pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/www/squid Update squid-2.5.5 (squid 2.5.STABLE5 with t...
details: https://anonhg.NetBSD.org/pkgsrc/rev/6e64fc4255ae
branches: trunk
changeset: 470000:6e64fc4255ae
user: taca <taca%pkgsrc.org@localhost>
date: Thu Mar 04 17:05:50 2004 +0000
description:
Update squid-2.5.5 (squid 2.5.STABLE5 with two official patches).
Most of these changes from 2.5.STABLE4 to 2.5STABLE5 are already applied
in previous squid-2.5.4nb8 package.
Changes to squid-2.5.STABLE5 (1 Mar 2004):
- cache.log message on "squid -k reconfigure" was slightly confusing,
claiming Squid restarted when it just reread the configuration.
- Bug #787: digest auth never detects password changes
- Bug #789: login with space confuses redirector helpers
- Bug #791: FQDNcache discards negative responses when using
internal DNS
- pam_auth fails on Solaris when using pam_authtok_get. Persistent
PAM connections are unsafe and now disabled by default.
- auth_param documentation clarifications and added default realm
values making only the helper program a required attribute
- Bug #795: German ERR_DNS_FAIL correction
- Bug #803: Lithuantian error messages update
- Bug #806: Segfault if failing to load error page
- Bug #812: Mozilla/Netscape plugins mime type defined (.xpi)
- Bug #817: maximum_object_size too large causes squid not to cache
- Bug #824: 100% CPU loop if external_acl combined with separate
authentication acl in the same http_access line
- squid_ldap_group updated to version 2.12 with support for ldaps://
(LDAPv2 over SSL) and a numer of other improvements.
- Bug #799: positive_dns_ttl ignored when using internal DNS.
- Bug #690: Incorrect html on empty Gopher responses
- Bug #729: --enable-arp-acl may give warning about net/route.h
- Bug #14: attempts to establish connection may look like syn flood
attack if the contacted server is refusing connections
- errorpage README files included in the distribution again showing
who contributed which translation
- Bug #848: connect_timeout connect_timeout ends up twice the length.
forward_timeout option added to address this.
- Bug #849: DNS log error messages should report the failed query
- Bug #851: DNS retransmits too often
- Bug #862: Very frequently repeated POST requests may cause a
filedescriptor shortage due to persitent connections building up
- Bug #853: Sporatic segmentation faults on aborted FTP PUT requests
- Bug #571: Need to limit use of persistent connections when
filedescriptor usage is high
- Bug #856: FTP/Gopher Icon URLs are unneededly complex and often
does not work properly
- Bug #860: redirector_access does not handle "slow" acls such as
"dst" or "external" requiring a external lookup.
- Bug #865: Persistent connection usage too high after sudden burst
of traffic.
- Bug #867: cache_peer max-conn=.. option does not work
- Bug #868: refuses to start if pid_filename none is specified
- Bug #887: LDAP helper -Z (TLS) option does not work
- Bug #877: Squid doesn't follow telnet protocol on FTP control
connections
- Bug #908: Random auth popups and account lockouts when using ntlm
- Support for NTLM_NEGOTIATE exchanges with ntlm helpers
- Bug #585: cache_peer_access fails with NTLM authentication
- Bug #592: always/never_direct fails with NTLM authentication
- wbinfo_group update for Samba-3
- Bug #892: helpers/ntlm_auth/SMB/ fails to compile on FreeBSD 5.0
- Bug #924: miss_access restricts internal and cachemgr requests
even if these are local
- Bug #925: auth headers send by squidclient are mildly malformed
- Bug #922: miss_access and delay_access and several other
authentication related bug fixes.
- Bug #909: Added ARP acl support for FreeBSD
- Bug #926: deny_info with http_reply_access or miss_access
- Bug #872: reply_body_max_size problems when using NTLM auth
- Bug #825: random segmentation faults when using digest auth
- Bug #910: Partial fix for temporary memory leaks when using NTLM
auth. There is still problems if challenge reuse is enabled.
- ftp://anonymous@host/ now accepted without requiring a password
- Bug #594: several mime type updates (ftp:// related)
- url_regex enhanced to allow matching of %00
And two official patches' changes.
assertion failed: helper.c:323: "srv->flags.reserved"
synopsis If using ntlm authentication then Squid may
randomly abort with the above assertion
failure if a request is aborted while Squid
waits for a response from the domain controller
severity Medium
date 2004-03-01 23:55
bugzilla #937
versions Squid-2.5.STABLE5
platforms All
workaround half_closed_connections on (the default)
squid_ldap_auth can be confused by the use of reserved characters
synopsis squid_ldap_auth may be confused by the use of
reserved characters allowing the login name to
be masqueraded in different manners possibly
allowing the user to partially bypass certain
per-user restrictions or confuse third party
accounting packages.
Note that the user can not bypass the login
procedure as such. All he can do is to make
the login name look different than normal.
There is still full audit trails on who the
user is etc.
The patch also adds and documents a -d flag to
both squid_ldap_auth and squid_ldap_group to
allow for easier tracing of the operation of
these programs if results is not what is
expected.
severity Major
date 2004-03-04 09:37
bugzilla #935
versions Squid-2.5 and earlier
platforms All
configuration configurations where squid_ldap_auth is used
for authentication using a search filter (-f
option) and where squid_ldap_group is not used
to further restrict the valid usernames.
workaround Combine squid_ldap_auth with squid_ldap_group
to only allow valid logins who are member of a
certain group, or alternatively use a
proxy_auth_regex acl to deny the use of any
login using restricted characters.
acl bad_login proxy_auth_regex [()\\*]
http_access deny bad_login
diffstat:
www/squid/Makefile | 51 +++---------------------------
www/squid/distinfo | 90 ++++-------------------------------------------------
2 files changed, 13 insertions(+), 128 deletions(-)
diffs (171 lines):
diff -r 5952e2524055 -r 6e64fc4255ae www/squid/Makefile
--- a/www/squid/Makefile Thu Mar 04 16:28:05 2004 +0000
+++ b/www/squid/Makefile Thu Mar 04 17:05:50 2004 +0000
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.102 2004/02/12 14:45:00 taca Exp $
+# $NetBSD: Makefile,v 1.103 2004/03/04 17:05:50 taca Exp $
-DISTNAME= squid-2.5.STABLE4
-PKGNAME= squid-2.5.4
-PKGREVISION= 8
+DISTNAME= squid-2.5.STABLE5
+PKGNAME= squid-2.5.5
CATEGORIES= www
MASTER_SITES= http://www.squid-cache.org/Versions/v2/2.5/ \
ftp://ftp.leo.org/pub/comp/general/infosys/www/daemons/squid/squid-2/STABLE/ \
@@ -10,46 +9,8 @@
EXTRACT_SUFX= .tar.bz2
PATCH_SITES= http://www.squid-cache.org/Versions/v2/2.5/bugs/
-PATCHFILES= squid-2.5.STABLE4-reconfigure_message.patch \
- squid-2.5.STABLE4-digest_auth_pwchange.patch \
- squid-2.5.STABLE4-redirect_login_space.patch \
- squid-2.5.STABLE4-fqdnnegcache.patch \
- pam_auth-2.2.patch \
- squid-2.5.STABLE4_auth_param_doc.patch \
- squid-2.5.STABLE4-errorpages.patch \
- squid-2.5.STABLE4-error_load_text.patch \
- squid-2.5.STABLE4-xpi_mime.patch \
- squid-2.5.STABLE4-size_overflow.patch \
- squid-2.5.STABLE4-extacl_auth_loop.patch \
- squid-2.5.STABLE4-squid_ldap_group.patch \
- squid-2.5.STABLE4-positive_dns_ttl.patch \
- squid-2.5.STABLE4-gopherhtml.patch \
- squid-2.5.STABLE4-netroute.patch \
- squid-2.5.STABLE4-synflood.patch \
- squid-2.5.STABLE4-fqdn.patch \
- squid-2.5.STABLE4-connect_cleanup.patch \
- squid-2.5.STABLE4-pconn_post.patch \
- squid-2.5.STABLE4-ftp_put.patch \
- squid-2.5.STABLE4-pconn-load.patch \
- squid-2.5.STABLE4-icon_urls.patch \
- squid-2.5.STABLE4-redirector_access.patch \
- squid-2.5.STABLE4-pconn-lifo.patch \
- squid-2.5.STABLE4-cache_peer_maxconn.patch \
- squid-2.5.STABLE4-pid_filename_none.patch \
- squid-2.5.STABLE4-dns_namelength.patch \
- squid-2.5.STABLE4-urllogin_acl.patch \
- squid-2.5.STABLE4-russian.patch \
- squid-2.5.STABLE4-redirlog.patch \
- squid-2.5.STABLE4-pinger.patch \
- squid-2.5.STABLE4-partial_reload.patch \
- squid-2.5.STABLE4-ldap_tls.patch \
- squid-2.5.STABLE4-ldap_group_bufsize.patch \
- squid-2.5.STABLE4-http_workarounds.patch \
- squid-2.5.STABLE4-empty_proxy_auth.patch \
- squid-2.5.STABLE4-ftp_telnet.patch \
- squid-2.5.STABLE4-ntlm_auth_popups.patch \
- squid-2.5.STABLE4-ldap_group-S.patch \
- squid-2.5.STABLE4-ipcache_purge.patch
+PATCHFILES= squid-2.5.STABLE5-ntlm_assert.patch \
+ squid-2.5.STABLE5-ldap.patch
PATCH_DIST_STRIP= -p1
MAINTAINER= taca%NetBSD.org@localhost
@@ -58,7 +19,7 @@
WRKSRC= ${WRKDIR}/${DISTNAME:S/-src//}
USE_PERL5= build
-DIST_SUBDIR= squid-2.5.4
+DIST_SUBDIR= squid-2.5.5
DOCDIR= ${PREFIX}/share/doc/squid
EXAMPLESDIR= ${PREFIX}/share/examples/squid
diff -r 5952e2524055 -r 6e64fc4255ae www/squid/distinfo
--- a/www/squid/distinfo Thu Mar 04 16:28:05 2004 +0000
+++ b/www/squid/distinfo Thu Mar 04 17:05:50 2004 +0000
@@ -1,87 +1,11 @@
-$NetBSD: distinfo,v 1.49 2004/02/20 16:51:55 abs Exp $
+$NetBSD: distinfo,v 1.50 2004/03/04 17:05:51 taca Exp $
-SHA1 (squid-2.5.4/squid-2.5.STABLE4.tar.bz2) = 470a2697625cf6edb83ad6fe59af2e147f557e24
-Size (squid-2.5.4/squid-2.5.STABLE4.tar.bz2) = 1036704 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-reconfigure_message.patch) = 9b304f2c1956ade18329c7357ce1458990a74581
-Size (squid-2.5.4/squid-2.5.STABLE4-reconfigure_message.patch) = 760 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-digest_auth_pwchange.patch) = 6e80ae5e468b03ee4d3d6b1d69021aecdec04614
-Size (squid-2.5.4/squid-2.5.STABLE4-digest_auth_pwchange.patch) = 2694 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-redirect_login_space.patch) = a7fb688d69fde9dbb70acb009a3db1b5a547a3f9
-Size (squid-2.5.4/squid-2.5.STABLE4-redirect_login_space.patch) = 619 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-fqdnnegcache.patch) = f9e2b1d4c7df4cb94fd561f7c77cc7e7f24cfde0
-Size (squid-2.5.4/squid-2.5.STABLE4-fqdnnegcache.patch) = 701 bytes
-SHA1 (squid-2.5.4/pam_auth-2.2.patch) = 2978e0bf5531fc179f9cedfbf12216efc1e715af
-Size (squid-2.5.4/pam_auth-2.2.patch) = 4878 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4_auth_param_doc.patch) = 88f8c093280329bb7f4624c8f9392069f977e98e
-Size (squid-2.5.4/squid-2.5.STABLE4_auth_param_doc.patch) = 9068 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-errorpages.patch) = c0dad2435c475c82087ad79a074a412fa64053d6
-Size (squid-2.5.4/squid-2.5.STABLE4-errorpages.patch) = 49937 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-error_load_text.patch) = 0f7a7df65346512074b0ec7bc459d5ea3f541076
-Size (squid-2.5.4/squid-2.5.STABLE4-error_load_text.patch) = 571 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-xpi_mime.patch) = 257ce3058e62a209dae55c9daad77cc5579bfeb8
-Size (squid-2.5.4/squid-2.5.STABLE4-xpi_mime.patch) = 601 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-size_overflow.patch) = fea2b13f00332ef5f04ffff72de81d58eeef3c4a
-Size (squid-2.5.4/squid-2.5.STABLE4-size_overflow.patch) = 438 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-extacl_auth_loop.patch) = 6de2a5f5b04cc645e164c9b5476061e7b27fac84
-Size (squid-2.5.4/squid-2.5.STABLE4-extacl_auth_loop.patch) = 756 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-squid_ldap_group.patch) = 9cba29ee21840f3598c8684abd4a52882a459db7
-Size (squid-2.5.4/squid-2.5.STABLE4-squid_ldap_group.patch) = 30490 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-positive_dns_ttl.patch) = 1ec94a4ce2e583e6b734a2e5f381bb086b45f43d
-Size (squid-2.5.4/squid-2.5.STABLE4-positive_dns_ttl.patch) = 3409 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-gopherhtml.patch) = 1925feb4a37b91eb0be934941030b328bb00811b
-Size (squid-2.5.4/squid-2.5.STABLE4-gopherhtml.patch) = 3382 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-netroute.patch) = f9fdd9d819796120a6bcf4752f6ea8a0e4fd94db
-Size (squid-2.5.4/squid-2.5.STABLE4-netroute.patch) = 592 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-synflood.patch) = a1138fb535a3f41a67c01e3e9eca8c11fcc8d72d
-Size (squid-2.5.4/squid-2.5.STABLE4-synflood.patch) = 12861 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-fqdn.patch) = fc0113ebef713234ec9905359a57c1e80f03d211
-Size (squid-2.5.4/squid-2.5.STABLE4-fqdn.patch) = 713 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-connect_cleanup.patch) = 20eba739b2fd16a6149c942ff9ca54607dd1b547
-Size (squid-2.5.4/squid-2.5.STABLE4-connect_cleanup.patch) = 32516 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-pconn_post.patch) = ded777e72f4c0a96569751b23a0da18f651277e3
-Size (squid-2.5.4/squid-2.5.STABLE4-pconn_post.patch) = 1231 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-ftp_put.patch) = 1fdaeaedee29ca7093441044dc53802cd02423cb
-Size (squid-2.5.4/squid-2.5.STABLE4-ftp_put.patch) = 584 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-pconn-load.patch) = f11a89722d4808dc30c131854a9b7e80d2df95c8
-Size (squid-2.5.4/squid-2.5.STABLE4-pconn-load.patch) = 2397 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-icon_urls.patch) = 3a4e3cfe9f1678c5dd4ed6a1e474bb4da89a2a74
-Size (squid-2.5.4/squid-2.5.STABLE4-icon_urls.patch) = 2399 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-redirector_access.patch) = ffb18533c312f35b8ac1bc2ce615b0bfd6a7f3c8
-Size (squid-2.5.4/squid-2.5.STABLE4-redirector_access.patch) = 3498 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-pconn-lifo.patch) = 0cb1ea50d42a08c4e852367924ad8cb0f8ee6b6e
-Size (squid-2.5.4/squid-2.5.STABLE4-pconn-lifo.patch) = 1350 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-cache_peer_maxconn.patch) = 95d0c5d7f279a8afbbfd20706ba42ce1d22678a7
-Size (squid-2.5.4/squid-2.5.STABLE4-cache_peer_maxconn.patch) = 3603 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-pid_filename_none.patch) = b5cd27fb366d368e47d61cd626723aa6e8796484
-Size (squid-2.5.4/squid-2.5.STABLE4-pid_filename_none.patch) = 508 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-dns_namelength.patch) = 9935272c3ce447cd62e58d699623426a0872cc1e
-Size (squid-2.5.4/squid-2.5.STABLE4-dns_namelength.patch) = 603 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-urllogin_acl.patch) = 727f701c439a1c56520dbdbbde0efb047497a921
-Size (squid-2.5.4/squid-2.5.STABLE4-urllogin_acl.patch) = 3064 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-russian.patch) = c0f2803e535050dc7e0757761ac566c3c653f815
-Size (squid-2.5.4/squid-2.5.STABLE4-russian.patch) = 20731 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-redirlog.patch) = 6904429ce0bdb169dd0dbea58feefcf95323338a
-Size (squid-2.5.4/squid-2.5.STABLE4-redirlog.patch) = 762 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-pinger.patch) = a11373dc135f03c7b9a6f96400da10cb0d69c772
-Size (squid-2.5.4/squid-2.5.STABLE4-pinger.patch) = 738 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-partial_reload.patch) = 8d7d1bba09ba674e41f635e80c51bd7d78c105c7
-Size (squid-2.5.4/squid-2.5.STABLE4-partial_reload.patch) = 751 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-ldap_tls.patch) = 3d20ba0a993cb9fcc3c2193207f5d8f7ebe57644
-Size (squid-2.5.4/squid-2.5.STABLE4-ldap_tls.patch) = 1853 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-ldap_group_bufsize.patch) = 7f9415c2068a0df5560c853696823816781ce950
-Size (squid-2.5.4/squid-2.5.STABLE4-ldap_group_bufsize.patch) = 762 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-http_workarounds.patch) = db70ba21cf79b7a28e89658f70e068a2d5215f80
-Size (squid-2.5.4/squid-2.5.STABLE4-http_workarounds.patch) = 12322 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-empty_proxy_auth.patch) = 7c915ff182178f6315831999290d80282f409290
-Size (squid-2.5.4/squid-2.5.STABLE4-empty_proxy_auth.patch) = 2719 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-ftp_telnet.patch) = 985d113918bd59bb32bbf2924fae4dd1267e5d64
-Size (squid-2.5.4/squid-2.5.STABLE4-ftp_telnet.patch) = 3844 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-ntlm_auth_popups.patch) = d55620fbd667c14098d5dec0a2c1fd1f7ce79686
-Size (squid-2.5.4/squid-2.5.STABLE4-ntlm_auth_popups.patch) = 63653 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-ldap_group-S.patch) = f290046043732b92014b3957806dab32675d448b
-Size (squid-2.5.4/squid-2.5.STABLE4-ldap_group-S.patch) = 993 bytes
-SHA1 (squid-2.5.4/squid-2.5.STABLE4-ipcache_purge.patch) = fe724fd85cd3de56a1d80d097d3847ab9572f360
-Size (squid-2.5.4/squid-2.5.STABLE4-ipcache_purge.patch) = 1022 bytes
+SHA1 (squid-2.5.5/squid-2.5.STABLE5.tar.bz2) = fd632ebaad656566db11cf875868b19a9b4a71db
+Size (squid-2.5.5/squid-2.5.STABLE5.tar.bz2) = 1044932 bytes
+SHA1 (squid-2.5.5/squid-2.5.STABLE5-ntlm_assert.patch) = 28c62c898a653269bee01540dd34c0fc7545b958
+Size (squid-2.5.5/squid-2.5.STABLE5-ntlm_assert.patch) = 545 bytes
+SHA1 (squid-2.5.5/squid-2.5.STABLE5-ldap.patch) = b569f946c318f6cb7e84dd237bb33ce2022e7ccf
+Size (squid-2.5.5/squid-2.5.STABLE5-ldap.patch) = 6245 bytes
SHA1 (patch-aa) = 2e0d96f6ccb9d0c42db2da49e76846edad09624f
SHA1 (patch-ab) = 1224ba4cee98a26d2c9d670eb6d57c6187ff2d56
SHA1 (patch-ac) = 1b283f0a573c02c82ce26f75e67d19b1ec5ff9f0
Home |
Main Index |
Thread Index |
Old Index