Add fix for Squid bug 2707 to make anonymous FTP work again.

3 files changed, 66 insertions, 2 deletions

diff --git a/www/squid31/Makefile b/www/squid31/Makefile
index f941ac994b1..4eee1dc698d 100644
--- a/www/squid31/Makefile
+++ b/www/squid31/Makefile
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.9 2009/07/08 15:02:01 tron Exp $
+# $NetBSD: Makefile,v 1.10 2009/07/12 09:45:02 tron Exp $
 
 DISTNAME=	squid-3.1.0.9
+PKGREVISION=	1
 PKGNAME=	${DISTNAME}	# Necessary for "pkgsrc/www/squid/options.mk"
 CATEGORIES=	www
 MASTER_SITES=	${SQUID_MASTER_SITES} \
diff --git a/www/squid31/distinfo b/www/squid31/distinfo
index 423415a5c79..7bd7f3a2f77 100644
--- a/www/squid31/distinfo
+++ b/www/squid31/distinfo
@@ -1,8 +1,9 @@
-$NetBSD: distinfo,v 1.5 2009/07/07 18:25:13 tron Exp $
+$NetBSD: distinfo,v 1.6 2009/07/12 09:45:02 tron Exp $
 
 SHA1 (squid-3.1.0.9.tar.bz2) = 221cc189c1c69e61819540ceb798ded728c2579a
 RMD160 (squid-3.1.0.9.tar.bz2) = 208ec13315ba73e16f3f4051e41aa7a539d7ba45
 Size (squid-3.1.0.9.tar.bz2) = 2360740 bytes
+SHA1 (patch-aa) = 58f69e9172a218cd79d43c09b9065aafe386e8c2
 SHA1 (patch-ad) = 031e5de714610917ac0c575b42add980c0933c72
 SHA1 (patch-ae) = a512f1d521f3019e2136b5d0ad2199182e2aaabb
 SHA1 (patch-ah) = e20f7b76d6d48041efbfe1a07dce756a818e6642
diff --git a/www/squid31/patches/patch-aa b/www/squid31/patches/patch-aa
new file mode 100644
index 00000000000..9b1e361b14b
--- /dev/null
+++ b/www/squid31/patches/patch-aa
@@ -0,0 +1,62 @@
+$NetBSD: patch-aa,v 1.3 2009/07/12 09:45:02 tron Exp $
+
+Fix problems with anonymous FTP, see here:
+http://www.squid-cache.org/bugs/show_bug.cgi?id=2707
+
+--- src/ftp.cc.orig	2009-06-26 11:35:38.000000000 +0100
++++ src/ftp.cc	2009-07-12 10:34:01.000000000 +0100
+@@ -93,13 +93,21 @@
+ 
+ /// \ingroup ServerProtocolFTPInternal
+ struct _ftp_flags {
++
++    /* passive mode */
++    bool pasv_supported;  ///< PASV command is allowed
++    bool epsv_all_sent;   ///< EPSV ALL has been used. Must abort on failures.
++    bool pasv_only;
++
++    /* authentication */
++    bool authenticated;         ///< authentication success
++    bool tried_auth_anonymous;  ///< auth has tried to use anonymous credentials already.
++    bool tried_auth_nopass;     ///< auth tried username with no password already.
++
++    /* other */
+     bool isdir;
+-    bool pasv_supported;
+-    bool epsv_all_sent;
+     bool skip_whitespace;
+     bool rest_supported;
+-    bool pasv_only;
+-    bool authenticated;
+     bool http_header_sent;
+     bool tried_nlst;
+     bool need_base_href;
+@@ -1432,6 +1440,9 @@
+  *
+  * Special Case: A username-only may be provided in the URL and password in the HTTP headers.
+  *
++ * TODO: we might be able to do something about locating username from other sources:
++ *       ie, external ACL user=* tag or ident lookup
++ *
+  \retval 1	if we have everything needed to complete this request.
+  \retval 0	if something is missing.
+  */
+@@ -1464,10 +1475,16 @@
+     /* Setup default FTP password settings */
+     /* this has to be done last so that we can have a no-password case above. */
+     if (!password[0]) {
+-        if (strcmp(user, "anonymous") == 0)
++        if (strcmp(user, "anonymous") == 0 && !flags.tried_auth_anonymous) {
+             xstrncpy(password, Config.Ftp.anon_user, MAX_URL);
+-        else
++            flags.tried_auth_anonymous=1;
++            return 1;
++        }
++        else if (!flags.tried_auth_nopass) {
+             xstrncpy(password, null_string, MAX_URL);
++            flags.tried_auth_nopass=1;
++            return 1;
++        }
+     }
+ 
+     return 0;			/* different username */