auth had some remains of old hash format - Correct the select_loops counter when using select(). Was counted twice - Clarify the http_port vhost option a bit - Fix cache-control: max-stale without value or bad value - Bug #1857: Segmentation fault on certain types of ftp:// requests - Bug #1848: external_acl crashes with an infinite loop under high load - Bug #1792: max_user_ip not working with NTLM authentication - Bug #1865: deny_info redirection with authentication related acls - Small example on how to use the squid_session helper - Bug #1863: cache_peer monitorurl, monitorsize and monitorinterval not working properly - Clarify the transparent http_port option a bit more - Bug #1828: squid.conf docutemtation error for proxy_auth digest - Bug #1867: squid.pid isn't removed on shutdown --- Module Name: pkgsrc Committed By: taca Date: Sun Jan 28 05:39:24 UTC 2007 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: Update squid to 2.6.9 (2.6.STABLE9). I deleted DIST_SUBDIR for now. Changes to squid-2.6.STABLE9 (Jan 24 2007) - Bug #1878: If-Modified-Since broken in 2.6.STABLE8 - Bug #1877 diskd bug in storeDiskdIOCallback() Changes to squid-2.6.STABLE8 (Jan 21 2007) - Bug #1873: authenticateNTLMFixErrorHeader: state 4. - Document the https_port vhost option, useful in combination with a wildcard certificate - Document the existence of connection pinning / forwarding of NTLM auth and a few other features overlooked in the release notes. - Spelling correction of the ssl cache_peer option - Add back the optional "accel" http_port option. Makes accelerator mode configurations easier to read. - Bug #1872: Date parsing error causing objects to get unexpectedly cached. - Cleanup to have the access.log tags autogenerated from enums.h - Bug #1783: STALE: Entry's timestamp greater than check time. Clock going backwards? - Don't update object timestamps on a failed revalidation. - Fix how ftp://user@@host URLs is rendered when Squid is built with leak checking enabled @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.188 2007/01/28 05:39:23 taca Exp $ d3 3 a5 2 DISTNAME= squid-2.6.STABLE9 PKGNAME= ${DISTNAME:S/STABLE//} d17 1 @ 1.186.2.2 log @Pullup ticket 2057 - requested by taca security update for squid - pkgsrc/www/squid/MESSAGE.common 1.2 - pkgsrc/www/squid/Makefile 1.189-1.191 - pkgsrc/www/squid/distinfo 1.127-1.131 - pkgsrc/www/squid/options.mk 1.11-1.12 - pkgsrc/www/squid/patches/patch-ag 1.26 - pkgsrc/www/squid/patches/patch-at 1.1 - pkgsrc/www/squid/patches/patch-bc 1.3 Module Name: pkgsrc Committed By: joerg Date: Tue Feb 6 20:22:15 UTC 2007 Modified Files: pkgsrc/www/squid: distinfo options.mk Added Files: pkgsrc/www/squid/patches: patch-at Log Message: Allow transparent proxy support for PF on DragonFly. --- Module Name: pkgsrc Committed By: joerg Date: Tue Feb 6 22:06:32 UTC 2007 Modified Files: pkgsrc/www/squid: distinfo pkgsrc/www/squid/patches: patch-ag Log Message: don't complain if the location of the DragonFly header exists. --- Module Name: pkgsrc Committed By: taca Date: Sun Feb 25 07:34:45 UTC 2007 Modified Files: pkgsrc/www/squid: MESSAGE.common options.mk Log Message: Fix build problem with aufs option on DragonFly. Reported by PR pkg/35656 by Kimura Fuyuki and applied patch from it. --- Module Name: pkgsrc Committed By: taca Date: Sun Mar 4 11:32:59 UTC 2007 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: Update www/squid to squid-2.6.10 (squid-2.6.STABLE10). Changes to squid-2.6.STABLE10 (Mar 4 2007) - Upgrade HTTP/0.9 responses to our HTTP version (HTTP/1.0) - various diskd bugfixes - In the access.log hierarchy field log the unique peer name instead of the host name - unlinkdClose() should be called after (not before) storeDirSync() - CLEAN_BUF_SZ was defined, but never used anywhere - logging HTTP-request size - Fix icmp pinger communication on FreeBSD and other not supporing large dgram AF_UNIX sockets - Release objects on swapin failure - Bug #1787: Objects stuck in cache if origin server clock in future - Bug #1420: 302 responses with an Expires header is always cached - Primitive support for HTTP/1.1 chunked encoding, working around broken servers - Clean up relations between TCP probing and DNS checks of peers with no known addresses. - Fix a minor HTML coding error in ftp directory listings with // in the path - Bug #1875, #1420. Cleanup of refresh logics when dealing with non-refreshable content - Negotiate authentication fixed again. Broken since STABLE7 by the patch for Bug #1792. - Bug #1892: COSS tries to shut down the same directory twice on exit - Bug #1908: store*DirRebuildFromSwapLog() ignores some SWAP_LOG_DEL entries - Added support for Subversion HTTP request methods MKACTIVITY, CHECKOUT and MERGE. --- Module Name: pkgsrc Committed By: taca Date: Sat Mar 17 15:14:27 UTC 2007 Modified Files: pkgsrc/www/squid: Makefile distinfo pkgsrc/www/squid/patches: patch-bc Log Message: Update squid to 2.6.11 (squid-2.6.STABLE11). Changes to squid-2.6.STABLE11 (Mar 17 2007) - Bug #1915: assertion failed: client_side.c:4055: "buf != NULL || !conn->body.request" - Handle garbage helper responses better in concurrent protocol format - Fix kqueue when overflowing the changes queue - Make sure the child worker process commits suicide if it could not start up - Don't log short responses at debug level 1 - Fix bswap16 & bwsap32 error on NetBSD - Fix collapsed_forwarding for non-GET requests --- Module Name: pkgsrc Committed By: taca Date: Wed Mar 21 05:25:02 UTC 2007 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: Update squid package to 2.6.12. This fixes a DoS security problem. http://www.squid-cache.org/Advisories/SQUID-2007_1.txt Changes to squid-2.6.STABLE12 (Mar 20 2007) - Assertion error on TRACE @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.191 2007/03/21 05:25:01 taca Exp $ d3 1 a3 1 DISTNAME= squid-2.6.STABLE12 @ 1.185 log @add NetBSD support to ARP ACL code enable arp-acl option also for NetBSD and OpenBSD spell the configure option for ARP ACL properly @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.184 2006/11/09 15:16:21 taca Exp $ d3 3 a5 3 DISTNAME= squid-2.6.STABLE5 PKGNAME= squid-2.6.5 PKGREVISION= 1 a10 4 # #PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.6/bugs/ #PATCHFILES= #PATCH_DIST_STRIP= -p1 @ 1.184 log @pkgsrc chagnes * install pinger program setuid to make ICMP work; the problem noted by Heron Gallegos via private mail. Key changes squid-2.6.STABLE4 to 2.6.STABLE5 * Bug #1776: 2.6.STABLE4 aufs fails to compile if coss isn't enabled * COSS improvements and cleanups * Bug #1785: Memory leak in handling of negatively cached objects * Bug #1780: Incorrect Vary processing in combination with collapsed_forwarding * Bug #1779: Delay pools fairness when multiple connections compete for bandwidth * Bug #1796: Assertion error HttpHeader.c:914: "str" * All comm loops now use the generic event framework * a number of other minor and cosmetic bugfixes. See the list of squid-2.6.STABLE4 changes and the ChangeLog file for details. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.183 2006/09/26 03:40:20 taca Exp $ d5 1 a5 1 #PKGREVISION= 1 @ 1.183 log @Update squid package to 2.6.4 (2.6.STABLE4). Changes to squid-2.6.STABLE4 (Sep 22 2006) - Bug #1736: Missing Italian translation of ERR_TOO_BIG error page - Windows port enhancement: added native exception handler with signal emulation - Fix the %un log_format tag again. Got broken in 2.6.STABLE2 - Fix Squid crash when using %a in ERR_INVALID_REQ and ERR_INVALID_URL error messages. - Bug #212: variable %i always 0.0.0.0 in many error pages - Bug #1708: Ports in ACL accepts characters and out of range - Bug #1706: Squid time acl accepts invalid time range. - Fix another harmless fake_auth compiler warning on gcc 4.1.1 x86 - Fix an harmless snmp_core.c compiler warning on gcc 4.1.1 x86 - Bug #1744: squid-2.6.STABLE3 - fakeauth_auth crashing on certain requests - Bug #1746: Harmless off by one overrun in ncsa_auth md5 password validation - Bug #1598: start_announce cannot be disabled - Periodically flush cache.log to disk when "buffered_logs on" is set - Numerous COSS improvements and fixes - Windows port: merge of MinGW support - Windows port: Merged Windows threads support into aufs - Bug #1759: Windows port cachemgr.cgi attempts to write to file system root directory - Numerous portability fixes - Various minor statistics cleanup on 64-bit hosts with more than 4GB of memory - Bug #1758: HEAD on ftp:// URLs always returned 200 OK. - Bug #1760: FTP related memory leak - Bug #1770: WCCP2 weighted assignment - Bug #1768: Redundant DNS PTR lookups - Bug #1696: Add support for wccpv2 mask assignment - Bug #1774: ncsa_auth support for cramfs timestamps - Bug #1769: near-hit and filedescriptor usage missing in SNMP MIB - Bug #1725: cache_peer login=PASS documentation somewhat confusing - Bug #1590: Silence those ETag loop warnings - Bug #1740: Squid crashes on certain malformed HTTP responses - Bug #1699: assertion failed: authenticate.c:836: "auth_user_request != NULL" - Improve error reporting on unexpected CONNECT requests in accelerator mode - Cosmetic change to increase cache.log detail level on invalid requests - Bug #1229: http_port and other directives accept invalid ports - Reject http_port specifications using both transparent and accelerator options - Cosmetic cleanup to not dump stacktraces on configuration errors @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.182 2006/09/13 14:41:58 taca Exp $ d3 2 a4 2 DISTNAME= squid-2.6.STABLE4 PKGNAME= squid-2.6.4 @ 1.183.2.1 log @Pullup ticket 1910 - requested by taca bugfix update for squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.184 - pkgsrc/www/squid/distinfo 1.122 - pkgsrc/www/squid/options.mk 1.9 - pkgsrc/www/squid/patches/patch-ag 1.25 - pkgsrc/www/squid/patches/patch-an 1.12 - pkgsrc/www/squid/patches/patch-as 1.1 Module Name: pkgsrc Committed By: taca Date: Thu Nov 9 15:16:21 UTC 2006 Modified Files: pkgsrc/www/squid: Makefile distinfo options.mk pkgsrc/www/squid/patches: patch-ag patch-an Added Files: pkgsrc/www/squid/patches: patch-as Log Message: pkgsrc chagnes * install pinger program setuid to make ICMP work; the problem noted by Heron Gallegos via private mail. Key changes squid-2.6.STABLE4 to 2.6.STABLE5 * Bug #1776: 2.6.STABLE4 aufs fails to compile if coss isn't enabled * COSS improvements and cleanups * Bug #1785: Memory leak in handling of negatively cached objects * Bug #1780: Incorrect Vary processing in combination with collapsed_forwarding * Bug #1779: Delay pools fairness when multiple connections compete for bandwidth * Bug #1796: Assertion error HttpHeader.c:914: "str" * All comm loops now use the generic event framework * a number of other minor and cosmetic bugfixes. See the list of squid-2.6.STABLE4 changes and the ChangeLog file for details. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.184 2006/11/09 15:16:21 taca Exp $ d3 2 a4 2 DISTNAME= squid-2.6.STABLE5 PKGNAME= squid-2.6.5 @ 1.182 log @Update www/squid pacakge to 2.6.3 (squid 2.6.STABLE3). Too may changes to mention here. Please refer ${PREFIX}/share/doc/squid/RELEASENOTES.html. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.181 2006/07/09 12:23:22 taca Exp $ d3 2 a4 2 DISTNAME= squid-2.6.STABLE3 PKGNAME= squid-2.6.3 d74 1 a74 1 OPTIONAL_FILES+= libexec/diskd-daemon libexec/dnsserver @ 1.181 log @Apply recent patch: 2006-06-21 12:25 (Cosmetic) Parent not always logged to access.log Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.180 2006/06/21 12:10:35 taca Exp $ d3 3 a5 3 DISTNAME= squid-2.5.STABLE14 PKGNAME= squid-2.5.14 PKGREVISION= 3 d7 1 a7 1 MASTER_SITES= http://www.squid-cache.org/Versions/v2/2.5/ \ d11 4 a14 5 PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/ PATCHFILES= squid-2.5.STABLE14-httpReplyDestroy.patch \ squid-2.5.STABLE14-hierarchy_tag.patch PATCH_DIST_STRIP= -p1 d44 1 d52 2 a53 1 helpers/basic_auth/MSNT/msntauth.conf.default d61 1 a61 1 BUILD_DEFS+= SQUID_USER SQUID_GROUP d74 2 a75 1 OPTIONAL_FILES+= libexec/diskd libexec/dnsserver libexec/pinger libexec/unlinkd d80 2 a81 2 OPTIONAL_FILES+= libexec/pam_auth man/man8/pam_auth.8 libexec/smb_auth OPTIONAL_FILES+= libexec/yp_auth libexec/wb_auth d110 1 a110 2 cd ${WRKSRC} && \ ${INSTALL_DATA} ${f} ${EXAMPLESDIR}/`basename ${f} .default` @ 1.180 log @Modify startup script to honor squid_flags in /etc/rc.conf. Thanks to Joel CARNAT who reported the problem on tech-pkg. Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.179 2006/06/12 15:36:11 taca Exp $ d5 1 a5 1 PKGREVISION= 2 d13 2 a14 1 PATCHFILES= squid-2.5.STABLE14-httpReplyDestroy.patch @ 1.179 log @Update www/squid package to 2.5.14nb1. 2006-06-02 22:07 (Major) assertion failed: HttpReply.c:105: "rep" @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.178 2006/05/31 04:04:28 taca Exp $ d5 1 a5 1 PKGREVISION= 1 @ 1.178 log @Update www/squid package to 2.5.14. This release is almost the same as 2.5.13nb1 except: - documentation change; most of them are release name. - one debug level change. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.177 2006/05/18 05:17:35 taca Exp $ d5 1 a5 1 #PKGREVISION= d11 4 a14 4 # #PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/ #PATCHFILES= #PATCH_DIST_STRIP= -p1 @ 1.177 log @Add recnet squi's official patches. * 2006-05-13 13:16 (Minor) On some systems POSIX AIO functions are in libaio * 2006-05-14 15:41 (Medium) Memory leak in header processing related to external_acl or custom log formats * 2006-05-14 15:41 (Major) memory leak in ident processing * 2006-05-14 15:41 (Medium) Memleak in HTCP client code * 2006-05-14 15:41 (Minor) Mime icons are not displayed when viewing ftp sites when * 2006-05-14 15:41 (Cosmetic) SQUIDHOSTNAMELEN issues * 2006-05-14 15:41 (Cosmetic) Current release is STABLE13, not 12.. Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.176 2006/05/16 05:47:53 taca Exp $ d3 3 a5 3 DISTNAME= squid-2.5.STABLE13 PKGNAME= squid-2.5.13 PKGREVISION= 1 d11 4 a14 10 PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/ PATCHFILES= squid-2.5.STABLE13-libaio-2.patch \ squid-2.5.STABLE13-header_leak.patch \ squid-2.5.STABLE13-ident_leak.patch \ squid-2.5.STABLE13-htcp_leak.patch \ squid-2.5.STABLE13-icons.patch \ squid-2.5.STABLE13-hostnamelen.patch \ squid-2.5.STABLE13-stable13.patch PATCH_DIST_STRIP= -p1 @ 1.176 log @Correct default value (in comment) of cache_effective_user in squid.conf. Based on PR pkg/33458 from david l goodrich. I won't bump PKGREVISION since this is very trivial change and I'll commit another changes soon. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.175 2006/04/23 00:12:42 jlam Exp $ d5 1 d11 10 a20 4 # #PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/ #PATCHFILES= #PATCH_DIST_STRIP= -p1 @ 1.175 log @Modify packages that set PKG_USERS and PKG_GROUPS to follow the new syntax as specified in pkgsrc/mk/install/bsd.pkginstall.mk:1.47. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.174 2006/03/12 12:12:19 taca Exp $ d92 6 d99 3 a101 3 @@${INSTALL_DATA_DIR} ${PREFIX}/share/squid @@${INSTALL_DATA_DIR} ${PREFIX}/share/squid/errors @@${INSTALL_DATA_DIR} ${PREFIX}/share/squid/icons d104 1 a104 1 @@${INSTALL_DATA_DIR} ${EXAMPLESDIR} d109 1 a109 1 @@${CP} ${PKGDIR}/PLIST ${PLIST_SRC} d115 1 a115 1 @@( \ @ 1.174 log @Update squid package to 2.5.13 (2.5.STABLE13). Most of changes are already in our previous package. Here is changes from 2.5.12 (2.5.STABLE12): Changes to squid-2.5.STABLE12 (12 Mar 2006) - [Minor] Fails to compile on Solaris and some other platforms with undefined reference to setenv (Bug #1435) - [Cosmetic] Added WebDAV REPORT method to know HTTP methods list - [Minor] Squid ntlm_auth (not the Samba provided one) giving odd results if --enable-ntlm-fail-open is used (Bug #1022) - [Minor] wbinfo_group.pl doesn't work with Samba 3.0.21 and later (Bug #1472) - [Minor] Squid crash when asyncio function counters url accessed from Cachemgr CGI (Bug #1464) - [Cosmetic] Linix compile warning about prctl called with too few arguments (Bug #1483) - [Minor] Wrong timezone declaration for 64 bit Irix (Bug #1479) - [Minor] Some 206 responses logged incorrectly (Bug #1511) - [Minor] Issues in processing ranges on objects >2GB (Bug #437) - [Cosmetic] Segmentation fault on empty proxy_auth ACLs (Bug #1414) - [Minor] Ident access lists don't work in delay_access statements (Bug #1428) - [Minor] Some clients support NTLM even if not initially negotiating persistent connections (Bug #1447) - [Medium] 504 Gateway Time-out on FTP uploads (Bug #1459) - [Medium] delay pools given too much bandwidht after "-k reconfigure" (Bug #1481) - [Cosmetic] New persistent_connection_after_error configuration directive (Bug #1482) - [Cosmetic] Hangs at 100% CPU if /dev/null is not accessible (Bug #1484) - [Minor] Fails to compile on Fedora Core 5 test 2 x86_64 (Bug #1492) - [Cosmetic] Typo in ftp.c (Bug #1507) - [Cosmetic] Error in FTP listings of files with -> in their name (Bug #1508) - [Cosmetic] With Squid-2.5 there is no more the DUPLICATE IP logging in cache.log (Bug #779) - [Minor] Fails to process long host names (Bug #1434) - [Cosmetic] Azerbaijani errors translation (Bug #1454) - [Cosmetic] misleading error message message for bad/unresolveable cache_peer name (Bug #1504) - [Cosmetic] confusing statistics on stateful helpers (NTLM auth) (Bug #1506) - [Major] connstate memory leak (Bug #1522) @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.173 2006/03/11 13:15:59 taca Exp $ d39 4 a42 1 PKG_USERS= ${SQUID_USER}:${SQUID_GROUP}::Squid\ Web-Cache\ pseudo-user @ 1.173 log @Update squid package to 2.5.12nb7, applying some official patches. o 2006-03-10 23:17 (Major) connstate memory leag o 2006-03-10 23:17 (Cosmetic) confusing statistics on stateful helpers (NTLM auth) o 2006-03-10 23:17 (Cosmetic) misleading error message message for bad/unresolveable cache_peer name o 2006-03-10 23:17 (Cosmetic) Azerbaijani errors translation o 2006-03-10 23:17 (Minor) Fails to process long host names o 2006-03-10 23:17 (Cosmetic) With Squid-2.5 there is no more the DUPLICATE IP logging in cache.log @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.172 2006/03/11 10:41:03 taca Exp $ d3 2 a4 3 DISTNAME= squid-2.5.STABLE12 PKGNAME= squid-2.5.12 PKGREVISION= 7 d10 4 a13 28 PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/ PATCHFILES= squid-2.5.STABLE12-setenv.patch \ squid-2.5.STABLE12-REPORT.patch \ squid-2.5.STABLE12-SMB_BadFetch.patch \ squid-2.5.STABLE12-wbinfo_group.patch \ squid-2.5.STABLE12-asyncio_counters.patch \ squid-2.5.STABLE12-prctl_args.patch \ squid-2.5.STABLE12-irix_timezone.patch \ squid-2.5.STABLE12-log_206-4.patch \ squid-2.5.STABLE12-range2GB-2.patch \ squid-2.5.STABLE12-empty_proxy_auth_acl.patch \ squid-2.5.STABLE12-ident_acl.patch \ squid-2.5.STABLE12-ntlm_nonpersistent.patch \ squid-2.5.STABLE12-ftp_upload.patch \ squid-2.5.STABLE12-delay_pool_reconfigure.patch \ squid-2.5.STABLE12-persistent_connection_after_error.patch \ squid-2.5.STABLE12-devnull.patch \ squid-2.5.STABLE12-fc5.patch \ squid-2.5.STABLE12-ftpdates.patch \ squid-2.5.STABLE12-ftpsymlink.patch \ squid-2.5.STABLE12-max_user_ip_log-2.patch \ squid-2.5.STABLE12-longhostnames.patch \ squid-2.5.STABLE12-Azerbaijani.patch \ squid-2.5.STABLE12-peer_dns_error.patch \ squid-2.5.STABLE12-statefulhelpers_statistics.patch \ squid-2.5.STABLE12-connstate_leak.patch PATCH_DIST_STRIP= -p1 @ 1.172 log @Fix and style improvement for shell script part of post-install. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.171 2006/03/05 04:21:20 taca Exp $ d5 1 a5 1 PKGREVISION= 6 d31 7 a37 1 squid-2.5.STABLE12-ftpsymlink.patch d145 1 a145 1 ${SED} -e 's@@^@@share/squid/icons/@@'; \ @ 1.171 log @Backout partly previous fixes. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.170 2006/03/04 13:40:07 taca Exp $ d126 2 a127 2 for FILE in ${OPTIONAL_FILES}; do \ ${TEST} ! -r ${PREFIX}/${FILE} || ${ECHO} ${FILE}; \ d131 1 a131 1 ${TEST} -d ${i} && \ d138 2 a139 1 ${LS} anthony-*.gif | ${SED} -e 's@@^@@share/squid/icons/@@'; \ @ 1.170 log @Update www/squid package to squid-2.5.12nb6. - Reflect update of official patches and addition of missing one. Added o 2006-02-26 14:47 (Cosmetic) Added WebDAV REPORT method to know HTTP methods list Updated o 2006-03-04 03:30 (Minor) Issues in processing ranges on objects >2GB o 2006-03-04 03:39 (Minor) Some 206 responses logged incorrectly - A few fixes checking by pkglint. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.169 2006/02/26 15:03:53 taca Exp $ d123 1 a123 1 ${INSTALL_DATA} ${i} ${DOCDIR}; \ d132 1 a132 1 (${LS} ${i}/ERR_* | \ d134 1 a134 1 ${ECHO} "@@dirrm share/squid/errors/${i}"); \ @ 1.169 log @Update www/squid pacakge to 2.5.12nb5. * 2006-02-26 00:06 (Cosmetic) Error in FTP listings of files with -> in their name * 2006-02-26 00:06 (Cosmetic) Harmless typo in ftp.c * 2006-02-26 00:06 (Minor) Fails to compile on Fedora Core 5 test 2 x86_64 * 2006-02-26 00:06 (Cosmetic) Hangs at 100% CPU if /dev/null is not accessible * 2006-02-26 00:06 (Cosmetic) New persistent_connection_after_error configuration directive * 2006-02-26 00:06 (Medium) delay pools given too much bandwidht after "-k reconfigure" * 2006-02-26 00:06 (Medium) 504 Gateway Time-out on FTP uploads * 2006-02-26 00:06 (Minor) Some clients support NTLM even if not initially negotiating persiste * 2006-02-26 00:06 (Minor) Ident access lists don't work in delay_access statements * 2006-02-26 00:06 (Cosmetic) Segmentation fault on empty proxy_auth ACLs * 2006-02-26 00:06 (Minor) Issues in processing ranges on objects >2GB * 2006-02-26 14:36 (Minor) Some 206 responses logged incorrectly @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.168 2006/02/13 15:07:17 taca Exp $ d5 1 a5 1 PKGREVISION= 5 d14 1 d20 2 a21 2 squid-2.5.STABLE12-log_206.patch \ squid-2.5.STABLE12-range2GB.patch \ a46 3 # Configuration directory location which can be overwritten by the user. PKG_SYSCONFSUBDIR?= squid d70 2 d123 1 a123 1 ${INSTALL_DATA} $$i ${DOCDIR}; \ d127 1 a127 1 ${TEST} ! -r ${PREFIX}/$$FILE || ${ECHO} $$FILE; \ d131 2 a132 2 ${TEST} -d $$i && \ (${LS} $$i/ERR_* | \ d134 1 a134 1 ${ECHO} "@@dirrm share/squid/errors/$$i"); \ @ 1.168 log @Update squid package to 2.5.12nb4. o 2006-01-22 17:28 (Minor) Wrong timezone declaration for 64 bit Irix o 2006-01-15 01:23 (Cosmetic) prctl called with too few arguments o 2005-12-26 16:41 (Minor) Squid crash when asyncio function counters url accessed from Cachemgr CGI o 2005-12-24 11:02 (Minor) wbinfo_group.pl doesn't work with Samba 3.0.21 o 2005-12-11 10:52 (Minor) bad credentials fetch (no user) And replace "ls" in Makefile to ${LS}. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.167 2005/12/29 06:22:24 jlam Exp $ d5 1 a5 1 PKGREVISION= 4 d18 13 a30 1 squid-2.5.STABLE12-irix_timezone.patch @ 1.167 log @Remove USE_PKGINSTALL from pkgsrc now that mk/install/pkginstall.mk automatically detects whether we want the pkginstall machinery to be used by the package Makefile. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.166 2005/12/05 23:55:23 rillig Exp $ d5 1 a5 1 PKGREVISION= 3 d13 6 a18 1 PATCHFILES= squid-2.5.STABLE12-setenv.patch d126 1 a126 1 ls anthony-*.gif | ${SED} -e 's@@^@@share/squid/icons/@@'; \ @ 1.166 log @Ran "pkglint --autofix", which corrected some of the quoting issues in CONFIGURE_ARGS. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.165 2005/12/05 14:06:03 taca Exp $ a31 1 USE_PKGINSTALL= yes @ 1.165 log @- Add "carp" and "unlinkd" option which are enabled on default. "unlinkd" option is propsed from Dave Sainty by private mail. - Change "perl:run" to "perl" in USE_TOOLS since perl is used at build time. - Quiet pkglint; changing make macro in double quotation into :Q modifier. Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.164 2005/10/31 09:53:41 taca Exp $ d35 2 a36 2 CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR} \ --localstatedir=${DATADIR} @ 1.164 log @Use official patch instead of temporary one. 2005-10-26 20:31 (Minor) fails to compile with undefined reference to setenv Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.163 2005/10/25 14:05:22 taca Exp $ d5 1 a5 1 PKGREVISION= 2 d33 1 a33 1 USE_TOOLS+= perl:run d38 2 a39 2 MAKE_ENV+= INSTALL_SCRIPT="${INSTALL_SCRIPT}" MAKE_ENV+= PKG_PREFIX="${PREFIX}" VARBASE="${VARBASE}" @ 1.163 log @Add a patch to compile on SunOS from squid's bugzilla. Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.162 2005/10/23 22:32:32 taca Exp $ d5 1 a5 1 PKGREVISION= 1 d12 3 a14 3 #PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/ #PATCHFILES= #PATCH_DIST_STRIP= -p1 @ 1.162 log @Update squid package to 2.5.12 (squid-2.5.STABLE12). Changes to squid-2.5.STABLE12 (22 Oct 2005) - [Major] Error introduced in 2.5.STABLE11 causing truncated responses when using delay pools (Bug #1405) - [Cosmetic] Document that tcp_outgoing_* works badly in combination with server_persistent_connections (Bug #454) - [Cosmetic] Add additinal tracing to squid_ldap_auth making diagnostics easier on squid_ldap_auth configuration errors (Bug #1395) - [Minor] $HOME not set when started as root (Bug #1401) - [Minor] httpd_accel_single_host breaks in combination with server_persistent_connections (Bug #1402) - [Cosmetic] Setting CACHE_HTTP_PORT to configure was only partially implemented, effectively ignored. (Bug #1403) - [Minor] CNAME based DNS addresses could get cached for longer than intended (Bug #1404) - [Minor] Incorrect handling of squid-internal-dynamic/netdb exchanges in transparently intercepting proxies (Bug #1410). - [Minor] Cache revalidations on HEAD requests causing poor cache hit ratio (Bug #1411). - [Minor] Not possible to send 302 redirects via a redirector in response to CONNECT requests (bug #1412) - [Minor] Incorrect handling of Set-Cookie on cache refreshes (Bug #1419) - [Major] Segmentation fault crash in rfc1738_do_escape (Bug #1426) - [Minor] Delay pools class 3 fails on clients in network 255 (Bug #1431) @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.161 2005/10/09 14:47:55 taca Exp $ d5 1 @ 1.161 log @Update squid package to 2.5.11 (2.5.STABLE11 + official 6 patches). o pkgsrc changes: change DIST_SUBDIR to ${PKGNAME_NOREV} only (stop using time stamp) since squid's patches are provided with revision if updated. o official patches: * 2005-09-28 21:52 (Minor) CNAME adresses remembered with wrong TTL * 2005-09-28 21:16 (Cosmetic) Defining CACHE_HTTP_PORT does not set the default http_port * 2005-09-28 21:07 (Minor) httpd_accel_single_host breaks in combination with server_persistent_connections * 2005-09-28 21:07 (Cosmetic) More tracing in test mode of squid_ldap_auth * 2005-09-28 21:07 (Cosmetic) Document that tcp_outgoing_xxx works badly in combination with server_persistent_connections * 2005-09-27 22:29 (Major) Truncated responses when using delay pools o changes from 2.5.10; most of them are already included in squid 2.5.10nb5 package Changes to squid-2.5.STABLE11 (22 Sep 2005) - [Minor] Workaround for servers sending double content-length headers (Bug #1305) - [Cosmetic] Updated Spanish error messages by Nicolas Ruiz - [Cosmetic] Date header corrected on internal objects (icons etc) (Bug #1275) - [Minor] squid -k fails in combination with chroot after patch for bug 1157 (Bug #1307) - [Cosmetic] Segmentation fault if compiled with --enable-ipf-transparent but denied access to the NAT device. (Bug #1313) - [Minor] httpd_accel_signle_host incompatible with redireection (Bug #1314) - [Minor] squid -k reconfigure internal corruption if the type of a cache_dir is changed (Bug #1308) - [Minor] SNMP GETNEXT fails if the given OID is outside the Squid MIB (Bug #1317) - [Minor] Title in FTP listings somewhat messed up after previous patch for bug 1220 (Bug #1220) - [Minor] FTP listings uses "BASE HREF" much more than it needs to, confusing authentication. (Bug #1204) - [Minor] winfo_group.pl only looked for the first group if multiple groups were defined in the same acl. (Bug #1333) - [Cosmetic] Compiler warnings on some 64-bit platforms (Bug #1316) - [Cosmetic] Removed some debug output from wb_ntlm_atuh (Bug #518) - [Cosmetic] The new --with-build-environment=... option doesn't work - [Cosmetic] New 'mail_program' configuration option in squid.conf - [Minor] Fails to compile with ip-filter and ARP support on Solaris x86 (Bug #199) - [Major] Segmentation fault in sslConnectTimeout (Bug #1355) - [Medium] assertion failed in StatHist.c:93 (Bug #1325) - [Minor] More chroot_dir and squid -k reconfigure issues (Bug #1331) - [Cosmetic] Invalid URLs in error messages when failing to connect to peer, and a few other inconsistent error messages (Bug #1342) - [Cosmetic] Fails to compile with glibc -D_FORTIFY_SOURCE=2 (Bug #1344) - [Minor] Some odd FTP servers respond with 250 where 226 is expected (Bug #1348) - [Cosmetic] Greek translation of error messages (Bug #1351) - [Major] Assertion failed store_status == STORE_PENDING (Bug #1368) - [Minor] squid_ldap_auth -U does not work (Bug #1370) - [Minor] SNMP cacheClientTable fails on "long" IP addresses (Bug #1375) - [Minor] Solaris Sparc + IP-Filter compile error (Bug #1374) - [Minor] E-mail sent when cache dies is blocked from many antispam rules (Bug #1380) - [Minor] LDAP helpers does not work with TLS (-Z option) (Bug #1389) - [Cosmetic] Incorrect store dir selection debug message on objects larger than 2Gigabyte (Bug #1343) - [Cosmetic] header_id enum misused as an signed integer (Bug #1343) - [Cosmetic] Allow leaving core dumps when started as root (Bug #1335) - [Medium] Clients could bypass delay_pool settings by faking a cache hit request (Bug #500) - [Minor] IP-Filter 4.X support (Bug #1378) - [Medium] Odd results on pipelined CONNECT requests - [Major] Squid crashing with "FATAL: Incorrect scheme in auth header" when using NTLM authentication. - [Cosmetic] Odd results when pipeline_prefetch is combined with NTLM authentication (bug #1396) - [Minor] invalid host was processed as IP 255.255.255.255 in dst acl (Bug #1394) - [Cosmetic] New --with-maxfd=N configure option to override build time filedescriptor limit test - [Minor] Added support for Windows code name "Longhorn" on Cygwin. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.160 2005/09/21 15:06:07 taca Exp $ d3 2 a4 2 DISTNAME= squid-2.5.STABLE11 PKGNAME= squid-2.5.11 d11 3 a13 8 PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/ PATCHFILES= squid-2.5.STABLE11-delaypools_truncated.patch \ squid-2.5.STABLE11-tcp_outgoing_xxx.patch \ squid-2.5.STABLE11-ldap_auth.patch \ squid-2.5.STABLE11.accel_single_host_pconn.patch \ squid-2.5.STABLE11-CACHE_HTTP_PORT.patch \ squid-2.5.STABLE11-CNAME.patch PATCH_DIST_STRIP= -p1 @ 1.160 log @Update squid package to squid-2.5.10nb5. Three new official patches are added. o 2005-09-19 15:50 (Cosmetic) --with-maxfd=N configure option to override max filedescriptors test o 2005-09-16 21:58 (Minor) invalid host is processed as IP 255.255.255.255 in dst acl o 2005-09-16 21:49 (Cosmetic) Odd results when pipeline_prefetch is combined with NTLM authentication One official patch was updated. o 2005-09-20 12:29 (Major) FATAL: Incorrect scheme in auth header @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.159 2005/09/16 14:19:00 taca Exp $ d3 2 a4 3 DISTNAME= squid-2.5.STABLE10 PKGNAME= squid-2.5.10 PKGREVISION= 5 d12 7 a18 40 PATCHFILES= squid-2.5.STABLE10-content_length.patch \ squid-2.5.STABLE10-spanish.patch \ squid-2.5.STABLE10-internal_date.patch \ squid-2.5.STABLE10-chroot-2.patch \ squid-2.5.STABLE10-transparent-2.patch \ squid-2.5.STABLE10-redirect_flags.patch \ squid-2.5.STABLE10-cache_dir_change.patch \ squid-2.5.STABLE10-snmp_getnext.patch \ squid-2.5.STABLE10-ftp_title-2.patch \ squid-2.5.STABLE10-ftp_basehref.patch \ squid-2.5.STABLE10-wbinfo_groups.patch \ squid-2.5.STABLE10-64bit_cleanup.patch \ squid-2.5.STABLE10-wb_ntlm_auth_silent.patch \ squid-2.5.STABLE10-buildenv.patch \ squid-2.5.STABLE10-mail_program.patch \ squid-2.5.STABLE10-arp_ipfilter-2.patch \ squid-2.5.STABLE10-sslConnectTimeout.patch \ squid-2.5.STABLE10-statHistAssert.patch \ squid-2.5.STABLE10-chroot_dir.patch \ squid-2.5.STABLE10-errmsg.patch \ squid-2.5.STABLE10-FORTIFY_SOURCE.patch \ squid-2.5.STABLE10-ftp_250.patch \ squid-2.5.STABLE10-Greek.patch \ squid-2.5.STABLE10-STORE_PENDING.patch \ squid-2.5.STABLE10-ldap_auth-U.patch \ squid-2.5.STABLE10-cacheClientTable.patch \ squid-2.5.STABLE10-Solaris_IPFilter-2.patch \ squid-2.5.STABLE10-mail_from.patch \ squid-2.5.STABLE10-LDAP_TLS.patch \ squid-2.5.STABLE10-storedir_objsize_debug.patch \ squid-2.5.STABLE10-header_id_enum.patch \ squid-2.5.STABLE10-allow_coredump.patch \ squid-2.5.STABLE10-delay_pools.patch \ squid-2.5.STABLE10-NetBSD_IPFilter-4.patch \ squid-2.5.STABLE10-pipeline-CONNECT.patch \ squid-2.5.STABLE10-NTLM-scheme_assert-3.patch \ squid-2.5.STABLE10-ntlm-pipeline_prefetch.patch \ squid-2.5.STABLE10-dst_unknown.patch \ squid-2.5.STABLE10-maxfd.patch PATCH_DIST_STRIP= -p1 d25 1 a25 1 DIST_SUBDIR= ${PKGNAME_NOREV}-${DIST_STAMP} a30 4 # Update this time stamp pattern if any of official distfiles has changed. # DIST_STAMP= 2005060500 @ 1.160.2.1 log @Pullup ticket 850 - requested by Takahiro Kambe sync www/squid with HEAD, including security fixes Revisions pulled up: - pkgsrc/www/squid/Makefile 1.161, 1.162 - pkgsrc/www/squid/distinfo 1.105, 1.106 - pkgsrc/www/squid/patches/patch-ag 1.22, 1.23 Module Name: pkgsrc Committed By: taca Date: Sun Oct 9 14:47:56 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo pkgsrc/www/squid/patches: patch-ag Log Message: Update squid package to 2.5.11 (2.5.STABLE11 + official 6 patches). o pkgsrc changes: change DIST_SUBDIR to ${PKGNAME_NOREV} only (stop using time stamp) since squid's patches are provided with revision if updated. o official patches: * 2005-09-28 21:52 (Minor) CNAME adresses remembered with wrong TTL * 2005-09-28 21:16 (Cosmetic) Defining CACHE_HTTP_PORT does not set the default http_port * 2005-09-28 21:07 (Minor) httpd_accel_single_host breaks in combination with server_persistent_connections * 2005-09-28 21:07 (Cosmetic) More tracing in test mode of squid_ldap_auth * 2005-09-28 21:07 (Cosmetic) Document that tcp_outgoing_xxx works badly in combination with server_persistent_connections * 2005-09-27 22:29 (Major) Truncated responses when using delay pools o changes from 2.5.10; most of them are already included in squid 2.5.10nb5 package Changes to squid-2.5.STABLE11 (22 Sep 2005) - [Minor] Workaround for servers sending double content-length headers (Bug #1305) - [Cosmetic] Updated Spanish error messages by Nicolas Ruiz - [Cosmetic] Date header corrected on internal objects (icons etc) (Bug #1275) - [Minor] squid -k fails in combination with chroot after patch for bug 1157 (Bug #1307) - [Cosmetic] Segmentation fault if compiled with --enable-ipf-transparent but denied access to the NAT device. (Bug #1313) - [Minor] httpd_accel_signle_host incompatible with redireection (Bug #1314) - [Minor] squid -k reconfigure internal corruption if the type of a cache_dir is changed (Bug #1308) - [Minor] SNMP GETNEXT fails if the given OID is outside the Squid MIB (Bug #1317) - [Minor] Title in FTP listings somewhat messed up after previous patch for bug 1220 (Bug #1220) - [Minor] FTP listings uses "BASE HREF" much more than it needs to, confusing authentication. (Bug #1204) - [Minor] winfo_group.pl only looked for the first group if multiple groups were defined in the same acl. (Bug #1333) - [Cosmetic] Compiler warnings on some 64-bit platforms (Bug #1316) - [Cosmetic] Removed some debug output from wb_ntlm_atuh (Bug #518) - [Cosmetic] The new --with-build-environment=... option doesn't work - [Cosmetic] New 'mail_program' configuration option in squid.conf - [Minor] Fails to compile with ip-filter and ARP support on Solaris x86 (Bug #199) - [Major] Segmentation fault in sslConnectTimeout (Bug #1355) - [Medium] assertion failed in StatHist.c:93 (Bug #1325) - [Minor] More chroot_dir and squid -k reconfigure issues (Bug #1331) - [Cosmetic] Invalid URLs in error messages when failing to connect to peer, and a few other inconsistent error messages (Bug #1342) - [Cosmetic] Fails to compile with glibc -D_FORTIFY_SOURCE=2 (Bug #1344) - [Minor] Some odd FTP servers respond with 250 where 226 is expected (Bug #1348) - [Cosmetic] Greek translation of error messages (Bug #1351) - [Major] Assertion failed store_status == STORE_PENDING (Bug #1368) - [Minor] squid_ldap_auth -U does not work (Bug #1370) - [Minor] SNMP cacheClientTable fails on "long" IP addresses (Bug #1375) - [Minor] Solaris Sparc + IP-Filter compile error (Bug #1374) - [Minor] E-mail sent when cache dies is blocked from many antispam rules (Bug #1380) - [Minor] LDAP helpers does not work with TLS (-Z option) (Bug #1389) - [Cosmetic] Incorrect store dir selection debug message on objects larger than 2Gigabyte (Bug #1343) - [Cosmetic] header_id enum misused as an signed integer (Bug #1343) - [Cosmetic] Allow leaving core dumps when started as root (Bug #1335) - [Medium] Clients could bypass delay_pool settings by faking a cache hit request (Bug #500) - [Minor] IP-Filter 4.X support (Bug #1378) - [Medium] Odd results on pipelined CONNECT requests - [Major] Squid crashing with "FATAL: Incorrect scheme in auth header" when using NTLM authentication. - [Cosmetic] Odd results when pipeline_prefetch is combined with NTLM authentication (bug #1396) - [Minor] invalid host was processed as IP 255.255.255.255 in dst acl (Bug #1394) - [Cosmetic] New --with-maxfd=N configure option to override build time filedescriptor limit test - [Minor] Added support for Windows code name "Longhorn" on Cygwin. --- Module Name: pkgsrc Committed By: taca Date: Sun Oct 23 22:32:32 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo pkgsrc/www/squid/patches: patch-ag Log Message: Update squid package to 2.5.12 (squid-2.5.STABLE12). Changes to squid-2.5.STABLE12 (22 Oct 2005) - [Major] Error introduced in 2.5.STABLE11 causing truncated responses when using delay pools (Bug #1405) - [Cosmetic] Document that tcp_outgoing_* works badly in combination with server_persistent_connections (Bug #454) - [Cosmetic] Add additinal tracing to squid_ldap_auth making diagnostics easier on squid_ldap_auth configuration errors (Bug #1395) - [Minor] $HOME not set when started as root (Bug #1401) - [Minor] httpd_accel_single_host breaks in combination with server_persistent_connections (Bug #1402) - [Cosmetic] Setting CACHE_HTTP_PORT to configure was only partially implemented, effectively ignored. (Bug #1403) - [Minor] CNAME based DNS addresses could get cached for longer than intended (Bug #1404) - [Minor] Incorrect handling of squid-internal-dynamic/netdb exchanges in transparently intercepting proxies (Bug #1410). - [Minor] Cache revalidations on HEAD requests causing poor cache hit ratio (Bug #1411). - [Minor] Not possible to send 302 redirects via a redirector in response to CONNECT requests (bug #1412) - [Minor] Incorrect handling of Set-Cookie on cache refreshes (Bug #1419) - [Major] Segmentation fault crash in rfc1738_do_escape (Bug #1426) - [Minor] Delay pools class 3 fails on clients in network 255 (Bug #1431) @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.162 2005/10/23 22:32:32 taca Exp $ d3 3 a5 2 DISTNAME= squid-2.5.STABLE12 PKGNAME= squid-2.5.12 d12 41 a52 3 #PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/ #PATCHFILES= #PATCH_DIST_STRIP= -p1 d59 1 a59 1 DIST_SUBDIR= ${PKGNAME_NOREV} d65 4 @ 1.160.2.2 log @Pullup ticket 852 - requested by Takahiro Kambe portability fix for squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.163 - pkgsrc/www/squid/distinfo 1.107 - pkgsrc/www/squid/patches/patch-bd 1.1 Module Name: pkgsrc Committed By: taca Date: Tue Oct 25 14:05:22 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Added Files: pkgsrc/www/squid/patches: patch-bd Log Message: Add a patch to compile on SunOS from squid's bugzilla. Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.163 2005/10/25 14:05:22 taca Exp $ a4 1 PKGREVISION= 1 @ 1.160.2.3 log @Pullup ticket 874 - requested by Takahiro Kambe portability fix for squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.164 - pkgsrc/www/squid/distinfo 1.108 - pkgsrc/www/squid/patches/patch-bd removed Module Name: pkgsrc Committed By: taca Date: Mon Oct 31 09:53:41 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Removed Files: pkgsrc/www/squid/patches: patch-bd Log Message: Use official patch instead of temporary one. 2005-10-26 20:31 (Minor) fails to compile with undefined reference to setenv Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.164 2005/10/31 09:53:41 taca Exp $ d5 1 a5 1 PKGREVISION= 2 d12 3 a14 3 PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/ PATCHFILES= squid-2.5.STABLE12-setenv.patch PATCH_DIST_STRIP= -p1 @ 1.159 log @The latest official patch updated to make NTLM authentication work again. Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.158 2005/09/15 15:40:47 taca Exp $ d5 1 a5 1 PKGREVISION= 4 d48 4 a51 1 squid-2.5.STABLE10-NTLM-scheme_assert-2.patch @ 1.158 log @Update squid package to 2.5.10nb3. - pkgsrc update: o s/SQUID_BACKEND/SQUID_BACKENDS/ as suggested by pkglint. o Fix leaving ${PREFIX}/etc/squid/msntauth.conf.default out of PLIST. o IP Filter related patches are incorporated to squid. - Add/update official patches: o 2005-09-15 11:15 (Major) FATAL: Incorrect scheme in auth header o 2005-09-15 09:56 (Medium) Odd results on pipelined CONNECT requests o 2005-09-13 23:59 (Minor) Transparent proxy problem with IP Filter o 2005-09-11 01:53 (Medium) Clients bypassing delay pools by faking a cache hit o 2005-09-11 01:42 (Cosmetic) Allow leaving core dumps on Linux o 2005-09-11 01:21 (Cosmetic) enums can not be assumed to be signed ints o 2005-09-11 01:21 (Cosmetic) Incorrect store dir selection debug message on objects >2G o 2005-09-11 00:57 (Minor) LDAP helpers does not work with TLS (-Z option) @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.157 2005/09/04 05:07:05 taca Exp $ d5 1 a5 1 PKGREVISION= 3 d48 1 a48 1 squid-2.5.STABLE10-NTLM-scheme_assert.patch @ 1.157 log @Update squid package to 2.5.10nb2. - pkgsrc changes: check IP filter's header file as well as . - Apply recent official patches including a security fix for DoS noted by http://secunia.com/advisories/16674/ * 2005-09-03 09:41 (Minor) E-mail sent when cache dies is blocked from many antispam rules * 2005-09-03 09:41 (Minor) Solaris 10 SPARC transparent proxy build problem with ipfilter * 2005-09-01 22:57 (Minor) snmo cacheClientTable fails on "long" IP addresses * 2005-09-01 22:49 (Minor) squid_ldap_auth -U does not work * 2005-09-01 22:44 (Major) assertion failed: store.c:523: "e->store_status == STORE_PENDING" * 2005-09-01 22:39 (Cosmetic) Greek translation of error messages * 2005-09-01 22:31 (Minor) Some odd FTP servers respond with 250 where 226 is expected * 2005-09-01 22:26 (Cosmetic) Fails to compile with glibc -D_FORTIFY_SOURCE=2 * 2005-09-01 22:18 (Cosmetic) Odd URLs when failing to forward request via parent and several error messages inconsistent in reported request details * 2005-09-01 22:09 (Minor) More chroot_dir and squid -k reconfigure issues * 2005-09-01 21:56 (Medium) assertion failed: StatHist.c:93: ((int) floor (0.99L + statHistVal(H, 0) - min)) == 0 * 2005-09-01 20:27 (Major) Segmentation fault in sslConnectTimeout * 2005-08-19 09:31 (Minor) sync redeclarations when support for ARP acls * 2005-08-14 17:05 (Cosmetic) New 'mail_program' configuration option in squid.conf @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.156 2005/08/23 11:48:51 rillig Exp $ d5 1 a5 1 PKGREVISION= 2 d39 10 a48 2 squid-2.5.STABLE10-Solaris_IPFilter.patch \ squid-2.5.STABLE10-mail_from.patch d105 1 a105 1 --enable-storeio=${SQUID_BACKEND:Q} @ 1.156 log @The real user name in PKG_USERS does not need to be escaped with double backslashes anymore. A single backslash is enough. Changed the definition in all affected packages. For those that are not caught, an additional check is placed into bsd.pkginstall.mk. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.155 2005/08/09 15:48:29 taca Exp $ d5 1 a5 1 PKGREVISION= 1 d26 15 a40 1 squid-2.5.STABLE10-buildenv.patch @ 1.155 log @- Add missing optional installed files. - Slightly simplify installation of example configurations. - Add official patches. * 2005-07-11 00:46 (Cosmetic) The new --with-build-environment=... option doesn't work * 2005-07-09 08:58 (Cosmetic) Allow wb_ntlm_auth to run more silent * 2005-07-03 08:24 (Cosmetic) "make all" gives many warnings * 2005-06-29 20:36 (Minor) wbinfo_group.pl only looks into the first group specified * 2005-06-21 22:28 (Minor) FTP listings uses "BASE HREF" much more than it needs to, * 2005-06-22 10:46 (Cosmetic) Title in FTP listings somewhat messed up * 2005-06-19 21:03 (Minor) SNMP GETNEXT fails if the given OID is outside the Squid MIB * 2005-06-19 09:39 (Minor) squid -k reconfigure internal corruption if the type of a cache_dir is changed * 2005-06-13 22:55 (Minor) httpd_accel_signle_host incompatible with redireection * 2005-06-30 08:49 (Minor) Core dump with --enable-ipf-transparent if access to NAT device not granted * 2005-06-27 21:24 (Minor) squid -k fails in combination with chroot after patch for bug 1157 * 2005-06-09 08:01 (Minor) Squid internal icons served up with slightly incorrect HTTP headers * 2005-06-06 21:38 (Cosmetic) Updated Spanish error messages Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.154 2005/07/15 20:14:03 jlam Exp $ d61 1 a61 1 PKG_USERS= ${SQUID_USER}:${SQUID_GROUP}::Squid\\ Web-Cache\\ pseudo-user @ 1.154 log @Drop support for TOOLS_DEPMETHOD.. The new way to specify a run-time dependency (DEPENDS) on a tool is to append a ":run" modifier to the tool name, e.g., USE_TOOLS+= perl:run Tools without modifiers or with an explicit ":build" modifier will cause build dependencies (BUILD_DEPENDS) on those tools to be added. This makes the notation a bit more compact. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.153 2005/06/07 14:19:10 taca Exp $ d5 1 d13 14 a26 1 PATCHFILES= squid-2.5.STABLE10-content_length.patch d64 1 d68 2 d102 1 a109 1 @@${INSTALL_DATA_DIR} ${EXAMPLESDIR} d115 5 @ 1.153 log @- Fix build problem with IP Filter prior to 4.0; NetBSD 1.6.2. - Avoid use of ":ts" modifier of make(1) since NetBSD 1.6.2's make(1) dosen't support it. It might be fix "diskd" PKG_OPTION problem, too. - Remove extra "--enable-async-io" configure option. No PKGREVISION change. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.152 2005/06/05 14:20:25 taca Exp $ d36 1 a36 2 USE_TOOLS+= perl TOOLS_DEPMETHOD.perl?= DEPENDS @ 1.153.2.1 log @Pullup ticket 738 - requested by Takahiro Kambe security fix for squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.155, 1.157 - pkgsrc/www/squid/PLIST 1.19 - pkgsrc/www/squid/distinfo 1.100, 1.101 - pkgsrc/www/squid/patches/patch-aa 1.17 - pkgsrc/www/squid/patches/patch-ag 1.20 - pkgsrc/www/squid/patches/patch-an 1.8 - pkgsrc/www/squid/patches/patch-ap 1.1 - pkgsrc/www/squid/patches/patch-bb 1.7 - pkgsrc/www/squid/patches/patch-cd 1.10, 1.11 Module Name: pkgsrc Committed By: taca Date: Tue Aug 9 15:48:30 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile PLIST distinfo pkgsrc/www/squid/patches: patch-aa patch-cd Added Files: pkgsrc/www/squid/patches: patch-ap Log Message: - Add missing optional installed files. - Slightly simplify installation of example configurations. - Add official patches. * 2005-07-11 00:46 (Cosmetic) The new --with-build-environment=... option doesn't work * 2005-07-09 08:58 (Cosmetic) Allow wb_ntlm_auth to run more silent * 2005-07-03 08:24 (Cosmetic) "make all" gives many warnings * 2005-06-29 20:36 (Minor) wbinfo_group.pl only looks into the first group specified * 2005-06-21 22:28 (Minor) FTP listings uses "BASE HREF" much more than it needs to, * 2005-06-22 10:46 (Cosmetic) Title in FTP listings somewhat messed up * 2005-06-19 21:03 (Minor) SNMP GETNEXT fails if the given OID is outside the Squid MIB * 2005-06-19 09:39 (Minor) squid -k reconfigure internal corruption if the type of a cache_dir is changed * 2005-06-13 22:55 (Minor) httpd_accel_signle_host incompatible with redireection * 2005-06-30 08:49 (Minor) Core dump with --enable-ipf-transparent if access to NAT device not granted * 2005-06-27 21:24 (Minor) squid -k fails in combination with chroot after patch for bug 1157 * 2005-06-09 08:01 (Minor) Squid internal icons served up with slightly CVSincorrect HTTP headers * 2005-06-06 21:38 (Cosmetic) Updated Spanish error messages Bump PKGREVISION. --- Module Name: pkgsrc Committed By: taca Date: Sun Sep 4 05:07:05 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo pkgsrc/www/squid/patches: patch-ag patch-an patch-bb patch-cd Log Message: Update squid package to 2.5.10nb2. - pkgsrc changes: check IP filter's header file as well as . - Apply recent official patches including a security fix for DoS noted by http://secunia.com/advisories/16674/ * 2005-09-03 09:41 (Minor) E-mail sent when cache dies is blocked from many antispam rules * 2005-09-03 09:41 (Minor) Solaris 10 SPARC transparent proxy build problem with ipfilter * 2005-09-01 22:57 (Minor) snmo cacheClientTable fails on "long" IP addresses * 2005-09-01 22:49 (Minor) squid_ldap_auth -U does not work * 2005-09-01 22:44 (Major) assertion failed: store.c:523: "e->store_status == STORE_PENDING" * 2005-09-01 22:39 (Cosmetic) Greek translation of error messages * 2005-09-01 22:31 (Minor) Some odd FTP servers respond with 250 where 226 is expected * 2005-09-01 22:26 (Cosmetic) Fails to compile with glibc -D_FORTIFY_SOURCE=2 * 2005-09-01 22:18 (Cosmetic) Odd URLs when failing to forward request via parent and several error messages inconsistent in reported request details * 2005-09-01 22:09 (Minor) More chroot_dir and squid -k reconfigure issues * 2005-09-01 21:56 (Medium) assertion failed: StatHist.c:93: ((int) floor (0.99L + statHistVal(H, 0) - min)) == 0 * 2005-09-01 20:27 (Major) Segmentation fault in sslConnectTimeout * 2005-08-19 09:31 (Minor) sync redeclarations when support for ARP acls * 2005-08-14 17:05 (Cosmetic) New 'mail_program' configuration option in squid.conf @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.157 2005/09/04 05:07:05 taca Exp $ a4 1 PKGREVISION= 2 d12 1 a12 28 PATCHFILES= squid-2.5.STABLE10-content_length.patch \ squid-2.5.STABLE10-spanish.patch \ squid-2.5.STABLE10-internal_date.patch \ squid-2.5.STABLE10-chroot-2.patch \ squid-2.5.STABLE10-transparent-2.patch \ squid-2.5.STABLE10-redirect_flags.patch \ squid-2.5.STABLE10-cache_dir_change.patch \ squid-2.5.STABLE10-snmp_getnext.patch \ squid-2.5.STABLE10-ftp_title-2.patch \ squid-2.5.STABLE10-ftp_basehref.patch \ squid-2.5.STABLE10-wbinfo_groups.patch \ squid-2.5.STABLE10-64bit_cleanup.patch \ squid-2.5.STABLE10-wb_ntlm_auth_silent.patch \ squid-2.5.STABLE10-buildenv.patch \ squid-2.5.STABLE10-mail_program.patch \ squid-2.5.STABLE10-arp_ipfilter-2.patch \ squid-2.5.STABLE10-sslConnectTimeout.patch \ squid-2.5.STABLE10-statHistAssert.patch \ squid-2.5.STABLE10-chroot_dir.patch \ squid-2.5.STABLE10-errmsg.patch \ squid-2.5.STABLE10-FORTIFY_SOURCE.patch \ squid-2.5.STABLE10-ftp_250.patch \ squid-2.5.STABLE10-Greek.patch \ squid-2.5.STABLE10-STORE_PENDING.patch \ squid-2.5.STABLE10-ldap_auth-U.patch \ squid-2.5.STABLE10-cacheClientTable.patch \ squid-2.5.STABLE10-Solaris_IPFilter.patch \ squid-2.5.STABLE10-mail_from.patch a50 1 CONF_FILES+= ${EXAMPLESDIR}/msntauth.conf ${PKG_SYSCONFDIR}/msntauth.conf a53 2 EXAMPLES_FILES= src/mime.conf.default src/squid.conf.default \ helpers/basic_auth/MSNT/msntauth.conf.default a85 1 OPTIONAL_FILES+= libexec/fakeauth_auth libexec/ntlm_auth d93 1 a98 5 @@${INSTALL_DATA_DIR} ${EXAMPLESDIR} .for f in ${EXAMPLES_FILES} cd ${WRKSRC} && \ ${INSTALL_DATA} ${f} ${EXAMPLESDIR}/`basename ${f} .default` .endfor @ 1.153.2.2 log @Pullup ticket 756 - requested by Takahiro Kambe bugfix update for squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.158 - pkgsrc/www/squid/distinfo 1.102 - pkgsrc/www/squid/options.mk 1.4 - pkgsrc/www/squid/patches/patch-ag 1.21 - pkgsrc/www/squid/patches/patch-an 1.9 - pkgsrc/www/squid/patches/patch-ap 1.2 - pkgsrc/www/squid/patches/patch-bb 1.8 - pkgsrc/www/squid/patches/patch-cd removed Module Name: pkgsrc Committed By: taca Date: Thu Sep 15 15:40:47 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo options.mk pkgsrc/www/squid/patches: patch-ag patch-an patch-ap patch-bb Removed Files: pkgsrc/www/squid/patches: patch-cd Log Message: Update squid package to 2.5.10nb3. - pkgsrc update: o s/SQUID_BACKEND/SQUID_BACKENDS/ as suggested by pkglint. o Fix leaving ${PREFIX}/etc/squid/msntauth.conf.default out of PLIST. o IP Filter related patches are incorporated to squid. - Add/update official patches: o 2005-09-15 11:15 (Major) FATAL: Incorrect scheme in auth header o 2005-09-15 09:56 (Medium) Odd results on pipelined CONNECT requests o 2005-09-13 23:59 (Minor) Transparent proxy problem with IP Filter o 2005-09-11 01:53 (Medium) Clients bypassing delay pools by faking a cache hit o 2005-09-11 01:42 (Cosmetic) Allow leaving core dumps on Linux o 2005-09-11 01:21 (Cosmetic) enums can not be assumed to be signed ints o 2005-09-11 01:21 (Cosmetic) Incorrect store dir selection debug message on objects >2G o 2005-09-11 00:57 (Minor) LDAP helpers does not work with TLS (-Z option) @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.158 2005/09/15 15:40:47 taca Exp $ d5 1 a5 1 PKGREVISION= 3 d39 2 a40 10 squid-2.5.STABLE10-Solaris_IPFilter-2.patch \ squid-2.5.STABLE10-mail_from.patch \ squid-2.5.STABLE10-LDAP_TLS.patch \ squid-2.5.STABLE10-storedir_objsize_debug.patch \ squid-2.5.STABLE10-header_id_enum.patch \ squid-2.5.STABLE10-allow_coredump.patch \ squid-2.5.STABLE10-delay_pools.patch \ squid-2.5.STABLE10-NetBSD_IPFilter-4.patch \ squid-2.5.STABLE10-pipeline-CONNECT.patch \ squid-2.5.STABLE10-NTLM-scheme_assert.patch d98 1 a98 1 --enable-storeio=${SQUID_BACKENDS:Q} @ 1.153.2.3 log @Pullup ticket 759 - requested by Takahiro Kambe patchfile fix for squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.159 - pkgsrc/www/squid/distinfo 1.103 Module Name: pkgsrc Committed By: taca Date: Fri Sep 16 14:19:00 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: The latest official patch updated to make NTLM authentication work again. Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.159 2005/09/16 14:19:00 taca Exp $ d5 1 a5 1 PKGREVISION= 4 d48 1 a48 1 squid-2.5.STABLE10-NTLM-scheme_assert-2.patch @ 1.153.2.4 log @Pullup ticket 772 - requested by Takahiro Kambe bugfix update for squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.160 - pkgsrc/www/squid/distinfo 1.104 Module Name: pkgsrc Committed By: taca Date: Wed Sep 21 15:06:07 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: Update squid package to squid-2.5.10nb5. Three new official patches are added. o 2005-09-19 15:50 (Cosmetic) --with-maxfd=N configure option to override max filedescriptors test o 2005-09-16 21:58 (Minor) invalid host is processed as IP 255.255.255.255 in dst acl o 2005-09-16 21:49 (Cosmetic) Odd results when pipeline_prefetch is combined with NTLM authentication One official patch was updated. o 2005-09-20 12:29 (Major) FATAL: Incorrect scheme in auth header @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.160 2005/09/21 15:06:07 taca Exp $ d5 1 a5 1 PKGREVISION= 5 d48 1 a48 4 squid-2.5.STABLE10-NTLM-scheme_assert-3.patch \ squid-2.5.STABLE10-ntlm-pipeline_prefetch.patch \ squid-2.5.STABLE10-dst_unknown.patch \ squid-2.5.STABLE10-maxfd.patch @ 1.152 log @Update squid package to 2.5.10 * squid 2.5.STABLE10 + official + one official patch. - 2005-05-25 23:01 (Cosmetic) Double content-length often harmless Other fixes are already done by official patches for squid 2.5.STABLE9. * Add missing cachemgr.cgi.8 to PLIST. * Introduce options.mk which may need to be brushed more. * Drop support for diskd on Darwin since diskd needs System V msg function which dosen't supported on Darwin. * Real fix for transparent proxy with IP Filter, fix PR pkg/30085. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.151 2005/05/22 05:35:33 jlam Exp $ a65 1 --enable-async-io=5 \ d67 1 a67 1 --enable-storeio=${SQUID_BACKEND} @ 1.151 log @For packages that use GNU configure, don't bother adding "TOOL" variables into CONFIGURE_ENV if the new tools framework already takes care of adding them automatically. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.150 2005/05/12 16:09:48 taca Exp $ d3 2 a4 3 DISTNAME= squid-2.5.STABLE9 PKGNAME= squid-2.5.9 PKGREVISION= 11 d12 1 a12 43 PATCHFILES= squid-2.5.STABLE9-setcookie.patch \ squid-2.5.STABLE9-ftp_EPLF.patch \ squid-2.5.STABLE9-ftp_base_href.patch \ squid-2.5.STABLE9-acl_error.patch \ squid-2.5.STABLE9-date.patch \ squid-2.5.STABLE9-reload_into_ims.patch \ squid-2.5.STABLE9-delay_access_doc.patch \ squid-2.5.STABLE9-config_overflow.patch \ squid-2.5.STABLE9-bzero.patch \ squid-2.5.STABLE9-pid_t.patch \ squid-2.5.STABLE9-ctype.patch \ squid-2.5.STABLE9-defer_digest_fetch.patch \ squid-2.5.STABLE9-dup_content_length.patch \ squid-2.5.STABLE9-excess_data.patch \ squid-2.5.STABLE9-aufs.patch \ squid-2.5.STABLE9-long_basic_auth.patch \ squid-2.5.STABLE9-CONNECT_truncated.patch \ squid-2.5.STABLE9-LDAP_SUN_SDK.patch \ squid-2.5.STABLE9-disable_hostname_checks.patch \ squid-2.5.STABLE9-aufs_shutdown.patch \ squid-2.5.STABLE9-2GB.patch \ squid-2.5.STABLE9-rename_cleanup.patch \ squid-2.5.STABLE9-cachemgr_objects.patch \ squid-2.5.STABLE9-extaclauth.patch \ squid-2.5.STABLE9-syslog.patch \ squid-2.5.STABLE9-errpage_user.patch \ squid-2.5.STABLE9-debug_newlines.patch \ squid-2.5.STABLE9-squid_k_nohostname.patch \ squid-2.5.STABLE9-config_CRLF.patch \ squid-2.5.STABLE9-forwardcc.patch \ squid-2.5.STABLE9-authinfo.patch \ squid-2.5.STABLE9-chroot_pidfile.patch \ squid-2.5.STABLE9-cachemgr_conf.patch \ squid-2.5.STABLE9-aufs_improvement.patch \ squid-2.5.STABLE9_2GB-hot_cache.patch \ squid-2.5.STABLE9-diskd.patch \ squid-2.5.STABLE9-snmp.patch \ squid-2.5.STABLE9-arpacl.patch \ squid-2.5.STABLE9-dstdomain_ip.patch \ squid-2.5.STABLE9-dns_query-5.patch \ squid-2.5.STABLE9-2GB_assert.patch \ squid-2.5.STABLE9-always_direct_documentation.patch # squid-2.5.STABLE9-transparent_port.patch d28 1 a28 1 DIST_STAMP= 2005042600 a34 3 .include "../../mk/bsd.prefs.mk" USE_PERL5= build d36 2 d40 1 a40 2 --localstatedir=${DATADIR} \ ${SQUID_CONFIGURE_ARGS} a41 1 BUILD_DEFS+= SQUID_CONFIGURE_ARGS a46 4 SQUID_USER?= squid SQUID_GROUP?= squid BUILD_DEFS+= SQUID_USER SQUID_GROUP d55 5 a59 3 .if ${OPSYS} == "FreeBSD" || ${OPSYS} == "Linux" || ${OPSYS} == "SunOS" CONFIGURE_ARGS+= --enable-arp-acl .endif d61 1 a61 2 # Configuration options which can be overwritten by the user. SQUID_CONFIGURE_ARGS?= --enable-auth=basic,digest,ntlm \ a64 2 --enable-icmp \ --enable-ipf-transparent \ d66 1 a66 3 --enable-snmp \ --enable-ssl \ --with-openssl=${SSLBASE} \ d68 1 a68 5 --enable-storeio=ufs,diskd,null \ --enable-basic-auth-helpers=getpwnam,winbind,SMB \ --enable-digest-auth-helpers=password \ --enable-external-acl-helpers=unix_group,ip_user,winbind_group \ --enable-ntlm-auth-helpers=winbind d70 3 d74 13 a86 3 OPTIONAL_FILES+= libexec/digest_pw_auth libexec/getpwname_auth OPTIONAL_FILES+= libexec/ip_user_check libexec/smb_auth libexec/smb_auth.sh OPTIONAL_FILES+= libexec/squid_unix_group libexec/wb_auth libexec/wb_group d88 4 d125 1 a125 2 .include "../../lang/perl5/buildlink3.mk" .include "../../security/openssl/buildlink3.mk" @ 1.150 log @Update squid package to 2.5.9nb11. Apply 9 official fixes including security improvement in DNS lookup. I still disable transparent_port.patch because it needs a missing header file of IP Filter. NetBSD current and 3.0_BETA already fixed this problem but still netbsd-2/2-0 branches. I will apply it after netbsd-2/2-0 branches fix this problem. (And this fix needs to update squid package to 2.5.STABLE10 which is RC3 now.) * 2005-05-10 23:11 (Cosmetic) Extended documentation of the always_direct directive * 2005-05-10 22:33 (Medium) assertion failed: store_client.c:343: "storeSwapOutObjectBytesOnDisk(mem) > sc->copy_offset" * 2005-05-11 19:19 (Security issue) DNS lookups unreliable on untrusted networks * 2005-05-09 01:51 (Minor) Allow dstdomain and dstdom_regex to match IP based hosts * 2005-05-08 14:01 (Cosmetic) Minor arp ACL improvements * 2005-05-04 18:09 (Minor) SNMP Agent updates to support SNMP Version 2 and bulk requests * 2005-05-01 10:58 (Cosmetic) Cosmetic change to DISKD statistics * 2005-04-30 12:58 (Medium) Poor hot object cache hit ratio and sporadic assertion failed: store_swapin.c: e->mem_status == NOT_IN_MEMORY * 2005-04-25 16:36 (Cosmetic) Minor aufs improvements @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.149 2005/05/01 23:17:49 taca Exp $ a85 1 #CONFIGURE_ENV+= PERL=${PERL5} @ 1.149 log @Disable squid-2.5.STABLE9-transparent_port.patch since it is broken with IP Filter 4.1 and later. (It has no problem on IP Filter 3.x, but it is difficult apply it conditionally with IP Filter's version.) This apparently fix PR pkg/30085. But note, Squid's transparent proxy with IP Filter dosen't work. It is worked without IP Filter's NAT process. So, web acceess through squid may fail for HTTP 1.0 client which dosen't send Host header. Bump PKGREVISION (squid-2.5.9nb10). @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.148 2005/04/26 16:19:43 taca Exp $ d5 1 a5 1 PKGREVISION= 10 d45 10 a54 1 squid-2.5.STABLE9-cachemgr_conf.patch @ 1.148 log @squid package maintainous. - Fix bad PID directory of squid binary introduced by previous pkgsrc. - Update DIST_SUBDIR through DIST_STAMP since some of patch files are updated. - Fix error in doc/Makefile with nbmake. - Newer patch (aufs improvement) aren't included now. Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.147 2005/04/25 15:39:13 taca Exp $ d5 1 a5 1 PKGREVISION= 9 a39 1 squid-2.5.STABLE9-transparent_port.patch \ d46 1 @ 1.147 log @Add new four official patches. o 2005-04-23 01:38 (Minor Security) Fix for CVE-1999-0710: cachemgr malicouse use o 2005-04-22 20:48 (Cosmetic) PID file check fails when chrooting o 2005-04-24 16:35 (Minor) Make the use of the %m error page to return auth info messages o 2005-04-22 20:21 (Minor) Unrecognized cache-control directives are silently dropped pkgsrc change. - remove aufs from store I/O backend until it controlled by options.mk frame work. - remove patch-cd; it is covered by squid-2.5.STABLE9-transparent_port.patch. Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.146 2005/04/21 15:49:53 taca Exp $ d5 1 a5 1 PKGREVISION= 8 d62 1 a62 1 DIST_STAMP= 2005042100 d81 1 a81 1 MAKE_ENV+= PKG_PREFIX="${PREFIX}" @ 1.146 log @Update squid package to squid-2.5.9nb7. o 2005-04-21 10:31 (Cosmetic) Correctly read DOS/Windows formatted config files with CRLF as line terminator o 2005-04-20 21:55 (Minor) Unable to run "squid -k" when hostname cannot be determined o 2005-04-20 21:55 (Minor) fix transparent proxying when squid listens on NATed non-80 port o 2005-04-21 10:46 (Cosmetic) Missing newlines in debug statements o 2005-04-20 21:36 (Cosmetic) Error template substitution for authenitcated user name Because of update of squid-2.5.STABLE9-2GB.patch, DIST_SUBDIR updated again. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.145 2005/04/20 00:55:41 taca Exp $ d5 1 a5 1 PKGREVISION= 7 d42 5 a46 1 squid-2.5.STABLE9-config_CRLF.patch d113 1 a113 1 --enable-storeio=aufs,ufs,diskd,null \ @ 1.145 log @Two of offcial patches are updated. - squid-2.5.STABLE9-LDAP_SUN_SDK.patch - squid-2.5.STABLE9-2GB.patch Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.144 2005/04/19 15:14:31 taca Exp $ d5 1 a5 1 PKGREVISION= 6 d37 6 a42 1 squid-2.5.STABLE9-syslog.patch d58 1 a58 1 DIST_STAMP= 2005042000 @ 1.144 log @Update squid package to 2.5.9nb5. * Add one more offcial patch: - 2005-04-05 23:05 (Cosmetic) should syslog to daemon facility not local4 * One patch updated, so update DIST_SUBDIR through DIST_STAMP change. * Add aufs to --enable-storeio configuration. TODO: use frame work and allow to use --enable-pf-transparent which is mutual exclusive parameter with --enable-ipf-transparent. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.143 2005/04/11 21:48:02 tv Exp $ d5 1 a5 1 PKGREVISION= 5 d53 1 a53 1 DIST_STAMP= 2005041900 @ 1.143 log @Remove USE_BUILDLINK3 and NO_BUILDLINK; these are no longer used. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.142 2005/04/04 14:16:08 tron Exp $ d5 1 a5 1 PKGREVISION= 4 d36 2 a37 1 squid-2.5.STABLE9-extaclauth.patch d53 1 a53 1 DIST_STAMP= 2005040401 d104 1 a104 1 --enable-storeio=ufs,diskd,null \ @ 1.142 log @"squid-2.5.STABLE9-2GB.patch" was updated again. Update checksum, use different sub directory and bump package revision. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.141 2005/04/04 01:12:37 taca Exp $ a60 1 USE_BUILDLINK3= yes @ 1.141 log @One of official patch has been updated. * 2005-04-04 00:19 (Medium) Fails to process requests for files larger than 2GB in size Since the name of the patch file is the same as before, DIST_SUBDIR has been udpated via DIST_STAMP. Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.140 2005/03/31 16:44:25 taca Exp $ d5 1 a5 1 PKGREVISION= 3 d52 1 a52 1 DIST_STAMP= 2005040400 @ 1.140 log @Update squid packate to 2.5.9nb2. Add these official patches: * 2005-03-30 22:51 (Cosmetic) external acls requiring authentication does not request new credentials on access denials like proxy_auth does. * 2005-03-29 09:52 (Cosmetic) New cachemgr pending_objects and client_objects actions * 2005-03-26 23:53 (Minor) rename() related cleanup * 2005-03-30 22:51 (Medium) Fails to process requests for files larger than 2GB in size * 2005-03-19 23:57 (Cosmetic) aufs warning about open event filedescriptors on shutdown * 2005-03-19 01:35 (Minor) --disable-hostname-checks not working * 2005-03-19 01:11 (Cosmetic) LDAP helpers fails to compile with SUN LDAP SDK * 2005-03-21 20:44 (Minor) CONNECT requests truncated if client side disconnects first assertion failed: comm.c:430: "ntohs(address->sin_port) != 0" * 2005-03-19 00:25 (Minor) Basic authentication fails with very long logins or password * 2005-03-29 08:45 (Minor) Several minor aufs issues * 2005-03-09 15:46 (Cosmetic) Extend relaxed_header_parser to work around "excess data from" errors from many major web servers. * 2005-03-09 15:46 (Cosmetic) Duplicate content-length headers logged as conflicting with relaxed_header_parser off * 2005-03-09 15:46 (Cosmetic) Defer digest fetch if the peer is not allowed to be used * 2005-03-10 23:38 (Minor) Incorrect use of ctype functions * 2005-03-15 04:27 (Minor) compile warnings due to pid_t not being an int * 2005-03-09 15:46 (Minor) bzero is a non-standard function not available on all platforms * 2005-03-09 15:46 (Cosmetic) Check several squid.conf directives for int overflows * 2005-03-09 15:46 (Cosmetic) Clarify delay_access function * 2005-03-09 15:46 (Minor) reload_into_ims fails to revalidate negatively cached entries * 2005-03-09 15:46 (Minor) Handle odd date formats @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.139 2005/03/06 13:30:48 taca Exp $ d5 1 a5 1 PKGREVISION= 2 d52 1 a52 1 DIST_STAMP= 2005022800 @ 1.139 log @Update squid to 2.5.9nb1. * 2005-03-04 22:48 (Cosmetic Security) Unexpected access control results on configuration errors * 2005-03-04 11:55 (Minor) Links in FTP listings without / fails due to missing BASE HREF * 2005-03-04 11:55 (Minor) Fails to parse the EPLF FTP directory format * 2005-03-03 02:26 (Minor Security) Race condition related to Set-Cookie header @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.138 2005/03/01 11:16:57 taca Exp $ d5 1 a5 1 PKGREVISION= 1 d16 21 a36 1 squid-2.5.STABLE9-acl_error.patch @ 1.139.2.1 log @Pullup ticket 409 - requested by Takahiro Kambe bugfix update for squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.140 - pkgsrc/www/squid/distinfo 1.87 - pkgsrc/www/squid/patches/patch-cc 1.3 Module Name: pkgsrc Committed By: taca Date: Thu Mar 31 16:44:25 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo pkgsrc/www/squid/patches: patch-cc Log Message: Update squid packate to 2.5.9nb2. Add these official patches: * 2005-03-30 22:51 (Cosmetic) external acls requiring authentication does not request new credentials on access denials like proxy_auth does. * 2005-03-29 09:52 (Cosmetic) New cachemgr pending_objects and client_objects actions * 2005-03-26 23:53 (Minor) rename() related cleanup * 2005-03-30 22:51 (Medium) Fails to process requests for files larger than 2GB in size * 2005-03-19 23:57 (Cosmetic) aufs warning about open event filedescriptors on shutdown * 2005-03-19 01:35 (Minor) --disable-hostname-checks not working * 2005-03-19 01:11 (Cosmetic) LDAP helpers fails to compile with SUN LDAP SDK * 2005-03-21 20:44 (Minor) CONNECT requests truncated if client side disconnects first assertion failed: comm.c:430: "ntohs(address->sin_port) != 0" * 2005-03-19 00:25 (Minor) Basic authentication fails with very long logins or password * 2005-03-29 08:45 (Minor) Several minor aufs issues * 2005-03-09 15:46 (Cosmetic) Extend relaxed_header_parser to work around "excess data from" errors from many major web servers. * 2005-03-09 15:46 (Cosmetic) Duplicate content-length headers logged as conflicting with relaxed_header_parser off * 2005-03-09 15:46 (Cosmetic) Defer digest fetch if the peer is not allowed to be used * 2005-03-10 23:38 (Minor) Incorrect use of ctype functions * 2005-03-15 04:27 (Minor) compile warnings due to pid_t not being an int * 2005-03-09 15:46 (Minor) bzero is a non-standard function not available on all platforms * 2005-03-09 15:46 (Cosmetic) Check several squid.conf directives for int overflows * 2005-03-09 15:46 (Cosmetic) Clarify delay_access function * 2005-03-09 15:46 (Minor) reload_into_ims fails to revalidate negatively cached entries * 2005-03-09 15:46 (Minor) Handle odd date formats @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.140 2005/03/31 16:44:25 taca Exp $ d5 1 a5 1 PKGREVISION= 2 d16 1 a16 21 squid-2.5.STABLE9-acl_error.patch \ squid-2.5.STABLE9-date.patch \ squid-2.5.STABLE9-reload_into_ims.patch \ squid-2.5.STABLE9-delay_access_doc.patch \ squid-2.5.STABLE9-config_overflow.patch \ squid-2.5.STABLE9-bzero.patch \ squid-2.5.STABLE9-pid_t.patch \ squid-2.5.STABLE9-ctype.patch \ squid-2.5.STABLE9-defer_digest_fetch.patch \ squid-2.5.STABLE9-dup_content_length.patch \ squid-2.5.STABLE9-excess_data.patch \ squid-2.5.STABLE9-aufs.patch \ squid-2.5.STABLE9-long_basic_auth.patch \ squid-2.5.STABLE9-CONNECT_truncated.patch \ squid-2.5.STABLE9-LDAP_SUN_SDK.patch \ squid-2.5.STABLE9-disable_hostname_checks.patch \ squid-2.5.STABLE9-aufs_shutdown.patch \ squid-2.5.STABLE9-2GB.patch \ squid-2.5.STABLE9-rename_cleanup.patch \ squid-2.5.STABLE9-cachemgr_objects.patch \ squid-2.5.STABLE9-extaclauth.patch @ 1.139.2.2 log @Pullup ticket 419 - requested by Takahiro Kambe distfile update for squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.141 - pkgsrc/www/squid/distinfo 1.88-1.89 Module Name: pkgsrc Committed By: taca Date: Mon Apr 4 01:12:37 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: One of official patch has been updated. * 2005-04-04 00:19 (Medium) Fails to process requests for files larger than 2GB in size Since the name of the patch file is the same as before, DIST_SUBDIR has been udpated via DIST_STAMP. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: taca Date: Mon Apr 4 01:35:22 UTC 2005 Modified Files: pkgsrc/www/squid: distinfo Log Message: Oops, I forgot the update of DIST_STAMP just before. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.141 2005/04/04 01:12:37 taca Exp $ d5 1 a5 1 PKGREVISION= 3 d52 1 a52 1 DIST_STAMP= 2005040400 @ 1.139.2.3 log @Pullup ticket 425 - requested by Takahiro Kambe distfile update for squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.142 - pkgsrc/www/squid/distinfo 1.90 Module Name: pkgsrc Committed By: tron Date: Mon Apr 4 14:16:09 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: "squid-2.5.STABLE9-2GB.patch" was updated again. Update checksum, use different sub directory and bump package revision. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.142 2005/04/04 14:16:08 tron Exp $ d5 1 a5 1 PKGREVISION= 4 d52 1 a52 1 DIST_STAMP= 2005040401 @ 1.139.2.4 log @Pullup ticket 452 - requested by Takahiro Kambe distfile update for squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.144 - pkgsrc/www/squid/distinfo 1.91 Module Name: pkgsrc Committed By: taca Date: Tue Apr 19 15:14:32 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: Update squid package to 2.5.9nb5. * Add one more offcial patch: - 2005-04-05 23:05 (Cosmetic) should syslog to daemon facility not local4 * One patch updated, so update DIST_SUBDIR through DIST_STAMP change. * Add aufs to --enable-storeio configuration. TODO: use frame work and allow to use --enable-pf-transparent which is mutual exclusive parameter with --enable-ipf-transparent. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.144 2005/04/19 15:14:31 taca Exp $ d5 1 a5 1 PKGREVISION= 5 d36 1 a36 2 squid-2.5.STABLE9-extaclauth.patch \ squid-2.5.STABLE9-syslog.patch d52 1 a52 1 DIST_STAMP= 2005041900 d104 1 a104 1 --enable-storeio=aufs,ufs,diskd,null \ @ 1.139.2.5 log @Pullup ticket 455 - requested by Takahiro Kambe distfile update for squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.145 - pkgsrc/www/squid/distinfo 1.92 Module Name: pkgsrc Committed By: taca Date: Wed Apr 20 00:55:41 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: Two of offcial patches are updated. - squid-2.5.STABLE9-LDAP_SUN_SDK.patch - squid-2.5.STABLE9-2GB.patch Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.145 2005/04/20 00:55:41 taca Exp $ d5 1 a5 1 PKGREVISION= 6 d53 1 a53 1 DIST_STAMP= 2005042000 @ 1.139.2.6 log @Pullup ticket 461 - requested by Takahiro Kambe distfile update for squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.146 - pkgsrc/www/squid/distinfo 1.93 Module Name: pkgsrc Committed By: taca Date: Thu Apr 21 15:49:53 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: Update squid package to squid-2.5.9nb7. o 2005-04-21 10:31 (Cosmetic) Correctly read DOS/Windows formatted config files with CRLF as line terminator o 2005-04-20 21:55 (Minor) Unable to run "squid -k" when hostname cannot be determined o 2005-04-20 21:55 (Minor) fix transparent proxying when squid listens on NATed non-80 port o 2005-04-21 10:46 (Cosmetic) Missing newlines in debug statements o 2005-04-20 21:36 (Cosmetic) Error template substitution for authenitcated user name Because of update of squid-2.5.STABLE9-2GB.patch, DIST_SUBDIR updated again. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.146 2005/04/21 15:49:53 taca Exp $ d5 1 a5 1 PKGREVISION= 7 d37 1 a37 6 squid-2.5.STABLE9-syslog.patch \ squid-2.5.STABLE9-errpage_user.patch \ squid-2.5.STABLE9-debug_newlines.patch \ squid-2.5.STABLE9-transparent_port.patch \ squid-2.5.STABLE9-squid_k_nohostname.patch \ squid-2.5.STABLE9-config_CRLF.patch d53 1 a53 1 DIST_STAMP= 2005042100 @ 1.139.2.7 log @Pullup ticket 468 - requested by Takahiro Kambe security and build fixes for squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.147-1.148 - pkgsrc/www/squid/distinfo 1.94-1.95 - pkgsrc/www/squid/files/squid.sh 1.18 - pkgsrc/www/squid/patches/patch-aa 1.16 - pkgsrc/www/squid/patches/patch-ao 1.1 - pkgsrc/www/squid/patches/patch-cd removed Module Name: pkgsrc Committed By: taca Date: Mon Apr 25 15:39:14 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo pkgsrc/www/squid/files: squid.sh pkgsrc/www/squid/patches: patch-aa Removed Files: pkgsrc/www/squid/patches: patch-cd Log Message: Add new four official patches. o 2005-04-23 01:38 (Minor Security) Fix for CVE-1999-0710: cachemgr malicouse use o 2005-04-22 20:48 (Cosmetic) PID file check fails when chrooting o 2005-04-24 16:35 (Minor) Make the use of the %m error page to return auth info messages o 2005-04-22 20:21 (Minor) Unrecognized cache-control directives are silently dropped pkgsrc change. - remove aufs from store I/O backend until it controlled by options.mk frame work. - remove patch-cd; it is covered by squid-2.5.STABLE9-transparent_port.patch. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: taca Date: Tue Apr 26 16:19:43 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Added Files: pkgsrc/www/squid/patches: patch-ao Log Message: squid package maintainous. - Fix bad PID directory of squid binary introduced by previous pkgsrc. - Update DIST_SUBDIR through DIST_STAMP since some of patch files are updated. - Fix error in doc/Makefile with nbmake. - Newer patch (aufs improvement) aren't included now. Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.148 2005/04/26 16:19:43 taca Exp $ d5 1 a5 1 PKGREVISION= 9 d42 1 a42 5 squid-2.5.STABLE9-config_CRLF.patch \ squid-2.5.STABLE9-forwardcc.patch \ squid-2.5.STABLE9-authinfo.patch \ squid-2.5.STABLE9-chroot_pidfile.patch \ squid-2.5.STABLE9-cachemgr_conf.patch d58 1 a58 1 DIST_STAMP= 2005042600 d78 1 a78 1 MAKE_ENV+= PKG_PREFIX="${PREFIX}" VARBASE="${VARBASE}" d110 1 a110 1 --enable-storeio=ufs,diskd,null \ @ 1.139.2.8 log @Pullup ticket 477 - requested by Takahiro Kambe disable transparent proxy in squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.149 - pkgsrc/www/squid/distinfo 1.96 - pkgsrc/www/squid/patches/patch-cd 1.7 Module Name: pkgsrc Committed By: taca Date: Sun May 1 23:17:49 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Added Files: pkgsrc/www/squid/patches: patch-cd Log Message: Disable squid-2.5.STABLE9-transparent_port.patch since it is broken with IP Filter 4.1 and later. (It has no problem on IP Filter 3.x, but it is difficult apply it conditionally with IP Filter's version.) This apparently fix PR pkg/30085. But note, Squid's transparent proxy with IP Filter dosen't work. It is worked without IP Filter's NAT process. So, web acceess through squid may fail for HTTP 1.0 client which dosen't send Host header. Bump PKGREVISION (squid-2.5.9nb10). @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.149 2005/05/01 23:17:49 taca Exp $ d5 1 a5 1 PKGREVISION= 10 d40 1 a46 1 # squid-2.5.STABLE9-transparent_port.patch @ 1.139.2.9 log @Pullup ticket 498 - requested by Takahiro Kambe security fix for squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.150 - pkgsrc/www/squid/distinfo 1.97 Module Name: pkgsrc Committed By: taca Date: Thu May 12 16:09:48 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: Update squid package to 2.5.9nb11. Apply 9 official fixes including security improvement in DNS lookup. I still disable transparent_port.patch because it needs a missing header file of IP Filter. NetBSD current and 3.0_BETA already fixed this problem but still netbsd-2/2-0 branches. I will apply it after netbsd-2/2-0 branches fix this problem. (And this fix needs to update squid package to 2.5.STABLE10 which is RC3 now.) * 2005-05-10 23:11 (Cosmetic) Extended documentation of the always_direct directive * 2005-05-10 22:33 (Medium) assertion failed: store_client.c:343: "storeSwapOutObjectBytesOnDisk(mem) > sc->copy_offset" * 2005-05-11 19:19 (Security issue) DNS lookups unreliable on untrusted networks * 2005-05-09 01:51 (Minor) Allow dstdomain and dstdom_regex to match IP based hosts * 2005-05-08 14:01 (Cosmetic) Minor arp ACL improvements * 2005-05-04 18:09 (Minor) SNMP Agent updates to support SNMP Version 2 and bulk requests * 2005-05-01 10:58 (Cosmetic) Cosmetic change to DISKD statistics * 2005-04-30 12:58 (Medium) Poor hot object cache hit ratio and sporadic assertion failed: store_swapin.c: e->mem_status == NOT_IN_MEMORY * 2005-04-25 16:36 (Cosmetic) Minor aufs improvements @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.150 2005/05/12 16:09:48 taca Exp $ d5 1 a5 1 PKGREVISION= 11 d45 1 a45 10 squid-2.5.STABLE9-cachemgr_conf.patch \ squid-2.5.STABLE9-aufs_improvement.patch \ squid-2.5.STABLE9_2GB-hot_cache.patch \ squid-2.5.STABLE9-diskd.patch \ squid-2.5.STABLE9-snmp.patch \ squid-2.5.STABLE9-arpacl.patch \ squid-2.5.STABLE9-dstdomain_ip.patch \ squid-2.5.STABLE9-dns_query-5.patch \ squid-2.5.STABLE9-2GB_assert.patch \ squid-2.5.STABLE9-always_direct_documentation.patch @ 1.138 log @Update squid package to 2.5.9 (2.5.STABLE9). There is no runtime change from 2.5.8nb3. - Fix for a wrong configure warning on Solaris 9 x86 when enabling ARP ACl support: The effective host type is i386-pc-solaris2.9. - Documentation update for squid 2.5.STALBE9. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.137 2005/02/28 16:59:08 taca Exp $ d5 1 a5 1 PKGREVISION= d11 7 a17 4 # #PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/ #PATCHFILES= #PATCH_DIST_STRIP= -p1 @ 1.137 log @Update squid to 2.5.8nb3, adding recent five official patches. * 2005-02-23 00:11 (Medium) Should not automatically retry request on 403 and other server errors * 2005-02-21 17:02 (Minor) fqdn lookups with spaces may confuse redirectors * 2005-02-21 03:38 (Cosmetic) Display FTP URLs in decoded format to allow for sane display of national characters etc * 2005-02-21 02:58 (Minor) Peer related memory leaks on "squid -k reconfigure" * 2005-02-21 01:38 (Cosmetic) Doesn't work specifying the AR variable to configure @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.136 2005/02/21 00:05:32 taca Exp $ d3 3 a5 3 DISTNAME= squid-2.5.STABLE8 PKGNAME= squid-2.5.8 PKGREVISION= 3 d11 4 a14 14 PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/ PATCHFILES= squid-2.5.STABLE8-dns_assert.patch \ squid-2.5.STABLE8-format_fixes.patch \ squid-2.5.STABLE8-html_high_chars.patch \ squid-2.5.STABLE8-ftp_cleanup.patch \ squid-2.5.STABLE8-relaxed_header_parser.patch \ squid-2.5.STABLE8-gcc4.patch \ squid-2.5.STABLE8-ar.patch \ squid-2.5.STABLE8-reconfigure_peer_leaks.patch \ squid-2.5.STABLE8-ftp_url_display.patch \ squid-2.5.STABLE8-fqdn_spaces.patch \ squid-2.5.STABLE8-retry_on_error.patch PATCH_DIST_STRIP= -p1 d29 1 a29 1 DIST_STAMP= 2005022000 @ 1.136 log @Update to squid-2.5.8nb2; Add new two patches: * 2005-02-20 19:11 (Cosmetic) GCC4 warnings * 2005-02-20 10:47 (Minor) Relax header parsing slightly again to work around broken web servers Reflect update of one patch: * 2005-02-20 11:03 (Cosmetic) Cross-platform format fixes Update DIST_SUBDIR. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.135 2005/02/17 15:04:12 taca Exp $ d5 1 a5 1 PKGREVISION= 2 d18 6 a23 1 squid-2.5.STABLE8-gcc4.patch @ 1.135 log @Update squid package to 2.5.8nb1. Apply four official fixes. * 2005-02-15 02:14 (Cosmetic) FTP URL cleanups * 2005-02-15 01:07 (Cosmetic) Allow high characters in generated FTP and Gopher directory listings * 2005-02-15 00:03 (Cosmetic) Cross-platform format fixes * 2005-02-13 05:58 (Major) Assertion failure on certain odd DNS responses Fixes PR pkg/29412 from Mike M. Volokhov. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.134 2005/02/11 14:47:18 taca Exp $ d5 1 a5 1 PKGREVISION= 1 d16 3 a18 1 squid-2.5.STABLE8-ftp_cleanup.patch d34 1 a34 1 DIST_STAMP= 2005021100 @ 1.134 log @Update squid package to 2.5.8 (squid-2.5.STABLE8). Most of these changes are already included in previous squid-2.5.7nb12. But last one is really new one. Changes to squid-2.5.STABLE8 (11 Feb 2005) - [Minor] 100% CPU usage on half-closed PUT/POST requests (Bug #354, #1096) - [Cosmetic] Document -v (protocol version) option to LDAP helpers - [Minor] The new req_header and resp_header acls segfaults immediately on parse of squid.conf (Bug #961) - [Minor] Failure to shut down busy helpers on -k rotate/reconfigure (Bug #1118) - [Minor] Don't use O_NONBLOCK on disk files. (Bug #1102) - [Minor] Squid fails to close TCP connection after blank HTTP response (Bug #1116) - [Minor security] Random error messages in response to malformed host name (Bug #1143) - [Minor] PURGE should not be able to delete internal objects (Bug #1112) - [Minor] httpd_accel_port 0 (virtual) not working correctly (Bug #1121) - [Minor] cachemgr vm_objects segfault (Bug #1149) - [Minor security] Confusing results on empty acl declarations (Bug #1166) - [Minor] Don't close all "other" filedescriptors on startup (Bug #1177) - [Minor] fakeauth_auth memory leak and NULL pointer access (Bug #1183) - [Security] buffer overflow bug in gopherToHTML() (Bug #1189) - [Medium security] Denial of service with forged WCCP messages (Bug #1190) - [Minor] DNS related memory leak on certain malformed DNS responses (Bug #1197) - [Minor] Internal DNS sometimes truncates host names in reverse (PTR) lookups (Bug #1136) - [Minor Security] Add sanity checks on LDAP user names (Bug #1187) - [Security] Harden Squid agains HTTP request smuggling attacks - [Minor] Icon URLs fails in non-anonymous FTP directory listings is short_icon_urls is on (Bug #1203) - [Security] Harden Squid agains HTTP response splitting attacks (Bug #1200) - [Medium security] Buffer overflow in WCCP recvfrom() call (Bug #1217) - [Security] Properly handle oversized reply headers (Bug #1216) - [Minor] LDAP helpers search fixed to properly ask for no attributes - [Minor] A sporadic segmentation fault when using ntlm authentication fixed (Bug #1127) - [Major] Segmentation fault on failed PUT/POST requests (Bug #1224) - [Medium] Persistent connection mismatch on failed PUT/POST request (Bug #1122) - [Minor] WCCP easily disturbed by forged packets (Bug #1225) - [Minor] Password management in ftp:// gatewaying improved (Bug #1226) - [Major] HTTP reply data corruption in certain situations involving reply headers split over multiple packets (Bug #1233) @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.133 2005/02/06 08:08:02 taca Exp $ d5 1 d11 7 a17 4 # #PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/ #PATCHFILES= #PATCH_DIST_STRIP= -p1 @ 1.133 log @Update squid package to 2.5.7nb12. Adding several official patches which fix security and critical problem. o 2005-02-06 00:57 (Cosmetic) Improve password handling in FTP gatewaying of ftp://user@@host URLs o 2005-02-04 11:41 (Minor) WCCP easily disturbed by forged packets o 2005-02-04 00:33 (Medium) Persistent connection trouble on failed PUT/POST requests o 2005-02-04 00:12 (Major) Segmentation fault on failed PUT/POST request o 2005-02-03 23:27 (Minor) Sporadic segmentation fault when using ntlm authentication o 2005-02-03 23:17 (Minor) LDAP helpers sends slightly malformed search requests o 2005-01-31 22:50 (Security issue) Correct handling of oversized reply headers @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.132 2005/02/01 10:22:20 taca Exp $ d3 2 a4 3 DISTNAME= squid-2.5.STABLE7 PKGNAME= squid-2.5.7 PKGREVISION= 12 d10 4 a13 33 PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/ PATCHFILES= squid-2.5.STABLE7-half_closed_POST.patch \ squid-2.5.STABLE7-LDAP_version_documentation.patch \ squid-2.5.STABLE7_req_resp_header.patch \ squid-2.5.STABLE7-helper_shutdown.patch \ squid-2.5.STABLE7-non_blocking_disk.patch \ squid-2.5.STABLE7-blank_response.patch \ squid-2.5.STABLE7-dothost.patch \ squid-2.5.STABLE7-httpd_accel_vport.patch \ squid-2.5.STABLE7-cachemgr_vmobjects.patch \ squid-2.5.STABLE7-empty_acls.patch \ squid-2.5.STABLE7-close_other.patch \ squid-2.5.STABLE7-fakeauth_auth.patch \ squid-2.5.STABLE7-gopher_html_parsing.patch \ squid-2.5.STABLE7-wccp_denial_of_service.patch \ squid-2.5.STABLE7-dns_memleak.patch \ squid-2.5.STABLE7-fqdn_truncated.patch \ squid-2.5.STABLE7-ldap_spaces.patch \ squid-2.5.STABLE7-header_parsing.patch \ squid-2.5.STABLE7-httpd_accel_no_pmtu_disc.patch \ squid-2.5.STABLE7-ftp_datachannel.patch \ squid-2.5.STABLE7-short_icons_urls.patch \ squid-2.5.STABLE7-response_splitting.patch \ squid-2.5.STABLE7-wccp_buffer_overflow.patch \ squid-2.5.STABLE7-oversize_reply_headers.patch \ squid-2.5.STABLE7-ldap_search.patch \ squid-2.5.STABLE7-ntlm_segfault.patch \ squid-2.5.STABLE7-post.patch \ squid-2.5.STABLE7-server_post.patch \ squid-2.5.STABLE7-wccp_disturb.patch \ squid-2.5.STABLE7-ftp_password.patch PATCH_DIST_STRIP= -p1 d28 1 a28 1 DIST_STAMP= 2005020100 @ 1.132 log @Fix file name of a patch file which squid people fix its typo. Noted by salo@@ first and PR pkg/29181 later. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.131 2005/02/01 01:31:10 taca Exp $ d5 1 a5 1 PKGREVISION= 11 d35 8 a42 1 squid-2.5.STABLE7-wccp_buffer_overflow.patch @ 1.131 log @Update squid package to squid-2.5.7nb11. squid-2.5.STABLE7-response_splitting.patch was updated, so update distinfo and DIST_SUBDIR. It seems that a patch to one more file was added. * 2005-01-31 01:50 (Security issue) Strengthen Squid from HTTP response splitting cache pollution attack @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.130 2005/01/29 00:51:42 taca Exp $ d23 1 a23 1 squid-2.5.STABEL7-close_other.patch \ @ 1.130 log @Apply a new official patch which contains security problem. * 2005-01-28 23:16 (Security issue) Buffer overflow in WCCP recvfrom() call Bump PKG_REVISION and now squid-2.5.7nb10. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.129 2005/01/26 15:29:03 taca Exp $ d5 1 a5 1 PKGREVISION= 10 d51 1 a51 1 DIST_STAMP= 2005010100 @ 1.129 log @Update new and disabled official patches. The new patch includes security fix. o 2005-01-21 12:10 (Minor) Disable Path-MTU discovery on intercepted requests o 2005-01-21 12:43 (Security issue) Strengthen Squid from HTTP response splitting cache pollution attack Bump package revision. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.128 2005/01/21 13:41:26 taca Exp $ d5 1 a5 1 PKGREVISION= 9 d34 2 a35 1 squid-2.5.STABLE7-response_splitting.patch @ 1.128 log @Update new official patched. o 2005-01-21 12:43 (Security issue) Strengthen Squid from HTTP response splitting cache pollution attack o 2005-01-21 12:10 (Minor) Icons fails to load on non-anonymous FTP when using short_icons_url directive o 2005-01-21 12:10 (Minor) FTP data connection fails on some FTP servers when requesting directory without a trailing slash One patch has problem to apply and hold to apply o 2005-01-21 12:10 (Minor) Disable Path-MTU discovery on intercepted requests Bump package revision. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.127 2005/01/19 14:56:55 taca Exp $ d5 1 a5 1 PKGREVISION= 8 d30 2 a34 1 # squid-2.5.STABLE7-httpd_accel_no_pmtu_disc.patch # not yet @ 1.127 log @Apply three official patch including a minor security problem. o 2005-01-17 04:29 (Minor Secuity issue) Sanity check usernames in squid_ldap_auth o 2005-01-17 02:52 (Minor) FQDN names truncated on compressed DNS responses o 2005-01-17 02:52 (Minor) Internal DNS memory leak on malformed responses Bump package revision; squid-2.5.7nb7. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.126 2005/01/19 00:19:27 kim Exp $ d5 1 a5 1 PKGREVISION= 7 d29 5 a33 1 squid-2.5.STABLE7-ldap_spaces.patch @ 1.126 log @Record SQUID_USER and SQUID_GROUP in BUILD_DEFS. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.125 2005/01/16 15:46:25 taca Exp $ d5 1 a5 1 PKGREVISION= 6 d26 4 a29 1 squid-2.5.STABLE7-wccp_denial_of_service.patch @ 1.125 log @Set PKG_USERS and PKG_GROUPS with SQUID_USER and SQUID_GROUP. Now squid's user and group are handled by bsd.pkg.install.mk properly. Thanks much to Volker Wiegand at t-online dot de noted this problem by private mail. Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.124 2005/01/13 16:19:10 taca Exp $ d68 1 @ 1.124 log @Add three official fixes. o 2005-01-12 17:21 (Security issue) Denial of service with forged WCCP messages o 2005-01-12 17:19 (Security issue) buffer overflow bug in gopherToHTML() o 2005-01-08 03:13 (Medium) fakeauth_auth memory leak and NULL pointer access Bump package revision. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.123 2005/01/01 15:57:41 taca Exp $ d5 1 a5 1 PKGREVISION= 5 d69 2 @ 1.123 log @Update DIST_STAMP to change DIST_SUBDIR because of some patches were changed their size. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.122 2004/12/31 13:31:35 taca Exp $ d5 1 a5 1 PKGREVISION= 4 d23 4 a26 1 squid-2.5.STABEL7-close_other.patch @ 1.122 log @Add two official fix. * 2004-12-28 12:55 (Minor) Don't close "other" filedescriptors on startup * 2004-12-27 18:54 (Minor Security) Confusing results on empty acl declarations Bump package revision. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.121 2004/12/28 02:47:51 reed Exp $ d39 1 a39 1 DIST_STAMP= 2004101300 @ 1.121 log @The default location of the pkgsrc-installed rc.d scripts is now under share/examples/rc.d. The variable name already was named RCD_SCRIPTS_EXAMPLEDIR. This is from ideas from Greg Woods and others. Also bumped PKGREVISION for all packages using RCD_SCRIPTS mechanism (as requested by wiz). @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.120 2004/12/14 14:27:07 taca Exp $ d5 1 a5 1 PKGREVISION= 3 d21 3 a23 1 squid-2.5.STABLE7-cachemgr_vmobjects.patch @ 1.120 log @Update squid package to 2.5.7nb2. * Apply official three patches. - 2004-12-08 01:03 (Minor) cachemgr vm_objects segfault - 2004-12-08 00:47 (Minor) httpd_accel_port 0 (virtual) not working correctly - 2004-12-07 23:45 (Cosmetic / Minor Security issue) Random error messages in response to malformed host name * use VARBASE for data directory. * better handling data directory and user and group for squid with bsd.pkg.install.mk. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.119 2004/11/28 16:33:58 taca Exp $ d5 1 a5 1 PKGREVISION= 2 @ 1.120.2.1 log @Pullup ticket 205 - requested by Takahiro Kambe security fix for squid Module Name: pkgsrc Committed By: taca Date: Fri Dec 31 13:31:37 UTC 2004 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: Add two official fix. * 2004-12-28 12:55 (Minor) Don't close "other" filedescriptors on startup * 2004-12-27 18:54 (Minor Security) Confusing results on empty acl * declarations Bump package revision. --- Module Name: pkgsrc Committed By: taca Date: Sat Jan 1 15:57:42 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: Update DIST_STAMP to change DIST_SUBDIR because of some patches were changed their size. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.123 2005/01/01 15:57:41 taca Exp $ d5 1 a5 1 PKGREVISION= 4 d21 1 a21 3 squid-2.5.STABLE7-cachemgr_vmobjects.patch \ squid-2.5.STABLE7-empty_acls.patch \ squid-2.5.STABEL7-close_other.patch d37 1 a37 1 DIST_STAMP= 2005010100 @ 1.120.2.2 log @Pullup ticket 226 - requested by Takahiro Kambe security fix for squid Module Name: pkgsrc Committed By: taca Date: Thu Jan 13 16:19:10 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: Add three official fixes. o 2005-01-12 17:21 (Security issue) Denial of service with forged WCCP messages o 2005-01-12 17:19 (Security issue) buffer overflow bug in gopherToHTML() o 2005-01-08 03:13 (Medium) fakeauth_auth memory leak and NULL pointer access Bump package revision. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.124 2005/01/13 16:19:10 taca Exp $ d5 1 a5 1 PKGREVISION= 5 d23 1 a23 4 squid-2.5.STABEL7-close_other.patch \ squid-2.5.STABLE7-fakeauth_auth.patch \ squid-2.5.STABLE7-gopher_html_parsing.patch \ squid-2.5.STABLE7-wccp_denial_of_service.patch @ 1.120.2.3 log @Pullup ticket 239 - requested by Takahiro Kambe security fix for squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.125-1.128 - pkgsrc/www/squid/distinfo 1.73-1.74 Module Name: pkgsrc Committed By: taca Date: Sun Jan 16 15:46:25 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile Log Message: Set PKG_USERS and PKG_GROUPS with SQUID_USER and SQUID_GROUP. Now squid's user and group are handled by bsd.pkg.install.mk properly. Thanks much to Volker Wiegand at t-online dot de noted this problem by private mail. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: kim Date: Wed Jan 19 00:19:27 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile Log Message: Record SQUID_USER and SQUID_GROUP in BUILD_DEFS. --- Module Name: pkgsrc Committed By: taca Date: Wed Jan 19 14:56:55 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: Apply three official patch including a minor security problem. o 2005-01-17 04:29 (Minor Secuity issue) Sanity check usernames in squid_ldap_auth o 2005-01-17 02:52 (Minor) FQDN names truncated on compressed DNS responses o 2005-01-17 02:52 (Minor) Internal DNS memory leak on malformed responses Bump package revision; squid-2.5.7nb7. --- Module Name: pkgsrc Committed By: taca Date: Fri Jan 21 13:41:27 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: Update new official patched. o 2005-01-21 12:43 (Security issue) Strengthen Squid from HTTP response splitting cache pollution attack o 2005-01-21 12:10 (Minor) Icons fails to load on non-anonymous FTP when using short_icons_url directive o 2005-01-21 12:10 (Minor) FTP data connection fails on some FTP servers when requesting directory without a trailing slash One patch has problem to apply and hold to apply o 2005-01-21 12:10 (Minor) Disable Path-MTU discovery on intercepted requests Bump package revision. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.128 2005/01/21 13:41:26 taca Exp $ d5 1 a5 1 PKGREVISION= 8 d26 1 a26 8 squid-2.5.STABLE7-wccp_denial_of_service.patch \ squid-2.5.STABLE7-dns_memleak.patch \ squid-2.5.STABLE7-fqdn_truncated.patch \ squid-2.5.STABLE7-ldap_spaces.patch \ squid-2.5.STABLE7-ftp_datachannel.patch \ squid-2.5.STABLE7-short_icons_urls.patch \ squid-2.5.STABLE7-response_splitting.patch # squid-2.5.STABLE7-httpd_accel_no_pmtu_disc.patch # not yet a67 1 BUILD_DEFS+= SQUID_USER SQUID_GROUP a68 2 PKG_GROUPS= ${SQUID_GROUP} PKG_USERS= ${SQUID_USER}:${SQUID_GROUP}::Squid\\ Web-Cache\\ pseudo-user @ 1.120.2.4 log @Pullup ticket 247 - requested by Takahiro Kambe security fix for squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.129 - pkgsrc/www/squid/distinfo 1.75 Module Name: pkgsrc Committed By: taca Date: Wed Jan 26 15:29:03 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: Update new and disabled official patches. The new patch includes security fix. o 2005-01-21 12:10 (Minor) Disable Path-MTU discovery on intercepted requests o 2005-01-21 12:43 (Security issue) Strengthen Squid from HTTP response splitting cache pollution attack Bump package revision. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.129 2005/01/26 15:29:03 taca Exp $ d5 1 a5 1 PKGREVISION= 9 a29 2 squid-2.5.STABLE7-header_parsing.patch \ squid-2.5.STABLE7-httpd_accel_no_pmtu_disc.patch \ d33 1 @ 1.120.2.5 log @Pullup ticket 254 - requested by Takahiro Kambe security fix for squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.130 - pkgsrc/www/squid/distinfo 1.76 Module Name: pkgsrc Committed By: taca Date: Sat Jan 29 00:51:42 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: Apply a new official patch which contains security problem. * 2005-01-28 23:16 (Security issue) Buffer overflow in WCCP recvfrom() call Bump PKG_REVISION and now squid-2.5.7nb10. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.130 2005/01/29 00:51:42 taca Exp $ d5 1 a5 1 PKGREVISION= 10 d34 1 a34 2 squid-2.5.STABLE7-response_splitting.patch \ squid-2.5.STABLE7-wccp_buffer_overflow.patch @ 1.120.2.6 log @Pullup ticket 256 - requested by Takahiro Kambe distfiles fix for squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.131-1.132 - pkgsrc/www/squid/distinfo 1.77-1.78 Module Name: pkgsrc Committed By: taca Date: Tue Feb 1 01:31:10 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: Update squid package to squid-2.5.7nb11. squid-2.5.STABLE7-response_splitting.patch was updated, so update distinfo and DIST_SUBDIR. It seems that a patch to one more file was added. * 2005-01-31 01:50 (Security issue) Strengthen Squid from HTTP response splitting cache pollution attack --- Module Name: pkgsrc Committed By: taca Date: Tue Feb 1 10:22:20 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: Fix file name of a patch file which squid people fix its typo. Noted by salo@@ first and PR pkg/29181 later. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.132 2005/02/01 10:22:20 taca Exp $ d5 1 a5 1 PKGREVISION= 11 d23 1 a23 1 squid-2.5.STABLE7-close_other.patch \ d51 1 a51 1 DIST_STAMP= 2005020100 @ 1.120.2.7 log @Pullup ticket 274 - requested by Takahiro Kambe security fix for squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.133 - pkgsrc/www/squid/distinfo 1.79 Module Name: pkgsrc Committed By: taca Date: Sun Feb 6 08:08:03 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: Update squid package to 2.5.7nb12. Adding several official patches which fix security and critical problem. o 2005-02-06 00:57 (Cosmetic) Improve password handling in FTP gatewaying of ftp://user@@host URLs o 2005-02-04 11:41 (Minor) WCCP easily disturbed by forged packets o 2005-02-04 00:33 (Medium) Persistent connection trouble on failed PUT/POST requests o 2005-02-04 00:12 (Major) Segmentation fault on failed PUT/POST request o 2005-02-03 23:27 (Minor) Sporadic segmentation fault when using ntlm authentication o 2005-02-03 23:17 (Minor) LDAP helpers sends slightly malformed search requests o 2005-01-31 22:50 (Security issue) Correct handling of oversized reply headers @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.133 2005/02/06 08:08:02 taca Exp $ d5 1 a5 1 PKGREVISION= 12 d35 1 a35 8 squid-2.5.STABLE7-wccp_buffer_overflow.patch \ squid-2.5.STABLE7-oversize_reply_headers.patch \ squid-2.5.STABLE7-ldap_search.patch \ squid-2.5.STABLE7-ntlm_segfault.patch \ squid-2.5.STABLE7-post.patch \ squid-2.5.STABLE7-server_post.patch \ squid-2.5.STABLE7-wccp_disturb.patch \ squid-2.5.STABLE7-ftp_password.patch @ 1.120.2.8 log @Pullup ticket 280 - requested by Takahiro Kambe update squid Revisions pulled up: pkgsrc/www/squid/Makefile 1.134 pkgsrc/www/squid/distinfo 1.80 pkgsrc/www/squid/patches/patch-al 1.6 pkgsrc/www/squid/patches/patch-cd 1.5 Module Name: pkgsrc Committed By: taca Date: Fri Feb 11 14:47:18 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo pkgsrc/www/squid/patches: patch-al patch-cd Log Message: Update squid package to 2.5.8 (squid-2.5.STABLE8). Most of these changes are already included in previous squid-2.5.7nb12. But last one is really new one. Changes to squid-2.5.STABLE8 (11 Feb 2005) - [Minor] 100% CPU usage on half-closed PUT/POST requests (Bug #354, #1096) - [Cosmetic] Document -v (protocol version) option to LDAP helpers - [Minor] The new req_header and resp_header acls segfaults immediately on parse of squid.conf (Bug #961) - [Minor] Failure to shut down busy helpers on -k rotate/reconfigure (Bug #1118) - [Minor] Don't use O_NONBLOCK on disk files. (Bug #1102) - [Minor] Squid fails to close TCP connection after blank HTTP response (Bug #1116) - [Minor security] Random error messages in response to malformed host name (Bug #1143) - [Minor] PURGE should not be able to delete internal objects (Bug #1112) - [Minor] httpd_accel_port 0 (virtual) not working correctly (Bug #1121) - [Minor] cachemgr vm_objects segfault (Bug #1149) - [Minor security] Confusing results on empty acl declarations (Bug #1166) - [Minor] Don't close all "other" filedescriptors on startup (Bug #1177) - [Minor] fakeauth_auth memory leak and NULL pointer access (Bug #1183) - [Security] buffer overflow bug in gopherToHTML() (Bug #1189) - [Medium security] Denial of service with forged WCCP messages (Bug #1190) - [Minor] DNS related memory leak on certain malformed DNS responses (Bug #1197) - [Minor] Internal DNS sometimes truncates host names in reverse (PTR) lookups (Bug #1136) - [Minor Security] Add sanity checks on LDAP user names (Bug #1187) - [Security] Harden Squid agains HTTP request smuggling attacks - [Minor] Icon URLs fails in non-anonymous FTP directory listings is short_icon_urls is on (Bug #1203) - [Security] Harden Squid agains HTTP response splitting attacks (Bug #1200) - [Medium security] Buffer overflow in WCCP recvfrom() call (Bug #1217) - [Security] Properly handle oversized reply headers (Bug #1216) - [Minor] LDAP helpers search fixed to properly ask for no attributes - [Minor] A sporadic segmentation fault when using ntlm authentication fixed (Bug #1127) - [Major] Segmentation fault on failed PUT/POST requests (Bug #1224) - [Medium] Persistent connection mismatch on failed PUT/POST request (Bug #1122) - [Minor] WCCP easily disturbed by forged packets (Bug #1225) - [Minor] Password management in ftp:// gatewaying improved (Bug #1226 - [Major] HTTP reply data corruption in certain situations involving reply headers split over multiple packets (Bug #1233) @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.134 2005/02/11 14:47:18 taca Exp $ d3 3 a5 2 DISTNAME= squid-2.5.STABLE8 PKGNAME= squid-2.5.8 d11 33 a43 4 # #PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/ #PATCHFILES= #PATCH_DIST_STRIP= -p1 d58 1 a58 1 DIST_STAMP= 2005021100 @ 1.120.2.9 log @Pullup ticket 292 - requested by Takahiro Kambe DoS fix for squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.135 - pkgsrc/www/squid/PLIST 1.16 - pkgsrc/www/squid/distinfo 1.81 Module Name: pkgsrc Committed By: taca Date: Thu Feb 17 15:04:12 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile PLIST distinfo Log Message: Update squid package to 2.5.8nb1. Apply four official fixes. * 2005-02-15 02:14 (Cosmetic) FTP URL cleanups * 2005-02-15 01:07 (Cosmetic) Allow high characters in generated FTP and Gopher directory listings * 2005-02-15 00:03 (Cosmetic) Cross-platform format fixes * 2005-02-13 05:58 (Major) Assertion failure on certain odd DNS responses Fixes PR pkg/29412 from Mike M. Volokhov. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.135 2005/02/17 15:04:12 taca Exp $ a4 1 PKGREVISION= 1 d10 4 a13 7 PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/ PATCHFILES= squid-2.5.STABLE8-dns_assert.patch \ squid-2.5.STABLE8-format_fixes.patch \ squid-2.5.STABLE8-html_high_chars.patch \ squid-2.5.STABLE8-ftp_cleanup.patch PATCH_DIST_STRIP= -p1 @ 1.120.2.10 log @Pullup ticket 302 - requested by Takahiro Kambe update distribution patches for squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.136 - pkgsrc/www/squid/distinfo 1.82 Module Name: pkgsrc Committed By: taca Date: Mon Feb 21 00:05:32 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: Update to squid-2.5.8nb2; Add new two patches: * 2005-02-20 19:11 (Cosmetic) GCC4 warnings * 2005-02-20 10:47 (Minor) Relax header parsing slightly again to work around broken web servers Reflect update of one patch: * 2005-02-20 11:03 (Cosmetic) Cross-platform format fixes Update DIST_SUBDIR. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.136 2005/02/21 00:05:32 taca Exp $ d5 1 a5 1 PKGREVISION= 2 d16 1 a16 3 squid-2.5.STABLE8-ftp_cleanup.patch \ squid-2.5.STABLE8-relaxed_header_parser.patch \ squid-2.5.STABLE8-gcc4.patch d32 1 a32 1 DIST_STAMP= 2005022000 @ 1.120.2.11 log @Pullup ticket 322 - requested by Takahiro Kambe update squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.137-1.138 - pkgsrc/www/squid/distinfo 1.84-1.85 Module Name: pkgsrc Committed By: taca Date: Mon Feb 28 16:59:08 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: Update squid to 2.5.8nb3, adding recent five official patches. * 2005-02-23 00:11 (Medium) Should not automatically retry request on 403 and other server errors * 2005-02-21 17:02 (Minor) fqdn lookups with spaces may confuse redirectors * 2005-02-21 03:38 (Cosmetic) Display FTP URLs in decoded format to allow for sane display of national characters etc * 2005-02-21 02:58 (Minor) Peer related memory leaks on "squid -k reconfigure" * 2005-02-21 01:38 (Cosmetic) Doesn't work specifying the AR variable to configure --- Module Name: pkgsrc Committed By: taca Date: Tue Mar 1 11:16:58 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: Update squid package to 2.5.9 (2.5.STABLE9). There is no runtime change from 2.5.8nb3. - Fix for a wrong configure warning on Solaris 9 x86 when enabling ARP ACl support: The effective host type is i386-pc-solaris2.9. - Documentation update for squid 2.5.STALBE9. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.138 2005/03/01 11:16:57 taca Exp $ d3 3 a5 3 DISTNAME= squid-2.5.STABLE9 PKGNAME= squid-2.5.9 PKGREVISION= d11 9 a19 4 # #PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/ #PATCHFILES= #PATCH_DIST_STRIP= -p1 d34 1 a34 1 DIST_STAMP= 2005022800 @ 1.120.2.12 log @Pullup ticket 335 - requested by Takahiro Kambe security fix for squid Revisions pulled up: - pkgsrc/www/squid/Makefile 1.139 - pkgsrc/www/squid/distinfo 1.86 Module Name: pkgsrc Committed By: taca Date: Sun Mar 6 13:30:49 UTC 2005 Modified Files: pkgsrc/www/squid: Makefile distinfo Log Message: Update squid to 2.5.9nb1. * 2005-03-04 22:48 (Cosmetic Security) Unexpected access control results on configuration errors * 2005-03-04 11:55 (Minor) Links in FTP listings without / fails due to missing BASE HREF * 2005-03-04 11:55 (Minor) Fails to parse the EPLF FTP directory format * 2005-03-03 02:26 (Minor Security) Race condition related to Set-Cookie header @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.139 2005/03/06 13:30:48 taca Exp $ d5 1 a5 1 PKGREVISION= 1 d11 4 a14 7 PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/ PATCHFILES= squid-2.5.STABLE9-setcookie.patch \ squid-2.5.STABLE9-ftp_EPLF.patch \ squid-2.5.STABLE9-ftp_base_href.patch \ squid-2.5.STABLE9-acl_error.patch PATCH_DIST_STRIP= -p1 @ 1.119 log @Apply six official patches: * 2004-11-07 23:37 (Minor) Squid fails to close TCP connection after blank HTTP response * 2004-11-06 21:42 (Minor) 100% CPU on startup on new/experimental Linux kernels due to O_NONBLOCK * 2004-11-06 15:28 (Minor) Failure to shut down busy helpers on -k rotate/reconfigure * 2004-10-20 23:23 (Minor) The new req_header and resp_header acls segfaults immediately on parse of squid.conf * 2004-10-19 10:09 (Cosmetic) Document -v (protocol version) option to LDAP helpers * 2004-10-14 22:48 (Minor) 100% CPU usage on half-closed PUT/POST requests Bump package revision. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.118 2004/10/13 15:35:55 taca Exp $ d5 1 a5 1 PKGREVISION= 1 d18 4 a21 1 squid-2.5.STABLE7-blank_response.patch a28 1 USE_PERL5= build d30 1 d33 1 d47 1 d51 1 a51 1 --localstatedir=/var/squid \ d53 1 a53 7 CONFIGURE_ENV+= PERL=${PERL5} BUILD_DEFS+= SQUID_CONFIGURE_ARGS MAKE_ENV+= INSTALL_SCRIPT="${INSTALL_SCRIPT}" MAKE_ENV+= PKG_PREFIX="${PREFIX}" PLIST_SRC= ${WRKDIR}/PLIST RCD_SCRIPTS= squid d55 14 a68 2 CONF_FILES+= ${EXAMPLESDIR}/mime.conf ${PKG_SYSCONFDIR}/mime.conf CONF_FILES+= ${EXAMPLESDIR}/squid.conf ${PKG_SYSCONFDIR}/squid.conf d130 1 @ 1.118 log @Update squid package to 2.5.7. This includes security problem with SNMP support which enabled by default. * pkgsrc changes: - Don't use PKGNAME within DIST_SUBDIR. Instead, date based DIST_STAMP. This change prevent extra DIST_SUBDIR change asked by kim@@. - Remove setproctitle(3) hack for dnsserver helper program since use of dnsserver itself is problematic with huge size of squid process. * Changes to squid-2.5.STABLE7 (11 Oct 2004) - [Medium] No objects cached in ufs cache_dir type in some configurations. Issue introduced in 2.5.STABLE6 by the patch for Bug #676. (Bug #1011) - [Minor] LDAP helpers update to correct LDAP connection management and add support for literal password compare instead of binding - [Minor] A large number of queued DNS lookups for the same domain (Bug #852) - [Cosmetic] request_header_max_size configuration partly ignored (Bug #899) - [Minor] Partial hit results in TCP_HIT, not TCP_MISS. (Bug #1001) - Bug #1012: [Cosmetic] HEAD requests may return stale information (Bug #1012) - [Cosmetic] Warn if cache_dir ufs can not create files. (Bug #918) - [Minor] case insensitive authentication (Bug #431) - [Cosmetic] Add delay pools information to active_requests. (Bug #882) - [Minor] Apparent memory leak in client_db (Bug #833) - [Minor] NTLM authentication truncated causing failures. (Bug #1016) - [Cosmetic] Grammatical corrections in squid.conf.default - [Cosmetic] Unknown %X errorpage codes incorrectly quoted. (Bug #1030) - [Medium] Segfaults and other strange crashes when using heap policies. (Bug #1009) - [Minor] Supplementary group memberships not set (Bug #1021) - [Cosmetic] ERR_TOO_BIG Portugese translation - [Minor] external_acl does not handle newlines (Bug #1038) - [Major] NTLM authentication denial of service when using msnt_auth or fake_auth (Bug #1045) - [Medium] Memory leaks when using NTLM authentication without challenge reuse. (Bug #994) - [Minor] Temporary NTLM memory leak with challenge reuse enabled (Bug #910) - [Minor] assertion failed: "n_ufs_dirs <= Config.cacheSwap.n_configured". (Bug #1053) - [Minor] Segfault in authenticateDigestHandleReply. (Bug #1031) - [Minor] acl time fails to parse multiple time specifications (Bug #1060) - [Minor] cachemgr config dumps mixed up Range and Request-Range headers in http_header_access & replace directives. (Bug #1056) - [Minor] Content-Disposition added as a well known header (Bug #961) - [Cosmetic] Don't warn about arp acls not being supported on FreeBSD (Bug #1074) - [Cosmetic] Limit internal send/receive buffer sizes (Bug #1075) - [Medium] New acl types to match arbitrary HTTP headers. In addition the http_header_access & replace directivess now support arbitrary headers and not only the well known ones. (Bug #961) - [Cosmetic] ncsa_auth now accepts Window formatted password files (Bug #1078) - [Cosmetic] Support the --program-prefix/suffix options or other configure program name transforms (Bug #1019) - [Minor] Fix race condition in CONNECT and also handle aborts of CONNECT requests in a more graceful manner. (Bug #859) - [Minor] New balance_on_multiple_ip directive to work around certain broken load balancers and optimized ipcache on reload requests (Bug #1058) - [Medium] New reply_header_max_size directive (Bug #874) - [Minor] Suspected instability on aborted PUT/POST requests (Bug #1089) - [Security] SNMP Denial of Service fix (CAN-2004-0918) @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.117 2004/10/03 16:06:18 taca Exp $ d5 1 a5 1 PKGREVISION= d12 9 a20 4 #PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/ #PATCHFILES= #PATCH_DIST_STRIP= -p1 # @ 1.117 log @- Enable --enable-arp-acl configure option on FreeBSD, Linux and SunOS. - Add 9 official patches. Bump package revision, squid-2.5.6nb3. * 2004-09-30 09:28 (Minor) CARP ignores cache_peer_domain/cache_peer_access * 2004-09-27 18:23 (Minor) balance_on_multiple_ip squid.conf directive * 2004-09-27 18:10 (Minor) Race window and poor responsiveness to aborted CONNECT requests * 2004-09-25 21:42 (Cosmetic) Support the --program-prefix and other program name transforms * 2004-09-25 21:08 (Cosmetic) Document the caseinsensitive basic auth option * 2004-09-25 20:57 (Cosmetic) ncsa_auth is sensitive on line ending format * 2004-09-25 12:00 (Medium) Add support for arbitrary headers acess controls * 2004-09-26 21:22 (Minor) Limit internal send/receive buffers * 2004-09-25 09:55 (Cosmetic) arp acls is supported on FreeBSD these days.. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.116 2004/10/03 00:18:27 tv Exp $ d3 3 a5 3 DISTNAME= squid-2.5.STABLE6 PKGNAME= squid-2.5.6 PKGREVISION= 3 d12 4 a15 36 PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/ PATCHFILES= squid-2.5.STABLE6-ufs_no_valid_dir.patch \ squid-2.5.STABLE6-ldap_helpers.patch \ squid-2.5.STABLE6-concurrent_dns_lookups.patch \ squid-2.5.STABLE6-request_header_max_size.patch \ squid-2.5.STABLE6-partial_hit_is_miss.patch \ squid-2.5.STABLE6-HEAD.patch \ squid-2.5.STABLE6-ufs_create_error.patch \ squid-2.5.STABLE6-basic_auth_caseinsensitive.patch \ squid-2.5.STABLE6-active_requests_delaypool.patch \ squid-2.5.STABLE6-client_db_gc.patch \ squid-2.5.STABLE6-ntlmtruncated.patch \ squid-2.5.STABLE6-grammar.patch \ squid-2.5.STABLE6-errorpage_quote.patch \ squid-2.5.STABLE6-heap_segfault.patch \ squid-2.5.STABLE6-initgroups.patch \ squid-2.5.STABLE6-external_acl_newlines.patch \ squid-2.5.STABLE6-ntlm_fetch_string.patch \ squid-2.5.STABLE6-ntlm_noreuse_leak.patch \ squid-2.5.STABLE6-ntlm_challengereuse_leak.patch \ squid-2.5.STABLE6-rotate_error.patch \ squid-2.5.STABLE6-digest_crash.patch \ squid-2.5.STABLE6-acl_times.patch \ squid-2.5.STABLE6-http_header_range.patch \ squid-2.5.STABLE6-Content-Disposition.patch \ squid-2.5.STABLE6-freebsd_arp_nowarning.patch \ squid-2.5.STABLE6-huge_tcp_windows.patch \ squid-2.5.STABLE6-arbitrary_headers.patch \ squid-2.5.STABLE6-ncsa_auth_lineendings.patch \ squid-2.5.STABLE6-basic_auth_caseinsensitive-2.patch \ squid-2.5.STABLE6-program-prefix.patch \ squid-2.5.STABLE6-CONNECT.patch \ squid-2.5.STABLE6-balance_on_multiple_ip.patch \ squid-2.5.STABLE6-CARP-cache_peer_access.patch PATCH_DIST_STRIP= -p1 d22 1 a22 1 DIST_SUBDIR= ${PKGNAME} d26 4 @ 1.116 log @Libtool fix for PR pkg/26633, and other issues. Update libtool to 1.5.10 in the process. (More information on tech-pkg.) Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and installing .la files. Bump PKGREVISION (only) of all packages depending directly on the above via a buildlink3 include. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.115 2004/09/03 22:58:19 taca Exp $ d5 1 a5 1 PKGREVISION= 2 d36 10 a45 1 squid-2.5.STABLE6-Content-Disposition.patch d82 4 @ 1.115 log @Update squid package, applying official patches. * 2004-09-01 13:59 (Minor) Squid does not recognise Content-Disposition header * 2004-09-01 13:09 (Cosmetic) cachemge config dumps mixed up Range and Request-Range headers * 2004-09-01 12:25 (Minor) acl time fails to parse multiple time specifications correctly * 2004-08-28 22:46 (Minor) Segfault in CvtBin / authenticateDigestHandleReply * 2004-08-25 21:11 (Minor) assertion failed: comm.c:430: "n_ufs_dirs <= Config.cacheSwap.n_configured" * 2004-08-25 20:30 (Minor) Temporary NTLM memory leak with challenge reuse enabled * 2004-08-25 20:30 (Medium) Memory leaks when using NTLM authentication without challenge reuse Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.114 2004/08/22 15:11:07 taca Exp $ d5 1 a5 1 PKGREVISION= 1 @ 1.115.2.1 log @Pullup (via patch) ticket 123 - requested by Takahiro Kambe security fix for squid Modified Files: pkgsrc/www/squid: Makefile distinfo pkgsrc/www/squid/patches: patch-ag patch-an patch-bb Removed Files: pkgsrc/www/squid/patches: patch-ba Log Message: Update squid package to 2.5.7. This includes security problem with SNMP support which enabled by default. * pkgsrc changes: - Don't use PKGNAME within DIST_SUBDIR. Instead, date based DIST_STAMP. This change prevent extra DIST_SUBDIR change asked by kim@@. - Remove setproctitle(3) hack for dnsserver helper program since use of dnsserver itself is problematic with huge size of squid process. * Changes to squid-2.5.STABLE7 (11 Oct 2004) - [Medium] No objects cached in ufs cache_dir type in some configurations. Issue introduced in 2.5.STABLE6 by the patch for Bug #676. (Bug #1011) - [Minor] LDAP helpers update to correct LDAP connection management and add support for literal password compare instead of binding - [Minor] A large number of queued DNS lookups for the same domain (Bug #852) - [Cosmetic] request_header_max_size configuration partly ignored (Bug #899) - [Minor] Partial hit results in TCP_HIT, not TCP_MISS. (Bug #1001) - Bug #1012: [Cosmetic] HEAD requests may return stale information (Bug #1012) - [Cosmetic] Warn if cache_dir ufs can not create files. (Bug #918) - [Minor] case insensitive authentication (Bug #431) - [Cosmetic] Add delay pools information to active_requests. (Bug #882) - [Minor] Apparent memory leak in client_db (Bug #833) - [Minor] NTLM authentication truncated causing failures. (Bug #1016) - [Cosmetic] Grammatical corrections in squid.conf.default - [Cosmetic] Unknown %X errorpage codes incorrectly quoted. (Bug #1030) - [Medium] Segfaults and other strange crashes when using heap policies. (Bug #1009) - [Minor] Supplementary group memberships not set (Bug #1021) - [Cosmetic] ERR_TOO_BIG Portugese translation - [Minor] external_acl does not handle newlines (Bug #1038) - [Major] NTLM authentication denial of service when using msnt_auth or fake_auth (Bug #1045) - [Medium] Memory leaks when using NTLM authentication without challenge reuse. (Bug #994) - [Minor] Temporary NTLM memory leak with challenge reuse enabled (Bug #910) - [Minor] assertion failed: "n_ufs_dirs <= Config.cacheSwap.n_configured". (Bug #1053) - [Minor] Segfault in authenticateDigestHandleReply. (Bug #1031) - [Minor] acl time fails to parse multiple time specifications (Bug #1060) - [Minor] cachemgr config dumps mixed up Range and Request-Range headers in http_header_access & replace directives. (Bug #1056) - [Minor] Content-Disposition added as a well known header (Bug #961) - [Cosmetic] Don't warn about arp acls not being supported on FreeBSD (Bug #1074) - [Cosmetic] Limit internal send/receive buffer sizes (Bug #1075) - [Medium] New acl types to match arbitrary HTTP headers. In addition the http_header_access & replace directivess now support arbitrary headers and not only the well known ones. (Bug #961) - [Cosmetic] ncsa_auth now accepts Window formatted password files (Bug #1078) - [Cosmetic] Support the --program-prefix/suffix options or other configure program name transforms (Bug #1019) - [Minor] Fix race condition in CONNECT and also handle aborts of CONNECT requests in a more graceful manner. (Bug #859) - [Minor] New balance_on_multiple_ip directive to work around certain broken load balancers and optimized ipcache on reload requests (Bug #1058) - [Medium] New reply_header_max_size directive (Bug #874) - [Minor] Suspected instability on aborted PUT/POST requests (Bug #1089) - [Security] SNMP Denial of Service fix (CAN-2004-0918) @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.115 2004/09/03 22:58:19 taca Exp $ d3 3 a5 2 DISTNAME= squid-2.5.STABLE7 PKGNAME= squid-2.5.7 d12 27 a38 4 #PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/ #PATCHFILES= #PATCH_DIST_STRIP= -p1 # d45 1 a45 1 DIST_SUBDIR= ${PKGNAME_NOREV}-${DIST_STAMP} a48 4 # Update this time stamp pattern if any of official distfiles has changed. # DIST_STAMP= 2004101300 @ 1.114 log @Update squid package to 2.5.6 (squid 2.5.STALBE6 + official patches). Squid 2.5.STABLE5 to 2.5.STABLE6: * Several "Assertion error" bugs fixed * Several "Segmentation fault" bugs fixes * Corrects a security issue in the old ntlm_auth NTLM helper used in transparent NTLM authentication to a NT domain without using samba. * Processing of Vary: * and Vary on error messages corrected * a large number of minor and cosmetic bugfixes. See the list of squid-2.5.STABLE5 patches and the ChangeLog file for details. 2.5.STABLE56 official patches: * 2004-08-20 08:18 (Major) NTLM authentication denial of service * 2004-08-14 21:07 (Minor) external_acl does not handle newlines * 2004-08-09 14:03 (Minor) Supplementary group memberships not set * 2004-08-05 20:33 (Medium) Segfaults and other strange crashes when using heap policies * 2004-08-06 11:05 (Cosmetic) Unknown %X errorpage codes incorrectly quoted * 2004-08-17 12:22 (Cosmetic) Grammatical corrections in squid.conf.default * 2004-07-27 21:52 (Minor) NTLM authentication truncated * 2004-07-17 22:43 (Minor) Memory leak in client_db * 2004-07-17 20:11 (Cosmetic) Add delay pools information to active_requests * 2004-07-17 19:57 (Minor) case insensitive authentication * 2004-07-17 19:48 (Cosmetic) Warn if cache_dir ufs can not create files * 2004-07-17 16:33 (Cosmetic) HEAD requests may return stale information * 2004-07-17 16:33 (Minor) Partial hit results in TCP_HIT, not TCP_MISS * 2004-07-17 16:33 (Cosmetic) request_header_max_size configuration option doesn't work correctly * 2004-07-29 13:29 (Minor) A large number of queued DNS lookups for the same domain * 2004-08-10 09:40 (Minor) LDAP helpers update * 2004-07-14 16:29 (Medium) storeCreate: no valid swapdirs for this object @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.113 2004/06/19 22:07:52 taca Exp $ d5 1 a5 1 PKGREVISION= # empty d29 8 a36 1 squid-2.5.STABLE6-ntlm_fetch_string.patch @ 1.113 log @Revert PKGREVISION to 5 since there is no functional changes. (Current squid package dosen't build sasl_auth module.) @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.112 2004/06/19 22:05:48 taca Exp $ d3 3 a5 3 DISTNAME= squid-2.5.STABLE5 PKGNAME= squid-2.5.5 PKGREVISION= 5 d13 17 a29 32 PATCHFILES= squid-2.5.STABLE5-ntlm_assert.patch \ squid-2.5.STABLE5-ldap.patch \ squid-2.5.STABLE5-helper_warning.patch \ squid-2.5.STABLE5-pkgconfig.patch \ squid-2.5.STABLE5-vary.patch \ squid-2.5.STABLE5-lin22_poll.patch \ squid-2.5.STABLE5-version.patch \ squid-2.5.STABLE5-deny_info.patch \ squid-2.5.STABLE5-CONNECT_timeout.patch \ squid-2.5.STABLE5-cache_swap_log.patch \ squid-2.5.STABLE5-ntlm_warning.patch \ squid-2.5.STABLE5-rfc1035NameUnpack.patch \ squid-2.5.STABLE5-digest_blank.patch \ squid-2.5.STABLE5-post_assert.patch \ squid-2.5.STABLE5-spelling.patch \ squid-2.5.STABLE5-digest_ERR.patch \ squid-2.5.STABLE5-turkish_ERR_DNS_FAIL.patch \ squid-2.5.STABLE5-vary_negatively.patch \ squid-2.5.STABLE5-range_offset_limit.patch \ squid-2.5.STABLE5-large_cache_mem.patch \ squid-2.5.STABLE5-least-load.patch \ squid-2.5.STABLE5-cacheCurrentUnlinkRequests.patch \ squid-2.5.STABLE5-debug_client_ip.patch \ squid-2.5.STABLE5-openbsd_m88k.patch \ squid-2.5.STABLE5-ftp_html_doctype.patch \ squid-2.5.STABLE5-dns_localhost.patch \ squid-2.5.STABLE5-msnt_auth_doc.patch \ squid-2.5.STABLE5-va_copy.patch \ squid-2.5.STABLE5-CONNECT_log_size.patch \ squid-2.5.STABLE5-proxy_abuse.patch \ squid-2.5.STABLE5-sasl_auth_SASL2.patch \ squid-2.5.STABLE5-ntlm_auth_overflow.patch @ 1.112 log @Now apply squid-2.5.STABLE5-sasl_auth_SASL2.patch though pkgsrc dosen't support making sasl_auth module. (I think it is better to create separate packages for those authentication modules.) Bump package revision. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.111 2004/06/19 16:54:31 taca Exp $ d5 1 a5 1 PKGREVISION= 6 @ 1.111 log @Update squid pacakge to 2.5.STABLE5nb5. pkgsrc change: o set DIST_SUBR to ${PKGNAME}. Changes: o 2004-06-07 21:25 (Cosmetic) Negative size in access.log on long running CONNECT requests o 2004-06-08 11:01 (Major) Segmentation fault after "Likely proxy abuse detected" o 2004-06-18 17:39 (Security issue) Overflow bug in Squid's ntlm_auth helper. Note: currently below patch isn't applied since it is broken and I'm not sure how it shold be corrected. I wish it would fixed before tagging pkgsrc-2004Q2. o 2004-06-08 11:42 (Minor) sasl_auth doesn't compile with SALS2 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.110 2004/06/13 17:33:41 kristerw Exp $ d5 1 a5 1 PKGREVISION= 5 d43 1 a44 1 # squid-2.5.STABLE5-sasl_auth_SASL2.patch # currently broken @ 1.110 log @Version DIST_SUBDIR to prevent lossage from the recent distfile checksum change. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.109 2004/06/06 16:01:01 taca Exp $ d5 1 a5 1 PKGREVISION= 4 d40 5 a44 1 squid-2.5.STABLE5-va_copy.patch d53 1 a53 1 DIST_SUBDIR= squid-2.5.5nb4 @ 1.109 log @latest offcial patch has updated: Bug #753: va_copy required Bug #995: segfault on long URLs (bug in previous patch to Bug #753) And reduce offset from pkgsrc's patches. Bump package revision. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.108 2004/06/04 15:33:05 taca Exp $ d49 1 a49 1 DIST_SUBDIR= squid-2.5.5 @ 1.108 log @Updated squid package to 2.5.5nb3 applying nine official patches. * 2004-06-01 08:38 (Medium) Segfault in memBufVPrintf on certain architectures requiring va_copy * 2004-06-01 00:00 (Cosmetic) msnt_auth documentation update * 2004-05-31 23:37 (Cosmetic) dns_servers should default to localhost if no resolv.conf * 2004-05-31 23:37 (Cosmetic) FTP directory listing HTML DOCTYPE misread by some tools * 2004-06-01 08:26 (Minor) fix compilation on OpenBSD/m88k * 2004-05-31 22:59 (Cosmetic) Show client ip in cache.log debug output * 2004-05-31 22:43 (Minor) cacheCurrentUnlinkRequests should be a counter, not gauge * 2004-05-31 22:08 (Minor) store_dir_select_algorithm least-load doesn't work for ufs cache_dir type * 2004-05-31 21:32 (Cosmetic) Very large cache_mem values reported wrongly in cache.log @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.107 2004/05/15 13:57:12 heinz Exp $ d5 1 a5 1 PKGREVISION= 3 @ 1.107 log @Use option "-r" instead of "-e" for ${TEST} since this is not portable to some operating systems (eg UnixWare). @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.106 2004/05/06 14:44:53 taca Exp $ d5 1 a5 1 PKGREVISION= 2 d31 10 a40 1 squid-2.5.STABLE5-range_offset_limit.patch @ 1.106 log @Add official patches and bump PKGREVISION. o 2004-03-11 15:29 (Cosmetic) Helper queue warnings inprecice on the number of helpers required o 2004-03-12 10:13 (Cosmetic) Add pkg-config support for finding correct OpenSSL compile flags o 2004-03-19 09:02 (Medium) "Vary: *" is ignored o 2004-03-19 09:12 (Minor) 100% CPU usage on Linux-2.2 o 2004-03-19 09:17 (Cosmetic) Version number includes -CVS if autoconf is run o 2004-03-29 09:47 (Minor) deny_info redirection with requested URL escaped wrongly o 2004-03-29 10:02 (Minor) CONNECT timeout should produce a 504 or 503 o 2004-04-03 13:54 (Cosmetic) cache_swap_log documentation referred to swap.state by it's old swap.log name o 2004-04-06 14:12 (Cosmetic) ntlm/auth_ntlm.c(683): warning #187: use of "=" where "==" may have been intended o 2004-04-11 09:19 (Medium) rfc1035NameUnpack: Assertion (*off) < sz failed o 2004-04-18 01:33 (Major) Segment violation when using a blank user name in digest authentication o 2004-04-18 23:46 (Medium) assertion failed: errorpage.c:292: "mem->inmem_hi == 0" o 2004-04-20 12:30 (Cosmetic) Spelling corrections in configure and squid.conf.default o 2004-04-20 12:38 (Cosmetic) Clarify meaning of ERR in digest helper protocol o 2004-04-20 12:38 (Cosmetic) Spelling error in Turkish ERR_DNS_FAIL o 2004-04-24 14:10 (Minor) Negative cached 404 replies with VARY header never matches o 2004-04-30 00:01 (Minor) range_offset_limit -1 KB rejected as invalid syntax @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.105 2004/04/26 03:35:04 snj Exp $ d107 1 a107 1 ${TEST} ! -e ${PREFIX}/$$FILE || ${ECHO} $$FILE; \ @ 1.105 log @Convert to buildlink3. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.104 2004/03/26 02:27:58 wiz Exp $ d5 1 a5 1 PKGREVISION= 1 d14 18 a31 1 squid-2.5.STABLE5-ldap.patch @ 1.104 log @PKGREVISION bump after openssl-security-fix-update to 0.9.6m. Buildlink files: RECOMMENDED version changed to current version. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.103 2004/03/04 17:05:50 taca Exp $ d34 1 a34 1 USE_BUILDLINK2= yes d107 1 a107 1 .include "../../security/openssl/buildlink2.mk" @ 1.103 log @Update squid-2.5.5 (squid 2.5.STABLE5 with two official patches). Most of these changes from 2.5.STABLE4 to 2.5STABLE5 are already applied in previous squid-2.5.4nb8 package. Changes to squid-2.5.STABLE5 (1 Mar 2004): - cache.log message on "squid -k reconfigure" was slightly confusing, claiming Squid restarted when it just reread the configuration. - Bug #787: digest auth never detects password changes - Bug #789: login with space confuses redirector helpers - Bug #791: FQDNcache discards negative responses when using internal DNS - pam_auth fails on Solaris when using pam_authtok_get. Persistent PAM connections are unsafe and now disabled by default. - auth_param documentation clarifications and added default realm values making only the helper program a required attribute - Bug #795: German ERR_DNS_FAIL correction - Bug #803: Lithuantian error messages update - Bug #806: Segfault if failing to load error page - Bug #812: Mozilla/Netscape plugins mime type defined (.xpi) - Bug #817: maximum_object_size too large causes squid not to cache - Bug #824: 100% CPU loop if external_acl combined with separate authentication acl in the same http_access line - squid_ldap_group updated to version 2.12 with support for ldaps:// (LDAPv2 over SSL) and a numer of other improvements. - Bug #799: positive_dns_ttl ignored when using internal DNS. - Bug #690: Incorrect html on empty Gopher responses - Bug #729: --enable-arp-acl may give warning about net/route.h - Bug #14: attempts to establish connection may look like syn flood attack if the contacted server is refusing connections - errorpage README files included in the distribution again showing who contributed which translation - Bug #848: connect_timeout connect_timeout ends up twice the length. forward_timeout option added to address this. - Bug #849: DNS log error messages should report the failed query - Bug #851: DNS retransmits too often - Bug #862: Very frequently repeated POST requests may cause a filedescriptor shortage due to persitent connections building up - Bug #853: Sporatic segmentation faults on aborted FTP PUT requests - Bug #571: Need to limit use of persistent connections when filedescriptor usage is high - Bug #856: FTP/Gopher Icon URLs are unneededly complex and often does not work properly - Bug #860: redirector_access does not handle "slow" acls such as "dst" or "external" requiring a external lookup. - Bug #865: Persistent connection usage too high after sudden burst of traffic. - Bug #867: cache_peer max-conn=.. option does not work - Bug #868: refuses to start if pid_filename none is specified - Bug #887: LDAP helper -Z (TLS) option does not work - Bug #877: Squid doesn't follow telnet protocol on FTP control connections - Bug #908: Random auth popups and account lockouts when using ntlm - Support for NTLM_NEGOTIATE exchanges with ntlm helpers - Bug #585: cache_peer_access fails with NTLM authentication - Bug #592: always/never_direct fails with NTLM authentication - wbinfo_group update for Samba-3 - Bug #892: helpers/ntlm_auth/SMB/ fails to compile on FreeBSD 5.0 - Bug #924: miss_access restricts internal and cachemgr requests even if these are local - Bug #925: auth headers send by squidclient are mildly malformed - Bug #922: miss_access and delay_access and several other authentication related bug fixes. - Bug #909: Added ARP acl support for FreeBSD - Bug #926: deny_info with http_reply_access or miss_access - Bug #872: reply_body_max_size problems when using NTLM auth - Bug #825: random segmentation faults when using digest auth - Bug #910: Partial fix for temporary memory leaks when using NTLM auth. There is still problems if challenge reuse is enabled. - ftp://anonymous@@host/ now accepted without requiring a password - Bug #594: several mime type updates (ftp:// related) - url_regex enhanced to allow matching of %00 And two official patches' changes. assertion failed: helper.c:323: "srv->flags.reserved" synopsis If using ntlm authentication then Squid may randomly abort with the above assertion failure if a request is aborted while Squid waits for a response from the domain controller severity Medium date 2004-03-01 23:55 bugzilla #937 versions Squid-2.5.STABLE5 platforms All workaround half_closed_connections on (the default) squid_ldap_auth can be confused by the use of reserved characters synopsis squid_ldap_auth may be confused by the use of reserved characters allowing the login name to be masqueraded in different manners possibly allowing the user to partially bypass certain per-user restrictions or confuse third party accounting packages. Note that the user can not bypass the login procedure as such. All he can do is to make the login name look different than normal. There is still full audit trails on who the user is etc. The patch also adds and documents a -d flag to both squid_ldap_auth and squid_ldap_group to allow for easier tracing of the operation of these programs if results is not what is expected. severity Major date 2004-03-04 09:37 bugzilla #935 versions Squid-2.5 and earlier platforms All configuration configurations where squid_ldap_auth is used for authentication using a search filter (-f option) and where squid_ldap_group is not used to further restrict the valid usernames. workaround Combine squid_ldap_auth with squid_ldap_group to only allow valid logins who are member of a certain group, or alternatively use a proxy_auth_regex acl to deny the use of any login using restricted characters. acl bad_login proxy_auth_regex [()\\*] http_access deny bad_login @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.102 2004/02/12 14:45:00 taca Exp $ d5 1 @ 1.102 log @Update squid package to 2.5.4nb8; apply five official patches. o Empty proxy_auth ACLs are silently accepted but lead to unpredictable ACL matching synopsis If a proxy_auth acl is incorrectly defined with no members then any http_access rules using this acl will give unpredictable results depending on the results of earlier acl lookups. This patch corrects both the reason to why acl lookups became unpredictable and makes Squid reject such incorrect acl definitions. severity Medium date 2004-01-15 07:44 bugzilla #893 versions Squid-2.5 and earlier platforms All workaround Make sure your proxy_auth acls are correctly defined. If the acl should not match any users then don't declare the acl at all. o Squid doesn't follow telnet protocol on FTP control connections synopsis Squid forgot to escape IAC characters (ascii code 255) in FTP requests, causing problems to access files/directories using this character in their name or to log in with this character in the login or password. severity Minor date 2004-02-03 14:38 bugzilla #877 versions Squid-2.5 and earlier platforms All workaround Double any such characters in the input to Squid. (%ff%ff instead of %ff) o Random auth popups and account lockouts when using NTLM synopsis When using NTLM authentication random auth popups and account lockouts may be experienced. severity Medium date 2004-02-11 22:12 bugzilla #908 versions Squid-2.5 platforms All workaround It may help to configure a lot of NTLM helpers but this is not verified. o squid_ldap_group -S option did not work synopsis The -S and -E options in squid_ldap_group v2.12 was mixed up, making the options somewhat hard to use. severity Minor date 2004-02-09 17:10 bugzilla #911 versions Squid-2.5.STABLE4 + ldap_group 2.12 patch platforms All workaround Specify -E instead of -S. o Squid stuck at 100% CPU loop in ipcache_purgelru, or segfault in the same synopsis The squid-2.5.STABLE4-connect_cleanup.patch was not entirely correct and could cause memory corruption in certain situations involving negative DNS replies (host not found etc) severity Major date 2004-02-12 09:42 bugzilla #891 versions Squid-2.5.STABLE4-20031210 to 20040212 platforms All @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.101 2004/01/20 12:28:00 agc Exp $ d3 2 a4 3 DISTNAME= squid-2.5.STABLE4 PKGNAME= squid-2.5.4 PKGREVISION= 8 d12 2 a13 40 PATCHFILES= squid-2.5.STABLE4-reconfigure_message.patch \ squid-2.5.STABLE4-digest_auth_pwchange.patch \ squid-2.5.STABLE4-redirect_login_space.patch \ squid-2.5.STABLE4-fqdnnegcache.patch \ pam_auth-2.2.patch \ squid-2.5.STABLE4_auth_param_doc.patch \ squid-2.5.STABLE4-errorpages.patch \ squid-2.5.STABLE4-error_load_text.patch \ squid-2.5.STABLE4-xpi_mime.patch \ squid-2.5.STABLE4-size_overflow.patch \ squid-2.5.STABLE4-extacl_auth_loop.patch \ squid-2.5.STABLE4-squid_ldap_group.patch \ squid-2.5.STABLE4-positive_dns_ttl.patch \ squid-2.5.STABLE4-gopherhtml.patch \ squid-2.5.STABLE4-netroute.patch \ squid-2.5.STABLE4-synflood.patch \ squid-2.5.STABLE4-fqdn.patch \ squid-2.5.STABLE4-connect_cleanup.patch \ squid-2.5.STABLE4-pconn_post.patch \ squid-2.5.STABLE4-ftp_put.patch \ squid-2.5.STABLE4-pconn-load.patch \ squid-2.5.STABLE4-icon_urls.patch \ squid-2.5.STABLE4-redirector_access.patch \ squid-2.5.STABLE4-pconn-lifo.patch \ squid-2.5.STABLE4-cache_peer_maxconn.patch \ squid-2.5.STABLE4-pid_filename_none.patch \ squid-2.5.STABLE4-dns_namelength.patch \ squid-2.5.STABLE4-urllogin_acl.patch \ squid-2.5.STABLE4-russian.patch \ squid-2.5.STABLE4-redirlog.patch \ squid-2.5.STABLE4-pinger.patch \ squid-2.5.STABLE4-partial_reload.patch \ squid-2.5.STABLE4-ldap_tls.patch \ squid-2.5.STABLE4-ldap_group_bufsize.patch \ squid-2.5.STABLE4-http_workarounds.patch \ squid-2.5.STABLE4-empty_proxy_auth.patch \ squid-2.5.STABLE4-ftp_telnet.patch \ squid-2.5.STABLE4-ntlm_auth_popups.patch \ squid-2.5.STABLE4-ldap_group-S.patch \ squid-2.5.STABLE4-ipcache_purge.patch d22 1 a22 1 DIST_SUBDIR= squid-2.5.4 @ 1.101 log @Move WRKSRC definition away from the first paragraph in a Makefile. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.100 2004/01/18 14:30:37 taca Exp $ d5 1 a5 1 PKGREVISION= 7 d47 6 a52 1 squid-2.5.STABLE4-http_workarounds.patch @ 1.100 log @Update squid to squid-2.5.4nb7. Add three official patches. Various HTTP workarounds and minor corrections synopsis This patch works around certain broken HTTP servers (reportedly IIS-5) who incorrectly signals the use of persistent connections. It also corrects some minor HTTP issues to make the Squid proxy more semantically transparent. severity Minor date 2004-01-14 18:14 bugzilla #890 versions Squid-2.5 and earlier platforms All squid_ldap_group failure if specifying many or long group names synopsis If the request to squid_ldap_group (login name + all group names) exceed 256 characters then group lookups fails or behaves erratically. severity Minor date 2004-01-08 19:08 versions Squid-2.5 platforms All workaround Define multiple ACLs instead of listing many groups in the same ACL LDAP helpers TLS mode (-Z option) does not work synopsis The TLS mode of the LDAP helpers did not work and always reported "TLS Connection failed" severity Minor date 2004-01-05 12:05 bugzilla #887 versions Squid-2.5 platforms All workaround Use the ldaps:// URI method instead, if your LDAP server supports it. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.99 2003/12/25 16:28:14 taca Exp $ a5 1 WRKSRC= ${WRKDIR}/${DISTNAME:S/-src//} d54 1 @ 1.99 log @Update squid package to 2.5.4nb6. - Remove --disable-internal-dns. It could be still enabled by adding to SQUID_CONFIGURE_ARGS in /etc/mk.conf. It found that external dnsserver has some problem, performance disadvantage on Solaris 8. - Apply eight official patches. o Incomplete objects may appear stuck in the cache synopsis Under certain conditions incomplete objects may appear stuck in the cache, not even reload giving a new fresh copy. severity Major date 2003-12-23 01:23 bugzilla #876 versions Squid-2.5 and earlier platforms All workaround Compiling squid with --disable-http-violations completely avoids the issue. Setting "half_closed_clients off" and making quick_abort as aggressively aborting as possible by "quick_abort_min 0 KB" and "quick_abort_max 0 KB" mostly hides the problem. o assertion failed: pinger.c:187: "icmp_pktsize <= MAX_PKT_SZ" synopsis In Squids built with --enable-icmp the pinger helper may exit with the above assertion failure if Squid receives a request with a very long host name. severity Minor date 2003-12-23 01:23 bugzilla #865 versions Squid-2.5 and earlier platforms All workaround Don't build squid with --enable-icmp. This is generally recommended anyway unless you are absolutely sure you want to ICMP PING random sites all over the Internet to measure RTT information even if this may trigger IDS systems etc. o 000 status code being logged for redirects (should be 302) synopsis Redirects initiated by redirector helpers was logged as TCP_MISS/000 instead of the expected TCP_MISS/302. This patch corrects this and should also correct log_mime_hdrs output for the same. severity Minor date 2003-12-21 16:21 bugzilla #869 versions Squid-2.5 and earlier platforms All o Update of Russian error pages synopsis In a current version threre is a problem. The absence of "yo" letter. ("e" with 2 dots ). People prefer to write "E" instead "yo", that is not quite correct, like "How r u" intstead "How are you?" severity Cosmetic date 2003-12-21 15:21 bugzilla #864 versions Squid-2.5 and earlier platforms All o Added 'urllogin' ACL type synopsis This is not a fix for a Squid bug. It is a new feature to workaround an MSIE6 bug that uses control characters to obfuscate the true origin server hostname. You can use the 'urllogin' acl TYPE to deny HTTP requests that contain certain characters in the URL login field. severity Medium date 2003-12-19 16:19 versions Squid-2.5 and earlier platforms All workaround Patch MSIE6, if/when the patch becomes available. o DNS resolver has too short MAXHOSTNAME synopsis Squid would not process hostnames longer than 128 characters. This affects few hosts on the internet, but with the growing use of iDNA it's becoming an issue. severity Minor date 2003-12-18 01:18 bugzilla #842 versions Squid-2.5 and earlier platforms All workaround None. o Squid refuses to start if "pid_filename none" is specified synopsis Contrary to the documentation "pid_filename none" is not accepted and Squid refuses to start. severity Minor date 2003-12-17 21:17 bugzilla #868 versions Squid-2.5 and earlier platforms All o cache_peer max-conn=.. option does not work synopsis Due to the a accounting mismatch in the number of open connections to peers the cache_peer max-conn=.. option does not work. This issue is also seen as very high numbers in the OPEN CONN peer statistics via cachemgr. severity Minor date 2003-12-20 20:20 bugzilla #867 versions Squid-2.5 and earlier platforms All - Separate MESSAGE files into each platform. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.98 2003/12/17 16:48:27 taca Exp $ d5 1 a5 1 PKGREVISION= 6 d45 4 a48 1 squid-2.5.STABLE4-partial_reload.patch @ 1.98 log @Update squid package to squid-2.5.4nb5, including six official patches. o Repeated POST requests causes number of persistent connections to grow synopsis If responses to POST or other non-indempotent requests allows the connection to be kept persistently open then this can lead to a increased connection usage by Squid. This patch changes the behaviour to keep the number of connections stable by closing a persistent connection before opening the new connection. severity Minor date 2003-12-13 16:13 bugzilla #862 versions Squid-2.5 platforms All workaround Disable server-side persistent connections by setting "server_persistent_connections off" in squid.conf. o Segmentation fault on aborted FTP PUT requests synopsis If a FTP PUT request is aborted while Squid is writing data to the server then Squid may abort with a segmentation fault. severity Major date 2003-12-14 12:14 bugzilla #853 versions Squid-2.5 and earlier platforms All workaround If this plauges you a lot then you can deny the use of FTP PUT until the server can be patched. But please note that this will limit the functionality of the proxy by not allowing FTP uploads via the proxy. acl FTP protocol FTP acl PUT method PUT http_access deny FTP PUT o Limit use of persistent connections when filedescriptor usage is high synopsis Under high usage a lot of filedescriptors may be idle persistent connections, causing a shortage of filedescriptors for handling new requests. severity Minor date 2003-12-14 12:14 bugzilla #571 versions Squid-2.5 and earlier platforms All workaround Disable the use of persistent connections in squid.conf. But pleae note that disabling persistent connections will cause a networking performance penalty unless you are actually short on filedescriptors. Alternatively rebuild Squid with support for more filedescriptors. o Icon URLs are uneededly complex synopsis The URL syntax used by Squid for FTP/Gopher icons are uneededly complex and often causes problems. This patch adds a "short_icon_urls" directive which can be used to enable a less complex URL syntax for icons. severity Cosmetic date 2003-12-14 13:14 bugzilla #856 versions Squid-2.5 and earlier platforms All o redirector_access does not handle slow acls such as dst or external correctly synopsis redirector_access was a "fast" acl lookup and did not handle "slow" acls requiring external lookups such as dst or external correcly. severity Minor date 2003-12-14 13:14 bugzilla #860 versions Squid-2.5 and earlier platforms All o Persistent connection usage too high after sudden burst of traffic synopsis Persistent server connections are reused in a round-robin fashion which may cause the number of connections to stay artificially high after a sudden burst of requests. This patch changes persistent connection management to use a LIFO order reusing the most recently used connection first, thereby allowing unneeded connections to close down by idle timeout. severity Minor date 2003-12-15 23:15 bugzilla #865 versions Squid-2.5 and earlier platforms All workaround This usually is not a significant problem, but if you are plauged by this you can try disabling server-side persistent connections in squid.conf. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.97 2003/12/10 04:03:02 taca Exp $ d5 1 a5 1 PKGREVISION= 5 d37 9 a45 1 squid-2.5.STABLE4-pconn-lifo.patch d82 1 a82 2 SQUID_CONFIGURE_ARGS?= --disable-internal-dns \ --enable-auth=basic,digest,ntlm \ @ 1.97 log @- squid-2.5.STABLE4-connect_cleanup.patch was updated; one off-bye-one mistake was corrected. - bump package revision. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.96 2003/12/07 16:48:20 taca Exp $ d5 1 a5 1 PKGREVISION= 4 d31 7 a37 1 squid-2.5.STABLE4-connect_cleanup.patch @ 1.96 log @Update squid package to squid-2.5.4nb3. Apply two offcial patches. * FQDN lookups sometimes returns garbage synopsis FQDN lookups sometimes give garbage after the result. This can be seen as junk in access.log when using log_fqdn or false access control results when using dstdomain acl type and the user requests a URL by IP address. severity Minor date 2003-12-04 10:04 bugzilla #846, #834, #433 versions Squid-2.5 and earlier platforms All workaround Don't use log_fqdn or alternatively compile Squid with --disable-internal-dns * Cleanup of connect & dns timeouts etc synopsis Several minor errors related to how Squid finds a connection where to forward requests. This patch o Adds a new configuration parameter "forward_timeout" to control how long Squid tries to find a method to find a path where to forward the request before giving up. Defaults to 2 minutes. o The default connect_timeout tuned down from 2 minutes to 1 minute to allow for two attempts to find a suitable path within the forward_timeout o fqdncache/ipcache restructured to allow for DNS code to allow the queried name to be logged in cache.log on errors. o negative_dns_ttl now overloaded to also specify the minimum ttl used when caching DNS responses, and tuned down from 5 minutes to 1 minute. o default dns_timeout tuned down from 5 minutes to 2 minutes o some minor compilation warnings on --disable-internal-dns corrected o properly report DNS timeouts as timeouts and not just "No DNS records" severity Minor date 2003-12-06 17:06 bugzilla #848, #849, #851, #852 versions Squid-2.5 and earlier platforms All @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.95 2003/11/30 14:08:31 taca Exp $ d5 1 a5 1 PKGREVISION= 3 @ 1.95 log @Take in 16 official patches and bump revision. * connection setup may look like syn flood attack if server is refusing connection * --enable-arp-acl may give warning about net/route.h * Incorrect html on empty Gopher responses * positive_dns_ttl ignored when using internal DNS client * squid_ldap_group update to version 2.12 * 100% CPU loop if external_acl combined with authentication * maximum_object_size too large causes squid not to cache * Install of Mozilla/Netscape plugins fails because .xpi mime type unknown * Segfault if failing to load error page * Error page translation updates for German and Lithuanian * auth_param documentation update * pam_auth fails on Solaris when using pam_authtok_get * FQDNcache discards negative responses when using internal DNS * login with space confuses redirector helpers * digest auth never detects password changes * cache.log message on "squid -k reconfigure" confusing @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.94 2003/11/12 03:39:44 jschauma Exp $ d5 1 a5 1 PKGREVISION= 2 d29 3 a31 1 squid-2.5.STABLE4-synflood.patch @ 1.94 log @PKGREVISION++ after openssl update. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.93 2003/09/17 05:33:46 taca Exp $ d5 1 a5 1 PKGREVISION= 1 d13 17 a29 2 #PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/ #PATCHFILES= @ 1.93 log @Oops, I forgot to update DIST_SUBDIR. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.92 2003/09/16 15:58:39 taca Exp $ d5 1 @ 1.92 log @Update squid package to 2.5.4. Most of changes are already in squid 2.5.3nb4 package. Changes to squid-2.5.STABLE4 (15 Sep 2003): - Lithuanian error messages added to the distribution - Bug #660: segfauld if more than one custom deny_info line - cache_dir disd documentation cleanup - check open of /dev/null to avoid 100% CPU loop in badly configured chroot environments - documentation update on uri_whitespace to refer to the correct RFC - Bug #655: icmpRecv: recv: (11) Resource temporarily unavailable - Bug #683: external_acl does not wait for ident lookups to complete - aufs: Fix a minor use-after-free problem which could cause the count of opening filedescriptors to grow larger than it should - Syntax changes to make GCC-3.3 accept Squid without complaints - Warning if CARP server defined in incorrect load factor order - neighbor_type_domain documentation update - http_header_access now works when using cache peers - high_memory_warning now uses sbrk as fallback mechanism on platforms where neither mallinfo or mstats are available. - hosts_file now handles comments at the end of lines correcly - storeCheckCachable() Stats corrected for release_request and wrong_content_length. - cachePeerPingsSent MIB type corrected - unused minimum_retry_timeout directive removed - Bug #702: ERR_TO_BIG spanish translation - Bug #705: Memory leak on deny_info TCP_RESET - Code cleanup to fix compile error in httpHeaderDelById - Bug #699: Host header now forwarded exactly where it was in the original request to work around certain broken firewalls or load balancers which fail if this header is too far into the request headers. - Bug #704: Memory leak on reply_body_max_size - Bug #686: requests denied due to http_reply_access are now logged with TCP_DENIED (instead of TCP_MISS, etc). - Bug #708: ie_refresh now sends no-cache to have the reload request propagate properly in cache meshes - Bug #700: Crashes related to ftpTimeout: timeout in SENT_PASV state - Bug #709: cbdata.c:186: "c->valid" assertion due to peer digest not found - Bug #710: round-robin cache_dir selection incorrectly compares max-size. - Statistics corrections in HTTP header statitics - QUICKSTART cleanups - Bug #715: statCounter.syscalls.disk counters treated inconsistently. Now increment the counters in AUFS functions and for unlinkd. - Improvements to the (experimental) COSS storage scheme. - Bug #721: User name field in access.log sometimes blank - Bug #94: assertion failed: http.c: "-1 == cfd || FD_SOCKET == fd_table[cfd].type" - Bug #716: assertion failed: client_side.c:1478: "size > 0" - Bug #732: aufs calculates number of threads and limits wrongly - Bug #663: Username not logged into access.log in case of /407 - Bug #267: Form POSTing troubles with NTLM authentication and occationally in differen other error conditions. - Bug #736: ICP dynamic timeout algorithm ignores multicast. - Bug #733: No explicit error message when ncsa_auth can't access passwd file - Bug #267, #757: POST with NTLM stops after persistent connection timeout - Bug #742: Wrong status code on access denials if delay_access is used. Most notably 407 instead of 403 could be returned. - Bug #763: segfault if using ntlm in http_reply_access - Bug #638: assertion error if using proxy_auth in delay_access - Bug #756: segmentation fault if using ntlm proxy_auth in delay_access - The issue of reply_body_max_size limiting the size of error messages no longer applies. - external_acl_type concurrency= option renamed to children= to prepare for Squid-3 upgrades. Old syntax still accepted for the duration of the Squid-2.5 release. - number of filedescriptors rounded down to an even multiple of 64 to work around issues in certain libc implementations. - winbind helpers less noisy in cache.log on restarts/shutdown. - Squid now automatically restarts helpers if too many of them have crashed. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.91 2003/09/11 15:48:24 taca Exp $ d21 1 a21 1 DIST_SUBDIR= squid-2.5.3 @ 1.91 log @Update squid package to 2.5.3nb5. Apply some official patches. external_acl_type concurrency= renamed to children= synopsis To lessen confusion in later upgrades to Squid-3 the external_acl_type concurrency= option has been renamed to children= to match Squid-3 usage. This is done because concurrency= has a completely different meaning in squid-3. Squid-2.5 still accepts the old syntax to keep compatibility within the Squid-2.5 release, but it is recommended to start using the new syntax unless you need to be able to easily downgrade to a earlier Squid-2.5 release. severity Cosmetic date 2003-09-02 07:02 versions Squid-2.5.STABLE3 and earlier platforms All workaround Make sure to read the Squid-3 releasenotes very carefully when upgrading. Assertion error or segmentation fault if using proxy_auth in delay_access synopsis If proxy_auth acl type is used in delay_access then Squid may abort with an assertion error or segmentation fault. Notice: This patch may change some error conditions to be logged with TCP_DENIED rather than TCP_MISS. severity Medium date 2003-09-01 20:01 bugzilla #638, #756 versions Squid-2.5 platforms All workaround Don't use proxy_auth acl types in delay_access Segmentation fault if proxy_auth with ntlm used in http_reply_access synopsis In configurations where authentication is enforced in http_access and then reused in http_reply_access to further control access levels Squid may segfault if the ntlm authentication scheme is used. severity Medium date 2003-09-01 20:01 bugzilla #763 versions Squid-2.5 platforms All workaround Don't use proxy_type acls in http_reply_access or disable the use of the ntlm authentication scheme (disabled by default) code 407 instead of 403 for authenticated traffic-shaped user synopsis delay_access can disturb Squids logics on when to request a new login from the user. Most notably if delay_access ends up in a proxy_auth acl then any access denials will require a new login but the opposite may also happen. severity Medium date 2003-08-31 09:31 bugzilla #742 versions Squid-2.5 and earlier platforms All workaround make sure delay_access always ends up in the same class of ACL as http_access does on the same request. Form POSTing troubles with NTLM authentication or other error responses synopsis Large POST/PUT requests may fail with a "Connection reset" error in the browser in situations where Squid immediately responds with an error page. This is most notable when using NTLM authentication but may also occur in a few other situations severity Medium date 2003-08-28 22:28 bugzilla #267, #757 versions Squid-2.5 and earlier platforms All workaround Allow POST/PUT without requiring authentication if you are using NTLM authentication. No explicit error message when ncsa_auth (squid user) can't access passwd file synopsis ncsa_auth just exists if it can not read the supplied password file, instead of reporting an error. severity Minor date 2003-08-20 12:20 bugzilla #733 versions Squid-2.5 and earlier platforms All workaround If ncsa_auth exits for no apparent reason, verify that the given ncsa password file is readable by the cache_effective_user. forwarded_for off has no effect synopsis The patch for Bug #92 (squid-2.5.STABLE3-mem_cfd.patch) broke the forwarded_for directive. severity Minor date 2003-08-18 17:18 bugzilla #750 versions Squid-2.5.STABLE3 snapshots 2003-08-07 to 2003-08-18 platforms All workaround Use anonymization via http_header_access to delete the X-Forwarded-For header from forwarded requests. This is probably preferred in any case. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.90 2003/08/18 17:00:24 taca Exp $ d3 2 a4 3 DISTNAME= squid-2.5.STABLE3 PKGNAME= squid-2.5.3 PKGREVISION= 5 d12 2 a13 46 PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/ PATCHFILES= squid-2.5.STABLE3-Lithuanian.patch \ squid-2.5.STABLE3-HttpHeaderTools.patch \ squid-2.5.STABLE3-deny_info.patch \ squid-2.5.STABLE3-cache_dir_doc.patch \ squid-2.5.STABLE3-devnull.patch \ squid-2.5.STABLE3-log_quote.patch \ squid-2.5.STABLE3-rfc_reference.patch \ squid-2.5.STABLE3-icmpRecv.patch \ squid-2.5.STABLE3-external_acl_ident.patch \ squid-2.5.STABLE3-aufs-openingfds.patch \ squid-2.5.STABLE3-gcc-3_3.patch \ squid-2.5.STABLE3-carpfactor.patch \ squid-2.5.STABLE3-neighbor_type_domain.patch \ squid-2.5.STABLE3-header_access_peer.patch \ squid-2.5.STABLE3-memwarnsbrk.patch \ squid-2.5.STABLE3-hostscomments.patch \ squid-2.5.STABLE3-store_check_cachable_stats.patch \ squid-2.5.STABLE3-cachePeerPingsSentsnmp.patch \ squid-2.5.STABLE3-minimum_retry_timeout.patch \ squid-2.5.STABLE3-ERR_TOO_BIG_Spanish.patch \ squid-2.5.STABLE3-tcp_reset_leak.patch \ squid-2.5.STABLE3-hostheader.patch \ squid-2.5.STABLE3-reply_body_max_size.patch \ squid-2.5.STABLE3-ie_refresh.patch \ squid-2.5.STABLE3-http_reply_access-denied.patch \ squid-2.5.STABLE3-SENT_PASV.patch \ squid-2.5.STABLE3-peer_digest_not_found_assertion.patch \ squid-2.5.STABLE3-round_robin_max_size.patch \ squid-2.5.STABLE3-syscalls.disk-counters.patch \ squid-2.5.STABLE3-coss-improvements.patch \ squid-2.5.STABLE3-blank-username-log.patch \ squid-2.5.STABLE3-coss-improvements-2.patch \ squid-2.5.STABLE3-mem_cfd.patch \ squid-2.5.STABLE3-aufs_open_fail.patch \ squid-2.5.STABLE3-aufs_threads.patch \ squid-2.5.STABLE3-digest_compile.patch \ squid-2.5.STABLE3-407_user_name.patch \ squid-2.5.STABLE3-multicast-ICP-timeout.patch \ squid-2.5.STABLE3-forwarded_for.patch \ squid-2.5.STABLE3-ncsa_auth_passwdfile.patch \ squid-2.5.STABLE3-POST-error.patch \ squid-2.5.STABLE3-auth_delay_pools.patch \ squid-2.5.STABLE3-http_reply_access_denied.patch \ squid-2.5.STABLE3-delay_access_auth.patch \ squid-2.5.STABLE3-external_acl_children.patch @ 1.90 log @Broken squid-2.5.STABLE3-coss-improvements-2.patch was fixed. Bump package revision. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.89 2003/08/18 16:03:01 taca Exp $ d5 1 a5 1 PKGREVISION= 4 d51 8 a58 1 squid-2.5.STABLE3-multicast-ICP-timeout.patch @ 1.89 log @Update squid package to squid-2.5.3nb3. - fix startup script as PR pkg/22502 by Steven M. Bellovin - includes newer official squid patches except squid-2.5.STABLE3-coss-improvements-2.patch (which is broken). o 2003-07-22 15:22 (Cosmetic) statCounter.syscalls.disk counters treated inconsistently o 2003-07-25 17:25 (Minor) Improvements to the (experimental) COSS storage scheme. o 2003-07-28 09:28 (Minor) Blank username logging fix o 2003-07-29 22:29 (Minor) More improvements to the (experimental) COSS storage scheme. o 2003-08-06 13:06 (Medium) assertion failed: http.c:869: "-1 == cfd || FD_SOCKET == fd_table[cfd].type" o 2003-08-06 14:06 (Medium) assertion failed: client_side.c:1478: "size > 0" when using aufs o 2003-08-06 14:06 (Minor) aufs calculates the number of threads and queue limits wrongly o 2003-08-10 07:10 (Cosmetic) Compile error in auth/digest_auth.c o 2003-08-10 19:10 (Minor) Username not logged into ACCESS.LOG in case of /407 o 2003-08-13 00:13 (Minor) ICP dynamic timeout algorithm ignores multicast @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.88 2003/07/21 06:20:16 taca Exp $ d5 1 a5 1 PKGREVISION= 3 d45 1 a51 3 # This patch is broken now. It should be applied after # squid-2.5.STABLE3-coss-improvements.patch # squid-2.5.STABLE3-coss-improvements-2.patch \ @ 1.88 log @Update squid package to 2.5.3nb2. - (Minor) round-robin cache_dir selection incorrectly compares max-size - (Major) cbdata.c:186: "c->valid" assertion due to peer digest not found - (Major) Crash after ftpTimeout: timeout in SENT_PASV state - (Minor) Requests denied by http_reply_access are not logged with TCP_DENIED - (Minor) ie_refresh does not signal no-cache to peer caches - (Medium) Client Socket Buffer leak on reply_body_max_size - (Medium) Forward Host headers in place - (Medium) Memory leak in deny_info TCP_RESET - (Cosmetic) ERR_TOO_BIG Spanish translation - (Cosmetic) minimum_retry_timeout unused - (Minor) SNMP update of cachePeerPingsSent and cachePeerPingsAcked - (Cosmetic) store_check_cachable_stats slghtly misleading - (Minor) /etc/hosts and lines with comments after the host name - (Minor) sbrk as fallback method for high_memory_warning - (Minor) header_access fails when using peers - (Cosmetic) neighbor_type_domain documentation update - (Minor) issue warning if CARP load factor values decrease in the cache_peer list - (Cosmetic) Compile time warnings when using GCC-3.3 - (Minor) aufs Files queued for open counter mismatch - (Minor) external_acl does not wait for ident lookups to complete - (Minor) icmpRecv: recv: (11) Resource temporarily unavailable - (Cosmetic) Incorrect RFC reference regarding URL syntax - (Cosmetic) quote '%' character in logs - (Cosmetic) check open("/dev/null") return value for errors. - (Cosmetic) "cache_dir diskd" documentation update Not all of the pathces are new but updated one. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.87 2003/07/17 22:56:03 grant Exp $ d5 1 a5 1 PKGREVISION= 2 d41 13 a53 2 squid-2.5.STABLE3-round_robin_max_size.patch @ 1.87 log @s/netbsd.org/NetBSD.org/ @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.86 2003/07/06 14:08:43 taca Exp $ d5 1 a5 1 PKGREVISION= 1 d15 1 d17 5 a21 1 squid-2.5.STABLE3-HttpHeaderTools.patch \ d24 19 a42 1 squid-2.5.STABLE3-gcc-3_3.patch @ 1.86 log @Update squid package to 2.5.3nb1. Compile time warnings when using GCC-3.3 synopsis GCC-3.3 gets slightly confused by the Squid code and gives a few mostly false warnings regarding type-punning. severity Cosmetic versions Squid-2.5 and earlier platforms All patch squid-2.5.STABLE3-gcc-3_3.patch workaround Ignore the warnings aufs Files queued for open counter mismatch synopsis Under certain conditions the "Files queued for open counter" could grow larger than intended. If this grows too large then Squid may think it runs out of filedescriptors even if there is plenty of filedescriptors free, but we do not expect this to become a real problem in any installations. severity Minor versions Squid-2.5 and earlier platforms All using aufs patch squid-2.5.STABLE3-aufs-openingfds.patch external_acl does not wait for ident lookups to complete synopsis extrenal_acl_type %IDENT does not wait for ident lookups to complete. severity Minor bugzilla #683 versions Squid-2.5 platforms All patch squid-2.5.STABLE3-external_acl_ident.patch workaround use an ident acl before your external acl to trigger the ident lookup Compilation error in src/HttpHeaderTools.c on certain platforms synopsis The Squid-2.5.STABLE2 patch for digest authentication used a C99 feature (dynamic array initializers) which may not be available in all C compilers severity Minor bugzilla #660 versions Squid-2.5.STABLE3 platforms Several platforms not using GCC or a C99 compliant C compiler patch squid-2.5.STABLE3-HttpHeaderTools.patch workaround Use GCC Segmentation fault if more than one custom deny_info message defined synopsis The Squid-2.5.STABLE2 patch for deny_info TCP_RESET was not entirely correct and causes segmentation fault on startup if more than one custom deny_info error message is defined severity Minor bugzilla #662 versions Squid-2.5.STABLE3 platforms All patch squid-2.5.STABLE3-deny_info.patch workaround Disable the use deny_info in your squid.conf. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.85 2003/05/25 14:58:16 taca Exp $ d22 1 a22 1 MAINTAINER= taca@@netbsd.org @ 1.85 log @update squid pacakge to 2.5.3 (squid-2.5.STABLE3). Changes to squid-2.5.STABLE3 (25 May 2003): - Bug #573: Occational false negatives in external acl lookups - Bug #577: assertion failed: cbdata.c:224: "c->y == c" when external_acl helpers crashes - Bug #590: Squid may hang or behave oddly on shutdown while requests is being processed. - Bug #590: external acl lookups does not deal well with queue overload - cache_effective_user documentation update - cache_peer documentation update for htcp and carp - Bug #600: The example header_access paranoid setting is missing WWW-Authenticate - Bug #605: Segmentation fault in idnsGrokReply() on certain platforms - Fixes to build properly on AIX 5 - Bug #574: wb_group updated to version 1.1 to make group names case insensitive and correct a segfault issue in the helper - SNMP mib updates to make cacheNumObjCount, cacheCurrentUnlinkRequests, cacheCurrentSwapSize and cacheClients correctly report as gauges (was reporting as counters). - Woraround for --enable-ssl Kerberos issue on RedHat 9 - Bug #579: Close and repopen log files on "squid -k reconfigure" - Bug #598: squid_ldap_auth could segfault if LDAP server is unavailable - Bug #609,#612: msntauth helper fixes in dealing with large or non-existing allow/deny user files. - Bug #620: acl ident REQUIRED matches even if the ident lookup fails - Bug #432: reply_body_max_size fails with ident or proxy_auth acls and also fails to block large objects where the content-length is not known - Bug #606: Basic auth looping and gets stuck at high CPU usage when multiple proxy_auth ACLs combined in one line and login fails. - squid_ldap_auth updated with support for TLS and SSL - Bug #623: segfault if using negated external acls in certain configurations involving other acls later on the same http_access line. - Bug #622: wb_group helper update to version 1.2 to ass support for Domain-Qualified groups refering to groups in a specific domain - Bug #596: logic error in poll() error management - Bug #597: logic errors in error management - Bug #591: segmentation fault in authentication on "squid -k debug" - Bug #587: smb_auth fails on complex logins involving domain names or other odd characters - Bug #558, #587: smb_auth.pl fails on complex logins involving domain names or other odd characters - Bug #643: external_acl fails with ttl=0 due to a change introduced by the patch for Bug #553 in 2.5.STABLE2. - Bug #630: minor issues in digest authantication causing random authentication failures and incompability with many mainstream browser digest implementations due to browser qop bugs. To deal with those broken browser nonce_stricness now defaults to off, and two new digest options have been added (check_nonce_count and post_workaround) to allow workarounds to other quite bad browser bugs if needed. - Bug #644: digest authentication fails on requests with one or more comma in the requested URL - Bug #648: deny_info TCP_RESET not working. The fix for this also adds the ability to send redirects. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.84 2003/05/24 12:31:34 taca Exp $ d5 1 d14 6 a19 1 PATCHFILES= squid-2.5.STABLE3-Lithuanian.patch @ 1.84 log @Update squid package to 2.5.2nb4. - Don't left share/doc/squid directory on deinstall. - Apply recent 12 official patches. - (Minor) deny_info TCP_RESET does not work - (Minor) Digest authentication fails on URLs with comma - (Minor) digest nonce count workarounds for broken browsers - (Minor) external_acl hangs if defined with ttl=0 - (Minor) smb_auth.pl (multi-domain-NTLM) fails on domain qualified logins - (Minor) smb_auth fails on complex logins (involving domain names or odd characters) - (Minor) ACL regression error introduced by earlier 2.5.STABLE2 patch - (Cosmetic) segmentation fault in authentication if debugging enabled - (Cosmetic) Unreachable code due to siged/unsigned errors - (Minor) logic error in comm_select. - (Minor) wb_group update to 1.2 to add support for domain qualified goups - (Minor) Segmentation fault when using negated external acls @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.83 2003/05/09 05:07:13 taca Exp $ d3 2 a4 3 DISTNAME= squid-2.5.STABLE2 PKGNAME= squid-2.5.2 PKGREVISION= 4 d13 1 a13 31 PATCHFILES= squid-2.5.STABLE2-concurrent_external_acl.patch \ squid-2.5.STABLE2-external_acl_crash.patch \ squid-2.5.STABLE2-shutdown.patch \ squid-2.5.STABLE2-external_acl_overload.patch \ squid-2.5.STABLE2-cache_effective_user_docs.patch \ squid-2.5.STABLE2-cache_peer_docs.patch \ squid-2.5.STABLE2-header_access_paranoid.patch \ squid-2.5.STABLE2-dns_root_label.patch \ squid-2.5.STABLE2-aix5.patch \ wb_group-1.1.patch \ squid-2.5.STABLE2-snmp_gauges.patch \ squid-2.5.STABLE2-redhat9-ssl.patch \ squid-2.5.STABLE2-reconfig_logs.patch \ squid-2.5.STABLE2-ldap_auth_unavail.patch \ squid-2.5.STABLE2-msntauth.patch \ squid-2.5.STABLE2-ident_REQUIRED.patch \ squid-2.5.STABLE2-reply_body_max_size.patch \ squid-2.5.STABLE2-acl_lookup_loop.patch \ squid-2.5.STABLE2-squid_ldap_auth.patch \ squid-2.5.STABLE2-external_lookup.patch \ wb_group-1.2.patch \ squid-2.5.STABLE2-comm-select.patch \ squid-2.5.STABLE2-unreachcode.patch \ squid-2.5.STABLE2-authdebug.patch \ squid-2.5.STABLE2-aclregression.patch \ squid-2.5.STABLE2-smb_auth.patch \ squid-2.5.STABLE2-smb_auth_pl.patch \ squid-2.5.STABLE2-external_acl_ttl0.patch \ squid-2.5.STABLE2-digest_nonce_count.patch \ squid-2.5.STABLE2-digestcomma.patch \ squid-2.5.STABLE2-deny_info_reset.patch d21 1 a21 1 DIST_SUBDIR= squid-2.5.2 a72 8 # workaround for wb_group-1.1.patch. # using somewhat redundant regexp for preventing RCS Id's substitution. pre-patch: cd ${WRKSRC}/helpers/external_acl/winbind_group; \ ${MV} wb_check_group.c wb_check_group.c.ORIG; \ ${SED} -e 's/\$$\Id:.*\$$/\$$\Id\$$/' wb_check_group.c.ORIG > \ wb_check_group.c @ 1.83 log @Update squid package to 2.5.2nb3. Apply newer offcial patches (total 19). Here is short summary of those newly added patch files. See http://www.squid-cache.org/Versions/v2/2.5/bugs/ in detail. o squid_ldap_auth update to support TLS, SSL and increased security for bind password o Basic auth looping when multiple proxy_auth ACLs combined in one line. o reply_body_max_size fails with ident or proxy_auth acls o acl ident REQUIRED matches even if the ident lookup fails o msntauth helper crashes related to the alow/deny file operation o LDAP basic authentication crash if server is unreachable o "squid -k reconfigure" does not close logs to activate new settings o --enable-ssl fails on RedHat 9 o SNMP MIB used Counter32 for certain values which are gauges o Upgrade of wb_group to 1.1 o AIX 5 issues @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.82 2003/04/28 12:01:02 taca Exp $ d5 1 a5 1 PKGREVISION= 3 d32 13 a44 1 squid-2.5.STABLE2-squid_ldap_auth.patch @ 1.82 log @Update squid package to squid-2.5.2nb2. Add two official patches. o egmentation fault in idnsGrokReply() on certain platforms synopsis A bug in how Squid processes certain DNS replies can cause segmentation faults on certain platforms. Linux and FreeBSD on X86 platforms seems unaffected however. severity Major bugzilla #605 versions Squid-2.5 and earlier platforms Solaris SPARC and several other patch squid-2.5.STABLE2-dns_root_label.patch workaround Recompile squid with --disable-internal-dns o The example header_access paranoid setting is missing WWW-Authenticate synopsis The paranoid header_access example is missing WWW-Authenticate, and thereby unintentionally denying authentication to web sites if used without modifitaions. severity Cosmetic bugzilla #600 versions Squid-2.5 platforms All patch squid-2.5.STABLE2-header_access_paranoid.patch @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.81 2003/04/11 09:51:40 taca Exp $ d5 1 a5 1 PKGREVISION= 2 d21 12 a32 1 squid-2.5.STABLE2-dns_root_label.patch d92 8 @ 1.81 log @Update squid package to 2.5.2nb1. - Squid may hang or behave oddly on shutdown while requests is being processed. synopsis Squid may hang or otherwise behave oddly in shutdown if there is new requests processed at the same time. On shutdown Squid internally shut down DNS, redirectors and external acls while still processing new requests already received. In combination with the external acl queue overload bug this can completely hang Squid, preventing it from shutting down. severity Minor bugzilla #590 versions Squid-2.5 and earlier platforms All - external acl lookups does not deal well with queue overload synopsis If there is a queue overload for external acl lookups then Squid logs "externalAclLookup: 'xxx' queue overload" at a very high rate in cache.log until the condition clears up. severity Major bugzilla #590 versions Squid-2.5 platforms All - cache_effective_user documentation unclear synopsis The cache_effective_user/group documentation was unclear on what happens if only one of the directives is set, or when Squid is started as a non-root user. severity Cosmetic versions Squid-2.5 and earlier platforms All - cache_peer documentation missing for htcp and carp synopsis The cache_peer documentation for the htcp and carp related options was missing severity Cosmetic versions Squid-2.5 and earlier platforms All @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.80 2003/03/29 12:42:55 jmmv Exp $ d5 1 a5 1 PKGREVISION= 1 d19 3 a21 1 squid-2.5.STABLE2-cache_peer_docs.patch @ 1.80 log @Place WRKSRC where it belongs, to make pkglint happy; ok'ed by wiz. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.79 2003/03/25 17:44:22 taca Exp $ d5 1 d15 5 a19 1 squid-2.5.STABLE2-external_acl_crash.patch @ 1.79 log @Update squid package to 2.5.2. pkgsrc change: install some supplemental documents. Changes to squid-2.5.STABLE2 (Mars 17, 2003): - Contrib files added back to the distribution - Several compiler warnings fixed when using --disable-ident or --disable-http-violations - authentication can now be used in most access controls, but must in most cases first be enforced in http_access to force the user to authenticate. - cleanups in the developer bootstrap.sh process when preparing the sources. - several squid.conf.default documentation updated to correctly refer to the current names when refering to other directives - authenticate_ip_ttl documentation updates - several assertion faults and segmentation violations corrected - the RunCache/RunAccel and squid.rc scripts updated to refer to the squid binary in sbin rather than the old bin location. - squid_ldap_auth command line processing fixes when specifying the LDAP server last on the line instead of -h option - aufs data corruption bugfix - aufs performance improvement for low traffic systems - aufs stability improvements - external_acl corrected to properly deal with quoted strings - WCCPv1 bugfix to make sure the router accepts the hash assignments - "Total accounted memory" now correctly reported in cachemgr - several small memory leaks (mostly reconfigure related) - new squid.conf option to allow GET/HEAD requests with a request entity - "make uninstall" no longer removes squid.conf - cachemgr.cgi now uses POST to avoid having the cachemgr password logged in the web server logs - authentication schemes which are known to not be proxyable are now filtered out from forwarded server replies to avoid that the clients tries to use such schemes when we know for a fact it won't work - spelling corrections in various error messages - now possible to define acl values with spaces in them by using the "include file" feature - squid_ldap_group updated to 2.10 to fix compilation issues with recent (and older) OpenLDAP libraries and to make the helper deal correctly with true LDAP groups by first looking up the user DN. - Some internal code cleanups - now verifies that programs etc exists iside the chroot directory when using chroot_dir. No longer neccesary to set up a split view environment where the same paths works both inside the chroot and outside just to convince Squid that the files is actually there.. - improved memory usage reporting - --disable-hostname-checks configure option - no longer ignores double dots in host names. Any hostname with double dots is now rejected as invalid. - log_mime_hdrs no longer logs garbage if very long headers are seen. - 'select_fds_hist' object added to cachemgr 'histogram' output - pid file now unlinked when squid has really shut down, not immediately when the shutdown request is received. This allows the pid file to be monitored to determine when Squid has shut down properly - correct authentication scheme setups on some platforms or compilers - several squid.conf.default documentation updates to remove references to renamed or replaced directives by changing them to their current names. - the SSL reverse proxy support updated to allow building with OpenSSL 0.9.7 and and later. - Corrected a minor performance problem while processing HEAD replies from various broken web servers not sending a correct HTTP reply - time acls can now specify multiple times in the same acl name, like most other acl types. - winbind helpers updated to match Samba-2.2.7a and should work with Samba-2.2.6 or later (required). For compability with older Samba versions A new configure option --with-samba-sources=... has been added to allow you to specify which Samba version the helpers should be built for if different than the above versions. - Squid MIB definition syntax correction to work better with newer (and older) SNMP tools. - Fixed access.log format when logging "error:invalid-HTTP-ident" on requests where parsing the HTTP identifier (HTTP/1.0) failed. - "make distclean" no longer removes the icons, this avoids the dependency on "uudecode" to rebuild Squid after "make distclean" - User name returned by external acl lookups (external_acl_type) is now available as "ident" in later acl checks in addition to the logging in access.log. - Incorrect behaviour of Digest authentication partly corrected - it will not handle sessions, but will always enforce password correctness.. (patch submitted by Sean Burford). - Issue with persistent connections and PUT/POST request corrected @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.78 2003/03/02 16:22:43 taca Exp $ d5 1 a44 1 WRKSRC= ${WRKDIR}/${DISTNAME:S/-src//} @ 1.78 log @Update squid package to squid-2.5.1nb4. - include more official squid patches. o Make external_acl user names available as IDENT in later acl processing o digest authentication security issue o external_acl Assertion failed: auth_user_request != NULL o make install fails to install icons after make distclean o "error: invalid HTTP-ident" breaks log processing @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.77 2003/02/19 23:44:42 taca Exp $ d3 2 a4 3 DISTNAME= squid-2.5.STABLE1 PKGNAME= squid-2.5.1 PKGREVISION= 4 d12 2 a13 68 PATCHFILES= squid-2.5.STABLE1-external_acl_user.patch \ squid-2.5.STABLE1-auth_digest.patch \ squid-2.5.STABLE1-external_acl_auth_segfault.patch \ squid-2.5.STABLE1-distclean_icons.patch \ squid-2.5.STABLE1-error-http-ident.patch \ squid-2.5.STABLE1-disable-ident-lookups.patch \ squid-2.5.STABLE1-disable-http-violations.patch \ squid-2.5.STABLE1-proxy_auth.patch \ squid-2.5.STABLE1-max_user_ip.patch \ squid-2.5.STABLE1-cache_dir_docs.patch \ squid-2.5.STABLE1-load_icons.patch \ squid-2.5.STABLE1-referer_log.patch \ squid-2.5.STABLE1-ldap_auth.patch \ squid-2.5.STABLE1-addlang.patch \ squid-2.5.STABLE1-pthreads.patch \ squid-2.5.STABLE1-strwordtok.patch \ squid-2.5.STABLE1-wccp.patch \ squid-2.5.STABLE1-memstat.patch \ squid-2.5.STABLE1-aufs.patch \ squid-2.5.STABLE1-acl_leak.patch \ squid-2.5.STABLE1-ext_acl_comma.patch \ squid-2.5.STABLE1-request_entity.patch \ squid-2.5.STABLE1-ext_acl_exit.patch \ squid-2.5.STABLE1-uninstall.patch \ squid-2.5.STABLE1-cachemgr.patch \ squid-2.5.STABLE1-auth-proxy.patch \ squid-2.5.STABLE1-dnsserver.patch \ squid-2.5.STABLE1-spaces.patch \ squid-2.5.STABLE1-flags_open.patch \ squid-2.5.STABLE1-ldap_group-compile.patch \ squid-2.5.STABLE1-aufs_performance.patch \ squid-2.5.STABLE1-RunCache.patch \ squid-2.5.STABLE1-rebuild_assert.patch \ squid-2.5.STABLE1-offline_mode.patch \ squid-2.5.STABLE1-S.patch \ squid-2.5.STABLE1-chroot.patch \ squid-2.5.STABLE1-aufs_reentrant.patch \ squid-2.5.STABLE1-relnote11.patch \ squid-2.5.STABLE1-ldap_group.patch \ squid-2.5.STABLE1-offline_toggle.patch \ squid-2.5.STABLE1-failure_ratio.patch \ squid-2.5.STABLE1-hostnames.patch \ squid-2.5.STABLE1-sbrk.patch \ squid-2.5.STABLE1-log_mime_hdrs.patch \ squid-2.5.STABLE1-peer_select_alg.patch \ squid-2.5.STABLE1-mempoolstat.patch \ squid-2.5.STABLE1-copy_offset.patch \ squid-2.5.STABLE1-select_fds_hist.patch \ squid-2.5.STABLE1-select_stat.patch \ squid-2.5.STABLE1-pidfile.patch \ squid-2.5.STABLE1-http_reply_max_size.patch \ squid-2.5.STABLE1-cachemgr_non_get.patch \ squid-2.5.STABLE1-authsheme_realloc.patch \ squid-2.5.STABLE1-ftp_abort.patch \ squid-2.5.STABLE1-helper_stats.patch \ squid-2.5.STABLE1-delay_pools_docs.patch \ squid-2.5.STABLE1-auth_connection.patch \ squid-2.5.STABLE1-authenticate_program_docs.patch \ squid-2.5.STABLE1-with_aufs_threads_trap.patch \ squid-2.5.STABLE1-shutdown_assert.patch \ squid-2.5.STABLE1-cachemgr_passwd.patch \ squid-2.5.STABLE1-etc_hosts_fdleak.patch \ squid-2.5.STABLE1-openssl097.patch \ squid-2.5.STABLE1-HEAD_bad_headers.patch \ squid-2.5.STABLE1-time_acl_list.patch \ squid-2.5.STABLE1-CONNECT_pipeline.patch \ squid-2.5.STABLE1-winbind.patch \ squid-2.5.STABLE1-mib.patch d21 5 a25 1 DIST_SUBDIR= squid-2.5.1 d47 2 a48 4 CONF_FILES+= ${PREFIX}/share/examples/squid/mime.conf \ ${PKG_SYSCONFDIR}/mime.conf CONF_FILES+= ${PREFIX}/share/examples/squid/squid.conf \ ${PKG_SYSCONFDIR}/squid.conf d76 1 a76 1 @@${INSTALL_DATA_DIR} ${PREFIX}/share/examples/squid d83 5 d93 1 a93 1 for i in *; do \ @ 1.77 log @Remove patches/patch-cd since squid-2.5.STABLE1-mib.patch's content is fixed. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.76 2003/02/16 06:43:40 taca Exp $ d5 1 a5 1 PKGREVISION= 3 d13 6 a18 1 PATCHFILES= squid-2.5.STABLE1-disable-ident-lookups.patch \ @ 1.76 log @- Add more official patches, last one is applied as patches/patch-cd since it is broken (reported to squid-bugs@@squid-cache.org.) - use DIST_SUBDIR. - bump PKG_REVISION. These patches fixes those problem. See in detail. o Squid MIB definition syntax error o winbind helpers fail to work with Samba 2.2.6 or later o CONNECT data corruption if client pipelines data before 200 OK reply o time acls only accept a single time o Client performance issue with HEAD requests to certain servers o --with-ssl fails to compile with OpenSSL 0.9.7 or later o Slow filedescriptor leak for /etc/hosts o Warn if cachemgr_passwd is specified more than once for the same action o assertion failed: forward.c:96: "fwdState->err" on shutdown o Compilation fails if incorrect --with-auth-threads=NN option is given o squid.conf documentation still refers to authenticate_program o authenticateAuthenticate: no connection data, cannot process authentication o delay_pools example does not match text o cachemgr helper stats cleanup o Segmentation fault after ftpDataWriteCallback o Issues with auth scheme configurations o Removed Cachable stats "no.non_get" o unclear documentation of http_reply_body_max_size o The pid file was removed too early in the shutdown process o select loops statistics incorrect when using select() o Added select filedescriptor histogram output to cachemgr o Duplicate assignment of sc->copy_offset o mem_pool_free_calls should be printed as a unsigned integer o Internal cleanup of peer selection accounting o log_mime_hdrs can show garbage in the access log on overly long request headers o Improved memory usage statistics via sbrk o Hostname cleanups performed by Squid o cachemgr failure_ratio is a ratio, not percentage o offline_toggle cachemgr documentation o squid_ldap_group update to version 2.10 o Documentation update to remove stale reference to Squid-1.1 release notes o further safeguards for aufs compilation problems when not using --enable-pthreads o chroot_dir complains about all paths in squid.conf o Segfault when using -S in combination with cache_dir coss/null o Stale cached data miss in offline_mode o Sometimes crashes while rebuilding dirty cache directories o RunCache/RunAccel scripts still looks for squid in bin o poor performance when using aufs o squid_ldap_group link failure o assertion failed: comm.c:646: "F->flags.open" @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.75 2003/01/28 22:04:31 jlam Exp $ d74 2 a75 3 squid-2.5.STABLE1-winbind.patch # currently it is broken, so patch with patches/patch-cd # squid-2.5.STABLE1-mib.patch @ 1.75 log @Instead of including bsd.pkg.install.mk directly in a package Makefile, have it be automatically included by bsd.pkg.mk if USE_PKGINSTALL is set to "YES". This enforces the requirement that bsd.pkg.install.mk be included at the end of a package Makefile. Idea suggested by Julio M. Merino Vidal . @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.74 2002/12/02 03:09:01 grant Exp $ d5 1 a5 1 PKGREVISION= 2 d35 42 a76 1 squid-2.5.STABLE1-spaces.patch d84 1 @ 1.74 log @If we include buildlink2.mk files, we need to turn on USE_BUILDLINK2 :-) Fixes openssl dependancy problem on platforms which do not have a suitable (read: secure) openssl in the base system. Some whitespace cleanup. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.73 2002/11/25 14:46:14 taca Exp $ d49 3 a51 2 GNU_CONFIGURE= # defined USE_BUILDLINK2= # defined a121 2 .include "../../mk/bsd.pkg.install.mk" @ 1.73 log @Update squid package to squid-2.5.1nb2. - Apply disabled official patch since the patch's content has corrected. * Impossible to define acls with spaces in them - Remove "@@unexec ${RMDIR} %D/etc/squid ..." line from PLIST since there is already removing directory line which use more generic PKG_SYSCONFDIR variable. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.72 2002/11/25 07:17:25 tron Exp $ d49 18 a66 16 GNU_CONFIGURE= YES CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR} \ --localstatedir=/var/squid \ ${SQUID_CONFIGURE_ARGS} CONFIGURE_ENV+= PERL=${PERL5} BUILD_DEFS+= SQUID_CONFIGURE_ARGS MAKE_ENV+= INSTALL_SCRIPT="${INSTALL_SCRIPT}" PKG_PREFIX="${PREFIX}" PLIST_SRC= ${WRKDIR}/PLIST WRKSRC= ${WRKDIR}/${DISTNAME:S/-src//} RCD_SCRIPTS= squid CONF_FILES+= ${PREFIX}/share/examples/squid/mime.conf \ ${PKG_SYSCONFDIR}/mime.conf CONF_FILES+= ${PREFIX}/share/examples/squid/squid.conf \ ${PKG_SYSCONFDIR}/squid.conf @ 1.72 log @List Takahiro Kambe as new maintainer of this package. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.71 2002/11/24 11:01:17 taca Exp $ d5 1 a5 1 PKGREVISION= 1 d34 2 a35 2 squid-2.5.STABLE1-dnsserver.patch # squid-2.5.STABLE1-spaces.patch # seems to broken? @ 1.71 log @Update squid 2.5.1STABLE1nb1. Apply official patches: * Small typo in dnsserver error message on DNS overload * Filter out unproxyable authentication schemes * cachemgr login & password revealed in HTTP server log files * make uninstall removes squid.conf * Segmentation fault if a external_acl helper exits prematurely * Squid rejects GET/HEAD with request entities claimint error 411 * external_acl.c compilation failure * memory leak of acl structures on "squid -k reconfigure" * Occasional corruption of objects when using aufs * Cachemgr "Total accounted:" memory statistics always report "-1" * WCCP hash assignment can sometimes be missed by the router * external_acl helper problem with spaces * --enable-async-io or --with-storeio=aufs fails to automatically enable --with-pthreads * "make addlang" fails * Specifying LDAP servers last on the command line does not work * Referer log not closed on shutdown * Many files missing from the contrib directory But the most recent patch isn't included since it content seems to be broken. * Impossible to define acls with spaces in them @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.70 2002/11/12 16:07:17 taca Exp $ d38 1 a38 1 MAINTAINER= tron@@netbsd.org @ 1.70 log @Move libexec/squid_unix_group and man/man8/squid_unix_group.8 from PLIST to OPTIONAL_FILES in Makefile. This fix a problem when setting SQUID_CONFIGURE_ARGS in /etc/mk.conf without --enable-external-acl-helpers=unix_group. Noted by private mail from Tomasz Luchowski . @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.69 2002/10/13 16:43:20 taca Exp $ d5 1 d13 1 a13 1 PATCHFILES= squid-2.5.STABLE1-disable-ident-lookups.patch \ d18 18 a35 1 squid-2.5.STABLE1-load_icons.patch @ 1.69 log @Update squid to 2.5.1 with several patches from http://www.squid-cache.org/Versions/v2/2.5/bugs/. Now try to install more authentication modules, but those modules should be handled by proper frame work (Curretly, SASL modules aren't handled). Changes to squid-2.5 (): - Major rewrite of proxy authentication to support other schemes than basic. First in the line is NTLM support but others can easily be added (minimal digest is present). See Programmers Guide. (Robert Collins & Francesco Chemolli) - Reworked how request bodies are passed down to the protocols. Now all client side processing is inside client_side.c, and the pass and pump modules is no longer used. - Optimized searching in proxy_auth and ident ACL types. Squid should now handle large access lists a lot more efficiently. (Francesco Chemolli) - Fixed forwarding/peer loop detection code (Brian Degenhardt) - now a peer is ignored if it turns out to be us, rather than committing suicide - Changed the internal URL code to obey appendDomain for internal objects if it needs appending. This fixes weirdnesses where a machine can think it is "foo.bar.com", and "foo" is requested. (Brian Degenhardt) - Added the use of Automake to create the Makefile.in's in the squid source tree. This will allow libtool in the future, and immediately allows better dependency tracking - with or without gcc - as well as the dist-all and distcheck targets for developers which respectively build a tar.gz and a tar.bz2 distribution, and check that what will be distributed builds. - Added TOS and source address selection based on ACLs, written by Roger Venning. This allows administrators to set the TOS precedence bits and/or the source IP from a set of available IPs based upon some ACLs, generally to map different users to different outgoing links and traffic profiles. - Added 'max-conn' option to 'cache_peer' - Added SSL gatewaying support, allowing Squid to act as a SSL server in accelerator setups. - SASL authentication helper by Ian Castle - msntauth updated to v2.0.3 - no_cache now applies to cache hits as well as cache misses - the Gopher client in Squid has been significantly improved - Squid now sanity checks FTP data connections to ensure the connection is from the requested server. Can be disabled if needed by turning off the ftp_sanitycheck option. - external acl support. A mechanism where flexible ACL checks can be driven by external helpers. See the external_acl_type and acl external directives. - Countless other small things and fixes - HTML pages generated by Squid or CacheMgr as well as the ERR documents now contain a doctype declaration so that browsers know which HTML specification the document uses. In addition to that they have a new look (background-color, font) and are valid according to the HTML standards at www.w3.org. (Clemens Löser) - Login and password send to Basic auth helpers is now URL escaped to allow for spaces and other "odd" characters in logins and passwords - Proxy Authentication is no longer blindly forwarded to peer caches if not used locally. If forwarding of proxy authentication is desired then it must now be configured with the login=PASS cache_peer option. - Responses with Vary: in the header are now cached by squid. (Henrik Nordstrom). - Removed unused 'siteselect_timeout' directive. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.68 2002/09/19 09:04:32 jlam Exp $ d70 2 a71 2 OPTIONAL_FILES+= libexec/wb_auth libexec/wb_group OPTIONAL_FILES+= libexec/wb_ntlmauth @ 1.68 log @Take advantage of the auto-generation and installation of rc.d scripts. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.67 2002/09/15 14:39:51 grant Exp $ d3 2 a4 2 DISTNAME= squid-2.4.STABLE7-src PKGNAME= squid-2.4.7 d6 1 a6 1 MASTER_SITES= http://www.squid-cache.org/Versions/v2/2.4/ \ d9 10 a37 1 MAKEFILE= makefile d50 1 d53 1 d56 1 d58 2 d61 11 a71 3 --enable-storeio=ufs,diskd OPTIONAL_FILES= libexec/diskd libexec/dnsserver libexec/pinger libexec/unlinkd a79 1 cd ${WRKSRC}/src; ${TEST} ! -x pinger || ${MAKE} install-pinger d85 7 a91 2 cd ${WRKSRC}/errors/English; \ ls ERR_* | ${SED} -e 's@@^@@share/squid/errors/@@'; \ d99 2 @ 1.67 log @* make use of PKG_SYSCONFDIR in rc script. * use bsd.pkg.install.mk for rc script and config file installation. Checked by Stoned Elipot . @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.66 2002/08/26 06:42:12 grant Exp $ a50 3 post-build: @@${SED} ${FILES_SUBST_SED} ${FILESDIR}/squid.sh > ${WRKDIR}/squid a58 1 ${INSTALL_SCRIPT} ${WRKDIR}/squid ${RCD_SCRIPTS_EXAMPLEDIR}/squid @ 1.66 log @deprecate SQUID_SYSCONFDIR in favour of PKG_SYSCONFDIR.squid @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.65 2002/07/24 19:45:32 jlam Exp $ a29 1 INSTALL_FILE= ${WRKDIR}/INSTALL d32 6 d52 1 a52 3 ${SED} s#@@PREFIX@@#${PREFIX}#g <${FILESDIR}/squid.sh >${WRKDIR}/squid.sh ${SED} s#@@SYSCONFDIR@@#${PKG_SYSCONFDIR}#g <${PKGDIR}/INSTALL \ >${WRKDIR}/INSTALL a54 1 @@${INSTALL_DATA_DIR} ${PKG_SYSCONFDIR} d62 1 a62 2 ${INSTALL_SCRIPT} ${WRKDIR}/squid.sh ${PREFIX}/etc/rc.d/squid @@${SETENV} ${MAKE_ENV} ${SH} ${INSTALL_FILE} ${PKGNAME} POST-INSTALL d78 1 @ 1.65 log @Change explicit build dependencies on perl into "USE_PERL5=build". This makes these packages build correctly on Darwin where perl>=5.8.0 is required. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.64 2002/07/04 06:11:44 tron Exp $ d16 3 d20 1 d22 1 a22 1 CONFIGURE_ARGS+= --sysconfdir=${SQUID_SYSCONFDIR} \ d27 1 a27 1 BUILD_DEFS+= SQUID_CONFIGURE_ARGS SQUID_SYSCONFDIR a31 1 PLIST_SUBST+= SQUID_SYSCONFDIR=${SQUID_SYSCONFDIR} a43 4 # Configuration directory location which can be overwritten by the user. PKG_SYSCONFSUBDIR?= squid SQUID_SYSCONFDIR?= ${PKG_SYSCONFDIR} d48 1 a48 1 ${SED} s#@@SYSCONFDIR@@#${SQUID_SYSCONFDIR}#g <${PKGDIR}/INSTALL \ d52 1 a52 1 @@${INSTALL_DATA_DIR} ${SQUID_SYSCONFDIR} @ 1.64 log @Update "squid" package to version 2.4STABLE7. Changes since version 2.4STABLE6: - Squid now drops any requests using transfer-encoding. Squid is a HTTP/1.0 proxy and as such do not support the use of transfer-encoding. - The MSNT auth helper has been updated to v2.0.3+fixes for buffer overflow security issues found in this helper. - A security issue in how Squid forwards proxy authentication credentials has been fixed - Minor changes to support Apple MAC OS X and some other platforms more easily. - The client -T option has been implemented - HTCP related bugfixes in "squid -k reconfigure" - Several bugfixes and cleanup of the Gopher client, both to correct some security issues and to make Squid properly render certain Gopher menus. - FTP data channels are now sanity checked to match the address of the requested FTP server. This to prevent theft or injection of data. See the new ftp_sanitycheck directive if this is not desired. - Security fixes in how Squid parses FTP directory listings into HTML @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.63 2002/03/22 14:59:01 tron Exp $ d14 1 a14 1 BUILD_DEPENDS+= perl>=${PERL5_REQD}:../../lang/perl5 @ 1.63 log @Change "squid" package to honor "PKG_SYSCONFDIR" completely. This fixes PR pkg/15775 by Kimmo Suominen. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.62 2002/03/20 16:27:21 taca Exp $ d3 2 a4 2 DISTNAME= squid-2.4.STABLE6-src PKGNAME= squid-2.4.6 @ 1.62 log @Update squid package to 2.4.6 (squid-2.4.STABLE6). This fixes squid's potential security problem. Changes to Squid-2.4.STABLE6 (March 19, 2002): - The patch for 2.4.STABLE5 was insufficnetly tested and introduced a bug that causes frequent assertions when handling DNS PTR answers. Changes to Squid-2.4.STABLE5 (March 15, 2002): - Fixed an array bounds bug in lib/rfc1035.c. This bug could allow a malicious DNS server to send bogus replies and corrupt the heap memory. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.61 2002/03/03 15:44:47 taca Exp $ d28 1 d53 2 a54 1 @@${INSTALL_DATA_DIR} ${PREFIX}/etc/squid @ 1.61 log @Include HAVE_SETPROCTITLE in autoconf.h.in. Thought setproctitle() is already checked in configure script, but it is need to define/undef in a generated header file. Bump to squid 2.4.4nb1. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.60 2002/02/22 10:07:38 tron Exp $ d3 2 a4 3 DISTNAME= squid-2.4.STABLE4-src PKGNAME= squid-2.4.4 PKGREVISION= 1 @ 1.60 log @Update "squid" package to version 2.4STABLE4. Changes since version 2.4STABLE3: - htcp_port 0 now properly disables htcp - Fixed problem with certain non-anonymous ftp:// style URL's - SNMP bugfixes including several memory leaks @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.59 2002/02/18 17:00:38 taca Exp $ d5 1 @ 1.59 log @Update squid to squid-2.4.3nb1. - replace a hack adding fd_mask definition in autoconf.h with re-writing configure script. It cause to run configure twice and result "no fd_mask". - Incorporate three official patches from http://www.squid-cache.org/Versions/v2/2.4/bugs/. o SNMP memory leaks synopsis The SNMP implementation in Squid had several memory leaks possibly causing an denial of service. workaround Disable the SNMP port if enabled by using "snmp_port 0" in squid.conf. Or if you only use SNMP for MRTG data collection running on the same host then use "snmp_incoming_address 127.0.0.1" to limit reachability of the SNMP port to only localhost or some other trusted network. o Coredump on certain ftp:// style URL's synopsis If certain constructed ftp:// style URL's are received then squid crashes, causing a denial of service and maybe even remote execution of code. workaround Deny forwarding of non-anonymous FTP URLs by inserting the following rules at the top of squid.conf, prior to any http_access allow lines. acl non_anonymous_ftp url_regex -i ftp://[^/@@]*@@ http_access deny non_anonymous_ftp o "htcp_port 0" fails to disable the HTCP port synopsis "htcp_port 0" fails to completely disable the HTCP port as documented in squid.conf, instead HTCP will be listening on a random port number. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.58 2002/02/10 19:26:56 veego Exp $ d3 2 a4 3 DISTNAME= squid-2.4.STABLE3-src PKGNAME= squid-2.4.3 PKGREVISION= 1 a8 6 PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.4/bugs/ PATCHFILES= squid-2.4.STABLE3-SNMP_memory_leaks.patch \ squid-2.4.STABLE3-ftp_coredump.patch \ squid-2.4.STABLE3-htcp_off.patch PATCH_DIST_STRIP= -p1 @ 1.58 log @Create ${PREFIX}/etc/squid during pre-install, so copying the default config file doesn't fail. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.57 2001/12/12 17:06:18 taca Exp $ d5 1 d11 6 a51 6 post-configure: @@cd ${WRKSRC}/include && \ ${MV} autoconf.h autoconf.h.prepatch && \ ${SED} -e 's%#define fd_mask int%/* #undef fd_mask */%' autoconf.h @ 1.57 log @Update squid to 2.4.3 (squid-2.4.STABLE3), referring to tech-pkg's mail from "Ciarcinski, Adam \(ISS Brussels\)" . From ChangeLog: Changes to Squid-2.4.STABLE3 (Nov 28, 2001): - Fixed bug #255: core dump on SSL/CONNECT if access denied by miss_access - Fixed bug #246: corrupt on-disk meta information preventing rebuilds of lost swap.state files - Fixed bug #243: squid_ldap_auth now supports spaces in passwords - Fixed a coredump when creating FTP directories - Fixed a compile time problem with statHistDump prototype mistmatch, reported by some compilers - Fixed a potential coredump situation on snmpwalk in certain configurations - Fixed bug #229: filedescriptor leakage in the "aufs" cache_dir store implementation - Serbian error message translations I added following changes, too. o honor PKG_SYSCONFDIR keep SQUID_SYSCONFDIR effective. o Add --disable-internal-dns. This made external dnsserver available. External dnsserver could be disabled with configuration file. o Enable optimization with "-O". o Fix a problem to access nat device when transparent proxy enabled. This fix will be contained in squid 2.5 release. o setproctitle() hack for external dnsserver from daemonnews's article. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.56 2001/11/23 10:22:53 tron Exp $ d58 1 @ 1.56 log @Fix problems caused by recent changes: the example configuration files get installed into "etc/squid" (and are not moved arround after installation). The message of the install script matches the actual layout again and is adapted to changes to "SQUID_SYSCONFDIR". @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.55 2001/11/17 23:47:24 kim Exp $ d3 2 a4 2 DISTNAME= squid-2.4.STABLE2-src PKGNAME= squid-2.4.2 d31 2 a32 1 SQUID_CONFIGURE_ARGS?= --enable-cachemgr-hostname=localhost \ d41 2 a42 1 SQUID_SYSCONFDIR?= ${PREFIX}/etc/squid d44 1 a44 1 OPTIONAL_FILES= libexec/diskd libexec/pinger libexec/unlinkd @ 1.55 log @Config files cannot be forced into ${PREFIX}. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.54 2001/11/06 07:22:13 tron Exp $ d16 2 a17 2 GNU_CONFIGURE= # defined SQUID_SYSCONFDIR?= ${PREFIX}/etc/squid d26 1 a29 1 .include "../../mk/bsd.prefs.mk" d39 3 d52 2 a61 4 @@for i in mime squid; do \ ${MV} ${SQUID_SYSCONFDIR}/$$i.conf.default \ ${PREFIX}/share/squid; \ done @ 1.54 log @Use "--enable-storeio=ufs,diskd" instead of "--enable-storeio=diskd" to get "ufs" storage type build again because we will otherwise break lots of existing configurations. Problem pointed out by Simon Burge via e-mail. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.53 2001/11/06 03:05:14 tron Exp $ d17 2 a18 1 CONFIGURE_ARGS+= --sysconfdir=${PREFIX}/etc/squid \ d23 1 a23 1 BUILD_DEFS+= SQUID_CONFIGURE_ARGS d57 4 @ 1.53 log @Activate store type "diskd" by default as suggested by Grant Beattie in PR pkg/14476. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.52 2001/10/09 19:01:49 tron Exp $ d36 1 a36 1 --enable-storeio="diskd" @ 1.52 log @Update "squid" package to 2.4.STABLE2. Changes since 2.4.STABLE1: - Expanded configure's GCC opimization disabling check to include GCC 2.95.3 - avoid negative served_date in storeTimestampsSet(). - Made 'diskd' pathnames more configurable - Make sure squid parent dies if child is killed with KILL signal - Changed diskd offset args to off_t instead of int - Fixed bugs #102, #101, #205: various problems with useragent log files - Fixed bug #116: Large Age: values still cause problems - Fixed bug #119: Floating point exception in storeDirUpdateSwapSize() - Fixed bug #114: usernames not logged with authenticate_ip_ttl_is_strict - Fixed bug #115: squid eating up ressources (eventAdd args) - Fixed bug #125: garbage HTCP requests cause assertion - Fixed bug #134: 'virtual port' support ignores httpd_accel_port, causes a loop in httpd_accel mode - Fixed bug #135: assertion failed: logfile.c:135: "lf->offset <= lf->bufsz" - Fixed bug #137: Ranges on misses are over-done - Fixed bug #160: referer_log doesn't seem to work - Fixed bug #162: some memory leaks (SNMP, delay_pools, comm_dns_incoming histogram) - Fixed bug #165: "Store Mem Buffer" leaks badly - Fixed bug #172: Ident Based ACLs fail when applied to cache_peer_access - Fixed bug #177: LinuxPPC 2000 segfault bug due to varargs abuse - Fixed bug #182: 'config' cachemgr option dumps core with null storage - Fixed bug #185: storeDiskdDirParseQ[12]() use wrong number of args in debug/printf - Fixed bug #187: bugs in lib/base64.c - Fixed bug #184: storeDiskdShmGet() assertion; changed diskd to use bitmap instead of linked list - Fixed bug #194: Compilation fails on index() on some non-BSD plaforms - Fixed bug #197: refreshIsCachable() incorrectly checks entry->mem_obj->reply - Fixed bug #215: NULL pointer access for proxy requests in accel-only mode @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.51 2001/09/18 16:24:57 tron Exp $ d35 2 a36 1 --enable-underscores d38 1 a38 1 OPTIONAL_FILES= libexec/pinger libexec/unlinkd @ 1.51 log @Adapt package list to configuration options dynamically. This fixes PR pkg/13971 by David Sainty. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.50 2001/07/30 07:32:13 tron Exp $ d3 2 a4 2 DISTNAME= squid-2.4.STABLE1-src PKGNAME= squid-2.4.1nb2 a8 8 PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.4/bugs/ PATCHFILES= squid-2.4.stable1-diskd_fixed_path.patch \ squid-2.4.stable1-force_valid_blksize.patch \ squid-2.4.stable1-high_cpu_with_peers.patch \ squid-2.4.stable1-htcp_assertion_fix.patch \ squid-2.4.stable1-kill_parent_on_child_sigkill.patch \ squid-2.4.stable1-wrong_sign_on_timestamp_check.patch @ 1.50 log @Remove "--enable-parent-hack" now that "squid" is invoked without "RunCache" again. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.49 2001/07/30 07:30:11 tron Exp $ d45 2 a56 1 @@${CP} ${PKGDIR}/PLIST ${PLIST_SRC} d60 6 d67 3 d71 1 a71 1 ls ERR_* | ${SED} -e 's@@^@@share/squid/errors/@@'; \ d77 1 a77 1 ${ECHO} "@@dirrm share/squid"; \ a78 5 post-install: cd ${WRKSRC}/src; ${MAKE} install-pinger ${INSTALL_SCRIPT} ${WRKDIR}/squid.sh ${PREFIX}/etc/rc.d/squid @@${SETENV} ${MAKE_ENV} ${SH} ${INSTALL_FILE} ${PKGNAME} POST-INSTALL @ 1.49 log @Rework startup script: - We don't want to wait forever until "squid" terminates. Wait at most 20 seconds after a shutdown command use "kill" afterwards. - Don't use "RunCache" to start "squid", it is not necessary and only causes trouble. - Bring the "rotate" command which got lost in last update. Bump package version number to 2.4.1nb2. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.48 2001/07/29 16:47:01 tron Exp $ a41 1 --enable-kill-parent-hack \ @ 1.48 log @Remove commands to create data directories which could break existing squid installations. These directories should be created by the administrator after selecting the proper directory. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.47 2001/07/29 16:41:18 tron Exp $ d4 1 a4 1 PKGNAME= squid-2.4.1nb1 @ 1.47 log @- Apply some of the changes suggested by Greg A. Woods in PR 13427 and include his improved "rc.d" script. - Use the same directory structure as in the Apache package. The configuration files are now in "${PREFIX}/etc/squid" and won't be removed during deinstallation. - Remove unnecessary configuration variables "SQUID_HTTP_PORT" and "SQUID_ICP_PORT". These values can perfectly be adjusted by editing the configuration file and supporting all these variables would make the package too complex. - Bump the version number to 2.4.1nb1. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.46 2001/05/01 18:07:48 wennmach Exp $ a71 2 ${INSTALL_DATA_DIR} /var/squid ${INSTALL} -d -o nobody /var/squid/logs @ 1.46 log @o remove whitespace from Makefile o add $NetBSD$ RCS tag to patch-ab o regen distinfo @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.45 2001/04/30 03:46:34 jlam Exp $ d4 1 a4 1 PKGNAME= squid-2.4.1 d25 1 a25 1 CONFIGURE_ARGS+= --sysconfdir=/etc \ d28 1 a28 3 CONFIGURE_ENV+= CACHE_HTTP_PORT=${SQUID_HTTP_PORT} \ CACHE_ICP_PORT=${SQUID_ICP_PORT} \ PERL=${PERL5} d30 1 a30 1 BUILD_DEFS+= SQUID_CONFIGURE_ARGS SQUID_HTTP_PORT SQUID_ICP_PORT d33 1 a33 1 PLIST_SRC= ${PKGDIR}/PLIST ${WRKDIR}/PLIST.share d42 1 a44 7 SQUID_HTTP_PORT?= 3128 SQUID_ICP_PORT?= 3130 .if ${OPSYS} == "SunOS" DEPENDS+= egcs-1.1.2:../../lang/egcs MAKE_ENV+= CPPFLAGS= CFLAGS= .endif d56 1 a56 1 @@-rm -f ${WRKDIR}/PLIST.share a67 3 ${ECHO} "share/squid/mime.conf"; \ ${ECHO} "share/squid/mime.conf.default"; \ ${ECHO} "share/squid/squid.conf.default"; \ d69 1 a69 1 ) > ${WRKDIR}/PLIST.share @ 1.45 log @Change build dependency from perl-5.* to perl>=${PERL5_REQD}. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.44 2001/04/14 10:05:00 tron Exp $ d17 1 a17 1 @ 1.44 log @Update "squid" package to version 2.4STABLE1. Changes since 2.3STABLE4: - Fixed a bug in and cleaned up class 2/3 delay pools incrementing. - Fixed a coredump bug when using external dnsservers that become overloaded. - Fixed some NULL pointer bugs for NULL storage system when reconfiguring. - Fixed a bug with useragent logging that caused Squid to think the logfile never got opened. - Fixed a compiling bug with --disable-unlinkd. - Changed src/squid.h to always use O_NONBLOCK on Solaris if it is defined. - Fixed a bug with signed/unsigned bitfield flag variables that caused problems on Solaris. - Fixed a bug in clientBuildReplyHeader() that could add an Age: header with a negative value, causing an assertion later. - Fixed an SNMP reporting bug. cacheCurrentResFileDescrCnt was returning the number of FDs in use, rather than the number of reserved FDs. - Added the 'pipeline_prefetch' configuration option. - cache_dir syntax changed to use options instead of many arguments. This means that the max_objsize argument now is an optional option, and that the syntax for how to specify the diskd magics is slightly different. - Various fixes for CYGWIN - Upgraded MSNT auth module to version 2.0. - Fixed potential problems with HTML by making sure all HTML output is properly encoded. - Fixed a memory initialization problem with resource records in lib/rfc1035.c. - Rewrote date parsing in lib/rfc1123.c and made it a little more lenient. - Added Cache-control: max-stale support. - Fixed 'range_offset_limit' again. The problem this time is that client_side.c wouldn't set the we_dont_do_ranges flag for normal cache misses. It was only being set for requests that might have been hits, but we decided to change to a miss. - Added the Authenticate-Info and Proxy-Authenticate-Info headers from RFC 2617. - HTTP header lines longer than 64K could cause an assertion. Now they get ignored. - Fixed an IP address scanning bug that caused "123.foo.com" to be interpreted as an IP address. - Converted many structure allocations to use mem pools. - Changed proxy authentication to strip leading whitespace from usernames after decoding. - Prevented NULL pointer access in aclMatchAcl(). Some ACL types require checklist->request_t, but it won't be available in some cases (like snmp_access). Warn the admin that the ACL can't be checked and that we're denying it. - Allow zero-size disk caches. - The actual filesystem blocksize is now used to account for space overheads when calculating on-disk cache size. - Made the maximum memory cache object size configurable. - Added 'minimum_direct_rtt' configuration option. - Added 'ie_refresh' configuration option, which is a hack to turn IMS requests into no-cache requests. - Added Linux netfilter support for intercepted connections. - Fixed a bug with clientAccessCheck() that allowed proxy requests in accel mode. - Fixed a bug with 301/302 replies from redirectors. Now we force them to be cache misses. - Accommodated changes to the IP-Filter ioctl() interface for intercepted connections. - Fixed handling of client lifetime timeouts. - Fixed a buffer overflow bug with internal DNS replies by truncating received packets to 512 bytes, as per RFC 1035. - Added "forward.log" support, but its work in progress. - Rewrote much of the IP and FQDN cache implementation. This change gets rid of pending hits. - Changed peerWouldBePinged() to return false if our ICP/HTCP port is zero (i.e. disabled). - Changed src/net_db.c to use src/logfile.c routines, rather than stdio, because of solaris stdio filedescriptor limits. - Made netdbReloadState() more robust in case of corrupted data. - Rewrote some freshness/staleness functions in src/refresh.c, partially inspired to support cache-control max-stale. - Fixed status code logging for SSL/CONNECT requests. - Added a hack to subtract cache digest network traffic from statistics so that byte hit ratio stays positive and more closely reflects what people expect it to be. - Fixed a bug with storeCheckTooSmall() that caused internal icons and cache digests to always be released. - Added statfs(2) support for displaying actual filesystem usage in the cache manager 'storedir' output. - Changed status reporting for storage rebuilding. Now it prints percentage complete instead of number of entries parsed. - Use mkstemp() rather than problem-prone tempnam(). - Changed urlParse() to condense multiple dots in hostnames. - Major rewrite of async-io (src/fs/aufs) to make it behave a bit more sane with substantially less overhead. Some tuning work still remains to make it perform optimal. See the start of store_asyncufs.h for all the knobs. - Fixed storage FS modules to use individual swap space high/low values rather than the global ones. - Fixed storage FS bugs with calling file_map_bit_reset() before checking the bit value. Calling with an invalid value caused memory corruption in random places. - Prevent NULL pointer access in store_repl_lru.c for entries that exist in the hash but not the LRU list. - Added --enable-auth-modules=... configure option - Improved ICP dead peer detection to also work when the workload is low - Improved TCP dead peer detection and recovery - Squid is now a bit more persistent in trying to find a alive parent when never_direct is used. - nonhierarchical_direct squid.conf directive to make non-ICP peer selection behave a bit more like ICP selection with respect to hierarchy. - Bugfix where netdb selection could override never_direct - ICP timeout selection now prefers to use parents only when calculating the dynamic timeout to compensate for common RTT differences between parents and siblings. - No longer starts to swap out objects which are known to be above the maximum allowed size. - allow-miss cache_peer option disabling the use of "only-if-cached". Meant to be used in conjunction with icp_hit_stale. - Delay pools tuned to allow large initial pool values - cachemgr filesystem space information changed to show useable space rather than raw space, and platform support somewhat extended. - Logs destination IP in the hierarchy log tag when going direct. (can be disabled by turning log_ip_on_direct off) - Async-IO on linux now makes proper use of mutexes. This fixes some odd pthread segfaults on SMP Linux machines, at a slight performance penalty. - %s can now be used in cache_swap_log and will be substituded with the last path component of cache_dir. - no_cache is now a full ACL check without, allowing most ACL types to be used. - The CONNECT method now obeys miss_access requirements - proxy_auth_regex and ident_regex ACL types - Fixed a StoreEntry memory leak during "dirty" rebuild - Helper processes no longer hold unrelated filedescriptors open - Helpers are now restarted when the logs are rotated - Negatively cached DNS entries are now purged on "reload". - PURGE now also purges the DNS cache - HEAD on FTP objects no longer retreives the whole object - More cleanups of the dstdomain ACL type - Squid no longer tries to do Range internally if it is not supported by the origin server. Doing so could cause bandwidth spikes and/or negative hit ratio. - httpd_accel_single_host squid.conf directive - "round-robin" cache_peer counters are reset every 5 minutes to compensate previously dead peers - DNS retransmit parameters - Show all FTP server messages - squid.conf.default now indicates if a directive isn't enabled in the installed binary, and what configure option to use for enabling it - Fixed a temporary memory leak on persistent POSTs - Fixed a temporary memory leak when the server response headers includes NULL characters - authenticate_ip_ttl_is_strict squid.conf option - req_mime_type ACL type - A reworked storage system that supports storage directories in a more modular fashion. The object replacement and IO is now responsibility of the storage directory, and not of the storage manager. - Fixed a bogous MD5 mismatch warning sometimes seen when using aufs or diskd stores - Added --enable-stacktraces configure option to set PRINT_STACK_TRACE, and extended support for this to Linux/GNU libc. - Disabled the "request timeout" error message sent if the user agent did not provide a request in a timely manner after opening the connection. Now the connection is silently closed. The error message was confusing user agents utilizing persistent connections. - Fixed configure --enable descriptions to match the arg names. - Eliminated compile warnings from auth_modules/MSNT code. - Require first character of hostnames to be alphanumeric. - Made ARP ACL work for Solaris. - Removed storeClientListSearch(). - Added counters to track diskd operation success and failures. - Fixed range_offset_limit. - Added code to retry ServFail replies for internal DNS lookups. - Added referer header logging (Jens-S. Voeckler). - Added "multi-domain-NTLM" authentication module, a Perl script from Thomas Jarosch. - Added configurable warning messages for high memory usage, high response time, and high page faults. - Made store dir selection algorithm configurable. - Added support for admin-definable extension methods, up to 20. - Added 'maximum_object_size_in_memory' as a configuration option - this defines the watermark where objects transit from being true hot objects to being in-transit objects in memory. It currently defaults to 8 KB. - Change to the fqdn code which changes how pending DNS requests are treated as private and only become public once they are completed. This can add extra load on DNS servers but prevents all the pending clients blocking if one of the queries got stuck. (Duane Wessels) - Converted more code to use MemPools, from Andres Kroonmaa. - Added more CYGWIN patches from Robert Collins. - Added Logfile module. - Added DISKD stats via cachemgr. - Added squid.conf options for DISKD magic constants. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.43 2001/03/27 03:20:25 hubertf Exp $ d22 1 a22 1 BUILD_DEPENDS+= perl-5.*:../../lang/perl5 @ 1.43 log @Change BUILD_DEPENDS semantics: first component is now a package name+version/pattern, no more executable/patchname/whatnot. While there, introduce BUILD_USES_MSGFMT as shorthand to pull in devel/gettext unless /usr/bin/msgfmt exists (i.e. on post-1.5 -current). Patch by Alistair Crooks @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.42 2001/02/25 04:18:24 hubertf Exp $ d3 2 a4 2 DISTNAME= squid-2.3.STABLE4-src PKGNAME= squid-2.3s4nb3 d6 3 a8 16 MASTER_SITES= \ http://www.squid-cache.org/Versions/v2/2.3/ \ ftp://ftp.gw.com/pub/unix/squid/squid-2/STABLE/ \ ftp://www.unimelb.edu.au/pub/cwis/servers/unix/squid/squid-2/STABLE/ \ ftp://sunsite.auc.dk/pub/infosystems/squid/squid-2/STABLE/ \ ftp://ftp.net.lut.ac.uk/squid/squid-2/STABLE/ \ ftp://ftp.kpnqwest.de/pub/mirror.squid/squid-2/STABLE/ PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.3/bugs/ PATCHFILES= squid-2.3.stable4-invalid_ip_acl_entry.patch \ squid-2.3.stable4-ipfw_configure.patch \ squid-2.3.stable4-internal_dns_rcode_table_formatting.patch \ squid-2.3.stable4-ftp_icon_not_found.patch \ squid-2.3.stable4-accel_only_access.patch \ squid-2.3.stable4-html_quoting.patch \ squid-2.3.stable4-carp-assertion.patch d10 8 @ 1.42 log @Cleanup MKDIR usage => INSTALL_*_DIR XXX need to teach pkglint to be more picky about this @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.41 2001/02/17 17:22:38 wiz Exp $ d27 1 a27 1 BUILD_DEPENDS+= ${PERL5}:../../lang/perl5-base @ 1.41 log @Update to new COMMENT style: COMMENT var in Makefile instead of pkg/COMMENT. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.40 2001/01/26 04:56:13 hubertf Exp $ d70 3 a72 3 @@${MKDIR} ${PREFIX}/share/squid @@${MKDIR} ${PREFIX}/share/squid/errors @@${MKDIR} ${PREFIX}/share/squid/icons d88 1 a88 1 ${MKDIR} /var/squid @ 1.40 log @etc/rc.d: squid.sh -> squid @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.39 2000/12/16 09:45:18 hubertf Exp $ d25 1 @ 1.39 log @Create localstatedir etc. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.38 2000/12/13 16:03:39 taca Exp $ d90 1 a90 1 ${INSTALL_SCRIPT} ${WRKDIR}/squid.sh ${PREFIX}/etc/rc.d/squid.sh @ 1.38 log @- Add a patch from http://www.squid-cache.org/Versions/v2/2.3/bugs/ for fixing "CARP assertion on sum of load factors" bug. - Update package name to squid-2.3s4nb3. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.37 2000/11/28 01:09:17 taca Exp $ d87 2 @ 1.37 log @- Update package name to squid-2.3s4nb2 suggested by Christoph Badura . @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.36 2000/11/27 14:39:49 taca Exp $ d4 1 a4 1 PKGNAME= squid-2.3s4nb2 d20 2 a21 1 squid-2.3.stable4-html_quoting.patch @ 1.36 log @- add two patches from http://www.squid-cache.org/Versions/v2/2.3/bugs/ . Should I update to squid-2.3s4nb2? @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.35 2000/11/02 10:31:38 jdolecek Exp $ d4 1 a4 1 PKGNAME= squid-2.3s4nb1 @ 1.35 log @add log_mime_hdrs_list directive - this directive specifies list of headers to log into access log when log_mime_hdrs is on the change will be sent to Squid maintainers for possible future inclusion shortly @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.34 2000/10/15 20:17:44 veego Exp $ d18 3 a20 1 squid-2.3.stable4-ftp_icon_not_found.patch @ 1.34 log @Update squid from 2.3stable3 to 2.3stable4: Important Changes: - offline_toggle You can now toggle the 'offline_mode' option from the cache manager. - minimum_object_size Added the 'minimum_object_size' option. Files smaller than this size are not cached. - passive_ftp If your firewall doesn't allow passive FTP transfers, you can tell Squid to use PORT instead by turning the 'passive_ftp' option off. - wccp_version Some Cisco IOS versions expect to receive WCCP packets with version set to three. The 'wccp_version' option allows you to change it, from the default value of four. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.33 2000/10/10 10:28:39 tron Exp $ d4 1 a4 1 PKGNAME= squid-2.3s4 @ 1.33 log @Use correct spelling "--enable-delay-pools" in configuration options. Problem noted by Olaf Seibert in private e-mail. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.32 2000/09/05 09:33:18 jlam Exp $ d3 2 a4 2 DISTNAME= squid-2.3.STABLE3-src PKGNAME= squid-2.3s3 d15 4 a18 2 PATCHFILES= squid-2.3.stable3-carp_compile.patch \ squid-2.3.stable3-storeExpiredReferenceAge.patch d55 5 a59 5 pre-patch: @@cd ${WRKSRC}/src && \ ${MV} client_side.c client_side.c.prepatch && \ ${SED} -e 's#1\.459\.2\.36#1\.459\.2\.37#' client_side.c @ 1.32 log @Update build dependency on perl to build in correct directory if perl interpreter is not found. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.31 2000/09/03 13:42:22 wiz Exp $ d40 1 a40 1 --enable-delay-pool \ @ 1.31 log @remove whitespace for pkglint @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.30 2000/08/27 02:46:08 jlam Exp $ d21 1 a21 1 BUILD_DEPENDS+= ${PERL5}:../../lang/perl5 @ 1.30 log @Use new PERL5 variable instead of ${LOCALBASE}/bin/perl. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.29 2000/05/19 07:18:55 tron Exp $ d16 1 a16 1 squid-2.3.stable3-storeExpiredReferenceAge.patch @ 1.29 log @Update "squid" package to version 2.3 STABLE 3. Changes since 2.3 STABLE 2: - You can now toggle the 'offline_mode' option from the cache manager. - Added the 'minimum_object_size' option. Files smaller than this size are not cached. - If your firewall doesn't allow passive FTP transfers, you can tell Squid to use PORT instead by turning the 'passive_ftp' option off. - Some Cisco IOS versions expect to receive WCCP packets with version set to three. The 'wccp_version' option allows you to change it, from the default value of four. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.28 2000/05/03 15:14:53 rh Exp $ d21 1 a21 1 BUILD_DEPENDS+= ${LOCALBASE}/bin/perl:../../lang/perl5 d23 1 a23 1 GNU_CONFIGURE= yes d29 1 a29 1 PERL=${LOCALBASE}/bin/perl @ 1.28 log @Update md5 checksum and remove PATCH_DIST_ARGS which is now superfluous due to fixed patches. Fixes PR 10026 by David Rankin. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.27 2000/03/21 10:09:51 tron Exp $ d3 2 a4 2 DISTNAME= squid-2.3.STABLE2-src PKGNAME= squid-2.3s2 d12 1 a12 1 ftp://ftp.xlink.net/pub/mirror.squid/squid-2/STABLE/ d15 2 a16 7 PATCHFILES= squid-2.3.stable2-EOF_in_cf.data.pre.patch \ squid-2.3.stable2-USE_DNSSERVER.patch \ squid-2.3.stable2-USE_DNSSERVER_part2.patch \ squid-2.3.stable2-getMyHostname.patch \ squid-2.3.stable2-hostname_whitespace.patch \ squid-2.3.stable2-netdb_exchange_loop.patch \ squid-2.3.stable2-redirected_username_logging.patch @ 1.27 log @- Update home page URL. - Update master site list. - Apply patches from squid home page. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.26 2000/03/07 20:05:22 tron Exp $ a13 1 PATCH_DIST_ARGS=-d ${WRKSRC}/src --forward --quiet -E ${PATCH_DIST_STRIP} @ 1.26 log @Back out last commit. "ftp.xlink.de" is not an official name. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.25 2000/03/07 18:59:47 tron Exp $ d6 2 a7 2 MASTER_SITES= \ ftp://squid.nlanr.net/pub/squid-2/STABLE/ \ d14 10 d25 1 a25 1 HOMEPAGE= http://squid.nlanr.net/Squid/ d58 6 @ 1.25 log @Use other alias name "ftp.xlink.de" instead of "ftp.xlink.net" so that "MASTER_SORT = .de" recognizes this site as german mirror. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.24 2000/03/06 18:52:06 tron Exp $ d12 1 a12 1 ftp://ftp.xlink.de/pub/mirror.squid/squid-2/STABLE/ @ 1.24 log @Update "squid" package to version 2.3STABLE2. Changes since version 2.3STABLE1: - Changed Copyright text. - Changed configure so that some IRIX-6.4 hacks apply to all IRIX-6.* versions. - Cleaned up HTML bugs in error pages. - Told configure to check for netinet/if_ether.h, which is used in ARP ACL code, but might not be required. - Added "Cookie" to known HTTP headers so it can be used in anonymizer configuration. - Added optional TCP_REDIRECT log code for logging of 301/302 responses returned by Squid. - Added a check for a currently running Squid process. If the pid file exists, and the pid is running, Squid complains and refuses to start another instance. - Changed async I/O scope to PTHREAD_SCOPE_PROCESS for IRIX. - Fixed a bug with the PURGE method. The purge enable flag was not getting cleared during reconfigure. Also required PURGE method to be used in http_access list before enabling. - Fixed async I/O assertions for file open errors. - Fixed internal DNS assertion when unpacking truncated messages. - Fixed anonymize_headers bug that caused all headers to be allowed after a reconfigure. - Fixed an access denied bug for accelerator-only installations. - Fixed internal DNS initialization so that it uses 'dns_nameservers' settings in squid.conf if set. - Fixed 'maxconn' ACL bug that caused it to work backwards (Pedro Ribeiro). - Fixed syslog bug for daemon mode on Linux. - Fixed 'http_port' parsing bugs. - Fixed internal DNS byte ordering bugs for PTR queries. - Fixed internal DNS queue getting stuck during periods of low activity (Henrik). - Fixed byte ordering bugs for parsing EPLF FTP listings on 64-bit systems. - Fixed 'request_body_max_size' bug that caused all POST, PUT requests to be denied if max size is set to zero. - Fixed 'redirector_access' bug when using 'myport' ACLs. - Fixed CARP neighbor selection bugs for down peers. - Added 'client_persistent_connections' and 'server_persistent_connections' flags to disable persistent connections for clients and servers. - Fixed access logging bug that caused many requests to be logged as TCP_MISS. - Added some bounds checking to delay pools code. This partially fixes PR pkg/9534 by Takahiro Kambe. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.23 2000/02/27 23:11:12 tron Exp $ d12 1 a12 1 ftp://ftp.xlink.net/pub/mirror.squid/squid-2/STABLE/ @ 1.23 log @Update "squid" package to version 2.3 STABLE 1 using patches supplied by Takahiro Kambe in PR pkg/9486. Changes since version 2.2 STABLE 5: - many bug fixes - WCCP support - Storage API - internal DNS servers @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.22 1999/11/12 22:56:31 tron Exp $ d3 2 a4 2 DISTNAME= squid-2.3.STABLE1-src PKGNAME= squid-2.3s1 d11 2 a12 1 ftp://ftp.net.lut.ac.uk/squid/squid-2/STABLE/ @ 1.22 log @Define defaults for configuration variables after including "bsd.pkg.mk" of course. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.21 1999/11/12 22:20:49 tron Exp $ d3 2 a4 2 DISTNAME= squid-2.2.STABLE5-src PKGNAME= squid-2.2s5 d35 1 d38 2 a39 1 --enable-snmp @ 1.21 log @Add new configuration variables "SQUID_CONFIGURE_ARGS", "SQUID_HTTP_PORT" and "SQUID_ICP_PORT" to allow easy modifification of the squid build parameters. This fixes the second part of PR pkg/8764 by Luke Mewburn. @ text @d1 1 a1 1 # $NetBSD$ d16 1 a16 9 BUILD_DEPENDS= ${LOCALBASE}/bin/perl:../../lang/perl5 # Configuration options which can be overwritten by the user. SQUID_CONFIGURE_ARGS?= --enable-cachemgr-hostname=localhost \ --enable-icmp \ --enable-ipf-transparent \ --enable-snmp SQUID_HTTP_PORT?= 3128 SQUID_ICP_PORT?= 3130 d33 7 @ 1.20 log @Update "squid" package to version 2.2STABLE5. Changes since 2.2STABLE4: - Changed configure to look for IP-Filter header files in both /usr/include and /usr/include/netinet. - Fixed an ACL subdomain comparison bug (aclDomainCompare). - Fixed an ACL host <=> domain comparison bug (aclHostDomainCompare). - Fixed a "xstrdup: tried to dup a NULL pointer!" bug caused by illegal hostname characters when certain ACL types are in use. - Fixed res_init() bug in dnsserver. We used to call res_init(), and then clear the RES_INIT bit in _res.options. This caused res_init() to be called again as soon as we use gethostbyname(), and this second initialization wipes out our changing the nameservers. The fix is just to NOT set _res.options to RES_DEFAULT after calling res_init(). - Changed FTP to close data sockets as soon as the transfer ends, rather than waiting for the reply message on the control socket (Alexander V. Lukyanov). - Fixed some buffering problems between Squid and the unlinkd process. By using file_write(), unlink requests were being buffered and experiencing long delays under heavy load. Now use use good ol' write() instead. Also added some feedback from unlinkd to squid so we can track the unlink request queue. If the queue becomes too large, we block a little and wait for some acks from unlinkd. This fixes the first part of PR pkg/8764 by Luke Mewburn. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.19 1999/11/12 16:25:30 rh Exp $ d13 1 a13 1 MAINTAINER= packages@@netbsd.org d18 8 d27 6 a32 10 CONFIGURE_ARGS= --sysconfdir=/etc \ --localstatedir=/var/squid # Options you might want to enable CONFIGURE_ARGS+= --enable-cachemgr-hostname=localhost CONFIGURE_ARGS+= --enable-icmp CONFIGURE_ARGS+= --enable-ipf-transparent CONFIGURE_ARGS+= --enable-snmp CONFIGURE_ENV+= PERL=${LOCALBASE}/bin/perl d34 1 @ 1.19 log @defuzz @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.18 1999/10/07 17:41:59 tron Exp $ d3 2 a4 2 DISTNAME= squid-2.2.STABLE4-src PKGNAME= squid-2.2s4 d28 1 a28 4 CPPFLAGS= -I/usr/include/netinet CFLAGS+= ${CPPFLAGS} CONFIGURE_ENV+= CPPFLAGS=${CPPFLAGS} \ PERL=${LOCALBASE}/bin/perl @ 1.18 log @Remove me as maintainer of those packages. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.17 1999/09/28 20:40:05 soren Exp $ d26 1 a26 1 #CONFIGURE_ARGS+= --enable-snmp @ 1.17 log @Use a relative path for bsd.pkg.mk instead of relying on the search path. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.16 1999/08/17 23:10:55 tron Exp $ d13 1 a13 1 MAINTAINER= tron@@netbsd.org @ 1.16 log @Use "${INSTALL_FILE}" instead of "${PKGDIR}/INSTALL". @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.15 1999/08/02 12:14:00 agc Exp $ d72 1 a72 1 .include <../../mk/bsd.pkg.mk> @ 1.15 log @Make this package work on Solaris. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.14 1999/07/14 21:45:50 tron Exp $ d70 1 a70 1 @@${SETENV} ${MAKE_ENV} ${SH} ${PKGDIR}/INSTALL ${PKGNAME} POST-INSTALL @ 1.14 log @Update "squid" package to version 2.2.STABLE4. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.13 1999/06/03 16:42:35 tron Exp $ d37 7 @ 1.13 log @Update "squid" package to version 2.2.STABLE3. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.12 1999/05/28 21:58:25 tron Exp $ d3 2 a4 2 DISTNAME= squid-2.2.STABLE3-src PKGNAME= squid-2.2s3 @ 1.12 log @Remove obsolete mirror site. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.11 1999/05/12 16:17:34 tron Exp $ d3 2 a4 2 DISTNAME= squid-2.2.STABLE2-src PKGNAME= squid-2.2s2 d36 1 a36 1 WRKSRC= ${WRKDIR}/squid-2.2.STABLE2 @ 1.11 log @Fix path in master site list. Problem noted by Hubert Feyrer. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.10 1999/05/02 12:49:43 tron Exp $ a8 1 ftp://ftp.funet.fi/pub/mirrors/squid.nlanr.net/pub/squid-2/STABLE/ \ @ 1.10 log @Update "squid" package to version 2.2s2 (squid-2.2.STABLE2). @ text @d1 1 a1 2 # $NetBSD: Makefile,v 1.9 1999/05/02 00:48:31 tron Exp $ # d7 6 a12 6 ftp://squid.nlanr.net/pub/squid-2/ \ ftp://ftp.gw.com/pub/unix/squid/squid-2/ \ ftp://ftp.funet.fi/pub/mirrors/squid.nlanr.net/pub/squid-2/ \ ftp://www.unimelb.edu.au/pub/cwis/servers/unix/squid/squid-2/ \ ftp://sunsite.auc.dk/pub/infosystems/squid/squid-2/ \ ftp://ftp.net.lut.ac.uk/squid/squid-2/ @ 1.9 log @Enable transport proxy support. Fixes PR pkg/7383 by Olaf Seibert. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.8 1999/04/09 17:54:26 bad Exp $ d4 2 a5 1 DISTNAME= squid-2.0.PATCH2 a13 1 EXTRACT_SUFX= -src.tar.gz d15 1 a15 1 MAINTAINER= kim@@tac.nyc.ny.us d18 1 a18 1 BUILD_DEPENDS= ${LOCALBASE}/bin/perl:${PKGSRCDIR}/lang/perl5 d37 2 a42 2 PLIST_SRC= ${PKGDIR}/PLIST ${WRKDIR}/PLIST.share d50 2 a51 2 ls ERR_* | sed -e 's@@^@@share/squid/errors/@@'; \ echo "@@dirrm share/squid/errors"; \ d53 7 a59 7 ls anthony-*.gif | sed -e 's@@^@@share/squid/icons/@@'; \ echo "@@dirrm share/squid/icons"; \ echo "share/squid/mib.txt"; \ echo "share/squid/mime.conf"; \ echo "share/squid/mime.conf.default"; \ echo "share/squid/squid.conf.default"; \ echo "@@dirrm share/squid"; \ @ 1.8 log @BUILD_DEPENDS on the pkg version of perl and make sure configure uses that. Fixes PR#7348 by rhialto@@polder.ubc.kun.nl. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.7 1999/03/08 10:53:57 agc Exp $ d27 1 d29 5 a33 1 CONFIGURE_ENV+= PERL=${LOCALBASE}/bin/perl @ 1.7 log @s/make/${MAKE}/g @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.6 1999/02/20 22:48:45 hubertf Exp $ d18 2 d28 1 @ 1.6 log @Fix CONFLICTS (remove redundancy, mostly) @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.5 1999/01/29 19:26:37 bad Exp $ d55 1 a55 1 cd ${WRKSRC}/src; make install-pinger @ 1.5 log @pkg/INSTALL gets invoked with two well defined arguments by pkg_add. Change it so that it works with pkg_add. Change Makefile to invoke it the same way pkg_add does. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.4 1998/12/06 12:42:00 tron Exp $ a13 5 CONFLICTS= squid-1.1.21 \ squid-2.0.PRE1 \ squid-2.0.RELEASE \ squid-2.0.PATCH1 @ 1.4 log @Sync with "squid-current" package. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.4 1998/10/12 06:11:39 kim Exp $ d33 1 a33 1 MAKE_ENV+= INSTALL_SCRIPT="${INSTALL_SCRIPT}" a58 3 # This is GNU ${datadir}/squid/squid.conf DEFCONF= ${PREFIX}/share/squid/squid.conf.default d62 1 a62 1 @@${SH} ${PKGDIR}/INSTALL ${PKGNAME} ${DEFCONF} POST-INSTALL @ 1.3 log @The Grand Homepagification: - New, optional Makefile variable HOMEPAGE, specifies a URL for the home page of the software if it has one. - The value of HOMEPAGE is used to add a link from the README.html files. - pkglint updated to know about it. The "correct" location for HOMEPAGE in the Makefile is after MAINTAINER, in that same section. @ text @d1 1 a1 2 # $NetBSD: Makefile,v 1.2 1998/05/24 19:01:19 tron Exp $ # $FreeBSD Id: Makefile,v 1.36 1998/03/20 13:58:54 peter Exp d4 1 a4 1 DISTNAME= squid-1.1.21 d7 6 a12 4 ftp://squid.nlanr.net/pub/squid-1.1/ \ ftp://www.unimelb.edu.au/pub/cwis/servers/unix/squid/squid-1.1/ \ ftp://sunsite.auc.dk/pub/infosystems/squid/squid-1.1/ \ ftp://ftp.net.lut.ac.uk/squid/squid-1.1/ d15 6 a20 1 MAINTAINER= tron@@netbsd.org d24 8 a31 3 # Follow the apache port's lead... CONFIGURE_ARGS= --sysconfdir=${PREFIX}/etc/squid --bindir=${PREFIX}/sbin \ --libexecdir=${PREFIX}/sbin --localstatedir=/var/squid a32 1 a33 15 # If you need to set any of these options, read the source and uncomment # these if appropriate. #MAKE_ENV+= HOST_OPT="-DCACHEMGR_HOSTNAME=\"getfullhostname()\"" #MAKE_ENV+= AUTH_OPT="-DUSE_PROXY_AUTH=1" #MAKE_ENV+= LOG_HDRS_OPT="-DLOG_FULL_HEADERS=1" #MAKE_ENV+= ICMP_OPT="-DUSE_ICMP=1" #MAKE_ENV+= DELAY_HACK="-DDELAY_HACK=1" #MAKE_ENV+= USERAGENT_OPT="-DUSE_USERAGENT_LOG=1" #MAKE_ENV+= KILL_PARENT_OPT="-DKILL_PARENT_OPT" #MAKE_ENV+= USE_POLL_OPT="-DUSE_POLL" # do NOT define both USE_SPLAY_TREE and USE_BIN_TREE at the same time! #MAKE_ENV+= USE_SPLAY_TREE="-DUSE_SPLAY_TREE" #MAKE_ENV+= USE_BIN_TREE="-DUSE_BIN_TREE" #MAKE_ENV+= RELOAD_INTO_IMS="-DRELOAD_INTO_IMS" #MAKE_ENV+= UNDERSCORES_OPT="-DALLOW_HOSTNAME_UNDERSCORES" d38 24 d65 1 a65 1 @@${SH} ${PKGDIR}/INSTALL ${PKGNAME} POST-INSTALL @ 1.2 log @Minor cleanup. @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.1 1998/05/23 21:27:20 tron Exp $ d15 1 @ 1.1 log @New "squid-1.1.21" package based on FreeBSD port adapted by Rene Hexel in PR pkg/5314. @ text @d1 1 a1 1 # $NetBSD$ d40 1 a40 1 ${SED} s#@@PREFIX@@#${PREFIX}#g <${FILESDIR}/squid.sh >${WRKSRC}/squid.sh d44 1 a44 1 ${INSTALL_SCRIPT} ${WRKSRC}/squid.sh ${PREFIX}/etc/rc.d/squid.sh @