From 38587fb5fcfaf82654dda70edf6a88c964bd2bd3d376dd9a1d5a9f040dec098f Mon Sep 17 00:00:00 2001 From: Martin Pluskal Date: Sun, 26 Apr 2015 11:20:33 +0000 Subject: [PATCH] Accepting request 304031 from server:proxy:Test 1 OBS-URL: https://build.opensuse.org/request/show/304031 OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=69 --- squid-3.4.11.tar.bz2 | 3 - squid-3.4.11.tar.bz2.asc | 20 ------- squid-3.5.3.tar.xz | 3 + squid-3.5.3.tar.xz.asc | 20 +++++++ squid-brokenad.patch | 24 ++++---- squid-compiled_without_RPM_OPT_FLAGS.patch | 26 --------- squid-config.patch | 8 +-- squid-nobuilddates.patch | 30 +++++----- squid-old-kerberos.patch | 16 +++++ squid.changes | 68 ++++++++++++++++++++++ squid.spec | 49 +++++++++------- 11 files changed, 166 insertions(+), 101 deletions(-) delete mode 100644 squid-3.4.11.tar.bz2 delete mode 100644 squid-3.4.11.tar.bz2.asc create mode 100644 squid-3.5.3.tar.xz create mode 100644 squid-3.5.3.tar.xz.asc delete mode 100644 squid-compiled_without_RPM_OPT_FLAGS.patch create mode 100644 squid-old-kerberos.patch diff --git a/squid-3.4.11.tar.bz2 b/squid-3.4.11.tar.bz2 deleted file mode 100644 index 0c5bdfd..0000000 --- a/squid-3.4.11.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:30547c4e8aa319decb4b2b4911f667f7c912f0bb7c51851063970552be5e2d5d -size 3047198 diff --git a/squid-3.4.11.tar.bz2.asc b/squid-3.4.11.tar.bz2.asc deleted file mode 100644 index 41f96c5..0000000 --- a/squid-3.4.11.tar.bz2.asc +++ /dev/null @@ -1,20 +0,0 @@ -File: squid-3.4.11.tar.bz2 -Date: Tue Jan 13 12:35:37 UTC 2015 -Size: 3047198 -MD5 : 9b2c457c889b026ffcada0cfe03c19ae -SHA1: c01bedfdfdf51e689f29a96de62ad301d984b26a -Key : 0xFF5CF463 - fingerprint = EA31 CC5E 9488 E516 8D2D CC5E B268 E706 FF5C F463 - keyring = http://www.squid-cache.org/pgp.asc - keyserver = subkeys.pgp.net ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1 - -iQEcBAABAgAGBQJUtRGiAAoJELJo5wb/XPRj2PMH/RxXg8QmRzrDClMOdEUC24mP -zwT5WbaaCOtIEtAeMJoO+gSPS7t9bMLyJ3Q0VOh6Ql3M1RdxsSTp6FS40YxX/UAK -CVgR5dmF418S/Dy9zrOzucUdeUHEqMS8bFmo9GsLuvRIqbTSfj+QejEAOVQ08oNf -9MLhI4N6yFNVbKziFWIOsXGI0xIsWlYX+RnuRiG9tDGLn3oqCUqJbTjQyaLBDrQY -fW46Y9iIQzfe+W5t4paR6S+cdCSX8u2aPnVPdvdKS2cy5Y1dnZBo/pRjq2+PeY7t -PT3TNvlevapjH4lWPxqWyxtnMU3/g9dfmFmG0y6u6DYAzuS0clu77jBYuP1u8uM= -=IzkO ------END PGP SIGNATURE----- diff --git a/squid-3.5.3.tar.xz b/squid-3.5.3.tar.xz new file mode 100644 index 0000000..a019327 --- /dev/null +++ b/squid-3.5.3.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:73ec65a08384a3ec93ccc17e89ef7a06ba221816551946f2f051cc736c2981c0 +size 2283580 diff --git a/squid-3.5.3.tar.xz.asc b/squid-3.5.3.tar.xz.asc new file mode 100644 index 0000000..6f4a8ed --- /dev/null +++ b/squid-3.5.3.tar.xz.asc @@ -0,0 +1,20 @@ +File: squid-3.5.3.tar.xz +Date: Sat Mar 28 11:51:30 UTC 2015 +Size: 2283580 +MD5 : 6cd553300a2253c0913f498beb79ee51 +SHA1: 6919305e16f59387197cf543f525e41f510b4727 +Key : 0xFF5CF463 + fingerprint = EA31 CC5E 9488 E516 8D2D CC5E B268 E706 FF5C F463 + keyring = http://www.squid-cache.org/pgp.asc + keyserver = subkeys.pgp.net +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1 + +iQEcBAABAgAGBQJVFpsoAAoJELJo5wb/XPRj4KYH/RU/x21yI0nI2sI0ilTUbG4K +W0mFM1YcbjtaRreXU6zgc7kVLPiypRYeXP+GDvADK3uEmXCvjulyT2pBqCdiftsV +BC2kBQDH4m1XUICE+vxKC2LmDAAPFxH0yOTiNltH1BEjNrjUcAPAlfuforVUz84u +VbiVcKMHQ3UShCsdLU3ZfM9qt5AUI6IEKDYIrfOJ+zNg8tEdMXlA3vSno1M2LQ32 +v0wKJJ0WtT8KETOI2HAFAXJJFImJczWh480ffQV76vctT1BAmtue2CRpH0IKpNbZ +8WBIx2wraxzBSu+YAvjinnabLMblyzPfkwuP4U4j0JBGml9A3Us+P/unIlsEGj0= +=rz1P +-----END PGP SIGNATURE----- diff --git a/squid-brokenad.patch b/squid-brokenad.patch index b5f5712..dec4b19 100644 --- a/squid-brokenad.patch +++ b/squid-brokenad.patch @@ -2,7 +2,7 @@ Index: helpers/external_acl/kerberos_ldap_group/support_krb5.cc =================================================================== --- helpers/external_acl/kerberos_ldap_group/support_krb5.cc.orig +++ helpers/external_acl/kerberos_ldap_group/support_krb5.cc -@@ -52,7 +52,7 @@ krb5_cleanup() +@@ -81,7 +81,7 @@ k5_error(const char* msg, krb5_error_cod * create Kerberos memory cache */ int @@ -11,9 +11,9 @@ Index: helpers/external_acl/kerberos_ldap_group/support_krb5.cc { krb5_keytab keytab = 0; -@@ -130,8 +130,17 @@ krb5_create_cache(char *domain) +@@ -178,8 +178,17 @@ krb5_create_cache(char *domain) if (code) { - error((char *) "%s| %s: ERROR: Error while unparsing principal name : %s\n", LogTime(), PROGRAM, error_message(code)); + k5_error("Error while unparsing principal name",code); } else { - debug((char *) "%s| %s: DEBUG: Found principal name: %s\n", LogTime(), PROGRAM, principal_name); - found = 1; @@ -30,12 +30,12 @@ Index: helpers/external_acl/kerberos_ldap_group/support_krb5.cc + } } } - #if defined(HAVE_HEIMDAL_KERBEROS) || ( defined(HAVE_KRB5_KT_FREE_ENTRY) && HAVE_DECL_KRB5_KT_FREE_ENTRY==1) + #if USE_HEIMDAL_KRB5 || ( HAVE_KRB5_KT_FREE_ENTRY && HAVE_DECL_KRB5_KT_FREE_ENTRY ) Index: helpers/external_acl/kerberos_ldap_group/kerberos_ldap_group.cc =================================================================== --- helpers/external_acl/kerberos_ldap_group/kerberos_ldap_group.cc.orig +++ helpers/external_acl/kerberos_ldap_group/kerberos_ldap_group.cc -@@ -57,6 +57,7 @@ init_args(struct main_args *margs) +@@ -61,6 +61,7 @@ init_args(struct main_args *margs) margs->rc_allow = 0; margs->AD = 0; margs->mdepth = 5; @@ -43,7 +43,7 @@ Index: helpers/external_acl/kerberos_ldap_group/kerberos_ldap_group.cc margs->ddomain = NULL; margs->groups = NULL; margs->ndoms = NULL; -@@ -176,7 +177,7 @@ main(int argc, char *const argv[]) +@@ -179,7 +180,7 @@ main(int argc, char *const argv[]) init_args(&margs); @@ -52,7 +52,7 @@ Index: helpers/external_acl/kerberos_ldap_group/kerberos_ldap_group.cc switch (opt) { case 'd': debug_enabled = 1; -@@ -228,6 +229,9 @@ main(int argc, char *const argv[]) +@@ -231,6 +232,9 @@ main(int argc, char *const argv[]) case 'S': margs.llist = xstrdup(optarg); break; @@ -62,7 +62,7 @@ Index: helpers/external_acl/kerberos_ldap_group/kerberos_ldap_group.cc case 'h': fprintf(stderr, "Usage: \n"); fprintf(stderr, "squid_kerb_ldap [-d] [-i] -g group list [-D domain] [-N netbios domain map] [-s] [-u ldap user] [-p ldap user password] [-l ldap url] [-b ldap bind path] [-a] [-m max depth] [-h]\n"); -@@ -244,6 +248,7 @@ main(int argc, char *const argv[]) +@@ -247,6 +251,7 @@ main(int argc, char *const argv[]) fprintf(stderr, "-l ldap url\n"); fprintf(stderr, "-b ldap bind path\n"); fprintf(stderr, "-s use SSL encryption with Kerberos authentication\n"); @@ -74,7 +74,7 @@ Index: helpers/external_acl/kerberos_ldap_group/support.h =================================================================== --- helpers/external_acl/kerberos_ldap_group/support.h.orig +++ helpers/external_acl/kerberos_ldap_group/support.h -@@ -97,6 +97,7 @@ struct main_args { +@@ -101,6 +101,7 @@ struct main_args { int rc_allow; int AD; int mdepth; @@ -82,7 +82,7 @@ Index: helpers/external_acl/kerberos_ldap_group/support.h char *ddomain; struct gdstruct *groups; struct ndstruct *ndoms; -@@ -156,7 +157,7 @@ int create_nd(struct main_args *margs); +@@ -160,7 +161,7 @@ int create_nd(struct main_args *margs); int create_ls(struct main_args *margs); #ifdef HAVE_KRB5 @@ -95,10 +95,10 @@ Index: helpers/external_acl/kerberos_ldap_group/support_ldap.cc =================================================================== --- helpers/external_acl/kerberos_ldap_group/support_ldap.cc.orig +++ helpers/external_acl/kerberos_ldap_group/support_ldap.cc -@@ -801,7 +801,7 @@ get_memberof(struct main_args *margs, ch +@@ -888,7 +888,7 @@ get_memberof(struct main_args *margs, ch debug((char *) "%s| %s: DEBUG: Setup Kerberos credential cache\n", LogTime(), PROGRAM); - #ifdef HAVE_KRB5 + #if HAVE_KRB5 - kc = krb5_create_cache(domain); + kc = krb5_create_cache(margs,domain); if (kc) { diff --git a/squid-compiled_without_RPM_OPT_FLAGS.patch b/squid-compiled_without_RPM_OPT_FLAGS.patch deleted file mode 100644 index d020e79..0000000 --- a/squid-compiled_without_RPM_OPT_FLAGS.patch +++ /dev/null @@ -1,26 +0,0 @@ -Index: src/Makefile.am -=================================================================== ---- src/Makefile.am.orig -+++ src/Makefile.am -@@ -983,7 +983,7 @@ cache_cf.o: cf_parser.cci - - # cf_gen builds the configuration files. - cf_gen$(EXEEXT): $(cf_gen_SOURCES) $(cf_gen_DEPENDENCIES) cf_gen_defines.cci -- $(HOSTCXX) -o $@ $(srcdir)/cf_gen.cc -I$(srcdir) -I$(top_builddir)/include/ -I$(top_builddir)/src -+ $(HOSTCXX) $(CXXFLAGS) -o $@ $(srcdir)/cf_gen.cc -I$(srcdir) -I$(top_builddir)/include/ -I$(top_builddir)/src - - # squid.conf.default is built by cf_gen when making cf_parser.cci - squid.conf.default squid.conf.documented: cf_parser.cci -Index: src/Makefile.in -=================================================================== ---- src/Makefile.in.orig -+++ src/Makefile.in -@@ -7742,7 +7742,7 @@ cache_cf.o: cf_parser.cci - - # cf_gen builds the configuration files. - cf_gen$(EXEEXT): $(cf_gen_SOURCES) $(cf_gen_DEPENDENCIES) cf_gen_defines.cci -- $(HOSTCXX) -o $@ $(srcdir)/cf_gen.cc -I$(srcdir) -I$(top_builddir)/include/ -I$(top_builddir)/src -+ $(HOSTCXX) $(CXXFLAGS) -o $@ $(srcdir)/cf_gen.cc -I$(srcdir) -I$(top_builddir)/include/ -I$(top_builddir)/src - - # squid.conf.default is built by cf_gen when making cf_parser.cci - squid.conf.default squid.conf.documented: cf_parser.cci diff --git a/squid-config.patch b/squid-config.patch index 0454fc9..63fa89b 100644 --- a/squid-config.patch +++ b/squid-config.patch @@ -2,7 +2,7 @@ Index: src/cf.data.pre =================================================================== --- src/cf.data.pre.orig +++ src/cf.data.pre -@@ -1361,6 +1361,8 @@ http_access deny manager +@@ -1397,6 +1397,8 @@ http_access deny manager # Adapt localnet in the ACL section to list your (internal) IP networks # from where browsing should be allowed http_access allow localnet @@ -11,7 +11,7 @@ Index: src/cf.data.pre http_access allow localhost # And finally deny all other access to this proxy -@@ -3414,6 +3416,10 @@ DOC_START +@@ -3616,6 +3618,10 @@ DOC_START Instead, if you want Squid to use the entire disk drive, subtract 20% and use that value. @@ -22,7 +22,7 @@ Index: src/cf.data.pre 'L1' is the number of first-level subdirectories which will be created under the 'Directory'. The default is 16. -@@ -3547,7 +3553,7 @@ DOC_START +@@ -3734,7 +3740,7 @@ DOC_START NOCOMMENT_START # Uncomment and adjust the following to add a disk cache directory. @@ -31,7 +31,7 @@ Index: src/cf.data.pre NOCOMMENT_END DOC_END -@@ -4178,7 +4184,7 @@ DOC_END +@@ -4410,7 +4416,7 @@ DOC_END NAME: logfile_rotate TYPE: int diff --git a/squid-nobuilddates.patch b/squid-nobuilddates.patch index 7ed4f24..890c865 100644 --- a/squid-nobuilddates.patch +++ b/squid-nobuilddates.patch @@ -2,7 +2,7 @@ Index: helpers/basic_auth/fake/fake.cc =================================================================== --- helpers/basic_auth/fake/fake.cc.orig +++ helpers/basic_auth/fake/fake.cc -@@ -96,7 +96,7 @@ main(int argc, char *argv[]) +@@ -99,7 +99,7 @@ main(int argc, char *argv[]) process_options(argc, argv); @@ -11,7 +11,7 @@ Index: helpers/basic_auth/fake/fake.cc while (fgets(buf, HELPER_INPUT_BUFFER, stdin) != NULL) { char *p; -@@ -112,6 +112,6 @@ main(int argc, char *argv[]) +@@ -115,7 +115,7 @@ main(int argc, char *argv[]) /* send 'OK' result back to Squid */ SEND_OK(""); } @@ -19,11 +19,12 @@ Index: helpers/basic_auth/fake/fake.cc + debug("%s shutting down...\n", program_name); exit(0); } + Index: helpers/external_acl/AD_group/ext_ad_group_acl.cc =================================================================== --- helpers/external_acl/AD_group/ext_ad_group_acl.cc.orig +++ helpers/external_acl/AD_group/ext_ad_group_acl.cc -@@ -800,8 +800,7 @@ main(int argc, char *argv[]) +@@ -801,8 +801,7 @@ main(int argc, char *argv[]) if (!DefaultDomain) DefaultDomain = xstrdup(machinedomain); } @@ -37,7 +38,7 @@ Index: helpers/external_acl/LM_group/ext_lm_group_acl.cc =================================================================== --- helpers/external_acl/LM_group/ext_lm_group_acl.cc.orig +++ helpers/external_acl/LM_group/ext_lm_group_acl.cc -@@ -539,8 +539,7 @@ main(int argc, char *argv[]) +@@ -540,8 +540,7 @@ main(int argc, char *argv[]) if (!DefaultDomain) DefaultDomain = xstrdup(machinedomain); } @@ -51,7 +52,7 @@ Index: helpers/negotiate_auth/SSPI/negotiate_sspi_auth.cc =================================================================== --- helpers/negotiate_auth/SSPI/negotiate_sspi_auth.cc.orig +++ helpers/negotiate_auth/SSPI/negotiate_sspi_auth.cc -@@ -274,7 +274,7 @@ main(int argc, char *argv[]) +@@ -281,7 +281,7 @@ main(int argc, char *argv[]) process_options(argc, argv); @@ -64,7 +65,7 @@ Index: helpers/ntlm_auth/SSPI/ntlm_sspi_auth.cc =================================================================== --- helpers/ntlm_auth/SSPI/ntlm_sspi_auth.cc.orig +++ helpers/ntlm_auth/SSPI/ntlm_sspi_auth.cc -@@ -611,7 +611,7 @@ main(int argc, char *argv[]) +@@ -619,7 +619,7 @@ main(int argc, char *argv[]) process_options(argc, argv); @@ -77,7 +78,7 @@ Index: helpers/ntlm_auth/fake/ntlm_fake_auth.cc =================================================================== --- helpers/ntlm_auth/fake/ntlm_fake_auth.cc.orig +++ helpers/ntlm_auth/fake/ntlm_fake_auth.cc -@@ -173,7 +173,7 @@ main(int argc, char *argv[]) +@@ -147,7 +147,7 @@ main(int argc, char *argv[]) process_options(argc, argv); @@ -85,12 +86,12 @@ Index: helpers/ntlm_auth/fake/ntlm_fake_auth.cc + debug("%s starting up...\n", my_program_name); while (fgets(buf, HELPER_INPUT_BUFFER, stdin) != NULL) { - user[0] = '\0'; /*no user code */ + user[0] = '\0'; /*no user code */ Index: helpers/ntlm_auth/smb_lm/ntlm_smb_lm_auth.cc =================================================================== --- helpers/ntlm_auth/smb_lm/ntlm_smb_lm_auth.cc.orig +++ helpers/ntlm_auth/smb_lm/ntlm_smb_lm_auth.cc -@@ -632,7 +632,7 @@ manage_request() +@@ -622,7 +622,7 @@ manage_request() int main(int argc, char *argv[]) { @@ -103,7 +104,7 @@ Index: helpers/url_rewrite/fake/fake.cc =================================================================== --- helpers/url_rewrite/fake/fake.cc.orig +++ helpers/url_rewrite/fake/fake.cc -@@ -101,7 +101,7 @@ main(int argc, char *argv[]) +@@ -104,7 +104,7 @@ main(int argc, char *argv[]) process_options(argc, argv); @@ -112,11 +113,12 @@ Index: helpers/url_rewrite/fake/fake.cc while (fgets(buf, HELPER_INPUT_BUFFER, stdin) != NULL) { char *p; -@@ -117,6 +117,6 @@ main(int argc, char *argv[]) - /* send 'no-change' result back to Squid */ - fprintf(stdout,"\n"); +@@ -127,7 +127,7 @@ main(int argc, char *argv[]) + fprintf(stdout, "%" PRId64 " ERR\n", channelId); + } } - debug("%s build " __DATE__ ", " __TIME__ " shutting down...\n", my_program_name); + debug("%s shutting down...\n", my_program_name); - exit(0); + return 0; } + diff --git a/squid-old-kerberos.patch b/squid-old-kerberos.patch new file mode 100644 index 0000000..b95a9b4 --- /dev/null +++ b/squid-old-kerberos.patch @@ -0,0 +1,16 @@ +Index: helpers/negotiate_auth/kerberos/negotiate_kerberos_auth.cc +=================================================================== +--- helpers/negotiate_auth/kerberos/negotiate_kerberos_auth.cc.orig 2015-03-28 11:58:05.000000000 +0100 ++++ helpers/negotiate_auth/kerberos/negotiate_kerberos_auth.cc 2015-04-01 14:45:11.970927882 +0200 +@@ -537,7 +537,11 @@ main(int argc, char *const argv[]) + keytab_name_env = getenv("KRB5_KTNAME"); + if (!keytab_name_env) { + ret = krb5_init_context(&context); ++#if HAVE_PAC_SUPPORT || HAVE_KRB5_MEMORY_KEYTAB + if (!check_k5_err(context, "krb5_init_context", ret)) { ++#else ++ if (0 == ret) { // no error continue... ++#endif + krb5_kt_default_name(context, default_keytab, MAXPATHLEN); + } + keytab_name = xstrdup(default_keytab); diff --git a/squid.changes b/squid.changes index bfe4432..9722824 100644 --- a/squid.changes +++ b/squid.changes @@ -1,3 +1,71 @@ +------------------------------------------------------------------- +Sun Apr 26 11:18:42 UTC 2015 - mpluskal@suse.com + +- Update changelog + +------------------------------------------------------------------- +Wed Apr 1 12:40:07 UTC 2015 - boris@steki.net + +- fix SLE 11 build with older kerberos libraries + * squid-old-kerberos.patch + +------------------------------------------------------------------- +Wed Apr 1 06:55:04 UTC 2015 - mpluskal@suse.com + +- Update to 3.5.3 + * Regression Bug 4213: negotiate_kerberos_auth: freeing non-dynamic memory + * Regression Bug 4206: Incorrect connection close on expect:100-continue + * Bug 4204: ./configure does not abort when required helpers cannot be built + * Bug 3805: support shared memory on MacOS X in Mem::IPC::Segment + * Bug 2907: high CPU usage on CONNECT when using delay pools + * basic_getpwnam_auth: fail authentication on crypt() failures + * basic_nis_auth: fail authentication on crypt() failures + * ext_kerberos_ldap_group_acl: Heimdal support improvements + * ext_wbinfo_group_acl: Perl 5.20 support + * ... and several compile issues + +------------------------------------------------------------------- +Sat Mar 21 13:16:42 UTC 2015 - mpluskal@suse.com + +- Use xz compressed source +- Update to 3.5.2 + * Regression Bug 4176: Digest auth too many helper lookups + * Regression Bug 4180: not-fully-initialized data member in + ACLUserData + * Bug 4172: Solaris broken krb5-config + * Bug 4073: Cygwin compile errors + * Bug 3919: remove several never-true / never-false comparisons + * HTTPS: Add missing root CAs when validating chains that passed + internal checks + * Fix some cbdataFree related memory leaks + * Quieten CBDATA 'leak' messages + * Set SNI information in transparent bumping mode + * negotiate_kerberos_auth: fix krb5.conf backward compatibility + * Fix memory leaks in cachemgr.cgi URL parser + * Fix sslproxy_options in peek-and-splice mode + * ... and fix several portability and build issues + * ... and some documentation updates + * ... and all fixes from squid 3.4.11 + +------------------------------------------------------------------- +Thu Feb 19 01:09:38 UTC 2015 - chris@computersalat.de + +- Update to 3.5.1 (13 Jan 2015): + * Fix handling of invalid SSL server certificates when splicing connections + * basic_smb_lm_auth: Simplified MSNT basic auth helper + * squidclient: Fix -A and -P options + * ... and several portability fixes + * ... and all fixes from squid 3.4.11 + * ... and a lot of documentation updates +- removed obsolete patch + * squid_compiled_without_RPM_OPT_FLAGS.patch +- rebased patches + * squid-config.patch + * squid-nobuilddates.patch + * squid-brokenad.patch +- replace configure option + * --enable-ssl > --with-openssl + ------------------------------------------------------------------- Wed Feb 18 23:28:06 UTC 2015 - chris@computersalat.de diff --git a/squid.spec b/squid.spec index e4e08fd..e7bb1ba 100644 --- a/squid.spec +++ b/squid.spec @@ -1,7 +1,7 @@ # # spec file for package squid # -# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -20,14 +20,14 @@ %define squidconfdir %{_sysconfdir}/squid Name: squid -Version: 3.4.11 +Version: 3.5.3 Release: 0 Summary: A fully featured HTTP/1.0 proxy License: GPL-2.0+ Group: Productivity/Networking/Web/Proxy -Url: http://www.squid-cache.org/Versions/v3/3.4 -Source0: http://www.squid-cache.org/Versions/v3/3.4/%{name}-%{version}.tar.bz2 -Source1: http://www.squid-cache.org/Versions/v3/3.4/%{name}-%{version}.tar.bz2.asc +Url: http://www.squid-cache.org/Versions/v3/3.5 +Source0: http://www.squid-cache.org/Versions/v3/3.5/%{name}-%{version}.tar.xz +Source1: http://www.squid-cache.org/Versions/v3/3.5/%{name}-%{version}.tar.xz.asc Source3: squid.init Source4: squid.sysconfig @@ -46,11 +46,10 @@ Source99: squid-rpmlintrc Patch100: %{name}-config.patch # make build compare happy - remove build dates Patch101: %{name}-nobuilddates.patch -## File is compiled without RPM_OPT_FLAGS -# squid3 no-rpm-opt-flags :./cf_gen.cc -Patch102: %{name}-compiled_without_RPM_OPT_FLAGS.patch # patch fixes kerberos principalname handling (http://bugs.squid-cache.org/show_bug.cgi?id=4042) Patch103: squid-brokenad.patch +#patch fix SLE 11 target... BAD PATCH +Patch104: squid-old-kerberos.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: db-devel @@ -71,6 +70,7 @@ BuildRequires: libtool >= 2.4 %endif %if 0%{?suse_version} < 1220 BuildRequires: libxml2-devel +BuildRequires: xz %else BuildRequires: pkgconfig(libxml-2.0) %endif @@ -116,16 +116,18 @@ Obsoletes: %{name}3 < %{version} %description Squid is a fully-featured HTTP/1.0 proxy which is almost (but not quite - we're getting there!) a fully-featured HTTP/1.1 proxy. Squid offers a rich access control, authorization and logging environment to develop web proxy and content serving applications. Squid offers a rich set of traffic optimization options, most of which are enabled by default for simpler installation and high performance. -Squid 3.4 represents a new feature release above 3.3. +Squid 3.5 represents a new feature release above 3.4. The most important of these new features are: - * Helper protocol extensions - * SSL Server Certificate Validator - * Store-ID - * TPROXY Support for OpenBSD 5.1+ and FreeBSD 9+ - * Transaction Annotations - * Multicast DNS + * Support libecap v1.0 + * Authentication helper query extensions + * Support named services + * Upgraded squidclient tool + * Helper support for concurrency channels + * Native FTP Relay + * Receive PROXY protocol, Versions 1 & 2 + * Basic authentication MSNT helper changes %prep #setup -q -n %{name}-%{version}%{snap} @@ -138,8 +140,8 @@ cp %{SOURCE10} . perl -p -i -e 's|%{_prefix}/local/bin/perl|%{_bindir}/perl|' `find -name "*.pl"` chmod a-x CREDITS %patch101 -%patch102 %patch103 +%patch104 %build export CFLAGS="%{optflags} -fPIE -fPIC -DOPENSSL_LOAD_CONF" @@ -172,8 +174,8 @@ export LDFLAGS='-Wl,-z,relro,-z,now -pie' --enable-referer-log \ --enable-kill-parent-hack \ --enable-arp-acl \ - --enable-ssl \ --enable-ssl-crtd \ + --with-openssl \ --enable-forw-via-db \ --enable-cache-digests \ --enable-linux-netfilter \ @@ -373,7 +375,7 @@ fi %files %defattr(-,root,root) -%doc CONTRIBUTORS COPYING COPYRIGHT CREDITS ChangeLog +%doc ChangeLog CONTRIBUTORS COPYING CREDITS %doc QUICKSTART README RELEASENOTES.html SPONSORS* %doc README.kerberos %doc doc/contrib doc/scripts @@ -392,11 +394,9 @@ fi %config(noreplace) %{squidconfdir}/errors %config(noreplace) %{_sysconfdir}/logrotate.d/%{name} %config(noreplace) %{squidconfdir}/mime.conf -%config(noreplace) %{squidconfdir}/msntauth.conf %config(noreplace) %{squidconfdir}/%{name}.conf %config %{squidconfdir}/cachemgr.conf.default %config %{squidconfdir}/errorpage.css.default -%config %{squidconfdir}/msntauth.conf.default %config %{squidconfdir}/%{name}.conf.default %config %{squidconfdir}/%{name}.conf.documented %config %{_sysconfdir}/pam.d/%{name} @@ -415,8 +415,10 @@ fi %{_sbindir}/basic_fake_auth %{_sbindir}/basic_getpwnam_auth %{_sbindir}/basic_ldap_auth -%{_sbindir}/basic_msnt_auth +## will get removed in 3.6 series +# http://www.squid-cache.org/Versions/v3/3.5/RELEASENOTES.html#toc2.8 %{_sbindir}/basic_msnt_multi_domain_auth +## %{_sbindir}/basic_ncsa_auth %{_sbindir}/basic_nis_auth %if 0%{?suse_version} < 1140 @@ -429,9 +431,12 @@ fi %{_sbindir}/basic_sasl_auth %{_sbindir}/basic_smb_auth %{_sbindir}/basic_smb_auth.sh +## basic_msnt_auth has been deprecated and renamed to +# http://www.squid-cache.org/Versions/v3/3.5/RELEASENOTES.html#toc2.8 +%{_sbindir}/basic_smb_lm_auth +## %{_sbindir}/cert_tool %{_sbindir}/cert_valid.pl -#{_sbindir}/digest_edirectory_auth %{_sbindir}/digest_file_auth %{_sbindir}/digest_ldap_auth %{_sbindir}/diskd