ports/72581: [Maintainer] www/squid: update to 2.5-STABLE7

Thomas-Martin Seck tmseck at netcologne.de
Tue Oct 12 14:50:32 UTC 2004 

>Number:         72581
>Category:       ports
>Synopsis:       [Maintainer] www/squid: update to 2.5-STABLE7
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Tue Oct 12 14:50:31 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator:     Thomas-Martin Seck
>Release:        FreeBSD 4.10-STABLE i386
>Organization:
a private site in Germany
>Environment:
FreeBSD ports collection as of Oct 12, 2004.

	
>Description:
- Update to 2.5-STABLE7; this release fixes a security issue regarding
  the SNMP module (security team CC'ed, see below for a proposed VuXML
  database entry)
- Remove a patch that is now part of the distribution
- Miscellaneuous small fixes:
  + in squid.sh, make stop_command poll for the squid processes' exit in
    the rcNG case too; this eliminates the need to do this in restart_command
  + make the information regarding rcNG'ness in pkg-install easier to read
  + install unstripped binaries if WITH_SQUID_STACKTRACES is defined

Note to committer:
please 'cvs rm' files/patch-configure

Proposed VuXML database entry regarding the SNMP issue:
<topic>Denial of Service Issue in squid SNMP module</topic>
<affects>
	<package>
		<name>squid</name>
	<range><lt>2.5.7</lt></range>
	<package>
</affects>
<description>
	<body xmlns="http://www.w3.org/1999/xhtml">
	<p>If a certain malformed SNMP request is received squid restarts
	with a Segmentation Fault error.</p>
	<p>This only affects squid installations where SNMP is explicitly
	enabled via "make config". As a workaround, SNMP can be
	disabled by defining "snmp_port 0" in squid.conf.</p>
	</body>
</description>
<references>
	<cvename>CAN-2004-0918</cvename>
	<url>http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE6-SNMP_core_dump</url>
</references>
<dates>
	<discovery>2004-09-29</discovery>
</dates>

	
>How-To-Repeat:
	
>Fix:
Apply this patch:

Index: distinfo
===================================================================
--- distinfo	(.../www/squid)	(revision 251)
+++ distinfo	(.../local/squid)	(revision 251)
@@ -1,50 +1,2 @@
-MD5 (squid2.5/squid-2.5.STABLE6.tar.bz2) = 7fd964ac27b43b613d6b981cc702a29e
-SIZE (squid2.5/squid-2.5.STABLE6.tar.bz2) = 1047199
-MD5 (squid2.5/squid-2.5.STABLE6-ufs_no_valid_dir.patch) = 26a4ab522a2469f805f746bcdbe0109c
-SIZE (squid2.5/squid-2.5.STABLE6-ufs_no_valid_dir.patch) = 566
-MD5 (squid2.5/squid-2.5.STABLE6-ldap_helpers.patch) = fb7684fa6c797404f46c8ef86122848a
-SIZE (squid2.5/squid-2.5.STABLE6-ldap_helpers.patch) = 25444
-MD5 (squid2.5/squid-2.5.STABLE6-concurrent_dns_lookups.patch) = b485488ef0031f26902bb94f55a3a2ed
-SIZE (squid2.5/squid-2.5.STABLE6-concurrent_dns_lookups.patch) = 6461
-MD5 (squid2.5/squid-2.5.STABLE6-request_header_max_size.patch) = 1900043f6b73aa8a3cbd5004633a6c5c
-SIZE (squid2.5/squid-2.5.STABLE6-request_header_max_size.patch) = 765
-MD5 (squid2.5/squid-2.5.STABLE6-partial_hit_is_miss.patch) = 9ce8322cf6c48dc02a7a51d039489143
-SIZE (squid2.5/squid-2.5.STABLE6-partial_hit_is_miss.patch) = 747
-MD5 (squid2.5/squid-2.5.STABLE6-HEAD.patch) = 929fe3d48046a7d17c0aa314befd8f7c
-SIZE (squid2.5/squid-2.5.STABLE6-HEAD.patch) = 895
-MD5 (squid2.5/squid-2.5.STABLE6-ufs_create_error.patch) = 63b5693268cbba233a442b345e5769bb
-SIZE (squid2.5/squid-2.5.STABLE6-ufs_create_error.patch) = 847
-MD5 (squid2.5/squid-2.5.STABLE6-basic_auth_caseinsensitive.patch) = eb6f28d6d572c8cf996619aea925a1b6
-SIZE (squid2.5/squid-2.5.STABLE6-basic_auth_caseinsensitive.patch) = 2337
-MD5 (squid2.5/squid-2.5.STABLE6-active_requests_delaypool.patch) = f465bdbbadd83dee417aafeb974a9248
-SIZE (squid2.5/squid-2.5.STABLE6-active_requests_delaypool.patch) = 500
-MD5 (squid2.5/squid-2.5.STABLE6-client_db_gc.patch) = 772a2ed149b89a1addf70cd1dd5def3c
-SIZE (squid2.5/squid-2.5.STABLE6-client_db_gc.patch) = 3828
-MD5 (squid2.5/squid-2.5.STABLE6-ntlmtruncated.patch) = c77b3c10fc5d5c9d34ccf41f7623a0fe
-SIZE (squid2.5/squid-2.5.STABLE6-ntlmtruncated.patch) = 4383
-MD5 (squid2.5/squid-2.5.STABLE6-grammar.patch) = 963208de03349b6fa143bc099524699c
-SIZE (squid2.5/squid-2.5.STABLE6-grammar.patch) = 50267
-MD5 (squid2.5/squid-2.5.STABLE6-errorpage_quote.patch) = b9f329cdf98c7c5a048cdadc32d6874d
-SIZE (squid2.5/squid-2.5.STABLE6-errorpage_quote.patch) = 377
-MD5 (squid2.5/squid-2.5.STABLE6-heap_segfault.patch) = c82d9f3972419833b757c0c116c216f8
-SIZE (squid2.5/squid-2.5.STABLE6-heap_segfault.patch) = 867
-MD5 (squid2.5/squid-2.5.STABLE6-initgroups.patch) = 5cd7eb8451754166f543d84c7a9ba6dc
-SIZE (squid2.5/squid-2.5.STABLE6-initgroups.patch) = 11060
-MD5 (squid2.5/squid-2.5.STABLE6-external_acl_newlines.patch) = 0e01c58db5545e1b7273d2d244171642
-SIZE (squid2.5/squid-2.5.STABLE6-external_acl_newlines.patch) = 4965
-MD5 (squid2.5/squid-2.5.STABLE6-ntlm_fetch_string.patch) = dbf1826522c14dc64c0c37430bb27b2e
-SIZE (squid2.5/squid-2.5.STABLE6-ntlm_fetch_string.patch) = 1606
-MD5 (squid2.5/squid-2.5.STABLE6-ntlm_noreuse_leak.patch) = 6053338662140e9514afd4c3d158590d
-SIZE (squid2.5/squid-2.5.STABLE6-ntlm_noreuse_leak.patch) = 3646
-MD5 (squid2.5/squid-2.5.STABLE6-ntlm_challengereuse_leak.patch) = d6bdb1500f947b5aa67c23561f941ddf
-SIZE (squid2.5/squid-2.5.STABLE6-ntlm_challengereuse_leak.patch) = 13473
-MD5 (squid2.5/squid-2.5.STABLE6-rotate_error.patch) = e842e11bd987d56e49df020a17fb1ad9
-SIZE (squid2.5/squid-2.5.STABLE6-rotate_error.patch) = 2238
-MD5 (squid2.5/squid-2.5.STABLE6-digest_crash.patch) = b0e5a15164ac7f14682bc200f2efd6c9
-SIZE (squid2.5/squid-2.5.STABLE6-digest_crash.patch) = 1250
-MD5 (squid2.5/squid-2.5.STABLE6-acl_times.patch) = 91c69f9a5cebd5d84a4eee63ea10be99
-SIZE (squid2.5/squid-2.5.STABLE6-acl_times.patch) = 3047
-MD5 (squid2.5/squid-2.5.STABLE6-http_header_range.patch) = 83b25961601597375682afde86ce23a8
-SIZE (squid2.5/squid-2.5.STABLE6-http_header_range.patch) = 616
-MD5 (squid2.5/squid-2.5.STABLE6-Content-Disposition.patch) = c11ca0bcf406b4240a745fc52b063495
-SIZE (squid2.5/squid-2.5.STABLE6-Content-Disposition.patch) = 1815
+MD5 (squid2.5/squid-2.5.STABLE7.tar.bz2) = bf63e34906c68d716896eec0351108dc
+SIZE (squid2.5/squid-2.5.STABLE7.tar.bz2) = 1051830
Index: files/squid.sh
===================================================================
--- files/squid.sh	(.../www/squid)	(revision 251)
+++ files/squid.sh	(.../local/squid)	(revision 251)
@@ -22,20 +22,28 @@
 # --begin rcng
 extra_commands=reload
 reload_cmd="${command} -k reconfigure"
-restart_cmd=squid_restart
 # --end rcng
-stop_cmd="${command} -k shutdown"
+stop_cmd="squid_stop"
 squid_chdir=${squid_chdir:-%%PREFIX%%/squid/logs}
 squid_enable=${squid_enable:-"NO"}
 squid_flags=${squid_flags-"-D"}
 squid_user=${squid_user:-%%SQUID_UID%%}
 default_config=%%PREFIX%%/etc/squid/squid.conf
 
+# --begin rcold
+squid_stop() {
+	echo -n " ${name}"
+	${command} -k shutdown
+	while ps -xcU ${squid_user} | grep -q squid; do
+		sleep 2
+	done
+}
+
+# --end rcold
 # --begin rcng
-squid_restart() {
-	run_rc_command stop
+squid_stop() {
+	${command} -k shutdown
 	run_rc_command poll
-	run_rc_command start
 }
 
 . %%RC_SUBR%%
@@ -66,14 +74,10 @@
 	;;
 stop)
 	if [ -x "${command}" ]; then
-		echo -n " ${name}"
 		${stop_cmd}
-		while ps -xcU ${squid_user} | grep -q squid; do
-			sleep 2
-		done
 	fi
 	;;
-	*)
+*)
 	echo "usage: ${0##*/} {start|stop}" >&2
 	exit 64
 	;;
Index: files/patch-configure
===================================================================
--- files/patch-configure	(.../www/squid)	(revision 251)
+++ files/patch-configure	(.../local/squid)	(revision 251)
@@ -1,11 +0,0 @@
---- configure.orig	Tue Mar  2 11:29:57 2004
-+++ configure	Tue Mar  2 11:30:34 2004
-@@ -2236,6 +2236,8 @@
- 	    ;;
- 	*-solaris-*)
- 	    ;;
-+	*-freebsd*)
-+	    ;;
- 	*)
- 	    echo "WARNING: ARP ACL support probably won't work on $host."
- 	    sleep 10
Index: pkg-install
===================================================================
--- pkg-install	(.../www/squid)	(revision 251)
+++ pkg-install	(.../local/squid)	(revision 251)
@@ -146,16 +146,19 @@
 	echo "       initialize the cache directory by running \"squid -z\""
 	echo "       as 'root' or '${squid_user}' before starting squid."
 	echo ""
-	echo "     Please note that ${PKG_PREFIX}/etc/rc.d/squid.sh"
-	echo "     will not start squid automatically anymore unless you"
-	echo "     explicitly configured the port not to install an rcNG"
-	echo "     style startup script via 'make config'."
+	echo "     Please note that ${PKG_PREFIX}/etc/rc.d/squid.sh is now"
+	echo "     an rcNG script by default. This means that squid will not"
+	echo "     start automatically at boot time."
 	echo ""
 	echo "     To enable squid, set squid_enable=yes in either"
 	echo "     /etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/squid"
 	echo "     See ${PKG_PREFIX}/etc/rc.d/squid.sh for more"
 	echo "     configuration options."
 	echo ""
+	echo "     If you want to install an old style rc script, run"
+	echo "     'make config' and deselect the option to install an"
+	echo "     rcNG script."
+	echo ""
 	;;
 *)
 	exit 64
Index: Makefile
===================================================================
--- Makefile	(.../www/squid)	(revision 251)
+++ Makefile	(.../local/squid)	(revision 251)
@@ -73,8 +73,7 @@
 #     about how to do transparent proxying with ipfw)
 
 PORTNAME=	squid
-PORTVERSION=	2.5.6
-PORTREVISION=	12
+PORTVERSION=	2.5.7
 CATEGORIES=	www
 MASTER_SITES=	\
 		ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \
@@ -83,35 +82,10 @@
 		ftp://ftp.leo.org/pub/comp/general/infosys/www/servers/squid/%SUBDIR%/ \
 		${MASTER_SITE_RINGSERVER:S,%SUBDIR%,net/www/squid/&,}
 MASTER_SITE_SUBDIR=	squid-2/STABLE
-DISTNAME=	squid-2.5.STABLE6
+DISTNAME=	squid-2.5.STABLE7
 DIST_SUBDIR=	squid2.5
 
 PATCH_SITES=	http://www.squid-cache.org/Versions/v2/2.5/bugs/
-PATCHFILES=	squid-2.5.STABLE6-ufs_no_valid_dir.patch \
-		squid-2.5.STABLE6-ldap_helpers.patch \
-		squid-2.5.STABLE6-concurrent_dns_lookups.patch \
-		squid-2.5.STABLE6-request_header_max_size.patch \
-		squid-2.5.STABLE6-partial_hit_is_miss.patch \
-		squid-2.5.STABLE6-HEAD.patch \
-		squid-2.5.STABLE6-ufs_create_error.patch \
-		squid-2.5.STABLE6-basic_auth_caseinsensitive.patch \
-		squid-2.5.STABLE6-active_requests_delaypool.patch \
-		squid-2.5.STABLE6-client_db_gc.patch \
-		squid-2.5.STABLE6-ntlmtruncated.patch \
-		squid-2.5.STABLE6-grammar.patch \
-		squid-2.5.STABLE6-errorpage_quote.patch \
-		squid-2.5.STABLE6-heap_segfault.patch \
-		squid-2.5.STABLE6-initgroups.patch \
-		squid-2.5.STABLE6-external_acl_newlines.patch \
-		squid-2.5.STABLE6-ntlm_fetch_string.patch \
-		squid-2.5.STABLE6-ntlm_noreuse_leak.patch \
-		squid-2.5.STABLE6-ntlm_challengereuse_leak.patch \
-		squid-2.5.STABLE6-rotate_error.patch \
-		squid-2.5.STABLE6-digest_crash.patch \
-		squid-2.5.STABLE6-acl_times.patch \
-		squid-2.5.STABLE6-http_header_range.patch \
-		squid-2.5.STABLE6-Content-Disposition.patch
-PATCH_DIST_STRIP=	-p1
 
 MAINTAINER=	tmseck at netcologne.de
 COMMENT=	The successful WWW proxy cache and accelerator
@@ -302,6 +276,7 @@
 .endif
 .if defined(WITH_SQUID_STACKTRACES)
 CONFIGURE_ARGS+=	--enable-stacktraces
+STRIP=			""
 .endif
 .if !defined(WITHOUT_SQUID_RCNG)
 USE_RC_SUBR=	yes
	


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list