From owner-svn-ports-all@FreeBSD.ORG  Wed Apr 22 19:26:10 2015
Return-Path: <owner-svn-ports-all@FreeBSD.ORG>
Delivered-To: svn-ports-all@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 4B075B03;
 Wed, 22 Apr 2015 19:26:10 +0000 (UTC)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 397441A12;
 Wed, 22 Apr 2015 19:26:10 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t3MJQA6F054846;
 Wed, 22 Apr 2015 19:26:10 GMT (envelope-from garga@FreeBSD.org)
Received: (from garga@localhost)
 by svn.freebsd.org (8.14.9/8.14.9/Submit) id t3MJQ9TE054834;
 Wed, 22 Apr 2015 19:26:09 GMT (envelope-from garga@FreeBSD.org)
Message-Id: <201504221926.t3MJQ9TE054834@svn.freebsd.org>
X-Authentication-Warning: svn.freebsd.org: garga set sender to
 garga@FreeBSD.org using -f
From: Renato Botelho <garga@FreeBSD.org>
Date: Wed, 22 Apr 2015 19:26:09 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r384514 - in head/www/squidguard: . files
X-SVN-Group: ports-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-all@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: SVN commit messages for the ports tree <svn-ports-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-all/>
List-Post: <mailto:svn-ports-all@freebsd.org>
List-Help: <mailto:svn-ports-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-ports-all>,
 <mailto:svn-ports-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Apr 2015 19:26:10 -0000

Author: garga
Date: Wed Apr 22 19:26:08 2015
New Revision: 384514
URL: https://svnweb.freebsd.org/changeset/ports/384514

Log:
  - Add an optional patch, off by default, that enable 2 new options:
    - stripntdomain
    - striprealm
  - Take maintainership
  
  Approved by:	madpilot (maintainer)
  Obtained from:	pfSense
  Sponsored by:	Netgate

Added:
  head/www/squidguard/files/extra-patch-strip-with-quoted_string.diff   (contents, props changed)
  head/www/squidguard/files/extra-patch-strip-without-quoted_string.diff   (contents, props changed)
  head/www/squidguard/files/extra-patch-strip.diff   (contents, props changed)
Modified:
  head/www/squidguard/Makefile

Modified: head/www/squidguard/Makefile
==============================================================================
--- head/www/squidguard/Makefile	Wed Apr 22 19:11:28 2015	(r384513)
+++ head/www/squidguard/Makefile	Wed Apr 22 19:26:08 2015	(r384514)
@@ -11,7 +11,7 @@ DISTFILES=	${DISTNAME}${EXTRACT_SUFX}:a 
 		squidGuard-1.4-dnsbl.patch:b
 EXTRACT_ONLY=	${DISTNAME}${EXTRACT_SUFX}
 
-MAINTAINER=	madpilot@FreeBSD.org
+MAINTAINER=	garga@FreeBSD.org
 COMMENT=	Fast redirector for squid
 
 LICENSE=	GPLv2
@@ -43,15 +43,17 @@ PLIST_SUB+=	LOGDIR="${LOGDIR}"
 SUB_FILES=	pkg-deinstall pkg-message
 SUB_LIST=	PORTNAME=${PORTNAME}
 
-OPTIONS_DEFINE=		DNS_BL DOCS EXAMPLES LDAP QUOTE_STRING
+OPTIONS_DEFINE=		DNS_BL DOCS EXAMPLES LDAP QUOTE_STRING STRIP_NTDOMAIN
 
 EXAMPLES_DESC=	Install sample blacklists
 DNS_BL_DESC=	Enable DNS based blacklists
 QUOTE_STRING_DESC=	Add quoted string patch
+STRIP_NTDOMAIN_DESC=	Add options to strip NT domain and krb realm
 
 OPTIONS_SUB=		yes
 QUOTE_STRING_EXTRA_PATCHES=	${DISTDIR}/squidGuard-1.4-quoted_string_support.diff:-p2
 DNS_BL_EXTRA_PATCHES=	${DISTDIR}/squidGuard-1.4-dnsbl.patch:-p1
+STRIP_NTDOMAIN_EXTRA_PATCHES=	${FILESDIR}/extra-patch-strip.diff:-p0
 LDAP_CONFIGURE_ON=	--with-ldap
 LDAP_CONFIGURE_OFF=	--without-ldap
 LDAP_LDFLAGS=		-L${LOCALBASE}/lib
@@ -59,6 +61,14 @@ LDAP_USE=		OPENLDAP=yes
 
 .include <bsd.port.options.mk>
 
+.if ${PORT_OPTIONS:MSTRIP_NTDOMAIN}
+. if ${PORT_OPTIONS:MQUOTE_STRING}
+EXTRA_PATCHES+=	${FILESDIR}/extra-patch-strip-with-quoted_string.diff
+. else
+EXTRA_PATCHES+=	${FILESDIR}/extra-patch-strip-without-quoted_string.diff
+. endif
+.endif
+
 pre-fetch:
 	@if [ ${SQUID_UID} = "squid" -o ${SQUID_GID} = "squid" ] ; then \
 		${ECHO_MSG} "===>  SQUID_UID is set to \"${SQUID_UID}\" and SQUID_GID is set to \"${SQUID_GID}\"." ; \
@@ -90,7 +100,7 @@ pre-install:
 	@${ECHO_MSG} "===>   Installing sample blacklists"
 	@${MKDIR} ${STAGEDIR}${EXAMPLESDIR}/blacklists
 	@(cd ${_DATADIR} && ${COPYTREE_SHARE} . ${STAGEDIR}${EXAMPLESDIR}/blacklists)
-	@${INSTALL_DATA} ${WRKDIR}/README.blacklists ${STAGEDIR}${EXAMPLESDIR}
+	${INSTALL_DATA} ${WRKDIR}/README.blacklists ${STAGEDIR}${EXAMPLESDIR}
 	@${ECHO_MSG} "       -> Sample blacklists installed in ${EXAMPLESDIR}/blacklists"
 .endif
 	@${ECHO_MSG} "===>   Installing sample configuration file"
@@ -101,11 +111,13 @@ pre-install:
 	${ECHO_MSG} "       -> Sample configuration file installed in: ${ETCDIR}" ; \
 
 post-install:
+.if ${PORT_OPTIONS:MDOCS}
 	@${ECHO_MSG} "===>   Installing ${PORTNAME} documentation"
 	@${MKDIR} ${STAGEDIR}${DOCSDIR}
 . for i in ${WRKSRC}/doc/*.txt ${WRKSRC}/doc/*.html ${WRKSRC}/doc/*.gif ${WRKSRC}/doc/README
-	@${INSTALL_DATA} ${WRKSRC}$i ${STAGEDIR}${DOCSDIR}
+	${INSTALL_DATA} ${WRKSRC}$i ${STAGEDIR}${DOCSDIR}
 . endfor
 	@${ECHO_MSG} "       -> Documentation installed in: ${DOCSDIR}"
+.endif
 
 .include <bsd.port.mk>

Added: head/www/squidguard/files/extra-patch-strip-with-quoted_string.diff
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/squidguard/files/extra-patch-strip-with-quoted_string.diff	Wed Apr 22 19:26:08 2015	(r384514)
@@ -0,0 +1,12 @@
+diff -ruN ../squidGuard-1.4.orig/src/sg.y.in ./src/sg.y.in
+--- ../squidGuard-1.4.orig/src/sg.y.in	2015-04-22 12:42:14.932264000 -0500
++++ ./src/sg.y.in	2015-04-22 12:44:41.473988000 -0500
+@@ -94,6 +94,6 @@
+ %token WITHIN OUTSIDE ELSE LOGFILE ANONYMOUS VERBOSE CONTINIOUS SPORADIC
+ %token LDAPCACHETIME EXECUSERLIST EXECCMD LDAPPROTOVER
+ %token LDAPBINDDN LDAPBINDPASS MYSQLUSERNAME MYSQLPASSWORD DATABASE
+-%token QUOTED_STRING
++%token QUOTED_STRING STRIPNTDOMAIN STRIPREALM
+ 
+ %type <string> WORD 
+ %type <string> EXECCMD

Added: head/www/squidguard/files/extra-patch-strip-without-quoted_string.diff
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/squidguard/files/extra-patch-strip-without-quoted_string.diff	Wed Apr 22 19:26:08 2015	(r384514)
@@ -0,0 +1,11 @@
+diff -ruN ../squidGuard-1.4.orig/src/sg.y.in ./src/sg.y.in
+--- ../squidGuard-1.4.orig/src/sg.y.in	2015-04-22 12:42:14.932264000 -0500
++++ ./src/sg.y.in	2015-04-22 12:44:41.473988000 -0500
+@@ -94,6 +94,7 @@
+ %token WITHIN OUTSIDE ELSE LOGFILE ANONYMOUS VERBOSE CONTINIOUS SPORADIC
+ %token LDAPCACHETIME EXECUSERLIST EXECCMD LDAPPROTOVER
+ %token LDAPBINDDN LDAPBINDPASS MYSQLUSERNAME MYSQLPASSWORD DATABASE
++%token STRIPNTDOMAIN STRIPREALM
+ 
+ %type <string> WORD 
+ %type <string> EXECCMD

Added: head/www/squidguard/files/extra-patch-strip.diff
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/squidguard/files/extra-patch-strip.diff	Wed Apr 22 19:26:08 2015	(r384514)
@@ -0,0 +1,201 @@
+diff -ruN ../squidGuard-1.4.orig/doc/authentication.html ./doc/authentication.html
+--- ../squidGuard-1.4.orig/doc/authentication.html	2015-04-22 12:42:14.937955000 -0500
++++ ./doc/authentication.html	2015-04-22 12:42:54.745042000 -0500
+@@ -345,10 +345,43 @@
+ </div>
+ <br>
+ 
+-
+-
+-
+-
++<li> <b>Stripping NT domain name or Kerberos Realm from user name </b><br><br>
++ 
++(You need squidGuard version 1.5 or higher to use user name stripping.)<br>
++If the authentication is made with NTLM or Kerberos, it contains NT domain
++or Kerberos realm. The following tags exist :
++<br><br>
++<table border=0 cellpadding=2 cellspacing=2>
++	<tr>
++		<td valign=top>stripntdomain</td><td> Strip NT domain name component from
++			      user names (/ or \ separated).
++			</tr><tr>
++			<td valign=top>striprealm</td><td> Strip Kerberos Realm component from
++				      user names (@ separated).
++				</tr><tr>
++				</tr><tr>
++				</tr>
++			</table>
++		
++		<br><br>
++		Example configuration:<br>
++		<br>
++		<div style=width:700px;overflow:auto>
++			<table width="75%" cellpadding="0" cellspacing="0" style="background-color:
++				#f2fff0; border: solid 1px #4455bb;">
++				<tr>
++					<td style="background-color: #223499; border-bottom: 1px solid #888;">
++						<font size="-1" color=white>Stripping NT domain name or Kerberos Realm from user name </font>
++						</td></tr>
++				<tr>
++					<td>
++						<pre> stripntdomain true
++ striprealm true
++</pre>
++					</td></tr>
++			</table>
++		</div>
++	<br> 
+ 
+ </td></tr></table>
+ 
+diff -ruN ../squidGuard-1.4.orig/src/sg.h.in ./src/sg.h.in
+--- ../squidGuard-1.4.orig/src/sg.h.in	2015-04-22 12:42:14.931469000 -0500
++++ ./src/sg.h.in	2015-04-22 12:42:54.738534000 -0500
+@@ -82,6 +82,8 @@
+ #define DEFAULT_CONFIGFILE "@prefix@/squidGuard/squidGuard.conf"
+ #define DEFAULT_LOGDIR "@prefix@/squidGuard/log"
+ #define DEFAULT_DBHOME "@prefix@/squidGuard/db"
++#define DEFAULT_STRIPNTDOMAIN "false"
++#define DEFAULT_STRIPREALM "false"
+ #define EXEC_PROGRAM "@prefix@/bin/squidGuard"
+ 
+ #ifdef ACCONFIG
+diff -ruN ../squidGuard-1.4.orig/src/sg.l ./src/sg.l
+--- ../squidGuard-1.4.orig/src/sg.l	2015-04-22 12:42:14.932909000 -0500
++++ ./src/sg.l	2015-04-22 12:42:54.740080000 -0500
+@@ -105,6 +105,8 @@
+ ^acl         return ACL;
+ ^dbhome                return DBHOME;
+ ^logdir                return LOGDIR;
++^stripntdomain return STRIPNTDOMAIN;
++^striprealm    return STRIPREALM;
+ ^ldapcachetime return LDAPCACHETIME;
+ ^ldapprotover  return LDAPPROTOVER;
+ ^ldapbinddn    { BEGIN LDAPDN_STATE; return LDAPBINDDN; }
+diff -ruN ../squidGuard-1.4.orig/src/sg.y.in ./src/sg.y.in
+--- ../squidGuard-1.4.orig/src/sg.y.in	2015-04-22 12:42:14.932264000 -0500
++++ ./src/sg.y.in	2015-04-22 12:44:41.473988000 -0500
+@@ -116,6 +117,7 @@
+ %type <string> tval
+ %type <string> date
+ %type <string> ttime
++%type <string> STRIPNTDOMAIN STRIPREALM
+ %%
+ 
+ start: statements
+@@ -127,6 +129,12 @@
+ logdir:    LOGDIR WORD { sgSetting("logdir",$2); }
+          ;
+ 
++stripntdomain: STRIPNTDOMAIN WORD { sgSetting("stripntdomain",$2); }
++         ;
++
++striprealm: STRIPREALM WORD { sgSetting("striprealm",$2); }
++         ;
++ 
+ ldapcachetime: LDAPCACHETIME NUMBER { sgSetting("ldapcachetime",$2); }
+          ;
+ 
+@@ -352,6 +360,8 @@
+ 	     | destination_block
+              | dbhome
+ 	     | logdir
++             | stripntdomain
++             | striprealm 
+             | ldapprotover
+             | ldapbinddn
+             | ldapbindpass
+diff -ruN ../squidGuard-1.4.orig/src/sgDiv.c ./src/sgDiv.c
+--- ../squidGuard-1.4.orig/src/sgDiv.c	2015-04-22 12:42:14.931973000 -0500
++++ ./src/sgDiv.c	2015-04-22 12:49:24.400088000 -0500
+@@ -223,11 +223,34 @@
+       break;
+     case 1: /* ident */
+       if(strcmp(p,"-")){
+-	strcpy(s->ident,p);
+-	for(p=s->ident; *p != '\0'; p++) /* convert ident to lowercase chars */
+-	  *p = tolower(*p);
++        char *stripntdomain = NULL, *striprealm = NULL;
++        HTUnEscape(p);
++        stripntdomain = sgSettingGetValue("stripntdomain");
++        if(stripntdomain == NULL)
++          stripntdomain = DEFAULT_STRIPNTDOMAIN;
++        striprealm = sgSettingGetValue("striprealm");
++        if(striprealm == NULL)
++	  striprealm = DEFAULT_STRIPREALM;
++        if (strcmp(stripntdomain,"false")) {
++           char *u = strrchr(p, '\\');
++           if (!u)
++              u = strrchr(p, '/');
++           if (!u)
++              u = strrchr(p, '+');
++           if (u && u[1])
++              p = u + 1;
++        }
++        if (strcmp(striprealm,"false")) {
++           char *u = strchr(p, '@');
++           if (u != NULL) {
++              *u = '\0';
++           }
++        }
++        strcpy(s->ident,p);
++        for(p=s->ident; *p != '\0'; p++) /* convert ident to lowercase chars */
++           *p = tolower(*p);
+       } else
+-	s->ident[0] = '\0';
++        s->ident[0] = '\0';
+       break;
+     case 2: /* method */
+       strcpy(s->method,p);
+@@ -734,7 +757,7 @@
+       p++;
+       break;
+     case 'u': /* Requested URL */
+-      strcat(buf, req->orig);
++      strncat(buf, req->orig, 2048);
+       p++;
+       break;
+     default:
+diff -ruN ../squidGuard-1.4.orig/src/sgDiv.c.in ./src/sgDiv.c.in
+--- ../squidGuard-1.4.orig/src/sgDiv.c.in	2015-04-22 12:42:14.932693000 -0500
++++ ./src/sgDiv.c.in	2015-04-22 12:48:38.406521000 -0500
+@@ -234,11 +234,34 @@
+       break;
+     case 1: /* ident */
+       if(strcmp(p,"-")){
+-	strcpy(s->ident,p);
+-	for(p=s->ident; *p != '\0'; p++) /* convert ident to lowercase chars */
+-	  *p = tolower(*p);
++        char *stripntdomain = NULL, *striprealm = NULL;
++        HTUnEscape(p);
++        stripntdomain = sgSettingGetValue("stripntdomain");
++        if (stripntdomain == NULL)
++           stripntdomain = DEFAULT_STRIPNTDOMAIN;
++        striprealm = sgSettingGetValue("striprealm");
++        if (striprealm == NULL)
++           striprealm = DEFAULT_STRIPREALM;
++        if (strcmp(stripntdomain,"false")) {
++           char *u = strrchr(p, '\\');
++           if (!u)
++              u = strrchr(p, '/');
++           if (!u)
++              u = strrchr(p, '+');
++           if (u && u[1])
++              p = u + 1;
++        }
++        if (strcmp(striprealm,"false")) {
++           char *u = strchr(p, '@');
++           if (u != NULL) {
++              *u = '\0';
++           }
++        }
++        strcpy(s->ident,p);
++        for(p=s->ident; *p != '\0'; p++) /* convert ident to lowercase chars */
++           *p = tolower(*p);
+       } else
+-	s->ident[0] = '\0';
++        s->ident[0] = '\0';
+       break;
+     case 2: /* method */
+       strcpy(s->method,p);