diff options
| author |   Eray Aslan <eras@gentoo.org> | 2012-08-27 13:56:01 +0000 |
|---|---|---|
| committer | Eray Aslan <eras@gentoo.org> | 2012-08-27 13:56:01 +0000 |
| commit | 2d7c6e7aa08cda8adfd18721803811af6907cd01 (patch) | |
| tree | a169b83109049e522d651066f57f4adb36950a86 /net-proxy/squid | |
| parent | Mask squid-3.2 until net-libs/libecap-0.2.0 is unmasked - bug #432942 (diff) | |
| download | gentoo-2-2d7c6e7aa08cda8adfd18721803811af6907cd01.tar.gz gentoo-2-2d7c6e7aa08cda8adfd18721803811af6907cd01.tar.bz2 gentoo-2-2d7c6e7aa08cda8adfd18721803811af6907cd01.zip | |
Version bump - bug #431554
(Portage version: 2.2.0_alpha122/cvs/Linux x86_64)
Diffstat (limited to 'net-proxy/squid')
| -rw-r--r-- | net-proxy/squid/ChangeLog | 8 | ||||
| -rw-r--r-- | net-proxy/squid/files/squid-3.2.1-gentoo.patch | 133 | ||||
| -rw-r--r-- | net-proxy/squid/squid-3.2.1.ebuild | 239 |
3 files changed, 379 insertions, 1 deletions
diff --git a/net-proxy/squid/ChangeLog b/net-proxy/squid/ChangeLog index 9a9d6aab5b72..99631c01e8cc 100644 --- a/net-proxy/squid/ChangeLog +++ b/net-proxy/squid/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for net-proxy/squid # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/ChangeLog,v 1.348 2012/08/27 13:22:08 eras Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/ChangeLog,v 1.349 2012/08/27 13:56:01 eras Exp $ + +*squid-3.2.1 (27 Aug 2012) + + 27 Aug 2012; Eray Aslan <eras@gentoo.org> +files/squid-3.2.1-gentoo.patch, + +squid-3.2.1.ebuild: + Version bump - bug #431554 27 Aug 2012; Eray Aslan <eras@gentoo.org> metadata.xml: Add myself as maintainer diff --git a/net-proxy/squid/files/squid-3.2.1-gentoo.patch b/net-proxy/squid/files/squid-3.2.1-gentoo.patch new file mode 100644 index 000000000000..c5db303f9129 --- /dev/null +++ b/net-proxy/squid/files/squid-3.2.1-gentoo.patch @@ -0,0 +1,133 @@ +diff --git a/configure.ac b/configure.ac +index a863327..deb44ed 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -26,9 +26,9 @@ PRESET_CFLAGS="$CFLAGS" + PRESET_LDFLAGS="$LDFLAGS" + + dnl Set default LDFLAGS +-if test "x$LDFLAGS" = "x" ; then +- LDFLAGS="-g" +-fi ++dnl if test "x$LDFLAGS" = "x" ; then ++dnl LDFLAGS="-g" ++dnl fi + + # Check for GNU cc + AC_PROG_CC +diff --git a/helpers/basic_auth/SMB/basic_smb_auth.sh b/helpers/basic_auth/SMB/basic_smb_auth.sh +index 2a1abb3..b3ebb7a 100755 +--- a/helpers/basic_auth/SMB/basic_smb_auth.sh ++++ b/helpers/basic_auth/SMB/basic_smb_auth.sh +@@ -24,7 +24,7 @@ read NMBCAST + read AUTHSHARE + read AUTHFILE + read SMBUSER +-read SMBPASS ++read -r SMBPASS + + # Find domain controller + echo "Domain name: $DOMAINNAME" +@@ -47,7 +47,7 @@ else + addropt="" + fi + echo "Query address options: $addropt" +-dcip=`nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+ / { print $1 ; exit }'` ++dcip=`nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+\..+ / { print $1 ; exit }'` + echo "Domain controller IP address: $dcip" + [ -n "$dcip" ] || exit 1 + +diff --git a/src/Makefile.am b/src/Makefile.am +index 6b69267..10f506a 100644 +--- a/src/Makefile.am ++++ b/src/Makefile.am +@@ -867,8 +867,8 @@ DEFAULT_LOG_PREFIX = $(DEFAULT_LOG_DIR) + DEFAULT_CACHE_LOG = $(DEFAULT_LOG_PREFIX)/cache.log + DEFAULT_ACCESS_LOG = $(DEFAULT_LOG_PREFIX)/access.log + DEFAULT_STORE_LOG = $(DEFAULT_LOG_PREFIX)/store.log +-DEFAULT_NETDB_FILE = $(DEFAULT_LOG_PREFIX)/netdb.state +-DEFAULT_SSL_DB_DIR = $(localstatedir)/lib/ssl_db ++DEFAULT_NETDB_FILE = $(localstatedir)/lib/squid/netdb.state ++DEFAULT_SSL_DB_DIR = $(localstatedir)/lib/squid/ssl_db + DEFAULT_PINGER = $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'` + DEFAULT_UNLINKD = $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'` + DEFAULT_LOGFILED = $(libexecdir)/`echo log_file_daemon | sed '$(transform);s/$$/$(EXEEXT)/'` +diff --git a/src/cf.data.pre b/src/cf.data.pre +index 697233e..311c3ea 100644 +--- a/src/cf.data.pre ++++ b/src/cf.data.pre +@@ -906,6 +906,7 @@ acl Safe_ports port 280 # http-mgmt + acl Safe_ports port 488 # gss-http + acl Safe_ports port 591 # filemaker + acl Safe_ports port 777 # multiling http ++acl Safe_ports port 901 # SWAT + acl CONNECT method CONNECT + NOCOMMENT_END + DOC_END +@@ -4778,11 +4782,11 @@ COMMENT_END + + NAME: cache_mgr + TYPE: string +-DEFAULT: webmaster ++DEFAULT: root + LOC: Config.adminEmail + DOC_START + Email-address of local cache manager who will receive +- mail if the cache dies. The default is "webmaster." ++ mail if the cache dies. The default is "root". + DOC_END + + NAME: mail_from +@@ -7442,7 +7446,7 @@ DOC_END + NAME: forwarded_for + COMMENT: on|off|transparent|truncate|delete + TYPE: string +-DEFAULT: on ++DEFAULT: delete + LOC: opt_forwarded_for + DOC_START + If set to "on", Squid will append your client's IP address +diff --git a/src/debug.cc b/src/debug.cc +index 64ab0ba..062119a 100644 +--- a/src/debug.cc ++++ b/src/debug.cc +@@ -450,7 +450,7 @@ _db_init(const char *logfile, const char *options) + #if HAVE_SYSLOG && defined(LOG_LOCAL4) + + if (Debug::log_syslog) +- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, syslog_facility); ++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, syslog_facility); + + #endif /* HAVE_SYSLOG */ + +diff --git a/src/main.cc b/src/main.cc +index d6eb01a..0b93f0e 100644 +--- a/src/main.cc ++++ b/src/main.cc +@@ -1657,7 +1657,7 @@ watch_child(char *argv[]) + if (!IamMasterProcess()) + return; + +- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4); + + if ((pid = fork()) < 0) + syslog(LOG_ALERT, "fork failed: %s", xstrerror()); +@@ -1720,7 +1720,7 @@ watch_child(char *argv[]) + + if ((pid = fork()) == 0) { + /* child */ +- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4); + prog = argv[0]; + argv[0] = const_cast<char*>(kid.name().termedBuf()); + execvp(prog, argv); +@@ -1733,7 +1733,7 @@ watch_child(char *argv[]) + } + + /* parent */ +- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4); + + squid_signal(SIGINT, SIG_IGN, SA_RESTART); + diff --git a/net-proxy/squid/squid-3.2.1.ebuild b/net-proxy/squid/squid-3.2.1.ebuild new file mode 100644 index 000000000000..882fbdacfa75 --- /dev/null +++ b/net-proxy/squid/squid-3.2.1.ebuild @@ -0,0 +1,239 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/squid-3.2.1.ebuild,v 1.1 2012/08/27 13:56:01 eras Exp $ + +EAPI=4 +inherit eutils pam toolchain-funcs autotools linux-info user versionator + +DESCRIPTION="A full-featured web proxy cache" +HOMEPAGE="http://www.squid-cache.org/" +SRC_URI="http://www.squid-cache.org/Versions/v3/3.2/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~hppa ~ia64 ~mips ~ppc ~sparc ~x86 ~x86-fbsd" +IUSE="caps ipv6 pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test \ + ecap icap-client ssl-crtd \ + mysql postgres sqlite \ + qos tproxy \ + pf-transparent ipf-transparent kqueue \ + elibc_uclibc kernel_linux" + +COMMON_DEPEND="caps? ( >=sys-libs/libcap-2.16 ) + pam? ( virtual/pam ) + ldap? ( net-nds/openldap ) + kerberos? ( virtual/krb5 ) + qos? ( net-libs/libnetfilter_conntrack ) + ssl? ( dev-libs/openssl ) + sasl? ( dev-libs/cyrus-sasl ) + ecap? ( >=net-libs/libecap-0.2.0 ) + selinux? ( sec-policy/selinux-squid ) + !x86-fbsd? ( logrotate? ( app-admin/logrotate ) ) + >=sys-libs/db-4 + sys-devel/libtool + dev-lang/perl" +DEPEND="${COMMON_DEPEND} + sys-apps/ed + test? ( dev-util/cppunit )" +RDEPEND="${COMMON_DEPEND} + samba? ( net-fs/samba ) + mysql? ( dev-perl/DBD-mysql ) + postgres? ( dev-perl/DBD-Pg ) + sqlite? ( dev-perl/DBD-SQLite )" + +REQUIRED_USE="tproxy? ( caps ) + qos? ( caps )" + +pkg_pretend() { + if use tproxy; then + echo + elog "Checking kernel configuration for full Tproxy4 support" + local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_TPROXY ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY" + linux-info_pkg_setup + echo + fi +} + +pkg_setup() { + enewgroup squid 31 + enewuser squid 31 -1 /var/cache/squid squid +} + +src_prepare() { + epatch "${FILESDIR}/${PN}-3.2.1-gentoo.patch" + sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \ + INSTALL QUICKSTART \ + helpers/basic_auth/MSNT/README.html \ + helpers/basic_auth/MSNT/confload.cc \ + helpers/basic_auth/MSNT/msntauth.conf.default \ + scripts/fileno-to-pathname.pl \ + scripts/check_cache.pl \ + tools/cachemgr.cgi.8 \ + tools/purge/conffile.hh \ + tools/purge/README || die + sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \ + INSTALL QUICKSTART || die + sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \ + QUICKSTART || die + sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \ + QUICKSTART \ + src/log/access_log.cc || die + sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \ + src/log/access_log.cc || die + sed -i -e 's:/usr/local/squid/bin:/usr/bin:' \ + helpers/basic_auth/MSNT/README.html || die + sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \ + helpers/external_acl/unix_group/ext_unix_group_acl.8 \ + helpers/external_acl/session/ext_session_acl.8 \ + src/ssl/ssl_crtd.8 || die + sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \ + scripts/check_cache.pl || die + sed -i -e 's:/usr/local/squid/ssl_cert:/etc/ssl/squid:' \ + src/ssl/ssl_crtd.8 || die + sed -i -e 's:/usr/local/squid/var/lib/ssl_db:/var/lib/squid/ssl_db:' \ + src/ssl/ssl_crtd.8 || die + sed -i -e 's:/var/lib/ssl_db:/var/lib/squid/ssl_db:' \ + src/ssl/ssl_crtd.8 || die + eautoreconf +} + +src_configure() { + local basic_modules="MSNT,MSNT-multi-domain,NCSA,POP3,getpwnam" + use samba && basic_modules+=",SMB" + use ldap && basic_modules+=",LDAP" + use pam && basic_modules+=",PAM" + use sasl && basic_modules+=",SASL" + use nis && ! use elibc_uclibc && basic_modules+=",NIS" + use radius && basic_modules+=",RADIUS" + if use mysql || use postgres || use sqlite ; then + basic_modules+=",DB" + fi + + local digest_modules="file" + use ldap && digest_modules+=",LDAP,eDirectory" + + local negotiate_modules="none" + use kerberos && negotiate_modules="kerberos,wrapper" + + local ntlm_modules="none" + use samba && ntlm_modules="smb_lm" + + local ext_helpers="file_userip,session,unix_group" + use samba && ext_helpers+=",wbinfo_group" + use ldap && ext_helpers+=",LDAP_group,eDirectory_userip" + use ldap && use kerberos && ext_helpers+=",kerberos_ldap_group" + + # uclibc does not have aio support - needed for coss (#61175) + local storeio_modules="aufs,diskd,rock,ufs" + # not stable enough yet + #! use elibc_uclibc && storeio_modules+=",coss" + + local transparent + if use kernel_linux ; then + transparent+=" --enable-linux-netfilter" + use qos && transparent+=" --enable-zph-qos --with-netfilter-conntrack" + fi + + if use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then + transparent+=" $(use_enable kqueue)" + if use pf-transparent; then + transparent+=" --enable-pf-transparent" + elif use ipf-transparent; then + transparent+=" --enable-ipf-transparent" + fi + fi + + export CC=$(tc-getCC) + + econf \ + --sysconfdir=/etc/squid \ + --libexecdir=/usr/libexec/squid \ + --localstatedir=/var \ + --with-pidfile=/var/run/squid.pid \ + --datadir=/usr/share/squid \ + --with-logdir=/var/log/squid \ + --with-default-user=squid \ + --enable-removal-policies="lru,heap" \ + --enable-storeio="${storeio_modules}" \ + --enable-disk-io \ + --enable-auth \ + --enable-auth-basic="${basic_modules}" \ + --enable-auth-digest="${digest_modules}" \ + --enable-auth-ntlm="${ntlm_modules}" \ + --enable-auth-negotiate="${negotiate_modules}" \ + --enable-external-acl-helpers="${ext_helpers}" \ + --enable-log-daemon-helpers \ + --enable-url-rewrite-helpers \ + --enable-cache-digests \ + --enable-delay-pools \ + --enable-eui \ + --enable-icmp \ + --enable-follow-x-forwarded-for \ + --enable-esi \ + --with-large-files \ + --with-filedescriptors=8192 \ + --disable-strict-error-checking \ + $(use_with caps libcap) \ + $(use_enable ipv6) \ + $(use_enable snmp) \ + $(use_enable ssl) \ + $(use_enable ssl-crtd) \ + $(use_enable icap-client) \ + $(use_enable ecap) \ + ${transparent} +} + +src_install() { + emake DESTDIR="${D}" install + + # need suid root for looking into /etc/shadow + fowners root:squid /usr/libexec/squid/basic_ncsa_auth + fperms 4750 /usr/libexec/squid/basic_ncsa_auth + if use pam; then + fowners root:squid /usr/libexec/squid/basic_pam_auth + fperms 4750 /usr/libexec/squid/basic_pam_auth + fi + + # some cleanups + rm -f "${D}"/usr/bin/Run* + + dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt + newdoc helpers/negotiate_auth/kerberos/README README.kerberos + newdoc helpers/basic_auth/MSNT-multi-domain/README.txt README.MSNT-multi-domain + newdoc helpers/basic_auth/LDAP/README README.LDAP + newdoc helpers/basic_auth/RADIUS/README README.RADIUS + newdoc helpers/external_acl/kerberos_ldap_group/README README.kerberos_ldap_group + newdoc tools/purge/README README.purge + newdoc tools/helper-mux.README README.helper-mux + dohtml RELEASENOTES.html + #doman helpers/basic_auth/LDAP/*.8 + + newpamd "${FILESDIR}/squid.pam" squid + newconfd "${FILESDIR}/squid.confd" squid + if use logrotate; then + newinitd "${FILESDIR}/squid.initd-logrotate" squid + insinto /etc/logrotate.d + newins "${FILESDIR}/squid.logrotate" squid + else + newinitd "${FILESDIR}/squid.initd" squid + exeinto /etc/cron.weekly + newexe "${FILESDIR}/squid.cron" squid.cron + fi + + #rm -rf "${D}"/var + diropts -m0750 -o squid -g squid + keepdir /var/cache/squid /var/log/squid /etc/ssl/squid /var/lib/squid +} + +pkg_postinst() { + echo + elog "Squid authentication helpers have been installed suid root." + elog "This allows shadow based authentication (see bug #52977 for more)." + echo + if [[ $(get_version_component_range 1 ${REPLACING_VERSIONS}) -lt 3 ]] || \ + [[ $(get_version_component_range 2 ${REPLACING_VERSIONS}) -lt 2 ]]; then + elog "Please read the release notes at:" + elog " http://www.squid-cache.org/Versions/v3/3.2/RELEASENOTES.html" + echo + fi +} |