From 172c7ee0d032ce8af7cb080c5b7b784555c08265 Mon Sep 17 00:00:00 2001 From: Kirill Ponomarev Date: Fri, 18 Jun 2004 11:49:44 +0000 Subject: Correct the patch for the NTLM helper vulnerability according to Apply some cleanups: + prefer PATCHDIR over FILEDIR when referring patches + remove unnecessary quotes + move all substitution tasks to the post-patch target + use "${FALSE}" instead of "exit 1" to generate error 1 from a shell Bump PORTREVISION PR: ports/68078 Submitted by: maintainer --- www/squid26/Makefile | 14 ++++++-------- .../files/patch-helpers-ntlm_auth-SMB-libntlmssp.c | 21 ++++++--------------- 2 files changed, 12 insertions(+), 23 deletions(-) (limited to 'www/squid26') diff --git a/www/squid26/Makefile b/www/squid26/Makefile index 70f66a13af59..c01bb810d8ea 100644 --- a/www/squid26/Makefile +++ b/www/squid26/Makefile @@ -29,7 +29,7 @@ PORTNAME= squid PORTVERSION= 2.5.5 -PORTREVISION= 10 +PORTREVISION= 11 CATEGORIES= www MASTER_SITES= \ ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \ @@ -218,7 +218,7 @@ CONFIGURE_ARGS+= --enable-pf-transparent .if ${OSVERSION} < 502106 pf_includedir= ${LOCALBASE}/include/pf BUILD_DEPENDS+= ${pf_includedir}/net/pfvar.h:${PORTSDIR}/security/pf -CFLAGS+= "-I${pf_includedir}" +CFLAGS+= -I${pf_includedir} EXTRA_PATCHES+= ${WRKDIR}/pf_from_ports.patch .endif .endif @@ -284,18 +284,16 @@ CONFIGURE_ENV+= CFLAGS="${CFLAGS}" \ pre-patch: # Check whether we need to create the extra patch that makes pf(4) -# visible for squid's configure script: +# visible to squid's configure script: .if defined(pf_includedir) @${SED} -e 's|%%PF_INCLUDEDIR%%|${pf_includedir}|g' \ -e 's|%%PF_AC_INCLUDEPATH%%|${pf_includedir:S,/,_,g}|g' \ - ${FILESDIR}/pf_from_ports.patch.in >${WRKDIR}/pf_from_ports.patch + ${PATCHDIR}/pf_from_ports.patch.in >${WRKDIR}/pf_from_ports.patch .endif post-patch: @${REINPLACE_CMD} -e 's|-lpthread|${PTHREAD_LIBS}|g' ${WRKSRC}/configure @${REINPLACE_CMD} -e 's|/etc|${PREFIX}/etc|g' ${WRKSRC}/doc/squid.8 - -pre-configure: @${REINPLACE_CMD} -e 's|%%SQUID_UID%%|${SQUID_UID}|g' \ -e 's|%%SQUID_GID%%|${SQUID_GID}|g' ${WRKSRC}/src/cf.data.pre @@ -348,10 +346,10 @@ changeuser: .if ${SQUID_UID:L} == nobody @${ECHO_CMD} "'nobody' is a system user, you do not need to execute"; \ ${ECHO_CMD} "this target!" - exit 1 + ${FALSE} .endif @if [ `${ID} -u` -ne 0 ]; \ - then ${ECHO_CMD} "Sorry, you must be root to use this target."; exit 1; fi; \ + then ${ECHO_CMD} "Sorry, you must be root to use this target."; ${FALSE}; fi; \ current_uid=`id -u ${SQUID_UID}`; \ current_gid=`pw groupshow ${SQUID_GID}|cut -f 3 -d :`; \ ${ECHO_CMD} "I will remove this user:"; \ diff --git a/www/squid26/files/patch-helpers-ntlm_auth-SMB-libntlmssp.c b/www/squid26/files/patch-helpers-ntlm_auth-SMB-libntlmssp.c index 8b91e979a9d2..54eeeb6bcdeb 100644 --- a/www/squid26/files/patch-helpers-ntlm_auth-SMB-libntlmssp.c +++ b/www/squid26/files/patch-helpers-ntlm_auth-SMB-libntlmssp.c @@ -3,18 +3,12 @@ helper which was reported by iDefense on the 07th June 2004. Original advisory: CVE-ID: CAN-2004-0541 -Patch obtained from: +Patch and correction obtained from: -The patch was slightly modified by me (tmseck@netcologne.de) to make -it apply cleanly to the FreeBSD port. + -Index: libntlmssp.c -=================================================================== -RCS file: /server/cvs-server/squid/squid/helpers/ntlm_auth/SMB/libntlmssp.c,v -retrieving revision 1.7 -diff -u -3 -p -u -r1.7 libntlmssp.c ---- helpers/ntlm_auth/SMB/libntlmssp.c 30 Nov 2001 09:50:28 -0000 1.7 -+++ helpers/ntlm_auth/SMB/libntlmssp.c 20 May 2004 22:31:33 -0000 +--- helpers/ntlm_auth/SMB/libntlmssp.c.orig Fri Nov 30 10:50:06 2001 ++++ helpers/ntlm_auth/SMB/libntlmssp.c Fri Jun 18 13:17:35 2004 @@ -161,7 +161,10 @@ make_challenge(char *domain, char *domai #define min(A,B) (A