Pullup ticket #4711 - requested by taca

www/squid3: security update Revisions pulled up: - www/squid3/Makefile 1.45 - www/squid3/distinfo 1.32 - www/squid3/options.mk 1.16 - www/squid3/patches/patch-configure 1.6 --- Module Name: pkgsrc Committed By: adam Date: Mon May 4 09:13:35 UTC 2015 Modified Files: pkgsrc/www/squid3: Makefile distinfo options.mk pkgsrc/www/squid3/patches: patch-configure Log Message: Changes 3.5.4: * Fix X509 server certificate domain matching * Bug 3775: Disable HTTP/1.1 pipeline feature for pinned connections * Cleanup: Display correct error code in debugging output for IoCallback::finish * Cleanup: Fix spelling error in debug message in parseHttpRequest() * Cleanup: Add whitespace to make debug message in writeComplete() more readable * Add Kerberos support for MAC OS X 10.x * Bug 4234: comm_connect_addr uses errno incorrectly * Fix 'access_log none' to prevent following logs being used * Unexpected SQUID_X509_V_ERR_DOMAIN_MISMATCH errors while accessing sites with valid certificates * Docs: Update CONTRIBUTORS * Ensure class Lock counter remains within bounds * Portability: Add hacks to define C++11 explicit N-bit type limits * Fix SSL_get_peer_certificate memory leak * Bug 4231 pt2: comm_open_uds does not provide description for newly opened FD * Bug 4231 pt1: fd_open() not correctly handling empty descriptions * Negotiate Kerberos authentication request size exceeds output buffer size. * Do not increment an iterator invalidated by std::map::erase(). * Fix require-proxy-header preventing HTTPS proxying and ssl-bump * Fix atomics check broken by C++11 #include added in v3.5 branch r13783 * Support for resuming TLS sessions * Bug 4212: ssl_crtd crashes with corrupt database * Fix rev.13795 ServerName class * Add server_name ACL matching server name(s) obtained from various sources * Bug 4226: digest_edirectory_auth: found but cannot be built * Invalid request->clientConnectionManager object used by Ssl::PeerConnector::handleNegotiateError * Bug 4198: assertion failed: client_side.h:364: "sslServerBump == srvBump" * Fix cross-compile issues with SSL_get_certificate() * Docs: RFC 7238 obsoleted by RFC 7538 * Boilerplate: reference Translator copyrights in CREDITS * Cleanup: Place explicit size on ref-count lock counter * Cleanup: extend SBuf debugging information * digest_edirectory_auth: Fix -lnettle dependency error
author: tron <tron@pkgsrc.org> 2015-05-11 19:42:27 +0000
committer: tron <tron@pkgsrc.org> 2015-05-11 19:42:27 +0000
commit: 93c40df7b121b09edfeadb23c41f778f70347cf7 (patch)
tree: 3518c861e5448f906bbfc5be5637c8a7fa87032f
parent: 194c720213cfe286b662904e0590ed08d31a9239 (diff)
download: pkgsrc-93c40df7b121b09edfeadb23c41f778f70347cf7.tar.gz
4 files changed, 17 insertions, 34 deletions
diff --git a/www/squid3/Makefile b/www/squid3/Makefile
index 5d5e1e287f6..07dbf8d0468 100644
--- a/www/squid3/Makefile
+++ b/www/squid3/Makefile
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.44 2015/02/19 01:10:23 taca Exp $
+# $NetBSD: Makefile,v 1.44.2.1 2015/05/11 19:42:27 tron Exp $
 
-DISTNAME=	squid-3.5.2
+DISTNAME=	squid-3.5.4
 CATEGORIES=	www
 MASTER_SITES=	http://www.squid-cache.org/Versions/v3/${PKGVERSION_NOREV:R}/ \
 		ftp://ftp.squid-cache.org/pub/squid/ \
diff --git a/www/squid3/distinfo b/www/squid3/distinfo
index 49cd6a01135..cd1b259e841 100644
--- a/www/squid3/distinfo
+++ b/www/squid3/distinfo
@@ -1,10 +1,10 @@
-$NetBSD: distinfo,v 1.31 2015/02/19 01:10:23 taca Exp $
+$NetBSD: distinfo,v 1.31.2.1 2015/05/11 19:42:27 tron Exp $
 
-SHA1 (squid-3.5.2.tar.xz) = 9c546d72df741c9ddaa6da87baa2112503bcbb45
-RMD160 (squid-3.5.2.tar.xz) = 57d93f15987adea3789219d633d9d9e7b1dc8b63
-Size (squid-3.5.2.tar.xz) = 2282116 bytes
+SHA1 (squid-3.5.4.tar.xz) = 71a04a5f7c4c38464a8a08ae1089c47abcea0e49
+RMD160 (squid-3.5.4.tar.xz) = 3bf031032aa131ebb58c859d56740e29e7a290a9
+Size (squid-3.5.4.tar.xz) = 2289772 bytes
 SHA1 (patch-compat_compat.h) = d6cd93fa7a6d0faad3bf1aca8ae4fa5c984fe288
-SHA1 (patch-configure) = 2e9b7570bfc58285c5288075af35a283852c7492
+SHA1 (patch-configure) = 4e658ac4722695f52412f77e168f31a2f523bb1b
 SHA1 (patch-errors_Makefile.in) = afbac822ac84d5e1734d55fc625e949ae0b85289
 SHA1 (patch-src_Makefile.in) = 7233a92a4f6ecc06d88e125f08f7413e0741f3b6
 SHA1 (patch-src_SquidNew.cc) = eef6e72e168cf7f40518fab13dc2f55ed0268db9
diff --git a/www/squid3/options.mk b/www/squid3/options.mk
index 53871ea8f6f..c7824ed5b1c 100644
--- a/www/squid3/options.mk
+++ b/www/squid3/options.mk
@@ -1,4 +1,4 @@
-# $NetBSD: options.mk,v 1.15 2015/01/22 09:32:49 obache Exp $
+# $NetBSD: options.mk,v 1.15.2.1 2015/05/11 19:42:27 tron Exp $
 
 PKG_OPTIONS_VAR=	PKG_OPTIONS.squid
 PKG_SUPPORTED_OPTIONS=	inet6 snmp ssl squid-backend-aufs squid-backend-diskd \
@@ -11,7 +11,7 @@ PKG_OPTIONS_LEGACY_OPTS+=	diskd:squid-backend-diskd \
 	arp-acl:squid-arp-acl pam-helper:squid-pam-helper carp:squid-carp
 
 PLIST_VARS+=	diskd snmp unlinkd
-PLIST_VARS+=	ba_LDAP ba_NCSA ba_NIS ba_PAM ba_getpwnam
+PLIST_VARS+=	ba_LDAP ba_NCSA ba_PAM ba_getpwnam
 PLIST_VARS+=	da_file da_LDAP
 PLIST_VARS+=	na_sml_lm
 PLIST_VARS+=	ta_kerberos
@@ -59,7 +59,8 @@ PKG_SUPPORTED_OPTIONS+=	squid-arp-acl
 .include "../../mk/bsd.options.mk"
 
 SQUID_BACKENDS?=		ufs
-SQUID_BASIC_AUTH_HELPERS?=	NCSA NIS getpwnam
+# Note: NIS helper cannot be build; it requires crypt.h header file.
+SQUID_BASIC_AUTH_HELPERS?=	NCSA getpwnam
 SQUID_DIGEST_AUTH_HELPERS?=	file
 SQUID_NTLM_AUTH_HELPERS?=	fake smb_lm
 SQUID_EXTERNAL_ACL_HELPERS?=	file_userip unix_group
diff --git a/www/squid3/patches/patch-configure b/www/squid3/patches/patch-configure
index 86016594650..c18283c713c 100644
--- a/www/squid3/patches/patch-configure
+++ b/www/squid3/patches/patch-configure
@@ -1,28 +1,10 @@
-$NetBSD: patch-configure,v 1.5 2015/01/22 11:38:58 obache Exp $
+$NetBSD: patch-configure,v 1.5.2.1 2015/05/11 19:42:27 tron Exp $
 
-* int64_t GNU atomic operations are used, check them instead.
 * Portability fix.
 
---- configure.orig	2015-01-13 12:54:26.000000000 +0000
+--- configure.orig	2015-05-01 11:29:25.000000000 +0000
 +++ configure
-@@ -20128,8 +20128,14 @@ $as_echo "cross-compiler cant tell" >&6;
- else
-   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
- /* end confdefs.h.  */
--
--    int n = 0;
-+$ac_includes_default
-+#ifdef HAVE_INTTYPES_H
-+# include <inttypes.h>
-+#endif
-+#ifdef HAVE_STDINT_H
-+# include <stdint.h>
-+#endif
-+    int64_t n = 0;
- 
- int
- main ()
-@@ -32600,7 +32606,7 @@ done
+@@ -32733,7 +32733,7 @@ done
  ## Please see the COPYING and CONTRIBUTORS files for details.
  ##
  
@@ -31,12 +13,12 @@ $NetBSD: patch-configure,v 1.5 2015/01/22 11:38:58 obache Exp $
    BUILD_HELPER="kerberos"
  fi
  
-@@ -33141,7 +33147,7 @@ done
+@@ -33292,7 +33292,7 @@ done
  ## Please see the COPYING and CONTRIBUTORS files for details.
  ##
  
 -if test "x$with_krb5" == "xyes"; then
 +if test "x$with_krb5" = "xyes"; then
    BUILD_HELPER="kerberos_ldap_group"
- 
-   squid_cv_check_sasl="auto"
+   if test "x$with_apple_krb5" = "xyes" ; then
+     { $as_echo "$as_me:${as_lineno-$LINENO}: checking for main in -lresolv" >&5
author	tron <tron@pkgsrc.org>	2015-05-11 19:42:27 +0000
committer	tron <tron@pkgsrc.org>	2015-05-11 19:42:27 +0000
commit	93c40df7b121b09edfeadb23c41f778f70347cf7 (patch)
tree	3518c861e5448f906bbfc5be5637c8a7fa87032f
parent	194c720213cfe286b662904e0590ed08d31a9239 (diff)
download	pkgsrc-93c40df7b121b09edfeadb23c41f778f70347cf7.tar.gz