CVS log for pkgsrc/www/squid31/Attic/Makefile

Up to [cvs.NetBSD.org] / pkgsrc / www / squid31

Request diff between arbitrary revisions

Keyword substitution: kv
Default branch: MAIN

Squid 3.3 represents a new feature release above 3.2.
The most important of these new features are:
* SQL Database logging helper
* Time-Quota session helper
* SSL-Bump Server First
* Server Certificate Mimic
* Custom HTTP request headers

Pullup ticket #4026 - requested by taca
www/squid31: security update

Revisions pulled up:
- www/squid31/Makefile                                          1.43
- www/squid31/distinfo                                          1.38

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Fri Jan 11 13:32:56 UTC 2013

   Modified Files:
   	pkgsrc/www/squid31: Makefile distinfo

   Log Message:
   Update squid31 to 3.1.23.

   Changes to squid-3.1.23 (09 Jan 2013):

   	- Additional fixes for CVE-2012-5643 / SQUID:2012-1

Update squid31 to 3.1.23.

Changes to squid-3.1.23 (09 Jan 2013):

	- Additional fixes for CVE-2012-5643 / SQUID:2012-1

Pullup ticket #3992 - requested by tron
www/squid31: security update

Revisions pulled up:
- www/squid31/Makefile                                          1.42
- www/squid31/distinfo                                          1.37

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Mon Dec 17 14:42:54 UTC 2012

   Modified Files:
   	pkgsrc/www/squid31: Makefile distinfo

   Log Message:
   Updated "squid31" package to version 3.1.22. Changes sinc 3.1.20:
   - Bug 3622: peerClearRRStart scheduling multiple events
   - Bug 3615: configure check for default max number of FDs is broken
   - Bug 3607: --enable-auth documented default action incorrect
   - Bug 3593: socket failure: Address family not supported by protocol
   - Bug 3584: Detection of setresuid() is broken
   - Bug 3568: Consolidate external_acl_type config dumping and add missing %%
   - Bug 3564: eCAP not supporting CoAP URI schemes
   - Bug 3484: Docs: sslproxy_cert_error example flawed
   - Bug 3462: Delay Pools and ICAP
   - Bug 3133: better fix: Memory leak handling requests for sites that don't
     exist
   - Bug 2976: ERR_INVALID_URL for transparently captured requests when
     reconfiguring
   - Silence IOS 15.1 unknown capabilities messages.
   - Account for Store disk client quota when bandwidth-limiting the server.
   - ... and several documentation fixes
   - ... and several compile fixes


   To generate a diff of this commit:
   cvs rdiff -u -r1.41 -r1.42 pkgsrc/www/squid31/Makefile
   cvs rdiff -u -r1.36 -r1.37 pkgsrc/www/squid31/distinfo

Updated "squid31" package to version 3.1.22. Changes sinc 3.1.20:
- Bug 3622: peerClearRRStart scheduling multiple events
- Bug 3615: configure check for default max number of FDs is broken
- Bug 3607: --enable-auth documented default action incorrect
- Bug 3593: socket failure: Address family not supported by protocol
- Bug 3584: Detection of setresuid() is broken
- Bug 3568: Consolidate external_acl_type config dumping and add missing %%
- Bug 3564: eCAP not supporting CoAP URI schemes
- Bug 3484: Docs: sslproxy_cert_error example flawed
- Bug 3462: Delay Pools and ICAP
- Bug 3133: better fix: Memory leak handling requests for sites that don't
  exist
- Bug 2976: ERR_INVALID_URL for transparently captured requests when
  reconfiguring
- Silence IOS 15.1 unknown capabilities messages.
- Account for Store disk client quota when bandwidth-limiting the server.
- ... and several documentation fixes
- ... and several compile fixes

recursive bump from cyrus-sasl libsasl2 shlib major bump.

Move --enable-auth to each squid package from common Makefile.squid.

Bump all packages that use perl, or depend on a p5-* package, or
are called p5-*.

I hope that's all of them.

Changes 3.1.20:
Bug 3013: segmentation fault on shutdown commSetCloseOnExec at comm.cc:1889
Bug 3233: Invalid URL accepted with url host is white spaces
Bug 3074: Improper URL handling with empty path (RFC 3986)
Bug 3463: dnsserver fails to compile
Bug 3390: Proxy auth data visible to scripts
Extend g++ compatibility for extern inline functions
Bug 3545: FreeBSD dnsserver segfaults
Bug 3466: Adaptation stuck on last single-byte body piece
Bug 3539: CONNECT server connection not closed correctly on errors
Bug 3133: Memory leak handling requests for sites that don't exist
Bug 3504: Regression: clientside_tos fails to mark traffic
Fix URL schemes out of sync
AnyP is a 3.2-only namespace
Support CoAP over HTTP
Bug 3263: ssl_crtd: undefined references to squid_curtime
Bug 3439: correct external_acl_type documented default for ipv4/ipv6 option
Fix closePipesSafely. It is a 3.2 feature
Revert rev10436. Correct patch already applied in 3.1.19
Bug 3420: part 2: Request body consumption races and theConsumer
Better helper-to-Squid buffer size management.
Support for 3.2 error template codes
Translations: Sync with 3.2
Regression: snmp/udp address directives not resolving hostname
Bug 3502: client timeout uses server-side read_timeout, not request_timeout

Changes 3.1.19:
* Regression Bug 3441: part 2: Prevent further cache size corruption of
  swap.state
* Bug 3473: erase last uses of obsolete auth_user_hash_pointer
* Bug 3470: GCC 4.7
* Bug 3442: assertion failed: external_acl.cc:908: ch->auth_user_request != NULL
* Bug 3441: part 1: Minimize cache size corruption by malformed swap.state
* Bug 3440: compile error in Adaptation
* Bug 3420: Request body consumption races and !theConsumer exception
* Bug 3370: external ACL sometimes skipping
* Bug 3085: Crash when parsing esi:include
* HTTP/1.1: do not add 110 and 111 Warnings to revalidated responses
* Fix SSL library dependency fixes

Changes 3.1.18:
* Bug 3085: Crash when parsing esi:include
* Bug 3442: assertion failed: external_acl.cc:908: ch->auth_user_request != NULL
* Polish: debug messages on swap.state rename failure
* Portability: SSL library dependency fixes
* Bug 3440: compile error in Adaptation

Don't allow '/' characters to be passed to pam_start() by the
PAM helper program. OpenPAM didn't check this, so it could be
tricked into reading arbitrary config files, allowing privilege
escalation.
Standard squid installations don't install the PAM helper SUID, but
depending on local needs, an administrator might choose to do so.
approved by pkg maintainer
bump PKGREV

Pullup ticket #3591 - requested by tron
www/squid31: security update

Revisions pulled up:
- www/squid31/Makefile                                          1.34
- www/squid31/distinfo                                          1.31

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Sat Oct 22 17:54:25 UTC 2011

   Modified Files:
   	pkgsrc/www/squid31: Makefile distinfo

   Log Message:
   Update "squid31" package to version 3.1.16. Changes since 3.1.15:
   - Bug 3373: invalid URL in ERR_CACHE_ACCESS_DENIED
   - Bug 3368: Unhandled exceptions are not logged (workaround)
   - Bug 3326: miss_access incorrect default
   - Bug 3320: miss_access description confusing
   - Bug 3241: squid_kerb_auth cross compilation fix
   - Bug 3237: seq fault in free() from rfc1035RRDestroy
   - Bug 3190: Large HTTP POST stuck after early ICAP 400 error response
   - db_auth: display available DSN drivers on connect error
   - Updated OpenSSL 1.0.0 version checks
   - ... and several documentation fixes


   To generate a diff of this commit:
   cvs rdiff -u -r1.33 -r1.34 pkgsrc/www/squid31/Makefile
   cvs rdiff -u -r1.30 -r1.31 pkgsrc/www/squid31/distinfo

Update "squid31" package to version 3.1.16. Changes since 3.1.15:
- Bug 3373: invalid URL in ERR_CACHE_ACCESS_DENIED
- Bug 3368: Unhandled exceptions are not logged (workaround)
- Bug 3326: miss_access incorrect default
- Bug 3320: miss_access description confusing
- Bug 3241: squid_kerb_auth cross compilation fix
- Bug 3237: seq fault in free() from rfc1035RRDestroy
- Bug 3190: Large HTTP POST stuck after early ICAP 400 error response
- db_auth: display available DSN drivers on connect error
- Updated OpenSSL 1.0.0 version checks
- ... and several documentation fixes

Pullup ticket #3516 - requested by tron
www/squid31 security update

Revisions pulled up:
- www/squid31/Makefile                                          1.32-1.33
- www/squid31/distinfo                                          1.29-1.30
- www/squid31/patches/patch-src_base_TidyPointer.h              1.1
- www/squid31/patches/patch-src_ssl_gadgets.cc                  1.1

---
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Wed Jul 20 11:44:27 UTC 2011

   Modified Files:
   	pkgsrc/www/squid31: Makefile distinfo
   Added Files:
   	pkgsrc/www/squid31/patches: patch-src_base_TidyPointer.h
   	    patch-src_ssl_gadgets.cc

   Log Message:
   Changes 3.1.14:
   * Regression Bug 3261: Could not create a DNS socket and exit

   Changes 3.1.13:
   * Regression Bug 3239: problems with myip/myport upgrade
   * Bug 3153: hung ICAP RESPMOD transactions
   * Update ssl_crtd to use 'OK' status inline with other helpers

---
   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Tue Aug 30 23:02:57 UTC 2011

   Modified Files:
   	pkgsrc/www/squid31: Makefile distinfo

   Log Message:
   Update "squid31" package to version 3.1.15. Changes since version 3.1.14:
   - Regression fix: vhost and defaultsite causing vport to be ignored
   - Regression Bug 3295: broken escaping in rfc1738_do_escape
   - Bug #3232: fails to compile with OpenSSL v1.0.0
   - Bug #3222: cache_peer name is not logging on CONNECT
   - Bug #3131: fd_table[fd].closing() assert from
     ConnStateData::noteMoreBodySpaceAvailable()
   - Bug #3217: "!fd_table[fd].closing()" from
     ServerStateData::noteMoreBodySpaceAvailable
   - Bug #3213: https sites (CONNECT) not open when using NTLM
   - Bug #3114: Memory leak in SSL certificate verify code
   - Bug #3107: ncsa_auth DES silently truncates passwords to 8 bytes
   - Bug #2662: cf_gen failure when cross compiling
   - Bug #2655: passing wrong the username to the url_rewrite_program
   - Bug #2495: ignore whitespace prefix on config lines
   - Bug #2051: 'default' cache_peer option does not match documentation
   - Bug #1842: Optimize order of tests in peerWouldBePinged() and
     peerHTTPOkay()
   - Bug #1791: timestampsSet does not validate Date: if server sends very
     old date
   - Correct parsing of large Gopher indexes
   - Enable negative cacheing on unknown or -1 expiry timestamp
   - Remove hierarchy_stoplist default value
   - Migrate cf_gen tool from C-style to C++
   - ... and several documentation and compiler warning fixes

Update "squid31" package to version 3.1.15. Changes since version 3.1.14:
- Regression fix: vhost and defaultsite causing vport to be ignored
- Regression Bug 3295: broken escaping in rfc1738_do_escape
- Bug #3232: fails to compile with OpenSSL v1.0.0
- Bug #3222: cache_peer name is not logging on CONNECT
- Bug #3131: fd_table[fd].closing() assert from
  ConnStateData::noteMoreBodySpaceAvailable()
- Bug #3217: "!fd_table[fd].closing()" from
  ServerStateData::noteMoreBodySpaceAvailable
- Bug #3213: https sites (CONNECT) not open when using NTLM
- Bug #3114: Memory leak in SSL certificate verify code
- Bug #3107: ncsa_auth DES silently truncates passwords to 8 bytes
- Bug #2662: cf_gen failure when cross compiling
- Bug #2655: passing wrong the username to the url_rewrite_program
- Bug #2495: ignore whitespace prefix on config lines
- Bug #2051: 'default' cache_peer option does not match documentation
- Bug #1842: Optimize order of tests in peerWouldBePinged() and
  peerHTTPOkay()
- Bug #1791: timestampsSet does not validate Date: if server sends very
  old date
- Correct parsing of large Gopher indexes
- Enable negative cacheing on unknown or -1 expiry timestamp
- Remove hierarchy_stoplist default value
- Migrate cf_gen tool from C-style to C++
- ... and several documentation and compiler warning fixes

Changes 3.1.14:
* Regression Bug 3261: Could not create a DNS socket and exit

Changes 3.1.13:
* Regression Bug 3239: problems with myip/myport upgrade
* Bug 3153: hung ICAP RESPMOD transactions
* Update ssl_crtd to use 'OK' status inline with other helpers

Enabled ICAP client, for dependend packages to work.

Changes 3.1.12:
* Regression fix: Use bigger buffer for server reads.
* Regression fix: Add reply_header_replace directive for ability lost since 2.7
* Bug 3181: /dev/poll fails to build on Solaris with GCC 4.5.0
* Bug 3177: assertion failed: comm.cc:1583: "fd >= 0"
* Bug 3175: IPv6 PTR lookup crashes on raw-IP URLs when IPv6 disabled
* Bug 3173: Assertion bodyPipe!=NULL on SslBump CONNECT response writing failure
* Bug 3164: Total memory info display 32-bit overflows
* Bug 3155: Werror is hard-coded in libTrie build
* Bug 3151: squid_kerb_auth: use autoconf LIBS instead of FLAGS for library
  linkage
* Bug 2976: invalid URL on intercepted requests during reconfigure
* Bug 2720: comment in same line as cache/mem_replacement_policy causes error
* Bug 2621: Provide request headers to RESPMOD when using cache_peer.
* Bug 2330: AuthUser objects are never unlocked
* Prevent CONNECT request relaying to origin servers
* squidclient HTTP/1.1 compliance updates (Pragma and User-Agent headers)
* squidclient: send Cache Manager password using -w
* eCAP: give full Request-URI to adapters
* ... and several debug and error display cleanups

Changes 3.1.11:
* Bug 3149: not caching eCAP adapted body
* Bug 3144: redirector program blocks while reading STDIN
* Bug 3140: memory leak in error page generation
* Bug 3137: RADIUS auth helper does not send identifier to RADIUS server
* Bug 3115: logging segfaults if access_log is set to a directory
* Bug 2968: Show the Vary: headers information in cachemgr objects report
* Bug 2959: remove SAMBAPREFIX dependency
* Bug 2868: icc doesn't like string literal in assert checks
* HTTP/1.1: Send 307 status on deny_info redirection
* HTTP/1.1: Support POST/PUT with no body
* HTTP/1.1: Allow persistent connections for Mozilla/3.0 User-Agents
* Support RFC 5861 Cache-Control: stale-if-error option
* Add ftp_eprt directive to disable EPRT extensions in FTP
* Fix external_acl_type grace=0 to obey TTL
* Fix IP/FQDN cache accounting to avoid idle caches on busy servers
* Prevent pipeline_prefetch misconfigurations breaking NTLM/Negotiate auth
* ... and some documentation updates and corrections
* ... and some portability and stability fixes

Changes 3.1.10:
* Bug 3121: memory leak in DigestAuth: AuthUser object is locked twice
* Bug 3113: Consuming too much memory when uploading files
* Bug 3110: 'reply_body_max_size none' does not work with x-forwarded-for
* Bug 3096: Consuming too much memory when delaying traffic
* Bug 3091: Bypassed ICAP errors are not counted as service failures
* Bug 3090: Polish FTP login error handing
* Bug 3068: cache_dir capacity and usage overflows
* Bug 3028: Permit wbinfo_group.pl to authenticate Kerberos users with NT domain
* Bug  427: HTTP Compliance: Support If-Match and If-None-Match requests
* Fix memory leak in adaptation_access
* Fix /dev/poll and poll() selection priority
* Fix PREFIX/var/run creation during install
* Fix cachemgr http_port config report display
* Add upgrade help process for obsolete options
* Accept RFC 2965 Set-Cookie2 / Cookie2 headers as 'known'
* HTTP/1.1: entry is stale if request has max-age=0
* HTTP/1.1: do not forward TRACE with Max-Forwards: 0 after REQMOD
* Toolchain update to support newer auto-tools
* ... and updated error page translations
* ... and updated documentation
* ... and some code optimization/simplification polish

Update "squid31" package to version 3.1.9. Changes since 3.1.8:
- Bug 3088: dnsserver is segfaulting
- Bug 3084: IPv6 without Host: header in request causes connection to hang
- Bug 3082: Typo in error message
- Bug 3073: tunnelStateFree memory leak of host member
- Bug 3058: errorSend and ICY leak MemBuf object
- Bug 3057: 64-bit Solaris 9 Squid unable to determine peer IP and port
- Bug 3056: comm.cc "!fd_table[fd].closing()" assertion crash when a helper
  dies
- Bug 3053: cache version 1 LFS support detection broken
- Bug 3051: integer display overflow
- Bug 3040: Lower-case domain entries from hosts and resolv.conf files
- Bug 3036: adaptation_access acls cannot see myportname
- Bug 3023: url_rewrite_program silently fails to rewrite on broken URLs
- Bug 2964: Prevent memory leaks when ICAP transactions fail
- Bug 2808: getRoundRobinParent not handling weights correctly
- Bug 2793: memory statistics sometimes display wrong
- Bug 2356: Port from 2.7: Solaris /dev/poll event ports support
- Bug 2311: crashes with ICAP RESPMOD for HTTP body size greater than 100kb
- Ensure /var/cache or jail equivalent exists on install
- HTTP/1.1: delete Warnings that have warning-date different from Date
- HTTP/1.1: do not remove ETag header from partial responses
- HTTP/1.1: make date parser stricter to better handle malformed Expires
- HTTP/1.1: improve age calculation
- HTTP/1.1: reply with a 504 error if required validation fails
- HTTP/1.1: add appropriate Warnings if serving a stale hit
- HTTP/1.1: support requests with Cache-Control: min-fresh
- HTTP/1.1: do not cache replies to requests with Cache-Control: no-store
- squidclient: Display IP(s) connected to in verbose (-v) display
- Fixes several issues with ICAP persistent connections
- Fixes small leaks in Netdb, DNS, ICAP, ICY, HTTPS
- ... and some cosmetic polishing

Pullup ticket 3216 - requested by tron
security update

Revisions pulled up:
- pkgsrc/www/squid/options.mk		1.20
- pkgsrc/www/squid31/Makefile		1.26
- pkgsrc/www/squid31/distinfo		1.24

-------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   adam
   Date:           Wed Jul 28 10:16:14 UTC 2010

   Modified Files:
           pkgsrc/www/squid: options.mk
           pkgsrc/www/squid31: Makefile distinfo

   Log Message:
   Changes 3.1.5.1:
   * SourceFormat Enforcement
   * Replace most USE_IPV6 with run-time support probing
   * Translations: sync with 3.HEAD language updates
   * Split-Stack enable DNS and http(s)_port sockets.
   * Bug: --with-valgrind-debug failures ignored
   * Fixed comm.cc:377: "fd_table[fd].halfClosedReader !=3D NULL" assertion
   * Kludge: try to detect system acinclude path, to fix libtool brokenness.
   * Bug: search scope for digest_ldap_auth didn't work
   * Update libtool autoconf macros to libtool2 style
   * Correction documentation of QoS disable-preserve-miss
   * Remove .so from SASL build checks
   * Bug: AIX support: c only c++ style comments test case
   * Bug: AIX support: check libm for log()
   * Do not stop accepting just because we got COMM_NOMESSAGE.
   * Bug: AIX support: uchar is already define (more)
   * Bug: AIX support: uchar is already define
   * Bug: crash handling NULL write callback
   * Correct Joomla DB auth handling
   * Fixed memory leak related to retried requests.
   * Prevent memory leaks when cloning Range requests.
   * Fixed memory leaks related to Range requests.

   Changes 3.1.5:
   * Bug: Fix context leak in HttpStateData::processReplyHeader
   * Bug: raw-IPv6 address URL with append_domain broken
   * Bug: does not send indirect X-Client-Ip in ICAP respmod
   * Fix free memory corruption and off-by-on error when comparing SNMP OIDs
   * Restart DNS retransmission count when restarting the query as an A lookup
   * Bug: HTTP responses with no Date, L-M or Expires can now be cached
   * Maintenance: Formater skip libltdl dirs
   * SourceFormat Enforcement
   * Bug: Fails to detect chunked encoding if not given in all lower case
   * Port from 2.7: max_filedescriptor config option
   * persistent_connection_after_error is meant to be on by default
   * kFreeBSD does not have linux headers. Wrap properly.
   * Maintenance: Use system MD5 instead of hard-coded python paths
   * Bug: ICAP tokens not logged when using multiple access
   * SourceFormat Enforcement
   * OpenBSD: Fix build mem.cc warning: converting of negative value


   To generate a diff of this commit:
   cvs rdiff -u -r1.19 -r1.20 pkgsrc/www/squid/options.mk
   cvs rdiff -u -r1.22 -r1.23 pkgsrc/www/squid31/Makefile
   cvs rdiff -u -r1.20 -r1.21 pkgsrc/www/squid31/distinfo

-------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   tron
   Date:           Wed Aug  4 11:36:08 UTC 2010

   Modified Files:
           pkgsrc/www/squid31: Makefile distinfo

   Log Message:
   Update "squid31" package to version 3.1.6. Changes since 3.1.5.1:
   - Bug 2994, 2995: IPv4-only regressions
   - Bug 2991: Wrong parameters to fcntl() in commSetCloseOnExec()
   - Bug 2975: chunked requests not supported after regular ones
   - Fix: 32-bit overflow in reported bytes received from next hop
   - Fix Libtool build regressions
   - Limited split-stack IPv6 support.
   - squid_db_auth support MD5 encrypted passwords


   To generate a diff of this commit:
   cvs rdiff -u -r1.23 -r1.24 pkgsrc/www/squid31/Makefile
   cvs rdiff -u -r1.21 -r1.22 pkgsrc/www/squid31/distinfo

-------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   tron
   Date:           Wed Aug 25 17:53:44 UTC 2010

   Modified Files:
           pkgsrc/www/squid31: Makefile distinfo

   Log Message:
   Update "squid31" package to version 3.1.7. Change since 3.1.6:
   - Regression Bug 3021: Large DNS reply causes crash
   - Regression Bug 3011: ICAP, HTTPS, cache_peer probe IPv4-only port fixes
   - Regression Bug 2997: visible_hostname directive no longer matches docs
   - Bug 3012: deprecate sslBump and support ssl-bump spelling in http_port
   - Bug 3006: handle IPV6_V6ONLY definition missing
   - Bug 3004: Solaris 9 SunStudio 12 build failure
   - Bug 3003: inconsistent concepts in documentation of cache_dir
   - Bug 3001: dnsserver link issues
   - HTTP/1.1: default keep-alive for 1.1 clients (bug 3016)
   - HTTP/1.1: Improved Range header field validation
   - HTTP/1.1: Forward multiple unknown Cache-Control directives
   - HTTP/1.1: Stop sending Proxy-Connection header
   - Fix 32-bit wrap in refresh_pattern min/max values
   - ... and several documentation corrections.


   To generate a diff of this commit:
   cvs rdiff -u -r1.24 -r1.25 pkgsrc/www/squid31/Makefile
   cvs rdiff -u -r1.22 -r1.23 pkgsrc/www/squid31/distinfo

-------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   tron
   Date:           Tue Sep  7 19:55:17 UTC 2010

   Modified Files:
           pkgsrc/www/squid31: Makefile distinfo

   Log Message:
   Update "squid31" package to version 3.1.8. Changes since 3.1.7:
   - Security fixes:
    - Fixes for the request processing vulnerability tagged SQUID-2010:3.
      http://www.squid-cache.org/Advisories/SQUID-2010_3.txt
    - A hardening of the DNS client against packet queueing approaches
      used to enable attacks. This completes the protection against attacks
      published by Yamaguchi late in 2009.
    - An HTTP request-line parser hardened against several categories of
      request attack. This greatly increasing the speed of detection and
      reducing resources used to detect these categories of attack.
   - Fixes for the following bugs:
     - Bug 3020: Segmentation fault: nameservers[vc->ns].vc =3D NULL
     - Bug 3005,2972: Locate LTDL headers correctly (again)
     - Bug 2872: leaking file descriptors
     - Bug 2583: pure virtual method called


   To generate a diff of this commit:
   cvs rdiff -u -r1.25 -r1.26 pkgsrc/www/squid31/Makefile
   cvs rdiff -u -r1.23 -r1.24 pkgsrc/www/squid31/distinfo

Update "squid31" package to version 3.1.8. Changes since 3.1.7:
- Security fixes:
 - Fixes for the request processing vulnerability tagged SQUID-2010:3.
   http://www.squid-cache.org/Advisories/SQUID-2010_3.txt
 - A hardening of the DNS client against packet queueing approaches
   used to enable attacks. This completes the protection against attacks
   published by Yamaguchi late in 2009.
 - An HTTP request-line parser hardened against several categories of
   request attack. This greatly increasing the speed of detection and
   reducing resources used to detect these categories of attack.
- Fixes for the following bugs:
  - Bug 3020: Segmentation fault: nameservers[vc->ns].vc = NULL
  - Bug 3005,2972: Locate LTDL headers correctly (again)
  - Bug 2872: leaking file descriptors
  - Bug 2583: pure virtual method called

Update "squid31" package to version 3.1.7. Change since 3.1.6:
- Regression Bug 3021: Large DNS reply causes crash
- Regression Bug 3011: ICAP, HTTPS, cache_peer probe IPv4-only port fixes
- Regression Bug 2997: visible_hostname directive no longer matches docs
- Bug 3012: deprecate sslBump and support ssl-bump spelling in http_port
- Bug 3006: handle IPV6_V6ONLY definition missing
- Bug 3004: Solaris 9 SunStudio 12 build failure
- Bug 3003: inconsistent concepts in documentation of cache_dir
- Bug 3001: dnsserver link issues
- HTTP/1.1: default keep-alive for 1.1 clients (bug 3016)
- HTTP/1.1: Improved Range header field validation
- HTTP/1.1: Forward multiple unknown Cache-Control directives
- HTTP/1.1: Stop sending Proxy-Connection header
- Fix 32-bit wrap in refresh_pattern min/max values
- ... and several documentation corrections.

Update "squid31" package to version 3.1.6. Changes since 3.1.5.1:
- Bug 2994, 2995: IPv4-only regressions
- Bug 2991: Wrong parameters to fcntl() in commSetCloseOnExec()
- Bug 2975: chunked requests not supported after regular ones
- Fix: 32-bit overflow in reported bytes received from next hop
- Fix Libtool build regressions
- Limited split-stack IPv6 support.
- squid_db_auth support MD5 encrypted passwords

Changes 3.1.5.1:
* SourceFormat Enforcement
* Replace most USE_IPV6 with run-time support probing
* Translations: sync with 3.HEAD language updates
* Split-Stack enable DNS and http(s)_port sockets.
* Bug: --with-valgrind-debug failures ignored
* Fixed comm.cc:377: "fd_table[fd].halfClosedReader != NULL" assertion
* Kludge: try to detect system acinclude path, to fix libtool brokenness.
* Bug: search scope for digest_ldap_auth didn't work
* Update libtool autoconf macros to libtool2 style
* Correction documentation of QoS disable-preserve-miss
* Remove .so from SASL build checks
* Bug: AIX support: c only c++ style comments test case
* Bug: AIX support: check libm for log()
* Do not stop accepting just because we got COMM_NOMESSAGE.
* Bug: AIX support: uchar is already define (more)
* Bug: AIX support: uchar is already define
* Bug: crash handling NULL write callback
* Correct Joomla DB auth handling
* Fixed memory leak related to retried requests.
* Prevent memory leaks when cloning Range requests.
* Fixed memory leaks related to Range requests.

Changes 3.1.5:
* Bug: Fix context leak in HttpStateData::processReplyHeader
* Bug: raw-IPv6 address URL with append_domain broken
* Bug: does not send indirect X-Client-Ip in ICAP respmod
* Fix free memory corruption and off-by-on error when comparing SNMP OIDs
* Restart DNS retransmission count when restarting the query as an A lookup
* Bug: HTTP responses with no Date, L-M or Expires can now be cached
* Maintenance: Formater skip libltdl dirs
* SourceFormat Enforcement
* Bug: Fails to detect chunked encoding if not given in all lower case
* Port from 2.7: max_filedescriptor config option
* persistent_connection_after_error is meant to be on by default
* kFreeBSD does not have linux headers. Wrap properly.
* Maintenance: Use system MD5 instead of hard-coded python paths
* Bug: ICAP tokens not logged when using multiple access
* SourceFormat Enforcement
* OpenBSD: Fix build mem.cc warning: converting of negative value

Update "squid31" package to version 3.1.4. Changes since version 3.1.3:
- Bug 2933: Verification of the max. port number for WCCP2 dynamic service
- Bug 2924: RADIUS helper compile issues
- Bug 2922: Fix assertion failed: HttpHeader.cc: "Headers[id].stat.aliveCount"
- Bug 2919: tcp_outgoing_address ACLs not obeying acl_uses_indirect_client
- Bug 2896: Fix assertion failed: comm.cc:2063: "!fd_table[fd].closing()"
- Bug 2879: pt2: 3.0 regression in headers end finding
- Bug 2877: pt2: only output zero-size warning on reverse-proxy requests
- Bug 2876: FD_SETSIZE override not working on all linux distributions
- Bug 2810: common log format generates 2 lines of syslog
- Bug 2789: Optimize unlimited memory pools, and correctly handle limits over 2GB
- Bug 2753: Fall back on IPv4 if IPv6 is not present
- Bug 2697: Adaptation leaks and extra requests after reconfiguration
- Bug 2633: Fix Ecap::HeaderRep::value(name) fails when there is no named header field
- Change LDAP helpers to default to LDAP version 3 if available
- Add Joomla and Salted Hash support to squid_db_auth helper
- Fixed IpAddress port printing for ports higher than 9999
- Disable chunked memory pooling by default.
- ... and several build errors.

Update "squid31" package to version 3.1.3. Changes since version 3.1.1:
- Bug 2913: Fix DB auth warning in new perl version
- Bug 2904: Prevent automake creating incomplete files
- Bug 2899: Regression: Restore lost rfc1738_unescape() data type
- Bug 2895: Regression: TPROXY2 compile errors
- Bug 2879: Regression: headers end-finding
- Bug 2874: Accept literal IPv6 address in icap_service URL
- Bug 2860: Regression: WCCPv1 handshake
- Bug 2848: Pass TCP_RST to client on early disconnect
- Debian Bug 578047: Correct behaviour of --enable-ipv6
- HTTP/1.1: Advertise 1.1 on replies
- AIX / UNIX build fixes
- Cygwin build fixes
- squidclient: -k option to test connection keep-alive or close
- Improved helper build for wider compatibility
- Ensure the PID file directory exists on install
- Remove: Advertise 1.1 on replies
- Fix tag ACL type not working

Update "squid31" package to version 3.1.1. Changes since version 3.1.0.18:
The 3.1.1 is the first release of the Squid-3.1 series which has passed
the maintainer's criteria for use in production environments.

3.1.1 brings many new features and upgrades to the basic networking
protocols. A short list of the major new features is:
 * Connection Pinning (for NTLM Auth Passthrough)
 * Native IPv6
 * Quality of Service (QoS) Flow support
 * Native Memory Cache
 * SSL Bump (for HTTPS Filtering and Adaptation)
 * TProxy v4.1+ support
 * eCAP Adaptation Module support
 * Error Page Localization
 * Follow X-Forwarded-For support
 * X-Forwarded-For options extended (truncate, delete, transparent)
 * Peer-Name ACL
 * Reply headers to external ACL.
 * ICAP and eCAP Logging
 * ICAP Service Sets and Chains
 * ICY (SHOUTcast) streaming protocol support
 * HTTP/1.1 support on connections to web servers and peers.
   (with plans to make this full support within the 3.1 series)

Approved by Thomas Klausner.

Update "squid31" package to version 3.1.0.18.
Changes since version 3.1.0.16:
- Regression Fix: Non-English error page UTF encoding
- Bug 2616: reduce IdleConnList::removeFD messages
- Bug 1843: multicast-siblings cache_peer option
- Port from 2.7: X509 certificate alias-domain handling
- Add adapted_http_access option
- NTLMv2 support for fake NTLM helper
- Regression Fix: IPv4-mapped prefix, broken in 3.1.0.16
- Bug 2869: Remove unused external reference
- Bug 2866: Support OpenSSL 1.0
- Bug 2813: Random unix_group crash at startup
- Send HTTP1.1 compliant 417 responses
- Associate external acl message with the request
- Various Digest parser fixes
- ... and all bug fixes from 3.0 up to 3.0.STABLE25

Don't use the "install-pinger" target to change the permissions of
"libexec/pinger", simply use "SPECIAL_PERMS".

Now all three "squid" packages support user destination dir installation.

Pullup ticket 2984 - requested by tron
security update

Revisions pulled up:
- pkgsrc/www/squid31/Makefile		1.17
- pkgsrc/www/squid31/distinfo		1.15

Files removed:
pkgsrc/www/squid31/patches/patch-ah
pkgsrc/www/squid31/patches/patch-am

   -------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   tron
   Date:           Tue Feb  2 13:57:49 UTC 2010

   Modified Files:
           pkgsrc/www/squid31: Makefile distinfo
   Removed Files:
           pkgsrc/www/squid31/patches: patch-ah patch-am

   Log Message:
   Update "squid31" package to version 3.1.0.16. Changes since 3.1.0.15:
   - Regression Fix: Make Squid abort on all config parse failures.
   - Regression Bug 2811: SNMP client/peer table OID numbering
   - Bug 2851: Connection pinning fails when using a peer
   - Bug 2850: Mismatch in hier_code enum / hier_strings array
   - Bug 2731: Add follow_x_forwarded_for support to ICAP
   - Bug 2730: Regressions in follow_x_forwarded_for since Squid-2
   - Bug 2706: Set timestamps during ICAP request satisfaction.
   - Bug 2553: X-Forwarded-For with IPv6 address not handled correctly
   - Fix: WCCPv1 not connecting to router correctly
   - Remove obsolete RunCache/RunAccel scripts.
   - Add client_ip_max_connections
   - Add the http::>ha format code and make http::>h log original request
     headers
   - ... and all bug fixes from 3.0 up to 3.0.STABLE22
   - ... and many more minor build and display annoyances.

   This update also contains the fix for the remote DoS vulnerability
   reported in "Squid Proxy Cache Security Update Advisory SQUID-2010:1".


   To generate a diff of this commit:
   cvs rdiff -u -r1.16 -r1.17 pkgsrc/www/squid31/Makefile
   cvs rdiff -u -r1.14 -r1.15 pkgsrc/www/squid31/distinfo
   cvs rdiff -u -r1.2 -r0 pkgsrc/www/squid31/patches/patch-ah \
       pkgsrc/www/squid31/patches/patch-am

Update "squid31" package to version 3.1.0.16. Changes since 3.1.0.15:
- Regression Fix: Make Squid abort on all config parse failures.
- Regression Bug 2811: SNMP client/peer table OID numbering
- Bug 2851: Connection pinning fails when using a peer
- Bug 2850: Mismatch in hier_code enum / hier_strings array
- Bug 2731: Add follow_x_forwarded_for support to ICAP
- Bug 2730: Regressions in follow_x_forwarded_for since Squid-2
- Bug 2706: Set timestamps during ICAP request satisfaction.
- Bug 2553: X-Forwarded-For with IPv6 address not handled correctly
- Fix: WCCPv1 not connecting to router correctly
- Remove obsolete RunCache/RunAccel scripts.
- Add client_ip_max_connections
- Add the http::>ha format code and make http::>h log original request
  headers
- ... and all bug fixes from 3.0 up to 3.0.STABLE22
- ... and many more minor build and display annoyances.

This update also contains the fix for the remote DoS vulnerability
reported in "Squid Proxy Cache Security Update Advisory SQUID-2010:1".

Update "squid31" package to version 3.1.0.15. Changes since version 3.1.0.14:
- Regression Fix: myip ACL not accepted in config
- Bug 2795: acl arp lookups including port
- Bug 2794: ESI parsing fails on FreeBSD
- Bug 2778: fix linking issues using SunCC
- Bug 2724: eCAP build failure unless ICAP enabled
- Bug 2628: Correct default PID location to PREFIX/var/run/squid.pid
- Bug 2617: Performance degradation during processing list of dstdomain ACL's
- Bug 2374: Support ICY / ICEcast / SHOUTcast streaming protocol.
- Fix: 64-bit filesize issue in squidclient POST of large files
- Fix: send correct Connection: header on intercepted replies
- Support libtool 2.x
- ESI libraries libexpat and libxml2 now optional
- ESI support default enabled
- Bump libcap minimum requirement to libcap 2.09+
- ARP / MAC support fixes for IPv6-mode
- Add outstanding IPv6 settings to squid.conf (localnet, localhost)
- ... and many additions to the background testing structure
- ... and very many minor build and code cleanups for non-GCC compilers.

Update "squid31" package to version 3.1.0.14. Changes since 3.1.0.13:
- Bug 2777: Various build issues on OpenSolaris
- Bug 2773: Segfault in RFC2069 Digest authentication
- Bug 2747: Compile errors on Solaris 10
- Bug 2735: Incomplete -fhuge-objects detection
- Bug 2722: Fix http_port accel combined with CONNECT
- Bug 2718: FTP sends EPSV2 on IPv4 connection
- Bug 2648: stateful helpers stuck in reserved
- Bug 2570: wccp2 "Here I Am" announcements not sent in memory-ony mode
- Bug 2510: digest_ldap_auth uses incorrect logic with TLS
- Bug 2483: bind() called before connect()
- Bug 2215: config file line length limit (extended to 2 KB)
- Support Accept-Language: * wildcard
- Support autoconf 2.64
- Support TPROXY for IPv6 traffic (requires kernel support)
- Support TPROXY cache cluster behind WCCPv2
- Correct ESI support to work in multi-mode Squid
- Add 0.0.0.0 as an to_localhost address
- DiskIO detection fixes and use optimal IO in default build.
- Correct peer connect-fail-limit default of 10
- Prevent squidclient sending two Accept: headers
- ... all bug fixes from 3.0.STABLE19
- ... and many more documentation fixes

Approved by Thomas Klausner.

Pullup ticket 2851 - requested by tron
security update for squid31

Revisions pulled up:
- pkgsrc/www/squid31/Makefile			1.14
- pkgsrc/www/squid31/distinfo			1.12
- pkgsrc/www/squid31/patches/patch-ae		1.4

   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Wed Aug  5 10:29:12 UTC 2009

   Modified Files:
   	pkgsrc/www/squid31: Makefile distinfo
   	pkgsrc/www/squid31/patches: patch-ae

   Log Message:
   Update "squid31" package to version 3.1.0.13.
   Changes since version 3.1.0.12:
   - Bug 2723 regression: enable PURGE requests if PURGE method ACL is present.
   - Fix one more internal profiler error
   - Language Updates: Italian, Russian
   - Language Updates: Add many more aliases
   - Add Copyright document for errors/ content
   - ... all bug fixes from 3.0.STABLE18
   - ... and several code polishing cleanups

Update "squid31" package to version 3.1.0.13.
Changes since version 3.1.0.12:
- Bug 2723 regression: enable PURGE requests if PURGE method ACL is present.
- Fix one more internal profiler error
- Language Updates: Italian, Russian
- Language Updates: Add many more aliases
- Add Copyright document for errors/ content
- ... all bug fixes from 3.0.STABLE18
- ... and several code polishing cleanups

Pullup ticket 2840 - requested by tron
security update

Revisions pulled up:
- pkgsrc/www/squid/Makefile.squid		1.14
- pkgsrc/www/squid31/DESCR			1.2
- pkgsrc/www/squid31/Makefile			1.13
- pkgsrc/www/squid31/PLIST			1.3
- pkgsrc/www/squid31/distinfo			1.11
- pkgsrc/www/squid31/patches/patch-ad		1.5
- pkgsrc/www/squid31/patches/patch-ae		1.3

Files deleted:
pkgsrc/www/squid31/patches/patch-aa
pkgsrc/www/squid31/patches/patch-ab


   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Tue Jul  7 18:25:13 UTC 2009

   Modified Files:
   	pkgsrc/www/squid31: Makefile distinfo
   	pkgsrc/www/squid31/patches: patch-ae

   Log Message:
   Update "squid31" package to version 3.1.0.9. Changes since version 3.1.0.8:
   - Bug 2682: Add ftp_epsv control to disable EPSV support.
   - Bug 2665: Detach automake system from using -I.
   - Bug 2395: FTP auth errors not displayed
   - ... also several changes and bugs closed in 3.0.STABLE16
   - Port from 2.7: Show local address on listening sockets
   - Add "tag" type acl matching tags set by external acl helpers.
   - Adds Language alias linker/installer/upgrade scripts
   - Support for GCC 4.4
   - Fix false NAT lookup errors on Linux
   - Fix many Windows port issues
   - Fix squid_kerb_auth helepr install location
   - Better detection of IPv6 stack types
   - Updates Licensing information for Squid 3.1
   - ... and many packaging portability build and install issues


   To generate a diff of this commit:
   cvs rdiff -u -r1.7 -r1.8 pkgsrc/www/squid31/Makefile
   cvs rdiff -u -r1.4 -r1.5 pkgsrc/www/squid31/distinfo
   cvs rdiff -u -r1.1 -r1.2 pkgsrc/www/squid31/patches/patch-ae

   -----

   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Wed Jul  8 15:02:01 UTC 2009

   Modified Files:
   	pkgsrc/www/squid31: Makefile

   Log Message:
   Fix destdir build.


   To generate a diff of this commit:
   cvs rdiff -u -r1.8 -r1.9 pkgsrc/www/squid31/Makefile

   -----

   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Sun Jul 12 09:45:02 UTC 2009

   Modified Files:
   	pkgsrc/www/squid31: Makefile distinfo
   Added Files:
   	pkgsrc/www/squid31/patches: patch-aa

   Log Message:
   Add fix for Squid bug 2707 to make anonymous FTP work again.


   To generate a diff of this commit:
   cvs rdiff -u -r1.9 -r1.10 pkgsrc/www/squid31/Makefile
   cvs rdiff -u -r1.5 -r1.6 pkgsrc/www/squid31/distinfo
   cvs rdiff -u -r0 -r1.3 pkgsrc/www/squid31/patches/patch-aa

   -----

   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Sun Jul 19 23:05:38 UTC 2009

   Modified Files:
   	pkgsrc/www/squid31: DESCR Makefile PLIST distinfo
   	pkgsrc/www/squid31/patches: patch-aa patch-ad patch-ae

   Log Message:
   Update "squid31" package to version 3.1.0.11.
   Changes since version 3.1.0.9:
   - Bug 2087: Support adaptation sets and chains
   - Bug 2459: dns error message broken when error handling delayed
   - Support ICAP Retry
   - Support ICAP retries based on the ICAP responses status code
   - Support logging ICAP
   - Support logging total DNS wait time
   - Support logging response times of adaptation transactions
   - General logging enhancements
   - Dynamically form chains based on ICAP X-Next-Services header
   - Support cross-transactional ICAP header exchange
   - Bug 2680: Regression Crash after rotate with no helpers running
   - Bug 2695: Regression in WCCPv2 L2 mask assignment
   - Bug 2707: Regression in FTP anonymous auth
   - Bug 422, 2706: RFC 2616 Date header requirements
   - Bug 1087: ESI processor not quoting attributes correctly.
   - Bug 1338: File prefetches aborted despite range_offset
   - Bug 2080: wbinfo_group.pl - false positive under certain conditions
   - Bug 2092: select loop 32-bit call counter overflows
   - Bug 2127: delay pools class 4 crashes with ntlm auth
   - Bug 2611: document fast/slow acl types
   - Bug 2614: Potential loss of adapted body data from eCAP adapters
   - Bug 2658: Missing TextException copy constructor
   - Bug 2659: String length overflows on append, leading to segfaults
   - Bug 2699: Build failure NTLM smb_lm helper
   - Bug 2709: TRANSLATIONS not installed
   - Bug 2710: squid_kerb_auth non-terminated string
   - Delay pools 64-bit buckets and IPv6-polish
   - Break forwarding loops for "transparent" or "intercept" http_ports.
   - Add --disable-translation option to detatch .po from error negotiation
   - Add squidclient man(1) page
   - Add localhost to default permitted networks
   - http_port allow-direct option to allow direct forwarding in accelerator m=
   ode
   - ... and many testing infrastructure updates
   - ... and much adaptation polish and improvements


   To generate a diff of this commit:
   cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/www/squid31/DESCR
   cvs rdiff -u -r1.10 -r1.11 pkgsrc/www/squid31/Makefile
   cvs rdiff -u -r1.2 -r1.3 pkgsrc/www/squid31/PLIST
   cvs rdiff -u -r1.6 -r1.7 pkgsrc/www/squid31/distinfo
   cvs rdiff -u -r1.3 -r1.4 pkgsrc/www/squid31/patches/patch-aa
   cvs rdiff -u -r1.4 -r1.5 pkgsrc/www/squid31/patches/patch-ad
   cvs rdiff -u -r1.2 -r1.3 pkgsrc/www/squid31/patches/patch-ae

   -----

   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Sun Jul 19 23:28:04 UTC 2009

   Modified Files:
   	pkgsrc/www/squid31: distinfo
   	pkgsrc/www/squid31/patches: patch-aa

   Log Message:
   Add Squid bug number.


   To generate a diff of this commit:
   cvs rdiff -u -r1.7 -r1.8 pkgsrc/www/squid31/distinfo
   cvs rdiff -u -r1.4 -r1.5 pkgsrc/www/squid31/patches/patch-aa

   -----

   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Mon Jul 20 13:56:31 UTC 2009

   Modified Files:
   	pkgsrc/www/squid31: Makefile distinfo
   Added Files:
   	pkgsrc/www/squid31/patches: patch-ab

   Log Message:
   Add fix for Squid bug 2395 which makes FTP connection to e.g.
   "ftp.fu-berlin.de" work again.


   To generate a diff of this commit:
   cvs rdiff -u -r1.11 -r1.12 pkgsrc/www/squid31/Makefile
   cvs rdiff -u -r1.9 -r1.10 pkgsrc/www/squid31/distinfo
   cvs rdiff -u -r0 -r1.3 pkgsrc/www/squid31/patches/patch-ab

   -----

   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Mon Jul 27 16:35:55 UTC 2009

   Modified Files:
   	pkgsrc/www/squid31: Makefile distinfo
   Removed Files:
   	pkgsrc/www/squid31/patches: patch-aa patch-ab

   Log Message:
   Update "squid31" package to version 3.1.0.12.
   Changes since version 3.1.0.11:
   - Bug 2716: Chunked request Signed/Unsigned build error
   - Bug 2674: Remove limit on HTTP headers read.
   - Bug 2620: Invalid HTTP response codes causes segfault
   - Fix FTP EPSV negotiation parser.
   - Fix Via string when leak checking is enabled (valgrind etc)
   - ... and several documentation and testing additions

   This update also fixes the security vulnerabilites reported in
   the SQUID-2009:2 advisory.


   To generate a diff of this commit:
   cvs rdiff -u -r1.12 -r1.13 pkgsrc/www/squid31/Makefile
   cvs rdiff -u -r1.10 -r1.11 pkgsrc/www/squid31/distinfo
   cvs rdiff -u -r1.6 -r0 pkgsrc/www/squid31/patches/patch-aa
   cvs rdiff -u -r1.3 -r0 pkgsrc/www/squid31/patches/patch-ab

   -----

   Module Name:    pkgsrc
   Committed By:   tron
   Date:           Tue Jul  7 15:01:12 UTC 2009

   Modified Files:
           pkgsrc/www/squid: Makefile.squid

   Log Message:
   General improvements:
   1.) Allow individual "squid*" packages to register an extra target that
       is run before the common "post-install" target.
   2.) Use a much simpler logic to figure out what files get installed into
       "share/squid/errors" and "share/squid/icons".

   Tested with the "squid27" and the "squid31" package.


   To generate a diff of this commit:
   cvs rdiff -u -r1.10 -r1.11 pkgsrc/www/squid/Makefile.squid

   -----

   Module Name:    pkgsrc
   Committed By:   tron
   Date:           Tue Jul  7 15:21:37 UTC 2009

   Modified Files:
           pkgsrc/www/squid: Makefile.squid

   Log Message:
   Improve package list creation to work with symbolic links as well.


   To generate a diff of this commit:
   cvs rdiff -u -r1.11 -r1.12 pkgsrc/www/squid/Makefile.squid

   -----

   Module Name:    pkgsrc
   Committed By:   tron
   Date:           Tue Jul  7 18:44:28 UTC 2009

   Modified Files:
           pkgsrc/www/squid: Makefile.squid

   Log Message:
   Add mirror on "ftp.nluug.nl" to master site list.


   To generate a diff of this commit:
   cvs rdiff -u -r1.12 -r1.13 pkgsrc/www/squid/Makefile.squid

   -----

   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Mon Jul 27 11:29:08 UTC 2009

   Modified Files:
           pkgsrc/www/squid: Makefile.squid

   Log Message:
   Make it DESTDIR careful.


   To generate a diff of this commit:
   cvs rdiff -u -r1.13 -r1.14 pkgsrc/www/squid/Makefile.squid

Update "squid31" package to version 3.1.0.12.
Changes since version 3.1.0.11:
- Bug 2716: Chunked request Signed/Unsigned build error
- Bug 2674: Remove limit on HTTP headers read.
- Bug 2620: Invalid HTTP response codes causes segfault
- Fix FTP EPSV negotiation parser.
- Fix Via string when leak checking is enabled (valgrind etc)
- ... and several documentation and testing additions

This update also fixes the security vulnerabilites reported in
the SQUID-2009:2 advisory.

Add fix for Squid bug 2395 which makes FTP connection to e.g.
"ftp.fu-berlin.de" work again.

Update "squid31" package to version 3.1.0.11.
Changes since version 3.1.0.9:
- Bug 2087: Support adaptation sets and chains
- Bug 2459: dns error message broken when error handling delayed
- Support ICAP Retry
- Support ICAP retries based on the ICAP responses status code
- Support logging ICAP
- Support logging total DNS wait time
- Support logging response times of adaptation transactions
- General logging enhancements
- Dynamically form chains based on ICAP X-Next-Services header
- Support cross-transactional ICAP header exchange
- Bug 2680: Regression Crash after rotate with no helpers running
- Bug 2695: Regression in WCCPv2 L2 mask assignment
- Bug 2707: Regression in FTP anonymous auth
- Bug 422, 2706: RFC 2616 Date header requirements
- Bug 1087: ESI processor not quoting attributes correctly.
- Bug 1338: File prefetches aborted despite range_offset
- Bug 2080: wbinfo_group.pl - false positive under certain conditions
- Bug 2092: select loop 32-bit call counter overflows
- Bug 2127: delay pools class 4 crashes with ntlm auth
- Bug 2611: document fast/slow acl types
- Bug 2614: Potential loss of adapted body data from eCAP adapters
- Bug 2658: Missing TextException copy constructor
- Bug 2659: String length overflows on append, leading to segfaults
- Bug 2699: Build failure NTLM smb_lm helper
- Bug 2709: TRANSLATIONS not installed
- Bug 2710: squid_kerb_auth non-terminated string
- Delay pools 64-bit buckets and IPv6-polish
- Break forwarding loops for "transparent" or "intercept" http_ports.
- Add --disable-translation option to detatch .po from error negotiation
- Add squidclient man(1) page
- Add localhost to default permitted networks
- http_port allow-direct option to allow direct forwarding in accelerator mode
- ... and many testing infrastructure updates
- ... and much adaptation polish and improvements

Add fix for Squid bug 2707 to make anonymous FTP work again.

Fix destdir build.

Update "squid31" package to version 3.1.0.9. Changes since version 3.1.0.8:
- Bug 2682: Add ftp_epsv control to disable EPSV support.
- Bug 2665: Detach automake system from using -I.
- Bug 2395: FTP auth errors not displayed
- ... also several changes and bugs closed in 3.0.STABLE16
- Port from 2.7: Show local address on listening sockets
- Add "tag" type acl matching tags set by external acl helpers.
- Adds Language alias linker/installer/upgrade scripts
- Support for GCC 4.4
- Fix false NAT lookup errors on Linux
- Fix many Windows port issues
- Fix squid_kerb_auth helepr install location
- Better detection of IPv6 stack types
- Updates Licensing information for Squid 3.1
- ... and many packaging portability build and install issues

Add SQUID_MASTER_SITES as first MASTER_SITES.

Update "squid31" package to version 3.1.0.8. Changes since version 3.1.0.7:
- Bug 2656: Pinger dies with general protection fault
- Bug 2650: configure requires epoll_ctl in libepoll when --enable-epoll used
- Bug 2648: Authentificator processes deferring and don't shutdown.
- Bug 2645: allow squid to ignore must-revalidate
- Bug 2644: auth scheme initialization is broken
- Bug 2632: Make number of reforwarding tries configurable
- Bug 2628: --with-pidfile=PATH option to override DEFAULT_PID_FILE
  [This problem was reported for pkgsrc in PR pkg/41521.]
- Bug 2627: HTCP Logging
- Bug 2615: Call libecap::adapter::Service::start() when finalizing config.
- Bug 2589: SNMP returning no data - wrong oid decoded
- Bug 2571: Squid with IPv6 fails to start on kernel without IPv6
- Bug 2559: Problem parsing /0 and /0.0.0.0
- Bug 2404: WCCP in mask mode is broken
- ... also all bugs closed by 3.0.STABLE14, 3.0.STABLE15, 3.0.STABLE16-RC1
- Complete Interception multiple NAT support
- Add Content-Disposition to the known headers list.
- Make PEER_TCP_MAGIC_COUNT configurable
- Fix pinger install location
- Enable TPROXY v4 spoofing of CONNECT requests
- ... and much documentation and code polishing

Use standard location for LICENSE line (in MAINTAINER/HOMEPAGE/COMMENT
block). Uncomment some commented out LICENSE lines while here.

Stop the "squid31" package from cluttering "${PKG_SYSCONFDIR}" with
various configuration and example files. Leave the installation of the
example files to "pkgsrc" instead.

Problem reported by Hasso Tepper in private e-mail.

(Re-)add "patch-aj" which got lost during the last commit.
Problem pointed out by Michael van Elst.

Various improvements for the "squid31" package by Michael van Elst:
- Make sure that "errorpage.css" gets installed into the correct
  directory.
- Install "msntauth.conf".
- Correct default pid file location.

Import Squid 3.1.0.7 as "squid31" package:
* New Version Numbering System
* Minimal squid.conf improvements
* Native IPv6 Support
* Error Page Localization
* Connection Pinning (for NTLM Auth Passthrough)
* Quality of Service (QoS) Flow support
* SSL Bump (for HTTPS Filtering and Adaptation)
* eCAP Adaptation Module support

This package is heavily based on work by Michael van Elst which includes
fixes for the IPv6 support.

Initial revision