summaryrefslogtreecommitdiffstats
path: root/package/squid
Commit message (Collapse)AuthorAgeFilesLines
* packages: update sysv S* scripts to 644Matt Weber2019-02-081-0/+0
| | | | | Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* Merge branch 'next'Peter Korsgaard2018-12-022-7/+4
|\ | | | | | | Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
| * package/squid: needs atomicFabrice Fontaine2018-11-292-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since https://github.com/squid-cache/squid/commit/4b0f89121135aae68fbaf2aa33b5fb2e0da66d3e squid tries to find if latomic is needed through: AC_SEARCH_LIBS([__atomic_load_8],[atomic],[ATOMICLIB="-latomic"],[]) However, this can fails on: configure:21147: /home/fabrice/buildroot/output/host/bin/arc-buildroot-linux-gnu-g++ -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -matomic -Os -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -g conftest.cpp -latomic >&5 conftest.cpp:55:6: error: new declaration 'char __atomic_load_8()' ambiguates built-in declaration 'long long unsigned int __atomic_load_8(const volatile void*, int)' [-fpermissive] char __atomic_load_8 (); ^~~~~~~~~~~~~~~ conftest.cpp: In function 'int main()': conftest.cpp:59:25: error: too few arguments to function 'long long unsigned int __atomic_load_8(const volatile void*, int)' return __atomic_load_8 (); So add -latomic to LIBS if BR2_TOOLCHAIN_HAS_LIBATOMIC is set Fixes: - http://autobuild.buildroot.org/results/13082cea836a12ac8bf85cbdb53a56a5d30c70b1 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
| * package/squid: remove gnu atomics handlingFabrice Fontaine2018-11-291-9/+0
| | | | | | | | | | | | | | | | | | gnu atomics has been removed since version 3.5.27: https://github.com/squid-cache/squid/commit/ddd4edb743d82be97fc651d529e04bf55329a50d So remove squid_cv_gnu_atomics handling Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
* | squid: fix static build with libxml2Fabrice Fontaine2018-12-012-1/+81
|/ | | | | | | | | | | | Use pkg-config to find libxml2 to fix static build of squid Add SQUID_AUTORECONF = YES and remove ac_cv_libxml2_include (not needed anymore) Fixes: - http://autobuild.buildroot.org/results/7f23eb98c311b294c7f0e165279fa26909a5ff93 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
* squid: security bump to version 4.4Peter Korsgaard2018-11-092-5/+5
| | | | | | | | | | | | | | Fixes SQUID-2018_4: Due to incorrect input handling, Squid is vulnerable to a Cross-Site Scripting vulnerability when generating HTTPS response messages about TLS errors. For more details, see the advisory: http://www.squid-cache.org/Advisories/SQUID-2018_4.txt Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* squid: requires C++11 toolchainBaruch Siach2018-10-161-2/+3
| | | | | | | | | | | | | | The squid changelog for version 4.0.1 mentions that "C++11 compiler support is now mandatory". The code uses the std::map::emplace method that gcc before 4.8 does not support. Also fixes: http://autobuild.buildroot.net/results/370/37093f8d3395850b2db5ed645f60d1c2df92768d/ http://autobuild.buildroot.net/results/921/92117726e7b4ede08dcc0e4fd1a85171fd17aeb8/ http://autobuild.buildroot.net/results/e67/e679ef90219c5e8f9c94ddcd7d3f9582f79ef751/ Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* squid: bump to version 4.3Baruch Siach2018-10-094-57/+6
| | | | | | | | | | | | | | | Drop get_certificate test avoidance patch; upstream made the test cross compile friendly in commit 958ae827cabf (Fix cross-compile issues with SSL_get_certificate()) Drop the patch adding <time.h>; the code does not call time() anymore. Restore netfilter support under musl libc. Squid build fine with current musl version. Cc: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
* package/squid: depends on current_exceptionBernd Kuhls2018-09-081-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes build error TextException.cc: In function 'std::ostream& CurrentException(std::ostream&)': TextException.cc:64:9: error: 'current_exception' is not a member of 'std' if (std::current_exception()) { using this defconfig BR2_arm=y BR2_TOOLCHAIN_EXTERNAL=y BR2_TOOLCHAIN_EXTERNAL_CUSTOM=y BR2_TOOLCHAIN_EXTERNAL_DOWNLOAD=y BR2_TOOLCHAIN_EXTERNAL_URL="http://autobuild.buildroot.org/toolchains/tarballs/armv5-ctng-linux-gnueabi.tar.xz" BR2_TOOLCHAIN_EXTERNAL_CUSTOM_PREFIX="armv5-ctng-linux-gnueabi" BR2_TOOLCHAIN_EXTERNAL_GCC_4_8=y BR2_TOOLCHAIN_EXTERNAL_HEADERS_3_12=y BR2_TOOLCHAIN_EXTERNAL_CUSTOM_GLIBC=y BR2_TOOLCHAIN_EXTERNAL_CXX=y BR2_PACKAGE_GNUTLS=y BR2_PACKAGE_OPENSSL=y BR2_PACKAGE_LIBKRB5=y According to http://www.squid-cache.org/Versions/v4/RELEASENOTES.html#ss1.1 squid-4.2 depends on C++11, but adding -std=c++11 did not fix the build error. Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Tested-by: Giulio Benetti <giulio.benetti@micronovasrl.com> Reviewed-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
* package/squid: bump version to 4.2Bernd Kuhls2018-08-196-81/+21
| | | | | | | | | | | Added dependency for libxml2: http://www.squid-cache.org/Versions/v4/RELEASENOTES.html#ss2.9 Rebased patch 0001, removed patches 0002 & 0003 after being applied upstream. Added sha256 hash for tarball. Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
* squid: don't test if the binary exists in the init scriptCarlos Santos2018-04-161-1/+0
| | | | | | | | The test doesn't make sense. It just exits without any error if the binary doesn't exist, which is silly. Signed-off-by: Carlos Santos <casantos@datacom.ind.br> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
* squid: add optional dependency on libkrb5André Hentschel2018-03-311-1/+7
| | | | | Signed-off-by: André Hentschel <nerv@dawncrow.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
* squid: add upstream post-3.5.27 security patchesPeter Korsgaard2018-01-232-0/+66
| | | | | | | | | | | | | | | | | Fixes the following security issues: SQUID-2018:1 Due to incorrect pointer handling Squid is vulnerable to denial of service attack when processing ESI responses. http://www.squid-cache.org/Advisories/SQUID-2018_1.txt SQUID-2018:2 Due to incorrect pointer handling Squid is vulnerable to denial of service attack when processing ESI responses or downloading intermediate CA certificates. http://www.squid-cache.org/Advisories/SQUID-2018_2.txt Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* squid: bump version to 3.5.27Peter Korsgaard2018-01-232-4/+6
| | | | | | And add a hash for the license files. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/*/Config.in: fix help text check-package warningsThomas Petazzoni2017-12-181-1/+2
| | | | | | | | | | | | | This commit fixes the warnings reported by check-package on the help text of all package Config.in files, related to the formatting of the help text: should start with a tab, then 2 spaces, then at most 62 characters. The vast majority of warnings fixed were caused by too long lines. A few warnings were related to spaces being used instead of a tab to indent the help text. Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* package/squid: fix typoBernd Kuhls2017-08-291-1/+1
| | | | | | | | Fixed typo added by https://git.buildroot.net/buildroot/commit/package/squid?id=d2f7d0d72cd7e00ffbe869011d200f0a4a53e7a5 Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* squid: uClibc workaround no longer requiredWaldemar Brodkorb2017-07-011-5/+0
| | | | | | | | | | As all librt and libpthread functions are integrated into libc for a while, workaround no longer required. Signed-off-by: Waldemar Brodkorb <wbx@openadk.org> Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Acked-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* squid: bump version to 3.5.26Vicente Olivert Riera2017-06-022-4/+4
| | | | | Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* squid: bump version to 3.5.25Vicente Olivert Riera2017-04-042-4/+4
| | | | | Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* boot, linux, package: use SPDX short identifier for GPLv2/GPLv2+Rahul Bedarkar2017-04-011-1/+1
| | | | | | | | | | | We want to use SPDX identifier for license strings as much as possible. SPDX short identifier for GPLv2/GPLv2+ is GPL-2.0/GPL-2.0+. This change is done by using following command. find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/\<GPLv2\>/GPL-2.0/g' Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* squid: security bump to version 3.5.24Gustavo Zacarias2017-01-302-4/+4
| | | | | | | | Fixes: * Mitigate DoS attacks that use client-initiated SSL/TLS renegotiation. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* squid: security bump to version 3.5.23Gustavo Zacarias2016-12-182-4/+4
| | | | | | | | | | Fixes: CVE-2016-10002: http://www.squid-cache.org/Advisories/SQUID-2016_11.txt CVE-2016-10003: http://www.squid-cache.org/Advisories/SQUID-2016_10.txt [Peter: add CVE references] Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* squid: bump to version 3.5.22Gustavo Zacarias2016-10-142-4/+4
| | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* squid: disable netfilter for musl toolchainsGustavo Zacarias2016-10-141-1/+1
| | | | | | | | It has been broken for several releases, fixes: http://autobuild.buildroot.net/results/d6c/d6cf725e88bc0a4afd0b7e1ae58a8e5a649ae6c3/ Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* squid: bump to version 3.5.21Gustavo Zacarias2016-09-092-4/+4
| | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* squid: bump version to 3.5.20Vicente Olivert Riera2016-07-052-4/+4
| | | | | Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* squid: bump to version 3.5.19Gustavo Zacarias2016-05-102-4/+4
| | | | | | | Fixes regression introduced in 3.5.18 (via CVE-2016-4554 patch/fix). Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* squid: security bump to version 3.5.18Gustavo Zacarias2016-05-082-4/+4
| | | | | | | | | | | | | Fixes: CVE-2016-4553 - Cache Poisoning issue in HTTP Request handling CVE-2016-4554 - Header Smuggling issue in HTTP Request processing CVE-2016-4555 - Multiple Denial of Service issues in ESI Response processing (client_side_request.cc) CVE-2016-4556 - Multiple Denial of Service issues in ESI Response processing (Esi.cc) Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* squid: security bump to version 3.5.17Gustavo Zacarias2016-04-202-5/+5
| | | | | | | | | | | | Fixes: SQUID-2016:5 (CVE-2016-4051) - Buffer overflow in cachemgr.cgi SQUID-2016:6 (CVE-2016-4052) - Multiple issues in ESI processing. CVE-2016-4053 & CVE-2016-4054 which are part of SQUID-2016:6. Switch to xz-compressed tarball as well. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* squid: bump version to 3.5.16Vicente Olivert Riera2016-04-052-4/+4
| | | | | Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* libcap, cdrkit, dvdrw-tools, fastd, squid: remove headers >= 3.0 dependencyThomas Petazzoni2016-03-161-3/+2
| | | | | | | | | | | | | | | | | | Now that the libcap package has a patch that makes it build with kernel headers < 3.0 (which was needed for the host variant of libcap), there is no longer a need to have a dependency on headers >= 3.0 for the target variant of libcap. All reverse dependencies of libcap are handled in this commit, except lxc, which will be handled in a separate commit since it needs some special solution. The build of all those packages has been tested with a toolchain that uses kernel headers 2.6.32, which is the oldest that our default glibc version accepts to use. Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* squid: security bump to version 3.5.15Gustavo Zacarias2016-02-292-4/+4
| | | | | | | | | Fixes: SQUID-2016:2 - Multiple Denial of Service issues in HTTP Response processing. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* squid: security bump to version 3.5.14Gustavo Zacarias2016-02-162-4/+4
| | | | | | | | | | Fixes: SQUID-2016:1 - Remote Denial of service issue in SSL/TLS processing. CVE-2016-2390 assigned. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* squid: rework atomic handlingThomas Petazzoni2016-02-061-6/+4
| | | | | | | | | | | | | | | | | | | | | squid can use the __sync built-ins when available, but uses an AC_TRY_RUN autoconf tests to check their availability, which isn't compatible with cross-compilation. Due to this, squid.mk is already hinting the configure script about this by passing squid_cv_gnu_atomics=yes/no depending on the availability of atomic operations. So far, squid.mk was assuming that BR2_ARCH_HAS_ATOMICS && BR2_ARCH_IS_64 was needed, since 8 bytes __sync built-ins are used. However, this was a bit too restrictive, since certain 32 bits architectures (ARM, x86) do provide 8 bytes __sync built-ins. So, instead of using BR2_ARCH_HAS_ATOMICS, we now rely on BR2_TOOLCHAIN_HAS_SYNC_4 and BR2_TOOLCHAIN_HAS_SYNC_8, since both 4 bytes and 8 bytes __sync built-ins are tested by the autoconf test. Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
* squid: bump to version 3.5.13Gustavo Zacarias2016-01-082-5/+5
| | | | | | | | Switch to bz2 tarball since there doesn't seem to be an xz release this time around. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* squid: bump to version 3.5.12Gustavo Zacarias2015-11-302-4/+4
| | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* squid: bump to version 3.5.11Gustavo Zacarias2015-11-032-4/+4
| | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* package: Replace 'echo -n' by 'printf'Maxime Hadjinlian2015-10-041-4/+4
| | | | | | | | | | | | 'echo -n' is not a POSIX construct (no flag support), we shoud use 'printf', especially in init script. This patch was generated by the following command line: git grep -l 'echo -n' -- `git ls-files | grep -v 'patch'` | xargs sed -i 's/echo -n/printf/' Signed-off-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com> Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* squid: bump to version 3.5.10Gustavo Zacarias2015-10-022-4/+4
| | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* squid: bump to version 3.5.9Vicente Olivert Riera2015-09-192-4/+4
| | | | | Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* squid: bump to version 3.5.8Gustavo Zacarias2015-09-132-4/+4
| | | | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Reviewed-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Tested-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* Merge branch 'next'Peter Korsgaard2015-09-012-4/+4
|\ | | | | | | Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
| * squid: bump to version 3.5.7Gustavo Zacarias2015-08-092-4/+4
| | | | | | | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* | squid: fix systemd unit file locationThomas Petazzoni2015-08-061-1/+1
|/ | | | | | | | | | squid.service is in tools/systemd/, not in tools/. Fixes: http://autobuild.buildroot.net/results/cec/cecb968172cb00281e439566e5ae154538435a51/ Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* squid: explicitly disable openssl support when BR2_PACKAGE_OPENSSL != yVicente Olivert Riera2015-07-061-0/+2
| | | | | Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* squid: add gnutls supportVicente Olivert Riera2015-07-061-0/+7
| | | | | | | | | | | | A new --without-gnutls option has been added to configure, so let's use it in order to enable or disable gnutls support in squid. Related: http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.6-RELEASENOTES.html#ss4.1 Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* squid: bump to version 3.5.6Vicente Olivert Riera2015-07-062-7/+6
| | | | | | | | | | | | | - Bump to version 3.5.6 - Update hash file - Change configure options according to release notes Release notes: http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.6-RELEASENOTES.html Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* squid: systemd supportAlex Suykov2015-07-051-0/+8
| | | | | | | | | squid comes with a .service file, but does not install it. [Thomas: use relative path for symlink instead of absolute path.] Signed-off-by: Alex Suykov <alex.suykov@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* squid: bump to version 3.5.5Gustavo Zacarias2015-06-022-4/+4
| | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* squid: security bump to version 3.5.4Gustavo Zacarias2015-05-022-4/+4
| | | | | | | | Fixes: CVE-2015-3455 - Incorrect X509 server certificate validation Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
OpenPOWER on IntegriCloud