include Config
-VER = 1.5-beta
+VER = 1.6.0
THISAPP = squidGuard-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 85216992d14acb29d6f345608f21f268
+$(DL_FILE)_MD5 = ebf207accc6da4ad07de2db6e71ce8dc
install : $(TARGET)
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/squidguard/01_squidguard-1.5-beta_db_v4_up.patch
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/squidguard/02_squidguard-1.5-beta_helper-protocol.patch
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/squidguard/03_squidguard-1.5-beta_remove-debug-logging.patch
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/squidguard/04_squidguard-1.5-beta_stdout-always.patch
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/squidguard/05_squidguard-1.5-beta_fixes_htunescape-size_t-ldap_functions-unused_variables-noinput_and_nounput.patch
- cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/squidguard/06_squidguard_version.patch
cd $(DIR_APP) && ./configure \
--prefix=/usr \
--datadir=/usr/share \
+++ /dev/null
-diff -ruN squidGuard-1.4-vanilla/src/sgDb.c squidGuard-1.4/src/sgDb.c
---- squidGuard-1.4-vanilla/src/sgDb.c 2008-07-15 04:29:41.000000000 +1000
-+++ squidGuard-1.4/src/sgDb.c 2013-01-21 12:47:41.049325756 +1100
-@@ -114,7 +114,7 @@
- }
- }
- #endif
--#if DB_VERSION_MAJOR == 4
-+#if DB_VERSION_MAJOR >= 4
- if(globalUpdate || createdb || (dbfile != NULL && stat(dbfile,&st))){
- flag = DB_CREATE;
- if(createdb)
\ No newline at end of file
+++ /dev/null
-http://bugs.squid-cache.org/show_bug.cgi?id=3978
-
---- squidGuard-1.4.orig/src/main.c 2013-12-11 17:42:15.000000000 +1300
-+++ squidGuard-1.4.orig/src/main.c 2013-12-11 19:04:09.000000000 +1300
-@@ -175,7 +175,7 @@
- sgReloadConfig();
- }
- if(failsafe_mode) {
-- puts("");
-+ puts("ERR message=\"squidGuard failsafe mode\"");
- fflush(stdout);
- if(sig_hup){
- sgReloadConfig();
-@@ -184,7 +184,7 @@
- }
- if(parseLine(buf,&squidInfo) != 1){
- sgLogError("Error parsing squid line: %s",buf);
-- puts("");
-+ puts("BH message=\"squidGuard error parsing squid line\"");
- }
- else {
- src = Source;
-@@ -196,14 +196,14 @@
- acl = sgAclCheckSource(src);
- if((redirect = sgAclAccess(src,acl,&squidInfo)) == NULL){
- if(src == NULL || src->cont_search == 0){
-- puts("");
-+ puts("ERR");
- break;
- } else
- if(src->next != NULL){
- src = src->next;
- continue;
- } else {
-- puts("");
-+ puts("ERR");
- break;
- }
- } else {
-@@ -215,9 +215,10 @@
- squidInfo.ident[0] = '-';
- squidInfo.ident[1] = '\0';
- }
-- fprintf(stdout,"%s %s/%s %s %s\n",redirect,squidInfo.src,
-- squidInfo.srcDomain,squidInfo.ident,
-- squidInfo.method);
-+ if (isdigit(redirect[0]) && isdigit(redirect[1]) && isdigit(redirect[2]) && redirect[3]==':') {
-+ fprintf(stdout,"OK status=%c%c%c url=\"%s\"\n", redirect[0], redirect[1], redirect[2], &redirect[4]);
-+ } else
-+ fprintf(stdout,"OK rewrite-url=\"%s\"\n",redirect);
- /* sgLogError("%s %s/%s %s %s\n",redirect,squidInfo.src,squidInfo.srcDomain,squidInfo.ident,squidInfo.method); */
- break;
- }
---- squidGuard-1.4.orig/src/sgDiv.c 2013-12-11 17:42:15.000000000 +1300
-+++ squidGuard-1.4.orig/src/sgDiv.c 2013-12-11 18:58:33.000000000 +1300
-@@ -771,7 +771,7 @@
- }
- sgLogError("Going into emergency mode");
- while(fgets(buf, MAX_BUF, stdin) != NULL){
-- puts("");
-+ puts("ERR");
- fflush(stdout);
- }
- sgLogError("ending emergency mode, stdin empty");
---- squidGuard-1.4.orig/src/sgDiv.c.in 2013-12-11 17:42:15.000000000 +1300
-+++ squidGuard-1.4.orig/src/sgDiv.c.in 2013-12-11 18:58:40.000000000 +1300
-@@ -782,7 +782,7 @@
- }
- sgLogError("Going into emergency mode");
- while(fgets(buf, MAX_BUF, stdin) != NULL){
-- puts("");
-+ puts("ERR");
- fflush(stdout);
- }
- sgLogError("ending emergency mode, stdin empty");
+++ /dev/null
-Make BerkeleyDB version 4.7 and higher working.
-
-diff -Nur a/src/sgDb.c b/src/sgDb.c
---- a/src/sgDb.c 2010-09-09 12:35:22.000000000 +0200
-+++ b/src/sgDb.c 2013-11-23 10:05:55.000000000 +0100
-@@ -112,7 +112,7 @@
- }
- }
- #endif
--#if DB_VERSION_MAJOR == 4
-+#if DB_VERSION_MAJOR >= 4
- if(globalUpdate || createdb || (dbfile != NULL && stat(dbfile,&st))){
- flag = DB_CREATE;
- if(createdb)
+++ /dev/null
-
-From Jeffries Amos http://bugs.squid-cache.org/show_bug.cgi?id=3978#c5
-
---- squidGuard-1.5-beta.orig/src/main.c 2013-12-12 11:47:31.000000000 +1300
-+++ squidGuard-1.5-beta.orig/src/main.c 2013-12-12 11:50:38.000000000 +1300
-@@ -185,7 +185,7 @@
- sgReloadConfig();
- }
- if(failsafe_mode) {
-- puts("");
-+ puts("ERR message=\"squidGuard failsafe mode\"");
- fflush(stdout);
- if(sig_hup){
- sgReloadConfig();
-@@ -194,7 +194,7 @@
- }
- if(parseLine(buf,&squidInfo) != 1){
- sgLogError("ERROR: Error parsing squid line: %s",buf);
-- puts("");
-+ puts("BH message=\"squidGuard error parsing squid line\"");
- }
- else {
- src = Source;
-@@ -206,14 +206,14 @@
- acl = sgAclCheckSource(src);
- if((redirect = sgAclAccess(src,acl,&squidInfo)) == NULL){
- if(src == NULL || src->cont_search == 0){
-- puts("");
-+ puts("ERR");
- break;
- } else
- if(src->next != NULL){
- src = src->next;
- continue;
- } else {
-- puts("");
-+ puts("ERR");
- break;
- }
- } else {
-@@ -228,6 +228,10 @@
- fprintf(stdout,"%s %s/%s %s %s\n",redirect,squidInfo.src,
- squidInfo.srcDomain,squidInfo.ident,
- squidInfo.method);
-+ if (isdigit(redirect[0]) && isdigit(redirect[1]) && isdigit(redirect[2]) && redirect[3]==':') {
-+ fprintf(stdout,"OK status=%c%c%c url=\"%s\"\n", redirect[0], redirect[1], redirect[2], &redirect[4]);
-+ } else
-+ fprintf(stdout,"OK rewrite-url=\"%s\"\n",redirect);
- /* sgLogDebug("DEBUG: %s %s/%s %s %s\n",redirect,squidInfo.src,squidInfo.srcDomain,squidInfo.ident,squidInfo.method); */
- break;
- }
---- squidGuard-1.5-beta.orig/src/main.c.in 2013-12-12 11:47:31.000000000 +1300
-+++ squidGuard-1.5-beta.orig/src/main.c.in 2013-12-12 11:53:18.000000000 +1300
-@@ -185,7 +185,7 @@
- sgReloadConfig();
- }
- if(failsafe_mode) {
-- puts("");
-+ puts("ERR message=\"squidGuard failsafe mode\"");
- fflush(stdout);
- if(sig_hup){
- sgReloadConfig();
-@@ -194,7 +194,7 @@
- }
- if(parseLine(buf,&squidInfo) != 1){
- sgLogError("ERROR: Error parsing squid line: %s",buf);
-- puts("");
-+ puts("BH message=\"squidGuard error parsing squid line\"");
- }
- else {
- src = Source;
-@@ -206,14 +206,14 @@
- acl = sgAclCheckSource(src);
- if((redirect = sgAclAccess(src,acl,&squidInfo)) == NULL){
- if(src == NULL || src->cont_search == 0){
-- puts("");
-+ puts("ERR");
- break;
- } else
- if(src->next != NULL){
- src = src->next;
- continue;
- } else {
-- puts("");
-+ puts("ERR");
- break;
- }
- } else {
-@@ -225,9 +225,11 @@
- squidInfo.ident[0] = '-';
- squidInfo.ident[1] = '\0';
- }
-- fprintf(stdout,"%s %s/%s %s %s\n",redirect,squidInfo.src,
-- squidInfo.srcDomain,squidInfo.ident,
-- squidInfo.method);
-+ if (isdigit(redirect[0]) && isdigit(redirect[1]) && isdigit(redirect[2]) && redirect[3]==':') {
-+ fprintf(stdout,"OK status=%c%c%c url=\"%s\"\n", redirect[0], redirect[1], redirect[2], &redirect[4]);
-+ } else
-+ fprintf(stdout,"OK rewrite-url=\"%s\"\n",redirect);
-+
- /* sgLogDebug("DEBUG: %s %s/%s %s %s\n",redirect,squidInfo.src,squidInfo.srcDomain,squidInfo.ident,squidInfo.method); */
- break;
- }
---- squidGuard-1.5-beta.orig/src/sgDiv.c 2013-12-12 11:47:31.000000000 +1300
-+++ squidGuard-1.5-beta.orig/src/sgDiv.c 2013-12-12 11:48:36.000000000 +1300
-@@ -782,7 +782,7 @@
- }
- sgLogError("ERROR: Going into emergency mode");
- while(fgets(buf, MAX_BUF, stdin) != NULL){
-- puts("");
-+ puts("ERR");
- fflush(stdout);
- }
- sgLogError("ERROR: Ending emergency mode, stdin empty");
---- squidGuard-1.5-beta.orig/src/sgDiv.c.in 2013-12-12 11:47:31.000000000 +1300
-+++ squidGuard-1.5-beta.orig/src/sgDiv.c.in 2013-12-12 11:48:36.000000000 +1300
-@@ -782,7 +782,7 @@
- }
- sgLogError("ERROR: Going into emergency mode");
- while(fgets(buf, MAX_BUF, stdin) != NULL){
-- puts("");
-+ puts("ERR");
- fflush(stdout);
- }
- sgLogError("ERROR: Ending emergency mode, stdin empty");
+++ /dev/null
---- a/src/sg.y.in 2014-04-14 16:23:39.183396677 +0200
-+++ b/src/sg.y.in 2014-04-14 16:24:19.000000000 +0200
-@@ -795,9 +795,9 @@
- {
- struct Source *sp;
- sp = lastSource;
--
-+/* DEBUG
- @NOLOG1@ sgLogError("DEBUG: sgSourceLdapIpSearch called with: %s", url); @NOLOG2@
--
-+*/
- if(!ldap_is_ldap_url(url)) {
- sgLogError("%s: can't parse LDAP url %s",progname, url);
- return;
-@@ -1311,10 +1311,12 @@
- }
- sp->domainlistDb = (struct sgDb *) sgCalloc(1,sizeof(struct sgDb));
- sp->domainlistDb->type=SGDBTYPE_DOMAINLIST;
-+/* DEBUG
- sgLogError("init domainlist %s",sp->domainlist);
-+*/
- sgDbInit(sp->domainlistDb,sp->domainlist);
- if(sp->domainlistDb->entries == 0) { /* empty database */
-- sgLogError("domainlist empty, removed from memory");
-+ sgLogError("domainlist %s empty, removed from memory",sp->domainlist);
- sgFree(sp->domainlistDb);
- sp->domainlistDb = NULL;
- }
-@@ -1356,10 +1356,12 @@
- }
- sp->urllistDb = (struct sgDb *) sgCalloc(1,sizeof(struct sgDb));
- sp->urllistDb->type=SGDBTYPE_URLLIST;
-+/* DEBUG
- sgLogError("init urllist %s",sp->urllist);
-+*/
- sgDbInit(sp->urllistDb,sp->urllist);
- if(sp->urllistDb->entries == 0) { /* empty database */
-- sgLogError("urllist empty, removed from memory");
-+ sgLogError("urllist empty %s, removed from memory",sp->urllist);
- sgFree(sp->urllistDb);
- sp->urllistDb = NULL;
- }
-@@ -2773,9 +2773,9 @@
- char *interval;
- struct UserInfo *userinfo;
- static struct UserInfo info;
--
-+/* DEBUG
- @NOLOG1@ sgLogError("DEBUG: sgFindUser called with: %s", ident); @NOLOG2@
--
-+*/
- /* defined in the userDB? */
- if(defined(src->userDb, ident, (char **) &userinfo) == 1) {
- #ifdef HAVE_LIBLDAP
---- a/src/sgDb.c 2014-04-17 08:53:29.961367395 +0200
-+++ b/src/sgDb.c 2014-04-17 08:53:58.000000000 +0200
-@@ -48,7 +48,9 @@
- strcat(dbfile,".db");
- if(stat(dbfile,&st) == 0){
- if(!createdb){
-+/* DEBUG
- sgLogNotice("INFO: loading dbfile %s",dbfile);
-+*/
- }
- } else {
- if(!createdb){
+++ /dev/null
-Original input to stdout, to be useable with multiple redirectors
-when option -f is given on squidGuard start
-We have to remember the raw original URL as the URL is modified for testing
-purpose. So the exisiting HTML entities like %3F (?), %26 (&), %3D (=) etc. are changed
-which breaks the URL for further processing if it is send to stdout like we do it for the
-redirector chain (THIS patch).
-diff -Nur a/src/main.c.in b/src/main.c.in
---- a/src/main.c.in 2009-09-27 21:41:50.000000000 +0200
-+++ b/src/main.c.in 2013-06-01 21:18:55.000000000 +0200
-@@ -59,6 +59,7 @@
- char **globalEnvp ;
- int globalDebugTimeDelta = 0;
- int globalDebug = 0;
-+int globalFullStdout = 0;
- int globalPid = 0;
- int globalUpdate = 0;
- int passthrough = 0;
-@@ -89,6 +90,7 @@
- struct Acl *acl;
- struct timeval start_time,ready_time,stop_time;
- char buf[MAX_BUF];
-+ char origraw[MAX_BUF];
- char *redirect,tmp[MAX_BUF];
- char *configFile = NULL;
- time_t t;
-@@ -101,11 +102,14 @@
- #ifdef USE_SYSLOG
- openlog("squidGuard", LOG_PID | LOG_NDELAY | LOG_CONS, LOG_ at LOGFAC@);
- #endif
-- while ((ch = getopt(argc, argv, "hbduPC:t:c:v")) != EOF)
-+ while ((ch = getopt(argc, argv, "hbdfuPC:t:c:v")) != EOF)
- switch (ch) {
- case 'd':
- globalDebug = 1;
- break;
-+ case 'f':
-+ globalFullStdout = 1;
-+ break;
- case 'c':
- configFile = optarg;
- break;
-@@ -192,6 +193,8 @@
- }
- continue;
- }
-+ strcpy(origraw,buf);
-+ if (strlen(origraw) && (origraw[strlen(origraw)-1] == '\n')) origraw[strlen(origraw)-1] = 0;
- if(parseLine(buf,&squidInfo) != 1){
- sgLogError("ERROR: Error parsing squid line: %s",buf);
- puts("BH message=\"squidGuard error parsing squid line\"");
-@@ -206,7 +210,12 @@
- acl = sgAclCheckSource(src);
- if((redirect = sgAclAccess(src,acl,&squidInfo)) == NULL){
- if(src == NULL || src->cont_search == 0){
-+ if (globalFullStdout) {
-+ puts(origraw);
-+ }
-+ else {
- puts("ERR");
-+ }
- break;
- } else
- if(src->next != NULL){
-@@ -213,7 +214,12 @@
- src = src->next;
- continue;
- } else {
-+ if (globalFullStdout) {
-+ puts(origraw);
-+ }
-+ else {
- puts("ERR");
-+ }
- break;
- }
- } else {
+++ /dev/null
---- a/src/sg.l Sat Jan 30 13:51:12 2016
-+++ b/src/sg.l Sat Jan 30 14:01:28 2016
-@@ -23,6 +23,8 @@
-
- %}
-
-+%option noinput
-+%option nounput
- ignore [,\t\r ]+
- s [\t ]
- d [0-9]
---- a/src/sg.y.in Sat Jan 30 13:52:26 2016
-+++ b/src/sg.y.in Sat Jan 30 14:00:50 2016
-@@ -26,6 +26,7 @@
-
- #ifdef HAVE_LIBLDAP
- #include "lber.h"
-+#define LDAP_DEPRECATED 1
- #include "ldap.h"
- #endif
-
-@@ -1097,7 +1098,6 @@
- foundip = 1;
- unblockedip = 1;
- if(s->ipquota.seconds != 0){
-- struct IpInfo uq;
- time_t t = time(NULL) + globalDebugTimeDelta;
- sgLogError("status %d time %d lasttime %d consumed %d", ipquota->status, ipquota->time, ipquota->last, ipquota->consumed);
- sgLogError("renew %d seconds %d", s->ipquota.renew, s->ipquota.seconds);
-@@ -1157,7 +1157,6 @@
- founduser = 1;
- unblockeduser = 1;
- if(s->userquota.seconds != 0){
-- struct UserInfo uq;
- time_t t = time(NULL) + globalDebugTimeDelta;
- //sgLogError("status %d time %d lasttime %d consumed %d", userquota->status, userquota->time, userquota->last, userquota->consumed);
- //sgLogError("renew %d seconds %d", s->userquota.renew, s->userquota.seconds);
---- a/src/sgDiv.c.in Sat Jan 30 13:52:10 2016
-+++ b/src/sgDiv.c.in Sat Jan 30 13:59:16 2016
-@@ -18,6 +18,7 @@
-
- #include "sg.h"
- #include "sgEx.h"
-+#include "HTEscape.h"
-
- /* #define METEST 8; */
-
-@@ -692,7 +693,7 @@
- struct UserInfo *userquota;
- if(defined(s->userDb, req->ident, (char **) &userquota) == 1){
- char qbuf[150];
-- sprintf(qbuf, "%d-%d-%d-%d-%d-%d", s->userquota.renew, s->userquota.seconds, userquota->status, userquota->time, userquota->last, userquota->consumed);
-+ sprintf(qbuf, "%d-%d-%d-%d-%d-%d", s->userquota.renew, (int)s->userquota.seconds, userquota->status, (int)userquota->time, (int)userquota->last, userquota->consumed);
- strcat(buf, qbuf);
- } else {
- strcat(buf, "noquota");
+++ /dev/null
---- a/src/version.h Thu Apr 17 17:00:48 2008
-+++ b/src/version.h Fri May 08 20:44:48 2009
-@@ -16,4 +16,4 @@
- (GPL) along with this program.
- */
-
--#define VERSION "1.5-alpha"
-+#define VERSION "1.5-beta"