[pkgsrc/trunk]: pkgsrc/www/tinyproxy tinyproxy: updated to 1.8.4

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/www/tinyproxy tinyproxy: updated to 1.8.4
From: adam <adam%pkgsrc.org@localhost>
Date: Thu, 21 Jun 2018 12:31:14 +0000
details:   https://anonhg.NetBSD.org/pkgsrc/rev/e08e455c99b8
branches:  trunk
changeset: 309663:e08e455c99b8
user:      adam <adam%pkgsrc.org@localhost>
date:      Thu Jun 21 11:31:33 2018 +0000

description:
tinyproxy: updated to 1.8.4

Tinyproxy version 1.8.4

Most notably, this release removes the limitation of a single Listen address of not listening on the wildcard address and a DoS (CVE-2012-3505).
Among several other bug fixes, this release fixes a bunch of issues found by coverity (scan.coverity.com).

Bugs resolved since version 1.8.3
fix algorithmic complexity DoS in hashmap
fix failing CONNECT requests with IPv6 literal addresses
fix invalid free for GET requests to IPv6 literal addresses
support multiple Listen statements in configuration
support listening on ipv4 and ipv6 wildcard if no Listen specified
fix crash when writing to log file fails
fix build with autoconf >= 2.69

diffstat:

 www/tinyproxy/Makefile                            |  33 ++++----
 www/tinyproxy/distinfo                            |  17 +--
 www/tinyproxy/patches/patch-configure             |   8 +-
 www/tinyproxy/patches/patch-etc_tinyproxy.conf.in |   4 +-
 www/tinyproxy/patches/patch-src_hashmap.c         |  85 -----------------------
 www/tinyproxy/patches/patch-src_reqs.c            |  48 ------------
 6 files changed, 29 insertions(+), 166 deletions(-)

diffs (260 lines):

diff -r eae7bbee0dbf -r e08e455c99b8 www/tinyproxy/Makefile
--- a/www/tinyproxy/Makefile    Thu Jun 21 11:05:06 2018 +0000
+++ b/www/tinyproxy/Makefile    Thu Jun 21 11:31:33 2018 +0000
@@ -1,42 +1,39 @@
-# $NetBSD: Makefile,v 1.37 2017/02/18 05:59:23 nonaka Exp $
-#
+# $NetBSD: Makefile,v 1.38 2018/06/21 11:31:33 adam Exp $
 
-DISTNAME=      tinyproxy-1.8.3
-PKGREVISION=   6
+DISTNAME=      tinyproxy-1.8.4
 CATEGORIES=    www
-MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=tinyproxy/}
+MASTER_SITES=  ${MASTER_SITE_GITHUB:=tinyproxy/}
+GITHUB_RELEASE=        ${PKGVERSION_NOREV}
+EXTRACT_SUFX=  .tar.xz
 
 MAINTAINER=    pkgsrc-users%NetBSD.org@localhost
-HOMEPAGE=      http://tinyproxy.sourceforge.net/
+HOMEPAGE=      https://tinyproxy.github.io/
 COMMENT=       Lightweight HTTP/SSL proxy
 LICENSE=       gnu-gpl-v2
 
-GNU_CONFIGURE= YES
+BUILD_DEPENDS+=                asciidoc-[0-9]*:../../textproc/asciidoc
+BUILD_DEFS+=           VARBASE
+
+GNU_CONFIGURE=         yes
+CONFIGURE_ARGS+=       --with-config=${PKG_SYSCONFDIR}/tinyproxy.conf
+CONFIGURE_ARGS+=       --sysconfdir=${PKG_SYSCONFDIR}
+CONFIGURE_ARGS+=       --localstatedir=${VARBASE}
+CONFIGURE_ARGS+=       --enable-transparent-proxy
 
 RCD_SCRIPTS=           tinyproxy
-PKG_SYSCONFSUBDIR=     tinyproxy
 
 .include "../../mk/bsd.prefs.mk"
 
-BUILD_DEPENDS+=                asciidoc-[0-9]*:../../textproc/asciidoc
-BUILD_DEFS+=           VARBASE
-
 TINYPROXY_USER?=       tinyproxy
 TINYPROXY_GROUP?=      tinyproxy
 PKG_GROUPS=            ${TINYPROXY_GROUP}
 PKG_USERS=             ${TINYPROXY_USER}:${TINYPROXY_GROUP}
 PKG_GROUPS_VARS+=      TINYPROXY_GROUP
-PKG_USERS_VARS+=       TINYPROXY_USER
+PKG_USERS_VARS=                TINYPROXY_USER
 FILES_SUBST+=          TINYPROXY_USER=${TINYPROXY_USER:Q}
 FILES_SUBST+=          TINYPROXY_GROUP=${TINYPROXY_GROUP:Q}
 
-CONFIGURE_ARGS+=       --with-config=${PKG_SYSCONFDIR}/tinyproxy.conf
-CONFIGURE_ARGS+=       --sysconfdir=${PKG_SYSCONFDIR}
-CONFIGURE_ARGS+=       --localstatedir=${VARBASE}
-CONFIGURE_ARGS+=       --enable-transparent-proxy
-
 EGDIR=         ${PREFIX}/share/examples/tinyproxy
-
 CONF_FILES=    ${EGDIR}/tinyproxy.conf.default ${PKG_SYSCONFDIR}/tinyproxy.conf
 
 SUBST_CLASSES+=                docs
diff -r eae7bbee0dbf -r e08e455c99b8 www/tinyproxy/distinfo
--- a/www/tinyproxy/distinfo    Thu Jun 21 11:05:06 2018 +0000
+++ b/www/tinyproxy/distinfo    Thu Jun 21 11:31:33 2018 +0000
@@ -1,14 +1,11 @@
-$NetBSD: distinfo,v 1.11 2017/02/18 05:59:23 nonaka Exp $
+$NetBSD: distinfo,v 1.12 2018/06/21 11:31:33 adam Exp $
 
-SHA1 (tinyproxy-1.8.3.tar.gz) = ebf4bda60ff2d0fdf1846467f07b3bbd9ef90faf
-RMD160 (tinyproxy-1.8.3.tar.gz) = 41cae4c8fcc99650a76d7bed52a379a9dd0faef0
-SHA512 (tinyproxy-1.8.3.tar.gz) = 4f58830f386abc1eaa5d9ec0deb3d5611345cda4346f146565c929695755670fb7159aea4e51edd827d0292cb0d65f2caaae02d00bac204397ff0c3a1eb1b90b
-Size (tinyproxy-1.8.3.tar.gz) = 266744 bytes
-SHA1 (patch-configure) = f446276a457c915fd2155bbe5bb1c4aa4b88c9d7
+SHA1 (tinyproxy-1.8.4.tar.xz) = 2ecc31268b386c282f4c9f4ed53dd9b76f3c3aee
+RMD160 (tinyproxy-1.8.4.tar.xz) = 5fd68912b1977badf261756b34a1de7efc183a72
+SHA512 (tinyproxy-1.8.4.tar.xz) = 23398a2c8a6d926b371086ba96032d0fd8dd06d114edf24950b868f53bb6b4235cd0f5d6b9a0131879fcc16bbe6b71142a6855de593a937ef7b0c323b50e0aec
+Size (tinyproxy-1.8.4.tar.xz) = 192300 bytes
+SHA1 (patch-configure) = c0d7af647d06eac76835506823a8df4f1bd7bd49
 SHA1 (patch-docs_man5_tinyproxy.conf.txt.in) = 1641f7c44ce84f2ebac6e945760af3ba77976f31
 SHA1 (patch-docs_man8_tinyproxy.txt.in) = 12c43d0f874a8794cbe8da7c702e406e8b10a99b
 SHA1 (patch-etc_Makefile.in) = 34ab3402bf11be5d2c1521f8ca0254ecbf19fc3c
-SHA1 (patch-etc_tinyproxy.conf.in) = d15ffe67b6ee86d4db41a6661d6d731c1ef149cc
-SHA1 (patch-src_child.c) = 2263f1aa7edbc31a7b31343487afa4be4fb30405
-SHA1 (patch-src_hashmap.c) = 92234430d31cd97620038a268ffd813344b262ba
-SHA1 (patch-src_reqs.c) = 9a1186ab9ebe71009384ec12aa56aff86f3a1007
+SHA1 (patch-etc_tinyproxy.conf.in) = 2694a3f4cd1c2481eb765c8c9a26a58ac94f2574
diff -r eae7bbee0dbf -r e08e455c99b8 www/tinyproxy/patches/patch-configure
--- a/www/tinyproxy/patches/patch-configure     Thu Jun 21 11:05:06 2018 +0000
+++ b/www/tinyproxy/patches/patch-configure     Thu Jun 21 11:31:33 2018 +0000
@@ -1,14 +1,14 @@
-$NetBSD: patch-configure,v 1.1 2015/08/13 20:30:47 jperkin Exp $
+$NetBSD: patch-configure,v 1.2 2018/06/21 11:31:33 adam Exp $
 
 Remove non-portable ld argument.
 
---- configure.orig     2011-08-16 12:27:59.000000000 +0000
+--- configure.orig     2018-06-21 11:03:35.000000000 +0000
 +++ configure
-@@ -6744,7 +6744,6 @@ if test x"$debug_enabled" != x"yes" ; th
+@@ -7036,7 +7036,6 @@ if test x"$debug_enabled" != x"yes" ; th
      CFLAGS="-DNDEBUG $CFLAGS"
  fi
  
--LDFLAGS="-Wl,-z,defs"
+-LDFLAGS="-Wl,-z,defs $LDFLAGS"
  
  
  if test x"$ac_cv_func_regexec" != x"yes"; then
diff -r eae7bbee0dbf -r e08e455c99b8 www/tinyproxy/patches/patch-etc_tinyproxy.conf.in
--- a/www/tinyproxy/patches/patch-etc_tinyproxy.conf.in Thu Jun 21 11:05:06 2018 +0000
+++ b/www/tinyproxy/patches/patch-etc_tinyproxy.conf.in Thu Jun 21 11:31:33 2018 +0000
@@ -1,4 +1,6 @@
-$NetBSD: patch-etc_tinyproxy.conf.in,v 1.1 2017/02/18 05:59:23 nonaka Exp $
+$NetBSD: patch-etc_tinyproxy.conf.in,v 1.2 2018/06/21 11:31:33 adam Exp $
+
+Customize settings.
 
 --- etc/tinyproxy.conf.in.orig 2010-03-03 18:37:24.000000000 +0900
 +++ etc/tinyproxy.conf.in      2016-12-15 11:05:42.000000000 +0900
diff -r eae7bbee0dbf -r e08e455c99b8 www/tinyproxy/patches/patch-src_hashmap.c
--- a/www/tinyproxy/patches/patch-src_hashmap.c Thu Jun 21 11:05:06 2018 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,85 +0,0 @@
-$NetBSD: patch-src_hashmap.c,v 1.1 2012/12/13 09:01:26 wiz Exp $
-
-Fix CVE-2012-3505 using Debian patch.
-
---- src/hashmap.c.orig 2010-01-25 18:24:01.000000000 +0000
-+++ src/hashmap.c
-@@ -25,6 +25,8 @@
-  * don't try to free the data, or realloc the memory. :)
-  */
- 
-+#include <stdlib.h>
-+
- #include "main.h"
- 
- #include "hashmap.h"
-@@ -50,6 +52,7 @@ struct hashbucket_s {
- };
- 
- struct hashmap_s {
-+        uint32_t seed;
-         unsigned int size;
-         hashmap_iter end_iterator;
- 
-@@ -65,7 +68,7 @@ struct hashmap_s {
-  *
-  * If any of the arguments are invalid a negative number is returned.
-  */
--static int hashfunc (const char *key, unsigned int size)
-+static int hashfunc (const char *key, unsigned int size, uint32_t seed)
- {
-         uint32_t hash;
- 
-@@ -74,7 +77,7 @@ static int hashfunc (const char *key, un
-         if (size == 0)
-                 return -ERANGE;
- 
--        for (hash = tolower (*key++); *key != '\0'; key++) {
-+        for (hash = seed; *key != '\0'; key++) {
-                 uint32_t bit = (hash & 1) ? (1 << (sizeof (uint32_t) - 1)) : 0;
- 
-                 hash >>= 1;
-@@ -104,6 +107,7 @@ hashmap_t hashmap_create (unsigned int n
-         if (!ptr)
-                 return NULL;
- 
-+      ptr->seed = (uint32_t)rand();
-         ptr->size = nbuckets;
-         ptr->buckets = (struct hashbucket_s *) safecalloc (nbuckets,
-                                                            sizeof (struct
-@@ -201,7 +205,7 @@ hashmap_insert (hashmap_t map, const cha
-         if (!data || len < 1)
-                 return -ERANGE;
- 
--        hash = hashfunc (key, map->size);
-+        hash = hashfunc (key, map->size, map->seed);
-         if (hash < 0)
-                 return hash;
- 
-@@ -382,7 +386,7 @@ ssize_t hashmap_search (hashmap_t map, c
-         if (map == NULL || key == NULL)
-                 return -EINVAL;
- 
--        hash = hashfunc (key, map->size);
-+        hash = hashfunc (key, map->size, map->seed);
-         if (hash < 0)
-                 return hash;
- 
-@@ -416,7 +420,7 @@ ssize_t hashmap_entry_by_key (hashmap_t 
-         if (!map || !key || !data)
-                 return -EINVAL;
- 
--        hash = hashfunc (key, map->size);
-+        hash = hashfunc (key, map->size, map->seed);
-         if (hash < 0)
-                 return hash;
- 
-@@ -451,7 +455,7 @@ ssize_t hashmap_remove (hashmap_t map, c
-         if (map == NULL || key == NULL)
-                 return -EINVAL;
- 
--        hash = hashfunc (key, map->size);
-+        hash = hashfunc (key, map->size, map->seed);
-         if (hash < 0)
-                 return hash;
- 
diff -r eae7bbee0dbf -r e08e455c99b8 www/tinyproxy/patches/patch-src_reqs.c
--- a/www/tinyproxy/patches/patch-src_reqs.c    Thu Jun 21 11:05:06 2018 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,48 +0,0 @@
-$NetBSD: patch-src_reqs.c,v 1.1 2012/12/13 09:01:27 wiz Exp $
-
-Fix CVE-2012-3505 using Debian patch.
-
---- src/reqs.c.orig    2011-02-07 12:31:03.000000000 +0000
-+++ src/reqs.c
-@@ -610,6 +610,11 @@ add_header_to_connection (hashmap_t hash
-         return hashmap_insert (hashofheaders, header, sep, len);
- }
- 
-+/* define max number of headers. big enough to handle legitimate cases,
-+ * but limited to avoid DoS 
-+ */
-+#define MAX_HEADERS 10000
-+
- /*
-  * Read all the headers from the stream
-  */
-@@ -617,6 +622,7 @@ static int get_all_headers (int fd, hash
- {
-         char *line = NULL;
-         char *header = NULL;
-+      int count;
-         char *tmp;
-         ssize_t linelen;
-         ssize_t len = 0;
-@@ -625,7 +631,7 @@ static int get_all_headers (int fd, hash
-         assert (fd >= 0);
-         assert (hashofheaders != NULL);
- 
--        for (;;) {
-+        for (count = 0; count < MAX_HEADERS; count++) {
-                 if ((linelen = readline (fd, &line)) <= 0) {
-                         safefree (header);
-                         safefree (line);
-@@ -691,6 +697,12 @@ static int get_all_headers (int fd, hash
- 
-                 safefree (line);
-         }
-+
-+      /* if we get there, this is we reached MAX_HEADERS count.
-+         bail out with error */
-+      safefree (header);
-+      safefree (line);
-+      return -1;
- }
- 
- /*
Prev by Date: [pkgsrc/trunk]: pkgsrc/www/tinyproxy/patches tinyproxy: also remove unnecessa...
Next by Date: [pkgsrc/trunk]: pkgsrc/doc Updated www/tinyproxy, net/wireshark
Previous by Thread: [pkgsrc/trunk]: pkgsrc/www/tinyproxy/patches tinyproxy: also remove unnecessa...
Next by Thread: [pkgsrc/trunk]: pkgsrc/doc Updated www/tinyproxy, net/wireshark
Indexes:
Home | Main Index | Thread Index | Old Index