From nobody@FreeBSD.org  Thu Mar 14 08:30:19 2013
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1])
	by hub.freebsd.org (Postfix) with ESMTP id CF54DD44
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 14 Mar 2013 08:30:19 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22])
	by mx1.freebsd.org (Postfix) with ESMTP id BFAD7B3C
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 14 Mar 2013 08:30:19 +0000 (UTC)
Received: from red.freebsd.org (localhost [127.0.0.1])
	by red.freebsd.org (8.14.5/8.14.5) with ESMTP id r2E8UI39094434
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 14 Mar 2013 08:30:18 GMT
	(envelope-from nobody@red.freebsd.org)
Received: (from nobody@localhost)
	by red.freebsd.org (8.14.5/8.14.5/Submit) id r2E8UIfU094433;
	Thu, 14 Mar 2013 08:30:18 GMT
	(envelope-from nobody)
Message-Id: <201303140830.r2E8UIfU094433@red.freebsd.org>
Date: Thu, 14 Mar 2013 08:30:18 GMT
From: Oleg Strizhak <oleg@pcbtech.ru>
To: freebsd-gnats-submit@FreeBSD.org
Subject: www/squid32 failed to start because of hard-coded acl with ::1
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         176951
>Category:       ports
>Synopsis:       www/squid32 failed to start because of hard-coded acl with ::1
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    tmseck
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Thu Mar 14 08:40:00 UTC 2013
>Closed-Date:    
>Last-Modified:  Wed May  1 18:40:00 UTC 2013
>Originator:     Oleg Strizhak
>Release:        8.3, 9.x
>Organization:
>Environment:
FreeBSD XXX 8.3-RELEASE-p6 FreeBSD 8.3-RELEASE-p6 #0: Wed Mar 13 21:33:49 MSK 2013     support_@yyy.pcbtech.ru:/usr/obj/usr/src/sys/ZZZ  i386
>Description:
lately I discovered a bug in squid 3.2 config, that leads to the following errors if it tries to start:

> aclIpParseIpData: Bad host/IP: '::1' in '::1', flags=0 : (8) hostname nor servname provided, or not known
> FATAL: Bungled Default Configuration line 6: acl localhost src 127.0.0.1/32 ::1
> Squid Cache (Version 3.2.8): Terminated abnormally.
> CPU Usage: 0.036 seconds = 0.036 user + 0.000 sys
> Maximum Resident Size: 9964 KB
> Page faults with physical i/o: 0
> /usr/local/etc/rc.d/squid: WARNING: failed to start squid

I've made a simple patch, and ask you to consider its addition into the official ports tree. The patch file inself (to be placed in files/ dir) + diff for Makefile are attached. 
>How-To-Repeat:
just recompile and restart squid on the host with disabled in kernel IPV6. There'are reports that error occured even if IPV6 is not initialized, but I don't know it exactly because I'm usually disabling it in my custom kernels.
>Fix:
place attached file in /usr/ports/www/squid32/files/ subfolder + patch the Makefile in the following way:

--- Makefile    2013-03-14 11:47:37.000000000 +0400
+++ Makefile.orig       2013-03-07 17:01:18.000000000 +0400
@@ -363,7 +363,6 @@

 .if empty(PORT_OPTIONS:MIPV6) || defined(WITHOUT_IPV6)
 CONFIGURE_ARGS+=       --disable-ipv6
-EXTRA_PATCHES+=                ${PATCHDIR}/extra-patch-src-cf.data.ipv6
 .endif
 .if ${PORT_OPTIONS:MDELAY_POOLS}
 CONFIGURE_ARGS+=       --enable-delay-pools

Patch attached with submission follows:

--- src/cf.data.pre.orig.ipv6     2013-03-02 05:46:03.000000000 +0400
+++ src/cf.data.pre   2013-03-14 11:43:37.915710501 +0400
@@ -733,8 +733,8 @@
 LOC: Config.aclList
 DEFAULT: all src all
 DEFAULT: manager url_regex -i ^cache_object:// +i ^https?://[^/]+/squid-internal-mgr/
-DEFAULT: localhost src 127.0.0.1/32 ::1
-DEFAULT: to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
+DEFAULT: localhost src 127.0.0.1/32
+DEFAULT: to_localhost dst 127.0.0.0/8 0.0.0.0/32
 DEFAULT_DOC: ACLs all, manager, localhost, and to_localhost are predefined.
 DOC_START
        Defining an Access List


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->tmseck 
Responsible-Changed-By: edwin 
Responsible-Changed-When: Thu Mar 14 08:40:08 UTC 2013 
Responsible-Changed-Why:  
Over to maintainer (via the GNATS Auto Assign Tool) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=176951 

From: Oleg Strizhak <oleg@pcbtech.ru>
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/176951: www/squid32 failed to start because of hard-coded
 acl with ::1
Date: Thu, 14 Mar 2013 16:08:46 +0400

 p.s. just checked squid-3.2.9: quite the same error & remedy

From: Thomas-Martin Seck <tmseck@FreeBSD.org>
To: Oleg Strizhak <oleg@pcbtech.ru>
Cc: bug-followup@freebsd.org
Subject: Re: ports/176951: www/squid32 failed to start because of hard-coded acl with ::1
Date: Thu, 14 Mar 2013 19:44:57 +0100

 * Oleg Strizhak (oleg@pcbtech.ru):
 
 >  p.s. just checked squid-3.2.9: quite the same error & remedy
 
 Thank you for the report and fix -- could you report this to the Squid
 folks, too?
 
 Best regards,
 -- 
 Thomas-Martin Seck

From: Oleg Strizhak <oleg@pcbtech.ru>
To: Thomas-Martin Seck <tmseck@freebsd.org>
Cc: bug-followup@freebsd.org
Subject: Re: ports/176951: www/squid32 failed to start because of hard-coded
 acl with ::1
Date: Thu, 14 Mar 2013 22:56:47 +0400

 On 14 Март 2013 г. 22:44:57, Thomas-Martin Seck wrote:
 > * Oleg Strizhak (oleg@pcbtech.ru):
 >
 >>   p.s. just checked squid-3.2.9: quite the same error & remedy
 >
 > Thank you for the report and fix -- could you report this to the Squid
 > folks, too?
 
 First of all, it seems to me that the case is quite FreeBSD 
 ports-related, isn't it? And the second, I unfortunately didn't 
 subscribed to any squid maillist. Please, do if you're subscribed.
 
 That's quite easy, don't mention it
 
 WBR,
 Oleg

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/176951: commit references a PR
Date: Wed,  1 May 2013 18:33:37 +0000 (UTC)

 Author: tmseck
 Date: Wed May  1 18:33:28 2013
 New Revision: 317041
 URL: http://svnweb.freebsd.org/changeset/ports/317041
 
 Log:
   - Update to 3.2.11
   - Add a patch to correct the default "localhost" ACL in squid.conf for
     IPv4-only systems [1]
   
   PR:		ports/176951 [1]
   Submitted by:	Oleg Strizhak
   Approved by:	crees (mentor)
 
 Added:
   head/www/squid32/files/extra-patch-src-cf.data.pre.noipv6   (contents, props changed)
 Deleted:
   head/www/squid32/files/patch-helpers-basic_auth-LDAP-config.test
   head/www/squid32/files/patch-helpers-basic_auth-SASL-config.test
   head/www/squid32/files/patch-helpers-external_acl-LDAP_group-config.test
 Modified:
   head/www/squid32/Makefile
   head/www/squid32/distinfo
   head/www/squid32/files/squid.in
 
 Modified: head/www/squid32/Makefile
 ==============================================================================
 --- head/www/squid32/Makefile	Wed May  1 18:33:16 2013	(r317040)
 +++ head/www/squid32/Makefile	Wed May  1 18:33:28 2013	(r317041)
 @@ -76,7 +76,7 @@ LICENSE_FILE=	${WRKSRC}/COPYING
  
  LATEST_LINK=	squid32
  
 -SQUID_STABLE_VER=	9
 +SQUID_STABLE_VER=	11
  
  CONFLICTS_INSTALL=	squid-2.[0-9].* squid-3.[!2].* cacheboy-[0-9]* lusca-head-[0-9]*
  GNU_CONFIGURE=	yes
 @@ -119,7 +119,6 @@ HTCP_DESC=	Enable HTCP support
  ICAP_DESC=	Enable the ICAP client
  ICMP_DESC=	Enable ICMP pinging and network measurement
  IDENT_DESC=	Enable Ident lookups (RFC 931)
 -IPV6_DESC=	Enable IPv6 support
  KQUEUE_DESC=	Enable kqueue(2) support
  LARGEFILE_DESC=	Support large (>2GB) cache and log files
  SNMP_DESC=	Enable SNMP support
 @@ -134,7 +133,7 @@ VIA_DB_DESC=	Enable Forward/Via database
  WCCPV2_DESC=	Enable Web Cache Coordination Protocol v2
  WCCP_DESC=	Enable Web Cache Coordination Protocol
  
 -OPTIONS_DEFAULT=	AUTH_KERB AUTH_NIS FS_AUFS HTCP IDENT IPV6 KQUEUE \
 +OPTIONS_DEFAULT=	AUTH_KERB AUTH_NIS FS_AUFS HTCP IDENT KQUEUE \
  			SNMP WCCP WCCPV2
  
  etc_files=	squid/cachemgr.conf.default \
 @@ -364,6 +363,7 @@ libexec+=	url_fake_rewrite url_fake_rewr
  
  .if empty(PORT_OPTIONS:MIPV6) || defined(WITHOUT_IPV6)
  CONFIGURE_ARGS+=	--disable-ipv6
 +EXTRA_PATCHES+=	${PATCHDIR}/extra-patch-src-cf.data.pre.noipv6
  .endif
  .if ${PORT_OPTIONS:MDELAY_POOLS}
  CONFIGURE_ARGS+=	--enable-delay-pools
 
 Modified: head/www/squid32/distinfo
 ==============================================================================
 --- head/www/squid32/distinfo	Wed May  1 18:33:16 2013	(r317040)
 +++ head/www/squid32/distinfo	Wed May  1 18:33:28 2013	(r317041)
 @@ -1,2 +1,2 @@
 -SHA256 (squid3.2/squid-3.2.9.tar.bz2) = 82d3d4cecfa4379b5197026198e34870a26977e6f6b175f5257241a3075767e6
 -SIZE (squid3.2/squid-3.2.9.tar.bz2) = 2897511
 +SHA256 (squid3.2/squid-3.2.11.tar.bz2) = 5d5a140e9b72753e6efe467cfa3c56d4db8ba6a8313beeca25145d34ddcadc49
 +SIZE (squid3.2/squid-3.2.11.tar.bz2) = 2897354
 
 Added: head/www/squid32/files/extra-patch-src-cf.data.pre.noipv6
 ==============================================================================
 --- /dev/null	00:00:00 1970	(empty, because file is newly added)
 +++ head/www/squid32/files/extra-patch-src-cf.data.pre.noipv6	Wed May  1 18:33:28 2013	(r317041)
 @@ -0,0 +1,26 @@
 +--- src/cf.data.pre.orig	2013-04-27 05:07:29.000000000 +0200
 ++++ src/cf.data.pre	2013-04-28 21:30:23.000000000 +0200
 +@@ -733,8 +733,8 @@
 + LOC: Config.aclList
 + DEFAULT: all src all
 + DEFAULT: manager url_regex -i ^cache_object:// +i ^https?://[^/]+/squid-internal-mgr/
 +-DEFAULT: localhost src 127.0.0.1/32 ::1
 +-DEFAULT: to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
 ++DEFAULT: localhost src 127.0.0.1/32
 ++DEFAULT: to_localhost dst 127.0.0.0/8 0.0.0.0/32
 + DEFAULT_DOC: ACLs all, manager, localhost, and to_localhost are predefined.
 + DOC_START
 + 	Defining an Access List
 +--- src/cf.data.pre.orig	2013-04-27 05:07:29.000000000 +0200
 ++++ src/cf.data.pre	2013-04-28 21:30:23.000000000 +0200
 +@@ -733,8 +733,8 @@
 + LOC: Config.aclList
 + DEFAULT: all src all
 + DEFAULT: manager url_regex -i ^cache_object:// +i ^https?://[^/]+/squid-internal-mgr/
 +-DEFAULT: localhost src 127.0.0.1/32 ::1
 +-DEFAULT: to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
 ++DEFAULT: localhost src 127.0.0.1/32
 ++DEFAULT: to_localhost dst 127.0.0.0/8 0.0.0.0/32
 + DEFAULT_DOC: ACLs all, manager, localhost, and to_localhost are predefined.
 + DOC_START
 + 	Defining an Access List
 
 Modified: head/www/squid32/files/squid.in
 ==============================================================================
 --- head/www/squid32/files/squid.in	Wed May  1 18:33:16 2013	(r317040)
 +++ head/www/squid32/files/squid.in	Wed May  1 18:33:28 2013	(r317041)
 @@ -54,6 +54,11 @@ load_rc_config ${name}
  : ${squid_user:=squid}
  
  command=%%PREFIX%%/sbin/squid
 +
 +# Make sure that we invoke squid with "-f ${squid_conf}"; define this
 +# variable early so reload_cmd and stop_precmd pick it up:
 +
 +command_args="-f ${squid_conf}"
  extra_commands=reload
  reload_cmd="${command} ${command_args} ${squid_flags} -k reconfigure"
  start_precmd=squid_setfib
 @@ -70,10 +75,6 @@ required_dirs=${squid_chdir}
  
  required_files=${squid_conf}
  
 -# Now make sure that we invoke squid with "-f ${squid_conf}":
 -
 -command_args="-f ${squid_conf}"
 -
  squid_setfib()
  {
  	if command -v check_namevarlist > /dev/null 2>&1; then
 _______________________________________________
 svn-ports-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-ports-all
 To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"
 
>Unformatted:
