[squid] fixes #751679 - host_strict_verify setting inverted in squid.conf
Jiri Skala
jskala at fedoraproject.org
Mon Nov 7 09:03:18 UTC 2011
commit 356af776841c8904efd06c9edd7ffcc6904ef8d3
Author: Jiri Skala <jskala at redhat.com>
Date: Mon Nov 7 10:03:08 2011 +0100
fixes #751679 - host_strict_verify setting inverted in squid.conf
squid-3.2-11406.patch | 36 ++++++++++++++++++++++++++++++++++++
squid.spec | 7 ++++++-
2 files changed, 42 insertions(+), 1 deletions(-)
---
diff --git a/squid-3.2-11406.patch b/squid-3.2-11406.patch
new file mode 100644
index 0000000..5933463
--- /dev/null
+++ b/squid-3.2-11406.patch
@@ -0,0 +1,36 @@
+------------------------------------------------------------
+revno: 11406
+revision-id: squid3 at treenet.co.nz-20111104233104-1e72yz04iljr8ghp
+parent: squidadm at squid-cache.org-20111029224517-65llf81mr6p4ua6s
+fixes bug(s): http://bugs.squid-cache.org/show_bug.cgi?id=3367
+committer: Amos Jeffries <squid3 at treenet.co.nz>
+branch nick: SQUID_3_2
+timestamp: Fri 2011-11-04 17:31:04 -0600
+message:
+ Bug 3367: fix inverted check on host_strict_verify
+------------------------------------------------------------
+# Bazaar merge directive format 2 (Bazaar 0.90)
+# revision_id: squid3 at treenet.co.nz-20111104233104-1e72yz04iljr8ghp
+# target_branch: http://bzr.squid-cache.org/bzr/squid3/branches\
+# /SQUID_3_2/
+# testament_sha1: 7add7a338726fe9ab5cd3428541ef43c0e2d41dc
+# timestamp: 2011-11-04 23:55:06 +0000
+# source_branch: http://bzr.squid-cache.org/bzr/squid3/branches\
+# /SQUID_3_2
+# base_revision_id: squidadm at squid-cache.org-20111029224517-\
+# 65llf81mr6p4ua6s
+#
+# Begin patch
+=== modified file 'src/client_side_request.cc'
+--- src/client_side_request.cc 2011-10-24 02:31:59 +0000
++++ src/client_side_request.cc 2011-11-04 23:31:04 +0000
+@@ -634,7 +634,7 @@
+ // verify the destination DNS is one of the Host: headers IPs
+ ipcache_nbgethostbyname(host, hostHeaderIpVerifyWrapper, this);
+ }
+- } else if (Config.onoff.hostStrictVerify) {
++ } else if (!Config.onoff.hostStrictVerify) {
+ debugs(85, 3, HERE << "validate skipped.");
+ http->doCallouts();
+ } else if (strlen(host) != strlen(http->request->GetHost())) {
+
diff --git a/squid.spec b/squid.spec
index d41c2cd..af42292 100644
--- a/squid.spec
+++ b/squid.spec
@@ -4,7 +4,7 @@
Name: squid
Version: 3.2.0.13
-Release: 4%{?dist}
+Release: 5%{?dist}
Summary: The Squid proxy caching server
Epoch: 7
# See CREDITS for breakdown of non GPLv2+ code
@@ -26,6 +26,7 @@ Source98: perl-requires-squid.sh
# Upstream patches
#Patch001: http://www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-XXXXX.patch
Patch001: http://www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11383.patch
+Patch002: http://www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11406.patch
# Local patches
# Applying upstream patches first makes it less likely that local patches
@@ -91,6 +92,7 @@ The squid-sysvinit contains SysV initscritps support.
#patch001 -p0
%patch001 -p0
+%patch002 -p0
%patch201 -p1 -b .config
%patch202 -p1 -b .location
@@ -304,6 +306,9 @@ fi
/sbin/chkconfig --add squid >/dev/null 2>&1 || :
%changelog
+* Mon Nov 07 2011 Jiri Skala <jskala at redhat.com> - 7:3.2.0.13-5
+- fixes #751679 - host_strict_verify setting inverted in squid.conf
+
* Thu Nov 03 2011 Jiri Skala <jskala at redhat.com> - 7:3.2.0.13-4
- fixes #750550 - Squid might depend on named
More information about the scm-commits
mailing list