From f2a93f5c0e2b160882607e4a4b646a64faf5def4 Mon Sep 17 00:00:00 2001
From: doktornotor <notordoktor@gmail.com>
Date: Wed, 9 Sep 2015 11:14:00 +0200
Subject: Squid3 - squid pinger helper needs to be suid root (Bug #5114)

---
 config/squid3/34/squid.inc | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/config/squid3/34/squid.inc b/config/squid3/34/squid.inc
index 57527876..f0eea327 100755
--- a/config/squid3/34/squid.inc
+++ b/config/squid3/34/squid.inc
@@ -306,9 +306,10 @@ function squid_install_command() {
 	update_status("Creating squid cache pools... One moment please...");
 	squid_dash_z();
 
-	/* make sure pinger is executable */
+	/* make sure pinger is executable and suid root */
+	// XXX: Bug #5114
 	if (file_exists(SQUID_LOCALBASE. "/libexec/squid/pinger"))
-		@chmod(SQUID_LOCALBASE. "/libexec/squid/pinger", 0755);
+		@chmod(SQUID_LOCALBASE. "/libexec/squid/pinger", 4755);
 
 	// XXX: Is it really necessary?
 	if (file_exists("/usr/local/etc/rc.d/squid"))
@@ -1876,10 +1877,10 @@ function squid_resync($via_rpc="no") {
 	// write config file
 	file_put_contents(SQUID_CONFFILE, $conf);
 
-	/* make sure pinger is executable */
-	// XXX: Is it really necessary? Who could change its permission?
+	/* make sure pinger is executable and suid root */
+	// XXX: Bug #5114
 	if (file_exists(SQUID_LOCALBASE . "/libexec/squid/pinger"))
-		@chmod(SQUID_LOCALBASE. "/libexec/squid/pinger", 0755);
+		@chmod(SQUID_LOCALBASE. "/libexec/squid/pinger", 4755);
 
 	$log_dir="";
 	// check if squid is enabled
-- 
cgit v1.2.3


From 1bbf2524f7dfc9bf5d08a0213ad5e81defc91b87 Mon Sep 17 00:00:00 2001
From: doktornotor <notordoktor@gmail.com>
Date: Wed, 9 Sep 2015 11:16:39 +0200
Subject: Bump squid3 package version

---
 pkg_config.10.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg_config.10.xml b/pkg_config.10.xml
index 4202a284..488d6079 100644
--- a/pkg_config.10.xml
+++ b/pkg_config.10.xml
@@ -1052,7 +1052,7 @@
 		<pkginfolink>https://forum.pfsense.org/index.php/topic,48347.0.html</pkginfolink>
 		<website>http://www.squid-cache.org/</website>
 		<category>Network</category>
-		<version>0.3.0</version>
+		<version>0.3.1</version>
 		<status>beta</status>
 		<required_version>2.2</required_version>
 		<maintainer>marcellocoutinho@gmail.com fernando@netfilter.com.br seth.mos@dds.nl mfuchs77@googlemail.com jimp@pfsense.org</maintainer>
-- 
cgit v1.2.3


From bca9c324b12ca25bd87b4390852fd188f1a00b23 Mon Sep 17 00:00:00 2001
From: doktornotor <notordoktor@gmail.com>
Date: Wed, 9 Sep 2015 11:33:33 +0200
Subject: do not silence errors with chmod

---
 config/squid3/34/squid.inc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/config/squid3/34/squid.inc b/config/squid3/34/squid.inc
index f0eea327..76deb94c 100755
--- a/config/squid3/34/squid.inc
+++ b/config/squid3/34/squid.inc
@@ -309,7 +309,7 @@ function squid_install_command() {
 	/* make sure pinger is executable and suid root */
 	// XXX: Bug #5114
 	if (file_exists(SQUID_LOCALBASE. "/libexec/squid/pinger"))
-		@chmod(SQUID_LOCALBASE. "/libexec/squid/pinger", 4755);
+		chmod(SQUID_LOCALBASE. "/libexec/squid/pinger", 4755);
 
 	// XXX: Is it really necessary?
 	if (file_exists("/usr/local/etc/rc.d/squid"))
@@ -1880,7 +1880,7 @@ function squid_resync($via_rpc="no") {
 	/* make sure pinger is executable and suid root */
 	// XXX: Bug #5114
 	if (file_exists(SQUID_LOCALBASE . "/libexec/squid/pinger"))
-		@chmod(SQUID_LOCALBASE. "/libexec/squid/pinger", 4755);
+		chmod(SQUID_LOCALBASE. "/libexec/squid/pinger", 4755);
 
 	$log_dir="";
 	// check if squid is enabled
-- 
cgit v1.2.3