aboutsummaryrefslogtreecommitdiff
path: root/www/squid
Commit message (Collapse)AuthorAgeFilesLines
* www/squid: update 3.5.19 -> 3.5.20Jason Unovitch2016-07-082-4/+5
| | | | | | | | | | - Also swap USE_OPENSSL=yes to USES=ssl PR: 210811 Submitted by: Pavel Timofeev <timp87@gmail.com> (maintainer) Notes: svn path=/head/; revision=418207
* Remove NLS, DOCS, EXAMPLES and IPV6 from OPTIONS_DEFAULT, they are enabled ↵Dmitry Marakasov2016-05-231-2/+2
| | | | | | | | | by default anyway and don't need to be listed Approved by: portmgr blanket Notes: svn path=/head/; revision=415742
* - Fix trailing whitespace in pkg-messagesDmitry Marakasov2016-05-191-1/+1
| | | | | | | Approved by: portmgr blanket Notes: svn path=/head/; revision=415503
* www/squid: Fix configure errors for libsslBernard Spil2016-05-151-104/+48
| | | | | | | | | | | | | - Fix building with ports' OpenSSL/LibreSSL - Use GSSAPI descriptions from Mk/Uses/gssapi.mk - Use more OPTIONS features PR: 208584 Submitted by: timp87@gmail.com (maintainer) MFH: 2016Q2 Notes: svn path=/head/; revision=415227
* Security update to 3.5.19Matthew Seaman2016-05-112-4/+3
| | | | | | | | | PR: 209334 Submitted by: timp87@gmail.com (maintainer) Security: 25e5205b-1447-11e6-9ead-6805ca0b3d42 Notes: svn path=/head/; revision=414987
* Add conflicts against the new squid-devel portMatthew Seaman2016-05-011-4/+7
| | | | | | | | | | Rework transparent proxy / firewall related options PR: 203860 Submitted by: timp87@gmail.com (maintainer) Notes: svn path=/head/; revision=414423
* many ports: mark broken on powerpc64Steve Wills2016-04-211-0/+2
| | | | Notes: svn path=/head/; revision=413746
* www/squid: 3.5.16 -> 3.5.17Kurt Jaeger2016-04-202-40/+4
| | | | | | | | | | | | | | Changes: http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID_3_5_17.html http://www.squid-cache.org/Advisories/SQUID-2016_5.txt PR: 208939 Submitted by: Pavel Timofeev <timp87@gmail.com> (maintainer) MFH: 2016Q2 Security: CVE-2016-4052, CVE-2016-4053, CVE-2016-4054 Notes: svn path=/head/; revision=413697
* www/squid: Add all available official patches up to 14031Kurt Jaeger2016-04-203-1/+38
| | | | | | | | | | | | | | | It fixes two annoying and long-standing problems: - header forgery detection (using sslbump) leads to crash - add chained certificates and signing certificate to peek-then-bumped connections. PR: 207901 MFH: 2016Q2 Submitted by: Pavel Timofeev <timp87@gmail.com> (maintainer) Reported by: Christophe Anselme-Moizan <christophe.anselmemoizan@orange.com> Notes: svn path=/head/; revision=413688
* Update to upstream version 3.5.16Thomas Zander2016-04-023-70/+3
| | | | | | | | PR: 208463 Submitted by: timp87@gmail.com (maintainer) Notes: svn path=/head/; revision=412410
* Remove ${PORTSDIR}/ from dependencies, categories v, w, x, y, and z.Mathieu Arnold2016-04-011-9/+9
| | | | | | | | With hat: portmgr Sponsored by: Absolight Notes: svn path=/head/; revision=412351
* www/squid: cleanup, adding patchesKurt Jaeger2016-03-316-22/+119
| | | | | | | | | | | | | | | | | | | | | 1. Turn ON all options that don't require external dependencies. 2. Split SMB options to more items to make it possible to compile squid with samba36 and samba42.* 3. Set databases/p5-DBI as a dependency for SQL option and add note to pkg-message about perl DBD drivers.* 4. Add fix for PF+IPv6.** 5. Require SSL option if SSL_CRTD is on. 6. Small fixes. 7. Add all available patches from upstream. * thanks to Alonso Cardenas Marquez! ** thanks to Orlando Bassotto! PR: 208290 Submitted by: Pavel Timofeev <timp87@gmail.com> (maintainer) Notes: svn path=/head/; revision=412287
* www/squid: Fix crashes under heavy loadMark Felder2016-03-143-11/+26
| | | | | | | | | | | | | Squid 3.5.15 addresses security issues, but reports have been made that it is unstable under load. These patches repair stability while not requiring we downgrade to 3.5.14 which reintroduces security vulnerabilities. PR: 207762 Approved by: maintainer MFH: 2016Q1 Notes: svn path=/head/; revision=411100
* www/squid: update 3.5.14 -> 3.5.15Jason Unovitch2016-02-252-3/+3
| | | | | | | | | | | | | | | | | Changes: * Bug 3870 assertion failed: String.cc: 'len_ + len <65536' in ESI::CustomParser * Fix multiple assertion on String overflows * Fix unit test errors on MacOS * Better handling of huge response headers. Fewer incorrect "Bug #3279" messages * Log noise reduction for eCAP PR: 207454 Submitted by: Pavel Timofeev <timp87@gmail.com> (maintainer) Security: https://vuxml.FreeBSD.org/freebsd/660ebbf5-daeb-11e5-b2bd-002590263bf5.html X-MFH-With: r406625, r409148 Notes: svn path=/head/; revision=409487
* www/squid: update 3.5.13 -> 3.5.14Jason Unovitch2016-02-192-4/+3
| | | | | | | | | | | PR: 207294 Submitted by: Pavel Timofeev <timp87@gmail.com> (maintainer) Security: CVE-2016-2390 Security: https://vuxml.FreeBSD.org/freebsd/56562efb-d5e4-11e5-b2bd-002590263bf5.html X-MFH-Note: MFH not required, only 3.5.13 in ports/head is vulnerable Notes: svn path=/head/; revision=409148
* Bump versions to chase Nettle shared library updateJohan van Selst2016-01-231-0/+1
| | | | Notes: svn path=/head/; revision=407058
* www/squid: update 3.5.12 -> 3.5.13Jason Unovitch2016-01-192-3/+3
| | | | | | | | | | | | | | | | | | | Changes: * Bug 4397: DragonFly BSD, POSIX shared memory is implemented as filepath * Bug 4387: Kerberos build errors on Solaris * TLS: Support Ephemeral Elliptic Curve Diffie-Hellman (EECDH) key exchange * TLS: Complete certificate chains using external intermediate certificates * Avoid memory leaks when an X.509 certificate validator is used with SslBump * Fix connection retry and fallback after failed server TLS connections * Fix GnuTLS detection via pkg-config * Fix startup crash with a misconfigured (too-small) shared memory cache * ... and some documentation updates PR: 206127 Submitted by: Pavel Timofeev <timp87@gmail.com> (maintainer) Notes: svn path=/head/; revision=406625
* www/squid: Heimdal option build fixesJason Unovitch2016-01-051-0/+10
| | | | | | | | | | | | | | - Fix squid build with Heimdal from ports. - Additionally fix squid build with base Heimdal when Heimdal from ports is installed. PR: 205461 Reported by: dewayne@heuristicsystems.com.au Submitted by: Pavel Timofeev <timp87@gmail.com> (maintainer) MFH: 2016Q1 (build fix blanket) Notes: svn path=/head/; revision=405267
* Update to 3.5.12Florian Smeets2015-12-063-14/+3
| | | | | | | | PR: 204913 Submitted by: <timp87@gmail.com> (maintainer) Notes: svn path=/head/; revision=403151
* www/squid: update 3.5.10 -> 3.5.11Jason Unovitch2015-11-1111-36/+25
| | | | | | | | | | | | | | | | | | | | | | | | - Regen patches for new release and for portlint - Drop creating/deleting /var/run/squid in the rc script as this duplicates handling it in the pkg-plist Changes: * Bug 3574: crashes on reconfigure and startup * Bug 4347: compile errors with LibreSSL 2.3 * Bug 4281: copy-paste typos in src/tools.cc * Bug 4279: No response from proxy for FTP-download of non-existing file * Bug 4188: Bumping intercepted SSL connections does not work on Solaris * Fix incorrect authentication headers on cache digest requests * Fix connection stats, including %<lp, missing for persistent connections * Fix invalid memory access issues in SBuf * Avoid errors when parsing manager ACL in old squid.conf PR: 204217 Submitted by: Pavel Timofeev <timp87@gmail.com> (maintainer) Tested by: ncrogers@gmail.com Notes: svn path=/head/; revision=401286
* Update to 3.5.10Florian Smeets2015-10-062-4/+3
| | | | | | | | PR: 203501 Submitted by: <timp87@gmail.com> (maintainer) Notes: svn path=/head/; revision=398713
* rc.d/squid: Check the config before starting, reloading, or restarting.Bryan Drewery2015-09-302-1/+19
| | | | Notes: svn path=/head/; revision=398231
* www/squid: security update and build fixJason Unovitch2015-09-213-5/+4
| | | | | | | | | | | | | | | - security update 3.5.8 -> 3.5.9 [1] - Fix TP_IPF build on FreeBSD 9 [2] PR: 203186 [1] PR: 202950 [2] Approved by: Pavel Timofeev <timp87@gmail.com> (maintainer) [1] Security: d3a98c2d-5da1-11e5-9909-002590263bf5 MFH: 2015Q3 X-MFH-With: r391555, r392222, r393602, r396106, r396185, r397215 Notes: svn path=/head/; revision=397476
* Rather than produce a warning message that IPv6 is not supportedCy Schubert2015-09-182-1/+16
| | | | | | | | | | | under ipfilter 4 (FreeBSD 9) every tenth time, reduce the message to one in a million. This has the effect of displaying the message at or shortly after startup with a reminder every blue moon. PR: 202950 Notes: svn path=/head/; revision=397215
* Fix TP_IPF build.Cy Schubert2015-09-052-7/+48
| | | | Notes: svn path=/head/; revision=396185
* www/squid: update 3.5.7 -> 3.5.8Jason Unovitch2015-09-043-43/+3
| | | | | | | | | PR: 202826 Submitted by: Pavel Timofeev <timp87@gmail.com> (maintainer) Approved by: feld (mentor) Notes: svn path=/head/; revision=396106
* www/squid: update 3.5.6 -> 3.5.7Bartek Rutkowski2015-08-0515-122/+114
| | | | | | | | | | | | - Fix build with ecap by clang - Get rid of useless and always empty /var/squid/logs - Rework patches to make portlint a bit happier PR: 202053 Submitted by: Pavel Timofeev <timp87@gmail.com> (maintainer) Notes: svn path=/head/; revision=393602
* www/squid: pkg-list fixPhilip M. Gollucci2015-07-151-0/+1
| | | | | | | | | | | - add missing pkg-plist entry (SSL_CRTD option) PR: 201463 Submitted by: s3erios@gmail.com Approved by: timp87@gmail.com (maintainer) Notes: svn path=/head/; revision=392222
* www/squid: Support DragonFly SHM segmentsJohn Marino2015-07-083-1/+12
| | | | | | | | | | | | | | | | | | | Out of the box, squid would not run on dragonfly due to its handling of SHM segments. On DragonFly, SHM segments are always treated as files but on FreeBSD it depends on whether or not application is inside a jail. In any case, the case for DragonFly was no supported, so it has been added via patch. This also requires the return of /var/run/squid directory which is where the SHM files are stored (defined by localstatedir and supported by RC script). The RC script would define this directory if missing, but let's make sure it is always available. PR: 201405 Submitted by: marino Approved by: maintainer (timp87/gmail) Notes: svn path=/head/; revision=391555
* Update to 3.5.6Mark Felder2015-07-063-3/+4
| | | | | | | | | | Resolve security issue, no CVE assigned yet Approved by: maintainer Security: 150d1538-23fa-11e5-a4a5-002590263bf5 Notes: svn path=/head/; revision=391431
* - update to 3.5.5Florian Smeets2015-06-073-5/+17
| | | | | | | | | | | - fix GASSAPI_NONE handling; - unbreak eCAP option, but only for FreeBSD < 10, no luck with clang. PR: 200070 Submitted by: <timp87@gmail.com> (maintainer) Notes: svn path=/head/; revision=388783
* MASTER_SITES cleanup.Mathieu Arnold2015-05-141-1/+0
| | | | | | | | | | | | | | | | | | | | | | - Replace ${MASTER_SITE_FOO} with FOO. - Merge MASTER_SITE_SUBDIR into MASTER_SITES when possible. (This means 99.9% of the time.) - Remove occurrences of MASTER_SITE_LOCAL when no subdirectory was present and no hint of what it should be was present. - Fix some logic. - And generally, make things more simple and easy to understand. While there, add magic values to the FESTIVAL, GENTOO, GIMP, GNUPG, QT and SAMBA macros. Also, replace some EXTRACT_SUFX occurences with USES=tar:*. Checked by: make fetch-urlall-list With hat: portmgr Sponsored by: Absolight Notes: svn path=/head/; revision=386312
* www/squid finally gets a maintainerJohn Marino2015-05-011-1/+1
| | | | | | | | | | Pavel Timofeev spearheaded the update to squid to version 3.5 and has been prepared to be the port's maintainer. Let's make that happen! Thanks for taking care of this popular port, Timp87. Notes: svn path=/head/; revision=385128
* www/squid: Add MAP_NOSYNC flay to mmap callJohn Marino2015-04-303-0/+23
| | | | | | | | | | | | | | This is the same technique used by PostgreSQL to prevent dirty pages from flushing prematurely (performance hit). In any case, it can't hurt and it's been used in production for 18 months. Timp87 provided the 3.5 version of squid; the port is still unmaintained. PR: 198920 Submitted by: emz (norma.perm.ru) concurred: timp87 (gmail) Notes: svn path=/head/; revision=385055
* www/squid: 3.4.12 -> 3.5.3Kurt Jaeger2015-04-1412-206/+298
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As it is written on http://www.squid-cache.org/Versions/ for 3.4.x versions: they are no longer intended for general use in new installations. So this is a big upgrade. Changes to squid-3.5.3 (28 Mar 2015): - Regression Bug 4213: negotiate_kerberos_auth: freeing non-dynamic memory - Regression Bug 4206: Incorrect connection close on expect:100-continue - Bug 4204: ./configure does not abort when required helpers cannot be built - Bug 3805: support shared memory on MacOS X in Mem::IPC::Segment - Bug 2907: high CPU usage on CONNECT when using delay pools - basic_getpwnam_auth: fail authentication on crypt() failures - basic_nis_auth: fail authentication on crypt() failures - ext_kerberos_ldap_group_acl: Heimdal support improvements - ext_wbinfo_group_acl: Perl 5.20 support - ... and several compile issues Changes to squid-3.5.2 (18 Feb 2015): - Regression Bug 4176: Digest auth too many helper lookups - Regression Bug 4180: not-fully-initialized data member in ACLUserData - Bug 4172: Solaris broken krb5-config - Bug 4073: Cygwin compile errors - Bug 3919: remove several never-true / never-false comparisons - HTTPS: Add missing root CAs when validating chains that passed internal checks - Fix some cbdataFree related memory leaks - Quieten CBDATA 'leak' messages - Set SNI information in transparent bumping mode - negotiate_kerberos_auth: fix krb5.conf backward compatibility - Fix memory leaks in cachemgr.cgi URL parser - Fix sslproxy_options in peek-and-splice mode - ... and fix several portability and build issues - ... and some documentation updates - ... and all fixes from squid 3.4.11 Changes to squid-3.5.1 (13 Jan 2015): - Fix handling of invalid SSL server certificates when splicing connections - basic_smb_lm_auth: Simplified MSNT basic auth helper - squidclient: Fix -A and -P options - ... and several portability fixes - ... and all fixes from squid 3.4.11 - ... and a lot of documentation updates Changes to squid-3.5.0.4 (21 Dec 2014): - Bug 3826: pt 2: Provide a systemd .service file for Squid - Support http_access denials of SslBump "peeked" connections. - Fix DONT_VERIFY_DOMAIN ssl flag - Fix peek-and-splice mode: certificate validation for domain mismatched errors - negotiate_kerberos_auth: MEMORY keytab and replay cache support - ... and some documentation updates - ... and a large amount of code polishing (non-logic changes) Changes to squid-3.5.0.3 (09 Dec 2014): - Bug 4146: workaround SSL Bump crash on Linux - Bug 4135: Support \-escaped characters in regex patterns - Bug 4131: SIGSEGV at store.cc:962 content_length > store_maxobjsize - Fix delay_parameters parsing - HTTP/2: handle 'PRI' method found in HTTP/1.x traffic - ... and all changes from squid 3.4.10 - ... and a lot of documentation updates Changes to squid-3.5.0.2 (31 Oct 2014): - Fix FTP socket opening during reconfigure - ... and all changes from 3.4.9 - ... and some build errors in rarely used code - ... and several documentation updates Changes to squid-3.5.0.1 (17 Oct 2014): - Port from 2.7: redirector and logging urlgroup feature - Bug 4093: source-maintenance.sh bad perl -i option - Bug 3608: per-service name for workers UDS sockets - Bug 2554: 32-bit wrap in AUFS counters - Bug 1961 pt1: URL handling redesign - Bug 1202 pt1: documentation for refresh_pattern algorithms - Update Squid boilerplate copyright/license - Update the http(s)_port directives protocol= parameter - Update forward_max_tries to permit 25 server paths - Update Kerberos library detection and build options - Support ACLs on ftp_epsv directive - Support >32KB objects in cache_dir rock storage - Support client connection annotation by helpers via clt_conn_tag=TAG - Support native FTP Relay - Support libgnugss Kerberos library - Support libecap v1.0 - Support SSL Peek and Splice feature - Support receiving PROXY protocol version 1 and 2 - Replace --enable-ssl build option with --with-openssl - Enable -n service name command line option for all Squid builds - Enable ICAP client by default - Fix configuration file parsing bugs, related to quoted strings - Fix Windows MinGW build errors - Fix multiple TCP outgoing TOS/DiffServ bugs - Fix Cygwin /etc/resolv.conf parsing - Fix crash when sending %ssl::cert_subject to external ACL w/o certificate - Fix crash reading malformed config files - Send selected SSL version and cipher to the certificate validation helper - Validate server certificates without bumping - Add zero-copy string buffer support - Add automated squid.conf parser testing with squid -k parse - Add adaptation_service ACL - Add logformat code %tS to log transaction start time - Add logformat code %>rd to log client URL domain name - Add key_extras to proxy authentication - Add url_rewrite_extras and store_id_extras directives - Add send_hit and store_miss directives - Add collapsed_forwarding directive - Add sslproxy_cert_sign_hash directive - Add SMP SSL session cache - Add cache_peer standby connections - Add helper ext_delayer_acl - Add TCP_TUNNEL log code for CONNECT tunnels which are not SSL-bumped - Add BUILDCXX and BUILDCXXFLAGS configure options for cross-compile - Remove COSS storage in favour of Rock storage - Remove dnsserver and external DNS helper API in favour of mDNS - Remove broken mallinfo() accounting and memory tracing - Remove hierarchy_stoplist in favour of always_direct - Deprecate tag ACL type in favour of note ACL type - Deprecate urlgroup feature in favour of note ACL type - HTTP/1.1: method names are case-sensitive - HTTP/1.1: register new headers from RFC 723x - squidclient: polish and update help display - squidclient: support TLS with GnuTLS 3.1.5+ - squidclient: support verbosity levels - squidclient: --ping mode module support - url_fake_rewrite: support concurrency - storeid_file_rewrite: support concurrency - digest_file_auth: support concurrency - digest_edirectory_auth: support concurrency - digest_ldap_auth: support concurrency - ... and many error page translation updates - ... and much code cleanup and polishing PR: 198089 Submitted by: Pavel Timofeev <timp87@gmail.com> Tested by: John Marshall <john.marshall@riverwillow.com.au> Notes: svn path=/head/; revision=384005
* - Update to 3.4.12Sunpoet Po-Chuan Hsieh2015-02-192-6/+5
| | | | | | | | | | | | | - While I'm here: - Pet portlint - Remove contiguous blank lines Changes: http://www.squid-cache.org/Versions/v3/3.4/RELEASENOTES.html PR: 197812 Submitted by: <timp87@gmail.com> Notes: svn path=/head/; revision=379384
* - Update to 3.4.11Guido Falsi2015-01-175-70/+28
| | | | | | | | | | | - Fix STACKTRACES option - Put correct permissions on /var directories creted by the port PR: 196711 Submitted by: timp87 at gmail.com Notes: svn path=/head/; revision=377223
* www/squid: implement proper backtrace supportEygene Ryabinkin2014-12-222-1/+128
| | | | | | | | | | | | | | Now Squid will print full backtrace for problematic cases when it is about to die on some signal and should emit stacktrace. You'll obviously need to compile it with STACKTRACES option. Tested at: KIAE Grid production Squid cluster MFC after: 1 week MFH: 2014Q4 Sponsored by: Kurchatov Institute of Atomic Energy Notes: svn path=/head/; revision=375240
* Remove a directory that is created/deleted by rc script from stagedirAntoine Brodin2014-12-211-0/+1
| | | | Notes: svn path=/head/; revision=375163
* Add security/nettle dependency and fix pkg-plist.Kevin Lo2014-12-202-3/+6
| | | | | | | | Squid detects libnettle when available and uses it without yet forcing it as a required dependency. Notes: svn path=/head/; revision=374991
* www/squid: Upgrade version 3.4.9 => 3.4.10John Marino2014-12-102-4/+3
| | | | | | | | PR: 195843 Submitted by: timp87 (gmail) Notes: svn path=/head/; revision=374457
* Allow building with clang 3.5Antoine Brodin2014-12-051-7/+11
| | | | | | | | | Those warnings should be fixed, but squelch them for now PR: ports/195665 Notes: svn path=/head/; revision=374030
* swapdir should be in /var/squid/cache.Kevin Lo2014-11-263-3/+3
| | | | Notes: svn path=/head/; revision=373442
* www/squid: Remove one file from SHEBANG_FILESJohn Marino2014-11-031-1/+0
| | | | | | | | | | | ksh was removed from dependencies list in version 3.4.9, so cert_tool doesn't have to be fixed anymore. PR: 194777 Submitted by: timp87 (gmail) Notes: svn path=/head/; revision=372103
* www/squid: Upgrade version 3.4.8 => 3.4.9John Marino2014-10-313-60/+9
| | | | | | | | | | | This update should address some memory leak issues PR: 193938 PR: 194726 Submitted by: timp87 (gmail) Notes: svn path=/head/; revision=371944
* www/squid: DragonFly needs an include CFLAG with KerberosJohn Marino2014-10-231-0/+1
| | | | Notes: svn path=/head/; revision=371394
* Since http://bazaar.launchpad.net/~squid/squid/3-trunk/revision/12842,Florian Smeets2014-10-161-2/+3
| | | | | | | | | | | | | | Squid's configure script defaults to -march=native, if the flag is supported by the compiler. And this even *overrides* your own specified CPUTYPE or -march= flag! That could cause squid to crash when using a package that was built on a newer CPU type that the one where the package would run on. Submitted by: dim Notes: svn path=/head/; revision=370975
* Add CPE info to squid ports.Guido Falsi2014-09-221-1/+2
| | | | | | | Requested by: des@ Notes: svn path=/head/; revision=368828
* - Make diskd and rock storage schemes options (diskd enabled by default) [1]Guido Falsi2014-09-193-10/+33
| | | | | | | | | | | | - Add note in pkg-message about diskd needing some tuning [1] - Fix transparent proxy with PF [1] [2] - Fix a pair of typos [1] PR: 193705 [1], 193752 [2] Submitted by: arcade@b1t.name [1], kib@ [2] Notes: svn path=/head/; revision=368596
* - Unbreak ECAP optionDmitry Marakasov2014-09-181-12/+1
| | | | Notes: svn path=/head/; revision=368485
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-19 14:08:50 +0000