Package: src:squid3
Severity: wishlist
Tags: patch
Hi,
please take the attached patch as a suggestion for the upgrade of the squid3
package to version 3.3.1. Thanks.
Carsten
--
/\-ยด-/\
( @ @ )
________o0O___^___O0o________
diff -urN squid3-3.1.20/debian/changelog squid3-3.3.1/debian/changelog
--- squid3-3.1.20/debian/changelog 2013-02-05 23:16:28.000000000 +0100
+++ squid3-3.3.1/debian/changelog 2013-02-27 11:30:03.000000000 +0100
@@ -1,3 +1,11 @@
+squid3 (3.3.1-1) unstable; urgency=low
+
+ * New upstream release
+ * ported debian patches to new upstream version
+ * removed obsolete CVE patches
+
+ -- Carsten Wolff <cars...@wolffcarsten.de> Fri, 22 Feb 2013 16:21:41 +0100
+
squid3 (3.1.20-2.1) unstable; urgency=high
* Non-maintainer upload
diff -urN squid3-3.1.20/debian/patches/01-cf.data.debian.patch squid3-3.3.1/debian/patches/01-cf.data.debian.patch
--- squid3-3.1.20/debian/patches/01-cf.data.debian.patch 2012-06-18 15:00:56.000000000 +0200
+++ squid3-3.3.1/debian/patches/01-cf.data.debian.patch 2013-02-27 11:15:12.000000000 +0100
@@ -2,7 +2,7 @@
Description: Default configuration file for debian
--- a/src/cf.data.pre
+++ b/src/cf.data.pre
-@@ -178,7 +178,7 @@
+@@ -327,7 +327,7 @@
If you want to use the traditional NCSA proxy authentication, set
this line to something like
@@ -10,8 +10,8 @@
+ auth_param basic program @DEFAULT_PREFIX@/lib/squid3/ncsa_auth @DEFAULT_PREFIX@/etc/passwd
"utf8" on|off
- HTTP uses iso-latin-1 as characterset, while some authentication
-@@ -246,7 +246,7 @@
+ HTTP uses iso-latin-1 as character set, while some authentication
+@@ -400,7 +400,7 @@
If you want to use a digest authenticator, set this line to
something like
@@ -19,26 +19,26 @@
+ auth_param digest program @DEFAULT_PREFIX@/lib/squid3/digest_pw_auth @DEFAULT_PREFIX@/etc/digpass
"utf8" on|off
- HTTP uses iso-latin-1 as characterset, while some authentication
-@@ -308,7 +308,7 @@
+ HTTP uses iso-latin-1 as character set, while some authentication
+@@ -477,7 +477,7 @@
of type proxy_auth. By default, the NTLM authenticator_program
is not used.
- auth_param ntlm program @DEFAULT_PREFIX@/bin/ntlm_auth
+ auth_param ntlm program @DEFAULT_PREFIX@/lib/squid3/ntlm_auth
- "children" numberofchildren
- The number of authenticator processes to spawn (no default).
-@@ -343,7 +343,7 @@
+ "children" numberofchildren [startup=N] [idle=N]
+ The maximum number of authenticator processes to spawn (default 5).
+@@ -518,7 +518,7 @@
The only supported program for this role is the ntlm_auth
program distributed as part of Samba, version 4 or later.
- auth_param negotiate program @DEFAULT_PREFIX@/bin/ntlm_auth --helper-protocol=gss-spnego
+ auth_param negotiate program @DEFAULT_PREFIX@/lib/squid3/ntlm_auth --helper-protocol=gss-spnego
- "children" numberofchildren
- The number of authenticator processes to spawn (no default).
-@@ -760,11 +760,11 @@
+ "children" numberofchildren [startup=N] [idle=N]
+ The maximum number of authenticator processes to spawn (default 5).
+@@ -1002,11 +1002,11 @@
# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
@@ -55,7 +55,7 @@
acl SSL_ports port 443
acl Safe_ports port 80 # http
-@@ -923,7 +923,7 @@
+@@ -1185,7 +1185,7 @@
# Example rule allowing access from your local networks.
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
@@ -64,25 +64,7 @@
http_access allow localhost
# And finally deny all other access to this proxy
-@@ -1424,7 +1424,7 @@
-
- Note: The use of this directive using client dependent ACLs is
- incompatible with the use of server side persistent connections. To
-- ensure correct results it is best to set server_persisten_connections
-+ ensure correct results it is best to set server_persistent_connections
- to off when using this directive in such configurations.
- DOC_END
-
-@@ -1527,7 +1527,7 @@
- an additional ACL needs to be used which ensures the IPv6-bound traffic
- is never forced or permitted out the IPv4 interface.
-
-- # IPv6 destination test along with a dummy access control to perofrm the required DNS
-+ # IPv6 destination test along with a dummy access control to perform the required DNS
- # This MUST be place before any ALLOW rules.
- acl to_ipv6 dst ipv6
- http_access deny ipv6 !all
-@@ -2844,7 +2844,7 @@
+@@ -3765,7 +3765,7 @@
NAME: logfile_rotate
TYPE: int
@@ -91,7 +73,7 @@
LOC: Config.Log.rotateNumber
DOC_START
Specifies the number of logfile rotations to make when you
-@@ -2863,6 +2863,9 @@
+@@ -3784,6 +3784,9 @@
Note, from Squid-3.1 this option has no effect on the cache.log,
that log can be rotated separately by using debug_options
@@ -101,7 +83,7 @@
DOC_END
NAME: emulate_httpd_log
-@@ -4284,7 +4287,7 @@
+@@ -5258,7 +5261,7 @@
NAME: visible_hostname
TYPE: string
LOC: Config.visibleHostname
@@ -110,7 +92,7 @@
DOC_START
If you want to present a special hostname in error messages, etc,
define this. Otherwise, the return value of gethostname()
-@@ -6482,8 +6485,8 @@
+@@ -7761,8 +7764,8 @@
WARNING:
This option will restrict the situations under which IPv6
diff -urN squid3-3.1.20/debian/patches/02-makefile-defaults.patch squid3-3.3.1/debian/patches/02-makefile-defaults.patch
--- squid3-3.1.20/debian/patches/02-makefile-defaults.patch 2012-06-18 14:59:26.000000000 +0200
+++ squid3-3.3.1/debian/patches/02-makefile-defaults.patch 2013-02-27 11:17:32.000000000 +0100
@@ -2,7 +2,7 @@
Description: Change default file locations for debian
--- a/src/Makefile.in
+++ b/src/Makefile.in
-@@ -2048,7 +2048,7 @@
+@@ -2799,7 +2799,7 @@
DEFAULT_PREFIX = $(prefix)
DEFAULT_CONFIG_DIR = $(sysconfdir)
DEFAULT_CONFIG_FILE = $(DEFAULT_CONFIG_DIR)/squid.conf
@@ -11,12 +11,3 @@
DEFAULT_DNSSERVER = $(libexecdir)/`echo dnsserver | sed '$(transform);s/$$/$(EXEEXT)/'`
DEFAULT_SSL_CRTD = $(libexecdir)/`echo ssl_crtd | sed '$(transform);s/$$/$(EXEEXT)/'`
DEFAULT_LOG_PREFIX = $(DEFAULT_LOG_DIR)
-@@ -2057,7 +2057,7 @@
- DEFAULT_STORE_LOG = $(DEFAULT_LOG_PREFIX)/store.log
- DEFAULT_PID_FILE = $(DEFAULT_PIDFILE)
- DEFAULT_NETDB_FILE = $(DEFAULT_LOG_PREFIX)/netdb.state
--DEFAULT_SWAP_DIR = $(localstatedir)/cache
-+DEFAULT_SWAP_DIR = $(localstatedir)/spool/squid3
- DEFAULT_SSL_DB_DIR = $(localstatedir)/lib/ssl_db
- DEFAULT_PINGER = $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'`
- DEFAULT_UNLINKD = $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'`
diff -urN squid3-3.1.20/debian/patches/15-cachemgr-default-config.patch squid3-3.3.1/debian/patches/15-cachemgr-default-config.patch
--- squid3-3.1.20/debian/patches/15-cachemgr-default-config.patch 2012-06-18 14:59:50.000000000 +0200
+++ squid3-3.3.1/debian/patches/15-cachemgr-default-config.patch 2013-02-27 11:18:52.000000000 +0100
@@ -2,36 +2,37 @@
Description: Fix path for cachemgr.cgi default configuration file
--- a/tools/Makefile.am
+++ b/tools/Makefile.am
-@@ -34,7 +34,7 @@
- man_MANS = \
- squidclient.1
+@@ -68,7 +68,7 @@
+
+ ## ##### cachemgr.cgi #####
-DEFAULT_CACHEMGR_CONFIG = $(sysconfdir)/cachemgr.conf
+DEFAULT_CACHEMGR_CONFIG = /etc/squid/cachemgr.conf
- squidclient_SOURCES = squidclient.cc
- nodist_squidclient_SOURCES=time.cc stub_debug.cc
-@@ -56,6 +56,7 @@
- $(OBJS): $(top_srcdir)/include/version.h ../include/autoconf.h
+ libexec_PROGRAMS = cachemgr$(CGIEXT)
+
+@@ -91,6 +91,7 @@
+ ## Shared
install-data-local:
+ test -z "/etc/squid" || $(MKDIR_P) "$(DESTDIR)/etc/squid"
$(INSTALL_DATA) $(srcdir)/cachemgr.conf $(DESTDIR)$(DEFAULT_CACHEMGR_CONFIG).default
@if test -f $(DESTDIR)$(DEFAULT_CACHEMGR_CONFIG) ; then \
echo "$@ will not overwrite existing $(DESTDIR)$(DEFAULT_CACHEMGR_CONFIG)" ; \
+diff -urN a/tools/Makefile.in b/tools/Makefile.in
--- a/tools/Makefile.in
+++ b/tools/Makefile.in
-@@ -375,7 +375,7 @@
- man_MANS = \
- squidclient.1
+@@ -434,7 +434,7 @@
+ test_tools.cc \
+ time.cc
-DEFAULT_CACHEMGR_CONFIG = $(sysconfdir)/cachemgr.conf
+DEFAULT_CACHEMGR_CONFIG = /etc/squid/cachemgr.conf
- squidclient_SOURCES = squidclient.cc
- nodist_squidclient_SOURCES = time.cc stub_debug.cc
- cachemgr__CGIEXT__SOURCES = cachemgr.cc
-@@ -1094,6 +1094,7 @@
- $(OBJS): $(top_srcdir)/include/version.h ../include/autoconf.h
+ cachemgr__CGIEXT__SOURCES = cachemgr.cc \
+ stub_debug.cc \
+ test_tools.cc \
+@@ -1237,6 +1237,7 @@
+ $(SUBSTITUTE) < $(srcdir)/cachemgr.cgi.8.in > $@
install-data-local:
+ test -z "/etc/squid" || $(MKDIR_P) "$(DESTDIR)/etc/squid"
diff -urN squid3-3.1.20/debian/patches/20-ipv6-fix squid3-3.3.1/debian/patches/20-ipv6-fix
--- squid3-3.1.20/debian/patches/20-ipv6-fix 2012-12-06 20:20:58.000000000 +0100
+++ squid3-3.3.1/debian/patches/20-ipv6-fix 1970-01-01 01:00:00.000000000 +0100
@@ -1,11 +0,0 @@
---- a/src/ip/IpAddress.cc
-+++ b/src/ip/IpAddress.cc
-@@ -605,7 +605,7 @@
- && dst->ai_protocol == 0)
- dst->ai_protocol = IPPROTO_UDP;
-
-- if (force == AF_INET6 || (force == AF_UNSPEC && IsIPv6()) ) {
-+ if (force == AF_INET6 || (force == AF_UNSPEC && Ip::EnableIpv6 && IsIPv6()) ) {
- dst->ai_addr = (struct sockaddr*)new sockaddr_in6;
-
- memset(dst->ai_addr,0,sizeof(struct sockaddr_in6));
diff -urN squid3-3.1.20/debian/patches/30-CVE-2012-5643-CVE-2013-0189.patch squid3-3.3.1/debian/patches/30-CVE-2012-5643-CVE-2013-0189.patch
--- squid3-3.1.20/debian/patches/30-CVE-2012-5643-CVE-2013-0189.patch 2013-02-05 22:55:45.000000000 +0100
+++ squid3-3.3.1/debian/patches/30-CVE-2012-5643-CVE-2013-0189.patch 1970-01-01 01:00:00.000000000 +0100
@@ -1,186 +0,0 @@
-Description: cachemgr.cgi: Memory Leaks and DoS Vulnerability
- * Ignore invalid Content-Length headers.
- * Limit received POST requests to 4KB and discard the rest.
- * Authentication credentials parser also leaks badly.
-Author: Amos Jeffries <squ...@treenet.co.nz>
-Origin: vendor
-Last-Update: 2013-02-05
-Forwarded: not-needed
-
----
-
-diff --git i/tools/cachemgr.cc w/tools/cachemgr.cc
-index 1af18d1..83d532c 100644
---- i/tools/cachemgr.cc
-+++ w/tools/cachemgr.cc
-@@ -586,12 +586,15 @@ munge_action_line(const char *_buf, cachemgr_request * req)
- if ((p = strchr(x, '\n')))
- *p = '\0';
- action = xstrtok(&x, '\t');
-+ if (!action) {
-+ xfree(buf);
-+ return "";
-+ }
- description = xstrtok(&x, '\t');
- if (!description)
- description = action;
-- if (!action)
-- return "";
- snprintf(html, sizeof(html), " <a href=\"%s\">%s</a>", menu_url(req, action), description);
-+ xfree(buf);
- return html;
- }
-
-@@ -820,7 +823,7 @@ process_request(cachemgr_request * req)
- }
-
- if (!check_target_acl(req->hostname, req->port)) {
-- snprintf(buf, 1024, "target %s:%d not allowed in cachemgr.conf\n", req->hostname, req->port);
-+ snprintf(buf, sizeof(buf), "target %s:%d not allowed in cachemgr.conf\n", req->hostname, req->port);
- error_html(buf);
- return 1;
- }
-@@ -832,7 +835,7 @@ process_request(cachemgr_request * req)
- } else if ((S = req->hostname))
- (void) 0;
- else {
-- snprintf(buf, 1024, "Unknown host: %s\n", req->hostname);
-+ snprintf(buf, sizeof(buf), "Unknown host: %s\n", req->hostname);
- error_html(buf);
- return 1;
- }
-@@ -846,17 +849,19 @@ process_request(cachemgr_request * req)
- #else
- if ((s = socket(PF_INET, SOCK_STREAM, 0)) < 0) {
- #endif
-- snprintf(buf, 1024, "socket: %s\n", xstrerror());
-+ snprintf(buf, sizeof(buf), "socket: %s\n", xstrerror());
- error_html(buf);
-+ S.FreeAddrInfo(AI);
- return 1;
- }
-
- if (connect(s, AI->ai_addr, AI->ai_addrlen) < 0) {
-- snprintf(buf, 1024, "connect %s: %s\n",
-+ snprintf(buf, sizeof(buf), "connect %s: %s\n",
- S.ToURL(ipbuf,MAX_IPSTRLEN),
- xstrerror());
- error_html(buf);
- S.FreeAddrInfo(AI);
-+ close(s);
- return 1;
- }
-
-@@ -917,8 +922,6 @@ static char *
- read_post_request(void)
- {
- char *s;
-- char *buf;
-- int len;
-
- if ((s = getenv("REQUEST_METHOD")) == NULL)
- return NULL;
-@@ -929,15 +932,34 @@ read_post_request(void)
- if ((s = getenv("CONTENT_LENGTH")) == NULL)
- return NULL;
-
-- if ((len = atoi(s)) <= 0)
-+ if (*s == '-') // negative length content huh?
- return NULL;
-
-- buf = (char *)xmalloc(len + 1);
-+ uint64_t len;
-
-- if (fread(buf, len, 1, stdin) == 0)
-+ char *endptr = s+ strlen(s);
-+ if ((len = strtoll(s, &endptr, 10)) <= 0)
- return NULL;
-
-- buf[len] = '\0';
-+ // limit the input to something reasonable.
-+ // 4KB should be enough for the GET/POST data length, but may be extended.
-+ size_t bufLen = (len < 4096 ? len : 4095);
-+ char *buf = (char *)xmalloc(bufLen + 1);
-+
-+ size_t readLen = fread(buf, 1, bufLen, stdin);
-+ if (readLen == 0) {
-+ xfree(buf);
-+ return NULL;
-+ }
-+ buf[readLen] = '\0';
-+ len -= readLen;
-+
-+ // purge the remainder of the request entity
-+ while (len > 0 && readLen) {
-+ char temp[65535];
-+ readLen = fread(temp, 1, 65535, stdin);
-+ len -= readLen;
-+ }
-
- return buf;
- }
-@@ -1077,37 +1099,49 @@ decode_pub_auth(cachemgr_request * req)
- debug(3) fprintf(stderr, "cmgr: length ok\n");
-
- /* parse ( a lot of memory leaks, but that is cachemgr style :) */
-- if ((host_name = strtok(buf, "|")) == NULL)
-+ if ((host_name = strtok(buf, "|")) == NULL) {
-+ xfree(buf);
- return;
-+ }
-
- debug(3) fprintf(stderr, "cmgr: decoded host: '%s'\n", host_name);
-
-- if ((time_str = strtok(NULL, "|")) == NULL)
-+ if ((time_str = strtok(NULL, "|")) == NULL) {
-+ xfree(buf);
- return;
-+ }
-
- debug(3) fprintf(stderr, "cmgr: decoded time: '%s' (now: %d)\n", time_str, (int) now);
-
-- if ((user_name = strtok(NULL, "|")) == NULL)
-+ if ((user_name = strtok(NULL, "|")) == NULL) {
-+ xfree(buf);
- return;
-+ }
-
- debug(3) fprintf(stderr, "cmgr: decoded uname: '%s'\n", user_name);
-
-- if ((passwd = strtok(NULL, "|")) == NULL)
-+ if ((passwd = strtok(NULL, "|")) == NULL) {
-+ xfree(buf);
- return;
-+ }
-
- debug(2) fprintf(stderr, "cmgr: decoded passwd: '%s'\n", passwd);
-
- /* verify freshness and validity */
-- if (atoi(time_str) + passwd_ttl < now)
-+ if (atoi(time_str) + passwd_ttl < now) {
-+ xfree(buf);
- return;
-+ }
-
-- if (strcasecmp(host_name, req->hostname))
-+ if (strcasecmp(host_name, req->hostname)) {
-+ xfree(buf);
- return;
-+ }
-
- debug(1) fprintf(stderr, "cmgr: verified auth. info.\n");
-
- /* ok, accept */
-- xfree(req->user_name);
-+ safe_free(req->user_name);
-
- req->user_name = xstrdup(user_name);
-
-@@ -1145,6 +1179,7 @@ make_auth_header(const cachemgr_request * req)
-
- snprintf(&buf[stringLength], sizeof(buf) - stringLength, "Proxy-Authorization: Basic %s\r\n", str64);
-
-+ xxfree(str64);
- return buf;
- }
-
diff -urN squid3-3.1.20/debian/patches/series squid3-3.3.1/debian/patches/series
--- squid3-3.1.20/debian/patches/series 2013-02-05 22:53:05.000000000 +0100
+++ squid3-3.3.1/debian/patches/series 2013-02-27 11:29:02.000000000 +0100
@@ -1,5 +1,3 @@
01-cf.data.debian.patch
02-makefile-defaults.patch
15-cachemgr-default-config.patch
-20-ipv6-fix
-30-CVE-2012-5643-CVE-2013-0189.patch
diff -urN squid3-3.1.20/debian/rules squid3-3.3.1/debian/rules
--- squid3-3.1.20/debian/rules 2012-06-18 15:23:48.000000000 +0200
+++ squid3-3.3.1/debian/rules 2013-02-27 11:23:53.000000000 +0100
@@ -27,7 +27,7 @@
--enable-underscores \
--enable-icap-client \
--enable-follow-x-forwarded-for \
- --enable-auth="basic,digest,ntlm,negotiate" \
+ --enable-auth \
--enable-basic-auth-helpers="LDAP,MSNT,NCSA,PAM,SASL,SMB,YP,DB,POP3,getpwnam,squid_radius_auth,multi-domain-NTLM" \
--enable-ntlm-auth-helpers="smb_lm," \
--enable-digest-auth-helpers="ldap,password" \
@@ -39,6 +39,7 @@
--enable-wccpv2 \
--disable-translation \
--with-logdir=/var/log/squid3 \
+ --with-swapdir=/var/spool/squid3 \
--with-pidfile=/var/run/squid3.pid \
--with-filedescriptors=65536 \
--with-large-files \
@@ -61,14 +62,20 @@
mv $(INSTALLDIR)/usr/lib/squid3/cachemgr.cgi $(INSTALLDIR)/usr/lib/cgi-bin/cachemgr.cgi
mv $(INSTALLDIR)/usr/sbin/squid $(INSTALLDIR)/usr/sbin/squid3
mv $(INSTALLDIR)/usr/share/man/man8/squid.8 $(INSTALLDIR)/usr/share/man/man8/squid3.8
- mv $(INSTALLDIR)/usr/share/man/man8/pam_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_pam_auth.8
- mv $(INSTALLDIR)/usr/share/man/man8/squid_ldap_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_ldap_auth.8
- mv $(INSTALLDIR)/usr/share/man/man8/squid_ldap_group.8 $(INSTALLDIR)/usr/share/man/man8/squid3_ldap_group.8
- mv $(INSTALLDIR)/usr/share/man/man8/squid_session.8 $(INSTALLDIR)/usr/share/man/man8/squid3_session.8
- mv $(INSTALLDIR)/usr/share/man/man8/squid_unix_group.8 $(INSTALLDIR)/usr/share/man/man8/squid3_unix_group.8
- mv $(INSTALLDIR)/usr/share/man/man8/ncsa_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_ncsa_auth.8
- mv $(INSTALLDIR)/usr/share/man/man8/squid_db_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_db_auth.8
- mv $(INSTALLDIR)/usr/share/man/man8/squid_radius_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_radius_auth.8
+ mv $(INSTALLDIR)/usr/share/man/man8/basic_db_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_basic_db_auth.8
+ mv $(INSTALLDIR)/usr/share/man/man8/basic_ldap_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_basic_ldap_auth.8
+ mv $(INSTALLDIR)/usr/share/man/man8/basic_pam_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_basic_pam_auth.8
+ mv $(INSTALLDIR)/usr/share/man/man8/basic_sasl_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_basic_sasl_auth.8
+ mv $(INSTALLDIR)/usr/share/man/man8/digest_file_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_digest_file_auth.8
+ mv $(INSTALLDIR)/usr/share/man/man8/ext_unix_group_acl.8 $(INSTALLDIR)/usr/share/man/man8/squid3_ext_unix_group_acl.8
+ mv $(INSTALLDIR)/usr/share/man/man8/log_db_daemon.8 $(INSTALLDIR)/usr/share/man/man8/squid3_log_db_daemon.8
+ mv $(INSTALLDIR)/usr/share/man/man8/basic_getpwnam_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_basic_getpwnam_auth.8
+ mv $(INSTALLDIR)/usr/share/man/man8/basic_ncsa_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_basic_ncsa_auth.8
+ mv $(INSTALLDIR)/usr/share/man/man8/basic_radius_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_basic_radius_auth.8
+ mv $(INSTALLDIR)/usr/share/man/man8/cachemgr.cgi.8 $(INSTALLDIR)/usr/share/man/man8/squid3_cachemgr.cgi.8
+ mv $(INSTALLDIR)/usr/share/man/man8/ext_session_acl.8 $(INSTALLDIR)/usr/share/man/man8/squid3_ext_session_acl.8
+ mv $(INSTALLDIR)/usr/share/man/man8/ext_wbinfo_group_acl.8 $(INSTALLDIR)/usr/share/man/man8/squid3_ext_wbinfo_group_acl.8
+ mv $(INSTALLDIR)/usr/share/man/man8/negotiate_kerberos_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_negotiate_kerberos_auth.8
install -m 755 -g root -d $(INSTALLDIR)/etc/init.d
install -m 755 -g root -d $(INSTALLDIR)/etc/logrotate.d
install -m 755 -g root -d $(INSTALLDIR)/etc/resolvconf
diff -urN squid3-3.1.20/debian/squid3.install squid3-3.3.1/debian/squid3.install
--- squid3-3.1.20/debian/squid3.install 2011-02-15 01:01:24.000000000 +0100
+++ squid3-3.3.1/debian/squid3.install 2013-02-26 14:05:08.000000000 +0100
@@ -8,11 +8,16 @@
usr/lib/squid3
usr/sbin/squid3
usr/share/man/man8/squid3.8
-usr/share/man/man8/squid3_db_auth.8
-usr/share/man/man8/squid3_ldap_auth.8
-usr/share/man/man8/squid3_ldap_group.8
-usr/share/man/man8/squid3_ncsa_auth.8
-usr/share/man/man8/squid3_pam_auth.8
-usr/share/man/man8/squid3_radius_auth.8
-usr/share/man/man8/squid3_session.8
-usr/share/man/man8/squid3_unix_group.8
+usr/share/man/man8/squid3_basic_db_auth.8
+usr/share/man/man8/squid3_basic_ldap_auth.8
+usr/share/man/man8/squid3_basic_pam_auth.8
+usr/share/man/man8/squid3_basic_sasl_auth.8
+usr/share/man/man8/squid3_digest_file_auth.8
+usr/share/man/man8/squid3_ext_unix_group_acl.8
+usr/share/man/man8/squid3_log_db_daemon.8
+usr/share/man/man8/squid3_basic_getpwnam_auth.8
+usr/share/man/man8/squid3_basic_ncsa_auth.8
+usr/share/man/man8/squid3_basic_radius_auth.8
+usr/share/man/man8/squid3_ext_session_acl.8
+usr/share/man/man8/squid3_ext_wbinfo_group_acl.8
+usr/share/man/man8/squid3_negotiate_kerberos_auth.8
diff -urN squid3-3.1.20/debian/squid-cgi.install squid3-3.3.1/debian/squid-cgi.install
--- squid3-3.1.20/debian/squid-cgi.install 2010-05-02 19:28:26.000000000 +0200
+++ squid3-3.3.1/debian/squid-cgi.install 2013-02-26 14:05:21.000000000 +0100
@@ -1,3 +1,3 @@
usr/lib/cgi-bin/cachemgr.cgi
-usr/share/man/man8/cachemgr.cgi.8
+usr/share/man/man8/squid3_cachemgr.cgi.8
etc/squid/cachemgr.conf
