This is a security update[0] fixing a data leak:
A wrong if statement in the varnishd source code means that
synthetic objects in stevedores which over-allocate, may leak up
to page size of data from a malloc(3) memory allocation.
In a unpredictable percentage of the cases where this condition
arises, a segmentation fault will happen instead.
Tests continue to pass as before (full log attached):
# TOTAL: 636
# PASS: 630
# SKIP: 5
# XFAIL: 0
# FAIL: 1
# XPASS: 0
# ERROR: 0
I also removed TEST_TARGET=check as it's the default, used
${INSTALL_DATA} instead of cp in post-install and pointed users to 5.2
instead of 5.0 docs.
Varnish uses python scripts to compile .vsc into C so I added
lang/python with MODPY_VERSION=2.7 explicity since it's importing
StringIO which appearantly became io.StringIO in 3.0 and higher.
Feedback? Does anyone want to commit this?
0: https://varnish-cache.org/releases/rel5.2.1.html#rel5-2-1
diff --git a/www/varnish/Makefile b/www/varnish/Makefile
index b0fa5029ab4..5cf58670364 100644
--- a/www/varnish/Makefile
+++ b/www/varnish/Makefile
@@ -2,7 +2,7 @@
COMMENT = high-performance HTTP accelerator
-DISTNAME = varnish-5.2.0
+DISTNAME = varnish-5.2.1
CATEGORIES = www
@@ -16,12 +16,16 @@ MAINTAINER = Jim Razmus II
<j...@openbsd.org> \
# BSD
PERMIT_PACKAGE_CDROM = Yes
-MASTER_SITES = https://varnish-cache.org/_downloads/
+MASTER_SITES = ${HOMEPAGE}_downloads/
EXTRACT_SUFX = .tgz
WANTLIB += c execinfo m ncursesw pcre pthread readline termcap
+MODULES = lang/python
+
+MODPY_VERSION = 2.7
+
BUILD_DEPENDS = ${MODGNU_AUTOCONF_DEPENDS} \
${MODGNU_AUTOMAKE_DEPENDS} \
devel/libtool \
@@ -30,6 +34,8 @@ LIB_DEPENDS = devel/pcre
# The internal backtrace implementation fails to build with -Werror on arm/hppa
LIB_DEPENDS += devel/libexecinfo
+MODPY_RUNDEP = No
+
WRKDIST = ${WRKDIR}/${DISTNAME}
USE_GMAKE = Yes
CONFIGURE_STYLE = gnu
@@ -38,7 +44,7 @@ AUTOMAKE_VERSION = 1.15
CONFIGURE_ENV = CPPFLAGS="-I${LOCALBASE}/include" \
LDFLAGS="-L${LOCALBASE}/lib ${LDFLAGS}"
-TEST_TARGET = check
+MODPY_ADJ_FILES = lib/lib*/*.py
post-patch:
cd ${WRKSRC} && env AUTOCONF_VERSION=${AUTOCONF_VERSION} \
@@ -47,7 +53,7 @@ post-patch:
post-install:
${INSTALL_DATA_DIR} ${PREFIX}/share/doc/varnish
${INSTALL_DATA_DIR} ${PREFIX}/share/examples/varnish
- cp ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \
+ ${INSTALL_DATA} ${WRKDIST}${SYSCONFDIR}/{example,builtin}.vcl \
${PREFIX}/share/examples/varnish
rm -f ${PREFIX}/lib/varnish/{vmods,}/*.{a,la}
diff --git a/www/varnish/distinfo b/www/varnish/distinfo
index f7dc351f783..cdba07a9889 100644
--- a/www/varnish/distinfo
+++ b/www/varnish/distinfo
@@ -1,2 +1,2 @@
-SHA256 (varnish-5.2.0.tgz) = zEgmoEgPSSaNOZYwnkt+RlFR6aUjzPjq1JnsV1FJ9H4=
-SIZE (varnish-5.2.0.tgz) = 2828867
+SHA256 (varnish-5.2.1.tgz) = uEUsnXjBb3jIz9HBoeaWUjv2S3chwzAVDcwIUkWQFLM=
+SIZE (varnish-5.2.1.tgz) = 2827676
diff --git a/www/varnish/pkg/MESSAGE b/www/varnish/pkg/MESSAGE
index 5f50b1bbf2a..ce02efaef87 100644
--- a/www/varnish/pkg/MESSAGE
+++ b/www/varnish/pkg/MESSAGE
@@ -5,4 +5,4 @@ or the following link for more information:
and for further information:
- https://www.varnish-cache.org/docs/5.0/
+ https://www.varnish-cache.org/docs/5.2/
===================================================
Varnish 5.2.1: bin/varnishtest/test-suite.log
===================================================
# TOTAL: 636
# PASS: 630
# SKIP: 5
# XFAIL: 0
# FAIL: 1
# XPASS: 0
# ERROR: 0
.. contents:: :depth: 2
SKIP: tests/a00014
==================
**** top 0.0 extmacro def
pwd=/usr/obj/ports/varnish-5.2.1/varnish-5.2.1/bin/varnishtest
**** top 0.0 extmacro def localhost=127.0.0.1
**** top 0.0 extmacro def bad_backend=127.0.0.1 45991
**** top 0.0 extmacro def bad_ip=192.0.2.255
**** top 0.0 extmacro def topbuild=/usr/obj/ports/varnish-5.2.1/varnish-5.2.1
**** top 0.0 macro def tmpdir=/tmp/vtc.615.05f97f59
* top 0.0 TEST ./tests/a00014.vtc starting
** top 0.0 === varnishtest "Custom feature verification"
* top 0.0 TEST Custom feature verification
** top 0.0 === feature cmd true
** top 0.0 === feature cmd false
* top 0.0 SKIPPING test, lacking feature: false
* top 0.0 RESETTING after ./tests/a00014.vtc
* top 0.0 TEST ./tests/a00014.vtc completed
# top TEST ./tests/a00014.vtc skipped (0.004)
SKIP tests/a00014.vtc (exit status: 77)
SKIP: tests/a02022
==================
**** top 0.0 extmacro def
pwd=/usr/obj/ports/varnish-5.2.1/varnish-5.2.1/bin/varnishtest
**** top 0.0 extmacro def localhost=127.0.0.1
**** top 0.0 extmacro def bad_backend=127.0.0.1 16039
**** top 0.0 extmacro def bad_ip=192.0.2.255
**** top 0.0 extmacro def topbuild=/usr/obj/ports/varnish-5.2.1/varnish-5.2.1
**** top 0.0 macro def tmpdir=/tmp/vtc.85738.60f565db
* top 0.0 TEST ./tests/a02022.vtc starting
** top 0.0 === varnishtest "H/1 -> H/2 upgrade"
* top 0.0 TEST H/1 -> H/2 upgrade
** top 0.0 === feature cmd "nghttp --version | grep -q 'nghttp2/[1-9]'"
* top 0.0 SKIPPING test, lacking feature: nghttp --version | grep -q
'nghttp2/[1-9]'
* top 0.0 RESETTING after ./tests/a02022.vtc
* top 0.0 TEST ./tests/a02022.vtc completed
* diag 0.0 sh: nghttp: not found
# top TEST ./tests/a02022.vtc skipped (0.004)
SKIP tests/a02022.vtc (exit status: 77)
SKIP: tests/j00000
==================
**** top 0.0 extmacro def
pwd=/usr/obj/ports/varnish-5.2.1/varnish-5.2.1/bin/varnishtest
**** top 0.0 extmacro def localhost=127.0.0.1
**** top 0.0 extmacro def bad_backend=127.0.0.1 33142
**** top 0.0 extmacro def bad_ip=192.0.2.255
**** top 0.0 extmacro def topbuild=/usr/obj/ports/varnish-5.2.1/varnish-5.2.1
**** top 0.0 macro def tmpdir=/tmp/vtc.15924.06eeedbe
* top 0.0 TEST ./tests/j00000.vtc starting
** top 0.0 === varnishtest "Code coverage basic UNIX jail"
* top 0.0 TEST Code coverage basic UNIX jail
** top 0.0 === feature user_varnish
* top 0.0 SKIPPING test, lacking feature: user_varnish
* top 0.0 RESETTING after ./tests/j00000.vtc
* top 0.0 TEST ./tests/j00000.vtc completed
# top TEST ./tests/j00000.vtc skipped (0.003)
SKIP tests/j00000.vtc (exit status: 77)
SKIP: tests/j00001
==================
**** top 0.0 extmacro def
pwd=/usr/obj/ports/varnish-5.2.1/varnish-5.2.1/bin/varnishtest
**** top 0.0 extmacro def localhost=127.0.0.1
**** top 0.0 extmacro def bad_backend=127.0.0.1 41617
**** top 0.0 extmacro def bad_ip=192.0.2.255
**** top 0.0 extmacro def topbuild=/usr/obj/ports/varnish-5.2.1/varnish-5.2.1
**** top 0.0 macro def tmpdir=/tmp/vtc.89957.39470923
* top 0.0 TEST ./tests/j00001.vtc starting
** top 0.0 === varnishtest "Run worker with different uid in UNIX jail"
* top 0.0 TEST Run worker with different uid in UNIX jail
** top 0.0 === feature user_varnish
* top 0.0 SKIPPING test, lacking feature: user_varnish
* top 0.0 RESETTING after ./tests/j00001.vtc
* top 0.0 TEST ./tests/j00001.vtc completed
# top TEST ./tests/j00001.vtc skipped (0.004)
SKIP tests/j00001.vtc (exit status: 77)
SKIP: tests/j00003
==================
**** top 0.0 extmacro def
pwd=/usr/obj/ports/varnish-5.2.1/varnish-5.2.1/bin/varnishtest
**** top 0.0 extmacro def localhost=127.0.0.1
**** top 0.0 extmacro def bad_backend=127.0.0.1 14103
**** top 0.0 extmacro def bad_ip=192.0.2.255
**** top 0.0 extmacro def topbuild=/usr/obj/ports/varnish-5.2.1/varnish-5.2.1
**** top 0.0 macro def tmpdir=/tmp/vtc.58899.5bdb3ecf
* top 0.0 TEST ./tests/j00003.vtc starting
** top 0.0 === varnishtest "-junix bad subarg handling"
* top 0.0 TEST -junix bad subarg handling
** top 0.0 === feature root
* top 0.0 SKIPPING test, lacking feature: root
* top 0.0 RESETTING after ./tests/j00003.vtc
* top 0.0 TEST ./tests/j00003.vtc completed
# top TEST ./tests/j00003.vtc skipped (0.002)
SKIP tests/j00003.vtc (exit status: 77)
FAIL: tests/u00000
==================
**** top 0.0 extmacro def
pwd=/usr/obj/ports/varnish-5.2.1/varnish-5.2.1/bin/varnishtest
**** top 0.0 extmacro def localhost=127.0.0.1
**** top 0.0 extmacro def bad_backend=127.0.0.1 26095
**** top 0.0 extmacro def bad_ip=192.0.2.255
**** top 0.0 extmacro def topbuild=/usr/obj/ports/varnish-5.2.1/varnish-5.2.1
**** top 0.0 macro def tmpdir=/tmp/vtc.32637.2edc2401
* top 0.0 TEST ./tests/u00000.vtc starting
** top 0.0 === varnishtest "Simple process tests"
* top 0.0 TEST Simple process tests
** top 0.0 === process p1 "cat" -start
**** p1 0.0 CMD: cat
*** p1 0.0 PID: 9737
**** p1 0.0 macro def p1_pid=9737
**** p1 0.0 macro def p1_dir=/tmp/vtc.32637.2edc2401/p1
**** p1 0.0 macro def p1_out=/tmp/vtc.32637.2edc2401/p1/stdout
**** p1 0.0 macro def p1_err=/tmp/vtc.32637.2edc2401/p1/stderr
** top 0.0 === process p2 "cat" -start
**** p2 0.0 CMD: cat
*** p2 0.0 PID: 65976
**** p2 0.0 macro def p2_pid=65976
**** p2 0.0 macro def p2_dir=/tmp/vtc.32637.2edc2401/p2
**** p2 0.0 macro def p2_out=/tmp/vtc.32637.2edc2401/p2/stdout
**** p2 0.0 macro def p2_err=/tmp/vtc.32637.2edc2401/p2/stderr
** top 0.0 === process p3 "cat" -start
**** p3 0.0 CMD: cat
*** p3 0.0 PID: 24610
**** p3 0.0 macro def p3_pid=24610
**** p3 0.0 macro def p3_dir=/tmp/vtc.32637.2edc2401/p3
**** p3 0.0 macro def p3_out=/tmp/vtc.32637.2edc2401/p3/stdout
**** p3 0.0 macro def p3_err=/tmp/vtc.32637.2edc2401/p3/stderr
** top 0.0 === process p1 -writeln "foo"
**** p1 0.0 Writing 3 bytes
**** p1 0.0 Writing 1 bytes
** top 0.0 === process p2 -writeln "bar"
**** p2 0.0 Writing 3 bytes
**** p2 0.0 Writing 1 bytes
** top 0.0 === process p3 -writeln "baz"
**** p3 0.0 Writing 3 bytes
**** p3 0.0 Writing 1 bytes
** top 0.0 === delay 0.5
*** top 0.0 delaying 0.5 second(s)
** top 0.5 === process p1 -stop
**** p1 0.5 Sent signal 15
** top 0.5 === process p2 -close
** top 0.5 === process p3 -kill KILL
**** p3 0.5 Sent signal 9
** top 0.5 === process p1 -wait
**** p3 0.5 macro undef p3_pid
** p3 0.5 R 0x6022 Status: 0009 (u 0.000000 s 0.000000)
** p3 0.5 Bad exit code: 0009 sig 9 exit 0 core 0
**** p2 0.5 macro undef p2_pid
** p2 0.5 R 0x101b8 Status: 0000 (u 0.000000 s 0.010000)
**** p1 0.5 macro undef p1_pid
** p1 0.5 R 0x2609 Status: 000f (u 0.000000 s 0.010000)
** p1 0.5 Bad exit code: 000f sig 15 exit 0 core 0
** top 0.5 === process p2 -wait
** top 0.5 === process p3 -wait
** top 0.5 === shell "grep -q foo ${p1_out}"
**** top 0.5 shell_cmd|exec 2>&1 ; grep -q foo
/tmp/vtc.32637.2edc2401/p1/stdout
**** top 0.6 shell_status = 0x0000
** top 0.6 === shell "grep -q bar ${p2_out}"
**** top 0.6 shell_cmd|exec 2>&1 ; grep -q bar
/tmp/vtc.32637.2edc2401/p2/stdout
**** top 0.6 shell_status = 0x0000
** top 0.6 === shell "grep -q baz ${p3_out}"
**** top 0.6 shell_cmd|exec 2>&1 ; grep -q baz
/tmp/vtc.32637.2edc2401/p3/stdout
**** top 0.6 shell_status = 0x0000
** top 0.6 === shell "test -f ${p1_err} -a ! -s ${p1_err}"
**** top 0.6 shell_cmd|exec 2>&1 ; test -f /tmp/vtc.32637.2edc2401/p1/stderr
-a ! -s /tmp/vtc.32637.2edc2401/p1/stderr
**** top 0.6 shell_status = 0x0001
---- top 0.6 shell_exit not as expected: got 0x0001 wanted 0x0000
* top 0.6 RESETTING after ./tests/u00000.vtc
**** p1 0.6 macro undef p1_dir
**** p1 0.6 macro undef p1_out
**** p1 0.6 macro undef p1_err
**** p2 0.6 macro undef p2_dir
**** p2 0.6 macro undef p2_out
**** p2 0.6 macro undef p2_err
**** p3 0.6 macro undef p3_dir
**** p3 0.6 macro undef p3_out
**** p3 0.6 macro undef p3_err
* top 0.6 TEST ./tests/u00000.vtc FAILED
# top TEST ./tests/u00000.vtc FAILED (0.575) exit=2
FAIL tests/u00000.vtc (exit status: 2)
