aboutsummaryrefslogtreecommitdiffstats
path: root/www/squid31
diff options
context:
space:
mode:
authorkrion <krion@FreeBSD.org>2004-06-10 23:40:44 +0800
committerkrion <krion@FreeBSD.org>2004-06-10 23:40:44 +0800
commit42bad3fe54c824e861223ef1efa16fee85bd1e94 (patch)
treefd4840126f5ccc25b7217724ea8a978eb4d89216 /www/squid31
parent52cacacfecf16f635e4a07d5ad01a1410ec152f2 (diff)
downloadfreebsd-ports-gnome-42bad3fe54c824e861223ef1efa16fee85bd1e94.tar.gz
freebsd-ports-gnome-42bad3fe54c824e861223ef1efa16fee85bd1e94.tar.zst
freebsd-ports-gnome-42bad3fe54c824e861223ef1efa16fee85bd1e94.zip
- Support systems where pf(4) must be installed from ports (see
ports/67724, submitted by Michal F. Hanula) - Change ": foo=${foo:=bar}" into "foo=${foo:-bar}" to make the shell scripts easier to read and understand - Correct credits for the recently published NTLM auth vulnerability and fix a nearby braino, too - Bump PORTREVISION PR: ports/67797 Submitted by: maintainer
Diffstat (limited to 'www/squid31')
-rw-r--r--www/squid31/Makefile22
-rw-r--r--www/squid31/files/patch-helpers-ntlm_auth-SMB-libntlmssp.c4
-rw-r--r--www/squid31/files/pf_from_ports.patch.in20
-rw-r--r--www/squid31/files/squid.sh6
-rw-r--r--www/squid31/pkg-install4
5 files changed, 42 insertions, 14 deletions
diff --git a/www/squid31/Makefile b/www/squid31/Makefile
index 8bc9b0833d32..70f66a13af59 100644
--- a/www/squid31/Makefile
+++ b/www/squid31/Makefile
@@ -29,7 +29,7 @@
PORTNAME= squid
PORTVERSION= 2.5.5
-PORTREVISION= 9
+PORTREVISION= 10
CATEGORIES= www
MASTER_SITES= \
ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \
@@ -214,13 +214,12 @@ CONFIGURE_ARGS+= --enable-useragent-log
CONFIGURE_ARGS+= --enable-arp-acl
.endif
.if defined(WITH_SQUID_PF)
-.if ${OSVERSION} >= 502106
-# This will work only systems where PF is part of the base system for now.
-# If someone is eager to teach squid's configure script how to pick up the pf
-# port on 5.[0-2] systems instead, go on, I will integrate your patch.
CONFIGURE_ARGS+= --enable-pf-transparent
-.else
-IGNORE= WITH_SQUID_PF only works on systems where pf is part of the base system.
+.if ${OSVERSION} < 502106
+pf_includedir= ${LOCALBASE}/include/pf
+BUILD_DEPENDS+= ${pf_includedir}/net/pfvar.h:${PORTSDIR}/security/pf
+CFLAGS+= "-I${pf_includedir}"
+EXTRA_PATCHES+= ${WRKDIR}/pf_from_ports.patch
.endif
.endif
.if defined(WITH_SQUID_FOLLOW_XFF)
@@ -283,6 +282,15 @@ CONFIGURE_ARGS+= ${SQUID_CONFIGURE_ARGS}
CONFIGURE_ENV+= CFLAGS="${CFLAGS}" \
LDFLAGS="${LDFLAGS}"
+pre-patch:
+# Check whether we need to create the extra patch that makes pf(4)
+# visible for squid's configure script:
+.if defined(pf_includedir)
+ @${SED} -e 's|%%PF_INCLUDEDIR%%|${pf_includedir}|g' \
+ -e 's|%%PF_AC_INCLUDEPATH%%|${pf_includedir:S,/,_,g}|g' \
+ ${FILESDIR}/pf_from_ports.patch.in >${WRKDIR}/pf_from_ports.patch
+.endif
+
post-patch:
@${REINPLACE_CMD} -e 's|-lpthread|${PTHREAD_LIBS}|g' ${WRKSRC}/configure
@${REINPLACE_CMD} -e 's|/etc|${PREFIX}/etc|g' ${WRKSRC}/doc/squid.8
diff --git a/www/squid31/files/patch-helpers-ntlm_auth-SMB-libntlmssp.c b/www/squid31/files/patch-helpers-ntlm_auth-SMB-libntlmssp.c
index c837e41da5d3..8b91e979a9d2 100644
--- a/www/squid31/files/patch-helpers-ntlm_auth-SMB-libntlmssp.c
+++ b/www/squid31/files/patch-helpers-ntlm_auth-SMB-libntlmssp.c
@@ -1,11 +1,11 @@
This patch fixes a buffer overflow vulnerability in the NTLM auth
-helper which was reported by Stefan Esser on the 07th June 2004.
+helper which was reported by iDefense on the 07th June 2004.
Original advisory:
<http://www.idefense.com/application/poi/display?id=107&type=vulnerabilities&flashstatus=false>
CVE-ID: CAN-2004-0541
Patch obtained from:
<http://www.squid-cache.org/~wessels/patch/libntlmssp.c.patch>
-The patch was slightly modified by the me (tmseck@netcologne.de) to make
+The patch was slightly modified by me (tmseck@netcologne.de) to make
it apply cleanly to the FreeBSD port.
Index: libntlmssp.c
diff --git a/www/squid31/files/pf_from_ports.patch.in b/www/squid31/files/pf_from_ports.patch.in
new file mode 100644
index 000000000000..dd0617e41500
--- /dev/null
+++ b/www/squid31/files/pf_from_ports.patch.in
@@ -0,0 +1,20 @@
+--- configure.orig Thu Jun 10 12:22:06 2004
++++ configure Thu Jun 10 13:31:53 2004
+@@ -3781,7 +3781,7 @@
+ memory.h \
+ mount.h \
+ net/if.h \
+- net/pfvar.h \
++ %%PF_INCLUDEDIR%%/net/pfvar.h \
+ netdb.h \
+ netinet/if_ether.h \
+ netinet/in.h \
+@@ -7604,7 +7604,7 @@
+ echo $ac_n "checking if PF header file is installed""... $ac_c" 1>&6
+ echo "configure:7606: checking if PF header file is installed" >&5
+ # hold on to your hats...
+- if test "$ac_cv_header_net_pfvar_h" = "yes"; then
++ if test "$ac_cv_header_%%PF_AC_INCLUDEPATH%%_net_pfvar_h" = "yes"; then
+ PF_TRANSPARENT="yes"
+ cat >> confdefs.h <<\EOF
+ #define PF_TRANSPARENT 1
diff --git a/www/squid31/files/squid.sh b/www/squid31/files/squid.sh
index 73fb0504db7a..4102d27fbc11 100644
--- a/www/squid31/files/squid.sh
+++ b/www/squid31/files/squid.sh
@@ -20,9 +20,9 @@ command=%%PREFIX%%/sbin/squid
extra_commands=reload
reload_cmd="${command} -k reconfigure"
stop_cmd="${command} -k shutdown"
-: ${squid_chdir:=%%PREFIX%%/squid/logs}
-: ${squid_user:=%%SQUID_UID%%}
-: ${squid_flags:="-D"}
+squid_chdir=${squid_chdir:-%%PREFIX%%/squid/logs}
+squid_user=${squid_user:-%%SQUID_UID%%}
+squid_flags=${squid_flags:-"-D"}
default_config=%%PREFIX%%/etc/squid/squid.conf
if [ -f /etc/rc.subr ]; then
diff --git a/www/squid31/pkg-install b/www/squid31/pkg-install
index c8eecd888d70..bbb7d0c9eafb 100644
--- a/www/squid31/pkg-install
+++ b/www/squid31/pkg-install
@@ -12,8 +12,8 @@ if [ -x /usr/sbin/nologin ]; then
else
nologin=/sbin/nologin
fi
-: ${squid_user:=squid}
-: ${squid_group:=squid}
+squid_user=${squid_user:-squid}
+squid_group=${squid_group:-squid}
squid_gid=100
squid_uid=100
# Try to catch the case where the $squid_user might have been created with an