From: Michael Tremer Date: Thu, 8 Sep 2016 18:50:45 +0000 (+0100) Subject: Merge branch 'unbound' into next X-Git-Tag: v2.19-core106~100 X-Git-Url: http://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff_plain;h=5fba8a0b1ebcb29340e225707193c0147c4cb64a;hp=b658a451fbb2f551f4e2765ab14eac34e0eca7b1 Merge branch 'unbound' into next --- diff --git a/config/rootfiles/common/gnupg b/config/rootfiles/common/gnupg index 9aecc418a3..edd2beccb2 100644 --- a/config/rootfiles/common/gnupg +++ b/config/rootfiles/common/gnupg @@ -13,6 +13,4 @@ usr/lib/gnupg/gpgkeys_ldap #usr/share/info/gnupg1.info #usr/share/man/man1/gpg-zip.1 #usr/share/man/man1/gpg.1 -#usr/share/man/man1/gpg.ru.1 #usr/share/man/man1/gpgv.1 -#usr/share/man/man7/gnupg.7 diff --git a/config/rootfiles/common/i586/initscripts b/config/rootfiles/common/i586/initscripts index 2e50c113a8..2053bd97a9 100644 --- a/config/rootfiles/common/i586/initscripts +++ b/config/rootfiles/common/i586/initscripts @@ -140,6 +140,7 @@ etc/rc.d/init.d/udev_retry etc/rc.d/init.d/upnpd #etc/rc.d/init.d/vdr #etc/rc.d/init.d/vdradmin +#etc/rc.d/init.d/virtlogd etc/rc.d/init.d/vnstat #etc/rc.d/init.d/vsftpd etc/rc.d/init.d/waitdrives diff --git a/config/rootfiles/common/libgcrypt b/config/rootfiles/common/libgcrypt index 578e0b689b..4706343416 100644 --- a/config/rootfiles/common/libgcrypt +++ b/config/rootfiles/common/libgcrypt @@ -6,7 +6,7 @@ #usr/lib/libgcrypt.la #usr/lib/libgcrypt.so usr/lib/libgcrypt.so.20 -usr/lib/libgcrypt.so.20.0.4 +usr/lib/libgcrypt.so.20.1.3 #usr/share/aclocal/libgcrypt.m4 #usr/share/info/gcrypt.info #usr/share/man/man1/hmac256.1 diff --git a/config/rootfiles/common/libgpg-error b/config/rootfiles/common/libgpg-error index 3e927ed918..92ac1f3f94 100644 --- a/config/rootfiles/common/libgpg-error +++ b/config/rootfiles/common/libgpg-error @@ -4,7 +4,7 @@ usr/bin/gpg-error #usr/lib/libgpg-error.la #usr/lib/libgpg-error.so usr/lib/libgpg-error.so.0 -usr/lib/libgpg-error.so.0.16.0 +usr/lib/libgpg-error.so.0.19.1 #usr/share/aclocal/gpg-error.m4 #usr/share/common-lisp #usr/share/common-lisp/source diff --git a/config/rootfiles/common/x86_64/initscripts b/config/rootfiles/common/x86_64/initscripts index 2e50c113a8..2053bd97a9 100644 --- a/config/rootfiles/common/x86_64/initscripts +++ b/config/rootfiles/common/x86_64/initscripts @@ -140,6 +140,7 @@ etc/rc.d/init.d/udev_retry etc/rc.d/init.d/upnpd #etc/rc.d/init.d/vdr #etc/rc.d/init.d/vdradmin +#etc/rc.d/init.d/virtlogd etc/rc.d/init.d/vnstat #etc/rc.d/init.d/vsftpd etc/rc.d/init.d/waitdrives diff --git a/config/rootfiles/core/104/filelists/files b/config/rootfiles/core/104/filelists/files index 8c90a3f0cc..c172c142da 100644 --- a/config/rootfiles/core/104/filelists/files +++ b/config/rootfiles/core/104/filelists/files @@ -10,4 +10,5 @@ srv/web/ipfire/cgi-bin/logs.cgi/log.dat srv/web/ipfire/html/themes/ipfire/include/functions.pl srv/web/ipfire/html/themes/ipfire/include/js/refreshInetInfo.js var/ipfire/langs +var/ipfire/fwhosts/customservices.default var/ipfire/updatexlrator/bin/download diff --git a/config/rootfiles/core/104/filelists/openssh b/config/rootfiles/core/104/filelists/openssh new file mode 120000 index 0000000000..d8c77fd8e7 --- /dev/null +++ b/config/rootfiles/core/104/filelists/openssh @@ -0,0 +1 @@ +../../../common/openssh \ No newline at end of file diff --git a/config/rootfiles/core/104/update.sh b/config/rootfiles/core/104/update.sh index 874b411769..0223923d23 100644 --- a/config/rootfiles/core/104/update.sh +++ b/config/rootfiles/core/104/update.sh @@ -132,6 +132,7 @@ esac /etc/init.d/snort stop /etc/init.d/squid stop /etc/init.d/dnsmasq stop +/etc/init.d/sshd stop /etc/init.d/ipsec stop /etc/init.d/apache stop @@ -174,7 +175,7 @@ fi /etc/init.d/collectd start /etc/init.d/apache start /etc/init.d/dnsmasq start -/etc/init.d/sshd restart +/etc/init.d/sshd start /etc/init.d/squid start /etc/init.d/snort start if [ `grep "ENABLED=on" /var/ipfire/vpn/settings` ]; then diff --git a/config/rootfiles/packages/libassuan b/config/rootfiles/packages/libassuan index 9c7aadbb9f..8670ee7048 100644 --- a/config/rootfiles/packages/libassuan +++ b/config/rootfiles/packages/libassuan @@ -3,6 +3,6 @@ usr/bin/libassuan-config #usr/lib/libassuan.la usr/lib/libassuan.so usr/lib/libassuan.so.0 -usr/lib/libassuan.so.0.5.0 +usr/lib/libassuan.so.0.7.3 #usr/share/aclocal/libassuan.m4 #usr/share/info/assuan.info diff --git a/config/rootfiles/packages/libusbredir b/config/rootfiles/packages/libusbredir new file mode 100644 index 0000000000..d08e0b6024 --- /dev/null +++ b/config/rootfiles/packages/libusbredir @@ -0,0 +1,18 @@ +#usr/include/usbredirfilter.h +#usr/include/usbredirhost.h +#usr/include/usbredirparser.h +#usr/include/usbredirproto.h +#usr/lib/libusbredirhost.a +#usr/lib/libusbredirhost.la +usr/lib/libusbredirhost.so +usr/lib/libusbredirhost.so.1 +usr/lib/libusbredirhost.so.1.0.0 +#usr/lib/libusbredirparser.a +#usr/lib/libusbredirparser.la +usr/lib/libusbredirparser.so +usr/lib/libusbredirparser.so.1 +usr/lib/libusbredirparser.so.1.0.0 +#usr/lib/pkgconfig/libusbredirhost.pc +#usr/lib/pkgconfig/libusbredirparser-0.5.pc +#usr/sbin/usbredirserver +#usr/share/man/man1/usbredirserver.1 diff --git a/config/rootfiles/packages/libvirt b/config/rootfiles/packages/libvirt index b1939876f6..d2d164bf74 100644 --- a/config/rootfiles/packages/libvirt +++ b/config/rootfiles/packages/libvirt @@ -1,4 +1,5 @@ #etc/libvirt +etc/libvirt/libvirt-admin.conf etc/libvirt/libvirt.conf etc/libvirt/libvirtd.conf #etc/libvirt/nwfilter @@ -21,7 +22,9 @@ etc/libvirt/libvirtd.conf #etc/libvirt/nwfilter/qemu-announce-self.xml etc/libvirt/qemu-lockd.conf etc/libvirt/qemu.conf +etc/libvirt/virt-login-shell.conf etc/libvirt/virtlockd.conf +etc/libvirt/virtlogd.conf etc/logrotate.d/libvirtd etc/logrotate.d/libvirtd.libxl #etc/logrotate.d/libvirtd.lxc @@ -29,11 +32,16 @@ etc/logrotate.d/libvirtd.qemu #etc/logrotate.d/libvirtd.uml etc/rc.d/init.d/libvirt-guests etc/rc.d/init.d/libvirtd +etc/rc.d/init.d/virtlogd usr/bin/virsh +usr/bin/virt-admin usr/bin/virt-host-validate +usr/bin/virt-login-shell usr/bin/virt-pki-validate usr/bin/virt-xml-validate #usr/include/libvirt +#usr/include/libvirt/libvirt-admin.h +#usr/include/libvirt/libvirt-common.h #usr/include/libvirt/libvirt-domain-snapshot.h #usr/include/libvirt/libvirt-domain.h #usr/include/libvirt/libvirt-event.h @@ -49,23 +57,25 @@ usr/bin/virt-xml-validate #usr/include/libvirt/libvirt-stream.h #usr/include/libvirt/libvirt.h #usr/include/libvirt/virterror.h +#usr/lib/libnss_libvirt.la +usr/lib/libnss_libvirt.so.2 #usr/lib/libvirt #usr/lib/libvirt-admin.la #usr/lib/libvirt-admin.so usr/lib/libvirt-admin.so.0 -usr/lib/libvirt-admin.so.0.1002.18 +usr/lib/libvirt-admin.so.0.2001.0 #usr/lib/libvirt-lxc.la #usr/lib/libvirt-lxc.so usr/lib/libvirt-lxc.so.0 -usr/lib/libvirt-lxc.so.0.1002.18 +usr/lib/libvirt-lxc.so.0.2001.0 #usr/lib/libvirt-qemu.la #usr/lib/libvirt-qemu.so usr/lib/libvirt-qemu.so.0 -usr/lib/libvirt-qemu.so.0.1002.18 +usr/lib/libvirt-qemu.so.0.2001.0 #usr/lib/libvirt.la #usr/lib/libvirt.so usr/lib/libvirt.so.0 -usr/lib/libvirt.so.0.1002.18 +usr/lib/libvirt.so.0.2001.0 #usr/lib/libvirt/connection-driver #usr/lib/libvirt/connection-driver/libvirt_driver_interface.la usr/lib/libvirt/connection-driver/libvirt_driver_interface.so @@ -82,6 +92,7 @@ usr/lib/libvirt/connection-driver/libvirt_driver_storage.so #usr/lib/libvirt/lock-driver #usr/lib/libvirt/lock-driver/lockd.la usr/lib/libvirt/lock-driver/lockd.so +#usr/lib/pkgconfig/libvirt-admin.pc #usr/lib/pkgconfig/libvirt-lxc.pc #usr/lib/pkgconfig/libvirt-qemu.pc #usr/lib/pkgconfig/libvirt.pc @@ -90,6 +101,7 @@ usr/lib/sysctl.d/60-libvirtd.conf usr/libexec/libvirt_iohelper usr/sbin/libvirtd usr/sbin/virtlockd +usr/sbin/virtlogd #usr/share/augeas #usr/share/augeas/lenses #usr/share/augeas/lenses/libvirt_lockd.aug @@ -100,137 +112,150 @@ usr/sbin/virtlockd #usr/share/augeas/lenses/tests/test_libvirtd.aug #usr/share/augeas/lenses/tests/test_libvirtd_qemu.aug #usr/share/augeas/lenses/tests/test_virtlockd.aug +#usr/share/augeas/lenses/tests/test_virtlogd.aug #usr/share/augeas/lenses/virtlockd.aug -#usr/share/doc/libvirt-1.2.18.3 -#usr/share/doc/libvirt-1.2.18.3/html -#usr/share/doc/libvirt-1.2.18.3/html/32favicon.png -#usr/share/doc/libvirt-1.2.18.3/html/404.html -#usr/share/doc/libvirt-1.2.18.3/html/acl.html -#usr/share/doc/libvirt-1.2.18.3/html/aclpolkit.html -#usr/share/doc/libvirt-1.2.18.3/html/api.html -#usr/share/doc/libvirt-1.2.18.3/html/api_extension.html -#usr/share/doc/libvirt-1.2.18.3/html/apps.html -#usr/share/doc/libvirt-1.2.18.3/html/archdomain.html -#usr/share/doc/libvirt-1.2.18.3/html/architecture.gif -#usr/share/doc/libvirt-1.2.18.3/html/architecture.html -#usr/share/doc/libvirt-1.2.18.3/html/archnetwork.html -#usr/share/doc/libvirt-1.2.18.3/html/archnode.html -#usr/share/doc/libvirt-1.2.18.3/html/archstorage.html -#usr/share/doc/libvirt-1.2.18.3/html/auditlog.html -#usr/share/doc/libvirt-1.2.18.3/html/auth.html -#usr/share/doc/libvirt-1.2.18.3/html/bindings.html -#usr/share/doc/libvirt-1.2.18.3/html/bugs.html -#usr/share/doc/libvirt-1.2.18.3/html/cgroups.html -#usr/share/doc/libvirt-1.2.18.3/html/compiling.html -#usr/share/doc/libvirt-1.2.18.3/html/contact.html -#usr/share/doc/libvirt-1.2.18.3/html/csharp.html -#usr/share/doc/libvirt-1.2.18.3/html/deployment.html -#usr/share/doc/libvirt-1.2.18.3/html/devguide.html -#usr/share/doc/libvirt-1.2.18.3/html/docs.html -#usr/share/doc/libvirt-1.2.18.3/html/downloads.html -#usr/share/doc/libvirt-1.2.18.3/html/drivers.html -#usr/share/doc/libvirt-1.2.18.3/html/drvbhyve.html -#usr/share/doc/libvirt-1.2.18.3/html/drvesx.html -#usr/share/doc/libvirt-1.2.18.3/html/drvhyperv.html -#usr/share/doc/libvirt-1.2.18.3/html/drvlxc.html -#usr/share/doc/libvirt-1.2.18.3/html/drvopenvz.html -#usr/share/doc/libvirt-1.2.18.3/html/drvparallels.html -#usr/share/doc/libvirt-1.2.18.3/html/drvphyp.html -#usr/share/doc/libvirt-1.2.18.3/html/drvqemu.html -#usr/share/doc/libvirt-1.2.18.3/html/drvremote.html -#usr/share/doc/libvirt-1.2.18.3/html/drvtest.html -#usr/share/doc/libvirt-1.2.18.3/html/drvuml.html -#usr/share/doc/libvirt-1.2.18.3/html/drvvbox.html -#usr/share/doc/libvirt-1.2.18.3/html/drvvmware.html -#usr/share/doc/libvirt-1.2.18.3/html/drvxen.html -#usr/share/doc/libvirt-1.2.18.3/html/errors.html -#usr/share/doc/libvirt-1.2.18.3/html/et.png -#usr/share/doc/libvirt-1.2.18.3/html/firewall.html -#usr/share/doc/libvirt-1.2.18.3/html/footer_corner.png -#usr/share/doc/libvirt-1.2.18.3/html/footer_pattern.png -#usr/share/doc/libvirt-1.2.18.3/html/format.html -#usr/share/doc/libvirt-1.2.18.3/html/formatcaps.html -#usr/share/doc/libvirt-1.2.18.3/html/formatdomain.html -#usr/share/doc/libvirt-1.2.18.3/html/formatdomaincaps.html -#usr/share/doc/libvirt-1.2.18.3/html/formatnetwork.html -#usr/share/doc/libvirt-1.2.18.3/html/formatnode.html -#usr/share/doc/libvirt-1.2.18.3/html/formatnwfilter.html -#usr/share/doc/libvirt-1.2.18.3/html/formatsecret.html -#usr/share/doc/libvirt-1.2.18.3/html/formatsnapshot.html -#usr/share/doc/libvirt-1.2.18.3/html/formatstorage.html -#usr/share/doc/libvirt-1.2.18.3/html/formatstorageencryption.html -#usr/share/doc/libvirt-1.2.18.3/html/generic.css -#usr/share/doc/libvirt-1.2.18.3/html/goals.html -#usr/share/doc/libvirt-1.2.18.3/html/governance.html -#usr/share/doc/libvirt-1.2.18.3/html/hacking.html -#usr/share/doc/libvirt-1.2.18.3/html/hooks.html -#usr/share/doc/libvirt-1.2.18.3/html/html -#usr/share/doc/libvirt-1.2.18.3/html/html/home.png -#usr/share/doc/libvirt-1.2.18.3/html/html/index.html -#usr/share/doc/libvirt-1.2.18.3/html/html/left.png -#usr/share/doc/libvirt-1.2.18.3/html/html/libvirt-libvirt-domain-snapshot.html -#usr/share/doc/libvirt-1.2.18.3/html/html/libvirt-libvirt-domain.html -#usr/share/doc/libvirt-1.2.18.3/html/html/libvirt-libvirt-event.html -#usr/share/doc/libvirt-1.2.18.3/html/html/libvirt-libvirt-host.html -#usr/share/doc/libvirt-1.2.18.3/html/html/libvirt-libvirt-interface.html -#usr/share/doc/libvirt-1.2.18.3/html/html/libvirt-libvirt-network.html -#usr/share/doc/libvirt-1.2.18.3/html/html/libvirt-libvirt-nodedev.html -#usr/share/doc/libvirt-1.2.18.3/html/html/libvirt-libvirt-nwfilter.html -#usr/share/doc/libvirt-1.2.18.3/html/html/libvirt-libvirt-secret.html -#usr/share/doc/libvirt-1.2.18.3/html/html/libvirt-libvirt-storage.html -#usr/share/doc/libvirt-1.2.18.3/html/html/libvirt-libvirt-stream.html -#usr/share/doc/libvirt-1.2.18.3/html/html/libvirt-virterror.html -#usr/share/doc/libvirt-1.2.18.3/html/html/right.png -#usr/share/doc/libvirt-1.2.18.3/html/html/up.png -#usr/share/doc/libvirt-1.2.18.3/html/hvsupport.html -#usr/share/doc/libvirt-1.2.18.3/html/index.html -#usr/share/doc/libvirt-1.2.18.3/html/internals -#usr/share/doc/libvirt-1.2.18.3/html/internals.html -#usr/share/doc/libvirt-1.2.18.3/html/internals/command.html -#usr/share/doc/libvirt-1.2.18.3/html/internals/locking.html -#usr/share/doc/libvirt-1.2.18.3/html/internals/oomtesting.html -#usr/share/doc/libvirt-1.2.18.3/html/internals/rpc.html -#usr/share/doc/libvirt-1.2.18.3/html/intro.html -#usr/share/doc/libvirt-1.2.18.3/html/java.html -#usr/share/doc/libvirt-1.2.18.3/html/libvirt-daemon-arch.png -#usr/share/doc/libvirt-1.2.18.3/html/libvirt-driver-arch.png -#usr/share/doc/libvirt-1.2.18.3/html/libvirt-header-bg.png -#usr/share/doc/libvirt-1.2.18.3/html/libvirt-header-logo.png -#usr/share/doc/libvirt-1.2.18.3/html/libvirt-net-logical.png -#usr/share/doc/libvirt-1.2.18.3/html/libvirt-net-physical.png -#usr/share/doc/libvirt-1.2.18.3/html/libvirt-object-model.png -#usr/share/doc/libvirt-1.2.18.3/html/libvirt.css -#usr/share/doc/libvirt-1.2.18.3/html/libvirtLogo.png -#usr/share/doc/libvirt-1.2.18.3/html/locking-lockd.html -#usr/share/doc/libvirt-1.2.18.3/html/locking-sanlock.html -#usr/share/doc/libvirt-1.2.18.3/html/locking.html -#usr/share/doc/libvirt-1.2.18.3/html/logging.html -#usr/share/doc/libvirt-1.2.18.3/html/madeWith.png -#usr/share/doc/libvirt-1.2.18.3/html/main.css -#usr/share/doc/libvirt-1.2.18.3/html/migration-managed-direct.png -#usr/share/doc/libvirt-1.2.18.3/html/migration-managed-p2p.png -#usr/share/doc/libvirt-1.2.18.3/html/migration-native.png -#usr/share/doc/libvirt-1.2.18.3/html/migration-tunnel.png -#usr/share/doc/libvirt-1.2.18.3/html/migration-unmanaged-direct.png -#usr/share/doc/libvirt-1.2.18.3/html/migration.html -#usr/share/doc/libvirt-1.2.18.3/html/news.html -#usr/share/doc/libvirt-1.2.18.3/html/node.gif -#usr/share/doc/libvirt-1.2.18.3/html/pending.html -#usr/share/doc/libvirt-1.2.18.3/html/php.html -#usr/share/doc/libvirt-1.2.18.3/html/python.html -#usr/share/doc/libvirt-1.2.18.3/html/relatedlinks.html -#usr/share/doc/libvirt-1.2.18.3/html/remote.html -#usr/share/doc/libvirt-1.2.18.3/html/secureusage.html -#usr/share/doc/libvirt-1.2.18.3/html/securityprocess.html -#usr/share/doc/libvirt-1.2.18.3/html/sitemap.html -#usr/share/doc/libvirt-1.2.18.3/html/storage.html -#usr/share/doc/libvirt-1.2.18.3/html/testapi.html -#usr/share/doc/libvirt-1.2.18.3/html/testsuites.html -#usr/share/doc/libvirt-1.2.18.3/html/testtck.html -#usr/share/doc/libvirt-1.2.18.3/html/todo.html -#usr/share/doc/libvirt-1.2.18.3/html/uri.html -#usr/share/doc/libvirt-1.2.18.3/html/virshcmdref.html -#usr/share/doc/libvirt-1.2.18.3/html/windows.html +#usr/share/augeas/lenses/virtlogd.aug +#usr/share/doc/libvirt-2.1.0 +#usr/share/doc/libvirt-2.1.0/html +#usr/share/doc/libvirt-2.1.0/html/32favicon.png +#usr/share/doc/libvirt-2.1.0/html/404.html +#usr/share/doc/libvirt-2.1.0/html/acl.html +#usr/share/doc/libvirt-2.1.0/html/aclpolkit.html +#usr/share/doc/libvirt-2.1.0/html/api.html +#usr/share/doc/libvirt-2.1.0/html/api_extension.html +#usr/share/doc/libvirt-2.1.0/html/apps.html +#usr/share/doc/libvirt-2.1.0/html/archdomain.html +#usr/share/doc/libvirt-2.1.0/html/architecture.gif +#usr/share/doc/libvirt-2.1.0/html/architecture.html +#usr/share/doc/libvirt-2.1.0/html/archnetwork.html +#usr/share/doc/libvirt-2.1.0/html/archnode.html +#usr/share/doc/libvirt-2.1.0/html/archstorage.html +#usr/share/doc/libvirt-2.1.0/html/auditlog.html +#usr/share/doc/libvirt-2.1.0/html/auth.html +#usr/share/doc/libvirt-2.1.0/html/bindings.html +#usr/share/doc/libvirt-2.1.0/html/bugs.html +#usr/share/doc/libvirt-2.1.0/html/cgroups.html +#usr/share/doc/libvirt-2.1.0/html/compiling.html +#usr/share/doc/libvirt-2.1.0/html/contact.html +#usr/share/doc/libvirt-2.1.0/html/csharp.html +#usr/share/doc/libvirt-2.1.0/html/deployment.html +#usr/share/doc/libvirt-2.1.0/html/devguide.html +#usr/share/doc/libvirt-2.1.0/html/docs.html +#usr/share/doc/libvirt-2.1.0/html/downloads.html +#usr/share/doc/libvirt-2.1.0/html/drivers.html +#usr/share/doc/libvirt-2.1.0/html/drvbhyve.html +#usr/share/doc/libvirt-2.1.0/html/drvesx.html +#usr/share/doc/libvirt-2.1.0/html/drvhyperv.html +#usr/share/doc/libvirt-2.1.0/html/drvlxc.html +#usr/share/doc/libvirt-2.1.0/html/drvopenvz.html +#usr/share/doc/libvirt-2.1.0/html/drvphyp.html +#usr/share/doc/libvirt-2.1.0/html/drvqemu.html +#usr/share/doc/libvirt-2.1.0/html/drvremote.html +#usr/share/doc/libvirt-2.1.0/html/drvtest.html +#usr/share/doc/libvirt-2.1.0/html/drvuml.html +#usr/share/doc/libvirt-2.1.0/html/drvvbox.html +#usr/share/doc/libvirt-2.1.0/html/drvvirtuozzo.html +#usr/share/doc/libvirt-2.1.0/html/drvvmware.html +#usr/share/doc/libvirt-2.1.0/html/drvxen.html +#usr/share/doc/libvirt-2.1.0/html/errors.html +#usr/share/doc/libvirt-2.1.0/html/firewall.html +#usr/share/doc/libvirt-2.1.0/html/format.html +#usr/share/doc/libvirt-2.1.0/html/formatcaps.html +#usr/share/doc/libvirt-2.1.0/html/formatdomain.html +#usr/share/doc/libvirt-2.1.0/html/formatdomaincaps.html +#usr/share/doc/libvirt-2.1.0/html/formatnetwork.html +#usr/share/doc/libvirt-2.1.0/html/formatnode.html +#usr/share/doc/libvirt-2.1.0/html/formatnwfilter.html +#usr/share/doc/libvirt-2.1.0/html/formatsecret.html +#usr/share/doc/libvirt-2.1.0/html/formatsnapshot.html +#usr/share/doc/libvirt-2.1.0/html/formatstorage.html +#usr/share/doc/libvirt-2.1.0/html/formatstorageencryption.html +#usr/share/doc/libvirt-2.1.0/html/generic.css +#usr/share/doc/libvirt-2.1.0/html/goals.html +#usr/share/doc/libvirt-2.1.0/html/governance.html +#usr/share/doc/libvirt-2.1.0/html/hacking.html +#usr/share/doc/libvirt-2.1.0/html/hooks.html +#usr/share/doc/libvirt-2.1.0/html/html +#usr/share/doc/libvirt-2.1.0/html/html/home.png +#usr/share/doc/libvirt-2.1.0/html/html/index.html +#usr/share/doc/libvirt-2.1.0/html/html/left.png +#usr/share/doc/libvirt-2.1.0/html/html/libvirt-libvirt-common.html +#usr/share/doc/libvirt-2.1.0/html/html/libvirt-libvirt-domain-snapshot.html +#usr/share/doc/libvirt-2.1.0/html/html/libvirt-libvirt-domain.html +#usr/share/doc/libvirt-2.1.0/html/html/libvirt-libvirt-event.html +#usr/share/doc/libvirt-2.1.0/html/html/libvirt-libvirt-host.html +#usr/share/doc/libvirt-2.1.0/html/html/libvirt-libvirt-interface.html +#usr/share/doc/libvirt-2.1.0/html/html/libvirt-libvirt-network.html +#usr/share/doc/libvirt-2.1.0/html/html/libvirt-libvirt-nodedev.html +#usr/share/doc/libvirt-2.1.0/html/html/libvirt-libvirt-nwfilter.html +#usr/share/doc/libvirt-2.1.0/html/html/libvirt-libvirt-secret.html +#usr/share/doc/libvirt-2.1.0/html/html/libvirt-libvirt-storage.html +#usr/share/doc/libvirt-2.1.0/html/html/libvirt-libvirt-stream.html +#usr/share/doc/libvirt-2.1.0/html/html/libvirt-virterror.html +#usr/share/doc/libvirt-2.1.0/html/html/right.png +#usr/share/doc/libvirt-2.1.0/html/html/up.png +#usr/share/doc/libvirt-2.1.0/html/hvsupport.html +#usr/share/doc/libvirt-2.1.0/html/index.html +#usr/share/doc/libvirt-2.1.0/html/internals +#usr/share/doc/libvirt-2.1.0/html/internals.html +#usr/share/doc/libvirt-2.1.0/html/internals/command.html +#usr/share/doc/libvirt-2.1.0/html/internals/eventloop.html +#usr/share/doc/libvirt-2.1.0/html/internals/locking.html +#usr/share/doc/libvirt-2.1.0/html/internals/oomtesting.html +#usr/share/doc/libvirt-2.1.0/html/internals/rpc.html +#usr/share/doc/libvirt-2.1.0/html/intro.html +#usr/share/doc/libvirt-2.1.0/html/java.html +#usr/share/doc/libvirt-2.1.0/html/libvirt-daemon-arch.png +#usr/share/doc/libvirt-2.1.0/html/libvirt-driver-arch.png +#usr/share/doc/libvirt-2.1.0/html/libvirt-header-bg.png +#usr/share/doc/libvirt-2.1.0/html/libvirt-header-logo.png +#usr/share/doc/libvirt-2.1.0/html/libvirt-net-logical.png +#usr/share/doc/libvirt-2.1.0/html/libvirt-net-physical.png +#usr/share/doc/libvirt-2.1.0/html/libvirt-object-model.png +#usr/share/doc/libvirt-2.1.0/html/libvirt.css +#usr/share/doc/libvirt-2.1.0/html/libvirtLogo.png +#usr/share/doc/libvirt-2.1.0/html/locking-lockd.html +#usr/share/doc/libvirt-2.1.0/html/locking-sanlock.html +#usr/share/doc/libvirt-2.1.0/html/locking.html +#usr/share/doc/libvirt-2.1.0/html/logging.html +#usr/share/doc/libvirt-2.1.0/html/madeWith.png +#usr/share/doc/libvirt-2.1.0/html/main.css +#usr/share/doc/libvirt-2.1.0/html/migration-managed-direct.png +#usr/share/doc/libvirt-2.1.0/html/migration-managed-p2p.png +#usr/share/doc/libvirt-2.1.0/html/migration-native.png +#usr/share/doc/libvirt-2.1.0/html/migration-tunnel.png +#usr/share/doc/libvirt-2.1.0/html/migration-unmanaged-direct.png +#usr/share/doc/libvirt-2.1.0/html/migration.html +#usr/share/doc/libvirt-2.1.0/html/news-2005.html +#usr/share/doc/libvirt-2.1.0/html/news-2006.html +#usr/share/doc/libvirt-2.1.0/html/news-2007.html +#usr/share/doc/libvirt-2.1.0/html/news-2008.html +#usr/share/doc/libvirt-2.1.0/html/news-2009.html +#usr/share/doc/libvirt-2.1.0/html/news-2010.html +#usr/share/doc/libvirt-2.1.0/html/news-2011.html +#usr/share/doc/libvirt-2.1.0/html/news-2012.html +#usr/share/doc/libvirt-2.1.0/html/news-2013.html +#usr/share/doc/libvirt-2.1.0/html/news-2014.html +#usr/share/doc/libvirt-2.1.0/html/news-2015.html +#usr/share/doc/libvirt-2.1.0/html/news.html +#usr/share/doc/libvirt-2.1.0/html/node.gif +#usr/share/doc/libvirt-2.1.0/html/nss.html +#usr/share/doc/libvirt-2.1.0/html/pending.html +#usr/share/doc/libvirt-2.1.0/html/php.html +#usr/share/doc/libvirt-2.1.0/html/python.html +#usr/share/doc/libvirt-2.1.0/html/relatedlinks.html +#usr/share/doc/libvirt-2.1.0/html/remote.html +#usr/share/doc/libvirt-2.1.0/html/secureusage.html +#usr/share/doc/libvirt-2.1.0/html/securityprocess.html +#usr/share/doc/libvirt-2.1.0/html/sitemap.html +#usr/share/doc/libvirt-2.1.0/html/storage.html +#usr/share/doc/libvirt-2.1.0/html/testapi.html +#usr/share/doc/libvirt-2.1.0/html/testsuites.html +#usr/share/doc/libvirt-2.1.0/html/testtck.html +#usr/share/doc/libvirt-2.1.0/html/todo.html +#usr/share/doc/libvirt-2.1.0/html/uri.html +#usr/share/doc/libvirt-2.1.0/html/virshcmdref.html +#usr/share/doc/libvirt-2.1.0/html/windows.html #usr/share/gtk-doc/html/libvirt #usr/share/gtk-doc/html/libvirt/general.html #usr/share/gtk-doc/html/libvirt/home.png @@ -243,6 +268,7 @@ usr/sbin/virtlockd #usr/share/gtk-doc/html/libvirt/up.png #usr/share/libvirt #usr/share/libvirt/api +usr/share/libvirt/api/libvirt-admin-api.xml usr/share/libvirt/api/libvirt-api.xml usr/share/libvirt/api/libvirt-lxc-api.xml usr/share/libvirt/api/libvirt-qemu-api.xml @@ -265,13 +291,17 @@ usr/share/libvirt/schemas/storagecommon.rng usr/share/libvirt/schemas/storagepool.rng usr/share/libvirt/schemas/storagevol.rng #usr/share/man/man1/virsh.1 +#usr/share/man/man1/virt-admin.1 #usr/share/man/man1/virt-host-validate.1 +#usr/share/man/man1/virt-login-shell.1 #usr/share/man/man1/virt-pki-validate.1 #usr/share/man/man1/virt-xml-validate.1 #usr/share/man/man8/libvirtd.8 #usr/share/man/man8/virtlockd.8 +#usr/share/man/man8/virtlogd.8 #var/cache/libvirt #var/cache/libvirt/qemu +var/ipfire/backup/addons/includes/libvirt #var/lib/libvirt #var/lib/libvirt/boot #var/lib/libvirt/filesystems @@ -283,6 +313,3 @@ usr/share/libvirt/schemas/storagevol.rng #var/log/libvirt/lxc #var/log/libvirt/qemu #var/log/libvirt/uml -etc/rc.d/init.d/libvirt-guests -etc/rc.d/init.d/libvirtd -var/ipfire/backup/addons/includes/libvirt diff --git a/html/cgi-bin/pppsetup.cgi b/html/cgi-bin/pppsetup.cgi index 36d0ced90d..4b45ee50c1 100644 --- a/html/cgi-bin/pppsetup.cgi +++ b/html/cgi-bin/pppsetup.cgi @@ -103,10 +103,7 @@ elsif ($pppsettings{'ACTION'} eq $Lang::tr{'save'}) if ($pppsettings{'USERNAME'} eq '') { $errormessage = $Lang::tr{'username not set'}; goto ERROR; } - if ($pppsettings{'PASSWORD'} eq '') { - $errormessage = $Lang::tr{'password not set'}; - goto ERROR; } - } + } if ($pppsettings{'TIMEOUT'} eq '') { $errormessage = $Lang::tr{'idle timeout not set'}; @@ -927,7 +924,7 @@ print < $Lang::tr{'username'} * - $Lang::tr{'password'} * + $Lang::tr{'password'}  diff --git a/lfs/clamav b/lfs/clamav index 8911619191..0625ecf936 100644 --- a/lfs/clamav +++ b/lfs/clamav @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = clamav -PAK_VER = 33 +PAK_VER = 34 DEPS = "" diff --git a/lfs/gnupg b/lfs/gnupg index 29835e0825..aa76042e33 100644 --- a/lfs/gnupg +++ b/lfs/gnupg @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2014 Michael Tremer & Christian Schmidt # +# Copyright (C) 2007-2016 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@ include Config -VER = 1.4.18 +VER = 1.4.21 THISAPP = gnupg-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 54db1be9588b11afbbdd8b82d4ea883a +$(DL_FILE)_MD5 = 9bdeabf3c0f87ff21cb3f9216efdd01d install : $(TARGET) diff --git a/lfs/hostapd b/lfs/hostapd index 7d193d9776..a4fe99a92e 100644 --- a/lfs/hostapd +++ b/lfs/hostapd @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = hostapd -PAK_VER = 36 +PAK_VER = 37 DEPS = "" diff --git a/lfs/libassuan b/lfs/libassuan index 0137d14b2d..29f799a072 100644 --- a/lfs/libassuan +++ b/lfs/libassuan @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2015 Michael Tremer & Christian Schmidt # +# Copyright (C) 2007-2016 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@ include Config -VER = 2.2.0 +VER = 2.4.3 THISAPP = libassuan-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = libassuan -PAK_VER = 3 +PAK_VER = 4 DEPS = "" @@ -44,7 +44,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = a104faed3e97b9c302c5d67cc22b1d60 +$(DL_FILE)_MD5 = 8e01a7c72d3e5d154481230668e6eb5a install : $(TARGET) diff --git a/lfs/libgcrypt b/lfs/libgcrypt index 98cf7871ea..5a060325bc 100644 --- a/lfs/libgcrypt +++ b/lfs/libgcrypt @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2015 Michael Tremer & Christian Schmidt # +# Copyright (C) 2007-2016 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@ include Config -VER = 1.6.4 +VER = 1.7.3 THISAPP = libgcrypt-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 4c13c5fa43147866f993d73ee62af176 +$(DL_FILE)_MD5 = c869e542cc13a1c28d8055487bf7f5c4 install : $(TARGET) diff --git a/lfs/libgpg-error b/lfs/libgpg-error index ab9499e11d..84af2aa36b 100644 --- a/lfs/libgpg-error +++ b/lfs/libgpg-error @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2015 Michael Tremer & Christian Schmidt # +# Copyright (C) 2007-2016 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@ include Config -VER = 1.20 +VER = 1.24 THISAPP = libgpg-error-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 9997d9203b672402a04760176811589d +$(DL_FILE)_MD5 = feb42198c0aaf3b28eabe8f41a34b983 install : $(TARGET) diff --git a/lfs/libusbredir b/lfs/libusbredir new file mode 100644 index 0000000000..652a60dc9e --- /dev/null +++ b/lfs/libusbredir @@ -0,0 +1,84 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2016 IPFire Team # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include Config + +VER = 0.7.1 + +THISAPP = usbredir-$(VER) +DL_FILE = $(THISAPP).tar.bz2 +DL_FROM = $(URL_IPFIRE) +DIR_APP = $(DIR_SRC)/$(THISAPP) +TARGET = $(DIR_INFO)/$(THISAPP) +PROG = libusbredir +PAK_VER = 1 + +DEPS = "" + +############################################################################### +# Top-level Rules +############################################################################### + +objects = $(DL_FILE) + +$(DL_FILE) = $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 = 35cfb1720967727dea523b943cc4126b + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +dist: + @$(PAK) + +############################################################################### +# Downloading, checking, md5sum +############################################################################### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################### +# Installation Details +############################################################################### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && ./configure --prefix=/usr + cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE) + cd $(DIR_APP) && make install + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/lfs/libvirt b/lfs/libvirt index ea8b0e8a26..8ebca73fca 100644 --- a/lfs/libvirt +++ b/lfs/libvirt @@ -24,16 +24,16 @@ include Config -VER = 1.2.18.3 +VER = 2.1.0 THISAPP = libvirt-$(VER) -DL_FILE = $(THISAPP).tar.gz +DL_FILE = $(THISAPP).tar.xz DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) SUP_ARCH = i586 x86_64 PROG = libvirt -PAK_VER = 6 +PAK_VER = 11 DEPS = "libpciaccess libyajl ncat qemu" @@ -45,7 +45,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = bcb0738ff66972ddb25cfe0d086c5c37 +$(DL_FILE)_MD5 = fd1c054a8b59235e877efb728de79386 install : $(TARGET) check : $(patsubst %,$(DIR_CHK)/%,$(objects)) @@ -76,20 +76,21 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) - @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar Jxf $(DIR_DL)/$(DL_FILE) cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/libvirt/0001-Change-default-behavior-of-libvirt-guests.sh-for-IPF.patch cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/libvirt/0002-Change-options-in-libvirtd.conf-for-IPFire.patch cd $(DIR_APP) && ./configure --prefix=/usr --localstatedir=/var --sysconfdir=/etc \ --with-openssl --without-sasl \ --without-uml --without-vbox --without-lxc --without-esx --without-vmware --without-openvz \ - --without-firewalld --without-network -with-interface --with-virtualport --with-macvtap \ - --disable-nls --without-avahi --without-test-suite -without-dbus \ + --without-firewalld --without-network --with-interface --with-virtualport --with-macvtap \ + --disable-nls --without-avahi --without-test-suite --without-dbus \ --with-qemu-user=nobody --with-qemu-group=kvm \ - --with-storage-dir --without-storage-fs --without-storage-lvm --without-storage-iscsi \ + --with-storage-dir --with-storage-fs --without-storage-lvm --without-storage-iscsi \ --without-storage-scsi --without-storage-mpath --without-storage-disk --without-storage-rbd --without-storage-sheepdog --without-storage-gluster --without-storage-zfs cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE) cd $(DIR_APP) && make install install -v -m 754 $(DIR_SRC)/src/initscripts/init.d/libvirtd /etc/rc.d/init.d/libvirtd + install -v -m 754 $(DIR_SRC)/src/initscripts/init.d/virtlogd /etc/rc.d/init.d/virtlogd mv /usr/libexec/libvirt-guests.sh /etc/rc.d/init.d/libvirt-guests # Backup install -v -m 644 $(DIR_SRC)/config/backup/includes/libvirt /var/ipfire/backup/addons/includes/libvirt diff --git a/lfs/linux b/lfs/linux index c643da409f..e365be6afd 100644 --- a/lfs/linux +++ b/lfs/linux @@ -24,10 +24,10 @@ include Config -VER = 3.14.74 -RPI_PATCHES = 3.14.74-grsec-ipfire1 -A7M_PATCHES = 3.14.74-grsec-ipfire1 -GRS_PATCHES = grsecurity-3.1ipfire-3.14.74-v1.patch.xz +VER = 3.14.77 +RPI_PATCHES = 3.14.77-grsec-ipfire1 +A7M_PATCHES = 3.14.77-grsec-ipfire1 +GRS_PATCHES = grsecurity-3.1ipfire-3.14.77-v1.patch.xz THISAPP = linux-$(VER) @@ -37,7 +37,7 @@ DIR_APP = $(DIR_SRC)/$(THISAPP) CFLAGS = CXXFLAGS = -PAK_VER = 69 +PAK_VER = 71 DEPS = "" KERNEL_ARCH = $(MACHINE) @@ -83,10 +83,10 @@ rpi-patches-$(RPI_PATCHES).patch.xz = $(URL_IPFIRE)/rpi-patches-$(RPI_PATCHES). arm7-multi-patches-$(A7M_PATCHES).patch.xz = $(URL_IPFIRE)/arm7-multi-patches-$(A7M_PATCHES).patch.xz $(GRS_PATCHES) = $(URL_IPFIRE)/$(GRS_PATCHES) -$(DL_FILE)_MD5 = f83028755dc380862a91fe75e64b01aa -rpi-patches-$(RPI_PATCHES).patch.xz_MD5 = 32b1101dc51f89c1fb3bfb1907f4bce5 -arm7-multi-patches-$(A7M_PATCHES).patch.xz_MD5 = b9a638c68cefd4c08dfcb9c4434458b1 -$(GRS_PATCHES)_MD5 = 5f4595575e159dd730b222d204cc9b39 +$(DL_FILE)_MD5 = 7ecb8518498d0666a7b88f359e566f4c +rpi-patches-$(RPI_PATCHES).patch.xz_MD5 = 3213020a9627ea73cc9668e2db4ff8a4 +arm7-multi-patches-$(A7M_PATCHES).patch.xz_MD5 = 56949a37637656d5ea23658cc9222f64 +$(GRS_PATCHES)_MD5 = 5ed67f97c3b0de1b290f9155eb166c56 install : $(TARGET) @@ -132,6 +132,7 @@ ifneq "$(KCFG)" "-headers" cd $(DIR_APP) && xz -c -d $(DIR_DL)/$(GRS_PATCHES) | patch -Np1 cd $(DIR_APP) && rm localversion-grsec cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.7-disable-compat_vdso.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.14.77-gsrec_tcp_input_access_once_rw.patch endif # DVB Patches @@ -199,6 +200,7 @@ endif cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/0023-hyperv-Fix-error-return-code-in-netvsc_init_buf.patch cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/0024-hyperv-Fix-a-bug-in-netvsc_send.patch cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/0025-Drivers-hv-vmbus-Support-per-channel-driver-state.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-hyperv_Mark_the_Hyoer-V_TSC_as_unstable.patch # fix empty symbol crc's cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-genksyms_fix_typeof_handling.patch diff --git a/lfs/mc b/lfs/mc index 945d604a50..b682d645e0 100644 --- a/lfs/mc +++ b/lfs/mc @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = mc -PAK_VER = 12 +PAK_VER = 13 DEPS = "" diff --git a/lfs/nano b/lfs/nano index 6bf411b2a2..5dcf4845ed 100644 --- a/lfs/nano +++ b/lfs/nano @@ -24,7 +24,7 @@ include Config -VER = 2.6.1 +VER = 2.6.3 THISAPP = nano-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = nano -PAK_VER = 10 +PAK_VER = 11 DEPS = "" @@ -44,7 +44,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 5154704d2f3461140e6798470e03b711 +$(DL_FILE)_MD5 = 1213c7f17916e65afefc95054c1f90f9 install : $(TARGET) diff --git a/lfs/nfs b/lfs/nfs index 42ac5b5867..23a17739ee 100644 --- a/lfs/nfs +++ b/lfs/nfs @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = nfs -PAK_VER = 8 +PAK_VER = 9 DEPS = "rpcbind" diff --git a/lfs/qemu b/lfs/qemu index 62010ee40d..fb4f4b30ef 100644 --- a/lfs/qemu +++ b/lfs/qemu @@ -33,9 +33,9 @@ DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) SUP_ARCH = i586 x86_64 PROG = qemu -PAK_VER = 20 +PAK_VER = 21 -DEPS = "sdl spice" +DEPS = "libusbredir sdl spice" ############################################################################### # Top-level Rules @@ -81,7 +81,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/etc \ --enable-kvm --disable-bluez --disable-attr \ --target-list="i386-linux-user x86_64-linux-user arm-linux-user i386-softmmu x86_64-softmmu arm-softmmu" \ - --extra-cflags="$(CFLAGS)" --enable-spice + --extra-cflags="$(CFLAGS)" --enable-spice --enable-usb-redir cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install diff --git a/lfs/rpcbind b/lfs/rpcbind index d9e28854ec..e7f9eff08b 100644 --- a/lfs/rpcbind +++ b/lfs/rpcbind @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = rpcbind -PAK_VER = 1 +PAK_VER = 2 DEPS = "libtirpc" diff --git a/lfs/smartmontools b/lfs/smartmontools index c3ba635a56..6c6d7db1d0 100644 --- a/lfs/smartmontools +++ b/lfs/smartmontools @@ -24,7 +24,7 @@ include Config -VER = 6.3 +VER = 6.5 THISAPP = smartmontools-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 2ea0c62206e110192a97b59291b17f54 +$(DL_FILE)_MD5 = 093aeec3f8f39fa9a37593c4012d3156 install : $(TARGET) @@ -70,7 +70,7 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/smartmontools-5.39-exit_segfault.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/smartmontools-6.5-exit_segfault.patch cd $(DIR_APP) && autoreconf cd $(DIR_APP) && ./configure --prefix=/usr cd $(DIR_APP) && make BUILD_INFO='"($(NAME) $(VERSION))"' $(MAKETUNING) diff --git a/lfs/squid b/lfs/squid index edaf943d63..2d9c5960f7 100644 --- a/lfs/squid +++ b/lfs/squid @@ -24,7 +24,7 @@ include Config -VER = 3.5.19 +VER = 3.5.20 THISAPP = squid-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = a1d990284c429a63ee85d80ee5b3b8b9 +$(DL_FILE)_MD5 = 48fb18679a30606de98882528beab3a7 install : $(TARGET) @@ -70,13 +70,16 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar xaf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14051.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14052.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14053.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14054.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14055.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14056.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.5.17-fix-max-file-descriptors.patch + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14067.patch + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14068.patch + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14069.patch + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14070.patch + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14071.patch + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14072.patch + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14073.patch + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14074.patch + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5-14075.patch + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.5.20-fix-max-file-descriptors.patch cd $(DIR_APP) && autoreconf -vfi cd $(DIR_APP)/libltdl && autoreconf -vfi diff --git a/lfs/unbound b/lfs/unbound index 536a4fbe39..9c8589367d 100644 --- a/lfs/unbound +++ b/lfs/unbound @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007 Michael Tremer & Christian Schmidt # +# Copyright (C) 2007-2016 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # diff --git a/make.sh b/make.sh index 4b94189867..73feacb37d 100755 --- a/make.sh +++ b/make.sh @@ -26,7 +26,7 @@ NAME="IPFire" # Software name SNAME="ipfire" # Short name VERSION="2.19" # Version number CORE="104" # Core Level (Filename) -PAKFIRE_CORE="103" # Core Level (PAKFIRE) +PAKFIRE_CORE="104" # Core Level (PAKFIRE) GIT_BRANCH=`git rev-parse --abbrev-ref HEAD` # Git Branch SLOGAN="www.ipfire.org" # Software slogan CONFIG_ROOT=/var/ipfire # Configuration rootdir @@ -711,6 +711,7 @@ buildipfire() { ipfiremake spice-protocol ipfiremake spice ipfiremake sdl + ipfiremake libusbredir ipfiremake qemu ipfiremake sane ipfiremake netpbm diff --git a/src/initscripts/init.d/libvirtd b/src/initscripts/init.d/libvirtd index f97d208f45..40bc6bee34 100644 --- a/src/initscripts/init.d/libvirtd +++ b/src/initscripts/init.d/libvirtd @@ -18,7 +18,7 @@ case $1 in start) boot_mesg "Load required kernel modules for Libvirt" - modprobe tun + modprobe tun vhost_net evaluate_retval boot_mesg "Starting Libvirt Daemon..." loadproc /usr/sbin/libvirtd -d diff --git a/src/initscripts/init.d/virtlogd b/src/initscripts/init.d/virtlogd new file mode 100644 index 0000000000..148268621a --- /dev/null +++ b/src/initscripts/init.d/virtlogd @@ -0,0 +1,46 @@ +#!/bin/sh +######################################################################## +# Begin $rc_base/init.d/virtlogd +# +# Description : virtlogd init script +# +# Authors : Jonatan Schlag - jonatan.schlag@ipfire.org +# +# Version : 01.00 +# +# Notes : +# +######################################################################## + +. /etc/sysconfig/rc +. $rc_functions + +case $1 in + start) + boot_mesg "Starting virtlogd Daemon..." + loadproc /usr/sbin/virtlogd -d -p /var/run/virtlogd.pid + + ;; + + stop) + boot_mesg "Stopping virtlogd Daemon..." + killproc /usr/sbin/virtlogd + ;; + + restart) + boot_mesg "Restart virtlogd Daemon..." + kill -10 $(cat /var/run/virtlogd.pid) + evaluate_retval + ;; + + status) + statusproc /usr/sbin/virtlogd + ;; + + *) + echo "Usage: $0 {start|stop|restart|status}" + exit 1 + ;; +esac + +# End $rc_base/init.d/virtlogd diff --git a/src/paks/libvirt/install.sh b/src/paks/libvirt/install.sh index 4a693b938e..a11caa4341 100644 --- a/src/paks/libvirt/install.sh +++ b/src/paks/libvirt/install.sh @@ -45,7 +45,13 @@ chown -R nobody:kvm /var/lib/libvirt/images # restore the backup restore_backup ${NAME} +start_service virtlogd start_service --background libvirtd + +ln -svf /etc/init.d/virtlogd /etc/rc.d/rc0.d/K21virtlogd +ln -svf /etc/init.d/virtlogd /etc/rc.d/rc3.d/S69virtlogd +ln -svf /etc/init.d/virtlogd /etc/rc.d/rc6.d/K21virtlogd + ln -svf /etc/init.d/libvirtd /etc/rc.d/rc0.d/K20libvirtd ln -svf /etc/init.d/libvirtd /etc/rc.d/rc3.d/S70libvirtd ln -svf /etc/init.d/libvirtd /etc/rc.d/rc6.d/K20libvirtd diff --git a/src/paks/libvirt/uninstall.sh b/src/paks/libvirt/uninstall.sh index 23c86e5d02..0d96e360df 100644 --- a/src/paks/libvirt/uninstall.sh +++ b/src/paks/libvirt/uninstall.sh @@ -23,7 +23,7 @@ # . /opt/pakfire/lib/functions.sh stop_service libvirtd - +stop_service virtlogd extract_backup_includes make_backup ${NAME} @@ -31,4 +31,5 @@ remove_files rm -f /etc/rc.d/rc*.d/*libvirt-guests rm -f /etc/rc.d/rc*.d/*libvirtd +rm -f /etc/rc.d/rc*.d/*virtlogd diff --git a/src/paks/libvirt/update.sh b/src/paks/libvirt/update.sh index d0b3ba1631..ab57cbf627 100644 --- a/src/paks/libvirt/update.sh +++ b/src/paks/libvirt/update.sh @@ -22,6 +22,66 @@ ############################################################################ # . /opt/pakfire/lib/functions.sh -./uninstall.sh -./install.sh + +# +#uninstall +# +stop_service libvirtd +extract_backup_includes +make_backup ${NAME} + +remove_files + +rm -f /etc/rc.d/rc*.d/*libvirt-guests +rm -f /etc/rc.d/rc*.d/*libvirtd +rm -f /etc/rc.d/rc*.d/*virtlogd + +# +#install +# + +# creates a new user and group called libvirt-remote if they not exist +getent group libvirt-remote >/dev/null || groupadd libvirt-remote +getent passwd libvirt-remote >/dev/null || \ +useradd -m -g libvirt-remote -s /bin/bash "libvirt-remote" + +extract_files + +# create diretorys in var +mkdir -p /var/cache/libvirt/qemu \ +/var/lib/libvirt/boot \ +/var/lib/libvirt/filesystems \ +/var/lib/libvirt/images \ +/var/lib/libvirt/lockd/files \ +/var/lib/libvirt/qemu \ +/var/log/libvirt/qemu +# set the permissions +chown -R nobody:kvm /var/cache/libvirt/qemu +chown -R nobody:kvm /var/lib/libvirt/qemu +chown -R nobody:kvm /var/lib/libvirt/images +# restore the backup +restore_backup ${NAME} + +#restart virtlogd to use the new version +if [ -f "/var/run/virtlogd.pid" ]; then +# the daemon runs restart him +/etc/init.d/virtlogd restart +else +# the daemon runs not start him +/etc/init.d/virtlogd start +fi + +start_service --background libvirtd + +ln -svf /etc/init.d/virtlogd /etc/rc.d/rc0.d/K21virtlogd +ln -svf /etc/init.d/virtlogd /etc/rc.d/rc3.d/S69virtlogd +ln -svf /etc/init.d/virtlogd /etc/rc.d/rc6.d/K21virtlogd + +ln -svf /etc/init.d/libvirtd /etc/rc.d/rc0.d/K20libvirtd +ln -svf /etc/init.d/libvirtd /etc/rc.d/rc3.d/S70libvirtd +ln -svf /etc/init.d/libvirtd /etc/rc.d/rc6.d/K20libvirtd + +ln -svf /etc/init.d/libvirt-guests /etc/rc.d/rc0.d/K19libvirt-guests +ln -svf /etc/init.d/libvirt-guests /etc/rc.d/rc3.d/S71libvirt-guests +ln -svf /etc/init.d/libvirt-guests /etc/rc.d/rc6.d/K19libvirt-guests diff --git a/src/patches/arm-multi-grsec-compile-fixes.patch b/src/patches/arm-multi-grsec-compile-fixes.patch index 08726f8a26..b71d9aec6e 100644 --- a/src/patches/arm-multi-grsec-compile-fixes.patch +++ b/src/patches/arm-multi-grsec-compile-fixes.patch @@ -1,18 +1,18 @@ -diff -Naur linux-3.14.74.org/arch/arm/mach-omap2/cclock3xxx_data.c linux-3.14.74/arch/arm/mach-omap2/cclock3xxx_data.c ---- linux-3.14.74.org/arch/arm/mach-omap2/cclock3xxx_data.c 2016-07-27 18:56:02.000000000 +0200 -+++ linux-3.14.74/arch/arm/mach-omap2/cclock3xxx_data.c 2016-07-29 01:47:45.272515907 +0200 +diff -Naur linux-3.14.76.org/arch/arm/mach-omap2/cclock3xxx_data.c linux-3.14.76/arch/arm/mach-omap2/cclock3xxx_data.c +--- linux-3.14.76.org/arch/arm/mach-omap2/cclock3xxx_data.c 2016-08-18 06:26:02.000000000 +0200 ++++ linux-3.14.76/arch/arm/mach-omap2/cclock3xxx_data.c 2016-08-18 06:37:51.442186995 +0200 @@ -250,7 +250,7 @@ static struct clk dpll1_ck; --static const struct clk_ops dpll1_ck_ops = { -+static clk_ops_no_const dpll1_ck_ops = { +-static struct clk_ops dpll1_ck_ops; ++static clk_ops_no_const dpll1_ck_ops; + + static struct clk_ops dpll1_ck_ops_34xx __initdata = { .init = &omap2_init_clk_clkdm, - .enable = &omap3_noncore_dpll_enable, - .disable = &omap3_noncore_dpll_disable, -diff -Naur linux-3.14.74.org/net/ipv6/addrconf.c linux-3.14.74/net/ipv6/addrconf.c ---- linux-3.14.74.org/net/ipv6/addrconf.c 2016-07-29 03:47:13.000000000 +0200 -+++ linux-3.14.74/net/ipv6/addrconf.c 2016-07-29 00:47:00.000000000 +0200 +diff -Naur linux-3.14.76.org/net/ipv6/addrconf.c linux-3.14.76/net/ipv6/addrconf.c +--- linux-3.14.76.org/net/ipv6/addrconf.c 2016-08-18 06:25:51.000000000 +0200 ++++ linux-3.14.76/net/ipv6/addrconf.c 2016-08-18 06:31:51.802186824 +0200 @@ -4818,7 +4818,7 @@ { struct inet6_dev *idev = ctl->extra1; diff --git a/src/patches/linux-3.14.77-gsrec_tcp_input_access_once_rw.patch b/src/patches/linux-3.14.77-gsrec_tcp_input_access_once_rw.patch new file mode 100644 index 0000000000..19d0448925 --- /dev/null +++ b/src/patches/linux-3.14.77-gsrec_tcp_input_access_once_rw.patch @@ -0,0 +1,18 @@ +diff -Naur linux-3.14.77.org/net/ipv4/tcp_input.c linux-3.14.77/net/ipv4/tcp_input.c +--- linux-3.14.77.org/net/ipv4/tcp_input.c 2016-08-21 19:58:45.000000000 +0200 ++++ linux-3.14.77/net/ipv4/tcp_input.c 2016-08-21 21:11:24.336757369 +0200 +@@ -3299,12 +3299,12 @@ + u32 half = (sysctl_tcp_challenge_ack_limit + 1) >> 1; + + challenge_timestamp = now; +- ACCESS_ONCE(challenge_count) = half + ++ ACCESS_ONCE_RW(challenge_count) = half + + prandom_u32_max(sysctl_tcp_challenge_ack_limit); + } + count = ACCESS_ONCE(challenge_count); + if (count > 0) { +- ACCESS_ONCE(challenge_count) = count - 1; ++ ACCESS_ONCE_RW(challenge_count) = count - 1; + NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPCHALLENGEACK); + tcp_send_ack(sk); + } diff --git a/src/patches/linux-hyperv_Mark_the_Hyoer-V_TSC_as_unstable.patch b/src/patches/linux-hyperv_Mark_the_Hyoer-V_TSC_as_unstable.patch new file mode 100644 index 0000000000..d12f46b6a8 --- /dev/null +++ b/src/patches/linux-hyperv_Mark_the_Hyoer-V_TSC_as_unstable.patch @@ -0,0 +1,47 @@ +From 88c9281a9fba67636ab26c1fd6afbc78a632374f Mon Sep 17 00:00:00 2001 +From: Vitaly Kuznetsov +Date: Wed, 19 Aug 2015 09:54:24 -0700 +Subject: x86/hyperv: Mark the Hyper-V TSC as unstable + +The Hyper-V top-level functional specification states, that +"algorithms should be resilient to sudden jumps forward or +backward in the TSC value", this means that we should consider +TSC as unstable. In some cases tsc tests are able to detect the +instability, it was detected in 543 out of 646 boots in my +testing: + + Measured 6277 cycles TSC warp between CPUs, turning off TSC clock. + tsc: Marking TSC unstable due to check_tsc_sync_source failed + +This is, however, just a heuristic. On Hyper-V platform there +are two good clocksources: MSR-based hyperv_clocksource and +recently introduced TSC page. + +Signed-off-by: Vitaly Kuznetsov +Cc: Haiyang Zhang +Cc: K. Y. Srinivasan +Cc: Linus Torvalds +Cc: Peter Zijlstra +Cc: Thomas Gleixner +Cc: devel@linuxdriverproject.org +Link: http://lkml.kernel.org/r/1440003264-9949-1-git-send-email-vkuznets@redhat.com +Signed-off-by: Ingo Molnar +--- + arch/x86/kernel/cpu/mshyperv.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c +index aad4bd8..6fd023d 100644 +--- a/arch/x86/kernel/cpu/mshyperv.c ++++ b/arch/x86/kernel/cpu/mshyperv.c +@@ -141,6 +141,7 @@ static void __init ms_hyperv_init_platform(void) + no_timer_check = 1; + #endif + ++ mark_tsc_unstable("running on Hyper-V"); + } + + const __refconst struct hypervisor_x86 x86_hyper_ms_hyperv = { +-- +cgit v0.12 + diff --git a/src/patches/smartmontools-5.39-exit_segfault.patch b/src/patches/smartmontools-6.5-exit_segfault.patch similarity index 50% rename from src/patches/smartmontools-5.39-exit_segfault.patch rename to src/patches/smartmontools-6.5-exit_segfault.patch index 5ed4b10993..6c5df8aac8 100644 --- a/src/patches/smartmontools-5.39-exit_segfault.patch +++ b/src/patches/smartmontools-6.5-exit_segfault.patch @@ -1,7 +1,6 @@ -diff -Naur smartmontools-5.39-svn_r2877/utility.h smartmontools-5.39-svn_r2877.new/utility.h ---- smartmontools-5.39-svn_r2877/utility.h 2009-08-24 12:48:50.000000000 +0200 -+++ smartmontools-5.39-svn_r2877.new/utility.h 2009-08-29 09:11:07.000000000 +0200 -@@ -102,7 +102,11 @@ +--- a/utility.h Sun Apr 24 16:59:15 2016 ++++ b/utility.h Sat Aug 20 22:40:33 2016 +@@ -97,7 +97,11 @@ // Replacement for exit(status) // (exit is not compatible with C++ destructors) @@ -12,5 +11,6 @@ diff -Naur smartmontools-5.39-svn_r2877/utility.h smartmontools-5.39-svn_r2877.n +//tried to use exit and found no problems yet +#define EXIT(status) { exit ((int)(status)); } - - #ifdef OLD_INTERFACE + // Compile time check of byte ordering + // (inline const function allows compiler to remove dead code) + diff --git a/src/patches/squid-3.5.17-fix-max-file-descriptors.patch b/src/patches/squid-3.5.20-fix-max-file-descriptors.patch similarity index 92% rename from src/patches/squid-3.5.17-fix-max-file-descriptors.patch rename to src/patches/squid-3.5.20-fix-max-file-descriptors.patch index b0efa76d02..b740b6104e 100644 --- a/src/patches/squid-3.5.17-fix-max-file-descriptors.patch +++ b/src/patches/squid-3.5.20-fix-max-file-descriptors.patch @@ -1,6 +1,6 @@ --- configure.ac.~ Wed Apr 20 14:26:07 2016 +++ configure.ac Fri Apr 22 17:20:46 2016 -@@ -3131,6 +3131,9 @@ +@@ -3135,6 +3135,9 @@ ;; esac @@ -10,7 +10,7 @@ dnl --with-maxfd present for compatibility with Squid-2. dnl undocumented in ./configure --help to encourage using the Squid-3 directive AC_ARG_WITH(maxfd,, -@@ -3161,8 +3164,6 @@ +@@ -3165,8 +3168,6 @@ esac ]) diff --git a/src/patches/squid/squid-3.5-14051.patch b/src/patches/squid/squid-3.5-14051.patch deleted file mode 100644 index 58892dc87a..0000000000 --- a/src/patches/squid/squid-3.5-14051.patch +++ /dev/null @@ -1,63 +0,0 @@ ------------------------------------------------------------- -revno: 14051 -revision-id: squid3@treenet.co.nz-20160517145850-uos9z00nrt7xd9ik -parent: squid3@treenet.co.nz-20160508124125-fytgvn68zppfr8ix -author: Steve Hill -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Wed 2016-05-18 02:58:50 +1200 -message: - Support unified EUI format code in external_acl_type - - Squid supports %>eui as a logformat specifier, which produces an EUI-48 - for IPv4 clients and an EUI-64 for IPv6 clients. However, This is not - allowed as a format specifier for the external ACLs, and you have to use - %SRCEUI48 and %SRCEUI64 instead. %SRCEUI48 is only useful for IPv4 - clients and %SRCEUI64 is only useful for IPv6 clients, so supporting - both v4 and v6 is a bit messy. - - Adds the %>eui specifier for external ACLs and behaves in the same way - as the logformat specifier. ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20160517145850-uos9z00nrt7xd9ik -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: ad0743717948a65cfd4f306acc2bbaa9343e9a76 -# timestamp: 2016-05-17 15:50:54 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20160508124125-\ -# fytgvn68zppfr8ix -# -# Begin patch -=== modified file 'src/external_acl.cc' ---- src/external_acl.cc 2016-01-01 00:14:27 +0000 -+++ src/external_acl.cc 2016-05-17 14:58:50 +0000 -@@ -356,6 +356,8 @@ - else if (strcmp(token, "%SRCPORT") == 0 || strcmp(token, "%>p") == 0) - format->type = Format::LFT_CLIENT_PORT; - #if USE_SQUID_EUI -+ else if (strcmp(token, "%>eui") == 0) -+ format->type = Format::LFT_CLIENT_EUI; - else if (strcmp(token, "%SRCEUI48") == 0) - format->type = Format::LFT_EXT_ACL_CLIENT_EUI48; - else if (strcmp(token, "%SRCEUI64") == 0) -@@ -944,6 +946,18 @@ - break; - - #if USE_SQUID_EUI -+ case Format::LFT_CLIENT_EUI: -+ // TODO make the ACL checklist have a direct link to any TCP details. -+ if (request->clientConnectionManager.valid() && request->clientConnectionManager->clientConnection != NULL) -+ { -+ if (request->clientConnectionManager->clientConnection->remote.isIPv4()) -+ request->clientConnectionManager->clientConnection->remoteEui48.encode(buf, sizeof(buf)); -+ else -+ request->clientConnectionManager->clientConnection->remoteEui64.encode(buf, sizeof(buf)); -+ str = buf; -+ } -+ break; -+ - case Format::LFT_EXT_ACL_CLIENT_EUI48: - if (request->clientConnectionManager.valid() && request->clientConnectionManager->clientConnection != NULL && - request->clientConnectionManager->clientConnection->remoteEui48.encode(buf, sizeof(buf))) - diff --git a/src/patches/squid/squid-3.5-14052.patch b/src/patches/squid/squid-3.5-14052.patch deleted file mode 100644 index 4fba15956b..0000000000 --- a/src/patches/squid/squid-3.5-14052.patch +++ /dev/null @@ -1,34 +0,0 @@ ------------------------------------------------------------- -revno: 14052 -revision-id: squidadm@squid-cache.org-20160517181416-sfrjdosd9dhx7u8o -parent: squid3@treenet.co.nz-20160517145850-uos9z00nrt7xd9ik -committer: Source Maintenance -branch nick: 3.5 -timestamp: Tue 2016-05-17 18:14:16 +0000 -message: - SourceFormat Enforcement ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squidadm@squid-cache.org-20160517181416-\ -# sfrjdosd9dhx7u8o -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: e30c12805cacdb559925da08cc6a25fe4a39c19b -# timestamp: 2016-05-17 18:51:06 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20160517145850-\ -# uos9z00nrt7xd9ik -# -# Begin patch -=== modified file 'src/external_acl.cc' ---- src/external_acl.cc 2016-05-17 14:58:50 +0000 -+++ src/external_acl.cc 2016-05-17 18:14:16 +0000 -@@ -956,7 +956,7 @@ - request->clientConnectionManager->clientConnection->remoteEui64.encode(buf, sizeof(buf)); - str = buf; - } -- break; -+ break; - - case Format::LFT_EXT_ACL_CLIENT_EUI48: - if (request->clientConnectionManager.valid() && request->clientConnectionManager->clientConnection != NULL && - diff --git a/src/patches/squid/squid-3.5-14053.patch b/src/patches/squid/squid-3.5-14053.patch deleted file mode 100644 index f669449aee..0000000000 --- a/src/patches/squid/squid-3.5-14053.patch +++ /dev/null @@ -1,46 +0,0 @@ ------------------------------------------------------------- -revno: 14053 -revision-id: squid3@treenet.co.nz-20160521130058-zq8zugw0fohwfu3z -parent: squidadm@squid-cache.org-20160517181416-sfrjdosd9dhx7u8o -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Sun 2016-05-22 01:00:58 +1200 -message: - Do not override user defined -std option ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20160521130058-zq8zugw0fohwfu3z -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: a75245a622ccfa385ef5e4722f9a9fb438a16135 -# timestamp: 2016-05-21 13:08:06 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squidadm@squid-cache.org-20160517181416-\ -# sfrjdosd9dhx7u8o -# -# Begin patch -=== modified file 'configure.ac' ---- configure.ac 2016-05-08 12:41:25 +0000 -+++ configure.ac 2016-05-21 13:00:58 +0000 -@@ -95,6 +95,9 @@ - # Guess the compiler type (sets squid_cv_compiler) - SQUID_CC_GUESS_VARIANT - -+# If the user did not specify a C++ version. -+user_cxx=`echo "$PRESET_CXXFLAGS" | grep -o -E "\-std="` -+if test "x$user_cxx" = "x"; then - # Check for C++11 compiler support - # - # BUG 3613: when clang -std=c++0x is used, it activates a "strict mode" -@@ -103,8 +106,9 @@ - # - # Similar POSIX issues on MinGW 32-bit and Cygwin - # --if ! test "x$squid_host_os" = "xmingw" -o "x$squid_host_os" = "xcygwin" -o "x$squid_cv_compiler" = "xclang"; then -- AX_CXX_COMPILE_STDCXX_11([noext],[optional]) -+ if ! test "x$squid_host_os" = "xmingw" -o "x$squid_host_os" = "xcygwin" -o "x$squid_cv_compiler" = "xclang"; then -+ AX_CXX_COMPILE_STDCXX_11([noext],[optional]) -+ fi - fi - - # test for programs - diff --git a/src/patches/squid/squid-3.5-14054.patch b/src/patches/squid/squid-3.5-14054.patch deleted file mode 100644 index 90b34c13f3..0000000000 --- a/src/patches/squid/squid-3.5-14054.patch +++ /dev/null @@ -1,37 +0,0 @@ ------------------------------------------------------------- -revno: 14054 -revision-id: squid3@treenet.co.nz-20160521130144-6xtcayieij00fm5v -parent: squid3@treenet.co.nz-20160521130058-zq8zugw0fohwfu3z -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Sun 2016-05-22 01:01:44 +1200 -message: - Fix OpenSSL detection on FreeBSD ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20160521130144-6xtcayieij00fm5v -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: 3d8c0d7a9f1886523ac55d79e4d3e8f0340e2ec9 -# timestamp: 2016-05-21 13:08:08 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20160521130058-\ -# zq8zugw0fohwfu3z -# -# Begin patch -=== modified file 'configure.ac' ---- configure.ac 2016-05-21 13:00:58 +0000 -+++ configure.ac 2016-05-21 13:01:44 +0000 -@@ -1348,10 +1348,10 @@ - - AC_CHECK_LIB(crypto,[CRYPTO_new_ex_data],[LIBOPENSSL_LIBS="-lcrypto $LIBOPENSSL_LIBS"],[ - AC_MSG_ERROR([library 'crypto' is required for OpenSSL]) -- ]) -+ ],$LIBOPENSSL_LIBS) - AC_CHECK_LIB(ssl,[SSL_library_init],[LIBOPENSSL_LIBS="-lssl $LIBOPENSSL_LIBS"],[ - AC_MSG_ERROR([library 'ssl' is required for OpenSSL]) -- ]) -+ ],$LIBOPENSSL_LIBS) - ]) - - # This is a workaround for RedHat 9 brain damage.. - diff --git a/src/patches/squid/squid-3.5-14055.patch b/src/patches/squid/squid-3.5-14055.patch deleted file mode 100644 index ac04bb61a8..0000000000 --- a/src/patches/squid/squid-3.5-14055.patch +++ /dev/null @@ -1,39 +0,0 @@ ------------------------------------------------------------- -revno: 14055 -revision-id: squid3@treenet.co.nz-20160521155202-pp53utwamdhkugvg -parent: squid3@treenet.co.nz-20160521130144-6xtcayieij00fm5v -author: Alex Rousskov -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Sun 2016-05-22 03:52:02 +1200 -message: - Fix icons loading speed. - - Since trunk r14100 (Bug 3875: bad mimeLoadIconFile error handling), each - icon was read from disk and written to Store one character at a time. I - did not measure startup delays in production, but in debugging runs, - fixing this bug sped up icons loading from 1 minute to 4 seconds. ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20160521155202-pp53utwamdhkugvg -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: 79b78480d81666c15406d23837608ba9a578da4b -# timestamp: 2016-05-21 16:51:00 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20160521130144-\ -# 6xtcayieij00fm5v -# -# Begin patch -=== modified file 'src/mime.cc' ---- src/mime.cc 2016-01-01 00:14:27 +0000 -+++ src/mime.cc 2016-05-21 15:52:02 +0000 -@@ -430,7 +430,7 @@ - /* read the file into the buffer and append it to store */ - int n; - char *buf = (char *)memAllocate(MEM_4K_BUF); -- while ((n = FD_READ_METHOD(fd, buf, sizeof(*buf))) > 0) -+ while ((n = FD_READ_METHOD(fd, buf, 4096)) > 0) - e->append(buf, n); - - file_close(fd); - diff --git a/src/patches/squid/squid-3.5-14056.patch b/src/patches/squid/squid-3.5-14056.patch deleted file mode 100644 index 4ea3808b58..0000000000 --- a/src/patches/squid/squid-3.5-14056.patch +++ /dev/null @@ -1,36 +0,0 @@ ------------------------------------------------------------- -revno: 14056 -revision-id: squid3@treenet.co.nz-20160521172919-du6cbdirqcxdjbtr -parent: squid3@treenet.co.nz-20160521155202-pp53utwamdhkugvg -author: Christos Tsantilas -committer: Amos Jeffries -branch nick: 3.5 -timestamp: Sun 2016-05-22 05:29:19 +1200 -message: - Increase debug level in a peek-and-splice related debug message - - It may produced one debugging line for each SSL transaction in some cases ------------------------------------------------------------- -# Bazaar merge directive format 2 (Bazaar 0.90) -# revision_id: squid3@treenet.co.nz-20160521172919-du6cbdirqcxdjbtr -# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# testament_sha1: 76c2e864289dabb1065c470c954f9fc5ec4c7b4f -# timestamp: 2016-05-21 17:50:54 +0000 -# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 -# base_revision_id: squid3@treenet.co.nz-20160521155202-\ -# pp53utwamdhkugvg -# -# Begin patch -=== modified file 'src/ssl/PeerConnector.cc' ---- src/ssl/PeerConnector.cc 2016-02-15 11:29:50 +0000 -+++ src/ssl/PeerConnector.cc 2016-05-21 17:29:19 +0000 -@@ -598,7 +598,7 @@ - - case SSL_ERROR_WANT_WRITE: - if ((srvBio->bumpMode() == Ssl::bumpPeek || srvBio->bumpMode() == Ssl::bumpStare) && srvBio->holdWrite()) { -- debugs(81, DBG_IMPORTANT, "hold write on SSL connection on FD " << fd); -+ debugs(81, 3, "hold write on SSL connection on FD " << fd); - checkForPeekAndSplice(); - return; - } - diff --git a/src/patches/squid/squid-3.5-14067.patch b/src/patches/squid/squid-3.5-14067.patch new file mode 100644 index 0000000000..8d9cb21a1b --- /dev/null +++ b/src/patches/squid/squid-3.5-14067.patch @@ -0,0 +1,381 @@ +------------------------------------------------------------ +revno: 14067 +revision-id: squid3@treenet.co.nz-20160723071620-1wzqpbyi1rk5w6vg +parent: squid3@treenet.co.nz-20160701113616-vpjak1pq4uecadd2 +fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4534 +committer: Amos Jeffries +branch nick: 3.5 +timestamp: Sat 2016-07-23 19:16:20 +1200 +message: + Bug 4534: assertion failure in xcalloc when using many cache_dir +------------------------------------------------------------ +# Bazaar merge directive format 2 (Bazaar 0.90) +# revision_id: squid3@treenet.co.nz-20160723071620-1wzqpbyi1rk5w6vg +# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 +# testament_sha1: fcd663f0fd4a24d505f81eb94ef95d627a4ca363 +# timestamp: 2016-07-23 07:24:01 +0000 +# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 +# base_revision_id: squid3@treenet.co.nz-20160701113616-\ +# vpjak1pq4uecadd2 +# +# Begin patch +=== modified file 'src/CacheDigest.cc' +--- src/CacheDigest.cc 2016-01-01 00:14:27 +0000 ++++ src/CacheDigest.cc 2016-07-23 07:16:20 +0000 +@@ -35,12 +35,12 @@ + static uint32_t hashed_keys[4]; + + static void +-cacheDigestInit(CacheDigest * cd, int capacity, int bpe) ++cacheDigestInit(CacheDigest * cd, uint64_t capacity, uint8_t bpe) + { +- const size_t mask_size = cacheDigestCalcMaskSize(capacity, bpe); ++ const uint32_t mask_size = cacheDigestCalcMaskSize(capacity, bpe); + assert(cd); + assert(capacity > 0 && bpe > 0); +- assert(mask_size > 0); ++ assert(mask_size != 0); + cd->capacity = capacity; + cd->bits_per_entry = bpe; + cd->mask_size = mask_size; +@@ -50,7 +50,7 @@ + } + + CacheDigest * +-cacheDigestCreate(int capacity, int bpe) ++cacheDigestCreate(uint64_t capacity, uint8_t bpe) + { + CacheDigest *cd = (CacheDigest *)memAllocate(MEM_CACHE_DIGEST); + assert(SQUID_MD5_DIGEST_LENGTH == 16); /* our hash functions rely on 16 byte keys */ +@@ -97,7 +97,7 @@ + + /* changes mask size, resets bits to 0, preserves "cd" pointer */ + void +-cacheDigestChangeCap(CacheDigest * cd, int new_cap) ++cacheDigestChangeCap(CacheDigest * cd, uint64_t new_cap) + { + assert(cd); + cacheDigestClean(cd); +@@ -278,12 +278,12 @@ + storeAppendPrintf(e, "%s digest: size: %d bytes\n", + label ? label : "", stats.bit_count / 8 + ); +- storeAppendPrintf(e, "\t entries: count: %d capacity: %d util: %d%%\n", ++ storeAppendPrintf(e, "\t entries: count: %" PRIu64 " capacity: %" PRIu64 " util: %d%%\n", + cd->count, + cd->capacity, + xpercentInt(cd->count, cd->capacity) + ); +- storeAppendPrintf(e, "\t deletion attempts: %d\n", ++ storeAppendPrintf(e, "\t deletion attempts: %" PRIu64 "\n", + cd->del_count + ); + storeAppendPrintf(e, "\t bits: per entry: %d on: %d capacity: %d util: %d%%\n", +@@ -297,16 +297,18 @@ + ); + } + +-size_t +-cacheDigestCalcMaskSize(int cap, int bpe) ++uint32_t ++cacheDigestCalcMaskSize(uint64_t cap, uint8_t bpe) + { +- return (size_t) (cap * bpe + 7) / 8; ++ uint64_t bitCount = (cap * bpe) + 7; ++ assert(bitCount < INT_MAX); // dont 31-bit overflow later ++ return static_cast(bitCount / 8); + } + + static void + cacheDigestHashKey(const CacheDigest * cd, const cache_key * key) + { +- const unsigned int bit_count = cd->mask_size * 8; ++ const uint32_t bit_count = cd->mask_size * 8; + unsigned int tmp_keys[4]; + /* we must memcpy to ensure alignment */ + memcpy(tmp_keys, key, sizeof(tmp_keys)); + +=== modified file 'src/CacheDigest.h' +--- src/CacheDigest.h 2016-01-01 00:14:27 +0000 ++++ src/CacheDigest.h 2016-07-23 07:16:20 +0000 +@@ -22,23 +22,23 @@ + { + public: + /* public, read-only */ +- char *mask; /* bit mask */ +- int mask_size; /* mask size in bytes */ +- int capacity; /* expected maximum for .count, not a hard limit */ +- int bits_per_entry; /* number of bits allocated for each entry from capacity */ +- int count; /* number of digested entries */ +- int del_count; /* number of deletions performed so far */ ++ uint64_t count; /* number of digested entries */ ++ uint64_t del_count; /* number of deletions performed so far */ ++ uint64_t capacity; /* expected maximum for .count, not a hard limit */ ++ char *mask; /* bit mask */ ++ uint32_t mask_size; /* mask size in bytes */ ++ int8_t bits_per_entry; /* number of bits allocated for each entry from capacity */ + }; + +-CacheDigest *cacheDigestCreate(int capacity, int bpe); ++CacheDigest *cacheDigestCreate(uint64_t capacity, uint8_t bpe); + void cacheDigestDestroy(CacheDigest * cd); + CacheDigest *cacheDigestClone(const CacheDigest * cd); + void cacheDigestClear(CacheDigest * cd); +-void cacheDigestChangeCap(CacheDigest * cd, int new_cap); ++void cacheDigestChangeCap(CacheDigest * cd, uint64_t new_cap); + int cacheDigestTest(const CacheDigest * cd, const cache_key * key); + void cacheDigestAdd(CacheDigest * cd, const cache_key * key); + void cacheDigestDel(CacheDigest * cd, const cache_key * key); +-size_t cacheDigestCalcMaskSize(int cap, int bpe); ++uint32_t cacheDigestCalcMaskSize(uint64_t cap, uint8_t bpe); + int cacheDigestBitUtil(const CacheDigest * cd); + void cacheDigestGuessStatsUpdate(CacheDigestGuessStats * stats, int real_hit, int guess_hit); + void cacheDigestGuessStatsReport(const CacheDigestGuessStats * stats, StoreEntry * sentry, const char *label); + +=== modified file 'src/PeerDigest.h' +--- src/PeerDigest.h 2016-01-01 00:14:27 +0000 ++++ src/PeerDigest.h 2016-07-23 07:16:20 +0000 +@@ -52,7 +52,7 @@ + store_client *old_sc; + HttpRequest *request; + int offset; +- int mask_offset; ++ uint32_t mask_offset; + time_t start_time; + time_t resp_time; + time_t expires; + +=== modified file 'src/peer_digest.cc' +--- src/peer_digest.cc 2016-01-01 00:14:27 +0000 ++++ src/peer_digest.cc 2016-07-23 07:16:20 +0000 +@@ -754,7 +754,7 @@ + if (!reason && !size) { + if (!pd->cd) + reason = "null digest?!"; +- else if (fetch->mask_offset != (int)pd->cd->mask_size) ++ else if (fetch->mask_offset != pd->cd->mask_size) + reason = "premature end of digest?!"; + else if (!peerDigestUseful(pd)) + reason = "useless digest"; + +=== modified file 'src/store_digest.cc' +--- src/store_digest.cc 2016-01-01 00:14:27 +0000 ++++ src/store_digest.cc 2016-07-23 07:16:20 +0000 +@@ -76,36 +76,63 @@ + static void storeDigestRewriteFinish(StoreEntry * e); + static EVH storeDigestSwapOutStep; + static void storeDigestCBlockSwapOut(StoreEntry * e); +-static int storeDigestCalcCap(void); +-static int storeDigestResize(void); + static void storeDigestAdd(const StoreEntry *); + ++/// calculates digest capacity ++static uint64_t ++storeDigestCalcCap() ++{ ++ /* ++ * To-Do: Bloom proved that the optimal filter utilization is 50% (half of ++ * the bits are off). However, we do not have a formula to calculate the ++ * number of _entries_ we want to pre-allocate for. ++ */ ++ const uint64_t hi_cap = Store::Root().maxSize() / Config.Store.avgObjectSize; ++ const uint64_t lo_cap = 1 + Store::Root().currentSize() / Config.Store.avgObjectSize; ++ const uint64_t e_count = StoreEntry::inUseCount(); ++ uint64_t cap = e_count ? e_count : hi_cap; ++ debugs(71, 2, "have: " << e_count << ", want " << cap << ++ " entries; limits: [" << lo_cap << ", " << hi_cap << "]"); ++ ++ if (cap < lo_cap) ++ cap = lo_cap; ++ ++ /* do not enforce hi_cap limit, average-based estimation may be wrong ++ *if (cap > hi_cap) ++ * cap = hi_cap; ++ */ ++ ++ // Bug 4534: we still have to set an upper-limit at some reasonable value though. ++ // this matches cacheDigestCalcMaskSize doing (cap*bpe)+7 < INT_MAX ++ const uint64_t absolute_max = (INT_MAX -8) / Config.digest.bits_per_entry; ++ if (cap > absolute_max) { ++ static time_t last_loud = 0; ++ if (last_loud < squid_curtime - 86400) { ++ debugs(71, DBG_IMPORTANT, "WARNING: Cache Digest cannot store " << cap << " entries. Limiting to " << absolute_max); ++ last_loud = squid_curtime; ++ } else { ++ debugs(71, 3, "WARNING: Cache Digest cannot store " << cap << " entries. Limiting to " << absolute_max); ++ } ++ cap = absolute_max; ++ } ++ ++ return cap; ++} + #endif /* USE_CACHE_DIGESTS */ + +-static void +-storeDigestRegisterWithCacheManager(void) ++void ++storeDigestInit(void) + { + Mgr::RegisterAction("store_digest", "Store Digest", storeDigestReport, 0, 1); +-} +- +-/* +- * PUBLIC FUNCTIONS +- */ +- +-void +-storeDigestInit(void) +-{ +- storeDigestRegisterWithCacheManager(); + + #if USE_CACHE_DIGESTS +- const int cap = storeDigestCalcCap(); +- + if (!Config.onoff.digest_generation) { + store_digest = NULL; + debugs(71, 3, "Local cache digest generation disabled"); + return; + } + ++ const uint64_t cap = storeDigestCalcCap(); + store_digest = cacheDigestCreate(cap, Config.digest.bits_per_entry); + debugs(71, DBG_IMPORTANT, "Local cache digest enabled; rebuild/rewrite every " << + (int) Config.digest.rebuild_period << "/" << +@@ -290,6 +317,31 @@ + storeDigestRebuildResume(); + } + ++/// \returns true if we actually resized the digest ++static bool ++storeDigestResize() ++{ ++ const uint64_t cap = storeDigestCalcCap(); ++ assert(store_digest); ++ uint64_t diff; ++ if (cap > store_digest->capacity) ++ diff = cap - store_digest->capacity; ++ else ++ diff = store_digest->capacity - cap; ++ debugs(71, 2, store_digest->capacity << " -> " << cap << "; change: " << ++ diff << " (" << xpercentInt(diff, store_digest->capacity) << "%)" ); ++ /* avoid minor adjustments */ ++ ++ if (diff <= store_digest->capacity / 10) { ++ debugs(71, 2, "small change, will not resize."); ++ return false; ++ } else { ++ debugs(71, 2, "big change, resizing."); ++ cacheDigestChangeCap(store_digest, cap); ++ } ++ return true; ++} ++ + /* called be Rewrite to push Rebuild forward */ + static void + storeDigestRebuildResume(void) +@@ -439,7 +491,7 @@ + assert(e); + /* _add_ check that nothing bad happened while we were waiting @?@ @?@ */ + +- if (sd_state.rewrite_offset + chunk_size > store_digest->mask_size) ++ if (static_cast(sd_state.rewrite_offset + chunk_size) > store_digest->mask_size) + chunk_size = store_digest->mask_size - sd_state.rewrite_offset; + + e->append(store_digest->mask + sd_state.rewrite_offset, chunk_size); +@@ -451,7 +503,7 @@ + sd_state.rewrite_offset += chunk_size; + + /* are we done ? */ +- if (sd_state.rewrite_offset >= store_digest->mask_size) ++ if (static_cast(sd_state.rewrite_offset) >= store_digest->mask_size) + storeDigestRewriteFinish(e); + else + eventAdd("storeDigestSwapOutStep", storeDigestSwapOutStep, data, 0.0, 1, false); +@@ -467,60 +519,10 @@ + sd_state.cblock.count = htonl(store_digest->count); + sd_state.cblock.del_count = htonl(store_digest->del_count); + sd_state.cblock.mask_size = htonl(store_digest->mask_size); +- sd_state.cblock.bits_per_entry = (unsigned char) +- Config.digest.bits_per_entry; ++ sd_state.cblock.bits_per_entry = Config.digest.bits_per_entry; + sd_state.cblock.hash_func_count = (unsigned char) CacheDigestHashFuncCount; + e->append((char *) &sd_state.cblock, sizeof(sd_state.cblock)); + } + +-/* calculates digest capacity */ +-static int +-storeDigestCalcCap(void) +-{ +- /* +- * To-Do: Bloom proved that the optimal filter utilization is 50% (half of +- * the bits are off). However, we do not have a formula to calculate the +- * number of _entries_ we want to pre-allocate for. +- */ +- const int hi_cap = Store::Root().maxSize() / Config.Store.avgObjectSize; +- const int lo_cap = 1 + Store::Root().currentSize() / Config.Store.avgObjectSize; +- const int e_count = StoreEntry::inUseCount(); +- int cap = e_count ? e_count :hi_cap; +- debugs(71, 2, "storeDigestCalcCap: have: " << e_count << ", want " << cap << +- " entries; limits: [" << lo_cap << ", " << hi_cap << "]"); +- +- if (cap < lo_cap) +- cap = lo_cap; +- +- /* do not enforce hi_cap limit, average-based estimation may be wrong +- *if (cap > hi_cap) +- * cap = hi_cap; +- */ +- return cap; +-} +- +-/* returns true if we actually resized the digest */ +-static int +-storeDigestResize(void) +-{ +- const int cap = storeDigestCalcCap(); +- int diff; +- assert(store_digest); +- diff = abs(cap - store_digest->capacity); +- debugs(71, 2, "storeDigestResize: " << +- store_digest->capacity << " -> " << cap << "; change: " << +- diff << " (" << xpercentInt(diff, store_digest->capacity) << "%)" ); +- /* avoid minor adjustments */ +- +- if (diff <= store_digest->capacity / 10) { +- debugs(71, 2, "storeDigestResize: small change, will not resize."); +- return 0; +- } else { +- debugs(71, 2, "storeDigestResize: big change, resizing."); +- cacheDigestChangeCap(store_digest, cap); +- return 1; +- } +-} +- + #endif /* USE_CACHE_DIGESTS */ + + +=== modified file 'src/tests/stub_CacheDigest.cc' +--- src/tests/stub_CacheDigest.cc 2016-01-01 00:14:27 +0000 ++++ src/tests/stub_CacheDigest.cc 2016-07-23 07:16:20 +0000 +@@ -16,11 +16,11 @@ + class CacheDigestGuessStats; + class StoreEntry; + +-CacheDigest * cacheDigestCreate(int, int) STUB_RETVAL(NULL) ++CacheDigest * cacheDigestCreate(uint64_t, uint8_t) STUB_RETVAL(NULL) + void cacheDigestDestroy(CacheDigest *) STUB + CacheDigest * cacheDigestClone(const CacheDigest *) STUB_RETVAL(NULL) + void cacheDigestClear(CacheDigest * ) STUB +-void cacheDigestChangeCap(CacheDigest *,int) STUB ++void cacheDigestChangeCap(CacheDigest *,uint64_t) STUB + int cacheDigestTest(const CacheDigest *, const cache_key *) STUB_RETVAL(1) + void cacheDigestAdd(CacheDigest *, const cache_key *) STUB + void cacheDigestDel(CacheDigest *, const cache_key *) STUB +@@ -28,5 +28,4 @@ + void cacheDigestGuessStatsUpdate(CacheDigestGuessStats *, int, int) STUB + void cacheDigestGuessStatsReport(const CacheDigestGuessStats *, StoreEntry *, const char *) STUB + void cacheDigestReport(CacheDigest *, const char *, StoreEntry *) STUB +-size_t cacheDigestCalcMaskSize(int, int) STUB_RETVAL(1) +- ++uint32_t cacheDigestCalcMaskSize(uint64_t, uint8_t) STUB_RETVAL(1) + diff --git a/src/patches/squid/squid-3.5-14068.patch b/src/patches/squid/squid-3.5-14068.patch new file mode 100644 index 0000000000..4766e008f8 --- /dev/null +++ b/src/patches/squid/squid-3.5-14068.patch @@ -0,0 +1,35 @@ +------------------------------------------------------------ +revno: 14068 +revision-id: squid3@treenet.co.nz-20160723071930-cemledcltg8pkc28 +parent: squid3@treenet.co.nz-20160723071620-1wzqpbyi1rk5w6vg +fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4542 +author: Anonymous +committer: Amos Jeffries +branch nick: 3.5 +timestamp: Sat 2016-07-23 19:19:30 +1200 +message: + Bug #4542: authentication credentials IP TTL updated incorrectly +------------------------------------------------------------ +# Bazaar merge directive format 2 (Bazaar 0.90) +# revision_id: squid3@treenet.co.nz-20160723071930-cemledcltg8pkc28 +# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 +# testament_sha1: ee0c6aab5414532d9554ef338cce049263902fd8 +# timestamp: 2016-07-23 07:24:05 +0000 +# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 +# base_revision_id: squid3@treenet.co.nz-20160723071620-\ +# 1wzqpbyi1rk5w6vg +# +# Begin patch +=== modified file 'src/auth/User.cc' +--- src/auth/User.cc 2016-01-01 00:14:27 +0000 ++++ src/auth/User.cc 2016-07-23 07:19:30 +0000 +@@ -284,7 +284,7 @@ + /* This ip has already been seen. */ + found = 1; + /* update IP ttl */ +- ipdata->ip_expiretime = squid_curtime; ++ ipdata->ip_expiretime = squid_curtime + ::Config.authenticateIpTTL; + } else if (ipdata->ip_expiretime <= squid_curtime) { + /* This IP has expired - remove from the seen list */ + dlinkDelete(&ipdata->node, &ip_list); + diff --git a/src/patches/squid/squid-3.5-14069.patch b/src/patches/squid/squid-3.5-14069.patch new file mode 100644 index 0000000000..15ca37afff --- /dev/null +++ b/src/patches/squid/squid-3.5-14069.patch @@ -0,0 +1,30 @@ +------------------------------------------------------------ +revno: 14069 +revision-id: squidadm@squid-cache.org-20160723121351-iuc8hwstrqd0l1dv +parent: squid3@treenet.co.nz-20160723071930-cemledcltg8pkc28 +committer: Source Maintenance +branch nick: 3.5 +timestamp: Sat 2016-07-23 12:13:51 +0000 +message: + SourceFormat Enforcement +------------------------------------------------------------ +# Bazaar merge directive format 2 (Bazaar 0.90) +# revision_id: squidadm@squid-cache.org-20160723121351-\ +# iuc8hwstrqd0l1dv +# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 +# testament_sha1: c9e37a723686ae2ee489ba7ec2e981ae153bda28 +# timestamp: 2016-07-23 12:50:56 +0000 +# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 +# base_revision_id: squid3@treenet.co.nz-20160723071930-\ +# cemledcltg8pkc28 +# +# Begin patch +=== modified file 'src/tests/stub_CacheDigest.cc' +--- src/tests/stub_CacheDigest.cc 2016-07-23 07:16:20 +0000 ++++ src/tests/stub_CacheDigest.cc 2016-07-23 12:13:51 +0000 +@@ -29,3 +29,4 @@ + void cacheDigestGuessStatsReport(const CacheDigestGuessStats *, StoreEntry *, const char *) STUB + void cacheDigestReport(CacheDigest *, const char *, StoreEntry *) STUB + uint32_t cacheDigestCalcMaskSize(uint64_t, uint8_t) STUB_RETVAL(1) ++ + diff --git a/src/patches/squid/squid-3.5-14070.patch b/src/patches/squid/squid-3.5-14070.patch new file mode 100644 index 0000000000..5fcc39f2ed --- /dev/null +++ b/src/patches/squid/squid-3.5-14070.patch @@ -0,0 +1,44 @@ +------------------------------------------------------------ +revno: 14070 +revision-id: squid3@treenet.co.nz-20160805145933-0cpyy47o8955lamx +parent: squidadm@squid-cache.org-20160723121351-iuc8hwstrqd0l1dv +author: Christos Tsantilas +committer: Amos Jeffries +branch nick: 3.5 +timestamp: Sat 2016-08-06 02:59:33 +1200 +message: + Squid segfault via Ftp::Client::readControlReply(). + + Ftp::Client::scheduleReadControlReply(), which may called from the + asynchronous start() or readControlReply()/handleControlReply() + handlers, does not check whether the control connection is still usable + before using it. + + This is a Measurement Factory project. +------------------------------------------------------------ +# Bazaar merge directive format 2 (Bazaar 0.90) +# revision_id: squid3@treenet.co.nz-20160805145933-0cpyy47o8955lamx +# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 +# testament_sha1: 1c21ce821f9cbc22b3e8ff2b1029f7084b5f0643 +# timestamp: 2016-08-05 15:00:22 +0000 +# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 +# base_revision_id: squidadm@squid-cache.org-20160723121351-\ +# iuc8hwstrqd0l1dv +# +# Begin patch +=== modified file 'src/clients/FtpClient.cc' +--- src/clients/FtpClient.cc 2016-02-19 23:15:41 +0000 ++++ src/clients/FtpClient.cc 2016-08-05 14:59:33 +0000 +@@ -314,6 +314,11 @@ + /* We've already read some reply data */ + handleControlReply(); + } else { ++ ++ if (!Comm::IsConnOpen(ctrl.conn)) { ++ debugs(9, 3, "cannot read without ctrl " << ctrl.conn); ++ return; ++ } + /* + * Cancel the timeout on the Data socket (if any) and + * establish one on the control socket. + diff --git a/src/patches/squid/squid-3.5-14071.patch b/src/patches/squid/squid-3.5-14071.patch new file mode 100644 index 0000000000..6b353eabcc --- /dev/null +++ b/src/patches/squid/squid-3.5-14071.patch @@ -0,0 +1,70 @@ +------------------------------------------------------------ +revno: 14071 +revision-id: squid3@treenet.co.nz-20160817025501-e66sjxm0bfy3ksn3 +parent: squid3@treenet.co.nz-20160805145933-0cpyy47o8955lamx +fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4428 +committer: Amos Jeffries +branch nick: 3.5 +timestamp: Wed 2016-08-17 14:55:01 +1200 +message: + Bug 4428: mal-formed Cache-Control:stale-if-error header +------------------------------------------------------------ +# Bazaar merge directive format 2 (Bazaar 0.90) +# revision_id: squid3@treenet.co.nz-20160817025501-e66sjxm0bfy3ksn3 +# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 +# testament_sha1: b3b3ef13c45062a97bd5cc88c934019fe4af7a3c +# timestamp: 2016-08-17 02:55:20 +0000 +# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 +# base_revision_id: squid3@treenet.co.nz-20160805145933-\ +# 0cpyy47o8955lamx +# +# Begin patch +=== modified file 'src/HttpHdrCc.cc' +--- src/HttpHdrCc.cc 2016-01-01 00:14:27 +0000 ++++ src/HttpHdrCc.cc 2016-08-17 02:55:01 +0000 +@@ -257,6 +257,27 @@ + + /* for all options having values, "=value" after the name */ + switch (flag) { ++ case CC_BADHDR: ++ break; ++ case CC_PUBLIC: ++ break; ++ case CC_PRIVATE: ++ if (Private().size()) ++ packerPrintf(p, "=\"" SQUIDSTRINGPH "\"", SQUIDSTRINGPRINT(Private())); ++ break; ++ ++ case CC_NO_CACHE: ++ if (noCache().size()) ++ packerPrintf(p, "=\"" SQUIDSTRINGPH "\"", SQUIDSTRINGPRINT(noCache())); ++ break; ++ case CC_NO_STORE: ++ break; ++ case CC_NO_TRANSFORM: ++ break; ++ case CC_MUST_REVALIDATE: ++ break; ++ case CC_PROXY_REVALIDATE: ++ break; + case CC_MAX_AGE: + packerPrintf(p, "=%d", (int) maxAge()); + break; +@@ -272,8 +293,14 @@ + case CC_MIN_FRESH: + packerPrintf(p, "=%d", (int) minFresh()); + break; +- default: +- /* do nothing, directive was already printed */ ++ case CC_ONLY_IF_CACHED: ++ break; ++ case CC_STALE_IF_ERROR: ++ packerPrintf(p, "=%d", staleIfError()); ++ break; ++ case CC_OTHER: ++ case CC_ENUM_END: ++ // done below after the loop + break; + } + + diff --git a/src/patches/squid/squid-3.5-14072.patch b/src/patches/squid/squid-3.5-14072.patch new file mode 100644 index 0000000000..228e773d55 --- /dev/null +++ b/src/patches/squid/squid-3.5-14072.patch @@ -0,0 +1,33 @@ +------------------------------------------------------------ +revno: 14072 +revision-id: squid3@treenet.co.nz-20160817025828-s4102klt2ei25tsm +parent: squid3@treenet.co.nz-20160817025501-e66sjxm0bfy3ksn3 +committer: Amos Jeffries +branch nick: 3.5 +timestamp: Wed 2016-08-17 14:58:28 +1200 +message: + Fix SSL-Bump failure results in SEGFAULT +------------------------------------------------------------ +# Bazaar merge directive format 2 (Bazaar 0.90) +# revision_id: squid3@treenet.co.nz-20160817025828-s4102klt2ei25tsm +# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 +# testament_sha1: 73877d276fba41282aeb5973207d02851d5eb784 +# timestamp: 2016-08-17 03:50:56 +0000 +# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 +# base_revision_id: squid3@treenet.co.nz-20160817025501-\ +# e66sjxm0bfy3ksn3 +# +# Begin patch +=== modified file 'src/client_side_request.cc' +--- src/client_side_request.cc 2016-05-06 08:24:29 +0000 ++++ src/client_side_request.cc 2016-08-17 02:58:28 +0000 +@@ -1811,7 +1811,7 @@ + repContext->setReplyToStoreEntry(e, "immediate SslBump error"); + errorAppendEntry(e, calloutContext->error); + calloutContext->error = NULL; +- if (calloutContext->readNextRequest) ++ if (calloutContext->readNextRequest && getConn()) + getConn()->flags.readMore = true; // resume any pipeline reads. + node = (clientStreamNode *)client_stream.tail->data; + clientStreamRead(node, this, node->readBuffer); + diff --git a/src/patches/squid/squid-3.5-14073.patch b/src/patches/squid/squid-3.5-14073.patch new file mode 100644 index 0000000000..b7915a4a18 --- /dev/null +++ b/src/patches/squid/squid-3.5-14073.patch @@ -0,0 +1,151 @@ +------------------------------------------------------------ +revno: 14073 +revision-id: squid3@treenet.co.nz-20160817051037-p0kaj2iw2u4u8iqj +parent: squid3@treenet.co.nz-20160817025828-s4102klt2ei25tsm +fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4563 +committer: Amos Jeffries +branch nick: 3.5 +timestamp: Wed 2016-08-17 17:10:37 +1200 +message: + Bug 4563: duplicate code in httpMakeVaryMark +------------------------------------------------------------ +# Bazaar merge directive format 2 (Bazaar 0.90) +# revision_id: squid3@treenet.co.nz-20160817051037-p0kaj2iw2u4u8iqj +# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 +# testament_sha1: bba9a17715b8759e9d70db2c75f70f3c6152ae8a +# timestamp: 2016-08-17 05:50:53 +0000 +# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 +# base_revision_id: squid3@treenet.co.nz-20160817025828-\ +# s4102klt2ei25tsm +# +# Begin patch +=== modified file 'src/http.cc' +--- src/http.cc 2016-04-01 06:15:31 +0000 ++++ src/http.cc 2016-08-17 05:10:37 +0000 +@@ -572,6 +572,38 @@ + /* NOTREACHED */ + } + ++/// assemble a variant key (vary-mark) from the given Vary header and HTTP request ++static void ++assembleVaryKey(String &vary, SBuf &vstr, const HttpRequest &request) ++{ ++ static const SBuf asterisk("*"); ++ const char *pos = nullptr; ++ const char *item = nullptr; ++ int ilen = 0; ++ ++ while (strListGetItem(&vary, ',', &item, &ilen, &pos)) { ++ SBuf name(item, ilen); ++ if (name == asterisk) { ++ vstr.clear(); ++ break; ++ } ++ name.toLower(); ++ if (!vstr.isEmpty()) ++ vstr.append(", ", 2); ++ vstr.append(name); ++ String hdr(request.header.getByName(name.c_str())); ++ const char *value = hdr.termedBuf(); ++ if (value) { ++ value = rfc1738_escape_part(value); ++ vstr.append("=\"", 2); ++ vstr.append(value); ++ vstr.append("\"", 1); ++ } ++ ++ hdr.clean(); ++ } ++} ++ + /* + * For Vary, store the relevant request headers as + * virtual headers in the reply +@@ -580,81 +612,16 @@ + SBuf + httpMakeVaryMark(HttpRequest * request, HttpReply const * reply) + { +- String vary, hdr; +- const char *pos = NULL; +- const char *item; +- const char *value; +- int ilen; + SBuf vstr; +- static const SBuf asterisk("*"); ++ String vary; + + vary = reply->header.getList(HDR_VARY); +- +- while (strListGetItem(&vary, ',', &item, &ilen, &pos)) { +- char *name = (char *)xmalloc(ilen + 1); +- xstrncpy(name, item, ilen + 1); +- Tolower(name); +- +- if (strcmp(name, "*") == 0) { +- /* Can not handle "Vary: *" withtout ETag support */ +- safe_free(name); +- vstr.clear(); +- break; +- } +- +- if (!vstr.isEmpty()) +- vstr.append(", ", 2); +- vstr.append(name); +- hdr = request->header.getByName(name); +- safe_free(name); +- value = hdr.termedBuf(); +- +- if (value) { +- value = rfc1738_escape_part(value); +- vstr.append("=\"", 2); +- vstr.append(value); +- vstr.append("\"", 1); +- } +- +- hdr.clean(); +- } +- ++ assembleVaryKey(vary, vstr, *request); ++ ++#if X_ACCELERATOR_VARY + vary.clean(); +-#if X_ACCELERATOR_VARY +- +- pos = NULL; + vary = reply->header.getList(HDR_X_ACCELERATOR_VARY); +- +- while (strListGetItem(&vary, ',', &item, &ilen, &pos)) { +- char *name = (char *)xmalloc(ilen + 1); +- xstrncpy(name, item, ilen + 1); +- Tolower(name); +- +- if (strcmp(name, "*") == 0) { +- /* Can not handle "Vary: *" withtout ETag support */ +- safe_free(name); +- vstr.clear(); +- break; +- } +- +- if (!vstr.isEmpty()) +- vstr.append(", ", 2); +- vstr.append(name); +- hdr = request->header.getByName(name); +- safe_free(name); +- value = hdr.termedBuf(); +- +- if (value) { +- value = rfc1738_escape_part(value); +- vstr.append("=\"", 2); +- vstr.append(value); +- vstr.append("\"", 1); +- } +- +- hdr.clean(); +- } +- +- vary.clean(); ++ assembleVaryKey(vary, vstr, *request); + #endif + + debugs(11, 3, vstr); + diff --git a/src/patches/squid/squid-3.5-14074.patch b/src/patches/squid/squid-3.5-14074.patch new file mode 100644 index 0000000000..dbafbf0167 --- /dev/null +++ b/src/patches/squid/squid-3.5-14074.patch @@ -0,0 +1,55 @@ +------------------------------------------------------------ +revno: 14074 +revision-id: squid3@treenet.co.nz-20160817054829-rl7q49ysi40sj01i +parent: squid3@treenet.co.nz-20160817051037-p0kaj2iw2u4u8iqj +fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=3025 +author: mkishi +committer: Amos Jeffries +branch nick: 3.5 +timestamp: Wed 2016-08-17 17:48:29 +1200 +message: + Bug 3025: Proxy-Authenticate problem using ICAP server +------------------------------------------------------------ +# Bazaar merge directive format 2 (Bazaar 0.90) +# revision_id: squid3@treenet.co.nz-20160817054829-rl7q49ysi40sj01i +# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 +# testament_sha1: f4eb1b35dc72bba74a398070900a0951257e547e +# timestamp: 2016-08-17 05:50:56 +0000 +# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 +# base_revision_id: squid3@treenet.co.nz-20160817051037-\ +# p0kaj2iw2u4u8iqj +# +# Begin patch +=== modified file 'src/client_side_reply.cc' +--- src/client_side_reply.cc 2016-04-01 06:15:31 +0000 ++++ src/client_side_reply.cc 2016-08-17 05:48:29 +0000 +@@ -1305,8 +1305,14 @@ + + // if there is not configured a peer proxy with login=PASS or login=PASSTHRU option enabled + // remove the Proxy-Authenticate header +- if ( !request->peer_login || (strcmp(request->peer_login,"PASS") != 0 && strcmp(request->peer_login,"PASSTHRU") != 0)) +- reply->header.delById(HDR_PROXY_AUTHENTICATE); ++ if ( !request->peer_login || (strcmp(request->peer_login,"PASS") != 0 && strcmp(request->peer_login,"PASSTHRU") != 0)) { ++#if USE_ADAPTATION ++ // but allow adaptation services to authenticate clients ++ // via request satisfaction ++ if (!http->requestSatisfactionMode()) ++#endif ++ reply->header.delById(HDR_PROXY_AUTHENTICATE); ++ } + + reply->header.removeHopByHopEntries(); + + +=== modified file 'src/client_side_request.h' +--- src/client_side_request.h 2016-01-01 00:14:27 +0000 ++++ src/client_side_request.h 2016-08-17 05:48:29 +0000 +@@ -140,6 +140,7 @@ + + public: + void startAdaptation(const Adaptation::ServiceGroupPointer &g); ++ bool requestSatisfactionMode() const { return request_satisfaction_mode; } + + // private but exposed for ClientRequestContext + void handleAdaptationFailure(int errDetail, bool bypassable = false); + diff --git a/src/patches/squid/squid-3.5-14075.patch b/src/patches/squid/squid-3.5-14075.patch new file mode 100644 index 0000000000..8c0b5a3e9a --- /dev/null +++ b/src/patches/squid/squid-3.5-14075.patch @@ -0,0 +1,38 @@ +------------------------------------------------------------ +revno: 14075 +revision-id: squid3@treenet.co.nz-20160817133413-vdmm0d6kvo8bfszk +parent: squid3@treenet.co.nz-20160817054829-rl7q49ysi40sj01i +committer: Amos Jeffries +branch nick: 3.5 +timestamp: Thu 2016-08-18 01:34:13 +1200 +message: + Fix logic error in rev.13930 + + Using !=0 on both string compares means any login= value will permit + 40x responses through. Only PASS and PASSTHRU should be doing that. + + Detected by Coverity Scan. Issue 1364711 +------------------------------------------------------------ +# Bazaar merge directive format 2 (Bazaar 0.90) +# revision_id: squid3@treenet.co.nz-20160817133413-vdmm0d6kvo8bfszk +# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 +# testament_sha1: 31f0c4e0f435e0aa994ffe8937e4d4c58fed37f5 +# timestamp: 2016-08-17 13:34:59 +0000 +# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5 +# base_revision_id: squid3@treenet.co.nz-20160817054829-\ +# rl7q49ysi40sj01i +# +# Begin patch +=== modified file 'src/tunnel.cc' +--- src/tunnel.cc 2016-01-01 00:14:27 +0000 ++++ src/tunnel.cc 2016-08-17 13:34:13 +0000 +@@ -476,7 +476,7 @@ + + // we need to relay the 401/407 responses when login=PASS(THRU) + const char *pwd = server.conn->getPeer()->login; +- const bool relay = pwd && (strcmp(pwd, "PASS") != 0 || strcmp(pwd, "PASSTHRU") != 0) && ++ const bool relay = pwd && (strcmp(pwd, "PASS") == 0 || strcmp(pwd, "PASSTHRU") == 0) && + (*status_ptr == Http::scProxyAuthenticationRequired || + *status_ptr == Http::scUnauthorized); + +