Mercurial > hg > portage
changeset 264:a62b22eecde5
squid 3.1.9
author | holger |
---|---|
date | Sun, 07 Nov 2010 22:46:52 +0100 |
parents | 919d2e672e53 |
children | 4f80c1679ba4 |
files | net-proxy/squid/Manifest net-proxy/squid/files/squid-3.1.9-gentoo.patch net-proxy/squid/files/squid-3.1.9-libmd5.patch net-proxy/squid/files/squid-3.1.9-qafixes.patch net-proxy/squid/files/squid.confd net-proxy/squid/files/squid.cron net-proxy/squid/files/squid.initd net-proxy/squid/files/squid.initd-logrotate net-proxy/squid/files/squid.logrotate net-proxy/squid/files/squid.pam net-proxy/squid/squid-3.1.9.ebuild |
diffstat | 11 files changed, 847 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/net-proxy/squid/Manifest Sun Nov 07 22:46:52 2010 +0100 @@ -0,0 +1,11 @@ +AUX squid-3.1.9-gentoo.patch 12364 RMD160 5a825dfd6d18ce8c91e16d8f0841737bc87b3d74 SHA1 29ae980d9b5ecf6b6b1481a36d2d4abb254c4a0a SHA256 bef6ba17f25aa07a5d3691c7a4af7ff478a6c0948b20a867808184a2839417b6 +AUX squid-3.1.9-libmd5.patch 588 RMD160 ae825720524b07bd2c0ae77b15b657fdd9392617 SHA1 5deb1d7a5f6c91b9a910f6460d2df6bc7b07c18e SHA256 c09de18fbcc1b5c4dda19f91c2182e179d05938a235774113a7a3af5862909d5 +AUX squid-3.1.9-qafixes.patch 2214 RMD160 ed05e224d5f392b43f88d1d72415d7539fb3e77b SHA1 4991eb402b9192e3cd18871d3cca7469d10eef35 SHA256 f02b1dbd7afca670b804b616b74e006a2f7aa0bd08988c3120b4064258754af8 +AUX squid.confd 540 RMD160 aa4ec5a6eebad1222667aff6b3180931cf566b13 SHA1 1c0c23b08bd0450eae14604c2b45ca67c7ac25c5 SHA256 aeef7060c50074b65c664fc106d7319ce380d25320ee2ee00f7d6021846b88ec +AUX squid.cron 143 RMD160 0706a7ad04691b9a93a2897c319008440483ba11 SHA1 6138db0eccb7320e707b8d60c2970ef684e29336 SHA256 4c9e2afe5b0bba583ce896233ea1f9262beeb1b6cf51b4adb48d5f5c03933b2f +AUX squid.initd 3315 RMD160 a6209a27770eb2aebdd533c946e790efec0de53b SHA1 08519fa20a7286cba9ea82e7b23dd8116ab7f77b SHA256 d3eac36c2fc313688e19cde7ace63783cd202315b23c0b2bd0219a4504cb2b35 +AUX squid.initd-logrotate 3163 RMD160 b7d58517e4198ceb7416c00004c91ac30a241bfb SHA1 714d51e0c449817c12e7230942f89c1a62012107 SHA256 b403b7ffebc08c2ce76cd2b8b6c53a639f24e3e35933ba9766aa4623a34a1279 +AUX squid.logrotate 103 RMD160 e7e4a6bde48e2735632692a6e628955b270f30ad SHA1 6e8d42f6a1a3109f0a26ed30edc7d91c6816e23f SHA256 e5ddce1c9af851040affa15e1a59e89d8db0f2eea7c461320a1d3784578f4482 +AUX squid.pam 315 RMD160 afb3f1cc36ba5ef0015c40040b6d5c18485ec828 SHA1 40933fabaaa2a9cb38d57c3acb77857082c82ae5 SHA256 68ef4282f9fb8506df710d0ae16e84e991e9b138c7f1d0af922682219c7a971f +DIST squid-3.1.9.tar.gz 3264260 RMD160 731e56d026048c2430d8860a074855c62515ec0e SHA1 53f2000e73d838f8419c5643d335e9996e51303c SHA256 3f690ff31dc4df361235c7253530624f52364ea8783eec41e3ab068c3264aff1 +EBUILD squid-3.1.9.ebuild 7018 RMD160 ebeb8889012c8a9b05813b5e1e8cd955887db0bf SHA1 48bbda8dc9d056fe98ff6024e3acf41b8fb8df99 SHA256 7f98d3bcedae6eb83455744f76951ea35fd15c39fbc270dd6b3a59fd2873e8ce
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/net-proxy/squid/files/squid-3.1.9-gentoo.patch Sun Nov 07 22:46:52 2010 +0100 @@ -0,0 +1,281 @@ +diff -Nru squid-3.1.8.orig/acinclude.m4 squid-3.1.8/acinclude.m4 +--- squid-3.1.8.orig/acinclude.m4 2010-09-04 05:25:57.000000000 +0200 ++++ squid-3.1.8/acinclude.m4 2010-09-23 23:34:10.000000000 +0200 +@@ -75,7 +75,7 @@ + AC_MSG_CHECKING([whether compiler accepts -fhuge-objects]) + AC_CACHE_VAL([ac_cv_test_checkforhugeobjects],[ + ac_cv_test_checkforhugeobjects=`echo "int main(int argc, char **argv) { int foo; }" > conftest.cc +-${CXX} -Werror -fhuge-objects -o conftest.bin conftest.cc 2>/dev/null ++${CXX} -fhuge-objects -o conftest.bin conftest.cc 2>/dev/null + res=$? + rm -f conftest.* + echo yes +diff -Nru squid-3.1.8.orig/configure.in squid-3.1.8/configure.in +--- squid-3.1.8.orig/configure.in 2010-09-04 05:26:52.000000000 +0200 ++++ squid-3.1.8/configure.in 2010-09-23 23:34:10.000000000 +0200 +@@ -16,9 +16,9 @@ + PRESET_LDFLAGS="$LDFLAGS" + + dnl Set default LDFLAGS +-if test -z "$LDFLAGS"; then +- LDFLAGS="-g" +-fi ++dnl if test -z "$LDFLAGS"; then ++dnl LDFLAGS="-g" ++dnl fi + + dnl Check for GNU cc + AC_PROG_CC +diff -Nru squid-3.1.8.orig/helpers/basic_auth/MSNT/confload.c squid-3.1.8/helpers/basic_auth/MSNT/confload.c +--- squid-3.1.8.orig/helpers/basic_auth/MSNT/confload.c 2010-09-04 05:25:57.000000000 +0200 ++++ squid-3.1.8/helpers/basic_auth/MSNT/confload.c 2010-09-23 23:34:10.000000000 +0200 +@@ -27,7 +27,7 @@ + + /* Path to configuration file */ + #ifndef SYSCONFDIR +-#define SYSCONFDIR "/usr/local/squid/etc" ++#define SYSCONFDIR "/etc/squid" + #endif + #define CONFIGFILE SYSCONFDIR "/msntauth.conf" + +diff -Nru squid-3.1.8.orig/helpers/basic_auth/MSNT/msntauth.conf.default squid-3.1.8/helpers/basic_auth/MSNT/msntauth.conf.default +--- squid-3.1.8.orig/helpers/basic_auth/MSNT/msntauth.conf.default 2010-09-04 05:25:57.000000000 +0200 ++++ squid-3.1.8/helpers/basic_auth/MSNT/msntauth.conf.default 2010-09-23 23:34:10.000000000 +0200 +@@ -8,6 +8,6 @@ + server other_PDC other_BDC otherdomain + + # Denied and allowed users. Comment these if not needed. +-#denyusers /usr/local/squid/etc/msntauth.denyusers +-#allowusers /usr/local/squid/etc/msntauth.allowusers ++#denyusers /etc/squid/msntauth.denyusers ++#allowusers /etc/squid/msntauth.allowusers + +diff -Nru squid-3.1.8.orig/helpers/basic_auth/SMB/Makefile.am squid-3.1.8/helpers/basic_auth/SMB/Makefile.am +--- squid-3.1.8.orig/helpers/basic_auth/SMB/Makefile.am 2010-09-04 05:25:57.000000000 +0200 ++++ squid-3.1.8/helpers/basic_auth/SMB/Makefile.am 2010-09-23 23:34:10.000000000 +0200 +@@ -16,7 +16,7 @@ + ## FIXME: autoconf should test for the samba path. + + SMB_AUTH_HELPER = smb_auth.sh +-SAMBAPREFIX=/usr/local/samba ++SAMBAPREFIX=/usr + SMB_AUTH_HELPER_PATH = $(libexecdir)/$(SMB_AUTH_HELPER) + + libexec_SCRIPTS = $(SMB_AUTH_HELPER) +diff -Nru squid-3.1.8.orig/helpers/basic_auth/SMB/smb_auth.sh squid-3.1.8/helpers/basic_auth/SMB/smb_auth.sh +--- squid-3.1.8.orig/helpers/basic_auth/SMB/smb_auth.sh 2010-09-04 05:25:57.000000000 +0200 ++++ squid-3.1.8/helpers/basic_auth/SMB/smb_auth.sh 2010-09-23 23:34:10.000000000 +0200 +@@ -24,7 +24,7 @@ + read AUTHSHARE + read AUTHFILE + read SMBUSER +-read SMBPASS ++read -r SMBPASS + + # Find domain controller + echo "Domain name: $DOMAINNAME" +@@ -47,7 +47,7 @@ + addropt="" + fi + echo "Query address options: $addropt" +-dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+ / { print $1 ; exit }'` ++dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+\..+ / { print $1 ; exit }'` + echo "Domain controller IP address: $dcip" + [ -n "$dcip" ] || exit 1 + +diff -Nru squid-3.1.8.orig/helpers/external_acl/session/squid_session.8 squid-3.1.8/helpers/external_acl/session/squid_session.8 +--- squid-3.1.8.orig/helpers/external_acl/session/squid_session.8 2010-09-04 05:25:57.000000000 +0200 ++++ squid-3.1.8/helpers/external_acl/session/squid_session.8 2010-09-23 23:34:10.000000000 +0200 +@@ -35,7 +35,7 @@ + .P + Configuration example using the default automatic mode + .IP +-external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN /usr/local/squid/libexec/squid_session ++external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN /usr/libexec/squid/squid_session + .IP + acl session external session + .IP +diff -Nru squid-3.1.8.orig/helpers/external_acl/unix_group/squid_unix_group.8 squid-3.1.8/helpers/external_acl/unix_group/squid_unix_group.8 +--- squid-3.1.8.orig/helpers/external_acl/unix_group/squid_unix_group.8 2010-09-04 05:25:58.000000000 +0200 ++++ squid-3.1.8/helpers/external_acl/unix_group/squid_unix_group.8 2010-09-23 23:34:10.000000000 +0200 +@@ -27,7 +27,7 @@ + This squid.conf example defines two Squid acls. usergroup1 matches users in group1, and usergroup2 + matches users in group2 or group3 + .IP +-external_acl_type unix_group %LOGIN /usr/local/squid/libexec/squid_unix_group -p ++external_acl_type unix_group %LOGIN /usr/libexec/squid/squid_unix_group -p + .IP + acl usergroup1 external unix_group group1 + .IP +diff -Nru squid-3.1.8.orig/helpers/negotiate_auth/squid_kerb_auth/configure.in squid-3.1.8/helpers/negotiate_auth/squid_kerb_auth/configure.in +--- squid-3.1.8.orig/helpers/negotiate_auth/squid_kerb_auth/configure.in 2010-09-04 05:25:58.000000000 +0200 ++++ squid-3.1.8/helpers/negotiate_auth/squid_kerb_auth/configure.in 2010-09-23 23:34:10.000000000 +0200 +@@ -17,6 +17,7 @@ + + AC_INIT([squid_kerb_auth],[1.0.5],[markus_moeller@compuserve.com]) + AM_INIT_AUTOMAKE(squid_kerb_auth,1.0.5) ++AM_MAINTAINER_MODE + AC_CONFIG_SRCDIR([squid_kerb_auth.c]) + + AC_PROG_CC +@@ -467,7 +468,7 @@ + echo "configure: ##" + echo "configure: ## -----------------------------##" + +-MY_CFLAGS="-Wall -Wextra -Werror -Wcomment -Wpointer-arith -Wcast-align -Wwrite-strings -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wdeclaration-after-statement -Wshadow" ++MY_CFLAGS="-Wall -Wextra -Wpointer-arith -Wcast-align -Wwrite-strings -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wdeclaration-after-statement -Wshadow" + for ac_cv_my_cflag in $MY_CFLAGS; do + echo "int main() + { +diff -Nru squid-3.1.8.orig/lib/libTrie/acinclude.m4 squid-3.1.8/lib/libTrie/acinclude.m4 +--- squid-3.1.8.orig/lib/libTrie/acinclude.m4 2010-09-04 05:25:57.000000000 +0200 ++++ squid-3.1.8/lib/libTrie/acinclude.m4 2010-09-23 23:34:10.000000000 +0200 +@@ -11,7 +11,7 @@ + AC_MSG_CHECKING([whether compiler accepts -fhuge-objects]) + AC_CACHE_VAL([ac_cv_test_checkforhugeobjects],[ + ac_cv_test_checkforhugeobjects=`echo "int main(int argc, char **argv) { int foo; }" > conftest.cc +-${CXX} -Werror -fhuge-objects -o conftest.bin conftest.cc 2>/dev/null ++${CXX} -fhuge-objects -o conftest.bin conftest.cc 2>/dev/null + res=$? + rm -f conftest.* + echo yes +diff -Nru squid-3.1.8.orig/lib/libTrie/configure.in squid-3.1.8/lib/libTrie/configure.in +--- squid-3.1.8.orig/lib/libTrie/configure.in 2010-09-04 05:25:57.000000000 +0200 ++++ squid-3.1.8/lib/libTrie/configure.in 2010-09-23 23:34:10.000000000 +0200 +@@ -59,8 +59,8 @@ + + dnl set useful flags + if test "$GCC" = "yes"; then +- TRIE_CFLAGS="-Werror -Wall -Wpointer-arith -Wwrite-strings -Wmissing-prototypes -Wmissing-declarations -Wcomments" +- TRIE_CXXFLAGS="-Werror -Wall -Wpointer-arith -Wwrite-strings -Wcomments" ++ TRIE_CFLAGS="-Wall -Wpointer-arith -Wwrite-strings -Wmissing-prototypes -Wmissing-declarations" ++ TRIE_CXXFLAGS="-Wall -Wpointer-arith -Wwrite-strings" + else + TRIE_CFLAGS= + TRIE_CXXFLAGS= +diff -Nru squid-3.1.8.orig/src/cf.data.pre squid-3.1.8/src/cf.data.pre +--- squid-3.1.8.orig/src/cf.data.pre 2010-09-04 05:25:57.000000000 +0200 ++++ squid-3.1.8/src/cf.data.pre 2010-09-23 23:34:10.000000000 +0200 +@@ -716,6 +716,7 @@ + acl Safe_ports port 488 # gss-http + acl Safe_ports port 591 # filemaker + acl Safe_ports port 777 # multiling http ++acl Safe_ports port 901 # SWAT + acl CONNECT method CONNECT + NOCOMMENT_END + DOC_END +@@ -864,6 +865,9 @@ + http_access allow localnet + http_access allow localhost + ++# Allow the localhost to have access by default ++http_access allow localhost ++ + # And finally deny all other access to this proxy + http_access deny all + NOCOMMENT_END +@@ -4036,11 +4040,11 @@ + + NAME: cache_mgr + TYPE: string +-DEFAULT: webmaster ++DEFAULT: root + LOC: Config.adminEmail + DOC_START + Email-address of local cache manager who will receive +- mail if the cache dies. The default is "webmaster." ++ mail if the cache dies. The default is "root". + DOC_END + + NAME: mail_from +@@ -6357,7 +6361,7 @@ + NAME: forwarded_for + COMMENT: on|off|transparent|truncate|delete + TYPE: string +-DEFAULT: on ++DEFAULT: delete + LOC: opt_forwarded_for + DOC_START + If set to "on", Squid will append your client's IP address +diff -Nru squid-3.1.8.orig/src/debug.cc squid-3.1.8/src/debug.cc +--- squid-3.1.8.orig/src/debug.cc 2010-09-04 05:25:57.000000000 +0200 ++++ squid-3.1.8/src/debug.cc 2010-09-23 23:34:10.000000000 +0200 +@@ -452,7 +452,7 @@ + #if HAVE_SYSLOG && defined(LOG_LOCAL4) + + if (Debug::log_syslog) +- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, syslog_facility); ++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, syslog_facility); + + #endif /* HAVE_SYSLOG */ + +diff -Nru squid-3.1.8.orig/src/main.cc squid-3.1.8/src/main.cc +--- squid-3.1.8.orig/src/main.cc 2010-09-04 05:25:57.000000000 +0200 ++++ squid-3.1.8/src/main.cc 2010-09-23 23:34:10.000000000 +0200 +@@ -1556,7 +1556,7 @@ + if (*(argv[0]) == '(') + return; + +- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_DAEMON); + + if ((pid = fork()) < 0) + syslog(LOG_ALERT, "fork failed: %s", xstrerror()); +@@ -1600,7 +1600,7 @@ + + if ((pid = fork()) == 0) { + /* child */ +- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_DAEMON); + prog = xstrdup(argv[0]); + argv[0] = xstrdup("(squid)"); + execvp(prog, argv); +@@ -1608,7 +1608,7 @@ + } + + /* parent */ +- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_DAEMON); + + syslog(LOG_NOTICE, "Squid Parent: child process %d started", pid); + +diff -Nru squid-3.1.8.orig/src/Makefile.am squid-3.1.8/src/Makefile.am +--- squid-3.1.8.orig/src/Makefile.am 2010-09-04 05:25:57.000000000 +0200 ++++ squid-3.1.8/src/Makefile.am 2010-09-23 23:34:10.000000000 +0200 +@@ -638,7 +638,6 @@ + + sysconf_DATA = \ + squid.conf.default \ +- squid.conf.documented \ + mime.conf.default + + data_DATA = \ +@@ -719,8 +718,8 @@ + DEFAULT_ACCESS_LOG = $(DEFAULT_LOG_PREFIX)/access.log + DEFAULT_STORE_LOG = $(DEFAULT_LOG_PREFIX)/store.log + DEFAULT_PID_FILE = $(DEFAULT_PIDFILE) +-DEFAULT_NETDB_FILE = $(DEFAULT_LOG_PREFIX)/netdb.state +-DEFAULT_SWAP_DIR = $(localstatedir)/cache ++DEFAULT_NETDB_FILE = $(localstatedir)/run/netdb.state ++DEFAULT_SWAP_DIR = $(localstatedir)/cache/squid + DEFAULT_PINGER = $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'` + DEFAULT_UNLINKD = $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'` + DEFAULT_DISKD = $(libexecdir)/`echo diskd | sed '$(transform);s/$$/$(EXEEXT)/'` +@@ -797,13 +796,11 @@ + @if test -f $(DESTDIR)$(DEFAULT_CONFIG_FILE) ; then \ + echo "$@ will not overwrite existing $(DESTDIR)$(DEFAULT_CONFIG_FILE)" ; \ + else \ +- echo "$(INSTALL_DATA) squid.conf.default $(DESTDIR)$(DEFAULT_CONFIG_FILE)"; \ +- $(INSTALL_DATA) squid.conf.default $(DESTDIR)$(DEFAULT_CONFIG_FILE); \ ++ echo "$(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE)"; \ ++ $(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE); \ + fi +- echo "$(INSTALL_DATA) squid.conf.default $(DESTDIR)$(DEFAULT_CONFIG_FILE).default"; \ +- $(INSTALL_DATA) squid.conf.default $(DESTDIR)$(DEFAULT_CONFIG_FILE).default; \ +- echo "$(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE).documented"; \ +- $(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE).documented; \ ++ echo "$(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE).default"; \ ++ $(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE).default; \ + $(mkinstalldirs) $(DESTDIR)$(DEFAULT_LOG_PREFIX); \ + $(mkinstalldirs) $(DESTDIR)`dirname $(DEFAULT_PIDFILE)` +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/net-proxy/squid/files/squid-3.1.9-libmd5.patch Sun Nov 07 22:46:52 2010 +0100 @@ -0,0 +1,16 @@ +diff -Nru squid-3.1.8.orig/configure.in squid-3.1.8/configure.in +--- squid-3.1.8.orig/configure.in 2010-09-23 23:34:49.000000000 +0200 ++++ squid-3.1.8/configure.in 2010-09-23 23:36:41.000000000 +0200 +@@ -2730,7 +2730,11 @@ + dnl libcrypt (eg FreeBSD) + AC_CHECK_LIB(crypt, crypt, [CRYPTLIB="-lcrypt"]) + dnl Solaris10 provides MD5 natively through libmd5 +-AC_CHECK_LIB(md5, MD5Init, [CRYPTLIB="$CRYPTLIB -lmd5"]) ++case "$host" in ++ *-solaris*) ++ AC_CHECK_LIB(md5, MD5Init, [CRYPTLIB="$CRYPTLIB -lmd5"]) ++ ;; ++esac + AC_SUBST(CRYPTLIB) + + dnl Check for libdl, used by auth_modules/PAM
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/net-proxy/squid/files/squid-3.1.9-qafixes.patch Sun Nov 07 22:46:52 2010 +0100 @@ -0,0 +1,39 @@ +diff -Nru squid-3.1.8.orig/helpers/negotiate_auth/squid_kerb_auth/configure.in squid-3.1.8/helpers/negotiate_auth/squid_kerb_auth/configure.in +--- squid-3.1.8.orig/helpers/negotiate_auth/squid_kerb_auth/configure.in 2010-09-23 23:34:49.000000000 +0200 ++++ squid-3.1.8/helpers/negotiate_auth/squid_kerb_auth/configure.in 2010-09-23 23:35:45.000000000 +0200 +@@ -94,7 +94,7 @@ + else + ac_gssapi_libs=`krb5-config --libs gssapi 2>/dev/null` + if test "x$ac_gssapi_libs" != "x" ; then +- LDFLAGS="$LDFLAGS $ac_gssapi_libs" ++ LIBS="$LIBS $ac_gssapi_libs" + else + for lib in $ac_gss_libs; do + AC_CHECK_LIB($lib,main) +@@ -118,7 +118,7 @@ + fi + ac_gssapi_libs=`krb5-config --libs gssapi 2>/dev/null` + if test "x$ac_gssapi_libs" != "x" ; then +- LDFLAGS="$LDFLAGS $ac_gssapi_libs" ++ LIBS="$LIBS $ac_gssapi_libs" + else + for lib in $ac_gss_libs; do + AC_CHECK_LIB($lib,main) +@@ -172,7 +172,7 @@ + ac_libdir=`echo $ac_gssapi_libs | sed -e 's/.*-L//' | sed -e 's/ .*//'` + LDFLAGS="$LDFLAGS $w_flag$ac_libdir$w_flag_2" + fi +- LDFLAGS="$LDFLAGS $ac_gssapi_libs" ++ LIBS="$LIBS $ac_gssapi_libs" + else + for lib in $ac_gss_libs; do + AC_CHECK_LIB($lib,main) +@@ -201,7 +201,7 @@ + ac_libdir=`echo $ac_gssapi_libs | sed -e 's/.*-L//' | sed -e 's/ .*//'` + LDFLAGS="$LDFLAGS $w_flag$ac_libdir$w_flag_2" + fi +- LDFLAGS="$LDFLAGS $ac_gssapi_libs" ++ LIBS="$LIBS $ac_gssapi_libs" + else + for lib in $ac_gss_libs; do + AC_CHECK_LIB($lib,main)
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/net-proxy/squid/files/squid.confd Sun Nov 07 22:46:52 2010 +0100 @@ -0,0 +1,14 @@ +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/files/squid.confd,v 1.3 2009/10/25 08:35:46 mrness Exp $ + +# Config file for /etc/init.d/squid + +SQUID_OPTS="-YC" + +# Max. number of filedescriptors to use. You can increase this on a busy +# cache to a maximum of (currently) 8192 filedescriptors. Default is 1024. +SQUID_MAXFD=1024 + +# Kerberos keytab file to use. This is required if you enable kerberos authentication. +SQUID_KEYTAB=""
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/net-proxy/squid/files/squid.cron Sun Nov 07 22:46:52 2010 +0100 @@ -0,0 +1,5 @@ +#!/bin/sh +if test -e /var/run/squid.pid ; then + test -n "$(cat /var/run/squid.pid|xargs ps -p|grep squid)" && \ + /usr/sbin/squid -k rotate +fi
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/net-proxy/squid/files/squid.initd Sun Nov 07 22:46:52 2010 +0100 @@ -0,0 +1,129 @@ +#!/sbin/runscript +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/files/squid.initd,v 1.13 2009/11/28 12:32:58 mrness Exp $ + +opts="${opts} reload rotate" + +depend() { + use dns + need net +} + +upprocval() { + [ -f $1 ] || return 0 + if [ `cat $1` -lt $2 ]; then + echo $2 > $1 + fi +} + +# Try to increase the # of filedescriptors we can open. +maxfds() { + [ -n "$SQUID_MAXFD" ] || return + [ $SQUID_MAXFD -le 8192 ] || SQUID_MAXFD=8192 + local minimal_file_max=$(($SQUID_MAXFD + 4096)) + upprocval /proc/sys/fs/file-max $minimal_file_max + if /usr/sbin/squid -v | grep -q "\--enable-epoll" ; then + upprocval /proc/sys/fs/epoll/max_user_watches $minimal_file_max + fi + ulimit -n $SQUID_MAXFD +} + +checkconfig() { + if [ ! -f /etc/squid/${SVCNAME}.conf ]; then + eerror "You need to create /etc/squid/${SVCNAME}.conf first." + eerror "An example can be found in /etc/squid/squid.conf.default" + return 1 + fi + + local PIDFILE=$(awk '/^[ \t]*pid_filename[ \t]+/ { print $2 }' < /etc/squid/${SVCNAME}.conf) + [ -z ${PIDFILE} ] && PIDFILE=/var/run/squid.pid + if [ /var/run/${SVCNAME}.pid != ${PIDFILE} ]; then + eerror "/etc/squid/${SVCNAME}.conf must set pid_filename to" + eerror " /var/run/${SVCNAME}.pid" + eerror "CAUTION: http_port, cache_dir and *_log parameters must be different than" + eerror " in any other instance of squid." + return 1 + fi + + maxfds + + local CACHE_SWAP=$(awk '/^[ \t]*cache_dir[ \t]+/ { if ($2 == "coss" ) printf "%s/stripe ", $3 ; else printf "%s/00 ", $3; }' < /etc/squid/${SVCNAME}.conf) + [ -z "$CACHE_SWAP" ] && CACHE_SWAP="/var/cache/squid/00" + + local x + for x in $CACHE_SWAP ; do + if [ ! -e $x ] ; then + ebegin "Initializing cache directory ${x%/*}" + local ORIG_UMASK=$(umask) + umask 027 + + if ! (mkdir -p ${x%/*} && chown squid ${x%/*}) ; then + eend 1 + return 1 + fi + + local INIT_CACHE_RESPONSE="$(/usr/sbin/squid -z -N -f /etc/squid/${SVCNAME}.conf 2>&1)" + if [ $? != 0 ] || echo "$INIT_CACHE_RESPONSE" | grep -q "erminated abnormally" ; then + umask $ORIG_UMASK + eend 1 + echo "$INIT_CACHE_RESPONSE" + return 1 + fi + + umask $ORIG_UMASK + eend 0 + break + fi + done + + return 0 +} + +start() { + checkconfig || return 1 + ebegin "Starting ${SVCNAME}" + KRB5_KTNAME="${SQUID_KEYTAB}" /usr/sbin/squid ${SQUID_OPTS} -f /etc/squid/${SVCNAME}.conf + eend $? && sleep 1 +} + +stop() { + ebegin "Stopping ${SVCNAME}" + if /usr/sbin/squid -k shutdown -f /etc/squid/${SVCNAME}.conf ; then + # Now we have to wait until squid has _really_ stopped. + sleep 1 + if [ -f /var/run/${SVCNAME}.pid ] ; then + einfon "Waiting for squid to shutdown ." + cnt=0 + while [ -f /var/run/${SVCNAME}.pid ] ; do + cnt=$(expr $cnt + 1) + if [ $cnt -gt 60 ] ; then + # Waited 120 seconds now. Fail. + echo + eend 1 "Failed." + break + fi + sleep 2 + echo -n "." + done + echo + fi + else + eerror "Squid shutdown failed, probably service is already down." + fi + eend 0 +} + +reload() { + checkconfig || return 1 + ebegin "Reloading ${SVCNAME}" + /usr/sbin/squid -k reconfigure -f /etc/squid/${SVCNAME}.conf + eend $? +} + +rotate() { + service_started ${SVCNAME} || return 1 + ebegin "Rotating ${SVCNAME} logs" + /usr/sbin/squid -k rotate -f /etc/squid/${SVCNAME}.conf + eend $? +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/net-proxy/squid/files/squid.initd-logrotate Sun Nov 07 22:46:52 2010 +0100 @@ -0,0 +1,122 @@ +#!/sbin/runscript +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/files/squid.initd-logrotate,v 1.11 2009/11/28 12:32:58 mrness Exp $ + +opts="${opts} reload" + +depend() { + use dns + need net +} + +upprocval() { + [ -f $1 ] || return 0 + if [ `cat $1` -lt $2 ]; then + echo $2 > $1 + fi +} + +# Try to increase the # of filedescriptors we can open. +maxfds() { + [ -n "$SQUID_MAXFD" ] || return + [ $SQUID_MAXFD -le 8192 ] || SQUID_MAXFD=8192 + local minimal_file_max=$(($SQUID_MAXFD + 4096)) + upprocval /proc/sys/fs/file-max $minimal_file_max + if /usr/sbin/squid -v | grep -q "\--enable-epoll" ; then + upprocval /proc/sys/fs/epoll/max_user_watches $minimal_file_max + fi + ulimit -n $SQUID_MAXFD +} + +checkconfig() { + if [ ! -f /etc/squid/${SVCNAME}.conf ]; then + eerror "You need to create /etc/squid/${SVCNAME}.conf first." + eerror "An example can be found in /etc/squid/squid.conf.default" + return 1 + fi + + local PIDFILE=$(awk '/^[ \t]*pid_filename[ \t]+/ { print $2 }' < /etc/squid/${SVCNAME}.conf) + [ -z ${PIDFILE} ] && PIDFILE=/var/run/squid.pid + if [ /var/run/${SVCNAME}.pid != ${PIDFILE} ]; then + eerror "/etc/squid/${SVCNAME}.conf must set pid_filename to" + eerror " /var/run/${SVCNAME}.pid" + eerror "CAUTION: http_port, cache_dir and *_log parameters must be different than" + eerror " in any other instance of squid." + return 1 + fi + + maxfds + + local CACHE_SWAP=$(awk '/^[ \t]*cache_dir[ \t]+/ { if ($2 == "coss" ) printf "%s/stripe ", $3 ; else printf "%s/00 ", $3; }' < /etc/squid/${SVCNAME}.conf) + [ -z "$CACHE_SWAP" ] && CACHE_SWAP="/var/cache/squid/00" + + local x + for x in $CACHE_SWAP ; do + if [ ! -e $x ] ; then + ebegin "Initializing cache directory ${x%/*}" + local ORIG_UMASK=$(umask) + umask 027 + + if ! (mkdir -p ${x%/*} && chown squid ${x%/*}) ; then + eend 1 + return 1 + fi + + local INIT_CACHE_RESPONSE="$(/usr/sbin/squid -z -N -f /etc/squid/${SVCNAME}.conf 2>&1)" + if [ $? != 0 ] || echo "$INIT_CACHE_RESPONSE" | grep -q "erminated abnormally" ; then + umask $ORIG_UMASK + eend 1 + echo "$INIT_CACHE_RESPONSE" + return 1 + fi + + umask $ORIG_UMASK + eend 0 + break + fi + done + + return 0 +} + +start() { + checkconfig || return 1 + ebegin "Starting ${SVCNAME}" + KRB5_KTNAME="${SQUID_KEYTAB}" /usr/sbin/squid ${SQUID_OPTS} -f /etc/squid/${SVCNAME}.conf + eend $? && sleep 1 +} + +stop() { + ebegin "Stopping ${SVCNAME}" + if /usr/sbin/squid -k shutdown -f /etc/squid/${SVCNAME}.conf ; then + # Now we have to wait until squid has _really_ stopped. + sleep 1 + if [ -f /var/run/${SVCNAME}.pid ] ; then + einfon "Waiting for squid to shutdown ." + cnt=0 + while [ -f /var/run/${SVCNAME}.pid ] ; do + cnt=$(expr $cnt + 1) + if [ $cnt -gt 60 ] ; then + # Waited 120 seconds now. Fail. + echo + eend 1 "Failed." + break + fi + sleep 2 + echo -n "." + done + echo + fi + else + eerror "Squid shutdown failed, probably service is already down." + fi + eend 0 +} + +reload() { + checkconfig || return 1 + ebegin "Reloading ${SVCNAME}" + /usr/sbin/squid -k reconfigure -f /etc/squid/${SVCNAME}.conf + eend $? +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/net-proxy/squid/files/squid.logrotate Sun Nov 07 22:46:52 2010 +0100 @@ -0,0 +1,8 @@ +/var/log/squid/*.log { + copytruncate + compress + notifempty + missingok + sharedscripts +} +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/net-proxy/squid/files/squid.pam Sun Nov 07 22:46:52 2010 +0100 @@ -0,0 +1,8 @@ +#%PAM-1.0 +# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/files/squid.pam,v 1.3 2007/09/23 09:23:41 mrness Exp $ +auth required pam_nologin.so +auth include system-auth +account include system-auth +password include system-auth +session optional pam_limits.so +session include system-auth
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/net-proxy/squid/squid-3.1.9.ebuild Sun Nov 07 22:46:52 2010 +0100 @@ -0,0 +1,214 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/squid-3.1.8.ebuild,v 1.9 2010/10/09 16:31:59 armin76 Exp $ + +EAPI="2" + +inherit eutils pam toolchain-funcs + +DESCRIPTION="A full-featured web proxy cache" +HOMEPAGE="http://www.squid-cache.org/" +SRC_URI="http://www.squid-cache.org/Versions/v3/3.1/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 sparc x86 ~x86-fbsd" +IUSE="caps ipv6 pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test \ + ecap icap-client \ + mysql postgres sqlite \ + zero-penalty-hit \ + pf-transparent ipf-transparent kqueue \ + elibc_uclibc kernel_linux +epoll tproxy" +RESTRICT=test + +COMMON_DEPEND="caps? ( >=sys-libs/libcap-2.16 ) + pam? ( virtual/pam ) + ldap? ( net-nds/openldap ) + kerberos? ( virtual/krb5 ) + ssl? ( dev-libs/openssl ) + sasl? ( dev-libs/cyrus-sasl ) + ecap? ( net-libs/libecap ) + selinux? ( sec-policy/selinux-squid ) + !x86-fbsd? ( logrotate? ( app-admin/logrotate ) ) + >=sys-libs/db-4 + dev-lang/perl" +DEPEND="${COMMON_DEPEND} + sys-devel/automake + sys-devel/autoconf + sys-devel/libtool + sys-apps/ed + test? ( dev-util/cppunit )" +RDEPEND="${COMMON_DEPEND} + samba? ( net-fs/samba ) + mysql? ( dev-perl/DBD-mysql ) + postgres? ( dev-perl/DBD-Pg ) + sqlite? ( dev-perl/DBD-SQLite )" + +pkg_setup() { + if grep -qs '^[[:space:]]*cache_dir[[:space:]]\+coss' "${ROOT}"etc/squid/squid.conf; then + eerror "coss store IO has been disabled by upstream due to stability issues!" + eerror "If you want to install this version, switch the store type to something else" + eerror "before attempting to install this version again." + + die "/etc/squid/squid.conf: cache_dir use a disabled store type" + fi + + if use tproxy && ! use caps; then + eerror "libcap is required by Transparent Proxy support for Netfilter TPROXY!" + eerror "Please enable caps USE flag and try again." + + die "invalid combination of USE flags" + fi + + enewgroup squid 31 + enewuser squid 31 -1 /var/cache/squid squid +} + +src_prepare() { + epatch "${FILESDIR}"/${P}-gentoo.patch + epatch "${FILESDIR}"/${P}-qafixes.patch + epatch "${FILESDIR}"/${P}-libmd5.patch + + # eautoreconf breaks lib/libLtdl/libtool script + ./bootstrap.sh || die "autoreconf failed" +} + +src_configure() { + local myconf="" + + local basic_modules="getpwnam,NCSA,MSNT" + use samba && basic_modules="SMB,multi-domain-NTLM,${basic_modules}" + use ldap && basic_modules="LDAP,${basic_modules}" + use pam && basic_modules="PAM,${basic_modules}" + use sasl && basic_modules="SASL,${basic_modules}" + use nis && ! use elibc_uclibc && basic_modules="YP,${basic_modules}" + use radius && basic_modules="squid_radius_auth,${basic_modules}" + if use mysql || use postgres || use sqlite ; then + basic_modules="DB,${basic_modules}" + fi + + local digest_modules="password" + use ldap && digest_modules="ldap,${digest_modules}" + + local ext_helpers="ip_user,session,unix_group" + use samba && ext_helpers="wbinfo_group,${ext_helpers}" + use ldap && ext_helpers="ldap_group,${ext_helpers}" + + local ntlm_helpers="fakeauth" + use samba && ntlm_helpers="smb_lm,${ntlm_helpers}" + + local negotiate_helpers= + if use kerberos; then + negotiate_helpers="squid_kerb_auth" + has_version app-crypt/mit-krb5 \ + && myconf="--enable-mit --disable-heimdal" \ + || myconf="--disable-mit --enable-heimdal" + fi + + # coss support has been disabled + # If it is re-enabled again, make sure you don't enable it for elibc_uclibc (#61175) + myconf="${myconf} --enable-storeio=ufs,diskd,aufs" + + if use kernel_linux; then + myconf="${myconf} --enable-linux-netfilter + $(use_enable tproxy linux-tproxy) + $(use_enable epoll)" + elif use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then + myconf="${myconf} $(use_enable kqueue)" + if use pf-transparent; then + myconf="${myconf} --enable-pf-transparent" + elif use ipf-transparent; then + myconf="${myconf} --enable-ipf-transparent" + fi + fi + + export CC=$(tc-getCC) + + econf \ + --sysconfdir=/etc/squid \ + --libexecdir=/usr/libexec/squid \ + --localstatedir=/var \ + --with-pidfile=/var/run/squid.pid \ + --datadir=/usr/share/squid \ + --with-logdir=/var/log/squid \ + --with-default-user=squid \ + --enable-auth="basic,digest,negotiate,ntlm" \ + --enable-removal-policies="lru,heap" \ + --enable-digest-auth-helpers="${digest_modules}" \ + --enable-basic-auth-helpers="${basic_modules}" \ + --enable-external-acl-helpers="${ext_helpers}" \ + --enable-ntlm-auth-helpers="${ntlm_helpers}" \ + --enable-negotiate-auth-helpers="${negotiate_helpers}" \ + --enable-useragent-log \ + --enable-cache-digests \ + --enable-delay-pools \ + --enable-referer-log \ + --enable-arp-acl \ + --with-large-files \ + --with-filedescriptors=8192 \ + --disable-strict-error-checking \ + $(use_enable caps) \ + $(use_enable ipv6) \ + $(use_enable snmp) \ + $(use_enable ssl) \ + $(use_enable icap-client) \ + $(use_enable ecap) \ + $(use_enable zero-penalty-hit zph-qos) \ + ${myconf} || die "econf failed" +} + +src_install() { + emake DESTDIR="${D}" install || die "emake install failed" + + # need suid root for looking into /etc/shadow + fowners root:squid /usr/libexec/squid/ncsa_auth + fowners root:squid /usr/libexec/squid/pam_auth + fperms 4750 /usr/libexec/squid/ncsa_auth + fperms 4750 /usr/libexec/squid/pam_auth + + # some cleanups + rm -f "${D}"/usr/bin/Run* + + dodoc CONTRIBUTORS CREDITS ChangeLog QUICKSTART SPONSORS doc/*.txt \ + helpers/ntlm_auth/no_check/README.no_check_ntlm_auth + newdoc helpers/basic_auth/SMB/README README.auth_smb + dohtml helpers/basic_auth/MSNT/README.html RELEASENOTES.html + newdoc helpers/basic_auth/LDAP/README README.auth_ldap + doman helpers/basic_auth/LDAP/*.8 + dodoc helpers/basic_auth/SASL/squid_sasl_auth* + + newpamd "${FILESDIR}/squid.pam" squid + newconfd "${FILESDIR}/squid.confd" squid + if use logrotate; then + newinitd "${FILESDIR}/squid.initd-logrotate" squid + insinto /etc/logrotate.d + newins "${FILESDIR}/squid.logrotate" squid + else + newinitd "${FILESDIR}/squid.initd" squid + exeinto /etc/cron.weekly + newexe "${FILESDIR}/squid.cron" squid.cron + fi + + rm -rf "${D}"/var + diropts -m0755 -o squid -g squid + keepdir /var/cache/squid /var/log/squid +} + +pkg_postinst() { + echo + ewarn "Squid authentication helpers have been installed suid root." + ewarn "This allows shadow based authentication (see bug #52977 for more)." + echo + ewarn "Be careful what type of cache_dir you select!" + ewarn " 'diskd' is optimized for high levels of traffic, but it might seem slow" + ewarn "when there isn't sufficient traffic to keep squid reasonably busy." + ewarn " If your traffic level is low to moderate, use 'aufs' or 'ufs'." + echo + ewarn "Squid can be configured to run in transparent mode like this:" + ewarn " ${HILITE}http_port internal-addr:3128 transparent${NORMAL}" + if use zero-penalty-hit; then + echo + ewarn "In order for zph_preserve_miss_tos to work, you will have to alter your kernel" + ewarn "with the patch that can be found on http://zph.bratcheda.org site." + fi +}