From: Michael Tremer Date: Tue, 16 Jun 2020 10:35:26 +0000 (+0000) Subject: squidGuard: Update to 1.6.0 X-Git-Url: http://git.ipfire.org/?p=people%2Fpmueller%2Fipfire-2.x.git;a=commitdiff_plain;h=82db9e594563749d244a1cd658ca9ea5d18999b3 squidGuard: Update to 1.6.0 Signed-off-by: Michael Tremer --- diff --git a/lfs/squidguard b/lfs/squidguard index 5d5f04163e..06f2db001c 100644 --- a/lfs/squidguard +++ b/lfs/squidguard @@ -24,7 +24,7 @@ include Config -VER = 1.5-beta +VER = 1.6.0 THISAPP = squidGuard-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 85216992d14acb29d6f345608f21f268 +$(DL_FILE)_MD5 = ebf207accc6da4ad07de2db6e71ce8dc install : $(TARGET) @@ -70,12 +70,6 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/squidguard/01_squidguard-1.5-beta_db_v4_up.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/squidguard/02_squidguard-1.5-beta_helper-protocol.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/squidguard/03_squidguard-1.5-beta_remove-debug-logging.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/squidguard/04_squidguard-1.5-beta_stdout-always.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/squidguard/05_squidguard-1.5-beta_fixes_htunescape-size_t-ldap_functions-unused_variables-noinput_and_nounput.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/squidguard/06_squidguard_version.patch cd $(DIR_APP) && ./configure \ --prefix=/usr \ --datadir=/usr/share \ diff --git a/src/patches/squidGuard-1.4-db5.patch b/src/patches/squidGuard-1.4-db5.patch deleted file mode 100644 index 733fbad2e6..0000000000 --- a/src/patches/squidGuard-1.4-db5.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -ruN squidGuard-1.4-vanilla/src/sgDb.c squidGuard-1.4/src/sgDb.c ---- squidGuard-1.4-vanilla/src/sgDb.c 2008-07-15 04:29:41.000000000 +1000 -+++ squidGuard-1.4/src/sgDb.c 2013-01-21 12:47:41.049325756 +1100 -@@ -114,7 +114,7 @@ - } - } - #endif --#if DB_VERSION_MAJOR == 4 -+#if DB_VERSION_MAJOR >= 4 - if(globalUpdate || createdb || (dbfile != NULL && stat(dbfile,&st))){ - flag = DB_CREATE; - if(createdb) \ No newline at end of file diff --git a/src/patches/squidguard-1.4-squid-helper-protocol.patch b/src/patches/squidguard-1.4-squid-helper-protocol.patch deleted file mode 100644 index 98069465a3..0000000000 --- a/src/patches/squidguard-1.4-squid-helper-protocol.patch +++ /dev/null @@ -1,75 +0,0 @@ -http://bugs.squid-cache.org/show_bug.cgi?id=3978 - ---- squidGuard-1.4.orig/src/main.c 2013-12-11 17:42:15.000000000 +1300 -+++ squidGuard-1.4.orig/src/main.c 2013-12-11 19:04:09.000000000 +1300 -@@ -175,7 +175,7 @@ - sgReloadConfig(); - } - if(failsafe_mode) { -- puts(""); -+ puts("ERR message=\"squidGuard failsafe mode\""); - fflush(stdout); - if(sig_hup){ - sgReloadConfig(); -@@ -184,7 +184,7 @@ - } - if(parseLine(buf,&squidInfo) != 1){ - sgLogError("Error parsing squid line: %s",buf); -- puts(""); -+ puts("BH message=\"squidGuard error parsing squid line\""); - } - else { - src = Source; -@@ -196,14 +196,14 @@ - acl = sgAclCheckSource(src); - if((redirect = sgAclAccess(src,acl,&squidInfo)) == NULL){ - if(src == NULL || src->cont_search == 0){ -- puts(""); -+ puts("ERR"); - break; - } else - if(src->next != NULL){ - src = src->next; - continue; - } else { -- puts(""); -+ puts("ERR"); - break; - } - } else { -@@ -215,9 +215,10 @@ - squidInfo.ident[0] = '-'; - squidInfo.ident[1] = '\0'; - } -- fprintf(stdout,"%s %s/%s %s %s\n",redirect,squidInfo.src, -- squidInfo.srcDomain,squidInfo.ident, -- squidInfo.method); -+ if (isdigit(redirect[0]) && isdigit(redirect[1]) && isdigit(redirect[2]) && redirect[3]==':') { -+ fprintf(stdout,"OK status=%c%c%c url=\"%s\"\n", redirect[0], redirect[1], redirect[2], &redirect[4]); -+ } else -+ fprintf(stdout,"OK rewrite-url=\"%s\"\n",redirect); - /* sgLogError("%s %s/%s %s %s\n",redirect,squidInfo.src,squidInfo.srcDomain,squidInfo.ident,squidInfo.method); */ - break; - } ---- squidGuard-1.4.orig/src/sgDiv.c 2013-12-11 17:42:15.000000000 +1300 -+++ squidGuard-1.4.orig/src/sgDiv.c 2013-12-11 18:58:33.000000000 +1300 -@@ -771,7 +771,7 @@ - } - sgLogError("Going into emergency mode"); - while(fgets(buf, MAX_BUF, stdin) != NULL){ -- puts(""); -+ puts("ERR"); - fflush(stdout); - } - sgLogError("ending emergency mode, stdin empty"); ---- squidGuard-1.4.orig/src/sgDiv.c.in 2013-12-11 17:42:15.000000000 +1300 -+++ squidGuard-1.4.orig/src/sgDiv.c.in 2013-12-11 18:58:40.000000000 +1300 -@@ -782,7 +782,7 @@ - } - sgLogError("Going into emergency mode"); - while(fgets(buf, MAX_BUF, stdin) != NULL){ -- puts(""); -+ puts("ERR"); - fflush(stdout); - } - sgLogError("ending emergency mode, stdin empty"); diff --git a/src/patches/squidguard/01_squidguard-1.5-beta_db_v4_up.patch b/src/patches/squidguard/01_squidguard-1.5-beta_db_v4_up.patch deleted file mode 100644 index bc50efd682..0000000000 --- a/src/patches/squidguard/01_squidguard-1.5-beta_db_v4_up.patch +++ /dev/null @@ -1,14 +0,0 @@ -Make BerkeleyDB version 4.7 and higher working. - -diff -Nur a/src/sgDb.c b/src/sgDb.c ---- a/src/sgDb.c 2010-09-09 12:35:22.000000000 +0200 -+++ b/src/sgDb.c 2013-11-23 10:05:55.000000000 +0100 -@@ -112,7 +112,7 @@ - } - } - #endif --#if DB_VERSION_MAJOR == 4 -+#if DB_VERSION_MAJOR >= 4 - if(globalUpdate || createdb || (dbfile != NULL && stat(dbfile,&st))){ - flag = DB_CREATE; - if(createdb) diff --git a/src/patches/squidguard/02_squidguard-1.5-beta_helper-protocol.patch b/src/patches/squidguard/02_squidguard-1.5-beta_helper-protocol.patch deleted file mode 100644 index a2f9177f5a..0000000000 --- a/src/patches/squidguard/02_squidguard-1.5-beta_helper-protocol.patch +++ /dev/null @@ -1,125 +0,0 @@ - -From Jeffries Amos http://bugs.squid-cache.org/show_bug.cgi?id=3978#c5 - ---- squidGuard-1.5-beta.orig/src/main.c 2013-12-12 11:47:31.000000000 +1300 -+++ squidGuard-1.5-beta.orig/src/main.c 2013-12-12 11:50:38.000000000 +1300 -@@ -185,7 +185,7 @@ - sgReloadConfig(); - } - if(failsafe_mode) { -- puts(""); -+ puts("ERR message=\"squidGuard failsafe mode\""); - fflush(stdout); - if(sig_hup){ - sgReloadConfig(); -@@ -194,7 +194,7 @@ - } - if(parseLine(buf,&squidInfo) != 1){ - sgLogError("ERROR: Error parsing squid line: %s",buf); -- puts(""); -+ puts("BH message=\"squidGuard error parsing squid line\""); - } - else { - src = Source; -@@ -206,14 +206,14 @@ - acl = sgAclCheckSource(src); - if((redirect = sgAclAccess(src,acl,&squidInfo)) == NULL){ - if(src == NULL || src->cont_search == 0){ -- puts(""); -+ puts("ERR"); - break; - } else - if(src->next != NULL){ - src = src->next; - continue; - } else { -- puts(""); -+ puts("ERR"); - break; - } - } else { -@@ -228,6 +228,10 @@ - fprintf(stdout,"%s %s/%s %s %s\n",redirect,squidInfo.src, - squidInfo.srcDomain,squidInfo.ident, - squidInfo.method); -+ if (isdigit(redirect[0]) && isdigit(redirect[1]) && isdigit(redirect[2]) && redirect[3]==':') { -+ fprintf(stdout,"OK status=%c%c%c url=\"%s\"\n", redirect[0], redirect[1], redirect[2], &redirect[4]); -+ } else -+ fprintf(stdout,"OK rewrite-url=\"%s\"\n",redirect); - /* sgLogDebug("DEBUG: %s %s/%s %s %s\n",redirect,squidInfo.src,squidInfo.srcDomain,squidInfo.ident,squidInfo.method); */ - break; - } ---- squidGuard-1.5-beta.orig/src/main.c.in 2013-12-12 11:47:31.000000000 +1300 -+++ squidGuard-1.5-beta.orig/src/main.c.in 2013-12-12 11:53:18.000000000 +1300 -@@ -185,7 +185,7 @@ - sgReloadConfig(); - } - if(failsafe_mode) { -- puts(""); -+ puts("ERR message=\"squidGuard failsafe mode\""); - fflush(stdout); - if(sig_hup){ - sgReloadConfig(); -@@ -194,7 +194,7 @@ - } - if(parseLine(buf,&squidInfo) != 1){ - sgLogError("ERROR: Error parsing squid line: %s",buf); -- puts(""); -+ puts("BH message=\"squidGuard error parsing squid line\""); - } - else { - src = Source; -@@ -206,14 +206,14 @@ - acl = sgAclCheckSource(src); - if((redirect = sgAclAccess(src,acl,&squidInfo)) == NULL){ - if(src == NULL || src->cont_search == 0){ -- puts(""); -+ puts("ERR"); - break; - } else - if(src->next != NULL){ - src = src->next; - continue; - } else { -- puts(""); -+ puts("ERR"); - break; - } - } else { -@@ -225,9 +225,11 @@ - squidInfo.ident[0] = '-'; - squidInfo.ident[1] = '\0'; - } -- fprintf(stdout,"%s %s/%s %s %s\n",redirect,squidInfo.src, -- squidInfo.srcDomain,squidInfo.ident, -- squidInfo.method); -+ if (isdigit(redirect[0]) && isdigit(redirect[1]) && isdigit(redirect[2]) && redirect[3]==':') { -+ fprintf(stdout,"OK status=%c%c%c url=\"%s\"\n", redirect[0], redirect[1], redirect[2], &redirect[4]); -+ } else -+ fprintf(stdout,"OK rewrite-url=\"%s\"\n",redirect); -+ - /* sgLogDebug("DEBUG: %s %s/%s %s %s\n",redirect,squidInfo.src,squidInfo.srcDomain,squidInfo.ident,squidInfo.method); */ - break; - } ---- squidGuard-1.5-beta.orig/src/sgDiv.c 2013-12-12 11:47:31.000000000 +1300 -+++ squidGuard-1.5-beta.orig/src/sgDiv.c 2013-12-12 11:48:36.000000000 +1300 -@@ -782,7 +782,7 @@ - } - sgLogError("ERROR: Going into emergency mode"); - while(fgets(buf, MAX_BUF, stdin) != NULL){ -- puts(""); -+ puts("ERR"); - fflush(stdout); - } - sgLogError("ERROR: Ending emergency mode, stdin empty"); ---- squidGuard-1.5-beta.orig/src/sgDiv.c.in 2013-12-12 11:47:31.000000000 +1300 -+++ squidGuard-1.5-beta.orig/src/sgDiv.c.in 2013-12-12 11:48:36.000000000 +1300 -@@ -782,7 +782,7 @@ - } - sgLogError("ERROR: Going into emergency mode"); - while(fgets(buf, MAX_BUF, stdin) != NULL){ -- puts(""); -+ puts("ERR"); - fflush(stdout); - } - sgLogError("ERROR: Ending emergency mode, stdin empty"); diff --git a/src/patches/squidguard/03_squidguard-1.5-beta_remove-debug-logging.patch b/src/patches/squidguard/03_squidguard-1.5-beta_remove-debug-logging.patch deleted file mode 100644 index ba2840baca..0000000000 --- a/src/patches/squidguard/03_squidguard-1.5-beta_remove-debug-logging.patch +++ /dev/null @@ -1,66 +0,0 @@ ---- a/src/sg.y.in 2014-04-14 16:23:39.183396677 +0200 -+++ b/src/sg.y.in 2014-04-14 16:24:19.000000000 +0200 -@@ -795,9 +795,9 @@ - { - struct Source *sp; - sp = lastSource; -- -+/* DEBUG - @NOLOG1@ sgLogError("DEBUG: sgSourceLdapIpSearch called with: %s", url); @NOLOG2@ -- -+*/ - if(!ldap_is_ldap_url(url)) { - sgLogError("%s: can't parse LDAP url %s",progname, url); - return; -@@ -1311,10 +1311,12 @@ - } - sp->domainlistDb = (struct sgDb *) sgCalloc(1,sizeof(struct sgDb)); - sp->domainlistDb->type=SGDBTYPE_DOMAINLIST; -+/* DEBUG - sgLogError("init domainlist %s",sp->domainlist); -+*/ - sgDbInit(sp->domainlistDb,sp->domainlist); - if(sp->domainlistDb->entries == 0) { /* empty database */ -- sgLogError("domainlist empty, removed from memory"); -+ sgLogError("domainlist %s empty, removed from memory",sp->domainlist); - sgFree(sp->domainlistDb); - sp->domainlistDb = NULL; - } -@@ -1356,10 +1356,12 @@ - } - sp->urllistDb = (struct sgDb *) sgCalloc(1,sizeof(struct sgDb)); - sp->urllistDb->type=SGDBTYPE_URLLIST; -+/* DEBUG - sgLogError("init urllist %s",sp->urllist); -+*/ - sgDbInit(sp->urllistDb,sp->urllist); - if(sp->urllistDb->entries == 0) { /* empty database */ -- sgLogError("urllist empty, removed from memory"); -+ sgLogError("urllist empty %s, removed from memory",sp->urllist); - sgFree(sp->urllistDb); - sp->urllistDb = NULL; - } -@@ -2773,9 +2773,9 @@ - char *interval; - struct UserInfo *userinfo; - static struct UserInfo info; -- -+/* DEBUG - @NOLOG1@ sgLogError("DEBUG: sgFindUser called with: %s", ident); @NOLOG2@ -- -+*/ - /* defined in the userDB? */ - if(defined(src->userDb, ident, (char **) &userinfo) == 1) { - #ifdef HAVE_LIBLDAP ---- a/src/sgDb.c 2014-04-17 08:53:29.961367395 +0200 -+++ b/src/sgDb.c 2014-04-17 08:53:58.000000000 +0200 -@@ -48,7 +48,9 @@ - strcat(dbfile,".db"); - if(stat(dbfile,&st) == 0){ - if(!createdb){ -+/* DEBUG - sgLogNotice("INFO: loading dbfile %s",dbfile); -+*/ - } - } else { - if(!createdb){ diff --git a/src/patches/squidguard/04_squidguard-1.5-beta_stdout-always.patch b/src/patches/squidguard/04_squidguard-1.5-beta_stdout-always.patch deleted file mode 100644 index dbc13e20ef..0000000000 --- a/src/patches/squidguard/04_squidguard-1.5-beta_stdout-always.patch +++ /dev/null @@ -1,76 +0,0 @@ -Original input to stdout, to be useable with multiple redirectors -when option -f is given on squidGuard start -We have to remember the raw original URL as the URL is modified for testing -purpose. So the exisiting HTML entities like %3F (?), %26 (&), %3D (=) etc. are changed -which breaks the URL for further processing if it is send to stdout like we do it for the -redirector chain (THIS patch). -diff -Nur a/src/main.c.in b/src/main.c.in ---- a/src/main.c.in 2009-09-27 21:41:50.000000000 +0200 -+++ b/src/main.c.in 2013-06-01 21:18:55.000000000 +0200 -@@ -59,6 +59,7 @@ - char **globalEnvp ; - int globalDebugTimeDelta = 0; - int globalDebug = 0; -+int globalFullStdout = 0; - int globalPid = 0; - int globalUpdate = 0; - int passthrough = 0; -@@ -89,6 +90,7 @@ - struct Acl *acl; - struct timeval start_time,ready_time,stop_time; - char buf[MAX_BUF]; -+ char origraw[MAX_BUF]; - char *redirect,tmp[MAX_BUF]; - char *configFile = NULL; - time_t t; -@@ -101,11 +102,14 @@ - #ifdef USE_SYSLOG - openlog("squidGuard", LOG_PID | LOG_NDELAY | LOG_CONS, LOG_ at LOGFAC@); - #endif -- while ((ch = getopt(argc, argv, "hbduPC:t:c:v")) != EOF) -+ while ((ch = getopt(argc, argv, "hbdfuPC:t:c:v")) != EOF) - switch (ch) { - case 'd': - globalDebug = 1; - break; -+ case 'f': -+ globalFullStdout = 1; -+ break; - case 'c': - configFile = optarg; - break; -@@ -192,6 +193,8 @@ - } - continue; - } -+ strcpy(origraw,buf); -+ if (strlen(origraw) && (origraw[strlen(origraw)-1] == '\n')) origraw[strlen(origraw)-1] = 0; - if(parseLine(buf,&squidInfo) != 1){ - sgLogError("ERROR: Error parsing squid line: %s",buf); - puts("BH message=\"squidGuard error parsing squid line\""); -@@ -206,7 +210,12 @@ - acl = sgAclCheckSource(src); - if((redirect = sgAclAccess(src,acl,&squidInfo)) == NULL){ - if(src == NULL || src->cont_search == 0){ -+ if (globalFullStdout) { -+ puts(origraw); -+ } -+ else { - puts("ERR"); -+ } - break; - } else - if(src->next != NULL){ -@@ -213,7 +214,12 @@ - src = src->next; - continue; - } else { -+ if (globalFullStdout) { -+ puts(origraw); -+ } -+ else { - puts("ERR"); -+ } - break; - } - } else { diff --git a/src/patches/squidguard/05_squidguard-1.5-beta_fixes_htunescape-size_t-ldap_functions-unused_variables-noinput_and_nounput.patch b/src/patches/squidguard/05_squidguard-1.5-beta_fixes_htunescape-size_t-ldap_functions-unused_variables-noinput_and_nounput.patch deleted file mode 100644 index 33732deea1..0000000000 --- a/src/patches/squidguard/05_squidguard-1.5-beta_fixes_htunescape-size_t-ldap_functions-unused_variables-noinput_and_nounput.patch +++ /dev/null @@ -1,56 +0,0 @@ ---- a/src/sg.l Sat Jan 30 13:51:12 2016 -+++ b/src/sg.l Sat Jan 30 14:01:28 2016 -@@ -23,6 +23,8 @@ - - %} - -+%option noinput -+%option nounput - ignore [,\t\r ]+ - s [\t ] - d [0-9] ---- a/src/sg.y.in Sat Jan 30 13:52:26 2016 -+++ b/src/sg.y.in Sat Jan 30 14:00:50 2016 -@@ -26,6 +26,7 @@ - - #ifdef HAVE_LIBLDAP - #include "lber.h" -+#define LDAP_DEPRECATED 1 - #include "ldap.h" - #endif - -@@ -1097,7 +1098,6 @@ - foundip = 1; - unblockedip = 1; - if(s->ipquota.seconds != 0){ -- struct IpInfo uq; - time_t t = time(NULL) + globalDebugTimeDelta; - sgLogError("status %d time %d lasttime %d consumed %d", ipquota->status, ipquota->time, ipquota->last, ipquota->consumed); - sgLogError("renew %d seconds %d", s->ipquota.renew, s->ipquota.seconds); -@@ -1157,7 +1157,6 @@ - founduser = 1; - unblockeduser = 1; - if(s->userquota.seconds != 0){ -- struct UserInfo uq; - time_t t = time(NULL) + globalDebugTimeDelta; - //sgLogError("status %d time %d lasttime %d consumed %d", userquota->status, userquota->time, userquota->last, userquota->consumed); - //sgLogError("renew %d seconds %d", s->userquota.renew, s->userquota.seconds); ---- a/src/sgDiv.c.in Sat Jan 30 13:52:10 2016 -+++ b/src/sgDiv.c.in Sat Jan 30 13:59:16 2016 -@@ -18,6 +18,7 @@ - - #include "sg.h" - #include "sgEx.h" -+#include "HTEscape.h" - - /* #define METEST 8; */ - -@@ -692,7 +693,7 @@ - struct UserInfo *userquota; - if(defined(s->userDb, req->ident, (char **) &userquota) == 1){ - char qbuf[150]; -- sprintf(qbuf, "%d-%d-%d-%d-%d-%d", s->userquota.renew, s->userquota.seconds, userquota->status, userquota->time, userquota->last, userquota->consumed); -+ sprintf(qbuf, "%d-%d-%d-%d-%d-%d", s->userquota.renew, (int)s->userquota.seconds, userquota->status, (int)userquota->time, (int)userquota->last, userquota->consumed); - strcat(buf, qbuf); - } else { - strcat(buf, "noquota"); diff --git a/src/patches/squidguard/06_squidguard_version.patch b/src/patches/squidguard/06_squidguard_version.patch deleted file mode 100644 index 351804c49a..0000000000 --- a/src/patches/squidguard/06_squidguard_version.patch +++ /dev/null @@ -1,8 +0,0 @@ ---- a/src/version.h Thu Apr 17 17:00:48 2008 -+++ b/src/version.h Fri May 08 20:44:48 2009 -@@ -16,4 +16,4 @@ - (GPL) along with this program. - */ - --#define VERSION "1.5-alpha" -+#define VERSION "1.5-beta"