# HG changeset patch # User holger # Date 1281606600 -7200 # Node ID 41b20f73ec7c9d93c270d354acfa4fde93d9fdc0 # Parent 2864788b37cf41b6dcca282170a1e565ca1598e8 squid-3.1.6 in portage is fixed diff -r 2864788b37cf -r 41b20f73ec7c net-proxy/squid/Manifest --- a/net-proxy/squid/Manifest Wed Aug 11 01:19:11 2010 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,14 +0,0 @@ -AUX squid-3.1.5-errorstate-leak-fix.patch 550 RMD160 744f601d60e688a3cea3225d97e40fa729ff31cf SHA1 30778922c3298c8ffd85dd330b4d3a2d704ac38b SHA256 7ba2ad09069ef5094f81b0f90498cfcba079611e28d64a2759a4586781ab112a -AUX squid-3.1.5-gentoo.patch 12352 RMD160 a1c948634e8dc44329a8765db0af47eefd9ed3c5 SHA1 6472faaadb7b43d577ce0349dd441b2a9a5b3d04 SHA256 0ad4e1e572561370728dab5e4e3733fa64ed9728000668b9e6fff1af6cb4cee9 -AUX squid-3.1.5-libmd5.patch 588 RMD160 8ae39b18976cfa9fa3512262e002ef7e8543c61e SHA1 6447f81ca6cdd85f2a9c0e76bb48d6e0eac9ed80 SHA256 a2380cff52f649dea0f37091deb5f714b9cc912e295351bd4e49f46c13110209 -AUX squid-3.1.5-qafixes.patch 3074 RMD160 91024dd4a450bf0180cc691ce9e1d2a427c37a0c SHA1 acb65b63b969707d0ce1d29c3a6a77dc56b4fcdf SHA256 8542a6bebeb431ec4f0ceef4114d048f3201e10a4f68d6df81f0720d10690b13 -AUX squid-3.1.5-range-leak-fix-1.patch 1542 RMD160 2cda5c77b99a28f54e02a699a64cf9646c6b9083 SHA1 81051e9032853b4d567e716502385fc3c9bfbc9c SHA256 f7707eefd886e2e5b665424bed9b70b75ef2afe77236745661d18dd6e360d167 -AUX squid-3.1.5-range-leak-fix-2.patch 793 RMD160 ed284b09329943acb24c83725bb5d9fe15cb817a SHA1 d2be8ea0b3fa5a41c86d030c011172fcd1bb2c85 SHA256 83854638092ece023d3eccc39e2c739a66e55a471e1312a49fb4b8a5983a8823 -AUX squid.confd 540 RMD160 aa4ec5a6eebad1222667aff6b3180931cf566b13 SHA1 1c0c23b08bd0450eae14604c2b45ca67c7ac25c5 SHA256 aeef7060c50074b65c664fc106d7319ce380d25320ee2ee00f7d6021846b88ec -AUX squid.cron 143 RMD160 0706a7ad04691b9a93a2897c319008440483ba11 SHA1 6138db0eccb7320e707b8d60c2970ef684e29336 SHA256 4c9e2afe5b0bba583ce896233ea1f9262beeb1b6cf51b4adb48d5f5c03933b2f -AUX squid.initd 3315 RMD160 a6209a27770eb2aebdd533c946e790efec0de53b SHA1 08519fa20a7286cba9ea82e7b23dd8116ab7f77b SHA256 d3eac36c2fc313688e19cde7ace63783cd202315b23c0b2bd0219a4504cb2b35 -AUX squid.initd-logrotate 3163 RMD160 b7d58517e4198ceb7416c00004c91ac30a241bfb SHA1 714d51e0c449817c12e7230942f89c1a62012107 SHA256 b403b7ffebc08c2ce76cd2b8b6c53a639f24e3e35933ba9766aa4623a34a1279 -AUX squid.logrotate 103 RMD160 e7e4a6bde48e2735632692a6e628955b270f30ad SHA1 6e8d42f6a1a3109f0a26ed30edc7d91c6816e23f SHA256 e5ddce1c9af851040affa15e1a59e89d8db0f2eea7c461320a1d3784578f4482 -AUX squid.pam 315 RMD160 afb3f1cc36ba5ef0015c40040b6d5c18485ec828 SHA1 40933fabaaa2a9cb38d57c3acb77857082c82ae5 SHA256 68ef4282f9fb8506df710d0ae16e84e991e9b138c7f1d0af922682219c7a971f -DIST squid-3.1.5.tar.gz 3226676 RMD160 b5153ae6cbce267e62537bcaa1694091b142c727 SHA1 94eaa4a1aa7483af64ca04b1715204cfb4a01ee8 SHA256 93e0e5e3a8fc7ac991d34b69bbfbb7c48540df44b1a606a89304d1742c8d1bf7 -EBUILD squid-3.1.5.ebuild 6848 RMD160 af8daf348caa6d618fcaa9368abcbf1af00eafea SHA1 3a0ba070d66d0f50b028d900befc032b3e52decc SHA256 754f2a22bde73a836ce20d45b0c6deea4b752580c6252f9594320b549f3935c6 diff -r 2864788b37cf -r 41b20f73ec7c net-proxy/squid/files/squid-3.1.5-errorstate-leak-fix.patch --- a/net-proxy/squid/files/squid-3.1.5-errorstate-leak-fix.patch Wed Aug 11 01:19:11 2010 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,14 +0,0 @@ ---- src/forward.cc 2010-05-04 23:06:00 +0000 -+++ src/forward.cc 2010-05-27 00:09:40 +0000 -@@ -527,7 +527,10 @@ - - /* Ditch error page if it was created before. - * A new one will be created if there's another problem */ -- err = NULL; -+ if (err) { -+ errorStateFree(err); -+ err = NULL; -+ } - - /* use eventAdd to break potential call sequence loops and to slow things down a little */ - eventAdd("fwdConnectStart", fwdConnectStartWrapper, this, originserver ? 0.05 : 0.005, 0); diff -r 2864788b37cf -r 41b20f73ec7c net-proxy/squid/files/squid-3.1.5-gentoo.patch --- a/net-proxy/squid/files/squid-3.1.5-gentoo.patch Wed Aug 11 01:19:11 2010 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,281 +0,0 @@ -diff -ruN squid-3.1.4.orig/acinclude.m4 squid-3.1.4/acinclude.m4 ---- squid-3.1.4.orig/acinclude.m4 2010-05-30 15:21:11.000000000 +0200 -+++ squid-3.1.4/acinclude.m4 2010-06-15 23:56:30.328286612 +0200 -@@ -75,7 +75,7 @@ - AC_MSG_CHECKING([whether compiler accepts -fhuge-objects]) - AC_CACHE_VAL([ac_cv_test_checkforhugeobjects],[ - ac_cv_test_checkforhugeobjects=`echo "int main(int argc, char **argv) { int foo; }" > conftest.cc --${CXX} -Werror -fhuge-objects -o conftest.bin conftest.cc 2>/dev/null -+${CXX} -fhuge-objects -o conftest.bin conftest.cc 2>/dev/null - res=$? - rm -f conftest.* - echo yes -diff -ruN squid-3.1.4.orig/configure.in squid-3.1.4/configure.in ---- squid-3.1.4.orig/configure.in 2010-05-30 15:21:49.000000000 +0200 -+++ squid-3.1.4/configure.in 2010-06-15 23:56:30.331286981 +0200 -@@ -16,9 +16,9 @@ - PRESET_LDFLAGS="$LDFLAGS" - - dnl Set default LDFLAGS --if test -z "$LDFLAGS"; then -- LDFLAGS="-g" --fi -+dnl if test -z "$LDFLAGS"; then -+dnl LDFLAGS="-g" -+dnl fi - - dnl Check for GNU cc - AC_PROG_CC -diff -ruN squid-3.1.4.orig/helpers/basic_auth/MSNT/confload.c squid-3.1.4/helpers/basic_auth/MSNT/confload.c ---- squid-3.1.4.orig/helpers/basic_auth/MSNT/confload.c 2010-05-30 15:21:11.000000000 +0200 -+++ squid-3.1.4/helpers/basic_auth/MSNT/confload.c 2010-06-15 23:56:30.332287748 +0200 -@@ -27,7 +27,7 @@ - - /* Path to configuration file */ - #ifndef SYSCONFDIR --#define SYSCONFDIR "/usr/local/squid/etc" -+#define SYSCONFDIR "/etc/squid" - #endif - #define CONFIGFILE SYSCONFDIR "/msntauth.conf" - -diff -ruN squid-3.1.4.orig/helpers/basic_auth/MSNT/msntauth.conf.default squid-3.1.4/helpers/basic_auth/MSNT/msntauth.conf.default ---- squid-3.1.4.orig/helpers/basic_auth/MSNT/msntauth.conf.default 2010-05-30 15:21:11.000000000 +0200 -+++ squid-3.1.4/helpers/basic_auth/MSNT/msntauth.conf.default 2010-06-15 23:56:30.333286558 +0200 -@@ -8,6 +8,6 @@ - server other_PDC other_BDC otherdomain - - # Denied and allowed users. Comment these if not needed. --#denyusers /usr/local/squid/etc/msntauth.denyusers --#allowusers /usr/local/squid/etc/msntauth.allowusers -+#denyusers /etc/squid/msntauth.denyusers -+#allowusers /etc/squid/msntauth.allowusers - -diff -ruN squid-3.1.4.orig/helpers/basic_auth/SMB/Makefile.am squid-3.1.4/helpers/basic_auth/SMB/Makefile.am ---- squid-3.1.4.orig/helpers/basic_auth/SMB/Makefile.am 2010-05-30 15:21:11.000000000 +0200 -+++ squid-3.1.4/helpers/basic_auth/SMB/Makefile.am 2010-06-15 23:56:30.333286558 +0200 -@@ -16,7 +16,7 @@ - ## FIXME: autoconf should test for the samba path. - - SMB_AUTH_HELPER = smb_auth.sh --SAMBAPREFIX=/usr/local/samba -+SAMBAPREFIX=/usr - SMB_AUTH_HELPER_PATH = $(libexecdir)/$(SMB_AUTH_HELPER) - - libexec_SCRIPTS = $(SMB_AUTH_HELPER) -diff -ruN squid-3.1.4.orig/helpers/basic_auth/SMB/smb_auth.sh squid-3.1.4/helpers/basic_auth/SMB/smb_auth.sh ---- squid-3.1.4.orig/helpers/basic_auth/SMB/smb_auth.sh 2010-05-30 15:21:11.000000000 +0200 -+++ squid-3.1.4/helpers/basic_auth/SMB/smb_auth.sh 2010-06-15 23:56:30.334286833 +0200 -@@ -24,7 +24,7 @@ - read AUTHSHARE - read AUTHFILE - read SMBUSER --read SMBPASS -+read -r SMBPASS - - # Find domain controller - echo "Domain name: $DOMAINNAME" -@@ -47,7 +47,7 @@ - addropt="" - fi - echo "Query address options: $addropt" --dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+ / { print $1 ; exit }'` -+dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+\..+ / { print $1 ; exit }'` - echo "Domain controller IP address: $dcip" - [ -n "$dcip" ] || exit 1 - -diff -ruN squid-3.1.4.orig/helpers/external_acl/session/squid_session.8 squid-3.1.4/helpers/external_acl/session/squid_session.8 ---- squid-3.1.4.orig/helpers/external_acl/session/squid_session.8 2010-05-30 15:21:11.000000000 +0200 -+++ squid-3.1.4/helpers/external_acl/session/squid_session.8 2010-06-15 23:56:30.334286833 +0200 -@@ -35,7 +35,7 @@ - .P - Configuration example using the default automatic mode - .IP --external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN /usr/local/squid/libexec/squid_session -+external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN /usr/libexec/squid/squid_session - .IP - acl session external session - .IP -diff -ruN squid-3.1.4.orig/helpers/external_acl/unix_group/squid_unix_group.8 squid-3.1.4/helpers/external_acl/unix_group/squid_unix_group.8 ---- squid-3.1.4.orig/helpers/external_acl/unix_group/squid_unix_group.8 2010-05-30 15:21:12.000000000 +0200 -+++ squid-3.1.4/helpers/external_acl/unix_group/squid_unix_group.8 2010-06-15 23:56:30.335286619 +0200 -@@ -27,7 +27,7 @@ - This squid.conf example defines two Squid acls. usergroup1 matches users in group1, and usergroup2 - matches users in group2 or group3 - .IP --external_acl_type unix_group %LOGIN /usr/local/squid/libexec/squid_unix_group -p -+external_acl_type unix_group %LOGIN /usr/libexec/squid/squid_unix_group -p - .IP - acl usergroup1 external unix_group group1 - .IP -diff -ruN squid-3.1.4.orig/helpers/negotiate_auth/squid_kerb_auth/configure.in squid-3.1.4/helpers/negotiate_auth/squid_kerb_auth/configure.in ---- squid-3.1.4.orig/helpers/negotiate_auth/squid_kerb_auth/configure.in 2010-05-30 15:21:11.000000000 +0200 -+++ squid-3.1.4/helpers/negotiate_auth/squid_kerb_auth/configure.in 2010-06-15 23:56:30.335286619 +0200 -@@ -17,6 +17,7 @@ - - AC_INIT([squid_kerb_auth],[1.0.5],[markus_moeller@compuserve.com]) - AM_INIT_AUTOMAKE(squid_kerb_auth,1.0.5) -+AM_MAINTAINER_MODE - AC_CONFIG_SRCDIR([squid_kerb_auth.c]) - - AC_PROG_CC -@@ -467,7 +468,7 @@ - echo "configure: ##" - echo "configure: ## -----------------------------##" - --MY_CFLAGS="-Wall -Wextra -Werror -Wcomment -Wpointer-arith -Wcast-align -Wwrite-strings -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wdeclaration-after-statement -Wshadow" -+MY_CFLAGS="-Wall -Wextra -Wpointer-arith -Wcast-align -Wwrite-strings -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wdeclaration-after-statement -Wshadow" - for ac_cv_my_cflag in $MY_CFLAGS; do - echo "int main() - { -diff -ruN squid-3.1.4.orig/lib/libTrie/acinclude.m4 squid-3.1.4/lib/libTrie/acinclude.m4 ---- squid-3.1.4.orig/lib/libTrie/acinclude.m4 2010-05-30 15:21:11.000000000 +0200 -+++ squid-3.1.4/lib/libTrie/acinclude.m4 2010-06-15 23:56:30.336287383 +0200 -@@ -11,7 +11,7 @@ - AC_MSG_CHECKING([whether compiler accepts -fhuge-objects]) - AC_CACHE_VAL([ac_cv_test_checkforhugeobjects],[ - ac_cv_test_checkforhugeobjects=`echo "int main(int argc, char **argv) { int foo; }" > conftest.cc --${CXX} -Werror -fhuge-objects -o conftest.bin conftest.cc 2>/dev/null -+${CXX} -fhuge-objects -o conftest.bin conftest.cc 2>/dev/null - res=$? - rm -f conftest.* - echo yes -diff -ruN squid-3.1.4.orig/lib/libTrie/configure.in squid-3.1.4/lib/libTrie/configure.in ---- squid-3.1.4.orig/lib/libTrie/configure.in 2010-05-30 15:21:11.000000000 +0200 -+++ squid-3.1.4/lib/libTrie/configure.in 2010-06-15 23:56:30.336287383 +0200 -@@ -59,8 +59,8 @@ - - dnl set useful flags - if test "$GCC" = "yes"; then -- TRIE_CFLAGS="-Werror -Wall -Wpointer-arith -Wwrite-strings -Wmissing-prototypes -Wmissing-declarations -Wcomments" -- TRIE_CXXFLAGS="-Werror -Wall -Wpointer-arith -Wwrite-strings -Wcomments" -+ TRIE_CFLAGS="-Wall -Wpointer-arith -Wwrite-strings -Wmissing-prototypes -Wmissing-declarations" -+ TRIE_CXXFLAGS="-Wall -Wpointer-arith -Wwrite-strings" - else - TRIE_CFLAGS= - TRIE_CXXFLAGS= -diff -ruN squid-3.1.4.orig/src/cf.data.pre squid-3.1.4/src/cf.data.pre ---- squid-3.1.4.orig/src/cf.data.pre 2010-05-30 15:21:11.000000000 +0200 -+++ squid-3.1.4/src/cf.data.pre 2010-06-15 23:56:30.344287666 +0200 -@@ -718,6 +718,7 @@ - acl Safe_ports port 488 # gss-http - acl Safe_ports port 591 # filemaker - acl Safe_ports port 777 # multiling http -+acl Safe_ports port 901 # SWAT - acl CONNECT method CONNECT - NOCOMMENT_END - DOC_END -@@ -866,6 +867,9 @@ - http_access allow localnet - http_access allow localhost - -+# Allow the localhost to have access by default -+http_access allow localhost -+ - # And finally deny all other access to this proxy - http_access deny all - NOCOMMENT_END -@@ -4036,11 +4040,11 @@ - - NAME: cache_mgr - TYPE: string --DEFAULT: webmaster -+DEFAULT: root - LOC: Config.adminEmail - DOC_START - Email-address of local cache manager who will receive -- mail if the cache dies. The default is "webmaster." -+ mail if the cache dies. The default is "root". - DOC_END - - NAME: mail_from -@@ -6352,7 +6356,7 @@ - NAME: forwarded_for - COMMENT: on|off|transparent|truncate|delete - TYPE: string --DEFAULT: on -+DEFAULT: delete - LOC: opt_forwarded_for - DOC_START - If set to "on", Squid will append your client's IP address -diff -ruN squid-3.1.4.orig/src/debug.cc squid-3.1.4/src/debug.cc ---- squid-3.1.4.orig/src/debug.cc 2010-05-30 15:21:11.000000000 +0200 -+++ squid-3.1.4/src/debug.cc 2010-06-15 23:56:30.345286478 +0200 -@@ -452,7 +452,7 @@ - #if HAVE_SYSLOG && defined(LOG_LOCAL4) - - if (Debug::log_syslog) -- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, syslog_facility); -+ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, syslog_facility); - - #endif /* HAVE_SYSLOG */ - -diff -ruN squid-3.1.4.orig/src/main.cc squid-3.1.4/src/main.cc ---- squid-3.1.4.orig/src/main.cc 2010-05-30 15:21:11.000000000 +0200 -+++ squid-3.1.4/src/main.cc 2010-06-15 23:56:30.347286547 +0200 -@@ -1553,7 +1553,7 @@ - if (*(argv[0]) == '(') - return; - -- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); -+ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4); - - if ((pid = fork()) < 0) - syslog(LOG_ALERT, "fork failed: %s", xstrerror()); -@@ -1597,7 +1597,7 @@ - - if ((pid = fork()) == 0) { - /* child */ -- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); -+ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4); - prog = xstrdup(argv[0]); - argv[0] = xstrdup("(squid)"); - execvp(prog, argv); -@@ -1605,7 +1605,7 @@ - } - - /* parent */ -- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); -+ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4); - - syslog(LOG_NOTICE, "Squid Parent: child process %d started", pid); - -diff -ruN squid-3.1.4.orig/src/Makefile.am squid-3.1.4/src/Makefile.am ---- squid-3.1.4.orig/src/Makefile.am 2010-05-30 15:21:11.000000000 +0200 -+++ squid-3.1.4/src/Makefile.am 2010-06-15 23:56:30.338286964 +0200 -@@ -638,7 +638,6 @@ - - sysconf_DATA = \ - squid.conf.default \ -- squid.conf.documented \ - mime.conf.default - - data_DATA = \ -@@ -718,8 +717,8 @@ - DEFAULT_ACCESS_LOG = $(DEFAULT_LOG_PREFIX)/access.log - DEFAULT_STORE_LOG = $(DEFAULT_LOG_PREFIX)/store.log - DEFAULT_PID_FILE = $(DEFAULT_PIDFILE) --DEFAULT_NETDB_FILE = $(DEFAULT_LOG_PREFIX)/netdb.state --DEFAULT_SWAP_DIR = $(localstatedir)/cache -+DEFAULT_NETDB_FILE = $(localstatedir)/run/netdb.state -+DEFAULT_SWAP_DIR = $(localstatedir)/cache/squid - DEFAULT_PINGER = $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'` - DEFAULT_UNLINKD = $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'` - DEFAULT_DISKD = $(libexecdir)/`echo diskd | sed '$(transform);s/$$/$(EXEEXT)/'` -@@ -797,13 +796,11 @@ - @if test -f $(DESTDIR)$(DEFAULT_CONFIG_FILE) ; then \ - echo "$@ will not overwrite existing $(DESTDIR)$(DEFAULT_CONFIG_FILE)" ; \ - else \ -- echo "$(INSTALL_DATA) squid.conf.default $(DESTDIR)$(DEFAULT_CONFIG_FILE)"; \ -- $(INSTALL_DATA) squid.conf.default $(DESTDIR)$(DEFAULT_CONFIG_FILE); \ -+ echo "$(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE)"; \ -+ $(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE); \ - fi -- echo "$(INSTALL_DATA) squid.conf.default $(DESTDIR)$(DEFAULT_CONFIG_FILE).default"; \ -- $(INSTALL_DATA) squid.conf.default $(DESTDIR)$(DEFAULT_CONFIG_FILE).default; \ -- echo "$(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE).documented"; \ -- $(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE).documented; \ -+ echo "$(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE).default"; \ -+ $(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE).default; \ - $(mkinstalldirs) $(DESTDIR)$(DEFAULT_LOG_PREFIX); \ - $(mkinstalldirs) $(DESTDIR)`dirname $(DEFAULT_PIDFILE)` - diff -r 2864788b37cf -r 41b20f73ec7c net-proxy/squid/files/squid-3.1.5-libmd5.patch --- a/net-proxy/squid/files/squid-3.1.5-libmd5.patch Wed Aug 11 01:19:11 2010 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,16 +0,0 @@ -diff -ruN squid-3.1.4.orig/configure.in squid-3.1.4/configure.in ---- squid-3.1.4.orig/configure.in 2010-05-30 15:21:49.000000000 +0200 -+++ squid-3.1.4/configure.in 2010-06-15 23:53:35.180163134 +0200 -@@ -2814,7 +2814,11 @@ - dnl libcrypt (eg FreeBSD) - AC_CHECK_LIB(crypt, crypt, [CRYPTLIB="-lcrypt"]) - dnl Solaris10 provides MD5 natively through libmd5 --AC_CHECK_LIB(md5, MD5Init, [CRYPTLIB="$CRYPTLIB -lmd5"]) -+case "$host" in -+ *-solaris*) -+ AC_CHECK_LIB(md5, MD5Init, [CRYPTLIB="$CRYPTLIB -lmd5"]) -+ ;; -+esac - AC_SUBST(CRYPTLIB) - - dnl Check for libdl, used by auth_modules/PAM diff -r 2864788b37cf -r 41b20f73ec7c net-proxy/squid/files/squid-3.1.5-qafixes.patch --- a/net-proxy/squid/files/squid-3.1.5-qafixes.patch Wed Aug 11 01:19:11 2010 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,57 +0,0 @@ -diff -ruN squid-3.1.4.orig/helpers/negotiate_auth/squid_kerb_auth/configure.in squid-3.1.4/helpers/negotiate_auth/squid_kerb_auth/configure.in ---- squid-3.1.4.orig/helpers/negotiate_auth/squid_kerb_auth/configure.in 2010-06-16 00:02:04.241287315 +0200 -+++ squid-3.1.4/helpers/negotiate_auth/squid_kerb_auth/configure.in 2010-06-16 00:00:08.296162082 +0200 -@@ -94,7 +94,7 @@ - else - ac_gssapi_libs=`krb5-config --libs gssapi 2>/dev/null` - if test "x$ac_gssapi_libs" != "x" ; then -- LDFLAGS="$LDFLAGS $ac_gssapi_libs" -+ LIBS="$LIBS $ac_gssapi_libs" - else - for lib in $ac_gss_libs; do - AC_CHECK_LIB($lib,main) -@@ -118,7 +118,7 @@ - fi - ac_gssapi_libs=`krb5-config --libs gssapi 2>/dev/null` - if test "x$ac_gssapi_libs" != "x" ; then -- LDFLAGS="$LDFLAGS $ac_gssapi_libs" -+ LIBS="$LIBS $ac_gssapi_libs" - else - for lib in $ac_gss_libs; do - AC_CHECK_LIB($lib,main) -@@ -172,7 +172,7 @@ - ac_libdir=`echo $ac_gssapi_libs | sed -e 's/.*-L//' | sed -e 's/ .*//'` - LDFLAGS="$LDFLAGS $w_flag$ac_libdir$w_flag_2" - fi -- LDFLAGS="$LDFLAGS $ac_gssapi_libs" -+ LIBS="$LIBS $ac_gssapi_libs" - else - for lib in $ac_gss_libs; do - AC_CHECK_LIB($lib,main) -@@ -201,7 +201,7 @@ - ac_libdir=`echo $ac_gssapi_libs | sed -e 's/.*-L//' | sed -e 's/ .*//'` - LDFLAGS="$LDFLAGS $w_flag$ac_libdir$w_flag_2" - fi -- LDFLAGS="$LDFLAGS $ac_gssapi_libs" -+ LIBS="$LIBS $ac_gssapi_libs" - else - for lib in $ac_gss_libs; do - AC_CHECK_LIB($lib,main) -diff -ruN squid-3.1.4.orig/src/forward.cc squid-3.1.4/src/forward.cc ---- squid-3.1.4.orig/src/forward.cc 2010-05-30 15:21:11.000000000 +0200 -+++ squid-3.1.4/src/forward.cc 2010-06-16 00:00:08.297162834 +0200 -@@ -999,8 +999,12 @@ - break; - - if (o->cmsg_level == SOL_IP && o->cmsg_type == IP_TOS) { -- int *tmp = (int*)CMSG_DATA(o); -- clientFde->upstreamTOS = (unsigned char)*tmp; -+ union { -+ unsigned char *pchar; -+ int *pint; -+ } data; -+ data.pchar = CMSG_DATA(o); -+ clientFde->upstreamTOS = (unsigned char)*data.pint; - break; - } - pbuf += CMSG_LEN(o->cmsg_len); diff -r 2864788b37cf -r 41b20f73ec7c net-proxy/squid/files/squid-3.1.5-range-leak-fix-1.patch --- a/net-proxy/squid/files/squid-3.1.5-range-leak-fix-1.patch Wed Aug 11 01:19:11 2010 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,45 +0,0 @@ -http://bugs.squid-cache.org/attachment.cgi?id=2166&action=diff - -Backported to squid-3.1.5 by Kerin Millar - -diff -urp squid-3.1.5.orig/src/HttpReply.cc squid-3.1.5/src/HttpReply.cc ---- squid-3.1.5.orig/src/HttpReply.cc 2010-07-15 00:40:43.562561668 +0400 -+++ squid-3.1.5/src/HttpReply.cc 2010-07-15 00:51:09.046799333 +0400 -@@ -607,6 +607,7 @@ HttpReply * - HttpReply::clone() const - { - HttpReply *rep = new HttpReply(); -+ rep->sline = sline; // used in hdrCacheInit() call above - rep->header.append(&header); - rep->hdrCacheInit(); - rep->hdr_sz = hdr_sz; -@@ -615,8 +616,7 @@ HttpReply::clone() const - rep->body_pipe = body_pipe; - - rep->protocol = protocol; -- rep->sline = sline; -- rep->keep_alive = keep_alive; -+ // keep_alive is handled in HttpMsg::hdrCacheInit() - return rep; - } - -diff -urp squid-3.1.5.orig/src/HttpRequest.cc squid-3.1.5/src/HttpRequest.cc ---- squid-3.1.5.orig/src/HttpRequest.cc 2010-07-02 06:47:30.000000000 +0400 -+++ squid-3.1.5/src/HttpRequest.cc 2010-07-15 00:45:21.755798990 +0400 -@@ -188,7 +188,7 @@ HttpRequest::clone() const - // urlPath handled in ctor - copy->canonical = canonical ? xstrdup(canonical) : NULL; - -- copy->range = range ? new HttpHdrRange(*range) : NULL; -+ // range handled in hdrCacheInit() - copy->ims = ims; - copy->imslen = imslen; - copy->max_forwards = max_forwards; -@@ -358,6 +358,7 @@ HttpRequest::hdrCacheInit() - { - HttpMsg::hdrCacheInit(); - -+ assert(!range); - range = header.getRange(); - } - diff -r 2864788b37cf -r 41b20f73ec7c net-proxy/squid/files/squid-3.1.5-range-leak-fix-2.patch --- a/net-proxy/squid/files/squid-3.1.5-range-leak-fix-2.patch Wed Aug 11 01:19:11 2010 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,23 +0,0 @@ ---- a/src/client_side_request.cc -+++ a/src/client_side_request.cc -@@ -830,6 +830,8 @@ clientInterpretRequestHeaders(ClientHttpRequest * http) - - /* ignore range header in non-GETs or non-HEADs */ - if (request->method == METHOD_GET || request->method == METHOD_HEAD) { -+ if (request->range) -+ delete request->range; - request->range = req_hdr->getRange(); - - if (request->range) { -@@ -854,7 +856,10 @@ clientInterpretRequestHeaders(ClientHttpRequest * http) - else { - req_hdr->delById(HDR_RANGE); - req_hdr->delById(HDR_REQUEST_RANGE); -- request->range = NULL; -+ if (request->range) { -+ delete request->range; -+ request->range = NULL; -+ } - } - - if (req_hdr->has(HDR_AUTHORIZATION)) diff -r 2864788b37cf -r 41b20f73ec7c net-proxy/squid/files/squid.confd --- a/net-proxy/squid/files/squid.confd Wed Aug 11 01:19:11 2010 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,14 +0,0 @@ -# Copyright 1999-2004 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/files/squid.confd,v 1.3 2009/10/25 08:35:46 mrness Exp $ - -# Config file for /etc/init.d/squid - -SQUID_OPTS="-YC" - -# Max. number of filedescriptors to use. You can increase this on a busy -# cache to a maximum of (currently) 8192 filedescriptors. Default is 1024. -SQUID_MAXFD=1024 - -# Kerberos keytab file to use. This is required if you enable kerberos authentication. -SQUID_KEYTAB="" diff -r 2864788b37cf -r 41b20f73ec7c net-proxy/squid/files/squid.cron --- a/net-proxy/squid/files/squid.cron Wed Aug 11 01:19:11 2010 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,5 +0,0 @@ -#!/bin/sh -if test -e /var/run/squid.pid ; then - test -n "$(cat /var/run/squid.pid|xargs ps -p|grep squid)" && \ - /usr/sbin/squid -k rotate -fi diff -r 2864788b37cf -r 41b20f73ec7c net-proxy/squid/files/squid.initd --- a/net-proxy/squid/files/squid.initd Wed Aug 11 01:19:11 2010 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,129 +0,0 @@ -#!/sbin/runscript -# Copyright 1999-2006 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/files/squid.initd,v 1.13 2009/11/28 12:32:58 mrness Exp $ - -opts="${opts} reload rotate" - -depend() { - use dns - need net -} - -upprocval() { - [ -f $1 ] || return 0 - if [ `cat $1` -lt $2 ]; then - echo $2 > $1 - fi -} - -# Try to increase the # of filedescriptors we can open. -maxfds() { - [ -n "$SQUID_MAXFD" ] || return - [ $SQUID_MAXFD -le 8192 ] || SQUID_MAXFD=8192 - local minimal_file_max=$(($SQUID_MAXFD + 4096)) - upprocval /proc/sys/fs/file-max $minimal_file_max - if /usr/sbin/squid -v | grep -q "\--enable-epoll" ; then - upprocval /proc/sys/fs/epoll/max_user_watches $minimal_file_max - fi - ulimit -n $SQUID_MAXFD -} - -checkconfig() { - if [ ! -f /etc/squid/${SVCNAME}.conf ]; then - eerror "You need to create /etc/squid/${SVCNAME}.conf first." - eerror "An example can be found in /etc/squid/squid.conf.default" - return 1 - fi - - local PIDFILE=$(awk '/^[ \t]*pid_filename[ \t]+/ { print $2 }' < /etc/squid/${SVCNAME}.conf) - [ -z ${PIDFILE} ] && PIDFILE=/var/run/squid.pid - if [ /var/run/${SVCNAME}.pid != ${PIDFILE} ]; then - eerror "/etc/squid/${SVCNAME}.conf must set pid_filename to" - eerror " /var/run/${SVCNAME}.pid" - eerror "CAUTION: http_port, cache_dir and *_log parameters must be different than" - eerror " in any other instance of squid." - return 1 - fi - - maxfds - - local CACHE_SWAP=$(awk '/^[ \t]*cache_dir[ \t]+/ { if ($2 == "coss" ) printf "%s/stripe ", $3 ; else printf "%s/00 ", $3; }' < /etc/squid/${SVCNAME}.conf) - [ -z "$CACHE_SWAP" ] && CACHE_SWAP="/var/cache/squid/00" - - local x - for x in $CACHE_SWAP ; do - if [ ! -e $x ] ; then - ebegin "Initializing cache directory ${x%/*}" - local ORIG_UMASK=$(umask) - umask 027 - - if ! (mkdir -p ${x%/*} && chown squid ${x%/*}) ; then - eend 1 - return 1 - fi - - local INIT_CACHE_RESPONSE="$(/usr/sbin/squid -z -N -f /etc/squid/${SVCNAME}.conf 2>&1)" - if [ $? != 0 ] || echo "$INIT_CACHE_RESPONSE" | grep -q "erminated abnormally" ; then - umask $ORIG_UMASK - eend 1 - echo "$INIT_CACHE_RESPONSE" - return 1 - fi - - umask $ORIG_UMASK - eend 0 - break - fi - done - - return 0 -} - -start() { - checkconfig || return 1 - ebegin "Starting ${SVCNAME}" - KRB5_KTNAME="${SQUID_KEYTAB}" /usr/sbin/squid ${SQUID_OPTS} -f /etc/squid/${SVCNAME}.conf - eend $? && sleep 1 -} - -stop() { - ebegin "Stopping ${SVCNAME}" - if /usr/sbin/squid -k shutdown -f /etc/squid/${SVCNAME}.conf ; then - # Now we have to wait until squid has _really_ stopped. - sleep 1 - if [ -f /var/run/${SVCNAME}.pid ] ; then - einfon "Waiting for squid to shutdown ." - cnt=0 - while [ -f /var/run/${SVCNAME}.pid ] ; do - cnt=$(expr $cnt + 1) - if [ $cnt -gt 60 ] ; then - # Waited 120 seconds now. Fail. - echo - eend 1 "Failed." - break - fi - sleep 2 - echo -n "." - done - echo - fi - else - eerror "Squid shutdown failed, probably service is already down." - fi - eend 0 -} - -reload() { - checkconfig || return 1 - ebegin "Reloading ${SVCNAME}" - /usr/sbin/squid -k reconfigure -f /etc/squid/${SVCNAME}.conf - eend $? -} - -rotate() { - service_started ${SVCNAME} || return 1 - ebegin "Rotating ${SVCNAME} logs" - /usr/sbin/squid -k rotate -f /etc/squid/${SVCNAME}.conf - eend $? -} diff -r 2864788b37cf -r 41b20f73ec7c net-proxy/squid/files/squid.initd-logrotate --- a/net-proxy/squid/files/squid.initd-logrotate Wed Aug 11 01:19:11 2010 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,122 +0,0 @@ -#!/sbin/runscript -# Copyright 1999-2006 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/files/squid.initd-logrotate,v 1.11 2009/11/28 12:32:58 mrness Exp $ - -opts="${opts} reload" - -depend() { - use dns - need net -} - -upprocval() { - [ -f $1 ] || return 0 - if [ `cat $1` -lt $2 ]; then - echo $2 > $1 - fi -} - -# Try to increase the # of filedescriptors we can open. -maxfds() { - [ -n "$SQUID_MAXFD" ] || return - [ $SQUID_MAXFD -le 8192 ] || SQUID_MAXFD=8192 - local minimal_file_max=$(($SQUID_MAXFD + 4096)) - upprocval /proc/sys/fs/file-max $minimal_file_max - if /usr/sbin/squid -v | grep -q "\--enable-epoll" ; then - upprocval /proc/sys/fs/epoll/max_user_watches $minimal_file_max - fi - ulimit -n $SQUID_MAXFD -} - -checkconfig() { - if [ ! -f /etc/squid/${SVCNAME}.conf ]; then - eerror "You need to create /etc/squid/${SVCNAME}.conf first." - eerror "An example can be found in /etc/squid/squid.conf.default" - return 1 - fi - - local PIDFILE=$(awk '/^[ \t]*pid_filename[ \t]+/ { print $2 }' < /etc/squid/${SVCNAME}.conf) - [ -z ${PIDFILE} ] && PIDFILE=/var/run/squid.pid - if [ /var/run/${SVCNAME}.pid != ${PIDFILE} ]; then - eerror "/etc/squid/${SVCNAME}.conf must set pid_filename to" - eerror " /var/run/${SVCNAME}.pid" - eerror "CAUTION: http_port, cache_dir and *_log parameters must be different than" - eerror " in any other instance of squid." - return 1 - fi - - maxfds - - local CACHE_SWAP=$(awk '/^[ \t]*cache_dir[ \t]+/ { if ($2 == "coss" ) printf "%s/stripe ", $3 ; else printf "%s/00 ", $3; }' < /etc/squid/${SVCNAME}.conf) - [ -z "$CACHE_SWAP" ] && CACHE_SWAP="/var/cache/squid/00" - - local x - for x in $CACHE_SWAP ; do - if [ ! -e $x ] ; then - ebegin "Initializing cache directory ${x%/*}" - local ORIG_UMASK=$(umask) - umask 027 - - if ! (mkdir -p ${x%/*} && chown squid ${x%/*}) ; then - eend 1 - return 1 - fi - - local INIT_CACHE_RESPONSE="$(/usr/sbin/squid -z -N -f /etc/squid/${SVCNAME}.conf 2>&1)" - if [ $? != 0 ] || echo "$INIT_CACHE_RESPONSE" | grep -q "erminated abnormally" ; then - umask $ORIG_UMASK - eend 1 - echo "$INIT_CACHE_RESPONSE" - return 1 - fi - - umask $ORIG_UMASK - eend 0 - break - fi - done - - return 0 -} - -start() { - checkconfig || return 1 - ebegin "Starting ${SVCNAME}" - KRB5_KTNAME="${SQUID_KEYTAB}" /usr/sbin/squid ${SQUID_OPTS} -f /etc/squid/${SVCNAME}.conf - eend $? && sleep 1 -} - -stop() { - ebegin "Stopping ${SVCNAME}" - if /usr/sbin/squid -k shutdown -f /etc/squid/${SVCNAME}.conf ; then - # Now we have to wait until squid has _really_ stopped. - sleep 1 - if [ -f /var/run/${SVCNAME}.pid ] ; then - einfon "Waiting for squid to shutdown ." - cnt=0 - while [ -f /var/run/${SVCNAME}.pid ] ; do - cnt=$(expr $cnt + 1) - if [ $cnt -gt 60 ] ; then - # Waited 120 seconds now. Fail. - echo - eend 1 "Failed." - break - fi - sleep 2 - echo -n "." - done - echo - fi - else - eerror "Squid shutdown failed, probably service is already down." - fi - eend 0 -} - -reload() { - checkconfig || return 1 - ebegin "Reloading ${SVCNAME}" - /usr/sbin/squid -k reconfigure -f /etc/squid/${SVCNAME}.conf - eend $? -} diff -r 2864788b37cf -r 41b20f73ec7c net-proxy/squid/files/squid.logrotate --- a/net-proxy/squid/files/squid.logrotate Wed Aug 11 01:19:11 2010 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,8 +0,0 @@ -/var/log/squid/*.log { - copytruncate - compress - notifempty - missingok - sharedscripts -} - diff -r 2864788b37cf -r 41b20f73ec7c net-proxy/squid/files/squid.pam --- a/net-proxy/squid/files/squid.pam Wed Aug 11 01:19:11 2010 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,8 +0,0 @@ -#%PAM-1.0 -# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/files/squid.pam,v 1.3 2007/09/23 09:23:41 mrness Exp $ -auth required pam_nologin.so -auth include system-auth -account include system-auth -password include system-auth -session optional pam_limits.so -session include system-auth diff -r 2864788b37cf -r 41b20f73ec7c net-proxy/squid/squid-3.1.5.ebuild --- a/net-proxy/squid/squid-3.1.5.ebuild Wed Aug 11 01:19:11 2010 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,221 +0,0 @@ -# Copyright 1999-2010 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: $ - -EAPI="3" - -inherit base eutils pam toolchain-funcs - -DESCRIPTION="A full-featured web proxy cache" -HOMEPAGE="http://www.squid-cache.org/" -SRC_URI="http://www.squid-cache.org/Versions/v3/3.1/${P}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd" -IUSE="caps ipv6 pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test \ - ecap icap-client \ - mysql postgres sqlite \ - zero-penalty-hit \ - pf-transparent ipf-transparent kqueue \ - elibc_uclibc kernel_linux +epoll" - -RESTRICT=test - -COMMON_DEPEND="caps? ( >=sys-libs/libcap-2.16 ) - pam? ( virtual/pam ) - ldap? ( net-nds/openldap ) - kerberos? ( || ( app-crypt/mit-krb5 app-crypt/heimdal ) ) - ssl? ( dev-libs/openssl ) - sasl? ( dev-libs/cyrus-sasl ) - ecap? ( net-libs/libecap ) - selinux? ( sec-policy/selinux-squid ) - !x86-fbsd? ( logrotate? ( app-admin/logrotate ) ) - >=sys-libs/db-4 - dev-lang/perl" - -DEPEND="${COMMON_DEPEND} - sys-devel/automake - sys-devel/autoconf - sys-devel/libtool - test? ( dev-util/cppunit )" - -RDEPEND="${COMMON_DEPEND} - samba? ( net-fs/samba ) - mysql? ( dev-perl/DBD-mysql ) - postgres? ( dev-perl/DBD-Pg ) - sqlite? ( dev-perl/DBD-SQLite )" - -PATCHES=( - "${FILESDIR}/${P}-gentoo.patch" - "${FILESDIR}/${P}-qafixes.patch" - "${FILESDIR}/${P}-libmd5.patch" - "${FILESDIR}/${P}-errorstate-leak-fix.patch" - "${FILESDIR}/${P}-range-leak-fix-1.patch" - "${FILESDIR}/${P}-range-leak-fix-2.patch" -) - -pkg_pretend() { - if grep -qs '^[[:space:]]*cache_dir[[:space:]]\+coss' "${ROOT}"etc/squid/squid.conf; then - eerror "coss store IO has been disabled by upstream due to stability issues!" - eerror "If you want to install this version, switch the store type to something else" - eerror "before attempting to install this version again." - - die "/etc/squid/squid.conf: cache_dir use a disabled store type" - fi -} - -pkg_setup() { - [ ${EAPI} -lt 4 ] && pkg_pretend - - enewgroup squid 31 - enewuser squid 31 -1 /var/cache/squid squid -} - -src_prepare() { - base_src_prepare - - # eautoreconf breaks lib/libLtdl/libtool script - ./bootstrap.sh || die "autoreconf failed" -} - -src_configure() { - local myconf="" - - local basic_modules="getpwnam,NCSA,MSNT" - use samba && basic_modules="SMB,multi-domain-NTLM,${basic_modules}" - use ldap && basic_modules="LDAP,${basic_modules}" - use pam && basic_modules="PAM,${basic_modules}" - use sasl && basic_modules="SASL,${basic_modules}" - use nis && ! use elibc_uclibc && basic_modules="YP,${basic_modules}" - use radius && basic_modules="squid_radius_auth,${basic_modules}" - - if use mysql || use postgres || use sqlite ; then - basic_modules="DB,${basic_modules}" - fi - - local digest_modules="password" - use ldap && digest_modules="ldap,${digest_modules}" - - local ext_helpers="ip_user,session,unix_group" - use samba && ext_helpers="wbinfo_group,${ext_helpers}" - use ldap && ext_helpers="ldap_group,${ext_helpers}" - - local ntlm_helpers="fakeauth" - use samba && ntlm_helpers="smb_lm,${ntlm_helpers}" - - local negotiate_helpers= - if use kerberos; then - negotiate_helpers="squid_kerb_auth" - has_version app-crypt/mit-krb5 \ - && myconf="--enable-mit --disable-heimdal" \ - || myconf="--disable-mit --enable-heimdal" - fi - - # coss support has been disabled - # If it is re-enabled again, make sure you don't enable it for elibc_uclibc (#61175) - myconf="${myconf} --enable-storeio=ufs,diskd,aufs" - - if use kernel_linux; then - myconf="${myconf} --enable-linux-netfilter - $(use_enable epoll)" - elif use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then - myconf="${myconf} $(use_enable kqueue)" - if use pf-transparent; then - myconf="${myconf} --enable-pf-transparent" - elif use ipf-transparent; then - myconf="${myconf} --enable-ipf-transparent" - fi - fi - - export CC=$(tc-getCC) - - econf \ - --sysconfdir=/etc/squid \ - --libexecdir=/usr/libexec/squid \ - --localstatedir=/var \ - --with-pidfile=/var/run/squid.pid \ - --datadir=/usr/share/squid \ - --with-logdir=/var/log/squid \ - --with-default-user=squid \ - --enable-auth="basic,digest,negotiate,ntlm" \ - --enable-removal-policies="lru,heap" \ - --enable-digest-auth-helpers="${digest_modules}" \ - --enable-basic-auth-helpers="${basic_modules}" \ - --enable-external-acl-helpers="${ext_helpers}" \ - --enable-ntlm-auth-helpers="${ntlm_helpers}" \ - --enable-negotiate-auth-helpers="${negotiate_helpers}" \ - --enable-useragent-log \ - --enable-cache-digests \ - --enable-delay-pools \ - --enable-referer-log \ - --enable-arp-acl \ - --with-large-files \ - --with-filedescriptors=8192 \ - --disable-strict-error-checking \ - $(use_enable caps) \ - $(use_enable ipv6) \ - $(use_enable snmp) \ - $(use_enable ssl) \ - $(use_enable icap-client) \ - $(use_enable ecap) \ - $(use_enable zero-penalty-hit zph-qos) \ - ${myconf} || die "econf failed" -} - -src_install() { - base_src_install - - # need suid root for looking into /etc/shadow - fowners root:squid /usr/libexec/squid/ncsa_auth - fowners root:squid /usr/libexec/squid/pam_auth - fperms 4750 /usr/libexec/squid/ncsa_auth - fperms 4750 /usr/libexec/squid/pam_auth - - # some cleanups - rm -f "${D}"/usr/bin/Run* - - dodoc CONTRIBUTORS CREDITS ChangeLog QUICKSTART SPONSORS doc/*.txt \ - helpers/ntlm_auth/no_check/README.no_check_ntlm_auth - newdoc helpers/basic_auth/SMB/README README.auth_smb - dohtml helpers/basic_auth/MSNT/README.html RELEASENOTES.html - newdoc helpers/basic_auth/LDAP/README README.auth_ldap - doman helpers/basic_auth/LDAP/*.8 - dodoc helpers/basic_auth/SASL/squid_sasl_auth* - - newpamd "${FILESDIR}/squid.pam" squid - newconfd "${FILESDIR}/squid.confd" squid - - if use logrotate; then - newinitd "${FILESDIR}/squid.initd-logrotate" squid - insinto /etc/logrotate.d - newins "${FILESDIR}/squid.logrotate" squid - else - newinitd "${FILESDIR}/squid.initd" squid - exeinto /etc/cron.weekly - newexe "${FILESDIR}/squid.cron" squid.cron - fi - - rm -rf "${D}"/var - diropts -m0755 -o squid -g squid - keepdir /var/cache/squid /var/log/squid -} - -pkg_postinst() { - ewarn "Squid authentication helpers have been installed suid root." - ewarn "This allows for shadow based authentication (see bug #52977 for more)." - ewarn - ewarn "Be careful what type of cache_dir you select!" - ewarn "'diskd' is optimized for high levels of traffic, but it might seem slow" - ewarn "where there isn't sufficient traffic to keep squid reasonably busy." - ewarn "If your traffic level is low to moderate, use 'aufs' or 'ufs'." - ewarn - ewarn "Squid can be configured to run in transparent mode like this:" - ewarn " ${HILITE}http_port internal-addr:3128 transparent${NORMAL}" - - if use zero-penalty-hit; then - echo - ewarn "In order for zph_preserve_miss_tos to work, you will have to alter your kernel" - ewarn "with the patch that can be found on http://zph.bratcheda.org site." - fi -}