Date: Wed, 22 Apr 2015 19:26:09 +0000 (UTC) From: Renato Botelho <garga@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r384514 - in head/www/squidguard: . files Message-ID: <201504221926.t3MJQ9TE054834@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: garga Date: Wed Apr 22 19:26:08 2015 New Revision: 384514 URL: https://svnweb.freebsd.org/changeset/ports/384514 Log: - Add an optional patch, off by default, that enable 2 new options: - stripntdomain - striprealm - Take maintainership Approved by: madpilot (maintainer) Obtained from: pfSense Sponsored by: Netgate Added: head/www/squidguard/files/extra-patch-strip-with-quoted_string.diff (contents, props changed) head/www/squidguard/files/extra-patch-strip-without-quoted_string.diff (contents, props changed) head/www/squidguard/files/extra-patch-strip.diff (contents, props changed) Modified: head/www/squidguard/Makefile Modified: head/www/squidguard/Makefile ============================================================================== --- head/www/squidguard/Makefile Wed Apr 22 19:11:28 2015 (r384513) +++ head/www/squidguard/Makefile Wed Apr 22 19:26:08 2015 (r384514) @@ -11,7 +11,7 @@ DISTFILES= ${DISTNAME}${EXTRACT_SUFX}:a squidGuard-1.4-dnsbl.patch:b EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX} -MAINTAINER= madpilot@FreeBSD.org +MAINTAINER= garga@FreeBSD.org COMMENT= Fast redirector for squid LICENSE= GPLv2 @@ -43,15 +43,17 @@ PLIST_SUB+= LOGDIR="${LOGDIR}" SUB_FILES= pkg-deinstall pkg-message SUB_LIST= PORTNAME=${PORTNAME} -OPTIONS_DEFINE= DNS_BL DOCS EXAMPLES LDAP QUOTE_STRING +OPTIONS_DEFINE= DNS_BL DOCS EXAMPLES LDAP QUOTE_STRING STRIP_NTDOMAIN EXAMPLES_DESC= Install sample blacklists DNS_BL_DESC= Enable DNS based blacklists QUOTE_STRING_DESC= Add quoted string patch +STRIP_NTDOMAIN_DESC= Add options to strip NT domain and krb realm OPTIONS_SUB= yes QUOTE_STRING_EXTRA_PATCHES= ${DISTDIR}/squidGuard-1.4-quoted_string_support.diff:-p2 DNS_BL_EXTRA_PATCHES= ${DISTDIR}/squidGuard-1.4-dnsbl.patch:-p1 +STRIP_NTDOMAIN_EXTRA_PATCHES= ${FILESDIR}/extra-patch-strip.diff:-p0 LDAP_CONFIGURE_ON= --with-ldap LDAP_CONFIGURE_OFF= --without-ldap LDAP_LDFLAGS= -L${LOCALBASE}/lib @@ -59,6 +61,14 @@ LDAP_USE= OPENLDAP=yes .include <bsd.port.options.mk> +.if ${PORT_OPTIONS:MSTRIP_NTDOMAIN} +. if ${PORT_OPTIONS:MQUOTE_STRING} +EXTRA_PATCHES+= ${FILESDIR}/extra-patch-strip-with-quoted_string.diff +. else +EXTRA_PATCHES+= ${FILESDIR}/extra-patch-strip-without-quoted_string.diff +. endif +.endif + pre-fetch: @if [ ${SQUID_UID} = "squid" -o ${SQUID_GID} = "squid" ] ; then \ ${ECHO_MSG} "===> SQUID_UID is set to \"${SQUID_UID}\" and SQUID_GID is set to \"${SQUID_GID}\"." ; \ @@ -90,7 +100,7 @@ pre-install: @${ECHO_MSG} "===> Installing sample blacklists" @${MKDIR} ${STAGEDIR}${EXAMPLESDIR}/blacklists @(cd ${_DATADIR} && ${COPYTREE_SHARE} . ${STAGEDIR}${EXAMPLESDIR}/blacklists) - @${INSTALL_DATA} ${WRKDIR}/README.blacklists ${STAGEDIR}${EXAMPLESDIR} + ${INSTALL_DATA} ${WRKDIR}/README.blacklists ${STAGEDIR}${EXAMPLESDIR} @${ECHO_MSG} " -> Sample blacklists installed in ${EXAMPLESDIR}/blacklists" .endif @${ECHO_MSG} "===> Installing sample configuration file" @@ -101,11 +111,13 @@ pre-install: ${ECHO_MSG} " -> Sample configuration file installed in: ${ETCDIR}" ; \ post-install: +.if ${PORT_OPTIONS:MDOCS} @${ECHO_MSG} "===> Installing ${PORTNAME} documentation" @${MKDIR} ${STAGEDIR}${DOCSDIR} . for i in ${WRKSRC}/doc/*.txt ${WRKSRC}/doc/*.html ${WRKSRC}/doc/*.gif ${WRKSRC}/doc/README - @${INSTALL_DATA} ${WRKSRC}$i ${STAGEDIR}${DOCSDIR} + ${INSTALL_DATA} ${WRKSRC}$i ${STAGEDIR}${DOCSDIR} . endfor @${ECHO_MSG} " -> Documentation installed in: ${DOCSDIR}" +.endif .include <bsd.port.mk> Added: head/www/squidguard/files/extra-patch-strip-with-quoted_string.diff ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squidguard/files/extra-patch-strip-with-quoted_string.diff Wed Apr 22 19:26:08 2015 (r384514) @@ -0,0 +1,12 @@ +diff -ruN ../squidGuard-1.4.orig/src/sg.y.in ./src/sg.y.in +--- ../squidGuard-1.4.orig/src/sg.y.in 2015-04-22 12:42:14.932264000 -0500 ++++ ./src/sg.y.in 2015-04-22 12:44:41.473988000 -0500 +@@ -94,6 +94,6 @@ + %token WITHIN OUTSIDE ELSE LOGFILE ANONYMOUS VERBOSE CONTINIOUS SPORADIC + %token LDAPCACHETIME EXECUSERLIST EXECCMD LDAPPROTOVER + %token LDAPBINDDN LDAPBINDPASS MYSQLUSERNAME MYSQLPASSWORD DATABASE +-%token QUOTED_STRING ++%token QUOTED_STRING STRIPNTDOMAIN STRIPREALM + + %type <string> WORD + %type <string> EXECCMD Added: head/www/squidguard/files/extra-patch-strip-without-quoted_string.diff ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squidguard/files/extra-patch-strip-without-quoted_string.diff Wed Apr 22 19:26:08 2015 (r384514) @@ -0,0 +1,11 @@ +diff -ruN ../squidGuard-1.4.orig/src/sg.y.in ./src/sg.y.in +--- ../squidGuard-1.4.orig/src/sg.y.in 2015-04-22 12:42:14.932264000 -0500 ++++ ./src/sg.y.in 2015-04-22 12:44:41.473988000 -0500 +@@ -94,6 +94,7 @@ + %token WITHIN OUTSIDE ELSE LOGFILE ANONYMOUS VERBOSE CONTINIOUS SPORADIC + %token LDAPCACHETIME EXECUSERLIST EXECCMD LDAPPROTOVER + %token LDAPBINDDN LDAPBINDPASS MYSQLUSERNAME MYSQLPASSWORD DATABASE ++%token STRIPNTDOMAIN STRIPREALM + + %type <string> WORD + %type <string> EXECCMD Added: head/www/squidguard/files/extra-patch-strip.diff ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squidguard/files/extra-patch-strip.diff Wed Apr 22 19:26:08 2015 (r384514) @@ -0,0 +1,201 @@ +diff -ruN ../squidGuard-1.4.orig/doc/authentication.html ./doc/authentication.html +--- ../squidGuard-1.4.orig/doc/authentication.html 2015-04-22 12:42:14.937955000 -0500 ++++ ./doc/authentication.html 2015-04-22 12:42:54.745042000 -0500 +@@ -345,10 +345,43 @@ + </div> + <br> + +- +- +- +- ++<li> <b>Stripping NT domain name or Kerberos Realm from user name </b><br><br> ++ ++(You need squidGuard version 1.5 or higher to use user name stripping.)<br> ++If the authentication is made with NTLM or Kerberos, it contains NT domain ++or Kerberos realm. The following tags exist : ++<br><br> ++<table border=0 cellpadding=2 cellspacing=2> ++ <tr> ++ <td valign=top>stripntdomain</td><td> Strip NT domain name component from ++ user names (/ or \ separated). ++ </tr><tr> ++ <td valign=top>striprealm</td><td> Strip Kerberos Realm component from ++ user names (@ separated). ++ </tr><tr> ++ </tr><tr> ++ </tr> ++ </table> ++ ++ <br><br> ++ Example configuration:<br> ++ <br> ++ <div style=width:700px;overflow:auto> ++ <table width="75%" cellpadding="0" cellspacing="0" style="background-color: ++ #f2fff0; border: solid 1px #4455bb;"> ++ <tr> ++ <td style="background-color: #223499; border-bottom: 1px solid #888;"> ++ <font size="-1" color=white>Stripping NT domain name or Kerberos Realm from user name </font> ++ </td></tr> ++ <tr> ++ <td> ++ <pre> stripntdomain true ++ striprealm true ++</pre> ++ </td></tr> ++ </table> ++ </div> ++ <br> + + </td></tr></table> + +diff -ruN ../squidGuard-1.4.orig/src/sg.h.in ./src/sg.h.in +--- ../squidGuard-1.4.orig/src/sg.h.in 2015-04-22 12:42:14.931469000 -0500 ++++ ./src/sg.h.in 2015-04-22 12:42:54.738534000 -0500 +@@ -82,6 +82,8 @@ + #define DEFAULT_CONFIGFILE "@prefix@/squidGuard/squidGuard.conf" + #define DEFAULT_LOGDIR "@prefix@/squidGuard/log" + #define DEFAULT_DBHOME "@prefix@/squidGuard/db" ++#define DEFAULT_STRIPNTDOMAIN "false" ++#define DEFAULT_STRIPREALM "false" + #define EXEC_PROGRAM "@prefix@/bin/squidGuard" + + #ifdef ACCONFIG +diff -ruN ../squidGuard-1.4.orig/src/sg.l ./src/sg.l +--- ../squidGuard-1.4.orig/src/sg.l 2015-04-22 12:42:14.932909000 -0500 ++++ ./src/sg.l 2015-04-22 12:42:54.740080000 -0500 +@@ -105,6 +105,8 @@ + ^acl return ACL; + ^dbhome return DBHOME; + ^logdir return LOGDIR; ++^stripntdomain return STRIPNTDOMAIN; ++^striprealm return STRIPREALM; + ^ldapcachetime return LDAPCACHETIME; + ^ldapprotover return LDAPPROTOVER; + ^ldapbinddn { BEGIN LDAPDN_STATE; return LDAPBINDDN; } +diff -ruN ../squidGuard-1.4.orig/src/sg.y.in ./src/sg.y.in +--- ../squidGuard-1.4.orig/src/sg.y.in 2015-04-22 12:42:14.932264000 -0500 ++++ ./src/sg.y.in 2015-04-22 12:44:41.473988000 -0500 +@@ -116,6 +117,7 @@ + %type <string> tval + %type <string> date + %type <string> ttime ++%type <string> STRIPNTDOMAIN STRIPREALM + %% + + start: statements +@@ -127,6 +129,12 @@ + logdir: LOGDIR WORD { sgSetting("logdir",$2); } + ; + ++stripntdomain: STRIPNTDOMAIN WORD { sgSetting("stripntdomain",$2); } ++ ; ++ ++striprealm: STRIPREALM WORD { sgSetting("striprealm",$2); } ++ ; ++ + ldapcachetime: LDAPCACHETIME NUMBER { sgSetting("ldapcachetime",$2); } + ; + +@@ -352,6 +360,8 @@ + | destination_block + | dbhome + | logdir ++ | stripntdomain ++ | striprealm + | ldapprotover + | ldapbinddn + | ldapbindpass +diff -ruN ../squidGuard-1.4.orig/src/sgDiv.c ./src/sgDiv.c +--- ../squidGuard-1.4.orig/src/sgDiv.c 2015-04-22 12:42:14.931973000 -0500 ++++ ./src/sgDiv.c 2015-04-22 12:49:24.400088000 -0500 +@@ -223,11 +223,34 @@ + break; + case 1: /* ident */ + if(strcmp(p,"-")){ +- strcpy(s->ident,p); +- for(p=s->ident; *p != '\0'; p++) /* convert ident to lowercase chars */ +- *p = tolower(*p); ++ char *stripntdomain = NULL, *striprealm = NULL; ++ HTUnEscape(p); ++ stripntdomain = sgSettingGetValue("stripntdomain"); ++ if(stripntdomain == NULL) ++ stripntdomain = DEFAULT_STRIPNTDOMAIN; ++ striprealm = sgSettingGetValue("striprealm"); ++ if(striprealm == NULL) ++ striprealm = DEFAULT_STRIPREALM; ++ if (strcmp(stripntdomain,"false")) { ++ char *u = strrchr(p, '\\'); ++ if (!u) ++ u = strrchr(p, '/'); ++ if (!u) ++ u = strrchr(p, '+'); ++ if (u && u[1]) ++ p = u + 1; ++ } ++ if (strcmp(striprealm,"false")) { ++ char *u = strchr(p, '@'); ++ if (u != NULL) { ++ *u = '\0'; ++ } ++ } ++ strcpy(s->ident,p); ++ for(p=s->ident; *p != '\0'; p++) /* convert ident to lowercase chars */ ++ *p = tolower(*p); + } else +- s->ident[0] = '\0'; ++ s->ident[0] = '\0'; + break; + case 2: /* method */ + strcpy(s->method,p); +@@ -734,7 +757,7 @@ + p++; + break; + case 'u': /* Requested URL */ +- strcat(buf, req->orig); ++ strncat(buf, req->orig, 2048); + p++; + break; + default: +diff -ruN ../squidGuard-1.4.orig/src/sgDiv.c.in ./src/sgDiv.c.in +--- ../squidGuard-1.4.orig/src/sgDiv.c.in 2015-04-22 12:42:14.932693000 -0500 ++++ ./src/sgDiv.c.in 2015-04-22 12:48:38.406521000 -0500 +@@ -234,11 +234,34 @@ + break; + case 1: /* ident */ + if(strcmp(p,"-")){ +- strcpy(s->ident,p); +- for(p=s->ident; *p != '\0'; p++) /* convert ident to lowercase chars */ +- *p = tolower(*p); ++ char *stripntdomain = NULL, *striprealm = NULL; ++ HTUnEscape(p); ++ stripntdomain = sgSettingGetValue("stripntdomain"); ++ if (stripntdomain == NULL) ++ stripntdomain = DEFAULT_STRIPNTDOMAIN; ++ striprealm = sgSettingGetValue("striprealm"); ++ if (striprealm == NULL) ++ striprealm = DEFAULT_STRIPREALM; ++ if (strcmp(stripntdomain,"false")) { ++ char *u = strrchr(p, '\\'); ++ if (!u) ++ u = strrchr(p, '/'); ++ if (!u) ++ u = strrchr(p, '+'); ++ if (u && u[1]) ++ p = u + 1; ++ } ++ if (strcmp(striprealm,"false")) { ++ char *u = strchr(p, '@'); ++ if (u != NULL) { ++ *u = '\0'; ++ } ++ } ++ strcpy(s->ident,p); ++ for(p=s->ident; *p != '\0'; p++) /* convert ident to lowercase chars */ ++ *p = tolower(*p); + } else +- s->ident[0] = '\0'; ++ s->ident[0] = '\0'; + break; + case 2: /* method */ + strcpy(s->method,p);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201504221926.t3MJQ9TE054834>