svn commit: r429217 - in head/www/squid: . files
Jason Unovitch
junovitch at FreeBSD.org
Fri Dec 23 03:41:53 UTC 2016
Author: junovitch
Date: Fri Dec 23 03:41:51 2016
New Revision: 429217
URL: https://svnweb.freebsd.org/changeset/ports/429217
Log:
www/squid: update 3.5.22 -> 3.5.23
- Spell CHOSEN_COMPILER_TYPE correctly
- Remove upstreamed patch (IPv6 + PF crash)
- Add --enable-zph-qos option to default set
http://wiki.squid-cache.org/Features/QualityOfService
PR: 215416
Submitted by: Pavel Timofeev <timp87 at gmail.com> (maintainer)
Security: CVE-2016-10002
Security: CVE-2016-10003
Security: https://vuxml.FreeBSD.org/freebsd/41f8af15-c8b9-11e6-ae1b-002590263bf5.html
MFH: 2016Q4
Modified:
head/www/squid/Makefile
head/www/squid/distinfo
head/www/squid/files/patch-src__ip__Intercept.cc
Modified: head/www/squid/Makefile
==============================================================================
--- head/www/squid/Makefile Fri Dec 23 03:15:52 2016 (r429216)
+++ head/www/squid/Makefile Fri Dec 23 03:41:51 2016 (r429217)
@@ -1,7 +1,7 @@
# $FreeBSD$
PORTNAME= squid
-PORTVERSION= 3.5.22
+PORTVERSION= 3.5.23
CATEGORIES= www ipv6
MASTER_SITES= http://www.squid-cache.org/Versions/v3/${PORTVERSION:R}/ \
http://www2.us.squid-cache.org/Versions/v3/${PORTVERSION:R}/ \
@@ -222,6 +222,7 @@ CONFIGURE_ARGS= --with-default-user=squi
--with-swapdir=/var/squid/cache \
--without-gnutls \
--enable-auth \
+ --enable-zph-qos \
--enable-build-info \
--enable-loadable-modules \
--enable-removal-policies="lru heap" \
@@ -316,11 +317,10 @@ post-install:
BROKEN= Does not build with openssl-devel
.endif
-.if ${COMPILER_TYPE} == clang
+.if ${CHOSEN_COMPILER_TYPE} == clang
#CXXFLAGS+= -Wno-unused-private-field
-.if ${COMPILER_VERSION} >= 35
+CXXFLAGS+= -Wno-unknown-warning-option
CXXFLAGS+= -Wno-undefined-bool-conversion -Wno-tautological-undefined-compare -Wno-dynamic-class-memaccess
.endif
-.endif
.include <bsd.port.post.mk>
Modified: head/www/squid/distinfo
==============================================================================
--- head/www/squid/distinfo Fri Dec 23 03:15:52 2016 (r429216)
+++ head/www/squid/distinfo Fri Dec 23 03:41:51 2016 (r429217)
@@ -1,3 +1,3 @@
TIMESTAMP = 1479930399
-SHA256 (squid3.5/squid-3.5.22.tar.xz) = 1ce95b469257abeb2ed8a1c0417812301c1ef5a4cc40ca504167daa470ad9358
-SIZE (squid3.5/squid-3.5.22.tar.xz) = 2324164
+SHA256 (squid3.5/squid-3.5.23.tar.xz) = fa4c0c99f41e92fe1330bed3968d176c6f47ef2e3aea2f83977d5501afa40bdb
+SIZE (squid3.5/squid-3.5.23.tar.xz) = 2325884
Modified: head/www/squid/files/patch-src__ip__Intercept.cc
==============================================================================
--- head/www/squid/files/patch-src__ip__Intercept.cc Fri Dec 23 03:15:52 2016 (r429216)
+++ head/www/squid/files/patch-src__ip__Intercept.cc Fri Dec 23 03:41:51 2016 (r429217)
@@ -13,41 +13,3 @@
return false;
#else
natLookup.nl_v = 6;
-@@ -323,13 +323,21 @@
- }
-
- memset(&nl, 0, sizeof(struct pfioc_natlook));
-- newConn->remote.getInAddr(nl.saddr.v4);
-+ if (newConn->remote.isIPv4()) {
-+ newConn->remote.getInAddr(nl.saddr.v4);
-+ } else {
-+ newConn->remote.getInAddr(nl.saddr.v6);
-+ }
- nl.sport = htons(newConn->remote.port());
-
-- newConn->local.getInAddr(nl.daddr.v4);
-+ if (newConn->local.isIPv4()) {
-+ newConn->local.getInAddr(nl.daddr.v4);
-+ } else {
-+ newConn->local.getInAddr(nl.daddr.v6);
-+ }
- nl.dport = htons(newConn->local.port());
-
-- nl.af = AF_INET;
-+ nl.af = newConn->remote.isIPv4() ? AF_INET : AF_INET6;
- nl.proto = IPPROTO_TCP;
- nl.direction = PF_OUT;
-
-@@ -345,7 +353,11 @@
- debugs(89, 9, HERE << "address: " << newConn);
- return false;
- } else {
-- newConn->local = nl.rdaddr.v4;
-+ if (nl.af == AF_INET) {
-+ newConn->local = nl.rdaddr.v4;
-+ } else {
-+ newConn->local = nl.rdaddr.v6;
-+ }
- newConn->local.port(ntohs(nl.rdport));
- debugs(89, 5, HERE << "address NAT: " << newConn);
- return true;
More information about the svn-ports-all
mailing list