* [PATCH] squid 3.4.14: Bugfix for #4323 (Netfilter broken cross-includes with Linux 4.2)
@ 2016-02-27 8:17 Matthias Fischer
2016-04-06 11:19 ` Arne Fitzenreiter
0 siblings, 1 reply; 5+ messages in thread
From: Matthias Fischer @ 2016-02-27 8:17 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 4323 bytes --]
For details see: http://bugs.squid-cache.org/show_bug.cgi?id=4323
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
---
config/rootfiles/common/squid | 2 ++
lfs/squid | 3 ++-
src/patches/squid-3.4-13231.patch | 48 +++++++++++++++++++++++++++++++++++++++
3 files changed, 52 insertions(+), 1 deletion(-)
create mode 100644 src/patches/squid-3.4-13231.patch
diff --git a/config/rootfiles/common/squid b/config/rootfiles/common/squid
index c8227e3..83cfe3f 100644
--- a/config/rootfiles/common/squid
+++ b/config/rootfiles/common/squid
@@ -2145,6 +2145,8 @@ usr/lib/squid/icons/silk/script_palette.png
usr/lib/squid/log_db_daemon
usr/lib/squid/log_file_daemon
usr/lib/squid/mib.txt
+usr/lib/squid/negotiate_kerberos_auth
+usr/lib/squid/negotiate_kerberos_auth_test
usr/lib/squid/negotiate_wrapper_auth
usr/lib/squid/ntlm_fake_auth
usr/lib/squid/ntlm_smb_lm_auth
diff --git a/lfs/squid b/lfs/squid
index 997c660..a9c5f37 100644
--- a/lfs/squid
+++ b/lfs/squid
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2015 IPFire Team <info(a)ipfire.org> #
+# Copyright (C) 2007-2016 IPFire Team <info(a)ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -73,6 +73,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13228.patch
cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4.14-fix-max-file-descriptors.patch
cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13230.patch
+ cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid-3.4-13231.patch
cd $(DIR_APP) && autoreconf -vfi
cd $(DIR_APP)/libltdl && autoreconf -vfi
diff --git a/src/patches/squid-3.4-13231.patch b/src/patches/squid-3.4-13231.patch
new file mode 100644
index 0000000..045ad70
--- /dev/null
+++ b/src/patches/squid-3.4-13231.patch
@@ -0,0 +1,48 @@
+------------------------------------------------------------
+revno: 13231
+revision-id: squid3(a)treenet.co.nz-20160220150859-3unryicod1rcx9rm
+parent: squid3(a)treenet.co.nz-20160212045316-zwx4r9we4gf27rx3
+fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4323
+author: Francesco Chemolli <kinkie(a)squid-cache.org>
+committer: Amos Jeffries <squid3(a)treenet.co.nz>
+branch nick: 3.4
+timestamp: Sun 2016-02-21 04:08:59 +1300
+message:
+ Bug 4323: Netfilter broken cross-includes with Linux 4.2
+------------------------------------------------------------
+# Bazaar merge directive format 2 (Bazaar 0.90)
+# revision_id: squid3(a)treenet.co.nz-20160220150859-3unryicod1rcx9rm
+# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
+# testament_sha1: 10fa174d2821207d0bf89ef3013e8f4c3f99f9e3
+# timestamp: 2016-02-20 15:50:56 +0000
+# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.4
+# base_revision_id: squid3(a)treenet.co.nz-20160212045316-\
+# zwx4r9we4gf27rx3
+#
+# Begin patch
+=== modified file 'compat/os/linux.h'
+--- compat/os/linux.h 2012-08-28 13:00:30 +0000
++++ compat/os/linux.h 2016-02-20 15:08:59 +0000
+@@ -22,6 +22,21 @@
+ #endif
+
+ /*
++ * Netfilter header madness. (see Bug 4323)
++ *
++ * Netfilter have a history of defining their own versions of network protocol
++ * primitives without sufficient protection against the POSIX defines which are
++ * aways present in Linux.
++ *
++ * netinet/in.h must be included before any other sys header in order to properly
++ * activate include guards in <linux/libc-compat.h> the kernel maintainers added
++ * to workaround it.
++ */
++#if HAVE_NETINET_IN_H
++#include <netinet/in.h>
++#endif
++
++/*
+ * sys/capability.h is only needed in Linux apparently.
+ *
+ * HACK: LIBCAP_BROKEN Ugly glue to get around linux header madness colliding with glibc
+
--
2.7.2
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] squid 3.4.14: Bugfix for #4323 (Netfilter broken cross-includes with Linux 4.2)
2016-02-27 8:17 [PATCH] squid 3.4.14: Bugfix for #4323 (Netfilter broken cross-includes with Linux 4.2) Matthias Fischer
@ 2016-04-06 11:19 ` Arne Fitzenreiter
2016-04-06 16:51 ` Matthias Fischer
0 siblings, 1 reply; 5+ messages in thread
From: Arne Fitzenreiter @ 2016-04-06 11:19 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 629 bytes --]
The *kerberos_auth* files are missing after clean build so cdrom will
fail now...
Arne
> diff --git a/config/rootfiles/common/squid
> b/config/rootfiles/common/squid
> index c8227e3..83cfe3f 100644
> --- a/config/rootfiles/common/squid
> +++ b/config/rootfiles/common/squid
> @@ -2145,6 +2145,8 @@ usr/lib/squid/icons/silk/script_palette.png
> usr/lib/squid/log_db_daemon
> usr/lib/squid/log_file_daemon
> usr/lib/squid/mib.txt
> +usr/lib/squid/negotiate_kerberos_auth
> +usr/lib/squid/negotiate_kerberos_auth_test
> usr/lib/squid/negotiate_wrapper_auth
> usr/lib/squid/ntlm_fake_auth
> usr/lib/squid/ntlm_smb_lm_auth
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] squid 3.4.14: Bugfix for #4323 (Netfilter broken cross-includes with Linux 4.2)
2016-04-06 11:19 ` Arne Fitzenreiter
@ 2016-04-06 16:51 ` Matthias Fischer
2016-04-06 21:00 ` Michael Tremer
0 siblings, 1 reply; 5+ messages in thread
From: Matthias Fischer @ 2016-04-06 16:51 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 969 bytes --]
Hi,
On 06.04.2016 13:19, Arne Fitzenreiter wrote:
> The *kerberos_auth* files are missing after clean build so cdrom will
> fail now...
I'll take care of this!
Somehow weird, though. During the last builds prior to this commit,
'cdrom' failed because these files were build, so I added them. Now its
the other way around!?
I started a clean build and test - Devel is running.
Best,
Matthias
>
> Arne
>
>> diff --git a/config/rootfiles/common/squid
>> b/config/rootfiles/common/squid
>> index c8227e3..83cfe3f 100644
>> --- a/config/rootfiles/common/squid
>> +++ b/config/rootfiles/common/squid
>> @@ -2145,6 +2145,8 @@ usr/lib/squid/icons/silk/script_palette.png
>> usr/lib/squid/log_db_daemon
>> usr/lib/squid/log_file_daemon
>> usr/lib/squid/mib.txt
>> +usr/lib/squid/negotiate_kerberos_auth
>> +usr/lib/squid/negotiate_kerberos_auth_test
>> usr/lib/squid/negotiate_wrapper_auth
>> usr/lib/squid/ntlm_fake_auth
>> usr/lib/squid/ntlm_smb_lm_auth
>
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] squid 3.4.14: Bugfix for #4323 (Netfilter broken cross-includes with Linux 4.2)
2016-04-06 16:51 ` Matthias Fischer
@ 2016-04-06 21:00 ` Michael Tremer
2016-04-07 16:26 ` Matthias Fischer
0 siblings, 1 reply; 5+ messages in thread
From: Michael Tremer @ 2016-04-06 21:00 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 1637 bytes --]
Hi,
sorry, I patched this already. Didn't see your email before I did this.
This is basically happens when krb is built and squid is built after that.
Usually it is built first and krb afterwards. If you rebuild squid after a full
compile, krb will be around and compiled into squid which we don't want.
I couldn't find a switch to explicitly switch this off (like --disable-
kerberos). If you find something similar, feel free to send a patch.
-Michael
On Wed, 2016-04-06 at 18:51 +0200, Matthias Fischer wrote:
> Hi,
>
> On 06.04.2016 13:19, Arne Fitzenreiter wrote:
> >
> > The *kerberos_auth* files are missing after clean build so cdrom will
> > fail now...
> I'll take care of this!
>
> Somehow weird, though. During the last builds prior to this commit,
> 'cdrom' failed because these files were build, so I added them. Now its
> the other way around!?
> I started a clean build and test - Devel is running.
>
> Best,
> Matthias
>
> >
> >
> > Arne
> >
> > >
> > > diff --git a/config/rootfiles/common/squid
> > > b/config/rootfiles/common/squid
> > > index c8227e3..83cfe3f 100644
> > > --- a/config/rootfiles/common/squid
> > > +++ b/config/rootfiles/common/squid
> > > @@ -2145,6 +2145,8 @@ usr/lib/squid/icons/silk/script_palette.png
> > > usr/lib/squid/log_db_daemon
> > > usr/lib/squid/log_file_daemon
> > > usr/lib/squid/mib.txt
> > > +usr/lib/squid/negotiate_kerberos_auth
> > > +usr/lib/squid/negotiate_kerberos_auth_test
> > > usr/lib/squid/negotiate_wrapper_auth
> > > usr/lib/squid/ntlm_fake_auth
> > > usr/lib/squid/ntlm_smb_lm_auth
> >
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] squid 3.4.14: Bugfix for #4323 (Netfilter broken cross-includes with Linux 4.2)
2016-04-06 21:00 ` Michael Tremer
@ 2016-04-07 16:26 ` Matthias Fischer
0 siblings, 0 replies; 5+ messages in thread
From: Matthias Fischer @ 2016-04-07 16:26 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 651 bytes --]
Hi,
On 06.04.2016 23:00, Michael Tremer wrote:
> sorry, I patched this already. Didn't see your email before I did this.
No problem. Everything's fine. ;-)
> This is basically happens when krb is built and squid is built after that.
> Usually it is built first and krb afterwards. If you rebuild squid after a full
> compile, krb will be around and compiled into squid which we don't want.
Yep. I think, this must be the reason.
> I couldn't find a switch to explicitly switch this off (like --disable-
> kerberos). If you find something similar, feel free to send a patch.
If I find one, you'll know. ;-))
Best,
Matthias
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2016-04-07 16:26 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-02-27 8:17 [PATCH] squid 3.4.14: Bugfix for #4323 (Netfilter broken cross-includes with Linux 4.2) Matthias Fischer
2016-04-06 11:19 ` Arne Fitzenreiter
2016-04-06 16:51 ` Matthias Fischer
2016-04-06 21:00 ` Michael Tremer
2016-04-07 16:26 ` Matthias Fischer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox