Fix the patch that simulates the autotools bootstrap for the

follow-xff-patchset (thanks to Michael Ranner for spotting the
problem and testing the fix). While at it, wordsmith the
comments in the patch.

Use the official patch for the NTLM auth helper vulnerability,
see <http://www.squid-cache.org/Versions/v2/2.5/bugs/> for
details.

Build install the SMB basic authentication helpers by default

PR:		ports/68448
Submitted by:	maintainer

4 files changed, 24 insertions, 86 deletions

diff --git a/www/squid30/Makefile b/www/squid30/Makefile
index c01bb810d8ea..a168b219b975 100644
--- a/www/squid30/Makefile
+++ b/www/squid30/Makefile
@@ -29,7 +29,7 @@
 
 PORTNAME=	squid
 PORTVERSION=	2.5.5
-PORTREVISION=	11
+PORTREVISION=	12
 CATEGORIES=	www
 MASTER_SITES=	\
 		ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \
@@ -65,7 +65,8 @@ PATCHFILES=	squid-2.5.STABLE5-ntlm_assert.patch \
 		squid-2.5.STABLE5-dns_localhost.patch \
 		squid-2.5.STABLE5-msnt_auth_doc.patch \
 		squid-2.5.STABLE5-CONNECT_log_size.patch \
-		squid-2.5.STABLE5-proxy_abuse.patch
+		squid-2.5.STABLE5-proxy_abuse.patch \
+		squid-2.5.STABLE5-ntlm_auth_overflow.patch
 PATCH_DIST_STRIP=	-p1
 
 MAINTAINER=	tmseck@netcologne.de
@@ -123,7 +124,7 @@ CONFIGURE_ARGS=	--bindir=${PREFIX}/sbin  --sysconfdir=${PREFIX}/etc/squid \
 
 # Authentication methods and modules:
 
-basic_auth=	NCSA PAM YP MSNT winbind
+basic_auth=	NCSA PAM YP MSNT SMB winbind
 external_acl=	ip_user unix_group wbinfo_group winbind_group
 MAN8+=		pam_auth.8 squid_unix_group.8
 .if defined(WITH_SQUID_LDAP_AUTH)
diff --git a/www/squid30/distinfo b/www/squid30/distinfo
index 98d0c1344ded..9f798808315e 100644
--- a/www/squid30/distinfo
+++ b/www/squid30/distinfo
@@ -48,3 +48,5 @@ MD5 (squid2.5/squid-2.5.STABLE5-CONNECT_log_size.patch) = 9bc3c39ca19ae2a4922d4a
 SIZE (squid2.5/squid-2.5.STABLE5-CONNECT_log_size.patch) = 2011
 MD5 (squid2.5/squid-2.5.STABLE5-proxy_abuse.patch) = 8b169a288a0491a760f4d04c4f5eab21
 SIZE (squid2.5/squid-2.5.STABLE5-proxy_abuse.patch) = 761
+MD5 (squid2.5/squid-2.5.STABLE5-ntlm_auth_overflow.patch) = 30c7c5e2ba03655dbde9d3e65409baed
+SIZE (squid2.5/squid-2.5.STABLE5-ntlm_auth_overflow.patch) = 3198
diff --git a/www/squid30/files/follow_xff-configure.patch b/www/squid30/files/follow_xff-configure.patch
index a0920813868d..0cf30da6c147 100644
--- a/www/squid30/files/follow_xff-configure.patch
+++ b/www/squid30/files/follow_xff-configure.patch
@@ -1,10 +1,23 @@
-!Patch configure directly to enable testing for the
-!--enable-follow-x-forwarding-for configuration option
-!instead of running configure.in through autoconf as in the
-!original follow-XFF patchset from devel.squid-cache.org.
+!Simulate the autotools bootstrap of the follow-x-forwarded-for patchset.
+!
 !Beware that all line number informations in configure.log greater
-!than 2972 are offset by -29 (correcting all line numbers would have
+!than 2972 are offset by at least -29 (correcting all line numbers would have
 !bloated the patch by 92kB!)
+--- include/autoconf.h.in.orig	Sat Jan 18 02:46:11 2003
++++ include/autoconf.h.in	Thu Jun 24 13:19:07 2004
+@@ -291,6 +291,12 @@
+ #define USE_IDENT 1
+ 
+ /*
++ * Compile in support for following X-Forwarded-For headers?
++ * Enabled by default.
++ */
++#define FOLLOW_X_FORWARDED_FOR 1
++
++/*
+  * If your system has statvfs(), and if it actually works!
+  */
+ #undef HAVE_STATVFS
 --- configure.orig	Tue Mar  2 10:18:14 2004
 +++ configure	Tue Mar  2 10:18:56 2004
 @@ -222,6 +222,12 @@
diff --git a/www/squid30/files/patch-helpers-ntlm_auth-SMB-libntlmssp.c b/www/squid30/files/patch-helpers-ntlm_auth-SMB-libntlmssp.c
deleted file mode 100644
index 54eeeb6bcdeb..000000000000
--- a/www/squid30/files/patch-helpers-ntlm_auth-SMB-libntlmssp.c
+++ /dev/null
@@ -1,78 +0,0 @@
-This patch fixes a buffer overflow vulnerability in the NTLM auth
-helper which was reported by iDefense on the 07th June 2004.
-Original advisory:
-<http://www.idefense.com/application/poi/display?id=107&type=vulnerabilities&flashstatus=false>
-CVE-ID: CAN-2004-0541
-Patch and correction obtained from:
-<http://www.squid-cache.org/~wessels/patch/libntlmssp.c.patch>
-<http://www.squid-cache.org/bugs/show_bug.cgi?id=998>
-
---- helpers/ntlm_auth/SMB/libntlmssp.c.orig	Fri Nov 30 10:50:06 2001
-+++ helpers/ntlm_auth/SMB/libntlmssp.c	Fri Jun 18 13:17:35 2004
-@@ -161,7 +161,10 @@ make_challenge(char *domain, char *domai
- #define min(A,B) (A<B?A:B)
- 
- int ntlm_errno;
--static char credentials[1024];	/* we can afford to waste */
-+#define MAX_USERNAME_LEN 255
-+#define MAX_DOMAIN_LEN 255
-+#define MAX_PASSWD_LEN 31
-+static char credentials[MAX_USERNAME_LEN+MAX_DOMAIN_LEN+2];	/* we can afford to waste */
- 
- 
- /* Fetches the user's credentials from the challenge.
-@@ -197,7 +200,7 @@ char *
- ntlm_check_auth(ntlm_authenticate * auth, int auth_length)
- {
-     int rv;
--    char pass[25] /*, encrypted_pass[40] */;
-+    char pass[MAX_PASSWD_LEN+1];
-     char *domain = credentials;
-     char *user;
-     lstring tmp;
-@@ -215,6 +218,11 @@ ntlm_check_auth(ntlm_authenticate * auth
- 	ntlm_errno = NTLM_LOGON_ERROR;
- 	return NULL;
-     }
-+    if (tmp.l > MAX_DOMAIN_LEN) {
-+	debug("Domain string exceeds %d bytes, rejecting\n", MAX_DOMAIN_LEN);
-+	ntlm_errno = NTLM_LOGON_ERROR;
-+	return NULL;
-+    }
-     memcpy(domain, tmp.str, tmp.l);
-     user = domain + tmp.l;
-     *user++ = '\0';
-@@ -226,20 +234,30 @@ ntlm_check_auth(ntlm_authenticate * auth
- 	ntlm_errno = NTLM_LOGON_ERROR;
- 	return NULL;
-     }
-+    if (tmp.l > MAX_USERNAME_LEN) {
-+	debug("Username string exceeds %d bytes, rejecting\n", MAX_USERNAME_LEN);
-+	ntlm_errno = NTLM_LOGON_ERROR;
-+	return NULL;
-+    }
-     memcpy(user, tmp.str, tmp.l);
-     *(user + tmp.l) = '\0';
- 
- 		
--		/* Authenticating against the NT response doesn't seem to work... */
-+    /* Authenticating against the NT response doesn't seem to work... */
-     tmp = ntlm_fetch_string((char *) auth, auth_length, &auth->lmresponse);
-     if (tmp.str == NULL || tmp.l == 0) {
- 	fprintf(stderr, "No auth at all. Returning no-auth\n");
- 	ntlm_errno = NTLM_LOGON_ERROR;
- 	return NULL;
-     }
--		
-+    if (tmp.l > MAX_PASSWD_LEN) {
-+	debug("Password string exceeds %d bytes, rejecting\n", MAX_PASSWD_LEN);
-+	ntlm_errno = NTLM_LOGON_ERROR;
-+	return NULL;
-+    }
-+
-     memcpy(pass, tmp.str, tmp.l);
--    pass[25] = '\0';
-+    pass[min(MAX_PASSWD_LEN,tmp.l)] = '\0';
- 
- #if 1
- 		debug ("Empty LM pass detection: user: '%s', ours:'%s', his: '%s'"