Your message dated Mon, 28 Oct 2024 11:20:55 +0000
with message-id <[email protected]>
and subject line Bug#1063877: fixed in squid 6.12-1
has caused the Debian Bug report #1063877,
regarding squid FTCBFS: fails detecting kerberos due to AC_RUN_IFELSE
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1063877: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063877
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: squid
Version: 6.1-1
Tags: patch upstream
User: [email protected]
Usertags: ftcbfs
squid fails to cross build from source, because it pessimistically uses
AC_RUN_IFELSE, therefore concludes that kerberos is unavailable and then
causes a compiler error due to an untested code path. I've reviewed the
uses of AC_RUN_IFELSE and a number of them do not actually benefit from
running code (while others do). I'm attaching a patch that converts some
of the AC_RUN_IFELSE to AC_LINK_IFELSE and these happen to be enough to
make squid cross buildable (though the cross build still turns of some
features compared to a native build unless one provides more cache
variables externally). What do you think about the attached conversion?
Helmut
--- squid-6.6.orig/acinclude/krb5.m4
+++ squid-6.6/acinclude/krb5.m4
@@ -33,7 +33,7 @@
AC_CACHE_CHECK([for broken Heimdal krb5.h],squid_cv_broken_heimdal_krb5_h, [
SQUID_STATE_SAVE(squid_krb5_heimdal_test)
CPPFLAGS="-I${srcdir:-.} $CPPFLAGS"
- AC_RUN_IFELSE([AC_LANG_SOURCE([[
+ AC_LINK_IFELSE([AC_LANG_SOURCE([[
#include <krb5.h>
int
main(void)
@@ -45,7 +45,7 @@
return 0;
}
]])], [ squid_cv_broken_heimdal_krb5_h=no ], [
- AC_RUN_IFELSE([AC_LANG_SOURCE([[
+ AC_LINK_IFELSE([AC_LANG_SOURCE([[
#define HAVE_BROKEN_HEIMDAL_KRB5_H 1
#include "compat/krb5.h"
int
@@ -130,7 +130,7 @@
dnl checks that gssapi is ok, and sets squid_cv_working_gssapi accordingly
AC_DEFUN([SQUID_CHECK_WORKING_GSSAPI], [
AC_CACHE_CHECK([for working gssapi], squid_cv_working_gssapi, [
- AC_RUN_IFELSE([AC_LANG_SOURCE([[
+ AC_LINK_IFELSE([AC_LANG_SOURCE([[
#if USE_HEIMDAL_KRB5
#if HAVE_GSSAPI_GSSAPI_H
#include <gssapi/gssapi.h>
@@ -231,7 +231,7 @@
AC_CACHE_CHECK([for working krb5], squid_cv_working_krb5, [
SQUID_STATE_SAVE(squid_krb5_test)
CPPFLAGS="-I${srcdir:-.} $CPPFLAGS"
- AC_RUN_IFELSE([AC_LANG_SOURCE([[
+ AC_LINK_IFELSE([AC_LANG_SOURCE([[
#include "compat/krb5.h"
int
main(void)
--- End Message ---
--- Begin Message ---
Source: squid
Source-Version: 6.12-1
Done: Luigi Gangitano <[email protected]>
We believe that the bug you reported is fixed in the latest version of
squid, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Luigi Gangitano <[email protected]> (supplier of updated squid package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 28 Oct 2024 11:04:20 +0100
Source: squid
Architecture: source
Version: 6.12-1
Distribution: unstable
Urgency: high
Maintainer: Luigi Gangitano <[email protected]>
Changed-By: Luigi Gangitano <[email protected]>
Closes: 1063877
Changes:
squid (6.12-1) unstable; urgency=high
.
[ Amos Jeffries <[email protected]> ]
* New Upstream Release 6.12 (Closes: #1063877)
.
* Disable ESI feature support
Fixes: CVE-2024-45802. SQUID-2024:4
.
* debian/{control,rules}
- Migrate from lsb-release to os-release.
- Remove deprecated lsb-base dependency. It has been
replaced by sysvinit-utils in essential packages.
- Polish user visible package descriptions.
- Restructure rules special-cases for easier team maintenance.
.
* Use alternatives system for squid binary
.
[ Luigi Gangitano <[email protected]> ]
* debian/control
- Add Rules-Requires-Root: binary-targets
- Bumped Standards-Version to 4.7.0, no change needed
.
* debian/patches/*
- Refreshed patches
- Added description to
0006-upstream-807ae4df2164defbb5f59b99282e24010b4a0b85.patch
.
* debian/upstream/signing-key.asc
- Added Francesco Chemolli's key to the authorized keys (Closes: #1063877)
.
[ Sven Auhagen <[email protected]> ]
* debian/squid.postinst
- Check if cache folder exists before using chown
Checksums-Sha1:
7882cc1860400b267ce8c35eb05963123eab393b 2910 squid_6.12-1.dsc
2885015423b66f0b87e2e3ed0dfd17f3f124d7e6 2548220 squid_6.12.orig.tar.xz
bf0a4417eb02841e9e0e60b449aac6151986096a 647 squid_6.12.orig.tar.xz.asc
156681cd4b62d848749fc57166e7601e98a5fc4e 44756 squid_6.12-1.debian.tar.xz
e5d50ea25260cf4dc88a7f06263a1d688970bd49 9635 squid_6.12-1_arm64.buildinfo
Checksums-Sha256:
4e6c224e1857aec33ba777751cb15942dbf2ba64807495bb5bd4444a3c706fac 2910
squid_6.12-1.dsc
f3df3abb2603a513266f24a5d4699a9f0d76b9f554d1848b67f9c51cd3b3cb50 2548220
squid_6.12.orig.tar.xz
51ddd8da09dbe91e059428690a3e937ddb33ea9d094b13489d5e1f39ce60fb6e 647
squid_6.12.orig.tar.xz.asc
db3c1402ad51e8b8c9db21d737c28536eca893faadf8fb93df60fca8fec09e4b 44756
squid_6.12-1.debian.tar.xz
bd67744cdd910dc3b07c1728025d56c2b11d1f0c87fd9ed3437172fcac0fb303 9635
squid_6.12-1_arm64.buildinfo
Files:
6fd70227ccce2acc257658b4c1e31210 2910 web optional squid_6.12-1.dsc
26a264b234e22e012ea531d4f5d43ed1 2548220 web optional squid_6.12.orig.tar.xz
5e299d6e06630256a728ebf2eaf02881 647 web optional squid_6.12.orig.tar.xz.asc
68b379a796524f89d400f42b13d2c6ba 44756 web optional squid_6.12-1.debian.tar.xz
5c289ab874bbd35af55aab4cc95b34e5 9635 web optional squid_6.12-1_arm64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEjUhaNf8ebreQ5Q9tAoTyDCupfO0FAmcfZCcACgkQAoTyDCup
fO1LOw//Waq6sjdG8aRC7R4afrIVrJdnDaN6ovuOgETYZ1Dmu1iNlB4ksaNtFRwE
/Rr0F7Ljh0vFp/lnaF0Nq8gIN9YHSwxTgtJXazvyUWW8RLq0AP9133NklNItiw51
SA6hnUK2csXlxQViXZlHb2tIpRxEOD7DhXCQ4/NFCOi6LVhSNW4hq10IoMU6XL90
N5lvv+xSpXToiJn/ub5l3pUHh48zvokbMREwvhD3VEdJdggt9GJXNd/GVE8RaWNJ
6EEl8DMsWSWufrGLQ9/mUr3XRlNW+XKYm2VPOcyRMU6ksmEWz1tgLEpSKYpOGN4d
zh72E3Gw1QbhpeARColjO4wp90+gYJhTu74bdcr+bjp6q0F2d4ICqJqymncp/6S9
WiQ7XteHJVMolJ/6Footc0i3KmFHZEMuXarmyKmIpSNObkmCYOH6YSx2B8irsA6L
PzRWM1cO+zqiV9EcQXHyRYfibB/joZv5VzZ3BzKy3/H06WtUYbUZT7ti0kQ3o2Gk
sftd/jSNEyCcTIC55VrwefKT59M6G7+lRIskWSamCHQhM/8XR/2NK+dGUKwY+1Rh
LO1nCUHbln6EGs9hxJrkz5+ujbhbCSWs+MMWeZjGE9LwT+wqcEOrDzZd4y3VLUE1
TidPe5MUUU1k5YdEz4BvbqhOT4Ysk0mzJdRqQrVGrCCl2MVXy6g=
=VXh9
-----END PGP SIGNATURE-----
pgpenTb94tdod.pgp
Description: PGP signature
--- End Message ---
