diff options
-rwxr-xr-x | config/squid3/34/squid.inc | 50 | ||||
-rw-r--r-- | config/squid3/34/squid.xml | 11 | ||||
-rw-r--r-- | pkg_config.10.xml | 3 |
3 files changed, 29 insertions, 35 deletions
diff --git a/config/squid3/34/squid.inc b/config/squid3/34/squid.inc index 952d50d8..bf4fcf5d 100755 --- a/config/squid3/34/squid.inc +++ b/config/squid3/34/squid.inc @@ -617,7 +617,7 @@ function squid_deinstall_command() { /* Migrate configuration from god knows which Squid package versions */ /* None of these ever existed with Squid 3.4 package and this cruft should be most likely just removed */ function squid_upgrade_config() { - global $config; + global $config, $pfs_version; /* migrate existing csv config fields */ if (is_array($config['installedpackages']['squidauth']['config'])) { $settingsauth = $config['installedpackages']['squidauth']['config'][0]; @@ -694,6 +694,27 @@ function squid_upgrade_config() { $config['installedpackages']['squidnac']['config'][0]['block_reply_mime_type'] = $settingsnac['block_reply_mime_type']; } + /* XXX: broken Captive Portal patch (Bug #5594) */ + if (isset($config['installedpackages']['squid']['config'][0]['patch_cp'])) { + if ($config['installedpackages']['squid']['config'][0]['patch_cp'] == "on") { + $cp_msg = "Patch Captive Portal feature was removed - see Bug #5594!"; + /* Attempt to restore the backup, remove it after that and unset the config option to avoid running this again in future. */ + $cp_file = '/etc/inc/captiveportal.inc'; + $backup_file = '/root/' . $pfs_version . '.captiveportal.inc.backup'; + if (file_exists($backup_file)) { + copy($backup_file, $cp_file); + $cp_msg .= "Found and restored a previous backup of {$cp_file}. Double-check its contents for sanity!"; + unlink($backup_file); + } else { + $cp_msg .= "Failed to find a backup of {$cp_file}! Get a sane copy of the file from pfSense GitHub repository!"; + } + file_notice("squid", $cp_msg, "Packages", ""); + log_error("[squid] {$cp_msg}"); + unset($cp_msg, $cp_file, $backup_file); + } + unset($config['installedpackages']['squid']['config'][0]['patch_cp']); + } + /* migrate reverse proxy settings */ squid_reverse_upgrade_config(); @@ -2001,33 +2022,6 @@ function squid_generate_rules($type) { global $config, $pfs_version; $squid_conf = $config['installedpackages']['squid']['config'][0]; - //check captive portal option - $cp_file = '/etc/inc/captiveportal.inc'; - $port = ($settings['proxy_port'] ? $settings['proxy_port'] : 3128); - $cp_inc = file($cp_file); - $new_cp_inc = ""; - $found_rule = 0; - foreach ($cp_inc as $line) { - $new_line = $line; - //remove applied squid patch - if (preg_match('/skipto 65314 ip/', $line)) { - $found_rule++; - $new_line = ""; - } - - if (preg_match('/255.255.255.255/', $line) && $squid_conf['patch_cp']) { - $found_rule++; - $new_line .= "\t" . '$cprules .= "add {$rulenum} skipto 65314 ip from any to {$ips} ' . $port . ' in\n";' . "\n"; - $new_line .= "\t" . '$cprules .= "add {$rulenum} skipto 65314 ip from {$ips} ' . $port . ' to any out\n";' . "\n"; - } - $new_cp_inc .= $new_line; - } - if (!file_exists('/root/' . $pfs_version . '.captiveportal.inc.backup')) { - copy($cp_file, '/root/' . $pfs_version . '.captiveportal.inc.backup'); - } - if ($found_rule > 0) { - file_put_contents($cp_file, $new_cp_inc, LOCK_EX); - } // do not install any firewall rules if Squid is disabled or used as reverse proxy only if (!squid_enabled()) { diff --git a/config/squid3/34/squid.xml b/config/squid3/34/squid.xml index 82fe44b8..3538a5fe 100644 --- a/config/squid3/34/squid.xml +++ b/config/squid3/34/squid.xml @@ -42,7 +42,7 @@ ]]> </copyright> <name>squid</name> - <version>0.4.5</version> + <version>0.4.7</version> <title>Proxy Server: General Settings</title> <include_file>/usr/local/pkg/squid.inc</include_file> <menu> @@ -324,15 +324,14 @@ </field> <field> <fielddescr>Patch Captive Portal</fielddescr> - <fieldname>patch_cp</fieldname> <description> <![CDATA[ - Enable this option to force Captive Portal to non transparent proxy users.<br/> - <strong>Note:</strong> You may need to reapply Captive Portal settings after changing this option.<br/> - <strong><span class="errmsg">Warning:</span> This alters /etc/inc/captiveportal.inc file! USE WITH CAUTION!</strong> (A backup is made available under /root directory.) + <strong><span class="errmsg">This feature was removed</span></strong> - see <a href="https://redmine.pfsense.org/issues/5594">Bug #5594</a> for details!<br/> + If you were using this feature, double-check '/etc/inc/captiveportal.inc' content for sanity.<br/> + Get a <a href="https://github.com/pfsense/pfsense/blob/RELENG_2_2/etc/inc/captiveportal.inc">sane copy of the file from pfSense GitHub repository</a> if needed. ]]> </description> - <type>checkbox</type> + <type>info</type> </field> <field> <fielddescr>Resolve DNS IPv4 First</fielddescr> diff --git a/pkg_config.10.xml b/pkg_config.10.xml index 1f19e3f6..032cbf5a 100644 --- a/pkg_config.10.xml +++ b/pkg_config.10.xml @@ -1090,7 +1090,7 @@ <pkginfolink>https://forum.pfsense.org/index.php?topic=100167.0</pkginfolink> <website>http://www.squid-cache.org/</website> <category>Services</category> - <version>0.4.6</version> + <version>0.4.7</version> <status>RC</status> <required_version>2.2</required_version> <maintainer>marcellocoutinho@gmail.com fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com jimp@pfsense.org</maintainer> @@ -1106,6 +1106,7 @@ <configurationfile>squid.xml</configurationfile> <depends_on_package_pbi>squid-3.4.10_2-##ARCH##.pbi</depends_on_package_pbi> <after_install_info>Please visit Services - Squid Proxy Server menu to configure the package and enable the proxy.</after_install_info> + <maximum_version>2.2.999</maximum_version> </package> <package> <name>LCDproc</name> |