changeset 264:a62b22eecde5

squid 3.1.9
author holger
date Sun, 07 Nov 2010 22:46:52 +0100
parents 919d2e672e53
children 4f80c1679ba4
files net-proxy/squid/Manifest net-proxy/squid/files/squid-3.1.9-gentoo.patch net-proxy/squid/files/squid-3.1.9-libmd5.patch net-proxy/squid/files/squid-3.1.9-qafixes.patch net-proxy/squid/files/squid.confd net-proxy/squid/files/squid.cron net-proxy/squid/files/squid.initd net-proxy/squid/files/squid.initd-logrotate net-proxy/squid/files/squid.logrotate net-proxy/squid/files/squid.pam net-proxy/squid/squid-3.1.9.ebuild
diffstat 11 files changed, 847 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/net-proxy/squid/Manifest	Sun Nov 07 22:46:52 2010 +0100
@@ -0,0 +1,11 @@
+AUX squid-3.1.9-gentoo.patch 12364 RMD160 5a825dfd6d18ce8c91e16d8f0841737bc87b3d74 SHA1 29ae980d9b5ecf6b6b1481a36d2d4abb254c4a0a SHA256 bef6ba17f25aa07a5d3691c7a4af7ff478a6c0948b20a867808184a2839417b6
+AUX squid-3.1.9-libmd5.patch 588 RMD160 ae825720524b07bd2c0ae77b15b657fdd9392617 SHA1 5deb1d7a5f6c91b9a910f6460d2df6bc7b07c18e SHA256 c09de18fbcc1b5c4dda19f91c2182e179d05938a235774113a7a3af5862909d5
+AUX squid-3.1.9-qafixes.patch 2214 RMD160 ed05e224d5f392b43f88d1d72415d7539fb3e77b SHA1 4991eb402b9192e3cd18871d3cca7469d10eef35 SHA256 f02b1dbd7afca670b804b616b74e006a2f7aa0bd08988c3120b4064258754af8
+AUX squid.confd 540 RMD160 aa4ec5a6eebad1222667aff6b3180931cf566b13 SHA1 1c0c23b08bd0450eae14604c2b45ca67c7ac25c5 SHA256 aeef7060c50074b65c664fc106d7319ce380d25320ee2ee00f7d6021846b88ec
+AUX squid.cron 143 RMD160 0706a7ad04691b9a93a2897c319008440483ba11 SHA1 6138db0eccb7320e707b8d60c2970ef684e29336 SHA256 4c9e2afe5b0bba583ce896233ea1f9262beeb1b6cf51b4adb48d5f5c03933b2f
+AUX squid.initd 3315 RMD160 a6209a27770eb2aebdd533c946e790efec0de53b SHA1 08519fa20a7286cba9ea82e7b23dd8116ab7f77b SHA256 d3eac36c2fc313688e19cde7ace63783cd202315b23c0b2bd0219a4504cb2b35
+AUX squid.initd-logrotate 3163 RMD160 b7d58517e4198ceb7416c00004c91ac30a241bfb SHA1 714d51e0c449817c12e7230942f89c1a62012107 SHA256 b403b7ffebc08c2ce76cd2b8b6c53a639f24e3e35933ba9766aa4623a34a1279
+AUX squid.logrotate 103 RMD160 e7e4a6bde48e2735632692a6e628955b270f30ad SHA1 6e8d42f6a1a3109f0a26ed30edc7d91c6816e23f SHA256 e5ddce1c9af851040affa15e1a59e89d8db0f2eea7c461320a1d3784578f4482
+AUX squid.pam 315 RMD160 afb3f1cc36ba5ef0015c40040b6d5c18485ec828 SHA1 40933fabaaa2a9cb38d57c3acb77857082c82ae5 SHA256 68ef4282f9fb8506df710d0ae16e84e991e9b138c7f1d0af922682219c7a971f
+DIST squid-3.1.9.tar.gz 3264260 RMD160 731e56d026048c2430d8860a074855c62515ec0e SHA1 53f2000e73d838f8419c5643d335e9996e51303c SHA256 3f690ff31dc4df361235c7253530624f52364ea8783eec41e3ab068c3264aff1
+EBUILD squid-3.1.9.ebuild 7018 RMD160 ebeb8889012c8a9b05813b5e1e8cd955887db0bf SHA1 48bbda8dc9d056fe98ff6024e3acf41b8fb8df99 SHA256 7f98d3bcedae6eb83455744f76951ea35fd15c39fbc270dd6b3a59fd2873e8ce
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/net-proxy/squid/files/squid-3.1.9-gentoo.patch	Sun Nov 07 22:46:52 2010 +0100
@@ -0,0 +1,281 @@
+diff -Nru squid-3.1.8.orig/acinclude.m4 squid-3.1.8/acinclude.m4
+--- squid-3.1.8.orig/acinclude.m4	2010-09-04 05:25:57.000000000 +0200
++++ squid-3.1.8/acinclude.m4	2010-09-23 23:34:10.000000000 +0200
+@@ -75,7 +75,7 @@
+   AC_MSG_CHECKING([whether compiler accepts -fhuge-objects])
+   AC_CACHE_VAL([ac_cv_test_checkforhugeobjects],[
+     ac_cv_test_checkforhugeobjects=`echo "int main(int argc, char **argv) { int foo; }" > conftest.cc
+-${CXX} -Werror -fhuge-objects -o conftest.bin conftest.cc 2>/dev/null
++${CXX} -fhuge-objects -o conftest.bin conftest.cc 2>/dev/null
+ res=$?
+ rm -f conftest.*
+ echo yes
+diff -Nru squid-3.1.8.orig/configure.in squid-3.1.8/configure.in
+--- squid-3.1.8.orig/configure.in	2010-09-04 05:26:52.000000000 +0200
++++ squid-3.1.8/configure.in	2010-09-23 23:34:10.000000000 +0200
+@@ -16,9 +16,9 @@
+ PRESET_LDFLAGS="$LDFLAGS"
+ 
+ dnl Set default LDFLAGS
+-if test -z "$LDFLAGS"; then
+-        LDFLAGS="-g"
+-fi
++dnl if test -z "$LDFLAGS"; then
++dnl         LDFLAGS="-g"
++dnl fi
+ 
+ dnl Check for GNU cc
+ AC_PROG_CC
+diff -Nru squid-3.1.8.orig/helpers/basic_auth/MSNT/confload.c squid-3.1.8/helpers/basic_auth/MSNT/confload.c
+--- squid-3.1.8.orig/helpers/basic_auth/MSNT/confload.c	2010-09-04 05:25:57.000000000 +0200
++++ squid-3.1.8/helpers/basic_auth/MSNT/confload.c	2010-09-23 23:34:10.000000000 +0200
+@@ -27,7 +27,7 @@
+ 
+ /* Path to configuration file */
+ #ifndef SYSCONFDIR
+-#define SYSCONFDIR "/usr/local/squid/etc"
++#define SYSCONFDIR "/etc/squid"
+ #endif
+ #define CONFIGFILE   SYSCONFDIR "/msntauth.conf"
+ 
+diff -Nru squid-3.1.8.orig/helpers/basic_auth/MSNT/msntauth.conf.default squid-3.1.8/helpers/basic_auth/MSNT/msntauth.conf.default
+--- squid-3.1.8.orig/helpers/basic_auth/MSNT/msntauth.conf.default	2010-09-04 05:25:57.000000000 +0200
++++ squid-3.1.8/helpers/basic_auth/MSNT/msntauth.conf.default	2010-09-23 23:34:10.000000000 +0200
+@@ -8,6 +8,6 @@
+ server other_PDC	other_BDC	otherdomain
+ 
+ # Denied and allowed users. Comment these if not needed.
+-#denyusers	/usr/local/squid/etc/msntauth.denyusers
+-#allowusers	/usr/local/squid/etc/msntauth.allowusers
++#denyusers	/etc/squid/msntauth.denyusers
++#allowusers	/etc/squid/msntauth.allowusers
+ 
+diff -Nru squid-3.1.8.orig/helpers/basic_auth/SMB/Makefile.am squid-3.1.8/helpers/basic_auth/SMB/Makefile.am
+--- squid-3.1.8.orig/helpers/basic_auth/SMB/Makefile.am	2010-09-04 05:25:57.000000000 +0200
++++ squid-3.1.8/helpers/basic_auth/SMB/Makefile.am	2010-09-23 23:34:10.000000000 +0200
+@@ -16,7 +16,7 @@
+ ## FIXME: autoconf should test for the samba path.
+ 
+ SMB_AUTH_HELPER	= smb_auth.sh
+-SAMBAPREFIX=/usr/local/samba
++SAMBAPREFIX=/usr
+ SMB_AUTH_HELPER_PATH = $(libexecdir)/$(SMB_AUTH_HELPER)
+ 
+ libexec_SCRIPTS	= $(SMB_AUTH_HELPER)
+diff -Nru squid-3.1.8.orig/helpers/basic_auth/SMB/smb_auth.sh squid-3.1.8/helpers/basic_auth/SMB/smb_auth.sh
+--- squid-3.1.8.orig/helpers/basic_auth/SMB/smb_auth.sh	2010-09-04 05:25:57.000000000 +0200
++++ squid-3.1.8/helpers/basic_auth/SMB/smb_auth.sh	2010-09-23 23:34:10.000000000 +0200
+@@ -24,7 +24,7 @@
+ read AUTHSHARE
+ read AUTHFILE
+ read SMBUSER
+-read SMBPASS
++read -r SMBPASS
+ 
+ # Find domain controller
+ echo "Domain name: $DOMAINNAME"
+@@ -47,7 +47,7 @@
+   addropt=""
+ fi
+ echo "Query address options: $addropt"
+-dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+ / { print $1 ; exit }'`
++dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+\..+ / { print $1 ; exit }'`
+ echo "Domain controller IP address: $dcip"
+ [ -n "$dcip" ] || exit 1
+ 
+diff -Nru squid-3.1.8.orig/helpers/external_acl/session/squid_session.8 squid-3.1.8/helpers/external_acl/session/squid_session.8
+--- squid-3.1.8.orig/helpers/external_acl/session/squid_session.8	2010-09-04 05:25:57.000000000 +0200
++++ squid-3.1.8/helpers/external_acl/session/squid_session.8	2010-09-23 23:34:10.000000000 +0200
+@@ -35,7 +35,7 @@
+ .P
+ Configuration example using the default automatic mode
+ .IP
+-external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN /usr/local/squid/libexec/squid_session
++external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN /usr/libexec/squid/squid_session
+ .IP
+ acl session external session
+ .IP
+diff -Nru squid-3.1.8.orig/helpers/external_acl/unix_group/squid_unix_group.8 squid-3.1.8/helpers/external_acl/unix_group/squid_unix_group.8
+--- squid-3.1.8.orig/helpers/external_acl/unix_group/squid_unix_group.8	2010-09-04 05:25:58.000000000 +0200
++++ squid-3.1.8/helpers/external_acl/unix_group/squid_unix_group.8	2010-09-23 23:34:10.000000000 +0200
+@@ -27,7 +27,7 @@
+ This squid.conf example defines two Squid acls. usergroup1 matches users in group1, and usergroup2
+ matches users in group2 or group3
+ .IP
+-external_acl_type unix_group %LOGIN /usr/local/squid/libexec/squid_unix_group -p
++external_acl_type unix_group %LOGIN /usr/libexec/squid/squid_unix_group -p
+ .IP
+ acl usergroup1 external unix_group group1
+ .IP
+diff -Nru squid-3.1.8.orig/helpers/negotiate_auth/squid_kerb_auth/configure.in squid-3.1.8/helpers/negotiate_auth/squid_kerb_auth/configure.in
+--- squid-3.1.8.orig/helpers/negotiate_auth/squid_kerb_auth/configure.in	2010-09-04 05:25:58.000000000 +0200
++++ squid-3.1.8/helpers/negotiate_auth/squid_kerb_auth/configure.in	2010-09-23 23:34:10.000000000 +0200
+@@ -17,6 +17,7 @@
+ 
+ AC_INIT([squid_kerb_auth],[1.0.5],[markus_moeller@compuserve.com])
+ AM_INIT_AUTOMAKE(squid_kerb_auth,1.0.5)
++AM_MAINTAINER_MODE
+ AC_CONFIG_SRCDIR([squid_kerb_auth.c])
+ 
+ AC_PROG_CC
+@@ -467,7 +468,7 @@
+ echo "configure: ##"
+ echo "configure: ## -----------------------------##"
+ 
+-MY_CFLAGS="-Wall -Wextra -Werror -Wcomment -Wpointer-arith -Wcast-align -Wwrite-strings -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wdeclaration-after-statement -Wshadow"
++MY_CFLAGS="-Wall -Wextra -Wpointer-arith -Wcast-align -Wwrite-strings -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wdeclaration-after-statement -Wshadow"
+ for ac_cv_my_cflag in $MY_CFLAGS; do
+ echo "int main()
+   {
+diff -Nru squid-3.1.8.orig/lib/libTrie/acinclude.m4 squid-3.1.8/lib/libTrie/acinclude.m4
+--- squid-3.1.8.orig/lib/libTrie/acinclude.m4	2010-09-04 05:25:57.000000000 +0200
++++ squid-3.1.8/lib/libTrie/acinclude.m4	2010-09-23 23:34:10.000000000 +0200
+@@ -11,7 +11,7 @@
+   AC_MSG_CHECKING([whether compiler accepts -fhuge-objects])
+   AC_CACHE_VAL([ac_cv_test_checkforhugeobjects],[
+     ac_cv_test_checkforhugeobjects=`echo "int main(int argc, char **argv) { int foo; }" > conftest.cc
+-${CXX} -Werror -fhuge-objects -o conftest.bin conftest.cc 2>/dev/null
++${CXX} -fhuge-objects -o conftest.bin conftest.cc 2>/dev/null
+ res=$?
+ rm -f conftest.*
+ echo yes
+diff -Nru squid-3.1.8.orig/lib/libTrie/configure.in squid-3.1.8/lib/libTrie/configure.in
+--- squid-3.1.8.orig/lib/libTrie/configure.in	2010-09-04 05:25:57.000000000 +0200
++++ squid-3.1.8/lib/libTrie/configure.in	2010-09-23 23:34:10.000000000 +0200
+@@ -59,8 +59,8 @@
+ 
+ dnl set useful flags
+ if test "$GCC" = "yes"; then
+-   TRIE_CFLAGS="-Werror -Wall -Wpointer-arith -Wwrite-strings -Wmissing-prototypes -Wmissing-declarations -Wcomments"
+-   TRIE_CXXFLAGS="-Werror -Wall -Wpointer-arith -Wwrite-strings -Wcomments"
++   TRIE_CFLAGS="-Wall -Wpointer-arith -Wwrite-strings -Wmissing-prototypes -Wmissing-declarations"
++   TRIE_CXXFLAGS="-Wall -Wpointer-arith -Wwrite-strings"
+ else
+    TRIE_CFLAGS=
+    TRIE_CXXFLAGS=
+diff -Nru squid-3.1.8.orig/src/cf.data.pre squid-3.1.8/src/cf.data.pre
+--- squid-3.1.8.orig/src/cf.data.pre	2010-09-04 05:25:57.000000000 +0200
++++ squid-3.1.8/src/cf.data.pre	2010-09-23 23:34:10.000000000 +0200
+@@ -716,6 +716,7 @@
+ acl Safe_ports port 488		# gss-http
+ acl Safe_ports port 591		# filemaker
+ acl Safe_ports port 777		# multiling http
++acl Safe_ports port 901		# SWAT
+ acl CONNECT method CONNECT
+ NOCOMMENT_END
+ DOC_END
+@@ -864,6 +865,9 @@
+ http_access allow localnet
+ http_access allow localhost
+ 
++# Allow the localhost to have access by default
++http_access allow localhost
++
+ # And finally deny all other access to this proxy
+ http_access deny all
+ NOCOMMENT_END
+@@ -4036,11 +4040,11 @@
+ 
+ NAME: cache_mgr
+ TYPE: string
+-DEFAULT: webmaster
++DEFAULT: root
+ LOC: Config.adminEmail
+ DOC_START
+ 	Email-address of local cache manager who will receive
+-	mail if the cache dies.  The default is "webmaster."
++	mail if the cache dies.  The default is "root".
+ DOC_END
+ 
+ NAME: mail_from
+@@ -6357,7 +6361,7 @@
+ NAME: forwarded_for
+ COMMENT: on|off|transparent|truncate|delete
+ TYPE: string
+-DEFAULT: on
++DEFAULT: delete
+ LOC: opt_forwarded_for
+ DOC_START
+ 	If set to "on", Squid will append your client's IP address
+diff -Nru squid-3.1.8.orig/src/debug.cc squid-3.1.8/src/debug.cc
+--- squid-3.1.8.orig/src/debug.cc	2010-09-04 05:25:57.000000000 +0200
++++ squid-3.1.8/src/debug.cc	2010-09-23 23:34:10.000000000 +0200
+@@ -452,7 +452,7 @@
+ #if HAVE_SYSLOG && defined(LOG_LOCAL4)
+ 
+     if (Debug::log_syslog)
+-        openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, syslog_facility);
++        openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, syslog_facility);
+ 
+ #endif /* HAVE_SYSLOG */
+ 
+diff -Nru squid-3.1.8.orig/src/main.cc squid-3.1.8/src/main.cc
+--- squid-3.1.8.orig/src/main.cc	2010-09-04 05:25:57.000000000 +0200
++++ squid-3.1.8/src/main.cc	2010-09-23 23:34:10.000000000 +0200
+@@ -1556,7 +1556,7 @@
+     if (*(argv[0]) == '(')
+         return;
+ 
+-    openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++    openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_DAEMON);
+ 
+     if ((pid = fork()) < 0)
+         syslog(LOG_ALERT, "fork failed: %s", xstrerror());
+@@ -1600,7 +1600,7 @@
+ 
+         if ((pid = fork()) == 0) {
+             /* child */
+-            openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++            openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_DAEMON);
+             prog = xstrdup(argv[0]);
+             argv[0] = xstrdup("(squid)");
+             execvp(prog, argv);
+@@ -1608,7 +1608,7 @@
+         }
+ 
+         /* parent */
+-        openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++        openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_DAEMON);
+ 
+         syslog(LOG_NOTICE, "Squid Parent: child process %d started", pid);
+ 
+diff -Nru squid-3.1.8.orig/src/Makefile.am squid-3.1.8/src/Makefile.am
+--- squid-3.1.8.orig/src/Makefile.am	2010-09-04 05:25:57.000000000 +0200
++++ squid-3.1.8/src/Makefile.am	2010-09-23 23:34:10.000000000 +0200
+@@ -638,7 +638,6 @@
+ 
+ sysconf_DATA = \
+ 	squid.conf.default \
+-	squid.conf.documented \
+ 	mime.conf.default
+ 
+ data_DATA = \
+@@ -719,8 +718,8 @@
+ DEFAULT_ACCESS_LOG      = $(DEFAULT_LOG_PREFIX)/access.log
+ DEFAULT_STORE_LOG       = $(DEFAULT_LOG_PREFIX)/store.log
+ DEFAULT_PID_FILE        = $(DEFAULT_PIDFILE)
+-DEFAULT_NETDB_FILE      = $(DEFAULT_LOG_PREFIX)/netdb.state
+-DEFAULT_SWAP_DIR        = $(localstatedir)/cache
++DEFAULT_NETDB_FILE      = $(localstatedir)/run/netdb.state
++DEFAULT_SWAP_DIR        = $(localstatedir)/cache/squid
+ DEFAULT_PINGER		= $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'`
+ DEFAULT_UNLINKD		= $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'`
+ DEFAULT_DISKD		= $(libexecdir)/`echo diskd | sed '$(transform);s/$$/$(EXEEXT)/'`
+@@ -797,13 +796,11 @@
+ 	@if test -f $(DESTDIR)$(DEFAULT_CONFIG_FILE) ; then \
+ 	        echo "$@ will not overwrite existing $(DESTDIR)$(DEFAULT_CONFIG_FILE)" ; \
+ 	else \
+-	        echo "$(INSTALL_DATA) squid.conf.default $(DESTDIR)$(DEFAULT_CONFIG_FILE)"; \
+-	        $(INSTALL_DATA) squid.conf.default $(DESTDIR)$(DEFAULT_CONFIG_FILE); \
++	        echo "$(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE)"; \
++	        $(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE); \
+ 	fi
+-	echo "$(INSTALL_DATA) squid.conf.default $(DESTDIR)$(DEFAULT_CONFIG_FILE).default"; \
+-	$(INSTALL_DATA) squid.conf.default $(DESTDIR)$(DEFAULT_CONFIG_FILE).default; \
+-	echo "$(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE).documented"; \
+-	$(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE).documented; \
++	echo "$(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE).default"; \
++	$(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE).default; \
+ 	$(mkinstalldirs) $(DESTDIR)$(DEFAULT_LOG_PREFIX); \
+ 	$(mkinstalldirs) $(DESTDIR)`dirname $(DEFAULT_PIDFILE)`
+ 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/net-proxy/squid/files/squid-3.1.9-libmd5.patch	Sun Nov 07 22:46:52 2010 +0100
@@ -0,0 +1,16 @@
+diff -Nru squid-3.1.8.orig/configure.in squid-3.1.8/configure.in
+--- squid-3.1.8.orig/configure.in	2010-09-23 23:34:49.000000000 +0200
++++ squid-3.1.8/configure.in	2010-09-23 23:36:41.000000000 +0200
+@@ -2730,7 +2730,11 @@
+ dnl libcrypt (eg FreeBSD)
+ AC_CHECK_LIB(crypt, crypt, [CRYPTLIB="-lcrypt"])
+ dnl Solaris10 provides MD5 natively through libmd5
+-AC_CHECK_LIB(md5, MD5Init, [CRYPTLIB="$CRYPTLIB -lmd5"])
++case "$host" in
++	*-solaris*)
++	    AC_CHECK_LIB(md5, MD5Init, [CRYPTLIB="$CRYPTLIB -lmd5"])
++	    ;;
++esac
+ AC_SUBST(CRYPTLIB)
+ 
+ dnl Check for libdl, used by auth_modules/PAM
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/net-proxy/squid/files/squid-3.1.9-qafixes.patch	Sun Nov 07 22:46:52 2010 +0100
@@ -0,0 +1,39 @@
+diff -Nru squid-3.1.8.orig/helpers/negotiate_auth/squid_kerb_auth/configure.in squid-3.1.8/helpers/negotiate_auth/squid_kerb_auth/configure.in
+--- squid-3.1.8.orig/helpers/negotiate_auth/squid_kerb_auth/configure.in	2010-09-23 23:34:49.000000000 +0200
++++ squid-3.1.8/helpers/negotiate_auth/squid_kerb_auth/configure.in	2010-09-23 23:35:45.000000000 +0200
+@@ -94,7 +94,7 @@
+                        else
+                          ac_gssapi_libs=`krb5-config --libs gssapi 2>/dev/null`
+                          if test "x$ac_gssapi_libs" != "x" ; then
+-                           LDFLAGS="$LDFLAGS $ac_gssapi_libs"
++                           LIBS="$LIBS $ac_gssapi_libs"
+                          else
+                            for lib in $ac_gss_libs; do
+                              AC_CHECK_LIB($lib,main)
+@@ -118,7 +118,7 @@
+                      fi
+                      ac_gssapi_libs=`krb5-config --libs gssapi 2>/dev/null`
+                      if test "x$ac_gssapi_libs" != "x" ; then
+-                         LDFLAGS="$LDFLAGS $ac_gssapi_libs"
++                         LIBS="$LIBS $ac_gssapi_libs"
+                      else
+                          for lib in $ac_gss_libs; do
+                             AC_CHECK_LIB($lib,main)
+@@ -172,7 +172,7 @@
+                              ac_libdir=`echo $ac_gssapi_libs | sed -e 's/.*-L//' | sed -e 's/ .*//'`  
+                              LDFLAGS="$LDFLAGS $w_flag$ac_libdir$w_flag_2"
+                            fi
+-                           LDFLAGS="$LDFLAGS $ac_gssapi_libs"
++                           LIBS="$LIBS $ac_gssapi_libs"
+                          else
+                            for lib in $ac_gss_libs; do
+                              AC_CHECK_LIB($lib,main)
+@@ -201,7 +201,7 @@
+                            ac_libdir=`echo $ac_gssapi_libs | sed -e 's/.*-L//' | sed -e 's/ .*//'`  
+                            LDFLAGS="$LDFLAGS $w_flag$ac_libdir$w_flag_2"
+                          fi
+-                         LDFLAGS="$LDFLAGS $ac_gssapi_libs"
++                         LIBS="$LIBS $ac_gssapi_libs"
+                      else
+                          for lib in $ac_gss_libs; do
+                             AC_CHECK_LIB($lib,main)
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/net-proxy/squid/files/squid.confd	Sun Nov 07 22:46:52 2010 +0100
@@ -0,0 +1,14 @@
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/files/squid.confd,v 1.3 2009/10/25 08:35:46 mrness Exp $
+
+# Config file for /etc/init.d/squid
+
+SQUID_OPTS="-YC"
+
+# Max. number of filedescriptors to use. You can increase this on a busy
+# cache to a maximum of (currently) 8192 filedescriptors. Default is 1024.
+SQUID_MAXFD=1024
+
+# Kerberos keytab file to use. This is required if you enable kerberos authentication.
+SQUID_KEYTAB=""
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/net-proxy/squid/files/squid.cron	Sun Nov 07 22:46:52 2010 +0100
@@ -0,0 +1,5 @@
+#!/bin/sh
+if test -e /var/run/squid.pid ; then
+	test -n "$(cat /var/run/squid.pid|xargs ps -p|grep squid)" && \
+		/usr/sbin/squid -k rotate
+fi
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/net-proxy/squid/files/squid.initd	Sun Nov 07 22:46:52 2010 +0100
@@ -0,0 +1,129 @@
+#!/sbin/runscript
+# Copyright 1999-2006 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/files/squid.initd,v 1.13 2009/11/28 12:32:58 mrness Exp $
+
+opts="${opts} reload rotate"
+
+depend() {
+	use dns
+	need net
+}
+
+upprocval() {
+	[ -f $1 ] || return 0
+	if [ `cat $1` -lt $2 ]; then
+		echo $2 > $1
+	fi
+}
+
+# Try to increase the # of filedescriptors we can open.
+maxfds() {
+	[ -n "$SQUID_MAXFD" ] || return
+	[ $SQUID_MAXFD -le 8192 ] || SQUID_MAXFD=8192
+	local minimal_file_max=$(($SQUID_MAXFD + 4096))
+	upprocval /proc/sys/fs/file-max $minimal_file_max
+	if /usr/sbin/squid -v | grep -q "\--enable-epoll" ; then
+		upprocval /proc/sys/fs/epoll/max_user_watches $minimal_file_max
+	fi
+	ulimit -n $SQUID_MAXFD
+}
+
+checkconfig() {
+	if [ ! -f /etc/squid/${SVCNAME}.conf ]; then
+		eerror "You need to create /etc/squid/${SVCNAME}.conf first."
+		eerror "An example can be found in /etc/squid/squid.conf.default"
+		return 1
+	fi
+
+	local PIDFILE=$(awk '/^[ \t]*pid_filename[ \t]+/ { print $2 }' < /etc/squid/${SVCNAME}.conf)
+	[ -z ${PIDFILE} ] && PIDFILE=/var/run/squid.pid
+	if [ /var/run/${SVCNAME}.pid != ${PIDFILE} ]; then
+		eerror "/etc/squid/${SVCNAME}.conf must set pid_filename to"
+		eerror "   /var/run/${SVCNAME}.pid"
+		eerror "CAUTION: http_port, cache_dir and *_log parameters must be different than"
+		eerror "         in any other instance of squid."
+		return 1
+	fi
+
+	maxfds
+
+	local CACHE_SWAP=$(awk '/^[ \t]*cache_dir[ \t]+/ { if ($2 == "coss" ) printf "%s/stripe ", $3 ; else printf "%s/00 ", $3; }' < /etc/squid/${SVCNAME}.conf)
+	[ -z "$CACHE_SWAP" ] && CACHE_SWAP="/var/cache/squid/00"
+	
+	local x
+	for x in $CACHE_SWAP ; do
+		if [ ! -e $x ] ; then
+			ebegin "Initializing cache directory ${x%/*}"
+			local ORIG_UMASK=$(umask)
+			umask 027
+
+			if ! (mkdir -p ${x%/*} && chown squid ${x%/*}) ; then
+				eend 1
+				return 1
+			fi
+
+			local INIT_CACHE_RESPONSE="$(/usr/sbin/squid -z -N -f /etc/squid/${SVCNAME}.conf 2>&1)"
+			if [ $? != 0 ] || echo "$INIT_CACHE_RESPONSE" | grep -q "erminated abnormally" ; then
+				umask $ORIG_UMASK
+				eend 1
+				echo "$INIT_CACHE_RESPONSE"
+				return 1
+			fi
+
+			umask $ORIG_UMASK
+			eend 0
+			break
+		fi
+	done
+	
+	return 0
+}
+
+start() {
+	checkconfig || return 1
+	ebegin "Starting ${SVCNAME}"
+	KRB5_KTNAME="${SQUID_KEYTAB}" /usr/sbin/squid ${SQUID_OPTS} -f /etc/squid/${SVCNAME}.conf
+	eend $? && sleep 1
+}
+
+stop() {
+	ebegin "Stopping ${SVCNAME}"
+	if /usr/sbin/squid -k shutdown -f /etc/squid/${SVCNAME}.conf ; then
+		# Now we have to wait until squid has _really_ stopped.
+		sleep 1
+		if [ -f /var/run/${SVCNAME}.pid ] ; then
+			einfon "Waiting for squid to shutdown ."
+			cnt=0
+			while [ -f /var/run/${SVCNAME}.pid ] ; do
+				cnt=$(expr $cnt + 1)
+				if [ $cnt -gt 60 ] ; then
+					# Waited 120 seconds now. Fail.
+					echo
+					eend 1 "Failed."
+					break
+				fi
+				sleep 2
+				echo -n "."
+			done
+			echo
+		fi
+	else
+		eerror "Squid shutdown failed, probably service is already down."
+	fi
+	eend 0
+}
+
+reload() {
+	checkconfig || return 1
+	ebegin "Reloading ${SVCNAME}"
+	/usr/sbin/squid -k reconfigure -f /etc/squid/${SVCNAME}.conf
+	eend $?
+}
+
+rotate() {
+	service_started ${SVCNAME} || return 1
+	ebegin "Rotating ${SVCNAME} logs"
+	/usr/sbin/squid -k rotate -f /etc/squid/${SVCNAME}.conf
+	eend $?
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/net-proxy/squid/files/squid.initd-logrotate	Sun Nov 07 22:46:52 2010 +0100
@@ -0,0 +1,122 @@
+#!/sbin/runscript
+# Copyright 1999-2006 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/files/squid.initd-logrotate,v 1.11 2009/11/28 12:32:58 mrness Exp $
+
+opts="${opts} reload"
+
+depend() {
+	use dns
+	need net
+}
+
+upprocval() {
+	[ -f $1 ] || return 0
+	if [ `cat $1` -lt $2 ]; then
+		echo $2 > $1
+	fi
+}
+
+# Try to increase the # of filedescriptors we can open.
+maxfds() {
+	[ -n "$SQUID_MAXFD" ] || return
+	[ $SQUID_MAXFD -le 8192 ] || SQUID_MAXFD=8192
+	local minimal_file_max=$(($SQUID_MAXFD + 4096))
+	upprocval /proc/sys/fs/file-max $minimal_file_max
+	if /usr/sbin/squid -v | grep -q "\--enable-epoll" ; then
+		upprocval /proc/sys/fs/epoll/max_user_watches $minimal_file_max
+	fi
+	ulimit -n $SQUID_MAXFD
+}
+
+checkconfig() {
+	if [ ! -f /etc/squid/${SVCNAME}.conf ]; then
+		eerror "You need to create /etc/squid/${SVCNAME}.conf first."
+		eerror "An example can be found in /etc/squid/squid.conf.default"
+		return 1
+	fi
+
+	local PIDFILE=$(awk '/^[ \t]*pid_filename[ \t]+/ { print $2 }' < /etc/squid/${SVCNAME}.conf)
+	[ -z ${PIDFILE} ] && PIDFILE=/var/run/squid.pid
+	if [ /var/run/${SVCNAME}.pid != ${PIDFILE} ]; then
+		eerror "/etc/squid/${SVCNAME}.conf must set pid_filename to"
+		eerror "   /var/run/${SVCNAME}.pid"
+		eerror "CAUTION: http_port, cache_dir and *_log parameters must be different than"
+		eerror "         in any other instance of squid."
+		return 1
+	fi
+
+	maxfds
+
+	local CACHE_SWAP=$(awk '/^[ \t]*cache_dir[ \t]+/ { if ($2 == "coss" ) printf "%s/stripe ", $3 ; else printf "%s/00 ", $3; }' < /etc/squid/${SVCNAME}.conf)
+	[ -z "$CACHE_SWAP" ] && CACHE_SWAP="/var/cache/squid/00"
+	
+	local x
+	for x in $CACHE_SWAP ; do
+		if [ ! -e $x ] ; then
+			ebegin "Initializing cache directory ${x%/*}"
+			local ORIG_UMASK=$(umask)
+			umask 027
+
+			if ! (mkdir -p ${x%/*} && chown squid ${x%/*}) ; then
+				eend 1
+				return 1
+			fi
+
+			local INIT_CACHE_RESPONSE="$(/usr/sbin/squid -z -N -f /etc/squid/${SVCNAME}.conf 2>&1)"
+			if [ $? != 0 ] || echo "$INIT_CACHE_RESPONSE" | grep -q "erminated abnormally" ; then
+				umask $ORIG_UMASK
+				eend 1
+				echo "$INIT_CACHE_RESPONSE"
+				return 1
+			fi
+
+			umask $ORIG_UMASK
+			eend 0
+			break
+		fi
+	done
+	
+	return 0
+}
+
+start() {
+	checkconfig || return 1
+	ebegin "Starting ${SVCNAME}"
+	KRB5_KTNAME="${SQUID_KEYTAB}" /usr/sbin/squid ${SQUID_OPTS} -f /etc/squid/${SVCNAME}.conf
+	eend $? && sleep 1
+}
+
+stop() {
+	ebegin "Stopping ${SVCNAME}"
+	if /usr/sbin/squid -k shutdown -f /etc/squid/${SVCNAME}.conf ; then
+		# Now we have to wait until squid has _really_ stopped.
+		sleep 1
+		if [ -f /var/run/${SVCNAME}.pid ] ; then
+			einfon "Waiting for squid to shutdown ."
+			cnt=0
+			while [ -f /var/run/${SVCNAME}.pid ] ; do
+				cnt=$(expr $cnt + 1)
+				if [ $cnt -gt 60 ] ; then
+					# Waited 120 seconds now. Fail.
+					echo
+					eend 1 "Failed."
+					break
+				fi
+				sleep 2
+				echo -n "."
+			done
+			echo
+		fi
+	else
+		eerror "Squid shutdown failed, probably service is already down."
+	fi
+	eend 0
+}
+
+reload() {
+	checkconfig || return 1
+	ebegin "Reloading ${SVCNAME}"
+	/usr/sbin/squid -k reconfigure -f /etc/squid/${SVCNAME}.conf
+	eend $?
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/net-proxy/squid/files/squid.logrotate	Sun Nov 07 22:46:52 2010 +0100
@@ -0,0 +1,8 @@
+/var/log/squid/*.log {
+    copytruncate
+    compress
+    notifempty
+    missingok
+    sharedscripts
+}
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/net-proxy/squid/files/squid.pam	Sun Nov 07 22:46:52 2010 +0100
@@ -0,0 +1,8 @@
+#%PAM-1.0
+# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/files/squid.pam,v 1.3 2007/09/23 09:23:41 mrness Exp $
+auth       required		pam_nologin.so
+auth       include		system-auth
+account    include		system-auth
+password   include		system-auth
+session    optional		pam_limits.so
+session    include		system-auth
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/net-proxy/squid/squid-3.1.9.ebuild	Sun Nov 07 22:46:52 2010 +0100
@@ -0,0 +1,214 @@
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/squid-3.1.8.ebuild,v 1.9 2010/10/09 16:31:59 armin76 Exp $
+
+EAPI="2"
+
+inherit eutils pam toolchain-funcs
+
+DESCRIPTION="A full-featured web proxy cache"
+HOMEPAGE="http://www.squid-cache.org/"
+SRC_URI="http://www.squid-cache.org/Versions/v3/3.1/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 sparc x86 ~x86-fbsd"
+IUSE="caps ipv6 pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test \
+	ecap icap-client \
+	mysql postgres sqlite \
+	zero-penalty-hit \
+	pf-transparent ipf-transparent kqueue \
+	elibc_uclibc kernel_linux +epoll tproxy"
+RESTRICT=test
+
+COMMON_DEPEND="caps? ( >=sys-libs/libcap-2.16 )
+	pam? ( virtual/pam )
+	ldap? ( net-nds/openldap )
+	kerberos? ( virtual/krb5 )
+	ssl? ( dev-libs/openssl )
+	sasl? ( dev-libs/cyrus-sasl )
+	ecap? ( net-libs/libecap )
+	selinux? ( sec-policy/selinux-squid )
+	!x86-fbsd? ( logrotate? ( app-admin/logrotate ) )
+	>=sys-libs/db-4
+	dev-lang/perl"
+DEPEND="${COMMON_DEPEND}
+	sys-devel/automake
+	sys-devel/autoconf
+	sys-devel/libtool
+	sys-apps/ed
+	test? ( dev-util/cppunit )"
+RDEPEND="${COMMON_DEPEND}
+	samba? ( net-fs/samba )
+	mysql? ( dev-perl/DBD-mysql )
+	postgres? ( dev-perl/DBD-Pg )
+	sqlite? ( dev-perl/DBD-SQLite )"
+
+pkg_setup() {
+	if grep -qs '^[[:space:]]*cache_dir[[:space:]]\+coss' "${ROOT}"etc/squid/squid.conf; then
+		eerror "coss store IO has been disabled by upstream due to stability issues!"
+		eerror "If you want to install this version, switch the store type to something else"
+		eerror "before attempting to install this version again."
+
+		die "/etc/squid/squid.conf: cache_dir use a disabled store type"
+	fi
+
+	if use tproxy && ! use caps; then
+		eerror "libcap is required by Transparent Proxy support for Netfilter TPROXY!"
+		eerror "Please enable caps USE flag and try again."
+
+		die "invalid combination of USE flags"
+	fi
+
+	enewgroup squid 31
+	enewuser squid 31 -1 /var/cache/squid squid
+}
+
+src_prepare() {
+	epatch "${FILESDIR}"/${P}-gentoo.patch
+	epatch "${FILESDIR}"/${P}-qafixes.patch
+	epatch "${FILESDIR}"/${P}-libmd5.patch
+
+	# eautoreconf breaks lib/libLtdl/libtool script
+	./bootstrap.sh || die "autoreconf failed"
+}
+
+src_configure() {
+	local myconf=""
+
+	local basic_modules="getpwnam,NCSA,MSNT"
+	use samba && basic_modules="SMB,multi-domain-NTLM,${basic_modules}"
+	use ldap && basic_modules="LDAP,${basic_modules}"
+	use pam && basic_modules="PAM,${basic_modules}"
+	use sasl && basic_modules="SASL,${basic_modules}"
+	use nis && ! use elibc_uclibc && basic_modules="YP,${basic_modules}"
+	use radius && basic_modules="squid_radius_auth,${basic_modules}"
+	if use mysql || use postgres || use sqlite ; then
+		basic_modules="DB,${basic_modules}"
+	fi
+
+	local digest_modules="password"
+	use ldap && digest_modules="ldap,${digest_modules}"
+
+	local ext_helpers="ip_user,session,unix_group"
+	use samba && ext_helpers="wbinfo_group,${ext_helpers}"
+	use ldap && ext_helpers="ldap_group,${ext_helpers}"
+
+	local ntlm_helpers="fakeauth"
+	use samba && ntlm_helpers="smb_lm,${ntlm_helpers}"
+
+	local negotiate_helpers=
+	if use kerberos; then
+		negotiate_helpers="squid_kerb_auth"
+		has_version app-crypt/mit-krb5 \
+			&& myconf="--enable-mit --disable-heimdal" \
+			|| myconf="--disable-mit --enable-heimdal"
+	fi
+
+	# coss support has been disabled
+	# If it is re-enabled again, make sure you don't enable it for elibc_uclibc (#61175)
+	myconf="${myconf} --enable-storeio=ufs,diskd,aufs"
+
+	if use kernel_linux; then
+		myconf="${myconf} --enable-linux-netfilter
+			$(use_enable tproxy linux-tproxy)
+			$(use_enable epoll)"
+	elif use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then
+		myconf="${myconf} $(use_enable kqueue)"
+		if use pf-transparent; then
+			myconf="${myconf} --enable-pf-transparent"
+		elif use ipf-transparent; then
+			myconf="${myconf} --enable-ipf-transparent"
+		fi
+	fi
+
+	export CC=$(tc-getCC)
+
+	econf \
+		--sysconfdir=/etc/squid \
+		--libexecdir=/usr/libexec/squid \
+		--localstatedir=/var \
+		--with-pidfile=/var/run/squid.pid \
+		--datadir=/usr/share/squid \
+		--with-logdir=/var/log/squid \
+		--with-default-user=squid \
+		--enable-auth="basic,digest,negotiate,ntlm" \
+		--enable-removal-policies="lru,heap" \
+		--enable-digest-auth-helpers="${digest_modules}" \
+		--enable-basic-auth-helpers="${basic_modules}" \
+		--enable-external-acl-helpers="${ext_helpers}" \
+		--enable-ntlm-auth-helpers="${ntlm_helpers}" \
+		--enable-negotiate-auth-helpers="${negotiate_helpers}" \
+		--enable-useragent-log \
+		--enable-cache-digests \
+		--enable-delay-pools \
+		--enable-referer-log \
+		--enable-arp-acl \
+		--with-large-files \
+		--with-filedescriptors=8192 \
+		--disable-strict-error-checking \
+		$(use_enable caps) \
+		$(use_enable ipv6) \
+		$(use_enable snmp) \
+		$(use_enable ssl) \
+		$(use_enable icap-client) \
+		$(use_enable ecap) \
+		$(use_enable zero-penalty-hit zph-qos) \
+		${myconf} || die "econf failed"
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die "emake install failed"
+
+	# need suid root for looking into /etc/shadow
+	fowners root:squid /usr/libexec/squid/ncsa_auth
+	fowners root:squid /usr/libexec/squid/pam_auth
+	fperms 4750 /usr/libexec/squid/ncsa_auth
+	fperms 4750 /usr/libexec/squid/pam_auth
+
+	# some cleanups
+	rm -f "${D}"/usr/bin/Run*
+
+	dodoc CONTRIBUTORS CREDITS ChangeLog QUICKSTART SPONSORS doc/*.txt \
+		helpers/ntlm_auth/no_check/README.no_check_ntlm_auth
+	newdoc helpers/basic_auth/SMB/README README.auth_smb
+	dohtml helpers/basic_auth/MSNT/README.html RELEASENOTES.html
+	newdoc helpers/basic_auth/LDAP/README README.auth_ldap
+	doman helpers/basic_auth/LDAP/*.8
+	dodoc helpers/basic_auth/SASL/squid_sasl_auth*
+
+	newpamd "${FILESDIR}/squid.pam" squid
+	newconfd "${FILESDIR}/squid.confd" squid
+	if use logrotate; then
+		newinitd "${FILESDIR}/squid.initd-logrotate" squid
+		insinto /etc/logrotate.d
+		newins "${FILESDIR}/squid.logrotate" squid
+	else
+		newinitd "${FILESDIR}/squid.initd" squid
+		exeinto /etc/cron.weekly
+		newexe "${FILESDIR}/squid.cron" squid.cron
+	fi
+
+	rm -rf "${D}"/var
+	diropts -m0755 -o squid -g squid
+	keepdir /var/cache/squid /var/log/squid
+}
+
+pkg_postinst() {
+	echo
+	ewarn "Squid authentication helpers have been installed suid root."
+	ewarn "This allows shadow based authentication (see bug #52977 for more)."
+	echo
+	ewarn "Be careful what type of cache_dir you select!"
+	ewarn "   'diskd' is optimized for high levels of traffic, but it might seem slow"
+	ewarn "when there isn't sufficient traffic to keep squid reasonably busy."
+	ewarn "   If your traffic level is low to moderate, use 'aufs' or 'ufs'."
+	echo
+	ewarn "Squid can be configured to run in transparent mode like this:"
+	ewarn "   ${HILITE}http_port internal-addr:3128 transparent${NORMAL}"
+	if use zero-penalty-hit; then
+		echo
+		ewarn "In order for zph_preserve_miss_tos to work, you will have to alter your kernel"
+		ewarn "with the patch that can be found on http://zph.bratcheda.org site."
+	fi
+}