- change MAINTAINER, ports@ -> brad@
- add 2 distribution patches;
squid-2.2.stable5-domain-match.patch
Matching a hostname and a domain name doesn't always work, depending on
leading dots and other edge conditions. Plus, the code for matching in
ACL's worked one way, while the code for matching 'cache_peer_domain' list
worked slighly different.
The patch below makes all host/domain matching operate the same way. It
also changes the rules a bit, so your current configuration probably will
not work the way you want after applying this patch.
- patch was included in the patches dir because of the difference in
relative path in comparison to all the other distribution patches.
squid-2.2.stable5-mkhttpdlogtime-end-of-year.patch = patch-ai
mkhttpdlogtime() generates a date string of the form 31/Dec/1999:23:59:59 +0900.
But when the year changes, the timezone offset will be wrong, for example:
01/Jan/2000:00:00:00 -1500.
do, such as collect form data, generate dynamic page content, or send
and receive cookies.
PHP also has support for talking to other services using protocols
such as IMAP, SNMP, NNTP, POP3, or even HTTP. You can also open raw
network sockets and interact using other protocols.
More information availible at http://www.php.net/
This port is worked by Jakob Schlyter <jakob@openbsd.org>.
PHP, SSI, and RXML. It is designed for the experienced web designer.
WWW: http://bluefish.linuxbox.com/
: ----------------------------------------------------------------------
squid-2.2.stable5-newlines_in_auth.patch
After decoding the base64 encoded "user:password" pair given by the
client, squid doesn't strip out any '\n' found in the resulting
string. Given such a string, any external authenticator will receive two
lines instead of one, and most probably send two results. Now, any
subsequent authentification exchange will have its answer shifted by
one. Therefore, a malicious user can gain access to sites they should not
have access to.
squid-2.2.stable5-ipcache_negative.patch
The IP cache immediately removes entries that should be negatively
cached. This appears to be due to some changes made for retrying failed
connections.
squid-2.2.stable5-no_cache.patch
A missing no_cache list is treated the same as no_cache deny all.
