[git.ipfire.org] IPFire 2.x development tree branch, fifteen, updated. ac14b325e03276f9e17e334b03a3d3129903bac7

public inbox for ipfire-scm@lists.ipfire.org
 help / color / mirror / Atom feed

* [git.ipfire.org] IPFire 2.x development tree branch, fifteen, updated. ac14b325e03276f9e17e334b03a3d3129903bac7
@ 2013-11-09 13:20 git
  0 siblings, 0 replies; only message in thread
From: git @ 2013-11-09 13:20 UTC (permalink / raw)
  To: ipfire-scm

[-- Attachment #1: Type: text/plain, Size: 9372 bytes --]

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".

The branch, fifteen has been updated
       via  ac14b325e03276f9e17e334b03a3d3129903bac7 (commit)
       via  33590570fb5ea3bad3232d208d7515cf43fcd701 (commit)
       via  d3527a38c16451d956c623901d11472ebbe47e98 (commit)
       via  36b1c19138f9936ae97fac4f94c443593702f22d (commit)
      from  340a567eae8e9a1be908c13e67626d278f32224c (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit ac14b325e03276f9e17e334b03a3d3129903bac7
Merge: 340a567 3359057
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Sat Nov 9 14:19:52 2013 +0100

    Merge branch 'master' into fifteen

-----------------------------------------------------------------------

Summary of changes:
 config/rootfiles/oldcore/73/filelists/files        |   2 +
 lfs/openssh                                        |   4 +-
 lfs/squid                                          |   7 +-
 .../squid-3.3.10-optional-ssl-options.patch        | 148 +++++++++++++++++++++
 4 files changed, 157 insertions(+), 4 deletions(-)
 create mode 100644 src/patches/squid-3.3.10-optional-ssl-options.patch

Difference in files:
diff --git a/config/rootfiles/oldcore/73/filelists/files b/config/rootfiles/oldcore/73/filelists/files
index 6df851e..8ddb964 100644
--- a/config/rootfiles/oldcore/73/filelists/files
+++ b/config/rootfiles/oldcore/73/filelists/files
@@ -3,9 +3,11 @@ etc/issue
 etc/rc.d/init.d/dnsmasq
 etc/rc.d/init.d/squid
 srv/web/ipfire/cgi-bin/logs.cgi/proxylog.dat
+srv/web/ipfire/cgi-bin/netinternal.cgi
 srv/web/ipfire/cgi-bin/proxy.cgi
 srv/web/ipfire/cgi-bin/routing.cgi
 srv/web/ipfire/cgi-bin/wirelessclient.cgi
+srv/web/ipfire/cgi-bin/vpnmain.cgi
 srv/web/ipfire/html/redirect.cgi
 srv/web/ipfire/html/redirect-templates/
 var/ipfire/header.pl
diff --git a/lfs/openssh b/lfs/openssh
index 3d4ef2f..17772c1 100644
--- a/lfs/openssh
+++ b/lfs/openssh
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 6.2p2
+VER        = 6.4p1
 
 THISAPP    = openssh-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = be46174dcbb77ebb4ea88ef140685de1
+$(DL_FILE)_MD5 = a62b88b884df0b09b8a8c5789ac9e51b
 
 install : $(TARGET)
 
diff --git a/lfs/squid b/lfs/squid
index bc0ef71..a341857 100644
--- a/lfs/squid
+++ b/lfs/squid
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 3.3.9
+VER        = 3.3.10
 
 THISAPP    = squid-$(VER)
 DL_FILE    = $(THISAPP).tar.xz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = 6c4ba0d63c3a6d94de2da689f361cdab
+$(DL_FILE)_MD5 = 28058812d722cac303517a643e28bcb0
 
 install : $(TARGET)
 
@@ -70,6 +70,9 @@ $(subst %,%_MD5,$(objects)) :
 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	@$(PREBUILD)
 	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar xaf $(DIR_DL)/$(DL_FILE)
+
+	cd $(DIR_APP) && patch -Np0 < $(DIR_SRC)/src/patches/squid-3.3.10-optional-ssl-options.patch
+
 	cd $(DIR_APP) && ./configure \
 		--prefix=/usr \
 		--sysconfdir=/etc/squid \
diff --git a/src/patches/squid-3.3.10-optional-ssl-options.patch b/src/patches/squid-3.3.10-optional-ssl-options.patch
new file mode 100644
index 0000000..f6a108c
--- /dev/null
+++ b/src/patches/squid-3.3.10-optional-ssl-options.patch
@@ -0,0 +1,148 @@
+From: http://bazaar.launchpad.net/~squid/squid/3-trunk/revision/13115
+
+Committer: Christos Tsantilas
+Date: 2013-11-07 10:46:14 UTC
+Revision ID: chtsanti(a)users.sourceforge.net-20131107104614-s3a9kzlkgm7x9rhf
+
+http://bugs.squid-cache.org/show_bug.cgi?id=3936
+Bug 3936: error-details.txt parse error
+
+Squid fails parsing error-details.txt template when one or more listed OpenSSL
+errors are not supported on running platform.
+This patch add a hardcoded list of OpenSSL errors wich can be optional.
+
+This is a Measurement Factory project
+
+=== modified file 'src/ssl/ErrorDetail.cc'
+--- src/ssl/ErrorDetail.cc	2013-07-31 00:13:04 +0000
++++ src/ssl/ErrorDetail.cc	2013-11-07 10:46:14 +0000
+@@ -221,6 +221,31 @@
+     {SSL_ERROR_NONE, NULL}
+ };
+ 
++static const char *OptionalSslErrors[] = {
++    "X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER",
++    "X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION",
++    "X509_V_ERR_KEYUSAGE_NO_CRL_SIGN",
++    "X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION",
++    "X509_V_ERR_INVALID_NON_CA",
++    "X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED",
++    "X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE",
++    "X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED",
++    "X509_V_ERR_INVALID_EXTENSION",
++    "X509_V_ERR_INVALID_POLICY_EXTENSION",
++    "X509_V_ERR_NO_EXPLICIT_POLICY",
++    "X509_V_ERR_DIFFERENT_CRL_SCOPE",
++    "X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE",
++    "X509_V_ERR_UNNESTED_RESOURCE",
++    "X509_V_ERR_PERMITTED_VIOLATION",
++    "X509_V_ERR_EXCLUDED_VIOLATION",
++    "X509_V_ERR_SUBTREE_MINMAX",
++    "X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE",
++    "X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX",
++    "X509_V_ERR_UNSUPPORTED_NAME_SYNTAX",
++    "X509_V_ERR_CRL_PATH_VALIDATION_ERROR",
++    NULL
++};
++
+ struct SslErrorAlias {
+     const char *name;
+     const Ssl::ssl_error_t *errors;
+@@ -331,6 +356,16 @@
+     return NULL;
+ }
+ 
++bool
++Ssl::ErrorIsOptional(const char *name)
++{
++    for (int i = 0; OptionalSslErrors[i] != NULL; ++i) {
++        if (strcmp(name, OptionalSslErrors[i]) == 0)
++            return true;
++    }
++    return false;
++}
++
+ const char *
+ Ssl::GetErrorDescr(Ssl::ssl_error_t value)
+ {
+
+=== modified file 'src/ssl/ErrorDetail.h'
+--- src/ssl/ErrorDetail.h	2013-05-30 10:10:29 +0000
++++ src/ssl/ErrorDetail.h	2013-11-07 10:46:14 +0000
+@@ -40,6 +40,14 @@
+ 
+ /**
+    \ingroup ServerProtocolSSLAPI
++   * Return true if the SSL error is optional and may not supported
++   * by current squid version
++ */
++
++bool ErrorIsOptional(const char *name);
++
++/**
++   \ingroup ServerProtocolSSLAPI
+  * Used to pass SSL error details to the error pages returned to the
+  * end user.
+  */
+
+=== modified file 'src/ssl/ErrorDetailManager.cc'
+--- src/ssl/ErrorDetailManager.cc	2013-10-25 00:13:46 +0000
++++ src/ssl/ErrorDetailManager.cc	2013-11-07 10:46:14 +0000
+@@ -218,32 +218,35 @@
+             }
+ 
+             Ssl::ssl_error_t ssl_error = Ssl::GetErrorCode(errorName.termedBuf());
+-            if (ssl_error == SSL_ERROR_NONE) {
++            if (ssl_error != SSL_ERROR_NONE) {
++
++                if (theDetails->getErrorDetail(ssl_error)) {
++                    debugs(83, DBG_IMPORTANT, HERE <<
++                           "WARNING! duplicate entry: " << errorName);
++                    return false;
++                }
++
++                ErrorDetailEntry &entry = theDetails->theList[ssl_error];
++                entry.error_no = ssl_error;
++                entry.name = errorName;
++                String tmp = parser.getByName("detail");
++                httpHeaderParseQuotedString(tmp.termedBuf(), tmp.size(), &entry.detail);
++                tmp = parser.getByName("descr");
++                httpHeaderParseQuotedString(tmp.termedBuf(), tmp.size(), &entry.descr);
++                bool parseOK = entry.descr.defined() && entry.detail.defined();
++
++                if (!parseOK) {
++                    debugs(83, DBG_IMPORTANT, HERE <<
++                           "WARNING! missing important field for detail error: " <<  errorName);
++                    return false;
++                }
++
++            } else if (!Ssl::ErrorIsOptional(errorName.termedBuf())) {
+                 debugs(83, DBG_IMPORTANT, HERE <<
+                        "WARNING! invalid error detail name: " << errorName);
+                 return false;
+             }
+ 
+-            if (theDetails->getErrorDetail(ssl_error)) {
+-                debugs(83, DBG_IMPORTANT, HERE <<
+-                       "WARNING! duplicate entry: " << errorName);
+-                return false;
+-            }
+-
+-            ErrorDetailEntry &entry = theDetails->theList[ssl_error];
+-            entry.error_no = ssl_error;
+-            entry.name = errorName;
+-            String tmp = parser.getByName("detail");
+-            httpHeaderParseQuotedString(tmp.termedBuf(), tmp.size(), &entry.detail);
+-            tmp = parser.getByName("descr");
+-            httpHeaderParseQuotedString(tmp.termedBuf(), tmp.size(), &entry.descr);
+-            bool parseOK = entry.descr.defined() && entry.detail.defined();
+-
+-            if (!parseOK) {
+-                debugs(83, DBG_IMPORTANT, HERE <<
+-                       "WARNING! missing imporant field for detail error: " <<  errorName);
+-                return false;
+-            }
+         }// else {only spaces and black lines; just ignore}
+ 
+         buf.consume(size);
+


hooks/post-receive
--
IPFire 2.x development tree

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2013-11-09 13:20 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-11-09 13:20 [git.ipfire.org] IPFire 2.x development tree branch, fifteen, updated. ac14b325e03276f9e17e334b03a3d3129903bac7 git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox