Hi,
the patch below updates www/pound to version 2.7.
>From the CHANGELOG:
Enhancements:
- added support for larger DH keys + compile-time parameter for DH
bits (workaround for OpenSSL limitation)
- added support for elliptical curve encryption
- added protocol version in X-SSL-cipher (Tom Fitzhenry)
- added "Disable PROTO" directives (fix for Poodle vulnerability)
- added Cert, Disable and Cipher directives for HTTPS back-ends.
The directive HTTPS "cert" no longer supported.
- added filtering of "Expect: 100-continue" headers
- Add support for PATCH HTTP method
- Anonymise configuration option - show last client address byte as
0 (based on an idea by Christian Doering)
- SSLAllowClientRenegotiation (based on a patch from Joe Gooch)
- SSLHonorCipherOrder (based on a patch from Joe Gooch)
- Certificate alternate names support (based on a patch from Jonas
Pasche)
- poundctl shows the length of the request queue (based on a request
from Leo)
Bug fixes:
- fixed lh_retrieve warning
- fixed potential memory leak on client certificates
- fixed alt names problem (Joe Gooch)
- removed debugging messages
- fixed address comparison for RewriteLocation (IPv4/IPv6 problem -
Christopher Bartz)
- re-patched the redirect patch (Frank Schmierler)
- fixed RPC handling (Frank Schmierler)
- sanitize URLs for redirection (prevent CSRF)
- SSL disable empty fragments + SSL disable compression (CRIME
attack prevention)
- fixed bug in configuration of DISABLED directive
- changed the log level from WARNING to NOTICE if the thread arg is
NULL
- fixed testing of gcc options
ok?
Ciao,
Kili
Index: Makefile
===================================================================
RCS file: /cvs/ports/www/pound/Makefile,v
retrieving revision 1.12
diff -u -p -r1.12 Makefile
--- Makefile 11 Mar 2013 11:44:48 -0000 1.12
+++ Makefile 12 May 2015 12:46:05 -0000
@@ -2,7 +2,7 @@
COMMENT = HTTP reverse proxy/load balancer/SSL offload
-DISTNAME = Pound-2.6
+DISTNAME = Pound-2.7
PKGNAME = ${DISTNAME:L}
CATEGORIES = www
Index: distinfo
===================================================================
RCS file: /cvs/ports/www/pound/distinfo,v
retrieving revision 1.4
diff -u -p -r1.4 distinfo
--- distinfo 17 Sep 2012 13:05:14 -0000 1.4
+++ distinfo 12 May 2015 12:46:09 -0000
@@ -1,2 +1,2 @@
-SHA256 (Pound-2.6.tgz) = CtJeNlLiIRervBenC12JE+BZkTGKVQa8dDfmYmFv3yE=
-SIZE (Pound-2.6.tgz) = 180595
+SHA256 (Pound-2.7.tgz) = zfv1p+jcj7vg1sHoPNO9PyRyFgqsZWhLsB72YcYmqOQ=
+SIZE (Pound-2.7.tgz) = 186887
Index: patches/patch-pound_8
===================================================================
RCS file: /cvs/ports/www/pound/patches/patch-pound_8,v
retrieving revision 1.3
diff -u -p -r1.3 patch-pound_8
--- patches/patch-pound_8 17 Sep 2012 13:05:14 -0000 1.3
+++ patches/patch-pound_8 12 May 2015 12:47:01 -0000
@@ -1,6 +1,6 @@
$OpenBSD: patch-pound_8,v 1.3 2012/09/17 13:05:14 gonzalo Exp $
---- pound.8.orig Wed Dec 28 10:57:45 2011
-+++ pound.8 Tue Sep 4 17:04:51 2012
+--- pound.8.orig Mon Jan 26 17:47:53 2015
++++ pound.8 Tue May 12 14:46:51 2015
@@ -155,7 +155,7 @@ running a quick syntax check before actually activatin
\fB\-f\fR config_file
Location of the configuration file (see below for a full description of the
format).
@@ -10,7 +10,7 @@ $OpenBSD: patch-pound_8,v 1.3 2012/09/17
.TP
\fB\-p\fR pid_file
Location of the pid file.
-@@ -1191,11 +1191,11 @@ this is where
+@@ -1247,11 +1247,11 @@ this is where
.B Pound
will attempt to record its process id.
.TP
