The NetBSD Project

CVS log for pkgsrc/www/privoxy/Makefile

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / www / privoxy

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.71 / (download) - annotate - [select for diffs], Tue Jun 28 11:37:48 2022 UTC (7 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2022Q4-base, pkgsrc-2022Q4, pkgsrc-2022Q3-base, pkgsrc-2022Q3, HEAD
Changes since 1.70: +2 -2 lines
Diff to previous 1.70 (colored)

*: recursive bump for perl 5.36

Revision 1.70 / (download) - annotate - [select for diffs], Thu Nov 18 03:13:29 2021 UTC (14 months, 1 week ago) by khorben
Branch: MAIN
CVS Tags: pkgsrc-2022Q2-base, pkgsrc-2022Q2, pkgsrc-2022Q1-base, pkgsrc-2022Q1, pkgsrc-2021Q4-base, pkgsrc-2021Q4
Changes since 1.69: +2 -2 lines
Diff to previous 1.69 (colored)

privoxy: let the RC script work unprivileged

This takes advantage of the introduction of the SYSCONFBASE variable.
Tested on NetBSD/amd64.

Bumps PKGREVISION.

Revision 1.69 / (download) - annotate - [select for diffs], Mon May 24 19:55:56 2021 UTC (20 months, 1 week ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2021Q3-base, pkgsrc-2021Q3, pkgsrc-2021Q2-base, pkgsrc-2021Q2
Changes since 1.68: +2 -1 lines
Diff to previous 1.68 (colored)

*: recursive bump for perl 5.34

Revision 1.67.4.1 / (download) - annotate - [select for diffs], Fri Feb 5 21:45:38 2021 UTC (23 months, 3 weeks ago) by bsiegert
Branch: pkgsrc-2020Q4
Changes since 1.67: +2 -3 lines
Diff to previous 1.67 (colored) next main 1.68 (colored)

Pullup ticket #6420 - requested by wiz
www/privoxy: security fix

Revisions pulled up:
- www/privoxy/Makefile                                          1.68
- www/privoxy/PLIST                                             1.14
- www/privoxy/distinfo                                          1.26

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Thu Feb  4 16:29:14 UTC 2021

   Modified Files:
   	pkgsrc/www/privoxy: Makefile PLIST distinfo

   Log Message:
   privoxy: update to 3.0.29.

   *** Version 3.0.29 stable ***

   - Security/Reliability:
     - Fixed memory leaks when a response is buffered and the buffer
       limit is reached or Privoxy is running out of memory.
       Commits bbd53f1010b and 4490d451f9b. OVE-20201118-0001.
       Sponsored by: Robert Klemme
     - Fixed a memory leak in the show-status CGI handler when
       no action files are configured. Commit c62254a686.
       OVE-20201118-0002.
       Sponsored by: Robert Klemme
     - Fixed a memory leak in the show-status CGI handler when
       no filter files are configured. Commit 1b1370f7a8a.
       OVE-20201118-0003.
       Sponsored by: Robert Klemme
     - Fixes a memory leak when client tags are active.
       Commit 245e1cf32. OVE-20201118-0004.
       Sponsored by: Robert Klemme
     - Fixed a memory leak if multiple filters are executed
       and the last one is skipped due to a pcre error.
       Commit 5cfb7bc8fe. OVE-20201118-0005.
     - Prevent an unlikely dereference of a NULL-pointer that
       could result in a crash if accept-intercepted-requests
       was enabled, Privoxy failed to get the request destination
       from the Host header and a memory allocation failed.
       Commit 7530132349. CID 267165. OVE-20201118-0006.
     - Fixed memory leaks in the client-tags CGI handler when
       client tags are configured and memory allocations fail.
       Commit cf5640eb2a. CID 267168. OVE-20201118-0007.
     - Fixed memory leaks in the show-status CGI handler when memory
       allocations fail. Commit 064eac5fd0 and commit fdee85c0bf3.
       CID 305233. OVE-20201118-0008.

   - General improvements:
     - Added experimental https inspection support which allows to filter
       https traffic. To enable it, install MbedTLS and configure with
       --with-mbedtls, or install OpenSSL or LibreSSL and configure
       with --with-openssl.
       Afterwards configure the directives in section 7 of the
       config file and enable the +https-inspection action.
       Initial MbedTLS-based code contributed by Vaclav Svec,
       initial OpenSSL support contributed by Maxim Antonov.
       With help from Nedzad Hrnjica and Ho+ Ho+ Ho+.
       Integration and improvements sponsored by Robert Klemme.
     - pcrs: Request JIT compilation if it's supported and
       the filter isn't dynamic. This can speed up filtering.
     - Added support for Brotli decompression.
       Sponsored by: Robert Klemme
     - Added FEATURE_EXTENDED_STATISTICS to gather statistics for
       block reasons and filter executions. To enable it, configure
       with --enable-extended-statistics and visit
       http://config.privoxy.org/show-status.
       Sponsored by: Robert Klemme
     - Use the IP_FREEBIND socket option, if defined. This allows
       Privoxy to bind to not-yet assigned IP addresses which is
       useful in failover environments.
       Patch by Sam Varshavchik.
     - Allow to use extended host patterns and vanilla host patterns
       at the same time by prefixing extended host patterns with
       "PCRE-HOST-PATTERN:". To enable this, configure with
       --enable-pcre-host-patterns.
       Sponsored by: Robert Klemme
     - Added "Cross-origin resource sharing" (CORS) support.
       This allows to access Privoxy's CGI interface via JavaScript from
       another domain (white-listed with the new cors-allowed-origin directive).
       Based on a patch by Nedzad Hrnjica.
       Sponsored by: Robert Klemme.
     - Add SOCKS5 username/password support.
       Based on a patch by Sam, improved by Ivan Romanov.
       Closes Patch#141 and solves TODO#105.
     - Bump the maximum number of action and filter files
       to 100 each.
       Sponsored by: Robert Klemme
     - Fixed handling of filters with "split-large-forms 1"
       when using the CGI editor.
       Reported by withoutname in #921.
     - Better detect a mismatch of connection details when
       figuring out whether or not a connection can be reused.
     - Don't send a "Connection failure" message instead of the
       "DNS failure" message.
       Sponsored by: Robert Klemme
     - Let LOG_LEVEL_REQUEST log all requests. Previously unencrypted
       requests were only logged with LOG_LEVEL_REQUEST when they weren't
       crunched (in which case they were logged with LOG_LEVEL_CRUNCH).
       This was documented behaviour, but logging all requests seems more useful.
     - Fixed locking around localtime() and gmtime().
     - Removed OS/2 support. We haven't provided OS/2 packages in years,
       it complicated the code and it depended on a fallback snprintf()
       implementation which is GPLv2 only.
     - Remove the fallback snprintf() implementation
       Now that OS/2 support is gone we no longer need it.
     - Fixed a bunch of format specifiers log messages.
     - Added a missing apostrophe in the 'More Privoxy' menu.
     - Explicitly prevent use of FEATURE_CONNECTION_SHARING
       without FEATURE_CONNECTION_KEEP_ALIVE. It makes no sense
       and does not compile anyway.
       Sponsored by: Robert Klemme
     - Fix build without FEATURE_CONNECTION_KEEP_ALIVE.
       Sponsored by: Robert Klemme
     - Downgrade the 'Graceful termination requested' message
       to LOG_LEVEL_INFO as it isn't an error.
       Sponsored by: Robert Klemme
     - decompress_iob(): Downgrade the no-content message to LOG_LEVEL_RE_FILTER
       While at it, fix a typo in a comment.
       Sponsored by: Robert Klemme
     - Fixed a couple of cppcheck warnings.
     - Rename LOG_LEVEL_GPC to LOG_LEVEL_REQUEST.
       Only the shadow knows what "GPC" is supposed to stand for.
     - Remove SourceForge references in copyright headers.
     - Upgrade a bunch of links to the homepage to https://.
     - Add 'no-brotli-accepted' filter which prevents the
       use of Brotli compression.
     - Changed license for pcrs to GPLv2+ after getting the
       permission from Andreas. This allows to redistribute
       Privoxy under the GPLv3 which is required when linking
       to future mbedTLS versions which are expected to be
       licensed under the Apache 2.0 license only.
     - Updated a bunch of tests that have to expect status code 403
       now after r1.168/070e904afa5.
     - Lowercase the host name in the request line.
     - Only set SOURCE_DATE_EPOCH if it's not already set so
       distributions can overwrite it through the environment.

   - Documentation changes:
     - Explain that Privoxy has to be distributed under the
       GPLv3 (or later) when linked with an MbedTLS version
       that is licensed under the Apache 2.0 license.
     - Import the GNU GPLv3 and include it the user manual.
     - Clarify FEATURE_FORCE_LOAD's description. It allows to bypass
       blocking not filtering and only does it if blocks aren't enforced.
       Reported by: Robert Klemme
     - FAQ: Remove Zwiebelfreunde e.V. from the list of fiduciary sponsors
       As of 2021 they no longer handle donations for foreign organisations
       due to lack of resources.
     - FAQ: Remove an obsolete comment with a link to the long-gone PDF manual.
     - FAQ: Add a link to the TODO list.
     - FAQ: Change the sponsor amounts to USD slightly rounding the
       converted amounts up to get simple numbers.
       Receiving USD is apparently easier for SPI and SPI is
       preferred by sponsors as they can send invoices.
     - Advertise the client-tags CGI page in the user manual.
     - Stop advertising the show-version CGI page which no longer exists.
     - Add yet another reason why +prevent-compression may cause problems.
     - Don't claim that contributors need ssh. It's only needed for committers.
     - Replace obsolete CVS instructions with Git instructions.
     - Remove an obsolete comment

   - Config file changes:
     - Change the suggested default-server-timeout to 5 to match the
       suggested keep-alive-timeout. Otherwise using the defaults would
       result in Privoxy reducing the default-server-timeout and logging
       an error message.
       Sponsored by: Robert Klemme
     - Update the 'debug 1' description.
     - Add a missing 'client-specific-tag' directive.
     - Comment out trusted-cgi-referer pointing to example.org.

   - Action file improvements:
     - Block requests to /(.*/)?piwik\.php
     - Block requests to .connectaserver.de/
     - Block requests to pixel.inforsea.com/
     - Block requests to t.vi-serve.com/
     - Block requests to .ioam.de/
     - Block requests to t.9gag.com/img.gif
     - Block requests to .pixel.parsely.com/ as image
     - Block requests to pixel.wp.com/
     - Disable fast-redirects for .librarything.com/
     - Disable fast-redirects for issue.freebsdfoundation.org/
     - Disable fast-redirects for .twitter.com/.*origin=http
     - Unblock belco24.de/
     - Add fast-redirects exception for .wikipedia.org/
     - Add fast-redirects exception for oss-fuzz.com/
     - Disable fast-redirects for .consensu.org/delivery/pixel\.php
       and block the requests as image instead
     - Unblock .adbinstaller.com/
       Reported by lvm in #942.
     - Unblock .adbshell.com
       Reported by lvm in #942.
     - Unblock .tagesschau.de/
     - Disable fast-redirects for collector.githubapp.com/
       and block requests to it as image instead
     - Unblock 'ada*.'
     - Add fast-redirects{} exception for sourcepoint.vice.com/
     - Unblock adaway.org/
       Reported by DRS David Soft in AF#945.
     - Change two block reasons that previously were the same.
       Sponsored by: Robert Klemme
     - Added a +delay-response{} test.
     - Updated the location of the development version
       of default.action.master.

   - Privoxy-Log-Parser:
     - Added a --keep-date option to keep the date in highlighted messages.
     - Highlight new log messages.
     - Make gather_loglevel_clf_stats() more tolerant. While at it,
       count all CLF messages as requests, even if the request is invalid.
     - Only show HTTP version distribution if at least one version has been detected.
     - Only show crunch statistics if crunches were detected.
     - Warn if the request counts differ.
     - Generate statistics if the log only contains LOG_LEVEL_CLF messages
       so it can be used with vanilla webserver logs.
       Previously Privoxy-specific "Request:" messages were required.
     - Align the client-HTTP-version distribution like other distributions
     - Bump version to 0.9.1
     - Include status code distribution in the stats.
     - Let the statistics include the size of the content Privoxy
       transferred excluding HTTP headers.
     - Get with the program and expect all requests to be logged with LOG_LEVEL_REQUEST.
       It's no longer necessary to count both LOG_LEVEL_REQUEST and
       LOG_LEVEL_CRUNCH messages to get the total number of requests.
     - Leverage the LOG_LEVEL_CLF message to gather statistics that where
       previously taken from LOG_LEVEL_HEADER lines. This results in less
       confusing results if https inspection is enabled in which case there
       are two LOG_LEVEL_HEADER lines with request lines.
       Sponsored by: Robert Klemme
     - Properly highlight the filter results message. Previously a brace got lost.
     - Prefer the number of CLF lines to get the total number of requests
       as it works with older Privoxy versions as well.

   - Privoxy-Regression-Test:
     - Turn curl's globbing mode off so we can allow more characters in URLs.
     - Allow '[' and ']' in URLs.
     - Include the action file when complaining about missing Sticky Actions.
     - Fix a sentence in the documentation.
     - Bump version to 0.7.1

   - url-pattern-translator:
     - Detect a couple of pattern prefixes case-insensitively.
       Sponsored by: Robert Klemme
     - Skip CLIENT-TAG patterns.
       Sponsored by: Robert Klemme
     - Skip patterns that have already been converted.
       It should now be safe to "convert" a file multiple times.
       Sponsored by: Robert Klemme
     - Add the new 'PCRE-HOST-PATTERN:' prefix.
       Sponsored by: Robert Klemme

Revision 1.68 / (download) - annotate - [select for diffs], Thu Feb 4 16:29:14 2021 UTC (23 months, 3 weeks ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2021Q1-base, pkgsrc-2021Q1
Changes since 1.67: +2 -3 lines
Diff to previous 1.67 (colored)

privoxy: update to 3.0.29.

*** Version 3.0.29 stable ***

- Security/Reliability:
  - Fixed memory leaks when a response is buffered and the buffer
    limit is reached or Privoxy is running out of memory.
    Commits bbd53f1010b and 4490d451f9b. OVE-20201118-0001.
    Sponsored by: Robert Klemme
  - Fixed a memory leak in the show-status CGI handler when
    no action files are configured. Commit c62254a686.
    OVE-20201118-0002.
    Sponsored by: Robert Klemme
  - Fixed a memory leak in the show-status CGI handler when
    no filter files are configured. Commit 1b1370f7a8a.
    OVE-20201118-0003.
    Sponsored by: Robert Klemme
  - Fixes a memory leak when client tags are active.
    Commit 245e1cf32. OVE-20201118-0004.
    Sponsored by: Robert Klemme
  - Fixed a memory leak if multiple filters are executed
    and the last one is skipped due to a pcre error.
    Commit 5cfb7bc8fe. OVE-20201118-0005.
  - Prevent an unlikely dereference of a NULL-pointer that
    could result in a crash if accept-intercepted-requests
    was enabled, Privoxy failed to get the request destination
    from the Host header and a memory allocation failed.
    Commit 7530132349. CID 267165. OVE-20201118-0006.
  - Fixed memory leaks in the client-tags CGI handler when
    client tags are configured and memory allocations fail.
    Commit cf5640eb2a. CID 267168. OVE-20201118-0007.
  - Fixed memory leaks in the show-status CGI handler when memory
    allocations fail. Commit 064eac5fd0 and commit fdee85c0bf3.
    CID 305233. OVE-20201118-0008.

- General improvements:
  - Added experimental https inspection support which allows to filter
    https traffic. To enable it, install MbedTLS and configure with
    --with-mbedtls, or install OpenSSL or LibreSSL and configure
    with --with-openssl.
    Afterwards configure the directives in section 7 of the
    config file and enable the +https-inspection action.
    Initial MbedTLS-based code contributed by Vaclav Svec,
    initial OpenSSL support contributed by Maxim Antonov.
    With help from Nedzad Hrnjica and Ho+ Ho+ Ho+.
    Integration and improvements sponsored by Robert Klemme.
  - pcrs: Request JIT compilation if it's supported and
    the filter isn't dynamic. This can speed up filtering.
  - Added support for Brotli decompression.
    Sponsored by: Robert Klemme
  - Added FEATURE_EXTENDED_STATISTICS to gather statistics for
    block reasons and filter executions. To enable it, configure
    with --enable-extended-statistics and visit
    http://config.privoxy.org/show-status.
    Sponsored by: Robert Klemme
  - Use the IP_FREEBIND socket option, if defined. This allows
    Privoxy to bind to not-yet assigned IP addresses which is
    useful in failover environments.
    Patch by Sam Varshavchik.
  - Allow to use extended host patterns and vanilla host patterns
    at the same time by prefixing extended host patterns with
    "PCRE-HOST-PATTERN:". To enable this, configure with
    --enable-pcre-host-patterns.
    Sponsored by: Robert Klemme
  - Added "Cross-origin resource sharing" (CORS) support.
    This allows to access Privoxy's CGI interface via JavaScript from
    another domain (white-listed with the new cors-allowed-origin directive).
    Based on a patch by Nedzad Hrnjica.
    Sponsored by: Robert Klemme.
  - Add SOCKS5 username/password support.
    Based on a patch by Sam, improved by Ivan Romanov.
    Closes Patch#141 and solves TODO#105.
  - Bump the maximum number of action and filter files
    to 100 each.
    Sponsored by: Robert Klemme
  - Fixed handling of filters with "split-large-forms 1"
    when using the CGI editor.
    Reported by withoutname in #921.
  - Better detect a mismatch of connection details when
    figuring out whether or not a connection can be reused.
  - Don't send a "Connection failure" message instead of the
    "DNS failure" message.
    Sponsored by: Robert Klemme
  - Let LOG_LEVEL_REQUEST log all requests. Previously unencrypted
    requests were only logged with LOG_LEVEL_REQUEST when they weren't
    crunched (in which case they were logged with LOG_LEVEL_CRUNCH).
    This was documented behaviour, but logging all requests seems more useful.
  - Fixed locking around localtime() and gmtime().
  - Removed OS/2 support. We haven't provided OS/2 packages in years,
    it complicated the code and it depended on a fallback snprintf()
    implementation which is GPLv2 only.
  - Remove the fallback snprintf() implementation
    Now that OS/2 support is gone we no longer need it.
  - Fixed a bunch of format specifiers log messages.
  - Added a missing apostrophe in the 'More Privoxy' menu.
  - Explicitly prevent use of FEATURE_CONNECTION_SHARING
    without FEATURE_CONNECTION_KEEP_ALIVE. It makes no sense
    and does not compile anyway.
    Sponsored by: Robert Klemme
  - Fix build without FEATURE_CONNECTION_KEEP_ALIVE.
    Sponsored by: Robert Klemme
  - Downgrade the 'Graceful termination requested' message
    to LOG_LEVEL_INFO as it isn't an error.
    Sponsored by: Robert Klemme
  - decompress_iob(): Downgrade the no-content message to LOG_LEVEL_RE_FILTER
    While at it, fix a typo in a comment.
    Sponsored by: Robert Klemme
  - Fixed a couple of cppcheck warnings.
  - Rename LOG_LEVEL_GPC to LOG_LEVEL_REQUEST.
    Only the shadow knows what "GPC" is supposed to stand for.
  - Remove SourceForge references in copyright headers.
  - Upgrade a bunch of links to the homepage to https://.
  - Add 'no-brotli-accepted' filter which prevents the
    use of Brotli compression.
  - Changed license for pcrs to GPLv2+ after getting the
    permission from Andreas. This allows to redistribute
    Privoxy under the GPLv3 which is required when linking
    to future mbedTLS versions which are expected to be
    licensed under the Apache 2.0 license only.
  - Updated a bunch of tests that have to expect status code 403
    now after r1.168/070e904afa5.
  - Lowercase the host name in the request line.
  - Only set SOURCE_DATE_EPOCH if it's not already set so
    distributions can overwrite it through the environment.

- Documentation changes:
  - Explain that Privoxy has to be distributed under the
    GPLv3 (or later) when linked with an MbedTLS version
    that is licensed under the Apache 2.0 license.
  - Import the GNU GPLv3 and include it the user manual.
  - Clarify FEATURE_FORCE_LOAD's description. It allows to bypass
    blocking not filtering and only does it if blocks aren't enforced.
    Reported by: Robert Klemme
  - FAQ: Remove Zwiebelfreunde e.V. from the list of fiduciary sponsors
    As of 2021 they no longer handle donations for foreign organisations
    due to lack of resources.
  - FAQ: Remove an obsolete comment with a link to the long-gone PDF manual.
  - FAQ: Add a link to the TODO list.
  - FAQ: Change the sponsor amounts to USD slightly rounding the
    converted amounts up to get simple numbers.
    Receiving USD is apparently easier for SPI and SPI is
    preferred by sponsors as they can send invoices.
  - Advertise the client-tags CGI page in the user manual.
  - Stop advertising the show-version CGI page which no longer exists.
  - Add yet another reason why +prevent-compression may cause problems.
  - Don't claim that contributors need ssh. It's only needed for committers.
  - Replace obsolete CVS instructions with Git instructions.
  - Remove an obsolete comment

- Config file changes:
  - Change the suggested default-server-timeout to 5 to match the
    suggested keep-alive-timeout. Otherwise using the defaults would
    result in Privoxy reducing the default-server-timeout and logging
    an error message.
    Sponsored by: Robert Klemme
  - Update the 'debug 1' description.
  - Add a missing 'client-specific-tag' directive.
  - Comment out trusted-cgi-referer pointing to example.org.

- Action file improvements:
  - Block requests to /(.*/)?piwik\.php
  - Block requests to .connectaserver.de/
  - Block requests to pixel.inforsea.com/
  - Block requests to t.vi-serve.com/
  - Block requests to .ioam.de/
  - Block requests to t.9gag.com/img.gif
  - Block requests to .pixel.parsely.com/ as image
  - Block requests to pixel.wp.com/
  - Disable fast-redirects for .librarything.com/
  - Disable fast-redirects for issue.freebsdfoundation.org/
  - Disable fast-redirects for .twitter.com/.*origin=http
  - Unblock belco24.de/
  - Add fast-redirects exception for .wikipedia.org/
  - Add fast-redirects exception for oss-fuzz.com/
  - Disable fast-redirects for .consensu.org/delivery/pixel\.php
    and block the requests as image instead
  - Unblock .adbinstaller.com/
    Reported by lvm in #942.
  - Unblock .adbshell.com
    Reported by lvm in #942.
  - Unblock .tagesschau.de/
  - Disable fast-redirects for collector.githubapp.com/
    and block requests to it as image instead
  - Unblock 'ada*.'
  - Add fast-redirects{} exception for sourcepoint.vice.com/
  - Unblock adaway.org/
    Reported by DRS David Soft in AF#945.
  - Change two block reasons that previously were the same.
    Sponsored by: Robert Klemme
  - Added a +delay-response{} test.
  - Updated the location of the development version
    of default.action.master.

- Privoxy-Log-Parser:
  - Added a --keep-date option to keep the date in highlighted messages.
  - Highlight new log messages.
  - Make gather_loglevel_clf_stats() more tolerant. While at it,
    count all CLF messages as requests, even if the request is invalid.
  - Only show HTTP version distribution if at least one version has been detected.
  - Only show crunch statistics if crunches were detected.
  - Warn if the request counts differ.
  - Generate statistics if the log only contains LOG_LEVEL_CLF messages
    so it can be used with vanilla webserver logs.
    Previously Privoxy-specific "Request:" messages were required.
  - Align the client-HTTP-version distribution like other distributions
  - Bump version to 0.9.1
  - Include status code distribution in the stats.
  - Let the statistics include the size of the content Privoxy
    transferred excluding HTTP headers.
  - Get with the program and expect all requests to be logged with LOG_LEVEL_REQUEST.
    It's no longer necessary to count both LOG_LEVEL_REQUEST and
    LOG_LEVEL_CRUNCH messages to get the total number of requests.
  - Leverage the LOG_LEVEL_CLF message to gather statistics that where
    previously taken from LOG_LEVEL_HEADER lines. This results in less
    confusing results if https inspection is enabled in which case there
    are two LOG_LEVEL_HEADER lines with request lines.
    Sponsored by: Robert Klemme
  - Properly highlight the filter results message. Previously a brace got lost.
  - Prefer the number of CLF lines to get the total number of requests
    as it works with older Privoxy versions as well.

- Privoxy-Regression-Test:
  - Turn curl's globbing mode off so we can allow more characters in URLs.
  - Allow '[' and ']' in URLs.
  - Include the action file when complaining about missing Sticky Actions.
  - Fix a sentence in the documentation.
  - Bump version to 0.7.1

- url-pattern-translator:
  - Detect a couple of pattern prefixes case-insensitively.
    Sponsored by: Robert Klemme
  - Skip CLIENT-TAG patterns.
    Sponsored by: Robert Klemme
  - Skip patterns that have already been converted.
    It should now be safe to "convert" a file multiple times.
    Sponsored by: Robert Klemme
  - Add the new 'PCRE-HOST-PATTERN:' prefix.
    Sponsored by: Robert Klemme

Revision 1.67 / (download) - annotate - [select for diffs], Mon Aug 31 18:13:15 2020 UTC (2 years, 4 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2020Q4-base, pkgsrc-2020Q3-base, pkgsrc-2020Q3
Branch point for: pkgsrc-2020Q4
Changes since 1.66: +2 -1 lines
Diff to previous 1.66 (colored)

*: bump PKGREVISION for perl-5.32.

Revision 1.66 / (download) - annotate - [select for diffs], Sun Jan 26 17:32:23 2020 UTC (3 years ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2020Q2-base, pkgsrc-2020Q2, pkgsrc-2020Q1-base, pkgsrc-2020Q1
Changes since 1.65: +2 -2 lines
Diff to previous 1.65 (colored)

all: migrate homepages from http to https

pkglint -r --network --only "migrate"

As a side-effect of migrating the homepages, pkglint also fixed a few
indentations in unrelated lines. These and the new homepages have been
checked manually.

Revision 1.65 / (download) - annotate - [select for diffs], Sat Nov 9 14:30:29 2019 UTC (3 years, 2 months ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2019Q4-base, pkgsrc-2019Q4
Changes since 1.64: +3 -5 lines
Diff to previous 1.64 (colored)

privoxy: Update to 3.0.28

Privoxy 3.0.27 stable scales better in multi-user environments
and brings a couple of tuning directives.

Privoxy 3.0.28 stable fixes two regressions introduced in 3.0.27.

--------------------------------------------------------------------
ChangeLog for Privoxy 3.0.28
--------------------------------------------------------------------
- Bug fixes for regressions in 3.0.27:
  - Fixed misplaced parentheses.
    Reported by David Binderman.
  - Changed two regression tests to depend on config directive
    enable-remote-toggle instead of FEATURE_TOGGLE.

--------------------------------------------------------------------
ChangeLog for Privoxy 3.0.27
--------------------------------------------------------------------
- General improvements:
  - Add a receive-buffer-size directive which can be used to
    set the size of the previously statically allocated buffer
    in handle_established_connection().
    Increasing the buffer size increases Privoxy's memory usage but
    can lower the number of context switches and thereby reduce the
    CPU usage and potentially increase the throughput.
    This is mostly relevant for fast network connections and
    large downloads that don't require filtering.
    Sponsored by: Robert Klemme
  - Add a listen-backlog directive which specifies the backlog
    value passed to listen().
    Sponsored by: Robert Klemme
  - Add an enable-accept-filter directive which allows to
    toggle accept filter support at run time when compiled
    with FEATURE_ACCEPT_FILTER support.
    It makes testing more convenient and now that it's
    optional we can emit an error message if enabling
    the accept filter fails.
    Sponsored by: Robert Klemme
  - Add a delay-response{} action.
    This is useful to tar pit JavaScript requests that
    are endlessly retried in case of blocks. It can also
    be used to simulate a slow Internet connection.
    Sponsored by: Robert Klemme
  - Add a 'trusted-cgi-referrer' directive.
    It allows to configure another page or site that can be used
    to reach sensitive CGI resources.
    Sponsored by: Robert Klemme
  - Add a --fuzz mode which exposes Privoxy internals to input
    from files or stdout.
    Mainly tested with American Fuzzy Lop. For details see:
    https://www.fabiankeil.de/talks/fuzzing-on-freebsd/
    This work was partially funded with donations and done
    as part of the Privoxy month in 2015.
  - Consistently use the U(ngreedy) flag in the 'img-reorder' filter.
  - listen_loop(): Reuse a single thread attribute object
    The object doesn't change and creating a new one for
    every thread is a waste of (CPU) time.
    Sponsored by: Robert Klemme
  - Free csp resources in the thread that belongs to the csp instead
    of the main thread which has enough on its plate already.
    Sponsored by: Robert Klemme
  - Improve 'socket timeout reached' message.
    Log the timeout that was triggered and downgrade the
    log level to LOG_LEVEL_CONNECT to reduce the log noise
    with common debug settings.
    The timeout isn't necessary the result of an error and
    usually merely indicates that Privoxy's socket timeout
    is lower than the relevant timeouts used by client and
    server.
    Sponsored by: Robert Klemme
  - Explicitly taint the server socket in case of CONNECT requests.
    This doesn't fix any known problems, but makes
    some log messages less confusing.
  - Let write_pid_file() terminate if the pid file can't be opened.
    Logging the issue at info level is unlikely to help.
  - log_error(): Reduce the mutex-protected area by not using a
    heap-allocated buffer that is shared between all threads.
    This increases performance and reduces the latency with
    verbose debug settings and multiple concurrent connections.
    Sponsored by: Robert Klemme
  - Let zalloc() use calloc() if it's available.
    In some situations using calloc() can be faster than
    malloc() + memset() and it should never be slower.
    In the real world the impact of this change is not
    expected to be noticeable.
    Sponsored by: Robert Klemme
  - Never use select() when poll() is available.
    On most platforms select() is limited by FD_SETSIZE while
    poll() is not. This was a scaling issue for multi-user setups.
    Using poll() has no downside other than the usual risk
    that code modifications may introduce new bugs that have
    yet to be found and fixed.
    At least in theory this commit could also reduce the latency
    when there are lots of connections and select() would use
    "bit fields in arrays of integers" to store file descriptors.
    Another side effect is that Privoxy no longer has to stop
    monitoring the client sockets when pipelined requests are
    waiting but can't be read yet.
    This code keeps the select()-based code behind ifdefs for
    now but hopefully it can be removed soonish to make the
    code more readable.
    Sponsored by: Robert Klemme
  - Add a 'reproducible-tarball-dist' target.
    It's currently separate from the "tarball-dist" target
    because it requires a tar implementation with mtree spec
    support.
    It's far from being perfect and does not enforce a
    reproducible mode, but it's better than nothing.
  - Use arc4random() if it's available.
    While Privoxy doesn't need high quality pseudo-random numbers
    there's no reason not to use them when we can and this silences
    a warning emitted by code checkers that can't tell whether or not
    the quality matters.
  - Show the FEATURE_EXTERNAL_FILTERS status on the status page.
    Better late than never. Previously a couple of tests weren't
    executed as Privoxy-Regression-Test couldn't detect that the
    FEATURE_EXTERNAL_FILTERS dependency was satisfied.
  - Ditch FEATURE_IMAGE_DETECT_MSIE.
    It's an obsolete workaround we inherited from Junkbuster
    and was already disabled by default.
    Users that feel the urge to work around issues with
    image requests coming from an Internet Explorer version
    from more than 15 years ago can still do this using tags.
  - Consistently use strdup_or_die() instead of strdup() in
    cases where allocation failures aren't expected.
    Using strdup_or_die() allows to remove a couple of explicit
    error checks which slightly reduces the size of the binary.
  - Insert a refresh tag into the /client-tags CGI page when
    serving it while a client-specific tag is temporarily enabled.
    This makes it less likely that the user ends up
    looking at tag state that is out of date.
  - Use absolute URLs in the client-tag forms.
    It's more consistent with the rest of the CGI page
    URLs and makes it more convenient to copy the forms
    to external pages.
  - cgi_error_disabled(): Use status code 403 and an appropriate response line
  - Use a dedicated CGI handler to deal with tag-toggle requests
    As a result the /client-tags page is now safe to reach without
    trusted Referer header which makes bookmarking or linking to
    it more convenient.
    Finally, refreshing the /client-tags page to show the
    current state can no longer unintentionally repeat the
    previous toggle request.
  - Don't add a "Connection" header for CONNECT requests.
    Explicitly sending "Connection: close" is not necessary and
    apparently it causes problems with some forwarding proxies
    that will close the connection prematurely.
    Reported by Marc Thomas.
  - Fix compiler warnings.

- Bug fixes:
  - rfc2553_connect_to(): Properly detect and log when poll()
    reached the time out. Previously this was logged as:
    Could not connect to [...]: No error: 0.
    which isn't very helpful.
    Sponsored by: Robert Klemme
  - add_tag_for_client(): Set time_to_live properly.
    Previously the time_to_live was always set for the first tag.
    Attempts to temporarily enable a tag would result in enabling
    it permanently unless no tag was enabled already.
  - Revert r1.165 which didn't perform as advertised.
    While the idea was to use "https:// when creating links
    for the user manual on the website", the actual effect
    was to use "https://" when Privoxy was supposed to serve
    the user manual itself.
    Reported by Yossi Zahn on Privoxy-devel@.
  - socks5_connect(): Fail in case of unsupported address types.
    Previously they would not be detected right away and
    Privoxy would fail later on with an error message that
    didn't make it obvious that the problem was socks-related.
    So far, no such problems have actually been reported.
  - socks5_connect(): Properly deal with socks replies that
    contain IPv6 addresses.
    Previously parts of the reply were left unread and
    later on treated as invalid HTTP response data.
    Fixes #904 reported by Danny Goossen who also provided
    the initial version of this patch.

- Action file improvements:
  - Unblock 'msdn.microsoft.com/'.
    It (presumably) isn't used to serve the kind of ads Privoxy should
    block by default but happens to serve lots of pages with URLs that
    are likely to result in false positives.
    Reported by bugreporter1694 in AF#939.
  - Disable gif deanimation for requests tagged with CSS-REQUEST.
    The action will ignore content that isn't considered text
    anyway and explicitly disabling it makes this more obvious
    if "action" debugging (debug 65536) is enabled while
    "gif deanimation" debugging (debug 256) isn't.
  - Explicitly disable HTML filters for requests with CSS-REQUEST tag.
    The filters are unlikely to break CSS files but executing
    them without (intentionally) getting any hits is a waste of
    cpu time and makes the log more noisy when running with
    "debug 64".
  - Unblock 'adventofcode.com/'.
    Reported by Clint Adams in Debian bug #848211.
    Fixes Roland's AF#937.
  - Unblock 'adlibris.com'.
    Reported by Wyrex in #935
  - Unblock .golang.org/
  - Add fast-redirects exception for '.youtube.com/.*origin=http'

- Privoxy-Log-Parser:
  - Don't gather host and resource statistics if they aren't requested.
    While the performance impact seems negligible this significantly
    reduces the memory usage if there are lots of requests.
  - Bump version as the behaviour (slightly) changed.
  - Count connection failures as well in statistics mode.
    Sponsored by: Robert Klemme
  - Count connection timeouts as well in statistics mode.
    Sponsored by: Robert Klemme
  - Fix an 'uninitialized value' warning when generating
    statistics for a log file without response headers.
    While privoxy-log-parser was supposed to detect this already,
    the check was flawed and the message the user didn't see was
    somewhat confusing anyway.
    Now the message is less confusing, more helpful and actually printed.
    Reported by: Robert Klemme

- Documentation improvements:
  - Refer to the git sources instead of CVS.
  - Use GNU/Linux when referring to the OS instead of the kernel.
  - Add FAQ entry for what to do if editing the config file is access denied.
  - Add brief HTTP/2 FAQ.
  - Add a small fuzzing section to the developer documentation.
  - Add a client-header-tagger{client-ip-address} example.
  - Stop suggesting that Privoxy is an anonymizing proxy.
    The term could lead to Privoxy users overestimating
    what it can do on its own (without Tor).
  - Make it more obvious that SPI accepts Paypal, too.
    Currently most donations are made through the Paypal account
    managed by Zwiebelfreunde e.V. and a more even distribution
    would be useful.
  - Suggest to log applying actions as well when reproducing problems.
  - Explicitly mention that Privoxy binaries are built by individuals
    on their own systems. Buyer beware!
  - Mention the release feed on the homepage.
  - Remove a mysterious comment with a GNU FDL link as it isn't
    useful and could confuse license scanners.
    In May 2002 it was briefly claimed that "this document" was covered
    by the GNU FDL. The commit message (r1.5) doesn't explain the motivation
    or whether all copyright holders were actually asked and agreed to the
    declared license change.
    It's thus hard to tell whether or not the license change was legit,
    but luckily two days later the "doc license" was "put" "back to GPL"
    anyway (r1.6).
    At the same time the offending comment with a link to the FDL
    (not the GPL) was added for no obvious reason.
    Now it's gone again.

- Regression tests:
  - Bump for-privoxy-version to 3.0.27 as we now rely on untrusted
    CGI request being rejected with status code 403 (instead of 200).
  - Update test for /send-stylesheet and add another one

- Templates:
  - Consistently use https:// when linking to the Privoxy website.
  - Remove SourceForge references in Copyright header.
  - Remove a couple of SourceForge references in a comment.
    While at it, fix the grammar.
  - Move the site-specific documentation block before the generic one.
    While most Privoxy installations don't have a site-specific
    documentation block, in cases were it exists it's likely to
    be more relevant than the generic one.
    Showing it first makes it less likely that users stop reading
    before they reach it, especially on pages that don't fit on
    the screen.

- Build system improvements:
  - Prefer openjade to jade. On some systems Jade produces
    HTML with unescaped ampersands in URLs.
  - Prefer OpenSP to SP to be consistent.
  - Have Docbook generated HTML files be straight ASCII.
    Dealing with a mixture of ISO-8859 and UTF-8 files is problematic.
  - Echo the filename to stderr for 'make dok-tidy'.
    Make it a bit easier to find errors in docbook generated HTML.
  - Warn when still using select().
  - Warn when compiling without calloc().
  - Make it more obvious that the --with-fdsetsize configure switch
    is pointless if poll() is available.
  - Remove support for AmigaOS.
  - Update windows build system to use supported software.
    The cygwin gcc -mno-cygwin option is no longer supported, so
    convert the windows build system to use the cygwin cross-compiler
    to build "native" code.
  - Add --enable-static-linking option for configure
    does the same thing as LDFLAGS=-static; ./configure
    but nicer than mixing evars and configure options.

Revision 1.64 / (download) - annotate - [select for diffs], Sun Aug 11 13:25:07 2019 UTC (3 years, 5 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2019Q3-base, pkgsrc-2019Q3
Changes since 1.63: +2 -2 lines
Diff to previous 1.63 (colored)

Bump PKGREVISIONs for perl 5.30.0

Revision 1.63 / (download) - annotate - [select for diffs], Thu May 23 19:23:21 2019 UTC (3 years, 8 months ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2019Q2-base, pkgsrc-2019Q2
Changes since 1.62: +2 -2 lines
Diff to previous 1.62 (colored)

all: replace SUBST_SED with the simpler SUBST_VARS

pkglint -Wall -r --only "substitution command" -F

With manual review and indentation fixes since pkglint doesn't get that
part correct in every case.

Revision 1.62 / (download) - annotate - [select for diffs], Wed Aug 22 09:47:57 2018 UTC (4 years, 5 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2019Q1-base, pkgsrc-2019Q1, pkgsrc-2018Q4-base, pkgsrc-2018Q4, pkgsrc-2018Q3-base, pkgsrc-2018Q3
Changes since 1.61: +2 -1 lines
Diff to previous 1.61 (colored)

Recursive bump for perl5-5.28.0

Revision 1.61 / (download) - annotate - [select for diffs], Wed Jul 4 13:40:42 2018 UTC (4 years, 6 months ago) by jperkin
Branch: MAIN
Changes since 1.60: +2 -2 lines
Diff to previous 1.60 (colored)

*: Move SUBST_STAGE from post-patch to pre-configure

Performing substitutions during post-patch breaks tools such as mkpatches,
making it very difficult to regenerate correct patches after making changes,
and often leading to substituted string replacements being committed.

Revision 1.60 / (download) - annotate - [select for diffs], Wed Mar 21 23:18:09 2018 UTC (4 years, 10 months ago) by gdt
Branch: MAIN
CVS Tags: pkgsrc-2018Q2-base, pkgsrc-2018Q2, pkgsrc-2018Q1-base, pkgsrc-2018Q1
Changes since 1.59: +2 -1 lines
Diff to previous 1.59 (colored)

privoxy: Add default-enabled inet6 option

Add an option inet6, to use IPv6.  Enabled by default, matching the
previous behavior.

Revision 1.59 / (download) - annotate - [select for diffs], Sun Jan 7 15:08:50 2018 UTC (5 years ago) by leot
Branch: MAIN
Changes since 1.58: +3 -4 lines
Diff to previous 1.58 (colored)

privoxy: Update www/privoxy to 3.0.26

pkgsrc changes:
 - Add user.filter to CONF_FILES_PERMS, it is used by default in the privoxy
   config and if not present privoxy will refuse to start.

Changes:
*** Version 3.0.26 stable ***

- Bug fixes:
  - Fixed crashes with "listen-addr :8118" (SF Bug #902).
    The regression was introduced in 3.0.25 beta and reported
    by Marvin Renich in Debian bug #834941.

- General improvements:
  - Log when privoxy is toggled on or off via cgi interface.
  - Highlight the "Info: Now toggled " on/off log message
    in the Windows log viewer.
  - Highlight the loading actions/filter file log message
    in the Windows log viewer.
  - Mention client-specific tags on the toggle page as a
    potentionally more appropriate alternative.

- Documentation improvements:
  - Update download section on the homepage.
    The downloads are available from the website now.
  - Add sponsor FAQ.
  - Remove obsolete reference to mailing lists hosted at SourceForge.
  - Update the "Before the Release" section of the developer manual.

- Infrastructure improvements:
  - Add perl script to generate an RSS feed for the packages
    Submitted by "Unknown".

- Build system improvements:
  - strptime.h: fix a compiler warning about ambiguous else.
  - configure.in: Check for Docbook goo on the BSDs as well.
  - GNUMakefile.in: Let the dok-user target remove temporary files.

*** Version 3.0.25 beta ***

- Bug fixes:
  - Always use the current toggle state for new requests.
    Previously new requests on reused connections inherited
    the toggle state from the previous request even though
    the toggle state could have changed.
    Reported by Robert Klemme.
  - Fixed two buffer-overflows in the (deprecated) static
    pcre code. These bugs are not considered security issues
    as the input is trusted.
    Found with afl-fuzz and ASAN.

- General improvements:
  - Added support for client-specific tags which allow Privoxy
    admins to pre-define tags that are set for all requests from
    clients that previously opted in through the CGI interface.
    They are useful in multi-user setups where admins may
    want to allow users to disable certain actions and filters
    for themselves without affecting others.
    In single-user setups they are useful to allow more fine-grained
    toggling. For example to disable request blocking while still
    crunching cookies, or to disable experimental filters only.
    This is an experimental feature, the syntax and behaviour may
    change in future versions.
    Sponsored by Robert Klemme.
  - Dynamic filters and taggers now support a $listen-address variable
    which contains the address the request came in on.
    For external filters the variable is called $PRIVOXY_LISTEN_ADDRESS.
    Original patch contributed by pursievro.
  - Add client-header-tagger 'listen-address'.
  - Include the listen-address in the log message when logging new requests.
    Patch contributed by pursievro.
  - Turn invalid max-client-connections values into fatal errors.
  - The show-status page now shows whether or not dates before 1970
    and after 2038 are expected to be handled properly.
    This is mainly useful for Privoxy-Regression-Test but could
    also come handy when dealing with time-related support requests.
  - On Mac OS X the thread id in log messages are more likely to
    be unique now.
  - When complaining about missing filters, the filter type is logged
    as well.
  - A couple of harmless coverity warnings were silenced
    (CID #161202, CID #161203, CID #161211).

- Action file improvements:
  - Filtering is disabled for Range requests to let download resumption
    and Windows updates work with the default configuration.
  - Unblock ".ardmediathek.de/".
    Reported by ThTomate in #932.

- Documentation improvements:
  - Add FAQ entry for crashes caused by memory limits.
  - Remove obsolete FAQ entry about a bug in PHP 4.2.3.
  - Mention the new mailing lists were appropriate.
    As the archives have not been migrated, continue to
    mention the archives at SF in the contacting section
    for now.
  - Note that the templates should be adjusted if Privoxy is
    running as intercepting proxy without getting all requests.
  - A bunch of links were converted to https://.
  - Rephrase onion service paragraph to make it more obvious
    that Tor is involved and that the whole website (and not
    just the homepage) is available as onion service.
  - Streamline the "More information" section on the homepage further
    by additionally ditching the link to the 'See also' section
    of the user manual. The section contains mostly links that are
    directly reachable from the homepage already and the rest is
    not significant enough to get a link from the homepage.
  - Change the add-header{} example to set the DNT header
    and use a complete section to make copy and pasting
    more convenient.
    Add a comment to make it obvious that adding the
    header is not recommended for obvious reasons.
    Using the DNT header as example was suggested by
    Leo Wzukw.
  - Streamline the support-and-service template
    Instead of linking to the various support trackers
    (whose URLs hopefully change soon), link to the
    contact section of the user manual to increase the
    chances that users actually read it.
  - Add a FAQ entry for tainted sockets.
  - More sections in the documentation have stable URLs now.
  - FAQ: Explain why 'ping config.privoxy.org' is not expected
    to reach a local Privoxy installation.
  - Note that donations done through Zwiebelfreunde e.V. currently
    can't be checked automatically.
  - Updated section regarding starting Privoxy under OS X.
  - Use dedicated start instructions for FreeBSD and ElectroBSD.
  - Removed release instructions for AIX. They haven't been working
    for years and unsurprisingly nobody seems to care.
  - Removed obsolete reference to the solaris-dist target.
  - Updated the release instructions for FreeBSD.
  - Removed unfinished release instructions for Amiga OS and HP-UX 11.
  - Added a pointer to the Cygwin Time Machine for getting the last release of
    Cygwin version 1.5 to use for building Privoxy on Windows.
  - Various typos have been fixed.

- Infrastructure improvements:
  - The website is no longer hosted at SourceForge and
    can be reached through https now.
  - The mailing lists at SourceForge have been deprecated,
    you can subscribe to the new ones at: https://lists.privoxy.org/
  - Migrating the remaining services from SourceForge is
    work in progress (TODO list item #53).

- Build system improvements:
  - Add configure argument to optimistically redefine FD_SETSIZE
    with the intent to change the maximum number of client
    connections Privoxy can handle. Only works with some libcs.
    Sponsored by Robert Klemme.
  - Let the tarball-dist target skip files in ".git".
  - Let the tarball-dist target work in cwds other than current.
  - Make the 'clean' target faster when run from a git repository.
  - Include tools in the generic distribution.
  - Let the gen-dist target work in cwds other than current.
  - Sort find output that is used for distribution tarballs
    to get reproducible results.
  - Don't add '-src' to the name of the tar ball generated by the
    gen-dist target. The package isn't a source distribution but a
    binary package.
    While at it, use a variable for the name to reduce the chances
    that the various references get out of sync and fix the gen-upload
    target which was looking in the wrong directory.
  - Add regression-tests.action to the files that are distributed.
  - The gen-dist target which was broken since 2002 (r1.92) has been fixed.
  - Remove genclspec.sh which has been obsolete since 2009.
  - Remove obsolete reference to Redhat spec file.
  - Remove the obsolete announce target which has been commented out years ago.
  - Let rsync skip files if the checksums match.

- Privoxy-Regression-Test:
  - Add a "Default level offset" directive which can be used to
    change the default level by a given value.
    This directive affects all tests located after it until the end
    of the file or a another "Default level offset" directive is reached.
    The purpose of this directive is to make it more convenient to skip
    similar tests in a given file without having to remove or disable
    the tests completely.
  - Let test level 17 depend on FEATURE_64_BIT_TIME_T
    instead of FEATURE_PTHREAD which has no direct connection
    to the time_t size.
  - Fix indentation in perldoc examples.
  - Don't overlook directives in the first line of the action file.
  - Bump version to 0.7.
  - Fix detection of the Privoxy version now that https://
    is used for the website.

*** Version 3.0.24 stable ***

- Security fixes (denial of service):
  - Prevent invalid reads in case of corrupt chunk-encoded content.
    CVE-2016-1982. Bug discovered with afl-fuzz and AddressSanitizer.
  - Remove empty Host headers in client requests.
    Previously they would result in invalid reads. CVE-2016-1983.
    Bug discovered with afl-fuzz and AddressSanitizer.

- Bug fixes:
  - When using socks5t, send the request body optimistically as well.
    Previously the request body wasn't guaranteed to be sent at all
    and the error message incorrectly blamed the server.
    Fixes #1686 reported by Peter Mler and G4JC.
  - Fixed buffer scaling in execute_external_filter() that could lead
    to crashes. Submitted by Yang Xia in #892.
  - Fixed crashes when executing external filters on platforms like
    Mac OS X. Reported by Jonathan McKenzie on ijbswa-users@.
  - Properly parse ACL directives with ports when compiled with HAVE_RFC2553.
    Previously the port wasn't removed from the host and in case of
    'permit-access 127.0.0.1 example.org:80' Privoxy would try (and fail)
    to resolve "example.org:80" instead of example.org.
    Reported by Pak Chan on ijbswa-users@.
  - Check requests more carefully before serving them forcefully
    when blocks aren't enforced. Privoxy always adds the force token
    at the beginning of the path, but would previously accept it anywhere
    in the request line. This could result in requests being served that
    should be blocked. For example in case of pages that were loaded with
    force and contained JavaScript to create additionally requests that
    embed the origin URL (thus inheriting the force prefix).
    The bug is not considered a security issue and the fix does not make
    it harder for remote sites to intentionally circumvent blocks if
    Privoxy isn't configured to enforce them.
    Fixes #1695 reported by Korda.
  - Normalize the request line in intercepted requests to make rewriting
    the destination more convenient. Previously rewrites for intercepted
    requests were expected to fail unless $hostport was being used, but
    they failed "the wrong way" and would result in an out-of-memory
    message (vanilla host patterns) or a crash (extended host patterns).
    Reported by "Guybrush Threepwood" in #1694.
  - Enable socket lingering for the correct socket.
    Previously it was repeatedly enabled for the listen socket
    instead of for the accepted socket. The bug was found by
    code inspection and did not cause any (reported) issues.
  - Detect and reject parameters for parameter-less actions.
    Previously they were silently ignored.
  - Fixed invalid reads in internal and outdated pcre code.
    Found with afl-fuzz and AddressSanitizer.
  - Prevent invalid read when loading invalid action files.
    Found with afl-fuzz and AddressSanitizer.
  - Windows build: Use the correct function to close the event handle.
    It's unclear if this bug had a negative impact on Privoxy's behaviour.
    Reported by Jarry Xu in #891.
  - In case of invalid forward-socks5(t) directives, use the
    correct directive name in the error messages. Previously they
    referred to forward-socks4t failures.
    Reported by Joel Verhagen in #889.

- General improvements:
  - Set NO_DELAY flag for the accepting socket. This significantly reduces
    the latency if the operating system is not configured to set the flag
    by default. Reported by Johan Sintorn in #894.
  - Allow to build with mingw x86_64. Submitted by Rustam Abdullaev in #135.
  - Introduce the new forwarding type 'forward-webserver'.
    Currently it is only supported by the forward-override{} action and
    there's no config directive with the same name. The forwarding type
    is similar to 'forward', but the request line only contains the path
    instead of the complete URL.
  - The CGI editor no longer treats 'standard.action' special.
    Nowadays the official "standards" are part of default.action
    and there's no obvious reason to disallow editing them through
    the cgi editor anyway (if the user decided that the lack of
    authentication isn't an issue in her environment).
  - Improved error messages when rejecting intercepted requests
    with unknown destination.
  - A couple of log messages now include the number of active threads.
  - Removed non-standard Proxy-Agent headers in HTTP snipplets
    to make testing more convenient.
  - Include the error code for pcre errors Privoxy does not recognize.
  - Config directives with numerical arguments are checked more carefully.
  - Privoxy's malloc() wrapper has been changed to prevent zero-size
    allocations which should only occur as the result of bugs.
  - Various cosmetic changes.

- Action file improvements:
  - Unblock ".deutschlandradiokultur.de/".
    Reported by u302320 in #924.
  - Add two fast-redirect exceptions for "yandex.ru".
  - Disable filter{banners-by-size} for ".plasmaservice.de/".
  - Unblock "klikki.fi/adv/".
  - Block requests for "resources.infolinks.com/".
    Reported by "Black Rider" on ijbswa-users@.
  - Block a bunch of criteo domains.
    Reported by Black Rider.
  - Block "abs.proxistore.com/abe/".
    Reported by Black Rider.
  - Disable filter{banners-by-size} for ".black-mosquito.org/".
  - Disable fast-redirects for "disqus.com/".

- Documentation improvements:
  - FAQ: Explicitly point fingers at ASUS as an example of a
    company that has been reported to force malware based on
    Privoxy upon its customers.
  - Correctly document the action type for a bunch of "multi-value"
    actions that were incorrectly documented to be "parameterized".
    Reported by Gregory Seidman on ijbswa-users@.
  - Fixed the documented type of the forward-override{} action
    which is obviously 'parameterized'.

- Website improvements:
  - Users who don't trust binaries served by SourceForge
    can get them from a mirror. Migrating away from SourceForge
    is planned for 2016 (TODO list item #53).
  - The website is now available as onion service
    (http://jvauzb4sb3bwlsnc.onion/).

Revision 1.58 / (download) - annotate - [select for diffs], Sat Jul 9 06:39:14 2016 UTC (6 years, 6 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2017Q4-base, pkgsrc-2017Q4, pkgsrc-2017Q3-base, pkgsrc-2017Q3, pkgsrc-2017Q2-base, pkgsrc-2017Q2, pkgsrc-2017Q1-base, pkgsrc-2017Q1, pkgsrc-2016Q4-base, pkgsrc-2016Q4, pkgsrc-2016Q3-base, pkgsrc-2016Q3
Changes since 1.57: +2 -2 lines
Diff to previous 1.57 (colored)

Bump PKGREVISION for perl-5.24.0 for everything mentioning perl.

Revision 1.57 / (download) - annotate - [select for diffs], Fri Jun 12 10:52:15 2015 UTC (7 years, 7 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2016Q2-base, pkgsrc-2016Q2, pkgsrc-2016Q1-base, pkgsrc-2016Q1, pkgsrc-2015Q4-base, pkgsrc-2015Q4, pkgsrc-2015Q3-base, pkgsrc-2015Q3, pkgsrc-2015Q2-base, pkgsrc-2015Q2
Changes since 1.56: +2 -1 lines
Diff to previous 1.56 (colored)

Recursive PKGREVISION bump for all packages mentioning 'perl',
having a PKGNAME of p5-*, or depending such a package,
for perl-5.22.0.

Revision 1.56 / (download) - annotate - [select for diffs], Tue Jan 27 20:32:26 2015 UTC (8 years ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2015Q1-base, pkgsrc-2015Q1
Changes since 1.55: +2 -2 lines
Diff to previous 1.55 (colored)

update to 3.0.23
changes:
-fixes possible crashes and memory leaks which qualify as DOS problems
 (CVE-2015-1380, CVE-2015-1381, CVE-2015-1382)
-minor fixes, documentation improvements

Revision 1.55 / (download) - annotate - [select for diffs], Thu Jan 15 19:39:15 2015 UTC (8 years ago) by drochner
Branch: MAIN
Changes since 1.54: +2 -3 lines
Diff to previous 1.54 (colored)

update to 3.0.22
changes: many fixes and small improvements, most notably some memory
 leak and a use-after-free are fixed which might be security issues

Revision 1.54 / (download) - annotate - [select for diffs], Tue Oct 14 06:39:30 2014 UTC (8 years, 3 months ago) by dholland
Branch: MAIN
CVS Tags: pkgsrc-2014Q4-base, pkgsrc-2014Q4
Changes since 1.53: +3 -2 lines
Diff to previous 1.53 (colored)

Enable compression. From Ben Gergely in PR 49280. PKGREVISION -> 6

Revision 1.53 / (download) - annotate - [select for diffs], Thu May 29 23:38:17 2014 UTC (8 years, 8 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2014Q3-base, pkgsrc-2014Q3, pkgsrc-2014Q2-base, pkgsrc-2014Q2
Changes since 1.52: +2 -2 lines
Diff to previous 1.52 (colored)

Bump for perl-5.20.0.
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.

Revision 1.52 / (download) - annotate - [select for diffs], Fri Jul 12 10:45:05 2013 UTC (9 years, 6 months ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2014Q1-base, pkgsrc-2014Q1, pkgsrc-2013Q4-base, pkgsrc-2013Q4, pkgsrc-2013Q3-base, pkgsrc-2013Q3
Changes since 1.51: +2 -2 lines
Diff to previous 1.51 (colored)

Bump PKGREVISION of all packages which create users, to pick up change of
sysutils/user_* packages.

Revision 1.51 / (download) - annotate - [select for diffs], Fri May 31 12:42:54 2013 UTC (9 years, 8 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base, pkgsrc-2013Q2
Changes since 1.50: +2 -2 lines
Diff to previous 1.50 (colored)

Bump all packages for perl-5.18, that
a) refer 'perl' in their Makefile, or
b) have a directory name of p5-*, or
c) have any dependency on any p5-* package

Like last time, where this caused no complaints.

Revision 1.50 / (download) - annotate - [select for diffs], Sun Oct 28 06:30:58 2012 UTC (10 years, 3 months ago) by asau
Branch: MAIN
CVS Tags: pkgsrc-2013Q1-base, pkgsrc-2013Q1, pkgsrc-2012Q4-base, pkgsrc-2012Q4
Changes since 1.49: +1 -3 lines
Diff to previous 1.49 (colored)

Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.

Revision 1.49 / (download) - annotate - [select for diffs], Wed Oct 3 21:59:04 2012 UTC (10 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.48: +2 -2 lines
Diff to previous 1.48 (colored)

Bump all packages that use perl, or depend on a p5-* package, or
are called p5-*.

I hope that's all of them.

Revision 1.48 / (download) - annotate - [select for diffs], Sun Aug 26 07:46:11 2012 UTC (10 years, 5 months ago) by dholland
Branch: MAIN
CVS Tags: pkgsrc-2012Q3-base, pkgsrc-2012Q3
Changes since 1.47: +2 -2 lines
Diff to previous 1.47 (colored)

whitespace

Revision 1.47 / (download) - annotate - [select for diffs], Sat Mar 3 00:14:07 2012 UTC (10 years, 11 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2012Q2-base, pkgsrc-2012Q2, pkgsrc-2012Q1-base, pkgsrc-2012Q1
Changes since 1.46: +2 -1 lines
Diff to previous 1.46 (colored)

Recursive bump for pcre-8.30* (shlib major change)

Revision 1.46 / (download) - annotate - [select for diffs], Fri Feb 10 13:21:08 2012 UTC (10 years, 11 months ago) by mjl
Branch: MAIN
Changes since 1.45: +2 -2 lines
Diff to previous 1.45 (colored)

Update privoxy to 3.0.19

- Bug fixes:
  - Prevent a segmentation fault when de-chunking buffered content.
    It could be triggered by malicious web servers if Privoxy was
    configured to filter the content and running on a platform
    where SIZE_T_MAX isn't larger than UINT_MAX, which probably
    includes most 32-bit systems.
  - Do not expect a response from the SOCKS4/4A server until it
    got something to respond to. This regression was introduced
    in 3.0.18 and prevented the SOCKS4/4A negotiation from working.

- General improvements:
  - Fix an off-by-one in an error message about connect failures.
  - Use a GNUMakefile variable for the webserver root directory and
    update the path. Sourceforge changed it which broke various
    web-related targets.
  - Update the CODE_STATUS description.

Revision 1.45 / (download) - annotate - [select for diffs], Wed Dec 7 16:13:51 2011 UTC (11 years, 1 month ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2011Q4-base, pkgsrc-2011Q4
Changes since 1.44: +2 -2 lines
Diff to previous 1.44 (colored)

update to 3.0.18
many fixes and improvements - see the ChangeLog file
one marked as security relevant:
If the redirect URL contains characters RFC 3986 doesn't permit,
they are (re)encoded. Not doing this makes Privoxy versions from
3.0.5 to 3.0.17 susceptible to HTTP response splitting (CWE-113)
attacks if the +fast-redirects{check-decoded-url} action is used.

Revision 1.44 / (download) - annotate - [select for diffs], Tue Apr 26 21:23:26 2011 UTC (11 years, 9 months ago) by mjl
Branch: MAIN
CVS Tags: pkgsrc-2011Q3-base, pkgsrc-2011Q3, pkgsrc-2011Q2-base, pkgsrc-2011Q2
Changes since 1.43: +3 -2 lines
Diff to previous 1.43 (colored)

Update privoxy to 3.0.17

- Fixes several provlems resulting in stalling the client until the
  server timed out.
- Fixes ACL bug that made it impossible to build a blacklist.
- Improved logging.
- Extended default filter list.

Revision 1.43 / (download) - annotate - [select for diffs], Wed Feb 24 23:22:45 2010 UTC (12 years, 11 months ago) by mjl
Branch: MAIN
CVS Tags: pkgsrc-2011Q1-base, pkgsrc-2011Q1, pkgsrc-2010Q4-base, pkgsrc-2010Q4, pkgsrc-2010Q3-base, pkgsrc-2010Q3, pkgsrc-2010Q2-base, pkgsrc-2010Q2, pkgsrc-2010Q1-base, pkgsrc-2010Q1
Changes since 1.42: +4 -4 lines
Diff to previous 1.42 (colored)

Update to privoxy 3.0.16 stable.

This is the first stable release since 3.0.12.
It introduces IPv6 support, improved keep-alive support and a bunch of
minor improvements.

Revision 1.42 / (download) - annotate - [select for diffs], Tue Feb 9 20:18:43 2010 UTC (12 years, 11 months ago) by joerg
Branch: MAIN
Changes since 1.41: +5 -9 lines
Diff to previous 1.41 (colored)

Fix overcomplicated install rules. Make sure to create the logfile at
install time with the right permissions and don't make most of the
templates group writeable. Bump revision.

Revision 1.41 / (download) - annotate - [select for diffs], Mon Feb 8 09:54:23 2010 UTC (12 years, 11 months ago) by tnn
Branch: MAIN
Changes since 1.40: +5 -2 lines
Diff to previous 1.40 (colored)

Package is not user-destdir ready.

Revision 1.40 / (download) - annotate - [select for diffs], Sat Aug 29 13:53:34 2009 UTC (13 years, 5 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2009Q4-base, pkgsrc-2009Q4, pkgsrc-2009Q3-base, pkgsrc-2009Q3
Changes since 1.39: +5 -3 lines
Diff to previous 1.39 (colored)

Convert to user-destdir.

Revision 1.39 / (download) - annotate - [select for diffs], Tue Apr 7 14:02:06 2009 UTC (13 years, 9 months ago) by mjl
Branch: MAIN
CVS Tags: pkgsrc-2009Q2-base, pkgsrc-2009Q2
Changes since 1.38: +2 -2 lines
Diff to previous 1.38 (colored)

Squash one pkglint warning.
Fix oversight in dns patch.

Revision 1.38 / (download) - annotate - [select for diffs], Tue Apr 7 00:21:46 2009 UTC (13 years, 9 months ago) by mjl
Branch: MAIN
Changes since 1.37: +4 -4 lines
Diff to previous 1.37 (colored)

Update privoxy to 3.0.12
This is a stable release which includes many enhancements but no major
new features. The most prominent improvement is support for keep-alive
connections.

Also add a patch to deal with non-availability of gethostbyname_r()
on NetBSD -- privoxy then uses gethostbyname() in a mutexed section,
effectively single threading DNS lookup. This is extremely annoying when
running into DNS timeouts. Hack around it by implementing functionality
using getaddrinfo().

Revision 1.34.12.1 / (download) - annotate - [select for diffs], Sat Feb 28 12:47:22 2009 UTC (13 years, 11 months ago) by rtr
Branch: pkgsrc-2008Q4
Changes since 1.34: +2 -1 lines
Diff to previous 1.34 (colored) next main 1.35 (colored)

pullup ticket #2711 - requested by drochner
privoxy: update for security fix

revisions pulled up:
pkgsrc/www/privoxy/Makefile		1.35,1.36
pkgsrc/www/privoxy/files/privoxy.sh	1.4,1.5
pkgsrc/www/privoxy/distinfo		1.9
pkgsrc/www/privoxy/patches/patch-af	1.1

   Module Name:    pkgsrc
   Committed By:   jnemeth
   Date:           Mon Feb  2 20:00:41 UTC 2009

   Modified Files:
           pkgsrc/www/privoxy: Makefile
           pkgsrc/www/privoxy/files: privoxy.sh

   Log Message:
   PR/40532 - Cem Kayali -- group permissions too broad
   Just fixing security issue, will leave pkg update for MAINTAINER for now.

------------------------------------------------------------------------
   Module Name:   pkgsrc
   Committed By:  drochner
   Date:          Wed Feb  4 21:20:39 UTC 2009


   Modified Files:
          pkgsrc/www/privoxy: Makefile distinfo
          pkgsrc/www/privoxy/files: privoxy.sh
   Added Files:
          pkgsrc/www/privoxy/patches: patch-af


   Log Message:
   give up supplementary group memberships on uid/gid switch, fixes
   unexpected privileges reported in PR pkg/40532 by Cem Kayali,
   the issue is being discussed with upstream,
   thanks to Cem for detailed reports,
   also back out explicit passing of PRIVOXY_GROUP to the program --
   while it does not hurt it is redundant because PRIVOXY_GROUP is already
   the primary group of PRIVOXY_USER

Revision 1.37 / (download) - annotate - [select for diffs], Wed Feb 4 21:30:53 2009 UTC (13 years, 11 months ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2009Q1-base, pkgsrc-2009Q1
Changes since 1.36: +3 -3 lines
Diff to previous 1.36 (colored)

update to 3.0.10
3.0.10 is a stable release which includes many enhancements but no major
new features. The most prominent improvements are SOCKS5 support and
zlib support for the default Privoxy builds.

Revision 1.36 / (download) - annotate - [select for diffs], Wed Feb 4 21:20:39 2009 UTC (13 years, 11 months ago) by drochner
Branch: MAIN
Changes since 1.35: +2 -3 lines
Diff to previous 1.35 (colored)

give up supplementary group memberships on uid/gid switch, fixes
unexpected privileges reported in PR pkg/40532 by Cem Kayali,
the issue is being discussed with upstream,
thanks to Cem for detailed reports,
also back out explicit passing of PRIVOXY_GROUP to the program --
while it does not hurt it is redundant because PRIVOXY_GROUP is already
the primary group of PRIVOXY_USER

Revision 1.35 / (download) - annotate - [select for diffs], Mon Feb 2 20:00:40 2009 UTC (13 years, 11 months ago) by jnemeth
Branch: MAIN
Changes since 1.34: +3 -1 lines
Diff to previous 1.34 (colored)

PR/40532 - Cem Kayali -- group permissions too broad
Just fixing security issue, will leave pkg update for MAINTAINER for now.

Revision 1.34 / (download) - annotate - [select for diffs], Wed Mar 12 21:35:03 2008 UTC (14 years, 10 months ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2008Q4-base, pkgsrc-2008Q3-base, pkgsrc-2008Q3, pkgsrc-2008Q2-base, pkgsrc-2008Q2, pkgsrc-2008Q1-base, pkgsrc-2008Q1, cwrapper, cube-native-xorg-base, cube-native-xorg
Branch point for: pkgsrc-2008Q4
Changes since 1.33: +2 -2 lines
Diff to previous 1.33 (colored)

update to 3.0.8
3.0.8 is a stable release which includes many significant enhancements and
new features, and the usual squashed bugs. The most prominent new
features are the ability to "tag" headers and apply actions based on those
tags, making Privoxy much more flexibile, and Privoxy can now act as an
"intercepting" proxy.

Revision 1.33 / (download) - annotate - [select for diffs], Sat Sep 8 21:58:02 2007 UTC (15 years, 4 months ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2007Q4-base, pkgsrc-2007Q4, pkgsrc-2007Q3-base, pkgsrc-2007Q3
Changes since 1.32: +2 -4 lines
Diff to previous 1.32 (colored)

Convert to use the features framework.

Revision 1.32 / (download) - annotate - [select for diffs], Thu Sep 6 21:51:55 2007 UTC (15 years, 4 months ago) by jlam
Branch: MAIN
Changes since 1.31: +2 -3 lines
Diff to previous 1.31 (colored)

Convert all libnbcompat/buildlink3.mk references to inplace.mk.

Revision 1.31 / (download) - annotate - [select for diffs], Wed Jul 4 20:55:05 2007 UTC (15 years, 7 months ago) by jlam
Branch: MAIN
Changes since 1.30: +3 -2 lines
Diff to previous 1.30 (colored)

Make it easier to build and install packages "unprivileged", where
the owner of all installed files is a non-root user.  This change
affects most packages that require special users or groups by making
them use the specified unprivileged user and group instead.

(1) Add two new variables PKG_GROUPS_VARS and PKG_USERS_VARS to
    unprivileged.mk.  These two variables are lists of other bmake
    variables that define package-specific users and groups.  Packages
    that have user-settable variables for users and groups, e.g. apache
    and APACHE_{USER,GROUP}, courier-mta and COURIER_{USER,GROUP},
    etc., should list these variables in PKG_USERS_VARS and PKG_GROUPS_VARS
    so that unprivileged.mk can know to set them to ${UNPRIVILEGED_USER}
    and ${UNPRIVILEGED_GROUP}.

(2) Modify packages to use PKG_GROUPS_VARS and PKG_USERS_VARS.

Revision 1.30 / (download) - annotate - [select for diffs], Fri Nov 24 18:26:06 2006 UTC (16 years, 2 months ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2007Q2-base, pkgsrc-2007Q2, pkgsrc-2007Q1-base, pkgsrc-2007Q1, pkgsrc-2006Q4-base, pkgsrc-2006Q4
Changes since 1.29: +2 -3 lines
Diff to previous 1.29 (colored)

update to 3.0.6
3.0.6 is a stable release which includes many significant enhancements
and new features, including a number of new actions, multiple filter file
capability, full windows service functionality, as well as numerous
bugs done away with. See http://www.privoxy.org/user-manual/whatsnew.html
for details.

Revision 1.29 / (download) - annotate - [select for diffs], Sun Oct 1 08:59:43 2006 UTC (16 years, 4 months ago) by schwarz
Branch: MAIN
Changes since 1.28: +6 -2 lines
Diff to previous 1.28 (colored)


added support for IRIX 5

Revision 1.28 / (download) - annotate - [select for diffs], Sat Sep 9 02:46:09 2006 UTC (16 years, 4 months ago) by obache
Branch: MAIN
CVS Tags: pkgsrc-2006Q3-base, pkgsrc-2006Q3
Changes since 1.27: +2 -2 lines
Diff to previous 1.27 (colored)

Rename variable MAKEFILE to MAKE_FILE.

Revision 1.27 / (download) - annotate - [select for diffs], Thu Jun 15 20:36:08 2006 UTC (16 years, 7 months ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2006Q2-base, pkgsrc-2006Q2
Changes since 1.26: +2 -4 lines
Diff to previous 1.26 (colored)

Split out deinstall portion of INSTALL script into a DEINSTALL script
to avoid the confusing DEINSTALL_TEMPLATE+=.../INSTALL line in the
Makefile.  Also, fix the INSTALL script so that we actually link a
real target into ${PKG_SYSCONFDIR}.  Bump the PKGREVISION.

Revision 1.26 / (download) - annotate - [select for diffs], Sun Apr 23 00:12:42 2006 UTC (16 years, 9 months ago) by jlam
Branch: MAIN
Changes since 1.25: +2 -2 lines
Diff to previous 1.25 (colored)

Modify packages that set PKG_USERS and PKG_GROUPS to follow the new
syntax as specified in pkgsrc/mk/install/bsd.pkginstall.mk:1.47.

Revision 1.25 / (download) - annotate - [select for diffs], Tue Mar 14 01:14:34 2006 UTC (16 years, 10 months ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2006Q1-base, pkgsrc-2006Q1
Changes since 1.24: +2 -3 lines
Diff to previous 1.24 (colored)

Modify the pkginstall framework so that it manages all aspects of
INSTALL/DEINSTALL script creation within pkgsrc.

If an INSTALL or DEINSTALL script is found in the package directory,
it is automatically used as a template for the pkginstall-generated
scripts.  If instead, they should be used simply as the full scripts,
then the package Makefile should set INSTALL_SRC or DEINSTALL_SRC
explicitly, e.g.:

	INSTALL_SRC=	${PKGDIR}/INSTALL
	DEINSTALL_SRC=	# emtpy

As part of the restructuring of the pkginstall framework internals,
we now *always* generate temporary INSTALL or DEINSTALL scripts.  By
comparing these temporary scripts with minimal INSTALL/DEINSTALL
scripts formed from only the base templates, we determine whether or
not the INSTALL/DEINSTALL scripts are actually needed by the package
(see the generate-install-scripts target in bsd.pkginstall.mk).

In addition, more variables in the framework have been made private.
The *_EXTRA_TMPL variables have been renamed to *_TEMPLATE, which are
more sensible names given the very few exported variables in this
framework.  The only public variables relating to the templates are:

	INSTALL_SRC		INSTALL_TEMPLATE
	DEINSTALL_SRC		DEINSTALL_TEMPLATE
				HEADER_TEMPLATE

The packages in pkgsrc have been modified to reflect the changes in
the pkginstall framework.

Revision 1.24 / (download) - annotate - [select for diffs], Sun Feb 5 23:11:28 2006 UTC (16 years, 11 months ago) by joerg
Branch: MAIN
Changes since 1.23: +2 -2 lines
Diff to previous 1.23 (colored)

Recursive revision bump / recommended bump for gettext ABI change.

Revision 1.23 / (download) - annotate - [select for diffs], Thu Jan 5 22:16:40 2006 UTC (17 years ago) by joerg
Branch: MAIN
Changes since 1.22: +7 -8 lines
Diff to previous 1.22 (colored)

Use SUBST framework.

Revision 1.22 / (download) - annotate - [select for diffs], Thu Dec 29 06:22:24 2005 UTC (17 years, 1 month ago) by jlam
Branch: MAIN
Changes since 1.21: +1 -2 lines
Diff to previous 1.21 (colored)

Remove USE_PKGINSTALL from pkgsrc now that mk/install/pkginstall.mk
automatically detects whether we want the pkginstall machinery to be
used by the package Makefile.

Revision 1.21 / (download) - annotate - [select for diffs], Mon Dec 5 23:55:23 2005 UTC (17 years, 1 month ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2005Q4-base, pkgsrc-2005Q4
Changes since 1.20: +5 -5 lines
Diff to previous 1.20 (colored)

Ran "pkglint --autofix", which corrected some of the quoting issues in
CONFIGURE_ARGS.

Revision 1.20 / (download) - annotate - [select for diffs], Mon Dec 5 20:51:14 2005 UTC (17 years, 1 month ago) by rillig
Branch: MAIN
Changes since 1.19: +3 -3 lines
Diff to previous 1.19 (colored)

Fixed pkglint warnings. The warnings are mostly quoting issues, for
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some
other changes are outlined in

    http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html

Revision 1.19 / (download) - annotate - [select for diffs], Tue Aug 23 11:48:51 2005 UTC (17 years, 5 months ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2005Q3-base, pkgsrc-2005Q3
Changes since 1.18: +2 -2 lines
Diff to previous 1.18 (colored)

The real user name in PKG_USERS does not need to be escaped with double
backslashes anymore. A single backslash is enough. Changed the
definition in all affected packages. For those that are not caught, an
additional check is placed into bsd.pkginstall.mk.

Revision 1.18 / (download) - annotate - [select for diffs], Sat Jul 16 01:19:26 2005 UTC (17 years, 6 months ago) by jlam
Branch: MAIN
Changes since 1.17: +2 -2 lines
Diff to previous 1.17 (colored)

Get rid of USE_PERL5.  The new way to express needing the Perl executable
around at either build-time or at run-time is:

	USE_TOOLS+=	perl		# build-time
	USE_TOOLS+=	perl:run	# run-time

Also remove some places where perl5/buildlink3.mk was being included
by a package Makefile, but all that the package wanted was the Perl
executable.

Revision 1.17 / (download) - annotate - [select for diffs], Wed Jun 1 20:08:01 2005 UTC (17 years, 8 months ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2005Q2-base, pkgsrc-2005Q2
Changes since 1.16: +3 -5 lines
Diff to previous 1.16 (colored)

Remove mk/autoconf.mk and mk/automake.mk and replace their usage with
USE_TOOLS and any of "autoconf", "autoconf213", "automake" or
"automake14".  Also, we don't need to call the auto* tools via
${ACLOCAL}, ${AUTOCONF}, etc., since the tools framework takes care
to symlink the correct tool to the correct name, so we can just use
aclocal, autoconf, etc.

Revision 1.16 / (download) - annotate - [select for diffs], Sun May 22 20:08:46 2005 UTC (17 years, 8 months ago) by jlam
Branch: MAIN
Changes since 1.15: +2 -2 lines
Diff to previous 1.15 (colored)

Remove USE_GNU_TOOLS and replace with the correct USE_TOOLS definitions:

	USE_GNU_TOOLS	-> USE_TOOLS
	awk		-> gawk
	m4		-> gm4
	make		-> gmake
	sed		-> gsed
	yacc		-> bison

Revision 1.15 / (download) - annotate - [select for diffs], Mon Apr 11 21:48:01 2005 UTC (17 years, 9 months ago) by tv
Branch: MAIN
Changes since 1.14: +1 -2 lines
Diff to previous 1.14 (colored)

Remove USE_BUILDLINK3 and NO_BUILDLINK; these are no longer used.

Revision 1.14 / (download) - annotate - [select for diffs], Wed Dec 29 15:31:24 2004 UTC (18 years, 1 month ago) by minskim
Branch: MAIN
CVS Tags: pkgsrc-2005Q1-base, pkgsrc-2005Q1
Changes since 1.13: +2 -2 lines
Diff to previous 1.13 (colored)

Use VARBASE.

Revision 1.13 / (download) - annotate - [select for diffs], Tue Dec 28 02:47:50 2004 UTC (18 years, 1 month ago) by reed
Branch: MAIN
Changes since 1.12: +2 -2 lines
Diff to previous 1.12 (colored)

The default location of the pkgsrc-installed rc.d scripts is now
under share/examples/rc.d. The variable name already was named
RCD_SCRIPTS_EXAMPLEDIR.

This is from ideas from Greg Woods and others.

Also bumped PKGREVISION for all packages using RCD_SCRIPTS mechanism
(as requested by wiz).

Revision 1.12 / (download) - annotate - [select for diffs], Sat Dec 18 20:58:30 2004 UTC (18 years, 1 month ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2004Q4-base, pkgsrc-2004Q4
Changes since 1.11: +2 -1 lines
Diff to previous 1.11 (colored)

Auto-add the PTHREAD_* variables to CFLAGS, LDFLAGS, and LIBS so that
these packages will pick up -lpthread on NetBSD 1.6.x when linking
applications.

Revision 1.11 / (download) - annotate - [select for diffs], Sun Oct 3 00:18:27 2004 UTC (18 years, 4 months ago) by tv
Branch: MAIN
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)

Libtool fix for PR pkg/26633, and other issues.  Update libtool to 1.5.10
in the process.  (More information on tech-pkg.)

Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.

Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.

Revision 1.10 / (download) - annotate - [select for diffs], Fri Sep 24 14:08:36 2004 UTC (18 years, 4 months ago) by tv
Branch: MAIN
Changes since 1.9: +4 -3 lines
Diff to previous 1.9 (colored)

There's no need for a privoxy-user prerequisite package.  The build of
privoxy actually doesn't require the userid to exist at all.  Simply whack
the validity checks from configure.in, move PKG_USERS/PKG_GROUPS to the
main privoxy package, and all works fine.

(Similar to the modifications originally needed for Mailman, but in that
case, the numeric user IDs were also embedded in the binaries.  Fortunately,
that is not the case here.)

Revision 1.9 / (download) - annotate - [select for diffs], Wed Sep 22 16:09:57 2004 UTC (18 years, 4 months ago) by kim
Branch: MAIN
Changes since 1.8: +5 -3 lines
Diff to previous 1.8 (colored)

Upgraded privoxy to 3.0.3

--------------------------------------------------------------------------
ChangeLog for Version 3.0.3:
--------------------------------------------------------------------------

- Fixed yet another two memory leaks. Process growth looks stopped now.
- Further tightened security against malicious toggle-off links.
- Excluded text/plain MIME types from filtering. This fixes a
  couple of client-crashing, download corruption and
  Privoxy performance issues, whose root cause lies in
  web servers labelling content of unknown type as text/plain.
- Assorted fixes for POSIX compliance, signal handling, graceful
  termination, compiler warnings, OSX support, Win32 systray,
  error logging, hostname wildcards, correct detection of NetBSD.
- Workarounds for client (iTunes etc) and server (PHP < 4.2.3) bugs
  including the notorious "blank page" problem.
- Various filter improvements; most notably the unsolicited-popups
  filter became less destructive
- Major revamp of the actions file

Revision 1.8 / (download) - annotate - [select for diffs], Mon Apr 19 04:58:48 2004 UTC (18 years, 9 months ago) by snj
Branch: MAIN
CVS Tags: pkgsrc-2004Q3-base, pkgsrc-2004Q3, pkgsrc-2004Q2-base, pkgsrc-2004Q2
Changes since 1.7: +3 -3 lines
Diff to previous 1.7 (colored)

Convert to buildlink3.

Revision 1.7 / (download) - annotate - [select for diffs], Sat Jan 24 15:23:47 2004 UTC (19 years ago) by grant
Branch: MAIN
CVS Tags: pkgsrc-2004Q1-base, pkgsrc-2004Q1
Changes since 1.6: +2 -2 lines
Diff to previous 1.6 (colored)

replace deprecated USE_GMAKE with USE_GNU_TOOLS+=make.

Revision 1.6 / (download) - annotate - [select for diffs], Tue Jan 20 12:27:59 2004 UTC (19 years ago) by agc
Branch: MAIN
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)

Move WRKSRC definition away from the first paragraph in a Makefile.

Revision 1.5 / (download) - annotate - [select for diffs], Tue Jul 22 04:14:35 2003 UTC (19 years, 6 months ago) by martti
Branch: MAIN
CVS Tags: pkgsrc-2003Q4-base, pkgsrc-2003Q4
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored)

COMMENT should start with a capital letter.

Revision 1.4 / (download) - annotate - [select for diffs], Sat Jul 12 15:11:38 2003 UTC (19 years, 6 months ago) by salo
Branch: MAIN
Changes since 1.3: +2 -2 lines
Diff to previous 1.3 (colored)

Use RCD_SCRIPTS_SHELL instead of SH in rc.d script.
PKGREVISION++ (hi zuntum!)

Revision 1.3 / (download) - annotate - [select for diffs], Mon Jun 23 16:41:03 2003 UTC (19 years, 7 months ago) by jmc
Branch: MAIN
Changes since 1.2: +4 -4 lines
Diff to previous 1.2 (colored)

Convert to depending on privoxy-user rather than installing the user here
(since it's actually needed pre-build).

Revision 1.2 / (download) - annotate - [select for diffs], Wed Jun 18 17:02:59 2003 UTC (19 years, 7 months ago) by kim
Branch: MAIN
Changes since 1.1: +3 -3 lines
Diff to previous 1.1 (colored)

Use PKGNAME_NOREV.

Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Mon Jun 16 03:02:04 2003 UTC (19 years, 7 months ago) by kim
Branch: TNF
CVS Tags: pkgsrc-base
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)

privoxy-3.0.2 (stable)

Privoxy is a web proxy with advanced filtering capabilities for protecting
privacy, filtering web page content, managing cookies, controlling access,
and removing ads, banners, pop-ups and other obnoxious Internet junk.
Privoxy has a very flexible configuration and can be customized to suit
individual needs and tastes. Privoxy has application for both stand-alone
systems and multi-user networks.

Revision 1.1 / (download) - annotate - [select for diffs], Mon Jun 16 03:02:04 2003 UTC (19 years, 7 months ago) by kim
Branch: MAIN

Initial revision

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>