diff options
author | krion <krion@FreeBSD.org> | 2004-06-18 19:49:44 +0800 |
---|---|---|
committer | krion <krion@FreeBSD.org> | 2004-06-18 19:49:44 +0800 |
commit | bed969b791cbd1085d59a0a7baa4d21b82adbbdc (patch) | |
tree | 86c90ca0b2c8aad06008a5a972798a1b35a1c97d /www/squid | |
parent | a77f00e9f54645459d83be870e68f16a0c82c786 (diff) | |
download | freebsd-ports-graphics-bed969b791cbd1085d59a0a7baa4d21b82adbbdc.tar.gz freebsd-ports-graphics-bed969b791cbd1085d59a0a7baa4d21b82adbbdc.tar.zst freebsd-ports-graphics-bed969b791cbd1085d59a0a7baa4d21b82adbbdc.zip |
Correct the patch for the NTLM helper vulnerability according
to <http://www.squid-cache.org/bugs/show_bug.cgi?id=998>
Apply some cleanups:
+ prefer PATCHDIR over FILEDIR when referring patches
+ remove unnecessary quotes
+ move all substitution tasks to the post-patch target
+ use "${FALSE}" instead of "exit 1" to generate error 1 from a shell
Bump PORTREVISION
PR: ports/68078
Submitted by: maintainer
Diffstat (limited to 'www/squid')
-rw-r--r-- | www/squid/Makefile | 14 | ||||
-rw-r--r-- | www/squid/files/patch-helpers-ntlm_auth-SMB-libntlmssp.c | 21 |
2 files changed, 12 insertions, 23 deletions
diff --git a/www/squid/Makefile b/www/squid/Makefile index 70f66a13af5..c01bb810d8e 100644 --- a/www/squid/Makefile +++ b/www/squid/Makefile @@ -29,7 +29,7 @@ PORTNAME= squid PORTVERSION= 2.5.5 -PORTREVISION= 10 +PORTREVISION= 11 CATEGORIES= www MASTER_SITES= \ ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \ @@ -218,7 +218,7 @@ CONFIGURE_ARGS+= --enable-pf-transparent .if ${OSVERSION} < 502106 pf_includedir= ${LOCALBASE}/include/pf BUILD_DEPENDS+= ${pf_includedir}/net/pfvar.h:${PORTSDIR}/security/pf -CFLAGS+= "-I${pf_includedir}" +CFLAGS+= -I${pf_includedir} EXTRA_PATCHES+= ${WRKDIR}/pf_from_ports.patch .endif .endif @@ -284,18 +284,16 @@ CONFIGURE_ENV+= CFLAGS="${CFLAGS}" \ pre-patch: # Check whether we need to create the extra patch that makes pf(4) -# visible for squid's configure script: +# visible to squid's configure script: .if defined(pf_includedir) @${SED} -e 's|%%PF_INCLUDEDIR%%|${pf_includedir}|g' \ -e 's|%%PF_AC_INCLUDEPATH%%|${pf_includedir:S,/,_,g}|g' \ - ${FILESDIR}/pf_from_ports.patch.in >${WRKDIR}/pf_from_ports.patch + ${PATCHDIR}/pf_from_ports.patch.in >${WRKDIR}/pf_from_ports.patch .endif post-patch: @${REINPLACE_CMD} -e 's|-lpthread|${PTHREAD_LIBS}|g' ${WRKSRC}/configure @${REINPLACE_CMD} -e 's|/etc|${PREFIX}/etc|g' ${WRKSRC}/doc/squid.8 - -pre-configure: @${REINPLACE_CMD} -e 's|%%SQUID_UID%%|${SQUID_UID}|g' \ -e 's|%%SQUID_GID%%|${SQUID_GID}|g' ${WRKSRC}/src/cf.data.pre @@ -348,10 +346,10 @@ changeuser: .if ${SQUID_UID:L} == nobody @${ECHO_CMD} "'nobody' is a system user, you do not need to execute"; \ ${ECHO_CMD} "this target!" - exit 1 + ${FALSE} .endif @if [ `${ID} -u` -ne 0 ]; \ - then ${ECHO_CMD} "Sorry, you must be root to use this target."; exit 1; fi; \ + then ${ECHO_CMD} "Sorry, you must be root to use this target."; ${FALSE}; fi; \ current_uid=`id -u ${SQUID_UID}`; \ current_gid=`pw groupshow ${SQUID_GID}|cut -f 3 -d :`; \ ${ECHO_CMD} "I will remove this user:"; \ diff --git a/www/squid/files/patch-helpers-ntlm_auth-SMB-libntlmssp.c b/www/squid/files/patch-helpers-ntlm_auth-SMB-libntlmssp.c index 8b91e979a9d..54eeeb6bcde 100644 --- a/www/squid/files/patch-helpers-ntlm_auth-SMB-libntlmssp.c +++ b/www/squid/files/patch-helpers-ntlm_auth-SMB-libntlmssp.c @@ -3,18 +3,12 @@ helper which was reported by iDefense on the 07th June 2004. Original advisory: <http://www.idefense.com/application/poi/display?id=107&type=vulnerabilities&flashstatus=false> CVE-ID: CAN-2004-0541 -Patch obtained from: +Patch and correction obtained from: <http://www.squid-cache.org/~wessels/patch/libntlmssp.c.patch> -The patch was slightly modified by me (tmseck@netcologne.de) to make -it apply cleanly to the FreeBSD port. +<http://www.squid-cache.org/bugs/show_bug.cgi?id=998> -Index: libntlmssp.c -=================================================================== -RCS file: /server/cvs-server/squid/squid/helpers/ntlm_auth/SMB/libntlmssp.c,v -retrieving revision 1.7 -diff -u -3 -p -u -r1.7 libntlmssp.c ---- helpers/ntlm_auth/SMB/libntlmssp.c 30 Nov 2001 09:50:28 -0000 1.7 -+++ helpers/ntlm_auth/SMB/libntlmssp.c 20 May 2004 22:31:33 -0000 +--- helpers/ntlm_auth/SMB/libntlmssp.c.orig Fri Nov 30 10:50:06 2001 ++++ helpers/ntlm_auth/SMB/libntlmssp.c Fri Jun 18 13:17:35 2004 @@ -161,7 +161,10 @@ make_challenge(char *domain, char *domai #define min(A,B) (A<B?A:B) @@ -36,7 +30,7 @@ diff -u -3 -p -u -r1.7 libntlmssp.c char *domain = credentials; char *user; lstring tmp; -@@ -215,8 +218,13 @@ ntlm_check_auth(ntlm_authenticate * auth +@@ -215,6 +218,11 @@ ntlm_check_auth(ntlm_authenticate * auth ntlm_errno = NTLM_LOGON_ERROR; return NULL; } @@ -46,11 +40,8 @@ diff -u -3 -p -u -r1.7 libntlmssp.c + return NULL; + } memcpy(domain, tmp.str, tmp.l); -- user = domain + tmp.l; -+ user = domain + tmp.l + 1; + user = domain + tmp.l; *user++ = '\0'; - - /* debug("fetching user name\n"); */ @@ -226,20 +234,30 @@ ntlm_check_auth(ntlm_authenticate * auth ntlm_errno = NTLM_LOGON_ERROR; return NULL; |