Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 311927 - net-proxy/squid-3.1.5 bump request
Summary: net-proxy/squid-3.1.5 bump request
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: High enhancement with 1 vote (vote)
Assignee: Gentoo Network Proxy Developers (OBSOLETE)
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-03-29 13:32 UTC by Clemente Aguiar
Modified: 2010-08-07 06:41 UTC (History)
17 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
Proposed ebuild (squid-3.1.1.ebuild,6.66 KB, text/plain)
2010-04-15 13:06 UTC, Cosmin Giradu
Details
Updated squid-${PV}-gentoo.patch (squid-3.1.1-gentoo.patch,12.05 KB, patch)
2010-04-15 13:07 UTC, Cosmin Giradu
Details | Diff
Updated squid-${PV}-qafixes.patch (squid-3.1.1-qafixes.patch,3.00 KB, patch)
2010-04-15 13:08 UTC, Cosmin Giradu
Details | Diff
Updated squid-${PV}-libmd5.patch (squid-3.1.1-libmd5.patch,600 bytes, patch)
2010-04-15 13:09 UTC, Cosmin Giradu
Details | Diff
Updated -gentoo patch for 3.1.3 (squid-3.1.3-gentoo.patch,12.10 KB, patch)
2010-05-02 20:24 UTC, Holger Hoffstätte
Details | Diff
Updated squid-3.1.1.ebuild with some patch references changed from ${P} to ${PN}-3.1.1 (squid-3.1.3.ebuild,6.67 KB, text/plain)
2010-05-16 15:36 UTC, Dirk Tilger
Details
Proposed squid-3.1.5 ebuild (diff) (squid-3.1.5.ebuild.patch,4.20 KB, patch)
2010-07-15 02:04 UTC, Kerin Millar
Details | Diff
squid-3.1.5-gentoo.patch (squid-3.1.5-gentoo.patch,12.06 KB, patch)
2010-07-15 02:05 UTC, Kerin Millar
Details | Diff
squid-3.1.5-qafixes.patch (squid-3.1.5-qafixes.patch,3.00 KB, patch)
2010-07-15 02:07 UTC, Kerin Millar
Details | Diff
squid-3.1.5-libmd5.patch (squid-3.1.5-libmd5.patch,588 bytes, patch)
2010-07-15 02:07 UTC, Kerin Millar
Details | Diff
squid-3.1.5-errorstate-leak-fix.patch (squid-3.1.5-errorstate-leak-fix.patch,550 bytes, patch)
2010-07-15 02:08 UTC, Kerin Millar
Details | Diff
squid-3.1.5-range-leak-fix-1.patch (squid-3.1.5-range-leak-fix-1.patch,1.51 KB, patch)
2010-07-15 02:08 UTC, Kerin Millar
Details | Diff
squid-3.1.5-range-leak-fix-2.patch (squid-3.1.5-range-leak-fix-2.patch,793 bytes, patch)
2010-07-15 02:09 UTC, Kerin Millar
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Clemente Aguiar 2010-03-29 13:32:21 UTC
Squid-3.1.1 has been released
http://www.squid-cache.org/Versions/v3/3.1/RELEASENOTES.html

Reproducible: Always
Comment 1 Cosmin Giradu 2010-04-15 13:06:55 UTC
Created attachment 227901 [details]
Proposed ebuild
Comment 2 Cosmin Giradu 2010-04-15 13:07:48 UTC
Created attachment 227903 [details, diff]
Updated squid-${PV}-gentoo.patch
Comment 3 Cosmin Giradu 2010-04-15 13:08:32 UTC
Created attachment 227905 [details, diff]
Updated squid-${PV}-qafixes.patch
Comment 4 Cosmin Giradu 2010-04-15 13:09:55 UTC
Created attachment 227907 [details, diff]
Updated squid-${PV}-libmd5.patch

It's actually the same as squid-3.1.0.15_beta-libmd5.patch. Just renamed it to match squid version
Comment 5 Cosmin Giradu 2010-04-15 13:13:25 UTC
Current status is obviously "works for me" :)
Comment 6 Nebojsa Trpkovic 2010-04-22 01:55:37 UTC
maybe it will help if we vote... :)
Comment 7 Holger Hoffstätte 2010-04-24 13:47:01 UTC
+1 "works for me"
Comment 8 Holger Hoffstätte 2010-05-02 20:24:33 UTC
Created attachment 230083 [details, diff]
Updated -gentoo patch for 3.1.3

3.1.3 was released and the -gentoo patch required a small fix. The other patches can simply be renamed.
Comment 9 Nebojsa Trpkovic 2010-05-11 01:50:32 UTC
summary should be changed to 

net-proxy/squid-3.1.3 bump request

to avoid missinterpretation
Comment 10 Kerin Millar 2010-05-11 04:34:09 UTC
In testing squid-3.1.3, I encountered the following during the src_prepare() phase:

  Fixing configure recursion
  bootstrap.sh: line 158: ed: command not found

It's easy to overlook because it is not treated as a fatal error. Consequently, sys-apps/ed should be added to DEPEND. This issue may apply to previous versions as well.
Comment 11 Blu3 2010-05-11 14:39:33 UTC
IMO, the -gentoo.patch file should update the bootstrap.sh file instead of adding an additional dependency of installing more software for the sake of a -very- tiny edit.  i.e. the applicable section reads:

# Fixup autoconf recursion using --silent/--quiet option
# autoconf should inherit this option whe recursing into subdirectories
# but it currently doesn't for some reason.
if ! grep  "configure_args --quiet" configure >/dev/null; then
echo "Fixing configure recursion"
ed -s configure <<'EOS' >/dev/null || true
/ac_sub_configure_args=/
+1
i   
  # Add --quiet option if used
  test "$silent" = yes &&
    ac_sub_configure_args="$ac_sub_configure_args --quiet"
.
w
EOS
fi
Comment 12 Cosmin Giradu 2010-05-11 15:04:25 UTC
(In reply to comment #11)
> IMO, the -gentoo.patch file should update the bootstrap.sh file instead of
> adding an additional dependency of installing more software for the sake of a
> -very- tiny edit.

I was thinking the same thing. On the other hand that piece of code fails (almost) silently so why should we bother with it?
Comment 13 Dirk Tilger 2010-05-16 15:36:47 UTC
Created attachment 231689 [details]
Updated squid-3.1.1.ebuild with some patch references changed from ${P} to ${PN}-3.1.1
Comment 14 Dirk Tilger 2010-05-16 15:38:29 UTC
Motivation for upgrading in my case was that squid-3.1 now supports IPv6.
Comment 15 Maxim Britov 2010-06-03 10:07:13 UTC
Squid 3.1.4 Released on 30 May 2010.
http://www.squid-cache.org/Versions/v3/3.1/changesets/SQUID_3_1_4.html

Is squid really needs none optional berkdb? I found only external session requires it? I'm wrong?
Comment 16 Jan Psota 2010-06-15 22:28:18 UTC
(In reply to comment #15)
> Squid 3.1.4 Released on 30 May 2010.
> http://www.squid-cache.org/Versions/v3/3.1/changesets/SQUID_3_1_4.html
> 
net-proxy/squid-3.1.4.ebuild and updated patches in 'jasiu' overlay :-)

Thanks to all of you!
Comment 17 xiando 2010-06-17 00:46:11 UTC
go go jasiu overlay. it'd be great if the ebuild would get into portage, the ebuild for squid there are really old. it should also be noted that 3.1.x is needed to have support for this fancy new 10+ years old thing called ipv6.

Bug #304751 could be closed as duplicate of this bug(?).
Comment 18 Kerin Millar 2010-06-17 01:46:06 UTC
Re: Comment 17 ... Bug 304751 should have been assigned to security as I have now done so. It may not be closed until such time as it has been addressed, in accordance with the vulnerability policy.

On another note, squid-3.1.4 is available.
Comment 19 Brian De Wolf 2010-07-01 00:08:02 UTC
I was looking at the ebuild in the jasiu overlay and was looking at the last hunk in the qa fixes patch:
http://gitorious.org/jasiu/jasiu/blobs/master/net-proxy/squid/files/squid-3.1.4-qafixes.patch

If you look at the patch in previous versions, the original file has changed.  Indeed, it changed in this commit:
http://bazaar.launchpad.net/~squid/squid/3.1/revision/9828#src/forward.cc

When I tested the patch without that hunk the build succeeded without errors.  If it is indeed not fixed, upstream should be engaged again to repair it, otherwise this patch hunk is not necessary.

Other than that, looks great, and I can't wait for it to hit portage. (Removal of the old 3.1 beta ebuilds and the global mask on all squid-3.1* ebuilds will be nice too)
Comment 20 Maxim Britov 2010-07-05 13:14:51 UTC
Squid 3.1.5 Released on 01 July 2010.
http://www.squid-cache.org/Versions/v3/3.1/changesets/SQUID_3_1_5.html
Comment 21 Markos Chandras (RETIRED) gentoo-dev 2010-07-11 10:04:18 UTC
*** Bug 304751 has been marked as a duplicate of this bug. ***
Comment 22 Maxim Britov 2010-07-12 07:44:56 UTC
I had squid 2.7.x and 3.1.x only (not 3.0.x)
Squid 3.1.1-3.1.5 eats all my ram and all my swap. Squid 2.7.x was fine.
Issue http://bugs.squid-cache.org/show_bug.cgi?id=2927
Comment 23 Kerin Millar 2010-07-15 02:04:40 UTC
Created attachment 238797 [details, diff]
Proposed squid-3.1.5 ebuild (diff)

This is a patch against the last committed ebuild in the mainline tree (3.1.0.15_beta-r1). It is presented as such because I think it is then easier for a developer to review the changes, which are as folllows:

* Update to 3.1.5
* Use declarative patches
* Define pkg_pretend phase for coss check, while retaining compatibility
  with < EAPI-4
* Don't use echo in pkg_postinst (elog doesn't necessarily go to the console)
* Use default phase functions in src_prepare and src_install
* Add 3 upstream patches to fix memory leaks
Comment 24 Kerin Millar 2010-07-15 02:05:56 UTC
Created attachment 238799 [details, diff]
squid-3.1.5-gentoo.patch
Comment 25 Kerin Millar 2010-07-15 02:07:10 UTC
Created attachment 238801 [details, diff]
squid-3.1.5-qafixes.patch
Comment 26 Kerin Millar 2010-07-15 02:07:45 UTC
Created attachment 238803 [details, diff]
squid-3.1.5-libmd5.patch
Comment 27 Kerin Millar 2010-07-15 02:08:28 UTC
Created attachment 238805 [details, diff]
squid-3.1.5-errorstate-leak-fix.patch
Comment 28 Kerin Millar 2010-07-15 02:08:59 UTC
Created attachment 238807 [details, diff]
squid-3.1.5-range-leak-fix-1.patch

Backported by myself - test please!
Comment 29 Kerin Millar 2010-07-15 02:09:25 UTC
Created attachment 238809 [details, diff]
squid-3.1.5-range-leak-fix-2.patch
Comment 31 esc 2010-08-04 06:19:24 UTC
Some issues to note as currently known in this release which are not able to be fixed in the 3.1 series are:

    * The lack of some features available in Squid-2.x series. See the regression sections below for full details.
    * IPv6 split-stack support for Windows XP, MacOS X, OpenBSD and maybe others is not complete.
    * CVE-2009-0801 : NAT interception vulnerability to malicious clients.

Currently known issues which only depends on available developer time and may still be resolved in a future 3.1 release are:

    * An ongoing slow FD leak introduced somewhere during the Squid-3.0 cycle.
    * Windows support is still largely missing.
    * AIX support for building with the IBM compiler is broken.

(c) www.squid-cache.org
Comment 32 Kerin Millar 2010-08-04 11:17:44 UTC
Thanks for the information, esc. Whatever its deficiences may be, it would still obviously be in the broader public interest to get it updated in gentoo. If it has to stay ~arch then so be it. squid-2.7.x remains eligible to be bumped also and - between them - the outstanding security bugs could be closed.
Comment 33 Holger Hoffstätte 2010-08-04 11:22:57 UTC
3.1.5 works fine for me (arguably only lightly loaded home server) with no apparent leaks, but 3.1.6 has new issues with mixed IPv4/6 handling, and a new bug with --disable-ipv6. I have a patch that I'll test and will report here.
Comment 34 Krzysztof Olędzki 2010-08-04 11:31:25 UTC
(In reply to comment #32)
> Thanks for the information, esc. Whatever its deficiences may be, it would
> still obviously be in the broader public interest to get it updated in gentoo.
> If it has to stay ~arch then so be it. squid-2.7.x remains eligible to be
> bumped also and - between them - the outstanding security bugs could be closed.
> 

Yes, please also bump 2.7 as there are still several features only avaliable in that branch. For example: collapsed_forwarding refresh_pattern/negative-ttl=, etc.
Comment 35 Holger Hoffstätte 2010-08-04 11:58:52 UTC
(In reply to comment #33)
> 3.1.6 has new issues with mixed IPv4/6 handling, and a new bug with
> --disable-ipv6. I have a patch that I'll test and will report here.

Did not help, so +1 for an intermediate 3.1.5 and the fixes attached to this bug.
Comment 36 Kerin Millar 2010-08-04 12:26:30 UTC
(In reply to comment #33)
> 3.1.5 works fine for me (arguably only lightly loaded home server) with no
> apparent leaks, but 3.1.6 has new issues with mixed IPv4/6 handling, and a new
> bug with --disable-ipv6. I have a patch that I'll test and will report here.
> 

Anecdotally, it works well here in two environments (In reply to comment #35)
> (In reply to comment #33)
> > 3.1.6 has new issues with mixed IPv4/6 handling, and a new bug with
> > --disable-ipv6. I have a patch that I'll test and will report here.
> 
> Did not help, so +1 for an intermediate 3.1.5 and the fixes attached to this
> bug.
> 

+1 also.
Comment 37 Matus UHLAR - fantomas 2010-08-06 13:04:33 UTC
the 3.1.6 is available singe Aug 02, please update
Comment 38 Kerin Millar 2010-08-06 16:44:18 UTC
(In reply to comment #37)
> the 3.1.6 is available singe Aug 02, please update

Please read Comment 33. There is little benefit in using squid-3.1.6 at this time because it has additional bugs and the most important patches are already included in the attached 3.1.5 ebuild. However, I'll review it soon, just in case I've missed anything.

Comment 39 Alin Năstac (RETIRED) gentoo-dev 2010-08-07 06:41:32 UTC
squid-3.1.6 is now in the tree, with sys-apps/ed added to its DEPEND. From where I stand, it doesn't make sense to ignore a newer version. If something is wrong in 3.1.6, please open a new bug and attach patches for these new issues.

Some parts of leak fixes patches are already merged by upstream while others cannot be applied (I presume because upstream has chosen different solutions for them).