From owner-svn-ports-head@freebsd.org Wed Apr 20 13:45:24 2016 Return-Path: Delivered-To: svn-ports-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 410D7B15A04; Wed, 20 Apr 2016 13:45:24 +0000 (UTC) (envelope-from pi@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0053F117B; Wed, 20 Apr 2016 13:45:23 +0000 (UTC) (envelope-from pi@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u3KDjNh3052288; Wed, 20 Apr 2016 13:45:23 GMT (envelope-from pi@FreeBSD.org) Received: (from pi@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u3KDjM1J052285; Wed, 20 Apr 2016 13:45:22 GMT (envelope-from pi@FreeBSD.org) Message-Id: <201604201345.u3KDjM1J052285@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: pi set sender to pi@FreeBSD.org using -f From: Kurt Jaeger Date: Wed, 20 Apr 2016 13:45:22 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r413688 - in head/www/squid: . files X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Apr 2016 13:45:24 -0000 Author: pi Date: Wed Apr 20 13:45:22 2016 New Revision: 413688 URL: https://svnweb.freebsd.org/changeset/ports/413688 Log: www/squid: Add all available official patches up to 14031 It fixes two annoying and long-standing problems: - header forgery detection (using sslbump) leads to crash - add chained certificates and signing certificate to peek-then-bumped connections. PR: 207901 MFH: 2016Q2 Submitted by: Pavel Timofeev (maintainer) Reported by: Christophe Anselme-Moizan Modified: head/www/squid/Makefile head/www/squid/distinfo head/www/squid/files/patch-src__ip__Intercept.cc Modified: head/www/squid/Makefile ============================================================================== --- head/www/squid/Makefile Wed Apr 20 13:24:21 2016 (r413687) +++ head/www/squid/Makefile Wed Apr 20 13:45:22 2016 (r413688) @@ -2,6 +2,7 @@ PORTNAME= squid PORTVERSION= 3.5.16 +PORTREVISION= 1 CATEGORIES= www ipv6 MASTER_SITES= http://www.squid-cache.org/Versions/v3/${PORTVERSION:R}/ \ http://www2.us.squid-cache.org/Versions/v3/${PORTVERSION:R}/ \ @@ -17,6 +18,18 @@ PATCH_SITES= http://www.squid-cache.org/ http://www1.jp.squid-cache.org/%SUBDIR%/ \ http://master.squid-cache.org/~amosjeffries/patches/:nosid PATCH_SITE_SUBDIR= Versions/v3/${PORTVERSION:R}/changesets +PATCHFILES= squid-3.5-14020.patch \ + squid-3.5-14021.patch \ + squid-3.5-14022.patch \ + squid-3.5-14023.patch \ + squid-3.5-14024.patch \ + squid-3.5-14025.patch \ + squid-3.5-14026.patch \ + squid-3.5-14027.patch \ + squid-3.5-14028.patch \ + squid-3.5-14029.patch \ + squid-3.5-14030.patch \ + squid-3.5-14031.patch MAINTAINER= timp87@gmail.com COMMENT= HTTP Caching Proxy Modified: head/www/squid/distinfo ============================================================================== --- head/www/squid/distinfo Wed Apr 20 13:24:21 2016 (r413687) +++ head/www/squid/distinfo Wed Apr 20 13:45:22 2016 (r413688) @@ -1,2 +1,26 @@ SHA256 (squid3.5/squid-3.5.16.tar.xz) = e73d821180eed8bed230f357c680c0b19f1efa51a24725e810f2b48a2079d385 SIZE (squid3.5/squid-3.5.16.tar.xz) = 2317320 +SHA256 (squid3.5/squid-3.5-14020.patch) = ef2ca3158e9dc86a5a6fd4d76a6dc2d2fdf817ec45811e2c033f2bb27255debf +SIZE (squid3.5/squid-3.5-14020.patch) = 2080 +SHA256 (squid3.5/squid-3.5-14021.patch) = de498c8cbed75cf32f8de01bd2ccec1aac88fa1534223a18c2cac6d161847d3a +SIZE (squid3.5/squid-3.5-14021.patch) = 1513 +SHA256 (squid3.5/squid-3.5-14022.patch) = 5722068a8e6bf28a150f95daf91cca646c8d0f23fbb471d363ee3c7c3278707d +SIZE (squid3.5/squid-3.5-14022.patch) = 2145 +SHA256 (squid3.5/squid-3.5-14023.patch) = 0c89fec2091ca23ee031dc76147bfe2f0100518bdf78dd635110cb091530a73c +SIZE (squid3.5/squid-3.5-14023.patch) = 1763 +SHA256 (squid3.5/squid-3.5-14024.patch) = 0a833174ddb3d8906b0bb9933894e1932b3d4ac37406febed1090fbcc0fcd79e +SIZE (squid3.5/squid-3.5-14024.patch) = 1475 +SHA256 (squid3.5/squid-3.5-14025.patch) = d66e885114c98c607fb24a0d774ac5456d6883100b04a49077dc682a05246725 +SIZE (squid3.5/squid-3.5-14025.patch) = 1542 +SHA256 (squid3.5/squid-3.5-14026.patch) = 6de1cca5db2151550f9dc23a2a51731cf1b3d6dfbde446cf654f638527b9ff9d +SIZE (squid3.5/squid-3.5-14026.patch) = 1811 +SHA256 (squid3.5/squid-3.5-14027.patch) = 8bdd1684c4b595bc0e89e4ec7cb130aedc854f166493e8324128b0485c54bcd5 +SIZE (squid3.5/squid-3.5-14027.patch) = 1766 +SHA256 (squid3.5/squid-3.5-14028.patch) = 1a9b79a1ddfdd87608019cec12f23fd4421aef366c9065a6c8564ea197f093b3 +SIZE (squid3.5/squid-3.5-14028.patch) = 1841 +SHA256 (squid3.5/squid-3.5-14029.patch) = 0693035319cd505a3c39195fc141ab41d43f2526b96f906d2904837b24ebec3e +SIZE (squid3.5/squid-3.5-14029.patch) = 4945 +SHA256 (squid3.5/squid-3.5-14030.patch) = 45b05b3e446d5376818bc59b64afe617737833f4ee20fa25d5c28c74ecf86990 +SIZE (squid3.5/squid-3.5-14030.patch) = 1361 +SHA256 (squid3.5/squid-3.5-14031.patch) = 02699ad5956835eb72dbc5f503da17f50b72d08a5fd14ab14b0d4221c66a1587 +SIZE (squid3.5/squid-3.5-14031.patch) = 6238 Modified: head/www/squid/files/patch-src__ip__Intercept.cc ============================================================================== --- head/www/squid/files/patch-src__ip__Intercept.cc Wed Apr 20 13:24:21 2016 (r413687) +++ head/www/squid/files/patch-src__ip__Intercept.cc Wed Apr 20 13:45:22 2016 (r413688) @@ -8,7 +8,7 @@ + // warn once every million at critical level, then push down a level each repeated event static int warningLevel = DBG_CRITICAL; debugs(89, warningLevel, "IPF (IPFilter v4) NAT does not support IPv6. Please upgrade to IPFilter v5.1"); -- warningLevel = ++warningLevel % 10; +- warningLevel = (warningLevel + 1) % 10; + warningLevel = (warningLevel + 1) % 1048576; return false; #else