- new version 5.7

- remove openssl3 patch - already in upstream
- remove -lfto patch which is also alrady in upstream

sources

@@ -1,3 +1,3 @@
-SHA512 (squid-5.6.tar.xz) = 940a4d21ea8e3384642951d80c501a192178d1220f06a59a7bc54ce86d49caea0a86b6e789e28bcb7125ffa2a564ca1aca886a96cccf6356314121a81f38221a
+SHA512 (squid-5.7.tar.xz) = 624a39041a6ceda6c470dc0937616f1aa67200f3db02b4d74095d8d706ed31d6df5e0417dcacde45f6be40b617bee018849793d52c96a626aab32a2b182972aa
-SHA512 (squid-5.6.tar.xz.asc) = dcb3c33c098200a5bb289fcefe0cb8d69c8d65c99dfc536c0b9d1b2ef51427e5e05e987b3e31eab33b2c1e48885d5cfa2ec33a50cf6b3685306fd16a35a4d0bf
+SHA512 (squid-5.7.tar.xz.asc) = e8578d3dc0ecff0cb4a0d53375564f782b51c218276413a1b3b924396846a2cbca1f3ff8d53b247d210e4f63e553d89795a5b8b6972b7712d87c33b556076238
 SHA512 (pgp.asc) = 09f7012030d68831dfc083d67ca63ee54ed851482ca8d0e9505b444ee3e7ddeed62369b53f2917c9b2e0e57cc0533fce46e8cafd2ebcd1c6cb186b516efd0ad2

squid-5.2-openssl3.patch

@@ -1,185 +0,0 @@
-diff --git a/src/ssl/support.cc b/src/ssl/support.cc
-index 3ad135d..73912ce 100644
---- a/src/ssl/support.cc
-+++ b/src/ssl/support.cc
-@@ -557,7 +557,11 @@ Ssl::VerifyCallbackParameters::At(Security::Connection &sconn)
- }
- 
- // "dup" function for SSL_get_ex_new_index("cert_err_check")
--#if SQUID_USE_CONST_CRYPTO_EX_DATA_DUP
-+#if OPENSSL_VERSION_MAJOR >= 3
-+static int
-+ssl_dupAclChecklist(CRYPTO_EX_DATA *, const CRYPTO_EX_DATA *, void **,
-+                    int, long, void *)
-+#elif SQUID_USE_CONST_CRYPTO_EX_DATA_DUP
- static int
- ssl_dupAclChecklist(CRYPTO_EX_DATA *, const CRYPTO_EX_DATA *, void *,
-                     int, long, void *)
-diff --git a/src/security/PeerOptions.cc b/src/security/PeerOptions.cc
-index cf1d4ba..4346ba5 100644
---- a/src/security/PeerOptions.cc
-+++ b/src/security/PeerOptions.cc
-@@ -297,130 +297,130 @@ static struct ssl_option {
- 
- } ssl_options[] = {
- 
--#if SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
-+#ifdef SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
-     {
-         "NETSCAPE_REUSE_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
-     },
- #endif
--#if SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
-+#ifdef SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
-     {
-         "SSLREF2_REUSE_CERT_TYPE_BUG", SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
-     },
- #endif
--#if SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
-+#ifdef SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
-     {
-         "MICROSOFT_BIG_SSLV3_BUFFER", SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
-     },
- #endif
--#if SSL_OP_SSLEAY_080_CLIENT_DH_BUG
-+#ifdef SSL_OP_SSLEAY_080_CLIENT_DH_BUG
-     {
-         "SSLEAY_080_CLIENT_DH_BUG", SSL_OP_SSLEAY_080_CLIENT_DH_BUG
-     },
- #endif
--#if SSL_OP_TLS_D5_BUG
-+#ifdef SSL_OP_TLS_D5_BUG
-     {
-         "TLS_D5_BUG", SSL_OP_TLS_D5_BUG
-     },
- #endif
--#if SSL_OP_TLS_BLOCK_PADDING_BUG
-+#ifdef SSL_OP_TLS_BLOCK_PADDING_BUG
-     {
-         "TLS_BLOCK_PADDING_BUG", SSL_OP_TLS_BLOCK_PADDING_BUG
-     },
- #endif
--#if SSL_OP_TLS_ROLLBACK_BUG
-+#ifdef SSL_OP_TLS_ROLLBACK_BUG
-     {
-         "TLS_ROLLBACK_BUG", SSL_OP_TLS_ROLLBACK_BUG
-     },
- #endif
--#if SSL_OP_ALL
-+#ifdef SSL_OP_ALL
-     {
-         "ALL", (long)SSL_OP_ALL
-     },
- #endif
--#if SSL_OP_SINGLE_DH_USE
-+#ifdef SSL_OP_SINGLE_DH_USE
-     {
-         "SINGLE_DH_USE", SSL_OP_SINGLE_DH_USE
-     },
- #endif
--#if SSL_OP_EPHEMERAL_RSA
-+#ifdef SSL_OP_EPHEMERAL_RSA
-     {
-         "EPHEMERAL_RSA", SSL_OP_EPHEMERAL_RSA
-     },
- #endif
--#if SSL_OP_PKCS1_CHECK_1
-+#ifdef SSL_OP_PKCS1_CHECK_1
-     {
-         "PKCS1_CHECK_1", SSL_OP_PKCS1_CHECK_1
-     },
- #endif
--#if SSL_OP_PKCS1_CHECK_2
-+#ifdef SSL_OP_PKCS1_CHECK_2
-     {
-         "PKCS1_CHECK_2", SSL_OP_PKCS1_CHECK_2
-     },
- #endif
--#if SSL_OP_NETSCAPE_CA_DN_BUG
-+#ifdef SSL_OP_NETSCAPE_CA_DN_BUG
-     {
-         "NETSCAPE_CA_DN_BUG", SSL_OP_NETSCAPE_CA_DN_BUG
-     },
- #endif
--#if SSL_OP_NON_EXPORT_FIRST
-+#ifdef SSL_OP_NON_EXPORT_FIRST
-     {
-         "NON_EXPORT_FIRST", SSL_OP_NON_EXPORT_FIRST
-     },
- #endif
--#if SSL_OP_CIPHER_SERVER_PREFERENCE
-+#ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
-     {
-         "CIPHER_SERVER_PREFERENCE", SSL_OP_CIPHER_SERVER_PREFERENCE
-     },
- #endif
--#if SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
-+#ifdef SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
-     {
-         "NETSCAPE_DEMO_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
-     },
- #endif
--#if SSL_OP_NO_SSLv3
-+#ifdef SSL_OP_NO_SSLv3
-     {
-         "NO_SSLv3", SSL_OP_NO_SSLv3
-     },
- #endif
--#if SSL_OP_NO_TLSv1
-+#ifdef SSL_OP_NO_TLSv1
-     {
-         "NO_TLSv1", SSL_OP_NO_TLSv1
-     },
- #else
-     { "NO_TLSv1", 0 },
- #endif
--#if SSL_OP_NO_TLSv1_1
-+#ifdef SSL_OP_NO_TLSv1_1
-     {
-         "NO_TLSv1_1", SSL_OP_NO_TLSv1_1
-     },
- #else
-     { "NO_TLSv1_1", 0 },
- #endif
--#if SSL_OP_NO_TLSv1_2
-+#ifdef SSL_OP_NO_TLSv1_2
-     {
-         "NO_TLSv1_2", SSL_OP_NO_TLSv1_2
-     },
- #else
-     { "NO_TLSv1_2", 0 },
- #endif
--#if SSL_OP_NO_TLSv1_3
-+#ifdef SSL_OP_NO_TLSv1_3
-     {
-         "NO_TLSv1_3", SSL_OP_NO_TLSv1_3
-     },
- #else
-     { "NO_TLSv1_3", 0 },
- #endif
--#if SSL_OP_NO_COMPRESSION
-+#ifdef SSL_OP_NO_COMPRESSION
-     {
-         "No_Compression", SSL_OP_NO_COMPRESSION
-     },
- #endif
--#if SSL_OP_NO_TICKET
-+#ifdef SSL_OP_NO_TICKET
-     {
-         "NO_TICKET", SSL_OP_NO_TICKET
-     },
- #endif
--#if SSL_OP_SINGLE_ECDH_USE
-+#ifdef SSL_OP_SINGLE_ECDH_USE
-     {
-         "SINGLE_ECDH_USE", SSL_OP_SINGLE_ECDH_USE
-     },
-@@ -512,7 +512,7 @@ Security::PeerOptions::parseOptions()
- 
-     }
- 
--#if SSL_OP_NO_SSLv2
-+#ifdef SSL_OP_NO_SSLv2
-     // compliance with RFC 6176: Prohibiting Secure Sockets Layer (SSL) Version 2.0
-     op = op | SSL_OP_NO_SSLv2;
- #endif

squid-5.2-test-store-cppsuite.patch

@@ -1,24 +0,0 @@
-diff --git a/src/tests/testStoreHashIndex.cc b/src/tests/testStoreHashIndex.cc
-index 0564380..fcd60b9 100644
---- a/src/tests/testStoreHashIndex.cc
-+++ b/src/tests/testStoreHashIndex.cc
-@@ -102,6 +102,8 @@ void commonInit()
-     if (inited)
-         return;
- 
-+    inited = true;
-+
-     Mem::Init();
- 
-     Config.Store.avgObjectSize = 1024;
-@@ -109,6 +111,10 @@ void commonInit()
-     Config.Store.objectsPerBucket = 20;
- 
-     Config.Store.maxObjectSize = 2048;
-+
-+    Config.memShared.defaultTo(false);
-+
-+    Config.store_dir_select_algorithm = xstrdup("round-robin");
- }
- 
- /* TODO make this a cbdata class */

squid.spec

@@ -1,8 +1,8 @@
 %define __perl_requires %{SOURCE98}
 
 Name:     squid
-Version:  5.6
+Version:  5.7
-Release:  2%{?dist}
+Release:  1%{?dist}
 Summary:  The Squid proxy caching server
 Epoch:    7
 # See CREDITS for breakdown of non GPLv2+ code
@@ -35,10 +35,6 @@ Patch204: squid-3.5.9-include-guards.patch
 # revert this upstream patch - https://bugzilla.redhat.com/show_bug.cgi?id=1936422
 # workaround for #1934919
 Patch205: squid-5.0.5-symlink-lang-err.patch
-# fix openssl3 build failures
-Patch206: squid-5.2-openssl3.patch
-# fix -lto build failure
-Patch207: squid-5.2-test-store-cppsuite.patch
 
 # cache_swap.sh
 Requires: bash gawk
@@ -109,8 +105,6 @@ lookup program (dnsserver), a program for retrieving FTP data
 %patch203 -p1 -b .perlpath
 %patch204 -p0 -b .include-guards
 %patch205 -p1 -R -b .symlink-lang-err
-%patch206 -p1 -b .openssl3
-%patch207 -p1 -b .flto
 
 # https://bugzilla.redhat.com/show_bug.cgi?id=1679526
 # Patch in the vendor documentation and used different location for documentation
@@ -342,6 +336,9 @@ fi
 
 
 %changelog
+* Tue Sep 06 2022 Luboš Uhliarik <luhliari@redhat.com> - 7:5.7-1
+- new version 5.7
+
 * Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 7:5.6-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild