ports/176951: www/squid32 failed to start because of hard-coded acl with ::1

Thu Mar 14 08:40:01 UTC 2013

>Number:         176951
>Category:       ports
>Synopsis:       www/squid32 failed to start because of hard-coded acl with ::1
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Thu Mar 14 08:40:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator:     Oleg Strizhak
>Release:        8.3, 9.x
>Organization:
>Environment:
FreeBSD XXX 8.3-RELEASE-p6 FreeBSD 8.3-RELEASE-p6 #0: Wed Mar 13 21:33:49 MSK 2013     support_ at yyy.pcbtech.ru:/usr/obj/usr/src/sys/ZZZ  i386
>Description:
lately I discovered a bug in squid 3.2 config, that leads to the following errors if it tries to start:

> aclIpParseIpData: Bad host/IP: '::1' in '::1', flags=0 : (8) hostname nor servname provided, or not known
> FATAL: Bungled Default Configuration line 6: acl localhost src 127.0.0.1/32 ::1
> Squid Cache (Version 3.2.8): Terminated abnormally.
> CPU Usage: 0.036 seconds = 0.036 user + 0.000 sys
> Maximum Resident Size: 9964 KB
> Page faults with physical i/o: 0
> /usr/local/etc/rc.d/squid: WARNING: failed to start squid

I've made a simple patch, and ask you to consider its addition into the official ports tree. The patch file inself (to be placed in files/ dir) + diff for Makefile are attached. 
>How-To-Repeat:
just recompile and restart squid on the host with disabled in kernel IPV6. There'are reports that error occured even if IPV6 is not initialized, but I don't know it exactly because I'm usually disabling it in my custom kernels.
>Fix:
place attached file in /usr/ports/www/squid32/files/ subfolder + patch the Makefile in the following way:

--- Makefile    2013-03-14 11:47:37.000000000 +0400
+++ Makefile.orig       2013-03-07 17:01:18.000000000 +0400
@@ -363,7 +363,6 @@

 .if empty(PORT_OPTIONS:MIPV6) || defined(WITHOUT_IPV6)
 CONFIGURE_ARGS+=       --disable-ipv6
-EXTRA_PATCHES+=                ${PATCHDIR}/extra-patch-src-cf.data.ipv6
 .endif
 .if ${PORT_OPTIONS:MDELAY_POOLS}
 CONFIGURE_ARGS+=       --enable-delay-pools

Patch attached with submission follows:

--- src/cf.data.pre.orig.ipv6     2013-03-02 05:46:03.000000000 +0400
+++ src/cf.data.pre   2013-03-14 11:43:37.915710501 +0400
@@ -733,8 +733,8 @@
 LOC: Config.aclList
 DEFAULT: all src all
 DEFAULT: manager url_regex -i ^cache_object:// +i ^https?://[^/]+/squid-internal-mgr/
-DEFAULT: localhost src 127.0.0.1/32 ::1
-DEFAULT: to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
+DEFAULT: localhost src 127.0.0.1/32
+DEFAULT: to_localhost dst 127.0.0.0/8 0.0.0.0/32
 DEFAULT_DOC: ACLs all, manager, localhost, and to_localhost are predefined.
 DOC_START
        Defining an Access List


>Release-Note:
>Audit-Trail:
>Unformatted:
