kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

www/squid: Upgrade version 2.7.9 => 3.4.7

Browse source 
From now on, there will only be one squid port, this one.  Squid33 has
been deprecated and will expire on 31 JAN 2015.

PR:		192828
Submitted by:	timp87 (gmail)
Contributions:	takefu (airport.fm), Dennis Glatting
This commit is contained in:
John Marino 2014-09-16 12:29:19 +00:00
parent 203d558d69
commit e24475de2e
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=368307
20 changed files with 2661 additions and 1228 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

630
www/squid/Makefile
View file

@ -1,450 +1,340 @@
# Created by: Adrian Chadd <adrian@FreeBSD.org>
# $FreeBSD$
# Tunables not (yet) configurable via 'make config':
# SQUID_{U,G}ID
# Which user/group Squid should run as (default: squid/squid).
# The user and group will be created if they do not already exist using
# a uid:gid of 100:100.
# NOTE: older versions of Squid defaulted to nobody/nogroup.
# If you wish to run Squid as "nobody" (which is not recommended), please
# define SQUID_UID=nobody and SQUID_GID=nogroup in your make environment
# before you start the update or installation of this port.
#
# SQUID_LANGUAGES
# A list of languages for which error page files should be installed
# (default: all)
#
# E.g. use `make SQUID_LANGUAGES="English French"' if you want to
# install the files for these languages only.
# Use `make -VSQUID_LANGUAGES' or scroll down to this variable's
# definition to see which values are valid.
#
# SQUID_DEFAULT_LANG
# If you define SQUID_LANGUAGES, select which language should be the default
# one (this variable defaults to English). This setting can be overwritten
# with squid.conf's error_directory directive.
#
# SQUID_CONFIGURE_ARGS
# Additional configuration options.
#
# To enable them, use e.g
# `make SQUID_CONFIGURE_ARGS="--enable-dlmalloc --enable-truncate" install'
#
# The list below may be incomplete, please see the configure script
# in the Squid source distribution for the complete list of additional
# options.
# Note that you probably do not need to worry about these options in most
# cases, they are included in case you want to experiment with them.
#
# --enable-dlmalloc
# Compile and use the malloc package from Doug Lea
# --enable-gnuregex
# Compile and use the supplied GNUregex routines instead of BSD regex
# (not recommended).
# --enable-xmalloc-statistics
# Show malloc statistics in status page
# --enable-cachemgr-hostname=some.hostname
# Set an explicit hostname in cachemgr.cgi
# --enable-truncate
# Use truncate() rather than unlink()
# --disable-unlinkd
# Do not use "unlinkd"
# --with-aufs-threads=N_THREADS
# Tune the number of worker threads for the aufs object
# --with-coss-membuf-size
# COSS membuf size (default: 1048576 bytes)
# --with-maxfd=N
# Override the maximum number of filedescriptors. Useful if you
# build as another user who is not privileged to use the amount
# of filedescriptors the resulting binary is expected to support.
# --enable-ntlm-fail-open
# Enable NTLM fail open, where a helper that fails one of the
# Authentication steps can allow Squid to still authenticate the user
# --enable-x-accelerator-vary
# Enable support for the X-Accelerator-Vary HTTP header. Can be used
# to indicate variance within an accelerator setup. Typically used
# together with other code that adds custom HTTP headers to the
# requests.
# --enable-forward-log
# Enable experimental forward_log directive.
# --enable-multicast-miss
# Enable experimental multicast notification of cachemisses.
#
PORTNAME= squid
PORTVERSION= 2.7.${SQUID_STABLE_VER}
PORTREVISION= 5
CATEGORIES= www
MASTER_SITES= ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \
http://mirrors.ccs.neu.edu/Squid/ \
ftp://ftp.fu-berlin.de/unix/www/squid/squid/ \
ftp://ftp.nl.uu.net/pub/unix/www/squid/ \
ftp://ftp.solnet.ch/mirror/squid/ \
ftp://ftp.ntua.gr/pub/www/Squid/squid/ \
http://mirror.aarnet.edu.au/pub/squid/squid/ \
${MASTER_SITE_RINGSERVER:S,%SUBDIR%,net/www/squid,} \
http://www.squid-cache.org/Versions/v2/2.7/ \
http://www2.us.squid-cache.org/Versions/v2/2.7/ \
http://www1.at.squid-cache.org/Versions/v2/2.7/ \
http://www2.de.squid-cache.org/Versions/v2/2.7/ \
http://www.eu.squid-cache.org/Versions/v2/2.7/ \
http://www1.ie.squid-cache.org/Versions/v2/2.7/ \
http://www1.jp.squid-cache.org/Versions/v2/2.7/ \
http://www2.tw.squid-cache.org/Versions/v2/2.7/
PORTVERSION= 3.4.7
CATEGORIES= www ipv6
MASTER_SITES= http://www.squid-cache.org/Versions/v3/${PORTVERSION:R}/ \
http://www2.us.squid-cache.org/Versions/v3/${PORTVERSION:R}/ \
http://www1.at.squid-cache.org/Versions/v3/${PORTVERSION:R}/ \
http://www.eu.squid-cache.org/Versions/v3/${PORTVERSION:R}/ \
http://www1.jp.squid-cache.org/Versions/v3/${PORTVERSION:R}/
MASTER_SITE_SUBDIR= squid
DISTNAME= squid-2.7.STABLE${SQUID_STABLE_VER}
DIST_SUBDIR= squid2.7
DIST_SUBDIR= squid3.4
PATCH_SITES= http://www.squid-cache.org/%SUBDIR%/ \
http://www2.us.squid-cache.org/%SUBDIR%/ \
http://www1.at.squid-cache.org/%SUBDIR%/ \
http://www2.de.squid-cache.org/%SUBDIR%/ \
http://www.eu.squid-cache.org/%SUBDIR%/ \
http://www1.ie.squid-cache.org/%SUBDIR%/ \
http://www1.jp.squid-cache.org/%SUBDIR%/ \
http://www2.tw.squid-cache.org/%SUBDIR%/
PATCH_SITE_SUBDIR= Versions/v2/2.7/changesets
#PATCH_DIST_STRIP= -p1
PATCHFILES= SQUID-2012_1.patch
http://master.squid-cache.org/~amosjeffries/patches/:nosid
PATCH_SITE_SUBDIR= Versions/v3/${PORTVERSION:R}/changesets
#PATCHFILES=
MAINTAINER= ports@FreeBSD.org
COMMENT= HTTP Caching Proxy
DEPRECATED= Reach EOL on 14 Aug 2012
EXPIRATION_DATE=2014-09-15
LICENSE= GPLv2
LICENSE_FILE= ${WRKSRC}/COPYING
SQUID_STABLE_VER= 9
CONFLICTS_INSTALL= squid33-*
CONFLICTS_INSTALL= squid-2.[^7]* squid3?-* cacheboy-[0-9]* lusca-head-[0-9]*
USES= perl5 shebangfix tar:bzip2
SHEBANG_FILES= scripts/*.pl \
src/mk-globals-c.pl \
src/mk-string-arrays.pl \
contrib/rredir.pl \
contrib/user-agents.pl \
contrib/url-normalizer.pl \
helpers/basic_auth/multi-domain-NTLM/smb_auth.pl \
helpers/basic_auth/POP3/pop3.pl \
helpers/ntlm_auth/no_check/no_check.pl \
helpers/external_acl/wbinfo_group/wbinfo_group.pl
USES= perl5 tar:xz shebangfix
SHEBANG_FILES= scripts/*.pl contrib/*.pl src/*.pl tools/*.pl \
helpers/external_acl/kerberos_ldap_group/cert_tool \
helpers/ssl/cert_valid.pl
GNU_CONFIGURE= yes
USE_RC_SUBR= squid
SQUID_UID?= squid
SQUID_GID?= squid
USERS= squid
GROUPS= squid
MAN8= cachemgr.cgi.8 squid.8
docs= QUICKSTART README RELEASENOTES.html doc/debug-sections.txt
PORTDOCS= ${docs:T}
PORTEXAMPLES= passwd.sql
SUB_FILES+= pkg-deinstall pkg-install pkg-message
SUB_LIST+= SQUID_UID=${SQUID_UID} SQUID_GID=${SQUID_GID}
MYDOCS= QUICKSTART README RELEASENOTES.html doc/debug-sections.txt
PORTDOCS= ${MYDOCS:T}
PORTEXAMPLES= *
SUB_FILES+= pkg-install pkg-message
OPTIONS_DEFINE= KERB_AUTH LDAP_AUTH NIS_AUTH SASL_AUTH DELAY_POOLS SNMP CARP \
SSL PINGER DNS_HELPER HTCP VIA_DB CACHE_DIGESTS WCCP WCCPV2 \
STRICT_HTTP IDENT REFERER_LOG USERAGENT_LOG ARP_ACL PF IPFILTER \
FOLLOW_XFF AUFS COSS KQUEUE LARGEFILE STACKTRACES
OPTIONS_DEFAULT= KERB_AUTH NIS_AUTH CARP WCCP IDENT KQUEUE
KERB_AUTH_DESC= Install Kerberos authentication helpers
LDAP_AUTH_DESC= Install LDAP authentication helpers
NIS_AUTH_DESC= Install NIS/YP authentication helpers
SASL_AUTH_DESC= Install SASL authentication helpers
DELAY_POOLS_DESC= Enable delay pools
SNMP_DESC= Enable SNMP support
CARP_DESC= Enable CARP support
SSL_DESC= Enable SSL support for reverse proxies
PINGER_DESC= Install the icmp helper
DNS_HELPER_DESC= Use the old 'dnsserver' helper
HTCP_DESC= Enable HTCP support
VIA_DB_DESC= Enable forward/via database
CACHE_DIGESTS_DESC= Enable cache digests
WCCP_DESC= Enable Web Cache Coordination Prot. v1
WCCPV2_DESC= Enable Web Cache Coordination Prot. v2
STRICT_HTTP_DESC= Be strictly HTTP compliant
IDENT_DESC= Enable ident (RFC 931) lookups
REFERER_LOG_DESC= Enable Referer-header logging
USERAGENT_LOG_DESC= Enable User-Agent-header logging
ARP_ACL_DESC= Enable ACLs based on ethernet address
PF_DESC= Enable transparent proxying with PF
IPFILTER_DESC= Enable transp. proxying with IPFilter
FOLLOW_XFF_DESC= Follow X-Forwarded-For headers
AUFS_DESC= Enable the aufs storage scheme
COSS_DESC= Enable the COSS storage scheme
KQUEUE_DESC= Use kqueue(2) instead of poll(2)
LARGEFILE_DESC= Support log and cache files >2GB
STACKTRACES_DESC= Create backtraces on fatal errors
OPTIONS_SUB= yes
OPTIONS_DEFINE= ARP_ACL AUTH_KERB AUTH_LDAP AUTH_NIS AUTH_SASL AUTH_SMB \
AUTH_SQL \
CACHE_DIGESTS DEBUG DELAY_POOLS DNS_HELPER ECAP ESI \
FOLLOW_XFF FS_AUFS HTCP ICAP ICMP IDENT IPV6 KQUEUE \
LARGEFILE SNMP SSL SSL_CRTD STACKTRACES LAX_HTTP \
TP_IPF TP_IPFW TP_PF VIA_DB WCCP WCCPV2 DOCS EXAMPLES
etc_files= squid/cachemgr.conf.default \
squid/mib.txt squid/mime.conf.default \
squid/msntauth.conf.default squid/squid.conf.default
# Note: FS_FCOSS was removed from OPTIONS, it is broken and only experimentel
#OPTIONS_DEFINE+= FS_COSS
icon_files= anthony-binhex.gif anthony-bomb.gif anthony-box.gif \
anthony-box2.gif anthony-c.gif anthony-compressed.gif \
anthony-dir.gif anthony-dirup.gif anthony-dvi.gif \
anthony-f.gif anthony-image.gif anthony-image2.gif \
anthony-layout.gif anthony-link.gif anthony-movie.gif \
anthony-pdf.gif anthony-portal.gif anthony-ps.gif \
anthony-quill.gif anthony-script.gif anthony-sound.gif \
anthony-tar.gif anthony-tex.gif anthony-text.gif \
anthony-unknown.gif anthony-xbm.gif anthony-xpm.gif
OPTIONS_DEFAULT=AUTH_KERB AUTH_NIS FS_AUFS HTCP IDENT KQUEUE SNMP WCCP WCCPV2
error_files= ERR_ACCESS_DENIED ERR_CACHE_ACCESS_DENIED \
ERR_CACHE_MGR_ACCESS_DENIED ERR_CANNOT_FORWARD \
ERR_CONNECT_FAIL ERR_DNS_FAIL ERR_FORWARDING_DENIED \
ERR_FTP_DISABLED ERR_FTP_FAILURE ERR_FTP_FORBIDDEN \
ERR_FTP_NOT_FOUND ERR_FTP_PUT_CREATED \
ERR_FTP_PUT_ERROR ERR_FTP_PUT_MODIFIED ERR_FTP_UNAVAILABLE \
ERR_INVALID_REQ ERR_INVALID_RESP ERR_INVALID_URL \
ERR_LIFETIME_EXP ERR_NO_RELAY ERR_ONLY_IF_CACHED_MISS \
ERR_READ_ERROR ERR_READ_TIMEOUT ERR_SHUTTING_DOWN \
ERR_SOCKET_FAILURE ERR_TOO_BIG ERR_UNSUP_REQ \
ERR_URN_RESOLVE ERR_WRITE_ERROR ERR_ZERO_SIZE_OBJECT
ARP_ACL_CONFIGURE_ENABLE= eui
AUTH_LDAP_CFLAGS= -I${LOCALBASE}/include
AUTH_LDAP_LDFLAGS= -L${LOCALBASE}/lib
AUTH_LDAP_USE= OPENLDAP=yes
AUTH_SASL_CFLAGS= -I${LOCALBASE}/include
AUTH_SASL_CPPFLAGS= -I${LOCALBASE}/include
AUTH_SASL_LDFLAGS= -L${LOCALBASE}/lib
AUTH_SASL_LIB_DEPENDS= libsasl2.so:${PORTSDIR}/security/cyrus-sasl2
AUTH_SMB_BUILD_DEPENDS= smbclient:${PORTSDIR}/net/samba36
AUTH_SMB_RUN_DEPENDS= smbclient:${PORTSDIR}/net/samba36
AUTH_SQL_RUN_DEPENDS= p5-DBD-mysql>=0:${PORTSDIR}/databases/p5-DBD-mysql
AUTH_SQL_USE= MYSQL=yes
CACHE_DIGESTS_CONFIGURE_ENABLE= cache-digests
DELAY_POOLS_CONFIGURE_ENABLE= delay-pools
DNS_HELPER_CONFIGURE_ON= --disable-internal-dns
ECAP_CFLAGS= -I${LOCALBASE}/include
ECAP_CONFIGURE_ENABLE= ecap
ECAP_LDFLAGS= -L${LOCALBASE}/lib
ECAP_LIB_DEPENDS= libecap.so:${PORTSDIR}/www/libecap
ECAP_USES= pkgconfig:build
ESI_CFLAGS= -I${LOCALBASE}/include -I${LOCALBASE}/include/libxml2
ESI_CONFIGURE_ENABLE= esi
ESI_LDFLAGS= -L${LOCALBASE}/lib
ESI_LIB_DEPENDS= libexpat.so:${PORTSDIR}/textproc/expat2 \
libxml2.so:${PORTSDIR}/textproc/libxml2
FOLLOW_XFF_CONFIGURE_ENABLE= follow-x-forwarded-for
HTCP_CONFIGURE_ENABLE= htcp
ICAP_CONFIGURE_ENABLE= icap-client
ICMP_CONFIGURE_ENABLE= icmp
IDENT_CONFIGURE_ENABLE= ident-lookups
IPV6_CONFIGURE_ENABLE= ipv6
KQUEUE_CONFIGURE_ENABLE= kqueue
LARGEFILE_CONFIGURE_WITH= large-files
LAX_HTTP_CONFIGURE_ENABLE= http-violations
SNMP_CONFIGURE_ENABLE= snmp
SSL_CONFIGURE_ENABLE= ssl
SSL_CRTD_CONFIGURE_ENABLE= ssl-crtd
STACKTRACES_CONFIGURE_ENABLE= stacktraces
TP_IPFW_CONFIGURE_ENABLE= ipfw-transparent
TP_IPF_CONFIGURE_ENABLE= ipf-transparent
TP_PF_CONFIGURE_ENABLE= pf-transparent
VIA_DB_CONFIGURE_ENABLE= forw-via-db
WCCPV2_CONFIGURE_ENABLE= wccpv2
WCCP_CONFIGURE_ENABLE= wccp
libexec= cachemgr.cgi digest_pw_auth diskd-daemon \
ip_user_check logfile-daemon \
msnt_auth ncsa_auth ntlm_auth \
pam_auth smb_auth smb_auth.sh squid_db_auth squid_session \
squid_unix_group wbinfo_group.pl
.if !defined(SQUID_CONFIGURE_ARGS) || ${SQUID_CONFIGURE_ARGS:M*--disable-unlinkd*} == ""
libexec+= unlinkd
# TODO:
# add an option for external_acl/session (requires some kind of external
# Berkeley DB support, unsure which one)
ARP_ACL_DESC= ARP/MAC/EUI based authentification
AUTH_KERB_DESC= Install Kerberos authentication helpers
AUTH_LDAP_DESC= Install LDAP authentication helpers
AUTH_NIS_DESC= Install NIS/YP authentication helpers
AUTH_SASL_DESC= Install SASL authentication helpers
AUTH_SMB_DESC= Install SMB auth. helpers (req. Samba)
AUTH_SQL_DESC= Install SQL based auth (uses MySQL)
CACHE_DIGESTS_DESC= Use cache digests
DEBUG_DESC= Build with extended debugging support
DELAY_POOLS_DESC= Delay pools (bandwidth limiting)
DNS_HELPER_DESC= Use external dnsserver processes for DNS
ECAP_DESC= Loadable content adaptation modules (broken on FreeBSD 10+)
ESI_DESC= ESI support
FOLLOW_XFF_DESC= Support for the X-Following-For header
FS_AUFS_DESC= AUFS (async-io) support
FS_COSS_DESC= COSS (not stable yet)
HTCP_DESC= HTCP support
ICAP_DESC= the ICAP client
ICMP_DESC= ICMP pinging and network measurement
IDENT_DESC= Ident lookups (RFC 931)
KQUEUE_DESC= Kqueue(2) support
LARGEFILE_DESC= Support large (>2GB) cache and log files
SNMP_DESC= SNMP support
SSL_CRTD_DESC= Use ssl_crtd to handle SSL cert requests
SSL_DESC= SSL gatewaying support
STACKTRACES_DESC= Enable automatic backtraces on fatal errors
LAX_HTTP_DESC= Do not enforce strict HTTP compliance
TP_IPFW_DESC= Transparent proxying with IPFW
TP_IPF_DESC= Transparent proxying with IPFilter
TP_PF_DESC= Transparent proxying with PF
VIA_DB_DESC= Forward/Via database
WCCPV2_DESC= Web Cache Coordination Protocol v2
WCCP_DESC= Web Cache Coordination Protocol
change_files= ChangeLog \
contrib/nextstep/makepkg \
contrib/nextstep/post_install \
errors/Makefile.am \
errors/Makefile.in \
helpers/basic_auth/MSNT/Makefile.am \
helpers/basic_auth/MSNT/Makefile.in \
src/Makefile.am \
src/Makefile.in \
src/cf_gen.cc \
src/squid.8.in \
tools/Makefile.am \
tools/Makefile.in
.if !defined(SQUID_CONFIGURE_ARGS) \
|| ${SQUID_CONFIGURE_ARGS:M*--disable-unlinkd*} == ""
PLIST_SUB+= UNLINKD=""
.else
PLIST_SUB+= UNLINKD="@comment "
.endif
sbin= RunCache squidclient squid
CONFIGURE_ARGS= --bindir=${PREFIX}/sbin \
--sbindir=${PREFIX}/sbin \
CONFIGURE_ARGS= --with-default-user=squid \
--bindir=${PREFIX}/sbin \
--sbindir=${PREFIX}/sbin \
--datadir=${ETCDIR} \
--libexecdir=${PREFIX}/libexec/squid \
--localstatedir=/var/squid \
--localstatedir=/var \
--sysconfdir=${ETCDIR} \
--with-logdir=/var/log/squid \
--with-pidfile=/var/run/squid/squid.pid \
--with-swapdir=/var/squid/cache/squid \
--enable-auth \
--enable-build-info \
--enable-loadable-modules \
--enable-removal-policies="lru heap" \
--disable-epoll \
--disable-linux-netfilter \
--disable-linux-tproxy \
--disable-epoll
--disable-translation
.include <bsd.port.pre.mk>
.include <bsd.port.options.mk>
.if ${CC:T:Mclang*} || ${CXX:T:Mclang++*} \
|| ${OPSYS} == FreeBSD && ${OSVERSION} >= 1000024
CXXFLAGS+= -Wno-unused-private-field
.endif
# Authentication methods and modules:
basic_auth= DB NCSA PAM MSNT SMB
digest_auth= password
external_acl= ip_user session unix_group wbinfo_group
MAN8+= ncsa_auth.8 pam_auth.8 squid_db_auth.8 squid_session.8 \
squid_unix_group.8
.if ${PORT_OPTIONS:MLDAP_AUTH}
USE_OPENLDAP= yes
CFLAGS+= -I${LOCALBASE}/include
LDFLAGS+= -L${LOCALBASE}/lib
MAN8+= squid_ldap_auth.8 squid_ldap_group.8
basic_auth= DB MSNT MSNT-multi-domain NCSA PAM POP3 RADIUS fake getpwnam
digest_auth= file
external_acl= file_userip time_quota unix_group
ntlm_auth= fake smb_lm
.if ${PORT_OPTIONS:MAUTH_LDAP}
basic_auth+= LDAP
digest_auth+= ldap
external_acl+= ldap_group
libexec+= digest_ldap_auth squid_ldap_auth squid_ldap_group
external_acl+= LDAP_group
.endif
.if ${PORT_OPTIONS:MSASL_AUTH}
LIB_DEPENDS+= libsasl2.so:${PORTSDIR}/security/cyrus-sasl2
CFLAGS+= -I${LOCALBASE}/include
CPPFLAGS+= -I${LOCALBASE}/include
LDFLAGS+= -L${LOCALBASE}/lib
.if ${PORT_OPTIONS:MAUTH_SASL}
basic_auth+= SASL
libexec+= sasl_auth
.endif
.if ${PORT_OPTIONS:MAUTH_SMB}
basic_auth+= SMB
external_acl+= wbinfo_group
.endif
.if ${PORT_OPTIONS:MAUTH_SQL}
external_acl+= SQL_session
.endif
# POLA: allow the old global make.conf(5) (pre src.conf(5)) defines, too:
.if ${PORT_OPTIONS:MNIS_AUTH} && !defined(NO_NIS) && !defined(WITHOUT_NIS)
basic_auth+= YP
libexec+= yp_auth
.if ${PORT_OPTIONS:MAUTH_NIS} && !defined(NO_NIS) && !defined(WITHOUT_NIS)
basic_auth+= NIS
.endif
CONFIGURE_ARGS+= --enable-auth="basic digest negotiate ntlm" \
--enable-basic-auth-helpers="${basic_auth}" \
--enable-digest-auth-helpers="${digest_auth}" \
# POLA: allow the old global make.conf(5) (pre src.conf(5)) defines, too:
.if ${PORT_OPTIONS:MAUTH_KERB} && !defined(NO_KERBEROS) && !defined(WITHOUT_KERBEROS)
negotiate_auth= kerberos wrapper
. if ${OPSYS} == DragonFly
LIB_DEPENDS+= libkrb5.so:${PORTSDIR}/security/krb5
. endif
# the kerberos_ldap_group external helper depends on LDAP and SASL:
. if ${PORT_OPTIONS:MAUTH_LDAP} && ${PORT_OPTIONS:MAUTH_SASL}
external_acl+= kerberos_ldap_group
. endif
.else
negotiate_auth= none
.endif
CONFIGURE_ARGS+= --enable-auth-basic="${basic_auth}" \
--enable-auth-digest="${digest_auth}" \
--enable-external-acl-helpers="${external_acl}" \
--enable-ntlm-auth-helpers="SMB"
# POLA: allow the old global make.conf(5) (pre src.conf(5)) defines, too:
.if ${PORT_OPTIONS:MKERB_AUTH} && !defined(NO_KERBEROS) && !defined(WITHOUT_KERBEROS)
# XXX This currently only works with heimdal from the base system,
# see files/patch-squid_kerb_auth:
CONFIGURE_ARGS+= --enable-negotiate-auth-helpers="squid_kerb_auth"
libexec+= squid_kerb_auth
.endif
--enable-auth-negotiate="${negotiate_auth}" \
--enable-auth-ntlm="${ntlm_auth}"
# Storage schemes:
storage_schemes= diskd rock ufs
diskio_modules= AIO Blocking DiskDaemon IpcIo Mmapped
storage_schemes= ufs diskd null
.if ${PORT_OPTIONS:MAUFS}
.if ${PORT_OPTIONS:MFS_AUFS}
storage_schemes+= aufs
.if ${OSVERSION}<700055
# Only document libmap.conf for releases where it may be needed to
# switch from libpthread (aka libkse) to libthr:
EXTRA_PATCHES+= ${PATCHDIR}/extra-patch-src-cf.data.pre.aufs
diskio_modules+= DiskThreads
# Nil aufs threads is default, set any other value via SQUID_CONFIGURE_ARGS,
# e.g. SQUID_CONFIGURE_ARGS=--with-aufs-threads=N
LDFLAGS+= -pthread
.else
CONFIGURE_ARGS+= --without-pthreads
.endif
# Nil aufs threads is default, set any other value via SQUID_CONFIGURE_ARGS
CONFIGURE_ARGS+= --with-pthreads
.endif
.if ${PORT_OPTIONS:MCOSS}
.if ${PORT_OPTIONS:MFS_COSS}
BROKEN= FS_COSS does not compile
storage_schemes+= coss
.if ! ${PORT_OPTIONS:MAUFS}
# use Posix AIO instead of aufs' AIO; note that you then need the kernel to
# supply AIO support, either by loading the aio(4) module (n/a on 4.x) or by
# adding the option VFS_AIO to your kernel configuration if you want to
# actually use COSS storage:
CONFIGURE_ARGS+= --enable-coss-aio-ops
.endif
sbin+= cossdump
.endif
CONFIGURE_ARGS+= --enable-storeio="${storage_schemes}"
CONFIGURE_ARGS+= --enable-storeio="${storage_schemes}" \
--enable-disk-io="${diskio_modules}"
# Log daemon helpers:
logdaemon_helpers= file
CONFIGURE_ARGS+= --enable-log-daemon-helpers="${logdaemon_helpers}"
# URL rewrite helpers:
url_rewrite_helpers= fake
CONFIGURE_ARGS+= --enable-url-rewrite-helpers="${url_rewrite_helpers}"
# Storeid rewrite helpers:
storeid_rewrite_helpers= file
CONFIGURE_ARGS+= --enable-storeid-rewrite-helpers="${storeid_rewrite_helpers}"
# Other options set via 'make config':
.if ${PORT_OPTIONS:MDELAY_POOLS}
CONFIGURE_ARGS+= --enable-delay-pools
.endif
.if ${PORT_OPTIONS:MSNMP}
CONFIGURE_ARGS+= --enable-snmp
.endif
.if ! ${PORT_OPTIONS:MCARP}
CONFIGURE_ARGS+= --disable-carp
.endif
.if ${PORT_OPTIONS:MSSL}
# we need to .include bsd.openssl.mk manually here.because USE_OPENSSL only
# works when it is defined before bsd.port{.pre}.mk is .included.
# This makes it currently impossible to combine this macro with OPTIONS to
# conditionally include OpenSSL support.
# XXX: is this still true with OptionsNG as of 2014-09?
#.include "${.CURDIR}/../../Mk/bsd.openssl.mk"
.include "${PORTSDIR}/Mk/bsd.openssl.mk"
CONFIGURE_ARGS+= --enable-ssl \
--with-openssl="${OPENSSLBASE}"
CFLAGS+= -I${OPENSSLINC}
LDFLAGS+= -L${OPENSSLLIB}
CONFIGURE_ARGS+= --with-openssl="${OPENSSLBASE}"
CFLAGS+= -I${OPENSSLINC}
LDFLAGS+= -L${OPENSSLLIB}
.endif
.if ${PORT_OPTIONS:MPINGER}
CONFIGURE_ARGS+= --enable-icmp
libexec+= pinger
.if ${PORT_OPTIONS:MECAP}
.if ${OPSYS} == FreeBSD && ${OSVERSION} > 1000000
# re-evaluate on FreeBSD 10+ with the next release
# http://www.squid-cache.org/mail-archive/squid-users/201402/0324.html
BROKEN= ECAP and clang are not friendly
.endif
.if ${PORT_OPTIONS:MDNS_HELPER}
CONFIGURE_ARGS+= --disable-internal-dns
libexec+= dnsserver
.endif
.if ${PORT_OPTIONS:MHTCP}
CONFIGURE_ARGS+= --enable-htcp
.endif
.if ${PORT_OPTIONS:MVIA_DB}
CONFIGURE_ARGS+= --enable-forw-via-db
.endif
.if ${PORT_OPTIONS:MCACHE_DIGESTS}
CONFIGURE_ARGS+= --enable-cache-digests
.endif
.if ! ${PORT_OPTIONS:MWCCP}
CONFIGURE_ARGS+= --disable-wccp
.endif
.if ${PORT_OPTIONS:MWCCPV2}
CONFIGURE_ARGS+= --enable-wccpv2
.endif
.if ${PORT_OPTIONS:MSTRICT_HTTP}
CONFIGURE_ARGS+= --disable-http-violations
.endif
.if ! ${PORT_OPTIONS:MIDENT}
CONFIGURE_ARGS+= --disable-ident-lookups
.endif
.if ${PORT_OPTIONS:MREFERER_LOG}
CONFIGURE_ARGS+= --enable-referer-log
.endif
.if ${PORT_OPTIONS:MUSERAGENT_LOG}
CONFIGURE_ARGS+= --enable-useragent-log
.endif
.if ${PORT_OPTIONS:MARP_ACL}
CONFIGURE_ARGS+= --enable-arp-acl
.endif
.if ${PORT_OPTIONS:MPF}
CONFIGURE_ARGS+= --enable-pf-transparent
.endif
.if ${PORT_OPTIONS:MIPFILTER}
CONFIGURE_ARGS+= --enable-ipf-transparent
.endif
.if ${PORT_OPTIONS:MFOLLOW_XFF}
CONFIGURE_ARGS+= --enable-follow-x-forwarded-for
.endif
.if ${PORT_OPTIONS:MICAP}
IGNORE= does not have working ICAP support anymore -- please use Squid 3.x if you need ICAP. Please remove WITH_SQUID_ICAP from your make environment
.endif
.if ! ${PORT_OPTIONS:MKQUEUE}
CONFIGURE_ARGS+= --disable-kqueue
.endif
.if ${PORT_OPTIONS:MLARGEFILE}
CONFIGURE_ARGS+= --with-large-files --enable-large-cache-files
LIB_DEPENDS+= libecap.so:${PORTSDIR}/www/libecap
CFLAGS+= -I${LOCALBASE}/include
LDFLAGS+= -L${LOCALBASE}/lib
.endif
.if ${PORT_OPTIONS:MSTACKTRACES}
CONFIGURE_ARGS+= --enable-stacktraces
CFLAGS+= -g
STRIP=
.endif
# Languages:
#
# If you do not define SQUID_LANGUAGES yourself, all available language files
# will be installed; the default language will be English.
SQUID_LANGUAGES?= Armenian Azerbaijani Bulgarian Catalan Czech Danish \
Dutch English Estonian Finnish French German Greek \
Hebrew Hungarian Italian Japanese Korean Lithuanian \
Polish Portuguese Romanian Russian-1251 Russian-koi8-r \
Serbian Simplify_Chinese Slovak Spanish Swedish \
Traditional_Chinese Turkish Ukrainian-1251 \
Ukrainian-koi8-u Ukrainian-utf8
SQUID_DEFAULT_LANG?= English
CONFIGURE_ARGS+= --enable-err-languages="${SQUID_LANGUAGES}" \
--enable-default-err-language=${SQUID_DEFAULT_LANG}
.if ${PORT_OPTIONS:MDEBUG} || defined(WITH_DEBUG)
CONFIGURE_ARGS+= --disable-optimizations --enable-debug-cbdata
WITH_DEBUG?= yes
.endif
# Finally, add additional user specified configuration options:
CONFIGURE_ARGS+= ${SQUID_CONFIGURE_ARGS}
CONFIGURE_ENV+= GREP="${GREP}"
PLIST_DIRS= %%ETCDIR%%/icons libexec/squid
PLIST_FILES= ${etc_files:S,^,etc/,} ${icon_files:S,^,%%ETCDIR%%/icons/,} \
${libexec:S,^,libexec/squid/,} ${sbin:S,^,sbin/,}
PLIST_FILES+= man/man8/cachemgr.cgi.8.gz \
man/man8/ncsa_auth.8.gz \
man/man8/pam_auth.8.gz \
man/man8/squid.8.gz \
man/man8/squid_db_auth.8.gz \
man/man8/squid_session.8.gz \
man/man8/squid_unix_group.8.gz \
%%ETCDIR%%/cachemgr.conf \
%%ETCDIR%%/mime.conf \
%%ETCDIR%%/msntauth.conf \
%%ETCDIR%%/squid.conf
.for d in ${SQUID_LANGUAGES}
PLIST_DIRS+= %%ETCDIR%%/errors/${d}
PLIST_FILES+= ${error_files:S,^,%%ETCDIR%%/errors/${d}/,}
.endfor
PLIST_DIRS+= %%ETCDIR%%/errors
PLIST_DIRSTRY+= %%ETCDIR%% /var/squid/logs /var/squid
post-patch:
@${REINPLACE_CMD} -e 's|%%SQUID_UID%%|${SQUID_UID}|g' \
-e 's|%%SQUID_GID%%|${SQUID_GID}|g' \
-e 's|%%PREFIX%%|${PREFIX}|g' ${WRKSRC}/src/cf.data.pre
@${REINPLACE_CMD} -e 's|%%LOCALBASE%%|${LOCALBASE}|g' \
${WRKSRC}/helpers/basic_auth/SMB/Makefile.in \
${WRKSRC}/helpers/basic_auth/SMB/smb_auth.sh
# Prevent installation of .orig files by deleting them.
@${FIND} ${WRKSRC} -name '*.bak' -delete
@${FIND} ${WRKSRC} -name '*.orig' -delete
@${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|g' \
${WRKSRC}/src/cf.data.pre
@(cd ${WRKSRC} && ${REINPLACE_CMD} \
-e 's|\.conf\.default|.conf.sample|' \
-e 's|)\.default|).sample|' \
${change_files})
@(cd ${WRKSRC} && ${MV} helpers/basic_auth/MSNT/msntauth.conf.default \
helpers/basic_auth/MSNT/msntauth.conf.sample)
@(cd ${WRKSRC} && ${MV} src/mime.conf.default src/mime.conf.sample)
.if !${PORT_OPTIONS:MIPV6}
@${REINPLACE_CMD} -e's/ ::1//' -e's/ fc00::\/7//' \
-e's/ fe80::\/10//' -e's/ 2001:DB8::2//' \
-e's/ 2001:DB8::a:0\/64//' \
-e'/tcp_outgoing_address 2001:db8::c001 good_service_net/d' \
-e'/tcp_outgoing_address 2001:db8::beef normal_service_net/d' \
-e'/tcp_outgoing_address 2001:db8::1/d' \
${WRKSRC}/src/cf.data.pre
.endif
post-install:
.if ${PORT_OPTIONS:MEXAMPLES}
@${MKDIR} ${STAGEDIR}${EXAMPLESDIR}
${INSTALL_DATA} ${WRKSRC}/helpers/basic_auth/DB/passwd.sql \
${STAGEDIR}${EXAMPLESDIR}
.endif
.if ${PORT_OPTIONS:MPINGER}
${CHMOD} 4510 ${STAGEDIR}${PREFIX}/libexec/squid/pinger; \
${CHGRP} ${SQUID_GID} ${STAGEDIR}${PREFIX}/libexec/squid/pinger
.endif
.if ${PORT_OPTIONS:MDOCS}
@${MKDIR} ${STAGEDIR}${DOCSDIR}
cd ${WRKSRC} && ${INSTALL_DATA} ${docs} ${STAGEDIR}${DOCSDIR}
.endif
(cd ${WRKSRC} && ${INSTALL_DATA} ${MYDOCS} ${STAGEDIR}${DOCSDIR})
${MKDIR} ${STAGEDIR}/var/squid/logs
.include <bsd.port.post.mk>
.include <bsd.port.mk>

6
www/squid/distinfo
View file

@ -1,4 +1,2 @@
SHA256 (squid2.7/squid-2.7.STABLE9.tar.bz2) = c0bdfcb5bb68debc1c9441308178bf148c67979b824c892a4710dc80a5b05d5e
SIZE (squid2.7/squid-2.7.STABLE9.tar.bz2) = 1351366
SHA256 (squid2.7/SQUID-2012_1.patch) = a456ed7a45fbecd94a4c68c0e72905135c4424c41c01ab858dc8c5760ee03a6f
SIZE (squid2.7/SQUID-2012_1.patch) = 4804
SHA256 (squid3.4/squid-3.4.7.tar.xz) = cc40a3cccdcdfc11269ea969e658d99e3ef2202999b78aa01a647a6bc71759ee
SIZE (squid3.4/squid-3.4.7.tar.xz) = 2158672

20
www/squid/files/extra-patch-src-cf.data.pre.aufs
View file

@ -1,20 +0,0 @@
--- src/cf.data.pre.orig Wed Nov 1 15:12:02 2006
+++ src/cf.data.pre Wed Nov 1 15:12:17 2006
@@ -1097,6 +1100,17 @@
see argument descriptions under ufs above
+ Note:
+ By default, FreeBSD uses the pthread(3) M:N threading library.
+ You can, however, map the thread library to the 1:1 libthr(3)
+ implementation by inserting the following lines into
+ /etc/libmap.conf and see whether this performs better on your
+ system:
+
+ [%%PREFIX%%/sbin/squid]
+ libpthread.so.1 libthr.so.1
+ libpthread.so.2 libthr.so.2
+
The diskd store type:
"diskd" uses the same storage format as "ufs", utilizing a

28
www/squid/files/patch-compat_Makefile.in Normal file
View file

@ -0,0 +1,28 @@
--- compat/Makefile.in.orig 2013-12-30 04:33:49.000000000 -0700
+++ compat/Makefile.in 2014-01-27 00:05:25.000000000 -0700
@@ -113,7 +113,8 @@
libcompat_squid_la_DEPENDENCIES = $(LIBOBJS)
am_libcompat_squid_la_OBJECTS = assert.lo compat.lo debug.lo \
eui64_aton.lo GnuRegex.lo shm.lo strnstr.lo strnrchr.lo \
- xalloc.lo xstrerror.lo xstring.lo xstrto.lo mswindows.lo
+ xalloc.lo xstrerror.lo xstring.lo xstrto.lo mswindows.lo \
+ strlen.lo
libcompat_squid_la_OBJECTS = $(am_libcompat_squid_la_OBJECTS)
am_testPreCompiler_OBJECTS = testPreCompiler.$(OBJEXT) \
testMain.$(OBJEXT)
@@ -401,6 +402,7 @@
getnameinfo.h \
GnuRegex.c \
GnuRegex.h \
+ strlen.c \
inet_ntop.h \
inet_pton.h \
initgroups.h \
@@ -539,6 +541,7 @@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/shm.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strnrchr.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strnstr.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strlen.Plo@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/testMain.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/testPreCompiler.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xalloc.Plo@am__quote@

31
www/squid/files/patch-compat_strlen.c Normal file
View file

@ -0,0 +1,31 @@
--- compat/strlen.c.orig 2014-01-26 23:28:26.000000000 -0700
+++ compat/strlen.c 2014-01-26 23:33:01.000000000 -0700
@@ -0,0 +1,28 @@
+/* Dennis Glatting
+ January 2014
+
+ Various places within Squid call strlen() with a NULL pointer,
+ which causes a SIGSEV on FreeBSD. This is a simple, dumb
+ replacement that first checks for a NULL pointer before counting
+ the string's length. In the case of a NULL pointer, the string's
+ length is 0.
+
+ */
+
+
+#include "squid.h"
+#include <string.h>
+
+size_t
+strlen( const char* s ) {
+
+ size_t c = 0;
+
+ if( s == NULL )
+ return 0;
+
+ while( *s++ )
+ ++c;
+
+ return c;
+}

22
www/squid/files/patch-configure
View file

@ -1,19 +1,11 @@
Patch for Squid bug 2203:
--with-maxfd inadvertently unsets LDFLAGS.
--- configure.orig 2009-02-05 19:27:06.000000000 +0100
+++ configure 2009-02-05 19:27:59.000000000 +0100
@@ -27810,11 +27810,12 @@
--- configure.orig 2014-06-25 18:43:23.000000000 +0400
+++ configure 2014-08-18 14:46:23.000000000 +0400
@@ -31752,6 +31752,8 @@
fi
+TLDFLAGS="$LDFLAGS"
+LIBOBJS="$LIBOBJS strlen.$ac_objext"
+
if test -z "$SQUID_MAXFD"; then
{ $as_echo "$as_me:$LINENO: checking Maximum number of filedescriptors we can open" >&5
$as_echo_n "checking Maximum number of filedescriptors we can open... " >&6; }
-TLDFLAGS="$LDFLAGS"
case $host in
i386-unknown-freebsd*)
if echo "$LDFLAGS" | grep -q pthread; then
ac_fn_cxx_check_func "$LINENO" "strtoll" "ac_cv_func_strtoll"
if test "x$ac_cv_func_strtoll" = xyes; then :
$as_echo "#define HAVE_STRTOLL 1" >>confdefs.h

11
www/squid/files/patch-helpers-basic_auth-SMB-Makefile.in
View file

@ -1,11 +0,0 @@
--- helpers/basic_auth/SMB/Makefile.in.orig Tue Oct 4 07:29:26 2005
+++ helpers/basic_auth/SMB/Makefile.in Tue Oct 4 07:29:49 2005
@@ -129,7 +129,7 @@
makesnmplib = @makesnmplib@
SMB_AUTH_HELPER = smb_auth.sh
-SAMBAPREFIX = /usr/local/samba
+SAMBAPREFIX = %%LOCALBASE%%
SMB_AUTH_HELPER_PATH = $(libexecdir)/$(SMB_AUTH_HELPER)
libexec_SCRIPTS = $(SMB_AUTH_HELPER)

13
www/squid/files/patch-helpers-basic_auth-SMB-smb_auth.sh
View file

@ -1,13 +0,0 @@
*** helpers/basic_auth/SMB/smb_auth.sh.orig Thu Feb 26 20:58:22 2004
--- helpers/basic_auth/SMB/smb_auth.sh Thu Feb 26 20:59:45 2004
***************
*** 17,22 ****
--- 17,24 ----
# along with this program; if not, write to the Free Software
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ SAMBAPREFIX=${SAMBAPREFIX:-%%LOCALBASE%%}
+
read DOMAINNAME
read PASSTHROUGH
read NMBADDR

11
www/squid/files/patch-include-squid_types.h
View file

@ -1,11 +0,0 @@
--- include/squid_types.h.orig Mon Jul 7 00:45:26 2003
+++ include/squid_types.h Mon Jul 7 00:48:39 2003
@@ -66,8 +66,5 @@
#if HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
-#if HAVE_SYS_BITYPES_H
-#include <sys/bitypes.h>
-#endif
#endif /* SQUID_TYPES_H */

581
www/squid/files/patch-squid_kerb_auth
View file

@ -1,581 +0,0 @@
This file contains various patches that in general try to enable the
compilation of the squid_kerb_auth authentication helper program on
all versions of FreeBSD that are currently supported by the FreeBSD
ports framework where Heimdal is part of the base system.
--- configure.orig 2009-02-05 19:27:06.000000000 +0100
+++ configure 2009-02-05 19:40:29.000000000 +0100
@@ -773,10 +773,13 @@
NTLM_AUTH_HELPERS
DIGEST_AUTH_HELPERS
NEGOTIATE_AUTH_HELPERS
-EXTERNAL_ACL_HELPERS
+KRB5CONFIG
+KERBLIBS
+KERBINC
CPP
GREP
EGREP
+EXTERNAL_ACL_HELPERS
LIBSASL
ENABLE_UNLINKD_TRUE
ENABLE_UNLINKD_FALSE
@@ -5789,50 +5792,59 @@
fi
-# Check whether --enable-ntlm-fail-open was given.
-if test "${enable_ntlm_fail_open+set}" = set; then
- enableval=$enable_ntlm_fail_open; if test "$enableval" = "yes" ; then
-
-cat >>confdefs.h <<\_ACEOF
-#define NTLM_FAIL_OPEN 1
-_ACEOF
+if `echo "$NEGOTIATE_AUTH_HELPERS" | grep -q squid_kerb_auth`; then
+ # Extract the first word of "krb5-config", so it can be a program name with args.
+set dummy krb5-config; ac_word=$2
+{ $as_echo "$as_me:$LINENO: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if test "${ac_cv_path_KRB5CONFIG+set}" = set; then
+ $as_echo_n "(cached) " >&6
+else
+ case $KRB5CONFIG in
+ [\\/]* | ?:[\\/]*)
+ ac_cv_path_KRB5CONFIG="$KRB5CONFIG" # Let the user override the test with a path.
+ ;;
+ *)
+ as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+ IFS=$as_save_IFS
+ test -z "$as_dir" && as_dir=.
+ for ac_exec_ext in '' $ac_executable_extensions; do
+ if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+ ac_cv_path_KRB5CONFIG="$as_dir/$ac_word$ac_exec_ext"
+ $as_echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
+ break 2
fi
+done
+done
+IFS=$as_save_IFS
+ test -z "$ac_cv_path_KRB5CONFIG" && ac_cv_path_KRB5CONFIG="false"
+ ;;
+esac
fi
-
-
-EXTERNAL_ACL_HELPERS=
-# Check whether --enable-external-acl-helpers was given.
-if test "${enable_external_acl_helpers+set}" = set; then
- enableval=$enable_external_acl_helpers; case "$enableval" in
- yes)
- echo "ERROR: --enable-external-acl-helpers requires an argument"
- exit 1
- ;;
- no)
- ;;
- *)
- EXTERNAL_ACL_HELPERS="`echo $enableval| sed -e 's/,/ /g;s/ */ /g'`"
- esac
-
+KRB5CONFIG=$ac_cv_path_KRB5CONFIG
+if test -n "$KRB5CONFIG"; then
+ { $as_echo "$as_me:$LINENO: result: $KRB5CONFIG" >&5
+$as_echo "$KRB5CONFIG" >&6; }
+else
+ { $as_echo "$as_me:$LINENO: result: no" >&5
+$as_echo "no" >&6; }
fi
-if test -n "$EXTERNAL_ACL_HELPERS"; then
- for helper in $EXTERNAL_ACL_HELPERS; do
- if test -f $srcdir/helpers/external_acl/$helper/Makefile.in; then
- :
- else
- echo "ERROR: external acl helper $helper does not exists"
- exit 1
- fi
- done
- echo "External acl helpers built: $EXTERNAL_ACL_HELPERS"
-fi
+ if test -z "$KRB5CONFIG"; then
+ { { $as_echo "$as_me:$LINENO: error: sorry" >&5
+$as_echo "$as_me: error: sorry" >&2;}
+ { (exit need krb5-config to determine compilation settings); exit need krb5-config to determine compilation settings; }; }
+ else
+ KERBLIBS=`$KRB5CONFIG --libs gssapi`
+ KERBINC=`$KRB5CONFIG --cflags`
-if test "$require_sasl" = "yes"; then
+ fi
ac_ext=c
ac_cpp='$CPP $CPPFLAGS'
@@ -6454,6 +6466,359 @@
+for ac_header in gssapi/gssapi.h
+do
+as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
+ { $as_echo "$as_me:$LINENO: checking for $ac_header" >&5
+$as_echo_n "checking for $ac_header... " >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
+ $as_echo_n "(cached) " >&6
+fi
+ac_res=`eval 'as_val=${'$as_ac_Header'}
+ $as_echo "$as_val"'`
+ { $as_echo "$as_me:$LINENO: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+else
+ # Is the header compilable?
+{ $as_echo "$as_me:$LINENO: checking $ac_header usability" >&5
+$as_echo_n "checking $ac_header usability... " >&6; }
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
+$as_echo "$ac_try_echo") >&5
+ (eval "$ac_compile") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_header_compiler=yes
+else
+ $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_compiler=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+{ $as_echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+$as_echo "$ac_header_compiler" >&6; }
+
+# Is the header present?
+{ $as_echo "$as_me:$LINENO: checking $ac_header presence" >&5
+$as_echo_n "checking $ac_header presence... " >&6; }
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <$ac_header>
+_ACEOF
+if { (ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
+$as_echo "$ac_try_echo") >&5
+ (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null && {
+ test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ }; then
+ ac_header_preproc=yes
+else
+ $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_preproc=no
+fi
+
+rm -f conftest.err conftest.$ac_ext
+{ $as_echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+$as_echo "$ac_header_preproc" >&6; }
+
+# So? What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
+ yes:no: )
+ { $as_echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
+$as_echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
+ { $as_echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
+$as_echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
+ ac_header_preproc=yes
+ ;;
+ no:yes:* )
+ { $as_echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
+$as_echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
+ { $as_echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
+$as_echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
+ { $as_echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
+$as_echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
+ { $as_echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
+$as_echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
+ { $as_echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
+$as_echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
+ { $as_echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
+$as_echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
+ ( cat <<\_ASBOX
+## ----------------------------------------------- ##
+## Report this to http://www.squid-cache.org/bugs/ ##
+## ----------------------------------------------- ##
+_ASBOX
+ ) | sed "s/^/$as_me: WARNING: /" >&2
+ ;;
+esac
+{ $as_echo "$as_me:$LINENO: checking for $ac_header" >&5
+$as_echo_n "checking for $ac_header... " >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
+ $as_echo_n "(cached) " >&6
+else
+ eval "$as_ac_Header=\$ac_header_preproc"
+fi
+ac_res=`eval 'as_val=${'$as_ac_Header'}
+ $as_echo "$as_val"'`
+ { $as_echo "$as_me:$LINENO: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+
+fi
+if test `eval 'as_val=${'$as_ac_Header'}
+ $as_echo "$as_val"'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+ if test x"$ac_cv_header_gssapi_gssapi_h" != x"yes"; then
+
+for ac_header in gssapi.h
+do
+as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
+ { $as_echo "$as_me:$LINENO: checking for $ac_header" >&5
+$as_echo_n "checking for $ac_header... " >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
+ $as_echo_n "(cached) " >&6
+fi
+ac_res=`eval 'as_val=${'$as_ac_Header'}
+ $as_echo "$as_val"'`
+ { $as_echo "$as_me:$LINENO: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+else
+ # Is the header compilable?
+{ $as_echo "$as_me:$LINENO: checking $ac_header usability" >&5
+$as_echo_n "checking $ac_header usability... " >&6; }
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+$ac_includes_default
+#include <$ac_header>
+_ACEOF
+rm -f conftest.$ac_objext
+if { (ac_try="$ac_compile"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
+$as_echo "$ac_try_echo") >&5
+ (eval "$ac_compile") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest.$ac_objext; then
+ ac_header_compiler=yes
+else
+ $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_compiler=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+{ $as_echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
+$as_echo "$ac_header_compiler" >&6; }
+
+# Is the header present?
+{ $as_echo "$as_me:$LINENO: checking $ac_header presence" >&5
+$as_echo_n "checking $ac_header presence... " >&6; }
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+#include <$ac_header>
+_ACEOF
+if { (ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:$LINENO: $ac_try_echo\""
+$as_echo "$ac_try_echo") >&5
+ (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ $as_echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } >/dev/null && {
+ test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ }; then
+ ac_header_preproc=yes
+else
+ $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_header_preproc=no
+fi
+
+rm -f conftest.err conftest.$ac_ext
+{ $as_echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
+$as_echo "$ac_header_preproc" >&6; }
+
+# So? What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
+ yes:no: )
+ { $as_echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
+$as_echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
+ { $as_echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
+$as_echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
+ ac_header_preproc=yes
+ ;;
+ no:yes:* )
+ { $as_echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
+$as_echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
+ { $as_echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
+$as_echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
+ { $as_echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
+$as_echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
+ { $as_echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
+$as_echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
+ { $as_echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
+$as_echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
+ { $as_echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
+$as_echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
+ ( cat <<\_ASBOX
+## ----------------------------------------------- ##
+## Report this to http://www.squid-cache.org/bugs/ ##
+## ----------------------------------------------- ##
+_ASBOX
+ ) | sed "s/^/$as_me: WARNING: /" >&2
+ ;;
+esac
+{ $as_echo "$as_me:$LINENO: checking for $ac_header" >&5
+$as_echo_n "checking for $ac_header... " >&6; }
+if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
+ $as_echo_n "(cached) " >&6
+else
+ eval "$as_ac_Header=\$ac_header_preproc"
+fi
+ac_res=`eval 'as_val=${'$as_ac_Header'}
+ $as_echo "$as_val"'`
+ { $as_echo "$as_me:$LINENO: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+
+fi
+if test `eval 'as_val=${'$as_ac_Header'}
+ $as_echo "$as_val"'` = yes; then
+ cat >>confdefs.h <<_ACEOF
+#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+else
+ { { $as_echo "$as_me:$LINENO: error: neither <gssapi/gssapi.h> nor <gssapi.h> found" >&5
+$as_echo "$as_me: error: neither <gssapi/gssapi.h> nor <gssapi.h> found" >&2;}
+ { (exit 1); exit 1; }; }
+
+fi
+
+done
+
+ fi
+fi
+
+# Check whether --enable-ntlm-fail-open was given.
+if test "${enable_ntlm_fail_open+set}" = set; then
+ enableval=$enable_ntlm_fail_open; if test "$enableval" = "yes" ; then
+
+cat >>confdefs.h <<\_ACEOF
+#define NTLM_FAIL_OPEN 1
+_ACEOF
+
+ fi
+
+fi
+
+
+EXTERNAL_ACL_HELPERS=
+# Check whether --enable-external-acl-helpers was given.
+if test "${enable_external_acl_helpers+set}" = set; then
+ enableval=$enable_external_acl_helpers; case "$enableval" in
+ yes)
+ echo "ERROR: --enable-external-acl-helpers requires an argument"
+ exit 1
+ ;;
+ no)
+ ;;
+ *)
+ EXTERNAL_ACL_HELPERS="`echo $enableval| sed -e 's/,/ /g;s/ */ /g'`"
+ esac
+
+fi
+
+if test -n "$EXTERNAL_ACL_HELPERS"; then
+ for helper in $EXTERNAL_ACL_HELPERS; do
+ if test -f $srcdir/helpers/external_acl/$helper/Makefile.in; then
+ :
+ else
+ echo "ERROR: external acl helper $helper does not exists"
+ exit 1
+ fi
+ done
+ echo "External acl helpers built: $EXTERNAL_ACL_HELPERS"
+fi
+
+
+
+if test "$require_sasl" = "yes"; then
+
for ac_header in sasl/sasl.h sasl.h
do
--- include/autoconf.h.in.orig 2008-06-05 02:18:07.000000000 +0200
+++ include/autoconf.h.in 2008-07-06 17:45:05.000000000 +0200
@@ -161,6 +161,12 @@
/* Define to 1 if you have the <grp.h> header file. */
#undef HAVE_GRP_H
+/* Define to 1 if you have the <gssapi/gssapi.h> header file. */
+#undef HAVE_GSSAPI_GSSAPI_H
+
+/* Define to 1 if you have the <gssapi.h> header file. */
+#undef HAVE_GSSAPI_H
+
/* Define to 1 if you have the `initgroups' function. */
#undef HAVE_INITGROUPS
--- helpers/negotiate_auth/squid_kerb_auth/Makefile.in.orig 2007-11-12 02:14:15.000000000 +0100
+++ helpers/negotiate_auth/squid_kerb_auth/Makefile.in 2008-07-06 17:45:05.000000000 +0200
@@ -130,6 +130,18 @@
INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
+#-L$(top_builddir)/lib -lmiscutil $(XTRA_LIBS)
+
+# HEIMDAL
+#KERBINC = -DHEIMDAL -I/usr/include/heimdal
+#KERBLIBS = -lgssapi -lkrb5 -lcom_err -lasn1 -lroken
+
+# MIT
+#KERBINC =
+#KERBLIBS = -lgssapi_krb5 -lkrb5 -lcom_err
+KERBINC = -DHEIMDAL @KERBINC@
+KERBLIBS = @KERBLIBS@
+KRB5CONFIG = @KRB5CONFIG@
LDFLAGS = @LDFLAGS@
LIBDLMALLOC = @LIBDLMALLOC@
LIBOBJS = @LIBOBJS@
@@ -265,15 +277,6 @@
squid_kerb_auth_SOURCES = $(SOURCE) $(SPNEGO)
#-I$(top_srcdir)/include -I$(top_srcdir)/src
LDADD = $(KERBLIBS)
-#-L$(top_builddir)/lib -lmiscutil $(XTRA_LIBS)
-
-# HEIMDAL
-#KERBINC = -DHEIMDAL -I/usr/include/heimdal
-#KERBLIBS = -lgssapi -lkrb5 -lcom_err -lasn1 -lroken
-
-# MIT
-KERBINC =
-KERBLIBS = -lgssapi_krb5 -lkrb5 -lcom_err
all: all-am
.SUFFIXES:
--- helpers/negotiate_auth/squid_kerb_auth/squid_kerb_auth.c.orig 2008-02-24 20:18:53.000000000 +0100
+++ helpers/negotiate_auth/squid_kerb_auth/squid_kerb_auth.c 2008-07-06 17:45:05.000000000 +0200
@@ -24,6 +24,7 @@
/*
* Hosted at http://sourceforge.net/projects/squidkerbauth
*/
+#include "config.h"
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
@@ -31,6 +32,7 @@
#include <unistd.h>
#include <time.h>
#include <sys/time.h>
+#include <sys/param.h>
#include "base64.h"
#ifndef HAVE_SPNEGO
@@ -47,7 +49,11 @@
#define PROGRAM "squid_kerb_auth"
#ifdef HEIMDAL
+#ifdef HAVE_GSSAPI_GSSAPI_H
+#include <gssapi/gssapi.h>
+#else
#include <gssapi.h>
+#endif
#define gss_nt_service_name GSS_C_NT_HOSTBASED_SERVICE
#else
#include <gssapi/gssapi.h>
--- helpers/negotiate_auth/squid_kerb_auth/spnegohelp/derparse.c.orig 2007-05-15 01:36:32.000000000 +0200
+++ helpers/negotiate_auth/squid_kerb_auth/spnegohelp/derparse.c 2009-03-28 17:21:54.000000000 +0100
@@ -22,12 +22,19 @@
//
/////////////////////////////////////////////////////////////
+#include "config.h"
#include <stdlib.h>
#include <stdio.h>
#include <memory.h>
#include "spnego.h"
#include "derparse.h"
+#ifdef WORDS_BIGENDIAN
+#undef __LITTLE_ENDIAN__
+#else
+#define __LITTLE_ENDIAN__ 1
+#endif
+
//
// The GSS Mechanism OID enumeration values (SPNEGO_MECH_OID) control which offset in
// the array below, that a mechanism can be found.

45
www/squid/files/patch-src-cf.data.pre
View file

@ -1,28 +1,6 @@
--- src/cf.data.pre.orig Tue Jun 26 01:34:57 2007
+++ src/cf.data.pre Mon Jul 16 20:02:21 2007
@@ -1207,6 +1207,21 @@
Note that for coss, max-size must be less than COSS_MEMBUF_SZ
(hard coded at 1 MB).
+
+ Note for FreeBSD users:
+ COSS -- like aufs -- uses async IO so if you compiled Squid without
+ support for the aufs storage type, COSS will use POSIX AIO.
+ This means that you need to add the line
+
+ options VFS_AIO
+
+ to your kernel configuration in order to use COSS.
+
+ On FreeBSD 5 and higher you can load the aio(4) module and do not
+ necessarily need to recompile your kernel.
+
+ If you compiled Squid with both support for aufs and COSS, COSS
+ will use aufs' routines and does not need special kernel support.
DOC_END
NAME: logformat
@@ -1439,6 +1454,10 @@
--- src/cf.data.pre.orig 2013-03-12 11:17:07.000000000 +0100
+++ src/cf.data.pre 2013-04-09 11:43:01.000000000 +0200
@@ -3849,6 +3849,10 @@
LOC: Config.pidFilename
DOC_START
A filename to write the process-id to. To disable, enter "none".
@ -32,19 +10,4 @@
+ %%PREFIX%%/etc/rc.d/squid for details.
DOC_END
NAME: debug_options
@@ -3275,12 +3294,12 @@
NAME: cache_effective_user
TYPE: string
-DEFAULT: nobody
+DEFAULT: %%SQUID_UID%%
LOC: Config.effectiveUser
DOC_START
If you start Squid as root, it will change its effective/real
UID/GID to the user specified below. The default is to change
- to UID to nobody. If you define cache_effective_user, but not
+ to UID to %%SQUID_UID%%. If you define cache_effective_user, but not
cache_effective_group, Squid sets the GID to the effective
user's default group ID (taken from the password file) and
supplementary group list from the from groups membership of
NAME: log_fqdn

11
www/squid/files/patch-src_tools.cc Normal file
View file

@ -0,0 +1,11 @@
--- src/tools.cc.orig 2014-08-19 13:38:40.000000000 +0400
+++ src/tools.cc 2014-08-19 13:39:00.000000000 +0400
@@ -735,7 +735,7 @@
uid = geteuid();
debugs(21, 3, "no_suid: PID " << getpid() << " giving up root priveleges forever");
- if (setuid(0) < 0)
+ if (setuid(0) < 0 && TheProcessKind != pkHelper)
debugs(50, DBG_IMPORTANT, "WARNING: no_suid: setuid(0): " << xstrerror());
if (setuid(uid) < 0)

11
www/squid/files/patch-tools-Makefile.in
View file

@ -1,11 +0,0 @@
--- tools/Makefile.in.orig 2008-05-10 18:39:20.000000000 +0200
+++ tools/Makefile.in 2008-05-10 18:40:02.000000000 +0200
@@ -791,6 +791,8 @@
$(OBJS): $(top_srcdir)/include/version.h ../include/autoconf.h
install-data-local:
+ @echo "$(INSTALL_DATA) $(srcdir)/cachemgr.conf $(DESTDIR)$(DEFAULT_CACHEMGR_CONFIG).default"; \
+ $(INSTALL_DATA) $(srcdir)/cachemgr.conf $(DESTDIR)$(DEFAULT_CACHEMGR_CONFIG).default;
@if test -f $(DESTDIR)$(DEFAULT_CACHEMGR_CONFIG) ; then \
echo "$@ will not overwrite existing $(DESTDIR)$(DEFAULT_CACHEMGR_CONFIG)" ; \
else \

47
www/squid/files/pkg-deinstall.in
View file

@ -1,47 +0,0 @@
#!/bin/sh
#
# $FreeBSD$
#
PATH=/bin:/usr/bin:/usr/sbin
squid_base="/var/squid"
squid_cachedir="${squid_base}/cache"
squid_confdir=${PKG_PREFIX}/etc/squid
squid_logdir="${squid_base}/logs"
case $2 in
DEINSTALL)
cd ${squid_confdir} || exit 1
for f in cachemgr.conf mime.conf msntauth.conf squid.conf; do
cmp -s -z ${f} ${f}.default && rm ${f}
done
# try to cleanup directories in /var:
for d in ${squid_cachedir} ${squid_logdir} ${squid_base} ; do
rmdir ${d} 2>/dev/null
done
;;
POST-DEINSTALL)
echo "===> post-deinstallation information for $1:"
echo ""
echo " Note:"
echo " Squid related user accounts and groups were not removed."
echo ""
echo " To remove the '%%SQUID_UID%%' user and the '%%SQUID_GID%%' group which were"
echo " created by a default installation of this package, run"
echo ""
echo " pw userdel -n %%SQUID_UID%% -u 100"
if [ -d ${squid_base} -o -d ${squid_confdir} ] ; then
echo ""
echo " In order to ease updates the cache and log directories"
echo " and all configuration files modified by you were preserved."
echo ""
echo " Please remove them manually if you do not want to use"
echo " Squid any longer."
fi
echo ""
;;
*)
exit 64
;;
esac
exit 0

79
www/squid/files/pkg-install.in
View file

@ -5,66 +5,55 @@
PATH=/bin:/usr/bin:/usr/sbin
pkgname=$1
squid_base="/var/squid"
squid_homedir="/var/squid"
squid_cache_basedir="${squid_homedir}/cache"
squid_confdir="${PKG_PREFIX:-%%PREFIX%%}/etc/squid"
if [ -x /usr/sbin/nologin ]; then
nologin=/usr/sbin/nologin
else
nologin=/sbin/nologin
fi
squid_user="%%SQUID_UID%%"
squid_group="%%SQUID_GID%%"
squid_logdir="/var/log/squid"
# these are hardcoded, see /usr/ports/UIDs and /usr/ports/GIDs:
squid_user=squid
squid_group=squid
squid_gid=100
squid_uid=100
case $2 in
PRE-INSTALL)
echo "===> Pre-installation configuration for ${pkgname}"
if ! pw groupshow ${squid_group} -q >/dev/null ; then
echo "There is no group '${squid_group}' on this system, so I will try to create it (using group id ${squid_gid}):"
if ! pw groupadd ${squid_group} -g ${squid_gid} -q ; then
echo "Failed to create group \"${squid_group}\"!" >&2
echo "Please create it manually." >&2
exit 1
else
echo "Group '${squid_group}' created successfully:"
fi
;;
POST-INSTALL)
# Since we usually start the Squid master process as ${squid_user}
# instead of root make sure that ${squid_homedir} is writable for it.
if [ ! -d ${squid_homedir} ]; then
echo "Creating ${squid_homedir}..."
install -d -o root -g ${squid_group} \
-m 0775 ${squid_homedir}
else
echo "I will use the existing group '${squid_group}':"
chgrp ${squid_group} ${squid_homedir}
chmod g+w ${squid_homedir}
fi
pw groupshow ${squid_group}
if ! pw usershow ${squid_user} -q >/dev/null ; then
echo "There is no account '${squid_user}' on this system, so I will try to create it (using user id ${squid_uid}):"
if ! pw useradd -q -n ${squid_user} \
-u ${squid_uid} -g ${squid_group} \
-c "Squid caching-proxy pseudo user" \
-d "${squid_base}" -s "${nologin}" \
-h - ; then
echo "Failed to create user '${squid_user}'!" >&2
echo "Please create it manually." >&2
exit 1
else
echo "User '${squid_user}' created successfully:"
fi
else
echo "I will use the existing user '${squid_user}':"
fi
pw usershow ${squid_user}
for dir in cache logs; do
if [ ! -d ${squid_base}/${dir} ]; then
echo "Creating ${squid_base}/${dir}..."
if [ ! -d ${squid_cache_basedir} ]; then
echo "Creating ${squid_cache_basedir} ..."
install -d -o ${squid_user} -g ${squid_group} \
-m 0750 ${squid_base}/${dir}
-m 0750 ${squid_cache_basedir}
else
chown ${squid_user} ${squid_cache_basedir}
chgrp ${squid_group} ${squid_cache_basedir}
chmod 0750 ${squid_cache_basedir}
fi
done
if [ ! -d ${squid_confdir} ]; then
echo "Creating ${squid_confdir}..."
install -d -o root -g ${squid_group} \
-m 0755 ${squid_confdir}
else
chgrp ${squid_group} ${squid_confdir}
fi
;;
POST-INSTALL)
for file in cachemgr.conf mime.conf squid.conf; do
if [ ! -d ${squid_logdir} ]; then
echo "Creating ${squid_logdir}..."
install -d -o ${squid_user} -g ${squid_group} \
-m 0750 ${squid_logdir}
else
chown ${squid_user} ${squid_logdir}
chgrp ${squid_group} ${squid_logdir}
fi
for file in cachemgr.conf errorpage.css mime.conf msntauth.conf squid.conf; do
if [ ! -f ${squid_confdir}/${file} \
-a -f ${squid_confdir}/${file}.default ]; then
echo "Creating ${file} from default..."

25
www/squid/files/pkg-message.in
View file

@ -1,28 +1,33 @@
o You can find the configuration files for this package in the
directory %%PREFIX%%/etc/squid.
o The default cache directory is /var/squid/cache.
The default log directory is /var/squid/logs.
o The default cache directory is /var/squid/cache/squid/.
The default log directory is /var/log/squid/.
Note:
You must initialize new cache directories before you can start
squid. Do this by running "squid -z" as 'root' or '%%SQUID_UID%%'.
squid. Do this by running "squid -z" as 'root' or 'squid'.
If your cache directories are already initialized (e.g. after an
upgrade of squid) you do not need to initialize them again.
o The default configuration will deny everyone but local networks
as defined in RFC 1918 access to the proxy service.
Edit the "http_access allow/deny" directives in
%%PREFIX%%/etc/squid/squid.conf to suit your needs.
o The default configuration will deny everyone but the local host and
local networks as defined in RFC 1918 for IPv4 and RFCs 4193 and
4291 for IPv6 access to the proxy service. Edit the "http_access
allow/deny" directives in %%PREFIX%%/etc/squid/squid.conf
to suit your needs.
To enable Squid, set squid_enable=yes in either
/etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/squid
Please see %%PREFIX%%/etc/rc.d/squid for further details.
Note:
If you just updated your Squid installation from 2.6 or earlier,
make sure to check your Squid configuration against the 2.7 default
configuration file %%PREFIX%%/etc/squid/squid.conf.default.
If you just updated your Squid installation from an earlier version,
make sure to check your Squid configuration against the 3.3 default
configuration file %%PREFIX%%/etc/squid/squid.conf.sample.
%%PREFIX%%/etc/squid/squid.conf.documented is a fully annotated
configuration file you can consult for further reference.
Additionally, you should check your configuration by calling
'squid -f /path/to/squid.conf -k parse' before starting Squid.

126
www/squid/files/squid.in
View file

@ -13,7 +13,7 @@
# Additional variables you can define in one of these files:
#
# squid_chdir: the directory into which the rc system moves into before
# starting Squid. Default: /var/squid/logs
# starting Squid. Default: /var/squid
#
# squid_conf: The configuration file that Squid should use.
# Default: %%PREFIX%%/etc/squid/squid.conf
@ -24,7 +24,7 @@
# system call is not available in FreeBSD versions prior to 7.1.
#
# squid_user: The user id that should be used to run the Squid master
# process. Default: %%SQUID_UID%%.
# process. Default: squid.
# Note that you probably need to define "squid_user=root" if
# you want to run Squid in reverse proxy setups or if you want
# Squid to listen on a "privileged" port < 1024.
@ -32,19 +32,67 @@
# squid_pidfile:
# The name (including the full path) of the Squid
# master process' PID file.
# Default: /var/squid/logs/squid.pid.
# Default: /var/run/squid/squid.pid.
# You only need to change this if you changed the
# corresponding entry in your Squid configuration.
#
# squid_flags: Additional commandline arguments for Squid you might want to
# use. See squid(8) for further details.
#
# squid_krb5_ktname:
# Alternative Kerberos 5 Key Table.
# Default: none
squid_checkrunning() {
${command} ${squid_flags} -k check 2>/dev/null
. /etc/rc.subr
name=squid
rcvar=squid_enable
# Make sure that we invoke squid with "-f ${squid_conf}"; define this
# variable early so reload_cmd and stop_precmd pick it up:
extra_commands=reload
reload_cmd=squid_reload
start_precmd=squid_prestart
start_postcmd=squid_getpid
stop_precmd=squid_prestop
stop_postcmd=squid_poststop
# squid(8) will not start if ${squid_conf} is not present so try
# to catch that beforehand via ${required_files} rather than make
# squid(8) crash.
squid_load_rc_config()
{
: ${squid_chdir:=/var/squid}
: ${squid_conf:=%%PREFIX%%/etc/squid/squid.conf}
: ${squid_enable:=NO}
: ${squid_program:=%%PREFIX%%/sbin/squid}
: ${squid_pidfile:=/var/run/squid/squid.pid}
: ${squid_user:=squid}
required_args="-f ${squid_conf}"
required_dirs=$chdir
required_files=$squid_conf
command_args="${required_args} ${squid_flags}"
procname="?squid-*"
pidfile=$squid_pidfile
state_dir=/var/run/squid
}
squid_setfib() {
squid_prestart()
{
# prepare the state directory:
[ -d ${state_dir} ] && rm -rf ${state_dir}
install -d -o ${squid_user} -m 0755 ${state_dir}
# setup KRB5_KTNAME:
squid_krb5_ktname=${squid_krb5_ktname:-"NONE"}
if [ "${squid_krb5_ktname}" != "NONE" ]; then
export KRB5_KTNAME=${squid_krb5_ktname}
fi
# setup FIB tables:
if command -v check_namevarlist > /dev/null 2>&1; then
check_namevarlist fib && return 0
fi
@ -52,47 +100,45 @@ squid_setfib() {
${SYSCTL} net.fibs >/dev/null 2>&1 || return 0
squid_fib=${squid_fib:-"NONE"}
if [ "x${squid_fib}" != "xNONE" ]; then
command="setfib -F ${squid_fib} ${command}"
if [ "${squid_fib}" != "NONE" ]; then
command="setfib -F $squid_fib $command"
else
return 0
fi
}
squid_stop() {
echo "Stopping ${name}."
${command} ${squid_flags} -k shutdown
run_rc_command poll
squid_reload()
{
$command $required_args $squid_flags -k reconfigure
}
. /etc/rc.subr
squid_getpid()
{
# retrieve the PID of the Squid master process explicitly here
# in case rc.subr was unable to determine it:
if [ -z "$rc_pid" ]; then
while ! [ -f ${pidfile} ]; do
sleep 1
done
read _pid _junk <${pidfile}
[ -z "${_pid}" ] || pid=${_pid}
else
pid=${rc_pid}
fi
}
name=squid
rcvar=squid_enable
squid_prestop()
{
command_args="$command_args -k shutdown"
$command $required_args $squid_flags -k check 2>/dev/null
}
command=%%PREFIX%%/sbin/squid
extra_commands=reload
reload_cmd="${command} ${squid_flags} -k reconfigure"
start_precmd="squid_setfib"
stop_precmd="squid_checkrunning"
stop_cmd="squid_stop"
squid_poststop()
{
rm -rf ${state_dir}
}
load_rc_config ${name}
squid_chdir=${squid_chdir:-"/var/squid/logs"}
squid_conf=${squid_conf:-"%%PREFIX%%/etc/squid/squid.conf"}
squid_enable=${squid_enable:-"NO"}
squid_flags=${squid_flags-"-D"}
squid_pidfile=${squid_pidfile:-"/var/squid/logs/squid.pid"}
squid_user=${squid_user:-%%SQUID_UID%%}
pidfile=${squid_pidfile}
required_dirs=${squid_chdir}
# squid(8) will not start if ${squid_conf} is not present so try
# to catch that beforehand via ${required_files} rather than make
# squid(8) crash.
required_files=${squid_conf}
run_rc_command "$1"
load_rc_config $name
squid_load_rc_config
run_rc_command $1

11
www/squid/pkg-descr
View file

@ -1,10 +1,5 @@
Squid is a high-performance proxy caching server for web clients,
supporting FTP, gopher, and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single, non-blocking,
I/O-driven process.
Squid supports SSL, extensive access controls, and full request logging.
By using the lightweight Internet Cache Protocol, Squid caches can be
arranged in a hierarchy or mesh for additional bandwidth savings.
Squid is a fully-featured HTTP/1.0 proxy which is almost (but not quite)
HTTP/1.1 compliant. Squid offers a rich access control, authorization and
logging environment to develop web proxy and content serving applications.
WWW: http://www.squid-cache.org/

2176
www/squid/pkg-plist Normal file
View file

File diff suppressed because it is too large Load diff

5
www/squid33/Makefile
View file

@ -25,12 +25,15 @@ PATCHFILES= FreeBSD_silence_nosuid_mk1.patch:nosid
MAINTAINER= ports@FreeBSD.org
COMMENT= HTTP Caching Proxy
DEPRECATED= Reached EOL on 13 July 2013, use www/squid (v3.4) instead
EXPIRATION_DATE=2015-01-31
LICENSE= GPLv2
LICENSE_FILE= ${WRKSRC}/COPYING
SQUID_STABLE_VER= 13
CONFLICTS_INSTALL= squid-2.[0-9].* squid32-* cacheboy-[0-9]* lusca-head-[0-9]*
CONFLICTS_INSTALL= squid-3*
USES= perl5 tar:bzip2 shebangfix
SHEBANG_FILES= scripts/*.pl contrib/*.pl src/*.pl tools/*.pl\