diff --git a/net/tinyproxy/Makefile b/net/tinyproxy/Makefile index 7400ac9de..1b5f83ef2 100644 --- a/net/tinyproxy/Makefile +++ b/net/tinyproxy/Makefile @@ -8,17 +8,20 @@ include $(TOPDIR)/rules.mk PKG_NAME:=tinyproxy -PKG_VERSION:=1.8.3 -PKG_RELEASE:=3 +PKG_VERSION:=1.10.0 +PKG_RELEASE:=1 -PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 -PKG_SOURCE_URL:=http://www.banu.com/pub/tinyproxy/1.8/ -PKG_HASH:=be559b54eb4772a703ad35239d1cb59d32f7cf8a739966742622d57df88b896e -PKG_MAINTAINER:=Jo-Philipp Wich +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz +PKG_SOURCE_URL:=https://github.com/tinyproxy/tinyproxy/releases/download/$(PKG_VERSION) +PKG_HASH:=59be87689c415ba0d9c9bc6babbdd3df3b372d60b21e526b118d722dbc995682 +PKG_MAINTAINER:=Jo-Philipp Wich +PKG_LICENSE:=GPL-2.0-or-later +PKG_LICENSE_FILES:=COPYING PKG_CPE_ID:=cpe:/a:banu:tinyproxy PKG_INSTALL:=1 +PKG_BUILD_PARALLEL:=1 include $(INCLUDE_DIR)/package.mk @@ -27,21 +30,18 @@ define Package/tinyproxy SECTION:=net CATEGORY:=Network TITLE:=Tinyproxy is a lightweight HTTP and HTTPS proxy - URL:=http://tinyproxy.sourceforge.net/ + URL:=https://tinyproxy.github.io/ endef define Package/tinyproxy/conffiles /etc/config/tinyproxy endef -CONFIGURE_ARGS+= \ - --enable-filter \ - --enable-transparent \ - --disable-regexcheck \ +CONFIGURE_VARS += ac_cv_path_A2X=no define Package/tinyproxy/install - $(INSTALL_DIR) $(1)/usr/sbin - $(CP) $(PKG_INSTALL_DIR)/usr/sbin/tinyproxy $(1)/usr/sbin/ + $(INSTALL_DIR) $(1)/usr/bin + $(CP) $(PKG_INSTALL_DIR)/usr/bin/tinyproxy $(1)/usr/bin/ $(INSTALL_DIR) $(1)/usr/share/tinyproxy $(CP) $(PKG_INSTALL_DIR)/usr/share/tinyproxy/*.html $(1)/usr/share/tinyproxy/ $(INSTALL_DIR) $(1)/etc/config diff --git a/net/tinyproxy/files/tinyproxy.init b/net/tinyproxy/files/tinyproxy.init index 046783073..3c1a48fc5 100644 --- a/net/tinyproxy/files/tinyproxy.init +++ b/net/tinyproxy/files/tinyproxy.init @@ -6,8 +6,9 @@ START=50 CFGFILE=/var/etc/tinyproxy.conf section_enabled() { + local enabled config_get_bool enabled "$1" 'enabled' 0 - [ $enabled -gt 0 ] + [ "$enabled" -gt 0 ] } start() { @@ -22,55 +23,58 @@ stop() { start_proxy() { section_enabled "$1" || return 1 - mkdir -m0755 -p /var/etc - echo '### AUTOGENERATED CONFIGURATION' > $CFGFILE - echo '### DO NOT EDIT' >> $CFGFILE - echo '### SEE /etc/config/tinyproxy INSTEAD' >> $CFGFILE - echo '' >> $CFGFILE + mkdir -p /var/etc + chmod 0755 /var/etc + { + echo '### AUTOGENERATED CONFIGURATION' + echo '### DO NOT EDIT' + echo '### SEE /etc/config/tinyproxy INSTEAD' + echo '' - proxy_atom "$1" User >> $CFGFILE - proxy_atom "$1" Group >> $CFGFILE - proxy_atom "$1" Port 8888 >> $CFGFILE - proxy_atom "$1" Listen >> $CFGFILE - proxy_atom "$1" Bind >> $CFGFILE - proxy_atom "$1" Timeout >> $CFGFILE + proxy_atom "$1" User + proxy_atom "$1" Group + proxy_atom "$1" Port 8888 + proxy_atom "$1" Listen + proxy_atom "$1" Bind + proxy_atom "$1" Timeout - proxy_string "$1" ErrorFile_400 "ErrorFile 400" >> $CFGFILE - proxy_string "$1" ErrorFile_403 "ErrorFile 403" >> $CFGFILE - proxy_string "$1" ErrorFile_404 "ErrorFile 404" >> $CFGFILE - proxy_string "$1" ErrorFile_408 "ErrorFile 408" >> $CFGFILE - proxy_string "$1" ErrorFile_503 "ErrorFile 503" >> $CFGFILE + proxy_string "$1" ErrorFile_400 "ErrorFile 400" + proxy_string "$1" ErrorFile_403 "ErrorFile 403" + proxy_string "$1" ErrorFile_404 "ErrorFile 404" + proxy_string "$1" ErrorFile_408 "ErrorFile 408" + proxy_string "$1" ErrorFile_503 "ErrorFile 503" - proxy_string "$1" DefaultErrorFile >> $CFGFILE - proxy_string "$1" StatHost StatHost 127.0.0.1 >> $CFGFILE - proxy_string "$1" StatFile >> $CFGFILE - proxy_string "$1" LogFile >> $CFGFILE + proxy_string "$1" DefaultErrorFile + proxy_string "$1" StatHost StatHost 127.0.0.1 + proxy_string "$1" StatFile + proxy_string "$1" LogFile - proxy_flag "$1" Syslog >> $CFGFILE + proxy_flag "$1" Syslog - proxy_atom "$1" LogLevel >> $CFGFILE + proxy_atom "$1" LogLevel - proxy_flag "$1" XTinyproxy >> $CFGFILE + proxy_flag "$1" XTinyproxy - proxy_atom "$1" MaxClients >> $CFGFILE - proxy_atom "$1" MinSpareServers >> $CFGFILE - proxy_atom "$1" MaxSpareServers >> $CFGFILE - proxy_atom "$1" StartServers >> $CFGFILE - proxy_atom "$1" MaxRequestsPerChild >> $CFGFILE - proxy_list "$1" Allow >> $CFGFILE + proxy_atom "$1" MaxClients + proxy_atom "$1" MinSpareServers + proxy_atom "$1" MaxSpareServers + proxy_atom "$1" StartServers + proxy_atom "$1" MaxRequestsPerChild + proxy_list "$1" Allow - proxy_string "$1" ViaProxyName >> $CFGFILE - proxy_string "$1" Filter >> $CFGFILE + proxy_string "$1" ViaProxyName + proxy_string "$1" Filter - proxy_flag "$1" FilterURLs >> $CFGFILE - proxy_flag "$1" FilterExtended >> $CFGFILE - proxy_flag "$1" FilterCaseSensitive >> $CFGFILE - proxy_flag "$1" FilterDefaultDeny Yes No >> $CFGFILE + proxy_flag "$1" FilterURLs + proxy_flag "$1" FilterExtended + proxy_flag "$1" FilterCaseSensitive + proxy_flag "$1" FilterDefaultDeny Yes No - proxy_list "$1" Anonymous '"' >> $CFGFILE - proxy_list "$1" ConnectPort >> $CFGFILE + proxy_list "$1" Anonymous '"' + proxy_list "$1" ConnectPort config_foreach write_upstream upstream + } > "$CFGFILE" service_start /usr/sbin/tinyproxy -c "$CFGFILE" } @@ -85,11 +89,11 @@ write_upstream() { config_get target "$1" target [ -n "$target" ] && target=' "'"$target"'"' - [ "$type" == "proxy" -a -n "$via" ] && \ - echo "upstream $via$target" >> $CFGFILE + [ "$type" = "proxy" ] && [ -n "$via" ] && \ + echo "upstream $via$target" - [ "$type" == "reject" -a -n "$target" ] && \ - echo "no upstream$target" >> $CFGFILE + [ "$type" = "reject" ] && [ -n "$target" ] && \ + echo "no upstream$target" } proxy_atom() { @@ -111,9 +115,9 @@ proxy_string() { config_get _value "$SECTION" "$OPTION" [ -z "$_value" ] && _value="$DEFAULT" [ -n "$_value" ] && echo "${ALIAS:-${OPTION}} "'"'"$_value"'"' - [ -n "$_value" -a "$OPTION" = "LogFile" ] && { - touch $_value - chmod 666 $_value + [ -n "$_value" ] && [ "$OPTION" = "LogFile" ] && { + touch "$_value" + chmod 666 "$_value" } } diff --git a/net/tinyproxy/patches/010-no-docs-and-tests.patch b/net/tinyproxy/patches/010-no-docs-and-tests.patch deleted file mode 100644 index cbb0dd196..000000000 --- a/net/tinyproxy/patches/010-no-docs-and-tests.patch +++ /dev/null @@ -1,86 +0,0 @@ ---- a/configure -+++ b/configure -@@ -6815,59 +6815,8 @@ fi - - - --# Check for asciidoc --# Extract the first word of "a2x", so it can be a program name with args. --set dummy a2x; ac_word=$2 --{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 --$as_echo_n "checking for $ac_word... " >&6; } --if test "${ac_cv_path_A2X+set}" = set; then : -- $as_echo_n "(cached) " >&6 --else -- case $A2X in -- [\\/]* | ?:[\\/]*) -- ac_cv_path_A2X="$A2X" # Let the user override the test with a path. -- ;; -- *) -- as_save_IFS=$IFS; IFS=$PATH_SEPARATOR --for as_dir in $PATH --do -- IFS=$as_save_IFS -- test -z "$as_dir" && as_dir=. -- for ac_exec_ext in '' $ac_executable_extensions; do -- if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then -- ac_cv_path_A2X="$as_dir/$ac_word$ac_exec_ext" -- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 -- break 2 -- fi --done -- done --IFS=$as_save_IFS -- -- test -z "$ac_cv_path_A2X" && ac_cv_path_A2X="no" -- ;; --esac --fi --A2X=$ac_cv_path_A2X --if test -n "$A2X"; then -- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $A2X" >&5 --$as_echo "$A2X" >&6; } --else -- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 --$as_echo "no" >&6; } --fi -- -- -- if test "x$A2X" != "xno"; then -- HAVE_A2X_TRUE= -- HAVE_A2X_FALSE='#' --else - HAVE_A2X_TRUE='#' - HAVE_A2X_FALSE= --fi -- --if test x"$A2X" = x"no"; then -- as_fn_error $? "Test for asciidoc failed. See the file 'INSTALL' for help." "$LINENO" 5 --fi - - ac_config_files="$ac_config_files Makefile src/Makefile data/Makefile data/templates/Makefile etc/Makefile docs/Makefile docs/man5/Makefile docs/man5/tinyproxy.conf.txt docs/man8/Makefile docs/man8/tinyproxy.txt m4macros/Makefile tests/Makefile tests/scripts/Makefile" - ---- a/Makefile.am -+++ b/Makefile.am -@@ -2,9 +2,7 @@ SUBDIRS = \ - src \ - data \ - etc \ -- docs \ - m4macros \ -- tests - - # tools want this on a single line - ACLOCAL_AMFLAGS = -I m4macros ---- a/Makefile.in -+++ b/Makefile.in -@@ -222,9 +222,7 @@ SUBDIRS = \ - src \ - data \ - etc \ -- docs \ - m4macros \ -- tests - - - # tools want this on a single line diff --git a/net/tinyproxy/patches/020-config_and_pid-path.patch b/net/tinyproxy/patches/020-config_and_pid-path.patch index 3ab7482a4..839f5fb89 100644 --- a/net/tinyproxy/patches/020-config_and_pid-path.patch +++ b/net/tinyproxy/patches/020-config_and_pid-path.patch @@ -1,13 +1,20 @@ ---- a/src/main.c -+++ b/src/main.c -@@ -326,8 +326,8 @@ static void initialize_config_defaults ( - conf->errorpages = NULL; - conf->stathost = safestrdup (TINYPROXY_STATHOST); - conf->idletimeout = MAX_IDLE_TIME; -- conf->logf_name = safestrdup (LOCALSTATEDIR "/log/tinyproxy/tinyproxy.log"); -- conf->pidpath = safestrdup (LOCALSTATEDIR "/run/tinyproxy/tinyproxy.pid"); -+ conf->logf_name = safestrdup (LOCALSTATEDIR "/log/tinyproxy.log"); -+ conf->pidpath = safestrdup (LOCALSTATEDIR "/tinyproxy.pid"); - } +--- a/etc/tinyproxy.conf.in ++++ b/etc/tinyproxy.conf.in +@@ -93,7 +93,7 @@ StatFile "@pkgdatadir@/stats.html" + # exclusive. If neither Syslog nor LogFile are specified, output goes + # to stdout. + # +-#LogFile "@localstatedir@/log/tinyproxy/tinyproxy.log" ++LogFile "@localstatedir@/log/tinyproxy.log" - /** + # + # Syslog: Tell tinyproxy to use syslog instead of a logfile. This +@@ -124,7 +124,7 @@ LogLevel Info + # can be used for signalling purposes. + # If not specified, no pidfile will be written. + # +-#PidFile "@localstatedir@/run/tinyproxy/tinyproxy.pid" ++PidFile "@localstatedir@/tinyproxy.pid" + + # + # XTinyproxy: Tell Tinyproxy to include the X-Tinyproxy header, which diff --git a/net/tinyproxy/patches/030-allow_bind_in_transparent_mode.patch b/net/tinyproxy/patches/030-allow_bind_in_transparent_mode.patch deleted file mode 100644 index 68d89db4d..000000000 --- a/net/tinyproxy/patches/030-allow_bind_in_transparent_mode.patch +++ /dev/null @@ -1,22 +0,0 @@ ---- a/src/conf.c -+++ b/src/conf.c -@@ -865,7 +865,6 @@ static HANDLE_FUNC (handle_deny) - - static HANDLE_FUNC (handle_bind) - { --#ifndef TRANSPARENT_PROXY - int r = set_string_arg (&conf->bind_address, line, &match[2]); - - if (r) -@@ -873,11 +872,6 @@ static HANDLE_FUNC (handle_bind) - log_message (LOG_INFO, - "Outgoing connections bound to IP %s", conf->bind_address); - return 0; --#else -- fprintf (stderr, -- "\"Bind\" cannot be used with transparent support enabled.\n"); -- return 1; --#endif - } - - static HANDLE_FUNC (handle_listen) diff --git a/net/tinyproxy/patches/120-fix_INET6.patch b/net/tinyproxy/patches/120-fix_INET6.patch index 1c2683551..041354885 100644 --- a/net/tinyproxy/patches/120-fix_INET6.patch +++ b/net/tinyproxy/patches/120-fix_INET6.patch @@ -10,7 +10,7 @@ { struct addrinfo hints, *res, *ressave; -@@ -48,7 +47,7 @@ bind_socket (int sockfd, const char *add +@@ -48,7 +47,7 @@ bind_socket (int sockfd, const char *addr, int family) assert (addr != NULL && strlen (addr) != 0); memset (&hints, 0, sizeof (struct addrinfo)); @@ -19,7 +19,7 @@ hints.ai_socktype = SOCK_STREAM; /* The local port it not important */ -@@ -106,14 +105,12 @@ int opensock (const char *host, int port +@@ -112,14 +111,12 @@ int opensock (const char *host, int port, const char *bind_to) /* Bind to the specified address */ if (bind_to) { diff --git a/net/tinyproxy/patches/CVE-2012-3505-tiniproxy-randomized-hashmaps.patch b/net/tinyproxy/patches/CVE-2012-3505-tiniproxy-randomized-hashmaps.patch deleted file mode 100644 index 4737b8ba3..000000000 --- a/net/tinyproxy/patches/CVE-2012-3505-tiniproxy-randomized-hashmaps.patch +++ /dev/null @@ -1,101 +0,0 @@ ---- a/src/child.c -+++ b/src/child.c -@@ -20,6 +20,9 @@ - * processing incoming connections. - */ - -+#include -+#include -+ - #include "main.h" - - #include "child.h" -@@ -196,6 +199,7 @@ static void child_main (struct child_s * - } - - ptr->connects = 0; -+ srand(time(NULL)); - - while (!config.quit) { - ptr->status = T_WAITING; ---- a/src/hashmap.c -+++ b/src/hashmap.c -@@ -25,6 +25,8 @@ - * don't try to free the data, or realloc the memory. :) - */ - -+#include -+ - #include "main.h" - - #include "hashmap.h" -@@ -50,6 +52,7 @@ struct hashbucket_s { - }; - - struct hashmap_s { -+ uint32_t seed; - unsigned int size; - hashmap_iter end_iterator; - -@@ -65,7 +68,7 @@ struct hashmap_s { - * - * If any of the arguments are invalid a negative number is returned. - */ --static int hashfunc (const char *key, unsigned int size) -+static int hashfunc (const char *key, unsigned int size, uint32_t seed) - { - uint32_t hash; - -@@ -74,7 +77,7 @@ static int hashfunc (const char *key, un - if (size == 0) - return -ERANGE; - -- for (hash = tolower (*key++); *key != '\0'; key++) { -+ for (hash = seed; *key != '\0'; key++) { - uint32_t bit = (hash & 1) ? (1 << (sizeof (uint32_t) - 1)) : 0; - - hash >>= 1; -@@ -104,6 +107,7 @@ hashmap_t hashmap_create (unsigned int n - if (!ptr) - return NULL; - -+ ptr->seed = (uint32_t)rand(); - ptr->size = nbuckets; - ptr->buckets = (struct hashbucket_s *) safecalloc (nbuckets, - sizeof (struct -@@ -201,7 +205,7 @@ hashmap_insert (hashmap_t map, const cha - if (!data || len < 1) - return -ERANGE; - -- hash = hashfunc (key, map->size); -+ hash = hashfunc (key, map->size, map->seed); - if (hash < 0) - return hash; - -@@ -382,7 +386,7 @@ ssize_t hashmap_search (hashmap_t map, c - if (map == NULL || key == NULL) - return -EINVAL; - -- hash = hashfunc (key, map->size); -+ hash = hashfunc (key, map->size, map->seed); - if (hash < 0) - return hash; - -@@ -416,7 +420,7 @@ ssize_t hashmap_entry_by_key (hashmap_t - if (!map || !key || !data) - return -EINVAL; - -- hash = hashfunc (key, map->size); -+ hash = hashfunc (key, map->size, map->seed); - if (hash < 0) - return hash; - -@@ -451,7 +455,7 @@ ssize_t hashmap_remove (hashmap_t map, c - if (map == NULL || key == NULL) - return -EINVAL; - -- hash = hashfunc (key, map->size); -+ hash = hashfunc (key, map->size, map->seed); - if (hash < 0) - return hash; - diff --git a/net/tinyproxy/patches/CVE-2012-3505-tinyproxy-limit-headers.patch b/net/tinyproxy/patches/CVE-2012-3505-tinyproxy-limit-headers.patch deleted file mode 100644 index b8023ab2a..000000000 --- a/net/tinyproxy/patches/CVE-2012-3505-tinyproxy-limit-headers.patch +++ /dev/null @@ -1,44 +0,0 @@ ---- a/src/reqs.c -+++ b/src/reqs.c -@@ -610,6 +610,11 @@ add_header_to_connection (hashmap_t hash - return hashmap_insert (hashofheaders, header, sep, len); - } - -+/* define max number of headers. big enough to handle legitimate cases, -+ * but limited to avoid DoS -+ */ -+#define MAX_HEADERS 10000 -+ - /* - * Read all the headers from the stream - */ -@@ -617,6 +622,7 @@ static int get_all_headers (int fd, hash - { - char *line = NULL; - char *header = NULL; -+ int count; - char *tmp; - ssize_t linelen; - ssize_t len = 0; -@@ -625,7 +631,7 @@ static int get_all_headers (int fd, hash - assert (fd >= 0); - assert (hashofheaders != NULL); - -- for (;;) { -+ for (count = 0; count < MAX_HEADERS; count++) { - if ((linelen = readline (fd, &line)) <= 0) { - safefree (header); - safefree (line); -@@ -691,6 +697,12 @@ static int get_all_headers (int fd, hash - - safefree (line); - } -+ -+ /* if we get there, this is we reached MAX_HEADERS count. -+ bail out with error */ -+ safefree (header); -+ safefree (line); -+ return -1; - } - - /*